fix: 锁定依赖包版本 pyOpenSSL==22.0.0

apps/common/management/commands/services/services/celery_base.py

@@ -30,7 +30,9 @@ class CeleryBaseService(BaseService):
             '-l', 'INFO',
             '-c', str(self.num),
             '-Q', self.queue,
-            '-n', f'{self.queue}@{server_hostname}'
+            '--heartbeat-interval', '10',
+            '-n', f'{self.queue}@{server_hostname}',
+            '--without-mingle',
         ]
         return cmd
 

apps/common/sdk/gm/piico/cipher.py

@@ -33,7 +33,7 @@ class EBCCipher:
     def __padding(val):
         # padding
         val = bytes(val)
-        while len(val) % 16 != 0:
+        while len(val) == 0 or len(val) % 16 != 0:
             val += b'\0'
         return val
 

apps/common/utils/crypto.py

@@ -82,7 +82,8 @@ class PiicoSM4EcbCrypto(BaseCrypto):
         return self.cipher.encrypt(self.to_16(data))
 
     def _decrypt(self, data: bytes) -> bytes:
-        return self.cipher.decrypt(data)
+        bs = self.cipher.decrypt(data)
+        return bs.rstrip(b'\0')
 
 
 class AESCrypto:
@@ -232,6 +233,8 @@ class Crypto:
         return self.cryptos[0]
 
     def encrypt(self, text):
+        if text is None:
+            return text
         return self.encryptor.encrypt(text)
 
     def decrypt(self, text):
@@ -241,7 +244,7 @@ class Crypto:
                 if origin_text:
                     # 有时不同算法解密不报错，但是返回空字符串
                     return origin_text
-            except (TypeError, ValueError, UnicodeDecodeError, IndexError):
+            except Exception:
                 continue
 
 

apps/jumpserver/settings/libs.py

@@ -9,7 +9,6 @@ from .base import (
 )
 from ..const import CONFIG, PROJECT_DIR
 
-
 REST_FRAMEWORK = {
     # Use Django's standard `django.contrib.auth` permissions,
     # or allow read-only access for unauthenticated users.
@@ -64,7 +63,6 @@ SWAGGER_SETTINGS = {
     'DEFAULT_INFO': 'jumpserver.views.swagger.api_info',
 }
 
-
 # Captcha settings, more see https://django-simple-captcha.readthedocs.io/en/latest/advanced.html
 CAPTCHA_IMAGE_SIZE = (180, 38)
 CAPTCHA_FOREGROUND_COLOR = '#001100'
@@ -81,7 +79,6 @@ BOOTSTRAP3 = {
     'required_css_class': 'required',
 }
 
-
 # Django channels support websocket
 if not REDIS_USE_SSL:
     redis_ssl = None
@@ -101,14 +98,13 @@ CHANNEL_LAYERS = {
                 'address': (CONFIG.REDIS_HOST, CONFIG.REDIS_PORT),
                 'db': CONFIG.REDIS_DB_WS,
                 'password': CONFIG.REDIS_PASSWORD or None,
-                'ssl':  redis_ssl
+                'ssl': redis_ssl
             }],
         },
     },
 }
 ASGI_APPLICATION = 'jumpserver.routing.application'
 
-
 # Dump all celery log to here
 CELERY_LOG_DIR = os.path.join(PROJECT_DIR, 'data', 'celery')
 
@@ -131,6 +127,7 @@ CELERY_TASK_EAGER_PROPAGATES = True
 CELERY_WORKER_REDIRECT_STDOUTS = True
 CELERY_WORKER_REDIRECT_STDOUTS_LEVEL = "INFO"
 CELERY_TASK_SOFT_TIME_LIMIT = 3600
+CELERY_WORKER_CANCEL_LONG_RUNNING_TASKS_ON_CONNECTION_LOSS = True
 
 if REDIS_USE_SSL:
     CELERY_BROKER_USE_SSL = CELERY_REDIS_BACKEND_USE_SSL = {
@@ -148,3 +145,7 @@ REDIS_PORT = CONFIG.REDIS_PORT
 REDIS_PASSWORD = CONFIG.REDIS_PASSWORD
 
 DJANGO_REDIS_SCAN_ITERSIZE = 1000
+
+# GM DEVICE
+PIICO_DEVICE_ENABLE = CONFIG.PIICO_DEVICE_ENABLE
+PIICO_DRIVER_PATH = CONFIG.PIICO_DRIVER_PATH

apps/users/notifications.py

@@ -191,7 +191,7 @@ class UserExpirationReminderMsg(UserMessage):
 class ResetSSHKeyMsg(UserMessage):
     def get_html_msg(self) -> dict:
         subject = _('Reset SSH Key')
-        update_url = urljoin(settings.SITE_URL, '/ui/#/users/profile/?activeTab=SSHUpdate')
+        update_url = urljoin(settings.SITE_URL, '/ui/#/profile/setting/?activeTab=SSHUpdate')
         context = {
             'name': self.user.name,
             'url': update_url,

requirements/requirements.txt

@@ -133,6 +133,7 @@ pymssql==2.1.5
 django-mysql==3.9.0
 django-redis==5.2.0
 python-redis-lock==3.7.0
+pyOpenSSL==22.0.0
 redis==4.3.3
 pymongo==4.2.0
 # Debug