Projet

Général

Profil

libsecure.patch

Laurent Flori, 22/05/2017 12:44

Télécharger (1,28 ko)

Voir les différences:

libsecure-good.py 2017-05-22 11:56:44.747373468 +0200
4 4 
from OpenSSL import crypto
5 5 
from os.path import join, dirname
6 6 
from ead2.config.config import cert_file, key_file
7 

  		




  
  7
  
    
from os import seteuid, setegid, getuid, getgid

  		




  
  8
  
    
from ead2.backend.config.config import NOBODY_UID, NOBODY_GID

  		




  8
  9
  
    

  		




  9
  10
  
    
# transport sécurisé utilisant un certificat

  		




  10
  11
  
    
class TransportEole(xmlrpclib.SafeTransport):

  		




  ......




  26
  27
  
    
                       cert_file = cert_file)

  		




  27
  28
  
    
            return cx

  		




  28
  29
  
    

  		




  
  30
  
    
def _gain_privileges(uid, gid):

  		




  
  31
  
    
    """

  		




  
  32
  
    
        on donne les privileges uid, gid

  		




  
  33
  
    
    """

  		




  
  34
  
    
    seteuid(uid)

  		




  
  35
  
    
    setegid(gid)

  		




  
  36
  
    

  		




  
  37
  
    
def _drop_privileges():

  		




  
  38
  
    
    """

  		




  
  39
  
    
        drop de privileges vers nobody/nobody passage en root

  		




  
  40
  
    
    """

  		




  
  41
  
    
    setegid(NOBODY_UID)

  		




  
  42
  
    
    seteuid(NOBODY_GID)

  		




  29
  43
  
    

  		




  30
  44
  
    
#################################################

  		




  31
  45
  
    
## Factory permettant de créer un contexte SSL ##

  		




  ......




  36
  50
  
    
        """

  		




  37
  51
  
    
            load the key and cert files in a PKey Object

  		




  38
  52
  
    
        """

  		




  
  53
  
    
        _gain_privileges(0,0)

  		




  39
  54
  
    
        self.cert = crypto.load_certificate(crypto.FILETYPE_PEM, open(cert_file).read())

  		




  40
  55
  
    
        self.key = crypto.load_privatekey(crypto.FILETYPE_PEM, open(key_file).read())

  		




  
  56
  
    
	_drop_privileges()

  		




  41
  57
  
    

  		




  42
  58
  
    
    def getContext(self):

  		




  43
  59
  
    
        """