jCloud/jeb
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

geändert: README.md

Browse Source 
geändert:       client/client.py
	gelöscht:       lib/__pycache__/crypto_utils.cpython-313.pyc
	gelöscht:       lib/__pycache__/jebp_utils.cpython-313.pyc
	gelöscht:       lib/__pycache__/terminal_table.cpython-313.pyc
	geändert:       lib/jebp_utils.py
	gelöscht:       server/clients_management/chclient.py
	gelöscht:       server/clients_management/rmclient.py
	neue Datei:     server/data/conf/client_admin_rights
	umbenannt:      server/config/clients/fingerprints -> server/data/conf/client_fingerprints
	neue Datei:     server/data/conf/topics
	geändert:       server/server.py
	neue Datei:     server/utils/clients_management/chclient.py
	neue Datei:     server/utils/clients_management/lsclients.py
	umbenannt:      server/clients_management/mkclient.py -> server/utils/clients_management/mkclient.py
	neue Datei:     server/utils/clients_management/rmclient.py
	umbenannt:      server/clients_management/lsclients.py -> server/utils/topics_management/lstopics.py
This commit is contained in:
Jakob Scheid
2026-01-11 12:54:26 +01:00
parent bfec87dde6
commit b1ac351ad1
17 changed files with 341 additions and 73 deletions
Download Patch File Download Diff File Expand all files Collapse all files
server/server.py
+41 -2
View File
@@ -26,6 +26,34 @@ VERSION = 'jebp 1.0'
CERT_FILE = 'server/sec/server.crt.pem'
CLIENT_CERT_ISSUER_NAME = 'jCloudCA-Root-CA'
class Client:
def __init__(self, fingerprint: bytes, common_name: str, admin: bool = False):
self.fingerprint = fingerprint
self.common_name = common_name
self.admin = admin
def get_client_info(client_fingerprint: bytes):
with dbm.open('server/data/conf/client_fingerprints') as db:
if client_fingerprint not in db.keys():
raise KeyError('Client not registered')
common_name = db[client_fingerprint].decode()
db.close()
with open('server/data/conf/client_admin_rights') as carf:
admins = carf.read().split('\n')
carf.close()
return Client(fingerprint = client_fingerprint, common_name = common_name, admin = client_fingerprint.hex() in admins)
def process_command(command, client: Client):
print(client.fingerprint, client.common_name, client.admin)
response = b''
if command[0] == 0x11:
if not client.admin:
response = b'\xb7'
return response
async def handle_client(reader: asyncio.StreamReader, writer: asyncio.StreamWriter):
addr = writer.get_extra_info('peername')
print(f'Connected to {addr}')
@@ -68,16 +96,27 @@ async def handle_client(reader: asyncio.StreamReader, writer: asyncio.StreamWrit
cert = x509.load_der_x509_certificate(await readmsg(reader, aesgcm, client_nonce))
key_hash = hashlib.sha256(cert.public_key().public_bytes(encoding=serialization.Encoding.DER, format=serialization.PublicFormat.SubjectPublicKeyInfo)).digest()
with dbm.open('server/config/clients/fingerprints', 'c') as db:
with dbm.open('server/data/conf/client_fingerprints', 'c') as db:
if key_hash not in db.keys():
await sendmsg('ERR', writer, aesgcm, server_nonce)
raise InvalidCertificateError('client not known')
if not validate_cert(cert, db[key_hash].decode(), CLIENT_CERT_ISSUER_NAME):
await sendmsg('ERR', writer, aesgcm, server_nonce)
raise InvalidCertificateError('client certificate not trusted')
print('Client authenticated')
await sendmsg('SCD', writer, aesgcm, server_nonce)
print('CLIENT AUTHENTICATED')
while True:
try:
await sendmsg(process_command(await readmsg(reader, aesgcm, client_nonce), get_client_info(hashlib.sha256(cert.public_key().public_bytes(encoding=serialization.Encoding.DER, format=serialization.PublicFormat.SubjectPublicKeyInfo)).digest())), writer, aesgcm, server_nonce)
except Exception as e:
print(f'{str(type(e))[8:-2]}: {e}')
break
writer.close()
await writer.wait_closed()
print(f'Connection to {addr} closed')
async def main():