geändert: README.md

geändert: client/client.py gelöscht: lib/__pycache__/crypto_utils.cpython-313.pyc gelöscht: lib/__pycache__/jebp_utils.cpython-313.pyc gelöscht: lib/__pycache__/terminal_table.cpython-313.pyc geändert: lib/jebp_utils.py gelöscht: server/clients_management/chclient.py gelöscht: server/clients_management/rmclient.py neue Datei: server/data/conf/client_admin_rights umbenannt: server/config/clients/fingerprints -> server/data/conf/client_fingerprints neue Datei: server/data/conf/topics geändert: server/server.py neue Datei: server/utils/clients_management/chclient.py neue Datei: server/utils/clients_management/lsclients.py umbenannt: server/clients_management/mkclient.py -> server/utils/clients_management/mkclient.py neue Datei: server/utils/clients_management/rmclient.py umbenannt: server/clients_management/lsclients.py -> server/utils/topics_management/lstopics.py
2026-01-11 12:54:26 +01:00
parent bfec87dde6
commit b1ac351ad1
17 changed files with 341 additions and 73 deletions
@@ -0,0 +1,56 @@
+#!/usr/bin/env python3
+
+import dbm
+import sys
+from cryptography import x509
+from cryptography.hazmat.backends import default_backend
+from cryptography.hazmat.primitives import serialization
+import hashlib
+import os
+
+if len(sys.argv) < 2:
+    print(f'{sys.argv[0]}: missing key hash')
+    sys.exit(1)
+
+with dbm.open('server/data/conf/client_fingerprints', 'c') as db:
+    if bytes.fromhex(sys.argv[1]) not in db.keys():
+        print(f'{sys.argv[0]}: hash not registered')
+        sys.exit(1) 
+    db[bytes.fromhex(sys.argv[1])] = input(f'New common name [{db[bytes.fromhex(sys.argv[1])].decode()}]: ') or db[bytes.fromhex(sys.argv[1])]
+    db.close()
+
+if os.path.exists('server/data/conf/locks/client_admin_rights.lock'):
+    with open('server/data/conf/locks/client_admin_rights.lock', 'r') as lockf:
+        print(f'{sys.argv[0]}: admin rights file is locked by process {lockf.read()}')
+        lockf.close()
+        sys.exit(1)
+
+try:
+    with open('server/data/conf/locks/client_admin_rights.lock', 'w') as lockf:
+        lockf.write(str(os.getpid()))
+        lockf.close()
+
+    with open('server/data/conf/client_admin_rights', 'r') as carf:
+        admins = {kh for kh in carf.read().split('\n') if kh}
+        carf.close()
+
+    admin = input(f'Is admin (y/n) [{'y' if sys.argv[1] in admins else 'n'}]: ') or ('y' if sys.argv[1] in admins else 'n')
+    if admin == 'y':
+        admin = True
+    else:
+        admin = False
+    if admin:
+        if sys.argv[1] not in admins:
+            print(f'Added {sys.argv[1]} to the admins')
+        admins.add(sys.argv[1])
+    else:
+        try:
+            admins.remove(sys.argv[1])
+        except KeyError:
+            pass
+    with open('server/data/conf/client_admin_rights', 'w') as carf:
+        carf.write('\n'.join(admins))
+        carf.close()
+
+finally:
+    os.remove('server/data/conf/locks/client_admin_rights.lock')
@@ -0,0 +1,19 @@
+#!/usr/bin/env python3
+
+import sys
+import os
+sys.path.append(os.getcwd())
+import dbm
+from lib.terminal_table import ascii_table
+
+with open('server/data/conf/client_admin_rights', 'r') as carf:
+    admins = {kh for kh in carf.read().split('\n') if kh}
+    carf.close()
+
+with dbm.open('server/data/conf/client_fingerprints', 'c') as db:
+    print(ascii_table([{
+        'Key Hash': k.hex(),
+        'Common name': v.decode(),
+        'Is admin': 'yes' if k.hex() in admins else 'no'
+    } for k, v in db.items()], ))
+    db.close()
@@ -0,0 +1,22 @@
+#!/usr/bin/env python3
+
+import dbm
+import sys
+from cryptography import x509
+from cryptography.hazmat.backends import default_backend
+from cryptography.hazmat.primitives import serialization
+import hashlib
+
+if len(sys.argv) < 2:
+    print(f'{sys.argv[0]}: missing common name')
+    sys.exit(1)
+
+try:
+    cert = x509.load_pem_x509_certificate(sys.stdin.buffer.read(), default_backend())
+except:
+    print(f'{sys.argv[0]}: invalid certificate')
+    sys.exit(1)
+
+with dbm.open('server/data/conf/client_fingerprints', 'c') as db:
+    db[hashlib.sha256(cert.public_key().public_bytes(encoding=serialization.Encoding.DER, format=serialization.PublicFormat.SubjectPublicKeyInfo)).digest()] = sys.argv[1]
+    db.close()
@@ -0,0 +1,43 @@
+#!/usr/bin/env python3
+
+import sys
+import os
+sys.path.append(os.getcwd())
+import dbm
+from lib.terminal_table import ascii_table
+
+if len(sys.argv) < 2:
+    print(f'{sys.argv[0]}: missing key hash')
+    sys.exit(1)
+
+with dbm.open('server/data/conf/client_fingerprints', 'c') as db:
+    try:
+        del db[bytes.fromhex(sys.argv[1])]
+    except:
+        print(f'{sys.argv[0]}: hash not registered')
+        sys.exit(1)
+    db.close()
+
+if os.path.exists('server/data/conf/locks/client_admin_rights.lock'):
+    with open('server/data/conf/locks/client_admin_rights.lock', 'r') as lockf:
+        print(f'{sys.argv[0]}: admin rights file is locked by process {lockf.read()}')
+        lockf.close()
+        sys.exit(1)
+
+try:
+    with open('server/data/conf/locks/client_admin_rights.lock', 'w') as lockf:
+        lockf.write(str(os.getpid()))
+        lockf.close()
+
+    with open('server/data/conf/client_admin_rights', 'r') as carf:
+        admins = {kh for kh in carf.read().split('\n') if kh}
+        carf.close()
+
+    if sys.argv[1] in admins:
+        admins.remove(sys.argv[1])
+        with open('server/data/conf/client_admin_rights', 'w') as carf:
+            carf.write('\n'.join(admins))
+            carf.close()
+
+finally:
+    os.remove('server/data/conf/locks/client_admin_rights.lock')
@@ -0,0 +1,15 @@
+#!/usr/bin/env python3
+
+import sys
+import os
+sys.path.append(os.getcwd())
+import dbm
+from lib.terminal_table import ascii_table
+import pickle
+
+with dbm.open('server/data/conf/topics', 'c') as db:
+    print(ascii_table([{
+        'Name': k.decode(),
+        'Partitions': str(pickle.loads(v['partitions'])),
+    } for k, v in db.items()], ))
+    db.close()