This repository has been archived by the owner on Jan 30, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 20
/
ProxyGuard.py
157 lines (123 loc) · 4.18 KB
/
ProxyGuard.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
import os
import commands
from pUtil import tolog
class ProxyGuard:
"""
This class is used to hide the grid proxy for the payload
"""
def __init__(self):
""" Default init """
self.proxy = None
self.read = False
self.x509_user_proxy = None
def isRead(self):
""" return True if proxy has been read to memory """
return self.read
def isRestored(self):
""" return True if proxy has been restored """
# this function is used by the pilot (the proxy is hidden by runJob)
if os.path.exists(self.x509_user_proxy):
return True
else:
return False
def setX509UserProxy(self):
""" reads and sets the name of the user proxy """
rc, rs = commands.getstatusoutput("echo $X509_USER_PROXY")
if rc != 0:
tolog("Could not get X509_USER_PROXY: %d, %s" % (rc, rs))
return False
if rs == "":
tolog("X509_USER_PROXY is not set")
return False
if not os.path.exists(rs):
tolog("$X509_USER_PROXY does not exist: %s" % (rs))
return False
self.x509_user_proxy = rs
return True
def setProxy(self):
""" reads the grid proxy into memory """
status = False
# set the user proxy
if not self.setX509UserProxy():
tolog("X509_USER_PROXY not known")
return status
# get the proxy
try:
f = open(self.x509_user_proxy, 'r')
except Exception, e:
tolog("!!WARNING!!7777!! Could not open the proxy file: %s" % str(e))
else:
self.proxy = f.read()
f.close()
self.read = True
status = True
return status
def removeProxy(self):
""" removes the grid proxy from disk """
status = False
try:
rc, rs = commands.getstatusoutput("rm %s" % (self.x509_user_proxy))
except Exception, e:
tolog("!!WARNING!!7777!! Could not remove proxy from disk: %s" % str(e))
else:
if rc == 0:
tolog("Proxy removed from disk")
status = True
else:
tolog("Could not remove proxy from disk: %d, %s" % (rc, rs))
return status
def hideProxy(self):
""" hides the grid proxy """
status = False
# set the proxy (read into memory)
if self.setProxy():
tolog("Proxy was successfully read into memory")
# delete the proxy from disk
if not self.removeProxy():
tolog("Hide proxy failed")
else:
tolog("Hide proxy succeeded")
status = True
else:
tolog("Hide proxy failed")
return status
def putProxy(self):
""" writes the grid proxy back to disk """
status = False
# write the proxy back to disk
try:
f = open(self.x509_user_proxy, 'w')
except Exception, e:
tolog("!!WARNING!!7777!! Could not open the proxy file: %s" % str(e))
else:
print >>f, self.proxy
f.close()
status = True
return status
def restoreMode(self):
""" restores the file permission of the grid proxy """
status = False
try:
rc, rs = commands.getstatusoutput("chmod 600 %s" % (self.x509_user_proxy))
except Exception ,e:
tolog("!!WARNING!!7777!! Exception caught: %s" % str(e))
else:
if rc == 0:
status = True
else:
tolog("Could not change permission: %d, %s" % (rc, rs))
return status
def restoreProxy(self):
""" restores the grid proxy """
status = False
# restore the proxy file
if not self.putProxy():
tolog("Failed to restore proxy")
else:
tolog("Proxy restored on disk")
if not self.restoreMode():
tolog("Failed to restore the file permission")
else:
tolog("Restored file permission")
status = True
return status