bizteamai-smcp 1.13.1__py3-none-any.whl

smcp/cli/revoke.py

@@ -0,0 +1,73 @@
+#!/usr/bin/env python3
+"""
+License revocation utility for SMCP Business Edition.
+"""
+import sys
+import hashlib
+import argparse
+import json
+import os
+from datetime import datetime, timezone
+
+REVOCATION_FILE = '/etc/bizteam/revocation.json'
+
+def load_revocation_list():
+    """Load the revocation list."""
+    try:
+        with open(REVOCATION_FILE, 'r') as f:
+            return json.load(f)
+    except FileNotFoundError:
+        return {'revoked_keys': [], 'last_updated': None}
+
+def save_revocation_list(revocation_data):
+    """Save the revocation list."""
+    os.makedirs(os.path.dirname(REVOCATION_FILE), exist_ok=True)
+    with open(REVOCATION_FILE, 'w') as f:
+        json.dump(revocation_data, f, indent=2)
+
+def revoke_license_key(license_key: str, reason: str = ""):
+    """Revoke a license key by adding its hash to the revocation list."""
+    key_hash = hashlib.sha256(license_key.encode()).hexdigest()
+    
+    revocation_data = load_revocation_list()
+    
+    # Check if already revoked
+    for entry in revocation_data['revoked_keys']:
+        if entry['hash'] == key_hash:
+            print(f"License key already revoked: {key_hash}")
+            return
+    
+    # Add to revocation list
+    revocation_data['revoked_keys'].append({
+        'hash': key_hash,
+        'revoked_at': datetime.now(timezone.utc).isoformat(),
+        'reason': reason
+    })
+    revocation_data['last_updated'] = datetime.now(timezone.utc).isoformat()
+    
+    save_revocation_list(revocation_data)
+    print(f"License key revoked: {key_hash}")
+
+def main():
+    parser = argparse.ArgumentParser(description='Revoke SMCP Business Edition license keys')
+    parser.add_argument('license_key', help='License key to revoke')
+    parser.add_argument('--reason', '-r', default='', help='Reason for revocation')
+    parser.add_argument('--list', '-l', action='store_true', help='List all revoked keys')
+    
+    args = parser.parse_args()
+    
+    if args.list:
+        revocation_data = load_revocation_list()
+        print("Revoked license keys:")
+        for entry in revocation_data['revoked_keys']:
+            print(f"  {entry['hash']} - {entry['revoked_at']} - {entry['reason']}")
+        return
+    
+    try:
+        revoke_license_key(args.license_key, args.reason)
+    except Exception as e:
+        print(f"Error revoking license key: {e}", file=sys.stderr)
+        sys.exit(1)
+
+if __name__ == '__main__':
+    main()

smcp/confirm.py

@@ -0,0 +1,262 @@
+"""
+Destructive action confirmation queue and approval system.
+"""
+
+import json
+import time
+import uuid
+from pathlib import Path
+from typing import Any, Callable, Dict, List, Optional, Tuple
+
+
+class PendingApproval(Exception):
+    """Raised when an action is queued for approval."""
+    pass
+
+
+class ActionQueue:
+    """Manages queued actions awaiting approval."""
+    
+    def __init__(self, queue_file: Optional[str] = None):
+        """
+        Initialize the action queue.
+        
+        Args:
+            queue_file: Path to the queue file (defaults to temp file)
+        """
+        self.queue_file = Path(queue_file or "/tmp/smcp_queue.json")
+        self._ensure_queue_file()
+    
+    def _ensure_queue_file(self) -> None:
+        """Ensure the queue file exists."""
+        if not self.queue_file.exists():
+            self.queue_file.parent.mkdir(parents=True, exist_ok=True)
+            self._save_queue([])
+    
+    def _load_queue(self) -> List[Dict[str, Any]]:
+        """Load the current queue from disk."""
+        try:
+            with open(self.queue_file, 'r') as f:
+                return json.load(f)
+        except (FileNotFoundError, json.JSONDecodeError):
+            return []
+    
+    def _save_queue(self, queue: List[Dict[str, Any]]) -> None:
+        """Save the queue to disk."""
+        with open(self.queue_file, 'w') as f:
+            json.dump(queue, f, indent=2, default=str)
+    
+    def add_action(self, action_id: str, function: Callable, args: Tuple, kwargs: Dict[str, Any]) -> None:
+        """
+        Add an action to the approval queue.
+        
+        Args:
+            action_id: Unique identifier for the action
+            function: Function to be executed
+            args: Function arguments
+            kwargs: Function keyword arguments
+        """
+        queue = self._load_queue()
+        
+        action = {
+            "id": action_id,
+            "function_name": function.__name__,
+            "module": function.__module__,
+            "args": args,
+            "kwargs": kwargs,
+            "timestamp": time.time(),
+            "status": "pending"
+        }
+        
+        queue.append(action)
+        self._save_queue(queue)
+    
+    def get_pending_actions(self) -> List[Dict[str, Any]]:
+        """Get all pending actions."""
+        queue = self._load_queue()
+        return [action for action in queue if action["status"] == "pending"]
+    
+    def approve_action(self, action_id: str) -> Optional[Dict[str, Any]]:
+        """
+        Approve an action for execution.
+        
+        Args:
+            action_id: ID of the action to approve
+            
+        Returns:
+            The approved action data, or None if not found
+        """
+        queue = self._load_queue()
+        
+        for action in queue:
+            if action["id"] == action_id and action["status"] == "pending":
+                action["status"] = "approved"
+                action["approved_at"] = time.time()
+                self._save_queue(queue)
+                return action
+        
+        return None
+    
+    def reject_action(self, action_id: str) -> bool:
+        """
+        Reject an action.
+        
+        Args:
+            action_id: ID of the action to reject
+            
+        Returns:
+            True if the action was found and rejected
+        """
+        queue = self._load_queue()
+        
+        for action in queue:
+            if action["id"] == action_id and action["status"] == "pending":
+                action["status"] = "rejected"
+                action["rejected_at"] = time.time()
+                self._save_queue(queue)
+                return True
+        
+        return False
+    
+    def cleanup_old_actions(self, max_age_hours: int = 24) -> int:
+        """
+        Remove old actions from the queue.
+        
+        Args:
+            max_age_hours: Maximum age in hours before removal
+            
+        Returns:
+            Number of actions removed
+        """
+        queue = self._load_queue()
+        cutoff_time = time.time() - (max_age_hours * 3600)
+        
+        old_count = len(queue)
+        queue = [action for action in queue if action["timestamp"] > cutoff_time]
+        new_count = len(queue)
+        
+        if old_count != new_count:
+            self._save_queue(queue)
+        
+        return old_count - new_count
+
+
+# Global action queue instance
+_action_queue = None
+
+
+def get_action_queue(cfg: Dict[str, Any]) -> ActionQueue:
+    """Get or create the global action queue."""
+    global _action_queue
+    if _action_queue is None:
+        queue_file = cfg.get("QUEUE_FILE")
+        _action_queue = ActionQueue(queue_file)
+    return _action_queue
+
+
+def maybe_queue(function: Callable, args: Tuple, kwargs: Dict[str, Any], cfg: Dict[str, Any]) -> bool:
+    """
+    Queue an action for approval if confirmation is required.
+    
+    Args:
+        function: Function to potentially queue
+        args: Function arguments
+        kwargs: Function keyword arguments
+        cfg: Configuration dictionary
+        
+    Returns:
+        True if the action was queued (requiring approval)
+        False if the action should proceed immediately
+    """
+    # Check if confirmation is enabled globally
+    if not cfg.get("CONFIRMATION_ENABLED", True):
+        return False
+    
+    # Generate unique action ID
+    action_id = str(uuid.uuid4())
+    
+    # Add to queue
+    queue = get_action_queue(cfg)
+    queue.add_action(action_id, function, args, kwargs)
+    
+    # Store action ID for potential approval
+    cfg["_last_action_id"] = action_id
+    
+    return True
+
+
+def execute_approved_action(action_id: str, cfg: Dict[str, Any]) -> Any:
+    """
+    Execute a previously approved action.
+    
+    Args:
+        action_id: ID of the action to execute
+        cfg: Configuration dictionary
+        
+    Returns:
+        Result of the executed function
+        
+    Raises:
+        ValueError: If the action is not found or not approved
+    """
+    queue = get_action_queue(cfg)
+    action_queue_data = queue._load_queue()
+    
+    # Find the action
+    action = None
+    for a in action_queue_data:
+        if a["id"] == action_id:
+            action = a
+            break
+    
+    if not action:
+        raise ValueError(f"Action {action_id} not found")
+    
+    if action["status"] != "approved":
+        raise ValueError(f"Action {action_id} is not approved")
+    
+    # Import and execute the function
+    # Note: This is a simplified version - in practice, you'd need
+    # to properly reconstruct the function from module/name
+    function_name = action["function_name"]
+    args = tuple(action["args"])
+    kwargs = action["kwargs"]
+    
+    # This would need to be implemented based on your specific requirements
+    # for function reconstruction and execution
+    raise NotImplementedError("Function execution from queue not implemented")
+
+
+def list_pending_actions(cfg: Dict[str, Any]) -> List[Dict[str, Any]]:
+    """
+    List all pending actions.
+    
+    Args:
+        cfg: Configuration dictionary
+        
+    Returns:
+        List of pending action dictionaries
+    """
+    queue = get_action_queue(cfg)
+    return queue.get_pending_actions()
+
+
+def format_action_summary(action: Dict[str, Any]) -> str:
+    """
+    Format an action for display.
+    
+    Args:
+        action: Action dictionary
+        
+    Returns:
+        Human-readable action summary
+    """
+    timestamp = time.strftime("%Y-%m-%d %H:%M:%S", time.localtime(action["timestamp"]))
+    return (
+        f"ID: {action['id']}\n"
+        f"Function: {action['function_name']}\n"
+        f"Time: {timestamp}\n"
+        f"Args: {action['args']}\n"
+        f"Kwargs: {action['kwargs']}\n"
+        f"Status: {action['status']}"
+    )

smcp/cpu.py

@@ -0,0 +1,67 @@
+""
+CPU core detection for licensing enforcement.
+"""
+import os
+import logging
+from typing import Optional
+
+logger = logging.getLogger(__name__)
+
+def get_physical_cores() -> int:
+    """Get physical CPU core count."""
+    try:
+        import psutil
+        physical = psutil.cpu_count(logical=False)
+        if physical is None:
+            physical = psutil.cpu_count(logical=True)
+        return physical or 1
+    except ImportError:
+        # Fallback to os.cpu_count if psutil not available
+        return os.cpu_count() or 1
+
+def get_cgroup_cores() -> Optional[int]:
+    """Get CPU limit from cgroup v2."""
+    try:
+        with open("/sys/fs/cgroup/cpu.max", "r") as f:
+            content = f.read().strip()
+            if content == "max":
+                return None
+            
+            parts = content.split()
+            if len(parts) >= 2:
+                quota = int(parts[0])
+                period = int(parts[1])
+                return quota // period
+            return None
+    except (FileNotFoundError, ValueError, PermissionError):
+        # Try cgroup v1
+        try:
+            with open("/sys/fs/cgroup/cpu/cpu.cfs_quota_us", "r") as f:
+                quota = int(f.read().strip())
+            with open("/sys/fs/cgroup/cpu/cpu.cfs_period_us", "r") as f:
+                period = int(f.read().strip())
+            
+            if quota > 0:
+                return quota // period
+            return None
+        except (FileNotFoundError, ValueError, PermissionError):
+            return None
+
+def detect_cores() -> int:
+    """
+    Detect available CPU cores considering both physical and cgroup limits.
+    
+    Returns:
+        Number of detected cores
+    """
+    physical = get_physical_cores()
+    cgroup = get_cgroup_cores()
+    
+    if cgroup is not None:
+        detected = min(physical, cgroup)
+        logger.debug(f"Core detection: physical={physical}, cgroup={cgroup}, detected={detected}")
+    else:
+        detected = physical
+        logger.debug(f"Core detection: physical={physical}, cgroup=None, detected={detected}")
+    
+    return max(1, detected)  # Ensure at least 1 core

smcp/decorators.py

@@ -0,0 +1,97 @@
+"""
+Decorator builders for securing MCP tools, prompts, and retrieval functions.
+
+Provides a unified decorator factory that wraps the original MCP decorators
+with conditional security guards.
+"""
+
+from functools import wraps
+from typing import Any, Callable, Dict, Optional
+
+try:
+    from mcp import tool as base_tool, prompt as base_prompt, retrieval as base_retrieval
+except ImportError:
+    # Fallback for testing or when mcp is not available
+    def base_tool(*args, **kwargs):
+        def decorator(fn):
+            return fn
+        return decorator
+    
+    def base_prompt(*args, **kwargs):
+        def decorator(fn):
+            return fn
+        return decorator
+    
+    def base_retrieval(*args, **kwargs):
+        def decorator(fn):
+            return fn
+        return decorator
+
+from .filters import sanitize_prompt
+from .allowlist import validate_host
+from .confirm import maybe_queue, PendingApproval
+from .logchain import log_event
+
+
+def _secure(base_deco: Callable) -> Callable:
+    """
+    Create a security-enhanced decorator factory from a base MCP decorator.
+    
+    Args:
+        base_deco: The original MCP decorator (tool, prompt, or retrieval)
+        
+    Returns:
+        A decorator factory that applies security guards conditionally
+    """
+    def builder(*dargs, confirm: bool = False, **dkwargs) -> Callable:
+        """
+        Build a secured decorator with optional confirmation requirement.
+        
+        Args:
+            *dargs: Positional arguments passed to base decorator
+            confirm: Whether to require approval for destructive actions
+            **dkwargs: Keyword arguments passed to base decorator
+            
+        Returns:
+            A decorator that applies security guards to the wrapped function
+        """
+        def inner(fn: Callable) -> Callable:
+            @base_deco(*dargs, **dkwargs)
+            @wraps(fn)
+            def wrapper(*args, **kwargs) -> Any:
+                # Extract SMCP configuration injected by runtime adapter
+                cfg = kwargs.pop("_smcp_cfg", {})
+                
+                # Input sanitization guard (activates if SAFE_RE configured)
+                if cfg.get("SAFE_RE"):
+                    prompt_text = kwargs.get("prompt", "")
+                    if prompt_text:
+                        sanitize_prompt(prompt_text, cfg)
+                
+                # Host allowlist guard (activates if ALLOWED_HOSTS configured)
+                if cfg.get("ALLOWED_HOSTS"):
+                    target_host = kwargs.get("target", "")
+                    if target_host:
+                        validate_host(target_host, cfg)
+                
+                # Destructive action confirmation guard
+                if confirm and maybe_queue(fn, args, kwargs, cfg):
+                    raise PendingApproval(f"Action {fn.__name__} queued for approval")
+                
+                # Execute the wrapped function
+                result = fn(*args, **kwargs)
+                
+                # Audit logging guard (activates if LOG_PATH configured)
+                if cfg.get("LOG_PATH"):
+                    log_event(fn.__name__, args, kwargs, result, cfg)
+                
+                return result
+            return wrapper
+        return inner
+    return builder
+
+
+# Create secured versions of MCP decorators
+tool = _secure(base_tool)
+prompt = _secure(base_prompt) 
+retrieval = _secure(base_retrieval)

smcp/enforce.py

@@ -0,0 +1,100 @@
+"""
+License enforcement with grace period and core limit checking.
+"""
+import os
+import time
+import threading
+import logging
+from typing import Optional
+from .cpu import detect_cores
+from .license import get_licensed_cores, CoreLimitExceededError
+
+logger = logging.getLogger(__name__)
+
+class LicenseEnforcer:
+    """Handles license enforcement with grace periods."""
+    
+    def __init__(self):
+        self._timer: Optional[threading.Timer] = None
+        self._grace_active = False
+        self._warned = False
+        self._ignore_cores = '--ignore-cores' in os.sys.argv if hasattr(os, 'sys') else False
+        
+    def check_core_limit(self) -> None:
+        """Check if current core usage exceeds license limit."""
+        licensed_cores = get_licensed_cores()
+        detected_cores = detect_cores()
+        
+        logger.info(f"SMCP cores licensed={licensed_cores} detected={detected_cores}")
+        
+        # If no license or ignore flag, allow operation
+        if licensed_cores == 0 and not self._ignore_cores:
+            logger.warning("No valid license found - running in evaluation mode")
+            return
+            
+        if self._ignore_cores:
+            logger.warning("Running with --ignore-cores flag - this is for emergency use only")
+            # Start emergency timer (30 seconds)
+            threading.Timer(30.0, self._emergency_abort).start()
+            return
+        
+        if detected_cores > licensed_cores:
+            if not self._warned:
+                logger.warning(f"Core limit exceeded: using {detected_cores} cores, licensed for {licensed_cores}")
+                self._warned = True
+                self._start_grace_timer()
+            elif not self._grace_active:
+                # Grace period expired
+                raise CoreLimitExceededError(
+                    f"Core limit exceeded: using {detected_cores} cores, licensed for {licensed_cores}. "
+                    f"Grace period expired."
+                )
+        else:
+            # Within limits - reset warning and cancel timer
+            if self._grace_active:
+                logger.info("Core usage within limits - grace period cancelled")
+                self._cancel_grace_timer()
+            self._warned = False
+    
+    def _start_grace_timer(self) -> None:
+        """Start 15-minute grace period timer."""
+        if self._timer:
+            self._timer.cancel()
+        
+        self._grace_active = True
+        logger.warning("Starting 15-minute grace period for core limit violation")
+        self._timer = threading.Timer(15 * 60.0, self._grace_expired)  # 15 minutes
+        self._timer.start()
+    
+    def _cancel_grace_timer(self) -> None:
+        """Cancel active grace timer."""
+        if self._timer:
+            self._timer.cancel()
+            self._timer = None
+        self._grace_active = False
+    
+    def _grace_expired(self) -> None:
+        """Called when grace period expires."""
+        self._grace_active = False
+        logger.error("Grace period expired - core limit still exceeded")
+        # In a real implementation, this would terminate the process
+        # For now, we'll raise an exception
+        raise CoreLimitExceededError("Grace period expired - core limit exceeded")
+    
+    def _emergency_abort(self) -> None:
+        """Called when emergency ignore timer expires."""
+        logger.error("Emergency operation time expired")
+        # Exit after 30 seconds when using --ignore-cores
+        os._exit(1)
+
+# Global enforcer instance
+_enforcer = LicenseEnforcer()
+
+def check_license_compliance() -> None:
+    """Check license compliance - call this at application startup."""
+    global _enforcer
+    _enforcer.check_core_limit()
+
+def is_licensed() -> bool:
+    """Check if application has a valid license."""
+    return get_licensed_cores() > 0