zscams 2.0.12__py3-none-any.whl → 2.0.14__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (12) hide show
  1. zscams/agent/configuration/freebsd_service.j2 +4 -6
  2. zscams/agent/src/core/backend/bootstrap.py +11 -0
  3. zscams/agent/src/core/backend/client.py +2 -5
  4. zscams/agent/src/core/services.py +2 -1
  5. zscams/agent/src/services/ssh_forwarder.py +0 -1
  6. zscams/agent/src/support/configuration.py +4 -6
  7. zscams/agent/src/support/os.py +32 -0
  8. zscams/agent/src/support/ssh.py +16 -10
  9. {zscams-2.0.12.dist-info → zscams-2.0.14.dist-info}/METADATA +2 -3
  10. {zscams-2.0.12.dist-info → zscams-2.0.14.dist-info}/RECORD +12 -12
  11. {zscams-2.0.12.dist-info → zscams-2.0.14.dist-info}/WHEEL +0 -0
  12. {zscams-2.0.12.dist-info → zscams-2.0.14.dist-info}/entry_points.txt +0 -0
zscams/agent/configuration/freebsd_service.j2 CHANGED
@@ -9,12 +9,10 @@
9
9
  name="zscams"
10
10
  rcvar="zscams_enable"
11
11
 
12
- # Execution command and arguments
13
- command="{python_exec}"
14
- command_args="-m zscams"
12
+ command="/usr/sbin/daemon"
13
+ command_args="-f -p /var/run/${name}.pid -u {user_to_run_as} {python_exec} -m zscams"
15
14
 
16
- # User to run the process
17
- zscams_user="{user_to_run_as}"
15
+ pidfile="/var/run/${name}.pid"
18
16
 
19
17
  load_rc_config $name
20
- run_rc_command "$1"
18
+ run_rc_command "$1"
zscams/agent/src/core/backend/bootstrap.py CHANGED
@@ -10,6 +10,7 @@ from zscams.agent.src.support.os import (
10
10
  install_service,
11
11
  is_freebsd,
12
12
  is_linux,
13
+ set_directory_ownership_and_permissions,
13
14
  )
14
15
  from zscams.agent.src.support.ssh import add_to_authorized_keys
15
16
  from zscams.agent.src.support.cli import ensure_config_value, prompt, prompt_auth_info
@@ -76,6 +77,16 @@ def bootstrap():
76
77
  create_system_user(sys_user)
77
78
  add_to_authorized_keys(sys_user, cm_info.get("server_ssh_pub_key"))
78
79
  install_zscams_systemd_service(sys_user)
80
+ set_dirs_permissions()
81
+
82
+
83
+ def set_dirs_permissions():
84
+ paths = [
85
+ ROOT_PATH.joinpath("certificates"),
86
+ ROOT_PATH.joinpath("keys"),
87
+ ]
88
+ for path in paths:
89
+ set_directory_ownership_and_permissions(path, "zscams", 0o400)
79
90
 
80
91
 
81
92
  def install_zscams_systemd_service(user_to_run_as: str):
zscams/agent/src/core/backend/client.py CHANGED
@@ -1,6 +1,5 @@
1
1
  import json
2
2
  import os
3
- from pathlib import Path
4
3
  import requests
5
4
 
6
5
  from typing import Optional, cast
@@ -184,16 +183,14 @@ class BackendClient:
184
183
 
185
184
  def _write_certificates(self, ca_chain: list[str], cert: str):
186
185
  if cert:
187
- cert_path = os.path.join(
188
- str(ROOT_PATH), self.remote_config.get("client_cert")
189
- )
186
+ cert_path = ROOT_PATH.joinpath(self.remote_config.get("client_cert", ""))
190
187
 
191
188
  self.logger.info("Writing signed certificate to %s", cert_path)
192
189
  with open(cert_path, "w", encoding="utf-8") as cert_file:
193
190
  cert_file.write(cert)
194
191
 
195
192
  if ca_chain:
196
- ca_chain_path = os.path.join(ROOT_PATH, self.remote_config.get("ca_chain"))
193
+ ca_chain_path = ROOT_PATH.joinpath(self.remote_config.get("ca_chain", ""))
197
194
 
198
195
  self.logger.info("Writing CA chain to %s", ca_chain_path)
199
196
  with open(ca_chain_path, "w", encoding="utf-8") as ca_chain_file:
zscams/agent/src/core/services.py CHANGED
@@ -6,6 +6,7 @@ Service launcher utilities for TLS Tunnel Client
6
6
  - Supports both Python scripts and executables
7
7
  """
8
8
 
9
+ import sys
9
10
  import asyncio
10
11
  import json
11
12
  import os
@@ -53,7 +54,7 @@ async def start_service(service_cfg, config_dir=None):
53
54
  # Pass generic parameters to the service via JSON environment variable
54
55
  env["SERVICE_PARAMS"] = json.dumps(params)
55
56
 
56
- cmd = ["python", script_path] + service_cfg.get("args", [])
57
+ cmd = [sys.executable, script_path] + service_cfg.get("args", [])
57
58
  logger.info(
58
59
  "Starting service %s on port %d: %s",
59
60
  service_cfg.get("name"),
zscams/agent/src/services/ssh_forwarder.py CHANGED
@@ -45,7 +45,6 @@ async def run():
45
45
 
46
46
  # Add additional SSH options
47
47
  ssh_cmd += SSH_OPTIONS
48
- os.chmod(PRIVATE_KEY, 0o700)
49
48
  logger.info(f"Starting reverse SSH tunnel: {' '.join(ssh_cmd)}")
50
49
 
51
50
  while True:
zscams/agent/src/support/configuration.py CHANGED
@@ -3,7 +3,7 @@ Configuration loader module
3
3
  """
4
4
 
5
5
  import os
6
- import sys
6
+ import shutil
7
7
  from pathlib import Path
8
8
  from typing import Optional, Type, TypeVar, TypedDict, cast
9
9
  import yaml
@@ -14,7 +14,7 @@ from zscams.agent.src.support.yaml import YamlIndentedListsDumper, resolve_place
14
14
  ROOT_PATH = Path(zscams.__file__).resolve().parent.joinpath("agent")
15
15
  CONFIG_PATH = os.path.join(ROOT_PATH.absolute(), "config.yaml")
16
16
 
17
- GetReturnT = TypeVar("T")
17
+ GetReturnT = TypeVar("GetReturnT")
18
18
 
19
19
 
20
20
  class MissingConfiguration(BaseException):
@@ -40,10 +40,8 @@ class Configuration:
40
40
  with open(CONFIG_PATH, "r", encoding="utf-8") as f:
41
41
  self.__config = yaml.safe_load(f)
42
42
  except FileNotFoundError:
43
- print(
44
- f"Can't find configurations file. Make sure you have it by running `cp '{ROOT_PATH.joinpath('configuration/config.j2')}' '{CONFIG_PATH}'`",
45
- )
46
- sys.exit(1)
43
+ shutil.copyfile(ROOT_PATH.joinpath("configuration/config.j2"), CONFIG_PATH)
44
+ self.__load_config()
47
45
 
48
46
  def override_config(self, new_config: dict):
49
47
  """
zscams/agent/src/support/os.py CHANGED
@@ -3,6 +3,7 @@ from pathlib import Path
3
3
  import sys
4
4
  import subprocess
5
5
  import platform
6
+ from typing import Optional, Union
6
7
  from zscams.agent.src.support.logger import get_logger
7
8
  from zscams.agent.src.support.mac import get_mac_address
8
9
 
@@ -22,6 +23,37 @@ def is_freebsd():
22
23
  )
23
24
 
24
25
 
26
+ def set_directory_ownership_and_permissions(
27
+ directory_path: Union[str, Path],
28
+ owner_user: Optional[str] = None,
29
+ mod: Optional[int] = None,
30
+ ):
31
+ if not is_linux() and not is_freebsd():
32
+ logger.error("Unsupported OS to change directory owner or mod.")
33
+ return
34
+
35
+ if not owner_user and not mod:
36
+ raise ValueError("You have to provide a user or mod")
37
+
38
+ for root, _dirs, files in os.walk(directory_path):
39
+ if owner_user:
40
+ os.chown(root, owner_user)
41
+ if mod:
42
+ os.chmod(root, mod)
43
+
44
+ for name in files:
45
+ file_path = os.path.join(root, name)
46
+ if owner_user:
47
+ os.chown(file_path, owner_user)
48
+ if mod:
49
+ os.chmod(file_path, mod)
50
+
51
+ if owner_user:
52
+ os.chown(directory_path, owner_user)
53
+ if mod:
54
+ os.chmod(directory_path, mod)
55
+
56
+
25
57
  def system_user_exists(username: str):
26
58
  try:
27
59
  subprocess.run(
zscams/agent/src/support/ssh.py CHANGED
@@ -6,18 +6,24 @@ logger = get_logger("ssh_support")
6
6
 
7
7
 
8
8
  def add_to_known_hosts(user: str, hostname: str, pub_key: str):
9
- logger.debug("Appending '%s' to known hosts...", pub_key)
10
- append_to_file(
11
- f"/home/{user}/.ssh/known_hosts",
12
- f"{hostname} {pub_key}\n",
13
- )
14
- logger.debug("Appended key to known hosts")
9
+ try:
10
+ logger.debug("Appending '%s' to known hosts...", pub_key)
11
+ append_to_file(
12
+ f"/home/{user}/.ssh/known_hosts",
13
+ f"{hostname} {pub_key}\n",
14
+ )
15
+ logger.debug("Appended key to known hosts")
16
+ except:
17
+ pass
15
18
 
16
19
 
17
20
  def add_to_authorized_keys(user: str, pub_key: str):
18
21
  logger.debug(f"Appending to public key to {user}")
19
22
  key = pub_key.split(" ")[1] if len(pub_key.split(" ")) >= 2 else pub_key
20
- append_to_file(
21
- f"/home/{user}/.ssh/authorized_keys",
22
- f"ssh-rsa {key} zscams@orangecyberdefense\n",
23
- )
23
+ try:
24
+ append_to_file(
25
+ f"/home/{user}/.ssh/authorized_keys",
26
+ f"ssh-rsa {key} zscams@orangecyberdefense\n",
27
+ )
28
+ except:
29
+ pass
{zscams-2.0.12.dist-info → zscams-2.0.14.dist-info}/METADATA RENAMED
@@ -1,12 +1,11 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: zscams
3
- Version: 2.0.12
3
+ Version: 2.0.14
4
4
  Summary: Async TLS tunnel client with SNI routing, auto-reconnect, and health checks
5
5
  Author: OCD - Cairo Software Team
6
6
  Maintainer: OCD - Cairo Software Team
7
- Requires-Python: >=3.9
7
+ Requires-Python: >3.9.0
8
8
  Classifier: Programming Language :: Python :: 3
9
- Classifier: Programming Language :: Python :: 3.9
10
9
  Classifier: Programming Language :: Python :: 3.10
11
10
  Classifier: Programming Language :: Python :: 3.11
12
11
  Classifier: Programming Language :: Python :: 3.12
{zscams-2.0.12.dist-info → zscams-2.0.14.dist-info}/RECORD RENAMED
@@ -3,39 +3,39 @@ zscams/__main__.py,sha256=TcHhPfv7zHxD1orIDbv5Tr5WB10wq7nGNnifVr7SqPg,1486
3
3
  zscams/agent/__init__.py,sha256=F1GZKevu-XdgWdT5mP-PnjWDdbgAnsaCDFtoPS7RtEo,3121
4
4
  zscams/agent/certificates/.gitkeep,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
5
5
  zscams/agent/configuration/config.j2,sha256=znK-UvRB3-PiEOUPrFuAYDbkAA-zog-Js-et4-97rY4,2649
6
- zscams/agent/configuration/freebsd_service.j2,sha256=LHW1bEz0ky2aasYBy1JpreAzplzqJ53z8SNbDElD4y0,307
6
+ zscams/agent/configuration/freebsd_service.j2,sha256=veZ1_Io733K8aMYosOxdOWYiZqZDwvAdL2Riy5LgrfI,312
7
7
  zscams/agent/configuration/linux_service.j2,sha256=UOrGrXvBK2mFit_b3QxUAKgZhG-dmKV8-45bksxL4NE,225
8
8
  zscams/agent/keys/autoport.key,sha256=hZBmtw_nLsZwe11LYlwLL-P_blQ_qpUDpFwvqOZDZFE,1679
9
9
  zscams/agent/src/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
10
10
  zscams/agent/src/core/__init__.py,sha256=CEDwvbxojtNZOfOOFBj-URg4Q0KB0cq9AqIiD0uzPic,24
11
- zscams/agent/src/core/backend/bootstrap.py,sha256=oeSERVRo6CqXWraDm2z-JUpasjmObeBDhEQqlSVE_FQ,3145
12
- zscams/agent/src/core/backend/client.py,sha256=QFMqG58EUzYJ1ODsqU6I4fxhQAGvgS1xywA30EbKpq4,10727
11
+ zscams/agent/src/core/backend/bootstrap.py,sha256=8XuWu3OaFH4ph8cUejF9pjGlmdTqb-6xQxBF5AYQt7U,3441
12
+ zscams/agent/src/core/backend/client.py,sha256=svQRgIhh6auGzFak6n3XwtZb43MsFdUbZkbJv-bsIwQ,10665
13
13
  zscams/agent/src/core/backend/exceptions.py,sha256=osMbVb_ZGvrGbw5cOCMG1s4yBLukJl7T8TITCcVPyXA,383
14
14
  zscams/agent/src/core/backend/unbootstrap.py,sha256=PZAN_Bgf26iEJoljCIs0cftCyC0lqPkgThjpaK_i0zU,1978
15
15
  zscams/agent/src/core/backend/update_machine_info.py,sha256=9chBdvsLeLVf5DsvSHiUO9xQpXSbDgqhdnrUwxyoKUM,474
16
16
  zscams/agent/src/core/prerequisites.py,sha256=5OlXBEg8FaYp6LXjJHtbdcpRaMywR-DBDyvDr_OiVdA,1286
17
17
  zscams/agent/src/core/service_health_check.py,sha256=9VUWQitXcDEwLcHTTeequi6om98OXN-JIIMZCCH5y4A,1733
18
- zscams/agent/src/core/services.py,sha256=GvAYODh1Pg_FatnZO_8iqReiIeBfq7Hfwj9zxlXYm-0,2840
18
+ zscams/agent/src/core/services.py,sha256=mAGuIzaC-OMPEQDVXx4qwennINhh2ik9Br56mln0Ir4,2857
19
19
  zscams/agent/src/core/tunnel/__init__.py,sha256=BvJmqtjliO-UvmEguOwky8KSGLY_w8xqM67Q3v2_jc0,4658
20
20
  zscams/agent/src/core/tunnel/tls.py,sha256=EIRR7aLq6BkW6jUVseM1YCqm7E_UDVSQ9CffQri2U6U,2006
21
21
  zscams/agent/src/core/tunnels.py,sha256=FwYi9cV3V7c_su5cEgXmyNdr8VyfCBKzU5olvi2MzBw,1736
22
22
  zscams/agent/src/services/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
23
23
  zscams/agent/src/services/reverse_ssh.py,sha256=LUbl7FwKltN2irQ-lAsECm-JMr0PRlgb0hcQu_q95Dw,2304
24
- zscams/agent/src/services/ssh_forwarder.py,sha256=vl3afyWxvYu114o5PTQpg3aok9oaLdVfIwydVxE5bUo,2446
24
+ zscams/agent/src/services/ssh_forwarder.py,sha256=2s3QyirNVLw2Ud1mBjfdQcwfCZfDbXSwam7RtZe2f0o,2413
25
25
  zscams/agent/src/services/system_monitor.py,sha256=caGexjOD0eH7GVDdQQIBdTlMpYema_YIUEo3F-fG1vM,7526
26
26
  zscams/agent/src/support/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
27
27
  zscams/agent/src/support/cli.py,sha256=QexHTsEFSRy3AY-29m0Q-0msL4fxooRUJdIN0vAT_WI,3641
28
- zscams/agent/src/support/configuration.py,sha256=3jGtXdGBPE2zKfMb2T85837YJOHTALhP_r8W__ej7qs,3761
28
+ zscams/agent/src/support/configuration.py,sha256=b0Eg7ktco8HI3iEv2reH_uIkVNXhI-tcop9lZVzxYts,3681
29
29
  zscams/agent/src/support/filesystem.py,sha256=e2p2xWxitLkTclyVgmDC-2DGROBwowves7dlm0S47Hw,1719
30
30
  zscams/agent/src/support/logger.py,sha256=cKmCqy2dSOJk7kivs9QPyop7bLa71619ODNylS27z6M,2345
31
31
  zscams/agent/src/support/mac.py,sha256=XVKc5YAYLu4a-5VrMhcwgkMNnP2u6itK3cx-Oxnx4IA,453
32
32
  zscams/agent/src/support/network.py,sha256=VwVVNqykZxvrTPwPYQ3sSVMc_Z2XUwASlo_kd_wdGDs,1453
33
33
  zscams/agent/src/support/openssl.py,sha256=jLSv8ajIw1YfNdBhz4KSvNp-cARLXY9-7qdzne9Zca4,3429
34
- zscams/agent/src/support/os.py,sha256=EhDy5mMyZsDFK_eL_qot5l2e94r3RODVLh2eX2BvONg,7054
35
- zscams/agent/src/support/ssh.py,sha256=5qJpKIIiidG1r9AMeAIfb4c4eGOV4MExSVmQUgAuVzs,747
34
+ zscams/agent/src/support/os.py,sha256=yT9C06o2h-YkJoayyLtFMzdeeY9HZWCl8bnvlUKj3PY,7970
35
+ zscams/agent/src/support/ssh.py,sha256=gH1DVnxuIQj1XO2ILyqmD2bwjXH63QtdwZ7e06_8UqU,855
36
36
  zscams/agent/src/support/yaml.py,sha256=7NXPqj-v_RUif3fLfErNwSUJ-Y-so0GCFZ5aIiU96GQ,1192
37
37
  zscams/deps.py,sha256=9xbpgq77oTch-Nv_99QQtkyO3a96JxqFjUH_2d5zt4Q,3575
38
- zscams-2.0.12.dist-info/METADATA,sha256=ChVB7wedYEAGnl3H8u2Qzor8OxKStTpov5oVeWuyFZY,6806
39
- zscams-2.0.12.dist-info/WHEEL,sha256=Nq82e9rUAnEjt98J6MlVmMCZb-t9cYE2Ir1kpBmnWfs,88
40
- zscams-2.0.12.dist-info/entry_points.txt,sha256=IXiMYjEq4q0tUiD9O7eCWhqKBuOssXrMW42siTBAgG8,47
41
- zscams-2.0.12.dist-info/RECORD,,
38
+ zscams-2.0.14.dist-info/METADATA,sha256=QweZC4DGibhljEhtOi-4RsiaUfIwEvJunJvMSAs9QBk,6757
39
+ zscams-2.0.14.dist-info/WHEEL,sha256=Nq82e9rUAnEjt98J6MlVmMCZb-t9cYE2Ir1kpBmnWfs,88
40
+ zscams-2.0.14.dist-info/entry_points.txt,sha256=IXiMYjEq4q0tUiD9O7eCWhqKBuOssXrMW42siTBAgG8,47
41
+ zscams-2.0.14.dist-info/RECORD,,