PyPI - zscams - Versions diffs - 2.0.1__py2.py3-none-any.whl - Mend

zscams 2.0.1__py2.py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (37) hide show

zscams/__init__.py +0 -0
zscams/__main__.py +101 -0
zscams/agent/__init__.py +0 -0
zscams/agent/certificates/.gitkeep +0 -0
zscams/agent/config.yaml +121 -0
zscams/agent/keys/autoport.key +27 -0
zscams/agent/src/__init__.py +0 -0
zscams/agent/src/core/__init__.py +1 -0
zscams/agent/src/core/api/backend/bootstrap.py +21 -0
zscams/agent/src/core/api/backend/client.py +242 -0
zscams/agent/src/core/api/backend/exceptions.py +10 -0
zscams/agent/src/core/api/backend/update_machine_info.py +16 -0
zscams/agent/src/core/prerequisites.py +36 -0
zscams/agent/src/core/service_health_check.py +49 -0
zscams/agent/src/core/services.py +86 -0
zscams/agent/src/core/tunnel/__init__.py +144 -0
zscams/agent/src/core/tunnel/tls.py +56 -0
zscams/agent/src/core/tunnels.py +55 -0
zscams/agent/src/services/__init__.py +0 -0
zscams/agent/src/services/reverse_ssh.py +73 -0
zscams/agent/src/services/ssh_forwarder.py +75 -0
zscams/agent/src/services/system_monitor.py +264 -0
zscams/agent/src/support/__init__.py +0 -0
zscams/agent/src/support/configuration.py +53 -0
zscams/agent/src/support/filesystem.py +41 -0
zscams/agent/src/support/logger.py +40 -0
zscams/agent/src/support/mac.py +18 -0
zscams/agent/src/support/network.py +49 -0
zscams/agent/src/support/openssl.py +100 -0
zscams/libs/getmac/__init__.py +3 -0
zscams/libs/getmac/__main__.py +123 -0
zscams/libs/getmac/getmac.py +1900 -0
zscams/libs/getmac/shutilwhich.py +67 -0
zscams-2.0.1.dist-info/METADATA +118 -0
zscams-2.0.1.dist-info/RECORD +37 -0
zscams-2.0.1.dist-info/WHEEL +4 -0
zscams-2.0.1.dist-info/entry_points.txt +3 -0

zscams/agent/src/core/services.py ADDED Viewed

@@ -0,0 +1,86 @@
+"""
+Service launcher utilities for TLS Tunnel Client
+- Generic solution: any service can receive parameters via `SERVICE_PARAMS` env variable
+- Starts services asynchronously using asyncio
+- Supports both Python scripts and executables
+"""
+import asyncio
+import json
+import os
+from zscams.agent.src.support.logger import get_logger
+from zscams.agent.src.core.prerequisites import check_prerequisites
+from zscams.agent.src.core import running_services
+logger = get_logger("service_launcher")
+async def start_service(service_cfg, config_dir=None):
+    """
+    Launch an external script/service asynchronously.
+    Args:
+        service_cfg (dict): Service configuration from config.yaml
+            - name: service name
+            - script: path to script/executable
+            - port: associated port (optional)
+            - args: list of extra arguments
+            - params: dict of arbitrary parameters (SERVICE_PARAMS)
+        config_dir (str, optional): Base directory to resolve relative script paths
+    Returns:
+        asyncio.subprocess.Process or None
+    """
+    base_dir = config_dir or os.getcwd()
+    script_path = os.path.join(base_dir, service_cfg["script"])
+    prereqs = service_cfg.get("prerequisites")
+    name = service_cfg["name"]
+    # Wait for prerequisites before starting
+    logger.info("Checking prerequisites for %s...", name)
+    ok = check_prerequisites(prereqs)
+    if not ok:
+        logger.error("Prerequisites not met for %s. Skipping start.", name)
+        return
+    if not os.path.exists(script_path):
+        logger.error("Service script not found: %s", script_path)
+        return None
+    env = os.environ.copy()
+    params = service_cfg.get("params")
+    if params:
+        # Pass generic parameters to the service via JSON environment variable
+        env["SERVICE_PARAMS"] = json.dumps(params)
+    cmd = ["python", script_path] + service_cfg.get("args", [])
+    logger.info(
+        "Starting service %s on port %d: %s",
+        service_cfg.get("name"),
+        service_cfg.get("port", 0),
+        cmd,
+    )
+    try:
+        process = await asyncio.create_subprocess_exec(*cmd, env=env)
+        running_services.add(name)
+        return process
+    except Exception as e:
+        logger.error("Failed to start service %s: %s", service_cfg.get("name"), e)
+        return None
+async def start_all_services(services_cfg_list, config_dir=None):
+    """
+    Start all services defined in the configuration concurrently.
+    Args:
+        services_cfg_list (list): List of service configuration dictionaries
+        config_dir (str, optional): Base directory to resolve relative script paths
+    """
+    tasks = []
+    for svc in services_cfg_list:
+        tasks.append(start_service(svc, config_dir=config_dir))
+    # Wait for all services to start
+    await asyncio.gather(*tasks)

zscams/agent/src/core/tunnel/__init__.py ADDED Viewed

@@ -0,0 +1,144 @@
+"""
+Forwarding utilities for TLS Tunnel Client with:
+- Auto-reconnect with exponential backoff
+- Health checks
+"""
+import asyncio
+from zscams.agent.src.support.logger import get_logger
+READ_BUFFER_SIZE = 4096
+logger = get_logger("tls_forward")
+async def forward(reader: asyncio.StreamReader, writer: asyncio.StreamWriter):
+    """
+    Forward data from reader to writer until connection closes.
+    Handles Windows-specific connection resets gracefully.
+    """
+    try:
+        while True:
+            data = await reader.read(READ_BUFFER_SIZE)
+            if not data:
+                break
+            writer.write(data)
+            await writer.drain()
+    except (ConnectionResetError, OSError) as err:
+        # Handle Windows WinError 64 and other disconnects gracefully
+        logger.debug("Connection closed by peer (expected): %s", err)
+    except Exception as err:
+        logger.error("Unexpected forwarding error: %s", err)
+    finally:
+        try:
+            writer.close()
+            await writer.wait_closed()
+        except Exception:
+            pass  # ignore errors on close
+async def handle_client(
+    local_reader, local_writer, remote_host, remote_port, sni_hostname, ssl_context
+):  # pylint: disable=too-many-arguments,too-many-positional-arguments
+    """
+    Forward a single local connection to the remote TLS server with SNI.
+    Handles abrupt disconnects gracefully.
+    """
+    try:
+        remote_reader, remote_writer = await asyncio.open_connection(
+            host=remote_host,
+            port=remote_port,
+            ssl=ssl_context,
+            server_hostname=sni_hostname,
+        )
+        logger.debug(
+            "New connection: local -> %s:%s (SNI=%s)",
+            remote_host,
+            remote_port,
+            sni_hostname,
+        )
+        await asyncio.gather(
+            forward(local_reader, remote_writer), forward(remote_reader, local_writer)
+        )
+    except (ConnectionResetError, OSError) as e:
+        logger.debug("Connection closed unexpectedly: %s", e)
+    except Exception as e:
+        logger.error("Unexpected client handling error: %s", e)
+    finally:
+        try:
+            local_writer.close()
+            await local_writer.wait_closed()
+            logger.debug(
+                f"Connection closed: local -> {remote_host}:{remote_port} (SNI={sni_hostname})"
+            )
+        except Exception as e:
+            logger.error("Unexpected client handling error: %s", e)
+async def start_tunnel(
+    local_port,
+    remote_host,
+    remote_port,
+    sni_hostname,
+    ssl_context,
+    reconnect_max_delay=60,
+    ready_event=None,
+):  # pylint: disable=too-many-arguments,too-many-positional-arguments
+    """
+    Start a TCP listener on local_port and forward connections to the remote TLS server.
+    Automatically reconnects on failure with exponential backoff and performs periodic health checks.
+    Args:
+        local_port (int)
+        remote_host (str)
+        remote_port (int)
+        sni_hostname (str)
+        ssl_context (ssl.SSLContext)
+        reconnect_max_delay (int): Maximum delay between reconnect attempts
+    """
+    backoff = 1  # initial delay in seconds
+    while True:
+        try:
+            server = await asyncio.start_server(
+                lambda r, w: handle_client(
+                    r, w, remote_host, remote_port, sni_hostname, ssl_context
+                ),
+                "127.0.0.1",
+                local_port,
+            )
+            addr = server.sockets[0].getsockname()
+            logger.info(
+                "Listening on :%s -> %s:%s (SNI=%s)",
+                addr[1],
+                remote_host,
+                remote_port,
+                sni_hostname,
+            )
+            # Health check task: logs tunnel is alive every 30 seconds
+            async def health_check():
+                while True:
+                    await asyncio.sleep(600)
+                    logger.info(
+                        "Tunnel on local port %s is healthy and running", local_port
+                    )
+            asyncio.create_task(health_check())
+            # Signal ready if event is provided
+            if ready_event:
+                ready_event.set()
+            async with server:
+                await server.serve_forever()
+        except Exception as e:
+            logger.error("Tunnel error on local port %s: %s", local_port, e)
+            logger.info("Reconnecting in %s seconds...", backoff)
+            await asyncio.sleep(backoff)
+            backoff = min(backoff * 2, reconnect_max_delay)  # exponential backoff
+        else:
+            backoff = 1  # reset backoff if successful

zscams/agent/src/core/tunnel/tls.py ADDED Viewed

@@ -0,0 +1,56 @@
+import ssl
+import os
+from typing import Optional
+from zscams.agent.src.support.configuration import RemoteConfig
+from zscams.agent.src.support.filesystem import resolve_path
+from zscams.agent.src.support.logger import get_logger
+logger = get_logger("tls_utils")
+def create_ssl_context(
+    remote_cfg: RemoteConfig, config_dir: Optional[str] = None
+) -> ssl.SSLContext:
+    """
+    Create an SSL context for TLS connections based on configuration.
+    Args:
+        remote_cfg (dict): Remote server configuration including:
+            - verify_cert (bool)
+            - ca_cert (str)
+            - client_cert (str)
+            - client_key (str)
+        config_dir (str, optional): Directory to resolve relative paths from.
+    Returns:
+        ssl.SSLContext: Configured SSL context
+    """
+    context = ssl.create_default_context()
+    ca_cert = resolve_path(remote_cfg.get("ca_cert"), config_dir)
+    client_cert = resolve_path(remote_cfg.get("client_cert"), config_dir)
+    client_key = resolve_path(remote_cfg.get("client_key"), config_dir)
+    if not remote_cfg.get("verify_cert", True):
+        context.check_hostname = False
+        context.verify_mode = ssl.CERT_NONE
+        logger.warning("Certificate verification is disabled!")
+    else:
+        if ca_cert and os.path.exists(ca_cert):
+            context.load_verify_locations(cafile=ca_cert)
+            logger.info("Loaded CA certificate from %s", ca_cert)
+        else:
+            logger.warning("CA certificate not found or not provided: %s", ca_cert)
+    if client_cert and client_key:
+        if os.path.exists(client_cert) and os.path.exists(client_key):
+            context.load_cert_chain(certfile=client_cert, keyfile=client_key)
+            logger.info(
+                "Loaded client certificate/key: %s / %s", client_cert, client_key
+            )
+        else:
+            raise FileNotFoundError(
+                f"Client certificate or key not found: {client_cert}, {client_key}"
+            )
+    return context

zscams/agent/src/core/tunnels.py ADDED Viewed

@@ -0,0 +1,55 @@
+"""
+Utilities to start TLS tunnels asynchronously
+- Supports multiple forwards
+- Signals readiness via asyncio.Event
+- Auto-reconnect and logging
+"""
+import asyncio
+from zscams.agent.src.core.tunnel import start_tunnel
+from zscams.agent.src.support.logger import get_logger
+logger = get_logger("tunnel_launcher")
+async def start_all_tunnels(forwards_cfg_list, remote_host, remote_port, ssl_context):
+    """
+    Start all TLS tunnels concurrently and wait for readiness.
+    Args:
+        forwards_cfg_list (list): List of forward dictionaries from config
+            Each dict should have:
+                - local_port
+                - sni_hostname
+        remote_host (str): Remote host to connect to
+        remote_port (int): Remote port to connect to
+        ssl_context (ssl.SSLContext): SSL context for the TLS tunnel
+    Returns:
+        list of asyncio.Tasks: tunnel tasks running indefinitely
+    """
+    tasks = []
+    ready_events = []
+    for forward_cfg in forwards_cfg_list:
+        ready_event = asyncio.Event()
+        ready_events.append(ready_event)
+        tasks.append(
+            asyncio.create_task(
+                start_tunnel(
+                    local_port=forward_cfg["local_port"],
+                    remote_host=remote_host,
+                    remote_port=remote_port,
+                    sni_hostname=forward_cfg["sni_hostname"],
+                    ssl_context=ssl_context,
+                    reconnect_max_delay=60,
+                    ready_event=ready_event,
+                )
+            )
+        )
+    # Wait for all tunnels to signal readiness
+    await asyncio.gather(*(event.wait() for event in ready_events))
+    logger.info("[*] %d tunnel(s) ready", len(tasks))
+    return tasks

zscams/agent/src/services/__init__.py ADDED Viewed

File without changes

zscams/agent/src/services/reverse_ssh.py ADDED Viewed

@@ -0,0 +1,73 @@
+import asyncio
+import json
+import os
+import sys
+from zscams.agent.src.support.logger import get_logger
+logger = get_logger("autossh_service")
+# Load service-specific params from environment
+params_env = os.environ.get("SERVICE_PARAMS")
+if not params_env:
+    logger.error("SERVICE_PARAMS environment variable not set")
+    sys.exit(1)
+params = json.loads(params_env)
+LOCAL_PORT = params.get("local_port", 4422)
+SERVER_SSH_USER = params.get("server_ssh_user", "ssh_user")
+REVERSE_PORT = params.get("reverse_port", 2222)
+PRIVATE_KEY = params.get("private_key")  # Path to RSA key
+SSH_OPTIONS = params.get("ssh_options", [])
+CHECK_INTERVAL = 120  #
+async def run():
+    backoff = 1
+    max_backoff = 60
+    ssh_cmd = [
+        "ssh",
+        "-p",
+        f"{LOCAL_PORT}",
+        "-R",
+        f"*:{REVERSE_PORT}:localhost:22",
+        f"{SERVER_SSH_USER}@localhost",
+        "-N",
+    ]
+    # Use key file if provided
+    if PRIVATE_KEY:
+        ssh_cmd += ["-i", PRIVATE_KEY]
+    # Add additional SSH options
+    ssh_cmd += SSH_OPTIONS
+    logger.info(f"Starting reverse SSH tunnel: {' '.join(ssh_cmd)}")
+    while True:
+        try:
+            process = await asyncio.create_subprocess_exec(
+                *ssh_cmd, stdout=asyncio.subprocess.PIPE, stderr=asyncio.subprocess.PIPE
+            )
+            logger.info(f"SSH tunnel started (PID={process.pid})")
+            stdout, stderr = await process.communicate()
+            if stdout:
+                logger.info(stdout.decode())
+            if stderr:
+                logger.warning(stderr.decode())
+            returncode = process.returncode
+            logger.warning(f"SSH tunnel exited with code {returncode}")
+        except Exception as e:
+            logger.error(f"SSH tunnel failed: {e}")
+        logger.info(f"Reconnecting in {backoff} seconds...")
+        await asyncio.sleep(backoff)
+        backoff = min(backoff * 2, max_backoff)
+if __name__ == "__main__":
+    try:
+        asyncio.run(run())
+    except KeyboardInterrupt:
+        logger.info("Exiting autossh_service.py")
+        sys.exit(0)

zscams/agent/src/services/ssh_forwarder.py ADDED Viewed

@@ -0,0 +1,75 @@
+import asyncio
+import json
+import os
+import sys
+from zscams.agent.src.support.logger import get_logger
+logger = get_logger("autossh_service")
+# Load service-specific params from environment
+params_env = os.environ.get("SERVICE_PARAMS")
+if not params_env:
+    logger.error("SERVICE_PARAMS environment variable not set")
+    sys.exit(1)
+params = json.loads(params_env)
+FORWARDER_PORT = params.get("forwarder_port", 4422)
+LOCAL_PORT = params.get("local_port", 4422)
+REMOTE_PORT = params.get("remote_port", 4422)
+REMOTE_HOST = params.get("remote_host", "localhost")
+SERVER_SSH_USER = params.get("server_ssh_user", "ssh_user")
+PRIVATE_KEY = params.get("private_key")  # Path to RSA key
+SSH_OPTIONS = params.get("ssh_options", [])
+CHECK_INTERVAL = 120  #
+async def run():
+    backoff = 1
+    max_backoff = 60
+    ssh_cmd = [
+        "ssh",
+        "-p",
+        f"{LOCAL_PORT}",
+        "-L",
+        f"{FORWARDER_PORT}:{REMOTE_HOST}:{REMOTE_PORT}",
+        f"{SERVER_SSH_USER}@localhost",
+        "-N",  # No command execution
+    ]
+    # Use key file if provided
+    if PRIVATE_KEY:
+        ssh_cmd += ["-i", PRIVATE_KEY]
+    # Add additional SSH options
+    ssh_cmd += SSH_OPTIONS
+    logger.info(f"Starting reverse SSH tunnel: {' '.join(ssh_cmd)}")
+    while True:
+        try:
+            process = await asyncio.create_subprocess_exec(
+                *ssh_cmd, stdout=asyncio.subprocess.PIPE, stderr=asyncio.subprocess.PIPE
+            )
+            logger.info(f"SSH tunnel started (PID={process.pid})")
+            stdout, stderr = await process.communicate()
+            if stdout:
+                logger.info(stdout.decode())
+            if stderr:
+                logger.warning(stderr.decode())
+            returncode = process.returncode
+            logger.warning(f"SSH tunnel exited with code {returncode}")
+        except Exception as e:
+            logger.error(f"SSH tunnel failed: {e}")
+        logger.info(f"Reconnecting in {backoff} seconds...")
+        await asyncio.sleep(backoff)
+        backoff = min(backoff * 2, max_backoff)
+if __name__ == "__main__":
+    try:
+        asyncio.run(run())
+    except KeyboardInterrupt:
+        logger.info("Exiting autossh_service.py")
+        sys.exit(0)