a á `˜uã@s–dZddlmZddlZddlZddlZddlZddlmZzd?„Z.d@dA„Z/dS)Gz;Compat module to handle files security on Windows and Linuxé)Úabsolute_importN)ÚListTFc@seZdZdZdd„ZdS)Ú _WindowsUmaskz+Store the current umask to apply on WindowscCs d|_dS)Né)Úmask)Úself©rú;/usr/lib/python3/dist-packages/certbot/compat/filesystem.pyÚ__init__ sz_WindowsUmask.__init__N)Ú__name__Ú __module__Ú __qualname__Ú__doc__r rrrr rsrcCs trt ||¡n t||ƒdS)a[ Apply a POSIX mode on given file_path: - for Linux, the POSIX mode will be directly applied using chmod, - for Windows, the POSIX mode will be translated into a Windows DACL that make sense for Certbot context, and applied to the file using kernel calls. The definition of the Windows DACL that correspond to a POSIX mode, in the context of Certbot, is explained at https://github.com/certbot/certbot/issues/6356 and is implemented by the method `_generate_windows_flags()`. :param str file_path: Path of the file :param int mode: POSIX mode to apply N)Ú POSIX_MODEÚosÚchmodÚ_apply_win_mode©Ú file_pathÚmoderrr r'srcCstrt |¡Stj}|t_|S)a$ Set the current numeric umask and return the previous umask. On Linux, the built-in umask method is used. On Windows, our Certbot-side implementation is used. :param int mask: The user file-creation mode mask to apply. :rtype: int :return: The previous umask value. )rrÚumaskÚ_WINDOWS_UMASKr)rZprevious_umaskrrr r=s  rcCsVtr:t |¡}|r|jnd}|r&|jnd}t |||¡n|rHt||ƒt||ƒdS)aô Copy ownership (user and optionally group on Linux) from the source to the destination, then apply given mode in compatible way for Linux and Windows. This replaces the os.chown command. :param str src: Path of the source file :param str dst: Path of the destination file :param int mode: Permission mode to apply on the destination file :param bool copy_user: Copy user if `True` :param bool copy_group: Copy group if `True` on Linux (has no effect on Windows) éÿÿÿÿN)rrÚstatÚst_uidÚst_gidÚchownÚ_copy_win_ownershipr)ÚsrcÚdstrÚ copy_userÚ copy_groupÚstatsÚuser_idÚgroup_idrrr Úcopy_ownership_and_apply_modeXs   r%cCsbtrFt |¡}|r|jnd}|r&|jnd}t |||¡t||jƒn|rTt||ƒt ||ƒdS)aU Copy ownership (user and optionally group on Linux) and mode/DACL from the source to the destination. :param str src: Path of the source file :param str dst: Path of the destination file :param bool copy_user: Copy user if `True` :param bool copy_group: Copy group if `True` on Linux (has no effect on Windows) rN) rrrrrrrÚst_moderÚ_copy_win_mode)rrr r!r"r#r$rrr Úcopy_ownership_and_modeys   r(cCs$trt t |¡j¡|kSt||ƒS)aa Check if the given mode matches the permissions of the given file. On Linux, will make a direct comparison, on Windows, mode will be compared against the security model. :param str file_path: Path of the file :param int mode: POSIX mode to test :rtype: bool :return: True if the POSIX mode matches the file permissions )rrÚS_IMODErr&Ú_check_win_moderrrr Ú check_mode’s r+cCs8trt |¡jt ¡kSt |tj¡}| ¡}t ƒ|kS)zÁ Check if given file is owned by current user. :param str file_path: File path to check :rtype: bool :return: True if given file is owned by current user, False otherwise. ) rrrrÚgetuidÚ win32securityÚGetFileSecurityÚOWNER_SECURITY_INFORMATIONÚGetSecurityDescriptorOwnerÚ_get_current_user)rÚsecurityÚuserrrr Ú check_owner¤s r4cCst|ƒot||ƒS)zý Check if given file has the given mode and is owned by current user. :param str file_path: File path to check :param int mode: POSIX mode to check :rtype: bool :return: True if file has correct mode and owner, False otherwise. )r4r+rrrr Úcheck_permissions»s r5éÿc CsNtrt |||¡S|tj@r4|tj@r.tjntj}t  ¡}|j }t ƒ}t ||t jƒ}| |d¡| d|d¡d}z–z$t |tjtjtj@||dd¡}Wn^tjyø} zD| jtjkrÆttj| jƒ‚| jtjkràttj| jƒ‚| ‚WYd} ~ n d} ~ 00W|r|  ¡n|r|  ¡0t ||tjAtjA¡St ||¡}t!||ƒ|S)aw Wrapper of original os.open function, that will ensure on Windows that given mode is correctly applied. :param str file_path: The file path to open :param int flags: Flags to apply on file while opened :param int mode: POSIX mode to apply on file when opened, Python defaults will be applied if ``None`` :returns: the file descriptor to the opened file :rtype: int :raise: OSError(errno.EEXIST) if the file already exists and os.O_CREAT & os.O_EXCL are set, OSError(errno.EACCES) on Windows if the file already exists and is a directory, and os.O_CREAT is set. réN)"rrÚopenÚO_CREATÚO_EXCLÚwin32conZ CREATE_NEWZ CREATE_ALWAYSr-ÚSECURITY_ATTRIBUTESÚSECURITY_DESCRIPTORr1Ú_generate_daclrrÚSetSecurityDescriptorOwnerÚSetSecurityDescriptorDaclÚ win32fileZ CreateFileZ GENERIC_READZFILE_SHARE_READZFILE_SHARE_WRITEÚ pywintypesÚerrorÚwinerrorZERROR_FILE_EXISTSÚOSErrorÚerrnoÚEEXISTÚstrerrorZERROR_SHARING_VIOLATIONZEACCESZCloser) rÚflagsrZ dispositionÚ attributesr2r3ÚdaclZhandleÚerrrrr r8Ès<    þ   ÿ   r8cCs‚tdƒ}zjt|d|ABƒtr4t ||¡Wt|ƒStj}z$tt_t ||¡W|t_Wt|ƒS|t_0Wt|ƒn t|ƒ0dS)a4 Rewrite of original os.makedirs function, that will ensure on Windows that given mode is correctly applied. :param str file_path: The file path to open :param int mode: POSIX mode to apply on leaf directory when created, Python defaults will be applied if ``None`` rr6N)rrrÚmakedirsÚmkdir)rrZ current_umaskZ orig_mkdir_fnrrr rMs"  õ þü rMc Cs¬trt ||¡St ¡}|j}tƒ}t||tj ƒ}|  |d¡|  d|d¡zt   ||¡WnJtjy¦}z0|jtjkrŽttj|j||jƒ‚|‚WYd}~n d}~00dS)a, Rewrite of original os.mkdir function, that will ensure on Windows that given mode is correctly applied. :param str file_path: The file path to open :param int mode: POSIX mode to apply on directory when created, Python defaults will be applied if ``None`` Fr7rN)rrrNr-r<r=r1r>rrr?r@rAZCreateDirectoryrBrCrDZERROR_ALREADY_EXISTSrErFrGrH)rrrJr2r3rKrLrrr rN/s    rNcCs,ttdƒrttdƒ||ƒn t ||¡dS)zµ Rename a file to a destination path and handles situations where the destination exists. :param str src: The current file path. :param str dst: The new file path. ÚreplaceN)ÚhasattrrÚgetattrÚrename)rrrrr rOOs rOcCsª|}tstjdkr characters) is encountered on Windows z\\?\iéNz3Long paths are not supported by Certbot on Windows.)rr\rÚ startswithÚlenÚ ValueError)rbrWrrr r\„s   r\cCs&trtj |¡ot |tj¡St|ƒS)z‰ Is path an executable file? :param str path: path to test :return: True if path is an executable file :rtype: bool )rrrWÚisfileÚaccessÚX_OKÚ_win_is_executable)rWrrr Ú is_executable§s rkcCsVtr tt t |¡j¡tj@ƒSt |tj ¡}|  ¡}t|  tj tj t d¡dœ¡ƒS)zÒ Check if everybody/world has any right (read/write/execute) on a file given its path. :param str path: path to test :return: True if everybody/world has any right to the file :rtype: bool úS-1-1-0©Z TrusteeFormZ TrusteeTypeZ Identifier)rÚboolrr)rr&ÚS_IRWXOr-r.ÚDACL_SECURITY_INFORMATIONÚGetSecurityDescriptorDaclÚGetEffectiveRightsFromAclÚTRUSTEE_IS_SIDÚTRUSTEE_IS_USERÚConvertStringSidToSid)rWr2rKrrr Úhas_world_permissions¶s ýrvcCs:tr6t t |¡j¡tjtjBtjBtjB@}||BS|S)a Calculate the POSIX mode to apply to a private key given the previous private key. :param str old_key: path to the previous private key :param int base_mode: the minimum modes to apply to a private key :return: the POSIX mode to apply :rtype: int ) rrr)rr&ÚS_IRGRPÚS_IWGRPÚS_IXGRPÚS_IROTH)Zold_keyZ base_modeZold_moderrr Úcompute_private_key_modeÌs ÿr{cCsdtr0t |¡}t |¡}|j|jf|j|jfkSt |tj¡}| ¡}t |tj¡}| ¡}||kS)as Return True if the ownership of two files given their respective path is the same. On Windows, ownership is checked against owner only, since files do not have a group owner. :param str path1: path to the first file :param str path2: path to the second file :return: True if both files have the same ownership, False otherwise :rtype: bool ) rrrrrr-r.r/r0)Zpath1Zpath2Zstats1Zstats2Z security1Zuser1Z security2Zuser2rrr Úhas_same_ownershipâs   r|c Csªtrt |¡j}|||BkSt|ƒ}t |tjtjB¡}|  ¡}|  ¡}t ||ƒ}t |  ¡ƒD]F}| |¡}|d} |d}| tjtj|dœ¡} | | | Bkr^dSq^dS)a” Check if a file given its path has at least the permissions defined by the given minimal mode. On Windows, group permissions are ignored since files do not have a group owner. :param str path: path to the file to check :param int min_mode: the minimal permissions expected :return: True if the file matches the minimal permissions expectations, False otherwise :rtype: bool r7érmFT)rrrr&rXr-r.r/rpr0rqr>ÚrangeÚ GetAceCountÚGetAcerrrsrt) rWZmin_moder&r2r3rKZmin_daclÚindexZmin_acerZeffective_maskrrr Úhas_min_permissionsüs,    ÿ  ý r‚cCsNtj |¡sdSt |tj¡}| ¡}| tjtj t ƒdœ¡}|t j @t j kS)NFrm) rrWrgr-r.rprqrrrsrtr1Ú ntsecurityconÚFILE_GENERIC_EXECUTE)rWr2rKrrrr rj*s ýrjcCsJt|ƒ}t |tj¡}| ¡}t||ƒ}| d|d¡t |tj|¡dS)zà This function converts the given POSIX mode into a Windows ACL list, and applies it to the file given its path. If the given path is a symbolic link, it will resolved to apply the mode on the targeted file. r7rN) rXr-r.r/r0r>r@ÚSetFileSecurityrp)rrr2r3rKrrr r:s  rc Cs¾|r|d|@}t|ƒ}t d¡}t d¡}t d¡}t ¡}|||fvrjt|dƒ}|rj| tj||¡t|dƒ} | rŠ| tj| |¡tddddœƒ} | tj| |¡| tj| |¡|S) Nr6zS-1-5-18z S-1-5-32-544rlr3ÚallT©ÚreadÚwriteÚexecute)Ú _analyze_moder-ruZACLÚ_generate_windows_flagsZAddAccessAllowedAceZ ACL_REVISION) Zuser_sidrrZanalysisÚsystemZadminsZeveryonerKZ user_flagsZeverybody_flagsZfull_permissionsrrr r>Ms$       r>cCs>|tj@|tj@|tj@dœ|tj@|tj@|tj@dœdœS)Nr‡)r3r†)rÚS_IRUSRÚS_IWUSRÚS_IXUSRrzÚS_IWOTHÚS_IXOTH)rrrr r‹qsýýúr‹cCsLt|ƒ}t |tj¡}| ¡}t |tj¡}| |d¡t |tj|¡dS©NF)rXr-r.r/r0r?r…)rrÚ security_srcZuser_srcÚ security_dstrrr r€s  rcCsNt|ƒ}t |tj¡}| ¡}t |tj¡}| d|d¡t |tj|¡dS)Nr7r)rXr-r.rprqr@r…)rrr”rKr•rrr r's r'cCsJd}|dr|tjB}|dr4|tjtjAtjAB}|drF|tjB}|S)Nrrˆr‰rŠ)rƒZFILE_GENERIC_READZFILE_ALL_ACCESSr„)Z rights_descÚflagrrr rŒœs ÿþ rŒcCsHt|ƒ}t |tjtjB¡}| ¡}| ¡}|s4dSt||ƒ}t||ƒSr“) rXr-r.r/rprqr0r>Ú_compare_dacls)rrr2rKr3Zref_daclrrr r*»s ÿ r*cs4‡fdd„tˆ ¡ƒDƒ‡fdd„tˆ ¡ƒDƒkS)z¥ This method compare the two given DACLs to check if they are identical. Identical means here that they contains the same set of ACEs in the same order. csg|]}ˆ |¡‘qSr©r€©Ú.0r)Údacl1rr Ú Öóz"_compare_dacls..csg|]}ˆ |¡‘qSrr˜r™)Údacl2rr rœ×r)r~r©r›ržrrŸr r—Ñsÿr—cCs$d t ¡t ¡¡}t d|¡dS)z= Return the pySID corresponding to the current user. z{0}\{1}Nr)r[Úwin32apiZ GetDomainNameZ GetUserNamer-ZLookupAccountName)Z account_namerrr r1Úsr1)TT)r6)r6)r6)N)0rZ __future__rrFrrrUZacme.magic_typingrrƒr-r;r rArBrDÚ ImportErrorrrrrrr%r(r+r4r5r8rMrNrOrXr\rkrvr{r|r‚rjrr>r‹rr'rŒr*r—r1rrrr Ús^     !  F ! ##. $