Merge pull request #36 from HuFlungDu/hotfix/1.1.2

Hotfix/1.1.2 Fixes #35 Update Cryptography version to fix SSL vulnerability.
Updated changelog
2025-02-17 12:11:08 -08:00 · 2025-02-17 12:07:19 -08:00 · 2025-02-17 12:06:10 -08:00 · 2025-02-17 11:51:13 -08:00 · 2025-02-17 11:50:50 -08:00 · 2025-02-05 12:37:00 -08:00
12 changed files with 89 additions and 28 deletions
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@@ -2,7 +2,34 @@
 Changelog
 =========
 version 1.1.2
 =============
 Bugs:
 	* Fixed semver for requirements. New version of websockets broke this library.
 Security:
 	* Updated cryptogaphy to ~44.0.1 to fix ssl vulnerability.
 Version 1.1.1
 =============
 Bugs:
 	* Fixed bug when running device_info when user has access to multiple meshes
 Version 1.1.0
 =============
 Features:
 	* Added overrides for meshcentral files for testing purposes
 	* Added `users` field to `device` object
 Bugs:
 	* Fixed connection errors not raising immediately
 	* Fixed run_commands parsing return from multiple devices incorrectly
 	* Fixed listening to raw not removing its listener correctly
 	* Fixed javascript timecodes not being handled in gnu environments
 	* Changed some fstring formatting that locked the library into python >3.13
 Version 1.0.0
-===========
+=============
 First release
--- a/docs/requirements.txt
+++ b/docs/requirements.txt
@@ -5,8 +5,8 @@ sphinx>=3.2.1
 sphinx-jinja2-compat>=0.1.1
 sphinx-toolbox>=2.16.0
 # sphinx_rtd_theme
-cffi==1.17.1
+cffi~=1.17.1
-cryptography==43.0.3
+cryptography~=44.0.1
-pycparser==2.22
+pycparser~=2.22
-websockets==13.1
+websockets~=14.2
 enum_tools
--- a/requirements.txt
+++ b/requirements.txt
--- a/setup.cfg
+++ b/setup.cfg
@@ -44,9 +44,9 @@ python_requires = >=3.8
 # For more information, check out https://semver.org/.
 install_requires =
    importlib-metadata
-    cryptography>=43.0.3
+    cryptography~=44.0.1
-    websockets>=13.1
+    websockets~=14.2
-    python-socks[asyncio]
+    python-socks[asyncio]~=2.5.3
 [options.packages.find]
--- a/src/meshctrl/exceptions.py
+++ b/src/meshctrl/exceptions.py
@@ -2,7 +2,9 @@ class MeshCtrlError(Exception):
    """
    Base class for Meshctrl errors
    """
-    pass
+    def __init__(self, message, *args, **kwargs):
        self.message = message
        super().__init__(message, *args, **kwargs)
 class ServerError(MeshCtrlError):
    """
@@ -25,6 +27,7 @@ class FileTransferError(MeshCtrlError):
    """
    def __init__(self, message, stats):
        self.stats = stats
        super().__init__(message)
 class FileTransferCancelled(FileTransferError):
    """
--- a/src/meshctrl/session.py
+++ b/src/meshctrl/session.py
@@ -1363,10 +1363,10 @@ class Session(object):
                        node["meshid"] = meshid
                        if _mesh is not None:
                            node["mesh"] = _mesh
-                sysinfo["node"] = node
+                        break
-                sysinfo["nodeid"] = nodeid
+                else:
-                del sysinfo["result"]
+                    continue
-                del sysinfo["noinfo"]
+                break
        if node is None:
            raise ValueError("Invalid device id")
        if lastconnect is not None:
@@ -1463,6 +1463,7 @@ class Session(object):
                        result.setdefault(node, {})["complete"] = True
                        if all(_["complete"] for key, _ in result.items()):
                            break
                        continue
                    elif (event["value"].startswith("Run commands")):
                        continue
                    result[node]["result"].append(event["value"])
--- a/src/meshctrl/util.py
+++ b/src/meshctrl/util.py
@@ -140,17 +140,20 @@ def compare_dict(dict1, dict2):
        return False
 def _check_socket(f):
-    @functools.wraps(f)
+    async def _check_errs(self):
    async def wrapper(self, *args, **kwargs):
        try:
            async with asyncio.TaskGroup() as tg:
                tg.create_task(asyncio.wait_for(self.initialized.wait(), 10))
                tg.create_task(asyncio.wait_for(self._socket_open.wait(), 10))
        finally:
        if not self.alive and self._main_loop_error is not None:
            raise self._main_loop_error
        elif not self.alive and self.initialized.is_set():
            raise exceptions.SocketError("Socket Closed")
    @functools.wraps(f)
    async def wrapper(self, *args, **kwargs):
        try:
            await asyncio.wait_for(self.initialized.wait(), 10)
            await _check_errs(self)
            await asyncio.wait_for(self._socket_open.wait(), 10)
        finally:
            await _check_errs(self)
            return await f(self, *args, **kwargs)
    return wrapper
--- a/tests/environment/init.py
+++ b/tests/environment/init.py
@@ -62,7 +62,7 @@ class TestEnvironment(object):
            return self
        # Destroy the env in case it wasn't killed correctly last time.
        subprocess.check_call(["docker", "compose", "down"], stdout=subprocess.DEVNULL, cwd=thisdir)
-        self._subp = _docker_process = subprocess.Popen(["docker", "compose", "up", "--build", "--force-recreate", "--no-deps"], stdout=subprocess.DEVNULL, cwd=thisdir)
+        self._subp = _docker_process = subprocess.Popen(["docker", "compose", "up", "--build", "--force-recreate", "--no-deps"], cwd=thisdir)
        if not self._wait_for_meshcentral():
            self.__exit__(None, None, None)
            raise Exception("Failed to create docker instance")
--- a/tests/environment/config/meshcentral/overrides/.gitignore
+++ b/tests/environment/config/meshcentral/overrides/.gitignore
@@ -0,0 +1,4 @@
 # Ignore everything in this directory
 *
 # Except this file
 !.gitignore
--- a/tests/environment/meshcentral.dockerfile
+++ b/tests/environment/meshcentral.dockerfile
@@ -4,4 +4,5 @@ RUN apk add python3
 WORKDIR /opt/meshcentral/
 COPY ./scripts/meshcentral ./scripts
 COPY ./config/meshcentral/data /opt/meshcentral/meshcentral-data
 COPY ./config/meshcentral/overrides /opt/meshcentral/meshcentral
 CMD ["python3", "/opt/meshcentral/scripts/create_users.py"]
--- a/tests/requirements.txt
+++ b/tests/requirements.txt
@@ -1,6 +1,6 @@
 requests
 pytest-asyncio
 cffi==1.17.1
-cryptography==43.0.3
+cryptography~=44.0.1
 pycparser==2.22
-websockets==13.1
+websockets~=14.2
--- a/tests/test_session.py
+++ b/tests/test_session.py
@@ -5,6 +5,8 @@ import meshctrl
 import requests
 import random
 import io
 import traceback
 import time
 thisdir = os.path.dirname(os.path.realpath(__file__))
 async def test_admin(env):
@@ -77,6 +79,17 @@ async def test_users(env):
        pass
    else:
        raise Exception("Connected with no password")
    start = time.time()
    try:
        async with meshctrl.Session(env.mcurl, user="admin", password="The wrong password", ignore_ssl=True) as admin_session:
            pass
    except* meshctrl.exceptions.ServerError as eg:
        assert str(eg.exceptions[0]) == "Invalid Auth" or eg.exceptions[0].message == "Invalid Auth", "Didn't get invalid auth message"
        assert time.time() - start < 10, "Invalid auth wasn't raised until after timeout"
        pass
    else:
        raise Exception("Connected with bad password")
    async with meshctrl.Session(env.mcurl+"/", user="admin", password=env.users["admin"], ignore_ssl=True) as admin_session,\
               meshctrl.Session(env.mcurl, user="privileged", password=env.users["privileged"], ignore_ssl=True) as privileged_session,\
               meshctrl.Session(env.mcurl, user="unprivileged", password=env.users["unprivileged"], ignore_ssl=True) as unprivileged_session:
@@ -187,21 +200,24 @@ async def test_mesh_device(env):
        assert r[0].description == "New description", "Description either failed to change, or was changed by a user without permission to do so"
-        with env.create_agent(mesh.short_meshid) as agent:
+        # There once was a bug that occured whenever running run_commands with multiple meshes. We need to add devices to both meshes to be sure that bug is squashed.
        with env.create_agent(mesh.short_meshid) as agent,\
             env.create_agent(mesh.short_meshid) as agent2,\
             env.create_agent(mesh2.short_meshid) as agent3:
            # Test agent added to device group being propagated correctly
            # Create agent isn't so good at waiting for the agent to show in the sessions. Give it a couple seconds to appear.
            for i in range(3):
                try:
                    r = await admin_session.list_devices(timeout=10)
                    print("\ninfo list_devices: {}\n".format(r))
-                    assert len(r) == 1, "Incorrect number of agents connected"
+                    assert len(r) == 3, "Incorrect number of agents connected"
                except:
                    if i == 2:
                        raise
                    await asyncio.sleep(1)
                else:
                    break
-            assert len(await privileged_session.list_devices(timeout=10)) == 1, "Incorrect number of agents connected"
+            assert len(await privileged_session.list_devices(timeout=10)) == 2, "Incorrect number of agents connected"
            assert len(await unprivileged_session.list_devices(timeout=10)) == 0, "Unprivileged account has access to agent it should not"
            r = await admin_session.list_devices(details=True, timeout=10)
@@ -213,6 +229,9 @@ async def test_mesh_device(env):
            r = await admin_session.list_devices(meshid=mesh.meshid, timeout=10)
            print("\ninfo list_devices_meshid: {}\n".format(r))
            r = await admin_session.device_info(agent.nodeid, timeout=10)
            print("\ninfo admin_device_info: {}\n".format(r))
            # Test editing device info propagating correctly
            assert await admin_session.edit_device(agent.nodeid, name="new_name", description="New Description", tags="device", consent=meshctrl.constants.ConsentFlags.all, timeout=10), "Failed to edit device info"
@@ -221,9 +240,12 @@ async def test_mesh_device(env):
            assert await admin_session.edit_device(agent.nodeid, consent=meshctrl.constants.ConsentFlags.none, timeout=10), "Failed to edit device info"
            # Test run_commands
-            r = await admin_session.run_command(agent.nodeid, "ls", timeout=10)
+            r = await admin_session.run_command([agent.nodeid, agent2.nodeid], "ls", timeout=10)
            print("\ninfo run_command: {}\n".format(r))
            assert "meshagent" in r[agent.nodeid]["result"], "ls gave incorrect data"
            assert "meshagent" in r[agent2.nodeid]["result"], "ls gave incorrect data"
            assert "Run commands completed." not in r[agent.nodeid]["result"], "Didn't parse run command ending correctly"
            assert "Run commands completed." not in r[agent2.nodeid]["result"], "Didn't parse run command ending correctly"
            assert "meshagent" in (await privileged_session.run_command(agent.nodeid, "ls", timeout=10))[agent.nodeid]["result"], "ls gave incorrect data"
            # Test run commands with ndividual device permissions
@@ -252,7 +274,7 @@ async def test_mesh_device(env):
            # Test getting individual device info
            r = await unprivileged_session.device_info(agent.nodeid, timeout=10)
-            print("\ninfo device_info: {}\n".format(r))
+            print("\ninfo unprivileged_device_info: {}\n".format(r))
            # This device info includes the mesh ID of the device, even though the user doesn't have acces to that mesh. That's odd.
            # assert r.meshid is None, "Individual device is exposing its meshid"
Author	SHA1	Message	Date
Josiah Baldwin	e226fff8dd	Merge pull request #36 from HuFlungDu/hotfix/1.1.2 Hotfix/1.1.2 Fixes #35 Update Cryptography version to fix SSL vulnerability.	2025-02-17 12:11:08 -08:00
Josiah Baldwin	a07b0f129a	Updated changelog	2025-02-17 12:07:19 -08:00
Josiah Baldwin	64dc5eccdf	Updated cryptography requirement	2025-02-17 12:06:10 -08:00
Josiah Baldwin	1a7714663a	Updated changelog	2025-02-17 11:51:13 -08:00
Josiah Baldwin	0a59edd19a	Fixed semvar for requirements	2025-02-17 11:50:50 -08:00
Josiah Baldwin	351f425ce5	Merge pull request #32 from HuFlungDu/hotfix/1.1.1 Hotfix/1.1.1 Fix #29	2025-02-05 12:37:00 -08:00
Josiah Baldwin	77e76aeb7c	Updated changelog	2025-02-05 12:35:23 -08:00
Josiah Baldwin	5393321f7b	Fixed issue with getting device_info when multiple meshes are available	2025-02-05 12:30:13 -08:00
Josiah Baldwin	79554ebad6	Added differintiation between admin device info and unprivileged device info for tests, as unprivileged doesn't have any mesh info at the time of testing	2025-02-05 12:28:06 -08:00
Josiah Baldwin	1dbcd012ec	Added test to check for issue with mulitple meshes	2025-02-05 12:16:01 -08:00
Josiah Baldwin	ace6884991	Merge pull request #27 from HuFlungDu/release/1.1.0 Release/1.1.0 > main	2025-01-08 14:26:38 -08:00
Josiah Baldwin	fcfeac21a8	Updated changelog	2025-01-08 14:24:19 -08:00
Josiah Baldwin	19d10ee050	Merge pull request #25 from HuFlungDu/fix/multiple-run-commands fix/multiple-run-commands	2025-01-08 14:10:21 -08:00
Josiah Baldwin	0c9ebf0ff2	Merge pull request #23 from HuFlungDu/feat/test-meshcetral-overrides Feat/test-meshcentral-overrides	2025-01-08 14:10:13 -08:00
Josiah Baldwin	2556e72a73	Merge pull request #22 from HuFlungDu/fix/bad-auth Fix/bad-auth	2025-01-08 14:10:03 -08:00
Josiah Baldwin	cda5f610a1	Merge pull request #21 from HuFlungDu/fix/raw-event-off Fixed listening to raw not removing its listener correctly	2025-01-08 14:09:48 -08:00
Josiah Baldwin	125e6ac6ac	Added override directory which will be copied over meshcentral code for testing purposes	2025-01-08 13:54:21 -08:00
Josiah Baldwin	1b849473bb	Removed silencing of docker process. Useful for debugging server side things with overrides.	2025-01-08 13:48:41 -08:00
Josiah Baldwin	df25652ba6	Fixed run_commands parsing return from multiple devices incorrectly	2025-01-08 13:42:39 -08:00
Josiah Baldwin	9668e4d507	Added test for using run_command on multiple nodes	2025-01-08 13:38:49 -08:00
Josiah Baldwin	fe4c2fe874	Fixed connection errors not raising immediately	2025-01-08 13:26:04 -08:00
Josiah Baldwin	bb7cf17cd3	Added test for invalid auth	2025-01-08 13:23:21 -08:00