Merge pull request #36 from HuFlungDu/hotfix/1.1.2

Hotfix/1.1.2

Fixes #35 

Update Cryptography version to fix SSL vulnerability.

CHANGELOG.rst

@@ -2,7 +2,34 @@
 Changelog
 =========
 
+version 1.1.2
+=============
+Bugs:
+	* Fixed semver for requirements. New version of websockets broke this library.
+
+Security:
+	* Updated cryptogaphy to ~44.0.1 to fix ssl vulnerability.
+
+Version 1.1.1
+=============
+Bugs:
+	* Fixed bug when running device_info when user has access to multiple meshes
+
+Version 1.1.0
+=============
+Features:
+	* Added overrides for meshcentral files for testing purposes
+	* Added `users` field to `device` object
+
+Bugs:
+	* Fixed connection errors not raising immediately
+	* Fixed run_commands parsing return from multiple devices incorrectly
+	* Fixed listening to raw not removing its listener correctly
+	* Fixed javascript timecodes not being handled in gnu environments
+	* Changed some fstring formatting that locked the library into python >3.13
+
+
 Version 1.0.0
-===========
+=============
 
 First release

docs/requirements.txt

@@ -5,8 +5,8 @@ sphinx>=3.2.1
 sphinx-jinja2-compat>=0.1.1
 sphinx-toolbox>=2.16.0
 # sphinx_rtd_theme
-cffi==1.17.1
+cffi~=1.17.1
-cryptography==43.0.3
+cryptography~=44.0.1
-pycparser==2.22
+pycparser~=2.22
-websockets==13.1
+websockets~=14.2
 enum_tools

setup.cfg

@@ -44,9 +44,9 @@ python_requires = >=3.8
 # For more information, check out https://semver.org/.
 install_requires =
     importlib-metadata
-    cryptography>=43.0.3
+    cryptography~=44.0.1
-    websockets>=13.1
+    websockets~=14.2
-    python-socks[asyncio]
+    python-socks[asyncio]~=2.5.3
 
 
 [options.packages.find]

src/meshctrl/exceptions.py

@@ -2,7 +2,9 @@ class MeshCtrlError(Exception):
     """
     Base class for Meshctrl errors
     """
-    pass
+    def __init__(self, message, *args, **kwargs):
+        self.message = message
+        super().__init__(message, *args, **kwargs)
 
 class ServerError(MeshCtrlError):
     """
@@ -25,6 +27,7 @@ class FileTransferError(MeshCtrlError):
     """
     def __init__(self, message, stats):
         self.stats = stats
+        super().__init__(message)
 
 class FileTransferCancelled(FileTransferError):
     """

src/meshctrl/session.py

@@ -1363,10 +1363,10 @@ class Session(object):
                         node["meshid"] = meshid
                         if _mesh is not None:
                             node["mesh"] = _mesh
-                sysinfo["node"] = node
+                        break
-                sysinfo["nodeid"] = nodeid
+                else:
-                del sysinfo["result"]
+                    continue
-                del sysinfo["noinfo"]
+                break
         if node is None:
             raise ValueError("Invalid device id")
         if lastconnect is not None:
@@ -1463,6 +1463,7 @@ class Session(object):
                         result.setdefault(node, {})["complete"] = True
                         if all(_["complete"] for key, _ in result.items()):
                             break
+                        continue
                     elif (event["value"].startswith("Run commands")):
                         continue
                     result[node]["result"].append(event["value"])

src/meshctrl/util.py

@@ -140,17 +140,20 @@ def compare_dict(dict1, dict2):
         return False
 
 def _check_socket(f):
+    async def _check_errs(self):
+        if not self.alive and self._main_loop_error is not None:
+            raise self._main_loop_error
+        elif not self.alive and self.initialized.is_set():
+            raise exceptions.SocketError("Socket Closed")
+
     @functools.wraps(f)
     async def wrapper(self, *args, **kwargs):
         try:
-            async with asyncio.TaskGroup() as tg:
+            await asyncio.wait_for(self.initialized.wait(), 10)
-                tg.create_task(asyncio.wait_for(self.initialized.wait(), 10))
+            await _check_errs(self)
-                tg.create_task(asyncio.wait_for(self._socket_open.wait(), 10))
+            await asyncio.wait_for(self._socket_open.wait(), 10)
         finally:
-            if not self.alive and self._main_loop_error is not None:
+            await _check_errs(self)
-                raise self._main_loop_error
-            elif not self.alive and self.initialized.is_set():
-                raise exceptions.SocketError("Socket Closed")
             return await f(self, *args, **kwargs)
     return wrapper
 

tests/environment/__init__.py

@@ -62,7 +62,7 @@ class TestEnvironment(object):
             return self
         # Destroy the env in case it wasn't killed correctly last time.
         subprocess.check_call(["docker", "compose", "down"], stdout=subprocess.DEVNULL, cwd=thisdir)
-        self._subp = _docker_process = subprocess.Popen(["docker", "compose", "up", "--build", "--force-recreate", "--no-deps"], stdout=subprocess.DEVNULL, cwd=thisdir)
+        self._subp = _docker_process = subprocess.Popen(["docker", "compose", "up", "--build", "--force-recreate", "--no-deps"], cwd=thisdir)
         if not self._wait_for_meshcentral():
             self.__exit__(None, None, None)
             raise Exception("Failed to create docker instance")

tests/environment/config/meshcentral/overrides/.gitignore

@@ -0,0 +1,4 @@
+# Ignore everything in this directory
+*
+# Except this file
+!.gitignore

tests/environment/meshcentral.dockerfile

@@ -4,4 +4,5 @@ RUN apk add python3
 WORKDIR /opt/meshcentral/
 COPY ./scripts/meshcentral ./scripts
 COPY ./config/meshcentral/data /opt/meshcentral/meshcentral-data
+COPY ./config/meshcentral/overrides /opt/meshcentral/meshcentral
 CMD ["python3", "/opt/meshcentral/scripts/create_users.py"]

tests/requirements.txt

@@ -1,6 +1,6 @@
 requests
 pytest-asyncio
 cffi==1.17.1
-cryptography==43.0.3
+cryptography~=44.0.1
 pycparser==2.22
-websockets==13.1
+websockets~=14.2

tests/test_session.py

@@ -5,6 +5,8 @@ import meshctrl
 import requests
 import random
 import io
+import traceback
+import time
 thisdir = os.path.dirname(os.path.realpath(__file__))
 
 async def test_admin(env):
@@ -77,6 +79,17 @@ async def test_users(env):
         pass
     else:
         raise Exception("Connected with no password")
+
+    start = time.time()
+    try:
+        async with meshctrl.Session(env.mcurl, user="admin", password="The wrong password", ignore_ssl=True) as admin_session:
+            pass
+    except* meshctrl.exceptions.ServerError as eg:
+        assert str(eg.exceptions[0]) == "Invalid Auth" or eg.exceptions[0].message == "Invalid Auth", "Didn't get invalid auth message"
+        assert time.time() - start < 10, "Invalid auth wasn't raised until after timeout"
+        pass
+    else:
+        raise Exception("Connected with bad password")
     async with meshctrl.Session(env.mcurl+"/", user="admin", password=env.users["admin"], ignore_ssl=True) as admin_session,\
                meshctrl.Session(env.mcurl, user="privileged", password=env.users["privileged"], ignore_ssl=True) as privileged_session,\
                meshctrl.Session(env.mcurl, user="unprivileged", password=env.users["unprivileged"], ignore_ssl=True) as unprivileged_session:
@@ -187,21 +200,24 @@ async def test_mesh_device(env):
 
         assert r[0].description == "New description", "Description either failed to change, or was changed by a user without permission to do so"
 
-        with env.create_agent(mesh.short_meshid) as agent:
+        # There once was a bug that occured whenever running run_commands with multiple meshes. We need to add devices to both meshes to be sure that bug is squashed.
+        with env.create_agent(mesh.short_meshid) as agent,\
+             env.create_agent(mesh.short_meshid) as agent2,\
+             env.create_agent(mesh2.short_meshid) as agent3:
             # Test agent added to device group being propagated correctly
             # Create agent isn't so good at waiting for the agent to show in the sessions. Give it a couple seconds to appear.
             for i in range(3):
                 try:
                     r = await admin_session.list_devices(timeout=10)
                     print("\ninfo list_devices: {}\n".format(r))
-                    assert len(r) == 1, "Incorrect number of agents connected"
+                    assert len(r) == 3, "Incorrect number of agents connected"
                 except:
                     if i == 2:
                         raise
                     await asyncio.sleep(1)
                 else:
                     break
-            assert len(await privileged_session.list_devices(timeout=10)) == 1, "Incorrect number of agents connected"
+            assert len(await privileged_session.list_devices(timeout=10)) == 2, "Incorrect number of agents connected"
             assert len(await unprivileged_session.list_devices(timeout=10)) == 0, "Unprivileged account has access to agent it should not"
 
             r = await admin_session.list_devices(details=True, timeout=10)
@@ -213,6 +229,9 @@ async def test_mesh_device(env):
             r = await admin_session.list_devices(meshid=mesh.meshid, timeout=10)
             print("\ninfo list_devices_meshid: {}\n".format(r))
 
+            r = await admin_session.device_info(agent.nodeid, timeout=10)
+            print("\ninfo admin_device_info: {}\n".format(r))
+
             # Test editing device info propagating correctly
             assert await admin_session.edit_device(agent.nodeid, name="new_name", description="New Description", tags="device", consent=meshctrl.constants.ConsentFlags.all, timeout=10), "Failed to edit device info"
 
@@ -221,9 +240,12 @@ async def test_mesh_device(env):
             assert await admin_session.edit_device(agent.nodeid, consent=meshctrl.constants.ConsentFlags.none, timeout=10), "Failed to edit device info"
 
             # Test run_commands
-            r = await admin_session.run_command(agent.nodeid, "ls", timeout=10)
+            r = await admin_session.run_command([agent.nodeid, agent2.nodeid], "ls", timeout=10)
             print("\ninfo run_command: {}\n".format(r))
             assert "meshagent" in r[agent.nodeid]["result"], "ls gave incorrect data"
+            assert "meshagent" in r[agent2.nodeid]["result"], "ls gave incorrect data"
+            assert "Run commands completed." not in r[agent.nodeid]["result"], "Didn't parse run command ending correctly"
+            assert "Run commands completed." not in r[agent2.nodeid]["result"], "Didn't parse run command ending correctly"
             assert "meshagent" in (await privileged_session.run_command(agent.nodeid, "ls", timeout=10))[agent.nodeid]["result"], "ls gave incorrect data"
 
             # Test run commands with ndividual device permissions
@@ -252,7 +274,7 @@ async def test_mesh_device(env):
 
             # Test getting individual device info
             r = await unprivileged_session.device_info(agent.nodeid, timeout=10)
-            print("\ninfo device_info: {}\n".format(r))
+            print("\ninfo unprivileged_device_info: {}\n".format(r))
 
             # This device info includes the mesh ID of the device, even though the user doesn't have acces to that mesh. That's odd.
             # assert r.meshid is None, "Individual device is exposing its meshid"