Hacked By AnonymousFox

"""
This program is free software: you can redistribute it and/or modify it under
the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License,
or (at your option) any later version.


This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 
See the GNU General Public License for more details.


You should have received a copy of the GNU General Public License
 along with this program.  If not, see <https://www.gnu.org/licenses/>.

Copyright © 2019 Cloud Linux Software Inc.

This software is also available under ImunifyAV commercial license,
see <https://www.imunify360.com/legal/eula>
"""
import logging
import os
import subprocess

import psutil

from defence360agent.utils import (
    atomic_rewrite,
    is_systemd_boot,
    check_exit_code,
    check_run,
    retry_on,
    run,
)
from defence360agent.utils.kwconfig import KWConfig

logger = logging.getLogger(__name__)


class PureFTPBaseConfig(KWConfig):
    SEARCH_PATTERN = r"^\s*?{}\s+(.*?)\s*?$"
    WRITE_PATTERN = "{} {}"
    DEFAULT_FILENAME = "/etc/pure-ftpd.conf"


async def uploadscript_enable():
    if not is_systemd_boot():
        # for CentOS/CloudLinux 6
        await run(
            ["start", "imunify360-pure"],
            stdin=subprocess.DEVNULL,
            stdout=subprocess.DEVNULL,
            stderr=subprocess.DEVNULL,
        )
        atomic_rewrite("/etc/init/imunify360-pure.override", "", backup=False)
    else:
        await check_run(["systemctl", "enable", "imunify360-pure"])
        await check_run(["systemctl", "start", "imunify360-pure"])


async def uploadscript_disable():
    if not is_systemd_boot():
        # for CentOS/CloudLinux 6
        await run(
            ["stop", "imunify360-pure"],
            stdin=subprocess.DEVNULL,
            stdout=subprocess.DEVNULL,
            stderr=subprocess.DEVNULL,
        )
        atomic_rewrite(
            "/etc/init/imunify360-pure.override",
            "start on manual\n",
            backup=False,
        )
    else:
        await check_run(["systemctl", "stop", "imunify360-pure"])
        await check_run(["systemctl", "disable", "imunify360-pure"])


async def uploadscript_status():
    if not is_systemd_boot():
        # for CentOS/CloudLinux 6
        _, out, _ = await run(["status", "imunify360-pure"])
        return "start/running" in out.decode()
    else:
        rc, _, _ = await run(["systemctl", "status", "imunify360-pure"])
        return rc == 0


async def restart():
    if not is_systemd_boot():
        # for CentOS/CloudLinux 6
        await check_exit_code(["/etc/init.d/pure-ftpd", "restart"])
    else:
        try:
            await check_run(["systemctl", "restart", "pure-ftpd"])
        except Exception as err:
            if err.args and err.args[0] == 5:
                logger.warning(
                    "%s\nService pure-ftpd is probably deactivated.", repr(err)
                )
            else:
                raise


@retry_on(FileNotFoundError, max_tries=10)
def thirdparty_uploadscript():
    imunify_scripts = [
        "/opt/alt/python35/share/imunify360/scripts/pure_scan.sh",
        "/opt/alt/python35/share/imunify360/scripts/pureftpd-on-upload",
        "/usr/share/imunify360/scripts/pureftpd-on-upload",
    ]
    it = psutil.process_iter(attrs=["exe", "cmdline"])
    while True:
        try:
            proc = next(it)
        except StopIteration:
            break
        except FileNotFoundError as e:
            logger.warning("File not found during process iter: %s", e)
            raise
        else:
            if proc.info["exe"] == "/usr/sbin/pure-uploadscript" and all(
                proc.info["cmdline"] and script not in proc.info["cmdline"]
                for script in imunify_scripts
            ):
                return " ".join(proc.info["cmdline"])
    return None  # not found


def detect():
    return os.path.isfile("/usr/sbin/pure-ftpd") and os.access(
        "/usr/sbin/pure-ftpd", os.X_OK
    )


def get_pureftpd_configs(hosting_panel):
    configs = [PureFTPBaseConfig]
    if (
        hosting_panel.is_installed()
        and hosting_panel.pure_ftp_conf_cls is not None
    ):
        configs.append(hosting_panel.pure_ftp_conf_cls)
    return configs


async def enable_scan_in_config(hosting_panel):
    configs = get_pureftpd_configs(hosting_panel)
    for cls in configs:
        try:
            cls("CallUploadScript").set("yes")
        except OSError as e:
            logger.warning("Error when accessing pureftp config: %s", e)
    # this is required to update pure-ftpd config
    await restart()


def scan_in_config_enabled(hosting_panel):
    configs = get_pureftpd_configs(hosting_panel)
    for cls in configs:
        try:
            value = cls("CallUploadScript").get()
            if value is None or value.strip() == "no":
                return False
        except OSError as e:
            logger.warning("Error when accessing pureftp config: %s", e)
            return False
    return True


async def disable_purescan(hosting_panel):
    if thirdparty_uploadscript() is None:
        configs = get_pureftpd_configs(hosting_panel)
        for cls in configs:
            try:
                cls("CallUploadScript").set("no")
            except OSError as e:
                logger.warning("Error when accessing pureftp config: %s", e)
        # this is required to update pure-ftpd config
        await restart()
    await uploadscript_disable()