tis-clean-wapt-certificates-template icon

Clean WAPT Certificates Template

Paquet d’installation silencieuse pour Clean WAPT Certificates Template

2.0-4
Sécurité
Sécurité
Télécharger Build LUTI VirusTotal

  • package: tis-clean-wapt-certificates-template
  • name: Clean WAPT Certificates Template
  • version: 2.0-4
  • categories: Security
  • maintainer: WAPT Team,Tranquil IT,Jimmy PELÉ
  • locale: all
  • target_os: all
  • architecture: all
  • signature_date:
  • size: 6.33 Ko
  • conflicts :

package           : tis-clean-wapt-certificates-template
version           : 2.0-4
architecture      : all
section           : base
priority          : optional
name              : Clean WAPT Certificates Template
categories        : Security
maintainer        : WAPT Team,Tranquil IT,Jimmy PELÉ
description       : Cleaning the WAPT Agent certificates
depends           : 
conflicts         : tis-clean-certificates
maturity          : PROD
locale            : all
target_os         : all
min_wapt_version  : 2.0
sources           : 
installed_size    : 
impacted_process  : 
description_fr    : Nettoyage des certificats de l'agent WAPT
description_pl    : Czyszczenie certyfikatów agenta WAPT
description_de    : Reinigung der WAPT-Agent-Zertifikate
description_es    : Limpieza de los certificados del Agente WAPT
description_pt    : Limpeza dos certificados do agente WAPT
description_it    : Pulizia dei certificati dell'agente WAPT
description_nl    : Opschonen van de certificaten van de WAPT Agent
description_ru    : Очистка сертификатов агента WAPT
audit_schedule    : 5h
editor            : 
keywords          : 
licence           : 
homepage          : 
package_uuid      : 5fcead73-c977-43b2-9241-c69014f00bcd
valid_from        : 
valid_until       : 
forced_install_on : 
changelog         : 
min_os_version    : 
max_os_version    : 
icon_sha256sum    : 9420721210f5d9c50c9e35c9fdbf0a088b30e165df8311c5f2176ce60e122475
signer            : Tranquil IT
signer_fingerprint: 8c5127a75392be9cc9afd0dbae1222a673072c308c14d88ab246e23832e8c6bb
signature         : WebweyR2030CESzTqFyzszv8BhM4xxeMkxXrDn3HZwKLGSzrphfiEPpN5ewTJ5UtCeoK5LKr0yPeI/x5Dr7zk7LmCO/twvemQukiZyu0t+ZrtU9TxdJb3KvvwgjTRGBgBWxO9/VomE7sExxTQDEh8sc5nK/+1b6nH7XnDtjFx0GmZlwP253+6W8IMJIcMf5XLDr5R260EgEK7LE3WMtPtllD10uAQ6PQ+LemYAxcN7DIyJ+HyDa5XqKkqd82MNpRtfuAkFOLw3Gghl3tp8pu1nmnmv/ejc5p2keIxevXnNkkifhZ/7tv69hjhtseVJl5duPgqBvJE3jtOvNaign2ZQ==
signature_date    : 2022-07-31T02:20:56.140073
signed_attributes : package,version,architecture,section,priority,name,categories,maintainer,description,depends,conflicts,maturity,locale,target_os,min_wapt_version,sources,installed_size,impacted_process,description_fr,description_pl,description_de,description_es,description_pt,description_it,description_nl,description_ru,audit_schedule,editor,keywords,licence,homepage,package_uuid,valid_from,valid_until,forced_install_on,changelog,min_os_version,max_os_version,icon_sha256sum,signer,signer_fingerprint,signature_date,signed_attributes

# -*- coding: utf-8 -*-
from setuphelpers import *
from waptcrypto import SSLCertificate

r"""
Usable WAPT package functions: install(), uninstall(), session_setup(), audit(), update_package()

Procedure:
1-Make sure all your allowed Public WAPT certificates are in the same directory
2-Change path_to_all_allowed_wapt_crts variable with this directory
3-Run the update-package 
4-Copy and paste the returned list in allowed_wapt_crt_sha1_list variable
5-Rename and upload this package

"""
# Declaring global variables - Warnings: 1) WAPT context is only available in package functions; 2) Global variables are not persistent between calls
allowed_wapt_crt_sha1_list = [
    "5361b4b6f772bbae427template509c41e297666",
    "5e37d49c2a014a9436btemplate7ea0ea7a9e8323",
]



def install():
    # Declaring local variables
    wapt_ssl_path = makepath(WAPT.wapt_base_dir, "ssl")

    # Cleaning WAPT SSL Certificates
    print("Cleaning: WAPT SSL Certificates")
    for filepath in glob.glob(makepath(wapt_ssl_path, "*.*")):
        if filepath.endswith(".crt"):
            crt_fingerprint_sha1 = SSLCertificate(filepath).fingerprint_sha1
            crt_cn = SSLCertificate(filepath).cn
            if crt_fingerprint_sha1 not in allowed_wapt_crt_sha1_list:
                print("ERROR:       %s (CN: %s) is NOT an allowed certificate" % (filepath, crt_cn))
                print("Removing:    %s" % (filepath))
                remove_file(filepath)
            else:
                print("OK:          %s (CN: %s) is an allowed certificate" % (filepath, crt_cn))
        elif filepath.endswith(".pem"):
            print("Removing:        %s since no private key has to be here" % (filepath))
            remove_file(filepath)
        else:
            print("Removing:        %s since no other file needs to be here" % (filepath))
            remove_file(filepath)


def audit():
    # Declaring local variables
    result = "OK"
    wapt_ssl_path = makepath(WAPT.wapt_base_dir, "ssl")

    # Auditing WAPT SSL Certificates
    print("Auditing: WAPT SSL Certificates")
    for filepath in glob.glob(makepath(wapt_ssl_path, "*.*")):
        if not filepath.endswith(".crt") and not filepath.endswith(".pem"):
            print("WARNING:     %s is NOT an allowed file since no other file needs to be here" % (filepath))
            result = "WARNING"

        if filepath.endswith(".pem"):
            print("WARNING:     %s is NOT an allowed file since no private key has to be here" % (filepath))
            result = "WARNING"

        if filepath.endswith(".crt"):
            crt_fingerprint_sha1 = SSLCertificate(filepath).fingerprint_sha1
            crt_cn = SSLCertificate(filepath).cn
            if crt_fingerprint_sha1 not in allowed_wapt_crt_sha1_list:
                print("ERROR:       %s (CN: %s) is NOT an allowed certificate" % (filepath, crt_cn))
                result = "ERROR"
            else:
                print("OK:          %s (CN: %s) is an allowed certificate" % (filepath, crt_cn))

    # if result == "ERROR":
    if result != "OK":
        print("You have to reinstall this package to remove unallowed certificates or files")
    return result


# -*- coding: utf-8 -*-
from setuphelpers import *
from waptcrypto import SSLCertificate

def update_package():
    # Declaring local variables
    path_to_all_allowed_wapt_crts = r"C:\Users\username\Downloads\public_crts"
    crts_fingerprint_list = []
    for crt in glob.glob(makepath(path_to_all_allowed_wapt_crts, "*.crt")):
        crt_fingerprint_sha1 = SSLCertificate(crt).fingerprint_sha1
        crts_fingerprint_list.append(crt_fingerprint_sha1)
    print("You can copy-paste the following full list of SHA1 certificate get from .crt files located in: %s" % path_to_all_allowed_wapt_crts)
    print(crts_fingerprint_list)

07ce6a2bda9ba0849995d64444e55ca40c020bf7bd857629bb2e6ee4fbb55fb0 : setup.py
3a255758395f03dde363dfe650ab62fccdb99952365aa2361f793805bbf0186b : update_package.py
9420721210f5d9c50c9e35c9fdbf0a088b30e165df8311c5f2176ce60e122475 : WAPT/icon.png
a5a97261381e1d0ad46ee15916abec9c2631d0201f5cc50ceb0197a165a0bbbf : WAPT/certificate.crt
0c3fb6e1b35c9534190246eab4fe759b3a1dcaaf2fa0be0cfa2514b6d8060d77 : luti.json
ffa5b45a4e9b7843977ccac27f0109f3315e5435c5ca46bcd62a8c6f2d3f9087 : WAPT/control