From a0bd7adde20e1b89768b3784aeb9c03e851d7c70 Mon Sep 17 00:00:00 2001 From: Yuce Tekol Date: Fri, 3 May 2019 02:10:00 +0300 Subject: initial commit --- LICENSE | 31 +++++++++++++++++++++++++++ README.md | 52 ++++++++++++++++++++++++++++++++++++++++++++++ openbsd/__init__.py | 48 ++++++++++++++++++++++++++++++++++++++++++ openbsd/openbsd_builder.py | 20 ++++++++++++++++++ requirements.txt | 2 ++ setup.py | 30 ++++++++++++++++++++++++++ 6 files changed, 183 insertions(+) create mode 100644 LICENSE create mode 100644 README.md create mode 100644 openbsd/__init__.py create mode 100644 openbsd/openbsd_builder.py create mode 100644 requirements.txt create mode 100644 setup.py diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..7b43d06 --- /dev/null +++ b/LICENSE @@ -0,0 +1,31 @@ +Copyright 2019 yuce. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: + +1. Redistributions of source code must retain the above copyright +notice, this list of conditions and the following disclaimer. + +2. Redistributions in binary form must reproduce the above copyright +notice, this list of conditions and the following disclaimer in the +documentation and/or other materials provided with the distribution. + +3. Neither the name of the copyright holder nor the names of its +contributors may be used to endorse or promote products derived +from this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND +CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, +INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR +CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING +NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH +DAMAGE. diff --git a/README.md b/README.md new file mode 100644 index 0000000..71df894 --- /dev/null +++ b/README.md @@ -0,0 +1,52 @@ +# openbsd + +Python bindings for some OpenBSD-specific APIs. Currently the following are supported: +* `pledge` +* `unveil` + +## Change Log + +* **v0.1.0** (2019-05-03) + * Initial release. + +## Installation + +Openbsd is on PyPI. You can install it using pip: + + pip install openbsd + +### Prerequisites + +* OpenBSD 6.4 or better +* Python 3.6 or better OR Python 2.7 + +## Usage + +Import `openbsd` first: +```python +import openbsd +``` + +### pledge + +```python +pledge("stdio rpath") +print(open("/etc/resolv.conf")) +``` + +Try removing `rpath` permission. + +### unveil + +```python +unveil("/etc", "r") +print(open("/etc/resolv.conf")) +``` + +Try reading `/bin/ksh`. + +## License + +(c) 2019 Yuce Tekol + +[BSD](LICENSE) diff --git a/openbsd/__init__.py b/openbsd/__init__.py new file mode 100644 index 0000000..8810370 --- /dev/null +++ b/openbsd/__init__.py @@ -0,0 +1,48 @@ + +import sys +from cffi import FFI +from _openbsd import lib as _lib + +__all__ = ["pledge", "unveil"] + +_ffi = FFI() + + +def pledge(promises=None, execpromises=None): + promises = _ffi.NULL if promises is None else _encode(promises) + execpromises = _ffi.NULL if execpromises is None else _encode(execpromises) + ret = _lib.pledge(promises, execpromises) + if ret < 0: + errno = _ffi.errno + raise OSError(errno, _decode(_ffi.string(_lib.strerror(errno), 256))) + + +def unveil(path=None, permissions=None): + path = _ffi.NULL if path is None else _encode(path) + permissions = _ffi.NULL if permissions is None else _encode(permissions) + ret = _lib.unveil(path, permissions) + if ret < 0: + errno = _ffi.errno + raise OSError(errno, _decode(_ffi.string(_lib.strerror(errno), 256))) + + +if isinstance(b"openbsd", str): + # Python 2 + def _encode(text): + if isinstance(text, unicode): + return text.encode("ascii") + return text + + def _decode(text): + return text +else: + # Python 3 + def _encode(text): + if isinstance(text, str): + return text.encode("ascii") + return text + + def _decode(text): + return text.decode("ascii") + + diff --git a/openbsd/openbsd_builder.py b/openbsd/openbsd_builder.py new file mode 100644 index 0000000..8ca0bc5 --- /dev/null +++ b/openbsd/openbsd_builder.py @@ -0,0 +1,20 @@ + +from cffi import FFI +ffibuilder = FFI() + +ffibuilder.cdef(''' + int pledge(const char *promises, const char *execpromises); + int unveil(const char *path, const char *permissions); + char *strerror(int errnum); +''') + +ffibuilder.set_source("_openbsd", +""" + #include + #include +""") + +if __name__ == "__main__": + ffibuilder.compile(verbose=True) + + diff --git a/requirements.txt b/requirements.txt new file mode 100644 index 0000000..3226321 --- /dev/null +++ b/requirements.txt @@ -0,0 +1,2 @@ +cffi==1.12.3 +pycparser==2.19 diff --git a/setup.py b/setup.py new file mode 100644 index 0000000..c21b9e0 --- /dev/null +++ b/setup.py @@ -0,0 +1,30 @@ +# Author: yuce +# Created on: 2019-05-03, at: 01:50 +0300 + +import sys +import os +import io +import os.path +from setuptools import setup + +with io.open("README.md", encoding="utf-8") as f: + long_description = f.read() + +setup(name="openbsd", + version="0.1.0", + url="", + download_url="", + author="yuce", + author_email="", + description="", + long_description=long_description, + long_description_content_type="text/markdown", + license="", + packages=["openbsd"], + keywords=["OpenBSD"], + setup_requires=["cffi>=1.12.3"], + cffi_modules=["openbsd/openbsd_builder.py:ffibuilder"], + install_requires=["cffi>=1.12.3"], + tests_require=["pytest", "pytest-cov"], + classifiers=[], +) -- cgit 1.4.1-2-gfad0