From e11077772bf32f25613f4f559feee8c963ea5dda Mon Sep 17 00:00:00 2001 From: "gasperfele@fri1.uni-lj.si" Date: Thu, 29 Dec 2016 23:43:31 +0000 Subject: Fixes to multiple tasks git-svn-id: https://svn.lusy.fri.uni-lj.si/kpov-public-svn/kpov-public@377 5cf9fbd1-b2bc-434c-b4b7-e852f4f63414 --- .../tasks/copy_rename_20_files_tail_env/task.py | 7 +-- kpov_judge/tasks/custom_rdate/task.py | 18 ++++--- kpov_judge/tasks/ldap_search/task.py | 12 ++--- kpov_judge/tasks/nat_vlc/task.py | 60 ++++++++++++---------- kpov_judge/tasks/openvpn_simple_smb/task.py | 38 ++++++++++---- 5 files changed, 82 insertions(+), 53 deletions(-) (limited to 'kpov_judge/tasks') diff --git a/kpov_judge/tasks/copy_rename_20_files_tail_env/task.py b/kpov_judge/tasks/copy_rename_20_files_tail_env/task.py index 1388e45..e82e8ca 100644 --- a/kpov_judge/tasks/copy_rename_20_files_tail_env/task.py +++ b/kpov_judge/tasks/copy_rename_20_files_tail_env/task.py @@ -28,8 +28,9 @@ V domači mapi najdeš imenik {file_rename_dirname} z 20 datotekami. ki jo dobiš na naslovu http://localhost/{curl_fname} na malishell in število zapiši v spremenljivko $images na simpleArbiterDhcpGW v lupini, kjer poganjaš task_check.py - - V imeniku {wc_dirname} najdeš datoteko count.txt. Preštej število vrstic v njej - in rezultat zapiši v novo datoteko lines.txt v istem imeniku. + - V imeniku {wc_dirname} najdeš datoteko count.txt. Preštej število prehodov + v novo vrstico v count.txt in rezultat zapiši v novo datoteko - lines.txt + v istem imeniku. """, 'en':u""" Log into the system as student using vaje as your password. @@ -62,7 +63,7 @@ In your home folder you will find a directory called {file_rename_dirname} On simpleArbiterDhcpGW within the shell where you are running test_task.py, set the environment variable $images to this number. - In the directory {wc_dirname} there is a file called count.txt. Write the - number of lines in this file into the file lines.txt in the same + number of newlines in this file into the file lines.txt in the same directory. """ } diff --git a/kpov_judge/tasks/custom_rdate/task.py b/kpov_judge/tasks/custom_rdate/task.py index c278792..867e037 100644 --- a/kpov_judge/tasks/custom_rdate/task.py +++ b/kpov_judge/tasks/custom_rdate/task.py @@ -69,9 +69,9 @@ networks = { 'net1': {'public': False}, 'test-net': {'public': True} } # Tu sem dolocil parametre params_meta = { - 'RDATE_OFFSET':{'descriptions': {'si': 'Napaka v času pri rdate'}, 'w': False, 'public': False, 'type': 'integer', 'generated': True}, - 'PROGRAM_FILENAME':{'descriptions': {'si': 'Ime programa'}, 'w': False, 'public': True, 'type': 'integer', 'generated': True}, - 'IP_RDATECLIENT':{'descriptions': {'si': 'IP rdateClient'}, 'w': True, 'public': False, 'type': 'IP', 'generated': False}, + 'RDATE_OFFSET':{'descriptions': {'si': u'Napaka v času pri rdate', 'en': 'Timekeeping error for rdate'}, 'w': False, 'public': False, 'type': 'integer', 'generated': True}, + 'PROGRAM_FILENAME':{'descriptions': {'si': u'Ime programa', 'en': 'program filename'}, 'w': False, 'public': True, 'type': 'integer', 'generated': True}, + 'IP_RDATECLIENT':{'descriptions': {'si': u'IP rdateClient', "en": "rdateClient's IP"}, 'w': True, 'public': True, 'type': 'IP', 'generated': False}, } def task(IP_RDATECLIENT, PROGRAM_FILENAME): @@ -80,6 +80,7 @@ def task(IP_RDATECLIENT, PROGRAM_FILENAME): from paramiko import SSHClient import random import struct + import base64 results = dict() peer_user = 'test' peer_passwd = 'test' @@ -94,7 +95,7 @@ def task(IP_RDATECLIENT, PROGRAM_FILENAME): '~/{}'.format(PROGRAM_FILENAME)) data = struct.pack("!I", r.randint(0, 2**32)) stdin.write(data) - results['in_' + str(i)] = data + results['in_' + str(i)] = base64.encodestring(data) results['out_' + str(i)] = stdout.read() stdin, stdout, stderr = client.exec_command( 'date -u +"%s"') @@ -122,16 +123,19 @@ def gen_params(user_id, params_meta): def task_check(results, params): import random import struct + import base64 # print results r = random.Random(params['PROGRAM_FILENAME']) score = 0.0 hints = [] for i in xrange(10): - data = results['in_' + str(i)] - if data != struct.pack("!I", r.randint(0, 2**32)): + data = base64.decodestring(results['in_' + str(i)]) + x = struct.pack("!I", r.randint(0, 2**32)) + if data != x: + hints += ["data: " + str((data,)) + " != " + str((x,))] break res = results['out_' + str(i)] - if str(struct.unpack("!I", data)[0]) == res.strip(): + if str(struct.unpack("!i", data)[0]) == res.strip(): score += 0.5 else: hints += ["wrong convert"] diff --git a/kpov_judge/tasks/ldap_search/task.py b/kpov_judge/tasks/ldap_search/task.py index 250cee9..6889b13 100644 --- a/kpov_judge/tasks/ldap_search/task.py +++ b/kpov_judge/tasks/ldap_search/task.py @@ -101,12 +101,12 @@ computers = { networks = { 'net1': {'public': False}, 'test-net': {'public': True} } params_meta = { - 'LDAP_IP': {'descriptions': {'si': 'IP strežnika'}, 'w': True, 'public':True, 'type': 'IP', 'generated': False}, - 'DOMAIN': {'descriptions': {'si': 'Domena (poddomena kpov.lusy.fri.uni-lj.si)'}, 'w': False, 'public':True, 'type': 'username', 'generated': True}, - 'LDAP_USERNAME': {'descriptions': {'si': 'Uporabnisko ime v LDAP'}, 'w': False, 'public':True, 'type': 'username', 'generated': True}, - 'LDAP_PASSWORD': {'descriptions': {'si': 'Geslo v LDAP'}, 'w': False, 'public':True, 'type': 'password', 'generated': True}, - 'BIND_USERNAME': {'descriptions': {'si': 'Uporabnisko ime za dostop do LDAP'}, 'w': False, 'public':True, 'type': 'username', 'generated': True}, - 'BIND_PASSWORD': {'descriptions': {'si': 'Geslo za dostop do LDAP'}, 'w': False, 'public':True, 'type': 'password', 'generated': True}, + 'LDAP_IP': {'descriptions': {'si': u'IP strežnika', 'en': 'Server IP'}, 'w': True, 'public':True, 'type': 'IP', 'generated': False}, + 'DOMAIN': {'descriptions': {'si': u'Domena (poddomena kpov.lusy.fri.uni-lj.si)', 'en': 'Domain (subdomain of kpov.lusy.fri.uni-lj.si)'}, 'w': False, 'public':True, 'type': 'username', 'generated': True}, + 'LDAP_USERNAME': {'descriptions': {'si': u'Uporabniško ime v LDAP', 'en': 'Username in LDAP'}, 'w': False, 'public':True, 'type': 'username', 'generated': True}, + 'LDAP_PASSWORD': {'descriptions': {'si': u'Geslo v LDAP', 'en': 'LDAP password'}, 'w': False, 'public':True, 'type': 'password', 'generated': True}, + 'BIND_USERNAME': {'descriptions': {'si': u'Uporabniško ime za dostop do LDAP (bind)', 'en': 'Bind username in LDAP'}, 'w': False, 'public':True, 'type': 'username', 'generated': True}, + 'BIND_PASSWORD': {'descriptions': {'si': u'Geslo za dostop do LDAP (bind)', 'en': 'Bind password in LDAP'}, 'w': False, 'public':True, 'type': 'password', 'generated': True}, } def task(LDAP_IP, DOMAIN, LDAP_USERNAME, LDAP_PASSWORD, BIND_USERNAME, BIND_PASSWORD): diff --git a/kpov_judge/tasks/nat_vlc/task.py b/kpov_judge/tasks/nat_vlc/task.py index b43dd90..59cceaa 100644 --- a/kpov_judge/tasks/nat_vlc/task.py +++ b/kpov_judge/tasks/nat_vlc/task.py @@ -70,13 +70,10 @@ networks = { 'net1': {'public': False}, 'test-net': {'public': True} } #ne potrebujemo dnsjev in ip za malibreznewtork manager? params_meta = { -# 'IP_NM': {'descriptions': {'si': 'Naslov maliNetworkManager'}, 'w': False, 'public':True, 'type': 'IP', 'generated': True}, -# 'DNS_NM': {'descriptions': {'si': 'DNS za maliNetworkManager'}, 'w': False, 'public':True, 'type': 'IP', 'generated': True}, - 'IP_simple': {'descriptions': {'si': 'Naslov SimpleArbiter'}, 'w': False, 'public': True, 'type': 'IP', 'generated': True}, - 'IP_NAT': {'descriptions': {'si': 'Naslov NAT'}, 'w': False, 'public': True, 'type': 'IP', 'generated': True }, - 'IP_NAT_user': {'descriptions': {'si': 'Username na NATServer'}, 'w': False, 'public' : True, 'type' : 'username', 'generated' : True}, - 'IP_NAT_passwd': {'descriptions': {'si': 'Password na NATServer'}, 'w': True,'public' : True, 'type' : 'passwd', 'generated' : False}, -# 'DNS_static': {'descriptions': {'si': 'DNS za maliBrezNetworkManager'}, 'w': False, 'public': True, 'type': 'IP', 'generated': True}, + 'IP_simple': {'descriptions': {'si': 'Naslov SimpleArbiter', 'en': 'SimpleArbiter address'}, 'w': False, 'public': True, 'type': 'IP', 'generated': True}, + 'IP_NAT': {'descriptions': {'si': 'Naslov NATServer', 'en': 'NATServer address'}, 'w': False, 'public': True, 'type': 'IP', 'generated': True }, + 'IP_NAT_user': {'descriptions': {'si': 'Username na NATServer', 'en': 'Username on NATServer'}, 'w': False, 'public' : True, 'type' : 'username', 'generated' : True}, + 'IP_NAT_passwd': {'descriptions': {'si': 'Password na NATServer', 'en': 'Password on NATServer'}, 'w': True,'public' : True, 'type' : 'passwd', 'generated' : False}, } def task(IP_simple, IP_NAT, IP_NAT_user, IP_NAT_passwd): @@ -85,22 +82,19 @@ def task(IP_simple, IP_NAT, IP_NAT_user, IP_NAT_passwd): results = dict() # Connect to NAT povezava = pxssh.pxssh() - povezava.login(IP_NAT,IP_NAT_user,IP_NAT_passwd) - + povezava.login(IP_NAT,IP_NAT_user,IP_NAT_passwd) # Check if If IP_simple is connected to NAT - results['IP_simple ping to NAT'] = run('ping -c 5 IP_NAT') + results['IP_simple_ping_to_NAT'] = pexpect.run('ping -c 5 {}'.format(IP_NAT)) # Check routing table on IP_simple - results['IP_simple routing table'] = run('route -n') + results['IP_simple_routing_table'] = pexpect.run('/sbin/route -n') # Tracert Check if IP_simple is connected to internet - results['IP_simple to internet'] = run('traceroute 8.8.8.8') - # Check DNS - results['IP_simple dns'] = run('nslookup www.google.com') - # Check if IP_NAT ip forward is not 0 + povezava.prompt() + results['IP_simple_to_internet'] = pexpect.run('/usr/sbin/traceroute 8.8.8.8') povezava.prompt() povezava.sendline('cat /proc/sys/net/ipv4/ip_forward') povezava.prompt() - results['IP_NAT ip forward'] = povezava.before - povezava.logout(); + results['IP_NAT_ip_forward'] = povezava.before + povezava.logout() return results def gen_params(user_id, params_meta): @@ -111,6 +105,7 @@ def gen_params(user_id, params_meta): net = kpov_random_helpers.IPv4_net_gen(r, 253, True, False) # params['DNS_NM'] = r.choice(dns_servers) params['IP_NAT'], params['IP_simple'] = kpov_random_helpers.IPv4_addr_gen(r, net, 2) + params['IP_NAT_user'] = kpov_random_helpers.default_generators['username'](r) # params['IP_NM'] # params['IP_simple'] = kpov_random_helpers.IPv4_addr_gen(r, net, 1) # params['DNS_static'] = r.choice(dns_servers) @@ -120,17 +115,28 @@ def task_check(results, params): import re score = 0 hints = [] - if re.search(r'0% packet loss',results['IP_simple ping to NAT']): - score += 2 - if results['IP_NAT ip forward']=='1': - score += 2 - if not re.search(r'Network is unreachable',results['IP_simple to internet']): - score += 2 - if re.search(r'94.140.66.250',results['IP_simple dns']): + if re.search( + "PING.*\r\n64 bytes from {}: icmp_seq=[0-9]+ ttl=64 time=[0-9.]* ms".format( + params['IP_NAT']), results['IP_simple_ping_to_NAT']): + score += 3 + else: + hints.append("Ping to NAT incorrect") + if results['IP_NAT_ip_forward']=="cat /proc/sys/net/ipv4/ip_forward\r\n1\r\n": score += 2 - gateway='0.0.0.0\t'+params['IP_NAT'] - if re.search(gateway,results['IP_simple routing table']): - score += 2 + else: + hints.append("ip_forward not set on NAT?") + rs = r"1 +{0} +\({0}\)".format(params['IP_NAT']) + if re.search(rs, + results['IP_simple_to_internet']): + score += 3 + else: + hints.append("traceroute not OK") + gateway=r'0\.0\.0\.0 +{} +0\.0\.0\.0 +UG'.format(params['IP_NAT'].replace('.', '\.')) + if re.search(gateway,results['IP_simple_routing_table']) and \ + re.search("Kernel IP routing table\r\nDestination", results['IP_simple_routing_table']): + score += 2 + else: + hints.append("route not OK") return score, hints def prepare_disks(templates, task_params, global_params): diff --git a/kpov_judge/tasks/openvpn_simple_smb/task.py b/kpov_judge/tasks/openvpn_simple_smb/task.py index 4243454..1ff035b 100644 --- a/kpov_judge/tasks/openvpn_simple_smb/task.py +++ b/kpov_judge/tasks/openvpn_simple_smb/task.py @@ -13,10 +13,11 @@ Na VPNClient1 namestite OpenVPN in program za nadzor nad virtualnimi napravami Na strežniku SimpleArbiterVPN že teče VPN strežnik in uporablja skrivnost, ki jo najdete tudi na VPNClient1 v domačem imeniku uporabnika student. Na VPNClient1 vzpostavite VPN tako, da napišete primerno datoteko z -nastavitvami. +nastavitvami. VPNClient1 na navideznem lokalnem omrežju nastavite naslov +{IP_VPNClient1} Nato poskrbite, da bo na VPNClient1 na navideznem omrežju prek NFS omogočen -dostop do imenika /home/tester/{DIRNAME}. +dostop do imenika /home/test/{DIRNAME}. V ta imenik skopirajte datoteke, ki so prek SMB dostopne na SimpleArbiter. """, 'en':u""" @@ -24,7 +25,8 @@ Setup two virtual machines - SimpleArbiterVPN and a VPN client (VPNClient1). Set the client's network up so that it has access to the internal network and the internet. On VPNClient1, install OpenVPN and a program for supervising virtual devices -(which you will use to create a tap device). +(which you will use to create a tap device). On the VPN, set the IP for +VPNClient1 to {IP_VPNClient1}. An OpenVPN server is already running on SimpleArbiterVPN. Use the secret available on VPNClient1 in the home directory of user student to connect to @@ -194,7 +196,7 @@ def task_check(results, params): # zal si se nisem prišla na jasno s pingi IP_SA = params['IP_SimpleArbiterVPN'].replace('.', '\.') IP_C1 = params['IP_VPNClient1'].replace('.', '\.') - rs = r"tap0 +Link encap:Ethernet +HWaddr [a-f0-9:]+ *\r\n +inet addr:{}".format( + rs = r"tap0: flags=.* mtu 1500\r\n +inet {}".format( IP_SA) # print rs, re.match(rs, results['SimpleArbiter_ifconfig']) if re.search(rs, @@ -202,17 +204,19 @@ def task_check(results, params): score += 1 # print "ifconfig OK" else: + hints.append("ifconfig on SimpleArbiter not OK") pass # print ('SA_ifconfig', results['SimpleArbiter_ifconfig']) # results['SimpleArbiter_route'] = pexpect.run( if re.search( - "PING.*\r\n64 bytes from {}: icmp_req=[0-9]+ ttl=64 time=[0-9.]* ms".format( + "PING.*\r\n64 bytes from {}: icmp_seq=[0-9]+ ttl=64 time=[0-9.]* ms".format( IP_C1), results['SimpleArbiter_ping_C1']): # print "Server ping OK" score += 1 else: + hints.append("ping from server not OK") pass # print ("Server ping", results['SimpleArbiter_ping_C1']) # ignore this @@ -223,6 +227,7 @@ def task_check(results, params): results['SimpleArbiter_traceroute']): score += 1 else: + hints.append("traceroute not OK") pass # print ("fail!", rs, results['SimpleArbiter_traceroute']) if results['VPNClient1_nfs_access_control_list'].find( @@ -234,10 +239,12 @@ def task_check(results, params): params['DIRNAME'])): # print "mount OK" score += 1 + else: + hints.append("mount not OK") # get r into the correct state r = random.Random(params['secret_random_seed']) s = "\n".join([ - "".join([r.choice("0123456789abcdef") for i in xrange(16)]) + "".join([r.choice("0123456789abcdef") for i in xrange(32)]) for i in xrange(16)]) keyfile = kpov_random_helpers.fname_gen(r, extension=False) # now check the filenames @@ -247,31 +254,39 @@ def task_check(results, params): foo = kpov_random_helpers.fortune(r, 4096) pos = results['SimpleArbiter_ls'].find(fname + '.txt') fnames_ok = fnames_ok and pos >= 0 + #if pos < 0: + # hints.append("missing file:" + fname) if fnames_ok: score += 2 + else: + hints.append("shared filenames not OK:") # Ping the VPN server if re.search( - "PING.*\r\n64 bytes from {}: icmp_req=[0-9]+ ttl=64 time=[0-9.]* ms".format( + "PING.*\r\n64 bytes from {}: icmp_seq=[0-9]+ ttl=64 time=[0-9.]* ms".format( IP_SA), results['VPNClient1_ping_VPN_server']): # print "ping OK" score += 1 else: + hints.append("ping from client not OK") pass # print "Client ping", results['VPNClient1_ping_VPN_server'] - rs = r"tap0 +Link encap:Ethernet +HWaddr [a-f0-9:]+ *\r\n +inet addr:{}".format( + rs = r"tap0: flags=.* mtu 1500\r\n +inet {}".format( IP_C1) if re.search(rs, results['VPNClient1_ifconfig']): score += 1 # print "ifconfig OK" else: + hints.append("ifconfig on VPNClient1 not OK") pass # print ('VPNClient1_ifconfig', results['VPNClient1_ifconfig']) if results['VPNClient1_ps'].find('openvpn') > 0: score += 1 + else: + hints.append("openvpn not found running on VPNClient") return score, hints @@ -284,9 +299,12 @@ def prepare_disks(templates, task_params, global_params): import random r = random.Random(task_params['secret_random_seed']) s = "\n".join([ - "".join([r.choice("0123456789abcdef") for i in xrange(16)]) + "".join([r.choice("0123456789abcdef") for i in xrange(32)]) for i in xrange(16)]) - s = """-----BEGIN OpenVPN Static key V1----- + s = """# +# 2048 bit OpenVPN static key +# +-----BEGIN OpenVPN Static key V1----- {} -----END OpenVPN Static key V1----- """.format(s) -- cgit v1.2.1