Add --i-hereby-declare-i-dont-want-any-security-whatsoever option. Fix #143

2026-05-26 07:08:08 +00:00 · 2017-05-15 15:32:39 +02:00
parent 574b3dc74b
commit 272891470c
5 changed files with 39 additions and 15 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,13 @@
+3.1.4
+=====
+
+* Add --i-hereby-declare-i-dont-want-any-security-whatsoever option (#143)
+
+3.1.3
+=====
+
+* Fix lsof parsing crash on python 2
+
 3.1.0
 =====

--- a/3
+++ b/3
@@ -20,9 +20,10 @@ lint:
 check-outdated:
 	$(PIP) list --outdated --format=columns

+ARGS ?= --port=1212 --unsecure --debug 
 run-debug:
 	sleep 0.5 && $(BROWSER) http://localhost:1212&
-	$(PYTHON) ./butterfly.server.py --port=1212 --unsecure --debug
+	$(PYTHON) ./butterfly.server.py $(ARGS)

 build-coffee:
 	$(NODE_MODULES)/.bin/grunt
--- a/butterfly.server.py
+++ b/butterfly.server.py
@@ -45,7 +45,8 @@ tornado.options.define("unminified", default=False,
 tornado.options.define("host", default='localhost', help="Server host")
 tornado.options.define("port", default=57575, type=int, help="Server port")
 tornado.options.define("keepalive_interval", default=30, type=int,
-                        help="Interval between ping packets sent from server to client (in seconds)")
+                       help="Interval between ping packets sent from server "
+                       "to client (in seconds)")
 tornado.options.define("one_shot", default=False,
                       help="Run a one-shot instance. Quit at term close")
 tornado.options.define("shell", help="Shell to execute at login")
@@ -54,10 +55,18 @@ tornado.options.define("cmd",
                       help="Command to run instead of shell, f.i.: 'ls -l'")
 tornado.options.define("unsecure", default=False,
                       help="Don't use ssl not recommended")
+tornado.options.define("i-hereby-declare-i-dont-want-any-security-whatsoever",
+                       default=False,
+                       help="Remove all security and warnings. There are some "
+                       "use cases for that. Use this if you really know what "
+                       "you are doing.")
 tornado.options.define("login", default=False,
                       help="Use login screen at start")
 tornado.options.define("pam_profile", default="", type=str,
-                       help="When --login=True provided and running as ROOT, use PAM with the specified PAM profile for authentication and then execute the user's default shell. Will override --shell.")
+                       help="When --login=True provided and running as ROOT, "
+                       "use PAM with the specified PAM profile for "
+                       "authentication and then execute the user's default "
+                       "shell. Will override --shell.")
 tornado.options.define("force_unicode_width",
                       default=False,
                       help="Force all unicode characters to the same width."
@@ -76,6 +85,7 @@ tornado.options.define("uri_root_path", default='',
                       help="Sets the servier root path: "
                       "example.com/<uri_root_path>/static/")

+
 if os.getuid() == 0:
    ev = os.getenv('XDG_CONFIG_DIRS', '/etc')
 else:
@@ -131,6 +141,9 @@ log = logging.getLogger('butterfly')
 host = options.host
 port = options.port

+if options.i_hereby_declare_i_dont_want_any_security_whatsoever:
+    options.unsecure = True
+

 if not os.path.exists(options.ssl_dir):
    os.makedirs(options.ssl_dir)
--- a/butterfly/templates/motd
+++ b/butterfly/templates/motd
@@ -19,7 +19,7 @@
              !                   !                  {{ colors.red if opts.unsecure else colors.green }}{{ butterfly.socket.remote_addr }}:{{ butterfly.socket.remote_port }}{{ colors.reset }}

 For more information type: {{ colors.white }}$ {{ colors.green }}butterfly help{{ colors.reset }}
-{% if opts.unsecure %}{{ colors.light_red + '\x1b[5m' }}/!\{{ colors.reset }} {{ colors.red }}This session is UNSECURE everyone can access you terminal at:
+{% if opts.unsecure and not opts.i_hereby_declare_i_dont_want_any_security_whatsoever %}{{ colors.light_red + '\x1b[5m' }}/!\{{ colors.reset }} {{ colors.red }}This session is UNSECURE everyone can access you terminal at:
 {{ uri }}
 {% else %}You can share your session with the following uri:
 {{ uri }}
--- a/butterfly/terminal.py
+++ b/butterfly/terminal.py
@@ -196,19 +196,19 @@ class Terminal(object):
            tty, os.getpid(),
            self.callee.name, self.uri)

-        if not tornado.options.options.unsecure or (
-                self.socket.local and
-                self.caller == self.callee and
-                server == self.callee
-        ) and not tornado.options.options.login:
+        local_login = (
+            self.socket.local and self.caller == self.callee and
+            server == self.callee)
+        secure = not tornado.options.options.unsecure
+        force_login = tornado.options.options.login
+        ignore_security = (
+            tornado.options.options.
+            i_hereby_declare_i_dont_want_any_security_whatsoever)
+
+        if not force_login and (ignore_security or secure or local_login):
            # User has been auth with ssl or is the same user as server
            # or login is explicitly turned off
-            if (
-                    not tornado.options.options.unsecure and not (
-                        self.socket.local and
-                        self.caller == self.callee and
-                        server == self.callee
-                    )):
+            if secure and not local_login:
                # User is authed by ssl, setting groups
                try:
                    os.initgroups(self.callee.name, self.callee.gid)