diff --git a/LICENSE b/LICENSE index f4b5039..f377280 100644 --- a/LICENSE +++ b/LICENSE @@ -186,7 +186,7 @@ same "printed page" as the copyright notice for easier identification within third-party archives. - Copyright (c) 2018-2023 Splunk Inc. + Copyright (c) 2018-2024 Splunk Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/NOTICE b/NOTICE index 7dcb1d0..fd78933 100644 --- a/NOTICE +++ b/NOTICE @@ -1,5 +1,5 @@ Splunk SOAR Windows Remote Management -Copyright (c) 2018-2023 Splunk Inc. +Copyright (c) 2018-2024 Splunk Inc. Third-party Software Attributions: @@ -10,11 +10,6 @@ Copyright 2004-2017 Leonard Richardson Copyright 2004-2019 Leonard Richardson Copyright 2018 Isaac Muse -Library: ntlm-auth -Version: 1.5.0 -License: MIT -Copyright 2018 Jordan Borean, Red Hat - Library: pycparser Version: 2.21 License: BSD 3 @@ -22,11 +17,6 @@ Copyright 2008-2020 Eli Bendersky Copyright parser in Python Copyright parser in Python -Library: requests -Version: 2.25.0 -License: Apache 2.0 -Kenneth Reitz - Library: six Version: 1.15.0 License: MIT diff --git a/README.md b/README.md index 3c9921a..3c50fdf 100644 --- a/README.md +++ b/README.md @@ -12,7 +12,7 @@ This app integrates with the Windows Remote Management service to execute variou [comment]: # "" [comment]: # " File: README.md" -[comment]: # " Copyright (c) 2018-2023 Splunk Inc." +[comment]: # " Copyright (c) 2018-2024 Splunk Inc." [comment]: # " " [comment]: # " Licensed under Apache 2.0 (https://www.apache.org/licenses/LICENSE-2.0.txt)" [comment]: # "" diff --git a/__init__.py b/__init__.py index f8b589a..8600f45 100644 --- a/__init__.py +++ b/__init__.py @@ -1,6 +1,6 @@ # File: __init__.py # -# Copyright (c) 2018-2023 Splunk Inc. +# Copyright (c) 2018-2024 Splunk Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/manual_readme_content.md b/manual_readme_content.md index b3179e7..33117a0 100644 --- a/manual_readme_content.md +++ b/manual_readme_content.md @@ -1,6 +1,6 @@ [comment]: # "" [comment]: # " File: README.md" -[comment]: # " Copyright (c) 2018-2023 Splunk Inc." +[comment]: # " Copyright (c) 2018-2024 Splunk Inc." [comment]: # " " [comment]: # " Licensed under Apache 2.0 (https://www.apache.org/licenses/LICENSE-2.0.txt)" [comment]: # "" diff --git a/parse_callbacks.py b/parse_callbacks.py index d4cec5b..d22ebd1 100644 --- a/parse_callbacks.py +++ b/parse_callbacks.py @@ -1,6 +1,6 @@ # File: parse_callbacks.py # -# Copyright (c) 2018-2023 Splunk Inc. +# Copyright (c) 2018-2024 Splunk Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/release_notes/2.2.7.md b/release_notes/2.2.7.md deleted file mode 100644 index 0fc4cc1..0000000 --- a/release_notes/2.2.7.md +++ /dev/null @@ -1,2 +0,0 @@ -* [PAPP-32933] Kerberos and Certificate authentication support. - * User can now select Certificate and Kerberos as transport methods \ No newline at end of file diff --git a/release_notes/unreleased.md b/release_notes/unreleased.md index fbcb2fd..ec31213 100644 --- a/release_notes/unreleased.md +++ b/release_notes/unreleased.md @@ -1 +1,2 @@ **Unreleased** +* Removed certifi and requests dependencies in order to use platform packages [PAPP-31096, PAPP-30822] diff --git a/wheels/py3/certifi-2023.7.22-py3-none-any.whl b/wheels/py3/certifi-2023.7.22-py3-none-any.whl deleted file mode 100644 index 78dfe27..0000000 Binary files a/wheels/py3/certifi-2023.7.22-py3-none-any.whl and /dev/null differ diff --git a/wheels/py3/idna-3.4-py3-none-any.whl b/wheels/py3/idna-3.4-py3-none-any.whl deleted file mode 100644 index 7343c68..0000000 Binary files a/wheels/py3/idna-3.4-py3-none-any.whl and /dev/null differ diff --git a/wheels/py3/requests-2.31.0-py3-none-any.whl b/wheels/py3/requests-2.31.0-py3-none-any.whl deleted file mode 100644 index bfd5d2e..0000000 Binary files a/wheels/py3/requests-2.31.0-py3-none-any.whl and /dev/null differ diff --git a/wheels/py3/urllib3-2.0.7-py3-none-any.whl b/wheels/py3/urllib3-2.0.7-py3-none-any.whl deleted file mode 100644 index 9e6f189..0000000 Binary files a/wheels/py3/urllib3-2.0.7-py3-none-any.whl and /dev/null differ diff --git a/wheels/py39/charset_normalizer-3.3.1-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl b/wheels/py39/charset_normalizer-3.3.1-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl deleted file mode 100644 index d00bf3a..0000000 Binary files a/wheels/py39/charset_normalizer-3.3.1-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl and /dev/null differ diff --git a/winrm.json b/winrm.json index c221775..3a0dd9d 100644 --- a/winrm.json +++ b/winrm.json @@ -9,7 +9,7 @@ "product_name": "Windows Remote Management", "product_version_regex": ".*", "publisher": "Splunk", - "license": "Copyright (c) 2018-2023 Splunk Inc.", + "license": "Copyright (c) 2018-2024 Splunk Inc.", "app_version": "2.2.7", "utctime_updated": "2023-12-05T12:42:47.000000Z", "package_name": "phantom_winrm", @@ -3307,26 +3307,14 @@ "module": "beautifulsoup4", "input_file": "wheels/py3/beautifulsoup4-4.9.1-py3-none-any.whl" }, - { - "module": "certifi", - "input_file": "wheels/py3/certifi-2023.7.22-py3-none-any.whl" - }, { "module": "cffi", "input_file": "wheels/py39/cffi-1.16.0-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl" }, - { - "module": "charset_normalizer", - "input_file": "wheels/py39/charset_normalizer-3.3.1-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl" - }, { "module": "cryptography", "input_file": "wheels/py3/cryptography-41.0.5-cp37-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl" }, - { - "module": "idna", - "input_file": "wheels/py3/idna-3.4-py3-none-any.whl" - }, { "module": "pycparser", "input_file": "wheels/shared/pycparser-2.21-py2.py3-none-any.whl" @@ -3351,14 +3339,10 @@ "module": "soupsieve", "input_file": "wheels/py3/soupsieve-2.5-py3-none-any.whl" }, - { - "module": "urllib3", - "input_file": "wheels/py3/urllib3-2.0.7-py3-none-any.whl" - }, { "module": "xmltodict", "input_file": "wheels/shared/xmltodict-0.13.0-py2.py3-none-any.whl" } ] } -} \ No newline at end of file +} diff --git a/winrm_connector.py b/winrm_connector.py index 6bbf806..e1b99a5 100644 --- a/winrm_connector.py +++ b/winrm_connector.py @@ -1,6 +1,6 @@ # File: winrm_connector.py # -# Copyright (c) 2018-2023 Splunk Inc. +# Copyright (c) 2018-2024 Splunk Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -187,19 +187,6 @@ def _sanitize_string(self, string): # break any double quotes which are found, then we break any $, which is used to declare variables return string.replace('`', '``').replace('"', '`"').replace('$', '`$').replace('&', '`&').replace(')', '`)').replace('(', '`(') - def _get_fips_enabled(self): - try: - from phantom_common.install_info import is_fips_enabled - except ImportError: - return False - - fips_enabled = is_fips_enabled() - if fips_enabled: - self.debug_print('FIPS is enabled') - else: - self.debug_print('FIPS is not enabled') - return fips_enabled - def _create_ps_script(self, action_result, args, whitelist_args=set(), cmd_prefix="", cmd_suffix=""): # Here, you can pass it something like {"val1": "value"} which will generate a string for "-val1 value" # "For your convenience" you can also pass it a list of strings and dicts, something like [val1, {"val2": "asdf"}, foo], @@ -237,19 +224,19 @@ def _create_ps_script(self, action_result, args, whitelist_args=set(), cmd_prefi def _init_session(self, action_result, param=None): config = self.get_config() - default_protocol = config.get(consts.WINRM_CONFIG_PROTOCOL, 'http') + default_protocol = config.get('default_protocol', 'http') ret_val, default_port = self._validate_integer( action_result, - config.get(consts.WINRM_CONFIG_PORT, 5985 if default_protocol == 'http' else 5986), + config.get('default_port', 5985 if default_protocol == 'http' else 5986), "Default port", True) if phantom.is_fail(ret_val): return action_result.get_status() - endpoint = self._handle_py_ver_compat_for_input_str(config.get(consts.WINRM_CONFIG_ENDPOINT)) if param: - endpoint = self._handle_py_ver_compat_for_input_str(param.get('ip_hostname', endpoint)) - + endpoint = self._handle_py_ver_compat_for_input_str(param.get('ip_hostname', config.get('endpoint'))) + else: + endpoint = self._handle_py_ver_compat_for_input_str(config.get('endpoint')) if endpoint is None: return action_result.set_status( phantom.APP_ERROR, "No Endpoint Configured" @@ -258,16 +245,12 @@ def _init_session(self, action_result, param=None): endpoint = '{0}://{1}'.format(default_protocol, endpoint) if re.search(r':\d+$', endpoint, re.UNICODE | re.IGNORECASE) is None: endpoint = '{0}:{1}'.format(endpoint, default_port) - username = config[consts.WINRM_CONFIG_USERNAME] - password = config[consts.WINRM_CONFIG_PASSWORD] - transport = config.get(consts.WINRM_CONFIG_TRANSPORT) - domain = self._handle_py_ver_compat_for_input_str(config.get(consts.WINRM_CONFIG_DOMAIN)) + username = config['username'] + password = config['password'] + transport = config.get('transport') + domain = self._handle_py_ver_compat_for_input_str(config.get('domain')) verify_bool = config.get(phantom.APP_JSON_VERIFY, False) - cert_pem_path = None - cert_key_pem_path = None - cert_ca_trust_path = config.get(consts.WINRM_CONFIG_CA_TRUST, "legacy_requests") - if verify_bool: verify = 'validate' else: @@ -279,18 +262,12 @@ def _init_session(self, action_result, param=None): "Warning: Domain is set but transport type is set to 'basic'" ) elif transport == 'ntlm': - if self._get_fips_enabled(): - return action_result.set_status( - phantom.APP_ERROR, "This transport type is not supported when FIPS is enabled" - ) if domain: username = r'{}\{}'.format(domain, username) elif transport == 'kerberos': - username = r'{}\{}'.format(domain, username) - elif transport == 'certificate': - username = r'{}\{}'.format(domain, username) - cert_pem_path = config.get(consts.WINRM_CONFIG_CERT_PEM) - cert_key_pem_path = config.get(consts.WINRM_CONFIG_CERT_KEY_PEM) + return action_result.set_status( + phantom.APP_ERROR, "This transport type is not yet implemented" + ) elif transport == 'credssp': return action_result.set_status( phantom.APP_ERROR, "This transport type is not yet implemented" @@ -304,10 +281,7 @@ def _init_session(self, action_result, param=None): endpoint, auth=(username, password), server_cert_validation=verify, - transport=transport, - cert_pem=cert_pem_path, - cert_key_pem=cert_key_pem_path, - ca_trust_path=cert_ca_trust_path + transport=transport ) self._protocol = self._session.protocol diff --git a/winrm_consts.py b/winrm_consts.py index da20f5e..d4a34f5 100644 --- a/winrm_consts.py +++ b/winrm_consts.py @@ -1,6 +1,6 @@ # File: winrm_consts.py # -# Copyright (c) 2018-2023 Splunk Inc. +# Copyright (c) 2018-2024 Splunk Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -108,16 +108,3 @@ LOCATION_VALUE_LIST = ["local", "domain", "effective"] DENY_ALLOW_VALUE_LIST = ["deny", "allow"] VALUE_LIST_VALIDATION_MESSAGE = "Please provide valid input from {} in '{}' action parameter" - -# Config keys - -WINRM_CONFIG_ENDPOINT = "endpoint" -WINRM_CONFIG_PROTOCOL = "default_protocol" -WINRM_CONFIG_PORT = "default_port" -WINRM_CONFIG_USERNAME = "username" -WINRM_CONFIG_PASSWORD = "password" -WINRM_CONFIG_TRANSPORT = "transport" -WINRM_CONFIG_DOMAIN = "domain" -WINRM_CONFIG_CERT_PEM = "cert_pem_path" -WINRM_CONFIG_CERT_KEY_PEM = "cert_key_pem_path" -WINRM_CONFIG_CA_TRUST = "ca_trust_path"