PyBitmessage/src/depends.py

322 lines
13 KiB
Python
Raw Normal View History

#! python
import subprocess
import sys
import os
import pyelliptic.openssl
# Only really old versions of Python don't have sys.hexversion. We don't
# support them. The logging module was introduced in Python 2.3
if not hasattr(sys, 'hexversion') or sys.hexversion < 0x20300F0:
sys.stdout.write('Python version: ' + sys.version)
sys.stdout.write('PyBitmessage requires Python 2.7.3 or greater (but not Python 3)')
sys.exit()
# We can now use logging so set up a simple configuration
import logging
formatter = logging.Formatter(
'%(levelname)s: %(message)s'
)
handler = logging.StreamHandler(sys.stdout)
handler.setFormatter(formatter)
logger = logging.getLogger(__name__)
logger.addHandler(handler)
logger.setLevel(logging.ERROR)
# We need to check hashlib for RIPEMD-160, as it won't be available
# if OpenSSL is not linked against or the linked OpenSSL has RIPEMD
# disabled.
def check_hashlib():
"""Do hashlib check.
The hashlib module check with version as if it included or not
in The Python Standard library , its a module containing an
interface to the most popular hashing algorithms. hashlib
implements some of the algorithms, however if OpenSSL
installed, hashlib is able to use this algorithms as well.
"""
if sys.hexversion < 0x020500F0:
logger.error('The hashlib module is not included in this version of Python.')
return False
import hashlib
if '_hashlib' not in hashlib.__dict__:
logger.error('The RIPEMD-160 hash algorithm is not available. The hashlib module is not linked against OpenSSL.')
return False
try:
hashlib.new('ripemd160')
except ValueError:
logger.error('The RIPEMD-160 hash algorithm is not available. The hashlib module utilizes an OpenSSL library with RIPEMD disabled.')
return False
return True
def check_sqlite():
"""Do sqlite check.
Simply check sqlite3 module if exist or not with hexversion
support in python version for specifieed platform.
"""
if sys.hexversion < 0x020500F0:
logger.error('The sqlite3 module is not included in this version of Python.')
if sys.platform.startswith('freebsd'):
logger.error('On FreeBSD, try running "pkg install py27-sqlite3" as root.')
return False
try:
import sqlite3
except ImportError:
logger.error('The sqlite3 module is not available')
return False
logger.info('sqlite3 Module Version: ' + sqlite3.version)
logger.info('SQLite Library Version: ' + sqlite3.sqlite_version)
#sqlite_version_number formula: https://sqlite.org/c3ref/c_source_id.html
sqlite_version_number = sqlite3.sqlite_version_info[0] * 1000000 + sqlite3.sqlite_version_info[1] * 1000 + sqlite3.sqlite_version_info[2]
conn = None
try:
try:
conn = sqlite3.connect(':memory:')
if sqlite_version_number >= 3006018:
sqlite_source_id = conn.execute('SELECT sqlite_source_id();').fetchone()[0]
logger.info('SQLite Library Source ID: ' + sqlite_source_id)
if sqlite_version_number >= 3006023:
compile_options = ', '.join(map(lambda row: row[0], conn.execute('PRAGMA compile_options;')))
logger.info('SQLite Library Compile Options: ' + compile_options)
#There is no specific version requirement as yet, so we just use the
#first version that was included with Python.
if sqlite_version_number < 3000008:
logger.error('This version of SQLite is too old. PyBitmessage requires SQLite 3.0.8 or later')
return False
return True
except sqlite3.Error:
logger.exception('An exception occured while checking sqlite.')
return False
finally:
if conn:
conn.close()
def check_openssl():
"""Do openssl dependency check.
Here we are checking for openssl with its all dependent libraries
and version checking.
"""
try:
import ctypes
except ImportError:
logger.error('Unable to check OpenSSL. The ctypes module is not available.')
return False
#We need to emulate the way PyElliptic searches for OpenSSL.
if sys.platform == 'win32':
paths = ['libeay32.dll']
if getattr(sys, 'frozen', False):
import os.path
paths.insert(0, os.path.join(sys._MEIPASS, 'libeay32.dll'))
else:
2018-03-09 15:41:20 +01:00
paths = ['libcrypto.so', 'libcrypto.so.1.0.0']
if sys.platform == 'darwin':
paths.extend([
'libcrypto.dylib',
'/usr/local/opt/openssl/lib/libcrypto.dylib',
'./../Frameworks/libcrypto.dylib'
])
import re
if re.match(r'linux|darwin|freebsd', sys.platform):
try:
import ctypes.util
path = ctypes.util.find_library('ssl')
if path not in paths:
paths.append(path)
except:
pass
openssl_version = None
openssl_hexversion = None
openssl_cflags = None
cflags_regex = re.compile(r'(?:OPENSSL_NO_)(AES|EC|ECDH|ECDSA)(?!\w)')
for path in paths:
logger.info('Checking OpenSSL at ' + path)
try:
library = ctypes.CDLL(path)
except OSError:
continue
logger.info('OpenSSL Name: ' + library._name)
try:
openssl_version, openssl_hexversion, openssl_cflags = pyelliptic.openssl.get_version(library)
except AttributeError: # sphinx chokes
return True
if not openssl_version:
logger.error('Cannot determine version of this OpenSSL library.')
return False
logger.info('OpenSSL Version: ' + openssl_version)
logger.info('OpenSSL Compile Options: ' + openssl_cflags)
#PyElliptic uses EVP_CIPHER_CTX_new and EVP_CIPHER_CTX_free which were
#introduced in 0.9.8b.
if openssl_hexversion < 0x90802F:
logger.error('This OpenSSL library is too old. PyBitmessage requires OpenSSL 0.9.8b or later with AES, Elliptic Curves (EC), ECDH, and ECDSA enabled.')
return False
matches = cflags_regex.findall(openssl_cflags)
if len(matches) > 0:
logger.error('This OpenSSL library is missing the following required features: ' + ', '.join(matches) + '. PyBitmessage requires OpenSSL 0.9.8b or later with AES, Elliptic Curves (EC), ECDH, and ECDSA enabled.')
return False
return True
return False
#TODO: The minimum versions of pythondialog and dialog need to be determined
def check_curses():
"""Do curses dependency check.
Here we are checking for curses if available or not with check
as interface requires the pythondialog\ package and the dialog
utility.
"""
if sys.hexversion < 0x20600F0:
logger.error('The curses interface requires the pythondialog package and the dialog utility.')
return False
try:
import curses
except ImportError:
logger.error('The curses interface can not be used. The curses module is not available.')
return False
logger.info('curses Module Version: ' + curses.version)
try:
import dialog
except ImportError:
logger.error('The curses interface can not be used. The pythondialog package is not available.')
return False
try:
subprocess.check_call('which dialog')
except subprocess.CalledProcessError:
logger.error('Curses requires the `dialog` command to be installed as well as the python library.')
return False
logger.info('pythondialog Package Version: ' + dialog.__version__)
dialog_util_version = dialog.Dialog().cached_backend_version
#The pythondialog author does not like Python2 str, so we have to use
#unicode for just the version otherwise we get the repr form which includes
#the module and class names along with the actual version.
logger.info('dialog Utility Version' + unicode(dialog_util_version))
return True
def check_pyqt():
"""Do pyqt dependency check.
Here we are checking for PyQt4 with its version, as for it require
PyQt 4.7 or later.
"""
try:
import PyQt4.QtCore
except ImportError:
logger.error('The PyQt4 package is not available. PyBitmessage requires PyQt 4.8 or later and Qt 4.7 or later.')
if sys.platform.startswith('openbsd'):
logger.error('On OpenBSD, try running "pkg_add py-qt4" as root.')
elif sys.platform.startswith('freebsd'):
logger.error('On FreeBSD, try running "pkg install py27-qt4" as root.')
elif os.path.isfile("/etc/os-release"):
with open("/etc/os-release", 'rt') as osRelease:
for line in osRelease:
if line.startswith("NAME="):
if "fedora" in line.lower():
logger.error('On Fedora, try running "dnf install PyQt4" as root.')
elif "opensuse" in line.lower():
logger.error('On openSUSE, try running "zypper install python-qt" as root.')
elif "ubuntu" in line.lower():
logger.error('On Ubuntu, try running "apt-get install python-qt4" as root.')
elif "debian" in line.lower():
logger.error('On Debian, try running "apt-get install python-qt4" as root.')
else:
logger.error('If your package manager does not have this package, try running "pip install PyQt4".')
return False
logger.info('PyQt Version: ' + PyQt4.QtCore.PYQT_VERSION_STR)
logger.info('Qt Version: ' + PyQt4.QtCore.QT_VERSION_STR)
passed = True
if PyQt4.QtCore.PYQT_VERSION < 0x40800:
logger.error('This version of PyQt is too old. PyBitmessage requries PyQt 4.8 or later.')
passed = False
if PyQt4.QtCore.QT_VERSION < 0x40700:
logger.error('This version of Qt is too old. PyBitmessage requries Qt 4.7 or later.')
passed = False
return passed
def check_msgpack():
"""Do sgpack module check.
simply checking if msgpack package with all its dependency
is available or not as recommended for messages coding.
"""
try:
import msgpack
except ImportError:
logger.error(
'The msgpack package is not available.'
'It is highly recommended for messages coding.')
if sys.platform.startswith('openbsd'):
logger.error('On OpenBSD, try running "pkg_add py-msgpack" as root.')
elif sys.platform.startswith('freebsd'):
logger.error('On FreeBSD, try running "pkg install py27-msgpack-python" as root.')
elif os.path.isfile("/etc/os-release"):
with open("/etc/os-release", 'rt') as osRelease:
for line in osRelease:
if line.startswith("NAME="):
if "fedora" in line.lower():
logger.error('On Fedora, try running "dnf install python2-msgpack" as root.')
elif "opensuse" in line.lower():
logger.error('On openSUSE, try running "zypper install python-msgpack-python" as root.')
elif "ubuntu" in line.lower():
logger.error('On Ubuntu, try running "apt-get install python-msgpack" as root.')
elif "debian" in line.lower():
logger.error('On Debian, try running "apt-get install python-msgpack" as root.')
else:
logger.error('If your package manager does not have this package, try running "pip install msgpack-python".')
return True
def check_dependencies(verbose = False, optional = False):
"""Do dependency check.
It identifies project dependencies and checks if there are
any known, publicly disclosed, vulnerabilities.basically
scan applications (and their dependent libraries) so that
easily identify any known vulnerable components.
"""
if verbose:
logger.setLevel(logging.INFO)
has_all_dependencies = True
#Python 2.7.3 is the required minimum. Python 3+ is not supported, but it is
#still useful to provide information about our other requirements.
logger.info('Python version: %s', sys.version)
if sys.hexversion < 0x20703F0:
logger.error('PyBitmessage requires Python 2.7.3 or greater (but not Python 3+)')
has_all_dependencies = False
if sys.hexversion >= 0x3000000:
logger.error('PyBitmessage does not support Python 3+. Python 2.7.3 or greater is required.')
has_all_dependencies = False
check_functions = [check_hashlib, check_sqlite, check_openssl, check_msgpack]
if optional:
check_functions.extend([check_pyqt, check_curses])
#Unexpected exceptions are handled here
for check in check_functions:
try:
has_all_dependencies &= check()
except:
logger.exception(check.__name__ + ' failed unexpectedly.')
has_all_dependencies = False
if not has_all_dependencies:
logger.critical('PyBitmessage cannot start. One or more dependencies are unavailable.')
sys.exit()
if __name__ == '__main__':
"""Check Dependencies"""
check_dependencies(True, True)