ab#55565

Author: leefine02

RemoteFile/RemoteCertificateStore.cs

@@ -23,6 +23,7 @@
 using Keyfactor.Extensions.Orchestrator.RemoteFile.Models;
 using Keyfactor.Logging;
 using System.Management.Automation;
+using System.Runtime.InteropServices;
 
 namespace Keyfactor.Extensions.Orchestrator.RemoteFile
 {
@@ -332,8 +333,8 @@ internal void Initialize()
         {
             logger.MethodEntry(LogLevel.Debug);
 
-            if (ServerType == ServerTypeEnum.Linux)
-                RemoteHandler = new SSHHandler(Server, ServerId, ServerPassword);
+            if (ServerType == ServerTypeEnum.Linux || RuntimeInformation.IsOSPlatform(OSPlatform.Linux))
+                RemoteHandler = new SSHHandler(Server, ServerId, ServerPassword, ServerType == ServerTypeEnum.Linux);
             else
                 RemoteHandler = new WinRMHandler(Server, ServerId, ServerPassword);
 

RemoteFile/RemoteFile.csproj

@@ -6,6 +6,14 @@
     <CopyLocalLockFileAssemblies>true</CopyLocalLockFileAssemblies>
   </PropertyGroup>
 
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|AnyCPU'">
+    <DebugType>none</DebugType>
+  </PropertyGroup>
+
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|AnyCPU'">
+    <DebugType>none</DebugType>
+  </PropertyGroup>
+
   <ItemGroup>
     <Compile Remove="ImplementedStoreTypes\JKS\JksStore.cs" />
     <Compile Remove="RemoteHandlers\SSHHelper.cs" />

RemoteFile/RemoteHandlers/SSHHandler.cs

@@ -19,77 +19,91 @@
 using Keyfactor.Logging;
 using Keyfactor.PKI.PrivateKeys;
 using Keyfactor.PKI.PEM;
+using System.Runtime.InteropServices;
 
 namespace Keyfactor.Extensions.Orchestrator.RemoteFile.RemoteHandlers
 {
     class SSHHandler : BaseRemoteHandler
     {
         private const string LINUX_PERMISSION_REGEXP = "^[0-7]{3}$";
         private ConnectionInfo Connection { get; set; }
+        private bool RunLocal { get; set; }
+        private bool IsStoreServerLinux { get; set; }
 
         private SshClient sshClient;
 
-        internal SSHHandler(string server, string serverLogin, string serverPassword)
+        internal SSHHandler(string server, string serverLogin, string serverPassword, bool isStoreServerLinux)
         {
             _logger.MethodEntry(LogLevel.Debug);
 
             Server = server;
+            RunLocal = Server.ToLower() == "localhost" || Server.ToLower().EndsWith("|localmachine");
+            IsStoreServerLinux = isStoreServerLinux;
 
-            List<AuthenticationMethod> authenticationMethods = new List<AuthenticationMethod>();
-            if (serverPassword.Length < PASSWORD_LENGTH_MAX)
+            if (!RunLocal)
             {
-                authenticationMethods.Add(new PasswordAuthenticationMethod(serverLogin, serverPassword));
-            }
-            else
-            {
-                PrivateKeyFile privateKeyFile;
-
-                try
+                List<AuthenticationMethod> authenticationMethods = new List<AuthenticationMethod>();
+                if (serverPassword.Length < PASSWORD_LENGTH_MAX)
                 {
-                    using (MemoryStream ms = new MemoryStream(Encoding.ASCII.GetBytes(FormatRSAPrivateKey(serverPassword))))
-                    {
-                        privateKeyFile = new PrivateKeyFile(ms);
-                    }
+                    authenticationMethods.Add(new PasswordAuthenticationMethod(serverLogin, serverPassword));
                 }
-                catch (Exception ex)
+                else
                 {
-                    using (MemoryStream ms = new MemoryStream(Encoding.ASCII.GetBytes(ConvertToPKCS1(serverPassword))))
+                    PrivateKeyFile privateKeyFile;
+
+                    try
+                    {
+                        using (MemoryStream ms = new MemoryStream(Encoding.ASCII.GetBytes(FormatRSAPrivateKey(serverPassword))))
+                        {
+                            privateKeyFile = new PrivateKeyFile(ms);
+                        }
+                    }
+                    catch (Exception ex)
                     {
-                        privateKeyFile = new PrivateKeyFile(ms);
+                        using (MemoryStream ms = new MemoryStream(Encoding.ASCII.GetBytes(ConvertToPKCS1(serverPassword))))
+                        {
+                            privateKeyFile = new PrivateKeyFile(ms);
+                        }
                     }
+
+                    authenticationMethods.Add(new PrivateKeyAuthenticationMethod(serverLogin, privateKeyFile));
                 }
 
-                authenticationMethods.Add(new PrivateKeyAuthenticationMethod(serverLogin, privateKeyFile));
+                Connection = new ConnectionInfo(server, serverLogin, authenticationMethods.ToArray());
             }
 
-            Connection = new ConnectionInfo(server, serverLogin, authenticationMethods.ToArray());
-            
             _logger.MethodExit(LogLevel.Debug);
         }
 
         public override void Initialize()
         {
             _logger.MethodEntry(LogLevel.Debug);
 
-            try
-            {
-                sshClient = new SshClient(Connection);
-                sshClient.Connect();
-            }
-            catch (Exception ex)
+            if (!RunLocal)
             {
-                throw new RemoteFileException($"Error making a SSH connection to remote server {Connection.Host}, for user {Connection.Username}.  Please contact your company's system administrator to verify connection and permission settings.", ex);
+                try
+                {
+                    sshClient = new SshClient(Connection);
+                    sshClient.Connect();
+                }
+                catch (Exception ex)
+                {
+                    throw new RemoteFileException($"Error making a SSH connection to remote server {Connection.Host}, for user {Connection.Username}.  Please contact your company's system administrator to verify connection and permission settings.", ex);
+                }
             }
-            
+
             _logger.MethodExit(LogLevel.Debug);
         }
 
         public override void Terminate()
         {
             _logger.MethodEntry(LogLevel.Debug);
-            
-            sshClient.Disconnect();
-            sshClient.Dispose();
+
+            if (!RunLocal)
+            {
+                sshClient.Disconnect();
+                sshClient.Dispose();
+            }
 
             _logger.MethodExit(LogLevel.Debug);
         }
@@ -104,10 +118,18 @@ public override string RunCommand(string commandText, object[] arguments, bool w
 
             try
             {
-                if (withSudo)
+                if (withSudo && IsStoreServerLinux)
                     commandText = sudo + commandText;
 
-                commandText = echo + commandText;
+                if (IsStoreServerLinux)
+                {
+                    commandText = echo + commandText;
+                }
+                else
+                {
+                    commandText = "powershell -Command \"" + commandText + "\"";
+                    commandText = commandText.Replace(@"\", @"\\");
+                }
 
                 string displayCommand = commandText;
                 if (passwordsToMaskInLog != null)
@@ -162,7 +184,7 @@ public override void UploadCertificateFile(string path, string fileName, byte[]
 
                         using (MemoryStream stream = new MemoryStream(certBytes))
                         {
-                            client.Upload(stream, FormatFTPPath(uploadPath));
+                            client.Upload(stream, FormatFTPPath(uploadPath, false));
                         }
                     }
                     catch (Exception ex)
@@ -193,7 +215,7 @@ public override void UploadCertificateFile(string path, string fileName, byte[]
 
                         using (MemoryStream stream = new MemoryStream(certBytes))
                         {
-                            client.UploadFile(stream, FormatFTPPath(uploadPath));
+                            client.UploadFile(stream, FormatFTPPath(uploadPath, !IsStoreServerLinux));
                         }
                     }
                     catch (Exception ex)
@@ -209,7 +231,7 @@ public override void UploadCertificateFile(string path, string fileName, byte[]
                 }
             }
 
-            if (!string.IsNullOrEmpty(ApplicationSettings.SeparateUploadFilePath))
+            if (!string.IsNullOrEmpty(ApplicationSettings.SeparateUploadFilePath) && IsStoreServerLinux)
             {
                 //RunCommand($"cat {uploadPath} > {path}/{fileName}", null, ApplicationSettings.UseSudo, null);
                 RunCommand($"tee {path}/{fileName} < {uploadPath} > /dev/null", null, ApplicationSettings.UseSudo, null);
@@ -230,7 +252,7 @@ public override byte[] DownloadCertificateFile(string path)
             string altPathOnly = string.Empty;
             string altFileNameOnly = string.Empty;
 
-            if (!string.IsNullOrEmpty(ApplicationSettings.SeparateUploadFilePath))
+            if (!string.IsNullOrEmpty(ApplicationSettings.SeparateUploadFilePath) && IsStoreServerLinux)
             {
                 SplitStorePathFile(path, out altPathOnly, out altFileNameOnly);
                 downloadPath = ApplicationSettings.SeparateUploadFilePath + altFileNameOnly;
@@ -251,7 +273,7 @@ public override byte[] DownloadCertificateFile(string path)
 
                         using (MemoryStream stream = new MemoryStream())
                         {
-                            client.Download(FormatFTPPath(downloadPath), stream);
+                            client.Download(FormatFTPPath(downloadPath, false), stream);
                             rtnStore = stream.ToArray();
                         }
                     }
@@ -283,7 +305,7 @@ public override byte[] DownloadCertificateFile(string path)
 
                         using (MemoryStream stream = new MemoryStream())
                         {
-                            client.DownloadFile(FormatFTPPath(downloadPath), stream);
+                            client.DownloadFile(FormatFTPPath(downloadPath, !IsStoreServerLinux), stream);
                             rtnStore = stream.ToArray();
                         }
                     }
@@ -300,7 +322,7 @@ public override byte[] DownloadCertificateFile(string path)
                 }
             }
 
-            if (!string.IsNullOrEmpty(ApplicationSettings.SeparateUploadFilePath))
+            if (!string.IsNullOrEmpty(ApplicationSettings.SeparateUploadFilePath) && IsStoreServerLinux)
             {
                 RunCommand($"rm {downloadPath}", null, ApplicationSettings.UseSudo, null);
             }
@@ -322,8 +344,13 @@ public override void CreateEmptyStoreFile(string path, string linuxFilePermissio
                 linuxFileGroup = linuxGroupOwner[1];
             }
 
-            AreLinuxPermissionsValid(linuxFilePermissions);
-            RunCommand($"install -m {linuxFilePermissions} -o {linuxFileOwner} -g {linuxFileGroup} /dev/null {path}", null, ApplicationSettings.UseSudo, null);
+            if (IsStoreServerLinux)
+            {
+                AreLinuxPermissionsValid(linuxFilePermissions);
+                RunCommand($"install -m {linuxFilePermissions} -o {linuxFileOwner} -g {linuxFileGroup} /dev/null {path}", null, ApplicationSettings.UseSudo, null);
+            }
+            else
+                RunCommand($@"Out-File -FilePath ""{path}""", null, false, null);
 
             _logger.MethodExit(LogLevel.Debug);
         }
@@ -332,14 +359,15 @@ public override bool DoesFileExist(string path)
         {
             _logger.MethodEntry(LogLevel.Debug);
             _logger.LogDebug($"DoesFileExist: {path}");
-
+            
             using (SftpClient client = new SftpClient(Connection))
             {
                 try
                 {
                     client.Connect();
-                    string existsPath = FormatFTPPath(path);
+                    string existsPath = FormatFTPPath(path, false);
                     bool exists = client.Exists(existsPath);
+                    _logger.LogDebug(existsPath);
 
                     _logger.MethodExit(LogLevel.Debug);
 
@@ -406,12 +434,14 @@ private string ConvertToPKCS1(string privateKey)
             return pemString.Replace("PRIVATE", "RSA PRIVATE");
         }
 
-        private string FormatFTPPath(string path)
+        private string FormatFTPPath(string path, bool addLeadingSlashForWindows)
         {
             _logger.MethodEntry(LogLevel.Debug);
             _logger.MethodExit(LogLevel.Debug);
 
-            return path.Substring(0, 1) == @"/" ? path : @"/" + path.Replace("\\", "/");
+            string rtnPath = IsStoreServerLinux ? path : path.Replace("\\", "/");
+            _logger.LogTrace($"Formatted path: {rtnPath}");
+            return addLeadingSlashForWindows ? rtnPath : "/" + rtnPath;
         }
     }
 }

RemoteFile/RemoteHandlers/WinRMHandler.cs

@@ -26,13 +26,16 @@ class WinRMHandler : BaseRemoteHandler
 
         private Runspace runspace { get; set; }
         private WSManConnectionInfo connectionInfo { get; set; }
+        private bool RunLocal { get; set; }
 
         internal WinRMHandler(string server, string serverLogin, string serverPassword)
         {
             _logger.MethodEntry(LogLevel.Debug);
 
             Server = server;
-            if (Server.ToLower() != "localhost")
+            RunLocal = Server.ToLower() == "localhost" || Server.ToLower().EndsWith("|localmachine");
+
+            if (!RunLocal)
             {
                 connectionInfo = new WSManConnectionInfo(new System.Uri($"{Server}/wsman"));
                 if (!string.IsNullOrEmpty(serverLogin))
@@ -50,7 +53,7 @@ public override void Initialize()
 
             try
             {
-                if (Server.ToLower() == "localhost")
+                if (RunLocal)
                 {
                     runspace = RunspaceFactory.CreateRunspace();
                 }