correct import of timezone (#56)

* Correct import of timezone
* Made datetime objects timezone-aware

---------

Co-authored-by: Philip Ruehl <philip.ruehl@gonicus.de>
Co-authored-by: Georg Sieber <schorschii@users.noreply.github.com>

Author: 3 people

laps-runner/laps_runner/filetime.py

@@ -1,7 +1,7 @@
 #!/usr/bin/env python3
 # -*- coding: utf-8 -*-
 
-from datetime import datetime
+from datetime import datetime, timezone
 
 
 # Microsoft Timestamp Conversion
@@ -15,4 +15,4 @@ def dt_to_filetime(dt):
 
 def filetime_to_dt(ft):
 	# ft is in UTC, fromtimestamp() converts to local time
-	return datetime.fromtimestamp(int((ft / HUNDREDS_OF_NANOSECONDS) - EPOCH_TIMESTAMP))
+	return datetime.fromtimestamp(int((ft / HUNDREDS_OF_NANOSECONDS) - EPOCH_TIMESTAMP), timezone.utc)

laps-runner/laps_runner/laps_runner.py

@@ -6,7 +6,7 @@
 
 from pathlib import Path
 from os import path
-from datetime import datetime, timedelta
+from datetime import datetime, timedelta, timezone
 from dns import resolver, rdatatype
 from shutil import which
 from pid import PidFile, PidFileAlreadyLockedError, PidFileAlreadyRunningError
@@ -161,7 +161,7 @@ def searchComputer(self):
 				self.tmpExpiryDate = filetime_to_dt( int(str(entry[self.cfgLdapAttributePasswordExpiry])) )
 			except Exception as e:
 				print('Unable to parse date '+str(self.tmpExpiry)+' - assuming that no expiration date is set.')
-				self.tmpExpiryDate = datetime.fromtimestamp(0, datetime.timezone.utc)
+				self.tmpExpiryDate = datetime.fromtimestamp(0, timezone.utc)
 			return True
 
 		# no result found
@@ -181,7 +181,7 @@ def updatePassword(self):
 		# generate new values
 		newPassword = self.generatePassword()
 		newPasswordHashed = CryptContext(schemes=['sha512_crypt']).hash(newPassword)
-		newExpirationDate = datetime.now() + timedelta(days=self.cfgDaysValid)
+		newExpirationDate = datetime.now().astimezone(timezone.utc) + timedelta(days=self.cfgDaysValid)
 
 		# update password in local database
 		self.updateLocalPassword(self.cfgUsername, newPasswordHashed)
@@ -232,7 +232,7 @@ def setPasswordAndExpiry(self, newPassword, newExpirationDate):
 			newPassword = json.dumps({
 				'p': newPassword,
 				'n': self.cfgUsername,
-				't': ('%0.2X' % dt_to_filetime(datetime.now())).lower()
+				't': ('%0.2X' % dt_to_filetime(datetime.now().astimezone(timezone.utc))).lower()
 			})
 
 		# encrypt Native LAPS content
@@ -305,7 +305,7 @@ def encryptPassword(self, content):
 		# 8-12 - blob size, uint32
 		# 12-16 - flags, currently always 0
 		preMagic = (
-			self.rotate_and_pack_msdatetime(dt_to_filetime(datetime.now()))
+			self.rotate_and_pack_msdatetime(dt_to_filetime(datetime.now().astimezone(timezone.utc)))
 			+ struct.pack('<i', len(encrypted))
 			+ b'\x00\x00\x00\x00'
 		)
@@ -416,7 +416,7 @@ def main():
 			runner.connectToServer()
 			runner.searchComputer()
 
-			if runner.tmpExpiryDate < datetime.now():
+			if runner.tmpExpiryDate < datetime.now().astimezone(timezone.utc):
 				print('Updating password (expired '+str(runner.tmpExpiryDate)+')')
 				runner.updatePassword()
 
@@ -436,7 +436,7 @@ def main():
 				if runner.cfgPamGracePeriod:
 					runner.logger.debug(__title__+': PAM grace period - waiting '+str(runner.cfgPamGracePeriod)+' seconds...')
 					# set expiration in directory, e.g. to handle reboots
-					runner.setExpiry(datetime.now() + timedelta(seconds=runner.cfgPamGracePeriod))
+					runner.setExpiry(datetime.now().astimezone(timezone.utc) + timedelta(seconds=runner.cfgPamGracePeriod))
 					# wait grace period
 					time.sleep(runner.cfgPamGracePeriod)
 				print('Updating password (forced update by PAM)...')