diff --git a/docker/docker-py3-kms-minimal/Dockerfile b/docker/docker-py3-kms-minimal/Dockerfile index 9d2b073..dc6b54b 100644 --- a/docker/docker-py3-kms-minimal/Dockerfile +++ b/docker/docker-py3-kms-minimal/Dockerfile @@ -28,7 +28,7 @@ RUN apk add --no-cache --update \ shadow \ netcat-openbsd \ build-base python3-dev \ - && pip3 install --no-cache peewee tzlocal pytz wheel \ + && pip3 install --no-cache-dir peewee tzlocal pytz wheel dnspython \ && apk del git build-base python3-dev \ && addgroup power_users \ && adduser -S py-kms -G users -s /bin/bash \ diff --git a/docker/docker-py3-kms/Dockerfile b/docker/docker-py3-kms/Dockerfile index 480328d..4075466 100644 --- a/docker/docker-py3-kms/Dockerfile +++ b/docker/docker-py3-kms/Dockerfile @@ -17,7 +17,7 @@ ENV LOGSIZE "" ENV TZ America/Chicago COPY py-kms /home/py-kms/ -#hadolint ignore=DL3013,DL3018 + RUN apk add --no-cache --update \ bash \ git \ @@ -36,7 +36,7 @@ RUN apk add --no-cache --update \ && git clone --branch master --depth 1 https://github.com/coleifer/sqlite-web.git /tmp/sqlite_web \ && mv /tmp/sqlite_web/sqlite_web /home/ \ && rm -rf /tmp/sqlite_web \ - && pip3 install --no-cache-dir peewee tzlocal pytz pysqlite3 wheel \ + && pip3 install --no-cache-dir peewee tzlocal pytz pysqlite3 wheel dnspython \ && apk del git build-base python3-dev \ && mkdir /db/ \ && addgroup power_users \ @@ -52,7 +52,7 @@ COPY docker/start.py /usr/bin/start.py RUN chmod 755 /usr/bin/entrypoint.py WORKDIR /home/py-kms -#USER py-kms + EXPOSE ${PORT}/tcp EXPOSE 8080 diff --git a/docs/Usage.md b/docs/Usage.md index 59674b4..0a14598 100644 --- a/docs/Usage.md +++ b/docs/Usage.md @@ -143,6 +143,12 @@ user@host ~/path/to/folder/py-kms $ python3 pykms_Server.py -V DEBUG user@host ~/path/to/folder/py-kms $ python3 pykms_Client.py -V DEBUG ``` +If you wish to get KMS server from DNS server: (ie perform a DNS resolution on _vlmcs._tcp.domain.tld, if ever there are several answers, only the first one is selected.). Althought that mode is supposed to be specific to devices connect to an Active Directory domain, setting a fully qualified name and a workgroup may help to use that automatic KMS discovery feature. +``` +user@host ~/path/to/folder/py-kms $ python3 pykms_Client.py -V DEBUG -F STDOUT -D contoso.com +user@host ~/path/to/folder/py-kms $ python3 pykms_Client.py -V DEBUG -F STDOUT -D contoso.com +``` + Or if you want better specify: ``` user@host ~/path/to/folder/py-kms $ python3 pykms_Server.py 1688 -V DEBUG diff --git a/py-kms/pykms_Client.py b/py-kms/pykms_Client.py index 5a47fb7..109f83a 100644 --- a/py-kms/pykms_Client.py +++ b/py-kms/pykms_Client.py @@ -13,7 +13,13 @@ import logging import os import threading -import pykms_RpcBind, pykms_RpcRequest +import dns.message +import dns.rdataclass +import dns.rdatatype +import dns.query +import dns.resolver + +import pykms_RpcBind, pykms_RpcRequest from pykms_Filetimes import dt_to_filetime from pykms_Dcerpc import MSRPCHeader, MSRPCBindNak, MSRPCRequestHeader, MSRPCRespHeader from pykms_Base import kmsBase, UUID @@ -72,6 +78,7 @@ Type \"STDOUT\" to view log info on stdout. Type \"FILESTDOUT\" to combine previ Use \"STDOUTOFF\" to disable stdout messages. Use \"FILEOFF\" if you not want to create logfile.', 'def' : os.path.join('.', 'pykms_logclient.log'), 'des' : "logfile"}, 'lsize' : {'help' : 'Use this flag to set a maximum size (in MB) to the output log file. Deactivated by default.', 'def' : 0, 'des': "logsize"}, + 'discovery' : {'help': 'ask the client to perform a _vlmcs._tcp.domain.tld DNS request to set KMS server.', 'def': None , 'des': 'discovery' }, } def client_options(): @@ -99,6 +106,8 @@ def client_options(): default = clt_options['lfile']['def'], help = clt_options['lfile']['help'], type = str) client_parser.add_argument("-S", "--logsize", dest = clt_options['lsize']['des'], action = "store", default = clt_options['lsize']['def'], help = clt_options['lsize']['help'], type = float) + client_parser.add_argument("-D", "--discovery", dest = clt_options['discovery']['des'], action = "store", + default = clt_options['discovery']['def'], help = clt_options['discovery']['help'], type = str) client_parser.add_argument("-h", "--help", action = "help", help = "show this help message and exit") @@ -186,6 +195,21 @@ def client_update(): raise RuntimeError(f'Client failed to find machine configuration in kms database - make sure it contains an entry for "{clt_config["mode"]}"') def client_connect(): + + if clt_config['discovery'] is not None: + loggerclt.info(f'Using Domain: {clt_config["discovery"]}') + r= None + try: + r = dns.resolver.resolve('_vlmcs._tcp.' + clt_config['discovery'], dns.rdatatype.SRV) + for a in r: + loggerclt.debug(f'answer KMS server: {a.target} , port: {a.port}') + clt_config['ip'] = socket.gethostbyname(r[0].target.to_text()) + clt_config['port'] = r[0].port + except (dns.exception.Timeout, dns.resolver.NXDOMAIN) as e: + pretty_printer(log_obj = loggerclt.warning, + put_text = "{reverse}{red}{bold}Cannot resolve '%s'. Error: '%s'...{end}" %(clt_config['discovery'], + str(e))) + loggerclt.info("Connecting to %s on port %d" % (clt_config['ip'], clt_config['port'])) try: clt_sock = socket.create_connection((clt_config['ip'], clt_config['port']), timeout = clt_config['timeoutidle'])