# Copyright 2021-2024 VMware, Inc.
# SPDX-License-Identifier: Apache-2.0
#
"""
Platform related utilities.
..
PYTEST_DONT_REWRITE
"""
import contextlib
import hashlib
import multiprocessing
import os
import pathlib
import platform
import shutil
import subprocess
import sys
from typing import cast
import distro
[docs]
def is_windows() -> bool:
"""
Simple function to return if a host is Windows or not.
:return bool: Return true on Windows
"""
return sys.platform.startswith("win")
[docs]
def is_linux() -> bool:
"""
Simple function to return if a host is Linux or not.
Note for a proxy minion, we need to return something else
:return bool: Return true on Linux
"""
return sys.platform.startswith("linux")
[docs]
def is_darwin() -> bool:
"""
Simple function to return if a host is Darwin (macOS) or not.
:return bool: Return true on Darwin(macOS)
"""
return sys.platform.startswith("darwin")
[docs]
def is_sunos() -> bool:
"""
Simple function to return if host is SunOS or not.
:return bool: Return true on SunOS
"""
return sys.platform.startswith("sunos")
[docs]
def is_smartos() -> bool:
"""
Simple function to return if host is SmartOS (Illumos) or not.
:return bool: Return true on SmartOS (Illumos)
"""
if is_sunos():
return os.uname()[3].startswith("joyent_")
return False
[docs]
def is_freebsd() -> bool:
"""
Simple function to return if host is FreeBSD or not.
:return bool: Return true on FreeBSD
"""
return sys.platform.startswith("freebsd")
[docs]
def is_netbsd() -> bool:
"""
Simple function to return if host is NetBSD or not.
:return bool: Return true on NetBSD
"""
return sys.platform.startswith("netbsd")
[docs]
def is_openbsd() -> bool:
"""
Simple function to return if host is OpenBSD or not.
:return bool: Return true on OpenBSD
"""
return sys.platform.startswith("openbsd")
[docs]
def is_aix() -> bool:
"""
Simple function to return if host is AIX or not.
:return bool: Return true on AIX
"""
return sys.platform.startswith("aix")
[docs]
def is_aarch64() -> bool:
"""
Simple function to return if host is AArch64 or not.
"""
return platform.machine().startswith("aarch64")
[docs]
def is_photonos() -> bool:
"""
Simple function to return if host is Photon OS or not.
"""
osname, _, _ = (x.strip('"').strip("'") for x in distro.linux_distribution())
return cast(bool, osname == "VMware Photon OS")
[docs]
def is_fips_enabled() -> bool:
"""
Check is FIPS is enabled.
:return bool: Return true when enabled
"""
if pathlib.Path("/etc/system-fips").exists():
return True
kernel_fips_enabled_path = pathlib.Path("/proc/sys/crypto/fips_enabled")
if (
kernel_fips_enabled_path.exists()
and kernel_fips_enabled_path.read_text(encoding="utf-8").strip() == "1"
):
return True
sysctl_path = shutil.which("sysctl")
if sysctl_path:
ret = subprocess.run(
[sysctl_path, "crypto.fips_enabled"],
check=False,
shell=False,
capture_output=True,
text=True,
)
if ret.returncode == 0:
stripped_output = ret.stdout.strip()
if (
stripped_output
and "=" in stripped_output
and stripped_output.split("=")[-1].strip() == "1"
):
return True
with contextlib.suppress(ImportError):
import cryptography.hazmat.backends.openssl.backend
if cryptography.hazmat.backends.openssl.backend._fips_enabled:
return True
try:
hashlib.md5() # nosec
except ValueError as exc:
if str(exc) == "[digital envelope routines] unsupported":
return True
return False