Python SSL_Transport Beispiele

Beispiel #1

 def _xmlrpc(self, addr, ssl_context=None):
     try:
         transport = None
         if ssl_context:
             if self._need_m2crypto():
                 transport = xmlrpc_client.SafeTransport(
                     context=ssl_context)
             else:
                 from M2Crypto.m2xmlrpclib import SSL_Transport
                 transport = SSL_Transport(ssl_context)
             uri = 'https://%s:%s' % (addr, self.management_port)
         else:
             uri = 'http://%s:%s' % (addr, self.management_port)
         xmlrpc_client_lib = xmlrpc_client.ServerProxy(uri, transport)
         xmlrpc_client_lib.system.listMethods()
         self.xmlrpc_client = xmlrpc_client_lib
         return True
     except Exception:  # NOTE: unfortunately there are many ways to fail, so the exception clause is broad
         if ssl_context:
             description = 'XML-RPC with SSL'
         else:
             description = 'XML-RPC'
         self.logger.warning('Unable to connect via %s' % description,
                             exc_info=True)
     return False

Beispiel #2

Datei: passweb.py Projekt: chrnux/cerebrum

def change_password(dta):
    """Return a string with a message describing how the request went."""

    if cereconf.ENABLE_BOFHD_CRYPTO:
        # TODO: Check server cert
        from M2Crypto.m2xmlrpclib import Server, SSL_Transport
        svr = Server(cereconf.BOFH_URL,
                     SSL_Transport(), encoding='iso8859-1')
    else:
        svr = xmlrpclib.Server(cereconf.BOFH_URL, encoding='iso8859-1')

    # Simple sanity check of values
    for k in 'newpass', 'pass', 'uname':
        if dta.getfirst(k, '') == '':
            return "Field %s cannot be blank" % k
    if dta.getfirst('newpass') != dta.getfirst('newpass2'):
        return "New passwords must be equal"

    try:
        secret = svr.login(dta.getfirst('uname'), dta.getfirst('pass'))
        svr.run_command(secret, "account_password", dta.getfirst('uname'),
                        dta.getfirst('newpass'))
    except xmlrpclib.Fault, m:
        if m.faultCode == 666:
            return "The operation did not succeed: <pre>%s</pre>" % m.faultString
        else:
            return _internalError(m.faultString, sys.exc_info())

Beispiel #3

Datei: models.py Projekt: pentikousis/C-BAS-framework

 def _reset_proxy(self):
     parsed = urlparse(self.url.lower())
     self.transport = None
     # This scheme is used for debugging and looping back
     if parsed.scheme == "test":
         self.proxy = BasicAuthServerProxy(
             test_to_http(self.url),
             username=self.username,
             password=self.password,
             transport=TestClientTransport())
     elif parsed.scheme == "https":
         from M2Crypto.m2xmlrpclib import SSL_Transport
         from M2Crypto.SSL import Context
         self.transport = SSL_Transport(Context(protocol='tlsv1'))
         self.proxy = BasicAuthServerProxy(self.url,
                                           username=self.username,
                                           password=self.password,
                                           transport=self.transport,
                                           #verbose=getattr(settings, "DEBUG", False))
                                           verbose=False)
         self.set_verify_certs()
     else:
         self.proxy = BasicAuthServerProxy(self.url,
                                           username=self.username,
                                           password=self.password)

Beispiel #4

Datei: agentproxy.py Projekt: nmc-probe/emulab-diskless

 def newtickets(self, slice, ntickets, leaselen, ips):
     ctx = clictxinit(self.cert, self.key, self.cacert)
     s = ServerProxy("https://%s:%d" % (self.host, self.sslport),
                     SSL_Transport(ctx))
     params = {
         "slice": slice,
         "ntickets": ntickets,
         "leaselen": leaselen,
         "ips": ips
     }
     return s.newtickets(params)

Beispiel #5

    def _reset(self):
        parsed = urlparse(self.url.lower())
        assert parsed.scheme == "https"

        self.transport = None
        from M2Crypto.m2xmlrpclib import SSL_Transport
        from M2Crypto.SSL import Context
        self.transport = SSL_Transport(Context(protocol='tlsv1'))

        new_url = add_basic_auth(self.url, self.username, self.password)
        self.proxy = xmlrpclib.ServerProxy(str(new_url),
                                           transport=self.transport,
                                           verbose=False)

Beispiel #6

Datei: vdsm.py Projekt: beav/virt-who

    def _secureConnect(self):
        addr = self._getLocalVdsName(self.trust_store_path)

        from M2Crypto.m2xmlrpclib import SSL_Transport
        from M2Crypto import SSL

        KEYFILE = self.trust_store_path + '/keys/vdsmkey.pem'
        CERTFILE = self.trust_store_path + '/certs/vdsmcert.pem'
        CACERT = self.trust_store_path + '/certs/cacert.pem'

        ctx = SSL.Context('sslv3')

        ctx.set_verify(SSL.verify_peer | SSL.verify_fail_if_no_peer_cert, 16)
        ctx.load_verify_locations(CACERT)
        ctx.load_cert(CERTFILE, KEYFILE)

        return xmlrpclib.Server('https://%s:%s' % (addr, self.management_port), SSL_Transport(ctx))

Beispiel #7

Datei: bofh.py Projekt: Narvik-kommune/cerebrum

 def __init__(self, url, bofh_client, cacert_file=None, rand_cmd=None):
     self.__bc = bofh_client
     if url.startswith("https"):
         from M2Crypto.m2xmlrpclib import Server, SSL_Transport
         from M2Crypto import SSL
         if not os.path.exists('/dev/random') and rand_cmd is not None:
             from M2Crypto.Rand import rand_add
             rand_file = os.popen(rand_cmd, 'r')
             rand_string = rand_file.read()
             rand_file.close()
             rand_add(rand_string, len(rand_string))
         ctx = SSL.Context('sslv3')
         if cacert_file is not None:
             ctx.load_verify_info(cacert_file)
             ctx.set_verify(SSL.verify_peer, 10)
         self.conn = Server(url, SSL_Transport(ctx), encoding='iso8859-1')
     else:
         self.conn = xmlrpclib.Server(url, encoding='iso8859-1')

Beispiel #8

Datei: localvdsm.py Projekt: ncounter/gitlearning-opensource

def connect():
    tsPath = getTrustStorePath()
    port = config.get('addresses', 'management_port')
    if tsPath:
        addr = getLocalVdsName(tsPath)
        from M2Crypto.m2xmlrpclib import SSL_Transport
        from M2Crypto import SSL

        KEYFILE = tsPath + '/keys/vdsmkey.pem'
        CERTFILE = tsPath + '/certs/vdsmcert.pem'
        CACERT = tsPath + '/certs/cacert.pem'

        ctx = SSL.Context('sslv3')

        ctx.set_verify(SSL.verify_peer | SSL.verify_fail_if_no_peer_cert, 16)
        ctx.load_verify_locations(CACERT)
        ctx.load_cert(CERTFILE, KEYFILE)

        server = xmlrpclib.Server('https://%s:%s' % (addr, port),
                                  SSL_Transport(ctx))
    else:
        server = xmlrpclib.Server('http://localhost:%s' % port)
    return server

Beispiel #9

Datei: XMLRPCServerProxy.py Projekt: cargious/ocf

 def _reset_proxy(self):
     parsed = urlparse(self.url.lower())
     self.transport = None
     # This scheme is used for debugging and looping back
     if parsed.scheme == "test":
         self.proxy = BasicAuthServerProxy(self.url.lower().replace(
             "test", "http"),
                                           username=self.username,
                                           password=self.password,
                                           transport=TestClientTransport())
     elif parsed.scheme == "https":
         from M2Crypto.m2xmlrpclib import SSL_Transport
         from M2Crypto.SSL import Context
         self.transport = SSL_Transport(Context(protocol='tlsv1'))
         self.proxy = BasicAuthServerProxy(self.url,
                                           username=self.username,
                                           password=self.password,
                                           transport=self.transport)
         self.set_verify_certs()
     else:
         self.proxy = BasicAuthServerProxy(self.url,
                                           username=self.username,
                                           password=self.password)

Beispiel #10

def ZServerSSL():
    # Server is Zope-2.6.4 on ZServerSSL/0.12.
    zs = Server('https://127.0.0.1:8443/', SSL_Transport())
    print zs.propertyMap()

Beispiel #11

def xmlrpc_srv():
    # Server is ../https/START_xmlrpc.py or ./xmlrpc_srv.py.
    zs = Server('https://127.0.0.1:39443', SSL_Transport())
    print zs.Testing(1, 2, 3)
    print zs.BringOn('SOAP')

Beispiel #12

def do_method(module,
              method,
              params,
              URI=None,
              quiet=False,
              version=None,
              response_handler=None):
    if not os.path.exists(CERTIFICATE):
        return Fatal("error: missing emulab certificate: %s\n" % CERTIFICATE)

    from M2Crypto.m2xmlrpclib import SSL_Transport
    from M2Crypto import SSL

    if URI == None and CMURI and (module == "cm" or module == "cmv2"):
        URI = CMURI
        pass

    if URI == None:
        if module in XMLRPC_SERVER:
            addr = XMLRPC_SERVER[module]
        else:
            addr = XMLRPC_SERVER["default"]

        if module in SERVER_PATH:
            path = SERVER_PATH[module]
        else:
            path = SERVER_PATH["default"]

        URI = "https://" + addr + path + module
    elif module:
        URI = URI + "/" + module
        pass

    if version:
        URI = URI + "/" + version
        pass

    scheme, netloc, path, query, fragment = urlsplit(URI)
    if not scheme:
        URI = "https://" + URI
        pass

    scheme, netloc, path, query, fragment = urlsplit(URI)
    if scheme == "https":
        host, port = splitport(netloc)
        if not port:
            netloc = netloc + ":443"
            URI = urlunsplit((scheme, netloc, path, query, fragment))
            pass
        pass

    if debug:
        #        print URI + " " + method + " " + str(params);
        print URI + " " + method
        pass

    ctx = SSL.Context("sslv23")
    ctx.load_cert(CERTIFICATE, CERTIFICATE, PassPhraseCB)
    ctx.set_verify(SSL.verify_none, 16)
    ctx.set_allow_unknown_ca(0)

    # Get a handle on the server,
    server = xmlrpclib.ServerProxy(URI, SSL_Transport(ctx), verbose=0)

    # Get a pointer to the function we want to invoke.
    meth = getattr(server, method)
    meth_args = [params]

    if response_handler:
        # If a response handler was passed, use it and return the result.
        # This is the case when running the GENI AM.
        return response_handler(meth, params)

    if not quiet:
        t = threading.Thread(None, dotty)
        t.daemon = True
        t.keep_going = True
        t.start()
    #
    # Make the call.
    #
    while True:
        try:
            response = apply(meth, meth_args)
            break
        except xmlrpclib.Fault, e:
            if not quiet:
                t.keep_going = False
                print >> sys.stderr, e.faultString
            if e.faultCode == 503:
                print >> sys.stderr, "Will try again in a moment. Be patient!"
                time.sleep(5.0)
                continue
                pass
            return (-1, None)
        except xmlrpclib.ProtocolError, e:
            if not quiet:
                t.keep_going = False
                print >> sys.stderr, e.errmsg
            t.keep_going = False
            return (-1, None)

Beispiel #13

        return mac[0:2] + delim + mac[2:4] + delim + mac[4:6] + delim + \
               mac[6:8] + delim + mac[8:10] + delim + mac[10:12]
    else:
        return mac
    pass

#
# Grab the emulab widearea config for this node.
#
if not onlyplab:
    ctx = SSL.Context("sslv23")
    ctx.load_cert(ELAB_CERT, ELAB_CERT)
    ctx.set_verify(SSL.verify_none, 16)
    ctx.set_allow_unknown_ca(0)
    try:
        eserver = xmlrpclib.ServerProxy(ELAB_URI,SSL_Transport(ctx),
                                        verbose=debug,allow_none=1)
        waconfig = eserver.node.waconfig(PACKAGE_VERSION,{ 'node' : node_id })
        waconfig = waconfig['value']
        if debug:
            print "waconfig: '%s'" % str(waconfig)
            pass
        possible_keys = [ 'WA_BOOTMETHOD','WA_HOSTNAME','WA_DOMAIN','WA_MAC',
                          'WA_IP_ADDR','WA_IP_NETMASK','WA_IP_GATEWAY',
                          'WA_IP_DNS1','WA_IP_DNS2','WA_BWLIMIT' ]
        if not waconfig:
            print "error: received empty config from Emulab!"
            sys.exit(3)
            pass

        # whack the mac value into colon-delimited form

Beispiel #14

    #
    # Make the call.
    #
    try:
        response = server.raw_request(stuff)
        pass
    except xmlrpclib.Fault, e:
        print(e.faultString)
        sys.exit(-1)
        pass

    print(str(response))
    sys.exit(0)
elif len(req_args):
    # Get a handle on the server,
    server = xmlrpclib.ServerProxy(URI, SSL_Transport(ctx))
    # Method and args are on the command line.
    sys.exit(do_method(server, req_args))
else:
    # Get a handle on the server,
    server = xmlrpclib.ServerProxy(URI, SSL_Transport(ctx))
    # Prompt the user for input.
    try:
        while True:
            line = raw_input("$ ")
            tokens = line.split(" ")
            if len(tokens) >= 1 and len(tokens[0]) > 0:
                print(str(do_method(server, tokens)))
                pass
            pass
        pass