def _credential_vars(credential): ansible_dict = {} username = credential.get('username') password = credential.get('password') ssh_keyfile = credential.get('ssh_keyfile') sudo_password = credential.get('sudo_password') ansible_dict['ansible_user'] = username if password: ansible_dict['ansible_ssh_pass'] = \ decrypt_data_as_unicode(password) if ssh_keyfile: ansible_dict['ansible_ssh_private_key_file'] = ssh_keyfile if sudo_password: ansible_dict['ansible_become_pass'] = \ decrypt_data_as_unicode(sudo_password) return ansible_dict
def get_connect_data(scan_task): """Extract the connection information from the scan task. :param scan_task: The scan tasks :returns: A tuple of (host, port, user, password) """ credential = get_credential(scan_task) user = credential.username password = decrypt_data_as_unicode(credential.password) host = scan_task.source.get_hosts()[0] port = scan_task.source.port return (host, port, user, password)
def test_hostcred_set_become_pass(self): """Ensure we can set the become password.""" data = {'name': 'cred1', 'cred_type': Credential.NETWORK_CRED_TYPE, 'username': '******', 'password': '******', 'become_method': 'doas', 'become_password': '******'} self.create_expect_201(data) self.assertEqual(Credential.objects.count(), 1) self.assertEqual( decrypt_data_as_unicode(Credential.objects.get().become_password), 'pass')
def vcenter_connect(scan_task): """Connect to VCenter. :param scan_task: The scan task :returns: VCenter connection object. """ vcenter = None disable_ssl = None ssl_cert_verify = None ssl_protocol = None source = scan_task.source credential = source.credentials.all().first() user = credential.username host = scan_task.source.get_hosts()[0] password = decrypt_data_as_unicode(credential.password) port = scan_task.source.port options = source.options if options: if options.disable_ssl and options.disable_ssl is True: disable_ssl = True if options.ssl_cert_verify is not None: ssl_cert_verify = options.ssl_cert_verify ssl_protocol = options.get_ssl_protocol() if disable_ssl: vcenter = SmartConnectNoSSL(host=host, user=user, pwd=password, port=port) elif ssl_protocol is None and ssl_cert_verify is None: vcenter = SmartConnect(host=host, user=user, pwd=password, port=port) else: ssl_context = None if ssl_protocol is None: ssl_context = ssl.SSLContext(protocol=ssl.PROTOCOL_SSLv23) else: ssl_context = ssl.SSLContext(protocol=ssl_protocol) if ssl_cert_verify is False: ssl_context.verify_mode = ssl.CERT_NONE vcenter = SmartConnect(host=host, user=user, pwd=password, port=port, sslContext=ssl_context) atexit.register(Disconnect, vcenter) return vcenter
def _credential_vars(credential): """Build a dictionary containing cred information.""" ansible_dict = {} username = credential.get('username') password = credential.get('password') ssh_keyfile = credential.get('ssh_keyfile') become_method = credential.get('become_method') become_user = credential.get('become_user') become_password = credential.get('become_password') ansible_dict['ansible_user'] = username if password: ansible_dict['ansible_ssh_pass'] = \ decrypt_data_as_unicode(password) if ssh_keyfile: ansible_dict['ansible_ssh_private_key_file'] = ssh_keyfile if become_password: ansible_dict['ansible_become_pass'] = \ decrypt_data_as_unicode(become_password) if become_method: ansible_dict['ansible_become_method'] = become_method if become_user: ansible_dict['ansible_become_user'] = become_user return ansible_dict
def vcenter_connect(scan_task): """Connect to VCenter. :param scan_task: The scan task :returns: VCenter connection object. """ credential = scan_task.source.credentials.all().first() user = credential.username host = scan_task.source.hosts.all().first().host_range password = decrypt_data_as_unicode(credential.password) port = scan_task.source.port # TO DO: Fix port handling and SSL options vcenter = SmartConnectNoSSL(host=host, user=user, pwd=password, port=port) atexit.register(Disconnect, vcenter) return vcenter
def _handle_ssh_passphrase(credential): """Attempt to setup login via passphrase if necessary. :param credential: The credential used for connections """ if (credential.get('ssh_keyfile') is not None and credential.get('ssh_passphrase') is not None): keyfile = credential.get('ssh_keyfile') passphrase = \ decrypt_data_as_unicode(credential['ssh_passphrase']) cmd_string = 'ssh-add {}'.format(keyfile) try: child = pexpect.spawn(cmd_string, timeout=12) phrase = [pexpect.EOF, 'Enter passphrase for .*:'] i = child.expect(phrase) while i: child.sendline(passphrase) i = child.expect(phrase) except pexpect.exceptions.TIMEOUT: pass