def test_rfc_3696_s_2__valid(self):
assert FQDN("net", min_labels=1, allow_underscores=a_u).is_valid
assert FQDN("who.is", allow_underscores=a_u).is_valid
assert FQDN("bbc.co.uk", allow_underscores=a_u).is_valid
self.__assert_valid_fwd_and_bkwd_from_seq("sh4d05-7357",
"c00-mm",
allow_underscores=a_u)
def test_rfc_1035_s_2_3_4__label_max_length(self, a_u):
assert FQDN(
"www.abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijk.com",
allow_underscores=a_u,
).is_valid
assert FQDN(
"abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijk.abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijk",
allow_underscores=a_u,
).is_valid
def test_constructor(self):
with self.assertRaises(ValueError):
FQDN(None)
with self.assertRaises(ValueError):
FQDN(b'')
with self.assertRaises(ValueError):
FQDN(b'helloworld')
def validate_config():
# Ensure the selected repo name is usable
repo_name = '{{ cookiecutter.repo_name }}'
assert_msg = 'Repo name should be valid Python identifier!'
if hasattr(repo_name, 'isidentifier'):
assert repo_name.isidentifier(), assert_msg
else:
import re
identifier_re = re.compile(r"[a-zA-Z_][a-zA-Z0-9_]*$")
assert bool(identifier_re.match(repo_name)), assert_msg
valid_cms_key = ['yes', 'no']
if "{{ cookiecutter.include_cms }}" not in valid_cms_key:
print("Include CMS '{{ cookiecutter.include_cms }}' is not valid!")
print("Valid include CMS keys are: %s" % ', '.join(valid_cms_key))
sys.exit(1)
valid_celery_key = ['yes', 'no']
if "{{ cookiecutter.include_celery }}" not in valid_celery_key:
print("Include CMS '{{ cookiecutter.include_celery }}' is not valid!")
print("Valid include Celery keys are: %s" %
', '.join(valid_celery_key))
sys.exit(1)
if "{{ cookiecutter.python_version }}" not in ['3.4', '3.5', '3.6']:
print("Only allowed python version options are 3.4, 3.5 and 3.6.")
sys.exit(1)
if not FQDN("{{ cookiecutter.test_host }}").is_valid:
print("Test host is not a valid domain name")
sys.exit(1)
if not FQDN("{{ cookiecutter.live_host }}").is_valid:
print("Live host is not a valid domain name")
sys.exit(1)
if not FQDN(
"{{ cookiecutter.repo_name|as_hostname }}.{{ cookiecutter.test_host }}"
).is_valid:
print("Test hostname is not a valid domain name")
sys.exit(1)
live_hostname = "{{ cookiecutter.live_hostname }}"
if 'todo' not in live_hostname.lower():
if live_hostname != live_hostname.lower():
print("Live hostname should be lowercase")
sys.exit(1)
if not FQDN(live_hostname).is_valid:
print("Live hostname is not a valid domain name")
sys.exit(1)
def test_min_labels_valid_set_to_3(self):
assert not FQDN("label", min_labels=3).is_valid
assert not FQDN("label.babel", min_labels=3).is_valid
assert not FQDN(".babel", min_labels=3).is_valid
assert not FQDN("babel.", min_labels=3).is_valid
assert not FQDN(".babel.", min_labels=3).is_valid
assert not FQDN("label.babel.", min_labels=3).is_valid
assert not FQDN(".label.babel.", min_labels=3).is_valid
assert FQDN("fable.label.babel.", min_labels=3).is_valid
assert FQDN("fable.label.babel", min_labels=3).is_valid
def validate(cls, data, _type):
if not isinstance(data, (list, tuple)):
data = (data,)
reasons = []
for value in data:
try:
try:
int(value['preference'])
except KeyError:
int(value['priority'])
except KeyError:
reasons.append('missing preference')
except ValueError:
reasons.append(f'invalid preference "{value["preference"]}"')
exchange = None
try:
exchange = str(value.get('exchange', None) or value['value'])
if exchange != '.' and \
not FQDN(exchange, allow_underscores=True).is_valid:
reasons.append(f'Invalid MX exchange "{exchange}" is not '
'a valid FQDN.')
elif not exchange.endswith('.'):
reasons.append(f'MX value "{exchange}" missing trailing .')
except KeyError:
reasons.append('missing exchange')
return reasons
def valid_fqdn(fqdn):
""" syntax validator for fqdn """
fqdn = FQDN(fqdn)
if fqdn.is_valid:
return fqdn
else:
raise argparse.ArgumentError('%s is not a valid fqdn' % fqdn)
async def get(self):
global CONNECTION_POOL, GLOBAL_GUARD
self.set_header("Content-type", "text/plain")
hostname = self.get_argument("target")
if GLOBAL_GUARD.locked():
self.set_status(503, reason="Service Unavailable Service blocked")
self.write(
bytes(f"{hostname} GLOBAL_GUARD active Shutdown!".encode("utf8"))
)
return
if not FQDN(hostname).is_valid:
self.set_status(409, reason="FQDN is invalid!")
self.write(bytes(f"{hostname} is not a valid FQDN!".encode("utf8")))
return
if hostname:
if hostname not in CONNECTION_POOL.keys():
CONNECTION_POOL[hostname] = None
self.application.used_workers.inc()
try:
code, status, data = await self.get_device_information(
hostname=hostname
)
except Exception as e:
APP_LOGGER.info(f"{hostname} :: {e} {e.__traceback__}")
raise e
finally:
self.application.used_workers.dec()
self.set_status(code, reason=status)
self.write(data)
def validate(self, n, h, p, u, passw0rd="asdasd23", priv_key=""):
#connection name validation
if len(n) > 30: # and not n.isalnum():
self.usage(["add", "validation", "name"])
return False
#username validation
if len(u) > 30: # and not n.isalnum():
self.usage(["add", "validation", "user"])
return False
#hostname validation
try:
socket.inet_aton(h)
except:
if not FQDN(h).is_valid:
self.usage(["add", "validation", "host"])
return False
#port validation
try:
b = p.isdigit
if int(p) > 65500:
print(int(p), s.is_ready())
return False
except:
self.usage(["add", "validation", "port"])
return False
return True
def validate(cls, data, _type):
if not isinstance(data, (list, tuple)):
data = (data,)
reasons = []
for value in data:
# TODO: validate algorithm and fingerprint_type values
try:
int(value['priority'])
except KeyError:
reasons.append('missing priority')
except ValueError:
reasons.append(f'invalid priority "{value["priority"]}"')
try:
int(value['weight'])
except KeyError:
reasons.append('missing weight')
except ValueError:
reasons.append(f'invalid weight "{value["weight"]}"')
try:
int(value['port'])
except KeyError:
reasons.append('missing port')
except ValueError:
reasons.append(f'invalid port "{value["port"]}"')
try:
target = value['target']
if not target.endswith('.'):
reasons.append(f'SRV value "{target}" missing trailing .')
if target != '.' and \
not FQDN(str(target), allow_underscores=True).is_valid:
reasons.append(f'Invalid SRV target "{target}" is not '
'a valid FQDN.')
except KeyError:
reasons.append('missing target')
return reasons
def guess_type(value):
if not value or len(value) == 0:
return StixItemType.UNKNOWN, "unknown"
if re.match("^[a-f0-9]{64}$", value, flags=re.IGNORECASE):
return StixItemType.SHA256, "SHA256"
if re.match("^[a-f0-9]{40}$", value, flags=re.IGNORECASE):
return StixItemType.SHA1, "SHA1"
if re.match("^[a-f0-9]{32}$", value, flags=re.IGNORECASE):
return StixItemType.MD5, "MD5"
try:
socket.inet_aton(value)
return StixItemType.IPADDR, "IPv4"
except socket.error:
pass
if len(value) <= 255:
fqdn = FQDN(value)
if fqdn.is_valid:
return StixItemType.DOMAIN, "domain"
if validators.url(value):
return StixItemType.URL, "URL"
return StixItemType.UNKNOWN, "unknown"
def get_spacecrab_custom_fqdn():
custom_fqdn = {}
use_custom_domain = yesno(
'Would you like to use a custom FQDN for the SpaceCrab API ?', 'n')
if use_custom_domain:
print(
"NOTE: You need to configure your DNS CNAME record yourself after SpaceCrab deployment\n"
)
print(
"See https://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-custom-domains.html for more details\n\n"
)
domain = raw_input(
'Please enter a Fully Qualified Domain Name for your API gateway: '
)
fqdn = FQDN(domain)
if fqdn.is_valid:
a = yesno("\nWe'll use the domain \"%s\", is this ok?" % fqdn, 'y')
if a:
custom_fqdn['CustomFqdn'] = domain
else:
print("Domain name failed to validate, trying again \n")
return get_spacecrab_custom_fqdn()
print(
"NOTE: Your ACM ARN must already exist before SpaceCrab deployment otherwise CloudFormation WILL fail\n"
)
print(
"See https://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-custom-domains-prerequisites.html for more details\n\n"
)
acm_arn = raw_input('Please enter the ARN for your ACM certificate: ')
try:
client = boto3.client('acm')
response = client.describe_certificate(CertificateArn=acm_arn)
if response['Certificate']['Status'] == "ISSUED":
print(
"Validated certificate issued and available for domain %s"
% response['Certificate']['DomainName'])
else:
print(
"Validated certificate %s exists, but has issues. Status is %s Investigate in the ACM console."
% response['Certificate']['CertificateArn'],
response['Certificate']['Status'])
sys.exit(1)
custom_fqdn['CustomFqdnAcmArn'] = response['Certificate'][
'CertificateArn']
except Exception as e:
print(e)
print("Something broke, try again .. \n")
return get_spacecrab_custom_fqdn()
return custom_fqdn
else:
# Return an emptry string because CloudFormation type validation ...
custom_fqdn['CustomFqdn'] = ""
custom_fqdn['CustomFqdnAcmArn'] = ""
return custom_fqdn
def fqdn(hostname: str, domain: str, relative: bool = True) -> str:
""" Returns the FQDN of the passed-in hostname
"""
if domain not in hostname:
hostname = f"{hostname}.{domain}."
this_fqdn = FQDN(hostname)
if relative:
return this_fqdn.relative
return this_fqdn.absolute
def validate(cls, data, _type):
if not data:
return ['missing value(s)']
elif not isinstance(data, (list, tuple)):
data = (data,)
reasons = []
for value in data:
if not FQDN(str(value), allow_underscores=True).is_valid:
reasons.append(f'Invalid NS value "{value}" is not '
'a valid FQDN.')
elif not value.endswith('.'):
reasons.append(f'NS value "{value}" missing trailing .')
return reasons
def validate(cls, data, _type):
reasons = []
if data == '':
reasons.append('empty value')
elif not data:
reasons.append('missing value')
# NOTE: FQDN complains if the data it receives isn't a str, it doesn't
# allow unicode... This is likely specific to 2.7
elif not FQDN(str(data), allow_underscores=True).is_valid:
reasons.append(f'{_type} value "{data}" is not a valid FQDN')
elif not data.endswith('.'):
reasons.append(f'{_type} value "{data}" missing trailing .')
return reasons
def validate(cls, data, _type):
reasons = []
if data == '':
reasons.append('empty value')
elif not data:
reasons.append('missing value')
elif not FQDN(data, allow_underscores=True).is_valid:
reasons.append('{} value "{}" is not a valid FQDN'.format(
_type, data))
elif not data.endswith('.'):
reasons.append('{} value "{}" missing trailing .'.format(
_type, data))
return reasons
def test_min_labels_valid_set_to_1(self):
with pytest.raises(ValueError):
FQDN("", min_labels=1).is_valid
assert FQDN("label", min_labels=1).is_valid
assert not FQDN(".label", min_labels=1).is_valid
assert FQDN("label.babel", min_labels=1).is_valid
assert FQDN("label.babel.", min_labels=1).is_valid
assert not FQDN(".label.babel", min_labels=1).is_valid
def is_ip_or_domain(my_input):
is_ip = False
is_domain = False
try:
ipaddress.ip_address(my_input)
is_ip = True
except ValueError:
if FQDN(my_input).is_valid:
is_domain = True
except Exception:
print("something else")
if is_domain or is_ip:
return True
async def unlock(self, hostname):
global CONNECTION_POOL, APP_LOGGER
if FQDN(hostname).is_valid:
if (hostname in CONNECTION_POOL.keys()
and CONNECTION_POOL[hostname] is not None):
try:
CONNECTION_POOL[hostname].lock.acquire(True)
CONNECTION_POOL[hostname].disconnect()
finally:
CONNECTION_POOL[hostname].lock.release()
del CONNECTION_POOL[hostname]
APP_LOGGER.info(f"{hostname} :: Connection Object deleted")
return 200, "Deleted!", f"{hostname} got deleted!"
else:
return 404, "Element not Found", f"{hostname} is locked or not found."
else:
return 409, "FQDN is invalid!", f"{hostname} is not a valid FQDN!"
def connect(config_file):
"""
This constructs a connection to a given LDAP server.
The logic behind this is pretty straightforward- read the entries in the configuration file.
Assign host, port, credentials to appropriate values.
:param config_file: A deserialized JSON file
:return connection: Established connection to LDAP server.
"""
configbreak = 0
config_exception = Exception("Configuration data presented has more than one configuration present.")
for entry in config_file:
host = entry['host']
fqdn_test = FQDN(host)
if not fqdn_test.is_valid:
try:
ipaddress.ip_address(host)
except ValueError:
raise ValueError("Provided host is not a valid FQDN or IP Address. Please validate.")
try:
port = int(entry['port'])
except ValueError:
raise ValueError("Port specified is not an integer (0-65535). Please try again.")
username = entry['username']
password = entry['password']
if 'host' or 'port' or 'username' or 'password' in entry:
configbreak += 1
if configbreak > 1:
raise config_exception
server = ldap3.Server(host=host, port=port, get_info=ldap3.ALL)
try:
connection = ldap3.Connection(server, user=username, password=password, auto_bind=True)
except LDAPSocketOpenError:
raise LDAPSocketOpenError("Unable to make connection to server. Please check hostname and port and try again.")
return connection
def test_relative_fqdn_false(self):
assert FQDN('relative.com.').is_valid_relative is False
def test_relative_fqdn_true(self):
assert FQDN('relative.com').is_valid_relative is True
def test_to_absolute_fqdn__raises_ValueError(self):
with self.assertRaises(ValueError):
FQDN('trainwreckcom').absolute
def test_to_absolute_fqdn_from_absolute(self):
self.assertEqual(
FQDN('absolutetrainwreck.com.').absolute,
'absolutetrainwreck.com.')
def test_to_absolute_fqdn_from_relative(self):
self.assertEqual(FQDN('trainwreck.com').absolute, 'trainwreck.com.')
def test_absolute_fqdn__fail(self):
self.assertFalse(FQDN('trainwreck.com').is_valid_absolute)
def test_absolute_fqdn(self):
self.assertTrue(FQDN('trainwreck.com.').is_valid_absolute)
def __is_valid_fqdn_from_labels_sequence(self, fqdn_labels_sequence):
fqdn = '.'.join(fqdn_labels_sequence)
return FQDN(fqdn).is_valid
def test_str(self):
d = 'greatdomain.com'
assert d == str(FQDN(d))
d += '.'
assert d == str(FQDN(d))
def validate_fqdn(self, value):
fqdn = FQDN(value)
if not fqdn.is_valid:
raise ValidationError("Invalid FQDN format.")
