def __init__(self, bind_dn, bind_pw, batch_mods=False, sasl=False, ro=False): """Handler for bindings to CSH LDAP. Keyword arguments: batch_mods -- whether or not to batch LDAP writes (default False) sasl -- whether or not to bypass bind_dn and bind_pw and use SASL bind ro -- whether or not CSH LDAP is in read only mode (default False) """ if ro: print("########################################\n" "# #\n" "# CSH LDAP IS IN READ ONLY MODE #\n" "# #\n" "########################################") ldap_srvs = srvlookup.lookup("ldap", "tcp", self.__domain__) ldap_uris = "" for uri in ldap_srvs: ldap_uris += "ldaps://"+uri.hostname+"," self.__con__ = ReconnectLDAPObject(ldap_uris) # Allow connections with self-signed certs self.__con__.set_option(self.__con__.OPT_X_TLS_REQUIRE_CERT, self.__con__.OPT_X_TLS_ALLOW) if sasl: self.__con__.sasl_non_interactive_bind_s('') else: self.__con__.simple_bind_s(bind_dn, bind_pw) self.__mod_queue__ = {} self.__pending_mod_dn__ = [] self.__batch_mods__ = batch_mods self.__ro__ = ro
def passwd_reset(username, password): """ Use the password provided by the user to reset their account in FreeIPA and then "change" their password to the same thing. Keyword arguments: username -- Username of the user to reset password -- Desired password for the user """ # Create LDAP admin session to perform initial reset. dn = "uid={},cn=users,cn=accounts,dc=csh,dc=rit,dc=edu".format(username) # Find FreeIPA server ldap_srvs = srvlookup.lookup("ldap", "tcp", "csh.rit.edu") ldap_uri = ldap_srvs[0].hostname l = ldap.initialize("ldaps://{}".format(ldap_uri)) l.simple_bind_s(app.config["LDAP_BIND_DN"], app.config["LDAP_BIND_PW"]) l.modify_s(dn, [(ldap.MOD_REPLACE, "userPassword", [password.encode()])]) l.modify_s(dn, [(ldap.MOD_REPLACE, "nsaccountlock", ["false".encode()])]) # FreeIPA automatically expires the password set through the previous # method, so we need to use their password change API to get past that. requests.post( "https://{}/ipa/session/change_password".format(ldap_uri), data={ "user": username, "old_password": password, "new_password": password }, )
def lookup(s, skip_well_known=False): if s[-1] == "]": # ipv6 literal (with no port) return s, 8448 if ":" in s: out = s.rsplit(":", 1) try: port = int(out[1]) except ValueError: raise ValueError("Invalid host:port '%s'" % s) return out[0], port # try a .well-known lookup if not skip_well_known: well_known = MatrixConnectionAdapter.get_well_known(s) if well_known: return MatrixConnectionAdapter.lookup(well_known, skip_well_known=True) try: srv = srvlookup.lookup("matrix", "tcp", s)[0] return srv.host, srv.port except Exception: return s, 8448
def srv_lookup(domain): hosts = {} for name in NAMES: for thing in srvlookup.lookup(name, domain=domain): host_ip = get_ip(thing.host) if ldap_ping(host_ip): hosts[thing.host] = host_ip return hosts
def lookup(destination, path): if ":" in destination: return "https://%s%s" % (destination, path) else: try: srv = srvlookup.lookup("matrix", "tcp", destination)[0] return "https://%s:%d%s" % (srv.host, srv.port, path) except: return "https://%s:%d%s" % (destination, 8448, path)
def lookup(): res = srvlookup.lookup(sys.argv[1], sys.argv[2], sys.argv[3]) global ind # r = res[1 + ind % 4] # ind += 1 r = res[ind + 1] ind = (ind + 1) % 4 print "[Thread %s]: %s:%d" % ( threading.currentThread().name, r.host, r.port)
def connect(domain): try: records = srvlookup.lookup('etcd-server', domain=domain) except srvlookup.SRVQueryFailure as e: raise RuntimeError("Failed to find etcd-server SRV record") try: return etcd.Client(host=records[0].host, port=2379) except etcd.EtcdException as e: raise RuntimeError("Failed to connect to etcd: {}".format(e))
def get_hegel_authority(facility): try: srv = srvlookup.lookup("grpc", domain=f"hegel.{facility}.packet.net")[0] return f"{srv.hostname}:{srv.port}" except: authority = "hegel.packet.net:50060" if facility == "lab1": authority = "hegel-lab1.packet.net:50060" return authority
def test_should_return_a_list_of_records(self): with mock.patch('dns.resolver.query') as query: query_name = name.from_text('foo.bar.baz.') msg = self.get_message() answer = resolver.Answer(query_name, 33, 1, msg, msg.answer[0]) query.return_value = answer self.assertEqual(srvlookup.lookup('foo', 'bar', 'baz'), [ srvlookup.SRV('1.2.3.5', 11212, 1, 0), srvlookup.SRV('1.2.3.4', 11211, 2, 0) ])
def test_should_return_a_list_of_records(self): with mock.patch('dns.resolver.query') as query: query_name = name.from_text('foo.bar.baz.') msg = message.from_text(self.MESSAGE) answer = resolver.Answer(query_name, 33, 1, msg, msg.answer[0]) query.return_value = answer self.assertEqual(srvlookup.lookup('foo', 'bar', 'baz'), [srvlookup.SRV('1.2.3.5', 11211, 1, 0), srvlookup.SRV('1.2.3.4', 11211, 2, 0)])
def test_should_include_local_domain_when_omitted(self): with mock.patch('dns.resolver.query') as query: with mock.patch('socket.getfqdn') as getfqdn: getfqdn.return_value = 'baz' query_name = name.from_text('foo.bar.baz.') msg = self.get_message() answer = resolver.Answer(query_name, 33, 1, msg, msg.answer[0]) query.return_value = answer self.assertEqual(srvlookup.lookup('foo', 'bar'), [ srvlookup.SRV('1.2.3.5', 11212, 1, 0), srvlookup.SRV('1.2.3.4', 11211, 2, 0) ])
def test_should_return_name_when_addt_record_is_missing(self): with mock.patch('dns.resolver.query') as query: query_name = name.from_text('foo.bar.baz.') msg = self.get_message(additional_answers=[ 'foo.bar.baz. 0 IN SRV 3 0 11213 foo3.bar.baz.']) answer = resolver.Answer(query_name, 33, 1, msg, msg.answer[0]) query.return_value = answer self.assertEqual(srvlookup.lookup('foo', 'bar', 'baz'), [srvlookup.SRV('1.2.3.5', 11212, 1, 0), srvlookup.SRV('1.2.3.4', 11211, 2, 0), srvlookup.SRV('foo3.bar.baz', 11213, 3, 0)])
def test_should_return_name_when_addt_record_is_missing(self): with mock.patch('dns.resolver.query') as query: query_name = name.from_text('foo.bar.baz.') msg = self.get_message(additional_answers=[ 'foo.bar.baz. 0 IN SRV 3 0 11213 foo3.bar.baz.' ]) answer = resolver.Answer(query_name, 33, 1, msg, msg.answer[0]) query.return_value = answer self.assertEqual(srvlookup.lookup('foo', 'bar', 'baz'), [ srvlookup.SRV('1.2.3.5', 11212, 1, 0), srvlookup.SRV('1.2.3.4', 11211, 2, 0), srvlookup.SRV('foo3.bar.baz', 11213, 3, 0) ])
def __init__(self, config): domain = config.get('discovery-srv', None) if not domain: raise RuntimeError('No discovery domain specified') try: records = srvlookup.lookup('etcd-server', domain=domain) except srvlookup.SRVQueryFailure as e: raise ProviderError("Failed to find etcd-server SRV record") try: self.client = etcd.Client(host=records[0].host, port=2379) except etcd.EtcdException as e: raise ProviderError("Failed to connect to etcd: {}".format(e))
def test_should_include_local_domain_when_omitted(self): with mock.patch('dns.resolver.query') as query: with mock.patch('socket.getfqdn') as getfqdn: getfqdn.return_value = 'baz' query_name = name.from_text('foo.bar.baz.') msg = message.from_text(self.MESSAGE) answer = resolver.Answer(query_name, 33, 1, msg, msg.answer[0]) query.return_value = answer self.assertEqual(srvlookup.lookup('foo', 'bar'), [srvlookup.SRV('1.2.3.5', 11211, 1, 0), srvlookup.SRV('1.2.3.4', 11211, 2, 0)])
def test_should_sort_records_by_priority_weight_and_host(self): with mock.patch('dns.resolver.query') as query: query_name = name.from_text('foo.bar.baz.') msg = self.get_message(additional_answers=[ 'foo.bar.baz. 0 IN SRV 0 0 11213 foo3.bar.baz.' ]) answer = resolver.Answer(query_name, 33, 1, msg, msg.answer[0]) query.return_value = answer self.assertEqual(srvlookup.lookup('foo', 'bar'), [ srvlookup.SRV('foo3.bar.baz', 11213, 0, 0), srvlookup.SRV('1.2.3.5', 11212, 1, 0), srvlookup.SRV('1.2.3.4', 11211, 2, 0) ])
def dns_discovered(self): if isinstance(self._dns_discovery, str): _domain = self._dns_discovery elif self._dns_discovery: _domain = socket.getfqdn() else: raise FreeIPAError('neither host specified, not dns_discovery enabled') while True: try: return srvlookup.lookup('ldap', 'tcp', _domain) except srvlookup.SRVQueryFailure: try: _domain = _domain.split('.', 1)[1] except IndexError: raise FreeIPAError('could not find any IPA Server using DNS lookup')
def _refresh_addr(self): """ Gets current list of SRV records from DNS server and use the first one. TODO: Check if we can assume that server returns records in random order. """ try: srvs = srvlookup.lookup(self._service, self._protocol, self._domain) except srvlookup.SRVQueryFailure: logger.debug('SRV query failed') return assert len(srvs) > 0 srv = srvs[0] self._addr = (srv.host, srv.port) self._last_refresh_at = datetime.now()
def lookup(s): if s[-1] == ']': # ipv6 literal (with no port) return s, 8448 if ":" in s: out = s.rsplit(":",1) try: port = int(out[1]) except ValueError: raise ValueError("Invalid host:port '%s'" % s) return out[0], port try: srv = srvlookup.lookup("matrix", "tcp", s)[0] return srv.host, srv.port except: return s, 8448
def __init__(self, *args, **kwargs): self.protocol = kwargs.pop('protocol', 'http') self.server = kwargs.pop('server', "inventory") self.api = kwargs.pop('api', '/api/v1') self.domain = kwargs.pop('domain', 'local') self.useragent = kwargs.pop('useragent', 'AnsibleInventory/0.0.1 (ansible 2.2.1.0)') try: servers = srvlookup.lookup( name='ansibleinventory', protocol='http', domain=self.domain) server = servers[randrange(0, len(servers), 1)] self.node = "{}:{}".format(server.name, server.port) except srvlookup.SRVQueryFailure as error: sys.stderr.write("Error: {}\n".format(error)) super(CmdbapiDriver, self).__init__(*args, **kwargs) node = {} try: results = self.devices() for host in results: node[host.node_name] = dict( hosts=[ip_address for ip_address in host.ip_addresses], vars=dict( ansible_python_interpreter="/usr/bin/python2", ansible_ssh_user="******".format("admin"))) self.add_inventory(node) except RequestException as error: sys.stderr.write(error.message) print(self._render())
def __init__(self, *args, **kwargs): self.protocol = kwargs.pop('protocol', 'http') self.server = kwargs.pop('server', "inventory") self.api = kwargs.pop('api', '/api/v1') self.domain = kwargs.pop('domain', 'local') self.useragent = kwargs.pop( 'useragent', 'AnsibleInventory/0.0.1 (ansible 2.2.1.0)') try: servers = srvlookup.lookup(name='ansibleinventory', protocol='http', domain=self.domain) server = servers[randrange(0, len(servers), 1)] self.node = "{}:{}".format(server.name, server.port) except srvlookup.SRVQueryFailure as error: sys.stderr.write("Error: {}\n".format(error)) super(CmdbapiDriver, self).__init__(*args, **kwargs) node = {} try: results = self.devices() for host in results: node[host.node_name] = dict( hosts=[ip_address for ip_address in host.ip_addresses], vars=dict(ansible_python_interpreter="/usr/bin/python2", ansible_ssh_user="******".format("admin"))) self.add_inventory(node) except RequestException as error: sys.stderr.write(error.message) print(self._render())
def passwd_change(username, old_pw, new_pw): """ Change a user's password when the previous one is know. Keyword arguments: username -- Username of the user to alter old_pw -- Current password for the account new_pw -- Desired new password. """ # Find FreeIPA server ldap_srvs = srvlookup.lookup("ldap", "tcp", "csh.rit.edu") ldap_uri = ldap_srvs[0].hostname change = requests.post( "https://{}/ipa/session/change_password".format(ldap_uri), data={ "user": username, "old_password": old_pw, "new_password": new_pw }, ) if change.headers.get("X-IPA-Pwchange-Result") == "invalid-password": raise PasswordChangeFailed
def wrapper(*method_args, **method_kwargs): """ Wrapper for method, calls method and returns the result if successful, otherwise tries reconnecting. :param method_args: method's arguments :param method_kwargs: method's keyword arguments :return: result of method call """ max_reconnects = MAX_RECONNECTS is_cshldap = lambda arg: any( filter(lambda t: t.__name__ == 'CSHLDAP', type(arg).__mro__)) ldap_obj = next(filter(is_cshldap, method_args)) \ if any(filter(is_cshldap, method_args)) \ else method_args[0].__lib__ while max_reconnects: try: result = method(*method_args, **method_kwargs) return result except (ldap.SERVER_DOWN, ldap.TIMEOUT): ldap_srvs = srvlookup.lookup("ldap", "tcp", ldap_obj.__domain__) ldap_obj.ldap_uris = [ 'ldaps://' + uri.hostname for uri in ldap_srvs ] for uri in ldap_obj.ldap_uris: try: ldap_obj.__con__.reconnect(uri) ldap_obj.server_uri = uri result = method(*method_args, **method_kwargs) return result except (ldap.SERVER_DOWN, ldap.TIMEOUT): continue max_reconnects -= 1 if max_reconnects == 0: raise
def print_srv(domain): output = [] for srv in lookup_records: with suppress(Exception): try: res = srvlookup.lookup( name=srv[0], protocol=srv[1], domain=domain) except Exception as e: pass if res: for r in res: recdict = { 'record': '_{0}._{1}.{2}'.format(srv[0], srv[1], domain), 'priority': r.priority, 'weight': r.weight, 'port': r.port, 'hostname': r.hostname } output.append(recdict) res = None return print(tabulate(output, headers='keys', tablefmt="pipe"))
def resolve_srv(hostname): """Get delegated hostname and port from DNS SRV record Try and look up the DNS SRV record for a hostname, then if this exists return the delegated hostname, port and srv, or return an empty string if no well known server file exists. Args: hostname: A hostname as found in the Matrix ID. Returns: Delegated hostname and port in the format sub.domain.tld:port:srv Or an empty string if no luck. """ # Turn off annoying logging to terminal from srv lookup logger = logging.getLogger('srvlookup').setLevel(logging.CRITICAL) logger = logger # Try and look up SRV record try: srv = srvlookup.lookup('matrix', 'TCP', hostname) # SRV lookup fail (except no record found) except (srvlookup.SRVQueryFailure, UnicodeError, dns.name.LabelTooLong): return(None) # SRV lookup returns something else: # Successful SRV lookup if 'Error querying SRV' not in srv[0]: delegated_hostname = srv[0].hostname delegated_port = srv[0].port return(f'{delegated_hostname}:{delegated_port}:srv') # Error quering else: return(None)
def __init__(self, bind_dn, bind_pw, batch_mods=False, sasl=False, ro=False): """Handler for bindings to CSH LDAP. Keyword arguments: batch_mods -- whether or not to batch LDAP writes (default False) sasl -- whether or not to bypass bind_dn and bind_pw and use SASL bind ro -- whether or not CSH LDAP is in read only mode (default False) """ if ro: print("########################################\n" "# #\n" "# CSH LDAP IS IN READ ONLY MODE #\n" "# #\n" "########################################") ldap_srvs = srvlookup.lookup("ldap", "tcp", self.__domain__) self.ldap_uris = ['ldaps://' + uri.hostname for uri in ldap_srvs] self.server_uri = None self.__con__ = None for uri in self.ldap_uris: try: self.__con__ = ReconnectLDAPObject(uri) self.server_uri = uri except (ldap.SERVER_DOWN, ldap.TIMEOUT): continue if self.__con__ is None: raise ldap.SERVER_DOWN if sasl: self.__con__.sasl_non_interactive_bind_s('') else: self.__con__.simple_bind_s(bind_dn, bind_pw) self.__mod_queue__ = {} self.__pending_mod_dn__ = [] self.__batch_mods__ = batch_mods self.__ro__ = ro
def lookup_backends(name): try: return srvlookup.lookup(name, 'tcp', 'marathon.mesos') except e: print >> sys.stderr, e return []
def get_client(domain='manager.luk.ai'): records = srvlookup.lookup('grpclb', domain=domain) server = random.choice(records) addr = '{}:{}'.format(server.hostname, server.port) channel = grpc.secure_channel(addr, grpc.ssl_channel_credentials()) return manager_pb2_grpc.ManagerStub(channel)
help='The value of max_blank of the on_blank function in seconds', ) parser.add_argument( '--threshold', default=-40.0, type=float, help='The value of threshold of the on_blank function in decibels', ) args = parser.parse_args() print(args) import srvlookup rr = srvlookup.lookup('pushgateway', domain='consul') if len(rr) == 0: raise RuntimeError('no pushgateway found') rr = rr[0] addr = '%s:%s' % (rr.host, rr.port) from prometheus_client import Gauge, CollectorRegistry, push_to_gateway registry = CollectorRegistry() g = Gauge('silent_check_stream_noise', 'Result of liquidsoap stream blank detection', ['source', 'min_noise', 'max_blank', 'threshold'],
def lookup(service): record = srvlookup.lookup(service, domain=domain)[0] return (record.host, record.port)
def lookup_backends(): return srvlookup.lookup('example_dcos_backend_user', 'tcp', 'marathon.mesos')
import srvlookup myapp_locations = srvlookup.lookup('myapp', 'tcp', 'marathon.mesos') print "locations for myapp running on marathon:" for location in myapp_locations: print "%s:%s" % (location.host, location.port)
import asyncio import os import weakref import aiohttp import aioredis import srvlookup from aiohttp import web, ClientSession REDIS_HOST = os.environ['REDIS_HOST'] try: results = srvlookup.lookup('http', 'tcp', 'django') DJANGO_HOST = results[0].host DJANGO_PORT = results[0].port except srvlookup.SRVQueryFailure: DJANGO_HOST = os.environ['DJANGO_HOST'] DJANGO_PORT = os.environ['DJANGO_PORT'] routes = web.RouteTableDef() @routes.get('/ws') async def websocket_handler(request): ws = web.WebSocketResponse() await ws.prepare(request) session = ClientSession() request.app['websockets'].add(ws) try: async for msg in ws: if msg.type == aiohttp.WSMsgType.TEXT:
import socket,subprocess,os,pyasn1,ldap,srvlookup,sys from struct import * from pyasn1.type import univ, tag from pyasn1.codec.der.encoder import encode from pyasn1.codec.der.decoder import decode #Force Suppress errors to DevNull class DevNull: def write(self, msg): pass #sys.stderr = DevNull() domaininput=sys.argv[1] srvrecord=srvlookup.lookup("ldap",protocol="tcp",domain=domaininput) print(srvrecord) for srec in range(0, len(srvrecord)): testdc=srvrecord[srec].hostname testport=srvrecord[srec].port testip=srvrecord[srec].host ntver = "%c%c%c%c" % (6,0,0,0) cldap=ldap.LDAPMessage() cldap['messageID'] = 0 search=ldap.SearchRequest() search['baseObject'] = "" search['scope'] = 0 search['derefAliases'] = 0 search['sizeLimit'] = 0 search['timeLimit'] = 0
recaptcha = ReCaptcha() recaptcha.init_app(app) # OIDC Initialization OIDC_PROVIDER = "csh" client_info = ClientMetadata(**app.config["OIDC_CLIENT_CONFIG"]) provider = ProviderConfiguration(issuer=app.config["OIDC_ISSUER"], client_metadata=client_info) auth = OIDCAuthentication(app=app, provider_configurations={OIDC_PROVIDER: provider}) # Connect to LDAP ldap = CSHLDAP(app.config["LDAP_BIND_DN"], app.config["LDAP_BIND_PW"]) # Find FreeIPA server ldap_srvs = srvlookup.lookup("ldap", "tcp", "csh.rit.edu") ldap_uri = ldap_srvs[0].hostname # FreeIPA API Connection ipa = Client(ldap_uri, version="2.215") # Configure rate limiting if not app.config["DEBUG"]: limiter = Limiter(app, key_func=get_remote_address, default_limits=["50 per day", "10 per hour"]) # Initialize QR Code Generator qr = QRcode(app) # Import blueprints
def find_etcd_server(domain): assert domain, '--discovery-srv flag needs to be set' records = srvlookup.lookup('etcd-server', domain=domain) return etcd.Client(host=records[0].host, port=2379)
from kafka import SimpleProducer, KafkaClient import srvlookup # Kafka may not always run on the same port, so we need to perform # an SRV record lookup in order to find it. kafka_location = srvlookup.lookup('broker-0', 'tcp', 'kafka.mesos')[0] kafka = KafkaClient("%s:%s" % (kafka_location.host, kafka_location.port)) # Real-world Kafka workloads will gain an order of magnitude++ # more throughput when using async mode. The trade-off is your # requests may have higher latency (the cli will instantly return # however.) This is the classic throughput-latency trade-off at play. producer = SimpleProducer(kafka, async=True) producer.send_messages(b'my-topic', b'some message')
import srvlookup import dns.resolver import argparse if __name__ == "__main__": parser = argparse.ArgumentParser() parser.add_argument("--host") parser.add_argument("--full", default=False, action="store_true") parser.add_argument("--txt", default=False, action="store_true") args = parser.parse_args() if args.host: services = srvlookup.lookup("mongodb", domain=args.host) for i in services: if args.full: print(i) else: print("%s:%i" % (i.hostname, i.port)) if args.txt: for txtrecord in dns.resolver.query(args.host, 'TXT'): print("%s=%s" % (args.host, txtrecord)) else: print("No host specified")
def __init__(self, bind_dn, bind_pw): uris = ''.join(['ldaps://' + srv.hostname + "," for srv in srvlookup.lookup('ldap', 'tcp', 'csh.rit.edu')]) self._ldap = ldap.ldapobject.ReconnectLDAPObject(uris) self._ldap.simple_bind_s(bind_dn, bind_pw)