def load(self):
# This is the function which is called for every request. If file is not
# found in cache, then a file lock is created for that and a None is
# returned.
"""
self.file_lock = FileLock(self.file_path)
self.file_lock.acquire()
"""
try:
dummy = self.file_path
except Exception:
self.calculate_hash()
finally:
if os.path.isfile(self.file_path):
return (self.create_response_object())
else:
self.file_lock = FileLock(self.file_path)
self.file_lock.acquire()
# For handling race conditions
if os.path.isfile(self.file_path):
self.file_lock.release()
return (self.create_response_object())
else:
return None
def atomic_write_to_file(dirname, file, data):
filename = dirname + "/" + file
try:
with FileLock(filename):
fd = open(filename, 'w+')
fd.write(data)
fd.close()
return 1
except KeyboardInterrupt:
raise KeyboardInterrupt
except:
return 0
def atomic_read_from_file(requests_dir, partial_filename, skip_if_locked=True):
if skip_if_locked:
delay = 0.30
else:
delay = 30
try:
filename = requests_dir + "/" + partial_filename
data = ""
while not os.path.exists(filename):
#AppendToFile("file1", "file is not there "+filename+"\n")
time.sleep(0.025)
with FileLock(filename, timeout=delay):
fd = open(filename, 'r')
data = fd.read()
fd.close()
return data
except KeyboardInterrupt:
raise KeyboardInterrupt
except:
return ""
def gen_signed_cert(domain, ca_crt, ca_key, ca_pass, certs_folder):
"""
This function takes a domain name as a parameter and then creates a certificate and key with the
domain name(replacing dots by underscores), finally signing the certificate using specified CA and
returns the path of key and cert files. If you are yet to generate a CA then check the top comments
"""
key_path = os.path.join(certs_folder,
re.sub('[^-0-9a-zA-Z_]', '_', domain) + ".key")
cert_path = os.path.join(certs_folder,
re.sub('[^-0-9a-zA-Z_]', '_', domain) + ".crt")
# The first conditions checks if file exists, and does nothing if true
# If file doenst exist lock is obtained for writing (Other processes in race must wait)
# After obtaining lock another check to handle race conditions gracefully
if os.path.exists(key_path) and os.path.exists(cert_path):
pass
else:
with FileLock(cert_path, timeout=2):
# Check happens if the certificate and key pair already exists for a domain
if os.path.exists(key_path) and os.path.exists(cert_path):
pass
else:
# Serial Generation - Serial number must be unique for each certificate,
# so serial is generated based on domain name
md5_hash = hashlib.md5()
md5_hash.update(domain)
serial = int(md5_hash.hexdigest(), 36)
# The CA stuff is loaded from the same folder as this script
ca_cert = crypto.load_certificate(crypto.FILETYPE_PEM,
open(ca_crt).read())
# The last parameter is the password for your CA key file
ca_key = crypto.load_privatekey(crypto.FILETYPE_PEM,
open(ca_key).read(), ca_pass)
key = crypto.PKey()
key.generate_key(crypto.TYPE_RSA, 2048)
cert = crypto.X509()
cert.get_subject().C = "IN"
cert.get_subject().ST = "AP"
cert.get_subject().L = "127.0.0.1"
cert.get_subject().O = "OWTF"
cert.get_subject().OU = "Inbound-Proxy"
cert.get_subject().CN = domain
cert.gmtime_adj_notBefore(0)
cert.gmtime_adj_notAfter(365 * 24 * 60 * 60)
cert.set_serial_number(serial)
cert.set_issuer(ca_cert.get_subject())
cert.set_pubkey(key)
cert.sign(ca_key, "sha1")
# The key and cert files are dumped and their paths are returned
domain_key = open(key_path, "w")
domain_key.write(
crypto.dump_privatekey(crypto.FILETYPE_PEM, key))
domain_cert = open(cert_path, "w")
domain_cert.write(
crypto.dump_certificate(crypto.FILETYPE_PEM, cert))
# print(("[*] Generated signed certificate for %s" % (domain)))
return key_path, cert_path
