def ignoreJavaSSL():
"""
Creates a dummy socket factory that doesn't verify connections.
HttpsURLConnection.setDefaultSSLSocketFactory(...)
This code was taken from multiple sources.
Only makes since in jython (java). otherwise, just use verify=False!
"""
import sys
if not 'java' in sys.platform:
raise RuntimeError('only use if platform (sys.platform) is java!')
else:
#===================================================================
# set default SSL socket to ignore verification
#===================================================================
import javax.net.ssl.X509TrustManager as X509TrustManager # @UnresolvedImport
class MyTrustManager(X509TrustManager):
def getAcceptedIssuers(self,*args,**keys):
return None
def checkServerTrusted(self,*args,**keys):
pass
def checkClientTrusted(self,*args,**keys):
pass
import com.sun.net.ssl.internal.ssl.Provider # @UnresolvedImport
from java.security import Security # @UnresolvedImport
Security.addProvider(com.sun.net.ssl.internal.ssl.Provider())
trustAllCerts = [MyTrustManager()]
import javax.net.ssl.SSLContext as SSLContext # @UnresolvedImport
sc = SSLContext.getInstance("SSL");
import java.security.SecureRandom as SecureRandom # @UnresolvedImport
sc.init(None, trustAllCerts,SecureRandom())
import javax.net.ssl.HttpsURLConnection as HttpsURLConnection # @UnresolvedImport
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory())
#===================================================================
# Do a test!
#===================================================================
'''
# setup proxy
import java.net.Proxy as Proxy
import java.net.InetSocketAddress as InetSocketAddress
p = Proxy(Proxy.Type.HTTP,InetSocketAddress("host",port))
import java.net.URL as URL
u = URL("https://www.google.com/")
conn = u.openConnection(p)
print 'server response: %r',conn.getResponseCode()
'''
#===================================================================
# ignore requests's error logging - this is for dev
#===================================================================
try:
import requests.packages.urllib3 as urllib3
urllib3.disable_warnings()
except: pass
return 'SSL verification in Java is disabled!'
def _initializeMXPI(serverName, serverPort, protocol,
MxpiMain5_1SoapBindingStubClass,
VerifyAllHostnameVerifierClass):
serverPortName = 'MxpiMain5_1'
namespaceURI = "urn:client.v5_1.soap.mx.hp.com"
serviceName = "MxpiMainService"
wsdlURL = "%s://%s:%s/mxsoap/services/%s?wsdl" % (protocol, serverName,
serverPort,
serverPortName)
# Set trust manager
if protocol == 'https':
verifyAllHostnameVerifier = VerifyAllHostnameVerifierClass()
sslContext = SSLContextManager.getAutoAcceptSSLContext()
HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory())
HttpsURLConnection.setDefaultHostnameVerifier(verifyAllHostnameVerifier)
## Set trust all SSL Socket to accept all certificates
System.setProperty("ssl.SocketFactory.provider",
"TrustAllSSLSocketFactory")
Security.setProperty("ssl.SocketFactory.provider",
"TrustAllSSLSocketFactory")
# Try and initialize connection
simBindingStub = MxpiMain5_1SoapBindingStubClass()
simServiceFactory = ServiceFactory.newInstance()
simService = simServiceFactory.createService(URL(wsdlURL),
QName(namespaceURI,
serviceName))
theMxpiMain = simService.getPort(QName(namespaceURI, serverPortName),
simBindingStub.getClass())
return theMxpiMain
def testPage(self, page):
class MyTrustManager(X509TrustManager):
def getAcceptedIssuers(self):
return None
def checkClientTrusted(self, certs, auth):
pass
def checkServerTrusted(self, certs, auth):
pass
trustAllCerts = [MyTrustManager()]
sc = SSLContext.getInstance("SSL")
sc.init(None, trustAllCerts, SecureRandom())
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory())
class MyHostnameVerifier(HostnameVerifier):
def verify(self, host, sess):
return True
HttpsURLConnection.setDefaultHostnameVerifier(MyHostnameVerifier())
try:
httpsURL = 'https://%s:%s/%s' % (self._host, self._port, page)
url = URL(httpsURL)
conn = url.openConnection()
conn.setConnectTimeout(5000)
conn.setRequestProperty("Accept-encoding", 'gzip,deflate,compress')
conn.setRequestProperty(
"User-agent",
'https://google.com/' if 'google' not in self._host else
'https://yandex.ru/') # Use foreign referer
#ist = conn.getInputStream()
#isr = InputStreamReader(ist)
#br = BufferedReader(isr)
print("[BREACH] Received response: %d" % conn.getResponseCode())
if conn.getContentEncoding() != None:
print("[BREACH] Received Content-encoding: %s" %
(conn.getContentEncoding()))
return True
except:
print("[BREACH] Socket timeout or an error occurred")
return False
