def setUp(self): dbfile = self.mktemp() self.db = checkers.FilePasswordDB(dbfile, hash=self.hash) f = file(dbfile, 'w') for (u, p) in self.users: f.write('%s:%s\n' % (u, crypt(p, u[:2]))) f.close() r = TestRealm() self.port = portal.Portal(r) self.port.registerChecker(self.db)
def setUp(self): dbfile = self.mktemp() self.db = checkers.FilePasswordDB(dbfile, hash=self.hash) with open(dbfile, 'wb') as f: for (u, p) in self.users: f.write(u + b":" + self.hash(u, p, u[:2]) + b"\n") r = TestRealm() self.port = portal.Portal(r) self.port.registerChecker(self.db)
def testCaseInSensitivity(self): dbfile = self.mktemp() db = checkers.FilePasswordDB(dbfile, caseSensitive=0) f = file(dbfile, 'w') for (u, p) in self.users: f.write('%s:%s\n' % (u, p)) f.close() for (u, p) in self.users: self.assertEquals(db.getUser(u.upper()), (u, p))
def opt_password_file(self, filename): """ Specify a file containing username:password login info for authenticated connections. (DEPRECATED; see --help-auth instead) """ self["password-file"] = filename msg = deprecate.getDeprecationWarningString( self.opt_password_file, versions.Version("Twisted", 11, 1, 0)) warnings.warn(msg, category=DeprecationWarning, stacklevel=2) self.addChecker(checkers.FilePasswordDB(filename, cache=True))
def makeService(options): """Create a manhole server service. @type options: C{dict} @param options: A mapping describing the configuration of the desired service. Recognized key/value pairs are:: "telnetPort": strports description of the address on which to listen for telnet connections. If None, no telnet service will be started. "sshPort": strports description of the address on which to listen for ssh connections. If None, no ssh service will be started. "namespace": dictionary containing desired initial locals for manhole connections. If None, an empty dictionary will be used. "passwd": Name of a passwd(5)-format username/password file. @rtype: L{twisted.application.service.IService} @return: A manhole service. """ svc = service.MultiService() namespace = options['namespace'] if namespace is None: namespace = {} checker = checkers.FilePasswordDB(options['passwd']) if options['telnetPort']: telnetRealm = _StupidRealm(telnet.TelnetBootstrapProtocol, insults.ServerProtocol, manhole.ColoredManhole, namespace) telnetPortal = portal.Portal(telnetRealm, [checker]) telnetFactory = protocol.ServerFactory() telnetFactory.protocol = makeTelnetProtocol(telnetPortal) telnetService = strports.service(options['telnetPort'], telnetFactory) telnetService.setServiceParent(svc) if options['sshPort']: sshRealm = manhole_ssh.TerminalRealm() sshRealm.chainedProtocolFactory = chainedProtocolFactory(namespace) sshPortal = portal.Portal(sshRealm, [checker]) sshFactory = manhole_ssh.ConchFactory(sshPortal) sshService = strports.service(options['sshPort'], sshFactory) sshService.setServiceParent(svc) return svc
def testUserLookup(self): dbfile = self.mktemp() db = checkers.FilePasswordDB(dbfile) f = file(dbfile, 'w') for (u, p) in self.users: f.write('%s:%s\n' % (u, p)) f.close() for (u, p) in self.users: self.failUnlessRaises(KeyError, db.getUser, u.upper()) self.assertEqual(db.getUser(u), (u, p))
def testRequestAvatarId_hashed(self): self.db = checkers.FilePasswordDB(self.dbfile) UsernameHashedPassword = self.getDeprecatedModuleAttribute( "twisted.cred.credentials", "UsernameHashedPassword", _uhpVersion ) creds = [UsernameHashedPassword(u, p) for u, p in self.users] d = defer.gatherResults( [defer.maybeDeferred(self.db.requestAvatarId, c) for c in creds] ) d.addCallback(self.assertEqual, [u for u, p in self.users]) return d
def testRequestAvatarId(self): dbfile = self.mktemp() db = checkers.FilePasswordDB(dbfile, caseSensitive=0) f = file(dbfile, 'w') for (u, p) in self.users: f.write('%s:%s\n' % (u, p)) f.close() creds = [credentials.UsernamePassword(u, p) for u, p in self.users] d = defer.gatherResults( [defer.maybeDeferred(db.requestAvatarId, c) for c in creds]) d.addCallback(self.assertEqual, [u for u, p in self.users]) return d
def main(): readIniFile() LOGGING['handlers']['file']['filename'] = logpath + '/mpexagent.log' logging.config.dictConfig(LOGGING) observer = twlog.PythonLoggingObserver() observer.start() args = parse_args() try: if args.mpex_url: mpexagent = MPExAgent(replaycheck=True, mpexurl=args.mpex_url) else: mpexagent = MPExAgent(replaycheck=True) mpexagent.passphrase = getpass("Enter your GPG passphrase: ") root = JSON_RPC().customize(RPCServer) root.eventhandler.agent = mpexagent if (mode != 'noweb'): webroot = static.File(webpath) webroot.putChild('jsonrpc', root) root = webroot if (auth != 'noauth'): if (auth == 'md5'): hashfunc = hashmd5 if (auth == 'sha1'): hashfunc = hashsha1 if (auth == 'plain'): hashfunc = hashplain realm = HttpPasswordRealm(root) p = portal.Portal(realm, [ checkers.FilePasswordDB(passpath, delim=":", hash=hashfunc) ]) credentialFactory = BasicCredentialFactory("MpexAgent") protected_resource = HTTPAuthSessionWrapper( p, [credentialFactory]) root = protected_resource site = server.Site(root) bindaddr = '*:' if args.listen_addr == '' else args.listen_addr + ':' log.info('Listening on %s%d...', bindaddr, args.port) if (mode != 'https'): reactor.listenTCP(args.port, site, interface=args.listen_addr) else: reactor.listenSSL( args.port, site, ssl.DefaultOpenSSLContextFactory(keypath, certpath)) reactor.run() except KeyboardInterrupt: print '^C received, shutting down server' server.socket.close()
def getCheckers(self): diskHash = self.diskHash or (lambda x: x) hashCheck = self.diskHash and ( lambda username, password, stored: self.diskHash(password)) for cache in True, False: fn = self.mktemp() fObj = open(fn, 'wb') for u, p in self._validCredentials: fObj.write(u + b":" + diskHash(p) + b"\n") fObj.close() yield checkers.FilePasswordDB(fn, cache=cache, hash=hashCheck) fn = self.mktemp() fObj = open(fn, 'wb') for u, p in self._validCredentials: fObj.write(diskHash(p) + b' dingle dongle ' + u + b'\n') fObj.close() yield checkers.FilePasswordDB(fn, b' ', 3, 0, cache=cache, hash=hashCheck) fn = self.mktemp() fObj = open(fn, 'wb') for u, p in self._validCredentials: fObj.write(b'zip,zap,' + u.title() + b',zup,'\ + diskHash(p) + b'\n',) fObj.close() yield checkers.FilePasswordDB(fn, b',', 2, 4, False, cache=cache, hash=hashCheck)
def getCheckers(self): diskHash = self.diskHash or (lambda x: x) hashCheck = self.diskHash and ( lambda username, password, stored: self.diskHash(password)) for cache in True, False: fn = self.mktemp() fObj = file(fn, 'w') for u, p in self._validCredentials: fObj.write('%s:%s\n' % (u, diskHash(p))) fObj.close() yield checkers.FilePasswordDB(fn, cache=cache, hash=hashCheck) fn = self.mktemp() fObj = file(fn, 'w') for u, p in self._validCredentials: fObj.write('%s dingle dongle %s\n' % (diskHash(p), u)) fObj.close() yield checkers.FilePasswordDB(fn, ' ', 3, 0, cache=cache, hash=hashCheck) fn = self.mktemp() fObj = file(fn, 'w') for u, p in self._validCredentials: fObj.write('zip,zap,%s,zup,%s\n' % (u.title(), diskHash(p))) fObj.close() yield checkers.FilePasswordDB(fn, ',', 2, 4, False, cache=cache, hash=hashCheck)
def getCheckers(self): diskHash = self.diskHash or (lambda x: x) hashCheck = self.diskHash and ( lambda username, password, stored: self.diskHash(password)) for cache in True, False: fn = self.mktemp() with open(fn, "wb") as fObj: for u, p in self._validCredentials: fObj.write(u + b":" + diskHash(p) + b"\n") yield checkers.FilePasswordDB(fn, cache=cache, hash=hashCheck) fn = self.mktemp() with open(fn, "wb") as fObj: for u, p in self._validCredentials: fObj.write(diskHash(p) + b" dingle dongle " + u + b"\n") yield checkers.FilePasswordDB(fn, b" ", 3, 0, cache=cache, hash=hashCheck) fn = self.mktemp() with open(fn, "wb") as fObj: for u, p in self._validCredentials: fObj.write( b"zip,zap," + u.title() + b",zup," + diskHash(p) + b"\n", ) yield checkers.FilePasswordDB(fn, b",", 2, 4, False, cache=cache, hash=hashCheck)
def createShellServer(namespace): """ Creates an interactive shell interface to send and receive output while the program is running. Connection's instance yukari is named y. e.g. dir(y), will list all of yukari's names""" # These are taken from manhole_tap module checker = checkers.FilePasswordDB('telnet.pw') telnetRealm = manhole_tap._StupidRealm(telnet.TelnetBootstrapProtocol, insults.ServerProtocol, manhole.ColoredManhole, {"y": namespace}) telnetPortal = portal.Portal(telnetRealm, [checker]) telnetFactory = protocol.ServerFactory() telnetFactory.protocol = manhole_tap.makeTelnetProtocol(telnetPortal) clog.info('Creating shell server instance...', sys) port = reactor.listenTCP(int(config['telnet']['port']), telnetFactory) return port
def loadChecker(self): """ Load the password file @return: an object satisfying the ICredentialsChecker interface using a password file or an empty list if the file is not available. Uses the file specified in the --passwd command line option. """ try: checker = checkers.FilePasswordDB(self.options.passwordfile) # grab credentials for the workers to login u, p = checker._loadCredentials().next() self.workerUsername, self.workerPassword = u, p return checker except Exception: self.log.exception("Unable to load %s", self.options.passwordfile) return []
def _getAuthSessionWrapper(self, inv, msg): if self._useArclinkAccess: access = self._access else: access = None if self._authEnabled: # auth extension realm = FDSNDataSelectAuthRealm(inv, access, self._userdb) checker = UsernamePasswordChecker(self._userdb) else: # htpasswd realm = FDSNDataSelectRealm(inv, access) checker = checkers.FilePasswordDB(self._htpasswd) p = portal.Portal(realm, [checker]) f = guard.DigestCredentialFactory('MD5', msg) f.digest = BugfixedDigest('MD5', msg) return HTTPAuthSessionWrapper(p, [f])
def makeService(config): f = ftp.FTPFactory() r = ftp.FTPRealm(config['root']) p = portal.Portal(r) p.registerChecker(checkers.AllowAnonymousAccess(), credentials.IAnonymous) if config['password-file'] is not None: p.registerChecker(checkers.FilePasswordDB(config['password-file'], cache=True)) f.tld = config['root'] f.userAnonymous = config['userAnonymous'] f.portal = p f.protocol = ftp.FTP try: portno = int(config['port']) except KeyError: portno = 2121 return internet.TCPServer(portno, f)
def _getAuthSessionWrapper(self, realm, msg): checker = checkers.FilePasswordDB(self._htpasswd) p = portal.Portal(realm, [checker]) f = guard.DigestCredentialFactory('md5', msg) f.digest = BugfixedDigest('md5', msg) return guard.HTTPAuthSessionWrapper(p, [f])
def testCaseInSensitivity(self): self.db = checkers.FilePasswordDB(self.dbfile, caseSensitive=False) for (u, p) in self.users: self.assertEqual(self.db.getUser(u.upper()), (u, p))
def testUserLookup(self): self.db = checkers.FilePasswordDB(self.dbfile) for (u, p) in self.users: self.failUnlessRaises(KeyError, self.db.getUser, u.upper()) self.assertEqual(self.db.getUser(u), (u, p))
return proto def main(args=None): global storage global port_ #Evaluamos argumentos o = ServerOptions() try: o.parseOptions(args) except UsageError as e: raise SystemExit(e) port_ = int(o['port']) storage = str(o['mail-storage']) #log es un modulo de twisted para imprimir logs en consola sobre lo que esta pasando log.startLogging(sys.stdout) if __name__ == '__main__': main() portal = portal.Portal(MailUserRealm(storage)) checker = checkers.FilePasswordDB(os.path.join(storage, 'passwords.txt')) portal.registerChecker(checker) #Buscamos el contenido del certificado y la llave generada por openssl certData = getModule(__name__).filePath.sibling('server.pem').getContent() # Agregamos el certificado certificate = ssl.PrivateCertificate.loadPEM(certData) # Escuchamos por tls o ssl por el puerto dado con el protocolo smtp reactor.listenSSL(port_, IMAPFactory(portal), certificate.options()) reactor.run()
from twisted.cred import checkers, portal from twisted.internet import reactor from twisted.words import service wordsRealm = service.InMemoryWordsRealm("example.com") wordsRealm.createGroupOnRequest = True checker = checkers.FilePasswordDB("passwords.txt") portal = portal.Portal(wordsRealm, [checker]) reactor.listenTCP(6667, service.IRCFactory(wordsRealm, portal)) reactor.run()
def makeService(options): """ Create a manhole server service. @type options: C{dict} @param options: A mapping describing the configuration of the desired service. Recognized key/value pairs are:: "telnetPort": strports description of the address on which to listen for telnet connections. If None, no telnet service will be started. "sshPort": strports description of the address on which to listen for ssh connections. If None, no ssh service will be started. "namespace": dictionary containing desired initial locals for manhole connections. If None, an empty dictionary will be used. "passwd": Name of a passwd(5)-format username/password file. "sshKeyDir": The folder that the SSH server key will be kept in. "sshKeyName": The filename of the key. "sshKeySize": The size of the key, in bits. Default is 4096. @rtype: L{twisted.application.service.IService} @return: A manhole service. """ svc = service.MultiService() namespace = options['namespace'] if namespace is None: namespace = {} checker = checkers.FilePasswordDB(options['passwd']) if options['telnetPort']: telnetRealm = _StupidRealm(telnet.TelnetBootstrapProtocol, insults.ServerProtocol, manhole.ColoredManhole, namespace) telnetPortal = portal.Portal(telnetRealm, [checker]) telnetFactory = protocol.ServerFactory() telnetFactory.protocol = makeTelnetProtocol(telnetPortal) telnetService = strports.service(options['telnetPort'], telnetFactory) telnetService.setServiceParent(svc) if options['sshPort']: sshRealm = manhole_ssh.TerminalRealm() sshRealm.chainedProtocolFactory = chainedProtocolFactory(namespace) sshPortal = portal.Portal(sshRealm, [checker]) sshFactory = manhole_ssh.ConchFactory(sshPortal) if options['sshKeyDir'] != "<USER DATA DIR>": keyDir = options['sshKeyDir'] else: from twisted.python._appdirs import getDataDirectory keyDir = getDataDirectory() keyLocation = filepath.FilePath(keyDir).child(options['sshKeyName']) sshKey = keys._getPersistentRSAKey(keyLocation, int(options['sshKeySize'])) sshFactory.publicKeys["ssh-rsa"] = sshKey sshFactory.privateKeys["ssh-rsa"] = sshKey sshService = strports.service(options['sshPort'], sshFactory) sshService.setServiceParent(svc) return svc
avatar = EchoAvatar() return IProtocolAvatar, avatar, avatar.logout raise NotImplementedError( "This realm only supports the IProtocolAvatar interface.") import hashlib def hash(username, password, passwordHash): print hashlib.md5(password).hexdigest() return hashlib.md5(password).hexdigest() realm = Realm() myPortal = portal.Portal(realm) #1. #checker = checkers.InMemoryUsernamePasswordDatabaseDontUse() #checker.addUser("user", "pass") #2. #checker = checkers.FilePasswordDB("passwords.txt") #3. checker = checkers.FilePasswordDB("passwords.txt", hash=hash) myPortal.registerChecker(checker) reactor.listenTCP(8000, EchoFactory(myPortal)) reactor.run()
class IMAPServerProtocol(imap4.IMAP4Server): def lineReceived(self, line): print("CLIENT:", line) print(super().lineReceived(line)) def sendLine(self, line): super().sendLine(line) print("SERVER:", line) class IMAPFactory(protocol.Factory): def __init__(self, portal): self.portal = portal def buildProtocol(self, addr): proto = IMAPServerProtocol() proto.portal = portal return proto log.startLogging(sys.stdout) portal = portal.Portal(MailUserRealm()) checker = checkers.FilePasswordDB('passwords.txt') portal.registerChecker(checker) reactor.listenTCP(143, IMAPFactory(portal)) reactor.run()
def buildProtocol(self, address): proto = POP3ServerProtocol() proto.portal = self.portal return proto @implementer(portal.IRealm) class MailUserRealm(object): def __init__(self, baseDir): self.baseDir = baseDir def requestAvatar(self, avatarId, mind, *interfaces): if pop3.IMailbox not in interfaces: raise NotImplementedError( "This realm only supports the pop3.IMailbox interface.") userDir = os.path.join(self.baseDir, avatarId.decode("utf-8")) avatar = UserInbox(userDir) return pop3.IMailbox, avatar, lambda: None log.startLogging(sys.stdout) dataDir = len(sys.argv) > 1 and sys.argv[1] or "/tmp/mail" portal = portal.Portal(MailUserRealm(dataDir)) checker = checkers.FilePasswordDB(os.path.join(dataDir, 'passwords.txt')) portal.registerChecker(checker) reactor.listenTCP(1100, POP3Factory(portal)) reactor.run()
def setUp(self): self.filename = self.mktemp() file(self.filename, 'w').write('admin:asdf\nalice:foo\n') self.goodChecker = checkers.FilePasswordDB(self.filename) self.badChecker = checkers.FilePasswordDB(self.filename, hash=self._hash) self.anonChecker = checkers.AllowAnonymousAccess()
class FTPRealm: implements(portal.IRealm) def __init__(self, anonymousRoot): self.anonymousRoot = filepath.FilePath(anonymousRoot) self.dir = {'ljd': "/tmp", 'root': '/'} def requestAvatar(self, avatarId, mind, *interfaces): for iface in interfaces: if iface is ftp.IFTPShell: if avatarId is checkers.ANONYMOUS: avatar = ftp.FTPAnonymousShell(self.anonymousRoot) else: user_dir = self.dir[avatarId] avatar = ftp.FTPShell(filepath.FilePath(user_dir)) return ftp.IFTPShell, avatar, getattr(avatar, 'logout', lambda: None) raise NotImplementedError( "Only IFTPShell interface is supported by this realm") portal = portal.Portal(FTPRealm('/data')) portal.registerChecker(checkers.AllowAnonymousAccess()) portal.registerChecker(checkers.FilePasswordDB("pwd.txt")) f = ftp.FTPFactory(portal) from twisted.internet import reactor reactor.listenTCP(1234, f) reactor.run()
import secret # Create the Python Hub application application = service.Application("PythonHub") serviceCollection = service.IServiceCollection(application) #______________________________________________________________________ # 1. Setup hub server! # Accepts connects on port 14996 hubServerPasswdFile = './passwords.txt' proxySiteListPath = './sitelist.csv' hubServerPort = 14996 # set up Portal hubServerPortal = portal.Portal(proxyserver.HubProxyRealm(proxySiteListPath)) hubServerPortal.registerChecker(checkers.FilePasswordDB(hubServerPasswdFile)) # Set up Hub server service hubServerFactory = proxyserver.ProxyHubServerFactory( hubServerPortal, proxyserver.IHubProxyClient) hubServer = internet.TCPServer(hubServerPort, hubServerFactory) hubServer.setServiceParent(serviceCollection) #______________________________________________________________________ # 2a. Connect to Baron to get their data #remoteServerIP = 'nwnhub.baronservices.com' #remoteServerPort = 14996 #remoteServerUser = '******' #remoteServerPass = '******' # #hubClientFactory = hubclient.HubClientProtocolFactory(remoteServerUser,