def create_ctx(self): ''' This method sets the right ssl context to disable hostname checking and certificate validation. ''' ctx = ssl.create_default_context() ctx.check_hostname = False ctx.verify_mode = ssl.CERT_NONE return ctx
def email(_to, subject, body): _from = "*****@*****.**" message = MIMEMultipart("alternative") message["Subject"] = subject message["From"] = _from message["To"] = _to # Turn these into plain/html MIMEText objects part = MIMEText(body, "html") # Add HTML/plain-text parts to MIMEMultipart message message.attach(part) # Create secure connection with server and send email context = ssl.create_default_context() with smtplib.SMTP_SSL("mail.main.com", 465, context=context) as server: server.login(_from, "Japanitoes") if server.sendmail(_from, _to, message.as_string()): return True else: return False
def test_ssl_context(self): def serve(listener): sock, addr = listener.accept() sock.recv(8192) sock.sendall(b'response') sock = listen_ssl_socket() server_coro = eventlet.spawn(serve, sock) context = ssl.create_default_context() context.verify_mode = ssl.CERT_REQUIRED context.check_hostname = True context.load_verify_locations(tests.certificate_file) client = context.wrap_socket(eventlet.connect(sock.getsockname()), server_hostname='Test') client.sendall(b'line 1\r\nline 2\r\n\r\n') self.assertEqual(client.recv(8192), b'response') server_coro.wait()
def test_client_check_hostname(self): # stdlib API compatibility # https://github.com/eventlet/eventlet/issues/567 def serve(listener): sock, addr = listener.accept() sock.recv(64) sock.sendall(b"response") sock.close() listener = listen_ssl_socket() server_coro = eventlet.spawn(serve, listener) ctx = ssl.create_default_context() ctx.verify_mode = ssl.CERT_REQUIRED ctx.check_hostname = True ctx.load_verify_locations(tests.certificate_file) ctx.load_cert_chain(tests.certificate_file, tests.private_key_file) sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) client = ctx.wrap_socket(sock, server_hostname="Test") client.connect(listener.getsockname()) client.send(b"check_hostname works") client.recv(64) server_coro.wait()
def __init__(self, app, conf): self.app = app self.logger = get_logger(conf, log_route='memcache') self.memcache_servers = conf.get('memcache_servers') serialization_format = conf.get('memcache_serialization_support') try: # Originally, while we documented using memcache_max_connections # we only accepted max_connections max_conns = int( conf.get('memcache_max_connections', conf.get('max_connections', 0))) except ValueError: max_conns = 0 memcache_options = {} if (not self.memcache_servers or serialization_format is None or max_conns <= 0): path = os.path.join(conf.get('swift_dir', '/etc/swift'), 'memcache.conf') memcache_conf = ConfigParser() if memcache_conf.read(path): # if memcache.conf exists we'll start with those base options try: memcache_options = dict(memcache_conf.items('memcache')) except NoSectionError: pass if not self.memcache_servers: try: self.memcache_servers = \ memcache_conf.get('memcache', 'memcache_servers') except (NoSectionError, NoOptionError): pass if serialization_format is None: try: serialization_format = \ memcache_conf.get('memcache', 'memcache_serialization_support') except (NoSectionError, NoOptionError): pass if max_conns <= 0: try: new_max_conns = \ memcache_conf.get('memcache', 'memcache_max_connections') max_conns = int(new_max_conns) except (NoSectionError, NoOptionError, ValueError): pass # while memcache.conf options are the base for the memcache # middleware, if you set the same option also in the filter # section of the proxy config it is more specific. memcache_options.update(conf) connect_timeout = float( memcache_options.get('connect_timeout', CONN_TIMEOUT)) pool_timeout = float(memcache_options.get('pool_timeout', POOL_TIMEOUT)) tries = int(memcache_options.get('tries', TRY_COUNT)) io_timeout = float(memcache_options.get('io_timeout', IO_TIMEOUT)) if config_true_value(memcache_options.get('tls_enabled', 'false')): tls_cafile = memcache_options.get('tls_cafile') tls_certfile = memcache_options.get('tls_certfile') tls_keyfile = memcache_options.get('tls_keyfile') self.tls_context = ssl.create_default_context(cafile=tls_cafile) if tls_certfile: self.tls_context.load_cert_chain(tls_certfile, tls_keyfile) else: self.tls_context = None error_suppression_interval = float( memcache_options.get('error_suppression_interval', ERROR_LIMIT_TIME)) error_suppression_limit = float( memcache_options.get('error_suppression_limit', ERROR_LIMIT_COUNT)) if not self.memcache_servers: self.memcache_servers = '127.0.0.1:11211' if max_conns <= 0: max_conns = 2 if serialization_format is None: serialization_format = 2 else: serialization_format = int(serialization_format) self.memcache = MemcacheRing( [s.strip() for s in self.memcache_servers.split(',') if s.strip()], connect_timeout=connect_timeout, pool_timeout=pool_timeout, tries=tries, io_timeout=io_timeout, allow_pickle=(serialization_format == 0), allow_unpickle=(serialization_format <= 1), max_conns=max_conns, tls_context=self.tls_context, logger=self.logger, error_limit_count=error_suppression_limit, error_limit_time=error_suppression_interval, error_limit_duration=error_suppression_interval)
__author__ = 'vincent' import re import platform import random import logging import eventlet from eventlet.green import socket from eventlet.green import ssl cert = "./cacert.pem" ciphers = "ECDHE-RSA-AES128-SHA" query = ("HEAD /search?q=g HTTP/1.1\r\nHost: www.google.com.hk\r\n\r\n" "GET /%s HTTP/1.1\r\nHost: azzvxgoagent%s.appspot.com\r\n" "Connection: close\r\n\r\n") % (platform.python_version(), random.randrange(7)) ctx = ssl.create_default_context(cafile=cert) ctx.verify_mode = ssl.CERT_REQUIRED ctx.set_ciphers(ciphers) ctx.check_hostname = False patterns = [] patterns.append(re.compile("HTTP/1\.[0-1].+?([\d]{1,3})")) patterns.append(re.compile("Server: (.+)")) def test_socket(ip_q, socket_q, ssl_q, socket_timeout): while True: if ssl_q.full(): return c = socket.socket() c.settimeout(socket_timeout) try: