def myproxy_info(self, certificate): myproxy_srv = get_settings()['myproxy'] myproxy_dn = get_settings()['myproxy-dn'] c = client.MyProxyClient(hostname=myproxy_srv, serverDN=myproxy_dn) passphrase = '' dn = certificate.get_dn() username = dn.split(',')[-1:][0].strip().split('=',1)[1].replace(' ','_') respCode, errorTxt, field = c.info(username, certificate, certificate.get_key()._key, lambda *a: passphrase) if field: # XXX dirty hack to support nameless creds if not field.has_key('CRED_NAME'): field['CRED_NAME'] = '' creds = [{'CRED_START_TIME':field['CRED_START_TIME'], 'CRED_END_TIME': field['CRED_END_TIME'], 'CRED_OWNER': field['CRED_OWNER'], 'CRED_NAME': field['CRED_NAME'], 'CRED_RETRIEVER': field['CRED_RETRIEVER'],}] if field.has_key('ADDL_CREDS'): for cred in field['ADDL_CREDS'].split(','): creds.append({'CRED_START_TIME':field['CRED_%s_START_TIME' % cred], 'CRED_END_TIME': field['CRED_%s_END_TIME' % cred], 'CRED_NAME': cred, 'CRED_OWNER': field['CRED_%s_OWNER' % cred], 'CRED_RETRIEVER': field['CRED_%s_RETRIEVER' % cred],}) return creds
def myproxy_destroy(self, certificate, credname): myproxy_srv = get_settings()['myproxy'] myproxy_dn = get_settings()['myproxy-dn'] c = client.MyProxyClient(hostname=myproxy_srv, serverDN=myproxy_dn) passphrase = '' dn = certificate.get_dn() username = dn.split(',')[-1:][0].strip().split('=',1)[1].replace(' ','_') c.destroy(username, certificate, certificate.get_key()._key, lambda *a: passphrase, credname)
def myproxy_put(self, session, certificate, credname=None, password=None): myproxy_srv = get_settings()['myproxy'] myproxy_dn = get_settings()['myproxy-dn'] c = client.MyProxyClient(hostname=myproxy_srv, serverDN=myproxy_dn) size = 12 passphrase = password or ''.join([choice(string.letters + string.digits) for i in range(size)]) dn = certificate.get_dn() username = dn.split(',')[-1:][0].strip().split('=',1)[1].replace(' ','_') c.put(username, passphrase, certificate, certificate.get_key()._key, lambda *a: passphrase, retrievers='*', credname=credname)
def response(context, request): req = request slcsResp = req.POST["CertificateRequestData"] session_key = req.POST["SessionKey"] # Decrpyt session Key with host private key (RSA) encrypted = unhexlify(session_key) priv_key = RSA.load_key(get_settings()["host_privkey"]) session_key = priv_key.private_decrypt(encrypted, RSA.pkcs1_padding) # Decrypt message with session key (AES) a = AES.new(session_key) plaintext = a.decrypt(unhexlify(slcsResp)) # remove AES padding n = ord(plaintext[-1]) # last byte contains number of padding bytes if n > AES.block_size or n > len(plaintext): raise Exception("invalid padding") try: certificate = slcs_handler(StringIO(plaintext[:-n])) except SLCSException, e: # TODO add error handling pass
def send(self, recipient, subject, body, attachments=[], sender=None): if not sender: settings = get_settings() sender = settings.get('from_mail_address') if attachments: msg = email.MIMEMultipart.MIMEMultipart() msg.attach(email.MIMEText.MIMEText(body.encode('UTF-8'), 'plain', 'UTF-8')) for name, fd in attachments: part = email.MIMEBase.MIMEBase('application', "octet-stream") part.set_payload(fd.read()) Encoders.encode_base64(part) part.add_header('Content-Disposition', 'attachment; filename="%s"' % name) msg.attach(part) else: msg = email.MIMEText.MIMEText(body.encode('UTF-8'), 'plain', 'UTF-8') msg["From"] = sender msg["To"] = recipient.encode('utf-8') msg["Subject"] = email.Header.Header(subject.encode('UTF-8'), 'UTF-8') mailer = get_current_registry().getUtility(IMailDelivery) mailer.send(sender, [recipient.encode('UTF-8')], msg)
def response(context, request): req = request slcsResp = req.POST['CertificateRequestData'] session_key = req.POST['SessionKey'] print req.GET originURL=request.GET['url'] # Decrpyt session Key with host private key (RSA) encrypted = unhexlify(session_key) priv_key = RSA.load_key(get_settings()['host_privkey']) session_key = priv_key.private_decrypt(encrypted, RSA.pkcs1_padding) # Decrypt message with session key (AES) a = AES.new(session_key) plaintext = a.decrypt(unhexlify(slcsResp)) # remove AES padding n = ord(plaintext[-1]) # last byte contains number of padding bytes if n > AES.block_size or n > len(plaintext): raise Exception('invalid padding') print plaintext try: certificate = slcs_handler(StringIO(plaintext[:-n])) print "cert = " + str(certificate) except SLCSException, e: # TODO add error handling print "Exception: " + str(e) pass
def __setitem__(self, name, value): path = get_settings()['mailin_trace_file'] if not os.path.exists(path): folder, fname = os.path.split(path) if not os.path.exists(folder): os.makedirs(folder) open(path, 'w').close() os.utime(path, None)
def repo(self): if get_settings().get('repozitory_db_string') is None: return None # Create self._repo on demand. repo = self._repo if repo is Uninitialized: self._repo = repo = Archive(RepozitoryEngineParams()) return repo
def generate_stats(args, instance): root, closer = args.get_root(instance) settings = get_settings() folder = settings.get("statistics_folder") if folder is None: return log.info("Generating stats for %s" % instance) if not os.path.exists(folder): os.makedirs(folder) generate_reports(root, folder)
def locale_negotiator(request): settings = get_settings() available_languages = settings.get('available_languages', '').split() preferred_languages = get_preferred_languages(request) available_languages = normalize_langs(available_languages) for lang in preferred_languages: if lang in available_languages: return available_languages.get(lang) # If the user asked for a specific variation, but we don't # have it available we may serve the most generic one, # according to the spec (eg: user asks for ('en-us', # 'de'), but we don't have 'en-us', then 'en' is preferred # to 'de'). parts = lang.split('-') if len(parts) > 1 and parts[0] in available_languages: return available_languages.get(parts[0]) return settings.get('default_locale_name', 'en')
def _secure_tile(tile, permission, authn_policy, authz_policy, strict): """wraps tile and does security checks. """ wrapped_tile = tile if not authn_policy and not authz_policy: return tile def _secured_tile(context, request): principals = authn_policy.effective_principals(request) if authz_policy.permits(context, principals, permission): try: return tile(context, request) except Exception, e: raise msg = getattr(request, "authdebug_message", "Unauthorized: tile %s failed permission check" % tile) if strict: raise Forbidden(msg) settings = get_settings() if settings.get("debug_authorization", False): logger = IDebugLogger() logger.debug(msg) return u""
def request(context, request): originURL = request.GET['url'] request.environ['wsgi.url_scheme'] = 'https' return HTTPFound(location=get_settings()["slcs_url"] + "/token?service=" + model_url(context, request) + 'response.html?url='+originURL)
def request(context, request): request.environ["wsgi.url_scheme"] = "https" return HTTPFound( location=get_settings()["slcs_url"] + "/token?service=" + model_url(context, request) + "response.html" )
def password_reset_key(self): settings = get_settings() salt = settings.get('pw_reset_salt', '') k = self.first_name + self.password + self.email + str(self.portrait_id) + salt return sha.sha(k.encode('utf-8')).hexdigest()
def db_string(self): return get_settings()['repozitory_db_string']
def password_reset_key(self): settings = get_settings() salt = settings.get('pw_reset_salt', '') k = self.first_name + self.password + self.email + str( self.portrait_id) + salt return sha.sha(k.encode('utf-8')).hexdigest()
def __init__(self): self.settings = get_settings() self.min_url_len = int(self.settings["min_url_len"])
def home_view(request): settings = get_settings() return { 'title' : settings['title'], 'description': settings['description'], 'app_url' : request.application_url, }
# TODO: change __name__ if Title changes in Page or DublinCore (or not?) import datetime from util import canonize from webob.exc import HTTPFound from models import Page from repoze.bfg.url import model_url from repoze.bfg.settings import get_settings from deform import Form from deform import widget from deform import ValidationFailure from schemas import DublinCoreSchema, PageSchema from schemas import LANGUAGES, FORMATS PROJECT = get_settings()['project'] def pages_view(context, request): page_urls = [(context[p].dublincore['title'], model_url(context, request, p)) for p in request.context.keys()] return {'project': PROJECT, 'page_urls': page_urls, 'page_add_url': model_url(context, request, "@@page_add") } def page_view(context, request): dc_schema = DublinCoreSchema() dc_form = Form(dc_schema) dc_form['subject'].widget.category = None # HACK: display sequence label return {'project': PROJECT, 'page': context,
def path(self): settings = get_settings() path = settings.get('upload_directory') return os.path.join( path, '%s.%s' % (self.id, self.content_type.split('/')[-1]))
def path(self): settings = get_settings() path = settings.get('upload_directory') return os.path.join(path, '%s.%s' % (self.id, self.content_type.split('/')[-1]))
def request(context, request): request.environ['wsgi.url_scheme'] = 'https' return HTTPFound(location=get_settings()["slcs_url"] + '/token?service=' + model_url(context, request) + 'response.html')
import logging from repoze.bfg.settings import get_settings from repoze.sendmail.delivery import QueuedMailDelivery from repoze.sendmail.mailer import SMTPMailer from repoze.sendmail.queue import QueueProcessor settings = get_settings() hostname = settings.get('mail_hostname', 'localhost') port = settings.get('mail_port', 25) username = settings.get('mail_username', None) password = settings.get('mail_password', None) no_tls = settings.get('mail_no_tls', None) force_tls = settings.get('mail_force_tls', None) mailer = SMTPMailer(hostname, port, username, password, no_tls, force_tls) queue_path = settings.get('mail_queue_path', 'maildir') queued_mail_delivery = QueuedMailDelivery(queue_path) log = logging.getLogger('eportfolio') qp = QueueProcessor(mailer, queue_path) qp.log = log def trigger_queued_delivery(): try: qp.send_messages() except Exception, e: log.error(e)