def __init__(self, url, username, password, debug=False): """ Initialize the API connection, log in, and store authentication cookie """ self.url = url # Use the HTTPCookieProcessor as urllib2 does not save cookies by default self.urlOpener = urllib2.build_opener(urllib2.HTTPCookieProcessor()) ctx = ssl.create_default_context() ctx.check_hostname = False ctx.verify_mode = ssl.CERT_NONE ssl._https_verify_certificates(enable=False) ctx2 = ssl._create_unverified_context() self.urlOpener.add_handler(urllib2.HTTPSHandler(context=ctx)) if debug: self.urlOpener.add_handler(urllib2.HTTPSHandler(debuglevel=1)) self.reqCount = 1 # Contruct POST params and submit login. loginParams = urllib.urlencode( dict(__ac_name=username, __ac_password=password, submitted='true', came_from=url + '/zport/dmd')) self.urlOpener.open(url + '/zport/acl_users/cookieAuthHelper/login', loginParams)
def connect_intercept(self): hostname = ProxyRewrite.get_hostname(self.headers, self.path) certkey = None with self.lock: if ProxyRewrite.use_rewrite_pubkey: certpath, keysize = ProxyRewrite.rewrite_cert_pubkey(self.certdir, self.certKey, self.issuerCert, self.issuerKey, hostname, 443) certkey = ("ssl/keys/cert%s.key" % keysize) else: certpath = ProxyRewrite.generate_cert(self.certdir, self.certKey, self.issuerCert, self.issuerKey, hostname, 443) certkey = self.certkey self.wfile.write("%s %d %s\r\n" % (self.protocol_version, 200, 'Connection Established')) self.end_headers() try: ssl._https_verify_certificates(enable=False) self.connection = ssl.wrap_socket(self.connection, keyfile=certkey, certfile=certpath, ssl_version=ssl.PROTOCOL_TLSv1_2, server_side=True, do_handshake_on_connect=False, suppress_ragged_eofs=True) except ssl.SSLError as e: print("SSLError occurred on %s: %r" % (self.path,e)) try: ssl._https_verify_certificates(enable=False) self.connection = ssl.wrap_socket(self.connection, keyfile=certkey, certfile=certpath, ssl_version=ssl.PROTOCOL_TLSv1_2, server_side=True, do_handshake_on_connect=True, suppress_ragged_eofs=True) except ssl.SSLError as e: print("SSLError occurred on %s: %r" % (self.path,e)) self.finish() self.rfile = self.connection.makefile("rb", self.rbufsize) self.wfile = self.connection.makefile("wb", self.wbufsize) conntype = self.headers.get('Connection', '') if self.protocol_version == "HTTP/1.1" and conntype.lower() != 'close': self.close_connection = 0 else: self.close_connection = 1
def get_large_file(url, fname, length=64 * 1024, retries=5, overwrite=False): print("Downloading %s -> %s" % (url, fname)) ssl._https_verify_certificates(True) for tnum in range(retries): try: print("- Try %d: " % (tnum + 1), end='') req = urlopen(url) size = long(req.headers.get('content-length', -1)) if not overwrite and os.path.exists(fname) and os.stat( fname).st_size == size: print("Skipping becuase existing with size {} B".format(size)) return with open(fname, 'wb') as fp: while 1: chunk = req.read(length) if not chunk: break fp.write(chunk) print('.', end='') sys.stdout.flush() print(' DONE!') return except IOError as ierr: print("WARNING: failed download of %s cause %s" % (fname, ierr)) time.sleep(tnum + 1) if tnum > 1: print("WARNING: Disabling SSL certificates verification") ssl._https_verify_certificates(False) raise RuntimeError("Failed download of %s after %d tries" % (fname, retries))
def __init__(self, autoCommit=True): if hasattr(ssl, '_https_verify_certificates'): ssl._https_verify_certificates(False) self.server = xmlrpc.ServerProxy(_settings.url()) self.autoCommit = autoCommit self.txn_id = None
def download( fname, path, config ): import wget import ssl url= config.get( "General", "url" )+"/"+fname print "Downloading", url, "into", path ssl._https_verify_certificates( 0 ) wget.download( url, path ) print return
def download( fname, config ): import wget import ssl url= config.get( "General", "url" )+"/"+fname print "Downloading", url ssl._https_verify_certificates( 0 ) wget.download( url, fname ) print return
def setUp(self): super(TestSubprocessRun, self).setUp() with open('hello.txt', 'w') as f: f.write('Hello, world!\n') https_sock, _ = reserve_port_for_ip('127.0.0.1', 9443) self.https_socks = [https_sock] ssl._https_verify_certificates(enable=False) yield test_tls.commit_valid_config()
def handle(self): dst_ip, dst_port = ProxyRewrite.get_socket_info(self.request) #if ProxyRewrite.is_courier_push_ip(dst_ip) and dst_port == 443: # print("APN connection %s:%s" % (dst_ip, dst_port)) # apnproxy = ProxyAPNHandler(dst_ip, dst_port) # apnproxy.main_loop() # return # use transparent mode if ProxyRewrite.transparent == True and dst_port != 80: certkey = None with self.lock: if ProxyRewrite.use_rewrite_pubkey: certpath, keysize = ProxyRewrite.rewrite_cert_pubkey(self.certdir, self.certKey, self.issuerCert, self.issuerKey, dst_ip, dst_port) certkey = ("ssl/keys/cert%s.key" % keysize) else: certpath = ProxyRewrite.generate_cert(self.certdir, self.certKey, self.issuerCert, self.issuerKey, dst_ip, dst_port) certkey = self.certkey try: self.connection = ssl.wrap_socket(self.connection, keyfile=certkey, certfile=certpath, ssl_version=ssl.PROTOCOL_TLSv1_2, server_side=True, do_handshake_on_connect=True, suppress_ragged_eofs=True) except ssl.SSLError as e: try: ssl._https_verify_certificates(enable=False) self.connection = ssl.wrap_socket(self.connection, keyfile=certkey, certfile=certpath, ssl_version=ssl.PROTOCOL_TLSv1_2, server_side=True, do_handshake_on_connect=False, suppress_ragged_eofs=True) except ssl.SSLError as e: print("SSLError occurred on %s: %r" % (dst_ip,e)) self.finish() elif ProxyRewrite.server_address != dst_ip and (dst_port == 443 or dst_port == 993): print("Handling %s:%s" % (dst_ip, dst_port)) certkey = None with self.lock: if ProxyRewrite.use_rewrite_pubkey: certpath, keysize = ProxyRewrite.rewrite_cert_pubkey(self.certdir, self.certKey, self.issuerCert, self.issuerKey, dst_ip, dst_port) certkey = ("ssl/keys/cert%s.key" % keysize) else: certpath = ProxyRewrite.generate_cert(self.certdir, self.certKey, self.issuerCert, self.issuerKey, dst_ip, dst_port) certkey = self.certkey try: self.connection = ssl.wrap_socket(self.connection, keyfile=certkey, certfile=certpath, ssl_version=ssl.PROTOCOL_TLSv1_2, server_side=True, do_handshake_on_connect=True, suppress_ragged_eofs=True) except ssl.SSLError as e: try: ssl._https_verify_certificates(enable=False) self.connection = ssl.wrap_socket(self.connection, keyfile=certkey, certfile=certpath, ssl_version=ssl.PROTOCOL_TLSv1_2, server_side=True, do_handshake_on_connect=False, suppress_ragged_eofs=True) except ssl.SSLError as e: print("SSLError occurred on %s: %r" % (dst_ip,e)) self.finish() self.rfile = self.connection.makefile("rb", self.rbufsize) self.wfile = self.connection.makefile("wb", self.wbufsize) # """Handle multiple requests if necessary.""" self.close_connection = 1 self.handle_one_request() while not self.close_connection: self.handle_one_request()
def httpRequest(url, payload, access_token_authorization_bearer=None, method='POST', context=ssl._https_verify_certificates(), headers={'Content-Type': 'application/x-www-form-urlencoded'}): if access_token_authorization_bearer: headers[ 'Authorization'] = 'Bearer ' + access_token_authorization_bearer url_parsed = urlparse(url) conn = httplib.HTTPSConnection(url_parsed.hostname, context=context) try: if headers['Content-Type'] == 'application/json': conn.request(method=method, url=url_parsed.path, body=json.dumps(payload), headers=headers) else: conn.request(method=method, url=url_parsed.path, body=urllib.urlencode(payload), headers=headers) except: conn.request(method=method, url=url_parsed.path, body=payload, headers=headers) return conn.getresponse()
def run_http_server(HandlerClass=ProxyRequestHandler, ServerClass=ThreadingHTTPServer, protocol="HTTP/1.1"): try: ssl._https_verify_certificates(enable=False) HandlerClass.protocol_version = protocol httpd = ServerClass(ProxyRewrite.server_address, HandlerClass) httpd.allow_reuse_address = True httpd.request_queue_size = 256 #ProxyRewrite.logger = open("rewrite_%s_%s.log" % (device1, device2), "w") sa = httpd.socket.getsockname() print "Serving HTTP Proxy on", sa[0], "port", sa[1], "..." httpd.serve_forever() except KeyboardInterrupt: print '^C received, shutting down proxy' httpd.socket.close()
def __init__(self, configHolder): """Constructor. All connectors need to call this constructor from their own constructor. Moreover all connectors need to define their capabilities with the method _set_capabilities(). """ self.verboseLevel = 0 configHolder.assign(self) self.configHolder = configHolder self.run_category = getattr(configHolder, KEY_RUN_CATEGORY, None) self.max_iaas_workers = None self.sshPrivKeyFile = '%s/.ssh/id_rsa' % os.path.expanduser("~") self.sshPubKeyFile = self.sshPrivKeyFile + '.pub' self.__listener = SimplePrintListener(verbose=(self.verboseLevel > 1)) self.__vms = {} self.__cloud = os.environ.get(util.ENV_CONNECTOR_INSTANCE) self.__init_threading_related() self.tempPrivateKeyFileName = '' self.tempPublicKey = '' self.__capabilities = [] self.__already_published = defaultdict(set) # Ensure that httplib use the "old" default for certificates validation # since libcloud doesn't work with the new default. try: ssl._https_verify_certificates(False) except: pass self._user_info = None self.cimi_deployment_prototype = False
AWS_ACCESS_KEY, AWS_SECRET_KEY = get_s3_keys(config['uid']) HOST = config['host'] PORT = config['port'] SSL = config['ssl'] URANDOM_BLOCK_SIZE = config['block'] TOTAL_BYTES = config['bytes'] BUCKET_NAME = config['bucket'] NAGIOS_HOST = config['nagios_host'] ## Connect to the gateway # try: ssl._https_verify_certificates(False) connection = boto.connect_s3( aws_access_key_id=AWS_ACCESS_KEY, aws_secret_access_key=AWS_SECRET_KEY, host=HOST, port=PORT, is_secure=SSL, calling_format=boto.s3.connection.OrdinaryCallingFormat()) # except: # report(NAG_CRITICAL,"ERROR: Couldn't connect to gateway {h}:{p}".format(h=HOST, p=PORT)) # raise try: bucket = connection.get_bucket(BUCKET_NAME) except: report(NAG_CRITICAL,
print 'Content-type: text/plain' print 'Status: 200 OK' print '' #print 'Got it' #print args if os.environ['REQUEST_METHOD'] != 'POST': exit() body = sys.stdin.read() if body != '': with open('/tmp/body.json', 'w') as f: f.write(body) ssl._https_verify_certificates(enable=False) def fetch_new_access_token(creds): url = "https://api.fitbit.com/oauth2/token" headers = {"Authorization": "Basic " + creds['basic_auth']} print 'Requesting: ' + url req = urllib2.Request(url, headers=headers, data=urllib.urlencode({ 'grant_type': 'refresh_token', 'refresh_token': creds['refresh_token'] })) response = urllib2.urlopen(req)
#!/usr/bin/python import urllib2 from datetime import datetime from dateutil import tz import os import ssl lines = urllib2.urlopen( "https://developer.yahoo.com/util/timeservice/V1/getTime.html", context=ssl._https_verify_certificates(False)).readlines() dateline = lines[-1] #print dateline #parse the date from the response: from_zone = dateline.split()[6] year = dateline.split()[7] month = dateline.split()[3] day = dateline.split()[4] time = dateline.split()[5] hours = time.split(':')[0] mins = time.split(':')[1] secs = time.split(':')[2] #print "%s %s %s - %s:%s:%s" % (day,month,year,hours,mins,secs) # pass the tzinfo option: # https://docs.python.org/3/library/datetime.html # https://docs.python.org/3/library/datetime.html#datetime.tzinfo date = datetime.strptime( year + " " + month + " " + day + " " + hours + ":" + mins + ":" + secs,
def on_accept(self): clientsock, clientaddr = self.server.accept() dst_ip, dst_port = ProxyRewrite.get_socket_info(clientsock) certkey = None self.forward = socket.socket(socket.AF_INET, socket.SOCK_STREAM) if ProxyRewrite.apnproxyssl: print("SSL Enabled for APN") with self.lock: if ProxyRewrite.use_rewrite_pubkey: certpath, keysize = ProxyRewrite.rewrite_cert_pubkey( self.certdir, self.certKey, self.issuerCert, self.issuerKey, dst_ip, dst_port) certkey = ("ssl/keys/cert%s.key" % keysize) else: certpath = ProxyRewrite.generate_cert( self.certdir, self.certKey, self.issuerCert, self.issuerKey, dst_ip, dst_port) certkey = self.certkey ssl._https_verify_certificates(enable=False) clientsock = ssl.wrap_socket(clientsock, keyfile=certkey, certfile=certpath, server_side=True, do_handshake_on_connect=True) filename = ProxyRewrite.log_filename("apn_client.pem") if os.path.isfile(filename): st_cert = open(filename, 'rt').read() cert = crypto.load_certificate(crypto.FILETYPE_PEM, st_cert) print(cert.get_subject()) #self.forward = ssl.wrap_socket(self.forward, ca_certs="server_certs/courier.push.apple.com.crt", cert_reqs=ssl.CERT_REQUIRED) #ssl_context = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH) #ssl_context.load_cert_chain(certfile=certpath, keyfile=certkey) #ssl_context.set_alpn_protocols(["apns-security-v2"]) #self.forward = ssl_context.wrap_socket(self.forward) try: self.forward.connect((dst_ip, dst_port)) except Exception as e: print("Exception: %r", e) print e self.forward = None if self.forward: print clientaddr, "has connected" #ssl._https_verify_certificates(enable=False) #self.forward = ssl.wrap_socket(self.forward, do_handshake_on_connect=False) #self.forward = ssl.wrap_socket(self.forward, ca_certs=certpath, do_handshake_on_connect=False) #clientsock.do_handshake() #self.forward.do_handshake() # now do a wrap_socket on the forwarding port self.input_list.append(clientsock) self.input_list.append(self.forward) self.channel[clientsock] = self.forward self.channel[self.forward] = clientsock else: print "Can't establish connection with remote server.", print "Closing connection with client side", clientaddr clientsock.close()
data[entry['bucket']] = {'status': 'online', 'status_message': 'Report for space on RAL OS', 'list_of_paths': [PATHS], 'total_space': QUOTA, 'used_space': USAGE, 'num_files': FILES, 'time_stamp': time()} # Write the output to a .json file tmpFile = '/tmp/space-usage.json' with open(tmpFile, 'w') as outfile: json.dump(data, outfile) # Run the Radosgw-admin command to retrieve the quota S3 credentials to upload json file to bucket. cmd = ['radosgw-admin', 'user', 'info', '--uid', USER] p = subprocess.Popen(cmd, stdout=subprocess.PIPE) ui = p.communicate()[0] uid = json.loads(ui) S3_ACCESS_KEY = uid['keys'][0]['access_key'] S3_SECRET_KEY = uid['keys'][0]['secret_key'] ssl._https_verify_certificates(False) conn = boto.connect_s3( aws_access_key_id = S3_ACCESS_KEY, aws_secret_access_key = S3_SECRET_KEY, host = HOST, port = PORT, is_secure=SSL, calling_format = boto.s3.connection.OrdinaryCallingFormat(), ) b = conn.get_bucket(JSONDST) k = Key(b) k.key = 'space-usage.json' k.set_contents_from_filename(tmpFile)