def setUp(self):
dbfile = self.mktemp()
self.db = checkers.FilePasswordDB(dbfile, hash=self.hash)
f = file(dbfile, 'w')
for (u, p) in self.users:
f.write('%s:%s\n' % (u, crypt(p, u[:2])))
f.close()
r = TestRealm()
self.port = portal.Portal(r)
self.port.registerChecker(self.db)
def setUp(self):
dbfile = self.mktemp()
self.db = checkers.FilePasswordDB(dbfile, hash=self.hash)
with open(dbfile, 'wb') as f:
for (u, p) in self.users:
f.write(u + b":" + self.hash(u, p, u[:2]) + b"\n")
r = TestRealm()
self.port = portal.Portal(r)
self.port.registerChecker(self.db)
def testCaseInSensitivity(self):
dbfile = self.mktemp()
db = checkers.FilePasswordDB(dbfile, caseSensitive=0)
f = file(dbfile, 'w')
for (u, p) in self.users:
f.write('%s:%s\n' % (u, p))
f.close()
for (u, p) in self.users:
self.assertEquals(db.getUser(u.upper()), (u, p))
def opt_password_file(self, filename):
"""
Specify a file containing username:password login info for
authenticated connections. (DEPRECATED; see --help-auth instead)
"""
self["password-file"] = filename
msg = deprecate.getDeprecationWarningString(
self.opt_password_file, versions.Version("Twisted", 11, 1, 0))
warnings.warn(msg, category=DeprecationWarning, stacklevel=2)
self.addChecker(checkers.FilePasswordDB(filename, cache=True))
def makeService(options):
"""Create a manhole server service.
@type options: C{dict}
@param options: A mapping describing the configuration of
the desired service. Recognized key/value pairs are::
"telnetPort": strports description of the address on which
to listen for telnet connections. If None,
no telnet service will be started.
"sshPort": strports description of the address on which to
listen for ssh connections. If None, no ssh
service will be started.
"namespace": dictionary containing desired initial locals
for manhole connections. If None, an empty
dictionary will be used.
"passwd": Name of a passwd(5)-format username/password file.
@rtype: L{twisted.application.service.IService}
@return: A manhole service.
"""
svc = service.MultiService()
namespace = options['namespace']
if namespace is None:
namespace = {}
checker = checkers.FilePasswordDB(options['passwd'])
if options['telnetPort']:
telnetRealm = _StupidRealm(telnet.TelnetBootstrapProtocol,
insults.ServerProtocol,
manhole.ColoredManhole, namespace)
telnetPortal = portal.Portal(telnetRealm, [checker])
telnetFactory = protocol.ServerFactory()
telnetFactory.protocol = makeTelnetProtocol(telnetPortal)
telnetService = strports.service(options['telnetPort'], telnetFactory)
telnetService.setServiceParent(svc)
if options['sshPort']:
sshRealm = manhole_ssh.TerminalRealm()
sshRealm.chainedProtocolFactory = chainedProtocolFactory(namespace)
sshPortal = portal.Portal(sshRealm, [checker])
sshFactory = manhole_ssh.ConchFactory(sshPortal)
sshService = strports.service(options['sshPort'], sshFactory)
sshService.setServiceParent(svc)
return svc
def testUserLookup(self):
dbfile = self.mktemp()
db = checkers.FilePasswordDB(dbfile)
f = file(dbfile, 'w')
for (u, p) in self.users:
f.write('%s:%s\n' % (u, p))
f.close()
for (u, p) in self.users:
self.failUnlessRaises(KeyError, db.getUser, u.upper())
self.assertEqual(db.getUser(u), (u, p))
def testRequestAvatarId_hashed(self):
self.db = checkers.FilePasswordDB(self.dbfile)
UsernameHashedPassword = self.getDeprecatedModuleAttribute(
"twisted.cred.credentials", "UsernameHashedPassword", _uhpVersion
)
creds = [UsernameHashedPassword(u, p) for u, p in self.users]
d = defer.gatherResults(
[defer.maybeDeferred(self.db.requestAvatarId, c) for c in creds]
)
d.addCallback(self.assertEqual, [u for u, p in self.users])
return d
def testRequestAvatarId(self):
dbfile = self.mktemp()
db = checkers.FilePasswordDB(dbfile, caseSensitive=0)
f = file(dbfile, 'w')
for (u, p) in self.users:
f.write('%s:%s\n' % (u, p))
f.close()
creds = [credentials.UsernamePassword(u, p) for u, p in self.users]
d = defer.gatherResults(
[defer.maybeDeferred(db.requestAvatarId, c) for c in creds])
d.addCallback(self.assertEqual, [u for u, p in self.users])
return d
def main():
readIniFile()
LOGGING['handlers']['file']['filename'] = logpath + '/mpexagent.log'
logging.config.dictConfig(LOGGING)
observer = twlog.PythonLoggingObserver()
observer.start()
args = parse_args()
try:
if args.mpex_url:
mpexagent = MPExAgent(replaycheck=True, mpexurl=args.mpex_url)
else:
mpexagent = MPExAgent(replaycheck=True)
mpexagent.passphrase = getpass("Enter your GPG passphrase: ")
root = JSON_RPC().customize(RPCServer)
root.eventhandler.agent = mpexagent
if (mode != 'noweb'):
webroot = static.File(webpath)
webroot.putChild('jsonrpc', root)
root = webroot
if (auth != 'noauth'):
if (auth == 'md5'):
hashfunc = hashmd5
if (auth == 'sha1'):
hashfunc = hashsha1
if (auth == 'plain'):
hashfunc = hashplain
realm = HttpPasswordRealm(root)
p = portal.Portal(realm, [
checkers.FilePasswordDB(passpath, delim=":", hash=hashfunc)
])
credentialFactory = BasicCredentialFactory("MpexAgent")
protected_resource = HTTPAuthSessionWrapper(
p, [credentialFactory])
root = protected_resource
site = server.Site(root)
bindaddr = '*:' if args.listen_addr == '' else args.listen_addr + ':'
log.info('Listening on %s%d...', bindaddr, args.port)
if (mode != 'https'):
reactor.listenTCP(args.port, site, interface=args.listen_addr)
else:
reactor.listenSSL(
args.port, site,
ssl.DefaultOpenSSLContextFactory(keypath, certpath))
reactor.run()
except KeyboardInterrupt:
print '^C received, shutting down server'
server.socket.close()
def getCheckers(self):
diskHash = self.diskHash or (lambda x: x)
hashCheck = self.diskHash and (
lambda username, password, stored: self.diskHash(password))
for cache in True, False:
fn = self.mktemp()
fObj = open(fn, 'wb')
for u, p in self._validCredentials:
fObj.write(u + b":" + diskHash(p) + b"\n")
fObj.close()
yield checkers.FilePasswordDB(fn, cache=cache, hash=hashCheck)
fn = self.mktemp()
fObj = open(fn, 'wb')
for u, p in self._validCredentials:
fObj.write(diskHash(p) + b' dingle dongle ' + u + b'\n')
fObj.close()
yield checkers.FilePasswordDB(fn,
b' ',
3,
0,
cache=cache,
hash=hashCheck)
fn = self.mktemp()
fObj = open(fn, 'wb')
for u, p in self._validCredentials:
fObj.write(b'zip,zap,' + u.title() + b',zup,'\
+ diskHash(p) + b'\n',)
fObj.close()
yield checkers.FilePasswordDB(fn,
b',',
2,
4,
False,
cache=cache,
hash=hashCheck)
def getCheckers(self):
diskHash = self.diskHash or (lambda x: x)
hashCheck = self.diskHash and (
lambda username, password, stored: self.diskHash(password))
for cache in True, False:
fn = self.mktemp()
fObj = file(fn, 'w')
for u, p in self._validCredentials:
fObj.write('%s:%s\n' % (u, diskHash(p)))
fObj.close()
yield checkers.FilePasswordDB(fn, cache=cache, hash=hashCheck)
fn = self.mktemp()
fObj = file(fn, 'w')
for u, p in self._validCredentials:
fObj.write('%s dingle dongle %s\n' % (diskHash(p), u))
fObj.close()
yield checkers.FilePasswordDB(fn,
' ',
3,
0,
cache=cache,
hash=hashCheck)
fn = self.mktemp()
fObj = file(fn, 'w')
for u, p in self._validCredentials:
fObj.write('zip,zap,%s,zup,%s\n' % (u.title(), diskHash(p)))
fObj.close()
yield checkers.FilePasswordDB(fn,
',',
2,
4,
False,
cache=cache,
hash=hashCheck)
def getCheckers(self):
diskHash = self.diskHash or (lambda x: x)
hashCheck = self.diskHash and (
lambda username, password, stored: self.diskHash(password))
for cache in True, False:
fn = self.mktemp()
with open(fn, "wb") as fObj:
for u, p in self._validCredentials:
fObj.write(u + b":" + diskHash(p) + b"\n")
yield checkers.FilePasswordDB(fn, cache=cache, hash=hashCheck)
fn = self.mktemp()
with open(fn, "wb") as fObj:
for u, p in self._validCredentials:
fObj.write(diskHash(p) + b" dingle dongle " + u + b"\n")
yield checkers.FilePasswordDB(fn,
b" ",
3,
0,
cache=cache,
hash=hashCheck)
fn = self.mktemp()
with open(fn, "wb") as fObj:
for u, p in self._validCredentials:
fObj.write(
b"zip,zap," + u.title() + b",zup," + diskHash(p) +
b"\n", )
yield checkers.FilePasswordDB(fn,
b",",
2,
4,
False,
cache=cache,
hash=hashCheck)
def createShellServer(namespace):
""" Creates an interactive shell interface to send and receive output
while the program is running. Connection's instance yukari is named y.
e.g. dir(y), will list all of yukari's names"""
# These are taken from manhole_tap module
checker = checkers.FilePasswordDB('telnet.pw')
telnetRealm = manhole_tap._StupidRealm(telnet.TelnetBootstrapProtocol,
insults.ServerProtocol,
manhole.ColoredManhole,
{"y": namespace})
telnetPortal = portal.Portal(telnetRealm, [checker])
telnetFactory = protocol.ServerFactory()
telnetFactory.protocol = manhole_tap.makeTelnetProtocol(telnetPortal)
clog.info('Creating shell server instance...', sys)
port = reactor.listenTCP(int(config['telnet']['port']), telnetFactory)
return port
def loadChecker(self):
"""
Load the password file
@return: an object satisfying the ICredentialsChecker
interface using a password file or an empty list if the file
is not available. Uses the file specified in the --passwd
command line option.
"""
try:
checker = checkers.FilePasswordDB(self.options.passwordfile)
# grab credentials for the workers to login
u, p = checker._loadCredentials().next()
self.workerUsername, self.workerPassword = u, p
return checker
except Exception:
self.log.exception("Unable to load %s", self.options.passwordfile)
return []
def _getAuthSessionWrapper(self, inv, msg):
if self._useArclinkAccess:
access = self._access
else:
access = None
if self._authEnabled: # auth extension
realm = FDSNDataSelectAuthRealm(inv, access, self._userdb)
checker = UsernamePasswordChecker(self._userdb)
else: # htpasswd
realm = FDSNDataSelectRealm(inv, access)
checker = checkers.FilePasswordDB(self._htpasswd)
p = portal.Portal(realm, [checker])
f = guard.DigestCredentialFactory('MD5', msg)
f.digest = BugfixedDigest('MD5', msg)
return HTTPAuthSessionWrapper(p, [f])
def makeService(config):
f = ftp.FTPFactory()
r = ftp.FTPRealm(config['root'])
p = portal.Portal(r)
p.registerChecker(checkers.AllowAnonymousAccess(), credentials.IAnonymous)
if config['password-file'] is not None:
p.registerChecker(checkers.FilePasswordDB(config['password-file'], cache=True))
f.tld = config['root']
f.userAnonymous = config['userAnonymous']
f.portal = p
f.protocol = ftp.FTP
try:
portno = int(config['port'])
except KeyError:
portno = 2121
return internet.TCPServer(portno, f)
def _getAuthSessionWrapper(self, realm, msg):
checker = checkers.FilePasswordDB(self._htpasswd)
p = portal.Portal(realm, [checker])
f = guard.DigestCredentialFactory('md5', msg)
f.digest = BugfixedDigest('md5', msg)
return guard.HTTPAuthSessionWrapper(p, [f])
def testCaseInSensitivity(self):
self.db = checkers.FilePasswordDB(self.dbfile, caseSensitive=False)
for (u, p) in self.users:
self.assertEqual(self.db.getUser(u.upper()), (u, p))
def testUserLookup(self):
self.db = checkers.FilePasswordDB(self.dbfile)
for (u, p) in self.users:
self.failUnlessRaises(KeyError, self.db.getUser, u.upper())
self.assertEqual(self.db.getUser(u), (u, p))
return proto
def main(args=None):
global storage
global port_
#Evaluamos argumentos
o = ServerOptions()
try:
o.parseOptions(args)
except UsageError as e:
raise SystemExit(e)
port_ = int(o['port'])
storage = str(o['mail-storage'])
#log es un modulo de twisted para imprimir logs en consola sobre lo que esta pasando
log.startLogging(sys.stdout)
if __name__ == '__main__':
main()
portal = portal.Portal(MailUserRealm(storage))
checker = checkers.FilePasswordDB(os.path.join(storage, 'passwords.txt'))
portal.registerChecker(checker)
#Buscamos el contenido del certificado y la llave generada por openssl
certData = getModule(__name__).filePath.sibling('server.pem').getContent()
# Agregamos el certificado
certificate = ssl.PrivateCertificate.loadPEM(certData)
# Escuchamos por tls o ssl por el puerto dado con el protocolo smtp
reactor.listenSSL(port_, IMAPFactory(portal), certificate.options())
reactor.run()
from twisted.cred import checkers, portal
from twisted.internet import reactor
from twisted.words import service
wordsRealm = service.InMemoryWordsRealm("example.com")
wordsRealm.createGroupOnRequest = True
checker = checkers.FilePasswordDB("passwords.txt")
portal = portal.Portal(wordsRealm, [checker])
reactor.listenTCP(6667, service.IRCFactory(wordsRealm, portal))
reactor.run()
def makeService(options):
"""
Create a manhole server service.
@type options: C{dict}
@param options: A mapping describing the configuration of
the desired service. Recognized key/value pairs are::
"telnetPort": strports description of the address on which
to listen for telnet connections. If None,
no telnet service will be started.
"sshPort": strports description of the address on which to
listen for ssh connections. If None, no ssh
service will be started.
"namespace": dictionary containing desired initial locals
for manhole connections. If None, an empty
dictionary will be used.
"passwd": Name of a passwd(5)-format username/password file.
"sshKeyDir": The folder that the SSH server key will be kept in.
"sshKeyName": The filename of the key.
"sshKeySize": The size of the key, in bits. Default is 4096.
@rtype: L{twisted.application.service.IService}
@return: A manhole service.
"""
svc = service.MultiService()
namespace = options['namespace']
if namespace is None:
namespace = {}
checker = checkers.FilePasswordDB(options['passwd'])
if options['telnetPort']:
telnetRealm = _StupidRealm(telnet.TelnetBootstrapProtocol,
insults.ServerProtocol,
manhole.ColoredManhole, namespace)
telnetPortal = portal.Portal(telnetRealm, [checker])
telnetFactory = protocol.ServerFactory()
telnetFactory.protocol = makeTelnetProtocol(telnetPortal)
telnetService = strports.service(options['telnetPort'], telnetFactory)
telnetService.setServiceParent(svc)
if options['sshPort']:
sshRealm = manhole_ssh.TerminalRealm()
sshRealm.chainedProtocolFactory = chainedProtocolFactory(namespace)
sshPortal = portal.Portal(sshRealm, [checker])
sshFactory = manhole_ssh.ConchFactory(sshPortal)
if options['sshKeyDir'] != "<USER DATA DIR>":
keyDir = options['sshKeyDir']
else:
from twisted.python._appdirs import getDataDirectory
keyDir = getDataDirectory()
keyLocation = filepath.FilePath(keyDir).child(options['sshKeyName'])
sshKey = keys._getPersistentRSAKey(keyLocation,
int(options['sshKeySize']))
sshFactory.publicKeys["ssh-rsa"] = sshKey
sshFactory.privateKeys["ssh-rsa"] = sshKey
sshService = strports.service(options['sshPort'], sshFactory)
sshService.setServiceParent(svc)
return svc
avatar = EchoAvatar()
return IProtocolAvatar, avatar, avatar.logout
raise NotImplementedError(
"This realm only supports the IProtocolAvatar interface.")
import hashlib
def hash(username, password, passwordHash):
print hashlib.md5(password).hexdigest()
return hashlib.md5(password).hexdigest()
realm = Realm()
myPortal = portal.Portal(realm)
#1.
#checker = checkers.InMemoryUsernamePasswordDatabaseDontUse()
#checker.addUser("user", "pass")
#2.
#checker = checkers.FilePasswordDB("passwords.txt")
#3.
checker = checkers.FilePasswordDB("passwords.txt", hash=hash)
myPortal.registerChecker(checker)
reactor.listenTCP(8000, EchoFactory(myPortal))
reactor.run()
class IMAPServerProtocol(imap4.IMAP4Server):
def lineReceived(self, line):
print("CLIENT:", line)
print(super().lineReceived(line))
def sendLine(self, line):
super().sendLine(line)
print("SERVER:", line)
class IMAPFactory(protocol.Factory):
def __init__(self, portal):
self.portal = portal
def buildProtocol(self, addr):
proto = IMAPServerProtocol()
proto.portal = portal
return proto
log.startLogging(sys.stdout)
portal = portal.Portal(MailUserRealm())
checker = checkers.FilePasswordDB('passwords.txt')
portal.registerChecker(checker)
reactor.listenTCP(143, IMAPFactory(portal))
reactor.run()
def buildProtocol(self, address):
proto = POP3ServerProtocol()
proto.portal = self.portal
return proto
@implementer(portal.IRealm)
class MailUserRealm(object):
def __init__(self, baseDir):
self.baseDir = baseDir
def requestAvatar(self, avatarId, mind, *interfaces):
if pop3.IMailbox not in interfaces:
raise NotImplementedError(
"This realm only supports the pop3.IMailbox interface.")
userDir = os.path.join(self.baseDir, avatarId.decode("utf-8"))
avatar = UserInbox(userDir)
return pop3.IMailbox, avatar, lambda: None
log.startLogging(sys.stdout)
dataDir = len(sys.argv) > 1 and sys.argv[1] or "/tmp/mail"
portal = portal.Portal(MailUserRealm(dataDir))
checker = checkers.FilePasswordDB(os.path.join(dataDir, 'passwords.txt'))
portal.registerChecker(checker)
reactor.listenTCP(1100, POP3Factory(portal))
reactor.run()
def setUp(self):
self.filename = self.mktemp()
file(self.filename, 'w').write('admin:asdf\nalice:foo\n')
self.goodChecker = checkers.FilePasswordDB(self.filename)
self.badChecker = checkers.FilePasswordDB(self.filename, hash=self._hash)
self.anonChecker = checkers.AllowAnonymousAccess()
class FTPRealm:
implements(portal.IRealm)
def __init__(self, anonymousRoot):
self.anonymousRoot = filepath.FilePath(anonymousRoot)
self.dir = {'ljd': "/tmp", 'root': '/'}
def requestAvatar(self, avatarId, mind, *interfaces):
for iface in interfaces:
if iface is ftp.IFTPShell:
if avatarId is checkers.ANONYMOUS:
avatar = ftp.FTPAnonymousShell(self.anonymousRoot)
else:
user_dir = self.dir[avatarId]
avatar = ftp.FTPShell(filepath.FilePath(user_dir))
return ftp.IFTPShell, avatar, getattr(avatar, 'logout',
lambda: None)
raise NotImplementedError(
"Only IFTPShell interface is supported by this realm")
portal = portal.Portal(FTPRealm('/data'))
portal.registerChecker(checkers.AllowAnonymousAccess())
portal.registerChecker(checkers.FilePasswordDB("pwd.txt"))
f = ftp.FTPFactory(portal)
from twisted.internet import reactor
reactor.listenTCP(1234, f)
reactor.run()
import secret
# Create the Python Hub application
application = service.Application("PythonHub")
serviceCollection = service.IServiceCollection(application)
#______________________________________________________________________
# 1. Setup hub server!
# Accepts connects on port 14996
hubServerPasswdFile = './passwords.txt'
proxySiteListPath = './sitelist.csv'
hubServerPort = 14996
# set up Portal
hubServerPortal = portal.Portal(proxyserver.HubProxyRealm(proxySiteListPath))
hubServerPortal.registerChecker(checkers.FilePasswordDB(hubServerPasswdFile))
# Set up Hub server service
hubServerFactory = proxyserver.ProxyHubServerFactory(
hubServerPortal, proxyserver.IHubProxyClient)
hubServer = internet.TCPServer(hubServerPort, hubServerFactory)
hubServer.setServiceParent(serviceCollection)
#______________________________________________________________________
# 2a. Connect to Baron to get their data
#remoteServerIP = 'nwnhub.baronservices.com'
#remoteServerPort = 14996
#remoteServerUser = '******'
#remoteServerPass = '******'
#
#hubClientFactory = hubclient.HubClientProtocolFactory(remoteServerUser,
