Exemplos de SSLOptions em Python

Exemplo n.º 1

def main():
    conf = configparser.ConfigParser()
    conf.read("app/config.ini")
    user = conf["rabbitmq"]["user"]
    password = conf["rabbitmq"]["password"]
    tls = conf["rabbitmq"]["tlsenabled"]

    if user == "" or password == "":
        if tls == "false":
            connection = pika.BlockingConnection(
                pika.ConnectionParameters(host='localhost'))
        else:
            context = ssl.SSLContext(ssl.PROTOCOL_TLSv1)
            context.load_verify_locations("cert_rabbitmq/cacert.pem")
            context.load_cert_chain(certfile="cert_rabbitmq/cert.pem",
                                    keyfile="cert_rabbitmq/key.pem")

            ssl_options = pika.SSLOptions(context)

            connection = pika.BlockingConnection(
                pika.ConnectionParameters(host="localhost",
                                          port=5671,
                                          ssl_options=ssl_options))
    else:
        credentials = pika.PlainCredentials(user, password)
        if tls == "false":
            connection = pika.BlockingConnection(
                pika.ConnectionParameters(host='localhost',
                                          credentials=credentials))
        else:
            context = ssl.SSLContext(ssl.PROTOCOL_TLSv1)
            context.load_verify_locations("cert_rabbitmq/cacert.pem")
            context.load_cert_chain(certfile="cert_rabbitmq/cert.pem",
                                    keyfile="cert_rabbitmq/key.pem")

            ssl_options = pika.SSLOptions(context)

            connection = pika.BlockingConnection(
                pika.ConnectionParameters(host="34.244.187.201",
                                          port=5671,
                                          ssl_options=ssl_options))

    channel = connection.channel()

    channel.exchange_declare(exchange='data', exchange_type='fanout')

    message = data()
    # message = json.loads(message)
    print(message)
    channel.basic_publish(exchange='data', routing_key='', body=message)
    print(" [x] Sent %r" % message)
    connection.close()

Exemplo n.º 2

Arquivo: collector_amqp.py Projeto: motok/intelmq

    def init(self):
        if pika is None:
            raise MissingDependencyError("pika", version=">=1.0")

        self.connection = None
        self.channel = None

        pika_version = tuple(int(x) for x in pika.__version__.split('.'))
        if pika_version < (1, ):
            raise MissingDependencyError("pika",
                                         version=">=1.0",
                                         installed=pika.__version__)

        self.kwargs = {}
        self.kwargs['heartbeat'] = self.connection_heartbeat

        if self.username and self.password:
            self.kwargs['credentials'] = pika.PlainCredentials(
                self.username, self.password)

        if self.use_ssl:
            self.kwargs['ssl_options'] = pika.SSLOptions(
                context=ssl.create_default_context(ssl.Purpose.CLIENT_AUTH))

        self.connection_parameters = pika.ConnectionParameters(
            host=self.connection_host,
            port=self.connection_port,
            virtual_host=self.connection_vhost,
            connection_attempts=self.connection_attempts,
            **self.kwargs)

        self.connect_server()

Exemplo n.º 3

Arquivo: stream_consumer.py Projeto: Cisco-AMP/pika_bootstrap

    def __init__(self, connection_data, on_event_callback):
        self._connection = None
        self._channel = None
        self._closing = False
        self._consumer_tag = None
        self._queue_name = connection_data['queue_name']
        self._url = "{}://{}:{}@{}:{}".format(self.AMQP_PROTO,
                                              connection_data['user_name'],
                                              connection_data['password'],
                                              connection_data['host'],
                                              connection_data['port'])
        credentials = pika.PlainCredentials(connection_data['user_name'],
                                            connection_data['password'])
        cxt = ssl.create_default_context()
        cxt.check_hostname = connection_data['ssl_check_hostname']
        cxt.verify_mode = eval(connection_data['ssl_verify_mode'])
        ssl_options = pika.SSLOptions(context=cxt)
        self._connection_parameters = pika.ConnectionParameters(
            host=connection_data['host'],
            port=connection_data['port'],
            virtual_host=connection_data['vhost'],
            credentials=credentials,
            ssl_options=ssl_options)

        logger.warn(self._url)
        self.on_event_callback = on_event_callback

Exemplo n.º 4

Arquivo: worker.py Projeto: timmytimj/opencti

    def __post_init__(self) -> None:
        super().__init__()
        self.api = OpenCTIApiClient(
            url=self.opencti_url,
            token=self.opencti_token,
            log_level=self.log_level,
            ssl_verify=self.ssl_verify,
            json_logging=self.json_logging,
        )
        self.queue_name = self.connector["config"]["push"]
        self.pika_credentials = pika.PlainCredentials(
            self.connector["config"]["connection"]["user"],
            self.connector["config"]["connection"]["pass"],
        )
        self.pika_parameters = pika.ConnectionParameters(
            self.connector["config"]["connection"]["host"],
            self.connector["config"]["connection"]["port"],
            "/",
            self.pika_credentials,
            ssl_options=pika.SSLOptions(create_ssl_context())
            if self.connector["config"]["connection"]["use_ssl"] else None,
        )

        self.pika_connection = pika.BlockingConnection(self.pika_parameters)
        self.channel = self.pika_connection.channel()
        self.channel.basic_qos(prefetch_count=1)
        self.processing_count: int = 0

Exemplo n.º 5

    def __init__(self,
                 amqp_server,
                 queues,
                 secrets_dir=DEFAULT_SECRETS_DIR,
                 **kwargs):
        """connect to some AMQP queues

        amqp_server should be formatted as host:port

        queues should be a list of strings with the names of queues, each queue
        will be declared and usable

        secrets_dir can be passed for enviroments where the AMQP secrets are not
        in DEFAULT_SECRETS_DIR.

        any extra arguments in **kwargs will be passed to queue_declare()

        the results of the result declarations are stored in
        DistributedQueue.declare_results, a dict mapping queue name to result

        when passive=True is passed to queue_declare() and the queue does not
        exist, the declare result will be None
        """
        if no_amqp:
            raise ImportError('pika is not available')

        try:
            host, port = amqp_server.split(':')
        except ValueError:
            raise ValueError('Please format amqp_server as host:port')
        context = ssl.create_default_context(
            cafile=os.path.join(secrets_dir, 'ca.pem'))
        context.load_cert_chain(keyfile=os.path.join(secrets_dir,
                                                     'amqp-client.key'),
                                certfile=os.path.join(secrets_dir,
                                                      'amqp-client.pem'))
        context.check_hostname = False
        self.connection = pika.BlockingConnection(
            pika.ConnectionParameters(
                host=host,
                port=int(port),
                ssl_options=pika.SSLOptions(context, server_hostname=host),
                credentials=pika.credentials.ExternalCredentials()))
        self.channel = self.connection.channel()
        self.declare_results = {}

        for queue in queues:
            try:
                result = self.channel.queue_declare(queue=queue,
                                                    arguments=arguments.get(
                                                        queue, None),
                                                    **kwargs)
                self.declare_results[queue] = result
            except pika.exceptions.ChannelClosedByBroker as e:
                # unknown error
                if e.reply_code != 404:
                    raise e
                # queue does not exist
                self.declare_results[queue] = None
                self.channel = self.connection.channel()

Exemplo n.º 6

    def __init__(
        self,
        connector: Dict[str, Any],
        opencti_url: str,
        opencti_token: str,
        log_level: str,
    ) -> None:
        threading.Thread.__init__(self)
        self.api = OpenCTIApiClient(opencti_url, opencti_token, log_level)
        self.queue_name = connector["config"]["push"]
        self.pika_credentials = pika.PlainCredentials(
            connector["config"]["connection"]["user"],
            connector["config"]["connection"]["pass"],
        )
        self.pika_parameters = pika.ConnectionParameters(
            connector["config"]["connection"]["host"],
            connector["config"]["connection"]["port"],
            "/",
            self.pika_credentials,
            ssl_options=pika.SSLOptions(create_ssl_context())
            if connector["config"]["connection"]["use_ssl"] else None,
        )

        self.pika_connection = pika.BlockingConnection(self.pika_parameters)
        self.channel = self.pika_connection.channel()
        self.channel.basic_qos(prefetch_count=1)
        self.processing_count: int = 0

Exemplo n.º 7

    def connect(self):
        if not sickrage.app.api.token or not sickrage.app.config.general.server_id:
            IOLoop.current().call_later(5, self.reconnect)
            return

        if sickrage.app.api.token_time_remaining < (int(sickrage.app.api.token['expires_in']) / 2):
            if not sickrage.app.api.refresh_token():
                IOLoop.current().call_later(5, self.reconnect)
                return

        try:
            credentials = pika.credentials.PlainCredentials(username='******', password=sickrage.app.api.token["access_token"])

            context = ssl.create_default_context()
            context.check_hostname = False
            context.verify_mode = ssl.CERT_NONE

            parameters = pika.ConnectionParameters(
                host=self._amqp_host,
                port=self._amqp_port,
                virtual_host=self._amqp_vhost,
                credentials=credentials,
                socket_timeout=300,
                ssl_options=pika.SSLOptions(context)
            )

            TornadoConnection(
                parameters,
                on_open_callback=self.on_connection_open,
                on_close_callback=self.on_connection_close,
                on_open_error_callback=self.on_connection_open_error
            )
        except (AMQPConnectorException, AMQPConnectionError, SSLCertVerificationError):
            sickrage.app.log.debug("AMQP connection error, attempting to reconnect")
            IOLoop.current().call_later(5, self.reconnect)

Exemplo n.º 8

Arquivo: transport.py Projeto: netsage-project/tstat-transport

    def _connection_params(self):
        """Generate pika connection parameters object/options."""

        credentials = pika.PlainCredentials(self._username, self._password)

        if self._use_ssl:
            config_options = self._config.get_ssl_opts()
            options = ssl.SSLContext()
            if config_options is not None:
                options = ssl.wrap_socket(**config_options)

            ssl_options = pika.SSLOptions(options, self._host)
            params = pika.ConnectionParameters(
                host=self._host,
                port=self._port,
                virtual_host=self._safe_cfg_val('vhost'),
                credentials=credentials,
                ssl_options=ssl_options)
        else:
            params = pika.ConnectionParameters(
                host=self._host,
                port=self._port,
                virtual_host=self._safe_cfg_val('vhost'),
                credentials=credentials)

        self._verbose_log('_connection_params.end', params)

        return params

Exemplo n.º 9

Arquivo: main.py Projeto: JohnTheNerd/PySarra

    def connect(self):
        """This method connects to RabbitMQ, returning the connection handle. It will also pass in the on_connection_open callback method.

    :rtype: pika.SelectConnection
    """
        logging.info(
            'Connecting to Sarracenia (amqps://anonymous:[email protected]/)'
        )
        context = ssl.create_default_context()

        credentials = pika.PlainCredentials('anonymous', 'anonymous')
        parameters = pika.ConnectionParameters(
            'dd.weather.gc.ca',
            5671,
            '/',
            credentials,
            # Sarracenia serves TLS certificates that have a CN of "weather.gc.ca"
            # since we can only talk to it through "dd.weather.gc.ca", TLS validation will fail
            # to work around this, we pass a custom SSL context to pika with server_hostname set accordingly
            # this is secure because "weather.gc.ca" belongs to Environment Canada, so certificates from that domain can be trusted
            ssl_options=pika.SSLOptions(context,
                                        server_hostname='weather.gc.ca'))
        return pika.SelectConnection(
            parameters=parameters,
            on_open_callback=self.on_connection_open,
            on_close_callback=self.on_connection_closed)

Exemplo n.º 10

 def _get_connection(self):
     while self.running:
         try:
             #
             pika_ssl_options = None
             if self.ssl_context is not None:
                 pika_ssl_options = pika.SSLOptions(
                     self.ssl_context, self.ssl_server_hostname)
             #
             connection = pika.BlockingConnection(
                 pika.ConnectionParameters(
                     host=self.queue_config.host,
                     port=self.queue_config.port,
                     virtual_host=self.queue_config.vhost,
                     credentials=pika.PlainCredentials(
                         self.queue_config.user,
                         self.queue_config.password),
                     ssl_options=pika_ssl_options,
                 ))
             connection.process_data_events()
             return connection
         except:  # pylint: disable=W0702
             log.exception(
                 "Failed to create connection. Retrying in %s seconds",
                 self.retry_interval)
             time.sleep(self.retry_interval)

Exemplo n.º 11

Arquivo: opencti_connector_helper.py Projeto: djds/client-python

 def run(self) -> None:
     while not self.exit_event.is_set():
         try:
             # Connect the broker
             self.pika_credentials = pika.PlainCredentials(self.user, self.password)
             self.pika_parameters = pika.ConnectionParameters(
                 host=self.host,
                 port=self.port,
                 virtual_host="/",
                 credentials=self.pika_credentials,
                 ssl_options=pika.SSLOptions(create_ssl_context(), self.host)
                 if self.use_ssl
                 else None,
             )
             self.pika_connection = pika.BlockingConnection(self.pika_parameters)
             self.channel = self.pika_connection.channel()
             assert self.channel is not None
             self.channel.basic_consume(
                 queue=self.queue_name, on_message_callback=self._process_message
             )
             self.channel.start_consuming()
         except (KeyboardInterrupt, SystemExit):
             self.helper.log_info("Connector stop")
             sys.exit(0)
         except Exception as e:  # pylint: disable=broad-except
             self.helper.log_error(str(e))
             time.sleep(10)

Exemplo n.º 12

def produce():
    credentials = pika.PlainCredentials(os.getenv("DB_USERNAME"),
                                        os.getenv("PASSWORD"))
    context = ssl.SSLContext(ssl.PROTOCOL_TLSv1_2)
    config = {
        'host':
        'b-6cdeb3fd-c4a0-432f-b393-287562fabdcb.mq.us-east-2.amazonaws.com',
        'port': 5671,
        'exchange': 'system-integration',
        'queue_name': 'logs'
    }
    param = pika.ConnectionParameters(host=config['host'],
                                      port=config['port'],
                                      credentials=credentials,
                                      virtual_host='/',
                                      ssl_options=pika.SSLOptions(context))
    connection = pika.BlockingConnection(param)
    channel = connection.channel()
    date = datetime.now().isoformat()
    payload = json.dumps({
        'type': str(LogTypes.CAR_RENTAL.value),
        'content': {
            'car_id': 1,
            'user_id': 4,
            'reservation_id': 12,
            'timestamp': date
        }
    })
    channel.basic_publish(exchange='system-integration',
                          routing_key='logs',
                          body=payload)

Exemplo n.º 13

    def connect(self):
        """This method connects to RabbitMQ, returning the connection handle.
        When the connection is established, the on_connection_open method
        will be invoked by pika.

        :rtype: pika.SelectConnection

        """
        self.logger.info('Connecting to %s', self._prefix)
        account = 'opensuse'
        server = 'rabbit.opensuse.org'
        if self._prefix == 'suse':
            account = 'suse'
            server = 'rabbit.suse.de'
        credentials = pika.PlainCredentials(account, account)
        context = ssl.create_default_context()
        ssl_options = pika.SSLOptions(context, server)
        parameters = pika.ConnectionParameters(server,
                                               5671,
                                               '/',
                                               credentials,
                                               ssl_options=ssl_options,
                                               socket_timeout=10)
        return pika.SelectConnection(parameters,
                                     on_open_callback=self.on_connection_open)

Exemplo n.º 14

Arquivo: rabbitmq_publisher.py Projeto: fredjn/eiffel-pythonlib

    def __init__(self,
                 host,
                 exchange,
                 routing_key="eiffel",
                 username=None,
                 password=None,
                 port=5671,
                 vhost=None,
                 source=None,
                 ssl=True):
        """Initialize with host and create pika connection parameters."""
        self.exchange = exchange
        self.routing_key = routing_key
        self.message_queue = queue.Queue()
        self.source = source

        # These two lines are similar between subscriber and publisher.
        # But since we don't want a connection between them; this is fine.
        parameters = {"port": port}
        if ssl is True:
            context = _ssl.create_default_context()
            ssl_options = pika.SSLOptions(context, host)
            parameters["ssl_options"] = ssl_options
        if username and password:
            parameters["credentials"] = pika.PlainCredentials(
                username, password)
        if vhost:
            parameters["virtual_host"] = vhost

        self.parameters = pika.ConnectionParameters(host, **parameters)

Exemplo n.º 15

Arquivo: rabbitmq_subscriber.py Projeto: fredjn/eiffel-pythonlib

    def __init__(self, host, queue, exchange, username=None, password=None, port=5671,
                 vhost=None, routing_key=None, ssl=True, queue_params=None):
        """Initialize with rabbitmq host."""
        super(RabbitMQSubscriber, self).__init__()
        self.host = host
        self.queue = queue
        self.delegator_queue = Queue()
        self.result_queue = Queue()
        self.lock = threading.Lock()
        self.exchange = exchange
        self.routing_key = routing_key
        self.queue_params = queue_params if queue_params else {}
        self.requeue_tracker = {}

        # These two lines are similar between subscriber and publisher.
        # But since we don't want a connection between them; this is fine.
        parameters = {"port": port}
        if ssl is True:
            context = _ssl.create_default_context()
            ssl_options = pika.SSLOptions(context, host)
            parameters["ssl_options"] = ssl_options
        if username and password:
            parameters["credentials"] = pika.PlainCredentials(username, password)
        if vhost:
            parameters["virtual_host"] = vhost
        self.parameters = pika.ConnectionParameters(host, **parameters)

Exemplo n.º 16

def get_connection(domain, blocking=True):
    """Return a blocking connection to the Message Broker supporting AMQP(S).

    The host, portm virtual_host, username, password and
    heartbeat values are read from the CONF argument.
    So are the SSL options.
    """
    assert domain in CONF.sections(), "Section not found in config file"

    LOG.info(f'Getting a connection to {domain}')
    params = CONF.get_value(domain, 'connection', raw=True)
    LOG.debug(f"Initializing a connection to: {params}")
    connection_params = pika.connection.URLParameters(params)

    # Handling the SSL options
    # Note: We re-create the SSL context, so don't pass any ssl_options in the above connection URI.
    if params.startswith('amqps'):

        LOG.debug("Enforcing a TLS context")
        context = ssl.SSLContext(
            protocol=ssl.PROTOCOL_TLS
        )  # Enforcing (highest) TLS version (so... 1.2?)

        context.verify_mode = ssl.CERT_NONE
        # Require server verification
        if CONF.get_value(domain, 'verify_peer', conv=bool, default=False):
            LOG.debug("Require server verification")
            context.verify_mode = ssl.CERT_REQUIRED
            cacertfile = CONF.get_value(domain, 'cacertfile', default=None)
            if cacertfile:
                context.load_verify_locations(cafile=cacertfile)

        # Check the server's hostname
        server_hostname = CONF.get_value(domain,
                                         'server_hostname',
                                         default=None)
        verify_hostname = CONF.get_value(domain,
                                         'verify_hostname',
                                         conv=bool,
                                         default=False)
        if verify_hostname:
            LOG.debug("Require hostname verification")
            assert server_hostname, "server_hostname must be set if verify_hostname is"
            context.check_hostname = True
            context.verify_mode = ssl.CERT_REQUIRED

        # If client verification is required
        certfile = CONF.get_value(domain, 'certfile', default=None)
        if certfile:
            LOG.debug("Prepare for client verification")
            keyfile = CONF.get_value(domain, 'keyfile')
            context.load_cert_chain(certfile, keyfile=keyfile)

        # Finally, the pika ssl options
        connection_params.ssl_options = pika.SSLOptions(
            context=context, server_hostname=server_hostname)

    connection_factory = pika.BlockingConnection if blocking else pika.SelectConnection
    return connection_factory(connection_params)

Exemplo n.º 17

Arquivo: utils.py Projeto: ChrisMacNaughton/zaza-openstack-tests

def connect_amqp_by_unit(unit,
                         ssl=False,
                         port=None,
                         fatal=True,
                         username="******",
                         password="******"):
    """Establish and return a pika amqp connection to the rabbitmq service.

    Establish and return a pika amqp connection to the rabbitmq service
    running on a rmq juju unit.
    :param unit: unit pointer
    :param ssl: boolean, default to False
    :param port: amqp port, use defaults if None
    :param fatal: boolean, default to True (raises on connect error)
    :param username: amqp user name, default to testuser1
    :param password: amqp user password
    :returns: pika amqp connection pointer or None if failed and non-fatal
    """
    host = unit.public_address
    unit_name = unit.entity_id

    if ssl:
        # TODO: when Python3.5 support is removed, investigate
        # changing protocol to PROTOCOL_TLS
        context = libssl.SSLContext(protocol=libssl.PROTOCOL_TLSv1_2)
        ssl_options = pika.SSLOptions(context)
    else:
        ssl_options = None

    # Default port logic if port is not specified
    if ssl and not port:
        port = 5671
    elif not ssl and not port:
        port = 5672

    logging.debug('Connecting to amqp on {}:{} ({}) as '
                  '{}...'.format(host, port, unit_name, username))

    try:
        credentials = pika.PlainCredentials(username, password)
        parameters = pika.ConnectionParameters(host=host,
                                               port=port,
                                               credentials=credentials,
                                               ssl_options=ssl_options,
                                               connection_attempts=3,
                                               retry_delay=5,
                                               socket_timeout=1)
        connection = pika.BlockingConnection(parameters)
        assert connection.is_open is True
        logging.debug('Connect OK')
        return connection
    except Exception as e:
        msg = ('amqp connection failed to {}:{} as '
               '{} ({})'.format(host, port, username, str(e)))
        if fatal:
            raise Exception(msg)
        else:
            logging.warn(msg)
            return None

Exemplo n.º 18

Arquivo: amqp_connection.py Projeto: BKnight760/systemlink-file-subscriber-example-service

    def _initialize(self):
        """
        Used to initialize this :class:`AmqpConsumer` object or re-initialize
        it after a disconnect is detected.
        """
        LOGGER.debug('AmqpConnection _initialize!')
        credentials = pika.PlainCredentials(self._user_name, self._password)
        cert_abs_path = None

        if self._use_tls:
            # Get RabbitMQ server certificate path
            if os.path.isabs(self._cert_path):
                cert_abs_path = self._cert_path
            else:
                cert_abs_path = os.path.join(
                    get_base_configuration_directory(), 'Certificates',
                    self._cert_path)
            if pika.__version__[0] == '0':
                # Backwards compatibility for pika < 1.0.0.
                ssl_options = {
                    'ssl_version': ssl.PROTOCOL_TLSv1_2,
                    'cert_reqs': ssl.CERT_REQUIRED,
                    'ca_certs': cert_abs_path
                }
                kwargs = {'ssl': True}
            else:
                ssl_context = ssl.SSLContext(protocol=ssl.PROTOCOL_TLSv1_2)
                ssl_context.verify_mode = ssl.CERT_REQUIRED
                ssl_context.load_verify_locations(cert_abs_path)
                ssl_options = pika.SSLOptions(ssl_context)
                kwargs = {}
        else:
            ssl_options = None
            kwargs = {}

        conn_params = pika.ConnectionParameters(host=self._host_name,
                                                port=self._port,
                                                credentials=credentials,
                                                ssl_options=ssl_options,
                                                **kwargs)

        try:
            self._connection = pika.BlockingConnection(conn_params)
        except Exception as exc:  # pylint: disable=broad-except
            # This will throw its own exception if it detects a problem.
            if cert_abs_path:
                _check_certificate(cert_abs_path)
            # Throw a generic exception since we don't know what the specific
            # problem is.
            exc_name = exc.__class__.__name__
            exc_str = str(exc)
            if exc_str:
                msg = 'Error connecting to AMQP. {0}: {1}'.format(
                    exc_name, exc_str)
            else:
                msg = 'Error connecting to AMQP. {0}'.format(exc_name)
            raise SystemLinkException.from_name(
                'Skyline.AMQPErrorOpeningTCPConnection', info=msg)

Exemplo n.º 19

    def init(self):
        if pika is None:
            raise ValueError(
                "Could not import library 'pika'. Please install it.")

        self.connection = None
        self.channel = None

        pika_version = tuple(int(x) for x in pika.__version__.split('.'))
        self.kwargs = {}
        if pika_version < (0, 11):
            self.kwargs[
                'heartbeat_interval'] = self.parameters.connection_heartbeat
        else:
            self.kwargs['heartbeat'] = self.parameters.connection_heartbeat
        if pika_version < (1, ):
            # https://groups.google.com/forum/#!topic/pika-python/gz7lZtPRq4Q
            self.publish_raises_nack = False
        else:
            self.publish_raises_nack = True

        self.keep_raw_field = self.parameters.keep_raw_field
        self.delivery_mode = self.parameters.delivery_mode
        self.content_type = self.parameters.content_type
        self.exchange = self.parameters.exchange_name
        self.require_confirmation = self.parameters.require_confirmation
        self.durable = self.parameters.exchange_durable
        self.exchange_type = self.parameters.exchange_type
        self.connection_host = self.parameters.connection_host
        self.connection_port = self.parameters.connection_port
        self.connection_vhost = self.parameters.connection_vhost
        if self.parameters.username and self.parameters.password:
            self.kwargs['credentials'] = pika.PlainCredentials(
                self.parameters.username, self.parameters.password)

        if getattr(self.parameters, 'use_ssl', False):
            self.kwargs['ssl_options'] = pika.SSLOptions(
                context=ssl.create_default_context(ssl.Purpose.CLIENT_AUTH))

        self.connection_parameters = pika.ConnectionParameters(
            host=self.connection_host,
            port=self.connection_port,
            virtual_host=self.connection_vhost,
            connection_attempts=self.parameters.connection_attempts,
            **self.kwargs)
        self.routing_key = self.parameters.routing_key
        self.properties = pika.BasicProperties(
            content_type=self.content_type, delivery_mode=self.delivery_mode)

        self.connect_server()

        self.hierarchical = getattr(self.parameters, "message_hierarchical",
                                    False)
        self.with_type = getattr(self.parameters, "message_with_type", False)
        self.jsondict_as_string = getattr(self.parameters,
                                          "message_jsondict_as_string", False)

        self.single_key = getattr(self.parameters, 'single_key', None)

Exemplo n.º 20

    def run(self):
        ssl_options = None

        if self.ssl:
            context = ssl.create_default_context()
            ssl_options = pika.SSLOptions(context, self.host)

        if self.amqpurl:
            parsed = urlparse(self.amqpurl)
            self.host = parsed.hostname
            replaced = parsed._replace(
                netloc="{}:{}@{}".format(parsed.username, "*" *
                                         8, parsed.hostname))
            logger.info("AMQP URL %s" % replaced.geturl())
            parameters = pika.URLParameters(self.amqpurl)
        else:
            logger.info("AMQP broker %s virtual host %s" %
                        (self.host, self.vhost))
            credentials = pika.PlainCredentials(self.username, self.password)
            parameters = pika.ConnectionParameters(
                host=self.host,
                port=self.port,
                connection_attempts=self.retries,
                socket_timeout=self.timeout,
                virtual_host=self.vhost,
                credentials=credentials,
                ssl_options=ssl_options)

        try:
            self.connection = pika.BlockingConnection(parameters)
        except (AMQPConnectionError, ConnectionResetError, ssl.SSLError) as e:
            logger.error("AMQP broker %s %s" % (self.host, e))
        self.channel = self.connection.channel()
        self.channel.queue_declare(queue='queue')

        try:
            self.channel.exchange_declare(exchange=self.key,
                                          exchange_type='direct',
                                          passive=False,
                                          durable=True,
                                          auto_delete=False)
            self.channel.queue_declare(queue='standard', auto_delete=True)
            self.channel.queue_bind(queue='standard',
                                    exchange=self.key,
                                    routing_key=self.key)
            self.channel.basic_qos(prefetch_count=self.qos)
            self._consumer_tag = self.channel.basic_consume(
                'standard', self.on_message)
        except (ChannelClosedByBroker, TypeError) as e:
            logger.error("AMQP broker %s %s" % (self.host, e))
            return

        logger.debug('Routing key "%s" QoS %d' % (self.key, self.qos))
        thread = threading.Thread(target=self.channel.start_consuming,
                                  name=self.name)
        thread.start()

Exemplo n.º 21

Arquivo: main.py Projeto: grossvater/amqp-client-cli

def amqp_send(
    host,
    port,
    exchange,
    routing_key,
    message,
    file_path,
    user,
    persistent,
    vhost,
    ssl_,
):
    try:
        if not user:
            user = input(f"{Fore.GREEN}User: {Fore.RESET}")
        password = get_password(user)
        vhost = vhost or get_vhost(user)
    except KeyboardInterrupt:
        print_failure("\nTerminated from keyboard.")
        sys.exit(1)

    properties = pika.BasicProperties(delivery_mode=2 if persistent else 1)
    credentials = pika.PlainCredentials(user, password)
    sys.stdout.write(f"Connecting to queue @ {host}:{port}... ")
    try:
        connection = pika.BlockingConnection(
            pika.ConnectionParameters(
                host=host,
                port=port,
                ssl_options=pika.SSLOptions(context=ssl.create_default_context())
                if ssl_
                else None,
                virtual_host=vhost,
                credentials=credentials,
            )
        )
    except pika.exceptions.AMQPError as e:
        print_failure("FAILED!", out=sys.stdout)
        print_failure(f"Failure reason: {repr(e)}")
        sys.exit(1)

    print_success("SUCCESS!")

    if message:
        body = message.encode("utf-8")
    else:
        with open(file_path, "rb") as f:
            body = f.read()
    channel = connection.channel()
    try:
        channel.basic_publish(
            exchange=exchange, routing_key=routing_key, body=body, properties=properties
        )
    finally:
        channel.close()
    print_success(f"Message successfully published to exchange [{exchange}]!")

Exemplo n.º 22

def configureSSLOptions():
    ### with client certificates (required if self-signed) ###
    # context = ssl.create_default_context(cafile=CA_FILE_PATH)
    # context.load_cert_chain(CERT_FILE_PATH, KEY_FILE_PATH)

    ### without client certificates (if ssl_options.fail_if_no_peer_cert=false) ###
    context = ssl.create_default_context()

    ssl_options = pika.SSLOptions(context, RMQ_SSL_SERVER_HOSTNAME)
    return ssl_options

Exemplo n.º 23

 def _create_connection(self):
     return pika.BlockingConnection(
         pika.ConnectionParameters(
             host='server.rynkbit.com',
             port=5672,
             credentials=pika.PlainCredentials(username=self.username,
                                               password=self.password),
             ssl_options=pika.SSLOptions(ssl.create_default_context()),
             heartbeat=600,
             blocked_connection_timeout=300))

Exemplo n.º 24

 def create_connection(self):
     print(self.config)
     print(f' with {self.credentials} ')
     param = pika.ConnectionParameters(host=self.config['host'],
                                       port=self.config['port'],
                                       credentials=self.credentials,
                                       virtual_host='/',
                                       ssl_options=pika.SSLOptions(
                                           self.context))
     return pika.BlockingConnection(param)

Exemplo n.º 25

    def __init__(self,
                 amqp_host=None,
                 amqp_user=None,
                 amqp_pass=None,
                 amqp_port=None,
                 amqp_vhost=None,
                 ssl_enabled=None,
                 ssl_cert_path=None,
                 ssl_cert_data=None,
                 socket_timeout=3,
                 heartbeat_interval=None):
        super(AMQPParams, self).__init__()
        username = amqp_user or broker_config.broker_username
        password = amqp_pass or broker_config.broker_password
        heartbeat = heartbeat_interval or broker_config.broker_heartbeat
        ssl_enabled = ssl_enabled or broker_config.broker_ssl_enabled
        ssl_cert_path = ssl_cert_path or broker_config.broker_cert_path
        credentials = pika.credentials.PlainCredentials(
            username=username,
            password=password,
        )

        self.raw_host = amqp_host or broker_config.broker_hostname
        self._amqp_params = {
            'port': amqp_port or broker_config.broker_port,
            'virtual_host': amqp_vhost or broker_config.broker_vhost,
            'credentials': credentials,
            'heartbeat': heartbeat,
            'socket_timeout': socket_timeout
        }
        if OLD_PIKA:
            if ssl_cert_data:
                raise RuntimeError(
                    'Passing in cert content is incompatible with old pika')
            self._amqp_params['ssl'] = ssl_enabled
            if ssl_enabled:
                self._amqp_params['ssl_options'] = {
                    'cert_reqs': ssl.CERT_REQUIRED,
                    'ca_certs': ssl_cert_path,
                }
            else:
                self._amqp_params['ssl_options'] = {}
        else:
            if ssl_enabled:
                if ssl_cert_data:
                    ssl_context = ssl.create_default_context(
                        cadata=ssl_cert_data)
                elif ssl_cert_path:
                    ssl_context = ssl.create_default_context(
                        cafile=ssl_cert_path)
                else:
                    raise RuntimeError(
                        'When ssl is enabled, ssl_cert_path or ssl_cert_data '
                        'must be provided')
                self._amqp_params['ssl_options'] = pika.SSLOptions(ssl_context)

Exemplo n.º 26

    def send_stix2_bundle(self, bundle, **kwargs) -> list:
        """send a stix2 bundle to the API

        :param work_id: a valid work id
        :param bundle: valid stix2 bundle
        :type bundle:
        :param entities_types: list of entities, defaults to None
        :type entities_types: list, optional
        :param update: whether to updated data in the database, defaults to False
        :type update: bool, optional
        :raises ValueError: if the bundle is empty
        :return: list of bundles
        :rtype: list
        """
        work_id = kwargs.get("work_id", self.work_id)
        entities_types = kwargs.get("entities_types", None)
        update = kwargs.get("update", False)

        if entities_types is None:
            entities_types = []
        stix2_splitter = OpenCTIStix2Splitter()
        bundles = stix2_splitter.split_bundle(bundle)
        if len(bundles) == 0:
            raise ValueError("Nothing to import")
        if work_id is not None:
            self.api.work.add_expectations(work_id, len(bundles))
        pika_credentials = pika.PlainCredentials(
            self.config["connection"]["user"], self.config["connection"]["pass"]
        )
        pika_parameters = pika.ConnectionParameters(
            host=self.config["connection"]["host"],
            port=self.config["connection"]["port"],
            virtual_host="/",
            credentials=pika_credentials,
            ssl_options=pika.SSLOptions(
                create_ssl_context(), self.config["connection"]["host"]
            )
            if self.config["connection"]["use_ssl"]
            else None,
        )

        pika_connection = pika.BlockingConnection(pika_parameters)
        channel = pika_connection.channel()
        for sequence, bundle in enumerate(bundles, start=1):
            self._send_bundle(
                channel,
                bundle,
                work_id=work_id,
                entities_types=entities_types,
                sequence=sequence,
                update=update,
            )
        channel.close()
        return bundles

Exemplo n.º 27

def get_parameters(host, port, username, password):
    credentials = pika.PlainCredentials(username, password)
    context = get_context()
    ssl_options = pika.SSLOptions(context)
    parameters = pika.ConnectionParameters(
        host=host,
        port=port,
        credentials=credentials,
        ssl_options=ssl_options,
    )
    return parameters

Exemplo n.º 28

Arquivo: osso_ez_rmq.py Projeto: ossobv/swiftbunny

def rmq_connect(rmqc):
    log.info('Begin connection to RMQ %s:%s', rmqc.host, rmqc.port)
    conn_kwargs = {}

    try:
        pika.SSLOptions
    except AttributeError:  # pika<1.0
        if rmqc.tls:
            conn_kwargs['ssl'] = True
        else:
            conn_kwargs['ssl'] = False
    else:  # pika>=1.0
        if rmqc.tls:
            # Quick and dirty hack, using a local ca file.
            ca_fn = os.path.join(os.path.dirname(__file__), rmqc.host + '.ca')
            try:
                with open(ca_fn) as ca_fp:
                    ca_data = ca_fp.read()
            except OSError:
                ca_data = None

            ctx = ssl.create_default_context(ssl.Purpose.SERVER_AUTH)

            if ca_data:
                ctx.check_hostname = False  # this host uses non-standard CN
                ctx.load_verify_locations(cadata=ca_data)

            conn_kwargs['ssl_options'] = pika.SSLOptions(context=ctx)

    # Timeout options for pika >= 0.11:
    if tuple(int(i) for i in pika.__version__.split('.')[0:2]) >= (0, 11):
        conn_kwargs['heartbeat'] = 600
        conn_kwargs['blocked_connection_timeout'] = 300

    if rmqc.username and rmqc.password:
        creds = pika.PlainCredentials(rmqc.username, rmqc.password)
        params = pika.ConnectionParameters(host=rmqc.host,
                                           port=rmqc.port,
                                           credentials=creds,
                                           virtual_host=rmqc.vhost,
                                           **conn_kwargs)
    else:
        params = pika.ConnectionParameters(host=rmqc.host,
                                           port=rmqc.port,
                                           virtual_host=rmqc.vhost,
                                           **conn_kwargs)

    connection = pika.BlockingConnection(params)
    log.info('Connected to RMQ %s:%s', rmqc.host, rmqc.port)
    channel = connection.channel()
    # Set prefetch to non-zero, because the default of 0 means "give me 800.000
    # messages if you have it!" :unamused:
    channel.basic_qos(prefetch_count=400)
    return channel

Exemplo n.º 29

Arquivo: amqp.py Projeto: ghga-de/LocalEGA

    def fetch_args(self):
        """Retrieve AMQP connection parameters."""
        LOG.debug('Getting a connection to "%s"', self.conf_section)
        params = CONF.getsensitive(self.conf_section, 'connection', raw=True)
        if isinstance(params, bytes):  # secret to str
            params = params.decode()

        LOG.info("Initializing a connection to: %s", redact_url(params))
        self.connection_params = pika.connection.URLParameters(params)

        # Handling the SSL options
        # Note: We re-create the SSL context, so don't pass any ssl_options in the above connection URI.
        if params.startswith('amqps'):

            LOG.debug("Enforcing a TLS context")
            context = ssl.SSLContext(
                protocol=ssl.PROTOCOL_TLS
            )  # Enforcing (highest) TLS version (so... 1.2?)

            context.verify_mode = ssl.CERT_NONE
            # Require server verification
            if CONF.getboolean(self.conf_section,
                               'verify_peer',
                               fallback=False):
                LOG.debug("Require server verification")
                context.verify_mode = ssl.CERT_REQUIRED
                cacertfile = CONF.get(self.conf_section,
                                      'cacertfile',
                                      fallback=None)
                if cacertfile:
                    context.load_verify_locations(cafile=cacertfile)

            # Check the server's hostname
            server_hostname = CONF.get(self.conf_section,
                                       'server_hostname',
                                       fallback=None)
            if CONF.getboolean(self.conf_section,
                               'verify_hostname',
                               fallback=False):
                LOG.debug("Require hostname verification")
                assert server_hostname, "server_hostname must be set if verify_hostname is"
                context.check_hostname = True
                context.verify_mode = ssl.CERT_REQUIRED

            # If client verification is required
            certfile = CONF.get(self.conf_section, 'certfile', fallback=None)
            if certfile:
                LOG.debug("Prepare for client verification")
                keyfile = CONF.get(self.conf_section, 'keyfile')
                context.load_cert_chain(certfile, keyfile=keyfile)

            # Finally, the pika ssl options
            self.connection_params.ssl_options = pika.SSLOptions(
                context=context, server_hostname=server_hostname)

Exemplo n.º 30

def main():
    parser = argparse.ArgumentParser()
    parser.add_argument("--rabbitmq_host",
                        default=getenv("RABBITMQ_HOST", "localhost"))
    parser.add_argument("--rabbitmq_port",
                        default=getenv("RABBITMQ_PORT", "5672"),
                        type=int)
    parser.add_argument("--rabbitmq_username",
                        default=getenv("RABBITMQ_USERNAME", ""))
    parser.add_argument("--rabbitmq_password",
                        default=getenv("RABBITMQ_PASSWORD", ""))
    parser.add_argument("--rabbitmq_cacertfile",
                        default=getenv("RABBITMQ_CACERTFILE", ""))
    parser.add_argument("--rabbitmq_certfile",
                        default=getenv("RABBITMQ_CERTFILE", ""))
    parser.add_argument("--rabbitmq_keyfile",
                        default=getenv("RABBITMQ_KEYFILE", ""))
    parser.add_argument("--rabbitmq_exchange",
                        default=getenv("RABBITMQ_EXCHANGE", "waggle.msg"))
    parser.add_argument("--rabbitmq_queue",
                        default=getenv("RABBITMQ_QUEUE", "logger-messages"))
    args = parser.parse_args()

    if args.rabbitmq_username != "":
        credentials = pika.PlainCredentials(args.rabbitmq_username,
                                            args.rabbitmq_password)
    else:
        credentials = pika.credentials.ExternalCredentials()

    if args.rabbitmq_cacertfile != "":
        context = ssl.create_default_context(cafile=args.rabbitmq_cacertfile)
        # HACK this allows the host and baked in host to be configured independently
        context.check_hostname = False
        if args.rabbitmq_certfile != "":
            context.load_cert_chain(args.rabbitmq_certfile,
                                    args.rabbitmq_keyfile)
        ssl_options = pika.SSLOptions(context, args.rabbitmq_host)
    else:
        ssl_options = None

    params = pika.ConnectionParameters(host=args.rabbitmq_host,
                                       port=args.rabbitmq_port,
                                       credentials=credentials,
                                       ssl_options=ssl_options,
                                       retry_delay=60,
                                       socket_timeout=10.0)

    conn = pika.BlockingConnection(params)
    ch = conn.channel()
    ch.queue_declare(args.rabbitmq_queue, durable=True)
    ch.queue_bind(args.rabbitmq_queue, args.rabbitmq_exchange, "#")
    ch.basic_consume(args.rabbitmq_queue, message_handler)
    ch.start_consuming()