def get_cert(self):
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s = session.Session(sock)
resp = s.connect(self.ip, self.port, 1)
if resp:
resp = pickle.loads(resp)
with open(self.cert, 'wb') as f:
self.port = resp['port']
self.ip = resp['ip']
f.write(resp['cert'])
s.shutdown()
if resp:
return True
def connect(self):
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.settimeout(10)
self.conn = ssl.wrap_socket(sock, ssl_version=ssl.PROTOCOL_TLSv1)
s = session.Session(self.conn)
services = s.connect(self.ip, self.port)
if not services:
self.ip, self.port, self.is_active = None, None, False
self.display_text(
'Error: Server is unavailable, trying again in a bit')
else:
self.shell = shell.Shell(s, services['args'], self.home)
self.is_active = True
self.shell.shell()
def connect(self):
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.settimeout(10)
self.conn = ssl.wrap_socket(sock,
ca_certs=self.cert,
cert_reqs=ssl.CERT_REQUIRED)
s = session.Session(self.conn)
services = s.connect(self.ip, self.port, 2)
if not services:
self.ip, self.port, self.is_active = None, None, False
self.display_text(
'Error: Server is unavailable, trying again in a bit')
else:
_shell = shell.Shell(s, services['args'], self.home)
self.is_active = True
_shell.shell()
def __init__(self, *argc, **argkw):
super(BaseHandler, self).__init__(*argc, **argkw)
self.session = session.Session(self.application.session_manager, self)
self.jinja2 = self.settings.get('jinja2')
self.jinja2 = helper.Filters(self.jinja2).register()
# -*- coding: utf-8 -*-
#
# Autor: Matias Novoa
# Año: 2014
# Licencia: GNU/GPL V3 http://www.gnu.org/copyleft/gpl.html
import os
import json
from lib import session
from db import controlador
# session
user_session = session.Session()
# Cargamos el archivo de configuración
file_path = os.path.join(
os.path.split(os.path.abspath(os.path.dirname(__file__)))[0],
'.config/parametros.json')
with open(file_path) as data_file:
parametros = json.load(data_file)
UNIDAD = int(controlador.get_maquina(parametros['terminal']))
# Cargamos el archivo de versión
path = os.path.join(
os.path.split(os.path.abspath(os.path.dirname(__file__)))[0], 'VERSION')
with open(path) as file_data:
version_file = json.load(file_data)
VERSION = version_file['Version']['numero']
def main(args):
# Make instance of tools
tls = tools.tools()
# Set logging Level
if args.debug:
logging.basicConfig(level=logging.DEBUG)
print("Debug Mode")
else:
logging.basicConfig(level=logging.INFO, format='%(message)s')
# Banner
os.system("clear")
tls.colour_output(text="*" * 80, fg="YELLOW", bg="BLUE")
tls.colour_output(
text=
"*********************** Housley ACI Audit:Data Collector ***********************",
fg="YELLOW",
bg="BLUE")
tls.colour_output(text="*" * 80, fg="YELLOW", bg="BLUE")
logging.debug(pformat(args))
# Read audit file
logging.info("Reading audit list from file: " + args.json)
audit_list = tls.read_JSON(args.json)
# Setup output folder/directory
# The zipped file name will also be the same as the folder
if args.output != None:
tar_file = args.output
new_dir = "../" + args.output
logging.debug("Creating output directory: " + new_dir)
# Make Dir and confirm sucessful
if tls.make_dir(dir_name=new_dir):
out_dir = new_dir + "/"
# Directory creation failed
else:
exit()
else:
tar_file = "output"
out_dir = "../output/"
logging.info("Output directory used: " + out_dir + "\n")
# Check if testing mode
if args.testing:
# Set variables
ip_addr = "172.16.11.2"
user = "******"
#passwd = "PROMPT"
passwd = "!@34QWer"
# Get variable if not testing
else:
# Set password for prompted input
passwd = "PROMPT"
# Enter Login Credentials if Prompt is True
if args.prompted:
# Get APIC IP address
vPrompt = str("Input IP address for APIC: ")
ip_addr = input(vPrompt)
if not tls.validate_ip(ip_addr):
logging.info("Input cancelled")
exit()
# Get Username
vPrompt = str("Input APIC login username: "******"Run error ... Username and APIC details not provided")
logging.info("run again with either:")
logging.info("-a and -u options")
logging.info(" or ")
logging.info("-p prompt option ")
exit()
else:
user = args.user
ip_addr = args.apic
# Get password
if passwd == "PROMPT":
vPrompt = str("Input Password for " + user + " at APIC " + ip_addr +
": ")
password = getpass.getpass(vPrompt)
else:
password = passwd
# Try to login to APCI
logging.info("Checking APIC connection is possible")
try:
aci = session.Session(apic=ip_addr,
https=True,
uid=user,
pwd=password,
verify_ssl=False)
login_successful = aci.login()
except:
logging.info("\nError - Login failed - Not able to connect")
exit()
# Check if login ok
if login_successful:
logging.debug(" Session token: " + str(aci.session.cookies))
logging.info(" Login sucessful")
else:
logging.info("\nError - Login failed - Check Password for user: "******"\n")
exit()
# Parse the json list of objects to collect
logging.info("\n\n##### Auditing System #####")
for line in audit_list["audit_list"]:
if line.get("url") != None: # Check not section seperator
obj = line["url"]
logging.info("\nGetting name: " + line["name"])
logging.debug(obj)
if line["include"] == True:
resp = aci.get(obj)
tls.write_JSON(name=line["name"],
content=resp,
dir_name=out_dir)
logging.debug(resp)
else:
logging.info(
" Skipped as included=False in audit.json config file")
# Make the tar.gz file
tls.make_tar_file(name=tar_file)
logging.info("\n\nAudit files archived to: " + tar_file + ".tar.gz")
logging.info("\n\n##### Audit Complete #####")
logging.info("Please send " + tar_file + ".tar.gz to Housley\n\n")
def __init__(self, application, request, *args, **kwargs):
super(FoundHandler, self).__init__(application, request, **kwargs)
self.session = session.Session(self.application.session_manager, self)
