class QualysGuard:
def __init__(self, username, realm_id, config, debug=False):
self._version = QAPI_VERSION
self._cookiejar = CookieJar()
self._username = username
self._realm_id = realm_id
self._profile = '@'.join((username, realm_id))
self._realm = REALMS[self._realm_id]
self._proxy = None
self._templates = None
self._debug = debug
self._config = None #. User configuration file for scripted mode
self._connected = False
self._username = '******'
self._cFM = None
try:
from ConfigFileManager import ConfigFileManager, InternalConfigError
try:
self._config = ConfigFileManager(config)
self._qapi_ini = self._config.option('qapi', 'ini')
self._cFM = ConfigFileManager(self._qapi_ini)
except InternalConfigError as e:
raise Exception("Sorry, %s" % e)
except ImportError as e:
raise Exception("Sorry, %s" % e)
urllib2.install_opener(self._opener())
def __del__(self):
self.logout()
def __repr__(self):
return "<QualysGuard conn:%s user:%s>" % (
self._connected,
self._username
)
def _opener(self):
ntlm = False
proxy = False
if 'proxy' in self._config.sections():
try:
self._proxy = {
'proto' : self._config.option('proxy', 'proto'),
'host' : self._config.option('proxy', 'host'),
'port' : int(self._config.option('proxy', 'port', 8080)),
'user' : self._config.option('proxy', 'user', None),
'pass' : self._config.option('proxy', 'pass', None),
}
if self._proxy['user'] is not None:
ntlm = self._proxy['user'].count('\\') == 1
if self._proxy['host'] and self._proxy['port']:
proxy = True
except InternalConfigError as e:
pass
proxy_handler_dict = {}
if proxy:
proxy_handler_uri = None
if self._proxy['user']:
if self._proxy['pass'] is not None:
proxy_handler_uri = "%s://%s:%s@%s:%d" % (
"http",
self._proxy['user'],
self._proxy['pass'],
self._proxy['host'],
self._proxy['port']
)
else:
proxy_handler_uri = "%s://%s@%s:%d" % (
"http",
self._proxy['user'],
self._proxy['host'],
self._proxy['port']
)
else:
proxy_handler_uri = "%s://%s:%d" % (
"http",
self._proxy['host'],
self._proxy['port']
)
proxy_handler_dict[self._proxy['proto']] = proxy_handler_uri
self._pwmgr = urllib2.HTTPPasswordMgrWithDefaultRealm()
cookiemonster = urllib2.HTTPCookieProcessor(self._cookiejar)
auth_NTLM = HTTPNtlmAuthHandler.HTTPNtlmAuthHandler(self._pwmgr)
auth_basic = urllib2.HTTPBasicAuthHandler(self._pwmgr)
auth_digest = urllib2.HTTPDigestAuthHandler(self._pwmgr)
auth_proxy = urllib2.ProxyHandler(proxy_handler_dict)
openers = [
auth_basic,
auth_digest,
auth_proxy,
cookiemonster,
]
if ntlm:
openers.append(auth_NTLM)
opener = urllib2.build_opener(*openers)
return opener
def _cookies(self):
return self._cookiejar._cookies[self._realm]['/api']['QualysSession']
def _validate(self, resource, **parameters):
valid = False
action = parameters.get('action', None)
if action is not None:
valid = resource in self._cFM.option('resource', 'valid')
else:
raise NameError(
"Missing mandarory option `action'"
)
msg = None
if valid:
for param in self._cFM.section('%s-options' % resource):
meaning = self._cFM.option(
'%s-options' % resource,
param
)
if meaning.has_key(action):
if meaning[action] is 1 and param not in parameters.keys():
raise NameError(
"Missing mandarory option `%s' for `%s'" % (
param, resource
)
)
else:
pass
validators = self._cFM.section('%s-validators' % resource)
for param in parameters:
if param in self._cFM.options('%s-options' % resource):
validator = validators.get(param, None)
if validator is not None:
if type(validator) is list:
valid = parameters[param] in validator
msg = "`%s=%s' (required) not in %s" % (
param,
parameters[param],
validator
)
else:
validator_fn = eval(validator)
valid = validator_fn(parameters[param])
msg = "`%s=%s' failed on %s" % (
param,
validator,
parameters[param]
)
if not valid:
raise QAPILocalValidationError(
"`%s:%s=%s': %s",
resource, param, parameters[param], msg
)
else:
raise NameError(
"Invalid option `%s' for `%s'" % (
param, resource
)
)
else:
raise NameError(
"Invalid resource `%s'" % resource
)
return valid
def _request(self, resource, application, data=dict()):
'''
application:
api: QualysGuard API v1
msp: QualysGuard API v2
'''
if application == 'api':
assert self._validate(resource, **data) is True
elif application != 'msp':
raise QAPIInteralError(
"%s not in `api' or `msp'", application,
)
uri = None
if application == 'api':
uri = 'https://%s:443/%s/%0.1f/%s/%s/' % (
self._realm,
application, URI_DATA['version'], 'fo',
resource
)
elif application == 'msp':
uri = 'https://%s:443/%s/%s.php' % (
self._realm,
application,
resource
)
if self._debug:
print "\n#. %-8s: %s (%s)" % ('URI', uri, application)
if application is 'api':
print "#. %-8s: %s" % ('POST', urllib.urlencode(data))
encdata = urllib.urlencode(data)
headers = { 'X-Requested-With' : 'qapi-v%s' % QAPI_VERSION }
response = None
error = None
try:
request = urllib2.Request(uri, encdata, headers)
if self._debug:
print "#. REQUEST HEADERS"
print request.headers
print "#. REQUEST DATA"
print request.data
response = urllib2.urlopen(request)
if self._debug:
print "#. RESPONSE HEADERS"
print response.msg
print response.headers
#print "#. RESPONSE DATA"
#print '\n'.join(response.readlines())
#print dir(response.fp)
#print dir(response)
except urllib2.HTTPError, e:
if not self._debug: raise e #. TODO: Cleanup - Not XML, so can't use QAPIHTTPError(e)
else: error = e
except urllib2.URLError, e:
#if not self._debug: raise QAPISessionTimeoutError(e)
#else:
error = e
if hasattr(e, 'reason'):
print 'We failed to reach a server.'
print 'Reason: ', e.reason
elif hasattr(e, 'code'):
print 'The server couldn\'t fulfill the request.'
print 'Error code: ', e.code
