|
1
|
1 |
|
import csv |
|
2
|
1 |
|
from datetime import datetime |
|
3
|
1 |
|
import logging |
|
4
|
1 |
|
from OpenSSL import crypto |
|
5
|
1 |
|
import os |
|
6
|
|
|
|
|
7
|
|
|
|
|
8
|
1 |
|
logger = logging.getLogger(__name__) |
|
9
|
|
|
|
|
10
|
|
|
|
|
11
|
1 |
|
def validate_cert(cert_file_path): |
|
12
|
1 |
|
with open(cert_file_path, "r") as f: |
|
13
|
1 |
|
cert_buf = f.read() |
|
14
|
|
|
|
|
15
|
1 |
|
cert = crypto.load_certificate(crypto.FILETYPE_PEM, cert_buf) |
|
16
|
|
|
|
|
17
|
1 |
|
date_format, encoding = "%Y%m%d%H%M%SZ", "ascii" |
|
18
|
1 |
|
not_before = datetime.strptime(cert.get_notBefore().decode(encoding), date_format) |
|
19
|
1 |
|
not_after = datetime.strptime(cert.get_notAfter().decode(encoding), date_format) |
|
20
|
1 |
|
now = datetime.utcnow() |
|
21
|
|
|
|
|
22
|
1 |
|
https_error = "Error using HTTPS: " |
|
23
|
1 |
|
if now < not_before: |
|
24
|
1 |
|
msg = https_error + f"The certificate provided is not valid until {not_before}." |
|
25
|
1 |
|
logger.critical(msg) |
|
26
|
1 |
|
raise RuntimeError(msg) |
|
27
|
1 |
|
if now > not_after: |
|
28
|
1 |
|
msg = https_error + f"The certificate provided expired on {not_after}." |
|
29
|
1 |
|
logger.critical(msg) |
|
30
|
1 |
|
raise RuntimeError(msg) |
|
31
|
|
|
|
|
32
|
|
|
|
|
33
|
1 |
|
def parse_pwd_file(pwd_file_name): |
|
34
|
|
|
""" |
|
35
|
|
|
Parses passwords file and returns set of credentials. |
|
36
|
|
|
|
|
37
|
|
|
Parameters |
|
38
|
|
|
---------- |
|
39
|
|
|
pwd_file_name : str |
|
40
|
|
|
Passwords file name. |
|
41
|
|
|
|
|
42
|
|
|
Returns |
|
43
|
|
|
------- |
|
44
|
|
|
succeeded : bool |
|
45
|
|
|
True if specified file was parsed successfully. |
|
46
|
|
|
False if there were any issues with parsing specified file. |
|
47
|
|
|
|
|
48
|
|
|
credentials : dict |
|
49
|
|
|
Credentials from the file. Empty if succeeded is False. |
|
50
|
|
|
""" |
|
51
|
1 |
|
logger.info(f"Parsing passwords file {pwd_file_name}...") |
|
52
|
|
|
|
|
53
|
1 |
|
if not os.path.isfile(pwd_file_name): |
|
54
|
1 |
|
logger.critical(f"Passwords file {pwd_file_name} not found") |
|
55
|
1 |
|
return False, {} |
|
56
|
|
|
|
|
57
|
1 |
|
credentials = {} |
|
58
|
1 |
|
with open(pwd_file_name) as pwd_file: |
|
59
|
1 |
|
pwd_file_reader = csv.reader(pwd_file, delimiter=" ") |
|
60
|
1 |
|
for row in pwd_file_reader: |
|
61
|
|
|
# skip empty lines |
|
62
|
1 |
|
if len(row) == 0: |
|
63
|
1 |
|
continue |
|
64
|
|
|
|
|
65
|
|
|
# skip commented lines |
|
66
|
1 |
|
if row[0][0] == "#": |
|
67
|
1 |
|
continue |
|
68
|
|
|
|
|
69
|
1 |
|
if len(row) != 2: |
|
70
|
1 |
|
logger.error(f'Incorrect entry "{row}" in password file') |
|
71
|
1 |
|
return False, {} |
|
72
|
|
|
|
|
73
|
1 |
|
login = row[0].lower() |
|
74
|
1 |
|
if login in credentials: |
|
75
|
1 |
|
logger.error( |
|
76
|
|
|
f"Multiple entries for username {login} in password file" |
|
77
|
|
|
) |
|
78
|
1 |
|
return False, {} |
|
79
|
|
|
|
|
80
|
1 |
|
if len(row[1]) > 0: |
|
81
|
1 |
|
credentials[login] = row[1] |
|
82
|
1 |
|
logger.debug(f"Found username {login}") |
|
83
|
|
|
else: |
|
84
|
1 |
|
logger.warning(f"Found username {row[0]} but no password") |
|
85
|
1 |
|
return False, {} |
|
86
|
|
|
|
|
87
|
1 |
|
logger.info("Authentication is enabled") |
|
88
|
|
|
return True, credentials |
|
89
|
|
|
|
tableau /
TabPy
