jessecarbon
diff --git a/‎README.md
Lines changed: 3 additions & 3 deletions b/‎README.md
Lines changed: 3 additions & 3 deletions
diff --git a/‎bin/cbapi
Lines changed: 48 additions & 0 deletions b/‎bin/cbapi
Lines changed: 48 additions & 0 deletions
diff --git a/‎bin/cbapi-defense
Lines changed: 87 additions & 1 deletion b/‎bin/cbapi-defense
Lines changed: 87 additions & 1 deletion
diff --git a/‎bin/cbapi-protection
Lines changed: 94 additions & 1 deletion b/‎bin/cbapi-protection
Lines changed: 94 additions & 1 deletion
diff --git a/‎bin/cbapi-response
Lines changed: 121 additions & 1 deletion b/‎bin/cbapi-response
Lines changed: 121 additions & 1 deletion
@@ -1,6 +1,6 @@
 # Python bindings for Carbon Black REST API
 
-**Current version: 1.2.0**
+**Current version: 1.3.4**
 
 [![Build Status](https://travis-ci.org/carbonblack/cbapi-python.svg?branch=master)](https://travis-ci.org/carbonblack/cbapi-python)
 
@@ -29,8 +29,8 @@ Backwards compatibility with old scripts is maintained through the `cbapi.legacy
 `cbapi.CbApi` directly will continue to work. Once cbapi 2.0.0 is released, the old `CbApi` will be deprecated and
 removed entirely no earlier than January 2017.
 
-New scripts should use the `cbapi.CbEnterpriseResponseAPI` (for Carbon Black "Enterprise Response") and 
-`cbapi.CbEnterpriseProtectionAPI` (for Carbon Black "Enterprise Protection" / former Bit9) API entry points.
+New scripts should use the `cbapi.CbResponseAPI` (for Cb Response) and 
+`cbapi.CbProtectionAPI` (for Cb Protection / former Bit9) API entry points.
 
 ## Getting Started
 
 
@@ -0,0 +1,48 @@
+#!/usr/bin/env python
+
+import argparse
+import contextlib
+
+from cbapi.six import iteritems
+import sys
+from cbapi.utils import check_python_tls_compatibility
+
+
+def check_tls(opts):
+    print("Newest TLS version supported by this platform is: {0}.".format(check_python_tls_compatibility()))
+
+
+command_map = {
+    "check-tls": {
+        "extra_args": {},
+        "help": "Return the latest version of TLS supported by this version of Python and OpenSSL. "
+            "Cb Response versions 6.1+ now require TLSv1.2 support.",
+        "method": check_tls
+    }
+}
+
+
+def main(args):
+    parser = argparse.ArgumentParser()
+    commands = parser.add_subparsers(dest="command_name", help="CbAPI subcommand")
+
+    for cmd_name, cmd_config in iteritems(command_map):
+        cmd_parser = commands.add_parser(cmd_name, help=cmd_config.get("help", None))
+        for cmd_arg_name, cmd_arg_config in iteritems(cmd_config.get("extra_args", {})):
+            cmd_parser.add_argument(cmd_arg_name, **cmd_arg_config)
+
+    opts = parser.parse_args(args)
+    command = command_map.get(opts.command_name)
+    if not command:
+        parser.print_usage()
+        return
+
+    command_method = command.get("method", None)
+    if command_method:
+        return command_method(opts)
+    else:
+        parser.print_usage()
+
+
+if __name__ == '__main__':
+    sys.exit(main(sys.argv[1:]))
@@ -1,7 +1,93 @@
 #!/usr/bin/env python
 
-from cbapi.defense.cli import main
+import argparse
+import contextlib
+
+from cbapi.six import iteritems
+from cbapi.six.moves import input
+import os
 import sys
+import cbapi.six as six
+if six.PY3:
+    from io import StringIO as StringIO
+else:
+    from cStringIO import StringIO
+
+from cbapi.six.moves.configparser import RawConfigParser
+
+
+@contextlib.contextmanager
+def temp_umask(umask):
+    oldmask = os.umask(umask)
+    try:
+        yield
+    finally:
+        os.umask(oldmask)
+
+
+def configure(opts):
+    credential_path = os.path.join(os.path.expanduser("~"), ".carbonblack")
+    credential_file = os.path.join(credential_path, "credentials.defense")
+
+    print("Welcome to the CbAPI.")
+    if os.path.exists(credential_file):
+        print("An existing credential file exists at {0}.".format(credential_file))
+        resp = input("Do you want to continue and overwrite the existing configuration? [Y/N] ")
+        if resp.strip().upper() != "Y":
+            print("Exiting.")
+            return 1
+
+    if not os.path.exists(credential_path):
+        os.makedirs(credential_path, 0o700)
+
+    url = input("URL to the Cb Defense API server (do not include '/integrationServices') [https://hostname]: ")
+
+    ssl_verify = True
+
+    connector_id = input("Connector ID: ")
+    token = input("API key: ")
+
+    config = RawConfigParser()
+    config.readfp(StringIO('[default]'))
+    config.set("default", "url", url)
+    config.set("default", "token", "{0}/{1}".format(token, connector_id))
+    config.set("default", "ssl_verify", ssl_verify)
+    with temp_umask(0):
+        with os.fdopen(os.open(credential_file, os.O_WRONLY|os.O_CREAT|os.O_TRUNC, 0o600), 'w') as fp:
+            os.chmod(credential_file, 0o600)
+            config.write(fp)
+    print("Successfully wrote credentials to {0}.".format(credential_file))
+
+
+command_map = {
+    "configure": {
+        "extra_args": {},
+        "help": "Configure CbAPI",
+        "method": configure
+    }
+}
+
+
+def main(args):
+    parser = argparse.ArgumentParser()
+    commands = parser.add_subparsers(dest="command_name", help="CbAPI subcommand")
+
+    for cmd_name, cmd_config in iteritems(command_map):
+        cmd_parser = commands.add_parser(cmd_name, help=cmd_config.get("help", None))
+        for cmd_arg_name, cmd_arg_config in iteritems(cmd_config.get("extra_args", {})):
+            cmd_parser.add_argument(cmd_arg_name, **cmd_arg_config)
+
+    opts = parser.parse_args(args)
+    command = command_map.get(opts.command_name)
+    if not command:
+        parser.print_usage()
+        return
+
+    command_method = command.get("method", None)
+    if command_method:
+        return command_method(opts)
+    else:
+        parser.print_usage()
 
 
 if __name__ == '__main__':
 
@@ -1,7 +1,100 @@
 #!/usr/bin/env python
 
-from cbapi.protection.cli import main
+import argparse
+import contextlib
+
+from cbapi.six import iteritems
+from cbapi.six.moves import input
+import os
 import sys
+import cbapi.six as six
+if six.PY3:
+    from io import StringIO as StringIO
+else:
+    from cStringIO import StringIO
+
+from cbapi.six.moves.configparser import RawConfigParser
+
+
+@contextlib.contextmanager
+def temp_umask(umask):
+    oldmask = os.umask(umask)
+    try:
+        yield
+    finally:
+        os.umask(oldmask)
+
+
+def configure(opts):
+    credential_path = os.path.join(os.path.expanduser("~"), ".carbonblack")
+    credential_file = os.path.join(credential_path, "credentials.protection")
+
+    print("Welcome to the CbAPI.")
+    if os.path.exists(credential_file):
+        print("An existing credential file exists at {0}.".format(credential_file))
+        resp = input("Do you want to continue and overwrite the existing configuration? [Y/N] ")
+        if resp.strip().upper() != "Y":
+            print("Exiting.")
+            return 1
+
+    if not os.path.exists(credential_path):
+        os.makedirs(credential_path, 0o700)
+
+    url = input("URL to the Cb Protection server [https://hostname]: ")
+
+    ssl_verify = None
+    while ssl_verify not in ["Y", "N"]:
+        ssl_verify = input("Use SSL/TLS certificate validation (answer 'N' if using self-signed certs) [Y/N]: ")
+        ssl_verify = ssl_verify.strip().upper()
+
+    if ssl_verify == "Y":
+        ssl_verify = True
+    else:
+        ssl_verify = False
+
+    token = input("API token: ")
+
+    config = RawConfigParser()
+    config.readfp(StringIO('[default]'))
+    config.set("default", "url", url)
+    config.set("default", "token", token)
+    config.set("default", "ssl_verify", ssl_verify)
+    with temp_umask(0):
+        with os.fdopen(os.open(credential_file, os.O_WRONLY|os.O_CREAT|os.O_TRUNC, 0o600), 'w') as fp:
+            os.chmod(credential_file, 0o600)
+            config.write(fp)
+    print("Successfully wrote credentials to {0}.".format(credential_file))
+
+
+command_map = {
+    "configure": {
+        "extra_args": {},
+        "help": "Configure CbAPI",
+        "method": configure
+    }
+}
+
+
+def main(args):
+    parser = argparse.ArgumentParser()
+    commands = parser.add_subparsers(dest="command_name", help="CbAPI subcommand")
+
+    for cmd_name, cmd_config in iteritems(command_map):
+        cmd_parser = commands.add_parser(cmd_name, help=cmd_config.get("help", None))
+        for cmd_arg_name, cmd_arg_config in iteritems(cmd_config.get("extra_args", {})):
+            cmd_parser.add_argument(cmd_arg_name, **cmd_arg_config)
+
+    opts = parser.parse_args(args)
+    command = command_map.get(opts.command_name)
+    if not command:
+        parser.print_usage()
+        return
+
+    command_method = command.get("method", None)
+    if command_method:
+        return command_method(opts)
+    else:
+        parser.print_usage()
 
 
 if __name__ == '__main__':
 
@@ -1,7 +1,127 @@
 #!/usr/bin/env python
 
-from cbapi.response.cli import main
+import argparse
+import contextlib
+
+from cbapi.six import iteritems
+from cbapi.six.moves import input
+import os
 import sys
+import getpass
+import cbapi.six as six
+if six.PY3:
+    from io import StringIO as StringIO
+else:
+    from cStringIO import StringIO
+
+from cbapi.response.rest_api import get_api_token
+from cbapi.six.moves.configparser import RawConfigParser
+from cbapi.utils import check_python_tls_compatibility
+
+
+@contextlib.contextmanager
+def temp_umask(umask):
+    oldmask = os.umask(umask)
+    try:
+        yield
+    finally:
+        os.umask(oldmask)
+
+
+def configure(opts):
+    credential_path = os.path.join(os.path.expanduser("~"), ".carbonblack")
+    credential_file = os.path.join(credential_path, "credentials.response")
+
+    print("Welcome to the CbAPI.")
+
+    # Check this Python version's compatibility with TLSv1.2.
+    max_tls_version = check_python_tls_compatibility()
+
+    if max_tls_version != "TLSv1.2":
+        print("NOTICE: this version of Python and OpenSSL does not support TLSv1.2.")
+        print("TLSv1.2 is *required* to connect to Cb Response server versions >= 6.1.0.")
+        print("It is highly recommended that you upgrade your Python and OpenSSL before using cbapi.")
+        print("")
+
+    if os.path.exists(credential_file):
+        print("An existing credential file exists at {0}.".format(credential_file))
+        resp = input("Do you want to continue and overwrite the existing configuration? [Y/N] ")
+        if resp.strip().upper() != "Y":
+            print("Exiting.")
+            return 1
+
+    if not os.path.exists(credential_path):
+        os.makedirs(credential_path, 0o700)
+
+    url = input("URL to the Cb Response server [https://hostname]: ")
+
+    ssl_verify = None
+    while ssl_verify not in ["Y", "N"]:
+        ssl_verify = input("Use SSL/TLS certificate validation (answer 'N' if using self-signed certs) [Y/N]: ")
+        ssl_verify = ssl_verify.strip().upper()
+
+    if ssl_verify == "Y":
+        ssl_verify = True
+    else:
+        ssl_verify = False
+
+    token = input("API token (if unknown, leave blank): ")
+    if not token:
+        print("No API token provided: we will look it up using your username & password")
+        username = input("Username: ")
+        password = getpass.getpass("Password: ")
+
+        print("Retrieving API token for {0}...".format(username))
+
+        try:
+            token = get_api_token(url, username, password, verify=ssl_verify)
+        except Exception as e:
+            import traceback
+            traceback.print_exc()
+            print("Could not retrieve API token: {0}".format(str(e)))
+            return 1
+
+    config = RawConfigParser()
+    config.readfp(StringIO('[default]'))
+    config.set("default", "url", url)
+    config.set("default", "token", token)
+    config.set("default", "ssl_verify", ssl_verify)
+    with temp_umask(0):
+        with os.fdopen(os.open(credential_file, os.O_WRONLY|os.O_CREAT|os.O_TRUNC, 0o600), 'w') as fp:
+            os.chmod(credential_file, 0o600)
+            config.write(fp)
+    print("Successfully wrote credentials to {0}.".format(credential_file))
+
+
+command_map = {
+    "configure": {
+        "extra_args": {},
+        "help": "Configure CbAPI",
+        "method": configure
+    }
+}
+
+
+def main(args):
+    parser = argparse.ArgumentParser()
+    commands = parser.add_subparsers(dest="command_name", help="CbAPI subcommand")
+
+    for cmd_name, cmd_config in iteritems(command_map):
+        cmd_parser = commands.add_parser(cmd_name, help=cmd_config.get("help", None))
+        for cmd_arg_name, cmd_arg_config in iteritems(cmd_config.get("extra_args", {})):
+            cmd_parser.add_argument(cmd_arg_name, **cmd_arg_config)
+
+    opts = parser.parse_args(args)
+    command = command_map.get(opts.command_name)
+    if not command:
+        parser.print_usage()
+        return
+
+    command_method = command.get("method", None)
+    if command_method:
+        return command_method(opts)
+    else:
+        parser.print_usage()
 
 
 if __name__ == '__main__':