From cbfc5b3bb8c2e96d0de512cc91106a1fc7b0a497 Mon Sep 17 00:00:00 2001 From: Scott Odle Date: Thu, 7 Dec 2017 12:44:31 -0700 Subject: [PATCH 1/7] Allow "events" as a command type --- splunklib/searchcommands/internals.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/splunklib/searchcommands/internals.py b/splunklib/searchcommands/internals.py index be57703eb..23989ade3 100644 --- a/splunklib/searchcommands/internals.py +++ b/splunklib/searchcommands/internals.py @@ -326,7 +326,7 @@ def validate_configuration_setting(specification, name, value): supporting_protocols=[1, 2]), 'type': specification( type=(bytes, unicode), - constraint=lambda value: value in ('eventing', 'reporting', 'streaming'), + constraint=lambda value: value in ('eventing', 'reporting', 'streaming', 'events'), supporting_protocols=[2])} From 6b9acf77e27380e300e281b252cc841a98b2b72b Mon Sep 17 00:00:00 2001 From: Scott Odle Date: Tue, 5 Jun 2018 10:46:50 -0700 Subject: [PATCH 2/7] Handle versions of python without ssl support --- splunklib/binding.py | 28 +++++++++++++++++++--------- 1 file changed, 19 insertions(+), 9 deletions(-) diff --git a/splunklib/binding.py b/splunklib/binding.py index 77a4532ae..92f273015 100644 --- a/splunklib/binding.py +++ b/splunklib/binding.py @@ -27,7 +27,11 @@ from __future__ import absolute_import import logging import socket -import ssl +try: + import ssl + hasssl = True +except ImportError: + hasssl = False from io import BytesIO from splunklib.six.moves import urllib @@ -549,7 +553,10 @@ def connect(self): """ sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) if self.scheme == "https": - sock = ssl.wrap_socket(sock) + if hasssl: + sock = ssl.wrap_socket(sock) + else: + raise ImportError('No SSL library found') sock.connect((socket.gethostbyname(self.host), self.port)) return sock @@ -1337,13 +1344,16 @@ def connect(scheme, host, port): if scheme == "http": return six.moves.http_client.HTTPConnection(host, port, **kwargs) if scheme == "https": - if key_file is not None: kwargs['key_file'] = key_file - if cert_file is not None: kwargs['cert_file'] = cert_file - - # If running Python 2.7.9+, disable SSL certificate validation - if (sys.version_info >= (2,7,9) and key_file is None and cert_file is None) or not verify: - kwargs['context'] = ssl._create_unverified_context() - return six.moves.http_client.HTTPSConnection(host, port, **kwargs) + if hasssl: + if key_file is not None: kwargs['key_file'] = key_file + if cert_file is not None: kwargs['cert_file'] = cert_file + + # If running Python 2.7.9+, disable SSL certificate validation + if (sys.version_info >= (2,7,9) and key_file is None and cert_file is None) or not verify: + kwargs['context'] = ssl._create_unverified_context() + return six.moves.http_client.HTTPSConnection(host, port, **kwargs) + else: + raise ImportError('No SSL library found') raise ValueError("unsupported scheme: %s" % scheme) def request(url, message, **kwargs): From 30f8386f7ae2f64cd1ea4add3bc07e10ee7722ae Mon Sep 17 00:00:00 2001 From: Scott Odle Date: Tue, 5 Jun 2018 10:54:15 -0700 Subject: [PATCH 3/7] undo old change to sc internals --- splunklib/searchcommands/internals.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/splunklib/searchcommands/internals.py b/splunklib/searchcommands/internals.py index 213a091e3..78e643b0d 100644 --- a/splunklib/searchcommands/internals.py +++ b/splunklib/searchcommands/internals.py @@ -327,8 +327,8 @@ def validate_configuration_setting(specification, name, value): constraint=None, supporting_protocols=[1, 2]), 'type': specification( - constraint=lambda value: value in ('eventing', 'reporting', 'streaming', 'events'), type=(bytes, six.text_type), + constraint=lambda value: value in ('events', 'reporting', 'streaming'), supporting_protocols=[2])} From fb416b5b88abc07695345f72d6edd045564ae185 Mon Sep 17 00:00:00 2001 From: Scott Odle Date: Tue, 5 Jun 2018 12:34:21 -0700 Subject: [PATCH 4/7] don't check for ssl support if we're not verifying anyway --- splunklib/binding.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/splunklib/binding.py b/splunklib/binding.py index 92f273015..2a1cea4d5 100644 --- a/splunklib/binding.py +++ b/splunklib/binding.py @@ -553,7 +553,7 @@ def connect(self): """ sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) if self.scheme == "https": - if hasssl: + if hasssl and self.verify: sock = ssl.wrap_socket(sock) else: raise ImportError('No SSL library found') @@ -1344,7 +1344,7 @@ def connect(scheme, host, port): if scheme == "http": return six.moves.http_client.HTTPConnection(host, port, **kwargs) if scheme == "https": - if hasssl: + if hasssl and verify: if key_file is not None: kwargs['key_file'] = key_file if cert_file is not None: kwargs['cert_file'] = cert_file From 84eeeed5fa615ecd06a97db5c7fa34037db3bfc9 Mon Sep 17 00:00:00 2001 From: Scott Odle Date: Tue, 5 Jun 2018 12:37:02 -0700 Subject: [PATCH 5/7] don't check for ssl support if we're not verifying anyway --- splunklib/binding.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/splunklib/binding.py b/splunklib/binding.py index 2a1cea4d5..780c7cc14 100644 --- a/splunklib/binding.py +++ b/splunklib/binding.py @@ -552,8 +552,8 @@ def connect(self): socket.write("\\r\\n") """ sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) - if self.scheme == "https": - if hasssl and self.verify: + if self.scheme == "https" and self.verify: + if hasssl: sock = ssl.wrap_socket(sock) else: raise ImportError('No SSL library found') @@ -1343,8 +1343,8 @@ def connect(scheme, host, port): if timeout is not None: kwargs['timeout'] = timeout if scheme == "http": return six.moves.http_client.HTTPConnection(host, port, **kwargs) - if scheme == "https": - if hasssl and verify: + if scheme == "https" and verify: + if hasssl: if key_file is not None: kwargs['key_file'] = key_file if cert_file is not None: kwargs['cert_file'] = cert_file From 9747cfae4f0ee5fabffcd4046ac627a05085d913 Mon Sep 17 00:00:00 2001 From: Scott Odle Date: Tue, 5 Jun 2018 12:39:43 -0700 Subject: [PATCH 6/7] don't check for ssl support if we're not verifying anyway --- splunklib/binding.py | 19 ++++++++----------- 1 file changed, 8 insertions(+), 11 deletions(-) diff --git a/splunklib/binding.py b/splunklib/binding.py index 780c7cc14..3d389bca1 100644 --- a/splunklib/binding.py +++ b/splunklib/binding.py @@ -1343,17 +1343,14 @@ def connect(scheme, host, port): if timeout is not None: kwargs['timeout'] = timeout if scheme == "http": return six.moves.http_client.HTTPConnection(host, port, **kwargs) - if scheme == "https" and verify: - if hasssl: - if key_file is not None: kwargs['key_file'] = key_file - if cert_file is not None: kwargs['cert_file'] = cert_file - - # If running Python 2.7.9+, disable SSL certificate validation - if (sys.version_info >= (2,7,9) and key_file is None and cert_file is None) or not verify: - kwargs['context'] = ssl._create_unverified_context() - return six.moves.http_client.HTTPSConnection(host, port, **kwargs) - else: - raise ImportError('No SSL library found') + if scheme == "https": + if key_file is not None: kwargs['key_file'] = key_file + if cert_file is not None: kwargs['cert_file'] = cert_file + + # If running Python 2.7.9+, disable SSL certificate validation + if (sys.version_info >= (2,7,9) and key_file is None and cert_file is None) or not verify or not hasssl: + kwargs['context'] = ssl._create_unverified_context() + return six.moves.http_client.HTTPSConnection(host, port, **kwargs) raise ValueError("unsupported scheme: %s" % scheme) def request(url, message, **kwargs): From f7e59c41ef9d49fe721776522ccaef26f7e04b14 Mon Sep 17 00:00:00 2001 From: Scott Odle Date: Sat, 30 Jun 2018 12:03:07 -0700 Subject: [PATCH 7/7] add better docs for context and connect --- splunklib/binding.py | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/splunklib/binding.py b/splunklib/binding.py index a11fad632..84fd71ffa 100644 --- a/splunklib/binding.py +++ b/splunklib/binding.py @@ -934,7 +934,8 @@ def _abspath(self, path_segment, return path -def connect(**kwargs): +def connect(host='localhost', port=8089, scheme='https', owner=None, app=None, sharing='user', + token=_NoAuthenticationToken, cookie=_NoAuthenticationToken, username='', password='', autologin=False): """This function returns an authenticated :class:`Context` object. This function is a shorthand for calling :meth:`Context.login`. @@ -975,7 +976,8 @@ def connect(**kwargs): c = binding.connect(...) response = c.get("apps/local") """ - c = Context(**kwargs) + c = Context(host=host, port=port, scheme=scheme, owner=owner, app=app, sharing=sharing, token=token, cookie=cookie, + username=username, password=password, autologin=autologin) c.login() return c