forked from carbonblack/cbapi-python
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathcbapi-protection
More file actions
101 lines (78 loc) · 2.85 KB
/
cbapi-protection
File metadata and controls
101 lines (78 loc) · 2.85 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
#!/usr/bin/env python
import argparse
import contextlib
from cbapi.six import iteritems
from cbapi.six.moves import input
import os
import sys
import cbapi.six as six
if six.PY3:
from io import StringIO as StringIO
else:
from cStringIO import StringIO
from cbapi.six.moves.configparser import RawConfigParser
@contextlib.contextmanager
def temp_umask(umask):
oldmask = os.umask(umask)
try:
yield
finally:
os.umask(oldmask)
def configure(opts):
credential_path = os.path.join(os.path.expanduser("~"), ".carbonblack")
credential_file = os.path.join(credential_path, "credentials.protection")
print("Welcome to the CbAPI.")
if os.path.exists(credential_file):
print("An existing credential file exists at {0}.".format(credential_file))
resp = input("Do you want to continue and overwrite the existing configuration? [Y/N] ")
if resp.strip().upper() != "Y":
print("Exiting.")
return 1
if not os.path.exists(credential_path):
os.makedirs(credential_path, 0o700)
url = input("URL to the Cb Protection server [https://hostname]: ")
ssl_verify = None
while ssl_verify not in ["Y", "N"]:
ssl_verify = input("Use SSL/TLS certificate validation (answer 'N' if using self-signed certs) [Y/N]: ")
ssl_verify = ssl_verify.strip().upper()
if ssl_verify == "Y":
ssl_verify = True
else:
ssl_verify = False
token = input("API token: ")
config = RawConfigParser()
config.readfp(StringIO('[default]'))
config.set("default", "url", url)
config.set("default", "token", token)
config.set("default", "ssl_verify", ssl_verify)
with temp_umask(0):
with os.fdopen(os.open(credential_file, os.O_WRONLY|os.O_CREAT|os.O_TRUNC, 0o600), 'w') as fp:
os.chmod(credential_file, 0o600)
config.write(fp)
print("Successfully wrote credentials to {0}.".format(credential_file))
command_map = {
"configure": {
"extra_args": {},
"help": "Configure CbAPI",
"method": configure
}
}
def main(args):
parser = argparse.ArgumentParser()
commands = parser.add_subparsers(dest="command_name", help="CbAPI subcommand")
for cmd_name, cmd_config in iteritems(command_map):
cmd_parser = commands.add_parser(cmd_name, help=cmd_config.get("help", None))
for cmd_arg_name, cmd_arg_config in iteritems(cmd_config.get("extra_args", {})):
cmd_parser.add_argument(cmd_arg_name, **cmd_arg_config)
opts = parser.parse_args(args)
command = command_map.get(opts.command_name)
if not command:
parser.print_usage()
return
command_method = command.get("method", None)
if command_method:
return command_method(opts)
else:
parser.print_usage()
if __name__ == '__main__':
sys.exit(main(sys.argv[1:]))