PyPI - elasticpot - Versions diffs - 2.0.1.dev0__tar.gz → 2.0.2__tar.gz - Mend

elasticpot 2.0.1.dev0tar.gz → 2.0.2tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (94) hide show

{elasticpot-2.0.1.dev0 → elasticpot-2.0.2}/CHANGELOG.md RENAMED Viewed

@@ -5,15 +5,28 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
-## [2.0.1]
+## [2.0.2]
-### Added in version 2.0.1
+### Added in version 2.0.2
-* Nothing so far
+* Nothing
-### Changed in version 2.0.1
+### Changed in version 2.0.2
 * Increased the version number
+* The `datadog`, `discord`, `nlcvapi`, and `telegram` plugins now use a secure
+  connection (HTTPS) by default
+* The `elastic` plugin now warns if the `ssl` is set while certificate
+  verification (`verify_certs`) is off
+* The `couch` plugin now uses authentication mechanism that does not pass the
+  username and password in the URL
+## [2.0.1]
+### Changed in version 2.0.1
+* The honeypot was released with an incorrect version - "2.0.1-dev0" instead of
+  "2.0.0". Fixed by changing it and releasing version 2.0.1
 ## [2.0.0]

{elasticpot-2.0.1.dev0/elasticpot.egg-info → elasticpot-2.0.2}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: elasticpot
-Version: 2.0.1.dev0
+Version: 2.0.2
 Summary: An ElasticSearch Honeypot
 Home-page: https://gitlab.com/bontchev/elasticpot
 Author: Vesselin Bontchev
@@ -43,11 +43,13 @@ Requires-Dist: twisted>=21; python_version >= "3"
 Provides-Extra: couchdb
 Requires-Dist: couchdb; extra == "couchdb"
 Provides-Extra: datadog
+Requires-Dist: certifi; extra == "datadog"
 Requires-Dist: cryptography<=2.8; python_version < "3" and extra == "datadog"
 Requires-Dist: pyOpenSSL<=18.0.0; python_version < "3" and extra == "datadog"
 Requires-Dist: cryptography; python_version >= "3" and extra == "datadog"
 Requires-Dist: pyOpenSSL; python_version >= "3" and extra == "datadog"
 Provides-Extra: discord
+Requires-Dist: certifi; extra == "discord"
 Provides-Extra: elastic
 Requires-Dist: elasticsearch<=7.13; python_version < "3" and extra == "elastic"
 Requires-Dist: numpy<=1.16.6; python_version < "3" and extra == "elastic"
@@ -71,6 +73,7 @@ Provides-Extra: mysql
 Requires-Dist: PyMySQL; python_version < "3" and extra == "mysql"
 Requires-Dist: mysqlclient>=1.3.12; python_version >= "3" and extra == "mysql"
 Provides-Extra: nlcvapi
+Requires-Dist: certifi; extra == "nlcvapi"
 Requires-Dist: pyOpenSSL<=18.0.0; python_version < "3" and extra == "nlcvapi"
 Requires-Dist: pyOpenSSL; python_version >= "3" and extra == "nlcvapi"
 Provides-Extra: postgres
@@ -87,12 +90,14 @@ Requires-Dist: slack-sdk; python_version >= "3" and extra == "slack"
 Provides-Extra: socketlog
 Provides-Extra: sqlite
 Provides-Extra: telegram
+Requires-Dist: certifi; extra == "telegram"
 Provides-Extra: textlog
 Provides-Extra: xmpp
 Requires-Dist: xmpppy>=0.7.3; extra == "xmpp"
 Provides-Extra: all
 Requires-Dist: Automat<20; python_version < "3" and extra == "all"
 Requires-Dist: PyMySQL; python_version < "3" and extra == "all"
+Requires-Dist: certifi; extra == "all"
 Requires-Dist: confluent-kafka; python_version >= "3" and extra == "all"
 Requires-Dist: confluent-kafka<1.0; python_version < "3" and extra == "all"
 Requires-Dist: couchdb; extra == "all"

elasticpot-2.0.2/core/httpclient.py ADDED Viewed

@@ -0,0 +1,71 @@
+from __future__ import absolute_import
+from io import open
+from twisted.internet.ssl import Certificate, trustRootFromCertificates
+from twisted.python.log import msg
+from twisted.web.client import Agent, BrowserLikePolicyForHTTPS
+class _LegacyWebClientContextFactory(object):
+    @staticmethod
+    def build():
+        from twisted.internet.ssl import ClientContextFactory
+        class WebClientContextFactory(ClientContextFactory):
+            def getContext(self, hostname, port):
+                return ClientContextFactory.getContext(self)
+        return WebClientContextFactory()
+def _load_trust_root_from_pem_bundle(pem_path):
+    with open(pem_path, 'r', encoding='utf-8') as fh:
+        content = fh.read()
+    certs = []
+    end_marker = '-----END CERTIFICATE-----'
+    for chunk in content.split(end_marker):
+        chunk = chunk.strip()
+        if not chunk:
+            continue
+        pem = chunk + '\n' + end_marker + '\n'
+        certs.append(Certificate.loadPEM(pem))
+    if not certs:
+        return None
+    return trustRootFromCertificates(certs)
+def _trust_root(ca_certs):
+    if ca_certs:
+        try:
+            return _load_trust_root_from_pem_bundle(ca_certs)
+        except Exception as e:
+            msg('Failed to load CA bundle {}: {}'.format(ca_certs, e))
+            return None
+    try:
+        import certifi
+        return _load_trust_root_from_pem_bundle(certifi.where())
+    except Exception:
+        return None
+def create_http_agent(reactor, pool, plugin_name, verify_tls=True, ca_certs=None):
+    """
+    Build a Twisted Agent with sane HTTPS defaults.
+    verify_tls=True uses BrowserLikePolicyForHTTPS for cert + hostname checks.
+    verify_tls=False falls back to a legacy context factory for compatibility.
+    """
+    if verify_tls:
+        return Agent(
+            reactor,
+            contextFactory=BrowserLikePolicyForHTTPS(trustRoot=_trust_root(ca_certs)),
+            pool=pool
+        )
+    msg('{}: TLS certificate verification is disabled.'.format(plugin_name))
+    return Agent(
+        reactor,
+        contextFactory=_LegacyWebClientContextFactory.build(),
+        pool=pool
+    )

{elasticpot-2.0.1.dev0 → elasticpot-2.0.2}/core/tools.py RENAMED Viewed

@@ -15,7 +15,7 @@ try:
     from urllib.request import urlopen
     from urllib.parse import urlsplit, urlunsplit
 except ImportError:
-    from urllib import urlopen
+    from urllib2 import urlopen # type: ignore
     from urlparse import urlsplit, urlunsplit   # type: ignore
@@ -42,10 +42,7 @@ def get_utc_time(unix_time):
 def get_public_ip(ip_reporter):
     try:
-        if version_info[0] < 3:
-            return urlopen(ip_reporter).read().decode('latin1', errors='replace').encode('utf-8')
-        else:
-            return urlopen(ip_reporter).read()
+        return decode(urlopen(ip_reporter, timeout=10).read())
     except:
         return '127.0.0.1'

{elasticpot-2.0.1.dev0 → elasticpot-2.0.2}/elasticpot/data/Dockerfile RENAMED Viewed

@@ -51,6 +51,7 @@ USER elasticpot
 #   docker run \
 #     -v /path/to/honeypot.cfg:/elasticpot/etc/honeypot.cfg \
 #     -v /path/to/data:/elasticpot/data \
+#     -v /path/to/log:/elasticpot/log \
 #     -p 9200:9200 elasticpot
 #
 CMD ["elasticpot", "run"]

{elasticpot-2.0.1.dev0 → elasticpot-2.0.2}/elasticpot/data/docs/INSTALL.md RENAMED Viewed

@@ -168,7 +168,7 @@ working) and `Dockerfile` into the working directory.
 The configuration for the honeypot is stored in `etc/honeypot.cfg.base` and
 `etc/honeypot.cfg`. Both files are read on startup but entries from
 `etc/honeypot.cfg` take precedence. The `.base` file contains the default
-settings and should not be edited — it may be overwritten by upgrades. All
+settings and should not be edited - it may be overwritten by upgrades. All
 your customisations should go into `etc/honeypot.cfg`.
 To run with a standard configuration there is no need to change anything.
@@ -418,7 +418,7 @@ $ source ~/elasticpot-env/bin/activate
 where `[plugin_list]` is as explained above.
-Note that `elasticpot init` is safe to re-run — it never overwrites files that
+Note that `elasticpot init` is safe to re-run - it never overwrites files that
 you have already edited or created (such as `etc/honeypot.cfg`). It only
 copies files that are missing, so any new defaults added by an upgrade are
 picked up automatically.

{elasticpot-2.0.1.dev0 → elasticpot-2.0.2}/elasticpot/data/docs/INSTALLWIN.md RENAMED Viewed

@@ -33,7 +33,7 @@ programs (if they are not already present):
 - **Database server** (optional). If you want the honeypot to send the data
   it collects to a local database server (e.g., MySQL), make sure to install
-  it — again, for all users and not just for the current one.
+  it - again, for all users and not just for the current one.
 - The latest version of the **VS C++ redistributable** (required by some of
   the database output plugins, e.g., for MySQL). Version 14 or higher should
@@ -188,7 +188,7 @@ working directory.
 The configuration for the honeypot is stored in `etc\honeypot.cfg.base` and
 `etc\honeypot.cfg`. Both the `*.cfg.base` and the `*.cfg` files are read on
 startup but entries from the `*.cfg` files take precedence. The `*.base` files
-contain the default settings and should not be edited — they may be overwritten
+contain the default settings and should not be edited - they may be overwritten
 by future updates. All your customisations should go into the `*.cfg` files.
 To run with a standard configuration there is no need to change anything.
@@ -429,7 +429,7 @@ PS C:\elasticpot-workdir> C:\elasticpot-env\Scripts\activate.ps1
 where `[plugin_list]` is as explained above.
-Note that `elasticpot init` is safe to re-run — it never overwrites files that
+Note that `elasticpot init` is safe to re-run - it never overwrites files that
 you have already edited or created (such as `etc\honeypot.cfg`). It only
 copies files that are missing, so any new defaults added by an upgrade are
 picked up automatically.

{elasticpot-2.0.1.dev0 → elasticpot-2.0.2}/elasticpot/data/etc/honeypot.cfg.base RENAMED Viewed

@@ -125,6 +125,8 @@ log_path = log
 #
 #[output_couch]
 #enabled = false
+# Optional transport scheme: http (default) or https
+#scheme = http
 #host = localhost
 #port = 5984
 #username = elasticpot
@@ -144,6 +146,10 @@ log_path = log
 #[output_datadog]
 #enabled = false
 #url = https://http-intake.logs.datadoghq.com/api/v2/logs
+# Verify TLS certificates and hostnames for HTTPS connections (default: true)
+#verify_tls = true
+# Optional path to a PEM CA bundle (used when verify_tls = true)
+#ca_certs = /path/to/ca-bundle.pem
 #api_key = abcdef1234567890fedcba0987654321
 #ddsource = elasticpot
 #ddtags = env:dev
@@ -155,6 +161,10 @@ log_path = log
 #
 #[output_discord]
 #enabled = false
+# Verify TLS certificates and hostnames for HTTPS connections (default: true)
+#verify_tls = true
+# Optional path to a PEM CA bundle (used when verify_tls = true)
+#ca_certs = /path/to/ca-bundle.pem
 # Delay between messages (for rate limiting)
 #delay = 2.0
 #url = https://discord.com/api/webhooks/id/token
@@ -286,6 +296,10 @@ log_path = log
 #[output_nlcvapi]
 #enabled = false
 #host = https://api.nlcv.bas.bg/v1.0/honeypot
+# Verify TLS certificates and hostnames for HTTPS connections (default: true)
+#verify_tls = true
+# Optional path to a PEM CA bundle (used when verify_tls = true)
+#ca_certs = /path/to/ca-bundle.pem
 # Whether to store geolocation data in the database
 #geoip = true
 # Location of the databases used for geolocation
@@ -387,6 +401,10 @@ log_path = log
 #
 #[output_telegram]
 #enabled = false
+# Verify TLS certificates and hostnames for HTTPS connections (default: true)
+#verify_tls = true
+# Optional path to a PEM CA bundle (used when verify_tls = true)
+#ca_certs = /path/to/ca-bundle.pem
 #bot_token = 123456789:AbCDEfGhiJkLmnOpQRstUVWxYZ
 #chat_id = 987654321
 # Delay between messages (for rate limiting)
@@ -402,7 +420,7 @@ log_path = log
 # XMPP logging module
 #
 #[output_xmpp]
-#enabled=false
+#enabled = false
 #server = conference.elasticpot.local
 #user = elasticpot@elasticpot.local
 #password = secret

{elasticpot-2.0.1.dev0 → elasticpot-2.0.2/elasticpot}/honeypot.py RENAMED Viewed

@@ -23,7 +23,7 @@ from twisted.internet.reactor import listenTCP, run
 from twisted.python.log import msg
 from twisted.web.server import Site
-__VERSION__ = '2.0.1-dev0'
+__VERSION__ = '2.0.2'
 __description__ = 'Elasticsearch Honeypot'
 __license__ = 'GPLv3'
 __uri__ = 'https://gitlab.com/bontchev/elasticpot'

{elasticpot-2.0.1.dev0 → elasticpot-2.0.2/elasticpot.egg-info}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: elasticpot
-Version: 2.0.1.dev0
+Version: 2.0.2
 Summary: An ElasticSearch Honeypot
 Home-page: https://gitlab.com/bontchev/elasticpot
 Author: Vesselin Bontchev
@@ -43,11 +43,13 @@ Requires-Dist: twisted>=21; python_version >= "3"
 Provides-Extra: couchdb
 Requires-Dist: couchdb; extra == "couchdb"
 Provides-Extra: datadog
+Requires-Dist: certifi; extra == "datadog"
 Requires-Dist: cryptography<=2.8; python_version < "3" and extra == "datadog"
 Requires-Dist: pyOpenSSL<=18.0.0; python_version < "3" and extra == "datadog"
 Requires-Dist: cryptography; python_version >= "3" and extra == "datadog"
 Requires-Dist: pyOpenSSL; python_version >= "3" and extra == "datadog"
 Provides-Extra: discord
+Requires-Dist: certifi; extra == "discord"
 Provides-Extra: elastic
 Requires-Dist: elasticsearch<=7.13; python_version < "3" and extra == "elastic"
 Requires-Dist: numpy<=1.16.6; python_version < "3" and extra == "elastic"
@@ -71,6 +73,7 @@ Provides-Extra: mysql
 Requires-Dist: PyMySQL; python_version < "3" and extra == "mysql"
 Requires-Dist: mysqlclient>=1.3.12; python_version >= "3" and extra == "mysql"
 Provides-Extra: nlcvapi
+Requires-Dist: certifi; extra == "nlcvapi"
 Requires-Dist: pyOpenSSL<=18.0.0; python_version < "3" and extra == "nlcvapi"
 Requires-Dist: pyOpenSSL; python_version >= "3" and extra == "nlcvapi"
 Provides-Extra: postgres
@@ -87,12 +90,14 @@ Requires-Dist: slack-sdk; python_version >= "3" and extra == "slack"
 Provides-Extra: socketlog
 Provides-Extra: sqlite
 Provides-Extra: telegram
+Requires-Dist: certifi; extra == "telegram"
 Provides-Extra: textlog
 Provides-Extra: xmpp
 Requires-Dist: xmpppy>=0.7.3; extra == "xmpp"
 Provides-Extra: all
 Requires-Dist: Automat<20; python_version < "3" and extra == "all"
 Requires-Dist: PyMySQL; python_version < "3" and extra == "all"
+Requires-Dist: certifi; extra == "all"
 Requires-Dist: confluent-kafka; python_version >= "3" and extra == "all"
 Requires-Dist: confluent-kafka<1.0; python_version < "3" and extra == "all"
 Requires-Dist: couchdb; extra == "all"

{elasticpot-2.0.1.dev0 → elasticpot-2.0.2}/elasticpot.egg-info/SOURCES.txt RENAMED Viewed

@@ -3,10 +3,10 @@ LICENSE
 MANIFEST.in
 README.md
 honeypot.py
-setup.cfg
 setup.py
 core/__init__.py
 core/config.py
+core/httpclient.py
 core/logfile.py
 core/output.py
 core/paths.py

{elasticpot-2.0.1.dev0 → elasticpot-2.0.2}/elasticpot.egg-info/requires.txt RENAMED Viewed

@@ -15,6 +15,7 @@ service_identity
 twisted>=21
 [all]
+certifi
 couchdb
 hpfeeds>=3.0.0
 looseversion
@@ -51,6 +52,7 @@ slack-sdk
 couchdb
 [datadog]
+certifi
 [datadog:python_version < "3"]
 cryptography<=2.8
@@ -61,6 +63,7 @@ cryptography
 pyOpenSSL
 [discord]
+certifi
 [elastic]
@@ -113,6 +116,7 @@ PyMySQL
 mysqlclient>=1.3.12
 [nlcvapi]
+certifi
 [nlcvapi:python_version < "3"]
 pyOpenSSL<=18.0.0
@@ -148,6 +152,7 @@ slack-sdk
 [sqlite]
 [telegram]
+certifi
 [textlog]

{elasticpot-2.0.1.dev0/elasticpot → elasticpot-2.0.2}/honeypot.py RENAMED Viewed

@@ -23,7 +23,7 @@ from twisted.internet.reactor import listenTCP, run
 from twisted.python.log import msg
 from twisted.web.server import Site
-__VERSION__ = '2.0.1-dev0'
+__VERSION__ = '2.0.2'
 __description__ = 'Elasticsearch Honeypot'
 __license__ = 'GPLv3'
 __uri__ = 'https://gitlab.com/bontchev/elasticpot'

{elasticpot-2.0.1.dev0 → elasticpot-2.0.2}/output_plugins/couch.py RENAMED Viewed

@@ -13,6 +13,7 @@ from twisted.python.log import msg
 class Output(output.Output):
     def start(self):
+        scheme = CONFIG.get('output_couch', 'scheme', fallback='http')
         host = CONFIG.get('output_couch', 'host', fallback='localhost')
         port = CONFIG.getint('output_couch', 'port', fallback=5984)
         username = CONFIG.get('output_couch', 'username', fallback='elasticpot', raw=True)
@@ -20,7 +21,10 @@ class Output(output.Output):
         db_name = CONFIG.get('output_couch', 'database', fallback='elasticpot')
         try:
-            couchserver = Server('http://{}:{}@{}:{}'.format(username, password, host, port))
+            base_url = '{}://{}:{}'.format(scheme, host, port)
+            couchserver = Server(base_url)
+            if username:
+                couchserver.resource.credentials = (username, password)
             if db_name in couchserver:
                 self.couch_db = couchserver[db_name]

{elasticpot-2.0.1.dev0 → elasticpot-2.0.2}/output_plugins/datadog.py RENAMED Viewed

@@ -10,18 +10,13 @@ from platform import node
 from core import output
 from core.config import CONFIG
+from core.httpclient import create_http_agent
 from core.tools import to_bytes
 from twisted.internet import reactor
 from twisted.python.log import msg
 from twisted.web import client, http_headers
 from twisted.web.client import FileBodyProducer
-from twisted.internet.ssl import ClientContextFactory
-class WebClientContextFactory(ClientContextFactory):
-    def getContext(self, hostname, port):
-        return ClientContextFactory.getContext(self)
 class QuietHTTP11ClientFactory(client._HTTP11ClientFactory):
@@ -38,11 +33,12 @@ class Output(output.Output):
         self.ddtags = CONFIG.get('output_datadog', 'ddtags', fallback='env:dev')
         self.service = CONFIG.get('output_datadog', 'service', fallback='honeypot')
         self.hostname = CONFIG.get('output_datadog', 'hostname', fallback=node())
+        verify_tls = CONFIG.getboolean('output_datadog', 'verify_tls', fallback=True)
+        ca_certs = CONFIG.get('output_datadog', 'ca_certs', fallback=None)
-        contextFactory = WebClientContextFactory()
         myQuietPool = client.HTTPConnectionPool(reactor)
         myQuietPool._factory = QuietHTTP11ClientFactory
-        self.agent = client.Agent(reactor, contextFactory=contextFactory, pool=myQuietPool)
+        self.agent = create_http_agent(reactor, myQuietPool, 'output_datadog', verify_tls, ca_certs)
     def stop(self):
         pass

{elasticpot-2.0.1.dev0 → elasticpot-2.0.2}/output_plugins/discord.py RENAMED Viewed

@@ -13,14 +13,13 @@ from time import gmtime, strftime, time
 from core import output
 from core.config import CONFIG
+from core.httpclient import create_http_agent
 from core.tools import decode, to_bytes
 from twisted.internet import reactor
-from twisted.internet.ssl import ClientContextFactory
 from twisted.internet.task import deferLater
 from twisted.python.log import msg
 from twisted.web.client import (
-    Agent,
     FileBodyProducer,
     HTTPConnectionPool,
     _HTTP11ClientFactory,
@@ -29,11 +28,6 @@ from twisted.web.client import (
 from twisted.web.http_headers import Headers
-class WebClientContextFactory(ClientContextFactory):
-    def getContext(self, hostname, port):
-        return ClientContextFactory.getContext(self)
 class QuietHTTP11ClientFactory(_HTTP11ClientFactory):
     noisy = False
@@ -43,10 +37,11 @@ class Output(output.Output):
     def start(self):
         self.url = to_bytes(CONFIG.get('output_discord', 'url'))
         self.delay = CONFIG.getfloat('output_discord', 'delay', fallback=2.0)
-        contextFactory = WebClientContextFactory()
+        verify_tls = CONFIG.getboolean('output_discord', 'verify_tls', fallback=True)
+        ca_certs = CONFIG.get('output_discord', 'ca_certs', fallback=None)
         pool = HTTPConnectionPool(reactor)
         pool._factory = QuietHTTP11ClientFactory
-        self.agent = Agent(reactor, contextFactory=contextFactory, pool=pool)
+        self.agent = create_http_agent(reactor, pool, 'output_discord', verify_tls, ca_certs)
         self.last_sent = 0
         self.requests_list = []

{elasticpot-2.0.1.dev0 → elasticpot-2.0.2}/output_plugins/elastic.py RENAMED Viewed

@@ -44,6 +44,8 @@ class Output(output.Output):
             kwargs['verify_certs'] = verify_certs
             if verify_certs and ca_certs:
                 kwargs['ca_certs'] = ca_certs
+            elif not verify_certs:
+                msg('output_elastic: SSL is enabled but certificate verification is disabled.')
         # Create client
         self.es = Elasticsearch(hosts=hosts, **kwargs)

{elasticpot-2.0.1.dev0 → elasticpot-2.0.2}/output_plugins/nlcvapi.py RENAMED Viewed

@@ -8,15 +8,14 @@ from json import dumps, loads
 from core import output
 from core.config import CONFIG
+from core.httpclient import create_http_agent
 from core.tools import decode, geolocate, to_bytes
 from geoip2.database import Reader
 from twisted.internet import reactor
-from twisted.internet.ssl import ClientContextFactory
 from twisted.python.log import msg
 from twisted.web.client import (
-    Agent,
     FileBodyProducer,
     HTTPConnectionPool,
     _HTTP11ClientFactory,
@@ -25,12 +24,6 @@ from twisted.web.client import (
 from twisted.web.http_headers import Headers
-class WebClientContextFactory(ClientContextFactory):
-    def getContext(self, hostname, port):
-        return ClientContextFactory.getContext(self)
 class QuietHTTP11ClientFactory(_HTTP11ClientFactory):
     noisy = False
@@ -40,10 +33,11 @@ class Output(output.Output):
     def start(self):
         self.host = CONFIG.get('output_nlcvapi', 'host', fallback='https://api.nlcv.bas.bg/v1.0/honeypot')
         self.geoip = CONFIG.getboolean('output_nlcvapi', 'geoip', fallback=True)
-        contextFactory = WebClientContextFactory()
+        verify_tls = CONFIG.getboolean('output_nlcvapi', 'verify_tls', fallback=True)
+        ca_certs = CONFIG.get('output_nlcvapi', 'ca_certs', fallback=None)
         pool = HTTPConnectionPool(reactor)
         pool._factory = QuietHTTP11ClientFactory
-        self.agent = Agent(reactor, contextFactory=contextFactory, pool=pool)
+        self.agent = create_http_agent(reactor, pool, 'output_nlcvapi', verify_tls, ca_certs)
         if self.geoip:
             geoipdb_city_path = CONFIG.get('output_nlcvapi', 'geoip_citydb', fallback='data/GeoLite2-City.mmdb')

{elasticpot-2.0.1.dev0 → elasticpot-2.0.2}/output_plugins/telegram.py RENAMED Viewed

@@ -10,6 +10,7 @@ from time import gmtime, strftime, time
 from core import output
 from core.config import CONFIG
+from core.httpclient import create_http_agent
 from core.tools import decode, encode
 try:
@@ -18,11 +19,9 @@ except ImportError:
     from urllib.parse import quote_plus
 from twisted.internet import reactor
-from twisted.internet.ssl import ClientContextFactory
 from twisted.internet.task import deferLater
 from twisted.python.log import msg
 from twisted.web.client import (
-    Agent,
     HTTPConnectionPool,
     _HTTP11ClientFactory,
     readBody
@@ -30,12 +29,6 @@ from twisted.web.client import (
 from twisted.web.http_headers import Headers
-class WebClientContextFactory(ClientContextFactory):
-    def getContext(self, hostname, port):
-        return ClientContextFactory.getContext(self)
 class QuietHTTP11ClientFactory(_HTTP11ClientFactory):
     noisy = False
@@ -49,11 +42,12 @@ class Output(output.Output):
         self.bot_token = CONFIG.get('output_telegram', 'bot_token')
         self.chat_id = CONFIG.get('output_telegram', 'chat_id')
         self.delay = CONFIG.getfloat('output_telegram', 'delay', fallback=2.0)
+        verify_tls = CONFIG.getboolean('output_telegram', 'verify_tls', fallback=True)
+        ca_certs = CONFIG.get('output_telegram', 'ca_certs', fallback=None)
-        contextFactory = WebClientContextFactory()
         pool = HTTPConnectionPool(reactor)
         pool._factory = QuietHTTP11ClientFactory
-        self.agent = Agent(reactor, contextFactory=contextFactory, pool=pool)
+        self.agent = create_http_agent(reactor, pool, 'output_telegram', verify_tls, ca_certs)
         self.last_sent = 0
         self.requests_list = []
@@ -70,8 +64,10 @@ class Output(output.Output):
         self._drain()
     def _drain(self):
-        """Send the next queued message if the rate-limit window has elapsed.
-        If messages remain, schedule another drain after self.delay seconds."""
+        """
+        Send the next queued message if the rate-limit window has elapsed.
+        If messages remain, schedule another drain after self.delay seconds.
+        """
         if not self.requests_list:
             return
         now = time()

{elasticpot-2.0.1.dev0 → elasticpot-2.0.2}/output_plugins/xmpp.py RENAMED Viewed

@@ -52,7 +52,7 @@ if version_info[0] < 3:
     xmpp.simplexml.ustr = _ustr
     xmpp.transports.ustr = _ustr
-    # xmpp.protocol also does 'from .simplexml import ustr' — patch it too
+    # xmpp.protocol also does 'from .simplexml import ustr' - patch it too
     import xmpp.protocol as _xmpp_protocol
     if hasattr(_xmpp_protocol, 'ustr'):
         _xmpp_protocol.ustr = _ustr

{elasticpot-2.0.1.dev0 → elasticpot-2.0.2}/setup.cfg RENAMED Viewed

@@ -1,6 +1,3 @@
-[bdist_wheel]
-universal = 1
 [egg_info]
 tag_build =
 tag_date = 0

{elasticpot-2.0.1.dev0 → elasticpot-2.0.2}/setup.py RENAMED Viewed

@@ -166,12 +166,13 @@ def make_pypi_readme():
 extras={
     'couchdb': ['couchdb'],
     'datadog': [
+        'certifi',
         'cryptography<=2.8 ; python_version < "3"',
         'pyOpenSSL<=18.0.0 ; python_version < "3"',
         'cryptography ; python_version >= "3"',
         'pyOpenSSL ; python_version >= "3"',
     ],
-    'discord': [],
+    'discord': ['certifi'],
     'elastic': [
         'elasticsearch<=7.13 ; python_version < "3"',
         'numpy<=1.16.6 ; python_version < "3"',
@@ -199,6 +200,7 @@ extras={
         'mysqlclient>=1.3.12 ; python_version >= "3"',
     ],
     'nlcvapi': [
+        'certifi',
         'pyOpenSSL<=18.0.0 ; python_version < "3"',
         'pyOpenSSL ; python_version >= "3"',
     ],
@@ -217,7 +219,7 @@ extras={
     ],
     'socketlog': [],
     'sqlite': [],
-    'telegram': [],
+    'telegram': ['certifi'],
     'textlog': [],
     'xmpp': ['xmpppy>=0.7.3'],
 }
@@ -262,6 +264,11 @@ setup(
         'Topic :: Security',
     ],
     python_requires='>=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*, !=3.5.*',
+    options={
+        'bdist_wheel': {
+            'python_tag': 'py2.py3',
+        }
+    },
     # -------------------------------------------------------------------------
     # Installed packages: