PyPI - howler-api - Versions diffs - 3.1.0.dev391__py3-none-any.whl → 3.1.0.dev393__py3-none-any.whl - Mend

howler-api 3.1.0.dev391py3-none-any.whl → 3.1.0.dev393py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

howler/datastore/store.py CHANGED Viewed

@@ -69,6 +69,7 @@ class ESStore(object):
         self._password: Optional[str] = None
         self._hosts = []
         self._cert: str | None = None
+        self._fingerprint: str | None = None
         for host in config.datastore.hosts:
             self._hosts.append(str(host))
@@ -77,6 +78,7 @@ class ESStore(object):
             if cert.exists():
                 if self._cert is None:
                     self._cert = str(cert)
+                    logger.info("Using certificate %s for elasticsearch network traffic", self._cert)
                 else:
                     logger.error("Only a single certificate path is supported - ignoring additional paths.")
                     logger.error(
@@ -84,6 +86,15 @@ class ESStore(object):
                         "it for the first host."
                     )
+            if host.fingerprint:
+                if self._fingerprint is None:
+                    self._fingerprint = host.fingerprint
+                    logger.info("Using certificate fingerprint %s for elasticsearch network traffic", self._fingerprint)
+                else:
+                    logger.error(
+                        "Only a single certificate fingerprint is supported - ignoring additional fingerprints."
+                    )
             if os.getenv(f"{host.name.upper()}_HOST_APIKEY_ID", None) is not None:
                 self._apikey = (
                     os.environ[f"{host.name.upper()}_HOST_APIKEY_ID"],
@@ -105,6 +116,7 @@ class ESStore(object):
             self.client = elasticsearch.Elasticsearch(
                 hosts=self._hosts,  # type: ignore
                 ca_certs=self._cert,  # type: ignore
+                ssl_assert_fingerprint=self._fingerprint,  # type: ignore
                 api_key=self._apikey,
                 max_retries=0,
                 request_timeout=TRANSPORT_TIMEOUT,
@@ -113,6 +125,7 @@ class ESStore(object):
             self.client = elasticsearch.Elasticsearch(
                 hosts=self._hosts,  # type: ignore
                 ca_certs=self._cert,  # type: ignore
+                ssl_assert_fingerprint=self._fingerprint,  # type: ignore
                 basic_auth=(self._username, self._password),
                 max_retries=0,
                 request_timeout=TRANSPORT_TIMEOUT,
@@ -121,6 +134,7 @@ class ESStore(object):
             self.client = elasticsearch.Elasticsearch(
                 hosts=self._hosts,  # type: ignore
                 ca_certs=self._cert,  # type: ignore
+                ssl_assert_fingerprint=self._fingerprint,  # type: ignore
                 max_retries=0,
                 request_timeout=TRANSPORT_TIMEOUT,
             )

howler/odm/models/config.py CHANGED Viewed

@@ -63,6 +63,9 @@ class Host(BaseModel):
     apikey_secret: Optional[str] = Field(description="Secret data of the API Key to use when connecting", default=None)
     scheme: Optional[str] = Field(description="Scheme to use when connecting", default="http")
     host: str = Field(description="URL to connect to")
+    fingerprint: str | None = Field(
+        description="Optional certificate fingerprint to validate against when connecting to datastore", default=None
+    )
     def __repr__(self):
         result = ""

{howler_api-3.1.0.dev391.dist-info → howler_api-3.1.0.dev393.dist-info}/METADATA RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: howler-api
-Version: 3.1.0.dev391
+Version: 3.1.0.dev393
 Summary: Howler - API server
 License: MIT
 Keywords: howler,alerting,gc,canada,cse-cst,cse,cst,cyber,cccs

{howler_api-3.1.0.dev391.dist-info → howler_api-3.1.0.dev393.dist-info}/RECORD RENAMED Viewed

@@ -60,7 +60,7 @@ howler/datastore/howler_store.py,sha256=kW7FKM-tILcfTmrjSB1yZm-ZnumPS_tiQEZUDaQo
 howler/datastore/migrations/fix_process.py,sha256=J0FxqcXbQ161sgmQ5teyEcPuX7WYB9wqs0CO8m1jk0U,1218
 howler/datastore/operations.py,sha256=5WdJBewXRIG71ZexQcYASv0IYoDi1m9ia8332u5mXSs,3919
 howler/datastore/schemas.py,sha256=kuxqYVWMgqnrdU-ypkDxoSzEtECUrRCKXjU_R5Kg7X4,3158
-howler/datastore/store.py,sha256=GXBXqubhALd6fWjFqoM_YqbZOC1YnMA1hSaXsS7F3ak,8187
+howler/datastore/store.py,sha256=NsUU9TEmxRBTKi1fm2j2UUagw6iCPapvt5f96VmUTn0,9005
 howler/datastore/support/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 howler/datastore/support/build.py,sha256=iBVfWophzoPlx6rvR5w3Axb6gjqLuDeDBpKj7lO-1l0,7877
 howler/datastore/support/schemas.py,sha256=kuxqYVWMgqnrdU-ypkDxoSzEtECUrRCKXjU_R5Kg7X4,3158
@@ -95,7 +95,7 @@ howler/odm/models/assemblyline.py,sha256=_wcTiX3A6bhA2SGlK9tDF0v-uwLpIabXE8j2Fw9
 howler/odm/models/aws.py,sha256=pJVadJqubdgT27riCfp7bEKVP4XsMZB0ZUnKAbmCMd0,895
 howler/odm/models/azure.py,sha256=o7MZMMo9jh1SB8xXCajl_YSKP2nnnWsjx_DPT6LnQKg,710
 howler/odm/models/cbs.py,sha256=onUiJOGUxK3iy_-4XkGGwHxFiFq9Td_p59Kum4XaR-w,1366
-howler/odm/models/config.py,sha256=KO_-AdTLL1NPHoEHoKqwHiOYa1kCZ-7YX3IcY9-UAsI,21723
+howler/odm/models/config.py,sha256=mDjO8Wpfu0RtdJosL6cQIKIIRTRqB9PRWBOGG2uIOb0,21884
 howler/odm/models/dossier.py,sha256=Ob2qROrG2-DYzmVo2XVe4NJ8HjWGCoRAu2gPo6p9XGU,1244
 howler/odm/models/ecs/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 howler/odm/models/ecs/agent.py,sha256=idSooyFCLuQAB7_RyEWTYW4-x9w5a3wpy2ct_-EDRQs,713
@@ -192,7 +192,7 @@ howler/utils/path.py,sha256=DfOU4i4zSs4wchHoE8iE7aWVLkTxiC_JRGepF2hBYBk,690
 howler/utils/socket_utils.py,sha256=nz1SklC9xBHUSfHyTJjpq3mbozX1GDf01WzdGxfaUII,2212
 howler/utils/str_utils.py,sha256=HE8Hqh2HlOLaj16w0H9zKOyDJLp-f1LQ50y_WeGZaEk,8389
 howler/utils/uid.py,sha256=p9dsqyvZ-lpiAuzZWCPCeEM99kdk0Ly9czf04HNdSuw,1341
-howler_api-3.1.0.dev391.dist-info/METADATA,sha256=LLMThjzPzat64TGPdYt_t382kN-82sBrCB9eWaO_Rjs,2804
-howler_api-3.1.0.dev391.dist-info/WHEEL,sha256=3ny-bZhpXrU6vSQ1UPG34FoxZBp3lVcvK0LkgUz6VLk,88
-howler_api-3.1.0.dev391.dist-info/entry_points.txt,sha256=Lu9SBGvwe0wczJHmc-RudC24lmQk7tv3ZBXon9RIihg,259
-howler_api-3.1.0.dev391.dist-info/RECORD,,
+howler_api-3.1.0.dev393.dist-info/METADATA,sha256=WPpuFiztpsfsoSprcfpR9gcgjnRGjlCrEbePq0sRiGc,2804
+howler_api-3.1.0.dev393.dist-info/WHEEL,sha256=3ny-bZhpXrU6vSQ1UPG34FoxZBp3lVcvK0LkgUz6VLk,88
+howler_api-3.1.0.dev393.dist-info/entry_points.txt,sha256=Lu9SBGvwe0wczJHmc-RudC24lmQk7tv3ZBXon9RIihg,259
+howler_api-3.1.0.dev393.dist-info/RECORD,,

{howler_api-3.1.0.dev391.dist-info → howler_api-3.1.0.dev393.dist-info}/WHEEL RENAMED Viewed

File without changes

{howler_api-3.1.0.dev391.dist-info → howler_api-3.1.0.dev393.dist-info}/entry_points.txt RENAMED Viewed

File without changes

howler-api 3.1.0.dev391__py3-none-any.whl → 3.1.0.dev393__py3-none-any.whl

howler-api 3.1.0.dev391py3-none-any.whl → 3.1.0.dev393py3-none-any.whl