Skip to content

Commit

Permalink
MultiChallenge as parameter; Disabling SSL check by default
Browse files Browse the repository at this point in the history
  • Loading branch information
@Jancis
Jancis committed Feb 1, 2018
1 parent ec23653 commit 3c8e83a
Showing 1 changed file with 51 additions and 10 deletions.
61 changes: 51 additions & 10 deletions snxconnect.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,9 @@
import sys
import socket
try :
import httplib
import urllib2
import ssl
from urllib2 import build_opener, HTTPCookieProcessor, Request
from urllib import urlencode
from httplib import IncompleteRead
Expand Down Expand Up @@ -68,6 +71,29 @@ def iterbytes (x) :
yield (x [i:i+1])
# end def iterbytes

class VerifiedHTTPSConnection(httplib.HTTPSConnection):
def connect(self):
# overrides the version in httplib so that we can fiddle with cert options
sock = socket.create_connection((self.host, self.port), self.timeout)
if self._tunnel_host:
self.sock = sock
self._tunnel()

self.sock = ssl.wrap_socket(sock,
self.key_file,
self.cert_file,
cert_reqs=ssl.CERT_NONE )
#cert_reqs=ssl.CERT_REQUIRED,
#ca_certs="PATH_TO_VALID_CA_CRT")

# wraps https connections with ssl certificate verification
class VerifiedHTTPSHandler(urllib2.HTTPSHandler):
def __init__(self, connection_class = VerifiedHTTPSConnection):
self.specialized_conn_class = connection_class
urllib2.HTTPSHandler.__init__(self)
def https_open(self, req):
return self.do_open(self.specialized_conn_class, req)

class HTML_Requester (object) :

def __init__ (self, args) :
Expand All @@ -82,7 +108,8 @@ def __init__ (self, args) :
j.load (self.args.cookiefile, ignore_discard = True)
except IOError :
self.has_cookies = False
self.opener = build_opener (HTTPCookieProcessor (j))
https_handler = VerifiedHTTPSHandler()
self.opener = build_opener (https_handler, HTTPCookieProcessor (j))
self.nextfile = args.file
# end def __init__

Expand Down Expand Up @@ -203,14 +230,23 @@ def login (self) :
self.open (data = urlencode (d))
self.debug (self.purl)
self.debug (self.info)
while 'MultiChallenge' in self.purl :
d = self.parse_pw_response ()
otp = getpass ('One-time Password: ')
d ['password'] = enc.encrypt (otp)
self.debug ("nextfile: %s" % self.nextfile)

if self.args.multi_challenge :
while 'MultiChallenge' in self.purl :
d = self.parse_pw_response ()
otp = getpass ('One-time Password: ')
d ['password'] = enc.encrypt (otp)
self.debug ("nextfile: %s" % self.nextfile)
self.debug ("purl: %s" % self.purl)
self.open (data = urlencode (d))
self.debug ("info: %s" % self.info)

if self.purl.endswith ('Login/ActivateLogin') :
if self.args.save_cookies :
self.jar.save (self.args.cookiefile, ignore_discard = True)
self.debug ("purl: %s" % self.purl)
self.open (data = urlencode (d))
self.debug ("info: %s" % self.info)
self.open('sslvpn/Login/ActivateLogin?ActivateLogin=activate&LangSelect=en_US&submit=Continue&HeightData=')

if self.purl.endswith ('Portal/Main') :
if self.args.save_cookies :
self.jar.save (self.args.cookiefile, ignore_discard = True)
Expand All @@ -222,7 +258,7 @@ def login (self) :
self.generate_snx_info ()
return True
else :
print ("Unexpected response, looking for MultiChallenge or Portal")
print ("Unexpected response, try again.")
self.debug ("purl: %s" % self.purl)
return
# end def login
Expand Down Expand Up @@ -405,7 +441,7 @@ def main () :
except (OSError, IOError) :
pass
cfg = {}
boolopts = ['debug', 'save_cookies']
boolopts = ['debug', 'save_cookies', 'multi_challenge']
if cfgf :
for line in cfgf :
line = line.strip ().decode ('utf-8')
Expand Down Expand Up @@ -455,6 +491,11 @@ def main () :
, help = 'Login type, default="%(default)s"'
, default = cfg.get ('login_type', 'Standard')
)
cmd.add_argument \
( '-MC', '--multi-challenge'
, help = 'MultiChallenge, default="%(default)s"'
, default = cfg.get ('multi_challenge', False)
)
cmd.add_argument \
( '-P', '--password'
, help = 'Login password, not a good idea to specify on commandline'
Expand Down

0 comments on commit 3c8e83a

Please sign in to comment.