Home Explore Help
Sign In
BBK
/
test
4
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 86d7d2d86c
Branches Tags
test
/
venv
/
Lib
/
site-packages
/
pip
/
_vendor
/
urllib3
/
contrib
/
ntlmpool.py

ntlmpool.py 4.4 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130 
  1. """
    2. 

  2. NTLM authenticating pool, contributed by erikcederstran
    3. 

  3. 

  4. Issue #10, see: http://code.google.com/p/urllib3/issues/detail?id=10
    5. 

  5. """
    6. 

  6. from __future__ import absolute_import
    7. 

  7. 

  8. import warnings
    9. 

  9. from logging import getLogger
    10. 

  10. 

  11. from ntlm import ntlm
    12. 

  12. 

  13. from .. import HTTPSConnectionPool
    14. 

  14. from ..packages.six.moves.http_client import HTTPSConnection
    15. 

  15. 

  16. warnings.warn(
    17. 

  17.     "The 'urllib3.contrib.ntlmpool' module is deprecated and will be removed "
    18. 

  18.     "in urllib3 v2.0 release, urllib3 is not able to support it properly due "
    19. 

  19.     "to reasons listed in issue: https://github.com/urllib3/urllib3/issues/2282. "
    20. 

  20.     "If you are a user of this module please comment in the mentioned issue.",
    21. 

  21.     DeprecationWarning,
    22. 

  22. )
    23. 

  23. 

  24. log = getLogger(__name__)
    25. 

  25. 

  26. 

  27. class NTLMConnectionPool(HTTPSConnectionPool):
    28. 

  28.     """
    29. 

  29.     Implements an NTLM authentication version of an urllib3 connection pool
    30. 

  30.     """
    31. 

  31. 

  32.     scheme = "https"
    33. 

  33. 

  34.     def __init__(self, user, pw, authurl, *args, **kwargs):
    35. 

  35.         """
    36. 

  36.         authurl is a random URL on the server that is protected by NTLM.
    37. 

  37.         user is the Windows user, probably in the DOMAIN\\username format.
    38. 

  38.         pw is the password for the user.
    39. 

  39.         """
    40. 

  40.         super(NTLMConnectionPool, self).__init__(*args, **kwargs)
    41. 

  41.         self.authurl = authurl
    42. 

  42.         self.rawuser = user
    43. 

  43.         user_parts = user.split("\\", 1)
    44. 

  44.         self.domain = user_parts[0].upper()
    45. 

  45.         self.user = user_parts[1]
    46. 

  46.         self.pw = pw
    47. 

  47. 

  48.     def _new_conn(self):
    49. 

  49.         # Performs the NTLM handshake that secures the connection. The socket
    50. 

  50.         # must be kept open while requests are performed.
    51. 

  51.         self.num_connections += 1
    52. 

  52.         log.debug(
    53. 

  53.             "Starting NTLM HTTPS connection no. %d: https://%s%s",
    54. 

  54.             self.num_connections,
    55. 

  55.             self.host,
    56. 

  56.             self.authurl,
    57. 

  57.         )
    58. 

  58. 

  59.         headers = {"Connection": "Keep-Alive"}
    60. 

  60.         req_header = "Authorization"
    61. 

  61.         resp_header = "www-authenticate"
    62. 

  62. 

  63.         conn = HTTPSConnection(host=self.host, port=self.port)
    64. 

  64. 

  65.         # Send negotiation message
    66. 

  66.         headers[req_header] = "NTLM %s" % ntlm.create_NTLM_NEGOTIATE_MESSAGE(
    67. 

  67.             self.rawuser
    68. 

  68.         )
    69. 

  69.         log.debug("Request headers: %s", headers)
    70. 

  70.         conn.request("GET", self.authurl, None, headers)
    71. 

  71.         res = conn.getresponse()
    72. 

  72.         reshdr = dict(res.headers)
    73. 

  73.         log.debug("Response status: %s %s", res.status, res.reason)
    74. 

  74.         log.debug("Response headers: %s", reshdr)
    75. 

  75.         log.debug("Response data: %s [...]", res.read(100))
    76. 

  76. 

  77.         # Remove the reference to the socket, so that it can not be closed by
    78. 

  78.         # the response object (we want to keep the socket open)
    79. 

  79.         res.fp = None
    80. 

  80. 

  81.         # Server should respond with a challenge message
    82. 

  82.         auth_header_values = reshdr[resp_header].split(", ")
    83. 

  83.         auth_header_value = None
    84. 

  84.         for s in auth_header_values:
    85. 

  85.             if s[:5] == "NTLM ":
    86. 

  86.                 auth_header_value = s[5:]
    87. 

  87.         if auth_header_value is None:
    88. 

  88.             raise Exception(
    89. 

  89.                 "Unexpected %s response header: %s" % (resp_header, reshdr[resp_header])
    90. 

  90.             )
    91. 

  91. 

  92.         # Send authentication message
    93. 

  93.         ServerChallenge, NegotiateFlags = ntlm.parse_NTLM_CHALLENGE_MESSAGE(
    94. 

  94.             auth_header_value
    95. 

  95.         )
    96. 

  96.         auth_msg = ntlm.create_NTLM_AUTHENTICATE_MESSAGE(
    97. 

  97.             ServerChallenge, self.user, self.domain, self.pw, NegotiateFlags
    98. 

  98.         )
    99. 

  99.         headers[req_header] = "NTLM %s" % auth_msg
    100. 

  100.         log.debug("Request headers: %s", headers)
    101. 

  101.         conn.request("GET", self.authurl, None, headers)
    102. 

  102.         res = conn.getresponse()
    103. 

  103.         log.debug("Response status: %s %s", res.status, res.reason)
    104. 

  104.         log.debug("Response headers: %s", dict(res.headers))
    105. 

  105.         log.debug("Response data: %s [...]", res.read()[:100])
    106. 

  106.         if res.status != 200:
    107. 

  107.             if res.status == 401:
    108. 

  108.                 raise Exception("Server rejected request: wrong username or password")
    109. 

  109.             raise Exception("Wrong server response: %s %s" % (res.status, res.reason))
    110. 

  110. 

  111.         res.fp = None
    112. 

  112.         log.debug("Connection established")
    113. 

  113.         return conn
    114. 

  114. 

  115.     def urlopen(
    116. 

  116.         self,
    117. 

  117.         method,
    118. 

  118.         url,
    119. 

  119.         body=None,
    120. 

  120.         headers=None,
    121. 

  121.         retries=3,
    122. 

  122.         redirect=True,
    123. 

  123.         assert_same_host=True,
    124. 

  124.     ):
    125. 

  125.         if headers is None:
    126. 

  126.             headers = {}
    127. 

  127.         headers["Connection"] = "Keep-Alive"
    128. 

  128.         return super(NTLMConnectionPool, self).urlopen(
    129. 

  129.             method, url, body, headers, retries, redirect, assert_same_host
    130. 

  130.         )
    131.