I'm using xmpppy library for my jabber remote administration bot, but I can't find how to send/receive a file and save it inside the directory specified. The documentation is poor and there isn't any examples, but I really want to make it. Can anyone show some examples or some links about it? Or maybe I should use an alternative xmpp bindings?
There are two XEP's (XMPP Extensions) that cover file transfer: XEP-0096 http://xmpp.org/extensions/xep-0096.html (called SI (Stream Initiated) File Transfer) and XEP-0234 http://xmpp.org/extensions/xep-0234.html (Jingle File Transfer)
XEP-0096 is the original one but I have found it is rarely implemented (as you have discovered) in most libraries and also most clients. XEP-0234 is much newer and is found in more modern clients but not in older libraries (like xmpppy). The problem you are going to face even when you find a library or implementation of either of these is that both sides of the connection must also implement them.
Of the two, I would pick XEP-0234 because it covers quite a few issues that the original had and is considered to be the replace for it.
As far as Python libraries go none support it. I've looked at xmpppy, headstock, pyxmpp, jabber.py, twisted words and my favourite sleekxmppp.
There is a module xmpp.filetransfer in xmpppy:
This module contains IBB class that is the simple implementation of JEP-0047. Note that this is just a transport for data. You have to negotiate data transfer before (via StreamInitiation most probably). Unfortunately SI is not implemented yet.
Related
The full explanation of what I want to do and why would take a while to explain. Basically, I want to use a private SSL connection in a publicly distributed application, and not handout my private ssl keys, because that negates the purpose! I.e. I want secure remote database operations which no one can see into - inclusive of the client.
My core question is : How could I make the Python ssl module use data held in memory containing the ssl pem file contents instead of hard file system paths to them?
The constructor for class SSLSocket calls load_verify_locations(ca_certs) and load_cert_chain(certfile, keyfile) which I can't trace into because they are .pyd files. In those black boxes, I presume those files are read into memory. How might I short circuit the process and pass the data directly? (perhaps swapping out the .pyd?...)
Other thoughts I had were: I could use io.StringIO to create a virtual file, and then pass the file descriptor around. I've used that concept with classes that will take a descriptor rather than a path. Unfortunately, these classes aren't designed that way.
Or, maybe use a virtual file system / ram drive? That could be trouble though because I need this to be cross platform. Plus, that would probably negate what I'm trying to do if someone could access those paths from any external program...
I suppose I could keep them as real files, but "hide" them somewhere in the file system.
I can't be the first person to have this issue.
UPDATE
I found the source for the "black boxes"...
https://github.com/python/cpython/blob/master/Modules/_ssl.c
They work as expected. They just read the file contents from the paths, but you have to dig down into the C layer to get to this.
I can write in C, but I've never tried to recompile an underlying Python source. It looks like maybe I should follow the directions here https://devguide.python.org/ to pull the Python repo, and make changes to. I guess I can then submit my update to the Python community to see if they want to make a new standardized feature like I'm describing... Lots of work ahead it seems...
It took some effort, but I did, in fact, solve this in the manner I suggested. I revised the underlying code in the _ssl.c Python module / extension and rebuilt Python as a whole. After figuring out the process for building Python from source, I had to learn the details for how to pass variables between Python and C, and I needed to dig into guts of OpenSSL (over which the Python module is a wrapper).
Fortunately, OpenSSL already has functions for this exact purpose, so it was just a matter of swapping out the how Python is trying to pass file paths into the C, and instead bypassing the file reading process and jumping straight to the implementation of using the ca/cert/key data directly instead.
For the moment, I only did this for Windows. Since I'm ultimately creating a cross platform program, I'll have to repeat the build process for the other platforms I'll support - so that's a hassle. Consider how badly you want this, if you are going to pursue it yourself...
Note that when I rebuilt Python, I didn't use that as my actual Python installation. I just kept it off to the side.
One thing that was really nice about this process was that after that rebuild, all I needed to do was drop the single new _ssl.pyd into my working directory. With that file in place, I could pass my direct cert data. If I removed it, I could pass the normal file paths instead. It will use either the normal Python source, or implicitly use the override if the .pyd file is simply put in the program's directory.
In my project I'm trying to use a smart card for the purpose of creating digital signature for a specific data.
I'm working with the smart card reader ACR38U-I1 and Linux OS (more precisely with the Raspbian OS)
I already installed all the needed drivers for this device and additional libraries such as pcsc, pcsc-lite ...
Also I got private/public gpg keypair for making the digital signature.
As I understand the concept of making digital signature using smart card I have to write the private key to this card and read it when I need to create a signature.
And in this situation I faced with a problem that I don't know how to do this.
I opened pcsc-lite documentation [1] and couldn't find a write methods or examples how to write data to card
https://pcsclite.alioth.debian.org/api/group__API.html [1]
I'll be grateful if somebody could direct me on the right way.
The typical approach is:
generate the key (pair) on the smart card; this has the advantage, that no malicious software will be able to grab the private key since it will never leave the card.
send the command to generate a signature to the card, e.g. with the hash value of the data to sign
Reading the key from the smart card discards all the security a smart card provides. The most common way to generate a signature is using a PKCS 11 software, but it may be difficult to find one for Raspbian. I would recommend to find a card directly supported by GPG. That way you will not need to learn in detail about all the necessary topics.
(Wanted to write a comment, but it got quite long...)
(EDIT: While writing this I did not realize that you are working in a non-x86 environment, so this answer is probably useless unless you have a choice to go for x86 (intel edison maybe?))
This is not a solution, but might be a good direction (I have no experience with this particular card):
There is a PKCS#11 driver for the card which probably provides some access to its services (pkcs11 is a standardized API to access cryptographic tokens, see here).
With this driver (assuming it works and provides appropriate mechanisms) you have some choices to continue:
use it directly from c code (works for me)
use a python wrapper (have no experience with this way, but your question implies python is desired)
use openssl (see e.g. here or here -- this worked for me some time ago)
use it with gpg (never tried and would not recommend at all)
It might be a good idea to verify first that the pkcs11 driver is working (you can do that using firefox browser, see e.g. here).
Additional notes:
I recommend to initialize the card and generate the keys with vendor provided utilities and use the pkcs11 driver only to actually sign some data (this way avoids many troublesome parts).
Do google for pkcs11 and related stuff, this "extended comment" is just an another "point of view"
Good luck!
I'm working on an audio mixing program (DAW) web app, and considering using Python and Python Gstreamer for the backend. I understand that I can contain the audio tracks of a single music project in a gst.Pipeline bin, but playback also appears to be controlled by this Pipeline.
Is it possible to create several "views" into the Pipeline representing the project? So that more than one client can grab an audio stream of this Pipeline at will, with the ability to do time seek?
If there is a better platform/library out there to use, I'd appreciate advice on that too. I'd prefer sticking to Python though, because my team members are already researching Python for other parts of this project.
Thanks very much!
You might want to look at Flumotion (www.flumotion.org). It is a python based streaming server using GStreamer, you might be able to get implementation ideas from that in terms of how you do your application. It relies heavily on the python library Twisted for its network handling.
I have a working GPIB interface and Linux-GPIB package installed and working.
I only know two commands at the moment, x.write and x.find. I don't know much about Python, but I recognize the dot operator and realize that after importing gpib, I should get some functions at my disposal.
I have not been able to locate the list of GPIB functions.
They are in the gpib library. You reference them like so: gpib.foo().
Add this line into your code:
help(gpib)
And browse through the functions/classes.
If you are working in Python, I think the pyvisa is what you are looking for. It provides lots of useful high level functions which helps you to send a series of SCPI commands to your equipment via GPIB, such as write, read,ask and so on.
As for SCPI commands themselves, usually they will differ from the different vendors. So in terms of what kind of SCPI you should send to the equipment, you should read the corresponding datasheet. But in the other case, you could have installed the drivers which were provided by the vendor. In this case you can send some even higher commands. For instance, if you would like to control a voltage source, they have probably already got the function setvoltage(double voltage). Things will be much more easier for you.
Actually there are many commands available. Except those two you mentioned, there are x.read, x.ask, x.ask_for_value and so on.
But I recommend your to read those help file, I think that will give you a better understanding.
I want to program a virtual file system in Windows with Python.
That is, a program in Python whose interface is actually an "explorer windows". You can create & manipulate file-like objects but instead of being created in the hard disk as regular files they are managed by my program and, say, stored remotely, or encrypted or compressed or versioned, or whatever I can do with Python.
What is the easiest way to do that?
While perhaps not quite ripe yet (unfortunately I have no first-hand experience with it), pywinfuse looks exactly like what you're looking for.
Does it need to be Windows-native? There is at least one protocol which can be both browsed by Windows Explorer, and served by free Python libraries: FTP. Stick your program behind pyftpdlib and you're done.
Have a look at Dokan a User mode filesystem for Windows. There are Ruby, .NET (and Java by 3rd party) bindings available, and I don't think it'll be difficult to write python bindings either.
If you are trying to write a virtual file system (I may misunderstand you) - I would look at a container file format. VHD is well documented along with HDI and (embedded) OSQ. There are basically two things you need to do. One is you need to decide on a file/container format. After that it is as simple as writing the API to manipulate that container. If you would like it to be manipulated over the internet, pick a transport protocol then just write a service (would would emulate a file system driver) that listens on a certain port and manipulates this container using your API
You might be interested in PyFilesystem;
A filesystem abstraction layer for Python
PyFilesystem is an abstraction layer for filesystems. In the same way that Python's file-like objects provide a common way of accessing files, PyFilesystem provides a common way of accessing entire filesystems. You can write platform-independent code to work with local files, that also works with any of the supported filesystems (zip, ftp, S3 etc.).
What the description on the homepage does not advertise is that you can then expose this abstraction again as a filesystem, among others SFTP, FTP (though currently disfunct, probably fixable) and dokan (dito) as well as fuse.