stormshield.sns.sslclient


Namestormshield.sns.sslclient JSON
Version 1.1.0 PyPI version JSON
download
home_pagehttps://github.com/stormshield/python-SNS-API
SummarySSL API client for Stormshield Network Security appliances
upload_time2023-09-20 11:37:18
maintainer
docs_urlNone
authorRemi Pauchet
requires_python
licenseApache License 2.0
keywords
VCS
bugtrack_url
requirements No requirements were recorded.
Travis-CI No Travis.
coveralls test coverage No coveralls. 
            # python-SNS-API

A Python client for the Stormshield Network Security appliance SSL API.

Note: this module requires python3.7 or later.

## API usage

```python
from stormshield.sns.sslclient import SSLClient

client = SSLClient(
    host="10.0.0.254", port=443,
    user='admin', password='password',
    sslverifyhost=False)

response = client.send_command("SYSTEM PROPERTY")

if response:
    model   = response.data['Result']['Model']
    version = response.data['Result']['Version']

    print("Model: {}".format(model))
    print("Firmware version: {}".format(version))
else:
    print("Command failed: {}".format(response.output))

client.disconnect()

```

### Command results

Command results are available in text, xml or python structure formats:

```python
>>> response = client.send_command("CONFIG NTP SERVER LIST")

>>> print(response.output)
101 code=00a01000 msg="Begin" format="section_line"
[Result]
name=ntp1.stormshieldcs.eu keynum=none type=host
name=ntp2.stormshieldcs.eu keynum=none type=host
100 code=00a00100 msg="Ok"

>>> print(response.xml)
<?xml version="1.0"?>
<nws code="100" msg="OK"><serverd ret="101" code="00a01000" msg="Begin"><data format="section_line"><section title="Result"><line><key name="name" value="ntp1.stormshieldcs.eu"/><key name="keynum" value="none"/><key name="type" value="host"/></line><line><key name="name" value="ntp2.stormshieldcs.eu"/><key name="keynum" value="none"/><key name="type" value="host"/></line></section></data></serverd><serverd ret="100" code="00a00100" msg="Ok"></serverd></nws>

>>> print(response.data)
{'Result': [{'name': 'ntp1.stormshieldcs.eu', 'keynum': 'none', 'type': 'host'}, {'name': 'ntp2.stormshieldcs.eu', 'keynum': 'none', 'type': 'host'}]}

```

The keys of the `data` property are case insensitive, `response.data['Result'][0]['name']` and `response.data['ReSuLt'][0]['NaMe']` will return the same value.

Results token are also available via `response.parser.get()` method which accepts a default parameter to return if the token is not present.

```python
>>> print(response.output)
101 code=00a01000 msg="Begin" format="section"
[Server]
1=dns1.google.com
2=dns2.google.com
100 code=00a00100 msg="Ok"

>>> print(response.data['Server']['3'])
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/usr/local/lib/python3.7/site-packages/requests/structures.py", line 52, in __getitem__
    return self._store[key.lower()][1]
KeyError: '3'

>>> print(response.parser.get(section='Server', token='3', default=None))
None

```

### File upload/download

Files can be downloaded to or uploaded from the client host by adding a redirection to a file with '>' or '<' at the end of the configuration command.

```python
>>> client.send_command("CONFIG BACKUP list=all > /tmp/mybackup.na")
100 code=00a00100 msg="Ok"
```

## snscli

 `snscli` is a python cli for executing configuration commands and scripts on Stormshield Network Security appliances.

* Output format can be chosen between section/ini or xml
* File upload and download available with adding `< upload` or `> download` at the end of the command
* Client can execute script files using `--script` option.
* Comments are allowed with `#`

`$ snscli --host <utm>`

`$ snscli --host <utm> --user admin --password admin --script config.script`

Concerning the SSL validation:

* For the first connection to a new appliance, ssl host name verification can be bypassed with `--no-sslverifyhost` option.
* To connect to a known appliance with the default certificate use `--host <serial> --ip <ip address>` to validate the peer certificate.
* If a custom CA and certificate is installed, use `--host myfirewall.tld --cabundle <ca.pem>`. CA bundle should contain at least the root CA.
* For client certificate authentication, the expected format is a PEM file with the certificate and the unencrypted key concatenated.

## Proxy

The library and `snscli` tool support HTTP and SOCKS proxies, use `--proxy scheme://user:password@host:port` option.


## Build

`$ python3 setup.py sdist bdist_wheel`


## Install

## From PyPI:

`$ pip3 install stormshield.sns.sslclient`

## From source:

`$ python3 setup.py install`


## Tests

Warning: some tests require a remote SNS appliance.

`$ PASSWORD=password APPLIANCE=10.0.0.254 tox`

To run one test:

`tox -- tests/test_format_ini`


To run `snscli` from the source folder without install:

`$ PYTHONPATH=. python3 stormshield/sns/cli.py --help`


## Links

* [Stormshield corporate website](https://www.stormshield.com)
* [CLI commands reference guide](https://documentation.stormshield.eu/SNS/v3/en/Content/CLI_Serverd_Commands_reference_Guide_v3/Introduction.htm)

Raw data

            {
    "_id": null,
    "home_page": "https://github.com/stormshield/python-SNS-API",
    "name": "stormshield.sns.sslclient",
    "maintainer": "",
    "docs_url": null,
    "requires_python": "",
    "maintainer_email": "",
    "keywords": "",
    "author": "Remi Pauchet",
    "author_email": "remi.pauchet@stormshield.eu",
    "download_url": "",
    "platform": null,
    "description": "# python-SNS-API\n\nA Python client for the Stormshield Network Security appliance SSL API.\n\nNote: this module requires python3.7 or later.\n\n## API usage\n\n```python\nfrom stormshield.sns.sslclient import SSLClient\n\nclient = SSLClient(\n    host=\"10.0.0.254\", port=443,\n    user='admin', password='password',\n    sslverifyhost=False)\n\nresponse = client.send_command(\"SYSTEM PROPERTY\")\n\nif response:\n    model   = response.data['Result']['Model']\n    version = response.data['Result']['Version']\n\n    print(\"Model: {}\".format(model))\n    print(\"Firmware version: {}\".format(version))\nelse:\n    print(\"Command failed: {}\".format(response.output))\n\nclient.disconnect()\n\n```\n\n### Command results\n\nCommand results are available in text, xml or python structure formats:\n\n```python\n>>> response = client.send_command(\"CONFIG NTP SERVER LIST\")\n\n>>> print(response.output)\n101 code=00a01000 msg=\"Begin\" format=\"section_line\"\n[Result]\nname=ntp1.stormshieldcs.eu keynum=none type=host\nname=ntp2.stormshieldcs.eu keynum=none type=host\n100 code=00a00100 msg=\"Ok\"\n\n>>> print(response.xml)\n<?xml version=\"1.0\"?>\n<nws code=\"100\" msg=\"OK\"><serverd ret=\"101\" code=\"00a01000\" msg=\"Begin\"><data format=\"section_line\"><section title=\"Result\"><line><key name=\"name\" value=\"ntp1.stormshieldcs.eu\"/><key name=\"keynum\" value=\"none\"/><key name=\"type\" value=\"host\"/></line><line><key name=\"name\" value=\"ntp2.stormshieldcs.eu\"/><key name=\"keynum\" value=\"none\"/><key name=\"type\" value=\"host\"/></line></section></data></serverd><serverd ret=\"100\" code=\"00a00100\" msg=\"Ok\"></serverd></nws>\n\n>>> print(response.data)\n{'Result': [{'name': 'ntp1.stormshieldcs.eu', 'keynum': 'none', 'type': 'host'}, {'name': 'ntp2.stormshieldcs.eu', 'keynum': 'none', 'type': 'host'}]}\n\n```\n\nThe keys of the `data` property are case insensitive, `response.data['Result'][0]['name']` and `response.data['ReSuLt'][0]['NaMe']` will return the same value.\n\nResults token are also available via `response.parser.get()` method which accepts a default parameter to return if the token is not present.\n\n```python\n>>> print(response.output)\n101 code=00a01000 msg=\"Begin\" format=\"section\"\n[Server]\n1=dns1.google.com\n2=dns2.google.com\n100 code=00a00100 msg=\"Ok\"\n\n>>> print(response.data['Server']['3'])\nTraceback (most recent call last):\n  File \"<stdin>\", line 1, in <module>\n  File \"/usr/local/lib/python3.7/site-packages/requests/structures.py\", line 52, in __getitem__\n    return self._store[key.lower()][1]\nKeyError: '3'\n\n>>> print(response.parser.get(section='Server', token='3', default=None))\nNone\n\n```\n\n### File upload/download\n\nFiles can be downloaded to or uploaded from the client host by adding a redirection to a file with '>' or '<' at the end of the configuration command.\n\n```python\n>>> client.send_command(\"CONFIG BACKUP list=all > /tmp/mybackup.na\")\n100 code=00a00100 msg=\"Ok\"\n```\n\n## snscli\n\n `snscli` is a python cli for executing configuration commands and scripts on Stormshield Network Security appliances.\n\n* Output format can be chosen between section/ini or xml\n* File upload and download available with adding `< upload` or `> download` at the end of the command\n* Client can execute script files using `--script` option.\n* Comments are allowed with `#`\n\n`$ snscli --host <utm>`\n\n`$ snscli --host <utm> --user admin --password admin --script config.script`\n\nConcerning the SSL validation:\n\n* For the first connection to a new appliance, ssl host name verification can be bypassed with `--no-sslverifyhost` option.\n* To connect to a known appliance with the default certificate use `--host <serial> --ip <ip address>` to validate the peer certificate.\n* If a custom CA and certificate is installed, use `--host myfirewall.tld --cabundle <ca.pem>`. CA bundle should contain at least the root CA.\n* For client certificate authentication, the expected format is a PEM file with the certificate and the unencrypted key concatenated.\n\n## Proxy\n\nThe library and `snscli` tool support HTTP and SOCKS proxies, use `--proxy scheme://user:password@host:port` option.\n\n\n## Build\n\n`$ python3 setup.py sdist bdist_wheel`\n\n\n## Install\n\n## From PyPI:\n\n`$ pip3 install stormshield.sns.sslclient`\n\n## From source:\n\n`$ python3 setup.py install`\n\n\n## Tests\n\nWarning: some tests require a remote SNS appliance.\n\n`$ PASSWORD=password APPLIANCE=10.0.0.254 tox`\n\nTo run one test:\n\n`tox -- tests/test_format_ini`\n\n\nTo run `snscli` from the source folder without install:\n\n`$ PYTHONPATH=. python3 stormshield/sns/cli.py --help`\n\n\n## Links\n\n* [Stormshield corporate website](https://www.stormshield.com)\n* [CLI commands reference guide](https://documentation.stormshield.eu/SNS/v3/en/Content/CLI_Serverd_Commands_reference_Guide_v3/Introduction.htm)\n\n\n\n",
    "bugtrack_url": null,
    "license": "Apache License 2.0",
    "summary": "SSL API client for Stormshield Network Security appliances",
    "version": "1.1.0",
    "project_urls": {
        "Homepage": "https://github.com/stormshield/python-SNS-API"
    },
    "split_keywords": [],
    "urls": [
        {
            "comment_text": "",
            "digests": {
                "blake2b_256": "5bd0ffe6e5f608b7013eba58f18e8cd261366868a5a2e1e38db8ce17fde8c36d",
                "md5": "f4b816f5c360e95ab896da3bbfec3bdf",
                "sha256": "38a58c3642f5f62bf672860b200d3f4dd434d2c4567eee2d59e1d06006877a45"
            },
            "downloads": -1,
            "filename": "stormshield.sns.sslclient-1.1.0-py3-none-any.whl",
            "has_sig": false,
            "md5_digest": "f4b816f5c360e95ab896da3bbfec3bdf",
            "packagetype": "bdist_wheel",
            "python_version": "py3",
            "requires_python": null,
            "size": 27650,
            "upload_time": "2023-09-20T11:37:18",
            "upload_time_iso_8601": "2023-09-20T11:37:18.361649Z",
            "url": "https://files.pythonhosted.org/packages/5b/d0/ffe6e5f608b7013eba58f18e8cd261366868a5a2e1e38db8ce17fde8c36d/stormshield.sns.sslclient-1.1.0-py3-none-any.whl",
            "yanked": false,
            "yanked_reason": null
        }
    ],
    "upload_time": "2023-09-20 11:37:18",
    "github": true,
    "gitlab": false,
    "bitbucket": false,
    "codeberg": false,
    "github_user": "stormshield",
    "github_project": "python-SNS-API",
    "travis_ci": false,
    "coveralls": false,
    "github_actions": false,
    "tox": true,
    "lcname": "stormshield.sns.sslclient"
}
Remi Pauchet
Elapsed time: 0.26881s