I’ve put a new PyYAML mirror online at http://pyyaml-mirror.gefira.pl/simple/ so that it can be used in emergency cases, like now, when the main site http://www.pyyaml.org has apparently been down for some time. Hope it saves someone at least a little bit of time! 
I’ve been looking for information on how to get rid of the ‘No Cython, trying Pyrex…’ warning popping up when using things like bzr in zc.builduot config files but there was no clear answer to it so what I’ve finally come up with is below. Essentially, Cython is first downloaded and then compiled so that bzr – or anything that will benefit from there being Cython installed – can freely make use of it.
It isn’t particularly beautiful but does the trick at least, hoping it will save time for someone else!
[buildout] parts = cython-src cython-install myapp [config] cython_version = 0.14 [myapp] recipe = zc.recipe.egg interpreter = py eggs = bzr [cython-src] recipe = hexagonit.recipe.download url = http://pypi.python.org/packages/source/C/Cython/Cython-${config:cython_version}.tar.gz [cython-install] recipe = iw.recipe.cmd on_install = true cmds = cd ${buildout:directory}/parts/cython-src/Cython-${config:cython_version}; ../../../bin/python setup.py install |
The unstoppable Miguel Landaeta did it again and I’m happy to let you all know that sec-wall, the security proxy, can be now installed on Debian wheezy/sid using nothing but DEBs, like below. The only prerequisite is that you need to visit http://alioth.debian.org/~nomadium-guest/debian/unstable/ to find and download the latest DEB – at the time of this writing it’s sec-wall_1.0.0-0miguel2_all.deb but it sure is going to change shortly because sec-wall 1.1 is about to be released soon.
First, the dependencies:
apt-get install python-springpython python-gevent apt-get install python-argparse python-lxml apt-get install python-pesto python-zdaemon apt-get install python-pkg-resources |
Now install sec-wall:
dpkg -i ./sec-wall_1.0.0-0miguel2_all.deb |
And that’s all!
Nice folks at www.linuxsecurity.com have just published a new article on using the sec-wall security proxy with cURL and PycURL, the Python interface to the libcurl library, so if you’re looking for information on how to test services secured using sec-wall, either with HTTP Basic/Digest Auth, custom HTTP headers, XPath-based authentication, WS-Security or SSL/TLS client certificates then you won’t be disappointed. Enjoy!
One of the things sec-wall, a featured-packed high performance security proxy, provides is the support for securing access to resources using arbitrary XPath expressions. What is currently missing in the documentation though is an explanation of how one should use XML namespaces. The thing can be done and there’s a bug report regarding it which I’m going to fix and close in a day or two but just thought that in the meantime I’d blog about it.
So how would one go about creating a sec-wall config.py file that should let in only clients that use credentials akin to what’s below?
<?xml version="1.0" encoding="utf-8"?> <a> <b> <username xmlns="http://example.com/myns1">foo</username> <c xmlns="http://example.com/myns2" password="bar" /> </b> </a> |
The answer is pretty simple – etree.XPath objects accept a namespaces argument which ought to be a mapping between prefixes used in expressions and actual namespaces, so the config file should read like below:
# -*- coding: utf-8 -*- # stdlib import uuid # lxml from lxml import etree # Don't share it with anyone. INSTANCE_SECRET = '7bcb90942d994440af05d02b691ae86d' # May be shared with the outside world. INSTANCE_UNIQUE = uuid.uuid4().hex # ############################################################################## def xpath(): username = 'foo' password = 'bar' xpath1 = "/a/b/myns1:username/text() = '{0}'".format(username) xpath2 = "//myns2:c/@password='{0}'".format(password) ns_dict = { 'myns1': 'http://example.com/myns1', 'myns2': 'http://example.com/myns2', } return { 'xpath': True, 'xpath-1': etree.XPath(xpath1, namespaces=ns_dict), 'xpath-2': etree.XPath(xpath2, namespaces=ns_dict), 'host': 'http://example.com/', } urls = [ ('/xpath', xpath()), ] |
Solid, eh?
