From 34fcde4223577f48748f7a6365f7339d15cbdf13 Mon Sep 17 00:00:00 2001
From: Zak Lantz <manofcolombia@users.noreply.github.com>
Date: Mon, 29 Nov 2021 12:53:09 -0500
Subject: [PATCH 1/4] Allows env var for path to cert for request verification,
 pretty print json stdout, updated mac var help

---
 mac2switchport.py | 21 ++++++++++++---------
 1 file changed, 12 insertions(+), 9 deletions(-)

diff --git a/mac2switchport.py b/mac2switchport.py
index fa52271..e76ac8d 100644
--- a/mac2switchport.py
+++ b/mac2switchport.py
@@ -71,12 +71,11 @@
 
 import os
 import sys
-import time
 import json
 import re
-import certifi
 import requests
 import logging
+import argparse
 
 logger = logging.getLogger(__name__)
 logger.setLevel(logging.DEBUG)
@@ -91,6 +90,10 @@
 else:
     AKIPS_API_RO_PASSWORD = os.environ.get("AKIPS_API_RO_PASSWORD")
 
+if not os.environ.get("AKIPS_CERT"):
+    AKIPS_CERT = False
+else:
+    AKIPS_CERT = os.environ.get("AKIPS_CERT")
 
 def format_mac(mac: str) -> str:
     mac = re.sub('[.:-]', '', mac).lower()  # remove delimiters and convert to lower case
@@ -105,7 +108,7 @@ def format_mac(mac: str) -> str:
 def mac2switchport(mac, raw=False):
     logger.debug("mac2switchport entry")
     #assert len(format_mac(mac)) == 17, "MAC Address must be 17 characters"
-    r = requests.get(AKIPS_URL + "/api-spm?username=api-ro;password=" + AKIPS_API_RO_PASSWORD + ";mac=" + format_mac(mac), verify="akips.pem")
+    r = requests.get(AKIPS_URL + "/api-spm?username=api-ro;password=" + AKIPS_API_RO_PASSWORD + ";mac=" + format_mac(mac), verify=AKIPS_CERT)
     logger.debug(r)
     if raw:
         return r.text
@@ -130,13 +133,14 @@ def main():
                 json_in = json.loads(line)
                 logger.debug(json_in)
                 if type(json_in) is dict:
-                    print(mac2switchport(json_in['mac'], False))
+                    retval = mac2switchport(json_in['mac'], False)
+                    print(json.dumps(retval, indent=2))
                     sys.stdout.flush()
                 elif type(json_in) is list:
                     retval = []
                     for ele in json_in:
                         retval.append(mac2switchport(ele['mac'], False))
-                    print(json.dumps(retval))
+                    print(json.dumps(retval, indent=2))
                     sys.stdout.flush()
         except json.decoder.JSONDecodeError:
             logger.debug("STDIN is not JSON")
@@ -146,7 +150,7 @@ def main():
                     if len(line) == 0:
                         continue
                     #ToDo: Make this return a json list [] by saving results to retval and then outputting that.
-                    print(json.dumps(mac2switchport(line, False)))
+                    print(json.dumps(mac2switchport(line, False), indent=2))
                     sys.stdout.flush()
             except BrokenPipeError:
                 pass
@@ -156,9 +160,8 @@ def main():
             raise
 
     else:
-        import argparse
         parser = argparse.ArgumentParser(description='Fetch switchports where AKIPS has seen this MAC Address')
-        parser.add_argument("--mac", help="The MAC Address you'd like to query.  No punctuation, case-insensitive.", type=str, required=True)
+        parser.add_argument("--mac", help="The MAC Address you'd like to query.  Supports: 11:22:33:44:55:66:77, 1122.3344.5566, 11-22-33-44-55-66-77", type=str, required=True)
         parser.add_argument("--raw", help="Output raw results from API", action="store_true")
         parser.add_argument("--debug", help="Run and show debugging information", action="store_true")
         args = parser.parse_args()
@@ -167,7 +170,7 @@ def main():
             logger.setLevel(logging.DEBUG)
         logger.debug("Loaded")
 
-        print(json.dumps(mac2switchport(args.mac, args.raw)))
+        print(json.dumps(mac2switchport(args.mac, args.raw), indent=2))
         sys.stdout.flush()
 
 

From f10ee240715a52e1609b445f5bddfaa117e45e59 Mon Sep 17 00:00:00 2001
From: Zak Lantz <manofcolombia@users.noreply.github.com>
Date: Mon, 29 Nov 2021 13:00:32 -0500
Subject: [PATCH 2/4] AKIPS_CERT documentation

---
 mac2switchport.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/mac2switchport.py b/mac2switchport.py
index e76ac8d..a2533ee 100644
--- a/mac2switchport.py
+++ b/mac2switchport.py
@@ -31,6 +31,7 @@
 ###     Environment Variables
 ###         AKIPS_URL               URL of the AKIPS server, ex: "https://akips.example.edu"
 ###         AKIPS_API_RO_PASSWORD   Password for the Read-Only user of the AKIPS API
+###         AKIPS_CERT              Path to untrusted CA cert (globalsign intranet, etc.)
 ###     Files
 ###         ./akips.pem             Contains the certificate chain for the AKIPS HTTPS server
 ###                                 Example:

From 42e91dd9a3125167811843b136a97f30cf35be57 Mon Sep 17 00:00:00 2001
From: Zak Lantz <manofcolombia@users.noreply.github.com>
Date: Mon, 29 Nov 2021 13:05:39 -0500
Subject: [PATCH 3/4] gitignore ignore certs in case some accidentally
 contributes them

---
 .gitignore | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/.gitignore b/.gitignore
index b6e4761..10739ee 100644
--- a/.gitignore
+++ b/.gitignore
@@ -127,3 +127,7 @@ dmypy.json
 
 # Pyre type checker
 .pyre/
+
+# Certs
+*.pem
+*.crt
\ No newline at end of file

From f4b03b138bf1a6aabce77c159d0cebf3a6b53ac9 Mon Sep 17 00:00:00 2001
From: Zak Lantz <manofcolombia@users.noreply.github.com>
Date: Mon, 29 Nov 2021 13:44:02 -0500
Subject: [PATCH 4/4] handles multiple mac in dict, added documentation for
 multiple mac address usage

---
 mac2switchport.py | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/mac2switchport.py b/mac2switchport.py
index a2533ee..d0fb9aa 100644
--- a/mac2switchport.py
+++ b/mac2switchport.py
@@ -58,10 +58,18 @@
 ###         echo aa:bb:cc:dd:ee:ff | ./mac2switchport.py
 ###         {"mac": "aa:bb:cc:dd:ee:ff", "vendor": "OUI-Vendor-Name", "switch": "switch-name", "port": "Gi0/23", "vlan": "vlan-name", "ipaddress": "10.1.2.3"}
 ###
+###     Specify MAC address via STDIN
+###         echo "                                                                                                                         ─╯
+###             94:c6:91:09:18:20
+###             94:c6:91:09:18:20" | python3 mac2switchport.py
+###
 ###     Specify MAC address in JSON via STDIN
 ###         echo '{"mac": "aa:bb:cc:dd:ee:ff"}' | ./mac2switchport.py
 ###         {'mac': 'aa:bb:cc:dd:ee:ff', 'vendor': 'OUI-Vendor-Name', 'switch': 'switch-name', 'port': 'Gi0/23', 'vlan': 'vlan-name', 'ipaddress': '10.1.2.3'}
 ###
+###     Specify Multiple MAC address in JSON via STDIN
+###         echo '{"mac": ["aa:bb:cc:dd:ee:ff:", "ffee.ddcc.bbaa"]}' | python3 mac2switchport.py
+###
 ###     This script returns JSON as output by default.  If the MAC address cannot be located by AKIPS, the script returns an empty list [].
 ###     If you wish to have the output in CSV format, use the --raw option
 ###         ./mac2switchport.py --mac aa:bb:cc:dd:ee:ff
@@ -134,7 +142,9 @@ def main():
                 json_in = json.loads(line)
                 logger.debug(json_in)
                 if type(json_in) is dict:
-                    retval = mac2switchport(json_in['mac'], False)
+                    retval = []
+                    for mac in json_in['mac']:
+                        retval.append(mac2switchport(mac, False))
                     print(json.dumps(retval, indent=2))
                     sys.stdout.flush()
                 elif type(json_in) is list: