Im writing an application oriented to speakers and conferences. Im writing it with Python and focused on Linux.
I would like to know if its possible to control LibreOffice Impress with Python, under Linux in some way.
I want to start an instance of LibreOffice Impress with some .odp file loaded, from my Python app. Then, I would like to be able to receive from the odp some info like: previous, current and next slide. Or somehow generate the images of the slides on the go.
Finally, I want to control LibreOffice in real time. This is: move through the slides using direction keys; right and left.
The idea is to use python alone, but I don't mind using external libraries or frameworks.
Thanks a lot.
Take a look at AOO UNO . You may also check some application projects like docvert. This framework is shared between LO and Apache OO, but perhaps there some minor differences due to separate development of the two projects.
For a simple tutorial-like code you may take a look at this project. The rest depends on your actual needs and you should study corresponding UNO API, it's (almost) language-neutral.
The answer from #user3159253 describes how to connect to a presentation file, which is the first part of your question. Then, to control the presentation you will need to use XPresentation2 and XSlideShowController. Here is some code to do this, using the doc variable from the other example:
def runSlideShow(doc):
presentation = doc.getPresentation()
presentation.start()
while not presentation.isRunning():
pass
presentation_controller = presentation.getController()
presentation_controller.gotoNextSlide()
print("isRunning() == %s" % presentation_controller.isRunning())
I adapted this code from http://openoffice.2283327.n4.nabble.com/XPresentation2-returns-a-null-XSlideShowController-td2771599.html.
Responding to your comment: You need to add the following towards the bottom of the code,
similar to what is in highlight.py.
Did you try running the impress-code-highlighter example?
def do_runSlideShow(*args):
ctx = XSCRIPTCONTEXT
doc = ctx.getDocument()
runSlideShow(doc)
g_exportedScripts = (do_runSlideShow,)
if __name__ == "__main__":
doc = remote_get_doc()
runSlideShow(doc)
Finally, I found a way to solve this using Python, in an elegant and easy way. Instead of libraries or APIs, Im using a socket to connect to Impress and control it.
At the end of the post you can read the full-text that indicates how to control Impress this way. It is easy, and amazing.
You send a message using Python to Impress ( that is listening in some port ), it receives the message and does things based on your request.
You must enable this "remote control" feeature in the app. I solved my problem using this.
Thanks for your replies!.
LibreOffice Impress Remote Protocol Specification
Communication is over a UTF-8 encoded character stream.
(Using RTL_TEXTENCODING_UTF8 in the LibreOffice portion.)
TCP
More TCP-specific details on setup and initial handshake to be
written, but the actual message protocol is the same as for Bluetooth.
Message Format
A message consists of one or more lines. The first line is the message description,
further lines can add any necessary data. An empty line concludes the message.
I.e. "MESSAGE\n\n" or "MESSAGE\nDATA\nDATA2...\n\n"
You must keep reading a message until an empty line (i.e. double
new-line) is reached to allow for future protocol extension.
Intialisation
Once connected the server sends "LO_SERVER_SERVER_PAIRED".
(I.e. "LO_SERVER_SERVER_PAIRED\n\n" is sent over the stream.)
Subsequently the server will send either slideshow_started if a slideshow is running,
or slideshow_finished if no slideshow is running. (See below for details of.)
The current server implementation then proceeds to send all slide notes and previews
to the client. (This should be changed to prevent memory issues, and a preview
request mechanism implemented.)
Commands (Client to Server)
The client should not assume that the state of the server has changed when a
command has been sent. All changes will be signalled back to the client.
(This is to allow for cases such as multiple clients requesting different changes, etc.)
Any lines in [square brackets] are optional, and should be omitted if not needed.
transition_next
transition_previous
goto_slide
slide_number
presentation_start
presentation_stop
presentation_resume // Resumes after a presentation_blank_screen.
presentation_blank_screen
[Colour String] // Colour the screen will show (default: black). Not
// implemented, and format hasn't yet been defined.
As of gsoc2013, these commands are extended to the existing protocol, since server-end are tolerant with unknown commands, these extensions doesn't break backward compatibility
pointer_started // create a red dot on screen at initial position (x,y)
initial_x // This should be called when user first touch the screen
initial_y // note that x, y are in percentage (from 0.0 to 1.0) with respect to the slideshow size
pointer_dismissed // This dismiss the pointer red dot on screen, should be called when user stop touching screen
pointer_coordination // This update pointer's position to current (x,y)
current_x // note that x, y are in percentage (from 0.0 to 1.0) with respect to the slideshow size
current_y // unless screenupdater's performance is significantly improved, we should consider limit the update frequency on the
// remote-end
Status/Data (Server to Client)
slideshow_finished // (Also transmitted if no slideshow running when started.)
slideshow_started // (Also transmitted if a slideshow is running on startup.)
numberOfSlides
currentSlideNumber
slide_notes
slideNumber
[Notes] // The notes are an html document, and may also include \n newlines,
// i.e. the client should keep reading until a blank line is reached.
slide_updated // Slide on server has changed
currentSlideNumber
slide_preview // Supplies a preview image for a slide.
slideNumber
image // A Base 64 Encoded png image.
As of gsoc2013, these commands are extended to the existing protocol, since remote-end also ignore all unknown commands (which is the case of gsoc2012 android implementation), backward compatibility is kept.
slideshow_info // once paired, the server-end will send back the title of the current presentation
Title
Related
Problem
I want to secure my Raspberry pi in a special way.
I would like to start up raspberry pi without entering a password as pi user.
However, I want pi user to have zero privilege. Cant read a file, cant copy a file, simply nothing. And without access to root->'sudo su'. On the other hand when raspberry pi starts itself with pi user, I want backend process to be running as root. So to put it simply, I want it like in a zoo - two worlds but neither of them can enter the other. Clients can be present, see what process are running, see files in directories, but cant read it, copy, remove and etc. In the same time I want the backend to be untouched and running and writing files.
Reason:
I have raspberri pi product - customer get it home, when plug in power supply,RPi starts up and runs backend programs with root privilege and communicates with my desktop software.
But I dont want curious customer that plugs in HDMI and see my code. I also dont want him to take the SD card and extract the code.
I heard its possible to reverse engineer the code even if compiled. So I simply want the programs(python script) to be there but cannot be accessed in any way.
Is it possible to make such protection?
Thanks in advance
You may consider to use the following approach
Use at least two levels of hashing with MAC address and ARM chip serial number (via cat /proc/cpuinfo) with additional secret keys. Run your program only if the stored license key is the same as the result of doubly-hashed functions.
Optionally, you could rewrite critical part of your code in C, compile it statically, and remove all debug symbols. Call it using Python.
Quick optimization of your code using cython. Call its generated shared objects with a python caller script. Distribute only the shared objects and the python caller script.
This will prevent most people from reverse engineering your codes.
Just to be clear, "cant read a file" means "can't run a program", which means "can't see what process are running, see files in directories".
From your question, I don't understand why you'd even leave the pi user in place...
... runs backend programs with root privilege
Never a good idea - use service accounts instead.
But I dont want curious customer that plugs in HDMI and see my code.
Then don't enable the HDMI output, don't have a graphical desktop installed and disable the login prompt. You might want to look at a "minimal" / "lite" image.
Remember that the UART can present a login prompt, so make sure that's disabled too.
And as the config.txt and kernel need to be in cleartext in the boot partition they can be easily swapped... thus these steps are not going to be terribly effective.
I also dont want him to take the SD card and extract the code.
You could look at encrypting the filesystems (e.g: LUKS), but the Raspberry Pi has no native ability to store data and identify itself... so your encryption key can only be something like the MAC address, or stored in cleartext on the SD card...
Fundamentally this is just going to be a deterrent from casual "oh what's this" investigations.
"Physical access is total access"... once you put it in the customer's hands, you're looking at deterrents more than absolutes.
I heard its possible to reverse engineer the code even if compiled. So I simply want the programs (python script) to be there but cannot be accessed in any way.
Python doesn't get compiled until runtime, so you'll need to ship the device with your source code on it...
If you really want to secure your Intellectual Property, then perhaps the Raspberry Pi isn't the best option? It's up to you to balance cost vs security.
Hope you're well and thanks for reading.
Been revisiting an old project, leveraging plotly to stream data out of mysql with python in-between the two. I've never had great luck w/ plot.ly (which I'm sure relates more to my understanding than their platform), streams/iframes seem to stall over time and I am not apt enough to troubleshoot completely.
My current symptom is this: Plots arbitrarily stall - I'm pushing data, but the iframe isn't updating.
The current solution is: Refresh the browser every X minutes.
The solution works, but it's aggrevating, because I dont understand why the visual is stalling in the first place (is it me, is it them, etc).
As I was reviewing some of the documentation, specifically this link:
https://plot.ly/streaming/
I noticed they call out NOT continually opening and closing streams, and that heartbeats should be placed every so often to keep things alive/fresh.
Here's what I'm currently calling every 10 minutes:
pullData(mysql)
format data
open(plotly.stream1)
write data to plotly.stream1
close(plotly.stream1)
open(plotly.stream2)
write data to plotly.stream2
close(plotly.stream2)
Based on what I am reading, it sounds like I should actually execute the script once on startup, and keep the streams open, but heartbeat() them every 15 or-so seconds between actual write() calls like this:
open(plotly.stream1)
open(plotly.stream2)
every 10 minutes:
pullData(mysql)
format data
write data to plotly.stream1
write data to plotly.stream2
while not pulling and writing:
every 15 seconds:
heartbeat(plotly.stream1)
heartbeat(plotly.stream2)
if error:
close(plotly.stream1)
close(plotly.stream2)
Please excuse the sudo-mess, I'm just trying to convey an idea. Anyone have any advice? I started on my original path of opening, writing, closing based on the streaming example, but that's a one time write. The other example is a constant stream of data. I'm somewhere in between those two.
Furthermore - is this train of thought even related to the iframe not refreshing? Part of me believes the symptom is unrelated to my idea - the data is getting to plot.ly fine - it's my session that's expiring, or the iframe "connection" that's going stale. If the symptom is unrelated, at least I'll have made my source code a bit cleaner and more appropriate.
Any advice is greatly appreciated!
Thanks
-justin
Plotly will close a stream that is inactive for more than 60 seconds. You must send a newline down the streaming channel (a heartbeat) to keep it open. I recommend every 30 seconds.
Your first code example may not work as expected because the client side websocket (that connects the Plot to our system) may close when your first source stream (the stream that connects your script to our system) exits. When you disconnect a source stream a signal is sent to our system that lets it know your stream is now inactive. If a new source stream does not reconnect quickly we close the client connecting websockets.
Now, when your script gets more data and opens a new stream it will successfully stream data to our system but the client-side websocket, now closed, will not pass the data to the Plot. We will cache a certain amount of points for you behind the scenes so that when you refresh the page the websocket reconnects and you get the last n points (where n is set by max-points in the API call).
This is why sending the heartbeat is important. We keep the source stream open and that in turn ensures that all the connected Clients keep their websockets open.
This isn't necessarily the most robust behaviour for a streaming platform to have and we will likely make it better in the future. For now though you will likely see better results by attempting to implement the code in your second example.
Hope that helped!
I'm trying to write an Xvfb-to-HTML5-canvas tool that will need to know when an X11 window changes so it can send a screen update to the client. Think of it like a web-based VNC or RDP but just for X11 windows (why send the whole desktop? =).
I thought there would be a straightforward way to do this via Xlib or xcb (xpyb) but in my experiments the best I've been able to do is detect when a window is created, destroyed, or moved. That's great and all but I need to know when the contents of windows change as well (imagine sending a keystroke to an xterm and having it appear frozen until you move the window).
If someone knows of a way to tell when the contents of an X11 window have changed I'd love to hear it! I'm open to creative solutions. For example, I tried using ffmpeg to stream x11grab through a fifo with regular checks to see if anything changed but it turned out to be extremely inefficient in terms of CPU utilization (it also seems to slow the whole system down even if nothing is going on).
I also tried just grabbing 15fps worth of screenshots in a loop while checking for changes in the most efficient way I could (e.g. does this cStringIO buffer match the last one?). That also was very CPU intensive.
The ideal solution would be for me to be able to watch the file descriptor of a socket and call a handler when there's a change in the X11 window. I'm willing to settle for detecting when the whole X11 screen has a change... That'd still be better than what I've got.
Any and all help with this is appreciated!
First of all, you can actually use vnc to track changes in just one window, not whole desktop. From x11vnc documentation:
-id windowid Show the X window corresponding to "windowid" not
the entire display. New windows like popup menus,
transient toplevels, etc, may not be seen or may be
clipped. Disabling SaveUnders or BackingStore in the
X server may help show them. x11vnc may crash if the
window is initially partially obscured, changes size,
is iconified, etc. Some steps are taken to avoid this
and the -xrandr mechanism is used to track resizes. Use
xwininfo(1) to get the window id, or use "-id pick"
to have x11vnc run xwininfo(1) for you and extract
the id. The -id option is useful for exporting very
simple applications (e.g. the current view on a webcam).
-sid windowid As -id, but instead of using the window directly it
shifts a root view to it: this shows SaveUnders menus,
etc, although they will be clipped if they extend beyond
the window.
-appshare Simple application sharing based on the -id/-sid
mechanism. Every new toplevel window that the
application creates induces a new viewer window via
a reverse connection. The -id/-sid and -connect
options are required. Run 'x11vnc -appshare -help'
for more info.
If you want to code similar functionality manually you need to use damage extension.
Here is simple example in javascript using node-x11 (sorry, I'm not sure about damage extension support in python)
var x11 = require('x11');
var X = x11.createClient(function(err, display) {
X.require('damage', function(Damage) {
var damage = X.AllocID();
Damage.Create(damage, parseInt(process.argv[2]), Damage.ReportLevel.NonEmpty);
X.on('event', function(ev) {
Damage.Subtract(damage, 0, 0);
console.log("window content changed!");
});
});
});
start it with window id as command line argument and you'll be notified whenever window content is changed.
I have a simple problem which I'm sure someone here has done before...
I want to rewrite Layer 4 TCP/IP streams (Not lower layer individual packets or frames.) Ettercap's etterfilter command lets you perform simple live replacements of Layer 4 TCP/IP streams based on fixed strings or regexes. Example ettercap scripting code:
if (ip.proto == TCP && tcp.dst == 80) {
if (search(DATA.data, "gzip")) {
replace("gzip", " ");
msg("whited out gzip\n");
}
}
if (ip.proto == TCP && tcp.dst == 80) {
if (search(DATA.data, "deflate")) {
replace("deflate", " ");
msg("whited out deflate\n");
}
}
http://ettercap.sourceforge.net/forum/viewtopic.php?t=2833
I would like to rewrite streams based on my own filter program instead of just simple string replacements. Anyone have an idea of how to do this? Is there anything other than Ettercap that can do live replacement like this, maybe as a plugin to a VPN software or something?
I would like to have a configuration similar to ettercap's silent bridged sniffing configuration between two Ethernet interfaces. This way I can silently filter traffic coming from either direction with no NATing problems. Note that my filter is an application that acts as a pipe filter, similar to the design of unix command-line filters:
>[eth0] <----------> [my filter] <----------> [eth1]<
My filter will be a userspace Python function.
What I am already aware of, but are not suitable:
Tun/Tap - Works at the lower packet layer, I need to work with the higher layer streams.
Ettercap - I can't find any way to do replacements other than the restricted capabilities in the example above.
Hooking into some VPN software? - I just can't figure out which or exactly how.
libnetfilter_queue - Works with lower layer packets, not TCP/IP streams.
Again, the rewriting should occur at the transport layer (Layer 4) as it does in this example, instead of a lower layer packet-based approach. Exact code will help immensely!
Thanks!
Take a look on Scapy, or another packet crafting tool. There are not much of this type out there.
Ettercap is seemingly an open source project, since it is hosted on SourceForge. Perhaps you should look at how it does it.
At the time I was writing a network traffic analysis tool using libpcap for the capture and libnids for the stream assembly.
I haven't tried reinjecting traffic, but you can use TAP to forward traffic to a user program that will use libnids to assemble the packets, put out streams to a filter code, then take the stream and disassemble them (I'm pretty sure libnids has this capability as well) and reinject them into where you need it to go.
If you want python, pynids seems to do what you need, but I have no experience with it.
It looks like you would be able to write an ettercap plugin that loads filters written in python. Or write your custom filter in C instead.
Why not just access DATA.data directly with whatever filters you want?
I don't think you have to use search() you'll just have to build your own analyzer / state machine.
e.g.
for (int i = 0; i < DATA.len; i++) {
if ( DATA.data[i] == 'c' ) {
DATA.data[i] = q
}
}
Final Thoughts;
(1) I don't know that DATA.len exists but seems likely there's something.
(2) I know I replicated your search / replace but wanted to show how you may be able to do the equiv. 'manually'. You can get fancy w/ stuff later.
(3) If you were to adjust the length of the packet (or even the contents for that matter) you probably need to consider shifting window sizes / CRC checks, etc.
e.g. DATA.data[i] = "cc" would overwrite two characters (possibly not what you want) or would change the side of the packet.
I'd assume there are some library calls to set things right again.
PyPCAP is worth checking out since this all hinges around libpcap underneath to begin with. Cut out the middle man!
Since Ettercap is opensource you can change its source code to do what you want. Running your own C code to rewrite a TCP stream should be relatively easy. The hard work has already been done.
Take a look at the etterfilter man page to get started. Search in the source code for the filter engine (apparently it's a JIT interpreter).
I would also try to mail this question to the etterfilter authors, maybe they like stackoverflow :-)
Note: to use Python instead of C, see http://docs.python.org/release/2.5.2/ext/embedding.html
I'd like to write a simple command line proxy in Python to sit between a Telnet/SSH connection and a local serial interface. The application should simply bridge I/O between the two, but filter out certain unallowed strings (matched by regular expressions). (This for a router/switch lab in which the user is given remote serial access to the boxes.)
Basically, a client established a Telnet or SSH connection to the daemon. The daemon passes the client's input out (for example) /dev/ttyS0, and passes input from ttyS0 back out to the client. However, I want to be able to blacklist certain strings coming from the client. For instance, the command 'delete foo' should not be allowed.
I'm not sure how best to approach this. Communication must be asynchronous; I can't simply wait for a carriage return to allow the buffer to be fed out the serial interface. Matching regular expressions against the stream seems tricky too, as all of the following must be intercepted:
delete foo(enter)
del foo(enter)
el foo(ctrl+a)d(enter)
dl(left)e(right) foo(enter)
...and so forth. The only solid delimiter is the CR/LF.
I'm hoping someone can point me in the right direction. I've been looking through Python modules but so far haven't come up with anything.
Python is not my primary language, so I'll leave that part of the answer for others. I do alot of security work, though, and I would urge a "white list" approach, not a "black list" approach. In other words, pick a set of safe commands and forbid all others. This is much much easier than trying to think of all the malicious possibilities and guarding against all of them.
As all the examples you show finish with (enter), why is it that...:
Communication must be asynchronous; I
can't simply wait for a carriage
return to allow the buffer to be fed
out the serial interface
if you can collect incoming data until the "enter", and apply the "edit" requests (such as the ctrl-a, left, right in your examples) to the data you're collecting, then you're left with the "completed command about to be sent" in memory where it can be matched and rejected or sent on.
If you must do it character by character, .read(1) on the (unbuffered) input will allow you to, but the vetting becomes potentially more problematic; again you can keep an in-memory image of the edited command that you've sent so far (as you apply the edit requests even while sending them), but what happens when the "enter" arrives and your vetting shows you that the command thus composed must NOT be allowed -- can you e.g. send a number of "delete"s to the device to wipe away said command? Or is there a single "toss the complete line" edit request that would serve?
If you must send every character as you receive it (not allowed to accumulate them until decision point) AND there is no way to delete/erase characters already sent, then the task appears to be impossible (though I don't understand the "can't wait for the enter" condition AT ALL, so maybe there's hope).
After thinking about this for a while, it doesn't seem like there's any practical, reliable method to filter on client input. I'm going to attempt this from another angle: if I can identify persistent patterns in warning messages coming from the serial devices (e.g. confirmation prompts) I may be able to abort reliably. Thanks anyway for the input!
Fabric is doing a similar thing.
For SSH api you should check paramiko.