def run(self):
'''
Runs the rpyc ThreadedServer with the service implementation.
NOTE: it expects a rpyc service registry running
'''
global theController
host = theController.hostAddress
self.auth = SSLAuthenticator(
theController.keyFile,
theController.certFile,
cert_reqs=ssl.CERT_REQUIRED,
ca_certs=theController.certFile,
) if Config.SECURITY else None
try:
self.server = ThreadedServer(
ControllerService,
hostname=host,
port=self.port,
authenticator=self.auth,
auto_register=True,
protocol_config={"allow_public_attrs": True})
except:
print("Failed to create server")
traceback.print_exc()
os._exit(0)
self.server.start()
time.sleep(0.010)
def main(self):
if self.registry_type == "UDP":
if self.registry_host is None:
self.registry_host = "255.255.255.255"
self.registrar = UDPRegistryClient(ip = self.registry_host, port = self.registry_port)
else:
if self.registry_host is None:
raise ValueError("With TCP registry, you must specify --registry-host")
self.registrar = TCPRegistryClient(ip = self.registry_host, port = self.registry_port)
if self.ssl_keyfile:
self.authenticator = SSLAuthenticator(self.ssl_keyfile, self.ssl_certfile,
self.ssl_cafile)
default_port = DEFAULT_SERVER_SSL_PORT
else:
self.authenticator = None
default_port = DEFAULT_SERVER_PORT
if self.port is None:
self.port = default_port
setup_logger(self.quiet, self.logfile)
if self.mode == "threaded":
factory = ThreadedServer
elif self.mode == "forking":
factory = ForkingServer
elif self.mode == "stdio":
self._serve_stdio()
return
t = factory(SlaveService, hostname = self.host, port = self.port,
reuse_addr = True, ipv6 = self.ipv6, authenticator = self.authenticator,
registrar = self.registrar, auto_register = self.auto_register)
t.start()
def start(args):
# import needed variables from CarmeConfig
from importlib.machinery import SourceFileLoader
SourceFileLoader('CarmeConfig', args.config).load_module()
from CarmeConfig import CARME_DB_NODE, CARME_DB_USER, CARME_DB_PW, CARME_DB_DB
from CarmeConfig import CARME_BACKEND_PATH, CARME_BACKEND_PORT
from CarmeConfig import CARME_SCRIPTS_PATH, CARME_PROXY_PATH_BACKEND
from CarmeConfig import CARME_LDAP_SERVER_IP, CARME_LDAP_SERVER_PW, CARME_LDAP_ADMIN, CARME_LDAP_DC1, CARME_LDAP_DC2, CARME_LDAP_BIND_DN
from CarmeConfig import CARME_FRONTEND_ID, CARME_URL, CARME_LOGINNODE_NAME, CARME_GPU_DEFAULTS
global CARME_DB_NODE, CARME_DB_USER, CARME_DB_PW, CARME_DB_DB
global CARME_BACKEND_PATH, CARME_BACKEND_PORT
global CARME_SCRIPTS_PATH, CARME_PROXY_PATH_BACKEND
global CARME_LDAP_SERVER_IP, CARME_LDAP_SERVER_PW, CARME_LDAP_ADMIN, CARME_LDAP_DC1, CARME_LDAP_DC2, CARME_LDAP_BIND_DN
global CARME_FRONTEND_ID, CARME_URL, CARME_LOGINNODE_NAME, CARME_GPU_DEFAULTS
auth = SSLAuthenticator(os.path.join(CARME_BACKEND_PATH,
"SSL/backend.key"),
os.path.join(CARME_BACKEND_PATH,
"SSL/backend.crt"),
cert_reqs=ssl.CERT_REQUIRED,
ca_certs=os.path.join(CARME_BACKEND_PATH,
"SSL/backend.crt"))
server = ThreadedServer(Backend,
port=CARME_BACKEND_PORT,
authenticator=auth,
protocol_config={'allow_all_attrs': True})
print("starting backend on port {}".format(CARME_BACKEND_PORT))
server.start()
def main(self):
if not self.host:
self.host = "::1" if self.ipv6 else "127.0.0.1"
if self.registry_type == "UDP":
if self.registry_host is None:
self.registry_host = "255.255.255.255"
self.registrar = UDPRegistryClient(ip=self.registry_host, port=self.registry_port)
else:
if self.registry_host is None:
raise ValueError("With TCP registry, you must specify --registry-host")
self.registrar = TCPRegistryClient(ip=self.registry_host, port=self.registry_port)
if self.ssl_keyfile:
self.authenticator = SSLAuthenticator(self.ssl_keyfile, self.ssl_certfile,
self.ssl_cafile)
default_port = DEFAULT_SERVER_SSL_PORT
else:
self.authenticator = None
default_port = DEFAULT_SERVER_PORT
if self.port is None:
self.port = default_port
setup_logger(self.quiet, self.logfile)
if self.mode == "threaded":
self._serve_mode(ThreadedServer)
elif self.mode == "forking":
self._serve_mode(ForkingServer)
elif self.mode == "oneshot":
self._serve_oneshot()
elif self.mode == "stdio":
self._serve_stdio()
def start_server(self):
authenticator = SSLAuthenticator("cert/consultant/key.pem",
"cert/consultant/certificate.pem")
server = ThreadedServer(self,
port=8001,
protocol_config=config.config,
authenticator=authenticator)
thread = threading.Thread(target=server.start)
thread.start()
def ssl_authenticator():
config = configparser.ConfigParser()
config.read("pupy.conf")
return SSLAuthenticator(
config.get("pupyd", "keyfile").replace("\\",
os.sep).replace("/", os.sep),
config.get("pupyd", "certfile").replace("\\",
os.sep).replace("/", os.sep),
ciphers="SHA256+AES256:SHA1+AES256:@STRENGTH")
def start_server(self):
authenticator = SSLAuthenticator("cert/client/key.pem",
"cert/client/certificate.pem")
t = ThreadedServer(self,
port=self.port,
protocol_config=config.config,
authenticator=authenticator)
thread = threading.Thread(target=t.start)
thread.start()
def main(self):
if self.registry_type == "UDP":
if self.registry_host is None:
self.registry_host = "255.255.255.255"
self.registrar = UDPRegistryClient(
ip=self.registry_host, port=self.registry_port)
else:
if self.registry_host is None:
raise ValueError(
"With TCP registry, you must specify --registry-host")
self.registrar = TCPRegistryClient(
ip=self.registry_host, port=self.registry_port)
if self.ssl_keyfile:
self.authenticator = SSLAuthenticator(
self.ssl_keyfile, self.ssl_certfile, self.ssl_cafile)
default_port = DEFAULT_SERVER_SSL_PORT
else:
self.authenticator = None
default_port = DEFAULT_SERVER_PORT
if self.port is None:
self.port = default_port
setup_logger(self.quiet, self.logfile)
sys.stdout.write(
BANNER + " starting at %s %s\n" %
(self.host, self.port))
sys.stdout.flush()
done_event = threading.Event()
srv = WeirdServer(
SlaveService,
done_event,
hostname=self.host,
port=self.port,
reuse_addr=True,
ipv6=self.ipv6,
authenticator=self.authenticator,
registrar=self.registrar,
auto_register=self.auto_register)
t = threading.Thread(target=self._serve, args=[srv])
t.start()
# wait for 2 connections
done_event.wait()
IPython.embed(
banner1=BANNER + " client connected\n",
banner2="", # "tip: call serve_all() on the client to have a full working shell here.",
exit_msg=BANNER + " shell closed.\nexiting...\n"
)
os.kill(srv.proc, signal.SIGKILL)
os._exit(0)
def setUp(self):
self.key = os.path.join( os.path.dirname(__file__) , "server.key")
self.cert = os.path.join( os.path.dirname(__file__) , "server.crt")
print( self.cert, self.key )
authenticator = SSLAuthenticator(self.key, self.cert)
self.server = ThreadedServer(SlaveService, port = 18812,
auto_register=False, authenticator = authenticator)
self.server.logger.quiet = False
self.server._start_in_thread()
def main():
argp = argparse.ArgumentParser(
description="crispy-fortnight (Python RAT) daemon console.",
epilog="***Do NOT use this for nefarious purposes!***",
prog="crispyd")
argp.add_argument("--config",
dest="config_file",
help="path to crispy.conf file",
metavar="<config_file>",
required=True,
type=str)
argp.add_argument("--loglvl",
choices=["DEBUG", "INFO", "WARNING", "ERROR"],
default="INFO",
dest="loglevel",
help="change log verbosity (default: %(default)s)",
type=str)
argp.add_argument("--version",
action="version",
version="%(prog)s {}".format(__version__))
args = argp.parse_args()
if args.loglevel == "DEBUG":
loglevel = logging.DEBUG
elif args.loglevel == "ERROR":
loglevel = logging.ERROR
elif args.loglevel == "INFO":
loglevel = logging.INFO
else:
loglevel = logging.WARNING
logging.basicConfig(
datefmt="%m/%d/%Y %I:%M:%S %p",
filename="crispy.log",
format="%(asctime)-15s - %(levelname)-7s - %(module)-8s - %(message)s",
level=loglevel)
config = ConfigParser.ConfigParser()
config.read(args.config_file)
addr = config.get("DAEMON", "host"), config.getint("DAEMON", "port")
auth = SSLAuthenticator(config.get("CRYPTO", "keyfile"),
config.get("CRYPTO", "certfile"),
ciphers="AES256-SHA")
try:
srv = CrispyServer(addr, auth)
logging.info("Listening for connections, press <Ctrl-C> to quit")
builtin.global_srv = srv
srv.start()
CrispyCLI(srv).cmdloop()
except KeyboardInterrupt:
logging.warning("Ctrl-C received... shutting down crispyd")
except Exception as e:
logging.warning(e)
def setup(self):
self.key = os.path.join(os.path.dirname(__file__), "server.key")
self.cert = os.path.join(os.path.dirname(__file__), "server.crt")
print(self.cert, self.key)
authenticator = SSLAuthenticator(self.key, self.cert)
self.server = ThreadedServer(SlaveService,
hostname="localhost",
port=18812,
auto_register=False,
authenticator=authenticator)
self.server.logger.quiet = False
t = threading.Thread(target=self.server.start)
t.start()
def run(self):
self.authenticator = SSLAuthenticator(
self.config.get("pupyd",
"keyfile").replace("\\",
os.sep).replace("/", os.sep),
self.config.get("pupyd",
"certfile").replace("\\",
os.sep).replace("/", os.sep),
ciphers="SHA256+AES256:SHA1+AES256:@STRENGTH")
self.server = ThreadPoolServer(PupyService.PupyService,
port=self.port,
hostname=self.address,
authenticator=self.authenticator)
self.server.start()
def get_options():
options, args = parser.parse_args()
if args:
parser.error("does not take positional arguments: %r" % (args, ))
options.mode = options.mode.lower()
if options.regtype.lower() == "udp":
if options.reghost is None:
options.reghost = "255.255.255.255"
options.registrar = UDPRegistryClient(ip=options.reghost,
port=options.regport)
elif options.regtype.lower() == "tcp":
if options.reghost is None:
parser.error("must specific --registry-host")
options.registrar = TCPRegistryClient(ip=options.reghost,
port=options.regport)
else:
parser.error("invalid registry type %r" % (options.regtype, ))
if options.vdbfile:
if not os.path.exists(options.vdbfile):
parser.error("vdb file does not exist")
options.authenticator = TlsliteVdbAuthenticator.from_file(
options.vdbfile, mode="r")
if options.ssl_keyfile or options.ssl_certfile or options.ssl_cafile:
if not options.ssl_keyfile:
parser.error("SSL: keyfile required")
if not options.ssl_certfile:
parser.error("SSL: certfile required")
options.authenticator = SSLAuthenticator(options.ssl_keyfile,
options.ssl_certfile,
options.ssl_cafile)
if not options.port:
options.port = DEFAULT_SERVER_SSL_PORT
else:
options.authenticator = None
if not options.port:
options.port = DEFAULT_SERVER_PORT
options.handler = "serve_%s" % (options.mode, )
if options.handler not in globals():
parser.error("invalid mode %r" % (options.mode, ))
return options
def main(self):
if self.registry_type == "UDP":
if self.registry_host is None:
self.registry_host = "255.255.255.255"
self.registrar = UDPRegistryClient(ip=self.registry_host,
port=self.registry_port)
else:
if self.registry_host is None:
raise ValueError(
"With TCP registry, you must specify --registry-host")
self.registrar = TCPRegistryClient(ip=self.registry_host,
port=self.registry_port)
if self.ssl_keyfile:
self.authenticator = SSLAuthenticator(self.ssl_keyfile,
self.ssl_certfile,
self.ssl_cafile)
default_port = DEFAULT_SERVER_SSL_PORT
else:
self.authenticator = None
default_port = DEFAULT_SERVER_PORT
if self.port is None:
self.port = default_port
self.logger = logging.getLogger(__name__)
self.logger.setLevel(logging.DEBUG)
formatter = logging.Formatter(
"[%(asctime)s]-[%(levelname)s]-[%(filename)s:%(funcName)s:%(lineno)s]- %(message)s"
)
stream = logging.FileHandler(self.logfile, mode="w")
stream.setFormatter(formatter)
stream.setLevel(logging.DEBUG)
self.logger.addHandler(stream)
# print("**************" + self.logfile)
# setup_logger(self.quiet, self.logfile)
if self.mode == "threaded":
self._serve_mode(ThreadedServer)
elif self.mode == "forking":
self._serve_mode(ForkingServer)
elif self.mode == "oneshot":
self._serve_oneshot()
elif self.mode == "stdio":
self._serve_stdio()
def run(self):
""" Start the RPyC server
"""
if self.certfile is not None and self.keyfile is not None:
authenticator = SSLAuthenticator(self.certfile, self.keyfile)
self.server = ThreadedServer(
self.serviceClass,
hostname=self.host,
port=self.port,
protocol_config={'allow_all_attrs': True},
authenticator=authenticator)
else:
self.server = ThreadedServer(
self.serviceClass,
hostname=self.host,
port=self.port,
protocol_config={'allow_all_attrs': True})
self.server.start()
def main(self):
if self.ssl_keyfile:
self.authenticator = SSLAuthenticator(self.ssl_keyfile,
self.ssl_certfile,
self.ssl_cafile)
default_port = DEFAULT_SERVER_SSL_PORT
else:
self.authenticator = None
default_port = DEFAULT_SERVER_PORT
if self.port is None:
self.port = default_port
setup_logger(self.quiet, self.logfile)
server = ThreadedServer(BBTestService,
hostname=self.host,
port=self.port,
authenticator=self.authenticator)
server.start()
def main(args):
logging.basicConfig(level=logging.DEBUG)
try:
nsConn = rpyc.ssl_connect(args.ns_hostname,
port=args.ns_port,
keyfile=args.keyfile,
certfile=args.certfile,
ca_certs=args.ca_cert,
config={
'sync_request_timeout': -1,
})
except Exception:
logging.fatal("Could not connect too the nameserver")
exit(-1)
# we start recovering in separate thread to force starting of ThreadServer
# Because if it is server with actual files it should expect
# that over storages can request some files for replication
t = Thread(target=lambda: becomeStorage(args, nsConn.root))
t.daemon = True
t.start()
sslAuth = SSLAuthenticator(
keyfile=args.keyfile,
certfile=args.certfile,
ca_certs=args.ca_cert,
)
service = StorageService(args, nsConn.root)
server = ThreadedServer(service=service,
hostname=args.hostname,
port=args.port,
authenticator=sslAuth,
protocol_config={
'allow_public_attrs': True,
})
setWatchDog(nsConn, server)
server.start()
def run(self):
""" Start the RPyC server
"""
if self.certfile is not None and self.keyfile is not None:
authenticator = SSLAuthenticator(self.certfile, self.keyfile)
self.server = ThreadedServer(
self.serviceClass,
hostname=self.host,
port=self.port,
protocol_config={'allow_all_attrs': True},
authenticator=authenticator,
cert_reqs=ssl.CERT_REQUIRED,
ciphers='EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH',
ssl_version=ssl.PROTOCOL_TLSv1_2)
else:
self.server = ThreadedServer(
self.serviceClass,
hostname=self.host,
port=self.port,
protocol_config={'allow_all_attrs': True})
self.server.start()
def ssl_authenticator():
try:
import pupy_credentials
keystr = pupy_credentials.SSL_BIND_KEY
certstr = pupy_credentials.SSL_BIND_CERT
except:
keystr = DEFAULT_SSL_BIND_KEY
certstr = DEFAULT_SSL_BIND_CERT
key_path = None
cert_path = None
if os.path.isfile("pupy.conf"):
config = configparser.ConfigParser()
config.read("pupy.conf")
key_path = config.get("pupyd",
"keyfile").replace("\\",
os.sep).replace("/", os.sep)
cert_path = config.get("pupyd", "certfile").replace("\\",
os.sep).replace(
"/", os.sep)
else:
tmpdir = tempfile.gettempdir()
cert_path = os.path.join(
tmpdir, ''.join(
random.choice(string.lowercase + string.digits)
for _ in range(random.randint(5, 8))))
key_path = os.path.join(
tmpdir, ''.join(
random.choice(string.lowercase + string.digits)
for _ in range(random.randint(5, 8))))
with open(cert_path, 'wb') as f:
f.write(certstr.strip())
with open(key_path, 'wb') as f:
f.write(keystr.strip())
return SSLAuthenticator(key_path,
cert_path,
ciphers="SHA256+AES256:SHA1+AES256:@STRENGTH")
import logging.config
from rpyc.utils.server import ThreadedServer
from rpyc.utils.authenticators import SSLAuthenticator
from server import SchedulerService
from config_server import (
SERVER_PORT,
PROTOCOL_CONFIG,
SERVER_SSL_KEYFILE,
SERVER_SSL_CERTFILE,
SCHEDULER_CONFIG,
LOGGING_CONFIG
)
logging.config.dictConfig(LOGGING_CONFIG)
if __name__ == "__main__":
if SERVER_SSL_KEYFILE and SERVER_SSL_CERTFILE:
key_path = os.path.join(os.path.dirname(__file__), "instance", SERVER_SSL_KEYFILE)
cert_path = os.path.join(os.path.dirname(__file__), "instance", SERVER_SSL_CERTFILE)
if os.path.exists(key_path) and os.path.exists(cert_path):
authenticator = SSLAuthenticator(key_path, cert_path)
logging.info("SSL Activated")
else:
authenticator = None
server = ThreadedServer(
SchedulerService(**SCHEDULER_CONFIG),
port=SERVER_PORT,
protocol_config=PROTOCOL_CONFIG,
authenticator=authenticator
)
server.start()
:return: List of all the files as tuples (IR, file)
"""
result = []
files = next(os.walk(self.file_directory))[2]
for file_name in files:
data = json.load(open(os.path.join(self.file_directory, file_name)))
client_id = data['client_id']
IR = [base64.b64decode(x.encode('ascii')) for x in data['IR']]
U = base64.b64decode(data['U'].encode('ascii'))
V = base64.b64decode(data['V'].encode('ascii'))
Er = base64.b64decode(data['Er'].encode('ascii'))
file = (U, V, Er)
result.append((IR, file, client_id))
return result
if __name__ == '__main__':
try:
consultant = rpyc.ssl_connect(config.CONSULTANT_IP, config.CONSULTANT_PORT, keyfile="cert/server/key.pem", certfile="cert/server/certificate.pem", config=config.config)
PKs = consultant.root.get_public_parameters()
consultant_public_key = deserialize_public_key(consultant.root.get_public_key())
PKs = deserialize_PKs(PKs)
authenticator = SSLAuthenticator("cert/server/key.pem", "cert/server/certificate.pem")
server = ThreadedServer(Server(PKs, consultant_public_key), port=config.SERVER_PORT, protocol_config=config.config, authenticator=authenticator)
server.start()
finally:
shutil.rmtree(FILE_DIRECTORY)
def exposed_get_battery_voltage(self):
return self.zumi.get_battery_voltage()
#this is undocumented in the Zumi API
def exposed_get_battery_percent(self):
return self.zumi.get_battery_percent()
def exposed_get_IR_data(self,ir_sensor_index):
return self.zumi.get_IR_data(ir_sensor_index)
# CAM - here we use picamera directly, avoiding the poor zumi interface
def exposed_get_picture(self, resolution=(1024,768)):
with picamera.PiCamera() as camera:
camera.resolution = resolution
camera.rotation = 180
output = np.empty((resolution[1],resolution[0],3),dtype=np.uint8)
camera.capture(output , 'rgb')
return output
if __name__ == "__main__":
print("Zumi RPC Server up ")
auth = SSLAuthenticator("zumi_rpc.key",
"zumi_rpc.crt", cert_reqs=ssl.CERT_REQUIRED, ca_certs="zumi_rpc.crt")
server = ThreadedServer(ZumiService, port=PORT, protocol_config={'allow_all_attr':True})
#authenticator=auth, protocol_config={'allow_all_attrs': True})
server.start()
import rpyc
class MyService(rpyc.Service):
def exposed_foo(self):
return 18
if __name__ == "__main__":
from rpyc.utils.server import ThreadedServer
from rpyc.utils.authenticators import SSLAuthenticator
server = ThreadedServer(MyService, port = 13388,
authenticator = SSLAuthenticator("cert.key", "cert.crt"),
)
server.start()