def main():
argsGetter = ConfigurationGetter()
args = argsGetter.getConfiguration()
factory = SyncFactory(
args.port,
args.password,
args.motd_file,
args.rooms_db_file,
args.permanent_rooms_file,
args.isolate_rooms,
args.salt,
args.disable_ready,
args.disable_chat,
args.max_chat_message_length,
args.max_username_length,
args.stats_db_file,
args.tls
)
endpoint6 = TCP6ServerEndpoint(reactor, int(args.port))
endpoint6.listen(factory).addCallbacks(isListening6, failed6)
endpoint4 = TCP4ServerEndpoint(reactor, int(args.port))
endpoint4.listen(factory).addCallbacks(isListening4, failed4)
if ServerStatus.listening6 or ServerStatus.listening4:
reactor.run()
else:
print("Unable to listen using either IPv4 and IPv6 protocols. Quitting the server now.")
sys.exit()
def create_prometheus_exporter_service(reactor, port):
"""Return a service exposing prometheus metrics on the specified port."""
root = Resource()
root.putChild(b"metrics", PrometheusMetricsResource(PROMETHEUS_METRICS))
site = Site(root, logFormatter=reducedWebLogFormatter)
endpoint = TCP6ServerEndpoint(reactor, port)
service = StreamServerEndpointService(endpoint, site)
service.setName("prometheus-exporter")
return service
def __try_to_listen_on_port(self, port, max_port, established_callback, failure_callback, **kwargs):
if self.use_ipv6:
ep = TCP6ServerEndpoint(self.reactor, port)
else:
ep = TCP4ServerEndpoint(self.reactor, port)
defer = ep.listen(self.protocol_factory)
defer.addCallback(self.__listening_established, established_callback, **kwargs)
defer.addErrback(self.__listening_failure, port, max_port, established_callback, failure_callback, **kwargs)
def __init__(self, ipcWorker):
super().__init__()
self.ipcWorker = ipcWorker
self.endpoints = [[
TCP6ServerEndpoint(reactor, port) for port in range(5250, 5260)
]]
self.connections = defaultdict(set)
self.connectionsCache = defaultdict(dict)
self.waiters = defaultdict(set)
self.factory = Factory.forProtocol(RegionServer)
self.factory.service = self
self.ports = []
self.events = EventGroup("connected", "disconnected")
def __try_to_listen_on_port(self, listen_info: TCPListenInfo):
if self.use_ipv6:
ep = TCP6ServerEndpoint(self.reactor, listen_info.port_start)
else:
ep = TCP4ServerEndpoint(self.reactor, listen_info.port_start)
defer = ep.listen(self.incoming_protocol_factory)
defer.addCallback(
self.__listening_established,
listen_info.established_callback,
)
defer.addErrback(self.__listening_failure, listen_info)
def create_listening_endpoint_from_config(config, cbdir, reactor, log):
"""
Create a Twisted stream server endpoint from a Crossbar.io transport configuration.
See: https://twistedmatrix.com/documents/current/api/twisted.internet.interfaces.IStreamServerEndpoint.html
:param config: The transport configuration.
:type config: dict
:param cbdir: Crossbar.io node directory (we need this for TLS key/certificates).
:type cbdir: str
:param reactor: The reactor to use for endpoint creation.
:type reactor: obj
:returns obj -- An instance implementing IStreamServerEndpoint
"""
endpoint = None
# a TCP endpoint
#
if config['type'] == 'tcp':
# the TCP protocol version (v4 or v6)
#
version = int(config.get('version', 4))
# the listening port
if isinstance(config['port'], str):
# read port from environment variable ..
try:
port = int(environ[config['port'][1:]])
except Exception as e:
log.warn("Could not read listening port from env var: {e}",
e=e)
raise
else:
port = config['port']
# the listening interface
#
interface = str(config.get('interface', '').strip())
# the TCP accept queue depth
#
backlog = int(config.get('backlog', 50))
if 'tls' in config:
# create a TLS server endpoint
#
if _HAS_TLS:
# TLS server context
context = _create_tls_server_context(config['tls'], cbdir, log)
if version == 4:
endpoint = SSL4ServerEndpoint(reactor,
port,
context,
backlog=backlog,
interface=interface)
elif version == 6:
raise Exception("TLS on IPv6 not implemented")
else:
raise Exception(
"invalid TCP protocol version {}".format(version))
else:
raise Exception(
"TLS transport requested, but TLS packages not available:\n{}"
.format(_LACKS_TLS_MSG))
else:
# create a non-TLS server endpoint
#
if version == 4:
endpoint = TCP4ServerEndpoint(reactor,
port,
backlog=backlog,
interface=interface)
elif version == 6:
endpoint = TCP6ServerEndpoint(reactor,
port,
backlog=backlog,
interface=interface)
else:
raise Exception(
"invalid TCP protocol version {}".format(version))
# a Unix Domain Socket endpoint
#
elif config['type'] == 'unix':
# the accept queue depth
#
backlog = int(config.get('backlog', 50))
# the path
#
path = FilePath(join(cbdir, os.path.expandvars(config['path'])))
# if there is already something there, delete it.
#
if path.exists():
log.info(("{path} exists, attempting to remove before using as a "
"UNIX socket"),
path=path)
path.remove()
# create the endpoint
#
endpoint = UNIXServerEndpoint(reactor, path.path, backlog=backlog)
# twisted endpoint-string
elif config['type'] == 'twisted':
endpoint = serverFromString(reactor, config['server_string'])
# tor endpoint
elif config['type'] == 'onion': # or "tor"? r "tor_onion"?
port = config['port']
private_key_fname = _ensure_absolute(config['private_key_file'], cbdir)
tor_control_ep = create_connecting_endpoint_from_config(
config['tor_control_endpoint'], cbdir, reactor, log)
version = config.get('version', 3) # default to modern version 3
try:
with open(private_key_fname, 'r') as f:
private_key = f.read().strip()
log.info(
"Onion private key from '{private_key_fname}'",
private_key_fname=private_key_fname,
)
except (IOError, OSError):
private_key = None
@implementer(IStreamServerEndpoint)
class _EphemeralOnion(object):
@defer.inlineCallbacks
def listen(self, proto_factory):
# we don't care which local TCP port we listen on, but
# we do need to know it
local_ep = TCP4ServerEndpoint(reactor,
0,
interface="127.0.0.1")
target_port = yield local_ep.listen(proto_factory)
tor = yield txtorcon.connect(
reactor,
tor_control_ep,
)
log.info(
"Creating onion service (descriptor upload can take 30s or more)"
)
hs = yield tor.create_onion_service(
ports=[
(port, target_port.getHost().port),
],
private_key=private_key,
version=version,
)
# if it's new, store our private key
# XXX better "if private_key is None"?
if not exists(private_key_fname):
with open(private_key_fname, 'w') as f:
f.write(hs.private_key)
log.info("Wrote private key to '{fname}'",
fname=private_key_fname)
log.info(
"Listening on Tor onion service {hs.hostname} "
" with ports: {ports}",
hs=hs,
ports=" ".join(hs.ports),
)
defer.returnValue(target_port)
endpoint = _EphemeralOnion()
else:
raise Exception("invalid endpoint type '{}'".format(config['type']))
return endpoint
def create_listening_endpoint_from_config(config, cbdir, reactor, log):
"""
Create a Twisted stream server endpoint from a Crossbar.io transport configuration.
See: https://twistedmatrix.com/documents/current/api/twisted.internet.interfaces.IStreamServerEndpoint.html
:param config: The transport configuration.
:type config: dict
:param cbdir: Crossbar.io node directory (we need this for TLS key/certificates).
:type cbdir: str
:param reactor: The reactor to use for endpoint creation.
:type reactor: obj
:returns obj -- An instance implementing IStreamServerEndpoint
"""
endpoint = None
# a TCP endpoint
#
if config['type'] == 'tcp':
# the TCP protocol version (v4 or v6)
#
version = int(config.get('version', 4))
# the listening port
if type(config['port']) is six.text_type:
# read port from environment variable ..
try:
port = int(environ[config['port'][1:]])
except Exception as e:
log.warn(
"Could not read listening port from env var: {}".format(e))
raise e
else:
port = config['port']
# the listening interface
#
interface = str(config.get('interface', '').strip())
# the TCP accept queue depth
#
backlog = int(config.get('backlog', 50))
if 'tls' in config:
# create a TLS server endpoint
#
if _HAS_TLS:
# TLS server context
context = _create_tls_server_context(config['tls'], cbdir, log)
if version == 4:
endpoint = SSL4ServerEndpoint(reactor,
port,
context,
backlog=backlog,
interface=interface)
elif version == 6:
raise Exception("TLS on IPv6 not implemented")
else:
raise Exception(
"invalid TCP protocol version {}".format(version))
else:
raise Exception(
"TLS transport requested, but TLS packages not available:\n{}"
.format(_LACKS_TLS_MSG))
else:
# create a non-TLS server endpoint
#
if version == 4:
endpoint = TCP4ServerEndpoint(reactor,
port,
backlog=backlog,
interface=interface)
elif version == 6:
endpoint = TCP6ServerEndpoint(reactor,
port,
backlog=backlog,
interface=interface)
else:
raise Exception(
"invalid TCP protocol version {}".format(version))
# a Unix Domain Socket endpoint
#
elif config['type'] == 'unix':
# the accept queue depth
#
backlog = int(config.get('backlog', 50))
# the path
#
path = FilePath(join(cbdir, config['path']))
# if there is already something there, delete it.
#
if path.exists():
log.info(("{path} exists, attempting to remove before using as a "
"UNIX socket"),
path=path)
path.remove()
# create the endpoint
#
endpoint = UNIXServerEndpoint(reactor, path.path, backlog=backlog)
else:
raise Exception("invalid endpoint type '{}'".format(config['type']))
return endpoint
def start_xmpp_server():
logger = logging.getLogger('xmppserver.transport.tcp')
logger.info('Starting XMPP server', extra={'client': 'SERVER'})
c_endpoint = TCP6ServerEndpoint(reactor, settings.TCP_CLIENT_PORT)
c_endpoint.listen(XMPPServerFactory(logger))
def failed4(f):
ServerStatus.listening4 = False
if f.type is CannotListenError and ServerStatus.listening6:
pass
else:
print(f.value)
print("IPv4 listening failed.")
if __name__ == '__main__':
argsGetter = ConfigurationGetter()
args = argsGetter.getConfiguration()
factory = SyncFactory(args.port, args.password, args.motd_file,
args.isolate_rooms, args.salt, args.disable_ready,
args.disable_chat, args.max_chat_message_length,
args.max_username_length, args.stats_db_file,
args.tls)
endpoint6 = TCP6ServerEndpoint(reactor, int(args.port))
endpoint6.listen(factory).addCallbacks(isListening6, failed6)
endpoint4 = TCP4ServerEndpoint(reactor, int(args.port))
endpoint4.listen(factory).addCallbacks(isListening4, failed4)
if ServerStatus.listening6 or ServerStatus.listening4:
reactor.run()
else:
print(
"Unable to listen using either IPv4 and IPv6 protocols. Quitting the server now."
)
sys.exit()
def create_listening_endpoint_from_config(config, cbdir, reactor):
"""
Create a Twisted stream server endpoint from a Crossbar.io transport configuration.
See: https://twistedmatrix.com/documents/current/api/twisted.internet.interfaces.IStreamServerEndpoint.html
:param config: The transport configuration.
:type config: dict
:param cbdir: Crossbar.io node directory (we need this for TLS key/certificates).
:type cbdir: str
:param reactor: The reactor to use for endpoint creation.
:type reactor: obj
:returns obj -- An instance implementing IStreamServerEndpoint
"""
endpoint = None
## a TCP endpoint
##
if config['type'] == 'tcp':
## the TCP protocol version (v4 or v6)
##
version = int(config.get('version', 4))
## the listening port
##
if type(config['port']) in (str, unicode):
## read port from environment variable ..
try:
port = int(os.environ[config['port'][1:]])
except Exception as e:
print(
"Could not read listening port from env var: {}".format(e))
raise e
else:
port = config['port']
## the listening interface
##
interface = str(config.get('interface', '').strip())
## the TCP accept queue depth
##
backlog = int(config.get('backlog', 50))
if 'tls' in config:
if _HAS_TLS:
key_filepath = os.path.abspath(
os.path.join(cbdir, config['tls']['key']))
cert_filepath = os.path.abspath(
os.path.join(cbdir, config['tls']['certificate']))
with open(key_filepath) as key_file:
with open(cert_filepath) as cert_file:
if 'dhparam' in config['tls']:
dhparam_filepath = os.path.abspath(
os.path.join(cbdir, config['tls']['dhparam']))
else:
dhparam_filepath = None
## create a TLS context factory
##
key = key_file.read()
cert = cert_file.read()
ciphers = config['tls'].get('ciphers', None)
ctx = TlsServerContextFactory(
key,
cert,
ciphers=ciphers,
dhParamFilename=dhparam_filepath)
## create a TLS server endpoint
##
if version == 4:
endpoint = SSL4ServerEndpoint(reactor,
port,
ctx,
backlog=backlog,
interface=interface)
elif version == 6:
raise Exception("TLS on IPv6 not implemented")
else:
raise Exception(
"invalid TCP protocol version {}".format(version))
else:
raise Exception(
"TLS transport requested, but TLS packages not available")
else:
## create a non-TLS server endpoint
##
if version == 4:
endpoint = TCP4ServerEndpoint(reactor,
port,
backlog=backlog,
interface=interface)
elif version == 6:
endpoint = TCP6ServerEndpoint(reactor,
port,
backlog=backlog,
interface=interface)
else:
raise Exception(
"invalid TCP protocol version {}".format(version))
## a Unix Domain Socket endpoint
##
elif config['type'] == 'unix':
## the accept queue depth
##
backlog = int(config.get('backlog', 50))
## the path
##
path = os.path.abspath(os.path.join(cbdir, config['path']))
## create the endpoint
##
endpoint = UNIXServerEndpoint(reactor, path, backlog=backlog)
else:
raise Exception("invalid endpoint type '{}'".format(config['type']))
return endpoint
def create_listening_endpoint_from_config(config, cbdir, reactor):
"""
Create a Twisted stream server endpoint from a Crossbar.io transport configuration.
See: https://twistedmatrix.com/documents/current/api/twisted.internet.interfaces.IStreamServerEndpoint.html
:param config: The transport configuration.
:type config: dict
:param cbdir: Crossbar.io node directory (we need this for TLS key/certificates).
:type cbdir: str
:param reactor: The reactor to use for endpoint creation.
:type reactor: obj
:returns obj -- An instance implementing IStreamServerEndpoint
"""
log = make_logger()
endpoint = None
# a TCP endpoint
#
if config['type'] == 'tcp':
# the TCP protocol version (v4 or v6)
#
version = int(config.get('version', 4))
# the listening port
#
if type(config['port']) is six.text_type:
# read port from environment variable ..
try:
port = int(environ[config['port'][1:]])
except Exception as e:
print(
"Could not read listening port from env var: {}".format(e))
raise e
else:
port = config['port']
# the listening interface
#
interface = str(config.get('interface', '').strip())
# the TCP accept queue depth
#
backlog = int(config.get('backlog', 50))
if 'tls' in config:
if _HAS_TLS:
key_filepath = abspath(join(cbdir, config['tls']['key']))
cert_filepath = abspath(
join(cbdir, config['tls']['certificate']))
with open(key_filepath) as key_file:
with open(cert_filepath) as cert_file:
if 'dhparam' in config['tls']:
dhpath = FilePath(
abspath(join(cbdir, config['tls']['dhparam'])))
dh_params = DiffieHellmanParameters.fromFile(
dhpath)
else:
# XXX won't be doing ANY EDH
# curves... maybe make dhparam required?
# or do "whatever tlxctx was doing"
dh_params = None
log.warn(
"OpenSSL DH modes not active (no 'dhparam')")
# create a TLS context factory
#
key = key_file.read()
cert = cert_file.read()
ca_certs = None
if 'ca_certificates' in config['tls']:
ca_certs = []
for fname in config['tls']['ca_certificates']:
with open(fname, 'r') as f:
ca_certs.append(
Certificate.loadPEM(f.read()).original)
crossbar_ciphers = AcceptableCiphers.fromOpenSSLCipherString(
'ECDHE-RSA-AES128-GCM-SHA256:'
'DHE-RSA-AES128-GCM-SHA256:'
'ECDHE-RSA-AES128-SHA256:'
'DHE-RSA-AES128-SHA256:'
'ECDHE-RSA-AES128-SHA:'
'DHE-RSA-AES128-SHA')
ctx = CertificateOptions(
privateKey=KeyPair.load(
key, crypto.FILETYPE_PEM).original,
certificate=Certificate.loadPEM(cert).original,
verify=(ca_certs is not None),
caCerts=ca_certs,
dhParameters=dh_params,
acceptableCiphers=crossbar_ciphers,
)
if ctx._ecCurve is None:
log.warn(
"OpenSSL failed to set ECDH default curve")
else:
log.info(
"Ok, OpenSSL is using ECDH elliptic curve {curve}",
curve=ctx._ecCurve.snName,
)
# create a TLS server endpoint
#
if version == 4:
endpoint = SSL4ServerEndpoint(reactor,
port,
ctx,
backlog=backlog,
interface=interface)
elif version == 6:
raise Exception("TLS on IPv6 not implemented")
else:
raise Exception(
"invalid TCP protocol version {}".format(version))
else:
raise Exception(
"TLS transport requested, but TLS packages not available:\n{}"
.format(_LACKS_TLS_MSG))
else:
# create a non-TLS server endpoint
#
if version == 4:
endpoint = TCP4ServerEndpoint(reactor,
port,
backlog=backlog,
interface=interface)
elif version == 6:
endpoint = TCP6ServerEndpoint(reactor,
port,
backlog=backlog,
interface=interface)
else:
raise Exception(
"invalid TCP protocol version {}".format(version))
# a Unix Domain Socket endpoint
#
elif config['type'] == 'unix':
# the accept queue depth
#
backlog = int(config.get('backlog', 50))
# the path
#
path = FilePath(join(cbdir, config['path']))
# if there is already something there, delete it.
#
if path.exists():
log.info(("{path} exists, attempting to remove before using as a "
"UNIX socket"),
path=path)
path.remove()
# create the endpoint
#
endpoint = UNIXServerEndpoint(reactor, path.path, backlog=backlog)
else:
raise Exception("invalid endpoint type '{}'".format(config['type']))
return endpoint
