def __init__(self, io_threads=1, shared_secret=None):
zmq.Context.__init__(self, io_threads)
if shared_secret is not None:
_check_versions()
keys = _unpack_shared_secret(shared_secret)
self.client_secretkey, self.server_secretkey = keys
self.client_publickey = zmq.curve_public(self.client_secretkey)
self.server_publickey = zmq.curve_public(self.server_secretkey)
# Don't hold ref to auth: needed for auto cleanup at shutdown:
auth = zmq.auth.thread.ThreadAuthenticator(self)
auth.start()
# Allow only clients who have the client public key:
auth.thread.authenticator.allow_any = False
auth.thread.authenticator.certs['*'] = {
self.client_publickey: True
}
self.secure = True
def generate_zmq_public_key(key_private):
"""
Generates public key based on private key for ZMQ encryption.
Returns
-------
str
Public key.
"""
key_public = zmq.curve_public(key_private.encode("utf-8"))
return key_public.decode("utf-8")
def test_curve_public(self):
"""test curve_public"""
try:
public, secret = zmq.curve_keypair()
except zmq.ZMQError:
raise SkipTest("CURVE unsupported")
if zmq.zmq_version_info() < (4, 2):
raise SkipTest("curve_public is new in libzmq 4.2")
derived_public = zmq.curve_public(secret)
self.assertEqual(type(derived_public), bytes)
self.assertEqual(len(derived_public), 40)
# verify that it is indeed Z85
bpublic = z85.decode(derived_public)
self.assertEqual(type(bpublic), bytes)
self.assertEqual(len(bpublic), 32)
# verify that it is equal to the known public key
self.assertEqual(derived_public, public)
def test_curve_public(self):
"""test curve_public"""
try:
public, secret = zmq.curve_keypair()
except zmq.ZMQError:
raise SkipTest("CURVE unsupported")
if zmq.zmq_version_info() < (4,2):
raise SkipTest("curve_public is new in libzmq 4.2")
derived_public = zmq.curve_public(secret)
self.assertEqual(type(derived_public), bytes)
self.assertEqual(len(derived_public), 40)
# verify that it is indeed Z85
bpublic = z85.decode(derived_public)
self.assertEqual(type(bpublic), bytes)
self.assertEqual(len(bpublic), 32)
# verify that it is equal to the known public key
self.assertEqual(derived_public, public)
def __init__(self, gModel, gModelName, dName, qName, sysArgv):
'''
Constructor
:param dName: device type name
:type dName: str
:param qName: qualified name of the device instance: 'actor.inst'
:type qName: str
'''
self.logger = logging.getLogger(__name__)
self.inst_ = self
self.appName = gModel["name"]
self.modelName = gModelName
aName,iName = qName.split('.')
self.name = qName
self.iName = iName
self.dName = dName
self.pid = os.getpid()
self.uuid = None
self.suffix = ""
self.setupIfaces()
# Assumption : pid is a 4 byte int
self.actorID = ipaddress.IPv4Address(self.globalHost).packed + self.pid.to_bytes(4, 'big')
if dName not in gModel["devices"]:
raise BuildError('Device "%s" unknown' % dName)
# In order to make the rest of the code work, we build an actor model for the device
devModel = gModel["devices"][dName]
self.model = {} # The made-up actor model
formals = devModel["formals"] # Formals are the same as those of the device (component)
self.model["formals"] = formals
devInst = { "type": dName } # There is a single instance, containing the device component
actuals = []
for arg in formals:
name = arg["name"]
actual = {}
actual["name"] = name
actual["param"] = name
actuals.append(actual)
devInst["actuals"] = actuals
self.model["instances"] = { iName: devInst} # Single instance (under iName)
aModel = gModel["actors"][aName]
self.model["locals"] = aModel["locals"] # Locals
self.model["internals"] = aModel["internals"] # Internals
self.INT_RE = re.compile(r"^[-]?\d+$")
self.parseParams(sysArgv)
# Use czmq's context
czmq_ctx = Zsys.init()
self.context = zmq.Context.shadow(czmq_ctx.value)
Zsys.handler_reset() # Reset previous signal
# Context for app sockets
self.appContext = zmq.Context()
if Config.SECURITY:
(self.public_key, self.private_key) = zmq.auth.load_certificate(const.appCertFile)
_public = zmq.curve_public(self.private_key)
if(self.public_key != _public):
self.logger.error("bad security key(s)")
raise BuildError("invalid security key(s)")
hosts = ['127.0.0.1']
try:
with open(const.appDescFile, 'r') as f:
content = yaml.load(f, Loader=yaml.Loader)
hosts += content.hosts
except:
self.logger.error("Error loading app descriptor:s", str(sys.exc_info()[1]))
self.auth = ThreadAuthenticator(self.appContext)
self.auth.start()
self.auth.allow(*hosts)
self.auth.configure_curve(domain='*', location=zmq.auth.CURVE_ALLOW_ANY)
else:
(self.public_key, self.private_key) = (None, None)
self.auth = None
self.appContext = self.context
try:
if os.path.isfile(const.logConfFile) and os.access(const.logConfFile, os.R_OK):
spdlog_setup.from_file(const.logConfFile)
except Exception as e:
self.logger.error("error while configuring componentLogger: %s" % repr(e))
messages = gModel["messages"] # Global message types (global on the network)
self.messageNames = []
for messageSpec in messages:
self.messageNames.append(messageSpec["name"])
locals_ = self.model["locals"] # Local message types (local to the host)
self.localNames = []
for messageSpec in locals_:
self.localNames.append(messageSpec["type"])
internals = self.model["internals"] # Internal message types (internal to the actor process)
self.internalNames = []
for messageSpec in internals:
self.internalNames.append(messageSpec["type"])
groups = gModel["groups"]
self.groupTypes = {}
for group in groups:
self.groupTypes[group["name"]] = {
"kind": group["kind"],
"message": group["message"],
"timed": group["timed"]
}
self.components = {}
instSpecs = self.model["instances"]
_compSpecs = gModel["components"]
devSpecs = gModel["devices"]
for instName in instSpecs: # Create the component instances: the 'parts'
instSpec = instSpecs[instName]
instType = instSpec['type']
if instType in devSpecs:
typeSpec = devSpecs[instType]
else:
raise BuildError('Device type "%s" for instance "%s" is undefined' % (instType, instName))
instFormals = typeSpec['formals']
instActuals = instSpec['actuals']
instArgs = self.buildInstArgs(instName, instFormals, instActuals)
# Check whether the component is C++ component
ccComponentFile = 'lib' + instType.lower() + '.so'
ccComp = os.path.isfile(ccComponentFile)
try:
if ccComp:
modObj = importlib.import_module('lib' + instType.lower())
self.components[instName] = modObj.create_component_py(self, self.model,
typeSpec, instName,
instType, instArgs,
self.appName, self.name, groups)
else:
self.components[instName] = Part(self, typeSpec, instName, instType, instArgs)
except Exception as e:
traceback.print_exc()
self.logger.error("Error while constructing part '%s.%s': %s" % (instType, instName, str(e)))
"curve:// addresses must be in the form curve://HOST:PORT/REMOTE_PUBKEY_HEX",
file=sys.stderr)
sys.exit(1)
sys.argv[1:0] = [pkhex]
if len(sys.argv) > 1 and len(sys.argv[1]) == 64 and all(
x in "0123456789abcdefABCDEF" for x in sys.argv[1]):
curve_pubkey = bytes.fromhex(sys.argv[1])
del sys.argv[1]
socket.curve_serverkey = curve_pubkey
if len(sys.argv) > 1 and len(sys.argv[1]) == 64 and all(
x in "0123456789abcdefABCDEF" for x in sys.argv[1]):
my_privkey = bytes.fromhex(sys.argv[1])
del sys.argv[1]
my_pubkey = zmq.utils.z85.decode(
zmq.curve_public(zmq.utils.z85.encode(my_privkey)))
else:
my_privkey = PrivateKey.generate()
my_pubkey = my_privkey.public_key.encode()
my_privkey = my_privkey.encode()
print(
"No curve client privkey given; generated a random one (pubkey: {}, privkey: {})"
.format(my_pubkey.hex(), my_privkey.hex()),
file=sys.stderr)
socket.curve_secretkey = my_privkey
socket.curve_publickey = my_pubkey
if not 2 <= len(sys.argv) <= 3 or any(x in y for x in ("--help", "-h")
for y in sys.argv[1:]):
print(
def __init__(self, gModel, gModelName, aName, sysArgv):
'''
Constructor
'''
self.logger = logging.getLogger(__name__)
self.inst_ = self
self.appName = gModel["name"]
self.modelName = gModelName
self.name = aName
self.pid = os.getpid()
self.uuid = None
self.setupIfaces()
self.disco = None
self.deplc = None
# Assumption : pid is a 4 byte int
self.actorID = ipaddress.IPv4Address(
self.globalHost).packed + self.pid.to_bytes(4, 'big')
self.suffix = ""
if aName not in gModel["actors"]:
raise BuildError('Actor "%s" unknown' % aName)
self.model = gModel["actors"][
aName] # Fetch the relevant content from the model
self.INT_RE = re.compile(r"^[-]?\d+$")
self.parseParams(sysArgv)
# Use czmq's context
czmq_ctx = Zsys.init()
self.context = zmq.Context.shadow(czmq_ctx.value)
Zsys.handler_reset() # Reset previous signal handler
# Context for app sockets
self.appContext = zmq.Context()
if Config.SECURITY:
(self.public_key,
self.private_key) = zmq.auth.load_certificate(const.appCertFile)
_public = zmq.curve_public(self.private_key)
if (self.public_key != _public):
self.logger.error("bad security key(s)")
raise BuildError("invalid security key(s)")
hosts = ['127.0.0.1']
try:
with open(const.appDescFile, 'r') as f:
content = yaml.load(f, Loader=yaml.Loader)
hosts += content.hosts
except:
self.logger.error("Error loading app descriptor:%s",
str(sys.exc_info()[1]))
self.auth = ThreadAuthenticator(self.appContext)
self.auth.start()
self.auth.allow(*hosts)
self.auth.configure_curve(domain='*',
location=zmq.auth.CURVE_ALLOW_ANY)
else:
(self.public_key, self.private_key) = (None, None)
self.auth = None
self.appContext = self.context
try:
if os.path.isfile(const.logConfFile) and os.access(
const.logConfFile, os.R_OK):
spdlog_setup.from_file(const.logConfFile)
except Exception as e:
self.logger.error("error while configuring componentLogger: %s" %
repr(e))
messages = gModel[
"messages"] # Global message types (global on the network)
self.messageNames = []
for messageSpec in messages:
self.messageNames.append(messageSpec["name"])
locals_ = self.model[
"locals"] # Local message types (local to the host)
self.localNames = []
for messageSpec in locals_:
self.localNames.append(messageSpec["type"])
self.localNams = set(self.localNames)
internals = self.model[
"internals"] # Internal message types (internal to the actor process)
self.internalNames = []
for messageSpec in internals:
self.internalNames.append(messageSpec["type"])
self.internalNames = set(self.internalNames)
groups = gModel["groups"]
self.groupTypes = {}
for group in groups:
self.groupTypes[group["name"]] = {
"kind": group["kind"],
"message": group["message"],
"timed": group["timed"]
}
self.rt_actor = self.model.get(
"real-time") # If real time actor, set scheduler (if specified)
if self.rt_actor:
sched = self.model.get("scheduler")
if (sched):
_policy = sched.get("policy")
policy = {
"rr": os.SCHED_RR,
"pri": os.SCHED_FIFO
}.get(_policy, None)
priority = sched.get("priority", None)
if policy and priority:
try:
param = os.sched_param(priority)
os.sched_setscheduler(0, policy, param)
except Exception as e:
self.logger.error(
"Can't set up real-time scheduling '%r %r':\n %r"
% (_policy, priority, e))
try:
prctl.cap_effective.limit() # Drop all capabilities
prctl.cap_permitted.limit()
prctl.cap_inheritable.limit()
except Exception as e:
self.logger.error("Error while dropping capabilities")
self.components = {}
instSpecs = self.model["instances"]
compSpecs = gModel["components"]
ioSpecs = gModel["devices"]
for instName in instSpecs: # Create the component instances: the 'parts'
instSpec = instSpecs[instName]
instType = instSpec['type']
if instType in compSpecs:
typeSpec = compSpecs[instType]
ioComp = False
elif instType in ioSpecs:
typeSpec = ioSpecs[instType]
ioComp = True
else:
raise BuildError(
'Component type "%s" for instance "%s" is undefined' %
(instType, instName))
instFormals = typeSpec['formals']
instActuals = instSpec['actuals']
instArgs = self.buildInstArgs(instName, instFormals, instActuals)
# Check whether the component is C++ component
ccComponentFile = 'lib' + instType.lower() + '.so'
ccComp = os.path.isfile(ccComponentFile)
try:
if not ioComp:
if ccComp:
modObj = importlib.import_module('lib' +
instType.lower())
self.components[instName] = modObj.create_component_py(
self, self.model, typeSpec, instName, instType,
instArgs, self.appName, self.name, groups)
else:
self.components[instName] = Part(
self, typeSpec, instName, instType, instArgs)
else:
self.components[instName] = Peripheral(
self, typeSpec, instName, instType, instArgs)
except Exception as e:
traceback.print_exc()
self.logger.error("Error while constructing part '%s.%s': %s" %
(instType, instName, str(e)))
