def main(args):
''' main() function of this module '''
CONFIG.register_descriptions({
"http.server.address": "Address to listen to",
"http.server.class": "Use alternate ServerHTTP-like class",
"http.server.mime": "Enable code that guess mime types",
"http.server.ports": "List of ports to listen to",
"http.server.rootdir": "Root directory for static pages",
"http.server.ssi": "Enable server-side includes",
})
common.main("http.server", "Neubot simple HTTP server", args)
conf = CONFIG.copy()
HTTP_SERVER.configure(conf)
if conf["http.server.rootdir"] == ".":
conf["http.server.rootdir"] = os.path.abspath(".")
for port in conf["http.server.ports"].split(","):
if port:
HTTP_SERVER.listen((conf["http.server.address"], int(port)))
POLLER.loop()
def main(args):
''' main() of this module '''
CONFIG.register_descriptions({
"http.client.class": "Specify alternate ClientHTTP-like class",
"http.client.method": "Specify alternate HTTP method",
"http.client.stdout": "Enable writing response to stdout",
"http.client.uri": "Specify URI to download from/upload to",
})
common.main("http.client", "Simple Neubot HTTP client", args)
conf = CONFIG.copy()
make_client = TestClient
if conf["http.client.class"]:
make_client = utils.import_class(conf["http.client.class"])
if not conf["http.client.uri"]:
sys.stdout.write("Please, specify URI via -D http.client.uri=URI\n")
sys.exit(0)
client = make_client(POLLER)
client.configure(conf)
client.connect_uri(conf["http.client.uri"])
POLLER.loop()
sys.exit(0)
def main(args):
CONFIG.register_descriptions({
"speedtest.client.uri": "Base URI to connect to",
"speedtest.client.nconn": "Number of concurrent connections to use",
"speedtest.client.latency_tries": "Number of latency measurements",
})
common.main("speedtest.client", "Speedtest client", args)
conf = CONFIG.copy()
#
# If possible use the runner, which will execute the
# test in the context of the neubot daemon. Then exit
# to bypass the POLLER.loop() invokation that is below
# here.
# If the runner fails, fallback to the usual code path,
# which executes the test in the context of the local
# process.
# Set 'runned.enabled' to 0 to bypass the runner and
# run the test locally.
#
if (utils.intify(conf['runner.enabled']) and
runner_clnt.runner_client(conf["agent.api.address"],
conf["agent.api.port"],
LOG.noisy, "speedtest")):
sys.exit(0)
LOG.info('Will run the test in the local context...')
client = ClientSpeedtest(POLLER)
client.configure(conf)
client.connect_uri()
POLLER.loop()
def main(args):
CONFIG.register_descriptions({
"rendezvous.server.address": "Set rendezvous server address",
"rendezvous.server.daemonize": "Enable daemon behavior",
"rendezvous.server.ports": "List of rendezvous server ports",
"rendezvous.server.update_uri": "Where to download updates from",
"rendezvous.server.update_version": "Update Neubot version number",
"rendezvous.geoip_wrapper.country_database": "Path of the GeoIP country database",
"rendezvous.server.default": "Default test server to use",
})
common.main("rendezvous.server", "Rendezvous server", args)
conf = CONFIG.copy()
HTTP_SERVER.configure(conf)
for port in conf["rendezvous.server.ports"].split(","):
HTTP_SERVER.listen((conf["rendezvous.server.address"], int(port)))
# Really start this module
run(POLLER, conf)
if conf["rendezvous.server.daemonize"]:
system.change_dir()
system.go_background()
LOG.redirect()
system.drop_privileges(LOG.error)
POLLER.loop()
def main(args):
CONFIG.register_descriptions({
"speedtest.negotiate.address": "Address to listen to",
"speedtest.negotiate.auth_only": "Enable doing tests for authorized clients only",
"speedtest.negotiate.daemonize": "Enable going in background",
"speedtest.negotiate.port": "Port to listen to",
})
common.main("speedtest.negotiate", "Speedtest negotiation server", args)
conf = CONFIG.copy()
server = ServerSpeedtest(POLLER)
server.configure(conf)
server.listen((conf["speedtest.negotiate.address"],
conf["speedtest.negotiate.port"]))
if conf["speedtest.negotiate.daemonize"]:
system.change_dir()
system.go_background()
LOG.redirect()
system.drop_privileges(LOG.error)
POLLER.loop()
def main(args):
CONFIG.register_descriptions({
"api.client.address": "Set address to connect to",
"api.client.port": "Set port to connect to",
})
common.main("api.client", "Minimal client for JSON API", args)
client = APIStateTracker(POLLER)
client.configure(CONFIG.copy())
client.loop()
def main(args):
CONFIG.register_descriptions({
# General variables
"net.stream.certfile": "Set SSL certfile path",
"net.stream.ipv6": "Enable IPv6",
"net.stream.key": "Set key for ARC4",
"net.stream.secure": "Enable SSL",
"net.stream.server_side": "Enable SSL server-side mode",
"net.stream.rcvbuf": "Set sock recv buffer (0 = use default)",
"net.stream.sndbuf": "Set sock send buffer (0 = use default)",
# For main()
"net.stream.address": "Set client or server address",
"net.stream.chunk": "Chunk written by each write",
"net.stream.clients": "Set number of client connections",
"net.stream.daemonize": "Enable daemon behavior",
"net.stream.duration": "Set duration of a test",
"net.stream.listen": "Enable server mode",
"net.stream.port": "Set client or server port",
"net.stream.proto": "Set proto (chargen, discard, or echo)",
})
common.main("net.stream", "TCP bulk transfer test", args)
conf = CONFIG.copy()
endpoint = (conf["net.stream.address"], conf["net.stream.port"])
if not conf["net.stream.proto"]:
if conf["net.stream.listen"]:
conf["net.stream.proto"] = "chargen"
else:
conf["net.stream.proto"] = "discard"
elif conf["net.stream.proto"] not in ("chargen", "discard", "echo"):
common.write_help(sys.stderr, "net.stream", "TCP bulk transfer test")
sys.exit(1)
handler = GenericHandler(POLLER)
handler.configure(conf)
if conf["net.stream.listen"]:
if conf["net.stream.daemonize"]:
system.change_dir()
system.go_background()
LOG.redirect()
system.drop_privileges(LOG.error)
conf["net.stream.server_side"] = True
handler.listen(endpoint)
else:
handler.connect(endpoint, count=conf["net.stream.clients"])
POLLER.loop()
sys.exit(0)
def main(args):
CONFIG.register_descriptions({
"speedtest.client.uri": "Base URI to connect to",
"speedtest.client.nconn": "Number of concurrent connections to use",
"speedtest.client.latency_tries": "Number of latency measurements",
})
common.main("speedtest.client", "Speedtest client", args)
conf = CONFIG.copy()
client = ClientSpeedtest(POLLER)
client.configure(conf)
client.connect_uri()
POLLER.loop()
def run(poller, conf):
''' Start the negotiate server '''
NEGOTIATE_SERVER.register_module('speedtest', NEGOTIATE_SERVER_SPEEDTEST)
NEGOTIATE_SERVER.register_module('bittorrent', NEGOTIATE_SERVER_BITTORRENT)
HTTP_SERVER.register_child(NEGOTIATE_SERVER, '/negotiate/')
HTTP_SERVER.register_child(NEGOTIATE_SERVER, '/collect/')
CONFIG.register_descriptions({
'negotiate.parallelism': 'Number of parallel tests',
'negotiate.min_thresh': 'Minimum trehshold for RED',
'negotiate.max_thresh': 'Maximum trehshold for RED',
})
def main(args):
CONFIG.register_descriptions({
"rendezvous.client.debug": "Do not perform any test",
"rendezvous.client.version": "Set rendezvous client version",
})
common.main("rendezvous.client", "Rendezvous client", args)
conf = CONFIG.copy()
client = ClientRendezvous(POLLER)
client.configure(conf)
client.connect_uri()
POLLER.loop()
def run(poller, conf):
""" Start the negotiate server """
NEGOTIATE_SERVER.register_module("speedtest", NEGOTIATE_SERVER_SPEEDTEST)
NEGOTIATE_SERVER.register_module("bittorrent", NEGOTIATE_SERVER_BITTORRENT)
NEGOTIATE_SERVER.register_module("raw", NEGOTIATE_SERVER_RAW)
NEGOTIATE_SERVER.register_module("skype", NEGOTIATE_SERVER_SKYPE)
HTTP_SERVER.register_child(NEGOTIATE_SERVER, "/negotiate/")
HTTP_SERVER.register_child(NEGOTIATE_SERVER, "/collect/")
CONFIG.register_descriptions(
{
"negotiate.parallelism": "Number of parallel tests",
"negotiate.min_thresh": "Minimum trehshold for RED",
"negotiate.max_thresh": "Maximum trehshold for RED",
}
)
def main(args):
CONFIG.register_descriptions({
# General variables
"net.stream.certfile": "Set SSL certfile path",
"net.stream.secure": "Enable SSL",
"net.stream.server_side": "Enable SSL server-side mode",
# For main()
"net.stream.address": "Set client or server address",
"net.stream.chunk": "Chunk written by each write",
"net.stream.clients": "Set number of client connections",
"net.stream.duration": "Set duration of a test",
"net.stream.listen": "Enable server mode",
"net.stream.port": "Set client or server port",
"net.stream.proto": "Set proto (chargen, discard, or echo)",
})
common.main("net.stream", "TCP bulk transfer test", args)
conf = CONFIG.copy()
endpoint = (conf["net.stream.address"], conf["net.stream.port"])
if not conf["net.stream.proto"]:
if conf["net.stream.listen"]:
conf["net.stream.proto"] = "chargen"
else:
conf["net.stream.proto"] = "discard"
elif conf["net.stream.proto"] not in ("chargen", "discard", "echo"):
common.write_help(sys.stderr, "net.stream", "TCP bulk transfer test")
sys.exit(1)
handler = GenericHandler(POLLER)
handler.configure(conf)
if conf["net.stream.listen"]:
conf["net.stream.server_side"] = True
handler.listen(endpoint)
else:
handler.connect(endpoint, count=conf["net.stream.clients"])
POLLER.loop()
sys.exit(0)
def main(args):
''' main() function of this module '''
CONFIG.register_descriptions({
"http.server.address": "Address to listen to",
"http.server.class": "Use alternate ServerHTTP-like class",
"http.server.daemonize": "Run in background as a daemon",
"http.server.mime": "Enable code that guess mime types",
"http.server.ports": "List of ports to listen to",
"http.server.rootdir": "Root directory for static pages",
"http.server.ssi": "Enable server-side includes",
})
common.main("http.server", "Neubot simple HTTP server", args)
conf = CONFIG.copy()
if conf["http.server.class"]:
make_child = utils.import_class(conf["http.server.class"])
server = make_child(POLLER)
else:
server = HTTP_SERVER
server.configure(conf)
if conf["http.server.rootdir"] == ".":
conf["http.server.rootdir"] = os.path.abspath(".")
for port in conf["http.server.ports"].split(","):
if port:
server.listen((conf["http.server.address"], int(port)))
if conf["http.server.daemonize"]:
system.change_dir()
system.go_background()
system.write_pidfile()
LOG.redirect()
system.drop_privileges(LOG.error)
POLLER.loop()
def main(args):
''' Will initialize privacy settings '''
CONFIG.register_descriptions({
'privacy.init_informed': "You've read privacy policy",
'privacy.init_can_collect': 'We can collect your IP address',
'privacy.init_can_share': 'We can share your IP address',
'privacy.overwrite': 'Overwrite old settings',
})
common.main('privacy', 'Initialize privacy settings', args)
conf = CONFIG.copy()
if not conf['privacy.informed'] or conf['privacy.overwrite']:
dictonary = {
'privacy.informed': conf['privacy.init_informed'],
'privacy.can_collect': conf['privacy.init_can_collect'],
'privacy.can_share': conf['privacy.init_can_share'],
}
table_config.update(DATABASE.connection(), dictonary.iteritems())
DATABASE.connection().commit()
def main(args):
''' Main function '''
CONFIG.register_descriptions({
"rendezvous.server.address": "Set rendezvous server address",
"rendezvous.server.ports": "List of rendezvous server ports",
"rendezvous.server.update_version": "Update Neubot version number",
"rendezvous.geoip_wrapper.country_database": \
"Path of the GeoIP country database",
"rendezvous.server.default": "Default test server to use",
})
common.main("rendezvous.server", "Rendezvous server", args)
conf = CONFIG.copy()
HTTP_SERVER.configure(conf)
for port in conf["rendezvous.server.ports"].split(","):
HTTP_SERVER.listen((conf["rendezvous.server.address"], int(port)))
# Really start this module
run()
POLLER.loop()
def main(args):
""" Generate private key and certificate file for Neubot server """
CONFIG.register_descriptions({
"net.CA.bits": "Set private key bits number",
"net.CA.cacert": "Set certificate file path",
"net.CA.days": "Set days before expire",
"net.CA.privkey": "Set private key file path",
})
common.main("net.CA", "generate test certificates", args)
conf = CONFIG.copy()
#
# We need to be root because we play with file and
# directories permissions and ownership which, in the
# common case, cannot be done by other users.
#
if os.getuid():
sys.exit("This command must be invoked as root")
#
# Force a standard umask but note that we will
# override perms when needed.
# Create the base directory and allow root to
# populate and others just to read and list.
#
os.umask(0022)
if not os.path.exists(conf["net.CA.basedir"]):
os.mkdir(conf["net.CA.basedir"], 0755)
# Make paths absolute
conf["net.CA.cacert"] = os.sep.join([
conf["net.CA.basedir"],
conf["net.CA.cacert"]
])
conf["net.CA.privkey"] = os.sep.join([
conf["net.CA.basedir"],
conf["net.CA.privkey"]
])
# Generate RSA private key
genrsa = [ "openssl", "genrsa", "-out", conf["net.CA.privkey"],
str(conf["net.CA.bits"]) ]
LOG.debug("CA: exec: %s" % genrsa)
subprocess.call(genrsa)
# Generate self-signed certificate
req = [ "openssl", "req", "-new", "-x509", "-key", conf["net.CA.privkey"],
"-out", conf["net.CA.cacert"], "-days", str(conf["net.CA.days"]) ]
LOG.debug("CA: exec: %s" % req)
subprocess.call(req)
#
# Merge private key and self-signed certificate into
# the same file. While there, remove the original files
# from the filesystem.
#
certfile = os.sep.join([conf["net.CA.basedir"], "cert.pem"])
outfp = open(certfile, "w")
for key in ("net.CA.privkey", "net.CA.cacert"):
fpin = open(conf[key], "r")
os.unlink(conf[key])
outfp.write(fpin.read())
fpin.close()
outfp.close()
#
# Allow the `_neubot` user to read the file and set
# very restrictive permissions. Note that an attacker
# running as the `_neubot` user can steal or modify
# the on-disk private key quite easily. This is the
# basic flaw of the current SSL schema in Neubot.
#
rec = pwd.getpwnam("_neubot")
os.chown(certfile, rec.pw_uid, rec.pw_gid)
os.chmod(certfile, 0400)
def main(args):
""" Starts the server module """
#
# Register descriptions in main() only so that
# we don't advertise the name of knobs that aren't
# relevant in the current context.
#
CONFIG.register_descriptions({
"server.bittorrent": "Start up BitTorrent test and negotiate server",
"server.daemonize": "Become a daemon and run in background",
'server.debug': 'Run the localhost-only debug server',
"server.negotiate": "Turn on negotiation infrastructure",
"server.rendezvous": "Start up rendezvous server",
"server.sapi": "Turn on Server-side API",
"server.speedtest": "Start up Speedtest test and negotiate server",
})
common.main("server", "Neubot server-side component", args)
conf = CONFIG.copy()
#
# Configure our global HTTP server and make
# sure that we don't provide filesystem access
# even by mistake.
#
conf["http.server.rootdir"] = ""
HTTP_SERVER.configure(conf)
#
# New-style modules are started just setting a
# bunch of conf[] variables and then invoking
# their run() method in order to kick them off.
#
if conf["server.negotiate"]:
negotiate.run(POLLER, conf)
if conf["server.bittorrent"]:
conf["bittorrent.listen"] = True
conf["bittorrent.negotiate"] = True
bittorrent.run(POLLER, conf)
if conf['server.speedtest']:
#conf['speedtest.listen'] = 1 # Not yet
#conf['speedtest.negotiate'] = 1 # Not yet
neubot.speedtest.wrapper.run(POLLER, conf)
# Migrating from old style to new style
if conf["server.rendezvous"]:
#conf["rendezvous.listen"] = True # Not yet
neubot.rendezvous.server.run(POLLER, conf)
#
# Historically Neubot runs on port 9773 and
# 8080 but we would like to switch to port 80
# in the long term period, because it's rare
# that they filter it.
# OTOH it looks like it's not possible to
# do that easily w/ M-Lab because the port
# is already taken.
#
address = "0.0.0.0"
ports = (80, 8080, 9773)
for port in ports:
HTTP_SERVER.listen((address, port))
#
# Start server-side API for Nagios plugin
# to query the state of the server.
# functionalities.
#
if conf["server.sapi"]:
server = ServerSideAPI(POLLER)
server.configure(conf)
HTTP_SERVER.register_child(server, "/sapi")
#
# Create localhost-only debug server
#
if CONFIG['server.debug']:
LOG.info('server: Starting debug server at 127.0.0.1:9774')
server = DebugAPI(POLLER)
server.configure(conf)
server.listen(('127.0.0.1', 9774))
#
# Go background and drop privileges,
# then enter into the main loop.
#
if conf["server.daemonize"]:
system.change_dir()
system.go_background()
system.write_pidfile()
LOG.redirect()
system.drop_privileges(LOG.error)
POLLER.loop()
def main(args):
""" Starts the server module """
#
# Register descriptions in main() only so that
# we don't advertise the name of knobs that aren't
# relevant in the current context.
#
CONFIG.register_descriptions({
"server.bittorrent": "Start up BitTorrent test and negotiate server",
"server.daemonize": "Become a daemon and run in background",
"server.negotiate": "Turn on negotiation infrastructure",
"server.rendezvous": "Start up rendezvous server",
"server.sapi": "Turn on Server-side API",
"server.speedtest": "Start up Speedtest test and negotiate server",
})
common.main("server", "Neubot server-side component", args)
conf = CONFIG.copy()
#
# Configure our global HTTP server and make
# sure that we don't provide filesystem access
# even by mistake.
#
conf["http.server.rootdir"] = ""
HTTP_SERVER.configure(conf)
#
# New-style modules are started just setting a
# bunch of conf[] variables and then invoking
# their run() method in order to kick them off.
#
if conf["server.negotiate"]:
conf["negotiate.listen"] = True
negotiate.run(POLLER, conf)
if conf["server.bittorrent"]:
conf["bittorrent.listen"] = True
conf["bittorrent.negotiate"] = True
bittorrent.run(POLLER, conf)
# Migrating from old style to new style
if conf["server.rendezvous"]:
#conf["rendezvous.listen"] = True # Not yet
neubot.rendezvous.server.run(POLLER, conf)
#
# Old-style modules are less engineered and so
# they're a bit more painful to start up. This
# August maybe I will have time to migrate 'em
# to run() interface.
#
if conf["server.speedtest"]:
server = ServerSpeedtest(None)
server.configure(conf)
HTTP_SERVER.register_child(server, "/speedtest")
#
# Historically Neubot runs on port 9773 and
# 8080 but we would like to switch to port 80
# in the long term period, because it's rare
# that they filter it.
#
address = "0.0.0.0"
ports = (80, 8080, 9773)
for port in ports:
HTTP_SERVER.listen((address, port))
#
# Start server-side API for Nagios plugin
# to query the state of the server.
# functionalities.
#
if conf["server.sapi"]:
server = ServerSideAPI(POLLER)
server.configure(conf)
HTTP_SERVER.register_child(server, "/sapi")
#
# Go background and drop privileges,
# then enter into the main loop.
#
if conf["server.daemonize"]:
system.change_dir()
system.go_background()
LOG.redirect()
system.drop_privileges(LOG.error)
POLLER.loop()
