def run(self):
with open('cert.pem', 'r') as f:
cert_data = f.read()
with open('privkey.pem', 'r') as f:
key_data = f.read()
site = server.Site(PySOADelayedResource(
requests_queue=self.requests_queue,
responses_queue=self.responses_queue,
))
cert = crypto.load_certificate(crypto.FILETYPE_PEM, cert_data)
key = crypto.load_privatekey(crypto.FILETYPE_PEM, key_data)
options = ssl.CertificateOptions(
privateKey=key,
certificate=cert,
acceptableProtocols=[b'h2'],
)
endpoint = endpoints.SSL4ServerEndpoint(
reactor,
int(self.backend_layer_config['http_port']),
options,
interface=self.backend_layer_config['http_host']
)
endpoint.listen(site)
reactor.run(installSignalHandlers=0)
def _toEndpoint(description, certificate=None):
"""
Create an endpoint based on a description.
@type description: L{bytes}
@param description: An endpoint description string or a TCP port
number.
@type certificate: L{bytes} or L{None}
@param certificate: The name of a file containing an SSL certificate.
@rtype: L{IStreamServerEndpoint
<twisted.internet.interfaces.IStreamServerEndpoint>} provider
@return: An endpoint.
"""
from twisted.internet import reactor
try:
port = int(description)
except ValueError:
return endpoints.serverFromString(reactor, description)
warnings.warn(
"Specifying plain ports and/or a certificate is deprecated since "
"Twisted 11.0; use endpoint descriptions instead.",
category=DeprecationWarning,
stacklevel=3)
if certificate:
from twisted.internet.ssl import DefaultOpenSSLContextFactory
ctx = DefaultOpenSSLContextFactory(certificate, certificate)
return endpoints.SSL4ServerEndpoint(reactor, port, ctx)
return endpoints.TCP4ServerEndpoint(reactor, port)
def main():
logging.setLoggerClass(ColoredLogger)
logger = logging.getLogger('SERVER - MAIN')
cacert = "cacert.pem"
privkey = "privkey.pem"
# Check if certifice exists
cacert_file = Path(cacert)
privkey_file = Path(privkey)
if not cacert_file.is_file() or not privkey_file.is_file():
create_self_signed_cert(cacert, privkey)
server_port = 8080
ssl_context = ssl.DefaultOpenSSLContextFactory(
privkey,
cacert,
)
site = server.Site(ServerHandler())
endpoint = endpoints.SSL4ServerEndpoint(reactor, server_port, ssl_context)
endpoint.listen(site)
logger.info('Server start listening on {0}'.format(server_port))
reactor.run()
def getTLSEndpoint(endpoint_config):
sslContextFactory = ChainedOpenSSLContext(endpoint_config['privkey'],
endpoint_config['fullchain'])
return endpoints.SSL4ServerEndpoint(reactor=reactor,
port=endpoint_config['port'],
sslContextFactory=sslContextFactory,
interface=endpoint_config.get(
'address', ''))
def main():
server_port = 8080
ssl_context = ssl.DefaultOpenSSLContextFactory(
'privkey.pem',
'cacert.pem',
)
site = server.Site(ClientHandler())
endpoint = endpoints.SSL4ServerEndpoint(reactor, server_port, ssl_context)
endpoint.listen(site)
logger.info('Server start listening on {0}'.format(server_port))
reactor.run()
def __init__(self, zmq_bridge, bind_address: str, bind_port: int):
super().__init__(True)
self.zmq_bridge = zmq_bridge
self._twisted_root = BridgePage()
self._twisted_root.putChild(b'zmq', ZMQDataPage(self))
self._twisted_server = Site(self._twisted_root)
# load the key and certificate for SSL
ssl_context = ssl.DefaultOpenSSLContextFactory('bridge-ssl.key',
'bridge-ssl.pem')
# create the SSL endpoint and begin listening
self._twisted_endpoint = endpoints.SSL4ServerEndpoint(
reactor, bind_port, ssl_context, interface=bind_address)
self._twisted_endpoint.listen(self._twisted_server)
LOG.info("Created HTTPS endpoint on %s:%d" % (bind_address, bind_port))
def createServerEndpoint(self, reactor, factory, **listenArgs):
"""
Create an L{SSL4ServerEndpoint} and return the tools to verify its
behaviour.
@param factory: The thing that we expect to be passed to our
L{IStreamServerEndpoint.listen} implementation.
@param reactor: A fake L{IReactorSSL} that L{SSL4ServerEndpoint} can
call L{IReactorSSL.listenSSL} on.
@param listenArgs: Optional dictionary of arguments to
L{IReactorSSL.listenSSL}.
"""
address = IPv4Address("TCP", "0.0.0.0", 0)
return (endpoints.SSL4ServerEndpoint(reactor, address.port,
self.serverSSLContext,
**listenArgs),
(address.port, factory, self.serverSSLContext,
listenArgs.get('backlog',
50), listenArgs.get('interface', '')), address)
def _toEndpoint(description, certificate=None):
"""
Tries to guess whether a description is a bare TCP port or a endpoint. If a
bare port is specified and a certificate file is present, returns an
SSL4ServerEndpoint and otherwise returns a TCP4ServerEndpoint.
"""
from twisted.internet import reactor
try:
port = int(description)
except ValueError:
return endpoints.serverFromString(reactor, description)
warnings.warn(
"Specifying plain ports and/or a certificate is deprecated since "
"Twisted 11.0; use endpoint descriptions instead.",
category=DeprecationWarning, stacklevel=3)
if certificate:
ctx = SSLContextFactory(certificate)
return endpoints.SSL4ServerEndpoint(reactor, port, ctx)
return endpoints.TCP4ServerEndpoint(reactor, port)
self._flow_control_deferreds[stream_id] = d
return d
class H2Factory(Factory):
def __init__(self, root):
self.root = root
def buildProtocol(self, addr):
return H2Protocol(self.root)
root = sys.argv[1]
with open('server.crt', 'r') as f:
cert_data = f.read()
with open('server.key', 'r') as f:
key_data = f.read()
cert = crypto.load_certificate(crypto.FILETYPE_PEM, cert_data)
key = crypto.load_privatekey(crypto.FILETYPE_PEM, key_data)
options = ssl.CertificateOptions(
privateKey=key,
certificate=cert,
nextProtocols=[b'h2', b'http/1.1'],
)
endpoint = endpoints.SSL4ServerEndpoint(reactor, 8080, options, backlog=128)
endpoint.listen(H2Factory(root))
reactor.run()
parser.add_argument("ica_crt", help="path to ica cert file(pem)", type=str)
parser.add_argument("--port", help="listening port", type=int, default=443)
args = parser.parse_args()
with open(args.server_crt, 'r') as f:
cert_data = f.read()
with open(args.server_key, 'r') as f:
key_data = f.read()
with open(args.rca_crt, 'r') as f:
rca_crt = f.read()
with open(args.ica_crt, 'r') as f:
ica_crt = f.read()
cert = crypto.load_certificate(crypto.FILETYPE_PEM, cert_data)
key = crypto.load_privatekey(crypto.FILETYPE_PEM, key_data)
rca = crypto.load_certificate(crypto.FILETYPE_PEM, rca_crt)
ica = crypto.load_certificate(crypto.FILETYPE_PEM, ica_crt)
options = ssl.CertificateOptions(
privateKey=key,
certificate=cert,
extraCertChain=[rca, ica],
acceptableProtocols=[b'h2'],
)
endpoint = endpoints.SSL4ServerEndpoint(reactor,
args.port,
options,
backlog=128)
endpoint.listen(H2Factory())
reactor.run()
"__xml_attributes__": {
"status": "passed"
},
"major-version": "1",
"minor-version": "130"
}
})
return etree.tostring(dict_2_etree(res), pretty_print=True)
logging.basicConfig(level='DEBUG')
logger = logging.getLogger()
logger.setLevel('DEBUG')
site = server.Site(Brocade())
endpoint = endpoints.SSL4ServerEndpoint(
reactor, 8443, ssl.DefaultOpenSSLContextFactory("pkey", "cert.pem"))
endpoint.listen(site)
site = server.Site(Svc())
endpoint = endpoints.SSL4ServerEndpoint(
reactor, 7443, ssl.DefaultOpenSSLContextFactory("pkey", "cert.pem"))
endpoint.listen(site)
site = server.Site(Pan())
endpoint = endpoints.SSL4ServerEndpoint(
reactor, 6443, ssl.DefaultOpenSSLContextFactory("pkey", "cert.pem"))
endpoint.listen(site)
site = server.Site(NetApp())
endpoint = endpoints.SSL4ServerEndpoint(
reactor, 10443, ssl.DefaultOpenSSLContextFactory("pkey", "cert.pem"))