def render_POST(self, request):
"""
Perform license activation. The POST must contain a 'payload' field.
Payload must be a string consisting of 3 substrings concatenated
by comma:
msg, key, sig
msg: the AES encrypted license
key: the RSA encrypted AES key
sig: the RSA signature over the encrypted msg and key
For details, see cryptoutil.verify_and_decrypt.
"""
try:
args = request.args
headers = request.getAllHeaders()
if headers.get("content-type", "missing") != 'application/x-www-form-urlencoded':
return self.deny(request, "bad or missing content type ('%s')" % headers.get("content-type", "missing"))
if args.has_key('payload'):
payload = request.args['payload'][0]
else:
return self.deny(request, "1: missing payload field")
# remove any whitespace (also line) from payload string
re.sub(r'\s', '', payload)
log.msg("License activation received:")
log.msg("Raw License: " + payload)
try:
license = Database.parseLicense(self.services["config"].get('instance-priv-key'), payload)
except Exception, e:
return self.deny(request, "2: " + str(e))
hostid = str(self.services['platform'].getHostId())
if hostid != license['host-id']:
return self.deny(request, "3: license is for host-id '%s', but this host has host-id '%s'" % (license['host-id'], hostid))
instanceid = str(self.services['config'].get("instance-id"))
if instanceid != license['instance-id']:
return self.deny(request, "4: license is for instance-id '%s', but this instance has instance-id '%s'" % (license['instance-id'], instanceid))
validfrom = parseutc(license['valid-from'])
validto = parseutc(license['valid-to'])
now = datetime.datetime.utcnow()
if now < validfrom:
return self.deny(request, "5: license is not yet valid (license validity %s - %s, now is %s)" % (license['valid-from'], license['valid-to'], utcstr(now)))
if now >= validto:
return self.deny(request, "6: license is expired (license validity %s - %s, now is %s)" % (license['valid-from'], license['valid-to'], utcstr(now)))
d = self.dbpool.runInteraction(self._activateLicense, license, payload)
d.addCallback(lambda res: self._onLicenseActivateSuccess(res, request))
d.addErrback(lambda res: self._onLicenseActivateError(res, request))
return NOT_DONE_YET
def render_POST(self, request):
"""
Perform license activation. The POST must contain a 'payload' field.
Payload must be a string consisting of 3 substrings concatenated
by comma:
msg, key, sig
msg: the AES encrypted license
key: the RSA encrypted AES key
sig: the RSA signature over the encrypted msg and key
For details, see cryptoutil.verify_and_decrypt.
"""
try:
args = request.args
headers = request.getAllHeaders()
if headers.get("content-type",
"missing") != 'application/x-www-form-urlencoded':
return self.deny(
request, "bad or missing content type ('%s')" %
headers.get("content-type", "missing"))
if args.has_key('payload'):
payload = request.args['payload'][0]
else:
return self.deny(request, "1: missing payload field")
# remove any whitespace (also line) from payload string
re.sub(r'\s', '', payload)
log.msg("License activation received:")
log.msg("Raw License: " + payload)
try:
license = Database.parseLicense(
self.services["config"].get('instance-priv-key'), payload)
except Exception, e:
return self.deny(request, "2: " + str(e))
hostid = str(self.services['platform'].getHostId())
if hostid != license['host-id']:
return self.deny(
request,
"3: license is for host-id '%s', but this host has host-id '%s'"
% (license['host-id'], hostid))
instanceid = str(self.services['config'].get("instance-id"))
if instanceid != license['instance-id']:
return self.deny(
request,
"4: license is for instance-id '%s', but this instance has instance-id '%s'"
% (license['instance-id'], instanceid))
validfrom = parseutc(license['valid-from'])
validto = parseutc(license['valid-to'])
now = datetime.datetime.utcnow()
if now < validfrom:
return self.deny(
request,
"5: license is not yet valid (license validity %s - %s, now is %s)"
%
(license['valid-from'], license['valid-to'], utcstr(now)))
if now >= validto:
return self.deny(
request,
"6: license is expired (license validity %s - %s, now is %s)"
%
(license['valid-from'], license['valid-to'], utcstr(now)))
d = self.dbpool.runInteraction(self._activateLicense, license,
payload)
d.addCallback(
lambda res: self._onLicenseActivateSuccess(res, request))
d.addErrback(
lambda res: self._onLicenseActivateError(res, request))
## avoid module level import of reactor
from twisted.web.server import NOT_DONE_YET
return NOT_DONE_YET
def _startService(self):
cfg = None
dbpool = None
services = {}
## Master Service and logger
##
services["master"] = self
services["logger"] = self.logger
## remember service start time
##
self.started = datetime.datetime.utcnow()
## make sure we have full absolute path to data dir
##
self.appdata = os.path.abspath(self.appdata)
## Log OpenSSL info
##
log.msg("Using pyOpenSSL %s on OpenSSL %s" % (OpenSSL.__version__, OpenSSL.SSL.SSLeay_version(OpenSSL.SSL.SSLEAY_VERSION)))
## Generate DH param set (primes ..)
##
## http://linux.die.net/man/3/ssl_ctx_set_tmp_dh
## http://linux.die.net/man/1/dhparam
##
self.dhParamFilename = os.path.join(self.appdata, 'dh_param.pem')
if not os.path.exists(self.dhParamFilename):
os.system("openssl dhparam -out %s -2 1024" % self.dhParamFilename)
log.msg("Generated DH param file %s" % self.dhParamFilename)
else:
log.msg("Using existing DH param file %s" % self.dhParamFilename)
## initialize database
##
db = Database(services)
#db.setName("database")
#db.setServiceParent(self)
services["database"] = db
db.startService()
cfg = db.getConfig(includeTls = True)
dbpool = db.createPool()
## License options
##
self.licenseOptions = db.getLicenseOptions()
## Installed options
##
self.installedOptions = db.getInstalledOptions()
if self.webdata is None:
self.webdata = os.path.join(self.appdata, db.getConfig('web-dir'))
print "Crossbar.io Web directory unspecified - using %s." % self.webdata
## Print out core information to log
##
log.msg("")
log.msg('*' * 80)
log.msg("")
log.msg(" You can access the management console of crossbar.io at")
log.msg("")
log.msg(" >>>>>>>>> %s" % db.getWebAdminURL())
log.msg("")
log.msg(" from your browser (Google Chrome, Mozilla Firefox or Microsoft IE10+)")
log.msg("")
log.msg("")
log.msg(" You can access the static Web content served by crossbar.io at")
log.msg("")
log.msg(" >>>>>>>>> %s" % self.webdata)
log.msg("")
log.msg(" on the filesystem of your instance.")
log.msg("")
log.msg('*' * 80)
log.msg("")
## Setup services hierarchy
##
SERVICES = [(None, None, [("config", Config)]),
(None, None, [("platform", PlatformService)]),
(None, None, [("netstat", NetstatService)]),
(None, None, [("vmstat", VmstatService)]),
(None, None, [("appws", HubWebSocketService)]),
(None, None, [("echows", EchoWebSocketService)]),
(None, None, [("flashpolicy", FlashPolicyService)]),
(None, None, [("ftp", FtpService)]),
(None, None, [("clientfilter", ClientFilter)]),
(None, None, [("hubweb", HubWebService)]),
(None, None, [("adminweb", AdminWebService)]),
(None, None, [("adminws", AdminWebSocketService)]),
(None, "rest", [("restpusher", RestPusher), ("restremoter", RestRemoter)]),
(None, "extdirect", [("extdirectremoter", ExtDirectRemoter)]),
("postgresql", "postgresql", [("pgpusher", PgPusher), ("pgremoter", PgRemoter)]),
("oracle", "oracle", [("orapusher", OraPusher), ("oraremoter", OraRemoter)]),
("hana", "hana", [("hanapusher", HanaPusher), ("hanaremoter", HanaRemoter)])
]
for sdef in SERVICES:
installedOptionName, licenseOptionName, serviceList = sdef
installed = installedOptionName is None or self.installedOptions[installedOptionName]
licensed = licenseOptionName is None or self.licenseOptions[licenseOptionName]
for s in serviceList:
if installed:
if licensed:
enabled = cfg.get("service-enable-%s" % s[0], True)
if enabled:
svc = s[1](dbpool, services)
svc.setName(s[0])
svc.setServiceParent(self)
services[s[0]] = svc
else:
log.msg("Skipping %s (service disabled)!" % s[1].SERVICENAME)
else:
log.msg("Skipping %s (service not licensed)!" % s[1].SERVICENAME)
else:
log.msg("Skipping %s (service not installed)!" % s[1].SERVICENAME)
## Start whole service hierarchy
##
MultiService.startService(self)
def _startService(self):
## this is here, since it triggers a reactor import
from crossbar.netservice.ftpserver import FtpService
cfg = None
dbpool = None
services = {}
## Master Service and logger
##
services["master"] = self
services["logger"] = self.logger
## remember service start time
##
self.started = datetime.datetime.utcnow()
## make sure we have full absolute path to data dir
##
self.cbdata = os.path.abspath(self.cbdata)
## initialize database
##
db = Database(services)
#db.setName("database")
#db.setServiceParent(self)
services["database"] = db
db.startService()
cfg = db.getConfig(includeTls=True)
dbpool = db.createPool()
## Log OpenSSL info
##
log.msg("Using pyOpenSSL %s on OpenSSL %s" %
(OpenSSL.__version__,
OpenSSL.SSL.SSLeay_version(OpenSSL.SSL.SSLEAY_VERSION)))
## Generate DH param set (primes ..)
##
## http://linux.die.net/man/3/ssl_ctx_set_tmp_dh
## http://linux.die.net/man/1/dhparam
##
self.dhParamFilename = os.path.join(self.cbdata, 'dh_param.pem')
if not os.path.exists(self.dhParamFilename):
os.system("openssl dhparam -out %s -2 1024" % self.dhParamFilename)
log.msg("Generated DH param file %s" % self.dhParamFilename)
else:
log.msg("Using existing DH param file %s" % self.dhParamFilename)
## License options
##
self.licenseOptions = db.getLicenseOptions()
## Installed options
##
self.installedOptions = db.getInstalledOptions()
if self.webdata is None:
self.webdata = os.path.join(self.cbdata, db.getConfig('web-dir'))
print "Crossbar.io Web directory unspecified - using %s." % self.webdata
## Print out core information to log
##
log.msg("")
log.msg('*' * 80)
log.msg("")
log.msg(" You can access the management console of crossbar.io at")
log.msg("")
log.msg(" >>>>>>>>> %s" % db.getWebAdminURL())
log.msg("")
log.msg(
" from your browser (Google Chrome, Mozilla Firefox or Microsoft IE10+)"
)
log.msg("")
log.msg("")
log.msg(
" You can access the static Web content served by crossbar.io at")
log.msg("")
log.msg(" >>>>>>>>> %s" % self.webdata)
log.msg("")
log.msg(" on the filesystem of your instance.")
log.msg("")
log.msg('*' * 80)
log.msg("")
## Setup services hierarchy
##
SERVICES = [(None, None, [("config", Config)]),
(None, None, [("platform", PlatformService)]),
(None, None, [("netstat", NetstatService)]),
(None, None, [("vmstat", VmstatService)]),
(None, None, [("appws", HubWebSocketService)]),
(None, None, [("echows", EchoWebSocketService)]),
(None, None, [("flashpolicy", FlashPolicyService)]),
(None, None, [("ftp", FtpService)]),
(None, None, [("clientfilter", ClientFilter)]),
(None, None, [("hubweb", HubWebService)]),
(None, None, [("adminweb", AdminWebService)]),
(None, None, [("adminws", AdminWebSocketService)]),
(None, "rest", [("restpusher", RestPusher),
("restremoter", RestRemoter)]),
(None, "extdirect", [("extdirectremoter", ExtDirectRemoter)
]),
("postgresql", "postgresql", [("pgpusher", PgPusher),
("pgremoter", PgRemoter)]),
("oracle", "oracle", [("orapusher", OraPusher),
("oraremoter", OraRemoter)]),
("hana", "hana", [("hanapusher", HanaPusher),
("hanaremoter", HanaRemoter)])]
for sdef in SERVICES:
installedOptionName, licenseOptionName, serviceList = sdef
installed = installedOptionName is None or self.installedOptions[
installedOptionName]
licensed = licenseOptionName is None or self.licenseOptions[
licenseOptionName]
for s in serviceList:
if installed:
if licensed:
enabled = cfg.get("service-enable-%s" % s[0], True)
if enabled:
svc = s[1](dbpool, services)
svc.setName(s[0])
svc.setServiceParent(self)
services[s[0]] = svc
else:
log.msg("Skipping %s (service disabled)!" %
s[1].SERVICENAME)
else:
log.msg("Skipping %s (service not licensed)!" %
s[1].SERVICENAME)
else:
log.msg("Skipping %s (service not installed)!" %
s[1].SERVICENAME)
## Start whole service hierarchy
##
MultiService.startService(self)
