def test_ssl_sending_messages(self):
s = eventlet.wrap_ssl(
eventlet.listen(("localhost", 0)), certfile=certificate_file, keyfile=private_key_file, server_side=True
)
self.spawn_server(sock=s)
connect = [
"GET /echo HTTP/1.1",
"Upgrade: WebSocket",
"Connection: Upgrade",
"Host: localhost:%s" % self.port,
"Origin: http://localhost:%s" % self.port,
"Sec-WebSocket-Protocol: ws",
"Sec-WebSocket-Key1: 4 @1 46546xW%0l 1 5",
"Sec-WebSocket-Key2: 12998 5 Y3 1 .P00",
]
sock = eventlet.wrap_ssl(eventlet.connect(("localhost", self.port)))
sock.sendall("\r\n".join(connect) + "\r\n\r\n^n:ds[4U")
first_resp = sock.recv(1024)
# make sure it sets the wss: protocol on the location header
loc_line = [x for x in first_resp.split("\r\n") if x.lower().startswith("sec-websocket-location")][0]
self.assert_("wss://localhost" in loc_line, "Expecting wss protocol in location: %s" % loc_line)
sock.sendall("\x00hello\xFF")
result = sock.recv(1024)
self.assertEqual(result, "\x00hello\xff")
sock.sendall("\x00start")
eventlet.sleep(0.001)
sock.sendall(" end\xff")
result = sock.recv(1024)
self.assertEqual(result, "\x00start end\xff")
greenio.shutdown_safe(sock)
sock.close()
eventlet.sleep(0.01)
def test_wrap_ssl(self):
server = eventlet.wrap_ssl(eventlet.listen(('localhost', 0)),
certfile=certificate_file,
keyfile=private_key_file, server_side=True)
port = server.getsockname()[1]
def handle(sock,addr):
sock.sendall(sock.recv(1024))
raise eventlet.StopServe()
eventlet.spawn(eventlet.serve, server, handle)
client = eventlet.wrap_ssl(eventlet.connect(('localhost', port)))
client.sendall("echo")
self.assertEquals("echo", client.recv(1024))
def test_two_servers(self):
def test_app(env, start_response):
start_response('200 OK', {})
return ['PONG']
fake_ssl_server = nova.wsgi.Server("fake_ssl", test_app,
host="127.0.0.1", port=0, use_ssl=True)
fake_ssl_server.start()
self.assertNotEqual(0, fake_ssl_server.port)
fake_server = nova.wsgi.Server("fake", test_app,
host="127.0.0.1", port=0)
fake_server.start()
self.assertNotEqual(0, fake_server.port)
cli = eventlet.connect(("localhost", fake_ssl_server.port))
cli = eventlet.wrap_ssl(cli,
ca_certs=os.path.join(SSL_CERT_DIR, 'ca.crt'))
cli.write('POST / HTTP/1.1\r\nHost: localhost\r\n'
'Connection: close\r\nContent-length:4\r\n\r\nPING')
response = cli.read(8192)
self.assertEqual(response[-4:], "PONG")
cli = eventlet.connect(("localhost", fake_server.port))
cli.sendall('POST / HTTP/1.1\r\nHost: localhost\r\n'
'Connection: close\r\nContent-length:4\r\n\r\nPING')
response = cli.recv(8192)
self.assertEqual(response[-4:], "PONG")
fake_ssl_server.stop()
fake_ssl_server.wait()
def get_socket(self):
"""Create listener socket based on bottle server parameters."""
import eventlet
# Separate out socket.listen arguments
socket_args = {}
for arg in ('backlog', 'family'):
try:
socket_args[arg] = self.options.pop(arg)
except KeyError:
pass
# Separate out wrap_ssl arguments
ssl_args = {}
for arg in ('keyfile', 'certfile', 'server_side', 'cert_reqs',
'ssl_version', 'ca_certs', 'do_handshake_on_connect',
'suppress_ragged_eofs', 'ciphers'):
try:
ssl_args[arg] = self.options.pop(arg)
except KeyError:
pass
address = (self.host, self.port)
try:
sock = eventlet.listen(address, **socket_args)
except TypeError:
# Fallback, if we have old version of eventlet
sock = eventlet.listen(address)
if ssl_args:
sock = eventlet.wrap_ssl(sock, **ssl_args)
return sock
def start(self, key=None, backlog=128):
"""Run a WSGI server with the given application."""
if self.socket is None:
self.listen(key=key, backlog=backlog)
dup_socket = self.socket.dup()
if key:
self.socket_info[key] = self.socket.getsockname()
# SSL is enabled
if self.do_ssl:
if self.cert_required:
cert_reqs = ssl.CERT_REQUIRED
else:
cert_reqs = ssl.CERT_NONE
dup_socket = eventlet.wrap_ssl(dup_socket, certfile=self.certfile,
keyfile=self.keyfile,
server_side=True,
cert_reqs=cert_reqs,
ca_certs=self.ca_certs)
# Optionally enable keepalive on the wsgi socket.
if self.keepalive:
dup_socket.setsockopt(socket.SOL_SOCKET, socket.SO_KEEPALIVE, 1)
if self.keepidle is not None:
dup_socket.setsockopt(socket.IPPROTO_TCP, socket.TCP_KEEPIDLE,
self.keepidle)
self.greenthread = self.pool.spawn(self._run,
self.application,
dup_socket)
def main():
from eventlet import wsgi,wrap_ssl,listen
from ankisyncd.thread import shutdown
config = SafeConfigParser()
config.read("ankisyncd.conf")
ankiserver = SyncApp(config)
host = config.get("sync_app", "host")
port = config.getint("sync_app", "port")
if(config.getboolean("sync_app", "ssl")):
certfile = config.get("sync_app", "certfile")
keyfile = config.get("sync_app", "keyfile")
socket = wrap_ssl( listen((host, port)),
certfile=certfile,
keyfile=keyfile,
server_side=True )
else:
socket = listen((host, port))
try:
wsgi.server(socket, ankiserver)
finally:
shutdown()
def test_connect_ssl(self):
def accept_once(listenfd):
try:
conn, addr = listenfd.accept()
conn.write(b'hello\r\n')
greenio.shutdown_safe(conn)
conn.close()
finally:
greenio.shutdown_safe(listenfd)
listenfd.close()
server = eventlet.wrap_ssl(
eventlet.listen(('0.0.0.0', 0)),
self.private_key_file,
self.certificate_file,
server_side=True
)
eventlet.spawn_n(accept_once, server)
raw_client = eventlet.connect(('127.0.0.1', server.getsockname()[1]))
client = ssl.wrap_socket(raw_client)
fd = client.makefile('rb', 8192)
assert fd.readline() == b'hello\r\n'
try:
self.assertEqual(b'', fd.read(10))
except greenio.SSL.ZeroReturnError:
# if it's a GreenSSL object it'll do this
pass
greenio.shutdown_safe(client)
client.close()
check_hub()
def _run_server():
host = cfg.CONF.auth.host
port = cfg.CONF.auth.port
use_ssl = cfg.CONF.auth.use_ssl
cert_file_path = os.path.realpath(cfg.CONF.auth.cert)
key_file_path = os.path.realpath(cfg.CONF.auth.key)
if use_ssl and not os.path.isfile(cert_file_path):
raise ValueError('Certificate file "%s" doesn\'t exist' % (cert_file_path))
if use_ssl and not os.path.isfile(key_file_path):
raise ValueError('Private key file "%s" doesn\'t exist' % (key_file_path))
socket = eventlet.listen((host, port))
if use_ssl:
socket = eventlet.wrap_ssl(socket,
certfile=cert_file_path,
keyfile=key_file_path,
server_side=True)
LOG.info('ST2 Auth API running in "%s" auth mode', cfg.CONF.auth.mode)
LOG.info('(PID=%s) ST2 Auth API is serving on %s://%s:%s.', os.getpid(),
'https' if use_ssl else 'http', host, port)
wsgi.server(socket, app.setup_app())
return 0
def start(self, key=None, backlog=128):
"""Run a WSGI server with the given application."""
LOG.info(_('Starting %(arg0)s on %(host)s:%(port)s'),
{'arg0': sys.argv[0],
'host': self.host,
'port': self.port})
# TODO(dims): eventlet's green dns/socket module does not actually
# support IPv6 in getaddrinfo(). We need to get around this in the
# future or monitor upstream for a fix
info = socket.getaddrinfo(self.host,
self.port,
socket.AF_UNSPEC,
socket.SOCK_STREAM)[0]
_socket = eventlet.listen(info[-1],
family=info[0],
backlog=backlog)
if key:
self.socket_info[key] = _socket.getsockname()
# SSL is enabled
if self.do_ssl:
if self.cert_required:
cert_reqs = ssl.CERT_REQUIRED
else:
cert_reqs = ssl.CERT_NONE
sslsocket = eventlet.wrap_ssl(_socket, certfile=self.certfile,
keyfile=self.keyfile,
server_side=True,
cert_reqs=cert_reqs,
ca_certs=self.ca_certs)
_socket = sslsocket
self.greenthread = self.pool.spawn(self._run,
self.application,
_socket)
def handle(self, listener, client, addr):
if self.cfg.is_ssl:
client = eventlet.wrap_ssl(client, server_side=True,
do_handshake_on_connect=False,
**self.cfg.ssl_options)
super(EventletWorker, self).handle(listener, client, addr)
def run_server():
import eventlet
eventlet_socket = eventlet.listen((host, port))
# If provided an SSL argument, use an SSL socket
ssl_args = [
"keyfile",
"certfile",
"server_side",
"cert_reqs",
"ssl_version",
"ca_certs",
"do_handshake_on_connect",
"suppress_ragged_eofs",
"ciphers",
]
ssl_params = {k: kwargs[k] for k in kwargs if k in ssl_args}
if len(ssl_params) > 0:
for k in ssl_params:
kwargs.pop(k)
ssl_params["server_side"] = True # Listening requires true
eventlet_socket = eventlet.wrap_ssl(eventlet_socket, **ssl_params)
eventlet.wsgi.server(eventlet_socket, app, log_output=log_output, **kwargs)
def make_socket(host, port, ssl_keyfile=None, ssl_certfile=None):
sock = eventlet.listen((host, port))
# TODO: set ca_certs and cert_reqs=CERT_REQUIRED
if ssl_keyfile and ssl_certfile:
sock = eventlet.wrap_ssl(sock, certfile=ssl_certfile,
keyfile=ssl_keyfile,
server_side=True)
return sock
def make_server(host="localhost", port=8081, scheme='http', **kw):
socket = eventlet.listen((host, port))
if scheme == 'https':
socket = eventlet.wrap_ssl(socket, server_side=True, **CERTS)
dummy_log_fp = open('/dev/null', 'a')
return wsgi.server(socket, TestingApp(), log=dummy_log_fp, **kw)
def serve():
if __name__ == '__main__':
global app
# wrap Flask application with engineio's middleware
app = socketio.Middleware(sio, app)
eventlet.wsgi.server(eventlet.wrap_ssl(eventlet.listen(('', 8000)),
certfile='/home/garthtee/cert.pem',
keyfile='/home/garthtee/privkey.pem'), app)
def _command(self, command, host, port):
sock = eventlet.wrap_ssl(eventlet.connect((host, port)), keyfile=self._keyfile, certfile=self._certfile)
stream = sock.makefile()
stream.write("%s %s\n" % (self.NSDCT_VERSION, command))
stream.flush()
result = stream.read()
stream.close()
sock.close()
return result.rstrip()
def handle(self, listener, client, addr):
if self.cfg.is_ssl:
client = eventlet.wrap_ssl(client, server_side=True,
**self.cfg.ssl_options)
super(EventletWorker, self).handle(listener, client, addr)
if not self.alive:
raise eventlet.StopServe()
def start_client(**kwargs):
host = kwargs["host"]
backend_port = kwargs.get("backend_port")
use_ssl = kwargs.get("use_ssl", False)
ssl_opts = kwargs.get("ssl_opts", {})
if not backend_port:
try:
backend_port = util.discover_backend_port(host)
except:
print " ERROR: Unable to connect to service."
sys.exit(0)
frontend_ip = socket.gethostbyname(host.split(":")[0])
frontend_address, frontend_hostname = util.parse_address(host, default_ip=frontend_ip)
backend = (frontend_address[0], backend_port)
name = kwargs["name"]
client = util.client_name()
target = util.parse_address(kwargs["target"])[0]
try:
control = eventlet.connect(backend)
if use_ssl:
control = eventlet.wrap_ssl(control, server_side=False, **ssl_opts)
control.sendall(protocol.version)
protocol.send_message(control, protocol.control_request(name=name, client=client))
reply = protocol.recv_message(control)
if reply and "control" in reply:
reply = reply["control"]
def maintain_proxy_backend_pool():
pool = eventlet.greenpool.GreenPool(reply["concurrency"])
while True:
pool.spawn_n(open_proxy_backend, backend, target, name, client, use_ssl, ssl_opts)
proxying = eventlet.spawn(maintain_proxy_backend_pool)
print " {0}".format(reply["banner"])
print " Port {0} is now accessible from http://{1} ...\n".format(target[1], reply["host"])
try:
while True:
message = protocol.recv_message(control)
assert message == protocol.control_ping()
protocol.send_message(control, protocol.control_pong())
except (IOError, AssertionError):
proxying.kill()
elif reply and "error" in reply:
print " ERROR: {0}".format(reply["message"])
else:
print " ERROR: Unexpected server reply."
print " Make sure you have the latest version of the client."
except KeyboardInterrupt:
pass
def start(self):
"""Start the wsgi server."""
from eventlet import wsgi
import eventlet
sock = eventlet.listen((self.server_host, self.server_port))
if self.ssl_certificate:
sock = eventlet.wrap_ssl(sock, certfile=self.ssl_certificate,
keyfile=self.ssl_key, server_side=True)
wsgi.server(sock, self, log=_LOGGER)
def test_ssl_sending_messages(self):
s = eventlet.wrap_ssl(
eventlet.listen(("localhost", 0)),
certfile=tests.certificate_file,
keyfile=tests.private_key_file,
server_side=True,
)
self.spawn_server(sock=s)
connect = [
"GET /echo HTTP/1.1",
"Upgrade: WebSocket",
"Connection: Upgrade",
"Host: %s:%s" % self.server_addr,
"Origin: http://%s:%s" % self.server_addr,
"Sec-WebSocket-Protocol: ws",
"Sec-WebSocket-Key1: 4 @1 46546xW%0l 1 5",
"Sec-WebSocket-Key2: 12998 5 Y3 1 .P00",
]
sock = eventlet.wrap_ssl(eventlet.connect(self.server_addr))
sock.sendall(six.b("\r\n".join(connect) + "\r\n\r\n^n:ds[4U"))
first_resp = b""
while b"\r\n\r\n" not in first_resp:
first_resp += sock.recv()
print("resp now:")
print(first_resp)
# make sure it sets the wss: protocol on the location header
loc_line = [x for x in first_resp.split(b"\r\n") if x.lower().startswith(b"sec-websocket-location")][0]
expect_wss = ("wss://%s:%s" % self.server_addr).encode()
assert expect_wss in loc_line, "Expecting wss protocol in location: %s" % loc_line
sock.sendall(b"\x00hello\xFF")
result = sock.recv(1024)
self.assertEqual(result, b"\x00hello\xff")
sock.sendall(b"\x00start")
eventlet.sleep(0.001)
sock.sendall(b" end\xff")
result = sock.recv(1024)
self.assertEqual(result, b"\x00start end\xff")
greenio.shutdown_safe(sock)
sock.close()
eventlet.sleep(0.01)
def start(self):
try:
wsgi.server(eventlet.wrap_ssl(eventlet.listen((self.listen_addr,
self.listen_port)),
certfile=self.ssl_crt_path,
keyfile=self.ssl_key_path,
server_side=True),
self.handle_request, log=self.request_logger)
except Exception:
self.logger.exception('Oops')
raise
def start(self):
try:
sock = eventlet.listen((self.listen_addr, self.listen_port))
fcntl.fcntl(sock.fileno(), fcntl.F_SETFD, fcntl.FD_CLOEXEC)
wsgi.server(eventlet.wrap_ssl(sock,
certfile=self.ssl_crt_path,
keyfile=self.ssl_key_path,
server_side=True),
self.handle_request, log=self.request_logger)
except Exception:
self.logger.exception('Oops')
raise
def _command(self, command):
sock = eventlet.wrap_ssl(
eventlet.connect((self.host, self.port)),
keyfile=self.keyfile,
certfile=self.certfile)
stream = sock.makefile()
stream.write('%s %s\n' % (self.NSDCT_VERSION, command))
stream.flush()
result = stream.read()
stream.close()
sock.close()
return result
def start(self):
try:
sock = eventlet.listen((self.listen_addr, self.listen_port))
fcntl.fcntl(sock.fileno(), fcntl.F_SETFD, fcntl.FD_CLOEXEC)
wsgi.server(eventlet.wrap_ssl(sock,
certfile=self.ssl_crt_path,
keyfile=self.ssl_key_path,
server_side=True),
self.handle_request,
log=self.request_logger)
except Exception:
self.logger.exception('Oops')
raise
def listen(self, key=None, backlog=128):
"""Create and start listening on socket.
Call before forking worker processes.
Raises Exception if this has already been called.
"""
if self.socket is not None:
raise Exception(_('Server can only listen once.'))
LOG.info(_('Starting %(arg0)s on %(host)s:%(port)s'),
{'arg0': sys.argv[0],
'host': self.host,
'port': self.port})
# TODO(dims): eventlet's green dns/socket module does not actually
# support IPv6 in getaddrinfo(). We need to get around this in the
# future or monitor upstream for a fix
info = socket.getaddrinfo(self.host,
self.port,
socket.AF_UNSPEC,
socket.SOCK_STREAM)[0]
_socket = eventlet.listen(info[-1],
family=info[0],
backlog=backlog)
if key:
self.socket_info[key] = _socket.getsockname()
# SSL is enabled
if self.do_ssl:
if self.cert_required:
cert_reqs = ssl.CERT_REQUIRED
else:
cert_reqs = ssl.CERT_NONE
sslsocket = eventlet.wrap_ssl(_socket, certfile=self.certfile,
keyfile=self.keyfile,
server_side=True,
cert_reqs=cert_reqs,
ca_certs=self.ca_certs)
_socket = sslsocket
# Optionally enable keepalive on the wsgi socket.
if self.keepalive:
_socket.setsockopt(socket.SOL_SOCKET, socket.SO_KEEPALIVE, 1)
# This option isn't available in the OS X version of eventlet
if hasattr(socket, 'TCP_KEEPIDLE') and self.keepidle is not None:
_socket.setsockopt(socket.IPPROTO_TCP, socket.TCP_KEEPIDLE,
self.keepidle)
self.socket = _socket
def listen(self, key=None, backlog=128):
"""Create and start listening on socket.
Call before forking worker processes.
Raises Exception if this has already been called.
"""
if self.socket is not None:
raise Exception(_('Server can only listen once.'))
LOG.info(_('Starting %(arg0)s on %(host)s:%(port)s'),
{'arg0': sys.argv[0],
'host': self.host,
'port': self.port})
# TODO(dims): eventlet's green dns/socket module does not actually
# support IPv6 in getaddrinfo(). We need to get around this in the
# future or monitor upstream for a fix
info = socket.getaddrinfo(self.host,
self.port,
socket.AF_UNSPEC,
socket.SOCK_STREAM)[0]
_socket = eventlet.listen(info[-1],
family=info[0],
backlog=backlog)
if key:
self.socket_info[key] = _socket.getsockname()
# SSL is enabled
if self.do_ssl:
if self.cert_required:
cert_reqs = ssl.CERT_REQUIRED
else:
cert_reqs = ssl.CERT_NONE
sslsocket = eventlet.wrap_ssl(_socket, certfile=self.certfile,
keyfile=self.keyfile,
server_side=True,
cert_reqs=cert_reqs,
ca_certs=self.ca_certs)
_socket = sslsocket
# Optionally enable keepalive on the wsgi socket.
if self.keepalive:
_socket.setsockopt(socket.SOL_SOCKET, socket.SO_KEEPALIVE, 1)
# This option isn't available in the OS X version of eventlet
if hasattr(socket, 'TCP_KEEPIDLE') and self.keepidle is not None:
_socket.setsockopt(socket.IPPROTO_TCP, socket.TCP_KEEPIDLE,
self.keepidle)
self.socket = _socket
def test_ssl_sending_messages(self):
s = eventlet.wrap_ssl(eventlet.listen(('localhost', 0)),
certfile=certificate_file,
keyfile=private_key_file,
server_side=True)
self.spawn_server(sock=s)
connect = [
"GET /echo HTTP/1.1",
"Upgrade: WebSocket",
"Connection: Upgrade",
"Host: localhost:%s" % self.port,
"Origin: http://localhost:%s" % self.port,
"Sec-WebSocket-Protocol: ws",
"Sec-WebSocket-Key1: 4 @1 46546xW%0l 1 5",
"Sec-WebSocket-Key2: 12998 5 Y3 1 .P00",
]
sock = eventlet.wrap_ssl(eventlet.connect(('localhost', self.port)))
sock.sendall('\r\n'.join(connect) + '\r\n\r\n^n:ds[4U')
first_resp = sock.recv(1024)
# make sure it sets the wss: protocol on the location header
loc_line = [
x for x in first_resp.split("\r\n")
if x.lower().startswith('sec-websocket-location')
][0]
self.assert_("wss://localhost" in loc_line,
"Expecting wss protocol in location: %s" % loc_line)
sock.sendall('\x00hello\xFF')
result = sock.recv(1024)
self.assertEqual(result, '\x00hello\xff')
sock.sendall('\x00start')
eventlet.sleep(0.001)
sock.sendall(' end\xff')
result = sock.recv(1024)
self.assertEqual(result, '\x00start end\xff')
greenio.shutdown_safe(sock)
sock.close()
eventlet.sleep(0.01)
def eventlet_server(host="localhost", port=8081, scheme='http', certs=None, **kw):
import eventlet
import eventlet.wsgi
certs = certs or {}
socket = eventlet.listen((host, port))
if scheme == 'https':
socket = eventlet.wrap_ssl(socket, server_side=True, **certs)
dummy_log_fp = open(os.devnull, 'a')
return eventlet.wsgi.server(socket, TestingApp(), log=dummy_log_fp, **kw)
def start(self):
self.port = 1025
while True:
try:
eventlet.spawn_n(eventlet.serve,
eventlet.wrap_ssl(
eventlet.listen(('127.0.0.1', self.port)),
keyfile=self.keyfile,
certfile=self.certfile,
server_side=True),
self.handle)
break
except socket.error:
self.port = self.port + 1
def start(self):
self.port = 1025
while True:
try:
eventlet.spawn_n(eventlet.serve,
eventlet.wrap_ssl(
eventlet.listen(('127.0.0.1', self.port)),
keyfile=self.keyfile,
certfile=self.certfile,
server_side=True),
self.handle)
break
except socket.error:
self.port = self.port + 1
def start_web_app(ip='0.0.0.0', port=8000, usessl=False, cert_path=None):
if usessl:
if cert_path is None:
# Store certs in the package directory
cert_path = os.path.join(
os.path.dirname(__file__), "cert.pem"
)
key_path = os.path.join(
os.path.dirname(__file__), "key.pem"
)
else:
# If specified, store certs at the user's preferred location
cert_path = os.path.join(
cert_path, "cert.pem"
)
key_path = os.path.join(
cert_path, "key.pem"
)
if not os.path.isfile(cert_path) or not os.path.isfile(key_path):
print(
"\n"
"-----------------------------------------\n"
"---------------->WARNING<----------------\n"
"The NXBT webapp is being run with self-\n"
"signed SSL certificates for use on your\n"
"local network.\n"
"\n"
"These certificates ARE NOT safe for\n"
"production use. Please generate valid\n"
"SSL certificates if you plan on using the\n"
"NXBT webapp anywhere other than your own\n"
"network.\n"
"-----------------------------------------\n"
"\n"
"The above warning will only be shown once\n"
"on certificate generation."
"\n"
)
print("Generating certificates...")
cert, key = generate_cert(gethostname())
with open(cert_path, "wb") as f:
f.write(cert)
with open(key_path, "wb") as f:
f.write(key)
eventlet.wsgi.server(eventlet.wrap_ssl(eventlet.listen((ip, port)),
certfile=cert_path, keyfile=key_path), app)
else:
eventlet.wsgi.server(eventlet.listen((ip, port)), app)
def run(self):
for (iface, port, ssl, certfile, keyfile), app in self._wsgi_apps.items():
if ssl == 1:
print "Orbited listening on https://%s:%s using cert: %s and key: %s" % (iface or "0.0.0.0", port, certfile, keyfile)
eventlet.spawn(eventlet.wsgi.server, eventlet.wrap_ssl(eventlet.listen((iface, port)),
certfile=certfile,
keyfile=keyfile,
server_side=True), app, log=EmptyLogShim())
else:
print "Orbited listening on http://%s:%s" % (iface or "0.0.0.0", port)
eventlet.spawn(eventlet.wsgi.server, eventlet.listen((iface,port)), app, log=EmptyLogShim())
ev = eventlet.event.Event()
eventlet.spawn(self._run, ev)
return ev
def requesting(host, port, ca_certs=None, method="POST",
content_type="application/x-www-form-urlencoded",
address_familly=socket.AF_INET):
frame = bytes("{verb} / HTTP/1.1\r\n\r\n".format(verb=method), "utf-8")
with socket.socket(address_familly, socket.SOCK_STREAM) as sock:
if ca_certs:
with eventlet.wrap_ssl(sock, ca_certs=ca_certs) as wrappedSocket:
wrappedSocket.connect((host, port))
wrappedSocket.send(frame)
data = wrappedSocket.recv(1024).decode()
return data
else:
sock.connect((host, port))
sock.send(frame)
data = sock.recv(1024).decode()
return data
def start(self):
if self._use_ssl:
try:
ca_file = CONF.ssl_ca_file
cert_file = CONF.ssl_cert_file
key_file = CONF.ssl_key_file
if cert_file and not os.path.exists(cert_file):
raise
if ca_file and not os.path.exists(ca_file):
raise
if key_file and not os.path.exists(key_file):
raise
if self._use_ssl and (not cert_file or not key_file):
raise
ssl_kwargs = {
'server_side': True,
'certfile': cert_file,
'keyfile': key_file,
'cert_reqs': ssl.CERT_NONE
}
if CONF.ssl_ca_file:
ssl_kwargs['ca_certs'] = ca_file
ssl_kwargs['cert_reqs'] = ssl.CERT_REQUIRED
self._socket = eventlet.wrap_ssl(self.socket, **ssl_kwargs)
self._socket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR,
1)
self._socket.setsockopt(socket.SOL_SOCKET, socket.SO_KEEPALIVE,
1)
if hasattr(socket, 'TCP_KEEPIDLE'):
self._socket.setsockopt(socket.IPPROTO_TCP,
socket.TCP_KEEPIDLE,
CONF.tcp_keepidle)
except Exception:
raise
wsgi_kwargs = {
'func': eventlet.wsgi.server,
'sock': self._socket,
'site': self.app,
'protocol': self._protocol,
'custom_pool': self._pool
}
if self._max_url_len:
wsgi_kwargs['url_length_limit'] = self._max_url_len
self._server = eventlet.spawn(**wsgi_kwargs)
def eventlet_start_server():
address = serverConf.get("interface", "0.0.0.0")
port = int(serverConf.get("port", 7009))
ssl_cert = serverConf.get("ssl_certificate")
ssl_key = serverConf.get("ssl_private_key")
if int(serverConf.get("access_log", 1)):
log = "default"
else:
log = None
if not ssl_key or not ssl_cert:
wsgi.server(eventlet.listen((address, port)), application)
else:
print "ssl: %s, %s" % (ssl_key, ssl_cert)
wsgi.server(
eventlet.wrap_ssl(eventlet.listen((address, port)), certfile=ssl_cert, keyfile=ssl_key, server_side=True),
application,
)
def start(self):
if self._use_ssl:
try:
ca_file = CONF.ssl_ca_file
cert_file = CONF.ssl_cert_file
key_file = CONF.ssl_key_file
if cert_file and not os.path.exists(cert_file):
raise
if ca_file and not os.path.exists(ca_file):
raise
if key_file and not os.path.exists(key_file):
raise
if self._use_ssl and (not cert_file or not key_file):
raise
ssl_kwargs = {
'server_side': True,
'certfile': cert_file,
'keyfile': key_file,
'cert_reqs': ssl.CERT_NONE}
if CONF.ssl_ca_file:
ssl_kwargs['ca_certs'] = ca_file
ssl_kwargs['cert_reqs'] = ssl.CERT_REQUIRED
self._socket = eventlet.wrap_ssl(self.socket, **ssl_kwargs)
self._socket.setsockopt(socket.SOL_SOCKET,
socket.SO_REUSEADDR, 1)
self._socket.setsockopt(socket.SOL_SOCKET,
socket.SO_KEEPALIVE, 1)
if hasattr(socket, 'TCP_KEEPIDLE'):
self._socket.setsockopt(socket.IPPROTO_TCP,
socket.TCP_KEEPIDLE,
CONF.tcp_keepidle)
except Exception:
raise
wsgi_kwargs = {
'func': eventlet.wsgi.server,
'sock': self._socket,
'site': self.app,
'protocol': self._protocol,
'custom_pool': self._pool
}
if self._max_url_len:
wsgi_kwargs['url_length_limit'] = self._max_url_len
self._server = eventlet.spawn(**wsgi_kwargs)
def start(self, key=None, backlog=128):
"""Run a WSGI server with the given application."""
LOG.info(_('Starting %(arg0)s on %(host)s:%(port)s'),
{'arg0': sys.argv[0],
'host': self.host,
'port': self.port})
# TODO(dims): eventlet's green dns/socket module does not actually
# support IPv6 in getaddrinfo(). We need to get around this in the
# future or monitor upstream for a fix
info = socket.getaddrinfo(self.host,
self.port,
socket.AF_UNSPEC,
socket.SOCK_STREAM)[0]
_socket = eventlet.listen(info[-1],
family=info[0],
backlog=backlog)
if key:
self.socket_info[key] = _socket.getsockname()
# SSL is enabled
if self.do_ssl:
if self.cert_required:
cert_reqs = ssl.CERT_REQUIRED
else:
cert_reqs = ssl.CERT_NONE
sslsocket = eventlet.wrap_ssl(_socket, certfile=self.certfile,
keyfile=self.keyfile,
server_side=True,
cert_reqs=cert_reqs,
ca_certs=self.ca_certs)
_socket = sslsocket
# Optionally enable keepalive on the wsgi socket.
if self.keepalive:
_socket.setsockopt(socket.SOL_SOCKET, socket.SO_KEEPALIVE, 1)
# This option isn't available in the OS X version of eventlet
if hasattr(socket, 'TCP_KEEPIDLE') and self.keepidle is not None:
_socket.setsockopt(socket.IPPROTO_TCP, socket.TCP_KEEPIDLE,
self.keepidle)
self.greenthread = self.pool.spawn(self._run,
self.application,
_socket)
def open_proxy_backend(backend, target, name, client, use_ssl=False, ssl_opts=None):
proxy = eventlet.connect(backend)
if use_ssl:
ssl_opts = ssl_opts or {}
proxy = eventlet.wrap_ssl(proxy, server_side=False, **ssl_opts)
proxy.sendall(protocol.version)
protocol.send_message(proxy, protocol.proxy_request(name=name, client=client))
reply = protocol.recv_message(proxy)
if reply and "proxy" in reply:
try:
local = eventlet.connect(target)
util.join_sockets(proxy, local)
except IOError:
proxy.close()
elif reply and "error" in reply:
print " ERROR: {0}".format(reply["error"])
return
else:
pass
def run_server():
import eventlet
eventlet_socket = eventlet.listen((host, port))
# If provided an SSL argument, use an SSL socket
ssl_args = ['keyfile', 'certfile', 'server_side', 'cert_reqs',
'ssl_version', 'ca_certs',
'do_handshake_on_connect', 'suppress_ragged_eofs',
'ciphers']
ssl_params = {k: kwargs[k] for k in kwargs if k in ssl_args}
if len(ssl_params) > 0:
for k in ssl_params:
kwargs.pop(k)
ssl_params['server_side'] = True # Listening requires true
eventlet_socket = eventlet.wrap_ssl(eventlet_socket,
**ssl_params)
eventlet.wsgi.server(eventlet_socket, app,
log_output=log_output, **kwargs)
def main(argv):
ssl_mode = False
port = 5000
try:
opts, args = getopt.getopt(argv, "sp:", "purge")
except getopt.GetoptError:
print('backend.py -s SSL enable -p [port]')
sys.exit(2)
for opt, arg in opts:
if opt == '--purge':
# Remove history, the actual files you need to delete manually.
for uuid, watch in datastore.data['watching'].items():
watch.update({
'history': {},
'last_checked': 0,
'last_changed': 0,
'previous_md5': None
})
if opt == '-s':
ssl_mode = True
if opt == '-p':
port = arg
# @todo handle ctrl break
ticker_thread = threading.Thread(
target=ticker_thread_check_time_launch_checks).start()
save_data_thread = threading.Thread(target=save_datastore).start()
# @todo finalise SSL config, but this should get you in the right direction if you need it.
if ssl_mode:
eventlet.wsgi.server(
eventlet.wrap_ssl(eventlet.listen(('', port)),
certfile='cert.pem',
keyfile='privkey.pem',
server_side=True), app)
else:
eventlet.wsgi.server(eventlet.listen(('', port)), app)
def test_two_servers(self):
def test_app(env, start_response):
start_response('200 OK', {})
return ['PONG']
fake_ssl_server = wsgi.Server(self.conf,
"fake_ssl",
test_app,
host="127.0.0.1",
port=0,
use_ssl=True)
fake_ssl_server.start()
self.assertNotEqual(0, fake_ssl_server.port)
fake_server = wsgi.Server(self.conf,
"fake",
test_app,
host="127.0.0.1",
port=0)
fake_server.start()
self.assertNotEqual(0, fake_server.port)
cli = eventlet.connect(("localhost", fake_ssl_server.port))
cli = eventlet.wrap_ssl(cli,
ca_certs=os.path.join(SSL_CERT_DIR, 'ca.crt'))
cli.write('POST / HTTP/1.1\r\nHost: localhost\r\n'
'Connection: close\r\nContent-length:4\r\n\r\nPING')
response = cli.read(8192)
self.assertEqual(response[-4:], "PONG")
cli = eventlet.connect(("localhost", fake_server.port))
cli.sendall('POST / HTTP/1.1\r\nHost: localhost\r\n'
'Connection: close\r\nContent-length:4\r\n\r\nPING')
response = cli.recv(8192)
self.assertEqual(response[-4:], "PONG")
fake_ssl_server.stop()
fake_ssl_server.wait()
def startup(self, ip, port, pipe):
try:
from eventlet import wsgi, wrap_ssl, listen
import socket
import ssl
from FreeTAKServer.controllers.MainSocketController import MainSocketController
from FreeTAKServer.model.sockets.SSLServerSocket import SSLServerSocket
global IP, HTTPPORT
self.MainSocket = SSLServerSocket()
IP = ip
HTTPPORT = port
PIPE = pipe
# Make sure the data package directory exists
if not Path(dp_directory).exists():
app.logger.info(f"Creating directory at {str(dp_directory)}")
os.makedirs(str(dp_directory))
# Create the relevant database tables
print(const.IP)
print(HTTPPORT)
super().setIP(IP)
super().setHTTPPORT(HTTPPORT)
super().setPIPE(PIPE)
#wsgi.server(eventlet.listen(('', 14533)), app) keyfile=MainConfig.keyDir,
self.SSLSocketController = SSLSocketController()
self.SSLSocketController.changeIP(IP)
self.SSLSocketController.changePort(HTTPPORT)
wsgi.server(sock=wrap_ssl(listen(
(DataPackageServerConstants().IP, int(HTTPPORT))),
keyfile=MainConfig.unencryptedKey,
certfile=MainConfig.pemDir,
server_side=True,
ca_certs=MainConfig.CA),
site=app)
except Exception as e:
logger.error(
'there has been an exception in Data Package service startup '
+ str(e))
return -1
def eventlet_run(self, app, host=None, port=None, **kwargs):
import eventlet
import eventlet.wsgi
import eventlet.green
addresses = eventlet.green.socket.getaddrinfo(host, port)
if not addresses:
raise RuntimeError('Could not resolve host to a valid address')
eventlet_socket = eventlet.listen(addresses[0][4], addresses[0][0])
# If provided an SSL argument, use an SSL socket
ssl_args = ['keyfile', 'certfile', 'server_side', 'cert_reqs',
'ssl_version', 'ca_certs',
'do_handshake_on_connect', 'suppress_ragged_eofs',
'ciphers']
ssl_params = {k: kwargs[k] for k in kwargs if k in ssl_args}
if len(ssl_params) > 0:
for k in ssl_params:
kwargs.pop(k)
ssl_params['server_side'] = True # Listening requires true
eventlet_socket = eventlet.wrap_ssl(eventlet_socket, **ssl_params)
eventlet.wsgi.server(eventlet_socket, app, **kwargs)
def start(self, key=None, backlog=128):
"""Run a WSGI server with the given application."""
if self.socket is None:
self.listen(key=key, backlog=backlog)
dup_socket = self.socket.dup()
if key:
self.socket_info[key] = self.socket.getsockname()
# SSL is enabled
if self.do_ssl:
if self.cert_required:
cert_reqs = ssl.CERT_REQUIRED
else:
cert_reqs = ssl.CERT_NONE
dup_socket = eventlet.wrap_ssl(dup_socket, certfile=self.certfile,
keyfile=self.keyfile,
server_side=True,
cert_reqs=cert_reqs,
ca_certs=self.ca_certs)
# Optionally enable keepalive on the wsgi socket.
if self.keepalive:
dup_socket.setsockopt(socket.SOL_SOCKET, socket.SO_KEEPALIVE, 1)
if self.keepidle is not None:
if hasattr(socket, 'TCP_KEEPIDLE'):
dup_socket.setsockopt(socket.IPPROTO_TCP,
socket.TCP_KEEPIDLE,
self.keepidle)
else:
LOG.warning("System does not support TCP_KEEPIDLE but "
"tcp_keepidle has been set. Ignoring.")
self.greenthread = self.pool.spawn(self._run,
self.application,
dup_socket)
def _setup_ssl(self):
LOG.info("%(name)s setup ssl" % self.__dict__)
try:
ca_file = CONF.ssl_ca_file
cert_file = CONF.ssl_cert_file
key_file = CONF.ssl_key_file
if cert_file and not os.path.exists(cert_file):
raise RuntimeError("Unable to find cert_file : %s" % cert_file)
if ca_file and not os.path.exists(ca_file):
raise RuntimeError("Unable to find ca_file : %s" % ca_file)
if key_file and not os.path.exists(key_file):
raise RuntimeError("Unable to find key_file : %s" % key_file)
if self._use_ssl and (not cert_file or not key_file):
raise RuntimeError("When running server in SSL mode, "
"you must specify both a cert_file and key_"
"file option value in your configuration "
"file")
ssl_kwargs = {
'server_side': True,
'certfile': cert_file,
'keyfile': key_file,
'cert_reqs': ssl.CERT_NONE,
}
if CONF.ssl_ca_file:
ssl_kwargs['ca_certs'] = ca_file
ssl_kwargs['cert_reqs'] = ssl.CERT_REQUIRED
self._socket = eventlet.wrap_ssl(self._socket, **ssl_kwargs)
except socket.error:
LOG.error("Failed to start %(name)s on %(host)s :%(port)s with SSL"
" support" % self.__dict__)
def run_server():
import eventlet
import eventlet.wsgi
import eventlet.green
addresses = eventlet.green.socket.getaddrinfo(host, port)
if not addresses:
raise RuntimeError(
"Could not resolve host to a valid address")
eventlet_socket = eventlet.listen(addresses[0][4],
addresses[0][0])
# If provided an SSL argument, use an SSL socket
ssl_args = [
"keyfile",
"certfile",
"server_side",
"cert_reqs",
"ssl_version",
"ca_certs",
"do_handshake_on_connect",
"suppress_ragged_eofs",
"ciphers",
]
ssl_params = {k: kwargs[k] for k in kwargs if k in ssl_args}
if len(ssl_params) > 0:
for k in ssl_params:
kwargs.pop(k)
ssl_params["server_side"] = True # Listening requires true
eventlet_socket = eventlet.wrap_ssl(
eventlet_socket, **ssl_params)
eventlet.wsgi.server(eventlet_socket,
app,
log_output=log_output,
**kwargs)
def handle(self, listener, client, addr):
if self.cfg.is_ssl:
client = eventlet.wrap_ssl(client, server_side=True,
**self.cfg.ssl_options)
super(EventletWorker, self).handle(listener, client, addr)
def start(self):
"""Start serving a WSGI application.
:returns: None
"""
# The server socket object will be closed after server exits,
# but the underlying file descriptor will remain open, and will
# give bad file descriptor error. So duplicating the socket object,
# to keep file descriptor usable.
dup_socket = self._socket.dup()
dup_socket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
# sockets can hang around forever without keepalive
dup_socket.setsockopt(socket.SOL_SOCKET, socket.SO_KEEPALIVE, 1)
# This option isn't available in the OS X version of eventlet
if hasattr(socket, 'TCP_KEEPIDLE'):
dup_socket.setsockopt(socket.IPPROTO_TCP, socket.TCP_KEEPIDLE,
CONF.tcp_keepidle)
if self._use_ssl:
try:
ca_file = CONF.ssl_ca_file
cert_file = CONF.ssl_cert_file
key_file = CONF.ssl_key_file
if cert_file and not os.path.exists(cert_file):
raise RuntimeError(
_("Unable to find cert_file : %s") % cert_file)
if ca_file and not os.path.exists(ca_file):
raise RuntimeError(
_("Unable to find ca_file : %s") % ca_file)
if key_file and not os.path.exists(key_file):
raise RuntimeError(
_("Unable to find key_file : %s") % key_file)
if self._use_ssl and (not cert_file or not key_file):
raise RuntimeError(
_("When running server in SSL mode, you must "
"specify both a cert_file and key_file "
"option value in your configuration file"))
ssl_kwargs = {
'server_side': True,
'certfile': cert_file,
'keyfile': key_file,
'cert_reqs': ssl.CERT_NONE,
}
if CONF.ssl_ca_file:
ssl_kwargs['ca_certs'] = ca_file
ssl_kwargs['cert_reqs'] = ssl.CERT_REQUIRED
dup_socket = eventlet.wrap_ssl(dup_socket, **ssl_kwargs)
except Exception:
with excutils.save_and_reraise_exception():
LOG.error(
_LE("Failed to start %(name)s on %(host)s"
":%(port)s with SSL support"), {
'name': self.name,
'host': self.host,
'port': self.port
})
wsgi_kwargs = {
'func': eventlet.wsgi.server,
'sock': dup_socket,
'site': self.app,
'protocol': self._protocol,
'custom_pool': self._pool,
'log': self._wsgi_logger,
'log_format': CONF.wsgi_log_format,
'debug': False,
'keepalive': CONF.wsgi_keep_alive,
'socket_timeout': self.client_socket_timeout
}
if self._max_url_len:
wsgi_kwargs['url_length_limit'] = self._max_url_len
self._server = eventlet.spawn(**wsgi_kwargs)
def start(self):
"""Start serving a WSGI application.
:returns: None
"""
if self._use_ssl:
try:
ca_file = CONF.ssl_ca_file
cert_file = CONF.ssl_cert_file
key_file = CONF.ssl_key_file
if cert_file and not os.path.exists(cert_file):
raise RuntimeError(
_("Unable to find cert_file : %s") % cert_file)
if ca_file and not os.path.exists(ca_file):
raise RuntimeError(
_("Unable to find ca_file : %s") % ca_file)
if key_file and not os.path.exists(key_file):
raise RuntimeError(
_("Unable to find key_file : %s") % key_file)
if self._use_ssl and (not cert_file or not key_file):
raise RuntimeError(
_("When running server in SSL mode, you must "
"specify both a cert_file and key_file "
"option value in your configuration file"))
ssl_kwargs = {
'server_side': True,
'certfile': cert_file,
'keyfile': key_file,
'cert_reqs': ssl.CERT_NONE,
}
if CONF.ssl_ca_file:
ssl_kwargs['ca_certs'] = ca_file
ssl_kwargs['cert_reqs'] = ssl.CERT_REQUIRED
self._socket = eventlet.wrap_ssl(self._socket, **ssl_kwargs)
self._socket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR,
1)
# sockets can hang around forever without keepalive
self._socket.setsockopt(socket.SOL_SOCKET, socket.SO_KEEPALIVE,
1)
# This option isn't available in the OS X version of eventlet
if hasattr(socket, 'TCP_KEEPIDLE'):
self._socket.setsockopt(socket.IPPROTO_TCP,
socket.TCP_KEEPIDLE,
CONF.tcp_keepidle)
except Exception:
with excutils.save_and_reraise_exception():
LOG.error(
_("Failed to start %(name)s on %(host)s"
":%(port)s with SSL support") % self.__dict__)
wsgi_kwargs = {
'func': eventlet.wsgi.server,
'sock': self._socket,
'site': self.app,
'protocol': self._protocol,
'custom_pool': self._pool,
'log': self._wsgi_logger,
'log_format': CONF.wsgi_log_format
}
if self._max_url_len:
wsgi_kwargs['url_length_limit'] = self._max_url_len
self._server = eventlet.spawn(**wsgi_kwargs)
print("Impresion de ticket")
ticket_data = request.get_json()
print("1..")
print(ticket_data)
def_page = {
"ancho_ticket": 46,
"ancho_precio": 5,
"ancho_total": 6,
"ancho_cantidad": 4,
"lineas_x_descripcion": 3,
"decimales": 1,
"decimalesCantidad": 2
}
global printer
if printer == None:
printer = Usb(0x04b8, 0x0e15)
ticket = Ticket(printer, def_page)
ticket.print_ticket(ticket_data)
return {"code": 200, "message": "success"}
if __name__ == '__main__':
eventlet.wsgi.server(
eventlet.wrap_ssl(eventlet.listen(('192.168.100.9', 5000)),
certfile='server_cert.pem',
keyfile='server_key.pem',
server_side=True), app)
# socketio.run(app,ssl_context='adhoc', host='192.168.100.9',port='5000',debug=True)
# socketio.run(app,port='5000')
frame = cv2.cvtColor(np.array(pimg), cv2.COLOR_RGB2BGR)
frame = predictXception(frame)
if frame is None:
emit("result_predict", None)
return
imgencode = cv2.imencode(".jpg", frame)[1]
# base64 encode
stringData = base64.b64encode(imgencode).decode("utf-8")
b64_src = "data:image/jpg;base64,"
stringData = b64_src + stringData
a = stringData
emit("result_predict_for_take", a)
if __name__ == '__main__':
print("app is running")
# socketio.run(app, host='0.0.0.0', port=3000)
# socketio.run(app, host="0.0.0.0", debug=True, keyfile="key.pem", certfile="cert.pem")
# create certificate
# openssl req -newkey rsa:2048 -new -nodes -x509 -days 3650 -keyout key.pem -out cert.pem
eventlet.wsgi.server(
eventlet.wrap_ssl(eventlet.listen(("0.0.0.0", 3000)),
certfile='key_and_lock/cert.pem',
keyfile='key_and_lock/key.pem',
server_side=True), app)
def run_daemon(environment, config_file, secrets_file,
policies_file, debug):
"""Run the Kraken server daemon."""
app.debug = debug or environment in ["dev", "vagrant"]
app.config["SECRET_KEY"] = random_string()
# Open and load configuraton
config = arkos.init(config_file, secrets_file, policies_file,
app.debug, environment in ["dev", "vagrant"],
app.logger)
storage.connect()
if environment not in ["dev", "vagrant"]:
filehdlr = RotatingFileHandler(
'/var/log/kraken.log', maxBytes=2097152, backupCount=5
)
st = "{asctime} [{cls}] [{levelname}] {comp}: {message}"
filehdlr.setLevel(logging.DEBUG if app.debug else logging.INFO)
filehdlr.setFormatter(FileFormatter(st))
logger.logger.addHandler(filehdlr)
apihdlr = APIHandler()
apihdlr.setLevel(logging.DEBUG if app.debug else logging.INFO)
apihdlr.addFilter(NotificationFilter())
logger.logger.addHandler(apihdlr)
logger.info("Init", "arkOS Kraken {0}".format(arkos.version))
if environment in ["dev", "vagrant"]:
logger.debug("Init", "*** TEST MODE ***")
logger.info("Init", "Using config file at {0}".format(config.filename))
app.conf = config
arch = config.get("enviro", "arch", "Unknown")
board = config.get("enviro", "board", "Unknown")
platform = detect_platform()
hwstr = "Detected architecture/hardware: {0}, {1}"
logger.info("Init", hwstr.format(arch, board))
logger.info("Init", "Detected platform: {0}".format(platform))
logger.info("Init", "Environment: {0}".format(environment))
config.set("enviro", "run", environment)
for code in list(default_exceptions.keys()):
app.register_error_handler(code, make_json_error)
app.register_blueprint(auth.backend)
logger.info("Init", "Loading applications and scanning system...")
arkos.initial_scans()
# Load framework blueprints
logger.info("Init", "Loading frameworks...")
register_frameworks(app)
logger.info("Init", "Initializing Genesis (if present)...")
app.register_blueprint(genesis.backend)
hasgen = genesis.verify_genesis()
if not hasgen:
errmsg = ("A compiled distribution of Genesis was not found. "
"Kraken will finish loading but you may not be able to "
"access the Web interface.")
logger.warning("Init", errmsg)
app.after_request(add_cors_to_response)
logger.info("Init", "Server is up and ready")
try:
import eventlet
pubsub = storage.redis.pubsub(ignore_subscribe_messages=True)
pubsub.subscribe(["arkos:notifications", "arkos:records:push",
"arkos:records:purge"])
eventlet.spawn(handle_pubsub, pubsub, socketio)
eventlet_socket = eventlet.listen(
(config.get("genesis", "host"), config.get("genesis", "port"))
)
if config.get("genesis", "ssl", False):
eventlet_socket = eventlet.wrap_ssl(
eventlet_socket, certfile=config.get("genesis", "cert_file"),
keyfile=config.get("genesis", "cert_key"),
ssl_version=ssl.PROTOCOL_TLSv1_2, server_side=True)
eventlet.wsgi.server(
eventlet_socket, app, log=WSGILogWrapper(),
log_format=('%(client_ip)s - "%(request_line)s" %(status_code)s '
'%(body_length)s %(wall_seconds).6f'))
except KeyboardInterrupt:
logger.info("Init", "Received interrupt")
raise
context_fetcher = create_wikipedia_context_fetcher(
wikipedia_file=args.wikipedia_dump,
base_url=args.entity_linking_service_url)
except IOError as e:
logger.warning(
'could not create a context fetcher. Please provide a context with every request.'
% args.spacy_model)
context_fetcher = None
logger.info('Starting the API')
if args.deploy:
logger.info('use deployment server')
if args.ssl_dir == '':
wsgi.server(eventlet.listen(('', args.port)), app)
else:
cert_fn = os.path.join(args.ssl_dir, 'cert.pem')
key_fn = os.path.join(args.ssl_dir, 'key.pem')
assert os.path.exists(
cert_fn), f'Could not find ssl certificate file: {cert_fn}'
assert os.path.exists(
key_fn), f'Could not find ssl key file: {key_fn}'
# taken from https://eventlet.net/doc/modules/wsgi.html#wsgi-ssl
wsgi.server(
eventlet.wrap_ssl(eventlet.listen(('', args.port)),
certfile=cert_fn,
keyfile=key_fn,
server_side=True), app)
else:
app.run(host='0.0.0.0', port=args.port, debug=True)
__test__ = False
if __name__ == '__main__':
import eventlet
eventlet.monkey_patch()
try:
eventlet.wrap_ssl(eventlet.listen(('localhost', 0)),
certfile='does-not-exist',
keyfile='does-not-exist',
server_side=True)
except IOError as ex:
assert ex.errno == 2
print('pass')
def main():
parser = optparse.OptionParser()
parser.add_option("-r",
"--reload",
action='store_true',
dest='reload',
help='If --reload is passed, reload the server any time '
'a loaded module changes.')
parser.add_option('--ssl-certificate',
dest='ssl_certificate',
type='string',
default='',
help='Absolute path to SSL certificate file.')
parser.add_option('--ssl-private-key',
dest='ssl_private_key',
type='string',
default='',
help='Absolute path to SSL private key.')
options, args = parser.parse_args()
if len(args) != 5:
print "Usage: %s controller_pid httpd_fd death_fd factory_qual factory_args" % (
sys.argv[0], )
sys.exit(1)
controller_pid, httpd_fd, death_fd, factory_qual, factory_args = args
controller_pid = int(controller_pid)
config = spawning.util.named(factory_qual)(json.loads(factory_args))
setproctitle("spawn: child (%s)" % ", ".join(config.get("args")))
## Set up status reporter, if requested
init_statusobj(config.get('status_port'))
## Set up the reloader
if config.get('reload'):
watch = config.get('watch', None)
if watch:
watching = ' and %s' % watch
else:
watching = ''
print "(%s) reloader watching sys.modules%s" % (os.getpid(), watching)
eventlet.spawn(reloader_dev.watch_forever, controller_pid, 1, watch)
## The parent will catch sigint and tell us to shut down
signal.signal(signal.SIGINT, signal.SIG_IGN)
## Expect a SIGHUP when we want the child to die
signal.signal(signal.SIGHUP, child_sighup)
eventlet.spawn(read_pipe_and_die, int(death_fd), eventlet.getcurrent())
## Make the socket object from the fd given to us by the controller
sock = eventlet.greenio.GreenSocket(
socket.fromfd(int(httpd_fd), socket.AF_INET, socket.SOCK_STREAM))
if options.ssl_certificate and options.ssl_private_key:
# The way spawning works is that there's a parent process which forks off long-lived
# children, each of which can be multithreaded. What we're using is a single-threaded,
# single-process server that does things asynchronously (using coroutines). Spawning creates
# a socket and then calls fork() at least once. In the child process, it exec()'s something
# else, so as a result the child loses all context. It puts the file descriptor for the
# socket as a command-line argument to the child, which then uses the fromfd function of the
# socket module to create a socket object. Unfortunately, the resulting object isn't quite
# the same as the socket created by the parent. In particular, when we go to upgrade this
# socket to ssl using eventlet's wrap_with_ssl(), it fails because it expects sock.fd to be
# of type "socket._socketobject", but it's actually of type "_socket.socket". Patching
# up the object in this way solves this problem.
sock.fd = socket._socketobject(_sock=sock.fd)
sock = eventlet.wrap_ssl(sock,
certfile=options.ssl_certificate,
keyfile=options.ssl_private_key,
server_side=True)
serve_from_child(sock, config, controller_pid)
def get_wsgi_srv(self):
sock = self.ev_sock if not self.sslargs else wrap_ssl(self.ev_sock, **self.sslargs)
addr = self.ev_sock.getsockname()
return wsgi.Server(sock, addr, self.get_wsgi_app(), **self.srvargs)
# ControllerApp Site running on https://www.controllerapp.ml
# Written by Faruk Hammoud, 2020
# sudo pm2 start controllerSite.py --name flask-app --interpreter=python3
from flask import Flask, request, jsonify, render_template
from flask_bootstrap import Bootstrap
from flask_socketio import SocketIO, emit
import eventlet
app = Flask(__name__)
app.secret_key = 'super secret key'
socketio = SocketIO(app)
Bootstrap(app)
@app.route('/')
def index():
return render_template('index.html')
if __name__ == '__main__':
eventlet.wsgi.server(eventlet.wrap_ssl(eventlet.listen(("0.0.0.0", 443)),
certfile='/etc/letsencrypt/live/www.controllerapp.ml/fullchain.pem',
keyfile='/etc/letsencrypt/live/www.controllerapp.ml/privkey.pem',
server_side=True), app)
#app.run(host='0.0.0.0',port=80,debug=True)
print(username, "joined the chat!!!")
users[sid] = username;
domain = data['domain_name']
dic[sid] = domain
# join_room(domain)
# send(username + ' has entered your domain', room=domain)
# sio.emit('get users', users, room=domain)
roomuser = []
roomsid = []
for key in dic:
if dic[key] == domain:
roomsid.append(key)
roomuser.append(users[key])
for ssid in roomsid:
sio.emit('get users', roomuser, room=ssid)
# sio.emit('get users', users, room=sid)
if __name__ == '__main__':
app = socketio.Middleware(sio, app)
# deploy as an eventlet WSGI server
eventlet.wsgi.server(eventlet.listen(('127.0.0.1', 5353)), app) # Localhost
eventlet.wsgi.server(eventlet.wrap_ssl(eventlet.listen(('127.0.0.1', 5353)), certfile='cert.crt',keyfile='private.key',server_side=True), app) # Localhost
# eventlet.wsgi.server(eventlet.listen(('0.0.0.0', 5355)), app) # kite Server
# eventlet.wsgi.server(eventlet.wrap_ssl(eventlet.listen(('0.0.0.0', 5355)), certfile='cert.crt',keyfile='private.key',server_side=True), app) # Kite Server
# sio.run(app, debug=True, host="0.0.0.0", port=5353)
# sio.run(app, debug=True, port=5353)
def ssl():
wsgi.server(
eventlet.wrap_ssl(eventlet.listen(('', 8443)),
certfile='ssl/server.crt',
keyfile='ssl/server.key',
server_side=True), application)
