def startSSL(self, host, port, pemFile, configDir): """ Listen as the given host and on the given port using SSL. Use the given .pem file, or look for it in the config directory. @param pemFile: File containing the SSL certificate. If it's a full path, respects the full path. If not, looks in configDir for this file. @param configDir: directory where .pem file is stored @returns: {twisted.internet.interfaces.IListeningPort} on which we are listening; call .stopListening() to stop. """ from flumotion.common import common common.assertSSLAvailable() # if no path in pemFile, then look for it in the config directory if not os.path.split(pemFile)[0]: pemFile = os.path.join(configDir, pemFile) if not os.path.exists(pemFile): self.error(".pem file %s does not exist.\n" \ "For more information, see \n" \ "http://www.flumotion.net/doc/flumotion/manual/html/" \ "chapter-security.html" % pemFile) log.debug('manager', 'Using PEM certificate file %s' % pemFile) ctxFactory = _ServerContextFactory(pemFile) self.info('Starting on port %d using SSL' % port) if not host == "": self.info('Listening as host %s' % host) self._servable.setConnectionInfo(host, port, True) return reactor.listenSSL(port, self._servable.getFactory(), ctxFactory, interface=host)
def startConnecting(self, connectionInfo): info = connectionInfo self.factory = WorkerClientFactory(self, info.host, info.port) self.factory.startLogin(info.authenticator) if info.use_ssl: from flumotion.common import common common.assertSSLAvailable() from twisted.internet import ssl reactor.connectSSL(info.host, info.port, self.factory, ssl.ClientContextFactory()) else: reactor.connectTCP(info.host, info.port, self.factory)
def connectToManager(self, connectionInfo, keepTrying=False, writeConnection=True): """ Connects to the specified manager. @param connectionInfo: data for establishing the connection @type connectionInfo: a L{PBConnectionInfo} @param keepTrying: when this is L{True} the Factory will try to reconnect when it loses the connection @type keepTrying: bool @param writeConnection: when this is L{True} the connection is saved for future uses on cache @type writeConnection: bool @rtype: L{twisted.internet.defer.Deferred} """ assert self.clientFactory is None self.connectionInfo = connectionInfo self._writeConnection = writeConnection # give the admin an id unique to the manager -- if a program is # adminning multiple managers, this id should tell them apart # (and identify duplicates) self.managerId = str(connectionInfo) self.logName = self.managerId self.info('Connecting to manager %s with %s', self.managerId, connectionInfo.use_ssl and 'SSL' or 'TCP') self.clientFactory = AdminClientFactory(self, extraTenacious=keepTrying, maxDelay=20) self.clientFactory.startLogin(connectionInfo.authenticator) if connectionInfo.use_ssl: common.assertSSLAvailable() from twisted.internet import ssl reactor.connectSSL(connectionInfo.host, connectionInfo.port, self.clientFactory, ssl.ClientContextFactory()) else: reactor.connectTCP(connectionInfo.host, connectionInfo.port, self.clientFactory) def connected(model, d): # model is really "self". yay gobject? d.callback(model) def disconnected(model, d): # can happen after setRemoteReference but before # getPlanetState or getWorkerHeavenState returns if not keepTrying: d.errback(errors.ConnectionFailedError('Lost connection')) def connection_refused(model, d): if not keepTrying: d.errback(errors.ConnectionRefusedError()) def connection_failed(model, reason, d): if not keepTrying: d.errback(errors.ConnectionFailedError(reason)) def connection_error(model, failure, d): if not keepTrying: d.errback(failure) d = defer.Deferred() ids = [] ids.append(self.connect('connected', connected, d)) ids.append(self.connect('disconnected', disconnected, d)) ids.append(self.connect('connection-refused', connection_refused, d)) ids.append(self.connect('connection-failed', connection_failed, d)) ids.append(self.connect('connection-error', connection_error, d)) def success(model): map(self.disconnect, ids) self._deferredConnect = None return model def failure(f): map(self.disconnect, ids) self._deferredConnect = None return f d.addCallbacks(success, failure) self._deferredConnect = d return d
# make component log in to manager self.debug('creating ComponentClientFactory') managerClientFactory = component.ComponentClientFactory(comp) self._componentClientFactory = managerClientFactory self.debug('created ComponentClientFactory %r' % managerClientFactory) self._authenticator.avatarId = avatarId managerClientFactory.startLogin(self._authenticator) host = self._managerHost port = self._managerPort transport = self._managerTransport self.debug('logging in with authenticator %r' % self._authenticator) if transport == "ssl": from flumotion.common import common common.assertSSLAvailable() from twisted.internet import ssl self.info('Connecting to manager %s:%d with SSL' % (host, port)) reactor.connectSSL(host, port, managerClientFactory, ssl.ClientContextFactory()) elif transport == "tcp": self.info('Connecting to manager %s:%d with TCP' % (host, port)) reactor.connectTCP(host, port, managerClientFactory) else: self.warning( 'Unknown transport protocol %s' % self._managerTransport) return comp class JobClientBroker(pb.Broker, log.Loggable):
# make component log in to manager self.debug('creating ComponentClientFactory') managerClientFactory = component.ComponentClientFactory(comp) self._componentClientFactory = managerClientFactory self.debug('created ComponentClientFactory %r' % managerClientFactory) self._authenticator.avatarId = avatarId managerClientFactory.startLogin(self._authenticator) host = self._managerHost port = self._managerPort transport = self._managerTransport self.debug('logging in with authenticator %r' % self._authenticator) if transport == "ssl": from flumotion.common import common common.assertSSLAvailable() from twisted.internet import ssl self.info('Connecting to manager %s:%d with SSL' % (host, port)) reactor.connectSSL(host, port, managerClientFactory, ssl.ClientContextFactory()) elif transport == "tcp": self.info('Connecting to manager %s:%d with TCP' % (host, port)) reactor.connectTCP(host, port, managerClientFactory) else: self.warning('Unknown transport protocol %s' % self._managerTransport) return comp class JobClientBroker(pb.Broker, log.Loggable):