def __new__(typ, value):
value = value.lower()
try:
return __import__('xcap.backend.%s' % value, globals(), locals(), [''])
except (ImportError, AssertionError), e:
log.critical('Cannot load %r backend module: %s' % (value, e))
sys.exit(1)
def __init__(self):
main_config_file = process.configuration.file(RadiusConfig.config_file)
if main_config_file is None:
raise RuntimeError(
'Cannot find the radius configuration file: %r' %
RadiusConfig.config_file)
try:
config = dict(
line.rstrip('\n').split(None, 1)
for line in open(main_config_file)
if len(line.split(None, 1)) == 2 and not line.startswith('#'))
secrets = dict(
line.rstrip('\n').split(None, 1)
for line in open(config['servers'])
if len(line.split(None, 1)) == 2 and not line.startswith('#'))
server = config['acctserver']
try:
server, acctport = server.split(':')
acctport = int(acctport)
except ValueError:
log.info(
'Could not load additional RADIUS dictionary file: %r' %
RadiusConfig.additional_dictionary)
acctport = 1813
log.info('Using RADIUS server at %s:%d' % (server, acctport))
secret = secrets[server]
log.info("Using RADIUS dictionary file %s" % config['dictionary'])
dicts = [RadiusDictionaryFile(config['dictionary'])]
if RadiusConfig.additional_dictionary:
additional_dictionary = process.configuration.file(
RadiusConfig.additional_dictionary)
if additional_dictionary:
log.info("Using additional RADIUS dictionary file %s" %
RadiusConfig.additional_dictionary)
dicts.append(RadiusDictionaryFile(additional_dictionary))
else:
log.warning(
'Could not load additional RADIUS dictionary file: %r'
% RadiusConfig.additional_dictionary)
raddict = pyrad.dictionary.Dictionary(*dicts)
timeout = int(config['radius_timeout'])
retries = int(config['radius_retries'])
except Exception:
log.critical('cannot read the RADIUS configuration file %s' %
RadiusConfig.config_file)
raise
pyrad.client.Client.__init__(self, server, 1812, acctport, 3799,
secret, raddict)
self.timeout = timeout
self.retries = retries
if 'bindaddr' in config and config['bindaddr'] != '*':
self.bind((config['bindaddr'], 0))
EventQueue.__init__(self, self.do_accounting)
def __init__(self):
self.connections = []
if not RatingConfig.address:
try:
RatingConfig.address = RatingEngineAddresses(
'cdrtool.' +
socket.gethostbyaddr(host.default_ip)[0].split('.', 1)[1])
except Exception:
log.critical('Cannot resolve hostname %s' %
('cdrtool.' + socket.gethostbyaddr(
host.default_ip)[0].split('.', 1)[1]))
for engine in RatingConfig.address:
self.connections.append(RatingEngine(engine))
def _start_https(self, reactor):
from gnutls.interfaces.twisted import X509Credentials
from gnutls.connection import TLSContext, TLSContextServerOptions
cert, pKey = TLSConfig.certificate, TLSConfig.private_key
if cert is None or pKey is None:
log.critical('The TLS certificate/key could not be loaded')
sys.exit(1)
credentials = X509Credentials(cert, pKey)
tls_context = TLSContext(
credentials,
server_options=TLSContextServerOptions(certificate_request=None))
reactor.listenTLS(ServerConfig.root.port,
HTTPFactory(self.site),
tls_context,
interface=ServerConfig.address)
log.info('TLS started')
sys.exit(1)
except Exception:
log.exception()
sys.exit(1)
class ServerConfig(ConfigSection):
__cfgfile__ = xcap.__cfgfile__
__section__ = 'Server'
backend = ConfigSetting(type=Backend, value=None)
disabled_applications = ConfigSetting(type=StringList, value=[])
document_validation = True
if ServerConfig.backend is None:
log.critical('OpenXCAP needs a backend to be specified in order to run')
sys.exit(1)
class ApplicationUsage(object):
"""Base class defining an XCAP application"""
id = None ## the Application Unique ID (AUID)
default_ns = None ## the default XML namespace
mime_type = None ## the MIME type
schema_file = None ## filename of the schema for the application
def __init__(self, storage):
## the XML schema that defines valid documents for this application
if self.schema_file:
xml_schema_doc = etree.parse(open(os.path.join(os.path.dirname(__file__), 'xml-schemas', self.schema_file), 'r'))
self.xml_schema = etree.XMLSchema(xml_schema_doc)
def critical(self, message, **context):
log.critical(self.prefix+message, **context)
address = ConfigSetting(type=IPAddress, value='0.0.0.0')
root = ConfigSetting(type=XCAPRootURI, value=None)
backend = ConfigSetting(type=Backend, value=None)
class TLSConfig(ConfigSection):
__cfgfile__ = xcap.__cfgfile__
__section__ = 'TLS'
certificate = ConfigSetting(type=Certificate, value=None)
private_key = ConfigSetting(type=PrivateKey, value=None)
if ServerConfig.root is None:
log.critical('The XCAP root URI is not defined')
sys.exit(1)
if ServerConfig.backend is None:
log.critical('OpenXCAP needs a backend to be specified in order to run')
sys.exit(1)
# Increase the system limit for the maximum number of open file descriptors
try:
_resource.setrlimit(_resource.RLIMIT_NOFILE, (99999, 99999))
except ValueError:
log.warning('Could not raise open file descriptor limit')
class XCAPRoot(resource.Resource, resource.LeafResource):
addSlash = True
class Config(ConfigSection):
__cfgfile__ = xcap.__cfgfile__
__section__ = 'Database'
authentication_db_uri = ''
storage_db_uri = ''
subscriber_table = 'subscriber'
user_col = 'username'
domain_col = 'domain'
password_col = 'password'
ha1_col = 'ha1'
xcap_table = 'xcap'
if not Config.authentication_db_uri or not Config.storage_db_uri:
log.critical('Authentication DB URI and Storage DB URI must be provided')
sys.exit(1)
class DBBase(object):
def __init__(self):
self._db_connect()
class PasswordChecker(DBBase):
"""A credentials checker against a database subscriber table."""
implements(checkers.ICredentialsChecker)
credentialInterfaces = (credentials.IUsernamePassword,
credentials.IUsernameHashedPassword)
def critical(self, message, **context):
log.critical(self.prefix + message, **context)