def run( config: DynaBox, logging: DynaBox, inq: JoinableQueue, subscribe_callback: Callable, unsubscribe_callback: Callable, ): global logger, workers logger = threatbus.logger.setup(logging, __name__) assert plugin_name in config, f"Cannot find configuration for {plugin_name} plugin" config = config[plugin_name] broker_opts = broker.BrokerOptions() broker_opts.forward = False ep = broker.Endpoint(broker.Configuration(broker_opts)) ep.listen(config.host, config.port) workers.append( SubscriptionManager(config.module_namespace, ep, subscribe_callback, unsubscribe_callback)) workers.append(BrokerReceiver(config.module_namespace, ep, inq)) workers.append(BrokerPublisher(config.module_namespace, ep)) for w in workers: w.start() logger.info("Zeek plugin started")
def run(config, logging, inq, subscribe_callback, unsubscribe_callback): logger = threatbus.logger.setup(logging, __name__) config = config[plugin_name] try: validate_config(config) except Exception as e: logger.fatal("Invalid config for plugin {}: {}".format(plugin_name, str(e))) host, port, namespace = ( config["host"].get(), config["port"].get(), config["module_namespace"].get(), ) broker_opts = broker.BrokerOptions() broker_opts.forward = False ep = broker.Endpoint(broker.Configuration(broker_opts)) ep.listen(host, port) logger.info(f"Broker: endpoint listening - {host}:{port}") threading.Thread( target=listen, args=(logger, namespace, ep, inq), daemon=True ).start() threading.Thread( target=manage, args=(logger, namespace, ep, subscribe_callback, unsubscribe_callback), daemon=True, ).start() threading.Thread(target=publish, args=(logger, namespace, ep), daemon=True).start() logger.info("Zeek plugin started")
def run( config: Subview, logging: Subview, inq: JoinableQueue, subscribe_callback: Callable, unsubscribe_callback: Callable, ): global logger, workers logger = threatbus.logger.setup(logging, __name__) config = config[plugin_name] try: validate_config(config) except Exception as e: logger.fatal("Invalid config for plugin {}: {}".format( plugin_name, str(e))) host, port, namespace = ( config["host"].get(), config["port"].get(), config["module_namespace"].get(), ) broker_opts = broker.BrokerOptions() broker_opts.forward = False ep = broker.Endpoint(broker.Configuration(broker_opts)) ep.listen(host, port) workers.append( SubscriptionManager(namespace, ep, subscribe_callback, unsubscribe_callback)) workers.append(BrokerReceiver(namespace, ep, inq)) workers.append(BrokerPublisher(namespace, ep)) for w in workers: w.start() logger.info("Zeek plugin started")
def test_two_hops_forwarding_disabled(self): # Two hops that are subscribed, so they would forward but we disable. no_forward = broker.BrokerOptions() no_forward.forward = False ((ep1, ep2, ep3, ep4), (s1, s2, s3, s4)) = setup_peers(opts2=no_forward) ep1.publish("/test/foo", "Foo!") # Shouldn't arrive x = s4.get(1.0) self.assertEqual(x, None)
def test_ssl_auth_failure_no_ssl(self): cfg1 = broker.Configuration(broker.BrokerOptions()) cfg1.openssl_certificate = data_path("cert.1.pem") cfg1.openssl_key = data_path("key.1.pem") cfg1.openssl_cafile = data_path("ca.pem") cfg2 = broker.Configuration(broker.BrokerOptions()) with broker.Endpoint(cfg1) as ep1, \ broker.Endpoint(cfg2) as ep2: port = ep1.listen("127.0.0.1", 0) r = ep2.peer("127.0.0.1", port, 0) self.assertEqual(r, False) with broker.Endpoint(cfg2) as ep1, \ broker.Endpoint(cfg1) as ep2: port = ep1.listen("127.0.0.1", 0) r = ep2.peer("127.0.0.1", port, 0) self.assertEqual(r, False)
def test_two_hops_ttl(self): ttl1 = broker.BrokerOptions() ttl1.ttl = 2 ((ep1, ep2, ep3, ep4), (s1, s2, s3, s4)) = setup_peers(opts1=ttl1) ep1.publish("/test/foo", "Foo!") x = s2.get(1.0) self.assertEqual(x, ('/test/foo', 'Foo!')) x = s3.get(1.0) self.assertEqual(x, ('/test/foo', 'Foo!')) x = s4.get(1.0) self.assertEqual(x, None) # Doesn't get here anymore.
def test_two_hops_ttl(self): # Note the 1st receiver's TTL value is the one that's applied. ttl2 = broker.BrokerOptions() ttl2.ttl = 2 ((ep1, ep2, ep3, ep4), (s1, s2, s3, s4)) = setup_peers(opts2=ttl2) ep1.publish("/test/foo", "Foo!") x = s2.get(1.0) self.assertEqual(x, ('/test/foo', 'Foo!')) x = s3.get(1.0) self.assertEqual(x, ('/test/foo', 'Foo!')) x = s4.get(1.0) self.assertEqual(x, None) # Doesn't get here anymore.
def test_ssl_auth_success_self_signed(self): cfg = broker.Configuration(broker.BrokerOptions()) cfg.openssl_certificate = data_path("cert.self-signed.pem") cfg.openssl_key = data_path("key.self-signed.pem") cfg.openssl_cafile = data_path("cert.self-signed.pem") with broker.Endpoint(cfg) as ep1, \ broker.Endpoint(cfg) as ep2, \ ep1.make_subscriber("/test") as s1, \ ep2.make_subscriber("/test") as s2: port = ep1.listen("127.0.0.1", 0) r = ep2.peer("127.0.0.1", port, 0) self.assertEqual(r, True) self.check_ping(ep1, s1, ep2, s2)
def XXXtest_ssl_auth_failure_ca_pw(self): cfg = broker.Configuration(broker.BrokerOptions()) cfg.openssl_certificate = data_path("cert.1.pem") cfg.openssl_key = data_path("key.1.enc.pem") cfg.openssl_cafile = data_path("ca.pem") cfg.openssl_passphrase = "WRONG PASSWORD" with broker.Endpoint(cfg) as ep1, \ broker.Endpoint(cfg) as ep2: port = ep1.listen("127.0.0.1", 0) # TODO: This correctly generates an exception in CAF, for which I # don't know where to catch it. r = ep2.peer("127.0.0.1", port, 0) self.assertEqual(r, False)
def cfg(opts): return broker.Configuration(opts) if opts else broker.Configuration( broker.BrokerOptions())