def _connect(self, local_uri, remote_uri):
self.logger.info('Connecting to %s', remote_uri)
creator = GreenClientCreator(gtransport_class=MSRPTransport,
local_uri=local_uri,
logger=self.logger,
use_sessmatch=self.use_sessmatch)
if remote_uri.host:
if remote_uri.use_tls:
msrp = creator.connectTLS(remote_uri.host, remote_uri.port
or 2855,
TLSContext(local_uri.credentials))
else:
msrp = creator.connectTCP(remote_uri.host, remote_uri.port
or 2855)
else:
if not remote_uri.domain:
raise ValueError(
"remote_uri must have either 'host' or 'domain'")
if remote_uri.use_tls:
connectFuncName = 'connectTLS'
connectFuncArgs = (TLSContext(local_uri.credentials), )
else:
connectFuncName = 'connectTCP'
connectFuncArgs = ()
msrp = creator.connectSRV(remote_uri.scheme,
remote_uri.domain,
connectFuncName=connectFuncName,
connectFuncArgs=connectFuncArgs,
ConnectorClass=self.SRVConnectorClass)
remote_address = msrp.getPeer()
self.logger.info('Connected to %s:%s', remote_address.host,
remote_address.port)
return msrp
def __init__(self):
self.accounting = [
__import__('mediaproxy.interfaces.accounting.%s' % mod.lower(),
globals(), locals(), ['']).Accounting()
for mod in set(DispatcherConfig.accounting)
]
self.cred = X509Credentials(cert_name='dispatcher')
self.tls_context = TLSContext(self.cred)
self.relay_factory = RelayFactory(self)
dispatcher_addr, dispatcher_port = DispatcherConfig.listen
self.relay_listener = reactor.listenTLS(dispatcher_port,
self.relay_factory,
self.tls_context,
interface=dispatcher_addr)
self.opensips_factory = OpenSIPSControlFactory(self)
socket_path = process.runtime.file(DispatcherConfig.socket_path)
unlink(socket_path)
self.opensips_listener = reactor.listenUNIX(socket_path,
self.opensips_factory)
self.opensips_management = opensips.ManagementInterface()
self.management_factory = ManagementControlFactory(self)
management_addr, management_port = DispatcherConfig.listen_management
if DispatcherConfig.management_use_tls:
self.management_listener = reactor.listenTLS(
management_port,
self.management_factory,
self.tls_context,
interface=management_addr)
else:
self.management_listener = reactor.listenTCP(
management_port,
self.management_factory,
interface=management_addr)
def _start_https(self, reactor):
from gnutls.interfaces.twisted import TLSContext, X509Credentials
cert, pKey = TLSConfig.certificate, TLSConfig.private_key
if cert is None or pKey is None:
log.fatal("the TLS certificates or the private key could not be loaded")
sys.exit(1)
credentials = X509Credentials(cert, pKey)
tls_context = TLSContext(credentials)
reactor.listenTLS(ServerConfig.root.port, HTTPFactory(self.site), tls_context, interface=ServerConfig.address)
log.msg("TLS started")
def start(self, roles):
# Needs to be called from a green thread
log.msg('Publishing %s roles to SIPThor' % roles)
self.node = ThorEntity(SIPConfig.local_ip.normalized, roles, version=sylk.__version__)
self.networks = {}
self.presence_message = ThorEvent('Thor.Presence', self.node.id)
self.shutdown_message = ThorEvent('Thor.Leave', self.node.id)
credentials = X509Credentials(ThorNodeConfig.certificate, ThorNodeConfig.private_key, [ThorNodeConfig.ca])
credentials.verify_peer = True
tls_context = TLSContext(credentials)
EventServiceClient.__init__(self, ThorNodeConfig.domain, tls_context)
def __init__(self):
self.cred = X509Credentials(cert_name='relay')
self.tls_context = TLSContext(self.cred)
self.session_manager = SessionManager(self, RelayConfig.port_range.start, RelayConfig.port_range.end)
self.dispatchers = set()
self.dispatcher_session_count = {}
self.dispatcher_connectors = {}
self.old_connectors = {}
self.shutting_down = False
self.graceful_shutdown = False
self.start_time = time()
MediaRelayBase.__init__(self)
def __init__(self):
self.node = ThorEntity(host.default_ip, ['call_control'],
version=__version__)
self.networks = {}
self.rating_connections = {}
self.presence_message = ThorEvent('Thor.Presence', self.node.id)
self.shutdown_message = ThorEvent('Thor.Leave', self.node.id)
credentials = X509Credentials(ThorNodeConfig.certificate,
ThorNodeConfig.private_key,
[ThorNodeConfig.ca])
credentials.verify_peer = True
tls_context = TLSContext(credentials)
EventServiceClient.__init__(self, ThorNodeConfig.domain, tls_context)
def __init__(self):
self.node = GenericThorEntity(ThorNetworkConfig.node_ip,
["media_relay"],
version=__version__)
self.presence_message = ThorEvent('Thor.Presence', self.node.id)
self.shutdown_message = ThorEvent('Thor.Leave', self.node.id)
self.sipthor_dispatchers = []
self.additional_dispatchers = []
credentials = X509Credentials(cert_name='relay')
tls_context = TLSContext(credentials)
EventServiceClient.__init__(self, ThorNetworkConfig.domain,
tls_context)
SRVMediaRelayBase.__init__(self)
def __init__(self):
self.node = ThorEntity(host.default_ip, ['msrprelay_server'],
version=__version__)
self.networks = {}
self.presence_message = ThorEvent('Thor.Presence', self.node.id)
self.shutdown_message = ThorEvent('Thor.Leave', self.node.id)
credentials = X509Credentials(Config.certificate, Config.private_key,
[Config.ca])
credentials.verify_peer = True
tls_context = TLSContext(credentials)
EventServiceClient.__init__(self, ThorNetworkConfig.domain,
tls_context)
process.signals.add_handler(signal.SIGHUP, self._handle_signal)
process.signals.add_handler(signal.SIGINT, self._handle_signal)
process.signals.add_handler(signal.SIGTERM, self._handle_signal)
def _listen(self, local_uri, factory):
from twisted.internet import reactor
if local_uri.use_tls:
port = reactor.listenTLS(local_uri.port or 0,
factory,
TLSContext(local_uri.credentials),
interface=local_uri.host)
else:
port = reactor.listenTCP(local_uri.port or 0,
factory,
interface=local_uri.host)
local_uri.port = port.getHost().port
self.logger.info('Listening for incoming %s connections on %s:%s' %
(local_uri.scheme.upper(), port.getHost().host,
port.getHost().port))
return port
def __init__(self):
self._database = DatabaseConnection()
self.node = ThorEntity(host.default_ip if ServerConfig.address
== '0.0.0.0' else ServerConfig.address,
['xcap_server'],
version=xcap.__version__)
self.networks = {}
self.presence_message = ThorEvent('Thor.Presence', self.node.id)
self.shutdown_message = ThorEvent('Thor.Leave', self.node.id)
credentials = X509Credentials(ThorNodeConfig.certificate,
ThorNodeConfig.private_key,
[ThorNodeConfig.ca])
credentials.verify_peer = True
tls_context = TLSContext(credentials)
self.control = ControlLink(tls_context)
EventServiceClient.__init__(self, ThorNodeConfig.domain, tls_context)
process.signals.add_handler(signal.SIGHUP, self._handle_SIGHUP)
process.signals.add_handler(signal.SIGINT, self._handle_SIGINT)
process.signals.add_handler(signal.SIGTERM, self._handle_SIGTERM)
def test_server_connectionMade_never_called(self):
# trigger case when protocol instance is created,
# but it's connectionMade is never called
from gnutls.interfaces.twisted import TLSContext, X509Credentials
from gnutls.errors import GNUTLSError
cred = X509Credentials(None, None)
ctx = TLSContext(cred)
ev = event()
def handle(conn):
ev.send("handle must not be called")
s = reactor.listenTLS(
0, pr.SpawnFactory(handle, LineOnlyReceiverTransport), ctx)
creator = pr.GreenClientCreator(reactor, LineOnlyReceiverTransport)
try:
conn = creator.connectTLS('127.0.0.1', s.getHost().port, ctx)
except GNUTLSError:
pass
assert ev.poll() is None, repr(ev.poll())
failed = 0
certs_path = os.path.join(gnutls_path, 'examples/certs')
certs_path = os.path.join(gnutls_path, 'examples/certs')
cert = X509Certificate(open(certs_path + '/valid.crt').read())
key = X509PrivateKey(open(certs_path + '/valid.key').read())
ca = X509Certificate(open(certs_path + '/ca.pem').read())
crl = X509CRL(open(certs_path + '/crl.pem').read())
if options.send_certs:
cred = X509Credentials(cert, key, [ca])
else:
cred = X509Credentials(trusted=[ca])
cred.verify_peer = options.verify
context = TLSContext(cred)
echo_factory = EchoFactory()
start_time = time()
for x in range(count):
reactor.connectSSL(host, port, echo_factory, context)
reactor.run()
duration = time() - start_time
rate = count / duration
print("time={:.2f} sec; rate={} requests/sec with {}:{}".format(duration, int(rate), host, port))
if failed > 0:
print("{} out of {} connections have failed".format(failed, count))
from gnutls.interfaces.twisted import TLSContext, X509Credentials
from eventlet.twistedutil.protocol import GreenClientCreator
from eventlet.twistedutil.protocols.basic import LineOnlyReceiverTransport
class NoisySRVConnector(SRVConnector):
def pickServer(self):
host, port = SRVConnector.pickServer(self)
print 'Resolved _%s._%s.%s --> %s:%s' % (self.service, self.protocol,
self.domain, host, port)
return host, port
cred = X509Credentials(None, None)
ctx = TLSContext(cred)
creator = GreenClientCreator(reactor, LineOnlyReceiverTransport)
conn = creator.connectSRV('msrps',
'ag-projects.com',
connectFuncName='connectTLS',
connectFuncArgs=(ctx, ),
ConnectorClass=NoisySRVConnector)
request = """MSRP 49fh AUTH
To-Path: msrps://[email protected];tcp
From-Path: msrps://alice.example.com:9892/98cjs;tcp
-------49fh$
""".replace('\n', '\r\n')
print 'Sending:\n%s' % request
conn.write(request)
print 'Compression: %s' % session.compression
def lineReceived(self, line):
if line == 'quit':
self.transport.loseConnection()
return
self.sendLine(line)
def connectionLost(self, reason):
if reason.type != ConnectionDone:
print "Connection was lost: %s" % reason.value
class EchoFactory(Factory):
protocol = EchoProtocol
script_path = os.path.realpath(os.path.dirname(sys.argv[0]))
certs_path = os.path.join(script_path, 'certs')
cert = X509Certificate(open(certs_path + '/valid.crt').read())
key = X509PrivateKey(open(certs_path + '/valid.key').read())
ca = X509Certificate(open(certs_path + '/ca.pem').read())
crl = X509CRL(open(certs_path + '/crl.pem').read())
cred = X509Credentials(cert, key, [ca], [crl])
cred.verify_peer = True
context = TLSContext(cred, session_parameters="NORMAL:+COMP-DEFLATE")
reactor.listenTLS(10000, EchoFactory(), context)
reactor.run()
self.transport.loseConnection()
def connectionLost(self, reason):
if reason.type != ConnectionDone:
print "connection was lost: %s" % reason.value
reactor.stop()
class EchoFactory(ClientFactory):
protocol = EchoProtocol
def clientConnectionFailed(self, connector, err):
print "connection failed: %s" % err.value
reactor.stop()
script_path = os.path.realpath(os.path.dirname(sys.argv[0]))
certs_path = os.path.join(script_path, 'certs')
cert = X509Certificate(open(certs_path + '/valid.crt').read())
key = X509PrivateKey(open(certs_path + '/valid.key').read())
ca = X509Certificate(open(certs_path + '/ca.pem').read())
crl = X509CRL(open(certs_path + '/crl.pem').read())
cred = X509Credentials(cert, key, [ca])
cred.verify_peer = True
context = TLSContext(
cred, session_parameters="NORMAL:-COMP-ALL:+COMP-DEFLATE:+COMP-NULL")
reactor.connectTLS('localhost', 10000, EchoFactory(), context)
reactor.run()