def _onIncoming( self, sslConn, peerKey, incomingName, peerKeyID, serviceName ) : assert self.sm.current() == self.ONLINE if not isValidUserName(incomingName) : sslAbort( sslConn ) return if not isValidServiceName(serviceName) : sslAbort( sslConn ) return contact = self.profile.getContactByPublicKey( peerKey ) if contact is None : contactName = peerKeyID else : contactName = contact.name if serviceName not in self.services : action = ACCESS_DENY else : action = self.permissions.execute( contactName, serviceName ) def onActionDone( result ) : self.sm.removeCallback( callbackId ) if action == ACCESS_DENY : actionOp = self._rejectIncoming( sslConn, onActionDone ) else: # elif action == ACCESS_ALLOW : actionOp = self._acceptIncoming( sslConn, serviceName, peerKey, contactName, peerKeyID, incomingName, onActionDone ) # else : # assert action == ACCESS_PROMPT # actionOp = self._promptIncoming( sslConn, serviceName, # peerKey, contactName, incomingName, onActionDone ) callbackId = self.sm.insertCallback( actionOp.cancel, src=self.ONLINE, single=True )
def _authenticateUser( sock, sslContext, remotePublicKey, reactor, callback=None ) : def doCancel() : connectOp.cancel() sslAbort( sslConn ) def onSSLConnect( err ) : global logger if err is not None : logger.error( 'ssl connect err=%s' % str(err) ) sslAbort( sslConn ) op.notify( None ) return try : peerCert = sslConn.getPeerCertificate() peerKey = RSAKey() peerKey.fromPKey_PublicKey(peerCert.get_pubkey()) CN = peerCert.get_subject().CN if CN.count('@'): peerName, peerKeyID = CN.split('@') else: peerName, peerKeyID = CN, '' except (SSLError,X509Error,RSAError), e : logger.exception( 'ssl connect error' ) sslAbort( sslConn ) op.notify( None ) return if peerKey.toDER_PublicKey() != remotePublicKey.toDER_PublicKey() : logger.error( 'ssl connect public key mismatch' ) sslAbort( sslConn ) op.notify( None ) return # logger.info('onSSLConnect SUCCESSFUL with %s' % str(peerName)) op.notify( sslConn )
def onRead( data ) : del self.otherOps[op] if data is None : return sslConn,peerKey,peerName,serviceName = data if self.incomingCallback is None : sslAbort( sslConn ) return self.incomingCallback( sslConn, peerKey, peerName, serviceName )
def shutdown( self, deferred=False ) : if self.state == self.CONNECTING : self.connectOp.cancel() elif self.state == self.LISTENER : self.appletServer.unregisterListener( self.listenerName ) elif self.state == self.WAITING_BRIDGE : sslAbort( self.peerSSLConn ) self.stream.close( deferred ) self._setClosed()
def onRead(data): del self.otherOps[op] if data is None: return sslConn, peerKey, peerName, serviceName = data if self.incomingCallback is None: sslAbort(sslConn) return self.incomingCallback(sslConn, peerKey, peerName, serviceName)
def onAccept(sslConn): if sslConn is None: op.notify(False) return serviceCallback = self.services.get(serviceName) if serviceCallback is None: sslAbort(sslConn) op.notify(False) return serviceCallback(sslConn, peerKey, contactName, incomingName) op.notify(True)
def onAccept( sslConn ) : if sslConn is None : op.notify( False ) return serviceCallback = self.services.get( serviceName ) if serviceCallback is None : sslAbort( sslConn ) op.notify( False ) return serviceCallback( sslConn, peerKey, contactName, peerKeyID, incomingName ) op.notify( True )
def onSSLConnect( err ) : if err is not None : logger.error( 'ssl connect err=%s' % str(err) ) sslAbort( sslConn ) op.notify( None ) return try : peerCert = sslConn.getPeerCertificate() peerKey = peerCert.getPublicKey() except (SSLError,X509Error), e : logger.exception( 'ssl connect error' ) sslAbort( sslConn ) op.notify( None ) return
def onSSLAccept( err ) : if err is not None : sslAbort( sslConn ) op.notify( None ) return try : peerCert = sslConn.getPeerCertificate() peerKey = peerCert.getPublicKey() peerName = peerCert.getSubject().lookupEntry('commonName') except (SSLError,X509Error) : sslAbort( sslConn ) op.notify( None ) return data = (sslConn,peerKey,peerName) op.notify( data )
def onSSLAccept(err): if err is not None: sslAbort(sslConn) op.notify(None) return try: peerCert = sslConn.getPeerCertificate() peerKey = peerCert.getPublicKey() peerName = peerCert.getSubject().lookupEntry('commonName') except (SSLError, X509Error): sslAbort(sslConn) op.notify(None) return data = (sslConn, peerKey, peerName) op.notify(data)
def onSSLConnect( err ) : global logger if err is not None : logger.error( 'ssl connect err=%s' % str(err) ) sslAbort( sslConn ) op.notify( None ) return try : peerCert = sslConn.getPeerCertificate() peerKey = RSAKey() peerKey.fromPKey_PublicKey(peerCert.get_pubkey()) CN = peerCert.get_subject().CN if CN.count('@'): peerName, peerKeyID = CN.split('@') else: peerName, peerKeyID = CN, '' except (SSLError,X509Error,RSAError), e : logger.exception( 'ssl connect error' ) sslAbort( sslConn ) op.notify( None ) return
def onSSLAccept( err ) : global logger if err is not None : sslAbort( sslConn ) op.notify( None ) return try : peerCert = sslConn.getPeerCertificate() peerKey = RSAKey() peerKey.fromPKey_PublicKey(peerCert.get_pubkey()) CN = peerCert.get_subject().CN if CN.count('@'): peerName, peerKeyID = CN.split('@') else: peerName, peerKeyID = CN, '' except (SSLError,X509Error,RSAError) : logger.exception('ssl accept error') sslAbort( sslConn ) op.notify( None ) return data = (sslConn,peerKey,peerName,peerKeyID) # logger.info('onSSLAccept SUCCESSFUL with %s' % str(peerName)) op.notify( data )
def _authenticateUser( sock, sslContext, remotePublicKey, reactor, callback=None ) : def doCancel() : connectOp.cancel() sslAbort( sslConn ) def onSSLConnect( err ) : if err is not None : logger.error( 'ssl connect err=%s' % str(err) ) sslAbort( sslConn ) op.notify( None ) return try : peerCert = sslConn.getPeerCertificate() peerKey = peerCert.getPublicKey() except (SSLError,X509Error), e : logger.exception( 'ssl connect error' ) sslAbort( sslConn ) op.notify( None ) return if peerKey.toDER_PublicKey() != remotePublicKey.toDER_PublicKey() : logger.error( 'ssl connect public key mismatch' ) sslAbort( sslConn ) op.notify( None ) return op.notify( sslConn )
def _onIncoming(self, sslConn, peerKey, incomingName, serviceName): assert self.sm.current() == self.ONLINE if not isValidUserName(incomingName): sslAbort(sslConn) return if not isValidServiceName(serviceName): sslAbort(sslConn) return contact = self.profile.getContactByPublicKey(peerKey) if contact is None: contactName = '' else: contactName = contact.name if serviceName not in self.services: action = ACCESS_DENY else: action = self.permissions.execute(contactName, serviceName) def onActionDone(result): self.sm.removeCallback(callbackId) if action == ACCESS_DENY: actionOp = self._rejectIncoming(sslConn, onActionDone) elif action == ACCESS_ALLOW: actionOp = self._acceptIncoming(sslConn, serviceName, peerKey, contactName, incomingName, onActionDone) else: assert action == ACCESS_PROMPT actionOp = self._promptIncoming(sslConn, serviceName, peerKey, contactName, incomingName, onActionDone) callbackId = self.sm.insertCallback(actionOp.cancel, src=self.ONLINE, single=True)
def onReject(sslConn): if sslConn is None: op.notify(False) return sslAbort(sslConn) op.notify(True)
def doCancel() : ms.shutdown() sslAbort( sslConn )
def doCancel(): acceptOp.cancel() sslAbort(sslConn)
def clearConnections( self ) : for sslConn,peerKey,timerOp in self.connections.values() : sslAbort( sslConn ) timerOp.cancel() self.connections.clear()
def _onTimeout( self, connectionId ) : sslConn,peerKey,timerOp = self.connections.pop( connectionId ) sslAbort( sslConn )
def doCancel() : acceptOp.cancel() sslAbort( sslConn )
def doCancel() : promptOp.cancel() sslAbort( sslConn )
def doCancel(): promptOp.cancel() sslAbort(sslConn)
def onReject( sslConn ) : if sslConn is None : op.notify( False ) return sslAbort( sslConn ) op.notify( True )
def doCancel() : connectOp.cancel() sslAbort( sslConn )