def resumeSlaveHost(cls, vitals, slave):
        """Resume the slave host to a known good condition.

        Issues 'builddmaster.vm_resume_command' specified in the configuration
        to resume the slave.

        :raises: CannotResumeHost: if builder is not virtual or if the
            configuration command has failed.

        :return: A Deferred that fires when the resume operation finishes,
            whose value is a (stdout, stderr) tuple for success, or a Failure
            whose value is a CannotResumeHost exception.
        """
        if not vitals.virtualized:
            return defer.fail(CannotResumeHost('Builder is not virtualized.'))

        if not vitals.vm_host:
            return defer.fail(CannotResumeHost('Undefined vm_host.'))

        logger = cls._getSlaveScannerLogger()
        logger.info("Resuming %s (%s)" % (vitals.name, vitals.url))

        d = slave.resume()

        def got_resume_ok((stdout, stderr, returncode)):
            return stdout, stderr

        def got_resume_bad(failure):
            stdout, stderr, code = failure.value
            raise CannotResumeHost(
                "Resuming failed:\nOUT:\n%s\nERR:\n%s\n" % (stdout, stderr))

        return d.addCallback(got_resume_ok).addErrback(got_resume_bad)
Exemple #2
0
    def test_add_charm_with_concurrent_removal(self):
        """
        If a charm is published, and it detects that the charm exists
        already exists, it will attempt to retrieve the charm state to
        verify there is no checksum mismatch. If concurrently the charm
        is removed, the publisher should fail with a statechange error.
        """
        manager = self.mocker.patch(CharmStateManager)

        manager.get_charm_state(self.charm_id)
        self.mocker.passthrough()

        def match_charm_bundle(bundle):
            return isinstance(bundle, CharmBundle)

        def match_charm_url(url):
            return url.startswith("file://")

        manager.add_charm_state(
            self.charm_id, MATCH(match_charm_bundle), MATCH(match_charm_url))
        self.mocker.result(fail(zookeeper.NodeExistsException()))

        manager.get_charm_state(self.charm_id)
        self.mocker.result(fail(zookeeper.NoNodeException()))
        self.mocker.replay()

        yield self.publisher.add_charm(self.charm_id, self.charm)
        yield self.failUnlessFailure(self.publisher.publish(), StateChanged)
 def _set(self, cmd, key, val, flags, expireTime, cas):
     """
     Internal wrapper for setting values.
     """
     if self._disconnected:
         return fail(RuntimeError("not connected"))
     if not isinstance(key, bytes):
         return fail(ClientError(
             "Invalid type for key: %s, expecting bytes" % (type(key),)))
     if len(key) > self.MAX_KEY_LENGTH:
         return fail(ClientError("Key too long"))
     if not isinstance(val, bytes):
         return fail(ClientError(
             "Invalid type for value: %s, expecting bytes" %
             (type(val),)))
     if cas:
         cas = b" " + cas
     length = len(val)
     fullcmd = b" ".join([
         cmd, key,
         networkString("%d %d %d" % (flags, expireTime, length))]) + cas
     self.sendLine(fullcmd)
     self.sendLine(val)
     cmdObj = Command(cmd, key=key, flags=flags, length=length)
     self._current.append(cmdObj)
     return cmdObj._deferred
Exemple #4
0
    def _lookup(self, name, cls, type, timeout):
        now = self._reactor.seconds()
        q = dns.Query(name, type, cls)
        try:
            when, (ans, auth, add) = self.cache[q]
        except KeyError:
            if self.verbose > 1:
                log.msg('Cache miss for ' + repr(name))
            return defer.fail(failure.Failure(dns.DomainError(name)))
        else:
            if self.verbose:
                log.msg('Cache hit for ' + repr(name))
            diff = now - when

            try:
                result = (
                    [dns.RRHeader(r.name.name, r.type, r.cls, r.ttl - diff,
                                  r.payload) for r in ans],
                    [dns.RRHeader(r.name.name, r.type, r.cls, r.ttl - diff,
                                  r.payload) for r in auth],
                    [dns.RRHeader(r.name.name, r.type, r.cls, r.ttl - diff,
                                  r.payload) for r in add])
            except ValueError:
                return defer.fail(failure.Failure(dns.DomainError(name)))
            else:
                return defer.succeed(result)
 def _get(self, keys, withIdentifier, multiple):
     """
     Helper method for C{get} and C{getMultiple}.
     """
     keys = list(keys)
     if self._disconnected:
         return fail(RuntimeError("not connected"))
     for key in keys:
         if not isinstance(key, bytes):
             return fail(ClientError(
                 "Invalid type for key: %s, expecting bytes" %
                 (type(key),)))
         if len(key) > self.MAX_KEY_LENGTH:
             return fail(ClientError("Key too long"))
     if withIdentifier:
         cmd = b"gets"
     else:
         cmd = b"get"
     fullcmd = b" ".join([cmd] + keys)
     self.sendLine(fullcmd)
     if multiple:
         values = dict([(key, (0, b"", None)) for key in keys])
         cmdObj = Command(cmd, keys=keys, values=values, multiple=True)
     else:
         cmdObj = Command(cmd, key=keys[0], value=None, flags=0, cas=b"",
                          multiple=False)
     self._current.append(cmdObj)
     return cmdObj._deferred
Exemple #6
0
    def tryAuth(self, kind, user, data):
        """
        Try to authenticate the user with the given method.  Dispatches to a
        auth_* method.

        @param kind: the authentication method to try.
        @type kind: C{str}
        @param user: the username the client is authenticating with.
        @type user: C{str}
        @param data: authentication specific data sent by the client.
        @type data: C{str}
        @return: A Deferred called back if the method succeeded, or erred back
            if it failed.
        @rtype: C{defer.Deferred}
        """
        log.msg('%s trying auth %s' % (user, kind))
        if kind not in self.supportedAuthentications:
            return defer.fail(
                    error.ConchError('unsupported authentication, failing'))
        kind = kind.replace('-', '_')
        f = getattr(self,'auth_%s'%kind, None)
        if f:
            ret = f(data)
            if not ret:
                return defer.fail(
                        error.ConchError('%s return None instead of a Deferred'
                            % kind))
            else:
                return ret
        return defer.fail(error.ConchError('bad auth type: %s' % kind))
Exemple #7
0
    def _pamConv(self, items):
        """
        Convert a list of PAM authentication questions into a
        MSG_USERAUTH_INFO_REQUEST.  Returns a Deferred that will be called
        back when the user has responses to the questions.

        @param items: a list of 2-tuples (message, kind).  We only care about
            kinds 1 (password) and 2 (text).
        @type items: C{list}
        @rtype: L{defer.Deferred}
        """
        resp = []
        for message, kind in items:
            if kind == 1: # password
                resp.append((message, 0))
            elif kind == 2: # text
                resp.append((message, 1))
            elif kind in (3, 4):
                return defer.fail(error.ConchError(
                    'cannot handle PAM 3 or 4 messages'))
            else:
                return defer.fail(error.ConchError(
                    'bad PAM auth kind %i' % kind))
        packet = NS('') + NS('') + NS('')
        packet += struct.pack('>L', len(resp))
        for prompt, echo in resp:
            packet += NS(prompt)
            packet += chr(echo)
        self.transport.sendPacket(MSG_USERAUTH_INFO_REQUEST, packet)
        self._pamDeferred = defer.Deferred()
        return self._pamDeferred
Exemple #8
0
    def verifyHostKey(self, pubKey, fingerprint):
        goodKey = self.isInKnownHosts(options['host'], pubKey)
        if goodKey == 1: # good key
            return defer.succeed(1)
        elif goodKey == 2: # AAHHHHH changed
            return defer.fail(ConchError('changed host key'))
        else:
            oldout, oldin = sys.stdout, sys.stdin
            sys.stdin = sys.stdout = open('/dev/tty','r+')
            if options['host'] == self.transport.getPeer()[1]:
                host = options['host']
                khHost = options['host']
            else:
                host = '%s (%s)' % (options['host'],
                                    self.transport.getPeer()[1])
                khHost = '%s,%s' % (options['host'],
                                    self.transport.getPeer()[1])
            keyType = common.getNS(pubKey)[0]
            print """The authenticity of host '%s' can't be extablished.
%s key fingerprint is %s.""" % (host,
                                {'ssh-dss':'DSA', 'ssh-rsa':'RSA'}[keyType],
                                fingerprint)
            ans = raw_input('Are you sure you want to continue connecting (yes/no)? ')
            while ans.lower() not in ('yes', 'no'):
                ans = raw_input("Please type 'yes' or 'no': ")
            sys.stdout,sys.stdin=oldout,oldin
            if ans == 'no':
                print 'Host key verification failed.'
                return defer.fail(ConchError('bad host key'))
            print "Warning: Permanently added '%s' (%s) to the list of known hosts." % (khHost, {'ssh-dss':'DSA', 'ssh-rsa':'RSA'}[keyType])
            known_hosts = open(os.path.expanduser('~/.ssh/known_hosts'), 'a')
            encodedKey = base64.encodestring(pubKey).replace('\n', '')
            known_hosts.write('\n%s %s %s' % (khHost, keyType, encodedKey))
            known_hosts.close()
            return defer.succeed(1)
Exemple #9
0
    def start(self):
        """
        Start TLS negotiation.

        This checks if the receiving entity requires TLS, the SSL library is
        available and uses the C{required} and C{wanted} instance variables to
        determine what to do in the various different cases.

        For example, if the SSL library is not available, and wanted and
        required by the user, it raises an exception. However if it is not
        required by both parties, initialization silently succeeds, moving
        on to the next step.
        """
        if self.wanted:
            if ssl is None:
                if self.required:
                    return defer.fail(TLSNotSupported())
                else:
                    return defer.succeed(None)
            else:
                pass
        elif self.xmlstream.features[self.feature].required:
            return defer.fail(TLSRequired())
        else:
            return defer.succeed(None)

        self._deferred = defer.Deferred()
        self.xmlstream.addOnetimeObserver("/proceed", self.onProceed)
        self.xmlstream.addOnetimeObserver("/failure", self.onFailure)
        self.xmlstream.send(domish.Element((NS_XMPP_TLS, "starttls")))
        return self._deferred
Exemple #10
0
    def startTLS(self, contextFactory=None):
        """
        Switch to encrypted communication using TLS.

        The first step of switching to encrypted communication is obtaining
        the server's capabilities.  When that is complete, the L{_startTLS}
        callback function continues the switching process.

        @type contextFactory: L{NoneType <types.NoneType>} or
            L{ClientContextFactory <twisted.internet.ssl.ClientContextFactory>}
        @param contextFactory: The context factory with which to negotiate TLS.
            If not provided, try to create a new one.

        @rtype: L{Deferred <defer.Deferred>} which successfully results in
            L{dict} mapping L{bytes} to L{list} of L{bytes} and/or L{bytes} to
            L{NoneType <types.NoneType>} or fails with L{TLSError}
        @return: A deferred which fires when the transport has been
            secured according to the given context factory with the server
            capabilities, or which fails with a TLS error if the transport
            cannot be secured.
        """
        tls = interfaces.ITLSTransport(self.transport, None)
        if tls is None:
            return defer.fail(TLSError("POP3Client transport does not implement " "interfaces.ITLSTransport"))

        if contextFactory is None:
            contextFactory = self._getContextFactory()

        if contextFactory is None:
            return defer.fail(TLSError("POP3Client requires a TLS context to " "initiate the STLS handshake"))

        d = self.capabilities()
        d.addCallback(self._startTLS, contextFactory, tls)
        return d
        def wrapped(*args, **kwargs):
            if self.__closed:
                return defer.fail(self.__closed)

            d = defer.Deferred()
            self.__calls.add(d)
            d.addCallback(self.__clear_call, d)

            def single_argument(*args):
                """
                Make sure that the deferred is called with a single argument.
                In case the original callback fires with more than one, convert
                to a tuple.
                """
                if len(args) > 1:
                    d.callback(tuple(args))
                else:
                    d.callback(*args)

            kwargs['callback'] = single_argument

            try:
                method(*args, **kwargs)
            except:
                return defer.fail()
            return d
Exemple #12
0
 def create_flowinfo(netinfos):
     for ni in netinfos:
         flowinfo  = _FlowInfo.from_netinfo_tuple(ni,rurl)
         return flowinfo
     #FIXME: in the future, we should throw an Auth_event for each
     # netinfo this IP is bound to.   
     defer.fail("No netinfos found matching %s" % request.getClientIP())
Exemple #13
0
    def getStep(self, stepid=None, buildid=None, number=None, name=None):
        tbl = self.db.model.steps
        if stepid is not None:
            wc = (tbl.c.id == stepid)
        else:
            if buildid is None:
                return defer.fail(RuntimeError('must supply either stepid or buildid'))
            if number is not None:
                wc = (tbl.c.number == number)
            elif name is not None:
                wc = (tbl.c.name == name)
            else:
                return defer.fail(RuntimeError('must supply either number or name'))
            wc = wc & (tbl.c.buildid == buildid)

        def thd(conn):
            q = self.db.model.steps.select(whereclause=wc)
            res = conn.execute(q)
            row = res.fetchone()

            rv = None
            if row:
                rv = self._stepdictFromRow(row)
            res.close()
            return rv
        return self.db.pool.do(thd)
    def requestAvatarId(self, credentials):
        # We get bytes, but the Py3 pwd module uses str. So attempt to decode
        # it using the same method that CPython does for the file on disk.
        if _PY3:
            username = credentials.username.decode(sys.getfilesystemencoding())
            password = credentials.password.decode(sys.getfilesystemencoding())
        else:
            username = credentials.username
            password = credentials.password

        for func in self._getByNameFunctions:
            try:
                pwnam = func(username)
            except KeyError:
                return defer.fail(UnauthorizedLogin("invalid username"))
            else:
                if pwnam is not None:
                    crypted = pwnam[1]
                    if crypted == '':
                        continue

                    if verifyCryptedPassword(crypted, password):
                        return defer.succeed(credentials.username)
        # fallback
        return defer.fail(UnauthorizedLogin("unable to verify password"))
        def wrapped(*args, **kwargs):
            if self.__closed:
                return defer.fail(self.__closed)

            d = defer.Deferred()
            self.__calls.add(d)
            d.addCallback(self.__clear_call, d)

            def single_argument(*args):
                """
                Make sure that the deferred is called with a single argument.
                In case the original callback fires with more than one, convert
                to a tuple.
                """
                if len(args) > 1:
                    d.callback(tuple(args))
                else:
                    d.callback(*args)

            kwargs['callback'] = single_argument

            try:
                method(*args, **kwargs)
            # TODO this except without types would suppress system-exiting
            # exceptions, such as SystemExit and KeyboardInterrupt. It should be
            # at least `except Exception` and preferably more specific.
            except:
                return defer.fail()
            return d
Exemple #16
0
    def connect(self, *args, **kwargs):
        """
        Connect to the database.

        Any arguments will be passed to :attr:`connectionFactory`. Use them to
        pass database names, usernames, passwords, etc.

        :return: A :d:`Deferred` that will fire when the connection is open.

        :raise: :exc:`~txpostgres.AlreadyConnected` when the connection has
            already been opened.
        """
        if self._connection and not self._connection.closed:
            return defer.fail(AlreadyConnected())

        kwargs['async'] = True
        try:
            self._connection = self.connectionFactory(*args, **kwargs)
        except:
            return defer.fail()

        def startReadingAndPassthrough(ret):
            self.reactor.addReader(self)
            return ret

        # The connection is always a reader in the reactor, to receive NOTIFY
        # events immediately when they're available.
        d = self.poll()
        return d.addCallback(startReadingAndPassthrough)
Exemple #17
0
    def test_acquire_retry_never_acquired(self):
        """BasicLock.acquire will retry max_retry times and then give up."""
        lock_uuid = uuid.uuid1()

        clock = task.Clock()
        lock = BasicLock(self.client, self.table_name, lock_uuid, max_retry=1, reactor=clock)

        responses = [
            defer.fail(BusyLockError('', '')),
            defer.fail(BusyLockError('', ''))
        ]

        def _new_verify_lock(response):
            return responses.pop(0)
        lock._verify_lock = _new_verify_lock

        def _side_effect(*args, **kwargs):
            return defer.succeed([])
        self.client.execute.side_effect = _side_effect

        d = lock.acquire()

        clock.advance(20)
        result = self.failureResultOf(d)
        self.assertTrue(result.check(BusyLockError))
        self.assertEqual(self.client.execute.call_count, 4)
Exemple #18
0
    def loseConnection(self):
        home = self._attachment._calendarObject._calendar._home
        oldSize = self._attachment.size()
        newSize = self._file.tell()
        # FIXME: do anything
        self._file.close()

        # Check max size for attachment
        if newSize > config.MaximumAttachmentSize:
            self._path.remove()
            return fail(AttachmentSizeTooLarge())

        # Check overall user quota
        allowed = home.quotaAllowedBytes()
        if allowed is not None and allowed < (home.quotaUsedBytes()
                                              + (newSize - oldSize)):
            self._path.remove()
            return fail(QuotaExceeded())

        self._path.moveTo(self._attachment._path)

        md5 = hashlib.md5(self._attachment._path.getContent()).hexdigest()
        props = self._attachment.properties()
        props[contentTypeKey] = GETContentType(
            generateContentType(self._contentType)
        )
        props[md5key] = TwistedGETContentMD5.fromString(md5)

        # Adjust quota
        home.adjustQuotaUsedBytes(newSize - oldSize)
        props.flush()
        return succeed(None)
Exemple #19
0
    def checkPassword(self, stored, provided):
        """Checks that the stored key was computed from the provided password.

        Returns a deferred that will fire with ``True``, if the
        password was correct, or ``False`` otherwise. The deferred
        will fail with ValueError if the stored value was not
        recognized as a txscrypt value.

        """
        if not isinstance(stored, bytes) or not isinstance(provided, bytes):
            return defer.fail(
                ValueError("Only able to compute hashes of bytes."))

        try:
            comment, encodedParams, encodedKey, encodedSalt = stored.split(
                STORAGESEPARATOR)
        except ValueError:
            return defer.fail(ValueError("Invalid number of fields"))

        if comment != b"txscrypt":
            return defer.fail(ValueError("Missing txscrypt prefix"))

        params = loads(encodedParams.decode("ascii"))
        key, salt = [b64decode(s) for s in [encodedKey, encodedSalt]]
        d = self._deferToThread(hash, provided, salt, **params)
        return d.addCallback(key.__eq__)
Exemple #20
0
    def connect(self, *args, **kwargs):
        """
        Connect to the database.

        Positional arguments will be passed to the psycop2.connect()
        method. Use them to pass database names, usernames, passwords, etc.

        @rtype: C{Deferred}
        @returns: A Deferred that will fire when the connection is open.
        """
        if self._connection and not self._connection.closed:
            return defer.fail(AlreadyConnected())

        kwargs['async'] = True
        try:
            self._connection = self.connectionFactory(*args, **kwargs)
        except:
            return defer.fail()

        def startReadingAndPassthrough(ret):
            self.reactor.addReader(self)
            return ret

        # The connection is always a reader in the reactor, to receive NOTIFY
        # events immediately when they're available.
        d = self.poll()
        return d.addCallback(startReadingAndPassthrough)
 def requestAvatarId(self, credentials):
     """
     Extract an avatar ID from an ISSLTransport object.
     NOTE: Authentication has technically already happened during the SSL
     handshake.
     """
     if not ISSLTransport.providedBy(credentials):
         return defer.fail(UnauthorizedLogin("The credentials provided did not provide the ISSLTransport interface."))
     peer_cert = credentials.getPeerCertificate()
     if peer_cert is None:
         return defer.fail(UnauthorizedLogin("A client certificate was not provided!"))
     subject= peer_cert.get_subject()
     #issuer = peer_cert.get_issuer()
     transform = self.transform
     subject_components = subject.get_components()
     match_part = self.subject_part
     avatar_part = None
     for part, value in subject_components:
         if part == match_part:
             avatar_part = value
             break
     if avatar_part is None:
         return defer.fail(UnauthorizedLogin("Client certificate did not contain subject part '%s'." % match_part))
     if transform is not None:
         return defer.maybeDeferred(transform, avatar_part)
     else:
         return defer.succeed(avatar_part)
Exemple #22
0
    def requestAvatarId(self, credentials):
        if pwd:
            try:
                cryptedPass = pwd.getpwnam(credentials.username)[1]
            except KeyError:
                return defer.fail(UnauthorizedLogin())
            else:
                if cryptedPass not in ["*", "x"] and verifyCryptedPassword(cryptedPass, credentials.password):
                    return defer.succeed(credentials.username)
        if shadow:
            gid = os.getegid()
            uid = os.geteuid()
            os.setegid(0)
            os.seteuid(0)
            try:
                shadowPass = shadow.getspnam(credentials.username)[1]
            except KeyError:
                os.setegid(gid)
                os.seteuid(uid)
                return defer.fail(UnauthorizedLogin())
            os.setegid(gid)
            os.seteuid(uid)
            if verifyCryptedPassword(shadowPass, credentials.password):
                return defer.succeed(credentials.username)
            return defer.fail(UnauthorizedLogin())

        return defer.fail(UnauthorizedLogin())
 def runBehavior(self, behavior, args, command):
     """
     Implement the given behavior.  Returns a Deferred.
     """
     if behavior == 'rc':
         command.rc = args[0]
     elif behavior == 'err':
         return defer.fail(args[0])
     elif behavior == 'update':
         command.updates.setdefault(args[0], []).append(args[1])
     elif behavior == 'log':
         name, streams = args
         if 'header' in streams:
             command.logs[name].addHeader(streams['header'])
         if 'stdout' in streams:
             command.logs[name].addStdout(streams['stdout'])
             if command.collectStdout:
                 command.stdout += streams['stdout']
         if 'stderr' in streams:
             command.logs[name].addStderr(streams['stderr'])
             if command.collectStderr:
                 command.stderr += streams['stderr']
     elif behavior == 'callable':
         return defer.maybeDeferred(lambda: args[0](command))
     else:
         return defer.fail(failure.Failure(
             AssertionError('invalid behavior %s' % behavior)))
     return defer.succeed(None)
 def callRemote(self, signal_name):
     """Fake a call to a given remote method."""
     if signal_name == self.missing_signal:
         return defer.fail(NoSuchMethod())
     if signal_name == self.failing_signal:
         return defer.fail(self.random_exception)
     raise ValueError("not a valid fake signal name")
Exemple #25
0
def httpRequest(url, payload, headers, method='POST', timeout=DEFAULT_TIMEOUT, ctx_factory=None):
    # copied from twisted.web.client in order to get access to the
    # factory (which contains response codes, headers, etc)

    if type(url) is not str:
        e = HTTPRequestError('URL must be string, not %s' % type(url))
        return defer.fail(e)

    if not url.startswith('http'):
        e = HTTPRequestError('URL does not start with http (URL %s)' % (url))
        return defer.fail(e)

    log.msg(" -- Sending Payload to %s --\n%s\n -- END. Sending Payload --" % (url, payload), system=LOG_SYSTEM, payload=True)

    scheme, netloc, _ , _, _, _ = twhttp.urlparse(url)
    if not ':' in netloc:
        host = netloc
        port = 80 if scheme == 'http' else 443
    else:
        host, s_port = netloc.split(':',1)
        port = int(s_port)

    factory = twclient.HTTPClientFactory(url, method, postdata=payload, timeout=timeout)
    factory.noisy = False # stop spewing about factory start/stop
    factory.protocol.handleStatus_204 = lambda _ : None # 204 is an ok reply, needed by NCS VPN backend

    # fix missing port in header (bug in twisted.web.client)
    factory.headers['host'] = host + ':' + str(port)
    factory.headers['User-Agent'] = 'OpenNSA/Twisted'

    for header, value in headers.items():
        factory.headers[header] = value

    if scheme == 'https':
        if ctx_factory is None:
            return defer.fail(HTTPRequestError('Cannot perform https request without context factory'))
        reactor.connectSSL(host, port, factory, ctx_factory)
    else:
        reactor.connectTCP(host, port, factory)

    def invocationError(err):
        if isinstance(err.value, ConnectionClosed): # note: this also includes ConnectionDone and ConnectionLost
            pass # these are pretty common when the remote shuts down
        elif isinstance(err.value, WebError):
            data = err.value.response
            log.msg(' -- Received Reply (fault) --\n%s\n -- END. Received Reply (fault) --' % data, system=LOG_SYSTEM, payload=True)
            return err
        elif isinstance(err.value, ConnectionRefusedError):
            log.msg('Connection refused for %s:%i. Request URL: %s' % (host, port, url), system=LOG_SYSTEM)
            return err
        else:
            return err

    def logReply(data):
        log.msg(" -- Received Reply --\n%s\n -- END. Received Reply --" % data, system=LOG_SYSTEM, payload=True)
        return data

    factory.deferred.addCallbacks(logReply, invocationError)

    return factory.deferred
Exemple #26
0
    def get(self, key, withIdentifier=False):
        """
        Get the given C{key}. It doesn't support multiple keys. If
        C{withIdentifier} is set to C{True}, the command issued is a C{gets},
        that will return the current identifier associated with the value. This
        identifier has to be used when issuing C{checkAndSet} update later,
        using the corresponding method.

        @param key: The key to retrieve.
        @type key: C{str}

        @param withIdentifier: If set to C{True}, retrieve the current
            identifier along with the value and the flags.
        @type withIdentifier: C{bool}

        @return: A deferred that will fire with the tuple (flags, value) if
            C{withIdentifier} is C{False}, or (flags, cas identifier, value)
            if C{True}.
        @rtype: L{Deferred}
        """
        if not isinstance(key, str):
            return fail(ClientError(
                "Invalid type for key: %s, expecting a string" % (type(key),)))
        if len(key) > self.MAX_KEY_LENGTH:
            return fail(ClientError("Key too long"))
        if withIdentifier:
            cmd = "gets"
        else:
            cmd = "get"
        fullcmd = "%s %s" % (cmd, key)
        self.sendLine(fullcmd)
        cmdObj = Command(cmd, key=key, value=None, flags=0, cas="")
        self._current.append(cmdObj)
        return cmdObj._deferred
    def startTLS(self, contextFactory=None):
        """
        Initiates a 'STLS' request and negotiates the TLS / SSL
        Handshake.

        @type contextFactory: C{ssl.ClientContextFactory} @param
        contextFactory: The context factory with which to negotiate
        TLS.  If C{None}, try to create a new one.

        @return: A Deferred which fires when the transport has been
        secured according to the given contextFactory, or which fails
        if the transport cannot be secured.
        """
        tls = interfaces.ITLSTransport(self.transport, None)
        if tls is None:
            return defer.fail(TLSError(
                "POP3Client transport does not implement "
                "interfaces.ITLSTransport"))

        if contextFactory is None:
            contextFactory = self._getContextFactory()

        if contextFactory is None:
            return defer.fail(TLSError(
                "POP3Client requires a TLS context to "
                "initiate the STLS handshake"))

        d = self.capabilities()
        d.addCallback(self._startTLS, contextFactory, tls)
        return d
Exemple #28
0
 def requestAvatarId(self, cred): # pylint: disable=R0201
     """get user id from database"""
     args = cred.username.split(SERVERMARK)
     if len(args) > 1:
         if args[0] == 'adduser':
             cred.username = args[1]
             password = args[2]
             with Transaction():
                 query = Query('insert into player(name,password) values(?,?)',
                     list([cred.username.decode('utf-8'), password.decode('utf-8')]))
                 if not query.success:
                     if query.msg.startswith('ERROR: constraint failed') \
                     or 'not unique' in query.msg:
                         template = m18nE('User %1 already exists')
                         logInfo(m18n(template, cred.username))
                         query.msg = srvMessage(template, cred.username)
                     else:
                         logInfo(query.msg)
                     return fail(credError.UnauthorizedLogin(query.msg))
         elif args[1] == 'deluser':
             pass
     query = Query('select id, password from player where name=?',
         list([cred.username.decode('utf-8')]))
     if not len(query.records):
         template = 'Wrong username: %1'
         logInfo(m18n(template, cred.username))
         return fail(credError.UnauthorizedLogin(srvMessage(template, cred.username)))
     userid, password = query.records[0]
     # checkPassword uses md5 which cannot handle unicode strings (python 2.7)
     defer1 = maybeDeferred(cred.checkPassword, password.encode('utf-8'))
     defer1.addCallback(DBPasswordChecker._checkedPassword, userid)
     return defer1
Exemple #29
0
 def _lookup(self, name, cls, type, timeout = None):
     results = []
     authority = []
     additional = []
     ttl = max(self.soa[1].minimum, self.soa[1].expire)
     try:
         for record in self.records[name.lower()]:
             if record.TYPE == type or type == dns.ALL_RECORDS:
                 results.append(
                     dns.RRHeader(name, record.TYPE, dns.IN, ttl, record)
                 )
             elif record.TYPE == dns.NS and type != dns.ALL_RECORDS:
                 authority.append(
                     dns.RRHeader(name, record.TYPE, dns.IN, ttl, record)
                 )
         
         for record in results + authority:
             if record.type == dns.NS or record.type == dns.CNAME:
                 n = str(record.payload.name)
                 for rec in self.records.get(n.lower(), ()):
                     if rec.TYPE == dns.A:
                         additional.append(
                             dns.RRHeader(n, dns.A, dns.IN, ttl, rec)
                         )
         return defer.succeed((results, authority, additional))
     except KeyError:
         if name.lower().endswith(self.soa[0].lower()):
             # We are the authority and we didn't find it.  Goodbye.
             return defer.fail(failure.Failure(dns.AuthoritativeDomainError(name)))
         return defer.fail(failure.Failure(dns.DomainError(name)))
Exemple #30
0
    def create_webhooks(self, policy_id, data):
        """
        see :meth:`otter.models.interface.IScalingGroup.create_webhooks`
        """
        if self.error is not None:
            return defer.fail(self.error)

        if policy_id in self.policies:
            max_webhooks = config_value('limits.absolute.maxWebhooksPerPolicy')
            curr_webhooks = len(self.webhooks.get(policy_id, []))
            if len(data) + curr_webhooks > max_webhooks:
                return defer.fail(
                    WebhooksOverLimitError(self.tenant_id, self.uuid,
                                           policy_id, max_webhooks,
                                           curr_webhooks, len(data)))

            created = []
            for webhook_input in data:
                webhook_real = {'metadata': {}}
                webhook_real.update(webhook_input)
                webhook_real['capability'] = {}

                (webhook_real['capability']['version'],
                 webhook_real['capability']['hash']) = generate_capability()

                uuid = str(uuid4())
                self.webhooks[policy_id][uuid] = webhook_real
                # return a copy so this store doesn't get mutated
                created.append(dict(id=uuid, **webhook_real))

            return defer.succeed(created)
        else:
            return defer.fail(NoSuchPolicyError(self.tenant_id,
                                                self.uuid, policy_id))
 def get(self):
     if self.closed:
         return defer.fail(self.closed)
     return defer.DeferredQueue.get(self)
Exemple #32
0
 def lookupCAA(self, name, timeout):
     """Respond with NXdomain to a -t CAA lookup."""
     return defer.fail(error.DomainError())
Exemple #33
0
 def request(self, method, uri, headers=None, bodyProducer=None):
     return fail(self.error)
Exemple #34
0
 def handler(result):
     for authory in result[1]:
         siteName = str(authory.name)
         if len(siteName) > DNSResolver.maxRespNameLen: return defer.fail(error.DomainError())
     return result
    def basic_consume(self,
                      queue,
                      auto_ack=False,
                      exclusive=False,
                      consumer_tag=None,
                      arguments=None):
        """Consume from a server queue.

        Sends the AMQP 0-9-1 command Basic.Consume to the broker and binds
        messages for the consumer_tag to a
        :class:`ClosableDeferredQueue`. If you do not pass in a
        consumer_tag, one will be automatically generated for you.

        For more information on basic_consume, see:
        Tutorial 2 at http://www.rabbitmq.com/getstarted.html
        http://www.rabbitmq.com/confirms.html
        http://www.rabbitmq.com/amqp-0-9-1-reference.html#basic.consume

        :param queue: The queue to consume from. Use the empty string to
            specify the most recent server-named queue for this channel.
        :type queue: str or unicode
        :param bool auto_ack: if set to True, automatic acknowledgement mode
            will be used (see http://www.rabbitmq.com/confirms.html). This
            corresponds with the 'no_ack' parameter in the basic.consume AMQP
            0.9.1 method
        :param bool exclusive: Don't allow other consumers on the queue
        :param consumer_tag: Specify your own consumer tag
        :type consumer_tag: str or unicode
        :param dict arguments: Custom key/value pair arguments for the consumer
        :return: Deferred that fires with a tuple
            ``(queue_object, consumer_tag)``.  The queue object is an instance
            of :class:`ClosableDeferredQueue`, where data received from
            the queue will be stored. Clients should use its
            :meth:`get() <ClosableDeferredQueue.get>` method to fetch an
            individual message, which will return a Deferred firing with a
            namedtuple whose attributes are:
             - channel: this TwistedChannel
             - method: pika.spec.Basic.Deliver
             - properties: pika.spec.BasicProperties
             - body: str, unicode, or bytes (python 3.x)
        :rtype: Deferred

        """
        if self._closed:
            return defer.fail(self._closed)

        queue_obj = ClosableDeferredQueue()
        d = defer.Deferred()

        def on_consume_ok(frame):
            consumer_tag = frame.method.consumer_tag
            self._queue_name_to_consumer_tags.setdefault(
                queue, set()).add(consumer_tag)
            self._consumers[consumer_tag] = queue_obj
            d.callback((queue_obj, consumer_tag))

        def on_message_callback(_channel, method, properties, body):
            """Add the ReceivedMessage to the queue, while replacing the
            channel implementation.
            """
            queue_obj.put(
                ReceivedMessage(
                    channel=self,
                    method=method,
                    properties=properties,
                    body=body,
                ))

        try:
            self._channel.basic_consume(
                queue=queue,
                on_message_callback=on_message_callback,
                auto_ack=auto_ack,
                exclusive=exclusive,
                consumer_tag=consumer_tag,
                arguments=arguments,
                callback=on_consume_ok,
            )
        except Exception:  # pylint: disable=W0703
            return defer.fail()

        return d
Exemple #36
0
 def get(self, server_name):
     try:
         return succeed(self._store[server_name])
     except KeyError:
         return fail()
Exemple #37
0
 def _notImplementedMethod(name, *args, **kwargs):
     return defer.fail(
         NotImplementedError(
             'This method %s is not implemented by this Engine' % name))
Exemple #38
0
 def _cb(*args, **kwargs):
     """
     Callback handler that raises an error when called
     """
     return defer.fail(ValueError(402, 'Payment Required'))
Exemple #39
0
 def test_failure_result(self):
     """
     wait() raises the exception the Deferred fired with.
     """
     dr = EventualResult(fail(RuntimeError()), None)
     self.assertRaises(RuntimeError, dr.wait)
 def put(self, obj):
     if self.closed:
         return defer.fail(self.closed)
     return defer.DeferredQueue.put(self, obj)
Exemple #41
0
 def reactorFunc():
     return defer.fail(RuntimeError("bar"))
Exemple #42
0
 def _cb(*args, **kwargs):
     """
     Callback handler that raises an error when called
     """
     return defer.fail(xmlrpc.Fault(503, 'oh noes!'))
Exemple #43
0
 def verifyHostKey(self, public_key, fingerprint):
     if fingerprint in self.fingerprints:
         return defer.succeed(1)
     else:
         return defer.fail(
             concherror.ConchError('Fingerprint not accepted'))
Exemple #44
0
 def create_future_error(self, error=None):
     return fail(create_failure(error))
Exemple #45
0
def create_listening_port_from_config(config, cbdir, factory, reactor, log):
    """
    Create a Twisted listening port from a Crossbar.io transport configuration.

    See: https://twistedmatrix.com/documents/current/api/twisted.internet.interfaces.IListeningPort.html

    :param config: The transport configuration.
    :type config: dict
    :param factory: The transport factory to use (a provider of IProtocolFactory).
    :type factory: obj
    :param cbdir: Crossbar.io node directory (we need this for TLS key/certificates).
    :type cbdir: str
    :param reactor: The reactor to use for endpoint creation.
    :type reactor: obj

    :returns obj -- A Deferred that results in an IListeningPort or an CannotListenError
    """
    if config['type'] == 'tcp' and config.get('shared', False):

        # the TCP protocol version (v4 or v6)
        #
        version = int(config.get('version', 4))

        # the listening port
        #
        port = int(config['port'])

        # the listening interface
        #
        interface = str(config.get('interface', '').strip())

        # the TCP accept queue depth
        #
        backlog = int(config.get('backlog', 50))

        # the TCP socket sharing option
        #
        shared = config.get('shared', False)

        # create a listening port
        #
        if 'tls' in config:
            if _HAS_TLS:
                # TLS server context
                context = _create_tls_server_context(config['tls'], cbdir, log)

                if version == 4:
                    listening_port = SharedTLSPort(port, factory, context, backlog, interface, reactor, shared=shared)
                elif version == 6:
                    raise Exception("TLS on IPv6 not implemented")
                else:
                    raise Exception("invalid TCP protocol version {}".format(version))
            else:
                raise Exception("TLS transport requested, but TLS packages not available:\n{}".format(_LACKS_TLS_MSG))
        else:
            listening_port = SharedPort(port, factory, backlog, interface, reactor, shared=shared)

        try:
            listening_port.startListening()
            return defer.succeed(listening_port)
        except Exception as e:
            return defer.fail(e)

    else:
        try:
            endpoint = create_listening_endpoint_from_config(config, cbdir, reactor, log)
            return endpoint.listen(factory)
        except Exception:
            return defer.fail()
Exemple #46
0
 def f():
     print 'f()'
     return defer.fail(ZeroDivisionError())
Exemple #47
0
 def _lookup(self, name, cls, type, timeout, addr=None, edns=None):
     q = dns.Query(name, type, cls)
     d = defer.fail(failure.Failure(dns.DomainError(name)))
     for r in self.resolvers:
         d = d.addErrback(FailureHandler(r.query, q, timeout, addr, edns))
     return d
Exemple #48
0
 def verifyHostKey(self, hostKey, fingerprint):
     if fingerprint != FINGERPRINT:
         return defer.fail(
             error.ConchError('Incorrect fingerprint received'))
     else:
         return defer.succeed(1)
Exemple #49
0
    def process_half_block(self, blk, peer):
        """
        Process a received half block.
        """
        validation = self.validate_persist_block(blk)
        self.logger.info("Block validation result %s, %s, (%s)", validation[0],
                         validation[1], blk)
        if validation[0] == ValidationResult.invalid:
            return fail(
                RuntimeError("Block could not be validated: %s, %s" %
                             (validation[0], validation[1])))

        # Check if we are waiting for this signature response
        link_block_id_int = int(hexlify(blk.linked_block_id), 16) % 100000000
        if self.request_cache.has(u'sign', link_block_id_int):
            cache = self.request_cache.pop(u'sign', link_block_id_int)

            # We cannot guarantee that we're on a reactor thread so make sure we do this Twisted stuff on the reactor.
            reactor.callFromThread(cache.sign_deferred.callback,
                                   (blk, self.persistence.get_linked(blk)))

        # Is this a request, addressed to us, and have we not signed it already?
        if (blk.link_sequence_number != UNKNOWN_SEQ
                or blk.link_public_key != self.my_peer.public_key.key_to_bin()
                or self.persistence.get_linked(blk) is not None):
            return succeed(None)

        self.logger.info("Received request block addressed to us (%s)", blk)

        def on_should_sign_outcome(should_sign):
            if not should_sign:
                self.logger.info("Not signing block %s", blk)
                return succeed(None)

            # It is important that the request matches up with its previous block, gaps cannot be tolerated at
            # this point. We already dropped invalids, so here we delay this message if the result is partial,
            # partial_previous or no-info. We send a crawl request to the requester to (hopefully) close the gap
            if (validation[0] == ValidationResult.partial_previous
                    or validation[0] == ValidationResult.partial
                    or validation[0] == ValidationResult.no_info
                ) and self.settings.validation_range > 0:
                self.logger.info(
                    "Request block could not be validated sufficiently, crawling requester. %s",
                    validation)
                # Note that this code does not cover the scenario where we obtain this block indirectly.
                if not self.request_cache.has(u"crawl", blk.hash_number):
                    crawl_deferred = self.send_crawl_request(
                        peer,
                        blk.public_key,
                        max(GENESIS_SEQ, (blk.sequence_number -
                                          self.settings.validation_range)),
                        max(GENESIS_SEQ, blk.sequence_number - 1),
                        for_half_block=blk)
                    return addCallback(
                        crawl_deferred,
                        lambda _: self.process_half_block(blk, peer))
            else:
                return self.sign_block(peer, linked=blk)

        # determine if we want to sign this block
        return addCallback(self.should_sign(blk), on_should_sign_outcome)
Exemple #50
0
    def request(self, method, uri, headers=None, bodyProducer=None):
        """
        Issue a request to the server indicated by the given uri.

        Supports `http` and `https` schemes.

        An existing connection from the connection pool may be used or a new one may be
        created.

        See also: twisted.web.iweb.IAgent.request

        Args:
            method (bytes): The request method to use, such as `GET`, `POST`, etc

            uri (bytes): The location of the resource to request.

            headers (Headers|None): Extra headers to send with the request

            bodyProducer (IBodyProducer|None): An object which can generate bytes to
                make up the body of this request (for example, the properly encoded
                contents of a file for a file upload). Or, None if the request is to
                have no body.

        Returns:
            Deferred[IResponse]: completes when the header of the response has
                 been received (regardless of the response status code).

                 Can fail with:
                    SchemeNotSupported: if the uri is not http or https

                    twisted.internet.error.TimeoutError if the server we are connecting
                        to (proxy or destination) does not accept a connection before
                        connectTimeout.

                    ... other things too.
        """
        uri = uri.strip()
        if not _VALID_URI.match(uri):
            raise ValueError("Invalid URI {!r}".format(uri))

        parsed_uri = URI.fromBytes(uri)
        pool_key = (parsed_uri.scheme, parsed_uri.host, parsed_uri.port)
        request_path = parsed_uri.originForm

        should_skip_proxy = False
        if self.no_proxy is not None:
            should_skip_proxy = proxy_bypass_environment(
                parsed_uri.host.decode(),
                proxies={"no": self.no_proxy},
            )

        if (parsed_uri.scheme == b"http" and self.http_proxy_endpoint
                and not should_skip_proxy):
            # Cache *all* connections under the same key, since we are only
            # connecting to a single destination, the proxy:
            pool_key = ("http-proxy", self.http_proxy_endpoint)
            endpoint = self.http_proxy_endpoint
            request_path = uri
        elif (parsed_uri.scheme == b"https" and self.https_proxy_endpoint
              and not should_skip_proxy):
            endpoint = HTTPConnectProxyEndpoint(
                self.proxy_reactor,
                self.https_proxy_endpoint,
                parsed_uri.host,
                parsed_uri.port,
            )
        else:
            # not using a proxy
            endpoint = HostnameEndpoint(self._reactor, parsed_uri.host,
                                        parsed_uri.port,
                                        **self._endpoint_kwargs)

        logger.debug("Requesting %s via %s", uri, endpoint)

        if parsed_uri.scheme == b"https":
            tls_connection_creator = self._policy_for_https.creatorForNetloc(
                parsed_uri.host, parsed_uri.port)
            endpoint = wrapClientTLS(tls_connection_creator, endpoint)
        elif parsed_uri.scheme == b"http":
            pass
        else:
            return defer.fail(
                Failure(
                    SchemeNotSupported("Unsupported scheme: %r" %
                                       (parsed_uri.scheme, ))))

        return self._requestWithEndpoint(pool_key, endpoint, method,
                                         parsed_uri, headers, bodyProducer,
                                         request_path)
Exemple #51
0
 def xmlrpc_deferFault(self):
     return defer.fail(xmlrpc.Fault(17, "hi"))
 def requestAvatarId(self, c):
     if c.username in self.server.playernames:
         # already logged in
         return defer.fail(LoginDenied())
     else:
         return FilePasswordDB.requestAvatarId(self, c)
Exemple #53
0
 def defaultBuilder(sid, tid):
     s = "Failed to find source builder " + sid
     return defer.fail(Exception(s))
Exemple #54
0
    def sign_block(self,
                   peer,
                   public_key=EMPTY_PK,
                   block_type=b'unknown',
                   transaction=None,
                   linked=None,
                   additional_info=None):
        """
        Create, sign, persist and send a block signed message
        :param peer: The peer with whom you have interacted, as a IPv8 peer
        :param public_key: The public key of the other party you transact with
        :param block_type: The type of the block to be constructed, as a string
        :param transaction: A string describing the interaction in this block
        :param linked: The block that the requester is asking us to sign
        :param additional_info: Stores additional information, on the transaction
        """
        # NOTE to the future: This method reads from the database, increments and then writes back. If in some future
        # this method is allowed to execute in parallel, be sure to lock from before .create up to after .add_block

        # In this particular case there must be an implicit transaction due to the following assert
        assert peer is not None or peer is None and linked is None and public_key == ANY_COUNTERPARTY_PK, \
            "Peer, linked block should not be provided when creating a no counterparty source block. Public key " \
            "should be that reserved for any counterpary."
        assert transaction is None and linked is not None or transaction is not None and linked is None, \
            "Either provide a linked block or a transaction, not both %s, %s" % (peer, self.my_peer)
        assert (additional_info is None or additional_info is not None and linked is not None
                and transaction is None and peer == self.my_peer and public_key == linked.public_key), \
            "Either no additional info is provided or one provides it for a linked block"
        assert (linked is None or linked.link_public_key
                == self.my_peer.public_key.key_to_bin()
                or linked.link_public_key == ANY_COUNTERPARTY_PK
                ), "Cannot counter sign block not addressed to self"
        assert linked is None or linked.link_sequence_number == UNKNOWN_SEQ, \
            "Cannot counter sign block that is not a request"
        assert transaction is None or isinstance(
            transaction, dict), "Transaction should be a dictionary"
        assert additional_info is None or isinstance(
            additional_info, dict), "Additional info should be a dictionary"

        self.persistence_integrity_check()

        if linked and linked.link_public_key != ANY_COUNTERPARTY_PK:
            block_type = linked.type

        block = self.get_block_class(block_type).create(
            block_type,
            transaction,
            self.persistence,
            self.my_peer.public_key.key_to_bin(),
            link=linked,
            additional_info=additional_info,
            link_pk=public_key)
        block.sign(self.my_peer.key)

        validation = block.validate(self.persistence)
        self.logger.info("Signed block to %s (%s) validation result %s",
                         hexlify(block.link_public_key)[-8:], block,
                         validation)
        if validation[0] != ValidationResult.partial_next and validation[
                0] != ValidationResult.valid:
            self.logger.error("Signed block did not validate?! Result %s",
                              repr(validation))
            return fail(RuntimeError("Signed block did not validate."))

        if not self.persistence.contains(block):
            self.persistence.add_block(block)
            self.notify_listeners(block)

        # This is a source block with no counterparty
        if not peer and public_key == ANY_COUNTERPARTY_PK:
            if block.type not in self.settings.block_types_bc_disabled:
                self.send_block(block)
            return succeed((block, None))

        # If there is a counterparty to sign, we send it
        self.send_block(block, address=peer.address)

        # We broadcast the block in the network if we initiated a transaction
        if block.type not in self.settings.block_types_bc_disabled and not linked:
            self.send_block(block)

        if peer == self.my_peer:
            # We created a self-signed block
            if block.type not in self.settings.block_types_bc_disabled:
                self.send_block(block)

            return succeed(
                (block,
                 None)) if public_key == ANY_COUNTERPARTY_PK else succeed(
                     (block, linked))
        elif not linked:
            # We keep track of this outstanding sign request.
            sign_deferred = Deferred()
            self.request_cache.add(
                HalfBlockSignCache(self, block, sign_deferred, peer.address))
            return sign_deferred
        else:
            # We return a deferred that fires immediately with both half blocks.
            if block.type not in self.settings.block_types_bc_disabled:
                self.send_block_pair(linked, block)

            return succeed((linked, block))
Exemple #55
0
 def xmlrpc_defer_fail(self):
     """
     Show how xmlrpc methods can return failed Deferred.
     """
     return defer.fail(12)
Exemple #56
0
 def xmlrpc_deferFail(self):
     return defer.fail(TestValueError())
Exemple #57
0
 def on_start_fail(result):
     self._component_state = 'Stopped'
     self._component_starting_deferred = None
     log.error(result)
     return fail(result)
Exemple #58
0
        def on_balance(balance):
            if self.check_negative_balance and balance['available'] < quantity:
                return fail(InsufficientFunds())

            return self.create_transfer_block(peer, quantity)
 def queryProtocol(self, *args, **kwargs):
     return defer.fail(socket.gaierror("Couldn't connect"))
Exemple #60
0
 def test_failure(self):
     # extract_result on a Deferred that has an error raises the failing
     # exception.
     deferred = defer.fail(RuntimeError())
     self.assertRaises(RuntimeError, extract_result, deferred)