Exemple #1
0
def setup(args=None):
    """
    This is the main setup function to establish the TCP listening logic for
    the API server. This code also takes into account development or unit test mode.
    """

    # Setup API server
    api = ParadropAPIServer(reactor)
    api.putChild('internal', Base(apiinternal, allowNone=True))
    site = Site(api, timeout=None)

    # Development mode
    if(args and args.development):
        thePort = settings.PDFCD_PORT + 10000
        out.info('Using DEVELOPMENT variables')
        # Disable sending the error traceback to the client
        site.displayTracebacks = True
    elif(args and args.unittest):
        thePort = settings.PDFCD_PORT + 20000
        out.info('Running under unittest mode')
        site.displayTracebacks = True
    else:
        thePort = settings.PDFCD_PORT
        site.displayTracebacks = False
        initializeSystem()

    # Setup the port we listen on
    reactor.listenTCP(thePort, site)

    # Never return from here
    reactor.run()
Exemple #2
0
    def setup(self, interface: str, port: int) -> None:
        logger.info("Starting Internal API HTTP server on %s:%d", interface, port)
        root = Resource()

        matrix = Resource()
        root.putChild(b"_matrix", matrix)

        identity = Resource()
        matrix.putChild(b"identity", identity)

        internal = Resource()
        identity.putChild(b"internal", internal)

        authenticated_bind = AuthenticatedBindThreePidServlet(self.sydent)
        internal.putChild(b"bind", authenticated_bind)

        authenticated_unbind = AuthenticatedUnbindThreePidServlet(self.sydent)
        internal.putChild(b"unbind", authenticated_unbind)

        factory = Site(root)
        factory.displayTracebacks = False
        self.sydent.reactor.listenTCP(
            port,
            factory,
            backlog=50,  # taken from PosixReactorBase.listenTCP
            interface=interface,
        )
Exemple #3
0
    def _create_web_factory(self, config):

        options = config.get('options', {})

        # create Twisted Web root resource
        if '/' in config['paths']:
            root_config = config['paths']['/']
            root = self._create_resource(root_config, nested=False)
        else:
            root = Resource404(self._templates, b'')

        # create Twisted Web resources on all non-root paths configured
        self._add_paths(root, config.get('paths', {}))

        # create the actual transport factory
        transport_factory = Site(root)
        transport_factory.noisy = False

        # Web access logging
        if not options.get('access_log', False):
            transport_factory.log = lambda _: None

        # Traceback rendering
        transport_factory.displayTracebacks = options.get('display_tracebacks', False)

        # HSTS
        if options.get('hsts', False):
            if 'tls' in config['endpoint']:
                hsts_max_age = int(options.get('hsts_max_age', 31536000))
                transport_factory.requestFactory = createHSTSRequestFactory(transport_factory.requestFactory, hsts_max_age)
            else:
                self.log.warn("Warning: HSTS requested, but running on non-TLS - skipping HSTS")

        return transport_factory
Exemple #4
0
def run(port, sqlite_conn, index_html, static_root):
    #--------------------------------------------------------------------------
    # log to stdout
    #--------------------------------------------------------------------------
    from twisted.python import log
    import sys
    log.startLogging(sys.stdout)
    
    #--------------------------------------------------------------------------
    # database
    #--------------------------------------------------------------------------
    from twisted.enterprise import adbapi
    pool = adbapi.ConnectionPool('sqlite3', sqlite_conn, check_same_thread=False,
                                 cp_min=1, cp_max=1)
    data_model = DataModel(pool)
    
    #--------------------------------------------------------------------------
    # url/resource mapping
    #--------------------------------------------------------------------------
    root = Resource()
    root.putChild('', File(index_html))
    root.putChild('static', File(static_root))
    root.putChild('todos', Todos(data_model))
    
    #--------------------------------------------------------------------------
    # serve it
    #--------------------------------------------------------------------------
    from twisted.internet import reactor
    from twisted.web.server import Site
    site = Site(root)
    site.displayTracebacks = False
    reactor.listenTCP(port, site)
    reactor.run()
Exemple #5
0
    def _create_web_factory(self, config):

        options = config.get('options', {})

        # create Twisted Web root resource
        if '/' in config['paths']:
            root_config = config['paths']['/']
            root = self._create_resource(root_config, nested=False)
        else:
            root = Resource404(self._templates, b'')

        # create Twisted Web resources on all non-root paths configured
        self._add_paths(root, config.get('paths', {}))

        # create the actual transport factory
        transport_factory = Site(root)
        transport_factory.noisy = False

        # Web access logging
        if not options.get('access_log', False):
            transport_factory.log = lambda _: None

        # Traceback rendering
        transport_factory.displayTracebacks = options.get('display_tracebacks', False)

        # HSTS
        if options.get('hsts', False):
            if 'tls' in config['endpoint']:
                hsts_max_age = int(options.get('hsts_max_age', 31536000))
                transport_factory.requestFactory = createHSTSRequestFactory(transport_factory.requestFactory, hsts_max_age)
            else:
                self.log.warn("Warning: HSTS requested, but running on non-TLS - skipping HSTS")

        return transport_factory
Exemple #6
0
def Service(options):
    consumer = QueueConsumer(
        consumer_queue=ns.MASTER_QUEUE,
        pool_size=ns.MAX_MESSAGES,
        spec_path=ns.SPEC_PATH,
        vhost=ns.RABBITMQ_VHOST,
        username=ns.RABBITMQ_USERNAME,
        password=ns.RABBITMQ_PASSWORD,
        host=ns.RABBITMQ_HOST,
        port=ns.RABBITMQ_PORT
        )

    publisher = QueuePublisher(
        declare_strategy=1,
        spec_path=ns.SPEC_PATH,
        vhost=ns.RABBITMQ_VHOST,
        username=ns.RABBITMQ_USERNAME,
        password=ns.RABBITMQ_PASSWORD,
        host=ns.RABBITMQ_HOST,
        port=ns.RABBITMQ_PORT
        )
    resource = MasterResource()
    resource.init(consumer, publisher)
    site = Site(resource)
    site.displayTracebacks = ns.DEBUG
    return internet.TCPServer(int(options['port']), site, \
        interface=options['iface'])
Exemple #7
0
def make_site(resource, site_logs_path):
    site = Site(
        resource,
        logPath=site_logs_path.path,
        logFormatter=_LogFormatter(datetime.utcnow).json_access_log,
    )
    site.displayTracebacks = False
    return site
Exemple #8
0
def make_site(resource, site_logs_path):
    site = Site(
        resource,
        logPath=site_logs_path.path,
        logFormatter=_LogFormatter(datetime.utcnow).json_access_log,
    )
    site.displayTracebacks = False
    return site
Exemple #9
0
def StartStorageService(config, block_store):
    try:
        http_port = config['StorageService']['HttpPort']
        http_host = config['StorageService']['Host']
        worker_threads = config['StorageService'].get('WorkerThreads', 8)
        reactor_threads = config['StorageService'].get('ReactorThreads', 8)
    except KeyError as ke:
        logger.error('missing configuration for %s', str(ke))
        sys.exit(-1)

    logger.info('service started on port %s', http_port)

    thread_pool = ThreadPool(maxthreads=worker_threads)
    thread_pool.start()
    reactor.addSystemEventTrigger('before', 'shutdown', thread_pool.stop)

    block = Resource()
    block.putChild(
        b'get',
        WSGIResource(reactor, thread_pool,
                     AppWrapperMiddleware(GetBlockApp(block_store))))
    block.putChild(
        b'gets',
        WSGIResource(reactor, thread_pool,
                     AppWrapperMiddleware(GetBlocksApp(block_store))))
    block.putChild(
        b'store',
        WSGIResource(reactor, thread_pool,
                     AppWrapperMiddleware(StoreBlocksApp(block_store))))
    block.putChild(
        b'list',
        WSGIResource(reactor, thread_pool,
                     AppWrapperMiddleware(ListBlocksApp(block_store))))
    block.putChild(
        b'check',
        WSGIResource(reactor, thread_pool,
                     AppWrapperMiddleware(CheckBlocksApp(block_store))))

    root = Resource()
    root.putChild(
        b'info',
        WSGIResource(reactor, thread_pool,
                     AppWrapperMiddleware(InfoApp(block_store))))
    root.putChild(b'block', block)

    site = Site(root, timeout=60)
    site.displayTracebacks = True

    reactor.suggestThreadPoolSize(reactor_threads)

    signal.signal(signal.SIGQUIT, __shutdown__)
    signal.signal(signal.SIGTERM, __shutdown__)

    endpoint = TCP4ServerEndpoint(reactor,
                                  http_port,
                                  backlog=32,
                                  interface=http_host)
    endpoint.listen(site)
Exemple #10
0
def get_site(resource, logging=False):
    """
    :param resource: A :class:`twisted.web.resource.Resource` object.
    :return: a :class:`Site` that can be run
    """
    site = Site(resource)
    site.displayTracebacks = False
    site.requestFactory = MimicLoggingRequest if logging else MimicRequest
    return site
Exemple #11
0
def get_site(resource, logging=False):
    """
    :param resource: A :class:`twisted.web.resource.Resource` object.
    :return: a :class:`Site` that can be run
    """
    site = Site(resource)
    site.displayTracebacks = False
    site.requestFactory = MimicLoggingRequest if logging else MimicRequest
    return site
Exemple #12
0
def makeService(config):
    """
    Set up the otter-api service.
    """
    set_config_data(dict(config))

    if not config_value('mock'):
        seed_endpoints = [
            clientFromString(reactor, str(host))
            for host in config_value('cassandra.seed_hosts')
        ]

        cassandra_cluster = LoggingCQLClient(
            RoundRobinCassandraCluster(seed_endpoints,
                                       config_value('cassandra.keyspace')),
            log.bind(system='otter.silverberg'))

        set_store(CassScalingGroupCollection(cassandra_cluster))

    bobby_url = config_value('bobby_url')
    if bobby_url is not None:
        set_bobby(BobbyClient(bobby_url))

    cache_ttl = config_value('identity.cache_ttl')

    if cache_ttl is None:
        # FIXME: Pick an arbitrary cache ttl value based on absolutely no
        # science.
        cache_ttl = 300

    authenticator = CachingAuthenticator(
        reactor,
        ImpersonatingAuthenticator(config_value('identity.username'),
                                   config_value('identity.password'),
                                   config_value('identity.url'),
                                   config_value('identity.admin_url')),
        cache_ttl)

    supervisor = Supervisor(authenticator.authenticate_tenant, coiterate)

    set_supervisor(supervisor)

    s = MultiService()

    site = Site(root)
    site.displayTracebacks = False

    api_service = service(str(config_value('port')), site)
    api_service.setServiceParent(s)

    if config_value('scheduler') and not config_value('mock'):
        scheduler_service = SchedulerService(
            int(config_value('scheduler.batchsize')),
            int(config_value('scheduler.interval')), cassandra_cluster)
        scheduler_service.setServiceParent(s)

    return s
Exemple #13
0
    def site(self, displayTracebacks=True, **kwargs):
        """
        A :twisted:`web.server.Site` that will serve me.

        """

        site = Site(self.app.resource(), **kwargs)
        site.displayTracebacks = displayTracebacks
        return site
Exemple #14
0
def makeService(config):
    """
    Set up the otter-api service.
    """
    set_config_data(dict(config))

    # Try to configure graylog and airbrake.

    if config_value('graylog'):
        if GraylogUDPPublisher is not None:
            log.addObserver(
                make_observer_chain(
                    GraylogUDPPublisher(**config_value('graylog')), False))
        else:
            warnings.warn("There is a configuration option for Graylog, but "
                          "txgraylog is not installed.")

    if config_value('airbrake'):
        if AirbrakeLogObserver is not None:
            airbrake = AirbrakeLogObserver(
                config_value('airbrake.api_key'),
                config_value('environment'),
                use_ssl=True
            )

            airbrake.start()
        else:
            warnings.warn("There is a configuration option for Airbrake, but "
                          "txairbrake is not installed.")

    if not config_value('mock'):
        seed_endpoints = [
            clientFromString(reactor, str(host))
            for host in config_value('cassandra.seed_hosts')]

        cassandra_cluster = RoundRobinCassandraCluster(
            seed_endpoints,
            config_value('cassandra.keyspace'))

        set_store(CassScalingGroupCollection(cassandra_cluster))

    s = MultiService()

    site = Site(root)
    site.displayTracebacks = False

    api_service = service(str(config_value('port')), site)
    api_service.setServiceParent(s)

    if config_value('scheduler'):
        scheduler_service = SchedulerService(int(config_value('scheduler.batchsize')),
                                             int(config_value('scheduler.interval')),
                                             cassandra_cluster)
        scheduler_service.setServiceParent(s)

    return s
Exemple #15
0
def makeService(config):
    """
    Set up the otter-api service.
    """
    set_config_data(dict(config))

    if not config_value('mock'):
        seed_endpoints = [
            clientFromString(reactor, str(host))
            for host in config_value('cassandra.seed_hosts')]

        cassandra_cluster = LoggingCQLClient(RoundRobinCassandraCluster(
            seed_endpoints,
            config_value('cassandra.keyspace')), log.bind(system='otter.silverberg'))

        set_store(CassScalingGroupCollection(cassandra_cluster))

    bobby_url = config_value('bobby_url')
    if bobby_url is not None:
        set_bobby(BobbyClient(bobby_url))

    cache_ttl = config_value('identity.cache_ttl')

    if cache_ttl is None:
        # FIXME: Pick an arbitrary cache ttl value based on absolutely no
        # science.
        cache_ttl = 300

    authenticator = CachingAuthenticator(
        reactor,
        ImpersonatingAuthenticator(
            config_value('identity.username'),
            config_value('identity.password'),
            config_value('identity.url'),
            config_value('identity.admin_url')),
        cache_ttl)

    supervisor = Supervisor(authenticator.authenticate_tenant, coiterate)

    set_supervisor(supervisor)

    s = MultiService()

    site = Site(root)
    site.displayTracebacks = False

    api_service = service(str(config_value('port')), site)
    api_service.setServiceParent(s)

    if config_value('scheduler') and not config_value('mock'):
        scheduler_service = SchedulerService(int(config_value('scheduler.batchsize')),
                                             int(config_value('scheduler.interval')),
                                             cassandra_cluster)
        scheduler_service.setServiceParent(s)

    return s
Exemple #16
0
def secureSite(_environ=environ):
    """Builds the secure (HTTPS, port 443) site.

    """
    root = File(_environ["STATIC_PATH"])
    root.putChild("subscribe", SubscribeResource("*****@*****.**"))

    site = Site(root)
    site.displayTracebacks = False
    site.requestFactory = _withHSTS(site.requestFactory)
    return site
Exemple #17
0
def setup_gitter_oauth(api, port, debug=False):
    """Register the OAuth website with Twisted.
    """
    root = Resource()
    root.putChild('', Index(api.bot_fullname))
    root.putChild('auth_gitter', Redirect(api))
    root.putChild('callback', Callback(api))
    site = Site(root)
    site.displayTracebacks = debug
    site.logRequest = True
    reactor.listenTCP(port, site)
Exemple #18
0
    def makeService(self, options):
        store = Store(options['dbdir'])
        siteService = IService(store)

        site = Site(
            RootResource(store=store,
                         trackingID=options['tracking-id']))
        site.displayTracebacks = not options['notracebacks']
        siteService.addService(
            strports.service(options['port'], site, reactor=reactor))
        return siteService
Exemple #19
0
def makeService(config):
    """
    Set up the otter-api service.
    """
    s = MultiService()
    core = MimicCore.fromPlugins(Clock())
    root = MimicRoot(core)
    site = Site(root.app.resource())
    site.displayTracebacks = False
    service(config['listen'], site).setServiceParent(s)
    return s
Exemple #20
0
    def run(
        self,
        host=None,
        port=None,
        logFile=None,
        endpoint_description=None,
        displayTracebacks=True,
    ):
        """
        Run a minimal twisted.web server on the specified C{port}, bound to the
        interface specified by C{host} and logging to C{logFile}.

        This function will run the default reactor for your platform and so
        will block the main thread of your application.  It should be the last
        thing your klein application does.

        @param host: The hostname or IP address to bind the listening socket
            to.  "0.0.0.0" will allow you to listen on all interfaces, and
            "127.0.0.1" will allow you to listen on just the loopback
            interface.
        @type host: str

        @param port: The TCP port to accept HTTP requests on.
        @type port: int

        @param logFile: The file object to log to, by default C{sys.stdout}
        @type logFile: file object

        @param endpoint_description: specification of endpoint. Must contain
            protocol, port and interface. May contain other optional arguments,
             e.g. to use SSL: "ssl:443:privateKey=key.pem:certKey=crt.pem"
        @type endpoint_description: str

        @param displayTracebacks: Weather a processing error will result in
            a page displaying the traceback with debugging information or not.
        @type displayTracebacks: bool
        """
        if logFile is None:
            logFile = sys.stdout

        log.startLogging(logFile)

        if not endpoint_description:
            endpoint_description = "tcp:port={0}:interface={1}".format(
                port, host)

        endpoint = endpoints.serverFromString(reactor, endpoint_description)

        site = Site(self.resource())
        site.displayTracebacks = displayTracebacks

        endpoint.listen(site)
        reactor.run()
Exemple #21
0
def StartService(config):
    # load the eservice database
    try:
        dbfile_name = config['Service']['EnclaveServiceDatabaseFile']
    except KeyError:
        logger.error(
            'missing required configuration for enclave service database')
        sys.exit(-1)

    try:
        eservice_db.load_database(dbfile_name)
    except Exception as e:
        logger.error('error loading eservice database from file %s', str(e))
        sys.exit(-1)

    try:
        http_port = config['Service']['HttpPort']
        http_host = config['Service']['Host']
        worker_threads = config['Service'].get('WorkerThreads', 8)
        reactor_threads = config['Service'].get('ReactorThreads', 8)
    except KeyError as ke:
        logger.error('missing configuration for %s', str(ke))
        sys.exit(-1)

    logger.info('service started on host %s, port %s', http_host, http_port)

    thread_pool = ThreadPool(maxthreads=worker_threads)
    thread_pool.start()
    reactor.addSystemEventTrigger('before', 'shutdown', thread_pool.stop)

    flask_app = toxaway.views.register(config)
    flask_site = WSGIResource(reactor, reactor.getThreadPool(), flask_app)

    root = Resource()
    root.putChild(b'shutdown', ShutdownResource())
    root.putChild(b'flask', flask_site)

    files = config.get('StaticContent', {})
    logger.info('files=%s', files)
    for key, val in files.items():
        logger.info('map <%s> to <%s>', key, val)
        root.putChild(key.encode(), File(val.encode()))

    site = Site(root, timeout=60)
    site.displayTracebacks = True

    reactor.suggestThreadPoolSize(reactor_threads)

    endpoint = TCP4ServerEndpoint(reactor,
                                  http_port,
                                  backlog=32,
                                  interface=http_host)
    endpoint.listen(site)
Exemple #22
0
def make_site(basefp, config):
    resource = JinjaHandler('index.html')
    resource.putChild('static', File('content/static'))
    resource.putChild('blog', File('content/blog'))
    resource.putChild('collect-email', CollectEmailHandler(basefp))
    resource.putChild('signup', Redirect("/"))
    resource.putChild('submit-subscription', SubmitSubscriptionHandler(basefp))
    resource.putChild('support', Redirect("https://leastauthority.zendesk.com/home"))

    site = Site(resource, logPath=basefp.child('sitelogs').path)
    site.displayTracebacks = True
    return site
Exemple #23
0
def StartEnclaveService(config, enclave):
    try:
        http_port = config['EnclaveService']['HttpPort']
        http_host = config['EnclaveService']['Host']
        storage_url = config['StorageService']['URL']
        worker_threads = config['EnclaveService'].get('WorkerThreads', 8)
        reactor_threads = config['EnclaveService'].get('ReactorThreads', 8)
    except KeyError as ke:
        logger.error('missing configuration for %s', str(ke))
        sys.exit(-1)

    logger.info('enclave service started on %s:%s', http_host, http_port)
    logger.info('verifying_key: %s', enclave.verifying_key)
    logger.info('encryption_key: %s', enclave.encryption_key)
    logger.info('enclave_id: %s', enclave.enclave_id)
    logger.info('storage service: %s', storage_url)

    thread_pool = ThreadPool(minthreads=1, maxthreads=worker_threads)
    thread_pool.start()
    reactor.addSystemEventTrigger('before', 'shutdown', thread_pool.stop)

    root = Resource()
    root.putChild(
        b'info',
        WSGIResource(reactor, thread_pool,
                     AppWrapperMiddleware(InfoApp(enclave, storage_url))))
    root.putChild(
        b'initialize',
        WSGIResource(reactor, thread_pool,
                     AppWrapperMiddleware(InitializeApp(enclave))))
    root.putChild(
        b'invoke',
        WSGIResource(reactor, thread_pool,
                     AppWrapperMiddleware(InvokeApp(enclave))))
    root.putChild(
        b'verify',
        WSGIResource(reactor, thread_pool,
                     AppWrapperMiddleware(VerifyApp(enclave))))

    site = Site(root, timeout=60)
    site.displayTracebacks = True

    reactor.suggestThreadPoolSize(reactor_threads)

    signal.signal(signal.SIGQUIT, __shutdown__)
    signal.signal(signal.SIGTERM, __shutdown__)

    endpoint = TCP4ServerEndpoint(reactor,
                                  http_port,
                                  backlog=32,
                                  interface=http_host)
    endpoint.listen(site)
Exemple #24
0
def make_site(basefp, config):
    resource = JinjaHandler('index.html')
    resource.putChild('static', File('content/static'))
    resource.putChild('blog', File('content/blog'))
    resource.putChild('collect-email', CollectEmailHandler(basefp, config.products))
    resource.putChild('signup', SignupHandler(config.products))
    resource.putChild('devpay-complete', DevPayPurchaseHandler(basefp, config.products))
    resource.putChild('activation-request', ActivationRequestHandler(basefp, config.products))
    resource.putChild('support', Redirect("https://leastauthority.zendesk.com/home"))

    site = Site(resource, logPath=basefp.child('sitelogs').path)
    site.displayTracebacks = False
    return site
Exemple #25
0
 def startService(self):
     if self.port_s is not None:
         endpoint = serverFromString(reactor, self.port_s)
         d = endpoint.listen(self.site)
         d.addCallback(self.register_port, 'app')
     if self.auth_info_endpoint_s is not None:
         authInfoApp = AuthInfoApp()
         self.authInfoApp = authInfoApp
         authInfoSite = Site(authInfoApp.app.resource())
         authInfoSite.displayTracebacks = self.site.displayTracebacks
         endpoint = serverFromString(reactor, self.auth_info_endpoint_s)
         d2 = endpoint.listen(authInfoSite)
         d2.addCallback(self.register_port, 'authInfoSite')
Exemple #26
0
 def startService(self):
     if self.port_s is not None:
         endpoint = serverFromString(reactor, self.port_s)
         d = endpoint.listen(self.site)
         d.addCallback(self.register_port, 'app')
     if self.auth_info_endpoint_s is not None:
         authInfoApp = AuthInfoApp()
         self.authInfoApp = authInfoApp
         authInfoSite = Site(authInfoApp.app.resource())
         authInfoSite.displayTracebacks = self.site.displayTracebacks
         endpoint = serverFromString(reactor, self.auth_info_endpoint_s)
         d2 = endpoint.listen(authInfoSite)
         d2.addCallback(self.register_port, 'authInfoSite')
Exemple #27
0
def startMimic():
    """
    Setup the mimic application using steps similar to
    :obj:`mimic.tap.makeService' and start listening for requests.
    """
    clock = Clock()
    core = MimicCore.fromPlugins(clock)
    root = MimicRoot(core, clock)
    site = Site(root.app.resource())
    site.displayTracebacks = False

    endpoint = serverFromString(reactor,
                                b"tcp:{0}:interface=127.0.0.1".format(_PORT))
    endpoint.listen(site)
Exemple #28
0
def makeService(config):
    """
    Set up the otter-api service.
    """
    s = MultiService()
    port_offset = 8900
    for klein_obj in (mimic_api.MimicPresetApi(), auth_api.AuthApi(),
                      nova_api.NovaApi(), loadbalancer_api.LoadBalancerApi()):
        site = Site(klein_obj.app.resource())
        api_service = service(str(port_offset), site)
        api_service.setServiceParent(s)
        site.displayTracebacks = False
        port_offset += 1
    return s
Exemple #29
0
def setup(args=None):
    """
    This is the main setup function to establish the TCP listening logic for
    the API server. This code also takes into account development or unit test mode.
    """

    # Setup API server
    api = ParadropAPIServer(reactor)
    api.putChild('internal', Base(apiinternal, allowNone=True))
    site = Site(api, timeout=None)

    # Setup local root of the website
    root = static.File("/var/lib/apps/paradrop/www")
    website = Site(root)
    portalPort = 80

    # Development mode
    if(args and args.development):
        thePort = settings.PDFCD_PORT + 10000
        site.displayTracebacks = True
    elif (args and args.local):
        portalPort = 8080
        thePort = settings.PDFCD_PORT + 10000
    elif(args and args.unittest):
        thePort = settings.PDFCD_PORT + 20000
        site.displayTracebacks = True
    else:
        thePort = settings.PDFCD_PORT
        site.displayTracebacks = False
        initializeSystem()

    # Setup the port we listen on
    reactor.listenTCP(thePort, site)
    reactor.listenTCP(portalPort, website)

    # Never return from here
    reactor.run(installSignalHandlers=0)
Exemple #30
0
def makeService(config):
    """
    Set up the otter-api service.
    """
    s = MultiService()
    if config['realtime']:
        from twisted.internet import reactor as clock
    else:
        clock = Clock()
    core = MimicCore.fromPlugins(clock)
    root = MimicRoot(core, clock)
    site = Site(root.app.resource())
    site.displayTracebacks = False
    service(config['listen'], site).setServiceParent(s)
    return s
Exemple #31
0
def makeService(config):
    """
    Set up the service.
    """
    from twisted.internet import reactor
    s = MultiService()
    bloc = Bloc(reactor, float(config["timeout"]), float(config["settle"]))
    s.addService(bloc)
    site = Site(bloc.app.resource())
    site.displayTracebacks = False

    # The Twisted code currently (v16.6.0, 17.1.0) compares the type of
    # this argument to 'str' in order to determine how to handle it.
    description = str(config['listen'])
    s.addService(service(description, site))
    return s
Exemple #32
0
def startMimic():
    """
    Setup the mimic application using steps similar to
    :obj:`mimic.tap.makeService' and start listening for requests.
    """
    clock = Clock()
    core = MimicCore.fromPlugins(clock)
    root = MimicRoot(core, clock)
    site = Site(root.app.resource())
    site.displayTracebacks = False

    endpoint = serverFromString(
        reactor,
        b"tcp:{0}:interface=127.0.0.1".format(_PORT)
    )
    endpoint.listen(site)
Exemple #33
0
    def __init__(self,
                 bridge,
                 port,
                 homeserver_url,
                 homeserver_domain,
                 botname,
                 token_as,
                 token_hs,
                 debug=False):
        self.bridge = bridge
        self.homeserver_url = homeserver_url
        self.homeserver_domain = homeserver_domain
        self.token_as = token_as
        self.token_hs = token_hs

        if botname[0] == '@':
            botname = botname[1:]
        if ':' in botname:
            botname, domain = botname.split(':', 1)
            if domain != homeserver_domain:
                raise ValueError("Bot domain doesn't match homeserver")
        self.bot_username = botname
        self.bot_fullname = '@%s:%s' % (botname, homeserver_domain)

        # Create virtual user for bot
        if not self.bridge.virtualuser_exists('gitter'):
            log.info("Creating user gitter")
            d = self.matrix_request('POST', '_matrix/client/r0/register', {
                'type': 'm.login.application_service',
                'username': '******'
            })
            self.bridge.add_virtualuser('gitter')
            d.addErrback(
                Errback(
                    log, "Error creating user 'gitter' for the "
                    "bridge; usage over federated rooms "
                    "might not work correctly"))

        root = Resource()
        root.putChild('transactions', Transaction(self))
        root.putChild('users', Users(self))
        site = Site(root)
        site.displayTracebacks = debug
        site.logRequest = True
        reactor.listenTCP(port, site)
Exemple #34
0
    def _create_web_factory(self, config, is_secure):

        options = config.get('options', {})

        # create Twisted Web root resource
        if '/' in config['paths']:
            root_config = config['paths']['/']
            root = self._create_resource(root_config, nested=False)
        else:
            root = Resource404(self._templates, b'')

        # create Twisted Web resources on all non-root paths configured
        self._add_paths(root, config.get('paths', {}))

        # create the actual transport factory
        transport_factory = Site(
            root,
            timeout=options.get('client_timeout', None),
        )
        transport_factory.noisy = False

        # we override this factory so that we can inject
        # _LessNoisyHTTPChannel to avoid info-level logging on timing
        # out web clients (which happens all the time).
        def channel_protocol_factory():
            return _GenericHTTPChannelProtocol(_LessNoisyHTTPChannel())
        transport_factory.protocol = channel_protocol_factory

        # Web access logging
        if not options.get('access_log', False):
            transport_factory.log = lambda _: None

        # Traceback rendering
        transport_factory.displayTracebacks = options.get('display_tracebacks', False)

        # HSTS
        if options.get('hsts', False):
            if is_secure:
                hsts_max_age = int(options.get('hsts_max_age', 31536000))
                transport_factory.requestFactory = createHSTSRequestFactory(transport_factory.requestFactory, hsts_max_age)
            else:
                self.log.warn("Warning: HSTS requested, but running on non-TLS - skipping HSTS")

        return transport_factory
Exemple #35
0
    def setup(self, interface, port):
        logger.info("Starting Internal API HTTP server on %s:%d", interface, port)
        root = Resource()

        matrix = Resource()
        root.putChild('_matrix', matrix)

        identity = Resource()
        matrix.putChild('identity', identity)

        internal = Resource()
        identity.putChild('internal', internal)

        authenticated_bind = AuthenticatedBindThreePidServlet(self.sydent)
        internal.putChild('bind', authenticated_bind)

        factory = Site(root)
        factory.displayTracebacks = False
        twisted.internet.reactor.listenTCP(port, factory, interface=interface)
Exemple #36
0
    def run(self):
        '''
        Starts the application.
        '''
        log_info('Starting application')

        resource = HttIpResource(app=self)
        site_factory = Site(resource)
        site_factory.displayTracebacks = False

        try:
            sckt = self.get_socket()
        except EnvironmentError as e:
            sys.stderr.write(str(e) + '\n')
            sys.exit(1)

        self.listen(sckt, reactor, site_factory)
        self.maybe_stop_later()
        reactor.run()
Exemple #37
0
    def setup(self, interface, port):
        logger.info("Starting Internal API HTTP server on %s:%d", interface, port)
        root = Resource()

        matrix = Resource()
        root.putChild('_matrix', matrix)

        identity = Resource()
        matrix.putChild('identity', identity)

        internal = Resource()
        identity.putChild('internal', internal)

        authenticated_bind = AuthenticatedBindThreePidServlet(self.sydent)
        internal.putChild('bind', authenticated_bind)

        factory = Site(root)
        factory.displayTracebacks = False
        self.sydent.reactor.listenTCP(port, factory, interface=interface)
Exemple #38
0
    def make_web_service(self):
        """
        Create and return the web service site.
        """
        web_realm = webauth.WebRealm.make_instance(self.reactor)
        portal = Portal(web_realm)
        checker = webauth.WerewolfWebCredChecker.make_instance()
        portal.registerChecker(checker)
        resources = WebResources.make_instance(
            self.reactor,
            portal)
        root = resources.app.resource()
        site = Site(root)
        session_length = self.session_length

        def sessionFactory(site, uid, reactor=None):
            s = Session(site, uid, reactor=reactor)
            s.sessionTimeout = session_length
            return s

        site.sessionFactory = sessionFactory
        site.displayTracebacks = self.displayTracebacks
        return site
Exemple #39
0
def Service(options):
    consumer = QueueConsumer(consumer_queue=ns.MASTER_QUEUE,
                             pool_size=ns.MAX_MESSAGES,
                             spec_path=ns.SPEC_PATH,
                             vhost=ns.RABBITMQ_VHOST,
                             username=ns.RABBITMQ_USERNAME,
                             password=ns.RABBITMQ_PASSWORD,
                             host=ns.RABBITMQ_HOST,
                             port=ns.RABBITMQ_PORT)

    publisher = QueuePublisher(declare_strategy=1,
                               spec_path=ns.SPEC_PATH,
                               vhost=ns.RABBITMQ_VHOST,
                               username=ns.RABBITMQ_USERNAME,
                               password=ns.RABBITMQ_PASSWORD,
                               host=ns.RABBITMQ_HOST,
                               port=ns.RABBITMQ_PORT)
    resource = MasterResource()
    resource.init(consumer, publisher)
    site = Site(resource)
    site.displayTracebacks = ns.DEBUG
    return internet.TCPServer(int(options['port']), site, \
        interface=options['iface'])
Exemple #40
0
def StartStorageService(config, block_store, service_keys) :
    try :
        http_port = config['StorageService']['HttpPort']
        http_host = config['StorageService']['Host']
        worker_threads = config['StorageService'].get('WorkerThreads', 8)
        reactor_threads = config['StorageService'].get('ReactorThreads', 8)
    except KeyError as ke :
        logger.error('missing configuration for %s', str(ke))
        sys.exit(-1)

    logger.info('service started on port %s', http_port)

    thread_pool = ThreadPool(maxthreads=worker_threads)
    thread_pool.start()
    reactor.addSystemEventTrigger('before', 'shutdown', thread_pool.stop)

    block = Resource()
    for (wsgi_verb, wsgi_app) in wsgi_block_operation_map.items() :
        logger.info('add handler for %s', wsgi_verb)
        verb = wsgi_verb.encode('utf8')
        app = AppWrapperMiddleware(wsgi_app(config, block_store, service_keys))
        block.putChild(verb, WSGIResource(reactor, thread_pool, app))

    root = Resource()
    root.putChild(b'info', WSGIResource(reactor, thread_pool, AppWrapperMiddleware(InfoApp(config, service_keys))))
    root.putChild(b'block', block)

    site = Site(root, timeout=60)
    site.displayTracebacks = True

    reactor.suggestThreadPoolSize(reactor_threads)

    signal.signal(signal.SIGQUIT, __shutdown__)
    signal.signal(signal.SIGTERM, __shutdown__)

    endpoint = TCP4ServerEndpoint(reactor, http_port, backlog=32, interface=http_host)
    endpoint.listen(site)
Exemple #41
0
    def __init__(self, xml):
        #get protobufcfg from main config
        protostreamcfg = manager.config.getConfig('iweb')

        #ip
        ip = manager.config.getValue(protostreamcfg, 'ip', default='0.0.0.0')
        #port
        port = int(manager.config.getValue(protostreamcfg, 'port', default=37016))

        #sockjsport
        sockjsport = int(manager.config.getValue(protostreamcfg, 'sockjsport', default=37017))

        apicfg= protostreamcfg.find('apikeys').findall('key')
        apiKeys = []
        for apikeycfg in apicfg:
            apiKeys.append(apikeycfg.get("value"))

        proto = ProtoBufResource(manager.messages.getProto, manager.messages.proccessMessage, apiKeys)
        site = Site(proto)
        site.displayTracebacks = False
        reactor.listenTCP(port, site, 50)
        log.info("setting up protobufresource server on ", ip, ":", port)
        reactor.listenTCP(sockjsport, SockJSFactory(WebSockFactory()), interface=ip)
        log.info("setting up sockjs server on ", ip, ":", sockjsport)
Exemple #42
0
def create_service():
    class ServerContextFactory:
        def getContext(self):
            ctx = SSL.Context(SSL.SSLv23_METHOD)
            ctx.use_certificate_file(config.SERVER_CERT_PATH)
            ctx.use_privatekey_file(config.SERVER_KEY_PATH)
            return ctx

    root = ServiceRoot()
    siteFactory = Site(root, logPath='data/access_log')

    if config.production:
        siteFactory.displayTracebacks = False

    if config.ENABLE_SSL:
        server = internet.SSLServer(config.LISTEN_PORT,
                                    siteFactory,
                                    ServerContextFactory(),
                                    interface=config.LISTEN_HOST)
    else:
        server = internet.TCPServer(config.LISTEN_PORT,
                                    siteFactory,
                                    interface=config.LISTEN_HOST)
    return server
Exemple #43
0
def addWebServer(config, distributor):
    """Set up a web server for HTTP(S)-based bridge distribution.

    :type config: :class:`bridgedb.persistent.Conf`
    :param config: A configuration object from
         :mod:`bridgedb.Main`. Currently, we use these options::
             HTTP_UNENCRYPTED_PORT
             HTTP_UNENCRYPTED_BIND_IP
             HTTP_USE_IP_FROM_FORWARDED_HEADER
             HTTPS_N_BRIDGES_PER_ANSWER
             HTTPS_INCLUDE_FINGERPRINTS
             HTTPS_KEY_FILE
             HTTPS_CERT_FILE
             HTTPS_PORT
             HTTPS_BIND_IP
             HTTPS_USE_IP_FROM_FORWARDED_HEADER
             HTTPS_ROTATION_PERIOD
             RECAPTCHA_ENABLED
             RECAPTCHA_PUB_KEY
             RECAPTCHA_SEC_KEY
             RECAPTCHA_REMOTEIP
             GIMP_CAPTCHA_ENABLED
             GIMP_CAPTCHA_DIR
             GIMP_CAPTCHA_HMAC_KEYFILE
             GIMP_CAPTCHA_RSA_KEYFILE
             SERVER_PUBLIC_FQDN
             CSP_ENABLED
             CSP_REPORT_ONLY
             CSP_INCLUDE_SELF
    :type distributor: :class:`bridgedb.https.distributor.HTTPSDistributor`
    :param distributor: A bridge distributor.
    :raises SystemExit: if the servers cannot be started.
    :rtype: :api:`twisted.web.server.Site`
    :returns: A webserver.
    """
    captcha = None
    fwdHeaders = config.HTTP_USE_IP_FROM_FORWARDED_HEADER
    numBridges = config.HTTPS_N_BRIDGES_PER_ANSWER
    fprInclude = config.HTTPS_INCLUDE_FINGERPRINTS

    logging.info("Starting web servers...")

    setFQDN(config.SERVER_PUBLIC_FQDN)

    index   = IndexResource()
    options = OptionsResource()
    howto   = HowtoResource()
    robots  = static.File(os.path.join(TEMPLATE_DIR, 'robots.txt'))
    assets  = static.File(os.path.join(TEMPLATE_DIR, 'assets/'))
    keys    = static.Data(bytes(strings.BRIDGEDB_OPENPGP_KEY), 'text/plain')
    csp     = CSPResource(enabled=config.CSP_ENABLED,
                          includeSelf=config.CSP_INCLUDE_SELF,
                          reportViolations=config.CSP_REPORT_ONLY,
                          useForwardedHeader=fwdHeaders)

    root = CustomErrorHandlingResource()
    root.putChild('', index)
    root.putChild('robots.txt', robots)
    root.putChild('keys', keys)
    root.putChild('assets', assets)
    root.putChild('options', options)
    root.putChild('howto', howto)
    root.putChild('maintenance', maintenance)
    root.putChild('error', resource500)
    root.putChild(CSPResource.reportURI, csp)

    if config.RECAPTCHA_ENABLED:
        publicKey = config.RECAPTCHA_PUB_KEY
        secretKey = config.RECAPTCHA_SEC_KEY
        captcha = partial(ReCaptchaProtectedResource,
                          remoteIP=config.RECAPTCHA_REMOTEIP)
    elif config.GIMP_CAPTCHA_ENABLED:
        # Get the master HMAC secret key for CAPTCHA challenges, and then
        # create a new HMAC key from it for use on the server.
        captchaKey = crypto.getKey(config.GIMP_CAPTCHA_HMAC_KEYFILE)
        hmacKey = crypto.getHMAC(captchaKey, "Captcha-Key")
        # Load or create our encryption keys:
        secretKey, publicKey = crypto.getRSAKey(config.GIMP_CAPTCHA_RSA_KEYFILE)
        captcha = partial(GimpCaptchaProtectedResource,
                          hmacKey=hmacKey,
                          captchaDir=config.GIMP_CAPTCHA_DIR)

    if config.HTTPS_ROTATION_PERIOD:
        count, period = config.HTTPS_ROTATION_PERIOD.split()
        sched = ScheduledInterval(count, period)
    else:
        sched = Unscheduled()

    bridges = BridgesResource(distributor, sched, numBridges, fwdHeaders,
                              includeFingerprints=fprInclude)
    if captcha:
        # Protect the 'bridges' page with a CAPTCHA, if configured to do so:
        protected = captcha(publicKey=publicKey,
                            secretKey=secretKey,
                            useForwardedHeader=fwdHeaders,
                            protectedResource=bridges)
        root.putChild('bridges', protected)
        logging.info("Protecting resources with %s." % captcha.func.__name__)
    else:
        root.putChild('bridges', bridges)

    site = Site(root)
    site.displayTracebacks = False

    if config.HTTP_UNENCRYPTED_PORT:  # pragma: no cover
        ip = config.HTTP_UNENCRYPTED_BIND_IP or ""
        port = config.HTTP_UNENCRYPTED_PORT or 80
        try:
            reactor.listenTCP(port, site, interface=ip)
        except CannotListenError as error:
            raise SystemExit(error)
        logging.info("Started HTTP server on %s:%d" % (str(ip), int(port)))

    if config.HTTPS_PORT:  # pragma: no cover
        ip = config.HTTPS_BIND_IP or ""
        port = config.HTTPS_PORT or 443
        try:
            from twisted.internet.ssl import DefaultOpenSSLContextFactory
            factory = DefaultOpenSSLContextFactory(config.HTTPS_KEY_FILE,
                                                   config.HTTPS_CERT_FILE)
            reactor.listenSSL(port, site, factory, interface=ip)
        except CannotListenError as error:
            raise SystemExit(error)
        logging.info("Started HTTPS server on %s:%d" % (str(ip), int(port)))

    return site
Exemple #44
0
        request.setHeader(b"content-type", b"text/html; charset=utf-8")
        return self.page

    def getChild(self, chnam, request):
        return self


class NoResource(ErrorResource):
    def __init__(self):
        ErrorResource.__init__(self, NOT_FOUND)


application = Application("static-server")

plainSite = Site(RedirectResource())
plainSite.displayTracebacks = False
plainService6 = TCPServer(INSECURE_PORT, plainSite, interface='::')
plainService6.setServiceParent(application)

files = File(DOCUMENTS.path)
files.childNotFound = NoResource()

secureSite = Site(HSTSResource(files))
secureSite.displayTracebacks = False
secureService6 = SSLServer(SECURE_PORT,
                           secureSite,
                           ctxFactory,
                           interface='::')

secureService6.setServiceParent(application)
Exemple #45
0
def addMoatServer(config, distributor):
    """Set up a web server for moat bridge distribution.

    :type config: :class:`bridgedb.persistent.Conf`
    :param config: A configuration object from
         :mod:`bridgedb.main`. Currently, we use these options::
             GIMP_CAPTCHA_DIR
             SERVER_PUBLIC_FQDN
             SUPPORTED_TRANSPORTS
             MOAT_DIST
             MOAT_DIST_VIA_MEEK_ONLY
             MOAT_TLS_CERT_FILE
             MOAT_TLS_KEY_FILE
             MOAT_SERVER_PUBLIC_ROOT
             MOAT_HTTPS_IP
             MOAT_HTTPS_PORT
             MOAT_HTTP_IP
             MOAT_HTTP_PORT
             MOAT_BRIDGES_PER_ANSWER
             MOAT_TRANSPORT_PREFERENCE_LIST
             MOAT_USE_IP_FROM_FORWARDED_HEADER
             MOAT_SKIP_LOOPBACK_ADDRESSES
             MOAT_ROTATION_PERIOD
             MOAT_GIMP_CAPTCHA_HMAC_KEYFILE
             MOAT_GIMP_CAPTCHA_RSA_KEYFILE
    :type distributor: :class:`bridgedb.distributors.moat.distributor.MoatDistributor`
    :param distributor: A bridge distributor.
    :raises SystemExit: if the servers cannot be started.
    :rtype: :api:`twisted.web.server.Site`
    :returns: A webserver.
    """
    captcha = None
    fwdHeaders = config.MOAT_USE_IP_FROM_FORWARDED_HEADER
    numBridges = config.MOAT_BRIDGES_PER_ANSWER
    skipLoopback = config.MOAT_SKIP_LOOPBACK_ADDRESSES

    logging.info("Starting moat servers...")

    setFQDN(config.SERVER_PUBLIC_FQDN)
    setRoot(config.MOAT_SERVER_PUBLIC_ROOT)
    setSupportedTransports(config.SUPPORTED_TRANSPORTS)
    setPreferredTransports(config.MOAT_TRANSPORT_PREFERENCE_LIST)

    # Get the master HMAC secret key for CAPTCHA challenges, and then
    # create a new HMAC key from it for use on the server.
    captchaKey = crypto.getKey(config.MOAT_GIMP_CAPTCHA_HMAC_KEYFILE)
    hmacKey = crypto.getHMAC(captchaKey, "Moat-Captcha-Key")
    # Load or create our encryption keys:
    secretKey, publicKey = crypto.getRSAKey(config.MOAT_GIMP_CAPTCHA_RSA_KEYFILE)
    sched = Unscheduled()

    if config.MOAT_ROTATION_PERIOD:
        count, period = config.MOAT_ROTATION_PERIOD.split()
        sched = ScheduledInterval(count, period)

    sitePublicDir = getRoot()

    meek = CustomErrorHandlingResource()
    moat = CustomErrorHandlingResource()
    fetch = CaptchaFetchResource(hmacKey, publicKey, secretKey,
                                 config.GIMP_CAPTCHA_DIR,
                                 fwdHeaders, skipLoopback)
    check = CaptchaCheckResource(distributor, sched, numBridges,
                                 hmacKey, publicKey, secretKey,
                                 fwdHeaders, skipLoopback)

    moat.putChild("fetch", fetch)
    moat.putChild("check", check)
    meek.putChild("moat", moat)

    root = CustomErrorHandlingResource()
    root.putChild("meek", meek)
    root.putChild("moat", moat)

    site = Site(root)
    site.displayTracebacks = False

    if config.MOAT_HTTP_PORT:  # pragma: no cover
        ip = config.MOAT_HTTP_IP or ""
        port = config.MOAT_HTTP_PORT or 80
        try:
            reactor.listenTCP(port, site, interface=ip)
        except CannotListenError as error:
            raise SystemExit(error)
        logging.info("Started Moat HTTP server on %s:%d" % (str(ip), int(port)))

    if config.MOAT_HTTPS_PORT:  # pragma: no cover
        ip = config.MOAT_HTTPS_IP or ""
        port = config.MOAT_HTTPS_PORT or 443
        try:
            from twisted.internet.ssl import DefaultOpenSSLContextFactory
            factory = DefaultOpenSSLContextFactory(config.MOAT_TLS_KEY_FILE,
                                                   config.MOAT_TLS_CERT_FILE)
            reactor.listenSSL(port, site, factory, interface=ip)
        except CannotListenError as error:
            raise SystemExit(error)
        logging.info("Started Moat TLS server on %s:%d" % (str(ip), int(port)))

    return site
Exemple #46
0
                        loglevel=loglevel)


def main():
    logger.info('路由模块已启动')
    reactor.run()  # @UndefinedVariable


if __name__ == '__main__':
    loglevels = {
        'DEBUG': logging.DEBUG,
        'INFO': logging.INFO,
        'WARN': logging.WARN,
        'ERROR': logging.ERROR,
        'FATAL': logging.FATAL
    }
    router_cfg = load_router_cfg('espush.ini')
    initlog(level=loglevels[router_cfg.loglevel])
    # router svc
    gwsvc_factory = JSONServerFactory()
    listenport = router_cfg.listenport
    reactor.listenTCP(listenport, gwsvc_factory)  # @UndefinedVariable
    gl_routetable = RouteTable()
    # web interface
    web_factory = Site(web_init())
    web_factory.displayTracebacks = False
    apiport = router_cfg.apiport
    reactor.listenTCP(apiport, web_factory)  # @UndefinedVariable
    write_pid_file()
    main()
Exemple #47
0
def makeService(config):
    """
    Set up the otter-api service.
    """
    set_config_data(dict(config))

    s = MultiService()

    region = config_value('region')

    seed_endpoints = [
        clientFromString(reactor, str(host))
        for host in config_value('cassandra.seed_hosts')]

    cassandra_cluster = LoggingCQLClient(
        TimingOutCQLClient(
            reactor,
            RoundRobinCassandraCluster(
                seed_endpoints,
                config_value('cassandra.keyspace')),
            config_value('cassandra.timeout') or 30),
        log.bind(system='otter.silverberg'))

    get_consistency = partial(
        get_consistency_level,
        default=config_value('cassandra.default_consistency'),
        exceptions=config_value('cassandra.consistency_exceptions'))

    store = CassScalingGroupCollection(cassandra_cluster, reactor,
                                       get_consistency)
    admin_store = CassAdmin(cassandra_cluster, get_consistency)

    bobby_url = config_value('bobby_url')
    if bobby_url is not None:
        set_bobby(BobbyClient(bobby_url))

    cache_ttl = config_value('identity.cache_ttl')

    if cache_ttl is None:
        # FIXME: Pick an arbitrary cache ttl value based on absolutely no
        # science.
        cache_ttl = 300

    authenticator = CachingAuthenticator(
        reactor,
        RetryingAuthenticator(
            reactor,
            ImpersonatingAuthenticator(
                config_value('identity.username'),
                config_value('identity.password'),
                config_value('identity.url'),
                config_value('identity.admin_url')),
            max_retries=config_value('identity.max_retries'),
            retry_interval=config_value('identity.retry_interval')),
        cache_ttl)

    supervisor = SupervisorService(authenticator.authenticate_tenant,
                                   region, coiterate)
    supervisor.setServiceParent(s)

    set_supervisor(supervisor)

    health_checker = HealthChecker(reactor, {
        'store': getattr(store, 'health_check', None),
        'kazoo': store.kazoo_health_check,
        'supervisor': supervisor.health_check
    })

    # Setup cassandra cluster to disconnect when otter shuts down
    if 'cassandra_cluster' in locals():
        s.addService(FunctionalService(stop=partial(call_after_supervisor,
                                                    cassandra_cluster.disconnect, supervisor)))

    otter = Otter(store, region, health_checker.health_check,
                  es_host=config_value('elasticsearch.host'))
    site = Site(otter.app.resource())
    site.displayTracebacks = False

    api_service = service(str(config_value('port')), site)
    api_service.setServiceParent(s)

    # Setup admin service
    admin_port = config_value('admin')
    if admin_port:
        admin = OtterAdmin(admin_store)
        admin_site = Site(admin.app.resource())
        admin_site.displayTracebacks = False
        admin_service = service(str(admin_port), admin_site)
        admin_service.setServiceParent(s)

    # Setup Kazoo client
    if config_value('zookeeper'):
        threads = config_value('zookeeper.threads') or 10
        kz_client = TxKazooClient(hosts=config_value('zookeeper.hosts'),
                                  threads=threads, txlog=log.bind(system='kazoo'))
        d = kz_client.start()

        def on_client_ready(_):
            # Setup scheduler service after starting
            scheduler = setup_scheduler(s, store, kz_client)
            health_checker.checks['scheduler'] = scheduler.health_check
            otter.scheduler = scheduler
            # Set the client after starting
            # NOTE: There is small amount of time when the start is not finished
            # and the kz_client is not set in which case policy execution and group
            # delete will fail
            store.kz_client = kz_client
            # Setup kazoo to stop when shutting down
            s.addService(FunctionalService(stop=partial(call_after_supervisor,
                                                        kz_client.stop, supervisor)))

        d.addCallback(on_client_ready)
        d.addErrback(log.err, 'Could not start TxKazooClient')

    return s
Exemple #48
0
def make_redirector_site(port):
    # XXX It would be good to combine this with make_site so we didn't end up
    # with http logs in multiple places.  Not sure how to do that though.
    site = Site(RedirectToHTTPS(port))
    site.displayTracebacks = False
    return site
Exemple #49
0
	url = request.args.get('imgur', None)
	if not url:
		return 'Please enter a valid imgur link.'

	parsed_url = urlparse.urlparse(url)

	if parsed_url.netloc != 'i.imgur.com':
		return 'Please enter a valid imgur link.'

	# Create a transaction that will be used until the user receives their image and presses OK to dismiss the transaction
	# This way, if the user refreshes the page or
	transaction_id = transaction_manager.addTransaction(Transaction(ImgurDownloadState(parsed_url.path[1:])))
	session['imgur_id'] = transaction_id
	return render_template('imgur/index.html', transaction_id=transaction_id)

resource = WSGIResource(reactor, reactor.getThreadPool(), app)
static_resource = File(app.static_folder)

log.startLogging(sys.stdout)
ws = Resource()
ws.putChild('imgur', imgur_resource)
root_resource = WSGISiteResource(resource, {'static': static_resource, 'ws': ws})
site = Site(root_resource)
site.displayTracebacks = True

if __name__ == '__main__':
	app.debug = True
	log.startLogging(sys.stdout)
	reactor.listenTCP(8000, site, interface='0.0.0.0')
	reactor.run()
Exemple #50
0
    parsed_url = urlparse.urlparse(url)

    if parsed_url.netloc != 'i.imgur.com':
        return 'Please enter a valid imgur link.'

    # Create a transaction that will be used until the user receives their image and presses OK to dismiss the transaction
    # This way, if the user refreshes the page or
    transaction_id = transaction_manager.addTransaction(
        Transaction(ImgurDownloadState(parsed_url.path[1:])))
    session['imgur_id'] = transaction_id
    return render_template('imgur/index.html', transaction_id=transaction_id)


resource = WSGIResource(reactor, reactor.getThreadPool(), app)
static_resource = File(app.static_folder)

log.startLogging(sys.stdout)
ws = Resource()
ws.putChild('imgur', imgur_resource)
root_resource = WSGISiteResource(resource, {
    'static': static_resource,
    'ws': ws
})
site = Site(root_resource)
site.displayTracebacks = True

if __name__ == '__main__':
    app.debug = True
    log.startLogging(sys.stdout)
    reactor.listenTCP(8000, site, interface='0.0.0.0')
    reactor.run()
Exemple #51
0
def make_redirector_site(port):
    site = Site(RedirectToHTTPS(port))
    site.displayTracebacks = True
    return site
Exemple #52
0
def addWebServer(config, distributor):
    """Set up a web server for HTTP(S)-based bridge distribution.

    :type config: :class:`bridgedb.persistent.Conf`
    :param config: A configuration object from
         :mod:`bridgedb.main`. Currently, we use these options::
             HTTP_UNENCRYPTED_PORT
             HTTP_UNENCRYPTED_BIND_IP
             HTTP_USE_IP_FROM_FORWARDED_HEADER
             HTTPS_N_BRIDGES_PER_ANSWER
             HTTPS_INCLUDE_FINGERPRINTS
             HTTPS_KEY_FILE
             HTTPS_CERT_FILE
             HTTPS_PORT
             HTTPS_BIND_IP
             HTTPS_USE_IP_FROM_FORWARDED_HEADER
             HTTPS_ROTATION_PERIOD
             RECAPTCHA_ENABLED
             RECAPTCHA_PUB_KEY
             RECAPTCHA_SEC_KEY
             RECAPTCHA_REMOTEIP
             GIMP_CAPTCHA_ENABLED
             GIMP_CAPTCHA_DIR
             GIMP_CAPTCHA_HMAC_KEYFILE
             GIMP_CAPTCHA_RSA_KEYFILE
             SERVER_PUBLIC_FQDN
             CSP_ENABLED
             CSP_REPORT_ONLY
             CSP_INCLUDE_SELF
    :type distributor: :class:`bridgedb.distributors.https.distributor.HTTPSDistributor`
    :param distributor: A bridge distributor.
    :raises SystemExit: if the servers cannot be started.
    :rtype: :api:`twisted.web.server.Site`
    :returns: A webserver.
    """
    captcha = None
    fwdHeaders = config.HTTP_USE_IP_FROM_FORWARDED_HEADER
    numBridges = config.HTTPS_N_BRIDGES_PER_ANSWER
    fprInclude = config.HTTPS_INCLUDE_FINGERPRINTS

    logging.info("Starting web servers...")

    setFQDN(config.SERVER_PUBLIC_FQDN)

    index   = IndexResource()
    options = OptionsResource()
    howto   = HowtoResource()
    robots  = static.File(os.path.join(TEMPLATE_DIR, 'robots.txt'))
    assets  = static.File(os.path.join(TEMPLATE_DIR, 'assets/'))
    keys    = static.Data(bytes(strings.BRIDGEDB_OPENPGP_KEY), 'text/plain')
    csp     = CSPResource(enabled=config.CSP_ENABLED,
                          includeSelf=config.CSP_INCLUDE_SELF,
                          reportViolations=config.CSP_REPORT_ONLY,
                          useForwardedHeader=fwdHeaders)

    root = CustomErrorHandlingResource()
    root.putChild('', index)
    root.putChild('robots.txt', robots)
    root.putChild('keys', keys)
    root.putChild('assets', assets)
    root.putChild('options', options)
    root.putChild('howto', howto)
    root.putChild('maintenance', maintenance)
    root.putChild('error', resource500)
    root.putChild(CSPResource.reportURI, csp)

    if config.RECAPTCHA_ENABLED:
        publicKey = config.RECAPTCHA_PUB_KEY
        secretKey = config.RECAPTCHA_SEC_KEY
        captcha = partial(ReCaptchaProtectedResource,
                          remoteIP=config.RECAPTCHA_REMOTEIP)
    elif config.GIMP_CAPTCHA_ENABLED:
        # Get the master HMAC secret key for CAPTCHA challenges, and then
        # create a new HMAC key from it for use on the server.
        captchaKey = crypto.getKey(config.GIMP_CAPTCHA_HMAC_KEYFILE)
        hmacKey = crypto.getHMAC(captchaKey, "Captcha-Key")
        # Load or create our encryption keys:
        secretKey, publicKey = crypto.getRSAKey(config.GIMP_CAPTCHA_RSA_KEYFILE)
        captcha = partial(GimpCaptchaProtectedResource,
                          hmacKey=hmacKey,
                          captchaDir=config.GIMP_CAPTCHA_DIR)

    if config.HTTPS_ROTATION_PERIOD:
        count, period = config.HTTPS_ROTATION_PERIOD.split()
        sched = ScheduledInterval(count, period)
    else:
        sched = Unscheduled()

    bridges = BridgesResource(distributor, sched, numBridges, fwdHeaders,
                              includeFingerprints=fprInclude)
    if captcha:
        # Protect the 'bridges' page with a CAPTCHA, if configured to do so:
        protected = captcha(publicKey=publicKey,
                            secretKey=secretKey,
                            useForwardedHeader=fwdHeaders,
                            protectedResource=bridges)
        root.putChild('bridges', protected)
        logging.info("Protecting resources with %s." % captcha.func.__name__)
    else:
        root.putChild('bridges', bridges)

    site = Site(root)
    site.displayTracebacks = False

    if config.HTTP_UNENCRYPTED_PORT:  # pragma: no cover
        ip = config.HTTP_UNENCRYPTED_BIND_IP or ""
        port = config.HTTP_UNENCRYPTED_PORT or 80
        try:
            reactor.listenTCP(port, site, interface=ip)
        except CannotListenError as error:
            raise SystemExit(error)
        logging.info("Started HTTP server on %s:%d" % (str(ip), int(port)))

    if config.HTTPS_PORT:  # pragma: no cover
        ip = config.HTTPS_BIND_IP or ""
        port = config.HTTPS_PORT or 443
        try:
            from twisted.internet.ssl import DefaultOpenSSLContextFactory
            factory = DefaultOpenSSLContextFactory(config.HTTPS_KEY_FILE,
                                                   config.HTTPS_CERT_FILE)
            reactor.listenSSL(port, site, factory, interface=ip)
        except CannotListenError as error:
            raise SystemExit(error)
        logging.info("Started HTTPS server on %s:%d" % (str(ip), int(port)))

    return site
Exemple #53
0
    def render(self, request):
        request.setResponseCode(self.status)
        request.setHeader(b"content-type", b"text/html; charset=utf-8")
        return self.page

    def getChild(self, chnam, request):
        return self


class NoResource(ErrorResource):
    def __init__(self):
        ErrorResource.__init__(self, NOT_FOUND)


application = Application("static-server")

plainSite = Site(RedirectResource())
plainSite.displayTracebacks = False
plainService6 = TCPServer(INSECURE_PORT, plainSite, interface='::')
plainService6.setServiceParent(application)

files = File(DOCUMENTS.path)
files.childNotFound = NoResource()

secureSite = Site(HSTSResource(files))
secureSite.displayTracebacks = False
secureService6 = SSLServer(SECURE_PORT, secureSite, ctxFactory, interface='::')

secureService6.setServiceParent(application)
Exemple #54
0
def make_redirector_site(port):
    site = Site(RedirectToHTTPS(port))
    site.displayTracebacks = False
    return site
Exemple #55
0
def makeService(config):
    """
    Set up the otter-api service.
    """
    config = dict(config)
    set_config_data(config)

    parent = MultiService()

    region = config_value('region')

    seed_endpoints = [
        clientFromString(reactor, str(host))
        for host in config_value('cassandra.seed_hosts')]

    cassandra_cluster = LoggingCQLClient(
        TimingOutCQLClient(
            reactor,
            RoundRobinCassandraCluster(
                seed_endpoints,
                config_value('cassandra.keyspace'),
                disconnect_on_cancel=True),
            config_value('cassandra.timeout') or 30),
        log.bind(system='otter.silverberg'))

    store = CassScalingGroupCollection(
        cassandra_cluster, reactor, config_value('limits.absolute.maxGroups'))
    admin_store = CassAdmin(cassandra_cluster)

    bobby_url = config_value('bobby_url')
    if bobby_url is not None:
        set_bobby(BobbyClient(bobby_url))

    service_configs = get_service_configs(config)

    authenticator = generate_authenticator(reactor, config['identity'])
    supervisor = SupervisorService(authenticator, region, coiterate,
                                   service_configs)
    supervisor.setServiceParent(parent)

    set_supervisor(supervisor)

    health_checker = HealthChecker(reactor, {
        'store': getattr(store, 'health_check', None),
        'kazoo': store.kazoo_health_check,
        'supervisor': supervisor.health_check
    })

    # Setup cassandra cluster to disconnect when otter shuts down
    if 'cassandra_cluster' in locals():
        parent.addService(FunctionalService(stop=partial(
            call_after_supervisor, cassandra_cluster.disconnect, supervisor)))

    otter = Otter(store, region, health_checker.health_check)
    site = Site(otter.app.resource())
    site.displayTracebacks = False

    api_service = service(str(config_value('port')), site)
    api_service.setServiceParent(parent)

    # Setup admin service
    admin_port = config_value('admin')
    if admin_port:
        admin = OtterAdmin(admin_store)
        admin_site = Site(admin.app.resource())
        admin_site.displayTracebacks = False
        admin_service = service(str(admin_port), admin_site)
        admin_service.setServiceParent(parent)

    # setup cloud feed
    cf_conf = config.get('cloudfeeds', None)
    if cf_conf is not None:
        id_conf = deepcopy(config['identity'])
        id_conf['strategy'] = 'single_tenant'
        add_to_fanout(CloudFeedsObserver(
            reactor=reactor,
            authenticator=generate_authenticator(reactor, id_conf),
            tenant_id=cf_conf['tenant_id'],
            region=region,
            service_configs=service_configs))

    # Setup Kazoo client
    if config_value('zookeeper'):
        threads = config_value('zookeeper.threads') or 10
        disable_logs = config_value('zookeeper.no_logs')
        threadpool = ThreadPool(maxthreads=threads)
        sync_kz_client = KazooClient(
            hosts=config_value('zookeeper.hosts'),
            # Keep trying to connect until the end of time with
            # max interval of 10 minutes
            connection_retry=dict(max_tries=-1, max_delay=600),
            logger=None if disable_logs else TxLogger(log.bind(system='kazoo'))
        )
        kz_client = TxKazooClient(reactor, threadpool, sync_kz_client)
        # Don't timeout. Keep trying to connect forever
        d = kz_client.start(timeout=None)

        def on_client_ready(_):
            dispatcher = get_full_dispatcher(reactor, authenticator, log,
                                             get_service_configs(config),
                                             kz_client, store, supervisor,
                                             cassandra_cluster)
            # Setup scheduler service after starting
            scheduler = setup_scheduler(parent, dispatcher, store, kz_client)
            health_checker.checks['scheduler'] = scheduler.health_check
            otter.scheduler = scheduler
            # Give dispatcher to Otter REST object
            otter.dispatcher = dispatcher
            # Set the client after starting
            # NOTE: There is small amount of time when the start is
            # not finished and the kz_client is not set in which case
            # policy execution and group delete will fail
            store.kz_client = kz_client
            # Setup kazoo to stop when shutting down
            parent.addService(FunctionalService(
                stop=partial(call_after_supervisor,
                             kz_client.stop, supervisor)))

            setup_converger(
                parent, kz_client, dispatcher,
                config_value('converger.interval') or 10,
                config_value('converger.build_timeout') or 3600,
                config_value('converger.limited_retry_iterations') or 10,
                config_value('converger.step_limits') or {})

        d.addCallback(on_client_ready)
        d.addErrback(log.err, 'Could not start TxKazooClient')

    return parent
Exemple #56
0
def addMoatServer(config, distributor):
    """Set up a web server for moat bridge distribution.

    :type config: :class:`bridgedb.persistent.Conf`
    :param config: A configuration object from
         :mod:`bridgedb.main`. Currently, we use these options::
             GIMP_CAPTCHA_DIR
             SERVER_PUBLIC_FQDN
             SUPPORTED_TRANSPORTS
             MOAT_DIST
             MOAT_DIST_VIA_MEEK_ONLY
             MOAT_TLS_CERT_FILE
             MOAT_TLS_KEY_FILE
             MOAT_SERVER_PUBLIC_ROOT
             MOAT_HTTPS_IP
             MOAT_HTTPS_PORT
             MOAT_HTTP_IP
             MOAT_HTTP_PORT
             MOAT_BRIDGES_PER_ANSWER
             MOAT_TRANSPORT_PREFERENCE_LIST
             MOAT_USE_IP_FROM_FORWARDED_HEADER
             MOAT_SKIP_LOOPBACK_ADDRESSES
             MOAT_ROTATION_PERIOD
             MOAT_GIMP_CAPTCHA_HMAC_KEYFILE
             MOAT_GIMP_CAPTCHA_RSA_KEYFILE
    :type distributor: :class:`bridgedb.distributors.moat.distributor.MoatDistributor`
    :param distributor: A bridge distributor.
    :raises SystemExit: if the servers cannot be started.
    :rtype: :api:`twisted.web.server.Site`
    :returns: A webserver.
    """
    captcha = None
    fwdHeaders = config.MOAT_USE_IP_FROM_FORWARDED_HEADER
    numBridges = config.MOAT_BRIDGES_PER_ANSWER
    skipLoopback = config.MOAT_SKIP_LOOPBACK_ADDRESSES

    logging.info("Starting moat servers...")

    setFQDN(config.SERVER_PUBLIC_FQDN)
    setRoot(config.MOAT_SERVER_PUBLIC_ROOT)
    setSupportedTransports(config.SUPPORTED_TRANSPORTS)
    setPreferredTransports(config.MOAT_TRANSPORT_PREFERENCE_LIST)

    # Get the master HMAC secret key for CAPTCHA challenges, and then
    # create a new HMAC key from it for use on the server.
    captchaKey = crypto.getKey(config.MOAT_GIMP_CAPTCHA_HMAC_KEYFILE)
    hmacKey = crypto.getHMAC(captchaKey, "Moat-Captcha-Key")
    # Load or create our encryption keys:
    secretKey, publicKey = crypto.getRSAKey(
        config.MOAT_GIMP_CAPTCHA_RSA_KEYFILE)
    sched = Unscheduled()

    if config.MOAT_ROTATION_PERIOD:
        count, period = config.MOAT_ROTATION_PERIOD.split()
        sched = ScheduledInterval(count, period)

    sitePublicDir = getRoot()

    meek = CustomErrorHandlingResource()
    moat = CustomErrorHandlingResource()
    fetch = CaptchaFetchResource(hmacKey, publicKey, secretKey,
                                 config.GIMP_CAPTCHA_DIR, fwdHeaders,
                                 skipLoopback)
    check = CaptchaCheckResource(distributor, sched, numBridges, hmacKey,
                                 publicKey, secretKey, fwdHeaders,
                                 skipLoopback)

    moat.putChild(b"fetch", fetch)
    moat.putChild(b"check", check)
    meek.putChild(b"moat", moat)

    root = CustomErrorHandlingResource()
    root.putChild(b"meek", meek)
    root.putChild(b"moat", moat)

    site = Site(root)
    site.displayTracebacks = False

    if config.MOAT_HTTP_PORT:  # pragma: no cover
        ip = config.MOAT_HTTP_IP or ""
        port = config.MOAT_HTTP_PORT or 80
        try:
            reactor.listenTCP(port, site, interface=ip)
        except CannotListenError as error:
            raise SystemExit(error)
        logging.info("Started Moat HTTP server on %s:%d" %
                     (str(ip), int(port)))

    if config.MOAT_HTTPS_PORT:  # pragma: no cover
        ip = config.MOAT_HTTPS_IP or ""
        port = config.MOAT_HTTPS_PORT or 443
        try:
            from twisted.internet.ssl import DefaultOpenSSLContextFactory
            factory = DefaultOpenSSLContextFactory(config.MOAT_TLS_KEY_FILE,
                                                   config.MOAT_TLS_CERT_FILE)
            reactor.listenSSL(port, site, factory, interface=ip)
        except CannotListenError as error:
            raise SystemExit(error)
        logging.info("Started Moat TLS server on %s:%d" % (str(ip), int(port)))

    return site