def __pre_parse(self, opts, args): cp = ConfigParser() self.cp = cp read_files = cp.read(["/etc/xbe/xberc", os.path.expanduser("~/.xbe/xberc"), opts.config]) if not len(read_files): raise CommandFailed("no configuration file found") if opts.timeout is None: opts.timeout = cp.getfloat("network", "timeout") if opts.server is None: opts.server = cp.get("network", "server") if opts.stomp_user is None: opts.stomp_user = cp.get("network", "user") if opts.stomp_pass is None: opts.stomp_pass = cp.get("network", "pass") if opts.user_cert is None: opts.user_cert = os.path.expanduser(cp.get("security", "pubkey")) if opts.user_key is None: opts.user_key = os.path.expanduser(cp.get("security", "privkey")) if opts.ca_cert is None: opts.ca_cert = os.path.expanduser(cp.get("security", "cacert")) from xbe.xml.security import X509Certificate # build the certificate self.user_cert = X509Certificate.load_from_files(opts.user_cert, opts.user_key) self.ca_cert = X509Certificate.load_from_files(opts.ca_cert)
def setup_priviledged(self): log.info("Setting up the XenBEE broker") # TODO: hier muss etwas rein!! - start log.info("initializing schema documents...") from lxml import etree self.schema_map = {} for schema in os.listdir(self.opts.schema_dir): if not schema.endswith(".xsd"): continue path = os.path.join(self.opts.schema_dir, schema) log.info(" reading %s" % path) xsd_doc = etree.parse(path) namespace = xsd_doc.getroot().attrib["targetNamespace"] self.schema_map[namespace] = etree.XMLSchema(xsd_doc) log.info(" done.") log.info("initializing certificates...") # read in the certificate and private-key from xbe.xml.security import X509Certificate self.ca_certificate = X509Certificate.load_from_files(self.opts.ca_cert) log.info(" CA certificate: %s", self.ca_certificate.subject()["CN"]) cert = X509Certificate.load_from_files(self.opts.x509, self.opts.p_key) if not self.ca_certificate.validate_certificate(cert): self.error("the given x509 certificate has not been signed by the given CA") self.certificate = cert log.info(" my certificate: %s" % (self.certificate.subject()["CN"])) log.info(" done.") log.info("initializing twisted...") from twisted.python import threadable threadable.init() log.info(" done.") log.info("initializing user database...") from xbe.xbed.user import UserDatabase self.userDatabase = UserDatabase.getInstance(self.opts.user_db) log.info(" done.") log.info("initializing reactor...") from twisted.internet import reactor from xbe.broker.proto import XenBEEBrokerProtocolFactory from xbe.util.network import urlparse proto, host, queue, _, _, _ = urlparse(self.opts.uri) if proto != "stomp": raise ValueError("unknown protocol", proto) try: host, port = host.split(":") port = int(port) except ValueError, e: port = 61613
except AttributeError: self.xml_protocol = \ protocol.SecureProtocol(self.cert, self.ca_cert, None, self.protocolFactory, *self.protocolFactoryArgs, **self.protocolFactoryKwArgs) self.xml_protocol.factory = self self.xml_protocol.makeConnection( protocol.XMLTransport(StompTransport(stomp_protocol, self.server_queue))) self.xml_protocol.init_handshake() if __name__ == "__main__": path = os.path.join(os.environ["HOME"], ".xbe", "cert") cert = X509Certificate.load_from_files(os.path.join(path, "user.pem"), os.path.join(path, "private", "user-key.pem")) ca_cert = X509Certificate.load_from_files("/root/xenbee/etc/CA/ca-cert.pem") # path = os.path.join(os.environ["HOME"], "tmp", "x.509") # cert = X509Certificate.load_from_files(os.path.join(path, "signer.pem"), # os.path.join(path, "signer_key.pem")) # ca_cert = X509Certificate.load_from_files("/root/xenbee/etc/CA/ca-cert.pem") f = ClientProtocolFactory(id="2", stomp_user="******", stomp_pass="******", certificate=cert, ca_cert=ca_cert, server_queue="/queue/xenbee.daemon.1", protocolFactory=ClientXMLProtocol, protocolFactoryArgs=(SimpleCommandLineProtocol,)) reactor.connectTCP("localhost", 61613, f) reactor.run()