Esempio n. 1
0
def networkstart(reason, session):
	l2r = False
	l2k = None
	if hw.get_device_name().lower() != "dm7025":
		l2c = tpm.getData(eTPM.DT_LEVEL2_CERT)

		if l2c is None:
			return

		l2k = validate_certificate(l2c, rootkey)
		if l2k is None:
			return

		l2r = True
	else:
		l2r = True

	if l2r:
		if reason is True:
			startWebserver(session, l2k)
			checkBonjour()

		elif reason is False:
			stopWebserver(session)
			checkBonjour()
Esempio n. 2
0
def networkstart(reason, session):
	l2r = False
	l2k = None
	if False:
		l2c = tpm.getCert(eTPM.TPMD_DT_LEVEL2_CERT)
		
		if l2c is None:
			return
		
		l2k = validate_certificate(l2c, rootkey)
		if l2k is None:
			return
			
		l2r = True
	else:
		l2r = True
		
	if l2r:	
		if reason is True:
			startWebserver(session, l2k)
			checkBonjour()
			
		elif reason is False:
			stopWebserver(session)
			checkBonjour()
Esempio n. 3
0
def networkstart(reason, session):
	l2r = False
	l2k = None
	if hw.get_device_name().lower() != "dm7025":		
		l2c = tpm.getCert(eTPM.TPMD_DT_LEVEL2_CERT)
		
		if l2c is None:
			return
		
		l2k = validate_certificate(l2c, rootkey)
		if l2k is None:
			return
			
		l2r = True
	else:
		l2r = True
		
	if l2r:	
		if reason is True:
			startWebserver(session, l2k)
			checkBonjour()
			
		elif reason is False:
			stopWebserver(session)
			checkBonjour()
Esempio n. 4
0
def startServerInstance(session, ipaddress, port, useauth=False, l2k=None, usessl=False):
	if hw.get_device_name().lower() != "dm7025":
		l3k = None
		l3c = tpm.getData(eTPM.DT_LEVEL3_CERT)

		if l3c is None:
			return False

		l3k = validate_certificate(l3c, l2k)
		if l3k is None:
			return False

		random = get_random()
		if random is None:
			return False

		value = tpm.computeSignature(random)
		result = decrypt_block(value, l3k)

		if result is None:
			return False
		else:
			if result[80:88] != random:
				return False

	if useauth:
# HTTPAuthResource handles the authentication for every Resource you want it to
		root = HTTPAuthResource(toplevel, "Enigma2 WebInterface")
		site = server.Site(root)
	else:
		root = HTTPRootResource(toplevel)
		site = server.Site(root)

	if has_ipv6 and fileExists('/proc/net/if_inet6') and version.major >= 12:
		if ipaddress == '0.0.0.0':
			ipaddress = '::'
		elif ipaddress == '127.0.0.1':
			ipaddress = '::1'

	if usessl:
		ctx = ChainedOpenSSLContextFactory(KEY_FILE, CERT_FILE)
		try:
			d = reactor.listenSSL(port, site, ctx, interface=ipaddress)
		except CannotListenError:
			print "[Webinterface] FAILED to listen on %s:%i auth=%s ssl=%s" % (ipaddress, port, useauth, usessl)
			return False
	else:
		try:
			d = reactor.listenTCP(port, site, interface=ipaddress)
			if ipaddress == '::1':
				d = reactor.listenTCP(port, site, interface='::ffff:127.0.0.1')
		except CannotListenError:
			print "[Webinterface] FAILED to listen on %s:%i auth=%s ssl=%s" % (ipaddress, port, useauth, usessl)
			return False

	running_defered.append(d)
	print "[Webinterface] started on %s:%i auth=%s ssl=%s" % (ipaddress, port, useauth, usessl)
	return True
Esempio n. 5
0
def startServerInstance(session, ipaddress, port, useauth=False, l2k=None, usessl=False):
	if hw.get_device_name().lower() != "dm7025":
		l3k = None
		l3c = tpm.getData(eTPM.DT_LEVEL3_CERT)

		if l3c is None:
			return False

		l3k = validate_certificate(l3c, l2k)
		if l3k is None:
			return False

		random = get_random()
		if random is None:
			return False

		value = tpm.computeSignature(random)
		result = decrypt_block(value, l3k)

		if result is None:
			return False
		else:
			if result [80:88] != random:
				return False

	if useauth:
# HTTPAuthResource handles the authentication for every Resource you want it to
		root = HTTPAuthResource(toplevel, "Enigma2 WebInterface")
		site = server.Site(root)
	else:
		root = HTTPRootResource(toplevel)
		site = server.Site(root)

	if has_ipv6 and fileExists('/proc/net/if_inet6') and version.major >= 12:
		if ipaddress == '0.0.0.0':
			ipaddress='::'
		elif ipaddress == '127.0.0.1':
			ipaddress='::1'

	if usessl:
		ctx = ChainedOpenSSLContextFactory(KEY_FILE, CERT_FILE)
		try:
			d = reactor.listenSSL(port, site, ctx, interface=ipaddress)
		except CannotListenError:
			print "[Webinterface] FAILED to listen on %s:%i auth=%s ssl=%s" % (ipaddress, port, useauth, usessl)
			return False
	else:
		try:
			d = reactor.listenTCP(port, site, interface=ipaddress)
			if ipaddress == '::1':
				d = reactor.listenTCP(port, site, interface='::ffff:127.0.0.1')
		except CannotListenError:
			print "[Webinterface] FAILED to listen on %s:%i auth=%s ssl=%s" % (ipaddress, port, useauth, usessl)
			return False

	running_defered.append(d)
	print "[Webinterface] started on %s:%i auth=%s ssl=%s" % (ipaddress, port, useauth, usessl)
	return True
Esempio n. 6
0
def startServerInstance(session,
                        ipaddress,
                        port,
                        useauth=False,
                        l2k=None,
                        usessl=False):
    if hw.get_device_name().lower() != "dm7025":
        l3k = None
        l3c = tpm.getCert(eTPM.TPMD_DT_LEVEL3_CERT)

        if l3c is None:
            return False

        l3k = validate_certificate(l3c, l2k)
        if l3k is None:
            return False

        random = get_random()
        if random is None:
            return False

        value = tpm.challenge(random)
        result = decrypt_block(value, l3k)

        if result is None:
            return False
        else:
            if result[80:88] != random:
                return False

    if useauth:
        # HTTPAuthResource handles the authentication for every Resource you want it to
        root = HTTPAuthResource(toplevel, "Enigma2 WebInterface")
        site = server.Site(root)
    else:
        root = HTTPRootResource(toplevel)
        site = server.Site(root)

    if usessl:
        ctx = ChainedOpenSSLContextFactory(KEY_FILE, CERT_FILE)
        try:
            d = reactor.listenSSL(port, site, ctx, interface=ipaddress)
        except CannotListenError:
            print "[Webinterface] FAILED to listen on %s:%i auth=%s ssl=%s" % (
                ipaddress, port, useauth, usessl)
            return False
    else:
        try:
            d = reactor.listenTCP(port, site, interface=ipaddress)
        except CannotListenError:
            print "[Webinterface] FAILED to listen on %s:%i auth=%s ssl=%s" % (
                ipaddress, port, useauth, usessl)
            return False

    running_defered.append(d)
    print "[Webinterface] started on %s:%i auth=%s ssl=%s" % (ipaddress, port,
                                                              useauth, usessl)
    return True
Esempio n. 7
0
def startServerInstance(session, ipaddress, port, useauth=False, l2k=None, usessl=False):
	if hw.get_device_name().lower() != "dm7025":
		l3k = None		
		l3c = tpm.getCert(eTPM.TPMD_DT_LEVEL3_CERT)
		
		if l3c is None:
			return False			
		
		l3k = validate_certificate(l3c, l2k)
		if l3k is None:			
			return False
		
		random = get_random()
		if random is None:
			return False
	
		value = tpm.challenge(random)
		result = decrypt_block(value, l3k)
		
		if result is None:
			return False
		else:
			if result [80:88] != random:		
				return False
		
	if useauth:
# HTTPAuthResource handles the authentication for every Resource you want it to			
		root = HTTPAuthResource(toplevel, "Enigma2 WebInterface")
		site = server.Site(root)			
	else:
		site = server.Site(toplevel)

	if usessl:
		from twisted.internet import ssl
		from OpenSSL import SSL
		ctx = ssl.DefaultOpenSSLContextFactory('/etc/enigma2/server.pem', '/etc/enigma2/cacert.pem', sslmethod=SSL.SSLv23_METHOD)
		try:
			d = reactor.listenSSL(port, site, ctx, interface=ipaddress)			
		except CannotListenError:
			print "[Webinterface] FAILED to listen on %s:%i auth=%s ssl=%s" % (ipaddress, port, useauth, usessl)
			return False
	else:
		try:
			d = reactor.listenTCP(port, site, interface=ipaddress)
		except CannotListenError:
			print "[Webinterface] FAILED to listen on %s:%i auth=%s ssl=%s" % (ipaddress, port, useauth, usessl)
			return False
	
	running_defered.append(d)
	print "[Webinterface] started on %s:%i auth=%s ssl=%s" % (ipaddress, port, useauth, usessl)
	return True
Esempio n. 8
0
def startServerInstance(session,
                        ipaddress,
                        port,
                        useauth=False,
                        l2k=None,
                        usessl=False):
    if hw.get_device_name().lower() != "dm7025":
        l3k = None
        l3c = tpm.getCert(eTPM.TPMD_DT_LEVEL3_CERT)

        if l3c is None:
            return False

        l3k = validate_certificate(l3c, l2k)
        if l3k is None:
            return False

        random = get_random()
        if random is None:
            return False

        value = tpm.challenge(random)
        result = decrypt_block(value, l3k)

        if result is None:
            return False
        else:
            if result[80:88] != random:
                return False

    if useauth:
        # HTTPAuthResource handles the authentication for every Resource you want it to
        root = HTTPAuthResource(toplevel, "Enigma2 WebInterface")
        site = server.Site(root)
    else:
        site = server.Site(toplevel)

    if usessl:

        ctx = ssl.DefaultOpenSSLContextFactory('/etc/enigma2/server.pem',
                                               '/etc/enigma2/cacert.pem',
                                               sslmethod=SSL.SSLv23_METHOD)
        d = reactor.listenSSL(port, site, ctx, interface=ipaddress)
    else:
        d = reactor.listenTCP(port, site, interface=ipaddress)
    running_defered.append(d)
    print "[Webinterface] started on %s:%i auth=%s ssl=%s" % (ipaddress, port,
                                                              useauth, usessl)
    return True
Esempio n. 9
0
def configCB(result, session):
    l2r = False
    l2k = None
    l2c = tpm.getData(eTPM.DT_LEVEL2_CERT)

    if l2c is None:
        return

    l2k = validate_certificate(l2c, rootkey)
    if l2k is None:
        return

    if result:
        print "[WebIf] config changed"
        restartWebserver(session, l2k)
        checkBonjour()
    else:
        print "[WebIf] config not changed"
Esempio n. 10
0
def configCB(result, session):
	l2r = False
	l2k = None
	l2c = tpm.getData(eTPM.DT_LEVEL2_CERT)

	if l2c is None:
		return

	l2k = validate_certificate(l2c, rootkey)
	if l2k is None:
		return

	if result:
		print "[WebIf] config changed"
		restartWebserver(session, l2k)
		checkBonjour()
	else:
		print "[WebIf] config not changed"
Esempio n. 11
0
def networkstart(reason, session):
    l2r = False
    l2k = None
    l2c = tpm.getData(eTPM.DT_LEVEL2_CERT)

    if l2c is None:
        return

    l2k = validate_certificate(l2c, rootkey)
    if l2k is None:
        return

    if reason is True:
        startWebserver(session, l2k)
        checkBonjour()

    elif reason is False:
        stopWebserver(session)
        checkBonjour()
Esempio n. 12
0
def configCB(result, session):
	l2r = False
	l2k = None
	if hw.get_device_name().lower() != "dm7025":
		l2c = tpm.getData(eTPM.DT_LEVEL2_CERT)

		if l2c is None:
			return

		l2k = validate_certificate(l2c, rootkey)
		if l2k is None:
			return

		l2r = True
	else:
		l2r = True

	if l2r:
		if result:
			print "[WebIf] config changed"
			restartWebserver(session, l2k)
			checkBonjour()
		else:
			print "[WebIf] config not changed"
Esempio n. 13
0
def configCB(result, session):
	l2r = False
	l2k = None
	if hw.get_device_name().lower() != "dm7025":		
		l2c = tpm.getCert(eTPM.TPMD_DT_LEVEL2_CERT)
		
		if l2c is None:
			return
		
		l2k = validate_certificate(l2c, rootkey)
		if l2k is None:
			return
			
		l2r = True
	else:
		l2r = True
		
	if l2r:	
		if result:
			print "[WebIf] config changed"
			restartWebserver(session, l2k)
			checkBonjour()
		else:
			print "[WebIf] config not changed"
Esempio n. 14
0
def startServerInstance(session,
                        port,
                        useauth=False,
                        l2k=None,
                        usessl=False,
                        ipaddress="::",
                        ipaddress2=None):
    l3k = None
    l3c = tpm.getData(eTPM.DT_LEVEL3_CERT)

    if l3c is None:
        return False

    l3k = validate_certificate(l3c, l2k)
    if l3k is None:
        return False

    random = get_random()
    if random is None:
        return False

    value = tpm.computeSignature(random)
    result = decrypt_block(value, l3k)

    if result is None:
        return False
    else:
        if result[80:88] != random:
            return False

    if useauth:
        # HTTPAuthResource handles the authentication for every Resource you want it to
        root = HTTPAuthResource(toplevel, "Enigma2 WebInterface")
        site = server.Site(root)
    else:
        root = HTTPRootResource(toplevel)
        site = server.Site(root)

    result = False

    def logFail(addr, exception=None):
        print "[Webinterface] FAILED to listen on %s:%i auth=%s ssl=%s" % (
            addr, port, useauth, usessl)
        if exception:
            print exception

    if usessl:
        ctx = ChainedOpenSSLContextFactory(KEY_FILE, CERT_FILE)
        try:
            d = reactor.listenSSL(port, site, ctx, interface=ipaddress)
            result = True
            running_defered.append(d)
        except CannotListenError as e:
            logFail(ipaddress, e)
        if ipaddress2:
            try:
                d = reactor.listenSSL(port, site, ctx, interface=ipaddress2)
                result = True
                running_defered.append(d)
            except CannotListenError as e:
                logFail(ipaddress2, e)
    else:
        try:
            d = reactor.listenTCP(port, site, interface=ipaddress)
            result = True
            running_defered.append(d)
        except CannotListenError as e:
            logFail(ipaddress, e)
        if ipaddress2:
            try:
                d = reactor.listenTCP(port, site, interface=ipaddress2)
                result = True
                running_defered.append(d)
            except CannotListenError as e:
                logFail(ipaddress2, e)

    print "[Webinterface] started on %s:%i auth=%s ssl=%s" % (ipaddress, port,
                                                              useauth, usessl)
    return result
Esempio n. 15
0
def startServerInstance(session, port, useauth=False, l2k=None, usessl=False, ipaddress="::", ipaddress2=None):
	l3k = None
	if False:	
		l3c = tpm.getData(eTPM.DT_LEVEL3_CERT)

	#if l3c is None:
		#return False
	if False:
		l3k = validate_certificate(l3c, l2k)
	#if l3k is None:
		#return False

	random = get_random()
	if random is None:
		return False

	#value = tpm.computeSignature(random)
	#result = decrypt_block(value, l3k)

	#if result is None:
		#return False
	#else:
		#if result [80:88] != random:
			#return False

	if useauth:
# HTTPAuthResource handles the authentication for every Resource you want it to
		root = HTTPAuthResource(toplevel, "Enigma2 WebInterface")
		site = server.Site(root)
	else:
		root = HTTPRootResource(toplevel)
		site = server.Site(root)

	result = False

	def logFail(addr, exception=None):
		print "[Webinterface] FAILED to listen on %s:%i auth=%s ssl=%s" % (addr, port, useauth, usessl)
		if exception:
			print exception

	if usessl:
		ctx = ChainedOpenSSLContextFactory(KEY_FILE, CERT_FILE)
		try:
			d = reactor.listenSSL(port, site, ctx, interface=ipaddress)
			result = True
			running_defered.append(d)
		except CannotListenError as e:
			logFail(ipaddress, e)
		if ipaddress2:
			try:
				d = reactor.listenSSL(port, site, ctx, interface=ipaddress2)
				result = True
				running_defered.append(d)
			except CannotListenError as e:
				logFail(ipaddress2, e)
	else:
		try:
			d = reactor.listenTCP(port, site, interface=ipaddress)
			result = True
			running_defered.append(d)
		except CannotListenError as e:
			logFail(ipaddress, e)
		if ipaddress2:
			try:
				d = reactor.listenTCP(port, site, interface=ipaddress2)
				result = True
				running_defered.append(d)
			except CannotListenError as e:
				logFail(ipaddress2, e)
	
	print "[Webinterface] started on %s:%i auth=%s ssl=%s" % (ipaddress, port, useauth, usessl)
	return result