def start(self, iface='', network=None, bootstrap=None, cb=None, name=None, nodeid=None):
if bootstrap is None:
bootstrap = []
if network is None:
network = _conf.get_in_order("dht_network_filter", "ALL")
self._network = network
self._iface = iface
self._bootstrap = bootstrap
self._cb = cb
self._name = name
self._dlist = []
self._ssdps = SSDPServiceDiscovery(iface)
self._dlist += self._ssdps.start()
domain = _conf.get("security", "security_domain_name")
is_ca=False
try:
if _conf.get("security","certificate_authority")=="True":
ca = certificate_authority.CA(domain)
#make sure private key exist
if ca.verify_private_key_exist():
is_ca = True
except:
is_ca = False
self._ssdps.update_server_params(CA_SERVICE_UUID, sign=is_ca, name=name)
cert, certstr = certificate.get_own_cert(self._name)
if not cert:
_log.debug("runtime cert not available, let's create CSR")
if is_ca:
# We are the CA, just generate CSR and sign it
csrfile = certificate.new_runtime(name, domain, nodeid=nodeid)
_log.debug("Local CA sign runtime CSR")
try:
content = open(csrfile, 'rt').read()
certpath=ca.sign_csr(csrfile)
certificate.store_own_cert(certpath=certpath)
return self._signed_cert_available()
except:
_log.exception("Failed signing with local CA")
raise
else:
# Discover the signing CA
_log.debug("No signed cert, discover CA signing CSR")
self._sde_client = sde.Client(name, nodeid,
CalvinCB(self._ssdps.start_search,
CA_SERVICE_UUID,
callback=self._signed_cert_received),
self._signed_cert_available)
else:
_log.debug("runtime cert available")
self._signed_cert_available(cert=cert, certstr=certstr)
def start(self,
iface='',
network=None,
bootstrap=None,
cb=None,
name=None,
nodeid=None):
if bootstrap is None:
bootstrap = []
if network is None:
network = _conf.get_in_order("dht_network_filter", "ALL")
certpath, cert, certstr = self._runtime_credentials.get_own_cert()
if not certstr:
raise ("No runtime certificate available, please restart runtime")
self._network = network
self._iface = iface
self._bootstrap = bootstrap
self._cb = cb
self._name = name
self._dlist = []
self._ssdps = SSDPServiceDiscovery(self._node_id, self._control_uri,
iface)
self._dlist += self._ssdps.start()
domain = _conf.get("security", "domain_name")
is_ca = False
try:
_ca_conf = _conf.get("security", "certificate_authority")
if "is_ca" in _ca_conf and _ca_conf["is_ca"] == "True":
is_ca = True
except:
is_ca = False
self._ssdps.update_server_params(CA_SERVICE_UUID,
sign=is_ca,
name=name)
dht_id = dhtid_from_nodeid(self._node_id)
self.dht_server = ServerApp(
AppendServer,
dht_id,
node_name=self._name,
runtime_credentials=self._runtime_credentials)
ip, port = self.dht_server.start(iface=self._iface)
self._dlist.append(self.dht_server.bootstrap(self._bootstrap))
logger("Register service %s %s:%s" % (self._network, ip, port))
self._ssdps.register_service(self._network, ip, port)
logger("Set client filter %s" % (self._network))
self._ssdps.set_client_filter(self._network)
def bootstrap_proxy(addrs):
def started(args):
logger("DHT Started %s" % (args))
if not self._started and self._cb:
reactor.callLater(.2, self._cb, True)
self._started = True
def failed(args):
logger("DHT failed to bootstrap %s" % (args))
#reactor.callLater(.5, bootstrap_proxy, addrs)
logger("Trying to bootstrap with %s" % (repr(addrs)))
d = self.dht_server.bootstrap(addrs)
d.addCallback(started)
d.addErrback(failed)
def start_msearch(args):
def _later_start():
self._ssdps.start_search(SERVICE_UUID,
callback=bootstrap_proxy,
stop=False)
self._ssdps.update_server_params(SERVICE_UUID, cert=certstr)
logger("** msearch %s args: %s" % (self, repr(args)))
reactor.callLater(0, _later_start)
# Wait until servers all listen
dl = defer.DeferredList(self._dlist)
dl.addBoth(start_msearch)
# Only for logging
self.dht_server.kserver.protocol.sourceNode.port = port
self.dht_server.kserver.protocol.sourceNode.ip = "0.0.0.0"
#FIXME handle inside ServerApp
self.dht_server.kserver.name = self._name
self.dht_server.kserver.protocol.name = self._name
self.dht_server.kserver.protocol.storeOwnCert(certstr)
class AutoDHTServer(StorageBase):
def __init__(self, node_id, control_uri, runtime_credentials):
super(AutoDHTServer, self).__init__()
_log.debug(
"AutoDHTServer::__init_:\n\tnode_id={}\n\tcontrol_uri={}\n\truntime_credentials={}"
.format(node_id, control_uri, runtime_credentials))
self.dht_server = None
self._ssdps = None
self._started = False
self._name = None
self._node_id = node_id
self._control_uri = control_uri
self._runtime_credentials = runtime_credentials
def start(self,
iface='',
network=None,
bootstrap=None,
cb=None,
name=None,
nodeid=None):
if bootstrap is None:
bootstrap = []
if network is None:
network = _conf.get_in_order("dht_network_filter", "ALL")
certpath, cert, certstr = self._runtime_credentials.get_own_cert()
if not certstr:
raise ("No runtime certificate available, please restart runtime")
self._network = network
self._iface = iface
self._bootstrap = bootstrap
self._cb = cb
self._name = name
self._dlist = []
self._ssdps = SSDPServiceDiscovery(self._node_id, self._control_uri,
iface)
self._dlist += self._ssdps.start()
domain = _conf.get("security", "domain_name")
is_ca = False
self._ssdps.update_server_params(CA_SERVICE_UUID,
sign=is_ca,
name=name)
dht_id = dhtid_from_nodeid(self._node_id)
self.dht_server = ServerApp(
AppendServer,
dht_id,
node_name=self._name,
runtime_credentials=self._runtime_credentials)
ip, port = self.dht_server.start(iface=self._iface)
self._dlist.append(self.dht_server.bootstrap(self._bootstrap))
logger("Register service %s %s:%s" % (self._network, ip, port))
self._ssdps.register_service(self._network, ip, port)
logger("Set client filter %s" % (self._network))
self._ssdps.set_client_filter(self._network)
def bootstrap_proxy(addrs):
def started(args):
logger("DHT Started %s" % (args))
if not self._started and self._cb:
reactor.callLater(.2, self._cb, True)
self._started = True
def failed(args):
logger("DHT failed to bootstrap %s" % (args))
#reactor.callLater(.5, bootstrap_proxy, addrs)
logger("Trying to bootstrap with %s" % (repr(addrs)))
d = self.dht_server.bootstrap(addrs)
d.addCallback(started)
d.addErrback(failed)
def start_msearch(args):
def _later_start():
self._ssdps.start_search(SERVICE_UUID,
callback=bootstrap_proxy,
stop=False)
self._ssdps.update_server_params(SERVICE_UUID, cert=certstr)
logger("** msearch %s args: %s" % (self, repr(args)))
reactor.callLater(0, _later_start)
# Wait until servers all listen
dl = defer.DeferredList(self._dlist)
dl.addBoth(start_msearch)
# Only for logging
self.dht_server.kserver.protocol.sourceNode.port = port
self.dht_server.kserver.protocol.sourceNode.ip = "0.0.0.0"
#FIXME handle inside ServerApp
self.dht_server.kserver.name = self._name
self.dht_server.kserver.protocol.name = self._name
self.dht_server.kserver.protocol.storeOwnCert(certstr)
def set(self, key, value, cb=None):
return TwistedWaitObject(self.dht_server.set,
key=key,
value=value,
cb=cb)
def get(self, key, cb=None):
return TwistedWaitObject(self.dht_server.get, key=key, cb=cb)
def get_concat(self, key, cb=None):
return TwistedWaitObject(self.dht_server.get_concat, key=key, cb=cb)
def append(self, key, value, cb=None):
return TwistedWaitObject(self.dht_server.append,
key=key,
value=value,
cb=cb)
def remove(self, key, value, cb=None):
return TwistedWaitObject(self.dht_server.remove,
key=key,
value=value,
cb=cb)
def bootstrap(self, addrs, cb=None):
return TwistedWaitObject(self.dht_server.bootstrap, addr=addrs, cb=cb)
def stop_all_search(self):
return self._ssdps.stop_all_search()
def stop(self, cb=None):
d1 = self.dht_server.stop()
d2 = self._ssdps.stop()
dl = defer.DeferredList((d1, d2))
if cb:
dl.addBoth(cb)
return dl
def start(self, iface='', network=None, bootstrap=None, cb=None, name=None):
if bootstrap is None:
bootstrap = []
name_dir = os.path.join(self.cert_conf["CA_default"]["runtimes_dir"], name)
filename = os.listdir(os.path.join(name_dir, "mine"))
st_cert = open(os.path.join(name_dir, "mine", filename[0]), 'rt').read()
cert_part = st_cert.split(certificate.BEGIN_LINE)
certstr = "{}{}".format(certificate.BEGIN_LINE, cert_part[1])
try:
cert = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM,
certstr)
except:
raise
# Derive DHT node id
key = cert.digest("sha256")
newkey = key.replace(":", "")
bytekey = newkey.decode("hex")
if network is None:
network = _conf.get_in_order("dht_network_filter", "ALL")
self.dht_server = ServerApp(AppendServer, bytekey[-20:])
ip, port = self.dht_server.start(iface=iface)
dlist = []
dlist.append(self.dht_server.bootstrap(bootstrap))
self._ssdps = SSDPServiceDiscovery(iface, cert=certstr)
dlist += self._ssdps.start()
logger("Register service %s %s:%s" % (network, ip, port))
self._ssdps.register_service(network, ip, port)
logger("Set client filter %s" % (network))
self._ssdps.set_client_filter(network)
start_cb = defer.Deferred()
def bootstrap_proxy(addrs):
def started(args):
logger("DHT Started %s" % (args))
if not self._started:
reactor.callLater(.2, start_cb.callback, True)
if cb:
reactor.callLater(.2, cb, True)
self._started = True
def failed(args):
logger("DHT failed to bootstrap %s" % (args))
#reactor.callLater(.5, bootstrap_proxy, addrs)
logger("Trying to bootstrap with %s" % (repr(addrs)))
d = self.dht_server.bootstrap(addrs)
d.addCallback(started)
d.addErrback(failed)
def start_msearch(args):
logger("** msearch %s args: %s" % (self, repr(args)))
reactor.callLater(0,
self._ssdps.start_search,
bootstrap_proxy,
stop=False)
# Wait until servers all listen
dl = defer.DeferredList(dlist)
dl.addBoth(start_msearch)
# Only for logging
self.dht_server.kserver.protocol.sourceNode.port = port
self.dht_server.kserver.protocol.sourceNode.ip = "0.0.0.0"
#FIXME handle inside ServerApp
self.dht_server.kserver.name = name
self.dht_server.kserver.protocol.name = name
self.dht_server.kserver.protocol.storeOwnCert(certstr)
self.dht_server.kserver.protocol.setPrivateKey()
return start_cb
class AutoDHTServer(StorageBase):
def __init__(self):
super(AutoDHTServer, self).__init__()
self.dht_server = None
self._ssdps = None
self._started = False
self._name= None
def _derive_dht_id(self, cert):
key = cert.digest("sha256")
newkey = key.replace(":", "")
bytekey = newkey.decode("hex")
return bytekey[-20:]
def _signed_cert_received(self, addr_certificate):
if not addr_certificate:
return
ip, port, certificate = addr_certificate
_log.debug("Received signed cert %s" % certificate)
try:
self._sde_client.receive_cert_callback(certificate)
except:
# We got something that we did not like wait for proper response
return
_log.debug("Stop CA search")
self._ssdps.stop_search(CA_SERVICE_UUID)
self._signed_cert_available()
def _signed_cert_available(self, cert=None, certstr=None):
if cert is None:
_log.debug("_signed_cert_available, cert supplied={}".format(cert))
cert, certstr = certificate.get_own_cert(self._name)
if cert is None:
_log.error("No runtime certificate can be found")
dht_id = self._derive_dht_id(cert)
self.dht_server = ServerApp(AppendServer, dht_id, node_name=self._name)
ip, port = self.dht_server.start(iface=self._iface)
self._dlist.append(self.dht_server.bootstrap(self._bootstrap))
logger("Register service %s %s:%s" % (self._network, ip, port))
self._ssdps.register_service(self._network, ip, port)
logger("Set client filter %s" % (self._network))
self._ssdps.set_client_filter(self._network)
def bootstrap_proxy(addrs):
def started(args):
logger("DHT Started %s" % (args))
if not self._started and self._cb:
reactor.callLater(.2, self._cb, True)
self._started = True
def failed(args):
logger("DHT failed to bootstrap %s" % (args))
#reactor.callLater(.5, bootstrap_proxy, addrs)
logger("Trying to bootstrap with %s" % (repr(addrs)))
d = self.dht_server.bootstrap(addrs)
d.addCallback(started)
d.addErrback(failed)
def start_msearch(args):
def _later_start():
self._ssdps.start_search(SERVICE_UUID, callback=bootstrap_proxy, stop=False)
self._ssdps.update_server_params(SERVICE_UUID, cert=certstr)
logger("** msearch %s args: %s" % (self, repr(args)))
reactor.callLater(0, _later_start)
# Wait until servers all listen
dl = defer.DeferredList(self._dlist)
dl.addBoth(start_msearch)
# Only for logging
self.dht_server.kserver.protocol.sourceNode.port = port
self.dht_server.kserver.protocol.sourceNode.ip = "0.0.0.0"
#FIXME handle inside ServerApp
self.dht_server.kserver.name = self._name
self.dht_server.kserver.protocol.name = self._name
self.dht_server.kserver.protocol.storeOwnCert(certstr)
self.dht_server.kserver.protocol.getOwnCert()
self.dht_server.kserver.protocol.setPrivateKey()
def start(self, iface='', network=None, bootstrap=None, cb=None, name=None, nodeid=None):
if bootstrap is None:
bootstrap = []
if network is None:
network = _conf.get_in_order("dht_network_filter", "ALL")
self._network = network
self._iface = iface
self._bootstrap = bootstrap
self._cb = cb
self._name = name
self._dlist = []
self._ssdps = SSDPServiceDiscovery(iface)
self._dlist += self._ssdps.start()
domain = _conf.get("security", "security_domain_name")
is_ca=False
try:
if _conf.get("security","certificate_authority")=="True":
ca = certificate_authority.CA(domain)
#make sure private key exist
if ca.verify_private_key_exist():
is_ca = True
except:
is_ca = False
self._ssdps.update_server_params(CA_SERVICE_UUID, sign=is_ca, name=name)
cert, certstr = certificate.get_own_cert(self._name)
if not cert:
_log.debug("runtime cert not available, let's create CSR")
if is_ca:
# We are the CA, just generate CSR and sign it
csrfile = certificate.new_runtime(name, domain, nodeid=nodeid)
_log.debug("Local CA sign runtime CSR")
try:
content = open(csrfile, 'rt').read()
certpath=ca.sign_csr(csrfile)
certificate.store_own_cert(certpath=certpath)
return self._signed_cert_available()
except:
_log.exception("Failed signing with local CA")
raise
else:
# Discover the signing CA
_log.debug("No signed cert, discover CA signing CSR")
self._sde_client = sde.Client(name, nodeid,
CalvinCB(self._ssdps.start_search,
CA_SERVICE_UUID,
callback=self._signed_cert_received),
self._signed_cert_available)
else:
_log.debug("runtime cert available")
self._signed_cert_available(cert=cert, certstr=certstr)
def set(self, key, value, cb=None):
return TwistedWaitObject(self.dht_server.set, key=key, value=value, cb=cb)
def get(self, key, cb=None):
return TwistedWaitObject(self.dht_server.get, key=key, cb=cb)
def get_concat(self, key, cb=None):
return TwistedWaitObject(self.dht_server.get_concat, key=key, cb=cb)
def append(self, key, value, cb=None):
return TwistedWaitObject(self.dht_server.append, key=key, value=value, cb=cb)
def remove(self, key, value, cb=None):
return TwistedWaitObject(self.dht_server.remove, key=key, value=value, cb=cb)
def bootstrap(self, addrs, cb=None):
return TwistedWaitObject(self.dht_server.bootstrap, addr=addrs, cb=cb)
def stop_all_search(self):
return self._ssdps.stop_all_search()
def stop(self, cb=None):
d1 = self.dht_server.stop()
d2 = self._ssdps.stop()
dl = defer.DeferredList((d1, d2))
if cb:
dl.addBoth(cb)
return dl
def start(self,
iface='',
network=None,
bootstrap=None,
cb=None,
name=None,
nodeid=None):
if bootstrap is None:
bootstrap = []
if network is None:
network = _conf.get_in_order("dht_network_filter", "ALL")
self._network = network
self._iface = iface
self._bootstrap = bootstrap
self._cb = cb
self._name = name
self._dlist = []
self._ssdps = SSDPServiceDiscovery(iface)
self._dlist += self._ssdps.start()
domain = _conf.get("security", "security_domain_name")
is_ca = False
try:
if _conf.get("security", "certificate_authority") == "True":
ca = certificate_authority.CA(domain)
#make sure private key exist
if ca.verify_private_key_exist():
is_ca = True
except:
is_ca = False
self._ssdps.update_server_params(CA_SERVICE_UUID,
sign=is_ca,
name=name)
cert, certstr = certificate.get_own_cert(self._name)
if not cert:
_log.debug("runtime cert not available, let's create CSR")
if is_ca:
# We are the CA, just generate CSR and sign it
csrfile = certificate.new_runtime(name, domain, nodeid=nodeid)
_log.debug("Local CA sign runtime CSR")
try:
content = open(csrfile, 'rt').read()
certpath = ca.sign_csr(csrfile)
certificate.store_own_cert(certpath=certpath)
return self._signed_cert_available()
except:
_log.exception("Failed signing with local CA")
raise
else:
# Discover the signing CA
_log.debug("No signed cert, discover CA signing CSR")
self._sde_client = sde.Client(
name, nodeid,
CalvinCB(self._ssdps.start_search,
CA_SERVICE_UUID,
callback=self._signed_cert_received),
self._signed_cert_available)
else:
_log.debug("runtime cert available")
self._signed_cert_available(cert=cert, certstr=certstr)
class AutoDHTServer(StorageBase):
def __init__(self):
super(AutoDHTServer, self).__init__()
self.dht_server = None
self._ssdps = None
self._started = False
self._name = None
def _derive_dht_id(self, cert):
key = cert.digest("sha256")
newkey = key.replace(":", "")
bytekey = newkey.decode("hex")
return bytekey[-20:]
def _signed_cert_received(self, addr_certificate):
if not addr_certificate:
return
ip, port, certificate = addr_certificate
_log.debug("Received signed cert %s" % certificate)
try:
self._sde_client.receive_cert_callback(certificate)
except:
# We got something that we did not like wait for proper response
return
_log.debug("Stop CA search")
self._ssdps.stop_search(CA_SERVICE_UUID)
self._signed_cert_available()
def _signed_cert_available(self, cert=None, certstr=None):
if cert is None:
_log.debug("_signed_cert_available, cert supplied={}".format(cert))
cert, certstr = certificate.get_own_cert(self._name)
if cert is None:
_log.error("No runtime certificate can be found")
dht_id = self._derive_dht_id(cert)
self.dht_server = ServerApp(AppendServer, dht_id, node_name=self._name)
ip, port = self.dht_server.start(iface=self._iface)
self._dlist.append(self.dht_server.bootstrap(self._bootstrap))
logger("Register service %s %s:%s" % (self._network, ip, port))
self._ssdps.register_service(self._network, ip, port)
logger("Set client filter %s" % (self._network))
self._ssdps.set_client_filter(self._network)
def bootstrap_proxy(addrs):
def started(args):
logger("DHT Started %s" % (args))
if not self._started and self._cb:
reactor.callLater(.2, self._cb, True)
self._started = True
def failed(args):
logger("DHT failed to bootstrap %s" % (args))
#reactor.callLater(.5, bootstrap_proxy, addrs)
logger("Trying to bootstrap with %s" % (repr(addrs)))
d = self.dht_server.bootstrap(addrs)
d.addCallback(started)
d.addErrback(failed)
def start_msearch(args):
def _later_start():
self._ssdps.start_search(SERVICE_UUID,
callback=bootstrap_proxy,
stop=False)
self._ssdps.update_server_params(SERVICE_UUID, cert=certstr)
logger("** msearch %s args: %s" % (self, repr(args)))
reactor.callLater(0, _later_start)
# Wait until servers all listen
dl = defer.DeferredList(self._dlist)
dl.addBoth(start_msearch)
# Only for logging
self.dht_server.kserver.protocol.sourceNode.port = port
self.dht_server.kserver.protocol.sourceNode.ip = "0.0.0.0"
#FIXME handle inside ServerApp
self.dht_server.kserver.name = self._name
self.dht_server.kserver.protocol.name = self._name
self.dht_server.kserver.protocol.storeOwnCert(certstr)
self.dht_server.kserver.protocol.getOwnCert()
self.dht_server.kserver.protocol.setPrivateKey()
def start(self,
iface='',
network=None,
bootstrap=None,
cb=None,
name=None,
nodeid=None):
if bootstrap is None:
bootstrap = []
if network is None:
network = _conf.get_in_order("dht_network_filter", "ALL")
self._network = network
self._iface = iface
self._bootstrap = bootstrap
self._cb = cb
self._name = name
self._dlist = []
self._ssdps = SSDPServiceDiscovery(iface)
self._dlist += self._ssdps.start()
domain = _conf.get("security", "security_domain_name")
is_ca = False
try:
if _conf.get("security", "certificate_authority") == "True":
ca = certificate_authority.CA(domain)
#make sure private key exist
if ca.verify_private_key_exist():
is_ca = True
except:
is_ca = False
self._ssdps.update_server_params(CA_SERVICE_UUID,
sign=is_ca,
name=name)
cert, certstr = certificate.get_own_cert(self._name)
if not cert:
_log.debug("runtime cert not available, let's create CSR")
if is_ca:
# We are the CA, just generate CSR and sign it
csrfile = certificate.new_runtime(name, domain, nodeid=nodeid)
_log.debug("Local CA sign runtime CSR")
try:
content = open(csrfile, 'rt').read()
certpath = ca.sign_csr(csrfile)
certificate.store_own_cert(certpath=certpath)
return self._signed_cert_available()
except:
_log.exception("Failed signing with local CA")
raise
else:
# Discover the signing CA
_log.debug("No signed cert, discover CA signing CSR")
self._sde_client = sde.Client(
name, nodeid,
CalvinCB(self._ssdps.start_search,
CA_SERVICE_UUID,
callback=self._signed_cert_received),
self._signed_cert_available)
else:
_log.debug("runtime cert available")
self._signed_cert_available(cert=cert, certstr=certstr)
def set(self, key, value, cb=None):
return TwistedWaitObject(self.dht_server.set,
key=key,
value=value,
cb=cb)
def get(self, key, cb=None):
return TwistedWaitObject(self.dht_server.get, key=key, cb=cb)
def get_concat(self, key, cb=None):
return TwistedWaitObject(self.dht_server.get_concat, key=key, cb=cb)
def append(self, key, value, cb=None):
return TwistedWaitObject(self.dht_server.append,
key=key,
value=value,
cb=cb)
def remove(self, key, value, cb=None):
return TwistedWaitObject(self.dht_server.remove,
key=key,
value=value,
cb=cb)
def bootstrap(self, addrs, cb=None):
return TwistedWaitObject(self.dht_server.bootstrap, addr=addrs, cb=cb)
def stop_all_search(self):
return self._ssdps.stop_all_search()
def stop(self, cb=None):
d1 = self.dht_server.stop()
d2 = self._ssdps.stop()
dl = defer.DeferredList((d1, d2))
if cb:
dl.addBoth(cb)
return dl