def render_POST(self, request): """ Perform license activation. The POST must contain a 'payload' field. Payload must be a string consisting of 3 substrings concatenated by comma: msg, key, sig msg: the AES encrypted license key: the RSA encrypted AES key sig: the RSA signature over the encrypted msg and key For details, see cryptoutil.verify_and_decrypt. """ try: args = request.args headers = request.getAllHeaders() if headers.get("content-type", "missing") != 'application/x-www-form-urlencoded': return self.deny(request, "bad or missing content type ('%s')" % headers.get("content-type", "missing")) if args.has_key('payload'): payload = request.args['payload'][0] else: return self.deny(request, "1: missing payload field") # remove any whitespace (also line) from payload string re.sub(r'\s', '', payload) log.msg("License activation received:") log.msg("Raw License: " + payload) try: license = Database.parseLicense(self.services["config"].get('instance-priv-key'), payload) except Exception, e: return self.deny(request, "2: " + str(e)) hostid = str(self.services['platform'].getHostId()) if hostid != license['host-id']: return self.deny(request, "3: license is for host-id '%s', but this host has host-id '%s'" % (license['host-id'], hostid)) instanceid = str(self.services['config'].get("instance-id")) if instanceid != license['instance-id']: return self.deny(request, "4: license is for instance-id '%s', but this instance has instance-id '%s'" % (license['instance-id'], instanceid)) validfrom = parseutc(license['valid-from']) validto = parseutc(license['valid-to']) now = datetime.datetime.utcnow() if now < validfrom: return self.deny(request, "5: license is not yet valid (license validity %s - %s, now is %s)" % (license['valid-from'], license['valid-to'], utcstr(now))) if now >= validto: return self.deny(request, "6: license is expired (license validity %s - %s, now is %s)" % (license['valid-from'], license['valid-to'], utcstr(now))) d = self.dbpool.runInteraction(self._activateLicense, license, payload) d.addCallback(lambda res: self._onLicenseActivateSuccess(res, request)) d.addErrback(lambda res: self._onLicenseActivateError(res, request)) return NOT_DONE_YET
def render_POST(self, request): """ Perform license activation. The POST must contain a 'payload' field. Payload must be a string consisting of 3 substrings concatenated by comma: msg, key, sig msg: the AES encrypted license key: the RSA encrypted AES key sig: the RSA signature over the encrypted msg and key For details, see cryptoutil.verify_and_decrypt. """ try: args = request.args headers = request.getAllHeaders() if headers.get("content-type", "missing") != 'application/x-www-form-urlencoded': return self.deny( request, "bad or missing content type ('%s')" % headers.get("content-type", "missing")) if args.has_key('payload'): payload = request.args['payload'][0] else: return self.deny(request, "1: missing payload field") # remove any whitespace (also line) from payload string re.sub(r'\s', '', payload) log.msg("License activation received:") log.msg("Raw License: " + payload) try: license = Database.parseLicense( self.services["config"].get('instance-priv-key'), payload) except Exception, e: return self.deny(request, "2: " + str(e)) hostid = str(self.services['platform'].getHostId()) if hostid != license['host-id']: return self.deny( request, "3: license is for host-id '%s', but this host has host-id '%s'" % (license['host-id'], hostid)) instanceid = str(self.services['config'].get("instance-id")) if instanceid != license['instance-id']: return self.deny( request, "4: license is for instance-id '%s', but this instance has instance-id '%s'" % (license['instance-id'], instanceid)) validfrom = parseutc(license['valid-from']) validto = parseutc(license['valid-to']) now = datetime.datetime.utcnow() if now < validfrom: return self.deny( request, "5: license is not yet valid (license validity %s - %s, now is %s)" % (license['valid-from'], license['valid-to'], utcstr(now))) if now >= validto: return self.deny( request, "6: license is expired (license validity %s - %s, now is %s)" % (license['valid-from'], license['valid-to'], utcstr(now))) d = self.dbpool.runInteraction(self._activateLicense, license, payload) d.addCallback( lambda res: self._onLicenseActivateSuccess(res, request)) d.addErrback( lambda res: self._onLicenseActivateError(res, request)) ## avoid module level import of reactor from twisted.web.server import NOT_DONE_YET return NOT_DONE_YET
def _startService(self): cfg = None dbpool = None services = {} ## Master Service and logger ## services["master"] = self services["logger"] = self.logger ## remember service start time ## self.started = datetime.datetime.utcnow() ## make sure we have full absolute path to data dir ## self.appdata = os.path.abspath(self.appdata) ## Log OpenSSL info ## log.msg("Using pyOpenSSL %s on OpenSSL %s" % (OpenSSL.__version__, OpenSSL.SSL.SSLeay_version(OpenSSL.SSL.SSLEAY_VERSION))) ## Generate DH param set (primes ..) ## ## http://linux.die.net/man/3/ssl_ctx_set_tmp_dh ## http://linux.die.net/man/1/dhparam ## self.dhParamFilename = os.path.join(self.appdata, 'dh_param.pem') if not os.path.exists(self.dhParamFilename): os.system("openssl dhparam -out %s -2 1024" % self.dhParamFilename) log.msg("Generated DH param file %s" % self.dhParamFilename) else: log.msg("Using existing DH param file %s" % self.dhParamFilename) ## initialize database ## db = Database(services) #db.setName("database") #db.setServiceParent(self) services["database"] = db db.startService() cfg = db.getConfig(includeTls = True) dbpool = db.createPool() ## License options ## self.licenseOptions = db.getLicenseOptions() ## Installed options ## self.installedOptions = db.getInstalledOptions() if self.webdata is None: self.webdata = os.path.join(self.appdata, db.getConfig('web-dir')) print "Crossbar.io Web directory unspecified - using %s." % self.webdata ## Print out core information to log ## log.msg("") log.msg('*' * 80) log.msg("") log.msg(" You can access the management console of crossbar.io at") log.msg("") log.msg(" >>>>>>>>> %s" % db.getWebAdminURL()) log.msg("") log.msg(" from your browser (Google Chrome, Mozilla Firefox or Microsoft IE10+)") log.msg("") log.msg("") log.msg(" You can access the static Web content served by crossbar.io at") log.msg("") log.msg(" >>>>>>>>> %s" % self.webdata) log.msg("") log.msg(" on the filesystem of your instance.") log.msg("") log.msg('*' * 80) log.msg("") ## Setup services hierarchy ## SERVICES = [(None, None, [("config", Config)]), (None, None, [("platform", PlatformService)]), (None, None, [("netstat", NetstatService)]), (None, None, [("vmstat", VmstatService)]), (None, None, [("appws", HubWebSocketService)]), (None, None, [("echows", EchoWebSocketService)]), (None, None, [("flashpolicy", FlashPolicyService)]), (None, None, [("ftp", FtpService)]), (None, None, [("clientfilter", ClientFilter)]), (None, None, [("hubweb", HubWebService)]), (None, None, [("adminweb", AdminWebService)]), (None, None, [("adminws", AdminWebSocketService)]), (None, "rest", [("restpusher", RestPusher), ("restremoter", RestRemoter)]), (None, "extdirect", [("extdirectremoter", ExtDirectRemoter)]), ("postgresql", "postgresql", [("pgpusher", PgPusher), ("pgremoter", PgRemoter)]), ("oracle", "oracle", [("orapusher", OraPusher), ("oraremoter", OraRemoter)]), ("hana", "hana", [("hanapusher", HanaPusher), ("hanaremoter", HanaRemoter)]) ] for sdef in SERVICES: installedOptionName, licenseOptionName, serviceList = sdef installed = installedOptionName is None or self.installedOptions[installedOptionName] licensed = licenseOptionName is None or self.licenseOptions[licenseOptionName] for s in serviceList: if installed: if licensed: enabled = cfg.get("service-enable-%s" % s[0], True) if enabled: svc = s[1](dbpool, services) svc.setName(s[0]) svc.setServiceParent(self) services[s[0]] = svc else: log.msg("Skipping %s (service disabled)!" % s[1].SERVICENAME) else: log.msg("Skipping %s (service not licensed)!" % s[1].SERVICENAME) else: log.msg("Skipping %s (service not installed)!" % s[1].SERVICENAME) ## Start whole service hierarchy ## MultiService.startService(self)
def _startService(self): ## this is here, since it triggers a reactor import from crossbar.netservice.ftpserver import FtpService cfg = None dbpool = None services = {} ## Master Service and logger ## services["master"] = self services["logger"] = self.logger ## remember service start time ## self.started = datetime.datetime.utcnow() ## make sure we have full absolute path to data dir ## self.cbdata = os.path.abspath(self.cbdata) ## initialize database ## db = Database(services) #db.setName("database") #db.setServiceParent(self) services["database"] = db db.startService() cfg = db.getConfig(includeTls=True) dbpool = db.createPool() ## Log OpenSSL info ## log.msg("Using pyOpenSSL %s on OpenSSL %s" % (OpenSSL.__version__, OpenSSL.SSL.SSLeay_version(OpenSSL.SSL.SSLEAY_VERSION))) ## Generate DH param set (primes ..) ## ## http://linux.die.net/man/3/ssl_ctx_set_tmp_dh ## http://linux.die.net/man/1/dhparam ## self.dhParamFilename = os.path.join(self.cbdata, 'dh_param.pem') if not os.path.exists(self.dhParamFilename): os.system("openssl dhparam -out %s -2 1024" % self.dhParamFilename) log.msg("Generated DH param file %s" % self.dhParamFilename) else: log.msg("Using existing DH param file %s" % self.dhParamFilename) ## License options ## self.licenseOptions = db.getLicenseOptions() ## Installed options ## self.installedOptions = db.getInstalledOptions() if self.webdata is None: self.webdata = os.path.join(self.cbdata, db.getConfig('web-dir')) print "Crossbar.io Web directory unspecified - using %s." % self.webdata ## Print out core information to log ## log.msg("") log.msg('*' * 80) log.msg("") log.msg(" You can access the management console of crossbar.io at") log.msg("") log.msg(" >>>>>>>>> %s" % db.getWebAdminURL()) log.msg("") log.msg( " from your browser (Google Chrome, Mozilla Firefox or Microsoft IE10+)" ) log.msg("") log.msg("") log.msg( " You can access the static Web content served by crossbar.io at") log.msg("") log.msg(" >>>>>>>>> %s" % self.webdata) log.msg("") log.msg(" on the filesystem of your instance.") log.msg("") log.msg('*' * 80) log.msg("") ## Setup services hierarchy ## SERVICES = [(None, None, [("config", Config)]), (None, None, [("platform", PlatformService)]), (None, None, [("netstat", NetstatService)]), (None, None, [("vmstat", VmstatService)]), (None, None, [("appws", HubWebSocketService)]), (None, None, [("echows", EchoWebSocketService)]), (None, None, [("flashpolicy", FlashPolicyService)]), (None, None, [("ftp", FtpService)]), (None, None, [("clientfilter", ClientFilter)]), (None, None, [("hubweb", HubWebService)]), (None, None, [("adminweb", AdminWebService)]), (None, None, [("adminws", AdminWebSocketService)]), (None, "rest", [("restpusher", RestPusher), ("restremoter", RestRemoter)]), (None, "extdirect", [("extdirectremoter", ExtDirectRemoter) ]), ("postgresql", "postgresql", [("pgpusher", PgPusher), ("pgremoter", PgRemoter)]), ("oracle", "oracle", [("orapusher", OraPusher), ("oraremoter", OraRemoter)]), ("hana", "hana", [("hanapusher", HanaPusher), ("hanaremoter", HanaRemoter)])] for sdef in SERVICES: installedOptionName, licenseOptionName, serviceList = sdef installed = installedOptionName is None or self.installedOptions[ installedOptionName] licensed = licenseOptionName is None or self.licenseOptions[ licenseOptionName] for s in serviceList: if installed: if licensed: enabled = cfg.get("service-enable-%s" % s[0], True) if enabled: svc = s[1](dbpool, services) svc.setName(s[0]) svc.setServiceParent(self) services[s[0]] = svc else: log.msg("Skipping %s (service disabled)!" % s[1].SERVICENAME) else: log.msg("Skipping %s (service not licensed)!" % s[1].SERVICENAME) else: log.msg("Skipping %s (service not installed)!" % s[1].SERVICENAME) ## Start whole service hierarchy ## MultiService.startService(self)