コード例 #1
0
ファイル: server.py プロジェクト: wilane/openxcap
 def _start_https(self, reactor):
     from gnutls.interfaces.twisted import X509Credentials
     cert, pKey = TLSConfig.certificate, TLSConfig.private_key
     if cert is None or pKey is None:
         log.fatal("the TLS certificates or the private key could not be loaded")
         sys.exit(1)
     credentials = X509Credentials(cert, pKey)
     reactor.listenTLS(ServerConfig.root.port, HTTPFactory(self.site), credentials, interface=ServerConfig.address)
     log.msg("TLS started")
コード例 #2
0
 def __init__(self, host=None, use_tls=None, port=None, credentials=None):
     if host is not None:
         self.host = host.decode() if isinstance(host, bytes) else host
     if use_tls is not None:
         self.use_tls = use_tls
     if port is not None:
         self.port = port
     self.credentials = credentials
     if self.use_tls and self.credentials is None:
         self.credentials = X509Credentials(None, None)
コード例 #3
0
ファイル: protocol.py プロジェクト: pecila/python-msrplib
 def __init__(self, host=None, use_tls=None, port=None, credentials=None):
     if host is not None:
         self.host = host
     if use_tls is not None:
         self.use_tls = use_tls
     if port is not None:
         self.port = port
     self.credentials = credentials
     if self.use_tls and self.credentials is None:
         self.credentials = X509Credentials(None, None)
コード例 #4
0
    def tls_credentials(self):
        # This property can be optimized to cache the credentials it loads from disk,
        # however this is not a time consuming operation (~ 3000 req/sec). -Luci

        settings = SIPSimpleSettings()
        tls_certificate = self.tls.certificate or settings.tls.certificate

        certificate = None
        private_key = None

        if tls_certificate is not None:
            try:
                certificate_data = open(tls_certificate.normalized).read()
                certificate = X509Certificate(certificate_data)
                private_key = X509PrivateKey(certificate_data)
            except (FileNotFoundError, GNUTLSError, UnicodeDecodeError):
                pass

        trusted_cas = []
        ca_list = self.tls.ca_list or settings.tls.ca_list

        if ca_list is not None:
            if len(self.trusted_cas) > 0:
                trusted_cas = self.trusted_cas
            else:
                crt = None
                start = False
                try:
                    ca_text = open(ca_list.normalized).read()
                except (FileNotFoundError, GNUTLSError, UnicodeDecodeError):
                    ca_text = ''

                for line in ca_text.split("\n"):
                    if "BEGIN CERT" in line:
                        start = True
                        crt = line + "\n"
                    elif "END CERT" in line:
                        crt = crt + line + "\n"
                        end = True
                        start = False
                        try:
                            trusted_cas.append(X509Certificate(crt))
                        except (GNUTLSError, ValueError) as e:
                            continue

                    elif start:
                        crt = crt + line + "\n"

                self.trusted_cas = trusted_cas
                self.ca_list = ca_list

        credentials = X509Credentials(certificate, private_key, trusted_cas)
        credentials.verify_peer = self.tls.verify_server or settings.tls.certificate
        return credentials
コード例 #5
0
ファイル: sipthor.py プロジェクト: smartnetguru/sylkserver
 def start(self, roles):
     # Needs to be called from a green thread
     log.msg('Publishing %s roles to SIPThor' % roles)
     self.node = ThorEntity(SIPConfig.local_ip.normalized, roles, version=sylk.__version__)
     self.networks = {}
     self.presence_message = ThorEvent('Thor.Presence', self.node.id)
     self.shutdown_message = ThorEvent('Thor.Leave', self.node.id)
     credentials = X509Credentials(ThorNodeConfig.certificate, ThorNodeConfig.private_key, [ThorNodeConfig.ca])
     credentials.verify_peer = True
     tls_context = TLSContext(credentials)
     EventServiceClient.__init__(self, ThorNodeConfig.domain, tls_context)
コード例 #6
0
ファイル: server.py プロジェクト: jiuzhuaxiong/openxcap
 def _start_https(self, reactor):
     from gnutls.interfaces.twisted import X509Credentials
     from gnutls.connection import TLSContext, TLSContextServerOptions
     cert, pKey = TLSConfig.certificate, TLSConfig.private_key
     if cert is None or pKey is None:
         log.fatal("the TLS certificates or the private key could not be loaded")
         sys.exit(1)
     credentials = X509Credentials(cert, pKey)
     tls_context = TLSContext(credentials, server_options=TLSContextServerOptions(certificate_request=None))
     reactor.listenTLS(ServerConfig.root.port, HTTPFactory(self.site), tls_context, interface=ServerConfig.address)
     log.msg("TLS started")
コード例 #7
0
 def __init__(self, host=None, use_tls=None, port=None, credentials=None):
     if host is not None:
         self.host = host
     if use_tls is not None:
         self.use_tls = use_tls
     if port is not None:
         self.port = port
     self.credentials = credentials
     if self.use_tls and self.credentials is None:
         from gnutls.interfaces.twisted import X509Credentials
         self.credentials = X509Credentials(None, None)
コード例 #8
0
 def __init__(self):
     self.node = ThorEntity(host.default_ip, ['call_control'],
                            version=__version__)
     self.networks = {}
     self.rating_connections = {}
     self.presence_message = ThorEvent('Thor.Presence', self.node.id)
     self.shutdown_message = ThorEvent('Thor.Leave', self.node.id)
     credentials = X509Credentials(ThorNodeConfig.certificate,
                                   ThorNodeConfig.private_key,
                                   [ThorNodeConfig.ca])
     credentials.verify_peer = True
     tls_context = TLSContext(credentials)
     EventServiceClient.__init__(self, ThorNodeConfig.domain, tls_context)
コード例 #9
0
 def __init__(self):
     self.node = ThorEntity(host.default_ip, ['msrprelay_server'],
                            version=__version__)
     self.networks = {}
     self.presence_message = ThorEvent('Thor.Presence', self.node.id)
     self.shutdown_message = ThorEvent('Thor.Leave', self.node.id)
     credentials = X509Credentials(Config.certificate, Config.private_key,
                                   [Config.ca])
     credentials.verify_peer = True
     tls_context = TLSContext(credentials)
     EventServiceClient.__init__(self, ThorNetworkConfig.domain,
                                 tls_context)
     process.signals.add_handler(signal.SIGHUP, self._handle_signal)
     process.signals.add_handler(signal.SIGINT, self._handle_signal)
     process.signals.add_handler(signal.SIGTERM, self._handle_signal)
コード例 #10
0
    def tls_credentials(self):
        # This property can be optimized to cache the credentials it loads from disk,
        # however this is not a time consuming operation (~ 3000 req/sec). -Luci
        settings = SIPSimpleSettings()
        tls_certificate = self.tls.certificate or settings.tls.certificate
        if tls_certificate is not None:
            certificate_data = open(tls_certificate.normalized).read()
            certificate = X509Certificate(certificate_data)
            private_key = X509PrivateKey(certificate_data)
        else:
            certificate = None
            private_key = None

        credentials = X509Credentials(certificate, private_key, [])
        credentials.verify_peer = False
        return credentials
コード例 #11
0
    def test_server_connectionMade_never_called(self):
        # trigger case when protocol instance is created,
        # but it's connectionMade is never called
        from gnutls.interfaces.twisted import X509Credentials
        from gnutls.errors import GNUTLSError
        cred = X509Credentials(None, None)
        ev = Event()

        def handle(conn):
            ev.send("handle must not be called")

        s = reactor.listenTLS(
            0, pr.SpawnFactory(handle, LineOnlyReceiverTransport), cred)
        creator = pr.GreenClientCreator(reactor, LineOnlyReceiverTransport)
        try:
            conn = creator.connectTLS('127.0.0.1', s.getHost().port, cred)
        except GNUTLSError:
            pass
        assert ev.poll() is None, repr(ev.poll())
コード例 #12
0
ファイル: sipthor.py プロジェクト: FihlaTV/openxcap
 def __init__(self):
     self._database = DatabaseConnection()
     self.node = ThorEntity(host.default_ip if ServerConfig.address
                            == '0.0.0.0' else ServerConfig.address,
                            ['xcap_server'],
                            version=xcap.__version__)
     self.networks = {}
     self.presence_message = ThorEvent('Thor.Presence', self.node.id)
     self.shutdown_message = ThorEvent('Thor.Leave', self.node.id)
     credentials = X509Credentials(ThorNodeConfig.certificate,
                                   ThorNodeConfig.private_key,
                                   [ThorNodeConfig.ca])
     credentials.verify_peer = True
     tls_context = TLSContext(credentials)
     self.control = ControlLink(tls_context)
     EventServiceClient.__init__(self, ThorNodeConfig.domain, tls_context)
     process.signals.add_handler(signal.SIGHUP, self._handle_SIGHUP)
     process.signals.add_handler(signal.SIGINT, self._handle_SIGINT)
     process.signals.add_handler(signal.SIGTERM, self._handle_SIGTERM)
コード例 #13
0
ファイル: strports.py プロジェクト: antworteffekt/sage
def _parseTLS(factory,
              port,
              privateKey='server.pem',
              certKey=None,
              sslmethod=None,
              interface='',
              backlog=50):
    from gnutls.interfaces.twisted import X509Credentials
    from gnutls.crypto import X509Certificate, X509PrivateKey

    if certKey is None:
        certKey = privateKey

    cert = X509Certificate(open(certKey).read())
    key = X509PrivateKey(open(privateKey).read())
    cf = X509Credentials(cert, key)

    return ((int(port), factory, cf), {
        'interface': interface,
        'backlog': int(backlog)
    })
コード例 #14
0
 def tls_credentials(self):
     # This property can be optimized to cache the credentials it loads from disk,
     # however this is not a time consuming operation (~ 3000 req/sec). -Luci
     settings = SIPSimpleSettings()
     if self.tls.certificate is not None:
         certificate_data = open(self.tls.certificate.normalized).read()
         certificate = X509Certificate(certificate_data)
         private_key = X509PrivateKey(certificate_data)
     else:
         certificate = None
         private_key = None
     if settings.tls.ca_list is not None:
         # we should read all certificates in the file, rather than just the first -Luci
         trusted = [
             X509Certificate(open(settings.tls.ca_list.normalized).read())
         ]
     else:
         trusted = []
     credentials = X509Credentials(certificate, private_key, trusted)
     credentials.verify_peer = self.tls.verify_server
     return credentials
コード例 #15
0
ファイル: tc-gnutls.py プロジェクト: uuip/python3-gnutls
count = options.count

active = count
succesful = 0
failed = 0

certs_path = os.path.join(gnutls_path, 'examples/certs')

certs_path = os.path.join(gnutls_path, 'examples/certs')

cert = X509Certificate(open(certs_path + '/valid.crt').read())
key = X509PrivateKey(open(certs_path + '/valid.key').read())
ca = X509Certificate(open(certs_path + '/ca.pem').read())
crl = X509CRL(open(certs_path + '/crl.pem').read())
if options.send_certs:
    cred = X509Credentials(cert, key, [ca])
else:
    cred = X509Credentials(trusted=[ca])
cred.verify_peer = options.verify
context = TLSContext(cred)

echo_factory = EchoFactory()

start_time = time()

for x in range(count):
    reactor.connectSSL(host, port, echo_factory, context)
reactor.run()

duration = time() - start_time
rate = count / duration
コード例 #16
0
from twisted.names.srvconnect import SRVConnector
from gnutls.interfaces.twisted import TLSContext, X509Credentials

from eventlet.twistedutil.protocol import GreenClientCreator
from eventlet.twistedutil.protocols.basic import LineOnlyReceiverTransport


class NoisySRVConnector(SRVConnector):
    def pickServer(self):
        host, port = SRVConnector.pickServer(self)
        print 'Resolved _%s._%s.%s --> %s:%s' % (self.service, self.protocol,
                                                 self.domain, host, port)
        return host, port


cred = X509Credentials(None, None)
ctx = TLSContext(cred)
creator = GreenClientCreator(reactor, LineOnlyReceiverTransport)
conn = creator.connectSRV('msrps',
                          'ag-projects.com',
                          connectFuncName='connectTLS',
                          connectFuncArgs=(ctx, ),
                          ConnectorClass=NoisySRVConnector)

request = """MSRP 49fh AUTH
To-Path: msrps://[email protected];tcp
From-Path: msrps://alice.example.com:9892/98cjs;tcp
-------49fh$
""".replace('\n', '\r\n')

print 'Sending:\n%s' % request
コード例 #17
0
        print 'MAC algorithm:', session.mac_algorithm
        print 'Compression:  ', session.compression

    def lineReceived(self, line):
        if line == 'quit':
            self.transport.loseConnection()
            return
        self.sendLine('hello')

    def connectionLost(self, reason):
        if reason.type != ConnectionDone:
            print "Connection was lost:", str(reason.value)


class EchoFactory(Factory):
    protocol = EchoProtocol


certs_path = 'certs'

cert = X509Certificate(open(certs_path + '/valid.crt').read())
key = X509PrivateKey(open(certs_path + '/valid.key').read())
cred = X509Credentials(cert, key)

cred.session_params.protocols = (PROTO_TLS1_2, )
cred.session_params.ciphers = (GNUTLS_CIPHER_AES_256_CBC, )
cred.session_params.compressions = (COMP_DEFLATE, COMP_NULL)

reactor.listenTLS(10000, EchoFactory(), cred)
reactor.run()
コード例 #18
0
        print 'Compression:   %s' % session.compression

    def lineReceived(self, line):
        if line == 'quit':
            self.transport.loseConnection()
            return
        self.sendLine(line)

    def connectionLost(self, reason):
        if reason.type != ConnectionDone:
            print "Connection was lost: %s" % reason.value


class EchoFactory(Factory):
    protocol = EchoProtocol


script_path = os.path.realpath(os.path.dirname(sys.argv[0]))
certs_path = os.path.join(script_path, 'certs')

cert = X509Certificate(open(certs_path + '/valid.crt').read())
key = X509PrivateKey(open(certs_path + '/valid.key').read())
ca = X509Certificate(open(certs_path + '/ca.pem').read())
crl = X509CRL(open(certs_path + '/crl.pem').read())
cred = X509Credentials(cert, key, [ca], [crl])
cred.verify_peer = True
context = TLSContext(cred, session_parameters="NORMAL:+COMP-DEFLATE")

reactor.listenTLS(10000, EchoFactory(), context)
reactor.run()
コード例 #19
0
ファイル: test_basic.py プロジェクト: pecila/python-msrplib
class TLSMixin(object):
    use_tls = True
    cert = X509Certificate(open('valid.crt').read())
    key = X509PrivateKey(open('valid.key').read())
    server_credentials = X509Credentials(cert, key)
コード例 #20
0

class EchoProtocol(LineOnlyReceiver):

    def connectionMade(self):
        self.sendLine('echo')

    def lineReceived(self, line):
        print 'received: ', line
        self.transport.loseConnection()

    def connectionLost(self, reason):
        reactor.stop()

class EchoFactory(ClientFactory):
    protocol = EchoProtocol

    def clientConnectionFailed(self, connector, err):
        print err.value
        reactor.stop()

cred = X509Credentials()

cred.session_params.protocols = (PROTO_TLS1_2,)
cred.session_params.ciphers = (GNUTLS_CIPHER_AES_256_CBC,)
cred.session_params.compressions = (COMP_DEFLATE, COMP_NULL)

reactor.connectTLS('localhost', 10000, EchoFactory(), cred)
reactor.run()