class Sydent: def __init__(self): self.config_file = os.environ.get('SYDENT_CONF', "sydent.conf") self.cfg = parse_config(self.config_file) log_format = ("%(asctime)s - %(name)s - %(lineno)d - %(levelname)s" " - %(message)s") formatter = logging.Formatter(log_format) logPath = self.cfg.get('general', "log.path") if logPath != '': handler = logging.handlers.TimedRotatingFileHandler( logPath, when='midnight', backupCount=365) handler.setFormatter(formatter) def sighup(signum, stack): logger.info("Closing log file due to SIGHUP") handler.doRollover() logger.info("Opened new log file due to SIGHUP") else: handler = logging.StreamHandler() handler.setFormatter(formatter) rootLogger = logging.getLogger('') rootLogger.setLevel(self.cfg.get('general', 'log.level')) rootLogger.addHandler(handler) logger.info("Starting Sydent server") self.pidfile = self.cfg.get('general', "pidfile.path") observer = log.PythonLoggingObserver() observer.start() self.db = SqliteDatabase(self).db self.server_name = self.cfg.get('general', 'server.name') if self.server_name == '': self.server_name = os.uname()[1] logger.warn(( "You had not specified a server name. I have guessed that this server is called '%s' " + " and saved this in the config file. If this is incorrect, you should edit server.name in " + "the config file.") % (self.server_name, )) self.cfg.set('general', 'server.name', self.server_name) self.save_config() self.validators = Validators() self.validators.email = EmailValidator(self) self.validators.msisdn = MsisdnValidator(self) self.keyring = Keyring() self.keyring.ed25519 = SydentEd25519(self).signing_key self.keyring.ed25519.alg = 'ed25519' self.sig_verifier = Verifier(self) self.servlets = Servlets() self.servlets.v1 = V1Servlet(self) self.servlets.emailRequestCode = EmailRequestCodeServlet(self) self.servlets.emailValidate = EmailValidateCodeServlet(self) self.servlets.msisdnRequestCode = MsisdnRequestCodeServlet(self) self.servlets.msisdnValidate = MsisdnValidateCodeServlet(self) self.servlets.lookup = LookupServlet(self) self.servlets.bulk_lookup = BulkLookupServlet(self) self.servlets.pubkey_ed25519 = Ed25519Servlet(self) self.servlets.pubkeyIsValid = PubkeyIsValidServlet(self) self.servlets.ephemeralPubkeyIsValid = EphemeralPubkeyIsValidServlet( self) self.servlets.threepidBind = ThreePidBindServlet(self) self.servlets.threepidUnbind = ThreePidUnbindServlet(self) self.servlets.replicationPush = ReplicationPushServlet(self) self.servlets.getValidated3pid = GetValidated3pidServlet(self) self.servlets.storeInviteServlet = StoreInviteServlet(self) self.servlets.blindlySignStuffServlet = BlindlySignStuffServlet(self) self.threepidBinder = ThreepidBinder(self) self.sslComponents = SslComponents(self) self.clientApiHttpServer = ClientApiHttpServer(self) self.replicationHttpsServer = ReplicationHttpsServer(self) self.replicationHttpsClient = ReplicationHttpsClient(self) self.pusher = Pusher(self) def save_config(self): fp = open(self.config_file, 'w') self.cfg.write(fp) fp.close() def run(self): self.clientApiHttpServer.setup() self.replicationHttpsServer.setup() self.pusher.setup() internalport = self.cfg.get('http', 'internalapi.http.port') if internalport: try: interface = self.cfg.get('http', 'internalapi.http.bind_address') except ConfigParser.NoOptionError: interface = '::1' self.internalApiHttpServer = InternalApiHttpServer(self) self.internalApiHttpServer.setup(interface, int(internalport)) if self.pidfile: with open(self.pidfile, 'w') as pidfile: pidfile.write(str(os.getpid()) + "\n") twisted.internet.reactor.run() def ip_from_request(self, request): if (self.cfg.get('http', 'obey_x_forwarded_for') and request.requestHeaders.hasHeader("X-Forwarded-For")): return request.requestHeaders.getRawHeaders("X-Forwarded-For")[0] return request.getClientIP()
class Sydent: def __init__(self, reactor=twisted.internet.reactor): self.reactor = reactor self.config_file = os.environ.get('SYDENT_CONF', "sydent.conf") self.cfg = parse_config(self.config_file) log_format = ( "%(asctime)s - %(name)s - %(lineno)d - %(levelname)s" " - %(message)s" ) formatter = logging.Formatter(log_format) logPath = self.cfg.get('general', "log.path") if logPath != '': handler = logging.handlers.TimedRotatingFileHandler( logPath, when='midnight', backupCount=365 ) handler.setFormatter(formatter) def sighup(signum, stack): logger.info("Closing log file due to SIGHUP") handler.doRollover() logger.info("Opened new log file due to SIGHUP") else: handler = logging.StreamHandler() handler.setFormatter(formatter) rootLogger = logging.getLogger('') rootLogger.setLevel(self.cfg.get('general', 'log.level')) rootLogger.addHandler(handler) logger.info("Starting Sydent server") self.pidfile = self.cfg.get('general', "pidfile.path"); observer = log.PythonLoggingObserver() observer.start() self.db = SqliteDatabase(self).db self.server_name = self.cfg.get('general', 'server.name') if self.server_name == '': self.server_name = os.uname()[1] logger.warn(("You had not specified a server name. I have guessed that this server is called '%s' " + "and saved this in the config file. If this is incorrect, you should edit server.name in " + "the config file.") % (self.server_name,)) self.cfg.set('general', 'server.name', self.server_name) self.save_config() if self.cfg.has_option("general", "sentry_dsn"): # Only import and start sentry SDK if configured. import sentry_sdk sentry_sdk.init( dsn=self.cfg.get("general", "sentry_dsn"), ) with sentry_sdk.configure_scope() as scope: scope.set_tag("sydent_server_name", self.server_name) if self.cfg.has_option("general", "prometheus_port"): import prometheus_client prometheus_client.start_http_server( port=self.cfg.getint("general", "prometheus_port"), addr=self.cfg.get("general", "prometheus_addr"), ) # See if a pepper already exists in the database # Note: This MUST be run before we start serving requests, otherwise lookups for # 3PID hashes may come in before we've completed generating them hashing_metadata_store = HashingMetadataStore(self) lookup_pepper = hashing_metadata_store.get_lookup_pepper() if not lookup_pepper: # No pepper defined in the database, generate one lookup_pepper = generateAlphanumericTokenOfLength(5) # Store it in the database and rehash 3PIDs hashing_metadata_store.store_lookup_pepper(sha256_and_url_safe_base64, lookup_pepper) self.validators = Validators() self.validators.email = EmailValidator(self) self.validators.msisdn = MsisdnValidator(self) self.keyring = Keyring() self.keyring.ed25519 = SydentEd25519(self).signing_key self.keyring.ed25519.alg = 'ed25519' self.sig_verifier = Verifier(self) self.servlets = Servlets() self.servlets.v1 = V1Servlet(self) self.servlets.v2 = V2Servlet(self) self.servlets.emailRequestCode = EmailRequestCodeServlet(self) self.servlets.emailValidate = EmailValidateCodeServlet(self) self.servlets.msisdnRequestCode = MsisdnRequestCodeServlet(self) self.servlets.msisdnValidate = MsisdnValidateCodeServlet(self) self.servlets.lookup = LookupServlet(self) self.servlets.bulk_lookup = BulkLookupServlet(self) self.servlets.hash_details = HashDetailsServlet(self, lookup_pepper) self.servlets.lookup_v2 = LookupV2Servlet(self, lookup_pepper) self.servlets.pubkey_ed25519 = Ed25519Servlet(self) self.servlets.pubkeyIsValid = PubkeyIsValidServlet(self) self.servlets.ephemeralPubkeyIsValid = EphemeralPubkeyIsValidServlet(self) self.servlets.threepidBind = ThreePidBindServlet(self) self.servlets.threepidUnbind = ThreePidUnbindServlet(self) self.servlets.replicationPush = ReplicationPushServlet(self) self.servlets.getValidated3pid = GetValidated3pidServlet(self) self.servlets.storeInviteServlet = StoreInviteServlet(self) self.servlets.blindlySignStuffServlet = BlindlySignStuffServlet(self) self.servlets.termsServlet = TermsServlet(self) self.servlets.accountServlet = AccountServlet(self) self.servlets.registerServlet = RegisterServlet(self) self.servlets.logoutServlet = LogoutServlet(self) self.threepidBinder = ThreepidBinder(self) self.sslComponents = SslComponents(self) self.clientApiHttpServer = ClientApiHttpServer(self) self.replicationHttpsServer = ReplicationHttpsServer(self) self.replicationHttpsClient = ReplicationHttpsClient(self) self.pusher = Pusher(self) # A dedicated validation session store just to clean up old sessions every N minutes self.cleanupValSession = ThreePidValSessionStore(self) cb = task.LoopingCall(self.cleanupValSession.deleteOldSessions) cb.clock = self.reactor cb.start(10 * 60.0) def save_config(self): fp = open(self.config_file, 'w') self.cfg.write(fp) fp.close() def run(self): self.clientApiHttpServer.setup() self.replicationHttpsServer.setup() self.pusher.setup() internalport = self.cfg.get('http', 'internalapi.http.port') if internalport: try: interface = self.cfg.get('http', 'internalapi.http.bind_address') except ConfigParser.NoOptionError: interface = '::1' self.internalApiHttpServer = InternalApiHttpServer(self) self.internalApiHttpServer.setup(interface, int(internalport)) if self.pidfile: with open(self.pidfile, 'w') as pidfile: pidfile.write(str(os.getpid()) + "\n") self.reactor.run() def ip_from_request(self, request): if (self.cfg.get('http', 'obey_x_forwarded_for') and request.requestHeaders.hasHeader("X-Forwarded-For")): return request.requestHeaders.getRawHeaders("X-Forwarded-For")[0] return request.getClientIP()
class Sydent: def __init__(self): self.config_file = os.environ.get('SYDENT_CONF', "sydent.conf") self.cfg = parse_config(self.config_file) log_format = ( "%(asctime)s - %(name)s - %(lineno)d - %(levelname)s" " - %(message)s" ) formatter = logging.Formatter(log_format) logPath = self.cfg.get('general', "log.path") if logPath != '': handler = logging.handlers.TimedRotatingFileHandler( logPath, when='midnight', backupCount=365 ) handler.setFormatter(formatter) def sighup(signum, stack): logger.info("Closing log file due to SIGHUP") handler.doRollover() logger.info("Opened new log file due to SIGHUP") else: handler = logging.StreamHandler() handler.setFormatter(formatter) rootLogger = logging.getLogger('') rootLogger.setLevel(self.cfg.get('general', 'log.level')) rootLogger.addHandler(handler) logger.info("Starting Sydent server") self.pidfile = self.cfg.get('general', "pidfile.path"); observer = log.PythonLoggingObserver() observer.start() self.db = SqliteDatabase(self).db self.server_name = self.cfg.get('general', 'server.name') if self.server_name == '': self.server_name = os.uname()[1] logger.warn(("You had not specified a server name. I have guessed that this server is called '%s' " + " and saved this in the config file. If this is incorrect, you should edit server.name in " + "the config file.") % (self.server_name,)) self.cfg.set('general', 'server.name', self.server_name) self.save_config() if self.cfg.has_option("general", "sentry_dsn"): # Only import and start sentry SDK if configured. import sentry_sdk sentry_sdk.init( dsn=self.cfg.get("general", "sentry_dsn"), ) with sentry_sdk.configure_scope() as scope: scope.set_tag("sydent_server_name", self.server_name) if self.cfg.has_option("general", "prometheus_port"): import prometheus_client prometheus_client.start_http_server( port=self.cfg.getint("general", "prometheus_port"), addr=self.cfg.get("general", "prometheus_addr"), ) self.validators = Validators() self.validators.email = EmailValidator(self) self.validators.msisdn = MsisdnValidator(self) self.keyring = Keyring() self.keyring.ed25519 = SydentEd25519(self).signing_key self.keyring.ed25519.alg = 'ed25519' self.sig_verifier = Verifier(self) self.servlets = Servlets() self.servlets.v1 = V1Servlet(self) self.servlets.emailRequestCode = EmailRequestCodeServlet(self) self.servlets.emailValidate = EmailValidateCodeServlet(self) self.servlets.msisdnRequestCode = MsisdnRequestCodeServlet(self) self.servlets.msisdnValidate = MsisdnValidateCodeServlet(self) self.servlets.lookup = LookupServlet(self) self.servlets.bulk_lookup = BulkLookupServlet(self) self.servlets.pubkey_ed25519 = Ed25519Servlet(self) self.servlets.pubkeyIsValid = PubkeyIsValidServlet(self) self.servlets.ephemeralPubkeyIsValid = EphemeralPubkeyIsValidServlet(self) self.servlets.threepidBind = ThreePidBindServlet(self) self.servlets.threepidUnbind = ThreePidUnbindServlet(self) self.servlets.replicationPush = ReplicationPushServlet(self) self.servlets.getValidated3pid = GetValidated3pidServlet(self) self.servlets.storeInviteServlet = StoreInviteServlet(self) self.servlets.blindlySignStuffServlet = BlindlySignStuffServlet(self) self.threepidBinder = ThreepidBinder(self) self.sslComponents = SslComponents(self) self.clientApiHttpServer = ClientApiHttpServer(self) self.replicationHttpsServer = ReplicationHttpsServer(self) self.replicationHttpsClient = ReplicationHttpsClient(self) self.pusher = Pusher(self) # A dedicated validation session store just to clean up old sessions every N minutes self.cleanupValSession = ThreePidValSessionStore(self) cb = task.LoopingCall(self.cleanupValSession.deleteOldSessions) cb.start(10 * 60.0) def save_config(self): fp = open(self.config_file, 'w') self.cfg.write(fp) fp.close() def run(self): self.clientApiHttpServer.setup() self.replicationHttpsServer.setup() self.pusher.setup() internalport = self.cfg.get('http', 'internalapi.http.port') if internalport: try: interface = self.cfg.get('http', 'internalapi.http.bind_address') except ConfigParser.NoOptionError: interface = '::1' self.internalApiHttpServer = InternalApiHttpServer(self) self.internalApiHttpServer.setup(interface, int(internalport)) if self.pidfile: with open(self.pidfile, 'w') as pidfile: pidfile.write(str(os.getpid()) + "\n") twisted.internet.reactor.run() def ip_from_request(self, request): if (self.cfg.get('http', 'obey_x_forwarded_for') and request.requestHeaders.hasHeader("X-Forwarded-For")): return request.requestHeaders.getRawHeaders("X-Forwarded-For")[0] return request.getClientIP()