def __init__(self, ssl_cert, ssl_key, ssl_cert_chain, ssl_port, dest_host, dest_port, server_name, status_port): """ Create a rageServerService. @param ssl_cert: the certificate text. @param ssl_key: the key text. @param ssl_port: the port to listen on with ssl. @param dest_host: destination hostname. @param dest_port: destination port. @param server_name: name of this server. """ MultiService.__init__(self) self.heartbeat_writer = None if server_name is None: server_name = "anonymous_instance" self.server_name = server_name self.factory = SSLProxyFactory(ssl_port, dest_host, dest_port, self.server_name) ssl_context_factory = ProxyContextFactory(ssl_cert, ssl_key, ssl_cert_chain) self.ssl_service = SSLServer(ssl_port, self.factory, ssl_context_factory) self.ssl_service.setName("SSL") self.ssl_service.setServiceParent(self) # setup the status service self.status_service = create_status_service(self.factory, status_port) self.status_service.setServiceParent(self) # disable ssl compression if config.ssl_proxy.disable_ssl_compression: disable_ssl_compression(logger)
def makeService(self, options): rpc = TriggerXMLRPCServer(allowNone=True, useDateTime=True) xmlrpc.addIntrospection(rpc) site_factory = server.Site(rpc) # Try to setup SSL if ssl is not None: ctx = ssl.DefaultOpenSSLContextFactory(options['ssl-keyfile'], options['ssl-certfile']) xmlrpc_service = SSLServer(int(options['port']), site_factory, ctx) # Or fallback to clear-text =( else: xmlrpc_service = TCPServer(int(options['port']), site_factory) # SSH Manhole service console_service = makeConsoleService( { 'sshPort': 'tcp:%s' % options['ssh-port'], 'telnetPort': None, 'passwd': options['ssh-users'], 'namespace': { 'service': rpc, 'rebuild': rebuild, 'factory': site_factory, } } ) svc = MultiService() xmlrpc_service.setServiceParent(svc) console_service.setServiceParent(svc) return svc
def __init__(self, env): self.env = env https_port = env.config.getint('web', 'https_port') or HTTPS_PORT priv, cert = self._getCertificates() context = ssl.DefaultOpenSSLContextFactory(str(priv), str(cert)) log_file = env.config.get('web', 'https_log_file') or None if not os.path.isabs(log_file): log_file = os.path.join(self.env.config.path, log_file) factory = WebServiceFactory(env, log_file) SSLServer.__init__(self, https_port, factory, context, 1)
def __init__(self, addresses=None): MultiService.__init__(self) sCtx = OpenSSLContextFactoryFactory.getFactory('fesl.ea.com') addresses = dict(addresses) host = 'nfsps2-pc.fesl.ea.com' sFact = LoginServerFactory() #sFact = makeTLSFwdFactory('login.nfsps2.client', 'login.nfsps2.server', fwdDRC, fwdDRS)(*address) self.addService(SSLServer(addresses[host], sFact, sCtx)) host = 'nfsps2-pc.theater.ea.com' sFact = TheaterServerFactory() self.addService(SSLServer(addresses[host], sFact, sCtx))
def get_service(self): RESTService.game = self.game factory = RESTServer(self.game.invoke_hook('rest_services')) port = self.options.getint('port') if self.options.getboolean('ssl'): ctx_factory = ssl.DefaultOpenSSLContextFactory( self.game.game_file_path(self.options.get('private key')), self.game.game_file_path(self.options.get('certificate')), sslmethod=SSL.TLSv1_METHOD) service = SSLServer(port, factory, ctx_factory) else: service = TCPServer(port, factory) service.setName('REST Server') return service
def get_service(self): RESTService.game = self.game factory = RESTServer(self.game.invoke_hook('rest_services')) port = self.options.getint('port') if self.options.getboolean('ssl'): ctx_factory = ssl.DefaultOpenSSLContextFactory( self.game.game_file_path(self.options.get('private key')), self.game.game_file_path(self.options.get('certificate')), sslmethod=SSL.TLSv1_METHOD ) service = SSLServer(port, factory, ctx_factory) else: service = TCPServer(port, factory) service.setName('REST Server') return service
def _configure_web_server(self, config, controller): interfaces, https, key_file, cert_file, chain_file, _, _ = \ self._validate_web_config(config) site = server.Site(get_web_app(config, controller)) web_servers = [] for interface, port in interfaces: if https: cf = SSLCertOptions(key_file, cert_file, chain_file) web_server = SSLServer(port, site, cf, interface=interface) method = 'https' else: web_server = TCPServer(port, site, interface=interface) method = 'http' web_servers.append(web_server) if ':' in interface: interface = '[{}]'.format(interface) log.msg(format="Scrapy-Do web interface is available at " "%(method)s://%(interface)s:%(port)s/", method=method, interface=interface, port=port) return web_servers
def add_maybe_ssl(self, port, factory, ssl_cf): # type: (int, ServerFactory, Optional[Any]) -> None """Add a Service from factory, optionally behind TLS""" self.addService( SSLServer(port, factory, contextFactory=ssl_cf, reactor=reactor) if ssl_cf else TCPServer(port, factory, reactor=reactor) )
def makeService(self, options): rpc = TriggerXMLRPCServer(allowNone=True, useDateTime=True) xmlrpc.addIntrospection(rpc) site_factory = server.Site(rpc) # Try to setup SSL if ssl is not None: ctx = ssl.DefaultOpenSSLContextFactory(options['ssl-keyfile'], options['ssl-certfile']) xmlrpc_service = SSLServer(int(options['port']), site_factory, ctx, interface=options['listen-address']) # Or fallback to clear-text =( else: xmlrpc_service = TCPServer(int(options['port']), site_factory, interface=options['listen-address']) # SSH Manhole service console_service = makeConsoleService({ 'sshPort': 'tcp:%s:interface=%s' % (options['ssh-port'], options['listen-address']), 'sshKeyDir': options['ssh-keydir'], 'sshKeyName': options['ssh-keyname'], 'sshKeySize': options['ssh-keysize'], 'telnetPort': None, 'passwd': options['ssh-users'], 'namespace': { 'service': rpc, 'rebuild': rebuild, 'factory': site_factory, } }) svc = MultiService() xmlrpc_service.setServiceParent(svc) console_service.setServiceParent(svc) return svc
def main(): """To daemonize as a twistd plugin! Except this doesn't work and these""" from twisted.application.internet import TCPServer, SSLServer from twisted.application.service import Application from twisted.internet import ssl rpc = TriggerXMLRPCServer() xmlrpc.addIntrospection(rpc) server_factory = server.Site(rpc) application = Application('trigger_xmlrpc') #xmlrpc_service = TCPServer(8000, server_factory) ctx = ssl.DefaultOpenSSLContextFactory('server.key', 'cacert.pem') xmlrpc_service = SSLServer(8000, server_factory, ctx) xmlrpc_service.setServiceParent(application) return application
def make_application(*config_file_paths): """Parse configuration and launch a kaoz client/server process. Args: config_file_paths: list of paths to search for configuration files. Returns: A twisted Application object """ config = ConfigParser.SafeConfigParser() config.read(*config_file_paths) application = Application("Kaoz Irc-Notifier") client_factory = PublisherFactory(config) server_factory = ListenerFactory(config, client_factory) listen_port = config.getint('listener', 'port') if config.getboolean('listener', 'ssl'): assert has_ssl, "SSL support requested but not available" ssl_context = DefaultOpenSSLContextFactory( config.get('listener', 'ssl_cert'), # The key config.get('listener', 'ssl_cert'), # The certificate ) server = SSLServer(listen_port, server_factory, ssl_context) else: server = TCPServer(listen_port, server_factory) server.setServiceParent(application) # IRC irc_server = config.get('irc', 'server') irc_port = config.getint('irc', 'port') if config.getboolean('irc', 'ssl'): assert has_ssl, "SSL support requested but not available" ssl_context = ClientContextFactory() ircservice = SSLClient(irc_server, irc_port, client_factory, ssl_context) else: ircservice = TCPClient(irc_server, irc_port, client_factory) ircservice.setServiceParent(application) return application
class BackupServer(object): def __init__(self, ip='0.0.0.0', port=8123): self.port = port self.clients = {} self.storage = Storage(settings.BACKTRAC_BACKUP_ROOT) realm = BackupRealm() realm.server = self checker = BackupClientAuthChecker() self.portal = portal.Portal(realm, [checker]) self.factory = PBServerFactory(self.portal) context = ssl.DefaultOpenSSLContextFactory("server.key", "server.crt") self.service = SSLServer(self.port, self.factory, context, interface=ip) self.restore_loop = LoopingCall(self.execute_pending_restores) self.restore_loop.start(5) self.server_loop = LoopingCall(self.update_server_status) self.server_loop.start(5) self.catalog_backup_loop = LoopingCall(self.backup_catalog) deferLater(reactor, get_seconds_till_midnight(), self._start_catalog_backup_loop) def update_server_status(self): cache.set(SERVER_STATUS_CACHE_KEY, True, timeout=10) def execute_pending_restores(self): for hostname, client in self.clients.items(): client.execute_pending_restores() def _start_catalog_backup_loop(self): self.catalog_backup_loop.start(86400) def backup_catalog(self): reactor.callInThread(self._perform_catalog_backup) def _perform_catalog_backup(self): old_stdout = sys.stdout sys.stdout = open(settings.BACKTRAC_CATALOG_BACKUP, 'w') management.call_command('dumpdata', indent=2) sys.stdout.close() sys.stdout = old_stdout def start(self): self.service.startService()
def __init__(self, **options): basePort = 18710 MultiService.__init__(self) sCtx = OpenSSLContextFactoryFactory.getFactory('fesl.ea.com') sFact = Mercs2LoginFactory() #sFact = makeTLSFwdFactory('fesl.fwdCli', 'fesl.fwdSer')('mercs2-pc.fesl.ea.com', basePort) self.addService(SSLServer(basePort, sFact, sCtx)) sFact = Mercs2TheaterFactory() #sFact = makeTCPFwdFactory('theater.fwdCli', 'theater.fwdSer')('mercs2-pc.theater.ea.com', basePort+5) self.addService(TCPServer(basePort + 5, sFact))
def __init__(self, addresses=None): MultiService.__init__(self) ctx = OpenSSLContextFactoryFactory.getFactory('fesl.ea.com') fact = Burnout08LoginServerFactory() #fact = makeTLSFwdFactory('fesl.fwdCli', 'fesl.fwdSer', fC, fS)(*address) self.addService(SSLServer(addresses[0][1], fact, ctx)) fact = Burnout08TheaterServerFactory() #fact = makeTCPFwdFactory('theater.fwdCli', 'theater.fwdSer', fwdDRC, fwdDRS)(address[0], address[1]+1) self.addService(TCPServer(addresses[0][1] + 1, fact))
def __init__(self, addresses=None): MultiService.__init__(self) ports = dict(addresses) name = 'prodgos28.ea.com' sCtx = OpenSSLContextFactoryFactory.getFactory(name) address = (name, ports[name]) #sFact = RedAlert3LoginFactory() sFact = makeTLSFwdFactory('login.cnc4.client', 'login.cnc4.server', fwd, fwd)(*address) self.addService(SSLServer(address[1], sFact, sCtx))
def create_status_service(storage, parent_service, port, user_id=0, ssl_context_factory=None): """Create the status service.""" root = resource.Resource() root.putChild('status', _Status(storage, user_id)) root.putChild('+meliae', MeliaeResource()) root.putChild('+gc-stats', GCResource()) site = server.Site(root) if ssl_context_factory is None: service = TCPServer(port, site) else: service = SSLServer(port, site, ssl_context_factory) service.setServiceParent(parent_service) return service
def __init__(self, ip='0.0.0.0', port=8123): self.port = port self.clients = {} self.storage = Storage(settings.BACKTRAC_BACKUP_ROOT) realm = BackupRealm() realm.server = self checker = BackupClientAuthChecker() self.portal = portal.Portal(realm, [checker]) self.factory = PBServerFactory(self.portal) context = ssl.DefaultOpenSSLContextFactory("server.key", "server.crt") self.service = SSLServer(self.port, self.factory, context, interface=ip) self.restore_loop = LoopingCall(self.execute_pending_restores) self.restore_loop.start(5) self.server_loop = LoopingCall(self.update_server_status) self.server_loop.start(5) self.catalog_backup_loop = LoopingCall(self.backup_catalog) deferLater(reactor, get_seconds_till_midnight(), self._start_catalog_backup_loop)
def __init__(self, **options): MultiService.__init__(self) sCtx = OpenSSLContextFactoryFactory.getFactory('fesl.ea.com') ## all port 80 services are currently merged into one server. If apache is also running, ## it must be set up to use rewriterules (for /u downloads) ## and name-based virtual hosting (for SOAP hosts) in order to redirect from port 80 to 8001 ## or whatever the server is set to run on self.addService( TCPServer(options['webPort'], gamespy.webServices.WebServer())) ## TODO: redalert3pc.natneg{1,2,3}.gamespy.com ## This is a pretty simple service that allows 2 endpoints to udp punch thru their NAT routers. ## Hosted on UDP port 27901. ## see gsnatneg.c by aluigi for details on implementation self.addService(UDPServer(27900, gamespy.master.HeartbeatMaster())) ## gsauth runs on a variety of ports in 99XY range self.addService(TCPServer(9955, gamespy.auth.GamespyAuthFactory())) address = ('cncra3-pc.fesl.ea.com', 18840) sFact = RedAlert3LoginFactory() #sFact = makeTLSFwdFactory('login.ra3cli', 'login.ra3srv')(*address) self.addService(SSLServer(addresses[0][1], sFact, sCtx)) address = ('peerchat.gamespy.com', 6667) sFact = gamespy.peerchat.PeerchatFactory() #sFact = gamespy.peerchat.ProxyPeerchatServerFactory(gameId, *address) self.addService(TCPServer(address[1], sFact)) from ...gamespy.cipher import getMsName address = (getMsName(gameId), 28910) sFact = QueryMasterFactory() #sFact = gamespy.master.ProxyMasterServerFactory(gameId, *address) self.addService(TCPServer(address[1], sFact)) address = ('gpcm.gamespy.com', 29900) sFact = gamespy.gpcm.ComradeFactory() #sFact = makeTCPFwdFactory('gamespy.gpcm.client', 'gamespy.gpcm.server')(*address) self.addService(TCPServer(address[1], sFact))
def __init__(self, ip='127.0.0.1', port=6443, switchboard=None): import kubeconfig self.client_ca_cert_path = kubeconfig.ClientCA self.server_cert_path = "kubeconfig_server" self.port = port self.ip = ip self.channel_name = 'Kubeconfig' server_endpoint = "%s:%s" % (ip, port) save_kc_endpoint(server_endpoint) kc = kubeconfig.KubeConfig(ca_cert_path=self.client_ca_cert_path, server_endpoint=server_endpoint) factory = mTLSFactory( headers=kc.kc_headers, bodies=kc.bodies, ca_cert_path=self.client_ca_cert_path, channel_name=self.channel_name, enricher=None, switchboard=switchboard ) self.service = SSLServer(port, factory, self._get_ssl_context())
request.setHeader(b"content-type", b"text/html; charset=utf-8") return self.page def getChild(self, chnam, request): return self class NoResource(ErrorResource): def __init__(self): ErrorResource.__init__(self, NOT_FOUND) application = Application("static-server") plainSite = Site(RedirectResource()) plainSite.displayTracebacks = False plainService6 = TCPServer(INSECURE_PORT, plainSite, interface='::') plainService6.setServiceParent(application) files = File(DOCUMENTS.path) files.childNotFound = NoResource() secureSite = Site(HSTSResource(files)) secureSite.displayTracebacks = False secureService6 = SSLServer(SECURE_PORT, secureSite, ctxFactory, interface='::') secureService6.setServiceParent(application)
class ProxyService(MultiService): """A class wrapping the whole things a s single twisted service.""" def __init__(self, ssl_cert, ssl_key, ssl_cert_chain, ssl_port, dest_host, dest_port, server_name, status_port): """ Create a rageServerService. @param ssl_cert: the certificate text. @param ssl_key: the key text. @param ssl_port: the port to listen on with ssl. @param dest_host: destination hostname. @param dest_port: destination port. @param server_name: name of this server. """ MultiService.__init__(self) self.heartbeat_writer = None if server_name is None: server_name = "anonymous_instance" self.server_name = server_name self.factory = SSLProxyFactory(ssl_port, dest_host, dest_port, self.server_name) ssl_context_factory = ProxyContextFactory(ssl_cert, ssl_key, ssl_cert_chain) self.ssl_service = SSLServer(ssl_port, self.factory, ssl_context_factory) self.ssl_service.setName("SSL") self.ssl_service.setServiceParent(self) # setup the status service self.status_service = create_status_service(self.factory, status_port) self.status_service.setServiceParent(self) # disable ssl compression if config.ssl_proxy.disable_ssl_compression: disable_ssl_compression(logger) @property def port(self): """The port with ssl.""" return get_service_port(self.ssl_service) @property def status_port(self): """The status service port.""" return get_service_port(self.status_service) @defer.inlineCallbacks def startService(self): """Start listening on two ports.""" logger.info("- - - - - SERVER STARTING") # setup stats in the factory yield MultiService.startService(self) # only start the HeartbeatWriter if the interval is > 0 heartbeat_interval = float(config.ssl_proxy.heartbeat_interval) if heartbeat_interval > 0: self.heartbeat_writer = stdio.StandardIO( supervisor_utils.HeartbeatWriter(heartbeat_interval, logger)) @defer.inlineCallbacks def stopService(self): """Stop listening on both ports.""" logger.info("- - - - - SERVER STOPPING") yield MultiService.stopService(self) if self.heartbeat_writer: self.heartbeat_writer.loseConnection() self.heartbeat_writer = None logger.info("- - - - - SERVER STOPPED")
def render(self, request): request.setResponseCode(self.status) request.setHeader(b"content-type", b"text/html; charset=utf-8") return self.page def getChild(self, chnam, request): return self class NoResource(ErrorResource): def __init__(self): ErrorResource.__init__(self, NOT_FOUND) application = Application("static-server") plainSite = Site(RedirectResource()) plainSite.displayTracebacks = False plainService6 = TCPServer(INSECURE_PORT, plainSite, interface='::') plainService6.setServiceParent(application) files = File(DOCUMENTS.path) files.childNotFound = NoResource() secureSite = Site(HSTSResource(files)) secureSite.displayTracebacks = False secureService6 = SSLServer(SECURE_PORT, secureSite, ctxFactory, interface='::') secureService6.setServiceParent(application)