def _connect(self, local_uri, remote_uri): self.logger.info('Connecting to %s', remote_uri) creator = GreenClientCreator(gtransport_class=MSRPTransport, local_uri=local_uri, logger=self.logger, use_sessmatch=self.use_sessmatch) if remote_uri.host: if remote_uri.use_tls: msrp = creator.connectTLS(remote_uri.host, remote_uri.port or 2855, TLSContext(local_uri.credentials)) else: msrp = creator.connectTCP(remote_uri.host, remote_uri.port or 2855) else: if not remote_uri.domain: raise ValueError( "remote_uri must have either 'host' or 'domain'") if remote_uri.use_tls: connectFuncName = 'connectTLS' connectFuncArgs = (TLSContext(local_uri.credentials), ) else: connectFuncName = 'connectTCP' connectFuncArgs = () msrp = creator.connectSRV(remote_uri.scheme, remote_uri.domain, connectFuncName=connectFuncName, connectFuncArgs=connectFuncArgs, ConnectorClass=self.SRVConnectorClass) remote_address = msrp.getPeer() self.logger.info('Connected to %s:%s', remote_address.host, remote_address.port) return msrp
def __init__(self): self.accounting = [ __import__('mediaproxy.interfaces.accounting.%s' % mod.lower(), globals(), locals(), ['']).Accounting() for mod in set(DispatcherConfig.accounting) ] self.cred = X509Credentials(cert_name='dispatcher') self.tls_context = TLSContext(self.cred) self.relay_factory = RelayFactory(self) dispatcher_addr, dispatcher_port = DispatcherConfig.listen self.relay_listener = reactor.listenTLS(dispatcher_port, self.relay_factory, self.tls_context, interface=dispatcher_addr) self.opensips_factory = OpenSIPSControlFactory(self) socket_path = process.runtime.file(DispatcherConfig.socket_path) unlink(socket_path) self.opensips_listener = reactor.listenUNIX(socket_path, self.opensips_factory) self.opensips_management = opensips.ManagementInterface() self.management_factory = ManagementControlFactory(self) management_addr, management_port = DispatcherConfig.listen_management if DispatcherConfig.management_use_tls: self.management_listener = reactor.listenTLS( management_port, self.management_factory, self.tls_context, interface=management_addr) else: self.management_listener = reactor.listenTCP( management_port, self.management_factory, interface=management_addr)
def _start_https(self, reactor): from gnutls.interfaces.twisted import TLSContext, X509Credentials cert, pKey = TLSConfig.certificate, TLSConfig.private_key if cert is None or pKey is None: log.fatal("the TLS certificates or the private key could not be loaded") sys.exit(1) credentials = X509Credentials(cert, pKey) tls_context = TLSContext(credentials) reactor.listenTLS(ServerConfig.root.port, HTTPFactory(self.site), tls_context, interface=ServerConfig.address) log.msg("TLS started")
def start(self, roles): # Needs to be called from a green thread log.msg('Publishing %s roles to SIPThor' % roles) self.node = ThorEntity(SIPConfig.local_ip.normalized, roles, version=sylk.__version__) self.networks = {} self.presence_message = ThorEvent('Thor.Presence', self.node.id) self.shutdown_message = ThorEvent('Thor.Leave', self.node.id) credentials = X509Credentials(ThorNodeConfig.certificate, ThorNodeConfig.private_key, [ThorNodeConfig.ca]) credentials.verify_peer = True tls_context = TLSContext(credentials) EventServiceClient.__init__(self, ThorNodeConfig.domain, tls_context)
def __init__(self): self.cred = X509Credentials(cert_name='relay') self.tls_context = TLSContext(self.cred) self.session_manager = SessionManager(self, RelayConfig.port_range.start, RelayConfig.port_range.end) self.dispatchers = set() self.dispatcher_session_count = {} self.dispatcher_connectors = {} self.old_connectors = {} self.shutting_down = False self.graceful_shutdown = False self.start_time = time() MediaRelayBase.__init__(self)
def __init__(self): self.node = ThorEntity(host.default_ip, ['call_control'], version=__version__) self.networks = {} self.rating_connections = {} self.presence_message = ThorEvent('Thor.Presence', self.node.id) self.shutdown_message = ThorEvent('Thor.Leave', self.node.id) credentials = X509Credentials(ThorNodeConfig.certificate, ThorNodeConfig.private_key, [ThorNodeConfig.ca]) credentials.verify_peer = True tls_context = TLSContext(credentials) EventServiceClient.__init__(self, ThorNodeConfig.domain, tls_context)
def __init__(self): self.node = GenericThorEntity(ThorNetworkConfig.node_ip, ["media_relay"], version=__version__) self.presence_message = ThorEvent('Thor.Presence', self.node.id) self.shutdown_message = ThorEvent('Thor.Leave', self.node.id) self.sipthor_dispatchers = [] self.additional_dispatchers = [] credentials = X509Credentials(cert_name='relay') tls_context = TLSContext(credentials) EventServiceClient.__init__(self, ThorNetworkConfig.domain, tls_context) SRVMediaRelayBase.__init__(self)
def __init__(self): self.node = ThorEntity(host.default_ip, ['msrprelay_server'], version=__version__) self.networks = {} self.presence_message = ThorEvent('Thor.Presence', self.node.id) self.shutdown_message = ThorEvent('Thor.Leave', self.node.id) credentials = X509Credentials(Config.certificate, Config.private_key, [Config.ca]) credentials.verify_peer = True tls_context = TLSContext(credentials) EventServiceClient.__init__(self, ThorNetworkConfig.domain, tls_context) process.signals.add_handler(signal.SIGHUP, self._handle_signal) process.signals.add_handler(signal.SIGINT, self._handle_signal) process.signals.add_handler(signal.SIGTERM, self._handle_signal)
def _listen(self, local_uri, factory): from twisted.internet import reactor if local_uri.use_tls: port = reactor.listenTLS(local_uri.port or 0, factory, TLSContext(local_uri.credentials), interface=local_uri.host) else: port = reactor.listenTCP(local_uri.port or 0, factory, interface=local_uri.host) local_uri.port = port.getHost().port self.logger.info('Listening for incoming %s connections on %s:%s' % (local_uri.scheme.upper(), port.getHost().host, port.getHost().port)) return port
def __init__(self): self._database = DatabaseConnection() self.node = ThorEntity(host.default_ip if ServerConfig.address == '0.0.0.0' else ServerConfig.address, ['xcap_server'], version=xcap.__version__) self.networks = {} self.presence_message = ThorEvent('Thor.Presence', self.node.id) self.shutdown_message = ThorEvent('Thor.Leave', self.node.id) credentials = X509Credentials(ThorNodeConfig.certificate, ThorNodeConfig.private_key, [ThorNodeConfig.ca]) credentials.verify_peer = True tls_context = TLSContext(credentials) self.control = ControlLink(tls_context) EventServiceClient.__init__(self, ThorNodeConfig.domain, tls_context) process.signals.add_handler(signal.SIGHUP, self._handle_SIGHUP) process.signals.add_handler(signal.SIGINT, self._handle_SIGINT) process.signals.add_handler(signal.SIGTERM, self._handle_SIGTERM)
def test_server_connectionMade_never_called(self): # trigger case when protocol instance is created, # but it's connectionMade is never called from gnutls.interfaces.twisted import TLSContext, X509Credentials from gnutls.errors import GNUTLSError cred = X509Credentials(None, None) ctx = TLSContext(cred) ev = event() def handle(conn): ev.send("handle must not be called") s = reactor.listenTLS( 0, pr.SpawnFactory(handle, LineOnlyReceiverTransport), ctx) creator = pr.GreenClientCreator(reactor, LineOnlyReceiverTransport) try: conn = creator.connectTLS('127.0.0.1', s.getHost().port, ctx) except GNUTLSError: pass assert ev.poll() is None, repr(ev.poll())
failed = 0 certs_path = os.path.join(gnutls_path, 'examples/certs') certs_path = os.path.join(gnutls_path, 'examples/certs') cert = X509Certificate(open(certs_path + '/valid.crt').read()) key = X509PrivateKey(open(certs_path + '/valid.key').read()) ca = X509Certificate(open(certs_path + '/ca.pem').read()) crl = X509CRL(open(certs_path + '/crl.pem').read()) if options.send_certs: cred = X509Credentials(cert, key, [ca]) else: cred = X509Credentials(trusted=[ca]) cred.verify_peer = options.verify context = TLSContext(cred) echo_factory = EchoFactory() start_time = time() for x in range(count): reactor.connectSSL(host, port, echo_factory, context) reactor.run() duration = time() - start_time rate = count / duration print("time={:.2f} sec; rate={} requests/sec with {}:{}".format(duration, int(rate), host, port)) if failed > 0: print("{} out of {} connections have failed".format(failed, count))
from gnutls.interfaces.twisted import TLSContext, X509Credentials from eventlet.twistedutil.protocol import GreenClientCreator from eventlet.twistedutil.protocols.basic import LineOnlyReceiverTransport class NoisySRVConnector(SRVConnector): def pickServer(self): host, port = SRVConnector.pickServer(self) print 'Resolved _%s._%s.%s --> %s:%s' % (self.service, self.protocol, self.domain, host, port) return host, port cred = X509Credentials(None, None) ctx = TLSContext(cred) creator = GreenClientCreator(reactor, LineOnlyReceiverTransport) conn = creator.connectSRV('msrps', 'ag-projects.com', connectFuncName='connectTLS', connectFuncArgs=(ctx, ), ConnectorClass=NoisySRVConnector) request = """MSRP 49fh AUTH To-Path: msrps://[email protected];tcp From-Path: msrps://alice.example.com:9892/98cjs;tcp -------49fh$ """.replace('\n', '\r\n') print 'Sending:\n%s' % request conn.write(request)
print 'Compression: %s' % session.compression def lineReceived(self, line): if line == 'quit': self.transport.loseConnection() return self.sendLine(line) def connectionLost(self, reason): if reason.type != ConnectionDone: print "Connection was lost: %s" % reason.value class EchoFactory(Factory): protocol = EchoProtocol script_path = os.path.realpath(os.path.dirname(sys.argv[0])) certs_path = os.path.join(script_path, 'certs') cert = X509Certificate(open(certs_path + '/valid.crt').read()) key = X509PrivateKey(open(certs_path + '/valid.key').read()) ca = X509Certificate(open(certs_path + '/ca.pem').read()) crl = X509CRL(open(certs_path + '/crl.pem').read()) cred = X509Credentials(cert, key, [ca], [crl]) cred.verify_peer = True context = TLSContext(cred, session_parameters="NORMAL:+COMP-DEFLATE") reactor.listenTLS(10000, EchoFactory(), context) reactor.run()
self.transport.loseConnection() def connectionLost(self, reason): if reason.type != ConnectionDone: print "connection was lost: %s" % reason.value reactor.stop() class EchoFactory(ClientFactory): protocol = EchoProtocol def clientConnectionFailed(self, connector, err): print "connection failed: %s" % err.value reactor.stop() script_path = os.path.realpath(os.path.dirname(sys.argv[0])) certs_path = os.path.join(script_path, 'certs') cert = X509Certificate(open(certs_path + '/valid.crt').read()) key = X509PrivateKey(open(certs_path + '/valid.key').read()) ca = X509Certificate(open(certs_path + '/ca.pem').read()) crl = X509CRL(open(certs_path + '/crl.pem').read()) cred = X509Credentials(cert, key, [ca]) cred.verify_peer = True context = TLSContext( cred, session_parameters="NORMAL:-COMP-ALL:+COMP-DEFLATE:+COMP-NULL") reactor.connectTLS('localhost', 10000, EchoFactory(), context) reactor.run()