def networkstart(reason, session): l2r = False l2k = None if hw.get_device_name().lower() != "dm7025": l2c = tpm.getData(eTPM.DT_LEVEL2_CERT) if l2c is None: return l2k = validate_certificate(l2c, rootkey) if l2k is None: return l2r = True else: l2r = True if l2r: if reason is True: startWebserver(session, l2k) checkBonjour() elif reason is False: stopWebserver(session) checkBonjour()
def networkstart(reason, session): l2r = False l2k = None if False: l2c = tpm.getCert(eTPM.TPMD_DT_LEVEL2_CERT) if l2c is None: return l2k = validate_certificate(l2c, rootkey) if l2k is None: return l2r = True else: l2r = True if l2r: if reason is True: startWebserver(session, l2k) checkBonjour() elif reason is False: stopWebserver(session) checkBonjour()
def networkstart(reason, session): l2r = False l2k = None if hw.get_device_name().lower() != "dm7025": l2c = tpm.getCert(eTPM.TPMD_DT_LEVEL2_CERT) if l2c is None: return l2k = validate_certificate(l2c, rootkey) if l2k is None: return l2r = True else: l2r = True if l2r: if reason is True: startWebserver(session, l2k) checkBonjour() elif reason is False: stopWebserver(session) checkBonjour()
def startServerInstance(session, ipaddress, port, useauth=False, l2k=None, usessl=False):
if hw.get_device_name().lower() != "dm7025":
l3k = None
l3c = tpm.getData(eTPM.DT_LEVEL3_CERT)
if l3c is None:
return False
l3k = validate_certificate(l3c, l2k)
if l3k is None:
return False
random = get_random()
if random is None:
return False
value = tpm.computeSignature(random)
result = decrypt_block(value, l3k)
if result is None:
return False
else:
if result[80:88] != random:
return False
if useauth:
# HTTPAuthResource handles the authentication for every Resource you want it to
root = HTTPAuthResource(toplevel, "Enigma2 WebInterface")
site = server.Site(root)
else:
root = HTTPRootResource(toplevel)
site = server.Site(root)
if has_ipv6 and fileExists('/proc/net/if_inet6') and version.major >= 12:
if ipaddress == '0.0.0.0':
ipaddress = '::'
elif ipaddress == '127.0.0.1':
ipaddress = '::1'
if usessl:
ctx = ChainedOpenSSLContextFactory(KEY_FILE, CERT_FILE)
try:
d = reactor.listenSSL(port, site, ctx, interface=ipaddress)
except CannotListenError:
print "[Webinterface] FAILED to listen on %s:%i auth=%s ssl=%s" % (ipaddress, port, useauth, usessl)
return False
else:
try:
d = reactor.listenTCP(port, site, interface=ipaddress)
if ipaddress == '::1':
d = reactor.listenTCP(port, site, interface='::ffff:127.0.0.1')
except CannotListenError:
print "[Webinterface] FAILED to listen on %s:%i auth=%s ssl=%s" % (ipaddress, port, useauth, usessl)
return False
running_defered.append(d)
print "[Webinterface] started on %s:%i auth=%s ssl=%s" % (ipaddress, port, useauth, usessl)
return True
def startServerInstance(session, ipaddress, port, useauth=False, l2k=None, usessl=False):
if hw.get_device_name().lower() != "dm7025":
l3k = None
l3c = tpm.getData(eTPM.DT_LEVEL3_CERT)
if l3c is None:
return False
l3k = validate_certificate(l3c, l2k)
if l3k is None:
return False
random = get_random()
if random is None:
return False
value = tpm.computeSignature(random)
result = decrypt_block(value, l3k)
if result is None:
return False
else:
if result [80:88] != random:
return False
if useauth:
# HTTPAuthResource handles the authentication for every Resource you want it to
root = HTTPAuthResource(toplevel, "Enigma2 WebInterface")
site = server.Site(root)
else:
root = HTTPRootResource(toplevel)
site = server.Site(root)
if has_ipv6 and fileExists('/proc/net/if_inet6') and version.major >= 12:
if ipaddress == '0.0.0.0':
ipaddress='::'
elif ipaddress == '127.0.0.1':
ipaddress='::1'
if usessl:
ctx = ChainedOpenSSLContextFactory(KEY_FILE, CERT_FILE)
try:
d = reactor.listenSSL(port, site, ctx, interface=ipaddress)
except CannotListenError:
print "[Webinterface] FAILED to listen on %s:%i auth=%s ssl=%s" % (ipaddress, port, useauth, usessl)
return False
else:
try:
d = reactor.listenTCP(port, site, interface=ipaddress)
if ipaddress == '::1':
d = reactor.listenTCP(port, site, interface='::ffff:127.0.0.1')
except CannotListenError:
print "[Webinterface] FAILED to listen on %s:%i auth=%s ssl=%s" % (ipaddress, port, useauth, usessl)
return False
running_defered.append(d)
print "[Webinterface] started on %s:%i auth=%s ssl=%s" % (ipaddress, port, useauth, usessl)
return True
def startServerInstance(session,
ipaddress,
port,
useauth=False,
l2k=None,
usessl=False):
if hw.get_device_name().lower() != "dm7025":
l3k = None
l3c = tpm.getCert(eTPM.TPMD_DT_LEVEL3_CERT)
if l3c is None:
return False
l3k = validate_certificate(l3c, l2k)
if l3k is None:
return False
random = get_random()
if random is None:
return False
value = tpm.challenge(random)
result = decrypt_block(value, l3k)
if result is None:
return False
else:
if result[80:88] != random:
return False
if useauth:
# HTTPAuthResource handles the authentication for every Resource you want it to
root = HTTPAuthResource(toplevel, "Enigma2 WebInterface")
site = server.Site(root)
else:
root = HTTPRootResource(toplevel)
site = server.Site(root)
if usessl:
ctx = ChainedOpenSSLContextFactory(KEY_FILE, CERT_FILE)
try:
d = reactor.listenSSL(port, site, ctx, interface=ipaddress)
except CannotListenError:
print "[Webinterface] FAILED to listen on %s:%i auth=%s ssl=%s" % (
ipaddress, port, useauth, usessl)
return False
else:
try:
d = reactor.listenTCP(port, site, interface=ipaddress)
except CannotListenError:
print "[Webinterface] FAILED to listen on %s:%i auth=%s ssl=%s" % (
ipaddress, port, useauth, usessl)
return False
running_defered.append(d)
print "[Webinterface] started on %s:%i auth=%s ssl=%s" % (ipaddress, port,
useauth, usessl)
return True
def startServerInstance(session, ipaddress, port, useauth=False, l2k=None, usessl=False):
if hw.get_device_name().lower() != "dm7025":
l3k = None
l3c = tpm.getCert(eTPM.TPMD_DT_LEVEL3_CERT)
if l3c is None:
return False
l3k = validate_certificate(l3c, l2k)
if l3k is None:
return False
random = get_random()
if random is None:
return False
value = tpm.challenge(random)
result = decrypt_block(value, l3k)
if result is None:
return False
else:
if result [80:88] != random:
return False
if useauth:
# HTTPAuthResource handles the authentication for every Resource you want it to
root = HTTPAuthResource(toplevel, "Enigma2 WebInterface")
site = server.Site(root)
else:
site = server.Site(toplevel)
if usessl:
from twisted.internet import ssl
from OpenSSL import SSL
ctx = ssl.DefaultOpenSSLContextFactory('/etc/enigma2/server.pem', '/etc/enigma2/cacert.pem', sslmethod=SSL.SSLv23_METHOD)
try:
d = reactor.listenSSL(port, site, ctx, interface=ipaddress)
except CannotListenError:
print "[Webinterface] FAILED to listen on %s:%i auth=%s ssl=%s" % (ipaddress, port, useauth, usessl)
return False
else:
try:
d = reactor.listenTCP(port, site, interface=ipaddress)
except CannotListenError:
print "[Webinterface] FAILED to listen on %s:%i auth=%s ssl=%s" % (ipaddress, port, useauth, usessl)
return False
running_defered.append(d)
print "[Webinterface] started on %s:%i auth=%s ssl=%s" % (ipaddress, port, useauth, usessl)
return True
def startServerInstance(session,
ipaddress,
port,
useauth=False,
l2k=None,
usessl=False):
if hw.get_device_name().lower() != "dm7025":
l3k = None
l3c = tpm.getCert(eTPM.TPMD_DT_LEVEL3_CERT)
if l3c is None:
return False
l3k = validate_certificate(l3c, l2k)
if l3k is None:
return False
random = get_random()
if random is None:
return False
value = tpm.challenge(random)
result = decrypt_block(value, l3k)
if result is None:
return False
else:
if result[80:88] != random:
return False
if useauth:
# HTTPAuthResource handles the authentication for every Resource you want it to
root = HTTPAuthResource(toplevel, "Enigma2 WebInterface")
site = server.Site(root)
else:
site = server.Site(toplevel)
if usessl:
ctx = ssl.DefaultOpenSSLContextFactory('/etc/enigma2/server.pem',
'/etc/enigma2/cacert.pem',
sslmethod=SSL.SSLv23_METHOD)
d = reactor.listenSSL(port, site, ctx, interface=ipaddress)
else:
d = reactor.listenTCP(port, site, interface=ipaddress)
running_defered.append(d)
print "[Webinterface] started on %s:%i auth=%s ssl=%s" % (ipaddress, port,
useauth, usessl)
return True
def configCB(result, session):
l2r = False
l2k = None
l2c = tpm.getData(eTPM.DT_LEVEL2_CERT)
if l2c is None:
return
l2k = validate_certificate(l2c, rootkey)
if l2k is None:
return
if result:
print "[WebIf] config changed"
restartWebserver(session, l2k)
checkBonjour()
else:
print "[WebIf] config not changed"
def configCB(result, session): l2r = False l2k = None l2c = tpm.getData(eTPM.DT_LEVEL2_CERT) if l2c is None: return l2k = validate_certificate(l2c, rootkey) if l2k is None: return if result: print "[WebIf] config changed" restartWebserver(session, l2k) checkBonjour() else: print "[WebIf] config not changed"
def networkstart(reason, session):
l2r = False
l2k = None
l2c = tpm.getData(eTPM.DT_LEVEL2_CERT)
if l2c is None:
return
l2k = validate_certificate(l2c, rootkey)
if l2k is None:
return
if reason is True:
startWebserver(session, l2k)
checkBonjour()
elif reason is False:
stopWebserver(session)
checkBonjour()
def configCB(result, session): l2r = False l2k = None if hw.get_device_name().lower() != "dm7025": l2c = tpm.getData(eTPM.DT_LEVEL2_CERT) if l2c is None: return l2k = validate_certificate(l2c, rootkey) if l2k is None: return l2r = True else: l2r = True if l2r: if result: print "[WebIf] config changed" restartWebserver(session, l2k) checkBonjour() else: print "[WebIf] config not changed"
def configCB(result, session): l2r = False l2k = None if hw.get_device_name().lower() != "dm7025": l2c = tpm.getCert(eTPM.TPMD_DT_LEVEL2_CERT) if l2c is None: return l2k = validate_certificate(l2c, rootkey) if l2k is None: return l2r = True else: l2r = True if l2r: if result: print "[WebIf] config changed" restartWebserver(session, l2k) checkBonjour() else: print "[WebIf] config not changed"
def startServerInstance(session,
port,
useauth=False,
l2k=None,
usessl=False,
ipaddress="::",
ipaddress2=None):
l3k = None
l3c = tpm.getData(eTPM.DT_LEVEL3_CERT)
if l3c is None:
return False
l3k = validate_certificate(l3c, l2k)
if l3k is None:
return False
random = get_random()
if random is None:
return False
value = tpm.computeSignature(random)
result = decrypt_block(value, l3k)
if result is None:
return False
else:
if result[80:88] != random:
return False
if useauth:
# HTTPAuthResource handles the authentication for every Resource you want it to
root = HTTPAuthResource(toplevel, "Enigma2 WebInterface")
site = server.Site(root)
else:
root = HTTPRootResource(toplevel)
site = server.Site(root)
result = False
def logFail(addr, exception=None):
print "[Webinterface] FAILED to listen on %s:%i auth=%s ssl=%s" % (
addr, port, useauth, usessl)
if exception:
print exception
if usessl:
ctx = ChainedOpenSSLContextFactory(KEY_FILE, CERT_FILE)
try:
d = reactor.listenSSL(port, site, ctx, interface=ipaddress)
result = True
running_defered.append(d)
except CannotListenError as e:
logFail(ipaddress, e)
if ipaddress2:
try:
d = reactor.listenSSL(port, site, ctx, interface=ipaddress2)
result = True
running_defered.append(d)
except CannotListenError as e:
logFail(ipaddress2, e)
else:
try:
d = reactor.listenTCP(port, site, interface=ipaddress)
result = True
running_defered.append(d)
except CannotListenError as e:
logFail(ipaddress, e)
if ipaddress2:
try:
d = reactor.listenTCP(port, site, interface=ipaddress2)
result = True
running_defered.append(d)
except CannotListenError as e:
logFail(ipaddress2, e)
print "[Webinterface] started on %s:%i auth=%s ssl=%s" % (ipaddress, port,
useauth, usessl)
return result
def startServerInstance(session, port, useauth=False, l2k=None, usessl=False, ipaddress="::", ipaddress2=None): l3k = None if False: l3c = tpm.getData(eTPM.DT_LEVEL3_CERT) #if l3c is None: #return False if False: l3k = validate_certificate(l3c, l2k) #if l3k is None: #return False random = get_random() if random is None: return False #value = tpm.computeSignature(random) #result = decrypt_block(value, l3k) #if result is None: #return False #else: #if result [80:88] != random: #return False if useauth: # HTTPAuthResource handles the authentication for every Resource you want it to root = HTTPAuthResource(toplevel, "Enigma2 WebInterface") site = server.Site(root) else: root = HTTPRootResource(toplevel) site = server.Site(root) result = False def logFail(addr, exception=None): print "[Webinterface] FAILED to listen on %s:%i auth=%s ssl=%s" % (addr, port, useauth, usessl) if exception: print exception if usessl: ctx = ChainedOpenSSLContextFactory(KEY_FILE, CERT_FILE) try: d = reactor.listenSSL(port, site, ctx, interface=ipaddress) result = True running_defered.append(d) except CannotListenError as e: logFail(ipaddress, e) if ipaddress2: try: d = reactor.listenSSL(port, site, ctx, interface=ipaddress2) result = True running_defered.append(d) except CannotListenError as e: logFail(ipaddress2, e) else: try: d = reactor.listenTCP(port, site, interface=ipaddress) result = True running_defered.append(d) except CannotListenError as e: logFail(ipaddress, e) if ipaddress2: try: d = reactor.listenTCP(port, site, interface=ipaddress2) result = True running_defered.append(d) except CannotListenError as e: logFail(ipaddress2, e) print "[Webinterface] started on %s:%i auth=%s ssl=%s" % (ipaddress, port, useauth, usessl) return result