def tearDown(self):
self.reporting_relay.stop()
# We give reporting_relay a chance to be finished
self.loop.run_until_complete(self.reporting_relay_task)
self.server.close()
self.loop.run_until_complete(self.server.wait_closed())
self.loop.run_until_complete(cancel_all_pending_tasks(self.loop))
self.loop.close()
def tearDown(self):
self.reporting_relay.stop()
# We give reporting_relay a chance to be finished
self.loop.run_until_complete(self.reporting_relay_task)
self.server.close()
self.loop.run_until_complete(self.server.wait_closed())
self.loop.run_until_complete(cancel_all_pending_tasks(self.loop))
self.loop.close()
def stop(self):
"""Stops services"""
if self.config['capabilities']['ssh']['enabled']:
for conn in self.SshClass.connections_list:
conn.close()
self.loop.run_until_complete(conn.wait_closed())
for server in self._servers:
server.close()
self.loop.run_until_complete(server.wait_closed())
for l in self._loggers:
l.stop()
self.loop.run_until_complete(common.cancel_all_pending_tasks(self.loop))
logger.info('All tasks were stopped.')
def stop(self):
"""Stops services"""
if self.config['capabilities']['ssh']['enabled']:
for conn in self.SshClass.connections_list:
conn.close()
self.loop.run_until_complete(conn.wait_closed())
for server in self._servers:
server.close()
self.loop.run_until_complete(server.wait_closed())
for l in self._loggers:
l.stop()
self.loop.run_until_complete(common.cancel_all_pending_tasks(self.loop))
logger.info('All tasks were stopped.')
def start(self):
""" Starts services. """
if 'public_ip_as_destination_ip' in self.config and self.config['public_ip_as_destination_ip'] is True:
asyncio.ensure_future(self._record_and_lookup_public_ip(), loop=self.loop)
# start activity logging
if 'activity_logging' in self.config:
if 'file' in self.config['activity_logging'] and self.config['activity_logging']['file']['enabled']:
auth_log = self.config['activity_logging']['file']['authentication_log_file']
session_csv_log = self.config['activity_logging']['file']['session_csv_log_file']
session_json_log = self.config['activity_logging']['file']['session_json_log_file']
file_logger = FileLogger(session_csv_log, session_json_log, auth_log)
self.file_logger_task = self.loop.run_in_executor(None, file_logger.start)
self.file_logger_task.add_done_callback(common.on_unhandled_task_exception)
self._loggers.append(file_logger)
if 'syslog' in self.config['activity_logging'] and self.config['activity_logging']['syslog']['enabled']:
sys_logger = SyslogLogger()
self.sys_logger_task = self.loop.run_in_executor(None, sys_logger.start)
self.sys_logger_task.add_done_callback(common.on_unhandled_task_exception)
self._loggers.append(sys_logger)
if 'hpfeeds' in self.config['activity_logging'] and self.config['activity_logging']['hpfeeds']['enabled']:
session_channel = self.config['activity_logging']['hpfeeds']['session_channel']
auth_channel = self.config['activity_logging']['hpfeeds']['auth_channel']
host = self.config['activity_logging']['hpfeeds']['host']
port = self.config['activity_logging']['hpfeeds']['port']
ident = self.config['activity_logging']['hpfeeds']['ident']
secret = self.config['activity_logging']['hpfeeds']['secret']
hpfeeds_logger = HpFeedsLogger(session_channel, auth_channel, host, port, ident, secret)
self.hpfeeds_logger_task = self.loop.run_in_executor(None, hpfeeds_logger.start)
self.hpfeeds_logger_task.add_done_callback(common.on_unhandled_task_exception)
if 'curiosum' in self.config['activity_logging'] and self.config['activity_logging']['curiosum']['enabled']:
port = self.config['activity_logging']['curiosum']['port']
curiosum_integration = CuriosumIntegration(port)
self.hpfeeds_logger_task = self.loop.run_in_executor(None, curiosum_integration.start)
self.hpfeeds_logger_task.add_done_callback(common.on_unhandled_task_exception)
bind_host = self.config['bind_host']
listen_ports = []
for c in heralding.capabilities.handlerbase.HandlerBase.__subclasses__():
cap_name = c.__name__.lower()
if cap_name in self.config['capabilities']:
if not self.config['capabilities'][cap_name]['enabled']:
continue
port = self.config['capabilities'][cap_name]['port']
listen_ports.append(port)
# carve out the options for this specific service
options = self.config['capabilities'][cap_name]
# capabilities are only allowed to append to the session list
cap = c(options, self.loop)
try:
# # Convention: All capability names which end in 's' will be wrapped in ssl.
if cap_name.endswith('s'):
pem_file = '{0}.pem'.format(cap_name)
self.create_cert_if_not_exists(cap_name, pem_file)
ssl_context = self.create_ssl_context(pem_file)
server_coro = asyncio.start_server(cap.handle_session, bind_host, port,
loop=self.loop, ssl=ssl_context)
elif cap_name == 'ssh':
# Since dicts and user-defined classes are mutable, we have
# to save ssh class and ssh options somewhere.
ssh_options = options
SshClass = c
self.SshClass = SshClass
ssh_key_file = 'ssh.key'
SshClass.generate_ssh_key(ssh_key_file)
banner = ssh_options['protocol_specific_data']['banner']
SshClass.change_server_banner(banner)
server_coro = asyncssh.create_server(lambda: SshClass(ssh_options, self.loop),
bind_host, port, server_host_keys=[ssh_key_file],
login_timeout=cap.timeout, loop=self.loop)
else:
server_coro = asyncio.start_server(cap.handle_session, bind_host, port, loop=self.loop)
server = self.loop.run_until_complete(server_coro)
logger.debug('Adding %s capability with options: %s', cap_name, options)
self._servers.append(server)
except Exception as ex:
error_message = "Could not start {0} server on port {1}. Error: {2}".format(c.__name__, port, ex)
logger.error(error_message)
self.loop.run_until_complete(common.cancel_all_pending_tasks(self.loop))
sys.exit(error_message)
else:
logger.info('Started %s capability listening on port %s', c.__name__, port)
ReportingRelay.logListenPorts(listen_ports)
def start(self):
""" Starts services. """
if 'public_ip_as_destination_ip' in self.config and self.config[
'public_ip_as_destination_ip'] is True:
asyncio.ensure_future(self._record_and_lookup_public_ip(),
loop=self.loop)
# start activity logging
if 'activity_logging' in self.config:
if 'file' in self.config['activity_logging'] and self.config[
'activity_logging']['file']['enabled']:
auth_log = self.config['activity_logging']['file'][
'authentication_log_file']
session_log = self.config['activity_logging']['file'][
'session_log_file']
file_logger = FileLogger(session_log, auth_log)
self.file_logger_task = self.loop.run_in_executor(
None, file_logger.start)
self.file_logger_task.add_done_callback(
common.on_unhandled_task_exception)
self._loggers.append(file_logger)
if 'syslog' in self.config['activity_logging'] and self.config[
'activity_logging']['syslog']['enabled']:
sys_logger = SyslogLogger()
self.sys_logger_task = self.loop.run_in_executor(
None, sys_logger.start)
self.sys_logger_task.add_done_callback(
common.on_unhandled_task_exception)
self._loggers.append(sys_logger)
if 'hpfeeds' in self.config['activity_logging'] and self.config[
'activity_logging']['hpfeeds']['enabled']:
session_channel = self.config['activity_logging']['hpfeeds'][
'session_channel']
auth_channel = self.config['activity_logging']['hpfeeds'][
'auth_channel']
host = self.config['activity_logging']['hpfeeds']['host']
port = self.config['activity_logging']['hpfeeds']['port']
ident = self.config['activity_logging']['hpfeeds']['ident']
secret = self.config['activity_logging']['hpfeeds']['secret']
hpfeeds_logger = HpFeedsLogger(session_channel, auth_channel,
host, port, ident, secret)
self.hpfeeds_logger_task = self.loop.run_in_executor(
None, hpfeeds_logger.start)
self.hpfeeds_logger_task.add_done_callback(
common.on_unhandled_task_exception)
if 'curiosum' in self.config['activity_logging'] and self.config[
'activity_logging']['curiosum']['enabled']:
port = self.config['activity_logging']['curiosum']['port']
curiosum_integration = CuriosumIntegration(port)
self.hpfeeds_logger_task = self.loop.run_in_executor(
None, curiosum_integration.start)
self.hpfeeds_logger_task.add_done_callback(
common.on_unhandled_task_exception)
bind_host = self.config['bind_host']
listen_ports = []
for c in heralding.capabilities.handlerbase.HandlerBase.__subclasses__(
):
cap_name = c.__name__.lower()
if cap_name in self.config['capabilities']:
if not self.config['capabilities'][cap_name]['enabled']:
continue
port = self.config['capabilities'][cap_name]['port']
listen_ports.append(port)
# carve out the options for this specific service
options = self.config['capabilities'][cap_name]
# capabilities are only allowed to append to the session list
cap = c(options, self.loop)
try:
# # Convention: All capability names which end in 's' will be wrapped in ssl.
if cap_name.endswith('s'):
pem_file = '{0}.pem'.format(cap_name)
self.create_cert_if_not_exists(cap_name, pem_file)
ssl_context = self.create_ssl_context(pem_file)
server_coro = asyncio.start_server(cap.handle_session,
bind_host,
port,
loop=self.loop,
ssl=ssl_context)
elif cap_name == 'ssh':
# Since dicts and user-defined classes are mutable, we have
# to save ssh class and ssh options somewhere.
ssh_options = options
SshClass = c
self.SshClass = SshClass
ssh_key_file = 'ssh.key'
SshClass.generate_ssh_key(ssh_key_file)
banner = ssh_options['protocol_specific_data'][
'banner']
SshClass.change_server_banner(banner)
server_coro = asyncssh.create_server(
lambda: SshClass(ssh_options, self.loop),
bind_host,
port,
server_host_keys=[ssh_key_file],
login_timeout=cap.timeout,
loop=self.loop)
else:
server_coro = asyncio.start_server(cap.handle_session,
bind_host,
port,
loop=self.loop)
server = self.loop.run_until_complete(server_coro)
logger.debug('Adding %s capability with options: %s',
cap_name, options)
self._servers.append(server)
except Exception as ex:
error_message = "Could not start {0} server on port {1}. Error: {2}".format(
c.__name__, port, ex)
logger.error(error_message)
self.loop.run_until_complete(
common.cancel_all_pending_tasks(self.loop))
sys.exit(error_message)
else:
logger.info('Started %s capability listening on port %s',
c.__name__, port)
ReportingRelay.logListenPorts(listen_ports)
