def callRemote(self, method, *args): def cancel(d): factory.deferred = None connector.disconnect() factory = self.queryFactory( self.path, self.host, method, self.user, self.password, self.allowNone, args, cancel, self.useDateTime) #factory = xmlrpc._QueryFactory( # self.path, self.host, method, self.user, # self.password, self.allowNone, args) if self.secure: try: self.SSLClientContext except NameError: print "Must Set a SSL Context" print "use self.setSSLClientContext() first" # Its very bad to connect to ssl without some kind of # verfication of who your talking to # Using the default sslcontext without verification # Can lead to man in the middle attacks ReactorThread().connectSSL(self.host, self.port or 443, factory, self.SSLClientContext, timeout=self.connectTimeout) else: ReactorThread().connectTCP(self.host, self.port or 80, factory, timeout=self.connectTimeout) return factory.deferred
def __enter__(self): """ Function called back while entering a "with" statement. See http://effbot.org/zone/python-with-statement.htm """ ReactorThread().start_reactor() return self
def terminate(): ReactorThread().stop_reactor()
def _missing(*args): from twisted.internet import defer d = defer.Deferred() def proxy_success_cb(result): #SFAManageToken().put_token(self.interface) diff = time.time() - self.started Log.debug('SFA CALL SUCCESS %s(%s) - interface = %s - execution time = %s sec.' % (self.arg0, self.arg1, self.interface, round(diff,2))) d.callback(result) def proxy_error_cb(error): #SFAManageToken().put_token(self.interface) diff = time.time() - self.started Log.debug('SFA CALL ERROR %s(%s) - interface = %s - execution time = %s sec.' % (self.arg0, self.arg1, self.interface, round(diff,2))) d.errback(ValueError("Error in SFA Proxy %s" % error)) #success_cb = lambda result: d.callback(result) #error_cb = lambda error : d.errback(ValueError("Error in SFA Proxy %s" % error)) def is_credential(cred): is_v2 = isinstance(cred, StringTypes) and cred.startswith(ARG_SNIFF_CRED) is_v3 = isinstance(cred, dict) and 'geni_type' in cred return is_v2 or is_v3 def is_rspec(cred): return isinstance(cred, StringTypes) and cred.startswith(ARG_SNIFF_RSPEC) def is_credential_list(cred): return isinstance(cred, list) and reduce(lambda x, y: x and is_credential(y), cred, True) def is_user_list(arg): is_user_list_1 = isinstance(arg, dict) and 'geni_users' in arg # For CreateSliver nitosb is_user_list_2 = isinstance(arg, list) and arg and isinstance(arg[0], dict) and 'keys' in arg[0] return is_user_list_1 or is_user_list_2 #@defer.inlineCallbacks def wrap(source, args): #token = yield SFAManageToken().get_token(self.interface) args = (name,) + args printable_args = [] for arg in args: if is_rspec(arg): printable_args.append('<rspec>') elif is_credential(arg): printable_args.append('<credential>') elif is_credential_list(arg): printable_args.append('<credentials>') elif is_user_list(arg): printable_args.append('<user list>') else: printable_args.append(str(arg)) self.started = time.time() self.arg0 = printable_args[0] self.arg1 = printable_args[1:] Log.debug("SFA CALL %s(%s) - interface = %s" % (printable_args[0], printable_args[1:], self.interface)) print("SFA CALL %s(%s) - interface = %s" % (printable_args[0], printable_args[1:], self.interface)) self.proxy.callRemote(*args).addCallbacks(proxy_success_cb, proxy_error_cb) ReactorThread().callInReactor(wrap, self, args) return d
self._count -= 1 if count ==0: self._callback() def __call__(self, result): #print len(result), "results" self.dec() cb = Callback(terminate) # # cb.inc() cb.inc() d1 = execute(proxy, command, parameters, sfa_options, account_config) d1.callback = cb # # XXX It seems different errors are triggered depending on the timing # # time.sleep(0.1) # d2 = execute(proxy, command, parameters, sfa_options, account_config) # d2.callback = cb except Exception, e: print "Exception:", e import traceback traceback.print_exc() finally: pass ReactorThread().start_reactor() main()
def main(self): """ \brief Runs a XMLRPC server """ Log.info("XMLRPC server daemon (%s) started." % sys.argv[0]) # NOTE it is important to import those files only after daemonization, # since they open files we cannot easily preserve from twisted.web import xmlrpc, server # SSL support from OpenSSL import SSL from twisted.internet import ssl #, reactor #from twisted.internet.protocol import Factory, Protocol #from twisted.internet import reactor # This also imports manifold.util.reactor_thread that uses reactor from manifold.core.router import Router assert not (Options().platform and Options().gateway), "Both gateway and platform cannot be specified at commandline" # This imports twisted code so we need to import it locally from manifold.core.xmlrpc_api import XMLRPCAPI # This should be configurable allowed_capabilities = Capabilities() allowed_capabilities.selection = True allowed_capabilities.projection = True # XXX We should harmonize interfaces between Router and Forwarder if Options().platform: platforms = Storage.execute(Query().get('platform'), format='object') # We pass a single platform to Forwarder platform = [p for p in platforms if p.name == Options().platform][0] self.interface = Forwarder(platform, allowed_capabilities) elif Options().gateway: # XXX user # XXX Change Forwarded initializer #DEPRECATED| platform = Platform(u'dummy', Options().gateway, self.get_gateway_config(Options().gateway), 'user') platform = Platform( platform = u'dummy', gateway_type = Options().gateway, config = self.get_gateway_config(Options().gateway), auth_type = 'user' ) self.interface = Forwarder(platform, allowed_capabilities) else: self.interface = Router() try: def verifyCallback(connection, x509, errnum, errdepth, ok): if not ok: print 'invalid cert from subject:', x509.get_subject() print errnum, errdepth return False else: print "Certs are fine", x509, x509.get_subject() return True ssl_path = Options().ssl_path if not ssl_path or not os.path.exists(ssl_path): print "" print "You need to generate SSL keys and certificate in '%s' to be able to run manifold" % ssl_path print "" print "mkdir -p /etc/manifold/keys" print "openssl genrsa 1024 > /etc/manifold/keys/server.key" print "chmod 400 /etc/manifold/keys/server.key" print "openssl req -new -x509 -nodes -sha1 -days 365 -key /etc/manifold/keys/server.key > /etc/manifold/keys/server.cert" print "" sys.exit(0) server_key_file = "%s/server.key" % ssl_path server_crt_file = "%s/server.cert" % ssl_path Log.tmp("key, cert=", server_key_file, server_crt_file) myContextFactory = ssl.DefaultOpenSSLContextFactory(server_key_file, server_crt_file) ctx = myContextFactory.getContext() ctx.set_verify( SSL.VERIFY_PEER, # | SSL.VERIFY_FAIL_IF_NO_PEER_CERT, verifyCallback ) # Since we have self-signed certs we have to explicitly # tell the server to trust them. #ctx.load_verify_locations("keys/ca.pem") trusted_roots_path = Options().trusted_roots_path if not trusted_roots_path or not os.path.exists(trusted_roots_path): Log.warning("No trusted root found in %s. You won't be able to login using SSL client certificates" % trusted_roots_path) ctx.load_verify_locations(None, ssl_path) #ReactorThread().listenTCP(Options().xmlrpc_port, server.Site(XMLRPCAPI(self.interface, allowNone=True))) ReactorThread().listenSSL(Options().xmlrpc_port, server.Site(XMLRPCAPI(self.interface, allowNone=True)), myContextFactory) ReactorThread().start_reactor() except Exception, e: # TODO If database gets disconnected, we can sleep/attempt reconnection Log.error("Error in XMLRPC API: %s" % str(e))
def __exit__(self, type=None, value=None, traceback=None): """ Function called back while leaving a "with" statement. See http://effbot.org/zone/python-with-statement.htm """ ReactorThread().stop_reactor()