1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22 """
23 Server functionality.
24 """
25
26 import os
27
28 from twisted.internet import reactor
29
30 from flumotion.common import log
31 from flumotion.twisted import compat
32
33 -class _ServerContextFactory(log.Loggable):
34
35 logCategory = "SSLServer"
36
37 - def __init__(self, pemFile):
38 self._pemFile = pemFile
39
40 - def getContext(self):
41 """
42 Create an SSL context.
43 """
44 from OpenSSL import SSL
45 ctx = SSL.Context(SSL.SSLv23_METHOD)
46 try:
47 ctx.use_certificate_file(self._pemFile)
48 ctx.use_privatekey_file(self._pemFile)
49 except SSL.Error, e:
50 self.warning('SSL error: %r' % e.args)
51 self.error('Could not open certificate %s' % self._pemFile)
52 return ctx
53
55 """
56 I am an interface for objects that want to be servable through a
57 L{Server}.
58 """
60 """
61 @rtype: L{twisted.spread.pb.PBServerFactory}
62 """
63
65 """
66 @param host: the host to listen as
67 @type host: str
68 @param port: the port to listen on
69 @type port: int
70 @param useSSL: whether this connection uses SSL
71 @type useSSL: bool
72 """
73
75 logCategory = "server"
76
78 """
79 I expose a servable to the network using TCP or SSL.
80
81 @type servable: an implemtor of L{IServable}
82 """
83 self._servable = servable
84
85 - def startSSL(self, host, port, pemFile, configDir):
86 """
87 Listen as the given host and on the given port using SSL.
88 Use the given .pem file, or look for it in the config directory.
89
90 @returns: {twisted.internet.interfaces.IListeningPort} on which
91 we are listening; call .stopListening() to stop.
92 """
93
94 if not os.path.split(pemFile)[0]:
95 pemFile = os.path.join(configDir, pemFile)
96 if not os.path.exists(pemFile):
97 self.error(".pem file %s does not exist.\n" \
98 "For more information, see \n" \
99 "http://www.flumotion.net/doc/flumotion/manual/html/" \
100 "chapter-security.html" % pemFile)
101 log.debug('manager', 'Using PEM certificate file %s' % pemFile)
102 ctxFactory = _ServerContextFactory(pemFile)
103
104 self.info('Starting on port %d using SSL' % port)
105 if not host == "":
106 self.info('Listening as host %s' % host)
107 self._servable.setConnectionInfo(host, port, True)
108 return reactor.listenSSL(port, self._servable.getFactory(),
109 ctxFactory, interface=host)
110
112 """
113 Listen as the given host and on the given port using normal TCP.
114
115 @returns: {twisted.internet.interfaces.IListeningPort} on which
116 we are listening; call .stopListening() to stop.
117 """
118 self.info('Starting on port %d using TCP' % port)
119 if not host == "":
120 self.info('Listening as host %s' % host)
121 self._servable.setConnectionInfo(host, port, False)
122 return reactor.listenTCP(port, self._servable.getFactory(),
123 interface=host)
124