1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22 """
23 Server functionality.
24 """
25
26 import os
27
28 from twisted.internet import reactor
29 from zope.interface import Interface
30
31 from flumotion.common import log
32
33
34 -class _ServerContextFactory(log.Loggable):
35
36 logCategory = "SSLServer"
37
38 - def __init__(self, pemFile):
39 self._pemFile = pemFile
40
41 - def getContext(self):
42 """
43 Create an SSL context.
44 """
45 from OpenSSL import SSL
46 ctx = SSL.Context(SSL.SSLv23_METHOD)
47 try:
48 ctx.use_certificate_file(self._pemFile)
49 ctx.use_privatekey_file(self._pemFile)
50 except SSL.Error, e:
51 self.warning('SSL error: %r' % e.args)
52 self.error('Could not open certificate %s' % self._pemFile)
53 return ctx
54
56 """
57 I am an interface for objects that want to be servable through a
58 L{Server}.
59 """
61 """
62 @rtype: L{twisted.spread.pb.PBServerFactory}
63 """
64
66 """
67 @param host: the host to listen as
68 @type host: str
69 @param port: the port to listen on
70 @type port: int
71 @param useSSL: whether this connection uses SSL
72 @type useSSL: bool
73 """
74
76 logCategory = "server"
77
79 """
80 I expose a servable to the network using TCP or SSL.
81
82 @type servable: an implemtor of L{IServable}
83 """
84 self._servable = servable
85
86 - def startSSL(self, host, port, pemFile, configDir):
87 """
88 Listen as the given host and on the given port using SSL.
89 Use the given .pem file, or look for it in the config directory.
90
91 @returns: {twisted.internet.interfaces.IListeningPort} on which
92 we are listening; call .stopListening() to stop.
93 """
94 from flumotion.common import common
95 common.assertSSLAvailable()
96
97
98 if not os.path.split(pemFile)[0]:
99 pemFile = os.path.join(configDir, pemFile)
100 if not os.path.exists(pemFile):
101 self.error(".pem file %s does not exist.\n" \
102 "For more information, see \n" \
103 "http://www.flumotion.net/doc/flumotion/manual/html/" \
104 "chapter-security.html" % pemFile)
105 log.debug('manager', 'Using PEM certificate file %s' % pemFile)
106 ctxFactory = _ServerContextFactory(pemFile)
107
108 self.info('Starting on port %d using SSL' % port)
109 if not host == "":
110 self.info('Listening as host %s' % host)
111 self._servable.setConnectionInfo(host, port, True)
112 return reactor.listenSSL(port, self._servable.getFactory(),
113 ctxFactory, interface=host)
114
116 """
117 Listen as the given host and on the given port using normal TCP.
118
119 @returns: {twisted.internet.interfaces.IListeningPort} on which
120 we are listening; call .stopListening() to stop.
121 """
122 self.info('Starting on port %d using TCP' % port)
123 if not host == "":
124 self.info('Listening as host %s' % host)
125 self._servable.setConnectionInfo(host, port, False)
126 return reactor.listenTCP(port, self._servable.getFactory(),
127 interface=host)
128