Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
def applianceControl(self, cmd):
if cmd == "restart":
## for restarting, we just stop the reactor, exit and rely on being
## automatically restarted. this is most robust/clean way!
self.reactor.stop()
sys.exit(0)
elif cmd == "update":
cmd = '/home/crossbar/app/bin/easy_install'
args = ['-H', Database.CROSSBAR_UPDATE_HOST, '-U', '-v', '-f', Database.CROSSBAR_UPDATE_URL, 'crossbar']
d = utils.getProcessOutput(cmd, args, errortoo = True)
def logAndReturn(r):
log.msg(r)
return r
d.addBoth(logAndReturn)
return d
else:
raise Exception("ApplianceControl: skipping unknown command '%s'" % cmd)
def applianceControl(self, cmd):
if cmd == "restart":
## for restarting, we just stop the reactor, exit and rely on being
## automatically restarted. this is most robust/clean way!
self.reactor.stop()
sys.exit(0)
elif cmd == "update":
#cmd = '/home/ec2-user/app/bin/easy_install'
cmd = os.path.join(os.path.dirname(sys.executable), 'easy_install')
args = ['-H', Database.CROSSBAR_UPDATE_HOST, '-U', '-v', '-f', Database.CROSSBAR_UPDATE_URL, 'crossbar']
d = utils.getProcessOutput(cmd, args, errortoo = True)
def logAndReturn(r):
log.msg(r)
return r
d.addBoth(logAndReturn)
return d
else:
raise Exception("ApplianceControl: skipping unknown command '%s'" % cmd)
log.msg("created license activation request: %s" % msg)
rmsg = json_dumps(msg)
## load instance key pair
##
pubkey = str(self.serviceConfig._getSingleConfig(txn, "instance-pub-key"))
privkey = str(self.serviceConfig._getSingleConfig(txn, "instance-priv-key"))
## encrypt activation request for Tavendo public key
## and sign encrypted message using instance private key
##
(emsg, skey, dig, sig) = encrypt_and_sign(rmsg,
privkey,
Database.WEBMQ_LICENSE_CA_PUBKEY)
payload = "%s,%s,%s,%s,%s,%s" % (emsg,
skey,
dig,
sig,
urllib.quote_plus(pubkey),
urllib.quote_plus(origin + "/doactivate"))
#print payload
return {'request': msg,
'url': self.factory.services['master'].licenseserver,
'payload': payload}
def addPortConfigResource(config, root, path):
"""
Add port configuration Twisted Web resource to path hierachy.
:param config: Reference to config service.
:type config: obj
:param root: Twisted Web root resource where to add child resources.
:type root: obj
:param path: Base path under which to add port resources.
:type path: str
"""
cfg = Resource()
root.putChild(path, cfg)
for port in Database.NETPORTS_TLS_PREFIXES:
cfg.putChild(port, PortConfigResource(config, port))
##
wsOptionChanged = False
for k in modified:
if k[:2] == 'ws':
wsOptionChanged = True
break
if wsOptionChanged:
if self.proto.factory.services.has_key("appws"):
self.proto.factory.services["appws"].setOptionsFromConfig()
if self.proto.factory.services.has_key("echows"):
self.proto.factory.services["echows"].setOptionsFromConfig()
## check for restart required
##
for k in modified:
if k in Database.SERVICES:
self.proto.factory.issueRestartRequired()
## notify subscribers
##
self.proto.dispatch(URI_EVENT + "on-config-modified", modified, [self.proto])
## return modified set to caller
##
return modified
else:
## nothing changed
##
return {}
if headers.get("content-type", "missing") != 'application/x-www-form-urlencoded':
return self.deny(request, "bad or missing content type ('%s')" % headers.get("content-type", "missing"))
if args.has_key('payload'):
payload = request.args['payload'][0]
else:
return self.deny(request, "1: missing payload field")
# remove any whitespace (also line) from payload string
re.sub(r'\s', '', payload)
log.msg("License activation received:")
log.msg("Raw License: " + payload)
try:
license = Database.parseLicense(self.services["config"].get('instance-priv-key'), payload)
except Exception, e:
return self.deny(request, "2: " + str(e))
hostid = str(self.services['platform'].getHostId())
if hostid != license['host-id']:
return self.deny(request, "3: license is for host-id '%s', but this host has host-id '%s'" % (license['host-id'], hostid))
instanceid = str(self.services['config'].get("instance-id"))
if instanceid != license['instance-id']:
return self.deny(request, "4: license is for instance-id '%s', but this instance has instance-id '%s'" % (license['instance-id'], instanceid))
validfrom = parseutc(license['valid-from'])
validto = parseutc(license['valid-to'])
now = datetime.datetime.utcnow()
if now < validfrom:
return self.deny(request, "5: license is not yet valid (license validity %s - %s, now is %s)" % (license['valid-from'], license['valid-to'], utcstr(now)))
## Master Service and logger
##
services["master"] = self
services["logger"] = self.logger
## remember service start time
##
self.started = datetime.datetime.utcnow()
## make sure we have full absolute path to data dir
##
self.cbdata = os.path.abspath(self.cbdata)
## initialize database
##
db = Database(services)
#db.setName("database")
#db.setServiceParent(self)
services["database"] = db
db.startService()
cfg = db.getConfig(includeTls = True)
dbpool = db.createPool()
## Log OpenSSL info
##
log.msg("Using pyOpenSSL %s on OpenSSL %s" % (OpenSSL.__version__, OpenSSL.SSL.SSLeay_version(OpenSSL.SSL.SSLEAY_VERSION)))
## Generate DH param set (primes ..)
##
## http://linux.die.net/man/3/ssl_ctx_set_tmp_dh
## http://linux.die.net/man/1/dhparam
def _getAllConfig(self, txn):
txn.execute("SELECT key, value FROM config ORDER BY key")
res = {}
for r in txn.fetchall():
key = r[0]
val = json_loads(r[1])
if key in Database.NETPORTS_TLS_KEYS and val is not None:
val = self.proto.shrink(URI_SERVICEKEY + val)
res[key] = val
return res