beremiz: connectors/PYRO/PSK_Adapter.py@6bfc8a9bf0e7 (annotated)

2313 2eaf235270f8 PYRO/TLSPSK : fixed typos, used appropriate ciphers (https://github.com/drbild/sslpsk/issues/3), use PYROPSK instead of unresolvable PYROLOCPSK. Edouard Tisserant parents: 2312 diff changeset	1	from __future__ import absolute_import
2eaf235270f8 PYRO/TLSPSK : fixed typos, used appropriate ciphers (https://github.com/drbild/sslpsk/issues/3), use PYROPSK instead of unresolvable PYROLOCPSK. Edouard Tisserant parents: 2312 diff changeset	2	from __future__ import print_function
2312 84b3cc18893b Replaced PYROSSL with PYROPSK. Edouard Tisserant parents: diff changeset	3
2313 2eaf235270f8 PYRO/TLSPSK : fixed typos, used appropriate ciphers (https://github.com/drbild/sslpsk/issues/3), use PYROPSK instead of unresolvable PYROLOCPSK. Edouard Tisserant parents: 2312 diff changeset	4	import socket
2314 e927c101ce6d PYRO/TLSPSK : must use PYROLOC* protocol scheme in pyro URI, otherwise object ID is missing. Had to use more persuasive pyro3 monkey patching to have PYROLOCPSK resolved properly Edouard Tisserant parents: 2313 diff changeset	5	import re
2312 84b3cc18893b Replaced PYROSSL with PYROPSK. Edouard Tisserant parents: diff changeset	6	import sslpsk
2318 8925d487605a Fixed PYRO's PSK_Adapter : monkey patching was breaking non-PSK protocol, and import ssl was missing. Edouard Tisserant parents: 2316 diff changeset	7	import ssl
2312 84b3cc18893b Replaced PYROSSL with PYROPSK. Edouard Tisserant parents: diff changeset	8	import Pyro
2314 e927c101ce6d PYRO/TLSPSK : must use PYROLOC* protocol scheme in pyro URI, otherwise object ID is missing. Had to use more persuasive pyro3 monkey patching to have PYROLOCPSK resolved properly Edouard Tisserant parents: 2313 diff changeset	9	from Pyro.core import PyroURI
2492 7dd551ac2fa0 check_sources.sh makes me become even less productive Edouard Tisserant <edouard.tisserant@gmail.com> parents: 2325 diff changeset	10	from Pyro.protocol import _connect_socket, TCPConnection, PYROAdapter
2312 84b3cc18893b Replaced PYROSSL with PYROPSK. Edouard Tisserant parents: diff changeset	11	from Pyro.errors import ConnectionDeniedError, ProtocolError
84b3cc18893b Replaced PYROSSL with PYROPSK. Edouard Tisserant parents: diff changeset	12	from Pyro.util import Log
84b3cc18893b Replaced PYROSSL with PYROPSK. Edouard Tisserant parents: diff changeset	13
2492 7dd551ac2fa0 check_sources.sh makes me become even less productive Edouard Tisserant <edouard.tisserant@gmail.com> parents: 2325 diff changeset	14
2312 84b3cc18893b Replaced PYROSSL with PYROPSK. Edouard Tisserant parents: diff changeset	15	# The TLS-PSK adapter that handles SSL connections instead of regular sockets,
84b3cc18893b Replaced PYROSSL with PYROPSK. Edouard Tisserant parents: diff changeset	16	# but using Pre Shared Keys instead of Certificates
84b3cc18893b Replaced PYROSSL with PYROPSK. Edouard Tisserant parents: diff changeset	17	#
84b3cc18893b Replaced PYROSSL with PYROPSK. Edouard Tisserant parents: diff changeset	18	class PYROPSKAdapter(PYROAdapter):
84b3cc18893b Replaced PYROSSL with PYROPSK. Edouard Tisserant parents: diff changeset	19	# This is essentialy the same as in Pyro/protocol.py
84b3cc18893b Replaced PYROSSL with PYROPSK. Edouard Tisserant parents: diff changeset	20	# only raw_sock wrapping into sock through sslpsk.wrap_socket was added
84b3cc18893b Replaced PYROSSL with PYROPSK. Edouard Tisserant parents: diff changeset	21	# Pyro unfortunately doesn't allow cleaner customization
2492 7dd551ac2fa0 check_sources.sh makes me become even less productive Edouard Tisserant <edouard.tisserant@gmail.com> parents: 2325 diff changeset	22	def bindToURI(self, URI):
2312 84b3cc18893b Replaced PYROSSL with PYROPSK. Edouard Tisserant parents: diff changeset	23	with self.lock: # only 1 thread at a time can bind the URI
84b3cc18893b Replaced PYROSSL with PYROPSK. Edouard Tisserant parents: diff changeset	24	try:
2492 7dd551ac2fa0 check_sources.sh makes me become even less productive Edouard Tisserant <edouard.tisserant@gmail.com> parents: 2325 diff changeset	25	self.URI = URI
2312 84b3cc18893b Replaced PYROSSL with PYROPSK. Edouard Tisserant parents: diff changeset	26
84b3cc18893b Replaced PYROSSL with PYROPSK. Edouard Tisserant parents: diff changeset	27	# This are the statements that differ from Pyro/protocol.py
84b3cc18893b Replaced PYROSSL with PYROPSK. Edouard Tisserant parents: diff changeset	28	raw_sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
84b3cc18893b Replaced PYROSSL with PYROPSK. Edouard Tisserant parents: diff changeset	29	_connect_socket(raw_sock, URI.address, URI.port, self.timeout)
84b3cc18893b Replaced PYROSSL with PYROPSK. Edouard Tisserant parents: diff changeset	30	sock = sslpsk.wrap_socket(
2313 2eaf235270f8 PYRO/TLSPSK : fixed typos, used appropriate ciphers (https://github.com/drbild/sslpsk/issues/3), use PYROPSK instead of unresolvable PYROLOCPSK. Edouard Tisserant parents: 2312 diff changeset	31	raw_sock, psk=Pyro.config.PYROPSK, server_side=False,
2492 7dd551ac2fa0 check_sources.sh makes me become even less productive Edouard Tisserant <edouard.tisserant@gmail.com> parents: 2325 diff changeset	32	ciphers="PSK-AES256-CBC-SHA", # available in openssl 1.0.2
2316 5416c76df9e2 Fix PYROPSK protocol configuration. After a few iteration of trial and error it appears that TSLv1 and PSK ciphers needs to be specified Edouard Tisserant parents: 2314 diff changeset	33	ssl_version=ssl.PROTOCOL_TLSv1)
2492 7dd551ac2fa0 check_sources.sh makes me become even less productive Edouard Tisserant <edouard.tisserant@gmail.com> parents: 2325 diff changeset	34	# all the rest is the same as in Pyro/protocol.py
2312 84b3cc18893b Replaced PYROSSL with PYROPSK. Edouard Tisserant parents: diff changeset	35
2492 7dd551ac2fa0 check_sources.sh makes me become even less productive Edouard Tisserant <edouard.tisserant@gmail.com> parents: 2325 diff changeset	36	conn = TCPConnection(sock, sock.getpeername())
2312 84b3cc18893b Replaced PYROSSL with PYROPSK. Edouard Tisserant parents: diff changeset	37	# receive the authentication challenge string, and use that to build the actual identification string.
84b3cc18893b Replaced PYROSSL with PYROPSK. Edouard Tisserant parents: diff changeset	38	try:
2492 7dd551ac2fa0 check_sources.sh makes me become even less productive Edouard Tisserant <edouard.tisserant@gmail.com> parents: 2325 diff changeset	39	authChallenge = self.recvAuthChallenge(conn)
7dd551ac2fa0 check_sources.sh makes me become even less productive Edouard Tisserant <edouard.tisserant@gmail.com> parents: 2325 diff changeset	40	except ProtocolError, x:
2312 84b3cc18893b Replaced PYROSSL with PYROPSK. Edouard Tisserant parents: diff changeset	41	# check if we were denied
2492 7dd551ac2fa0 check_sources.sh makes me become even less productive Edouard Tisserant <edouard.tisserant@gmail.com> parents: 2325 diff changeset	42	if hasattr(x, "partialMsg") and x.partialMsg[:len(self.denyMSG)] == self.denyMSG:
2312 84b3cc18893b Replaced PYROSSL with PYROPSK. Edouard Tisserant parents: diff changeset	43	raise ConnectionDeniedError(Pyro.constants.deniedReasons[int(x.partialMsg[-1])])
84b3cc18893b Replaced PYROSSL with PYROPSK. Edouard Tisserant parents: diff changeset	44	else:
84b3cc18893b Replaced PYROSSL with PYROPSK. Edouard Tisserant parents: diff changeset	45	raise
84b3cc18893b Replaced PYROSSL with PYROPSK. Edouard Tisserant parents: diff changeset	46	# reply with our ident token, generated from the ident passphrase and the challenge
2492 7dd551ac2fa0 check_sources.sh makes me become even less productive Edouard Tisserant <edouard.tisserant@gmail.com> parents: 2325 diff changeset	47	msg = self._sendConnect(sock, self.newConnValidator.createAuthToken(self.ident, authChallenge, conn.addr, self.URI, None))
7dd551ac2fa0 check_sources.sh makes me become even less productive Edouard Tisserant <edouard.tisserant@gmail.com> parents: 2325 diff changeset	48	if msg == self.acceptMSG:
7dd551ac2fa0 check_sources.sh makes me become even less productive Edouard Tisserant <edouard.tisserant@gmail.com> parents: 2325 diff changeset	49	self.conn = conn
7dd551ac2fa0 check_sources.sh makes me become even less productive Edouard Tisserant <edouard.tisserant@gmail.com> parents: 2325 diff changeset	50	self.conn.connected = 1
7dd551ac2fa0 check_sources.sh makes me become even less productive Edouard Tisserant <edouard.tisserant@gmail.com> parents: 2325 diff changeset	51	Log.msg('PYROAdapter', 'connected to', str(URI))
7dd551ac2fa0 check_sources.sh makes me become even less productive Edouard Tisserant <edouard.tisserant@gmail.com> parents: 2325 diff changeset	52	if URI.protocol == 'PYROLOCPSK':
7dd551ac2fa0 check_sources.sh makes me become even less productive Edouard Tisserant <edouard.tisserant@gmail.com> parents: 2325 diff changeset	53	self.resolvePYROLOC_URI("PYROPSK") # updates self.URI
7dd551ac2fa0 check_sources.sh makes me become even less productive Edouard Tisserant <edouard.tisserant@gmail.com> parents: 2325 diff changeset	54	elif msg[:len(self.denyMSG)] == self.denyMSG:
2312 84b3cc18893b Replaced PYROSSL with PYROPSK. Edouard Tisserant parents: diff changeset	55	try:
84b3cc18893b Replaced PYROSSL with PYROPSK. Edouard Tisserant parents: diff changeset	56	raise ConnectionDeniedError(Pyro.constants.deniedReasons[int(msg[-1])])
2492 7dd551ac2fa0 check_sources.sh makes me become even less productive Edouard Tisserant <edouard.tisserant@gmail.com> parents: 2325 diff changeset	57	except (KeyError, ValueError):
2312 84b3cc18893b Replaced PYROSSL with PYROPSK. Edouard Tisserant parents: diff changeset	58	raise ConnectionDeniedError('invalid response')
84b3cc18893b Replaced PYROSSL with PYROPSK. Edouard Tisserant parents: diff changeset	59	except socket.error:
2492 7dd551ac2fa0 check_sources.sh makes me become even less productive Edouard Tisserant <edouard.tisserant@gmail.com> parents: 2325 diff changeset	60	Log.msg('PYROAdapter', 'connection failed to URI', str(URI))
2312 84b3cc18893b Replaced PYROSSL with PYROPSK. Edouard Tisserant parents: diff changeset	61	raise ProtocolError('connection failed')
84b3cc18893b Replaced PYROSSL with PYROPSK. Edouard Tisserant parents: diff changeset	62
2492 7dd551ac2fa0 check_sources.sh makes me become even less productive Edouard Tisserant <edouard.tisserant@gmail.com> parents: 2325 diff changeset	63
2312 84b3cc18893b Replaced PYROSSL with PYROPSK. Edouard Tisserant parents: diff changeset	64	_getProtocolAdapter = Pyro.protocol.getProtocolAdapter
2492 7dd551ac2fa0 check_sources.sh makes me become even less productive Edouard Tisserant <edouard.tisserant@gmail.com> parents: 2325 diff changeset	65
7dd551ac2fa0 check_sources.sh makes me become even less productive Edouard Tisserant <edouard.tisserant@gmail.com> parents: 2325 diff changeset	66
2312 84b3cc18893b Replaced PYROSSL with PYROPSK. Edouard Tisserant parents: diff changeset	67	def getProtocolAdapter(protocol):
84b3cc18893b Replaced PYROSSL with PYROPSK. Edouard Tisserant parents: diff changeset	68	if protocol in ('PYROPSK', 'PYROLOCPSK'):
84b3cc18893b Replaced PYROSSL with PYROPSK. Edouard Tisserant parents: diff changeset	69	return PYROPSKAdapter()
2318 8925d487605a Fixed PYRO's PSK_Adapter : monkey patching was breaking non-PSK protocol, and import ssl was missing. Edouard Tisserant parents: 2316 diff changeset	70	return _getProtocolAdapter(protocol)
2312 84b3cc18893b Replaced PYROSSL with PYROPSK. Edouard Tisserant parents: diff changeset	71
2492 7dd551ac2fa0 check_sources.sh makes me become even less productive Edouard Tisserant <edouard.tisserant@gmail.com> parents: 2325 diff changeset	72
2312 84b3cc18893b Replaced PYROSSL with PYROPSK. Edouard Tisserant parents: diff changeset	73	Pyro.protocol.getProtocolAdapter = getProtocolAdapter
84b3cc18893b Replaced PYROSSL with PYROPSK. Edouard Tisserant parents: diff changeset	74
2492 7dd551ac2fa0 check_sources.sh makes me become even less productive Edouard Tisserant <edouard.tisserant@gmail.com> parents: 2325 diff changeset	75
2314 e927c101ce6d PYRO/TLSPSK : must use PYROLOC* protocol scheme in pyro URI, otherwise object ID is missing. Had to use more persuasive pyro3 monkey patching to have PYROLOCPSK resolved properly Edouard Tisserant parents: 2313 diff changeset	76	_processStringURI = Pyro.core.processStringURI
2492 7dd551ac2fa0 check_sources.sh makes me become even less productive Edouard Tisserant <edouard.tisserant@gmail.com> parents: 2325 diff changeset	77
7dd551ac2fa0 check_sources.sh makes me become even less productive Edouard Tisserant <edouard.tisserant@gmail.com> parents: 2325 diff changeset	78
2314 e927c101ce6d PYRO/TLSPSK : must use PYROLOC* protocol scheme in pyro URI, otherwise object ID is missing. Had to use more persuasive pyro3 monkey patching to have PYROLOCPSK resolved properly Edouard Tisserant parents: 2313 diff changeset	79	def processStringURI(URI):
2492 7dd551ac2fa0 check_sources.sh makes me become even less productive Edouard Tisserant <edouard.tisserant@gmail.com> parents: 2325 diff changeset	80	x = re.match(r'(?P<protocol>PYROLOCPSK)://(?P<hostname>[^\s:]+):?(?P<port>\d+)?/(?P<name>\S*)', URI)
2314 e927c101ce6d PYRO/TLSPSK : must use PYROLOC* protocol scheme in pyro URI, otherwise object ID is missing. Had to use more persuasive pyro3 monkey patching to have PYROLOCPSK resolved properly Edouard Tisserant parents: 2313 diff changeset	81	if x:
2492 7dd551ac2fa0 check_sources.sh makes me become even less productive Edouard Tisserant <edouard.tisserant@gmail.com> parents: 2325 diff changeset	82	protocol = x.group('protocol')
7dd551ac2fa0 check_sources.sh makes me become even less productive Edouard Tisserant <edouard.tisserant@gmail.com> parents: 2325 diff changeset	83	hostname = x.group('hostname')
7dd551ac2fa0 check_sources.sh makes me become even less productive Edouard Tisserant <edouard.tisserant@gmail.com> parents: 2325 diff changeset	84	port = x.group('port')
2314 e927c101ce6d PYRO/TLSPSK : must use PYROLOC* protocol scheme in pyro URI, otherwise object ID is missing. Had to use more persuasive pyro3 monkey patching to have PYROLOCPSK resolved properly Edouard Tisserant parents: 2313 diff changeset	85	if port:
2492 7dd551ac2fa0 check_sources.sh makes me become even less productive Edouard Tisserant <edouard.tisserant@gmail.com> parents: 2325 diff changeset	86	port = int(port)
2314 e927c101ce6d PYRO/TLSPSK : must use PYROLOC* protocol scheme in pyro URI, otherwise object ID is missing. Had to use more persuasive pyro3 monkey patching to have PYROLOCPSK resolved properly Edouard Tisserant parents: 2313 diff changeset	87	else:
2492 7dd551ac2fa0 check_sources.sh makes me become even less productive Edouard Tisserant <edouard.tisserant@gmail.com> parents: 2325 diff changeset	88	port = 0
7dd551ac2fa0 check_sources.sh makes me become even less productive Edouard Tisserant <edouard.tisserant@gmail.com> parents: 2325 diff changeset	89	name = x.group('name')
7dd551ac2fa0 check_sources.sh makes me become even less productive Edouard Tisserant <edouard.tisserant@gmail.com> parents: 2325 diff changeset	90	return PyroURI(hostname, name, port, protocol)
2314 e927c101ce6d PYRO/TLSPSK : must use PYROLOC* protocol scheme in pyro URI, otherwise object ID is missing. Had to use more persuasive pyro3 monkey patching to have PYROLOCPSK resolved properly Edouard Tisserant parents: 2313 diff changeset	91	return _processStringURI(URI)
2492 7dd551ac2fa0 check_sources.sh makes me become even less productive Edouard Tisserant <edouard.tisserant@gmail.com> parents: 2325 diff changeset	92
7dd551ac2fa0 check_sources.sh makes me become even less productive Edouard Tisserant <edouard.tisserant@gmail.com> parents: 2325 diff changeset	93
2314 e927c101ce6d PYRO/TLSPSK : must use PYROLOC* protocol scheme in pyro URI, otherwise object ID is missing. Had to use more persuasive pyro3 monkey patching to have PYROLOCPSK resolved properly Edouard Tisserant parents: 2313 diff changeset	94	Pyro.core.processStringURI = processStringURI

author	Edouard Tisserant
	Fri, 22 Mar 2019 10:57:04 +0100
branch	search_in_CTN
changeset 2528	6bfc8a9bf0e7
parent 2492	7dd551ac2fa0
child 2536	2747d6e72eb8
permissions	-rw-r--r--