1 

     2 import sslpsk

     3 import Pyro

     4 from Pyro.protocol import _connect_socket,TCPConnection,PYROAdapter

     5 from Pyro.errors import ConnectionDeniedError, ProtocolError

     6 from Pyro.util import Log

     7 

     8 #

     9 # The TLS-PSK adapter that handles SSL connections instead of regular sockets,

    10 # but using Pre Shared Keys instead of Certificates

    11 #

    12 class PYROPSKAdapter(PYROAdapter):

    13     # This is essentialy the same as in Pyro/protocol.py

    14     # only raw_sock wrapping into sock through sslpsk.wrap_socket was added

    15     # Pyro unfortunately doesn't allow cleaner customization

    16     def bindToURI(self,URI):

    17         with self.lock:   # only 1 thread at a time can bind the URI

    18             try:

    19                 self.URI=URI

    20 

    21                 # This are the statements that differ from Pyro/protocol.py

    22                 raw_sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

    23                 _connect_socket(raw_sock, URI.address, URI.port, self.timeout)

    24                 sock = sslpsk.wrap_socket(

    25                     raw_sock, psk=Pyro.config.PYROPSK, server_side=False)

    26                 # all the rest is the same as in Pyro/protocol.py 

    27 

    28                 conn=TCPConnection(sock, sock.getpeername())

    29                 # receive the authentication challenge string, and use that to build the actual identification string.

    30                 try:

    31                     authChallenge=self.recvAuthChallenge(conn)

    32                 except ProtocolError,x:

    33                     # check if we were denied

    34                     if hasattr(x,"partialMsg") and x.partialMsg[:len(self.denyMSG)]==self.denyMSG:

    35                         raise ConnectionDeniedError(Pyro.constants.deniedReasons[int(x.partialMsg[-1])])

    36                     else:

    37                         raise

    38                 # reply with our ident token, generated from the ident passphrase and the challenge

    39                 msg = self._sendConnect(sock,self.newConnValidator.createAuthToken(self.ident, authChallenge, conn.addr, self.URI, None) )

    40                 if msg==self.acceptMSG:

    41                     self.conn=conn

    42                     self.conn.connected=1

    43                     Log.msg('PYROAdapter','connected to',str(URI))

    44                     if URI.protocol=='PYROLOC':

    45                         self.resolvePYROLOC_URI("PYRO") # updates self.URI

    46                 elif msg[:len(self.denyMSG)]==self.denyMSG:

    47                     try:

    48                         raise ConnectionDeniedError(Pyro.constants.deniedReasons[int(msg[-1])])

    49                     except (KeyError,ValueError):

    50                         raise ConnectionDeniedError('invalid response')

    51             except socket.error:

    52                 Log.msg('PYROAdapter','connection failed to URI',str(URI))

    53                 raise ProtocolError('connection failed')

    54 

    55 _getProtocolAdapter = Pyro.protocol.getProtocolAdapter

    56 def getProtocolAdapter(protocol):

    57     if protocol in ('PYROPSK', 'PYROLOCPSK'):

    58         return PYROPSKAdapter()

    59     _getProtocolAdapter(protocol)

    60 

    61 Pyro.protocol.getProtocolAdapter = getProtocolAdapter

    62