|
1 |
|
2 import sslpsk |
|
3 import Pyro |
|
4 from Pyro.protocol import _connect_socket,TCPConnection,PYROAdapter |
|
5 from Pyro.errors import ConnectionDeniedError, ProtocolError |
|
6 from Pyro.util import Log |
|
7 |
|
8 # |
|
9 # The TLS-PSK adapter that handles SSL connections instead of regular sockets, |
|
10 # but using Pre Shared Keys instead of Certificates |
|
11 # |
|
12 class PYROPSKAdapter(PYROAdapter): |
|
13 # This is essentialy the same as in Pyro/protocol.py |
|
14 # only raw_sock wrapping into sock through sslpsk.wrap_socket was added |
|
15 # Pyro unfortunately doesn't allow cleaner customization |
|
16 def bindToURI(self,URI): |
|
17 with self.lock: # only 1 thread at a time can bind the URI |
|
18 try: |
|
19 self.URI=URI |
|
20 |
|
21 # This are the statements that differ from Pyro/protocol.py |
|
22 raw_sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) |
|
23 _connect_socket(raw_sock, URI.address, URI.port, self.timeout) |
|
24 sock = sslpsk.wrap_socket( |
|
25 raw_sock, psk=Pyro.config.PYROPSK, server_side=False) |
|
26 # all the rest is the same as in Pyro/protocol.py |
|
27 |
|
28 conn=TCPConnection(sock, sock.getpeername()) |
|
29 # receive the authentication challenge string, and use that to build the actual identification string. |
|
30 try: |
|
31 authChallenge=self.recvAuthChallenge(conn) |
|
32 except ProtocolError,x: |
|
33 # check if we were denied |
|
34 if hasattr(x,"partialMsg") and x.partialMsg[:len(self.denyMSG)]==self.denyMSG: |
|
35 raise ConnectionDeniedError(Pyro.constants.deniedReasons[int(x.partialMsg[-1])]) |
|
36 else: |
|
37 raise |
|
38 # reply with our ident token, generated from the ident passphrase and the challenge |
|
39 msg = self._sendConnect(sock,self.newConnValidator.createAuthToken(self.ident, authChallenge, conn.addr, self.URI, None) ) |
|
40 if msg==self.acceptMSG: |
|
41 self.conn=conn |
|
42 self.conn.connected=1 |
|
43 Log.msg('PYROAdapter','connected to',str(URI)) |
|
44 if URI.protocol=='PYROLOC': |
|
45 self.resolvePYROLOC_URI("PYRO") # updates self.URI |
|
46 elif msg[:len(self.denyMSG)]==self.denyMSG: |
|
47 try: |
|
48 raise ConnectionDeniedError(Pyro.constants.deniedReasons[int(msg[-1])]) |
|
49 except (KeyError,ValueError): |
|
50 raise ConnectionDeniedError('invalid response') |
|
51 except socket.error: |
|
52 Log.msg('PYROAdapter','connection failed to URI',str(URI)) |
|
53 raise ProtocolError('connection failed') |
|
54 |
|
55 _getProtocolAdapter = Pyro.protocol.getProtocolAdapter |
|
56 def getProtocolAdapter(protocol): |
|
57 if protocol in ('PYROPSK', 'PYROLOCPSK'): |
|
58 return PYROPSKAdapter() |
|
59 _getProtocolAdapter(protocol) |
|
60 |
|
61 Pyro.protocol.getProtocolAdapter = getProtocolAdapter |
|
62 |