import socket
from twisted.internet import defer, protocol
from twisted.protocols import basic
from twisted.python import log
basic.DEBUG = True
FAILURE = 'Failure'
SUCCESS = 'Success'
BAD_ARGUMENT = 'Bad argument'
NO_SUCH_METHOD = 'No such method'
DONT_PIPELINE = 'No pipelining allowed'
class StupidRPC(basic.NetstringReceiver):
waitingForArgs = None
dispatching = False
def connectionMade(self):
self.gotArgs = []
def clean(self):
self.dispatching = False
self.gotArgs = []
self.currMeth = None
def sendSuccess(self, result):
if not self.dispatching:
log.msg("warning: sending success when not dispatching")
self.clean()
self.sendString('Success')
self.sendString(result)
def sendFailure(self, type, result=''):
if not self.dispatching:
log.msg("warning: sending failure when not dispatching")
self.clean()
self.sendString('Failure')
self.sendString(type)
self.sendString(result)
def stringReceived(self, line):
if self.dispatching:
self.sendFailure(DONT_PIPELINE)
self.loseConnection()
if self.waitingForArgs:
coercer = self.waitingForArgs.pop(0)
try:
v = coercer(line)
except:
f = failure.Failure()
log.err(f)
self.sendFailure(BAD_ARGUMENT, f.getErrorTraceback())
else:
self.gotArgs.append(v)
if not self.waitingForArgs:
args = self.gotArgs
self.dispatching = True
self.currMeth(*args)
else:
self.currMeth = self.findMethod(line)
if not self.currMeth:
self.sendFailure(NO_SUCH_METHOD)
else:
self.waitingForArgs = list(self.currMeth.sig)
def findMethod(self, name):
return getattr(self, 'remote_' + name, None)
AUTH_SUCCESS = 'Authentication Successful'
AUTH_FAILURE = 'Authentication Failure'
from twisted.cred import credentials
from twisted.python import components
class IStupid(components.Interface):
"""remote_ methods"""
class AuthServer(StupidRPC):
root = None
avatar = None
logout = None
def connectionLost(self, reason):
if self.logout is not None:
self.logout()
self.logout = None
self.avatar = None
def findMethod(self, name):
if self.avatar is not None:
return getattr(self.avatar, 'remote_'+name, None)
else:
return StupidRPC.findMethod(self, name)
def remote_auth(self, name, password):
d = self.factory.portal.login(
credentials.UsernamePassword(name, password),
None,
IStupid)
d.addCallback(self._cbGotRoot)
d.addErrback(self._ebNoRoot)
remote_auth.sig = (str, str)
def _cbGotRoot(self, (i, a, l)):
self.avatar = a
self.logout = l
self.avatar.proto = self
self.sendSuccess(AUTH_SUCCESS)
def _ebNoRoot(self, f):
log.err(f)
self.sendFailure(AUTH_FAILURE)
def ipify(ipstr):
assert len(ipstr) < 16
assert ipstr.count('.') == 3
return ipstr
SOCKET_BOUND = "Socket bound"
PERMISSION_DENIED = "Permission denied"
def makeCoercerWithDefault(coercer, default):
def coerce(s):
if not s:
return default
return coercer(s)
return coerce
class CapServer:
def __init__(self, allowed=None):
if allowed is None:
allowed = {}
self.allowed = allowed
def remote_bindPort(self, interface, portno, addressFamily, socketType):
if (interface, portno, addressFamily, socketType) in self.allowed:
s = self.socket(addressFamily, socketType)
s.bind((interface, portno))
self.sendSocket(s)
self.proto.sendSuccess("<3")
else:
self.proto.sendFailure(PERMISSION_DENIED)
remote_bindPort.sig = (ipify, int,
makeCoercerWithDefault(int, socket.AF_INET),
makeCoercerWithDefault(int, socket.SOCK_STREAM))
socket = staticmethod(socket.socket)
def makeAuthFactory(rootFactory, checker):
"""
Convenience.
"""
from twisted.cred import portal
f = protocol.Factory()
f.protocol = AuthServer
class Realm:
def requestAvatar(self, name, mind, iface):
assert iface is IStupid, iface
return iface, rootFactory(), lambda: None
f.portal = portal.Portal(Realm())
f.portal.registerChecker(checker)
return f
def main():
import sys
from twisted.internet import reactor
from twisted.cred import checkers
reactor.listenTCP(1025,makeAuthFactory(CapServer,
checkers.InMemoryUsernamePasswordDatabaseDontUse(radix='secret')))
log.startLogging(sys.stdout)
reactor.run()
if __name__ == '__main__':
main()