2312
|
1 |
|
|
2 |
import sslpsk
|
|
3 |
import Pyro
|
|
4 |
from Pyro.protocol import _connect_socket,TCPConnection,PYROAdapter
|
|
5 |
from Pyro.errors import ConnectionDeniedError, ProtocolError
|
|
6 |
from Pyro.util import Log
|
|
7 |
|
|
8 |
#
|
|
9 |
# The TLS-PSK adapter that handles SSL connections instead of regular sockets,
|
|
10 |
# but using Pre Shared Keys instead of Certificates
|
|
11 |
#
|
|
12 |
class PYROPSKAdapter(PYROAdapter):
|
|
13 |
# This is essentialy the same as in Pyro/protocol.py
|
|
14 |
# only raw_sock wrapping into sock through sslpsk.wrap_socket was added
|
|
15 |
# Pyro unfortunately doesn't allow cleaner customization
|
|
16 |
def bindToURI(self,URI):
|
|
17 |
with self.lock: # only 1 thread at a time can bind the URI
|
|
18 |
try:
|
|
19 |
self.URI=URI
|
|
20 |
|
|
21 |
# This are the statements that differ from Pyro/protocol.py
|
|
22 |
raw_sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
|
|
23 |
_connect_socket(raw_sock, URI.address, URI.port, self.timeout)
|
|
24 |
sock = sslpsk.wrap_socket(
|
|
25 |
raw_sock, psk=Pyro.config.PYROPSK, server_side=False)
|
|
26 |
# all the rest is the same as in Pyro/protocol.py
|
|
27 |
|
|
28 |
conn=TCPConnection(sock, sock.getpeername())
|
|
29 |
# receive the authentication challenge string, and use that to build the actual identification string.
|
|
30 |
try:
|
|
31 |
authChallenge=self.recvAuthChallenge(conn)
|
|
32 |
except ProtocolError,x:
|
|
33 |
# check if we were denied
|
|
34 |
if hasattr(x,"partialMsg") and x.partialMsg[:len(self.denyMSG)]==self.denyMSG:
|
|
35 |
raise ConnectionDeniedError(Pyro.constants.deniedReasons[int(x.partialMsg[-1])])
|
|
36 |
else:
|
|
37 |
raise
|
|
38 |
# reply with our ident token, generated from the ident passphrase and the challenge
|
|
39 |
msg = self._sendConnect(sock,self.newConnValidator.createAuthToken(self.ident, authChallenge, conn.addr, self.URI, None) )
|
|
40 |
if msg==self.acceptMSG:
|
|
41 |
self.conn=conn
|
|
42 |
self.conn.connected=1
|
|
43 |
Log.msg('PYROAdapter','connected to',str(URI))
|
|
44 |
if URI.protocol=='PYROLOC':
|
|
45 |
self.resolvePYROLOC_URI("PYRO") # updates self.URI
|
|
46 |
elif msg[:len(self.denyMSG)]==self.denyMSG:
|
|
47 |
try:
|
|
48 |
raise ConnectionDeniedError(Pyro.constants.deniedReasons[int(msg[-1])])
|
|
49 |
except (KeyError,ValueError):
|
|
50 |
raise ConnectionDeniedError('invalid response')
|
|
51 |
except socket.error:
|
|
52 |
Log.msg('PYROAdapter','connection failed to URI',str(URI))
|
|
53 |
raise ProtocolError('connection failed')
|
|
54 |
|
|
55 |
_getProtocolAdapter = Pyro.protocol.getProtocolAdapter
|
|
56 |
def getProtocolAdapter(protocol):
|
|
57 |
if protocol in ('PYROPSK', 'PYROLOCPSK'):
|
|
58 |
return PYROPSKAdapter()
|
|
59 |
_getProtocolAdapter(protocol)
|
|
60 |
|
|
61 |
Pyro.protocol.getProtocolAdapter = getProtocolAdapter
|
|
62 |
|