Added support for SSL connections: Wamp and Service Manager updated.

Change-Id: Idd61ef6849fb6b04801c11a5c32a57e4835b8f87
This commit is contained in:
Nicola Peditto 2018-07-04 16:59:57 +02:00
parent 1730767493
commit b3af4ed336
3 changed files with 51 additions and 8 deletions

3
.gitignore vendored
View File

@ -9,4 +9,5 @@ build
AUTHORS
Authors
ChangeLog
*.md
*.md
.eggs

View File

@ -29,6 +29,7 @@ import inspect
import os
import pkg_resources
import signal
import ssl
from stevedore import extension
import sys
@ -47,6 +48,11 @@ lr_opts = [
cfg.StrOpt('lightningrod_home',
default='/var/lib/iotronic',
help=('Lightning Home Data')),
cfg.BoolOpt('skip_cert_verify',
default=True,
help=('Flag for skipping the verification of the server cert '
'(for the auto-signed ones)')),
]
CONF = cfg.CONF
@ -274,11 +280,36 @@ def wampConnect(wamp_conf):
"\n- connected = " + str(connected)
)
wamp_transport = wamp_conf['url']
wurl_list = wamp_transport.split(':')
is_wss = False
if wurl_list[0] == "wss":
is_wss = True
whost = wurl_list[1].replace('/', '')
wport = int(wurl_list[2].replace('/', ''))
if is_wss and CONF.skip_cert_verify:
ctx = ssl.create_default_context()
ctx.check_hostname = False
ctx.verify_mode = ssl.CERT_NONE
wamp_transport = [
{
"url": wamp_transport,
"endpoint": {
"type": "tcp",
"host": whost,
"port": wport,
"tls": ctx
},
},
]
# LR creates the Autobahn Asyncio Component that points to the
# WAMP Agent (main/registration agent)
global component
component = Component(
transports=wamp_conf['url'],
transports=wamp_transport,
realm=wamp_conf['realm']
)

View File

@ -41,8 +41,19 @@ class ServiceManager(Module.Module):
def __init__(self, board, session):
super(ServiceManager, self).__init__("ServiceManager", board)
self.url_ip = urlparse(board.wamp_config["url"])[1].split(':')[0]
self.wagent_url = "ws://" + self.url_ip + ":8080"
self.wstun_ip = urlparse(board.wamp_config["url"])[1].split(':')[0]
self.wstun_port = "8080"
is_wss = False
wurl_list = board.wamp_config["url"].split(':')
if wurl_list[0] == "wss":
is_wss = True
if is_wss:
self.wstun_url = "wss://" + self.wstun_ip + ":" + self.wstun_port
else:
self.wstun_url = "ws://" + self.wstun_ip + ":" + self.wstun_port
def finalize(self):
LOG.info("Cloud service tunnels to initialization:")
@ -207,7 +218,7 @@ class ServiceManager(Module.Module):
try:
wstun = subprocess.Popen(
['/usr/bin/wstun', opt_reverse, self.wagent_url],
['/usr/bin/wstun', opt_reverse, self.wstun_url],
stdout=subprocess.PIPE
)
except Exception as err:
@ -284,7 +295,7 @@ class ServiceManager(Module.Module):
message = "Cloud service '" + str(service_name) \
+ "' exposed on port " \
+ str(public_port) + " on " + self.url_ip
+ str(public_port) + " on " + self.wstun_ip
LOG.info(" - " + message + " with PID " + str(service_pid))
@ -423,7 +434,7 @@ class ServiceManager(Module.Module):
message = "service " + str(service_name) \
+ " restored on port " \
+ str(public_port) + " on " + self.url_ip
+ str(public_port) + " on " + self.wstun_ip
LOG.info(" - " + message + " with PID " + str(service_pid))
w_msg = WM.WampSuccess(message)
@ -468,7 +479,7 @@ class ServiceManager(Module.Module):
message = "service " + str(service_name) \
+ " restored on port " \
+ str(public_port) + " on " + self.url_ip
+ str(public_port) + " on " + self.wstun_ip
LOG.info(" - " + message + " with PID " + str(service_pid))
w_msg = WM.WampSuccess(message)