diff --git a/.gitignore b/.gitignore index 3c8d148..3b2ab8d 100644 --- a/.gitignore +++ b/.gitignore @@ -9,4 +9,5 @@ build AUTHORS Authors ChangeLog -*.md \ No newline at end of file +*.md +.eggs \ No newline at end of file diff --git a/iotronic_lightningrod/lightningrod.py b/iotronic_lightningrod/lightningrod.py index 2d740bd..e89894a 100644 --- a/iotronic_lightningrod/lightningrod.py +++ b/iotronic_lightningrod/lightningrod.py @@ -29,6 +29,7 @@ import inspect import os import pkg_resources import signal +import ssl from stevedore import extension import sys @@ -47,6 +48,11 @@ lr_opts = [ cfg.StrOpt('lightningrod_home', default='/var/lib/iotronic', help=('Lightning Home Data')), + cfg.BoolOpt('skip_cert_verify', + default=True, + help=('Flag for skipping the verification of the server cert ' + '(for the auto-signed ones)')), + ] CONF = cfg.CONF @@ -274,11 +280,36 @@ def wampConnect(wamp_conf): "\n- connected = " + str(connected) ) + wamp_transport = wamp_conf['url'] + wurl_list = wamp_transport.split(':') + is_wss = False + + if wurl_list[0] == "wss": + is_wss = True + whost = wurl_list[1].replace('/', '') + wport = int(wurl_list[2].replace('/', '')) + + if is_wss and CONF.skip_cert_verify: + ctx = ssl.create_default_context() + ctx.check_hostname = False + ctx.verify_mode = ssl.CERT_NONE + wamp_transport = [ + { + "url": wamp_transport, + "endpoint": { + "type": "tcp", + "host": whost, + "port": wport, + "tls": ctx + }, + }, + ] + # LR creates the Autobahn Asyncio Component that points to the # WAMP Agent (main/registration agent) global component component = Component( - transports=wamp_conf['url'], + transports=wamp_transport, realm=wamp_conf['realm'] ) diff --git a/iotronic_lightningrod/modules/service_manager.py b/iotronic_lightningrod/modules/service_manager.py index f6c15c7..5dcaed4 100644 --- a/iotronic_lightningrod/modules/service_manager.py +++ b/iotronic_lightningrod/modules/service_manager.py @@ -41,8 +41,19 @@ class ServiceManager(Module.Module): def __init__(self, board, session): super(ServiceManager, self).__init__("ServiceManager", board) - self.url_ip = urlparse(board.wamp_config["url"])[1].split(':')[0] - self.wagent_url = "ws://" + self.url_ip + ":8080" + + self.wstun_ip = urlparse(board.wamp_config["url"])[1].split(':')[0] + self.wstun_port = "8080" + + is_wss = False + wurl_list = board.wamp_config["url"].split(':') + if wurl_list[0] == "wss": + is_wss = True + + if is_wss: + self.wstun_url = "wss://" + self.wstun_ip + ":" + self.wstun_port + else: + self.wstun_url = "ws://" + self.wstun_ip + ":" + self.wstun_port def finalize(self): LOG.info("Cloud service tunnels to initialization:") @@ -207,7 +218,7 @@ class ServiceManager(Module.Module): try: wstun = subprocess.Popen( - ['/usr/bin/wstun', opt_reverse, self.wagent_url], + ['/usr/bin/wstun', opt_reverse, self.wstun_url], stdout=subprocess.PIPE ) except Exception as err: @@ -284,7 +295,7 @@ class ServiceManager(Module.Module): message = "Cloud service '" + str(service_name) \ + "' exposed on port " \ - + str(public_port) + " on " + self.url_ip + + str(public_port) + " on " + self.wstun_ip LOG.info(" - " + message + " with PID " + str(service_pid)) @@ -423,7 +434,7 @@ class ServiceManager(Module.Module): message = "service " + str(service_name) \ + " restored on port " \ - + str(public_port) + " on " + self.url_ip + + str(public_port) + " on " + self.wstun_ip LOG.info(" - " + message + " with PID " + str(service_pid)) w_msg = WM.WampSuccess(message) @@ -468,7 +479,7 @@ class ServiceManager(Module.Module): message = "service " + str(service_name) \ + " restored on port " \ - + str(public_port) + " on " + self.url_ip + + str(public_port) + " on " + self.wstun_ip LOG.info(" - " + message + " with PID " + str(service_pid)) w_msg = WM.WampSuccess(message)