[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-commits] [flashproxy/master] Use fac.put_reg_base64 in facilitator-email-poller.
commit 910658c6ad2360edb36083a37593949da541afd0
Author: David Fifield <david@xxxxxxxxxxxxxxx>
Date: Thu Mar 7 00:17:52 2013 -0800
Use fac.put_reg_base64 in facilitator-email-poller.
---
facilitator/facilitator-email-poller | 47 ++++++--------------------
facilitator/init.d/facilitator-email-poller | 2 +-
2 files changed, 12 insertions(+), 37 deletions(-)
diff --git a/facilitator/facilitator-email-poller b/facilitator/facilitator-email-poller
index e9c5d3a..f2f9466 100755
--- a/facilitator/facilitator-email-poller
+++ b/facilitator/facilitator-email-poller
@@ -16,7 +16,7 @@ import time
import fac
from hashlib import sha1
-from M2Crypto import BIO, RSA, X509
+from M2Crypto import X509
DEFAULT_IMAP_HOST = "imap.gmail.com"
DEFAULT_IMAP_PORT = 993
@@ -60,16 +60,11 @@ A4GBAFjOKer89961zgK5F7WF0bnj4JXMJTENAKaSbn+2kmOeUJXRmm/kEd5jhW6Y
# hashing the public key, not the entire certificate.
PUBKEY_SHA1 = "fc54c0b2fcfcdfe4abf2f1755dfd3376f6481703".decode("hex")
-# Generating an RSA keypair for use by this program:
-# openssl genrsa reg-email 2048
-# chmod 600 reg-email
-
LOG_DATE_FORMAT = "%Y-%m-%d %H:%M:%S"
class options(object):
email_addr = None
imap_addr = None
- key_filename = None
password_filename = None
log_filename = DEFAULT_LOG_FILENAME
log_file = sys.stdout
@@ -91,7 +86,7 @@ class IMAP4_SSL_REQUIRED(imaplib.IMAP4_SSL):
def usage(f = sys.stdout):
print >> f, """\
-Usage: %(progname)s --key=KEYFILE --pass=PASSFILE
+Usage: %(progname)s --pass=PASSFILE
Facilitator-side helper for the facilitator-reg-email rendezvous. Polls
an IMAP server for email messages with client registrations, deletes
them, and forwards the registrations to the facilitator.
@@ -101,7 +96,6 @@ them, and forwards the registrations to the facilitator.
-h, --help show this help.
-i, --imap=HOST[:PORT] use the given IMAP server (default "%(imap_addr)s").
--imaplib-debug show raw IMAP messages (will include email password).
- -k, --key=KEYFILE read a facilitator private key from KEYFILE.
-l, --log FILENAME write log to FILENAME (default \"%(log)s\").
-p, --pass=PASSFILE use the email password contained in PASSFILE.
--pidfile FILENAME write PID to FILENAME after daemonizing.
@@ -127,7 +121,7 @@ def log(msg):
options.email_addr = DEFAULT_EMAIL_ADDRESS
options.imap_addr = (DEFAULT_IMAP_HOST, DEFAULT_IMAP_PORT)
-opts, args = getopt.gnu_getopt(sys.argv[1:], "de:hi:k:l:p:", ["debug", "email=", "help", "imap=", "imaplib-debug", "key=", "log=", "pass=", "pidfile=", "unsafe-logging"])
+opts, args = getopt.gnu_getopt(sys.argv[1:], "de:hi:l:p:", ["debug", "email=", "help", "imap=", "imaplib-debug", "log=", "pass=", "pidfile=", "unsafe-logging"])
for o, a in opts:
if o == "-d" or o == "--debug":
options.daemonize = False
@@ -141,8 +135,6 @@ for o, a in opts:
options.imap_addr = fac.parse_addr_spec(a, DEFAULT_IMAP_HOST, DEFAULT_IMAP_PORT)
if o == "--imaplib-debug":
options.imaplib_debug = True
- elif o == "-k" or o == "--key":
- options.key_filename = a
elif o == "-l" or o == "--log":
options.log_filename = a
elif o == "-p" or o == "--pass":
@@ -182,26 +174,6 @@ try:
finally:
password_file.close()
-# Load the private key specific to this registration method.
-if options.key_filename is None:
- print >> sys.stderr, "The --key option is required."
- sys.exit(1)
-try:
- key_file = open(options.key_filename)
-except Exception, e:
- print >> sys.stderr, """\
-Failed to open private key file "%s": %s.\
-""" % (options.key_filename, str(e))
- sys.exit(1)
-try:
- if not check_perms(key_file.fileno()):
- print >> sys.stderr, "Refusing to run with group- or world-readable private key file. Try"
- print >> sys.stderr, "\tchmod 600 %s" % options.key_filename
- sys.exit(1)
- rsa = RSA.load_key_string(key_file.read())
-finally:
- key_file.close()
-
if options.log_filename:
options.log_file = open(options.log_filename, "a")
# Send error tracebacks to the log.
@@ -234,11 +206,14 @@ def find_client_addr(body):
return None
def handle_message(msg):
- ciphertext = msg.get_payload().decode("base64")
- plaintext = rsa.private_decrypt(ciphertext, RSA.pkcs1_oaep_padding)
- client_addr = find_client_addr(plaintext)
- log(u"registering %s" % safe_str(fac.format_addr(client_addr)))
- fac.put_reg(FACILITATOR_ADDR, client_addr)
+ try:
+ if fac.put_reg_base64(msg.get_payload()):
+ log(u"registered client")
+ else:
+ log(u"failed to register client")
+ except Exception, e:
+ log(u"error registering client")
+ raise
def truncate_repr(s, n):
if not isinstance(s, basestring):
diff --git a/facilitator/init.d/facilitator-email-poller b/facilitator/init.d/facilitator-email-poller
index a41f9e0..8f52845 100755
--- a/facilitator/init.d/facilitator-email-poller
+++ b/facilitator/init.d/facilitator-email-poller
@@ -21,7 +21,7 @@ PIDFILE=/var/run/$NAME.pid
LOGFILE=/var/log/$NAME.log
CONFDIR=/etc/flashproxy
DAEMON=/usr/local/bin/$NAME
-DAEMON_ARGS="--pass $CONFDIR/reg-email.pass --key $CONFDIR/reg-email.key --log $LOGFILE --pidfile $PIDFILE"
+DAEMON_ARGS="--pass $CONFDIR/reg-email.pass --log $LOGFILE --pidfile $PIDFILE"
SCRIPTNAME=/etc/init.d/$NAME
# Exit if the package is not installed
_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits