[newdak/master] add demo of how twisted could be used for dakd
Signed-off-by: Thomas Viehmann <tv@beamnet.de>
---
twisted-demo/certs/broken.pem | 26 ++++++++++
twisted-demo/certs/dummy-ca.key | 27 ++++++++++
twisted-demo/certs/dummy-ca.pem | 21 ++++++++
twisted-demo/certs/dummy-client.key | 27 ++++++++++
twisted-demo/certs/dummy-client.pem | 22 ++++++++
twisted-demo/certs/dummy-server.key | 27 ++++++++++
twisted-demo/certs/dummy-server.pem | 21 ++++++++
twisted-demo/dakclient.py | 82 +++++++++++++++++++++++++++++++
twisted-demo/dakworker.py | 25 ++++++++++
twisted-demo/netserver.py | 91 +++++++++++++++++++++++++++++++++++
twisted-demo/os_util.py | 9 ++++
11 files changed, 378 insertions(+), 0 deletions(-)
create mode 100644 twisted-demo/certs/broken.pem
create mode 100644 twisted-demo/certs/dummy-ca.key
create mode 100644 twisted-demo/certs/dummy-ca.pem
create mode 100644 twisted-demo/certs/dummy-client.key
create mode 100644 twisted-demo/certs/dummy-client.pem
create mode 100644 twisted-demo/certs/dummy-server.key
create mode 100644 twisted-demo/certs/dummy-server.pem
create mode 100755 twisted-demo/dakclient.py
create mode 100644 twisted-demo/dakworker.py
create mode 100755 twisted-demo/netserver.py
create mode 100644 twisted-demo/os_util.py
diff --git a/twisted-demo/certs/broken.pem b/twisted-demo/certs/broken.pem
new file mode 100644
index 0000000..6c0b075
--- /dev/null
+++ b/twisted-demo/certs/broken.pem
@@ -0,0 +1,26 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXgIBAAKBgQCtbisD9NMzH8CdU/RmwefyzsLqh/1HhlTlHy1SStZEGRSxT6jh
+BLW40DTSWh+zoj8SiCPfLwVavIYlu1BEJzU6q8J9/tBMeb/wJIRMMH8ctfYHBsiS
+yANOE28x0iO30G451qEF+96MlInMjF/HvHcEUI3DwvJRZiDz/6xmTgr4KQIDAQAB
+AoGBAIZx8izF/XgTdGlCbSO/zEUBnj7cHy/0ZhmcurChzUrLOqxd+ag+03UrCtfK
+/+psq4J9QXnB5N+7aC8V75p13p+OUc4R8TEffPGOw2JxLJJS0t4xiohadtYBd9rO
+1aPUFNEuMMsTR3dt/YSsZlS6NA62OZkNXggE9bYjzm9aLMyBAkEA5BIyBjvq/T77
+W/vFByXm3pNc7iZ4L+H+diHoXqqsvCi29NCEHerVs2SPfHdRQBZyKK8bNIcris9U
+wOkXk53EsQJBAMKrCgx3e4djKoeJg7orslrftYRtGwR9es5gTqmvDoHMXDvf2W1Z
+wMdPuRROlcZJ3HPYJt75f8kZgOx0fmNLKPkCQQCEjC6WgOwpEhlzc/cmGFj8shgo
+MCNZcLY6Yapymi6Zi/AIh8bAvGJGSAM8CvwliuX9zwa4mHYtziErnEwfdmmBAkEA
+tgOwgJmTIbKiCFqWlRLYT8mN8gUF1vvwQFiiFFv+x3Qp5T3XETxzWKh9F7Smq+FR
+w+sd5SwJxCEZf30o03RqGQJAK7uiQWu/5D8hhTTKhT88UhNmrR/MIWA+p8tMeGSF
+/00I+SmsR5tjtnM84s25XGcmn6pRlRwvOLUWql/d1pSUcw==
+-----END RSA PRIVATE KEY-----
+-----BEGIN CERTIFICATE-----
+MIIBnzCCAQgCCQCqT78reoRdpjANBgkqhkiG9w0BAQUFADAUMRIwEAYDVQQDEwly
+YW1hbnVqYW4wHhcNMDgwNzI0MTcxMDU2WhcNMTgwNzIyMTcxMDU2WjAUMRIwEAYD
+VQQDEwlyYW1hbnVqYW4wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAK1uKwP0
+0zMfwJ1T9GbB5/LOwuqH/UeGVOUfLVJK1kQZFLFPqOEEtbjQNNJaH7OiPxKII98v
+BVq8hiW7UEQnNTqrwn3+0Ex5v/AkhEwwfxy19gcGyJLIA04TbzHSI7fQbjnWoQX7
+3oyUicyMX8e8dwRQjcPC8lFmIPP/rGZOCvgpAgMBAAEwDQYJKoZIhvcNAQEFBQAD
+gYEAfGPSm6SVoT/YucbZTis+KCumu2sezSxNIHt3tSfULoKH1khNiAy1aHJRcb11
+C29QUNN9gLCVCKQU8T+RMQGeqT0eZTYWuLCwRhU1Q3GE3GZJV636kixIxwAqmyHG
+S4KnrcahDpYapN0/kugy8xgvgIg9xVqmOSmnwYiTiQjkHoU=
+-----END CERTIFICATE-----
diff --git a/twisted-demo/certs/dummy-ca.key b/twisted-demo/certs/dummy-ca.key
new file mode 100644
index 0000000..22b1802
--- /dev/null
+++ b/twisted-demo/certs/dummy-ca.key
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEA3hyyehwU9Lgzw93qlzCGdiRiYybG+jg71m23F3KqsycF5Lni
+stZ/aiLVVeqnNPivVFJKoe6LW6mN7KiF7CRbgLWLY/Sl/toh0dPUeePQ7BtaB36v
+exlzv6dFnvlYdjPvPbvtyK7GnBeJFV7K9b44ZuNDId8Lwd9+liy8UzzHDbFYf6DJ
+4TU5MsKpH0tKa6ftRkhM2UUA7cvbxrJAcuNni+efWsbhrpwEggsQxjOpuX7OnFQD
+ayishsXsPqvH8UOcoMIyA+4cmN+aBSxFZ8xTrjNV5FxpEJKtZa3qys7Jdv9S64V4
+S1OPaUcV5tttBsMWgBZia0TVsUyNO7IjaL4c7wIDAQABAoIBAARPBjSm4CPcgZSR
+H4CN/m3C8u2oI5VYYJYeTBOhCSgEinFkxxMKZNpdkUnjYsRSTARqEZc762l8douw
+ETkC04uW+fyXEwlImKiwtUnQCOOA/FQc5Fvnoykv84J2pSgAhemVVbLeQRgSFM9c
+prnxq2JuPNp8Bdxdm4pflR+q6X7zIoW/lwS2osbDUDkXMAs5gpTrULvVHarbye1D
+TQWvs6w8PUrTEfrCEq1fCL+vVnMpKwtkKIrBfybw86vyfXg2Ksw4sU3ej7EsLHOo
+zHeimyah1kmh+QYd6KNuxcdgF007VXa3Q+eNqxChrtYT+srfHDbJTbAZF8FIPFUy
+C5QOm4ECgYEA60uTjB14bcwGVSayde5WiCy7aCgjGf7rbu0s+1z8I9BNxR5IU3vx
+OCHEv6AbEIeUbb/UC+TwtmdPGig5Hg+ujvYAERB8m5rp0imyKssUHuSacCbGpEAk
+8nB3/wHSjo6TIt3gLL2nUVz5rzAwlnXEW6WJknn1Gzbq0Il4RmzwoCECgYEA8agm
+DlDlTd8iBPSN3LrBqRL+Q4EanpTo28pfWyvF96FOo0BQe5KjzBXUDXrrd0P7HgfA
+jQU0OJ5vt3X+7hG20D10GGFqNXecURYoUyzQWIPcXsyztPSe2FrzXITRAIO/RyIJ
+t7jZwp55zu8E36hfbylyih93wyDYFQIGKIqZWw8CgYEA2cR9z20rG3t71O1Wt/0Z
+SzkTTefv7MxZO7X5Lr81gTP19lz7lYCdlVTzkmLtCZRh1F15NHT0L+1XcZ8Olfrv
+lNKq5yA6I43xoBgFFMQVYC41nVzV9giD6XocJQCbzmK4XMm7A82XgJ8rW2+fWHGw
+hR2lQNLs/f4Kv2yry4ph/eECgYEAnZMVbZRWUVbEKhMFRf8JNKRL49yVbP6QcHEf
+iKWcawJl8pGHaWyPHg7FvRx/2b8cSdKoPcw85wZ4tlpcpwQp/tNzlko/JSofZcha
+9xFrsawZ0D8Ol1pDEbUMpzF7zygZW9rYF1KTvBH2P3cf6G8z+5o9M8+dGkGaZOhy
+95CYuwUCgYB0epZS6hN/plR1TstQEiARWnbHSkuusZL1OL//VJTPM22xYzXwreBE
+blKWqDjDMetP/yGZ76PzfFAG7QEHJrrmowYhlwnkoYhiRdzy9XBfixAZBJ51Nrl8
+tsOEDlo+znc6Q+YPRDN5nGijbFQSkiuzWRagrcs9//ch+LfrdUwCRg==
+-----END RSA PRIVATE KEY-----
diff --git a/twisted-demo/certs/dummy-ca.pem b/twisted-demo/certs/dummy-ca.pem
new file mode 100644
index 0000000..a44364b
--- /dev/null
+++ b/twisted-demo/certs/dummy-ca.pem
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDYTCCAkugAwIBAgIESTEKzjALBgkqhkiG9w0BAQUwMDELMAkGA1UEBhMCZGUx
+DjAMBgNVBAoTBUR1bW15MREwDwYDVQQDEwhEdW1teSBDQTAeFw0wODExMjkwOTI2
+MzlaFw0xMDA2MzAyMDMwMjFaMDAxCzAJBgNVBAYTAmRlMQ4wDAYDVQQKEwVEdW1t
+eTERMA8GA1UEAxMIRHVtbXkgQ0EwggEfMAsGCSqGSIb3DQEBAQOCAQ4AMIIBCQKC
+AQDeHLJ6HBT0uDPD3eqXMIZ2JGJjJsb6ODvWbbcXcqqzJwXkueKy1n9qItVV6qc0
++K9UUkqh7otbqY3sqIXsJFuAtYtj9KX+2iHR09R549DsG1oHfq97GXO/p0We+Vh2
+M+89u+3IrsacF4kVXsr1vjhm40Mh3wvB336WLLxTPMcNsVh/oMnhNTkywqkfS0pr
+p+1GSEzZRQDty9vGskBy42eL559axuGunASCCxDGM6m5fs6cVANrKKyGxew+q8fx
+Q5ygwjID7hyY35oFLEVnzFOuM1XkXGkQkq1lrerKzsl2/1LrhXhLU49pRxXm220G
+wxaAFmJrRNWxTI07siNovhzvAgMBAAGjgYkwgYYwDwYDVR0TAQH/BAUwAwEB/zAa
+BgNVHREEEzARgQ9kdW1teUBkdW1teS5jb20wDwYDVR0PAQH/BAUDAwcGADAdBgNV
+HQ4EFgQULbTR2nGEOWuep8kTxe4nJxJumtMwJwYDVR0fBCAwHjAcoBqgGIYWaHR0
+cDovL2R1bW15LWNybC5kdW1teTALBgkqhkiG9w0BAQUDggEBAMNqpy6toqG1lr81
+DFX2nr7/gcPd+NN7SVVEh1FHToyvX0cpyLokN5upftElOCe/wylnQgySAoqJqMjY
+XPKYa80g1fyWgKe/0P0/rG9PLTbjZ23mGGWWJvISCdfTVnz9yVxZ9rJAl6x8xEOw
+XZMBvdWV4w6IAD+aNh6tKEd44m0aMRLzq83uO0ahQo9xK7S6a/qV2Fo8NCGBqhIO
+X7sQoEvkzYoH8Vza/wgxrxxaosbwjn2TaLdAT/1thtIkFGGMkHxa9pcxUZxt4dFq
+HzOn9JoU1Xl7fi7ZZCJHkGmz6A4WE++euTaO2CFxxkelVTqvTTCL7Im55zT+Ih83
+AXvlm/U=
+-----END CERTIFICATE-----
diff --git a/twisted-demo/certs/dummy-client.key b/twisted-demo/certs/dummy-client.key
new file mode 100644
index 0000000..a17d0e2
--- /dev/null
+++ b/twisted-demo/certs/dummy-client.key
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEogIBAAKCAQEA1DGMKvHiRAda8ByVz/KR9jFQv37y/S45/139UEUl3XG0zk4j
+P6oirxQsi7EB/57Wb6B9b0JMESGywBtZIuGzD6l2qoWo7trZjg/3hGzAS4zSmJsI
+mbTLi1MIoFRcZMZ2yLVOanQHy6j+pUj1nYIWViFJassTmm+iu+sbMSYMYGdZCBj9
+dznl2j3d1jhY74/njgcvkI3XEimuTWSkhE3LFDvW1xT+argyjGzR48xDkJayAWZ7
+ZFgbaAG29zSXTOQFe2Jqnx6tufWL5ulEw27eL+/TQ5C9hS6pmNvieckG80E5R7+S
+KeaiPulYGwPvgvTQd1G9EnFieWRox6mj/rLUpQIDAQABAoIBABaCtRx/MaJG53pO
+hgQb9ykXfTn7dTqvsz5oka140HYIEIbMWkfwPCK3sKwXGJ+uEZChBX2OmnQ8z3I6
+1H9zUyQntauMZ2oDdI3yGq+FO/cn1tWSqNxphihfJCyiFnUoasSLG2kGqycLZAxT
+y56shMMZX+kA5zD8g9aMsANMRobZbkjUiYD62xahLLUfe2xB0zNvyJoF8qRbZe/d
+z88seW8nIEUnZZ4J/uzFzvoDWl7IMENlMgMkC0rl1swalbVaHr5v/qqTLC0WjZ44
+SDDwIBsp3OR/NDNrSXSrMInWzdj0w1u4+J7eS6XcMOB/TzAaFmw1IeisR5veITIi
+T5C+61ECgYEA11YS/hLfS1h4sZlpNqndZAtC2H0cPuGScYHhhz6Y5qM39fy+KlLE
+fk7+7HXigPsvICTmmDzDQruKuO0tGMR8uT269C12AsxnljYyXeefdjm2solCHY7y
+xx1QSPAetAcIkMR9Z7H6hYAgvFcedCfG6S5jmGW41pbFp91ZIIKlHDkCgYEA/EOM
+N6LKIfkUdH0Eub8IYeuPl5zEU2oyOdI0WN46dST6GujlVdXyFdMsQMoeserBD+8w
+GVfaIMpScKXE7aS0/LkgI/+hF3euX49SPFTGXWbhB+WfsrMJGCa43Sizx7XVC4tK
+sh+9CSHWvTXernemgrvGGIfkhOI+Ph3KWRB7E80CgYAHfc8bV7y8+k74nsWySSaS
+nHGu5mtdJKvblxEpi1v2aidAP5K+FjMP0d+8ij1fD14MWDxNf4+reqrQ1C+FdRCB
+wUwHwq0gW8wexbPq4GwDyO46N9w8+wQnOTXZ08C9sqDxqGRUfzSgAF0jMES29ctN
+wXdljeRoUsZ9mI3JO8JSwQKBgBm2aNxi42eDE+qrs4ebSSdx8zjo6bn24RezrVJB
+lIPMORH1Gyscm4hN9fzEnUxVOUh+gNCUe89L0AtbWi8+0pPP6s7Ah5L0x/lFioRL
+v8xVaCp95UE5rnuftsgUFf8NMaHzmLF/Oq1rnY+7pe7yky5QJWjqsQg6Z029i5p4
+a5MhAoGAIxfB3YnAihfz9z7gSvL6LypgU3yrADlMCNcQ8TKW/nggygatFo083Xv4
+u0tAMPKP1CW8hmkRfpszp/Xgl9onzdcU7whBkSVfAmrxi0Fq2nvg0KoLNXKeLM5L
+NYr1V8f1qBUUQRdXy6+m3/mo6gZOD7HBWDOpp9f5WWQkjpD+wMw=
+-----END RSA PRIVATE KEY-----
diff --git a/twisted-demo/certs/dummy-client.pem b/twisted-demo/certs/dummy-client.pem
new file mode 100644
index 0000000..fdc1340
--- /dev/null
+++ b/twisted-demo/certs/dummy-client.pem
@@ -0,0 +1,22 @@
+-----BEGIN CERTIFICATE-----
+MIIDmTCCAoOgAwIBAgIESTELpDALBgkqhkiG9w0BAQUwMDELMAkGA1UEBhMCZGUx
+DjAMBgNVBAoTBUR1bW15MREwDwYDVQQDEwhEdW1teSBDQTAeFw0wODExMjkwOTMw
+MTNaFw0xMDA2MzAyMDMzNDdaMDQxFTATBgNVBAoTDER1bW15IENsaWVudDEbMBkG
+A1UEAxMSZHVtbXljbGllbnQuZGViaWFuMIIBHzALBgkqhkiG9w0BAQEDggEOADCC
+AQkCggEA1DGMKvHiRAda8ByVz/KR9jFQv37y/S45/139UEUl3XG0zk4jP6oirxQs
+i7EB/57Wb6B9b0JMESGywBtZIuGzD6l2qoWo7trZjg/3hGzAS4zSmJsImbTLi1MI
+oFRcZMZ2yLVOanQHy6j+pUj1nYIWViFJassTmm+iu+sbMSYMYGdZCBj9dznl2j3d
+1jhY74/njgcvkI3XEimuTWSkhE3LFDvW1xT+argyjGzR48xDkJayAWZ7ZFgbaAG2
+9zSXTOQFe2Jqnx6tufWL5ulEw27eL+/TQ5C9hS6pmNvieckG80E5R7+SKeaiPulY
+GwPvgvTQd1G9EnFieWRox6mj/rLUpQIDAQABo4G9MIG6MAwGA1UdEwEB/wQCMAAw
+EwYDVR0lBAwwCgYIKwYBBQUHAwIwGwYDVR0RBBQwEoEQdGVzdGNsaWVudEBkdW1t
+eTAPBgNVHQ8BAf8EBQMDB4AAMB0GA1UdDgQWBBRm7iqC9VncqlMh+RhaS0Pi7rK5
+bzAfBgNVHSMEGDAWgBQttNHacYQ5a56nyRPF7icnEm6a0zAnBgNVHR8EIDAeMByg
+GqAYhhZodHRwOi8vZHVtbXktY3JsLmR1bW15MAsGCSqGSIb3DQEBBQOCAQEAEJ3g
+KjZnwkIWRnY9P1mG8LRdbLIg0dNotvyHj60h6IDUYf9zcAx/nO3IFIyWM2C1ic6D
+7sPIr0LJaELtC4CpyhEI6Opkof6LbrKswv7FrZq2kchikU5rMN3fQFuKUUcRmqBQ
+Ve0dH+kK5qVOjodMSKVtALGAItphMlbFB/DDcFIdrb0XpGUYxgKVpnRmjpA3HazL
+FPq9DumvAtByPj6fEcpeQGeJs9vcfN16jBkU7P0mWz60llYvjyVGRnTX0YKffEjn
+K2k90lW9d2zx5FqIvrx1zbWsDrnNf/ZazDaFqmG1DHoGmgdo4jtmEPTrzjV2D48g
+FfviLaaDOwmyfCtyXA==
+-----END CERTIFICATE-----
diff --git a/twisted-demo/certs/dummy-server.key b/twisted-demo/certs/dummy-server.key
new file mode 100644
index 0000000..39b219c
--- /dev/null
+++ b/twisted-demo/certs/dummy-server.key
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEAqmhT0OxIGNmvixOlYX6Ka5m+bv6Gma52+bVXeTXN9HLroJCc
+VI5lC5K4A8w4TNa9poJJ2x6fdVl2BP426Xp2tXBvcvGw4itbRsBuLMx20iNkd4PT
+/WR984ixMoS1NRqb0t6xUcjuNWigvD1yUhGS/5XBt3R9zki9vadmjuKv1e+FEBEa
+pOWRo0+EJfEE6C9YhlHvxtmwQoGUkW9yWP2zJDTY5Tfg6tFzuXNXhBJ6ojyP2t+U
+/0IMIx5W+VXe3pUy6jui2foxgDUHJUUVcXRd1ukqmsu4gw/5y2q1AR360/T+nq72
+eeCOy2hYFQSHZqKV8UFT9QACrrosmPm8LrpsuQIDAQABAoIBABWVWLZf0wLowYHz
+R1FpqmUWCEd9L/WzogifNhjZXoBtdNg1sMNJ9NTqLKn4ehILaeJ24p1hC8/ceKUJ
+wNFCLFpvRwJvR9jhpnI36cx9Sjhz+KPlm9pemdBYeh8crWnwOJfVEm76LOexXJhz
+DPGFndGG+Y3/sHaKApRMqWIEJsLJGkVMhalUUMuOCHX9neA6zyaBVC+cdoeMFBFu
+ivLs/ILLSLY2vcJITRJJjnGIyHMBEb2TCd+NOf/qtOuLi+sAssTVvoelGOkKBoWh
+gqvZVgQ5aC4NadPc1idgwKV16AVe3srJgX9JjR1xNy2bHNmflsgDcXdQN1boWUVo
+JIQMhS0CgYEAwPD6oO8PbbWNAVEWZVyFcmA1XuNy+Hq2HIHOG6Mcww/uzXACW+Ub
+wUzdPV1WymIBzLaRwxYOCrzDQbLUd/mzoni0dgUEoHIeg/D9Y+SBPE4eLyoQsYFp
+9rS0hCnlD6rAusmdG5Th0i50dXJ4RS/2yGue4tA8yErVrzCo7rJAg4UCgYEA4hn9
+dQzckxEZyB8vZId0t9b5q/HuJmXJrTrbi9mKQyW6XhhjV4Qrc2oD0XEbIAwAHIF1
+AyMwJhiABQ2e/KWP0hI67wPs7/CJdBhgQ6GgzGmXoLtSyDzB0nJNq9l601P7wJXY
+Vhf3IT8CgAEqYTN5KGX6OvbV2eDkLwSsH8FbiKUCgYBpxnMQsZ7avZJ9K1BE55E9
+YCNCTx2jvdqDDGLLYgQNqHl55TNV3+f0dEhCMR64uzxTV6/XrQqrtkqxhPHYiGuD
+4frFTQD5WTcDjKXOEuMLBaSkpMIcHl/SYcUpQ7KRgUJB5PAdw+R9jvxHuybWf3Ii
+9GVZ4WHBSM2XSu0CV3To5QKBgQDSHwcuBULjpcvI8DpR+ZRd2Pn0coQ4yPWQ+JbZ
+s9RLLL+y/IUt6tWaj5Z2yN9FfAGKfECrJsNzU+d9SrhK4O30cx6zy3khTu/epVyo
+3YcbELJqHEwFbHlPwwwtvZHo3S6kPl1rPSBclDsVjH+/D1/0TDktHQGGVvqYO4Ze
+iIoxRQKBgDENoU97kUwWLgkFj/6UO7sbwfLykpIYYHXVUnAwVcpQu8UkmC5vtFSi
+4XdxEYbyxEaW3Yr9AsnmRTkgJJk7hHcMzgQ90cqtZqybpIaHz82NS7Rje7N9zUyE
+wqCiz8NBZpYBZfIb8t+OA18TPeVJo+s2m7vDPFMOxV8w6VWgxAjt
+-----END RSA PRIVATE KEY-----
diff --git a/twisted-demo/certs/dummy-server.pem b/twisted-demo/certs/dummy-server.pem
new file mode 100644
index 0000000..a486be8
--- /dev/null
+++ b/twisted-demo/certs/dummy-server.pem
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDfTCCAmegAwIBAgIESTEL8DALBgkqhkiG9w0BAQUwMDELMAkGA1UEBhMCZGUx
+DjAMBgNVBAoTBUR1bW15MREwDwYDVQQDEwhEdW1teSBDQTAeFw0wODExMjkwOTMx
+MzBaFw0xMDA2MzAyMDM1MDJaMDAxFTATBgNVBAoTDER1bW15IFNlcnZlcjEXMBUG
+A1UEAxMObG9jYWxob3N0Ojg4ODgwggEfMAsGCSqGSIb3DQEBAQOCAQ4AMIIBCQKC
+AQCqaFPQ7EgY2a+LE6Vhfoprmb5u/oaZrnb5tVd5Nc30cuugkJxUjmULkrgDzDhM
+1r2mgknbHp91WXYE/jbpena1cG9y8bDiK1tGwG4szHbSI2R3g9P9ZH3ziLEyhLU1
+GpvS3rFRyO41aKC8PXJSEZL/lcG3dH3OSL29p2aO4q/V74UQERqk5ZGjT4Ql8QTo
+L1iGUe/G2bBCgZSRb3JY/bMkNNjlN+Dq0XO5c1eEEnqiPI/a35T/QgwjHlb5Vd7e
+lTLqO6LZ+jGANQclRRVxdF3W6Sqay7iDD/nLarUBHfrT9P6ervZ54I7LaFgVBIdm
+opXxQVP1AAKuuiyY+bwuumy5AgMBAAGjgaUwgaIwDAYDVR0TAQH/BAIwADAUBgNV
+HREEDTALgglsb2NhbGhvc3QwEwYDVR0lBAwwCgYIKwYBBQUHAwEwHQYDVR0OBBYE
+FH9pD7pk3TJV4lAhu5XAlclFrwpTMB8GA1UdIwQYMBaAFC200dpxhDlrnqfJE8Xu
+JycSbprTMCcGA1UdHwQgMB4wHKAaoBiGFmh0dHA6Ly9kdW1teS1jcmwuZHVtbXkw
+CwYJKoZIhvcNAQEFA4IBAQAteUzKDvWL07zE+txg+tkgDjBOhDRsMviTJDTfeFbl
+nJFGRz31VSt46b2G8tPIAouAr/zH6hvj2UMPZL9N1wNMOhMaIdo5FADYRglXSSwK
+QybG+fcj8Z8xYIrf7busGiVrHFT3qVTZAnG6qDGdQ4ud6qCKVptQ9N8WyeaoBVRd
+VSUyPCtOY2142awdTb1DU5E86YS064wJqc2uQNjyG95r2iXXkJ7avImn6ju3U1jh
+hk+sm9MoaZhM7ZrFAV633kaAx8toDj1AygKPg4vjKcpQzxEfDXTpyb8Igese7ynK
+LLyVoI+3OXIWwuXMiqSmvPd211jB0azKgtQ7eYgwsLG0
+-----END CERTIFICATE-----
diff --git a/twisted-demo/dakclient.py b/twisted-demo/dakclient.py
new file mode 100755
index 0000000..c2bf04b
--- /dev/null
+++ b/twisted-demo/dakclient.py
@@ -0,0 +1,82 @@
+#!/usr/bin/python
+# (c) 2008 Thomas Viehmann, GPLv2 or later
+import twisted.web.soap
+import twisted.web.client
+import twisted.internet.reactor
+import SOAPpy
+
+
+class CtxFactory(twisted.internet.ssl.ClientContextFactory):
+ """SSL Client Context Factory, checks certificate"""
+ def _verify(self, connection, x509, errnum, errdepth, ok):
+ if not ok: print 'invalid cert from subject:', x509.get_subject()
+ return ok
+ def getContext(self):
+ import OpenSSL
+ self.method = OpenSSL.SSL.TLSv1_METHOD
+ ctx = twisted.internet.ssl.ClientContextFactory.getContext(self)
+ ctx.use_certificate_file('certs/dummy-client.pem')
+ ctx.use_privatekey_file('certs/dummy-client.key')
+ #ctx.use_certificate_file('certs/broken.pem')
+ #ctx.use_privatekey_file('certs/broken.pem')
+ ctx.load_verify_locations('certs/dummy-ca.pem')
+ ctx.set_verify(OpenSSL.SSL.VERIFY_PEER | OpenSSL.SSL.VERIFY_FAIL_IF_NO_PEER_CERT,
+ self._verify)
+ return ctx
+
+class FlexProxy(twisted.web.soap.Proxy):
+ """Proxy with callRemote that can do unix:///path for unix sockets
+ takes sslContextFactory to process SSL requrests"""
+ def callRemote(self, method, sslContextFactory=None, *args, **kwargs):
+ payload = SOAPpy.buildSOAP(
+ args=args, kw=kwargs, method=method,
+ header=self.header, namespace=self.namespace)
+ scheme, host, port, path = twisted.web.client._parse(self.url)
+ factory = twisted.web.client.HTTPClientFactory(
+ self.url,
+ postdata=payload,
+ method="POST",
+ headers={'content-type': 'text/xml',
+ 'SOAPAction': method}
+ )
+ if scheme == 'https':
+ if sslContextFactory is None:
+ sslContextFactory = twisted.internet.ssl.ClientContextFactory()
+ twisted.internet.reactor.connectSSL(host, port, factory, sslContextFactory)
+ elif scheme == 'http':
+ twisted.internet.reactor.connectTCP(host, port, factory)
+ elif scheme == 'unix':
+ assert not host
+ twisted.internet.reactor.connectUNIX(path, factory)
+ else:
+ raise Exception("unknown URL scheme")
+ return factory.deferred.addCallback(self._cbGotResult)
+
+def printValue(value):
+ """success callback for SOAP response"""
+ print value
+ twisted.internet.reactor.stop()
+
+def printError(error):
+ """error callback for SOAP response"""
+ soaperr = None
+ try:
+ soaperr = SOAPpy.parseSOAPRPC(error.value.response)
+ except:
+ pass
+ if isinstance(soaperr, SOAPpy.Error):
+ print 'SOAP Exception:', soaperr.faultcode, soaperr.faultstring
+ fs = getattr(soaperr, 'detail', None)
+ if fs:
+ print fs
+ else:
+ print 'Unknown error:', error.value
+ print error.value.response
+ twisted.internet.reactor.stop()
+
+#import sys
+#import twisted.python.log
+#twisted.python.log.startLogging(sys.stdout)
+proxy = FlexProxy('https://localhost:8888/'+0*'unix:///tmp/dak.sock')
+proxy.callRemote('test', sslContextFactory=CtxFactory(), s='hello').addCallbacks(printValue, printError)
+twisted.internet.reactor.run()
diff --git a/twisted-demo/dakworker.py b/twisted-demo/dakworker.py
new file mode 100644
index 0000000..b1fcf59
--- /dev/null
+++ b/twisted-demo/dakworker.py
@@ -0,0 +1,25 @@
+#!/usr/bin/python
+# (c) 2008 Thomas Viehmann, GPLv2 or later
+
+class DakError(Exception):
+ """generic exception class, SOAP knows how to pass this on"""
+ def __init__(self, typ='Server', msg='Error', code=500):
+ Exception.__init__(self, typ+': '+msg)
+ self.typ = typ
+ self.msg = msg
+ self.code = code
+
+class DakWorker(object):
+ """the worker object actually doing something should hook here
+ presently, we don't do much.
+ credentials will be (METHOD, user) with METHOD 'unix' or 'ssl'
+ and user either unix username or SSL cert CN"""
+ def do_test(self, credentials, args):
+ #request = nevow.inevow.IRequest(context)
+ return ["test", args.get('s','')]
+ def dispatch(self, credentials, command, args):
+ function = getattr(self, 'do_%s'%command, None)
+ if not function:
+ raise DakError(typ='Client', msg='Method %s not found'%command , status=500)
+ # acl-check here?
+ return function(credentials, args)
diff --git a/twisted-demo/netserver.py b/twisted-demo/netserver.py
new file mode 100755
index 0000000..d983e95
--- /dev/null
+++ b/twisted-demo/netserver.py
@@ -0,0 +1,91 @@
+#!/usr/bin/python
+# (c) 2008 Thomas Viehmann, GPLv2 or later
+import twisted.internet.reactor
+import nevow.appserver, nevow.inevow
+import twisted.web.soap, twisted.web.server
+import twisted.internet.defer, twisted.internet.address
+import SOAPpy
+import OpenSSL
+
+import os_util
+import dakworker
+
+class SCtxFactory:
+ """SSL Server Context Factory, checks certificates"""
+ def _verify(self, connection, x509, errnum, errdepth, ok):
+ if not ok: print 'invalid cert from subject:', x509.get_subject()
+ return ok
+
+ def getContext(self):
+ ctx = OpenSSL.SSL.Context(OpenSSL.SSL.TLSv1_METHOD)
+ ctx.load_client_ca('certs/dummy-ca.pem')
+ ctx.load_verify_locations('certs/dummy-ca.pem')
+ ctx.use_certificate_file('certs/dummy-server.pem')
+ ctx.use_privatekey_file('certs/dummy-server.key')
+ ctx.set_verify(OpenSSL.SSL.VERIFY_PEER | OpenSSL.SSL.VERIFY_FAIL_IF_NO_PEER_CERT,
+ self._verify)
+ return ctx
+
+class DakSOAP(twisted.web.soap.SOAPPublisher):
+ def __init__(self, worker):
+ twisted.web.soap.SOAPPublisher.__init__(self)
+ self.worker = worker
+
+ def render(self, request):
+ """Handle a SOAP command, mainly by verifying who we are talking to
+ and then calling dispatch"""
+ data = request.content.read()
+ if isinstance(request.transport.getPeer(), twisted.internet.address.UNIXAddress):
+ credentials = os_util.getcreds(request.transport.socket)
+ elif getattr(request.transport,'TLS',0):
+ cn = None
+ cert = request.transport.getPeerCertificate()
+ if cert:
+ cn = getattr(cert.get_subject(), 'CN',None)
+ if not cn:
+ raise Exception("Permission denied")
+ credentials = ('ssl',cn)
+ else:
+ raise Exception("Unwanted Transport")
+ # deal with changes in SOAPpy 0.11
+ p, header, body, attrs = SOAPpy.parseSOAPRPC(data, 1, 1, 1)
+ methodName, kwargs, ns = p._name, p._asdict, p._ns
+ if callable(kwargs):
+ kwargs = kwargs()
+ keywords = {}
+ for k, v in kwargs.items():
+ keywords[str(k)] = v
+
+ d = twisted.internet.defer.maybeDeferred(
+ self.dispatch, credentials, methodName, kwargs)
+ d.addCallback(self._gotResult, request, methodName)
+ d.addErrback(self._gotError, request, methodName)
+ return twisted.web.server.NOT_DONE_YET
+ def _gotError(self, failure, request, methodName):
+ """pass error as SOAP"""
+ if isinstance(failure.value, dakworker.DakError):
+ failure = failure.value
+ else:
+ failure = dakworker.DakError (typ='Server', msg=str(failure.value), code=500)
+ fault = SOAPpy.faultType('%s:%s'%(SOAPpy.NS.ENV_T,failure.typ),
+ str(failure.msg))
+ response = SOAPpy.buildSOAP(fault,
+ encoding=self.encoding,
+ config=SOAPpy.Config)
+ self._sendResponse(request, response, status=failure.code)
+
+ def dispatch(self, credentials, methodName, args):
+ """dispatch to the worker instance (see dakworker.DakWorker)"""
+ return self.worker.dispatch(credentials, methodName, args)
+
+
+#import sys
+#import twisted.python.log
+#twisted.python.log.startLogging(sys.stdout)
+
+root = DakSOAP(dakworker.DakWorker())
+site = twisted.web.server.Site(root)
+twisted.internet.reactor.listenSSL(8888, site, SCtxFactory(), interface='localhost')
+twisted.internet.reactor.listenUNIX('/tmp/dak.sock', site)
+
+twisted.internet.reactor.run()
diff --git a/twisted-demo/os_util.py b/twisted-demo/os_util.py
new file mode 100644
index 0000000..31c9590
--- /dev/null
+++ b/twisted-demo/os_util.py
@@ -0,0 +1,9 @@
+#!/usr/bin/python
+
+import IN, socket, struct, pwd
+
+def getcreds(sock):
+ """auxiliary class to get credentials of socket counterpart"""
+ pid, uid, gid = struct.unpack('3i', sock.getsockopt(
+ socket.SOL_SOCKET, IN.SO_PEERCRED, struct.calcsize('3i')))
+ return ('unix', pwd.getpwuid(uid).pw_name)
--
1.5.6.5
Reply to: