From 5009f2c227ab55d70022f24f7f32299e26fd11ea Mon Sep 17 00:00:00 2001
From: "Kali Kaneko (leap communications)" <kali@leap.se>
Date: Thu, 27 Apr 2017 19:13:22 +0200
Subject: [feature] streamline and move manhole into core

---
 src/leap/bitmask/core/service.py | 32 +++++++++++++++++++++++++++++++-
 1 file changed, 31 insertions(+), 1 deletion(-)

(limited to 'src/leap/bitmask/core/service.py')

diff --git a/src/leap/bitmask/core/service.py b/src/leap/bitmask/core/service.py
index 2972a51c..314c8899 100644
--- a/src/leap/bitmask/core/service.py
+++ b/src/leap/bitmask/core/service.py
@@ -20,18 +20,22 @@ Bitmask-core Service.
 import json
 import os
 import uuid
+import tempfile
 try:
     import resource
 except ImportError:
     pass
 
+from twisted.conch import manhole_tap
 from twisted.internet import reactor
+from twisted.internet.endpoints import TCP4ServerEndpoint
 from twisted.logger import Logger
 
 from leap.bitmask import __version__
 from leap.bitmask.core import configurable
-from leap.bitmask.core import _zmq
+from leap.bitmask.core import manhole
 from leap.bitmask.core import flags
+from leap.bitmask.core import _zmq
 from leap.bitmask.core import _session
 from leap.bitmask.core.web.service import HTTPDispatcherService
 from leap.bitmask.vpn.service import VPNService
@@ -80,6 +84,15 @@ class BitmaskBackend(configurable.ConfigurableService):
         def enabled(service):
             return self.get_config('services', service, False, boolean=True)
 
+        def with_manhole():
+            user = self.get_config('manhole', 'user', None)
+            passwd = self.get_config('manhole', 'passwd', None)
+            port = self.get_config('manhole', 'port', None)
+            if user and passwd:
+                conf = {'user': user, 'passwd': passwd, 'port': port}
+                return conf
+            return None
+
         on_start = reactor.callWhenRunning
 
         on_start(self.init_events)
@@ -102,6 +115,10 @@ class BitmaskBackend(configurable.ConfigurableService):
         if enabled('websockets'):
             on_start(self._init_websockets)
 
+        manholecfg = with_manhole()
+        if manhole:
+            on_start(self._init_manhole, manholecfg)
+
     def _touch_token_file(self):
         path = os.path.join(self.basedir, 'authtoken')
         with open(path, 'w') as f:
@@ -209,6 +226,19 @@ class BitmaskBackend(configurable.ConfigurableService):
             service.setServiceParent(self)
         return service
 
+    def _init_manhole(self, cfg):
+        try:
+            port = int(cfg.get('port'))
+        except ValueError:
+            port = manhole.PORT
+        user, passwd = cfg['user'], cfg['passwd']
+        sshFactory = manhole.getManholeFactory(
+            {'core': self}, user, passwd)
+        endpoint = TCP4ServerEndpoint(reactor, port)
+        endpoint.listen(sshFactory)
+
+        log.info('Started manhole in PORT {0!s}'.format(port))
+
     def do_stats(self):
         return self.core_commands.do_stats()
 
-- 
cgit v1.2.3