diff options
author | Roald de Vries <rdevries@thoughtworks.com> | 2016-09-15 16:46:26 +0200 |
---|---|---|
committer | Roald de Vries <rdevries@thoughtworks.com> | 2016-09-21 14:43:32 +0200 |
commit | a0c7e634643255bec02f8f44285d44933b4c4c3d (patch) | |
tree | e4f6241397f425c9a8133bce2a3d7805d25b9ac2 /service/pixelated | |
parent | 553c228924f1c9d2524765d46ec326e6f5eae082 (diff) |
allow ssh for manhole
Diffstat (limited to 'service/pixelated')
-rw-r--r-- | service/pixelated/application.py | 33 |
1 files changed, 18 insertions, 15 deletions
diff --git a/service/pixelated/application.py b/service/pixelated/application.py index 7e97ee74..8c65586a 100644 --- a/service/pixelated/application.py +++ b/service/pixelated/application.py @@ -22,8 +22,9 @@ from OpenSSL import crypto from leap.common.events import (server as events_server, register, catalog as events) from leap.soledad.common.errors import InvalidAuthTokenError +from twisted.conch import manhole_tap from twisted.cred import portal -from twisted.cred.checkers import AllowAnonymousAccess +from twisted.cred.checkers import AllowAnonymousAccess, FilePasswordDB from twisted.internet import defer from twisted.internet import reactor from twisted.internet import ssl @@ -192,21 +193,23 @@ def _start_in_single_user_mode(args, resource, services_factory): def start_site(config, resource): log.info('Starting the API on port %s' % config.port) if config.manhole: - MANHOLE_PORT = 8008 - log.info('Starting the manhole on port %s' % MANHOLE_PORT) - from twisted.conch import manhole, manhole_tap, telnet - from twisted.conch.insults import insults - from twisted.cred import portal, checkers - from twisted.internet.protocol import ServerFactory + log.info('Starting the manhole on port 8008') + passwdFile, namespace = 'passwd', globals() - telnetRealm = manhole_tap._StupidRealm(telnet.TelnetBootstrapProtocol, - insults.ServerProtocol, - manhole.ColoredManhole, - namespace) - telnetPortal = portal.Portal(telnetRealm, [checkers.FilePasswordDB(passwdFile)]) - telnetFactory = ServerFactory() - telnetFactory.protocol = manhole_tap.makeTelnetProtocol(telnetPortal) - reactor.listenTCP(MANHOLE_PORT, telnetFactory) + checker = FilePasswordDB(passwdFile) + + multiService = manhole_tap.makeService(dict(namespace=globals(), + telnetPort='8008', + sshPort='8009', + sshKeyDir='sshKeyDir', + sshKeyName='id_rsa', + sshKeySize=4096, + passwd='passwd')) + telnetService, sshService = multiService.services + sshFactory = sshService.factory + + reactor.listenTCP(8009, sshFactory) + if config.sslkey and config.sslcert: reactor.listenSSL(config.port, PixelatedSite(resource), _ssl_options(config.sslkey, config.sslcert), interface=config.host) |