[hippotat] / server

#!/usr/bin/python3

import twisted

import twisted.web.server import Site
from twisted.web.resource import Resource
from twisted.web.server import NOT_DONE_YET
from twisted.internet import reactor

from optparse import OptionParser
from configparser import ConfigParser
from configparser import NoOptionError
import ipaddress

import collections

import syslog

clients = { }

def ipaddress(input):
  try:
    r = ipaddress.IPv4Address(input)
  except AddressValueError:
    r = ipaddress.IPv6Address(input)
  return r

def ipnetwork(input):
  try:
    r = ipaddress.IPv4Network(input)
  except NetworkValueError:
    r = ipaddress.IPv6Network(input)
  return r

defcfg = '''
[DEFAULT]
max_batch_down = 65536
max_queue_time = 10
max_request_time = 54

[virtual]
mtu = 1500
# network
# [host]
# [relay]

[server]
ipif = userv root ipif %(host),%(relay),%(mtu),slip %(network)

[limits]
max_batch_down = 262144
max_queue_time = 121
max_request_time = 121
'''

class IpifProcessProtocol(twisted.internet.protocol.ProcessProtocol):
  def __init__(self):
    self._buffer = b''
  def connectionMade(self): pass
  def outReceived(self, data):
    buffer += data
    packets = slip_decode(buffer)
    buffer = packets.pop()
    for packet in packets:
      (saddr, daddr) = packet_addrs(packet)
      route(packet, daddr)

def start_ipif():
  reactor.spawnProcess(IpifProcessProtocol(),
                       '/bin/sh',['-c', ipif_command],
                       childFDs={0:'w', 1:'r', 2:2})

def log_discard(packet, saddr, daddr, why):
  syslog.syslog(syslog.LOG_DEBUG,
                'discarded packet %s -> %s (%s)' % (saddr, daddr, why))

def route(packet. daddr):
  try: client = clients[daddr]
  except KeyError: dclient = None
  if dclient is not None:
    dclient.queue_outbound(packet)
  else if daddr = host or daddr not in network:
    queue_inbound(packet)
  else if daddr = relay:
    log_discard(packet, saddr, daddr, 'relay')
  else:
    log_discard(packet, saddr, daddr, 'no client')

class Client():
  def __init__(self, ip, cs):
    # instance data members
    self._ip = ip
    self._cs = cs
    self.pw = cfg.get(cs, 'password')
    self._rq = collections.deque() # requests
    self._pq = collections.deque() # packets
    # plus from config:
    #  .max_batch_down
    #  .max_queue_time
    #  .max_request_time
    for k in ('max_batch_down','max_queue_time','max_request_time'):
      req = cfg.getint(cs, k)
      limit = cfg.getint('limits',k)
      self.__dict__[k] = min(req, limit)

    def process_arriving_data(self, d):
      for packet in slip_decode(d):
        (saddr, daddr) = packet_addrs(packet)
        if saddr != self._ip:
          raise ValueError('wrong source address %s' % saddr)
        route(packet, daddr)

    def _req_cancel(self, request):
      request.finish()

    def _req_error(self, err, request):
      self._req_cancel(request)

    def queue_outbound(self, packet):
      self._pq.append((time.monotonic(), packet))

    def http_request(self, request):
      request.setHeader('Content-Type','application/octet-stream')
      reactor.callLater(self.max_request_time, self._req_cancel, request)
      request.notifyFinish().addErrback(self._req_error, request)
      self._rq.append(request)
      self._check_outbound()

    def _check_outbound(self):
      while True:
        try: request = self._rq[0]
        except IndexError: request = None
        if request and request.finished:
          self._rq.popleft()
          continue

        # now request is an unfinished request, or None
        try: (queuetime, packet) = self._pq[0]
        except: IndexError:
          # no packets, oh well
          break

        age = time.monotonic() - queuetime
        if age > self.max_queue_time:
          self._pq.popleft()
          continue

        if request is None:
          # no request
          break

        # request, and also some non-expired packets
        while True:
          try: (dummy, packet) = self._pq[0]
          except IndexError: break

          encoded = slip_encode(packet)
          
          if request.sentLength > 0:
            if (request.sentLength + len(slip_delimiter)
                + len(encoded) > self.max_batch_down):
              break
            request.write(slip_delimiter)

          request.write(encoded)
          self._pq.popLeft()

        assert(request.sentLength)
        self._rq.popLeft()
        request.finish()
        # round again, looking for more to do

def process_cfg():
  global network
  global host
  global relay
  global ipif_command

  network = ipnetwork(cfg.get('virtual','network'))
  if network.num_addresses < 3 + 2:
    raise ValueError('network needs at least 2^3 addresses')

  try:
    host = cfg.get('virtual','host')
  except NoOptionError:
    host = network.hosts().next()

  try:
    relay = cfg.get('virtual','relay')
  except OptionError:
    for search in network.hosts():
      if search = host: continue
      relay = search
      break

  for cs in cfg.sections():
    if not (':' in cs or '.' in cs): continue
    ci = ipaddress(cs)
    if ci not in network:
      raise ValueError('client %s not in network' % ci)
    if ci in clients:
      raise ValueError('multiple client cfg sections for %s' % ci)
    clients[ci] = Client(ci, cs)

  iic_vars = { }
  for k in ('host','relay','mtu','network'):
    iic_vars[k] = globals()[k]

  ipif_command = cfg.get('server','ipif', vars=iic_vars)

class FormPage(Resource):
  def render_POST(self, request):
    # find client, update config, etc.
    ci = ipaddress(request.args['i'])
    c = clients[ci]
    pw = request.args['pw']
    if pw != c.pw: raise ValueError('bad password')

    # update config
    for r, w in (('mbd', 'max_batch_down'),
                 ('mqt', 'max_queue_time'),
                 ('mrt', 'max_request_time')):
      try: v = request.args[r]
      except KeyError: continue
      v = int(v)
      c.__dict__[w] = v

    try: d = request.args['d']
    except KeyError: d = ''

    c.process_arriving_data(d)
    c.new_request(request)

def startup():
  op = OptionParser()
  op.add_option('-c', '--config', dest='configfile',
                default='/etc/hippottd/server.conf')
  global opts
  (opts, args) = op.parse_args()
  if len(args): op.error('no non-option arguments please')

  cfg = ConfigParser()
  cfg.read_string(defcfg)
  cfg.read_file(opts['configfile'])
  process_cfg()

  start_ipif()
  start_http()
Commit	Line	Data
094ee3a2	1	#!/usr/bin/python3
3fba9787	2
5bae5ba3 IJ	3	import twisted
5bae5ba3 IJ	4
094ee3a2	5	import twisted.web.server import Site
3fba9787 IJ	6	from twisted.web.resource import Resource
	7	from twisted.web.server import NOT_DONE_YET
	8	from twisted.internet import reactor
	9
e75e9c17 IJ	10	from optparse import OptionParser
	11	from configparser import ConfigParser
	12	from configparser import NoOptionError
ec88b1f1	13	import ipaddress
3fba9787	14
0ac316c8 IJ	15	import collections
0ac316c8 IJ	16
c4b6d990 IJ	17	import syslog
c4b6d990 IJ	18
3fba9787 IJ	19	clients = { }
	20
	21	def ipaddress(input):
	22	try:
ec88b1f1	23	r = ipaddress.IPv4Address(input)
3fba9787	24	except AddressValueError:
ec88b1f1	25	r = ipaddress.IPv6Address(input)
3fba9787 IJ	26	return r
	27
	28	def ipnetwork(input):
	29	try:
ec88b1f1	30	r = ipaddress.IPv4Network(input)
3fba9787	31	except NetworkValueError:
ec88b1f1	32	r = ipaddress.IPv6Network(input)
3fba9787 IJ	33	return r
3fba9787 IJ	34
e75e9c17	35	defcfg = '''
094ee3a2 IJ	36	[DEFAULT]
	37	max_batch_down = 65536
	38	max_queue_time = 10
	39	max_request_time = 54
	40
e75e9c17 IJ	41	[virtual]
	42	mtu = 1500
	43	# network
	44	# [host]
	45	# [relay]
	46
	47	[server]
5bae5ba3	48	ipif = userv root ipif %(host),%(relay),%(mtu),slip %(network)
e75e9c17	49
094ee3a2 IJ	50	[limits]
	51	max_batch_down = 262144
	52	max_queue_time = 121
	53	max_request_time = 121
ec88b1f1 IJ	54	'''
ec88b1f1 IJ	55
5bae5ba3 IJ	56	class IpifProcessProtocol(twisted.internet.protocol.ProcessProtocol):
	57	def __init__(self):
	58	self._buffer = b''
	59	def connectionMade(self): pass
	60	def outReceived(self, data):
	61	buffer += data
	62	packets = slip_decode(buffer)
	63	buffer = packets.pop()
	64	for packet in packets:
	65	(saddr, daddr) = packet_addrs(packet)
	66	route(packet, daddr)
	67
	68	def start_ipif():
	69	reactor.spawnProcess(IpifProcessProtocol(),
	70	'/bin/sh',['-c', ipif_command],
	71	childFDs={0:'w', 1:'r', 2:2})
	72
	73	def log_discard(packet, saddr, daddr, why):
	74	syslog.syslog(syslog.LOG_DEBUG,
	75	'discarded packet %s -> %s (%s)' % (saddr, daddr, why))
	76
c4b6d990 IJ	77	def route(packet. daddr):
	78	try: client = clients[daddr]
	79	except KeyError: dclient = None
	80	if dclient is not None:
0ac316c8	81	dclient.queue_outbound(packet)
5bae5ba3	82	else if daddr = host or daddr not in network:
0ac316c8	83	queue_inbound(packet)
5bae5ba3 IJ	84	else if daddr = relay:
5bae5ba3 IJ	85	log_discard(packet, saddr, daddr, 'relay')
c4b6d990	86	else:
5bae5ba3	87	log_discard(packet, saddr, daddr, 'no client')
c4b6d990	88
ec88b1f1	89	class Client():
c4b6d990	90	def __init__(self, ip, cs):
ec88b1f1 IJ	91	# instance data members
	92	self._ip = ip
	93	self._cs = cs
	94	self.pw = cfg.get(cs, 'password')
0ac316c8 IJ	95	self._rq = collections.deque() # requests
0ac316c8 IJ	96	self._pq = collections.deque() # packets
c4b6d990 IJ	97	# plus from config:
	98	# .max_batch_down
	99	# .max_queue_time
	100	# .max_request_time
ec88b1f1 IJ	101	for k in ('max_batch_down','max_queue_time','max_request_time'):
ec88b1f1 IJ	102	req = cfg.getint(cs, k)
094ee3a2	103	limit = cfg.getint('limits',k)
c4b6d990 IJ	104	self.__dict__[k] = min(req, limit)
	105
	106	def process_arriving_data(self, d):
	107	for packet in slip_decode(d):
5bae5ba3	108	(saddr, daddr) = packet_addrs(packet)
c4b6d990 IJ	109	if saddr != self._ip:
	110	raise ValueError('wrong source address %s' % saddr)
	111	route(packet, daddr)
ec88b1f1	112
c4b6d990 IJ	113	def _req_cancel(self, request):
	114	request.finish()
	115
	116	def _req_error(self, err, request):
	117	self._req_cancel(request)
	118
0ac316c8	119	def queue_outbound(self, packet):
094ee3a2	120	self._pq.append((time.monotonic(), packet))
0ac316c8	121
c4b6d990 IJ	122	def http_request(self, request):
	123	request.setHeader('Content-Type','application/octet-stream')
	124	reactor.callLater(self.max_request_time, self._req_cancel, request)
	125	request.notifyFinish().addErrback(self._req_error, request)
0ac316c8 IJ	126	self._rq.append(request)
	127	self._check_outbound()
	128
	129	def _check_outbound(self):
	130	while True:
	131	try: request = self._rq[0]
	132	except IndexError: request = None
	133	if request and request.finished:
	134	self._rq.popleft()
	135	continue
	136
	137	# now request is an unfinished request, or None
	138	try: (queuetime, packet) = self._pq[0]
	139	except: IndexError:
	140	# no packets, oh well
094ee3a2 IJ	141	break
	142
	143	age = time.monotonic() - queuetime
	144	if age > self.max_queue_time:
	145	self._pq.popleft()
0ac316c8 IJ	146	continue
0ac316c8 IJ	147
094ee3a2 IJ	148	if request is None:
	149	# no request
	150	break
	151
	152	# request, and also some non-expired packets
	153	while True:
	154	try: (dummy, packet) = self._pq[0]
	155	except IndexError: break
	156
	157	encoded = slip_encode(packet)
	158
	159	if request.sentLength > 0:
	160	if (request.sentLength + len(slip_delimiter)
	161	+ len(encoded) > self.max_batch_down):
	162	break
	163	request.write(slip_delimiter)
	164
	165	request.write(encoded)
	166	self._pq.popLeft()
	167
	168	assert(request.sentLength)
	169	self._rq.popLeft()
	170	request.finish()
	171	# round again, looking for more to do
ec88b1f1	172
3fba9787 IJ	173	def process_cfg():
3fba9787 IJ	174	global network
e75e9c17 IJ	175	global host
e75e9c17 IJ	176	global relay
5bae5ba3	177	global ipif_command
3fba9787	178
ec88b1f1	179	network = ipnetwork(cfg.get('virtual','network'))
e75e9c17 IJ	180	if network.num_addresses < 3 + 2:
	181	raise ValueError('network needs at least 2^3 addresses')
	182
3fba9787	183	try:
e75e9c17 IJ	184	host = cfg.get('virtual','host')
	185	except NoOptionError:
	186	host = network.hosts().next()
	187
	188	try:
	189	relay = cfg.get('virtual','relay')
	190	except OptionError:
	191	for search in network.hosts():
	192	if search = host: continue
	193	relay = search
	194	break
3fba9787	195
ec88b1f1 IJ	196	for cs in cfg.sections():
	197	if not (':' in cs or '.' in cs): continue
	198	ci = ipaddress(cs)
	199	if ci not in network:
	200	raise ValueError('client %s not in network' % ci)
	201	if ci in clients:
	202	raise ValueError('multiple client cfg sections for %s' % ci)
	203	clients[ci] = Client(ci, cs)
3fba9787	204
5bae5ba3 IJ	205	iic_vars = { }
	206	for k in ('host','relay','mtu','network'):
	207	iic_vars[k] = globals()[k]
	208
	209	ipif_command = cfg.get('server','ipif', vars=iic_vars)
	210
3fba9787 IJ	211	class FormPage(Resource):
3fba9787 IJ	212	def render_POST(self, request):
ec88b1f1 IJ	213	# find client, update config, etc.
	214	ci = ipaddress(request.args['i'])
	215	c = clients[ci]
	216	pw = request.args['pw']
	217	if pw != c.pw: raise ValueError('bad password')
	218
	219	# update config
	220	for r, w in (('mbd', 'max_batch_down'),
	221	('mqt', 'max_queue_time'),
	222	('mrt', 'max_request_time')):
	223	try: v = request.args[r]
	224	except KeyError: continue
	225	v = int(v)
c4b6d990	226	c.__dict__[w] = v
ec88b1f1 IJ	227
	228	try: d = request.args['d']
	229	except KeyError: d = ''
	230
	231	c.process_arriving_data(d)
c4b6d990	232	c.new_request(request)
e75e9c17 IJ	233
	234	def startup():
	235	op = OptionParser()
	236	op.add_option('-c', '--config', dest='configfile',
	237	default='/etc/hippottd/server.conf')
	238	global opts
	239	(opts, args) = op.parse_args()
	240	if len(args): op.error('no non-option arguments please')
	241
	242	cfg = ConfigParser()
5bae5ba3 IJ	243	cfg.read_string(defcfg)
	244	cfg.read_file(opts['configfile'])
	245	process_cfg()
	246
	247	start_ipif()
	248	start_http()