dejsem.1.5/python/dejsem.pycharm/node.py
changeset 0 676905a3b03c
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/dejsem.1.5/python/dejsem.pycharm/node.py	Wed Nov 27 09:50:16 2019 +0100
@@ -0,0 +1,445 @@
+# coding=utf8
+
+import sys, os, ssl, time, socket, errno, signal
+from Crypto.Cipher import DES3
+from d import D
+from parms import Parms
+
+
+class Node():
+
+	class AllPortsBusy(Exception):
+		"""všechny TCP porty pro server longtasks nebo pro peering jsou obsazeny"""
+
+	blocking = True   # select mode zatím není implementovaný
+	useSSLContext = False
+	ctx = None
+	UDPbroadcastGO = False
+
+	def __init__(self, d, chan=Parms.sslchannel, host=Parms.srvhost, port=None, conn=True, tryPort=True, peering=False):
+		self._issl = Parms.ssl
+		self._chan = chan
+		self._bindhost = host
+		self._baseport = Parms.baseport + (self._chan * 10) + (0 if self._issl else 1)
+		self._minport = self._baseport + 1
+		self._maxport = self._baseport + 9
+		self._baseid = "netnode {}SSL".format("" if self._issl else "non")
+		self.d = D("{} {}".format(d.debid, self._baseid))
+		self._srv_side = None
+		self._UDPpasswd = "heslo"
+		self._UDPbroadcast_addr = Parms.broadcast
+		self._UDPbroadcast_port = Parms.udpport
+		self._UDP_key = "PEER_IP"
+		self._UDPbroadcastGO = False
+		self.sslContext()
+		if conn:			# TCP connect
+			if peering:
+				host, port = self.get_peerport()
+			self.conn(host=host, port=port)
+		else:				# socket bind
+			if tryPort:		# hledej volný port
+				self.bindtrynext(self._bindhost)
+				if peering: self.send_peerport()
+			else:			# zkus bind a případně čekej na uvolnění
+				self.bindwait(self._bindhost)
+
+
+	def get(self, size):
+		try:
+			if self.d.ll(5): self.d.log("get data from scfile...")
+			data = self._scfile.read(size)
+			if self.d.ll(5): self.d.log("{} bytes read".format(len(data)))
+			return data
+		except Exception as e:
+				self.d.abend("read from socket", e)
+				return -1
+
+
+	def genget(self, size=-1):
+		rest = size
+		while rest != 0:
+			n = rest if 0 < rest < Parms.bufSize else Parms.bufSize
+			data = self.get(n)
+			r = len(data)
+			if r < 1: break
+			rest = rest - r
+			yield data
+
+	def getnum(self):
+		b = self._scfile.read(12).decode()
+		num = int(b) if b else -2   # -2 = EOD, -1 = directory, 0 and higher = data size
+		if self.d.ll(5): self.d.log("getnum, got {:012d} (-2 means EOD)".format(num))
+		return num
+
+	def getstr(self, decode = True):
+		lb = self.getnum()
+		if lb < 1:
+			return ""
+		else:
+			_data = self._scfile.read(int(lb))
+			return _data.decode() if decode else _data
+
+	def getfn(self):
+		return self.getstr()
+
+	def getcmd(self):
+		try:
+			return self._scfile.read(8).decode().rstrip('_')
+		except Exception as e:
+			if isinstance(e, socket.timeout):
+				if self.d.ll(4): self.d.log("getcmd timeout")
+			else:
+				self.d.log("I/O err: {}".format(e))
+			return ""
+
+	def receive_dir(self, fp, size, timestamp):
+		os.makedirs(fp, exist_ok=True)
+		os.utime(fp, (timestamp, timestamp))
+		return True
+
+	def receive_file(self, fp, size, timestamp, counter=None):
+		if os.path.dirname(fp): os.makedirs(os.path.dirname(fp), exist_ok=True)
+		tempfp = fp + ".dejsem.partX"
+		with open(tempfp, mode='w+b') as f:
+			for data in self.genget(size = size):
+				if counter: counter.update(len(data))
+				f.write(data)
+		if os.path.getsize(tempfp) == size:
+			os.rename(tempfp, fp)
+			os.utime(fp, (timestamp, timestamp))
+		return True
+
+	def receive_stream(self, fp, size, counter=None):
+		if os.path.dirname(fp): os.makedirs(os.path.dirname(fp), exist_ok=True)
+		tempfp = fp + ".{}.partX".format(Parms.applName)
+		with open(tempfp, mode='w+b') as f:
+			for data in self.genget(size = size):
+				if counter: counter.update(len(data))
+				f.write(data)
+		if os.path.getsize(tempfp) == size:
+			os.rename(tempfp, fp)
+		return True
+
+	def put(self, data):
+		if self.d.ll(5): self.d.log("PUT: data len={}, sending...".format(len(data)))
+		try:
+			l = self._scfile.write(data)
+			if self.d.ll(5): self.d.log("PUT: data len={}, sent".format(l))
+			self._scfile.flush()
+		except Exception as e:
+				self.d.abend("send err", e)
+				return False
+		return True
+
+	def genput(self):
+		try:
+			while True:
+				data = yield None
+				self.put(data)
+		except Exception as e:
+			self.d.abend("write to socket", e)
+			raise e
+		finally:
+			self._scfile.flush()
+
+	def sendEOD(self):
+		self.putnum(0)
+
+	def putnum(self, n):
+		if self.d.ll(5): self.d.log("putnum, num={:012d}".format(n))
+		self._scfile.write(bytes("{:012d}".format(n), "utf8"))
+		self._scfile.flush()
+
+	def putstr(self, fn):
+		b = bytes(str(fn), "utf8")
+		self.putnum(len(b))
+		if self.d.ll(5): self.d.log("putstr, string={}".format(fn))
+		self._scfile.write(b)
+		self._scfile.flush()
+
+	def putcmd(self, act):
+		if self.d.ll(3): self.d.log("action: " + act)
+		# self._node.payload.data = bytes("{}".format(act), "utf8")
+		self.put(bytes("{}".format(act.ljust(8, '_')), "utf8"))
+
+	def sendport(self, port):
+		"""send dynamically allocated port to client"""
+		self.putnum(port)
+
+	def putfileinfo(self, fp, relfp):
+		if self.d.ll(5): self.d.log("putfileinfo fp={}, relfp={}...".format(fp, relfp))
+		self.putstr(relfp)
+		size = os.path.getsize(fp) if os.path.isfile(fp) else -1
+		self.putnum(size)
+		timestamp = int(os.path.getmtime(fp)) if os.path.exists(fp) else 0
+		self.putnum(timestamp)
+		if self.d.ll(4): self.d.log("fileinfo sent: fn={}, size={}, timestamp={}".format(relfp, size, timestamp))
+
+	def digest(self):
+		return self.data if len(self.data) < 24 else self.data[0:8].decode() + "--------" + self.data[-8:].decode()
+
+	def sslContext(self):
+		if self._issl:
+			if Node.useSSLContext:
+				if not Node.ctx:
+					if self.d.ll(4): self.d.log(
+						"setting SSL context: certfile={}, capath={}...".format(Parms.sslCert, Parms.sslCAPath))
+					try:
+						Node.ctx = ssl.SSLContext(ssl.PROTOCOL_TLSv1)	# PROTOCOL_SSLv23
+						Node.ctx.verify_mode = ssl.CERT_REQUIRED  		# CERT_REQUIRED	| CERT_OPTIONAL	| CERT_NONE
+						Node.ctx.load_cert_chain(Parms.sslCert)
+						Node.ctx.load_verify_locations(None, Parms.sslCAPath)
+					except ssl.SSLError as e:
+						self.d.abendHard("SSL context", e)
+
+	def getssc(self):
+		try:
+			ssc = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
+			ssc.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
+		except Exception as e:
+			self.d.abendHard("ssc alloc", e)
+		if self._issl:
+			try:
+				if Node.useSSLContext:
+					ssc = Node.ctx.wrap_socket(ssc, server_side=True)
+				else:
+					ssc = ssl.wrap_socket(
+						ssc,
+						certfile=Parms.sslCert,
+						ca_certs=Parms.sslCAPath,
+						server_side=True,
+						cert_reqs=ssl.CERT_REQUIRED,
+						ssl_version=ssl.PROTOCOL_TLSv1)
+			except ssl.SSLError as e:
+				self.d.abendHard("ssc SSL wrap", e)
+		return ssc
+
+	def bindwait(self, host):
+		port = self._baseport
+		self.d.log("binding to {}:{}".format(host, port))
+		ssc = self.getssc()
+		tries = 0
+		while True:
+			try:
+				ssc.bind((host, port))
+				break
+			except Exception as e:
+				if e.strerror == "Address already in use":
+					if not tries: self.d.log("Address {}:{} already in use, waiting 10 secs...".format(host, port))
+					tries = tries + 1 if tries < 77 else 0
+					try:
+						time.sleep(10)
+					except KeyboardInterrupt:
+						raise
+					continue
+				self.d.abendHard("bind", e)
+			except KeyboardInterrupt:
+				raise
+		ssc.listen(1)
+		if self.d.ll(2): self.d.log("bound to {}:{}".format(host, port))
+		self._ssc = ssc
+		self.port = port
+		return ssc
+
+	def bindtrynext(self, host):
+		for port in range(self._minport, self._maxport + 1):
+			if self.d.ll(4): self.d.log("trying to bind to {}:{}...".format(host, port))
+			try:
+				ssc = self.getssc()
+				ssc.bind((host, port))
+				ssc.listen(1)
+				break
+			except Exception as e:
+				if e.strerror == "Address already in use":
+					if port < self._maxport:
+						continue
+					raise Node.AllPortsBusy
+				self.d.abend("bind", e)
+		if self.d.ll(2): self.d.log("bound to {}:{}".format(host, port))
+		self._ssc = ssc
+		self.port = port
+		return (ssc, port)
+
+	def send_peerport(self):
+		"""UDP broadcast host:port pair for peer"""
+		ipport = "{:012d}{}{:012d}{}{:012d}".format(len(self._UDP_key), self._UDP_key, len(self._bindhost), self._bindhost, self.port)
+
+		c = DES3.new(self.rawKey(self._UDPpasswd, 24), DES3.MODE_ECB)
+		data = ipport.encode()
+		enc = c.encrypt(data + b' ' * (8 - len(data) % 8))
+		if self.d.ll(4): self.d.log("len=%d, enc=[%s]" % (len(enc), enc.hex()))
+		s = socket.socket(type=socket.SOCK_DGRAM)
+		s.setsockopt(socket.SOL_SOCKET, socket.SO_BROADCAST, 1)
+		a = (self._UDPbroadcast_addr, self._UDPbroadcast_port)
+		if self.d.ll(4): self.d.log("start udp sending to {}:{}: {}".format(self._UDPbroadcast_addr, Parms.udpport, data.decode()))
+
+		pid = os.fork()
+		if pid: self._UDPbroadcastPID = pid
+		else:
+			self.UDPbroadcastGO = True
+			signal.signal(signal.SIGHUP, self.UDPstop)
+			signal.pthread_sigmask(signal.SIG_UNBLOCK, {signal.SIGHUP})
+			retries = 777
+			while retries > 0 and self.UDPbroadcastGO:
+				s.sendto(enc, a)
+				time.sleep(1)
+				retries -= 1
+			sys.exit(0)
+
+	def get_peerport(self):
+		"""get peer host:port pair broadcasted by peer via UDP"""
+		c = DES3.new(self.rawKey(self._UDPpasswd, 24), DES3.MODE_ECB)
+		s = socket.socket(type=socket.SOCK_DGRAM)
+		a = ('', self._UDPbroadcast_port)
+		if self.d.ll(4): self.d.log("binding to udp-port {}:{}".format(a[0], a[1]))
+		s.bind(a)
+		s.setsockopt(socket.SOL_SOCKET, socket.SO_BROADCAST, 1)
+		while True:
+			(dataBytes, (ip, port)) = s.recvfrom(512)
+			try:	# ignore bad dgrams
+				data = c.decrypt(dataBytes).decode().strip() if Parms.ssl else dataBytes.decode()
+			except: continue
+			if self.d.ll(5): self.d.log("datalen={}, data={}".format(len(data), data))
+			strlen = int(data[:12])
+			key = data[12:12+strlen]
+			if not key == self._UDP_key: continue
+			data = data[12+strlen:]
+			strlen = int(data[:12])
+			host = data[12:12+strlen]
+			port = int(data[12+strlen:])
+			if self.d.ll(4): self.d.log("peer listening on {}:{}".format(host, port))
+			return (host, port)
+
+	def rawKey(self, passwd, keylen):
+		key = b''
+		while len(key) < keylen:
+			key = key + passwd.encode()
+		return key[:keylen]
+
+	def UDPstop(self, sign, frame):
+		self.UDPbroadcastGO = False
+
+	def UDPsignalHUP(self):
+		os.kill(self._UDPbroadcastPID, signal.SIGHUP)		# stop UDP broadcast
+
+	def acc(self, acc_TO=Parms.peer_accept_timeout):
+		if self.d.ll(4): self.d.log("accepting on {} ...".format(self.port))
+		self._ssc.settimeout(acc_TO)
+		try:
+			self._sc, (froma, fromp) = self._ssc.accept()
+		except KeyboardInterrupt:
+			if self.d.ll(4): self.d.log("KeyboardInterrupt")
+			raise
+		except Exception as e:
+			self.d.abend("accept", e)
+			return False
+		# fileno = self._sc.fileno()
+		if self.d.ll(2): self.d.log("conn request on {}SSL port {} from {}:{}"
+								.format("" if self._issl else "non", self.port, froma, fromp))
+		if Node.blocking:
+			self._sc.settimeout(Parms.blockTimeout)
+		else:   # select mode není zatím implementovaný
+			self._srv_side[self._sc] = self._sc
+			if self.d.ll(3): self.d.log("srv side={}".format(*(sc.fileno() for sc in self._srv_side.values())))
+		accepted = False
+		commonName = "nonSSL"
+		certSubject = {}
+		if self._chan > 0 and self._issl:
+			certSubject.update(i for (i,) in self._sc.getpeercert()['subject'])
+			self.d.log("client certificate subject:", certSubject, sev=4)
+			if "commonName" in certSubject: commonName = certSubject["commonName"]
+			if commonName == "{:02d}".format(self._chan): accepted = True
+			# alternativa
+			# for ((key, value),) in sc.getpeercert().get("subject"):
+			# 	if key == "commonName":
+			# 		commonName = value
+			# 		if commonName == "{:02d}".format(self._chan): accepted = True
+		else:
+			accepted = True
+		if self.d.ll(2): self.d.log("client {} {}".format(certSubject["commonName"], "accepted" if accepted else "rejected"))
+		try:
+			self._scfile = self._sc.makefile("rwb")
+		except Exception as e:
+			self.d.abendMsg("socket-makefile", e=e)
+			self.close_sc()
+			return False
+		if accepted:
+			try:
+				if self.d.ll(4): self.d.log("confirming accept")
+				self._scfile.write(b"ACCEPTED")
+				self._scfile.flush()
+				return True
+			except Exception as e:
+				self.d.abendMsg("send confirm", e=e)
+				self.close_sc()
+				return False
+		else:	
+			self._scfile.write(b"REJECTED")
+			self.close_sc()
+		return False
+
+	def conn(self, host=Parms.srvhost, port=None):
+		if not port: port = self._baseport
+		if self.d.ll(4): self.d.log("connecting to {}:{}...".format(host, port))
+		try:
+			self._sc = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
+		except Exception as e:
+			self.d.abend("socket alloc", e)
+		if self._issl:
+			if self.d.ll(4): self.d.log("sc SSL wrap, homedir={}, certfile={}, ca_certs={}"
+									.format(os.getcwd(), Parms.sslCert, Parms.sslCAPath))
+			try:
+				if Node.useSSLContext:
+					self._sc = Node.ctx.wrap_socket(self._sc)
+				else:
+					self._sc = ssl.wrap_socket(
+						self._sc,
+						certfile=Parms.sslCert,
+						ca_certs=Parms.sslCAPath,
+						cert_reqs=ssl.CERT_REQUIRED,
+						ssl_version=ssl.PROTOCOL_TLSv1)
+			except Exception as e:
+				self.d.abend("sc SSL wrap", e)
+		retry = Parms.connThreshold
+		connected = False
+		while not connected and retry > 0:
+			try:
+				self._sc.connect((host, port))
+				connected = True
+			except Exception as e:
+				if e.errno == errno.ECONNREFUSED:
+					retry = retry - 1
+					time.sleep(Parms.connTimeout)
+				else:
+					self.d.abend("connect to {}".format(host), e)
+		if retry == 0: self.d.abend("connection to {} refused, threshold {} reached".format(host, Parms.connThreshold), None)
+		fileno = self._sc.fileno()
+		if Node.blocking: self._sc.settimeout(Parms.blockTimeout)
+		try:
+			self._scfile = self._sc.makefile("rwb")
+		except Exception as e:
+			self.d.abend("connect makefile", e)
+		try:
+			if self._scfile.read(8) != b"ACCEPTED": self.d.abend("connection not accepted by server", None)
+		except Exception as e:
+			self.d.abend("read socket", e)
+		if self.d.ll(2): self.d.log("connected to {}:{} after {} retries, via fd {}"
+									.format(host, port, Parms.connThreshold - retry, fileno))
+
+	def close_sc(self):
+		if self.d.ll(4): self.d.log("closing socket...")
+		try:
+			if hasattr(self, '_scfile'): self._scfile.close()
+			if hasattr(self, '_sc'): self._sc.close()
+		except Exception as e:
+			self.d.abend("closing socket", e)
+
+	def close_ssc(self):
+		if self.d.ll(4): self.d.log("closing SSL socket...")
+		if hasattr(self, "_ssc"):
+			try: self._ssc.close()
+			except Exception as e: self.d.abend("closing SSL socket", e)
+
+	def close(self):
+		self.close_sc()
+		self.close_ssc()