moparisthebest
/
xmpp-ircd
mirror of https://github.com/moparisthebest/xmpp-ircd
1
0
Fork 0
Code Issues Releases Wiki Activity

Made logging go to syslog. -d flag now chooses whether to daemonize. Improved TLS settings

This commit is contained in:
Julien Picalausa 2015-05-24 18:07:59 +02:00
parent cd95dcf8c6
commit 30fb4500cf
1 changed files with 42 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

73
telepaatti.py
View File

@ -30,6 +30,8 @@ from threading import *
from xmpp import *
import getopt, sys
import daemon
import logging
import logging.handlers
import urllib
STATUSSTATES = ['AVAILABLE','CHAT', 'AWAY', 'XA', 'DND', 'INVISIBLE']
@ -66,7 +68,7 @@ class JabberThread(Thread):
class ClientThread(Thread):
""" ClientThread class for handling IRC and Jabber connections."""
def __init__(self,socket, port, server, muc_server, debug=False):
def __init__(self,socket, port, server, muc_server):
"""Constructor for ClientThread class
@type socket: socket
@ -108,8 +110,8 @@ class ClientThread(Thread):
self.xmppSem = BoundedSemaphore(value=1)
# if set to True debug messages are printed to sdt out
self.debug = debug
self.logger = logging.getLogger("logger")
self.logger.addHandler(logging.handlers.SysLogHandler(address = '/var/run/log'))
def printError(self, msg):
"""Error message printing for std out
@ -117,9 +119,7 @@ class ClientThread(Thread):
@type msg: string
@param msg: error message
"""
dt = "%s" % datetime.datetime.now()
dt = dt[:-7]
print "ERROR: [%s] %s" % (dt, msg)
self.logger.error(msg)
def printDebug(self, msg):
"""print Debug message to std out
@ -127,11 +127,7 @@ class ClientThread(Thread):
@type msg: string
@param msg: debug message
"""
if not self.debug:
return
dt = "%s" % datetime.datetime.now()
dt = dt[:-7]
print "DEBUG [%s] %s" % (dt, msg)
self.logger.debug(msg)
def getMucs(self):
"""Return joined MUC without roster MUC
@ -1766,21 +1762,22 @@ def usage():
print "-p, --port\t port which telepaatti listens"
print "-s, --server\t Jabber/XMPP server to which the connection should be made"
print "-m, --muc-server\t Address of the MUC service. Used for autocompletion of JOIN commands"
print "-d, --debug\t turn debug messages on"
print " --ssl\t SSL certificate. Enables ssl when provided"
print " --dh\t Diffie Hellman parameter file for SSL."
print " --log\t telepaatti log file"
def main():
port = 6667
server = ''
muc_server = None
debug = False
nickname = None
ssl_cert = None
dh_param = None
daemonize = False
log_file = '/var/log/telepaatti'
try:
opts, args = getopt.getopt(sys.argv[1:], "s:m:p:h:d", ["server=","muc-server=","port=","help","debug","ssl=","log=",])
opts, args = getopt.getopt(sys.argv[1:], "s:m:p:h:d", ["server=","muc-server=","port=","help","daemonize","ssl=","dh="])
except getopt.GetoptError:
usage()
sys.exit(2)
@ -1802,41 +1799,55 @@ def main():
server = a
if o in ("-m", "--muc-server"):
muc_server = a
if o in ("-d", "--debug"):
print "debug messages on"
debug = True
if o in ("-d", "--daemonize"):
daemonize = True
if o == "--ssl":
ssl_cert = a
if o == "--log":
print "log file set"
log_file = a
if o == "--dh":
dh_param = a
if daemonize:
with daemon.DaemonContext():
daemon_main(server, port, muc_server, nickname, ssl_cert, dh_param)
else:
daemon_main(server, port, muc_server, nickname, ssl_cert, dh_param)
f = open (log_file, 'a')
with daemon.DaemonContext(stdout = f, stderr = f):
daemon_main(server, port, muc_server, nickname, ssl_cert)
def daemon_main(server, port, muc_server, nickname, ssl_cert):
def daemon_main(server, port, muc_server, nickname, ssl_cert, dh_param):
service = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
service.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
service.bind(("", port))
service.listen(1)
print "listening on port", port
main_logger = logging.getLogger("main_logger");
main_logger.addHandler(logging.handlers.SysLogHandler(address = '/var/run/log'))
main_logger.info("listening on port %s" % (port))
ssl_ctx = None
if ssl_cert is not None:
main_logger.info("Using ssl certificate %s" % (ssl_cert))
ssl_ctx = ssl.create_default_context(purpose=ssl.Purpose.CLIENT_AUTH)
ssl_ctx.set_ciphers("ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK")
if dh_param is not None:
main_logger.info("Using DH parameter %s" % (dh_param))
ssl_ctx.load_dh_params(dh_param)
ssl_ctx.load_cert_chain(ssl_cert)
while (True):
(clientsocket, address ) = service.accept()
if ssl_cert is not None:
if ssl_ctx is not None:
try:
clientsocket = ssl.wrap_socket(clientsocket, None, ssl_cert, True, ssl.CERT_NONE, ssl.PROTOCOL_SSLv23)
clientsocket = ssl_ctx.wrap_socket(clientsocket, server_side = True)
except:
print 'Failed SSL handshake:', sys.exc_info()[0], " - ", sys.exc_info()[1]
main_logger.error('Failed SSL handshake: %s - %s' % (sys.exc_info()[0], sys.exc_info()[1]))
try:
clientsocket.shutdown(socket.SHUT_RDWR)
except socket.error:
print 'Failed socket shutdown'
main_logger.error('Failed socket shutdown')
clientsocket.close()
continue
ct = ClientThread(clientsocket, port, server, muc_server, debug)
ct = ClientThread(clientsocket, port, server, muc_server)
ct.start()
if __name__ == "__main__":