New option - ENHANCED_OBP
Extends OpenBridge protocol Added authenticated KeepAlives to protocol.
This commit is contained in:
parent
b096d5dfa5
commit
dda0470ff2
|
@ -54,4 +54,6 @@ TARGET_PORT: 62044
|
||||||
USE_ACL: True
|
USE_ACL: True
|
||||||
SUB_ACL: DENY:1
|
SUB_ACL: DENY:1
|
||||||
TGID_ACL: PERMIT:ALL
|
TGID_ACL: PERMIT:ALL
|
||||||
|
RELAX_CHECKS: True
|
||||||
|
ENHANCED_OBP: True
|
||||||
|
|
||||||
|
|
|
@ -149,6 +149,7 @@ USE_ACL: True
|
||||||
SUB_ACL: DENY:1
|
SUB_ACL: DENY:1
|
||||||
TGID_ACL: PERMIT:ALL
|
TGID_ACL: PERMIT:ALL
|
||||||
RELAX_CHECKS: False
|
RELAX_CHECKS: False
|
||||||
|
ENHANCED_OBP: False
|
||||||
|
|
||||||
# MASTER INSTANCES - DUPLICATE SECTION FOR MULTIPLE MASTERS
|
# MASTER INSTANCES - DUPLICATE SECTION FOR MULTIPLE MASTERS
|
||||||
# HomeBrew Protocol Master instances go here.
|
# HomeBrew Protocol Master instances go here.
|
||||||
|
|
|
@ -303,6 +303,7 @@ def build_config(_config_file):
|
||||||
'TG1_ACL': config.get(section, 'TGID_ACL'),
|
'TG1_ACL': config.get(section, 'TGID_ACL'),
|
||||||
'TG2_ACL': 'PERMIT:ALL',
|
'TG2_ACL': 'PERMIT:ALL',
|
||||||
'RELAX_CHECKS': config.getboolean(section, 'RELAX_CHECKS')
|
'RELAX_CHECKS': config.getboolean(section, 'RELAX_CHECKS')
|
||||||
|
'ENHANCED_OBP': config.getboolean(section, 'ENHANCED_OBP')
|
||||||
}})
|
}})
|
||||||
|
|
||||||
|
|
||||||
|
|
30
hblink.py
30
hblink.py
|
@ -114,8 +114,9 @@ class OPENBRIDGE(DatagramProtocol):
|
||||||
self._laststrid = deque([], 20)
|
self._laststrid = deque([], 20)
|
||||||
|
|
||||||
def startProtocol(self):
|
def startProtocol(self):
|
||||||
self._bcka = task.LoopingCall(self.send_bcka)
|
if self._config['ENHANCED_OBP']:
|
||||||
self._bcka = self._bcka.start(10)
|
self._bcka = task.LoopingCall(self.send_bcka)
|
||||||
|
self._bcka = self._bcka.start(10)
|
||||||
|
|
||||||
def dereg(self):
|
def dereg(self):
|
||||||
logger.info('(%s) is mode OPENBRIDGE. No De-Registration required, continuing shutdown', self._system)
|
logger.info('(%s) is mode OPENBRIDGE. No De-Registration required, continuing shutdown', self._system)
|
||||||
|
@ -205,18 +206,19 @@ class OPENBRIDGE(DatagramProtocol):
|
||||||
h,p = _sockaddr
|
h,p = _sockaddr
|
||||||
logger.info('(%s) OpenBridge HMAC failed, packet discarded - OPCODE: %s DATA: %s HMAC LENGTH: %s HMAC: %s SRC IP: %s SRC PORT: %s', self._system, _packet[:4], repr(_packet[:53]), len(_packet[53:]), repr(_packet[53:]),h,p)
|
logger.info('(%s) OpenBridge HMAC failed, packet discarded - OPCODE: %s DATA: %s HMAC LENGTH: %s HMAC: %s SRC IP: %s SRC PORT: %s', self._system, _packet[:4], repr(_packet[:53]), len(_packet[53:]), repr(_packet[53:]),h,p)
|
||||||
|
|
||||||
if _packet[:2] == BC: # Bridge Control packet (Extended OBP)
|
if self._config['ENHANCED_OBP']:
|
||||||
if _packet[:4] == BCKA:
|
if _packet[:2] == BC: # Bridge Control packet (Extended OBP)
|
||||||
_data = _packet[:53]
|
if _packet[:4] == BCKA:
|
||||||
_hash = _packet[53:]
|
#_data = _packet[:53]
|
||||||
_ckhs = hmac_new(self._config['PASSPHRASE'],_data,sha1).digest()
|
_hash = _packet[4:]
|
||||||
if compare_digest(_hash, _ckhs):
|
_ckhs = hmac_new(self._config['PASSPHRASE'],_packet[:4],sha1).digest()
|
||||||
logger.debug('(%s) Bridge Control Keep Alive received')
|
if compare_digest(_hash, _ckhs):
|
||||||
self._config['_bc']['_ka'] = time()
|
logger.debug('(%s) Bridge Control Keep Alive received',self._system)
|
||||||
|
self._config['_bcka'] = time()
|
||||||
else:
|
|
||||||
h,p = _sockaddr
|
else:
|
||||||
logger.info('(%s) OpenBridge BCKA invalid KeepAlive, packet discarded - OPCODE: %s DATA: %s HMAC LENGTH: %s HMAC: %s SRC IP: %s SRC PORT: %s', self._system, _packet[:4], repr(_packet[:53]), len(_packet[53:]), repr(_packet[53:]),h,p)
|
h,p = _sockaddr
|
||||||
|
logger.info('(%s) OpenBridge BCKA invalid KeepAlive, packet discarded - OPCODE: %s DATA: %s HMAC LENGTH: %s HMAC: %s SRC IP: %s SRC PORT: %s', self._system, _packet[:4], repr(_packet[:53]), len(_packet[53:]), repr(_packet[53:]),h,p)
|
||||||
|
|
||||||
|
|
||||||
#************************************************
|
#************************************************
|
||||||
|
|
Loading…
Reference in New Issue