mirror of
https://mau.dev/maunium/synapse.git
synced 2024-10-01 01:36:05 -04:00
Split out setting up the manhole to a separate file
This commit is contained in:
parent
62607d5452
commit
5905f36f05
@ -32,13 +32,6 @@ from synapse.storage.prepare_database import UpgradeDatabaseException, prepare_d
|
|||||||
|
|
||||||
from synapse.server import HomeServer
|
from synapse.server import HomeServer
|
||||||
|
|
||||||
|
|
||||||
from twisted.conch.manhole import ColoredManhole
|
|
||||||
from twisted.conch.insults import insults
|
|
||||||
from twisted.conch import manhole_ssh
|
|
||||||
from twisted.cred import checkers, portal
|
|
||||||
|
|
||||||
|
|
||||||
from twisted.internet import reactor, task, defer
|
from twisted.internet import reactor, task, defer
|
||||||
from twisted.application import service
|
from twisted.application import service
|
||||||
from twisted.web.resource import Resource, EncodingResourceWrapper
|
from twisted.web.resource import Resource, EncodingResourceWrapper
|
||||||
@ -64,6 +57,7 @@ from synapse.federation.transport.server import TransportLayerServer
|
|||||||
from synapse.util.rlimit import change_resource_limit
|
from synapse.util.rlimit import change_resource_limit
|
||||||
from synapse.util.versionstring import get_version_string
|
from synapse.util.versionstring import get_version_string
|
||||||
from synapse.util.httpresourcetree import create_resource_tree
|
from synapse.util.httpresourcetree import create_resource_tree
|
||||||
|
from synapse.util.manhole import listen_manhole
|
||||||
|
|
||||||
from synapse.http.site import SynapseSite
|
from synapse.http.site import SynapseSite
|
||||||
|
|
||||||
@ -209,25 +203,12 @@ class SynapseHomeServer(HomeServer):
|
|||||||
if listener["type"] == "http":
|
if listener["type"] == "http":
|
||||||
self._listener_http(config, listener)
|
self._listener_http(config, listener)
|
||||||
elif listener["type"] == "manhole":
|
elif listener["type"] == "manhole":
|
||||||
checker = checkers.InMemoryUsernamePasswordDatabaseDontUse(
|
listen_manhole(
|
||||||
matrix="rabbithole"
|
bind_address=listener.get("bind_address", '127.0.0.1'),
|
||||||
)
|
bind_port=listener["port"],
|
||||||
|
username="matrix",
|
||||||
rlm = manhole_ssh.TerminalRealm()
|
password="rabbithole",
|
||||||
rlm.chainedProtocolFactory = lambda: insults.ServerProtocol(
|
globals={"hs": self},
|
||||||
ColoredManhole,
|
|
||||||
{
|
|
||||||
"__name__": "__console__",
|
|
||||||
"hs": self,
|
|
||||||
}
|
|
||||||
)
|
|
||||||
|
|
||||||
f = manhole_ssh.ConchFactory(portal.Portal(rlm, [checker]))
|
|
||||||
|
|
||||||
reactor.listenTCP(
|
|
||||||
listener["port"],
|
|
||||||
f,
|
|
||||||
interface=listener.get("bind_address", '127.0.0.1')
|
|
||||||
)
|
)
|
||||||
else:
|
else:
|
||||||
logger.warn("Unrecognized listener type: %s", listener["type"])
|
logger.warn("Unrecognized listener type: %s", listener["type"])
|
||||||
|
50
synapse/util/manhole.py
Normal file
50
synapse/util/manhole.py
Normal file
@ -0,0 +1,50 @@
|
|||||||
|
# Copyright 2016 OpenMarket Ltd
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
from twisted.conch.manhole import ColoredManhole
|
||||||
|
from twisted.conch.insults import insults
|
||||||
|
from twisted.conch import manhole_ssh
|
||||||
|
from twisted.cred import checkers, portal
|
||||||
|
|
||||||
|
|
||||||
|
from twisted.internet import reactor
|
||||||
|
|
||||||
|
|
||||||
|
def listen_manhole(bind_address, bind_port, username, password, globals):
|
||||||
|
"""Starts a ssh listener with password authentication using
|
||||||
|
the given username and password. Clients connecting to the ssh
|
||||||
|
listener will find themselves in a colored python shell with
|
||||||
|
the supplied globals.
|
||||||
|
|
||||||
|
Args:
|
||||||
|
bind_address(str): IP address to listen on.
|
||||||
|
bind_port(int): TCP port to listen on.
|
||||||
|
username(str): The username ssh clients should auth with.
|
||||||
|
password(str): The password ssh clients should auth with.
|
||||||
|
globals(dict): The variables to expose in the shell.
|
||||||
|
"""
|
||||||
|
|
||||||
|
checker = checkers.InMemoryUsernamePasswordDatabaseDontUse(
|
||||||
|
**{username: password}
|
||||||
|
)
|
||||||
|
|
||||||
|
rlm = manhole_ssh.TerminalRealm()
|
||||||
|
rlm.chainedProtocolFactory = lambda: insults.ServerProtocol(
|
||||||
|
ColoredManhole,
|
||||||
|
dict(globals, __name__="__console__")
|
||||||
|
)
|
||||||
|
|
||||||
|
factory = manhole_ssh.ConchFactory(portal.Portal(rlm, [checker]))
|
||||||
|
|
||||||
|
reactor.listenTCP(bind_port, factory, interface=bind_address)
|
Loading…
Reference in New Issue
Block a user