[trigger] Passage à l'auth via SSL

2014-07-24 03:41:23 +02:00 · 2014-07-24 03:41:23 +02:00 · 739411e857
commit 739411e857
parent 45ce52a405
6 changed files with 24 additions and 9 deletions
--- a/cmb/consumer.py
+++ b/cmb/consumer.py
@ -23,7 +23,7 @@ class AsynchronousConsumer(object):

    """

-    def __init__(self, url, exchange_name, exchange_type):
+    def __init__(self, url, exchange_name, exchange_type, port=5672, credentials=None, ssl=False):
        """Create a new instance of the asynchronous consumer.

        """
@ -35,6 +35,9 @@ class AsynchronousConsumer(object):
        self._exchange_name = exchange_name
        self._exchange_type = exchange_type
        self._url = url
+        self._port = port
+        self._credentials = credentials
+        self._ssl = ssl

    #+--------------------------------+
    #|    Connection workers          |
@ -49,7 +52,7 @@ class AsynchronousConsumer(object):

        """
        logger.info("Opening connection to RabbitMQ AMQP host %s…", self._url)
-        return pika.SelectConnection(pika.ConnectionParameters(self._url),
+        return pika.SelectConnection(pika.ConnectionParameters(host=self._url, port=self._port, credentials=self._credentials, ssl=self._ssl),
                                     self.on_connection_open,
                                     stop_ioloop_on_close=False
                                     )
--- a/cmb/producer.py
+++ b/cmb/producer.py
@ -25,7 +25,7 @@ class BasicProducer(object):

    """

-    def __init__(self, url, exchange_name, app_id):
+    def __init__(self, url, exchange_name, app_id, port=5672, credentials=None, ssl=False):
        """Init

        """
@ -35,6 +35,9 @@ class BasicProducer(object):
        self._exchange_name = exchange_name
        self._app_id = app_id
        self._url = url
+        self._port = port
+        self._credentials = credentials
+        self._ssl = ssl
        logger.info("Initializing with app_id %s" % (self._app_id,))

    def connect(self):
@ -42,7 +45,7 @@ class BasicProducer(object):

        """
        logger.info("Connecting to %s…" % (self._url))
-        return pika.BlockingConnection(pika.ConnectionParameters(self._url))
+        return pika.BlockingConnection(pika.ConnectionParameters(host=self._url, port=self._port, credentials=self._credentials, ssl=self._ssl))

    def get_chan(self):
        """Creates a channel and reopens connection if needed."""
--- a/gestion/config/trigger.py
+++ b/gestion/config/trigger.py
@ -9,7 +9,10 @@ import itertools
 debug = True

 # Serveur maître
-master = "civet.adm.crans.org"
+master = "rabbitmq.adm.crans.org"
+user = "trigger"
+port = 5671
+ssl = True

 # Liste des services associés aux hôtes
 # useradd : Envoie le mail de bienvenue, et crée le home
--- a/gestion/ldap_crans.py
+++ b/gestion/ldap_crans.py
@ -1543,7 +1543,6 @@ class BaseProprietaire(BaseClasseCrans):
        if not isadm() and isadm(self.compte()):
            raise EnvironmentError(u'Il faut être administrateur pour effectuer cette opération.')

-
        else:
            if type(new) == list:
                # Modif
--- a/gestion/trigger/services/event.py
+++ b/gestion/trigger/services/event.py
@ -20,9 +20,10 @@ import importlib
 import itertools
 import traceback

+import gestion.secrets_new as secrets
 # Trigger features
 import gestion.config.trigger as trigger_config
-from gestion.trigger.host import record, TriggerFactory
+from gestion.trigger.host import TriggerFactory
 from gestion.trigger.services.service import BasicService

 # Clogger
@ -49,7 +50,9 @@ class EventProducer(cmb.BasicProducer):

        """
        logger.info("Starting trigger EventProducer program for app %s…", app_id)
-        super(EventProducer, self).__init__(trigger_config.master, 'trigger', app_id)
+        trigger_password = secrets.get('rabbitmq_trigger_password')
+        credentials = pika.PlainCredentials(trigger_config.user, trigger_password)
+        super(EventProducer, self).__init__(url=trigger_config.master, exchange_name="trigger", app_id=app_id, port=trigger_config.port, credentials=credentials, ssl=trigger_config.ssl)
        self._connection = self.connect()
        self.get_chan()

--- a/gestion/trigger/trigger.py
+++ b/gestion/trigger/trigger.py
@ -15,7 +15,9 @@ import cPickle
 import socket
 import traceback
 import sys
+import pika

+import gestion.secrets_new as secrets
 import gestion.config.trigger as trigger_config
 import gestion.affichage as affichage
 from gestion.trigger.host import trigger
@ -91,7 +93,9 @@ class EvenementListener(cmb.AsynchronousConsumer):
        self._connection.ioloop.start()

 def daemonize():
-    listener = EvenementListener(trigger_config.master, "trigger", "topic")
+    trigger_password = secrets.get('rabbitmq_trigger_password')
+    credentials = pika.PlainCredentials(trigger_config.user, trigger_password)
+    listener = EvenementListener(url=trigger_config.master, exchange_name="trigger", exchange_type="topic", port=trigger_config.port, credentials=credentials, ssl=trigger_config.ssl)
    try:
        listener.run()
    except KeyboardInterrupt: