summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSol Jerome <sol.jerome@gmail.com>2011-06-03 13:28:46 -0500
committerSol Jerome <sol.jerome@gmail.com>2011-06-14 12:36:46 -0500
commit5da2ced6d355a61032e254356c88804c7a44ffc1 (patch)
tree08368920ee86ca447a0763dbd54ad0d5b45c7735
parentab956d76bd20b458195ade8efd2cafb590bb3217 (diff)
downloadbcfg2-5da2ced6d355a61032e254356c88804c7a44ffc1.tar.gz
bcfg2-5da2ced6d355a61032e254356c88804c7a44ffc1.tar.bz2
bcfg2-5da2ced6d355a61032e254356c88804c7a44ffc1.zip
bcfg2-server: Add the ability to listen on specific interfaces (#1013)
Signed-off-by: Sol Jerome <sol.jerome@gmail.com>
-rw-r--r--man/bcfg2.conf.56
-rw-r--r--src/lib/Component.py13
-rw-r--r--src/lib/Options.py19
-rw-r--r--src/lib/SSLServer.py25
-rwxr-xr-xsrc/sbin/bcfg2-server2
5 files changed, 53 insertions, 12 deletions
diff --git a/man/bcfg2.conf.5 b/man/bcfg2.conf.5
index f2e47b7ac..b1acce7c3 100644
--- a/man/bcfg2.conf.5
+++ b/man/bcfg2.conf.5
@@ -38,6 +38,12 @@ The file monitor used to watch for changes in the repository.
Values of 'gamin', 'fam', or 'pseudo' are valid.
.TP
+.B listen_all
+This setting tells the server to listen on all available interfaces. The
+default is to only listen on those interfaces specified by the bcfg2
+setting in the components section of bcfg2.conf.
+
+.TP
.B plugins
A comma-delimited list of enabled server plugins. Currently available
plugins are:
diff --git a/src/lib/Component.py b/src/lib/Component.py
index 88dce906e..b73098d09 100644
--- a/src/lib/Component.py
+++ b/src/lib/Component.py
@@ -23,8 +23,8 @@ logger = logging.getLogger()
class NoExposedMethod (Exception):
"""There is no method exposed with the given name."""
-def run_component(component_cls, location, daemon, pidfile_name, to_file,
- cfile, argv=None, register=True,
+def run_component(component_cls, listen_all, location, daemon, pidfile_name,
+ to_file, cfile, argv=None, register=True,
state_name=False, cls_kwargs={}, extra_getopt='', time_out=10,
protocol='xmlrpc/ssl', certfile=None, keyfile=None, ca=None):
@@ -64,8 +64,13 @@ def run_component(component_cls, location, daemon, pidfile_name, to_file,
port = tuple(up[1].split(':'))
port = (port[0], int(port[1]))
try:
- server = XMLRPCServer(port, keyfile=keyfile, certfile=certfile,
- register=register, timeout=time_out, ca=ca,
+ server = XMLRPCServer(listen_all,
+ port,
+ keyfile=keyfile,
+ certfile=certfile,
+ register=register,
+ timeout=time_out,
+ ca=ca,
protocol=protocol)
except:
logger.error("Server startup failed")
diff --git a/src/lib/Options.py b/src/lib/Options.py
index e6eebb808..9980566fb 100644
--- a/src/lib/Options.py
+++ b/src/lib/Options.py
@@ -173,6 +173,18 @@ def colon_split(c_string):
return c_string.split(':')
return []
+def get_bool(s):
+ # these values copied from ConfigParser.RawConfigParser.getboolean
+ # with the addition of True and False
+ truelist = ["1", "yes", "True", "true", "on"]
+ falselist = ["0", "no", "False", "false", "off"]
+ if s in truelist:
+ return True
+ elif s in falselist:
+ return False
+ else:
+ raise ValueError
+
# General options
CFILE = Option('Specify configuration file', DEFAULT_CONFIG_LOCATION, cmd='-C',
odesc='<conffile>')
@@ -249,6 +261,13 @@ SERVER_MCONNECT = Option('Server Metadata Connector list', cook=list_split,
cf=('server', 'connectors'), default=['Probes'], )
SERVER_FILEMONITOR = Option('Server file monitor', cf=('server', 'filemonitor'),
default='default', odesc='File monitoring driver')
+SERVER_LISTEN_ALL = Option('Listen on all interfaces',
+ cf=('server', 'listen_all'),
+ cmd='--listen-all',
+ default=False,
+ long_arg=True,
+ cook=get_bool,
+ odesc='True|False')
SERVER_LOCATION = Option('Server Location', cf=('components', 'bcfg2'),
default='https://localhost:6789', cmd='-S',
odesc='https://server:port')
diff --git a/src/lib/SSLServer.py b/src/lib/SSLServer.py
index a89beabbb..8cac8a53f 100644
--- a/src/lib/SSLServer.py
+++ b/src/lib/SSLServer.py
@@ -79,9 +79,9 @@ class SSLServer (SocketServer.TCPServer, object):
allow_reuse_address = True
logger = logging.getLogger("Cobalt.Server.TCPServer")
- def __init__(self, server_address, RequestHandlerClass, keyfile=None,
- certfile=None, reqCert=False, ca=None, timeout=None,
- protocol='xmlrpc/ssl'):
+ def __init__(self, listen_all, server_address, RequestHandlerClass,
+ keyfile=None, certfile=None, reqCert=False, ca=None,
+ timeout=None, protocol='xmlrpc/ssl'):
"""Initialize the SSL-TCP server.
@@ -97,9 +97,12 @@ class SSLServer (SocketServer.TCPServer, object):
"""
- all_iface_address = ('', server_address[1])
+ if listen_all:
+ listen_address = ('', server_address[1])
+ else:
+ listen_address = (server_address[0], server_address[1])
try:
- SocketServer.TCPServer.__init__(self, all_iface_address,
+ SocketServer.TCPServer.__init__(self, listen_address,
RequestHandlerClass)
except socket.error:
self.logger.error("Failed to bind to socket")
@@ -310,7 +313,7 @@ class XMLRPCServer (SocketServer.ThreadingMixIn, SSLServer,
"""
- def __init__(self, server_address, RequestHandlerClass=None,
+ def __init__(self, listen_all, server_address, RequestHandlerClass=None,
keyfile=None, certfile=None, ca=None, protocol='xmlrpc/ssl',
timeout=10,
logRequests=False,
@@ -339,8 +342,14 @@ class XMLRPCServer (SocketServer.ThreadingMixIn, SSLServer,
"""A subclassed request handler to prevent class-attribute conflicts."""
SSLServer.__init__(self,
- server_address, RequestHandlerClass, ca=ca,
- timeout=timeout, keyfile=keyfile, certfile=certfile, protocol=protocol)
+ listen_all,
+ server_address,
+ RequestHandlerClass,
+ ca=ca,
+ timeout=timeout,
+ keyfile=keyfile,
+ certfile=certfile,
+ protocol=protocol)
self.logRequests = logRequests
self.serve = False
self.register = register
diff --git a/src/sbin/bcfg2-server b/src/sbin/bcfg2-server
index f4bd5e5b7..546d5a249 100755
--- a/src/sbin/bcfg2-server
+++ b/src/sbin/bcfg2-server
@@ -35,6 +35,7 @@ if __name__ == '__main__':
OPTINFO.update({'key' : Bcfg2.Options.SERVER_KEY,
'cert' : Bcfg2.Options.SERVER_CERT,
'ca' : Bcfg2.Options.SERVER_CA,
+ 'listen_all' : Bcfg2.Options.SERVER_LISTEN_ALL,
'location' : Bcfg2.Options.SERVER_LOCATION,
'passwd' : Bcfg2.Options.SERVER_PASSWORD,
'static' : Bcfg2.Options.SERVER_STATIC,
@@ -51,6 +52,7 @@ if __name__ == '__main__':
print("Could not read %s" % setup['configfile'])
sys.exit(1)
Bcfg2.Component.run_component(Bcfg2.Server.Core.Core,
+ listen_all=setup['listen_all'],
location=setup['location'],
daemon = setup['daemon'],
pidfile_name = setup['daemon'],