#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
# License as published by the Free Software Foundation; either
# version 2.1 of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public
# License along with this program; if not, write to the Free Software
# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
#
"""
*New in pywbem 0.9 as experimental and finalized in 0.10.*
The :class:`~pywbem.WBEMListener` class provides a thread-based WBEM listener
service that can receive CIM indications from multiple WBEM servers and that
calls registered callback functions to deliver the received indications.
The listener receives indications from an indication sender, validates the
formtting of the indication and queues each received indication into an
interprocess queue. A seperate thread monitors this queue and calls the
callback functions for each indication in the queue.
This insures that timing in the callback functions does not interfere with the
reception of indications from the indication sender.
Examples
--------
The following example creates and runs a listener::
import logging
from pywbem import WBEMListener
def process_indication(indication, host):
'''This function gets called when an indication is received.'''
print(f"Received CIM indication from {host}: {indication!r}")
def main():
# Configure logging of the listener via the Python root logger
logging.basicConfig(
filename='listener.log', level=logging.WARNING,
format='%(asctime)s - %(levelname)s - %(message)s')
certkeyfile = 'listener.pem'
# Set host name to wildcard host address to recieve indications on
# any network address defined for this system.
listener = WBEMListener(host="",
http_port=5990,
https_port=5991,
certfile=certkeyfile,
keyfile=certkeyfile)
listener.add_callback(process_indication)
try:
listener.start()
# process_indication() will be called for each received indication
. . . # wait for some condition to end listening
finally:
listener.stop()
Alternative code using the class as a context manager::
with WBEMListener(...) as listener:
listener.add_callback(process_indication)
listener.start()
# process_indication() will be called for each received indication
... # wait for some condition to end listening
# listener.stop() has been called automatically
See the example in section :ref:`WBEMSubscriptionManager` for an example of
using a listener in combination with a subscription manager.
Another listener example is in the script ``examples/listen.py`` (when you
clone the GitHub pywbem/pywbem project). It is an interactive Python shell that
creates a listener and displays any indications it receives, in MOF format.
.. _`Logging in the listener`:
Logging in the listener
-----------------------
Each :class:`~pywbem.WBEMListener` object has its own separate Python logger
object with the name:
`'pywbem.listener.{id}'`
where `{id}` is a string that is unique for each :class:`~pywbem.WBEMListener`
object within the Python process.
The :attr:`~pywbem.WBEMListener.logger` property of a
:class:`~pywbem.WBEMListener` object provides access to that Python logger
object, if needed.
The listener will log any indications it receives and any responses it sends
back to the indication sender, at the ``INFO`` logging level
(see :ref:`py:levels`).
In addition, it will log errors at the ``ERROR`` logging level.
The Python root logger will by default (i.e. when not being configured) print
log records of logging level ``WARNING`` or greater to `sys.stderr`. So the
indication and response interactions will not be printed by default, but any
errors logged at the ``ERROR`` logging level will be printed by default.
Listener indication flood
-------------------------
A listener processes indications through an interprocess queue so a flood of
indications from the indication sender where the callback processing was taking
longer than indication reception could over time result in indications piling
up in the received indication queue. While this is not normally an issue a
flood of indications from the sender could result in more indications in the
queue than the memory of the client can support. Effective with version 1.8.0,
an optional argument was added to the listener initialization
(max_ind_queue_size) that causes generation of an exception
(ListenerQueueFullError) and stopping of sending indication reception. Since
this effectively stops the listener, it should only be used if the number of
indications in the queue is a threat to the memory in the client, not for
temporary slowdown of the flow of indications from the indication sender.
It closes the listener connections and discards indications in the queue.
The following example creates and runs a listener::
import logging
from pywbem import WBEMListener
def process_indication(indication, host):
'''This function gets called when an indication is received.'''
print(f"Received CIM indication from {host}: {indication!r}")
def main():
# Configure logging of the listener via the Python root logger
logging.basicConfig(
filename='listener.log', level=logging.WARNING,
format='%(asctime)s - %(levelname)s - %(message)s')
certkeyfile = 'listener.pem'
# Set host name to wildcard host address to recieve indications on
# any network address defined for this system.
listener = WBEMListener(host="",
http_port=5990,
https_port=5991,
certfile=certkeyfile,
keyfile=certkeyfile,
max_ind_queue_size=5000,
)
listener.add_callback(process_indication)
try:
listener.start()
# process_indication() will be called for each received indication
. . . # wait for some condition to end listening
except ListenerQueueFullError:
print("Indication listener failed. Indication queue full.")
listener.stop()
finally:
listener.stop()
.. _`WBEMListener class`:
WBEMListener class
------------------
"""
import sys
import os
import errno
from contextlib import contextmanager
import re
import logging
import ssl
import threading
import atexit
import getpass
import queue
try:
import termios
except ImportError:
# termios is only supported on some operating systems
termios = None
import socketserver
import http.client
from http.server import HTTPStatus, HTTPServer, BaseHTTPRequestHandler
from time import sleep
from . import _cim_xml
from ._version import __version__
from ._cim_obj import CIMInstance
from ._cim_constants import CIM_ERR_NOT_SUPPORTED, CIM_ERR_INVALID_PARAMETER, \
_statuscode2name
from ._tupleparse import TupleParser
from ._tupletree import xml_to_tupletree_sax
from ._exceptions import CIMXMLParseError, XMLParseError, CIMVersionError, \
DTDVersionError, ProtocolVersionError, ListenerCertificateError, \
ListenerPortError, ListenerPromptError, ListenerQueueFullError
from ._utils import _format
# CIM-XML protocol related versions implemented by the WBEM listener.
# These are returned in export message responses.
IMPLEMENTED_CIM_VERSION = '2.0'
IMPLEMENTED_DTD_VERSION = '2.4'
IMPLEMENTED_PROTOCOL_VERSION = '1.4'
# CIM-XML protocol related versions supported by the WBEM listener
# These are checked in export message requests.
SUPPORTED_DTD_VERSION_PATTERN = r'2\.\d+'
SUPPORTED_DTD_VERSION_STR = '2.x'
SUPPORTED_PROTOCOL_VERSION_PATTERN = r'1\.\d+'
SUPPORTED_PROTOCOL_VERSION_STR = '1.x'
# Pattern for findall() for header values that are a list of tokens with
# quality values (see RFC2616). The pattern does not verify conformance
# to the valid characters for tokens, but does its job in parsing tokens
# and q values.
TOKEN_QUALITY_FINDALL_PATTERN = re.compile(
r'([^;, ]+)'
r'(?:; *q=([01](?:\.[0-9]*)?))?'
r'(?:, *)?')
TOKEN_CHARSET_FINDALL_PATTERN = re.compile(
r'([^;, ]+)'
r'(?:; *charset="?([^";, ]*)"?)?'
r'(?:, *)?')
__all__ = ['WBEMListener', 'callback_interface']
@contextmanager
def saved_term_attrs():
"""
Context manager that saves and restores the attributes of the terminal that
is used by getpass().
getpass() on Linux and macOS modifies the terminal attributes to disable
the echoing of the typed password, and restores the terminal attributes
before it returns. However, when the process calling getpass() gets
terminated with a SIGTERM signal while it waits for getpass() to return,
then getpass() itself will not restore the terminal settings.
This context manager improves that behavior by restoring the settings in
its exit part, and by additionally registering an Python atexit handler
that restores the settings. There is a check so that the settings are
restored only once. This performs the restore in some more cases compared
to the standard getpass() behavior, particularly when the process calling
getpass() is terminated with a SIGTERM signal.
For details on cases where the finally block and thus also the exit part
of a context manager do *not* get control, see
https://stackoverflow.com/a/49262664/1424462.
The logic to obtain the file descriptor of the terminal must be kept
consistent with how it is done in getpass(), see
https://github.com/python/cpython/blob/main/Lib/getpass.py#L46
"""
if termios:
try:
# On Windows, os.O_NOCTTY does not exist.
# pylint: disable=no-member
term_fd = os.open('/dev/tty', os.O_RDWR | os.O_NOCTTY)
except (OSError, AttributeError):
try:
term_fd = sys.stdin.fileno()
except (AttributeError, ValueError):
term_fd = None
else:
term_fd = None
if term_fd is not None:
count_dict = {'count': 0} # must be mutable
saved_attrs = termios.tcgetattr(term_fd)
atexit.register(restore_term_attrs, term_fd, saved_attrs, count_dict)
yield
if term_fd is not None:
restore_term_attrs(term_fd, saved_attrs, count_dict)
def restore_term_attrs(term_fd, saved_attrs, count_dict):
"""
Restore the attributes of the terminal that is used by getpass().
count_dict is used to ensure the restoration is performed only once. This
is necessary because the function is called once directly after the
password prompt, and once at exit.
"""
if count_dict['count'] == 0:
termios.tcsetattr(term_fd, termios.TCSAFLUSH, saved_attrs)
count_dict['count'] += 1
def keyfile_password_prompt(keyfile):
"""
Prompt for the password of a private key file.
This method is only called if the key file has a password set.
Parameters:
keyfile (string): Path name of private key file.
Returns:
string: The password
Raises:
ListenerPromptError: Password prompt was interrupted or ended
"""
prompt = f"Enter password for key file {keyfile}: "
with saved_term_attrs():
try:
pw = getpass.getpass(prompt=prompt)
except KeyboardInterrupt:
new_exc = ListenerPromptError("Password prompt was interrupted")
new_exc.__cause__ = None
raise new_exc # ListenerPromptError
except EOFError:
new_exc = ListenerPromptError("Password prompt was ended")
new_exc.__cause__ = None
raise new_exc # ListenerPromptError
return pw
class ThreadedHTTPServer(socketserver.ThreadingMixIn, HTTPServer):
"""Defines an HTTPServer class for indication reception"""
pass
class ListenerRequestHandler(BaseHTTPRequestHandler):
"""
A request handler for the standard Python HTTP server, with a handler
method for the HTTP POST method, that acts as a WBEM listener.
"""
@property
def logger(self):
"""
:class:`py:logging.Logger`: Logger object for the listener using this
request handler.
Each listener object has its own separate logger object with the name:
`'pywbem.listener.{id}'`
where `{id}` is a unique string for each listener object.
Users of the listener should not look up the logger object by name, but
should use this property to get to it.
"""
return self.server.listener.logger
def invalid_method(self):
"""
Handle invalid HTTP methods by sending HTTP status 405 "Method Not
Allowed" back to the server. See DSP0200 for details on this.
"""
self.send_http_error(405, headers=[('Allow', 'POST')])
# pylint: disable=invalid-name
def do_OPTIONS(self):
"""Invalid method for listener"""
self.invalid_method()
# pylint: disable=invalid-name
def do_HEAD(self):
"""Invalid method for listener"""
self.invalid_method()
# pylint: disable=invalid-name
def do_GET(self):
"""Invalid method for listener"""
self.invalid_method()
# pylint: disable=invalid-name
def do_PUT(self):
"""Invalid method for listener"""
self.invalid_method()
# pylint: disable=invalid-name
def do_PATCH(self):
"""Invalid method for listener"""
self.invalid_method()
# pylint: disable=invalid-name
def do_DELETE(self):
"""Invalid method for listener"""
self.invalid_method()
# pylint: disable=invalid-name
def do_TRACE(self):
"""Invalid method for listener"""
self.invalid_method()
# pylint: disable=invalid-name
def do_CONNECT(self):
"""Invalid method for listener"""
self.invalid_method()
# pylint: disable=invalid-name
def do_M_POST(self):
"""Invalid method for listener"""
self.invalid_method()
# pylint: disable=invalid-name
def do_POST(self):
"""
This method will be called for each POST request to one of the
listener ports.
It parses the CIM-XML export message and delivers the contained
CIM indication to the stored listener object.
"""
self.logger.debug("Received POST request")
# Accept header check described in DSP0200
accept = self.headers.get('Accept', 'text/xml')
if accept not in ('text/xml', 'application/xml', '*/*'):
self.send_http_error(
406, 'header-mismatch',
_format("Invalid Accept header value: {0} (need text/xml, "
"application/xml or */*)", accept))
return
# Accept-Charset header check described in DSP0200
accept_charset = self.headers.get('Accept-Charset', 'UTF-8')
tq_list = re.findall(TOKEN_QUALITY_FINDALL_PATTERN, accept_charset)
found = False
if tq_list is not None:
for token, _ in tq_list:
if token.lower() in ('utf-8', '*'):
found = True
break
if not found:
self.send_http_error(
406, 'header-mismatch',
_format("Invalid Accept-Charset header value: {0} "
"(need UTF-8 or *)", accept_charset))
return
# Accept-Encoding header check described in DSP0200.
# The WBEM listener needs to support any Accept-Encoding header, so
# no check is performed.
# Note that the requests package adds the Accept-Encoding header with
# values such as "gzip, deflate" if not provided by the requester.
# Accept-Language header check described in DSP0200.
# Ignored, because this WBEM listener does not support multiple
# languages, and hence any language is allowed to be returned.
# Accept-Range header check described in DSP0200
accept_range = self.headers.get('Accept-Range', None)
if accept_range is not None:
self.send_http_error(
406, 'header-mismatch',
_format("Accept-Range header is not permitted {0}",
accept_range))
return
# Content-Type header check described in DSP0200
content_type = self.headers.get('Content-Type', None)
if content_type is None:
self.send_http_error(
406, 'header-mismatch',
"Content-Type header is required")
return
tc_list = re.findall(TOKEN_CHARSET_FINDALL_PATTERN, content_type)
found = False
if tc_list is not None:
for token, charset in tc_list:
if token.lower() in ('text/xml', 'application/xml') and \
(charset == '' or charset.lower() == 'utf-8'):
found = True
break
if not found:
self.send_http_error(
406, 'header-mismatch',
_format("Invalid Content-Type header value: {0} "
"(need text/xml or application/xml with "
"charset=utf-8 or empty)",
content_type))
return
# Content-Encoding header check described in DSP0200
content_encoding = self.headers.get('Content-Encoding', 'identity')
if content_encoding.lower() != 'identity':
self.send_http_error(
406, 'header-mismatch',
_format("Invalid Content-Encoding header value: {0}"
"(listener supports only identity)",
content_encoding))
return
# Content-Language header check described in DSP0200.
# Ignored, because this WBEM listener does not support multiple
# languages, and hence any language is allowed in the request.
# The following headers are ignored. They are not allowed to be used
# by servers, but listeners are not required to reject them:
# Content-Range, Expires, If-Range, Range.
# Start processing the request
content_len = int(self.headers.get('Content-Length', 0))
body = self.rfile.read(content_len)
try:
msgid, methodname, params = self.parse_export_request(body)
except (CIMXMLParseError, XMLParseError) as exc:
self.send_http_error(400, "request-not-well-formed", str(exc))
return
except DTDVersionError as exc:
self.send_http_error(400, "unsupported-dtd-version", str(exc))
return
except ProtocolVersionError as exc:
self.send_http_error(400, "unsupported-protocol-version", str(exc))
return
except CIMVersionError as exc:
self.send_http_error(400, "unsupported-version", str(exc))
return
if methodname == 'ExportIndication':
if len(params) != 1 or 'NewIndication' not in params:
self.send_error_response(
msgid, methodname, CIM_ERR_INVALID_PARAMETER,
_format("Expecting one parameter NewIndication, got {0!A}",
params.keys()))
return
indication_inst = params['NewIndication']
if not isinstance(indication_inst, CIMInstance):
self.send_error_response(
msgid, methodname, CIM_ERR_INVALID_PARAMETER,
_format("NewIndication parameter is not a CIM instance, "
"but {0!A}", indication_inst))
return
# server.listener created in WBEMListener.start function
# This function may generate queue full exception.
self.server.listener.handle_indication(indication_inst,
self.client_address[0])
self.send_success_response(msgid, methodname)
else:
self.send_error_response(
msgid, methodname, CIM_ERR_NOT_SUPPORTED,
_format("Unknown export method: {0!A}", methodname))
def send_http_error(self, http_code, cim_error=None,
cim_error_details=None, headers=None):
"""
Send an HTTP response back to the WBEM server that indicates
an error at the HTTP level.
"""
self.logger.warning(
"Sending HTTP error response with HTTP status %s and headers: "
"CIMError: %r, CIMErrorDetails: %r",
http_code, cim_error, cim_error_details)
self.send_response(http_code, http.client.responses.get(http_code, ''))
self.send_header("CIMExport", "MethodResponse")
if cim_error is not None:
self.send_header("CIMError", cim_error)
if cim_error_details is not None:
self.send_header("CIMErrorDetails", cim_error_details)
if headers is not None:
for header, value in headers:
self.send_header(header, value)
self.end_headers()
self.logger.warning(
"Sent HTTP error response with HTTP status %s", http_code)
def send_error_response(self, msgid, methodname, status_code, status_desc,
error_insts=None):
"""Send a CIM-XML response message back to the WBEM server that
indicates error."""
self.logger.warning(
"Sending CIM-XML error response with CIM status %s: %s",
_statuscode2name(status_code), status_desc)
resp_xml = _cim_xml.CIM(
_cim_xml.MESSAGE(
_cim_xml.SIMPLEEXPRSP(
_cim_xml.EXPMETHODRESPONSE(
methodname,
_cim_xml.ERROR(
str(status_code),
status_desc,
error_insts),
), # noqa: E123
), # noqa: E123
msgid, IMPLEMENTED_PROTOCOL_VERSION),
IMPLEMENTED_CIM_VERSION, IMPLEMENTED_DTD_VERSION)
resp_body = '<?xml version="1.0" encoding="utf-8" ?>\n' + \
resp_xml.toxml()
if isinstance(resp_body, str):
resp_body = resp_body.encode("utf-8")
http_code = 200
self.send_response(http_code, http.client.responses.get(http_code, ''))
self.send_header("Content-Type", "text/xml")
self.send_header("Content-Length", str(len(resp_body)))
self.send_header("CIMExport", "MethodResponse")
self.end_headers()
self.wfile.write(resp_body)
self.logger.warning(
"Sent CIM-XML error response with CIM status %s",
_statuscode2name(status_code))
def send_success_response(self, msgid, methodname):
"""Send a CIM-XML response message back to the WBEM server that
indicates success."""
self.logger.debug(
"Sending CIM-XML successful response with msgid=%s", msgid)
resp_xml = _cim_xml.CIM(
_cim_xml.MESSAGE(
_cim_xml.SIMPLEEXPRSP(
_cim_xml.EXPMETHODRESPONSE(
methodname),
), # noqa: E123
msgid, IMPLEMENTED_PROTOCOL_VERSION),
IMPLEMENTED_CIM_VERSION, IMPLEMENTED_DTD_VERSION)
resp_body = '<?xml version="1.0" encoding="utf-8" ?>\n' + \
resp_xml.toxml()
if isinstance(resp_body, str):
resp_body = resp_body.encode("utf-8")
http_code = 200
self.send_response(http_code, http.client.responses.get(http_code, ''))
self.send_header("Content-Type", "text/xml")
self.send_header("Content-Length", str(len(resp_body)))
self.send_header("CIMExport", "MethodResponse")
self.end_headers()
self.wfile.write(resp_body)
self.logger.debug(
"Sent CIM-XML successful response with msgid=%s", msgid)
@staticmethod
def parse_export_request(request_str):
"""Parse a CIM-XML export request message, and return
a tuple(msgid, methodname, params).
"""
# Parse the XML into a tuple tree (may raise CIMXMLParseError or
# XMLParseError):
tt_ = xml_to_tupletree_sax(request_str, "CIM-XML export request")
tp = TupleParser()
tup_tree = tp.parse_cim(tt_)
# Check the tuple tree
if tup_tree[0] != 'CIM':
raise CIMXMLParseError(
_format("Expecting CIM element, got {0}", tup_tree[0]))
tup_tree = tup_tree[2]
if tup_tree[0] != 'MESSAGE':
raise CIMXMLParseError(
_format("Expecting MESSAGE element, got {0}", tup_tree[0]))
msgid = tup_tree[1]['ID']
tup_tree = tup_tree[2]
if tup_tree[0] != 'SIMPLEEXPREQ':
raise CIMXMLParseError(
_format("Expecting SIMPLEEXPREQ element, got {0}",
tup_tree[0]))
tup_tree = tup_tree[2]
if tup_tree[0] != 'EXPMETHODCALL':
raise CIMXMLParseError(
_format("Expecting EXPMETHODCALL element, got {0}",
tup_tree[0]))
methodname = tup_tree[1]['NAME']
params = {}
for name, obj in tup_tree[2]:
params[name] = obj
return (msgid, methodname, params)
def log_request(self, code='-', size='-'):
# pylint: disable=unused-argument
"""
This function is called in
:meth:`~py:http.server.BaseHTTPRequestHandler.send_response`.
We override it to get a little more information logged in a somewhat
better format at the INFO level.
"""
if isinstance(code, HTTPStatus):
# On Python 3, it can be an HTTPStatus object
code = code.value
self.log_message("Sending %s response with HTTP status %s",
self.command, code)
def log_error(self, format, *args):
# pylint: disable=redefined-builtin
"""
The :class:`~py:http.server.BaseHTTPRequestHandler` methods call this
method for anything that needs to get logged as an error.
We override it in order to direct that to our own logger at the ERROR
level.
"""
self.logger.error(format, *args)
def log_message(self, format, *args):
# pylint: disable=redefined-builtin
"""
The :class:`~py:http.server.BaseHTTPRequestHandler` methods call this
method for anything that needs to get logged.
We override it in order to direct that to our own logger at the INFO
level.
"""
self.logger.info(format, *args)
def version_string(self):
"""
Overrides the inherited method to add the pywbem listener version.
"""
return _format("pywbem-listener/{0} {1} {2} ",
__version__, self.server_version, self.sys_version)
class CallbackThread(threading.Thread):
"""
Thread subclass with a stop() method.
The thread itself must check regularly for the stopped() event ( i.e. if
stop_event.is_set()) exit the thread code.
This subclass does not pass exceptions to the parent.
"""
def __init__(self, *args, **kwargs):
"""
Init with arguments for the thread
"""
super().__init__(*args, **kwargs)
self.stop_event = threading.Event()
def stop(self):
"""Set the thread stop_event. To tell thread to stop"""
self.stop_event.set()
def stopped(self):
"""Test for thread stop event set"""
return self.stop_event.is_set()
class ServerThread(threading.Thread):
"""
Thread subclass that passes exceptions from the thread back to the
calling thread when join executed.
"""
def __init__(self, *args, **kwargs):
"""
Init with arguments for the thread
"""
super().__init__(*args, **kwargs)
# Placeholder for possible exception.
self.exec = None
def run(self):
"""
Add try block to Thread run function
"""
try:
super().run()
except ListenerQueueFullError as e:
self.exec = e
def join(self, *args, **kwargs):
"""
Pass exception in self.exec to the calling thread.
"""
super().join(*args, **kwargs)
if self.exec:
raise self.exec
# pylint: disable=too-many-instance-attributes
[docs]
class WBEMListener:
"""
*New in pywbem 0.9 as experimental and finalized in 0.10.*
A WBEM listener.
The listener supports starting and stopping threads that listen for
CIM-XML ExportIndication messages using HTTP and/or HTTPS, and that pass
any received indications on to registered callback functions.
The listener must be stopped in order to free the TCP/IP port it listens
on. Using this class as a context manager ensures that the listener is
stopped when leaving the context manager scope.
The listener validates the syntax of the received CIM instance but does not
validate the values of received the MESSAGE_ID or SEQUENCE_NUMBER of
incoming indications. Therefore, it does not know if any indications are
missing from a sequence. The callback function must do any such
processing., etc. that confirms if indications are in the proper sequence
and none were lost.
"""
def __init__(self, host, http_port=None, https_port=None,
certfile=None, keyfile=None, max_ind_queue_size=0):
"""
Parameters:
host (:term:`string`):
IP address or host name to which this listener is bound (i.e. at
which this listener can be reached). If a listener is bound to a
particular IP address it will only receive indications addressed to
that IP address (or to any IP address on the network interface
containing that address) depending on the OS.
Network wildcard addressing enables receiving indications from
all IP addresses on the system by binding the listener to certain
special addresses. The IPV4 wildcard IP address is "0.0.0.0"
and the IPV6 wild card IP address is "::".
Setting the host parameter to an empty string (i.e. "") is
equivalent to using at least the IPV4 wildcard address.
http_port (:term:`string` or :term:`integer`):
HTTP port at which this listener can be reached. At
least one port (HTTP or HTTPS) must be set. Both the http and
https ports can be set.
`None` means not to set up a port for HTTP.
https_port (:term:`string` or :term:`integer`):
HTTPS port at which this listener can be reached.
`None` means not to set up a port for HTTPS.
certfile (:term:`string`):
File path of certificate file to be used as server certificate
during SSL/TLS handshake when creating the secure HTTPS connection.
It is valid for the certificate file to contain a private key; the
server certificate sent during SSL/TLS handshake is sent without
the private key.
`None` means not to use a server certificate file. Setting up a port
for HTTPS requires specifying a certificate file.
keyfile (:term:`string`):
File path of private key file to be used by the server during
SSL/TLS handshake when creating the secure HTTPS connection.
It is valid to specify a certificate file that contains a private
key.
`None` means not to use a private key file. Setting up a port
for HTTPS requires specifying a private key file.
max_ind_queue_size (:term:`integer`):
A positive integer which defines the maximum number of the received
indications that can be in the received indication queue. If the
queue of received indications reaches this size, the queue is
blocked and the :exc:`~pywbem.ConnectionError` is raised.
The default is 0 which disables the test for queue full.
If set, this should be a large number since the goal is to stop
receiving indications on the connection and may result in an
indication receive failure on the WBEM server indication export
function.
Raises:
:exc:`pywbem.ListenerQueueFullError`: if number of
indications in the listener queue exceeds max_ind_queue_size.
TypeError: port, max_ind_queue_size arguments invalid type.
ValueError: No connection port specified, max_ind_queue_size
invalid integer.
"""
self._host = host
if isinstance(http_port, int):
self._http_port = int(http_port) # Convert Python 2 long to int
elif isinstance(http_port, str):
self._http_port = int(http_port)
elif http_port is None:
self._http_port = http_port
else:
raise TypeError(
_format("Invalid type for http_port: {0}", type(http_port)))
if isinstance(https_port, int):
self._https_port = int(https_port) # Convert Python 2 long to int
elif isinstance(https_port, str):
self._https_port = int(https_port)
elif https_port is None:
self._https_port = https_port
else:
raise TypeError(
_format("Invalid type for https_port: {0}", type(https_port)))
if self._https_port is not None:
if certfile is None:
raise ValueError("https_port requires certfile")
self._certfile = certfile
if keyfile is None:
raise ValueError("https_port requires keyfile")
self._keyfile = keyfile
else:
self._certfile = None
self._keyfile = None
if self._http_port is None and self._https_port is None:
raise ValueError("Listener requires at least one active port")
self._http_server = None # ThreadedHTTPServer for HTTP
self._http_thread = None # Thread for HTTP
self._https_server = None # ThreadedHTTPServer for HTTPS
self._https_thread = None # Thread for HTTPS
self._logger = logging.getLogger(
_format("pywbem.listener.{0}", id(self)))
self._callbacks = [] # Registered callback functions
if not isinstance(max_ind_queue_size, int):
raise TypeError("max_ind_queue_size argument must be aninteger.")
if max_ind_queue_size < 0:
raise ValueError(
"max__ind_queue_size argument must be positive integer.")
self._max_ind_queue_size = max_ind_queue_size
# Define timeout in seconds for gets on ind_delivery_queue
# Causes wait after indication queue get if queue is empty.
# Choice of 2 seconds was arbitrary.
#
self.queue_get_timeout = 2
self.ind_delivery_queue = None
self.callback_thread = None
[docs]
def __str__(self):
"""
Return a representation of the :class:`~pywbem.WBEMListener` object
with a subset of its attributes.
"""
return _format(
"WBEMListener("
"_host={s._host!A}, "
"_http_port={s._http_port!A}, "
"_https_port={s._https_port!A}, "
"...)",
s=self)
[docs]
def __repr__(self):
"""
Return a representation of the :class:`~pywbem.WBEMListener` object
with all attributes, that is suitable for debugging.
"""
return _format(
"WBEMListener("
"_host={s._host!A}, "
"_http_port={s._http_port!A}, "
"_https_port={s._https_port!A}, "
"_certfile={s._certfile!A}, "
"_keyfile={s._keyfile!A}, "
"_logger={s._logger!A}, "
"_callbacks={s._callbacks!A})",
"_max_ind_queue_size={s._max_ind_queue_size!A})",
s=self)
[docs]
def __enter__(self):
"""
*New in pywbem 0.12.*
Enter method when the class is used as a context manager.
Returns the listener object.
"""
return self
[docs]
def __exit__(self, exc_type, exc_value, traceback):
"""
*New in pywbem 0.12.*
Exit method when the class is used as a context manager.
Stops the listener by calling :meth:`~pywbem.WBEMListener.stop`.
"""
self.stop()
return False # re-raise any exceptions
@property
def host(self):
"""
:term:`string`: IP address or host name to which this listener is
bound. If IP adress 0.0.0.0, this listener is not bound to a particular
IP address and accepts requests from any host on any network.
"""
return self._host
@property
def http_port(self):
"""
:term:`integer`: HTTP port at which this listener can be reached.
`None` means there is no port set up for HTTP.
"""
return self._http_port
@property
def https_port(self):
"""
:term:`integer`: HTTPS port at which this listener can be reached.
`None` means there is no port set up for HTTPS.
"""
return self._https_port
@property
def http_started(self):
"""
:class:`py:bool`: Boolean indicating whether the listener is started
for the HTTP port.
If no port is set up for HTTP, `False` is returned.
*New in pywbem 0.12.*
"""
return self._http_server is not None
@property
def https_started(self):
"""
:class:`py:bool`: Boolean indicating whether the listener is started
for the HTTPS port.
If no port is set up for HTTPS, `False` is returned.
*New in pywbem 0.12.*
"""
return self._https_server is not None
@property
def certfile(self):
"""
:term:`string`: File path of the certificate file used as server
certificate during SSL/TLS handshake when creating the secure HTTPS
connection.
`None` means there is no certificate file being used (that is, no port
is set up for HTTPS).
"""
return self._certfile
@property
def keyfile(self):
"""
:term:`string`: File path of the private key file used by the server
during SSL/TLS handshake when creating the secure HTTPS connection.
`None` means there is no certificate file being used (that is, no port
is set up for HTTPS).
"""
return self._keyfile
@property
def logger(self):
"""
:class:`py:logging.Logger`: Logger object for this listener.
Each listener object has its own separate logger object with the name:
`'pywbem.listener.{id}'`
where `{id}` is a unique string for each listener object.
Users of the listener should not look up the logger object by name, but
should use this property to get to it.
"""
return self._logger
@property
def max_ind_queue_size(self):
"""
Return a positive integer the maximum queue size. If this value is not
0, an exception will be generated when this queue size is reached. If
it is zero the exception is disabled.
"""
return self._max_ind_queue_size
[docs]
def ind_delivery_queue_empty(self):
"""
Return boolean True if the indication queue is empty. Otherwise return
False. This is available becasue the queue_size attribute only returns
an approximation.
"""
return self.ind_delivery_queue.empty()
[docs]
def queue_size(self):
"""
Return an integer with the approximate count of the number of
indications currently in the received indication queue for this
listener. """
return self.ind_delivery_queue.qsize()
[docs]
def start(self):
"""
Start the WBEM listener and callback threads, if they are not yet
running.
A interthread queue for holding indications recieved from a server
thread and a thread for delivering indications from the queue to the
callback functions are defined and the callback thread is started.
A thread serving CIM-XML over HTTP is started if an HTTP port was
specified for the listener. A thread serving CIM-XML over HTTPS is
started if an HTTPS port was specified for the listener.
These server threads will handle the ExportIndication export message
described in :term:`DSP0200` and they will pass each indication
received to the callback queue. A separate thread handles passing
received messages from this queue to the callback functions defined.
The listener must be stopped again in order to free the TCP/IP port it
listens on. The listener can be stopped explicitly using the
:meth:`~pywbem.WBEMListener.stop` method. The listener will be
automatically stopped when the main thread terminates (i.e. when the
Python process terminates), or when :class:`~pywbem.WBEMListener`
is used as a context manager when leaving its scope.
In case of HTTPS, the private key file and certificate file are used.
If the private key file is protected with a password, the password
will be prompted for using :func:`py:getpass.getpass`. If the password
is invalid, or if the private key file or certificate file are invalid,
:exc:`pywbem.ListenerCertificateError` is raised.
Raises:
:exc:`pywbem.ListenerCertificateError`: Error with the certificate
file or its private key file when using HTTPS.
:exc:`pywbem.ListenerPortError`: WBEM listener port is already
in use.
:exc:`pywbem.ListenerPromptError`: Error when prompting for the
password of the private key file when using HTTPS.
:exc:`py:OSError`: Other error
:exc:`py:IOError`: Other error (Python 2.7 only)
"""
assert not self.callback_thread
assert not self.ind_delivery_queue
# Create received indication inter_thread queue and set queue max size
# if max_ind_queue_size param is set
self.ind_delivery_queue = queue.Queue(
maxsize=self._max_ind_queue_size)
# Start callback thread
self.callback_thread = CallbackThread(
target=self.deliver_indications_forever,
args=(self.ind_delivery_queue,),
name='Callback',
daemon=True)
self.callback_thread.start()
self.logger.info("Callback thread started max_queue=%s",
self._max_ind_queue_size)
if self._http_port:
if not self._http_server:
self.logger.info("Starting threaded HTTP server on port %s",
self._http_port)
try:
server = ThreadedHTTPServer((self._host, self._http_port),
ListenerRequestHandler)
except OSError as exc:
self.stop_indication_delivery()
# Linux/macOS on py2: socket.error (derived from IOError);
# Linux/macOS on py3: OSError;
# Windows does not raise any exception if port is used
if getattr(exc, 'errno', None) == errno.EADDRINUSE:
new_exc = ListenerPortError(
f"WBEM listener port {self._http_port} is already "
"in use")
new_exc.__cause__ = None
raise new_exc # ListenerPortError
raise
# pylint: disable=attribute-defined-outside-init
server.listener = self
thread = ServerThread(target=server.serve_forever,
name='http',
daemon=True)
# Insure thread is stopped on main thread exit
self._http_server = server
self._http_thread = thread
thread.start()
self.logger.info("Started threaded HTTP server on port %s",
self._http_port)
else:
# Just in case someone changed self._http_port after init...
self._http_server = None
self._http_thread = None
if self._https_port:
if not self._https_server:
self.logger.info("Starting threaded HTTPS server on port %s",
self._https_port)
try:
server = ThreadedHTTPServer((self._host, self._https_port),
ListenerRequestHandler)
except OSError as exc:
self.stop_indication_delivery()
# Linux/macOS on py2: socket.error (derived from IOError);
# Linux/macOS on py3: OSError;
# Windows does not raise any exception if port is used
if getattr(exc, 'errno', None) == errno.EADDRINUSE:
new_exc = ListenerPortError(
f"WBEM listener port {self._https_port} is "
"already in use")
new_exc.__cause__ = None
raise new_exc # ListenerPortError
raise
# pylint: disable=attribute-defined-outside-init
server.listener = self
try:
try:
# PROTOCOL_TLS was introduced in Py 2.7.13
ssl_protocol = ssl.PROTOCOL_TLS
except AttributeError:
# Alias for PROTOCOL_TLS and deprecated in Py 2.7.13
ssl_protocol = ssl.PROTOCOL_SSLv23
# SSLContext was introduced in Python 2.7.9
ctx = ssl.SSLContext(ssl_protocol)
ctx.options |= ssl.OP_NO_SSLv2
ctx.options |= ssl.OP_NO_SSLv3
def password_prompt():
return keyfile_password_prompt(self._keyfile)
try:
ctx.load_cert_chain(
certfile=self._certfile,
keyfile=self._keyfile,
password=password_prompt)
except ssl.SSLError as exc:
# On Python 3, exc.errno is EBADF, but on Python 2 it
# is a number 336265225 that seems to occur for other
# people too but is not understood. Therefore, we do
# not check for errno here.
if exc.library == 'SSL' and 'PEM lib' in str(exc):
new_exc = ListenerCertificateError(
"Invalid password for key file, bad key file, "
"or bad certificate file. Original error: "
f"{exc}")
new_exc.__cause__ = None
raise new_exc # ListenerCertificateError
new_exc = ListenerCertificateError(
"SSL error when loading the certificate chain: "
f"errno={exc.errno}, library={exc.library}: {exc}")
new_exc.__cause__ = None
raise new_exc # ListenerCertificateError
except OSError as exc:
fn = _cert_key_file(self._certfile, self._keyfile)
new_exc = ListenerCertificateError(
f"Issue opening {fn}: {exc}")
new_exc.__cause__ = None
raise new_exc # ListenerCertificateError
server.socket = ctx.wrap_socket(
server.socket,
server_side=True)
except AttributeError:
# Fall back to deprecated ssl.wrap_socket() before Py 2.7.9
# pylint: disable=deprecated-method
server.socket = ssl.wrap_socket(
server.socket,
certfile=self._certfile,
keyfile=self._keyfile,
server_side=True)
thread = ServerThread(target=server.serve_forever,
name="https",
daemon=True)
self._https_server = server
self._https_thread = thread
thread.start()
self.logger.info("Started threaded HTTPS server on port %s",
self._https_port)
else:
# Just in case someone changed self._https_port after init...
self._https_server = None
self._https_thread = None
[docs]
def stop(self):
"""
Stop the WBEM listeners, the WBEM listener threads and callback thread,
if they are running.
"""
self.stop_servers()
self.stop_indication_delivery()
[docs]
def stop_indication_delivery(self, immediate=False):
"""
Stop the indication delivery thread and the queue and handle indications
in the queue.
If immediate is True, indications are cleared from the queue without
calling the callbacks.
If force is False, indications are forwarded to the callback until
the queue is empty before stopping delivery.
"""
# Callback thread could already be stopped by FullQueue exception.
if not self.callback_thread:
return
assert self.ind_delivery_queue
if not immediate:
# Wait for queue to empty through callbacks
while not self.ind_delivery_queue.empty():
self.logger.debug("Wait for delivery queue to empty")
sleep(0.1)
else:
# clear the queue immediatly
clr_count = 0
while not self.ind_delivery_queue.empty():
self.ind_delivery_queue.get(block=False, timeout=0)
clr_count += 1
self.ind_delivery_queue.task_done()
self.logger.debug(
"%s indications discarded from queue", clr_count)
self.logger.info("Stopping callback thread and queue")
self.callback_thread.stop()
self.callback_thread.join()
self.callback_thread = None
self.ind_delivery_queue = None
self.logger.info("Joined callback thread")
[docs]
def stop_servers(self):
"""
Stop the WBEM listener threads.
"""
# Stopping the server will cause its `serve_forever()` method
# to return, which will cause the server thread to terminate.
if self._http_server:
self.logger.info("Stopping threaded HTTP server")
self._http_server.shutdown()
self._http_server.server_close()
self._http_server = None
self._http_thread = None
self.logger.info("Stopped threaded HTTP server")
if self._https_server:
self.logger.info("Stopping threaded HTTPS server")
self._https_server.shutdown()
self._https_server.server_close()
self._https_server = None
self._https_thread = None
self.logger.info("Stopped threaded HTTPS server")
[docs]
def deliver_indications_forever(self, ind_queue):
"""
Deliver indications from delivery_queue to the defined consumer.
This function runs a loop in its own thread and only returns when the
stop_event is set.
It delivers indications as fast as the callbacks complete while
indications exist in the queue and waits for time defined by
self.queue_get_timeout for indications to arrive if
ind_delivery_queue is empty.
If stop_event.is_set() and the queue is emtpy it returns. This should
only happen if the listener is stopped.
"""
# Deliver queued indications until queue empty and stop_event set.
self.logger.debug("Started callback thread.")
while True:
try:
self.logger.debug(
"Get from queue. queue_size=%d", self.queue_size())
indication_tuple = ind_queue.get(
block=True,
timeout=self.queue_get_timeout)
self.deliver_indication_to_callbacks(indication_tuple[0],
indication_tuple[1])
# Marks this item done in queue.
# Really for delivering to multiple workers rather than
# this simple case of a single worker. However this
# keeps the queue clean.
ind_queue.task_done()
# If queue empty and stop event set break out of loop
except queue.Empty:
self.logger.debug("Queue empty exception received")
if self.callback_thread.stopped():
self.logger.debug("Queue empty exception. stop callback")
break
return
[docs]
def handle_indication(self, indication, host):
"""
Entry point from the listener server threads with a single indication.
Puts the indication in the received indication queue.
If the self.queue_full parameter is not 0, an exception will be
executed if the queue contains the number of indication defined by the
listener max_ind_queue_size parameter. This completely stops the
indication receive thread because this function does not return.
"""
try:
self.logger.debug("handle_indication rcvd indication queue put.")
# Do not block put to queue. It puts or raises the Full exception
self.ind_delivery_queue.put((indication, host), block=False)
self.logger.debug(
"Rcvd indication queue put done. queue_size #%s",
self.queue_size())
except queue.Full:
self.logger.debug(
"Rcvd indication queue full. ListenerQueueFullError Exception, "
"queue_size = #%s", self.queue_size)
new_exc = ListenerQueueFullError(
"Listener indiation delivery queue full, "
f"queue_size = {self.queue_size}. Closing listener.")
new_exc.__cause__ = None
raise new_exc # ListenerQueueFullError
[docs]
def deliver_indication_to_callbacks(self, indication, host):
"""
This function is called to deliver a single indication to all
registered callback functions. It is not supposed to be called
by the user.
It delivers the indication to all callback functions that have been
added to the listener.
If a callback function raises any exception this is logged as an error
using the listener logger and the next registered callback function is
called.
Parameters:
indication (:class:`~pywbem.CIMInstance`):
Representation of the CIM indication to be delivered.
host (:term:`string`):
Host name or IP address of WBEM server sending the indication.
"""
for callback in self._callbacks:
self.logger.debug("Calling indication delivery callback function "
"%r to deliver %r indication",
callback.__name__, indication.classname)
try:
callback(indication, host)
except Exception as exc: # pylint: disable=broad-except
self.logger.error("Indication delivery callback function "
"raised %s: %s", exc.__class__.__name__, exc)
self.logger.debug("Returned from indication delivery callback "
"function %r", callback.__name__)
[docs]
def add_callback(self, callback):
"""
Add a callback function to the listener.
The callback function will be called for each indication this listener
receives from any WBEM server.
If the callback function is already known to the listener, it will not
be added.
Multiple callback functions may be defined by repeating this function
with each callback function required.
All of the defined callbacks will be executed for each indication.
They will be executed serially in the order that they were added and
on the same thread.
The callback interface is defined in the callback_interface function.
Parameters:
callback (:func:`~pywbem.callback_interface`):
Callable that is being called for each CIM indication that is
received while the listener threads are running.
"""
if callback not in self._callbacks:
self._callbacks.append(callback)
[docs]
def callback_interface(indication, host):
# pylint: disable=unused-argument
"""
*New in pywbem 0.9 as experimental and finalized in 0.10.*
Interface of a callback function that is provided by the user of the API
and that will be called by the listener for each received CIM indication.
Parameters:
indication (:class:`~pywbem.CIMInstance`):
Representation of the CIM indication that has been received.
Its `path` attribute is `None`.
host (:term:`string`):
Host name or IP address of WBEM server sending the indication.
Raises:
Exception: If a callback function raises any exception this is logged
as an error using the listener logger and the next registered
callback function is called. The exception is not passed back from
the callback thread.
"""
raise NotImplementedError
def _cert_key_file(certfile, keyfile):
"Return a string for use in messages for the certificate or key files"
if certfile == keyfile or keyfile is None:
return f"certificate/key file {certfile}"
return f"certificate file {certfile} or key file {keyfile}"