This repository has been archived by the owner on Dec 13, 2023. It is now read-only.
/
server.py
299 lines (281 loc) · 12.3 KB
/
server.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
import daemon
import errno
import functools
import lockfile
import logging
import logging.handlers
import grp
import optparse
import os
import pwd
import signal
import socket
import sys
import tornado.ioloop
from fakemtpd.better_lockfile import BetterLockfile
from fakemtpd.config import Config
from fakemtpd.connection import Connection
from fakemtpd.smtpsession import SMTPSession
from fakemtpd.signals import Signalable
class SMTPD(Signalable):
_signals = ('stop', 'hup', 'stop_user')
def __init__(self):
super(SMTPD, self).__init__()
self.connections = []
self.config = Config.instance()
self.uid = self.gid = None
def handle_opts(self):
parser = optparse.OptionParser()
parser.add_option(
'-c', '--config-path', action='store', default=None,
help='Path to a YAML configuration file (overridden by any conflicting args)')
parser.add_option(
'-p', '--port', dest='port', action='store', type=int, default=self.config.port,
help='Port to listen on (default %default)')
parser.add_option(
'-H', '--hostname', dest='hostname', action='store', default=self.config.hostname,
help='Hostname to report as (default %default)')
parser.add_option(
'-B', '--bind', dest='address', action='store', default=self.config.address,
help='Address to bind to (default "%default")')
parser.add_option(
'-v', '--verbose', action='count', default=self.config.verbose,
help='Be more verbose')
parser.add_option(
'--tls-cert', action='store', default=self.config.tls_cert,
help='Certificate to use for TLS')
parser.add_option(
'--tls-key', action='store', default=self.config.tls_key,
help='Key to use for TLS')
parser.add_option(
'--gen-config', action='store_true', default=False,
help='Print out a config file with all parameters')
parser.add_option(
'--smtp-ver', action='store', type='choice', choices=self.config.smtp_versions, default=self.config.smtp_ver,
help='SMTP version (one of (%s)), default %s' % (','.join(self.config.smtp_versions), self.config.smtp_ver))
parser.add_option(
'-d', '--daemonize', action='store_true', default=self.config.daemonize,
help='Damonize (must also specify a pid_file)')
parser.add_option(
'--pid-file', action='store', default=self.config.pid_file,
help='PID File')
parser.add_option(
'--logging-method', type='choice', action='store', default=self.config.logging_method,
choices=self.config.logging_methods,
help="Logging method, must be one of (%s), default %s" % (','.join(self.config.logging_methods), self.config.logging_method))
parser.add_option(
'--log-file', action='store', default=self.config.log_file,
help="File to write logs to (only valid if logging method is 'file')")
parser.add_option(
'--syslog-domain-socket', action='store', default=self.config.syslog_domain_socket,
help="Syslog domain socket to write to (default %default, overrides syslog host if provided)")
parser.add_option(
'--syslog-host', action='store', default=self.config.syslog_host,
help="Syslog host to write to (default %default, only valid if logging method is 'syslog')")
parser.add_option(
'--syslog-port', type=int, action='store', default=self.config.syslog_port,
help="Syslog port to write to (default %default, only valid of logging method is 'syslog')")
(opts, _) = parser.parse_args()
return opts
def die(self, message):
print >>sys.stderr, message
sys.exit(1)
def get_uid_gid(self):
uid = None
gid = None
if self.config.group:
try:
data = grp.getgrnam(self.config.group)
gid = data.gr_gid
except KeyError:
self.die('Group %s not found, unable to drop privs, aborting' % self.config.group)
if self.config.user:
try:
data = pwd.getpwnam(self.config.user)
uid = data.pw_uid
except KeyError:
self.die('User %s not found, unable to drop privs, aborting' % self.config.user)
return (uid, gid)
def maybe_drop_privs(self, add_signals=True):
did_something = False
if self.config.group and self.gid:
os.setegid(self.gid)
did_something = True
if self.config.user and self.uid:
os.seteuid(self.uid)
did_something = True
if did_something and add_signals:
self.on_stop(self._restore_privs)
elif add_signals:
self.on_stop(self._signal_stop_user)
def _restore_privs(self):
if self.config.group:
os.setegid(os.getgid())
if self.config.user:
os.seteuid(os.getuid())
self._signal_stop_user()
def bind(self):
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM, 0)
sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
sock.setblocking(0)
sock.bind((self.config.address, self.config.port))
sock.listen(128)
return sock
def create_loop(self, sock):
io_loop = tornado.ioloop.IOLoop.instance()
new_connection_handler = functools.partial(self.connection_ready, io_loop, sock)
io_loop.add_handler(sock.fileno(), new_connection_handler, io_loop.READ)
return io_loop
def connection_ready(self, io_loop, sock, fd, events):
while True:
try:
connection, address = sock.accept()
except socket.error, e:
if e[0] not in (errno.EWOULDBLOCK, errno.EAGAIN):
raise
return
c = Connection(io_loop, self.config.timeout)
s = SMTPSession(c)
logging.debug("new connection")
c.connect(connection, address)
self.connections.append(s)
c.on_closed(lambda: self.connections.remove(s) if s in self.connections else None)
def run(self, handle_opts=True):
if handle_opts:
opts = self.handle_opts()
errors = self.config.merge_opts(opts)
if errors:
if errors:
self.die(errors)
if opts.gen_config:
self.config.write()
sys.exit(0)
if opts.config_path:
errors = self.config.read_file(opts.config_path)
if errors:
self.die(errors)
(uid, gid) = self.get_uid_gid()
self.uid = uid
self.gid = gid
if self.config.logging_method == 'file':
self._check_create_log_file(uid, gid)
try:
self.log_file = open(self.config.log_file, 'a')
self.on_stop(lambda: self.log_file.flush())
self.on_stop(lambda: self.log_file.close())
self.on_hup(lambda: self._reopen_log_files())
except IOError:
self.die("Could not access log file %s" % self.config.log_file)
self._log_fmt = '\t'.join((
'fakemtpd',
'%(asctime)s',
socket.gethostname(),
'%(process)s',
'%(name)s',
'%(levelname)s',
'%(message)s'))
else:
self.log_file = None
if self.config.logging_method == 'syslog':
self._log_fmt = 'fakemtpd[%(process)d]: %(message)s'
else:
self._log_fmt = '\t'.join((
'fakemtpd',
'%(asctime)s',
socket.gethostname(),
'%(process)s',
'%(name)s',
'%(levelname)s',
'%(message)s'))
if self.config.pid_file:
pidfile = BetterLockfile(os.path.realpath(self.config.pid_file))
try:
pidfile.acquire()
except lockfile.AlreadyLocked:
self.die("%s is already locked; another instance running?" % self.config.pid_file)
pidfile.release()
else:
pidfile = None
# Do this before daemonizing so that the user can see any errors
# that may occur
sock = self.bind()
self.config.merge_sock(sock)
if self.config.daemonize:
d = daemon.DaemonContext(files_preserve=[pidfile.file, self.log_file, sock], pidfile=pidfile, stdout=self.log_file, stderr=self.log_file)
self.on_stop_user(d.close)
d.open()
elif self.config.log_file:
os.dup2(self.log_file.fileno(), sys.stdout.fileno())
os.dup2(self.log_file.fileno(), sys.stderr.fileno())
if self.config.pid_file:
self.on_stop_user(pidfile.destroy)
signal.signal(signal.SIGINT, lambda signum, frame: self._signal_stop())
signal.signal(signal.SIGTERM, lambda signum, frame: self._signal_stop())
signal.signal(signal.SIGHUP, lambda signum, frame: self._signal_hup())
# This needs to happen after daemonization
self._setup_logging()
logging.info("Bound on port %d", self.config.port)
if pidfile:
print >>pidfile.file, os.getpid()
pidfile.file.flush()
io_loop = self.create_loop(sock)
self.maybe_drop_privs()
self.on_stop(io_loop.stop)
logging.getLogger().handlers[0].flush()
self._start(io_loop)
def _check_create_log_file(self, uid, gid):
"""Create the log file if necessary, and give it the right owner"""
if not os.path.exists(self.config.log_file):
if not os.path.exists(os.path.realpath(os.path.dirname(self.config.log_file))):
self.die("[setting up logging] No such directory '%s'" % os.path.realpath(os.path.dirname(self.config.log_file)))
try:
f = open(self.config.log_file, "w")
if uid:
os.fchown(f.fileno(), uid, -1)
if gid:
os.fchown(f.fileno(), -1, gid)
f.close()
except IOError:
self.die("Cannot create file %s" % self.config.log_file)
@property
def _log_level(self):
if self.config.verbose >= 2:
level = logging.DEBUG
elif self.config.verbose >= 1:
level = logging.INFO
else:
level = logging.WARN
return level
def _setup_logging(self):
logging.getLogger().setLevel(self._log_level)
logging.getLogger().handlers = []
if self.config.logging_method == 'file':
logging.basicConfig(filename=self.config.log_file, format=self._log_fmt, level=self._log_level)
elif self.config.logging_method == 'syslog':
facility = logging.handlers.SysLogHandler.LOG_MAIL
if self.config.syslog_domain_socket:
syslog_handler = logging.handlers.SysLogHandler(self.config.syslog_connection, facility=facility)
else:
syslog_handler = logging.handlers.SysLogHandler(self.config.syslog_connection, facility=facility)
syslog_handler.setLevel(self._log_level)
syslog_handler.setFormatter(logging.Formatter(self._log_fmt))
logging.getLogger().addHandler(syslog_handler)
else:
logging.basicConfig(stream=sys.stderr, format=self._log_fmt, level=self._log_level)
def _reopen_log_files(self):
"""Handle a HUP to reload logging"""
if self.config.log_file:
logging.warn("re-opening log files")
self._restore_privs()
logging.getLogger().handlers = []
logging.basicConfig(filename=self.config.log_file, format=self._log_fmt, level=self._log_level)
self.log_file.close()
self.log_file = open(self.config.log_file, 'a')
os.dup2(self.log_file.fileno(), sys.stdout.fileno())
os.dup2(self.log_file.fileno(), sys.stderr.fileno())
self.maybe_drop_privs(add_signals=False)
def _start(self, io_loop):
"""Broken out so I can mock this in the tests better"""
io_loop.start()
logging.warn("Shutting down")
logging.shutdown()