Merge pull request #445 from certtools/stomp

initial version of the STOMP output bot
certtools · Feb 9, 2016 · 591ab59 · 591ab59
2 parents b135fd4 + 2d4622a
commit 591ab59
Show file tree

Hide file tree

Showing 7 changed files with 110 additions and 0 deletions.
diff --git a/.gitignore b/.gitignore
@@ -15,3 +15,5 @@ dist
 .coverage
 .idea/
 htmlcov/
+*.pem
+*.key
diff --git a/intelmq/bots/outputs/stomp/README.md b/intelmq/bots/outputs/stomp/README.md
@@ -0,0 +1,33 @@
+# intelmq stomp output
+
+This collector will push data to any STOMP stream.
+STOMP stands for Streaming Text Oriented Messaging Protocol. See: https://en.wikipedia.org/wiki/Streaming_Text_Oriented_Messaging_Protocol
+
+
+For the sake of explanations, we will use the N6 (n6.cert.pl) server as an example.
+
+# Installation
+
+  1. Install the stomp.py library from pip: `# pip install stomp.py`
+  2. First please check if the CA certificate in this repository is still current for n6steam.cert.pl. If not, let us know.
+  3. You will need a client certificate from the organisation / server you are connecting to. Also you will need a so called "exchange point".
+     In our example (n6.cert.pl) , you need to request a client certificate from CERT.pl: http://n6.cert.pl/jak.php. 
+  4. save the client certificate in a suitable location (for example `/opt/intelmq/etc/client.pem`,  `/opt/intelmq/etc/client.key`)
+  5. Edit your `runtime.conf` and add the location of your client certificates & key and the CA certificate. Also set the exchange point in 
+     your runtime.conf.
+  6. test your system:
+
+```
+% sudo -Eu intelmq python -m intelmq.bots.outputs.stomp.output stomp-output
+on_connecting n6stream.cert.pl 61614
+on_send STOMP {'accept-version': '1.1', 'heart-beat': '60000,60000'}
+on_connected {'session': 'session-$randomstring', 'version': '1.1', 'server': 'RabbitMQ/3.5.4', 'heart-beat': '60000,60000'}
+```
+
+Please confirm with your STOMP connection partner that he/she receives your STOMP frames (messages).
+
+NOTE: this bot does **NOT** do any re-formatting, transcoding, mapping of formats etc. It sends plain intelmq messages via the STOMP protocol
+inside the body content.
+
+
+
diff --git a/intelmq/bots/outputs/stomp/REQUIREMENTS.txt b/intelmq/bots/outputs/stomp/REQUIREMENTS.txt
@@ -0,0 +1 @@
+stomp>=4.1.8
diff --git a/intelmq/bots/outputs/stomp/__init__.py b/intelmq/bots/outputs/stomp/__init__.py
diff --git a/intelmq/bots/outputs/stomp/output.py b/intelmq/bots/outputs/stomp/output.py
@@ -0,0 +1,70 @@
+# -*- coding: utf-8 -*-
+
+from __future__ import unicode_literals
+
+import os.path
+import sys
+
+from intelmq.lib.bot import Bot
+from intelmq.lib.message import MessageFactory
+
+import stomp
+
+
+class stompOutputBot(Bot):
+    """ main class for the STOMP protocol output bot """
+
+    def init(self):
+        self.server = getattr(self.parameters, 'server', '127.0.0.1')
+        self.port = getattr(self.parameters, 'port', 61614)
+        self.exchange = getattr(self.parameters, 'exchange', '/exchange/_push')
+        self.heartbeat = getattr(self.parameters, 'heartbeat', 60000)
+        self.ssl_ca_cert = getattr(self.parameters, 'ssl_ca_certificate',
+                                   'ca.pem')
+        self.ssl_cl_cert = getattr(self.parameters, 'ssl_client_certificate',
+                                   'client.pem')
+        self.ssl_cl_cert_key = getattr(self.parameters,
+                                       'ssl_client_certificate_key',
+                                       'client.key')
+        self.http_verify_cert = getattr(self.parameters,
+                                        'http_verify_cert', True)
+
+        # check if certificates exist
+        for f in [self.ssl_ca_cert, self.ssl_cl_cert, self.ssl_cl_cert_key]:
+            if not os.path.isfile(f):
+                raise ValueError("Could not open SSL (certificate) file '%s'." % f)
+
+        _host = [(self.server, self.port)]
+        self.conn = stomp.Connection(host_and_ports=_host, use_ssl=True,
+                                     ssl_key_file=self.ssl_cl_cert_key,
+                                     ssl_cert_file=self.ssl_cl_cert,
+                                     ssl_ca_certs=self.ssl_ca_cert,
+                                     wait_on_receipt=True,
+                                     heartbeats=(self.heartbeat,
+                                                 self.heartbeat))
+
+        # based on the documentation at:
+        # https://github.com/jasonrbriggs/stomp.py/wiki/Simple-Example
+        self.conn.start()
+        self.conn.connect(wait=False)
+
+    def disconnect(self):
+        self.conn.disconnect()
+
+    def process(self):
+        message = self.receive_message()
+
+        if message is None:
+            self.acknowledge_message()
+            return
+
+        if message:
+            message = MessageFactory.serialize(message)
+            self.logger.info(message)
+
+        self.conn.send(body=message, destination=self.exchange)
+
+
+if __name__ == "__main__":
+    bot = stompOutputBot(sys.argv[1])
+    bot.start()
diff --git a/intelmq/tests/bots/outputs/stomp/__init__.py b/intelmq/tests/bots/outputs/stomp/__init__.py
diff --git a/intelmq/tests/bots/outputs/stomp/test_output.py b/intelmq/tests/bots/outputs/stomp/test_output.py
@@ -0,0 +1,4 @@
+# -*- coding: utf-8 -*-
+from __future__ import unicode_literals
+
+import intelmq.bots.outputs.stomp.output