tahoe-lafs/src/allmydata/protocol_switch.py

"""
Support for listening with both HTTPS and Foolscap on the same port.

The goal is to make the transition from Foolscap to HTTPS-based protocols as
simple as possible, with no extra configuration needed.  Listening on the same
port means a user upgrading Tahoe-LAFS will automatically get HTTPS working
with no additional changes.

Use ``create_foolscap_or_http_class()`` to create a new subclass per ``Tub``,
and then ``update_foolscap_or_http_class()`` to add the relevant information to
the subclass once it becomes available later in the configuration process.
"""

from twisted.internet.protocol import Protocol
from twisted.internet.interfaces import IDelayedCall
from twisted.internet.ssl import CertificateOptions, PrivateCertificate
from twisted.web.server import Site
from twisted.protocols.tls import TLSMemoryBIOFactory
from twisted.internet import reactor

from foolscap.negotiate import Negotiation

from .storage.http_server import HTTPServer
from .storage.server import StorageServer


class _PretendToBeNegotiation(type):
    """
    Metaclass that allows ``_FoolscapOrHttps`` to pretend to be a ``Negotiation``
    instance, since Foolscap has some ``assert isinstance(protocol,
    Negotiation`` checks.
    """

    def __instancecheck__(self, instance):
        return (instance.__class__ == self) or isinstance(instance, Negotiation)


class _FoolscapOrHttps(Protocol, metaclass=_PretendToBeNegotiation):
    """
    Based on initial query, decide whether we're talking Foolscap or HTTP.

    Additionally, pretends to be a ``foolscap.negotiate.Negotiation`` instance,
    since these are created by Foolscap's ``Tub``, by setting this to be the
    tub's ``negotiationClass``.

    Do not use directly; this needs to be subclassed per ``Tub``.
    """

    # These three will be set by a subclass in update_foolscap_or_http_class()
    # below.
    swissnum: bytes
    certificate: PrivateCertificate
    storage_server: StorageServer

    _timeout: IDelayedCall

    def __init__(self, *args, **kwargs):
        self._foolscap: Negotiation = Negotiation(*args, **kwargs)
        self._buffer: bytes = b""

    def __setattr__(self, name, value):
        if name in {"_foolscap", "_buffer", "transport", "__class__", "_timeout"}:
            object.__setattr__(self, name, value)
        else:
            setattr(self._foolscap, name, value)

    def __getattr__(self, name):
        return getattr(self._foolscap, name)

    def _convert_to_negotiation(self):
        """
        Convert self to a ``Negotiation`` instance.
        """
        self.__class__ = Negotiation  # type: ignore
        self.__dict__ = self._foolscap.__dict__

    def initClient(self, *args, **kwargs):
        # After creation, a Negotiation instance either has initClient() or
        # initServer() called. Since this is a client, we're never going to do
        # HTTP, so we can immediately become a Negotiation instance.
        assert not self._buffer
        self._convert_to_negotiation()
        return self.initClient(*args, **kwargs)

    def connectionMade(self):
        self._timeout = reactor.callLater(30, self.transport.abortConnection)

    def dataReceived(self, data: bytes) -> None:
        """Handle incoming data.

        Once we've decided which protocol we are, update self.__class__, at
        which point all methods will be called on the new class.
        """
        self._buffer += data
        if len(self._buffer) < 8:
            return

        # Check if it looks like a Foolscap request. If so, it can handle this
        # and later data, otherwise assume HTTPS.
        self._timeout.cancel()
        if self._buffer.startswith(b"GET /id/"):
            # We're a Foolscap Negotiation server protocol instance:
            transport = self.transport
            buf = self._buffer
            self._convert_to_negotiation()
            self.makeConnection(transport)
            self.dataReceived(buf)
            return
        else:
            # We're a HTTPS protocol instance, serving the storage protocol:
            certificate_options = CertificateOptions(
                privateKey=self.certificate.privateKey.original,
                certificate=self.certificate.original,
            )
            http_server = HTTPServer(self.storage_server, self.swissnum)
            factory = TLSMemoryBIOFactory(
                certificate_options, False, Site(http_server.get_resource())
            )
            assert self.transport is not None
            protocol = factory.buildProtocol(self.transport.getPeer())
            protocol.makeConnection(self.transport)
            protocol.dataReceived(self._buffer)
            self.__class__ = protocol.__class__
            self.__dict__ = protocol.__dict__


def create_foolscap_or_http_class():
    """
    Create a new Foolscap-or-HTTPS protocol class for a specific ``Tub``
    instance.
    """

    class FoolscapOrHttpWithCert(_FoolscapOrHttps):
        pass

    return FoolscapOrHttpWithCert


def update_foolscap_or_http_class(cls, certificate, storage_server, swissnum):
    """
    Add the various parameters needed by a ``Tub``-specific
    ``_FoolscapOrHttps`` subclass.
    """
    cls.certificate = certificate
    cls.storage_server = storage_server
    cls.swissnum = swissnum
Sketch of protocol switcher experiment. 2022-06-21 17:20:08 -04:00			`"""`
Better docs. 2022-06-30 14:21:21 -04:00			`Support for listening with both HTTPS and Foolscap on the same port.`

			`The goal is to make the transition from Foolscap to HTTPS-based protocols as`
			`simple as possible, with no extra configuration needed. Listening on the same`
			`port means a user upgrading Tahoe-LAFS will automatically get HTTPS working`
			`with no additional changes.`
Sketch of protocol switcher experiment. 2022-06-21 17:20:08 -04:00
Better docs. 2022-06-30 14:21:21 -04:00			Use ``create_foolscap_or_http_class()`` to create a new subclass per ``Tub``,
			and then ``update_foolscap_or_http_class()`` to add the relevant information to
			`the subclass once it becomes available later in the configuration process.`
			`"""`
Sketch of protocol switcher experiment. 2022-06-21 17:20:08 -04:00
			`from twisted.internet.protocol import Protocol`
Add a timeout. 2022-06-23 12:47:33 -04:00			`from twisted.internet.interfaces import IDelayedCall`
Fix some mypy warnings. 2022-06-23 12:41:47 -04:00			`from twisted.internet.ssl import CertificateOptions, PrivateCertificate`
Sketch of HTTP support, still untested WIP. 2022-06-22 14:19:29 -04:00			`from twisted.web.server import Site`
			`from twisted.protocols.tls import TLSMemoryBIOFactory`
Add a timeout. 2022-06-23 12:47:33 -04:00			`from twisted.internet import reactor`
Sketch of protocol switcher experiment. 2022-06-21 17:20:08 -04:00
			`from foolscap.negotiate import Negotiation`

Sketch of HTTP support, still untested WIP. 2022-06-22 14:19:29 -04:00			`from .storage.http_server import HTTPServer`
Add working HTTP support. 2022-06-23 07:59:43 -04:00			`from .storage.server import StorageServer`
Sketch of HTTP support, still untested WIP. 2022-06-22 14:19:29 -04:00
It actually works(?!) now. 2022-06-22 10:23:23 -04:00
Better docs. 2022-06-30 14:21:21 -04:00			`class _PretendToBeNegotiation(type):`
			`"""`
			Metaclass that allows ``_FoolscapOrHttps`` to pretend to be a ``Negotiation``
			instance, since Foolscap has some ``assert isinstance(protocol,
			Negotiation`` checks.
			`"""`
Sketch of protocol switcher experiment. 2022-06-21 17:20:08 -04:00
			`def __instancecheck__(self, instance):`
			`return (instance.__class__ == self) or isinstance(instance, Negotiation)`


Better docs. 2022-06-30 14:21:21 -04:00			`class _FoolscapOrHttps(Protocol, metaclass=_PretendToBeNegotiation):`
Sketch of protocol switcher experiment. 2022-06-21 17:20:08 -04:00			`"""`
			`Based on initial query, decide whether we're talking Foolscap or HTTP.`

Better docs. 2022-06-30 14:21:21 -04:00			Additionally, pretends to be a ``foolscap.negotiate.Negotiation`` instance,
			since these are created by Foolscap's ``Tub``, by setting this to be the
			tub's ``negotiationClass``.

			Do not use directly; this needs to be subclassed per ``Tub``.
Sketch of protocol switcher experiment. 2022-06-21 17:20:08 -04:00			`"""`
It actually works(?!) now. 2022-06-22 10:23:23 -04:00
More cleanups. 2022-06-23 12:43:46 -04:00			`# These three will be set by a subclass in update_foolscap_or_http_class()`
			`# below.`
Add working HTTP support. 2022-06-23 07:59:43 -04:00			`swissnum: bytes`
Fix some mypy warnings. 2022-06-23 12:41:47 -04:00			`certificate: PrivateCertificate`
Add working HTTP support. 2022-06-23 07:59:43 -04:00			`storage_server: StorageServer`

Add a timeout. 2022-06-23 12:47:33 -04:00			`_timeout: IDelayedCall`

Sketch of protocol switcher experiment. 2022-06-21 17:20:08 -04:00			`def __init__(self, args, *kwargs):`
Simplify implementation. 2022-06-23 12:41:01 -04:00			`self._foolscap: Negotiation = Negotiation(args, *kwargs)`
			`self._buffer: bytes = b""`
Sketch of protocol switcher experiment. 2022-06-21 17:20:08 -04:00
			`def __setattr__(self, name, value):`
Put the attribute on the correct object. 2022-06-23 12:49:07 -04:00			`if name in {"_foolscap", "_buffer", "transport", "__class__", "_timeout"}:`
Sketch of protocol switcher experiment. 2022-06-21 17:20:08 -04:00			`object.__setattr__(self, name, value)`
			`else:`
			`setattr(self._foolscap, name, value)`

			`def __getattr__(self, name):`
			`return getattr(self._foolscap, name)`

More cleanups. 2022-06-23 12:43:46 -04:00			`def _convert_to_negotiation(self):`
			`"""`
Make it more accurate. 2022-06-23 12:44:17 -04:00			Convert self to a ``Negotiation`` instance.
More cleanups. 2022-06-23 12:43:46 -04:00			`"""`
Delay Negotiation.connectionMade so we don't create unnecessary timeouts. 2022-06-23 12:32:43 -04:00			`self.__class__ = Negotiation # type: ignore`
			`self.__dict__ = self._foolscap.__dict__`
Sketch of protocol switcher experiment. 2022-06-21 17:20:08 -04:00
			`def initClient(self, args, *kwargs):`
It actually works(?!) now. 2022-06-22 10:23:23 -04:00			`# After creation, a Negotiation instance either has initClient() or`
More cleanups. 2022-06-23 12:43:46 -04:00			`# initServer() called. Since this is a client, we're never going to do`
			`# HTTP, so we can immediately become a Negotiation instance.`
Sketch of protocol switcher experiment. 2022-06-21 17:20:08 -04:00			`assert not self._buffer`
Delay Negotiation.connectionMade so we don't create unnecessary timeouts. 2022-06-23 12:32:43 -04:00			`self._convert_to_negotiation()`
It actually works(?!) now. 2022-06-22 10:23:23 -04:00			`return self.initClient(args, *kwargs)`
Sketch of protocol switcher experiment. 2022-06-21 17:20:08 -04:00
Add a timeout. 2022-06-23 12:47:33 -04:00			`def connectionMade(self):`
			`self._timeout = reactor.callLater(30, self.transport.abortConnection)`

Sketch of protocol switcher experiment. 2022-06-21 17:20:08 -04:00			`def dataReceived(self, data: bytes) -> None:`
Simplify implementation. 2022-06-23 12:41:01 -04:00			`"""Handle incoming data.`
Sketch of protocol switcher experiment. 2022-06-21 17:20:08 -04:00
Simplify implementation. 2022-06-23 12:41:01 -04:00			`Once we've decided which protocol we are, update self.__class__, at`
			`which point all methods will be called on the new class.`
			`"""`
Sketch of protocol switcher experiment. 2022-06-21 17:20:08 -04:00			`self._buffer += data`
			`if len(self._buffer) < 8:`
			`return`

It actually works(?!) now. 2022-06-22 10:23:23 -04:00			`# Check if it looks like a Foolscap request. If so, it can handle this`
Add a timeout. 2022-06-23 12:47:33 -04:00			`# and later data, otherwise assume HTTPS.`
			`self._timeout.cancel()`
Sketch of protocol switcher experiment. 2022-06-21 17:20:08 -04:00			`if self._buffer.startswith(b"GET /id/"):`
Clarifying comments. 2022-06-23 12:51:07 -04:00			`# We're a Foolscap Negotiation server protocol instance:`
More cleanups. 2022-06-23 12:43:46 -04:00			`transport = self.transport`
			`buf = self._buffer`
			`self._convert_to_negotiation()`
Delay Negotiation.connectionMade so we don't create unnecessary timeouts. 2022-06-23 12:32:43 -04:00			`self.makeConnection(transport)`
			`self.dataReceived(buf)`
			`return`
Sketch of protocol switcher experiment. 2022-06-21 17:20:08 -04:00			`else:`
Clarifying comments. 2022-06-23 12:51:07 -04:00			`# We're a HTTPS protocol instance, serving the storage protocol:`
Sketch of HTTP support, still untested WIP. 2022-06-22 14:19:29 -04:00			`certificate_options = CertificateOptions(`
			`privateKey=self.certificate.privateKey.original,`
			`certificate=self.certificate.original,`
			`)`
			`http_server = HTTPServer(self.storage_server, self.swissnum)`
			`factory = TLSMemoryBIOFactory(`
			`certificate_options, False, Site(http_server.get_resource())`
			`)`
Fix some mypy warnings. 2022-06-23 12:41:47 -04:00			`assert self.transport is not None`
Sketch of HTTP support, still untested WIP. 2022-06-22 14:19:29 -04:00			`protocol = factory.buildProtocol(self.transport.getPeer())`
			`protocol.makeConnection(self.transport)`
			`protocol.dataReceived(self._buffer)`
Simplify implementation. 2022-06-23 12:41:01 -04:00			`self.__class__ = protocol.__class__`
			`self.__dict__ = protocol.__dict__`
Sketch of protocol switcher experiment. 2022-06-21 17:20:08 -04:00
Add working HTTP support. 2022-06-23 07:59:43 -04:00
			`def create_foolscap_or_http_class():`
Better docs. 2022-06-30 14:21:21 -04:00			`"""`
			Create a new Foolscap-or-HTTPS protocol class for a specific ``Tub``
			`instance.`
			`"""`

			`class FoolscapOrHttpWithCert(_FoolscapOrHttps):`
Add working HTTP support. 2022-06-23 07:59:43 -04:00			`pass`

			`return FoolscapOrHttpWithCert`


			`def update_foolscap_or_http_class(cls, certificate, storage_server, swissnum):`
Better docs. 2022-06-30 14:21:21 -04:00			`"""`
			Add the various parameters needed by a ``Tub``-specific
			``_FoolscapOrHttps`` subclass.
			`"""`
Add working HTTP support. 2022-06-23 07:59:43 -04:00			`cls.certificate = certificate`
			`cls.storage_server = storage_server`
			`cls.swissnum = swissnum`