From d9ebe531ed0c66e06fd2d1d04fa317da287ec88d Mon Sep 17 00:00:00 2001
From: Mark Haines <mark.haines@matrix.org>
Date: Sun, 31 Aug 2014 16:06:39 +0100
Subject: Add config tree to synapse. Add support for reading config from a
 file

---
 synapse/app/homeserver.py | 89 ++++++++++-------------------------------------
 1 file changed, 18 insertions(+), 71 deletions(-)

(limited to 'synapse/app/homeserver.py')

diff --git a/synapse/app/homeserver.py b/synapse/app/homeserver.py
index 6d292ccf9a..f56dde846d 100755
--- a/synapse/app/homeserver.py
+++ b/synapse/app/homeserver.py
@@ -29,6 +29,7 @@ from synapse.http.client import TwistedHttpClient
 from synapse.api.urls import (
     CLIENT_PREFIX, FEDERATION_PREFIX, WEB_CLIENT_PREFIX, CONTENT_REPO_PREFIX
 )
+from synapse.config.homeserver import HomeServerConfig
 
 from daemonize import Daemonize
 import twisted.manhole.telnet
@@ -211,32 +212,7 @@ class SynapseHomeServer(HomeServer):
         logger.info("Synapse now listening on port %d", port)
 
 
-def setup_logging(verbosity=0, filename=None, config_path=None):
-    """ Sets up logging with verbosity levels.
 
-    Args:
-        verbosity: The verbosity level.
-        filename: Log to the given file rather than to the console.
-        config_path: Path to a python logging config file.
-    """
-
-    if config_path is None:
-        log_format = (
-            '%(asctime)s - %(name)s - %(lineno)d - %(levelname)s - %(message)s'
-        )
-
-        level = logging.INFO
-        if verbosity:
-            level = logging.DEBUG
-
-        # FIXME: we need a logging.WARN for a -q quiet option
-
-        logging.basicConfig(level=level, filename=filename, format=log_format)
-    else:
-        logging.config.fileConfig(config_path)
-
-    observer = PythonLoggingObserver()
-    observer.start()
 
 
 def run():
@@ -244,78 +220,49 @@ def run():
 
 
 def setup():
-    parser = argparse.ArgumentParser()
-    parser.add_argument("-p", "--port", dest="port", type=int, default=8080,
-                        help="The port to listen on.")
-    parser.add_argument("-d", "--database", dest="db", default="homeserver.db",
-                        help="The database name.")
-    parser.add_argument("-H", "--host", dest="host", default="localhost",
-                        help="The hostname of the server.")
-    parser.add_argument('-v', '--verbose', dest="verbose", action='count',
-                        help="The verbosity level.")
-    parser.add_argument('-f', '--log-file', dest="log_file", default=None,
-                        help="File to log to.")
-    parser.add_argument('--log-config', dest="log_config", default=None,
-                        help="Python logging config")
-    parser.add_argument('-D', '--daemonize', action='store_true',
-                        default=False, help="Daemonize the home server")
-    parser.add_argument('--pid-file', dest="pid", help="When running as a "
-                        "daemon, the file to store the pid in",
-                        default="hs.pid")
-    parser.add_argument("-W", "--webclient", dest="webclient", default=True,
-                        action="store_false", help="Don't host a web client.")
-    parser.add_argument("--manhole", dest="manhole", type=int, default=None,
-                        help="Turn on the twisted telnet manhole service.")
-    args = parser.parse_args()
-
-    verbosity = int(args.verbose) if args.verbose else None
-
-    # Because if/when we daemonize we change to root dir.
-    db_name = os.path.abspath(args.db)
-    log_file = args.log_file
-    if log_file:
-        log_file = os.path.abspath(log_file)
-
-    setup_logging(
+    config = HomeServerConfig.load_config("Synapse Homeserver", sys.argv[1:])
+
+    config.setup_logging(
         verbosity=verbosity,
         filename=log_file,
         config_path=args.log_config,
     )
 
-    logger.info("Server hostname: %s", args.host)
+    logger.info("Server hostname: %s", config.server_name)
 
-    if re.search(":[0-9]+$", args.host):
-        domain_with_port = args.host
+    if re.search(":[0-9]+$", config.server_name):
+        domain_with_port = config.server_name
     else:
-        domain_with_port = "%s:%s" % (args.host, args.port)
+        domain_with_port = "%s:%s" % (args.server_name, config.bind_port)
 
     hs = SynapseHomeServer(
-        args.host,
+        config.server_name,
         domain_with_port=domain_with_port,
         upload_dir=os.path.abspath("uploads"),
-        db_name=db_name,
+        db_name=config.database_path,
     )
 
     hs.register_servlets()
 
     hs.create_resource_tree(
-        web_client=args.webclient,
-        redirect_root_to_web_client=True)
-    hs.start_listening(args.port)
+        web_client=config.webclient,
+        redirect_root_to_web_client=True,
+    )
+    hs.start_listening(config.bind_port)
 
     hs.get_db_pool()
 
-    if args.manhole:
+    if config.manhole:
         f = twisted.manhole.telnet.ShellFactory()
         f.username = "matrix"
         f.password = "rabbithole"
         f.namespace['hs'] = hs
-        reactor.listenTCP(args.manhole, f, interface='127.0.0.1')
+        reactor.listenTCP(config.manhole, f, interface='127.0.0.1')
 
-    if args.daemonize:
+    if config.daemonize:
         daemon = Daemonize(
             app="synapse-homeserver",
-            pid=args.pid,
+            pid=config.pid_file,
             action=run,
             auto_close_fds=False,
             verbose=True,
-- 
cgit 1.4.1


From 9ea1de432dedf2130a036fc9eb9d0b8515a24fe8 Mon Sep 17 00:00:00 2001
From: Mark Haines <mark.haines@matrix.org>
Date: Mon, 1 Sep 2014 15:51:15 +0100
Subject: Fix homeserver config parsing

---
 demo/demo.tls.dh           |  9 +++++++++
 demo/start.sh              | 14 ++++++++++++--
 synapse/app/homeserver.py  | 22 +++++++++-------------
 synapse/config/_base.py    | 23 ++++++++++++++++++-----
 synapse/config/database.py |  5 +++--
 synapse/config/logger.py   | 14 +++++++-------
 synapse/config/server.py   | 11 ++++++-----
 synapse/config/tls.py      |  2 +-
 synapse/storage/keys.py    |  2 +-
 9 files changed, 66 insertions(+), 36 deletions(-)
 create mode 100644 demo/demo.tls.dh

(limited to 'synapse/app/homeserver.py')

diff --git a/demo/demo.tls.dh b/demo/demo.tls.dh
new file mode 100644
index 0000000000..cbc58272a0
--- /dev/null
+++ b/demo/demo.tls.dh
@@ -0,0 +1,9 @@
+2048-bit DH parameters taken from rfc3526
+-----BEGIN DH PARAMETERS-----
+MIIBCAKCAQEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb
+IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft
+awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT
+mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh
+fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq
+5RXSJhiY+gUQFXKOWoqsqmj//////////wIBAg==
+-----END DH PARAMETERS-----
diff --git a/demo/start.sh b/demo/start.sh
index 1e591aabb8..56a1344344 100755
--- a/demo/start.sh
+++ b/demo/start.sh
@@ -6,17 +6,27 @@ CWD=$(pwd)
 
 cd "$DIR/.."
 
+mkdir -p demo/etc
+
 for port in 8080 8081 8082; do
     echo "Starting server on port $port... "
 
     python -m synapse.app.homeserver \
+        --generate-config \
+        --config-path "demo/etc/$port.config" \
+        -H "localhost:$port" \
         -p "$port" \
         -H "localhost:$port" \
         -f "$DIR/$port.log" \
         -d "$DIR/$port.db" \
-        -vv \
         -D --pid-file "$DIR/$port.pid" \
-        --manhole $((port + 1000))
+        --manhole $((port + 1000)) \
+        --tls-dh-params-path "demo/demo.tls.dh"
+
+    python -m synapse.app.homeserver \
+        --config-path "demo/etc/$port.config" \
+        -vv \
+
 done
 
 echo "Starting webclient on port 8000..."
diff --git a/synapse/app/homeserver.py b/synapse/app/homeserver.py
index f56dde846d..124eee8c8d 100755
--- a/synapse/app/homeserver.py
+++ b/synapse/app/homeserver.py
@@ -20,7 +20,6 @@ from synapse.server import HomeServer
 
 from twisted.internet import reactor
 from twisted.enterprise import adbapi
-from twisted.python.log import PythonLoggingObserver
 from twisted.web.resource import Resource
 from twisted.web.static import File
 from twisted.web.server import Site
@@ -34,12 +33,11 @@ from synapse.config.homeserver import HomeServerConfig
 from daemonize import Daemonize
 import twisted.manhole.telnet
 
-import argparse
 import logging
-import logging.config
 import sqlite3
 import os
 import re
+import sys
 
 logger = logging.getLogger(__name__)
 
@@ -212,28 +210,25 @@ class SynapseHomeServer(HomeServer):
         logger.info("Synapse now listening on port %d", port)
 
 
-
-
-
 def run():
     reactor.run()
 
 
 def setup():
-    config = HomeServerConfig.load_config("Synapse Homeserver", sys.argv[1:])
-
-    config.setup_logging(
-        verbosity=verbosity,
-        filename=log_file,
-        config_path=args.log_config,
+    config = HomeServerConfig.load_config(
+        "Synapse Homeserver",
+        sys.argv[1:],
+        generate_section="Homeserver"
     )
 
+    config.setup_logging()
+
     logger.info("Server hostname: %s", config.server_name)
 
     if re.search(":[0-9]+$", config.server_name):
         domain_with_port = config.server_name
     else:
-        domain_with_port = "%s:%s" % (args.server_name, config.bind_port)
+        domain_with_port = "%s:%s" % (config.server_name, config.bind_port)
 
     hs = SynapseHomeServer(
         config.server_name,
@@ -260,6 +255,7 @@ def setup():
         reactor.listenTCP(config.manhole, f, interface='127.0.0.1')
 
     if config.daemonize:
+        print config.pid_file
         daemon = Daemonize(
             app="synapse-homeserver",
             pid=config.pid_file,
diff --git a/synapse/config/_base.py b/synapse/config/_base.py
index b4cf0262f4..78197e4a75 100644
--- a/synapse/config/_base.py
+++ b/synapse/config/_base.py
@@ -24,6 +24,10 @@ class Config(object):
     def __init__(self, args):
         pass
 
+    @staticmethod
+    def abspath(file_path):
+        return os.path.abspath(file_path) if file_path else file_path
+
     @staticmethod
     def read_file(file_path):
         with open(file_path) as file_stream:
@@ -54,9 +58,14 @@ class Config(object):
             metavar="CONFIG_FILE",
             help="Specify config file"
         )
+        config_parser.add_argument(
+            "--generate-config",
+            action="store_true",
+            help="Generate config file"
+        )
         config_args, remaining_args = config_parser.parse_known_args(argv)
 
-        if generate_section:
+        if config_args.generate_config:
             if not config_args.config_path:
                 config_parser.error(
                     "Must specify where to generate the config file"
@@ -64,6 +73,8 @@ class Config(object):
             config_dir_path = os.path.dirname(config_args.config_path)
             if os.path.exists(config_args.config_path):
                 defaults = cls.read_config_file(config_args.config_path)
+            else:
+                defaults = {}
         else:
             if config_args.config_path:
                 defaults = cls.read_config_file(config_args.config_path)
@@ -75,23 +86,25 @@ class Config(object):
             description=description,
             formatter_class=argparse.RawDescriptionHelpFormatter,
         )
+        cls.add_arguments(parser)
         parser.set_defaults(**defaults)
 
-
-        cls.add_arguments(parser)
         args = parser.parse_args(remaining_args)
 
-        if generate_section:
+        if config_args.generate_config:
             config_dir_path = os.path.dirname(config_args.config_path)
             config_dir_path = os.path.abspath(config_dir_path)
             cls.generate_config(args, config_dir_path)
             config = configparser.SafeConfigParser()
             config.add_section(generate_section)
             for key, value in vars(args).items():
-                if key != "config_path" and value is not None:
+                if (key not in set(["config_path", "generate_config"])
+                    and value is not None):
+                    print key, "=", value
                     config.set(generate_section, key, str(value))
             with open(config_args.config_path, "w") as config_file:
                 config.write(config_file)
+            sys.exit(0)
 
         return cls(args)
 
diff --git a/synapse/config/database.py b/synapse/config/database.py
index 43f54be437..edf2361914 100644
--- a/synapse/config/database.py
+++ b/synapse/config/database.py
@@ -18,14 +18,15 @@ import os
 
 class DatabaseConfig(Config):
     def __init__(self, args):
-        self.db_path = os.path.abspath(args.database_path)
+        super(DatabaseConfig, self).__init__(args)
+        self.database_path = self.abspath(args.database_path)
 
     @classmethod
     def add_arguments(cls, parser):
         super(DatabaseConfig, cls).add_arguments(parser)
         db_group = parser.add_argument_group("database")
         db_group.add_argument(
-            "-d", "--database", dest="database_path", default="homeserver.db",
+            "-d", "--database-path", default="homeserver.db",
             help="The database name."
         )
 
diff --git a/synapse/config/logger.py b/synapse/config/logger.py
index d34532c41a..8db6621ae8 100644
--- a/synapse/config/logger.py
+++ b/synapse/config/logger.py
@@ -18,13 +18,13 @@ from ._base import Config
 from twisted.python.log import PythonLoggingObserver
 import logging
 import logging.config
-import os
 
 class LoggingConfig(Config):
     def __init__(self, args):
+        super(LoggingConfig, self).__init__(args)
         self.verbosity = int(args.verbose) if args.verbose else None
-        self.log_config = os.path.abspath(args.log_config)
-        self.log_file = os.path.abspath(args.log_file)
+        self.log_config = self.abspath(args.log_config)
+        self.log_file = self.abspath(args.log_file)
 
     @classmethod
     def add_arguments(cls, parser):
@@ -47,21 +47,21 @@ class LoggingConfig(Config):
         log_format = (
             '%(asctime)s - %(name)s - %(lineno)d - %(levelname)s - %(message)s'
         )
-        if self.config_path is None:
+        if self.log_config is None:
 
             level = logging.INFO
-            if verbosity:
+            if self.verbosity:
                level = logging.DEBUG
 
                # FIXME: we need a logging.WARN for a -q quiet option
 
             logging.basicConfig(
                 level=level,
-                filename=filename,
+                filename=self.log_file,
                 format=log_format
             )
         else:
-            logging.config.fileConfig(config_path)
+            logging.config.fileConfig(self.log_config)
 
         observer = PythonLoggingObserver()
         observer.start()
diff --git a/synapse/config/server.py b/synapse/config/server.py
index 4a656b06ab..a3aceb521d 100644
--- a/synapse/config/server.py
+++ b/synapse/config/server.py
@@ -14,7 +14,6 @@
 # limitations under the License.
 
 import nacl.signing
-import socket
 import os
 from ._base import Config
 from syutil.base64util import encode_base64, decode_base64
@@ -28,7 +27,9 @@ class ServerConfig(Config):
         self.bind_port = args.bind_port
         self.bind_host = args.bind_host
         self.daemonize = args.daemonize
-        self.pid_file = os.path.abspath(args.pid_file)
+        self.pid_file = self.abspath(args.pid_file)
+        self.webclient = not args.no_webclient
+        self.manhole = args.manhole
 
     @classmethod
     def add_arguments(cls, parser):
@@ -44,11 +45,11 @@ class ServerConfig(Config):
                                   help="Local interface to listen on")
         server_group.add_argument("-D", "--daemonize", action='store_true',
                                   help="Daemonize the home server")
-        server_group.add_argument('--pid-file', default = "hs.pid",
+        server_group.add_argument('--pid-file', default="hs.pid",
                                   help="When running as a daemon, the file to"
                                   " store the pid in")
-        server_group.add_argument("-W", "--no-webclient", dest="webclient",
-                                  default=True, action="store_false",
+        server_group.add_argument("-W", "--no-webclient", default=True,
+                                  action="store_false",
                                   help="Don't host a web client.")
         server_group.add_argument("--manhole", dest="manhole", type=int,
                                   help="Turn on the twisted telnet manhole"
diff --git a/synapse/config/tls.py b/synapse/config/tls.py
index c65487ceb9..7a3d6e3a02 100644
--- a/synapse/config/tls.py
+++ b/synapse/config/tls.py
@@ -28,7 +28,7 @@ class TlsConfig(Config):
         self.tls_private_key = self.read_tls_private_key(
             args.tls_private_key_path
         )
-        self.tls_dh_params_path = args.tls_dh_params_path
+        self.tls_dh_params_path = self.abspath(args.tls_dh_params_path)
 
     @classmethod
     def add_arguments(cls, parser):
diff --git a/synapse/storage/keys.py b/synapse/storage/keys.py
index 6a5c992b8f..4d19b9f641 100644
--- a/synapse/storage/keys.py
+++ b/synapse/storage/keys.py
@@ -78,7 +78,7 @@ class KeyStore(SQLBaseStore):
             retcols=("tls_certificate",),
         )
         verification_key = nacl.signing.VerifyKey(verification_key_bytes)
-        defer.returnValue(verify_key)
+        defer.returnValue(verification_key)
 
     def store_server_verification_key(self, server_name, key_version,
                                       key_server, ts_now_ms, verification_key):
-- 
cgit 1.4.1


From ef6a8e4f323ea0e54e5738566a18f781a793c086 Mon Sep 17 00:00:00 2001
From: Mark Haines <mark.haines@matrix.org>
Date: Mon, 1 Sep 2014 16:30:43 +0100
Subject: Listen using SSL

---
 synapse/app/homeserver.py | 8 +++++++-
 synapse/config/server.py  | 2 +-
 2 files changed, 8 insertions(+), 2 deletions(-)

(limited to 'synapse/app/homeserver.py')

diff --git a/synapse/app/homeserver.py b/synapse/app/homeserver.py
index 124eee8c8d..20c10bac66 100755
--- a/synapse/app/homeserver.py
+++ b/synapse/app/homeserver.py
@@ -29,6 +29,7 @@ from synapse.api.urls import (
     CLIENT_PREFIX, FEDERATION_PREFIX, WEB_CLIENT_PREFIX, CONTENT_REPO_PREFIX
 )
 from synapse.config.homeserver import HomeServerConfig
+from synapse.crypto import context_factory
 
 from daemonize import Daemonize
 import twisted.manhole.telnet
@@ -206,7 +207,9 @@ class SynapseHomeServer(HomeServer):
         return "%s-%s" % (resource, path_seg)
 
     def start_listening(self, port):
-        reactor.listenTCP(port, Site(self.root_resource))
+        reactor.listenSSL(
+            port, Site(self.root_resource), self.tls_context_factory
+        )
         logger.info("Synapse now listening on port %d", port)
 
 
@@ -230,11 +233,14 @@ def setup():
     else:
         domain_with_port = "%s:%s" % (config.server_name, config.bind_port)
 
+    tls_context_factory = context_factory.ServerContextFactory(config)
+
     hs = SynapseHomeServer(
         config.server_name,
         domain_with_port=domain_with_port,
         upload_dir=os.path.abspath("uploads"),
         db_name=config.database_path,
+        tls_context_factory=tls_context_factory,
     )
 
     hs.register_servlets()
diff --git a/synapse/config/server.py b/synapse/config/server.py
index a3aceb521d..7e8ff6a703 100644
--- a/synapse/config/server.py
+++ b/synapse/config/server.py
@@ -28,7 +28,7 @@ class ServerConfig(Config):
         self.bind_host = args.bind_host
         self.daemonize = args.daemonize
         self.pid_file = self.abspath(args.pid_file)
-        self.webclient = not args.no_webclient
+        self.webclient = args.no_webclient
         self.manhole = args.manhole
 
     @classmethod
-- 
cgit 1.4.1


From a53946a8a185490c6569d9a7dc6ffc07c344e74a Mon Sep 17 00:00:00 2001
From: Mark Haines <mark.haines@matrix.org>
Date: Mon, 1 Sep 2014 18:30:00 +0100
Subject: Enable SSL for s2s http client

---
 synapse/app/homeserver.py | 2 +-
 synapse/http/client.py    | 8 ++++++--
 2 files changed, 7 insertions(+), 3 deletions(-)

(limited to 'synapse/app/homeserver.py')

diff --git a/synapse/app/homeserver.py b/synapse/app/homeserver.py
index 20c10bac66..44830e1325 100755
--- a/synapse/app/homeserver.py
+++ b/synapse/app/homeserver.py
@@ -62,7 +62,7 @@ SCHEMA_VERSION = 1
 class SynapseHomeServer(HomeServer):
 
     def build_http_client(self):
-        return TwistedHttpClient()
+        return TwistedHttpClient(self)
 
     def build_resource_for_client(self):
         return JsonResource()
diff --git a/synapse/http/client.py b/synapse/http/client.py
index 36ba2c6591..acc39742de 100644
--- a/synapse/http/client.py
+++ b/synapse/http/client.py
@@ -113,8 +113,9 @@ class TwistedHttpClient(HttpClient):
             requests.
     """
 
-    def __init__(self):
+    def __init__(self, hs):
         self.agent = MatrixHttpAgent(reactor)
+        self.hs = hs
 
     @defer.inlineCallbacks
     def put_json(self, destination, path, data):
@@ -177,7 +178,10 @@ class TwistedHttpClient(HttpClient):
         retries_left = 5
 
         # TODO: setup and pass in an ssl_context to enable TLS
-        endpoint = matrix_endpoint(reactor, destination, timeout=10)
+        endpoint = matrix_endpoint(
+            reactor, destination, timeout=10,
+            ssl_context_factory=self.hs.tls_tls_context_factory
+        )
 
         while True:
             try:
-- 
cgit 1.4.1