confluent/confluent/sockapi.py

# Copyright 2013 IBM Corporation
# ALl rights reserved

# This is the socket api layer.
# It implement unix and tls sockets
# 
# TODO: SO_PEERCRED for unix socket
import confluent.auth as auth
import confluent.common.tlvdata as tlvdata
import confluent.consoleserver as consoleserver
import confluent.config.configmanager as configmanager
import confluent.exceptions as exc
import confluent.messages
import confluent.pluginapi as pluginapi
import eventlet.green.socket as socket
import eventlet.green.ssl as ssl
import eventlet
import json
import os
import pwd
import stat
import struct

SO_PEERCRED = 17

class ClientConsole(object):
    def __init__(self, client):
        self.client = client
        self.xmit = False
        self.pendingdata = ""

    def sendall(self, data):
        if not self.xmit:
            self.pendingdata += data
            return
        tlvdata.send(self.client, data)

    def startsending(self):
        self.xmit = True
        if self.pendingdata != "":
            tlvdata.send(self.client, self.pendingdata)
        self.pendingdata = None


def sessionhdl(connection, authname):
    # For now, trying to test the console stuff, so let's just do n4.
    authenticated = False
    authdata = None
    if authname and isinstance(authname, bool):
        authenticated = True
        cfm = configmanager.ConfigManager(tenant=None)
    elif authname:
        authdata = auth.authorize(authname, element=None)
        if authdata is not None:
            cfm = authdata[1]
            authenticated = True
    tlvdata.send(connection,"Confluent -- v0 --")
    while not authenticated:  # prompt for name and passphrase
        tlvdata.send(connection, {'authpassed': 0})
        response = tlvdata.recv(connection)
        username = response['username']
        passphrase = response['passphrase']
        # note(jbjohnso): here, we need to authenticate, but not
        # authorize a user.  When authorization starts understanding
        # element path, that authorization will need to be called
        # per request the user makes
        authdata = auth.check_user_passphrase(username, passphrase)
        if authdata is not None:
            authenticated = True
            cfm = authdata[1]
    tlvdata.send(connection, {'authpassed': 1})
    request = tlvdata.recv(connection)
    while request is not None:
        try:
            process_request(connection, request, cfm, authdata)
        except:
            import traceback
            traceback.print_exc()
            tlvdata.send(connection, {'errorcode': 500,
                                  'error': 'Unexpected error'})
            tlvdata.send(connection, {'_requestdone': 1})
        request = tlvdata.recv(connection)


def send_response(responses, connection):
    if responses is None:
        return
    for rsp in responses:
        tlvdata.send(connection, rsp.raw())
    tlvdata.send(connection, {'_requestdone': 1})


def process_request(connection, request, cfm, authdata):
    #TODO(jbjohnso): authorize each request
    if type(request) == dict:
        operation = request['operation']
        path = request['path']
        params = request.get('parameters', None)
        hdlr = None
        try:
            if operation == 'start':
                elems = path.split('/')
                if elems[3] != "console":
                    raise exc.InvalidArgumentException()
                node = elems[2]
                ccons = ClientConsole(connection)
                consession = consoleserver.ConsoleSession(
                    node=node, configmanager=cfm, datacallback=ccons.sendall)
                if consession is None:
                    raise Exception("TODO")
                tlvdata.send(connection, {'started': 1})
                ccons.startsending()
                while consession is not None:
                    data = tlvdata.recv(connection)
                    if type(data) == dict:
                        if data['operation'] == 'stop':
                            consession.destroy()
                            return
                        else:
                            raise Exception("TODO")
                    if not data:
                        consession.destroy()
                        return
                    consession.write(data)
            else:
                hdlr = pluginapi.handle_path(path, operation, cfm, params)
        except exc.NotFoundException:
            tlvdata.send(connection, {"errorcode": 404,
                                 "error": "Target not found"})
            tlvdata.send(connection, {"_requestdone": 1})
        except exc.InvalidArgumentException:
            tlvdata.send(connection, {"errorcode": 400,
                                 "error": "Bad Request"})
            tlvdata.send(connection, {"_requestdone": 1})
        send_response(hdlr, connection)
    return


def _tlshandler():
    plainsocket = socket.socket()
    plainsocket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
    plainsocket.setsockopt(socket.IPPROTO_TCP, socket.TCP_NODELAY, 1)
    srv = ssl.wrap_socket(plainsocket, keyfile="/etc/confluent/privkey.pem",
                    certfile="/etc/confluent/srvcert.pem",
                    ssl_version=ssl.PROTOCOL_TLSv1,
                    server_side=True)
    srv.bind(('0.0.0.0', 4001))
    srv.listen(5)
    authname = None
    while (1):  # TODO: exithook
        cnn, addr = srv.accept()
        eventlet.spawn_n(sessionhdl, cnn, authname)


def _unixdomainhandler():
    unixsocket = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM)
    try:
        os.remove("/var/run/confluent/api.sock")
    except OSError:  # if file does not exist, no big deal
        pass
    unixsocket.bind("/var/run/confluent/api.sock")
    os.chmod("/var/run/confluent/api.sock",
             stat.S_IWOTH | stat.S_IROTH | stat.S_IWGRP |
             stat.S_IRGRP | stat.S_IWUSR | stat.S_IRUSR)
    unixsocket.listen(5)
    while (1):
        cnn, addr = unixsocket.accept()
        creds = cnn.getsockopt(socket.SOL_SOCKET, SO_PEERCRED,
                                struct.calcsize('3i'))
        pid, uid, gid = struct.unpack('3i',creds)
        if uid in (os.getuid(), 0):
            #this is where we happily accept the person
            #to do whatever.  This allows the server to
            #start with no configuration whatsoever
            #and yet still be configurable by some means
            authname = True
        else:
            try:
                authname = pwd.getpwuid(uid).pw_name
            except KeyError:
                cnn.close()
                return
        eventlet.spawn_n(sessionhdl, cnn, authname)


class SockApi(object):
    def start(self):
        self.tlsserver = eventlet.spawn(_tlshandler)
        self.unixdomainserver = eventlet.spawn(_unixdomainhandler)
Create a test socket api layer 2013-09-14 11:08:48 -04:00			`# Copyright 2013 IBM Corporation`
			`# ALl rights reserved`

			`# This is the socket api layer.`
			`# It implement unix and tls sockets`
-Have master console multiplexer not crash because a handler would have crashed -Have sockapi remove console session handler on client disconnect 2013-10-10 14:17:08 -04:00			`#`
Create a test socket api layer 2013-09-14 11:08:48 -04:00			`# TODO: SO_PEERCRED for unix socket`
Advance state of the socket interface Properly implement authentication and switch the protocol over to the tlv based protocol. Abandon all thought of the socket being directly accessible. Any CLI semantics will be in confetty and an appliance wishing to expose that CLI directly should use standard ssh stuff with a shell of confetty. The unix domain authentication support makes this feasible (requires user creation push name into confluent repository at the moment..) 2014-02-09 10:43:26 -05:00			`import confluent.auth as auth`
			`import confluent.common.tlvdata as tlvdata`
Renome current console to consoleserver and refactor 2013-11-02 13:25:56 -04:00			`import confluent.consoleserver as consoleserver`
Refactor configuration code into a distinct location 2013-11-02 16:58:38 -04:00			`import confluent.config.configmanager as configmanager`
Flesh out the confetty interactive console slightly 2014-02-09 17:35:49 -05:00			`import confluent.exceptions as exc`
			`import confluent.messages`
			`import confluent.pluginapi as pluginapi`
Create a test socket api layer 2013-09-14 11:08:48 -04:00			`import eventlet.green.socket as socket`
			`import eventlet.green.ssl as ssl`
Have sockapi properly run alongside httpapi Have sockapi force TLSv1 2013-09-14 20:21:58 -04:00			`import eventlet`
Flesh out the confetty interactive console slightly 2014-02-09 17:35:49 -05:00			`import json`
Implement unix domain socket in socket api 2013-10-14 09:21:55 -04:00			`import os`
Fix SO_PEERCRED auth on unix socket This allows non-privileged users to be authenticated by SO_PEERCRED. In the case where the user is not a known confluent user, they are given a chance to use a name/password. 2014-02-10 09:41:08 -05:00			`import pwd`
			`import stat`
Implement unix domain socket in socket api 2013-10-14 09:21:55 -04:00			`import struct`

			`SO_PEERCRED = 17`
Create a test socket api layer 2013-09-14 11:08:48 -04:00
Advance state of the socket interface Properly implement authentication and switch the protocol over to the tlv based protocol. Abandon all thought of the socket being directly accessible. Any CLI semantics will be in confetty and an appliance wishing to expose that CLI directly should use standard ssh stuff with a shell of confetty. The unix domain authentication support makes this feasible (requires user creation push name into confluent repository at the moment..) 2014-02-09 10:43:26 -05:00			`class ClientConsole(object):`
			`def __init__(self, client):`
Add 'start /node/<node>/console/session' to confetty 2014-02-10 09:16:29 -05:00			`self.client = client`
			`self.xmit = False`
			`self.pendingdata = ""`
Advance state of the socket interface Properly implement authentication and switch the protocol over to the tlv based protocol. Abandon all thought of the socket being directly accessible. Any CLI semantics will be in confetty and an appliance wishing to expose that CLI directly should use standard ssh stuff with a shell of confetty. The unix domain authentication support makes this feasible (requires user creation push name into confluent repository at the moment..) 2014-02-09 10:43:26 -05:00
			`def sendall(self, data):`
Add 'start /node/<node>/console/session' to confetty 2014-02-10 09:16:29 -05:00			`if not self.xmit:`
			`self.pendingdata += data`
			`return`
Refactor/rename code confetty had a lot of stuff in it. Factor out bits to a common library for constructing purpose oriented commands. 2014-03-04 17:12:19 -05:00			`tlvdata.send(self.client, data)`
Advance state of the socket interface Properly implement authentication and switch the protocol over to the tlv based protocol. Abandon all thought of the socket being directly accessible. Any CLI semantics will be in confetty and an appliance wishing to expose that CLI directly should use standard ssh stuff with a shell of confetty. The unix domain authentication support makes this feasible (requires user creation push name into confluent repository at the moment..) 2014-02-09 10:43:26 -05:00
Add 'start /node/<node>/console/session' to confetty 2014-02-10 09:16:29 -05:00			`def startsending(self):`
			`self.xmit = True`
			`if self.pendingdata != "":`
Refactor/rename code confetty had a lot of stuff in it. Factor out bits to a common library for constructing purpose oriented commands. 2014-03-04 17:12:19 -05:00			`tlvdata.send(self.client, self.pendingdata)`
Add 'start /node/<node>/console/session' to confetty 2014-02-10 09:16:29 -05:00			`self.pendingdata = None`


Begin work to do authentication and authorization on socket api 2013-10-14 11:28:07 -04:00			`def sessionhdl(connection, authname):`
Advance state of the socket interface Properly implement authentication and switch the protocol over to the tlv based protocol. Abandon all thought of the socket being directly accessible. Any CLI semantics will be in confetty and an appliance wishing to expose that CLI directly should use standard ssh stuff with a shell of confetty. The unix domain authentication support makes this feasible (requires user creation push name into confluent repository at the moment..) 2014-02-09 10:43:26 -05:00			`# For now, trying to test the console stuff, so let's just do n4.`
			`authenticated = False`
Fix super unix socket access to work When root or the process owner comes into unix socket, they should be treated as always authorized. 2014-02-10 09:19:22 -05:00			`authdata = None`
Begin work to do authentication and authorization on socket api 2013-10-14 11:28:07 -04:00			`if authname and isinstance(authname, bool):`
Advance state of the socket interface Properly implement authentication and switch the protocol over to the tlv based protocol. Abandon all thought of the socket being directly accessible. Any CLI semantics will be in confetty and an appliance wishing to expose that CLI directly should use standard ssh stuff with a shell of confetty. The unix domain authentication support makes this feasible (requires user creation push name into confluent repository at the moment..) 2014-02-09 10:43:26 -05:00			`authenticated = True`
			`cfm = configmanager.ConfigManager(tenant=None)`
			`elif authname:`
			`authdata = auth.authorize(authname, element=None)`
Fix SO_PEERCRED auth on unix socket This allows non-privileged users to be authenticated by SO_PEERCRED. In the case where the user is not a known confluent user, they are given a chance to use a name/password. 2014-02-10 09:41:08 -05:00			`if authdata is not None:`
			`cfm = authdata[1]`
			`authenticated = True`
Refactor/rename code confetty had a lot of stuff in it. Factor out bits to a common library for constructing purpose oriented commands. 2014-03-04 17:12:19 -05:00			`tlvdata.send(connection,"Confluent -- v0 --")`
Advance state of the socket interface Properly implement authentication and switch the protocol over to the tlv based protocol. Abandon all thought of the socket being directly accessible. Any CLI semantics will be in confetty and an appliance wishing to expose that CLI directly should use standard ssh stuff with a shell of confetty. The unix domain authentication support makes this feasible (requires user creation push name into confluent repository at the moment..) 2014-02-09 10:43:26 -05:00			`while not authenticated: # prompt for name and passphrase`
Refactor/rename code confetty had a lot of stuff in it. Factor out bits to a common library for constructing purpose oriented commands. 2014-03-04 17:12:19 -05:00			`tlvdata.send(connection, {'authpassed': 0})`
			`response = tlvdata.recv(connection)`
Advance state of the socket interface Properly implement authentication and switch the protocol over to the tlv based protocol. Abandon all thought of the socket being directly accessible. Any CLI semantics will be in confetty and an appliance wishing to expose that CLI directly should use standard ssh stuff with a shell of confetty. The unix domain authentication support makes this feasible (requires user creation push name into confluent repository at the moment..) 2014-02-09 10:43:26 -05:00			`username = response['username']`
			`passphrase = response['passphrase']`
Flesh out the confetty interactive console slightly 2014-02-09 17:35:49 -05:00			`# note(jbjohnso): here, we need to authenticate, but not`
Advance state of the socket interface Properly implement authentication and switch the protocol over to the tlv based protocol. Abandon all thought of the socket being directly accessible. Any CLI semantics will be in confetty and an appliance wishing to expose that CLI directly should use standard ssh stuff with a shell of confetty. The unix domain authentication support makes this feasible (requires user creation push name into confluent repository at the moment..) 2014-02-09 10:43:26 -05:00			`# authorize a user. When authorization starts understanding`
			`# element path, that authorization will need to be called`
			`# per request the user makes`
			`authdata = auth.check_user_passphrase(username, passphrase)`
Fix socket api double send of auth failure notification The loop was sending failure back after an iteration of the loop that fails to authenticate and then again at the beginning of the next iteration. Remove the end iteration sending so that there is only one iteration of the message 2014-02-09 14:00:06 -05:00			`if authdata is not None:`
Advance state of the socket interface Properly implement authentication and switch the protocol over to the tlv based protocol. Abandon all thought of the socket being directly accessible. Any CLI semantics will be in confetty and an appliance wishing to expose that CLI directly should use standard ssh stuff with a shell of confetty. The unix domain authentication support makes this feasible (requires user creation push name into confluent repository at the moment..) 2014-02-09 10:43:26 -05:00			`authenticated = True`
			`cfm = authdata[1]`
Refactor/rename code confetty had a lot of stuff in it. Factor out bits to a common library for constructing purpose oriented commands. 2014-03-04 17:12:19 -05:00			`tlvdata.send(connection, {'authpassed': 1})`
			`request = tlvdata.recv(connection)`
Flesh out the confetty interactive console slightly 2014-02-09 17:35:49 -05:00			`while request is not None:`
Have sockapi stay alive through as-yet uncaught circumstances Previously, the client would be left hanging. Correct that by keeping the session alive and notifying the client of the unexpected condition. 2014-03-03 15:52:12 -05:00			`try:`
			`process_request(connection, request, cfm, authdata)`
			`except:`
			`import traceback`
			`traceback.print_exc()`
Refactor/rename code confetty had a lot of stuff in it. Factor out bits to a common library for constructing purpose oriented commands. 2014-03-04 17:12:19 -05:00			`tlvdata.send(connection, {'errorcode': 500,`
Have sockapi stay alive through as-yet uncaught circumstances Previously, the client would be left hanging. Correct that by keeping the session alive and notifying the client of the unexpected condition. 2014-03-03 15:52:12 -05:00			`'error': 'Unexpected error'})`
Refactor/rename code confetty had a lot of stuff in it. Factor out bits to a common library for constructing purpose oriented commands. 2014-03-04 17:12:19 -05:00			`tlvdata.send(connection, {'_requestdone': 1})`
			`request = tlvdata.recv(connection)`
Flesh out the confetty interactive console slightly 2014-02-09 17:35:49 -05:00

			`def send_response(responses, connection):`
Further make the sockapi and confetty client fleshed out Here, fix a few mistakes with how relation objects got messaged out. Add the ability to cd and ls in the confetty interactive mode 2014-02-09 19:26:48 -05:00			`if responses is None:`
			`return`
Flesh out the confetty interactive console slightly 2014-02-09 17:35:49 -05:00			`for rsp in responses:`
Refactor/rename code confetty had a lot of stuff in it. Factor out bits to a common library for constructing purpose oriented commands. 2014-03-04 17:12:19 -05:00			`tlvdata.send(connection, rsp.raw())`
			`tlvdata.send(connection, {'_requestdone': 1})`
Further make the sockapi and confetty client fleshed out Here, fix a few mistakes with how relation objects got messaged out. Add the ability to cd and ls in the confetty interactive mode 2014-02-09 19:26:48 -05:00
Flesh out the confetty interactive console slightly 2014-02-09 17:35:49 -05:00
			`def process_request(connection, request, cfm, authdata):`
			`#TODO(jbjohnso): authorize each request`
			`if type(request) == dict:`
			`operation = request['operation']`
			`path = request['path']`
			`params = request.get('parameters', None)`
Further make the sockapi and confetty client fleshed out Here, fix a few mistakes with how relation objects got messaged out. Add the ability to cd and ls in the confetty interactive mode 2014-02-09 19:26:48 -05:00			`hdlr = None`
Flesh out the confetty interactive console slightly 2014-02-09 17:35:49 -05:00			`try:`
Add 'start /node/<node>/console/session' to confetty 2014-02-10 09:16:29 -05:00			`if operation == 'start':`
			`elems = path.split('/')`
			`if elems[3] != "console":`
			`raise exc.InvalidArgumentException()`
			`node = elems[2]`
			`ccons = ClientConsole(connection)`
			`consession = consoleserver.ConsoleSession(`
			`node=node, configmanager=cfm, datacallback=ccons.sendall)`
			`if consession is None:`
			`raise Exception("TODO")`
Refactor/rename code confetty had a lot of stuff in it. Factor out bits to a common library for constructing purpose oriented commands. 2014-03-04 17:12:19 -05:00			`tlvdata.send(connection, {'started': 1})`
Add 'start /node/<node>/console/session' to confetty 2014-02-10 09:16:29 -05:00			`ccons.startsending()`
			`while consession is not None:`
Refactor/rename code confetty had a lot of stuff in it. Factor out bits to a common library for constructing purpose oriented commands. 2014-03-04 17:12:19 -05:00			`data = tlvdata.recv(connection)`
Support console exit and dedicated console mode Have confetty assume that a plain nodename is a requset for console. If a console session is started from interactive mode, return to interactive mode on ctrl-e, c, . rather than exiting. 2014-02-10 18:28:45 -05:00			`if type(data) == dict:`
			`if data['operation'] == 'stop':`
			`consession.destroy()`
			`return`
			`else:`
			`raise Exception("TODO")`
Add 'start /node/<node>/console/session' to confetty 2014-02-10 09:16:29 -05:00			`if not data:`
			`consession.destroy()`
			`return`
			`consession.write(data)`
			`else:`
			`hdlr = pluginapi.handle_path(path, operation, cfm, params)`
Flesh out the confetty interactive console slightly 2014-02-09 17:35:49 -05:00			`except exc.NotFoundException:`
Refactor/rename code confetty had a lot of stuff in it. Factor out bits to a common library for constructing purpose oriented commands. 2014-03-04 17:12:19 -05:00			`tlvdata.send(connection, {"errorcode": 404,`
Flesh out the confetty interactive console slightly 2014-02-09 17:35:49 -05:00			`"error": "Target not found"})`
Refactor/rename code confetty had a lot of stuff in it. Factor out bits to a common library for constructing purpose oriented commands. 2014-03-04 17:12:19 -05:00			`tlvdata.send(connection, {"_requestdone": 1})`
Flesh out the confetty interactive console slightly 2014-02-09 17:35:49 -05:00			`except exc.InvalidArgumentException:`
Refactor/rename code confetty had a lot of stuff in it. Factor out bits to a common library for constructing purpose oriented commands. 2014-03-04 17:12:19 -05:00			`tlvdata.send(connection, {"errorcode": 400,`
Correct two protocol violations of TLV One was the client going away without contemplating the done flag. Another was the server sending two requestdone messages. 2014-02-22 20:38:33 -05:00			`"error": "Bad Request"})`
Refactor/rename code confetty had a lot of stuff in it. Factor out bits to a common library for constructing purpose oriented commands. 2014-03-04 17:12:19 -05:00			`tlvdata.send(connection, {"_requestdone": 1})`
Flesh out the confetty interactive console slightly 2014-02-09 17:35:49 -05:00			`send_response(hdlr, connection)`
			`return`
Create a test socket api layer 2013-09-14 11:08:48 -04:00

Implement unix domain socket in socket api 2013-10-14 09:21:55 -04:00			`def _tlshandler():`
Create a test socket api layer 2013-09-14 11:08:48 -04:00			`plainsocket = socket.socket()`
Fix socket test case to work multiple times 2013-10-09 20:14:34 -04:00			`plainsocket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)`
Correct setsockopt call argument to correct protocol 2014-02-22 14:12:39 -05:00			`plainsocket.setsockopt(socket.IPPROTO_TCP, socket.TCP_NODELAY, 1)`
Create a test socket api layer 2013-09-14 11:08:48 -04:00			`srv = ssl.wrap_socket(plainsocket, keyfile="/etc/confluent/privkey.pem",`
Have sockapi properly run alongside httpapi Have sockapi force TLSv1 2013-09-14 20:21:58 -04:00			`certfile="/etc/confluent/srvcert.pem",`
			`ssl_version=ssl.PROTOCOL_TLSv1,`
			`server_side=True)`
Create a test socket api layer 2013-09-14 11:08:48 -04:00			`srv.bind(('0.0.0.0', 4001))`
			`srv.listen(5)`
Begin work to do authentication and authorization on socket api 2013-10-14 11:28:07 -04:00			`authname = None`
Create a test socket api layer 2013-09-14 11:08:48 -04:00			`while (1): # TODO: exithook`
			`cnn, addr = srv.accept()`
Begin work to do authentication and authorization on socket api 2013-10-14 11:28:07 -04:00			`eventlet.spawn_n(sessionhdl, cnn, authname)`
Create a test socket api layer 2013-09-14 11:08:48 -04:00
Implement unix domain socket in socket api 2013-10-14 09:21:55 -04:00
			`def _unixdomainhandler():`
			`unixsocket = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM)`
			`try:`
			`os.remove("/var/run/confluent/api.sock")`
			`except OSError: # if file does not exist, no big deal`
			`pass`
			`unixsocket.bind("/var/run/confluent/api.sock")`
Fix SO_PEERCRED auth on unix socket This allows non-privileged users to be authenticated by SO_PEERCRED. In the case where the user is not a known confluent user, they are given a chance to use a name/password. 2014-02-10 09:41:08 -05:00			`os.chmod("/var/run/confluent/api.sock",`
			`stat.S_IWOTH \| stat.S_IROTH \| stat.S_IWGRP \|`
			`stat.S_IRGRP \| stat.S_IWUSR \| stat.S_IRUSR)`
Implement unix domain socket in socket api 2013-10-14 09:21:55 -04:00			`unixsocket.listen(5)`
			`while (1):`
			`cnn, addr = unixsocket.accept()`
			`creds = cnn.getsockopt(socket.SOL_SOCKET, SO_PEERCRED,`
			`struct.calcsize('3i'))`
Begin work to do authentication and authorization on socket api 2013-10-14 11:28:07 -04:00			`pid, uid, gid = struct.unpack('3i',creds)`
			`if uid in (os.getuid(), 0):`
			`#this is where we happily accept the person`
			`#to do whatever. This allows the server to`
			`#start with no configuration whatsoever`
			`#and yet still be configurable by some means`
			`authname = True`
			`else:`
			`try:`
			`authname = pwd.getpwuid(uid).pw_name`
			`except KeyError:`
			`cnn.close()`
			`return`
			`eventlet.spawn_n(sessionhdl, cnn, authname)`
Implement unix domain socket in socket api 2013-10-14 09:21:55 -04:00


Create a test socket api layer 2013-09-14 11:08:48 -04:00			`class SockApi(object):`
			`def start(self):`
Implement unix domain socket in socket api 2013-10-14 09:21:55 -04:00			`self.tlsserver = eventlet.spawn(_tlshandler)`
			`self.unixdomainserver = eventlet.spawn(_unixdomainhandler)`