Module Session

This module defines the abstract session interface in a class named AbstractSession, and two descendants MasterSession and StackedSession.

Sessions are hierarchically stacked into each other just like proxies. Each session has an owner session (except for the master session which is on the top), and variables are "inherited" from owner sessions. (implemented using a simple getattr wrapper) This way stacked sessions can inherit data from encapsulating proxies. (an HTTP proxy may define an URL and a mime-type, and stacked CVP module may inspect those values)

Imported modules

Class AbstractSession

Both MasterSession and StackedSession are derived from this class.

Method destroy

Destroys the session.

Synopsis

destroy ( self )

Description

We close filedescriptors here, in case no proxy module could be started (because of policy violations, or because the module cannot be found).

Arguments

Table 4-104. Arguments for AbstractSession.destroy()

selfthis instance

Class MasterSession

Master session class.

Attributes

Table 4-105. Attributes for class MasterSession

client_fd client fd
client_stream client stream
client_addressSockAddr instance containing client address
client_local local address (on the firewall)
client_zone zone of the client
server_fd server fd
server_stream server stream
server_addressSockAddr instance containing server address
server_local local address (on the firewall)
server_zone zone of the server
service service instance this session runs
session_id unique identifier for this session in the format: "(firewall/service:instance id/proxy)"
instance_id the instance identifier of the service (sequence number)
started indicates that the instance has been started
auth authentication method

Constructor __init__

Initializes a MasterSession instance.

Synopsis

__init__ ( self )

Description

This constructor initializes a new MasterSession instance based on its arguments.

Arguments

Table 4-106. Arguments for MasterSession.__init__()

selfthis instance

Destructor __del__

Function called when the master session is freed.

Synopsis

__del__ ( self )

Description

This function is called when the master session is freed, thus the session ended. We inform our spawner service about this event.

Method isClientPermitted

Function to actually check access control.

Synopsis

isClientPermitted ( self )

Description

This function is called when a connection is established to perform access control checks whether the client is permitted to use the requested service. Its return value specifies the result of the check.

Arguments

Table 4-107. Arguments for MasterSession.isClientPermitted()

selfthis instance

Returns

Z_ACCEPT for success, and Z_REJECT for failure

Method setClient

Set client address and perform access control.

Synopsis

setClient (
        self,
        fd,
        addr,
        )

Description

Sets the client address of the given session, and performs access control checks.

Arguments

Table 4-108. Arguments for MasterSession.setClient()

self this instance
fd fd of the client
addr sockaddr of the client

Method setServer

Set the server address and perform access control checks.

Synopsis

setServer ( self,  addr )

Description

Stores the server address of the given connection, looks up server zone and performs access control and raises an exception upon failure.

Arguments

Table 4-109. Arguments for MasterSession.setServer()

selfthis instance
addrServer address

Method setService

Sets the service belonging to this session.

Synopsis

setService ( self,  service )

Description

Stores the service reference, and recalculates the session_id

Arguments

Table 4-110. Arguments for MasterSession.setService()

selfthis instance
service Service instance

Method setServiceInstance

Set service instance number and recalculate session id.

Synopsis

setServiceInstance ( self,  instance_id )

Description

Sets service instance number, and makes up a unique identifier for this session.

Arguments

Table 4-111. Arguments for MasterSession.setServiceInstance()

selfthis instance
instance_idunique identifier of the service instance

Class StackedSession

A StackedSession is a subsession, inheriting attributes from its parent.

Attributes

Table 4-112. Attributes for class StackedSession

owner Parent session
chainer Chainer used to chain up to parent. If none simply server_fd is used.

Constructor __init__

Initializes a StackedSession instance.

Synopsis

__init__ (
        self,
        owner,
        chainer=None,
        )

Description

This constructor initializes a new StackedSession instance based on parameters.

Arguments

Table 4-113. Arguments for StackedSession.__init__()

self this instance
owner Parent session
chainer Chainer used to chain up to parent.

Method __getattr__

Perform attribute inheritance

Synopsis

__getattr__ ( self,  name )

Description

Wrapper to return variables from parent session, if not overriden in this instance.

Arguments

Table 4-114. Arguments for StackedSession.__getattr__()

self this instance
name Name of the attribute to get.

Returns

The value of the given attribute.

Method setProxy

Set the proxy name used in this subsession.

Synopsis

setProxy ( self,  proxy )

Description

Stores a reference to the proxy class, and modifies the session_id to include the proxy name.

Arguments

Table 4-115. Arguments for StackedSession.setProxy()

self this instance
proxy Proxy class, derived from Proxy