Beispiel #1
0
def server_client_connect_post(server_id):
    org_id = flask.request.json['org_id']
    user_id = flask.request.json['user_id']

    server = Server(server_id)
    if not server:
        return utils.jsonify({
            'error': SERVER_INVALID,
            'error_msg': SERVER_INVALID_MSG,
        }, 401)
    org = server.get_org(org_id)
    if not org:
        return utils.jsonify({
            'error': ORG_INVALID,
            'error_msg': ORG_INVALID_MSG,
        }, 401)
    user = org.get_user(user_id)
    if not user:
        return utils.jsonify({
            'error': USER_INVALID,
            'error_msg': USER_INVALID_MSG,
        }, 401)

    return utils.jsonify({
        'client_conf': None,
    })
Beispiel #2
0
def server_tls_verify_post(server_id):
    org_id = flask.request.json['org_id']
    user_id = flask.request.json['user_id']

    server = Server(server_id)
    if not server:
        return utils.jsonify({
            'error': SERVER_INVALID,
            'error_msg': SERVER_INVALID_MSG,
        }, 401)
    org = server.get_org(org_id)
    if not org:
        LogEntry(message='User failed authentication, ' +
            'invalid organization "%s".' % server.name)
        return utils.jsonify({
            'error': ORG_INVALID,
            'error_msg': ORG_INVALID_MSG,
        }, 401)
    user = org.get_user(user_id)
    if not user:
        LogEntry(message='User failed authentication, ' +
            'invalid user "%s".' % server.name)
        return utils.jsonify({
            'error': USER_INVALID,
            'error_msg': USER_INVALID_MSG,
        }, 401)

    return utils.jsonify({
        'authenticated': True,
    })
Beispiel #3
0
def server_org_put(server_id, org_id):
    server = Server(server_id)
    if server.status:
        return utils.jsonify({
            'error': SERVER_NOT_OFFLINE,
            'error_msg': SERVER_NOT_OFFLINE_MSG,
        }, 400)
    server.add_org(org_id)
    return utils.jsonify({})
Beispiel #4
0
def server_org_put(server_id, org_id):
    server = Server(server_id)
    if server.status:
        return utils.jsonify(
            {
                'error': SERVER_NOT_OFFLINE,
                'error_msg': SERVER_NOT_OFFLINE_MSG,
            }, 400)
    server.add_org(org_id)
    return utils.jsonify({})
Beispiel #5
0
def server_get(server_id=None):
    if server_id:
        return utils.jsonify(Server.get_server(server_id).dict())
    else:
        servers = []
        servers_dict = {}
        servers_sort = []

        for server in Server.iter_servers():
            servers.append(server.dict())

        return utils.jsonify(servers)
Beispiel #6
0
def server_client_disconnect_post(server_id):
    org_id = flask.request.json["org_id"]
    user_id = flask.request.json["user_id"]

    server = Server(server_id)
    if not server:
        return utils.jsonify({"error": SERVER_INVALID, "error_msg": SERVER_INVALID_MSG}, 401)
    org = server.get_org(org_id)
    if not org:
        return utils.jsonify({"error": ORG_INVALID, "error_msg": ORG_INVALID_MSG}, 401)
    user = org.get_user(user_id)
    if not user:
        return utils.jsonify({"error": USER_INVALID, "error_msg": USER_INVALID_MSG}, 401)

    return utils.jsonify({})
Beispiel #7
0
    def _run_wsgi(self):
        self._setup_server_cert()
        import cherrypy.wsgiserver
        import cherrypy.wsgiserver.ssl_builtin
        from log_entry import LogEntry
        logger.info('Starting server...')

        if self.auto_start_servers != False:
            from pritunl.server import Server
            for server in Server.get_servers():
                if server.get_orgs():
                    server.start()

        server = cherrypy.wsgiserver.CherryPyWSGIServer(
            (self.bind_addr, self.port), self.app)
        server.ssl_adapter = cherrypy.wsgiserver.ssl_builtin.BuiltinSSLAdapter(
            self._server_cert_path, self._server_key_path)
        try:
            server.start()
        except (KeyboardInterrupt, SystemExit), exc:
            signal.signal(signal.SIGINT, signal.SIG_IGN)
            LogEntry(message='Web server stopped.')
            self.interrupt = True
            logger.info('Stopping server...')
            server.stop()
            self._close_db()
Beispiel #8
0
def status_get():
    orgs_count = 0
    servers_count = 0
    servers_online_count = 0
    clients_count = 0

    for server in Server.iter_servers():
        servers_count += 1
        if server.status:
            servers_online_count += 1
        clients_count += len(server.clients)

    user_count = 0
    for org in Organization.iter_orgs():
        orgs_count += 1
        user_count += org.user_count

    local_networks = utils.get_local_networks()

    return utils.jsonify({
        'org_count': orgs_count,
        'users_online': clients_count,
        'user_count': user_count,
        'servers_online': servers_online_count,
        'server_count': servers_count,
        'server_version': __version__,
        'public_ip': app_server.public_ip,
        'local_networks': local_networks,
    })
Beispiel #9
0
    def _run_wsgi(self):
        self._setup_server_cert()
        import cherrypy.wsgiserver
        import cherrypy.wsgiserver.ssl_builtin
        from log_entry import LogEntry
        logger.info('Starting server...')

        if self.auto_start_servers:
            from pritunl.server import Server
            for server in Server.get_servers():
                if server.get_orgs():
                    server.start()

        server = cherrypy.wsgiserver.CherryPyWSGIServer(
            (self.bind_addr, self.port), self.app)
        server.ssl_adapter = cherrypy.wsgiserver.ssl_builtin.BuiltinSSLAdapter(
            self._server_cert_path, self._server_key_path)
        try:
            server.start()
        except (KeyboardInterrupt, SystemExit), exc:
            signal.signal(signal.SIGINT, signal.SIG_IGN)
            LogEntry(message='Web server stopped.')
            self.interrupt = True
            logger.info('Stopping server...')
            server.stop()
            self._close_db()
Beispiel #10
0
    def _run_wsgi(self):
        if self.ssl:
            self._setup_server_cert()
        logger.info('Starting server...')

        if self.auto_start_servers:
            from pritunl.server import Server
            for server in Server.iter_servers():
                if server.org_count:
                    try:
                        server.start()
                    except:
                        logger.exception('Failed to auto start server. %r' % {
                            'server_id': server.id,
                        })

        server = cherrypy.wsgiserver.CherryPyWSGIServer(
            (self.bind_addr, self.port), self.app,
            request_queue_size=SERVER_REQUEST_QUEUE_SIZE,
            server_name=cherrypy.wsgiserver.CherryPyWSGIServer.version)
        if self.ssl:
            server.ConnectionClass = HTTPConnectionPatch
            server.ssl_adapter = SSLAdapter(
                self._server_cert_path, self._server_key_path)
        try:
            server.start()
        except (KeyboardInterrupt, SystemExit):
            pass
        except:
            logger.exception('Server error occurred')
            raise
        finally:
            signal.signal(signal.SIGINT, signal.SIG_IGN)
            logger.info('Stopping server...')
            self._on_exit()
Beispiel #11
0
def status_get():
    orgs = Organization.get_orgs()
    orgs_count = len(orgs)

    servers_count = 0
    servers_online_count = 0
    clients_count = 0
    for server in Server.get_servers():
        servers_count += 1
        if server.status:
            servers_online_count += 1
        clients_count += len(server.get_clients())

    users_count = 0
    for org in orgs:
        for user in org.get_users():
            if user.type != CERT_CLIENT:
                continue
            users_count += 1

    if not app_server.public_ip:
        app_server.load_public_ip()

    return utils.jsonify({
        'orgs_available': orgs_count,
        'orgs_total': orgs_count,
        'users_online': clients_count,
        'users_total': users_count,
        'servers_online': servers_online_count,
        'servers_total': servers_count,
        'server_version': __version__,
        'public_ip': app_server.public_ip,
    })
Beispiel #12
0
def server_operation_put(server_id, operation):
    server = Server(server_id)
    if operation == START:
        server.start()
    if operation == STOP:
        server.stop()
    elif operation == RESTART:
        server.restart()
    return utils.jsonify({})
Beispiel #13
0
def server_delete(server_id):
    server = Server.get_server(id=server_id)
    server.remove()
    LogEntry(message='Deleted server "%s".' % server.name)
    Event(type=SERVERS_UPDATED)
    for org in server.iter_orgs():
        Event(type=USERS_UPDATED, resource_id=org.id)
    return utils.jsonify({})
Beispiel #14
0
def server_org_delete(server_id, org_id):
    server = Server.get_server(id=server_id)
    if server.status:
        return utils.jsonify({
            'error': SERVER_NOT_OFFLINE,
            'error_msg': SERVER_NOT_OFFLINE_DETACH_ORG_MSG,
        }, 400)
    server.remove_org(org_id)
    return utils.jsonify({})
Beispiel #15
0
def server_org_get(server_id):
    orgs = []
    orgs_dict = {}
    orgs_sort = []
    server = Server(server_id)

    for org in server.get_orgs():
        name_id = '%s_%s' % (org.name, org.id)
        orgs_sort.append(name_id)
        orgs_dict[name_id] = {
            'id': org.id,
            'server': server.id,
            'name': org.name,
        }

    for name_id in sorted(orgs_sort):
        orgs.append(orgs_dict[name_id])

    return utils.jsonify(orgs)
Beispiel #16
0
def server_org_get(server_id):
    orgs = []
    server = Server.get_server(id=server_id)
    for org in server.iter_orgs():
        orgs.append({
            'id': org.id,
            'server': server.id,
            'name': org.name,
        })
    return utils.jsonify(orgs)
Beispiel #17
0
def server_org_get(server_id):
    orgs = []
    orgs_dict = {}
    orgs_sort = []
    server = Server(server_id)

    for org in server.get_orgs():
        name_id = '%s_%s' % (org.name, org.id)
        orgs_sort.append(name_id)
        orgs_dict[name_id] = {
            'id': org.id,
            'server': server.id,
            'name': org.name,
        }

    for name_id in sorted(orgs_sort):
        orgs.append(orgs_dict[name_id])

    return utils.jsonify(orgs)
Beispiel #18
0
def server_operation_put(server_id, operation):
    server = Server(server_id)
    if operation == START:
        server.start()
    if operation == STOP:
        server.stop()
    elif operation == RESTART:
        server.restart()
    return utils.jsonify({})
Beispiel #19
0
def server_tls_verify_post(server_id):
    org_id = flask.request.json["org_id"]
    user_id = flask.request.json["user_id"]

    server = Server(server_id)
    if not server:
        return utils.jsonify({"error": SERVER_INVALID, "error_msg": SERVER_INVALID_MSG}, 401)
    org = server.get_org(org_id)
    if not org:
        LogEntry(message="User failed authentication, " + 'invalid organization "%s".' % server.name)
        return utils.jsonify({"error": ORG_INVALID, "error_msg": ORG_INVALID_MSG}, 401)
    user = org.get_user(user_id)
    if not user:
        LogEntry(message="User failed authentication, " + 'invalid user "%s".' % server.name)
        return utils.jsonify({"error": USER_INVALID, "error_msg": USER_INVALID_MSG}, 401)
    if user.disabled:
        LogEntry(message="User failed authentication, " + 'disabled user "%s".' % server.name)
        return utils.jsonify({"error": USER_INVALID, "error_msg": USER_INVALID_MSG}, 401)

    return utils.jsonify({"authenticated": True})
Beispiel #20
0
def server_otp_verify_post(server_id):
    org_id = flask.request.json["org_id"]
    user_id = flask.request.json["user_id"]
    otp_code = flask.request.json["otp_code"]
    remote_ip = flask.request.json.get("remote_ip")

    server = Server(server_id)
    if not server:
        return utils.jsonify({"error": SERVER_INVALID, "error_msg": SERVER_INVALID_MSG}, 401)
    org = server.get_org(org_id)
    if not org:
        LogEntry(message="User failed authentication, " + 'invalid organization "%s".' % server.name)
        return utils.jsonify({"error": ORG_INVALID, "error_msg": ORG_INVALID_MSG}, 401)
    user = org.get_user(user_id)
    if not user:
        LogEntry(message="User failed authentication, " + 'invalid user "%s".' % server.name)
        return utils.jsonify({"error": USER_INVALID, "error_msg": USER_INVALID_MSG}, 401)
    if not user.verify_otp_code(otp_code, remote_ip):
        LogEntry(message='User failed two-step authentication "%s".' % (user.name))
        return utils.jsonify({"error": OTP_CODE_INVALID, "error_msg": OTP_CODE_INVALID_MSG}, 401)

    return utils.jsonify({"authenticated": True})
Beispiel #21
0
def server_otp_verify_post(server_id):
    org_id = flask.request.json['org_id']
    user_id = flask.request.json['user_id']
    otp_code = flask.request.json['otp_code']
    remote_ip = flask.request.json.get('remote_ip')

    server = Server(server_id)
    if not server:
        return utils.jsonify({
            'error': SERVER_INVALID,
            'error_msg': SERVER_INVALID_MSG,
        }, 401)
    org = server.get_org(org_id)
    if not org:
        LogEntry(message='User failed authentication, ' +
            'invalid organization "%s".' % server.name)
        return utils.jsonify({
            'error': ORG_INVALID,
            'error_msg': ORG_INVALID_MSG,
        }, 401)
    user = org.get_user(user_id)
    if not user:
        LogEntry(message='User failed authentication, ' +
            'invalid user "%s".' % server.name)
        return utils.jsonify({
            'error': USER_INVALID,
            'error_msg': USER_INVALID_MSG,
        }, 401)
    if not user.verify_otp_code(otp_code, remote_ip):
        LogEntry(message='User failed two-step authentication "%s".' % (
            user.name))
        return utils.jsonify({
            'error': OTP_CODE_INVALID,
            'error_msg': OTP_CODE_INVALID_MSG,
        }, 401)

    return utils.jsonify({
        'authenticated': True,
    })
Beispiel #22
0
def server_org_put(server_id, org_id):
    server = Server.get_server(id=server_id)
    if server.status:
        return utils.jsonify({
            'error': SERVER_NOT_OFFLINE,
            'error_msg': SERVER_NOT_OFFLINE_ATTACH_ORG_MSG,
        }, 400)
    org = server.add_org(org_id)
    return utils.jsonify({
        'id': org.id,
        'server': server.id,
        'name': org.name,
    })
Beispiel #23
0
def server_client_connect_post(server_id):
    org_id = flask.request.json["org_id"]
    user_id = flask.request.json["user_id"]

    server = Server(server_id)
    if not server:
        return utils.jsonify({"error": SERVER_INVALID, "error_msg": SERVER_INVALID_MSG}, 401)
    org = server.get_org(org_id)
    if not org:
        return utils.jsonify({"error": ORG_INVALID, "error_msg": ORG_INVALID_MSG}, 401)
    user = org.get_user(user_id)
    if not user:
        return utils.jsonify({"error": USER_INVALID, "error_msg": USER_INVALID_MSG}, 401)
    if user.type != CERT_CLIENT:
        return utils.jsonify({"error": USER_TYPE_INVALID, "error_msg": USER_TYPE_INVALID_MSG}, 401)

    local_ip_addr, remote_ip_addr = server.get_ip_set(org.id, user_id)
    if local_ip_addr and remote_ip_addr:
        client_conf = "ifconfig-push %s %s" % (local_ip_addr, remote_ip_addr)
    else:
        client_conf = ""

    return utils.jsonify({"client_conf": client_conf})
Beispiel #24
0
def server_org_delete(server_id, org_id):
    server = Server.get_server(id=server_id)
    org = Organization.get_org(id=org_id)
    if server.status:
        return utils.jsonify({
            'error': SERVER_NOT_OFFLINE,
            'error_msg': SERVER_NOT_OFFLINE_DETACH_ORG_MSG,
        }, 400)
    server.remove_org(org)
    server.commit()
    Event(type=SERVERS_UPDATED)
    Event(type=SERVER_ORGS_UPDATED, resource_id=server.id)
    Event(type=USERS_UPDATED, resource_id=org.id)
    return utils.jsonify({})
Beispiel #25
0
def server_client_connect_post(server_id):
    org_id = flask.request.json['org_id']
    user_id = flask.request.json['user_id']

    server = Server(server_id)
    if not server:
        return utils.jsonify({
            'error': SERVER_INVALID,
            'error_msg': SERVER_INVALID_MSG,
        }, 401)
    org = server.get_org(org_id)
    if not org:
        return utils.jsonify({
            'error': ORG_INVALID,
            'error_msg': ORG_INVALID_MSG,
        }, 401)
    user = org.get_user(user_id)
    if not user:
        return utils.jsonify({
            'error': USER_INVALID,
            'error_msg': USER_INVALID_MSG,
        }, 401)
    if user.type != CERT_CLIENT:
        return utils.jsonify({
            'error': USER_TYPE_INVALID,
            'error_msg': USER_TYPE_INVALID_MSG,
        }, 401)

    local_ip_addr, remote_ip_addr = server.get_ip_set(org.id, user_id)
    if local_ip_addr and remote_ip_addr:
        client_conf = 'ifconfig-push %s %s' % (local_ip_addr, remote_ip_addr)
    else:
        client_conf = ''

    return utils.jsonify({
        'client_conf': client_conf,
    })
Beispiel #26
0
def server_operation_put(server_id, operation):
    server = Server.get_server(id=server_id)

    if operation == START:
        server.start()
        LogEntry(message='Started server "%s".' % server.name)
    if operation == STOP:
        server.stop()
        LogEntry(message='Stopped server "%s".' % server.name)
    elif operation == RESTART:
        server.restart()
        LogEntry(message='Restarted server "%s".' % server.name)
    Event(type=SERVERS_UPDATED)

    return utils.jsonify(server.dict())
Beispiel #27
0
def server_operation_put(server_id, operation):
    server = Server.get_server(id=server_id)

    try:
        if operation == START:
            server.start()
        if operation == STOP:
            server.stop()
        elif operation == RESTART:
            server.restart()
    except NodeConnectionError:
        return utils.jsonify({"error": NODE_CONNECTION_ERROR, "error_msg": NODE_CONNECTION_ERROR_MSG}, 400)
    except InvalidNodeAPIKey:
        return utils.jsonify({"error": NODE_API_KEY_INVLID, "error_msg": NODE_API_KEY_INVLID_MSG}, 400)

    return utils.jsonify(server.dict())
Beispiel #28
0
def server_org_put(server_id, org_id):
    server = Server.get_server(id=server_id)
    org = Organization.get_org(id=org_id)
    if server.status:
        return utils.jsonify({
            'error': SERVER_NOT_OFFLINE,
            'error_msg': SERVER_NOT_OFFLINE_ATTACH_ORG_MSG,
        }, 400)
    server.add_org(org)
    server.commit()
    Event(type=SERVERS_UPDATED)
    Event(type=SERVER_ORGS_UPDATED, resource_id=server.id)
    Event(type=USERS_UPDATED, resource_id=org.id)
    return utils.jsonify({
        'id': org.id,
        'server': server.id,
        'name': org.name,
    })
Beispiel #29
0
def server_get():
    servers = []
    servers_dict = {}
    servers_sort = []

    for server in Server.get_servers():
        server_orgs = server.get_orgs()
        users_count = 0
        for org in server_orgs:
            for user in org.get_users():
                if user.type != CERT_CLIENT:
                    continue
                users_count += 1

        name_id = '%s_%s' % (server.name, server.id)
        servers_sort.append(name_id)
        servers_dict[name_id] = {
            'id': server.id,
            'name': server.name,
            'status': 'online' if server.status else 'offline',
            'uptime': server.uptime,
            'users_online': len(server.get_clients()),
            'users_total': users_count,
            'network': server.network,
            'interface': server.interface,
            'port': server.port,
            'protocol': server.protocol,
            'local_network': server.local_network,
            'public_address': server.public_address,
            'otp_auth': True if server.otp_auth else False,
            'lzo_compression': server.lzo_compression,
            'debug': True if server.debug else False,
            'org_count': len(server_orgs),
        }

    for name_id in sorted(servers_sort):
        servers.append(servers_dict[name_id])

    return utils.jsonify(servers)
Beispiel #30
0
def server_get():
    servers = []
    servers_dict = {}
    servers_sort = []

    for server in Server.get_servers():
        server_orgs = server.get_orgs()
        users_count = 0
        for org in server_orgs:
            for user in org.get_users():
                if user.type != CERT_CLIENT:
                    continue
                users_count += 1

        name_id = '%s_%s' % (server.name, server.id)
        servers_sort.append(name_id)
        servers_dict[name_id] = {
            'id': server.id,
            'name': server.name,
            'status': 'online' if server.status else 'offline',
            'uptime': server.uptime,
            'users_online': len(server.get_clients()),
            'users_total': users_count,
            'network': server.network,
            'interface': server.interface,
            'port': server.port,
            'protocol': server.protocol,
            'local_network': server.local_network,
            'public_address': server.public_address,
            'otp_auth': True if server.otp_auth else False,
            'lzo_compression': server.lzo_compression,
            'debug': True if server.debug else False,
            'org_count': len(server_orgs),
        }

    for name_id in sorted(servers_sort):
        servers.append(servers_dict[name_id])

    return utils.jsonify(servers)
Beispiel #31
0
def status_get():
    orgs_count = 0
    servers_count = 0
    servers_online_count = 0
    clients_count = 0

    for server in Server.iter_servers():
        servers_count += 1
        if server.status:
            servers_online_count += 1
        clients_count += len(server.clients)

    user_count = 0
    for org in Organization.iter_orgs():
        orgs_count += 1
        user_count += org.user_count

    local_networks = utils.get_local_networks()

    if app_server.openssl_heartbleed:
        notification = 'You are running an outdated version of openssl ' + \
            'containting the heartbleed bug. This could allow an attacker ' + \
            'to compromise your server. Please upgrade your openssl ' + \
            'package and restart the pritunl service.'
    else:
        notification = app_server.notification

    return utils.jsonify({
        'org_count': orgs_count,
        'users_online': clients_count,
        'user_count': user_count,
        'servers_online': servers_online_count,
        'server_count': servers_count,
        'server_version': __version__,
        'public_ip': app_server.public_ip,
        'local_networks': local_networks,
        'notification': notification,
    })
Beispiel #32
0
def server_put_post(server_id=None):
    name = flask.request.json['name']
    name = ''.join(x for x in name if x.isalnum() or x in NAME_SAFE_CHARS)
    network = flask.request.json['network']
    interface = flask.request.json['interface']
    port = flask.request.json['port']
    protocol = flask.request.json['protocol'].lower()
    local_network = flask.request.json['local_network']
    if local_network:
        local_network = local_network
    public_address = flask.request.json['public_address']
    debug = flask.request.json['debug']

    # Network
    network_split = network.split('/')
    if len(network_split) != 2:
        return _network_not_valid()

    address = network_split[0].split('.')
    if len(address) != 4:
        return _network_not_valid()
    for i, value in enumerate(address):
        try:
            address[i] = int(value)
        except ValueError:
            return _network_not_valid()
    if address[0] != 10:
        return _network_not_valid()

    if address[1] > 255 or address[1] < 0 or \
            address[2] > 255 or address[2] < 0:
        return _network_not_valid()

    if address[3] != 0:
        return _network_not_valid()

    try:
        subnet = int(network_split[1])
    except ValueError:
        return _network_not_valid()

    if subnet < 8 or subnet > 24:
        return _network_not_valid()

    # Interface
    if interface[:3] != 'tun':
        return _interface_not_valid()

    try:
        interface_num = int(interface[3:])
    except ValueError:
        return _interface_not_valid()

    if interface_num > 64:
        return _interface_not_valid()

    interface = interface[:3] + str(interface_num)

    # Port
    try:
        port = int(port)
    except ValueError:
        return _port_not_valid()

    if port < 1 or port > 65535:
        return _port_not_valid()

    # Protocol
    if protocol not in ['udp', 'tcp']:
        return utils.jsonify({
            'error': PROTOCOL_NOT_VALID,
            'error_msg': PROTOCOL_NOT_VALID_MSG,
        }, 400)

    # Local network
    if local_network:
        local_network_split = local_network.split('/')
        if len(local_network_split) != 2:
            return _local_network_not_valid()

        address = local_network_split[0].split('.')
        if len(address) != 4:
            return _local_network_not_valid()
        for i, value in enumerate(address):
            try:
                address[i] = int(value)
            except ValueError:
                return _local_network_not_valid()
        if address[0] > 255 or address[0] < 0 or \
                address[1] > 255 or address[1] < 0 or \
                address[2] > 255 or address[2] < 0 or \
                address[3] > 254 or address[3] < 0:
            return _local_network_not_valid()

        try:
            subnet = int(local_network_split[1])
        except ValueError:
            return _local_network_not_valid()

        if subnet < 8 or subnet > 30:
            return _local_network_not_valid()

    for server in Server.get_servers():
        if server.id == server_id:
            continue
        elif server.network == network:
            return utils.jsonify({
                'error': NETWORK_IN_USE,
                'error_msg': NETWORK_IN_USE_MSG,
            }, 400)
        elif server.interface == interface:
            return utils.jsonify({
                'error': INTERFACE_IN_USE,
                'error_msg': INTERFACE_IN_USE_MSG,
            }, 400)
        elif server.port == port and server.protocol == protocol:
            return utils.jsonify({
                'error': PORT_PROTOCOL_IN_USE,
                'error_msg': PORT_PROTOCOL_IN_USE_MSG,
            }, 400)

    if not server_id:
        server = Server(
            name=name,
            network=network,
            interface=interface,
            port=port,
            protocol=protocol,
            local_network=local_network,
            public_address=public_address,
            debug=debug,
        )
    else:
        server = Server(id=server_id)
        if server.status:
            return utils.jsonify({
                'error': SERVER_NOT_OFFLINE,
                'error_msg': SERVER_NOT_OFFLINE_MSG,
            }, 400)
        server.name = name
        server.network = network
        server.interface = interface
        server.port = port
        server.protocol = protocol
        server.local_network = local_network
        server.public_address = public_address
        server.debug = debug
        server.commit()

    return utils.jsonify({})
Beispiel #33
0
def server_output_delete(server_id):
    server = Server(server_id)
    server.clear_output()
    return utils.jsonify({})
Beispiel #34
0
def server_output_get(server_id):
    server = Server(server_id)
    return utils.jsonify({
        'id': server.id,
        'output': server.get_output(),
    })
Beispiel #35
0
def server_output_delete(server_id):
    server = Server(server_id)
    server.clear_output()
    return utils.jsonify({})
Beispiel #36
0
def server_delete(server_id):
    server = Server(server_id)
    server.remove()
    return utils.jsonify({})
Beispiel #37
0
def server_org_delete(server_id, org_id):
    server = Server(server_id)
    server.remove_org(org_id)
    return utils.jsonify({})
Beispiel #38
0
def server_put_post(server_id=None):
    name = flask.request.json['name']
    name = ''.join(x for x in name if x.isalnum() or x in NAME_SAFE_CHARS)
    network = flask.request.json['network']
    interface = flask.request.json['interface']
    port = flask.request.json['port']
    protocol = flask.request.json['protocol'].lower()
    local_network = flask.request.json['local_network']
    if local_network:
        local_network = local_network
    public_address = flask.request.json['public_address']
    public_address = ''.join(x for x in public_address
                             if x.isalnum() or x == '.')
    debug = True if flask.request.json['debug'] else False
    otp_auth = True if flask.request.json['otp_auth'] else False
    lzo_compression = True if flask.request.json['lzo_compression'] else False

    # Network
    network_split = network.split('/')
    if len(network_split) != 2:
        return _network_not_valid()

    address = network_split[0].split('.')
    if len(address) != 4:
        return _network_not_valid()
    for i, value in enumerate(address):
        try:
            address[i] = int(value)
        except ValueError:
            return _network_not_valid()
    if address[0] != 10:
        return _network_not_valid()

    if address[1] > 255 or address[1] < 0 or \
            address[2] > 255 or address[2] < 0:
        return _network_not_valid()

    if address[3] != 0:
        return _network_not_valid()

    try:
        subnet = int(network_split[1])
    except ValueError:
        return _network_not_valid()

    if subnet < 8 or subnet > 24:
        return _network_not_valid()

    # Interface
    if interface[:3] != 'tun':
        return _interface_not_valid()

    try:
        interface_num = int(interface[3:])
    except ValueError:
        return _interface_not_valid()

    if interface_num > 64:
        return _interface_not_valid()

    interface = interface[:3] + str(interface_num)

    # Port
    try:
        port = int(port)
    except ValueError:
        return _port_not_valid()

    if port < 1 or port > 65535:
        return _port_not_valid()

    # Protocol
    if protocol not in ['udp', 'tcp']:
        return utils.jsonify(
            {
                'error': PROTOCOL_NOT_VALID,
                'error_msg': PROTOCOL_NOT_VALID_MSG,
            }, 400)

    # Local network
    if local_network:
        local_network_split = local_network.split('/')
        if len(local_network_split) != 2:
            return _local_network_not_valid()

        address = local_network_split[0].split('.')
        if len(address) != 4:
            return _local_network_not_valid()
        for i, value in enumerate(address):
            try:
                address[i] = int(value)
            except ValueError:
                return _local_network_not_valid()
        if address[0] > 255 or address[0] < 0 or \
                address[1] > 255 or address[1] < 0 or \
                address[2] > 255 or address[2] < 0 or \
                address[3] > 254 or address[3] < 0:
            return _local_network_not_valid()

        try:
            subnet = int(local_network_split[1])
        except ValueError:
            return _local_network_not_valid()

        if subnet < 8 or subnet > 30:
            return _local_network_not_valid()

    for server in Server.get_servers():
        if server.id == server_id:
            continue
        elif server.network == network:
            return utils.jsonify(
                {
                    'error': NETWORK_IN_USE,
                    'error_msg': NETWORK_IN_USE_MSG,
                }, 400)
        elif server.interface == interface:
            return utils.jsonify(
                {
                    'error': INTERFACE_IN_USE,
                    'error_msg': INTERFACE_IN_USE_MSG,
                }, 400)
        elif server.port == port and server.protocol == protocol:
            return utils.jsonify(
                {
                    'error': PORT_PROTOCOL_IN_USE,
                    'error_msg': PORT_PROTOCOL_IN_USE_MSG,
                }, 400)

    if not server_id:
        server = Server(
            name=name,
            network=network,
            interface=interface,
            port=port,
            protocol=protocol,
            local_network=local_network,
            public_address=public_address,
            otp_auth=otp_auth,
            lzo_compression=lzo_compression,
            debug=debug,
        )
    else:
        server = Server(id=server_id)
        if server.status:
            return utils.jsonify(
                {
                    'error': SERVER_NOT_OFFLINE,
                    'error_msg': SERVER_NOT_OFFLINE_MSG,
                }, 400)
        server.name = name
        server.network = network
        server.interface = interface
        server.port = port
        server.protocol = protocol
        server.local_network = local_network
        server.public_address = public_address
        server.otp_auth = otp_auth
        server.lzo_compression = lzo_compression
        server.debug = debug
        server.commit()

    Event(type=USERS_UPDATED)

    return utils.jsonify({})
Beispiel #39
0
def server_output_get(server_id):
    server = Server(server_id)
    return utils.jsonify({
        'id': server.id,
        'output': server.get_output(),
    })
Beispiel #40
0
def server_org_delete(server_id, org_id):
    server = Server(server_id)
    server.remove_org(org_id)
    return utils.jsonify({})