def __init__(self, logger, use_ipv6):
LoggerChild.__init__(self, logger)
if use_ipv6:
filename = 'new_rules_ipv6'
else:
filename = 'new_rules_ipv4'
self.filename = join(RULESET_DIR, filename)
self.use_ipv6 = use_ipv6
def __init__(self, logger, component, netcfg, ruleset, template, use_template):
LoggerChild.__init__(self, logger)
self.component = component
self.netcfg = netcfg
self.ruleset = ruleset # Ruleset name (str)
self.template = template
self.use_template = use_template
self.filename = rulesetFilename("ruleset", self.ruleset)
self.old = File(self.filename + ".old", False)
def __init__(self, logger, component, context, netcfg, name, use_nufw):
LoggerChild.__init__(self, logger)
self.context = context
self.component = component
self.netcfg = netcfg
# By default, reuse the production ruleset
self.ruleset_name = name
self.filename = PRODUCTION_RULESET
self.use_nufw = use_nufw
def __init__(self, secondary):
self.hello_task_id = None
self.component = secondary.component
self.core = secondary.core
self.ctx = Context.fromComponent(self.component)
self.state = self.INIT
self.vars = VariablesStore()
LoggerChild.__init__(self, self.component)
def __init__(self, logger, checkout_directory, client=None):
LoggerChild.__init__(self, logger)
if client is None:
client = Client()
self.client = client
self.checkout_directory = checkout_directory
self.use_white_list = False
self.white_list = None
def __init__(self, logger, config, default_decisions, acls, nats, custom_rules,
options, apply_rules):
LoggerChild.__init__(self, logger)
self.generator = IptablesGenerator(logger, default_decisions, options, config, apply_rules)
self.acls = acls
self.nats = nats
self.custom_rules = custom_rules
self.options = options
self.keep_files = True
self.old_rules = None
self.new_rules = None
def __init__(self, logger, default_decisions, options, config, apply_rules):
LoggerChild.__init__(self, logger)
self.options = options
self.config = config['iptables']
self.apply_rules = apply_rules
# DefaultDecisions object, can be None for NAT rules
self.default_decisions = default_decisions
self.options.log_type = self.config['log_type']
self.options.gateway = config.isGateway()
if self.options.ipv6 and self.options.log_type == "ULOG":
self.apply_rules.warning("ip6tables doesn't support ULOG: set log type to LOG")
self.options.log_type = 'LOG'
def __init__(self):
if not isinstance(self, Component):
raise NotImplementedError("This class has to be inherited by a Component class")
self.core = None
self.CERT_ATTR_TO_PATH = None
self.cert_logger = LoggerChild(self)
self.CERT_ATTR_TO_PATH = {
'key' : self.KEY_PATH,
'cert' : self.CERT_PATH,
'ca' : self.CA_PATH,
'crl' : self.CRL_PATH,
}
def __init__(self, logger, ldap_config, ldap_rules):
self.old_rules = []
LoggerChild.__init__(self, logger)
self.rules = ldap_rules
self.ldap_config = ldap_config
def __init__(self, logger, ldap_config):
LoggerChild.__init__(self, logger)
self.basedn = ldap_config['basedn']
def __init__(self, logger, filename, content):
LoggerChild.__init__(self, logger)
self.filename = filename
self.new = File(self.filename + ".new", False)
self.old = File(self.filename + ".old", False)
self.content = content
def __init__(self, logger):
LoggerChild.__init__(self, logger)
self.journal = None
self.__current_component = None
self.reset()
def __init__(self, logger, filename):
LoggerChild.__init__(self, logger)
self.filename = filename
self.copy = File(self.filename + ".copy", False)
def __init__(self, context, logger):
LoggerChild.__init__(self, logger)
self.context = context
def __init__(self, output_structure, cmd, parent_logger, cmd_timeout=5):
LoggerChild.__init__(self, parent_logger)
self.output_structure = output_structure
self.cmd = cmd
self.cmd_timeout = cmd_timeout
self.last_matched_field = None
def __init__(self, logger, lock_file):
LoggerChild.__init__(self, logger)
self.threading_lock = Lock()
self.lock_file = lock_file
def __init__(self, context, logger):
LoggerChild.__init__(self, logger)
self.arguments = SCRIPT
if context.hasRole("ufwi_rpcd_debug"):
self.arguments += ("--debug",)
def __init__(self, logger, component, netcfg):
LoggerChild.__init__(self, logger)
self.component = component
self.netcfg = netcfg
self.name_callbacks = []
class UseCertificateComponent(object):
CERT_PATH = None
KEY_PATH = None
CA_PATH = None
CRL_PATH = None
CERT_OWNER_AND_GROUP = "root", "root"
def __init__(self):
if not isinstance(self, Component):
raise NotImplementedError("This class has to be inherited by a Component class")
self.core = None
self.CERT_ATTR_TO_PATH = None
self.cert_logger = LoggerChild(self)
self.CERT_ATTR_TO_PATH = {
'key' : self.KEY_PATH,
'cert' : self.CERT_PATH,
'ca' : self.CA_PATH,
'crl' : self.CRL_PATH,
}
def init(self, core):
self.core = core
self.core.notify.connect('nupki', 'updateCRL', self._nupkiCRLUpdated)
def service_getCertificatesInfo(self, ctx):
"""
Return information about certifiates/eky currently set, in the form of a dictionnary:
{
'cert' : ['brief description', 'certificate content'],
'key' : ['md5 of the key', ''],
'ca' : ['brief description', 'CA content'],
'crl' : ['brief description', 'CRL content'],
}
"""
infos = {
'cert' : [tr('No certificate set'), tr('No certificate has been set yet')],
'key' : [tr('No key set'), ''],
'ca' : [tr('No CA is set'), tr('No certificate authority has been set yet')],
'crl' : [tr('No CRL set'), tr('No certificate revocation list has been set yet')],
}
# Certificate
try:
if isfile(self.CERT_PATH):
cert = load_cert(self.CERT_PATH)
infos['cert'][0] = unicode(cert.get_subject())
infos['cert'][1] = unicode(cert.as_text())
except Exception, error:
infos['cert'][0] = tr('Invalid certificate')
self.cert_logger.debug("Invalid cert : %s" % error)
# Private key
try:
if isfile(self.KEY_PATH):
with open(self.KEY_PATH, 'rb') as key:
hash_md5 = md5()
hash_md5.update(key.read())
infos['key'][0] = u'MD5: ' + unicode(hash_md5.hexdigest())
except Exception, error:
infos['key'][0] = tr('Invalid key')
self.cert_logger.debug("Invalid key : %s" % error)
def __init__(self, logger, ufwi_ruleset_rules):
LoggerChild.__init__(self, logger)
self.ufwi_ruleset_rules = ufwi_ruleset_rules
self.filename = RULES_FILENAME
self.old_rules = File(self.filename + ".old", False)
self.new_rules = File(self.filename + ".new", False)
def __init__(self, component, core, config):
LoggerChild.__init__(self, component)
self.core = core
self.component = component
self.config = config
self.primary = None
def __init__(self, logger):
LoggerChild.__init__(self, logger)
def __init__(self, links, logger):
LoggerChild.__init__(self, logger)
self.filename = GENERIC_LINKS_XML
self.links = links
self.old = File(self.filename + ".old", False)
