Exemple #1
0
 def _f():
     from codebay.l2tpserver.webui import uihelpers
     uihelpers.update_ssl_certificate_files()
Exemple #2
0
    def submitted(self, ctx, form, data):
        fda = formalutils.FormDataAccessor(form, [], ctx)
        pd = uidatahelpers.CreateProtocolData()

        # Save collapsed states first, so they feed back to next round
        for [rdf_uri,
             key] in [[ns_ui.collapseLicense, 'license_group'],
                      [ns_ui.collapseLocale, 'locale_group'],
                      [ns_ui.collapseProductMaintenance, 'reboot_group'],
                      [ns_ui.collapseSnmp, 'snmp_group'],
                      [ns_ui.collapseRemoteManagement, 'remote_group'],
                      [ns_ui.collapseSslCertificate, 'ssl_group']]:
            try:
                # XXX: passing of the hidden _collapsedstate_ parameter is not too clean
                uihelpers.update_collapse_setting(
                    rdf_uri, fda['%s._collapsedstate_' % key])
            except:
                _log.exception('error updating collapsed state for %s' %
                               rdf_uri)

        try:
            # global canonicalization
            tmp = fda.descend('license_group')
            if tmp.has_key('license_key') and (tmp['license_key'] is not None):
                tmp['license_key'] = tmp['license_key'].upper().strip()

            # global validation
            tmp = fda.descend('license_group')
            if tmp.has_key('license_key') and (tmp['license_key'] is not None):
                val, grps = None, None
                try:
                    val, grps = licensekey.decode_license(tmp['license_key'])
                except:
                    _log.exception('license decoding failed')
                if val is None:
                    tmp.add_error('license_key', 'Invalid license key')

            tmp = fda.descend('remote_group')
            if tmp.has_key('root_password1') and tmp.has_key('root_password2'):
                pw1, pw2 = tmp['root_password1'], tmp['root_password2']
                if pw1 is None:
                    pw1 = ''
                if pw2 is None:
                    pw2 = ''
                if pw1 != pw2:
                    tmp.add_error('root_password1', 'Passwords do not match')
                    tmp.add_error('root_password2', 'Passwords do not match')
                else:
                    if not helpers.check_unix_password_characters(pw1):
                        tmp.add_error('root_password1',
                                      'Invalid characters in password')
                        tmp.add_error('root_password2',
                                      'Invalid characters in password')

            tmp = fda.descend('snmp_group')
            if tmp.has_key(
                    'snmp_community') and tmp['snmp_community'] is not None:
                if not uihelpers.check_snmp_community_characters(
                        tmp['snmp_community']):
                    tmp.add_error('snmp_community', 'Invalid characters')

            #
            #  XXX -- How to validate SSL certificates reliably?  Currently invalid
            #  certificate / key causes VPNease to use self-signed version so it's
            #  relatively OK.
            #

            #
            #  XXX -- admin smtp setting validation & normalization
            #

            # Intermediate early bail out to avoid saving if there are errors
            fda.finalize_validation()

            # Deep copy UI config to 'new' UI config
            pd.clone_ui_config()

            # save data
            self.save_ui_data(ctx, form, data)

            # re-create protocol data to see if new exceptions crop up
            pd.save_protocol_data()
        except:
            _log.exception(
                'validation failed unexpectedly, adding global error')
            fda.add_global_error('Unknown validation error')

        # finalize; raises if something wrong
        fda.finalize_validation()

        # locale settings are handled directly
        cfg_ui = helpers.get_new_ui_config()
        try:
            cfg_ui.setS(ns_ui.timezone, rdf.String,
                        fda['locale_group.timezone'])
            cfg_ui.setS(ns_ui.keymap, rdf.String, fda['locale_group.keymap'])
            gnomeconfig.set_keymap_settings(
                cfg_ui.getS(ns_ui.keymap, rdf.String))
        except:
            _log.exception('activating timezone and keymap settings failed')

        # same with root password
        try:
            tmp = fda.descend('remote_group')
            if tmp.has_key('root_password1') and tmp.has_key('root_password2'):
                pw1, pw2 = tmp['root_password1'], tmp['root_password2']
                if (pw1 == '') and (pw2 == ''):
                    pass
                elif (pw1 == None) and (pw2 == None):
                    pass
                elif pw1 == pw2:
                    # change password; we assume it converts to ascii nicely
                    helpers.change_unix_password('root', str(pw1))
                else:
                    # should not come here
                    _log.error('passwords differ after validation, ignoring')
        except:
            _log.exception('changing root password failed')

        # activate new config
        pd.activate_protocol_data()

        # update initial config saved flag
        pd.update_initial_config_saved()

        #
        #  XXX: It would be cleaner if we could first stop the runner, then change the
        #  config, and then restart it.  If we do that with a deferred, then it is possible
        #  that the user changes the config again before we have time to activate it.
        #  Putting the config into some sort of "staging area" might help.  Currently we
        #  simply assume that runner stop (and start) are robust enough.
        #

        #
        #  XXX: If timezone has changed, we should re-render graphs immediately so they
        #  will have the correct timezone when status pages are loaded.
        #

        # ssl certificate - always rewrite here
        try:
            uihelpers.update_ssl_certificate_files()

            # reread files; we don't regenerate because we never overwrite the self-signed
            # certificate here
            self.master.reread_ssl_files()
        except:
            _log.exception('ssl certificate check failed')

        # stop, configure, start
        followup = uihelpers.build_uri(ctx, 'status/main.html')
        return uihelpers.reconfigure_and_restart_page(self.master,
                                                      ctx,
                                                      followup_uri=followup)
Exemple #3
0
    def submitted(self, ctx, form, data):
        fda = formalutils.FormDataAccessor(form, [], ctx)
        pd = uidatahelpers.CreateProtocolData()
        
        # Save collapsed states first, so they feed back to next round
        for [rdf_uri, key] in [ [ ns_ui.collapseLicense, 'license_group' ],
                                [ ns_ui.collapseLocale, 'locale_group' ],
                                [ ns_ui.collapseProductMaintenance, 'reboot_group' ],
                                [ ns_ui.collapseSnmp, 'snmp_group' ],
                                [ ns_ui.collapseRemoteManagement, 'remote_group' ],
                                [ ns_ui.collapseSslCertificate, 'ssl_group' ] ]:
            try:
                # XXX: passing of the hidden _collapsedstate_ parameter is not too clean
                uihelpers.update_collapse_setting(rdf_uri, fda['%s._collapsedstate_' % key])
            except:
                _log.exception('error updating collapsed state for %s' % rdf_uri)

        try:
            # global canonicalization
            tmp = fda.descend('license_group')
            if tmp.has_key('license_key') and (tmp['license_key'] is not None):
                tmp['license_key'] = tmp['license_key'].upper().strip()

            # global validation
            tmp = fda.descend('license_group')
            if tmp.has_key('license_key') and (tmp['license_key'] is not None):
                val, grps = None, None
                try:
                    val, grps = licensekey.decode_license(tmp['license_key'])
                except:
                    _log.exception('license decoding failed')
                if val is None:
                    tmp.add_error('license_key', 'Invalid license key')

            tmp = fda.descend('remote_group')
            if tmp.has_key('root_password1') and tmp.has_key('root_password2'):
                pw1, pw2 = tmp['root_password1'], tmp['root_password2']
                if pw1 is None:
                    pw1 = ''
                if pw2 is None:
                    pw2 = ''
                if pw1 != pw2:
                    tmp.add_error('root_password1', 'Passwords do not match')
                    tmp.add_error('root_password2', 'Passwords do not match')
                else:
                    if not helpers.check_unix_password_characters(pw1):  
                        tmp.add_error('root_password1', 'Invalid characters in password')
                        tmp.add_error('root_password2', 'Invalid characters in password')

            tmp = fda.descend('snmp_group')
            if tmp.has_key('snmp_community') and tmp['snmp_community'] is not None:
                if not uihelpers.check_snmp_community_characters(tmp['snmp_community']):
                    tmp.add_error('snmp_community', 'Invalid characters')

            #
            #  XXX -- How to validate SSL certificates reliably?  Currently invalid
            #  certificate / key causes VPNease to use self-signed version so it's
            #  relatively OK.
            #

            #
            #  XXX -- admin smtp setting validation & normalization
            #
            
            # Intermediate early bail out to avoid saving if there are errors
            fda.finalize_validation()

            # Deep copy UI config to 'new' UI config
            pd.clone_ui_config()

            # save data
            self.save_ui_data(ctx, form, data)

            # re-create protocol data to see if new exceptions crop up
            pd.save_protocol_data()
        except:
            _log.exception('validation failed unexpectedly, adding global error')
            fda.add_global_error('Unknown validation error')

        # finalize; raises if something wrong
        fda.finalize_validation()

        # locale settings are handled directly
        cfg_ui = helpers.get_new_ui_config()
        try:
            cfg_ui.setS(ns_ui.timezone, rdf.String, fda['locale_group.timezone'])
            cfg_ui.setS(ns_ui.keymap, rdf.String, fda['locale_group.keymap'])
            gnomeconfig.set_keymap_settings(cfg_ui.getS(ns_ui.keymap, rdf.String))
        except:
            _log.exception('activating timezone and keymap settings failed')

        # same with root password 
        try:
            tmp = fda.descend('remote_group')
            if tmp.has_key('root_password1') and tmp.has_key('root_password2'):
                pw1, pw2 = tmp['root_password1'], tmp['root_password2']
                if (pw1 == '') and (pw2 == ''):
                    pass
                elif (pw1 == None) and (pw2 == None):
                    pass
                elif pw1 == pw2:
                    # change password; we assume it converts to ascii nicely
                    helpers.change_unix_password('root', str(pw1))
                else:
                    # should not come here
                    _log.error('passwords differ after validation, ignoring')
        except:
            _log.exception('changing root password failed')

        # activate new config
        pd.activate_protocol_data()

        # update initial config saved flag
        pd.update_initial_config_saved()

        #
        #  XXX: It would be cleaner if we could first stop the runner, then change the
        #  config, and then restart it.  If we do that with a deferred, then it is possible
        #  that the user changes the config again before we have time to activate it.
        #  Putting the config into some sort of "staging area" might help.  Currently we
        #  simply assume that runner stop (and start) are robust enough.
        #

        #
        #  XXX: If timezone has changed, we should re-render graphs immediately so they
        #  will have the correct timezone when status pages are loaded.
        #

        # ssl certificate - always rewrite here
        try:
            uihelpers.update_ssl_certificate_files()

            # reread files; we don't regenerate because we never overwrite the self-signed
            # certificate here
            self.master.reread_ssl_files()
        except:
            _log.exception('ssl certificate check failed')

        # stop, configure, start
        followup = uihelpers.build_uri(ctx, 'status/main.html')
        return uihelpers.reconfigure_and_restart_page(self.master, ctx, followup_uri=followup)