Esempio n. 1
0
def page_index():
    default_start_url = config.user.get_attribute(
        "start_url") or config.start_url
    start_url = html.var("start_url", default_start_url).strip()

    # Prevent redirecting to absolute URL which could be used to redirect
    # users to compromised pages.
    if '://' in start_url:
        start_url = default_start_url

    # Also prevent using of "javascript:" URLs which could used to inject code
    if start_url.lower().startswith('javascript:'):
        start_url = default_start_url

    if "%s" in config.page_heading:
        heading = config.page_heading % (config.site(config.omd_site()).get(
            'alias', _("Multisite")))
    else:
        heading = config.page_heading

    html.write(
        '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Frameset//EN" "http://www.w3.org/TR/html4/frameset.dtd">\n'
        '<html><head>\n')
    html.default_html_headers()
    html.write("""<title>%s</title>
</head>
<frameset cols="280,*" frameborder="0" framespacing="0" border="0">
    <frame src="side.py" name="side" noresize scrolling="no">
    <frame src="%s" name="main" noresize>
</frameset>
</html>
""" % (html.attrencode(heading), html.attrencode(start_url)))
Esempio n. 2
0
def create_self_signed_cert(pkey):
    cert = crypto.X509()
    cert.get_subject().O = "Check_MK Site %s" % config.omd_site()
    cert.get_subject().CN = config.user.id or "### Check_MK ###"
    cert.set_serial_number(1)
    cert.gmtime_adj_notBefore(0)
    cert.gmtime_adj_notAfter(30 * 365 * 24 * 60 * 60)  # valid for 30 years.
    cert.set_issuer(cert.get_subject())
    cert.set_pubkey(pkey)
    cert.sign(pkey, 'sha1')

    return cert
Esempio n. 3
0
def create_self_signed_cert(pkey):
    cert = crypto.X509()
    cert.get_subject().O = "Check_MK Site %s" % config.omd_site()
    cert.get_subject().CN = config.user.id or "### Check_MK ###"
    cert.set_serial_number(1)
    cert.gmtime_adj_notBefore(0)
    cert.gmtime_adj_notAfter(30 * 365 * 24 * 60 * 60)  # valid for 30 years.
    cert.set_issuer(cert.get_subject())
    cert.set_pubkey(pkey)
    cert.sign(pkey, "sha1")

    return cert
Esempio n. 4
0
def page_logout():
    invalidate_auth_session()

    if auth_type == 'cookie':
        html.http_redirect(config.url_prefix() + 'check_mk/login.py')
    else:
        # Implement HTTP logout with cookie hack
        if not html.has_cookie('logout'):
            html.set_http_header(
                'WWW-Authenticate',
                'Basic realm="OMD Monitoring Site %s"' % config.omd_site())
            html.set_cookie('logout', '1')
            raise FinalizeRequest(401)
        else:
            html.del_cookie('logout')
            html.http_redirect(config.url_prefix() + 'check_mk/')
Esempio n. 5
0
def page_index():
    default_start_url = config.user.get_attribute(
        "start_url") or config.start_url
    start_url = html.var("start_url", default_start_url).strip()

    # Prevent redirecting to absolute URL which could be used to redirect
    # users to compromised pages.
    # Also prevent using of "javascript:" URLs which could used to inject code
    parsed = urlparse.urlparse(start_url)

    # Don't allow the user to set a URL scheme
    if parsed.scheme != "":
        start_url = default_start_url

    # Don't allow the user to set a network location
    if parsed.netloc != "":
        start_url = default_start_url

    # Don't allow bad characters in path
    if not re.match("[/a-z0-9_\.-]*$", parsed.path):
        start_url = default_start_url

    if "%s" in config.page_heading:
        heading = config.page_heading % (config.site(config.omd_site()).get(
            'alias', _("Multisite")))
    else:
        heading = config.page_heading

    html.write(
        '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Frameset//EN" "http://www.w3.org/TR/html4/frameset.dtd">\n'
        '<html><head>\n')
    html.default_html_headers()
    html.write("""<title>%s</title>
</head>
<frameset cols="280,*" frameborder="0" framespacing="0" border="0">
    <frame src="side.py" name="side" noresize scrolling="no">
    <frame src="%s" name="main" noresize>
</frameset>
</html>
""" % (html.attrencode(heading), html.attrencode(start_url)))
Esempio n. 6
0
def page_index():
    default_start_url = config.user.get_attribute("start_url") or config.start_url
    start_url = html.var("start_url", default_start_url).strip()

    # Prevent redirecting to absolute URL which could be used to redirect
    # users to compromised pages.
    # Also prevent using of "javascript:" URLs which could used to inject code
    parsed = urlparse.urlparse(start_url)

    # Don't allow the user to set a URL scheme
    if parsed.scheme != "":
        start_url = default_start_url

    # Don't allow the user to set a network location
    if parsed.netloc != "":
        start_url = default_start_url

    # Don't allow bad characters in path
    if not re.match("[/a-z0-9_\.-]*$", parsed.path):
        start_url = default_start_url

    if "%s" in config.page_heading:
        heading = config.page_heading % (config.site(config.omd_site()).get('alias', _("Multisite")))
    else:
        heading = config.page_heading

    html.write('<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Frameset//EN" "http://www.w3.org/TR/html4/frameset.dtd">\n'
               '<html><head>\n')
    html.default_html_headers()
    html.write("""<title>%s</title>
</head>
<frameset cols="280,*" frameborder="0" framespacing="0" border="0">
    <frame src="side.py" name="side" noresize scrolling="no">
    <frame src="%s" name="main" noresize>
</frameset>
</html>
""" % (html.attrencode(heading), html.attrencode(start_url)))
Esempio n. 7
0
def topology_url():
    return config.url_prefix() + 'nagvis/frontend/nagvis-js/index.php?' + \
           'mod=Map&header_template=on-demand-filter&header_menu=1&label_show=1' + \
           '&sources=automap&act=view&backend_id=' + config.omd_site() + \
           '&render_mode=undirected&url_target=main&filter_group=' + \
           (config.topology_default_filter_group or '')
Esempio n. 8
0
    "context": {},
    "mtime":
    0,
    "show_title":
    True,
    "title":
    _("Network Topology"),
    "topic":
    _("Overview"),
    "description":
    _("This dashboard uses the parent relationships of your hosts to display a "
      "hierarchical map."),
    "dashlets": [
        {
            "type": "url",
            "title": "Topology of Site " + config.omd_site(),
            "urlfunc": 'topology_url',
            "reload_on_resize": True,
            "position": (1, 1),
            "size": (GROW, GROW),
            "context": {},
            "single_infos": [],
        },
    ]
}

builtin_dashboards["simple_problems"] = {
    "single_infos": [],
    "context": {},
    "mtime":
    0,
Esempio n. 9
0
def topology_url():
    return config.url_prefix() + 'nagvis/frontend/nagvis-js/index.php?' + \
           'mod=Map&header_template=on-demand-filter&header_menu=1&label_show=1' + \
           '&sources=automap&act=view&backend_id=' + config.omd_site() + \
           '&render_mode=undirected&url_target=main&filter_group=' + \
           (config.topology_default_filter_group or '')
Esempio n. 10
0
           '&render_mode=undirected&url_target=main&filter_group=' + \
           (config.topology_default_filter_group or '')

builtin_dashboards["topology"] = {
    "single_infos": [],
    "context"     : {},
    "mtime"       : 0,
    "show_title"  : True,
    "title"       : _("Network Topology"),
    "topic"       : _("Overview"),
    "description" : _("This dashboard uses the parent relationships of your hosts to display a "
                      "hierarchical map."),
    "dashlets" : [
        {
            "type"             : "url",
            "title"            : "Topology of Site " + config.omd_site(),
            "urlfunc"          : 'topology_url',
            "reload_on_resize" : True,
            "position"         : (1, 1),
            "size"             : (GROW, GROW),
            "context"          : {},
            "single_infos"     : [],
        },
    ]
}

builtin_dashboards["simple_problems"] = {
    "single_infos": [],
    "context"     : {},
    "mtime"       : 0,
    "show_title"  : True,
Esempio n. 11
0
def page_logout():
    invalidate_auth_session()

    if auth_type == 'cookie':
        html.http_redirect(config.url_prefix() + 'check_mk/login.py')
    else:
        # Implement HTTP logout with cookie hack
        if not html.has_cookie('logout'):
            html.set_http_header('WWW-Authenticate', 'Basic realm="OMD Monitoring Site %s"' % config.omd_site())
            html.set_cookie('logout', '1')
            raise FinalizeRequest(401)
        else:
            html.del_cookie('logout')
            html.http_redirect(config.url_prefix() + 'check_mk/')