def installCertificates(session):
if not os_exists(CERT_FILE) \
or not os_exists(KEY_FILE):
print "[Webinterface].installCertificates :: Generating SSL key pair and CACert"
# create a key pair
k = crypto.PKey()
k.generate_key(crypto.TYPE_RSA, 1024)
# create a self-signed cert
cert = crypto.X509()
cert.get_subject().C = "DE"
cert.get_subject().ST = "Home"
cert.get_subject().L = "Home"
cert.get_subject().O = "Dreambox"
cert.get_subject().OU = "STB"
cert.get_subject().CN = socket_gethostname()
cert.set_serial_number(random.randint(1000000,1000000000))
cert.set_notBefore("20120101000000Z");
cert.set_notAfter("20301231235900Z")
cert.set_issuer(cert.get_subject())
cert.set_pubkey(k)
print "[Webinterface].installCertificates :: Signing SSL key pair with new CACert"
cert.sign(k, 'sha1')
try:
print "[Webinterface].installCertificates :: Installing newly generated certificate and key pair"
saveFile(CERT_FILE, crypto.dump_certificate(crypto.FILETYPE_PEM, cert))
saveFile(KEY_FILE, crypto.dump_privatekey(crypto.FILETYPE_PEM, k))
except IOError, e:
#Disable https
config.plugins.Webinterface.https.enabled.value = False
config.plugins.Webinterface.https.enabled.save()
#Inform the user
session.open(MessageBox, "Couldn't install generated SSL-Certifactes for https access\nHttps access is disabled!", MessageBox.TYPE_ERROR)
def installCertificates(session):
if not os_exists(CERT_FILE) \
or not os_exists(KEY_FILE):
print("[Webinterface].installCertificates :: Generating SSL key pair and CACert")
# create a key pair
k = crypto.PKey()
k.generate_key(crypto.TYPE_RSA, 1024)
# create a self-signed cert
cert = crypto.X509()
cert.get_subject().C = "DE"
cert.get_subject().ST = "Home"
cert.get_subject().L = "Home"
cert.get_subject().O = "Dreambox"
cert.get_subject().OU = "STB"
cert.get_subject().CN = socket_gethostname()
cert.set_serial_number(random.randint(1000000, 1000000000))
cert.set_notBefore(b"20120101000000Z")
cert.set_notAfter(b"20301231235900Z")
cert.set_issuer(cert.get_subject())
cert.set_pubkey(k)
print("[Webinterface].installCertificates :: Signing SSL key pair with new CACert")
cert.sign(k, 'sha1')
try:
print("[Webinterface].installCertificates :: Installing newly generated certificate and key pair")
saveFile(CERT_FILE, crypto.dump_certificate(crypto.FILETYPE_PEM, cert))
saveFile(KEY_FILE, crypto.dump_privatekey(crypto.FILETYPE_PEM, k))
except IOError as e:
#Disable https
config.plugins.Webinterface.https.enabled.value = False
config.plugins.Webinterface.https.enabled.save()
#Inform the user
session.open(MessageBox, "Couldn't install generated SSL-Certifactes for https access\nHttps access is disabled!", MessageBox.TYPE_ERROR)
def get_parameters():
parameters=dict()
parameters['script_path'] = Helpers.input("Installation path", os.path.dirname(os.path.realpath(__file__)))
parameters['vpn_server_host'] = Helpers.input("Domain or IP for vpn server", socket_gethostname())
parameters['vpn_server_port'] = Helpers.input("Port for the vpn server", 1194)
parameters['client_network_address'] = Helpers.input("Network address for client network", '10.31.8.0')
parameters['client_network_netmask'] = Helpers.input("Netmask for client network", '255.255.255.0')
parameters['cipher'] = Helpers.input("Encryption cipher for the vpn", 'AES-256-CBC')
parameters['ca_certificate'] = open(Helpers.input("Filename for CA-certificate", "%s.crt" % parameters['vpn_server_host'])).read().strip()
parameters['server_certificate'] = open(Helpers.input("Filename for server certificate", parameters['ca_certificate'])).read().strip()
parameters['server_key'] = open(Helpers.input("Filename for server certificate key file", "%s.key" % parameters['vpn_server_host'])).read().strip()
parameters['ta_key'] = open(Helpers.input("Filename for tls-auth key", "ta.key")).read().strip()
parameters['dhparam'] = open(Helpers.input("Filename for Diffie-Hellman key", "dh2048.pem")).read().strip()
return parameters
def monitor_processes_in_background(self):
from time import sleep as time_sleep
if config.use_python_smtplib:
import smtplib
from email.mime.text import MIMEText
from email.mime.multipart import MIMEMultipart
if config.use_mailx:
from os import remove as os_remove
while True:
self.list_currently_working_processes(
config.ps_command, config.column_with_pid_for_ps_command)
list_of_broken_processes = list()
for process_group in self.list_of_processes_to_check:
# CHECK PROCESSES
for process in process_group.processes_list:
number_of_found_instances = 0
# COUNT NUMBER OF INSTANCES #
for running_process in self.list_of_processes_on_current_hostname:
if process.pattern in running_process:
number_of_found_instances += 1
if number_of_found_instances == process.number_of_instances:
# CHECK UPDATE ON LOGFILE #
if process.log_update > 0 and process.log_path:
final_path_to_log = ''
path, file = os_path.split(process.log_path)
path_listed_elements = os_listdir(path)
path_listed_elements.sort(
key=lambda x: os_path.getmtime(
os_path.join(path, x)),
reverse=True)
for file_name in path_listed_elements:
if file in file_name:
final_path_to_log = os_path.join(
path, file_name)
break
last_logfile_date = datetime.fromtimestamp(
os_stat(final_path_to_log).st_mtime)
now_minus_time = datetime.now() - timedelta(
seconds=process.log_update)
if last_logfile_date < now_minus_time:
last_update_time = datetime.now(
) - last_logfile_date
treshold = timedelta(
seconds=process.log_update)
list_of_broken_processes.append(
(process.name, number_of_found_instances,
process.number_of_instances,
last_update_time, treshold))
else:
continue
elif number_of_found_instances != process.number_of_instances:
list_of_broken_processes.append(
(process.name, number_of_found_instances,
process.number_of_instances))
# IF FOUND BROKEN PROCESS SEND MAIL #
if list_of_broken_processes:
# PREPARE MAIL BODY #
mail_body = style.mail_header
for broken_process in list_of_broken_processes:
if len(broken_process) == 3:
name, number_of_working_processes, number_of_expected_working_processes = broken_process
mail_body += ''.join([
(style.mail_one_line_format %
(number_of_working_processes,
number_of_expected_working_processes, '', '',
name))
])
elif len(broken_process) == 5:
name, number_of_working_processes, number_of_expected_working_processes, last_update, update_treshold = broken_process
mail_body += ''.join([(
style.mail_one_line_format %
(number_of_working_processes,
number_of_expected_working_processes,
str(last_update)[:7], str(update_treshold), name))
])
# SENT MAIL #
# USING PYTHON LIBRARIES #
if config.use_python_smtplib:
try:
receivers_data = ';'.join(config.receivers)
msg = MIMEMultipart()
msg['From'] = config.sender
msg['To'] = receivers_data
msg['Subject'] = (config.subject %
socket_gethostname())
msg.attach(MIMEText(mail_body, 'plain'))
server = smtplib.SMTP(config.smtp_server,
config.smtp_port)
server.ehlo()
server.starttls()
server.ehlo()
server.login(config.sender, config.sender_password)
text = msg.as_string()
server.sendmail(config.sender, config.receivers, text)
except:
sys_exit(text.text_11)
# USING MAILX #
if config.use_mailx:
try:
file_body_path = os_path.join(
config.path_to_script, config.sent_body_file_name)
with open(file_body_path, 'w') as file:
file.write(mail_body)
command = ''.join([
'( cat ', file_body_path, ' ) | mailx -s "',
(config.subject % socket_gethostname()), '" "',
(','.join(config.receivers)), '"'
])
os_system(command)
os_remove(file_body_path)
except KeyError:
sys_exit(text.text_16)
time_sleep(
config.when_found_broken_processes_next_check_in_seconds)
time_sleep(config.check_processes_each_how_many_seconds)
def load_processes_list(self, custom_file=False):
# CHECK IF FILE EXIST FOR CURRENT HOSTNAME #
if not custom_file:
files_of_hostnames = os_listdir(
os_path.join(config.path_to_script,
config.folder_to_processes_files))
current_hostname_name = socket_gethostname()
current_hostname_file = None
for file_hostname in files_of_hostnames:
if current_hostname_name in file_hostname:
current_hostname_file = file_hostname
# IF FILE EXIST THEN GATHER FILE TO DATABASE
if not current_hostname_file:
sys_exit(''.join([
style.sign_newline_double, text.text_15,
style.sign_newline_double
]))
if custom_file:
current_hostname_file = custom_file
with open(
os_path.join(config.path_to_script,
config.folder_to_processes_files,
current_hostname_file),
'r') as current_hostname_file_opened:
counter = 0
for line in current_hostname_file_opened:
counter += 1
if counter == 1 or counter == 2 or counter == 3:
continue # SKIP HEADER LINES
line = line.rstrip('\r\n')
process_array = line.split(style.sign_semicolon)
# BELOW LINE WILL SKIP EMPPTY LINES #
if not process_array[0] and not process_array[
1] and not process_array[2] and not process_array[
3] and not process_array[4] and not process_array[
5] and not process_array[
6] and not process_array[7]:
continue
if not process_array[1] and not process_array[
2] and not process_array[6]:
self.list_of_processes_to_check.append(
GroupProcess(process_array[0]))
else:
if not process_array[0]:
sys_exit(
(''.join(style.sign_fullfill,
style.sign_minus_space, text.text_16) %
process_array[0]))
if not process_array[1]:
sys_exit(
(''.join(style.sign_fullfill,
style.sign_minus_space, text.text_17) %
process_array[0]))
if not process_array[2]:
sys_exit(
(''.join(style.sign_fullfill,
style.sign_minus_space, text.text_18) %
process_array[0]))
if not process_array[6]:
sys_exit(
(''.join(style.sign_fullfill,
style.sign_minus_space, text.text_19) %
process_array[0]))
start_command = None
end_command = None
log_path = None
do_check_for_errors_in_logfile = False
if process_array[3]: start_command = process_array[3]
if process_array[4]: end_command = process_array[4]
if process_array[5]: log_path = process_array[5]
if process_array[7] == 'Y':
do_check_for_errors_in_logfile = True
process = Process(process_array[0], process_array[1],
int(process_array[2]), start_command,
end_command, log_path,
int(process_array[6]),
do_check_for_errors_in_logfile)
self.list_of_processes_to_check[-1].processes_list.append(
process)