def isValidWithMsg(self):
if not self.enabled and not self.server:
# allow empty server if not enabled
pass
elif not check_ip_or_domain(self.server):
return (False,
tr('Invalid server IP (IPv4 or IPv6 are allowed): ') \
+ self.server)
if not check_port(self.port):
return False, tr('Invalid port (%s): must be greater than 0 and lower than 65536.') % self.port
# allow empty client_network if not enabled
if self.enabled or self.client_network:
if not check_network(self.client_network):
return False, tr('Invalid client network: ') + self.client_network
if IP(self.client_network).len() > 65536L:
return False, tr('The client network cannot be broader than a /16 network (netmask 255.255.0.0 at most).')
elif IP(self.client_network).len() < 8:
return False, tr('The client network cannot be narrower than a /29 network (netmask 255.255.255.248 at least).')
if self.protocol not in ['tcp', 'udp']:
return False, tr("Unknown protocol (choose 'tcp' or 'udp'): ") + self.protocol
# should be done inside checkSerialVersion
if self.enabled is None and self.hasCertWithMsg()[0]:
self.enabled = False
if self.enabled and not self.redirect and not self.manual_pushed_routes:
return False, tr("You need to add routed networks for the VPN or\
to redirect the default gateway through the VPN.")
return True, ''
def service_runTraceroute(self, context, target):
"""
Trace the network route to the specified address
- target : a ip or a hostname that should be probed
return the output of the command
"""
if not check_ip_or_domain(target):
raise ValueError()
return self.runPipe("/usr/bin/traceroute", target)
def service_runPing(self, context, target):
"""
Ping the specified address
- target : a ip or a hostname that should be probed
return the output of the command
"""
if not check_ip_or_domain(target):
raise ValueError()
return self.runPipe("/bin/ping", "-c", "4", target)
def _ad_valid_passwordserver_item(word):
if word == "*":
return True
fqdn = ''
if word.find(':') != -1:
parsed = word.split(':')
if len(parsed) != 2:
return False
fqdn, port = parsed
if not check_port(port):
return False
else:
fqdn = word
return check_ip_or_domain(fqdn)
def isValidWithMsg(self):
if not isinstance(self.servers, list):
return False, tr("The servers parameter must be a list.")
if not self.enabled:
return True, ''
# Syslog export is enabled, so we check the parameters.
if not self.servers or not self.servers[0] or \
self.servers[0].get("address", "") == "":
return False, tr("You must enter the address of a syslog server.")
component_enabled = False
for component in self.components.values():
if component.get("enabled", False):
component_enabled = True
break
if not component_enabled:
return False, tr("You must enable at least one component.")
for server in self.servers:
if not isinstance(server, dict):
return False, tr(
"At least one of the configured servers does "
"not contain the expected type of information:") + \
" %s." % server
if "address" not in server:
return False, tr(
"The following server does not have an address:") + \
" %s." % server
if "port" not in server:
return False, tr(
"The following server does not have a port:") + \
" %s." % server
if not (check_ip_or_domain(server["address"]) or
check_hostname(server["address"])):
return False, tr(
"The syslog server must be an IP address or a FQDN.")
if not isinstance(self.components, dict):
return False, tr(
"The components parameter must be a dictionary.")
for name, component in self.components.items():
if not component["facility"].startswith("local"):
return False, tr("The component") + " %s " % name + \
tr("has an invalid facility:") + \
" %s. " % component["facility"] + tr(
"It should begin with \"local\".")
return True, ''
