def _f(): from codebay.l2tpserver.webui import uihelpers uihelpers.update_ssl_certificate_files()
def submitted(self, ctx, form, data): fda = formalutils.FormDataAccessor(form, [], ctx) pd = uidatahelpers.CreateProtocolData() # Save collapsed states first, so they feed back to next round for [rdf_uri, key] in [[ns_ui.collapseLicense, 'license_group'], [ns_ui.collapseLocale, 'locale_group'], [ns_ui.collapseProductMaintenance, 'reboot_group'], [ns_ui.collapseSnmp, 'snmp_group'], [ns_ui.collapseRemoteManagement, 'remote_group'], [ns_ui.collapseSslCertificate, 'ssl_group']]: try: # XXX: passing of the hidden _collapsedstate_ parameter is not too clean uihelpers.update_collapse_setting( rdf_uri, fda['%s._collapsedstate_' % key]) except: _log.exception('error updating collapsed state for %s' % rdf_uri) try: # global canonicalization tmp = fda.descend('license_group') if tmp.has_key('license_key') and (tmp['license_key'] is not None): tmp['license_key'] = tmp['license_key'].upper().strip() # global validation tmp = fda.descend('license_group') if tmp.has_key('license_key') and (tmp['license_key'] is not None): val, grps = None, None try: val, grps = licensekey.decode_license(tmp['license_key']) except: _log.exception('license decoding failed') if val is None: tmp.add_error('license_key', 'Invalid license key') tmp = fda.descend('remote_group') if tmp.has_key('root_password1') and tmp.has_key('root_password2'): pw1, pw2 = tmp['root_password1'], tmp['root_password2'] if pw1 is None: pw1 = '' if pw2 is None: pw2 = '' if pw1 != pw2: tmp.add_error('root_password1', 'Passwords do not match') tmp.add_error('root_password2', 'Passwords do not match') else: if not helpers.check_unix_password_characters(pw1): tmp.add_error('root_password1', 'Invalid characters in password') tmp.add_error('root_password2', 'Invalid characters in password') tmp = fda.descend('snmp_group') if tmp.has_key( 'snmp_community') and tmp['snmp_community'] is not None: if not uihelpers.check_snmp_community_characters( tmp['snmp_community']): tmp.add_error('snmp_community', 'Invalid characters') # # XXX -- How to validate SSL certificates reliably? Currently invalid # certificate / key causes VPNease to use self-signed version so it's # relatively OK. # # # XXX -- admin smtp setting validation & normalization # # Intermediate early bail out to avoid saving if there are errors fda.finalize_validation() # Deep copy UI config to 'new' UI config pd.clone_ui_config() # save data self.save_ui_data(ctx, form, data) # re-create protocol data to see if new exceptions crop up pd.save_protocol_data() except: _log.exception( 'validation failed unexpectedly, adding global error') fda.add_global_error('Unknown validation error') # finalize; raises if something wrong fda.finalize_validation() # locale settings are handled directly cfg_ui = helpers.get_new_ui_config() try: cfg_ui.setS(ns_ui.timezone, rdf.String, fda['locale_group.timezone']) cfg_ui.setS(ns_ui.keymap, rdf.String, fda['locale_group.keymap']) gnomeconfig.set_keymap_settings( cfg_ui.getS(ns_ui.keymap, rdf.String)) except: _log.exception('activating timezone and keymap settings failed') # same with root password try: tmp = fda.descend('remote_group') if tmp.has_key('root_password1') and tmp.has_key('root_password2'): pw1, pw2 = tmp['root_password1'], tmp['root_password2'] if (pw1 == '') and (pw2 == ''): pass elif (pw1 == None) and (pw2 == None): pass elif pw1 == pw2: # change password; we assume it converts to ascii nicely helpers.change_unix_password('root', str(pw1)) else: # should not come here _log.error('passwords differ after validation, ignoring') except: _log.exception('changing root password failed') # activate new config pd.activate_protocol_data() # update initial config saved flag pd.update_initial_config_saved() # # XXX: It would be cleaner if we could first stop the runner, then change the # config, and then restart it. If we do that with a deferred, then it is possible # that the user changes the config again before we have time to activate it. # Putting the config into some sort of "staging area" might help. Currently we # simply assume that runner stop (and start) are robust enough. # # # XXX: If timezone has changed, we should re-render graphs immediately so they # will have the correct timezone when status pages are loaded. # # ssl certificate - always rewrite here try: uihelpers.update_ssl_certificate_files() # reread files; we don't regenerate because we never overwrite the self-signed # certificate here self.master.reread_ssl_files() except: _log.exception('ssl certificate check failed') # stop, configure, start followup = uihelpers.build_uri(ctx, 'status/main.html') return uihelpers.reconfigure_and_restart_page(self.master, ctx, followup_uri=followup)
def submitted(self, ctx, form, data): fda = formalutils.FormDataAccessor(form, [], ctx) pd = uidatahelpers.CreateProtocolData() # Save collapsed states first, so they feed back to next round for [rdf_uri, key] in [ [ ns_ui.collapseLicense, 'license_group' ], [ ns_ui.collapseLocale, 'locale_group' ], [ ns_ui.collapseProductMaintenance, 'reboot_group' ], [ ns_ui.collapseSnmp, 'snmp_group' ], [ ns_ui.collapseRemoteManagement, 'remote_group' ], [ ns_ui.collapseSslCertificate, 'ssl_group' ] ]: try: # XXX: passing of the hidden _collapsedstate_ parameter is not too clean uihelpers.update_collapse_setting(rdf_uri, fda['%s._collapsedstate_' % key]) except: _log.exception('error updating collapsed state for %s' % rdf_uri) try: # global canonicalization tmp = fda.descend('license_group') if tmp.has_key('license_key') and (tmp['license_key'] is not None): tmp['license_key'] = tmp['license_key'].upper().strip() # global validation tmp = fda.descend('license_group') if tmp.has_key('license_key') and (tmp['license_key'] is not None): val, grps = None, None try: val, grps = licensekey.decode_license(tmp['license_key']) except: _log.exception('license decoding failed') if val is None: tmp.add_error('license_key', 'Invalid license key') tmp = fda.descend('remote_group') if tmp.has_key('root_password1') and tmp.has_key('root_password2'): pw1, pw2 = tmp['root_password1'], tmp['root_password2'] if pw1 is None: pw1 = '' if pw2 is None: pw2 = '' if pw1 != pw2: tmp.add_error('root_password1', 'Passwords do not match') tmp.add_error('root_password2', 'Passwords do not match') else: if not helpers.check_unix_password_characters(pw1): tmp.add_error('root_password1', 'Invalid characters in password') tmp.add_error('root_password2', 'Invalid characters in password') tmp = fda.descend('snmp_group') if tmp.has_key('snmp_community') and tmp['snmp_community'] is not None: if not uihelpers.check_snmp_community_characters(tmp['snmp_community']): tmp.add_error('snmp_community', 'Invalid characters') # # XXX -- How to validate SSL certificates reliably? Currently invalid # certificate / key causes VPNease to use self-signed version so it's # relatively OK. # # # XXX -- admin smtp setting validation & normalization # # Intermediate early bail out to avoid saving if there are errors fda.finalize_validation() # Deep copy UI config to 'new' UI config pd.clone_ui_config() # save data self.save_ui_data(ctx, form, data) # re-create protocol data to see if new exceptions crop up pd.save_protocol_data() except: _log.exception('validation failed unexpectedly, adding global error') fda.add_global_error('Unknown validation error') # finalize; raises if something wrong fda.finalize_validation() # locale settings are handled directly cfg_ui = helpers.get_new_ui_config() try: cfg_ui.setS(ns_ui.timezone, rdf.String, fda['locale_group.timezone']) cfg_ui.setS(ns_ui.keymap, rdf.String, fda['locale_group.keymap']) gnomeconfig.set_keymap_settings(cfg_ui.getS(ns_ui.keymap, rdf.String)) except: _log.exception('activating timezone and keymap settings failed') # same with root password try: tmp = fda.descend('remote_group') if tmp.has_key('root_password1') and tmp.has_key('root_password2'): pw1, pw2 = tmp['root_password1'], tmp['root_password2'] if (pw1 == '') and (pw2 == ''): pass elif (pw1 == None) and (pw2 == None): pass elif pw1 == pw2: # change password; we assume it converts to ascii nicely helpers.change_unix_password('root', str(pw1)) else: # should not come here _log.error('passwords differ after validation, ignoring') except: _log.exception('changing root password failed') # activate new config pd.activate_protocol_data() # update initial config saved flag pd.update_initial_config_saved() # # XXX: It would be cleaner if we could first stop the runner, then change the # config, and then restart it. If we do that with a deferred, then it is possible # that the user changes the config again before we have time to activate it. # Putting the config into some sort of "staging area" might help. Currently we # simply assume that runner stop (and start) are robust enough. # # # XXX: If timezone has changed, we should re-render graphs immediately so they # will have the correct timezone when status pages are loaded. # # ssl certificate - always rewrite here try: uihelpers.update_ssl_certificate_files() # reread files; we don't regenerate because we never overwrite the self-signed # certificate here self.master.reread_ssl_files() except: _log.exception('ssl certificate check failed') # stop, configure, start followup = uihelpers.build_uri(ctx, 'status/main.html') return uihelpers.reconfigure_and_restart_page(self.master, ctx, followup_uri=followup)