def __init__(self, socket_address):
ClientConnectionHandler.__init__(self, socket_address)
self.database = get_host_database()
self.connect_rpc_interface('SETroubleshootServer', self)
self.connect_rpc_interface('SETroubleshootDatabase', self)
self.access = ServerAccess()
self.username = None
self.uid = None
self.gid = None
def __init__(self, socket_address):
ClientConnectionHandler.__init__(self, socket_address)
self.database = get_host_database()
self.connect_rpc_interface('SETroubleshootServer', self)
self.connect_rpc_interface('SETroubleshootDatabase', self)
self.access = ServerAccess()
self.username = None
self.uid = None
self.gid = None
class SetroubleshootdClientConnectionHandler(
ClientConnectionHandler,
SETroubleshootServerInterface,
SETroubleshootDatabaseNotifyInterface,
SEAlertInterface,
):
def __init__(self, socket_address):
ClientConnectionHandler.__init__(self, socket_address)
self.database = get_host_database()
self.connect_rpc_interface('SETroubleshootServer', self)
self.connect_rpc_interface('SETroubleshootDatabase', self)
self.access = ServerAccess()
self.username = None
self.uid = None
self.gid = None
def on_connection_state_change(self, connection_state, flags, flags_added,
flags_removed):
log_debug(
"%s.on_connection_state_change: connection_state=%s flags_added=%s flags_removed=%s address=%s"
% (self.__class__.__name__, connection_state,
connection_state.flags_to_string(flags_added),
connection_state.flags_to_string(flags_removed),
self.socket_address))
if flags_removed & ConnectionState.OPEN:
connection_pool.remove_client(self)
if flags_added & ConnectionState.OPEN:
self.uid, self.gid = self.access.get_credentials(
self.socket_address.socket)
log_debug(
"%s.on_connection_state_change: open, socket credentials: uid=%s gid=%s"
% (self.__class__.__name__, self.uid, self.gid))
connection_pool.add_client(self)
def open(self, socket, socket_address):
if self.connection_state.flags & ConnectionState.OPEN:
return True
self.socket_address.socket = socket
self.connection_state.update(ConnectionState.OPEN)
self.io_watch_add(self.handle_client_io)
# ---- SETroubleshootServerInterface Methods ----
def database_bind(self, database_name):
if not (self.connection_state.flags & ConnectionState.AUTHENTICATED):
raise ProgramError(ERR_NOT_AUTHENTICATED)
host_database = get_host_database()
if host_database.properties.name == database_name:
return [host_database.properties]
raise ProgramError(ERR_DATABASE_NOT_FOUND,
"database (%s) not found" % database_name)
def logon(self, type, username, password):
log_debug("logon(%s) type=%s username=%s" % (self, type, username))
if username != get_identity(self.uid):
raise ProgramError(
ERR_USER_LOOKUP,
detail="uid=%s does not match logon username (%s)" %
(self.uid, username))
if type == 'sealert':
privilege = 'client'
else:
privilege = None
if not self.access.user_allowed(privilege, username):
raise ProgramError(ERR_USER_PROHIBITED)
self.channel_type = type
self.channel_name = username
self.username = username
self.user = self.database.get_user(username)
if self.user is None:
self.database.add_user(username)
self.connection_state.update(ConnectionState.AUTHENTICATED)
return [pkg_version, rpc_version]
def query_email_recipients(self):
if not (self.connection_state.flags & ConnectionState.AUTHENTICATED):
raise ProgramError(ERR_NOT_AUTHENTICATED)
return [email_recipients]
def set_email_recipients(self, recipients):
global email_recipients
log_debug("set_email_recipients: %s" % recipients)
if not (self.connection_state.flags & ConnectionState.AUTHENTICATED):
raise ProgramError(ERR_NOT_AUTHENTICATED)
email_recipients = recipients
email_recipients.write_recipient_file(email_recipients_filepath)
# ---- SETroubleshootDatabaseInterface Methods ----
def delete_signature(self, sig):
log_debug("delete_signature: sig=%s" % sig)
if not (self.connection_state.flags & ConnectionState.AUTHENTICATED):
raise ProgramError(ERR_NOT_AUTHENTICATED)
siginfo = self.database.delete_signature(sig)
return None
def get_properties(self):
log_debug("get_properties")
if not (self.connection_state.flags & ConnectionState.AUTHENTICATED):
raise ProgramError(ERR_NOT_AUTHENTICATED)
properties = self.database.get_properties()
return [properties]
def evaluate_alert_filter(self, sig, username):
log_debug("evaluate_alert_filter: username=%s sig=%s" %
(username, sig))
if not (self.connection_state.flags & ConnectionState.AUTHENTICATED):
raise ProgramError(ERR_NOT_AUTHENTICATED)
action = self.database.evaluate_alert_filter(sig, username)
return [action]
def lookup_local_id(self, local_id):
log_debug("lookup_local_id: %s" % local_id)
if not (self.connection_state.flags & ConnectionState.AUTHENTICATED):
raise ProgramError(ERR_NOT_AUTHENTICATED)
siginfo = self.database.lookup_local_id(local_id)
return [siginfo]
def query_alerts(self, criteria):
log_debug("query_alerts: criteria=%s" % criteria)
if not (self.connection_state.flags & ConnectionState.AUTHENTICATED):
raise ProgramError(ERR_NOT_AUTHENTICATED)
sigs = self.database.query_alerts(criteria)
return [sigs]
def set_filter(self, sig, username, filter_type, data=""):
log_debug("set_filter: username=%s filter_type=%s sig=\n%s" %
(username, filter_type, sig))
if not (self.connection_state.flags & ConnectionState.AUTHENTICATED):
raise ProgramError(ERR_NOT_AUTHENTICATED)
if username != self.username:
raise ProgramError(
ERR_USER_PERMISSION,
detail=_("The user (%s) cannot modify data for (%s)") %
(self.username, username))
self.database.set_filter(sig, username, filter_type, data)
return None
def set_user_data(self, sig, username, item, data):
log_debug("set_user_data: username=%s item=%s data=%s sig=\n%s" %
(username, item, data, sig))
if not (self.connection_state.flags & ConnectionState.AUTHENTICATED):
raise ProgramError(ERR_NOT_AUTHENTICATED)
self.database.set_user_data(sig, username, item, data)
return None
class SetroubleshootdClientConnectionHandler(ClientConnectionHandler,
SETroubleshootServerInterface,
SETroubleshootDatabaseNotifyInterface,
SEAlertInterface,
):
def __init__(self, socket_address):
ClientConnectionHandler.__init__(self, socket_address)
self.database = get_host_database()
self.connect_rpc_interface('SETroubleshootServer', self)
self.connect_rpc_interface('SETroubleshootDatabase', self)
self.access = ServerAccess()
self.username = None
self.uid = None
self.gid = None
def on_connection_state_change(self, connection_state, flags, flags_added, flags_removed):
syslog.syslog(syslog.LOG_DEBUG, "%s.on_connection_state_change: connection_state=%s flags_added=%s flags_removed=%s address=%s" % (self.__class__.__name__, connection_state, connection_state.flags_to_string(flags_added), connection_state.flags_to_string(flags_removed),self.socket_address))
if flags_removed & ConnectionState.OPEN:
connection_pool.remove_client(self)
if flags_added & ConnectionState.OPEN:
self.uid, self.gid = self.access.get_credentials(self.socket_address.socket)
syslog.syslog(syslog.LOG_DEBUG,"%s.on_connection_state_change: open, socket credentials: uid=%s gid=%s" % (self.__class__.__name__, self.uid, self.gid))
connection_pool.add_client(self)
def open(self, socket, socket_address):
if self.connection_state.flags & ConnectionState.OPEN:
return True
self.socket_address.socket = socket
self.connection_state.update(ConnectionState.OPEN)
self.io_watch_add(self.handle_client_io)
# ---- SETroubleshootServerInterface Methods ----
def database_bind(self, database_name):
if not (self.connection_state.flags & ConnectionState.AUTHENTICATED):
raise ProgramError(ERR_NOT_AUTHENTICATED)
host_database = get_host_database()
if host_database.properties.name == database_name:
return [host_database.properties]
raise ProgramError(ERR_DATABASE_NOT_FOUND, "database (%s) not found" % database_name)
def logon(self, type, username, password):
syslog.syslog(syslog.LOG_DEBUG, "logon(%s) type=%s username=%s" % (self, type, username))
if username != get_identity(self.uid):
raise ProgramError(ERR_USER_LOOKUP, detail="uid=%s does not match logon username (%s)" % (self.uid, username))
if type == 'sealert':
privilege = 'client'
else:
privilege = None
if not self.access.user_allowed(privilege, username):
raise ProgramError(ERR_USER_PROHIBITED)
self.channel_type = type
self.channel_name = username
self.username = username
self.user = self.database.get_user(username)
if self.user is None:
self.database.add_user(username)
self.connection_state.update(ConnectionState.AUTHENTICATED)
return [pkg_version, rpc_version]
def query_email_recipients(self):
if not (self.connection_state.flags & ConnectionState.AUTHENTICATED):
raise ProgramError(ERR_NOT_AUTHENTICATED)
return [email_recipients]
def set_email_recipients(self, recipients):
global email_recipients
syslog.syslog(syslog.LOG_DEBUG, "set_email_recipients: %s" % recipients)
if not (self.connection_state.flags & ConnectionState.AUTHENTICATED):
raise ProgramError(ERR_NOT_AUTHENTICATED)
email_recipients = recipients
email_recipients.write_recipient_file(email_recipients_filepath)
# ---- SETroubleshootDatabaseInterface Methods ----
def delete_signature(self, sig):
syslog.syslog(syslog.LOG_DEBUG,"delete_signature: sig=%s" % sig)
if not (self.connection_state.flags & ConnectionState.AUTHENTICATED):
raise ProgramError(ERR_NOT_AUTHENTICATED)
siginfo = self.database.delete_signature(sig)
return None
def get_properties(self):
syslog.syslog(syslog.LOG_DEBUG,"get_properties")
if not (self.connection_state.flags & ConnectionState.AUTHENTICATED):
raise ProgramError(ERR_NOT_AUTHENTICATED)
properties = self.database.get_properties()
return [properties]
def evaluate_alert_filter(self, sig, username):
syslog.syslog(syslog.LOG_DEBUG,"evaluate_alert_filter: username=%s sig=%s" % (username, sig))
if not (self.connection_state.flags & ConnectionState.AUTHENTICATED):
raise ProgramError(ERR_NOT_AUTHENTICATED)
action = self.database.evaluate_alert_filter(sig, username)
return [action]
def lookup_local_id(self, local_id):
syslog.syslog(syslog.LOG_DEBUG, "lookup_local_id: %s" % local_id)
if not (self.connection_state.flags & ConnectionState.AUTHENTICATED):
raise ProgramError(ERR_NOT_AUTHENTICATED)
siginfo = self.database.lookup_local_id(local_id)
return [siginfo]
def query_alerts(self, criteria):
syslog.syslog(syslog.LOG_DEBUG, "query_alerts: criteria=%s" % criteria)
if not (self.connection_state.flags & ConnectionState.AUTHENTICATED):
raise ProgramError(ERR_NOT_AUTHENTICATED)
sigs = self.database.query_alerts(criteria)
return [sigs]
def set_filter(self, sig, username, filter_type, data = "" ):
syslog.syslog(syslog.LOG_DEBUG,"set_filter: username=%s filter_type=%s sig=\n%s" % (username, filter_type, sig))
if not (self.connection_state.flags & ConnectionState.AUTHENTICATED):
raise ProgramError(ERR_NOT_AUTHENTICATED)
if username != self.username:
raise ProgramError(ERR_USER_PERMISSION, detail=_("The user (%s) cannot modify data for (%s)") % (self.username, username))
self.database.set_filter(sig, username, filter_type, data)
return None
def set_user_data(self, sig, username, item, data):
syslog.syslog(syslog.LOG_DEBUG, "set_user_data: username=%s item=%s data=%s sig=\n%s" % (username, item, data, sig))
if not (self.connection_state.flags & ConnectionState.AUTHENTICATED):
raise ProgramError(ERR_NOT_AUTHENTICATED)
self.database.set_user_data(sig, username, item, data)
return None