Exemplo n.º 1
0
def bad_parameters():
    protocol.http_response(
        evcommon.VERSION
        + "\n"
        + evcommon.VERIFY_ERROR
        + "\n"
        + evmessage.EvMessage().get_str("BAD_PARAMETERS", evstrings.BAD_PARAMETERS)
    )
Exemplo n.º 2
0
def technical_error():
    protocol.http_response(
        evcommon.VERSION
        + "\n"
        + evcommon.VERIFY_ERROR
        + "\n"
        + evmessage.EvMessage().get_str(
            "TECHNICAL_ERROR_VOTE_VERIFICATION", evstrings.TECHNICAL_ERROR_VOTE_VERIFICATION
        )
    )
Exemplo n.º 3
0
def do_cgi():
    try:
        elec = election.Election()
        evlog.AppLog().set_app(APP)

        # Create a list of pairs from the form parameters. Don't use a dictionary
        # because that will overwrite recurring keys.
        form = cgi.FieldStorage()
        params = []
        for key in form:
            for value in form.getlist(key):
                params.append((key, value))

        # Only accept up to a single parameter
        if len(params) > 1:

            def keys(pairs):
                """Return a comma-separated list of the keys."""
                return ", ".join([pair[0] for pair in pairs])

            evlog.log_error("Too many query parameters: " + keys(params))
            bad_parameters()
            return

        # Only accept the POST_VERIFY_VOTE parameter.
        if len(params) and params[0][0] != evcommon.POST_VERIFY_VOTE:
            evlog.log_error('Unknown query parameter "%s"' % params[0][0])
            bad_parameters()
            return

        # Make sure the parameter is correctly formatted.
        if not formatutil.is_vote_verification_id(params[0][1]):
            # Don't write to disk; we don't know how large the value is
            evlog.log_error("Malformed vote ID")
            bad_parameters()
            return

        evlog.log("verif/auth REMOTE_ADDR: " + evlogdata.get_remote_ip())
        evlog.log("verif/auth VOTE-ID: " + params[0][1])

        params.append((evcommon.POST_SESS_ID, sessionid.voting()))

        url = "http://" + elec.get_hts_ip() + "/" + elec.get_hts_verify_path()
        conn = urllib.urlopen(url, urllib.urlencode(params))
        protocol.http_response(conn.read())
    except:
        evlog.log_exception()
        technical_error()
Exemplo n.º 4
0
def do_cgi():
    try:
        elec = election.Election()
        evlog.AppLog().set_app(APP)

        # Create a list of pairs from the form parameters. Don't use a dictionary
        # because that will overwrite recurring keys.
        form = cgi.FieldStorage()
        params = []
        for key in form:
            for value in form.getlist(key):
                params.append((key, value))

        # Only accept up to a single parameter
        if len(params) > 1:
            def keys(pairs):
                """Return a comma-separated list of the keys."""
                return ", ".join([pair[0] for pair in pairs])

            evlog.log_error("Too many query parameters: " + keys(params))
            bad_parameters()
            return

        # Only accept the POST_VERIFY_VOTE parameter.
        if len(params) and params[0][0] != evcommon.POST_VERIFY_VOTE:
            evlog.log_error("Unknown query parameter \"%s\"" % params[0][0])
            bad_parameters()
            return

        # Make sure the parameter is correctly formatted.
        if not formatutil.is_vote_verification_id(params[0][1]):
            # Don't write to disk; we don't know how large the value is
            evlog.log_error("Malformed vote ID")
            bad_parameters()
            return

        evlog.log("verif/auth REMOTE_ADDR: " + evlogdata.get_remote_ip())
        evlog.log("verif/auth VOTE-ID: " + params[0][1])

        params.append((evcommon.POST_SESS_ID, sessionid.voting()))

        url = "http://" + elec.get_hts_ip() + "/" + elec.get_hts_verify_path()
        conn = urllib.urlopen(url, urllib.urlencode(params))
        protocol.http_response(conn.read())
    except:
        evlog.log_exception()
        technical_error()
Exemplo n.º 5
0
def bad_input():
    _msg = htsalldisp.bad_cgi_input()
    protocol.http_response(_msg)
    cgi.sys.exit(0)
Exemplo n.º 6
0
    os.umask(007)
    form = cgi.FieldStorage()

    has_sha1 = form.has_key(evcommon.POST_VOTERS_FILES_SHA1)
    has_code = form.has_key(evcommon.POST_PERSONAL_CODE)
    has_vote = form.has_key(evcommon.POST_EVOTE)
    has_sess = form.has_key(evcommon.POST_SESS_ID)

    if (not has_sha1):
        bad_input()

    val_sha = form.getvalue(evcommon.POST_VOTERS_FILES_SHA1)

    if (not has_code) and (not has_vote):
        msg = htsalldisp.consistency(val_sha)
        protocol.http_response(msg)
        cgi.sys.exit(0)

    if (has_sess):
        sessionid.setsid(form.getvalue(evcommon.POST_SESS_ID))

    if has_code and has_vote:
        if (has_sess):
            val_code = form.getvalue(evcommon.POST_PERSONAL_CODE)
            val_vote = form.getvalue(evcommon.POST_EVOTE)
            msg = htsalldisp.store_vote(val_sha, val_code, val_vote)
            protocol.http_response(msg)
            cgi.sys.exit(0)
        else:
            bad_input()
Exemplo n.º 7
0
def bad_parameters():
    protocol.http_response(evcommon.VERSION + "\n" + \
            evcommon.VERIFY_ERROR + "\n" + \
            evmessage.EvMessage().get_str("BAD_PARAMETERS", \
                evstrings.BAD_PARAMETERS))
    cgi.sys.exit(0)
Exemplo n.º 8
0
        for value in form.getlist(key):
            params.append((key, value))

    # Only accept up to a single parameter
    if len(params) > 1:

        def keys(pairs):
            """Return a comma-separated list of the keys."""
            return ", ".join([pair[0] for pair in pairs])

        AppLog().log_error("Too many query parameters: " + keys(params))
        bad_parameters()

    # Only accept the POST_VERIFY_VOTE parameter.
    if len(params) and params[0][0] != evcommon.POST_VERIFY_VOTE:
        AppLog().log_error("Unknown query parameter \"%s\"" % params[0][0])
        bad_parameters()

    # Make sure the parameter is correctly formatted.
    if not formatutil.is_vote_verification_id(params[0][1]):
        # Don't write to disk; we don't know how large the value is
        AppLog().log_error("Malformed vote ID")
        bad_parameters()

    url = "http://" + elec.get_hts_ip() + "/" + elec.get_hts_verify_path()
    conn = urllib.urlopen(url, urllib.urlencode(params))
    protocol.http_response(conn.read())
    cgi.sys.exit(0)

# vim:set ts=4 sw=4 et fileencoding=utf8:
Exemplo n.º 9
0
import evlog
import sessionid
import os

if not evcommon.testrun():
    os.umask(007)
    form = cgi.FieldStorage()
    result = protocol.msg_error_technical()
    mid = middisp.MIDDispatcher()

    if form.has_key(evcommon.POST_SESS_ID):
        sessionid.setsid(form.getvalue(evcommon.POST_SESS_ID))
        if form.has_key(evcommon.POST_MID_POLL):
            result = mid.poll()
        else:
            result = mid.init_sign(form)
    else:
        if form.has_key(evcommon.POST_PHONENO):
            if not os.path.exists('/var/evote/registry/common/nonewvoters'):
                result = mid.init_auth(form.getvalue(evcommon.POST_PHONENO))
            else:
                a, b = protocol.plain_error_election_off_after()
                result = protocol.msg_error(a, b)
        else:
            evlog.log_error('Vigane POST päring: %s' % form.keys())

    protocol.http_response(result)
    cgi.sys.exit(0)

# vim:set ts=4 sw=4 et fileencoding=utf8:
Exemplo n.º 10
0
    protocol.http_response(evcommon.VERSION + "\n" + \
            evcommon.VERIFY_ERROR + "\n" + \
            evmessage.EvMessage().get_str("BAD_PARAMETERS", \
                evstrings.BAD_PARAMETERS))
    cgi.sys.exit(0)


if not evcommon.testrun():

    os.umask(007)

    APP = "hts-verify-vote.cgi"
    AppLog().set_app(APP)

    form = cgi.FieldStorage()

    vote = None
    if form.has_key(evcommon.POST_VERIFY_VOTE):
        values = form.getlist(evcommon.POST_VERIFY_VOTE)
        if len(values) == 1:
            vote = values[0]
        else:
            # Don't write the values to disk; we don't know how large they are
            AppLog().log_error("Too many parameter values")
            bad_parameters()

    protocol.http_response(htsalldisp.verify_vote(vote))
    cgi.sys.exit(0)

# vim:set ts=4 sw=4 et fileencoding=utf8:
Exemplo n.º 11
0
                res, logline = cgivalidator.validate_form(form, req_params)
                if res:
                    cgilog.do_log("vote/auth")
                    result = mid.init_sign(form)
                else:
                    cgilog.do_log_error('vote/auth/err')
                    evlog.log_error(logline)
        else:
            req_params = [evcommon.POST_PHONENO]
            res, logline = cgivalidator.validate_form(form, req_params)
            if res:
                cgilog.do_log("cand/auth")
                phoneno = form.getvalue(evcommon.POST_PHONENO)
                evlog.log("PHONENO: " + phoneno)
                if election.Election().allow_new_voters():
                    result = mid.init_auth(phoneno)
                else:
                    a, b = protocol.plain_error_election_off_after()
                    result = protocol.msg_error(a, b)
            else:
                cgilog.do_log_error('cand/auth/err')
                evlog.log_error(logline)
    except:
        evlog.log_exception()
        result = protocol.msg_error_technical()

    protocol.http_response(result)
    cgi.sys.exit(0)

# vim:set ts=4 sw=4 et fileencoding=utf8:
Exemplo n.º 12
0
                evstrings.BAD_PARAMETERS))
    cgi.sys.exit(0)

if not evcommon.testrun():

    os.umask(007)

    APP = "hts-verify-vote.cgi"
    AppLog().set_app(APP)

    form = cgi.FieldStorage()

    vote = None

    if form.has_key(evcommon.POST_SESS_ID):
        sessionid.setsid(form.getvalue(evcommon.POST_SESS_ID))

    if form.has_key(evcommon.POST_VERIFY_VOTE):
        values = form.getlist(evcommon.POST_VERIFY_VOTE)
        if len(values) == 1:
            vote = values[0]
        else:
            # Don't write the values to disk; we don't know how large they are
            AppLog().log_error("Too many parameter values")
            bad_parameters()

    protocol.http_response(htsalldisp.verify_vote(vote))
    cgi.sys.exit(0)

# vim:set ts=4 sw=4 et fileencoding=utf8:
Exemplo n.º 13
0
def bad_input():
    _msg = htsalldisp.bad_cgi_input()
    protocol.http_response(_msg)
    cgi.sys.exit(0)
Exemplo n.º 14
0
    os.umask(007)
    form = cgi.FieldStorage()

    has_sha256 = form.has_key(evcommon.POST_VOTERS_FILES_SHA256)
    has_code = form.has_key(evcommon.POST_PERSONAL_CODE)
    has_vote = form.has_key(evcommon.POST_EVOTE)
    has_sess = form.has_key(evcommon.POST_SESS_ID)

    if (not has_sha256):
        bad_input()

    val_sha = form.getvalue(evcommon.POST_VOTERS_FILES_SHA256)

    if (not has_code) and (not has_vote):
        msg = htsalldisp.consistency(val_sha)
        protocol.http_response(msg)
        cgi.sys.exit(0)

    if (has_sess):
        sessionid.setsid(form.getvalue(evcommon.POST_SESS_ID))

    if has_code and has_vote:
        if (has_sess):
            val_code = form.getvalue(evcommon.POST_PERSONAL_CODE)
            val_vote = form.getvalue(evcommon.POST_EVOTE)
            msg = htsalldisp.store_vote(val_sha, val_code, val_vote)
            protocol.http_response(msg)
            cgi.sys.exit(0)
        else:
            bad_input()
Exemplo n.º 15
0
        def keys(pairs):
            """Return a comma-separated list of the keys."""
            return ", ".join([pair[0] for pair in pairs])

        evlog.log_error("Too many query parameters: " + keys(params))
        bad_parameters()

    # Only accept the POST_VERIFY_VOTE parameter.
    if len(params) and params[0][0] != evcommon.POST_VERIFY_VOTE:
        evlog.log_error('Unknown query parameter "%s"' % params[0][0])
        bad_parameters()

    # Make sure the parameter is correctly formatted.
    if not formatutil.is_vote_verification_id(params[0][1]):
        # Don't write to disk; we don't know how large the value is
        evlog.log_error("Malformed vote ID")
        bad_parameters()

    evlog.log("verif/auth REMOTE_ADDR: " + evlogdata.get_remote_ip())
    evlog.log("verif/auth VOTE-ID: " + params[0][1])

    params.append((evcommon.POST_SESS_ID, sessionid.voting()))

    url = "http://" + elec.get_hts_ip() + "/" + elec.get_hts_verify_path()
    conn = urllib.urlopen(url, urllib.urlencode(params))
    protocol.http_response(conn.read())
    cgi.sys.exit(0)

# vim:set ts=4 sw=4 et fileencoding=utf8:
Exemplo n.º 16
0
def technical_error():
    protocol.http_response(evcommon.VERSION + "\n" + \
            evcommon.VERIFY_ERROR + "\n" + \
            evmessage.EvMessage().get_str("TECHNICAL_ERROR_VOTE_VERIFICATION", \
                evstrings.TECHNICAL_ERROR_VOTE_VERIFICATION))