Пример #1
0
def installCertificates(session):
	if not os_exists(CERT_FILE) \
			or not os_exists(KEY_FILE):
		print "[Webinterface].installCertificates :: Generating SSL key pair and CACert"
		# create a key pair
		k = crypto.PKey()
		k.generate_key(crypto.TYPE_RSA, 1024)

		# create a self-signed cert
		cert = crypto.X509()
		cert.get_subject().C = "DE"
		cert.get_subject().ST = "Home"
		cert.get_subject().L = "Home"
		cert.get_subject().O = "Dreambox"
		cert.get_subject().OU = "STB"
		cert.get_subject().CN = socket_gethostname()
		cert.set_serial_number(random.randint(1000000,1000000000))
		cert.set_notBefore("20120101000000Z");
		cert.set_notAfter("20301231235900Z")
		cert.set_issuer(cert.get_subject())
		cert.set_pubkey(k)
		print "[Webinterface].installCertificates :: Signing SSL key pair with new CACert"
		cert.sign(k, 'sha1')

		try:
			print "[Webinterface].installCertificates ::  Installing newly generated certificate and key pair"
			saveFile(CERT_FILE, crypto.dump_certificate(crypto.FILETYPE_PEM, cert))
			saveFile(KEY_FILE, crypto.dump_privatekey(crypto.FILETYPE_PEM, k))
		except IOError, e:
			#Disable https
			config.plugins.Webinterface.https.enabled.value = False
			config.plugins.Webinterface.https.enabled.save()
			#Inform the user
			session.open(MessageBox, "Couldn't install generated SSL-Certifactes for https access\nHttps access is disabled!", MessageBox.TYPE_ERROR)
Пример #2
0
def installCertificates(session):
	if not os_exists(CERT_FILE) \
			or not os_exists(KEY_FILE):
		print("[Webinterface].installCertificates :: Generating SSL key pair and CACert")
		# create a key pair
		k = crypto.PKey()
		k.generate_key(crypto.TYPE_RSA, 1024)

		# create a self-signed cert
		cert = crypto.X509()
		cert.get_subject().C = "DE"
		cert.get_subject().ST = "Home"
		cert.get_subject().L = "Home"
		cert.get_subject().O = "Dreambox"
		cert.get_subject().OU = "STB"
		cert.get_subject().CN = socket_gethostname()
		cert.set_serial_number(random.randint(1000000, 1000000000))
		cert.set_notBefore(b"20120101000000Z")
		cert.set_notAfter(b"20301231235900Z")
		cert.set_issuer(cert.get_subject())
		cert.set_pubkey(k)
		print("[Webinterface].installCertificates :: Signing SSL key pair with new CACert")
		cert.sign(k, 'sha1')

		try:
			print("[Webinterface].installCertificates ::  Installing newly generated certificate and key pair")
			saveFile(CERT_FILE, crypto.dump_certificate(crypto.FILETYPE_PEM, cert))
			saveFile(KEY_FILE, crypto.dump_privatekey(crypto.FILETYPE_PEM, k))
		except IOError as e:
			#Disable https
			config.plugins.Webinterface.https.enabled.value = False
			config.plugins.Webinterface.https.enabled.save()
			#Inform the user
			session.open(MessageBox, "Couldn't install generated SSL-Certifactes for https access\nHttps access is disabled!", MessageBox.TYPE_ERROR)
Пример #3
0
def get_parameters():
	parameters=dict()

	parameters['script_path'] = Helpers.input("Installation path", os.path.dirname(os.path.realpath(__file__)))
	parameters['vpn_server_host'] = Helpers.input("Domain or IP for vpn server", socket_gethostname())
	parameters['vpn_server_port'] = Helpers.input("Port for the vpn server", 1194)
	parameters['client_network_address'] = Helpers.input("Network address for client network", '10.31.8.0')
	parameters['client_network_netmask'] = Helpers.input("Netmask for client network", '255.255.255.0')
	parameters['cipher'] = Helpers.input("Encryption cipher for the vpn", 'AES-256-CBC')

	parameters['ca_certificate'] = open(Helpers.input("Filename for CA-certificate", "%s.crt" % parameters['vpn_server_host'])).read().strip()
	parameters['server_certificate'] =  open(Helpers.input("Filename for server certificate", parameters['ca_certificate'])).read().strip()
	parameters['server_key'] = open(Helpers.input("Filename for server certificate key file", "%s.key" % parameters['vpn_server_host'])).read().strip()
	parameters['ta_key'] = open(Helpers.input("Filename for tls-auth key", "ta.key")).read().strip()
	parameters['dhparam'] = open(Helpers.input("Filename for Diffie-Hellman key", "dh2048.pem")).read().strip()

	return parameters
Пример #4
0
 def monitor_processes_in_background(self):
     from time import sleep as time_sleep
     if config.use_python_smtplib:
         import smtplib
         from email.mime.text import MIMEText
         from email.mime.multipart import MIMEMultipart
     if config.use_mailx:
         from os import remove as os_remove
     while True:
         self.list_currently_working_processes(
             config.ps_command, config.column_with_pid_for_ps_command)
         list_of_broken_processes = list()
         for process_group in self.list_of_processes_to_check:
             # CHECK PROCESSES
             for process in process_group.processes_list:
                 number_of_found_instances = 0
                 # COUNT NUMBER OF INSTANCES #
                 for running_process in self.list_of_processes_on_current_hostname:
                     if process.pattern in running_process:
                         number_of_found_instances += 1
                 if number_of_found_instances == process.number_of_instances:
                     # CHECK UPDATE ON LOGFILE #
                     if process.log_update > 0 and process.log_path:
                         final_path_to_log = ''
                         path, file = os_path.split(process.log_path)
                         path_listed_elements = os_listdir(path)
                         path_listed_elements.sort(
                             key=lambda x: os_path.getmtime(
                                 os_path.join(path, x)),
                             reverse=True)
                         for file_name in path_listed_elements:
                             if file in file_name:
                                 final_path_to_log = os_path.join(
                                     path, file_name)
                                 break
                         last_logfile_date = datetime.fromtimestamp(
                             os_stat(final_path_to_log).st_mtime)
                         now_minus_time = datetime.now() - timedelta(
                             seconds=process.log_update)
                         if last_logfile_date < now_minus_time:
                             last_update_time = datetime.now(
                             ) - last_logfile_date
                             treshold = timedelta(
                                 seconds=process.log_update)
                             list_of_broken_processes.append(
                                 (process.name, number_of_found_instances,
                                  process.number_of_instances,
                                  last_update_time, treshold))
                     else:
                         continue
                 elif number_of_found_instances != process.number_of_instances:
                     list_of_broken_processes.append(
                         (process.name, number_of_found_instances,
                          process.number_of_instances))
         # IF FOUND BROKEN PROCESS SEND MAIL #
         if list_of_broken_processes:
             # PREPARE MAIL BODY #
             mail_body = style.mail_header
             for broken_process in list_of_broken_processes:
                 if len(broken_process) == 3:
                     name, number_of_working_processes, number_of_expected_working_processes = broken_process
                     mail_body += ''.join([
                         (style.mail_one_line_format %
                          (number_of_working_processes,
                           number_of_expected_working_processes, '', '',
                           name))
                     ])
                 elif len(broken_process) == 5:
                     name, number_of_working_processes, number_of_expected_working_processes, last_update, update_treshold = broken_process
                     mail_body += ''.join([(
                         style.mail_one_line_format %
                         (number_of_working_processes,
                          number_of_expected_working_processes,
                          str(last_update)[:7], str(update_treshold), name))
                                           ])
             # SENT MAIL #
             # USING PYTHON LIBRARIES #
             if config.use_python_smtplib:
                 try:
                     receivers_data = ';'.join(config.receivers)
                     msg = MIMEMultipart()
                     msg['From'] = config.sender
                     msg['To'] = receivers_data
                     msg['Subject'] = (config.subject %
                                       socket_gethostname())
                     msg.attach(MIMEText(mail_body, 'plain'))
                     server = smtplib.SMTP(config.smtp_server,
                                           config.smtp_port)
                     server.ehlo()
                     server.starttls()
                     server.ehlo()
                     server.login(config.sender, config.sender_password)
                     text = msg.as_string()
                     server.sendmail(config.sender, config.receivers, text)
                 except:
                     sys_exit(text.text_11)
             # USING MAILX #
             if config.use_mailx:
                 try:
                     file_body_path = os_path.join(
                         config.path_to_script, config.sent_body_file_name)
                     with open(file_body_path, 'w') as file:
                         file.write(mail_body)
                     command = ''.join([
                         '( cat ', file_body_path, ' ) | mailx -s "',
                         (config.subject % socket_gethostname()), '" "',
                         (','.join(config.receivers)), '"'
                     ])
                     os_system(command)
                     os_remove(file_body_path)
                 except KeyError:
                     sys_exit(text.text_16)
             time_sleep(
                 config.when_found_broken_processes_next_check_in_seconds)
         time_sleep(config.check_processes_each_how_many_seconds)
Пример #5
0
 def load_processes_list(self, custom_file=False):
     # CHECK IF FILE EXIST FOR CURRENT HOSTNAME #
     if not custom_file:
         files_of_hostnames = os_listdir(
             os_path.join(config.path_to_script,
                          config.folder_to_processes_files))
         current_hostname_name = socket_gethostname()
         current_hostname_file = None
         for file_hostname in files_of_hostnames:
             if current_hostname_name in file_hostname:
                 current_hostname_file = file_hostname
         # IF FILE EXIST THEN GATHER FILE TO DATABASE
         if not current_hostname_file:
             sys_exit(''.join([
                 style.sign_newline_double, text.text_15,
                 style.sign_newline_double
             ]))
     if custom_file:
         current_hostname_file = custom_file
     with open(
             os_path.join(config.path_to_script,
                          config.folder_to_processes_files,
                          current_hostname_file),
             'r') as current_hostname_file_opened:
         counter = 0
         for line in current_hostname_file_opened:
             counter += 1
             if counter == 1 or counter == 2 or counter == 3:
                 continue  # SKIP HEADER LINES
             line = line.rstrip('\r\n')
             process_array = line.split(style.sign_semicolon)
             # BELOW LINE WILL SKIP EMPPTY LINES #
             if not process_array[0] and not process_array[
                     1] and not process_array[2] and not process_array[
                         3] and not process_array[4] and not process_array[
                             5] and not process_array[
                                 6] and not process_array[7]:
                 continue
             if not process_array[1] and not process_array[
                     2] and not process_array[6]:
                 self.list_of_processes_to_check.append(
                     GroupProcess(process_array[0]))
             else:
                 if not process_array[0]:
                     sys_exit(
                         (''.join(style.sign_fullfill,
                                  style.sign_minus_space, text.text_16) %
                          process_array[0]))
                 if not process_array[1]:
                     sys_exit(
                         (''.join(style.sign_fullfill,
                                  style.sign_minus_space, text.text_17) %
                          process_array[0]))
                 if not process_array[2]:
                     sys_exit(
                         (''.join(style.sign_fullfill,
                                  style.sign_minus_space, text.text_18) %
                          process_array[0]))
                 if not process_array[6]:
                     sys_exit(
                         (''.join(style.sign_fullfill,
                                  style.sign_minus_space, text.text_19) %
                          process_array[0]))
                 start_command = None
                 end_command = None
                 log_path = None
                 do_check_for_errors_in_logfile = False
                 if process_array[3]: start_command = process_array[3]
                 if process_array[4]: end_command = process_array[4]
                 if process_array[5]: log_path = process_array[5]
                 if process_array[7] == 'Y':
                     do_check_for_errors_in_logfile = True
                 process = Process(process_array[0], process_array[1],
                                   int(process_array[2]), start_command,
                                   end_command, log_path,
                                   int(process_array[6]),
                                   do_check_for_errors_in_logfile)
                 self.list_of_processes_to_check[-1].processes_list.append(
                     process)