Python hostname_from_principal示例，penatesserver.utils.hostname_from_principal Python示例

示例#1

0

显示文件

文件： views.py 项目： d9pouces/Penates-Server

def register_service(request, check_command):
    try:
        fqdn = hostname_from_principal(request.user.username)
    except ValueError:
        return HttpResponse(status=401, content='Invalid username')
    status = 204
    if request.method == 'POST':
        if request.body:
            content = json.loads(request.body.decode('utf-8'))
            s = ShinkenService(**content)
            s.host_name = fqdn
            values = s.to_dict()
        for key in ('host_name', 'check_command'):
            if key in values:
                del values[key]
        if ShinkenService.objects.filter(host_name=fqdn, check_command=check_command)\
                .update(**values) == 0:
            ShinkenService(host_name=fqdn, check_command=check_command, **values).save()
            return HttpResponse(status=201)
    elif request.method == 'GET':
        form = ShinkenServiceForm(request.GET)
        if not form.is_valid():
            return HttpResponse(status=400)
        values = {key: value for key, value in form.cleaned_data.items() if value}
        if ShinkenService.objects.filter(host_name=fqdn, check_command=check_command)\
                .update(**values) == 0:
            ShinkenService(host_name=fqdn, check_command=check_command, **values).save()
            return HttpResponse(status=201)
    elif request.method == 'DELETE':
        ShinkenService.objects.filter(host_name=fqdn, check_command=check_command).delete()
        status = 202
    return HttpResponse(status=status)

示例#2

0

显示文件

文件： views.py 项目： d9pouces/Penates-Server

def get_host_certificate(request):
    try:
        hostname = hostname_from_principal(request.user.username)
    except ValueError:
        return HttpResponse(status=401, content='Unable to get host certificate: invalid username')
    entry = entry_from_hostname(hostname)
    return CertificateEntryResponse(entry)

示例#3

0

显示文件

文件： views.py 项目： d9pouces/Penates-Server

def set_ssh_pub(request):
    try:
        fqdn = hostname_from_principal(request.user.username)
    except ValueError:
        return HttpResponse(status=401, content='Unable to register public SSH key: invalid username')
    if Host.objects.filter(fqdn=fqdn).count() == 0:
        return HttpResponse(status=404)
    fqdn = '%s.%s%s' % (fqdn.partition('.')[0], settings.PDNS_ADMIN_PREFIX, settings.PENATES_DOMAIN)
    domain_name = '%s%s' % (settings.PDNS_ADMIN_PREFIX, settings.PENATES_DOMAIN)
    pub_ssh_key = request.body
    matcher = re.match(r'([\w\-]+) ([\w\+=/]{1,5000})(|\s.*)$', pub_ssh_key)
    if not matcher:
        return HttpResponse(status=406, content='Invalid public SSH key')
    methods = {'ssh-rsa': 1, 'ssh-dss': 2, 'ecdsa-sha2-nistp256': 3, 'ssh-ed25519': 4, }
    if matcher.group(1) not in methods:
        return HttpResponse(status=406, content='Unknown SSH key type %s' % matcher.group(1))
    sha1_hash = hashlib.sha1(base64.b64decode(matcher.group(2))).hexdigest()
    sha256_hash = hashlib.sha256(base64.b64decode(matcher.group(2))).hexdigest()
    algorithm_code = methods[matcher.group(1)]
    domain = Domain.objects.get(name=domain_name)
    sha1_value = '%s 1 %s' % (algorithm_code, sha1_hash)
    sha256_value = '%s 2 %s' % (algorithm_code, sha256_hash)
    for value in sha1_value, sha256_value:
        if Record.objects.filter(domain=domain, name=fqdn, type='SSHFP', content__startswith=value[:4]).count() == 0:
            Record(domain=domain, name=fqdn, type='SSHFP', content=value, ttl=86400).save()
        else:
            Record.objects.filter(domain=domain, name=fqdn, type='SSHFP', content__startswith=value[:4]) \
                .update(content=value)
    return HttpResponse(status=201)

示例#4

0

显示文件

文件： views.py 项目： d9pouces/Penates-Server

def set_mount_point(request):
    try:
        hostname = hostname_from_principal(request.user.username)
    except ValueError:
        return HttpResponse(status=401, content='Unable to register mount point: invalid username')
    hosts = list(Host.objects.filter(fqdn=hostname)[0:1])
    if not hosts:
        return HttpResponse(status=404)
    host = hosts[0]
    mount_point = request.GET.get('mount_point')
    if not mount_point:
        return HttpResponse('mount_point GET argument not provided', status=400)
    device = request.GET.get('device')
    if not device:
        return HttpResponse('device GET argument not provided', status=400)
    fs_type = request.GET.get('fs_type')
    if not fs_type:
        return HttpResponse('fs_type GET argument not provided', status=400)
    options = request.GET.get('options')
    if not options:
        return HttpResponse('options GET argument not provided', status=400)
    if MountPoint.objects.filter(host=host, mount_point=mount_point) \
            .update(fs_type=fs_type, device=device, options=options) == 1:
        return HttpResponse('', status=204)
    MountPoint(host=host, mount_point=mount_point, fs_type=fs_type, device=device, options=options).save()
    return HttpResponse('', status=201)

示例#5

0

显示文件

文件： views.py 项目： Python3pkg/Penates-Server

def set_mount_point(request):
    try:
        hostname = hostname_from_principal(request.user.username)
    except ValueError:
        return HttpResponse(
            status=401,
            content='Unable to register mount point: invalid username')
    hosts = list(Host.objects.filter(fqdn=hostname)[0:1])
    if not hosts:
        return HttpResponse(status=404)
    host = hosts[0]
    mount_point = request.GET.get('mount_point')
    if not mount_point:
        return HttpResponse('mount_point GET argument not provided',
                            status=400)
    device = request.GET.get('device')
    if not device:
        return HttpResponse('device GET argument not provided', status=400)
    fs_type = request.GET.get('fs_type')
    if not fs_type:
        return HttpResponse('fs_type GET argument not provided', status=400)
    options = request.GET.get('options')
    if not options:
        return HttpResponse('options GET argument not provided', status=400)
    if MountPoint.objects.filter(host=host, mount_point=mount_point) \
            .update(fs_type=fs_type, device=device, options=options) == 1:
        return HttpResponse('', status=204)
    MountPoint(host=host,
               mount_point=mount_point,
               fs_type=fs_type,
               device=device,
               options=options).save()
    return HttpResponse('', status=201)

示例#6

0

显示文件

文件： views.py 项目： d9pouces/Penates-Server

def get_dhcpd_conf(request):
    # noinspection PyUnusedLocal
    request = request
    try:
        fqdn = hostname_from_principal(request.user.username)
    except ValueError:
        return HttpResponse(status=401, content='Unable to get configuration: invalid username')
    if Service.objects.filter(fqdn=fqdn, scheme='dchp')[0:1].count() == 0:
        hosts = []
    else:
        hosts = Host.objects.all()

    def get_ip_or_none(scheme):
        values = list(Service.objects.filter(scheme=scheme)[0:1])
        if not values:
            return None
        return Record.local_resolve(values[0].fqdn) or values[0].hostname

    def get_ip_list(scheme, protocol='udp'):
        values = list(Service.objects.filter(scheme=scheme, protocol=protocol))
        return [Record.local_resolve(x.fqdn) or x.hostname for x in values]

    template_values = {
        'penates_subnets': get_subnets(),
        'penates_domain': settings.PENATES_DOMAIN,
        'admin_prefix': settings.PDNS_ADMIN_PREFIX,
        'infra_prefix': settings.PDNS_INFRA_PREFIX,
        'hosts': hosts,
        'tftp': get_ip_or_none('tftp'),
        'dns_list': get_ip_list('dns'),
        'ntp': get_ip_or_none('ntp'),
    }
    return render_to_response('dhcpd/dhcpd.conf', template_values, status=200, content_type='text/plain')

示例#7

0

显示文件

文件： views.py 项目： Python3pkg/Penates-Server

def get_service_keytab(request, scheme, hostname, port):
    try:
        fqdn = hostname_from_principal(request.user.username)
    except ValueError:
        return HttpResponse(
            status=401,
            content='Unable to get keytab %s://%s:%s/: invalid username' %
            (scheme, hostname, port))
    protocol = request.GET.get('protocol', 'tcp')
    hosts = list(Host.objects.filter(fqdn=fqdn)[0:1])
    if not hosts:
        return HttpResponse(status=401,
                            content='Unknown host %s is not allowed' % fqdn)
    host = hosts[0]
    if scheme == 'ssh' and host.admin_ip_address != host.main_ip_address:
        fqdn = '%s.%s%s' % (fqdn.partition('.')[0], settings.PDNS_ADMIN_PREFIX,
                            settings.PENATES_DOMAIN)
    services = list(
        Service.objects.filter(fqdn=fqdn,
                               scheme=scheme,
                               hostname=hostname,
                               port=port,
                               protocol=protocol)[0:1])
    if not services:
        return HttpResponse(status=404,
                            content='%s://%s:%s/ unknown' %
                            (scheme, hostname, port))
    service = services[0]
    if not principal_exists(service.principal_name):
        return HttpResponse(status=404,
                            content='Principal for %s://%s:%s/ undefined' %
                            (scheme, hostname, port))
    return KeytabResponse(service.principal_name)

示例#8

0

显示文件

文件： views.py 项目： Python3pkg/Penates-Server

def get_dns_conf(request):
    # noinspection PyUnusedLocal
    request = request
    try:
        fqdn = hostname_from_principal(request.user.username)
    except ValueError:
        return HttpResponse(
            status=401,
            content='Unable to get configuration: invalid username')
    if Service.objects.filter(fqdn=fqdn, scheme='dns')[0:1].count() > 0:
        db_name = settings.DATABASES['powerdns']['NAME']
        db_user = settings.DATABASES['powerdns']['USER']
        db_password = settings.DATABASES['powerdns']['PASSWORD']
        db_host = settings.DATABASES['powerdns']['HOST']
        db_port = settings.DATABASES['powerdns']['PORT']
        db_content = subprocess.check_output([
            'pg_dump',
            '--username=%s' % db_user,
            '--host=%s' % db_host,
            '--port=%s' % db_port, db_name
        ],
                                             env={'PGPASSWORD': db_password})
    else:
        db_content = ''
    return HttpResponse(db_content, content_type='application/sql')

示例#9

0

显示文件

文件： views.py 项目： d9pouces/Penates-Server

def get_admin_certificate(request):
    try:
        hostname = hostname_from_principal(request.user.username)
    except ValueError:
        return HttpResponse(status=401, content='Unable to get admin certificate: invalid username')
    hostname = '%s.%s%s' % (hostname.partition('.')[0], settings.PDNS_ADMIN_PREFIX, settings.PENATES_DOMAIN)
    entry = admin_entry_from_hostname(hostname)
    return CertificateEntryResponse(entry)

示例#10

0

显示文件

文件： views.py 项目： Python3pkg/Penates-Server

def get_host_certificate(request):
    try:
        hostname = hostname_from_principal(request.user.username)
    except ValueError:
        return HttpResponse(
            status=401,
            content='Unable to get host certificate: invalid username')
    entry = entry_from_hostname(hostname)
    return CertificateEntryResponse(entry)

示例#11

0

显示文件

文件： views.py 项目： pombredanne/Penates-Server

def set_service(request, scheme, hostname, port):
    encryption = request.GET.get('encryption', 'none')
    srv_field = request.GET.get('srv', None)
    kerberos_service = request.GET.get('keytab', None)
    role = request.GET.get('role', SERVICE)
    protocol = request.GET.get('protocol', 'tcp')

    if encryption not in ('none', 'tls', 'starttls'):
        return HttpResponse('valid encryption levels are none, tls, or starttls')
    port = int(port)
    if not (0 <= port <= 65536):
        return HttpResponse('Invalid port: %s' % port, status=403, content_type='text/plain')
    if protocol not in ('tcp', 'udp', 'socket'):
        return HttpResponse('Invalid protocol: %s' % protocol, status=403, content_type='text/plain')
    description = request.body
    fqdn = hostname_from_principal(request.user.username)
    # a few checks
    if Service.objects.filter(hostname=hostname).exclude(fqdn=fqdn).count() > 0:
        return HttpResponse(status=401, content='%s is already registered' % hostname)
    if role not in (SERVICE, KERBEROS_DC, PRINTER, TIME_SERVER, SERVICE_1024):
        return HttpResponse(status=401, content='Role %s is not allowed' % role)
    if kerberos_service and kerberos_service not in ('HTTP', 'XMPP', 'smtp', 'IPP', 'ldap', 'cifs',
                                                     'imap', 'postgres', 'host'):
        return HttpResponse(status=401, content='Kerberos service %s is not allowed' % role)
    hosts = list(Host.objects.filter(fqdn=fqdn)[0:1])
    if not hosts:
        return HttpResponse(status=401, content='Unknown host %s is not allowed' % fqdn)
    host = hosts[0]
    if scheme == 'ssh' and host.admin_ip_address != host.main_ip_address:
        fqdn = '%s.%s%s' % (fqdn.partition('.')[0], settings.PDNS_ADMIN_PREFIX, settings.PENATES_DOMAIN)

    # Penates service
    service, created = Service.objects.get_or_create(fqdn=fqdn, scheme=scheme, hostname=hostname, port=port,
                                                     protocol=protocol)
    Service.objects.filter(pk=service.pk).update(kerberos_service=kerberos_service, description=description,
                                                 dns_srv=srv_field, encryption=encryption)
    # certificates
    entry = CertificateEntry(hostname, organizationName=settings.PENATES_ORGANIZATION,
                             organizationalUnitName=_('Services'), emailAddress=settings.PENATES_EMAIL_ADDRESS,
                             localityName=settings.PENATES_LOCALITY, countryName=settings.PENATES_COUNTRY,
                             stateOrProvinceName=settings.PENATES_STATE, altNames=[], role=role)
    pki = PKI()
    pki.ensure_certificate(entry)
    if kerberos_service:
        principal_name = '%s/%s@%s' % (kerberos_service, fqdn, settings.PENATES_REALM)
        add_principal(principal_name)
    # DNS part
    record_name, sep, domain_name = hostname.partition('.')
    if sep == '.':
        domains = list(Domain.objects.filter(name=domain_name)[0:1])
        if domains:
            domain = domains[0]
            domain.ensure_record(fqdn, hostname)
            domain.set_extra_records(scheme, hostname, port, fqdn, srv_field, entry=entry)
            domain.update_soa()
    return HttpResponse(status=201, content='%s://%s:%s/ created' % (scheme, hostname, port))

示例#12

0

显示文件

文件： views.py 项目： d9pouces/Penates-Server

def set_dhcp(request, mac_address):
    try:
        hostname = hostname_from_principal(request.user.username)
    except ValueError:
        return HttpResponse(status=401, content='Unable to register IP and MAC addresses: invalid username')

    remote_addr = request.META.get('HTTP_X_FORWARDED_FOR', '')
    admin_mac_address = request.GET.get('mac_address')
    admin_ip_address = request.GET.get('ip_address')
    Host.register_mac_address(hostname, remote_addr, mac_address, admin_ip_address, admin_mac_address)
    return HttpResponse(status=201)

示例#13

0

显示文件

文件： views.py 项目： d9pouces/Penates-Server

def get_services(request):
    try:
        fqdn = hostname_from_principal(request.user.username)
    except ValueError:
        return HttpResponse(status=401, content='Unable to get configuration: invalid username')
    result = [{'scheme': service.scheme, 'hostname': service.hostname, 'port': service.port,
               'protocol': service.protocol, 'encryption': service.encryption,
               'kerberos_service': service.kerberos_service, 'dns_srv': service.dns_srv, }
              for service in Service.objects.filter(fqdn=fqdn, protocol__in=['tcp', 'udp'])]
    content = json.dumps(result)
    return HttpResponse(content, content_type='application/json')

示例#14

0

显示文件

文件： views.py 项目： Python3pkg/Penates-Server

def get_admin_certificate(request):
    try:
        hostname = hostname_from_principal(request.user.username)
    except ValueError:
        return HttpResponse(
            status=401,
            content='Unable to get admin certificate: invalid username')
    hostname = '%s.%s%s' % (hostname.partition('.')[0],
                            settings.PDNS_ADMIN_PREFIX,
                            settings.PENATES_DOMAIN)
    entry = admin_entry_from_hostname(hostname)
    return CertificateEntryResponse(entry)

示例#15

0

显示文件

文件： views.py 项目： Python3pkg/Penates-Server

def set_dhcp(request, mac_address):
    try:
        hostname = hostname_from_principal(request.user.username)
    except ValueError:
        return HttpResponse(
            status=401,
            content='Unable to register IP and MAC addresses: invalid username'
        )

    remote_addr = request.META.get('HTTP_X_FORWARDED_FOR', '')
    admin_mac_address = request.GET.get('mac_address')
    admin_ip_address = request.GET.get('ip_address')
    Host.register_mac_address(hostname, remote_addr, mac_address,
                              admin_ip_address, admin_mac_address)
    return HttpResponse(status=201)

示例#16

0

显示文件

文件： views.py 项目： Python3pkg/Penates-Server

def set_ssh_pub(request):
    try:
        fqdn = hostname_from_principal(request.user.username)
    except ValueError:
        return HttpResponse(
            status=401,
            content='Unable to register public SSH key: invalid username')
    if Host.objects.filter(fqdn=fqdn).count() == 0:
        return HttpResponse(status=404)
    fqdn = '%s.%s%s' % (fqdn.partition('.')[0], settings.PDNS_ADMIN_PREFIX,
                        settings.PENATES_DOMAIN)
    domain_name = '%s%s' % (settings.PDNS_ADMIN_PREFIX,
                            settings.PENATES_DOMAIN)
    pub_ssh_key = request.body
    matcher = re.match(r'([\w\-]+) ([\w\+=/]{1,5000})(|\s.*)$', pub_ssh_key)
    if not matcher:
        return HttpResponse(status=406, content='Invalid public SSH key')
    methods = {
        'ssh-rsa': 1,
        'ssh-dss': 2,
        'ecdsa-sha2-nistp256': 3,
        'ssh-ed25519': 4,
    }
    if matcher.group(1) not in methods:
        return HttpResponse(status=406,
                            content='Unknown SSH key type %s' %
                            matcher.group(1))
    sha1_hash = hashlib.sha1(base64.b64decode(matcher.group(2))).hexdigest()
    sha256_hash = hashlib.sha256(base64.b64decode(
        matcher.group(2))).hexdigest()
    algorithm_code = methods[matcher.group(1)]
    domain = Domain.objects.get(name=domain_name)
    sha1_value = '%s 1 %s' % (algorithm_code, sha1_hash)
    sha256_value = '%s 2 %s' % (algorithm_code, sha256_hash)
    for value in sha1_value, sha256_value:
        if Record.objects.filter(domain=domain,
                                 name=fqdn,
                                 type='SSHFP',
                                 content__startswith=value[:4]).count() == 0:
            Record(domain=domain,
                   name=fqdn,
                   type='SSHFP',
                   content=value,
                   ttl=86400).save()
        else:
            Record.objects.filter(domain=domain, name=fqdn, type='SSHFP', content__startswith=value[:4]) \
                .update(content=value)
    return HttpResponse(status=201)

示例#17

0

显示文件

文件： views.py 项目： pombredanne/Penates-Server

def set_dhcp(request, mac_address):
    hostname = hostname_from_principal(request.user.username)
    mac_address = mac_address.replace('-', ':').upper()
    remote_addr = request.META.get('HTTP_X_FORWARDED_FOR', '')
    admin_mac_address = request.GET.get('mac_address')
    admin_ip_address = request.GET.get('ip_address')
    admin_mac_address = admin_mac_address.replace('-', ':').upper()
    if remote_addr:
        Host.objects.filter(fqdn=hostname).update(main_ip_address=remote_addr, main_mac_address=mac_address)
        Record.objects.filter(name=hostname).update(content=remote_addr)
    if admin_ip_address and admin_mac_address:
        domain_name = '%s%s' % (settings.PDNS_ADMIN_PREFIX, settings.PENATES_DOMAIN)
        long_admin_hostname = '%s.%s' % (hostname.partition('.')[0], domain_name)
        Host.objects.filter(fqdn=hostname)\
            .update(admin_ip_address=admin_ip_address, admin_mac_address=admin_mac_address)
        Domain.ensure_auto_record(admin_ip_address, long_admin_hostname, unique=True, override_reverse=False)
    return HttpResponse(status=201)

示例#18

0

显示文件

文件： views.py 项目： pombredanne/Penates-Server

def get_service_keytab(request, scheme, hostname, port):
    fqdn = hostname_from_principal(request.user.username)
    protocol = request.GET.get('protocol', 'tcp')
    hosts = list(Host.objects.filter(fqdn=fqdn)[0:1])
    if not hosts:
        return HttpResponse(status=401, content='Unknown host %s is not allowed' % fqdn)
    host = hosts[0]
    if scheme == 'ssh' and host.admin_ip_address != host.main_ip_address:
        fqdn = '%s.%s%s' % (fqdn.partition('.')[0], settings.PDNS_ADMIN_PREFIX, settings.PENATES_DOMAIN)
    services = list(Service.objects.filter(fqdn=fqdn, scheme=scheme, hostname=hostname, port=port,
                                           protocol=protocol)[0:1])
    if not services:
        return HttpResponse(status=404, content='%s://%s:%s/ unknown' % (scheme, hostname, port))
    service = services[0]
    principal_name = '%s/%s@%s' % (service.kerberos_service, fqdn, settings.PENATES_REALM)
    if not principal_exists(principal_name):
        return HttpResponse(status=404, content='Principal for %s://%s:%s/ undefined' % (scheme, hostname, port))
    return KeytabResponse(principal_name)

示例#19

0

显示文件

文件： views.py 项目： d9pouces/Penates-Server

def get_dns_conf(request):
    # noinspection PyUnusedLocal
    request = request
    try:
        fqdn = hostname_from_principal(request.user.username)
    except ValueError:
        return HttpResponse(status=401, content='Unable to get configuration: invalid username')
    if Service.objects.filter(fqdn=fqdn, scheme='dns')[0:1].count() > 0:
        db_name = settings.DATABASES['powerdns']['NAME']
        db_user = settings.DATABASES['powerdns']['USER']
        db_password = settings.DATABASES['powerdns']['PASSWORD']
        db_host = settings.DATABASES['powerdns']['HOST']
        db_port = settings.DATABASES['powerdns']['PORT']
        db_content = subprocess.check_output(['pg_dump', '--username=%s' % db_user, '--host=%s' % db_host,
                                              '--port=%s' % db_port, db_name], env={'PGPASSWORD': db_password})
    else:
        db_content = ''
    return HttpResponse(db_content, content_type='application/sql')

示例#20

0

显示文件

文件： views.py 项目： Python3pkg/Penates-Server

def get_services(request):
    try:
        fqdn = hostname_from_principal(request.user.username)
    except ValueError:
        return HttpResponse(
            status=401,
            content='Unable to get configuration: invalid username')
    result = [{
        'scheme': service.scheme,
        'hostname': service.hostname,
        'port': service.port,
        'protocol': service.protocol,
        'encryption': service.encryption,
        'kerberos_service': service.kerberos_service,
        'dns_srv': service.dns_srv,
    } for service in Service.objects.filter(fqdn=fqdn,
                                            protocol__in=['tcp', 'udp'])]
    content = json.dumps(result)
    return HttpResponse(content, content_type='application/json')

示例#21

0

显示文件

文件： views.py 项目： pombredanne/Penates-Server

def get_service_certificate(request, scheme, hostname, port):
    fqdn = hostname_from_principal(request.user.username)
    role = request.GET.get('role', SERVICE)
    protocol = request.GET.get('protocol', 'tcp')
    port = int(port)
    services = list(Service.objects.filter(fqdn=fqdn, scheme=scheme, hostname=hostname, port=port, protocol=protocol)[0:1])
    if not services:
        return HttpResponse(status=404, content='%s://%s:%s/ unknown' % (scheme, hostname, port))
    if role not in (SERVICE, KERBEROS_DC, PRINTER, TIME_SERVER, SERVICE_1024):
        return HttpResponse(status=401, content='Role %s is not allowed' % role)
    entry = CertificateEntry(hostname, organizationName=settings.PENATES_ORGANIZATION,
                             organizationalUnitName=_('Services'), emailAddress=settings.PENATES_EMAIL_ADDRESS,
                             localityName=settings.PENATES_LOCALITY, countryName=settings.PENATES_COUNTRY,
                             stateOrProvinceName=settings.PENATES_STATE, altNames=[], role=role)
    pki = PKI()
    pki.ensure_certificate(entry)
    record_name, sep, domain_name = hostname.partition('.')
    domain = Domain.objects.get(name=domain_name)
    domain.set_certificate_records(entry, protocol, hostname, port)
    return CertificateEntryResponse(entry)

示例#22

0

显示文件

def register_service(request, check_command):
    try:
        fqdn = hostname_from_principal(request.user.username)
    except ValueError:
        return HttpResponse(status=401, content='Invalid username')
    status = 204
    if request.method == 'POST':
        if request.body:
            content = json.loads(request.body.decode('utf-8'))
            s = ShinkenService(**content)
            s.host_name = fqdn
            values = s.to_dict()
        for key in ('host_name', 'check_command'):
            if key in values:
                del values[key]
        if ShinkenService.objects.filter(host_name=fqdn, check_command=check_command)\
                .update(**values) == 0:
            ShinkenService(host_name=fqdn,
                           check_command=check_command,
                           **values).save()
            return HttpResponse(status=201)
    elif request.method == 'GET':
        form = ShinkenServiceForm(request.GET)
        if not form.is_valid():
            return HttpResponse(status=400)
        values = {
            key: value
            for key, value in list(form.cleaned_data.items()) if value
        }
        if ShinkenService.objects.filter(host_name=fqdn, check_command=check_command)\
                .update(**values) == 0:
            ShinkenService(host_name=fqdn,
                           check_command=check_command,
                           **values).save()
            return HttpResponse(status=201)
    elif request.method == 'DELETE':
        ShinkenService.objects.filter(host_name=fqdn,
                                      check_command=check_command).delete()
        status = 202
    return HttpResponse(status=status)

示例#23

0

显示文件

文件： views.py 项目： Python3pkg/Penates-Server

def get_service_certificate(request, scheme, hostname, port):
    try:
        fqdn = hostname_from_principal(request.user.username)
    except ValueError:
        return HttpResponse(
            status=401,
            content='Unable to get service certificate: invalid username')
    role = request.GET.get('role', SERVICE)
    protocol = request.GET.get('protocol', 'tcp')
    port = int(port)
    query = Service.objects.filter(fqdn=fqdn,
                                   scheme=scheme,
                                   hostname=hostname,
                                   port=port,
                                   protocol=protocol)
    services = list(query[0:1])
    if not services:
        return HttpResponse(status=404,
                            content='%s://%s:%s/ unknown' %
                            (scheme, hostname, port))
    if role not in (SERVICE, KERBEROS_DC, PRINTER, TIME_SERVER, SERVICE_1024):
        return HttpResponse(status=401,
                            content='Role %s is not allowed' % role)
    entry = CertificateEntry(hostname,
                             organizationName=settings.PENATES_ORGANIZATION,
                             organizationalUnitName=_('Services'),
                             emailAddress=settings.PENATES_EMAIL_ADDRESS,
                             localityName=settings.PENATES_LOCALITY,
                             countryName=settings.PENATES_COUNTRY,
                             stateOrProvinceName=settings.PENATES_STATE,
                             altNames=[],
                             role=role)
    pki = PKI()
    pki.ensure_certificate(entry)
    record_name, sep, domain_name = hostname.partition('.')
    domain = Domain.objects.get(name=domain_name)
    domain.set_certificate_records(entry, protocol, hostname, port)
    return CertificateEntryResponse(entry)

示例#24

0

显示文件

文件： views.py 项目： Python3pkg/Penates-Server

def get_dhcpd_conf(request):
    # noinspection PyUnusedLocal
    request = request
    try:
        fqdn = hostname_from_principal(request.user.username)
    except ValueError:
        return HttpResponse(
            status=401,
            content='Unable to get configuration: invalid username')
    if Service.objects.filter(fqdn=fqdn, scheme='dchp')[0:1].count() == 0:
        hosts = []
    else:
        hosts = Host.objects.all()

    def get_ip_or_none(scheme):
        values = list(Service.objects.filter(scheme=scheme)[0:1])
        if not values:
            return None
        return Record.local_resolve(values[0].fqdn) or values[0].hostname

    def get_ip_list(scheme, protocol='udp'):
        values = list(Service.objects.filter(scheme=scheme, protocol=protocol))
        return [Record.local_resolve(x.fqdn) or x.hostname for x in values]

    template_values = {
        'penates_subnets': get_subnets(),
        'penates_domain': settings.PENATES_DOMAIN,
        'admin_prefix': settings.PDNS_ADMIN_PREFIX,
        'infra_prefix': settings.PDNS_INFRA_PREFIX,
        'hosts': hosts,
        'tftp': get_ip_or_none('tftp'),
        'dns_list': get_ip_list('dns'),
        'ntp': get_ip_or_none('ntp'),
    }
    return render_to_response('dhcpd/dhcpd.conf',
                              template_values,
                              status=200,
                              content_type='text/plain')

示例#25

0

显示文件

文件： views.py 项目： Python3pkg/Penates-Server

def set_service(request, scheme, hostname, port):
    try:
        fqdn = hostname_from_principal(request.user.username)
    except ValueError:
        return HttpResponse(
            status=401,
            content='Unable to create %s://%s:%s/: invalid username' %
            (scheme, hostname, port))

    encryption = request.GET.get('encryption', 'none')
    srv_field = request.GET.get('srv', None)
    kerberos_service = request.GET.get('keytab', None)
    role = request.GET.get('role', SERVICE)
    protocol = request.GET.get('protocol', 'tcp')

    if encryption not in ('none', 'tls', 'starttls'):
        return HttpResponse(
            'valid encryption levels are none, tls, or starttls')
    port = int(port)
    if not (0 <= port <= 65536):
        return HttpResponse('Invalid port: %s' % port,
                            status=403,
                            content_type='text/plain')
    if protocol not in ('tcp', 'udp', 'socket'):
        return HttpResponse('Invalid protocol: %s' % protocol,
                            status=403,
                            content_type='text/plain')
    description = request.body

    # a few checks
    if Service.objects.filter(hostname=hostname).exclude(
            fqdn=fqdn).count() > 0:
        return HttpResponse(status=401,
                            content='%s is already registered' % hostname)
    if role not in (SERVICE, KERBEROS_DC, PRINTER, TIME_SERVER, SERVICE_1024):
        return HttpResponse(status=401,
                            content='Role %s is not allowed' % role)
    if kerberos_service and kerberos_service not in settings.KERBEROS_SERVICES:
        return HttpResponse(status=401,
                            content='Kerberos service %s is not allowed' %
                            role)
    hosts = list(Host.objects.filter(fqdn=fqdn)[0:1])
    if not hosts:
        return HttpResponse(status=401,
                            content='Unknown host %s is not allowed' % fqdn)
    host = hosts[0]
    if scheme == 'ssh' and host.admin_ip_address != host.main_ip_address:
        fqdn = '%s.%s%s' % (fqdn.partition('.')[0], settings.PDNS_ADMIN_PREFIX,
                            settings.PENATES_DOMAIN)

    # Penates service
    service, created = Service.objects.get_or_create(fqdn=fqdn,
                                                     scheme=scheme,
                                                     hostname=hostname,
                                                     port=port,
                                                     protocol=protocol,
                                                     defaults={
                                                         'kerberos_service':
                                                         kerberos_service,
                                                         'dns_srv': srv_field,
                                                         'encryption':
                                                         encryption,
                                                         'description':
                                                         description
                                                     })
    Service.objects.filter(pk=service.pk).update(
        kerberos_service=kerberos_service,
        description=description,
        dns_srv=srv_field,
        encryption=encryption)
    # certificates
    entry = CertificateEntry(hostname,
                             organizationName=settings.PENATES_ORGANIZATION,
                             organizationalUnitName=_('Services'),
                             emailAddress=settings.PENATES_EMAIL_ADDRESS,
                             localityName=settings.PENATES_LOCALITY,
                             countryName=settings.PENATES_COUNTRY,
                             stateOrProvinceName=settings.PENATES_STATE,
                             altNames=[],
                             role=role)
    pki = PKI()
    pki.ensure_certificate(entry)
    if kerberos_service:
        add_principal(service.principal_name)
    # DNS part
    record_name, sep, domain_name = hostname.partition('.')
    if sep == '.':
        domains = list(Domain.objects.filter(name=domain_name)[0:1])
        if domains:
            domain = domains[0]
            domain.ensure_record(fqdn, hostname)
            domain.set_extra_records(scheme,
                                     hostname,
                                     port,
                                     fqdn,
                                     srv_field,
                                     entry=entry)
            domain.update_soa()
    return HttpResponse(status=201,
                        content='%s://%s:%s/ created' %
                        (scheme, hostname, port))

示例#26

0

显示文件

文件： views.py 项目： pombredanne/Penates-Server

def get_host_certificate(request):
    entry = entry_from_hostname(hostname_from_principal(request.user.username))
    return CertificateEntryResponse(entry)

示例#27

0

显示文件

文件： views.py 项目： pombredanne/Penates-Server

def get_admin_certificate(request):
    hostname = hostname_from_principal(request.user.username)
    hostname = '%s.%s%s' % (hostname.partition('.')[0], settings.PDNS_ADMIN_PREFIX, settings.PENATES_DOMAIN)
    entry = admin_entry_from_hostname(hostname)
    return CertificateEntryResponse(entry)