def bad_parameters(): protocol.http_response( evcommon.VERSION + "\n" + evcommon.VERIFY_ERROR + "\n" + evmessage.EvMessage().get_str("BAD_PARAMETERS", evstrings.BAD_PARAMETERS) )
def technical_error(): protocol.http_response( evcommon.VERSION + "\n" + evcommon.VERIFY_ERROR + "\n" + evmessage.EvMessage().get_str( "TECHNICAL_ERROR_VOTE_VERIFICATION", evstrings.TECHNICAL_ERROR_VOTE_VERIFICATION ) )
def do_cgi(): try: elec = election.Election() evlog.AppLog().set_app(APP) # Create a list of pairs from the form parameters. Don't use a dictionary # because that will overwrite recurring keys. form = cgi.FieldStorage() params = [] for key in form: for value in form.getlist(key): params.append((key, value)) # Only accept up to a single parameter if len(params) > 1: def keys(pairs): """Return a comma-separated list of the keys.""" return ", ".join([pair[0] for pair in pairs]) evlog.log_error("Too many query parameters: " + keys(params)) bad_parameters() return # Only accept the POST_VERIFY_VOTE parameter. if len(params) and params[0][0] != evcommon.POST_VERIFY_VOTE: evlog.log_error('Unknown query parameter "%s"' % params[0][0]) bad_parameters() return # Make sure the parameter is correctly formatted. if not formatutil.is_vote_verification_id(params[0][1]): # Don't write to disk; we don't know how large the value is evlog.log_error("Malformed vote ID") bad_parameters() return evlog.log("verif/auth REMOTE_ADDR: " + evlogdata.get_remote_ip()) evlog.log("verif/auth VOTE-ID: " + params[0][1]) params.append((evcommon.POST_SESS_ID, sessionid.voting())) url = "http://" + elec.get_hts_ip() + "/" + elec.get_hts_verify_path() conn = urllib.urlopen(url, urllib.urlencode(params)) protocol.http_response(conn.read()) except: evlog.log_exception() technical_error()
def do_cgi(): try: elec = election.Election() evlog.AppLog().set_app(APP) # Create a list of pairs from the form parameters. Don't use a dictionary # because that will overwrite recurring keys. form = cgi.FieldStorage() params = [] for key in form: for value in form.getlist(key): params.append((key, value)) # Only accept up to a single parameter if len(params) > 1: def keys(pairs): """Return a comma-separated list of the keys.""" return ", ".join([pair[0] for pair in pairs]) evlog.log_error("Too many query parameters: " + keys(params)) bad_parameters() return # Only accept the POST_VERIFY_VOTE parameter. if len(params) and params[0][0] != evcommon.POST_VERIFY_VOTE: evlog.log_error("Unknown query parameter \"%s\"" % params[0][0]) bad_parameters() return # Make sure the parameter is correctly formatted. if not formatutil.is_vote_verification_id(params[0][1]): # Don't write to disk; we don't know how large the value is evlog.log_error("Malformed vote ID") bad_parameters() return evlog.log("verif/auth REMOTE_ADDR: " + evlogdata.get_remote_ip()) evlog.log("verif/auth VOTE-ID: " + params[0][1]) params.append((evcommon.POST_SESS_ID, sessionid.voting())) url = "http://" + elec.get_hts_ip() + "/" + elec.get_hts_verify_path() conn = urllib.urlopen(url, urllib.urlencode(params)) protocol.http_response(conn.read()) except: evlog.log_exception() technical_error()
def bad_input(): _msg = htsalldisp.bad_cgi_input() protocol.http_response(_msg) cgi.sys.exit(0)
os.umask(007) form = cgi.FieldStorage() has_sha1 = form.has_key(evcommon.POST_VOTERS_FILES_SHA1) has_code = form.has_key(evcommon.POST_PERSONAL_CODE) has_vote = form.has_key(evcommon.POST_EVOTE) has_sess = form.has_key(evcommon.POST_SESS_ID) if (not has_sha1): bad_input() val_sha = form.getvalue(evcommon.POST_VOTERS_FILES_SHA1) if (not has_code) and (not has_vote): msg = htsalldisp.consistency(val_sha) protocol.http_response(msg) cgi.sys.exit(0) if (has_sess): sessionid.setsid(form.getvalue(evcommon.POST_SESS_ID)) if has_code and has_vote: if (has_sess): val_code = form.getvalue(evcommon.POST_PERSONAL_CODE) val_vote = form.getvalue(evcommon.POST_EVOTE) msg = htsalldisp.store_vote(val_sha, val_code, val_vote) protocol.http_response(msg) cgi.sys.exit(0) else: bad_input()
def bad_parameters(): protocol.http_response(evcommon.VERSION + "\n" + \ evcommon.VERIFY_ERROR + "\n" + \ evmessage.EvMessage().get_str("BAD_PARAMETERS", \ evstrings.BAD_PARAMETERS)) cgi.sys.exit(0)
for value in form.getlist(key): params.append((key, value)) # Only accept up to a single parameter if len(params) > 1: def keys(pairs): """Return a comma-separated list of the keys.""" return ", ".join([pair[0] for pair in pairs]) AppLog().log_error("Too many query parameters: " + keys(params)) bad_parameters() # Only accept the POST_VERIFY_VOTE parameter. if len(params) and params[0][0] != evcommon.POST_VERIFY_VOTE: AppLog().log_error("Unknown query parameter \"%s\"" % params[0][0]) bad_parameters() # Make sure the parameter is correctly formatted. if not formatutil.is_vote_verification_id(params[0][1]): # Don't write to disk; we don't know how large the value is AppLog().log_error("Malformed vote ID") bad_parameters() url = "http://" + elec.get_hts_ip() + "/" + elec.get_hts_verify_path() conn = urllib.urlopen(url, urllib.urlencode(params)) protocol.http_response(conn.read()) cgi.sys.exit(0) # vim:set ts=4 sw=4 et fileencoding=utf8:
import evlog import sessionid import os if not evcommon.testrun(): os.umask(007) form = cgi.FieldStorage() result = protocol.msg_error_technical() mid = middisp.MIDDispatcher() if form.has_key(evcommon.POST_SESS_ID): sessionid.setsid(form.getvalue(evcommon.POST_SESS_ID)) if form.has_key(evcommon.POST_MID_POLL): result = mid.poll() else: result = mid.init_sign(form) else: if form.has_key(evcommon.POST_PHONENO): if not os.path.exists('/var/evote/registry/common/nonewvoters'): result = mid.init_auth(form.getvalue(evcommon.POST_PHONENO)) else: a, b = protocol.plain_error_election_off_after() result = protocol.msg_error(a, b) else: evlog.log_error('Vigane POST päring: %s' % form.keys()) protocol.http_response(result) cgi.sys.exit(0) # vim:set ts=4 sw=4 et fileencoding=utf8:
protocol.http_response(evcommon.VERSION + "\n" + \ evcommon.VERIFY_ERROR + "\n" + \ evmessage.EvMessage().get_str("BAD_PARAMETERS", \ evstrings.BAD_PARAMETERS)) cgi.sys.exit(0) if not evcommon.testrun(): os.umask(007) APP = "hts-verify-vote.cgi" AppLog().set_app(APP) form = cgi.FieldStorage() vote = None if form.has_key(evcommon.POST_VERIFY_VOTE): values = form.getlist(evcommon.POST_VERIFY_VOTE) if len(values) == 1: vote = values[0] else: # Don't write the values to disk; we don't know how large they are AppLog().log_error("Too many parameter values") bad_parameters() protocol.http_response(htsalldisp.verify_vote(vote)) cgi.sys.exit(0) # vim:set ts=4 sw=4 et fileencoding=utf8:
res, logline = cgivalidator.validate_form(form, req_params) if res: cgilog.do_log("vote/auth") result = mid.init_sign(form) else: cgilog.do_log_error('vote/auth/err') evlog.log_error(logline) else: req_params = [evcommon.POST_PHONENO] res, logline = cgivalidator.validate_form(form, req_params) if res: cgilog.do_log("cand/auth") phoneno = form.getvalue(evcommon.POST_PHONENO) evlog.log("PHONENO: " + phoneno) if election.Election().allow_new_voters(): result = mid.init_auth(phoneno) else: a, b = protocol.plain_error_election_off_after() result = protocol.msg_error(a, b) else: cgilog.do_log_error('cand/auth/err') evlog.log_error(logline) except: evlog.log_exception() result = protocol.msg_error_technical() protocol.http_response(result) cgi.sys.exit(0) # vim:set ts=4 sw=4 et fileencoding=utf8:
evstrings.BAD_PARAMETERS)) cgi.sys.exit(0) if not evcommon.testrun(): os.umask(007) APP = "hts-verify-vote.cgi" AppLog().set_app(APP) form = cgi.FieldStorage() vote = None if form.has_key(evcommon.POST_SESS_ID): sessionid.setsid(form.getvalue(evcommon.POST_SESS_ID)) if form.has_key(evcommon.POST_VERIFY_VOTE): values = form.getlist(evcommon.POST_VERIFY_VOTE) if len(values) == 1: vote = values[0] else: # Don't write the values to disk; we don't know how large they are AppLog().log_error("Too many parameter values") bad_parameters() protocol.http_response(htsalldisp.verify_vote(vote)) cgi.sys.exit(0) # vim:set ts=4 sw=4 et fileencoding=utf8:
os.umask(007) form = cgi.FieldStorage() has_sha256 = form.has_key(evcommon.POST_VOTERS_FILES_SHA256) has_code = form.has_key(evcommon.POST_PERSONAL_CODE) has_vote = form.has_key(evcommon.POST_EVOTE) has_sess = form.has_key(evcommon.POST_SESS_ID) if (not has_sha256): bad_input() val_sha = form.getvalue(evcommon.POST_VOTERS_FILES_SHA256) if (not has_code) and (not has_vote): msg = htsalldisp.consistency(val_sha) protocol.http_response(msg) cgi.sys.exit(0) if (has_sess): sessionid.setsid(form.getvalue(evcommon.POST_SESS_ID)) if has_code and has_vote: if (has_sess): val_code = form.getvalue(evcommon.POST_PERSONAL_CODE) val_vote = form.getvalue(evcommon.POST_EVOTE) msg = htsalldisp.store_vote(val_sha, val_code, val_vote) protocol.http_response(msg) cgi.sys.exit(0) else: bad_input()
def keys(pairs): """Return a comma-separated list of the keys.""" return ", ".join([pair[0] for pair in pairs]) evlog.log_error("Too many query parameters: " + keys(params)) bad_parameters() # Only accept the POST_VERIFY_VOTE parameter. if len(params) and params[0][0] != evcommon.POST_VERIFY_VOTE: evlog.log_error('Unknown query parameter "%s"' % params[0][0]) bad_parameters() # Make sure the parameter is correctly formatted. if not formatutil.is_vote_verification_id(params[0][1]): # Don't write to disk; we don't know how large the value is evlog.log_error("Malformed vote ID") bad_parameters() evlog.log("verif/auth REMOTE_ADDR: " + evlogdata.get_remote_ip()) evlog.log("verif/auth VOTE-ID: " + params[0][1]) params.append((evcommon.POST_SESS_ID, sessionid.voting())) url = "http://" + elec.get_hts_ip() + "/" + elec.get_hts_verify_path() conn = urllib.urlopen(url, urllib.urlencode(params)) protocol.http_response(conn.read()) cgi.sys.exit(0) # vim:set ts=4 sw=4 et fileencoding=utf8:
def technical_error(): protocol.http_response(evcommon.VERSION + "\n" + \ evcommon.VERIFY_ERROR + "\n" + \ evmessage.EvMessage().get_str("TECHNICAL_ERROR_VOTE_VERIFICATION", \ evstrings.TECHNICAL_ERROR_VOTE_VERIFICATION))