def bad_parameters():
protocol.http_response(
evcommon.VERSION
+ "\n"
+ evcommon.VERIFY_ERROR
+ "\n"
+ evmessage.EvMessage().get_str("BAD_PARAMETERS", evstrings.BAD_PARAMETERS)
)
def technical_error():
protocol.http_response(
evcommon.VERSION
+ "\n"
+ evcommon.VERIFY_ERROR
+ "\n"
+ evmessage.EvMessage().get_str(
"TECHNICAL_ERROR_VOTE_VERIFICATION", evstrings.TECHNICAL_ERROR_VOTE_VERIFICATION
)
)
def do_cgi():
try:
elec = election.Election()
evlog.AppLog().set_app(APP)
# Create a list of pairs from the form parameters. Don't use a dictionary
# because that will overwrite recurring keys.
form = cgi.FieldStorage()
params = []
for key in form:
for value in form.getlist(key):
params.append((key, value))
# Only accept up to a single parameter
if len(params) > 1:
def keys(pairs):
"""Return a comma-separated list of the keys."""
return ", ".join([pair[0] for pair in pairs])
evlog.log_error("Too many query parameters: " + keys(params))
bad_parameters()
return
# Only accept the POST_VERIFY_VOTE parameter.
if len(params) and params[0][0] != evcommon.POST_VERIFY_VOTE:
evlog.log_error('Unknown query parameter "%s"' % params[0][0])
bad_parameters()
return
# Make sure the parameter is correctly formatted.
if not formatutil.is_vote_verification_id(params[0][1]):
# Don't write to disk; we don't know how large the value is
evlog.log_error("Malformed vote ID")
bad_parameters()
return
evlog.log("verif/auth REMOTE_ADDR: " + evlogdata.get_remote_ip())
evlog.log("verif/auth VOTE-ID: " + params[0][1])
params.append((evcommon.POST_SESS_ID, sessionid.voting()))
url = "http://" + elec.get_hts_ip() + "/" + elec.get_hts_verify_path()
conn = urllib.urlopen(url, urllib.urlencode(params))
protocol.http_response(conn.read())
except:
evlog.log_exception()
technical_error()
def do_cgi():
try:
elec = election.Election()
evlog.AppLog().set_app(APP)
# Create a list of pairs from the form parameters. Don't use a dictionary
# because that will overwrite recurring keys.
form = cgi.FieldStorage()
params = []
for key in form:
for value in form.getlist(key):
params.append((key, value))
# Only accept up to a single parameter
if len(params) > 1:
def keys(pairs):
"""Return a comma-separated list of the keys."""
return ", ".join([pair[0] for pair in pairs])
evlog.log_error("Too many query parameters: " + keys(params))
bad_parameters()
return
# Only accept the POST_VERIFY_VOTE parameter.
if len(params) and params[0][0] != evcommon.POST_VERIFY_VOTE:
evlog.log_error("Unknown query parameter \"%s\"" % params[0][0])
bad_parameters()
return
# Make sure the parameter is correctly formatted.
if not formatutil.is_vote_verification_id(params[0][1]):
# Don't write to disk; we don't know how large the value is
evlog.log_error("Malformed vote ID")
bad_parameters()
return
evlog.log("verif/auth REMOTE_ADDR: " + evlogdata.get_remote_ip())
evlog.log("verif/auth VOTE-ID: " + params[0][1])
params.append((evcommon.POST_SESS_ID, sessionid.voting()))
url = "http://" + elec.get_hts_ip() + "/" + elec.get_hts_verify_path()
conn = urllib.urlopen(url, urllib.urlencode(params))
protocol.http_response(conn.read())
except:
evlog.log_exception()
technical_error()
def bad_input():
_msg = htsalldisp.bad_cgi_input()
protocol.http_response(_msg)
cgi.sys.exit(0)
os.umask(007)
form = cgi.FieldStorage()
has_sha1 = form.has_key(evcommon.POST_VOTERS_FILES_SHA1)
has_code = form.has_key(evcommon.POST_PERSONAL_CODE)
has_vote = form.has_key(evcommon.POST_EVOTE)
has_sess = form.has_key(evcommon.POST_SESS_ID)
if (not has_sha1):
bad_input()
val_sha = form.getvalue(evcommon.POST_VOTERS_FILES_SHA1)
if (not has_code) and (not has_vote):
msg = htsalldisp.consistency(val_sha)
protocol.http_response(msg)
cgi.sys.exit(0)
if (has_sess):
sessionid.setsid(form.getvalue(evcommon.POST_SESS_ID))
if has_code and has_vote:
if (has_sess):
val_code = form.getvalue(evcommon.POST_PERSONAL_CODE)
val_vote = form.getvalue(evcommon.POST_EVOTE)
msg = htsalldisp.store_vote(val_sha, val_code, val_vote)
protocol.http_response(msg)
cgi.sys.exit(0)
else:
bad_input()
def bad_parameters():
protocol.http_response(evcommon.VERSION + "\n" + \
evcommon.VERIFY_ERROR + "\n" + \
evmessage.EvMessage().get_str("BAD_PARAMETERS", \
evstrings.BAD_PARAMETERS))
cgi.sys.exit(0)
for value in form.getlist(key):
params.append((key, value))
# Only accept up to a single parameter
if len(params) > 1:
def keys(pairs):
"""Return a comma-separated list of the keys."""
return ", ".join([pair[0] for pair in pairs])
AppLog().log_error("Too many query parameters: " + keys(params))
bad_parameters()
# Only accept the POST_VERIFY_VOTE parameter.
if len(params) and params[0][0] != evcommon.POST_VERIFY_VOTE:
AppLog().log_error("Unknown query parameter \"%s\"" % params[0][0])
bad_parameters()
# Make sure the parameter is correctly formatted.
if not formatutil.is_vote_verification_id(params[0][1]):
# Don't write to disk; we don't know how large the value is
AppLog().log_error("Malformed vote ID")
bad_parameters()
url = "http://" + elec.get_hts_ip() + "/" + elec.get_hts_verify_path()
conn = urllib.urlopen(url, urllib.urlencode(params))
protocol.http_response(conn.read())
cgi.sys.exit(0)
# vim:set ts=4 sw=4 et fileencoding=utf8:
import evlog
import sessionid
import os
if not evcommon.testrun():
os.umask(007)
form = cgi.FieldStorage()
result = protocol.msg_error_technical()
mid = middisp.MIDDispatcher()
if form.has_key(evcommon.POST_SESS_ID):
sessionid.setsid(form.getvalue(evcommon.POST_SESS_ID))
if form.has_key(evcommon.POST_MID_POLL):
result = mid.poll()
else:
result = mid.init_sign(form)
else:
if form.has_key(evcommon.POST_PHONENO):
if not os.path.exists('/var/evote/registry/common/nonewvoters'):
result = mid.init_auth(form.getvalue(evcommon.POST_PHONENO))
else:
a, b = protocol.plain_error_election_off_after()
result = protocol.msg_error(a, b)
else:
evlog.log_error('Vigane POST päring: %s' % form.keys())
protocol.http_response(result)
cgi.sys.exit(0)
# vim:set ts=4 sw=4 et fileencoding=utf8:
protocol.http_response(evcommon.VERSION + "\n" + \
evcommon.VERIFY_ERROR + "\n" + \
evmessage.EvMessage().get_str("BAD_PARAMETERS", \
evstrings.BAD_PARAMETERS))
cgi.sys.exit(0)
if not evcommon.testrun():
os.umask(007)
APP = "hts-verify-vote.cgi"
AppLog().set_app(APP)
form = cgi.FieldStorage()
vote = None
if form.has_key(evcommon.POST_VERIFY_VOTE):
values = form.getlist(evcommon.POST_VERIFY_VOTE)
if len(values) == 1:
vote = values[0]
else:
# Don't write the values to disk; we don't know how large they are
AppLog().log_error("Too many parameter values")
bad_parameters()
protocol.http_response(htsalldisp.verify_vote(vote))
cgi.sys.exit(0)
# vim:set ts=4 sw=4 et fileencoding=utf8:
res, logline = cgivalidator.validate_form(form, req_params)
if res:
cgilog.do_log("vote/auth")
result = mid.init_sign(form)
else:
cgilog.do_log_error('vote/auth/err')
evlog.log_error(logline)
else:
req_params = [evcommon.POST_PHONENO]
res, logline = cgivalidator.validate_form(form, req_params)
if res:
cgilog.do_log("cand/auth")
phoneno = form.getvalue(evcommon.POST_PHONENO)
evlog.log("PHONENO: " + phoneno)
if election.Election().allow_new_voters():
result = mid.init_auth(phoneno)
else:
a, b = protocol.plain_error_election_off_after()
result = protocol.msg_error(a, b)
else:
cgilog.do_log_error('cand/auth/err')
evlog.log_error(logline)
except:
evlog.log_exception()
result = protocol.msg_error_technical()
protocol.http_response(result)
cgi.sys.exit(0)
# vim:set ts=4 sw=4 et fileencoding=utf8:
evstrings.BAD_PARAMETERS))
cgi.sys.exit(0)
if not evcommon.testrun():
os.umask(007)
APP = "hts-verify-vote.cgi"
AppLog().set_app(APP)
form = cgi.FieldStorage()
vote = None
if form.has_key(evcommon.POST_SESS_ID):
sessionid.setsid(form.getvalue(evcommon.POST_SESS_ID))
if form.has_key(evcommon.POST_VERIFY_VOTE):
values = form.getlist(evcommon.POST_VERIFY_VOTE)
if len(values) == 1:
vote = values[0]
else:
# Don't write the values to disk; we don't know how large they are
AppLog().log_error("Too many parameter values")
bad_parameters()
protocol.http_response(htsalldisp.verify_vote(vote))
cgi.sys.exit(0)
# vim:set ts=4 sw=4 et fileencoding=utf8:
def bad_input():
_msg = htsalldisp.bad_cgi_input()
protocol.http_response(_msg)
cgi.sys.exit(0)
os.umask(007)
form = cgi.FieldStorage()
has_sha256 = form.has_key(evcommon.POST_VOTERS_FILES_SHA256)
has_code = form.has_key(evcommon.POST_PERSONAL_CODE)
has_vote = form.has_key(evcommon.POST_EVOTE)
has_sess = form.has_key(evcommon.POST_SESS_ID)
if (not has_sha256):
bad_input()
val_sha = form.getvalue(evcommon.POST_VOTERS_FILES_SHA256)
if (not has_code) and (not has_vote):
msg = htsalldisp.consistency(val_sha)
protocol.http_response(msg)
cgi.sys.exit(0)
if (has_sess):
sessionid.setsid(form.getvalue(evcommon.POST_SESS_ID))
if has_code and has_vote:
if (has_sess):
val_code = form.getvalue(evcommon.POST_PERSONAL_CODE)
val_vote = form.getvalue(evcommon.POST_EVOTE)
msg = htsalldisp.store_vote(val_sha, val_code, val_vote)
protocol.http_response(msg)
cgi.sys.exit(0)
else:
bad_input()
def keys(pairs):
"""Return a comma-separated list of the keys."""
return ", ".join([pair[0] for pair in pairs])
evlog.log_error("Too many query parameters: " + keys(params))
bad_parameters()
# Only accept the POST_VERIFY_VOTE parameter.
if len(params) and params[0][0] != evcommon.POST_VERIFY_VOTE:
evlog.log_error('Unknown query parameter "%s"' % params[0][0])
bad_parameters()
# Make sure the parameter is correctly formatted.
if not formatutil.is_vote_verification_id(params[0][1]):
# Don't write to disk; we don't know how large the value is
evlog.log_error("Malformed vote ID")
bad_parameters()
evlog.log("verif/auth REMOTE_ADDR: " + evlogdata.get_remote_ip())
evlog.log("verif/auth VOTE-ID: " + params[0][1])
params.append((evcommon.POST_SESS_ID, sessionid.voting()))
url = "http://" + elec.get_hts_ip() + "/" + elec.get_hts_verify_path()
conn = urllib.urlopen(url, urllib.urlencode(params))
protocol.http_response(conn.read())
cgi.sys.exit(0)
# vim:set ts=4 sw=4 et fileencoding=utf8:
def technical_error():
protocol.http_response(evcommon.VERSION + "\n" + \
evcommon.VERIFY_ERROR + "\n" + \
evmessage.EvMessage().get_str("TECHNICAL_ERROR_VOTE_VERIFICATION", \
evstrings.TECHNICAL_ERROR_VOTE_VERIFICATION))
