def setUp(self):
self.vici_wrapper = ViciWrapper()
self.vici_wrapper.session.clear_creds()
self.vici_wrapper.unload_all_connections()
self.connection = Connection(profile='rw', auth='pubkey', version=1)
self.connection.save()
Authentication(name='local-1', auth='pubkey', local=self.connection).save()
def start(self):
self.load()
if self.initiate:
vici_wrapper = ViciWrapper()
for child in self.server_children.all():
logs = vici_wrapper.initiate(child.name, self.profile)
for log in logs:
LogMessage(connection=self, message=log['message']).save()
def start(self):
self.load()
if self.initiate:
vici_wrapper = ViciWrapper()
for child in self.server_children.all():
logs = vici_wrapper.initiate(child.name, self.profile)
for log in logs:
LogMessage(connection=self, message=log['message']).save()
def state(self):
try:
vici_wrapper = ViciWrapper()
state = vici_wrapper.get_connection_state(self.profile)
if state == State.DOWN.value:
return State.DOWN.value
elif state == State.ESTABLISHED.value:
return State.ESTABLISHED.value
elif state == State.CONNECTING.value:
return State.CONNECTING.value
except:
return State.DOWN.value
def state(self):
try:
vici_wrapper = ViciWrapper()
state = vici_wrapper.get_connection_state(self.profile)
if state == State.DOWN.value:
return State.DOWN.value
elif state == State.ESTABLISHED.value:
return State.ESTABLISHED.value
elif state == State.CONNECTING.value:
return State.CONNECTING.value
except:
return State.DOWN.value
def handle(self):
connection = Connection.objects.get(id=self.id).subclass()
try:
vici_wrapper = ViciWrapper()
if vici_wrapper.is_connection_loaded(connection.profile) is True:
vici_wrapper.unload_connection(connection.profile)
except ViciException as e:
messages.warning(self.request, str(e))
profilname = connection.profile
connection.delete()
messages.info(self.request, "Connection " + profilname + " deleted.")
return HttpResponseRedirect(reverse("server_connections:index"))
def reload_certs(cls):
'''
Deletes all ViciCertificates, reads the vici interface and save all Certificates there
:return None
'''
ViciCertificate.objects.all().delete()
wrapper = ViciWrapper()
vici_certs = wrapper.get_certificates()
for dic in vici_certs:
try:
cls._add_x509(dic)
except CertificateManagerException:
pass
def reload_certs(cls):
'''
Deletes all ViciCertificates, reads the vici interface and save all Certificates there
:return None
'''
ViciCertificate.objects.all().delete()
wrapper = ViciWrapper()
vici_certs = wrapper.get_certificates()
for dic in vici_certs:
try:
cls._add_x509(dic)
except CertificateManagerException:
pass
def handle(self):
connection = Connection.objects.get(id=self.id).subclass()
try:
vici_wrapper = ViciWrapper()
if vici_wrapper.is_connection_loaded(connection.profile) is True:
vici_wrapper.unload_connection(connection.profile)
except ViciException as e:
messages.warning(self.request, str(e))
profilname = connection.profile
connection.delete()
messages.info(self.request, "Connection " + profilname + " deleted.")
return HttpResponseRedirect(reverse("connections:index"))
def _render_page(self, form=PasswordChangeForm()):
context = OrderedDict()
try:
vici_wrapper = ViciWrapper()
context = vici_wrapper.get_version()
plugins = vici_wrapper.get_plugins()
plugins.sort()
context['plugins'] = plugins
except ViciLoadException as e:
messages.warning(self.request, str(e))
except ViciSocketException as e:
pass
context["pw_form"] = form
return render(self.request, 'about.html', context)
def _render_page(self, form=PasswordChangeForm()):
context = OrderedDict()
try:
vici_wrapper = ViciWrapper()
context = vici_wrapper.get_version()
plugins = vici_wrapper.get_plugins()
plugins.sort()
context['plugins'] = plugins
except ViciLoadException as e:
messages.warning(self.request, str(e))
except ViciSocketException as e:
pass
context["pw_form"] = form
return render(self.request, 'about.html', context)
def handle(self):
response = dict(id=self.connection.id, success=False)
try:
vici_wrapper = ViciWrapper()
sa = vici_wrapper.get_sas_by(self.connection.profile)
if sa:
child = ChildSA(sa[0], self.connection.profile)
response['child'] = child.__dict__
response['success'] = True
except ViciException as e:
response['message'] = str(e)
except Exception as e:
print(e)
return JsonResponse(response)
def handle(self):
if self.request.method == 'GET':
return render(self.request, 'eap_secrets/add.html',
{"form": AddOrEditForm()})
elif self.request.method == 'POST':
self.form = AddOrEditForm(self.request.POST)
if not self.form.is_valid():
return render(self.request, 'eap_secrets/add.html',
{"form": self.form})
else:
try:
secret = Secret(username=self.form.my_username,
type='EAP',
password=self.form.my_salted_password,
salt=self.form.my_salt)
secret.save()
except IntegrityError:
messages.add_message(
self.request, messages.ERROR,
'An EAP Secret with this Username does already exist')
return render(self.request, 'eap_secrets/add.html',
{"form": self.form})
ViciWrapper().load_secret(secret.dict())
messages.add_message(self.request, messages.SUCCESS,
'Successfully created EAP Secret')
return redirect(reverse("eap_secrets:overview"))
def _render(self):
dhcpdbvalue = Pool.objects.all().filter(poolname__contains='dhcp')
if not dhcpdbvalue:
dhcppool = Pool(poolname='dhcp')
dhcppool.clean()
dhcppool.save()
radiusdbvalue = Pool.objects.all().filter(poolname__contains='radius')
if not radiusdbvalue:
radiuspool = Pool(poolname='radius')
radiuspool.clean()
radiuspool.save()
queryset = Pool.objects.exclude(poolname__contains='dhcp').exclude(
poolname__contains='radius')
pools = ViciWrapper().get_pools({'leases': "yes"})
table = tables.PoolsTable(queryset, request=self.request, pools=pools)
RequestConfig(self.request,
paginate={
"per_page": self.ENTRIES_PER_PAGE
}).configure(table)
if len(queryset) == 0:
table = None
return render(self.request, 'pools/overview.html', {'table': table})
def handle(self):
if self.request.method == "GET":
return self.load_edit_form()
elif self.request.method == "POST":
self.form = AddOrEditForm(self.parameter_dict)
vici = ViciWrapper()
if "remove_pool" in self.request.POST:
return self.delete_pool(vici)
return self.update_pool(vici)
def handle(self):
response = dict(id=self.connection.id, success=False)
try:
vici_wrapper = ViciWrapper()
sas = vici_wrapper.get_sas_by(self.connection.profile)
if sas:
ikesas = []
for sa in sas:
sa = sa[self.connection.profile]
ikesas.append(IkeSA(sa))
sadict = []
for ikesa in ikesas:
sadict.append(ikesa.__dict__)
response['child'] = sadict
response['success'] = True
except ViciException as e:
response['message'] = str(e)
except Exception as e:
print(e)
return JsonResponse(response)
def handle(self):
try:
connection = Connection.objects.get(id=self.conn_id).subclass()
vici_wrapper = ViciWrapper()
logs = None
if hasattr(self, 'sa_id'):
logs = vici_wrapper.terminate_ike_sa(self.sa_id)
elif hasattr(self, 'child_sa_id'):
logs = vici_wrapper.terminate_child_sa(self.child_sa_id)
for log in logs:
LogMessage(connection=connection, message=log['message']).save()
if hasattr(self, 'sa_id'):
messages.info(self.request, "Ike SA terminated.")
elif hasattr(self, 'child_sa_id'):
messages.info(self.request, "Child SA terminated.")
except ViciException as e:
messages.warning(self.request, str(e))
return HttpResponseRedirect(reverse("server_connections:index"))
def state(self):
vici_wrapper = ViciWrapper()
if self.is_remote_access() or self.is_site_to_site() and not self.initiate:
try:
loaded = vici_wrapper.is_connection_loaded(self.profile)
if loaded:
return State.LOADED.value
else:
return State.UNLOADED.value
except:
return State.UNLOADED.value
else:
try:
state = vici_wrapper.get_connection_state(self.profile)
if state == State.DOWN.value:
return State.DOWN.value
elif state == State.ESTABLISHED.value:
return State.ESTABLISHED.value
elif state == State.CONNECTING.value:
return State.CONNECTING.value
except:
return State.DOWN.value
def state(self):
vici_wrapper = ViciWrapper()
if self.is_remote_access(
) or self.is_site_to_site() and not self.initiate:
try:
loaded = vici_wrapper.is_connection_loaded(self.profile)
if loaded:
return State.LOADED.value
else:
return State.UNLOADED.value
except:
return State.UNLOADED.value
else:
try:
state = vici_wrapper.get_connection_state(self.profile)
if state == State.DOWN.value:
return State.DOWN.value
elif state == State.ESTABLISHED.value:
return State.ESTABLISHED.value
elif state == State.CONNECTING.value:
return State.CONNECTING.value
except:
return State.DOWN.value
def setUp(self):
self.client = Client()
self.user = User.objects.create(username='******')
self.user.set_password('12345')
self.user.save()
self.client.login(username='******', password='******')
ca_cert = TestCertificates.strongSwan_cert.read()
cert = TestCertificates.carol_cert.read()
key = TestCertificates.carol_key.read()
manager = UserCertificateManager()
manager.add_keycontainer(cert)
manager.add_keycontainer(key)
manager.add_keycontainer(ca_cert)
for c in Certificate.objects.all():
if "carol@strongswan" in str(c.der_container):
self.carol_cert = c
else:
self.ca_cert = c
for i in self.carol_cert.identities:
if str(i.subclass()) == '*****@*****.**':
self.carol_ident = i.subclass()
self.vici_wrapper = ViciWrapper()
self.vici_wrapper.unload_all_connections()
def reload_secrets(self):
vici = ViciWrapper()
vici.clear_creds()
for secret in Secret.objects.all():
vici.load_secret(secret.dict())
def stop(self):
vici_wrapper = ViciWrapper()
vici_wrapper.unload_connection(self.profile)
logs = vici_wrapper.terminate_connection(self.profile)
for log in logs:
LogMessage(connection=self, message=log['message']).save()
class ViciWrapperTest(TestCase):
def setUp(self):
self.vici_wrapper = ViciWrapper()
self.vici_wrapper.session.clear_creds()
self.vici_wrapper.unload_all_connections()
self.connection = Connection(profile='rw', auth='pubkey', version=1)
self.connection.save()
Authentication(name='local-1', auth='pubkey', local=self.connection).save()
def test_vici_socket(self):
with self.assertRaises(ViciPathNotASocketException):
ViciWrapper(socket_path="/")
def test_vici_get_verion(self):
version = self.vici_wrapper.get_version()
self.assertTrue(bool(version))
def test_vici_get_plugin(self):
plugins = self.vici_wrapper.get_plugins()
self.assertTrue(bool(plugins))
def test_vici_get_status(self):
status = self.vici_wrapper.get_status()
self.assertTrue(bool(status))
def test_vici_load_connection(self):
self.assertEquals(0, self.vici_wrapper.get_connections_names().__len__())
self.vici_wrapper.load_connection(self.connection.dict())
self.assertEquals(1, self.vici_wrapper.get_connections_names().__len__())
def test_vici_is_active(self):
self.assertEquals(0, self.vici_wrapper.get_connections_names().__len__())
self.vici_wrapper.load_connection(self.connection.dict())
self.assertEquals(1, self.vici_wrapper.get_connections_names().__len__())
self.assertTrue(self.vici_wrapper.is_connection_loaded(self.connection.profile))
def test_vici_unload_connection(self):
self.assertEquals(0, self.vici_wrapper.get_connections_names().__len__())
self.vici_wrapper.load_connection(self.connection.dict())
self.assertEquals(1, self.vici_wrapper.get_connections_names().__len__())
self.vici_wrapper.unload_connection(self.connection.profile)
self.assertEquals(0, self.vici_wrapper.get_connections_names().__len__())
def test_vici_unload_all_connection(self):
self.assertEquals(0, self.vici_wrapper.get_connections_names().__len__())
self.vici_wrapper.load_connection(self.connection.dict())
self.connection.profile = 'test'
self.vici_wrapper.load_connection(self.connection.dict())
self.assertEquals(2, self.vici_wrapper.get_connections_names().__len__())
self.vici_wrapper.unload_all_connections()
self.assertEquals(0, self.vici_wrapper.get_connections_names().__len__())
def test_vici_get_connection_names(self):
self.vici_wrapper.load_connection(self.connection.dict())
self.assertEquals(self.vici_wrapper.get_connections_names()[0], 'rw')
def unload(self):
self.enabled = False
self.save()
vici_wrapper = ViciWrapper()
vici_wrapper.unload_connection(self.profile)
def handle(self):
self.form = AddOrEditForm(self.request.POST)
if not self.form.is_valid():
return self._render(self.form)
if self.form.my_poolname.lower(
) == 'dhcp' or self.form.my_poolname.lower() == 'radius':
messages.add_message(
self.request, messages.ERROR, 'Poolname "' +
self.form.my_poolname + '" not allowed in pool creation. To '
'use this name, please reference it directly from the connection wizard.'
)
return self._render(self.form)
else:
if self.form.my_attribute == 'None':
if self.form.my_attributevalues != "":
messages.add_message(
self.request, messages.ERROR,
'Can\'t add pool: Attribute values unclear for Attribute "None"'
)
return self._render(self.form)
pool = Pool(poolname=self.form.my_poolname,
addresses=self.form.my_addresses)
vici_pool = {
self.form.my_poolname: {
'addrs': self.form.my_addresses
}
}
else:
if self.form.my_attributevalues == "":
messages.add_message(
self.request, messages.ERROR,
'Can\'t add pool: Attribute values mandatory if attribute is set.'
)
return self._render(self.form)
attr = self.form.my_attribute
pool = Pool(poolname=self.form.my_poolname,
addresses=self.form.my_addresses,
attribute=attr,
attributevalues=self.form.my_attributevalues)
vici_pool = {
self.form.my_poolname: {
'addrs': self.form.my_addresses,
attr: [self.form.my_attributevalues]
}
}
try:
pool.clean()
pool.save()
vici = ViciWrapper()
vici.load_pool(vici_pool)
except ViciException as e:
messages.add_message(self.request, messages.ERROR, str(e))
pool.delete()
return self._render(self.form)
except IntegrityError:
messages.add_message(self.request, messages.ERROR,
'Poolname already in use.')
return self._render(self.form)
messages.add_message(self.request, messages.SUCCESS,
'Successfully added pool')
if self.is_add_form:
return render(self.request, 'pools/add_form.html',
{"form": AddOrEditForm()})
else:
return redirect(reverse("pools:index"))
def load(self):
self.enabled = True
self.save()
vici_wrapper = ViciWrapper()
vici_wrapper.unload_connection(self.profile)
connection_dict = self.subclass().dict()
vici_wrapper.load_connection(connection_dict)
for local in self.server_local.all():
local = local.subclass()
if local.has_private_key():
vici_wrapper.load_key(local.get_key_dict())
for remote in self.server_remote.all():
remote = remote.subclass()
if remote.has_private_key():
vici_wrapper.load_key(remote.get_key_dict())
for cert in Certificate.objects.all():
vici_wrapper.load_certificate(OrderedDict(type=cert.type, flag='None', data=cert.der_container))
def main():
vici = ViciWrapper()
load_credentials(vici)
load_pools(vici)
load_connections()
def _render(self):
pooldetails = ViciWrapper().get_pools({'leases': "yes"})
table = {"pools": pooldetails}
return render(self.request, 'pools/widgets/detailPoolTable.html',
{'table': table, 'is_refresh': True})
def load_pools(vici=ViciWrapper()):
for pool in Pool.objects.all():
vici.load_pool(pool.dict())
def load_credentials(vici=ViciWrapper()):
load_secrets(vici)
load_keys(vici)
load_certificates(vici)
def reload_secrets(self):
vici = ViciWrapper()
vici.clear_creds()
for secret in Secret.objects.all():
vici.load_secret(secret.dict())
class IntegrationTest(TestCase):
def setUp(self):
self.client = Client()
self.user = User.objects.create(username='******')
self.user.set_password('12345')
self.user.save()
self.client.login(username='******', password='******')
ca_cert = TestCertificates.strongSwan_cert.read()
cert = TestCertificates.carol_cert.read()
key = TestCertificates.carol_key.read()
manager = UserCertificateManager()
manager.add_keycontainer(cert)
manager.add_keycontainer(key)
manager.add_keycontainer(ca_cert)
for c in Certificate.objects.all():
if "carol@strongswan" in str(c.der_container):
self.carol_cert = c
else:
self.ca_cert = c
for i in self.carol_cert.identities:
if str(i.subclass()) == '*****@*****.**':
self.carol_ident = i.subclass()
self.vici_wrapper = ViciWrapper()
self.vici_wrapper.unload_all_connections()
def test_certificates_are_loaded(self):
certificates = self.vici_wrapper.get_certificates()
self.assertTrue(len(certificates) > 0)
def test_Ike2EapIntegration(self):
url_create = '/connections/add/'
response = self.client.post(url_create, {'current_form': 'Ike2EapForm', 'gateway': 'gateway', 'profile': 'EAP',
'certificate_ca': self.ca_cert.pk,
'identity_ca': "moon.strongswan.org",
'username': "******", 'password': "******"})
print(response.content.decode('utf-8'))
self.assertEquals(1, Connection.objects.count())
self.assertEquals(1, Child.objects.count())
connection = Connection.objects.first().subclass()
toggle_url = '/connections/toggle/'
self.client.post(toggle_url, {'id': connection.id})
self.assertEqual(self.vici_wrapper.get_connections_names().__len__(), 1)
self.assertEqual(self.vici_wrapper.get_sas().__len__(), 1)
self.client.post(toggle_url, {'id': connection.id})
self.assertEqual(self.vici_wrapper.get_sas().__len__(), 0)
def test_Ike2Eap_auto_ca(self):
url_create = '/connections/add/'
response = self.client.post(url_create, {'current_form': 'Ike2EapForm', 'gateway': 'gateway', 'profile': 'EAP',
'certificate_ca_auto': True, 'identity_ca': "moon.strongswan.org",
'username': "******", 'password': "******"})
print(response.content.decode('utf-8'))
self.assertEquals(1, Connection.objects.count())
self.assertEquals(1, Child.objects.count())
connection = Connection.objects.first().subclass()
toggle_url = '/connections/toggle/'
self.client.post(toggle_url, {'id': connection.id})
self.assertEqual(self.vici_wrapper.get_connections_names().__len__(), 1)
self.assertEqual(self.vici_wrapper.get_sas().__len__(), 1)
self.client.post(toggle_url, {'id': connection.id})
self.assertEqual(self.vici_wrapper.get_sas().__len__(), 0)
def test_Ike2CertificateIntegration(self):
url_create = '/connections/add/'
self.client.post(url_create, {'gateway': 'gateway', 'profile': 'Cert',
'certificate': self.carol_cert.pk, 'identity': self.carol_ident.pk,
'certificate_ca': self.ca_cert.pk, 'identity_ca': "moon.strongswan.org",
'current_form': 'Ike2CertificateForm'})
self.assertEquals(1, Connection.objects.count())
self.assertEquals(1, Child.objects.count())
connection = Connection.objects.first().subclass()
toggle_url = '/connections/toggle/'
self.client.post(toggle_url, {'id': connection.id})
self.assertEqual(self.vici_wrapper.get_connections_names().__len__(), 1)
self.assertEqual(self.vici_wrapper.get_sas().__len__(), 1)
self.client.post(toggle_url, {'id': connection.id})
self.assertEqual(self.vici_wrapper.get_sas().__len__(), 0)
def test_Ike2EapCertificateIntegration(self):
url_create = '/connections/add/'
self.client.post(url_create, {'gateway': 'gateway', 'profile': 'Eap+Cert',
'username': "******", 'password': "******",
'certificate': self.carol_cert.pk,
'identity': self.carol_cert.identities.first().pk,
'certificate_ca': self.ca_cert.pk, 'identity_ca': "moon.strongswan.org",
'current_form': 'Ike2EapCertificateForm'})
self.assertEquals(1, Connection.objects.count())
self.assertEquals(1, Child.objects.count())
connection = Connection.objects.first().subclass()
toggle_url = '/connections/toggle/'
self.client.post(toggle_url, {'id': connection.id})
self.assertEqual(self.vici_wrapper.get_connections_names().__len__(), 1)
self.assertEqual(self.vici_wrapper.get_sas().__len__(), 1)
self.client.post(toggle_url, {'id': connection.id})
self.assertEqual(self.vici_wrapper.get_sas().__len__(), 0)
def test_Ike2EapTlsIntegration(self):
url_create = '/connections/add/'
self.client.post(url_create, {'gateway': 'gateway', 'profile': 'Eap+Tls',
'certificate': self.carol_cert.pk,
'identity': self.carol_cert.identities.first().pk,
'certificate_ca': self.ca_cert.pk, 'identity_ca': "moon.strongswan.org",
'current_form': 'Ike2EapTlsForm'})
self.assertEquals(1, Connection.objects.count())
self.assertEquals(1, Child.objects.count())
connection = Connection.objects.first().subclass()
toggle_url = '/connections/toggle/'
self.client.post(toggle_url, {'id': connection.id})
self.assertEqual(self.vici_wrapper.get_connections_names().__len__(), 1)
self.assertEqual(self.vici_wrapper.get_sas().__len__(), 1)
self.client.post(toggle_url, {'id': connection.id})
self.assertEqual(self.vici_wrapper.get_sas().__len__(), 0)
def test_logs(self):
self._start_connection()
logs = self.client.post('/connections/log/', {'id': -1})
self.assertTrue(len(logs._container) > 0)
def test_logs(self):
self._start_connection()
url = '/connections/log/'
logs = self.client.post(url, {'id': -1})
self.assertTrue(len(logs._container) > 0)
def test_sa_info(self):
self._start_connection()
url = '/connections/info/'
connection = Connection.objects.first().subclass()
info = self.client.post(url, {'id': connection.id})
self.assertTrue(len(info._container) > 0)
def test_overview(self):
self._start_connection()
url = '/connections/'
overview = self.client.get(url)
self.assertEqual(overview.status_code, 200)
def test_state(self):
self._start_connection()
connection = Connection.objects.first().subclass()
url = '/connections/state/' + str(connection.id) + '/'
state = self.client.post(url)
self.assertEqual(state.status_code, 200)
def _start_connection(self):
url_create = '/connections/add/'
self.client.post(url_create, {'gateway': 'gateway', 'profile': 'Eap+Tls',
'certificate': self.carol_cert.pk,
'identity': self.carol_cert.identities.first().pk,
'certificate_ca': self.ca_cert.pk, 'identity_ca': "moon.strongswan.org",
'current_form': 'Ike2EapTlsForm'})
self.assertEquals(1, Connection.objects.count())
self.assertEquals(1, Child.objects.count())
connection = Connection.objects.first().subclass()
toggle_url = '/connections/toggle/'
self.client.post(toggle_url, {'id': connection.id})
def load_secrets(vici=ViciWrapper()):
for secret in Secret.objects.all():
vici.load_secret(secret.dict())
def start(self):
vici_wrapper = ViciWrapper()
vici_wrapper.unload_connection(self.profile)
connection_dict = self.subclass().dict()
vici_wrapper.load_connection(connection_dict)
for local in self.local.all():
local = local.subclass()
if local.has_private_key():
vici_wrapper.load_key(local.get_key_dict())
for secret in Secret.objects.filter(authentication=local):
vici_wrapper.load_secret(secret.dict())
for remote in self.remote.all():
remote = remote.subclass()
if remote.has_private_key():
vici_wrapper.load_key(remote.get_key_dict())
for secret in Secret.objects.filter(authentication=remote):
vici_wrapper.load_secret(secret.dict())
for child in self.children.all():
logs = vici_wrapper.initiate(child.name, self.profile)
for log in logs:
LogMessage(connection=self, message=log['message']).save()
def stop(self):
self.unload()
vici_wrapper = ViciWrapper()
logs = vici_wrapper.terminate_connection(self.profile)
for log in logs:
LogMessage(connection=self, message=log['message']).save()
def load(self):
self.enabled = True
self.save()
vici_wrapper = ViciWrapper()
vici_wrapper.unload_connection(self.profile)
connection_dict = self.subclass().dict()
vici_wrapper.load_connection(connection_dict)
for local in self.server_local.all():
local = local.subclass()
if local.has_private_key():
vici_wrapper.load_key(local.get_key_dict())
for remote in self.server_remote.all():
remote = remote.subclass()
if remote.has_private_key():
vici_wrapper.load_key(remote.get_key_dict())
for cert in Certificate.objects.all():
vici_wrapper.load_certificate(
OrderedDict(type=cert.type,
flag='None',
data=cert.der_container))
def start(self):
vici_wrapper = ViciWrapper()
vici_wrapper.unload_connection(self.profile)
connection_dict = self.subclass().dict()
vici_wrapper.load_connection(connection_dict)
for local in self.local.all():
local = local.subclass()
if local.has_private_key():
vici_wrapper.load_key(local.get_key_dict())
for secret in Secret.objects.filter(authentication=local):
vici_wrapper.load_secret(secret.dict())
for remote in self.remote.all():
remote = remote.subclass()
if remote.has_private_key():
vici_wrapper.load_key(remote.get_key_dict())
for secret in Secret.objects.filter(authentication=remote):
vici_wrapper.load_secret(secret.dict())
for child in self.children.all():
logs = vici_wrapper.initiate(child.name, self.profile)
for log in logs:
LogMessage(connection=self, message=log['message']).save()
def load_keys(vici=ViciWrapper()):
for key in PrivateKey.objects.all():
vici.load_key(
OrderedDict(type=key.get_algorithm_type(), data=key.der_container))
def test_vici_socket(self):
with self.assertRaises(ViciPathNotASocketException):
ViciWrapper(socket_path="/")
def load_certificates(vici=ViciWrapper()):
for cert in Certificate.objects.all():
vici.load_certificate(
OrderedDict(type=cert.type, flag='None', data=cert.der_container))
def unload(self):
self.enabled = False
self.save()
vici_wrapper = ViciWrapper()
vici_wrapper.unload_connection(self.profile)
