Mercurial Mercurial > beremiz / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
runtime/Stunnel.py
changeset 2492 7dd551ac2fa0
parent 2339 48b4eba13064
child 2542 a3ec35ee94e7
equal deleted inserted replaced
2491:362039519454 2492:7dd551ac2fa0 
       
     1 from __future__ import absolute_import
 
     1 import os
 
     2 import os
 
     2 from binascii import b2a_hqx
 
     3 from binascii import b2a_hqx
 
     3 try:
 
     4 try:
 
     4     from runtime.spawn_subprocess import call
 
     5     from runtime.spawn_subprocess import call
 
     5 except ImportError:
 
     6 except ImportError:
 
     6     from subprocess import call
 
     7     from subprocess import call
 
     7 
     8 
     8 restart_stunnel_cmdline = ["/etc/init.d/S50stunnel","restart"]
 
     9 restart_stunnel_cmdline = ["/etc/init.d/S50stunnel", "restart"]
 
     9 
    10 
    10 _PSKpath = None
 
    11 _PSKpath = None
 
       
    12 
    11 
    13 
    12 def PSKgen(ID, PSKpath):
 
    14 def PSKgen(ID, PSKpath):
 
    13 
    15 
    14     # b2a_hqx output len is 4/3 input len
 
    16     # b2a_hqx output len is 4/3 input len
 
    15     secret = os.urandom(192) # int(256/1.3333)
 
    17     secret = os.urandom(192)  # int(256/1.3333)
 
    16     secretstring = b2a_hqx(secret)
 
    18     secretstring = b2a_hqx(secret)
 
    17 
    19 
    18     PSKstring = ID+":"+secretstring
 
    20     PSKstring = ID+":"+secretstring
 
    19     with open(PSKpath, 'w') as f:
 
    21     with open(PSKpath, 'w') as f:
 
    20         f.write(PSKstring)
 
    22         f.write(PSKstring)
 
    21     call(restart_stunnel_cmdline)
 
    23     call(restart_stunnel_cmdline)
 
       
    24 
    22 
    25 
    23 def ensurePSK(ID, PSKpath):
 
    26 def ensurePSK(ID, PSKpath):
 
    24     global _PSKpath
 
    27     global _PSKpath
 
    25     _PSKpath = PSKpath
 
    28     _PSKpath = PSKpath
 
    26     # check if already there
 
    29     # check if already there
 
    27     if not os.path.exists(PSKpath):
 
    30     if not os.path.exists(PSKpath):
 
    28         # create if needed
 
    31         # create if needed
 
    29         PSKgen(ID, PSKpath)
 
    32         PSKgen(ID, PSKpath)
 
    30 
    33 
    31 def getPSKID():
 
    34 
    32     if _PSKpath is not None :
 
    35 def getPSKID(errorlog):
 
       
    36     if _PSKpath is not None:
 
    33         if not os.path.exists(_PSKpath):
 
    37         if not os.path.exists(_PSKpath):
 
    34             confnodesroot.logger.write_error(
 
    38             errorlog(
 
    35                 'Error: Pre-Shared-Key Secret in %s is missing!\n' % _PSKpath)
 
    39                 'Error: Pre-Shared-Key Secret in %s is missing!\n' % _PSKpath)
 
    36             return None
 
    40             return None
 
    37         ID,_sep,PSK = open(_PSKpath).read().partition(':')
 
    41         ID, _sep, PSK = open(_PSKpath).read().partition(':')
 
    38         PSK = PSK.rstrip('\n\r')
 
    42         PSK = PSK.rstrip('\n\r')
 
    39         return (ID,PSK)
 
    43         return (ID, PSK)
 
    40     return None
 
    44     return None
 
    41
beremiz