summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJannik Schönartz2019-02-13 15:04:25 +0100
committerJannik Schönartz2019-02-13 15:04:25 +0100
commit4a7f8953a87fa838b2006a0f8e1877cf8340d120 (patch)
tree0c0f0d59dafa1c304ad38719c0affe7d2d41fe17
parentReplace timestamps in the log with unix timestamps (diff)
downloadbwlp-monitoring-4a7f8953a87fa838b2006a0f8e1877cf8340d120.tar.gz
bwlp-monitoring-4a7f8953a87fa838b2006a0f8e1877cf8340d120.tar.xz
bwlp-monitoring-4a7f8953a87fa838b2006a0f8e1877cf8340d120.zip
Thrift chang to default ssl context
Instead of the filepath of the certs the default ssl context is used Instead of the three file paths you can give as 6th arguments true / false to enable / disable ssl
-rw-r--r--bwlp.config10
-rwxr-xr-xmain.py19
2 files changed, 16 insertions, 13 deletions
diff --git a/bwlp.config b/bwlp.config
index af5a214..4dcf744 100644
--- a/bwlp.config
+++ b/bwlp.config
@@ -1,8 +1,7 @@
# ping name host
# https name host
# thrift name host port SAT/MASTER
-# tftp name host port filename
-# tftp name host port filename cafile certfile keyfile
+# tftp name host port filename ssl(true/false)
https Masterserver HTTPS Service https://bwlp-masterserver.ruf.uni-freiburg.de
https Fail Test 5121236
https Fail Test https://www.amazony.de/
@@ -11,9 +10,10 @@ ping Fileserver Ping files.bwlp.ks.uni-freiburg.de
ping Backup fileserver Ping bwlp-backup.ruf.uni-freiburg.de
ping Ping Fail 0.0.0.1
thrift Thrift SAT 132.230.8.192 9090 SAT
-thrift Thrift MASTER 132.230.4.16 9090 MASTER
-# thrift Thrift Timeout 132.230.4.16 9092 MASTER
-thrift Thrift SSL test 132.230.4.16 9091 MASTER ssl/CA.pem ssl/client.crt ssl/client.key
+thrift Thrift MASTER 132.230.4.16 9090 MASTER false
+# thrift Thrift Timeout 132.230.4.16 9092 MASTER false
+thrift Thrift SAT SSL test 132.230.8.192 9091 SAT true
+thrift Thrift MASTER SSL test 132.230.4.16 9091 MASTER true
ping BAS Ping bas.intra.uni-freiburg.de
ping yc 127.0.0.2
ping yx 127.0.0.3
diff --git a/main.py b/main.py
index 4811db2..3008c39 100755
--- a/main.py
+++ b/main.py
@@ -3,6 +3,7 @@ import datetime
import logging
import os
import shutil
+import ssl
import subprocess
import tftpy
import thriftpy
@@ -117,20 +118,26 @@ def tftp(name, host, port, filename):
logStatus(statusList[-1])
# Creates the thrift client and prwlp-pxe.ruf.uni-freiburg.de .ceeds the get Organisations call. Server can either be SAT or MASTER
-def thrift(name, ip, port, server, cafile=None, certfile=None, keyfile=None):
+def thrift(name, ip, port, server, SSL=False):
host = ip + ':' + str(port)
print('THRIFT request ' + host + ' ...', end='')
bwlp_thrift = thriftpy.load('bwlp.thrift', module_name='bwlp_thrift')
+
+ # SSL factory
+ ssl_factory = None
+ if SSL == 'true':
+ # ssl_factory = ssl.create_default_context()
+ ssl_factory = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH)
organisations = []
# Different clients for SAT / Master is needed.
try:
if server == 'SAT':
- satserver = make_client(bwlp_thrift.SatelliteServer, host=ip, port=port, trans_factory=TFramedTransportFactory(), cafile=cafile, certfile=certfile, keyfile=keyfile)
+ satserver = make_client(bwlp_thrift.SatelliteServer, host=ip, port=port, trans_factory=TFramedTransportFactory(), ssl_context=ssl_factory)
organisations = satserver.getAllOrganizations()
elif server == 'MASTER':
- masterserver = make_client(bwlp_thrift.MasterServer, host=ip, port=port, trans_factory=TFramedTransportFactory(), cafile=cafile, certfile=certfile, keyfile=keyfile)
+ masterserver = make_client(bwlp_thrift.MasterServer, host=ip, port=port, trans_factory=TFramedTransportFactory(), ssl_context=ssl_factory)
organisations = masterserver.getOrganizations()
organisationList = []
@@ -211,11 +218,7 @@ def check(entry):
https(entry[1], entry[2])
elif entry[0] == 'thrift':
if (len(entry) < 5): return
- elif (len(entry) == 5):
- thrift(entry[1], entry[2], int(entry[3]), entry[4])
- elif (len(entry) == 8):
- # SSL attributes
- thrift(entry[1], entry[2], int(entry[3]), entry[4], entry[5], entry[6], entry[7])
+ thrift(entry[1], entry[2], int(entry[3]), entry[4], entry[5] if len(entry) == 6 else 'false')
elif entry[0] == 'tftp':
if (len(entry) < 5): return
tftp(entry[1], entry[2], int(entry[3]), entry[4])