Enabled HTTP Auth, SSL and DMS disabling based on cloud.conf availability

10 years ago · 4fa87005bc
parent 17e4b51d18
commit 4fa87005bc
3 changed files with 47 additions and 30 deletions
--- a/gns3server/handlers/auth_handler.py
+++ b/gns3server/handlers/auth_handler.py
@ -29,6 +29,9 @@ log = logging.getLogger(__name__)

 class GNS3BaseHandler(tornado.web.RequestHandler):
    def get_current_user(self):
+        if 'required_user' not in self.settings:
+            return "FakeUser"
+
        user = self.get_secure_cookie("user")
        if not user:
          return None
@ -38,6 +41,9 @@ class GNS3BaseHandler(tornado.web.RequestHandler):

 class GNS3WebSocketBaseHandler(tornado.websocket.WebSocketHandler):
    def get_current_user(self):
+        if 'required_user' not in self.settings:
+            return "FakeUser"
+
        user = self.get_secure_cookie("user")
        if not user:
          return None
--- a/gns3server/modules/deadman/init.py
+++ b/gns3server/modules/deadman/init.py
@ -54,6 +54,16 @@ class DeadMan(IModule):
        if 'heartbeat_file' in kwargs:
            self._heartbeat_file = kwargs['heartbeat_file']

+        self._is_enabled = False
+        try:
+            cloud_config = Config.instance().get_section_config("CLOUD_SERVER")
+            instance_id = cloud_config["instance_id"]
+            cloud_user_name = cloud_config["cloud_user_name"]
+            cloud_api_key = cloud_config["cloud_api_key"]
+            self._is_enabled = True
+        except KeyError:
+            log.critical("Missing cloud.conf - disabling Deadman Switch")
+
        self._deadman_process = None
        self.heartbeat()
        self.start()
@ -73,7 +83,7 @@ class DeadMan(IModule):
        cmd.append("--file")
        cmd.append("%s" % (self._heartbeat_file))
        cmd.append("--background")
-        log.debug("Deadman: Running %s"%(cmd))
+        log.debug("Deadman: Running command: %s"%(cmd))

        process = subprocess.Popen(cmd, stderr=subprocess.STDOUT, shell=False)
        return process
@ -87,7 +97,7 @@ class DeadMan(IModule):

        cmd.append("gns3dms")
        cmd.append("-k")
-        log.debug("Deadman: Running %s"%(cmd))
+        log.debug("Deadman: Running command: %s"%(cmd))

        process = subprocess.Popen(cmd, shell=False)
        return process
@ -116,8 +126,9 @@ class DeadMan(IModule):
        Start the deadman process on the server
        """

-        self._deadman_process = self._start_deadman_process()
-        log.debug("Deadman: Process is starting")
+        if self._is_enabled:
+            self._deadman_process = self._start_deadman_process()
+            log.debug("Deadman: Process is starting")

    @IModule.route("deadman.reset")
    def reset(self, request=None):
--- a/gns3server/server.py
+++ b/gns3server/server.py
@ -140,37 +140,43 @@ class Server(object):
                JSONRPCWebSocket.register_destination(destination, instance.name)
            instance.start()  # starts the new process

-    def _dummy_cloud_config(self):
-
-       config = configparser.ConfigParser()
-       config["CLOUD_SERVER"] = {
-           "WEB_AUTH_ENABLED" : "no",
-           "WEB_USERNAME" : "",
-           "WEB_PASSWORD" : "",
-           "SSL_ENABLED"  : "no",
-       }
-
-       return config["CLOUD_SERVER"]

    def run(self):
        """
        Starts the Tornado web server and ZeroMQ server.
        """

-        # FIXME: debug mode!
-        try:
-            cloud_config = Config.instance().get_section_config("CLOUD_SERVER")
-        except KeyError:
-            cloud_config = self._dummy_cloud_config()
-
        settings = {
            "debug":True,
            "cookie_secret": base64.b64encode(uuid.uuid4().bytes + uuid.uuid4().bytes),
            "login_url": "/login",
-            "required_user" : cloud_config['WEB_USERNAME'],
-            "required_pass" : cloud_config['WEB_PASSWORD'],
        }

+        ssl_options = {}
+
+        try:
+            cloud_config = Config.instance().get_section_config("CLOUD_SERVER")
+
+            cloud_settings = {
+
+                "required_user" : cloud_config['WEB_USERNAME'],
+                "required_pass" : cloud_config['WEB_PASSWORD'],
+            }
+
+            settings.update(cloud_settings)
+
+            if cloud_config["SSL_ENABLED"] == "yes":
+                ssl_options = {
+                    "certfile" : cloud_config["SSL_CRT"],
+                    "keyfile" : cloud_config["SSL_KEY"],
+                }
+
+                log.info("Certs found - starting in SSL mode")
+
+        except KeyError:
+            log.info("Missing cloud.conf - disabling HTTP auth and SSL")
+
+
        router = self._create_zmq_router()
        # Add our JSON-RPC Websocket handler to Tornado
        self.handlers.extend([(r"/", JSONRPCWebSocket, dict(zmq_router=router))])
@ -190,13 +196,7 @@ class Server(object):
                                                                                      zmq.zmq_version()))
            kwargs = {"address": self._host}

-            if cloud_config["SSL_ENABLED"] == "yes":
-                ssl_options = {
-                    "certfile" : cloud_config["SSL_CRT"],
-                    "keyfile" : cloud_config["SSL_KEY"],
-                }
-
-                log.info("Certs found - starting in SSL mode")
+            if ssl_options:
                kwargs["ssl_options"] = ssl_options

            if parse_version(tornado.version) >= parse_version("3.1"):