1
0
mirror of https://github.com/GNS3/gns3-server synced 2024-11-28 11:18:11 +00:00

Enabled HTTP Auth, SSL and DMS disabling based on cloud.conf availability

This commit is contained in:
Michael 2014-09-08 21:51:56 -06:00
parent 17e4b51d18
commit 4fa87005bc
3 changed files with 47 additions and 30 deletions

View File

@ -29,6 +29,9 @@ log = logging.getLogger(__name__)
class GNS3BaseHandler(tornado.web.RequestHandler): class GNS3BaseHandler(tornado.web.RequestHandler):
def get_current_user(self): def get_current_user(self):
if 'required_user' not in self.settings:
return "FakeUser"
user = self.get_secure_cookie("user") user = self.get_secure_cookie("user")
if not user: if not user:
return None return None
@ -38,6 +41,9 @@ class GNS3BaseHandler(tornado.web.RequestHandler):
class GNS3WebSocketBaseHandler(tornado.websocket.WebSocketHandler): class GNS3WebSocketBaseHandler(tornado.websocket.WebSocketHandler):
def get_current_user(self): def get_current_user(self):
if 'required_user' not in self.settings:
return "FakeUser"
user = self.get_secure_cookie("user") user = self.get_secure_cookie("user")
if not user: if not user:
return None return None

View File

@ -54,6 +54,16 @@ class DeadMan(IModule):
if 'heartbeat_file' in kwargs: if 'heartbeat_file' in kwargs:
self._heartbeat_file = kwargs['heartbeat_file'] self._heartbeat_file = kwargs['heartbeat_file']
self._is_enabled = False
try:
cloud_config = Config.instance().get_section_config("CLOUD_SERVER")
instance_id = cloud_config["instance_id"]
cloud_user_name = cloud_config["cloud_user_name"]
cloud_api_key = cloud_config["cloud_api_key"]
self._is_enabled = True
except KeyError:
log.critical("Missing cloud.conf - disabling Deadman Switch")
self._deadman_process = None self._deadman_process = None
self.heartbeat() self.heartbeat()
self.start() self.start()
@ -73,7 +83,7 @@ class DeadMan(IModule):
cmd.append("--file") cmd.append("--file")
cmd.append("%s" % (self._heartbeat_file)) cmd.append("%s" % (self._heartbeat_file))
cmd.append("--background") cmd.append("--background")
log.debug("Deadman: Running %s"%(cmd)) log.debug("Deadman: Running command: %s"%(cmd))
process = subprocess.Popen(cmd, stderr=subprocess.STDOUT, shell=False) process = subprocess.Popen(cmd, stderr=subprocess.STDOUT, shell=False)
return process return process
@ -87,7 +97,7 @@ class DeadMan(IModule):
cmd.append("gns3dms") cmd.append("gns3dms")
cmd.append("-k") cmd.append("-k")
log.debug("Deadman: Running %s"%(cmd)) log.debug("Deadman: Running command: %s"%(cmd))
process = subprocess.Popen(cmd, shell=False) process = subprocess.Popen(cmd, shell=False)
return process return process
@ -116,6 +126,7 @@ class DeadMan(IModule):
Start the deadman process on the server Start the deadman process on the server
""" """
if self._is_enabled:
self._deadman_process = self._start_deadman_process() self._deadman_process = self._start_deadman_process()
log.debug("Deadman: Process is starting") log.debug("Deadman: Process is starting")

View File

@ -140,37 +140,43 @@ class Server(object):
JSONRPCWebSocket.register_destination(destination, instance.name) JSONRPCWebSocket.register_destination(destination, instance.name)
instance.start() # starts the new process instance.start() # starts the new process
def _dummy_cloud_config(self):
config = configparser.ConfigParser()
config["CLOUD_SERVER"] = {
"WEB_AUTH_ENABLED" : "no",
"WEB_USERNAME" : "",
"WEB_PASSWORD" : "",
"SSL_ENABLED" : "no",
}
return config["CLOUD_SERVER"]
def run(self): def run(self):
""" """
Starts the Tornado web server and ZeroMQ server. Starts the Tornado web server and ZeroMQ server.
""" """
# FIXME: debug mode!
try:
cloud_config = Config.instance().get_section_config("CLOUD_SERVER")
except KeyError:
cloud_config = self._dummy_cloud_config()
settings = { settings = {
"debug":True, "debug":True,
"cookie_secret": base64.b64encode(uuid.uuid4().bytes + uuid.uuid4().bytes), "cookie_secret": base64.b64encode(uuid.uuid4().bytes + uuid.uuid4().bytes),
"login_url": "/login", "login_url": "/login",
}
ssl_options = {}
try:
cloud_config = Config.instance().get_section_config("CLOUD_SERVER")
cloud_settings = {
"required_user" : cloud_config['WEB_USERNAME'], "required_user" : cloud_config['WEB_USERNAME'],
"required_pass" : cloud_config['WEB_PASSWORD'], "required_pass" : cloud_config['WEB_PASSWORD'],
} }
settings.update(cloud_settings)
if cloud_config["SSL_ENABLED"] == "yes":
ssl_options = {
"certfile" : cloud_config["SSL_CRT"],
"keyfile" : cloud_config["SSL_KEY"],
}
log.info("Certs found - starting in SSL mode")
except KeyError:
log.info("Missing cloud.conf - disabling HTTP auth and SSL")
router = self._create_zmq_router() router = self._create_zmq_router()
# Add our JSON-RPC Websocket handler to Tornado # Add our JSON-RPC Websocket handler to Tornado
self.handlers.extend([(r"/", JSONRPCWebSocket, dict(zmq_router=router))]) self.handlers.extend([(r"/", JSONRPCWebSocket, dict(zmq_router=router))])
@ -190,13 +196,7 @@ class Server(object):
zmq.zmq_version())) zmq.zmq_version()))
kwargs = {"address": self._host} kwargs = {"address": self._host}
if cloud_config["SSL_ENABLED"] == "yes": if ssl_options:
ssl_options = {
"certfile" : cloud_config["SSL_CRT"],
"keyfile" : cloud_config["SSL_KEY"],
}
log.info("Certs found - starting in SSL mode")
kwargs["ssl_options"] = ssl_options kwargs["ssl_options"] = ssl_options
if parse_version(tornado.version) >= parse_version("3.1"): if parse_version(tornado.version) >= parse_version("3.1"):