2015-12-12 22:34:08 +00:00
|
|
|
|
|
|
|
|
from datetime import datetime
|
2017-01-26 22:31:06 +00:00
|
|
|
from dateutil import tz
|
2015-12-12 22:34:08 +00:00
|
|
|
from pyasn1.codec.der import decoder
|
|
|
|
|
from certidude import config
|
|
|
|
|
from certidude.auth import login_required, authorize_admin
|
|
|
|
|
from certidude.decorators import serialize
|
|
|
|
|
|
2017-01-26 22:31:06 +00:00
|
|
|
localtime = tz.tzlocal()
|
|
|
|
|
|
2015-12-12 22:34:08 +00:00
|
|
|
OIDS = {
|
|
|
|
|
(2, 5, 4, 3) : 'CN', # common name
|
|
|
|
|
(2, 5, 4, 6) : 'C', # country
|
|
|
|
|
(2, 5, 4, 7) : 'L', # locality
|
|
|
|
|
(2, 5, 4, 8) : 'ST', # stateOrProvince
|
|
|
|
|
(2, 5, 4, 10) : 'O', # organization
|
|
|
|
|
(2, 5, 4, 11) : 'OU', # organizationalUnit
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
def parse_dn(data):
|
|
|
|
|
chunks, remainder = decoder.decode(data)
|
|
|
|
|
dn = ""
|
|
|
|
|
if remainder:
|
|
|
|
|
raise ValueError()
|
|
|
|
|
# TODO: Check for duplicate entries?
|
|
|
|
|
def generate():
|
|
|
|
|
for chunk in chunks:
|
|
|
|
|
for chunkette in chunk:
|
|
|
|
|
key, value = chunkette
|
|
|
|
|
yield str(OIDS[key] + "=" + value)
|
|
|
|
|
return ", ".join(generate())
|
|
|
|
|
|
|
|
|
|
|
2017-01-26 21:59:12 +00:00
|
|
|
class StatusFileLeaseResource(object):
|
|
|
|
|
def __init__(self, uri):
|
|
|
|
|
self.uri = uri
|
|
|
|
|
|
|
|
|
|
@serialize
|
|
|
|
|
@login_required
|
|
|
|
|
@authorize_admin
|
|
|
|
|
def on_get(self, req, resp):
|
|
|
|
|
from openvpn_status import parse_status
|
|
|
|
|
from urllib import urlopen
|
|
|
|
|
fh = urlopen(self.uri)
|
2017-01-26 22:31:06 +00:00
|
|
|
# openvpn-status.log has no information about timezone
|
|
|
|
|
# and dates marked there use local time instead of UTC
|
2017-01-26 21:59:12 +00:00
|
|
|
status = parse_status(fh.read())
|
|
|
|
|
for cn, e in status.routing_table.items():
|
|
|
|
|
yield {
|
2017-01-30 06:27:12 +00:00
|
|
|
"acquired": status.client_list[cn].connected_since.replace(tzinfo=localtime),
|
2017-01-26 21:59:12 +00:00
|
|
|
"released": None,
|
|
|
|
|
"address": e.virtual_address,
|
|
|
|
|
"identity": "CN=%s" % cn, # BUGBUG
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2015-12-12 22:34:08 +00:00
|
|
|
class LeaseResource(object):
|
|
|
|
|
@serialize
|
|
|
|
|
@login_required
|
|
|
|
|
@authorize_admin
|
|
|
|
|
def on_get(self, req, resp):
|
|
|
|
|
from ipaddress import ip_address
|
|
|
|
|
|
|
|
|
|
# BUGBUG
|
|
|
|
|
SQL_LEASES = """
|
2015-12-18 12:49:37 +00:00
|
|
|
select
|
2015-12-12 22:34:08 +00:00
|
|
|
acquired,
|
|
|
|
|
released,
|
|
|
|
|
address,
|
|
|
|
|
identities.data as identity
|
2015-12-18 12:49:37 +00:00
|
|
|
from
|
2015-12-12 22:34:08 +00:00
|
|
|
addresses
|
2015-12-18 12:49:37 +00:00
|
|
|
right join
|
2015-12-12 22:34:08 +00:00
|
|
|
identities
|
2015-12-18 12:49:37 +00:00
|
|
|
on
|
2015-12-12 22:34:08 +00:00
|
|
|
identities.id = addresses.identity
|
2015-12-18 12:49:37 +00:00
|
|
|
where
|
2015-12-12 22:34:08 +00:00
|
|
|
addresses.released <> 1
|
2015-12-18 12:49:37 +00:00
|
|
|
order by
|
|
|
|
|
addresses.id
|
|
|
|
|
desc
|
2015-12-12 22:34:08 +00:00
|
|
|
"""
|
2016-01-10 17:51:54 +00:00
|
|
|
conn = config.DATABASE_POOL.get_connection()
|
|
|
|
|
cursor = conn.cursor()
|
2015-12-12 22:34:08 +00:00
|
|
|
cursor.execute(SQL_LEASES)
|
|
|
|
|
|
|
|
|
|
for acquired, released, address, identity in cursor:
|
|
|
|
|
yield {
|
|
|
|
|
"acquired": datetime.utcfromtimestamp(acquired),
|
|
|
|
|
"released": datetime.utcfromtimestamp(released) if released else None,
|
|
|
|
|
"address": ip_address(bytes(address)),
|
|
|
|
|
"identity": parse_dn(bytes(identity))
|
|
|
|
|
}
|
|
|
|
|
|
2016-01-10 17:51:54 +00:00
|
|
|
cursor.close()
|
|
|
|
|
conn.close()
|
