Add openvpn-status.log support

2025-10-31 01:19:11 +00:00 · 2017-01-26 21:59:12 +00:00
parent 1925207a6d
commit 1ec5ad3b7c
4 changed files with 44 additions and 7 deletions
--- a/certidude/api/init.py
+++ b/certidude/api/init.py
@@ -75,7 +75,7 @@ class SessionResource(object):
            ) if req.context.get("user").is_admin() else None,
            features=dict(
                tagging=config.TAGGING_BACKEND,
-                leases=False, #config.LEASES_BACKEND,
+                leases=config.LEASES_BACKEND,
                logging=config.LOGGING_BACKEND))


@@ -122,7 +122,7 @@ def certidude_app():
    from .revoked import RevocationListResource
    from .signed import SignedCertificateListResource, SignedCertificateDetailResource
    from .request import RequestListResource, RequestDetailResource
-    from .lease import LeaseResource
+    from .lease import LeaseResource, StatusFileLeaseResource
    from .whois import WhoisResource
    from .tag import TagResource, TagDetailResource
    from .cfg import ConfigResource, ScriptResource
@@ -140,8 +140,11 @@ def certidude_app():
    app.add_route("/api/", SessionResource())

    # Gateway API calls, should this be moved to separate project?
-    app.add_route("/api/lease/", LeaseResource())
-    app.add_route("/api/whois/", WhoisResource())
+    if config.LEASES_BACKEND == "openvpn-status":
+        app.add_route("/api/lease/", StatusFileLeaseResource(config.OPENVPN_STATUS_URI))
+    elif config.LEASES_BACKEND == "sql":
+        app.add_route("/api/lease/", LeaseResource())
+        app.add_route("/api/whois/", WhoisResource())

    # Optional user enrollment API call
    if config.USER_CERTIFICATE_ENROLLMENT:
--- a/certidude/api/lease.py
+++ b/certidude/api/lease.py
@@ -28,6 +28,27 @@ def parse_dn(data):
    return ", ".join(generate())


+class StatusFileLeaseResource(object):
+    def __init__(self, uri):
+        self.uri = uri
+
+    @serialize
+    @login_required
+    @authorize_admin
+    def on_get(self, req, resp):
+        from openvpn_status import parse_status
+        from urllib import urlopen
+        fh = urlopen(self.uri)
+        status = parse_status(fh.read())
+        for cn, e in status.routing_table.items():
+            yield {
+                "acquired": status.client_list[cn].connected_since,
+                "released": None,
+                "address":  e.virtual_address,
+                "identity": "CN=%s" % cn, # BUGBUG
+            }
+
+
 class LeaseResource(object):
    @serialize
    @login_required