satusd.py: add validity check and else trees
read_config() now only add values, if the key is valid. otherwise ist passes. if read_loglevel() returns false, loglevel ist set to warning. typos fixed.
This commit is contained in:
parent
22cbb6f6e0
commit
b053403836
1 changed files with 14 additions and 4 deletions
18
statusd.py
18
statusd.py
|
@ -4,7 +4,7 @@
|
||||||
# date: 26.07.2019
|
# date: 26.07.2019
|
||||||
# email: berhsi@web.de
|
# email: berhsi@web.de
|
||||||
|
|
||||||
# server, who listen for ipv4 connections at port 10001. now with ssl
|
# server, which listens for ipv4 connections at port 10001. now with ssl
|
||||||
# encrypted connection and client side authentication.
|
# encrypted connection and client side authentication.
|
||||||
|
|
||||||
import socket
|
import socket
|
||||||
|
@ -32,8 +32,10 @@ def read_config(CONFIGFILE, CONFIG):
|
||||||
if not line[0] in ('#', ';', '\n', '\r'):
|
if not line[0] in ('#', ';', '\n', '\r'):
|
||||||
key, value = (line.strip().split('='))
|
key, value = (line.strip().split('='))
|
||||||
key = strip_argument(key).upper()
|
key = strip_argument(key).upper()
|
||||||
value = strip_argument(value)
|
if key in CONFIG.keys():
|
||||||
CONFIG[key] = value
|
value = strip_argument(value)
|
||||||
|
CONFIG[key] = value
|
||||||
|
else: pass
|
||||||
else:
|
else:
|
||||||
logging.error('Failed to read {}'.format(CONFIGFILE))
|
logging.error('Failed to read {}'.format(CONFIGFILE))
|
||||||
logging.error('Using default values')
|
logging.error('Using default values')
|
||||||
|
@ -250,9 +252,16 @@ def main():
|
||||||
if loglevel != False:
|
if loglevel != False:
|
||||||
logger = logging.getLogger()
|
logger = logging.getLogger()
|
||||||
logger.setLevel(loglevel)
|
logger.setLevel(loglevel)
|
||||||
|
else:
|
||||||
|
loglevel = logging.WARNING
|
||||||
|
logger = logging.getLogger()
|
||||||
|
logger.setLevel(loglevel)
|
||||||
|
loggin.warning('Invalid value for loglevel. Set default value')
|
||||||
|
|
||||||
print_config(CONFIG)
|
print_config(CONFIG)
|
||||||
|
|
||||||
|
# todo: zertifikate sollten nur lesbar sein!
|
||||||
|
|
||||||
if certs_readable(CONFIG) == False:
|
if certs_readable(CONFIG) == False:
|
||||||
logging.error('Cert check failed\nExit')
|
logging.error('Cert check failed\nExit')
|
||||||
exit()
|
exit()
|
||||||
|
@ -264,6 +273,7 @@ def main():
|
||||||
context.load_verify_locations(cafile = CONFIG['CLIENT_CERT'])
|
context.load_verify_locations(cafile = CONFIG['CLIENT_CERT'])
|
||||||
context.set_ciphers('EECDH+AESGCM') # only ciphers for tls 1.2 and 1.3
|
context.set_ciphers('EECDH+AESGCM') # only ciphers for tls 1.2 and 1.3
|
||||||
context.options = ssl.OP_CIPHER_SERVER_PREFERENCE
|
context.options = ssl.OP_CIPHER_SERVER_PREFERENCE
|
||||||
|
# ssl + kompression = schlecht
|
||||||
context.options |= getattr(ssl._ssl, 'OP_NO_COMPRESSION', 0)
|
context.options |= getattr(ssl._ssl, 'OP_NO_COMPRESSION', 0)
|
||||||
logging.debug('SSL context created')
|
logging.debug('SSL context created')
|
||||||
# print_ciphers(context.get_ciphers())
|
# print_ciphers(context.get_ciphers())
|
||||||
|
@ -312,7 +322,7 @@ def main():
|
||||||
logging.info('Failed to change status')
|
logging.info('Failed to change status')
|
||||||
if conn:
|
if conn:
|
||||||
conn.send(b'\x03')
|
conn.send(b'\x03')
|
||||||
# recive_handle returns false:
|
# receive_handle returns false:
|
||||||
else:
|
else:
|
||||||
logging.info('Invalid argument recived: {}'.format(raw_data))
|
logging.info('Invalid argument recived: {}'.format(raw_data))
|
||||||
logging.debug('Send {} back'.format(b'\x03'))
|
logging.debug('Send {} back'.format(b'\x03'))
|
||||||
|
|
Loading…
Reference in a new issue