doorstatus/source/server/setstatus.py

252 lines
8.4 KiB
Python
Raw Permalink Normal View History

2020-10-22 23:58:17 +02:00
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# file: setstatus.py
# date: 26.07.2019
# email: berhsi@web.de
2020-07-09 20:12:49 +02:00
# Setstatus.py is part of doorstatus - a programm to deal with the
# krautspaces doorstatus.
# client, who connects to the statusserver at port 10001 to update the
2022-04-06 10:43:16 +02:00
# krautspace door status.
2020-09-04 19:58:23 +02:00
import os
import ssl
2020-07-09 20:12:49 +02:00
import socket
import logging
import configparser
2020-09-07 15:19:07 +02:00
from time import sleep
from sys import exit, argv
2020-10-22 23:58:17 +02:00
# basic configuration
loglevel = logging.WARNING
formatstring = '%(asctime)s: %(levelname)s: %(message)s'
logging.basicConfig(format=formatstring, level=loglevel)
class SetStatus:
def __init__(self):
"""
"""
self.status = None
self.config = None
self.log = None
self.context = None
self.connection = None
self.configfile = './setstatus.conf'
self.config = configparser.ConfigParser()
self.default_config = {
'general': {
'timeout': 5.0,
'loglevel': 'warning'
},
'server': {
'host': 'localhost',
'port': 10001,
'cert': './certs/server-pub.pem',
'fqdn': 'kraut.space'
},
'client': {
'cert': './certs/client-pub.pem',
'key': './certs/client-key.pem'
}
}
2020-09-04 19:58:23 +02:00
2020-10-22 23:58:17 +02:00
def check_status(self):
"""
checkes, if the self.status variable is a valid value
2020-10-22 23:58:17 +02:00
return: boolean
"""
if self.status in ('0', '1'):
self.log.debug('Set status to {}'.format(self.status))
2020-10-22 23:58:17 +02:00
return True
self.log.debug('{} is not a valid status'.format(self.status))
2020-09-07 15:19:07 +02:00
return False
2020-10-22 23:58:17 +02:00
def set_config(self):
"""
Tries to read and use the values from the configuration file. If
this failes, we still use the default values.
2020-10-22 23:58:17 +02:00
"""
self.log = logging.getLogger()
# read config file
self.config.read_dict(self.default_config)
if not self.config.read(self.configfile):
self.log.warning('Configuration file {} not found or not '
' readable.'.format(self.configfile))
self.log.warning('Using default values.')
# set loglevel
config_loglevel = self.config['general']['loglevel']
default_loglevel = self.default_config['general']['loglevel']
if not config_loglevel.lower() in ('critical', 'error','warning',
'info', 'debug'):
self.log.warning('Invalid loglevel {} given. Using default '
'level {}.'.format(config_loglevel,
default_loglevel))
self.config.set('general', 'loglevel', default_loglevel)
self.log.setLevel(config_loglevel.upper())
def check_certs(self, certs):
"""
Check if certs are readable.
return: boolean
2020-10-22 23:58:17 +02:00
"""
self.log.debug('Check certificates')
for certfile in certs:
if os.access(certfile, os.R_OK) is False:
self.log.error('Failed to read certificate: {}'.format( \
certfile))
return False
return True
def log_config(self):
"""
Logs the config if loglevel is debug.
"""
logging.debug('Using config:')
for section in self.config.sections():
logging.debug('Section {}'.format(section))
for i in self.config[section]:
logging.debug(' {}: {}'.format(i, self.config[section][i]))
def create_ssl_context(self):
"""
Creates SSL context
return: context object or false
2020-10-22 23:58:17 +02:00
"""
try:
context = ssl.create_default_context(purpose=ssl.Purpose.SERVER_AUTH)
except Exception as e:
2020-10-22 23:58:17 +02:00
self.log.error('Failed to create SSL Context')
return False
context.load_verify_locations(cafile=self.config['server']['cert'])
context.load_cert_chain(certfile=self.config['client']['cert'],
keyfile=self.config['client']['key'])
2020-10-22 23:58:17 +02:00
context.set_ciphers('EECDH+AESGCM') # only ciphers for tls 1.2 and 1.3
context.options |= getattr(ssl._ssl, 'OP_NO_COMPRESSION', 0)
self.log.debug('SSL context created')
return context
def create_ssl_socket(self, config, context):
"""
Opens a socket and wrapes the socket into the given ssl context.
param1: dictionary
param2: ssl context
return: ssl-socket or false
2020-10-22 23:58:17 +02:00
"""
bare_socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM, 0)
if not bare_socket:
logging.error('Socket creation failed')
return False
logging.debug('Socket created')
2020-09-07 15:19:07 +02:00
try:
2020-10-22 23:58:17 +02:00
secure_socket = context.wrap_socket(bare_socket, server_side=False,
server_hostname=config['server']['fqdn'])
logging.debug('Socket wrapped with SSL')
2020-09-07 15:19:07 +02:00
except Exception as e:
2020-10-22 23:58:17 +02:00
logging.error('Context wrapper failed: {}'.format(e))
return False
try:
secure_socket.settimeout(float(config['general']['timeout']))
except Exception as e:
logging.debug('Failed to set timeout: {}'.format(e))
return secure_socket
def create_ssl_connection(self):
"""
"""
counter = 0
conn = False
while conn is False and counter < 5:
ssl_socket = self.create_ssl_socket(self.config, self.context)
if ssl_socket is False:
exit(4)
try:
self.log.debug('Connect {}: {}'.format(self.config['server']['host'],
int(self.config['server']['port'])))
conn = ssl_socket.connect((self.config['server']['host'],
int(self.config['server']['port'])))
except socket.timeout:
self.log.error('Connection timeout')
ssl_socket.close()
sleep(5)
counter += 1
except Exception as e:
self.log.error('Connection failed: {}'.format(e))
exit(5)
self.log.debug('Conection established')
self.log.debug('Peer certificate commonName: {}'.format(
2020-09-07 15:19:07 +02:00
ssl_socket.getpeercert()['subject'][5][0][1]))
2020-10-22 23:58:17 +02:00
self.log.debug('Peer certificate serialNumber: {}'.format(
ssl_socket.getpeercert()['serialNumber']))
return ssl_socket
def run(self, status):
"""
starts the engine.
param 1: integer
"""
self.status = status
# read config
self.set_config()
# check given status
if self.check_status() is False:
exit(1)
# log config if level is debug
if self.config['general']['loglevel'].lower() == 'debug':
self.log_config()
# check certificates are readable
certs = (self.config['server']['cert'],
self.config['client']['cert'],
self.config['client']['key'])
if self.check_certs(certs) is False:
exit(2)
# create ssl context
self.context = self.create_ssl_context()
if self.context is False:
exit(3)
# get a ssl encrypted connection
2020-10-22 23:58:17 +02:00
self.connection = self.create_ssl_connection()
# send status
try:
self.log.debug('Send new status: {}'.format(self.status))
self.connection.send(self.status.encode(encoding='utf-8',
errors='strict'))
2020-10-22 23:58:17 +02:00
except Exception as e:
self.log.error('Error: {}'.format(e))
exit(6)
try:
response = self.connection.recv(1).decode(encoding='utf-8',
errors='strict')
2020-10-22 23:58:17 +02:00
self.log.debug('Server returns: {}'.format(response))
if response == self.status:
self.log.info('Status sucessfull updated')
else:
self.log.error('Failed to update status')
self.log.debug('Disconnect from server')
except Exception as e:
self.log.error('Error: {}'.format(e))
exit(7)
if __name__ == '__main__':
s = SetStatus()
if len(argv) < 2:
log.error('Usage: setstatus.py <0|1>')
exit(255)
else:
s.run(argv[1])