From b0534038360c36e3ca8353e1732387420359f956 Mon Sep 17 00:00:00 2001
From: Berhsi <berhsiqweb.de>
Date: Tue, 17 Sep 2019 19:07:07 +0200
Subject: [PATCH] satusd.py: add validity check and else trees

read_config() now only add values, if the key is valid. otherwise ist passes.
if read_loglevel() returns false, loglevel ist set to warning. typos fixed.
---
 statusd.py | 18 ++++++++++++++----
 1 file changed, 14 insertions(+), 4 deletions(-)

diff --git a/statusd.py b/statusd.py
index 4d2f196..31a1a2d 100755
--- a/statusd.py
+++ b/statusd.py
@@ -4,7 +4,7 @@
 # date: 26.07.2019
 # email: berhsi@web.de
 
-# server, who listen for ipv4 connections at port 10001. now with ssl
+# server, which listens for ipv4 connections at port 10001. now with ssl
 # encrypted connection and client side authentication.
 
 import socket
@@ -32,8 +32,10 @@ def read_config(CONFIGFILE, CONFIG):
                 if not line[0] in ('#', ';', '\n', '\r'):
                     key, value = (line.strip().split('='))
                     key = strip_argument(key).upper()
-                    value = strip_argument(value)
-                    CONFIG[key] = value
+                    if key in CONFIG.keys():
+                        value = strip_argument(value)
+                        CONFIG[key] = value
+                    else: pass
     else:
         logging.error('Failed to read {}'.format(CONFIGFILE))
         logging.error('Using default values')
@@ -250,9 +252,16 @@ def main():
     if loglevel != False:
         logger = logging.getLogger()
         logger.setLevel(loglevel)
+    else:
+        loglevel = logging.WARNING
+        logger = logging.getLogger()
+        logger.setLevel(loglevel)
+        loggin.warning('Invalid value for loglevel. Set default value')
 
     print_config(CONFIG)
 
+    # todo: zertifikate sollten nur lesbar sein!
+
     if certs_readable(CONFIG) == False:
         logging.error('Cert check failed\nExit')
         exit()
@@ -264,6 +273,7 @@ def main():
     context.load_verify_locations(cafile = CONFIG['CLIENT_CERT'])
     context.set_ciphers('EECDH+AESGCM')   # only ciphers for tls 1.2 and 1.3
     context.options = ssl.OP_CIPHER_SERVER_PREFERENCE
+    # ssl + kompression = schlecht
     context.options |= getattr(ssl._ssl, 'OP_NO_COMPRESSION', 0)
     logging.debug('SSL context created')
     # print_ciphers(context.get_ciphers())
@@ -312,7 +322,7 @@ def main():
                         logging.info('Failed to change status')
                         if conn:
                             conn.send(b'\x03')
-                # recive_handle returns false:
+                # receive_handle returns false:
                 else:
                     logging.info('Invalid argument recived: {}'.format(raw_data))
                     logging.debug('Send {} back'.format(b'\x03'))