satusd.py: add validity check and else trees

read_config() now only add values, if the key is valid. otherwise ist passes.
if read_loglevel() returns false, loglevel ist set to warning. typos fixed.
This commit is contained in:
Berhsi 2019-09-17 19:07:07 +02:00
parent 22cbb6f6e0
commit b053403836

View file

@ -4,7 +4,7 @@
# date: 26.07.2019 # date: 26.07.2019
# email: berhsi@web.de # email: berhsi@web.de
# server, who listen for ipv4 connections at port 10001. now with ssl # server, which listens for ipv4 connections at port 10001. now with ssl
# encrypted connection and client side authentication. # encrypted connection and client side authentication.
import socket import socket
@ -32,8 +32,10 @@ def read_config(CONFIGFILE, CONFIG):
if not line[0] in ('#', ';', '\n', '\r'): if not line[0] in ('#', ';', '\n', '\r'):
key, value = (line.strip().split('=')) key, value = (line.strip().split('='))
key = strip_argument(key).upper() key = strip_argument(key).upper()
value = strip_argument(value) if key in CONFIG.keys():
CONFIG[key] = value value = strip_argument(value)
CONFIG[key] = value
else: pass
else: else:
logging.error('Failed to read {}'.format(CONFIGFILE)) logging.error('Failed to read {}'.format(CONFIGFILE))
logging.error('Using default values') logging.error('Using default values')
@ -250,9 +252,16 @@ def main():
if loglevel != False: if loglevel != False:
logger = logging.getLogger() logger = logging.getLogger()
logger.setLevel(loglevel) logger.setLevel(loglevel)
else:
loglevel = logging.WARNING
logger = logging.getLogger()
logger.setLevel(loglevel)
loggin.warning('Invalid value for loglevel. Set default value')
print_config(CONFIG) print_config(CONFIG)
# todo: zertifikate sollten nur lesbar sein!
if certs_readable(CONFIG) == False: if certs_readable(CONFIG) == False:
logging.error('Cert check failed\nExit') logging.error('Cert check failed\nExit')
exit() exit()
@ -264,6 +273,7 @@ def main():
context.load_verify_locations(cafile = CONFIG['CLIENT_CERT']) context.load_verify_locations(cafile = CONFIG['CLIENT_CERT'])
context.set_ciphers('EECDH+AESGCM') # only ciphers for tls 1.2 and 1.3 context.set_ciphers('EECDH+AESGCM') # only ciphers for tls 1.2 and 1.3
context.options = ssl.OP_CIPHER_SERVER_PREFERENCE context.options = ssl.OP_CIPHER_SERVER_PREFERENCE
# ssl + kompression = schlecht
context.options |= getattr(ssl._ssl, 'OP_NO_COMPRESSION', 0) context.options |= getattr(ssl._ssl, 'OP_NO_COMPRESSION', 0)
logging.debug('SSL context created') logging.debug('SSL context created')
# print_ciphers(context.get_ciphers()) # print_ciphers(context.get_ciphers())
@ -312,7 +322,7 @@ def main():
logging.info('Failed to change status') logging.info('Failed to change status')
if conn: if conn:
conn.send(b'\x03') conn.send(b'\x03')
# recive_handle returns false: # receive_handle returns false:
else: else:
logging.info('Invalid argument recived: {}'.format(raw_data)) logging.info('Invalid argument recived: {}'.format(raw_data))
logging.debug('Send {} back'.format(b'\x03')) logging.debug('Send {} back'.format(b'\x03'))