Module: check_mk
Branch: master
Commit: ab8293853b1e8dd25e40ab28b821960baafb1137
URL:
http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=ab8293853b1e8d…
Author: Lars Michelsen <lm(a)mathias-kettner.de>
Date: Wed Dec 3 11:21:49 2014 +0100
#1589 FIX Restructured SNMP credentials rule specification
Previous valuespec allowed wrong configurations which lead to non
working SNMP credential values.
---
.werks/1589 | 10 +++
ChangeLog | 1 +
web/htdocs/check_mk.css | 8 +--
web/htdocs/valuespec.py | 5 ++
web/plugins/wato/check_mk_configuration.py | 104 ++++++++++++++++++----------
5 files changed, 85 insertions(+), 43 deletions(-)
diff --git a/.werks/1589 b/.werks/1589
new file mode 100644
index 0000000..b169304
--- /dev/null
+++ b/.werks/1589
@@ -0,0 +1,10 @@
+Title: Restructured SNMP credentials rule specification
+Level: 1
+Component: wato
+Compatible: compat
+Version: 1.2.5i7
+Date: 1417602070
+Class: fix
+
+Previous valuespec allowed wrong configurations which lead to non
+working SNMP credential values.
diff --git a/ChangeLog b/ChangeLog
index 4f1e0ff..cf8be8c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -120,6 +120,7 @@
* 1556 FIX: WATO inventory ignores already inventorized checks which does not exist
anymore...
* 1576 FIX: SNMP Community host attribute is now visible for IE<=8...
* 1588 FIX: Renamed SNMP communities rule to SNMP credentials
+ * 1589 FIX: Restructured SNMP credentials rule specification...
Notifications:
* 1512 Bulk notification can now be grouped according to custom macro values...
diff --git a/web/htdocs/check_mk.css b/web/htdocs/check_mk.css
index 9e60aa1..a2cd9c9 100644
--- a/web/htdocs/check_mk.css
+++ b/web/htdocs/check_mk.css
@@ -393,13 +393,7 @@ table.valuespec_tuple td {
}
table.valuespec_tuple td.tuple_left {
- padding-right: 8px;
- padding-top: 5px;
-}
-
-table.valuespec_tuple td.tuple_right,
-table.valuespec_tuple td.tuple_left {
- /* padding-bottom: 3px; */
+ vertical-align: middle;
}
table.valuespec_tuple span.title {
diff --git a/web/htdocs/valuespec.py b/web/htdocs/valuespec.py
index 24a7c41..1d21eb6 100644
--- a/web/htdocs/valuespec.py
+++ b/web/htdocs/valuespec.py
@@ -353,6 +353,7 @@ class TextAscii(ValueSpec):
self._regex = kwargs.get("regex")
self._regex_error = kwargs.get("regex_error",
_("Your input does not match the required format."))
+ self._minlen = kwargs.get('minlen', None)
if type(self._regex) == str:
self._regex = re.compile(self._regex)
self._prefix_buttons = kwargs.get("prefix_buttons", [])
@@ -430,6 +431,10 @@ class TextAscii(ValueSpec):
if value and self._regex:
if not self._regex.match(value):
raise MKUserError(varprefix, self._regex_error)
+
+ if self._minlen != None and len(value) < self._minlen:
+ raise MKUserError(varprefix, _("You need to provide at least %d
characters.") % self._minlen)
+
ValueSpec.custom_validate(self, value, varprefix)
class TextUnicode(TextAscii):
diff --git a/web/plugins/wato/check_mk_configuration.py
b/web/plugins/wato/check_mk_configuration.py
index 30fab55..29936a1 100644
--- a/web/plugins/wato/check_mk_configuration.py
+++ b/web/plugins/wato/check_mk_configuration.py
@@ -2247,47 +2247,79 @@ register_rule(group,
"and can change."))
group = "agent/" + _("SNMP")
-_snmpv3_basic_elements = [
- DropdownChoice(
- choices = [
- ( "authPriv", _("authPriv")),
- ( "authNoPriv", _("authNoPriv")),
- ( "noAuthNoPriv", _("noAuthNoPriv")),
- ],
- title = _("Security level")),
- DropdownChoice(
- choices = [
- ( "md5", _("MD5") ),
- ( "sha", _("SHA1") ),
- ],
- title = _("Authentication protocol")),
- TextAscii(title = _("Security name"), attrencode = True),
- Password(title = _("Authentication password"))]
+_snmpv3_auth_elements = [
+ DropdownChoice(
+ choices = [
+ ( "md5", _("MD5") ),
+ ( "sha", _("SHA1") ),
+ ],
+ title = _("Authentication protocol")
+ ),
+ TextAscii(
+ title = _("Security name"),
+ attrencode = True
+ ),
+ Password(
+ title = _("Authentication password"),
+ minlen = 8,
+ )
+]
register_rule(group,
"snmp_communities",
Alternative(
- elements = [
- TextAscii(
- title = _("SNMP community (SNMP Versions 1 and 2c)"),
- allow_empty = False,
- attrencode = True,
- ),
- Tuple(
- title = _("Credentials for SNMPv3"),
- elements = _snmpv3_basic_elements),
- Tuple(
- title = _("Credentials for SNMPv3 including privacy options"),
- elements = _snmpv3_basic_elements + [
- DropdownChoice(
- choices = [
- ( "DES", _("DES") ),
- ( "AES", _("AES") ),
- ],
- title = _("Privacy protocol")),
- Password(title = _("Privacy pass phrase")),
- ])],
+ elements = [
+ TextAscii(
+ title = _("SNMP community (SNMP Versions 1 and 2c)"),
+ allow_empty = False,
+ attrencode = True,
+ ),
+ Tuple(
+ title = _("Credentials for SNMPv3 without authentication and privacy
(noAuthNoPriv)"),
+ elements = [
+ FixedValue("noAuthNoPriv",
+ title = _("Security Level"),
+ totext = _("No authentication, no privacy"),
+ ),
+ ]
+ ),
+ Tuple(
+ title = _("Credentials for SNMPv3 with authentication but without
privacy (authNoPriv)"),
+ elements = [
+ FixedValue("authNoPriv",
+ title = _("Security Level"),
+ totext = _("authentication but no privacy"),
+ ),
+ ] + _snmpv3_auth_elements
+ ),
+ Tuple(
+ title = _("Credentials for SNMPv3 with authentication and privacy
(authPriv)"),
+ elements = [
+ FixedValue("authPriv",
+ title = _("Security Level"),
+ totext = _("authentication and encryption"),
+ ),
+ ] + _snmpv3_auth_elements + [
+ DropdownChoice(
+ choices = [
+ ( "DES", _("DES") ),
+ ( "AES", _("AES") ),
+ ],
+ title = _("Privacy protocol")
+ ),
+ Password(
+ title = _("Privacy pass phrase"),
+ minlen = 8,
+ ),
+ ]
+ ),
+ ],
+
+ match = lambda x: type(x) == tuple and ( \
+ len(x) == 1 and 1 or \
+ len(x) == 4 and 2 or 3) or 0,
+ style = "dropdown",
default_value = "public",
title = _("SNMP credentials of monitored hosts"),
help = _("By default Check_MK uses the community \"public\" to
contact hosts via SNMP v1/v2. This rule "