Module: check_mk
Branch: master
Commit: 2fe80798ec9bfbf24b64f4609dbd4427c40b0f05
URL:
http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=2fe80798ec9bfb…
Author: Mathias Kettner <mk(a)mathias-kettner.de>
Date: Thu Jan 14 13:13:11 2016 +0100
#2923 SNMP community in WATO is now always displayed with ******
This is due to security. SNMP communities are basically passwords and should
not be shown in plaintext in the GUI. Of course this change makes it harder
to read existing rules. If that is a problem for you then you can add the
plaintext community to the comment field of a rule. Alas - security is always
linked with inconveniance...
---
.werks/2923 | 13 +++++++++++++
ChangeLog | 1 +
web/htdocs/wato.py | 2 +-
web/plugins/wato/builtin_attributes.py | 26 ++++++++++++++++----------
web/plugins/wato/check_mk_configuration.py | 3 +--
web/plugins/wato/notifications.py | 2 +-
6 files changed, 33 insertions(+), 14 deletions(-)
diff --git a/.werks/2923 b/.werks/2923
new file mode 100644
index 0000000..3251bda
--- /dev/null
+++ b/.werks/2923
@@ -0,0 +1,13 @@
+Title: SNMP community in WATO is now always displayed with ******
+Level: 1
+Component: wato
+Compatible: compat
+Version: 1.2.7i4
+Date: 1452773424
+Class: feature
+
+This is due to security. SNMP communities are basically passwords and should
+not be shown in plaintext in the GUI. Of course this change makes it harder
+to read existing rules. If that is a problem for you then you can add the
+plaintext community to the comment field of a rule. Alas - security is always
+linked with inconveniance...
diff --git a/ChangeLog b/ChangeLog
index 6283a31..c9a35c8 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -226,6 +226,7 @@
* 2879 WATO-Replication of MKPs and files in the local/ hierarchy...
* 2897 Changed move host action to be an action icon using a popup menu...
* 2900 Bulk Host import can now handle CSV files including several host
attributes...
+ * 2923 SNMP community in WATO is now always displayed with ******...
* 2666 FIX: Fix search for global configuration variables: ignore case now
* 2715 FIX: Fixed visibility of BI aggregations in editor
* 2716 FIX: Fixed error reporting on disabled checks page in case of broken man
pages
diff --git a/web/htdocs/wato.py b/web/htdocs/wato.py
index e2281ae..142bca4 100644
--- a/web/htdocs/wato.py
+++ b/web/htdocs/wato.py
@@ -2435,7 +2435,7 @@ def mode_diag_host(phase):
title = _('IP address'),
allow_empty = False
)),
- ('snmp_community', TextAscii(
+ ('snmp_community', Password(
title = _("SNMP Community"),
allow_empty = False
)),
diff --git a/web/plugins/wato/builtin_attributes.py
b/web/plugins/wato/builtin_attributes.py
index abd7e8b..ebe625c 100644
--- a/web/plugins/wato/builtin_attributes.py
+++ b/web/plugins/wato/builtin_attributes.py
@@ -72,16 +72,22 @@ declare_host_attribute(TextAttribute("ipv6address",
_("IPv6 Address"),
show_in_folder = False,
depends_on_tags = ["ip-v6"])
-declare_host_attribute(TextAttribute("snmp_community", _("SNMP
Community"),
- _("Using this option you can configure the community which
should be used when "
- "contacting this host via SNMP v1 or v2. It is possible to
configure the SNMP community by "
- "using the <a href=\"%s\">SNMP
Communities</a> ruleset, but when you configure "
- "a community here, this will override the community defined
by the rules.") % \
- html.makeuri([('mode', 'edit_ruleset'),
('varname', 'snmp_communities')]),
- allow_empty = False),
- show_in_table = False,
- show_in_folder = True,
- depends_on_tags = ['snmp'])
+declare_host_attribute(
+ ValueSpecAttribute(
+ "snmp_community",
+ Password(
+ title = _("SNMP Community"),
+ help = _("Using this option you can configure the community which
should be used when "
+ "contacting this host via SNMP v1 or v2. It is possible to
configure the SNMP community by "
+ "using the <a href=\"%s\">SNMP
Communities</a> ruleset, but when you configure "
+ "a community here, this will override the community defined by
the rules.") % \
+ html.makeuri([('mode', 'edit_ruleset'),
('varname', 'snmp_communities')]),
+ allow_empty = False,
+ )),
+ show_in_table = False,
+ show_in_folder = True,
+ depends_on_tags = ['snmp'],
+)
# Attribute for configuring parents
class ParentsAttribute(ValueSpecAttribute):
diff --git a/web/plugins/wato/check_mk_configuration.py
b/web/plugins/wato/check_mk_configuration.py
index a506042..174f992 100644
--- a/web/plugins/wato/check_mk_configuration.py
+++ b/web/plugins/wato/check_mk_configuration.py
@@ -1913,10 +1913,9 @@ register_rule(group,
"snmp_communities",
Alternative(
elements = [
- TextAscii(
+ Password(
title = _("SNMP community (SNMP Versions 1 and 2c)"),
allow_empty = False,
- attrencode = True,
),
Tuple(
title = _("Credentials for SNMPv3 without authentication and privacy
(noAuthNoPriv)"),
diff --git a/web/plugins/wato/notifications.py b/web/plugins/wato/notifications.py
index b6e3804..41dd285 100644
--- a/web/plugins/wato/notifications.py
+++ b/web/plugins/wato/notifications.py
@@ -250,7 +250,7 @@ register_notification_parameters(
),
),
( "community",
- TextAscii(
+ Password(
title = _("SNMP Community"),
help = _("SNMP Community for the SNMP trap")
)