[zorp-hu] 3.0.8 + https

Kosa Attila atkosa at chello.hu
2005. Nov. 23., Sze, 14:48:58 CET 

On Wed, Nov 23, 2005 at 01:51:34PM +0100, Szalay Attila wrote:
> On Wed, 2005-11-23 at 13:47 +0100, Kosa Attila wrote:
> 
> > > > > > Nov 23 12:53:32 fw zorp_https[5117]: (Log thread):     files = os.listdir(trusted_ip_dir)
> > > > > > Nov 23 12:53:32 fw zorp_https[5117]: (Log thread): NameError: global name 'os' is not defined
> 
> > A legelso (idezett) hibauzenet a fizetos - 3.0.7-es verzioju -
> > zorp konfigjara erkezett. Arra a konfigra is szukseged lenne?
> 
> A fent, tobb level ota hurcolt log reszlet nem teljes. Hianyzik belole
> egy csomo minden, foleg az, hogy mely file-ban van a problema. Ezert a
> fenti logreszlet egy nagyobb sugaru korbol vett mintajara lenne
> szuksegem.

A teljes hibauzenet:

Nov 23 13:09:09 fw zorp_https[8089]: (Log thread): Traceback (most recent call last):
Nov 23 13:09:09 fw zorp_https[8089]: (Log thread):   File "/etc/zorp/policy-https.py", line 47, in config
Nov 23 13:09:09 fw zorp_https[8089]: (Log thread):     self.readTrustedCerts('/etc/zorp/trusted_crts')
Nov 23 13:09:09 fw zorp_https[8089]: (Log thread):   File "/etc/zorp/policy-https.py", line 65, in readTrustedCerts
Nov 23 13:09:09 fw zorp_https[8089]: (Log thread):     files = os.listdir(trusted_ip_dir)
Nov 23 13:09:09 fw zorp_https[8089]: (Log thread): NameError: global name 'os' is not defined

Es a hozza tartozo konfig:

class IntraHttps(PsslProxy):
    class EmbeddedHttp(HttpProxy):
       def config(self):
            HttpProxy.config(self)
            self.transparent_mode = TRUE
    
    def config(self):
       PsslProxy.config(self)
       self.server_need_ssl = TRUE
       self.server_verify_type = SSL_VERIFY_REQUIRED_TRUSTED
       self.server_ca_directory = '/etc/zorp/ca.crt'
       self.readTrustedCerts('/etc/zorp/trusted_crts')
       self.server_handshake['verify_cert'] = (PSSL_HS_POLICY, self.verifyTrustedCertServer)
       self.client_need_ssl = TRUE
       self.client_cert = '/etc/zorp/fw.crt'
       self.client_key = '/etc/zorp/fw.key'
       self.client_verify_type = SSL_VERIFY_NONE
       self.stack_proxy = self.EmbeddedHttp
       self.server_verify_depth = 2

    def verifyTrustedCertServer(self, side, verify_results):
       res = self.verifyTrustedCert(side, verify_results, self.server_trusted_certs_directory, self.server_peer_certificate.blob)
       if res == PSSL_HS_VERIFIED or (res == PSSL_HS_ACCEPT and verify_results[0]):
               self.server_certificate_trusted = TRUE
       return res

    def readTrustedCerts(self, trusted_ip_dir):
       try:
               self.trusted_certs = {}
               files = os.listdir(trusted_ip_dir)
               i = 0
               for file in files:
                       pem = self.readPEM(trusted_ip_dir + '/' + file)
                       self.trusted_certs[file] = pem
       except IOError:
               proxyLog(self, PSSL_ERROR, 3, "Error reading trusted certificate directory; dir='%s'" % trusted_ip_dir)

-- 
		Udvozlettel
				    Zsiga

További információk a(z) zorp-hu levelezőlistáról