changeset 511:cf52d5817709

merge
author Matt Johnston <matt@ucc.asn.au>
date Thu, 26 Jun 2014 23:03:32 +0800
parents ad846b9bdd10 (diff) fa282fb36f04 (current diff)
children ac77dd191d49
files Makefile crc8.c crc8.h ds18x20.h main.c onewire.c onewire.h server/config.py server/dump.py server/ts.py server/utils.py simple_ds18b20.c simple_ds18b20.h
diffstat 4 files changed, 51 insertions(+), 5 deletions(-) [+]
line wrap: on
line diff
--- a/web/log.py	Thu Jun 26 21:44:16 2014 +0800
+++ b/web/log.py	Thu Jun 26 23:03:32 2014 +0800
@@ -83,6 +83,8 @@
     # (title, sensorline) pairs.
     sensor_lines = []
 
+    wort_sensor = None
+    fridge_sensor = None
     for n, (rrdfile, sensor) in enumerate(rrds):
         unit = None
         if 'avrtemp' in sensor:
@@ -118,10 +120,27 @@
         else:
             print_legend = legend
         sensor_lines.append( (legend, 'LINE%(width)f:%(vname)s#%(colour)s:%(print_legend)s' % locals()) )
+        if legend == 'Wort':
+            wort_sensor = vname
+        elif legend == 'Fridge':
+            fridge_sensor = vname
 
+    # calculated bits
+    colour = '000000'
+    print_legend = 'Heat'
+    graph_args.append('CDEF:wortdel=%(wort_sensor)s,PREV(%(wort_sensor)s),-' % locals())
+    graph_args.append('CDEF:tempdel=%(wort_sensor)s,%(fridge_sensor)s,-' % locals())
+    graph_args.append('CDEF:fermheat=wortdel,80,*,tempdel,0.9,*,+' % locals())
+    graph_args.append('CDEF:trendfermheat=fermheat,7200,TRENDNAN' % locals())
+    graph_args.append('CDEF:limitfermheat=trendfermheat,5,+,11,MIN,2,MAX' % locals())
+    graph_args.append('LINE0.5:limitfermheat#%(colour)s:%(print_legend)s' % locals())
+
+    # lines are done afterwards so they can be layered
     sensor_lines.sort(key = lambda (legend, line): "Wort" in legend)
+    graph_args += (line for (legend, line) in sensor_lines)
 
-    graph_args += (line for (legend, line) in sensor_lines)
+    print>>sys.stderr, '\n'.join(graph_args)
+
 
     end = int(start+length)
     start = int(start)
@@ -309,7 +328,8 @@
 
 def send_params(params):
     # 'templog_receive' is ignored due to authorized_keys
-    # restrictions
+    # restrictions. the rpi has authorized_keys with
+    # command="/home/matt/templog/venv/bin/python /home/matt/templog/py/receive.py",no-pty,no-port-forwarding,no-x11-forwarding,no-agent-forwarding ssh-rsa AAAAB3NzaC....
     args = [config.SSH_PROG, '-i', config.SSH_KEYFILE,
         config.SSH_HOST, 'templog_receive']
     try:
--- a/web/secure.py	Thu Jun 26 21:44:16 2014 +0800
+++ b/web/secure.py	Thu Jun 26 23:03:32 2014 +0800
@@ -1,3 +1,4 @@
+import re
 import os
 import time
 import fcntl
@@ -10,11 +11,29 @@
 
 import config
 
-__all__ = ["get_csrf_blob", "check_csrf_blob", "setup_csrf", "get_user_hash"]
+__all__ = ["get_csrf_blob", "check_csrf_blob", "setup_csrf", "get_user_hash",
+"check_user_hash"]
 
 HASH=hashlib.sha1
 
+CLEAN_RE = re.compile('[^a-z0-9A-Z]')
+
+def clean_hash(h):
+    return CLEAN_RE.sub('', h.lower())
+
 def get_user_hash():
+    """
+    Uses the following apache config. 
+    Needs a separate port or IP to no-certificate SSL, SNI isn't good enough.
+
+    <location /~matt/templog/set>
+    Require all granted
+    SSLVerifyClient optional_no_ca
+    SSLVerifyDepth 1
+    SSLOptions +StdEnvVars +ExportCertData +OptRenegotiate
+    </location>
+    """
+
     verify = bottle.request.environ.get('SSL_CLIENT_VERIFY', '')
     if not (verify == 'GENEROUS' or verify == 'SUCCESS'):
         return 'FAILVERIFY'
@@ -27,6 +46,13 @@
 
     return HASH(binascii.a2b_base64(b64)).hexdigest()
 
+def check_user_hash(allowed_users):
+    current_hash = clean_hash(get_user_hash())
+    for a in allowed_users:
+        if current_hash == clean_hash(a):
+            return True
+    return False
+
 def setup_csrf():
     NONCE_SIZE=16
     global _csrf_fd, _csrf_key
--- a/web/templog.py	Thu Jun 26 21:44:16 2014 +0800
+++ b/web/templog.py	Thu Jun 26 23:03:32 2014 +0800
@@ -68,7 +68,7 @@
 
 @route('/set')
 def set():
-    allowed = ["false", "true"][secure.get_user_hash() in config.ALLOWED_USERS]
+    allowed = ["false", "true"][secure.check_user_hash(config.ALLOWED_USERS)]
     response.set_header('Cache-Control', 'no-cache')
     return bottle.template('set', 
         inline_data = log.get_params(), 
--- a/web/watch.py	Thu Jun 26 21:44:16 2014 +0800
+++ b/web/watch.py	Thu Jun 26 23:03:32 2014 +0800
@@ -47,7 +47,7 @@
 		patterns = watchpatterns[event.wd]
 		for p in patterns:
 			if fnmatch.fnmatch(event.name, p):
-				print("matched %s %s" % (event.name, p, event.maskname))
+				print("matched %s %s %s" % (event.name, p, event.maskname))
 				os.utime(touchf, None)
 
 	n = pyinotify.Notifier(watcher, triggered)