PLC-Slave ACL wird gegen bestehende Verbindungen angewendet

2025-11-08 23:23:52 +01:00 · 2018-04-05 14:58:45 +02:00
parent 3222790d50
commit aea6ef768d
6 changed files with 39 additions and 6 deletions
--- a/revpipyload/picontrolserver.py
+++ b/revpipyload/picontrolserver.py
@@ -44,6 +44,25 @@ class RevPiSlave(Thread):
        self.zeroonerror = False
        self.zeroonexit = False

+    def check_connectedacl(self):
+        """Prueft bei neuen ACLs bestehende Verbindungen."""
+        for dev in self._th_dev:
+            ip,  port = dev._addr
+            level = self.__ipacl.get_acllevel(ip)
+            if level < 0:
+                # Verbindung killen
+                proginit.logger.warning(
+                    "client {} not in acl - disconnect!".format(ip)
+                )
+                dev.stop()
+            elif level != dev._acl:
+                # ACL Level anpassen
+                proginit.logger.warning(
+                    "change acl level from {} to {} on existing connection {}"
+                    "".format(level, dev._acl, ip)
+                )
+                dev._acl = level
+
    def newlogfile(self):
        """Konfiguriert die FileHandler auf neue Logdatei."""
        pass
--- a/revpipyload/revpipyload.py
+++ b/revpipyload/revpipyload.py
@@ -50,7 +50,7 @@ from time import asctime
 from xmlrpc.client import Binary
 from xrpcserver import SaveXMLRPCServer

-pyloadversion = "0.6.3"
+pyloadversion = "0.6.4"


 class RevPiPyLoad():
@@ -191,7 +191,7 @@ class RevPiPyLoad():
            self.plcslave = \
                int(self.globalconfig["PLCSLAVE"].get("plcslave", 0))

-            # Berechtigungen laden, wenn aktiv ist
+            # Berechtigungen laden
            if not self.plcslaveacl.loadaclfile(
                    self.globalconfig["PLCSLAVE"].get("aclfile", "")):
                proginit.logger.warning(
@@ -268,6 +268,10 @@ class RevPiPyLoad():
                proginit.logger.info("restart plc slave after reload")
                self.th_plcslave.start()

+        # PLC-Slave ACL prüfen
+        if self.th_plcslave is not None:
+            self.th_plcslave.check_connectedacl()
+
        # XMLRPC-Server Instantiieren und konfigurieren
        if self.xmlrpc == 0:
            self.xmlrpc = None