PLC-Slave ACL wird gegen bestehende Verbindungen angewendet

2025-11-08 15:13:52 +01:00 · 2018-04-05 14:58:45 +02:00
parent 3222790d50
commit aea6ef768d
6 changed files with 39 additions and 6 deletions
--- a/doc/picontrolserver.html
+++ b/doc/picontrolserver.html
@@ -63,6 +63,9 @@ Methods</h3>
 <td><a style="color:#0000FF" href="#RevPiSlave.__init__">RevPiSlave</a></td>
 <td>Instantiiert RevPiSlave-Klasse.</td>
 </tr><tr>
+<td><a style="color:#0000FF" href="#RevPiSlave.check_connectedacl">check_connectedacl</a></td>
+<td>Prueft bei neuen ACLs bestehende Verbindungen.</td>
+</tr><tr>
 <td><a style="color:#0000FF" href="#RevPiSlave.newlogfile">newlogfile</a></td>
 <td>Konfiguriert die FileHandler auf neue Logdatei.</td>
 </tr><tr>
@@ -92,7 +95,13 @@ AclManager <class 'IpAclManager'>
 <dd>
 Listen Port fuer plc Slaveserver
 </dd>
-</dl><a NAME="RevPiSlave.newlogfile" ID="RevPiSlave.newlogfile"></a>
+</dl><a NAME="RevPiSlave.check_connectedacl" ID="RevPiSlave.check_connectedacl"></a>
+<h3 style="background-color:#FFFFFF;color:#FF0000">
+RevPiSlave.check_connectedacl</h3>
+<b>check_connectedacl</b>(<i></i>)
+<p>
+Prueft bei neuen ACLs bestehende Verbindungen.
+</p><a NAME="RevPiSlave.newlogfile" ID="RevPiSlave.newlogfile"></a>
 <h3 style="background-color:#FFFFFF;color:#FF0000">
 RevPiSlave.newlogfile</h3>
 <b>newlogfile</b>(<i></i>)
--- a/eric-revpipyload.api
+++ b/eric-revpipyload.api
@@ -12,6 +12,7 @@ logsystem.PipeLogwriter.newlogfile?4()
 logsystem.PipeLogwriter.run?4()
 logsystem.PipeLogwriter.stop?4()
 logsystem.PipeLogwriter?1(logfilename)
+picontrolserver.RevPiSlave.check_connectedacl?4()
 picontrolserver.RevPiSlave.newlogfile?4()
 picontrolserver.RevPiSlave.run?4()
 picontrolserver.RevPiSlave.stop?4()
--- a/revpipyload.e4p
+++ b/revpipyload.e4p
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE Project SYSTEM "Project-5.1.dtd">
 <!-- eric project file for project revpipyload -->
-<!-- Saved: 2018-04-05, 14:14:27 -->
+<!-- Saved: 2018-04-05, 14:57:19 -->
 <!-- Copyright (C) 2018 Sven Sager, akira@narux.de -->
 <Project version="5.1">
  <Language>en_US</Language>
@@ -9,7 +9,7 @@
  <ProgLanguage mixed="0">Python3</ProgLanguage>
  <ProjectType>Console</ProjectType>
  <Description>Dieser Loader wird über das Init-System geladen und führt das angegebene Pythonprogramm aus. Es ist für den RevolutionPi gedacht um automatisch das SPS-Programm zu starten.</Description>
-  <Version>0.6.3</Version>
+  <Version>0.6.4</Version>
  <Author>Sven Sager</Author>
  <Email>akira@narux.de</Email>
  <Eol index="1"/>
--- a/revpipyload/picontrolserver.py
+++ b/revpipyload/picontrolserver.py
@@ -44,6 +44,25 @@ class RevPiSlave(Thread):
        self.zeroonerror = False
        self.zeroonexit = False

+    def check_connectedacl(self):
+        """Prueft bei neuen ACLs bestehende Verbindungen."""
+        for dev in self._th_dev:
+            ip,  port = dev._addr
+            level = self.__ipacl.get_acllevel(ip)
+            if level < 0:
+                # Verbindung killen
+                proginit.logger.warning(
+                    "client {} not in acl - disconnect!".format(ip)
+                )
+                dev.stop()
+            elif level != dev._acl:
+                # ACL Level anpassen
+                proginit.logger.warning(
+                    "change acl level from {} to {} on existing connection {}"
+                    "".format(level, dev._acl, ip)
+                )
+                dev._acl = level
+
    def newlogfile(self):
        """Konfiguriert die FileHandler auf neue Logdatei."""
        pass
--- a/revpipyload/revpipyload.py
+++ b/revpipyload/revpipyload.py
@@ -50,7 +50,7 @@ from time import asctime
 from xmlrpc.client import Binary
 from xrpcserver import SaveXMLRPCServer

-pyloadversion = "0.6.3"
+pyloadversion = "0.6.4"


 class RevPiPyLoad():
@@ -191,7 +191,7 @@ class RevPiPyLoad():
            self.plcslave = \
                int(self.globalconfig["PLCSLAVE"].get("plcslave", 0))

-            # Berechtigungen laden, wenn aktiv ist
+            # Berechtigungen laden
            if not self.plcslaveacl.loadaclfile(
                    self.globalconfig["PLCSLAVE"].get("aclfile", "")):
                proginit.logger.warning(
@@ -268,6 +268,10 @@ class RevPiPyLoad():
                proginit.logger.info("restart plc slave after reload")
                self.th_plcslave.start()

+        # PLC-Slave ACL prüfen
+        if self.th_plcslave is not None:
+            self.th_plcslave.check_connectedacl()
+
        # XMLRPC-Server Instantiieren und konfigurieren
        if self.xmlrpc == 0:
            self.xmlrpc = None
--- a/setup.py
+++ b/setup.py
@@ -27,7 +27,7 @@ setup(

    license="LGPLv3",
    name="revpipyload",
-    version="0.6.3",
+    version="0.6.4",

    scripts=["data/revpipyload"],