Michael Orlitzky [Sat, 21 Aug 2021 03:26:55 +0000 (23:26 -0400)]
src/untangle/untangle.py: use cleaner way of disabling verification.
In the past, the internal _create_unverified_context() method of the
ssl module was used to create a context that doesn't verify
certificates. However, (now?) there is a cleaner way: by setting the
context's "check_hostname" member to False and its "verify_mode"
member to ssl.CERT_NONE. Which is exactly what this commit does.
Michael Orlitzky [Wed, 13 Feb 2019 23:56:23 +0000 (18:56 -0500)]
Add nominal support for Untangle version 14.1.
Version 14.1 of Untangle is out, but there are no meaningful changes
with respect to the backup process. This commit just mentions the new
version in the docs, and allows specifying "14.1" (the new default) in
the configuration file.
It was bound to happen: somebody changed their password to something
with a percent sign in it, and it broke the secret ConfigParser
interpolation that I didn't know existed. Nobody is interpolating
usernames or version numbers into their password fields (if you are;
see you in hell), so passing interpolation=None to our ConfigParser
instantiation should fix the issue.
Michael Orlitzky [Wed, 18 Apr 2018 00:38:31 +0000 (20:38 -0400)]
bin/untangle-https-backup: expect and report socket timeouts.
In the last commit, a configurable socket "timeout" was added. If that
timeout is reached, a socket.timeout exception will be thrown. This
commit catches those exceptions in the main executable, reports them
gracefully, and proceeds with the remaining backups.
Michael Orlitzky [Wed, 18 Apr 2018 00:35:36 +0000 (20:35 -0400)]
untangle.py: use a configurable "timeout" for socket operations.
If an untangle host holds a connection open but sends no data, it can
hang the backup process because we'll simply wait forever on that one
host. To work around that problem, a new configurable "timeout" value
has been added and is used in all open() calls. When the timeout is
reached, a socket.timeout error is raised, terminating the backup
process for that host (and all others, at the moment).
Michael Orlitzky [Mon, 23 Oct 2017 20:27:00 +0000 (16:27 -0400)]
untangle.py: add support for v13.1 download URLs.
In version 13.1 of Untangle, the backup download URL has changed. That
means we need to support a new, non-integer version number "13.1". This
commit changes the version parameter from an integer to a string, and
adds support for two new version strings: "13" and "13.1".
Since the download URL was unchanged in v13.0, the existing routines
are used for that version. However, a new get_backup_v13_1() function
was added for v13.1. The only difference between that function and the
get_backup_v10() function is the word "webui" which has been changed
to "admin".
Version "13.1" is now the default version if none is specified.
Remove a querystring parameter to fix v12.2 backups.
In the v10 backup routine, we were passing "type=backup" as part of
the querystring in addition to POSTing it. This was causing a problem
with one v12.2 host, and that's why I'm just going to blame v12.2 for
the problem. It looks like the querystring parameter is not needed for
any of the other versions/hosts that I've tested against.
Rename the executable, and implement a bunch of missing stuff.
This adds chmod of the backups, default options, SSL verification, and
cleans up some of the errors. It also supports command-line parsing
and a user-specified configuration file.
projects / untangle-https-backup.git / log