/
haproxy_validator.py
105 lines (103 loc) · 3.31 KB
/
haproxy_validator.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
custom_attributes_dict = {
'global': {
'max_conn': {
'type': int,
'limits': [1, 65535],
'cmd': 'maxconn %d'
},
'max_conn_rate': {
'type': int,
'limits': [1, 65535],
'cmd': 'maxconnrate %d'
},
'max_sess_rate': {
'type': int,
'limits': [1, 65535],
'cmd': 'maxsessrate %d'
},
'max_ssl_conn': {
'type': int,
'limits': [1, 65535],
'cmd': 'maxsslconn %d'
},
'max_ssl_rate': {
'type': int,
'limits': [1, 65535],
'cmd': 'maxsslrate %d'
},
'ssl_ciphers': {
'type': str,
'limits': [1, 100],
'cmd': 'ssl-default-bind-ciphers %s'
},
'tune_http_max_header': {
'type': int,
'limits': [1, 128],
'cmd': 'tune.http.maxhdr %d'
},
'tune_ssl_max_record': {
'type': int,
'limits': [1, 16384],
'cmd': 'tune.ssl.maxrecord %d'
}
},
'default': {
'server_timeout': {
'type': int,
'limits': [1, 5000000],
'cmd': 'timeout server %d'
},
'client_timeout': {
'type': int,
'limits': [1, 5000000],
'cmd': 'timeout client %d'
},
'connect_timeout': {
'type': int,
'limits': [1, 5000000],
'cmd': 'timeout connect %d'
}
},
'vip': {
'http_server_close': {
'type': bool,
'limits': ['True', 'False'],
'cmd': '%soption http-server-close'
},
'rate_limit_sessions': {
'type': int,
'limits': [1, 65535],
'cmd': 'rate-limit sessions %d'
}
},
'pool': {},
}
def validate_custom_attributes(config, section):
section_dict = {}
if 'custom-attributes' in config and section in custom_attributes_dict:
custom_attributes = config['custom-attributes']
for key, value in custom_attributes.iteritems():
if key in custom_attributes_dict[section]:
#Sanitize the value
try:
type_attr = custom_attributes_dict[section][key]['type']
limits = custom_attributes_dict[section][key]['limits']
if type_attr == int:
value = type_attr(value)
if value in range(limits[0], limits[1]):
section_dict.update({key:value})
elif type_attr == str:
if len(value) in range(limits[0], limits[1]):
section_dict.update({key:value})
elif type_attr == bool:
if value in limits:
if value == 'True':
value = ''
elif value == 'False':
value = 'no '
section_dict.update({key:value})
except Exception as e:
print "Skipping key: %s, value: %s due to validation failure" \
% (key, value)
continue
return section_dict