def isCorrect(self):
"""
Do some checking on the object fields.
"""
if len(self.contacts) == 0:
return False
if len(self.sources) == 0:
return False
if not self.publickey:
return False
if not self.signature:
return False
if not self.revision:
return False
original_sources = self.getSources(as_originals=True)
if len(set(original_sources)) != len(self.sources):
lg.warn('original identity sources are duplicated: %r' %
original_sources)
return False
if len(original_sources) > settings.MaximumIdentitySources():
lg.warn('too much sources')
return False
if len(original_sources) < settings.MinimumIdentitySources():
lg.warn('too few sources')
return False
try:
int(self.revision)
except:
lg.warn('identity revision: %s' % self.revision)
return False
names = set()
for source in original_sources:
if not source:
lg.warn('found empty source')
return False
proto, host, port, filename = nameurl.UrlParse(source)
if filename.count('/'):
lg.warn("incorrect identity name: %s" % filename)
return False
name, justxml = filename.split('.')
names.add(name)
# SECURITY check that name is simple
if justxml != "xml":
lg.warn("incorrect identity name: %s" % filename)
return False
if len(name) > settings.MaximumUsernameLength():
lg.warn("incorrect identity name: %s" % filename)
return False
if len(name) < settings.MinimumUsernameLength():
lg.warn("incorrect identity name: %s" % filename)
return False
for c in name:
if c not in settings.LegalUsernameChars():
lg.warn("incorrect identity name: %s" % filename)
return False
if len(names) > 1:
lg.warn('names are not consistent: %s' % str(names))
return False
return True
def ValidNickName(username):
"""
A method to validate account name entered by user.
"""
if len(username) < settings.MinimumUsernameLength():
return False
if len(username) > settings.MaximumUsernameLength():
return False
for c in username:
if c not in settings.LegalNickNameChars():
return False
return True
def isCorrect(self):
"""
Do some checking on the object fields.
"""
if len(self.contacts) == 0:
return False
if len(self.sources) == 0:
return False
if self.publickey == '':
return False
if self.signature == '':
return False
if self.revision == '':
return False
if len(self.sources) > settings.MaximumIdentitySources():
lg.warn('too much sources')
return False
if len(self.sources) < settings.MinimumIdentitySources():
lg.warn('too few sources')
return False
try:
int(self.revision)
except:
lg.warn('identity revision: %s' % self.revision)
return False
names = set()
for source in self.sources:
proto, host, port, filename = nameurl.UrlParse(source)
if filename.count('/'):
lg.warn("identity name: %s" % filename)
return False
name, justxml = filename.split('.')
names.add(name)
# SECURITY check that name is simple
if justxml != "xml":
lg.warn("identity name: %s" % filename)
return False
if len(name) > settings.MaximumUsernameLength():
lg.warn("identity name: %s" % filename)
return False
if len(name) < settings.MinimumUsernameLength():
lg.warn("identity name: %s" % filename)
return False
for c in name:
if c not in settings.LegalUsernameChars():
lg.warn("identity name: %s" % filename)
return False
if len(names) > 1:
lg.warn('names are not consistant: %s' % str(names))
return False
return True
def ValidKeyAlias(key_alias):
if len(key_alias) > 50:
lg.warn("key_alias is too long")
return False
if len(key_alias) < settings.MinimumUsernameLength():
lg.warn("key_alias is too short")
return False
pos = 0
for c in key_alias:
if c not in settings.LegalUsernameChars():
lg.warn("key_alias has illegal character at position: %d" % pos)
return False
pos += 1
if key_alias[0] not in set('abcdefghijklmnopqrstuvwxyz'):
lg.warn('key_alias not begins with letter')
return False
return True
def ValidUserName(username):
"""
A method to validate account name entered by user.
"""
if len(username) < settings.MinimumUsernameLength():
lg.warn("username is too short")
return False
if len(username) > settings.MaximumUsernameLength():
lg.warn("username is too long")
return False
pos = 0
for c in username:
if c not in settings.LegalUsernameChars():
lg.warn("username has illegal character at position: %d" % pos)
return False
pos += 1
if username[0] not in set('abcdefghijklmnopqrstuvwxyz'):
lg.warn('username not begins with letter')
return False
return True
def is_valid_key_id(global_key_id):
"""
"""
parts = global_id.ParseGlobalID(global_key_id)
if not parts['key_alias']:
lg.warn('no key_alias found in the input')
return False
if not parts['idurl']:
lg.warn('no idurl found in the input')
return False
key_alias = parts['key_alias']
if len(key_alias) > settings.MaximumUsernameLength():
lg.warn("key_alias too long: %d" % len(key_alias))
return False
if len(key_alias) < settings.MinimumUsernameLength():
lg.warn("key_alias too short: %d" % len(key_alias))
return False
pos = 0
for c in key_alias:
if c not in settings.LegalUsernameChars():
lg.warn("key_alias has illegal character at position: %d" % pos)
return False
pos += 1
return True
def _save_identity(self, inputfilename):
"""
"""
lg.out(6, "id_server._save_identity " + inputfilename)
if os.path.getsize(inputfilename) > 50000:
lg.warn("input file too big - ignoring ")
tmpfile.erase('idsrv', inputfilename, 'input file too big')
# os.remove(inputfilename)
return
newxml = bpio.ReadTextFile(inputfilename)
if len(newxml.strip()) < 500:
lg.warn("input file too small - ignoring ")
tmpfile.erase('idsrv', inputfilename, 'input file too small')
# os.remove(inputfilename)
return
try:
newidentity = identity.identity(xmlsrc=newxml)
except:
lg.warn("input file is wrong - ignoring ")
tmpfile.erase('idsrv', inputfilename, 'input file is wrong')
# os.remove(inputfilename)
return
tmpfile.erase('idsrv', inputfilename, 'id received')
if not newidentity.isCorrect():
lg.warn("has non-Correct identity")
return
if not newidentity.Valid():
lg.warn("has non-Valid identity")
return
matchid = ""
for idurl in newidentity.sources:
protocol, host, port, filename = nameurl.UrlParse(idurl)
if host == self.hostname:
lg.out(4, "id_server._save_identity found match for us")
matchid = idurl
break
if matchid == "":
lg.warn("identity is not for this nameserver")
return
protocol, host, port, filename = nameurl.UrlParse(matchid)
name, justxml = filename.split(".")
# SECURITY check that name is simple
if justxml != "xml":
lg.warn("identity name " + filename)
return
if len(name) > settings.MaximumUsernameLength():
lg.warn("identity name " + filename)
return
if len(name) < settings.MinimumUsernameLength():
lg.warn("identity name " + filename)
return
for c in name:
if c not in settings.LegalUsernameChars():
lg.warn("identity name " + filename)
return
localfilename = os.path.join(settings.IdentityServerDir(), filename)
# lg.out(8,"id_server.SaveIdentity with filename " + localfilename)
oldxml = ''
# need to make sure id was not already used by different key - which would mean someone trying to steal identity
if os.path.exists(localfilename):
lg.out(
6,
"id_server._save_identity was already an identity with this name "
+ localfilename)
oldxml = bpio.ReadTextFile(localfilename)
oldidentity = identity.identity(xmlsrc=oldxml)
if oldidentity.publickey != newidentity.publickey:
lg.warn("new public key does not match old " + localfilename)
return
if newxml != oldxml:
if not os.path.exists(localfilename):
lg.out(
6, "id_server._save_identity will save NEW Identity: " +
filename)
bpio.WriteFile(localfilename, newxml)
