def read_whitelist():
WHITELIST.clear()
WHITELIST_RANGES.clear()
_ = os.path.abspath(os.path.join(ROOT_DIR, "misc", "whitelist.txt"))
if os.path.isfile(_):
with open(_, "r") as f:
for line in f:
line = line.strip()
if not line or line.startswith('#'):
continue
elif re.search(r"\A\d+\.\d+\.\d+\.\d+/\d+\Z", line):
try:
prefix, mask = line.split('/')
WHITELIST_RANGES.add((addr_to_int(prefix), int(mask)))
except (IndexError, ValueError):
WHITELIST.add(line)
else:
WHITELIST.add(line)
if config.USER_WHITELIST and os.path.isfile(config.USER_WHITELIST):
with open(config.USER_WHITELIST, "r") as f:
for line in f:
line = line.strip()
if not line or line.startswith('#'):
continue
elif re.search(r"\A\d+\.\d+\.\d+\.\d+/\d+\Z", line):
try:
prefix, mask = line.split('/')
WHITELIST_RANGES.add((addr_to_int(prefix), int(mask)))
except (IndexError, ValueError):
WHITELIST.add(line)
else:
WHITELIST.add(line)
def __setitem__(self, ip_range, value):
start, end = ip_range
entry = (addr_to_int(start), addr_to_int(end), value)
key = self._get_key(start)
last_key = self._get_key(end)
while key <= last_key:
self.store.setdefault(key, [])
self.store[key].append(entry)
key += 1
def cloudflare_ip(address):
if address:
_ = addr_to_int(address)
for prefix, mask in CLOUDFLARE_RANGES.get(address.split('.')[0], {}):
if _ & mask == prefix:
return True
return False
def cdn_ip(address):
if address:
_ = addr_to_int(address)
for prefix, mask in CDN_RANGES.get(address.split('.')[0], {}):
if _ & mask == prefix:
return True
return False
def worst_asns(address):
if not address:
return None
_ = addr_to_int(address)
for prefix, mask, name in WORST_ASNS.get(address.split('.')[0], {}):
if _ & mask == prefix:
return name
return None
def ipcat_lookup(address):
if not address:
return None
if not _ipcat_cache:
for name in STATIC_IPCAT_LOOKUPS:
for value in STATIC_IPCAT_LOOKUPS[name]:
if "-" in value:
start, end = value.split('-')
start_int, end_int = addr_to_int(start), addr_to_int(end)
current = start_int
while start_int <= current <= end_int:
_ipcat_cache[int_to_addr(current)] = name
current += 1
else:
_ipcat_cache[value] = name
if address in _ipcat_cache:
retval = _ipcat_cache[address]
else:
retval = ""
thread = threading.currentThread()
cursor = _ipcat_cursor.get(thread)
if cursor is None:
if os.path.isfile(IPCAT_SQLITE_FILE):
cursor = _ipcat_cursor[thread] = sqlite3.connect(IPCAT_SQLITE_FILE, isolation_level=None).cursor()
else:
return None
try:
_ = addr_to_int(address)
cursor.execute("SELECT name FROM ranges WHERE start_int <= ? AND end_int >= ?", (_, _))
_ = cursor.fetchone()
retval = str(_[0]) if _ else retval
except:
raise ValueError("[x] invalid IP address '%s'" % address)
_ipcat_cache[address] = retval
return retval
def __getitem__(self, ip_address):
retval = None
addr = addr_to_int(ip_address)
key = self._get_key(ip_address)
for item in self.store.get(key, []):
start_int, end_int, value = item
if start_int <= addr <= end_int:
retval = value
break
return retval
def cdn_ip(address):
if not address:
return False
try:
_ = addr_to_int(address)
for prefix, mask in CDN_RANGES.get(address.split('.')[0], {}):
if _ & mask == prefix:
return True
except (IndexError, ValueError):
pass
return False
def worst_asns(address):
if not address:
return None
try:
_ = addr_to_int(address)
for prefix, mask, name in WORST_ASNS.get(address.split('.')[0], {}):
if _ & mask == prefix:
return name
except (IndexError, ValueError):
pass
return None
def check_whitelisted(trail):
if trail in WHITELIST:
return True
if trail and trail[0].isdigit():
try:
_ = addr_to_int(trail)
for prefix, mask in WHITELIST_RANGES:
if _ & mask == prefix:
return True
except (IndexError, ValueError):
pass
return False
def read_worst_asn():
_ = os.path.abspath(os.path.join(ROOT_DIR, "misc", "worst_asns.txt"))
if os.path.isfile(_):
with open(_, "r") as f:
for line in f:
line = line.strip()
if not line or line.startswith('#'):
continue
else:
key = line.split('.')[0]
if key not in WORST_ASNS:
WORST_ASNS[key] = []
prefix, mask, name = re.search(r"([\d.]+)/(\d+),(.+)", line).groups()
WORST_ASNS[key].append((addr_to_int(prefix), make_mask(int(mask)), name))
def read_cdn_ranges():
_ = os.path.abspath(os.path.join(ROOT_DIR, "misc", "cdn_ranges.txt"))
if os.path.isfile(_):
with open(_, "r") as f:
for line in f:
line = line.strip()
if not line or line.startswith('#'):
continue
else:
key = line.split('.')[0]
if key not in CDN_RANGES:
CDN_RANGES[key] = []
prefix, mask = line.split('/')
CDN_RANGES[key].append((addr_to_int(prefix), make_mask(int(mask))))
def ipcat_lookup(address):
if not address:
return None
if not _ipcat_cache:
for name in STATIC_IPCAT_LOOKUPS:
for value in STATIC_IPCAT_LOOKUPS[name]:
if "-" in value:
start, end = value.split('-')
start_int, end_int = addr_to_int(start), addr_to_int(end)
current = start_int
while start_int <= current <= end_int:
_ipcat_cache[int_to_addr(current)] = name
current += 1
else:
_ipcat_cache[value] = name
if address in _ipcat_cache:
retval = _ipcat_cache[address]
else:
retval = ""
if os.path.isfile(IPCAT_SQLITE_FILE):
with sqlite3.connect(IPCAT_SQLITE_FILE, isolation_level=None) as conn:
cursor = conn.cursor()
try:
_ = addr_to_int(address)
cursor.execute("SELECT name FROM ranges WHERE start_int <= ? AND end_int >= ?", (_, _))
_ = cursor.fetchone()
retval = str(_[0]) if _ else retval
except:
raise ValueError("[x] invalid IP address '%s'" % address)
_ipcat_cache[address] = retval
return retval
def read_whitelist():
WHITELIST.clear()
WHITELIST_RANGES.clear()
_ = os.path.abspath(os.path.join(ROOT_DIR, "misc", "whitelist.txt"))
if os.path.isfile(_):
with open(_, "r") as f:
for line in f:
line = line.strip()
if not line or line.startswith('#'):
continue
elif re.search(r"\A\d+\.\d+\.\d+\.\d+/\d+\Z", line):
try:
prefix, mask = line.split('/')
WHITELIST_RANGES.add(
(addr_to_int(prefix), make_mask(int(mask))))
except (IndexError, ValueError):
WHITELIST.add(line)
else:
WHITELIST.add(line)
if config.USER_WHITELIST and os.path.isfile(config.USER_WHITELIST):
with open(config.USER_WHITELIST, "r") as f:
for line in f:
line = line.strip()
if not line or line.startswith('#'):
continue
elif re.search(r"\A\d+\.\d+\.\d+\.\d+/\d+\Z", line):
try:
prefix, mask = line.split('/')
WHITELIST_RANGES.add(
(addr_to_int(prefix), make_mask(int(mask))))
except (IndexError, ValueError):
WHITELIST.add(line)
else:
WHITELIST.add(line)
def read_bogon_ranges():
_ = os.path.abspath(os.path.join(ROOT_DIR, "misc", "bogon_ranges.txt"))
if os.path.isfile(_):
with open(_, "r") as f:
for line in f:
line = line.strip()
if not line or line.startswith('#'):
continue
else:
key = line.split('.')[0]
if key not in BOGON_RANGES:
BOGON_RANGES[key] = []
prefix, mask = line.split('/')
BOGON_RANGES[key].append(
(addr_to_int(prefix), make_mask(int(mask))))
def read_worst_asn():
_ = os.path.abspath(os.path.join(ROOT_DIR, "misc", "worst_asns.txt"))
if os.path.isfile(_):
with open(_, "r") as f:
for line in f:
line = line.strip()
if not line or line.startswith('#'):
continue
else:
key = line.split('.')[0]
if key not in WORST_ASNS:
WORST_ASNS[key] = []
prefix, mask, name = re.search(r"([\d.]+)/(\d+),(.+)",
line).groups()
WORST_ASNS[key].append(
(addr_to_int(prefix), make_mask(int(mask)), name))
def fetch():
retval = {}
content = retrieve_content(__url__)
if __check__ in content:
for match in re.finditer(r"(\d+\.\d+\.\d+\.\d+)/(\d+)", content):
prefix, mask = match.groups()
mask = int(mask)
start_int = addr_to_int(prefix) & make_mask(mask)
end_int = start_int | ((1 << 32 - mask) - 1)
if 0 <= end_int - start_int <= 1024:
address = start_int
while start_int <= address <= end_int:
retval[int_to_addr(address)] = (__info__, __reference__)
address += 1
return retval
def fetch():
retval = {}
content = retrieve_content(__url__)
if __check__ in content:
for match in re.finditer(r"(\d+\.\d+\.\d+\.\d+)/(\d+)", content):
prefix, mask = match.groups()
mask = int(mask)
start_int = addr_to_int(prefix) & make_mask(mask)
end_int = start_int | ((1 << 32 - mask) - 1)
if 0 <= end_int - start_int <= 1024:
address = start_int
while start_int <= address <= end_int:
retval[int_to_addr(address)] = (__info__, __reference__)
address += 1
return retval
def update_ipcat(force=False):
try:
if not os.path.isdir(USERS_DIR):
os.makedirs(USERS_DIR, 0o755)
except Exception as ex:
exit("[!] something went wrong during creation of directory '%s' ('%s')" % (USERS_DIR, ex))
_chown(USERS_DIR)
if force or not os.path.isfile(IPCAT_CSV_FILE) or not os.path.isfile(IPCAT_SQLITE_FILE) or (time.time() - os.stat(IPCAT_CSV_FILE).st_mtime) >= FRESH_IPCAT_DELTA_DAYS * 24 * 3600 or os.stat(IPCAT_SQLITE_FILE).st_size == 0:
print("[i] updating ipcat database...")
try:
with open(IPCAT_CSV_FILE, "w+b") as f:
f.write(_urllib.request.urlopen(IPCAT_URL).read())
except Exception as ex:
print("[x] something went wrong during retrieval of '%s' ('%s')" % (IPCAT_URL, ex))
else:
try:
if os.path.exists(IPCAT_SQLITE_FILE):
os.remove(IPCAT_SQLITE_FILE)
with sqlite3.connect(IPCAT_SQLITE_FILE, isolation_level=None, check_same_thread=False) as con:
cur = con.cursor()
cur.execute("BEGIN TRANSACTION")
cur.execute("CREATE TABLE ranges (start_int INT, end_int INT, name TEXT)")
with open(IPCAT_CSV_FILE) as f:
for row in f:
if not row.startswith('#') and not row.startswith('start'):
row = row.strip().split(",")
cur.execute("INSERT INTO ranges VALUES (?, ?, ?)", (addr_to_int(row[0]), addr_to_int(row[1]), row[2]))
cur.execute("COMMIT")
cur.close()
con.commit()
except Exception as ex:
print("[x] something went wrong during ipcat database update ('%s')" % ex)
_chown(IPCAT_CSV_FILE)
_chown(IPCAT_SQLITE_FILE)
else:
try:
if os.path.exists(IPCAT_SQLITE_FILE):
os.remove(IPCAT_SQLITE_FILE)
with sqlite3.connect(IPCAT_SQLITE_FILE, isolation_level=None, check_same_thread=False) as con:
cur = con.cursor()
cur.execute("BEGIN TRANSACTION")
cur.execute("CREATE TABLE ranges (start_int INT, end_int INT, name TEXT)")
with open(IPCAT_CSV_FILE) as f:
for row in f:
if not row.startswith('#') and not row.startswith('start'):
row = row.strip().split(",")
cur.execute("INSERT INTO ranges VALUES (?, ?, ?)", (addr_to_int(row[0]), addr_to_int(row[1]), row[2]))
cur.execute("COMMIT")
cur.close()
con.commit()
except Exception, ex:
print "[x] something went wrong during ipcat database update ('%s')" % ex
_chown(IPCAT_CSV_FILE)
_chown(IPCAT_SQLITE_FILE)
def main():
try:
update_trails(force=True)
update_ipcat()
except KeyboardInterrupt:
else:
try:
if os.path.exists(IPCAT_SQLITE_FILE):
os.remove(IPCAT_SQLITE_FILE)
with sqlite3.connect(IPCAT_SQLITE_FILE, isolation_level=None, check_same_thread=False) as con:
cur = con.cursor()
cur.execute("BEGIN TRANSACTION")
cur.execute("CREATE TABLE ranges (start_int INT, end_int INT, name TEXT)")
with open(IPCAT_CSV_FILE) as f:
for row in f:
if not row.startswith('#') and not row.startswith('start'):
row = row.strip().split(",")
cur.execute("INSERT INTO ranges VALUES (?, ?, ?)", (addr_to_int(row[0]), addr_to_int(row[1]), row[2]))
cur.execute("COMMIT")
cur.close()
con.commit()
except Exception, ex:
print "[x] something went wrong during ipcat database update ('%s')" % ex
_chown(IPCAT_CSV_FILE)
_chown(IPCAT_SQLITE_FILE)
def main():
try:
update_trails(force=True)
update_ipcat()
except KeyboardInterrupt:
def update_trails(force=False, offline=False):
"""
Update trails from feeds
"""
success = False
trails = TrailsDict()
duplicates = {}
try:
if not os.path.isdir(USERS_DIR):
os.makedirs(USERS_DIR, 0o755)
except Exception as ex:
exit(
"[!] something went wrong during creation of directory '%s' ('%s')"
% (USERS_DIR, ex))
_chown(USERS_DIR)
if config.UPDATE_SERVER:
print("[i] retrieving trails from provided 'UPDATE_SERVER' server...")
content = retrieve_content(config.UPDATE_SERVER)
if not content or content.count(',') < 2:
print("[x] unable to retrieve data from '%s'" %
config.UPDATE_SERVER)
else:
with _fopen(config.TRAILS_FILE, "w+b" if six.PY2 else "w+",
open if six.PY2 else codecs.open) as f:
f.write(content)
trails = load_trails()
else:
trail_files = set()
for dirpath, dirnames, filenames in os.walk(
os.path.abspath(os.path.join(ROOT_DIR, "trails"))):
for filename in filenames:
trail_files.add(
os.path.abspath(os.path.join(dirpath, filename)))
if config.CUSTOM_TRAILS_DIR:
for dirpath, dirnames, filenames in os.walk(
os.path.abspath(
os.path.join(
ROOT_DIR,
os.path.expanduser(config.CUSTOM_TRAILS_DIR)))):
for filename in filenames:
trail_files.add(
os.path.abspath(os.path.join(dirpath, filename)))
if not trails and (
force or not os.path.isfile(config.TRAILS_FILE) or
(time.time() - os.stat(config.TRAILS_FILE).st_mtime) >=
config.UPDATE_PERIOD
or os.stat(config.TRAILS_FILE).st_size == 0 or any(
os.stat(_).st_mtime > os.stat(config.TRAILS_FILE).st_mtime
for _ in trail_files)):
if not config.no_updates:
print("[i] updating trails (this might take a while)...")
else:
print("[i] checking trails...")
if not offline and (force or config.USE_FEED_UPDATES):
_ = os.path.abspath(os.path.join(ROOT_DIR, "trails", "feeds"))
if _ not in sys.path:
sys.path.append(_)
filenames = sorted(glob.glob(os.path.join(_, "*.py")))
else:
filenames = []
_ = os.path.abspath(os.path.join(ROOT_DIR, "trails"))
if _ not in sys.path:
sys.path.append(_)
filenames += [os.path.join(_, "custom")]
filenames += [
os.path.join(_, "static")
] # Note: higher priority than previous one because of dummy user trails (FE)
filenames = [_ for _ in filenames if "__init__.py" not in _]
if config.DISABLED_FEEDS:
filenames = [
filename for filename in filenames
if os.path.splitext(os.path.split(filename)[-1])[0] not in
re.split(r"[^\w]+", config.DISABLED_FEEDS)
]
for i in xrange(len(filenames)):
filename = filenames[i]
try:
module = __import__(
os.path.basename(filename).split(".py")[0])
except (ImportError, SyntaxError) as ex:
print(
"[x] something went wrong during import of feed file '%s' ('%s')"
% (filename, ex))
continue
for name, function in inspect.getmembers(
module, inspect.isfunction):
if name == "fetch":
url = module.__url__ # Note: to prevent "SyntaxError: can not delete variable 'module' referenced in nested scope"
print(" [o] '%s'%s" %
(url, " " * 20 if len(url) < 20 else ""))
sys.stdout.write(
"[?] progress: %d/%d (%d%%)\r" %
(i, len(filenames), i * 100 // len(filenames)))
sys.stdout.flush()
if config.DISABLED_TRAILS_INFO_REGEX and re.search(
config.DISABLED_TRAILS_INFO_REGEX,
getattr(module, "__info__", "")):
continue
try:
results = function()
for item in results.items():
if item[0].startswith(
"www.") and '/' not in item[0]:
item = [item[0][len("www."):], item[1]]
if item[0] in trails:
if item[0] not in duplicates:
duplicates[item[0]] = set(
(trails[item[0]][1], ))
duplicates[item[0]].add(item[1][1])
if not (
item[0] in trails and
(any(_ in item[1][0]
for _ in LOW_PRIORITY_INFO_KEYWORDS)
or trails[item[0]][1]
in HIGH_PRIORITY_REFERENCES)) or (
item[1][1] in HIGH_PRIORITY_REFERENCES
and "history" not in item[1][0]
) or any(
_ in item[1][0]
for _ in HIGH_PRIORITY_INFO_KEYWORDS):
trails[item[0]] = item[1]
if not results and not any(
_ in url
for _ in ("abuse.ch", "cobaltstrike")):
print(
"[x] something went wrong during remote data retrieval ('%s')"
% url)
except Exception as ex:
print(
"[x] something went wrong during processing of feed file '%s' ('%s')"
% (filename, ex))
try:
sys.modules.pop(module.__name__)
del module
except Exception:
pass
# custom trails from remote location
if config.CUSTOM_TRAILS_URL:
print(" [o] '(remote custom)'%s" % (" " * 20))
for url in re.split(r"[;,]", config.CUSTOM_TRAILS_URL):
url = url.strip()
if not url:
continue
url = ("http://%s" % url) if "//" not in url else url
content = retrieve_content(url)
if not content:
print(
"[x] unable to retrieve data (or empty response) from '%s'"
% url)
else:
__info__ = "blacklisted"
__reference__ = "(remote custom)" # urlparse.urlsplit(url).netloc
for line in content.split('\n'):
line = line.strip()
if not line or line.startswith('#'):
continue
line = re.sub(r"\s*#.*", "", line)
if '://' in line:
line = re.search(r"://(.*)", line).group(1)
line = line.rstrip('/')
if line in trails and any(
_ in trails[line][1]
for _ in ("custom", "static")):
continue
if '/' in line:
trails[line] = (__info__, __reference__)
line = line.split('/')[0]
elif re.search(r"\A\d+\.\d+\.\d+\.\d+\Z", line):
trails[line] = (__info__, __reference__)
else:
trails[line.strip('.')] = (__info__,
__reference__)
for match in re.finditer(r"(\d+\.\d+\.\d+\.\d+)/(\d+)",
content):
prefix, mask = match.groups()
mask = int(mask)
if mask > 32:
continue
start_int = addr_to_int(prefix) & make_mask(mask)
end_int = start_int | ((1 << 32 - mask) - 1)
if 0 <= end_int - start_int <= 1024:
address = start_int
while start_int <= address <= end_int:
trails[int_to_addr(address)] = (
__info__, __reference__)
address += 1
print("[i] post-processing trails (this might take a while)...")
# basic cleanup
for key in list(trails.keys()):
if key not in trails:
continue
if config.DISABLED_TRAILS_INFO_REGEX:
if re.search(config.DISABLED_TRAILS_INFO_REGEX,
trails[key][0]):
del trails[key]
continue
try:
_key = key.decode(UNICODE_ENCODING) if isinstance(
key, bytes) else key
_key = _key.encode("idna")
if six.PY3:
_key = _key.decode(UNICODE_ENCODING)
if _key != key: # for domains with non-ASCII letters (e.g. phishing)
trails[_key] = trails[key]
del trails[key]
key = _key
except:
pass
if not key or re.search(r"(?i)\A\.?[a-z]+\Z", key) and not any(
_ in trails[key][1] for _ in ("custom", "static")):
del trails[key]
continue
if re.search(r"\A\d+\.\d+\.\d+\.\d+\Z", key):
if any(
_ in trails[key][0]
for _ in ("parking site", "sinkhole")
) and key in duplicates: # Note: delete (e.g.) junk custom trails if static trail is a sinkhole
del duplicates[key]
if trails[key][0] == "malware":
trails[key] = ("potential malware site",
trails[key][1])
if config.get("IP_MINIMUM_FEEDS", 3) > 1:
if (key not in duplicates or len(duplicates[key]) <
config.get("IP_MINIMUM_FEEDS", 3)
) and re.search(r"\b(custom|static)\b",
trails[key][1]) is None:
del trails[key]
continue
if any(int(_) > 255 for _ in key.split('.')):
del trails[key]
continue
if trails[key][0] == "ransomware":
trails[key] = ("ransomware (malware)", trails[key][1])
if key.startswith("www.") and '/' not in key:
_ = trails[key]
del trails[key]
key = key[len("www."):]
if key:
trails[key] = _
if '?' in key and not key.startswith('/'):
_ = trails[key]
del trails[key]
key = key.split('?')[0]
if key:
trails[key] = _
if '//' in key:
_ = trails[key]
del trails[key]
key = key.replace('//', '/')
trails[key] = _
if key != key.lower():
_ = trails[key]
del trails[key]
key = key.lower()
trails[key] = _
if key in duplicates:
_ = trails[key]
others = sorted(duplicates[key] - set((_[1], )))
if others and " (+" not in _[1]:
trails[key] = (_[0],
"%s (+%s)" % (_[1], ','.join(others)))
read_whitelist()
for key in list(trails.keys()):
match = re.search(r"\A(\d+\.\d+\.\d+\.\d+)\b", key)
if check_whitelisted(key) or any(
key.startswith(_) for _ in BAD_TRAIL_PREFIXES):
del trails[key]
elif match and (bogon_ip(match.group(1))
or cdn_ip(match.group(1))) and not any(
_ in trails[key][0]
for _ in ("parking", "sinkhole")):
del trails[key]
else:
try:
key.decode("utf8") if hasattr(
key, "decode") else key.encode("utf8")
trails[key][0].decode("utf8") if hasattr(
trails[key][0],
"decode") else trails[key][0].encode("utf8")
trails[key][1].decode("utf8") if hasattr(
trails[key][1],
"decode") else trails[key][1].encode("utf8")
except UnicodeError:
del trails[key]
try:
if trails:
with _fopen(config.TRAILS_FILE, "w+b" if six.PY2 else "w+",
open if six.PY2 else codecs.open) as f:
writer = csv.writer(f,
delimiter=',',
quotechar='\"',
quoting=csv.QUOTE_MINIMAL)
for trail in trails:
row = (trail, trails[trail][0], trails[trail][1])
writer.writerow(row)
success = True
except Exception as ex:
print(
"[x] something went wrong during trails file write '%s' ('%s')"
% (config.TRAILS_FILE, ex))
print("[i] update finished%s" % (40 * " "))
if success:
print("[i] trails stored to '%s'" % config.TRAILS_FILE)
return trails
def _events(self, params):
session = self.get_session()
if session is None:
self.send_response(httplib.UNAUTHORIZED)
self.send_header("Connection", "close")
return None
start, end, size, total = None, None, -1, None
content = None
log_path = os.path.join(config.LOG_DIR,
"%s.log" % params.get("date", ""))
if os.path.exists(log_path):
total = os.stat(log_path).st_size
if self.headers.get("Range"):
match = re.search(r"bytes=(\d+)-(\d+)",
self.headers["Range"])
if match:
start, end = int(match.group(1)), int(match.group(2))
max_size = end - start + 1
end = min(total - 1, end)
size = end - start + 1
if start == 0 or not session.range_handle:
session.range_handle = open(log_path, "rb")
if session.netfilters is None:
session.range_handle.seek(start)
self.send_response(httplib.PARTIAL_CONTENT)
self.send_header("Connection", "close")
self.send_header("Content-Type", "text/plain")
self.send_header(
"Content-Range",
"bytes %d-%d/%d" % (start, end, total))
content = session.range_handle.read(size)
else:
self.send_response(httplib.OK)
self.send_header("Connection", "close")
self.send_header("Content-Type", "text/plain")
buffer, addresses, netmasks, regex = cStringIO.StringIO(
), set(), [], ""
for netfilter in session.netfilters:
if not netfilter:
continue
if '/' in netfilter:
netmasks.append(netfilter)
elif re.search(r"\A[\d.]+\Z", netfilter):
addresses.add(netfilter)
elif '\.' in netfilter:
regex = r" %s " % netfilter
else:
print "[!] invalid network filter '%s'" % netfilter
return
for line in session.range_handle:
display = False
if regex and re.search(regex, line):
display = True
elif addresses or netmasks:
for match in re.finditer(
r" (\d+\.\d+\.\d+\.\d+) ", line):
if not display:
ip = match.group(1)
else:
break
if ip in addresses:
display = True
break
elif netmasks:
for _ in netmasks:
prefix, mask = _.split('/')
if addr_to_int(ip) & make_mask(
int(mask)
) == addr_to_int(prefix):
addresses.add(ip)
display = True
break
if display:
buffer.write(line)
if buffer.tell() >= max_size:
break
content = buffer.getvalue()
end = start + len(content) - 1
self.send_header(
"Content-Range", "bytes %d-%d/%d" %
(start, end, end + 1 + max_size *
(len(content) >= max_size)))
if len(content) < max_size:
session.range_handle.close()
session.range_handle = None
if size == -1:
self.send_response(httplib.OK)
self.send_header("Connection", "close")
self.send_header("Content-Type", "text/plain")
self.end_headers()
with open(log_path, "rb") as f:
while True:
data = f.read(io.DEFAULT_BUFFER_SIZE)
if not data:
break
else:
self.wfile.write(data)
else:
self.send_response(httplib.NO_CONTENT)
self.send_header("Connection", "close")
if self.headers.get("Range"):
self.send_header("Content-Range", "bytes 0-0/0")
return content
try:
if os.path.exists(IPCAT_SQLITE_FILE):
os.remove(IPCAT_SQLITE_FILE)
with sqlite3.connect(IPCAT_SQLITE_FILE, isolation_level=None, check_same_thread=False) as con:
cur = con.cursor()
cur.execute("BEGIN TRANSACTION")
cur.execute("CREATE TABLE ranges (start_int INT, end_int INT, name TEXT)")
with open(IPCAT_CSV_FILE) as f:
for row in f:
if not row.startswith("#") and not row.startswith("start"):
row = row.strip().split(",")
cur.execute(
"INSERT INTO ranges VALUES (?, ?, ?)",
(addr_to_int(row[0]), addr_to_int(row[1]), row[2]),
)
cur.execute("COMMIT")
cur.close()
con.commit()
except Exception, ex:
print "[x] something went wrong during ipcat database update ('%s')" % ex
_chown(IPCAT_CSV_FILE)
_chown(IPCAT_SQLITE_FILE)
def main():
try:
update_trails(force=True)
def _events(self, params):
session = self.get_session()
if session is None:
self.send_response(httplib.UNAUTHORIZED)
self.send_header(HTTP_HEADER.CONNECTION, "close")
return None
start, end, size, total = None, None, -1, None
content = None
log_exists = False
dates = params.get("date", "")
if ".." in dates:
pass
elif '_' not in dates:
try:
date = datetime.datetime.strptime(dates, "%Y-%m-%d").strftime("%Y-%m-%d")
event_log_path = os.path.join(config.LOG_DIR, "%s.log" % date)
if os.path.exists(event_log_path):
range_handle = open(event_log_path, "rb")
log_exists = True
except ValueError:
print "[!] invalid date format in request"
log_exists = False
else:
logs_data = ""
date_interval = dates.split("_", 1)
try:
start_date = datetime.datetime.strptime(date_interval[0], "%Y-%m-%d").date()
end_date = datetime.datetime.strptime(date_interval[1], "%Y-%m-%d").date()
for i in xrange(int((end_date - start_date).days) + 1):
date = start_date + datetime.timedelta(i)
event_log_path = os.path.join(config.LOG_DIR, "%s.log" % date.strftime("%Y-%m-%d"))
if os.path.exists(event_log_path):
log_handle = open(event_log_path, "rb")
logs_data += log_handle.read()
log_handle.close()
range_handle = io.BytesIO(logs_data)
log_exists = True
except ValueError:
print "[!] invalid date format in request"
log_exists = False
if log_exists:
range_handle.seek(0, 2)
total = range_handle.tell()
range_handle.seek(0)
if self.headers.get(HTTP_HEADER.RANGE):
match = re.search(r"bytes=(\d+)-(\d+)", self.headers[HTTP_HEADER.RANGE])
if match:
start, end = int(match.group(1)), int(match.group(2))
max_size = end - start + 1
end = min(total - 1, end)
size = end - start + 1
if start == 0 or not session.range_handle:
session.range_handle = range_handle
if session.netfilters is None:
session.range_handle.seek(start)
self.send_response(httplib.PARTIAL_CONTENT)
self.send_header(HTTP_HEADER.CONNECTION, "close")
self.send_header(HTTP_HEADER.CONTENT_TYPE, "text/plain")
self.send_header(HTTP_HEADER.CONTENT_RANGE, "bytes %d-%d/%d" % (start, end, total))
content = session.range_handle.read(size)
else:
self.send_response(httplib.OK)
self.send_header(HTTP_HEADER.CONNECTION, "close")
self.send_header(HTTP_HEADER.CONTENT_TYPE, "text/plain")
buffer, addresses, netmasks, regex = cStringIO.StringIO(), set(), [], ""
for netfilter in session.netfilters:
if not netfilter:
continue
if '/' in netfilter:
netmasks.append(netfilter)
elif re.search(r"\A[\d.]+\Z", netfilter):
addresses.add(netfilter)
elif '\.' in netfilter:
regex = r"\b(%s)\b" % netfilter
else:
print "[!] invalid network filter '%s'" % netfilter
return
for line in session.range_handle:
display = False
ip = None
if regex:
match = re.search(regex, line)
if match:
ip = match.group(1)
display = True
if not display and (addresses or netmasks):
for match in re.finditer(r"\b(\d+\.\d+\.\d+\.\d+)\b", line):
if not display:
ip = match.group(1)
else:
break
if ip in addresses:
display = True
break
elif netmasks:
for _ in netmasks:
prefix, mask = _.split('/')
if addr_to_int(ip) & make_mask(int(mask)) == addr_to_int(prefix):
addresses.add(ip)
display = True
break
if display:
if ",%s" % ip in line or "%s," % ip in line:
line = re.sub(r" ([\d.,]+,)?%s(,[\d.,]+)? " % re.escape(ip), " %s " % ip, line)
buffer.write(line)
if buffer.tell() >= max_size:
break
content = buffer.getvalue()
end = start + len(content) - 1
self.send_header(HTTP_HEADER.CONTENT_RANGE, "bytes %d-%d/%d" % (start, end, end + 1 + max_size * (len(content) >= max_size)))
if len(content) < max_size:
session.range_handle.close()
session.range_handle = None
if size == -1:
self.send_response(httplib.OK)
self.send_header(HTTP_HEADER.CONNECTION, "close")
self.send_header(HTTP_HEADER.CONTENT_TYPE, "text/plain")
self.end_headers()
with range_handle as f:
while True:
data = f.read(io.DEFAULT_BUFFER_SIZE)
if not data:
break
else:
self.wfile.write(data)
else:
self.send_response(httplib.OK) # instead of httplib.NO_CONTENT (compatibility reasons)
self.send_header(HTTP_HEADER.CONNECTION, "close")
if self.headers.get(HTTP_HEADER.RANGE):
self.send_header(HTTP_HEADER.CONTENT_RANGE, "bytes 0-0/0")
return content
continue
if '/' in line:
trails[line] = (__info__, __reference__)
line = line.split('/')[0]
elif re.search(r"\A\d+\.\d+\.\d+\.\d+\Z", line):
trails[line] = (__info__, __reference__)
else:
trails[line.strip('.')] = (__info__, __reference__)
for match in re.finditer(r"(\d+\.\d+\.\d+\.\d+)/(\d+)", content):
prefix, mask = match.groups()
mask = int(mask)
if mask > 32:
continue
start_int = addr_to_int(prefix) & make_mask(mask)
end_int = start_int | ((1 << 32 - mask) - 1)
if 0 <= end_int - start_int <= 1024:
address = start_int
while start_int <= address <= end_int:
trails[int_to_addr(address)] = (__info__, __reference__)
address += 1
# basic cleanup
for key in trails.keys():
if key not in trails:
continue
if not key or re.search(r"\A(?i)\.?[a-z]+\Z", key) and not any(_ in trails[key][1] for _ in ("custom", "static")):
del trails[key]
continue
if re.search(r"\A\d+\.\d+\.\d+\.\d+\Z", key):
def _login(self, params):
valid = False
if params.get("username") and params.get("hash") and params.get("nonce"):
if params.get("nonce") not in DISPOSED_NONCES:
DISPOSED_NONCES.add(params.get("nonce"))
for entry in (config.USERS or []):
entry = re.sub(r"\s", "", entry)
username, stored_hash, uid, netfilter = entry.split(':')
if username == params.get("username"):
try:
if params.get("hash") == hashlib.sha256(stored_hash.strip() + params.get("nonce")).hexdigest():
valid = True
break
except:
if config.SHOW_DEBUG:
traceback.print_exc()
if valid:
session_id = os.urandom(SESSION_ID_LENGTH).encode("hex")
expiration = time.time() + 3600 * SESSION_EXPIRATION_HOURS
self.send_response(httplib.OK)
self.send_header(HTTP_HEADER.CONNECTION, "close")
self.send_header(HTTP_HEADER.SET_COOKIE, "%s=%s; expires=%s; path=/; HttpOnly" % (SESSION_COOKIE_NAME, session_id, time.strftime(HTTP_TIME_FORMAT, time.gmtime(expiration))))
if netfilter in ("", "0.0.0.0/0"):
netfilters = None
else:
addresses = set()
netmasks = set()
for item in set(re.split(r"[;,]", netfilter)):
item = item.strip()
if '/' in item:
_ = item.split('/')[-1]
if _.isdigit() and int(_) >= 16:
lower = addr_to_int(item.split('/')[0])
mask = make_mask(int(_))
upper = lower | (0xffffffff ^ mask)
while lower <= upper:
addresses.add(int_to_addr(lower))
lower += 1
else:
netmasks.add(item)
elif '-' in item:
_ = item.split('-')
lower, upper = addr_to_int(_[0]), addr_to_int(_[1])
while lower <= upper:
addresses.add(int_to_addr(lower))
lower += 1
elif re.search(r"\d+\.\d+\.\d+\.\d+", item):
addresses.add(item)
netfilters = netmasks
if addresses:
netfilters.add(get_regex(addresses))
SESSIONS[session_id] = AttribDict({"username": username, "uid": uid, "netfilters": netfilters, "expiration": expiration, "client_ip": self.client_address[0], "client_ua": self.headers.get(HTTP_HEADER.USER_AGENT)})
else:
time.sleep(UNAUTHORIZED_SLEEP_TIME)
self.send_response(httplib.UNAUTHORIZED)
self.send_header(HTTP_HEADER.CONNECTION, "close")
self.send_header(HTTP_HEADER.CONTENT_TYPE, "text/plain")
content = "Login %s" % ("success" if valid else "failed")
if not subprocess.mswindows:
try:
subprocess.check_output("logger -p auth.info -t \"%s[%d]\" \"%s password for %s from %s port %s\"" % (NAME.lower(), os.getpid(), "Accepted" if valid else "Failed", params.get("username"), self.client_address[0], self.client_address[1]), stderr=subprocess.STDOUT, shell=True)
except Exception:
if config.SHOW_DEBUG:
traceback.print_exc()
return content
def _events(self, params):
session = self.get_session()
if session is None:
self.send_response(httplib.UNAUTHORIZED)
self.send_header(HTTP_HEADER.CONNECTION, "close")
return None
start, end, size, total = None, None, -1, None
content = None
event_log_path = os.path.join(config.LOG_DIR, "%s.log" % params.get("date", ""))
if os.path.exists(event_log_path):
total = os.stat(event_log_path).st_size
if self.headers.get(HTTP_HEADER.RANGE):
match = re.search(r"bytes=(\d+)-(\d+)", self.headers[HTTP_HEADER.RANGE])
if match:
start, end = int(match.group(1)), int(match.group(2))
max_size = end - start + 1
end = min(total - 1, end)
size = end - start + 1
if start == 0 or not session.range_handle:
session.range_handle = open(event_log_path, "rb")
if session.netfilters is None:
session.range_handle.seek(start)
self.send_response(httplib.PARTIAL_CONTENT)
self.send_header(HTTP_HEADER.CONNECTION, "close")
self.send_header(HTTP_HEADER.CONTENT_TYPE, "text/plain")
self.send_header(HTTP_HEADER.CONTENT_RANGE, "bytes %d-%d/%d" % (start, end, total))
content = session.range_handle.read(size)
else:
self.send_response(httplib.OK)
self.send_header(HTTP_HEADER.CONNECTION, "close")
self.send_header(HTTP_HEADER.CONTENT_TYPE, "text/plain")
buffer, addresses, netmasks, regex = cStringIO.StringIO(), set(), [], ""
for netfilter in session.netfilters:
if not netfilter:
continue
if '/' in netfilter:
netmasks.append(netfilter)
elif re.search(r"\A[\d.]+\Z", netfilter):
addresses.add(netfilter)
elif '\.' in netfilter:
regex = r" %s " % netfilter
else:
print "[!] invalid network filter '%s'" % netfilter
return
for line in session.range_handle:
display = False
if regex and re.search(regex, line):
display = True
elif addresses or netmasks:
for match in re.finditer(r" (\d+\.\d+\.\d+\.\d+) ", line):
if not display:
ip = match.group(1)
else:
break
if ip in addresses:
display = True
break
elif netmasks:
for _ in netmasks:
prefix, mask = _.split('/')
if addr_to_int(ip) & make_mask(int(mask)) == addr_to_int(prefix):
addresses.add(ip)
display = True
break
if display:
buffer.write(line)
if buffer.tell() >= max_size:
break
content = buffer.getvalue()
end = start + len(content) - 1
self.send_header(HTTP_HEADER.CONTENT_RANGE, "bytes %d-%d/%d" % (start, end, end + 1 + max_size * (len(content) >= max_size)))
if len(content) < max_size:
session.range_handle.close()
session.range_handle = None
if size == -1:
self.send_response(httplib.OK)
self.send_header(HTTP_HEADER.CONNECTION, "close")
self.send_header(HTTP_HEADER.CONTENT_TYPE, "text/plain")
self.end_headers()
with open(event_log_path, "rb") as f:
while True:
data = f.read(io.DEFAULT_BUFFER_SIZE)
if not data:
break
else:
self.wfile.write(data)
else:
self.send_response(httplib.OK) # instead of httplib.NO_CONTENT (compatibility reasons)
self.send_header(HTTP_HEADER.CONNECTION, "close")
if self.headers.get(HTTP_HEADER.RANGE):
self.send_header(HTTP_HEADER.CONTENT_RANGE, "bytes 0-0/0")
return content
if '/' in line:
trails[line] = (__info__, __reference__)
line = line.split('/')[0]
elif re.search(r"\A\d+\.\d+\.\d+\.\d+\Z", line):
trails[line] = (__info__, __reference__)
else:
trails[line.strip('.')] = (__info__, __reference__)
for match in re.finditer(r"(\d+\.\d+\.\d+\.\d+)/(\d+)",
content):
prefix, mask = match.groups()
mask = int(mask)
if mask > 32:
continue
start_int = addr_to_int(prefix) & make_mask(mask)
end_int = start_int | ((1 << 32 - mask) - 1)
if 0 <= end_int - start_int <= 1024:
address = start_int
while start_int <= address <= end_int:
trails[int_to_addr(address)] = (__info__,
__reference__)
address += 1
# basic cleanup
for key in trails.keys():
if key not in trails:
continue
if config.DISABLED_TRAILS_INFO_REGEX:
if re.search(config.DISABLED_TRAILS_INFO_REGEX,
trails[key][0]):
isolation_level=None,
check_same_thread=False) as con:
cur = con.cursor()
cur.execute("BEGIN TRANSACTION")
cur.execute(
"CREATE TABLE ranges (start_int INT, end_int INT, name TEXT)"
)
with open(IPCAT_CSV_FILE) as f:
for row in f:
if not row.startswith('#') and not row.startswith(
'start'):
row = row.strip().split(",")
cur.execute(
"INSERT INTO ranges VALUES (?, ?, ?)",
(addr_to_int(row[0]), addr_to_int(
row[1]), row[2]))
cur.execute("COMMIT")
cur.close()
con.commit()
except Exception, ex:
print "[x] something went wrong during ipcat database update ('%s')" % ex
_chown(IPCAT_CSV_FILE)
_chown(IPCAT_SQLITE_FILE)
def main():
try:
update_trails(force=True)
def _login(self, params):
valid = False
if params.get("username") and params.get("hash") and params.get(
"nonce"):
if params.get("nonce") not in DISPOSED_NONCES:
DISPOSED_NONCES.add(params.get("nonce"))
for entry in (config.USERS or []):
entry = re.sub(r"\s", "", entry)
username, stored_hash, uid, netfilter = entry.split(
':')
if username == params.get("username"):
try:
if params.get("hash") == hashlib.sha256(
stored_hash.strip() +
params.get("nonce")).hexdigest():
valid = True
break
except:
if config.SHOW_DEBUG:
traceback.print_exc()
if valid:
session_id = os.urandom(SESSION_ID_LENGTH).encode("hex")
expiration = time.time() + 3600 * SESSION_EXPIRATION_HOURS
self.send_response(httplib.OK)
self.send_header(HTTP_HEADER.CONNECTION, "close")
self.send_header(
HTTP_HEADER.SET_COOKIE,
"%s=%s; expires=%s; path=/; HttpOnly" %
(SESSION_COOKIE_NAME, session_id,
time.strftime(HTTP_TIME_FORMAT, time.gmtime(expiration))))
if netfilter in ("", "0.0.0.0/0"):
netfilters = None
else:
addresses = set()
netmasks = set()
for item in set(re.split(r"[;,]", netfilter)):
item = item.strip()
if '/' in item:
_ = item.split('/')[-1]
if _.isdigit() and int(_) >= 16:
lower = addr_to_int(item.split('/')[0])
mask = make_mask(int(_))
upper = lower | (0xffffffff ^ mask)
while lower <= upper:
addresses.add(int_to_addr(lower))
lower += 1
else:
netmasks.add(item)
elif '-' in item:
_ = item.split('-')
lower, upper = addr_to_int(_[0]), addr_to_int(_[1])
while lower <= upper:
addresses.add(int_to_addr(lower))
lower += 1
elif re.search(r"\d+\.\d+\.\d+\.\d+", item):
addresses.add(item)
netfilters = netmasks
if addresses:
netfilters.add(get_regex(addresses))
SESSIONS[session_id] = AttribDict({
"username":
username,
"uid":
uid,
"netfilters":
netfilters,
"expiration":
expiration,
"client_ip":
self.client_address[0]
})
else:
time.sleep(UNAUTHORIZED_SLEEP_TIME)
self.send_response(httplib.UNAUTHORIZED)
self.send_header(HTTP_HEADER.CONNECTION, "close")
self.send_header(HTTP_HEADER.CONTENT_TYPE, "text/plain")
content = "Login %s" % ("success" if valid else "failed")
if not subprocess.mswindows:
try:
subprocess.check_output(
"logger -p auth.info -t \"%s[%d]\" \"%s password for %s from %s port %s\""
% (NAME.lower(), os.getpid(), "Accepted"
if valid else "Failed", params.get("username"),
self.client_address[0], self.client_address[1]),
stderr=subprocess.STDOUT,
shell=True)
except Exception:
if config.SHOW_DEBUG:
traceback.print_exc()
return content
continue
if '/' in line:
trails[line] = (__info__, __reference__)
line = line.split('/')[0]
elif re.search(r"\A\d+\.\d+\.\d+\.\d+\Z", line):
trails[line] = (__info__, __reference__)
else:
trails[line.strip('.')] = (__info__, __reference__)
for match in re.finditer(r"(\d+\.\d+\.\d+\.\d+)/(\d+)", content):
prefix, mask = match.groups()
mask = int(mask)
if mask > 32:
continue
start_int = addr_to_int(prefix) & make_mask(mask)
end_int = start_int | ((1 << 32 - mask) - 1)
if 0 <= end_int - start_int <= 1024:
address = start_int
while start_int <= address <= end_int:
trails[int_to_addr(address)] = (__info__, __reference__)
address += 1
# basic cleanup
for key in trails.keys():
if key not in trails:
continue
if config.DISABLED_TRAILS_INFO_REGEX:
if re.search(config.DISABLED_TRAILS_INFO_REGEX, trails[key][0]):
del trails[key]
continue
def _events(self, params):
session = self.get_session()
if session is None:
self.send_response(httplib.UNAUTHORIZED)
self.send_header(HTTP_HEADER.CONNECTION, "close")
return None
start, end, size, total = None, None, -1, None
content = None
log_exists = False
dates = params.get("date", "")
if ".." in dates:
pass
elif '_' not in dates:
try:
date = datetime.datetime.strptime(
dates, "%Y-%m-%d").strftime("%Y-%m-%d")
event_log_path = os.path.join(config.LOG_DIR,
"%s.log" % date)
if os.path.exists(event_log_path):
range_handle = open(event_log_path, "rb")
log_exists = True
except ValueError:
print "[!] invalid date format in request"
log_exists = False
else:
logs_data = ""
date_interval = dates.split("_", 1)
try:
start_date = datetime.datetime.strptime(
date_interval[0], "%Y-%m-%d").date()
end_date = datetime.datetime.strptime(
date_interval[1], "%Y-%m-%d").date()
for i in xrange(int((end_date - start_date).days) + 1):
date = start_date + datetime.timedelta(i)
event_log_path = os.path.join(
config.LOG_DIR,
"%s.log" % date.strftime("%Y-%m-%d"))
if os.path.exists(event_log_path):
log_handle = open(event_log_path, "rb")
logs_data += log_handle.read()
log_handle.close()
range_handle = io.BytesIO(logs_data)
log_exists = True
except ValueError:
print "[!] invalid date format in request"
log_exists = False
if log_exists:
range_handle.seek(0, 2)
total = range_handle.tell()
range_handle.seek(0)
if self.headers.get(HTTP_HEADER.RANGE):
match = re.search(r"bytes=(\d+)-(\d+)",
self.headers[HTTP_HEADER.RANGE])
if match:
start, end = int(match.group(1)), int(match.group(2))
max_size = end - start + 1
end = min(total - 1, end)
size = end - start + 1
if start == 0 or not session.range_handle:
session.range_handle = range_handle
if session.netfilters is None:
session.range_handle.seek(start)
self.send_response(httplib.PARTIAL_CONTENT)
self.send_header(HTTP_HEADER.CONNECTION, "close")
self.send_header(HTTP_HEADER.CONTENT_TYPE,
"text/plain")
self.send_header(
HTTP_HEADER.CONTENT_RANGE,
"bytes %d-%d/%d" % (start, end, total))
content = session.range_handle.read(size)
else:
self.send_response(httplib.OK)
self.send_header(HTTP_HEADER.CONNECTION, "close")
self.send_header(HTTP_HEADER.CONTENT_TYPE,
"text/plain")
buffer, addresses, netmasks, regex = cStringIO.StringIO(
), set(), [], ""
for netfilter in session.netfilters:
if not netfilter:
continue
if '/' in netfilter:
netmasks.append(netfilter)
elif re.search(r"\A[\d.]+\Z", netfilter):
addresses.add(netfilter)
elif '\.' in netfilter:
regex = r"\b(%s)\b" % netfilter
else:
print "[!] invalid network filter '%s'" % netfilter
return
for line in session.range_handle:
display = False
ip = None
if regex:
match = re.search(regex, line)
if match:
ip = match.group(1)
display = True
if not display and (addresses or netmasks):
for match in re.finditer(
r"\b(\d+\.\d+\.\d+\.\d+)\b", line):
if not display:
ip = match.group(1)
else:
break
if ip in addresses:
display = True
break
elif netmasks:
for _ in netmasks:
prefix, mask = _.split('/')
if addr_to_int(ip) & make_mask(
int(mask)
) == addr_to_int(prefix):
addresses.add(ip)
display = True
break
if display:
if ",%s" % ip in line or "%s," % ip in line:
line = re.sub(
r" ([\d.,]+,)?%s(,[\d.,]+)? " %
re.escape(ip), " %s " % ip, line)
buffer.write(line)
if buffer.tell() >= max_size:
break
content = buffer.getvalue()
end = start + len(content) - 1
self.send_header(
HTTP_HEADER.CONTENT_RANGE, "bytes %d-%d/%d" %
(start, end, end + 1 + max_size *
(len(content) >= max_size)))
if len(content) < max_size:
session.range_handle.close()
session.range_handle = None
if size == -1:
self.send_response(httplib.OK)
self.send_header(HTTP_HEADER.CONNECTION, "close")
self.send_header(HTTP_HEADER.CONTENT_TYPE, "text/plain")
self.end_headers()
with range_handle as f:
while True:
data = f.read(io.DEFAULT_BUFFER_SIZE)
if not data:
break
else:
self.wfile.write(data)
else:
self.send_response(
httplib.OK
) # instead of httplib.NO_CONTENT (compatibility reasons)
self.send_header(HTTP_HEADER.CONNECTION, "close")
if self.headers.get(HTTP_HEADER.RANGE):
self.send_header(HTTP_HEADER.CONTENT_RANGE, "bytes 0-0/0")
return content
