def _is_addrinfo_allowed(self, host, port, **kwargs): validator = permissive_validator(**kwargs) allowed = False for res in advocate_getaddrinfo(host, port): if validator.is_addrinfo_allowed(res): allowed = True return allowed
def canonname_supported(): """Check if the nameserver supports the AI_CANONNAME flag travis-ci.org's Python 3 env doesn't seem to support it, so don't try any of the test that rely on it. """ addrinfo = advocate_getaddrinfo("example.com", 0, get_canonname=True) assert addrinfo return addrinfo[0][3] == b"example.com"
def _is_hostname_allowed(self, host, fake_lookup=False, **kwargs): validator = permissive_validator(**kwargs) if fake_lookup: results = [(2, 1, 6, canonicalize_hostname(host).encode("utf8"), ('1.2.3.4', 80))] else: results = advocate_getaddrinfo(host, 80, get_canonname=True) for res in results: if validator.is_addrinfo_allowed(res): return True return False
def test_unexpected_proto(self): # What if addrinfo returns info about a protocol we don't understand? vl = permissive_validator() addrinfo = list(advocate_getaddrinfo("example.com", 80)[0]) addrinfo[4] = addrinfo[4] + (1, ) self.assertRaises(Exception, lambda: vl.is_addrinfo_allowed(addrinfo))
def test_malformed_addrinfo(self): # Alright, the addrinfo format is probably never going to change, # but *what if it did?* vl = permissive_validator() addrinfo = advocate_getaddrinfo("example.com", 80)[0] + (1, ) self.assertRaises(Exception, lambda: vl.is_addrinfo_allowed(addrinfo))
def _is_hostname_allowed(self, host, **kwargs): validator = permissive_validator(**kwargs) for res in advocate_getaddrinfo(host, 80, get_canonname=True): if validator.is_addrinfo_allowed(res): return True return False