def fetch(): retval = {} content = retrieve_content(__url__) if __check__ in content: for match in re.finditer(r"([\d.]+)/(\d+)", content): prefix, mask = match.groups() start_int = addr_to_int(prefix) & make_mask(int(mask)) end_int = start_int | ((1 << 32 - int(mask)) - 1) for address in xrange(start_int, end_int + 1): retval[int_to_addr(address)] = (__info__, __reference__) return retval
def fetch(): retval = {} content = retrieve_content(__url__) if __check__ in content: for match in re.finditer(r"(\d+\.\d+\.\d+\.\d+)/(\d+)", content): prefix, mask = match.groups() mask = int(mask) if MIN_BLACKLIST_MASK <= mask <= MAX_BLACKLIST_MASK: start_int = addr_to_int(prefix) & make_mask(mask) end_int = start_int | ((1 << 32 - mask) - 1) for address in xrange(start_int, end_int + 1): retval[int_to_addr(address)] = (__info__, __reference__) return retval
def fetch(): retval = {} content = retrieve_content(__url__) if __check__ in content: for match in re.finditer(r"(\d+\.\d+\.\d+\.\d+)/(\d+)", content): prefix, mask = match.groups() mask = int(mask) start_int = addr_to_int(prefix) & make_mask(mask) end_int = start_int | ((1 << 32 - mask) - 1) if 0 <= end_int - start_int <= 1024: address = start_int while start_int <= address <= end_int: retval[int_to_addr(address)] = (__info__, __reference__) address += 1 return retval
def _login(self, params): valid = False if params.get("username") and params.get("password"): for entry in (config.USERS or []): entry = re.sub(r"\s", "", entry) username, stored_hash, uid, netfilter = entry.split(':') hash_parts = stored_hash.split('$') if username == params.get("username"): try: if (pbkdf2(params.get("password"), hash_parts[1].decode("hex"), int(hash_parts[2])).encode("hex") == hash_parts[3]): valid = True break except: if config.SHOW_DEBUG: traceback.print_exc() if valid: session_id = os.urandom(SESSION_ID_LENGTH).encode("hex") expiration = time.time() + 3600 * SESSION_EXPIRATION_HOURS self.send_response(httplib.OK) self.send_header("Connection", "close") self.send_header("Set-Cookie", "session=%s; expires=%s; path=/; HttpOnly" % (session_id, time.strftime(HTTP_TIME_FORMAT, time.gmtime(expiration)))) if netfilter in ("", "0.0.0.0/0"): netfilters = None else: addresses = set() netmasks = set() for item in set(re.split(r"[;,]", netfilter)): item = item.strip() if '/' in item: _ = item.split('/')[-1] if _.isdigit() and int(_) >= 16: lower = addr_to_int(item.split('/')[0]) mask = make_mask(int(_)) upper = lower | (0xffffffff ^ mask) while lower <= upper: addresses.add(int_to_addr(lower)) lower += 1 else: netmasks.add(item) elif '-' in item: _ = item.split('-') lower, upper = addr_to_int(_[0]), addr_to_int(_[1]) while lower <= upper: addresses.add(int_to_addr(lower)) lower += 1 elif re.search(r"\d+\.\d+\.\d+\.\d+", item): addresses.add(item) netfilters = netmasks if addresses: netfilters.add(get_regex(addresses)) SESSIONS[session_id] = AttribDict({"username": username, "uid": uid, "netfilters": netfilters, "expiration": expiration}) else: time.sleep(UNAUTHORIZED_SLEEP_TIME) self.send_response(httplib.UNAUTHORIZED) self.send_header("Connection", "close") self.send_header("Content-Type", "text/plain") content = "Login %s" % ("success" if valid else "failed") try: subprocess.check_output("logger -p auth.info -t \"%s[%d]\" \"%s password for %s from %s port %s\"" % (NAME.lower(), os.getpid(), "Accepted" if valid else "Failed", params.get("username"), self.client_address[0], self.client_address[1]), stderr=subprocess.STDOUT, shell=True) except Exception: if config.SHOW_DEBUG: traceback.print_exc() return content
def _login(self, params): valid = False if params.get("username") and params.get("password"): for entry in (config.USERS or []): entry = re.sub(r"\s", "", entry) username, stored_hash, uid, netfilter = entry.split(':') hash_parts = stored_hash.split('$') if username == params.get("username"): try: if (pbkdf2(params.get("password"), hash_parts[1].decode("hex"), int(hash_parts[2])).encode("hex") == hash_parts[3]): valid = True break except: if DEBUG: traceback.print_exc() if valid: session_id = os.urandom(SESSION_ID_LENGTH).encode("hex") expiration = time.time() + 3600 * SESSION_EXPIRATION_HOURS self.send_response(httplib.OK) self.send_header("Connection", "close") self.send_header( "Set-Cookie", "session=%s; expires=%s; path=/; HttpOnly" % (session_id, time.strftime(HTTP_TIME_FORMAT, time.gmtime(expiration)))) if netfilter in ("", "0.0.0.0/0"): netfilters = None else: netfilters = set(re.split(r"[;,]", netfilter)) for netfilter in set(netfilters): netfilter = netfilter.strip() if '/' in netfilter: _ = netfilter.split('/')[-1] if _.isdigit() and int(_) >= 20: lower = addr_to_int(netfilter.split('/')[0]) mask = make_mask(int(_)) upper = lower | (0xffffffff ^ mask) while lower <= upper: netfilters.add(int_to_addr(lower)) lower += 1 netfilters.remove(netfilter) elif '-' in netfilter: _ = netfilter.split('-') lower, upper = addr_to_int(_[0]), addr_to_int(_[1]) while lower <= upper: netfilters.add(int_to_addr(lower)) lower += 1 netfilters.remove(netfilter) elif not netfilter: netfilters.remove(netfilter) SESSIONS[session_id] = AttribDict({ "username": username, "uid": uid, "netfilters": netfilters, "expiration": expiration }) else: time.sleep(UNAUTHORIZED_SLEEP_TIME) self.send_response(httplib.UNAUTHORIZED) self.send_header("Connection", "close") self.send_header("Content-Type", "text/plain") content = "Login %s" % ("success" if valid else "failed") return content
def _login(self, params): valid = False if params.get("username") and params.get("password"): for entry in (config.USERS or []): entry = re.sub(r"\s", "", entry) username, stored_hash, uid, netfilter = entry.split(':') hash_parts = stored_hash.split('$') if username == params.get("username"): try: if (pbkdf2(params.get("password"), hash_parts[1].decode("hex"), int(hash_parts[2])).encode("hex") == hash_parts[3]): valid = True break except: if DEBUG: traceback.print_exc() if valid: session_id = os.urandom(SESSION_ID_LENGTH).encode("hex") expiration = time.time() + 3600 * SESSION_EXPIRATION_HOURS self.send_response(httplib.OK) self.send_header("Connection", "close") self.send_header("Set-Cookie", "session=%s; expires=%s; path=/; HttpOnly" % (session_id, time.strftime(HTTP_TIME_FORMAT, time.gmtime(expiration)))) if netfilter in ("", "0.0.0.0/0"): netfilters = None else: netfilters = set(re.split(r"[;,]", netfilter)) for netfilter in set(netfilters): netfilter = netfilter.strip() if '/' in netfilter: _ = netfilter.split('/')[-1] if _.isdigit() and int(_) >= 20: lower = addr_to_int(netfilter.split('/')[0]) mask = make_mask(int(_)) upper = lower | (0xffffffff ^ mask) while lower <= upper: netfilters.add(int_to_addr(lower)) lower += 1 netfilters.remove(netfilter) elif '-' in netfilter: _ = netfilter.split('-') lower, upper = addr_to_int(_[0]), addr_to_int(_[1]) while lower <= upper: netfilters.add(int_to_addr(lower)) lower += 1 netfilters.remove(netfilter) elif not netfilter: netfilters.remove(netfilter) SESSIONS[session_id] = AttribDict({"username": username, "uid": uid, "netfilters": netfilters, "expiration": expiration}) else: time.sleep(UNAUTHORIZED_SLEEP_TIME) self.send_response(httplib.UNAUTHORIZED) self.send_header("Connection", "close") self.send_header("Content-Type", "text/plain") content = "Login %s" % ("success" if valid else "failed") return content
def _login(self, params): valid = False if params.get("username") and params.get("password"): for entry in (config.USERS or []): entry = re.sub(r"\s", "", entry) username, stored_hash, uid, netfilter = entry.split(':') hash_parts = stored_hash.split('$') if username == params.get("username"): try: if (pbkdf2(params.get("password"), hash_parts[1].decode("hex"), int(hash_parts[2])).encode("hex") == hash_parts[3]): valid = True break except: if config.SHOW_DEBUG: traceback.print_exc() if valid: session_id = os.urandom(SESSION_ID_LENGTH).encode("hex") expiration = time.time() + 3600 * SESSION_EXPIRATION_HOURS self.send_response(httplib.OK) self.send_header("Connection", "close") self.send_header( "Set-Cookie", "session=%s; expires=%s; path=/; HttpOnly" % (session_id, time.strftime(HTTP_TIME_FORMAT, time.gmtime(expiration)))) if netfilter in ("", "0.0.0.0/0"): netfilters = None else: addresses = set() netmasks = set() for item in set(re.split(r"[;,]", netfilter)): item = item.strip() if '/' in item: _ = item.split('/')[-1] if _.isdigit() and int(_) >= 16: lower = addr_to_int(item.split('/')[0]) mask = make_mask(int(_)) upper = lower | (0xffffffff ^ mask) while lower <= upper: addresses.add(int_to_addr(lower)) lower += 1 else: netmasks.add(item) elif '-' in item: _ = item.split('-') lower, upper = addr_to_int(_[0]), addr_to_int(_[1]) while lower <= upper: addresses.add(int_to_addr(lower)) lower += 1 elif re.search(r"\d+\.\d+\.\d+\.\d+", item): addresses.add(item) netfilters = netmasks if addresses: netfilters.add(get_regex(addresses)) SESSIONS[session_id] = AttribDict({ "username": username, "uid": uid, "netfilters": netfilters, "expiration": expiration }) else: time.sleep(UNAUTHORIZED_SLEEP_TIME) self.send_response(httplib.UNAUTHORIZED) self.send_header("Connection", "close") self.send_header("Content-Type", "text/plain") content = "Login %s" % ("success" if valid else "failed") if not subprocess.mswindows: try: subprocess.check_output( "logger -p auth.info -t \"%s[%d]\" \"%s password for %s from %s port %s\"" % (NAME.lower(), os.getpid(), "Accepted" if valid else "Failed", params.get("username"), self.client_address[0], self.client_address[1]), stderr=subprocess.STDOUT, shell=True) except Exception: if config.SHOW_DEBUG: traceback.print_exc() return content