Esempi in Python per expire_rate_limit

Esempio n. 1

File: grid_ftps.py Progetto: heromod/migrid

    def update_logins(self, username):
        """Update login DB"""

        # We don't have a handle_request for server so expire here instead
        
        if self.last_expire + self.min_expire_delay < time.time():
            self.last_expire = time.time()
            expired = expire_rate_limit(configuration, "ftps")
            logger.debug("expired rate limit entries: %s" % expired)

        # TODO: only refresh for username?

        daemon_conf = configuration.daemon_conf

        logger.debug("update user list")

        # automatic reload of users if more than refresh_delay seconds old
        refresh_delay = 5
        if daemon_conf['time_stamp'] + refresh_delay < time.time():
            daemon_conf = refresh_users(configuration, 'ftps')

        logger.debug("update usermap")
        usermap = {}
        for user_obj in daemon_conf['users']:
            if not usermap.has_key(user_obj.username):
                usermap[user_obj.username] = []
            usermap[user_obj.username].append(user_obj)
        self.users = usermap
        logger.info("updated usermap: %s" % self.users)
        logger.debug("update user_table")
        # Fill users in dictionary for fast lookup. We create a list of
        # matching User objects since each user may have multiple logins (e.g.
        # public keys)
        for (username, user_obj_list) in self.users.items():
            if self.has_user(username):
                self.remove_user(username)
            # We prefer last entry with password but fall back to any entry
            # to assure at least a hit
            user_obj = (user_obj_list + [i for i in user_obj_list \
                                         if i.password is not None])[-1]
            home_path = os.path.join(daemon_conf['root_dir'], user_obj.home)
            logger.debug("add user to user_table: %s" % user_obj)
            # The add_user format and perm string meaning is explained at:
            # http://code.google.com/p/pyftpdlib/wiki/Tutorial#2.2_-_Users
            self.add_user(username, user_obj.password,
                          home_path, perm='elradfmwM')
        logger.debug("updated user_table: %s" % self.user_table)

Esempio n. 2

File: grid_openid.py Progetto: heromod/migrid

def start_service(configuration):
    """Service launcher"""
    host = configuration.user_openid_address
    port = configuration.user_openid_port
    data_path = configuration.openid_store
    daemon_conf = configuration.daemon_conf
    nossl = daemon_conf['nossl']
    addr = (host, port)
    # TODO: is this threaded version robust enough (thread safety)?
    #OpenIDServer = OpenIDHTTPServer
    OpenIDServer = ThreadedOpenIDHTTPServer
    httpserver = OpenIDServer(addr, ServerHandler)

    # Instantiate OpenID consumer store and OpenID consumer.  If you
    # were connecting to a database, you would create the database
    # connection and instantiate an appropriate store here.
    store = FileOpenIDStore(data_path)
    oidserver = server.Server(store, httpserver.base_url + 'openidserver')

    httpserver.setOpenIDServer(oidserver)

    # Wrap in SSL if enabled
    if nossl:
        logger.warning('Not wrapping connections in SSL - only for testing!')
    else:
        cert_path = configuration.user_openid_key
        if not os.path.isfile(cert_path):
            logger.error('No such server key: %s' % cert_path)
            sys.exit(1)
        logger.info('Wrapping connections in SSL')
        httpserver.socket = ssl.wrap_socket(httpserver.socket,
                                            certfile=cert_path,
                                            server_side=True)
        
    print 'Server running at:'
    print httpserver.base_url
    min_expire_delay = 300
    last_expire = time.time()
    while True:
        httpserver.handle_request()
        if last_expire + min_expire_delay < time.time():
            last_expire = time.time()
            expired = expire_rate_limit(configuration, "openid")
            logger.debug("expired: %s" % expired)

Esempio n. 3

File: grid_davs.py Progetto: heromod/migrid

def run(configuration):
    """SSL wrap HTTP server for secure DAV access"""

    handler = MiGDAVAuthHandler

    # Force AuthRequestHandler to HTTP/1.1 to allow persistent connections

    handler.protocol_version = 'HTTP/1.1'

    # Extract server address for daemon and DAV URIs

    host = configuration.user_davs_address.strip()
    port = configuration.user_davs_port

    # Pass conf options to DAV handler in required object format.
    # Server accepts empty address to mean all available IPs but URIs need
    # a real FQDN

    dav_conf_dict = configuration.dav_cfg
    if host:
        dav_conf_dict['host'] = host
    else:
        from socket import getfqdn
        dav_conf_dict['host'] = getfqdn()        
    dav_conf_dict['port'] = port
    dav_conf = setup_dummy_config(**dav_conf_dict)
    # inject options
    handler.server_conf = configuration
    handler._config = dav_conf

    server = ThreadedHTTPServer

    directory = dav_conf_dict['directory'].strip().rstrip('/')
    verbose = dav_conf.DAV.getboolean('verbose')
    noauth = dav_conf.DAV.getboolean('noauth')
    nossl = dav_conf.DAV.getboolean('nossl')

    if not os.path.isdir(directory):
        logger.error('%s is not a valid directory!' % directory)
        return sys.exit(233)

    # basic checks against wrong hosts
    if host.find('/') != -1 or host.find(':') != -1:
        logger.error('Malformed host %s' % host)
        return sys.exit(233)

    # no root directory
    if directory == '/':
        logger.error('Root directory not allowed!')
        sys.exit(233)

    # put some extra vars
    handler.verbose = verbose
    if noauth:
        logger.warning('Authentication disabled!')
        handler.DO_AUTH = False

    logger.info('Serving data from %s' % directory)

    init_filesystem_handler(handler, directory, host, port, verbose)

    # initialize server on specified address and port
    runner = server((host, port), handler)

    # Wrap in SSL if enabled
    if nossl:
        logger.warning('Not wrapping connections in SSL - only for testing!')
    else:
        cert_path = configuration.user_davs_key
        if not os.path.isfile(cert_path):
            logger.error('No such server key: %s' % cert_path)
            sys.exit(1)
        logger.info('Wrapping connections in SSL')
        runner.socket = ssl.wrap_socket(runner.socket,
                                        certfile=cert_path,
                                        server_side=True)
        
    print('Listening on %s (%i)' % (host, port))

    min_expire_delay = 300
    last_expire = time.time()
    try:
        while True:
            runner.handle_request()
            if last_expire + min_expire_delay < time.time():
                last_expire = time.time()
                expired = expire_rate_limit(configuration, "davs")
                logger.debug("Expired rate limit entries: %s" % expired)
    except KeyboardInterrupt:
        # forward KeyboardInterrupt to main thread
        raise

Esempio n. 4

File: grid_sftp.py Progetto: heromod/migrid

        # automatic reload of users if more than refresh_delay seconds old
        refresh_delay = 5
        if daemon_conf['time_stamp'] + refresh_delay < time.time():
            daemon_conf = refresh_users(configuration, 'sftp')
        daemon_conf = refresh_jobs(configuration, 'sftp')
        logger.info("Handling session from %s %s" % (client, addr))
        worker = threading.Thread(target=accept_client,
                                  args=[client, addr, daemon_conf['root_dir'],
                                        daemon_conf['users'],
                                        daemon_conf['jobs'],
                                        daemon_conf['host_rsa_key'],
                                        daemon_conf,])
        worker.start()
        if last_expire + min_expire_delay < time.time():
            last_expire = time.time()
            expired = expire_rate_limit(configuration, "sftp-*")
            logger.debug("Expired rate limit entries: %s" % expired)
        


if __name__ == "__main__":
    configuration = get_configuration_object()

    # Use separate logger

    logger = daemon_logger("sftp", configuration.user_sftp_log, "info")
    
    # Allow configuration overrides on command line
    if sys.argv[1:]:
        configuration.user_sftp_address = sys.argv[1]
    if sys.argv[2:]:

Esempio n. 5

File: grid_webdavs.py Progetto: heromod/migrid

 def _expire_rate_limit(self):
     """Expire old entries in the rate limit dictionary"""
     expired = expire_rate_limit(configuration, "davs")
     logger.debug("Expired rate limit entries: %s" % expired)