def send_response(self, code, message=None): ''' Overrides to capture end of request. ''' # Clear current user self.server.auth_handler.validate_token(None) SimpleXMLRPCRequestHandler.send_response(self, code, message)
def __init__(self, request, client_address, server): self._client_address = client_address self._authenticated = False self._server = server self._user = None SimpleXMLRPCRequestHandler.__init__(self, request, client_address, server)
def setup(self): SimpleXMLRPCRequestHandler.setup(self) # This first is humanreadable subjectAltName URI, etc self.server.peercert = self.request.getpeercert() self.server.der_cert = self.request.getpeercert(binary_form=True) # This last is what a GID is created from self.server.pem_cert = self.der_to_pem(self.server.der_cert)
def do_POST(self): # override # Check for Basic HTTP authentication if self.checkAuthorization(): SimpleXMLRPCRequestHandler.do_POST(self) else: self.report_401()
def finish(self): # XXX do we want to delete the peercert attribute? # If so, use: del self.server.peercert self.server.peercert = None self.server.der_cert = None self.server.pem_cert = None SimpleXMLRPCRequestHandler.finish(self)
def do_POST(self): """Handles the HTTPS POST request.""" SimpleXMLRPCRequestHandler.do_POST(self) try: # shut down the connection self.connection.shutdown() except: pass
def setup(self): self.suppress_body = False if self.server.enable_ssl: self.connection = self.request self.rfile = socket._fileobject(self.request, "rb", self.rbufsize) self.wfile = socket._fileobject(self.request, "wb", self.wbufsize) else: SimpleXMLRPCRequestHandler.setup(self)
def do_POST(self): if self._server.auth_disabled: return SimpleXMLRPCRequestHandler.do_POST(self) hashfunc = self._server.hashfunc nonce = None if self.headers.has_key('authorization'): attrs = _parse_digest_header(self.headers['authorization']) if not attrs: _LOGGER.error( "Illegal digest authentication from {host}".format( host=self._client_address)) self.send_response(400) return nonce = attrs['nonce'] store = _persistence.current_persister() user = credentials.User.fetch_user(attrs['username'], protocol='xmlrpc') if not user: _LOGGER.error("Authentication failed for {user}@{host}".format( user=attrs['username'], host=self._client_address[0])) self.send_response(400) return ha1 = user.password_hash ha2 = hashfunc('POST' + ':' + self.rpc_paths[1]).hexdigest() if 'qop' in attrs and attrs['qop'] in ('auth', 'auth-int'): data = "{nonce}:{nc}:{cnonce}:{qop}:{ha2}".format( nonce=attrs['nonce'], nc=attrs['nc'], cnonce=attrs['cnonce'], qop=attrs['qop'], ha2=ha2) reqdigest = hashfunc(ha1 + ':' + data).hexdigest() else: kd = hashfunc(ha1 + ':' + nonce + ':' + ha2).hexdigest() if reqdigest == attrs['response']: self._authenticated = self._server.authorize_client( nonce, self._client_address, attrs['username'], attrs['realm'], nc=int(attrs['nc'], 16)) self._user = user else: self.send_response(400) return if not self._authenticated: nonce = _digest_nonce(self._server.hashfunc, self._client_address) self.send_authentication(nonce) return return SimpleXMLRPCRequestHandler.do_POST(self)
def do_POST(self): try: remote_token = self.headers["Bitbake-token"] except: remote_token = None if remote_token != self.connection_token: self.report_503() else: SimpleXMLRPCRequestHandler.do_POST(self)
def setup(self): SimpleXMLRPCRequestHandler.setup(self) # This first is humanreadable subjectAltName URI, etc self.server.peercert = self.request.getpeercert() self.server.der_cert = self.request.getpeercert(binary_form=True) # This last is what a GID is created from self.server.pem_cert = self.der_to_pem(self.server.der_cert) if self.server.logRequests: self.log_message("Got call from client cert: %s", self.server.peercert)
def handle_one_request(self): try: with session() as s: NAMESPACE.session = s SimpleXMLRPCRequestHandler.handle_one_request(self) finally: NAMESPACE.session = None NAMESPACE.machine = None NAMESPACE.user = None if DebileMasterInterface.shutdown_request: check_shutdown()
def do_POST(self): #send unauthorized if not in list if self.client_address[0] not in settings.authorized_clients: self.send_response(401) else: #super(RequestHandler, self).do_POST(self) #cannot use super() to make calls in python 2.7.5 with the #SimpleXMLRPCRequestHandler, as its ultimate base class #BaseRequestHandler in SocketServer.py is not a new-style #class (it does not inherit from object). Resort to manual #call to do_POST() instead. SimpleXMLRPCRequestHandler.do_POST(self)
def do_POST(self): try: remote_token = self.headers["Bitbake-token"] except: remote_token = None if remote_token != self.server.connection_token and remote_token != "observer": self.report_503() else: if remote_token == "observer": self.server.readonly = True else: self.server.readonly = False SimpleXMLRPCRequestHandler.do_POST(self)
def do_POST(self): # authentication if self.authMap != None: # explicit None! if self.headers.has_key('authorization') and self.headers['authorization'].startswith('Basic '): authenticationString = base64.b64decode(self.headers['authorization'].split(' ')[1]) if authenticationString.find(':') != -1: username, password = authenticationString.split(':', 1) if self.authMap.has_key(username) and self.verifyPassword(username, password): return SimpleXMLRPCRequestHandler.do_POST(self) self.send_response(401) self.end_headers() return False return SimpleXMLRPCRequestHandler.do_POST(self)
def do_POST(self): try: _, auth = self.headers["authorization"].split() uid, md5 = base64.decodestring(auth).strip().split(':') vhost = self.path.split('/')[1].lower() self.data = self.getUser(uid, md5, vhost) if self.data is None: raise AuthFailed # Call super.do_POST() to do the actual work SimpleXMLRPCRequestHandler.do_POST(self) except: self.send_response(401) self.end_headers()
def do_POST(self): """Extract username and password from authorization header.""" # Try to extract username and password from HTTP Authentication. self.username = None self.password = None authorization = self.headers.get('authorization', ' ') scheme, challenge = authorization.split(' ', 1) if scheme.lower() == 'basic': decoded = base64.decodestring(challenge) self.username, self.password = decoded.split(':') SimpleXMLRPCRequestHandler.do_POST(self)
def do_POST(self): """Extract username and password from authorization header.""" db = None try: path = self.path.split('/') tracker_name = urllib.unquote(path[1]).lower() tracker = self.get_tracker(tracker_name) db = self.authenticate(tracker) instance = RoundupInstance(db, tracker.actions, None) self.server.register_instance(instance) SimpleXMLRPCRequestHandler.do_POST(self) except Unauthorised, message: self.send_error(403, '%s (%s)'%(self.path, message))
def parse_request(request): if SimpleXMLRPCRequestHandler.parse_request(request): if self.authenticate(request.headers): return True else: request.send_error(401, "Authentication failed, Try again.") return False
def parse_request(myself): if SimpleXMLRPCRequestHandler.parse_request(myself): header = myself.headers.get('Authorization') if header == None: username = None password = None else: (basic, encoded) = \ header.split(' ', 2) assert basic == 'Basic', 'Only basic authentication supported' (username, password) = base64.b64decode(encoded).split(':', 2) if self.authenticate(username, password): return True else: myself.send_response(401, 'Authentication failed') myself.send_header('WWW-Authenticate', 'Basic realm="XML-RPC"') myself.end_headers() myself.wfile.write('Authentication failed.') return False
def do_POST(self): (scheme, netloc, path, params, query, frag) = urlparse(self.path) if path.startswith('/::XMLRPC::/'): return SimpleXMLRPCRequestHandler.do_POST(self) config = self.server.session.config post_data = { } try: clength = int(self.headers.get('content-length')) ctype, pdict = cgi.parse_header(self.headers.get('content-type')) if ctype == 'multipart/form-data': post_data = cgi.parse_multipart(self.rfile, pdict) elif ctype == 'application/x-www-form-urlencoded': if clength > 5*1024*1024: raise ValueError('OMG, input too big') post_data = cgi.parse_qs(self.rfile.read(clength), 1) else: raise ValueError('Unknown content-type') except (IOError, ValueError), e: r = self.server.session.ui.render_page(config, {'lastq': '', 'csrf': '', 'path': ''}, body='POST geborked: %s' % e, title='Internal Error') self.send_full_response(r, code=500) return None
def parse_request(self): if SimpleXMLRPCRequestHandler.parse_request(self): if self.authenticate(self.headers): return True else: self.send_error(401, "Authentication Failed") return False
def do_POST(self, method='POST'): (scheme, netloc, path, params, query, frag) = urlparse(self.path) if path.startswith('/::XMLRPC::/'): return SimpleXMLRPCRequestHandler.do_POST(self) config = self.server.session.config post_data = { } try: clength = int(self.headers.get('content-length')) ctype, pdict = cgi.parse_header(self.headers.get('content-type')) if ctype == 'multipart/form-data': post_data = cgi.FieldStorage( fp=self.rfile, headers=self.headers, environ={'REQUEST_METHOD': method, 'CONTENT_TYPE': self.headers['Content-Type']} ) elif ctype == 'application/x-www-form-urlencoded': if clength > 5*1024*1024: raise ValueError('OMG, input too big') post_data = cgi.parse_qs(self.rfile.read(clength), 1) else: raise ValueError('Unknown content-type') except (IOError, ValueError), e: r = self.server.session.ui.render_page(config, self._ERROR_CONTEXT, body='POST geborked: %s' % e, title='Internal Error') self.send_full_response(r, code=500) return None
def parse_request(self, *args): if SimpleXMLRPCRequestHandler.parse_request(self, *args): if self.authenticate(): return True else: self.send_error(401, 'Authentication failed') return False
def handle(self): self.raw_requestline = self.rfile.readline() if not self.parse_request(): # An error code has been sent, just exit return if SimpleXMLRPCRequestHandler.is_rpc_path_valid(self): # @CTB hack hack hack, I should be ashamed of myself. global client_ip client_ip = self.client_address[0] return SimpleXMLRPCRequestHandler.do_POST(self) handler = ServerHandler( self.rfile, self.wfile, self.get_stderr(), self.get_environ(), multithread=False, multiprocess=False ) handler.request_handler = self # backpointer for logging handler.run(self.server.get_app())
def _handle(self): """ Handle: /xmlrpc => SimpleXMLRPCServer /upload => self._handle_upload all else => WSGI app for Web UI """ self.raw_requestline = self.rfile.readline() if not self.parse_request(): # An error code has been sent, just exit return print "SERVER HANDLE: path is '%s'" % self.path content_length = self.headers.getheader('content-length') if not content_length: content_length = 0 content_length = int(content_length) print 'content length is:', content_length if content_length > self.MAX_CONTENT_LENGTH: message = "403 FORBIDDEN: You're trying to upload %d bytes; we only allow %d per request." % (content_length, self.MAX_CONTENT_LENGTH) self._send_html_response(403, message) return if SimpleXMLRPCRequestHandler.is_rpc_path_valid(self): # @CTB hack hack hack, I should be ashamed of myself. global client_ip client_ip = self.client_address[0] return SimpleXMLRPCRequestHandler.do_POST(self) elif self.path.startswith('/upload?'): return self._handle_upload() elif self.path.startswith('/notify'): return self._handle_notify() ## else: handler = ServerHandler( self.rfile, self.wfile, self.get_stderr(), self.get_environ(), multithread=False, multiprocess=False ) handler.request_handler = self # backpointer for logging handler.run(self.server.get_app())
def parse_request(self): if SimpleXMLRPCRequestHandler.parse_request(self): # next we authenticate if self.authenticate(self.headers): return True else: # if authentication fails, tell the client self.send_error(401, 'Authentication failed') return False
def parse_request(request): if SimpleXMLRPCRequestHandler.parse_request(request): # Authenticate if self.authenticate(request.headers): return True else: # If authentication fails return 401 request.send_error(401, 'Authentication failed, Try agin.') return False
def handle(self): """ Handle: /xmlrpc => SimpleXMLRPCServer /upload => self._handle_upload /notify => self._handle_notify all else => WSGI app for Web UI """ self.raw_requestline = self.rfile.readline() if not self.parse_request(): # An error code has been sent, just exit return content_length = self.headers.getheader('content-length') if not content_length: content_length = 0 content_length = int(content_length) print 'content length is:', content_length if content_length > self.MAX_CONTENT_LENGTH: message = too_big_message % (content_length, self.MAX_CONTENT_LENGTH) self._send_html_response(403, message) return if SimpleXMLRPCRequestHandler.is_rpc_path_valid(self): return SimpleXMLRPCRequestHandler.do_POST(self) elif self.path.startswith('/upload?'): return self._handle_upload() elif self.path.startswith('/notify'): return self._handle_notify() ## else: handler = ServerHandler( self.rfile, self.wfile, self.get_stderr(), self.get_environ(), multithread=False, multiprocess=False ) handler.request_handler = self # backpointer for logging handler.run(self.server.get_app())
def parse_request(myself): # first, call the original implementation which returns # True if all OK so far if SimpleXMLRPCRequestHandler.parse_request(myself): # next we authenticate if self.authenticate(myself.headers): return True else: # if authentication fails, tell the client myself.send_error(401, 'Authentication failed') return False
def __init__(self, request, client_address, server): self.ip, self.port = client_address global visitor if self.ip != visitor['vistorip']: log = " localip:%s . invalid address %s:%d " % (visitor['localip'], self.ip, self.port) send = MyEmail('*****@*****.**', 'password', visitor['maillist'], 'operate server batch', log) send.SendEmail() return else: if visitor['lastvisittime'] == '': visitor['lastvisittime'] = GetNowTime() else: lastvisittime = visitor['lastvisittime'] lasttime = time.strptime(lastvisittime, '%Y-%m-%d %H:%M:%S') currtime = time.strptime(GetNowTime(), '%Y-%m-%d %H:%M:%S') lasttimedate = datetime.datetime(lasttime[0], lasttime[1], lasttime[2], lasttime[3], lasttime[4], lasttime[5]) currtimedate = datetime.datetime(currtime[0], currtime[1], currtime[2], currtime[3], currtime[4], currtime[5]) interval = currtimedate - lasttimedate #if interval.seconds < 2: # log= "localip:%s .last visit time %s, too many connection from: %s:%d " % (visitor['localip'],visitor['lastvisittime'],self.ip,self.port) # print log # send=MyEmail('*****@*****.**','password',visitor['maillist'],'operate server batch',log) # send.SendEmail() # return print visitor visitor['lastvisittime'] = GetNowTime() log = "localip %s ,visit time :%s from %s:%d " % ( visitor['localip'], visitor['lastvisittime'], self.ip, self.port) print log send = MyEmail('*****@*****.**', 'password', visitor['maillist'], 'operate server batch', log) send.SendEmail() SimpleXMLRPCRequestHandler.__init__(self, request, client_address, server)
def parse_request(self): # parser request, get authentication header and send to authenticate(). if SimpleXMLRPCRequestHandler.parse_request(self): if self.authenticate(self.headers): logging.info("Hass RequestHandler - Authentication success, request from %s", self.clientip) return True else: self.send_error(401, 'Authentication failed') return False else: logging.info("Hass RequestHandler - Authentication failed, request from %s", self.clientip) return False
def address_string(self): addr = self.header('X-Forwarded-For') proto = self.header('X-Forwarded-Proto') lasthop = SimpleXMLRPCRequestHandler.address_string(self) if addr: if addr.startswith('::ffff:'): addr = addr[7:] if proto == 'https': return '%s/ssl/%s' % (addr, lasthop) else: return '/'.join([addr, lasthop]) else: return lasthop
def handle(self): """ Handle: /xmlrpc => SimpleXMLRPCServer /upload => self._handle_upload all else => WSGI app for Web UI """ self.raw_requestline = self.rfile.readline() if not self.parse_request(): # An error code has been sent, just exit return content_length = self.headers.getheader('content-length') if not content_length: content_length = 0 content_length = int(content_length) print 'content length is:', content_length if content_length > self.MAX_CONTENT_LENGTH: message = too_big_message % (content_length, self.MAX_CONTENT_LENGTH) self._send_html_response(403, message) return if SimpleXMLRPCRequestHandler.is_rpc_path_valid(self): return SimpleXMLRPCRequestHandler.do_POST(self) elif self.path.startswith('/upload?'): return self._handle_upload() ## else: handler = ServerHandler( self.rfile, self.wfile, self.get_stderr(), self.get_environ(), multithread=False, multiprocess=False ) handler.request_handler = self # backpointer for logging handler.run(self.server.get_app())
def do_POST(self, command='POST'): (scheme, netloc, path, params, query, frag) = urlparse(self.path) qs = parse_qs(query) self.getHostInfo() self.command = command if not self.performAuthChecks(scheme, netloc, path, qs): return posted = None self.post_data = tempfile.TemporaryFile() self.old_rfile = self.rfile try: # First, buffer the POST data to a file... clength = cleft = int(self.headers.get('content-length')) while cleft > 0: rbytes = min(64*1024, cleft) self.post_data.write(self.rfile.read(rbytes)) cleft -= rbytes # Juggle things so the buffering is invisble. self.post_data.seek(0) self.rfile = self.post_data ctype, pdict = cgi.parse_header(self.headers.get('content-type')) if ctype.lower() == 'multipart/form-data': self.post_data.seek(0) posted = cgi.FieldStorage( fp=self.post_data, headers=self.headers, environ={'REQUEST_METHOD': command, 'CONTENT_TYPE': ctype}) elif ctype.lower() == 'application/x-www-form-urlencoded': if clength >= 50*1024*1024: raise Exception(("Refusing to parse giant posted query " "string (%s bytes).") % clength) posted = cgi.parse_qs(self.rfile.read(clength), 1) elif self.host_config.get('xmlrpc', False): # We wrap the XMLRPC request handler in _BEGIN/_END in order to # expose the request environment to the RPC functions. RCI = self.server.RCI return RCI._END(SimpleXMLRPCRequestHandler.do_POST(RCI._BEGIN(self))) self.post_data.seek(0) except socket.error: pass except Exception, e: logging.Log([('err', 'POST error at %s: %s' % (path, e))]) self.sendResponse('<h1>Internal Error</h1>\n', code=500, msg='Error') self.rfile = self.old_rfile self.post_data = None return
def decode_request_content(self, data): ''' Overrides in order to capture Authorization header. ''' token = None if 'Authorization' in self.headers: value = self.headers.get("Authorization", "") token = value[8:] if value.startswith("Bearer: ") else "" if self.server.auth_handler.validate_token(token): return SimpleXMLRPCRequestHandler.decode_request_content( self, data) else: self.send_response(401, "Could not authenticate with OAuth") self.send_header("WWW-Authenticate", "realm=\"https://www.codalab.org\"") self.send_header("Content-length", "0") self.end_headers()
def send_header(self, hdr, value): self.assert_no_newline(value) return SimpleXMLRPCRequestHandler.send_header(self, hdr, value)
def __init__(self, hosts_allowed, request, client_address, server): self.hosts_allowed = hosts_allowed SimpleXMLRPCRequestHandler.__init__(self, request, client_address, server)
def _finish(self): SimpleXMLRPCRequestHandler.finish(self)
def do_POST(self): global monitor monitor["clientIP"], monitor["clientPort"] = self.client_address SimpleXMLRPCRequestHandler.do_POST(self)
def finish(self): # XXX do we want to delete the peercert attribute? # If so, use: del self.server.peercert self.server.peercert = None SimpleXMLRPCRequestHandler.finish(self)
def end_headers(self): """ End response header with adding Access-Control-Allow-Origin This is done to enable CORS request from all clients """ self.send_header("Access-Control-Allow-Origin", "*") SimpleXMLRPCRequestHandler.end_headers(self)
def __init__(self, request, client_address, server): global current_ip current_ip = client_address[0] SimpleXMLRPCRequestHandler.__init__(self, request, client_address, server)
def __init__(self, a, b, c): SimpleXMLRPCRequestHandler.__init__(self, a, b, c)
def end_headers(self): self.send_header("Access-Control-Allow-Origin", "*") SimpleXMLRPCRequestHandler.end_headers(self)
def decode_request_content(self, data): encoding = self.headers.get("content-encoding", "identity").lower() if encoding != "gzip": self.send_response(501, "encoding %r not supported" % encoding) return SimpleXMLRPCRequestHandler.decode_request_content(self, data)
def do_POST(self, command='POST'): (scheme, netloc, path, params, query, frag) = urlparse(self.path) qs = parse_qs(query) self.command = command self.post_data = tempfile.TemporaryFile() self.old_rfile = self.rfile try: # First, buffer the POST data to a file... uid = 1234 clength = cleft = int(self.header('Content-Length')) # FIXME: Assume data goes to disk, check how much space we have left? if clength >= self.POST_MAX: self.post_progress(uid, path, cleft, clength, error='toobig') raise Exception( ("Refusing to accept giant posted data (%s bytes).") % clength) try: while cleft > 0: rbytes = min(64 * 1024, cleft) data = self.rfile.read(rbytes) if len(data) == 0: raise IOError('Premature EOF') else: self.post_data.write(data) cleft -= len(data) self.post_progress(uid, path, cleft, clength) except: self.post_progress(uid, path, cleft, clength, error='failed') raise # Juggle things so the buffering is invisble. self.post_data.seek(0) self.rfile = self.post_data ctype, pdict = cgi.parse_header(self.header('Content-Type', '')) if ctype == 'multipart/form-data': self.post_data.seek(0) posted = self.FIELDSTORAGE(boss=self.server.boss, fp=self.rfile, headers=self.headers, environ={ 'REQUEST_METHOD': 'POST', 'CONTENT_TYPE': self.headers['Content-Type'] }) elif ctype == 'application/x-www-form-urlencoded': if clength >= self.POST_UE_MAX: raise Exception(("Refusing to parse giant posted query " "string (%s bytes).") % clength) posted = cgi.parse_qs(self.rfile.read(clength), 1) elif command == 'POST': # We wrap the XMLRPC request handler in _BEGIN/_END in order to # expose the request environment to the RPC functions. rci = self.server.xmlrpc try: return SimpleXMLRPCRequestHandler.do_POST(rci._BEGIN(self)) finally: rci._END() else: posted = {} posted[command.upper()] = self.rfile.read(clength) self.post_data.seek(0) except: print '%s' % traceback.format_exc() self.sendResponse('<h1>Internal Error</h1>\n', code=500, msg='Error') self.rfile = self.old_rfile self.post_data = None return try: if 'cookie' in self.headers: cookies = Cookie.SimpleCookie(self.headers['cookie']) else: cookies = {} return self.handleHttpRequest(scheme, netloc, path, params, query, frag, qs, posted, cookies) except socket.error: pass except: print '%s' % traceback.format_exc() self.sendResponse('<h1>Internal Error</h1>\n', code=500, msg='Error') self.rfile = self.old_rfile self.post_data = None
def setup(self): SimpleXMLRPCRequestHandler.setup(self) self.setrlimits()
def __init__(self, request, client_address, server): # initialize rpc server and get client ip address. call parent initial method. rpc_paths = ('/RPC2', ) self.clientip = client_address[0] SimpleXMLRPCRequestHandler.__init__(self, request, client_address, server)
def address_string(self): try: return SimpleXMLRPCRequestHandler.address_string(self) except ValueError, e: return self.client_address[:2]
def __init__(self, request, client_address, server): global ipAddress ipAddress = client_address SimpleXMLRPCRequestHandler.__init__(self, request, client_address, server)
def __init__(self, request, client_address, server): Log("Connect from:\t%s" % client_address[0], False) SimpleXMLRPCRequestHandler.__init__(self, request, client_address, server)
def __init__(self, request, client_address, server): self.server = server SimpleXMLRPCRequestHandler.__init__(self, request, client_address, server)
def __init__(self, *args, **kwargs): SimpleXMLRPCRequestHandler.__init__(self, *args, **kwargs)
def log_message(self, format, *args): if DEBUG: SimpleXMLRPCRequestHandler.log_message(self, format, *args)
def __init__(self, *args, **kw): self.verbose = False SimpleXMLRPCRequestHandler.__init__(self, *args, **kw)
def __init__(self, req, addr, server): SimpleXMLRPCRequestHandler.__init__(self, req, addr, server)
def do_POST(self): MyXMLRPCServer.local.client_address = self.client_address SimpleXMLRPCRequestHandler.do_POST(self)
def end_headers(self): self.send_header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept") self.send_header("Access-Control-Allow-Origin", "*") SimpleXMLRPCRequestHandler.end_headers(self)