Пример #1
0
def verify_ip_prefix(context):
    def set_err(msg):
        context.setvar(error_var, msg)

    previp = context.getviewvar('previp')
    if not previp:
        set_err("missing")
        return False

    # Is it in the right format?
    mo = valid_ipf_re.match(previp)
    if not mo:
        set_err("format is bad")
        return False
    # Does the signature match, or has someone been playing monkey
    # games?
    field = "%s@%s" % (mo.group(1), mo.group(2))
    if previp != gen_hash(context, field):
        set_err("signature does not verify")
        return False
    # Since the signature verifies, we know the other fields are good.
    pip, when = mo.group(1), int(mo.group(2))

    # If either the original address or the current one is an IPv6
    # address, give up. (Hey, at least we know the signature is good.)
    if pip == "IPV6" or httputil.is_ipv6_addr(context['remote-ip']):
        return True

    # transmogrify the original IP address into a prefix.
    pip = '.'.join(pip.split('.')[:3]) + '.'
    # Is it from the right IP?
    if not context['remote-ip'].startswith(pip):
        set_err("remote IP mismatch")
        return False
    # Is it too old?
    if (when + (2 * 60 * 60)) < time.time():
        set_err("is too old")
        return False
    return True
Пример #2
0
def verify_ip_prefix(context):
	def set_err(msg):
		context.setvar(error_var, msg)
	previp = context.getviewvar('previp')
	if not previp:
		set_err("missing")
		return False

	# Is it in the right format?
	mo = valid_ipf_re.match(previp)
	if not mo:
		set_err("format is bad")
		return False
	# Does the signature match, or has someone been playing monkey
	# games?
	field = "%s@%s" % (mo.group(1), mo.group(2))
	if previp != gen_hash(context, field):
		set_err("signature does not verify")
		return False
	# Since the signature verifies, we know the other fields are good.
	pip, when = mo.group(1), int(mo.group(2))

	# If either the original address or the current one is an IPv6
	# address, give up. (Hey, at least we know the signature is good.)
	if pip == "IPV6" or httputil.is_ipv6_addr(context['remote-ip']):
		return True
	
	# transmogrify the original IP address into a prefix.
	pip = '.'.join(pip.split('.')[:3]) + '.'
	# Is it from the right IP?
	if not context['remote-ip'].startswith(pip):
		set_err("remote IP mismatch")
		return False
	# Is it too old?
	if (when + (2*60*60)) < time.time():
		set_err("is too old")
		return False
	return True
Пример #3
0
def make_ip_field(context):
	rip = context['remote-ip']
	if httputil.is_ipv6_addr(rip):
		rip = 'IPV6'
	ipf = "%s@%d" % (rip, time.time())
	return ipf
Пример #4
0
def make_ip_field(context):
    rip = context['remote-ip']
    if httputil.is_ipv6_addr(rip):
        rip = 'IPV6'
    ipf = "%s@%d" % (rip, time.time())
    return ipf