def get_default_region_ip(request): """Returns the default reply address for the given HTTP request.""" remote_ip = get_remote_ip(request) default_region_ip = None if remote_ip is not None: default_region_ip = get_source_address(remote_ip) return default_region_ip
def create_audit_event(event_type, endpoint, request, system_id=None, description=None): """Helper to register Audit events. These are events that have an event type level of AUDIT.""" event_description = description if description is not None else "" # Retrieve Django request's user agent if it is set. user_agent = request.META.get("HTTP_USER_AGENT", "") ip_address = get_remote_ip(request) user = None if isinstance(request.user, AnonymousUser) else request.user Event.objects.register_event_and_event_type( type_name=event_type, type_description=EVENT_DETAILS[event_type].description, type_level=AUDIT, event_description=event_description, system_id=system_id, user=user, ip_address=ip_address, endpoint=endpoint, user_agent=user_agent, )
def test_fallsback_to_REMOTE_ADDR_for_invalid_X_FORWARDED_FOR(self): ip_address = factory.make_ipv4_address() request = HttpRequest() request.META = { "HTTP_X_FORWARDED_FOR": factory.make_name("garbage ip"), "REMOTE_ADDR": ip_address, } self.assertEqual(ip_address, get_remote_ip(request))
def test__fallsback_to_REMOTE_ADDR_for_invalid_X_FORWARDED_FOR(self): ip_address = factory.make_ipv4_address() request = HttpRequest() request.META = { 'HTTP_X_FORWARDED_FOR': factory.make_name('garbage ip'), 'REMOTE_ADDR': ip_address, } self.assertEquals(ip_address, get_remote_ip(request))
def get_apt_proxy(request, rack_controller=None, node=None): """Return the APT proxy for the `rack_controller`.""" config = Config.objects.get_configs([ "enable_http_proxy", "http_proxy", "use_peer_proxy", "maas_proxy_port", "maas_internal_domain", "use_rack_proxy", ]) if config["enable_http_proxy"]: http_proxy = config["http_proxy"] if http_proxy is not None: http_proxy = http_proxy.strip() use_peer_proxy = config["use_peer_proxy"] if http_proxy and not use_peer_proxy: return http_proxy else: # Ensure the proxy port is the default if not set. maas_proxy_port = config["maas_proxy_port"] if not maas_proxy_port: maas_proxy_port = 8000 # Use the client requesting the preseed to determine how they # should access the APT proxy. subnet = None remote_ip = get_remote_ip(request) if remote_ip is not None: subnet = Subnet.objects.get_best_subnet_for_ip(remote_ip) use_dns = (subnet is not None and not subnet.dns_servers and subnet.vlan.dhcp_on) if config["use_rack_proxy"] and use_dns: # Client can use the MAAS proxy on the rack controller with # DNS resolution providing better HA. return "http://%s.%s:%d/" % ( get_resource_name_for_subnet(subnet), config["maas_internal_domain"], maas_proxy_port, ) elif (config["use_rack_proxy"] and node is not None and node.boot_cluster_ip): # Client can use the MAAS proxy on the rack controller with # IP address, instead of DNS. return "http://%s:%d/" % ( node.boot_cluster_ip, maas_proxy_port, ) else: # Fallback to sending the APT directly to the # region controller. region_ip = get_default_region_ip(request) url = "http://:%d/" % maas_proxy_port return compose_URL( url, get_maas_facing_server_host(rack_controller, default_region_ip=region_ip), ) else: return None
def test_gets_client_ip_for_X_FORWARDED_FOR_with_proxies(self): ip_address = factory.make_ipv4_address() proxy1 = factory.make_ipv4_address() proxy2 = factory.make_ipv4_address() request = HttpRequest() request.META = { "HTTP_X_FORWARDED_FOR": "%s, %s, %s" % (ip_address, proxy1, proxy2) } self.assertEqual(ip_address, get_remote_ip(request))
def get_apt_proxy(request, rack_controller=None): """Return the APT proxy for the `rack_controller`.""" config = Config.objects.get_configs([ 'enable_http_proxy', 'http_proxy', 'use_peer_proxy', 'maas_proxy_port', 'maas_internal_domain', 'use_rack_proxy' ]) if config["enable_http_proxy"]: http_proxy = config["http_proxy"] if http_proxy is not None: http_proxy = http_proxy.strip() use_peer_proxy = config["use_peer_proxy"] if http_proxy and not use_peer_proxy: return http_proxy else: # Ensure the proxy port is the default if not set. maas_proxy_port = config["maas_proxy_port"] if not maas_proxy_port: maas_proxy_port = 8000 # Use the client requesting the preseed to determine how they # should access the APT proxy. subnet = None remote_ip = get_remote_ip(request) if remote_ip is not None: subnet = Subnet.objects.get_best_subnet_for_ip(remote_ip) if (config['use_rack_proxy'] and subnet is not None and not subnet.dns_servers): # Client can use the MAAS proxy on the rack controller. return "http://%s.%s:%d/" % (get_resource_name_for_subnet( subnet), config["maas_internal_domain"], maas_proxy_port) else: # Client cannot use the MAAS proxy on the rack controller # because rack proxy is disabled, the subnet the IP belongs to # is unknown or the subnet is using DNS servers that are not # MAAS. Fallback to using the old way pre MAAS 2.5. region_ip = get_default_region_ip(request) url = "http://:%d/" % maas_proxy_port return compose_URL( url, get_maas_facing_server_host(rack_controller, default_region_ip=region_ip)) else: return None
def test_returns_None_empty_META(self): request = HttpRequest() request.META = {} self.assertIsNone(get_remote_ip(request))
def test_returns_None_for_invalid_ip(self): ip_address = factory.make_name("garbage ip") request = HttpRequest() request.META = {"REMOTE_ADDR": ip_address} self.assertIsNone(get_remote_ip(request))
def test_gets_client_ipv6_for_REMOTE_ADDR(self): ip_address = factory.make_ipv6_address() request = HttpRequest() request.META = {"REMOTE_ADDR": ip_address} self.assertEqual(ip_address, get_remote_ip(request))
def test_gets_client_ipv6_for_HTTP_X_FORWARDED_FOR(self): ip_address = factory.make_ipv6_address() request = HttpRequest() request.META = {"HTTP_X_FORWARDED_FOR": ip_address} self.assertEqual(ip_address, get_remote_ip(request))