def test_render_GET_logs_node_event_with_original_path_ip(self):
path = factory.make_name('path')
ip = factory.make_ip_address()
request = DummyRequest([path.encode('utf-8')])
request.requestHeaders = Headers({
'X-Server-Addr': ['192.168.1.1'],
'X-Server-Port': ['5248'],
'X-Forwarded-For': [ip],
'X-Forwarded-Port': ['%s' % factory.pick_port()],
})
log_info = self.patch(http.log, 'info')
mock_deferLater = self.patch(http, 'deferLater')
mock_deferLater.side_effect = always_succeed_with(None)
self.tftp.backend.get_reader.return_value = fail(AccessViolation())
resource = http.HTTPBootResource()
yield self.render_GET(resource, request)
self.assertThat(
log_info,
MockCalledOnceWith("{path} requested by {remoteHost}",
path=path,
remoteHost=ip))
self.assertThat(
mock_deferLater,
MockCalledOnceWith(ANY,
0,
http.send_node_event_ip_address,
event_type=EVENT_TYPES.NODE_HTTP_REQUEST,
ip_address=ip,
description=path))
def get_writer(self, file_name):
"""
@see: L{IBackend.get_writer}
@rtype: L{Deferred}, yielding a L{FilesystemWriter}
"""
if not self.can_write:
raise Unsupported("Writing not supported")
try:
target_path = self.base.descendant(file_name.split("/"))
except InsecurePath, e:
raise AccessViolation("Insecure path: %s" % e)
def get_reader(self, file_name):
"""
@see: L{IBackend.get_reader}
@rtype: L{Deferred}, yielding a L{FilesystemReader}
"""
if not self.can_read:
raise Unsupported("Reading not supported")
try:
target_path = self.base.descendant(file_name.split(b"/"))
except InsecurePath as e:
raise AccessViolation("Insecure path: %s" % e)
return FilesystemReader(target_path)
def test_access_violation(self):
tftp = TFTP(BackendFactory(AccessViolation("No!")), _clock=self.clock)
tftp.transport = self.transport
wrq_datagram = WRQDatagram(b'foobar', b'netascii', {})
tftp.datagramReceived(wrq_datagram.to_wire(), ('127.0.0.1', 1111))
self.clock.advance(1)
error_datagram = TFTPDatagramFactory(
*split_opcode(self.transport.value()))
self.assertEqual(error_datagram.errorcode, ERR_ACCESS_VIOLATION)
self.transport.clear()
rrq_datagram = RRQDatagram(b'foobar', b'octet', {})
tftp.datagramReceived(rrq_datagram.to_wire(), ('127.0.0.1', 1111))
self.clock.advance(1)
error_datagram = TFTPDatagramFactory(
*split_opcode(self.transport.value()))
self.assertEqual(error_datagram.errorcode, ERR_ACCESS_VIOLATION)
def test_render_GET_403_access_violation(self):
path = factory.make_name("path")
ip = factory.make_ip_address()
request = DummyRequest([path.encode("utf-8")])
request.requestHeaders = Headers({
"X-Server-Addr": ["192.168.1.1"],
"X-Server-Port": ["5248"],
"X-Forwarded-For": [ip],
"X-Forwarded-Port": ["%s" % factory.pick_port()],
})
self.patch(http.log, "info")
mock_deferLater = self.patch(http, "deferLater")
mock_deferLater.side_effect = always_succeed_with(None)
self.tftp.backend.get_reader.return_value = fail(AccessViolation())
resource = http.HTTPBootResource()
yield self.render_GET(resource, request)
self.assertEqual(403, request.responseCode)
self.assertEqual(b"", b"".join(request.written))
def test_render_GET_403_access_violation(self):
path = factory.make_name('path')
ip = factory.make_ip_address()
request = DummyRequest([path.encode('utf-8')])
request.requestHeaders = Headers({
'X-Server-Addr': ['192.168.1.1'],
'X-Server-Port': ['5248'],
'X-Forwarded-For': [ip],
'X-Forwarded-Port': ['%s' % factory.pick_port()],
})
self.patch(http.log, 'info')
mock_deferLater = self.patch(http, 'deferLater')
mock_deferLater.side_effect = always_succeed_with(None)
self.tftp.backend.get_reader.return_value = fail(AccessViolation())
resource = http.HTTPBootResource()
yield self.render_GET(resource, request)
self.assertEquals(403, request.responseCode)
self.assertEquals(b'', b''.join(request.written))
def get_reader(self, file_name):
"""
@see: L{IBackend.get_reader}
@rtype: L{Deferred}, yielding a L{FilesystemReader}
"""
if not self.can_read:
raise Unsupported("Reading not supported")
try:
target_path = self.base.descendant(file_name.split(b"/"))
except InsecurePath as e:
raise AccessViolation("Insecure path: %s" % e)
try:
# Try using FilesystemReader first
return FilesystemReader(target_path)
except FileNotFound:
# Try using DynamicReader if dyn_handler was supplied
if self.dyn_handler is not None:
return DynamicReader(file_name, self.dyn_handler)
else:
raise
