Rev3742, Move isIp to helper, fix inet_prton error
This commit is contained in:
shortcutme
parent
ca549cf081
commit
45add916f4
3 changed files with 21 additions and 28 deletions
|
|
@ -13,7 +13,7 @@ class Config(object):
|
||||||
|
|
||||||
def __init__(self, argv):
|
def __init__(self, argv):
|
||||||
self.version = "0.6.4"
|
self.version = "0.6.4"
|
||||||
self.rev = 3741
|
self.rev = 3742
|
||||||
self.argv = argv
|
self.argv = argv
|
||||||
self.action = None
|
self.action = None
|
||||||
self.pending_changes = {}
|
self.pending_changes = {}
|
||||||
|
|
|
||||||
|
|
@ -4,7 +4,6 @@ import os
|
||||||
import mimetypes
|
import mimetypes
|
||||||
import json
|
import json
|
||||||
import cgi
|
import cgi
|
||||||
import socket
|
|
||||||
|
|
||||||
import gevent
|
import gevent
|
||||||
|
|
||||||
|
|
@ -49,31 +48,6 @@ class UiRequest(object):
|
||||||
self.user = None
|
self.user = None
|
||||||
self.script_nonce = None # Nonce for script tags in wrapper html
|
self.script_nonce = None # Nonce for script tags in wrapper html
|
||||||
|
|
||||||
# Test if a string is a valid IP address
|
|
||||||
def isIp(self, host, strip_port=False):
|
|
||||||
if strip_port:
|
|
||||||
# Remove the port from the IP address
|
|
||||||
host = ":".join(host.split(":")[:-1])
|
|
||||||
|
|
||||||
try:
|
|
||||||
# This function will return an exception on a non-valid IP
|
|
||||||
# address
|
|
||||||
socket.inet_aton(host)
|
|
||||||
return True
|
|
||||||
|
|
||||||
except socket.error:
|
|
||||||
# Try for a IPv6 address
|
|
||||||
try:
|
|
||||||
socket.inet_pton(socket.AF_INET6, host)
|
|
||||||
return True
|
|
||||||
|
|
||||||
except socket.error:
|
|
||||||
if not strip_port:
|
|
||||||
# Try stripping the port and re-checking
|
|
||||||
return self.isIp(host, strip_port=True)
|
|
||||||
|
|
||||||
return False
|
|
||||||
|
|
||||||
def learnHost(self, host):
|
def learnHost(self, host):
|
||||||
self.server.allowed_hosts.add(host)
|
self.server.allowed_hosts.add(host)
|
||||||
self.server.log.info("Added %s as allowed host" % host)
|
self.server.log.info("Added %s as allowed host" % host)
|
||||||
|
|
@ -84,7 +58,11 @@ class UiRequest(object):
|
||||||
|
|
||||||
# Allow any IP address as they are not affected by DNS rebinding
|
# Allow any IP address as they are not affected by DNS rebinding
|
||||||
# attacks
|
# attacks
|
||||||
if self.isIp(host):
|
if helper.isIp(host):
|
||||||
|
self.learnHost(host)
|
||||||
|
return True
|
||||||
|
|
||||||
|
if ":" in host and helper.isIp(host.rsplit(":", 1)[0]): # Test without port
|
||||||
self.learnHost(host)
|
self.learnHost(host)
|
||||||
return True
|
return True
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -219,6 +219,21 @@ def avg(items):
|
||||||
else:
|
else:
|
||||||
return 0
|
return 0
|
||||||
|
|
||||||
|
def isIp(ip):
|
||||||
|
if ":" in ip: # IPv6
|
||||||
|
try:
|
||||||
|
socket.inet_pton(socket.AF_INET6, ip)
|
||||||
|
return True
|
||||||
|
except:
|
||||||
|
return False
|
||||||
|
|
||||||
|
else: # IPv4
|
||||||
|
try:
|
||||||
|
socket.inet_aton(ip)
|
||||||
|
return True
|
||||||
|
except:
|
||||||
|
return False
|
||||||
|
|
||||||
local_ip_pattern = re.compile(r"^(127\.)|(192\.168\.)|(10\.)|(172\.1[6-9]\.)|(172\.2[0-9]\.)|(172\.3[0-1]\.)|(::1$)|([fF][cCdD])")
|
local_ip_pattern = re.compile(r"^(127\.)|(192\.168\.)|(10\.)|(172\.1[6-9]\.)|(172\.2[0-9]\.)|(172\.3[0-1]\.)|(::1$)|([fF][cCdD])")
|
||||||
def isPrivateIp(ip):
|
def isPrivateIp(ip):
|
||||||
return local_ip_pattern.match(ip)
|
return local_ip_pattern.match(ip)
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue