Trees | Indices | Help |
---|
|
1 # -*- Mode: Python; test-case-name: flumotion.test.test_bouncers_ipbouncer -*- 2 # vi:si:et:sw=4:sts=4:ts=4 3 # 4 # Flumotion - a streaming media server 5 # Copyright (C) 2004,2005,2006,2007 Fluendo, S.L. (www.fluendo.com). 6 # All rights reserved. 7 8 # This file may be distributed and/or modified under the terms of 9 # the GNU General Public License version 2 as published by 10 # the Free Software Foundation. 11 # This file is distributed without any warranty; without even the implied 12 # warranty of merchantability or fitness for a particular purpose. 13 # See "LICENSE.GPL" in the source distribution for more information. 14 15 # Licensees having purchased or holding a valid Flumotion Advanced 16 # Streaming Server license may use this file in accordance with the 17 # Flumotion Advanced Streaming Server Commercial License Agreement. 18 # See "LICENSE.Flumotion" in the source distribution for more information. 19 20 # Headers in this file shall remain intact. 21 22 """ 23 A bouncer that authenticates based on the IP address of the remote side, 24 as seen by the bouncer. 25 """ 26 27 from twisted.internet import defer 28 29 from flumotion.common import keycards, messages, errors, log, netutils 30 from flumotion.common.i18n import N_, gettexter 31 from flumotion.common.keycards import KeycardUACPP 32 from flumotion.component.bouncers import bouncer 33 34 __all__ = ['IPBouncer'] 35 __version__ = "$Rev: 7408 $" 36 T_ = gettexter() 37 3840 41 logCategory = 'ip-bouncer' 42 keycardClasses = (keycards.KeycardUACPCC, keycards.KeycardUACPP) 439145 conf = self.config 46 props = conf['properties'] 47 48 self.deny_default = props.get('deny-default', True) 49 50 self.allows = netutils.RoutingTable() 51 self.denies = netutils.RoutingTable() 52 for p, t in (('allow', self.allows), ('deny', self.denies)): 53 for s in props.get(p, []): 54 try: 55 ip, mask = s.split('/') 56 t.addSubnet(True, ip, int(mask)) 57 except Exception, e: 58 m = messages.Error( 59 T_(N_("Invalid value for property %r: %s"), p, s), 60 log.getExceptionMessage(e), 61 mid='match-type') 62 self.addMessage(m) 63 raise errors.ComponentSetupHandledError() 64 65 return defer.succeed(None)6668 ip = keycard.getData()['address'] 69 self.debug('authenticating keycard from requester %s', ip) 70 71 if ip is None: 72 self.warning('could not get address of remote') 73 allowed = False 74 elif self.deny_default: 75 allowed = (self.allows.route(ip) 76 and not self.denies.route(ip)) 77 else: 78 allowed = (self.allows.route(ip) 79 or not self.denies.route(ip)) 80 81 if not allowed: 82 self.info('denied login from ip address %s', 83 keycard.address) 84 return None 85 else: 86 keycard.state = keycards.AUTHENTICATED 87 self.addKeycard(keycard) 88 self.debug('allowed login from ip address %s', 89 keycard.address) 90 return keycard
Trees | Indices | Help |
---|
Generated by Epydoc 3.0.1 on Thu Jan 27 19:56:25 2011 | http://epydoc.sourceforge.net |