[CalendarServer-changes] [2127]
CalendarServer/branches/users/cdaboo/server2server-2113/
twistedcaldav/schedule_common.py
source_changes at macosforge.org
source_changes at macosforge.org
Tue Feb 5 08:52:08 PST 2008
Revision: 2127
http://trac.macosforge.org/projects/calendarserver/changeset/2127
Author: cdaboo at apple.com
Date: 2008-02-05 08:51:54 -0800 (Tue, 05 Feb 2008)
Log Message:
-----------
Allow pattern matching for host whitelisting.
Modified Paths:
--------------
CalendarServer/branches/users/cdaboo/server2server-2113/twistedcaldav/schedule_common.py
Modified: CalendarServer/branches/users/cdaboo/server2server-2113/twistedcaldav/schedule_common.py
===================================================================
--- CalendarServer/branches/users/cdaboo/server2server-2113/twistedcaldav/schedule_common.py 2008-02-05 01:38:27 UTC (rev 2126)
+++ CalendarServer/branches/users/cdaboo/server2server-2113/twistedcaldav/schedule_common.py 2008-02-05 16:51:54 UTC (rev 2127)
@@ -29,13 +29,12 @@
from twisted.internet.defer import deferredGenerator, maybeDeferred, waitForDeferred
from twisted.python.failure import Failure
from twisted.web2 import responsecode
-from twisted.web2.http import HTTPError, Response
-from twisted.web2.http_headers import MimeType
from twisted.web2.dav import davxml
from twisted.web2.dav.http import ErrorResponse, errorForFailure, messageForFailure, statusForFailure
from twisted.web2.dav.resource import AccessDeniedError
from twisted.web2.dav.util import joinURL
-
+from twisted.web2.http import HTTPError, Response
+from twisted.web2.http_headers import MimeType
from twistedcaldav import caldavxml
from twistedcaldav import logging
from twistedcaldav.caldavxml import caldav_namespace, TimeRange
@@ -48,13 +47,14 @@
from twistedcaldav.resource import isCalendarCollectionResource
from twistedcaldav.servertoserver import ServerToServer
from twistedcaldav.servertoserver import ServerToServerRequest
-
import itertools
import md5
import re
import socket
import time
+
+
class Scheduler(object):
class CalendarUser(object):
@@ -756,16 +756,31 @@
clientip = self.request.remoteAddr.host
# First compare as dotted IP
+ matched = False
compare_with = (server.host,) + tuple(server.client_hosts)
- if clientip not in compare_with:
+ if clientip in compare_with:
+ matched = True
+ else:
# Now do hostname lookup
host, aliases, _ignore_ips = socket.gethostbyaddr(clientip)
for host in itertools.chain((host,), aliases):
+ # Try simple match first
if host in compare_with:
+ matched = True
break
- else:
- logging.err("Originator not on allowed server: %s" % (self.originator,), system=self.logsystem)
- raise HTTPError(ErrorResponse(responsecode.FORBIDDEN, (caldav_namespace, "originator-allowed")))
+
+ # Try pattern match next
+ for pattern in compare_with:
+ if re.match(pattern, cuaddr) is not None:
+ matched = True
+ break
+ else:
+ continue
+ break
+
+ if not matched:
+ logging.err("Originator not on allowed server: %s" % (self.originator,), system=self.logsystem)
+ raise HTTPError(ErrorResponse(responsecode.FORBIDDEN, (caldav_namespace, "originator-allowed")))
@deferredGenerator
def checkRecipients(self):
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20080205/d6727083/attachment.html
More information about the calendarserver-changes
mailing list