diff options
author | Matt Schwager <schwag09@gmail.com> | 2012-10-17 14:02:19 -0400 |
---|---|---|
committer | Chris St. Pierre <chris.a.st.pierre@gmail.com> | 2013-02-12 08:35:32 -0500 |
commit | ead022433a759686db6de02b91811de7ca166ac7 (patch) | |
tree | 887ecbea7b24a80766025de92318a3aa07c6b334 | |
parent | 168aa5f9d31f310caa2d8fb87b5d46d6e23b5821 (diff) | |
download | bcfg2-ead022433a759686db6de02b91811de7ca166ac7.tar.gz bcfg2-ead022433a759686db6de02b91811de7ca166ac7.tar.bz2 bcfg2-ead022433a759686db6de02b91811de7ca166ac7.zip |
Corrected acceptance of wildcard ('*') in ACL XML file.
-rw-r--r-- | src/lib/Bcfg2/Server/Core.py | 2 | ||||
-rw-r--r-- | src/lib/Bcfg2/Server/SSLServer.py | 7 |
2 files changed, 4 insertions, 5 deletions
diff --git a/src/lib/Bcfg2/Server/Core.py b/src/lib/Bcfg2/Server/Core.py index e931a7bc0..c9fd76325 100644 --- a/src/lib/Bcfg2/Server/Core.py +++ b/src/lib/Bcfg2/Server/Core.py @@ -1076,7 +1076,7 @@ class BaseCore(object): """ Check if client IP is in list of accepted IPs """ try: return (client in self.plugins['Acl'].config.ips or - '*' in self.plugins['Acl'].config) + '*' in self.plugins['Acl'].config.ips) except KeyError: # No ACL means accept all incoming ips (wildcard) return True diff --git a/src/lib/Bcfg2/Server/SSLServer.py b/src/lib/Bcfg2/Server/SSLServer.py index c2294eec9..f2fb4913a 100644 --- a/src/lib/Bcfg2/Server/SSLServer.py +++ b/src/lib/Bcfg2/Server/SSLServer.py @@ -209,10 +209,9 @@ class XMLRPCRequestHandler(SimpleXMLRPCServer.SimpleXMLRPCRequestHandler): password = "" cert = self.request.getpeercert() client_address = self.request.getpeername() - if not self.server.instance.check_acls(client_address[0]): - return False - return self.server.instance.authenticate(cert, username, - password, client_address) + return (self.server.instance.authenticate(cert, username, + password, client_address) and + self.server.instance.check_acls(client_address[0])) def parse_request(self): """Extends parse_request. |