diff options
author | Chris St. Pierre <chris.a.st.pierre@gmail.com> | 2013-02-12 07:48:33 -0500 |
---|---|---|
committer | Chris St. Pierre <chris.a.st.pierre@gmail.com> | 2013-02-12 09:18:38 -0500 |
commit | 5363e6d9a53146333da0d109aae170befc1b9481 (patch) | |
tree | 22f1180360c6844f3ca1f77a7cee59a01c05ad9b /src/lib/Bcfg2/Server/SSLServer.py | |
parent | d0cb9264234851ad65ec8502a56c3afefd39fbad (diff) | |
download | bcfg2-5363e6d9a53146333da0d109aae170befc1b9481.tar.gz bcfg2-5363e6d9a53146333da0d109aae170befc1b9481.tar.bz2 bcfg2-5363e6d9a53146333da0d109aae170befc1b9481.zip |
Added client ACLs:
* IP and CIDR-based ACLs
* Metadata (group/hostname)-based ACLs
* Documentation
* Unit tests
Diffstat (limited to 'src/lib/Bcfg2/Server/SSLServer.py')
-rw-r--r-- | src/lib/Bcfg2/Server/SSLServer.py | 15 |
1 files changed, 9 insertions, 6 deletions
diff --git a/src/lib/Bcfg2/Server/SSLServer.py b/src/lib/Bcfg2/Server/SSLServer.py index f2fb4913a..0d1246d85 100644 --- a/src/lib/Bcfg2/Server/SSLServer.py +++ b/src/lib/Bcfg2/Server/SSLServer.py @@ -27,8 +27,7 @@ class XMLRPCDispatcher(SimpleXMLRPCServer.SimpleXMLRPCDispatcher): # Python 2.4? SimpleXMLRPCServer.SimpleXMLRPCDispatcher.__init__(self) - self.logger = logging.getLogger("%s.%s" % (self.__class__.__module__, - self.__class__.__name__)) + self.logger = logging.getLogger(self.__class__.__name__) self.allow_none = allow_none self.encoding = encoding @@ -95,8 +94,7 @@ class SSLServer(SocketServer.TCPServer, object): if ':' in server_address[0]: self.address_family = socket.AF_INET6 - self.logger = logging.getLogger("%s.%s" % (self.__class__.__module__, - self.__class__.__name__)) + self.logger = logging.getLogger(self.__class__.__name__) try: SocketServer.TCPServer.__init__(self, listen_address, @@ -185,10 +183,9 @@ class XMLRPCRequestHandler(SimpleXMLRPCServer.SimpleXMLRPCRequestHandler): """ def __init__(self, *args, **kwargs): + self.logger = logging.getLogger(self.__class__.__name__) SimpleXMLRPCServer.SimpleXMLRPCRequestHandler.__init__(self, *args, **kwargs) - self.logger = logging.getLogger("%s.%s" % (self.__class__.__module__, - self.__class__.__name__)) def authenticate(self): try: @@ -262,6 +259,12 @@ class XMLRPCRequestHandler(SimpleXMLRPCServer.SimpleXMLRPCRequestHandler): raise else: # got a valid XML RPC response + # first, check ACLs + client_address = self.request.getpeername() + method = xmlrpclib.loads(data)[1] + if not self.server.instance.check_acls(client_address, method): + self.send_error(401, self.responses[401][0]) + self.end_headers() try: self.send_response(200) self.send_header("Content-type", "text/xml") |