[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[or-cvs] r17582: {projects} More changes from kaner: - fixed some black/whitelist errors (projects/gettor)
Author: ioerror
Date: 2008-12-11 09:23:45 -0500 (Thu, 11 Dec 2008)
New Revision: 17582
Modified:
projects/gettor/gettor.py
projects/gettor/gettor_blacklist.py
projects/gettor/gettor_config.py
projects/gettor/gettor_opt.py
Log:
More changes from kaner:
- fixed some black/whitelist errors
- added removeAll() in BWlist
- added lookup commandline switch for black/whitelist
Modified: projects/gettor/gettor.py
===================================================================
--- projects/gettor/gettor.py 2008-12-11 06:52:24 UTC (rev 17581)
+++ projects/gettor/gettor.py 2008-12-11 14:23:45 UTC (rev 17582)
@@ -105,8 +105,6 @@
if not parsedMessage:
log.error(_("No parsed message. Dropping message."))
return False
- # XXX: We should add a blacklist check here so that for exmaple ReplyTo
- # can't be our own address (DoS) (in case we have DKIM)
replyTo = rmail.getReplyTo()
if not replyTo:
log.error(_("No help dispatched. Invalid reply address for user."))
@@ -117,9 +115,15 @@
# Initialize response
srcEmail = conf.getSrcEmail()
+ # Bail out if someone tries to be funny
+ if (srcEmail == repluTo):
+ log.error(_("Won't send myself emails."))
+ return False
+
resp = gettor_responses.gettorResponse(replyLang, logLang)
signature = rmail.hasVerifiedSignature()
log.info(_("Signature is: %s") % str(signature))
+ # Addresses from whitelist can pass without DKIM signature
if not signature and not whiteList.lookupListEntry(replyTo):
# Check to see if we've helped them to understand that they need DKIM
# in the past
@@ -159,8 +163,12 @@
log.error(_("Sorry, %s is not a directory.") % distDir)
return False
packs = gettor_packages.gettorPackages(options.mirror, conf)
- whiteList = gettor_blacklist.BWList("/tmp/whitelist")
- blackList = gettor_blacklist.BWList("/tmp/blacklist")
+ try:
+ whiteList = gettor_blacklist.BWList(conf.getWlStateDir())
+ blackList = gettor_blacklist.BWList(conf.getBlStateDir())
+ except IOError, e:
+ log.error(_("White/Black list error: %s") % e)
+ return False
if options.fetchpackages:
if packs.syncWithMirror() != 0:
@@ -204,17 +212,27 @@
else:
log.info(_("Creating blacklist entry ok."))
success = True
+ if options.lookup:
+ if whiteList.lookupListEntry(options.lookup):
+ log.info(_("Present in whitelist."))
+ success = True
+ if blackList.lookupListEntry(options.lookup):
+ log.info(_("Present in blacklist."))
+ success = True
+ if not success:
+ log.info(_("Address neither in blacklist or whitelist."))
+ success = True
if options.clearwl:
- if not whiteList.clearAll():
+ if not whiteList.removeAll():
log.error(_("Deleting whitelist failed."))
- return false
+ return False
else:
log.info(_("Deleting whitelist done."))
success = True
if options.clearbl:
- if not blackList.clearAll():
+ if not blackList.removeAll():
log.error(_("Deleting blacklist failed."))
- return false
+ return False
else:
log.info(_("Deleting blacklist done."))
success = True
Modified: projects/gettor/gettor_blacklist.py
===================================================================
--- projects/gettor/gettor_blacklist.py 2008-12-11 06:52:24 UTC (rev 17581)
+++ projects/gettor/gettor_blacklist.py 2008-12-11 14:23:45 UTC (rev 17582)
@@ -1,7 +1,8 @@
#!/usr/bin/python2.5
+"""This library implements all of the black listing features needed for gettor.
+Basically, it offers creation, removal and lookup of email addresses stored as
+SHA1 hashes in a dedicated directory on the filesystem.
"""
-This library implements all of the black listing features needed for gettor.
-"""
import hashlib
import os
@@ -18,9 +19,8 @@
def __init__(self, listdir):
self.listDir = listdir
if not os.path.isdir(self.listDir):
- log.error(_("Bad dir %s.") % self.listDir)
# XXX Change this to something more appropriate
- raise Exception
+ raise IOError("Bad dir: %s" % self.listDir)
def lookupListEntry(self, address):
"""Check to see if we have a list entry for the given address."""
@@ -60,6 +60,15 @@
def removeAll(self):
print "Removing all entries from list!"
+ for root, dirs, files in os.walk(self.listDir):
+ for file in files:
+ try:
+ rmfile = os.path.join(root, file)
+ os.remove(rmfile)
+ except:
+ log.error(_("Could not remove %s." % rmfile))
+ return False
+ return True
def blackListtests(address):
""" This is a basic evaluation of our blacklist functionality """
Modified: projects/gettor/gettor_config.py
===================================================================
--- projects/gettor/gettor_config.py 2008-12-11 06:52:24 UTC (rev 17581)
+++ projects/gettor/gettor_config.py 2008-12-11 14:23:45 UTC (rev 17582)
@@ -31,6 +31,7 @@
Here is what each of them is used for individually:
blStateDir: Blacklisted (hashed) email addresses go here
+ wlStateDir: Whitelisted (hashed) email addresses go here
distDir: Sent-out Tor packages are found here
srcEmail: The email containing the Tor package will use this as 'From:'
locale: Choose your default mail and log locale
@@ -79,6 +80,7 @@
# Variable name | Default value | Section
self.useConf = {"stateDir": ("/var/lib/gettor/", "global"),
"blStateDir": ("/var/lib/gettor/bl/", "global"),
+ "wlStateDir": ("/var/lib/gettor/wl/", "global"),
"srcEmail": ("gettor@xxxxxxxxxxxxxx", "global"),
"distDir": ("/var/lib/gettor/dist/", "global"),
"packDir": ("/var/lib/gettor/pkg/", "global"),
@@ -136,6 +138,9 @@
def getBlStateDir(self):
return self.useConf["blStateDir"][0]
+ def getWlStateDir(self):
+ return self.useConf["wlStateDir"][0]
+
def getSrcEmail(self):
return self.useConf["srcEmail"][0]
Modified: projects/gettor/gettor_opt.py
===================================================================
--- projects/gettor/gettor_opt.py 2008-12-11 06:52:24 UTC (rev 17581)
+++ projects/gettor/gettor_opt.py 2008-12-11 14:23:45 UTC (rev 17582)
@@ -45,6 +45,10 @@
default="",
help="add an email address to the blacklist",
metavar="BLACKLIST")
+ cmdParser.add_option("-l", "--lookup", dest="lookup",
+ default="",
+ help="check black/white list presence of address",
+ metavar="CHECKADDRESS")
cmdParser.add_option("-x", "--clear-whitelist", dest="clearwl",
action="store_true", default=False,
help="clear all entrys in the whitelist")