>From 2530807e1216786ea5dac8110cbb27a2f25103a3 Mon Sep 17 00:00:00 2001
From: Adrian Reber <adrian(a)lisas.de>
Date: Sun, 16 May 2010 17:15:22 -0500
Subject: [PATCH 1/2] mirrorlist_server: handle bad client IP address input
Signed-off-by: Matt Domsch <matt(a)domsch.com>
---
mirrorlist-server/mirrorlist_server.py | 10 ++++++++--
1 files changed, 8 insertions(+), 2 deletions(-)
diff --git a/mirrorlist-server/mirrorlist_server.py b/mirrorlist-server/mirrorlist_server.py
index 0de7132..e909927 100755
--- a/mirrorlist-server/mirrorlist_server.py
+++ b/mirrorlist-server/mirrorlist_server.py
@@ -298,7 +298,10 @@ def do_internet2(kwargs, cache, clientCountry, header):
client_ip = kwargs['client_ip']
if client_ip == 'unknown':
return (header, hostresults)
- ip = IP(client_ip)
+ try:
+ ip = IP(client_ip)
+ except:
+ return (header, hostresults)
asn = lookup_ip_asn(internet2_tree, ip)
if asn is not None:
header += 'Using Internet2 '
@@ -312,7 +315,10 @@ def do_asn(kwargs, cache, header):
client_ip = kwargs['client_ip']
if client_ip == 'unknown':
return (header, hostresults)
- ip = IP(client_ip)
+ try:
+ ip = IP(client_ip)
+ except:
+ return (header, hostresults)
asn = lookup_ip_asn(global_tree, ip)
if asn is not None and asn in asn_host_cache:
for hostid in asn_host_cache[asn]:
--
1.7.0.1
>From bb8c3038cf9f76fa39e8580a990d7d9edef7f43c Mon Sep 17 00:00:00 2001
From: Matt Domsch <Matt_Domsch(a)dell.com>
Date: Mon, 17 May 2010 10:15:34 -0500
Subject: [PATCH 2/2] mirrorlist_server: handle more failures gracefully
Handle being passed a bad country= value.
Catch all failures in do_mirrorlist() and return a proper error
message. This should also prevent failures in mirrorlist_server from
causing mirrorlist_client() to spin indefinitely waiting for an answer.
---
mirrorlist-server/mirrorlist_server.py | 15 ++++++++++-----
1 files changed, 10 insertions(+), 5 deletions(-)
diff --git a/mirrorlist-server/mirrorlist_server.py b/mirrorlist-server/mirrorlist_server.py
index e909927..0d73469 100755
--- a/mirrorlist-server/mirrorlist_server.py
+++ b/mirrorlist-server/mirrorlist_server.py
@@ -262,7 +262,7 @@ def do_countrylist(kwargs, cache, clientCountry, requested_countries, header):
def get_same_continent_countries(clientCountry, requested_countries):
result = []
for r in requested_countries:
- if r is not None:
+ if r in country_continents:
requestedCountries = [c.upper() for c in continents[country_continents[r]] \
if c != clientCountry ]
result.extend(requestedCountries)
@@ -690,17 +690,22 @@ class MirrorlistHandler(StreamRequestHandler):
pass
try:
- r = do_mirrorlist(d)
+ try:
+ r = do_mirrorlist(d)
+ except:
+ raise
message = r['message']
results = r['results']
resulttype = r['resulttype']
returncode = r['returncode']
except:
- message='# Server Error'
+ message=u'# Bad Request'
+ returncode = 400
+ results = []
+ resulttype = 'mirrorlist'
if d['metalink']:
resulttype = 'metalink'
- results = errordoc(d['metalink'], message)
- returncode = 500
+ results = errordoc(d['metalink'], message)
del d
del p
--
1.7.0.1
--
Matt Domsch
Technology Strategist
Dell | Office of the CTO