# HG changeset patch # User Matt Johnston # Date 1391917273 -28800 # Node ID 4792e9910cde4f44e4550846ddd9be1d8b8c75ec # Parent 931408ce71d93c67a8868319c526bfe74cbfdcb7 watcher script diff -r 931408ce71d9 -r 4792e9910cde web/config.py --- a/web/config.py Fri Feb 07 23:32:08 2014 +0800 +++ b/web/config.py Sun Feb 09 11:41:13 2014 +0800 @@ -8,6 +8,8 @@ HMAC_KEY = 'a hmac key' # override in local config file +ALLOWED_USERS = [] # local config. list of sha1 hashes of client ssl keys + UPDATE_URL = 'http://evil.ucc.asn.au/~matt/templog/update' GRAPH_WIDTH = 1200 diff -r 931408ce71d9 -r 4792e9910cde web/secure.py --- a/web/secure.py Fri Feb 07 23:32:08 2014 +0800 +++ b/web/secure.py Sun Feb 09 11:41:13 2014 +0800 @@ -4,13 +4,27 @@ import hmac import binascii import sys +import hashlib + +import bottle import config -__all__ = ["get_csrf_blob", "check_csrf_blob", "setup_csrf"] +__all__ = ["get_csrf_blob", "check_csrf_blob", "setup_csrf", "get_user_hash"] + +HASH=hashlib.sha1 def get_user_hash(): - return "aaa" + if bottle.request.environ.get('SSL_CLIENT_VERIFY', '') != 'GENEROUS': + return 'FAILVERIFY' + blob = bottle.request.environ.get('SSL_CLIENT_CERT') + if not blob: + return 'NOCERT' + + b64 = ''.join(l for l in blob.split('\n') + if not l.startswith('-')) + + return HASH(binascii.a2b_base64(b64)).hexdigest() def setup_csrf(): NONCE_SIZE=16 diff -r 931408ce71d9 -r 4792e9910cde web/templog.py --- a/web/templog.py Fri Feb 07 23:32:08 2014 +0800 +++ b/web/templog.py Sun Feb 09 11:41:13 2014 +0800 @@ -58,9 +58,11 @@ @route('/set') def set(): + allowed = ["false", "true"][secure.get_user_hash() in config.ALLOWED_USERS] return bottle.template('set', inline_data = log.get_params(), - csrf_blob = secure.get_csrf_blob()) + csrf_blob = secure.get_csrf_blob(), + allowed = allowed) @route('/set_current.json') def set_fresh(): @@ -113,8 +115,8 @@ @route('/env') def env(): response.set_header('Content-Type', 'text/plain') - return '\n'.join(traceback.format_stack()) - #return '\n'.join(("%s %s" % k) for k in request.environ.items()) + #return '\n'.join(traceback.format_stack()) + return '\n'.join(("%s %s" % k) for k in request.environ.items()) #return str(request.environ) #yield "\n" #var_lookup = environ['mod_ssl.var_lookup'] diff -r 931408ce71d9 -r 4792e9910cde web/views/set.tpl --- a/web/views/set.tpl Fri Feb 07 23:32:08 2014 +0800 +++ b/web/views/set.tpl Sun Feb 09 11:41:13 2014 +0800 @@ -2,7 +2,7 @@ - + @@ -157,6 +167,7 @@ var params = {{!inline_data}}; var csrf_blob = "{{!csrf_blob}}"; +var allowed = {{allowed}}; window.setter = new Setter(params, csrf_blob); var number_template = $("[type='html/num_input']").html(); @@ -205,21 +216,14 @@ add(p); }) + if (!allowed) { + $("#savebutton").attr("disabled", true); + $('#status').text("No cert") + } + $("#savebutton").click(function() { setter.save(); }) - - var gofn = function() { - var r = '#'; - r += (5+Math.floor(Math.random() * 5)); - r += (5+Math.floor(Math.random() * 5)); - r += (5+Math.floor(Math.random() * 5)); - document.body.style.background = r; - this.value = r; - } - //$("#go").addEventListener("touchstart", gofn, false) - //$("#go").addEventListener("click", gofn, false) - $("#go").on("vmousedown", gofn); } function set_text_state(el, param) @@ -291,18 +295,14 @@ - -

+ - -

+ + diff -r 931408ce71d9 -r 4792e9910cde web/watch.py --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/web/watch.py Sun Feb 09 11:41:13 2014 +0800 @@ -0,0 +1,62 @@ +#!/usr/bin/env python3.3 + +import pyinotify +import glob +import sys +import fnmatch +import os + +def GlobWatcher(object): + def __init__(self, g, watcher): + self.glob = g + self.watches = [] + self.watcher = watcher + +def add_glob(watcher, g): + d = os.path.dirname(g) + + file_watches = add_glob_files + +def main(): + touchf = sys.argv[1] + + watcher = pyinotify.WatchManager() + dirpatterns = {} + for g in sys.argv[2:]: + d = os.path.dirname(g) + pattern = os.path.basename(g) + dirpatterns.setdefault(d, []).append(pattern) + + print(dirpatterns) + + watchpatterns = {} + for d, patterns in dirpatterns.items(): + + w = watcher.add_watch(d, + (pyinotify.IN_MODIFY + |pyinotify.IN_CREATE + |pyinotify.IN_DELETE + |pyinotify.IN_MOVED_FROM + |pyinotify.IN_MOVED_TO)) + + wd = w[d] + watchpatterns[wd] = patterns + + def triggered(event): + if event.name is None: + return + + print("%s %s " % (event.name, event.maskname)) + patterns = watchpatterns[event.wd] + for p in patterns: + print(p) + if fnmatch.fnmatch(event.name, p): + print("matched %s" % p) + os.utime(touchf, None) + + n = pyinotify.Notifier(watcher, triggered) + n.loop() + +if __name__ == '__main__': + main() +