#!/usr/bin/env python
#
# Example of Name Server security plugins.
#
# This shows possible implementations of a NS BC request validator
# and a NS new connection validator.
#
# See the Readme.txt for more information.
#
ACCEPTED_ID = 'p4ssphr4se'
#----- required global funcs that return validator objects ------
def BCGuard():
return BCReqValidator()
def NSGuard():
v=NSnewConnValidator()
v.setAllowedIdentifications([ACCEPTED_ID])
return v
#----- validator object implementation --------
import Pyro.naming
import Pyro.protocol
# NS Broadcast Request Validator
# Must inherit from the base class as shown,
# because dispatcher code is in there.
class BCReqValidator(Pyro.naming.BCReqValidator):
# we have:
# self.addr = address of client (ip, port)
# self.sock = reply socket (used by self.reply method)
def acceptLocationCmd(self):
print self.addr[0],'WANTS TO KNOW OUR LOCATION. Ok...'
return 1
def acceptShutdownCmd(self):
print self.addr[0],'WANTS US TO SHUT DOWN, Pfff!'
self.reply('denied!') # send this back to client
return 0
# NS Pyro Daemon newConnValidator
class NSnewConnValidator(Pyro.protocol.DefaultConnValidator):
def acceptHost(self, tcpserver, conn):
print conn.addr[0],'WANTS CONNECTION...'
return Pyro.protocol.DefaultConnValidator.acceptHost(self, tcpserver, conn)
def acceptIdentification(self, tcpserver, conn, token, challenge):
print conn.addr[0],'SENDS IDENTIFICATION...'
(ok,reason)=Pyro.protocol.DefaultConnValidator.acceptIdentification(self, tcpserver, conn, token, challenge)
if not ok:
print 'Connection denied! Make sure the identification is "'+ACCEPTED_ID+'"'
return (ok,reason)
|