Beispiel #1
0
  /*
   * Prehook method for SLAVE ADDIP
   * Gets the ip, and preforms checks.
   */
  public CommandRequestInterface doIpSecuritySLAVEPreCheck(CommandRequest request) {
    if (!request.hasArgument()) {
      return request;
    }

    String argument = request.getArgument();
    StringTokenizer arguments = new StringTokenizer(argument);

    if (!arguments.hasMoreTokens()) {
      return request;
    }

    String slavename = arguments.nextToken();

    RemoteSlave rslave = null;
    try {
      rslave = GlobalContext.getGlobalContext().getSlaveManager().getRemoteSlave(slavename);
    } catch (ObjectNotFoundException e) {
      request.setDeniedResponse(new CommandResponse(200, "Slave Not Found: " + slavename));
      request.setAllowed(false);
      return request;
    }

    if (arguments.hasMoreTokens()) {
      String command = arguments.nextToken();
      if (command.equalsIgnoreCase("addmask")) {
        if (arguments.countTokens() != 1) {
          return request;
        }

        HostMask newMask = new HostMask(arguments.nextToken().replace(",", ""));

        String _maskident = newMask.getIdentMask();
        String _maskHostMask = newMask.getHostMask();

        boolean _allowed =
            IpSecurityManager.getIpSecurity()
                .checkIP(_maskident, _maskHostMask, rslave.getMasks().size(), null);
        if ((!_allowed) && (!_maskHostMask.equals("127.0.0.1"))) {
          request.setAllowed(false);
          CommandResponse response =
              StandardCommandManager.genericResponse("RESPONSE_200_COMMAND_OK");
          response.addComment(IpSecurityManager.getIpSecurity().outputConfs(null));
          request.setDeniedResponse(response);
          return request;
        }
      }
    }
    return request;
  }
Beispiel #2
0
  /*
   * Checks the IP from arguments (Used for ADDUSER/GADDUSER/ADDIP)
   */
  public CommandRequest checkIP(CommandRequest request, int argnum, int ipnum, boolean newuser) {
    if (!request.hasArgument()) {
      return request;
    }

    String[] args = request.getArgument().split(" ");
    if (args.length < argnum) {
      return request;
    }

    try {
      int _numip = args.length - argnum + 1;

      User user = null;

      if (!newuser) {
        user = GlobalContext.getGlobalContext().getUserManager().getUserByName(args[0]);
        _numip = user.getHostMaskCollection().size();
      }

      for (int i = ipnum; i < args.length; i++) {
        HostMask newMask = new HostMask(args[i].replace(",", ""));
        String maskHostMask = newMask.getHostMask();

        boolean _allowed =
            IpSecurityManager.getIpSecurity()
                .checkIP(newMask.getIdentMask(), maskHostMask, _numip, user);
        if ((!_allowed) && (!maskHostMask.equals("127.0.0.1"))) {
          request.setAllowed(false);
          CommandResponse response =
              StandardCommandManager.genericResponse("RESPONSE_200_COMMAND_OK");
          response.addComment(IpSecurityManager.getIpSecurity().outputConfs(user));
          request.setDeniedResponse(response);
          return request;
        }
      }

    } catch (NoSuchUserException ex) {
      request.setAllowed(false);
      request.setDeniedResponse(new CommandResponse(452, "No such user: "******"No Such User Exception - IpSecurityHooks");
      return request;
    } catch (UserFileException ex) {
      request.setAllowed(false);
      request.setDeniedResponse(new CommandResponse(452, "User File Exception: " + args[0]));
      return request;
    }
    return request;
  }