Changeset 462:fe557ab53977
- Timestamp:
- 08/04/08 22:58:52
(5 months ago)
- Author:
- "Brian Warner <warner@lothar.com>"
- branch:
- default
- Message:
RemoteReference?.getRemoteTubID: make this secure
-
Files:
-
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
| r461 |
r462 |
|
| 1 | 1 | 2008-08-04 Brian Warner <warner@lothar.com> |
|---|
| | 2 | |
|---|
| | 3 | * foolscap/referenceable.py (RemoteReferenceOnly.getRemoteTubID): |
|---|
| | 4 | make this secure, by using the broker's .remote_tubref field, |
|---|
| | 5 | instead of the remote-side-controlled sturdyref. |
|---|
| | 6 | (RemoteReferenceOnly.getSturdyRef): add a note about the |
|---|
| | 7 | insecurity of this method |
|---|
| | 8 | * foolscap/test/test_pb.py (TestCallable.testGetSturdyRef): add a |
|---|
| | 9 | test for getRemoteTubID |
|---|
| 2 | 10 | |
|---|
| 3 | 11 | * doc/logging.xhtml: change filenames in the incident-gatherer to |
|---|
| r452 |
r462 |
|
| 338 | 338 | |
|---|
| 339 | 339 | def getSturdyRef(self): |
|---|
| | 340 | # note that this is currently *not* secure: the remote end gets to |
|---|
| | 341 | # control all parts of this FURL, including the tubid |
|---|
| 340 | 342 | return SturdyRef(self.tracker.getURL()) |
|---|
| 341 | 343 | def getRemoteTubID(self): |
|---|
| 342 | | return SturdyRef(self.tracker.getURL()).getTubRef().getTubID() |
|---|
| | 344 | rt = self.tracker.broker.remote_tubref |
|---|
| | 345 | if rt: |
|---|
| | 346 | return rt.getTubID() |
|---|
| | 347 | return "<unauth>" |
|---|
| 343 | 348 | |
|---|
| 344 | 349 | def getPeer(self): |
|---|
| r446 |
r462 |
|
| 418 | 418 | self.failUnlessEqual(peer.type, "TCP") |
|---|
| 419 | 419 | self.failUnlessEqual(peer.host, "127.0.0.1") |
|---|
| | 420 | self.failUnlessEqual(rref.getRemoteTubID(), self.tubB.getTubID()) |
|---|
| 420 | 421 | d.addCallback(_check) |
|---|
| 421 | 422 | return d |
|---|
