HelloZeroNet
/
ZeroNet
mirror of https://github.com/HelloZeroNet/ZeroNet.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

partial cleanup of ContentManager.py

This commit is contained in:
Matthew Bell 2015-06-17 22:49:47 +01:00
parent 31b6dc4516
commit b6cb1062ce
1 changed files with 482 additions and 492 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

974
src/Content/ContentManager.py
View File

@ -4,513 +4,503 @@ from Crypt import CryptHash
from Config import config from Config import config
class ContentManager: class ContentManager:
def __init__(self, site): def __init__(self, site):
self.site = site self.site = site
self.log = self.site.log self.log = self.site.log
self.contents = {} # Known content.json (without files and includes) self.contents = {} # Known content.json (without files and includes)
self.loadContent(add_bad_files = False) self.loadContent(add_bad_files=False)
self.site.settings["size"] = self.getTotalSize() self.site.settings["size"] = self.getTotalSize()
# Load content.json to self.content
# Load content.json to self.content # Return: Changed files ["index.html", "data/messages.json"]
# Return: Changed files ["index.html", "data/messages.json"] def loadContent(self, content_inner_path="content.json", add_bad_files=True, load_includes=True):
def loadContent(self, content_inner_path = "content.json", add_bad_files = True, load_includes = True): content_inner_path = content_inner_path.strip("/") # Remove / from begning
content_inner_path = content_inner_path.strip("/") # Remove / from begning old_content = self.contents.get(content_inner_path)
old_content = self.contents.get(content_inner_path) content_path = self.site.storage.getPath(content_inner_path)
content_path = self.site.storage.getPath(content_inner_path) content_path_dir = self.toDir(self.site.storage.getPath(content_inner_path))
content_path_dir = self.toDir(self.site.storage.getPath(content_inner_path)) content_dir = self.toDir(content_inner_path)
content_dir = self.toDir(content_inner_path)
if os.path.isfile(content_path):
if os.path.isfile(content_path): try:
try: new_content = json.load(open(content_path))
new_content = json.load(open(content_path)) except Exception, err:
except Exception, err: self.log.error("%s load error: %s" % (content_path, Debug.formatException(err)))
self.log.error("%s load error: %s" % (content_path, Debug.formatException(err))) return False
return False else:
else: self.log.error("Content.json not exist: %s" % content_path)
self.log.error("Content.json not exist: %s" % content_path) return False # Content.json not exist
return False # Content.json not exist
try:
# Get the files where the sha512 changed
try: changed = []
# Get the files where the sha512 changed for relative_path, info in new_content.get("files", {}).items():
changed = [] if "sha512" in info:
for relative_path, info in new_content.get("files", {}).items(): hash_type = "sha512"
if "sha512" in info: else: # Backward compatiblity
hash_type = "sha512" hash_type = "sha1"
else: # Backward compatiblity
hash_type = "sha1" new_hash = info[hash_type]
if old_content and old_content["files"].get(relative_path): # We have the file in the old content
new_hash = info[hash_type] old_hash = old_content["files"][relative_path].get(hash_type)
if old_content and old_content["files"].get(relative_path): # We have the file in the old content else: # The file is not in the old content
old_hash = old_content["files"][relative_path].get(hash_type) old_hash = None
else: # The file is not in the old content if old_hash != new_hash: changed.append(content_dir+relative_path)
old_hash = None
if old_hash != new_hash: changed.append(content_dir+relative_path) # Load includes
if load_includes and "includes" in new_content:
# Load includes for relative_path, info in new_content["includes"].items():
if load_includes and "includes" in new_content: include_inner_path = content_dir+relative_path
for relative_path, info in new_content["includes"].items(): if self.site.storage.isFile(include_inner_path): # Content.json exists, load it
include_inner_path = content_dir+relative_path success = self.loadContent(include_inner_path, add_bad_files=add_bad_files)
if self.site.storage.isFile(include_inner_path): # Content.json exists, load it if success: changed += success # Add changed files
success = self.loadContent(include_inner_path, add_bad_files=add_bad_files) else: # Content.json not exist, add to changed files
if success: changed += success # Add changed files self.log.debug("Missing include: %s" % include_inner_path)
else: # Content.json not exist, add to changed files changed += [include_inner_path]
self.log.debug("Missing include: %s" % include_inner_path)
changed += [include_inner_path] # Load blind user includes (all subdir)
if load_includes and "user_contents" in new_content:
# Load blind user includes (all subdir) for relative_dir in os.listdir(content_path_dir):
if load_includes and "user_contents" in new_content: include_inner_path = content_dir+relative_dir+"/content.json"
for relative_dir in os.listdir(content_path_dir): if not self.site.storage.isFile(include_inner_path): continue # Content.json not exist
include_inner_path = content_dir+relative_dir+"/content.json" success = self.loadContent(include_inner_path, add_bad_files=add_bad_files, load_includes=False)
if not self.site.storage.isFile(include_inner_path): continue # Content.json not exist if success: changed += success # Add changed files
success = self.loadContent(include_inner_path, add_bad_files=add_bad_files, load_includes=False)
if success: changed += success # Add changed files # Update the content
self.contents[content_inner_path] = new_content
# Update the content except Exception, err:
self.contents[content_inner_path] = new_content self.log.error("Content.json parse error: %s" % Debug.formatException(err))
except Exception, err: return False # Content.json parse error
self.log.error("Content.json parse error: %s" % Debug.formatException(err))
return False # Content.json parse error # Add changed files to bad files
if add_bad_files:
# Add changed files to bad files for inner_path in changed:
if add_bad_files: self.site.bad_files[inner_path] = True
for inner_path in changed:
self.site.bad_files[inner_path] = True if new_content["modified"] > self.site.settings.get("modified", 0):
self.site.settings["modified"] = min(time.time()+60*10, new_content["modified"]) # Dont store modifications in the far future (more than 10 minute)
if new_content["modified"] > self.site.settings.get("modified", 0):
self.site.settings["modified"] = min(time.time()+60*10, new_content["modified"]) # Dont store modifications in the far future (more than 10 minute) return changed
return changed # Get total size of site
# Return: 32819 (size of files in kb)
def getTotalSize(self, ignore=None):
# Get total size of site total_size = 0
# Return: 32819 (size of files in kb) for inner_path, content in self.contents.iteritems():
def getTotalSize(self, ignore=None): if inner_path == ignore: continue
total_size = 0 total_size += self.site.storage.getSize(inner_path) # Size of content.json
for inner_path, content in self.contents.iteritems(): for file, info in content.get("files", {}).iteritems():
if inner_path == ignore: continue total_size += info["size"]
total_size += self.site.storage.getSize(inner_path) # Size of content.json return total_size
for file, info in content.get("files", {}).iteritems():
total_size += info["size"] # Find the file info line from self.contents
return total_size # Return: { "sha512": "c29d73d30ee8c9c1b5600e8a84447a6de15a3c3db6869aca4a2a578c1721f518", "size": 41 , "content_inner_path": "content.json"}
def getFileInfo(self, inner_path):
dirs = inner_path.split("/") # Parent dirs of content.json
# Find the file info line from self.contents inner_path_parts = [dirs.pop()] # Filename relative to content.json
# Return: { "sha512": "c29d73d30ee8c9c1b5600e8a84447a6de15a3c3db6869aca4a2a578c1721f518", "size": 41 , "content_inner_path": "content.json"} while True:
def getFileInfo(self, inner_path): content_inner_path = "%s/content.json" % "/".join(dirs)
dirs = inner_path.split("/") # Parent dirs of content.json content = self.contents.get(content_inner_path.strip("/"))
inner_path_parts = [dirs.pop()] # Filename relative to content.json if content and "files" in content: # Check if content.json exists
while True: back = content["files"].get("/".join(inner_path_parts))
content_inner_path = "%s/content.json" % "/".join(dirs) if back:
content = self.contents.get(content_inner_path.strip("/")) back["content_inner_path"] = content_inner_path
if content and "files" in content: # Check if content.json exists return back
back = content["files"].get("/".join(inner_path_parts))
if back: if content and "user_contents" in content: # User dir
back["content_inner_path"] = content_inner_path back = content["user_contents"]
return back # Content.json is in the users dir
back["content_inner_path"] = re.sub("(.*)/.*?$", "\\1/content.json", inner_path)
if content and "user_contents" in content: # User dir return back
back = content["user_contents"]
back["content_inner_path"] = re.sub("(.*)/.*?$", "\\1/content.json", inner_path) # Content.json is in the users dir # No inner path in this dir, lets try the parent dir
return back if dirs:
inner_path_parts.insert(0, dirs.pop())
# No inner path in this dir, lets try the parent dir else: # No more parent dirs
if dirs: break
inner_path_parts.insert(0, dirs.pop())
else: # No more parent dirs # Not found
break return False
return False # Not found # Get rules for the file
# Return: The rules for the file or False if not allowed
def getRules(self, inner_path, content=None):
# Get rules for the file if not inner_path.endswith("content.json"): # Find the files content.json first
# Return: The rules for the file or False if not allowed file_info = self.getFileInfo(inner_path)
def getRules(self, inner_path, content=None): if not file_info: return False # File not found
if not inner_path.endswith("content.json"): # Find the files content.json first inner_path = file_info["content_inner_path"]
file_info = self.getFileInfo(inner_path) dirs = inner_path.split("/") # Parent dirs of content.json
if not file_info: return False # File not found inner_path_parts = [dirs.pop()] # Filename relative to content.json
inner_path = file_info["content_inner_path"] inner_path_parts.insert(0, dirs.pop()) # Dont check in self dir
dirs = inner_path.split("/") # Parent dirs of content.json while True:
inner_path_parts = [dirs.pop()] # Filename relative to content.json content_inner_path = "%s/content.json" % "/".join(dirs)
inner_path_parts.insert(0, dirs.pop()) # Dont check in self dir parent_content = self.contents.get(content_inner_path.strip("/"))
while True: if parent_content and "includes" in parent_content:
content_inner_path = "%s/content.json" % "/".join(dirs) return parent_content["includes"].get("/".join(inner_path_parts))
parent_content = self.contents.get(content_inner_path.strip("/")) elif parent_content and "user_contents" in parent_content:
if parent_content and "includes" in parent_content: return self.getUserContentRules(parent_content, inner_path, content)
return parent_content["includes"].get("/".join(inner_path_parts)) else: # No inner path in this dir, lets try the parent dir
elif parent_content and "user_contents" in parent_content: if dirs:
return self.getUserContentRules(parent_content, inner_path, content) inner_path_parts.insert(0, dirs.pop())
else: # No inner path in this dir, lets try the parent dir else: # No more parent dirs
if dirs: break
inner_path_parts.insert(0, dirs.pop())
else: # No more parent dirs return False
break
return False # Get rules for a user file
# Return: The rules of the file or False if not allowed
def getUserContentRules(self, parent_content, inner_path, content):
# Get rules for a user file user_contents = parent_content["user_contents"]
# Return: The rules of the file or False if not allowed user_address = re.match(".*/([A-Za-z0-9]*?)/.*?$", inner_path).group(1) # Delivered for directory
def getUserContentRules(self, parent_content, inner_path, content):
user_contents = parent_content["user_contents"] try:
user_address = re.match(".*/([A-Za-z0-9]*?)/.*?$", inner_path).group(1) # Delivered for directory if not content: content = self.site.storage.loadJson(inner_path) # Read the file if no content specified
except (Exception, ): # Content.json not exist
try: return {"signers": [user_address], "user_address": user_address} # Return information that we know for sure
if not content: content = self.site.storage.loadJson(inner_path) # Read the file if no content specificed
except: # Content.json not exist """if not "cert_user_name" in content: # New file, unknown user
return { "signers": [user_address], "user_address": user_address } # Return information that we know for sure content["cert_auth_type"] = "unknown"
content["cert_user_name"] = "unknown@unknown"
"""if not "cert_user_name" in content: # New file, unknown user """
content["cert_auth_type"] = "unknown" user_urn = "%s/%s" % (content["cert_auth_type"], content["cert_user_id"]) # web/nofish@zeroid.bit
content["cert_user_name"] = "unknown@unknown"
""" rules = copy.copy(user_contents["permissions"].get(content["cert_user_id"], {})) # Default rules by username
user_urn = "%s/%s" % (content["cert_auth_type"], content["cert_user_id"]) # web/nofish@zeroid.bit if not rules:
return False # User banned
rules = copy.copy(user_contents["permissions"].get(content["cert_user_id"], {})) # Default rules by username if "signers" in rules:
if rules == False: return False # User banned rules["signers"] = rules["signers"][:] # Make copy of the signers
if "signers" in rules: rules["signers"] = rules["signers"][:] # Make copy of the signers for permission_pattern, permission_rules in user_contents["permission_rules"].items(): # Regexp rules
for permission_pattern, permission_rules in user_contents["permission_rules"].items(): # Regexp rules if not re.match(permission_pattern, user_urn): continue # Rule is not valid for user
if not re.match(permission_pattern, user_urn): continue # Rule is not valid for user # Update rules if its better than current recorded ones
# Update rules if its better than current recorded ones for key, val in permission_rules.iteritems():
for key, val in permission_rules.iteritems(): if key not in rules:
if key not in rules: if type(val) is list:
if type(val) is list: rules[key] = val[:] # Make copy
rules[key] = val[:] # Make copy else:
else: rules[key] = val
rules[key] = val elif type(val) is int: # Int, update if larger
elif type(val) is int: # Int, update if larger if val > rules[key]:
if val > rules[key]: rules[key] = val rules[key] = val
elif hasattr(val, "startswith"): # String, update if longer elif hasattr(val, "startswith"): # String, update if longer
if len(val) > len(rules[key]): rules[key] = val if len(val) > len(rules[key]): rules[key] = val
elif type(val) is list: # List, append elif type(val) is list: # List, append
rules[key] += val rules[key] += val
rules["cert_signers"] = user_contents["cert_signers"] # Add valid cert signers rules["cert_signers"] = user_contents["cert_signers"] # Add valid cert signers
if "signers" not in rules: rules["signers"] = [] if "signers" not in rules: rules["signers"] = []
rules["signers"].append(user_address) # Add user as valid signer rules["signers"].append(user_address) # Add user as valid signer
rules["user_address"] = user_address rules["user_address"] = user_address
return rules
return rules
# Create and sign a content.json
# Return: The new content if filewrite = False
def sign(self, inner_path="content.json", privatekey=None, filewrite=True, update_changed_files=False, extend=None):
# Create and sign a content.json content = self.contents.get(inner_path)
# Return: The new content if filewrite = False if not content: # Content not exist yet, load default one
def sign(self, inner_path = "content.json", privatekey=None, filewrite=True, update_changed_files=False, extend=None): self.log.info("File %s not exist yet, loading default values..." % inner_path)
content = self.contents.get(inner_path) content = {"files": {}, "signs": {}} # Default content.json
if not content: # Content not exist yet, load default one if inner_path == "content.json": # It's the root content.json, add some more fields
self.log.info("File %s not exist yet, loading default values..." % inner_path) content["title"] = "%s - ZeroNet_" % self.site.address
content = {"files": {}, "signs": {}} # Default content.json content["description"] = ""
if inner_path == "content.json": # Its the root content.json, add some more fields content["signs_required"] = 1
content["title"] = "%s - ZeroNet_" % self.site.address content["ignore"] = ""
content["description"] = "" if extend: content.update(extend) # Add custom fields
content["signs_required"] = 1
content["ignore"] = "" directory = self.toDir(self.site.storage.getPath(inner_path))
if extend: content.update(extend) # Add custom fields self.log.info("Opening site data directory: %s..." % directory)
directory = self.toDir(self.site.storage.getPath(inner_path)) hashed_files = {}
self.log.info("Opening site data directory: %s..." % directory) changed_files = [inner_path]
for root, dirs, files in os.walk(directory):
hashed_files = {} for file_name in files:
changed_files = [inner_path] file_path = self.site.storage.getPath("%s/%s" % (root.strip("/"), file_name))
for root, dirs, files in os.walk(directory): file_inner_path = re.sub(re.escape(directory), "", file_path)
for file_name in files:
file_path = self.site.storage.getPath("%s/%s" % (root.strip("/"), file_name)) if file_name == "content.json": ignored = True
file_inner_path = re.sub(re.escape(directory), "", file_path) elif content.get("ignore") and re.match(content["ignore"], file_inner_path): ignored = True
elif file_name.startswith("."): ignored = True
if file_name == "content.json": ignored = True else: ignored = False
elif content.get("ignore") and re.match(content["ignore"], file_inner_path): ignored = True
elif file_name.startswith("."): ignored = True if ignored: # Ignore content.json, definied regexp and files starting with .
else: ignored = False self.log.info("- [SKIPPED] %s" % file_inner_path)
else:
if ignored: # Ignore content.json, definied regexp and files starting with . sha512sum = CryptHash.sha512sum(file_path) # Calculate sha512 sum of file
self.log.info("- [SKIPPED] %s" % file_inner_path) self.log.info("- %s (SHA512: %s)" % (file_inner_path, sha512sum))
else: hashed_files[file_inner_path] = {"sha512": sha512sum, "size": os.path.getsize(file_path)}
sha512sum = CryptHash.sha512sum(file_path) # Calculate sha512 sum of file if file_inner_path in content["files"].keys() and hashed_files[file_inner_path]["sha512"] != content["files"][file_inner_path].get("sha512"):
self.log.info("- %s (SHA512: %s)" % (file_inner_path, sha512sum)) changed_files.append(file_path)
hashed_files[file_inner_path] = {"sha512": sha512sum, "size": os.path.getsize(file_path)}
if file_inner_path in content["files"].keys() and hashed_files[file_inner_path]["sha512"] != content["files"][file_inner_path].get("sha512"): self.log.debug("Changed files: %s" % changed_files)
changed_files.append(file_path) if update_changed_files:
for file_path in changed_files:
self.site.storage.onUpdated(file_path)
self.log.debug("Changed files: %s" % changed_files)
if update_changed_files: # Generate new content.json
for file_path in changed_files: self.log.info("Adding timestamp and sha512sums to new content.json...")
self.site.storage.onUpdated(file_path)
new_content = content.copy() # Create a copy of current content.json
# Generate new content.json new_content["files"] = hashed_files # Add files sha512 hash
self.log.info("Adding timestamp and sha512sums to new content.json...") new_content["modified"] = time.time() # Add timestamp
if inner_path == "content.json":
new_content = content.copy() # Create a copy of current content.json new_content["address"] = self.site.address
new_content["files"] = hashed_files # Add files sha512 hash new_content["zeronet_version"] = config.version
new_content["modified"] = time.time() # Add timestamp new_content["signs_required"] = content.get("signs_required", 1)
if inner_path == "content.json":
new_content["address"] = self.site.address from Crypt import CryptBitcoin
new_content["zeronet_version"] = config.version self.log.info("Verifying private key...")
new_content["signs_required"] = content.get("signs_required", 1) privatekey_address = CryptBitcoin.privatekeyToAddress(privatekey)
valid_signers = self.getValidSigners(inner_path, new_content)
from Crypt import CryptBitcoin if privatekey_address not in valid_signers:
self.log.info("Verifying private key...") return self.log.error("Private key invalid! Valid signers: %s, Private key address: %s" % (valid_signers, privatekey_address))
privatekey_address = CryptBitcoin.privatekeyToAddress(privatekey) self.log.info("Correct %s in valid signers: %s" % (privatekey_address, valid_signers))
valid_signers = self.getValidSigners(inner_path, new_content)
if privatekey_address not in valid_signers: if inner_path == "content.json" and privatekey_address == self.site.address: # If signing using the root key sign the valid signers
return self.log.error("Private key invalid! Valid signers: %s, Private key address: %s" % (valid_signers, privatekey_address)) new_content["signers_sign"] = CryptBitcoin.sign("%s:%s" % (new_content["signs_required"], ",".join(valid_signers)), privatekey)
self.log.info("Correct %s in valid signers: %s" % (privatekey_address, valid_signers)) if not new_content["signers_sign"]: self.log.info("Old style address, signers_sign is none")
if inner_path == "content.json" and privatekey_address == self.site.address: # If signing using the root key sign the valid signers self.log.info("Signing %s..." % inner_path)
new_content["signers_sign"] = CryptBitcoin.sign("%s:%s" % (new_content["signs_required"], ",".join(valid_signers)), privatekey)
if not new_content["signers_sign"]: self.log.info("Old style address, signers_sign is none") if "signs" in new_content: del(new_content["signs"]) # Delete old signs
if "sign" in new_content: del(new_content["sign"]) # Delete old sign (backward compatibility)
self.log.info("Signing %s..." % inner_path)
sign_content = json.dumps(new_content, sort_keys=True)
if "signs" in new_content: del(new_content["signs"]) # Delete old signs sign = CryptBitcoin.sign(sign_content, privatekey)
if "sign" in new_content: del(new_content["sign"]) # Delete old sign (backward compatibility) #new_content["signs"] = content.get("signs", {}) # TODO: Multisig
if sign: # If signing is successful (not an old address)
sign_content = json.dumps(new_content, sort_keys=True) new_content["signs"] = {}
sign = CryptBitcoin.sign(sign_content, privatekey) new_content["signs"][privatekey_address] = sign
#new_content["signs"] = content.get("signs", {}) # TODO: Multisig
if sign: # If signing is successful (not an old address) if inner_path == "content.json": # To root content.json add old format sign for backward compatibility
new_content["signs"] = {} oldsign_content = json.dumps(new_content, sort_keys=True)
new_content["signs"][privatekey_address] = sign new_content["sign"] = CryptBitcoin.signOld(oldsign_content, privatekey)
if inner_path == "content.json": # To root content.json add old format sign for backward compatibility if not self.validContent(inner_path, new_content):
oldsign_content = json.dumps(new_content, sort_keys=True) self.log.error("Sign failed: Invalid content")
new_content["sign"] = CryptBitcoin.signOld(oldsign_content, privatekey) return False
if not self.validContent(inner_path, new_content): if filewrite:
self.log.error("Sign failed: Invalid content") self.log.info("Saving to %s..." % inner_path)
return False self.site.storage.writeJson(inner_path, new_content)
if filewrite: self.log.info("File %s signed!" % inner_path)
self.log.info("Saving to %s..." % inner_path)
self.site.storage.writeJson(inner_path, new_content) if filewrite: # Written to file
return True
self.log.info("File %s signed!" % inner_path) else: # Return the new content
return new_content
if filewrite: # Written to file
return True # The valid signers of content.json file
else: # Return the new content # Return: ["1KRxE1s3oDyNDawuYWpzbLUwNm8oDbeEp6", "13ReyhCsjhpuCVahn1DHdf6eMqqEVev162"]
return new_content def getValidSigners(self, inner_path, content=None):
valid_signers = []
if inner_path == "content.json": # Root content.json
# The valid signers of content.json file if "content.json" in self.contents and "signers" in self.contents["content.json"]:
# Return: ["1KRxE1s3oDyNDawuYWpzbLUwNm8oDbeEp6", "13ReyhCsjhpuCVahn1DHdf6eMqqEVev162"] valid_signers += self.contents["content.json"]["signers"].keys()
def getValidSigners(self, inner_path, content=None): else:
valid_signers = [] rules = self.getRules(inner_path, content)
if inner_path == "content.json": # Root content.json if rules and "signers" in rules:
if "content.json" in self.contents and "signers" in self.contents["content.json"]: valid_signers += rules["signers"]
valid_signers += self.contents["content.json"]["signers"].keys()
else: if self.site.address not in valid_signers:
rules = self.getRules(inner_path, content) valid_signers.append(self.site.address) # Site address always valid
if rules and "signers" in rules: return valid_signers
valid_signers += rules["signers"]
# Return: The required number of valid signs for the content.json
if self.site.address not in valid_signers: valid_signers.append(self.site.address) # Site address always valid def getSignsRequired(self, inner_path, content=None):
return valid_signers return 1 # Todo: Multisig
def verifyCert(self, inner_path, content):
# Return: The required number of valid signs for the content.json from Crypt import CryptBitcoin
def getSignsRequired(self, inner_path, content=None):
return 1 # Todo: Multisig rules = self.getRules(inner_path, content)
if not rules.get("cert_signers"): return True # Does not need cert
def verifyCert(self, inner_path, content): name, domain = content["cert_user_id"].split("@")
from Crypt import CryptBitcoin cert_address = rules["cert_signers"].get(domain)
if not cert_address: # Cert signer not allowed
rules = self.getRules(inner_path, content) self.log.error("Invalid cert signer: %s" % domain)
if not rules.get("cert_signers"): return True # Does not need cert return False
return CryptBitcoin.verify("%s#%s/%s" % (rules["user_address"], content["cert_auth_type"], name), cert_address, content["cert_sign"])
name, domain = content["cert_user_id"].split("@")
cert_address = rules["cert_signers"].get(domain) # Checks if the content.json content is valid
if not cert_address: # Cert signer not allowed # Return: True or False
self.log.error("Invalid cert signer: %s" % domain) def validContent(self, inner_path, content):
return False content_size = len(json.dumps(content)) + sum([file["size"] for file in content["files"].values()]) # Size of new content
return CryptBitcoin.verify("%s#%s/%s" % (rules["user_address"], content["cert_auth_type"], name), cert_address, content["cert_sign"]) site_size = self.getTotalSize(ignore=inner_path)+content_size # Site size without old content
if site_size > self.site.settings.get("size", 0): self.site.settings["size"] = site_size # Save to settings if larger
# Checks if the content.json content is valid site_size_limit = self.site.getSizeLimit()*1024*1024
# Return: True or False
def validContent(self, inner_path, content): # Check total site size limit
content_size = len(json.dumps(content)) + sum([file["size"] for file in content["files"].values()]) # Size of new content if site_size > site_size_limit:
site_size = self.getTotalSize(ignore=inner_path)+content_size # Site size without old content self.log.error("%s: Site too large %s > %s, aborting task..." % (inner_path, site_size, site_size_limit))
if site_size > self.site.settings.get("size", 0): self.site.settings["size"] = site_size # Save to settings if larger task = self.site.worker_manager.findTask(inner_path)
if task: # Dont try to download from other peers
site_size_limit = self.site.getSizeLimit()*1024*1024 self.site.worker_manager.failTask(task)
return False
# Check total site size limit
if site_size > site_size_limit: if inner_path == "content.json": return True # Root content.json is passed
self.log.error("%s: Site too large %s > %s, aborting task..." % (inner_path, site_size, site_size_limit))
task = self.site.worker_manager.findTask(inner_path) # Load include details
if task: # Dont try to download from other peers rules = self.getRules(inner_path, content)
self.site.worker_manager.failTask(task) if not rules:
return False self.log.error("%s: No rules" % inner_path)
return False
if inner_path == "content.json": return True # Root content.json is passed
# Check include size limit
# Load include details if rules.get("max_size"): # Include size limit
rules = self.getRules(inner_path, content) if content_size > rules["max_size"]:
if not rules: self.log.error("%s: Include too large %s > %s" % (inner_path, content_size, rules["max_size"]))
self.log.error("%s: No rules" % inner_path) return False
return False
# Check if content includes allowed
# Check include size limit if rules.get("includes_allowed") == False and content.get("includes"):
if rules.get("max_size"): # Include size limit self.log.error("%s: Includes not allowed" % inner_path)
if content_size > rules["max_size"]: return False # Includes not allowed
self.log.error("%s: Include too large %s > %s" % (inner_path, content_size, rules["max_size"]))
return False # Filename limit
if rules.get("files_allowed"):
# Check if content includes allowed for file_inner_path in content["files"].keys():
if rules.get("includes_allowed") == False and content.get("includes"): if not re.match("^%s$" % rules["files_allowed"], file_inner_path):
self.log.error("%s: Includes not allowed" % inner_path) self.log.error("%s: File not allowed" % file_inner_path)
return False # Includes not allowed return False
# Filename limit return True # All good
if rules.get("files_allowed"):
for file_inner_path in content["files"].keys(): # Verify file validity
if not re.match("^%s$" % rules["files_allowed"], file_inner_path): # Return: None = Same as before, False = Invalid, True = Valid
self.log.error("%s: File not allowed" % file_inner_path) def verifyFile(self, inner_path, file, ignore_same = True):
return False if inner_path.endswith("content.json"): # content.json: Check using sign
from Crypt import CryptBitcoin
return True # All good try:
new_content = json.load(file)
if inner_path in self.contents:
old_content = self.contents.get(inner_path)
# Verify file validity # Checks if its newer the ours
# Return: None = Same as before, False = Invalid, True = Valid if old_content["modified"] == new_content["modified"] and ignore_same: # Ignore, have the same content.json
def verifyFile(self, inner_path, file, ignore_same = True): return None
if inner_path.endswith("content.json"): # content.json: Check using sign elif old_content["modified"] > new_content["modified"]: # We have newer
from Crypt import CryptBitcoin self.log.debug("We have newer %s (Our: %s, Sent: %s)" % (inner_path, old_content["modified"], new_content["modified"]))
try: gevent.spawn(self.site.publish, inner_path=inner_path) # Try to fix the broken peers
new_content = json.load(file) return False
if inner_path in self.contents: if new_content["modified"] > time.time()+60*60*24: # Content modified in the far future (allow 1 day window)
old_content = self.contents.get(inner_path) self.log.error("%s modify is in the future!" % inner_path)
# Checks if its newer the ours return False
if old_content["modified"] == new_content["modified"] and ignore_same: # Ignore, have the same content.json # Check sign
return None sign = new_content.get("sign")
elif old_content["modified"] > new_content["modified"]: # We have newer signs = new_content.get("signs", {})
self.log.debug("We have newer %s (Our: %s, Sent: %s)" % (inner_path, old_content["modified"], new_content["modified"])) if "sign" in new_content: del(new_content["sign"]) # The file signed without the sign
gevent.spawn(self.site.publish, inner_path=inner_path) # Try to fix the broken peers if "signs" in new_content: del(new_content["signs"]) # The file signed without the signs
return False sign_content = json.dumps(new_content, sort_keys=True) # Dump the json to string to remove whitepsace
if new_content["modified"] > time.time()+60*60*24: # Content modified in the far future (allow 1 day window)
self.log.error("%s modify is in the future!" % inner_path) if not self.validContent(inner_path, new_content): return False # Content not valid (files too large, invalid files)
return False
# Check sign if signs: # New style signing
sign = new_content.get("sign") valid_signers = self.getValidSigners(inner_path, new_content)
signs = new_content.get("signs", {}) signs_required = self.getSignsRequired(inner_path, new_content)
if "sign" in new_content: del(new_content["sign"]) # The file signed without the sign
if "signs" in new_content: del(new_content["signs"]) # The file signed without the signs if inner_path == "content.json" and len(valid_signers) > 1: # Check signers_sign on root content.json
sign_content = json.dumps(new_content, sort_keys=True) # Dump the json to string to remove whitepsace if not CryptBitcoin.verify("%s:%s" % (signs_required, ",".join(valid_signers)), self.site.address, new_content["signers_sign"]):
self.log.error("%s invalid signers_sign!" % inner_path)
if not self.validContent(inner_path, new_content): return False # Content not valid (files too large, invalid files) return False
if signs: # New style signing if inner_path != "content.json" and not self.verifyCert(inner_path, new_content): # Check if cert valid
valid_signers = self.getValidSigners(inner_path, new_content) self.log.error("%s invalid cert!" % inner_path)
signs_required = self.getSignsRequired(inner_path, new_content) return False
if inner_path == "content.json" and len(valid_signers) > 1: # Check signers_sign on root content.json valid_signs = 0
if not CryptBitcoin.verify("%s:%s" % (signs_required, ",".join(valid_signers)), self.site.address, new_content["signers_sign"]): for address in valid_signers:
self.log.error("%s invalid signers_sign!" % inner_path) if address in signs: valid_signs += CryptBitcoin.verify(sign_content, address, signs[address])
return False if valid_signs >= signs_required: break # Break if we has enough signs
if inner_path != "content.json" and not self.verifyCert(inner_path, new_content): # Check if cert valid
self.log.error("%s invalid cert!" % inner_path)
return False return valid_signs >= signs_required
else: # Old style signing
valid_signs = 0 return CryptBitcoin.verify(sign_content, self.site.address, sign)
for address in valid_signers:
if address in signs: valid_signs += CryptBitcoin.verify(sign_content, address, signs[address]) except Exception, err:
if valid_signs >= signs_required: break # Break if we has enough signs self.log.error("Verify sign error: %s" % Debug.formatException(err))
return False
else: # Check using sha512 hash
return valid_signs >= signs_required file_info = self.getFileInfo(inner_path)
else: # Old style signing if file_info:
return CryptBitcoin.verify(sign_content, self.site.address, sign) if "sha512" in file_info:
hash_valid = CryptHash.sha512sum(file) == file_info["sha512"]
except Exception, err: elif "sha1" in file_info: # Backward compatibility
self.log.error("Verify sign error: %s" % Debug.formatException(err)) hash_valid = CryptHash.sha1sum(file) == file_info["sha1"]
return False else:
hash_valid = False
else: # Check using sha512 hash if file_info["size"] != file.tell():
file_info = self.getFileInfo(inner_path) self.log.error("%s file size does not match %s <> %s, Hash: %s" % (inner_path, file.tell(),
if file_info: file_info["size"], hash_valid))
if "sha512" in file_info: return False
hash_valid = CryptHash.sha512sum(file) == file_info["sha512"] return hash_valid
elif "sha1" in file_info: # Backward compatibility
hash_valid = CryptHash.sha1sum(file) == file_info["sha1"] else: # File not in content.json
else: self.log.error("File not in content.json: %s" % inner_path)
hash_valid = False return False
if file_info["size"] != file.tell():
self.log.error("%s file size does not match %s <> %s, Hash: %s" % (inner_path, file.tell(), file_info["size"], hash_valid))
return False # Get dir from file
return hash_valid # Return: data/site/content.json -> data/site
def toDir(self, inner_path):
else: # File not in content.json file_dir = re.sub("[^/]*?$", "", inner_path).strip("/")
self.log.error("File not in content.json: %s" % inner_path) if file_dir: file_dir += "/" # Add / at end if its not the root
return False return file_dir
# Get dir from file
# Return: data/site/content.json -> data/site
def toDir(self, inner_path):
file_dir = re.sub("[^/]*?$", "", inner_path).strip("/")
if file_dir: file_dir += "/" # Add / at end if its not the root
return file_dir
def testSign(): def testSign():
global config global config
from Config import config from Config import config
from Site import Site from Site import Site
site = Site("12Hw8rTgzrNo4DSh2AkqwPRqDyTticwJyH") site = Site("12Hw8rTgzrNo4DSh2AkqwPRqDyTticwJyH")
content_manager = ContentManager(site) content_manager = ContentManager(site)
content_manager.sign("data/users/1KRxE1s3oDyNDawuYWpzbLUwNm8oDbeEp6/content.json", "5JCGE6UUruhfmAfcZ2GYjvrswkaiq7uLo6Gmtf2ep2Jh2jtNzWR") content_manager.sign("data/users/1KRxE1s3oDyNDawuYWpzbLUwNm8oDbeEp6/content.json", "5JCGE6UUruhfmAfcZ2GYjvrswkaiq7uLo6Gmtf2ep2Jh2jtNzWR")
def testVerify(): def testVerify():
from Config import config from Config import config
from Site import Site from Site import Site
#site = Site("1EU1tbG9oC1A8jz2ouVwGZyQ5asrNsE4Vr") #site = Site("1EU1tbG9oC1A8jz2ouVwGZyQ5asrNsE4Vr")
site = Site("12Hw8rTgzrNo4DSh2AkqwPRqDyTticwJyH") site = Site("12Hw8rTgzrNo4DSh2AkqwPRqDyTticwJyH")
content_manager = ContentManager(site) content_manager = ContentManager(site)
print "Loaded contents:", content_manager.contents.keys() print "Loaded contents:", content_manager.contents.keys()
file = open(site.storage.getPath("data/users/1KRxE1s3oDyNDawuYWpzbLUwNm8oDbeEp6/content.json")) file = open(site.storage.getPath("data/users/1KRxE1s3oDyNDawuYWpzbLUwNm8oDbeEp6/content.json"))
print "content.json valid:", content_manager.verifyFile("data/users/1KRxE1s3oDyNDawuYWpzbLUwNm8oDbeEp6/content.json", file, ignore_same=False) print "content.json valid:", content_manager.verifyFile("data/users/1KRxE1s3oDyNDawuYWpzbLUwNm8oDbeEp6/content.json", file, ignore_same=False)
file = open(site.storage.getPath("data/users/1KRxE1s3oDyNDawuYWpzbLUwNm8oDbeEp6/messages.json")) file = open(site.storage.getPath("data/users/1KRxE1s3oDyNDawuYWpzbLUwNm8oDbeEp6/messages.json"))
print "messages.json valid:", content_manager.verifyFile("data/users/1KRxE1s3oDyNDawuYWpzbLUwNm8oDbeEp6/messages.json", file, ignore_same=False) print "messages.json valid:", content_manager.verifyFile("data/users/1KRxE1s3oDyNDawuYWpzbLUwNm8oDbeEp6/messages.json", file, ignore_same=False)
def testInfo(): def testInfo():
from Config import config from Config import config
from Site import Site from Site import Site
site = Site("12Hw8rTgzrNo4DSh2AkqwPRqDyTticwJyH") site = Site("12Hw8rTgzrNo4DSh2AkqwPRqDyTticwJyH")
content_manager = ContentManager(site) content_manager = ContentManager(site)
print content_manager.contents.keys() print content_manager.contents.keys()
print content_manager.getFileInfo("index.html") print content_manager.getFileInfo("index.html")
print content_manager.getIncludeInfo("data/users/1KRxE1s3oDyNDawuYWpzbLUwNm8oDbeEp6/content.json") print content_manager.getIncludeInfo("data/users/1KRxE1s3oDyNDawuYWpzbLUwNm8oDbeEp6/content.json")
print content_manager.getValidSigners("data/users/1KRxE1s3oDyNDawuYWpzbLUwNm8oDbeEp6/content.json") print content_manager.getValidSigners("data/users/1KRxE1s3oDyNDawuYWpzbLUwNm8oDbeEp6/content.json")
print content_manager.getValidSigners("data/users/content.json") print content_manager.getValidSigners("data/users/content.json")
print content_manager.getValidSigners("content.json") print content_manager.getValidSigners("content.json")
if __name__ == "__main__": if __name__ == "__main__":
import os, sys, logging import os, sys, logging
os.chdir("../..") os.chdir("../..")
sys.path.insert(0, os.path.abspath(".")) sys.path.insert(0, os.path.abspath("."))
sys.path.insert(0, os.path.abspath("src")) sys.path.insert(0, os.path.abspath("src"))
logging.basicConfig(level=logging.DEBUG) logging.basicConfig(level=logging.DEBUG)
from Debug import Debug from Debug import Debug
from Crypt import CryptHash from Crypt import CryptHash
#testSign() #testSign()
testVerify() testVerify()
#testInfo() #testInfo()