r4sas/py-i2phosts
1
0
Fork 0
mirror of https://github.com/r4sas/py-i2phosts synced 2025-02-09 05:14:22 +00:00
Code Issues Releases Wiki Activity

web/lib/validation.py: use plain ValidationError

Browse Source
This commit is contained in:
Hidden Z 2010-10-31 10:30:01 +00:00
parent d398eca9ab
commit 9f3773cebf
1 changed files with 24 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
web/lib/validation.py
View File

@ -2,7 +2,8 @@
import re import re
from django import forms from django.core.exceptions import ValidationError
from web.postkey.models import i2phost from web.postkey.models import i2phost
@ -17,45 +18,45 @@ def validate_hostname(data):
# do lenght check here for avoiding django.db.utils.DatabaseError exceptions # do lenght check here for avoiding django.db.utils.DatabaseError exceptions
# when trying to add too long hostname with py-i2phosts-injector # when trying to add too long hostname with py-i2phosts-injector
if len(data) > 67: if len(data) > 67:
raise forms.ValidationError('Too long hostname (should be 67 chars max)') raise ValidationError('Too long hostname (should be 67 chars max)')
# Must end with '.i2p'. # Must end with '.i2p'.
if re.match(r'.*\.i2p$', data) == None: if re.match(r'.*\.i2p$', data) == None:
raise forms.ValidationError('Hostname doesn\'t ends with .i2p') raise ValidationError('Hostname doesn\'t ends with .i2p')
# Base 32 hostnames (*.b32.i2p) are not allowed # Base 32 hostnames (*.b32.i2p) are not allowed
if re.match(r'.*\.b32\.i2p$', data): if re.match(r'.*\.b32\.i2p$', data):
raise forms.ValidationError('Base32 hostnames are not allowed') raise ValidationError('Base32 hostnames are not allowed')
# prevent common errors # prevent common errors
if re.match(r'\.i2p$', data): if re.match(r'\.i2p$', data):
raise forms.ValidationError('Incomplete hostname') raise ValidationError('Incomplete hostname')
if re.match(r'^http:/', data): if re.match(r'^http:/', data):
raise forms.ValidationError('Do not paste full URL, just domain') raise ValidationError('Do not paste full URL, just domain')
# Must not contain '..' # Must not contain '..'
if re.search(r'\.\.', data): if re.search(r'\.\.', data):
raise forms.ValidationError('".." in hostname') raise ValidationError('".." in hostname')
# Allow only 4ld domains and below # Allow only 4ld domains and below
if data.count('.') > 3: if data.count('.') > 3:
raise forms.ValidationError('Subdomains deeper than 4LD are not allowed') raise ValidationError('Subdomains deeper than 4LD are not allowed')
# Must contain only [a-z] [0-9] '.' and '-' # Must contain only [a-z] [0-9] '.' and '-'
h = re.match(r'([a-z0-9.-]+)\.i2p$', data) h = re.match(r'([a-z0-9.-]+)\.i2p$', data)
if h == None: if h == None:
raise forms.ValidationError('Illegal characters in hostname') raise ValidationError('Illegal characters in hostname')
else: else:
namepart = h.groups()[0] namepart = h.groups()[0]
# Must not start with '.' or '-' # Must not start with '.' or '-'
if re.match(r'^\.|-', namepart): if re.match(r'^\.|-', namepart):
raise forms.ValidationError('Hostname must not starts with "." or "-"') raise ValidationError('Hostname must not starts with "." or "-"')
# Must not contain '.-' or '-.' (as of 0.6.1.33) # Must not contain '.-' or '-.' (as of 0.6.1.33)
if re.search(r'(\.-)|(-\.)', namepart): if re.search(r'(\.-)|(-\.)', namepart):
raise forms.ValidationError('Hostname contain ".-" or "-."') raise ValidationError('Hostname contain ".-" or "-."')
# Must not contain '--' except in 'xn--' for IDN # Must not contain '--' except in 'xn--' for IDN
if re.search(r'(?<!^xn)--', namepart) and re.search(r'(?<!\.xn)--', namepart): if re.search(r'(?<!^xn)--', namepart) and re.search(r'(?<!\.xn)--', namepart):
raise forms.ValidationError('Hostname contain "--" and it\'s not an IDN') raise ValidationError('Hostname contain "--" and it\'s not an IDN')
# Certain hostnames reserved for project use are not allowed # Certain hostnames reserved for project use are not allowed
if re.search(r'(^|\.)(proxy|router|console|b32|b64)$', namepart): if re.search(r'(^|\.)(proxy|router|console|b32|b64)$', namepart):
raise forms.ValidationError('Trying to use reserved hostname') raise ValidationError('Trying to use reserved hostname')
# Block various localhost.* in addition # Block various localhost.* in addition
if re.match(r'^localhost($|\..*$)', namepart): if re.match(r'^localhost($|\..*$)', namepart):
raise forms.ValidationError('localhost.* not allowed') raise ValidationError('localhost.* not allowed')
return data return data
@ -68,23 +69,23 @@ def validate_b64hash(data, check_uniq=True):
length = len(data) length = len(data)
# check for b32 address misuse # check for b32 address misuse
if re.match(r'.*\.b32\.i2p$', data): if re.match(r'.*\.b32\.i2p$', data):
raise forms.ValidationError('You should paste base64 hash, not a base32!') raise ValidationError('You should paste base64 hash, not a base32!')
# fail if contains .i2p= (full foo.i2p=key) # fail if contains .i2p= (full foo.i2p=key)
if re.search(r'\.i2p=', data): if re.search(r'\.i2p=', data):
raise forms.ValidationError('Do not paste full hosts.txt entry! Only base64 hash are needed') raise ValidationError('Do not paste full hosts.txt entry! Only base64 hash are needed')
# check for pasting router hash # check for pasting router hash
if length == 44: if length == 44:
raise forms.ValidationError('Do not paste router hash! Go to i2ptunnel page and \ raise ValidationError('Do not paste router hash! Go to i2ptunnel page and \
find a destination hash') find a destination hash')
# Minimum key length 516 bytes # Minimum key length 516 bytes
if length < 516: if length < 516:
raise forms.ValidationError('Specified base64 hash are less than 516 bytes') raise ValidationError('Specified base64 hash are less than 516 bytes')
# Maximum key length 616 bytes # Maximum key length 616 bytes
if length > 616: if length > 616:
raise forms.ValidationError('Specified base64 hash are bigger than 616 bytes') raise ValidationError('Specified base64 hash are bigger than 616 bytes')
# keys with cert may ends with anything, so check is relaxed # keys with cert may ends with anything, so check is relaxed
if length > 516 and re.match(r'[a-zA-Z0-9\-~]+$', data) == None: if length > 516 and re.match(r'[a-zA-Z0-9\-~]+$', data) == None:
raise forms.ValidationError('Invalid characters in base64 hash') raise ValidationError('Invalid characters in base64 hash')
# base64-validity test # base64-validity test
if length > 516: if length > 516:
# we need temporary variable here to avoid modifying main "data" # we need temporary variable here to avoid modifying main "data"
@ -98,13 +99,13 @@ def validate_b64hash(data, check_uniq=True):
break break
# if more than 2 pad chars were added, raise an error # if more than 2 pad chars were added, raise an error
if i > 2: if i > 2:
raise forms.ValidationError('Corrupted base64 hash') raise ValidationError('Corrupted base64 hash')
# base64-i2p # base64-i2p
if length == 516 and re.match(r'[a-zA-Z0-9\-~]+AA$', data) == None: if length == 516 and re.match(r'[a-zA-Z0-9\-~]+AA$', data) == None:
raise forms.ValidationError('Invalid base64 hash') raise ValidationError('Invalid base64 hash')
if check_uniq == True: if check_uniq == True:
# Avoid adding non-unique hashes # Avoid adding non-unique hashes
qs = i2phost.objects.filter(b64hash=data) qs = i2phost.objects.filter(b64hash=data)
if qs.exists(): if qs.exists():
raise forms.ValidationError('Base64 hash must be unique') raise ValidationError('Base64 hash must be unique')
return data return data