journal/views: manage both nginx and haproxy vars in ssl_client_verify; raise exception on insert error
This commit is contained in:
parent
4a877b340f
commit
e4566af515
|
@ -10,7 +10,11 @@ field_multiline_pattern = re.compile(r'^([A-Z_][A-Z0-9_]+)\n([\w\W]*)$')
|
|||
def handle_journal_upload_stream(journal_stream, debug=False):
|
||||
tail = ''
|
||||
while True:
|
||||
line = journal_stream.readline().decode('utf-8', errors='replace').rstrip('\n')
|
||||
try:
|
||||
rline = journal_stream.readline()
|
||||
except AttributeError:
|
||||
break
|
||||
line = rline.decode('utf-8', errors='replace').rstrip('\n')
|
||||
if line.endswith('\r'):
|
||||
line = line.rstrip('\r')
|
||||
if not line:
|
||||
|
|
|
@ -59,8 +59,16 @@ def ssl_client_verify(view):
|
|||
@wraps(view)
|
||||
def wrapper(request, *args, **kwargs):
|
||||
headers = request.META
|
||||
if headers.get('X-SSL') == 1 and headers.get('X-SSL-Client-Verify') == 0:
|
||||
request.host_verified = headers.get('X-SSL-Client-CN')
|
||||
if headers.get('HTTP_X_SSL') == "1" and (
|
||||
headers.get('HTTP_X_SSL_CLIENT_VERIFY') == "0"
|
||||
or headers.get('HTTP_X_SSL_CLIENT_VERIFY') == "SUCCESS"
|
||||
):
|
||||
cn = headers.get('HTTP_X_SSL_CLIENT_CN')
|
||||
dn = headers.get('HTTP_X_SSL_CLIENT_DN')
|
||||
if cn:
|
||||
request.host_verified = cn
|
||||
else:
|
||||
request.host_verified = dn.split(',')[0].split('=')[1]
|
||||
else:
|
||||
if settings.DEBUG:
|
||||
request.host_verified = 'test_host'
|
||||
|
@ -94,14 +102,11 @@ def UploadView(request, debug=False):
|
|||
count += 1
|
||||
if debug and count % 1000 == 0:
|
||||
print(count, timestamp)
|
||||
try:
|
||||
Entry.objects.bulk_create(new_entries)
|
||||
new_entries = []
|
||||
except:
|
||||
# todo: log errors or raise?
|
||||
continue
|
||||
Entry.objects.bulk_create(new_entries)
|
||||
new_entries = []
|
||||
if debug:
|
||||
elapsed = datetime.datetime.now() - start_timestamp
|
||||
elapsed = datetime.datetime.now() - now
|
||||
print('elapsed: %s' % elapsed)
|
||||
print('count: %s' % count)
|
||||
return HttpResponse('')
|
||||
return HttpResponse('added %s' % count)
|
||||
raise PermissionDenied
|
||||
|
|
|
@ -94,13 +94,13 @@ _SOURCE_REALTIME_TIMESTAMP=1596449391625441
|
|||
|
||||
|
||||
def test_journal_stream_auth(client):
|
||||
page = client.get('/upload')
|
||||
page = client.post('/upload')
|
||||
assert page.status_code == 403
|
||||
|
||||
|
||||
@override_settings(DEBUG=True)
|
||||
def test_journal_stream_auth_debug(client):
|
||||
page = client.get('/upload')
|
||||
page = client.post('/upload')
|
||||
assert page.status_code == 200
|
||||
|
||||
|
||||
|
|
Reference in New Issue