Mercurial > p > roundup > code
annotate test/test_locking.py @ 5201:a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)_Prevention_Cheat_Sheet
and
https://seclab.stanford.edu/websec/csrf/csrf.pdf
Basically implement Synchronizer (CSRF) Tokens per form on a page.
Single use (destroyed once used). Random input data for the token
includes:
system random implementation in python using /dev/urandom
(fallback to random based on timestamp as the seed. Not
as good, but should be ok for the short lifetime of the
token??)
the id (in cpython it's the memory address) of the object
requesting a token. In theory this depends on memory layout, the
history of the process (how many previous objects have been
allocated from the heap etc.) I claim without any proof that for
long running processes this is another source of randomness. For
short running processes with little activity it could be guessed.
last the floating point time.time() value is added. This may
only have 1 second resolution so may be guessable.
Hopefully for a short lived (2 week by default) token this is
sufficient. Also in the current implementation the user is notified when
validation fails and is told why. This allows the roundup admin to find
the log entry (at error level) and try to resolve the issue. In the
future user notification may change but for now this is probably best.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Sat, 18 Mar 2017 16:59:01 -0400 |
| parents | 364c54991861 |
| children | 35ea9b1efc14 |
| rev | line source |
|---|---|
|
690
509a101305da
node ids are now generated from a lockable store - no more race conditions
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
1 # Copyright (c) 2002 ekit.com Inc (http://www.ekit-inc.com/) |
|
509a101305da
node ids are now generated from a lockable store - no more race conditions
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2 # |
|
509a101305da
node ids are now generated from a lockable store - no more race conditions
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
3 # Permission is hereby granted, free of charge, to any person obtaining a copy |
|
509a101305da
node ids are now generated from a lockable store - no more race conditions
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
4 # of this software and associated documentation files (the "Software"), to deal |
|
509a101305da
node ids are now generated from a lockable store - no more race conditions
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
5 # in the Software without restriction, including without limitation the rights |
|
509a101305da
node ids are now generated from a lockable store - no more race conditions
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
6 # to use, copy, modify, merge, publish, distribute, sublicense, and/or sell |
|
509a101305da
node ids are now generated from a lockable store - no more race conditions
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
7 # copies of the Software, and to permit persons to whom the Software is |
|
509a101305da
node ids are now generated from a lockable store - no more race conditions
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
8 # furnished to do so, subject to the following conditions: |
|
509a101305da
node ids are now generated from a lockable store - no more race conditions
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
9 # |
|
509a101305da
node ids are now generated from a lockable store - no more race conditions
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
10 # The above copyright notice and this permission notice shall be included in |
|
509a101305da
node ids are now generated from a lockable store - no more race conditions
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
11 # all copies or substantial portions of the Software. |
|
509a101305da
node ids are now generated from a lockable store - no more race conditions
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
12 # |
|
509a101305da
node ids are now generated from a lockable store - no more race conditions
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
13 # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR |
|
509a101305da
node ids are now generated from a lockable store - no more race conditions
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
14 # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, |
|
509a101305da
node ids are now generated from a lockable store - no more race conditions
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
15 # FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE |
|
509a101305da
node ids are now generated from a lockable store - no more race conditions
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
16 # AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER |
|
509a101305da
node ids are now generated from a lockable store - no more race conditions
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
17 # LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, |
|
509a101305da
node ids are now generated from a lockable store - no more race conditions
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
18 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE |
|
509a101305da
node ids are now generated from a lockable store - no more race conditions
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
19 # SOFTWARE. |
|
509a101305da
node ids are now generated from a lockable store - no more race conditions
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
20 |
|
509a101305da
node ids are now generated from a lockable store - no more race conditions
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
21 import os, unittest, tempfile |
|
509a101305da
node ids are now generated from a lockable store - no more race conditions
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
22 |
|
509a101305da
node ids are now generated from a lockable store - no more race conditions
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
23 from roundup.backends.locking import acquire_lock, release_lock |
|
509a101305da
node ids are now generated from a lockable store - no more race conditions
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
24 |
|
509a101305da
node ids are now generated from a lockable store - no more race conditions
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
25 class LockingTest(unittest.TestCase): |
|
509a101305da
node ids are now generated from a lockable store - no more race conditions
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
26 def setUp(self): |
|
509a101305da
node ids are now generated from a lockable store - no more race conditions
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
27 self.path = tempfile.mktemp() |
|
509a101305da
node ids are now generated from a lockable store - no more race conditions
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
28 open(self.path, 'w').write('hi\n') |
|
509a101305da
node ids are now generated from a lockable store - no more race conditions
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
29 |
|
1319
f8cc0b724b28
disable b0rken locking test
Richard Jones <richard@users.sourceforge.net>
parents:
1090
diff
changeset
|
30 # XXX test disabled because it simply doesn't work on many platforms |
|
f8cc0b724b28
disable b0rken locking test
Richard Jones <richard@users.sourceforge.net>
parents:
1090
diff
changeset
|
31 # (Solaris and Irix are known to fail, but Linux works) |
|
f8cc0b724b28
disable b0rken locking test
Richard Jones <richard@users.sourceforge.net>
parents:
1090
diff
changeset
|
32 def xtest_basics(self): |
|
690
509a101305da
node ids are now generated from a lockable store - no more race conditions
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
33 f = acquire_lock(self.path) |
|
509a101305da
node ids are now generated from a lockable store - no more race conditions
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
34 try: |
|
509a101305da
node ids are now generated from a lockable store - no more race conditions
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
35 acquire_lock(self.path, block=0) |
|
509a101305da
node ids are now generated from a lockable store - no more race conditions
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
36 except: |
|
509a101305da
node ids are now generated from a lockable store - no more race conditions
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
37 pass |
|
509a101305da
node ids are now generated from a lockable store - no more race conditions
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
38 else: |
|
509a101305da
node ids are now generated from a lockable store - no more race conditions
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
39 raise AssertionError, 'no exception' |
|
509a101305da
node ids are now generated from a lockable store - no more race conditions
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
40 release_lock(f) |
|
509a101305da
node ids are now generated from a lockable store - no more race conditions
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
41 f = acquire_lock(self.path) |
|
509a101305da
node ids are now generated from a lockable store - no more race conditions
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
42 release_lock(f) |
|
509a101305da
node ids are now generated from a lockable store - no more race conditions
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
43 |
|
509a101305da
node ids are now generated from a lockable store - no more race conditions
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
44 def tearDown(self): |
|
509a101305da
node ids are now generated from a lockable store - no more race conditions
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
45 os.remove(self.path) |
|
509a101305da
node ids are now generated from a lockable store - no more race conditions
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
46 |
|
509a101305da
node ids are now generated from a lockable store - no more race conditions
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
47 # vim: set filetype=python ts=4 sw=4 et si |