indymedia
/
epicyon
mirror of https://gitlab.com/bashrc2/epicyon
7
4
Fork 1
Code Issues 14 Releases Wiki Activity

Support broch mode within general blocking function

merge-requests/30/head
Bob Mottram 2021-06-21 16:56:55 +01:00
parent bbfb92d36b
commit 971ace14a8
1 changed files with 43 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

66
blocking.py
View File

@ -195,6 +195,18 @@ def updateBlockedCache(baseDir: str,
return currTime return currTime
def _getShortDomain(domain: str) -> str:
""" by checking a shorter version we can thwart adversaries
who constantly change their subdomain
e.g. subdomain123.mydomain.com becomes mydomain.com
"""
sections = domain.split('.')
noOfSections = len(sections)
if noOfSections > 2:
return sections[noOfSections-2] + '.' + sections[-1]
return None
def isBlockedDomain(baseDir: str, domain: str, def isBlockedDomain(baseDir: str, domain: str,
blockedCache: [] = None) -> bool: blockedCache: [] = None) -> bool:
"""Is the given domain blocked? """Is the given domain blocked?
@ -205,13 +217,7 @@ def isBlockedDomain(baseDir: str, domain: str,
if isEvil(domain): if isEvil(domain):
return True return True
# by checking a shorter version we can thwart adversaries shortDomain = _getShortDomain(domain)
# who constantly change their subdomain
sections = domain.split('.')
noOfSections = len(sections)
shortDomain = None
if noOfSections > 2:
shortDomain = domain[noOfSections-2] + '.' + domain[noOfSections-1]
if not brochModeIsActive(baseDir): if not brochModeIsActive(baseDir):
if blockedCache: if blockedCache:
@ -257,29 +263,43 @@ def isBlocked(baseDir: str, nickname: str, domain: str,
if blockNickname and blockDomain: if blockNickname and blockDomain:
blockHandle = blockNickname + '@' + blockDomain blockHandle = blockNickname + '@' + blockDomain
if blockedCache: if not brochModeIsActive(baseDir):
for blockedStr in blockedCache: # instance level block list
if '*@' + domain in blockedStr: if blockedCache:
return True for blockedStr in blockedCache:
if blockHandle: if '*@' + domain in blockedStr:
if blockHandle in blockedStr:
return True return True
if blockHandle:
if blockHandle in blockedStr:
return True
else:
globalBlockingFilename = baseDir + '/accounts/blocking.txt'
if os.path.isfile(globalBlockingFilename):
if '*@' + blockDomain in open(globalBlockingFilename).read():
return True
if blockHandle:
if blockHandle in open(globalBlockingFilename).read():
return True
else: else:
globalBlockingFilename = baseDir + '/accounts/blocking.txt' # instance allow list
if os.path.isfile(globalBlockingFilename): allowFilename = baseDir + '/accounts/allowedinstances.txt'
if '*@' + blockDomain in open(globalBlockingFilename).read(): shortDomain = _getShortDomain(blockDomain)
if not shortDomain:
if blockDomain not in open(allowFilename).read():
return True
else:
if shortDomain not in open(allowFilename).read():
return True return True
if blockHandle:
if blockHandle in open(globalBlockingFilename).read():
return True
allowFilename = baseDir + '/accounts/' + \ # account level allow list
nickname + '@' + domain + '/allowedinstances.txt' accountDir = baseDir + '/accounts/' + nickname + '@' + domain
allowFilename = accountDir + '/allowedinstances.txt'
if os.path.isfile(allowFilename): if os.path.isfile(allowFilename):
if blockDomain not in open(allowFilename).read(): if blockDomain not in open(allowFilename).read():
return True return True
blockingFilename = baseDir + '/accounts/' + \
nickname + '@' + domain + '/blocking.txt' # account level block list
blockingFilename = accountDir + '/blocking.txt'
if os.path.isfile(blockingFilename): if os.path.isfile(blockingFilename):
if '*@' + blockDomain in open(blockingFilename).read(): if '*@' + blockDomain in open(blockingFilename).read():
return True return True