diff options
| author | Armin Kuster <akuster808@gmail.com> | 2019-08-28 08:44:31 -0700 |
|---|---|---|
| committer | Armin Kuster <akuster808@gmail.com> | 2019-08-28 20:29:11 -0700 |
| commit | c83f0682e400475fdd53e4cabda0d6112016eebc (patch) | |
| tree | 1cbc88c66bbb3e4769e2353da139bc595fbb2b42 | |
| parent | 9e40485f6e8ae7858ca857c5f73054db1d2e6c28 (diff) | |
| download | meta-security-wip.tar.gz | |
fail2ban: remove Py2 and updatewip
remove patch included in update
fix issues do to python3
fix init file
Signed-off-by: Armin Kuster <akuster808@gmail.com>
6 files changed, 606 insertions, 86 deletions
diff --git a/recipes-security/fail2ban/files/0001-To-fix-build-error-of-xrang.patch b/recipes-security/fail2ban/files/0001-To-fix-build-error-of-xrang.patch deleted file mode 100644 index 7f0812c..0000000 --- a/recipes-security/fail2ban/files/0001-To-fix-build-error-of-xrang.patch +++ /dev/null | |||
| @@ -1,28 +0,0 @@ | |||
| 1 | From fe3436d65518099d35c643848cba50253abc249c Mon Sep 17 00:00:00 2001 | ||
| 2 | From: Lei Maohui <leimaohui@cn.fujitsu.com> | ||
| 3 | Date: Thu, 9 May 2019 14:44:51 +0900 | ||
| 4 | Subject: [PATCH] To fix build error of xrange. | ||
| 5 | |||
| 6 | NameError: name 'xrange' is not defined | ||
| 7 | |||
| 8 | Signed-off-by: Lei Maohui <leimaohui@cn.fujitsu.com> | ||
| 9 | --- | ||
| 10 | fail2ban/__init__.py | 2 +- | ||
| 11 | 1 file changed, 1 insertion(+), 1 deletion(-) | ||
| 12 | |||
| 13 | diff --git a/fail2ban/__init__.py b/fail2ban/__init__.py | ||
| 14 | index fa6dcf7..61789a4 100644 | ||
| 15 | --- a/fail2ban/__init__.py | ||
| 16 | +++ b/fail2ban/__init__.py | ||
| 17 | @@ -82,7 +82,7 @@ strptime("2012", "%Y") | ||
| 18 | |||
| 19 | # short names for pure numeric log-level ("Level 25" could be truncated by short formats): | ||
| 20 | def _init(): | ||
| 21 | - for i in xrange(50): | ||
| 22 | + for i in range(50): | ||
| 23 | if logging.getLevelName(i).startswith('Level'): | ||
| 24 | logging.addLevelName(i, '#%02d-Lev.' % i) | ||
| 25 | _init() | ||
| 26 | -- | ||
| 27 | 2.7.4 | ||
| 28 | |||
diff --git a/recipes-security/fail2ban/files/0001-fail2ban-update-to-work-with-python-3.7.patch b/recipes-security/fail2ban/files/0001-fail2ban-update-to-work-with-python-3.7.patch new file mode 100644 index 0000000..e6b9cab --- /dev/null +++ b/recipes-security/fail2ban/files/0001-fail2ban-update-to-work-with-python-3.7.patch | |||
| @@ -0,0 +1,550 @@ | |||
| 1 | From 71af4ecd1abe520a3bbfe46213a1cf464743e631 Mon Sep 17 00:00:00 2001 | ||
| 2 | From: Armin Kuster <akuster808@gmail.com> | ||
| 3 | Date: Wed, 28 Aug 2019 19:12:07 -0700 | ||
| 4 | Subject: [PATCH] fail2ban: update to work with python 3.7 | ||
| 5 | |||
| 6 | fixes errors like: AttributeError: 'dict' object has no attribute 'iteritems' | ||
| 7 | when using only python 3.7 | ||
| 8 | |||
| 9 | Signed-off-by: Armin Kuster <akuster808@gmail.com> | ||
| 10 | |||
| 11 | Upstream-Status: sumbitted upstream | ||
| 12 | |||
| 13 | |||
| 14 | --- | ||
| 15 | fail2ban/client/actionreader.py | 4 ++-- | ||
| 16 | fail2ban/client/configparserinc.py | 4 ++-- | ||
| 17 | fail2ban/client/fail2banclient.py | 2 +- | ||
| 18 | fail2ban/client/fail2banregex.py | 4 ++-- | ||
| 19 | fail2ban/client/filterreader.py | 2 +- | ||
| 20 | fail2ban/client/jailreader.py | 2 +- | ||
| 21 | fail2ban/server/action.py | 6 +++--- | ||
| 22 | fail2ban/server/actions.py | 14 +++++++------- | ||
| 23 | fail2ban/server/banmanager.py | 4 ++-- | ||
| 24 | fail2ban/server/database.py | 2 +- | ||
| 25 | fail2ban/server/failmanager.py | 6 +++--- | ||
| 26 | fail2ban/server/filter.py | 2 +- | ||
| 27 | fail2ban/server/filterpyinotify.py | 4 ++-- | ||
| 28 | fail2ban/server/server.py | 8 ++++---- | ||
| 29 | fail2ban/server/strptime.py | 2 +- | ||
| 30 | fail2ban/server/ticket.py | 20 ++++++++++---------- | ||
| 31 | fail2ban/server/utils.py | 6 +++--- | ||
| 32 | fail2ban/tests/clientreadertestcase.py | 2 +- | ||
| 33 | fail2ban/tests/filtertestcase.py | 2 +- | ||
| 34 | fail2ban/tests/samplestestcase.py | 6 +++--- | ||
| 35 | fail2ban/tests/utils.py | 2 +- | ||
| 36 | 21 files changed, 52 insertions(+), 52 deletions(-) | ||
| 37 | |||
| 38 | diff --git a/fail2ban/client/actionreader.py b/fail2ban/client/actionreader.py | ||
| 39 | index 3ed8204..6c534de 100644 | ||
| 40 | --- a/fail2ban/client/actionreader.py | ||
| 41 | +++ b/fail2ban/client/actionreader.py | ||
| 42 | @@ -88,11 +88,11 @@ class ActionReader(DefinitionInitConfigReader): | ||
| 43 | stream = list() | ||
| 44 | stream.append(head + ["addaction", self._name]) | ||
| 45 | multi = [] | ||
| 46 | - for opt, optval in opts.iteritems(): | ||
| 47 | + for opt, optval in opts.items(): | ||
| 48 | if opt in self._configOpts and not opt.startswith('known/'): | ||
| 49 | multi.append([opt, optval]) | ||
| 50 | if self._initOpts: | ||
| 51 | - for opt, optval in self._initOpts.iteritems(): | ||
| 52 | + for opt, optval in self._initOpts.items(): | ||
| 53 | if opt not in self._configOpts and not opt.startswith('known/'): | ||
| 54 | multi.append([opt, optval]) | ||
| 55 | if len(multi) > 1: | ||
| 56 | diff --git a/fail2ban/client/configparserinc.py b/fail2ban/client/configparserinc.py | ||
| 57 | index e0f3957..eaa95c8 100644 | ||
| 58 | --- a/fail2ban/client/configparserinc.py | ||
| 59 | +++ b/fail2ban/client/configparserinc.py | ||
| 60 | @@ -356,7 +356,7 @@ after = 1.conf | ||
| 61 | ret += i | ||
| 62 | # merge defaults and all sections to self: | ||
| 63 | alld.update(cfg.get_defaults()) | ||
| 64 | - for n, s in cfg.get_sections().iteritems(): | ||
| 65 | + for n, s in cfg.get_sections().items(): | ||
| 66 | # conditional sections | ||
| 67 | cond = SafeConfigParserWithIncludes.CONDITIONAL_RE.match(n) | ||
| 68 | if cond: | ||
| 69 | @@ -399,7 +399,7 @@ after = 1.conf | ||
| 70 | sec.update(options) | ||
| 71 | return | ||
| 72 | sk = {} | ||
| 73 | - for k, v in options.iteritems(): | ||
| 74 | + for k, v in options.items(): | ||
| 75 | if not k.startswith(pref) and k != '__name__': | ||
| 76 | sk[pref+k] = v | ||
| 77 | sec.update(sk) | ||
| 78 | diff --git a/fail2ban/client/fail2banclient.py b/fail2ban/client/fail2banclient.py | ||
| 79 | index 7c90ca4..a82458e 100755 | ||
| 80 | --- a/fail2ban/client/fail2banclient.py | ||
| 81 | +++ b/fail2ban/client/fail2banclient.py | ||
| 82 | @@ -444,7 +444,7 @@ class Fail2banClient(Fail2banCmdLine, Thread): | ||
| 83 | return False | ||
| 84 | finally: | ||
| 85 | self._alive = False | ||
| 86 | - for s, sh in _prev_signals.iteritems(): | ||
| 87 | + for s, sh in _prev_signals.items(): | ||
| 88 | signal.signal(s, sh) | ||
| 89 | |||
| 90 | |||
| 91 | diff --git a/fail2ban/client/fail2banregex.py b/fail2ban/client/fail2banregex.py | ||
| 92 | index 9279174..e7571cb 100644 | ||
| 93 | --- a/fail2ban/client/fail2banregex.py | ||
| 94 | +++ b/fail2ban/client/fail2banregex.py | ||
| 95 | @@ -233,7 +233,7 @@ class Fail2banRegex(object): | ||
| 96 | |||
| 97 | def __init__(self, opts): | ||
| 98 | # set local protected members from given options: | ||
| 99 | - self.__dict__.update(dict(('_'+o,v) for o,v in opts.__dict__.iteritems())) | ||
| 100 | + self.__dict__.update(dict(('_'+o,v) for o,v in opts.__dict__.items())) | ||
| 101 | self._maxlines_set = False # so we allow to override maxlines in cmdline | ||
| 102 | self._datepattern_set = False | ||
| 103 | self._journalmatch = None | ||
| 104 | @@ -413,7 +413,7 @@ class Fail2banRegex(object): | ||
| 105 | output( "Use %11s line : %s" % (regex, shortstr(value)) ) | ||
| 106 | regex_values = {regextype: [RegexStat(value)]} | ||
| 107 | |||
| 108 | - for regextype, regex_values in regex_values.iteritems(): | ||
| 109 | + for regextype, regex_values in regex_values.items(): | ||
| 110 | regex = regextype + 'regex' | ||
| 111 | setattr(self, "_" + regex, regex_values) | ||
| 112 | for regex in regex_values: | ||
| 113 | diff --git a/fail2ban/client/filterreader.py b/fail2ban/client/filterreader.py | ||
| 114 | index 9edeb2f..3757a6a 100644 | ||
| 115 | --- a/fail2ban/client/filterreader.py | ||
| 116 | +++ b/fail2ban/client/filterreader.py | ||
| 117 | @@ -57,7 +57,7 @@ class FilterReader(DefinitionInitConfigReader): | ||
| 118 | opts = self.getCombined() | ||
| 119 | if not len(opts): | ||
| 120 | return stream | ||
| 121 | - for opt, value in opts.iteritems(): | ||
| 122 | + for opt, value in opts.items(): | ||
| 123 | if opt in ("failregex", "ignoreregex"): | ||
| 124 | if value is None: continue | ||
| 125 | multi = [] | ||
| 126 | diff --git a/fail2ban/client/jailreader.py b/fail2ban/client/jailreader.py | ||
| 127 | index 85ed941..084c2fe 100644 | ||
| 128 | --- a/fail2ban/client/jailreader.py | ||
| 129 | +++ b/fail2ban/client/jailreader.py | ||
| 130 | @@ -236,7 +236,7 @@ class JailReader(ConfigReader): | ||
| 131 | return stream | ||
| 132 | if self.__filter: | ||
| 133 | stream.extend(self.__filter.convert()) | ||
| 134 | - for opt, value in self.__opts.iteritems(): | ||
| 135 | + for opt, value in self.__opts.items(): | ||
| 136 | if opt == "logpath": | ||
| 137 | if self.__opts.get('backend', '').startswith("systemd"): continue | ||
| 138 | found_files = 0 | ||
| 139 | diff --git a/fail2ban/server/action.py b/fail2ban/server/action.py | ||
| 140 | index a2ec03f..ad0adcc 100644 | ||
| 141 | --- a/fail2ban/server/action.py | ||
| 142 | +++ b/fail2ban/server/action.py | ||
| 143 | @@ -109,7 +109,7 @@ class CallingMap(MutableMapping, object): | ||
| 144 | def _asdict(self, calculated=False, checker=None): | ||
| 145 | d = dict(self.data, **self.storage) | ||
| 146 | if not calculated: | ||
| 147 | - return dict((n,v) for n,v in d.iteritems() \ | ||
| 148 | + return dict((n,v) for n,v in d.items() \ | ||
| 149 | if not callable(v) or n in self.CM_REPR_ITEMS) | ||
| 150 | for n,v in d.items(): | ||
| 151 | if callable(v): | ||
| 152 | @@ -513,7 +513,7 @@ class CommandAction(ActionBase): | ||
| 153 | family = [] | ||
| 154 | # collect started families, if started on demand (conditional): | ||
| 155 | if self._startOnDemand: | ||
| 156 | - family = [f for (f,v) in self.__started.iteritems() if v] | ||
| 157 | + family = [f for (f,v) in self.__started.items() if v] | ||
| 158 | # if no started (on demand) actions: | ||
| 159 | if not family: return True | ||
| 160 | return self._executeOperation('<actionflush>', 'flushing', family=family) | ||
| 161 | @@ -527,7 +527,7 @@ class CommandAction(ActionBase): | ||
| 162 | family = [] | ||
| 163 | # collect started families, if started on demand (conditional): | ||
| 164 | if self._startOnDemand: | ||
| 165 | - family = [f for (f,v) in self.__started.iteritems() if v] | ||
| 166 | + family = [f for (f,v) in self.__started.items() if v] | ||
| 167 | # if no started (on demand) actions: | ||
| 168 | if not family: return True | ||
| 169 | self.__started = {} | ||
| 170 | diff --git a/fail2ban/server/actions.py b/fail2ban/server/actions.py | ||
| 171 | index e42f663..7d5f4f0 100644 | ||
| 172 | --- a/fail2ban/server/actions.py | ||
| 173 | +++ b/fail2ban/server/actions.py | ||
| 174 | @@ -154,11 +154,11 @@ class Actions(JailThread, Mapping): | ||
| 175 | else: | ||
| 176 | if hasattr(self, '_reload_actions'): | ||
| 177 | # reload actions after all parameters set via stream: | ||
| 178 | - for name, initOpts in self._reload_actions.iteritems(): | ||
| 179 | + for name, initOpts in self._reload_actions.items(): | ||
| 180 | if name in self._actions: | ||
| 181 | self._actions[name].reload(**(initOpts if initOpts else {})) | ||
| 182 | # remove obsolete actions (untouched by reload process): | ||
| 183 | - delacts = OrderedDict((name, action) for name, action in self._actions.iteritems() | ||
| 184 | + delacts = OrderedDict((name, action) for name, action in self._actions.items() | ||
| 185 | if name not in self._reload_actions) | ||
| 186 | if len(delacts): | ||
| 187 | # unban all tickets using remove action only: | ||
| 188 | @@ -312,7 +312,7 @@ class Actions(JailThread, Mapping): | ||
| 189 | True when the thread exits nicely. | ||
| 190 | """ | ||
| 191 | cnt = 0 | ||
| 192 | - for name, action in self._actions.iteritems(): | ||
| 193 | + for name, action in self._actions.items(): | ||
| 194 | try: | ||
| 195 | action.start() | ||
| 196 | except Exception as e: | ||
| 197 | @@ -471,7 +471,7 @@ class Actions(JailThread, Mapping): | ||
| 198 | Observers.Main.add('banFound', bTicket, self._jail, btime) | ||
| 199 | logSys.notice("[%s] %sBan %s", self._jail.name, ('' if not bTicket.restored else 'Restore '), ip) | ||
| 200 | # do actions : | ||
| 201 | - for name, action in self._actions.iteritems(): | ||
| 202 | + for name, action in self._actions.items(): | ||
| 203 | try: | ||
| 204 | if ticket.restored and getattr(action, 'norestored', False): | ||
| 205 | continue | ||
| 206 | @@ -513,7 +513,7 @@ class Actions(JailThread, Mapping): | ||
| 207 | if not self.__banManager._inBanList(ticket): return | ||
| 208 | # do actions : | ||
| 209 | aInfo = None | ||
| 210 | - for name, action in self._actions.iteritems(): | ||
| 211 | + for name, action in self._actions.items(): | ||
| 212 | try: | ||
| 213 | if ticket.restored and getattr(action, 'norestored', False): | ||
| 214 | continue | ||
| 215 | @@ -562,7 +562,7 @@ class Actions(JailThread, Mapping): | ||
| 216 | cnt = 0 | ||
| 217 | # first we'll execute flush for actions supporting this operation: | ||
| 218 | unbactions = {} | ||
| 219 | - for name, action in (actions if actions is not None else self._actions).iteritems(): | ||
| 220 | + for name, action in (actions if actions is not None else self._actions).items(): | ||
| 221 | if hasattr(action, 'flush') and action.actionflush: | ||
| 222 | logSys.notice("[%s] Flush ticket(s) with %s", self._jail.name, name) | ||
| 223 | action.flush() | ||
| 224 | @@ -601,7 +601,7 @@ class Actions(JailThread, Mapping): | ||
| 225 | aInfo = self.__getActionInfo(ticket) | ||
| 226 | if log: | ||
| 227 | logSys.notice("[%s] Unban %s", self._jail.name, aInfo["ip"]) | ||
| 228 | - for name, action in unbactions.iteritems(): | ||
| 229 | + for name, action in unbactions.items(): | ||
| 230 | try: | ||
| 231 | if ticket.restored and getattr(action, 'norestored', False): | ||
| 232 | continue | ||
| 233 | diff --git a/fail2ban/server/banmanager.py b/fail2ban/server/banmanager.py | ||
| 234 | index 5770bfd..1383b52 100644 | ||
| 235 | --- a/fail2ban/server/banmanager.py | ||
| 236 | +++ b/fail2ban/server/banmanager.py | ||
| 237 | @@ -341,7 +341,7 @@ class BanManager: | ||
| 238 | # Gets the list of ticket to remove (thereby correct next unban time). | ||
| 239 | unBanList = {} | ||
| 240 | nextUnbanTime = BanTicket.MAX_TIME | ||
| 241 | - for fid,ticket in self.__banList.iteritems(): | ||
| 242 | + for fid,ticket in self.__banList.items(): | ||
| 243 | # current time greater as end of ban - timed out: | ||
| 244 | eob = ticket.getEndOfBanTime(self.__banTime) | ||
| 245 | if time > eob: | ||
| 246 | @@ -361,7 +361,7 @@ class BanManager: | ||
| 247 | del self.__banList[fid] | ||
| 248 | else: | ||
| 249 | # create new dictionary without items to be deleted: | ||
| 250 | - self.__banList = dict((fid,ticket) for fid,ticket in self.__banList.iteritems() \ | ||
| 251 | + self.__banList = dict((fid,ticket) for fid,ticket in self.__banList.items() \ | ||
| 252 | if fid not in unBanList) | ||
| 253 | |||
| 254 | # return list of tickets: | ||
| 255 | diff --git a/fail2ban/server/database.py b/fail2ban/server/database.py | ||
| 256 | index 0dd9acb..5b72f57 100644 | ||
| 257 | --- a/fail2ban/server/database.py | ||
| 258 | +++ b/fail2ban/server/database.py | ||
| 259 | @@ -67,7 +67,7 @@ if sys.version_info >= (3,): # pragma: 2.x no cover | ||
| 260 | else: # pragma: 3.x no cover | ||
| 261 | def _normalize(x): | ||
| 262 | if isinstance(x, dict): | ||
| 263 | - return dict((_normalize(k), _normalize(v)) for k, v in x.iteritems()) | ||
| 264 | + return dict((_normalize(k), _normalize(v)) for k, v in x.items()) | ||
| 265 | elif isinstance(x, (list, set)): | ||
| 266 | return [_normalize(element) for element in x] | ||
| 267 | elif isinstance(x, unicode): | ||
| 268 | diff --git a/fail2ban/server/failmanager.py b/fail2ban/server/failmanager.py | ||
| 269 | index 93c028f..9612426 100644 | ||
| 270 | --- a/fail2ban/server/failmanager.py | ||
| 271 | +++ b/fail2ban/server/failmanager.py | ||
| 272 | @@ -125,7 +125,7 @@ class FailManager: | ||
| 273 | # in case of having many active failures, it should be ran only | ||
| 274 | # if debug level is "low" enough | ||
| 275 | failures_summary = ', '.join(['%s:%d' % (k, v.getRetry()) | ||
| 276 | - for k,v in self.__failList.iteritems()]) | ||
| 277 | + for k,v in self.__failList.items()]) | ||
| 278 | logSys.log(logLevel, "Total # of detected failures: %d. Current failures from %d IPs (IP:count): %s" | ||
| 279 | % (self.__failTotal, len(self.__failList), failures_summary)) | ||
| 280 | |||
| 281 | @@ -138,7 +138,7 @@ class FailManager: | ||
| 282 | |||
| 283 | def cleanup(self, time): | ||
| 284 | with self.__lock: | ||
| 285 | - todelete = [fid for fid,item in self.__failList.iteritems() \ | ||
| 286 | + todelete = [fid for fid,item in self.__failList.items() \ | ||
| 287 | if item.getLastTime() + self.__maxTime <= time] | ||
| 288 | if len(todelete) == len(self.__failList): | ||
| 289 | # remove all: | ||
| 290 | @@ -152,7 +152,7 @@ class FailManager: | ||
| 291 | del self.__failList[fid] | ||
| 292 | else: | ||
| 293 | # create new dictionary without items to be deleted: | ||
| 294 | - self.__failList = dict((fid,item) for fid,item in self.__failList.iteritems() \ | ||
| 295 | + self.__failList = dict((fid,item) for fid,item in self.__failList.items() \ | ||
| 296 | if item.getLastTime() + self.__maxTime > time) | ||
| 297 | self.__bgSvc.service() | ||
| 298 | |||
| 299 | diff --git a/fail2ban/server/filter.py b/fail2ban/server/filter.py | ||
| 300 | index c2df26e..6c5cb65 100644 | ||
| 301 | --- a/fail2ban/server/filter.py | ||
| 302 | +++ b/fail2ban/server/filter.py | ||
| 303 | @@ -671,7 +671,7 @@ class Filter(JailThread): | ||
| 304 | # except: | ||
| 305 | # pass | ||
| 306 | # # update not empty values: | ||
| 307 | - # mlfidGroups.update(((k,v) for k,v in fail.iteritems() if v)) | ||
| 308 | + # mlfidGroups.update(((k,v) for k,v in fail.items() if v)) | ||
| 309 | |||
| 310 | def _mergeFailure(self, mlfid, fail, failRegex): | ||
| 311 | mlfidFail = self.mlfidCache.get(mlfid) if self.__mlfidCache else None | ||
| 312 | diff --git a/fail2ban/server/filterpyinotify.py b/fail2ban/server/filterpyinotify.py | ||
| 313 | index ca6b253..f685649 100644 | ||
| 314 | --- a/fail2ban/server/filterpyinotify.py | ||
| 315 | +++ b/fail2ban/server/filterpyinotify.py | ||
| 316 | @@ -168,7 +168,7 @@ class FilterPyinotify(FileFilter): | ||
| 317 | return | ||
| 318 | found = {} | ||
| 319 | minTime = 60 | ||
| 320 | - for path, (retardTM, isDir) in self.__pending.iteritems(): | ||
| 321 | + for path, (retardTM, isDir) in self.__pending.items(): | ||
| 322 | if ntm - self.__pendingChkTime < retardTM: | ||
| 323 | if minTime > retardTM: minTime = retardTM | ||
| 324 | continue | ||
| 325 | @@ -184,7 +184,7 @@ class FilterPyinotify(FileFilter): | ||
| 326 | self.__pendingChkTime = time.time() | ||
| 327 | self.__pendingMinTime = minTime | ||
| 328 | # process now because we've missed it in monitoring: | ||
| 329 | - for path, isDir in found.iteritems(): | ||
| 330 | + for path, isDir in found.items(): | ||
| 331 | self._delPending(path) | ||
| 332 | # refresh monitoring of this: | ||
| 333 | self._refreshWatcher(path, isDir=isDir) | ||
| 334 | diff --git a/fail2ban/server/server.py b/fail2ban/server/server.py | ||
| 335 | index 853eb75..f4c2b18 100644 | ||
| 336 | --- a/fail2ban/server/server.py | ||
| 337 | +++ b/fail2ban/server/server.py | ||
| 338 | @@ -187,7 +187,7 @@ class Server: | ||
| 339 | |||
| 340 | # Restore default signal handlers: | ||
| 341 | if _thread_name() == '_MainThread': | ||
| 342 | - for s, sh in self.__prev_signals.iteritems(): | ||
| 343 | + for s, sh in self.__prev_signals.items(): | ||
| 344 | signal.signal(s, sh) | ||
| 345 | |||
| 346 | # Give observer a small chance to complete its work before exit | ||
| 347 | @@ -296,7 +296,7 @@ class Server: | ||
| 348 | if "--restart" in opts: | ||
| 349 | self.stopAllJail() | ||
| 350 | # first set all affected jail(s) to idle and reset filter regex and other lists/dicts: | ||
| 351 | - for jn, jail in self.__jails.iteritems(): | ||
| 352 | + for jn, jail in self.__jails.items(): | ||
| 353 | if name == '--all' or jn == name: | ||
| 354 | jail.idle = True | ||
| 355 | self.__reload_state[jn] = jail | ||
| 356 | @@ -307,7 +307,7 @@ class Server: | ||
| 357 | # end reload, all affected (or new) jails have already all new parameters (via stream) and (re)started: | ||
| 358 | with self.__lock: | ||
| 359 | deljails = [] | ||
| 360 | - for jn, jail in self.__jails.iteritems(): | ||
| 361 | + for jn, jail in self.__jails.items(): | ||
| 362 | # still in reload state: | ||
| 363 | if jn in self.__reload_state: | ||
| 364 | # remove jails that are not reloaded (untouched, so not in new configuration) | ||
| 365 | @@ -753,7 +753,7 @@ class Server: | ||
| 366 | return "flushed" | ||
| 367 | |||
| 368 | def setThreadOptions(self, value): | ||
| 369 | - for o, v in value.iteritems(): | ||
| 370 | + for o, v in value.items(): | ||
| 371 | if o == 'stacksize': | ||
| 372 | threading.stack_size(int(v)*1024) | ||
| 373 | else: # pragma: no cover | ||
| 374 | diff --git a/fail2ban/server/strptime.py b/fail2ban/server/strptime.py | ||
| 375 | index 498d284..89df503 100644 | ||
| 376 | --- a/fail2ban/server/strptime.py | ||
| 377 | +++ b/fail2ban/server/strptime.py | ||
| 378 | @@ -171,7 +171,7 @@ def reGroupDictStrptime(found_dict, msec=False, default_tz=None): | ||
| 379 | year = month = day = hour = minute = tzoffset = \ | ||
| 380 | weekday = julian = week_of_year = None | ||
| 381 | second = fraction = 0 | ||
| 382 | - for key, val in found_dict.iteritems(): | ||
| 383 | + for key, val in found_dict.items(): | ||
| 384 | if val is None: continue | ||
| 385 | # Directives not explicitly handled below: | ||
| 386 | # c, x, X | ||
| 387 | diff --git a/fail2ban/server/ticket.py b/fail2ban/server/ticket.py | ||
| 388 | index 09e19cf..defd7b1 100644 | ||
| 389 | --- a/fail2ban/server/ticket.py | ||
| 390 | +++ b/fail2ban/server/ticket.py | ||
| 391 | @@ -55,13 +55,13 @@ class Ticket(object): | ||
| 392 | self._time = time if time is not None else MyTime.time() | ||
| 393 | self._data = {'matches': matches or [], 'failures': 0} | ||
| 394 | if data is not None: | ||
| 395 | - for k,v in data.iteritems(): | ||
| 396 | + for k,v in data.items(): | ||
| 397 | if v is not None: | ||
| 398 | self._data[k] = v | ||
| 399 | if ticket: | ||
| 400 | # ticket available - copy whole information from ticket: | ||
| 401 | self.update(ticket) | ||
| 402 | - #self.__dict__.update(i for i in ticket.__dict__.iteritems() if i[0] in self.__dict__) | ||
| 403 | + #self.__dict__.update(i for i in ticket.__dict__.items() if i[0] in self.__dict__) | ||
| 404 | |||
| 405 | def __str__(self): | ||
| 406 | return "%s: ip=%s time=%s bantime=%s bancount=%s #attempts=%d matches=%r" % \ | ||
| 407 | @@ -180,8 +180,8 @@ class Ticket(object): | ||
| 408 | # if overwrite - set data and filter None values: | ||
| 409 | if len(args) == 1: | ||
| 410 | # todo: if support >= 2.7 only: | ||
| 411 | - # self._data = {k:v for k,v in args[0].iteritems() if v is not None} | ||
| 412 | - self._data = dict([(k,v) for k,v in args[0].iteritems() if v is not None]) | ||
| 413 | + # self._data = {k:v for k,v in args[0].items() if v is not None} | ||
| 414 | + self._data = dict([(k,v) for k,v in args[0].items() if v is not None]) | ||
| 415 | # add k,v list or dict (merge): | ||
| 416 | elif len(args) == 2: | ||
| 417 | self._data.update((args,)) | ||
| 418 | @@ -191,8 +191,8 @@ class Ticket(object): | ||
| 419 | self._data.update(argv) | ||
| 420 | # filter (delete) None values: | ||
| 421 | # todo: if support >= 2.7 only: | ||
| 422 | - # self._data = {k:v for k,v in self._data.iteritems() if v is not None} | ||
| 423 | - self._data = dict([(k,v) for k,v in self._data.iteritems() if v is not None]) | ||
| 424 | + # self._data = {k:v for k,v in self._data.items() if v is not None} | ||
| 425 | + self._data = dict([(k,v) for k,v in self._data.items() if v is not None]) | ||
| 426 | |||
| 427 | def getData(self, key=None, default=None): | ||
| 428 | # return whole data dict: | ||
| 429 | @@ -205,13 +205,13 @@ class Ticket(object): | ||
| 430 | # return filtered by lambda/function: | ||
| 431 | if callable(key): | ||
| 432 | # todo: if support >= 2.7 only: | ||
| 433 | - # return {k:v for k,v in self._data.iteritems() if key(k)} | ||
| 434 | - return dict([(k,v) for k,v in self._data.iteritems() if key(k)]) | ||
| 435 | + # return {k:v for k,v in self._data.items() if key(k)} | ||
| 436 | + return dict([(k,v) for k,v in self._data.items() if key(k)]) | ||
| 437 | # return filtered by keys: | ||
| 438 | if hasattr(key, '__iter__'): | ||
| 439 | # todo: if support >= 2.7 only: | ||
| 440 | - # return {k:v for k,v in self._data.iteritems() if k in key} | ||
| 441 | - return dict([(k,v) for k,v in self._data.iteritems() if k in key]) | ||
| 442 | + # return {k:v for k,v in self._data.items() if k in key} | ||
| 443 | + return dict([(k,v) for k,v in self._data.items() if k in key]) | ||
| 444 | # return single value of data: | ||
| 445 | return self._data.get(key, default) | ||
| 446 | |||
| 447 | diff --git a/fail2ban/server/utils.py b/fail2ban/server/utils.py | ||
| 448 | index d4461a7..13c24e7 100644 | ||
| 449 | --- a/fail2ban/server/utils.py | ||
| 450 | +++ b/fail2ban/server/utils.py | ||
| 451 | @@ -57,7 +57,7 @@ _RETCODE_HINTS = { | ||
| 452 | |||
| 453 | # Dictionary to lookup signal name from number | ||
| 454 | signame = dict((num, name) | ||
| 455 | - for name, num in signal.__dict__.iteritems() if name.startswith("SIG")) | ||
| 456 | + for name, num in signal.__dict__.items() if name.startswith("SIG")) | ||
| 457 | |||
| 458 | class Utils(): | ||
| 459 | """Utilities provide diverse static methods like executes OS shell commands, etc. | ||
| 460 | @@ -109,7 +109,7 @@ class Utils(): | ||
| 461 | break | ||
| 462 | else: # pragma: 3.x no cover (dict is in 2.6 only) | ||
| 463 | remlst = [] | ||
| 464 | - for (ck, cv) in cache.iteritems(): | ||
| 465 | + for (ck, cv) in cache.items(): | ||
| 466 | # if expired: | ||
| 467 | if cv[1] <= t: | ||
| 468 | remlst.append(ck) | ||
| 469 | @@ -152,7 +152,7 @@ class Utils(): | ||
| 470 | if not isinstance(realCmd, list): | ||
| 471 | realCmd = [realCmd] | ||
| 472 | i = len(realCmd)-1 | ||
| 473 | - for k, v in varsDict.iteritems(): | ||
| 474 | + for k, v in varsDict.items(): | ||
| 475 | varsStat += "%s=$%s " % (k, i) | ||
| 476 | realCmd.append(v) | ||
| 477 | i += 1 | ||
| 478 | diff --git a/fail2ban/tests/clientreadertestcase.py b/fail2ban/tests/clientreadertestcase.py | ||
| 479 | index 8320370..edad9bc 100644 | ||
| 480 | --- a/fail2ban/tests/clientreadertestcase.py | ||
| 481 | +++ b/fail2ban/tests/clientreadertestcase.py | ||
| 482 | @@ -349,7 +349,7 @@ class JailReaderTest(LogCaptureTestCase): | ||
| 483 | # And multiple groups (`][` instead of `,`) | ||
| 484 | result = extractOptions(option.replace(',', '][')) | ||
| 485 | expected2 = (expected[0], | ||
| 486 | - dict((k, v.replace(',', '][')) for k, v in expected[1].iteritems()) | ||
| 487 | + dict((k, v.replace(',', '][')) for k, v in expected[1].items()) | ||
| 488 | ) | ||
| 489 | self.assertEqual(expected2, result) | ||
| 490 | |||
| 491 | diff --git a/fail2ban/tests/filtertestcase.py b/fail2ban/tests/filtertestcase.py | ||
| 492 | index f4f6ad0..12f48c4 100644 | ||
| 493 | --- a/fail2ban/tests/filtertestcase.py | ||
| 494 | +++ b/fail2ban/tests/filtertestcase.py | ||
| 495 | @@ -1974,7 +1974,7 @@ class DNSUtilsNetworkTests(unittest.TestCase): | ||
| 496 | '93.184.216.34': 'ip4-test', | ||
| 497 | '2606:2800:220:1:248:1893:25c8:1946': 'ip6-test' | ||
| 498 | } | ||
| 499 | - d2 = dict([(IPAddr(k), v) for k, v in d.iteritems()]) | ||
| 500 | + d2 = dict([(IPAddr(k), v) for k, v in d.items()]) | ||
| 501 | self.assertTrue(isinstance(d.keys()[0], basestring)) | ||
| 502 | self.assertTrue(isinstance(d2.keys()[0], IPAddr)) | ||
| 503 | self.assertEqual(d.get(ip4[2], ''), 'ip4-test') | ||
| 504 | diff --git a/fail2ban/tests/samplestestcase.py b/fail2ban/tests/samplestestcase.py | ||
| 505 | index 1039b65..73bdaad 100644 | ||
| 506 | --- a/fail2ban/tests/samplestestcase.py | ||
| 507 | +++ b/fail2ban/tests/samplestestcase.py | ||
| 508 | @@ -138,7 +138,7 @@ class FilterSamplesRegex(unittest.TestCase): | ||
| 509 | |||
| 510 | @staticmethod | ||
| 511 | def _filterOptions(opts): | ||
| 512 | - return dict((k, v) for k, v in opts.iteritems() if not k.startswith('test.')) | ||
| 513 | + return dict((k, v) for k, v in opts.items() if not k.startswith('test.')) | ||
| 514 | |||
| 515 | def testSampleRegexsFactory(name, basedir): | ||
| 516 | def testFilter(self): | ||
| 517 | @@ -254,7 +254,7 @@ def testSampleRegexsFactory(name, basedir): | ||
| 518 | "Multiple regexs matched %r" % (map(lambda x: x[0], ret))) | ||
| 519 | |||
| 520 | # Verify match captures (at least fid/host) and timestamp as expected | ||
| 521 | - for k, v in faildata.iteritems(): | ||
| 522 | + for k, v in faildata.items(): | ||
| 523 | if k not in ("time", "match", "desc", "filter"): | ||
| 524 | fv = fail.get(k, None) | ||
| 525 | if fv is None: | ||
| 526 | @@ -296,7 +296,7 @@ def testSampleRegexsFactory(name, basedir): | ||
| 527 | '\n'.join(pprint.pformat(fail).splitlines()))) | ||
| 528 | |||
| 529 | # check missing samples for regex using each filter-options combination: | ||
| 530 | - for fltName, flt in self._filters.iteritems(): | ||
| 531 | + for fltName, flt in self._filters.items(): | ||
| 532 | flt, regexsUsedIdx = flt | ||
| 533 | regexList = flt.getFailRegex() | ||
| 534 | for failRegexIndex, failRegex in enumerate(regexList): | ||
| 535 | diff --git a/fail2ban/tests/utils.py b/fail2ban/tests/utils.py | ||
| 536 | index bb1b302..527b9ac 100644 | ||
| 537 | --- a/fail2ban/tests/utils.py | ||
| 538 | +++ b/fail2ban/tests/utils.py | ||
| 539 | @@ -572,7 +572,7 @@ def assertSortedEqual(self, a, b, level=1, nestedOnly=True, key=repr, msg=None): | ||
| 540 | return | ||
| 541 | raise ValueError('%r != %r' % (a, b)) | ||
| 542 | if isinstance(a, dict) and isinstance(b, dict): # compare dict's: | ||
| 543 | - for k, v1 in a.iteritems(): | ||
| 544 | + for k, v1 in a.items(): | ||
| 545 | v2 = b[k] | ||
| 546 | if isinstance(v1, (dict, list, tuple)) and isinstance(v2, (dict, list, tuple)): | ||
| 547 | _assertSortedEqual(v1, v2, level-1 if level != 0 else 0, nestedOnly, key) | ||
| 548 | -- | ||
| 549 | 2.7.4 | ||
| 550 | |||
diff --git a/recipes-security/fail2ban/files/initd b/recipes-security/fail2ban/files/initd index 4f4b394..ef58e2d 100644 --- a/recipes-security/fail2ban/files/initd +++ b/recipes-security/fail2ban/files/initd | |||
| @@ -17,6 +17,14 @@ | |||
| 17 | # Check that the config file exists | 17 | # Check that the config file exists |
| 18 | [ -f /etc/fail2ban/fail2ban.conf ] || exit 0 | 18 | [ -f /etc/fail2ban/fail2ban.conf ] || exit 0 |
| 19 | 19 | ||
| 20 | echo_success() { | ||
| 21 | echo -n "OK" | ||
| 22 | } | ||
| 23 | |||
| 24 | echo_failure() { | ||
| 25 | echo -n "FAIL" | ||
| 26 | } | ||
| 27 | |||
| 20 | check_privsep_dir() { | 28 | check_privsep_dir() { |
| 21 | # Create the PrivSep empty dir if necessary | 29 | # Create the PrivSep empty dir if necessary |
| 22 | if [ ! -d /var/run/fail2ban ]; then | 30 | if [ ! -d /var/run/fail2ban ]; then |
diff --git a/recipes-security/fail2ban/python-fail2ban.inc b/recipes-security/fail2ban/python-fail2ban.inc deleted file mode 100644 index 7270ed8..0000000 --- a/recipes-security/fail2ban/python-fail2ban.inc +++ /dev/null | |||
| @@ -1,49 +0,0 @@ | |||
| 1 | SUMMARY = "Daemon to ban hosts that cause multiple authentication errors." | ||
| 2 | DESCRIPTION = "Fail2Ban scans log files like /var/log/auth.log and bans IP addresses having too \ | ||
| 3 | many failed login attempts. It does this by updating system firewall rules to reject new \ | ||
| 4 | connections from those IP addresses, for a configurable amount of time. Fail2Ban comes \ | ||
| 5 | out-of-the-box ready to read many standard log files, such as those for sshd and Apache, \ | ||
| 6 | and is easy to configure to read any log file you choose, for any error you choose." | ||
| 7 | HOMEPAGE = "http://www.fail2ban.org" | ||
| 8 | |||
| 9 | LICENSE = "GPL-2.0" | ||
| 10 | LIC_FILES_CHKSUM = "file://COPYING;md5=ecabc31e90311da843753ba772885d9f" | ||
| 11 | |||
| 12 | SRCREV ="aa565eb80ec6043317e8430cabcaf9c3f4e61578" | ||
| 13 | SRC_URI = " \ | ||
| 14 | git://github.com/fail2ban/fail2ban.git;branch=0.11 \ | ||
| 15 | file://initd \ | ||
| 16 | file://fail2ban_setup.py \ | ||
| 17 | file://run-ptest \ | ||
| 18 | " | ||
| 19 | |||
| 20 | inherit update-rc.d ptest | ||
| 21 | |||
| 22 | S = "${WORKDIR}/git" | ||
| 23 | |||
| 24 | INITSCRIPT_PACKAGES = "${PN}" | ||
| 25 | INITSCRIPT_NAME = "fail2ban-server" | ||
| 26 | INITSCRIPT_PARAMS = "defaults 25" | ||
| 27 | |||
| 28 | do_compile_prepend () { | ||
| 29 | cp ${WORKDIR}/fail2ban_setup.py ${S}/setup.py | ||
| 30 | } | ||
| 31 | |||
| 32 | do_install_append () { | ||
| 33 | install -d ${D}/${sysconfdir}/fail2ban | ||
| 34 | install -d ${D}/${sysconfdir}/init.d | ||
| 35 | install -m 0755 ${WORKDIR}/initd ${D}${sysconfdir}/init.d/fail2ban-server | ||
| 36 | chown -R root:root ${D}/${bindir} | ||
| 37 | } | ||
| 38 | |||
| 39 | do_install_ptest_append () { | ||
| 40 | install -d ${D}${PTEST_PATH} | ||
| 41 | sed -i -e 's/##PYTHON##/${PYTHON_PN}/g' ${D}${PTEST_PATH}/run-ptest | ||
| 42 | install -D ${S}/bin/fail2ban-testcases ${D}${PTEST_PATH} | ||
| 43 | } | ||
| 44 | |||
| 45 | FILES_${PN} += "/run" | ||
| 46 | |||
| 47 | INSANE_SKIP_${PN}_append = "already-stripped" | ||
| 48 | |||
| 49 | RDEPENDS_${PN} = "sysklogd iptables sqlite3 ${PYTHON_PN} ${PYTHON_PN}-pyinotify" | ||
diff --git a/recipes-security/fail2ban/python-fail2ban_0.10.4.0.bb b/recipes-security/fail2ban/python-fail2ban_0.10.4.0.bb deleted file mode 100644 index 17a7dd8..0000000 --- a/recipes-security/fail2ban/python-fail2ban_0.10.4.0.bb +++ /dev/null | |||
| @@ -1,4 +0,0 @@ | |||
| 1 | inherit setuptools | ||
| 2 | require python-fail2ban.inc | ||
| 3 | |||
| 4 | RDEPENDS_${PN}-ptest = "python python-modules python-fail2ban" | ||
diff --git a/recipes-security/fail2ban/python3-fail2ban_0.10.4.0.bb b/recipes-security/fail2ban/python3-fail2ban_0.10.4.0.bb index 23ef027..7a278b4 100644 --- a/recipes-security/fail2ban/python3-fail2ban_0.10.4.0.bb +++ b/recipes-security/fail2ban/python3-fail2ban_0.10.4.0.bb | |||
| @@ -1,8 +1,51 @@ | |||
| 1 | inherit setuptools3 | 1 | SUMMARY = "Daemon to ban hosts that cause multiple authentication errors." |
| 2 | require python-fail2ban.inc | 2 | DESCRIPTION = "Fail2Ban scans log files like /var/log/auth.log and bans IP addresses having too \ |
| 3 | many failed login attempts. It does this by updating system firewall rules to reject new \ | ||
| 4 | connections from those IP addresses, for a configurable amount of time. Fail2Ban comes \ | ||
| 5 | out-of-the-box ready to read many standard log files, such as those for sshd and Apache, \ | ||
| 6 | and is easy to configure to read any log file you choose, for any error you choose." | ||
| 7 | HOMEPAGE = "http://www.fail2ban.org" | ||
| 3 | 8 | ||
| 4 | RDEPENDS_${PN}-ptest = "python3-core python3-io python3-modules python3-fail2ban" | 9 | LICENSE = "GPL-2.0" |
| 10 | LIC_FILES_CHKSUM = "file://COPYING;md5=ecabc31e90311da843753ba772885d9f" | ||
| 5 | 11 | ||
| 6 | SRC_URI += " \ | 12 | SRCREV ="822f8adb6a59c37698232580cb66236b51c2721f" |
| 7 | file://0001-To-fix-build-error-of-xrang.patch \ | 13 | SRC_URI = " \ |
| 14 | git://github.com/fail2ban/fail2ban.git;branch=0.11 \ | ||
| 15 | file://initd \ | ||
| 16 | file://fail2ban_setup.py \ | ||
| 17 | file://run-ptest \ | ||
| 18 | file://0001-fail2ban-update-to-work-with-python-3.7.patch \ | ||
| 8 | " | 19 | " |
| 20 | |||
| 21 | inherit setuptools3 update-rc.d ptest | ||
| 22 | |||
| 23 | S = "${WORKDIR}/git" | ||
| 24 | |||
| 25 | INITSCRIPT_PACKAGES = "${PN}" | ||
| 26 | INITSCRIPT_NAME = "fail2ban-server" | ||
| 27 | INITSCRIPT_PARAMS = "defaults 25" | ||
| 28 | |||
| 29 | do_compile_prepend () { | ||
| 30 | cp ${WORKDIR}/fail2ban_setup.py ${S}/setup.py | ||
| 31 | } | ||
| 32 | |||
| 33 | do_install_append () { | ||
| 34 | install -d ${D}/${sysconfdir}/fail2ban | ||
| 35 | install -d ${D}/${sysconfdir}/init.d | ||
| 36 | install -m 0755 ${WORKDIR}/initd ${D}${sysconfdir}/init.d/fail2ban-server | ||
| 37 | chown -R root:root ${D}/${bindir} | ||
| 38 | } | ||
| 39 | |||
| 40 | do_install_ptest_append () { | ||
| 41 | install -d ${D}${PTEST_PATH} | ||
| 42 | sed -i -e 's/##PYTHON##/${PYTHON_PN}/g' ${D}${PTEST_PATH}/run-ptest | ||
| 43 | install -D ${S}/bin/fail2ban-testcases ${D}${PTEST_PATH} | ||
| 44 | } | ||
| 45 | |||
| 46 | FILES_${PN} += "/run" | ||
| 47 | |||
| 48 | INSANE_SKIP_${PN}_append = "already-stripped" | ||
| 49 | |||
| 50 | RDEPENDS_${PN} = "sysklogd iptables sqlite3 python3-core python3-pyinotify" | ||
| 51 | RDEPENDS_${PN}-ptest = "python3-core python3-io python3-modules python3-fail2ban" | ||
