summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLukas Fleischer <lfleischer@archlinux.org>2017-01-25 08:22:54 +0100
committerLukas Fleischer <lfleischer@archlinux.org>2017-01-25 18:42:34 +0100
commitf8916d7e9bda129a57143d769f7eb1f596614c80 (patch)
tree1eda89a37f44d91397c3ee382ff1fd5bf3b8c2b1
parentb8df10e22732fd678a6d30e2bf4ac5eb14cf898e (diff)
downloadaur-f8916d7e9bda129a57143d769f7eb1f596614c80.tar.gz
aur-f8916d7e9bda129a57143d769f7eb1f596614c80.tar.xz
git-serve: Save last SSH login date and IP address
In addition to logging the last login date and IP address on the web interface, store the time stamp and IP address of the last SSH login in the database. This simplifies user banning if one of the new SSH interface features, such as the voting mechanism implemented in 7ee2fdd (git-serve: Add support for (un-)voting, 2017-01-23), is abused. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
-rwxr-xr-xaurweb/git/serve.py13
-rw-r--r--schema/aur-schema.sql2
-rw-r--r--upgrading/4.5.0.txt10
3 files changed, 24 insertions, 1 deletions
diff --git a/aurweb/git/serve.py b/aurweb/git/serve.py
index 4c03e3b6..cfd4910d 100755
--- a/aurweb/git/serve.py
+++ b/aurweb/git/serve.py
@@ -410,6 +410,18 @@ def pkgbase_has_full_access(pkgbase, user):
return cur.fetchone()[0] > 0
+def log_ssh_login(user, remote_addr):
+ conn = aurweb.db.Connection()
+
+ now = int(time.time())
+ conn.execute("UPDATE Users SET LastSSHLogin = ?, " +
+ "LastSSHLoginIPAddress = ? WHERE Username = ?",
+ [now, remote_addr, user])
+
+ conn.commit()
+ conn.close()
+
+
def die(msg):
sys.stderr.write("{:s}\n".format(msg))
exit(1)
@@ -451,6 +463,7 @@ def serve(action, cmdargv, user, privileged, remote_addr):
if enable_maintenance:
if remote_addr not in maintenance_exc:
raise aurweb.exceptions.MaintenanceException
+ log_ssh_login(user, remote_addr)
if action == 'git' and cmdargv[1] in ('upload-pack', 'receive-pack'):
action = action + '-' + cmdargv[1]
diff --git a/schema/aur-schema.sql b/schema/aur-schema.sql
index 13e3fd94..b0663eb5 100644
--- a/schema/aur-schema.sql
+++ b/schema/aur-schema.sql
@@ -38,6 +38,8 @@ CREATE TABLE Users (
PGPKey VARCHAR(40) NULL DEFAULT NULL,
LastLogin BIGINT UNSIGNED NOT NULL DEFAULT 0,
LastLoginIPAddress VARCHAR(45) NULL DEFAULT NULL,
+ LastSSHLogin BIGINT UNSIGNED NOT NULL DEFAULT 0,
+ LastSSHLoginIPAddress VARCHAR(45) NULL DEFAULT NULL,
InactivityTS BIGINT UNSIGNED NOT NULL DEFAULT 0,
RegistrationTS TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
CommentNotify TINYINT(1) NOT NULL DEFAULT 1,
diff --git a/upgrading/4.5.0.txt b/upgrading/4.5.0.txt
index 6c4ce807..5cf0888c 100644
--- a/upgrading/4.5.0.txt
+++ b/upgrading/4.5.0.txt
@@ -2,4 +2,12 @@
---
ALTER TABLE Users ADD COLUMN Timezone VARCHAR(32) NOT NULL DEFAULT 'UTC';
---- \ No newline at end of file
+---
+
+2. Add LastSSHLogin and LastSSHLoginIPAddress columns to the Users table:
+
+---
+ALTER TABLE Users
+ ADD COLUMN LastSSHLogin BIGINT UNSIGNED NOT NULL DEFAULT 0,
+ ADD COLUMN LastSSHLoginIPAddress VARCHAR(45) NULL DEFAULT NULL;
+---