1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
|
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
#
# This Source Code Form is "Incompatible With Secondary Licenses", as
# defined by the Mozilla Public License, v. 2.0.
package Bugzilla::Extension::ProjectHoneyPot;
use strict;
use warnings;
use base qw(Bugzilla::Extension);
use Encode;
use Bugzilla::Error;
use Bugzilla::Util qw(remote_ip);
use Socket;
use Sys::Syslog qw(:DEFAULT setlogsock);
our $VERSION = '1';
sub user_verify_login {
my ($self, $args) = @_;
return unless my $api_key = Bugzilla->params->{honeypot_api_key};
my $ip = remote_ip();
return unless $ip =~ /^(\d+)\.(\d+)\.(\d+)\.(\d+)$/;
my $lookup = "$api_key.$4.$3.$2.$1.dnsbl.httpbl.org";
return unless my $packed = gethostbyname($lookup);
my $honeypot = inet_ntoa($packed);
return unless $honeypot =~ /^(\d+)\.(\d+)\.(\d+)\.(\d+)$/;
my ($status, $days, $threat, $type) = ($1, $2, $3, $4);
return if $status != 127
|| $threat < Bugzilla->params->{honeypot_threat_threshold};
_syslog(sprintf("[audit] blocked <%s> from creating %s, honeypot %s",
$ip, $args->{login}, $honeypot));
ThrowUserError('account_creation_restricted');
}
sub config_modify_panels {
my ($self, $args) = @_;
push @{ $args->{panels}->{auth}->{params} }, {
name => 'honeypot_api_key',
type => 't',
default => '',
};
push @{ $args->{panels}->{auth}->{params} }, {
name => 'honeypot_threat_threshold',
type => 't',
default => '32',
};
}
sub _syslog {
my $message = shift;
openlog('apache', 'cons,pid', 'local4');
syslog('notice', encode_utf8($message));
closelog();
}
__PACKAGE__->NAME;
|