a =*fO4@sdZdZdZddlZddlZddlmZmZddlm Z m Z m Z dd l m Z mZmZmZe eZeed Zd d ZGd ddZGddde ZGdddeZdS)z?Cyril Jaquier, Yaroslav Halchenko, Serg G. Brester (aka sebres)z\Copyright (c) 2004 Cyril Jaquier, 2007 Yaroslav Halchenko, 2015 Serg G. Brester (aka sebres)ZGPLN) NoOptionErrorNoSectionError)sysSafeConfigParserWithIncludeslogLevel) getLogger_as_bool _merge_dictssubstituteRecursiveTags)boolintccsrt|ttfrL|D]6}t|dkr.|\}}}n|d\}}}|||fVqn"|D]}||\}}|||fVqPdS)zIterator over the options template with default options. Each options entry is composed of an array or tuple with: [[type, name, ?default?], ...] Or it is a dict: {name: [type, default], ...} rN) isinstancelisttuplelen)optionsoptnameopttypeoptvaluer@/usr/lib/python3.9/site-packages/fail2ban/client/configreader.py_OptionsTemplateGen)s   rc@seZdZdZd"ddZddZddZed d Zd#d d Z d$ddZ ddZ ddZ d%ddZ ddZddZd&ddZdifddZd d!ZdS)' ConfigReaderzkGeneric config reader class. A caching adapter which automatically reuses already shared configuration. NcKsTd|_d|_|dur||_|dur6||_||_d|_n|jdurPtfi||_dSN) _cfg_share_cfg_cfg_share_kwargs_cfg_share_basedirConfigReaderUnshared)selfZ use_config share_configkwargsrrr__init__Ds zConfigReader.__init__cCs|jr|j|n||_dSr)r setBaseDirrr!basedirrrrr%RszConfigReader.setBaseDircCs|jr|jS|jSdSr)r getBaseDirrr!rrrr(Xs zConfigReader.getBaseDircCs|jSr)rr)rrrr"^szConfigReader.share_configTcCsT|js|||r(|jjdur(|jjStd||j|j|}||j_|S)z Overloads a default (not shared) read of config reader. To prevent multiple reads of config files with it includes, reads into the config reader, if it was not yet cached/shared by 'name'. Nz Loading configs for %s under %s )r_create_unsharedread_cfg_fileslogSysinfor(read)r!nameonceretrrrr.bs  zConfigReader.readcCsx|jsb|jdurb|j||_|jsttfd|ji|j|_|jdurT|j|j|j|j|<ntfi|j|_dS)z Allocates and share a config file by it name. Automatically allocates unshared or reuses shared handle by given 'name' and init arguments inside a given shared storage. Nr")rrgetr rrr%)r!r/rrrr*ws zConfigReader._create_unsharedcCs2zdd|jDWSty,gYS0dS)Ncss|]}|ds|VqdS)zKNOWN/N) startswith).0nrrr z(ConfigReader.sections..)rsectionsAttributeErrorr)rrrr9s zConfigReader.sectionscCs(z|j|WSty"YdS0dS)NF)r has_sectionr:)r!secrrrr;s zConfigReader.has_sectioncCs&|r|j||S||jj|ivSr)r has_optionZ _sectionsr3)r!r<opt withDefaultrrrr=szConfigReader.has_optioncCs|j|dSr)rZ get_defaultsupdate)r!drrrmerge_defaultsszConfigReader.merge_defaultscOs<z|jj|g|Ri|WSty6t|Yn0dSr)r merge_sectionr:rr!sectionargsr#rrrrCs zConfigReader.merge_sectionFcCs0z|j||WSty*t|Yn0dS)zReturn a list of option names for the given section name. Parameter `withDefault` controls the include of names from section `[DEFAULT]` N)rrr:r)r!rEr?rrrrs zConfigReader.optionscCs6z|jj||||dWSty0t|Yn0dS)N)rawvars)rr3r:r)r!r<r>rGrHrrrr3s zConfigReader.getcOs<z|jj|g|Ri|WSty6t|Yn0dSr)r getOptionsr:rrDrrrrIs zConfigReader.getOptions)NN)T)r2)T)F)__name__ __module__ __qualname____doc__r$r%r(propertyr"r.r*r9r;r=rBrCrr3rIrrrrr>s       rc@s@eZdZdZdZdddZddZdd Zd d ZdddZ dS)r zUnshared config reader (previously ConfigReader). Do not use this class (internal not shared/cached representation). Use ConfigReader instead. z /etc/fail2banNcOs,tj|g|Ri|d|_||dSr)rr$r+r%)r!r'rFr#rrrr$szConfigReaderUnshared.__init__cCs|durtj}|d|_dS)N/)r DEFAULT_BASEDIRrstrip_basedirr&rrrr%szConfigReaderUnshared.setBaseDircCs|jSr)rRr)rrrr(szConfigReaderUnshared.getBaseDircs^tj|jstd|j|dr2tj|}tj|j|}t d||j|dg}|d}|t t d|7}| |d|t t d|7}t ttjj|}t|r"t d d |t||fd d |D}|rtd d |r dStd||dStd|d|dd |gtt|dSdS)Nz/Base configuration directory %s does not exist ./z Reading configs for %s under %s z.confz.dz %s/*.confz.localz %s/*.localzReading config files: %sz, csg|]}|vr|qSrr)r5cfZconfig_files_readrr r8z-ConfigReaderUnshared.read..zCould not read config files: %sTz0Found no accessible config files for %r under %sFz(Found no accessible config files for %r zunder %szamong existing ones: )ospathexistsrR ValueErrorr4abspathjoinr,debugsortedglobappendrfilterrrr.errorr(r )r!filenamebasenameZ config_filesZ config_dirZmissedrrUrr.sD         zConfigReaderUnshared.readFTc Cs.t}|duri}t|D] \}}} ||vr0qzF|j|||d} | ||<|rtt|} | rt| durhWq| | ||<Wqty} z$|rt| | ||<WYd} ~ qd} ~ 0ty| durtd||| f| ||<Yqt y&t d|d|dt | d| ||<Yq0q|S)NrHz/'%s' not defined in '%s'. Using default one: %rzWrong value for 'z' in 'z'. Using default one: '') dictrr3 CONVERTERrr,rbrr]rZwarningrepr) r!r<rZpOptionsZ shouldExistconvertvaluesrrrvconverrrrIsF     zConfigReaderUnshared.getOptions)N)NFT) rJrKrLrMrPr$r%r(r.rIrrrrr s 2r c@sxeZdZdZgZddZddZddZdd Zd d Z d d Z ddZ dddZ ddZ ddZdddZddZdS)DefinitionInitConfigReaderzConfig reader for files with options grouped in [Definition] and [Init] sections. Is a base class for readers of filters and actions, where definitions in jails might provide custom values for options defined in [Init] section. cKsVtj|fi||dr(tj|}||||||_t |_ t |_ dS)NrS) rr$r4rWrXr[setFile setJailName _initOptsrg_pOpts _defCache)r!Zfile_jailNameZinitOptsr#rrrr$/s    z#DefinitionInitConfigReader.__init__cCs||_i|_dSr)_filers)r!ZfileNamerrrrq9sz"DefinitionInitConfigReader.setFilecCs|jSr)rwr)rrrgetFile=sz"DefinitionInitConfigReader.getFilecCs ||_dSrZ _jailName)r!rvrrrrr@sz&DefinitionInitConfigReader.setJailNamecCs|jSrryr)rrr getJailNameCsz&DefinitionInitConfigReader.getJailNamecCst||jSr)rr.rwr)rrrr.FszDefinitionInitConfigReader.readcCs"|js||jt|j|jSr)rr*rwrr.r)rrr readexplicitJs z'DefinitionInitConfigReader.readexplicitFcs |s t}jrt|j}tjdj|dd_|_drfdd}j dddD]^}|dkrlq^d}| d s|dur||}|jd |<|jvr^|dur||}|j|<q^|rdr dD]*}|dks|jvrqڈ d|j|<qdS) N DefinitionF)rkInitcs d|S)Nr})r3)r>r)rr\r8z7DefinitionInitConfigReader.getOptions..)r?rJzknown/) rgrsr rrI _configOpts_optsrtr;rr4r3)r!ZpOptsallgetoptr>rmrr)rrIOs.        z%DefinitionInitConfigReader.getOptionsc Csxt|D]j\}}}t|}|r||}|dur4qz||||<Wqtyptd|||||||<Yq0qdS)z:Convert interpolated combined options to expected type. Nz/Wrong %s value %r for %r. Using default one: %r)rrhr3rZr,ri)r!optsZ configOptsrrrrnrmrrrconvertOptionsms    z)DefinitionInitConfigReader.convertOptionsc Cshz |j|WStybz|jjd||jd}WntttfyNd}Yn0||j|<|YS0dS)zGet combined definition option (as string) using pre-set and init options as preselection (values with higher precedence as specified in section). Can be used only after calling of getOptions. r|reN)ruKeyErrorrZget_exrtrrrZ)r!rrmrrr getCombOption|s    z(DefinitionInitConfigReader.getCombOptionrcCs|j}|jrt||j}t|s$iSt|}|D]*}tj|}|r4| \}}| |q4t |||j d}|s|t d|||j|S)N)ignoreZaddreplz/recursive tag definitions unable to be resolved)rrsr rsetcopyrZCONDITIONAL_REmatchgroupsaddr rrZrr)r!rZ combinedoptsr6Zcondrrrr getCombineds$     z&DefinitionInitConfigReader.getCombinedcCstdSr)NotImplementedErrorr)rrrrksz"DefinitionInitConfigReader.convertN)F)r)rJrKrLrMrr$rqrxrrrzr.r{rIrrrrkrrrrrp$s   rp) __author__Z __copyright__Z __license__r_rWZ configparserrrZconfigparserincrrrZhelpersr r r r rJr,rrhrrr rprrrrsym