OwlCyberSecurity - MANAGER

Edit File: CGIHTTPServer.pyc

�
�V~gc�����������@���s����d��Z��d�Z�d�g�Z�d�d�l�Z�d�d�l�Z�d�d�l�Z�d�d�l�Z�d�d�l�Z�d�d�l�Z�d�d�l	�Z	�d�e�j
�f�d�������YZ�d����Z�e
�a�d����Z�d����Z�e�e�j�d	���Z�e�d
�k�r��e����n��d�S(���s���CGI-savvy HTTP Server.

This module builds on SimpleHTTPServer by implementing GET and POST
requests to cgi-bin scripts.

If the os.fork() function is not present (e.g. on Windows),
os.popen2() is used as a fallback, with slightly altered semantics; if
that function is not present either (e.g. on Macintosh), only Python
scripts are supported, and they are executed by the current process.

In all cases, the implementation is intentionally naive -- all
requests are executed sychronously.

SECURITY WARNING: DON'T USE THIS CODE UNLESS YOU ARE INSIDE A FIREWALL
-- it may execute arbitrary Python code or external programs.

Note that status code 200 is sent prior to execution of a CGI script, so
scripts cannot send other status codes such as 302 (redirect).
s���0.4t���CGIHTTPRequestHandleri����Nc�����������B���s����e��Z�d��Z�e�e�d���Z�e�e�d���Z�e�e�d���Z�d�Z�d����Z	�d����Z
�d����Z�d�d	�g�Z�d
����Z
�d����Z�d����Z�RS(
���s����Complete HTTP server with GET, HEAD and POST commands.

GET and HEAD also support running CGI scripts.

The POST command is *only* implemented for CGI scripts.

t���forkt���popen2t���popen3i����c���������C���s-���|��j�����r�|��j����n�|��j�d�d���d�S(���sR���Serve a POST request.

This is only implemented for CGI scripts.

i���s���Can only POST to CGI scriptsN(���t���is_cgit���run_cgit
���send_error(���t���self(����(����s2���/opt/alt/python27/lib64/python2.7/CGIHTTPServer.pyt���do_POST6���s����
c���������C���s*���|��j�����r�|��j����St�j�j�|����Sd�S(���s-���Version of send_head that support CGI scriptsN(���R���R���t���SimpleHTTPServert���SimpleHTTPRequestHandlert	���send_head(���R���(����(����s2���/opt/alt/python27/lib64/python2.7/CGIHTTPServer.pyR���B���s����
c���������C���s`���t��|��j���}�|�j�d�d���}�|�|� |�|�d�}�}�|�|��j�k�r\�|�|�f�|��_�t�St�S(���s2��Test whether self.path corresponds to a CGI script.

Returns True and updates the cgi_info attribute to the tuple
        (dir, rest) if self.path requires running a CGI script.
        Returns False otherwise.

If any exception is raised, the caller should assume that
        self.path was rejected as invalid and act accordingly.

The default implementation tests whether the normalized url
        path begins with one of the strings in self.cgi_directories
        (and the next character is a '/' or the end of the string).
        t���/i���(���t���_url_collapse_patht���patht���findt���cgi_directoriest���cgi_infot���Truet���False(���R���t���collapsed_patht���dir_sept���headt���tail(����(����s2���/opt/alt/python27/lib64/python2.7/CGIHTTPServer.pyR���I���s����s���/cgi-bins���/htbinc���������C���s
���t��|���S(���s1���Test whether argument path is an executable file.(���t
���executable(���R���R���(����(����s2���/opt/alt/python27/lib64/python2.7/CGIHTTPServer.pyt
���is_executablea���s����c���������C���s(���t��j�j�|���\�}�}�|�j����d�k�S(���s.���Test whether argument path is a Python script.s���.pys���.pyw(���s���.pys���.pyw(���t���osR���t���splitextt���lower(���R���R���R���R���(����(����s2���/opt/alt/python27/lib64/python2.7/CGIHTTPServer.pyt	���is_pythone���s����c���)���
���C���s���|��j��\�}�}�|�d�|�}�|�j�d�t�|���d���}�xv�|�d�k�r��|�|� }�|�|�d�}�|��j�|���}�t�j�j�|���r��|�|�}�}�|�j�d�t�|���d���}�q<�Pq<�W|�j�d���\�}�}�}	�|�j�d���}�|�d�k�r��|�|� |�|�}
�}�n
�|�d�}
�}�|�d�|
�}�|��j�|���}�t�j�j�|���sQ|��j	�d�d�|���d�St�j�j
�|���s{|��j	�d	�d
�|���d�S|��j�|���}
�|
�s�|��j�p�|��j
�p�|��j�s�|��j	�d	�d�|���d�S|��j�|���s�|��j	�d	�d�|���d�Sn��t�j�t�j���}�|��j����|�d
�<|��j�j�|�d�<d�|�d�<|��j�|�d�<t�|��j�j���|�d�<|��j�|�d�<t�j�|���}�|�|�d�<|��j�|���|�d�<|�|�d�<|	�r�|	�|�d�<n��|��j����}�|�|��j�d�k�r�|�|�d�<n��|��j�d�|�d�<|��j�j�d���}�|�r�|�j ����}�t�|���d�k�r�d�d�l!�}�d�d�l"�}�|�d�|�d�<|�d�j#����d�k�r�y�|�j$�|�d���}�Wn�|�j%�k
�r~q�X|�j �d���}�t�|���d�k�r�|�d�|�d �<q�q�q�n��|��j�j&�d�k�r�|��j�j(�|�d!�<n�|��j�j&�|�d!�<|��j�j�d"���}�|�r|�|�d#�<n��|��j�j�d$���}�|�r9|�|�d%�<n��g��}�xW�|��j�j)�d&���D]C�}�|�d� d'�k�r~|�j*�|�j+������qR|�|�d(�j �d)���}�qRWd)�j,�|���|�d*�<|��j�j�d+���}�|�r�|�|�d,�<n��t-�d�|��j�j.�d-�����}�|�rd.�j,�|���|�d/�<n��x�dC�D]�}�|�j/�|�d���qW|��j0�d0�d1���|	�j1�d2�d3���}�|��j�r�|
�g�}�d4�|�k�ry|�j*�|���n��t2����}�|��j3�j4����t�j5����}�|�d�k�rt�j6�|�d���\�}�}�x<�t7�j7�|��j8�g�g��g��d���d�r�|��j8�j9�d���s�Pq�q�W|�r|��j:�d5�|���n��d�Syq�y�t�j;�|���Wn�t�j<�k
�rEn�Xt�j=�|��j8�j>����d���t�j=�|��j3�j>����d���t�j?�|�|�|���Wq�|��j�j@�|��jA�|��j���t�jB�d6���q�Xnd�d�lC�} �|�g�}!�|��j�|���r)tD�jE�}"�|"�j#����jF�d7���r|"�d8� |"�d9�}"�n��|"�d:�g�|!�}!�n��d4�|	�k�rE|!�j*�|	���n��|��jG�d;�| �jH�|!�����y�tI�|���}#�Wn�tJ�tK�f�k
�r�d�}#�n�X| �jL�|!�d<�| �jM�d=�| �jM�d>�| �jM�d?�|��}$�|��j�j#����d@�k�r�|#�d�k�r�|��j8�j9�|#���}%�n�d�}%�xB�t7�j7�|��j8�jN�g�g��g��d���d�r>|��j8�jN�jO�d���s�Pq�q�W|$�jP�|%���\�}&�}'�|��j3�jQ�|&���|'�r}|��j:�dA�|'���n��|$�jR�jS����|$�jT�jS����|$�jU�}(�|(�r�|��j:�d5�|(���n
�|��jG�dB���d�S(D���s���Execute a CGI script.R���i���i����t���?t����i���s���No such CGI script (%r)Ni���s#���CGI script is not a plain file (%r)s&���CGI script is not a Python script (%r)s!���CGI script is not executable (%r)t���SERVER_SOFTWAREt���SERVER_NAMEs���CGI/1.1t���GATEWAY_INTERFACEt���SERVER_PROTOCOLt���SERVER_PORTt���REQUEST_METHODt	���PATH_INFOt���PATH_TRANSLATEDt���SCRIPT_NAMEt���QUERY_STRINGt���REMOTE_HOSTt���REMOTE_ADDRt
���authorizationi���i����t	���AUTH_TYPEt���basict���:t���REMOTE_USERt���CONTENT_TYPEs���content-lengtht���CONTENT_LENGTHt���referert���HTTP_REFERERt���accepts���

i���t���,t���HTTP_ACCEPTs
���user-agentt���HTTP_USER_AGENTt���cookies���, t���HTTP_COOKIEi����s���Script output followst���+t��� t���=s���CGI script exit status %#xi���s���w.exei����i����s���-us���command: %st���stdint���stdoutt���stderrt���envt���posts���%ss���CGI script exited OK(���R)���R*���R2���R8���R:���R4���(V���R���R���t���lent���translate_pathR���R���t���isdirt	���partitiont���existsR���t���isfileR���t	���have_forkt���have_popen2t���have_popen3R���t���copyt���deepcopyt���environt���version_stringt���servert���server_namet���protocol_versiont���strt���server_portt���commandt���urllibt���unquotet���address_stringt���client_addresst���headerst	���getheadert���splitt���base64t���binasciiR���t���decodestringt���Errort
���typeheadert���Nonet���typet���getallmatchingheaderst���appendt���stript���joint���filtert
���getheaderst
���setdefaultt
���send_responset���replacet
���nobody_uidt���wfilet���flushR���t���waitpidt���selectt���rfilet���readt	���log_errort���setuidt���errort���dup2t���filenot���execvet���handle_errort���requestt���_exitt
���subprocesst���sysR���t���endswitht���log_messaget���list2cmdlinet���intt	���TypeErrort
���ValueErrort���Popent���PIPEt���_sockt���recvt���communicatet���writeR@���t���closeR?���t
���returncode()���R���t���dirt���restR���t���it���nextdirt���nextrestt	���scriptdirt���_t���queryt���scriptt
���scriptnamet
���scriptfilet���ispyRA���t���uqrestt���hostR,���R]���R^���t���lengthR3���R5���t���linet���uat���cot���kt
���decoded_queryt���argst���nobodyt���pidt���stsR}���t���cmdlinet���interpt���nbytest���pt���dataR?���R@���t���status(����(����s2���/opt/alt/python27/lib64/python2.7/CGIHTTPServer.pyR���j���s2���

%		
				!(

(���t���__name__t
���__module__t���__doc__t���hasattrR���RI���RJ���RK���t���rbufsizeR���R���R���R���R���R���R���(����(����(����s2���/opt/alt/python27/lib64/python2.7/CGIHTTPServer.pyR����#���s���					c���	������C���s.��|��j��d���\�}��}�}�t�j�|����}��|��j�d���}�g��}�xM�|�d� D]A�}�|�d�k�rf�|�j����qG�|�rG�|�d�k�rG�|�j�|���qG�qG�W|�r��|�j����}�|�r��|�d�k�r��|�j����d�}�q��|�d�k�r��d�}�q��q��n�d�}�|�rd�j�|�|�f���}�n��d�d�j�|���|�f�}�d�j�|���}�|�S(���s���
    Given a URL path, remove extra '/'s and '.' path elements and collapse
    any '..' references and returns a colllapsed path.

Implements something akin to RFC-2396 5.2 step 6 to parse relative paths.
    The utility of this function is limited to is_cgi method and helps
    preventing some security attacks.

Returns: The reconstituted URL, which will always start with a '/'.

Raises: IndexError if too many '..' occur within the path.

R���R���i����s���..t���.R���(���RF���RV���RW���R\���t���popRe���Rg���(	���R���R����R����t
���path_partst
���head_partst���partt	���tail_partt	���splitpathR���(����(����s2���/opt/alt/python27/lib64/python2.7/CGIHTTPServer.pyR
���*��s.����

c����������C���s����t��r
�t��Sy�d�d�l�}��Wn�t�k
�r.�d�SXy�|��j�d���d�a��Wn3�t�k
�r{�d�t�t�d����|��j��������a��n�Xt��S(���s$���Internal routine to get nobody's uidi����NR����i���i���c���������S���s���|��d�S(���Ni���(����(���t���x(����(����s2���/opt/alt/python27/lib64/python2.7/CGIHTTPServer.pyt���<lambda>g��R���(���R����t���pwdt���ImportErrort���getpwnamt���KeyErrort���maxt���mapt���getpwall(���R����(����(����s2���/opt/alt/python27/lib64/python2.7/CGIHTTPServer.pyRm���[��s����

&c���������C���s<���y�t��j�|����}�Wn�t��j�k
�r*�t�SX|�j�d�@d�k�S(���s���Test for executable file.iI���i����(���R���t���statRv���R���t���st_mode(���R���t���st(����(����s2���/opt/alt/python27/lib64/python2.7/CGIHTTPServer.pyR���k��s
����c���������C���s���t��j�|��|���d��S(���N(���R	���t���test(���t���HandlerClasst���ServerClass(����(����s2���/opt/alt/python27/lib64/python2.7/CGIHTTPServer.pyR����t��s����t���__main__(���R����t���__version__t���__all__R���R~���RV���t���BaseHTTPServerR	���Rq���RL���R
���R����R
���Rb���R����Rm���R���t
���HTTPServerR����R����(����(����(����s2���/opt/alt/python27/lib64/python2.7/CGIHTTPServer.pyt���<module>���s&���	��	/