Merge authors: Jim Popovitch (jimpop) Related merge proposals: https://code.launchpad.net/~jimpop/mailman/security-logging/+merge/347728 proposed by: Jim Popovitch (jimpop) review: Approve - Mark Sapiro (msapiro) review: Resubmit - Jim Popovitch (jimpop) ------------------------------------------------------------ revno: 1768 [merge] committer: Mark Sapiro <m...@msapiro.net> branch nick: 2.1 timestamp: Mon 2018-06-11 09:59:26 -0700 message: Implement security log. modified: Mailman/Cgi/admin.py Mailman/Cgi/admindb.py Mailman/Cgi/edithtml.py Mailman/Cgi/options.py Mailman/Cgi/private.py Mailman/Cgi/roster.py Mailman/Utils.py NEWS
-- lp:mailman/2.1 https://code.launchpad.net/~mailman-coders/mailman/2.1 Your team Mailman Checkins is subscribed to branch lp:mailman/2.1. To unsubscribe from this branch go to https://code.launchpad.net/~mailman-coders/mailman/2.1/+edit-subscription
=== modified file 'Mailman/Cgi/admin.py' --- Mailman/Cgi/admin.py 2017-06-21 16:59:41 +0000 +++ Mailman/Cgi/admin.py 2018-06-11 16:59:26 +0000 @@ -119,6 +119,13 @@ if cgidata.has_key('adminpw'): # This is a re-authorization attempt msg = Bold(FontSize('+1', _('Authorization failed.'))).Format() + remote = os.environ.get('HTTP_FORWARDED_FOR', + os.environ.get('HTTP_X_FORWARDED_FOR', + os.environ.get('REMOTE_ADDR', + 'unidentified origin'))) + syslog('security', + 'Authorization failed (admin): list=%s: remote=%s', + listname, remote) else: msg = '' Auth.loginpage(mlist, 'admin', msg=msg) === modified file 'Mailman/Cgi/admindb.py' --- Mailman/Cgi/admindb.py 2017-06-24 21:34:48 +0000 +++ Mailman/Cgi/admindb.py 2018-06-11 16:59:26 +0000 @@ -159,6 +159,13 @@ if cgidata.has_key('adminpw'): # This is a re-authorization attempt msg = Bold(FontSize('+1', _('Authorization failed.'))).Format() + remote = os.environ.get('HTTP_FORWARDED_FOR', + os.environ.get('HTTP_X_FORWARDED_FOR', + os.environ.get('REMOTE_ADDR', + 'unidentified origin'))) + syslog('security', + 'Authorization failed (admindb): list=%s: remote=%s', + listname, remote) else: msg = '' Auth.loginpage(mlist, 'admindb', msg=msg) === modified file 'Mailman/Cgi/edithtml.py' --- Mailman/Cgi/edithtml.py 2017-06-06 05:47:05 +0000 +++ Mailman/Cgi/edithtml.py 2018-06-11 16:59:26 +0000 @@ -126,6 +126,13 @@ if cgidata.has_key('admlogin'): # This is a re-authorization attempt msg = Bold(FontSize('+1', _('Authorization failed.'))).Format() + remote = os.environ.get('HTTP_FORWARDED_FOR', + os.environ.get('HTTP_X_FORWARDED_FOR', + os.environ.get('REMOTE_ADDR', + 'unidentified origin'))) + syslog('security', + 'Authorization failed (edithtml): list=%s: remote=%s', + listname, remote) else: msg = '' Auth.loginpage(mlist, 'admin', msg=msg) === modified file 'Mailman/Cgi/options.py' --- Mailman/Cgi/options.py 2018-02-04 16:41:19 +0000 +++ Mailman/Cgi/options.py 2018-06-11 16:59:26 +0000 @@ -288,13 +288,16 @@ # message. if cgidata.has_key('password'): doc.addError(_('Authentication failed.')) + remote = os.environ.get('HTTP_FORWARDED_FOR', + os.environ.get('HTTP_X_FORWARDED_FOR', + os.environ.get('REMOTE_ADDR', + 'unidentified origin'))) + syslog('security', + 'Authorization failed (private): user=%s: list=%s: remote=%s', + user, listname, remote) # So as not to allow membership leakage, prompt for the email # address and the password here. if mlist.private_roster <> 0: - remote = os.environ.get('HTTP_FORWARDED_FOR', - os.environ.get('HTTP_X_FORWARDED_FOR', - os.environ.get('REMOTE_ADDR', - 'unidentified origin'))) syslog('mischief', 'Login failure with private rosters: %s from %s', user, remote) === modified file 'Mailman/Cgi/private.py' --- Mailman/Cgi/private.py 2017-06-06 05:47:05 +0000 +++ Mailman/Cgi/private.py 2018-06-11 16:59:26 +0000 @@ -142,6 +142,13 @@ if cgidata.has_key('submit'): # This is a re-authorization attempt message = Bold(FontSize('+1', _('Authorization failed.'))).Format() + remote = os.environ.get('HTTP_FORWARDED_FOR', + os.environ.get('HTTP_X_FORWARDED_FOR', + os.environ.get('REMOTE_ADDR', + 'unidentified origin'))) + syslog('security', + 'Authorization failed (private): user=%s: list=%s: remote=%s', + username, listname, remote) # give an HTTP 401 for authentication failure print 'Status: 401 Unauthorized' # Are we processing a password reminder from the login screen? === modified file 'Mailman/Cgi/roster.py' --- Mailman/Cgi/roster.py 2017-06-06 03:48:34 +0000 +++ Mailman/Cgi/roster.py 2018-06-11 16:59:26 +0000 @@ -118,6 +118,13 @@ error_page_doc(doc, _('%(realname)s roster authentication failed.')) doc.AddItem(mlist.GetMailmanFooter()) print doc.Format() + remote = os.environ.get('HTTP_FORWARDED_FOR', + os.environ.get('HTTP_X_FORWARDED_FOR', + os.environ.get('REMOTE_ADDR', + 'unidentified origin'))) + syslog('security', + 'Authorization failed (roster): list=%s: remote=%s', + listname, remote) return # The document and its language === modified file 'Mailman/Utils.py' --- Mailman/Utils.py 2018-06-05 19:14:08 +0000 +++ Mailman/Utils.py 2018-06-11 16:59:26 +0000 @@ -111,7 +111,12 @@ # But first ensure the list name doesn't contain a path traversal # attack. if len(re.sub(mm_cfg.ACCEPTABLE_LISTNAME_CHARACTERS, '', listname)) > 0: - syslog('mischief', 'Hostile listname: %s', listname) + remote = os.environ.get('HTTP_FORWARDED_FOR', + os.environ.get('HTTP_X_FORWARDED_FOR', + os.environ.get('REMOTE_ADDR', + 'unidentified origin'))) + syslog('mischief', + 'Hostile listname: listname=%s: remote=%s', listname, remote) return False basepath = Site.get_listpath(listname) for ext in ('.pck', '.pck.last', '.db', '.db.last'): === modified file 'NEWS' --- NEWS 2018-06-05 19:14:08 +0000 +++ NEWS 2018-06-11 16:59:26 +0000 @@ -30,6 +30,15 @@ py2-ipaddress module is installed. The module can be installed via pip if not included in your Python. + - Thanks to Jim Popovitch, Mailman has a new 'security' log and logs + authentication failures to the various web CGI functions. The logged + data include the remote IP and can be used to automate blocking of IPs + with something like fail2ban. Since Mailman 2.1.14, these have returned + an http 401 status and the information should be logged by the web + server, but this new log makes that more convenient. Also, the + 'mischief' log entries for 'hostile listname' noe include the remote IP + if available. + i18n - The Japanese translation has been updated by Yasuhito FUTATSUKI.
_______________________________________________ Mailman-checkins mailing list Mailman-checkins@python.org Unsubscribe: https://mail.python.org/mailman/options/mailman-checkins/archive%40jab.org