MIFARE Login - Add a blacklist of known-bad cards master
authorJohn Hodge <[email protected]>
Sat, 16 Nov 2019 06:59:38 +0000 (14:59 +0800)
committerroot <[email protected]>
Sat, 16 Nov 2019 06:59:38 +0000 (14:59 +0800)
VendServer/OpenDispense.py

index 79cec66..6b93058 100644 (file)
@@ -20,6 +20,13 @@ from LDAPConnector import get_uid,get_uname, set_card_id
 DISPENSE_ENDPOINT = ("localhost", 11020)
 DISPSRV_MIFARE = True
 
 DISPENSE_ENDPOINT = ("localhost", 11020)
 DISPSRV_MIFARE = True
 
+# A list of cards that should never be registered, and should never log in
+# - Some of these might have been registered before we knew they were duplicates
+CARD_BLACKLIST = [
+       'AAAAAA==',     # All zeroes, don't allow that.
+       'ISIjJA==', # CommBank credit cards
+       ]
+
 class OpenDispense(DispenseInterface):
        _username = ""
        _disabled = True
 class OpenDispense(DispenseInterface):
        _username = ""
        _disabled = True
@@ -111,6 +118,10 @@ class OpenDispense(DispenseInterface):
                self._username = None
                if DISPSRV_MIFARE:
                        card_base64 = base64.b64encode(cardId)
                self._username = None
                if DISPSRV_MIFARE:
                        card_base64 = base64.b64encode(cardId)
+
+                       if card_base64 in CARD_BLACKLIST:
+                               logging.info("Blacklisted card base64:%s" % (card_base64,))
+                               return False
                        
                        sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM, 0)
                        sock.connect(DISPENSE_ENDPOINT)
                        
                        sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM, 0)
                        sock.connect(DISPENSE_ENDPOINT)
@@ -128,13 +139,16 @@ class OpenDispense(DispenseInterface):
                        username = rsp.split('=')[1].strip()
                        logging.info("Accepted card base64:%s for %s" % (card_base64,username,))
 
                        username = rsp.split('=')[1].strip()
                        logging.info("Accepted card base64:%s for %s" % (card_base64,username,))
 
-                       # Check for thier username
-                       try:
-                               # Get info from the system (by username)
-                               info = pwd.getpwnam(username)
-                       except KeyError:
-                               logging.info('getting info for user \'%s\': user not in password file' % (username,))
-                               return False
+                       ## Check for thier username
+                       #try:
+                       #       # Get info from the system (by username)
+                       #       info = pwd.getpwnam(username)
+                       #except KeyError:
+                       #       logging.info('getting info for user \'%s\': user not in password file' % (username,))
+                       #       return False
+                       #self._userid = info.pw_uid
+                       self._userid = None
+                       self._username = username
                else:
                        # Get the users ID
                        self._userid = get_uid(cardId)
                else:
                        # Get the users ID
                        self._userid = get_uid(cardId)
@@ -146,13 +160,13 @@ class OpenDispense(DispenseInterface):
                        except KeyError:
                                logging.info('getting info for uid %d: user not in password file' % (self._userid,))
                                return False
                        except KeyError:
                                logging.info('getting info for uid %d: user not in password file' % (self._userid,))
                                return False
+                       self._username = info.pw_name
 
                # If we get this far all is good
                self._loggedIn = True
                self._disabled = False
 
                # If we get this far all is good
                self._loggedIn = True
                self._disabled = False
-               self._userid = info.pw_uid
-               self._username = info.pw_name
                return True
                return True
+
         def logOut(self):
             self._loggedIn = False
             self._disabled = False
         def logOut(self):
             self._loggedIn = False
             self._disabled = False
@@ -164,7 +178,10 @@ class OpenDispense(DispenseInterface):
                        return False
                if DISPSRV_MIFARE:
                        card_base64 = base64.b64encode(cardId)
                        return False
                if DISPSRV_MIFARE:
                        card_base64 = base64.b64encode(cardId)
-                       logging.info('Enrolling card %s to uid %s (%s)' % (cardId, self._userId, self._username))
+                       if card_base64 in CARD_BLACKLIST:
+                               logging.info("Blacklisted card base64:%s" % (card_base64,))
+                               return False
+                       logging.info('Enrolling card base64:%s to uid %s (%s)' % (card_base64, self._userId, self._username))
                        sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM, 0)
                        sock.connect(DISPENSE_ENDPOINT)
                        sockf = sock.makefile()
                        sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM, 0)
                        sock.connect(DISPENSE_ENDPOINT)
                        sockf = sock.makefile()
@@ -263,3 +280,5 @@ class OpenDispenseMapping():
                                print(map)
                return map
 
                                print(map)
                return map
 
+
+# vim: noexpandtab ts=4 sw=4

UCC git Repository :: git.ucc.asn.au