[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[myserver-commit] [2928] changed allowed IP address config from regexp t
|
From: |
Alexandru IANCU |
|
Subject: |
[myserver-commit] [2928] changed allowed IP address config from regexp to CIDR IP address ranges |
|
Date: |
Sat, 01 Nov 2008 19:47:52 +0000 |
Revision: 2928
http://svn.sv.gnu.org/viewvc/?view=rev&root=myserver&revision=2928
Author: andu
Date: 2008-11-01 19:47:52 +0000 (Sat, 01 Nov 2008)
Log Message:
-----------
changed allowed IP address config from regexp to CIDR IP address ranges
Modified Paths:
--------------
trunk/myserver/include/conf/vhost/vhost.h
trunk/myserver/src/conf/vhost/ip.cpp
trunk/myserver/src/conf/vhost/vhost.cpp
Modified: trunk/myserver/include/conf/vhost/vhost.h
===================================================================
--- trunk/myserver/include/conf/vhost/vhost.h 2008-11-01 19:44:35 UTC (rev
2927)
+++ trunk/myserver/include/conf/vhost/vhost.h 2008-11-01 19:47:52 UTC (rev
2928)
@@ -34,6 +34,7 @@
#include <include/base/sync/mutex.h>
#include <include/base/ssl/ssl.h>
#include <include/connections_scheduler/listen_threads.h>
+#include <include/conf/vhost/ip.h>
using namespace std;
typedef int (*NULL_REFERENCECB)(class Vhost*);
@@ -102,15 +103,15 @@
SSL_CTX* getSSLContext();
-
/*! Get the list of hosts allowed.*/
list<StringRegex*>* getHostList()
{return &hostList;}
-
- /*! List of IPs allowed by the vhost. */
- list<StringRegex*>* getIpList()
- {return &ipList;}
+ //TODO: remove
+ ///*! List of IPs allowed by the vhost. */
+ //list<StringRegex*>* getIpList()
+ //{return &ipList;}
+
/*! Return the port used by the host. */
u_short getPort()
{return port;}
@@ -139,26 +140,29 @@
~Vhost();
const char* getHashedData(const char* name);
- void addIP(const char *, int);
void addHost(const char *, int);
- void removeIP(const char *);
void removeHost(const char *);
int areAllHostAllowed();
- int areAllIPAllowed();
void addRef();
void removeRef();
int getRef();
void setRef(int);
- void clearIPList();
void clearHostList();
int isHostAllowed(const char*);
- int isIPAllowed(const char*);
int isMIME();
int getDefaultPriority(){return defaultPriority;}
void setDefaultPriority(int priority){defaultPriority = priority;}
void setNullRefCB(NULL_REFERENCECB);
NULL_REFERENCECB getNullRefCB();
+ ////////////////////
+ //IP related members
+ void addIP(const char *, int);
+ void removeIP(const char *);
+ void clearIPList();
+ int areAllIPAllowed();
+ int isIPAllowed(const char*);//used
+
MimeManager* getMIME();
/*!
@@ -219,7 +223,9 @@
list<StringRegex*> hostList;
/*! List of IPs allowed by the vhost. */
- list<StringRegex*> ipList;
+ list<IpRange*> ipListAllow;
+ /*! List of IPs denied by the vhost. */
+ list<IpRange*> ipListDeny;
/*! TCP port used to listen on. */
u_short port;
Modified: trunk/myserver/src/conf/vhost/ip.cpp
===================================================================
--- trunk/myserver/src/conf/vhost/ip.cpp 2008-11-01 19:44:35 UTC (rev
2927)
+++ trunk/myserver/src/conf/vhost/ip.cpp 2008-11-01 19:47:52 UTC (rev
2928)
@@ -53,7 +53,7 @@
}
/*!
- * range given as x.x.x.x-y.y.y.y or x.x.x.x/y
+ * range given as x.x.x.x-y.y.y.y or x.x.x.x(/y)
*/
bool Ipv4Range::SetRange(const std::string &sRange)
{
@@ -68,7 +68,7 @@
std::string end(sRange.substr(nPos + 1));
return SetRange(start, end);
}
- else// x.x.x.x/y form
+ else// x.x.x.x(/y) form
{
std::istringstream istream(sRange);
char nSep = 0;
@@ -172,6 +172,11 @@
unsigned char hostMask[4];
for ( int i = 0; i < 4; i++ )
{
+ if ( (addr[i] & m_nMask[i]) != (m_nStart[i] & m_nMask[i]) )
+ return false;//networks differ
+ }
+ for ( int i = 0; i < 4; i++ )
+ {
hostMask[i] = ~m_nMask[i];
if ( (m_nStart[i] & hostMask[i]) < (addr[i] & hostMask[i]) )
break;
Modified: trunk/myserver/src/conf/vhost/vhost.cpp
===================================================================
--- trunk/myserver/src/conf/vhost/vhost.cpp 2008-11-01 19:44:35 UTC (rev
2927)
+++ trunk/myserver/src/conf/vhost/vhost.cpp 2008-11-01 19:47:52 UTC (rev
2928)
@@ -23,6 +23,7 @@
#include <include/connection/connection.h>
#include <include/base/string/stringutils.h>
#include <include/base/string/securestr.h>
+#include <include/conf/vhost/ip.h>
#ifdef HAVE_IDN
#include <stringprep.h>
@@ -35,7 +36,7 @@
*/
Vhost::Vhost(LogManager* lm)
{
- ipList.clear();
+ //ipList.clear();
hostList.clear();
refMutex.init();
documentRoot.assign("");
@@ -142,6 +143,23 @@
*/
void Vhost::clearIPList()
{
+ list<IpRange *>::iterator it = ipListAllow.begin();
+ while(it != ipListAllow.end())
+ {
+ delete (*it);
+ it++;
+ }
+ ipListAllow.clear();
+
+ it = ipListDeny.begin();
+ while(it != ipListDeny.end())
+ {
+ delete (*it);
+ it++;
+ }
+ ipListDeny.clear();
+
+ /*
list<StringRegex*>::iterator i = ipList.begin();
while(i != ipList.end())
{
@@ -150,6 +168,7 @@
i++;
}
hostList.clear();
+ */
}
int
@@ -177,29 +196,41 @@
*/
void Vhost::addIP(const char *ip, int isRegex)
{
+ std::string sTempIp(ip);
+ IpRange *pNewRange = IpRange::RangeFactory(sTempIp);
+ if ( pNewRange != NULL )
+ ipListAllow.push_back(pNewRange);
+
+ /* old code
StringRegex* sr = new StringRegex();
if(sr == 0)
return;
sr->name.assign(ip);
- /* If is a regular expression, the ip string is a pattern. */
+ / * If is a regular expression, the ip string is a pattern. * /
if(isRegex)
sr->regex.compile(ip, REG_EXTENDED);
ipList.push_back(sr);
+ */
}
+
/*!
*Remove the IP address to the list.
*\param ip The ip to remove.
*/
void Vhost::removeIP(const char *ip)
{
+ std::string sTempIp(ip);
+ ipListDeny.push_back(IpRange::RangeFactory(sTempIp));
+
+ /*
list<StringRegex*>::iterator i = ipList.begin();
while(i != ipList.end())
{
StringRegex* sr = *i;
- /*
+ / *
*If this is the virtual host with the right IP.
- */
+ * /
if(!stringcmp(sr->name,ip))
{
ipList.erase(i);
@@ -208,6 +239,7 @@
i++;
}
+ */
}
/*!
@@ -279,8 +311,12 @@
*/
int Vhost::areAllIPAllowed()
{
+ /*
if(ipList.size() == 0)
return 1;
+ */
+ if ( ipListDeny.empty() && ipListAllow.empty() )
+ return 1;
return 0;
}
@@ -291,7 +327,35 @@
*/
int Vhost::isIPAllowed(const char* ip)
{
- /* If no IPs are specified then every host is allowed to connect here. */
+ if ( areAllIPAllowed() )
+ return 1;
+
+ std::string sTempIp(ip);
+ IpRange *pTempIp = IpRange::RangeFactory(sTempIp);
+ list<IpRange *>::const_iterator it = ipListDeny.begin();
+ while ( it != ipListDeny.end() )
+ {
+ if ( (*it)->InRange(pTempIp) )
+ {
+ delete pTempIp;
+ return 0;
+ }
+ it++;
+ }
+ it = ipListAllow.begin();
+ while ( it != ipListAllow.end() )
+ {
+ if ( (*it)->InRange(pTempIp) )
+ {
+ delete pTempIp;
+ return 1;
+ }
+ it++;
+ }
+ delete pTempIp;
+ return 0;
+ /*
+ / * If no IPs are specified then every host is allowed to connect here. * /
if(!ipList.size() || !ip)
return 1;
@@ -313,6 +377,7 @@
i++;
}
+ */
return 0;
}
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [myserver-commit] [2928] changed allowed IP address config from regexp to CIDR IP address ranges,
Alexandru IANCU <=