Added support to class ip ban

Sebastiano Merlino · Sebastiano Merlino · commit bff908af1764 · 2012-04-07T19:10:38.000+02:00
diff --git a/src/HttpUtils.cpp b/src/HttpUtils.cpp
@@ -24,8 +24,12 @@
 #include <stdlib.h>
 #include <string.h>
 #include <arpa/inet.h>
+#include <sstream>
+#include <iomanip>
 //#include <boost/xpressive/xpressive.hpp>
 
+using namespace std;
+
 namespace httpserver {
 namespace http {
 
@@ -201,6 +205,20 @@ std::string get_ip_str(const struct sockaddr *sa, socklen_t maxlen)
 	return std::string(res);
 }
 
+const struct sockaddr str_to_ip(const std::string& src)
+{
+    struct sockaddr s;
+    if(src.find(":") != std::string::npos)
+    {
+        inet_pton(AF_INET6, src.c_str(), (void*) &s);
+    }
+    else
+    {
+        inet_pton(AF_INET, src.c_str(), (void*) &s);
+    }
+    return s;
+}
+
 short get_port(const struct sockaddr* sa)
 {
 	switch(sa->sa_family)
@@ -252,5 +270,158 @@ size_t http_unescape (char *val)
 	return wpos - val; /* = strlen(val) */
 }
 
+ip_representation::ip_representation(const struct sockaddr* ip)
+{
+    std::fill(pieces, pieces + 16, 0);
+    if(ip->sa_family == AF_INET)
+    {
+        ip_version = HttpUtils::IPV4;
+        for(int i=0;i<4;i++)
+        {
+            pieces[12+i] = ((u_char*)&(((struct sockaddr_in *)ip)->sin_addr))[i];
+        }
+    }
+    else
+    {
+        ip_version = HttpUtils::IPV6;
+        for(int i=0;i<32;i+=2)
+        {
+            pieces[i/2] = ip->sa_data[i] + 16 * ip->sa_data[i+1];
+        }
+    }
+    std::fill(mask, mask + 16, 1);
+}
+
+ip_representation::ip_representation(const std::string& ip)
+{
+    std::vector<std::string> parts;
+    std::fill(mask, mask + 16, 1);
+    std::fill(pieces, pieces + 16, 0);
+    if(ip.find(':') != std::string::npos) //IPV6
+    {
+        ip_version = HttpUtils::IPV6;
+        parts = string_utilities::string_split(ip, ':', false);
+        int y = 0;
+        for(unsigned int i = 0; i < parts.size(); i++)
+        {
+            if(parts[i] != "*" && parts[i] != "")
+            {
+                if(parts[i].size() < 4)
+                {
+                    stringstream ss;
+                    ss << setfill('0') << setw(4) << parts[i];
+                    parts[i] = ss.str();
+                }
+                if(parts[i].size() == 4)
+                {
+                    pieces[y] = strtol((parts[i].substr(0,2)).c_str(),NULL,16);
+                    pieces[y+1] = strtol((parts[i].substr(2,2)).c_str(), NULL, 16);
+                    y += 2;
+                }
+                else
+                {
+                    if(y != 12)
+                    {
+                        //errore
+                    }
+                    if(parts[i].find('.') != std::string::npos)
+                    {
+                        vector<string> subparts = string_utilities::string_split(parts[i], '.');
+                        if(subparts.size() == 4)
+                        {
+                            for(unsigned int ii = 0; ii < subparts.size(); ii++)
+                            {
+                                if(subparts[ii] != "*")
+                                {
+                                    pieces[y+ii] = strtol(subparts[ii].c_str(), NULL, 10);
+                                }
+                                else
+                                {
+                                    mask[y+ii] = 0;
+                                }
+                                y++;
+                            }
+                        }
+                        else
+                        {
+                            //errore
+                        }
+                    }
+                    else
+                    {
+                        //errore
+                    }
+                }
+            }
+            else if(parts[i] == "*")
+            {
+                mask[y] = 0;
+                y++;
+            }
+            else
+            {
+                if(parts.size() <= 8)
+                {
+                    int covered_pieces = 1 + (8 - parts.size());
+                    if(parts[parts.size() - 1].find('.') != std::string::npos)
+                    {
+                        covered_pieces -= 2;
+                    }
+                    for(int k = 0; k < covered_pieces; k++)
+                    {
+                        pieces[y] = 0;
+                        y++;
+                    }
+                }
+                else
+                {
+                    //errore
+                }
+            }
+        }
+    }
+    else //IPV4
+    {
+        ip_version = HttpUtils::IPV4;
+        parts = string_utilities::string_split(ip, '.');
+        if(parts.size() == 4)
+        {
+            for(unsigned int i = 0; i < parts.size(); i++)
+            {
+                if(parts[i] != "*")
+                {
+                    pieces[12+i] = strtol(parts[i].c_str(), NULL, 10);
+                }
+                else
+                {
+                    mask[12+i] = 0;
+                }
+            }
+        }
+        else
+        {
+            //errore
+        }
+    }
+}
+
+bool ip_representation::operator <(const ip_representation& b) const
+{
+    int VAL = 16;
+    if(this->ip_version == HttpUtils::IPV4 && this->ip_version == b.ip_version)
+    {
+        VAL = this->ip_version;
+    }
+    for(int i = 16 - VAL; i < 16; i++)
+    {
+        if(this->mask[i] == 1 && b.mask[i] == 1 && this->pieces[i] < b.pieces[i])
+        {
+            return true;
+        }
+    }
+    return false;
+}
+
+
 };
 };
diff --git a/src/Webserver.cpp b/src/Webserver.cpp
@@ -446,7 +446,7 @@ int Webserver::buildRequestArgs (void *cls, enum MHD_ValueKind kind, const char
 
 int policyCallback (void *cls, const struct sockaddr* addr, socklen_t addrlen)
 {
-    if(((Webserver*)cls)->bans.count(get_ip_str(addr, addrlen)))
+    if(((Webserver*)cls)->bans.count(ip_representation(addr)))
         return MHD_NO;
 #ifdef DEBUG
     cout << "IP: " << get_ip_str(addr, addrlen) << " - " << "IP-LEN: " << addrlen << endl;
diff --git a/src/httpserver/HttpUtils.hpp b/src/httpserver/HttpUtils.hpp
@@ -25,6 +25,7 @@
 #include <string>
 #include <ctype.h>
 #include <vector>
+#include <algorithm>
 #include <gnutls/gnutls.h>
 
 namespace httpserver {
@@ -51,6 +52,11 @@ class HttpUtils
         POOL = MHD_USE_POLL
     };
 
+    enum IPVersion_T
+    {
+        IPV4 = 4, IPV6 = 16
+    };
+
 #ifdef SWIG
         %immutable;
 #endif
@@ -242,6 +248,24 @@ class ArgComparator {
 		}
 };
 
+struct ip_representation
+{
+    HttpUtils::IPVersion_T ip_version;
+    unsigned short pieces[16];
+    unsigned short mask[16];
+
+    ip_representation(HttpUtils::IPVersion_T ip_version) : ip_version(ip_version)
+    {
+        std::fill(mask, mask + 16, 1);
+        std::fill(pieces, pieces + 16, 0);
+    }
+
+    ip_representation(const std::string& ip);
+    ip_representation(const struct sockaddr* ip);
+
+    bool operator <(const ip_representation& b) const;
+};
+
 /**
  * Method used to get an ip in form of string from a sockaddr structure
  * @param sa The sockaddr object to find the ip address from
@@ -266,6 +290,7 @@ short get_port(const struct sockaddr* sa);
  */
 size_t http_unescape (char *val);
 
+const struct sockaddr str_to_ip(const std::string& src);
 };
 };
 #endif
diff --git a/src/httpserver/Webserver.hpp b/src/httpserver/Webserver.hpp
@@ -55,6 +55,10 @@ class HttpEndpoint;
 
 using namespace http;
 
+namespace http {
+struct ip_representation;
+};
+
 /**
  * Delegate class used to wrap callbacks dedicated to logging.
 **/
@@ -245,9 +249,9 @@ class Webserver
 
 		std::map<HttpEndpoint, HttpResource* > registeredResources;
 #ifdef USE_CPP_ZEROX
-        std::unordered_set<std::string> bans;
+        std::unordered_set<ip_representation> bans;
 #else
-        std::set<std::string> bans;
+        std::set<ip_representation> bans;
 #endif
 		struct MHD_Daemon *daemon;
 		static int not_found_page 
diff --git a/src/httpserver/string_utilities.hpp b/src/httpserver/string_utilities.hpp
@@ -36,7 +36,7 @@ namespace string_utilities
 **/
 std::string to_upper_copy(std::string str);
 std::string to_lower_copy(std::string str);
-std::vector<std::string> string_split(std::string s, char sep);
+std::vector<std::string> string_split(std::string s, char sep = ' ', bool collapse = true);
 std::string regex_replace(std::string str, std::string pattern, std::string replace_str);
 
 };
diff --git a/src/string_utilities.cpp b/src/string_utilities.cpp
@@ -53,13 +53,13 @@ std::string to_lower_copy(std::string str)
     return str;
 }
 
-std::vector<std::string> string_split(std::string s, char sep)
+std::vector<std::string> string_split(std::string s, char sep, bool collapse)
 {
     std::vector<std::string> v;
     std::istringstream buf(s);
     for(std::string token; getline(buf, token, sep); )
     {
-        if(token != "")
+        if((collapse && token != "") || !collapse)
             v.push_back(token);
     }
     return v;

Original file line number	Diff line number	Diff line change
`@@ -446,7 +446,7 @@ int Webserver::buildRequestArgs (void *cls, enum MHD_ValueKind kind, const char`
`446`	`446`
`447`	`447`	`int policyCallback (void cls, const struct sockaddr addr, socklen_t addrlen)`
`448`	`448`	`{`
`449`		`- if(((Webserver*)cls)->bans.count(get_ip_str(addr, addrlen)))`
	`449`	`+ if(((Webserver*)cls)->bans.count(ip_representation(addr)))`
`450`	`450`	`return MHD_NO;`
`451`	`451`	`#ifdef DEBUG`
`452`	`452`	`cout << "IP: " << get_ip_str(addr, addrlen) << " - " << "IP-LEN: " << addrlen << endl;`
Original file line number	Diff line number	Diff line change
`@@ -53,13 +53,13 @@ std::string to_lower_copy(std::string str)`
`53`	`53`	`return str;`
`54`	`54`	`}`
`55`	`55`
`56`		`-std::vector<std::string> string_split(std::string s, char sep)`
	`56`	`+std::vector<std::string> string_split(std::string s, char sep, bool collapse)`
`57`	`57`	`{`
`58`	`58`	`std::vector<std::string> v;`
`59`	`59`	`std::istringstream buf(s);`
`60`	`60`	`for(std::string token; getline(buf, token, sep); )`
`61`	`61`	`{`
`62`		`- if(token != "")`
	`62`	`+ if((collapse && token != "") \|\| !collapse)`
`63`	`63`	`v.push_back(token);`
`64`	`64`	`}`
`65`	`65`	`return v;`