HttpServerBlacklist.cpp
Go to the documentation of this file.00001
00010 #include "PKIFdll.h"
00011
00012 #include "PKIFTime.h"
00013 #include "Duration.h"
00014 #include "HttpServerBlacklist.h"
00015 #include <cctype>
00016
00017 #include "LDAP_URL_Header.h"
00018
00019 #include <vector>
00020 #include <string>
00021 #include <map>
00022
00023 #include <boost/numeric/conversion/cast.hpp>
00024
00025 using namespace std;
00026
00027 const int g_maxAutoHttpBlacklistEntries = 100;
00028 const int g_numSecondsToLiveInHttpBlacklist = 300;
00029 std::vector<std::string> g_blacklistedHttpServers;
00030 std::map<std::string, CPKIFTimePtr> g_autoHttpBlacklistedServers;
00031
00032 void GetHostFromUri(const char* url_in, std::string& hostOut)
00033 {
00034 hostOut.clear();
00035
00036 int inLen = 0;
00037 try {
00038 inLen = boost::numeric_cast<int,size_t>(strlen(url_in));
00039 }catch(boost::numeric::bad_numeric_cast &){
00040
00041 return;
00042 }
00043 char* name = new char[inLen];
00044 if(!name) return;
00045 char* path = new char[inLen];
00046 if(!path) return;
00047 char protostr[16];
00048 if((2 == sscanf(url_in, "%15[^:]:%[^\n]",
00049 protostr,
00050 path)) && 0 == stricmp(protostr, "file"))
00051 {
00052
00053 }
00054 else
00055 {
00056 if (2 > sscanf(url_in,
00057 "%15[^\n:]://%[^\n/]%[^\n]",
00058 protostr,
00059 name, path))
00060 {
00061
00062 }
00063 else
00064 {
00065 hostOut = name;
00066 }
00067 }
00068 delete[] name;
00069 delete[] path;
00070 }
00071
00092 void CAC_API PKIFHTTP::AddBlacklistedHttpServer(
00094 std::string& server,
00096 bool bPermanent)
00097 {
00098 if(server == "")
00099 return;
00100 std::string copyOfServer = server;
00101 std::transform(copyOfServer.begin(), copyOfServer.end(), copyOfServer.begin(), (int(*)(int)) std::toupper);
00102 if(bPermanent)
00103 {
00104 if(g_blacklistedHttpServers.end() == find(g_blacklistedHttpServers.begin(), g_blacklistedHttpServers.end(), copyOfServer))
00105 g_blacklistedHttpServers.push_back(copyOfServer);
00106 }
00107 else
00108 {
00109 if(g_maxAutoHttpBlacklistEntries < g_autoHttpBlacklistedServers.size())
00110 {
00111 CPKIFDuration d;
00112 d.setSeconds(g_numSecondsToLiveInHttpBlacklist);
00113
00114
00115 CPKIFTimePtr lowerThreshold = CPKIFTime::CurrentTime();
00116 *lowerThreshold -= d;
00117
00118 std::map<std::string, CPKIFTimePtr >::iterator pos;
00119 std::map<std::string, CPKIFTimePtr >::iterator end = g_autoHttpBlacklistedServers.end();
00120 for(pos = g_autoHttpBlacklistedServers.begin(); pos != end; ++pos)
00121 {
00122 if(*lowerThreshold > *(*pos).second)
00123 g_autoHttpBlacklistedServers.erase(pos);
00124 }
00125
00126 if(g_maxAutoHttpBlacklistEntries < g_autoHttpBlacklistedServers.size())
00127 {
00128
00129 int numToRemove = g_maxAutoHttpBlacklistEntries/10;
00130 for(int ii = 0; ii < numToRemove; ++ii)
00131 {
00132 std::string serverToErase = (*g_autoHttpBlacklistedServers.begin()).first;
00133 g_autoHttpBlacklistedServers.erase(serverToErase);
00134 }
00135 }
00136 }
00137
00138
00139 g_autoHttpBlacklistedServers[copyOfServer] = CPKIFTime::CurrentTime();
00140 }
00141 }
00142
00153 void CAC_API PKIFHTTP::RemoveBlacklistedHttpServer(
00155 std::string& server)
00156 {
00157 std::string copyOfServer = server;
00158 std::transform(copyOfServer.begin(), copyOfServer.end(), copyOfServer.begin(), (int(*)(int)) std::toupper);
00159
00160 std::vector<std::string>::iterator found = find(g_blacklistedHttpServers.begin(),g_blacklistedHttpServers.end(),copyOfServer);
00161 if(g_blacklistedHttpServers.end() != found)
00162 g_blacklistedHttpServers.erase(found);
00163
00164 g_autoHttpBlacklistedServers.erase(copyOfServer);
00165 }
00166
00176 bool CAC_API PKIFHTTP::IsHttpServerBlacklisted(std::string& server)
00177 {
00178 std::string copyOfServer = server;
00179 std::transform(copyOfServer.begin(), copyOfServer.end(), copyOfServer.begin(), (int(*)(int)) std::toupper);
00180
00181 bool bTemporarilyBlacklisted = false;
00182 bool bPermanentlyBlacklisted = g_blacklistedHttpServers.end() != find(g_blacklistedHttpServers.begin(), g_blacklistedHttpServers.end(), copyOfServer);
00183 if(g_autoHttpBlacklistedServers.end() != g_autoHttpBlacklistedServers.find(copyOfServer))
00184 {
00185 CPKIFTimePtr time = g_autoHttpBlacklistedServers[copyOfServer];
00186 CPKIFDuration d;
00187 d.setSeconds(g_numSecondsToLiveInHttpBlacklist);
00188
00189 CPKIFTimePtr curTime = CPKIFTime::CurrentTime();
00190 *curTime -= d;
00191 if(*time > *curTime)
00192 bTemporarilyBlacklisted = true;
00193 else
00194 g_autoHttpBlacklistedServers.erase(copyOfServer);
00195 }
00196
00197 std::string host;
00198 GetHostFromUri(copyOfServer.c_str(), host);
00199
00200 if(host == copyOfServer || host.empty())
00201 return bPermanentlyBlacklisted || bTemporarilyBlacklisted;
00202 else
00203 return IsHttpServerBlacklisted(host);
00204 }
00205
00213 void CAC_API PKIFHTTP::ClearHttpServerBlacklist(void)
00214 {
00215 g_blacklistedHttpServers.clear();
00216 g_autoHttpBlacklistedServers.clear();
00217 }
00218
00226 void CAC_API PKIFHTTP::GetHttpServerBlacklist(std::vector<std::string> & bl)
00227 {
00228 bl = g_blacklistedHttpServers;
00229
00230 CPKIFDuration d;
00231 d.setSeconds(g_numSecondsToLiveInHttpBlacklist);
00232
00233 CPKIFTimePtr curTime = CPKIFTime::CurrentTime();
00234 *curTime -= d;
00235
00236 std::map<std::string, CPKIFTimePtr>::iterator pos;
00237 std::map<std::string, CPKIFTimePtr>::iterator end = g_autoHttpBlacklistedServers.end();
00238 for(pos = g_autoHttpBlacklistedServers.begin(); pos != end; ++pos)
00239 {
00240 if((*pos).second != (CPKIFTime*)NULL &&
00241 *(*pos).second > *curTime)
00242 {
00243 if(bl.end() == find(bl.begin(), bl.end(), (*pos).first))
00244 bl.push_back((*pos).first);
00245 }
00246 }
00247 }
