X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=src%2Fmodules%2Fm_httpd_acl.cpp;h=dd68f3087f93324545d9f6cbd2b37bab3dd77f34;hb=e80a1296a096ff2c495b3cd2a3913d5e5f6ec450;hp=bdcc3be6e7d02c65cd99d2ecc584a7e02ef96f87;hpb=d185decae97752368d5cf62311cbc0d1a52aa22c;p=user%2Fhenk%2Fcode%2Finspircd.git diff --git a/src/modules/m_httpd_acl.cpp b/src/modules/m_httpd_acl.cpp index bdcc3be6e..dd68f3087 100644 --- a/src/modules/m_httpd_acl.cpp +++ b/src/modules/m_httpd_acl.cpp @@ -2,8 +2,8 @@ * | Inspire Internet Relay Chat Daemon | * +------------------------------------+ * - * InspIRCd: (C) 2002-2008 InspIRCd Development Team - * See: http://www.inspircd.org/wiki/index.php/Credits + * InspIRCd: (C) 2002-2009 InspIRCd Development Team + * See: http://wiki.inspircd.org/Credits * * This program is free but copyrighted software; see * the file COPYING for details. @@ -14,7 +14,6 @@ #include "inspircd.h" #include "httpd.h" #include "protocol.h" -#include "wildcard.h" /* $ModDesc: Provides access control lists (passwording of resources, ip restrictions etc) to m_httpd.so dependent modules */ /* $ModDep: httpd.h */ @@ -48,7 +47,7 @@ class ModuleHTTPAccessList : public Module void ReadConfig() { acl_list.clear(); - ConfigReader c(ServerInstance); + ConfigReader c; int n_items = c.Enumerate("httpdacl"); for (int i = 0; i < n_items; ++i) { @@ -89,24 +88,22 @@ class ModuleHTTPAccessList : public Module } } - ModuleHTTPAccessList(InspIRCd* Me) : Module(Me) - { + ModuleHTTPAccessList() { ReadConfig(); - Implementation eventlist[] = { I_OnEvent, I_OnRequest }; - ServerInstance->Modules->Attach(eventlist, this, 2); + Implementation eventlist[] = { I_OnEvent }; + ServerInstance->Modules->Attach(eventlist, this, 1); } - void BlockAccess(HTTPRequest* http, Event* event, int returnval, const std::string &extraheaderkey = "", const std::string &extraheaderval="") + void BlockAccess(HTTPRequest* http, int returnval, const std::string &extraheaderkey = "", const std::string &extraheaderval="") { ServerInstance->Logs->Log("m_httpd_acl", DEBUG, "BlockAccess (%d)", returnval); std::stringstream data("Access to this resource is denied by an access control list. Please contact your IRC administrator."); - HTTPDocument response(http->sock, &data, returnval); + HTTPDocumentResponse response(this, *http, &data, returnval); response.headers.SetHeader("X-Powered-By", "m_httpd_acl.so"); if (!extraheaderkey.empty()) response.headers.SetHeader(extraheaderkey, extraheaderval); - Request req((char*)&response, (Module*)this, event->GetSource()); - req.Send(); + response.Send(); } bool IsBase64(unsigned char c) @@ -164,16 +161,16 @@ class ModuleHTTPAccessList : public Module return retval; } - void OnEvent(Event* event) + void OnEvent(Event& event) { - if (event->GetEventID() == "httpd_acl") + if (event.id == "httpd_acl") { ServerInstance->Logs->Log("m_http_stats", DEBUG,"Handling httpd acl event"); - HTTPRequest* http = (HTTPRequest*)event->GetData(); + HTTPRequest* http = (HTTPRequest*)&event; for (std::vector::const_iterator this_acl = acl_list.begin(); this_acl != acl_list.end(); ++this_acl) { - if (match(http->GetURI(), this_acl->path)) + if (InspIRCd::Match(http->GetURI(), this_acl->path, ascii_case_insensitive_map)) { if (!this_acl->blacklist.empty()) { @@ -183,11 +180,11 @@ class ModuleHTTPAccessList : public Module while (sep.GetToken(entry)) { - if (match(http->GetIP(), entry)) + if (InspIRCd::Match(http->GetIP(), entry, ascii_case_insensitive_map)) { ServerInstance->Logs->Log("m_httpd_acl", DEBUG, "Denying access to blacklisted resource %s (matched by pattern %s) from ip %s (matched by entry %s)", http->GetURI().c_str(), this_acl->path.c_str(), http->GetIP().c_str(), entry.c_str()); - BlockAccess(http, event, 403); + BlockAccess(http, 403); return; } } @@ -201,15 +198,15 @@ class ModuleHTTPAccessList : public Module while (sep.GetToken(entry)) { - if (match(http->GetIP(), entry)) + if (InspIRCd::Match(http->GetIP(), entry, ascii_case_insensitive_map)) allow_access = true; } if (!allow_access) { - ServerInstance->Logs->Log("m_httpd_acl", DEBUG, "Denying access to whitelisted resource %s (matched by pattern %s) from ip %s (matched by entry %s)", - http->GetURI().c_str(), this_acl->path.c_str(), http->GetIP().c_str(), entry.c_str()); - BlockAccess(http, event, 403); + ServerInstance->Logs->Log("m_httpd_acl", DEBUG, "Denying access to whitelisted resource %s (matched by pattern %s) from ip %s (Not in whitelist)", + http->GetURI().c_str(), this_acl->path.c_str(), http->GetIP().c_str()); + BlockAccess(http, 403); return; } } @@ -250,20 +247,20 @@ class ModuleHTTPAccessList : public Module } else /* Invalid password */ - BlockAccess(http, event, 401, "WWW-Authenticate", "Basic realm=\"Restricted Object\""); + BlockAccess(http, 401, "WWW-Authenticate", "Basic realm=\"Restricted Object\""); } else /* Malformed user:pass pair */ - BlockAccess(http, event, 401, "WWW-Authenticate", "Basic realm=\"Restricted Object\""); + BlockAccess(http, 401, "WWW-Authenticate", "Basic realm=\"Restricted Object\""); } else /* Unsupported authentication type */ - BlockAccess(http, event, 401, "WWW-Authenticate", "Basic realm=\"Restricted Object\""); + BlockAccess(http, 401, "WWW-Authenticate", "Basic realm=\"Restricted Object\""); } else { /* No password given at all, access denied */ - BlockAccess(http, event, 401, "WWW-Authenticate", "Basic realm=\"Restricted Object\""); + BlockAccess(http, 401, "WWW-Authenticate", "Basic realm=\"Restricted Object\""); } } @@ -274,18 +271,13 @@ class ModuleHTTPAccessList : public Module } } - const char* OnRequest(Request* request) - { - return NULL; - } - virtual ~ModuleHTTPAccessList() { } virtual Version GetVersion() { - return Version(1, 2, 0, 0, VF_VENDOR, API_VERSION); + return Version("Provides access control lists (passwording of resources, ip restrictions etc) to m_httpd.so dependent modules", VF_VENDOR, API_VERSION); } };