search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
New Plugin: Security
[MonkeyD.git] / plugins / security / security.c
blobb9b7c38e530d2b9bca7d3de476c698b3596a7790
1 /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
2
3 /* Monkey HTTP Daemon
4 * ------------------
5 * Copyright (C) 2001-2009, Eduardo Silva P.
6 *
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 2 of the License, or
10 * (at your option) any later version.
11 *
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU Library General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, write to the Free Software
19 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
20 */
21
22 #include <string.h>
23 #include <sys/stat.h>
24 #include <unistd.h>
25
26 #include "config.h"
27 #include "plugin.h"
28 #include "security.h"
29
30 /* Plugin data for register */
31 mk_plugin_data_t _name = "Security";
32 mk_plugin_data_t _version = "0.1";
33 mk_plugin_stage_t _stages = MK_PLUGIN_STAGE_20;
34
35 struct plugin_api *mk_api;
36 struct mk_config *conf;
37
38 /* Read database configuration parameters */
39 int mk_security_conf()
40 {
41 int ret = 0;
42 unsigned long len;
43 char *conf_path;
44 struct mk_config *p;
45 struct mk_security *new, *r;
46
47 mk_api->str_build(&conf_path,
48 &len,
49 "%s/security.conf",
50 mk_api->config->serverconf);
51
52 p = conf = mk_api->config_create(conf_path);
53
54 r = rules;
55 while(p){
56 /* Passing to internal struct */
57 new = mk_api->mem_alloc(sizeof(struct mk_security));
58 if(strcasecmp(p->key, "IP") == 0){
59 new->type = MK_SECURITY_TYPE_IP;
60 }
61 else if(strcasecmp(p->key, "URL") == 0){
62 new->type = MK_SECURITY_TYPE_URL;
63 }
64
65 new->value = p->val;
66 new->next = NULL;
67
68 /* Linking node */
69 if(!rules){
70 rules = new;
71 }
72 else{
73 r = rules;
74 while(r->next){
75 r = r->next;
76 }
77 r->next = new;
78 }
79 p = p->next;
80 }
81
82 mk_api->mem_free(conf_path);
83 return ret;
84 }
85
86 int mk_security_check_ip(char *ipv4)
87 {
88 unsigned int i;
89 struct mk_security *p;
90
91 p = rules;
92 while(p){
93 if(p->type == MK_SECURITY_TYPE_IP){
94 for(i=0; p->value[i]; i ++) {
95 if (p->value[i]=='?') {
96 if (ipv4[i]=='.' || ipv4[i]=='\0')
97 return -1;
98 else
99 continue;
100 }
101
102 if (p->value[i]=='*')
103 return -1;
104
105 if (p->value[i]!=ipv4[i])
106 return 0;
107 }
108 }
109 p = p->next;
110 }
111
112 if(ipv4[i] == '\0'){
113 return -1;
114 }
115 else{
116 return 0;
117 }
118 }
119
120 int _mk_plugin_init(void **api)
121 {
122 mk_api = *api;
123 rules = 0;
124
125 /* Read configuration */
126 mk_security_conf();
127 return 0;
128 }
129
130 int _mk_plugin_stage_20(unsigned int socket, struct sched_connection *conx,
131 struct client_request *cr)
132 {
133 if(!cr){
134 if(mk_security_check_ip(conx->ipv4)!=0){
135 return MK_PLUGIN_RET_CLOSE_CONX;
136 }
137 }
138
139 return -1;
140 }
141
A Fast and Lightweight Wev Server for Linux