[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Gnash-commit] gnash ChangeLog libbase/URL.cpp libbase/URL.h l...
|
From: |
Rob Savoye |
|
Subject: |
[Gnash-commit] gnash ChangeLog libbase/URL.cpp libbase/URL.h l... |
|
Date: |
Thu, 08 Jun 2006 04:16:20 +0000 |
CVSROOT: /sources/gnash
Module name: gnash
Changes by: Rob Savoye <rsavoye> 06/06/08 04:16:19
Modified files:
. : ChangeLog
libbase : URL.cpp URL.h container.cpp rc.cpp rc.h
server : Date.cpp Math.h action.cpp network.cpp
backend : gnash.cpp
testsuite/libbase: TCXXRc.cpp
Log message:
* libbase/URL.cpp: Add support for using the config file for
security settings. Add host_check() to compare a hostname
against
security settings before accessing remote Flash movies. Look for
_WIN32 as well as just WIN32.
* libbase/URL.h: Add host_check().
* libbase/rc.cpp: Default all security settings to false.
* server/Date.cpp: Look for _WIN32 as well as just WIN32.
* server/action.cpp: Look for _WIN32 as well as just WIN32
CVSWeb URLs:
http://cvs.savannah.gnu.org/viewcvs/gnash/ChangeLog?cvsroot=gnash&r1=1.393&r2=1.394
http://cvs.savannah.gnu.org/viewcvs/gnash/libbase/URL.cpp?cvsroot=gnash&r1=1.11&r2=1.12
http://cvs.savannah.gnu.org/viewcvs/gnash/libbase/URL.h?cvsroot=gnash&r1=1.5&r2=1.6
http://cvs.savannah.gnu.org/viewcvs/gnash/libbase/container.cpp?cvsroot=gnash&r1=1.6&r2=1.7
http://cvs.savannah.gnu.org/viewcvs/gnash/libbase/rc.cpp?cvsroot=gnash&r1=1.3&r2=1.4
http://cvs.savannah.gnu.org/viewcvs/gnash/libbase/rc.h?cvsroot=gnash&r1=1.3&r2=1.4
http://cvs.savannah.gnu.org/viewcvs/gnash/server/Date.cpp?cvsroot=gnash&r1=1.12&r2=1.13
http://cvs.savannah.gnu.org/viewcvs/gnash/server/Math.h?cvsroot=gnash&r1=1.2&r2=1.3
http://cvs.savannah.gnu.org/viewcvs/gnash/server/action.cpp?cvsroot=gnash&r1=1.80&r2=1.81
http://cvs.savannah.gnu.org/viewcvs/gnash/server/network.cpp?cvsroot=gnash&r1=1.11&r2=1.12
http://cvs.savannah.gnu.org/viewcvs/gnash/backend/gnash.cpp?cvsroot=gnash&r1=1.40&r2=1.41
http://cvs.savannah.gnu.org/viewcvs/gnash/testsuite/libbase/TCXXRc.cpp?cvsroot=gnash&r1=1.2&r2=1.3
Patches:
Index: ChangeLog
===================================================================
RCS file: /sources/gnash/gnash/ChangeLog,v
retrieving revision 1.393
retrieving revision 1.394
diff -u -b -r1.393 -r1.394
--- ChangeLog 7 Jun 2006 04:28:46 -0000 1.393
+++ ChangeLog 8 Jun 2006 04:16:19 -0000 1.394
@@ -1,3 +1,14 @@
+2006-06-08 Rob Savoye <address@hidden>
+
+ * libbase/URL.cpp: Add support for using the config file for
+ security settings. Add host_check() to compare a hostname against
+ security settings before accessing remote Flash movies. Look for
+ _WIN32 as well as just WIN32.
+ * libbase/URL.h: Add host_check().
+ * libbase/rc.cpp: Default all security settings to false.
+ * server/Date.cpp: Look for _WIN32 as well as just WIN32.
+ * server/action.cpp: Look for _WIN32 as well as just WIN32.
+
2006-06-07 Rob Savoye <address@hidden>
* configure.ac: Add config dir for compat files like
Index: libbase/URL.cpp
===================================================================
RCS file: /sources/gnash/gnash/libbase/URL.cpp,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -b -r1.11 -r1.12
--- libbase/URL.cpp 20 May 2006 19:53:24 -0000 1.11
+++ libbase/URL.cpp 8 Jun 2006 04:16:19 -0000 1.12
@@ -42,6 +42,7 @@
#include "log.h"
#include "URL.h"
+#include "rc.h"
#include <string>
//#include <cstring>
@@ -56,7 +57,7 @@
#include <sys/types.h>
#include <sys/stat.h>
-#ifdef WIN32
+#if defined(_WIN32) || defined(WIN32)
# include <direct.h>
# define PATH_MAX 255
#else
@@ -64,7 +65,6 @@
#endif
#include <limits.h>
-
using namespace std;
namespace gnash {
@@ -100,6 +100,9 @@
// copy hostname
_host = in.substr(pos, pos1-pos);
+ if (!host_check(_host)) {
+ return;
+ }
// next come path
_path = in.substr(pos1);
@@ -201,6 +204,61 @@
init_relative(relative_url, baseurl);
}
+bool
+URL::host_check(std::string host)
+{
+ GNASH_REPORT_FUNCTION;
+
+ cerr << "Checking security of host: " << host.c_str() << endl;
+
+ if (host.size() == 0) {
+ return true;
+ }
+
+ bool check_domain = rcfile.useLocalDomain();
+ bool check_localhost = rcfile.useLocalHost();
+ char name[200];
+ memset(name, 0, 200);
+ gethostname(name, 200);
+
+ if (check_domain) {
+ char *domain = strchr(name, '.') + 1;
+ if (host != domain) {
+// throw gnash::GnashException("Not in the local domain!");
+ log_error("Not in the local domain!");
+ return false;
+ }
+ }
+
+ if (check_localhost) {
+ *(strchr(name, '.')) = 0;
+ if ((host != name) || (host == "localhost")) {
+// throw gnash::GnashException("Not on the localhost!");
+ log_error("Not on the localhost!");
+ return false;
+ }
+ }
+
+ std::vector<std::string> whitelist = rcfile.getWhiteList();
+ std::vector<std::string>::iterator it;
+ for (it = whitelist.begin(); it != whitelist.end(); ++it) {
+ if (*it == host) {
+ dbglogfile << "Whitelisted host " << host.c_str() << "!" << endl;
+ return true;
+ }
+ }
+
+ std::vector<std::string> blacklist = rcfile.getBlackList();
+ for (it = blacklist.begin(); it != blacklist.end(); ++it) {
+ if (*it == host) {
+ dbglogfile << "Blacklisted host " << host.c_str() << "!" << endl;
+ return false;
+ }
+ }
+
+ return true;
+}
+
/*private*/
void
URL::init_relative(const string& relative_url, const URL& baseurl)
@@ -218,6 +276,11 @@
_proto = baseurl._proto;
_host = baseurl._host;
+ //
+ if (!host_check(_host)) {
+ return;
+ }
+
if ( relative_url.size() && relative_url[0] == '/' )
{
// get path from here
Index: libbase/URL.h
===================================================================
RCS file: /sources/gnash/gnash/libbase/URL.h,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -b -r1.5 -r1.6
--- libbase/URL.h 15 May 2006 12:09:53 -0000 1.5
+++ libbase/URL.h 8 Jun 2006 04:16:19 -0000 1.6
@@ -92,8 +92,8 @@
/// TODO: make output operator and operator+ for strings
std::string str() const;
+ bool host_check(std::string host);
private:
-
void init_absolute(const std::string& absurl);
void init_relative(const std::string& relurl, const URL& baseurl);
Index: libbase/container.cpp
===================================================================
RCS file: /sources/gnash/gnash/libbase/container.cpp,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -b -r1.6 -r1.7
--- libbase/container.cpp 8 May 2006 21:12:24 -0000 1.6
+++ libbase/container.cpp 8 Jun 2006 04:16:19 -0000 1.7
@@ -9,8 +9,10 @@
#include "config.h"
#endif
+#include <cmath>
+#include <cstdarg>
+
#include "container.h"
-#include <stdarg.h>
#include "utf8.h"
#include "tu_random.h"
@@ -696,7 +698,5 @@
// Local Variables:
// mode: C++
-// c-basic-offset: 8
-// tab-width: 8
// indent-tabs-mode: t
// End:
Index: libbase/rc.cpp
===================================================================
RCS file: /sources/gnash/gnash/libbase/rc.cpp,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -b -r1.3 -r1.4
--- libbase/rc.cpp 7 Jun 2006 03:03:22 -0000 1.3
+++ libbase/rc.cpp 8 Jun 2006 04:16:19 -0000 1.4
@@ -54,6 +54,8 @@
using namespace std;
namespace gnash {
+RcInitFile rcfile;
+
RcInitFile::RcInitFile() : _delay(31),
_debug(false),
@@ -63,7 +65,7 @@
_parserdump(false),
_splash_screen(true),
_localdomain_only(false),
- _localhost_only(true)
+ _localhost_only(false)
{
// GNASH_REPORT_FUNCTION;
// loadFiles();
Index: libbase/rc.h
===================================================================
RCS file: /sources/gnash/gnash/libbase/rc.h,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -b -r1.3 -r1.4
--- libbase/rc.h 7 Jun 2006 03:03:22 -0000 1.3
+++ libbase/rc.h 8 Jun 2006 04:16:19 -0000 1.4
@@ -118,6 +118,8 @@
bool _writelog; // enable writing the debug log to disk
};
+extern RcInitFile rcfile;
+
// End of gnash namespace
}
Index: server/Date.cpp
===================================================================
RCS file: /sources/gnash/gnash/server/Date.cpp,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -b -r1.12 -r1.13
--- server/Date.cpp 20 May 2006 23:49:33 -0000 1.12
+++ server/Date.cpp 8 Jun 2006 04:16:19 -0000 1.13
@@ -45,7 +45,7 @@
#include <time.h>
-#ifdef WIN32
+#if defined(_WIN32) || defined(WIN32)
# define snprintf _snprintf
#else
# include <sys/time.h>
Index: server/Math.h
===================================================================
RCS file: /sources/gnash/gnash/server/Math.h,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -b -r1.2 -r1.3
Index: server/action.cpp
===================================================================
RCS file: /sources/gnash/gnash/server/action.cpp,v
retrieving revision 1.80
retrieving revision 1.81
diff -u -b -r1.80 -r1.81
--- server/action.cpp 7 Jun 2006 03:03:21 -0000 1.80
+++ server/action.cpp 8 Jun 2006 04:16:19 -0000 1.81
@@ -40,7 +40,7 @@
#include <typeinfo>
-#ifndef WIN32
+#if !defined(_WIN32) && !defined(WIN32)
# include <pthread.h>
#endif
@@ -68,26 +68,6 @@
#include "xmlsocket.h"
#endif
-//#include "Boolean.h"
-//#include "Camera.h"
-//#include "Color.h"
-//#include "ContextMenu.h"
-//#include "CustomActions.h"
-//#include "Date.h"
-//#include "Error.h"
-//#include "Function.h"
-//#include "LoadVars.h"
-//#include "LocalConnection.h"
-//#include "Microphone.h"
-//#include "Mouse.h"
-//#include "NetConnection.h"
-//#include "NetStream.h"
-//#include "Selection.h"
-//#include "SharedObject.h"
-//#include "Stage.h"
-//#include "System.h"
-//#include "TextSnapshot.h"
-//#include "Video.h"
#include "Global.h"
#include "swf.h"
#include "ASHandlers.h"
@@ -108,7 +88,7 @@
using namespace gnash;
using namespace SWF;
-#ifdef _WIN32
+#if defined(_WIN32) || defined(WIN32)
#define snprintf _snprintf
#endif // _WIN32
Index: server/network.cpp
===================================================================
RCS file: /sources/gnash/gnash/server/network.cpp,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -b -r1.11 -r1.12
--- server/network.cpp 1 Jun 2006 07:23:13 -0000 1.11
+++ server/network.cpp 8 Jun 2006 04:16:19 -0000 1.12
@@ -92,8 +92,7 @@
WORD wVersionRequested;
WSADATA wsaData;
wVersionRequested = MAKEWORD(1, 1); // Windows
Sockets 1.1
- if (WSAStartup( wVersionRequested, &wsaData ) != 0)
- {
+ if (WSAStartup( wVersionRequested, &wsaData ) != 0) {
printf("ERROR: could not find a usable WinSock DLL.\n");
exit(1);
}
Index: backend/gnash.cpp
===================================================================
RCS file: /sources/gnash/gnash/backend/gnash.cpp,v
retrieving revision 1.40
retrieving revision 1.41
diff -u -b -r1.40 -r1.41
--- backend/gnash.cpp 7 Jun 2006 03:03:22 -0000 1.40
+++ backend/gnash.cpp 8 Jun 2006 04:16:19 -0000 1.41
@@ -45,92 +45,13 @@
#include "SDL_thread.h"
#endif
-#ifdef WIN32
+#include <unistd.h>
+extern int mouse_x;
+extern int mouse_y;
+extern int mouse_buttons;
-# include "tu_opengl_includes.h"
-
- int mouse_x;
- int mouse_y;
- int mouse_buttons;
- int width;
- int height;
-
-// Vitaly: I included the source which does enough for our purposes here.
-
-# include <string.h>
-
- static int optind = 1;
- static char *optarg;
- static int optopt;
-
- int getopt(int argc, char * const argv[], char *optstring)
- {
- static int sp = 1;
- register int c;
- register char *cp;
-
- if (sp == 1)
- {
- if (optind >= argc || argv[optind][0] != '-' ||
argv[optind][1] == '\0')
- {
- return (EOF);
- }
- else
- if (strcmp(argv[optind], "--") == 0)
- {
- optind++;
- return (EOF);
- }
- }
- optopt = c = argv[optind][sp];
- if (c == ':' || (cp = strchr(optstring, c)) == NULL)
- {
- if (argv[optind][++sp] == '\0')
- {
- optind++;
- sp = 1;
- }
- return ('?');
- }
- if (*++cp == ':')
- {
- if (argv[optind][sp + 1] != '\0')
- {
- optarg = &argv[optind++][sp + 1];
- }
- else
- if (++optind >= argc)
- {
- sp = 1;
- return ('?');
- }
- else
- {
- optarg = argv[optind++];
- sp = 1;
- }
- }
- else
- {
- if (argv[optind][++sp] == '\0')
- {
- sp = 1;
- optind++;
- }
- optarg = NULL;
- }
- return (c);
- }
-
-#else
-# include <unistd.h>
- extern int mouse_x;
- extern int mouse_y;
- extern int mouse_buttons;
-
- extern int width;
- extern int height;
-#endif
+extern int width;
+extern int height;
#include <cstdlib>
#include <cstdio>
@@ -187,8 +108,6 @@
static bool s_event_thread = false;
static bool s_start_waiting = false;
-static RcInitFile rcfile;
-
#ifdef GUI_GTK
extern movie_state_e movie_menu_state;
#else
@@ -309,6 +228,7 @@
bool do_loop = true;
bool sdl_abort = true;
int delay = 31;
+
float tex_lod_bias;
// -1.0 tends to look good.
@@ -521,7 +441,7 @@
// doesn't. Otherwise the SDL event loop just polls.
if (sdl_abort) {
// Other flags are SDL_INIT_JOYSTICK | SDL_INIT_CDROM
-#ifdef _WIN32
+#if defined(_WIN32) || defined(WIN32)
if (SDL_Init(SDL_INIT_VIDEO | SDL_INIT_AUDIO))
#else
if (SDL_Init(SDL_INIT_VIDEO | SDL_INIT_AUDIO |
SDL_INIT_EVENTTHREAD ))
@@ -532,7 +452,7 @@
}
} else {
fprintf(stderr, "warning: SDL won't trap core dumps \n");
-#ifdef _WIN32
+#if defined(_WIN32) || defined(WIN32)
if (SDL_Init(SDL_INIT_VIDEO | SDL_INIT_AUDIO |
SDL_INIT_NOPARACHUTE | SDL_INIT_EVENTTHREAD))
#else
if (SDL_Init(SDL_INIT_VIDEO | SDL_INIT_AUDIO |
SDL_INIT_NOPARACHUTE))
@@ -1142,9 +1062,9 @@
version_and_copyright()
{
printf (
-#ifdef WIN32
+#if defined(_WIN32) || defined(WIN32)
// hack
-"Gnash for Windows\n"
+"Gnash for Windows\n" VERSION "\n"
#else
"Gnash " VERSION "\n"
#endif
Index: testsuite/libbase/TCXXRc.cpp
===================================================================
RCS file: /sources/gnash/gnash/testsuite/libbase/TCXXRc.cpp,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -b -r1.2 -r1.3
--- testsuite/libbase/TCXXRc.cpp 7 Jun 2006 03:03:22 -0000 1.2
+++ testsuite/libbase/TCXXRc.cpp 8 Jun 2006 04:16:19 -0000 1.3
@@ -168,10 +168,6 @@
runtest.fail ("rc.getWhiteList() doesn't has elements");
}
-// for (size_t i = 0; i < whitelist.size(); i++) {
-// dbglogfile << whitelist[i] << endl;
-// }
-
std::vector<std::string> blacklist = rc.getBlackList();
if (blacklist.size()) {
if ((blacklist[0] == "www.doubleclick.com")
@@ -184,9 +180,5 @@
} else {
runtest.fail ("rc.getBlackList() doesn't has elements");
}
-// for (size_t i = 0; i < blacklist.size(); i++) {
-// dbglogfile << blacklist[i] << endl;
-// }
-
}
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Gnash-commit] gnash ChangeLog libbase/URL.cpp libbase/URL.h l...,
Rob Savoye <=