[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Gnash-commit] gnash ChangeLog server/URLAccessManager.cpp [release_0_7_
From: |
Sandro Santilli |
Subject: |
[Gnash-commit] gnash ChangeLog server/URLAccessManager.cpp [release_0_7_2] |
Date: |
Thu, 09 Nov 2006 12:29:17 +0000 |
CVSROOT: /sources/gnash
Module name: gnash
Branch: release_0_7_2
Changes by: Sandro Santilli <strk> 06/11/09 12:29:17
Modified files:
. : ChangeLog
server : URLAccessManager.cpp
Log message:
* server/URLAccessManager.cpp (host_check): use log_security()
and (IMHO) clearer messages; use case-insensitive matching
and standard algorithms for whitelist/blacklist
CVSWeb URLs:
http://cvs.savannah.gnu.org/viewcvs/gnash/ChangeLog?cvsroot=gnash&only_with_tag=release_0_7_2&r1=1.1412.2.129&r2=1.1412.2.130
http://cvs.savannah.gnu.org/viewcvs/gnash/server/URLAccessManager.cpp?cvsroot=gnash&only_with_tag=release_0_7_2&r1=1.5.2.4&r2=1.5.2.5
Patches:
Index: ChangeLog
===================================================================
RCS file: /sources/gnash/gnash/ChangeLog,v
retrieving revision 1.1412.2.129
retrieving revision 1.1412.2.130
diff -u -b -r1.1412.2.129 -r1.1412.2.130
--- ChangeLog 9 Nov 2006 10:13:12 -0000 1.1412.2.129
+++ ChangeLog 9 Nov 2006 12:29:17 -0000 1.1412.2.130
@@ -1,5 +1,8 @@
2006-11-09 Sandro Santilli <address@hidden>
+ * server/URLAccessManager.cpp (host_check): use log_security()
+ and (IMHO) clearer messages; use case-insensitive matching
+ and standard algorithms for whitelist/blacklist
* libbase/log.{cpp,h}: added log_security() for security-related
messages.
* server/StringPredicates.h: backported StringNoCaseEqual
Index: server/URLAccessManager.cpp
===================================================================
RCS file: /sources/gnash/gnash/server/URLAccessManager.cpp,v
retrieving revision 1.5.2.4
retrieving revision 1.5.2.5
diff -u -b -r1.5.2.4 -r1.5.2.5
--- server/URLAccessManager.cpp 9 Nov 2006 10:08:44 -0000 1.5.2.4
+++ server/URLAccessManager.cpp 9 Nov 2006 12:29:17 -0000 1.5.2.5
@@ -25,12 +25,16 @@
#include "URLAccessManager.h"
#include "URL.h"
#include "log.h"
+#include "StringPredicates.h" // for case-insensitive host match
+
#include "rc.h" // for rcfile
#include <cerrno> // for errno :)
// temporary use of console for confirm load of network urls
#include <iostream>
+#include <algorithm> // for find / find_if
+
#ifdef WIN32
# include <Winsock2.h>
#else
@@ -151,25 +155,32 @@
static bool
host_check_blackwhite_lists(const std::string& host)
{
- std::vector<std::string> whitelist = rcfile.getWhiteList();
- std::vector<std::string>::iterator it;
- for (it = whitelist.begin(); it != whitelist.end(); ++it) {
- if (*it == host) {
- dbglogfile << "Whitelisted host " << host.c_str() << "!" <<
- std::endl;
+ using std::vector;
+ using std::string;
+
+ vector<string>::iterator it;
+
+ vector<string> whitelist = rcfile.getWhiteList();
+ // TODO: case-insensitive matching ?
+ it = find(whitelist.begin(), whitelist.end(), host);
+ if ( it != whitelist.end() ) {
+ log_security("Load from host %s granted (whitelisted).",
+ host.c_str());
return true;
}
- }
- std::vector<std::string> blacklist = rcfile.getBlackList();
- for (it = blacklist.begin(); it != blacklist.end(); ++it) {
- if (*it == host) {
- dbglogfile << "Blacklisted host " << host.c_str() << "!"
- << std::endl;
+ vector<string> blacklist = rcfile.getBlackList();
+ // TODO: case-insensitive matching ?
+ it = find(blacklist.begin(), blacklist.end(), host);
+ if ( it != blacklist.end() )
+ {
+ log_security("Load from host %s forbidden (blacklisted).",
+ host.c_str());
return false;
}
- }
+ log_security("Load from host %s granted (default).",
+ host.c_str());
return true;
}
@@ -183,7 +194,7 @@
{
// GNASH_REPORT_FUNCTION;
- log_msg("Checking security of host: %s", host.c_str());
+ //log_msg("Checking security of host: %s", host.c_str());
assert( ! host.empty() );
@@ -227,12 +238,14 @@
}
if ( check_domain && domainname != host ) {
- log_msg("Not in the local domain!");
+ log_security("Load from host %s forbidden (not in the local domain).",
+ host.c_str());
return false;
}
if ( check_localhost && hostname != host ) {
- log_msg("Not on the localhost!");
+ log_security("Load from host %s forbidden (not on the local host).",
+ host.c_str());
return false;
}