[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Gnash-commit] gnash ChangeLog libbase/URL.cpp libbase/URL.h s...
|
From: |
Sandro Santilli |
|
Subject: |
[Gnash-commit] gnash ChangeLog libbase/URL.cpp libbase/URL.h s... |
|
Date: |
Sun, 30 Jul 2006 00:11:50 +0000 |
CVSROOT: /sources/gnash
Module name: gnash
Changes by: Sandro Santilli <strk> 06/07/30 00:11:50
Modified files:
. : ChangeLog
libbase : URL.cpp URL.h
server : StreamProvider.cpp
Log message:
* libbase/URL.cpp, libbase/URL.h, server/StreamProvider.cpp:
moved host security checking from URL class to StreamProvider
class. Do not check security for local files anymore, and
prevents checking security on temporary URL instances
(used for relative urls resolution)
CVSWeb URLs:
http://cvs.savannah.gnu.org/viewcvs/gnash/ChangeLog?cvsroot=gnash&r1=1.554&r2=1.555
http://cvs.savannah.gnu.org/viewcvs/gnash/libbase/URL.cpp?cvsroot=gnash&r1=1.13&r2=1.14
http://cvs.savannah.gnu.org/viewcvs/gnash/libbase/URL.h?cvsroot=gnash&r1=1.6&r2=1.7
http://cvs.savannah.gnu.org/viewcvs/gnash/server/StreamProvider.cpp?cvsroot=gnash&r1=1.4&r2=1.5
Patches:
Index: ChangeLog
===================================================================
RCS file: /sources/gnash/gnash/ChangeLog,v
retrieving revision 1.554
retrieving revision 1.555
diff -u -b -r1.554 -r1.555
--- ChangeLog 29 Jul 2006 23:12:53 -0000 1.554
+++ ChangeLog 30 Jul 2006 00:11:49 -0000 1.555
@@ -1,5 +1,13 @@
2006-07-29 Sandro Santilli <address@hidden>
+ * libbase/URL.cpp, libbase/URL.h, server/StreamProvider.cpp:
+ moved host security checking from URL class to StreamProvider
+ class. Do not check security for local files anymore, and
+ prevents checking security on temporary URL instances
+ (used for relative urls resolution)
+
+2006-07-29 Sandro Santilli <address@hidden>
+
* testsuite/libbase/Makefile.am, plugin/Makefile.am,
testsuite/libbase/Makefile.am:
commented out AM_LDFLAGS (rely on helper libs deps)
Index: libbase/URL.cpp
===================================================================
RCS file: /sources/gnash/gnash/libbase/URL.cpp,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -b -r1.13 -r1.14
--- libbase/URL.cpp 12 Jun 2006 17:15:35 -0000 1.13
+++ libbase/URL.cpp 30 Jul 2006 00:11:49 -0000 1.14
@@ -42,7 +42,7 @@
#include "log.h"
#include "URL.h"
-#include "rc.h"
+//#include "rc.h"
#include <string>
//#include <cstring>
@@ -102,9 +102,11 @@
// copy hostname
_host = in.substr(pos, pos1-pos);
+#if 0 // check moved to StreamProvider
if (!host_check(_host)) {
return;
}
+#endif
// next come path
_path = in.substr(pos1);
@@ -206,61 +208,6 @@
init_relative(relative_url, baseurl);
}
-bool
-URL::host_check(std::string host)
-{
- GNASH_REPORT_FUNCTION;
-
- cerr << "Checking security of host: " << host.c_str() << endl;
-
- if (host.size() == 0) {
- return true;
- }
-
- bool check_domain = rcfile.useLocalDomain();
- bool check_localhost = rcfile.useLocalHost();
- char name[200];
- memset(name, 0, 200);
- gethostname(name, 200);
-
- if (check_domain) {
- char *domain = strchr(name, '.') + 1;
- if (host != domain) {
-// throw gnash::GnashException("Not in the local domain!");
- log_error("Not in the local domain!");
- return false;
- }
- }
-
- if (check_localhost) {
- *(strchr(name, '.')) = 0;
- if ((host != name) || (host == "localhost")) {
-// throw gnash::GnashException("Not on the localhost!");
- log_error("Not on the localhost!");
- return false;
- }
- }
-
- std::vector<std::string> whitelist = rcfile.getWhiteList();
- std::vector<std::string>::iterator it;
- for (it = whitelist.begin(); it != whitelist.end(); ++it) {
- if (*it == host) {
- dbglogfile << "Whitelisted host " << host.c_str() << "!" << endl;
- return true;
- }
- }
-
- std::vector<std::string> blacklist = rcfile.getBlackList();
- for (it = blacklist.begin(); it != blacklist.end(); ++it) {
- if (*it == host) {
- dbglogfile << "Blacklisted host " << host.c_str() << "!" << endl;
- return false;
- }
- }
-
- return true;
-}
-
/*private*/
void
URL::init_relative(const string& relative_url, const URL& baseurl)
@@ -279,9 +226,11 @@
_host = baseurl._host;
//
+#if 0 // check moved to StreamProvider
if (!host_check(_host)) {
return;
}
+#endif
if ( relative_url.size() && relative_url[0] == '/' )
{
Index: libbase/URL.h
===================================================================
RCS file: /sources/gnash/gnash/libbase/URL.h,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -b -r1.6 -r1.7
--- libbase/URL.h 8 Jun 2006 04:16:19 -0000 1.6
+++ libbase/URL.h 30 Jul 2006 00:11:49 -0000 1.7
@@ -92,7 +92,8 @@
/// TODO: make output operator and operator+ for strings
std::string str() const;
- bool host_check(std::string host);
+ // check moved to StreamProvider (AccessManager)
+ //bool host_check(std::string host);
private:
void init_absolute(const std::string& absurl);
Index: server/StreamProvider.cpp
===================================================================
RCS file: /sources/gnash/gnash/server/StreamProvider.cpp,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -b -r1.4 -r1.5
--- server/StreamProvider.cpp 20 May 2006 19:45:54 -0000 1.4
+++ server/StreamProvider.cpp 30 Jul 2006 00:11:50 -0000 1.5
@@ -52,6 +52,7 @@
# include "curl_adapter.h"
#endif
#include "log.h"
+#include "rc.h" // for rcfile
// temporary use of console for confirm load of network urls
#include <iostream>
@@ -65,6 +66,7 @@
#include <cstdio>
#include <map>
#include <string>
+#include <vector>
namespace gnash
{
@@ -167,6 +169,67 @@
}
+bool
+host_check(const std::string& host)
+{
+ GNASH_REPORT_FUNCTION;
+
+ std::cerr << "Checking security of host: " << host << std::endl;
+
+ assert(host.size() > 0);
+#if 0
+ if (host.size() == 0) {
+ return true;
+ }
+#endif
+
+ bool check_domain = rcfile.useLocalDomain();
+ bool check_localhost = rcfile.useLocalHost();
+ char name[200];
+ memset(name, 0, 200);
+ gethostname(name, 200);
+
+ if (check_domain) {
+ char *domain = strchr(name, '.') + 1;
+ if (host != domain) {
+// throw gnash::GnashException("Not in the local domain!");
+ log_error("Not in the local domain!");
+ return false;
+ }
+ }
+
+ if (check_localhost) {
+ *(strchr(name, '.')) = 0;
+ if ((host != name) || (host == "localhost")) {
+// throw gnash::GnashException("Not on the localhost!");
+ log_error("Not on the localhost!");
+ return false;
+ }
+ }
+
+ std::vector<std::string> whitelist = rcfile.getWhiteList();
+ std::vector<std::string>::iterator it;
+ for (it = whitelist.begin(); it != whitelist.end(); ++it) {
+ if (*it == host) {
+ dbglogfile << "Whitelisted host " << host.c_str() << "!" <<
+ std::endl;
+ return true;
+ }
+ }
+
+ std::vector<std::string> blacklist = rcfile.getBlackList();
+ for (it = blacklist.begin(); it != blacklist.end(); ++it) {
+ if (*it == host) {
+ dbglogfile << "Blacklisted host " << host.c_str() << "!"
+ << std::endl;
+ return false;
+ }
+ }
+
+ return true;
+}
+
+
} // AccessManager
tu_file*
@@ -192,7 +255,8 @@
#ifdef USE_CURL
std::string url_str = url.str();
const char* c_url = url_str.c_str();
- if ( URLAccessManager::allow(url_str) ) {
+ //if ( URLAccessManager::allow(url_str) ) {
+ if ( URLAccessManager::host_check(url.hostname()) ) {
return curl_adapter::make_stream(c_url);
} else {
return NULL;
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Gnash-commit] gnash ChangeLog libbase/URL.cpp libbase/URL.h s...,
Sandro Santilli <=