[interchange-cvs] interchange - kwalsh modified 3 files
interchange-core@icdevgroup.org
interchange-core@icdevgroup.org
Tue Nov 5 04:36:01 2002
User: kwalsh
Date: 2002-11-05 09:35:56 GMT
Modified: lib/Vend Config.pm Dispatch.pm Server.pm
Log:
* Added the new HostnameLookups directive which allows Interchange
to lookup the hostname from a supplied IP address. This is a
'yesno' directive and the default is 'No'.
If not enabled then Interchange will expect the web server to
have already performed the DNS lookup. If the web server is
also configured to not perform DNS lookups then the following
features will not work: (1) RobotHost checks and (2) maintenance
of sessions from users who connect via AOL-style proxies.
No DNS lookups will be performed for temporary sessions unless
the RobotHost list needs to be checked. This lookup will only
happen if (1) HostnameLookups is enabled and (2) the web server
has not already performed the lookup and found the hostname.
The securiry checks performed when connecting via SOAP and
INET-mode links will make use of a DNS lookup, regardless of
the HostnameLookup setting and other considerations.
* If an entry in the RobotHost list contains the wildcard
"*.domain.com" then the base "domain.com" will also be checked.
Revision Changes Path
2.78 +17 -11 interchange/lib/Vend/Config.pm
rev 2.78, prev_rev 2.77
Index: Config.pm
===================================================================
RCS file: /var/cvs/interchange/lib/Vend/Config.pm,v
retrieving revision 2.77
retrieving revision 2.78
diff -u -r2.77 -r2.78
--- Config.pm 31 Oct 2002 20:07:04 -0000 2.77
+++ Config.pm 5 Nov 2002 09:35:56 -0000 2.78
@@ -1,6 +1,6 @@
# Vend::Config - Configure Interchange
#
-# $Id: Config.pm,v 2.77 2002/10/31 20:07:04 jon Exp $
+# $Id: Config.pm,v 2.78 2002/11/05 09:35:56 kwalsh Exp $
#
# Copyright (C) 1996-2002 Red Hat, Inc. <interchange@redhat.com>
#
@@ -45,7 +45,7 @@
use Vend::Util;
use Vend::Data;
-$VERSION = substr(q$Revision: 2.77 $, 10);
+$VERSION = substr(q$Revision: 2.78 $, 10);
my %CDname;
@@ -289,9 +289,10 @@
['TemplateDir', 'root_dir_array', ''],
['DomainTail', 'yesno', 'Yes'],
['AcrossLocks', 'yesno', 'No'],
- ['RobotUA', 'list_wildcard', ''],
- ['RobotIP', 'list_wildcard_full', ''],
- ['RobotHost', 'list_wildcard_full', ''],
+ ['RobotUA', 'list_wildcard', ''],
+ ['RobotIP', 'list_wildcard_full', ''],
+ ['RobotHost', 'list_wildcard_full', ''],
+ ['HostnameLookups', 'yesno', 'No'],
['TolerateGet', 'yesno', 'No'],
['PIDcheck', 'integer', '0'],
['LockoutCommand', undef, ''],
@@ -1509,7 +1510,7 @@
}
sub get_wildcard_list {
- my($var, $value) = @_;
+ my($var, $value, $base) = @_;
$value =~ s/^\s+//;
$value =~ s/\s+$//;
@@ -1521,11 +1522,16 @@
$value =~ s/\*/.*/g;
$value =~ s/\?/./g;
my @items = grep /\S/, split /\s*,\s*/, $value;
- s/\s+/\\s+/g for (@items);
+ for (@items) {
+ s/\s+/\\s+/g;
+ my $extra = $_;
+ if ($base && $extra =~ s/^\.\*\\\.//){
+ push(@items,$extra) if $extra;
+ }
+ }
$value = join '|', @items;
}
- $value = parse_regex($var, $value);
- return $value;
+ return parse_regex($var, $value);
}
# Set up an ActionMap or FormAction
@@ -2427,12 +2433,12 @@
}
sub parse_list_wildcard {
- my $value = get_wildcard_list(@_);
+ my $value = get_wildcard_list(@_,0);
return qr/$value/i;
}
sub parse_list_wildcard_full {
- my $value = '^(' . get_wildcard_list(@_) . ')$';
+ my $value = '^(' . get_wildcard_list(@_,1) . ')$';
return qr/$value/i;
}
1.4 +6 -2 interchange/lib/Vend/Dispatch.pm
rev 1.4, prev_rev 1.3
Index: Dispatch.pm
===================================================================
RCS file: /var/cvs/interchange/lib/Vend/Dispatch.pm,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- Dispatch.pm 30 Oct 2002 17:39:06 -0000 1.3
+++ Dispatch.pm 5 Nov 2002 09:35:56 -0000 1.4
@@ -1,6 +1,6 @@
# Vend::Dispatch - Handle Interchange page requests
#
-# $Id: Dispatch.pm,v 1.3 2002/10/30 17:39:06 mheins Exp $
+# $Id: Dispatch.pm,v 1.4 2002/11/05 09:35:56 kwalsh Exp $
#
# Copyright (C) 2002 ICDEVGROUP <interchange@icdevgroup.org>
# Copyright (C) 2002 Mike Heins <mike@perusion.net>
@@ -26,7 +26,7 @@
package Vend::Dispatch;
use vars qw($VERSION);
-$VERSION = substr(q$Revision: 1.3 $, 10);
+$VERSION = substr(q$Revision: 1.4 $, 10);
use POSIX qw(strftime);
use Vend::Util;
@@ -737,6 +737,10 @@
die "REQUEST_METHOD is not defined" unless defined $CGI::request_method
or @Global::argv;
+
+ if ($Global::HostnameLookups && !$CGI::remote_host && $CGI::remote_addr && !$CGI::values{mv_tmp_session}) {
+ $CGI::remote_host = gethostbyaddr(Socket::inet_aton($CGI::remote_addr),Socket::AF_INET);
+ }
# The great and really final AOL fix
#
2.18 +23 -19 interchange/lib/Vend/Server.pm
rev 2.18, prev_rev 2.17
Index: Server.pm
===================================================================
RCS file: /var/cvs/interchange/lib/Vend/Server.pm,v
retrieving revision 2.17
retrieving revision 2.18
diff -u -r2.17 -r2.18
--- Server.pm 2 Nov 2002 18:46:15 -0000 2.17
+++ Server.pm 5 Nov 2002 09:35:56 -0000 2.18
@@ -1,6 +1,6 @@
# Vend::Server - Listen for Interchange CGI requests as a background server
#
-# $Id: Server.pm,v 2.17 2002/11/02 18:46:15 danb Exp $
+# $Id: Server.pm,v 2.18 2002/11/05 09:35:56 kwalsh Exp $
#
# Copyright (C) 1996-2002 Red Hat, Inc. <interchange@redhat.com>
#
@@ -25,7 +25,7 @@
package Vend::Server;
use vars qw($VERSION);
-$VERSION = substr(q$Revision: 2.17 $, 10);
+$VERSION = substr(q$Revision: 2.18 $, 10);
use POSIX qw(setsid strftime);
use Vend::Util;
@@ -146,9 +146,6 @@
}
sub map_misc_cgi {
- if ($Global::RobotHost && !$CGI::remote_host && $CGI::remote_addr) {
- $CGI::remote_host = gethostbyaddr(Socket::inet_aton($CGI::remote_addr),Socket::AF_INET);
- }
$CGI::host = $CGI::remote_host || $CGI::remote_addr;
$CGI::user = $CGI::remote_user;
@@ -186,20 +183,6 @@
? ($g->{IV}, $g->{VN}, $g->{IgnoreMultiple})
: ($Global::IV, $Global::VN, $Global::IgnoreMultiple);
-#::logDebug("Check robot UA=$Global::RobotUA IP=$Global::RobotIP");
- if ($Global::RobotUA and $CGI::useragent =~ $Global::RobotUA) {
-#::logDebug("It is a robot by UA!");
- $CGI::values{mv_tmp_session} = 1;
- }
- elsif ($Global::RobotHost and $CGI::remote_host =~ $Global::RobotHost) {
-#::logDebug("It is a robot by host!");
- $CGI::values{mv_tmp_session} = 1;
- }
- elsif ($Global::RobotIP and $CGI::remote_addr =~ $Global::RobotIP) {
-#::logDebug("It is a robot by IP!");
- $CGI::values{mv_tmp_session} = 1;
- }
-
# Vend::ModPerl has already handled GET/POST parsing
return if $Global::mod_perl;
@@ -223,6 +206,27 @@
parse_post(\$CGI::query_string);
}
+ return if $CGI::values{mv_tmp_session};
+
+#::logDebug("Check robot UA=$Global::RobotUA IP=$Global::RobotIP");
+ if ($Global::RobotUA and $CGI::useragent =~ $Global::RobotUA) {
+#::logDebug("It is a robot by UA!");
+ $CGI::values{mv_tmp_session} = 1;
+ }
+ elsif ($Global::RobotIP and $CGI::remote_addr =~ $Global::RobotIP) {
+#::logDebug("It is a robot by IP!");
+ $CGI::values{mv_tmp_session} = 1;
+ }
+ elsif ($Global::HostnameLookups && $Global::RobotHost) {
+ if (!$CGI::remote_host && $CGI::remote_addr) {
+ $CGI::remote_host = gethostbyaddr(Socket::inet_aton($CGI::remote_addr),Socket::AF_INET);
+ $CGI::host = $CGI::remote_host || $CGI::remote_addr;
+ }
+ if ($CGI::remote_host && $CGI::remote_host =~ $Global::RobotHost) {
+#::logDebug("It is a robot by host!");
+ $CGI::values{mv_tmp_session} = 1;
+ }
+ }
}
# This is called by parse_multipart