Changeset 817 for trunk


Ignore:
Timestamp:
Feb 2, 2017, 4:24:57 PM (8 years ago)
Author:
djay
Message:

Forward headers defined in the security section in the main.cfg #139.

Location:
trunk
Files:
8 edited

Legend:

Unmodified
Added
Removed
  • trunk/docs/kernel/configuration.rst

    r796 r817  
    127127--------------------------------
    128128
     129All the additional sections discribed in the following section are
     130optional.
     131
    129132Headers section
    130133...............................
     
    225228value stored before the Service execution.
    226229
     230Security section
     231...............................
     232
     233The ``[security]`` section can be used to define what headers, the
     234ZOO-Kernel has initially received in the request, should be passed
     235to other servers for accessing resources (such as WMS, WFS, WCS
     236or any other file passed as a reference). This section contains two
     237parameters:
     238
     239 * ``attributes``: The header to pass to other servers (such as
     240   Authorization, Cookie, User-Agent ...),
     241 * ``hosts``: The host for wich the restriction apply (can be "*" to
     242   forward header to every server or a coma separated list of host
     243   names, domain, IP).
     244
     245Both parameters are mandatory.
     246
     247Suppose you need to share Authorization, Cookie and User-Agent to
     248every server for accessing ressources, then yo ucan use the following
     249section definition:
     250
     251.. code::
     252
     253    [security]
     254    attributes=Authorization,Cookie,User-Agent
     255    hosts=*
     256
     257In case only local servers require such header forwarding, you may use
     258the following definition:
     259
     260.. code::
     261
     262    [security]
     263    attributes=Authorization,Cookie,User-Agent
     264    hosts=localhost,127.0.0.1
     265
     266
    227267.. _zoo_activate_db_backend:
    228268
  • trunk/thirds/cgic206/Makefile

    r768 r817  
    33ifeq ($(OS),Darwin)
    44        MACOS_CFLAGS=-arch x86_64
    5         LIBS= -L./ -lcgic /usr/lib/libfcgi.dylib
     5        LIBS= -L./ -lcgic /usr/local/lib/libfcgi.dylib
    66else
    77        LIBS= -L./ -lcgic /usr/lib/libfcgi.a
    88endif
    9 CFLAGS=-g -Wall ${MACOS_CFLAGS}
     9CFLAGS=-I/usr/local/include -g -Wall ${MACOS_CFLAGS}
    1010CC=gcc
    1111AR=ar
  • trunk/zoo-project/HISTORY.txt

    r799 r817  
    1 Version 1.6.0-dev
     1Version 1.7.0-dev
     2  * Pass all headers listed in the attributes parameter from the
     3  [security] section to the hosts listed in the hosts parameter of the
     4  same section (ticket #139)
     5
     6Version 1.6.0
    27  * Add the C# as a supported programming language for Services
    38  * Add nested inputs and outputs support (WPS 2.0.0)
  • trunk/zoo-project/zoo-kernel/caching.c

    r797 r817  
    292292  int hasAFailure=0;
    293293  if(hInternet!=NULL && hInternet->nb>0){
     294    AddHeaderEntries(hInternet,*m);
    294295    processDownloads(hInternet);
    295296    maps* content=*inputs;
  • trunk/zoo-project/zoo-kernel/configure.ac

    r813 r817  
    1 AC_INIT([ZOO Kernel], [1.6.0], [bugs@zoo-project.org])
     1AC_INIT([ZOO Kernel], [1.7.0], [bugs@zoo-project.org])
    22
    33# Checks for programs.
  • trunk/zoo-project/zoo-kernel/ulinet.c

    r797 r817  
    3030#include "ulinet.h"
    3131#include <assert.h>
     32#include <ctype.h>
    3233
    3334/**
     
    219220
    220221/**
     222 * Add missing headers to an existing _HINTERNET
     223 *
     224 *
     225 * @param handle the _HINTERNET pointer
     226 * @param key the header parameter name
     227 * @param value the header parameter value
     228 * @return 0 if the operation succeeded, -1 in other case.
     229 */
     230int AddMissingHeaderEntry(_HINTERNET* handle,const char* key,const char* value){
     231  int length=strlen(key)+strlen(value)+3;
     232  char *entry=(char*)malloc((length)*sizeof(char));
     233  if(entry==NULL)
     234    return -1;
     235  snprintf (entry, length, "%s: %s", key, value);
     236  handle->header = curl_slist_append (handle->header, entry);
     237  free(entry);
     238  return 0;
     239}
     240
     241/**
     242 * Verify if a host is protected (appear in [security] > hosts)
     243 *
     244 * @param protectedHosts string containing all the protected hosts (coma separated)
     245 * @param url string used to extract the host from
     246 * @return 1 if the host is listed as protected, 0 in other case
     247 */
     248int isProtectedHost(const char* protectedHosts,const char* url){
     249  char *token, *saveptr;
     250  token = strtok_r (url, "//", &saveptr);
     251  int cnt=0;
     252  char* host;
     253  while(token!=NULL && cnt<=1){
     254    fprintf(stderr,"%s %d %s \n",__FILE__,__LINE__,token);
     255    if(cnt==1)
     256      fprintf(stderr,"%s %d %s \n",__FILE__,__LINE__,strstr(protectedHosts,token));
     257    fflush(stderr);
     258    if(cnt==1 && strstr(protectedHosts,token)!=NULL){
     259      fprintf(stderr,"%s %d %s \n",__FILE__,__LINE__,strstr(protectedHosts,token));
     260      return 1;
     261    }
     262    token = strtok_r (NULL, "/", &saveptr);
     263    cnt+=1;
     264  }
     265  return 0;
     266}
     267
     268/**
     269 * Add headers defined in [security] > attributes to an existing HINTERNET
     270 * @see isProtectedHost, AddMissingHeaderEntry
     271 *
     272 * @param handle the _HINTERNET pointer
     273 * @param conf the header parameter name
     274 * @param value the header parameter value
     275 * @return 0 if the operation succeeded, -1 in other case.
     276 */
     277void AddHeaderEntries(HINTERNET* handle,maps* conf){
     278  map* passThrough=getMapFromMaps(conf,"security","attributes");
     279  map* targetHosts=getMapFromMaps(conf,"security","hosts");
     280  char* passedHeader[10];
     281  int cnt=0;
     282  if(passThrough!=NULL && targetHosts!=NULL){
     283    char *tmp=zStrdup(passThrough->value);
     284    char *token, *saveptr;
     285    token = strtok_r (tmp, ",", &saveptr);
     286    for(int i=0;i<handle->nb;i++){
     287      if(targetHosts->value[0]=='*' || isProtectedHost(targetHosts->value,handle->ihandle[i].url)==1){
     288        while (token != NULL){
     289          int length=strlen(token)+6;
     290          char* tmp1=(char*)malloc(length*sizeof(char));
     291          snprintf(tmp1,6,"HTTP_");
     292          for(int i=0;token[i]!='\0';i++){
     293            if(token[i]!='-')
     294              tmp1[5+i]=toupper(token[i]);
     295            else
     296              tmp1[5+i]='_';
     297            tmp1[5+i+1]='\0';
     298          }
     299          fprintf(stderr,"%s %d %s \n",__FILE__,__LINE__,tmp1);
     300          map* tmpMap = getMapFromMaps(conf,"renv",tmp1);
     301          if(tmpMap!=NULL)         
     302            AddMissingHeaderEntry(&handle->ihandle[i],token,tmpMap->value);
     303          free(tmp1);
     304          if(handle->ihandle[i].header!=NULL)
     305            curl_easy_setopt(handle->ihandle[i].handle,CURLOPT_HTTPHEADER,handle->ihandle[i].header);
     306          cnt+=1;
     307          token = strtok_r (NULL, ",", &saveptr);
     308        }
     309      }
     310    }
     311    free(tmp);
     312  }
     313}
     314
     315/**
    221316 * Close a HINTERNET connection and free allocated resources
    222317 *
     
    241336    if(handle.post!=NULL)
    242337      free(handle.post);
     338    if(handle.url!=NULL)
     339      free(handle.url);
    243340    free(handle.mimeType);
    244341    handle.mimeType = NULL;
     
    270367  hInternet->ihandle[hInternet->nb].hasCacheFile=0;
    271368  hInternet->ihandle[hInternet->nb].nDataAlloc = 0;
     369  hInternet->ihandle[hInternet->nb].url = NULL;
    272370  hInternet->ihandle[hInternet->nb].mimeType = NULL;
    273371  hInternet->ihandle[hInternet->nb].nDataLen = 0;
     
    340438
    341439  curl_easy_setopt(hInternet->ihandle[hInternet->nb].handle,CURLOPT_URL,lpszUrl);
     440  hInternet->ihandle[hInternet->nb].url = zStrdup(lpszUrl);
    342441
    343442  curl_multi_add_handle(hInternet->handle,hInternet->ihandle[hInternet->nb].handle);
  • trunk/zoo-project/zoo-kernel/ulinet.h

    r630 r817  
    3030#include <fcntl.h>
    3131#include <curl/curl.h>
     32#include "service.h"
    3233#ifndef WIN32
    3334#include <unistd.h>
     
    8485    FILE* file; //!< the file pointer
    8586    unsigned char *pabyData; //!< the downloaded content
     87    char *url; //!< the url used to access the server
    8688    char *mimeType; //!< the mimeType returned by the server
    8789    char *post; //!< the potential POST XML content
     
    134136  HINTERNET InternetOpen(char*,int,char*,char*,int);
    135137
     138  int isProtectedHost(const char*,const char*);
     139  int AddMissingHeaderEntry(_HINTERNET*,const char*,const char*);
     140  void AddHeaderEntries(HINTERNET*,maps*);
     141
    136142  void InternetCloseHandle(HINTERNET*);
    137143
  • trunk/zoo-project/zoo-kernel/zoo_service_loader.c

    r794 r817  
    21002100              addMapsToMaps (&m, tmpSess);
    21012101              freeMaps (&tmpSess);
    2102               free (tmpSess);
    21032102            }
     2103          free (tmpSess);
    21042104        }
    21052105    }
Note: See TracChangeset for help on using the changeset viewer.

Search

Context Navigation

ZOO Sponsors

http://www.zoo-project.org/trac/chrome/site/img/geolabs-logo.pnghttp://www.zoo-project.org/trac/chrome/site/img/neogeo-logo.png http://www.zoo-project.org/trac/chrome/site/img/apptech-logo.png http://www.zoo-project.org/trac/chrome/site/img/3liz-logo.png http://www.zoo-project.org/trac/chrome/site/img/gateway-logo.png

Become a sponsor !

Knowledge partners

http://www.zoo-project.org/trac/chrome/site/img/ocu-logo.png http://www.zoo-project.org/trac/chrome/site/img/gucas-logo.png http://www.zoo-project.org/trac/chrome/site/img/polimi-logo.png http://www.zoo-project.org/trac/chrome/site/img/fem-logo.png http://www.zoo-project.org/trac/chrome/site/img/supsi-logo.png http://www.zoo-project.org/trac/chrome/site/img/cumtb-logo.png

Become a knowledge partner

Related links

http://zoo-project.org/img/ogclogo.png http://zoo-project.org/img/osgeologo.png