namazu-dev(ring)


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

NMZ.access (Re: TODO-namazu-2.0)



$B$?$+$/(B@$B?^=q4[>pJsBg$G$9!#(B
(B
(B<199909110324.MAA17339@xxxxxxxxxxxxxx>$B$N5-;v$K$*$$$F(B
(Bsatoru-t@xxxxxxxxxxxxxxxxxx$B$5$s$O=q$-$^$7$?!#(B
(B> >  * DoS $BBP:v(B
(B> >    - $BCf4V!&8eJ}0lCW!"@55,I=8=!"%U%#!<%k%I;XDj$G$N8!:w$rM^@)(B 
(B> >    - IP$B%"%I%l%9!"%I%a%$%sL>$K$h$k%"%/%;%9@)8f(B
(B> 
(B> $BI,MW$J$N$+$h$/$o$+$i$J$$!#;d$O$d$k5$$,$"$j$^$;$s!#(B
(B
(B1$BHVL\$N9`L\(B($B8!:w$NM^@)(B)$B$O$H$b$+$/!"(B
(B2$BHV$a$N%"%/%;%9@)8f$O<{MW$,AjEv$KB?$$$H;W$$$^$9!#(B
(B# $B$H$$$&$+!"<+J,$,M_$7$$$@$1$+$b!D!#(B:-)
(B
$B$H$$$&Lu$G!"(B
$B<+J,$G(B NMZ.access $B$K$h$k%"%/%;%9@)8f$rZ$=$NB>$r$7$F$J$$!"(B
$B$N$G!"(Bnamazu-dev $B$KEj$2$F$_$k$3$H$K$7$^$7$?!#(B
$BF0:n3NG'$d$40U8+$[$+$*4j$$$7$^$9!#(B
(B
$B0J2<$N$h$&$J46$8$G!"%"%/%;%9@)8f5!G=$r;}$?$;$^$7$g$&!#(B
$B!A!A(B
(B1. $B%$%s%G%/%9Kh$K%"%/%;%9@)8f$9$k!#(B
(B(namazu.conf$B$G$O$d$i$J$$(B)
(B
(B2. $B%$%s%G%/%9$H0l=o$K$"$k!"(BNMZ.access $B$H$$$&%U%!%$%k$K(B
$B%"%/%;%9@)8f$N>pJs$r=q$-9~$`!#(B
(B
(B3. NMZ.access $B$N=q<0$O!"(B
(B	deny [IP$B%"%I%l%9(B or $B%[%9%HL>(B or "all"]
(B	allow [IP$B%"%I%l%9(B or $B%[%9%HL>(B or "all"]
(B
(Bdeny$B$G%"%/%;%9$r5qH]$7$?$$$b$N$r;XDj$9$k!#(B
(Ballow$B$G%"%/%;%9$r5v$7$?$$$b$N$r;XDj$9$k!#(B
$B%G%U%)%k%H$O(B allow all $B$H$9$k!#(B
(B(NMZ.access $B$,B8:_$7$J$$;~$b!#(B)
(B
(B4. $B%[%9%HL>$O8eJ}0lCW!"(BIP$B%"%I%l%9$OA0J}0lCW$H$9$k!#(B
(B($B%I%a%$%s;XDj$,$G$-$k!#(B)
(B
(B5. $B$^$?!"M-8zHO0O$,=E$J$k;~$O!"$&$7$m$K=q$$$F$"$k5-=R$rM%@h$9$k!#(B
$B!A!A(B
$B$3$A$i$G$O!"0J2<$N$h$&$J5-=R$G3NG'$r$7$^$7$?!#(B
(B% cat NMZ.access
(Bdeny all
(Ballow 133.51.
(Ballow .ulis.ac.jp
$B!A!A(B
(B--
$B9b5W(B $B2m@8(B  // ULIS : University of Library and Information Science
(B    $B?^=q4[>pJsBg3XBg3X1!(B $B?^=q4[>pJs3X8&5f2J(B $B=$;N(B 2 $BG/http://www.ulis.ac.jp/~masao/
Index: src/message.c
(B===================================================================
(BRCS file: /circus/cvsroot/namazu/src/message.c,v
(Bretrieving revision 1.14.2.1
(Bdiff -u -r1.14.2.1 message.c
(B--- src/message.c	1999/09/15 07:54:41	1.14.2.1
(B+++ src/message.c	1999/09/15 08:24:36
(B@@ -47,6 +47,7 @@
(B *MSG_REFERENCE_HEADER, *MSG_INVALID_DB_NAME, *MSG_INVALID_QUERY,
(B *MSG_CANNOT_OPEN_INDEX, *MSG_CANNOT_OPEN_REGEX_INDEX,
(B *MSG_CANNOT_OPEN_PHRASE_INDEX, *MSG_CANNOT_OPEN_FIELD_INDEX,
(B+*MSG_ACCESS_DENY_INDEX,
(B *MSG_QUERY_STRING_TOO_LONG;
(B 
(B 
(B@@ -106,6 +107,7 @@
(B         MSG_CANNOT_OPEN_REGEX_INDEX = (uchar *)" (正規表現用インデックスが開けませんでした)";
(B         MSG_CANNOT_OPEN_FIELD_INDEX = (uchar *)" (フィールド検索用インデックスが開けませんでした)";
(B         MSG_CANNOT_OPEN_PHRASE_INDEX = (uchar *)" (フレーズ検索用インデックスが開けませんでした)";
(B+	MSG_ACCESS_DENY_INDEX = (uchar *)"(インデックスにアクセスする権利がありません)";
(B         MSG_INDEXDIR_ERROR = (uchar *)"INDEXDIR の設定を確認してください\n";
(B         MSG_REFERENCE_HEADER = (uchar *)"	<strong>参考ヒット数:</strong> ";
(B         MSG_INVALID_DB_NAME = (uchar *)"不正な idxname の指定です";
(B@@ -156,6 +158,7 @@
(B         MSG_CANNOT_OPEN_FIELD_INDEX = (uchar *)" (cannot open field index)";
(B         MSG_CANNOT_OPEN_REGEX_INDEX = (uchar *)" (cannot open regex index)";
(B         MSG_CANNOT_OPEN_PHRASE_INDEX = (uchar *)" (cannot open phrase index)";
(B+	MSG_ACCESS_DENY_INDEX = (uchar *)"(You don\'t have a permission to access the index)";
(B         MSG_INDEXDIR_ERROR = (uchar *)
(B             "To Administrator:\nCheck the definition of INDEXDIR.\n";
(B         MSG_REFERENCE_HEADER = (uchar *)"Word count: ";
(BIndex: src/message.h
(B===================================================================
(BRCS file: /circus/cvsroot/namazu/src/message.h,v
(Bretrieving revision 1.4
(Bdiff -u -r1.4 message.h
(B--- src/message.h	1999/08/27 10:05:13	1.4
(B+++ src/message.h	1999/09/15 08:24:36
(B@@ -26,6 +26,7 @@
(B extern uchar *MSG_CANNOT_OPEN_REGEX_INDEX;
(B extern uchar *MSG_CANNOT_OPEN_PHRASE_INDEX;
(B extern uchar *MSG_CANNOT_OPEN_FIELD_INDEX;
(B+extern uchar *MSG_ACCESS_DENY_INDEX;
(B 
(B void init_message(void);
(B 
(BIndex: src/namazu.h
(B===================================================================
(BRCS file: /circus/cvsroot/namazu/src/namazu.h,v
(Bretrieving revision 1.16.2.2
(Bdiff -u -r1.16.2.2 namazu.h
(B--- src/namazu.h	1999/09/15 07:54:41	1.16.2.2
(B+++ src/namazu.h	1999/09/15 08:24:36
(B@@ -77,6 +77,7 @@
(B     uchar p[MAXPATH];
(B     uchar pi[MAXPATH];
(B     uchar tips[MAXPATH];
(B+    uchar access[MAXPATH];
(B };
(B typedef struct nmz_names NMZ_NAMES;
(B 
(BIndex: src/search.c
(B===================================================================
(BRCS file: /circus/cvsroot/namazu/src/search.c,v
(Bretrieving revision 1.20.2.2
(Bdiff -u -r1.20.2.2 search.c
(B--- src/search.c	1999/09/15 07:54:42	1.20.2.2
(B+++ src/search.c	1999/09/15 08:24:36
(B@@ -48,6 +48,8 @@
(B #include "output.h"
(B #include "search.h"
(B 
(B+enum { ALLOW, DENY } perm;
(B+
(B /************************************************************
(B  *
(B  * Private functions
(B@@ -82,6 +84,9 @@
(B HLIST search_sub(HLIST, uchar*, uchar*, int);
(B void make_fullpathname_index(int);
(B 
(B+int check_accessfile();
(B+void parse_access(uchar *, uchar *, uchar *);
(B+
(B 
(B /* show the status for debug use */
(B void show_status(int l, int r)
(B@@ -569,6 +574,71 @@
(B     }
(B }
(B 
(B+void parse_access(uchar *line, uchar *rhost, uchar *raddr)
(B+{
(B+    /* Skip white spaces */
(B+    line += strspn(line, " \t");
(B+
(B+    if (*line == '\0' || *line == '#') {
(B+	/* Ignore blank line or comment line */
(B+        return;
(B+    }
(B+    if (! strncmp(line, "allow", 5)) {
(B+	line += 5;
(B+	line += strspn(line, " \t");
(B+	if (! strcasecmp(line, "all")) {
(B+	    perm = ALLOW;
(B+	} else if (*raddr && !strprefixcmp(line, raddr)) {
(B+	    /* IP Address : forward match */
(B+	    perm = ALLOW;
(B+	} else if (*rhost && !strsuffixcmp(line, rhost)) {
(B+	    /* Hostname : backword match */
(B+	    perm = ALLOW;
(B+	}
(B+    } else if (! strncmp(line, "deny", 4)) {
(B+	line += 4;
(B+	line += strspn(line, " \t");
(B+	if (! strcasecmp(line, "all")) {
(B+	    perm = DENY;
(B+	} else if (*raddr && !strprefixcmp(line, raddr)) {
(B+	    /* IP Address : forward match */
(B+	    perm = DENY;
(B+	} else if (*rhost && !strsuffixcmp(line, rhost)) {
(B+	    /* Hostname : backword match */
(B+	    perm = DENY;
(B+	}
(B+    }
(B+}
(B+
(B+/*
(B+ * If Access is OK: return 0;
(B+ * else Access is not OK: return 1;
(B+ */
(B+int check_accessfile(void)
(B+{
(B+    uchar buf[BUFSIZE];
(B+    uchar *rhost, *raddr;
(B+    FILE *fp;
(B+
(B+    perm = ALLOW;
(B+    
(B+    rhost = get_env_safely("REMOTE_HOST");
(B+    raddr = get_env_safely("REMOTE_ADDR");
(B+    if (!*rhost)
(B+	rhost = "LOCALHOST";
(B+
(B+    fp = fopen(NMZ.access, "rb");
(B+    if (fp == NULL) {
(B+	return perm;
(B+    }
(B+    while (fgets(buf, BUFSIZE, fp)) {
(B+	chomp(buf);
(B+	parse_access(buf, rhost, raddr);
(B+    }
(B+    fclose(fp);
(B+    return perm;
(B+}
(B+
(B /* opening files at once */
(B int open_index_files()
(B {
(B@@ -711,6 +781,12 @@
(B         }
(B     }
(B 
(B+    if (check_accessfile() == DENY) {
(B+	/* if access denied */
(B+	hlist.n = 0;
(B+	fputx(MSG_ACCESS_DENY_INDEX, stdout);
(B+	return hlist;
(B+    }
(B     if (open_index_files()) {
(B         /* if open failed */
(B         hlist.n = 0;
(B@@ -762,6 +838,7 @@
(B     pathcat(base, NMZ.slog);
(B     pathcat(base, NMZ.field);
(B     pathcat(base, NMZ.t);
(B+    pathcat(base, NMZ.access);
(B }
(B 
(B 
(BIndex: src/var.c
(B===================================================================
(BRCS file: /circus/cvsroot/namazu/src/var.c,v
(Bretrieving revision 1.7.2.2
(Bdiff -u -r1.7.2.2 var.c
(B--- src/var.c	1999/09/15 07:54:42	1.7.2.2
(B+++ src/var.c	1999/09/15 08:24:36
(B@@ -99,7 +99,8 @@
(B     "NMZ.t",
(B     "NMZ.p",
(B     "NMZ.pi",
(B-    "NMZ.tips"
(B+    "NMZ.tips",
(B+    "NMZ.access"
(B };
(B 
(B INDICES Idx;