hcq/MaxScale
hcq/MaxScale
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

MXS-1346: Rename dbfwfilter instance and session

Browse Source 
Renamed the structures to C++ naming style and added initial declarations
for DbfwSession methods.

The DbfwSession methods are not yet fully implemented which is why parts
of the class are still public. The intention is to use the filter template
when the session class is sufficiently refactored.
This commit is contained in:
Markus Mäkelä 2017-09-04 13:49:44 +03:00
parent fa6f155d29
commit f5401c5244
6 changed files with 67 additions and 56 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
server/modules/filter/dbfwfilter/dbfwfilter.cc
View File

@ -113,10 +113,10 @@ thread_local struct
} this_thread;
bool parse_at_times(const char** tok, char** saveptr, Rule* ruledef);
bool parse_limit_queries(FW_INSTANCE* instance, Rule* ruledef, const char* rule, char** saveptr);
bool parse_limit_queries(Dbfw* instance, Rule* ruledef, const char* rule, char** saveptr);
static void rule_free_all(Rule* rule);
static bool process_rule_file(const char* filename, RuleList* rules, UserMap* users);
bool replace_rules(FW_INSTANCE* instance);
bool replace_rules(Dbfw* instance);
static void print_rule(Rule *rules, char *dest)
{
@ -390,7 +390,7 @@ bool dbfw_reload_rules(const MODULECMD_ARG *argv, json_t** output)
{
bool rval = true;
MXS_FILTER_DEF *filter = argv->argv[0].value.filter;
FW_INSTANCE *inst = (FW_INSTANCE*)filter_def_get_instance(filter);
Dbfw *inst = (Dbfw*)filter_def_get_instance(filter);
if (modulecmd_arg_is_present(argv, 1))
{
@ -451,7 +451,7 @@ bool dbfw_show_rules(const MODULECMD_ARG *argv, json_t** output)
{
DCB *dcb = argv->argv[0].value.dcb;
MXS_FILTER_DEF *filter = argv->argv[1].value.filter;
FW_INSTANCE *inst = (FW_INSTANCE*)filter_def_get_instance(filter);
Dbfw *inst = (Dbfw*)filter_def_get_instance(filter);
dcb_printf(dcb, "Rule, Type, Times Matched\n");
@ -477,7 +477,7 @@ bool dbfw_show_rules(const MODULECMD_ARG *argv, json_t** output)
bool dbfw_show_rules_json(const MODULECMD_ARG *argv, json_t** output)
{
MXS_FILTER_DEF *filter = argv->argv[0].value.filter;
FW_INSTANCE *inst = (FW_INSTANCE*)filter_def_get_instance(filter);
Dbfw *inst = (Dbfw*)filter_def_get_instance(filter);
json_t* arr = json_array();
@ -1096,7 +1096,7 @@ static bool process_rule_file(const char* filename, RuleList* rules, UserMap* us
* @param instance Filter instance
* @return True if the session can continue, false on fatal error.
*/
bool replace_rules(FW_INSTANCE* instance)
bool replace_rules(Dbfw* instance)
{
bool rval = true;
spinlock_acquire(&instance->lock);
@ -1143,7 +1143,7 @@ bool replace_rules(FW_INSTANCE* instance)
static MXS_FILTER *
createInstance(const char *name, char **options, MXS_CONFIG_PARAMETER *params)
{
FW_INSTANCE *my_instance = (FW_INSTANCE*)MXS_CALLOC(1, sizeof(FW_INSTANCE));
Dbfw *my_instance = (Dbfw*)MXS_CALLOC(1, sizeof(Dbfw));
if (my_instance == NULL)
{
@ -1191,17 +1191,8 @@ createInstance(const char *name, char **options, MXS_CONFIG_PARAMETER *params)
*/
static MXS_FILTER_SESSION* newSession(MXS_FILTER *instance, MXS_SESSION *session)
{
FW_INSTANCE *my_instance = (FW_INSTANCE*)instance;
FW_SESSION *my_session = (FW_SESSION*)MXS_CALLOC(1, sizeof(FW_SESSION));
if (my_session)
{
my_session->session = session;
my_session->instance = my_instance;
my_session->errmsg = NULL;
}
return (MXS_FILTER_SESSION*)my_session;
Dbfw *my_instance = (Dbfw*)instance;
return (MXS_FILTER_SESSION*)new (std::nothrow) DbfwSession(my_instance, session);
}
/**
@ -1225,10 +1216,8 @@ closeSession(MXS_FILTER *instance, MXS_FILTER_SESSION *session)
static void
freeSession(MXS_FILTER *instance, MXS_FILTER_SESSION *session)
{
FW_SESSION *my_session = (FW_SESSION *) session;
MXS_FREE(my_session->errmsg);
delete my_session->query_speed;
MXS_FREE(my_session);
DbfwSession *my_session = (DbfwSession*)session;
delete my_session;
}
/**
@ -1242,7 +1231,7 @@ freeSession(MXS_FILTER *instance, MXS_FILTER_SESSION *session)
static void
setDownstream(MXS_FILTER *instance, MXS_FILTER_SESSION *session, MXS_DOWNSTREAM *downstream)
{
FW_SESSION *my_session = (FW_SESSION *) session;
DbfwSession *my_session = (DbfwSession *) session;
my_session->down = *downstream;
}
@ -1371,7 +1360,7 @@ char* create_error(const char* format, ...)
* i.e., whether it is in whitelist or blacklist mode. The point is that
* irrespective of the mode, the query must be rejected.
*/
static char* create_parse_error(FW_INSTANCE* my_instance,
static char* create_parse_error(Dbfw* my_instance,
const char* reason,
const char* query,
bool* matchesp)
@ -1412,8 +1401,8 @@ static char* create_parse_error(FW_INSTANCE* my_instance,
* @param query Pointer to the null-terminated query string
* @return true if the query matches the rule
*/
bool rule_matches(FW_INSTANCE* my_instance,
FW_SESSION* my_session,
bool rule_matches(Dbfw* my_instance,
DbfwSession* my_session,
GWBUF *queue,
SRule rule,
char* query)
@ -1677,7 +1666,7 @@ routeQuery(MXS_FILTER *instance, MXS_FILTER_SESSION *session, GWBUF *queue)
static void
diagnostic(MXS_FILTER *instance, MXS_FILTER_SESSION *fsession, DCB *dcb)
{
FW_INSTANCE *my_instance = (FW_INSTANCE *) instance;
Dbfw *my_instance = (Dbfw *) instance;
dcb_printf(dcb, "Firewall Filter\n");
dcb_printf(dcb, "Rule, Type, Times Matched\n");

36
server/modules/filter/dbfwfilter/dbfwfilter.hh
View File

@ -169,20 +169,42 @@ typedef struct
int idgen; /*< UID generator */
char *rulefile; /*< Path to the rule file */
int rule_version; /*< Latest rule file version, incremented on reload */
} FW_INSTANCE;
} Dbfw;
class User;
typedef std::tr1::shared_ptr<User> SUser;
/**
* The session structure for Firewall filter.
*/
typedef struct
class DbfwSession
{
MXS_SESSION *session; /*< Client session structure */
char *errmsg; /*< Rule specific error message */
DbfwSession(const DbfwSession&);
DbfwSession& operator=(const DbfwSession&);
public:
DbfwSession(Dbfw* instance, MXS_SESSION* session);
~DbfwSession();
void set_error(std::string error);
std::string get_error() const;
void clear_error();
int send_error();
std::string user() const;
std::string remote() const;
int routeQuery(GWBUF* query);
QuerySpeed *query_speed; /*< How fast the user has executed queries */
MXS_DOWNSTREAM down; /*< Next object in the downstream chain */
MXS_UPSTREAM up; /*< Next object in the upstream chain */
FW_INSTANCE *instance; /*< Router instance */
} FW_SESSION;
Dbfw *instance; /*< Router instance */
private:
MXS_SESSION *session; /*< Client session structure */
std::string m_error; /*< Rule specific error message */
};
/** Typedef for a list of strings */
typedef std::list<std::string> ValueList;
@ -197,6 +219,6 @@ char* create_error(const char* format, ...);
/**
* Check if a rule matches
*/
bool rule_matches(FW_INSTANCE* my_instance, FW_SESSION* my_session,
bool rule_matches(Dbfw* my_instance, DbfwSession* my_session,
GWBUF *queue, SRule rule, char* query);
bool rule_is_active(SRule rule);

16
server/modules/filter/dbfwfilter/rules.cc
View File

@ -39,7 +39,7 @@ Rule::~Rule()
{
}
bool Rule::matches_query(FW_SESSION* session, GWBUF* buffer, char** msg) const
bool Rule::matches_query(DbfwSession* session, GWBUF* buffer, char** msg) const
{
*msg = create_error("Permission denied at this time.");
MXS_NOTICE("rule '%s': query denied at this time.", name().c_str());
@ -66,7 +66,7 @@ const std::string& Rule::type() const
return m_type;
}
bool WildCardRule::matches_query(FW_SESSION* session, GWBUF* buffer, char** msg) const
bool WildCardRule::matches_query(DbfwSession* session, GWBUF* buffer, char** msg) const
{
bool rval = false;
@ -90,7 +90,7 @@ bool WildCardRule::matches_query(FW_SESSION* session, GWBUF* buffer, char** msg)
return rval;
}
bool NoWhereClauseRule::matches_query(FW_SESSION* session, GWBUF* buffer, char** msg) const
bool NoWhereClauseRule::matches_query(DbfwSession* session, GWBUF* buffer, char** msg) const
{
bool rval = false;
@ -105,7 +105,7 @@ bool NoWhereClauseRule::matches_query(FW_SESSION* session, GWBUF* buffer, char**
return rval;
}
bool RegexRule::matches_query(FW_SESSION* session, GWBUF* buffer, char** msg) const
bool RegexRule::matches_query(DbfwSession* session, GWBUF* buffer, char** msg) const
{
bool rval = false;
@ -132,7 +132,7 @@ bool RegexRule::matches_query(FW_SESSION* session, GWBUF* buffer, char** msg) co
return rval;
}
bool ColumnsRule::matches_query(FW_SESSION* session, GWBUF* buffer, char** msg) const
bool ColumnsRule::matches_query(DbfwSession* session, GWBUF* buffer, char** msg) const
{
bool rval = false;
@ -162,7 +162,7 @@ bool ColumnsRule::matches_query(FW_SESSION* session, GWBUF* buffer, char** msg)
}
bool FunctionRule::matches_query(FW_SESSION* session, GWBUF* buffer, char** msg) const
bool FunctionRule::matches_query(DbfwSession* session, GWBUF* buffer, char** msg) const
{
bool rval = false;
@ -199,7 +199,7 @@ bool FunctionRule::matches_query(FW_SESSION* session, GWBUF* buffer, char** msg)
return rval;
}
bool FunctionUsageRule::matches_query(FW_SESSION* session, GWBUF* buffer, char** msg) const
bool FunctionUsageRule::matches_query(DbfwSession* session, GWBUF* buffer, char** msg) const
{
if (query_is_sql(buffer))
{
@ -228,7 +228,7 @@ bool FunctionUsageRule::matches_query(FW_SESSION* session, GWBUF* buffer, char**
return false;
}
bool LimitQueriesRule::matches_query(FW_SESSION* session, GWBUF* buffer, char** msg) const
bool LimitQueriesRule::matches_query(DbfwSession* session, GWBUF* buffer, char** msg) const
{
if (session->query_speed == NULL)
{

16
server/modules/filter/dbfwfilter/rules.hh
View File

@ -30,7 +30,7 @@ class Rule
public:
Rule(std::string name, std::string type = "PERMISSION");
virtual ~Rule();
virtual bool matches_query(FW_SESSION* session, GWBUF* buffer, char** msg) const;
virtual bool matches_query(DbfwSession* session, GWBUF* buffer, char** msg) const;
virtual bool need_full_parsing(GWBUF* buffer) const
{
@ -73,7 +73,7 @@ public:
return true;
}
bool matches_query(FW_SESSION* session, GWBUF* buffer, char** msg) const;
bool matches_query(DbfwSession* session, GWBUF* buffer, char** msg) const;
};
/**
@ -99,7 +99,7 @@ public:
return true;
}
bool matches_query(FW_SESSION* session, GWBUF* buffer, char** msg) const;
bool matches_query(DbfwSession* session, GWBUF* buffer, char** msg) const;
};
@ -138,7 +138,7 @@ public:
{
}
bool matches_query(FW_SESSION* session, GWBUF* buffer, char** msg) const;
bool matches_query(DbfwSession* session, GWBUF* buffer, char** msg) const;
};
/**
@ -155,7 +155,7 @@ public:
{
}
bool matches_query(FW_SESSION* session, GWBUF* buffer, char** msg) const;
bool matches_query(DbfwSession* session, GWBUF* buffer, char** msg) const;
};
@ -173,7 +173,7 @@ public:
{
}
bool matches_query(FW_SESSION* session, GWBUF* buffer, char** msg) const;
bool matches_query(DbfwSession* session, GWBUF* buffer, char** msg) const;
};
@ -203,7 +203,7 @@ public:
return true;
}
bool matches_query(FW_SESSION* session, GWBUF* buffer, char** msg) const;
bool matches_query(DbfwSession* session, GWBUF* buffer, char** msg) const;
private:
int m_max;
@ -235,7 +235,7 @@ public:
return false;
}
bool matches_query(FW_SESSION* session, GWBUF* buffer, char** msg) const;
bool matches_query(DbfwSession* session, GWBUF* buffer, char** msg) const;
private:
mxs::Closer<pcre2_code*> m_re;

6
server/modules/filter/dbfwfilter/user.cc
View File

@ -67,7 +67,7 @@ static bool should_match(GWBUF* buffer)
* @param user The user whose rules are checked
* @return True if the query matches at least one of the rules otherwise false
*/
bool User::match_any(FW_INSTANCE* my_instance, FW_SESSION* my_session,
bool User::match_any(Dbfw* my_instance, DbfwSession* my_session,
GWBUF *queue, char** rulename)
{
@ -110,7 +110,7 @@ bool User::match_any(FW_INSTANCE* my_instance, FW_SESSION* my_session,
*
* @return True if the query matches all of the rules otherwise false
*/
bool User::do_match(FW_INSTANCE* my_instance, FW_SESSION* my_session,
bool User::do_match(Dbfw* my_instance, DbfwSession* my_session,
GWBUF *queue, match_mode mode, char** rulename)
{
bool rval = false;
@ -166,7 +166,7 @@ bool User::do_match(FW_INSTANCE* my_instance, FW_SESSION* my_session,
return rval;
}
bool User::match(FW_INSTANCE* instance, FW_SESSION* session, GWBUF* buffer, char** rulename)
bool User::match(Dbfw* instance, DbfwSession* session, GWBUF* buffer, char** rulename)
{
return match_any(instance, session, buffer, rulename) ||
do_match(instance, session, buffer, User::ALL, rulename) ||

6
server/modules/filter/dbfwfilter/user.hh
View File

@ -74,7 +74,7 @@ public:
*
* @return True if query matches
*/
bool match(FW_INSTANCE* instance, FW_SESSION* session, GWBUF* buffer, char** rulename);
bool match(Dbfw* instance, DbfwSession* session, GWBUF* buffer, char** rulename);
private:
@ -93,9 +93,9 @@ private:
/**
* Functions for matching rules
*/
bool match_any(FW_INSTANCE* my_instance, FW_SESSION* my_session,
bool match_any(Dbfw* my_instance, DbfwSession* my_session,
GWBUF *queue, char** rulename);
bool do_match(FW_INSTANCE* my_instance, FW_SESSION* my_session,
bool do_match(Dbfw* my_instance, DbfwSession* my_session,
GWBUF *queue, match_mode mode, char** rulename);
};