client/trustedipsmanager.cc - infra/goma/client - Git at Google

 // Copyright 2011 The Goma Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.


 #include "trustedipsmanager.h"

 #include <stdlib.h>
 #ifndef _WIN32
 #include <arpa/inet.h>
 #include <netinet/in.h>
 #include <sys/socket.h>
 #endif

 #include <sstream>

 #include "absl/strings/str_join.h"
 #include "absl/strings/str_split.h"
 #include "glog/logging.h"
 #include "util.h"

 namespace devtools_goma {

 TrustedIpsManager::TrustedIpsManager() {
   // Always allow from localhost.
   AddAllow("127.0.0.1");
 }

 TrustedIpsManager::~TrustedIpsManager() {
 }

 void TrustedIpsManager::AddAllow(const string& netspec) {
   trusted_.push_back(NetSpec(netspec));
 }

 bool TrustedIpsManager::IsTrustedClient(const struct in_addr& addr) const {
   for (std::vector<NetSpec>::const_iterator iter = trusted_.begin();
        iter != trusted_.end();
        ++iter) {
     if (iter->Match(addr))
       return true;
   }
   return false;
 }

 string TrustedIpsManager::DebugString() const {
   std::ostringstream out;
   out << "TrustedClients[";
   std::vector<string> res;
   for (std::vector<NetSpec>::const_iterator iter = trusted_.begin();
        iter != trusted_.end();
        ++iter) {
     res.push_back(iter->DebugString());
   }
   string netspecs = absl::StrJoin(res, ",");
   out << netspecs;
   out << "]";
   return out.str();
 }

 TrustedIpsManager::NetSpec::NetSpec(const string& netspec)
     : netmask_(0xffffffff) {
   std::vector<string> res = ToVector(absl::StrSplit(netspec, '/'));
   CHECK(res.size() == 1 || res.size() == 2)
       << "Wrong format of netspec:" << netspec;
   inet_aton(res[0].c_str(), &in_addr_);
   if (res.size() == 2) {
     int masklen = atoi(res[1].c_str());
     CHECK_LE(masklen, 32);
     if (masklen == 0) {
       netmask_ = 0;
     } else {
       netmask_ = 0xffffffff << (32 - masklen);
     }
   }
   in_addr_.s_addr = htonl(ntohl(in_addr_.s_addr) & netmask_);
 }

 TrustedIpsManager::NetSpec::~NetSpec() {
 }

 bool TrustedIpsManager::NetSpec::Match(const struct in_addr& addr) const {
   return (ntohl(addr.s_addr) & netmask_) == ntohl(in_addr_.s_addr);
 }

 string TrustedIpsManager::NetSpec::DebugString() const {
   std::ostringstream out;
   char buf[128];
   out << inet_ntop(AF_INET, const_cast<in_addr*>(&in_addr_), buf, sizeof buf)
       << "/" << std::hex << netmask_;
   return out.str();
 }

 }  // namespace devtools_goma
	// Copyright 2011 The Goma Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.


	#include "trustedipsmanager.h"

	#include <stdlib.h>
	#ifndef _WIN32
	#include <arpa/inet.h>
	#include <netinet/in.h>
	#include <sys/socket.h>
	#endif

	#include <sstream>

	#include "absl/strings/str_join.h"
	#include "absl/strings/str_split.h"
	#include "glog/logging.h"
	#include "util.h"

	namespace devtools_goma {

	TrustedIpsManager::TrustedIpsManager() {
	// Always allow from localhost.
	AddAllow("127.0.0.1");
	}

	TrustedIpsManager::~TrustedIpsManager() {
	}

	void TrustedIpsManager::AddAllow(const string& netspec) {
	trusted_.push_back(NetSpec(netspec));
	}

	bool TrustedIpsManager::IsTrustedClient(const struct in_addr& addr) const {
	for (std::vector<NetSpec>::const_iterator iter = trusted_.begin();
	iter != trusted_.end();
	++iter) {
	if (iter->Match(addr))
	return true;
	}
	return false;
	}

	string TrustedIpsManager::DebugString() const {
	std::ostringstream out;
	out << "TrustedClients[";
	std::vector<string> res;
	for (std::vector<NetSpec>::const_iterator iter = trusted_.begin();
	iter != trusted_.end();
	++iter) {
	res.push_back(iter->DebugString());
	}
	string netspecs = absl::StrJoin(res, ",");
	out << netspecs;
	out << "]";
	return out.str();
	}

	TrustedIpsManager::NetSpec::NetSpec(const string& netspec)
	: netmask_(0xffffffff) {
	std::vector<string> res = ToVector(absl::StrSplit(netspec, '/'));
	CHECK(res.size() == 1 \|\| res.size() == 2)
	<< "Wrong format of netspec:" << netspec;
	inet_aton(res[0].c_str(), &in_addr_);
	if (res.size() == 2) {
	int masklen = atoi(res[1].c_str());
	CHECK_LE(masklen, 32);
	if (masklen == 0) {
	netmask_ = 0;
	} else {
	netmask_ = 0xffffffff << (32 - masklen);
	}
	}
	in_addr_.s_addr = htonl(ntohl(in_addr_.s_addr) & netmask_);
	}

	TrustedIpsManager::NetSpec::~NetSpec() {
	}

	bool TrustedIpsManager::NetSpec::Match(const struct in_addr& addr) const {
	return (ntohl(addr.s_addr) & netmask_) == ntohl(in_addr_.s_addr);
	}

	string TrustedIpsManager::NetSpec::DebugString() const {
	std::ostringstream out;
	char buf[128];
	out << inet_ntop(AF_INET, const_cast<in_addr*>(&in_addr_), buf, sizeof buf)
	<< "/" << std::hex << netmask_;
	return out.str();
	}

	} // namespace devtools_goma