example/blacklist_0/blacklist_0.c - trafficserver - Git at Google

 /** @file

   A brief file description

   @section license License

   Licensed to the Apache Software Foundation (ASF) under one
   or more contributor license agreements.  See the NOTICE file
   distributed with this work for additional information
   regarding copyright ownership.  The ASF licenses this file
   to you under the Apache License, Version 2.0 (the
   "License"); you may not use this file except in compliance
   with the License.  You may obtain a copy of the License at

       http://www.apache.org/licenses/LICENSE-2.0

   Unless required by applicable law or agreed to in writing, software
   distributed under the License is distributed on an "AS IS" BASIS,
   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
   See the License for the specific language governing permissions and
   limitations under the License.
  */

 /*
  *   blacklist_0.c:
  *	original version of blacklist-1, now used for internal testing
  *
  *
  *	Usage:
  *
  */

 #include <stdio.h>
 #include <string.h>
 #include <ts/ts.h>

 #define PLUGIN_NAME "blacklist_0"

 static char **sites;
 static int nsites;

 static void
 handle_dns(TSHttpTxn txnp, TSCont contp)
 {
   TSMBuffer bufp;
   TSMLoc hdr_loc;
   TSMLoc url_loc;
   const char *host;
   int i;
   int host_length;

   if (TSHttpTxnClientReqGet(txnp, &bufp, &hdr_loc) != TS_SUCCESS) {
     TSError("[%s] Couldn't retrieve client request header", PLUGIN_NAME);
     goto done;
   }

   if (TSHttpHdrUrlGet(bufp, hdr_loc, &url_loc) != TS_SUCCESS) {
     TSError("[%s] Couldn't retrieve request url", PLUGIN_NAME);
     TSHandleMLocRelease(bufp, TS_NULL_MLOC, hdr_loc);
     goto done;
   }

   host = TSUrlHostGet(bufp, url_loc, &host_length);
   if (!host) {
     TSError("[%s] Couldn't retrieve request hostname", PLUGIN_NAME);
     TSHandleMLocRelease(bufp, hdr_loc, url_loc);
     TSHandleMLocRelease(bufp, TS_NULL_MLOC, hdr_loc);
     goto done;
   }
   for (i = 0; i < nsites; i++) {
     if (strncmp(host, sites[i], host_length) == 0) {
       printf("blacklisting site: %s\n", sites[i]);
       TSHttpTxnHookAdd(txnp, TS_HTTP_SEND_RESPONSE_HDR_HOOK, contp);
       TSHandleMLocRelease(bufp, hdr_loc, url_loc);
       TSHandleMLocRelease(bufp, TS_NULL_MLOC, url_loc);
       TSHttpTxnReenable(txnp, TS_EVENT_HTTP_ERROR);
       return;
     }
   }
   TSHandleMLocRelease(bufp, hdr_loc, url_loc);
   TSHandleMLocRelease(bufp, TS_NULL_MLOC, hdr_loc);

 done:
   TSHttpTxnReenable(txnp, TS_EVENT_HTTP_CONTINUE);
 }

 static void
 handle_response(TSHttpTxn txnp)
 {
   TSMBuffer bufp;
   TSMLoc hdr_loc;
   TSMLoc url_loc;
   char *url_str;
   char *buf;
   int url_length;

   if (TSHttpTxnClientRespGet(txnp, &bufp, &hdr_loc) != TS_SUCCESS) {
     TSError("[%s] Couldn't retrieve client response header", PLUGIN_NAME);
     goto done;
   }

   TSHttpHdrStatusSet(bufp, hdr_loc, TS_HTTP_STATUS_FORBIDDEN);
   TSHttpHdrReasonSet(bufp, hdr_loc, TSHttpHdrReasonLookup(TS_HTTP_STATUS_FORBIDDEN),
                      strlen(TSHttpHdrReasonLookup(TS_HTTP_STATUS_FORBIDDEN)));

   if (TSHttpTxnClientReqGet(txnp, &bufp, &hdr_loc) != TS_SUCCESS) {
     TSError("[%s] Couldn't retrieve client request header", PLUGIN_NAME);
     TSHandleMLocRelease(bufp, TS_NULL_MLOC, hdr_loc);
     goto done;
   }

   if (TSHttpHdrUrlGet(bufp, hdr_loc, &url_loc) != TS_SUCCESS) {
     TSError("[%s] Couldn't retrieve request url", PLUGIN_NAME);
     TSHandleMLocRelease(bufp, TS_NULL_MLOC, hdr_loc);
     goto done;
   }

   buf = TSmalloc(4096);

   url_str = TSUrlStringGet(bufp, url_loc, &url_length);
   sprintf(buf, "You are forbidden from accessing \"%s\"\n", url_str);
   TSfree(url_str);
   TSHandleMLocRelease(bufp, hdr_loc, url_loc);
   TSHandleMLocRelease(bufp, TS_NULL_MLOC, hdr_loc);

   TSHttpTxnErrorBodySet(txnp, buf, strlen(buf), NULL);

 done:
   TSHttpTxnReenable(txnp, TS_EVENT_HTTP_CONTINUE);
 }

 static int
 blacklist_plugin(TSCont contp, TSEvent event, void *edata)
 {
   TSHttpTxn txnp = (TSHttpTxn)edata;

   switch (event) {
   case TS_EVENT_HTTP_OS_DNS:
     handle_dns(txnp, contp);
     return 0;
   case TS_EVENT_HTTP_SEND_RESPONSE_HDR:
     handle_response(txnp);
     return 0;
   default:
     break;
   }
   return 0;
 }

 void
 TSPluginInit(int argc, const char *argv[])
 {
   int i;
   TSPluginRegistrationInfo info;

   info.plugin_name   = PLUGIN_NAME;
   info.vendor_name   = "Apache Software Foundation";
   info.support_email = "dev@trafficserver.apache.org";

   if (TSPluginRegister(&info) != TS_SUCCESS) {
     TSError("[%s] Plugin registration failed", PLUGIN_NAME);
   }

   nsites = argc - 1;
   if (nsites > 0) {
     sites = (char **)TSmalloc(sizeof(char *) * nsites);

     for (i = 0; i < nsites; i++) {
       sites[i] = TSstrdup(argv[i + 1]);
     }

     TSHttpHookAdd(TS_HTTP_OS_DNS_HOOK, TSContCreate(blacklist_plugin, NULL));
   }
 }
	/** @file

	A brief file description

	@section license License

	Licensed to the Apache Software Foundation (ASF) under one
	or more contributor license agreements. See the NOTICE file
	distributed with this work for additional information
	regarding copyright ownership. The ASF licenses this file
	to you under the Apache License, Version 2.0 (the
	"License"); you may not use this file except in compliance
	with the License. You may obtain a copy of the License at

	http://www.apache.org/licenses/LICENSE-2.0

	Unless required by applicable law or agreed to in writing, software
	distributed under the License is distributed on an "AS IS" BASIS,
	WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	See the License for the specific language governing permissions and
	limitations under the License.
	*/

	/*
	* blacklist_0.c:
	* original version of blacklist-1, now used for internal testing
	*
	*
	* Usage:
	*
	*/

	#include <stdio.h>
	#include <string.h>
	#include <ts/ts.h>

	#define PLUGIN_NAME "blacklist_0"

	static char **sites;
	static int nsites;

	static void
	handle_dns(TSHttpTxn txnp, TSCont contp)
	{
	TSMBuffer bufp;
	TSMLoc hdr_loc;
	TSMLoc url_loc;
	const char *host;
	int i;
	int host_length;

	if (TSHttpTxnClientReqGet(txnp, &bufp, &hdr_loc) != TS_SUCCESS) {
	TSError("[%s] Couldn't retrieve client request header", PLUGIN_NAME);
	goto done;
	}

	if (TSHttpHdrUrlGet(bufp, hdr_loc, &url_loc) != TS_SUCCESS) {
	TSError("[%s] Couldn't retrieve request url", PLUGIN_NAME);
	TSHandleMLocRelease(bufp, TS_NULL_MLOC, hdr_loc);
	goto done;
	}

	host = TSUrlHostGet(bufp, url_loc, &host_length);
	if (!host) {
	TSError("[%s] Couldn't retrieve request hostname", PLUGIN_NAME);
	TSHandleMLocRelease(bufp, hdr_loc, url_loc);
	TSHandleMLocRelease(bufp, TS_NULL_MLOC, hdr_loc);
	goto done;
	}
	for (i = 0; i < nsites; i++) {
	if (strncmp(host, sites[i], host_length) == 0) {
	printf("blacklisting site: %s\n", sites[i]);
	TSHttpTxnHookAdd(txnp, TS_HTTP_SEND_RESPONSE_HDR_HOOK, contp);
	TSHandleMLocRelease(bufp, hdr_loc, url_loc);
	TSHandleMLocRelease(bufp, TS_NULL_MLOC, url_loc);
	TSHttpTxnReenable(txnp, TS_EVENT_HTTP_ERROR);
	return;
	}
	}
	TSHandleMLocRelease(bufp, hdr_loc, url_loc);
	TSHandleMLocRelease(bufp, TS_NULL_MLOC, hdr_loc);

	done:
	TSHttpTxnReenable(txnp, TS_EVENT_HTTP_CONTINUE);
	}

	static void
	handle_response(TSHttpTxn txnp)
	{
	TSMBuffer bufp;
	TSMLoc hdr_loc;
	TSMLoc url_loc;
	char *url_str;
	char *buf;
	int url_length;

	if (TSHttpTxnClientRespGet(txnp, &bufp, &hdr_loc) != TS_SUCCESS) {
	TSError("[%s] Couldn't retrieve client response header", PLUGIN_NAME);
	goto done;
	}

	TSHttpHdrStatusSet(bufp, hdr_loc, TS_HTTP_STATUS_FORBIDDEN);
	TSHttpHdrReasonSet(bufp, hdr_loc, TSHttpHdrReasonLookup(TS_HTTP_STATUS_FORBIDDEN),
	strlen(TSHttpHdrReasonLookup(TS_HTTP_STATUS_FORBIDDEN)));

	if (TSHttpTxnClientReqGet(txnp, &bufp, &hdr_loc) != TS_SUCCESS) {
	TSError("[%s] Couldn't retrieve client request header", PLUGIN_NAME);
	TSHandleMLocRelease(bufp, TS_NULL_MLOC, hdr_loc);
	goto done;
	}

	if (TSHttpHdrUrlGet(bufp, hdr_loc, &url_loc) != TS_SUCCESS) {
	TSError("[%s] Couldn't retrieve request url", PLUGIN_NAME);
	TSHandleMLocRelease(bufp, TS_NULL_MLOC, hdr_loc);
	goto done;
	}

	buf = TSmalloc(4096);

	url_str = TSUrlStringGet(bufp, url_loc, &url_length);
	sprintf(buf, "You are forbidden from accessing \"%s\"\n", url_str);
	TSfree(url_str);
	TSHandleMLocRelease(bufp, hdr_loc, url_loc);
	TSHandleMLocRelease(bufp, TS_NULL_MLOC, hdr_loc);

	TSHttpTxnErrorBodySet(txnp, buf, strlen(buf), NULL);

	done:
	TSHttpTxnReenable(txnp, TS_EVENT_HTTP_CONTINUE);
	}

	static int
	blacklist_plugin(TSCont contp, TSEvent event, void *edata)
	{
	TSHttpTxn txnp = (TSHttpTxn)edata;

	switch (event) {
	case TS_EVENT_HTTP_OS_DNS:
	handle_dns(txnp, contp);
	return 0;
	case TS_EVENT_HTTP_SEND_RESPONSE_HDR:
	handle_response(txnp);
	return 0;
	default:
	break;
	}
	return 0;
	}

	void
	TSPluginInit(int argc, const char *argv[])
	{
	int i;
	TSPluginRegistrationInfo info;

	info.plugin_name = PLUGIN_NAME;
	info.vendor_name = "Apache Software Foundation";
	info.support_email = "dev@trafficserver.apache.org";

	if (TSPluginRegister(&info) != TS_SUCCESS) {
	TSError("[%s] Plugin registration failed", PLUGIN_NAME);
	}

	nsites = argc - 1;
	if (nsites > 0) {
	sites = (char *)TSmalloc(sizeof(char ) * nsites);

	for (i = 0; i < nsites; i++) {
	sites[i] = TSstrdup(argv[i + 1]);
	}

	TSHttpHookAdd(TS_HTTP_OS_DNS_HOOK, TSContCreate(blacklist_plugin, NULL));
	}
	}