trunk/src/negcache.c

/*
 *  Copyright (c) 2002-2003 Andy Smith
 *  Copyright (c) 2014-2017 ircd-hybrid development team
 *
 *  This program is free software; you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License as published by
 *  the Free Software Foundation; either version 2 of the License, or
 *  (at your option) any later version.
 *
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU General Public License for more details.
 *
 *  You should have received a copy of the GNU General Public License
 *  along with this program; if not, write to the Free Software
 *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301
 *  USA
 */

/*
 * A Negative caching implementation for IPv4/IPv6 addresses.  The idea is that
 * every time an IP address is seen, it is checked against a patricia trie.  If
 * the IP address was previously seen and within an acceptable period of time,
 * it is not scanned again.  Otherwise, the address is scanned as normal.  If
 * it is proven to be OK (i.e.  it doesn't run an open proxy) then it is added
 * to the trie.
 */

#include "setup.h"

#include <time.h>

#include "list.h"
#include "patricia.h"
#include "negcache.h"
#include "config.h"
#include "memory.h"
#include "log.h"


extern unsigned int OPT_DEBUG;

static list_t negcache_list;
static patricia_tree_t *negcache_trie;


/*
 * Initialise the patricia trie we use for storing our negative cache.
 */
void
negcache_init(void)
{
  if (negcache_trie)
    /* Cache already exists */
    return;

  negcache_trie = patricia_new(PATRICIA_MAXBITS);
}

/*
 * Check whether an IP address is in our negative cache and was added
 * recently enough.  Return a pointer to its node if so, NULL otherwise.
 */
struct negcache_item *
negcache_check(const char *ipstr)
{
  if (OptionsItem->negcache == 0)
    return NULL;

  patricia_node_t *pnode = patricia_try_search_exact(negcache_trie, ipstr);
  if (pnode)
  {
    struct negcache_item *n = pnode->data;

    if (time(NULL) - n->seen <= OptionsItem->negcache)
      return n;
  }

  return NULL;
}

/*
 * Prepare an ASCII string representing an IPv4/IPv6 address for inserting into
 * our negative cache.
 */
void
negcache_insert(const char *ipstr)
{
  patricia_node_t *pnode = patricia_make_and_lookup(negcache_trie, ipstr);
  if (!pnode || pnode->data)
    return;  /* Malformed IP address or already added to the trie */

  struct negcache_item *n = xcalloc(sizeof(*n));
  n->seen = time(NULL);

  pnode->data = n;
  list_add(&negcache_list, node_create(pnode));
}

/*
 * Wrapper for recursive rebuild function.
 */
void
negcache_rebuild(void)
{
  node_t *node, *node_next;

  LIST_FOREACH_SAFE(node, node_next, negcache_list.head)
  {
    patricia_node_t *pnode = node->data;
    struct negcache_item *n = pnode->data;

    if (n->seen + OptionsItem->negcache < time(NULL))
    {
      if (OPT_DEBUG >= 2)
        log_printf("NEGCACHE -> Deleting expired negcache node for %s added at %lu",
                   patricia_prefix_toa(pnode->prefix, 0), n->seen);

      list_remove(&negcache_list, node);
      node_free(node);
      xfree(n);
      patricia_remove(negcache_trie, pnode);
    }
  }
}
Revision:	8185
Committed:	Thu Apr 13 20:19:02 2017 UTC (8 years, 4 months ago) by michael
Content type:	text/x-csrc
File size:	3337 byte(s)
Log Message:	- Avoid list_t initialization via list_create(); scan.c: remove unused MASKS list
#	Content
1	/*
2	* Copyright (c) 2002-2003 Andy Smith
3	* Copyright (c) 2014-2017 ircd-hybrid development team
4	*
5	* This program is free software; you can redistribute it and/or modify
6	* it under the terms of the GNU General Public License as published by
7	* the Free Software Foundation; either version 2 of the License, or
8	* (at your option) any later version.
9	*
10	* This program is distributed in the hope that it will be useful,
11	* but WITHOUT ANY WARRANTY; without even the implied warranty of
12	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13	* GNU General Public License for more details.
14	*
15	* You should have received a copy of the GNU General Public License
16	* along with this program; if not, write to the Free Software
17	* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301
18	* USA
19	*/
20
21	/*
22	* A Negative caching implementation for IPv4/IPv6 addresses. The idea is that
23	* every time an IP address is seen, it is checked against a patricia trie. If
24	* the IP address was previously seen and within an acceptable period of time,
25	* it is not scanned again. Otherwise, the address is scanned as normal. If
26	* it is proven to be OK (i.e. it doesn't run an open proxy) then it is added
27	* to the trie.
28	*/
29
30	#include "setup.h"
31
32	#include <time.h>
33
34	#include "list.h"
35	#include "patricia.h"
36	#include "negcache.h"
37	#include "config.h"
38	#include "memory.h"
39	#include "log.h"
40
41
42	extern unsigned int OPT_DEBUG;
43
44	static list_t negcache_list;
45	static patricia_tree_t *negcache_trie;
46
47
48	/*
49	* Initialise the patricia trie we use for storing our negative cache.
50	*/
51	void
52	negcache_init(void)
53	{
54	if (negcache_trie)
55	/* Cache already exists */
56	return;
57
58	negcache_trie = patricia_new(PATRICIA_MAXBITS);
59	}
60
61	/*
62	* Check whether an IP address is in our negative cache and was added
63	* recently enough. Return a pointer to its node if so, NULL otherwise.
64	*/
65	struct negcache_item *
66	negcache_check(const char *ipstr)
67	{
68	if (OptionsItem->negcache == 0)
69	return NULL;
70
71	patricia_node_t *pnode = patricia_try_search_exact(negcache_trie, ipstr);
72	if (pnode)
73	{
74	struct negcache_item *n = pnode->data;
75
76	if (time(NULL) - n->seen <= OptionsItem->negcache)
77	return n;
78	}
79
80	return NULL;
81	}
82
83	/*
84	* Prepare an ASCII string representing an IPv4/IPv6 address for inserting into
85	* our negative cache.
86	*/
87	void
88	negcache_insert(const char *ipstr)
89	{
90	patricia_node_t *pnode = patricia_make_and_lookup(negcache_trie, ipstr);
91	if (!pnode \|\| pnode->data)
92	return; /* Malformed IP address or already added to the trie */
93
94	struct negcache_item n = xcalloc(sizeof(n));
95	n->seen = time(NULL);
96
97	pnode->data = n;
98	list_add(&negcache_list, node_create(pnode));
99	}
100
101	/*
102	* Wrapper for recursive rebuild function.
103	*/
104	void
105	negcache_rebuild(void)
106	{
107	node_t node, node_next;
108
109	LIST_FOREACH_SAFE(node, node_next, negcache_list.head)
110	{
111	patricia_node_t *pnode = node->data;
112	struct negcache_item *n = pnode->data;
113
114	if (n->seen + OptionsItem->negcache < time(NULL))
115	{
116	if (OPT_DEBUG >= 2)
117	log_printf("NEGCACHE -> Deleting expired negcache node for %s added at %lu",
118	patricia_prefix_toa(pnode->prefix, 0), n->seen);
119
120	list_remove(&negcache_list, node);
121	node_free(node);
122	xfree(n);
123	patricia_remove(negcache_trie, pnode);
124	}
125	}
126	}