pxyscand/src/PXConfigLoader.cc

/* Copyright (C) 2003 Stephane Thiell
 *
 * This file is part of pxyservd (from pxys)
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation; either version 2
 * of the License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
 *
 */
#define RCSID "$Id: PXConfigLoader.cc,v 1.3 2004/01/02 00:33:03 mbuna Exp $"

#ifdef HAVE_CONFIG_H
#include "config.h"
#endif

#include "PXConfigLoader.h"
#include "PXConfig.h"

#include <iostream>

#include <arpa/inet.h>

// XPaths...

#define XP_OPAS                        "/pxyscand/opas"
#define XP_OPAS_PORT                   "port"
#define XP_OPAS_BIND_ADDRESS           "bind-address"
#define XP_OPAS_PROTOCOL               "protocol"
#define XP_OPAS_ALLOW                  "allow"
// TODO: deny
#define XP_OPAS_LIMIT                  "limit"

#define XP_SCANNER                     "/pxyscand/scanner"
#define XP_SCANNER_MAXSCANS            "maxscans"
#define XP_SCANNER_MODULE_TYPE_ATTR    "module/@type"
#define XP_SCANNER_MODULE              "module[@type]"
#define XP_SCANNER_SOURCE_POOL         "source-pool"
#define XP_SCANNER_SOURCE_POOL_ADDRESS "address"
#define XP_SCANNER_TARGET              "target"
#define XP_SCANNER_TARGET_ADDRESS      "address"
#define XP_SCANNER_TARGET_PORT         "port"
#define XP_SCANNER_TARGET_CHECK        "target-check"
#define XP_SCANNER_LOG_AGENT           "log-agent"
#define XP_SCANNER_TIMEOUT             "timeout"
#define XP_SCANNER_STRING              "string"

#define XP_CACHE                       "/pxyscand/cache"
#define XP_CACHE_DIRECTORY             "directory"
#define XP_CACHE_EXPIRE                "expire"
#define XP_CACHE_PROXY_EXPIRE          "proxy-expire"
#define XP_CACHE_MAXIPS                "maxips"

#define XP_NOSCAN                      "/pxyscand/noscan"
#define XP_NOSCAN_ADDRESS              "address"

using std::cout;
using std::endl;

PXConfigLoader::PXConfigLoader(const char *inFile)
  : PXXMLXPathLoaderImp(inFile)
  {
  }

PXConfigLoader::~PXConfigLoader()
  {
  }


bool
PXConfigLoader::StringToNetworkNetmask(const char *str,
                                       in_addr &oNet,
                                       in_addr &oMask)
  {
  char ipbuf[16];
  size_t len, j;
  int k, dot = 0;
  char *p;
  
  if ((p = strchr(str, '/')) == NULL)
    oMask.s_addr = htonl(0xffffffff);
  else
    {
    *p++ = '\0';
    if (!strchr(p, '.'))
      {
      int nbits;
            
      if ((nbits = atoi(p)) > 0 && nbits <= 32)
        oMask.s_addr = htonl(~(0xffffffff >> nbits));
      }
    else if (inet_pton(AF_INET, p, &oNet) == -1)
      return false;
    }
  
  len = strlen(str);
  len = len < sizeof(ipbuf) ? len : sizeof(ipbuf) - 1;
  for (j = 0; j < len; j++)
    {
    if (str[j] == '.')
      dot++;
    ipbuf[j] = str[j];
    }
  if (dot > 4 || len >= sizeof(ipbuf) - ((3 - dot) * 2))
    return false;
  
  for (k = 0; k < 3 - dot; k++)
    {
    ipbuf[j++] = '.';
    ipbuf[j++] = '0';
    }
  
  assert(j < sizeof(ipbuf));
  ipbuf[j] = '\0';
  
  if (inet_pton(AF_INET, ipbuf, &oNet) == -1)
    return false;
  
  return true;
  }

PXConfig *
PXConfigLoader::Load()
  {
  PXConfig *cfg = new PXConfig;
  try
    {
    this->DoLoad(cfg);
    }
  catch (...)
    {
    delete cfg;
    throw;
    }
  return cfg;
  }

void
PXConfigLoader::DoLoad(PXConfig *cfg)
  {
  xmlXPathObjectPtr o, o2;
  
  if ((o = this->EvalUnique(XP_OPAS)))
    {
    StPXXPathContextNode cxNode(&mCx->node, o->nodesetval->nodeTab[0]);
    
    /* OPAS Port */
    cfg->opas.port = this->GetInteger(XP_OPAS_PORT, 0, 1);
    
    /* OPAS local address (bind) */
    this->GetAddress(XP_OPAS_BIND_ADDRESS, 0, 0, "opas/bind-address",
                     &cfg->opas.local_address);
    
    /* Protocol(s) to enable (tcp, udp) */
    o2 = this->Eval(XP_OPAS_PROTOCOL);
    if (!o2 || !o2->nodesetval->nodeNr)
      PXXMLException::Throw("Missing parameter", "opas/protocol");
    cfg->opas.proto.reserve(o2->nodesetval->nodeNr);
    for (int i = 0; i < o2->nodesetval->nodeNr; i++)
      {
      xmlChar *s;
      xmlNodePtr n;
      n = o2->nodesetval->nodeTab[i]->xmlChildrenNode;
      if (!(s = xmlNodeListGetString(mDoc, n, 1)))
        PXXMLException::Throw("Empty protocol, use: tcp or udp",
                              "opas/protocol");
      if (!strcmp((char *)s, "tcp"))
        cfg->opas.proto.push_back(PXOPAS_PROTO_TCP);
      else if (!strcmp((char *)s, "udp"))
        cfg->opas.proto.push_back(PXOPAS_PROTO_UDP);
      else
        {
        xmlFree(s);
        PXXMLException::Throw("Unknown protocol (use: tcp or udp)",
                              "opas/protocol");
        }
      xmlFree(s);
      }
    xmlXPathFreeObject(o2);
    
    /* Allowed IPs */
    o2 = this->Eval(XP_OPAS_ALLOW);
    if (!o2 || !o2->nodesetval->nodeNr)
      PXXMLException::Throw("Missing parameter", "opas/allow");
    cfg->opas.allow.reserve(o2->nodesetval->nodeNr);
    for (int i = 0; i < o2->nodesetval->nodeNr; i++)
      {
      xmlChar *s;
      xmlNodePtr n;
      in_addr addr;
      
      n = o2->nodesetval->nodeTab[i]->xmlChildrenNode;
      if (!(s = xmlNodeListGetString(mDoc, n, 1)))
        PXXMLException::Throw("Empty allow field", "opas/allow");
      int res = inet_pton(AF_INET, (char *)s, &addr);
      xmlFree(s);
      if (res == -1)
        PXXMLException::Throw("Bad IP address", "opas/allow");
      cfg->opas.allow.push_back(addr);
      }
    xmlXPathFreeObject(o2);
    
    /* OPAS limit */
    cfg->opas.limit = this->GetInteger(XP_OPAS_LIMIT, 0, 1);
    
    xmlXPathFreeObject(o);
    }
  
  if ((o = this->EvalUnique(XP_SCANNER)))
    {
    StPXXPathContextNode cxNode(&mCx->node, o->nodesetval->nodeTab[0]);
    
    cfg->scanner.maxscans = this->GetInteger(XP_SCANNER_MAXSCANS, 0, 1);
    if (cfg->scanner.maxscans <= 0)
      cfg->scanner.maxscans = 100; // bah
    
    if (!(o2 = this->Eval(XP_SCANNER_MODULE_TYPE_ATTR)))
      PXXMLException::Throw("Missing parameter", "scanner/module");
    else
      {
      cfg->scanner.modules.reserve(o2->nodesetval->nodeNr);
      for (int i = 0; i < o2->nodesetval->nodeNr; i++)
        {
        PXConfigModule m;
        xmlChar *s;
        xmlNodePtr n = o2->nodesetval->nodeTab[i]->xmlChildrenNode;
        
        if (!(s = xmlNodeListGetString(mDoc, n, 1)))
          PXXMLException::Throw("Empty type attribute not allowed",
                                "scanner/module");
        
        m.port = 0; // only used for http scan module
        
        if (!xmlStrcasecmp(s, (xmlChar*)"wingate"))
          m.id = CONFIG_MODULE_WINGATE;
        else if (!xmlStrcasecmp(s, (xmlChar*)"socks"))
          m.id = CONFIG_MODULE_SOCKS;
        else if (!xmlStrcmp(s, (xmlChar*)"http"))
          {
          m.id = CONFIG_MODULE_HTTP;
          m.port = this->GetInteger(XP_SCANNER_MODULE, i, 65536);
          // Note: port 0 not allowed for convenience.
          if (m.port <= 0 || m.port >= 65536)
            PXXMLException::Throw("Bad proxy port number", "scanner/module");
          }
        else if (!xmlStrcasecmp(s, (xmlChar*)"crazybandit"))
          m.id = CONFIG_MODULE_CRAZYBANDIT;
        
        /* Handle new module type here. */
        
        else
          PXXMLException::Throw("Unknown scanner/module type attribute",
                                "scanner/module");
        
        cfg->scanner.modules.push_back(m);
        }
      xmlXPathFreeObject(o2);
      }
    
    
    if ((o2 = this->Eval(XP_SCANNER_SOURCE_POOL)))
      {
      StPXXPathContextNode cxNode(&mCx->node, o2->nodesetval->nodeTab[0]);
      
      xmlXPathObjectPtr o3 = this->Eval(XP_SCANNER_TARGET_ADDRESS);
      if (o3)
        {
        int cnt = o3->nodesetval->nodeNr;
        cfg->scanner.source_pool.reserve(cnt);
        xmlXPathFreeObject(o3);
        for (int i = 0; i < cnt; i++)
          {
          sockaddr_in sin;
          memset(&sin, 0, sizeof(sin));
          sin.sin_family = AF_INET;
          sin.sin_port = htons(0);
          
          this->GetAddress(XP_SCANNER_TARGET_ADDRESS, i, 0,
                           "scanner/source-pool/address", &sin.sin_addr);
          
          // Test the local address now.
          int testFD = socket(AF_INET, SOCK_STREAM, 0);
          if (testFD == -1) // doh !
            PXXMLException::Throw("Source pool address test failed",
                                  "socket() failed!");
          if (bind(testFD, (sockaddr *)&sin, sizeof(sin)) == -1)
            PXXMLException::Throw("Source pool address test failed",
                                  "bind() failed!");
          close(testFD);
          cfg->scanner.source_pool.push_back(sin.sin_addr);
          }
        }
      xmlXPathFreeObject(o2);
      }
    
    if (!(o2 = this->Eval(XP_SCANNER_TARGET)))
      PXXMLException::Throw("Missing parameter", "scanner/target");
    
    cfg->scanner.targets.reserve(o2->nodesetval->nodeNr);
    for (int i = 0; i < o2->nodesetval->nodeNr; i++)
      {
      StPXXPathContextNode cxNodeTarget(&mCx->node,
                                        o2->nodesetval->nodeTab[i]);
      PXConfigScannerTarget target;
      
      this->GetAddress(XP_SCANNER_TARGET_ADDRESS, 0, 1,
                       "scanner/target/address", &target.address);
      target.port = this->GetInteger(XP_SCANNER_TARGET_PORT, 0, 1);
      
      cfg->scanner.targets.push_back(target);
      }
    xmlXPathFreeObject(o2);

    cfg->scanner.target_check = (time_t)this->GetInteger(
                                                XP_SCANNER_TARGET_CHECK, 0, 1);
    cfg->scanner.log_agent = (char *)this->CopyString(XP_SCANNER_LOG_AGENT,
                                                      0, 0);
    cfg->scanner.timeout = (time_t)this->GetInteger(XP_SCANNER_TIMEOUT, 0, 1);
    if (cfg->scanner.timeout <= 0)
      cfg->scanner.timeout = 30;
    
    if (!(o2 = this->Eval(XP_SCANNER_STRING)))
      PXXMLException::Throw("Missing parameter", "scanner/string");
    
    cfg->scanner.strings.reserve(o2->nodesetval->nodeNr);
    for (int i = 0; i < o2->nodesetval->nodeNr; i++)
      {
      xmlChar *s;
      xmlNodePtr n = o2->nodesetval->nodeTab[i]->xmlChildrenNode;
      if (!(s = xmlNodeListGetString(mDoc, n, 1)))
        PXXMLException::Throw("Empty string field", "scanner/string");
      cfg->scanner.strings.push_back((char*)s);
      }
    
    xmlXPathFreeObject(o2);
    xmlXPathFreeObject(o);
    }

  if ((o = this->EvalUnique(XP_CACHE)))
    {
    StPXXPathContextNode cxNode(&mCx->node, o->nodesetval->nodeTab[0]);
    
    // Cache directory
    cfg->cache.dir = (char *)this->CopyString(XP_CACHE_DIRECTORY, 0, 1);
    // Cache expire seconds
    cfg->cache.expire = this->GetInteger(XP_CACHE_EXPIRE, 0, 1);
    // Proxy cache expire seconds
    cfg->cache.proxy_expire = this->GetInteger(XP_CACHE_PROXY_EXPIRE, 0, 1);
    // Cache max IPs
    cfg->cache.maxips = this->GetInteger(XP_CACHE_MAXIPS, 0, 1);
    
    xmlXPathFreeObject(o);
    }
  
  if ((o = this->EvalUnique(XP_NOSCAN)))
    {
    StPXXPathContextNode cxNode(&mCx->node, o->nodesetval->nodeTab[0]);
    
    o2 = this->Eval(XP_NOSCAN_ADDRESS);
    if (o2)
      {
      cfg->noscan.address.reserve(o2->nodesetval->nodeNr);
      for (int i = 0; i < o2->nodesetval->nodeNr; i++)
        {
        xmlChar *s;
        xmlNodePtr n;
        n = o2->nodesetval->nodeTab[i]->xmlChildrenNode;
        if (!(s = xmlNodeListGetString(mDoc, n, 1)))
          PXXMLException::Throw("Empty allow field", "noscan/address");
        
        NetworkNetmask nwnm;
        bool res = StringToNetworkNetmask((char *)s, nwnm.network,
                                          nwnm.netmask);
        xmlFree(s);
        if (!res)
          PXXMLException::Throw("Invalid address", "noscan/address");
        cfg->noscan.address.push_back(nwnm);
        }
      xmlXPathFreeObject(o2);
      }
    xmlXPathFreeObject(o);
    }
  }

void
PXConfigLoader::Dump(PXConfig *cfg)
  {
  size_t i;
  
  cout << "OPAS config" << endl;
  cout << "port: " << cfg->opas.port << endl;
  cout << "local_address: ";
  if (cfg->opas.local_address.s_addr == INADDR_ANY)
    cout << "default (any)";
  else
    cout << inet_ntoa(cfg->opas.local_address);
  cout << endl;
  cout << "proto: ";
  for (i = 0; i < cfg->opas.proto.size(); i++)
    if (cfg->opas.proto[i] == PXOPAS_PROTO_TCP)
      cout << "tcp ";
    else
      cout << "udp";
  cout << endl;
  
  cout << "allow: ";
  for (size_t i = 0; i < cfg->opas.allow.size(); i++)
    cout << inet_ntoa(cfg->opas.allow[i]) << " ";
  cout << endl;
  
  cout << "limit: ";
  if (cfg->opas.limit == 0)
    cout << "unlimited";
  else
    cout << cfg->opas.limit;
  cout << endl << endl;
  
  cout << "SCANNER config" << endl;
  cout << "maxscans: " << cfg->scanner.maxscans << endl;
  if (cfg->scanner.modules.size() == 0)
    {
    cout << "NO SCANNER MODULE ENABLED !!!" << endl;
    exit(1);
    }
  else
    {
    cout << "Scanner modules (" << cfg->scanner.modules.size() << "):" << endl;
    for (i = 0; i < cfg->scanner.modules.size(); i++)
      {
      cout << "id: " << cfg->scanner.modules[i].id << endl;
      if (cfg->scanner.modules[i].port > 0 &&
          cfg->scanner.modules[i].port < 65536)
        cout << "port: " << cfg->scanner.modules[i].port << endl;
      else
        {
        cout << "BAD PORT NUMBER: " << cfg->scanner.modules[i].port << endl;
        exit(1);
        }
      }
    }
  if (cfg->scanner.source_pool.size() == 0)
    cout << "No source pool." << endl;
  else
    {
    cout << "Source pool (" << cfg->scanner.source_pool.size() << "):" << endl;
    for (i = 0; i < cfg->scanner.source_pool.size(); i++)
      cout << "address: " << inet_ntoa(cfg->scanner.source_pool[i]) << endl;
    }
  cout << "Targets (" << cfg->scanner.targets.size() << "):" << endl;
  for (i = 0; i < cfg->scanner.targets.size(); i++)
    {
    cout << "address: " << inet_ntoa(cfg->scanner.targets[i].address);
    cout << " port: " << cfg->scanner.targets[i].port;
    cout << endl;
    }
  cout << "target_check: " << cfg->scanner.target_check << endl;
  cout << "Strings..." << endl;
  for (i = 0; i < cfg->scanner.strings.size(); i++)
    cout << "string: " << cfg->scanner.strings[i] << endl;
  
  cout << endl;
  cout << "CACHE config:" << endl;
  cout << "expire: " << cfg->cache.expire << " (seconds)" << endl;
  cout << "maxips: " << cfg->cache.maxips << endl << endl;
  
  cout << "NOSCAN config:" << endl;
  for (i = 0; i < cfg->noscan.address.size(); i++)
    {
    cout << "noscan: " << inet_ntoa(cfg->noscan.address[i].network);
    cout << "/" << inet_ntoa(cfg->noscan.address[i].netmask) << endl;
    }
  }
1	/* Copyright (C) 2003 Stephane Thiell
2	*
3	* This file is part of pxyservd (from pxys)
4	*
5	* This program is free software; you can redistribute it and/or
6	* modify it under the terms of the GNU General Public License
7	* as published by the Free Software Foundation; either version 2
8	* of the License, or (at your option) any later version.
9	*
10	* This program is distributed in the hope that it will be useful,
11	* but WITHOUT ANY WARRANTY; without even the implied warranty of
12	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13	* GNU General Public License for more details.
14	*
15	* You should have received a copy of the GNU General Public License
16	* along with this program; if not, write to the Free Software
17	* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
18	*
19	*/
20	#define RCSID "$Id: PXConfigLoader.cc,v 1.3 2004/01/02 00:33:03 mbuna Exp $"
21
22	#ifdef HAVE_CONFIG_H
23	#include "config.h"
24	#endif
25
26	#include "PXConfigLoader.h"
27	#include "PXConfig.h"
28
29	#include <iostream>
30
31	#include <arpa/inet.h>
32
33	// XPaths...
34
35	#define XP_OPAS "/pxyscand/opas"
36	#define XP_OPAS_PORT "port"
37	#define XP_OPAS_BIND_ADDRESS "bind-address"
38	#define XP_OPAS_PROTOCOL "protocol"
39	#define XP_OPAS_ALLOW "allow"
40	// TODO: deny
41	#define XP_OPAS_LIMIT "limit"
42
43	#define XP_SCANNER "/pxyscand/scanner"
44	#define XP_SCANNER_MAXSCANS "maxscans"
45	#define XP_SCANNER_MODULE_TYPE_ATTR "module/@type"
46	#define XP_SCANNER_MODULE "module[@type]"
47	#define XP_SCANNER_SOURCE_POOL "source-pool"
48	#define XP_SCANNER_SOURCE_POOL_ADDRESS "address"
49	#define XP_SCANNER_TARGET "target"
50	#define XP_SCANNER_TARGET_ADDRESS "address"
51	#define XP_SCANNER_TARGET_PORT "port"
52	#define XP_SCANNER_TARGET_CHECK "target-check"
53	#define XP_SCANNER_LOG_AGENT "log-agent"
54	#define XP_SCANNER_TIMEOUT "timeout"
55	#define XP_SCANNER_STRING "string"
56
57	#define XP_CACHE "/pxyscand/cache"
58	#define XP_CACHE_DIRECTORY "directory"
59	#define XP_CACHE_EXPIRE "expire"
60	#define XP_CACHE_PROXY_EXPIRE "proxy-expire"
61	#define XP_CACHE_MAXIPS "maxips"
62
63	#define XP_NOSCAN "/pxyscand/noscan"
64	#define XP_NOSCAN_ADDRESS "address"
65
66	using std::cout;
67	using std::endl;
68
69	PXConfigLoader::PXConfigLoader(const char *inFile)
70	: PXXMLXPathLoaderImp(inFile)
71	{
72	}
73
74	PXConfigLoader::~PXConfigLoader()
75	{
76	}
77
78
79	bool
80	PXConfigLoader::StringToNetworkNetmask(const char *str,
81	in_addr &oNet,
82	in_addr &oMask)
83	{
84	char ipbuf[16];
85	size_t len, j;
86	int k, dot = 0;
87	char *p;
88
89	if ((p = strchr(str, '/')) == NULL)
90	oMask.s_addr = htonl(0xffffffff);
91	else
92	{
93	*p++ = '\0';
94	if (!strchr(p, '.'))
95	{
96	int nbits;
97
98	if ((nbits = atoi(p)) > 0 && nbits <= 32)
99	oMask.s_addr = htonl(~(0xffffffff >> nbits));
100	}
101	else if (inet_pton(AF_INET, p, &oNet) == -1)
102	return false;
103	}
104
105	len = strlen(str);
106	len = len < sizeof(ipbuf) ? len : sizeof(ipbuf) - 1;
107	for (j = 0; j < len; j++)
108	{
109	if (str[j] == '.')
110	dot++;
111	ipbuf[j] = str[j];
112	}
113	if (dot > 4 \|\| len >= sizeof(ipbuf) - ((3 - dot) * 2))
114	return false;
115
116	for (k = 0; k < 3 - dot; k++)
117	{
118	ipbuf[j++] = '.';
119	ipbuf[j++] = '0';
120	}
121
122	assert(j < sizeof(ipbuf));
123	ipbuf[j] = '\0';
124
125	if (inet_pton(AF_INET, ipbuf, &oNet) == -1)
126	return false;
127
128	return true;
129	}
130
131	PXConfig *
132	PXConfigLoader::Load()
133	{
134	PXConfig *cfg = new PXConfig;
135	try
136	{
137	this->DoLoad(cfg);
138	}
139	catch (...)
140	{
141	delete cfg;
142	throw;
143	}
144	return cfg;
145	}
146
147	void
148	PXConfigLoader::DoLoad(PXConfig *cfg)
149	{
150	xmlXPathObjectPtr o, o2;
151
152	if ((o = this->EvalUnique(XP_OPAS)))
153	{
154	StPXXPathContextNode cxNode(&mCx->node, o->nodesetval->nodeTab[0]);
155
156	/* OPAS Port */
157	cfg->opas.port = this->GetInteger(XP_OPAS_PORT, 0, 1);
158
159	/* OPAS local address (bind) */
160	this->GetAddress(XP_OPAS_BIND_ADDRESS, 0, 0, "opas/bind-address",
161	&cfg->opas.local_address);
162
163	/* Protocol(s) to enable (tcp, udp) */
164	o2 = this->Eval(XP_OPAS_PROTOCOL);
165	if (!o2 \|\| !o2->nodesetval->nodeNr)
166	PXXMLException::Throw("Missing parameter", "opas/protocol");
167	cfg->opas.proto.reserve(o2->nodesetval->nodeNr);
168	for (int i = 0; i < o2->nodesetval->nodeNr; i++)
169	{
170	xmlChar *s;
171	xmlNodePtr n;
172	n = o2->nodesetval->nodeTab[i]->xmlChildrenNode;
173	if (!(s = xmlNodeListGetString(mDoc, n, 1)))
174	PXXMLException::Throw("Empty protocol, use: tcp or udp",
175	"opas/protocol");
176	if (!strcmp((char *)s, "tcp"))
177	cfg->opas.proto.push_back(PXOPAS_PROTO_TCP);
178	else if (!strcmp((char *)s, "udp"))
179	cfg->opas.proto.push_back(PXOPAS_PROTO_UDP);
180	else
181	{
182	xmlFree(s);
183	PXXMLException::Throw("Unknown protocol (use: tcp or udp)",
184	"opas/protocol");
185	}
186	xmlFree(s);
187	}
188	xmlXPathFreeObject(o2);
189
190	/* Allowed IPs */
191	o2 = this->Eval(XP_OPAS_ALLOW);
192	if (!o2 \|\| !o2->nodesetval->nodeNr)
193	PXXMLException::Throw("Missing parameter", "opas/allow");
194	cfg->opas.allow.reserve(o2->nodesetval->nodeNr);
195	for (int i = 0; i < o2->nodesetval->nodeNr; i++)
196	{
197	xmlChar *s;
198	xmlNodePtr n;
199	in_addr addr;
200
201	n = o2->nodesetval->nodeTab[i]->xmlChildrenNode;
202	if (!(s = xmlNodeListGetString(mDoc, n, 1)))
203	PXXMLException::Throw("Empty allow field", "opas/allow");
204	int res = inet_pton(AF_INET, (char *)s, &addr);
205	xmlFree(s);
206	if (res == -1)
207	PXXMLException::Throw("Bad IP address", "opas/allow");
208	cfg->opas.allow.push_back(addr);
209	}
210	xmlXPathFreeObject(o2);
211
212	/* OPAS limit */
213	cfg->opas.limit = this->GetInteger(XP_OPAS_LIMIT, 0, 1);
214
215	xmlXPathFreeObject(o);
216	}
217
218	if ((o = this->EvalUnique(XP_SCANNER)))
219	{
220	StPXXPathContextNode cxNode(&mCx->node, o->nodesetval->nodeTab[0]);
221
222	cfg->scanner.maxscans = this->GetInteger(XP_SCANNER_MAXSCANS, 0, 1);
223	if (cfg->scanner.maxscans <= 0)
224	cfg->scanner.maxscans = 100; // bah
225
226	if (!(o2 = this->Eval(XP_SCANNER_MODULE_TYPE_ATTR)))
227	PXXMLException::Throw("Missing parameter", "scanner/module");
228	else
229	{
230	cfg->scanner.modules.reserve(o2->nodesetval->nodeNr);
231	for (int i = 0; i < o2->nodesetval->nodeNr; i++)
232	{
233	PXConfigModule m;
234	xmlChar *s;
235	xmlNodePtr n = o2->nodesetval->nodeTab[i]->xmlChildrenNode;
236
237	if (!(s = xmlNodeListGetString(mDoc, n, 1)))
238	PXXMLException::Throw("Empty type attribute not allowed",
239	"scanner/module");
240
241	m.port = 0; // only used for http scan module
242
243	if (!xmlStrcasecmp(s, (xmlChar*)"wingate"))
244	m.id = CONFIG_MODULE_WINGATE;
245	else if (!xmlStrcasecmp(s, (xmlChar*)"socks"))
246	m.id = CONFIG_MODULE_SOCKS;
247	else if (!xmlStrcmp(s, (xmlChar*)"http"))
248	{
249	m.id = CONFIG_MODULE_HTTP;
250	m.port = this->GetInteger(XP_SCANNER_MODULE, i, 65536);
251	// Note: port 0 not allowed for convenience.
252	if (m.port <= 0 \|\| m.port >= 65536)
253	PXXMLException::Throw("Bad proxy port number", "scanner/module");
254	}
255	else if (!xmlStrcasecmp(s, (xmlChar*)"crazybandit"))
256	m.id = CONFIG_MODULE_CRAZYBANDIT;
257
258	/* Handle new module type here. */
259
260	else
261	PXXMLException::Throw("Unknown scanner/module type attribute",
262	"scanner/module");
263
264	cfg->scanner.modules.push_back(m);
265	}
266	xmlXPathFreeObject(o2);
267	}
268
269
270	if ((o2 = this->Eval(XP_SCANNER_SOURCE_POOL)))
271	{
272	StPXXPathContextNode cxNode(&mCx->node, o2->nodesetval->nodeTab[0]);
273
274	xmlXPathObjectPtr o3 = this->Eval(XP_SCANNER_TARGET_ADDRESS);
275	if (o3)
276	{
277	int cnt = o3->nodesetval->nodeNr;
278	cfg->scanner.source_pool.reserve(cnt);
279	xmlXPathFreeObject(o3);
280	for (int i = 0; i < cnt; i++)
281	{
282	sockaddr_in sin;
283	memset(&sin, 0, sizeof(sin));
284	sin.sin_family = AF_INET;
285	sin.sin_port = htons(0);
286
287	this->GetAddress(XP_SCANNER_TARGET_ADDRESS, i, 0,
288	"scanner/source-pool/address", &sin.sin_addr);
289
290	// Test the local address now.
291	int testFD = socket(AF_INET, SOCK_STREAM, 0);
292	if (testFD == -1) // doh !
293	PXXMLException::Throw("Source pool address test failed",
294	"socket() failed!");
295	if (bind(testFD, (sockaddr *)&sin, sizeof(sin)) == -1)
296	PXXMLException::Throw("Source pool address test failed",
297	"bind() failed!");
298	close(testFD);
299	cfg->scanner.source_pool.push_back(sin.sin_addr);
300	}
301	}
302	xmlXPathFreeObject(o2);
303	}
304
305	if (!(o2 = this->Eval(XP_SCANNER_TARGET)))
306	PXXMLException::Throw("Missing parameter", "scanner/target");
307
308	cfg->scanner.targets.reserve(o2->nodesetval->nodeNr);
309	for (int i = 0; i < o2->nodesetval->nodeNr; i++)
310	{
311	StPXXPathContextNode cxNodeTarget(&mCx->node,
312	o2->nodesetval->nodeTab[i]);
313	PXConfigScannerTarget target;
314
315	this->GetAddress(XP_SCANNER_TARGET_ADDRESS, 0, 1,
316	"scanner/target/address", &target.address);
317	target.port = this->GetInteger(XP_SCANNER_TARGET_PORT, 0, 1);
318
319	cfg->scanner.targets.push_back(target);
320	}
321	xmlXPathFreeObject(o2);
322
323	cfg->scanner.target_check = (time_t)this->GetInteger(
324	XP_SCANNER_TARGET_CHECK, 0, 1);
325	cfg->scanner.log_agent = (char *)this->CopyString(XP_SCANNER_LOG_AGENT,
326	0, 0);
327	cfg->scanner.timeout = (time_t)this->GetInteger(XP_SCANNER_TIMEOUT, 0, 1);
328	if (cfg->scanner.timeout <= 0)
329	cfg->scanner.timeout = 30;
330
331	if (!(o2 = this->Eval(XP_SCANNER_STRING)))
332	PXXMLException::Throw("Missing parameter", "scanner/string");
333
334	cfg->scanner.strings.reserve(o2->nodesetval->nodeNr);
335	for (int i = 0; i < o2->nodesetval->nodeNr; i++)
336	{
337	xmlChar *s;
338	xmlNodePtr n = o2->nodesetval->nodeTab[i]->xmlChildrenNode;
339	if (!(s = xmlNodeListGetString(mDoc, n, 1)))
340	PXXMLException::Throw("Empty string field", "scanner/string");
341	cfg->scanner.strings.push_back((char*)s);
342	}
343
344	xmlXPathFreeObject(o2);
345	xmlXPathFreeObject(o);
346	}
347
348	if ((o = this->EvalUnique(XP_CACHE)))
349	{
350	StPXXPathContextNode cxNode(&mCx->node, o->nodesetval->nodeTab[0]);
351
352	// Cache directory
353	cfg->cache.dir = (char *)this->CopyString(XP_CACHE_DIRECTORY, 0, 1);
354	// Cache expire seconds
355	cfg->cache.expire = this->GetInteger(XP_CACHE_EXPIRE, 0, 1);
356	// Proxy cache expire seconds
357	cfg->cache.proxy_expire = this->GetInteger(XP_CACHE_PROXY_EXPIRE, 0, 1);
358	// Cache max IPs
359	cfg->cache.maxips = this->GetInteger(XP_CACHE_MAXIPS, 0, 1);
360
361	xmlXPathFreeObject(o);
362	}
363
364	if ((o = this->EvalUnique(XP_NOSCAN)))
365	{
366	StPXXPathContextNode cxNode(&mCx->node, o->nodesetval->nodeTab[0]);
367
368	o2 = this->Eval(XP_NOSCAN_ADDRESS);
369	if (o2)
370	{
371	cfg->noscan.address.reserve(o2->nodesetval->nodeNr);
372	for (int i = 0; i < o2->nodesetval->nodeNr; i++)
373	{
374	xmlChar *s;
375	xmlNodePtr n;
376	n = o2->nodesetval->nodeTab[i]->xmlChildrenNode;
377	if (!(s = xmlNodeListGetString(mDoc, n, 1)))
378	PXXMLException::Throw("Empty allow field", "noscan/address");
379
380	NetworkNetmask nwnm;
381	bool res = StringToNetworkNetmask((char *)s, nwnm.network,
382	nwnm.netmask);
383	xmlFree(s);
384	if (!res)
385	PXXMLException::Throw("Invalid address", "noscan/address");
386	cfg->noscan.address.push_back(nwnm);
387	}
388	xmlXPathFreeObject(o2);
389	}
390	xmlXPathFreeObject(o);
391	}
392	}
393
394	void
395	PXConfigLoader::Dump(PXConfig *cfg)
396	{
397	size_t i;
398
399	cout << "OPAS config" << endl;
400	cout << "port: " << cfg->opas.port << endl;
401	cout << "local_address: ";
402	if (cfg->opas.local_address.s_addr == INADDR_ANY)
403	cout << "default (any)";
404	else
405	cout << inet_ntoa(cfg->opas.local_address);
406	cout << endl;
407	cout << "proto: ";
408	for (i = 0; i < cfg->opas.proto.size(); i++)
409	if (cfg->opas.proto[i] == PXOPAS_PROTO_TCP)
410	cout << "tcp ";
411	else
412	cout << "udp";
413	cout << endl;
414
415	cout << "allow: ";
416	for (size_t i = 0; i < cfg->opas.allow.size(); i++)
417	cout << inet_ntoa(cfg->opas.allow[i]) << " ";
418	cout << endl;
419
420	cout << "limit: ";
421	if (cfg->opas.limit == 0)
422	cout << "unlimited";
423	else
424	cout << cfg->opas.limit;
425	cout << endl << endl;
426
427	cout << "SCANNER config" << endl;
428	cout << "maxscans: " << cfg->scanner.maxscans << endl;
429	if (cfg->scanner.modules.size() == 0)
430	{
431	cout << "NO SCANNER MODULE ENABLED !!!" << endl;
432	exit(1);
433	}
434	else
435	{
436	cout << "Scanner modules (" << cfg->scanner.modules.size() << "):" << endl;
437	for (i = 0; i < cfg->scanner.modules.size(); i++)
438	{
439	cout << "id: " << cfg->scanner.modules[i].id << endl;
440	if (cfg->scanner.modules[i].port > 0 &&
441	cfg->scanner.modules[i].port < 65536)
442	cout << "port: " << cfg->scanner.modules[i].port << endl;
443	else
444	{
445	cout << "BAD PORT NUMBER: " << cfg->scanner.modules[i].port << endl;
446	exit(1);
447	}
448	}
449	}
450	if (cfg->scanner.source_pool.size() == 0)
451	cout << "No source pool." << endl;
452	else
453	{
454	cout << "Source pool (" << cfg->scanner.source_pool.size() << "):" << endl;
455	for (i = 0; i < cfg->scanner.source_pool.size(); i++)
456	cout << "address: " << inet_ntoa(cfg->scanner.source_pool[i]) << endl;
457	}
458	cout << "Targets (" << cfg->scanner.targets.size() << "):" << endl;
459	for (i = 0; i < cfg->scanner.targets.size(); i++)
460	{
461	cout << "address: " << inet_ntoa(cfg->scanner.targets[i].address);
462	cout << " port: " << cfg->scanner.targets[i].port;
463	cout << endl;
464	}
465	cout << "target_check: " << cfg->scanner.target_check << endl;
466	cout << "Strings..." << endl;
467	for (i = 0; i < cfg->scanner.strings.size(); i++)
468	cout << "string: " << cfg->scanner.strings[i] << endl;
469
470	cout << endl;
471	cout << "CACHE config:" << endl;
472	cout << "expire: " << cfg->cache.expire << " (seconds)" << endl;
473	cout << "maxips: " << cfg->cache.maxips << endl << endl;
474
475	cout << "NOSCAN config:" << endl;
476	for (i = 0; i < cfg->noscan.address.size(); i++)
477	{
478	cout << "noscan: " << inet_ntoa(cfg->noscan.address[i].network);
479	cout << "/" << inet_ntoa(cfg->noscan.address[i].netmask) << endl;
480	}
481	}
svnadmin@ircd-hybrid.org	ViewVC Help
Powered by ViewVC 1.1.28