Roxen.git / server / base_server / roxen.pike

version» Context lines:

Roxen.git/server/base_server/roxen.pike:1:   // This file is part of Roxen WebServer.   // Copyright © 1996 - 2001, Roxen IS.   //   // The Roxen WebServer main program.   //   // Per Hedbor, Henrik Grubbström, Pontus Hagland, David Hedbor and others.   // ABS and suicide systems contributed freely by Francesco Chemolli    - constant cvs_version="$Id: roxen.pike,v 1.815 2002/12/04 15:29:30 wellhard Exp $"; + constant cvs_version="$Id: roxen.pike,v 1.816 2002/12/09 12:53:57 grubba Exp $";    -  + //! @appears roxen + //! + //! The Roxen WebServer main program. +    // The argument cache. Used by the image cache.   ArgCache argcache;      // Some headerfiles   #define IN_ROXEN   #include <roxen.h>   #include <config.h>   #include <module.h>   #include <variables.h>   #include <stat.h>
Roxen.git/server/base_server/roxen.pike:4777:   // processed by the provided function, if any.   // multiset   // Strings in a multiset will be added before the string above.   // should typically be used for variable declarations.   // int   // Signals that a authentication request should be sent to the user   // upon failure.   //   //   // NOTE: It's up to the security checks in this file to ensure that - // nothing is overcached. All patterns that does checks using + // nothing is overcached. All patterns that perform checks using   // information from the client (such as remote address, referer etc) - // _has_ to use NOCACHE(). It's not nessesary, however, to do that for - // checks that use the authentication module API, since it's up to the - // user database and authentication modules to ensure that nothing is - // overcached in that case. + // _have_ to use NOCACHE() or NO_PROTO_CACHE(). It's not nessesary, however, + // to do that for checks that use the authentication module API, since + // then it's up to the user database and authentication modules to ensure + // that nothing is overcached in that case.   array security_checks = ({    "ip=%s:%s",2,({    lambda( string a, string b ){    int net = Roxen.ip_to_int( a );    int mask = Roxen.ip_to_int( b );    net &= mask;    return ({ net, sprintf("%c",mask)[0] });    }, -  " NOCACHE();\n" +  " NO_PROTO_CACHE();\n"    " if( (Roxen.ip_to_int( id->remoteaddr ) & %[1]d) == %[0]d ) ",    }),    "ip=%s/%d",2,({    lambda( string a, int b ){    int net = Roxen.ip_to_int( a );    int mask = ((~0<<(32-b))&0xffffffff);    net &= mask;    return ({ net, sprintf("%c",mask)[0] });    }, -  " NOCACHE();\n" +  " NO_PROTO_CACHE();\n"    " if( (Roxen.ip_to_int( id->remoteaddr ) & %[1]d) == %[0]d ) ",    }),    "ip=%s",1,({ -  " NOCACHE();\n" +  " NO_PROTO_CACHE();\n"    " if( sizeof(filter(%[0]O/\",\",lambda(string q){\n"    " return glob(q,id->remoteaddr);\n"    " })) )"    }),    "user=%s",1,({ 1,    lambda( string x ) {    return ({sprintf("(< %{%O, %}>)", x/"," )});    },       // No need to NOCACHE () here, since it's up to the
Roxen.git/server/base_server/roxen.pike:4832:    lambda( string x ) {    return ({sprintf("(< %{%O, %}>)", x/"," )});    },    // No need to NOCACHE () here, since it's up to the    // auth-modules to do that.    " if( (user || (user = authmethod->authenticate( id, userdb_module )))\n"    " && ((%[0]s->any) || sizeof(mkmultiset(user->groups())&%[0]s)))",    (<" User user" >),    }),    "dns=%s",1,({ -  "NOCACHE();" +  "NO_PROTO_CACHE();"    " if(!dns && \n"    " ((dns=roxen.quick_ip_to_host(id->remoteaddr))!=id->remoteaddr))\n"    " if( (id->misc->delayed+=0.1) < 1.0 )\n"    " return Roxen.http_try_again( 0.1 );\n"    " if( sizeof(filter(%[0]O/\",\",lambda(string q){return glob(q,dns);})) )",    (< " string dns" >),    }),    "time=%d:%d-%d:%d",4,({    (< " mapping l = localtime(time(1))" >),    (< " int th = l->hour, tm = l->min" >),    // No need to NOCACHE() here, does not depend on client.    " if( ((th >= %[0]d) && (tm >= %[1]d)) &&\n"    " ((th <= %[2]d) && (tm <= %[3]d)) )",    }),    "referer=%s", 1, ({    (<    " string referer = sizeof(id->referer||({}))?"    "id->referer[0]:\"\"; "    >), -  " NOCACHE();" +  " NO_PROTO_CACHE();"    " if( sizeof(filter(%[0]O/\",\",lambda(string q){\n"    " return glob(q,referer);\n"    " })) )"    }),    "day=%s",1,({    lambda( string q ) {    multiset res = (<>);    foreach( q/",", string w ) if( (int)w )    res[((int)w % 7)] = 1;    else    res[ (["monday":1,"thuesday":2,"wednesday":3,"thursday":4,"friday":5,    "saturday":6,"sunday":0,"mon":1, "thu":2, "wed":3, "thu":4,    "fri":5, "sat":6, "sun":0, ])[ lower_case(w) ] ] = 1;    return ({sprintf("(< %{%O, %}>)", (array)res)});    },    (< " mapping l = localtime(time(1))" >),    // No need to NOCACHE() here, does not depend on client.    " if( %[0]s[l->wday] )"    }),    "accept_language=%s",1,({ -  " NOCACHE(); " +  " NO_PROTO_CACHE(); "    " if( has_value(id->misc->pref_languages->get_languages(), %O))"    }),    "luck=%d%%",1,({    lambda(int luck) { return ({ 100-luck }); },    // Not really any need to NOCACHE() here, since it does not depend    // on client. However, it's supposed to be totally random.    " NOCACHE();"    " if( random(100)<%d )",    }),   });