diff options
author | Reyk Floeter <reyk@cvs.openbsd.org> | 2007-11-22 10:09:54 +0000 |
---|---|---|
committer | Reyk Floeter <reyk@cvs.openbsd.org> | 2007-11-22 10:09:54 +0000 |
commit | 528448c354fbc39d0ec76390e0abb03bffe3030c (patch) | |
tree | cbb3c2d948302dc744689adcd4383ae90e7ba120 /usr.sbin/hoststated/parse.y | |
parent | e7be2a8e9b2bedf33849efda13e890b933152f0b (diff) |
add (new) "url" protocol action, this can be used to match/filter URL
suffix/prefix expressions like "example.com/index.html?args". a digest
mode allows to match against anonymized SHA1/MD5 digests of
suffix/prefix expressions.
Diffstat (limited to 'usr.sbin/hoststated/parse.y')
-rw-r--r-- | usr.sbin/hoststated/parse.y | 47 |
1 files changed, 45 insertions, 2 deletions
diff --git a/usr.sbin/hoststated/parse.y b/usr.sbin/hoststated/parse.y index f8e0829996f..86ebc48c691 100644 --- a/usr.sbin/hoststated/parse.y +++ b/usr.sbin/hoststated/parse.y @@ -1,4 +1,4 @@ -/* $OpenBSD: parse.y,v 1.92 2007/11/21 20:31:03 reyk Exp $ */ +/* $OpenBSD: parse.y,v 1.93 2007/11/22 10:09:53 reyk Exp $ */ /* * Copyright (c) 2006 Pierre-Yves Ritschard <pyr@openbsd.org> @@ -123,7 +123,7 @@ typedef struct { %token TIMEOUT CODE DIGEST PORT TAG INTERFACE STYLE RETURN %token VIRTUAL INTERVAL DISABLE STICKYADDR BACKLOG PATH SCRIPT %token SEND EXPECT NOTHING SSL LOADBALANCE ROUNDROBIN CIPHERS COOKIE -%token RELAY LISTEN ON FORWARD TO NAT LOOKUP PREFORK NO MARK MARKED +%token RELAY LISTEN ON FORWARD TO NAT LOOKUP PREFORK NO MARK MARKED URL %token PROTO SESSION CACHE APPEND CHANGE REMOVE FROM FILTER HASH HEADER %token LOG UPDATES ALL DEMOTE NODELAY SACK SOCKET BUFFER QUERYSTR RETRY IP %token ERROR @@ -728,6 +728,8 @@ protoptsl : SSL sslflags if (node.type == NODE_TYPE_COOKIE) pk.key = "Cookie"; + else if (node.type == NODE_TYPE_URL) + pk.key = "Host"; else pk.key = "GET"; if (node.type != NODE_TYPE_HEADER) { @@ -763,6 +765,15 @@ protoptsl : SSL sslflags case NODE_TYPE_COOKIE: pn->flags |= PNFLAG_LOOKUP_COOKIE; break; + case NODE_TYPE_URL: + if (node.flags & + PNFLAG_LOOKUP_URL_DIGEST) + pn->flags |= node.flags & + PNFLAG_LOOKUP_URL_DIGEST; + else + pn->flags |= + PNFLAG_LOOKUP_DIGEST(0); + break; default: break; } @@ -905,6 +916,21 @@ protonode : nodetype APPEND STRING TO STRING marked { free($3); proto->lateconnect++; } + | nodetype EXPECT digest mark { + if (node.type != NODE_TYPE_URL) { + yyerror("digest not supported for this type"); + free($3.digest); + YYERROR; + } + node.action = NODE_ACTION_EXPECT; + node.key = strdup($3.digest); + node.flags |= PNFLAG_LOOKUP_DIGEST($3.type); + node.value = strdup("*"); + if (node.key == NULL || node.value == NULL) + fatal("out of memory"); + free($3.digest); + proto->lateconnect++; + } | nodetype FILTER STRING FROM STRING mark { node.action = NODE_ACTION_FILTER; node.key = strdup($5); @@ -924,6 +950,21 @@ protonode : nodetype APPEND STRING TO STRING marked { free($3); proto->lateconnect++; } + | nodetype FILTER digest mark { + if (node.type != NODE_TYPE_URL) { + yyerror("digest not supported for this type"); + free($3.digest); + YYERROR; + } + node.action = NODE_ACTION_FILTER; + node.key = strdup($3.digest); + node.flags |= PNFLAG_LOOKUP_DIGEST($3.type); + node.value = strdup("*"); + if (node.key == NULL || node.value == NULL) + fatal("out of memory"); + free($3.digest); + proto->lateconnect++; + } | nodetype HASH STRING marked { node.action = NODE_ACTION_HASH; node.key = strdup($3); @@ -963,6 +1004,7 @@ nodetype : HEADER { proto->flags |= F_LOOKUP_PATH; node.type = NODE_TYPE_PATH; } + | URL { node.type = NODE_TYPE_URL; } ; sslcache : NUMBER { @@ -1349,6 +1391,7 @@ lookup(char *s) { "timeout", TIMEOUT }, { "to", TO }, { "updates", UPDATES }, + { "url", URL }, { "virtual", VIRTUAL } }; const struct keywords *p; |