diff options
| author | Reyk Floeter <reyk@cvs.openbsd.org> | 2007-04-12 14:45:46 +0000 |
|---|---|---|
| committer | Reyk Floeter <reyk@cvs.openbsd.org> | 2007-04-12 14:45:46 +0000 |
| commit | bd310ff40867bc1ea863eca5a55d0b4b34185140 (patch) | |
| tree | 36b1d3a32ac2285f815c24df72445cbc648beff2 /usr.sbin/relayd | |
| parent | 9503c81a3321b794f811dbe2280d39669517a6db (diff) | |
add a new relay 'path' action to filter the URL path and arguments.
ok pyr@
Diffstat (limited to 'usr.sbin/relayd')
| -rw-r--r-- | usr.sbin/relayd/parse.y | 9 | ||||
| -rw-r--r-- | usr.sbin/relayd/relay.c | 32 | ||||
| -rw-r--r-- | usr.sbin/relayd/relayd.conf.5 | 9 | ||||
| -rw-r--r-- | usr.sbin/relayd/relayd.h | 6 |
4 files changed, 50 insertions, 6 deletions
diff --git a/usr.sbin/relayd/parse.y b/usr.sbin/relayd/parse.y index 6a5070e9997..f49ad1b11cc 100644 --- a/usr.sbin/relayd/parse.y +++ b/usr.sbin/relayd/parse.y @@ -1,4 +1,4 @@ -/* $OpenBSD: parse.y,v 1.37 2007/03/21 00:08:08 reyk Exp $ */ +/* $OpenBSD: parse.y,v 1.38 2007/04/12 14:45:45 reyk Exp $ */ /* * Copyright (c) 2006 Pierre-Yves Ritschard <pyr@spootnik.org> @@ -106,7 +106,7 @@ typedef struct { %token SERVICE TABLE BACKUP HOST REAL %token CHECK TCP ICMP EXTERNAL REQUEST RESPONSE %token TIMEOUT CODE DIGEST PORT TAG INTERFACE -%token VIRTUAL INTERVAL DISABLE STICKYADDR BACKLOG +%token VIRTUAL INTERVAL DISABLE STICKYADDR BACKLOG PATH %token SEND EXPECT NOTHING SSL LOADBALANCE ROUNDROBIN CIPHERS COOKIE %token RELAY LISTEN ON FORWARD TO NAT LOOKUP PREFORK NO MARK MARKED %token PROTO SESSION CACHE APPEND CHANGE REMOVE FROM FILTER HASH HEADER @@ -801,6 +801,10 @@ marked : /* empty */ nodetype : HEADER { node.type = NODE_TYPE_HEADER; } | URL { node.type = NODE_TYPE_URL; } | COOKIE { node.type = NODE_TYPE_COOKIE; } + | PATH { + proto->flags |= F_LOOKUP_PATH; + node.type = NODE_TYPE_PATH; + } ; sslcache : number { $$ = $1; } @@ -1117,6 +1121,7 @@ lookup(char *s) { "nodelay", NODELAY }, { "nothing", NOTHING }, { "on", ON }, + { "path", PATH }, { "port", PORT }, { "prefork", PREFORK }, { "protocol", PROTO }, diff --git a/usr.sbin/relayd/relay.c b/usr.sbin/relayd/relay.c index f3a02eb7cba..686883e85ed 100644 --- a/usr.sbin/relayd/relay.c +++ b/usr.sbin/relayd/relay.c @@ -1,4 +1,4 @@ -/* $OpenBSD: relay.c,v 1.25 2007/04/10 21:33:52 reyk Exp $ */ +/* $OpenBSD: relay.c,v 1.26 2007/04/12 14:45:45 reyk Exp $ */ /* * Copyright (c) 2006, 2007 Reyk Floeter <reyk@openbsd.org> @@ -307,6 +307,9 @@ relay_protodebug(struct relay *rlay) case NODE_TYPE_COOKIE: fprintf(stderr, "cookie "); break; + case NODE_TYPE_PATH: + fprintf(stderr, "path "); + break; } switch (pn->action) { @@ -1144,6 +1147,29 @@ relay_read_http(struct bufferevent *bev, void *arg) goto fail; } #endif + + /* + * Lookup protocol handlers in the URL path + */ + if ((proto->flags & F_LOOKUP_PATH) == 0) + goto lookup; + + pkv.key = cre->path; + pkv.type = NODE_TYPE_PATH; + pkv.value = cre->args == NULL ? "" : cre->args; + + DPRINTF("relay_read_http: " + "lookup path '%s: %s'", pkv.key, pkv.value); + + if ((pnv = RB_FIND(proto_tree, + cre->tree, &pkv)) == NULL) + goto lookup; + + ret = relay_handle_http(cre, pnv, &pkv, 0); + if (ret == PN_FAIL) { + free(line); + goto fail; + } } else if ((cre->method == HTTP_METHOD_POST || cre->method == HTTP_METHOD_PUT || cre->method == HTTP_METHOD_RESPONSE) && @@ -1730,6 +1756,8 @@ relay_close(struct session *con, const char *msg) } if (con->in.s != -1) close(con->in.s); + if (con->in.path != NULL) + free(con->in.path); if (con->in.buf != NULL) free(con->in.buf); if (con->in.nodes != NULL) @@ -1741,6 +1769,8 @@ relay_close(struct session *con, const char *msg) evbuffer_free(con->out.output); if (con->out.s != -1) close(con->out.s); + if (con->out.path != NULL) + free(con->out.path); if (con->out.buf != NULL) free(con->out.buf); if (con->out.nodes != NULL) diff --git a/usr.sbin/relayd/relayd.conf.5 b/usr.sbin/relayd/relayd.conf.5 index 5830c964590..ec622b851be 100644 --- a/usr.sbin/relayd/relayd.conf.5 +++ b/usr.sbin/relayd/relayd.conf.5 @@ -1,4 +1,4 @@ -.\" $OpenBSD: relayd.conf.5,v 1.41 2007/04/10 21:45:11 reyk Exp $ +.\" $OpenBSD: relayd.conf.5,v 1.42 2007/04/12 14:45:45 reyk Exp $ .\" .\" Copyright (c) 2006 Pierre-Yves Ritschard <pyr@spootnik.org> .\" @@ -460,6 +460,12 @@ Look up the entity in the application protocol headers, like HTTP headers in .Ic http mode. +.It Ic path +Look up the entity as a value in the URL path when using the +.Ic http +protocol. +This type is only available with the direction +.Ic request . .It Ic url Look up the entity as a GET variable in the URL when using the .Ic http @@ -693,6 +699,7 @@ protocol http_ssl { header change "Keep-Alive" to "$TIMEOUT" url hash "sessid" cookie hash "sessid" + path filter "*command=*" from "/cgi-bin/index.cgi" ssl { sslv2, ciphers "MEDIUM:HIGH" } } diff --git a/usr.sbin/relayd/relayd.h b/usr.sbin/relayd/relayd.h index e7d618af697..46609cae438 100644 --- a/usr.sbin/relayd/relayd.h +++ b/usr.sbin/relayd/relayd.h @@ -1,4 +1,4 @@ -/* $OpenBSD: relayd.h,v 1.40 2007/04/10 21:33:52 reyk Exp $ */ +/* $OpenBSD: relayd.h,v 1.41 2007/04/12 14:45:45 reyk Exp $ */ /* * Copyright (c) 2006, 2007 Pierre-Yves Ritschard <pyr@spootnik.org> @@ -270,6 +270,7 @@ TAILQ_HEAD(addresslist, address); #define F_SSL 0x0800 #define F_NATLOOK 0x1000 #define F_DEMOTE 0x2000 +#define F_LOOKUP_PATH 0x4000 struct host { u_int16_t flags; @@ -373,7 +374,8 @@ enum nodeaction { enum nodetype { NODE_TYPE_HEADER = 0, NODE_TYPE_URL = 1, - NODE_TYPE_COOKIE = 2 + NODE_TYPE_COOKIE = 2, + NODE_TYPE_PATH = 3 }; #define PNFLAG_MACRO 0x01 |