Ipaddressfilter_src

csucdl 2009-02-05 07:09:45
// DB.CPP - This module implements the database routines for the authentication filter.

#include "stdafx.h"
#include "IPAddressFilter.h"

/*
Routine Description:
Looks up the ip address and confirms the host with that address is allowed
access to the server

Arguments:
pszIPAddress - The IP address to validate
pfValid - Set to TRUE if the client should be allowed

Return Value:
TRUE on success, FALSE on failure
*/
BOOL CIPAddressFilter::ValidateIPAddress(const CHAR* pszIPAddress, OUT BOOL* pfValid)
{
// Assume we're going to fail validation
*pfValid = FALSE;

BOOL fFound;

// Lookup the address in the cache, if that fails, get the address from the
// database and add the retrieved address to the cache
if ( !LookupIPAddressInCache( pszIPAddress, &fFound ))
return FALSE;

if ( !fFound )
{
if ( !LookupIPAddressInDb( pszIPAddress, &fFound ))
return FALSE;

if ( fFound )
AddIPAddressToCache( pszIPAddress );
}

if ( !fFound )
{
ISAPITRACE1("[ValidatepIPAddress] Failed to find address %s\n", pszIPAddress );
return TRUE;
}

*pfValid = TRUE;

return TRUE;
}

/*
Routine Description:
Retrieves the ip address list from the file. If the addressess were coming from a
database, this routine would connect to the database.

Return Value:
TRUE on success, FALSE on failure

*/
BOOL CIPAddressFilter::InitializeIPAddressDatabase()
{
DWORD cbRead;

// Open and read the file. The System account must have access to the file.
HANDLE hFile = CreateFile( IP_LIST_FILE, GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING, 0, NULL);
if ( hFile == INVALID_HANDLE_VALUE )
{
ISAPITRACE2("[InitializepIPAddressDatabase] Error %d openning %s\n", GetLastError(), IP_LIST_FILE );
return FALSE;
}

DWORD cbFile = GetFileSize( hFile, NULL );
if ( cbFile == (DWORD) -1 )
{
CloseHandle( hFile );
return FALSE;
}

m_pszIPAddressFile = (CHAR *)LocalAlloc( LPTR, cbFile + 1 );
if ( !m_pszIPAddressFile )
{
SetLastError( ERROR_NOT_ENOUGH_MEMORY );
CloseHandle( hFile );
return FALSE;
}

if ( !ReadFile( hFile, m_pszIPAddressFile, cbFile, &cbRead, NULL ))
{
CloseHandle( hFile );
LocalFree( m_pszIPAddressFile );
return FALSE;
}

CloseHandle( hFile );

// Zero terminate the file data
m_pszIPAddressFile[cbRead] = '\0';

return TRUE;
}

/*
Routine Description:
Looks up the IP address in the database
The file data is not sorted to simulate the cost of an external database
lookup.

Arguments:
pszIPAddress - The address to find in the database
pfFound - Set to TRUE if the specified address name was found in the
database

Return Value:
TRUE on success, FALSE on failure
*/
BOOL CIPAddressFilter::LookupIPAddressInDb(const CHAR* pszIPAddress, OUT BOOL* pfFound)
{
*pfFound = FALSE;

// Find the external ip address. We're expecting one address per line
CHAR* pch = m_pszIPAddressFile;
DWORD cchIPAddress = strlen( pszIPAddress );

while ( pch && *pch )
{
while ( ISWHITE( *pch ) )
pch++;

CHAR* pchend = strchr( pch+1, '\n' );

if (pchend && *(pchend-2) == '*') // -2 because of \r and \n
{
DWORD cchaddr = pchend-pch-2;
if (!cchaddr) // * alone in a line?
goto Found;
if ( *pch == *pszIPAddress && !strnicmp( pszIPAddress, pch, cchaddr ) )
goto Found;
}
else
if ( *pch == *pszIPAddress && !strnicmp( pszIPAddress, pch, cchIPAddress ) )
goto Found;

pch = pchend;
}

// Not found
return TRUE;

Found:
*pfFound = TRUE;

return TRUE;
}

/*
Routine Description:
Shutsdown the IP address database.
*/
VOID CIPAddressFilter::TerminateIPAddressDatabase()
{
if ( m_pszIPAddressFile )
LocalFree(m_pszIPAddressFile );
}

// IPADDRESSFILTER.CPP - Implementation file for your Internet Server
// IP Address Sample Filter

#include "stdafx.h"
#include "IPAddressFilter.h"

///////////////////////////////////////////////////////////////////////
// The one and only CWinApp object
// NOTE: You may remove this object if you alter your project to no
// longer use MFC in a DLL.

CWinApp theApp;



///////////////////////////////////////////////////////////////////////
// The one and only CIPAddressFilter object

CIPAddressFilter theFilter;

///////////////////////////////////////////////////////////////////////
// CIPAddressFilter static members

DWORD CIPAddressFilter::m_cCacheItems = 0;
CHAR* CIPAddressFilter::m_pszIPAddressFile = NULL;
LIST_ENTRY CIPAddressFilter::m_CacheListHead;
CRITICAL_SECTION CIPAddressFilter::m_csCacheLock;


///////////////////////////////////////////////////////////////////////
// CIPAddressFilter implementation

CIPAddressFilter::CIPAddressFilter()
{
m_fCacheInitialized = FALSE;
}

CIPAddressFilter::~CIPAddressFilter()
{
TerminateCache();
TerminateIPAddressDatabase();
}

BOOL CIPAddressFilter::Initialize()
{
return (InitializeIPAddressDatabase() && InitializeCache());
}

BOOL CIPAddressFilter::GetFilterVersion(PHTTP_FILTER_VERSION pVer)
{
ISAPITRACE2( "[GetFilterVersion] Server filter version is %d.%d\n",
HIWORD( pVer->dwServerFilterVersion ),
LOWORD( pVer->dwServerFilterVersion ) );

if ( !Initialize() )
{
ISAPITRACE1("[GetFilterVersion] Database or cache failed, error %d\n", GetLastError() );
return FALSE;
}

// Call default implementation for initialization
CHttpFilter::GetFilterVersion(pVer);

// Set the flags we are interested in
pVer->dwFlags = SF_NOTIFY_ORDER_DEFAULT |
SF_NOTIFY_SECURE_PORT | SF_NOTIFY_NONSECURE_PORT |
SF_NOTIFY_URL_MAP;

// Load description string
TCHAR sz[SF_MAX_FILTER_DESC_LEN+1];
ISAPIVERIFY(::LoadString(AfxGetResourceHandle(),
IDS_FILTER, sz, SF_MAX_FILTER_DESC_LEN));
_tcscpy(pVer->lpszFilterDesc, sz);
return TRUE;
}

DWORD CIPAddressFilter::OnUrlMap(CHttpFilterContext* pCtxt, PHTTP_FILTER_URL_MAP pMapInfo)
{
char szAddress[80];
DWORD dwSize = sizeof(szAddress);
if (pCtxt->GetServerVariable("REMOTE_ADDR", szAddress, &dwSize))
{
// Make sure this address is a valid address
BOOL fAllowed;
if ( !ValidateIPAddress(szAddress, &fAllowed ))
{
ISAPITRACE2("[OnUrlMap] Error %d validating address %s\n", GetLastError(), szAddress );
return SF_STATUS_REQ_ERROR;
}

if ( !fAllowed )
{
// This ip address isn't allowed access. Map to information URL
strncpy(pMapInfo->pszPhysicalPath, NO_ACCESS, pMapInfo->cbPathBuff-1);
}
}

return SF_STATUS_REQ_NEXT_NOTIFICATION;
}

// Do not edit the following lines, which are needed by ClassWizard.
#if 0
BEGIN_MESSAGE_MAP(CIPAddressFilter, CHttpFilter)
//{{AFX_MSG_MAP(CIPAddressFilter)
//}}AFX_MSG_MAP
END_MESSAGE_MAP()
#endif // 0

///////////////////////////////////////////////////////////////////////
// If your extension will not use MFC, you'll need this code to make
// sure the extension objects can find the resource handle for the
// module. If you convert your extension to not be dependent on MFC,
// remove the comments arounn the following AfxGetResourceHandle()
// and DllMain() functions, as well as the g_hInstance global.

/****

static HINSTANCE g_hInstance;

HINSTANCE AFXISAPI AfxGetResourceHandle()
{
return g_hInstance;
}

BOOL WINAPI DllMain(HINSTANCE hInst, ULONG ulReason,
LPVOID lpReserved)
{
if (ulReason == DLL_PROCESS_ATTACH)
{
g_hInstance = hInst;
}

return TRUE;
}

****/
...全文
74 回复 打赏 收藏 转发到动态 举报
AI 作业
写回复
用AI写文章
回复
切换为时间正序
请发表友善的回复…
发表回复

65,186

社区成员

发帖
与我相关
我的任务
社区描述
C++ 语言相关问题讨论,技术干货分享,前沿动态等
c++ 技术论坛(原bbs)
社区管理员
  • C++ 语言社区
  • encoderlee
  • paschen
加入社区
  • 近7日
  • 近30日
  • 至今
社区公告
  1. 请不要发布与C++技术无关的贴子
  2. 请不要发布与技术无关的招聘、广告的帖子
  3. 请尽可能的描述清楚你的问题,如果涉及到代码请尽可能的格式化一下

试试用AI创作助手写篇文章吧