mirror of
https://github.com/OpenVPN/openvpn3.git
synced 2024-09-20 12:12:15 +02:00
In HTTP Proxy module (openvpn/transport/client/httpcli.hpp),
generalized ProxyResponseLimit and refactored out into BufferLimit
This commit is contained in:
parent
d231f64715
commit
e99f838467
92
openvpn/buffer/buflimit.hpp
Normal file
92
openvpn/buffer/buflimit.hpp
Normal file
@ -0,0 +1,92 @@
|
||||
// OpenVPN -- An application to securely tunnel IP networks
|
||||
// over a single port, with support for SSL/TLS-based
|
||||
// session authentication and key exchange,
|
||||
// packet encryption, packet authentication, and
|
||||
// packet compression.
|
||||
//
|
||||
// Copyright (C) 2013-2014 OpenVPN Technologies, Inc.
|
||||
//
|
||||
// This program is free software: you can redistribute it and/or modify
|
||||
// it under the terms of the GNU Affero General Public License Version 3
|
||||
// as published by the Free Software Foundation.
|
||||
//
|
||||
// This program is distributed in the hope that it will be useful,
|
||||
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
// GNU Affero General Public License for more details.
|
||||
//
|
||||
// You should have received a copy of the GNU Affero General Public License
|
||||
// along with this program in the COPYING file.
|
||||
// If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
#ifndef OPENVPN_BUFFER_BUFLIMIT_H
|
||||
#define OPENVPN_BUFFER_BUFLIMIT_H
|
||||
|
||||
#include <openvpn/buffer/buffer.hpp>
|
||||
|
||||
namespace openvpn {
|
||||
|
||||
template <typename T>
|
||||
class BufferLimit
|
||||
{
|
||||
public:
|
||||
BufferLimit()
|
||||
{
|
||||
set_max(0, 0);
|
||||
reset();
|
||||
}
|
||||
|
||||
BufferLimit(const T max_lines_arg,
|
||||
const T max_bytes_arg)
|
||||
{
|
||||
set_max(max_lines_arg, max_bytes_arg);
|
||||
reset();
|
||||
}
|
||||
|
||||
void set_max(const T max_lines_arg,
|
||||
const T max_bytes_arg)
|
||||
{
|
||||
max_lines = max_lines_arg;
|
||||
max_bytes = max_bytes_arg;
|
||||
}
|
||||
|
||||
void reset()
|
||||
{
|
||||
n_bytes = n_lines = 0;
|
||||
}
|
||||
|
||||
void add(const Buffer& buf)
|
||||
{
|
||||
T size = (T)buf.size();
|
||||
n_bytes += size;
|
||||
if (max_bytes && n_bytes > max_bytes)
|
||||
bytes_exceeded();
|
||||
if (max_lines)
|
||||
{
|
||||
const unsigned char *p = buf.c_data();
|
||||
while (size--)
|
||||
{
|
||||
const unsigned char c = *p++;
|
||||
if (c == '\n')
|
||||
{
|
||||
++n_lines;
|
||||
if (n_lines > max_lines)
|
||||
lines_exceeded();
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
virtual void bytes_exceeded() = 0;
|
||||
virtual void lines_exceeded() = 0;
|
||||
|
||||
protected:
|
||||
T max_lines;
|
||||
T max_bytes;
|
||||
T n_bytes;
|
||||
T n_lines;
|
||||
};
|
||||
|
||||
}
|
||||
|
||||
#endif
|
@ -40,6 +40,7 @@
|
||||
#include <openvpn/common/number.hpp>
|
||||
#include <openvpn/common/userpass.hpp>
|
||||
#include <openvpn/buffer/bufstr.hpp>
|
||||
#include <openvpn/buffer/buflimit.hpp>
|
||||
#include <openvpn/transport/tcplink.hpp>
|
||||
#include <openvpn/transport/client/transbase.hpp>
|
||||
#include <openvpn/transport/socket_protect.hpp>
|
||||
@ -275,44 +276,17 @@ namespace openvpn {
|
||||
virtual ~Client() { stop_(); }
|
||||
|
||||
private:
|
||||
class ProxyResponseLimit
|
||||
struct ProxyResponseLimit : public BufferLimit<size_t>
|
||||
{
|
||||
public:
|
||||
enum {
|
||||
MaxLines=1024,
|
||||
MaxBytes=65536,
|
||||
};
|
||||
ProxyResponseLimit() : BufferLimit(1024, 65536) {}
|
||||
|
||||
ProxyResponseLimit()
|
||||
{
|
||||
reset();
|
||||
virtual void bytes_exceeded() {
|
||||
OPENVPN_THROW_EXCEPTION("HTTP proxy response too large (> " << max_bytes << " bytes)");
|
||||
}
|
||||
|
||||
void reset()
|
||||
{
|
||||
n_bytes = n_lines = 0;
|
||||
virtual void lines_exceeded() {
|
||||
OPENVPN_THROW_EXCEPTION("HTTP proxy response too large (> " << max_lines << " lines)");
|
||||
}
|
||||
|
||||
void add(const Buffer& buf)
|
||||
{
|
||||
size_t size = buf.size();
|
||||
if ((n_bytes += size) > MaxBytes)
|
||||
OPENVPN_THROW_EXCEPTION("HTTP proxy response too large (> " << MaxBytes << " bytes)");
|
||||
const unsigned char *p = buf.c_data();
|
||||
while (size--)
|
||||
{
|
||||
const unsigned char c = *p++;
|
||||
if (c == '\n')
|
||||
{
|
||||
if (++n_lines > MaxLines)
|
||||
OPENVPN_THROW_EXCEPTION("HTTP proxy response too large (> " << MaxLines << " lines)");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
private:
|
||||
size_t n_bytes;
|
||||
size_t n_lines;
|
||||
};
|
||||
|
||||
Client(boost::asio::io_service& io_service_arg,
|
||||
|
Loading…
Reference in New Issue
Block a user