2019-10-09 20:29:41 +00:00
|
|
|
#include <re2/re2.h>
|
|
|
|
#include <Poco/URI.h>
|
|
|
|
#include <Poco/Util/AbstractConfiguration.h>
|
2020-01-18 20:19:10 +00:00
|
|
|
#include <Formats/FormatFactory.h>
|
|
|
|
#include <Common/RemoteHostFilter.h>
|
2019-10-09 20:29:41 +00:00
|
|
|
#include <Common/StringUtils/StringUtils.h>
|
|
|
|
#include <Common/Exception.h>
|
|
|
|
#include <IO/WriteHelpers.h>
|
|
|
|
|
2020-01-18 20:19:10 +00:00
|
|
|
|
2019-10-09 20:29:41 +00:00
|
|
|
namespace DB
|
|
|
|
{
|
|
|
|
namespace ErrorCodes
|
|
|
|
{
|
|
|
|
extern const int UNACCEPTABLE_URL;
|
|
|
|
}
|
|
|
|
|
2019-10-21 14:36:24 +00:00
|
|
|
void RemoteHostFilter::checkURL(const Poco::URI & uri) const
|
2019-10-09 20:29:41 +00:00
|
|
|
{
|
2019-11-05 12:40:49 +00:00
|
|
|
if (!checkForDirectEntry(uri.getHost()) &&
|
|
|
|
!checkForDirectEntry(uri.getHost() + ":" + toString(uri.getPort())))
|
2019-10-09 20:29:41 +00:00
|
|
|
throw Exception("URL \"" + uri.toString() + "\" is not allowed in config.xml", ErrorCodes::UNACCEPTABLE_URL);
|
|
|
|
}
|
|
|
|
|
2019-10-21 14:36:24 +00:00
|
|
|
void RemoteHostFilter::checkHostAndPort(const std::string & host, const std::string & port) const
|
2019-10-09 20:29:41 +00:00
|
|
|
{
|
2019-11-05 12:40:49 +00:00
|
|
|
if (!checkForDirectEntry(host) &&
|
|
|
|
!checkForDirectEntry(host + ":" + port))
|
2019-10-09 20:29:41 +00:00
|
|
|
throw Exception("URL \"" + host + ":" + port + "\" is not allowed in config.xml", ErrorCodes::UNACCEPTABLE_URL);
|
|
|
|
}
|
|
|
|
|
2019-10-10 12:58:06 +00:00
|
|
|
void RemoteHostFilter::setValuesFromConfig(const Poco::Util::AbstractConfiguration & config)
|
2019-10-09 20:29:41 +00:00
|
|
|
{
|
|
|
|
if (config.has("remote_url_allow_hosts"))
|
|
|
|
{
|
|
|
|
std::vector<std::string> keys;
|
|
|
|
config.keys("remote_url_allow_hosts", keys);
|
2020-03-08 21:18:53 +00:00
|
|
|
for (const auto & key : keys)
|
2019-10-09 20:29:41 +00:00
|
|
|
{
|
|
|
|
if (startsWith(key, "host_regexp"))
|
|
|
|
regexp_hosts.push_back(config.getString("remote_url_allow_hosts." + key));
|
|
|
|
else if (startsWith(key, "host"))
|
|
|
|
primary_hosts.insert(config.getString("remote_url_allow_hosts." + key));
|
|
|
|
}
|
2021-02-04 06:21:05 +00:00
|
|
|
is_allow_by_default = false;
|
2019-10-09 20:29:41 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2019-11-05 12:40:49 +00:00
|
|
|
bool RemoteHostFilter::checkForDirectEntry(const std::string & str) const
|
2019-10-09 20:29:41 +00:00
|
|
|
{
|
|
|
|
if (!primary_hosts.empty() || !regexp_hosts.empty())
|
|
|
|
{
|
2019-11-05 12:40:49 +00:00
|
|
|
if (primary_hosts.find(str) == primary_hosts.end())
|
2019-10-09 20:29:41 +00:00
|
|
|
{
|
2020-03-08 21:18:53 +00:00
|
|
|
for (const auto & regexp : regexp_hosts)
|
|
|
|
if (re2::RE2::FullMatch(str, regexp))
|
2019-10-09 20:29:41 +00:00
|
|
|
return true;
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
return true;
|
|
|
|
}
|
2021-02-04 06:21:05 +00:00
|
|
|
return is_allow_by_default;
|
2019-10-09 20:29:41 +00:00
|
|
|
}
|
2019-10-10 13:53:52 +00:00
|
|
|
}
|