XRootD
Loading...
Searching...
No Matches
XrdOucUtils.cc File Reference
#include <cctype>
#include <grp.h>
#include <cstdio>
#include <list>
#include <vector>
#include <unordered_set>
#include <algorithm>
#include <regex.h>
#include <fcntl.h>
#include <math.h>
#include <pwd.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <map>
#include "XrdNet/XrdNetUtils.hh"
#include "XrdOuc/XrdOucCRC.hh"
#include "XrdOuc/XrdOucEnv.hh"
#include "XrdOuc/XrdOucSHA3.hh"
#include "XrdOuc/XrdOucStream.hh"
#include "XrdOuc/XrdOucString.hh"
#include "XrdOuc/XrdOucUtils.hh"
#include "XrdOuc/XrdOucPrivateUtils.hh"
#include "XrdSys/XrdSysE2T.hh"
#include "XrdSys/XrdSysError.hh"
#include "XrdSys/XrdSysPlatform.hh"
#include "XrdSys/XrdSysPthread.hh"
Include dependency graph for XrdOucUtils.cc:

Go to the source code of this file.

Macros

#define ENODATA   ENOATTR
#define SHFT(k)
#define SHFT(k, m)

Functions

static bool is_token_character (int c)
std::string obfuscateAuth (const std::string &input)

Macro Definition Documentation

◆ ENODATA

#define ENODATA   ENOATTR

Definition at line 66 of file XrdOucUtils.cc.

◆ SHFT [1/2]

#define SHFT ( k)
Value:
if (n >= (1ULL << k)) { i += k; n >>= k; }

Referenced by XrdOucUtils::Log10(), and XrdOucUtils::Log2().

◆ SHFT [2/2]

#define SHFT ( k,
m )
Value:
if (n >= m) { i += k; n /= m; }

Function Documentation

◆ is_token_character()

bool is_token_character ( int c)
static

Returns a boolean indicating whether 'c' is a valid token character or not. See https://datatracker.ietf.org/doc/html/rfc6750#section-2.1 for details.

Definition at line 1512 of file XrdOucUtils.cc.

1513{
1514 if (isalnum(c))
1515 return true;
1516
1517 static constexpr char token_chars[] = "-._~+/=:%";
1518
1519 for (char ch : token_chars)
1520 if (c == ch)
1521 return true;
1522
1523 return false;
1524}

Referenced by obfuscateAuth().

Here is the caller graph for this function:

◆ obfuscateAuth()

std::string obfuscateAuth ( const std::string & input)

This function obfuscates away authz= cgi elements and/or HTTP authorization headers from URL or other log line strings which might contain them.

Parameters
inputthe string to obfuscate
Returns
the string with token values obfuscated

Definition at line 1534 of file XrdOucUtils.cc.

1535{
1536 static const regex_t auth_regex = []() {
1537 constexpr char re[] =
1538 "(authz=|(transferheader)?(www-|proxy-)?auth(orization|enticate)[[:space:]]*:[[:space:]]*)"
1539 "(Bearer([[:space:]]|%20)?(token([[:space:]]|%20)?)?)?";
1540
1541 regex_t regex;
1542
1543 if (regcomp(&regex, re, REG_EXTENDED | REG_ICASE) != 0)
1544 throw std::runtime_error("Failed to compile regular expression");
1545
1546 return regex;
1547 }();
1548
1549 regmatch_t match;
1550 size_t offset = 0;
1551 std::string redacted;
1552 const char *const text = input.c_str();
1553
1554 while (regexec(&auth_regex, text + offset, 1, &match, 0) == 0) {
1555 redacted.append(text + offset, match.rm_eo).append("REDACTED");
1556
1557 offset += match.rm_eo;
1558
1559 while (offset < input.size() && is_token_character(input[offset]))
1560 ++offset;
1561 }
1562
1563 return redacted.append(text + offset);
1564}
is_token_character
static bool is_token_character(int c)
Definition XrdOucUtils.cc:1512

References is_token_character().

Referenced by XrdPfc::Cache::Attach(), XrdPosixXrootd::Close(), XrdPosixFile::DelayedDestroy(), XrdPosixFile::DelayedDestroy(), XrdPosixPrepIO::Disable(), XrdCl::URL::FromString(), XrdPssCks::Get(), XrdCl::URL::GetObfuscatedURL(), XrdCl::Utils::LogPropertyList(), main(), XrdPssSys::Mkdir(), XrdPssFile::Open(), XrdPssDir::Opendir(), XrdHttpProtocol::Process(), XrdHttpReq::ProcessHTTPReq(), XrdHttpReq::Redir(), XrdPssSys::Remdir(), XrdPssSys::Rename(), XrdCl::Message::SetDescription(), XrdPssSys::Stat(), XrdPssSys::Truncate(), and XrdPssSys::Unlink().

Here is the call graph for this function:
Here is the caller graph for this function: