From e0209970e983a1c385a4ced5e9a01f6edc82a14f Mon Sep 17 00:00:00 2001 From: kanoi Date: Sat, 20 Feb 2016 21:30:00 +1100 Subject: [PATCH] ckdb - add an enabled flag to events_limits --- src/ckdb.c | 42 +++++++++++++++++++++--------------------- src/ckdb.h | 8 +++++++- src/ckdb_cmd.c | 48 ++++++++++++++++++++++++++++++++++++++++++++---- src/ckdb_dbio.c | 18 ++++++++++++++++++ 4 files changed, 90 insertions(+), 26 deletions(-) diff --git a/src/ckdb.c b/src/ckdb.c index 2ee050bd..30f423a4 100644 --- a/src/ckdb.c +++ b/src/ckdb.c @@ -504,31 +504,31 @@ K_STORE *ovents_store; * They'll block anyone who makes a mistake 2 or 3 times :) * Use optioncontrol OC_LIMITS to set/store them in the database */ EVENT_LIMITS e_limits[] = { - { EVENTID_PASSFAIL, "PASSFAIL", 60, 1, 2*60, 2, 60, 1, 2*60, 2, 24*60*60 }, + { EVENTID_PASSFAIL, "PASSFAIL", true, 60, 1, 2*60, 2, 60, 1, 2*60, 2, 24*60*60 }, // It's only possible to create an address account once, so user_lo/hi can never trigger - { EVENTID_CREADDR, "CREADDR", 60, 1, 2*60, 2, 60, 1, 2*60, 2, 24*60*60 }, + { EVENTID_CREADDR, "CREADDR", true, 60, 1, 2*60, 2, 60, 1, 2*60, 2, 24*60*60 }, // It's only possible to create an account once, so user_lo/hi can never trigger - { EVENTID_CREACC, "CREACC", 60, 1, 2*60, 2, 60, 1, 2*60, 2, 24*60*60 }, + { EVENTID_CREACC, "CREACC", true, 60, 1, 2*60, 2, 60, 1, 2*60, 2, 24*60*60 }, // page_api.php with an invalid username - { EVENTID_UNKATTS, "UNKATTS", 60, 1, 2*60, 2, 60, 1, 2*60, 2, 24*60*60 }, + { EVENTID_UNKATTS, "UNKATTS", true, 60, 1, 2*60, 2, 60, 1, 2*60, 2, 24*60*60 }, // 2fa missing/invalid format - { EVENTID_INV2FA, "INV2FA", 60, 1, 2*60, 2, 60, 1, 2*60, 2, 24*60*60 }, + { EVENTID_INV2FA, "INV2FA", true, 60, 1, 2*60, 2, 60, 1, 2*60, 2, 24*60*60 }, // Wrong 2fa value - { EVENTID_WRONG2FA, "WRONG2FA", 60, 1, 2*60, 2, 60, 1, 2*60, 2, 24*60*60 }, + { EVENTID_WRONG2FA, "WRONG2FA", true, 60, 1, 2*60, 2, 60, 1, 2*60, 2, 24*60*60 }, // Invalid address according to btcd - { EVENTID_INVBTC, "INVBTC", 60, 1, 2*60, 2, 60, 1, 2*60, 2, 24*60*60 }, + { EVENTID_INVBTC, "INVBTC", true, 60, 1, 2*60, 2, 60, 1, 2*60, 2, 24*60*60 }, // Incorrect format/length address - { EVENTID_INCBTC, "INCBTC", 60, 1, 2*60, 2, 60, 1, 2*60, 2, 24*60*60 }, + { EVENTID_INCBTC, "INCBTC", true, 60, 1, 2*60, 2, 60, 1, 2*60, 2, 24*60*60 }, // Address belongs to some other account - { EVENTID_BTCUSED, "BTCUSED", 60, 1, 2*60, 2, 60, 1, 2*60, 2, 24*60*60 }, + { EVENTID_BTCUSED, "BTCUSED", true, 60, 1, 2*60, 2, 60, 1, 2*60, 2, 24*60*60 }, // It's only possible to create an account once, so user_lo/hi can never trigger - { EVENTID_AUTOACC, "AUTOACC", 60, 1, 2*60, 2, 60, 1, 2*60, 2, 24*60*60 }, + { EVENTID_AUTOACC, "AUTOACC", true, 60, 1, 2*60, 2, 60, 1, 2*60, 2, 24*60*60 }, // Invalid user on auth, CKPool will throttle these - { EVENTID_INVAUTH, "INVAUTH", 60, 1, 2*60, 2, 60, 1, 2*60, 2, 24*60*60 }, + { EVENTID_INVAUTH, "INVAUTH", true, 60, 1, 2*60, 2, 60, 1, 2*60, 2, 24*60*60 }, // Invalid user on chkpass - { EVENTID_INVUSER, "INVUSER", 60, 1, 2*60, 2, 60, 1, 2*60, 2, 24*60*60 }, + { EVENTID_INVUSER, "INVUSER", true, 60, 1, 2*60, 2, 60, 1, 2*60, 2, 24*60*60 }, // Terminated by NULL name - { -1, NULL, 0, 0, 0, 0, 0, 0, 0, 0, 0 } + { -1, NULL, false, 0, 0, 0, 0, 0, 0, 0, 0, 0 } }; // All access to above and below limits requires the event_limits_free lock int event_limits_hash_lifetime = 24*60*60; @@ -538,21 +538,21 @@ int event_limits_hash_lifetime = 24*60*60; * Use optioncontrol OC_OLIMITS to set/store them in the database */ EVENT_LIMITS o_limits[] = { // Homepage valid access - most web access includes Homepage - so this isn't actually counted -{ OVENTID_HOMEPAGE, "HOMEPAGE", 60, 1, 10*60, 10, 60, 1, 10*60, 10, 24*60*60 }, +{ OVENTID_HOMEPAGE, "HOMEPAGE", false, 60, 1, 10*60, 10, 60, 1, 10*60, 10, 24*60*60 }, // Blocks valid access -{ OVENTID_BLOCKS, "BLOCKS", 60, 1, 10*60, 10, 60, 1, 10*60, 10, 24*60*60 }, +{ OVENTID_BLOCKS, "BLOCKS", true, 60, 1, 10*60, 10, 60, 1, 10*60, 10, 24*60*60 }, // API valid access -{ OVENTID_API, "API", 60, 1, 10*60, 10, 60, 1, 10*60, 10, 24*60*60 }, +{ OVENTID_API, "API", true, 60, 1, 10*60, 10, 60, 1, 10*60, 10, 24*60*60 }, // Add/Update single payment address -{ OVENTID_ONEADDR, "ONEADDR", 60, 1, 10*60, 10, 60, 1, 10*60, 10, 24*60*60 }, +{ OVENTID_ONEADDR, "ONEADDR", true, 60, 1, 10*60, 10, 60, 1, 10*60, 10, 24*60*60 }, // Add/Update multi payment address -{ OVENTID_MULTIADDR, "MULTIADDR", 60, 1, 10*60, 10, 60, 1, 10*60, 10, 24*60*60 }, +{ OVENTID_MULTIADDR, "MULTIADDR", true, 60, 1, 10*60, 10, 60, 1, 10*60, 10, 24*60*60 }, // Workers valid access -{ OVENTID_WORKERS, "WORKERS", 60, 1, 10*60, 10, 60, 1, 10*60, 10, 24*60*60 }, +{ OVENTID_WORKERS, "WORKERS", true, 60, 1, 10*60, 10, 60, 1, 10*60, 10, 24*60*60 }, // Other valid access -{ OVENTID_OTHER, "OTHER", 60, 1, 10*60, 10, 60, 1, 10*60, 10, 24*60*60 }, +{ OVENTID_OTHER, "OTHER", true, 60, 1, 10*60, 10, 60, 1, 10*60, 10, 24*60*60 }, // Terminated by NULL name - { -1, NULL, 0, 0, 0, 0, 0, 0, 0, 0, 0 } + { -1, NULL, false, 0, 0, 0, 0, 0, 0, 0, 0, 0 } }; // mulitply IP limit by this to get IPC limit diff --git a/src/ckdb.h b/src/ckdb.h index bd3a27cb..f6d204cc 100644 --- a/src/ckdb.h +++ b/src/ckdb.h @@ -51,7 +51,7 @@ #define DB_VLOCK "1" #define DB_VERSION "1.0.4" -#define CKDB_VERSION DB_VERSION"-1.954" +#define CKDB_VERSION DB_VERSION"-1.955" #define WHERE_FFL " - from %s %s() line %d" #define WHERE_FFL_HERE __FILE__, __func__, __LINE__ @@ -65,10 +65,14 @@ // So they can fit into a 1 byte flag field #define TRUE_STR "Y" +#define TRUE2_STR "T" #define FALSE_STR "N" +#define FALSE2_STR "F" #define TRUE_CHR 'Y' +#define TRUE2_CHR 'T' #define FALSE_CHR 'N' +#define FALSE2_CHR 'F' /* Set by cmd_setopts() and used by whatever code needs it * It's loaded during startup but set to SWITCH_STATE_ALL if it's missing, @@ -2110,6 +2114,8 @@ typedef struct event_limits { int id; // optioncontrol/display name char *name; + // enable/disable event/ovent generation + bool enabled; int user_low_time; // how many in above limit = ok (+1 = alert) int user_low_time_limit; diff --git a/src/ckdb_cmd.c b/src/ckdb_cmd.c index 1dc377aa..3c73342c 100644 --- a/src/ckdb_cmd.c +++ b/src/ckdb_cmd.c @@ -7582,6 +7582,11 @@ static char *cmd_events(__maybe_unused PGconn *conn, char *cmd, char *id, K_RLOCK(event_limits_free); i = -1; while (e_limits[++i].name) { + snprintf(tmp, sizeof(tmp), "%s_enabled=%c%c", + e_limits[i].name, + e_limits[i].enabled ? TRUE_CHR : FALSE_CHR, + FLDSEP); + APPEND_REALLOC(buf, off, len, tmp); #define EVENTFLD(_fld) do { \ snprintf(tmp, sizeof(tmp), "%s_" #_fld "=%d%c", \ @@ -7599,8 +7604,35 @@ static char *cmd_events(__maybe_unused PGconn *conn, char *cmd, char *id, EVENTFLD(ip_hi_time_limit); EVENTFLD(lifetime); } - snprintf(tmp, sizeof(tmp), "event_limits_hash_lifetime=%d", - event_limits_hash_lifetime); + snprintf(tmp, sizeof(tmp), "event_limits_hash_lifetime=%d%c", + event_limits_hash_lifetime, FLDSEP); + APPEND_REALLOC(buf, off, len, tmp); + i = -1; + while (o_limits[++i].name) { + snprintf(tmp, sizeof(tmp), "%s_enabled=%c%c", + o_limits[i].name, + o_limits[i].enabled ? TRUE_CHR : FALSE_CHR, + FLDSEP); + APPEND_REALLOC(buf, off, len, tmp); + +#define OVENTFLD(_fld) do { \ + snprintf(tmp, sizeof(tmp), "%s_" #_fld "=%d%c", \ + o_limits[i].name, o_limits[i]._fld, FLDSEP); \ + APPEND_REALLOC(buf, off, len, tmp); \ + } while (0) + + OVENTFLD(user_low_time); + OVENTFLD(user_low_time_limit); + OVENTFLD(user_hi_time); + OVENTFLD(user_hi_time_limit); + OVENTFLD(ip_low_time); + OVENTFLD(ip_low_time_limit); + OVENTFLD(ip_hi_time); + OVENTFLD(ip_hi_time_limit); + OVENTFLD(lifetime); + } + snprintf(tmp, sizeof(tmp), "ovent_limits_ipc_factor=%f", + ovent_limits_ipc_factor); APPEND_REALLOC(buf, off, len, tmp); K_RUNLOCK(event_limits_free); } else if (strcasecmp(action, "events") == 0) { @@ -7662,8 +7694,12 @@ static char *cmd_events(__maybe_unused PGconn *conn, char *cmd, char *id, snprintf(tmp, sizeof(tmp), "ip:%d=%s%c", rows, ips->ip, FLDSEP); APPEND_REALLOC(buf, off, len, tmp); - snprintf(tmp, sizeof(tmp), "description:%d=%s%c", - rows, ips->description ? : EMPTY, + snprintf(tmp, sizeof(tmp), "eventname:%d=%s%c", + rows, ips->eventname, FLDSEP); + APPEND_REALLOC(buf, off, len, tmp); + snprintf(tmp, sizeof(tmp), "is_event:%d=%c%c", + rows, + ips->is_event ? TRUE_CHR : FALSE_CHR, FLDSEP); APPEND_REALLOC(buf, off, len, tmp); snprintf(tmp, sizeof(tmp), "lifetime:%d=%d%c", @@ -7673,6 +7709,10 @@ static char *cmd_events(__maybe_unused PGconn *conn, char *cmd, char *id, rows, ips->log ? TRUE_CHR : FALSE_CHR, FLDSEP); APPEND_REALLOC(buf, off, len, tmp); + snprintf(tmp, sizeof(tmp), "description:%d=%s%c", + rows, ips->description ? : EMPTY, + FLDSEP); + APPEND_REALLOC(buf, off, len, tmp); snprintf(reply, siz, CDTRF":%d=%ld%c", rows++, ips->createdate.tv_sec, FLDSEP); diff --git a/src/ckdb_dbio.c b/src/ckdb_dbio.c index 77286392..69627653 100644 --- a/src/ckdb_dbio.c +++ b/src/ckdb_dbio.c @@ -2499,6 +2499,12 @@ void oc_event_limits(OPTIONCONTROL *oc, const char *from) from, __func__, EVENT_OK, oc->optionname); } + } else if (strcmp(ptr2, "enabled") == 0) { + char ch = toupper(oc->optionvalue[0]); + if (ch == TRUE_CHR || ch == TRUE2_CHR) + e_limits[i].enabled = true; + else + e_limits[i].enabled = false; } else { LOGERR("%s(%s): ERR: Unknown %s item '%s' " "in '%s'", @@ -2577,6 +2583,12 @@ void oc_ovent_limits(OPTIONCONTROL *oc, const char *from) from, __func__, OVENT_OK, oc->optionname); } + } else if (strcmp(ptr2, "enabled") == 0) { + char ch = toupper(oc->optionvalue[0]); + if (ch == TRUE_CHR || ch == TRUE2_CHR) + o_limits[i].enabled = true; + else + o_limits[i].enabled = false; } else { LOGERR("%s(%s): ERR: Unknown %s item '%s' " "in '%s'", @@ -6419,6 +6431,9 @@ int _events_add(int id, char *by, char *inet, tv_t *cd, K_TREE *trf_root) LOGDEBUG("%s(): add", __func__); + if (e_limits[id].enabled == false) + return EVENT_OK; + bzero(&events, sizeof(events)); events.id = id; events.expirydate.tv_sec = default_expiry.tv_sec; @@ -6534,6 +6549,9 @@ int _ovents_add(int id, char *by, char *inet, tv_t *cd, K_TREE *trf_root) LOGDEBUG("%s(): add", __func__); + if (o_limits[id].enabled == false) + return EVENT_OK; + bzero(&ovents, sizeof(ovents)); // Default to now if not specified