Browse Source

ckdb - add an enabled flag to events_limits

master
kanoi 9 years ago
parent
commit
e0209970e9
  1. 42
      src/ckdb.c
  2. 8
      src/ckdb.h
  3. 48
      src/ckdb_cmd.c
  4. 18
      src/ckdb_dbio.c

42
src/ckdb.c

@ -504,31 +504,31 @@ K_STORE *ovents_store;
* They'll block anyone who makes a mistake 2 or 3 times :) * They'll block anyone who makes a mistake 2 or 3 times :)
* Use optioncontrol OC_LIMITS to set/store them in the database */ * Use optioncontrol OC_LIMITS to set/store them in the database */
EVENT_LIMITS e_limits[] = { EVENT_LIMITS e_limits[] = {
{ EVENTID_PASSFAIL, "PASSFAIL", 60, 1, 2*60, 2, 60, 1, 2*60, 2, 24*60*60 }, { EVENTID_PASSFAIL, "PASSFAIL", true, 60, 1, 2*60, 2, 60, 1, 2*60, 2, 24*60*60 },
// It's only possible to create an address account once, so user_lo/hi can never trigger // It's only possible to create an address account once, so user_lo/hi can never trigger
{ EVENTID_CREADDR, "CREADDR", 60, 1, 2*60, 2, 60, 1, 2*60, 2, 24*60*60 }, { EVENTID_CREADDR, "CREADDR", true, 60, 1, 2*60, 2, 60, 1, 2*60, 2, 24*60*60 },
// It's only possible to create an account once, so user_lo/hi can never trigger // It's only possible to create an account once, so user_lo/hi can never trigger
{ EVENTID_CREACC, "CREACC", 60, 1, 2*60, 2, 60, 1, 2*60, 2, 24*60*60 }, { EVENTID_CREACC, "CREACC", true, 60, 1, 2*60, 2, 60, 1, 2*60, 2, 24*60*60 },
// page_api.php with an invalid username // page_api.php with an invalid username
{ EVENTID_UNKATTS, "UNKATTS", 60, 1, 2*60, 2, 60, 1, 2*60, 2, 24*60*60 }, { EVENTID_UNKATTS, "UNKATTS", true, 60, 1, 2*60, 2, 60, 1, 2*60, 2, 24*60*60 },
// 2fa missing/invalid format // 2fa missing/invalid format
{ EVENTID_INV2FA, "INV2FA", 60, 1, 2*60, 2, 60, 1, 2*60, 2, 24*60*60 }, { EVENTID_INV2FA, "INV2FA", true, 60, 1, 2*60, 2, 60, 1, 2*60, 2, 24*60*60 },
// Wrong 2fa value // Wrong 2fa value
{ EVENTID_WRONG2FA, "WRONG2FA", 60, 1, 2*60, 2, 60, 1, 2*60, 2, 24*60*60 }, { EVENTID_WRONG2FA, "WRONG2FA", true, 60, 1, 2*60, 2, 60, 1, 2*60, 2, 24*60*60 },
// Invalid address according to btcd // Invalid address according to btcd
{ EVENTID_INVBTC, "INVBTC", 60, 1, 2*60, 2, 60, 1, 2*60, 2, 24*60*60 }, { EVENTID_INVBTC, "INVBTC", true, 60, 1, 2*60, 2, 60, 1, 2*60, 2, 24*60*60 },
// Incorrect format/length address // Incorrect format/length address
{ EVENTID_INCBTC, "INCBTC", 60, 1, 2*60, 2, 60, 1, 2*60, 2, 24*60*60 }, { EVENTID_INCBTC, "INCBTC", true, 60, 1, 2*60, 2, 60, 1, 2*60, 2, 24*60*60 },
// Address belongs to some other account // Address belongs to some other account
{ EVENTID_BTCUSED, "BTCUSED", 60, 1, 2*60, 2, 60, 1, 2*60, 2, 24*60*60 }, { EVENTID_BTCUSED, "BTCUSED", true, 60, 1, 2*60, 2, 60, 1, 2*60, 2, 24*60*60 },
// It's only possible to create an account once, so user_lo/hi can never trigger // It's only possible to create an account once, so user_lo/hi can never trigger
{ EVENTID_AUTOACC, "AUTOACC", 60, 1, 2*60, 2, 60, 1, 2*60, 2, 24*60*60 }, { EVENTID_AUTOACC, "AUTOACC", true, 60, 1, 2*60, 2, 60, 1, 2*60, 2, 24*60*60 },
// Invalid user on auth, CKPool will throttle these // Invalid user on auth, CKPool will throttle these
{ EVENTID_INVAUTH, "INVAUTH", 60, 1, 2*60, 2, 60, 1, 2*60, 2, 24*60*60 }, { EVENTID_INVAUTH, "INVAUTH", true, 60, 1, 2*60, 2, 60, 1, 2*60, 2, 24*60*60 },
// Invalid user on chkpass // Invalid user on chkpass
{ EVENTID_INVUSER, "INVUSER", 60, 1, 2*60, 2, 60, 1, 2*60, 2, 24*60*60 }, { EVENTID_INVUSER, "INVUSER", true, 60, 1, 2*60, 2, 60, 1, 2*60, 2, 24*60*60 },
// Terminated by NULL name // Terminated by NULL name
{ -1, NULL, 0, 0, 0, 0, 0, 0, 0, 0, 0 } { -1, NULL, false, 0, 0, 0, 0, 0, 0, 0, 0, 0 }
}; };
// All access to above and below limits requires the event_limits_free lock // All access to above and below limits requires the event_limits_free lock
int event_limits_hash_lifetime = 24*60*60; int event_limits_hash_lifetime = 24*60*60;
@ -538,21 +538,21 @@ int event_limits_hash_lifetime = 24*60*60;
* Use optioncontrol OC_OLIMITS to set/store them in the database */ * Use optioncontrol OC_OLIMITS to set/store them in the database */
EVENT_LIMITS o_limits[] = { EVENT_LIMITS o_limits[] = {
// Homepage valid access - most web access includes Homepage - so this isn't actually counted // Homepage valid access - most web access includes Homepage - so this isn't actually counted
{ OVENTID_HOMEPAGE, "HOMEPAGE", 60, 1, 10*60, 10, 60, 1, 10*60, 10, 24*60*60 }, { OVENTID_HOMEPAGE, "HOMEPAGE", false, 60, 1, 10*60, 10, 60, 1, 10*60, 10, 24*60*60 },
// Blocks valid access // Blocks valid access
{ OVENTID_BLOCKS, "BLOCKS", 60, 1, 10*60, 10, 60, 1, 10*60, 10, 24*60*60 }, { OVENTID_BLOCKS, "BLOCKS", true, 60, 1, 10*60, 10, 60, 1, 10*60, 10, 24*60*60 },
// API valid access // API valid access
{ OVENTID_API, "API", 60, 1, 10*60, 10, 60, 1, 10*60, 10, 24*60*60 }, { OVENTID_API, "API", true, 60, 1, 10*60, 10, 60, 1, 10*60, 10, 24*60*60 },
// Add/Update single payment address // Add/Update single payment address
{ OVENTID_ONEADDR, "ONEADDR", 60, 1, 10*60, 10, 60, 1, 10*60, 10, 24*60*60 }, { OVENTID_ONEADDR, "ONEADDR", true, 60, 1, 10*60, 10, 60, 1, 10*60, 10, 24*60*60 },
// Add/Update multi payment address // Add/Update multi payment address
{ OVENTID_MULTIADDR, "MULTIADDR", 60, 1, 10*60, 10, 60, 1, 10*60, 10, 24*60*60 }, { OVENTID_MULTIADDR, "MULTIADDR", true, 60, 1, 10*60, 10, 60, 1, 10*60, 10, 24*60*60 },
// Workers valid access // Workers valid access
{ OVENTID_WORKERS, "WORKERS", 60, 1, 10*60, 10, 60, 1, 10*60, 10, 24*60*60 }, { OVENTID_WORKERS, "WORKERS", true, 60, 1, 10*60, 10, 60, 1, 10*60, 10, 24*60*60 },
// Other valid access // Other valid access
{ OVENTID_OTHER, "OTHER", 60, 1, 10*60, 10, 60, 1, 10*60, 10, 24*60*60 }, { OVENTID_OTHER, "OTHER", true, 60, 1, 10*60, 10, 60, 1, 10*60, 10, 24*60*60 },
// Terminated by NULL name // Terminated by NULL name
{ -1, NULL, 0, 0, 0, 0, 0, 0, 0, 0, 0 } { -1, NULL, false, 0, 0, 0, 0, 0, 0, 0, 0, 0 }
}; };
// mulitply IP limit by this to get IPC limit // mulitply IP limit by this to get IPC limit

8
src/ckdb.h

@ -51,7 +51,7 @@
#define DB_VLOCK "1" #define DB_VLOCK "1"
#define DB_VERSION "1.0.4" #define DB_VERSION "1.0.4"
#define CKDB_VERSION DB_VERSION"-1.954" #define CKDB_VERSION DB_VERSION"-1.955"
#define WHERE_FFL " - from %s %s() line %d" #define WHERE_FFL " - from %s %s() line %d"
#define WHERE_FFL_HERE __FILE__, __func__, __LINE__ #define WHERE_FFL_HERE __FILE__, __func__, __LINE__
@ -65,10 +65,14 @@
// So they can fit into a 1 byte flag field // So they can fit into a 1 byte flag field
#define TRUE_STR "Y" #define TRUE_STR "Y"
#define TRUE2_STR "T"
#define FALSE_STR "N" #define FALSE_STR "N"
#define FALSE2_STR "F"
#define TRUE_CHR 'Y' #define TRUE_CHR 'Y'
#define TRUE2_CHR 'T'
#define FALSE_CHR 'N' #define FALSE_CHR 'N'
#define FALSE2_CHR 'F'
/* Set by cmd_setopts() and used by whatever code needs it /* Set by cmd_setopts() and used by whatever code needs it
* It's loaded during startup but set to SWITCH_STATE_ALL if it's missing, * It's loaded during startup but set to SWITCH_STATE_ALL if it's missing,
@ -2110,6 +2114,8 @@ typedef struct event_limits {
int id; int id;
// optioncontrol/display name // optioncontrol/display name
char *name; char *name;
// enable/disable event/ovent generation
bool enabled;
int user_low_time; int user_low_time;
// how many in above limit = ok (+1 = alert) // how many in above limit = ok (+1 = alert)
int user_low_time_limit; int user_low_time_limit;

48
src/ckdb_cmd.c

@ -7582,6 +7582,11 @@ static char *cmd_events(__maybe_unused PGconn *conn, char *cmd, char *id,
K_RLOCK(event_limits_free); K_RLOCK(event_limits_free);
i = -1; i = -1;
while (e_limits[++i].name) { while (e_limits[++i].name) {
snprintf(tmp, sizeof(tmp), "%s_enabled=%c%c",
e_limits[i].name,
e_limits[i].enabled ? TRUE_CHR : FALSE_CHR,
FLDSEP);
APPEND_REALLOC(buf, off, len, tmp);
#define EVENTFLD(_fld) do { \ #define EVENTFLD(_fld) do { \
snprintf(tmp, sizeof(tmp), "%s_" #_fld "=%d%c", \ snprintf(tmp, sizeof(tmp), "%s_" #_fld "=%d%c", \
@ -7599,8 +7604,35 @@ static char *cmd_events(__maybe_unused PGconn *conn, char *cmd, char *id,
EVENTFLD(ip_hi_time_limit); EVENTFLD(ip_hi_time_limit);
EVENTFLD(lifetime); EVENTFLD(lifetime);
} }
snprintf(tmp, sizeof(tmp), "event_limits_hash_lifetime=%d", snprintf(tmp, sizeof(tmp), "event_limits_hash_lifetime=%d%c",
event_limits_hash_lifetime); event_limits_hash_lifetime, FLDSEP);
APPEND_REALLOC(buf, off, len, tmp);
i = -1;
while (o_limits[++i].name) {
snprintf(tmp, sizeof(tmp), "%s_enabled=%c%c",
o_limits[i].name,
o_limits[i].enabled ? TRUE_CHR : FALSE_CHR,
FLDSEP);
APPEND_REALLOC(buf, off, len, tmp);
#define OVENTFLD(_fld) do { \
snprintf(tmp, sizeof(tmp), "%s_" #_fld "=%d%c", \
o_limits[i].name, o_limits[i]._fld, FLDSEP); \
APPEND_REALLOC(buf, off, len, tmp); \
} while (0)
OVENTFLD(user_low_time);
OVENTFLD(user_low_time_limit);
OVENTFLD(user_hi_time);
OVENTFLD(user_hi_time_limit);
OVENTFLD(ip_low_time);
OVENTFLD(ip_low_time_limit);
OVENTFLD(ip_hi_time);
OVENTFLD(ip_hi_time_limit);
OVENTFLD(lifetime);
}
snprintf(tmp, sizeof(tmp), "ovent_limits_ipc_factor=%f",
ovent_limits_ipc_factor);
APPEND_REALLOC(buf, off, len, tmp); APPEND_REALLOC(buf, off, len, tmp);
K_RUNLOCK(event_limits_free); K_RUNLOCK(event_limits_free);
} else if (strcasecmp(action, "events") == 0) { } else if (strcasecmp(action, "events") == 0) {
@ -7662,8 +7694,12 @@ static char *cmd_events(__maybe_unused PGconn *conn, char *cmd, char *id,
snprintf(tmp, sizeof(tmp), "ip:%d=%s%c", snprintf(tmp, sizeof(tmp), "ip:%d=%s%c",
rows, ips->ip, FLDSEP); rows, ips->ip, FLDSEP);
APPEND_REALLOC(buf, off, len, tmp); APPEND_REALLOC(buf, off, len, tmp);
snprintf(tmp, sizeof(tmp), "description:%d=%s%c", snprintf(tmp, sizeof(tmp), "eventname:%d=%s%c",
rows, ips->description ? : EMPTY, rows, ips->eventname, FLDSEP);
APPEND_REALLOC(buf, off, len, tmp);
snprintf(tmp, sizeof(tmp), "is_event:%d=%c%c",
rows,
ips->is_event ? TRUE_CHR : FALSE_CHR,
FLDSEP); FLDSEP);
APPEND_REALLOC(buf, off, len, tmp); APPEND_REALLOC(buf, off, len, tmp);
snprintf(tmp, sizeof(tmp), "lifetime:%d=%d%c", snprintf(tmp, sizeof(tmp), "lifetime:%d=%d%c",
@ -7673,6 +7709,10 @@ static char *cmd_events(__maybe_unused PGconn *conn, char *cmd, char *id,
rows, ips->log ? TRUE_CHR : FALSE_CHR, rows, ips->log ? TRUE_CHR : FALSE_CHR,
FLDSEP); FLDSEP);
APPEND_REALLOC(buf, off, len, tmp); APPEND_REALLOC(buf, off, len, tmp);
snprintf(tmp, sizeof(tmp), "description:%d=%s%c",
rows, ips->description ? : EMPTY,
FLDSEP);
APPEND_REALLOC(buf, off, len, tmp);
snprintf(reply, siz, CDTRF":%d=%ld%c", snprintf(reply, siz, CDTRF":%d=%ld%c",
rows++, ips->createdate.tv_sec, rows++, ips->createdate.tv_sec,
FLDSEP); FLDSEP);

18
src/ckdb_dbio.c

@ -2499,6 +2499,12 @@ void oc_event_limits(OPTIONCONTROL *oc, const char *from)
from, __func__, EVENT_OK, from, __func__, EVENT_OK,
oc->optionname); oc->optionname);
} }
} else if (strcmp(ptr2, "enabled") == 0) {
char ch = toupper(oc->optionvalue[0]);
if (ch == TRUE_CHR || ch == TRUE2_CHR)
e_limits[i].enabled = true;
else
e_limits[i].enabled = false;
} else { } else {
LOGERR("%s(%s): ERR: Unknown %s item '%s' " LOGERR("%s(%s): ERR: Unknown %s item '%s' "
"in '%s'", "in '%s'",
@ -2577,6 +2583,12 @@ void oc_ovent_limits(OPTIONCONTROL *oc, const char *from)
from, __func__, OVENT_OK, from, __func__, OVENT_OK,
oc->optionname); oc->optionname);
} }
} else if (strcmp(ptr2, "enabled") == 0) {
char ch = toupper(oc->optionvalue[0]);
if (ch == TRUE_CHR || ch == TRUE2_CHR)
o_limits[i].enabled = true;
else
o_limits[i].enabled = false;
} else { } else {
LOGERR("%s(%s): ERR: Unknown %s item '%s' " LOGERR("%s(%s): ERR: Unknown %s item '%s' "
"in '%s'", "in '%s'",
@ -6419,6 +6431,9 @@ int _events_add(int id, char *by, char *inet, tv_t *cd, K_TREE *trf_root)
LOGDEBUG("%s(): add", __func__); LOGDEBUG("%s(): add", __func__);
if (e_limits[id].enabled == false)
return EVENT_OK;
bzero(&events, sizeof(events)); bzero(&events, sizeof(events));
events.id = id; events.id = id;
events.expirydate.tv_sec = default_expiry.tv_sec; events.expirydate.tv_sec = default_expiry.tv_sec;
@ -6534,6 +6549,9 @@ int _ovents_add(int id, char *by, char *inet, tv_t *cd, K_TREE *trf_root)
LOGDEBUG("%s(): add", __func__); LOGDEBUG("%s(): add", __func__);
if (o_limits[id].enabled == false)
return EVENT_OK;
bzero(&ovents, sizeof(ovents)); bzero(&ovents, sizeof(ovents));
// Default to now if not specified // Default to now if not specified

Loading…
Cancel
Save