XRootD
Macros | Functions
XrdOucUtils.cc File Reference
#include <cctype>
#include <grp.h>
#include <cstdio>
#include <list>
#include <vector>
#include <unordered_set>
#include <algorithm>
#include <regex.h>
#include <fcntl.h>
#include <math.h>
#include <pwd.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <map>
#include "XrdNet/XrdNetUtils.hh"
#include "XrdOuc/XrdOucCRC.hh"
#include "XrdOuc/XrdOucEnv.hh"
#include "XrdOuc/XrdOucSHA3.hh"
#include "XrdOuc/XrdOucStream.hh"
#include "XrdOuc/XrdOucString.hh"
#include "XrdOuc/XrdOucUtils.hh"
#include "XrdOuc/XrdOucPrivateUtils.hh"
#include "XrdSys/XrdSysE2T.hh"
#include "XrdSys/XrdSysError.hh"
#include "XrdSys/XrdSysPlatform.hh"
#include "XrdSys/XrdSysPthread.hh"
+ Include dependency graph for XrdOucUtils.cc:

Go to the source code of this file.

Macros

#define ENODATA   ENOATTR
 
#define SHFT(k)   if (n >= (1ULL << k)) { i += k; n >>= k; }
 
#define SHFT(k, m)   if (n >= m) { i += k; n /= m; }
 

Functions

static bool is_token_character (int c)
 
std::string obfuscateAuth (const std::string &input)
 

Macro Definition Documentation

◆ ENODATA

#define ENODATA   ENOATTR

Definition at line 66 of file XrdOucUtils.cc.

◆ SHFT [1/2]

#define SHFT (   k)    if (n >= (1ULL << k)) { i += k; n >>= k; }

◆ SHFT [2/2]

#define SHFT (   k,
 
)    if (n >= m) { i += k; n /= m; }

Function Documentation

◆ is_token_character()

static bool is_token_character ( int  c)
static

Returns a boolean indicating whether 'c' is a valid token character or not. See https://datatracker.ietf.org/doc/html/rfc6750#section-2.1 for details.

Definition at line 1512 of file XrdOucUtils.cc.

1513 {
1514  if (isalnum(c))
1515  return true;
1516 
1517  static constexpr char token_chars[] = "-._~+/=:%";
1518 
1519  for (char ch : token_chars)
1520  if (c == ch)
1521  return true;
1522 
1523  return false;
1524 }

Referenced by obfuscateAuth().

+ Here is the caller graph for this function:

◆ obfuscateAuth()

std::string obfuscateAuth ( const std::string &  input)

This function obfuscates away authz= cgi elements and/or HTTP authorization headers from URL or other log line strings which might contain them.

Parameters
inputthe string to obfuscate
Returns
the string with token values obfuscated

Definition at line 1534 of file XrdOucUtils.cc.

1535 {
1536  static const regex_t auth_regex = []() {
1537  constexpr char re[] =
1538  "(authz=|(transferheader)?(www-|proxy-)?auth(orization|enticate)[[:space:]]*:[[:space:]]*)"
1539  "(Bearer([[:space:]]|%20)?(token([[:space:]]|%20)?)?)?";
1540 
1541  regex_t regex;
1542 
1543  if (regcomp(&regex, re, REG_EXTENDED | REG_ICASE) != 0)
1544  throw std::runtime_error("Failed to compile regular expression");
1545 
1546  return regex;
1547  }();
1548 
1549  regmatch_t match;
1550  size_t offset = 0;
1551  std::string redacted;
1552  const char *const text = input.c_str();
1553 
1554  while (regexec(&auth_regex, text + offset, 1, &match, 0) == 0) {
1555  redacted.append(text + offset, match.rm_eo).append("REDACTED");
1556 
1557  offset += match.rm_eo;
1558 
1559  while (offset < input.size() && is_token_character(input[offset]))
1560  ++offset;
1561  }
1562 
1563  return redacted.append(text + offset);
1564 }
is_token_character
static bool is_token_character(int c)
Definition: XrdOucUtils.cc:1512

References is_token_character().

Referenced by XrdPfc::Cache::Attach(), XrdPosixXrootd::Close(), XrdPosixFile::DelayedDestroy(), XrdPosixPrepIO::Disable(), XrdCl::URL::FromString(), XrdPssCks::Get(), XrdCl::URL::GetObfuscatedURL(), XrdCl::Utils::LogPropertyList(), main(), XrdPssSys::Mkdir(), XrdPssFile::Open(), XrdPssDir::Opendir(), XrdHttpProtocol::Process(), XrdHttpReq::ProcessHTTPReq(), XrdHttpReq::Redir(), XrdPssSys::Remdir(), XrdPssSys::Rename(), XrdCl::Message::SetDescription(), XrdPssSys::Stat(), XrdPssSys::Truncate(), and XrdPssSys::Unlink().

+ Here is the call graph for this function:
+ Here is the caller graph for this function: