XRootD
Macros | Functions
XrdOucUtils.cc File Reference
#include <cctype>
#include <grp.h>
#include <cstdio>
#include <list>
#include <vector>
#include <unordered_set>
#include <algorithm>
#include <regex.h>
#include <fcntl.h>
#include <math.h>
#include <pwd.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <map>
#include "XrdNet/XrdNetUtils.hh"
#include "XrdOuc/XrdOucCRC.hh"
#include "XrdOuc/XrdOucEnv.hh"
#include "XrdOuc/XrdOucSHA3.hh"
#include "XrdOuc/XrdOucStream.hh"
#include "XrdOuc/XrdOucString.hh"
#include "XrdOuc/XrdOucUtils.hh"
#include "XrdOuc/XrdOucPrivateUtils.hh"
#include "XrdSys/XrdSysE2T.hh"
#include "XrdSys/XrdSysError.hh"
#include "XrdSys/XrdSysPlatform.hh"
#include "XrdSys/XrdSysPthread.hh"
+ Include dependency graph for XrdOucUtils.cc:

Go to the source code of this file.

Macros

#define ENODATA   ENOATTR
 
#define SHFT(k)   if (n >= (1ULL << k)) { i += k; n >>= k; }
 
#define SHFT(k, m)   if (n >= m) { i += k; n /= m; }
 

Functions

static bool is_token_character (int c)
 
std::string obfuscateAuth (const std::string &input)
 

Macro Definition Documentation

◆ ENODATA

#define ENODATA   ENOATTR

Definition at line 66 of file XrdOucUtils.cc.

◆ SHFT [1/2]

#define SHFT (   k)    if (n >= (1ULL << k)) { i += k; n >>= k; }

◆ SHFT [2/2]

#define SHFT (   k,
 
)    if (n >= m) { i += k; n /= m; }

Function Documentation

◆ is_token_character()

static bool is_token_character ( int  c)
static

Returns a boolean indicating whether 'c' is a valid token character or not. See https://datatracker.ietf.org/doc/html/rfc6750#section-2.1 for details.

Definition at line 1467 of file XrdOucUtils.cc.

1468 {
1469  if (isalnum(c))
1470  return true;
1471 
1472  static constexpr char token_chars[] = "-._~+/=:%";
1473 
1474  for (char ch : token_chars)
1475  if (c == ch)
1476  return true;
1477 
1478  return false;
1479 }

Referenced by obfuscateAuth().

+ Here is the caller graph for this function:

◆ obfuscateAuth()

std::string obfuscateAuth ( const std::string &  input)

This function obfuscates away authz= cgi elements and/or HTTP authorization headers from URL or other log line strings which might contain them.

Parameters
inputthe string to obfuscate
Returns
the string with token values obfuscated

Definition at line 1489 of file XrdOucUtils.cc.

1490 {
1491  static const regex_t auth_regex = []() {
1492  constexpr char re[] =
1493  "(authz=|(transferheader)?(www-|proxy-)?auth(orization|enticate)[[:space:]]*:[[:space:]]*)"
1494  "(Bearer([[:space:]]|%20)?(token([[:space:]]|%20)?)?)?";
1495 
1496  regex_t regex;
1497 
1498  if (regcomp(&regex, re, REG_EXTENDED | REG_ICASE) != 0)
1499  throw std::runtime_error("Failed to compile regular expression");
1500 
1501  return regex;
1502  }();
1503 
1504  regmatch_t match;
1505  size_t offset = 0;
1506  std::string redacted;
1507  const char *const text = input.c_str();
1508 
1509  while (regexec(&auth_regex, text + offset, 1, &match, 0) == 0) {
1510  redacted.append(text + offset, match.rm_eo).append("REDACTED");
1511 
1512  offset += match.rm_eo;
1513 
1514  while (offset < input.size() && is_token_character(input[offset]))
1515  ++offset;
1516  }
1517 
1518  return redacted.append(text + offset);
1519 }
is_token_character
static bool is_token_character(int c)
Definition: XrdOucUtils.cc:1467

References is_token_character().

Referenced by XrdPfc::Cache::Attach(), XrdPosixXrootd::Close(), XrdPosixFile::DelayedDestroy(), XrdPosixPrepIO::Disable(), XrdCl::URL::FromString(), XrdPssCks::Get(), XrdCl::URL::GetObfuscatedURL(), XrdCl::Utils::LogPropertyList(), main(), XrdPssSys::Mkdir(), XrdPssFile::Open(), XrdPssDir::Opendir(), XrdHttpProtocol::Process(), XrdHttpReq::ProcessHTTPReq(), XrdHttpReq::Redir(), XrdPssSys::Remdir(), XrdPssSys::Rename(), XrdCl::Message::SetDescription(), XrdPssSys::Stat(), XrdPssSys::Truncate(), and XrdPssSys::Unlink().

+ Here is the call graph for this function:
+ Here is the caller graph for this function: