XRootD
XrdOucUtils.cc File Reference
#include <cctype>
#include <grp.h>
#include <cstdio>
#include <list>
#include <vector>
#include <unordered_set>
#include <algorithm>
#include <regex.h>
#include <fcntl.h>
#include <pwd.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <map>
#include "XrdNet/XrdNetUtils.hh"
#include "XrdOuc/XrdOucCRC.hh"
#include "XrdOuc/XrdOucEnv.hh"
#include "XrdOuc/XrdOucSHA3.hh"
#include "XrdOuc/XrdOucStream.hh"
#include "XrdOuc/XrdOucString.hh"
#include "XrdOuc/XrdOucUtils.hh"
#include "XrdOuc/XrdOucPrivateUtils.hh"
#include "XrdSys/XrdSysE2T.hh"
#include "XrdSys/XrdSysError.hh"
#include "XrdSys/XrdSysPlatform.hh"
#include "XrdSys/XrdSysPthread.hh"
+ Include dependency graph for XrdOucUtils.cc:

Go to the source code of this file.

Macros

#define ENODATA   ENOATTR
 
#define SHFT(k)   if (n >= (1ULL << k)) { i += k; n >>= k; }
 
#define SHFT(k, m)   if (n >= m) { i += k; n /= m; }
 

Functions

static bool is_token_character (int c)
 
std::string obfuscateAuth (const std::string &input)
 

Macro Definition Documentation

◆ ENODATA

#define ENODATA   ENOATTR

Definition at line 65 of file XrdOucUtils.cc.

◆ SHFT [1/2]

#define SHFT (   k)    if (n >= (1ULL << k)) { i += k; n >>= k; }

◆ SHFT [2/2]

#define SHFT (   k,
 
)    if (n >= m) { i += k; n /= m; }

Function Documentation

◆ is_token_character()

static bool is_token_character ( int  c)
static

Returns a boolean indicating whether 'c' is a valid token character or not. See https://datatracker.ietf.org/doc/html/rfc6750#section-2.1 for details.

Definition at line 1425 of file XrdOucUtils.cc.

1426 {
1427  if (isalnum(c))
1428  return true;
1429 
1430  static constexpr char token_chars[] = "-._~+/=:";
1431 
1432  for (char ch : token_chars)
1433  if (c == ch)
1434  return true;
1435 
1436  return false;
1437 }

Referenced by obfuscateAuth().

+ Here is the caller graph for this function:

◆ obfuscateAuth()

std::string obfuscateAuth ( const std::string &  input)

This function obfuscates away authz= cgi elements and/or HTTP authorization headers from URL or other log line strings which might contain them.

Parameters
inputthe string to obfuscate
Returns
the string with token values obfuscated

Definition at line 1447 of file XrdOucUtils.cc.

1448 {
1449  static const regex_t auth_regex = []() {
1450  constexpr char re[] =
1451  "(access_token=|authz=|(transferheader)?(www-|proxy-)?auth(orization|enticate)[[:space:]]*:[[:space:]]*)"
1452  "(Bearer([[:space:]]|%20)?(token([[:space:]]|%20)?)?)?";
1453 
1454  regex_t regex;
1455 
1456  if (regcomp(&regex, re, REG_EXTENDED | REG_ICASE) != 0)
1457  throw std::runtime_error("Failed to compile regular expression");
1458 
1459  return regex;
1460  }();
1461 
1462  regmatch_t match;
1463  size_t offset = 0;
1464  std::string redacted;
1465  const char *const text = input.c_str();
1466 
1467  while (regexec(&auth_regex, text + offset, 1, &match, 0) == 0) {
1468  redacted.append(text + offset, match.rm_eo).append("REDACTED");
1469 
1470  offset += match.rm_eo;
1471 
1472  while (offset < input.size() && is_token_character(input[offset]))
1473  ++offset;
1474  }
1475 
1476  return redacted.append(text + offset);
1477 }
static bool is_token_character(int c)

References is_token_character().

Referenced by XrdPfc::Cache::Attach(), XrdPosixXrootd::Close(), XrdPosixFile::DelayedDestroy(), XrdPosixPrepIO::Disable(), XrdCl::URL::FromString(), XrdPssCks::Get(), XrdCl::URL::GetObfuscatedURL(), XrdCl::Utils::LogPropertyList(), main(), XrdPssSys::Mkdir(), XrdPssFile::Open(), XrdPssDir::Opendir(), XrdHttpProtocol::Process(), XrdHttpReq::ProcessHTTPReq(), XrdHttpReq::Redir(), XrdPssSys::Remdir(), XrdPssSys::Rename(), XrdCl::Message::SetDescription(), XrdPssSys::Stat(), XrdPssSys::Truncate(), and XrdPssSys::Unlink().

+ Here is the call graph for this function:
+ Here is the caller graph for this function: