Clio  develop
The XRP Ledger API server.
Loading...
Searching...
No Matches
WhitelistHandler.hpp
1//------------------------------------------------------------------------------
2/*
3 This file is part of clio: https://github.com/XRPLF/clio
4 Copyright (c) 2023, the clio developers.
5
6 Permission to use, copy, modify, and distribute this software for any
7 purpose with or without fee is hereby granted, provided that the above
8 copyright notice and this permission notice appear in all copies.
9
10 THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11 WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12 MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13 ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17*/
18//==============================================================================
19
20#pragma once
21
22#include "util/config/ArrayView.hpp"
23#include "util/config/ConfigDefinition.hpp"
24#include "util/config/ValueView.hpp"
25#include "web/Resolver.hpp"
26#include "web/dosguard/WhitelistHandlerInterface.hpp"
27
28#include <boost/asio.hpp>
29#include <boost/asio/ip/address.hpp>
30#include <boost/asio/ip/network_v4.hpp>
31#include <boost/asio/ip/network_v6.hpp>
32#include <boost/iterator/transform_iterator.hpp>
33#include <fmt/format.h>
34
35#include <algorithm>
36#include <regex>
37#include <string>
38#include <string_view>
39#include <unordered_map>
40#include <unordered_set>
41#include <vector>
42
43namespace web::dosguard {
44
48class Whitelist {
49 std::vector<boost::asio::ip::network_v4> subnetsV4_;
50 std::vector<boost::asio::ip::network_v6> subnetsV6_;
51 std::vector<boost::asio::ip::address> ips_;
52
53public:
60 void
61 add(std::string_view net);
62
70 bool
71 isWhiteListed(std::string_view ip) const;
72
73private:
74 static bool
75 isInV4Subnet(boost::asio::ip::address const& addr, boost::asio::ip::network_v4 const& subnet);
76
77 static bool
78 isInV6Subnet(boost::asio::ip::address const& addr, boost::asio::ip::network_v6 const& subnet);
79
80 static bool
81 isV4(std::string_view net);
82
83 static bool
84 isV6(std::string_view net);
85
86 static bool
87 isMask(std::string_view net);
88};
89
93class WhitelistHandler : public WhitelistHandlerInterface {
94 Whitelist whitelist_;
95
96public:
103 template <SomeResolver HostnameResolverType = Resolver>
104 WhitelistHandler(
105 util::config::ClioConfigDefinition const& config,
106 HostnameResolverType&& resolver = {}
107 )
108 {
109 std::unordered_set<std::string> const arr =
110 getWhitelist(config, std::forward<HostnameResolverType>(resolver));
111 for (auto const& net : arr)
112 whitelist_.add(net);
113 }
114
121 bool
122 isWhiteListed(std::string_view ip) const override
123 {
124 return whitelist_.isWhiteListed(ip);
125 }
126
127private:
128 template <SomeResolver HostnameResolverType>
129 [[nodiscard]] static std::unordered_set<std::string>
130 getWhitelist(util::config::ClioConfigDefinition const& config, HostnameResolverType&& resolver)
131 {
132 auto const whitelist = config.getArray("dos_guard.whitelist");
133 std::unordered_set<std::string> hostnames{};
134 // resolve hostnames to ips
135 std::unordered_set<std::string> ips;
136
137 for (auto it = whitelist.begin<util::config::ValueView>();
138 it != whitelist.end<util::config::ValueView>();
139 ++it)
140 hostnames.insert((*it).asString());
141
142 for (auto const& hostname : hostnames) {
143 auto resolvedIps = resolver.resolve(hostname);
144 for (auto& ip : resolvedIps) {
145 ips.insert(std::move(ip));
146 }
147 };
148
149 return ips;
150 }
151};
152
153} // namespace web::dosguard
util::config::ClioConfigDefinition
All the config data will be stored and extracted from this class.
Definition ConfigDefinition.hpp:50
util::config::ClioConfigDefinition::getArray
ArrayView getArray(std::string_view prefix) const
Returns the specified Array object from ClioConfigDefinition.
Definition ConfigDefinition.cpp:85
util::config::ValueView
Provides view into ConfigValues that represents values in Clio Config.
Definition ValueView.hpp:46
web::dosguard::WhitelistHandlerInterface
Interface for a whitelist handler.
Definition WhitelistHandlerInterface.hpp:29
web::dosguard::WhitelistHandler::WhitelistHandler
WhitelistHandler(util::config::ClioConfigDefinition const &config, HostnameResolverType &&resolver={})
Adds all whitelisted IPs and masks from the given config.
Definition WhitelistHandler.hpp:104
web::dosguard::WhitelistHandler::isWhiteListed
bool isWhiteListed(std::string_view ip) const override
Checks to see if the given IP is whitelisted.
Definition WhitelistHandler.hpp:122
web::dosguard::Whitelist
A whitelist to remove rate limits of certain IP addresses.
Definition WhitelistHandler.hpp:48
web::dosguard::Whitelist::isWhiteListed
bool isWhiteListed(std::string_view ip) const
Checks to see if ip address is whitelisted.
Definition WhitelistHandler.cpp:59
web::dosguard::Whitelist::add
void add(std::string_view net)
Add network address to whitelist.
Definition WhitelistHandler.cpp:40