001: /**
002: * $Id: NetFileHostDenialProcessor.java,v 1.13 2005/11/30 11:26:34 ss150821 Exp $
003: * Copyright 2002 Sun Microsystems, Inc. All
004: * rights reserved. Use of this product is subject
005: * to license terms. Federal Acquisitions:
006: * Commercial Software -- Government Users
007: * Subject to Standard License Terms and
008: * Conditions.
009: *
010: * Sun, Sun Microsystems, the Sun logo, and Sun ONE
011: * are trademarks or registered trademarks of Sun Microsystems,
012: * Inc. in the United States and other countries.
013: */package com.sun.portal.netfile.servlet.java1;
014:
015: import java.util.*;
016: import com.sun.portal.log.common.PortalLogger;
017: import java.util.logging.*;
018:
019: import java.net.*;
020:
021: /**
022: *
023: * @author Ali Hasnain Baqri
024: */
025:
026: public class NetFileHostDenialProcessor {
027:
028: private static Logger logger = PortalLogger
029: .getLogger(NetFileHostDenialProcessor.class);
030:
031: private char c_eol = '\n';
032: private String s_empty_string = "";
033:
034: /** Creates a new instance of NetFileHostDenialProcessor */
035: public NetFileHostDenialProcessor() {
036: }
037:
038: /* We can pass on the machine name as machine name purely or as part of
039: *host-type-pass-share
040: */
041: public String getHostName(String s_host_data) {
042: int i_index_of_name = s_host_data.indexOf("machine_name=");
043: /*Machine is only machine name*/
044: if (i_index_of_name < 0) {
045: return s_host_data.trim();
046: }
047: /*machine_name=<machine name>\n" detected*/
048: else {
049: i_index_of_name = "machine_name=".length();
050: int i_index_of_eol = s_host_data.indexOf(c_eol,
051: i_index_of_name);
052: return (s_host_data.substring(i_index_of_name,
053: i_index_of_eol)).trim();
054: }
055: }
056:
057: public boolean isHostDenied(String s_user_added_host_share,
058: java.net.InetAddress[] ia_denied_hosts) throws Exception {
059: boolean b_is_denied = false;
060: if (ia_denied_hosts == null) {
061: throw new NullPointerException("null denied host list");
062: } else if (s_user_added_host_share == null) {
063: throw new NullPointerException("null host information");
064: } else if (ia_denied_hosts.length < 1) {
065: // logger.info("Came here");
066: logger.info("PSSRNF_CSPNSJ1128");
067: } else {
068: String s_machine_name = getHostName(s_user_added_host_share);
069: java.net.InetAddress[] ia_host_added_by_user = java.net.InetAddress
070: .getAllByName(s_machine_name);
071: b_is_denied = isHostDenied(ia_host_added_by_user,
072: ia_denied_hosts);
073: }
074: // logger.info("Host denied="+b_is_denied);
075: Object[] params1 = { new Boolean(b_is_denied) };
076: logger.log(Level.INFO, "PSSRNF_CSPNSJ1129", params1);
077: return b_is_denied;
078: }
079:
080: public java.net.InetAddress[] getDeniedHostsAddresses(
081: java.util.List l_denied_hosts) {
082: java.util.ArrayList al_denied_hosts = new java.util.ArrayList();
083: if (l_denied_hosts.isEmpty())
084: return null;
085: Iterator it_denied_hosts = l_denied_hosts.iterator();
086: while (it_denied_hosts.hasNext()) {
087: try {
088: String s_host_name = ((String) it_denied_hosts.next());
089: if (!s_host_name.trim().equals(s_empty_string)) {
090: java.net.InetAddress[] ia_address_of_host = java.net.InetAddress
091: .getAllByName(s_host_name);
092: for (int i = 0; i < ia_address_of_host.length; ++i) {
093: al_denied_hosts.add(ia_address_of_host[i]);
094: }
095: }
096: } catch (Exception e) {
097: // logger.log(Level.SEVERE, "Error getting inet address of the host",e);
098: logger.log(Level.SEVERE, "PSSRNF_CSPNSJ1130");
099: }
100: }
101: java.net.InetAddress[] ia_denied_addresses = new java.net.InetAddress[al_denied_hosts
102: .size()];
103: it_denied_hosts = al_denied_hosts.iterator();
104: int i = 0;
105: while (it_denied_hosts.hasNext()) {
106: ia_denied_addresses[i] = ((java.net.InetAddress) (it_denied_hosts
107: .next()));
108: ++i;
109: }
110: return ia_denied_addresses;
111: }
112:
113: public boolean isHostDenied(
114: java.net.InetAddress[] ia_host_added_by_user,
115: java.net.InetAddress[] ia_denied_hosts) {
116: for (int i_index_into_user_inet_add = 0; i_index_into_user_inet_add < ia_host_added_by_user.length; ++i_index_into_user_inet_add) {
117: for (int i = 0; i < ia_denied_hosts.length; ++i) {
118: if (ia_host_added_by_user[i_index_into_user_inet_add]
119: .equals(ia_denied_hosts[i])) {
120: return true;
121: }
122: }
123: }
124: return false;
125: }
126:
127: /*
128: * Borrowed from rproxy code and modified for NetFile Java1
129: */
130: public boolean isHostAllowed(List accessList, List deniedList,
131: String szGivenHostName, InetAddress[] hostIAddresses,
132: boolean useGivenHostName) {
133:
134: boolean allowed = false;
135:
136: try {
137: boolean matchFound = false;
138:
139: List list = deniedList;
140: Iterator iter = null;
141: String denyString = null;
142: String hostName = null;
143: String hostAddr = null;
144: if (list != null) {
145: iter = list.iterator();
146: while (iter.hasNext()) {
147: denyString = iter.next().toString().trim()
148: .toLowerCase();
149:
150: if (denyString.equals("*")) {
151: allowed = false;
152: matchFound = true;
153: break;
154: }
155: for (int i = 0; i < hostIAddresses.length; i++) {
156: if (useGivenHostName)
157: hostName = szGivenHostName.trim()
158: .toLowerCase();
159: else
160: hostName = hostIAddresses[i].getHostName()
161: .trim().toLowerCase();
162: hostAddr = hostIAddresses[i].getHostAddress();
163: if (wildcardMatch(hostName, denyString)) {
164: allowed = false;
165: matchFound = true;
166: break;
167: } else if (wildcardMatch(hostAddr, denyString)) {
168: allowed = false;
169: matchFound = true;
170: break;
171: }
172: }
173: }
174: }
175:
176: if (!matchFound) {
177: list = accessList;
178: String allowString;
179: if (list != null) {
180: iter = list.iterator();
181:
182: while (iter.hasNext()) {
183: allowString = iter.next().toString().trim()
184: .toLowerCase();
185:
186: if (allowString.equals("*")) {
187: allowed = true;
188: matchFound = true;
189: break;
190: }
191: for (int i = 0; i < hostIAddresses.length; i++) {
192: if (useGivenHostName)
193: hostName = szGivenHostName.trim()
194: .toLowerCase();
195: else
196: hostName = hostIAddresses[i]
197: .getHostName().trim()
198: .toLowerCase();
199: hostAddr = hostIAddresses[i]
200: .getHostAddress();
201: if (wildcardMatch(hostName, allowString)) {
202: allowed = true;
203: matchFound = true;
204: break;
205: } else if (wildcardMatch(hostAddr,
206: allowString)) {
207: allowed = true;
208: matchFound = true;
209: break;
210: }
211: }
212: }
213: }
214: }
215:
216: if (!matchFound) {
217: // If not there in both lists - hence deny it.
218: allowed = false;
219: }
220:
221: if (!allowed) {
222: // logger.info("Host " + hostName + " is not allowed");
223: Object[] params3 = { hostName, " is not allowed" };
224: logger.log(Level.INFO, "PSSRNF_CSPNSJ1131", params3);
225: }
226: } catch (Exception e) {
227: // logger.log(Level.SEVERE, "Error in detecting host is allowed", e);
228: logger.log(Level.SEVERE, "PSSRNF_CSPNSJ1132");
229: allowed = false;
230: }
231:
232: return allowed;
233: }
234:
235: /*
236: * Borrowed from rproxy code and modified for NetFile Java1
237: */
238: private boolean wildcardMatch(String str1, String str2) {
239: int beginIndex1 = 0;
240: int endIndex1 = 0;
241: int beginIndex2 = 0;
242: int endIndex2 = 0;
243: int strlen1 = str1.length();
244: int strlen2 = str2.length();
245: String substr = null;
246:
247: // if one of the string is null, consider it no match.
248: if ((str1 == null) || (str2 == null))
249: return (false);
250:
251: if ((str1.trim().length() == 0) || (str2.trim().length() == 0))
252: return (false);
253:
254: if ((endIndex2 = str2.indexOf('*', beginIndex2)) != -1) {
255: // get the substring prior to the first '*'
256: substr = str2.substring(beginIndex2, endIndex2);
257:
258: // check if the first char in str2 is '*', i.e. the substring is null
259: if (endIndex2 > beginIndex2) {
260: // str1 contains the substring too? if not, no match
261: if ((beginIndex1 = str1.indexOf(substr, beginIndex1)) == -1)
262: return (false);
263: // if it is not a SUFFIX match, then the prefixes should be equal
264: if (beginIndex1 != beginIndex2)
265: return (false);
266: }
267: // move the pointer to next char after the substring already matched
268: beginIndex1 = beginIndex1 + (endIndex2 - beginIndex2);
269: if (endIndex2 >= strlen2 - 1)
270: return (true);
271: beginIndex2 = endIndex2 + 1;
272: } else {
273: // str2 doesn't contain wildcard '*'
274: if ((beginIndex1 = str1.indexOf(str2)) == -1)
275: return (false);
276: if (beginIndex1 == beginIndex2)
277: return (true);
278: return (false);
279: }
280:
281: // There are more than '*'s in str2, repeat what we have done
282: while ((endIndex2 = str2.indexOf('*', beginIndex2)) != -1) {
283: substr = str2.substring(beginIndex2, endIndex2);
284: if (endIndex2 > beginIndex2)
285: if ((beginIndex1 = str1.indexOf(substr, beginIndex1)) == -1)
286: return (false);
287: beginIndex1 = beginIndex1 + (endIndex2 - beginIndex2);
288: if (endIndex2 >= strlen2 - 1)
289: return (true);
290: beginIndex2 = endIndex2 + 1;
291: }
292: // The substring after the last '*'
293: substr = str2.substring(beginIndex2, strlen2);
294:
295: if ((endIndex1 = str1.lastIndexOf(substr, strlen1 - 1)) == -1)
296: return (false);
297:
298: if (beginIndex1 > endIndex1)
299: return (false);
300:
301: return (true);
302: }
303:
304: String getFQHostName(String hostName,
305: String defaultSubDomainAndDomain) {
306: int index = hostName.indexOf('.');
307:
308: if (index == -1) {
309: return getNewHostName(hostName, defaultSubDomainAndDomain);
310: } else if (index == hostName.lastIndexOf('.')) {
311: return getNewHostName(hostName, defaultSubDomainAndDomain);
312: }
313: return hostName;
314: }
315:
316: String getNewHostName(String hostName,
317: String defaultSubDomainAndDomain) {
318: String newHost = null;
319: if ((defaultSubDomainAndDomain == null)
320: || (defaultSubDomainAndDomain.trim().length() == 0))
321: return hostName.trim();
322: if (defaultSubDomainAndDomain.charAt(0) == '.')
323: newHost = hostName + defaultSubDomainAndDomain;
324: else
325: newHost = hostName + '.' + defaultSubDomainAndDomain;
326: return newHost.trim();
327: }
328:
329: public static InetAddress[] getHostAddress(String systemName,
330: String defaultDomain) throws java.net.UnknownHostException {
331: InetAddress[] machhost = null;
332: if ((systemName == null) || (systemName.trim().length() == 0))
333: throw new java.net.UnknownHostException("null");
334: try {
335: machhost = InetAddress.getAllByName(systemName);
336: return machhost;
337: } catch (UnknownHostException e) {
338: NetFileHostDenialProcessor nfDenyProc = new NetFileHostDenialProcessor();
339: machhost = InetAddress.getAllByName(nfDenyProc
340: .getFQHostName(systemName, defaultDomain));
341: }
342: return machhost;
343: }
344:
345: }
|