#include <yaz/tokenizer.h>
#include <yaz/zoom.h>
#include <yaz/otherinfo.h>
+#include <yaz/match_glob.h>
namespace mp = metaproxy_1;
namespace yf = mp::filter;
std::string torus_searchable_url;
std::string torus_content_url;
std::string torus_auth_url;
+ std::string torus_allow_ip;
std::string default_realm;
std::string torus_auth_hostname;
std::map<std::string,std::string> fieldmap;
torus_content_url = mp::xml::get_text(attr->children);
else if (!strcmp((const char *) attr->name, "auth_url"))
torus_auth_url = mp::xml::get_text(attr->children);
+ else if (!strcmp((const char *) attr->name, "allow_ip"))
+ torus_allow_ip = mp::xml::get_text(attr->children);
else if (!strcmp((const char *) attr->name, "realm"))
default_realm = mp::xml::get_text(attr->children);
else if (!strcmp((const char *) attr->name, "auth_hostname"))
else
torus_db = database;
- std::string authentication;
- std::string content_authentication;
std::string content_proxy;
std::string realm = session_realm;
if (realm.length() == 0)
return m_backend;
}
- if (param_user)
- {
- authentication = std::string(param_user);
- if (param_password)
- authentication += "/" + std::string(param_password);
- }
- if (param_content_user)
- {
- content_authentication = std::string(param_content_user);
- if (param_content_password)
- content_authentication += "/" + std::string(param_content_password);
- }
-
if (torus_db.compare("IR-Explain---1") == 0)
return explain_search(package, database, error, addinfo, odr, torus_url,
torus_db, realm);
maximumRecords > 0 */
b->set_option("piggyback", sptr->piggyback ? "1" : "0");
- if (content_authentication.length() == 0)
- content_authentication = sptr->contentAuthentication;
-
- if (authentication.length() == 0)
- authentication = sptr->authentication;
+ std::string authentication = sptr->authentication;
+ if (param_user)
+ {
+ authentication = std::string(param_user);
+ if (param_password)
+ authentication += "/" + std::string(param_password);
+ }
+ std::string content_authentication = sptr->contentAuthentication;
+ if (param_content_user)
+ {
+ content_authentication = std::string(param_content_user);
+ if (param_content_password)
+ content_authentication += "/" + std::string(param_content_password);
+ }
if (proxy.length() == 0)
proxy = sptr->cfProxy;
{
// A CF target
b->set_option("user", sptr->cfAuth);
- if (authentication.length())
+ if (param_user)
+ {
+ out_names[no_out_args] = "user";
+ out_values[no_out_args++] = odr_strdup(odr, param_user);
+ if (param_password)
+ {
+ out_names[no_out_args] = "password";
+ out_values[no_out_args++] = odr_strdup(odr, param_password);
+ }
+ }
+ else if (authentication.length())
{
size_t found = authentication.find('/');
if (found != std::string::npos)
}
Z_OtherInformation **oi = &req->otherInfo;
- const char *ip =
+ const char *ip_cstr =
yaz_oi_get_string_oid(oi, yaz_oid_userinfo_client_ip, 1, 0);
- if (!ip)
- ip = package.origin().get_address().c_str();
+ std::string ip;
+ if (ip_cstr)
+ ip = ip_cstr;
+ else
+ ip = package.origin().get_address();
- yaz_log(YLOG_LOG, "IP=%s", ip);
+ yaz_log(YLOG_LOG, "IP=%s", ip.c_str());
+ {
+ NMEM nmem = nmem_create();
+ char **darray;
+ int i, num;
+ nmem_strsplit_blank(nmem, m_p->torus_allow_ip.c_str(), &darray, &num);
+ for (i = 0; i < num; i++)
+ {
+ yaz_log(YLOG_LOG, "check against %s+%s", darray[i], ip.c_str());
+ if (yaz_match_glob(darray[i], ip.c_str()))
+ break;
+ }
+ nmem_destroy(nmem);
+ if (i < num)
+ return; /* allow this IP */
+ }
std::string torus_query;
int failure_code;