From ce22093fd4091787514967f24e99ab0d39714e7e Mon Sep 17 00:00:00 2001 From: Scott Wallace Date: Thu, 8 Nov 2012 14:10:54 +0000 Subject: [PATCH] Removed cookie checking for Varnish -- deprecated. --- varnish/blockinator.vcl | 37 ++----------------------------------- varnish/blocklist-check.vcl | 3 --- 2 files changed, 2 insertions(+), 38 deletions(-) diff --git a/varnish/blockinator.vcl b/varnish/blockinator.vcl index ef86696..f593a92 100644 --- a/varnish/blockinator.vcl +++ b/varnish/blockinator.vcl @@ -1,5 +1,4 @@ C{ - #define BLOCKINATOR_HOME "/srv/app/blockinator" #define BLOCKLIST_DB "/srv/tmp/blocklist.db" #include @@ -8,7 +7,7 @@ C{ #include #include - char *remote_ip, *forwarded_ip, *useragent, *cookie; + char *remote_ip, *forwarded_ip, *useragent; sqlite3 *db; @@ -23,16 +22,6 @@ C{ syslog(LOG_ERR, "SQLite error (%s). Could not open database.", sqlite3_errmsg(db)); } init = 1; - - /* Load the EDSA SQLite extension for instr() */ - if ((sqlite3_enable_load_extension(db, 1) != SQLITE_OK) || - (sqlite3_load_extension(db, BLOCKINATOR_HOME"/sqlite_instr/instr.sqlext", 0, &sqlite3_error) != SQLITE_OK) - ) { - syslog(LOG_ERR, "SQLite error (%s). Failed to load the instr() extension.", sqlite3_error); - sqlite3_free(sqlite3_error); - } else { - syslog(LOG_INFO, "SQLite loaded the instr() extension successfully."); - } } } @@ -48,32 +37,10 @@ C{ */ if (argc > 0 && atoi(argv[0]) > 0 && strcmp(argv[1], remote_ip) == 0) { /* Any results indicate a block */ - syslog(LOG_INFO, "Blocklist match found for %s/%s. (Forwarded_IP: %s, User-Agent: %s, Cookie: %s)", remote_ip, argv[1], forwarded_ip, useragent, cookie); + syslog(LOG_INFO, "Blocklist match found for %s/%s. (Forwarded_IP: %s, User-Agent: %s)", remote_ip, argv[1], forwarded_ip, useragent); VRT_SetHdr(sp, HDR_REQ, "\010X-Block:", remote_ip, vrt_magic_string_end); } return 0; } - - char *str_replace(char *input, char *search, char *replace) - { - char *string_ptr, *match_ptr; - int offset = strlen(search); - - char *output = malloc(BUFSIZ); - memset(output, 0, BUFSIZ); - - if (! input) return output; - - string_ptr = input; - - while (match_ptr = strstr(string_ptr, search)) { - strncat(output, string_ptr, match_ptr-string_ptr); - strcat(output, replace); - string_ptr = match_ptr + offset; - } - strcat(output, string_ptr); - - return output; - } }C diff --git a/varnish/blocklist-check.vcl b/varnish/blocklist-check.vcl index 8fb2ac6..8753b13 100644 --- a/varnish/blocklist-check.vcl +++ b/varnish/blocklist-check.vcl @@ -2,12 +2,10 @@ C{ remote_ip = VRT_IP_string(sp, VRT_r_client_ip(sp)); forwarded_ip = VRT_GetHdr(sp, HDR_REQ, "\020X-Forwarded-For:"); useragent = VRT_GetHdr(sp, HDR_REQ, "\013User-Agent:"); - cookie = VRT_GetHdr(sp, HDR_REQ, "\007Cookie:"); char statement[BUFSIZ]; char *sqlite3_error; - char *safecookie = str_replace(cookie, "'", "''"); snprintf(statement, BUFSIZ, "SELECT COUNT(*), remote_ip FROM blocklist WHERE remote_ip = '%s' AND (forwarded_ip = 'ANY' OR forwarded_ip = '%s') AND (useragent = 'ANY' OR useragent = '%s')", remote_ip, forwarded_ip, useragent); @@ -18,5 +16,4 @@ C{ syslog(LOG_INFO, "SQLite statment: %s", statement); sqlite3_free(sqlite3_error); } - free(safecookie); }C