MySQL 8.3.0
Source Code Documentation
Gcs_ip_allowlist Class Reference

#include <gcs_xcom_networking.h>

Classes

class  Atomic_lock_guard
 

Public Member Functions

 Gcs_ip_allowlist ()
 
virtual ~Gcs_ip_allowlist ()
 
bool configure (const std::string &the_list)
 This member function shall be used to configure the allowlist. More...
 
bool is_valid (const std::string &the_list)
 This member function shall be used to validate the list that is used as input to the configure member function. More...
 
bool shall_block (const std::string &ip_addr, site_def const *xcom_config=nullptr)
 This member function SHALL return true if the given IP is to be blocked, false otherwise. More...
 
bool shall_block (int fd, site_def const *xcom_config=nullptr)
 This member function SHALL return true if the IP of the given file descriptor is to be blocked, false otherwise. More...
 
const std::string get_configured_ip_allowlist ()
 This member function gets the textual representation of the list as provided to the configure member function. More...
 
std::string to_string () const
 A string representation of the internal list of IP addresses. More...
 

Static Public Attributes

static const std::string DEFAULT_ALLOWLIST
 

Private Member Functions

bool do_check_block (struct sockaddr_storage *sa, site_def const *xcom_config) const
 
bool do_check_block_allowlist (std::vector< unsigned char > const &incoming_octets) const
 
bool do_check_block_xcom (std::vector< unsigned char > const &incoming_octets, site_def const *xcom_config) const
 
bool add_address (std::string addr, std::string mask)
 
void clear ()
 Clears the contents of this Allowlist object. More...
 
 Gcs_ip_allowlist (Gcs_ip_allowlist const &)
 
Gcs_ip_allowlistoperator= (Gcs_ip_allowlist const &)
 

Private Attributes

std::set< Gcs_ip_allowlist_entry *, Gcs_ip_allowlist_entry_pointer_comparatorm_ip_allowlist
 
std::string m_original_list
 This is the list that originally submitted to be parsed and to configure the allowlist. More...
 
std::atomic_flag m_atomic_guard
 An atomic lock to guard the ip allowlist. More...
 

Constructor & Destructor Documentation

◆ Gcs_ip_allowlist() [1/2]

Gcs_ip_allowlist::Gcs_ip_allowlist ( )
inline

◆ ~Gcs_ip_allowlist()

Gcs_ip_allowlist::~Gcs_ip_allowlist ( )
virtual

◆ Gcs_ip_allowlist() [2/2]

Gcs_ip_allowlist::Gcs_ip_allowlist ( Gcs_ip_allowlist const &  )
private

Member Function Documentation

◆ add_address()

bool Gcs_ip_allowlist::add_address ( std::string  addr,
std::string  mask 
)
private

◆ clear()

void Gcs_ip_allowlist::clear ( )
private

Clears the contents of this Allowlist object.

It deletes all entries and clears the internal set.

◆ configure()

bool Gcs_ip_allowlist::configure ( const std::string &  the_list)

This member function shall be used to configure the allowlist.

Parameters
the_listThe list with IP addresses. This list is a comma separated list formatted only with IP addresses and/or in the form of a subnet range, e.g., IP/netbits.
Returns
true if the configuration failed, false otherwise.

Check if the address is a localhost ipv4 address. Add it after if necessary.

◆ do_check_block()

bool Gcs_ip_allowlist::do_check_block ( struct sockaddr_storage *  sa,
site_def const *  xcom_config 
) const
private

◆ do_check_block_allowlist()

bool Gcs_ip_allowlist::do_check_block_allowlist ( std::vector< unsigned char > const &  incoming_octets) const
private

◆ do_check_block_xcom()

bool Gcs_ip_allowlist::do_check_block_xcom ( std::vector< unsigned char > const &  incoming_octets,
site_def const *  xcom_config 
) const
private

◆ get_configured_ip_allowlist()

const std::string Gcs_ip_allowlist::get_configured_ip_allowlist ( )
inline

This member function gets the textual representation of the list as provided to the configure member function.

◆ is_valid()

bool Gcs_ip_allowlist::is_valid ( const std::string &  the_list)

This member function shall be used to validate the list that is used as input to the configure member function.

Parameters
the_listThe list with IP addresses. This list is a comma separated list formatted only with IP addresses and/or in the form of a subnet range, e.g., IP/netbits.
Returns
true if the configuration failed, false otherwise.

◆ operator=()

Gcs_ip_allowlist & Gcs_ip_allowlist::operator= ( Gcs_ip_allowlist const &  )
private

◆ shall_block() [1/2]

bool Gcs_ip_allowlist::shall_block ( const std::string &  ip_addr,
site_def const *  xcom_config = nullptr 
)

This member function SHALL return true if the given IP is to be blocked, false otherwise.

Parameters
ip_addra string representation of an IPv4 address.
xcom_configthe latest XCom configuration.
Returns
true if the ip should be blocked, false otherwise.

◆ shall_block() [2/2]

bool Gcs_ip_allowlist::shall_block ( int  fd,
site_def const *  xcom_config = nullptr 
)

This member function SHALL return true if the IP of the given file descriptor is to be blocked, false otherwise.

Parameters
fdthe file descriptor of the accepted socket to check.
xcom_configthe latest XCom configuration.
Returns
true if the ip should be blocked, false otherwise.

◆ to_string()

std::string Gcs_ip_allowlist::to_string ( ) const

A string representation of the internal list of IP addresses.

Can have more addresses than those submitted through the configure member function, since there are addresses that are implicitly added when configuring the list.

Member Data Documentation

◆ DEFAULT_ALLOWLIST

const std::string Gcs_ip_allowlist::DEFAULT_ALLOWLIST
static
Initial value:
=
"127.0.0.1/32,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,::1/128,fe80::/"
"10,fd00::/8"

◆ m_atomic_guard

std::atomic_flag Gcs_ip_allowlist::m_atomic_guard
private

An atomic lock to guard the ip allowlist.

◆ m_ip_allowlist

std::set<Gcs_ip_allowlist_entry *, Gcs_ip_allowlist_entry_pointer_comparator> Gcs_ip_allowlist::m_ip_allowlist
private

◆ m_original_list

std::string Gcs_ip_allowlist::m_original_list
private

This is the list that originally submitted to be parsed and to configure the allowlist.


The documentation for this class was generated from the following files: