Skip to content

Commit f4bb05e

Browse files
zandbeltzandbelt
committed
validate configured class names in OIDCMetricsData
Signed-off-by: Hans Zandbelt <[email protected]>
1 parent 0d1e17c commit f4bb05e

File tree

3 files changed

+53
-4
lines changed

3 files changed

+53
-4
lines changed

src/config.c

+12-4
Original file line numberDiff line numberDiff line change
@@ -1132,10 +1132,18 @@ static const char *oidc_set_info_hook_data(cmd_parms *cmd, void *m, const char *
11321132

11331133
static const char *oidc_set_metrics_hook_data(cmd_parms *cmd, void *m, const char *arg) {
11341134
oidc_cfg *cfg = (oidc_cfg *)ap_get_module_config(cmd->server->module_config, &auth_openidc_module);
1135-
if (cfg->metrics_hook_data == NULL)
1136-
cfg->metrics_hook_data = apr_hash_make(cmd->pool);
1137-
apr_hash_set(cfg->metrics_hook_data, arg, APR_HASH_KEY_STRING, arg);
1138-
return NULL;
1135+
const char *rv = NULL;
1136+
char *valid_names = NULL;
1137+
if (oidc_metrics_is_valid_classname(cmd->pool, arg, &valid_names) == TRUE) {
1138+
if (cfg->metrics_hook_data == NULL)
1139+
cfg->metrics_hook_data = apr_hash_make(cmd->pool);
1140+
apr_hash_set(cfg->metrics_hook_data, arg, APR_HASH_KEY_STRING, arg);
1141+
} else {
1142+
rv = apr_psprintf(cmd->pool, "undefined metric class name: \"%s\", must be one of [%s]", arg,
1143+
valid_names);
1144+
}
1145+
return OIDC_CONFIG_DIR_RV(cmd, rv);
1146+
;
11391147
}
11401148

11411149
static const char *oidc_set_trace_parent(cmd_parms *cmd, void *struct_ptr, const char *arg) {

src/metrics.c

+40
Original file line numberDiff line numberDiff line change
@@ -275,6 +275,46 @@ typedef struct oidc_metrics_timing_t {
275275
json_int_t count;
276276
} oidc_metrics_timing_t;
277277

278+
typedef struct oidc_metrics_add_classname_ctx_t {
279+
apr_pool_t *pool;
280+
char **valid_names;
281+
} oidc_metrics_add_classname_ctx_t;
282+
283+
static int _oidc_metrics_add_classnames(void *rec, const char *key, const char *value) {
284+
oidc_metrics_add_classname_ctx_t *ctx = (oidc_metrics_add_classname_ctx_t *)rec;
285+
*ctx->valid_names = apr_psprintf(ctx->pool, "%s%s%s", *ctx->valid_names ? *ctx->valid_names : "",
286+
*ctx->valid_names ? " | " : "", value);
287+
return 1;
288+
}
289+
290+
apr_byte_t oidc_metrics_is_valid_classname(apr_pool_t *pool, const char *name, char **valid_names) {
291+
int i = 0;
292+
int n = 0;
293+
int rv = FALSE;
294+
apr_table_t *names = apr_table_make(pool, 1);
295+
oidc_metrics_add_classname_ctx_t ctx = {pool, valid_names};
296+
297+
n = sizeof(_oidc_metrics_timings_info) / sizeof(oidc_metrics_timing_info_t);
298+
for (i = 0; i < n; i++) {
299+
if (_oidc_strcmp(_oidc_metrics_timings_info[i].class_name, name) == 0)
300+
rv = TRUE;
301+
apr_table_set(names, _oidc_metrics_timings_info[i].class_name,
302+
_oidc_metrics_timings_info[i].class_name);
303+
}
304+
n = sizeof(_oidc_metrics_counters_info) / sizeof(oidc_metrics_counter_info_t);
305+
for (i = 0; i < n; i++) {
306+
if (_oidc_strcmp(_oidc_metrics_counters_info[i].class_name, name) == 0)
307+
rv = TRUE;
308+
apr_table_set(names, _oidc_metrics_counters_info[i].class_name,
309+
_oidc_metrics_counters_info[i].class_name);
310+
}
311+
312+
*valid_names = NULL;
313+
apr_table_do(_oidc_metrics_add_classnames, &ctx, names, NULL);
314+
315+
return rv;
316+
}
317+
278318
/*
279319
* collection thread
280320
*/

src/metrics.h

+1
Original file line numberDiff line numberDiff line change
@@ -43,6 +43,7 @@
4343
#ifndef MOD_AUTH_OPENIDC_METRICS_H_
4444
#define MOD_AUTH_OPENIDC_METRICS_H_
4545

46+
apr_byte_t oidc_metrics_is_valid_classname(apr_pool_t *pool, const char *name, char **valid_names);
4647
apr_byte_t oidc_metrics_cache_post_config(server_rec *s);
4748
apr_status_t oidc_metrics_cache_child_init(apr_pool_t *p, server_rec *s);
4849
apr_status_t oidc_metrics_cache_cleanup(server_rec *s);

0 commit comments

Comments
 (0)