1/* 2 * ufdb.h - URLfilterDB 3 * 4 * ufdbGuard is copyrighted (C) 2005-2020 by URLfilterDB B.V. and others with all rights reserved. 5 * 6 * Parts of the ufdbGuard daemon are based on squidGuard. 7 * This module is NOT based on squidGuard. 8 * 9 * RCS $Id: ufdb.h.in,v 1.103 2020/10/22 07:13:03 root Exp root $ 10 */ 11 12/* 13 * An ordered table looks like this: 14 * 15 * UNIVERSE 16 * com 17 * foobar 18 * girls 19 * boys 20 * pools 21 * youtube 22 * /watch?v=id1 23 * /watch?v=id2 24 * /watch?v=idN 25 * zazu 26 * net 27 * zazu 28 * zombie 29 * 30 * The ordered table is implemented with a tree and each node in the tree 31 * has nNextLevels children. 32 * 33 * "UNIVERSE" 0xSUBLEVEL 34 * "com" 0xSUBLEVEL "foobar" 0xSUBLEVEL "girls" 0xSAMELEVEL 35 * "boys" 0xPREVLEVEL 36 * "pools" 0xSAMELEVEL 37 * "youtube" 0xSUBLEVEL "/watch" 0xSUBLEVEL "?" 0xSUBLEVEL "v" 0xSUBLEVEL "id1" 0xSAMELEVEL 38 * "id2" 0xSAMELEVEL 39 * "idN" 0xPREVLEVEL 40 * 0xPREVLEVEL 0xPREVLEVEL 0xPREVLEVEL 0xPREVLEVEL 41 * "zazu" 0xPREVLEVEL 42 * "net" 0xSUBLEVEL "zazu" 0xSAMELEVEL 43 * "zombie" 0xPREVLEVEL 44 * 0xPREVLEVEL 45 * 0xENDTABLE 46 * 47 * The idea behind this is that the whole table can be loaded into 1 malloc-ed area 48 * and that the 0xXXXX tokens can be substitued by a '\0' in memory. 49 * Database layout version 2.2 does not do this any more and each tag is terminated with a \0. 50 * The levelTag pointer will point into the table without malloc-ing memory which 51 * will save a lot on malloc overhead, memory and CPU time to load the table. 52 * 53 * The major drawback is that the number of children of a node is unknown when 54 * a table is loaded and the arrays of child nodes (nextLevel[]) must be reallocated 55 * many times. This implies a relatively large malloc()/realloc() overhead. 56 * 57 * To get rid of the malloc() overhead, the number of child nodes (nNextLevels) is 58 * coded into the file. This is a new feature for database file format 1.2. 59 * 60 * Database format 2.0 does not include the number of child nodes so it must be counted when 61 * the database table is loaded into memory 62 * Database format 2.1+ includes codes for the number of children per node: 63 * UFDBsubLevel1-UFDBsubLevel7 1-7 children 64 * UFDBsubLevel 8-255 children 65 * UFDBsubLevelNNN 256-65535 children 66 * UFDBsubLevelNNNNN 65536-4B children 67 * Database format 2.2 has 68 * \0-terminated tags. 69 * support for matching URL paramaters: example.com/foo.cgi?a=val&b&pp=bar 70 * | at end of a database URL means only match if the browser URL terminates there. 71 * New in ufdbguard 1.34.x: a database URL that starts with "|." matches a browser URL that 72 * has not a subdomain other than www[0-9][0-9]. So |.example.com matches www.example.com but not 73 * foo.example.com. 74 */ 75 76#ifndef UFDB_UFDB_H_INCLUDED 77#define UFDB_UFDB_H_INCLUDED 78 79#ifdef __cplusplus 80extern "C" { 81#endif 82 83#ifndef UFDB_NEED_FORTIFIED_CODE 84#undef _FORTIFY_SOURCE 85#endif 86 87#ifndef _REENTRANT 88#define _REENTRANT 89#endif 90 91/* on AIX systems we must define _ALL_SOURCE in order to get the symbol NI_NAMEREQD used by getnameinfo() */ 92#ifdef _AIX 93#define _ALL_SOURCE 1 94#endif 95 96#ifndef _XOPEN_SOURCE___ 97#ifdef __sun 98#define _XOPEN_SOURCE___ 600 99#else 100#define _XOPEN_SOURCE___ 600 101#endif 102#endif 103 104#if __sun && !defined(__EXTENSIONS__) 105#define __EXTENSIONS__ 1 106#endif 107 108#if 0 109#ifndef _POSIX_C_SOURCE 110#define _POSIX_C_SOURCE 200112L 111#endif 112#endif 113 114#if 0 115#ifndef _XOPEN_SOURCE____EXTENDED 116#define _XOPEN_SOURCE____EXTENDED 1 117#endif 118#endif 119 120#ifndef _DEFAULT_SOURCE 121#define _DEFAULT_SOURCE 1 122#endif 123 124#ifndef _BSD_SOURCE 125#define _BSD_SOURCE 1 126#endif 127 128#ifndef UFDB_MALLOC_IS_THREADSAFE 129#define UFDB_MALLOC_IS_THREADSAFE 1 130#endif 131 132#define UFDB_DO_NOT_STRIP_FTP 1 133 134#define UFDB_VERSION "@PACKAGE_VERSION@" 135 136#define UFDB_SSL_SUPPORT @ufdb_with_ssl@ 137// ZLIB_SUPPORT: 0 disabled, 1 use standard library, 2 use own library 138#define UFDB_ZLIB_SUPPORT @ufdb_with_zlib@ 139#if UFDB_ZLIB_SUPPORT == 2 140#define UFDB_OWN_ZLIB_SUPPORT 1 141// #define deflate z_deflate 142// #define deflateInit z_deflateInit 143// #define deflateEnd z_deflateEnd 144#endif 145#define UFDB_BZ2LIB_SUPPORT @ufdb_with_bz2lib@ 146#define UFDB_PTHREAD_SUPPORT @ufdb_with_pthread@ 147#define UFDB_FUTEX_SUPPORT @ufdb_with_futex@ 148#define UFDB_SPINLOCK_SUPPORT @ufdb_with_spinlock@ 149#define UFDB_CVMX_SPINLOCK_SUPPORT @ufdb_with_cvmx_spinlock@ 150#define UFDB_BARE_METAL_SUPPORT @ufdb_bare_metal@ 151#define UFDB_DPDK_SUPPORT @ufdb_dpdk@ 152#define UFDB_REGEX_SUPPORT @ufdb_regex_support@ 153#define UFDB_VERIFY_CERTS @ufdb_verify_certs@ 154 155 156#if __OCTEON__ || __ppc__ 157#define UFDB_CACHELINE_SIZE 128 158#else 159#define UFDB_CACHELINE_SIZE 64 160#endif 161 162// #ifndef _GNU_SOURCE 163// #define _GNU_SOURCE 164// #endif 165 166#undef UFDB_64BITS 167#if defined(__x86_64__) || defined(__amd64__) || __SIZEOF_POINTER__ == 8 168#define UFDB_64BITS 1 169#endif 170 171#if defined(__GNUC__) && defined(__OPTIMIZE__) 172#define UFDB_GCC_INLINE __inline__ 173#else 174#define UFDB_GCC_INLINE 175#endif 176 177#if UFDB_BARE_METAL_SUPPORT && __OCTEON__ 178#include "cvmx-platform.h" 179#define UFDB_SHARED CVMX_SHARED 180#else 181#define UFDB_SHARED /**/ 182#endif 183 184#if defined(__GNUC__) 185/* malloc attribute exists since gcc 2.96 */ 186#define UFDB_GCC_MALLOC_ATTR __attribute__ ((malloc)) 187#else 188#define UFDB_GCC_MALLOC_ATTR /**/ 189#endif 190 191#if defined(__GNUC__) && ((__GNUC__ > 3) || ((__GNUC__ == 3) && (__GNUC_MINOR__ >= 3))) 192#if UFDB_CACHELINE_SIZE == 128 193#define UFDB_GCC_ALIGN_CL __attribute__ ((aligned(128))) 194#else 195#define UFDB_GCC_ALIGN_CL __attribute__ ((aligned(64))) 196#endif 197#else 198#define UFDB_GCC_ALIGN_CL /**/ 199#endif 200 201#if defined(__GNUC__) 202#define UFDB_GCC_NORETURN __attribute__ ((noreturn)) 203#define UFDB_GCC_UNUSED __attribute__ ((unused)) 204#else 205#define UFDB_GCC_NORETURN 206#define UFDB_GCC_UNUSED 207#endif 208 209 210#if defined(UFDB_64BITS) && defined(__GNUC__) && ((__GNUC__ > 3) || ((__GNUC__ == 3) && (__GNUC_MINOR__ >= 3))) 211#define UFDB_GCC_DEPRECATED __attribute__ ((deprecated)) 212#define UFDB_GCC_ALIGN64 __attribute__ ((aligned(64))) 213#else 214#define UFDB_GCC_DEPRECATED /**/ 215#define UFDB_GCC_ALIGN64 /**/ 216#endif 217 218#if defined(UFDB_64BITS) && defined(__GNUC__) && ((__GNUC__ > 3) || ((__GNUC__ == 3) && (__GNUC_MINOR__ >= 3))) 219#define UFDB_GCC_REGPARM1 __attribute__ ((regparm(1))) 220#define UFDB_GCC_REGPARM2 __attribute__ ((regparm(2))) 221#define UFDB_GCC_REGPARM3 __attribute__ ((regparm(3))) 222#else 223#define UFDB_GCC_REGPARM1 /**/ 224#define UFDB_GCC_REGPARM2 /**/ 225#define UFDB_GCC_REGPARM3 /**/ 226#endif 227 228#if defined(__GNUC__) && ((__GNUC__ > 4) || ((__GNUC__ == 4) && (__GNUC_MINOR__ >= 3))) 229#define UFDB_GCC_HOT __attribute__ ((hot)) 230#define UFDB_GCC_COLD __attribute__ ((cold)) 231#else 232#define UFDB_GCC_HOT /**/ 233#define UFDB_GCC_COLD /**/ 234#endif 235 236 237#include <stdint.h> 238 239#include "config.h" 240#include "version.h" 241#include "ufdblocks.h" 242#include "ufdb-api-private.h" 243 244#if !defined(UFDB_API_NO_THREADS) && UFDB_PTHREAD_SUPPORT 245#include <pthread.h> 246#endif 247 248 249#if !UFDB_BARE_METAL_SUPPORT 250 251#if UFDB_REGEX_SUPPORT && HAVE_REGCOMP != 1 252#error The C library does not have the regcomp function. 253#endif 254 255#if HAVE_SIGACTION != 1 256#error The C library does not have the sigaction function. 257#endif 258#endif 259 260#include <sys/types.h> 261#include <string.h> 262#include <limits.h> 263 264#ifdef UFDB_USE_PCREPOSIX 265#include <pcreposix.h> 266#else 267#include <regex.h> 268#endif 269 270#define UFDB_GDB_PATH "@GDB@" 271#define UFDB_WGET_PATH "@WGET@" 272#define UFDB_CURL_PATH "@CURL@" 273 274#define DEFAULT_DBHOME "@ufdb_dbhome@" 275#define DEFAULT_IMAGESDIR "@ufdb_images_dir@" 276#define DEFAULT_BINDIR "@ufdb_bindir@" 277#define DEFAULT_PIDDIR "@ufdb_piddir@" 278#define DEFAULT_LOGDIR "@ufdb_logdir@" 279#define DEFAULT_LOGFILE "ufdbGuard.log" 280#define DEFAULT_CONFIGFILE "@ufdb_config@/ufdbGuard.conf" 281#define UFDB_SYSTEM_CONFIG "@ufdb_sysconfigfile@" 282 283#define UFDB_DEFAULT_SQUID_VERSION "4.0" 284#define UFDB_SQUID_HELPER_PROTOCOL1 0 /* 2.x */ 285#define UFDB_SQUID_HELPER_PROTOCOL2 1 /* 3.0 - 3.3 */ 286#define UFDB_SQUID_HELPER_PROTOCOL3 2 /* 3.4 - */ 287 288#define UFDB_LICENSE_STATUS_FILENAME "license-status" 289 290#define UFDB_USER_AGENT "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)" 291 292#define UFDB_ROTATE_LOG_FILES 293#define UFDB_MAX_INITIAL_LOGFILE_SIZE (200*1024*1024) 294#define UFDB_MAX_LOGFILE_SIZE (200*1024*1024) 295#define UFDB_MAX_LOGMSG_SZ (10*1024) 296 297#define UFDB_RECONFIGR_NONE 0 298#define UFDB_RECONFIGR_INIT 1 299#define UFDB_RECONFIGR_FINISH 2 300#define UFDB_RECONFIGR_HUP 3 301#define UFDB_RECONFIGR_RELOAD 4 302#define UFDB_RECONFIGR_TERM 5 303#define UFDB_RECONFIGR_ABORT 6 304#define UFDB_RECONFIGR_BADSIG 7 305#define UFDB_RECONFIGR_FATAL 8 306#define UFDB_RECONFIGR_STACK 9 307#define UFDB_RECONFIGR_FORTIFY 10 308 309#define UFDB_DEFAULT_REFRESH_USERLIST 15 /* minutes */ 310#define UFDB_DEFAULT_REFRESH_IPLIST 15 /* minutes */ 311#define UFDB_DEFAULT_REFRESH_DOMAINLIST 15 /* minutes */ 312 313#if UFDB_GEN_API 314#define UFDB_UUE_MAXURLS 75000 315#define UFDB_UUE_HASHSIZE 99371 316#else 317#define UFDB_UUE_MAXURLS 20000 318#define UFDB_UUE_HASHSIZE 25643 319#endif 320 321#ifndef UFDB_UPLOAD_UNCATEGORISED_URLS_WEBSITE 322#define UFDB_UPLOAD_UNCATEGORISED_URLS_WEBSITE "updates.urlfilterdb.com" 323#endif 324 325#ifndef UFDB_UPLOAD_UNCATEGORISED_URLS_CGI 326#define UFDB_UPLOAD_UNCATEGORISED_URLS_CGI "/cgi-bin/uncat.pl" 327#endif 328 329#ifndef UFDB_UPLOAD_ANALYSE_SQUID_LOG_CGI 330#define UFDB_UPLOAD_ANALYSE_SQUID_LOG_CGI "/cgi-bin/analyseSquidLog.pl" 331#endif 332 333#ifndef UFDB_EXPLAIN_DENY_REASON_URL 334#define UFDB_EXPLAIN_DENY_REASON_URL "http://cgibin.urlfilterdb.com/cgi-bin/explain-denial.cgi" 335#endif 336 337#ifndef UFDB_DEFAULT_HTTPS_REDIRECTION_URL 338#define UFDB_DEFAULT_HTTPS_REDIRECTION_URL "blockedhttps.urlfilterdb.com:443" 339#endif 340 341#ifndef UFDB_DEFAULT_BUMPED_HTTPS_REDIRECTION_URL 342#define UFDB_DEFAULT_BUMPED_HTTPS_REDIRECTION_URL "https://blockedhttps.urlfilterdb.com/cgi-bin/URLblocked.cgi?clientgroup=%s&category=%t&url=%u" 343#endif 344 345#ifndef UFDB_DEFAULT_HTTP_RETURN_CODE 346#define UFDB_DEFAULT_HTTP_RETURN_CODE "302" /* in the past HTTP/1.0 used "302" */ 347#endif 348 349#define UFDB_NNODES_INDEX 2048 350 351#define UFDBGUARDD_PID_FILE DEFAULT_PIDDIR "/ufdbguardd.pid" 352#define UFDBICAP_PID_FILE "/var/run/urlfilterdb/icapd.pid" 353#define UFDB_USER "@ufdb_user@" 354 355#define UFDB_USERQUOTA_SUPPORT 0 356 357/* support 20 instances of squid with each 64 ufdbgclient processes */ 358#ifndef UFDB_MIN_THREADS 359#define UFDB_MIN_THREADS (64+1) 360#endif 361#ifndef UFDB_MAX_THREADS 362#define UFDB_MAX_THREADS (20*64+5) 363#endif 364#define UFDB_DAEMON_PORT 3977 365 366/* ufdbgclient can support up to concurrency=N queries simultaneously */ 367#define UFDB_MAX_SQUID_CONCURRENCY 32 368 369/* The HTTP 1.1 spec says that proxies must be able to handle requests 370 * with a very long URI. So what we will do is that ufdbgclient 371 * will support this and truncate the URL to have a maximum length 372 * of UFDB_MAX_URL_LENGTH. 373 */ 374#define UFDB_HTTP_1_1_MAX_URI_LENGTH 65536 375#define UFDB_MAX_URL_LENGTH 8192 376 377#define UFDB_EVAL_OR 0 378#define UFDB_EVAL_AND 1 379 380int ufdbReadConfig( const char * file ); 381void ufdbReloadConfig( void ); 382 383void ufdbFree( void * ptr ); 384void * UFDB_GCC_MALLOC_ATTR ufdbMalloc( size_t n ); 385void * UFDB_GCC_MALLOC_ATTR ufdbMallocAligned( size_t alignment, size_t n ); 386void * ufdbRealloc( void * ptr, size_t n ); 387void * ufdbCalloc( size_t n, size_t num ); 388 389#if UFDB_DP_DEV 390void ufdbMallocInitDPdevelopment( void ); 391#endif 392 393void * ufdbZlibMalloc( void * opaque, unsigned int items, unsigned int size ); 394void ufdbZlibFree( void * opaque, void * address ); 395 396void ufdbGetMallocMutex( char * fn ); 397void ufdbReleaseMallocMutex( char * fn ); 398 399char * ufdbStrdup( const char * s ); 400 401int ufdbStrStrEnd( const char * s, const char * end ); 402 403#define ufdbStrncpy( dest, src, n ) \ 404 if (memccpy( (void *) (dest), (void *) (src), '\0', (size_t) (n) ) == NULL) \ 405 (dest)[(n)-1] = '\0'; 406 407#define UFDB_MAGIC_CATEGORY_IS_LOADED 0x62f87ce9 408 409#ifndef UFDB_MAX_TABLE_AGE 410#define UFDB_MAX_TABLE_AGE 28 411#endif 412 413#ifndef UFDB_WARN_TABLE_AGE 414#define UFDB_WARN_TABLE_AGE 4 415#endif 416 417 418typedef enum { UFDBdomain, UFDBurl } UFDBurlType; 419 420struct UFDBtable; 421 422struct UFDBtable 423{ 424 unsigned char * tag; 425 int nNextLevels; 426 struct UFDBtable * nextLevel; 427}; 428 429struct UFDBfileHeader 430{ 431 char string[99]; /* UFDB version category numEntries key */ 432}; 433 434struct UFDBfileHeader21 435{ 436 char string[256]; /* UFDB version category numEntries key */ 437}; 438 439struct UFDBfile 440{ 441 struct UFDBfileHeader21 header; 442 struct UFDBtable table; 443}; 444 445 446#define UFDB_MEMSTATUS_UNKNOWN 0 447#define UFDB_MEMSTATUS_MALLOC 1 // malloced, may be freed with ufdbFree() 448#define UFDB_MEMSTATUS_DP 2 // DP memory may not be freed with ufdbFree() 449 450struct UFDBmemTable 451{ 452 void * mem; 453 struct UFDBtable table; 454 struct UFDBtable * index; 455 int numEntries; 456 int indexSize; 457 int hdrSize; 458 int age; 459 int memStatus; 460 size_t madvisedSize; 461 long fileSize; 462 char version[8]; 463 char flags[8]; 464 char key[16]; 465 char date[32]; 466}; 467 468typedef struct 469{ 470 unsigned int x; 471 unsigned int y; 472 unsigned char state[256]; 473} ufdbCrypt; 474 475void ufdbCryptInit( ufdbCrypt * uc, const unsigned char * key, unsigned int keySize, char * version ); 476void ufdbEncryptText( ufdbCrypt * uc, unsigned char * dest, const unsigned char * src, unsigned int len ); 477 478/* space optimisation for database format 2.1: 479 * ufdbsubLevel1 meaning "UFDBsubLevel with only one child" 480 * ufdbsubLevelNNN meaning "UFDBsubLevel with >255 children" 481 */ 482#define UFDBsubLevel '\001' /* between 8 and 255 children */ 483#define UFDBsameLevel '\002' 484#define UFDBprevLevel '\003' 485#define UFDBsubLevel1 '\004' /* 1 child */ 486#define UFDBsubLevel2 '\005' /* 2 children */ 487#define UFDBsubLevel3 '\006' /* 3 children */ 488#define UFDBsubLevel4 '\007' /* 4 children */ 489#define UFDBsubLevel5 '\010' /* 5 children */ 490#define UFDBsubLevel6 '\011' /* 6 children */ 491#define UFDBsubLevel7 '\012' /* 7 children */ 492#define UFDBsubLevelNNN '\013' /* until DB2.1: >255 children. DB2.2: >255 && <65536 */ 493#define UFDBsubLevelNNNNN '\014' /* DB2.2: >65535 children */ 494#define UFDBsubLevelIndexed '\015' /* >UFDB_NNODES_INDEX children and index follows */ 495#define UFDBendTable '\020' /* UFDBendTable is also used in in DB format 3.0 */ 496#define UFDBpadTable '\021' /* skip padding bytes */ 497 498#define UFDBmaxDomainNameLength 255 499#define UFDBmaxURLsize 512 500 501#if UFDB_DBFORMAT_3 502#define UFDBdefaultdbVersion "@ufdb_db_format@" 503#define UFDBdbVersion "@ufdb_db_format@" /* max DB version */ 504#else 505#define UFDBdefaultdbVersion "2.2" 506#define UFDBdbVersion "2.2" /* max DB version */ 507#endif 508 509#define UFDBtableTag "gYhq-2k8a-8xGx-7zYs-huUj-1jaY" 510 511#define UFDBfileSuffix ".ufdb" 512 513#ifndef UFDB_REVURL_LABEL_SIZE 514#define UFDB_REVURL_LABEL_SIZE 256 515#endif 516 517/* when URL is www.mydomain.com/asubdir/index.html, 518 * urlPart is asubdir/index.html 519 */ 520typedef unsigned char UFDBurlPart[UFDB_REVURL_LABEL_SIZE-8-4]; 521 522struct UFDBrevURL_s; 523 524/* for optimal use of the CPU cache we want to have a struct of 256 bytes and pad it if necessary */ 525typedef struct UFDBrevURL_s 526{ 527 struct UFDBrevURL_s * next; 528 uint32_t hashval; // only used in DB format 3.0 529 UFDBurlPart part; 530#if defined(LONG_BIT) && (LONG_BIT == 32) 531 char dummy[4]; 532#endif 533} UFDBrevURL; 534 535#define MAX_REVURLS 16 536 537typedef struct UFDBthreadAdmin_s 538{ 539 int myArrayUsage[MAX_REVURLS]; // 16*4 = 64 bytes 540#if UFDB_CACHELINE_SIZE == 128 541 char dummy[64]; // extra 64 byte so myArray starts on a new cache line 542#endif 543 UFDBrevURL myArray[MAX_REVURLS]; // 16*256 = 4096 bytes 544} UFDBthreadAdmin; // 64+64+4096 = 4224 bytes 545 546 547UFDBthreadAdmin * UFDBallocThreadAdmin( void ); 548void UFDBfreeThreadAdmin( UFDBthreadAdmin * handle ); 549 550#define UFDB_ALLOW 0 551#define UFDB_DENY 1 552 553#define UFDB_GROUPTYPE_UNIX 1 554#define UFDB_GROUPTYPE_LDAP 2 555 556#define UFDB_ACL_ACCESS_BLOCK 0 557#define UFDB_ACL_ACCESS_ALLOW 1 558#define UFDB_ACL_ACCESS_DUNNO 2 559 560#define UFDB_API_STATUS_VIRGIN 0 561#define UFDB_API_STATUS_STARTED_OK 1 562#define UFDB_API_STATUS_TERMINATED 2 563#define UFDB_API_STATUS_RELOADING 3 564#define UFDB_API_STATUS_RELOAD_OK 4 565#define UFDB_API_STATUS_FATAL_ERROR 5 566#define UFDB_API_STATUS_ROLLING_LOGFILE 6 567#define UFDB_API_STATUS_UPDATE 7 568#define UFDB_API_STATUS_CRASH_REPORT_UPLOADED 8 569#define UFDB_API_STATUS_CRASH_REPORT_NOT_UPLOADED 9 570 571#define UFDB_API_STATUS_DATABASE_OK 0 572#define UFDB_API_STATUS_DATABASE_OLD 1 573#define UFDB_API_STATUS_DATABASE_EXPIRED 2 574 575#define UFDB_API_OK 0 576#define UFDB_API_MATCH 1 577#define UFDB_API_ERR_NULL 2 578#define UFDB_API_ERR_NOFILE 3 579#define UFDB_API_ERR_READ 4 580#define UFDB_API_ERR_EXPR 5 581#define UFDB_API_ERR_RANGE 6 582#define UFDB_API_ERR_ERRNO 7 583#define UFDB_API_ERR_SOCKET 8 584#define UFDB_API_ERR_NOMEM 9 585#define UFDB_API_REQ_QUEUED 10 586#define UFDB_API_ERR_TUNNEL 11 587#define UFDB_API_ERR_INVALID_CERT 12 588#define UFDB_API_ERR_IP_ADDRESS 13 589#define UFDB_API_ERR_OLD_TABLE 14 590#define UFDB_API_ERR_INVALID_TABLE 15 591#define UFDB_API_ERR_INVALID_KEY 16 592#define UFDB_API_ERR_IS_SKYPE 17 593#define UFDB_API_ERR_FULL 18 594#define UFDB_API_ERR_UNKNOWN_PROTOCOL 19 595#define UFDB_API_ERR_IS_GTALK 20 596#define UFDB_API_ERR_IS_YAHOOMSG 21 597#define UFDB_API_ERR_IS_AIM 22 598#define UFDB_API_ERR_IS_FBCHAT 23 599#define UFDB_API_ERR_IS_CITRIXONLINE 24 600#define UFDB_API_ERR_IS_ANYDESK 25 601#define UFDB_API_ERR_IS_TEAMVIEWER 26 602#define UFDB_API_ERR_CKSUM_NOT_VALID 27 603#define UFDB_API_ERR_OUTDATED 28 604#define UFDB_API_ERR_FATAL 29 605#define UFDB_API_ERR_TLS 30 606#define UFDB_API_BEING_VERIFIED 31 607#define UFDB_API_MODIFIED_FOR_SAFESEARCH 32 608#define UFDB_API_MODIFIED_FOR_YOUTUBE_EDUFILTER 33 609 610/* reasons why a URL is approved/blocked */ 611#define UFDB_API_BLOCKR_PASS 0 612#define UFDB_API_BLOCKR_ACL 1 613#define UFDB_API_BLOCKR_ACL_NONE 2 614#define UFDB_API_BLOCKR_HTTPS_OPTION 3 615#define UFDB_API_BLOCKR_SKYPE 4 616#define UFDB_API_BLOCKR_SAFESEARCH 5 617#define UFDB_API_BLOCKR_LOADING_DB 6 618#define UFDB_API_BLOCKR_FATAL_ERROR 7 619#define UFDB_API_BLOCKR_CHECKED 8 620#define UFDB_API_BLOCKR_YOUTUBE_EDUFILTER 9 621 622#define UFDB_API_ALLOW_QUEUING 1 623#define UFDB_API_VERBOSE_OUTPUT 2 624#define UFDB_OPT_HTTPS_WITH_HOSTNAME 4 625#define UFDB_OPT_HTTPS_OFFICAL_CERTIFICATE 8 626#define UFDB_OPT_SKYPE_OVER_HTTPS 16 627#define UFDB_OPT_PROHIBIT_INSECURE_SSLV2 32 628#define UFDB_OPT_SAFE_SEARCH 64 629#define UFDB_OPT_UNKNOWN_PROTOCOL_OVER_HTTPS 128 630#define UFDB_OPT_GTALK_OVER_HTTPS 256 631#define UFDB_OPT_YAHOOMSG_OVER_HTTPS 512 632#define UFDB_OPT_AIM_OVER_HTTPS 1024 633#define UFDB_OPT_FBCHAT_OVER_HTTPS 2048 634#define UFDB_OPT_CITRIXONLINE_OVER_HTTPS 4096 635#define UFDB_OPT_YOUTUBE_EDUFILTER 8192 636#define UFDB_OPT_ANYDESK_OVER_HTTPS 16384 637#define UFDB_OPT_TEAMVIEWER_OVER_HTTPS 32768 638#define UFDB_OPT_PROHIBIT_INSECURE_SSLV3 65536 639 640#define UFDB_API_HTTPS_CHECK_OFF 0 641#define UFDB_API_HTTPS_CHECK_QUEUE_CHECKS 1 642#define UFDB_API_HTTPS_CHECK_AGGRESSIVE 2 643#define UFDB_API_HTTPS_CHECK_AGRESSIVE UFDB_API_HTTPS_CHECK_AGGRESSIVE 644#define UFDB_API_HTTPS_LOG_ONLY 3 645 646#define UFDB_ACL_NONE 0 647#define UFDB_ACL_WITHIN 1 648#define UFDB_ACL_OUTSIDE 2 649#define UFDB_ACL_ELSE 3 650 651#define UFDB_PARAM_INIT 1 652#define UFDB_PARAM_ALARM 2 653 654#define UFDB_DEF_HTTPS_CONN_CACHE_SIZE 1000 655 656#if UFDB_API_NO_THREADS || UFDB_SMALLSYSTEM || HAVE_PCRE_COMPILE || HAVE_PCRE_COMPILE2 657#define UFDB_NREGEX 1 658#elif UFDB_GEN_API 659#define UFDB_NREGEX 8 660#else 661#define UFDB_NREGEX 4 /* best performance when using 4 cores with 8 threads */ 662#endif 663 664/* On Linux, regexec() uses a lock and is therefore not multithreaded. 665 * This is resolved by using multiple copies of compiled regex_t so 666 * at most UFDB_NREGEX threads can work simultaneously on the same RE. 667 */ 668struct ufdbRegExp { 669 void * compiled[UFDB_NREGEX]; /* regex_t* or pcre* */ 670 int error; 671 int flags; 672 int global; 673 char * pattern; 674 char * substitute; 675 char * httpcode; 676 struct ufdbRegExp * next; 677#if !(UFDB_API_NO_THREADS || UFDB_SMALLSYSTEM) 678 int next_nregex_i; 679 ufdb_mutex lock; 680#endif 681}; 682 683struct ufdbRegExp * ufdbNewPatternBuffer( char * pattern, int flags ); 684 685int ufdbRegExpMatch( 686 struct ufdbRegExp * regexp, 687 const char * str ); 688 689void ufdbSetSignalHandler( 690 int signal, 691 void (*handler)(int) ); 692 693int UFDBaddSafeSearch( 694 char * domain, 695 char * strippedURL, 696 char * originalURL ); 697 698int UFDBaddYoutubeEdufilter( 699 char * domain, 700 char * strippedURL, 701 char * originalURL ); 702 703void ufdbHandleAlarmForTimeEvents( int why ); 704 705#include "ufdb_globals.h" 706 707#if UFDB_DBFORMAT_3 708#include "ufdbdb3.h" 709#endif 710 711#ifdef __cplusplus 712} 713#endif 714 715#endif 716 717