1/*
2 * ufdb.h - URLfilterDB
3 *
4 * ufdbGuard is copyrighted (C) 2005-2020 by URLfilterDB B.V. and others with all rights reserved.
5 *
6 * Parts of the ufdbGuard daemon are based on squidGuard.
7 * This module is NOT based on squidGuard.
8 *
9 * RCS $Id: ufdb.h.in,v 1.103 2020/10/22 07:13:03 root Exp root $
10 */
11
12/*
13 * An ordered table looks like this:
14 *
15 * UNIVERSE
16 *         com
17 *             foobar
18 *                    girls
19 *                    boys
20 *             pools
21 *             youtube
22 *		      /watch?v=id1
23 *		      /watch?v=id2
24 *		      /watch?v=idN
25 *             zazu
26 *         net
27 *             zazu
28 *             zombie
29 *
30 * The ordered table is implemented with a tree and each node in the tree
31 * has nNextLevels children.
32 *
33 * "UNIVERSE" 0xSUBLEVEL
34 * "com" 0xSUBLEVEL "foobar"  0xSUBLEVEL  "girls" 0xSAMELEVEL
35 *                                        "boys"  0xPREVLEVEL
36 *                  "pools"   0xSAMELEVEL
37 *                  "youtube" 0xSUBLEVEL  "/watch"   0xSUBLEVEL  "?"  0xSUBLEVEL  "v"  0xSUBLEVEL "id1"  0xSAMELEVEL
38 *											          "id2"  0xSAMELEVEL
39 *												  "idN"  0xPREVLEVEL
40 *			      0xPREVLEVEL            0xPREVLEVEL      0xPREVLEVEL      0xPREVLEVEL
41 *                  "zazu"    0xPREVLEVEL
42 * "net" 0xSUBLEVEL "zazu"    0xSAMELEVEL
43 *                  "zombie"  0xPREVLEVEL
44 *                  0xPREVLEVEL
45 * 0xENDTABLE
46 *
47 * The idea behind this is that the whole table can be loaded into 1 malloc-ed area
48 * and that the 0xXXXX tokens can be substitued by a '\0' in memory.
49 * Database layout version 2.2 does not do this any more and each tag is terminated with a \0.
50 * The levelTag pointer will point into the table without malloc-ing memory which
51 * will save a lot on malloc overhead, memory and CPU time to load the table.
52 *
53 * The major drawback is that the number of children of a node is unknown when
54 * a table is loaded and the arrays of child nodes (nextLevel[]) must be reallocated
55 * many times.  This implies a relatively large malloc()/realloc() overhead.
56 *
57 * To get rid of the malloc() overhead, the number of child nodes (nNextLevels) is
58 * coded into the file.  This is a new feature for database file format 1.2.
59 *
60 * Database format 2.0 does not include the number of child nodes so it must be counted when
61 * the database table is loaded into memory
62 * Database format 2.1+ includes codes for the number of children per node:
63 *    UFDBsubLevel1-UFDBsubLevel7 1-7 children
64 *    UFDBsubLevel                8-255 children
65 *    UFDBsubLevelNNN             256-65535 children
66 *    UFDBsubLevelNNNNN           65536-4B children
67 * Database format 2.2 has
68 *    \0-terminated tags.
69 *    support for matching URL paramaters: example.com/foo.cgi?a=val&b&pp=bar
70 *    | at end of a database URL means only match if the browser URL terminates there.
71 *    New in ufdbguard 1.34.x: a database URL that starts with "|." matches a browser URL that
72 *    has not a subdomain other than www[0-9][0-9].  So |.example.com matches www.example.com but not
73 *    foo.example.com.
74 */
75
76#ifndef UFDB_UFDB_H_INCLUDED
77#define UFDB_UFDB_H_INCLUDED
78
79#ifdef __cplusplus
80extern "C" {
81#endif
82
83#ifndef UFDB_NEED_FORTIFIED_CODE
84#undef _FORTIFY_SOURCE
85#endif
86
87#ifndef _REENTRANT
88#define _REENTRANT
89#endif
90
91/* on AIX systems we must define _ALL_SOURCE in order to get the symbol NI_NAMEREQD used by getnameinfo() */
92#ifdef _AIX
93#define _ALL_SOURCE 1
94#endif
95
96#ifndef _XOPEN_SOURCE___
97#ifdef __sun
98#define _XOPEN_SOURCE___ 600
99#else
100#define _XOPEN_SOURCE___ 600
101#endif
102#endif
103
104#if __sun && !defined(__EXTENSIONS__)
105#define __EXTENSIONS__ 1
106#endif
107
108#if 0
109#ifndef _POSIX_C_SOURCE
110#define _POSIX_C_SOURCE  200112L
111#endif
112#endif
113
114#if 0
115#ifndef _XOPEN_SOURCE____EXTENDED
116#define _XOPEN_SOURCE____EXTENDED  1
117#endif
118#endif
119
120#ifndef _DEFAULT_SOURCE
121#define _DEFAULT_SOURCE 1
122#endif
123
124#ifndef _BSD_SOURCE
125#define _BSD_SOURCE 1
126#endif
127
128#ifndef UFDB_MALLOC_IS_THREADSAFE
129#define UFDB_MALLOC_IS_THREADSAFE 1
130#endif
131
132#define UFDB_DO_NOT_STRIP_FTP 1
133
134#define UFDB_VERSION               "@PACKAGE_VERSION@"
135
136#define UFDB_SSL_SUPPORT           @ufdb_with_ssl@
137// ZLIB_SUPPORT: 0 disabled, 1 use standard library, 2 use own library
138#define UFDB_ZLIB_SUPPORT          @ufdb_with_zlib@
139#if UFDB_ZLIB_SUPPORT == 2
140#define UFDB_OWN_ZLIB_SUPPORT	   1
141// #define deflate		   z_deflate
142// #define deflateInit		   z_deflateInit
143// #define deflateEnd		   z_deflateEnd
144#endif
145#define UFDB_BZ2LIB_SUPPORT        @ufdb_with_bz2lib@
146#define UFDB_PTHREAD_SUPPORT       @ufdb_with_pthread@
147#define UFDB_FUTEX_SUPPORT         @ufdb_with_futex@
148#define UFDB_SPINLOCK_SUPPORT      @ufdb_with_spinlock@
149#define UFDB_CVMX_SPINLOCK_SUPPORT @ufdb_with_cvmx_spinlock@
150#define UFDB_BARE_METAL_SUPPORT    @ufdb_bare_metal@
151#define UFDB_DPDK_SUPPORT          @ufdb_dpdk@
152#define UFDB_REGEX_SUPPORT         @ufdb_regex_support@
153#define UFDB_VERIFY_CERTS          @ufdb_verify_certs@
154
155
156#if __OCTEON__ || __ppc__
157#define UFDB_CACHELINE_SIZE     128
158#else
159#define UFDB_CACHELINE_SIZE     64
160#endif
161
162// #ifndef _GNU_SOURCE
163// #define _GNU_SOURCE
164// #endif
165
166#undef UFDB_64BITS
167#if defined(__x86_64__) || defined(__amd64__) || __SIZEOF_POINTER__ == 8
168#define UFDB_64BITS 1
169#endif
170
171#if defined(__GNUC__) && defined(__OPTIMIZE__)
172#define UFDB_GCC_INLINE __inline__
173#else
174#define UFDB_GCC_INLINE
175#endif
176
177#if UFDB_BARE_METAL_SUPPORT  &&  __OCTEON__
178#include "cvmx-platform.h"
179#define UFDB_SHARED     CVMX_SHARED
180#else
181#define UFDB_SHARED     /**/
182#endif
183
184#if defined(__GNUC__)
185/* malloc attribute exists since gcc 2.96 */
186#define UFDB_GCC_MALLOC_ATTR __attribute__ ((malloc))
187#else
188#define UFDB_GCC_MALLOC_ATTR /**/
189#endif
190
191#if defined(__GNUC__)  &&  ((__GNUC__ > 3) || ((__GNUC__ == 3) && (__GNUC_MINOR__ >= 3)))
192#if UFDB_CACHELINE_SIZE == 128
193#define UFDB_GCC_ALIGN_CL   __attribute__ ((aligned(128)))
194#else
195#define UFDB_GCC_ALIGN_CL   __attribute__ ((aligned(64)))
196#endif
197#else
198#define UFDB_GCC_ALIGN_CL   /**/
199#endif
200
201#if defined(__GNUC__)
202#define UFDB_GCC_NORETURN  __attribute__ ((noreturn))
203#define UFDB_GCC_UNUSED    __attribute__ ((unused))
204#else
205#define UFDB_GCC_NORETURN
206#define UFDB_GCC_UNUSED
207#endif
208
209
210#if defined(UFDB_64BITS)  &&  defined(__GNUC__)  &&  ((__GNUC__ > 3) || ((__GNUC__ == 3) && (__GNUC_MINOR__ >= 3)))
211#define UFDB_GCC_DEPRECATED __attribute__ ((deprecated))
212#define UFDB_GCC_ALIGN64    __attribute__ ((aligned(64)))
213#else
214#define UFDB_GCC_DEPRECATED /**/
215#define UFDB_GCC_ALIGN64    /**/
216#endif
217
218#if defined(UFDB_64BITS)  &&  defined(__GNUC__)  &&  ((__GNUC__ > 3) || ((__GNUC__ == 3) && (__GNUC_MINOR__ >= 3)))
219#define UFDB_GCC_REGPARM1 __attribute__ ((regparm(1)))
220#define UFDB_GCC_REGPARM2 __attribute__ ((regparm(2)))
221#define UFDB_GCC_REGPARM3 __attribute__ ((regparm(3)))
222#else
223#define UFDB_GCC_REGPARM1 /**/
224#define UFDB_GCC_REGPARM2 /**/
225#define UFDB_GCC_REGPARM3 /**/
226#endif
227
228#if defined(__GNUC__)  &&  ((__GNUC__ > 4) || ((__GNUC__ == 4) && (__GNUC_MINOR__ >= 3)))
229#define UFDB_GCC_HOT        __attribute__ ((hot))
230#define UFDB_GCC_COLD       __attribute__ ((cold))
231#else
232#define UFDB_GCC_HOT        /**/
233#define UFDB_GCC_COLD       /**/
234#endif
235
236
237#include <stdint.h>
238
239#include "config.h"
240#include "version.h"
241#include "ufdblocks.h"
242#include "ufdb-api-private.h"
243
244#if !defined(UFDB_API_NO_THREADS) && UFDB_PTHREAD_SUPPORT
245#include <pthread.h>
246#endif
247
248
249#if !UFDB_BARE_METAL_SUPPORT
250
251#if UFDB_REGEX_SUPPORT && HAVE_REGCOMP != 1
252#error The C library does not have the regcomp function.
253#endif
254
255#if HAVE_SIGACTION != 1
256#error The C library does not have the sigaction function.
257#endif
258#endif
259
260#include <sys/types.h>
261#include <string.h>
262#include <limits.h>
263
264#ifdef UFDB_USE_PCREPOSIX
265#include <pcreposix.h>
266#else
267#include <regex.h>
268#endif
269
270#define UFDB_GDB_PATH	   "@GDB@"
271#define UFDB_WGET_PATH	   "@WGET@"
272#define UFDB_CURL_PATH	   "@CURL@"
273
274#define DEFAULT_DBHOME     "@ufdb_dbhome@"
275#define DEFAULT_IMAGESDIR  "@ufdb_images_dir@"
276#define DEFAULT_BINDIR     "@ufdb_bindir@"
277#define DEFAULT_PIDDIR     "@ufdb_piddir@"
278#define DEFAULT_LOGDIR     "@ufdb_logdir@"
279#define DEFAULT_LOGFILE    "ufdbGuard.log"
280#define DEFAULT_CONFIGFILE "@ufdb_config@/ufdbGuard.conf"
281#define UFDB_SYSTEM_CONFIG "@ufdb_sysconfigfile@"
282
283#define UFDB_DEFAULT_SQUID_VERSION    	"4.0"
284#define UFDB_SQUID_HELPER_PROTOCOL1	0	/* 2.x         */
285#define UFDB_SQUID_HELPER_PROTOCOL2	1	/* 3.0 - 3.3   */
286#define UFDB_SQUID_HELPER_PROTOCOL3	2	/* 3.4 -       */
287
288#define UFDB_LICENSE_STATUS_FILENAME  	"license-status"
289
290#define UFDB_USER_AGENT	   		"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)"
291
292#define UFDB_ROTATE_LOG_FILES
293#define UFDB_MAX_INITIAL_LOGFILE_SIZE	(200*1024*1024)
294#define UFDB_MAX_LOGFILE_SIZE           (200*1024*1024)
295#define UFDB_MAX_LOGMSG_SZ              (10*1024)
296
297#define UFDB_RECONFIGR_NONE             0
298#define UFDB_RECONFIGR_INIT             1
299#define UFDB_RECONFIGR_FINISH           2
300#define UFDB_RECONFIGR_HUP              3
301#define UFDB_RECONFIGR_RELOAD           4
302#define UFDB_RECONFIGR_TERM             5
303#define UFDB_RECONFIGR_ABORT            6
304#define UFDB_RECONFIGR_BADSIG           7
305#define UFDB_RECONFIGR_FATAL            8
306#define UFDB_RECONFIGR_STACK            9
307#define UFDB_RECONFIGR_FORTIFY         10
308
309#define UFDB_DEFAULT_REFRESH_USERLIST	15	/* minutes */
310#define UFDB_DEFAULT_REFRESH_IPLIST	15	/* minutes */
311#define UFDB_DEFAULT_REFRESH_DOMAINLIST	15	/* minutes */
312
313#if UFDB_GEN_API
314#define UFDB_UUE_MAXURLS	75000
315#define UFDB_UUE_HASHSIZE	99371
316#else
317#define UFDB_UUE_MAXURLS	20000
318#define UFDB_UUE_HASHSIZE	25643
319#endif
320
321#ifndef UFDB_UPLOAD_UNCATEGORISED_URLS_WEBSITE
322#define UFDB_UPLOAD_UNCATEGORISED_URLS_WEBSITE  "updates.urlfilterdb.com"
323#endif
324
325#ifndef UFDB_UPLOAD_UNCATEGORISED_URLS_CGI
326#define UFDB_UPLOAD_UNCATEGORISED_URLS_CGI      "/cgi-bin/uncat.pl"
327#endif
328
329#ifndef UFDB_UPLOAD_ANALYSE_SQUID_LOG_CGI
330#define UFDB_UPLOAD_ANALYSE_SQUID_LOG_CGI       "/cgi-bin/analyseSquidLog.pl"
331#endif
332
333#ifndef UFDB_EXPLAIN_DENY_REASON_URL
334#define UFDB_EXPLAIN_DENY_REASON_URL            "http://cgibin.urlfilterdb.com/cgi-bin/explain-denial.cgi"
335#endif
336
337#ifndef UFDB_DEFAULT_HTTPS_REDIRECTION_URL
338#define UFDB_DEFAULT_HTTPS_REDIRECTION_URL	"blockedhttps.urlfilterdb.com:443"
339#endif
340
341#ifndef UFDB_DEFAULT_BUMPED_HTTPS_REDIRECTION_URL
342#define UFDB_DEFAULT_BUMPED_HTTPS_REDIRECTION_URL	"https://blockedhttps.urlfilterdb.com/cgi-bin/URLblocked.cgi?clientgroup=%s&category=%t&url=%u"
343#endif
344
345#ifndef UFDB_DEFAULT_HTTP_RETURN_CODE
346#define UFDB_DEFAULT_HTTP_RETURN_CODE 		"302"		/* in the past HTTP/1.0 used "302" */
347#endif
348
349#define UFDB_NNODES_INDEX	2048
350
351#define UFDBGUARDD_PID_FILE     DEFAULT_PIDDIR "/ufdbguardd.pid"
352#define UFDBICAP_PID_FILE       "/var/run/urlfilterdb/icapd.pid"
353#define UFDB_USER               "@ufdb_user@"
354
355#define UFDB_USERQUOTA_SUPPORT  0
356
357/* support 20 instances of squid with each 64 ufdbgclient processes */
358#ifndef UFDB_MIN_THREADS
359#define UFDB_MIN_THREADS	(64+1)
360#endif
361#ifndef UFDB_MAX_THREADS
362#define UFDB_MAX_THREADS	(20*64+5)
363#endif
364#define UFDB_DAEMON_PORT        3977
365
366/* ufdbgclient can support up to concurrency=N queries simultaneously */
367#define UFDB_MAX_SQUID_CONCURRENCY      32
368
369/* The HTTP 1.1 spec says that proxies must be able to handle requests
370 * with a very long URI.  So what we will do is that ufdbgclient
371 * will support this and truncate the URL to have a maximum length
372 * of UFDB_MAX_URL_LENGTH.
373 */
374#define UFDB_HTTP_1_1_MAX_URI_LENGTH	65536
375#define UFDB_MAX_URL_LENGTH     8192
376
377#define UFDB_EVAL_OR	0
378#define UFDB_EVAL_AND	1
379
380int    ufdbReadConfig( const char * file );
381void   ufdbReloadConfig( void );
382
383void   ufdbFree( void * ptr );
384void * UFDB_GCC_MALLOC_ATTR ufdbMalloc( size_t n );
385void * UFDB_GCC_MALLOC_ATTR ufdbMallocAligned( size_t alignment, size_t n );
386void * ufdbRealloc( void * ptr, size_t n );
387void * ufdbCalloc( size_t n, size_t num );
388
389#if UFDB_DP_DEV
390void ufdbMallocInitDPdevelopment( void );
391#endif
392
393void * ufdbZlibMalloc( void * opaque, unsigned int items, unsigned int size );
394void   ufdbZlibFree( void * opaque, void * address );
395
396void   ufdbGetMallocMutex( char * fn );
397void   ufdbReleaseMallocMutex( char * fn );
398
399char * ufdbStrdup( const char * s );
400
401int ufdbStrStrEnd( const char * s, const char * end );
402
403#define ufdbStrncpy( dest, src, n )   \
404	if (memccpy( (void *) (dest), (void *) (src), '\0', (size_t) (n) ) == NULL)  \
405	   (dest)[(n)-1] = '\0';
406
407#define UFDB_MAGIC_CATEGORY_IS_LOADED 0x62f87ce9
408
409#ifndef UFDB_MAX_TABLE_AGE
410#define UFDB_MAX_TABLE_AGE 28
411#endif
412
413#ifndef UFDB_WARN_TABLE_AGE
414#define UFDB_WARN_TABLE_AGE 4
415#endif
416
417
418typedef enum { UFDBdomain, UFDBurl } UFDBurlType;
419
420struct UFDBtable;
421
422struct UFDBtable
423{
424   unsigned char *     tag;
425   int                 nNextLevels;
426   struct UFDBtable *  nextLevel;
427};
428
429struct UFDBfileHeader
430{
431   char   string[99];  /* UFDB version category numEntries key */
432};
433
434struct UFDBfileHeader21
435{
436   char   string[256];  /* UFDB version category numEntries key */
437};
438
439struct UFDBfile
440{
441   struct UFDBfileHeader21 header;
442   struct UFDBtable        table;
443};
444
445
446#define UFDB_MEMSTATUS_UNKNOWN  0
447#define UFDB_MEMSTATUS_MALLOC   1       // malloced, may be freed with ufdbFree()
448#define UFDB_MEMSTATUS_DP       2       // DP memory may not be freed with ufdbFree()
449
450struct UFDBmemTable
451{
452   void *              mem;
453   struct UFDBtable    table;
454   struct UFDBtable *  index;
455   int                 numEntries;
456   int		       indexSize;
457   int                 hdrSize;
458   int                 age;
459   int                 memStatus;
460   size_t              madvisedSize;
461   long                fileSize;
462   char		       version[8];
463   char                flags[8];
464   char                key[16];
465   char                date[32];
466};
467
468typedef struct
469{
470   unsigned int x;
471   unsigned int y;
472   unsigned char state[256];
473} ufdbCrypt;
474
475void ufdbCryptInit(   ufdbCrypt * uc, const unsigned char * key, unsigned int keySize, char * version );
476void ufdbEncryptText( ufdbCrypt * uc, unsigned char * dest, const unsigned char * src, unsigned int len );
477
478/* space optimisation for database format 2.1:
479 * ufdbsubLevel1 meaning "UFDBsubLevel with only one child"
480 * ufdbsubLevelNNN meaning "UFDBsubLevel with >255 children"
481 */
482#define UFDBsubLevel      '\001'		/* between 8 and 255 children */
483#define UFDBsameLevel     '\002'
484#define UFDBprevLevel     '\003'
485#define UFDBsubLevel1     '\004'		/* 1 child */
486#define UFDBsubLevel2     '\005'		/* 2 children */
487#define UFDBsubLevel3     '\006'		/* 3 children */
488#define UFDBsubLevel4     '\007'		/* 4 children */
489#define UFDBsubLevel5     '\010'		/* 5 children */
490#define UFDBsubLevel6     '\011'		/* 6 children */
491#define UFDBsubLevel7     '\012'		/* 7 children */
492#define UFDBsubLevelNNN   '\013'		/* until DB2.1: >255 children.  DB2.2: >255 && <65536 */
493#define UFDBsubLevelNNNNN '\014'		/* DB2.2: >65535 children */
494#define UFDBsubLevelIndexed '\015'		/* >UFDB_NNODES_INDEX children and index follows */
495#define UFDBendTable      '\020'                /* UFDBendTable is also used in in DB format 3.0 */
496#define UFDBpadTable      '\021'		/* skip padding bytes */
497
498#define UFDBmaxDomainNameLength 255
499#define UFDBmaxURLsize          512
500
501#if UFDB_DBFORMAT_3
502#define UFDBdefaultdbVersion  "@ufdb_db_format@"
503#define UFDBdbVersion         "@ufdb_db_format@"  /* max DB version */
504#else
505#define UFDBdefaultdbVersion  "2.2"
506#define UFDBdbVersion         "2.2"		  /* max DB version */
507#endif
508
509#define UFDBtableTag   "gYhq-2k8a-8xGx-7zYs-huUj-1jaY"
510
511#define UFDBfileSuffix ".ufdb"
512
513#ifndef UFDB_REVURL_LABEL_SIZE
514#define UFDB_REVURL_LABEL_SIZE 256
515#endif
516
517/* when URL is www.mydomain.com/asubdir/index.html,
518 * urlPart is asubdir/index.html
519 */
520typedef unsigned char UFDBurlPart[UFDB_REVURL_LABEL_SIZE-8-4];
521
522struct UFDBrevURL_s;
523
524/* for optimal use of the CPU cache we want to have a struct of 256 bytes and pad it if necessary */
525typedef struct UFDBrevURL_s
526{
527   struct UFDBrevURL_s * next;
528   uint32_t              hashval;                       // only used in DB format 3.0
529   UFDBurlPart           part;
530#if defined(LONG_BIT)  &&  (LONG_BIT == 32)
531   char                  dummy[4];
532#endif
533} UFDBrevURL;
534
535#define MAX_REVURLS	 16
536
537typedef struct UFDBthreadAdmin_s
538{
539   int                   myArrayUsage[MAX_REVURLS];	// 16*4 = 64 bytes
540#if UFDB_CACHELINE_SIZE == 128
541   char                  dummy[64];                     // extra 64 byte so myArray starts on a new cache line
542#endif
543   UFDBrevURL            myArray[MAX_REVURLS];		// 16*256 = 4096 bytes
544} UFDBthreadAdmin;                                      // 64+64+4096 = 4224 bytes
545
546
547UFDBthreadAdmin * UFDBallocThreadAdmin( void );
548void UFDBfreeThreadAdmin( UFDBthreadAdmin * handle );
549
550#define UFDB_ALLOW			0
551#define UFDB_DENY			1
552
553#define UFDB_GROUPTYPE_UNIX    		1
554#define UFDB_GROUPTYPE_LDAP    		2
555
556#define UFDB_ACL_ACCESS_BLOCK		0
557#define UFDB_ACL_ACCESS_ALLOW		1
558#define UFDB_ACL_ACCESS_DUNNO		2
559
560#define UFDB_API_STATUS_VIRGIN  	0
561#define UFDB_API_STATUS_STARTED_OK 	1
562#define UFDB_API_STATUS_TERMINATED	2
563#define UFDB_API_STATUS_RELOADING	3
564#define UFDB_API_STATUS_RELOAD_OK	4
565#define UFDB_API_STATUS_FATAL_ERROR	5
566#define UFDB_API_STATUS_ROLLING_LOGFILE	6
567#define UFDB_API_STATUS_UPDATE          7
568#define UFDB_API_STATUS_CRASH_REPORT_UPLOADED 8
569#define UFDB_API_STATUS_CRASH_REPORT_NOT_UPLOADED 9
570
571#define UFDB_API_STATUS_DATABASE_OK	   0
572#define UFDB_API_STATUS_DATABASE_OLD	   1
573#define UFDB_API_STATUS_DATABASE_EXPIRED   2
574
575#define UFDB_API_OK                        0
576#define UFDB_API_MATCH			   1
577#define UFDB_API_ERR_NULL                  2
578#define UFDB_API_ERR_NOFILE                3
579#define UFDB_API_ERR_READ                  4
580#define UFDB_API_ERR_EXPR                  5
581#define UFDB_API_ERR_RANGE                 6
582#define UFDB_API_ERR_ERRNO                 7
583#define UFDB_API_ERR_SOCKET                8
584#define UFDB_API_ERR_NOMEM                 9
585#define UFDB_API_REQ_QUEUED               10
586#define UFDB_API_ERR_TUNNEL               11
587#define UFDB_API_ERR_INVALID_CERT         12
588#define UFDB_API_ERR_IP_ADDRESS           13
589#define UFDB_API_ERR_OLD_TABLE            14
590#define UFDB_API_ERR_INVALID_TABLE        15
591#define UFDB_API_ERR_INVALID_KEY          16
592#define UFDB_API_ERR_IS_SKYPE		  17
593#define UFDB_API_ERR_FULL                 18
594#define UFDB_API_ERR_UNKNOWN_PROTOCOL     19
595#define UFDB_API_ERR_IS_GTALK		  20
596#define UFDB_API_ERR_IS_YAHOOMSG	  21
597#define UFDB_API_ERR_IS_AIM     	  22
598#define UFDB_API_ERR_IS_FBCHAT     	  23
599#define UFDB_API_ERR_IS_CITRIXONLINE   	  24
600#define UFDB_API_ERR_IS_ANYDESK   	  25
601#define UFDB_API_ERR_IS_TEAMVIEWER   	  26
602#define UFDB_API_ERR_CKSUM_NOT_VALID   	  27
603#define UFDB_API_ERR_OUTDATED             28
604#define UFDB_API_ERR_FATAL                29
605#define UFDB_API_ERR_TLS                  30
606#define UFDB_API_BEING_VERIFIED                  31
607#define UFDB_API_MODIFIED_FOR_SAFESEARCH         32
608#define UFDB_API_MODIFIED_FOR_YOUTUBE_EDUFILTER  33
609
610/* reasons why a URL is approved/blocked */
611#define UFDB_API_BLOCKR_PASS			0
612#define UFDB_API_BLOCKR_ACL			1
613#define UFDB_API_BLOCKR_ACL_NONE		2
614#define UFDB_API_BLOCKR_HTTPS_OPTION		3
615#define UFDB_API_BLOCKR_SKYPE			4
616#define UFDB_API_BLOCKR_SAFESEARCH		5
617#define UFDB_API_BLOCKR_LOADING_DB		6
618#define UFDB_API_BLOCKR_FATAL_ERROR		7
619#define UFDB_API_BLOCKR_CHECKED                 8
620#define UFDB_API_BLOCKR_YOUTUBE_EDUFILTER       9
621
622#define UFDB_API_ALLOW_QUEUING     	        1
623#define UFDB_API_VERBOSE_OUTPUT    	        2
624#define UFDB_OPT_HTTPS_WITH_HOSTNAME            4
625#define UFDB_OPT_HTTPS_OFFICAL_CERTIFICATE      8
626#define UFDB_OPT_SKYPE_OVER_HTTPS	       16
627#define UFDB_OPT_PROHIBIT_INSECURE_SSLV2       32
628#define UFDB_OPT_SAFE_SEARCH                   64
629#define UFDB_OPT_UNKNOWN_PROTOCOL_OVER_HTTPS  128
630#define UFDB_OPT_GTALK_OVER_HTTPS	      256
631#define UFDB_OPT_YAHOOMSG_OVER_HTTPS	      512
632#define UFDB_OPT_AIM_OVER_HTTPS	             1024
633#define UFDB_OPT_FBCHAT_OVER_HTTPS           2048
634#define UFDB_OPT_CITRIXONLINE_OVER_HTTPS     4096
635#define UFDB_OPT_YOUTUBE_EDUFILTER	     8192
636#define UFDB_OPT_ANYDESK_OVER_HTTPS	    16384
637#define UFDB_OPT_TEAMVIEWER_OVER_HTTPS	    32768
638#define UFDB_OPT_PROHIBIT_INSECURE_SSLV3    65536
639
640#define UFDB_API_HTTPS_CHECK_OFF           0
641#define UFDB_API_HTTPS_CHECK_QUEUE_CHECKS  1
642#define UFDB_API_HTTPS_CHECK_AGGRESSIVE    2
643#define UFDB_API_HTTPS_CHECK_AGRESSIVE     UFDB_API_HTTPS_CHECK_AGGRESSIVE
644#define UFDB_API_HTTPS_LOG_ONLY            3
645
646#define UFDB_ACL_NONE		0
647#define UFDB_ACL_WITHIN   	1
648#define UFDB_ACL_OUTSIDE   	2
649#define UFDB_ACL_ELSE   	3
650
651#define UFDB_PARAM_INIT		1
652#define UFDB_PARAM_ALARM	2
653
654#define UFDB_DEF_HTTPS_CONN_CACHE_SIZE     1000
655
656#if UFDB_API_NO_THREADS || UFDB_SMALLSYSTEM || HAVE_PCRE_COMPILE || HAVE_PCRE_COMPILE2
657#define UFDB_NREGEX	1
658#elif UFDB_GEN_API
659#define UFDB_NREGEX	8
660#else
661#define UFDB_NREGEX	4 	/* best performance when using 4 cores with 8 threads */
662#endif
663
664/* On Linux, regexec() uses a lock and is therefore not multithreaded.
665 * This is resolved by using multiple copies of compiled regex_t so
666 * at most UFDB_NREGEX threads can work simultaneously on the same RE.
667 */
668struct ufdbRegExp {
669   void *     compiled[UFDB_NREGEX];     /* regex_t* or pcre* */
670   int        error;
671   int        flags;
672   int        global;
673   char *     pattern;
674   char *     substitute;
675   char *     httpcode;
676   struct ufdbRegExp * next;
677#if !(UFDB_API_NO_THREADS || UFDB_SMALLSYSTEM)
678   int        next_nregex_i;
679   ufdb_mutex lock;
680#endif
681};
682
683struct ufdbRegExp * ufdbNewPatternBuffer( char * pattern, int flags );
684
685int ufdbRegExpMatch(
686   struct ufdbRegExp * regexp,
687   const char *        str );
688
689void ufdbSetSignalHandler(
690   int signal,
691   void (*handler)(int)  );
692
693int UFDBaddSafeSearch(
694   char * domain,
695   char * strippedURL,
696   char * originalURL  );
697
698int UFDBaddYoutubeEdufilter(
699   char * domain,
700   char * strippedURL,
701   char * originalURL  );
702
703void ufdbHandleAlarmForTimeEvents( int why );
704
705#include "ufdb_globals.h"
706
707#if UFDB_DBFORMAT_3
708#include "ufdbdb3.h"
709#endif
710
711#ifdef __cplusplus
712}
713#endif
714
715#endif
716
717