コード例 #1
0
  /**
   * Utility method that allows interactive testing of individal ACL records, as well as the net
   * effect of the ACL record list.
   *
   * <p>Run "java -cp path/to/hsqldb.jar org.hsqldb.server.ServerAcl --help" for Syntax help.
   */
  public static void main(String[] sa) throws AclFormatException, IOException {

    if (sa.length > 1) {
      throw new RuntimeException(
          "Try: java -cp path/to/hsqldb.jar " + ServerAcl.class.getName() + " --help");
    }

    if (sa.length > 0 && sa[0].equals("--help")) {
      System.err.println(
          "SYNTAX: java -cp path/to/hsqldb.jar " + ServerAcl.class.getName() + " [filepath.txt]");
      System.err.println("ACL file path defaults to 'acl.txt' in the " + "current directory.");
      System.exit(0);
    }

    ServerAcl serverAcl = new ServerAcl(new File((sa.length == 0) ? "acl.txt" : sa[0]));

    serverAcl.setPrintWriter(new PrintWriter(System.out));
    System.out.println(serverAcl.toString());

    BufferedReader br = new BufferedReader(new InputStreamReader(System.in));

    System.out.println("Enter hostnames or IP addresses to be tested " + "(one per line).");

    String s;

    while ((s = br.readLine()) != null) {
      s = s.trim();

      if (s.length() < 1) {
        continue;
      }

      System.out.println(Boolean.toString(serverAcl.permitAccess(s)));
    }
  }
コード例 #2
0
    public String toString() {

      StringBuffer sb = new StringBuffer("Addrs ");

      sb.append(
          (value.length == 16)
              ? ("[" + ServerAcl.colonNotation(value) + ']')
              : ServerAcl.dottedNotation(value));
      sb.append("/" + bitBlockSize + ' ' + (allow ? "ALLOW" : "DENY"));

      return sb.toString();
    }
コード例 #3
0
  /**
   * @return true if access for the candidate address should be permitted, false if access should be
   *     denied.
   * @throws RuntimeException if no rule covers the candidate address. This would be the case if
   *     this class is applied to some network protocol other than ipv4 or ipv6, without adding a
   *     default rule for it.
   */
  public boolean permitAccess(byte[] addr) {

    ensureAclsUptodate();

    for (int i = 0; i < aclEntries.size(); i++) {
      if (((AclEntry) aclEntries.get(i)).matches(addr)) {
        AclEntry hit = (AclEntry) aclEntries.get(i);

        println(
            "Addr '" + ServerAcl.dottedNotation(addr) + "' matched rule #" + (i + 1) + ":  " + hit);

        return hit.allow;
      }
    }

    throw new RuntimeException("No rule matches address '" + ServerAcl.dottedNotation(addr) + "'");
  }
コード例 #4
0
    public void validateMask() throws AclFormatException {

      if (BitMap.hasAnyBitSet(BitMap.and(value, BitMap.not(mask)))) {
        throw new AclFormatException(
            "The base address '"
                + ServerAcl.dottedNotation(value)
                + "' is too specific for block-size-spec /"
                + bitBlockSize);
      }
    }