Mercurial > hg > freeDiameter
annotate extensions/acl_wl/aw_tree.c @ 162:79768bf7d208
Completed whitelist extension
| author | Sebastien Decugis <sdecugis@nict.go.jp> |
|---|---|
| date | Tue, 26 Jan 2010 13:23:03 +0900 |
| parents | 645ff1487c23 |
| children | 5df55136361b |
| rev | line source |
|---|---|
|
161
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1 /********************************************************************************************************* |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
2 * Software License Agreement (BSD License) * |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
3 * Author: Sebastien Decugis <sdecugis@nict.go.jp> * |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
4 * * |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
5 * Copyright (c) 2009, WIDE Project and NICT * |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
6 * All rights reserved. * |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
7 * * |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
8 * Redistribution and use of this software in source and binary forms, with or without modification, are * |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
9 * permitted provided that the following conditions are met: * |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
10 * * |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
11 * * Redistributions of source code must retain the above * |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
12 * copyright notice, this list of conditions and the * |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
13 * following disclaimer. * |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
14 * * |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
15 * * Redistributions in binary form must reproduce the above * |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
16 * copyright notice, this list of conditions and the * |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
17 * following disclaimer in the documentation and/or other * |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
18 * materials provided with the distribution. * |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
19 * * |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
20 * * Neither the name of the WIDE Project or NICT nor the * |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
21 * names of its contributors may be used to endorse or * |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
22 * promote products derived from this software without * |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
23 * specific prior written permission of WIDE Project and * |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
24 * NICT. * |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
25 * * |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
26 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED * |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
27 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A * |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
28 * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR * |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
29 * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT * |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
30 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
31 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR * |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
32 * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF * |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
33 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
34 *********************************************************************************************************/ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
35 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
36 #include "acl_wl.h" |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
37 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
38 /* The configuration simply contains the allowed fqdn and/or domains (*.example.net) |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
39 * It is represented similarly to the DNS tree: |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
40 * (root)--___ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
41 * / \ \ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
42 * tld1 tld2 (tld3...) |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
43 * / | |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
44 * label1 label2 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
45 * / \ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
46 * lbl21 lbl22 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
47 * / \ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
48 * lbl211 * |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
49 * |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
50 * This tree would whitelist: |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
51 * - label1.tld1 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
52 * - lbl211.lbl21.label2.tld2 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
53 * - *.lbl22.label2.tld2 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
54 * |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
55 * The functions to add and search the tree are in aw_tree.c. |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
56 * |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
57 */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
58 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
59 /* Maximum depth of the tree. We set a static size to avoid dynamic allocations. We report an error if this is not sufficient. */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
60 #define AW_TREE_MAXDEPTH 10 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
61 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
62 /* An element of the tree */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
63 struct tree_item { |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
64 struct fd_list chain; /* Link to elements at the same level. Ordered alphabetically. */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
65 struct fd_list children; /* Sentinel for the subtree. */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
66 char * str; /* the \0 terminated label, or NULL if it is a generic container ("*") */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
67 int flags; /* PI_SEC_* flags */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
68 int leaf; /* true if this item can be a leaf of the tree */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
69 }; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
70 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
71 /* The root of the tree */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
72 static struct fd_list tree_root = FD_LIST_INITIALIZER(tree_root); |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
73 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
74 /* Note: we don't need to lock, since we add only when parsing the conf, and then read only */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
75 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
76 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
77 /* The parsed name */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
78 struct split_name { |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
79 struct { |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
80 char * str; /* start of this label */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
81 size_t len; /* length of this label. It does not include the final "." or "\0" */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
82 } label[AW_TREE_MAXDEPTH]; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
83 int last_lbl; /* idx of last label defined */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
84 }; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
85 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
86 /* The following function explodes a name into a split_name structure */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
87 static int parse_name(char * name, struct split_name * result) |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
88 { |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
89 int i, l, prev_offset; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
90 char * c; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
91 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
92 TRACE_ENTRY("%p %p", name, result); |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
93 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
94 /* First, initialize the result array */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
95 memset(result, 0, sizeof(struct split_name)); |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
96 result->label[0].str = name; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
97 l = 0; prev_offset = 0; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
98 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
99 for (i=0; name[i] != '\0'; i++) { |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
100 if (name[i]=='.') { |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
101 l++; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
102 CHECK_PARAMS( l < AW_TREE_MAXDEPTH ); |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
103 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
104 /* The previous label is complete, write its size */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
105 result->label[l - 1].len = i - prev_offset; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
106 prev_offset = i + 1; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
107 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
108 /* Write the start of the new label */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
109 result->label[l].str = name + i + 1; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
110 } |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
111 } |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
112 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
113 /* Finally, write the size of the last label */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
114 result->label[l].len = i - prev_offset; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
115 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
116 result->last_lbl = l; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
117 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
118 #if 0 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
119 fd_log_debug("Parsed name %s as:\n", name); |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
120 for (i=0; i<=l; i++) |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
121 fd_log_debug(" str[%d] len: %d, v:%.*s\n", i, result->label[i].len, result->label[i].len, result->label[i].str); |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
122 #endif /* 0 */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
123 return 0; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
124 } |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
125 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
126 /* Create a new tree_item structure */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
127 static struct tree_item * new_ti(char * str, size_t len, int flags, int leaf) |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
128 { |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
129 struct tree_item * ti; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
130 char * s = NULL; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
131 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
132 TRACE_ENTRY("%p %d %x", str, len, flags); |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
133 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
134 if (str) { |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
135 CHECK_MALLOC_DO(s = malloc(len + 1), return NULL); |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
136 memcpy(s, str, len); |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
137 s[len] = '\0'; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
138 } |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
139 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
140 CHECK_MALLOC_DO( ti = malloc(sizeof(struct tree_item)), {free(s); return NULL; } ); |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
141 memset(ti, 0, sizeof(struct tree_item)); |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
142 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
143 fd_list_init(&ti->chain, ti); |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
144 fd_list_init(&ti->children, ti); |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
145 ti->str = s; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
146 ti->flags = flags; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
147 ti->leaf = leaf; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
148 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
149 return ti; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
150 } |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
151 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
152 /* Recursively delete a subtree */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
153 static void delete_tree(struct fd_list * senti) |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
154 { |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
155 while (!FD_IS_LIST_EMPTY(senti)) { |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
156 struct tree_item * ti = (struct tree_item *)(senti->next); |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
157 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
158 /* Delete recursively its children first */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
159 delete_tree(&ti->children); |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
160 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
161 /* Now, unlink from the sentinel list */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
162 fd_list_unlink(&ti->chain); |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
163 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
164 /* destroy this tree item */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
165 free(ti->str); |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
166 free(ti); |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
167 } |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
168 } |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
169 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
170 /* Top-level destroy function */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
171 void aw_tree_destroy(void) |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
172 { |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
173 delete_tree(&tree_root); |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
174 } |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
175 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
176 /* Display the content of a subtree */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
177 static void tree_dump(struct fd_list * sub, int indent) |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
178 { |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
179 struct fd_list * li; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
180 for (li = sub->next; li != sub; li = li->next) { |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
181 struct tree_item * ti = (struct tree_item *)li; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
182 fd_log_debug("%*s%s", indent * 2, "", ti->str?:"*"); |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
183 if (ti->leaf) |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
184 fd_log_debug(" (flag:%x)", ti->flags); |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
185 fd_log_debug("\n"); |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
186 tree_dump(&ti->children, indent + 1); |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
187 } |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
188 } |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
189 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
190 /* Top-level function */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
191 void aw_tree_dump(void) |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
192 { |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
193 fd_log_debug("[acl_wl] tree dump:\n(root)\n"); |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
194 tree_dump(&tree_root, 1); |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
195 fd_log_debug("[acl_wl] end of dump\n"); |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
196 } |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
197 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
198 /* Function to add a new entry in the tree */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
199 int aw_tree_add(char * name, int flags) |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
200 { |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
201 struct split_name sn; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
202 struct tree_item * ti; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
203 struct fd_list * li, *senti; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
204 int lbl, found; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
205 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
206 TRACE_ENTRY("%p %x", name, flags); |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
207 CHECK_PARAMS(name && *name); |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
208 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
209 CHECK_FCT_DO( parse_name(name, &sn), |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
210 { |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
211 fd_log_debug("The name '%s' contains too many labels, try a generic (*) or recompile with bigger AW_TREE_MAXDEPTH value (cur: %d)\n", name, AW_TREE_MAXDEPTH); |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
212 return EINVAL; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
213 } ); |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
214 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
215 senti = &tree_root; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
216 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
217 for (lbl = sn.last_lbl; lbl > 0; lbl--) { |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
218 /* Check if the list is empty, we can directly create the new entry */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
219 if (FD_IS_LIST_EMPTY(senti)) { |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
220 CHECK_MALLOC( ti = new_ti(sn.label[lbl].str, sn.label[lbl].len, 0, 0 /* flags are only set in the terminals */) ); |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
221 /* Insert this label in the sentinel sublist */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
222 fd_list_insert_after(senti, &ti->chain); |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
223 /* Update the sentinel */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
224 senti = &ti->children; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
225 /* loop to the next label */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
226 continue; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
227 } |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
228 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
229 /* Check if we have a '*' element already that overlapses */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
230 ti = (struct tree_item *)(senti->next); |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
231 if (ti->str == NULL) { |
|
162
79768bf7d208
Completed whitelist extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
161
diff
changeset
|
232 fd_log_debug("[acl_wl] Warning: entry '%s' is superseeded by a generic entry at label %d, ignoring.\n", name, lbl + 1); |
|
161
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
233 return 0; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
234 } |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
235 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
236 /* Search this label in the ordered list */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
237 found = 0; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
238 for (li = senti->next; li != senti; li=li->next) { |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
239 int cmp, len; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
240 ti = (struct tree_item *)li; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
241 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
242 cmp = strncasecmp(ti->str, sn.label[lbl].str, sn.label[lbl].len); |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
243 if (cmp > 0) |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
244 break; /* the new label must be inserted before li */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
245 if (cmp < 0) |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
246 continue; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
247 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
248 /* Check the lengths */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
249 len = strlen(ti->str); |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
250 if (len > sn.label[lbl].len) |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
251 break; /* the new label must be inserted before li */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
252 if (len < sn.label[lbl].len) |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
253 continue; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
254 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
255 /* We already had this label */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
256 found = 1; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
257 senti = &ti->children; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
258 break; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
259 } |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
260 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
261 if (found) |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
262 continue; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
263 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
264 /* Otherwise, we have to create a new ti, and add it before li */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
265 CHECK_MALLOC( ti = new_ti(sn.label[lbl].str, sn.label[lbl].len, 0, 0 /* flags are only set in the terminals */) ); |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
266 /* Insert this label in the sentinel sublist */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
267 fd_list_insert_before(li, &ti->chain); |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
268 /* Update the sentinel */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
269 senti = &ti->children; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
270 } |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
271 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
272 ti = NULL; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
273 li = senti; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
274 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
275 /* At this point, senti points to the list where we are supposed to insert our last label. */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
276 if (sn.label[0].str[0] == '*') { |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
277 if (!FD_IS_LIST_EMPTY(senti)) { |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
278 fd_log_debug("[acl_wl] Warning: entry '%s' overwrites previous more detailed entries, these are deleted.\n", name); |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
279 delete_tree(senti); |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
280 } |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
281 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
282 /* Create the new entry */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
283 CHECK_MALLOC( ti = new_ti(NULL, 0, flags, 1) ); |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
284 } else { |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
285 if (!FD_IS_LIST_EMPTY(senti)) { |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
286 /* Check we don't have a '*' entry already */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
287 ti = (struct tree_item *)(senti->next); |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
288 if (ti->str == NULL) { |
|
162
79768bf7d208
Completed whitelist extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
161
diff
changeset
|
289 fd_log_debug("[acl_wl] Warning: entry '%s' is superseeded by a generic entry at label 1, ignoring.\n", name); |
|
161
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
290 return 0; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
291 } |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
292 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
293 /* Search the place for the new label */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
294 for (li = senti->next; li != senti; li=li->next) { |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
295 int cmp, len; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
296 ti = (struct tree_item *)li; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
297 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
298 cmp = strncasecmp(ti->str, sn.label[0].str, sn.label[0].len); |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
299 if (cmp > 0) |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
300 break; /* the new label must be inserted before li */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
301 if (cmp < 0) |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
302 continue; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
303 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
304 /* Check the lengths */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
305 len = strlen(ti->str); |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
306 if (len > sn.label[0].len) |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
307 break; /* the new label must be inserted before li */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
308 if (len < sn.label[0].len) |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
309 continue; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
310 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
311 /* We already had this label */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
312 if (ti->leaf) { |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
313 fd_log_debug("[acl_wl] Warning: entry '%s' is duplicated, merging the flags.\n", name); |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
314 ti->flags |= flags; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
315 return 0; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
316 } else { |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
317 /* Just mark this entry as a valid leaf also */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
318 ti->leaf = 1; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
319 ti->flags = flags; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
320 return 0; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
321 } |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
322 } |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
323 } |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
324 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
325 /* Create the new entry */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
326 CHECK_MALLOC( ti = new_ti(sn.label[0].str, sn.label[0].len, flags, 1) ); |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
327 } |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
328 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
329 /* The new label is "ti", it is inserted before "li" */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
330 fd_list_insert_before(li, &ti->chain); |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
331 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
332 /* Done! */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
333 return 0; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
334 } |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
335 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
336 /* Search in the tree. On return, *result = -1: not found; >=0: found with PI_SEC_* flags */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
337 int aw_tree_lookup(char * name, int * result) |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
338 { |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
339 struct split_name sn; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
340 int lbl, found; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
341 struct tree_item * ti; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
342 struct fd_list * senti, *li; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
343 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
344 TRACE_ENTRY("%p %p", name, result); |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
345 CHECK_PARAMS(name && result); |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
346 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
347 /* Initialize */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
348 *result = -1; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
349 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
350 /* Parse the name into labels */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
351 CHECK_FCT_DO( parse_name(name, &sn), |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
352 { |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
353 TRACE_DEBUG(INFO, "Too many labels in this name, it cannot be found in the tree, skipping."); |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
354 return 0; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
355 } ); |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
356 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
357 senti = &tree_root; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
358 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
359 for (lbl = sn.last_lbl; lbl >= 0; lbl--) { |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
360 /* Check if the list is empty, we can directly return */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
361 if (FD_IS_LIST_EMPTY(senti)) { |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
362 /* The item is not found */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
363 return 0; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
364 } |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
365 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
366 /* Check if we have a '*' element */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
367 ti = (struct tree_item *)(senti->next); |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
368 if (ti->str == NULL) { |
|
162
79768bf7d208
Completed whitelist extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
161
diff
changeset
|
369 TRACE_DEBUG(ANNOYING, "[acl_wl] %s matched at label %d with a generic entry.", name, lbl + 1); |
|
161
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
370 *result = ti->flags; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
371 return 0; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
372 } |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
373 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
374 /* Search this label in the ordered list */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
375 found = 0; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
376 for (li = senti->next; li != senti; li=li->next) { |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
377 int cmp, len; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
378 ti = (struct tree_item *)li; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
379 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
380 cmp = strncasecmp(ti->str, sn.label[lbl].str, sn.label[lbl].len); |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
381 if (cmp > 0) |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
382 return 0; /* the label was not found */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
383 if (cmp < 0) |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
384 continue; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
385 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
386 /* Check the lengths */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
387 len = strlen(ti->str); |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
388 if (len > sn.label[lbl].len) |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
389 return 0; /* the label was not found */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
390 if (len < sn.label[lbl].len) |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
391 continue; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
392 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
393 /* We found the label */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
394 found = 1; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
395 senti = &ti->children; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
396 break; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
397 } |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
398 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
399 if (!found) |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
400 return 0; /* label not found */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
401 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
402 /* otherwise, continue, sentinel has been updated */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
403 } |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
404 |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
405 /* At the end, ti points to the correct leaf */ |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
406 if (!ti->leaf) |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
407 return 0; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
408 |
|
162
79768bf7d208
Completed whitelist extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
161
diff
changeset
|
409 TRACE_DEBUG(ANNOYING, "[acl_wl] %s matched exactly.", name); |
|
161
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
410 *result = ti->flags; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
411 return 0; |
|
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
412 } |