upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-04-23 07:07:00 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

added dns_acl_any(), dns_acl_none()

Browse source
This commit is contained in:
Andreas Gustafsson 2000-01-13 23:38:55 +00:00
parent a55d0a9080
commit 7693d4de8f
4 changed files with 90 additions and 47 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

27
bin/named/aclconf.c
View file

@ -101,7 +101,7 @@ convert_keyname(char *txtname, isc_mem_t *mctx, dns_name_t *dnsname) {
}
return (dns_name_dup(dns_fixedname_name(&fixname), mctx, dnsname));
}
isc_result_t
dns_acl_fromconfig(dns_c_ipmatchlist_t *caml,
dns_c_ctx_t *cctx,
@ -123,27 +123,9 @@ dns_acl_fromconfig(dns_c_ipmatchlist_t *caml,
ce = ISC_LIST_NEXT(ce, next))
count++;
dacl = isc_mem_get(mctx, sizeof(*dacl));
if (dacl == NULL)
return (ISC_R_NOMEMORY);
dacl->mctx = mctx;
dacl->name = NULL;
dacl->refcount = 1;
dacl->elements = NULL;
dacl->alloc = 0;
dacl->length = 0;
ISC_LINK_INIT(dacl, nextincache);
/* Must set magic early because we use dns_acl_detach() to clean up. */
dacl->magic = DNS_ACL_MAGIC;
dacl->elements = isc_mem_get(mctx, count * sizeof(dns_aclelement_t));
if (dacl->elements == NULL) {
result = ISC_R_NOMEMORY;
goto cleanup;
}
dacl->alloc = count;
memset(dacl->elements, 0, count * sizeof(dns_aclelement_t));
result = dns_acl_create(mctx, count, &dacl);
if (result != ISC_R_SUCCESS)
return (result);
de = dacl->elements;
for (ce = ISC_LIST_HEAD(caml->elements);
@ -204,4 +186,3 @@ dns_acl_fromconfig(dns_c_ipmatchlist_t *caml,
dns_acl_detach(&dacl);
return (result);
}

66
lib/dns/acl.c
View file

@ -27,6 +27,69 @@
#include <dns/result.h>
#include <dns/types.h>
/*
* Create a new ACL with 'n' uninitialized elements.
*/
isc_result_t
dns_acl_create(isc_mem_t *mctx, int n, dns_acl_t **target)
{
isc_result_t result;
dns_acl_t *acl;
acl = isc_mem_get(mctx, sizeof(*acl));
if (acl == NULL)
return (ISC_R_NOMEMORY);
acl->mctx = mctx;
acl->name = NULL;
acl->refcount = 1;
acl->elements = NULL;
acl->alloc = 0;
acl->length = 0;
ISC_LINK_INIT(acl, nextincache);
/* Must set magic early because we use dns_acl_detach() to clean up. */
acl->magic = DNS_ACL_MAGIC;
acl->elements = isc_mem_get(mctx, n * sizeof(dns_aclelement_t));
if (acl->elements == NULL) {
result = ISC_R_NOMEMORY;
goto cleanup;
}
acl->alloc = n;
memset(acl->elements, 0, n * sizeof(dns_aclelement_t));
*target = acl;
return (ISC_R_SUCCESS);
cleanup:
dns_acl_detach(&acl);
return (result);
}
static isc_result_t
dns_acl_anyornone(isc_mem_t *mctx, isc_boolean_t neg, dns_acl_t **target)
{
isc_result_t result;
dns_acl_t *acl = NULL;
result = dns_acl_create(mctx, 1, &acl);
if (result != ISC_R_SUCCESS)
return (result);
acl->elements[0].negative = neg;
acl->elements[0].type = dns_aclelementtype_any;
acl->length = 1;
*target = acl;
return (result);
}
isc_result_t
dns_acl_any(isc_mem_t *mctx, dns_acl_t **target) {
return (dns_acl_anyornone(mctx, ISC_FALSE, target));
}
isc_result_t
dns_acl_none(isc_mem_t *mctx, dns_acl_t **target) {
return (dns_acl_anyornone(mctx, ISC_TRUE, target));
}
isc_result_t
dns_acl_checkrequest(dns_name_t *signer, isc_sockaddr_t *reqaddr,
const char *opname,
@ -121,6 +184,7 @@ dns_acl_match(isc_sockaddr_t *reqaddr,
*matchelt = NULL;
break;
case dns_aclelementtype_any:
matched:
*match = e->negative ? -(i+1) : (i+1);
if (matchelt != NULL)
@ -202,6 +266,7 @@ dns_aclelement_equal(dns_aclelement_t *ea, dns_aclelement_t *eb)
return (dns_acl_equal(ea->u.nestedacl, eb->u.nestedacl));
case dns_aclelementtype_localhost:
case dns_aclelementtype_localnets:
case dns_aclelementtype_any:
return (ISC_TRUE);
default:
INSIST(0);
@ -209,7 +274,6 @@ dns_aclelement_equal(dns_aclelement_t *ea, dns_aclelement_t *eb)
}
}
isc_boolean_t
dns_acl_equal(dns_acl_t *a, dns_acl_t *b) {
unsigned int i;

27
lib/dns/aclconf.c
View file

@ -101,7 +101,7 @@ convert_keyname(char *txtname, isc_mem_t *mctx, dns_name_t *dnsname) {
}
return (dns_name_dup(dns_fixedname_name(&fixname), mctx, dnsname));
}
isc_result_t
dns_acl_fromconfig(dns_c_ipmatchlist_t *caml,
dns_c_ctx_t *cctx,
@ -123,27 +123,9 @@ dns_acl_fromconfig(dns_c_ipmatchlist_t *caml,
ce = ISC_LIST_NEXT(ce, next))
count++;
dacl = isc_mem_get(mctx, sizeof(*dacl));
if (dacl == NULL)
return (ISC_R_NOMEMORY);
dacl->mctx = mctx;
dacl->name = NULL;
dacl->refcount = 1;
dacl->elements = NULL;
dacl->alloc = 0;
dacl->length = 0;
ISC_LINK_INIT(dacl, nextincache);
/* Must set magic early because we use dns_acl_detach() to clean up. */
dacl->magic = DNS_ACL_MAGIC;
dacl->elements = isc_mem_get(mctx, count * sizeof(dns_aclelement_t));
if (dacl->elements == NULL) {
result = ISC_R_NOMEMORY;
goto cleanup;
}
dacl->alloc = count;
memset(dacl->elements, 0, count * sizeof(dns_aclelement_t));
result = dns_acl_create(mctx, count, &dacl);
if (result != ISC_R_SUCCESS)
return (result);
de = dacl->elements;
for (ce = ISC_LIST_HEAD(caml->elements);
@ -204,4 +186,3 @@ dns_acl_fromconfig(dns_c_ipmatchlist_t *caml,
dns_acl_detach(&dacl);
return (result);
}

17
lib/dns/include/dns/acl.h
View file

@ -44,6 +44,7 @@ typedef enum {
dns_aclelementtype_nestedacl,
dns_aclelementtype_localhost,
dns_aclelementtype_localnets,
dns_aclelementtype_any
} dns_aclelemettype_t;
struct dns_aclelement {
@ -79,6 +80,22 @@ struct dns_acl {
ISC_LANG_BEGINDECLS
isc_result_t dns_acl_create(isc_mem_t *mctx, int n, dns_acl_t **target);
/*
* Create a new ACL with place for 'n' elements.
* The elements are uninitialized and the length is 0.
*/
isc_result_t dns_acl_any(isc_mem_t *mctx, dns_acl_t **target);
/*
* Create a new ACL that matches everything.
*/
isc_result_t dns_acl_none(isc_mem_t *mctx, dns_acl_t **target);
/*
* Create a new ACL that matches nothing.
*/
void dns_acl_attach(dns_acl_t *source, dns_acl_t **target);
void dns_acl_detach(dns_acl_t **aclp);