/**
* Find ACL.
*
*/
acl_type*
acl_find(acl_type* acl, struct sockaddr_storage* addr, tsig_rr_type* trr)
{
acl_type* find = acl;
while (find) {
if (acl_addr_matches(find, addr) && acl_tsig_matches(find, trr)) {
ods_log_debug("[%s] match %s", acl_str, find->address);
return find;
}
find = find->next;
}
return NULL;
}
int
acl_check_incoming(acl_options_t* acl, struct query* q,
acl_options_t** reason)
{
/* check each acl element.
if 1 blocked element matches - return -1.
if any element matches - return number.
else return -1. */
int found_match = -1;
int number = 0;
acl_options_t* match = 0;
if(reason)
*reason = NULL;
while(acl)
{
DEBUG(DEBUG_XFRD,2, (LOG_INFO, "testing acl %s %s",
acl->ip_address_spec, acl->nokey?"NOKEY":
(acl->blocked?"BLOCKED":acl->key_name)));
if(acl_addr_matches(acl, q) && acl_key_matches(acl, q)) {
if(!match)
{
match = acl; /* remember first match */
found_match=number;
}
if(acl->blocked) {
if(reason)
*reason = acl;
return -1;
}
}
number++;
acl = acl->next;
}
if(reason)
*reason = match;
return found_match;
}