AllowedGroupConnectors::AllowedGroupConnectors(GroupConnector::Type c1,
GroupConnector::Type c2)
: flags_(0)
{
allow(c1);
allow(c2);
}
AllowedGroupTokens::AllowedGroupTokens(GroupToken::Type t1, GroupToken::Type t2,
GroupToken::Type t3, GroupToken::Type t4)
: flags_(0)
{
allow(t1);
allow(t2);
allow(t3);
allow(t4);
}
CookieExceptionsDialog::CookieExceptionsDialog(QWidget *parent) :
QDialog(parent),
ui(new Ui::CookieExceptionsDialog),
m_cookieJar(0)
{
ui->setupUi(this);
setWindowFlags(Qt::Sheet);
connect(ui->removeButton, SIGNAL(clicked()), this, SLOT(remove()));
connect(ui->removeAllButton, SIGNAL(clicked()), this, SLOT(removeAll()));
m_exceptionsModel = new CookieExceptionsModel(this);
m_proxyModel = new QSortFilterProxyModel(this);
m_proxyModel->setSourceModel(m_exceptionsModel);
connect(ui->search, SIGNAL(textChanged(QString)),
m_proxyModel, SLOT(setFilterFixedString(QString)));
ui->exceptionTable->setModel(m_proxyModel);
CookieModel *cookieModel = new CookieModel(this);
ui->domainLineEdit->setCompleter(new QCompleter(cookieModel, ui->domainLineEdit));
connect(ui->domainLineEdit, SIGNAL(textChanged(QString)),
this, SLOT(textChanged(QString)));
connect(ui->blockButton, SIGNAL(clicked()), this, SLOT(block()));
connect(ui->allowButton, SIGNAL(clicked()), this, SLOT(allow()));
connect(ui->allowForSessionButton, SIGNAL(clicked()), this, SLOT(allowForSession()));
adjustColumns();
}
std::auto_ptr<IOChannel>
StreamProvider::getStream(const URL& url, bool namedCacheFile) const
{
std::auto_ptr<IOChannel> stream;
if (url.protocol() == "file") {
std::string path = url.path();
if (path == "-") {
// TODO: only allow this as the *very first* call ?
// Rationale is a movie might request load of
// standard input, being a security issue.
// Note also that the FB gui will use stdin
// for key events.
//
FILE *newin = fdopen(dup(0), "rb");
// Close on destruction.
stream = makeFileChannel(newin, true);
return stream;
}
else {
// check security here !!
if (!allow(url)) return stream;
FILE *newin = std::fopen(path.c_str(), "rb");
if (!newin) {
log_error(_("Could not open file %1%: %2%"),
path, std::strerror(errno));
return stream;
}
// Close on destruction
stream = makeFileChannel(newin, true);
return stream;
}
}
else {
if (allow(url)) {
stream = NetworkAdapter::makeStream(url.str(),
namedCacheFile ? namingPolicy()(url) : "");
}
// Will return 0 auto_ptr if not allowed.
return stream;
}
}
int spi_read_buf(const char* str, size_t len) {
#pragma GCC diagnostic push
#pragma GCC diagnostic ignored "-Wcast-qual"
// in lieu of RO allow
void* buf = (void*) str;
#pragma GCC diagnostic pop
return allow(DRIVER_NUM_SPI, 0, buf, len);
}
std::auto_ptr<IOChannel>
StreamProvider::getStream(const URL& url, const std::string& postdata,
bool namedCacheFile) const
{
std::auto_ptr<IOChannel> stream;
if (url.protocol() == "file") {
if (!postdata.empty()) {
log_error(_("POST data discarded while getting a stream "
"from file: uri"));
}
std::string path = url.path();
if (path == "-") {
FILE *newin = fdopen(dup(0), "rb");
stream = makeFileChannel(newin, false);
return stream;
}
else {
if (!allow(url)) return stream;
FILE *newin = std::fopen(path.c_str(), "rb");
if (!newin) {
log_error(_("Could not open file %1%: %2%"),
path, std::strerror(errno));
return stream;
}
stream = makeFileChannel(newin, false);
return stream;
}
}
else {
if (allow(url)) {
stream = NetworkAdapter::makeStream(url.str(), postdata,
namedCacheFile ? namingPolicy()(url) : "");
}
// Will return 0 auto_ptr if not allowed.
return stream;
}
}
AllowedParams::AllowedParams(Param::Type p1,
Param::Type p2,
Param::Type p3,
Param::Type p4,
Param::Type p5,
Param::Type p6,
Param::Type p7,
Param::Type p8,
Param::Type p9,
Param::Type p10)
{
init();
allow(p1);
allow(p2);
allow(p3);
allow(p4);
allow(p5);
allow(p6);
allow(p7);
allow(p8);
allow(p9);
allow(p10);
}
// -----------------------------------------------------------------------------
// CAknPhysicsRestrictor::AllowedViewPosition()
// -----------------------------------------------------------------------------
//
TBool CAknPhysicsRestrictor::AllowedViewPosition( TPoint& aPosition )
{
// No restrictions to empty space, view position always allowed
if ( !iEmptySpaceRestricted )
{
return ETrue;
}
TBool allow( EFalse );
TInt *coord;
if ( iLandscape )
{
coord = &aPosition.iX;
}
else
{
coord = &aPosition.iY;
}
// View position is allowed
if ( *coord >= iPositionTopLimit && *coord <= iPositionBottomLimit )
{
allow = ETrue;
iViewReachedLimit = EFalse;
}
// View has reached the limit for the first time - adjust the position
// exactly to limit position
else if ( !iViewReachedLimit )
{
allow = ETrue;
iViewReachedLimit = ETrue;
if ( *coord < iPositionTopLimit )
{
*coord = iPositionTopLimit;
}
else
{
*coord = iPositionBottomLimit;
}
}
// Else view has already reached the limit, view position is not allowed
// and no need to notify physics observer
return allow;
}
int
main()
{
session_t sess;
datum id;
time_t create_time, last_seen;
bool do_allow;
char *reason;
openlog("dorian/query", LOG_PID, LOG_MAIL);
for (;;) {
do_allow = false;
if ((sess = sess_req(stdin)) == NULL)
break;
/* white listing */
for_each(i, whitelist_prefix)
if (!strncasecmp(whitelist_prefix[i], sess->attr[Krecipient],
strlen(whitelist_prefix[i]))) {
do_allow = true;
reason = "whitelist address";
break;
}
if (!do_allow) {
sess_derive_key(sess, &id);
{
if (seen(id, &create_time, &last_seen)) {
if (create_time < expired()) {
bump(id, create_time);
do_allow = true;
reason = "in database";
}
} else
add(id);
}
free(id.dptr);
}
sess_free(&sess);
if (do_allow)
allow(reason);
else
defer();
}
closelog();
return 0;
}
std::auto_ptr<IOChannel>
StreamProvider::getStream(const URL& url, const std::string& postdata,
const NetworkAdapter::RequestHeaders& headers, bool namedCacheFile)
const
{
if (url.protocol() == "file") {
if (!headers.empty()) {
log_error(_("Request Headers discarded while getting stream from file: uri"));
}
return getStream(url, postdata);
}
if (allow(url) ) {
return NetworkAdapter::makeStream(url.str(), postdata, headers,
namedCacheFile ? namingPolicy()(url) : "");
}
return std::auto_ptr<IOChannel>();
}
void CCC_LoadCFG::Execute(LPCSTR args)
{
Msg("Executing config-script \"%s\"...", args);
string_path cfg_name;
xr_strcpy(cfg_name, args);
if (strext(cfg_name)) *strext(cfg_name) = 0;
xr_strcat(cfg_name, ".ltx");
string_path cfg_full_name;
FS.update_path(cfg_full_name, "$app_data_root$", cfg_name);
if (NULL == FS.exist(cfg_full_name))
FS.update_path(cfg_full_name, "$fs_root$", cfg_name);
if (NULL == FS.exist(cfg_full_name))
xr_strcpy(cfg_full_name, cfg_name);
IReader* F = FS.r_open(cfg_full_name);
string1024 str;
if (F != NULL)
{
while (!F->eof())
{
F->r_string(str, sizeof(str));
if (allow(str))
Console->Execute(str);
}
FS.r_close(F);
Msg("[%s] successfully loaded.", cfg_full_name);
}
else
{
Msg("! Cannot open script file [%s]", cfg_full_name);
}
}
int
put_note (struct io_f *io, struct daddr_f *where, struct newt *newt, int flags)
{
static uid_t anon;
static short anon_is_set = FALSE;
struct note_f note;
struct flock dlock, nlock;
int notenum;
if (!anon_is_set)
{
struct passwd *pw = getpwnam (ANON);
anon = pw->pw_uid;
anon_is_set = TRUE;
endpwent ();
}
if (io == NULL || where == NULL || newt == NULL)
return -1;
/* Save the provided disk address information. */
note.n_addr.addr = where->addr;
note.n_addr.textlen = where->textlen;
/* Save the author information. */
strncpy (note.n_auth.aname, newt->auth.name, NAMESZ);
strncpy (note.n_auth.asystem, newt->auth.system, HOMESYSSZ);
note.n_auth.aid = (int) newt->auth.uid;
strncpy (note.n_from, newt->auth.system, SYSSZ);
note.n_from[SYSSZ - 1] = '\0';
/* Save the title. */
strncpy (note.ntitle, newt->title, TITLEN);
note.ntitle[TITLEN - 1] = '\0';
/* Initialize response storage. */
note.n_nresp = 0;
note.n_rindx = -1;
/* Save note options - director message, write-only. */
note.n_stat = 0;
if (newt->director_message && allow (io, DRCTOK))
note.n_stat |= DIRMES;
if (newt->options & NOTE_WRITE_ONLY)
note.n_stat |= WRITONLY;
/* Adjust moderation flag appropriately. */
if (flags & SKIP_MODERATION)
{
if (newt->options & NOTE_UNAPPROVED)
note.n_stat |= ISUNAPPROVED;
}
else if (io->descr.d_stat & ISMODERATED && !allow (io, DRCTOK))
note.n_stat |= ISUNAPPROVED;
if (newt->options & NOTE_ANONYMOUS)
{
strncpy (note.n_auth.aname, "anonymous", NAMESZ);
note.n_auth.aid = (int) anon;
}
/* Prepare to alter the descriptor. */
dlock.l_type = F_RDLCK;
dlock.l_whence = SEEK_SET;
dlock.l_start = 0;
dlock.l_len = (off_t) sizeof (struct descr_f);
TEMP_FAILURE_RETRY (fcntl (io->fidndx, F_SETLKW, &dlock));
getdescr (io, &io->descr);
/* If specified, generate a new ID for the note. Otherwise, use the already
* existing ID.
*/
if (flags & ADD_ID)
{
strncpy (note.n_id.sys, newt->auth.system, SYSSZ);
note.n_id.sys[SYSSZ - 1] = '\0';
note.n_id.uniqid = ++io->descr.d_id.uniqid;
note.n_id.uniqid += UNIQPLEX * io->descr.d_nfnum;
}
else
{
strncpy (note.n_id.sys, newt->id.system, SYSSZ);
note.n_id.sys[SYSSZ - 1] = '\0';
note.n_id.uniqid = newt->id.number;
}
/* Set up flags for a policy note or a regular note, depending. */
if (flags & ADD_POLICY)
{
if (!allow (io, DRCTOK))
{
closenf (io);
return -2;
}
io->descr.d_plcy = 1;
notenum = 0;
}
else
{
notenum = ++io->descr.d_nnote;
}
/* Save the current time into the note. */
if (flags & UPDATE_TIMES)
get_uiuc_time (&io->descr.d_lastm, newt->created);
get_uiuc_time (¬e.n_date, newt->created);
get_uiuc_time (¬e.n_rcvd, newt->created);
get_uiuc_time (¬e.n_lmod, newt->modified);
/* Save to disk. */
nlock.l_type = F_WRLCK;
nlock.l_whence = SEEK_SET;
nlock.l_start = (off_t) (sizeof (struct descr_f) +
(notenum * sizeof (struct note_f)));
nlock.l_len = (off_t) sizeof (struct note_f);
TEMP_FAILURE_RETRY (fcntl (io->fidndx, F_SETLKW, &nlock));
dlock.l_type = F_WRLCK;
TEMP_FAILURE_RETRY (fcntl (io->fidndx, F_SETLKW, &dlock));
putnoterec (io, notenum, ¬e);
nlock.l_type = F_UNLCK;
fcntl (io->fidndx, F_SETLK, &nlock);
io->descr.d_notwrit++;
putdescr (io, &io->descr);
fdatasync (io->fidndx);
dlock.l_type = F_UNLCK;
fcntl (io->fidndx, F_SETLK, &dlock);
return notenum;
}
AllowedParams::AllowedParams(const Param::Type *v, int n)
{
init();
for (int i = 0; i < n; i++)
allow(v[i]);
}
int
uiuc_modify_note_text (struct newt *newt)
{
static uid_t anon;
static short anon_is_set = FALSE;
struct io_f io;
struct daddr_f daddr;
struct note_f note;
struct stat statbuf;
struct flock dlock, nlock;
time_t timet;
if (!anon_is_set)
{
struct passwd *pw = getpwnam (ANON);
anon = pw->pw_uid;
anon_is_set = TRUE;
endpwent ();
}
init (&io, &newt->nr.nfr);
if (io.descr.d_stat & NFINVALID)
{
closenf (&io);
return -1;
}
if (newt->nr.notenum < -1 || newt->nr.notenum > io.descr.d_nnote)
{
closenf (&io);
return -1;
}
nlock.l_type = F_RDLCK;
nlock.l_whence = SEEK_SET;
nlock.l_start = (off_t) (sizeof (struct descr_f) +
(newt->nr.notenum * sizeof (struct note_f)));
nlock.l_len = (off_t) sizeof (struct note_f);
if (newt->nr.respnum == 0)
{
TEMP_FAILURE_RETRY (fcntl (io.fidndx, F_SETLKW, &nlock));
getnoterec (&io, newt->nr.notenum, ¬e);
fstat (io.fidtxt, &statbuf);
time (&timet);
if (note.n_addr.textlen > HARDMAX ||
note.n_nresp < 0 || convert_time (¬e.n_lmod) > timet ||
convert_time (¬e.n_date) > timet ||
(off_t) (note.n_addr.textlen + note.n_addr.addr) > statbuf.st_size)
{
closenf (&io);
return -1;
}
/* We're allowed to change the director message here; saves time. */
if (newt->director_message)
note.n_stat |= DIRMES;
else
note.n_stat &= ~DIRMES;
if (!allow (&io, DRCTOK))
{
if (io.descr.d_stat & ISMODERATED)
note.n_stat |= ISUNAPPROVED;
else
note.n_stat &= ~ISUNAPPROVED;
}
else
note.n_stat &= ~ISUNAPPROVED;
/* Update the note's text record */
puttextrec (&io, newt->text, &daddr, -1);
note.n_addr.addr = daddr.addr;
note.n_addr.textlen = daddr.textlen;
/* We could be dealing with a newly anonymous note. Stupid, huh? */
if (newt->options & NOTE_ANONYMOUS)
{
strncpy (note.n_auth.aname, "anonymous", NAMESZ);
note.n_auth.aid = (int) anon;
}
/* Set the descriptor lock; we'll be updating modification time. */
dlock.l_type = F_RDLCK;
dlock.l_whence = SEEK_SET;
dlock.l_start = 0;
dlock.l_len = (off_t) sizeof (struct descr_f);
TEMP_FAILURE_RETRY (fcntl (io.fidndx, F_SETLKW, &dlock));
getdescr (&io, &io.descr);
get_uiuc_time (&io.descr.d_lastm, newt->modified);
get_uiuc_time (¬e.n_lmod, newt->modified);
io.descr.d_delnote++;
nlock.l_type = F_WRLCK;
TEMP_FAILURE_RETRY (fcntl (io.fidndx, F_SETLKW, &nlock));
dlock.l_type = F_WRLCK;
TEMP_FAILURE_RETRY (fcntl (io.fidndx, F_SETLKW, &dlock));
putnoterec (&io, newt->nr.notenum, ¬e);
nlock.l_type = F_UNLCK;
fcntl (io.fidndx, F_SETLK, &nlock);
putdescr (&io, &io.descr);
fdatasync (io.fidndx);
dlock.l_type = F_UNLCK;
fcntl (io.fidndx, F_SETLK, &dlock);
closenf (&io);
return 0;
}
else
{
struct resp_f resp, oldresp;
struct flock rlock;
int offset, record;
TEMP_FAILURE_RETRY (fcntl (io.fidndx, F_SETLKW, &nlock));
getnoterec (&io, newt->nr.notenum, ¬e);
fstat (io.fidtxt, &statbuf);
time (&timet);
if (note.n_addr.textlen > HARDMAX ||
note.n_nresp < 0 || convert_time (¬e.n_lmod) > timet ||
convert_time (¬e.n_date) > timet ||
(off_t) (note.n_addr.textlen + note.n_addr.addr) > statbuf.st_size)
{
closenf (&io);
return -1;
}
if (logical_resp (&io, newt->nr.notenum, newt->nr.respnum, &oldresp,
&offset, &record) == -1)
return -1;
rlock.l_type = F_RDLCK;
rlock.l_whence = SEEK_SET;
rlock.l_start = (off_t) (sizeof (int) +
(record * sizeof (struct resp_f)));
rlock.l_len = (off_t) sizeof (struct resp_f);
TEMP_FAILURE_RETRY (fcntl (io.fidrdx, F_SETLKW, &rlock));
memcpy (&resp, &oldresp, sizeof (struct resp_f));
/* We're allowed to change the director message here; it'll save time. */
if (newt->director_message)
resp.r_stat[offset] |= DIRMES;
else
resp.r_stat[offset] &= ~DIRMES;
if (!allow (&io, DRCTOK))
{
if (io.descr.d_stat & ISMODERATED)
note.n_stat |= ISUNAPPROVED;
else
note.n_stat &= ~ISUNAPPROVED;
}
else
note.n_stat &= ~ISUNAPPROVED;
/* Update the response's text record */
puttextrec (&io, newt->text, &daddr, -1);
resp.r_addr[offset].addr = daddr.addr;
resp.r_addr[offset].textlen = daddr.textlen;
/* We could be dealing with a newly anonymous note. Stupid, huh? */
if (newt->options & NOTE_ANONYMOUS)
{
strncpy (resp.r_auth[offset].aname, "anonymous", NAMESZ);
note.n_auth.aid = (int) anon;
}
/* Set up the descriptor lock (we update the "updated time") */
dlock.l_type = F_RDLCK;
dlock.l_whence = SEEK_SET;
dlock.l_start = 0;
dlock.l_len = (off_t) sizeof (struct descr_f);
TEMP_FAILURE_RETRY (fcntl (io.fidndx, F_SETLKW, &dlock));
getdescr (&io, &io.descr);
get_uiuc_time (&io.descr.d_lastm, newt->modified);
get_uiuc_time (¬e.n_lmod, newt->modified);
io.descr.d_delresp++;
rlock.l_type = F_WRLCK;
TEMP_FAILURE_RETRY (fcntl (io.fidrdx, F_SETLKW, &rlock));
nlock.l_type = F_WRLCK;
TEMP_FAILURE_RETRY (fcntl (io.fidndx, F_SETLKW, &nlock));
dlock.l_type = F_WRLCK;
TEMP_FAILURE_RETRY (fcntl (io.fidndx, F_SETLKW, &dlock));
putresprec (&io, record, &resp);
putnoterec (&io, newt->nr.notenum, ¬e);
nlock.l_type = F_UNLCK;
fcntl (io.fidndx, F_SETLK, &nlock);
putdescr (&io, &io.descr);
fdatasync (io.fidrdx);
fdatasync (io.fidndx);
dlock.l_type = F_UNLCK;
fcntl (io.fidndx, F_SETLK, &dlock);
rlock.l_type = F_UNLCK;
fcntl (io.fidrdx, F_SETLK, &rlock);
closenf (&io);
return 0;
}
}
int main(int argc, char *argv[])
{
struct stat st;
static int socket_serv_fd = -1;
char buf[64], shell[PATH_MAX], *result, debuggable[PROPERTY_VALUE_MAX];
char enabled[PROPERTY_VALUE_MAX], build_type[PROPERTY_VALUE_MAX];
char root_settings[PROPERTY_VALUE_MAX];
int i, dballow;
mode_t orig_umask;
for (i = 1; i < argc; i++) {
if (!strcmp(argv[i], "-c") || !strcmp(argv[i], "--command")) {
if (++i < argc) {
su_to.command = argv[i];
} else {
usage();
}
} else if (!strcmp(argv[i], "-s") || !strcmp(argv[i], "--shell")) {
if (++i < argc) {
strncpy(shell, argv[i], sizeof(shell));
shell[sizeof(shell) - 1] = 0;
} else {
usage();
}
} else if (!strcmp(argv[i], "-v") || !strcmp(argv[i], "--version")) {
printf("%s\n", VERSION);
exit(EXIT_SUCCESS);
} else if (!strcmp(argv[i], "-V")) {
printf("%d\n", VERSION_CODE);
exit(EXIT_SUCCESS);
} else if (!strcmp(argv[i], "-h") || !strcmp(argv[i], "--help")) {
usage();
} else if (!strcmp(argv[i], "-") || !strcmp(argv[i], "-l") ||
!strcmp(argv[i], "--login")) {
++i;
break;
} else {
break;
}
}
if (i < argc-1) {
usage();
}
if (i == argc-1) {
struct passwd *pw;
pw = getpwnam(argv[i]);
if (!pw) {
su_to.uid = atoi(argv[i]);
} else {
su_to.uid = pw->pw_uid;
}
}
if (from_init(&su_from) < 0) {
deny();
}
property_get("ro.debuggable", debuggable, "0");
property_get(ROOT_ACCESS_PROPERTY, enabled, ROOT_ACCESS_DEFAULT);
property_get("ro.build.type", build_type, "");
property_get(ROOT_SETTINGS_PROPERTY, root_settings, "");
orig_umask = umask(027);
// Root Settings-specific behavior
if (strcmp("1", root_settings) == 0) {
// only allow su on debuggable builds
if (strcmp("1", debuggable) != 0) {
LOGE("Root access is disabled on non-debug builds");
deny();
}
// enforce persist.sys.root_access on non-eng builds
if (strcmp("eng", build_type) != 0 &&
(atoi(enabled) & 1) != 1 ) {
LOGE("Root access is disabled by system setting - enable it under settings -> developer options");
deny();
}
// disallow su in a shell if appropriate
if (su_from.uid == AID_SHELL && (atoi(enabled) == 1)) {
LOGE("Root access is disabled by a system setting - enable it under settings -> developer options");
deny();
}
}
if (su_from.uid == AID_ROOT || su_from.uid == AID_SHELL)
allow(shell, orig_umask);
if (stat(REQUESTOR_DATA_PATH, &st) < 0) {
PLOGE("stat");
deny();
}
if (st.st_gid != st.st_uid)
{
LOGE("Bad uid/gid %d/%d for Superuser Requestor application",
(int)st.st_uid, (int)st.st_gid);
deny();
}
if (mkdir(REQUESTOR_CACHE_PATH, 0770) >= 0) {
chown(REQUESTOR_CACHE_PATH, st.st_uid, st.st_gid);
}
setgroups(0, NULL);
setegid(st.st_gid);
seteuid(st.st_uid);
LOGE("sudb - Opening database");
db = database_init();
if (!db) {
LOGE("sudb - Could not open database, prompt user");
// if the database could not be opened, we can assume we need to
// prompt the user
dballow = DB_INTERACTIVE;
} else {
LOGE("sudb - Database opened");
dballow = database_check(db, &su_from, &su_to);
// Close the database, we're done with it. If it stays open,
// it will cause problems
sqlite3_close(db);
db = NULL;
LOGE("sudb - Database closed");
}
switch (dballow) {
case DB_DENY: deny();
case DB_ALLOW: allow(shell, orig_umask);
case DB_INTERACTIVE: break;
default: deny();
}
socket_serv_fd = socket_create_temp();
if (socket_serv_fd < 0) {
deny();
}
signal(SIGHUP, cleanup_signal);
signal(SIGPIPE, cleanup_signal);
signal(SIGTERM, cleanup_signal);
signal(SIGABRT, cleanup_signal);
atexit(cleanup);
if (send_intent(&su_from, &su_to, socket_path, -1, 0) < 0) {
deny();
}
if (socket_receive_result(socket_serv_fd, buf, sizeof(buf)) < 0) {
deny();
}
close(socket_serv_fd);
socket_cleanup();
result = buf;
if (!strcmp(result, "DENY")) {
deny();
} else if (!strcmp(result, "ALLOW")) {
allow(shell, orig_umask);
} else {
LOGE("unknown response from Superuser Requestor: %s", result);
deny();
}
deny();
return -1;
}
void portthread (void * port_ptr)
{
SOCKET s;
BT_PORT port_info ;
port_info = *(BT_PORT*) port_ptr ;
s = bt_listen (port_info.port);
if (!s)
_endthread();
while (1)
{
socklen_t addrlen = sizeof(SOCKADDR_IN);
SOCKADDR_IN addr ;
SOCKET client_sock;
BT_CLIENT * client ;
char reason, *ip;
client_sock = accept (s, (SOCKADDR*) &addr, &addrlen);
if (client_sock == -1)
continue;
ip = inet_ntoa (addr.sin_addr);
if ((reason = allow(ip)) <= 0)
{
switch (reason)
{
case 0:
logevent("Refused %s:%i (filter)",
ip,port_info.port);
break;
case -1:
logevent("Refused %s:%i (connection limit)",
ip,port_info.port);
break;
case -2:
logevent("Refused %s:%i (clone limit)",
ip,port_info.port);
break;
}
bt_close(client_sock);
continue;
}
client = addconn(ip,port_info.port);
client->sock = client_sock;
client->use_pass = port_info.use_pass ;
if (client->use_pass)
bt_cpy (client->password, port_info.password);
if (_beginthread (proxythread,0,client) == -1)
{
logevent ("Could not create proxy thread for %s:%i",
client->ip,client->port);
bt_close(client->sock);
delconn(client);
_endthread();
}
}
_endthread();
}
void ToolBar::allowTop(bool a)
{ allow(Qt::TopToolBarArea, a); }
void ToolBar::allowLeft(bool a)
{ allow(Qt::LeftToolBarArea, a); }
int sdcard_set_write_buffer (uint8_t* buffer, uint32_t len) {
return allow(DRIVER_NUM_SDCARD, 1, (void*) buffer, len);
}
int filter_frame(u_char *buffer, session_t *sp)
{
struct ethhdr *eth;
struct iphdr *iph;
struct ip6_hdr *ipv6h;
struct udphdr *udph;
struct tcphdr *tcph;
struct icmp *icmph;
char meth[3];
struct in_addr insaddr,indaddr;
struct in6_addr in6src,in6dst;
int cnt, i;
char dest[20];
enum layer3 {ipv4, ipv6} NET_PROTO;
enum layer4 {tcp, udp} TRANS_PROTO;
static u_int32_t last_tcpseq, tcpseq;
static u_int16_t last_icmpseq, icmpseq;
char src_addr6[40], dst_addr6[40];
eth = (struct ethhdr *)buffer;
// printf("%x %d %x %x\n",sp->destnet, sp->destmask, sp->network, (inet_addr(DEST_NET)));
/* IP layer process */
if(ntohs(eth->h_proto) == ETH_P_IP){
NET_PROTO = ipv4;
iph = (struct iphdr *)(buffer+sizeof(struct ethhdr));
} else if(ntohs(eth->h_proto) == ETH_P_IPV6){
// return deny(500);
NET_PROTO = ipv6;
ipv6h = (struct ip6_hdr *)(buffer+sizeof(struct ethhdr));
} else {
/* Receive unsupporting protocol */
return deny(400);
}
#if 0
/* Transport layer process */
if(NET_PROTO == ipv4){
if(iph->protocol == IPPROTO_TCP){
} else if(iph->protocol == IPPROTO_UDP){
udph = (struct udphdr *)(buffer + sizeof(struct ethhdr) + iph->ihl*UNIT);
printf("%d\n", ntohs(udph->len));
}
}
#endif
#if 1
/* Transport layer process */
if(NET_PROTO == ipv4){
if(iph->protocol == IPPROTO_TCP){
/* フラグメントしていない時 */
if((htons(iph->frag_off) & IP_OFFMASK) == 0){
tcph = (struct tcphdr *)(buffer + sizeof(struct ethhdr) + iph->ihl*UNIT);
// last_tcpseq = tcpseq;
// tcpseq = tcph->seq;
TRANS_PROTO = tcp;
}
} else if(iph->protocol == IPPROTO_UDP){
/* フラグメントしていない時 */
if((htons(iph->frag_off) & IP_OFFMASK) == 0){
udph = (struct udphdr *)(buffer + sizeof(struct ethhdr) + iph->ihl*UNIT);
TRANS_PROTO = udp;
}
} else if(iph->protocol == IPPROTO_ICMP){
icmph = (struct icmp *)(buffer+sizeof(struct ethhdr)+iph->ihl*UNIT);
// last_icmpseq = icmpseq;
// icmpseq = icmph->icmp_seq;
// if(last_icmpseq == icmpseq){
// return deny(2);
// }
TRANS_PROTO = 98;
} else {
TRANS_PROTO = 99;
/* Do Nothing */
// return deny();
}
} else if(NET_PROTO == ipv6){
in6src = ipv6h->ip6_src;
in6dst = ipv6h->ip6_dst;
if(ipv6h->ip6_nxt == IPPROTO_TCP){
tcph = (struct tcphdr *)(buffer + sizeof(struct ethhdr) + sizeof(struct ip6_hdr));
TRANS_PROTO = tcp;
} else if(ipv6h->ip6_nxt == IPPROTO_UDP){
udph = (struct udphdr *)(buffer + sizeof(struct ethhdr) + sizeof(struct ip6_hdr));
TRANS_PROTO = udp;
} else {
TRANS_PROTO = 99;
}
} else {
NET_PROTO = 99;
}
/* Filtering Rule */
/* avoid well-known port */
// printf("%d %x\n", iph->id, htons(iph->frag_off)&(IP_OFFMASK) );
if((TRANS_PROTO == udp) && (udph != NULL)){
assert(udph != NULL);
for(i = 0;i < sp->d_port_cnt;i++){
if(ntohs(udph->dest) == sp->d_port[i]){
return deny(412);
}
}
/* if(ntohs(udph->dest) < 1024){
return deny(410);
}
if(ntohs(udph->source) < 1024){
return deny(411);
}
if(ntohs(udph->dest) == 9004){
return deny(412);
}
if(ntohs(udph->source) == 9004){
return deny(413);
}
*/
}
if((TRANS_PROTO == tcp) && (tcph != NULL)){
/* if(last_tcpseq == tcpseq){
// return deny(4);
}
if(ntohs(tcph->dest) == 22){
return deny(422);
}
if(ntohs(tcph->source) == 22){
return deny(422);
}
if(ntohs(tcph->dest) == 20){
return allow(220);
}
if(ntohs(tcph->dest) == 21){
return allow(220);
}
if(ntohs(tcph->dest) == 80){
return allow(220);
}
if(ntohs(tcph->dest) < 1024){
return deny(420);
}
if(ntohs(tcph->source) < 1024){
return deny(421);
}
*/
}
// packet_dump(buffer);
#endif
if(NET_PROTO == ipv4){
/*
for(cnt = 0; cnt < sp->session_num; cnt++){
sprintf(dest,"%s",sp->ESendAddr[cnt]);
// avoid correspond node
if(iph->saddr == inet_addr(dest)){
return deny(431);
}
}
*/
/* basic ipv4 filter rule */
/* avoid broadcast packet */
// printf("%x\n",sp->netmask^v4MASK);
// if(((ntohl(iph->daddr)&0xff)) == 0xff){
if(((ntohl(iph->daddr)&(sp->netmask^v4MASK))) == (sp->netmask^v4MASK)){
return deny(430);
}
/* avoid sending packet */
//printf("%x %x\n", ntohl(sp->hostip), (iph->saddr));
if(ntohl(sp->hostip) == (iph->saddr)){
return deny(432);
}
/* avoid incoming packet */
if((sp->hostip) == (iph->daddr)){
return deny(433);
}
/* if((inet_addr(sp->localnet)&(NETMASK[24].mask)) == (iph->daddr&(NETMASK[24].mask))){
return deny(7);
}
*/
/* For Multicast */
/* Multicastパケットの場合 */
if(IN_MULTICAST(ntohl(iph->daddr))){
/* 他ネットワークからのマルチキャストパケットの場合 */
if(sp->m_taddr){
/* if(iph->saddr == sp->m_taddr){
return m_allow(200);
}
*/
}
/* 送信パケットが自ネットワークのもの以外は拒否 */
if(sp->network != (iph->saddr&ntohl(sp->netmask))){
// if((inet_addr(sp->localnet)&(NETMASK[24].mask)) != (iph->saddr&(NETMASK[24].mask))){
return deny(440);
}
/* Avoid local multicast loop */
// if(inet_addr(sp->localnet) == inet_addr(DEST_NET)){
// if(sp->network == inet_addr(DEST_NET)){
/* 自ネットワークと宛先が同じマルチキャストパケットを拒否 */
/* これはパケットを見ていないんで意味がないかも */
#if 0
if(sp->network == sp->destnet){
return deny(441);
}
#endif
return m_allow(200);
}
if((sp->destnet&(NETMASK[sp->destmask].mask)) == (iph->daddr&(NETMASK[sp->destmask].mask))){
if(sp->network == (iph->saddr&ntohl(sp->netmask))){
// if((inet_addr(sp->localnet)&(NETMASK[24].mask)) == (iph->saddr&(NETMASK[24].mask))){
// if((inet_addr(LOCAL_NET)&(NETMASK[24].mask)) == (iph->saddr&(NETMASK[24].mask))){
return allow(230);
}
}
} else if(NET_PROTO == ipv6){
/* For Multicast */
// IN6_IS_ADDR_MULTICAST
/* if(ntohs(in6dst.s6_addr16[0]) == 0xff02){
return m_allow(300);
}
*/
sprintf(dst_addr6, "%04x:%04x:%04x:%04x:%04x:%04x:%04x:%04x\n",
ntohs(in6dst.s6_addr16[0]),
ntohs(in6dst.s6_addr16[1]),
ntohs(in6dst.s6_addr16[2]),
ntohs(in6dst.s6_addr16[3]),
ntohs(in6dst.s6_addr16[4]),
ntohs(in6dst.s6_addr16[5]),
ntohs(in6dst.s6_addr16[6]),
ntohs(in6dst.s6_addr16[7])
);
sprintf(src_addr6, "%04x:%04x:%04x:%04x:%04x:%04x:%04x:%04x\n",
ntohs(in6src.s6_addr16[0]),
ntohs(in6src.s6_addr16[1]),
ntohs(in6src.s6_addr16[2]),
ntohs(in6src.s6_addr16[3]),
ntohs(in6src.s6_addr16[4]),
ntohs(in6src.s6_addr16[5]),
ntohs(in6src.s6_addr16[6]),
ntohs(in6src.s6_addr16[7])
);
// printf("%s -> %s\n",src_addr6, dst_addr6);
if((ntohs(in6dst.s6_addr16[0])&0xfff0) == 0xff10){
// if(ntohs(in6dst.s6_addr16[0]) == 0xff1e){
//printf("host %s src %s\n", sp->hostip6, src_addr6);
/* 送信先が自ネットワークのもののみ送出 */
if(strncmp(sp->hostip6, src_addr6, sp->prefix/OCTET_BITS*OCTET_UNIT) == 0)
{
return m_allow(301);
}
/* マルチキャスト転送オプションがセットされている場合 */
if(sp->m_taddr6){
if(strncmp(sp->m_taddr6, src_addr6, sp->prefix/OCTET_BITS*OCTET_UNIT) == 0)
{
return m_allow(301);
}
}
/* 送信元がリンクローカルアドレスでも送出 */
if(ntohs(in6src.s6_addr16[0]) == 0xfe80){
return m_allow(302);
}
return deny(533);
/* if(ntohs(in6src.s6_addr16[2]) != 0x5102){
return deny(530);
}
return m_allow(300);
*/
}
}
return deny(499);
}
bool isNumber(const char *s) {
if(s == NULL)
return false;
while(*s == ' ')
s++;
string str(s);
while(str.back() == ' ')
str.pop_back();
if(str.length() == 0)
return false;
bool firstDigit = false;
for(unsigned int i = 0; i < str.length(); ++i){
char c = str[i];
if(!allow(c))
return false;
if(!firstDigit && '0' <= c && c <= '9')
firstDigit = true;
}
if(!firstDigit)
return false;
// str.length > 0, all characters are allowed, at least one digit
State state;
firstDigit = false;
// initialize state
switch(str[0]){
case '+':
case '-':
state = PI;
break;
case '.':
state = PD;
break;
case 'e':
case 'E':
state = F;
break;
default: // [0-9]
state = I;
firstDigit = true;
}
for(unsigned int i = 1; i < str.length() && state != F; ++i){
char c = str[i];
if(c == '+' || c == '-'){
switch(state){
case PE:
{
char prevChar = str[i-1];
if(prevChar != '+' || prevChar != '-')
state = PE;
else
state = F;
break;
}
default:
state = F;
}
}else if(c == 'e' || c == 'E'){
switch(state){
case I:
case D:
state = PE;
break;
case PD:
if(firstDigit)
state = PE;
else
state = F;
break;
default:
state = F;
}
}else if(c == '.'){
switch(state){
case I:
case PI:
state = PD;
break;
default:
state = F;
}
}else{ // c = [0-9]
firstDigit = true;
switch(state){
case I:
case PI:
state = I;
break;
case D:
case PD:
state = D;
break;
case E:
case PE:
state = E;
}
}
}
return state == I || state == D || state == PD || state == E;
}
static void setup_call(SIG_ENTITY *sig,unsigned long call_ref)
{
SOCKET *sock,*this,**walk;
struct sockaddr_atmsvc in_addr;
struct atm_sap in_sap;
struct atm_qos in_qos;
unsigned int problem;
int i;
problem = sap_decode(&in_dsc,&in_addr,&in_sap,&in_qos,sig->uni);
if (problem) {
send_release_complete(sig,call_ref,IE_PB_CAUSE(problem),
IE_PB_IE(problem));
return;
}
if (!atmsvc_addr_in_use(in_addr)) {
send_release_complete(sig,call_ref,ATM_CV_UNALLOC);
return;
}
if (!allow(&in_addr,ACL_IN)) {
send_release_complete(sig,call_ref,ATM_CV_REJ_CLIR);
return;
}
this = new_sock(kptr_null);
this->sig = sig;
sock = lookup_sap(&in_addr,&in_sap,&in_qos,&this->local,&this->sap,
&this->qos,0);
if (!sock) {
free_sock(this);
send_release_complete(sig,call_ref,ATM_CV_INCOMP_DEST);
return;
}
this->state = sig->mode == sm_net ? ss_proceeding : ss_indicated;
this->call_state = cs_in_proc;
this->call_ref = call_ref;
if (q_present(&in_dsc,QF_ep_ref))
this->ep_ref = cvt_ep_ref(sig,q_fetch(&in_dsc,QF_ep_ref));
#ifdef CISCO
else
#endif
if (sig->mode == sm_net) {
int error;
error = send_call_proceeding(this);
if (error) {
free_sock(this);
send_release_complete(sig,call_ref,ATM_CV_NO_CI);
return;
}
}
/* if (sock->local) *this->local->sas_addr = sock->local->sas_addr; ??? */
diag(COMPONENT,DIAG_DEBUG,"AAL type %ld",q_fetch(&in_dsc,QF_aal_type));
if (sig->mode == sm_user) { /* already set by send_call_proceeding */
int vpci;
vpci = q_fetch(&in_dsc,QF_vpi);
this->pvc.sap_family = AF_ATMPVC;
this->pvc.sap_addr.itf = get_itf(sig,&vpci);
this->pvc.sap_addr.vpi = vpci;
this->pvc.sap_addr.vci = q_fetch(&in_dsc,QF_vci);
}
diag(COMPONENT,DIAG_DEBUG,"ITF.VPI.VCI: %d.%d.%d",this->pvc.sap_addr.itf,
this->pvc.sap_addr.vpi,this->pvc.sap_addr.vci);
if (q_present(&in_dsc,QF_cgpn)) { /* should handle E.164 too */
char buffer[MAX_ATM_ADDR_LEN+1];
int plan;
plan = q_fetch(&in_dsc,QF_cgpn_plan);
switch (plan) {
case ATM_NP_AEA:
i = q_read(&in_dsc,QF_cgpn,(void *) this->remote.sas_addr.prv,
ATM_ESA_LEN);
break;
case ATM_NP_E164:
i = q_read(&in_dsc,QF_cgpn,(void *) this->remote.sas_addr.pub,
ATM_E164_LEN);
break;
default:
diag(COMPONENT,DIAG_WARN,"Ignoring cgpn with unrecognized "
"numbering plan 0x%x\n",plan);
i = 0;
}
if (i) {
this->remote.sas_family = AF_ATMSVC;
if (atm2text(buffer,MAX_ATM_ADDR_LEN+1,
(struct sockaddr *) &this->remote,pretty) < 0)
strcpy(buffer,"<invalid address>");
diag(COMPONENT,DIAG_DEBUG,"Incoming call from %s",buffer);
}
}
send_kernel(kptr_null,sock->id,as_indicate,0,&this->pvc,&this->remote,
&in_addr,&this->sap,&this->qos);
for (walk = &sock->listen; *walk; walk = &(*walk)->listen);
*walk = this;
diag(COMPONENT,DIAG_DEBUG,"SE vpi.vci=%d.%d",this->pvc.sap_addr.vpi,
this->pvc.sap_addr.vci);
}
int
put_resp (struct io_f *io, struct daddr_f *where, struct newt *newt, int flags)
{
struct note_f note;
struct resp_f resp;
struct flock dlock, nlock, rlock;
int lastin, phys, i;
rlock.l_whence = SEEK_SET;
nlock.l_type = F_RDLCK;
nlock.l_whence = SEEK_SET;
nlock.l_start = (off_t) (sizeof (struct descr_f) +
(newt->nr.notenum * sizeof (struct note_f)));
nlock.l_len = (off_t) sizeof (struct note_f);
TEMP_FAILURE_RETRY (fcntl (io->fidndx, F_SETLKW, &nlock));
getnoterec (io, newt->nr.notenum, ¬e);
if (note.n_rindx < 0)
{
lastin = note.n_rindx = get_new_resp_block (io);
resp.r_first = 1;
resp.r_last = 0;
resp.r_previous = -1;
resp.r_next = -1;
for (i=0; i<RESPSZ; i++)
resp.r_stat[i] = 0;
}
else
{
rlock.l_type = F_RDLCK;
rlock.l_start = (off_t) (sizeof (int) +
(note.n_rindx * sizeof (struct resp_f)));
rlock.l_len = (off_t) sizeof (struct resp_f);
TEMP_FAILURE_RETRY (fcntl (io->fidrdx, F_SETLKW, &rlock));
getresprec (io, lastin = note.n_rindx, &resp);
rlock.l_type = F_UNLCK;
fcntl (io->fidrdx, F_SETLK, &rlock);
}
i = phys = 0;
while (i < note.n_nresp)
{
if (phys >= RESPSZ)
{
rlock.l_type = F_RDLCK;
rlock.l_start = (off_t) (sizeof (int) +
(resp.r_next * sizeof (struct resp_f)));
rlock.l_len = (off_t) sizeof (struct resp_f);
TEMP_FAILURE_RETRY (fcntl (io->fidrdx, F_SETLKW, &rlock));
phys = 0;
getresprec (io, lastin = resp.r_next, &resp);
rlock.l_type = F_UNLCK;
fcntl (io->fidrdx, F_SETLK, &rlock);
}
if ((resp.r_stat[phys] & NOTE_DELETED) == 0)
i++;
phys++;
}
if (phys >= RESPSZ) /* We are in a new block of responses. */
{
phys = 0;
resp.r_next = get_new_resp_block (io);
rlock.l_type = F_WRLCK;
rlock.l_start = (off_t) (sizeof (int) +
(lastin * sizeof (struct resp_f)));
rlock.l_len = (off_t) sizeof (struct resp_f);
TEMP_FAILURE_RETRY (fcntl (io->fidrdx, F_SETLKW, &rlock));
putresprec (io, lastin, &resp);
resp.r_previous = lastin;
lastin = resp.r_next;
resp.r_next = -1;
resp.r_first = note.n_nresp + 1;
resp.r_last = resp.r_first - 1;
for (i=0; i<RESPSZ; i++)
resp.r_stat[i] = 0;
}
fdatasync (io->fidrdx);
rlock.l_type = F_RDLCK;
rlock.l_start = (off_t) (sizeof (int) +
(lastin * sizeof (struct resp_f)));
rlock.l_len = (off_t) sizeof (struct resp_f);
TEMP_FAILURE_RETRY (fcntl (io->fidrdx, F_SETLKW, &rlock));
note.n_nresp++;
resp.r_addr[phys].addr = where->addr;
resp.r_addr[phys].textlen = where->textlen;
strncpy (resp.r_auth[phys].aname, newt->auth.name, NAMESZ);
strncpy (resp.r_auth[phys].asystem, newt->auth.system, HOMESYSSZ);
resp.r_auth[phys].aid = (int) newt->auth.uid;
strncpy (resp.r_from[phys], newt->auth.system, SYSSZ);
resp.r_stat[phys] = 0;
if (newt->director_message && allow (io, DRCTOK))
resp.r_stat[phys] |= DIRMES;
/* Adjust moderation flag appropriately. */
if (flags & SKIP_MODERATION)
{
if (newt->options & NOTE_UNAPPROVED)
resp.r_stat[phys] |= ISUNAPPROVED;
}
else if (io->descr.d_stat & ISMODERATED && !allow (io, DRCTOK))
resp.r_stat[phys] |= ISUNAPPROVED;
if (newt->options & NOTE_ANONYMOUS)
strncpy (resp.r_auth[phys].aname, "anonymous", NAMESZ);
/* Prepare to alter the descriptor. */
dlock.l_type = F_RDLCK;
dlock.l_whence = SEEK_SET;
dlock.l_start = 0;
dlock.l_len = (off_t) sizeof (struct descr_f);
TEMP_FAILURE_RETRY (fcntl (io->fidndx, F_SETLKW, &dlock));
getdescr (io, &io->descr);
if (flags & ADD_ID)
{
strncpy (resp.r_id[phys].sys, newt->auth.system, SYSSZ);
resp.r_id[phys].uniqid = ++io->descr.d_id.uniqid;
resp.r_id[phys].uniqid += UNIQPLEX * io->descr.d_nfnum;
}
else
{
strncpy (resp.r_id[phys].sys, newt->id.system, SYSSZ);
resp.r_id[phys].sys[SYSSZ - 1] = '\0';
resp.r_id[phys].uniqid = newt->id.number;
}
if (flags & UPDATE_TIMES)
{
get_uiuc_time (&io->descr.d_lastm, newt->created);
get_uiuc_time (¬e.n_lmod, newt->modified);
}
get_uiuc_time (&resp.r_when[phys], newt->created);
get_uiuc_time (&resp.r_rcvd[phys], newt->created);
resp.r_last++;
rlock.l_type = F_WRLCK;
TEMP_FAILURE_RETRY (fcntl (io->fidrdx, F_SETLKW, &rlock));
nlock.l_type = F_WRLCK;
TEMP_FAILURE_RETRY (fcntl (io->fidndx, F_SETLKW, &nlock));
dlock.l_type = F_WRLCK;
TEMP_FAILURE_RETRY (fcntl (io->fidndx, F_SETLKW, &dlock));
putresprec (io, lastin, &resp);
putnoterec (io, newt->nr.notenum, ¬e);
io->descr.d_rspwrit++;
nlock.l_type = F_UNLCK;
fcntl (io->fidndx, F_SETLK, &nlock);
putdescr (io, &io->descr);
fdatasync (io->fidrdx);
fdatasync (io->fidndx);
dlock.l_type = F_UNLCK;
fcntl (io->fidndx, F_SETLK, &dlock);
rlock.l_type = F_UNLCK;
fcntl (io->fidrdx, F_SETLK, &rlock);
return note.n_nresp;
}
void ToolBar::allowRight(bool a)
{ allow(Qt::RightToolBarArea, a); }
int
uiuc_write_note (struct notesfile *nf, struct newt *newt, int flags)
{
struct io_f io;
struct daddr_f daddr;
int result;
int error;
if (newt->nr.notenum < -1 || newt->nr.notenum > nf->total_notes)
return -1;
flags &= ~SKIP_MODERATION; /* Not allowed via the public interface. */
error = init (&io, nf->ref);
if (error != NEWTS_NO_ERROR)
return error;
if (io.descr.d_stat & NFINVALID)
{
closenf (&io);
return -1;
}
if (io.descr.d_stat & ISARCHIVE && !allow (&io, DRCTOK))
{
closenf (&io);
return -2;
}
if (newt->nr.notenum == -1)
{
/* We have a new basenote here. */
if (!allow (&io, WRITOK))
{
closenf (&io);
return -2;
}
puttextrec (&io, newt->text, &daddr, -1);
result = put_note (&io, &daddr, newt, flags);
if (result < 0)
{
closenf (&io);
return result;
}
if (!(flags & ADD_POLICY))
nf->total_notes++;
closenf (&io);
return result;
}
else
{
/* Reject responses to the policy note ... for now. */
if (newt->nr.notenum == 0)
return -1;
if (!allow (&io, RESPOK))
{
closenf (&io);
return -2;
}
puttextrec (&io, newt->text, &daddr, -1);
result = put_resp (&io, &daddr, newt, flags);
closenf (&io);
return result;
}
}
void ToolBar::allowBottom(bool a)
{ allow(Qt::BottomToolBarArea, a); }
bool operator()(const std::wstring& name) {
return allow(name);
}