static ACLWrapper_t *
acl_wrapper_new(void)
{
ACLWrapper_t *handle;
handle = ( ACLWrapper_t * ) PERM_CALLOC ( sizeof(ACLWrapper_t) );
return(handle);
}
NSAPI_PUBLIC ACLListHandle_t *
ACL_ListNew(NSErr_t *errp)
{
ACLListHandle_t *handle;
handle = ( ACLListHandle_t * ) PERM_CALLOC ( sizeof(ACLListHandle_t) );
handle->ref_count = 1;
return(handle);
}
NSAPI_PUBLIC ACLExprHandle_t *
ACL_ExprNew( const ACLExprType_t expr_type )
{
ACLExprHandle_t *expr_handle;
expr_handle = ( ACLExprHandle_t * ) PERM_CALLOC ( sizeof(ACLExprHandle_t) );
if ( expr_handle ) {
expr_handle->expr_arry = ( ACLExprEntry_t * )
PERM_CALLOC( ACL_TERM_BSIZE * sizeof(ACLExprEntry_t) ) ;
expr_handle->expr_arry_size = ACL_TERM_BSIZE;
expr_handle->expr_type = expr_type;
expr_handle->expr_raw = ( ACLExprRaw_t * )
PERM_CALLOC( ACL_TERM_BSIZE * sizeof(ACLExprRaw_t) ) ;
expr_handle->expr_raw_size = ACL_TERM_BSIZE;
}
return(expr_handle);
}
NSAPI_PUBLIC ACLHandle_t *
ACL_AclNew(NSErr_t *errp, char *tag )
{
ACLHandle_t *handle;
handle = ( ACLHandle_t * ) PERM_CALLOC ( 1 * sizeof (ACLHandle_t) );
if ( handle && tag ) {
handle->tag = PERM_STRDUP( tag );
if ( handle->tag == NULL ) {
PERM_FREE(handle);
return(NULL);
}
}
return(handle);
}
NSAPI_PUBLIC const Filter *filter_create_internal(const char *name, int order, const FilterMethods *methods, int flags)
{
/*
* Deal with the extensible, variable-sized FilterMethods struct
*/
FilterMethods ourmethods = FILTER_METHODS_INITIALIZER;
int supplied = METHODS_COUNT(methods);
int supported = METHODS_COUNT(&ourmethods);
int unsupported = 0;
int i;
// Check for unsupported methods
for (i = supported; i < supplied; i++) {
if (METHODS_ARRAY(methods)[i] != NULL)
unsupported++;
}
if (unsupported) {
ereport(LOG_WARN, XP_GetAdminStr(DBT_FilterXDefinesYUnsupportedMethods),
name, unsupported);
}
// Copy the caller's method pointers to our initialized method array
if (supported > supplied)
supported = supplied;
memcpy(METHODS_ARRAY(&ourmethods), METHODS_ARRAY(methods), supported * sizeof(void *));
/*
* Create the filter
*/
Filter *filter = (Filter *)PERM_CALLOC(sizeof(Filter));
if (filter)
filter_fill(name, order, &ourmethods, flags, filter);
return filter;
}
static inline SessionThreadData *find_thread_data(Session *sn)
{
NSAPISession *nsn = (NSAPISession *)sn;
if (nsn && nsn->thread_data)
return nsn->thread_data;
HttpRequest *hrq = HttpRequest::CurrentRequest();
if (hrq) {
DaemonSession &dsn = hrq->GetDaemonSession();
if (nsn)
nsn->thread_data = &dsn.thread_data;
return &dsn.thread_data;
}
// We're being called from a non-DaemonSession thread
void *data = PR_GetThreadPrivate(_session_thread_key);
if (!data) {
data = PERM_CALLOC(sizeof(SessionThreadData));
PR_SetThreadPrivate(_session_thread_key, data);
}
return (SessionThreadData *)data;
}
/* LASDNSBuild
* Builds a hash table of all the hostnames provided (plus their aliases
* if aliasflg is true). Wildcards are only permitted in the leftmost
* field. They're represented in the hash table by a leading period.
* E.g. ".mcom.com".
*
* RETURNS Zero on success, else LAS_EVAL_INVALID
*/
int
LASDnsBuild(NSErr_t *errp, char *attr_pattern, LASDnsContext_t *context, int aliasflg)
{
size_t delimiter; /* length of valid tokeni */
char token[256]; /* max length dns name */
int i;
char **p;
pool_handle_t *pool;
PRStatus error=PR_SUCCESS;
char buffer[PR_NETDB_BUF_SIZE];
#ifdef UTEST
struct hostent *he, host;
#else
PRHostEnt *he, host;
#endif
char *end_attr_pattern;
if (attr_pattern == NULL) {
nserrGenerate(errp, ACLERRINVAL, ACLERR4770, ACL_Program, 1,
XP_GetAdminStr(DBT_lasdnsbuildInvalidAttributePattern_));
return LAS_EVAL_INVALID;
}
context->Table = PR_NewHashTable(0,
PR_HashCaseString,
PR_CompareCaseStrings,
PR_CompareValues,
&ACLPermAllocOps,
NULL);
pool = pool_create();
context->pool = pool;
if ((!context->Table) || (!context->pool)) {
nserrGenerate(errp, ACLERRNOMEM, ACLERR4700, ACL_Program, 1,
XP_GetAdminStr(DBT_lasdnsbuildUnableToAllocateHashT_));
return LAS_EVAL_INVALID;
}
end_attr_pattern = attr_pattern + strlen(attr_pattern);
do {
size_t maxsize = sizeof(token);
/* Get a single hostname from the pattern string */
delimiter = strcspn(attr_pattern, ", \t");
if (delimiter >= maxsize) {
delimiter = maxsize-1;
}
PL_strncpyz(token, attr_pattern, delimiter + 1);
token[delimiter] = '\0';
/* Skip any white space after the token */
attr_pattern += delimiter;
if (attr_pattern < end_attr_pattern) {
attr_pattern += strspn(attr_pattern, ", \t");
}
/* If there's a wildcard, strip it off but leave the "."
* Can't have aliases for a wildcard pattern.
* Treat "*" as a special case. If so, go ahead and hash it.
*/
if (token[0] == '*') {
if (token[1] != '\0') {
if (!PR_HashTableAdd(context->Table, pool_strdup(pool, &token[1]), (void *)-1)) {
nserrGenerate(errp, ACLERRFAIL, ACLERR4710, ACL_Program, 2,
XP_GetAdminStr(DBT_lasdnsbuildUnableToAddKeySN_), token);
return LAS_EVAL_INVALID;
}
} else {
if (!PR_HashTableAdd(context->Table, pool_strdup(pool, token), (void *)-1)) {
nserrGenerate(errp, ACLERRFAIL, ACLERR4720, ACL_Program, 2, XP_GetAdminStr(DBT_lasdnsbuildUnableToAddKeySN_), token);
return LAS_EVAL_INVALID;
}
}
} else {
/* This is a single hostname add it to the hash table */
if (!PR_HashTableAdd(context->Table, pool_strdup(pool, &token[0]), (void *)-1)) {
nserrGenerate(errp, ACLERRFAIL, ACLERR4730, ACL_Program, 2, XP_GetAdminStr(DBT_lasdnsbuildUnableToAddKeySN_), token);
return LAS_EVAL_INVALID;
}
if (aliasflg) {
void *iter = NULL;
int addrcnt = 0;
PRNetAddr *netaddr = (PRNetAddr *)PERM_CALLOC(sizeof(PRNetAddr));
PRAddrInfo *infop = PR_GetAddrInfoByName(token,
PR_AF_UNSPEC, (PR_AI_ADDRCONFIG|PR_AI_NOCANONNAME));
if (!netaddr) {
if (infop) {
PR_FreeAddrInfo(infop);
}
return LAS_EVAL_NEED_MORE_INFO; /* hostname not known to dns? */
}
if (!infop) {
if (netaddr) {
PERM_FREE(netaddr);
}
return LAS_EVAL_NEED_MORE_INFO; /* hostname not known to dns? */
}
/* need to count the address, first */
while ((iter = PR_EnumerateAddrInfo(iter, infop, 0, netaddr))) {
addrcnt++;
}
if (0 == addrcnt) {
PERM_FREE(netaddr);
PR_FreeAddrInfo(infop);
return LAS_EVAL_NEED_MORE_INFO; /* hostname not known to dns? */
}
iter = NULL; /* from the beginning */
memset(netaddr, 0, sizeof(PRNetAddr));
for (i = 0; i < addrcnt; i++) {
iter = PR_EnumerateAddrInfo( iter, infop, 0, netaddr );
if (NULL == iter) {
break;
}
error = PR_GetHostByAddr(netaddr, buffer,
PR_NETDB_BUF_SIZE, &host);
if (error == PR_SUCCESS) {
he = &host;
} else {
continue;
}
if (he->h_name) {
/* Add it to the hash table */
if (!PR_HashTableAdd(context->Table,
pool_strdup(pool, he->h_name),
(void *)-1)) {
nserrGenerate(errp, ACLERRFAIL, ACLERR4750,
ACL_Program, 2,
XP_GetAdminStr(DBT_lasdnsbuildUnableToAddKeySN_),
he->h_name);
PERM_FREE(netaddr);
PR_FreeAddrInfo(infop);
return LAS_EVAL_INVALID;
}
}
if (he->h_aliases && he->h_aliases[0]) {
for (p = he->h_aliases; *p; ++p) {
/* Add it to the hash table */
if (!PR_HashTableAdd(context->Table,
pool_strdup(pool, *p),
(void *)-1)) {
nserrGenerate(errp, ACLERRFAIL, ACLERR4760,
ACL_Program, 2,
XP_GetAdminStr(DBT_lasdnsbuildUnableToAddKeySN_),
*p);
PERM_FREE(netaddr);
PR_FreeAddrInfo(infop);
return LAS_EVAL_INVALID;
}
}
}
} /* for (i = 0; i < addrcnt; i++) */
PERM_FREE(netaddr);
PR_FreeAddrInfo(infop);
} /* if aliasflg */
} /* else - single hostname */
} while ((attr_pattern != NULL) &&
(attr_pattern[0] != '\0') &&
(delimiter != 0));
return 0;
}
