END_TEST START_TEST (netacl_dup_test) { pr_netacl_t *acl, *res; res = pr_netacl_dup(NULL, NULL); fail_unless(res == NULL, "Failed to handle NULL arguments"); fail_unless(errno == EINVAL, "Failed to set errno to EINVAL"); res = pr_netacl_dup(p, NULL); fail_unless(res == NULL, "Failed to handle NULL ACL argument"); fail_unless(errno == EINVAL, "Failed to set errno to EINVAL"); acl = pr_netacl_create(p, "ALL"); fail_unless(acl != NULL, "Failed to create ALL ACL"); res = pr_netacl_dup(NULL, acl); fail_unless(res == NULL, "Failed to handle NULL pool"); fail_unless(errno == EINVAL, "Failed to set errno to EINVAL"); res = pr_netacl_dup(p, acl); fail_unless(res != NULL, "Failed to dup ACL: %s", strerror(errno)); fail_unless(strcmp(pr_netacl_get_str(p, res), pr_netacl_get_str(p, acl)) == 0, "Expected '%s', got '%s'", pr_netacl_get_str(p, acl), pr_netacl_get_str(p, res)); }
MODRET add_lmd_allow_from(cmd_rec *cmd) { config_rec *c; int i; array_header *allowed_acls; if(cmd->argc < 2 ) CONF_ERROR(cmd, "argument missing"); CHECK_CONF(cmd, CONF_ROOT|CONF_GLOBAL); /* argv => LMDMemcachedHost 127.0.0.1 192.168.0.1 ... */ c = find_config(main_server->conf, CONF_PARAM, "LMDBAllow", FALSE); if(c && c->argv[0]) { allowed_acls = c->argv[0]; } else { c = add_config_param(cmd->argv[0], 0, NULL); c->argv[0] = allowed_acls = make_array(cmd->server->pool, 0, sizeof(char *)); } for(i=1; i < cmd->argc; i++) { char *entry = cmd->argv[i]; if (strcasecmp(entry, "all") == 0 || strcasecmp(entry, "none") == 0) { break; } pr_netacl_t *acl = pr_netacl_create(cmd->server->pool, entry); *((pr_netacl_t **) push_array(allowed_acls)) = acl; pr_log_debug(DEBUG2, "%s: add LMDBAllow[%d] %s", MODULE_NAME, i, entry); } return PR_HANDLED(cmd); }
END_TEST START_TEST (class_get_test) { const pr_class_t *class; int res; pr_netacl_t *acl; class = pr_class_get(NULL); fail_unless(class == NULL, "Failed to handle empty class list"); acl = pr_netacl_create(p, "all"); fail_unless(acl != NULL, "Failed to handle ACL string 'all': %s", strerror(errno)); res = pr_class_open(p, "foo"); fail_unless(res == 0, "Failed to open class: %s", strerror(errno)); res = pr_class_add_acl(acl); fail_unless(res == 0, "Failed to add ACL: %s", strerror(errno)); class = pr_class_get(NULL); fail_unless(class == NULL, "Failed to handle unclosed class in list"); res = pr_class_close(); fail_unless(res == 0, "Failed to close class: %s", strerror(errno)); class = pr_class_get(NULL); fail_unless(class != NULL, "Failed to get class in list: %s", strerror(errno)); fail_unless(strcmp(class->cls_name, "foo") == 0, "Expected '%s', got '%s'", "foo", class->cls_name); class = pr_class_get(class); fail_unless(class == NULL, "Failed to return NULL for end-of-list"); }
END_TEST START_TEST (class_close_test) { pr_netacl_t *acl; int res; res = pr_class_close(); fail_unless(res == 0, "Failed to close nonexistent current class: %s", strerror(errno)); res = pr_class_open(p, "foo"); fail_unless(res == 0, "Failed to open class: %s", strerror(errno)); res = pr_class_close(); fail_unless(res == -1, "Failed to close empty class"); fail_unless(errno == EINVAL, "Failed to set errno to EINVAL"); fail_unless(main_server->config_type == CONF_ROOT, "Expected config_type of %d, got %d", CONF_ROOT, main_server->config_type); res = pr_class_open(p, "foo"); fail_unless(res == 0, "Failed to open class: %s", strerror(errno)); acl = pr_netacl_create(p, "all"); fail_unless(acl != NULL, "Failed to handle ACL string 'all': %s", strerror(errno)); res = pr_class_add_acl(acl); fail_unless(res == 0, "Failed to add ACL: %s", strerror(errno)); res = pr_class_close(); fail_unless(res == 0, "Failed to close class: %s", strerror(errno)); fail_unless(main_server->config_type == CONF_ROOT, "Expected config_type of %d, got %d", CONF_ROOT, main_server->config_type); }
END_TEST START_TEST (netacl_get_negated_test) { pr_netacl_t *acl; int res; res = pr_netacl_get_negated(NULL); fail_unless(res == -1, "Failed to handle NULL argument"); fail_unless(errno == EINVAL, "Failed to set errno to EINVAL"); acl = pr_netacl_create(p, "127.0.0.1"); fail_unless(acl != NULL, "Failed to create ACL: %s", strerror(errno)); res = pr_netacl_get_negated(acl); fail_unless(res == 0, "Expected %d, got %d", 0, res); acl = pr_netacl_create(p, "!127.0.0.1"); fail_unless(acl != NULL, "Failed to create ACL: %s", strerror(errno)); res = pr_netacl_get_negated(acl); fail_unless(res == 1, "Expected %d, got %d", 1, res); }
END_TEST START_TEST (expr_eval_class_or_test) { pr_netacl_t *acl; char *names1[3] = { "foo", "test", NULL }, *names2[2] = { "test", NULL }, *names3[2] = { "!baz", NULL }, *names4[2] = { "foo", NULL }; int res; res = pr_expr_eval_class_or(NULL); fail_unless(res == -1, "Failed to handle null argument"); fail_unless(errno == EINVAL, "Failed to set errno to EINVAL"); session.conn_class = NULL; res = pr_expr_eval_class_or(names1); fail_unless(res == FALSE, "Expected FALSE, got TRUE"); init_netaddr(); init_class(); res = pr_class_open(p, "test"); fail_unless(res == 0, "Failed to open class: %s", strerror(errno)); acl = pr_netacl_create(p, "all"); fail_unless(acl != NULL, "Failed to create ACL: %s", strerror(errno)); res = pr_class_add_acl(acl); fail_unless(res == 0, "Failed to add ACL to class: %s", strerror(errno)); res = pr_class_close(); fail_unless(res == 0, "Failed to close class: %s", strerror(errno)); session.conn_class = pr_class_find("test"); fail_unless(session.conn_class != NULL, "Failed to find 'test' class: %s", strerror(errno)); res = pr_expr_eval_class_or(names1); fail_unless(res == TRUE, "Expected TRUE, got FALSE"); res = pr_expr_eval_class_or(names2); fail_unless(res == TRUE, "Expected TRUE, got FALSE"); res = pr_expr_eval_class_or(names3); fail_unless(res == TRUE, "Expected TRUE, got FALSE"); res = pr_expr_eval_class_or(names4); fail_unless(res == FALSE, "Expected FALSE, got TRUE"); }
END_TEST START_TEST (class_find_test) { const pr_class_t *class; pr_netacl_t *acl; int res; class = pr_class_find(NULL); fail_unless(class == NULL, "Failed to handle NULL argument"); fail_unless(errno == EINVAL, "Failed to set errno to EINVAL"); class = pr_class_find("foo"); fail_unless(class == NULL, "Failed to handle empty list"); fail_unless(errno == ENOENT, "Failed to set errno to ENOENT"); acl = pr_netacl_create(p, "all"); fail_unless(acl != NULL, "Failed to handle ACL string 'all': %s", strerror(errno)); res = pr_class_open(p, "foo"); fail_unless(res == 0, "Failed to open class: %s", strerror(errno)); res = pr_class_add_acl(acl); fail_unless(res == 0, "Failed to add ACL: %s", strerror(errno)); class = pr_class_find("foo"); fail_unless(class == NULL, "Failed to handle empty list"); fail_unless(errno == ENOENT, "Failed to set errno to ENOENT"); res = pr_class_close(); fail_unless(res == 0, "Failed to close class: %s", strerror(errno)); class = pr_class_find("foo"); fail_unless(class != NULL, "Failed to handle class 'foo': %s", strerror(errno)); class = pr_class_find("bar"); fail_unless(class == NULL, "Failed to handle nonexistent class"); fail_unless(errno == ENOENT, "Failed to set errno to ENOENT"); }
END_TEST START_TEST (class_add_acl_test) { pr_netacl_t *acl; int res; res = pr_class_add_acl(NULL); fail_unless(res == -1, "Failed to handle NULL argument"); fail_unless(errno == EINVAL, "Failed to set errno to EINVAL"); acl = pr_netacl_create(p, "all"); fail_unless(acl != NULL, "Failed to handle ACL string 'all': %s", strerror(errno)); res = pr_class_add_acl(acl); fail_unless(res == -1, "Failed to handle unopened class"); fail_unless(errno == EPERM, "Failed to set errno to EPERM"); res = pr_class_open(p, "foo"); fail_unless(res == 0, "Failed to open class: %s", strerror(errno)); res = pr_class_add_acl(acl); fail_unless(res == 0, "Failed to add ACL: %s", strerror(errno)); }
END_TEST START_TEST (netacl_match_test) { pr_netacl_t *acl; pr_netaddr_t *addr; char *acl_str; int have_localdomain = FALSE, res; res = pr_netacl_match(NULL, NULL); fail_unless(res == -2, "Failed to handle NULL arguments"); fail_unless(errno == EINVAL, "Failed to set errno to EINVAL"); acl_str = "all"; acl = pr_netacl_create(p, acl_str); fail_unless(acl != NULL, "Failed to handle ACL string '%s': %s", acl_str, strerror(errno)); res = pr_netacl_match(acl, NULL); fail_unless(res == -2, "Failed to handle NULL addr"); fail_unless(errno == EINVAL, "Failed to set errno to EINVAL"); addr = pr_netaddr_get_addr(p, "localhost", NULL); fail_unless(addr != NULL, "Failed to get addr for '%s': %s", "localhost", strerror(errno)); /* It's possible that the DNS name for 'localhost' that is used will * actually be 'localhost.localdomain', depending on the contents of * the host's /etc/hosts file. */ if (strcmp(pr_netaddr_get_dnsstr(addr), "localhost.localdomain") == 0) { have_localdomain = TRUE; } res = pr_netacl_match(NULL, addr); fail_unless(res == -2, "Failed to handle NULL ACL"); fail_unless(errno == EINVAL, "Failed to set errno to EINVAL"); res = pr_netacl_match(acl, addr); fail_unless(res == 1, "Failed to positively match ACL to addr: %s", strerror(errno)); acl_str = "none"; acl = pr_netacl_create(p, acl_str); fail_unless(acl != NULL, "Failed to handle ACL string '%s': %s", acl_str, strerror(errno)); res = pr_netacl_match(acl, addr); fail_unless(res == -1, "Failed to negatively match ACL to addr: %s", strerror(errno)); acl_str = pstrdup(p, "127.0.0.1"); acl = pr_netacl_create(p, acl_str); fail_unless(acl != NULL, "Failed to handle ACL string '%s': %s", acl_str, strerror(errno)); res = pr_netacl_match(acl, addr); fail_unless(res == 1, "Failed to positively match ACL to addr: %s", strerror(errno)); acl_str = pstrdup(p, "!127.0.0.1"); acl = pr_netacl_create(p, acl_str); fail_unless(acl != NULL, "Failed to handle ACL string '%s': %s", acl_str, strerror(errno)); res = pr_netacl_match(acl, addr); fail_unless(res == -1, "Failed to negatively match ACL to addr: %s", strerror(errno)); acl_str = pstrdup(p, "192.168.0.1"); acl = pr_netacl_create(p, acl_str); fail_unless(acl != NULL, "Failed to handle ACL string '%s': %s", acl_str, strerror(errno)); res = pr_netacl_match(acl, addr); fail_unless(res == 0, "Failed to match ACL to addr: %s", strerror(errno)); acl_str = pstrdup(p, "!192.168.0.1"); acl = pr_netacl_create(p, acl_str); fail_unless(acl != NULL, "Failed to handle ACL string '%s': %s", acl_str, strerror(errno)); res = pr_netacl_match(acl, addr); fail_unless(res == 1, "Failed to positively match ACL to addr: %s", strerror(errno)); acl_str = pstrdup(p, "127.0.0.0/24"); acl = pr_netacl_create(p, acl_str); fail_unless(acl != NULL, "Failed to handle ACL string '%s': %s", acl_str, strerror(errno)); res = pr_netacl_match(acl, addr); fail_unless(res == 1, "Failed to positively match ACL to addr: %s", strerror(errno)); acl_str = pstrdup(p, "!127.0.0.0/24"); acl = pr_netacl_create(p, acl_str); fail_unless(acl != NULL, "Failed to handle ACL string '%s': %s", acl_str, strerror(errno)); res = pr_netacl_match(acl, addr); fail_unless(res == -1, "Failed to negatively match ACL to addr: %s", strerror(errno)); acl_str = pstrdup(p, "127.0.0."); acl = pr_netacl_create(p, acl_str); fail_unless(acl != NULL, "Failed to handle ACL string '%s': %s", acl_str, strerror(errno)); res = pr_netacl_match(acl, addr); fail_unless(res == 1, "Failed to positively match ACL to addr: %s", strerror(errno)); acl_str = pstrdup(p, "!127.0.0."); acl = pr_netacl_create(p, acl_str); fail_unless(acl != NULL, "Failed to handle ACL string '%s': %s", acl_str, strerror(errno)); res = pr_netacl_match(acl, addr); fail_unless(res == -1, "Failed to negatively match ACL to addr: %s", strerror(errno)); if (!have_localdomain) { acl_str = pstrdup(p, "localhost"); } else { acl_str = pstrdup(p, "localhost.localdomain"); } acl = pr_netacl_create(p, acl_str); fail_unless(acl != NULL, "Failed to handle ACL string '%s': %s", acl_str, strerror(errno)); res = pr_netacl_match(acl, addr); fail_unless(res == 1, "Failed to positively match ACL to addr: %s", strerror(errno)); if (!have_localdomain) { acl_str = pstrdup(p, "!localhost"); } else { acl_str = pstrdup(p, "!localhost.localdomain"); } acl = pr_netacl_create(p, acl_str); fail_unless(acl != NULL, "Failed to handle ACL string '%s': %s", acl_str, strerror(errno)); res = pr_netacl_match(acl, addr); fail_unless(res == -1, "Failed to negatively match ACL to addr: %s", strerror(errno)); if (!have_localdomain) { acl_str = pstrdup(p, "loc*st"); } else { acl_str = pstrdup(p, "loc*st.loc*in"); } acl = pr_netacl_create(p, acl_str); fail_unless(acl != NULL, "Failed to handle ACL string '%s': %s", acl_str, strerror(errno)); res = pr_netacl_match(acl, addr); fail_unless(res == 1, "Failed to positively match ACL to addr: %s", strerror(errno)); if (!have_localdomain) { acl_str = pstrdup(p, "!loc*st"); } else { acl_str = pstrdup(p, "!loc*st.loc*in"); } acl = pr_netacl_create(p, acl_str); fail_unless(acl != NULL, "Failed to handle ACL string '%s': %s", acl_str, strerror(errno)); res = pr_netacl_match(acl, addr); fail_unless(res == -1, "Failed to negatively match ACL to addr: %s", strerror(errno)); }
END_TEST START_TEST (netacl_get_str_test) { pr_netacl_t *acl; char *acl_str, *ok; const char *res; res = pr_netacl_get_str(NULL, NULL); fail_unless(res == NULL, "Failed to handle NULL arguments"); fail_unless(errno == EINVAL, "Failed to set errno to EINVAL"); res = pr_netacl_get_str(p, NULL); fail_unless(res == NULL, "Failed to handle NULL ACL"); fail_unless(errno == EINVAL, "Failed to set errno to EINVAL"); acl_str = "all"; acl = pr_netacl_create(p, acl_str); fail_unless(acl != NULL, "Failed to create ACL: %s", strerror(errno)); res = pr_netacl_get_str(NULL, acl); fail_unless(res == NULL, "Failed to handle NULL pool"); fail_unless(errno == EINVAL, "Failed to set errno to EINVAL"); ok = "all <all>"; res = pr_netacl_get_str(p, acl); fail_unless(res != NULL, "Failed to get ACL string: %s", strerror(errno)); fail_unless(strcmp(res, ok) == 0, "Expected '%s', got '%s'", ok, res); acl_str = "AlL"; acl = pr_netacl_create(p, acl_str); fail_unless(acl != NULL, "Failed to create ACL: %s", strerror(errno)); res = pr_netacl_get_str(p, acl); fail_unless(res != NULL, "Failed to get ACL string: %s", strerror(errno)); fail_unless(strcmp(res, ok) == 0, "Expected '%s', got '%s'", ok, res); acl_str = "None"; acl = pr_netacl_create(p, acl_str); fail_unless(acl != NULL, "Failed to create ACL: %s", strerror(errno)); ok = "none <none>"; res = pr_netacl_get_str(p, acl); fail_unless(res != NULL, "Failed to get ACL string: %s", strerror(errno)); fail_unless(strcmp(res, ok) == 0, "Expected '%s', got '%s'", ok, res); acl_str = pstrdup(p, "127.0.0.1"); acl = pr_netacl_create(p, acl_str); fail_unless(acl != NULL, "Failed to create ACL: %s", strerror(errno)); ok = "127.0.0.1 <IP address match>"; res = pr_netacl_get_str(p, acl); fail_unless(res != NULL, "Failed to get ACL string: %s", strerror(errno)); fail_unless(strcmp(res, ok) == 0, "Expected '%s', got '%s'", ok, res); acl_str = pstrdup(p, "!127.0.0.1"); acl = pr_netacl_create(p, acl_str); fail_unless(acl != NULL, "Failed to create ACL: %s", strerror(errno)); ok = "!127.0.0.1 <IP address match, inverted>"; res = pr_netacl_get_str(p, acl); fail_unless(res != NULL, "Failed to get ACL string: %s", strerror(errno)); fail_unless(strcmp(res, ok) == 0, "Expected '%s', got '%s'", ok, res); acl_str = pstrdup(p, "127.0.0."); acl = pr_netacl_create(p, acl_str); fail_unless(acl != NULL, "Failed to create ACL: %s", strerror(errno)); ok = "127.0.0.* <IP address glob>"; res = pr_netacl_get_str(p, acl); fail_unless(res != NULL, "Failed to get ACL string: %s", strerror(errno)); fail_unless(strcmp(res, ok) == 0, "Expected '%s', got '%s'", ok, res); acl_str = pstrdup(p, "localhost"); acl = pr_netacl_create(p, acl_str); fail_unless(acl != NULL, "Failed to create ACL: %s", strerror(errno)); ok = "localhost <DNS hostname match>"; res = pr_netacl_get_str(p, acl); fail_unless(res != NULL, "Failed to get ACL string: %s", strerror(errno)); fail_unless(strcmp(res, ok) == 0, "Expected '%s', got '%s'", ok, res); acl_str = pstrdup(p, ".castaglia.org"); acl = pr_netacl_create(p, acl_str); fail_unless(acl != NULL, "Failed to create ACL: %s", strerror(errno)); ok = "*.castaglia.org <DNS hostname glob>"; res = pr_netacl_get_str(p, acl); fail_unless(res != NULL, "Failed to get ACL string: %s", strerror(errno)); fail_unless(strcmp(res, ok) == 0, "Expected '%s', got '%s'", ok, res); acl_str = pstrdup(p, "127.0.0.1/24"); acl = pr_netacl_create(p, acl_str); fail_unless(acl != NULL, "Failed to create ACL: %s", strerror(errno)); ok = "127.0.0.1/24 <IP address mask, 24-bit mask>"; res = pr_netacl_get_str(p, acl); fail_unless(res != NULL, "Failed to get ACL string: %s", strerror(errno)); fail_unless(strcmp(res, ok) == 0, "Expected '%s', got '%s'", ok, res); acl_str = pstrdup(p, "127.0.0.1/0"); acl = pr_netacl_create(p, acl_str); fail_unless(acl != NULL, "Failed to create ACL: %s", strerror(errno)); ok = "127.0.0.1/0 <IP address mask, 0-bit mask>"; res = pr_netacl_get_str(p, acl); fail_unless(res != NULL, "Failed to get ACL string: %s", strerror(errno)); fail_unless(strcmp(res, ok) == 0, "Expected '%s', got '%s'", ok, res); acl_str = pstrdup(p, "!127.0.0.1/24"); acl = pr_netacl_create(p, acl_str); fail_unless(acl != NULL, "Failed to create ACL: %s", strerror(errno)); ok = "!127.0.0.1/24 <IP address mask, 24-bit mask, inverted>"; res = pr_netacl_get_str(p, acl); fail_unless(res != NULL, "Failed to get ACL string: %s", strerror(errno)); fail_unless(strcmp(res, ok) == 0, "Expected '%s', got '%s'", ok, res); #ifdef PR_USE_IPV6 acl_str = pstrdup(p, "::1/24"); acl = pr_netacl_create(p, acl_str); fail_unless(acl != NULL, "Failed to create ACL: %s", strerror(errno)); ok = "::1/24 <IP address mask, 24-bit mask>"; res = pr_netacl_get_str(p, acl); fail_unless(res != NULL, "Failed to get ACL string: %s", strerror(errno)); fail_unless(strcmp(res, ok) == 0, "Expected '%s', got '%s'", ok, res); acl_str = pstrdup(p, "::1/127"); acl = pr_netacl_create(p, acl_str); fail_unless(acl != NULL, "Failed to create ACL: %s", strerror(errno)); ok = "::1/127 <IP address mask, 127-bit mask>"; res = pr_netacl_get_str(p, acl); fail_unless(res != NULL, "Failed to get ACL string: %s", strerror(errno)); fail_unless(strcmp(res, ok) == 0, "Expected '%s', got '%s'", ok, res); acl_str = pstrdup(p, "::ffff:127.0.0.1/127"); acl = pr_netacl_create(p, acl_str); fail_unless(acl != NULL, "Failed to create ACL: %s", strerror(errno)); ok = "::ffff:127.0.0.1/127 <IP address mask, 127-bit mask>"; res = pr_netacl_get_str(p, acl); fail_unless(res != NULL, "Failed to get ACL string: %s", strerror(errno)); fail_unless(strcmp(res, ok) == 0, "Expected '%s', got '%s'", ok, res); #endif }
END_TEST START_TEST (class_match_addr_test) { const pr_netaddr_t *addr; const pr_class_t *class; pr_netacl_t *acl; int res; class = pr_class_match_addr(NULL); fail_unless(class == NULL, "Failed to handle NULL argument"); fail_unless(errno == EINVAL, "Failed to set errno to EINVAL"); addr = pr_netaddr_get_addr(p, "localhost", FALSE); fail_unless(addr != NULL, "Failed to get addr: %s", strerror(errno)); class = pr_class_match_addr(addr); fail_unless(class == NULL, "Failed to handle empty class list"); fail_unless(errno == ENOENT, "Failed to set errno to ENOENT"); res = pr_class_open(p, "localhost"); fail_unless(res == 0, "Failed to open class: %s", strerror(errno)); acl = pr_netacl_create(p, "127.0.0.1"); fail_unless(acl != NULL, "Failed to create ACL: %s", strerror(errno)); res = pr_class_add_acl(acl); fail_unless(res == 0, "Failed to add ACL to class: %s", strerror(errno)); res = pr_class_close(); fail_unless(res == 0, "Failed to close class: %s", strerror(errno)); res = pr_class_open(p, "!localhost"); fail_unless(res == 0, "Failed to open class: %s", strerror(errno)); acl = pr_netacl_create(p, "!127.0.0.1"); fail_unless(acl != NULL, "Failed to create ACL: %s", strerror(errno)); res = pr_class_add_acl(acl); fail_unless(res == 0, "Failed to add ACL to class: %s", strerror(errno)); res = pr_class_close(); fail_unless(res == 0, "Failed to close class: %s", strerror(errno)); class = pr_class_match_addr(addr); fail_unless(class != NULL, "Failed to match class for addr: %s", strerror(errno)); fail_unless(strcmp(class->cls_name, "localhost") == 0, "Expected '%s', got '%s'", "localhost", class->cls_name); /* Reset the class list, add classes in a different order, and try again. */ init_class(); res = pr_class_open(p, "!localhost"); fail_unless(res == 0, "Failed to open class: %s", strerror(errno)); acl = pr_netacl_create(p, "!127.0.0.1"); fail_unless(acl != NULL, "Failed to create ACL: %s", strerror(errno)); res = pr_class_add_acl(acl); fail_unless(res == 0, "Failed to add ACL to class: %s", strerror(errno)); res = pr_class_close(); fail_unless(res == 0, "Failed to close class: %s", strerror(errno)); res = pr_class_open(p, "localhost"); fail_unless(res == 0, "Failed to open class: %s", strerror(errno)); acl = pr_netacl_create(p, "127.0.0.1"); fail_unless(acl != NULL, "Failed to create ACL: %s", strerror(errno)); res = pr_class_add_acl(acl); fail_unless(res == 0, "Failed to add ACL to class: %s", strerror(errno)); res = pr_class_close(); fail_unless(res == 0, "Failed to close class: %s", strerror(errno)); class = pr_class_match_addr(addr); fail_unless(class != NULL, "Failed to match class for addr: %s", strerror(errno)); fail_unless(strcmp(class->cls_name, "localhost") == 0, "Expected '%s', got '%s'", "localhost", class->cls_name); /* Reset the class list, and see what happens when we try to match * the addr against an impossible set of rules. */ init_class(); res = pr_class_open(p, "impossible"); fail_unless(res == 0, "Failed to open class: %s", strerror(errno)); acl = pr_netacl_create(p, "!127.0.0.1"); fail_unless(acl != NULL, "Failed to create ACL: %s", strerror(errno)); res = pr_class_add_acl(acl); fail_unless(res == 0, "Failed to add ACL to class: %s", strerror(errno)); acl = pr_netacl_create(p, "127.0.0.1"); fail_unless(acl != NULL, "Failed to create ACL: %s", strerror(errno)); res = pr_class_add_acl(acl); fail_unless(res == 0, "Failed to add ACL to class: %s", strerror(errno)); res = pr_class_set_satisfy(PR_CLASS_SATISFY_ALL); fail_unless(res == 0, "Failed to set satisfy value: %s", strerror(errno)); res = pr_class_close(); fail_unless(res == 0, "Failed to close class: %s", strerror(errno)); class = pr_class_match_addr(addr); fail_unless(class == NULL, "Unexpectedly matched class for addr"); fail_unless(errno == ENOENT, "Failed to set errno to ENOENT"); /* Reset the class list, add two classes with identical rules, and * verify that the first matching class wins. */ init_class(); res = pr_class_open(p, "first"); fail_unless(res == 0, "Failed to open class: %s", strerror(errno)); acl = pr_netacl_create(p, "127.0.0.1"); fail_unless(acl != NULL, "Failed to create ACL: %s", strerror(errno)); res = pr_class_add_acl(acl); fail_unless(res == 0, "Failed to add ACL to class: %s", strerror(errno)); res = pr_class_close(); fail_unless(res == 0, "Failed to close class: %s", strerror(errno)); res = pr_class_open(p, "second"); fail_unless(res == 0, "Failed to open class: %s", strerror(errno)); acl = pr_netacl_create(p, "127.0.0.1"); fail_unless(acl != NULL, "Failed to create ACL: %s", strerror(errno)); res = pr_class_add_acl(acl); fail_unless(res == 0, "Failed to add ACL to class: %s", strerror(errno)); res = pr_class_close(); fail_unless(res == 0, "Failed to close class: %s", strerror(errno)); class = pr_class_match_addr(addr); fail_unless(class != NULL, "Failed to match class for addr: %s", strerror(errno)); fail_unless(strcmp(class->cls_name, "first") == 0, "Expected '%s', got '%s'", "first", class->cls_name); init_class(); res = pr_class_open(p, "second"); fail_unless(res == 0, "Failed to open class: %s", strerror(errno)); acl = pr_netacl_create(p, "127.0.0.1"); fail_unless(acl != NULL, "Failed to create ACL: %s", strerror(errno)); res = pr_class_add_acl(acl); fail_unless(res == 0, "Failed to add ACL to class: %s", strerror(errno)); res = pr_class_close(); fail_unless(res == 0, "Failed to close class: %s", strerror(errno)); res = pr_class_open(p, "first"); fail_unless(res == 0, "Failed to open class: %s", strerror(errno)); acl = pr_netacl_create(p, "127.0.0.1"); fail_unless(acl != NULL, "Failed to create ACL: %s", strerror(errno)); res = pr_class_add_acl(acl); fail_unless(res == 0, "Failed to add ACL to class: %s", strerror(errno)); res = pr_class_close(); fail_unless(res == 0, "Failed to close class: %s", strerror(errno)); class = pr_class_match_addr(addr); fail_unless(class != NULL, "Failed to match class for addr: %s", strerror(errno)); fail_unless(strcmp(class->cls_name, "second") == 0, "Expected '%s', got '%s'", "second", class->cls_name); init_class(); res = pr_class_open(p, "match"); fail_unless(res == 0, "Failed to open class: %s", strerror(errno)); acl = pr_netacl_create(p, "127.0.0.1"); fail_unless(acl != NULL, "Failed to create ACL: %s", strerror(errno)); res = pr_class_add_acl(acl); fail_unless(res == 0, "Failed to add ACL to class: %s", strerror(errno)); res = pr_class_set_satisfy(PR_CLASS_SATISFY_ALL); fail_unless(res == 0, "Failed to set satisfy value: %s", strerror(errno)); res = pr_class_close(); fail_unless(res == 0, "Failed to close class: %s", strerror(errno)); class = pr_class_match_addr(addr); fail_unless(class != NULL, "Failed to match class for addr: %s", strerror(errno)); fail_unless(strcmp(class->cls_name, "match") == 0, "Expected '%s', got '%s'", "match", class->cls_name); }