projects / paraslash.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Rename acl functions.
[paraslash.git] / acl.c
1 /*
2 * Copyright (C) 2005-2008 Andre Noll <maan@systemlinux.org>
3 *
4 * Licensed under the GPL v2. For licencing details see COPYING.
5 */
6
7 /** \file acl.c Access control lists for paraslash senders. */
8
9 #include "para.h"
10 #include "error.h"
11 #include "string.h"
12 #include "list.h"
13 #include "net.h"
14
15 /**
16 * Describes one entry in the blacklist/whitelist of a paraslash sender.
17 */
18 struct access_info {
19 /** The address to be black/whitelisted. */
20 struct in_addr addr;
21 /** The netmask for this entry. */
22 unsigned netmask;
23 /** The position of this entry in the acl. */
24 struct list_head node;
25 };
26
27
28 /**
29 * Return true if addr_1 matches addr_2 in the first `netmask' bits.
30 */
31 static int v4_addr_match(uint32_t addr_1, uint32_t addr_2, uint8_t netmask)
32 {
33 uint32_t mask = ~0U;
34
35 if (netmask < 32)
36 mask <<= (32 - netmask);
37 return (htonl(addr_1) & mask) == (htonl(addr_2) & mask);
38 }
39
40 int acl_lookup(int fd, struct list_head *acl)
41 {
42 struct access_info *ai, *tmp;
43 struct sockaddr_storage ss;
44 socklen_t sslen = sizeof(ss);
45 struct in_addr v4_addr;
46
47 if (getpeername(fd, (struct sockaddr *)&ss, &sslen) < 0) {
48 PARA_ERROR_LOG("Can not determine peer address: %s\n", strerror(errno));
49 goto no_match;
50 }
51 v4_addr = extract_v4_addr(&ss);
52 if (!v4_addr.s_addr)
53 goto no_match;
54
55 list_for_each_entry_safe(ai, tmp, acl, node)
56 if (v4_addr_match(v4_addr.s_addr, ai->addr.s_addr, ai->netmask))
57 return 1;
58 no_match:
59 return 0;
60 }
61
62 void acl_add_entry(struct list_head *acl, struct in_addr addr,
63 int netmask)
64 {
65 struct access_info *ai = para_malloc(sizeof(struct access_info));
66 ai->addr = addr;
67 ai->netmask = netmask;
68 PARA_INFO_LOG("adding %s/%i to access list\n", inet_ntoa(ai->addr),
69 ai->netmask);
70 para_list_add(&ai->node, acl);
71 }
72
73
74 void acl_del_entry(struct list_head *acl, struct in_addr addr,
75 int netmask)
76 {
77 struct access_info *ai, *tmp;
78
79 list_for_each_entry_safe(ai, tmp, acl, node) {
80 char *nad = para_strdup(inet_ntoa(ai->addr));
81 if (!strcmp(nad, inet_ntoa(addr)) &&
82 ai->netmask == netmask) {
83 PARA_NOTICE_LOG("removing %s/%i from access list\n",
84 nad, ai->netmask);
85 list_del(&ai->node);
86 free(ai);
87 }
88 free(nad);
89 }
90 }
91
92 char *acl_get_contents(struct list_head *acl)
93 {
94 struct access_info *ai, *tmp_ai;
95 char *ret = NULL;
96
97 list_for_each_entry_safe(ai, tmp_ai, acl, node) {
98 char *tmp = make_message("%s%s/%d ", ret? ret : "",
99 inet_ntoa(ai->addr), ai->netmask);
100 free(ret);
101 ret = tmp;
102 }
103 return ret;
104 }
105
106 void acl_init(struct list_head *acl, char * const *acl_info, int num)
107 {
108 int i;
109
110 INIT_LIST_HEAD(acl);
111 for (i = 0; i < num; i++) {
112 char *arg = para_strdup(acl_info[i]);
113 char *p = strchr(arg, '/');
114 struct in_addr addr;
115 int netmask;
116
117 if (!p)
118 goto err;
119 *p = '\0';
120 if (!inet_pton(AF_INET, arg, &addr))
121 goto err;
122 netmask = atoi(++p);
123 if (netmask < 0 || netmask > 32)
124 goto err;
125 acl_add_entry(acl, addr, netmask);
126 goto success;
127 err:
128 PARA_CRIT_LOG("syntax error: %s\n", acl_info[i]);
129 success:
130 free(arg);
131 continue;
132 }
133 }
134
paraslash - network audio streaming tools