return (htonl(addr_1) & mask) == (htonl(addr_2) & mask);
}
-static int host_in_access_perm_list(struct http_client *hc)
+static int host_in_acl(int fd, struct list_head *acl)
{
struct access_info *ai, *tmp;
struct sockaddr_storage ss;
socklen_t sslen = sizeof(ss);
struct in_addr v4_addr;
- if (getpeername(hc->fd, (struct sockaddr *)&ss, &sslen) < 0) {
+ if (getpeername(fd, (struct sockaddr *)&ss, &sslen) < 0) {
PARA_ERROR_LOG("Can not determine peer address: %s\n", strerror(errno));
goto no_match;
}
if (!v4_addr.s_addr)
goto no_match;
- list_for_each_entry_safe(ai, tmp, &http_acl, node)
+ list_for_each_entry_safe(ai, tmp, acl, node)
if (v4_addr_match(v4_addr.s_addr, ai->addr.s_addr, ai->netmask))
return 1;
no_match:
err_msg = "server full";
goto err_out;
}
- match = host_in_access_perm_list(hc);
- PARA_DEBUG_LOG("host_in_access_perm_list: %d\n", match);
+ match = host_in_acl(hc->fd, &http_acl);
+ PARA_DEBUG_LOG("host_in_acl: %d\n", match);
if ((match && !conf.http_default_deny_given) ||
(!match && conf.http_default_deny_given)) {
err_msg = "permission denied";
return 1;
}
-static char *http_info(void)
+static char *get_acl_contents(struct list_head *acl)
{
- char *clnts = NULL, *ap = NULL, *ret;
struct access_info *ai, *tmp_ai;
- struct http_client *hc, *tmp_hc;
+ char *ret = NULL;
- list_for_each_entry_safe(ai, tmp_ai, &http_acl, node) {
- char *tmp = make_message("%s%s/%d ", ap? ap : "",
+ list_for_each_entry_safe(ai, tmp_ai, acl, node) {
+ char *tmp = make_message("%s%s/%d ", ret? ret : "",
inet_ntoa(ai->addr), ai->netmask);
- free(ap);
- ap = tmp;
+ free(ret);
+ ret = tmp;
}
+ return ret;
+}
+
+static char *http_info(void)
+{
+ char *clnts = NULL, *ret;
+ struct http_client *hc, *tmp_hc;
+
+ char *acl_contents = get_acl_contents(&http_acl);
list_for_each_entry_safe(hc, tmp_hc, &clients, node) {
char *tmp = make_message("%s%s ", clnts? clnts : "", hc->name);
free(clnts);
conf.http_max_clients_arg > 0? "" : " (unlimited)",
clnts? clnts : "(none)",
conf.http_default_deny_given? "allow" : "deny",
- ap? ap : "(none)"
+ acl_contents? acl_contents : "(none)"
);
- free(ap);
+ free(acl_contents);
free(clnts);
return ret;
}
-static void init_access_control_list(void)
+static void init_acl(struct list_head *acl, char * const *acl_info, int num)
{
int i;
struct sender_command_data scd;
- INIT_LIST_HEAD(&http_acl);
- for (i = 0; i < conf.http_access_given; i++) {
- char *arg = para_strdup(conf.http_access_arg[i]);
+ INIT_LIST_HEAD(acl);
+ for (i = 0; i < num; i++) {
+ char *arg = para_strdup(acl_info[i]);
char *p = strchr(arg, '/');
if (!p)
goto err;
s->client_cmds[SENDER_ADD] = NULL;
s->client_cmds[SENDER_DELETE] = NULL;
self = s;
- init_access_control_list();
+ init_acl(&http_acl, conf.http_access_arg, conf.http_access_given);
if (!conf.http_no_autostart_given)
open_tcp_port(conf.http_port_arg); /* ignore errors */
PARA_DEBUG_LOG("%s", "http sender init complete\n");
projects / paraslash.git / blobdiff