X-Git-Url: http://git.tuebingen.mpg.de/?p=paraslash.git;a=blobdiff_plain;f=http_send.c;h=9a55ba0ecb1f540d93d12442e693cf642f8aa5c0;hp=ce2fd09c45ac71215dda23370b73faaf75fb8dc6;hb=1bb45ec1b6bccf422e055e66ab458468a03b4419;hpb=08d6590e06651c856015f785d89b43044081a224

diff --git a/http_send.c b/http_send.c
index ce2fd09c..9a55ba0e 100644
--- a/http_send.c
+++ b/http_send.c
@@ -98,7 +98,7 @@ static void http_send(long unsigned current_chunk,
 
 static void http_post_select(fd_set *rfds, __a_unused fd_set *wfds)
 {
-	int ret, match;
+	int ret, fd;
 	struct sender_client *sc, *tmp;
 	struct private_http_sender_data *phsd;
 
@@ -138,38 +138,35 @@ static void http_post_select(fd_set *rfds, __a_unused fd_set *wfds)
 		PARA_ERROR_LOG("%s\n", para_strerror(-ret));
 		return;
 	}
-	sc = para_calloc(sizeof(*sc));
-	sc->fd = ret;
-	sc->name = make_message("%s", remote_name(sc->fd));
-	PARA_NOTICE_LOG("connection from %s (fd %d)\n", sc->name, sc->fd);
+	fd = ret;
 	ret = -E_MAX_CLIENTS;
 	if (conf.http_max_clients_arg > 0 && numclients >=
 			conf.http_max_clients_arg) {
 		goto err_out;
 	}
-	match = acl_lookup(sc->fd, &http_acl);
-	PARA_DEBUG_LOG("acl lookup returned %d\n", match);
-	ret = -E_ACL_PERM;
-	if ((match && !conf.http_default_deny_given) ||
-			(!match && conf.http_default_deny_given))
+	ret = mark_fd_nonblocking(fd);
+	if (ret < 0)
 		goto err_out;
-	ret = mark_fd_nonblocking(sc->fd);
+	ret = acl_check_access(fd, &http_acl, conf.http_default_deny_given);
 	if (ret < 0)
 		goto err_out;
+	numclients++;
+	sc = para_calloc(sizeof(*sc));
+	sc->fd = fd;
+	sc->name = make_message("%s", remote_name(fd));
+	PARA_NOTICE_LOG("connection from %s (fd %d)\n", sc->name, fd);
 	phsd = para_malloc(sizeof(*phsd));
 	sc->private_data = phsd;
 	phsd->status = HTTP_CONNECTED;
 	sc->cq = cq_new(MAX_BACKLOG);
-	numclients++;
 	PARA_INFO_LOG("accepted client #%d: %s (fd %d)\n", numclients,
-		sc->name, sc->fd);
+		sc->name, fd);
 	para_list_add(&sc->node, &clients);
-	add_close_on_fork_list(sc->fd);
+	add_close_on_fork_list(fd);
 	return;
 err_out:
 	PARA_WARNING_LOG("%s\n", para_strerror(-ret));
-	close(sc->fd);
-	free(sc);
+	close(fd);
 }
 
 static void http_pre_select(int *max_fileno, fd_set *rfds, __a_unused fd_set *wfds)
@@ -207,19 +204,15 @@ static int http_com_off(__a_unused struct sender_command_data *scd)
 
 static int http_com_deny(struct sender_command_data *scd)
 {
-	if (conf.http_default_deny_given)
-		acl_del_entry(&http_acl, scd->addr, scd->netmask);
-	else
-		acl_add_entry(&http_acl, scd->addr, scd->netmask);
+	acl_deny(scd->addr, scd->netmask, &http_acl,
+		conf.http_default_deny_given);
 	return 1;
 }
 
 static int http_com_allow(struct sender_command_data *scd)
 {
-	if (conf.http_default_deny_given)
-		acl_add_entry(&http_acl, scd->addr, scd->netmask);
-	else
-		acl_del_entry(&http_acl, scd->addr, scd->netmask);
+	acl_allow(scd->addr, scd->netmask, &http_acl,
+		conf.http_default_deny_given);
 	return 1;
 }