/*****************************************************************************
* acl.c:
*****************************************************************************
- * Copyright (C) 2005 Rémi Denis-Courmont
+ * Copyright © 2005-2007 Rémi Denis-Courmont
* $Id$
*
* Authors: Rémi Denis-Courmont <rem # videolan.org>
/*****************************************************************************
* Preamble
*****************************************************************************/
-#include <stdlib.h>
-#include <string.h>
-#include <ctype.h>
-#include <vlc/vlc.h>
+#ifdef HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include <vlc_common.h>
-#include "vlc_acl.h"
+#include <ctype.h>
+#include <vlc_acl.h>
#include <errno.h>
-#include "network.h"
-#include "charset.h"
+#include <vlc_network.h>
+#include <vlc_charset.h>
/* FIXME: rwlock on acl, but libvlc doesn't implement rwlock */
typedef struct vlc_acl_entry_t
uint8_t host[17];
uint8_t i_bytes_match;
uint8_t i_bits_mask;
- vlc_bool_t b_allow;
+ bool b_allow;
} vlc_acl_entry_t;
struct vlc_acl_t
vlc_object_t *p_owner;
unsigned i_size;
vlc_acl_entry_t *p_entries;
- vlc_bool_t b_allow_default;
+ bool b_allow_default;
};
static int ACL_Resolve( vlc_object_t *p_this, uint8_t *p_bytes,
}
-/*
- * Returns 0 if allowed, 1 if not, -1 on error.
+/**
+ * Check if a given address passes an access control list.
+ *
+ * @param p_acl pre-existing ACL to match the address against
+ * @param psz_ip numeric IPv4/IPv6 address
+ *
+ * @return 0 if the first matching ACL entry is an access grant,
+ * 1 if the first matching ACL entry is a denial of access,
+ * -1 on error.
*/
int ACL_Check( vlc_acl_t *p_acl, const char *psz_ip )
{
return !p_acl->b_allow_default;
}
+/**
+ * Adds an item to an ACL.
+ * Items are always matched in the same order as they are added.
+ */
int ACL_AddNet( vlc_acl_t *p_acl, const char *psz_ip, int i_len,
- vlc_bool_t b_allow )
+ bool b_allow )
{
vlc_acl_entry_t *p_ent;
unsigned i_size;
if( i_len > 128 )
i_len = 128;
- else
- if( i_len < 0 )
- i_len = 0;
}
else
i_len = 128; /* ACL_AddHost */
}
-vlc_acl_t *__ACL_Create( vlc_object_t *p_this, vlc_bool_t b_allow )
+/**
+ * Creates an empty ACL.
+ *
+ * @param b_allow whether to grant (true) or deny (false) access
+ * by default (ie if none of the ACL entries matched).
+ *
+ * @return an ACL object. NULL in case of error.
+ */
+vlc_acl_t *__ACL_Create( vlc_object_t *p_this, bool b_allow )
{
vlc_acl_t *p_acl;
if( p_acl == NULL )
return NULL;
- vlc_object_yield( p_this );
+ vlc_object_hold( p_this );
p_acl->p_owner = p_this;
p_acl->i_size = 0;
p_acl->p_entries = NULL;
}
+/**
+ * Perform a deep copy of an existing ACL.
+ *
+ * @param p_this object to attach the copy to.
+ * @param p_acl ACL object to be copied.
+ *
+ * @return a new ACL object, or NULL on error.
+ */
vlc_acl_t *__ACL_Duplicate( vlc_object_t *p_this, const vlc_acl_t *p_acl )
{
vlc_acl_t *p_dupacl;
else
p_dupacl->p_entries = NULL;
- vlc_object_yield( p_this );
+ vlc_object_hold( p_this );
p_dupacl->p_owner = p_this;
p_dupacl->i_size = p_acl->i_size;
p_dupacl->b_allow_default = p_acl->b_allow_default;
}
+/**
+ * Releases all resources associated with an ACL object.
+ */
void ACL_Destroy( vlc_acl_t *p_acl )
{
if( p_acl != NULL )
{
- if( p_acl->p_entries != NULL )
- free( p_acl->p_entries );
-
+ free( p_acl->p_entries );
vlc_object_release( p_acl->p_owner );
free( p_acl );
}
}
-#ifndef isblank
-# define isblank(c) ((c) == ' ' || (c) == '\t')
-#endif
+/**
+ * Reads ACL entries from a file.
+ *
+ * @param p_acl ACL object in which to insert parsed entries.
+ * @param psz_patch filename from which to parse entries.
+ *
+ * @return 0 on success, -1 on error.
+ */
int ACL_LoadFile( vlc_acl_t *p_acl, const char *psz_path )
{
FILE *file;
{
if( ferror( file ) )
{
- msg_Err( p_acl->p_owner, "error reading %s : %s\n", psz_path,
- strerror( errno ) );
+ msg_Err( p_acl->p_owner, "error reading %s : %m", psz_path );
goto error;
}
continue;
continue;
ptr = strchr( psz_ip, '\n' );
- if( ptr == NULL )
+ if( ptr == NULL && !feof(file) )
{
- msg_Warn( p_acl->p_owner, "skipping overly long line in %s\n",
+ msg_Warn( p_acl->p_owner, "skipping overly long line in %s",
psz_path);
do
{
- fgets( line, sizeof( line ), file );
- if( ferror( file ) || feof( file ) )
+ if( fgets( line, sizeof( line ), file ) == NULL )
{
- msg_Err( p_acl->p_owner, "error reading %s : %s\n",
- psz_path, strerror( errno ) );
- goto error;
+ if( ferror( file ) )
+ {
+ msg_Err( p_acl->p_owner, "error reading %s : %m",
+ psz_path );
+ }
+ goto error;
}
}
while( strchr( line, '\n' ) == NULL);
continue; /* skip unusable line */
}
- /* skips comment-only line */
- if( *psz_ip == '#' )
- continue;
-
- /* looks for first space, CR, LF, etc. or end-of-line comment */
- /* (there is at least a linefeed) */
- for( ptr = psz_ip; ( *ptr != '#' ) && !isspace( *ptr ); ptr++ );
+ /* look for first space, CR, LF, etc. or comment character */
+ for( ptr = psz_ip; ( *ptr!='#' ) && !isspace( *ptr ) && *ptr; ++ptr );
*ptr = '\0';
+ /* skip lines without usable information */
+ if( ptr == psz_ip )
+ continue;
+
msg_Dbg( p_acl->p_owner, "restricted to %s", psz_ip );
ptr = strchr( psz_ip, '/' );
*ptr++ = '\0'; /* separate address from mask length */
if( (ptr != NULL)
- ? ACL_AddNet( p_acl, psz_ip, atoi( ptr ), VLC_TRUE )
- : ACL_AddHost( p_acl, psz_ip, VLC_TRUE ) )
+ ? ACL_AddNet( p_acl, psz_ip, atoi( ptr ), true )
+ : ACL_AddHost( p_acl, psz_ip, true ) )
{
msg_Err( p_acl->p_owner, "cannot add ACL from %s", psz_path );
- goto error;
+ continue;
}
}
projects / vlc / blobdiff