/*****************************************************************************
* acl.c:
*****************************************************************************
- * Copyright (C) 2005 Rémi Denis-Courmont
+ * Copyright © 2005-2007 Rémi Denis-Courmont
* $Id$
*
* Authors: Rémi Denis-Courmont <rem # videolan.org>
/*****************************************************************************
* Preamble
*****************************************************************************/
-#include <stdlib.h>
-#include <string.h>
-#include <ctype.h>
-#include <vlc/vlc.h>
+#ifdef HAVE_CONFIG_H
+# include "config.h"
+#endif
-#include "vlc_acl.h"
+#include <vlc_common.h>
+
+#include <ctype.h>
+#include <vlc_acl.h>
#include <errno.h>
-#include "network.h"
+#include <vlc_network.h>
+#include <vlc_charset.h>
/* FIXME: rwlock on acl, but libvlc doesn't implement rwlock */
typedef struct vlc_acl_entry_t
uint8_t host[17];
uint8_t i_bytes_match;
uint8_t i_bits_mask;
- vlc_bool_t b_allow;
+ bool b_allow;
} vlc_acl_entry_t;
struct vlc_acl_t
vlc_object_t *p_owner;
unsigned i_size;
vlc_acl_entry_t *p_entries;
- vlc_bool_t b_allow_default;
+ bool b_allow_default;
};
static int ACL_Resolve( vlc_object_t *p_this, uint8_t *p_bytes,
const char *psz_ip )
{
- struct addrinfo hints = { 0 }, *res;
+ struct addrinfo hints, *res;
int i_family;
+ memset (&hints, 0, sizeof (hints));
hints.ai_socktype = SOCK_STREAM; /* doesn't matter */
hints.ai_flags = AI_NUMERICHOST;
#endif
default:
- msg_Err( p_this, "IMPOSSIBLE: unknown address family!" );
+ msg_Err( p_this, "unknown address family" );
vlc_freeaddrinfo( res );
return -1;
}
}
-/*
- * Returns 0 if allowed, 1 if not, -1 on error.
+/**
+ * Check if a given address passes an access control list.
+ *
+ * @param p_acl pre-existing ACL to match the address against
+ * @param psz_ip numeric IPv4/IPv6 address
+ *
+ * @return 0 if the first matching ACL entry is an access grant,
+ * 1 if the first matching ACL entry is a denial of access,
+ * -1 on error.
*/
int ACL_Check( vlc_acl_t *p_acl, const char *psz_ip )
{
return !p_acl->b_allow_default;
}
+/**
+ * Adds an item to an ACL.
+ * Items are always matched in the same order as they are added.
+ */
int ACL_AddNet( vlc_acl_t *p_acl, const char *psz_ip, int i_len,
- vlc_bool_t b_allow )
+ bool b_allow )
{
vlc_acl_entry_t *p_ent;
unsigned i_size;
if( i_len > 128 )
i_len = 128;
- else
- if( i_len < 0 )
- i_len = 0;
}
else
i_len = 128; /* ACL_AddHost */
}
-vlc_acl_t *__ACL_Create( vlc_object_t *p_this, vlc_bool_t b_allow )
+/**
+ * Creates an empty ACL.
+ *
+ * @param b_allow whether to grant (true) or deny (false) access
+ * by default (ie if none of the ACL entries matched).
+ *
+ * @return an ACL object. NULL in case of error.
+ */
+vlc_acl_t *__ACL_Create( vlc_object_t *p_this, bool b_allow )
{
vlc_acl_t *p_acl;
}
+/**
+ * Perform a deep copy of an existing ACL.
+ *
+ * @param p_this object to attach the copy to.
+ * @param p_acl ACL object to be copied.
+ *
+ * @return a new ACL object, or NULL on error.
+ */
vlc_acl_t *__ACL_Duplicate( vlc_object_t *p_this, const vlc_acl_t *p_acl )
{
vlc_acl_t *p_dupacl;
}
+/**
+ * Releases all resources associated with an ACL object.
+ */
void ACL_Destroy( vlc_acl_t *p_acl )
{
if( p_acl != NULL )
}
}
-#ifndef isblank
-# define isblank(c) ((c) == ' ' || (c) == '\t')
-#endif
+/**
+ * Reads ACL entries from a file.
+ *
+ * @param p_acl ACL object in which to insert parsed entries.
+ * @param psz_patch filename from which to parse entries.
+ *
+ * @return 0 on success, -1 on error.
+ */
int ACL_LoadFile( vlc_acl_t *p_acl, const char *psz_path )
{
FILE *file;
if( p_acl == NULL )
return -1;
- file = fopen( psz_path, "r" );
+ file = utf8_fopen( psz_path, "r" );
if( file == NULL )
return -1;
{
if( ferror( file ) )
{
- msg_Err( p_acl->p_owner, "Error reading %s : %s\n", psz_path,
- strerror( errno ) );
+ msg_Err( p_acl->p_owner, "error reading %s : %m", psz_path );
goto error;
}
continue;
ptr = strchr( psz_ip, '\n' );
if( ptr == NULL )
{
- msg_Warn( p_acl->p_owner, "Skipping overly long line in %s\n",
+ msg_Warn( p_acl->p_owner, "skipping overly long line in %s",
psz_path);
do
{
- fgets( line, sizeof( line ), file );
- if( ferror( file ) || feof( file ) )
+ if( fgets( line, sizeof( line ), file ) == NULL )
{
- msg_Err( p_acl->p_owner, "Error reading %s : %s\n",
- psz_path, strerror( errno ) );
- goto error;
+ if( ferror( file ) )
+ {
+ msg_Err( p_acl->p_owner, "error reading %s : %m",
+ psz_path );
+ }
+ goto error;
}
}
while( strchr( line, '\n' ) == NULL);
*ptr++ = '\0'; /* separate address from mask length */
if( (ptr != NULL)
- ? ACL_AddNet( p_acl, psz_ip, atoi( ptr ), VLC_TRUE )
- : ACL_AddHost( p_acl, psz_ip, VLC_TRUE ) )
+ ? ACL_AddNet( p_acl, psz_ip, atoi( ptr ), true )
+ : ACL_AddHost( p_acl, psz_ip, true ) )
{
msg_Err( p_acl->p_owner, "cannot add ACL from %s", psz_path );
goto error;