Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/netbsd-7]: src/external/bsd/blacklist Pull up following revision(s) (req...
details: https://anonhg.NetBSD.org/src/rev/8cdc3f098937
branches: netbsd-7
changeset: 799548:8cdc3f098937
user: snj <snj%NetBSD.org@localhost>
date: Fri Aug 07 04:10:23 2015 +0000
description:
Pull up following revision(s) (requested by christos in ticket #922):
external/bsd/blacklist/bin/blacklistctl.c: revision 1.18
external/bsd/blacklist/bin/blacklistd.c: revision 1.33
external/bsd/blacklist/bin/run.c: revision 1.13
external/bsd/blacklist/bin/conf.c: revisions 1.21-1.23
external/bsd/blacklist/bin/state.c: revisions 1.16, 1.17
external/bsd/blacklist/bin/support.c: revision 1.7
external/bsd/blacklist/bin/support.h: revision 1.6
external/bsd/blacklist/etc/blacklistd.conf: revisions 1.5, 1.6
external/bsd/blacklist/libexec/blacklistd-helper: revision 1.5
print the key in human readable form when debugging.
--
Add more debugging, simplify.
Use symbolic constants: -2=FEQUALS, -1=FSTAR
--
make proto and port optional
--
restore address length before printing.
--
dissallow interface spec in remote config (since we check against the remote
address, it does not make sense).
--
remove interface example from remote config.
--
simplify, comment out testing entries
--
Restart the loop each time we delete an entry because the hash code does
not handle it well. Is that a db bug?
diffstat:
external/bsd/blacklist/bin/blacklistctl.c | 9 +-
external/bsd/blacklist/bin/blacklistd.c | 6 +-
external/bsd/blacklist/bin/conf.c | 131 +++++++++++-----------
external/bsd/blacklist/bin/run.c | 13 +-
external/bsd/blacklist/bin/state.c | 21 +--
external/bsd/blacklist/bin/support.c | 28 ++++-
external/bsd/blacklist/bin/support.h | 3 +-
external/bsd/blacklist/etc/blacklistd.conf | 20 +--
external/bsd/blacklist/libexec/blacklistd-helper | 8 +-
9 files changed, 134 insertions(+), 105 deletions(-)
diffs (truncated from 615 to 300 lines):
diff -r c1cec8bfe949 -r 8cdc3f098937 external/bsd/blacklist/bin/blacklistctl.c
--- a/external/bsd/blacklist/bin/blacklistctl.c Thu Aug 06 22:03:14 2015 +0000
+++ b/external/bsd/blacklist/bin/blacklistctl.c Fri Aug 07 04:10:23 2015 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: blacklistctl.c,v 1.17.2.2 2015/04/30 06:07:33 riz Exp $ */
+/* $NetBSD: blacklistctl.c,v 1.17.2.3 2015/08/07 04:10:23 snj Exp $ */
/*-
* Copyright (c) 2015 The NetBSD Foundation, Inc.
@@ -33,7 +33,7 @@
#endif
#include <sys/cdefs.h>
-__RCSID("$NetBSD: blacklistctl.c,v 1.17.2.2 2015/04/30 06:07:33 riz Exp $");
+__RCSID("$NetBSD: blacklistctl.c,v 1.17.2.3 2015/08/07 04:10:23 snj Exp $");
#include <stdio.h>
#include <time.h>
@@ -85,7 +85,7 @@
argc--;
argv++;
- while ((o = getopt(argc, argv, "abdrw")) != -1)
+ while ((o = getopt(argc, argv, "abD:drw")) != -1)
switch (o) {
case 'a':
all = 1;
@@ -93,6 +93,9 @@
break;
case 'b':
blocked = 1;
+ case 'D':
+ dbname = optarg;
+ break;
break;
case 'd':
debug++;
diff -r c1cec8bfe949 -r 8cdc3f098937 external/bsd/blacklist/bin/blacklistd.c
--- a/external/bsd/blacklist/bin/blacklistd.c Thu Aug 06 22:03:14 2015 +0000
+++ b/external/bsd/blacklist/bin/blacklistd.c Fri Aug 07 04:10:23 2015 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: blacklistd.c,v 1.32.2.2 2015/04/30 06:07:33 riz Exp $ */
+/* $NetBSD: blacklistd.c,v 1.32.2.3 2015/08/07 04:10:23 snj Exp $ */
/*-
* Copyright (c) 2015 The NetBSD Foundation, Inc.
@@ -32,7 +32,7 @@
#include "config.h"
#endif
#include <sys/cdefs.h>
-__RCSID("$NetBSD: blacklistd.c,v 1.32.2.2 2015/04/30 06:07:33 riz Exp $");
+__RCSID("$NetBSD: blacklistd.c,v 1.32.2.3 2015/08/07 04:10:23 snj Exp $");
#include <sys/types.h>
#include <sys/socket.h>
@@ -284,6 +284,7 @@
return;
}
+again:
for (n = 0, f = 1; state_iterate(state, &c, &dbi, f) == 1;
f = 0, n++)
{
@@ -305,6 +306,7 @@
buf, c.c_lmask, c.c_port, c.c_duration);
}
state_del(state, &c);
+ goto again;
}
}
diff -r c1cec8bfe949 -r 8cdc3f098937 external/bsd/blacklist/bin/conf.c
--- a/external/bsd/blacklist/bin/conf.c Thu Aug 06 22:03:14 2015 +0000
+++ b/external/bsd/blacklist/bin/conf.c Fri Aug 07 04:10:23 2015 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: conf.c,v 1.18.2.3 2015/06/02 20:32:44 snj Exp $ */
+/* $NetBSD: conf.c,v 1.18.2.4 2015/08/07 04:10:23 snj Exp $ */
/*-
* Copyright (c) 2015 The NetBSD Foundation, Inc.
@@ -33,7 +33,7 @@
#endif
#include <sys/cdefs.h>
-__RCSID("$NetBSD: conf.c,v 1.18.2.3 2015/06/02 20:32:44 snj Exp $");
+__RCSID("$NetBSD: conf.c,v 1.18.2.4 2015/08/07 04:10:23 snj Exp $");
#include <stdio.h>
#include <string.h>
@@ -56,6 +56,7 @@
#include "bl.h"
#include "internal.h"
+#include "support.h"
#include "conf.h"
@@ -71,6 +72,9 @@
static int conf_is_interface(const char *);
+#define FSTAR -1
+#define FEQUAL -2
+
static void
advance(char **p)
{
@@ -91,13 +95,13 @@
int *r = rp;
if (strcmp(p, "*") == 0) {
- *r = -1;
+ *r = FSTAR;
return 0;
}
if (strcmp(p, "=") == 0) {
if (local)
goto out;
- *r = -2;
+ *r = FEQUAL;
return 0;
}
@@ -134,13 +138,13 @@
tot = 0;
if (strcmp(p, "*") == 0) {
- c->c_duration = -1;
+ c->c_duration = FSTAR;
return 0;
}
if (strcmp(p, "=") == 0) {
if (local)
goto out;
- c->c_duration = -2;
+ c->c_duration = FEQUAL;
return 0;
}
again:
@@ -204,39 +208,22 @@
}
static int
-getmask(const char *f, size_t l, bool local __unused, const char **p, int def)
+getmask(const char *f, size_t l, bool local, const char **p, int *mask)
{
char *d;
- int e;
- intmax_t im;
const char *s = *p;
if ((d = strchr(s, ':')) != NULL) {
*d++ = '\0';
*p = d;
}
- if ((d = strchr(s, '/')) == NULL)
- return def;
+ if ((d = strchr(s, '/')) == NULL) {
+ *mask = FSTAR;
+ return 0;
+ }
*d++ = '\0';
- if (strcmp(d, "=") == 0) {
- if (local)
- goto out;
- return -2;
- }
- if (strcmp(d, "*") == 0)
- return def;
-
- im = strtoi(d, NULL, 0, 0, def, &e);
- if (e == 0)
- return (int)im;
-
- (*lfun)(LOG_ERR, "%s: %s, %zu: Bad mask [%s]", __func__, f, l, d);
- return -1;
-out:
- (*lfun)(LOG_ERR, "%s: %s, %zu: `=' name not allowed in local"
- " config", __func__, f, l);
- return -1;
+ return getnum(f, l, local, mask, "mask", d);
}
static int
@@ -247,8 +234,8 @@
const char *pstr;
if (strcmp(p, "*") == 0) {
- c->c_port = -1;
- c->c_lmask = -1;
+ c->c_port = FSTAR;
+ c->c_lmask = FSTAR;
return 0;
}
@@ -259,12 +246,9 @@
} else
pstr = p;
- if ((c->c_lmask = getmask(f, l, local, &pstr, 256)) == -1)
+ if (getmask(f, l, local, &pstr, &c->c_lmask) == -1)
goto out;
- if (c->c_lmask == 256)
- c->c_lmask = -1;
-
if (d) {
struct sockaddr_in6 *sin6 = (void *)&c->c_ss;
if (debug)
@@ -287,10 +271,12 @@
(*lfun)(LOG_DEBUG, "%s: host4 %s", __func__, p);
if (strcmp(p, "*") != 0) {
if (conf_is_interface(p)) {
+ if (!local)
+ goto out2;
if (debug)
(*lfun)(LOG_DEBUG, "%s: interface %s",
__func__, p);
- if (c->c_lmask != -1)
+ if (c->c_lmask != FSTAR)
goto out1;
sif->sif_family = AF_MAX;
strlcpy(sif->sif_name, p,
@@ -311,12 +297,10 @@
}
}
- if (strcmp(pstr, "*") == 0)
- c->c_port = -1;
- else if (getport(f, l, local, &c->c_port, pstr) == -1)
+ if (getport(f, l, local, &c->c_port, pstr) == -1)
return -1;
- if (port && c->c_port != -1)
+ if (port && c->c_port != FSTAR && c->c_port != FEQUAL)
*port = htons((in_port_t)c->c_port);
return 0;
out:
@@ -326,6 +310,10 @@
(*lfun)(LOG_ERR, "%s: %s, %zu: Can't specify mask %d with "
"interface [%s]", __func__, f, l, c->c_lmask, p);
return -1;
+out2:
+ (*lfun)(LOG_ERR, "%s: %s, %zu: Interface spec does not make sense "
+ "with remote config [%s]", __func__, f, l, p);
+ return -1;
}
static int
@@ -373,10 +361,8 @@
getname(const char *f, size_t l, bool local, struct conf *c,
const char *p)
{
- if ((c->c_rmask = getmask(f, l, local, &p, 256)) == -1)
+ if (getmask(f, l, local, &p, &c->c_rmask) == -1)
return -1;
- if (c->c_rmask == 256)
- c->c_rmask = local ? -1 : -2;
if (strcmp(p, "*") == 0) {
strlcpy(c->c_name, rulename, CONFNAMESZ);
@@ -475,12 +461,15 @@
const uint32_t *a1 = v1;
const uint32_t *a2 = v2;
uint32_t m;
+ int omask = mask;
len >>= 2;
switch (mask) {
- case -1:
- return memcmp(v1, v2, len) == 0;
- case -2:
+ case FSTAR:
+ if (memcmp(v1, v2, len) == 0)
+ return 1;
+ goto out;
+ case FEQUAL:
(*lfun)(LOG_CRIT, "%s: Internal error: bad mask %d", __func__,
mask);
@@ -499,9 +488,19 @@
} else
return 1;
if ((a1[i] & m) != (a2[i] & m))
- return 0;
+ goto out;
}
return 1;
+out:
+ if (debug > 1) {
+ char b1[256], b2[256];
+ len <<= 2;
+ hexdump(b1, sizeof(b1), "a1", v1, len);
+ hexdump(b2, sizeof(b2), "a2", v2, len);
+ (*lfun)(LOG_DEBUG, "%s: %s != %s [0x%x]", __func__,
+ b1, b2, omask);
+ }
+ return 0;
}
Home |
Main Index |
Thread Index |
Old Index