92 		dns_ssurule_t *rule = ISC_LIST_HEAD(table->rules);
93 		if (rule->identity != NULL) {
94 			dns_name_free(rule->identity, mctx);
95 			isc_mem_put(mctx, rule->identity, sizeof(dns_name_t));
97 		if (rule->name != NULL) {
98 			dns_name_free(rule->name, mctx);
99 			isc_mem_put(mctx, rule->name, sizeof(dns_name_t));
101 		if (rule->types != NULL)
102 			isc_mem_put(mctx, rule->types,
103 				    rule->ntypes * sizeof(dns_rdatatype_t));
104 		ISC_LIST_UNLINK(table->rules, rule, link);
105 		rule->magic = 0;
106 		isc_mem_put(mctx, rule, sizeof(dns_ssurule_t));
157 	dns_ssurule_t *rule;
171 	rule = isc_mem_get(mctx, sizeof(dns_ssurule_t));
172 	if (rule == NULL)
175 	rule->identity = NULL;
176 	rule->name = NULL;
177 	rule->types = NULL;
179 	rule->grant = grant;
181 	rule->identity = isc_mem_get(mctx, sizeof(dns_name_t));
182 	if (rule->identity == NULL) {
186 	dns_name_init(rule->identity, NULL);
187 	result = dns_name_dup(identity, mctx, rule->identity);
191 	rule->name = isc_mem_get(mctx, sizeof(dns_name_t));
192 	if (rule->name == NULL) {
196 	dns_name_init(rule->name, NULL);
197 	result = dns_name_dup(name, mctx, rule->name);
201 	rule->matchtype = matchtype;
203 	rule->ntypes = ntypes;
205 		rule->types = isc_mem_get(mctx,
207 		if (rule->types == NULL) {
211 		memmove(rule->types, types, ntypes * sizeof(dns_rdatatype_t));
213 		rule->types = NULL;
215 	rule->magic = SSURULEMAGIC;
216 	ISC_LIST_INITANDAPPEND(table->rules, rule, link);
221 	if (rule->identity != NULL) {
222 		if (dns_name_dynamic(rule->identity))
223 			dns_name_free(rule->identity, mctx);
224 		isc_mem_put(mctx, rule->identity, sizeof(dns_name_t));
226 	if (rule->name != NULL) {
227 		if (dns_name_dynamic(rule->name))
228 			dns_name_free(rule->name, mctx);
229 		isc_mem_put(mctx, rule->name, sizeof(dns_name_t));
231 	if (rule->types != NULL)
232 		isc_mem_put(mctx, rule->types,
234 	isc_mem_put(mctx, rule, sizeof(dns_ssurule_t));
357 	dns_ssurule_t *rule;
374 	for (rule = ISC_LIST_HEAD(table->rules);
375 	     rule != NULL;
376 	     rule = ISC_LIST_NEXT(rule, link))
378 		switch (rule->matchtype) {
388 			if (dns_name_iswildcard(rule->identity)) {
390 							      rule->identity))
393 				if (!dns_name_equal(signer, rule->identity))
411 		switch (rule->matchtype) {
413 			if (!dns_name_equal(name, rule->name))
417 			if (!dns_name_issubdomain(name, rule->name))
424 			if (!dns_name_issubdomain(name, rule->name)) {
444 			if (!dns_name_matcheswildcard(name, rule->name))
467 							       rule->identity))
472 							       rule->identity))
476 			if (!dns_name_issubdomain(name, rule->name))
479 							       rule->identity))
483 			if (!dns_name_issubdomain(name, rule->name))
486 							       rule->identity))
493 			if (dns_name_iswildcard(rule->identity)) {
495 							      rule->identity))
498 				if (!dns_name_equal(tcpself, rule->identity))
508 			if (dns_name_iswildcard(rule->identity)) {
510 							      rule->identity))
513 				if (!dns_name_equal(stfself, rule->identity))
520 			if (!dns_ssu_external_match(rule->identity, signer,
532 		if (rule->ntypes == 0) {
534 			 * If this is a DLZ rule, then the DLZ ssu
538 			if (rule->matchtype != DNS_SSUMATCHTYPE_DLZ &&
542 			for (i = 0; i < rule->ntypes; i++) {
543 				if (rule->types[i] == dns_rdatatype_any ||
544 				    rule->types[i] == type)
547 			if (i == rule->ntypes)
550 		return (rule->grant);
557 dns_ssurule_isgrant(const dns_ssurule_t *rule) {
558 	REQUIRE(VALID_SSURULE(rule));
559 	return (rule->grant);
563 dns_ssurule_identity(const dns_ssurule_t *rule) {
564 	REQUIRE(VALID_SSURULE(rule));
565 	return (rule->identity);
569 dns_ssurule_matchtype(const dns_ssurule_t *rule) {
570 	REQUIRE(VALID_SSURULE(rule));
571 	return (rule->matchtype);
575 dns_ssurule_name(const dns_ssurule_t *rule) {
576 	REQUIRE(VALID_SSURULE(rule));
577 	return (rule->name);
581 dns_ssurule_types(const dns_ssurule_t *rule, dns_rdatatype_t **types) {
582 	REQUIRE(VALID_SSURULE(rule));
584 	*types = rule->types;
585 	return (rule->ntypes);
589 dns_ssutable_firstrule(const dns_ssutable_t *table, dns_ssurule_t **rule) {
591 	REQUIRE(rule != NULL && *rule == NULL);
592 	*rule = ISC_LIST_HEAD(table->rules);
593 	return (*rule != NULL ? ISC_R_SUCCESS : ISC_R_NOMORE);
597 dns_ssutable_nextrule(dns_ssurule_t *rule, dns_ssurule_t **nextrule) {
598 	REQUIRE(VALID_SSURULE(rule));
600 	*nextrule = ISC_LIST_NEXT(rule, link);
612 	dns_ssurule_t *rule;
623 	rule = isc_mem_get(table->mctx, sizeof(dns_ssurule_t));
624 	if (rule == NULL) {
629 	rule->identity = NULL;
630 	rule->name = NULL;
631 	rule->types = NULL;
632 	rule->grant = ISC_TRUE;
633 	rule->matchtype = DNS_SSUMATCHTYPE_DLZ;
634 	rule->ntypes = 0;
635 	rule->types = NULL;
636 	rule->magic = SSURULEMAGIC;
638 	ISC_LIST_INITANDAPPEND(table->rules, rule, link);

Indexes created Tue Jul 24 14:28:13 CEST 2018