confip.c revision 10e6498d6d7b2cfd8d822788d817fc9a3e0b0c3a
499b34cea04a46823d003d4c0520c8b03e8513cbBrian Wellington * Copyright (C) 1999, 2000 Internet Software Consortium.
1c3191528684f3dd93ebb122298c2f8ebfc6d397Mark Andrews * Permission to use, copy, modify, and distribute this software for any
1c3191528684f3dd93ebb122298c2f8ebfc6d397Mark Andrews * purpose with or without fee is hereby granted, provided that the above
1c3191528684f3dd93ebb122298c2f8ebfc6d397Mark Andrews * copyright notice and this permission notice appear in all copies.
15a44745412679c30a6d022733925af70a38b715David Lawrence * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
15a44745412679c30a6d022733925af70a38b715David Lawrence * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
15a44745412679c30a6d022733925af70a38b715David Lawrence * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
15a44745412679c30a6d022733925af70a38b715David Lawrence * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
15a44745412679c30a6d022733925af70a38b715David Lawrence * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
15a44745412679c30a6d022733925af70a38b715David Lawrence * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
15a44745412679c30a6d022733925af70a38b715David Lawrence * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
15a44745412679c30a6d022733925af70a38b715David Lawrence * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
bddfe77128b0f16af263ff149db40f0d885f43d0Mark Andrews/* $Id: confip.c,v 1.38 2000/12/13 00:15:21 tale Exp $ */
1c3191528684f3dd93ebb122298c2f8ebfc6d397Mark Andrews * Flag for dns_c_ipmatch_element.
ae114ded82e773a4d9058f833f964a17514712a8Brian Wellington#define DNS_C_IPMATCH_NEGATE 0x01 /* match means deny access */
c363150ad598e7a8ce03efe2776b8e6950f0de7bBrian Wellingtonstatic isc_result_t checkmask(isc_sockaddr_t *address, isc_uint32_t bits);
c363150ad598e7a8ce03efe2776b8e6950f0de7bBrian Wellingtonstatic isc_result_t bits2v6mask(struct in6_addr *addr, isc_uint32_t bits);
1c3191528684f3dd93ebb122298c2f8ebfc6d397Mark Andrewsdns_c_ipmatchelement_new(isc_mem_t *mem, dns_c_ipmatchelement_t **result) {
ae114ded82e773a4d9058f833f964a17514712a8Brian Wellingtondns_c_ipmatchelement_isneg(dns_c_ipmatchelement_t *elem) {
1c3191528684f3dd93ebb122298c2f8ebfc6d397Mark Andrews return (ISC_TF((elem->flags & DNS_C_IPMATCH_NEGATE) ==
1c3191528684f3dd93ebb122298c2f8ebfc6d397Mark Andrewsdns_c_ipmatchelement_delete(isc_mem_t *mem, dns_c_ipmatchelement_t **ipme) {
1c3191528684f3dd93ebb122298c2f8ebfc6d397Mark Andrews /* nothing */
1c3191528684f3dd93ebb122298c2f8ebfc6d397Mark Andrews dns_c_ipmatchlist_detach(&elem->u.indirect.list);
1c3191528684f3dd93ebb122298c2f8ebfc6d397Mark Andrews isc_mem_put(mem, elem->u.indirect.refname.base,
1c3191528684f3dd93ebb122298c2f8ebfc6d397Mark Andrews /* nothing */
6d12fdf96621801e80f3f4c2a8a569fe48766a20David Lawrence isc_log_write(dns_lctx, DNS_LOGCATEGORY_CONFIG,
1c3191528684f3dd93ebb122298c2f8ebfc6d397Mark Andrews "dns_ipmath_none element type");
9281e7aa775026dc47c01745fdcc438645146877Mark Andrews result = dns_c_ipmatchelement_new(mem, &newel);
85bdc128fcda11c89ec1d76ea4221f4fa8e4fc24Mark Andrews newel->u.direct.address = src->u.direct.address;
94a3bcd132e515b4baa0884ba9dd0f361d2e17bcMark Andrews newel->u.key = isc_mem_strdup(mem, src->u.key);
82ca33427bdd4f3bc4ed3431e86bd810fe751674Andreas Gustafsson newel->u.aclname = isc_mem_strdup(mem, src->u.aclname);
9281e7aa775026dc47c01745fdcc438645146877Mark Andrews isc_log_write(dns_lctx, DNS_LOGCATEGORY_CONFIG,
9281e7aa775026dc47c01745fdcc438645146877Mark Andrews "ipmatch 'none' element type");
c363150ad598e7a8ce03efe2776b8e6950f0de7bBrian Wellingtondns_c_ipmatchelement_equal(dns_c_ipmatchelement_t *e1,
6d12fdf96621801e80f3f4c2a8a569fe48766a20David Lawrence if ((e1->type != e2->type) || (e1->flags != e2->flags))
e27a69f8bd9538e08f775265167ba6cc5f47c587Bob Halley return (isc_sockaddr_equal(&e1->u.direct.address,
case dns_c_ipmatch_localhost:
case dns_c_ipmatch_localnets:
case dns_c_ipmatch_key:
case dns_c_ipmatch_acl:
case dns_c_ipmatch_any:
case dns_c_ipmatch_none:
return (ISC_TRUE);
return (res);
return (res);
return (res);
const char *name)
return (res);
return (res);
return (res);
return (res);
return (ISC_R_SUCCESS);
const char *key)
return (res);
return (ISC_R_SUCCESS);
const char *aclname)
return (res);
return (ISC_R_SUCCESS);
return (ISC_R_SUCCESS);
return (ISC_R_NOMEMORY);
return (ISC_R_SUCCESS);
return (ISC_R_SUCCESS);
return (ISC_R_SUCCESS);
return (res);
return (result);
return (result);
return (ISC_R_SUCCESS);
return (ISC_TRUE);
return (ISC_FALSE);
return (ISC_FALSE);
return (ISC_FALSE);
return (ISC_TRUE);
&ime_copy,
ime);
if (negate) {
return (result);
int bits;
case dns_c_ipmatch_pattern:
if (bits > 0) {
case dns_c_ipmatch_indirect:
case dns_c_ipmatch_key:
case dns_c_ipmatch_localhost:
case dns_c_ipmatch_localnets:
case dns_c_ipmatch_any:
case dns_c_ipmatch_none:
return (ISC_R_FAILURE);
case dns_c_ipmatch_acl:
return (ISC_R_SUCCESS);
return (ISC_R_SUCCESS);
case dns_c_ipmatch_pattern:
case dns_c_ipmatch_key:
case dns_c_ipmatch_localhost:
case dns_c_ipmatch_localnets:
case dns_c_ipmatch_any:
case dns_c_ipmatch_none:
case dns_c_ipmatch_indirect:
func));
return (retval);
return (ISC_R_NOMEMORY);
return (ISC_R_NOMEMORY);
return (ISC_R_NOMEMORY);
for (i = 0 ; i < length ; i++)
return (ISC_R_SUCCESS);
dns_c_iplist_t *l ;
l = *list;
l->refcount--;
if (l->refcount == 0) {
for (i = 0 ; i < l->size ; i++) {
sizeof(dns_name_t));
return (ISC_R_SUCCESS);
return (ISC_FALSE);
return (ISC_TRUE);
return (ISC_FALSE);
isc_uint32_t i;
return (res);
return (ISC_R_NOMEMORY);
return (res);
return (ISC_R_SUCCESS);
isc_uint32_t i;
return (ISC_FALSE);
return (ISC_FALSE);
return (ISC_FALSE);
return (ISC_FALSE);
return (ISC_TRUE);
isc_uint32_t i;
if (porttoo) {
if (athead) {
if (!athead) {
const char *key)
isc_uint32_t i;
return (ISC_R_FAILURE);
return (ISC_R_NOMEMORY);
return (ISC_R_NOMEMORY);
sizeof(dns_name_t));
return (res);
isc_uint32_t i;
return (ISC_R_FAILURE);
return (ISC_R_SUCCESS);
static isc_result_t
if (bits > 0) {
return (ISC_R_FAILURE);
return (ISC_R_FAILURE);
unsigned char *maskp;
unsigned char *addrp;
return (ISC_R_FAILURE);
return (ISC_R_FAILURE);
return (ISC_R_FAILURE);
return (ISC_R_SUCCESS);
static isc_result_t
} else if (bits > 0) {