ssu.c revision 28fc90e6c81338c5f34e065fdda49d320e362583
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington/*
499b34cea04a46823d003d4c0520c8b03e8513cbBrian Wellington * Copyright (C) 2000, 2001 Internet Software Consortium.
40f53fa8d9c6a4fc38c0014495e7a42b08f52481David Lawrence *
dda4bfe6499d09ea8123447579e56069d8176fcbBob Halley * Permission to use, copy, modify, and distribute this software for any
dda4bfe6499d09ea8123447579e56069d8176fcbBob Halley * purpose with or without fee is hereby granted, provided that the above
dda4bfe6499d09ea8123447579e56069d8176fcbBob Halley * copyright notice and this permission notice appear in all copies.
40f53fa8d9c6a4fc38c0014495e7a42b08f52481David Lawrence *
15a44745412679c30a6d022733925af70a38b715David Lawrence * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
15a44745412679c30a6d022733925af70a38b715David Lawrence * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
15a44745412679c30a6d022733925af70a38b715David Lawrence * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
15a44745412679c30a6d022733925af70a38b715David Lawrence * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
15a44745412679c30a6d022733925af70a38b715David Lawrence * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
15a44745412679c30a6d022733925af70a38b715David Lawrence * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
15a44745412679c30a6d022733925af70a38b715David Lawrence * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
15a44745412679c30a6d022733925af70a38b715David Lawrence * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
dda4bfe6499d09ea8123447579e56069d8176fcbBob Halley */
dda4bfe6499d09ea8123447579e56069d8176fcbBob Halley
dda4bfe6499d09ea8123447579e56069d8176fcbBob Halley/*
28fc90e6c81338c5f34e065fdda49d320e362583Mark Andrews * $Id: ssu.c,v 1.22 2001/08/28 03:58:08 marka Exp $
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington * Principal Author: Brian Wellington
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington */
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington#include <config.h>
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington#include <isc/magic.h>
99910383666b1942a64a9b76eb5b7c0c04b23162Andreas Gustafsson#include <isc/mem.h>
6028d1ce0380d0ba7f6c6ecd1ad20b31ddd1becbDavid Lawrence#include <isc/string.h> /* Required for HP/UX (and others?) */
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington#include <isc/util.h>
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington#include <dns/name.h>
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington#include <dns/ssu.h>
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington
92ef1a9b9dbd48ecb507b42ac62c15afefdaf838David Lawrence#define SSUTABLEMAGIC ISC_MAGIC('S', 'S', 'U', 'T')
92ef1a9b9dbd48ecb507b42ac62c15afefdaf838David Lawrence#define VALID_SSUTABLE(table) ISC_MAGIC_VALID(table, SSUTABLEMAGIC)
92ef1a9b9dbd48ecb507b42ac62c15afefdaf838David Lawrence
92ef1a9b9dbd48ecb507b42ac62c15afefdaf838David Lawrence#define SSURULEMAGIC ISC_MAGIC('S', 'S', 'U', 'R')
92ef1a9b9dbd48ecb507b42ac62c15afefdaf838David Lawrence#define VALID_SSURULE(table) ISC_MAGIC_VALID(table, SSURULEMAGIC)
71f5ad0517325eb32ecbee112206277c6277af87Brian Wellington
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellingtonstruct dns_ssurule {
28fc90e6c81338c5f34e065fdda49d320e362583Mark Andrews unsigned int magic;
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington isc_boolean_t grant; /* is this a grant or a deny? */
2fabf91e5bfc718f274e19c5fa8844fdae90ae41Brian Wellington unsigned int matchtype; /* which type of pattern match? */
7dc1fe241043e47a6721fd841e2c52d3691379ebBrian Wellington dns_name_t *identity; /* the identity to match */
7dc1fe241043e47a6721fd841e2c52d3691379ebBrian Wellington dns_name_t *name; /* the name being updated */
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington unsigned int ntypes; /* number of data types covered */
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington dns_rdatatype_t *types; /* the data types. Can include ANY, */
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington /* defaults to all but SIG,SOA,NS if NULL*/
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington ISC_LINK(dns_ssurule_t) link;
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington};
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellingtonstruct dns_ssutable {
28fc90e6c81338c5f34e065fdda49d320e362583Mark Andrews unsigned int magic;
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington isc_mem_t *mctx;
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington unsigned int references;
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington isc_mutex_t lock;
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington ISC_LIST(dns_ssurule_t) rules;
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington};
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellingtonisc_result_t
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellingtondns_ssutable_create(isc_mem_t *mctx, dns_ssutable_t **tablep) {
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington isc_result_t result;
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington dns_ssutable_t *table;
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington REQUIRE(tablep != NULL && *tablep == NULL);
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington REQUIRE(mctx != NULL);
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington table = isc_mem_get(mctx, sizeof(dns_ssutable_t));
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington if (table == NULL)
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington return (ISC_R_NOMEMORY);
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington result = isc_mutex_init(&table->lock);
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington if (result != ISC_R_SUCCESS) {
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington isc_mem_put(mctx, table, sizeof(dns_ssutable_t));
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington return (result);
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington }
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington table->references = 1;
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington table->mctx = mctx;
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington ISC_LIST_INIT(table->rules);
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington table->magic = SSUTABLEMAGIC;
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington *tablep = table;
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington return (ISC_R_SUCCESS);
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington}
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellingtonstatic inline void
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellingtondestroy(dns_ssutable_t *table) {
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington isc_mem_t *mctx;
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington REQUIRE(VALID_SSUTABLE(table));
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington mctx = table->mctx;
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington while (!ISC_LIST_EMPTY(table->rules)) {
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington dns_ssurule_t *rule = ISC_LIST_HEAD(table->rules);
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington if (rule->identity != NULL) {
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington dns_name_free(rule->identity, mctx);
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington isc_mem_put(mctx, rule->identity, sizeof(dns_name_t));
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington }
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington if (rule->name != NULL) {
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington dns_name_free(rule->name, mctx);
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington isc_mem_put(mctx, rule->name, sizeof(dns_name_t));
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington }
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington if (rule->types != NULL)
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington isc_mem_put(mctx, rule->types,
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington rule->ntypes * sizeof(dns_rdatatype_t));
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington ISC_LIST_UNLINK(table->rules, rule, link);
2fabf91e5bfc718f274e19c5fa8844fdae90ae41Brian Wellington rule->magic = 0;
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington isc_mem_put(mctx, rule, sizeof(dns_ssurule_t));
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington }
5e387b9ce6bafdfadedb5b34e4c33a4404e5d589Brian Wellington DESTROYLOCK(&table->lock);
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington table->magic = 0;
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington isc_mem_put(mctx, table, sizeof(dns_ssutable_t));
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington}
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellingtonvoid
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellingtondns_ssutable_attach(dns_ssutable_t *source, dns_ssutable_t **targetp) {
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington REQUIRE(VALID_SSUTABLE(source));
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington REQUIRE(targetp != NULL && *targetp == NULL);
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington LOCK(&source->lock);
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington INSIST(source->references > 0);
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington source->references++;
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington INSIST(source->references != 0);
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington UNLOCK(&source->lock);
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington *targetp = source;
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington}
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellingtonvoid
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellingtondns_ssutable_detach(dns_ssutable_t **tablep) {
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington dns_ssutable_t *table;
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington isc_boolean_t done = ISC_FALSE;
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington REQUIRE(tablep != NULL);
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington table = *tablep;
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington REQUIRE(VALID_SSUTABLE(table));
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington LOCK(&table->lock);
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington INSIST(table->references > 0);
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington if (--table->references == 0)
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington done = ISC_TRUE;
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington UNLOCK(&table->lock);
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington *tablep = NULL;
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington if (done)
6fcfd0c35d3fd6aea3d36ad002b68e59ac62fdc7Brian Wellington destroy(table);
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington}
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellingtonisc_result_t
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellingtondns_ssutable_addrule(dns_ssutable_t *table, isc_boolean_t grant,
7dc1fe241043e47a6721fd841e2c52d3691379ebBrian Wellington dns_name_t *identity, unsigned int matchtype,
7dc1fe241043e47a6721fd841e2c52d3691379ebBrian Wellington dns_name_t *name, unsigned int ntypes,
7dc1fe241043e47a6721fd841e2c52d3691379ebBrian Wellington dns_rdatatype_t *types)
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington{
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington dns_ssurule_t *rule;
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington isc_mem_t *mctx;
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington isc_result_t result;
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington REQUIRE(VALID_SSUTABLE(table));
7dc1fe241043e47a6721fd841e2c52d3691379ebBrian Wellington REQUIRE(dns_name_isabsolute(identity));
7dc1fe241043e47a6721fd841e2c52d3691379ebBrian Wellington REQUIRE(dns_name_isabsolute(name));
7dc1fe241043e47a6721fd841e2c52d3691379ebBrian Wellington REQUIRE(matchtype <= DNS_SSUMATCHTYPE_SELF);
7dc1fe241043e47a6721fd841e2c52d3691379ebBrian Wellington if (matchtype == DNS_SSUMATCHTYPE_WILDCARD)
7dc1fe241043e47a6721fd841e2c52d3691379ebBrian Wellington REQUIRE(dns_name_iswildcard(name));
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington if (ntypes > 0)
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington REQUIRE(types != NULL);
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington mctx = table->mctx;
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington rule = isc_mem_get(mctx, sizeof(dns_ssurule_t));
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington if (rule == NULL)
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington return (ISC_R_NOMEMORY);
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington rule->identity = NULL;
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington rule->name = NULL;
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington rule->types = NULL;
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington rule->grant = grant;
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington
7dc1fe241043e47a6721fd841e2c52d3691379ebBrian Wellington rule->identity = isc_mem_get(mctx, sizeof(dns_name_t));
7dc1fe241043e47a6721fd841e2c52d3691379ebBrian Wellington if (rule->identity == NULL) {
7dc1fe241043e47a6721fd841e2c52d3691379ebBrian Wellington result = ISC_R_NOMEMORY;
7dc1fe241043e47a6721fd841e2c52d3691379ebBrian Wellington goto failure;
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington }
7dc1fe241043e47a6721fd841e2c52d3691379ebBrian Wellington dns_name_init(rule->identity, NULL);
7dc1fe241043e47a6721fd841e2c52d3691379ebBrian Wellington result = dns_name_dup(identity, mctx, rule->identity);
7dc1fe241043e47a6721fd841e2c52d3691379ebBrian Wellington if (result != ISC_R_SUCCESS)
7dc1fe241043e47a6721fd841e2c52d3691379ebBrian Wellington goto failure;
7dc1fe241043e47a6721fd841e2c52d3691379ebBrian Wellington
7dc1fe241043e47a6721fd841e2c52d3691379ebBrian Wellington rule->name = isc_mem_get(mctx, sizeof(dns_name_t));
7dc1fe241043e47a6721fd841e2c52d3691379ebBrian Wellington if (rule->name == NULL) {
7dc1fe241043e47a6721fd841e2c52d3691379ebBrian Wellington result = ISC_R_NOMEMORY;
7dc1fe241043e47a6721fd841e2c52d3691379ebBrian Wellington goto failure;
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington }
7dc1fe241043e47a6721fd841e2c52d3691379ebBrian Wellington dns_name_init(rule->name, NULL);
7dc1fe241043e47a6721fd841e2c52d3691379ebBrian Wellington result = dns_name_dup(name, mctx, rule->name);
7dc1fe241043e47a6721fd841e2c52d3691379ebBrian Wellington if (result != ISC_R_SUCCESS)
7dc1fe241043e47a6721fd841e2c52d3691379ebBrian Wellington goto failure;
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington
7dc1fe241043e47a6721fd841e2c52d3691379ebBrian Wellington rule->matchtype = matchtype;
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington rule->ntypes = ntypes;
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington if (ntypes > 0) {
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington rule->types = isc_mem_get(mctx,
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington ntypes * sizeof(dns_rdatatype_t));
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington if (rule->types == NULL) {
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington result = ISC_R_NOMEMORY;
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington goto failure;
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington }
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington memcpy(rule->types, types, ntypes * sizeof(dns_rdatatype_t));
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington }
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington else
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington rule->types = NULL;
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington
2fabf91e5bfc718f274e19c5fa8844fdae90ae41Brian Wellington rule->magic = SSURULEMAGIC;
6fda1577669dca9e0d8e4832e407bac34cc12de6Mark Andrews ISC_LIST_INITANDAPPEND(table->rules, rule, link);
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington return (ISC_R_SUCCESS);
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington failure:
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington if (rule->identity != NULL) {
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington if (dns_name_dynamic(rule->identity))
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington dns_name_free(rule->identity, mctx);
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington isc_mem_put(mctx, rule->identity, sizeof(dns_name_t));
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington }
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington if (rule->name != NULL) {
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington if (dns_name_dynamic(rule->name))
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington dns_name_free(rule->name, mctx);
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington isc_mem_put(mctx, rule->name, sizeof(dns_name_t));
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington }
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington if (rule->types != NULL)
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington isc_mem_put(mctx, rule->types,
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington ntypes * sizeof(dns_rdatatype_t));
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington isc_mem_put(mctx, rule, sizeof(dns_ssurule_t));
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington return (result);
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington}
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellingtonstatic inline isc_boolean_t
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellingtonisusertype(dns_rdatatype_t type) {
affa3155be811559c5c59c19cd8f16c91bc0a55fDavid Lawrence return (ISC_TF(type != dns_rdatatype_ns &&
affa3155be811559c5c59c19cd8f16c91bc0a55fDavid Lawrence type != dns_rdatatype_soa &&
affa3155be811559c5c59c19cd8f16c91bc0a55fDavid Lawrence type != dns_rdatatype_sig));
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington}
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellingtonisc_boolean_t
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellingtondns_ssutable_checkrules(dns_ssutable_t *table, dns_name_t *signer,
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington dns_name_t *name, dns_rdatatype_t type)
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington{
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington dns_ssurule_t *rule;
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington unsigned int i;
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington REQUIRE(VALID_SSUTABLE(table));
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington REQUIRE(signer == NULL || dns_name_isabsolute(signer));
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington REQUIRE(dns_name_isabsolute(name));
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington if (signer == NULL)
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington return (ISC_FALSE);
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington rule = ISC_LIST_HEAD(table->rules);
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington rule = ISC_LIST_NEXT(rule, link);
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington for (rule = ISC_LIST_HEAD(table->rules);
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington rule != NULL;
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington rule = ISC_LIST_NEXT(rule, link))
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington {
7dc1fe241043e47a6721fd841e2c52d3691379ebBrian Wellington if (dns_name_iswildcard(rule->identity)) {
7dc1fe241043e47a6721fd841e2c52d3691379ebBrian Wellington if (!dns_name_matcheswildcard(signer, rule->identity))
7dc1fe241043e47a6721fd841e2c52d3691379ebBrian Wellington continue;
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington }
7dc1fe241043e47a6721fd841e2c52d3691379ebBrian Wellington else {
7dc1fe241043e47a6721fd841e2c52d3691379ebBrian Wellington if (!dns_name_equal(signer, rule->identity))
7dc1fe241043e47a6721fd841e2c52d3691379ebBrian Wellington continue;
7dc1fe241043e47a6721fd841e2c52d3691379ebBrian Wellington }
7dc1fe241043e47a6721fd841e2c52d3691379ebBrian Wellington
7dc1fe241043e47a6721fd841e2c52d3691379ebBrian Wellington if (rule->matchtype == DNS_SSUMATCHTYPE_NAME) {
7dc1fe241043e47a6721fd841e2c52d3691379ebBrian Wellington if (!dns_name_equal(name, rule->name))
7dc1fe241043e47a6721fd841e2c52d3691379ebBrian Wellington continue;
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington }
7dc1fe241043e47a6721fd841e2c52d3691379ebBrian Wellington else if (rule->matchtype == DNS_SSUMATCHTYPE_SUBDOMAIN) {
7dc1fe241043e47a6721fd841e2c52d3691379ebBrian Wellington if (!dns_name_issubdomain(name, rule->name))
7dc1fe241043e47a6721fd841e2c52d3691379ebBrian Wellington continue;
7dc1fe241043e47a6721fd841e2c52d3691379ebBrian Wellington }
7dc1fe241043e47a6721fd841e2c52d3691379ebBrian Wellington else if (rule->matchtype == DNS_SSUMATCHTYPE_WILDCARD) {
7dc1fe241043e47a6721fd841e2c52d3691379ebBrian Wellington if (!dns_name_matcheswildcard(name, rule->name))
7dc1fe241043e47a6721fd841e2c52d3691379ebBrian Wellington continue;
40f53fa8d9c6a4fc38c0014495e7a42b08f52481David Lawrence
7dc1fe241043e47a6721fd841e2c52d3691379ebBrian Wellington }
7dc1fe241043e47a6721fd841e2c52d3691379ebBrian Wellington else if (rule->matchtype == DNS_SSUMATCHTYPE_SELF) {
7dc1fe241043e47a6721fd841e2c52d3691379ebBrian Wellington if (!dns_name_equal(signer, name))
7dc1fe241043e47a6721fd841e2c52d3691379ebBrian Wellington continue;
7dc1fe241043e47a6721fd841e2c52d3691379ebBrian Wellington }
7dc1fe241043e47a6721fd841e2c52d3691379ebBrian Wellington
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington if (rule->ntypes == 0) {
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington if (!isusertype(type))
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington continue;
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington }
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington else {
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington for (i = 0; i < rule->ntypes; i++) {
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington if (rule->types[i] == dns_rdatatype_any ||
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington rule->types[i] == type)
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington break;
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington }
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington if (i == rule->ntypes)
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington continue;
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington }
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington return (rule->grant);
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington }
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington return (ISC_FALSE);
01d202be8fb07c010388eada31635e40ae3bffe5Brian Wellington}
2fabf91e5bfc718f274e19c5fa8844fdae90ae41Brian Wellington
2fabf91e5bfc718f274e19c5fa8844fdae90ae41Brian Wellingtonisc_boolean_t
2fabf91e5bfc718f274e19c5fa8844fdae90ae41Brian Wellingtondns_ssurule_isgrant(const dns_ssurule_t *rule) {
2fabf91e5bfc718f274e19c5fa8844fdae90ae41Brian Wellington REQUIRE(VALID_SSURULE(rule));
2fabf91e5bfc718f274e19c5fa8844fdae90ae41Brian Wellington return (rule->grant);
2fabf91e5bfc718f274e19c5fa8844fdae90ae41Brian Wellington}
2fabf91e5bfc718f274e19c5fa8844fdae90ae41Brian Wellington
2fabf91e5bfc718f274e19c5fa8844fdae90ae41Brian Wellingtondns_name_t *
2fabf91e5bfc718f274e19c5fa8844fdae90ae41Brian Wellingtondns_ssurule_identity(const dns_ssurule_t *rule) {
2fabf91e5bfc718f274e19c5fa8844fdae90ae41Brian Wellington REQUIRE(VALID_SSURULE(rule));
2fabf91e5bfc718f274e19c5fa8844fdae90ae41Brian Wellington return (rule->identity);
2fabf91e5bfc718f274e19c5fa8844fdae90ae41Brian Wellington}
2fabf91e5bfc718f274e19c5fa8844fdae90ae41Brian Wellington
2fabf91e5bfc718f274e19c5fa8844fdae90ae41Brian Wellingtonunsigned int
2fabf91e5bfc718f274e19c5fa8844fdae90ae41Brian Wellingtondns_ssurule_matchtype(const dns_ssurule_t *rule) {
2fabf91e5bfc718f274e19c5fa8844fdae90ae41Brian Wellington REQUIRE(VALID_SSURULE(rule));
2fabf91e5bfc718f274e19c5fa8844fdae90ae41Brian Wellington return (rule->matchtype);
2fabf91e5bfc718f274e19c5fa8844fdae90ae41Brian Wellington}
2fabf91e5bfc718f274e19c5fa8844fdae90ae41Brian Wellington
2fabf91e5bfc718f274e19c5fa8844fdae90ae41Brian Wellingtondns_name_t *
2fabf91e5bfc718f274e19c5fa8844fdae90ae41Brian Wellingtondns_ssurule_name(const dns_ssurule_t *rule) {
2fabf91e5bfc718f274e19c5fa8844fdae90ae41Brian Wellington REQUIRE(VALID_SSURULE(rule));
2fabf91e5bfc718f274e19c5fa8844fdae90ae41Brian Wellington return (rule->name);
2fabf91e5bfc718f274e19c5fa8844fdae90ae41Brian Wellington}
2fabf91e5bfc718f274e19c5fa8844fdae90ae41Brian Wellington
2fabf91e5bfc718f274e19c5fa8844fdae90ae41Brian Wellingtonunsigned int
2fabf91e5bfc718f274e19c5fa8844fdae90ae41Brian Wellingtondns_ssurule_types(const dns_ssurule_t *rule, dns_rdatatype_t **types) {
2fabf91e5bfc718f274e19c5fa8844fdae90ae41Brian Wellington REQUIRE(VALID_SSURULE(rule));
2fabf91e5bfc718f274e19c5fa8844fdae90ae41Brian Wellington REQUIRE(types != NULL && *types != NULL);
2fabf91e5bfc718f274e19c5fa8844fdae90ae41Brian Wellington *types = rule->types;
2fabf91e5bfc718f274e19c5fa8844fdae90ae41Brian Wellington return (rule->ntypes);
2fabf91e5bfc718f274e19c5fa8844fdae90ae41Brian Wellington}
2fabf91e5bfc718f274e19c5fa8844fdae90ae41Brian Wellington
2fabf91e5bfc718f274e19c5fa8844fdae90ae41Brian Wellingtonisc_result_t
2fabf91e5bfc718f274e19c5fa8844fdae90ae41Brian Wellingtondns_ssutable_firstrule(const dns_ssutable_t *table, dns_ssurule_t **rule) {
2fabf91e5bfc718f274e19c5fa8844fdae90ae41Brian Wellington REQUIRE(VALID_SSUTABLE(table));
dc1961d96f9d116f77e0ac5e4a0b2bb5bb40328eJames Brister REQUIRE(rule != NULL && *rule == NULL);
2fabf91e5bfc718f274e19c5fa8844fdae90ae41Brian Wellington *rule = ISC_LIST_HEAD(table->rules);
2fabf91e5bfc718f274e19c5fa8844fdae90ae41Brian Wellington return (*rule != NULL ? ISC_R_SUCCESS : ISC_R_NOMORE);
2fabf91e5bfc718f274e19c5fa8844fdae90ae41Brian Wellington}
2fabf91e5bfc718f274e19c5fa8844fdae90ae41Brian Wellington
2fabf91e5bfc718f274e19c5fa8844fdae90ae41Brian Wellingtonisc_result_t
2fabf91e5bfc718f274e19c5fa8844fdae90ae41Brian Wellingtondns_ssutable_nextrule(dns_ssurule_t *rule, dns_ssurule_t **nextrule) {
2fabf91e5bfc718f274e19c5fa8844fdae90ae41Brian Wellington REQUIRE(VALID_SSURULE(rule));
dc1961d96f9d116f77e0ac5e4a0b2bb5bb40328eJames Brister REQUIRE(nextrule != NULL && *nextrule == NULL);
2fabf91e5bfc718f274e19c5fa8844fdae90ae41Brian Wellington *nextrule = ISC_LIST_NEXT(rule, link);
2fabf91e5bfc718f274e19c5fa8844fdae90ae41Brian Wellington return (*nextrule != NULL ? ISC_R_SUCCESS : ISC_R_NOMORE);
2fabf91e5bfc718f274e19c5fa8844fdae90ae41Brian Wellington}