2 * Copyright (c) 2012, 2013, JANET(UK)
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
16 * 3. Neither the name of JANET(UK) nor the names of its contributors
17 * may be used to endorse or promote products derived from this software
18 * without specific prior written permission.
20 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
21 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
22 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
23 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
24 * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
25 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
26 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
27 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
29 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
30 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
31 * OF THE POSSIBILITY OF SUCH DAMAGE.
40 #include <tr_filter.h>
43 int tr_filter_process_rp_permitted (TR_NAME *rp_realm, TR_FILTER *rpp_filter, TR_CONSTRAINT_SET *in_constraints, TR_CONSTRAINT_SET **out_constraints, int *out_action)
47 *out_action = TR_FILTER_ACTION_REJECT;
48 *out_constraints = NULL;
50 /* If this isn't a valid rp_permitted filter, return no match. */
52 (TR_FILTER_TYPE_RP_PERMITTED != rpp_filter->type)) {
53 return TR_FILTER_NO_MATCH;
56 /* Check if there is a match for this filter. */
57 for (i = 0; i < TR_MAX_FILTER_LINES; i++) {
58 for (j = 0; j < TR_MAX_FILTER_SPECS; j++) {
60 if ((rpp_filter->lines[i]) &&
61 (rpp_filter->lines[i]->specs[j]) &&
62 (tr_fspec_matches(rpp_filter->lines[i]->specs[j], rp_realm))) {
63 *out_action = rpp_filter->lines[i]->action;
64 *out_constraints = in_constraints;
65 if (rpp_filter->lines[i]->realm_cons)
66 tr_constraint_add_to_set(out_constraints,
67 rpp_filter->lines[i]->realm_cons);
68 if (rpp_filter->lines[i]->domain_cons)
69 tr_constraint_add_to_set(out_constraints,
70 rpp_filter->lines[i]->domain_cons);
72 return TR_FILTER_MATCH;
76 /* If there is no match, indicate that. */
77 return TR_FILTER_NO_MATCH;
80 void tr_fspec_free(TR_FSPEC *fspec)
85 static int tr_fspec_destructor(void *obj)
87 TR_FSPEC *fspec=talloc_get_type_abort(obj, TR_FSPEC);
90 if (fspec->field!=NULL)
91 tr_free_name(fspec->field);
92 for (ii=0; ii<TR_MAX_FILTER_MATCHES; ii++) {
93 if (fspec->match[ii]!=NULL)
94 tr_free_name(fspec->match[ii]);
99 TR_FSPEC *tr_fspec_new(TALLOC_CTX *mem_ctx)
101 TR_FSPEC *fspec=talloc(mem_ctx, TR_FSPEC);
106 for (ii=0; ii<TR_MAX_FILTER_MATCHES; ii++)
107 fspec->match[ii]=NULL;
108 talloc_set_destructor((void *)fspec, tr_fspec_destructor);
113 /* returns 0 on success */
114 int tr_fspec_add_match(TR_FSPEC *fspec, TR_NAME *match)
118 for (ii=0; ii<TR_MAX_FILTER_MATCHES; ii++) {
119 if (fspec->match[ii]==NULL)
122 if (ii<TR_MAX_FILTER_MATCHES) {
123 fspec->match[ii]=match;
126 return -1; /* no space left */
129 /* returns 1 if the spec exactly matches */
130 int tr_fspec_matches(TR_FSPEC *fspec, TR_NAME *name)
134 for (ii=0; ii<TR_MAX_FILTER_MATCHES; ii++) {
135 if (0!=tr_prefix_wildcard_match(name->buf, fspec->match[ii]->buf))
141 void tr_fline_free(TR_FLINE *fline)
146 TR_FLINE *tr_fline_new(TALLOC_CTX *mem_ctx)
148 TR_FLINE *fl=talloc(mem_ctx, TR_FLINE);
152 fl->action=TR_FILTER_ACTION_UNKNOWN;
154 fl->domain_cons=NULL;
155 for (ii=0; ii<TR_MAX_FILTER_SPECS; ii++)
161 TR_FILTER *tr_filter_new(TALLOC_CTX *mem_ctx)
163 TR_FILTER *f=talloc(mem_ctx, TR_FILTER);
167 f->type=TR_FILTER_TYPE_UNKNOWN;
168 for (ii=0; ii<TR_MAX_FILTER_LINES; ii++)
174 void tr_filter_free(TR_FILTER *filt)
179 void tr_filter_set_type(TR_FILTER *filt, TR_FILTER_TYPE type)
184 TR_FILTER_TYPE tr_filter_get_type(TR_FILTER *filt)