+ if (type==NULL)
+ retval=1;
+ else {
+ retval = tr_name_cmp(val, type);
+ tr_free_name(type);
+ }
+ return retval;
+}
+
+/** Handlers for TRP realm_role field */
+static TR_NAME *tr_ff_get_trp_realm_role(TR_FILTER_TARGET *target)
+{
+ TR_NAME *type=NULL;
+
+ switch(trp_inforec_get_role(target->trp_inforec)) {
+ case TR_ROLE_IDP:
+ type=tr_new_name("idp");
+ break;
+ case TR_ROLE_RP:
+ type=tr_new_name("rp");
+ break;
+ default:
+ type=NULL;
+ break; /* unknown types always fail */
+ }
+
+ return type;
+}
+
+static int tr_ff_cmp_trp_realm_role(TR_FILTER_TARGET *target, TR_NAME *val)
+{
+ TR_NAME *type=tr_ff_get_trp_realm_role(target);
+ int retval=0;
+
+ if (type==NULL)
+ retval=1;
+ else {
+ retval = tr_name_cmp(val, type);
+ tr_free_name(type);
+ }
+ return retval;
+}
+
+/** Handlers for TRP apc field */
+/* TODO: Handle multiple APCs, not just the first */
+static int tr_ff_cmp_trp_apc(TR_FILTER_TARGET *target, TR_NAME *val)
+{
+ return tr_name_cmp(tr_apc_get_id(trp_inforec_get_apcs(target->trp_inforec)), val);
+}
+
+static TR_NAME *tr_ff_get_trp_apc(TR_FILTER_TARGET *target)
+{
+ TR_APC *apc=trp_inforec_get_apcs(target->trp_inforec);
+ if (apc==NULL)
+ return NULL;
+
+ return tr_dup_name(tr_apc_get_id(apc));
+}
+
+/** Handlers for TRP owner_realm field */
+static int tr_ff_cmp_trp_owner_realm(TR_FILTER_TARGET *target, TR_NAME *val)
+{
+ return tr_name_cmp(trp_inforec_get_owner_realm(target->trp_inforec), val);
+}
+
+static TR_NAME *tr_ff_get_trp_owner_realm(TR_FILTER_TARGET *target)
+{
+ return tr_dup_name(trp_inforec_get_owner_realm(target->trp_inforec));
+}
+
+/** Generic handlers for host:port fields*/
+static TR_NAME *tr_ff_get_hostname_and_port(TR_NAME *hn, int port)
+{
+ return tr_hostname_and_port_to_name(hn, port);
+}
+
+static int tr_ff_cmp_hostname_and_port(TR_NAME *hn, int port, int default_port, TR_NAME *val)
+{
+ int cmp = -1;
+ TR_NAME *n = NULL;
+
+ /* allow a match without :port if the default port is in use */
+ if ((port == default_port) && (tr_name_cmp(hn, val) == 0))
+ return 0;
+
+ /* need to match with the :port */
+ n = tr_ff_get_hostname_and_port(hn, port);
+
+ if (n) {
+ cmp = tr_name_cmp(n, val);
+ tr_free_name(n);
+ }
+ return cmp;
+}
+
+/** Handlers for TRP trust_router field */
+static int tr_ff_cmp_trp_trust_router(TR_FILTER_TARGET *target, TR_NAME *val)
+{
+ return tr_ff_cmp_hostname_and_port(trp_inforec_get_trust_router(target->trp_inforec),
+ trp_inforec_get_trust_router_port(target->trp_inforec),
+ TRP_PORT,
+ val);
+}
+
+static TR_NAME *tr_ff_get_trp_trust_router(TR_FILTER_TARGET *target)
+{
+ return tr_ff_get_hostname_and_port(trp_inforec_get_trust_router(target->trp_inforec),
+ trp_inforec_get_trust_router_port(target->trp_inforec));
+}
+
+/** Handlers for TRP next_hop field */
+static int tr_ff_cmp_trp_next_hop(TR_FILTER_TARGET *target, TR_NAME *val)
+{
+ return tr_ff_cmp_hostname_and_port(trp_inforec_get_next_hop(target->trp_inforec),
+ trp_inforec_get_next_hop_port(target->trp_inforec),
+ TID_PORT,
+ val);
+}
+
+static TR_NAME *tr_ff_get_trp_next_hop(TR_FILTER_TARGET *target)
+{
+ return tr_ff_get_hostname_and_port(trp_inforec_get_next_hop(target->trp_inforec),
+ trp_inforec_get_next_hop_port(target->trp_inforec));
+}
+
+/** Handlers for TRP owner_contact field */
+static int tr_ff_cmp_trp_owner_contact(TR_FILTER_TARGET *target, TR_NAME *val)
+{
+ return tr_name_cmp(trp_inforec_get_owner_contact(target->trp_inforec), val);
+}
+
+static TR_NAME *tr_ff_get_trp_owner_contact(TR_FILTER_TARGET *target)
+{
+ return tr_dup_name(trp_inforec_get_owner_contact(target->trp_inforec));
+}
+
+/** Handlers for TID req original_coi field */
+static int tr_ff_cmp_tid_orig_coi(TR_FILTER_TARGET *target, TR_NAME *val)
+{
+ return tr_name_cmp(tid_req_get_orig_coi(target->tid_req), val);
+}
+
+static TR_NAME *tr_ff_get_tid_orig_coi(TR_FILTER_TARGET *target)
+{
+ return tr_dup_name(tid_req_get_orig_coi(target->tid_req));
+}
+
+/**
+ * Filter field handler table
+ */
+struct tr_filter_field_entry {
+ TR_FILTER_TYPE filter_type;
+ const char *name;
+ TR_FILTER_FIELD_CMP cmp;
+ TR_FILTER_FIELD_GET get;
+};
+static struct tr_filter_field_entry tr_filter_field_table[] = {
+ /* realm */
+ {TR_FILTER_TYPE_TID_INBOUND, "realm", tr_ff_cmp_tid_realm, tr_ff_get_tid_realm},
+ {TR_FILTER_TYPE_TRP_INBOUND, "realm", tr_ff_cmp_trp_realm, tr_ff_get_trp_realm},
+ {TR_FILTER_TYPE_TRP_OUTBOUND, "realm", tr_ff_cmp_trp_realm, tr_ff_get_trp_realm},
+
+ /* community */
+ {TR_FILTER_TYPE_TID_INBOUND, "comm", tr_ff_cmp_tid_comm, tr_ff_get_tid_comm},
+ {TR_FILTER_TYPE_TRP_INBOUND, "comm", tr_ff_cmp_trp_comm, tr_ff_get_trp_comm},
+ {TR_FILTER_TYPE_TRP_OUTBOUND, "comm", tr_ff_cmp_trp_comm, tr_ff_get_trp_comm},
+
+ /* community type */
+ {TR_FILTER_TYPE_TRP_INBOUND, "comm_type", tr_ff_cmp_trp_comm_type, tr_ff_get_trp_comm_type},
+ {TR_FILTER_TYPE_TRP_OUTBOUND, "comm_type", tr_ff_cmp_trp_comm_type, tr_ff_get_trp_comm_type},
+
+ /* realm role */
+ {TR_FILTER_TYPE_TRP_INBOUND, "realm_role", tr_ff_cmp_trp_realm_role, tr_ff_get_trp_realm_role},
+ {TR_FILTER_TYPE_TRP_OUTBOUND, "realm_role", tr_ff_cmp_trp_realm_role, tr_ff_get_trp_realm_role},
+
+ /* apc */
+ {TR_FILTER_TYPE_TRP_INBOUND, "apc", tr_ff_cmp_trp_apc, tr_ff_get_trp_apc},
+ {TR_FILTER_TYPE_TRP_OUTBOUND, "apc", tr_ff_cmp_trp_apc, tr_ff_get_trp_apc},
+
+ /* trust_router */
+ {TR_FILTER_TYPE_TRP_INBOUND, "trust_router", tr_ff_cmp_trp_trust_router, tr_ff_get_trp_trust_router},
+ {TR_FILTER_TYPE_TRP_OUTBOUND, "trust_router", tr_ff_cmp_trp_trust_router, tr_ff_get_trp_trust_router},
+
+ /* next_hop */
+ {TR_FILTER_TYPE_TRP_INBOUND, "next_hop", tr_ff_cmp_trp_next_hop, tr_ff_get_trp_next_hop},
+ {TR_FILTER_TYPE_TRP_OUTBOUND, "next_hop", tr_ff_cmp_trp_next_hop, tr_ff_get_trp_next_hop},
+
+ /* owner_realm */
+ {TR_FILTER_TYPE_TRP_INBOUND, "owner_realm", tr_ff_cmp_trp_owner_realm, tr_ff_get_trp_owner_realm},
+ {TR_FILTER_TYPE_TRP_OUTBOUND, "owner_realm", tr_ff_cmp_trp_owner_realm, tr_ff_get_trp_owner_realm},
+
+ /* owner_contact */
+ {TR_FILTER_TYPE_TRP_INBOUND, "owner_contact", tr_ff_cmp_trp_owner_contact, tr_ff_get_trp_owner_contact},
+ {TR_FILTER_TYPE_TRP_OUTBOUND, "owner_contact", tr_ff_cmp_trp_owner_contact, tr_ff_get_trp_owner_contact},
+
+ /* rp_realm */
+ {TR_FILTER_TYPE_TID_INBOUND, "rp_realm", tr_ff_cmp_tid_rp_realm, tr_ff_get_tid_rp_realm},
+
+ /* original coi */
+ {TR_FILTER_TYPE_TID_INBOUND, "original_coi", tr_ff_cmp_tid_orig_coi, tr_ff_get_tid_orig_coi},
+
+ /* info_type */
+ {TR_FILTER_TYPE_TRP_INBOUND, "info_type", tr_ff_cmp_trp_info_type, tr_ff_get_trp_info_type},
+ {TR_FILTER_TYPE_TRP_OUTBOUND, "info_type", tr_ff_cmp_trp_info_type, tr_ff_get_trp_info_type},
+
+ /* Unknown */
+ {TR_FILTER_TYPE_UNKNOWN, NULL } /* This must be the final entry */
+};
+
+/* TODO: support TRP metric field (requires > < comparison instead of wildcard match) */
+
+static struct tr_filter_field_entry *tr_filter_field_entry(TR_FILTER_TYPE filter_type, TR_NAME *field_name)
+{
+ unsigned int ii;
+
+ for (ii=0; tr_filter_field_table[ii].filter_type!=TR_FILTER_TYPE_UNKNOWN; ii++) {
+ if ((tr_filter_field_table[ii].filter_type==filter_type)
+ && (tr_name_cmp_str(field_name, tr_filter_field_table[ii].name)==0)) {
+ return tr_filter_field_table+ii;
+ }
+ }
+ return NULL;
+}
+
+/**
+ * Apply a filter to a target record or TID request.
+ *
+ * If one of the filter lines matches, out_action is set to the applicable action. If constraints
+ * is not NULL, the constraints from the matching filter line will be added to the constraint set
+ * *constraints, or to a new one if *constraints is NULL. In this case, TR_FILTER_MATCH will be
+ * returned.
+ *
+ * If there is no match, returns TR_FILTER_NO_MATCH, out_action is undefined, and constraints
+ * will not be changed.
+ *
+ * @param target Record or request to which the filter is applied
+ * @param filt Filter to apply
+ * @param constraints Pointer to existing set of constraints (NULL if not tracking constraints)
+ * @param out_action Action to be carried out (output)
+ * @return TR_FILTER_MATCH or TR_FILTER_NO_MATCH
+ */
+int tr_filter_apply(TR_FILTER_TARGET *target,
+ TR_FILTER *filt,
+ TR_CONSTRAINT_SET **constraints,
+ TR_FILTER_ACTION *out_action)
+{
+ TALLOC_CTX *tmp_ctx = talloc_new(NULL);
+ TR_FILTER_ITER *filt_iter = tr_filter_iter_new(tmp_ctx);
+ TR_FLINE *this_fline = NULL;
+ TR_FLINE_ITER *fline_iter = tr_fline_iter_new(tmp_ctx);
+ TR_FSPEC *this_fspec = NULL;
+ int retval=TR_FILTER_NO_MATCH;
+
+ /* Default action is reject */