#include <stdio.h>
#include <stdlib.h>
#include <string.h>
-#include <tr_filter.h>
-
-/* Returns TRUE (1) if the the string (str) matchs the wildcard string (wc_str), FALSE (0) if not.
- */
-int tr_prefix_wildcard_match (char *str, char *wc_str) {
- char *wc_post = wc_str;
- size_t len = 0;
- size_t wc_len = 0;
-
- if ((!str) || (!wc_str))
- return 0;
-
- len = strlen(str);
- if (0 == (wc_len = strlen(wc_str)))
- return 0;
+#include <talloc.h>
- /* TBD -- skip leading white space? */
- if ('*' == wc_str[0]) {
- wc_post = &(wc_str[1]);
- wc_len--;
- }
+#include <tr_filter.h>
- if (wc_len > len)
- return 0;
-
- if (0 == strcmp(&(str[len-wc_len]), wc_post)) {
- return 1;
- }
- else
- return 0;
- }
int tr_filter_process_rp_permitted (TR_NAME *rp_realm, TR_FILTER *rpp_filter, TR_CONSTRAINT_SET *in_constraints, TR_CONSTRAINT_SET **out_constraints, int *out_action)
{
/* Check if there is a match for this filter. */
for (i = 0; i < TR_MAX_FILTER_LINES; i++) {
for (j = 0; j < TR_MAX_FILTER_SPECS; j++) {
- if (tr_prefix_wildcard_match(rp_realm->buf, rpp_filter->lines[i]->specs[j]->match->buf)) {
+
+ if ((rpp_filter->lines[i]) &&
+ (rpp_filter->lines[i]->specs[j]) &&
+ (tr_fspec_matches(rpp_filter->lines[i]->specs[j], rp_realm))) {
*out_action = rpp_filter->lines[i]->action;
- *out_constraints = rpp_filter->lines[i]->constraints;
+ *out_constraints = in_constraints;
+ if (rpp_filter->lines[i]->realm_cons)
+ tr_constraint_add_to_set(out_constraints,
+ rpp_filter->lines[i]->realm_cons);
+ if (rpp_filter->lines[i]->domain_cons)
+ tr_constraint_add_to_set(out_constraints,
+ rpp_filter->lines[i]->domain_cons);
+
return TR_FILTER_MATCH;
}
}
return TR_FILTER_NO_MATCH;
}
-void tr_filter_free (TR_FILTER *filt) {
- int i = 0, j = 0;
+void tr_fspec_free(TR_FSPEC *fspec)
+{
+ talloc_free(fspec);
+}
- if (!filt)
- return;
+static int tr_fspec_destructor(void *obj)
+{
+ TR_FSPEC *fspec=talloc_get_type_abort(obj, TR_FSPEC);
+ int ii=0;
- for (i = 0; i < TR_MAX_FILTER_LINES; i++) {
- if (filt->lines[i]) {
- for (j = 0; j < TR_MAX_FILTER_SPECS; j++) {
- if (filt->lines[i]->specs[j])
- free(filt->lines[i]->specs[j]);
- }
- free(filt->lines[i]);
- }
+ if (fspec->field!=NULL)
+ tr_free_name(fspec->field);
+ for (ii=0; ii<TR_MAX_FILTER_MATCHES; ii++) {
+ if (fspec->match[ii]!=NULL)
+ tr_free_name(fspec->match[ii]);
}
+ return 0;
+}
+
+TR_FSPEC *tr_fspec_new(TALLOC_CTX *mem_ctx)
+{
+ TR_FSPEC *fspec=talloc(mem_ctx, TR_FSPEC);
+ int ii=0;
- free (filt);
+ if (fspec!=NULL) {
+ fspec->field=NULL;
+ for (ii=0; ii<TR_MAX_FILTER_MATCHES; ii++)
+ fspec->match[ii]=NULL;
+ talloc_set_destructor((void *)fspec, tr_fspec_destructor);
+ }
+ return fspec;
}
+/* returns 0 on success */
+int tr_fspec_add_match(TR_FSPEC *fspec, TR_NAME *match)
+{
+ int ii=0;
+
+ for (ii=0; ii<TR_MAX_FILTER_MATCHES; ii++) {
+ if (fspec->match[ii]==NULL)
+ break;
+ }
+ if (ii<TR_MAX_FILTER_MATCHES) {
+ fspec->match[ii]=match;
+ return 0;
+ } else
+ return -1; /* no space left */
+}
+
+/* returns 1 if the spec matches */
+int tr_fspec_matches(TR_FSPEC *fspec, TR_NAME *name)
+{
+ int ii=0;
+
+ for (ii=0; ii<TR_MAX_FILTER_MATCHES; ii++) {
+ if ((fspec->match[ii]!=NULL) &&
+ (0!=tr_prefix_wildcard_match(name->buf, fspec->match[ii]->buf)))
+ return 1;
+ }
+ return 0;
+}
+
+void tr_fline_free(TR_FLINE *fline)
+{
+ talloc_free(fline);
+}
+
+TR_FLINE *tr_fline_new(TALLOC_CTX *mem_ctx)
+{
+ TR_FLINE *fl=talloc(mem_ctx, TR_FLINE);
+ int ii=0;
+
+ if (fl!=NULL) {
+ fl->action=TR_FILTER_ACTION_UNKNOWN;
+ fl->realm_cons=NULL;
+ fl->domain_cons=NULL;
+ for (ii=0; ii<TR_MAX_FILTER_SPECS; ii++)
+ fl->specs[ii]=NULL;
+ }
+ return fl;
+}
+
+TR_FILTER *tr_filter_new(TALLOC_CTX *mem_ctx)
+{
+ TR_FILTER *f=talloc(mem_ctx, TR_FILTER);
+ int ii=0;
+
+ if (f!=NULL) {
+ f->type=TR_FILTER_TYPE_UNKNOWN;
+ for (ii=0; ii<TR_MAX_FILTER_LINES; ii++)
+ f->lines[ii]=NULL;
+ }
+ return f;
+}
+
+void tr_filter_free(TR_FILTER *filt)
+{
+ talloc_free(filt);
+}
+
+void tr_filter_set_type(TR_FILTER *filt, TR_FILTER_TYPE type)
+{
+ filt->type=type;
+}
+
+TR_FILTER_TYPE tr_filter_get_type(TR_FILTER *filt)
+{
+ return filt->type;
+}