X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=common%2Ftr_config_rp_clients.c;h=b263c0221ab3fd31465a6839bc11d8dd9c361b1d;hb=fc7fb82d2661d977e7bacb4ffe469f3857a06b63;hp=3487cb7fcd0d992c79acd0ee1b970cc5749496d6;hpb=5ca23c802b939827b429a7fe63578d898ba15d95;p=trust_router.git

diff --git a/common/tr_config_rp_clients.c b/common/tr_config_rp_clients.c
index 3487cb7..b263c02 100644
--- a/common/tr_config_rp_clients.c
+++ b/common/tr_config_rp_clients.c
@@ -44,7 +44,7 @@
 #include <tr_gss_names.h>
 #include <tr_debug.h>
 #include <tr_filter.h>
-#include <trust_router/tr_constraint.h>
+#include <tr_constraint_internal.h>
 #include <tr_idp.h>
 #include <tr.h>
 #include <trust_router/trp.h>
@@ -114,6 +114,7 @@ static TR_FILTER_SET *tr_cfg_default_filters(TALLOC_CTX *mem_ctx, TR_NAME *realm
   TALLOC_CTX *tmp_ctx=talloc_new(NULL);
   TR_FILTER *filt=NULL;
   TR_FLINE *fline = NULL;
+  TR_FSPEC *fspec = NULL;
   TR_FILTER_SET *filt_set=NULL;
   TR_CONSTRAINT *cons=NULL;
   TR_NAME *name=NULL;
@@ -157,8 +158,9 @@ static TR_FILTER_SET *tr_cfg_default_filters(TALLOC_CTX *mem_ctx, TR_NAME *realm
   }
 
   fline->action=TR_FILTER_ACTION_ACCEPT;
-  fline->specs[0]=tr_fspec_new(fline);
-  fline->specs[0]->field=n_rp_realm_1;
+  
+  fspec=tr_fspec_new(tmp_ctx);
+  fspec->field=n_rp_realm_1;
   n_rp_realm_1=NULL; /* we don't own this name any more */
 
   name=tr_dup_name(realm);
@@ -167,12 +169,18 @@ static TR_FILTER_SET *tr_cfg_default_filters(TALLOC_CTX *mem_ctx, TR_NAME *realm
     *rc=TR_CFG_NOMEM;
     goto cleanup;
   }
-  tr_fspec_add_match(fline->specs[0], name);
+  tr_fspec_add_match(fspec, name);
   name=NULL; /* we no longer own the name */
 
+  if (tr_fline_add_spec(fline, fspec) == NULL) {
+    tr_debug("tr_cfg_default_filters: could not add first spec to filter line");
+    *rc = TR_CFG_NOMEM;
+    goto cleanup;
+  }
+
   /* now do the wildcard name */
-  fline->specs[1]=tr_fspec_new(fline);
-  fline->specs[1]->field=n_rp_realm_2;
+  fspec=tr_fspec_new(tmp_ctx);
+  fspec->field=n_rp_realm_2;
   n_rp_realm_2=NULL; /* we don't own this name any more */
 
   if (NULL==(name=tr_name_cat(n_prefix, realm))) {
@@ -181,9 +189,15 @@ static TR_FILTER_SET *tr_cfg_default_filters(TALLOC_CTX *mem_ctx, TR_NAME *realm
     goto cleanup;
   }
 
-  tr_fspec_add_match(fline->specs[1], name);
+  tr_fspec_add_match(fspec, name);
   name=NULL; /* we no longer own the name */
 
+  if (tr_fline_add_spec(fline, fspec) == NULL) {
+    tr_debug("tr_cfg_default_filters: could not add second spec to filter line");
+    *rc = TR_CFG_NOMEM;
+    goto cleanup;
+  }
+
   /* domain constraint */
   if (NULL==(cons=tr_constraint_new(fline))) {
     tr_debug("tr_cfg_default_filters: could not allocate domain constraint.");
@@ -199,14 +213,22 @@ static TR_FILTER_SET *tr_cfg_default_filters(TALLOC_CTX *mem_ctx, TR_NAME *realm
     *rc=TR_CFG_NOMEM;
     goto cleanup;
   }
-  cons->matches[0]=name;
+  if (NULL == tr_constraint_add_match(cons, name)) {
+    tr_debug("tr_cfg_default_filters: could not add realm name for domain constraint.");
+    *rc=TR_CFG_NOMEM;
+    goto cleanup;
+  }
   name=tr_name_cat(n_prefix, realm);
   if (name==NULL) {
     tr_debug("tr_cfg_default_filters: could not allocate wildcard realm name for domain constraint.");
     *rc=TR_CFG_NOMEM;
     goto cleanup;
   }
-  cons->matches[1]=name;
+  if (NULL == tr_constraint_add_match(cons, name)) {
+    tr_debug("tr_cfg_default_filters: could not add wildcard realm name for domain constraint.");
+    *rc=TR_CFG_NOMEM;
+    goto cleanup;
+  }
   name=NULL;
   fline->domain_cons=cons;
 
@@ -226,14 +248,22 @@ static TR_FILTER_SET *tr_cfg_default_filters(TALLOC_CTX *mem_ctx, TR_NAME *realm
     *rc=TR_CFG_NOMEM;
     goto cleanup;
   }
-  cons->matches[0]=name;
+  if (NULL == tr_constraint_add_match(cons, name)) {
+    tr_debug("tr_cfg_default_filters: could not add realm name for realm constraint.");
+    *rc=TR_CFG_NOMEM;
+    goto cleanup;
+  }
   name=tr_name_cat(n_prefix, realm);
   if (name==NULL) {
     tr_debug("tr_cfg_default_filters: could not allocate wildcard realm name for realm constraint.");
     *rc=TR_CFG_NOMEM;
     goto cleanup;
   }
-  cons->matches[1]=name;
+  if (NULL == tr_constraint_add_match(cons, name)) {
+    tr_debug("tr_cfg_default_filters: could not add wildcard realm name for realm constraint.");
+    *rc=TR_CFG_NOMEM;
+    goto cleanup;
+  }
   name=NULL;
   fline->realm_cons=cons;