json_t *jfaction=NULL;
json_t *jfspecs=NULL;
json_t *jffield=NULL;
- json_t *jfmatches=NULL;
json_t *jfmatch=NULL;
json_t *jrc=NULL;
json_t *jdc=NULL;
TR_NAME *name=NULL;
- int i=0, j=0, k=0;
+ int i=0, j=0;
*rc=TR_CFG_ERROR;
}
/* check that we have a match attribute */
- if (NULL==(jfmatches=json_object_get(json_array_get(jfspecs, j), "match"))) {
+ if (NULL==(jfmatch=json_object_get(json_array_get(jfspecs, j), "match"))) {
tr_debug("tr_cfg_parse_one_filter: Error parsing filter: missing match for filer spec %d, filter line %d.", i, j);
*rc=TR_CFG_NOPARSE;
goto cleanup;
}
- /* check that match is an array */
- if (!json_is_array(jfmatches)) {
- tr_debug("tr_cfg_parse_one_filter: Error parsing filter: match not an array for filter spec %d, filter line %d.", i, j);
+ /* check that match is a string */
+ if (!json_is_string(jfmatch)) {
+ tr_debug("tr_cfg_parse_one_filter: Error parsing filter: match not a string for filter spec %d, filter line %d.", i, j);
*rc=TR_CFG_NOPARSE;
goto cleanup;
}
}
/* fill in the matches */
- for (k=0; k<json_array_size(jfmatches); k++) {
- if (NULL==(jfmatch=json_array_get(jfmatches, k))) {
- tr_debug("tr_cfg_parse_one_filter: Error parsing filter: unable to load match %d for filter spec %d, filter line %d.", k, i, j);
- *rc=TR_CFG_NOPARSE;
- goto cleanup;
- }
- if (NULL==(name=tr_new_name(json_string_value(jfmatch)))) {
- tr_debug("tr_cfg_parse_one_filter: Out of memory.");
- *rc=TR_CFG_NOMEM;
- goto cleanup;
- }
- if (0!=tr_fspec_add_match(filt->lines[i]->specs[j], name)) {
- tr_debug("tr_cfg_parse_one_filter: Could not add match %d to filter spec %d, filter line %d.", k, i, j);
- tr_free_name(name);
- *rc=TR_CFG_ERROR;
- goto cleanup;
- }
+ if (NULL==(name=tr_new_name(json_string_value(jfmatch)))) {
+ tr_debug("tr_cfg_parse_one_filter: Out of memory.");
+ *rc=TR_CFG_NOMEM;
+ goto cleanup;
}
-
+ tr_fspec_set_match(filt->lines[i]->specs[j], name);
}
}
*rc=TR_CFG_SUCCESS;
TR_CONSTRAINT *cons=NULL;
TR_NAME *name=NULL;
TR_NAME *n_prefix=tr_new_name("*.");
- TR_NAME *n_rp_realm=tr_new_name("rp_realm");
+ TR_NAME *n_rp_realm_1=tr_new_name("rp_realm");
+ TR_NAME *n_rp_realm_2=tr_new_name("rp_realm");
TR_NAME *n_domain=tr_new_name("domain");
TR_NAME *n_realm=tr_new_name("realm");
goto cleanup;
}
- if ((n_prefix==NULL) || (n_rp_realm==NULL) || (n_domain==NULL) || (n_realm==NULL)) {
+ if ((n_prefix==NULL) ||
+ (n_rp_realm_1==NULL) ||
+ (n_rp_realm_2==NULL) ||
+ (n_domain==NULL) ||
+ (n_realm==NULL)) {
tr_debug("tr_cfg_default_filter: unable to allocate names.");
*rc=TR_CFG_NOMEM;
goto cleanup;
filt->lines[0]->action=TR_FILTER_ACTION_ACCEPT;
filt->lines[0]->specs[0]=tr_fspec_new(filt->lines[0]);
- filt->lines[0]->specs[0]->field=n_rp_realm;
- n_rp_realm=NULL; /* we don't own this name any more */
+ filt->lines[0]->specs[0]->field=n_rp_realm_1;
+ n_rp_realm_1=NULL; /* we don't own this name any more */
name=tr_dup_name(realm);
if (name==NULL) {
*rc=TR_CFG_NOMEM;
goto cleanup;
}
- if (0!=tr_fspec_add_match(filt->lines[0]->specs[0], name)) {
- tr_debug("tr_cfg_default_filter: could not add realm name to filter spec.");
- *rc=TR_CFG_NOMEM;
- goto cleanup;
- }
+ tr_fspec_set_match(filt->lines[0]->specs[0], name);
name=NULL; /* we no longer own the name */
+ /* now do the wildcard name */
+ filt->lines[0]->specs[1]=tr_fspec_new(filt->lines[0]);
+ filt->lines[0]->specs[1]->field=n_rp_realm_2;
+ n_rp_realm_2=NULL; /* we don't own this name any more */
+
if (NULL==(name=tr_name_cat(n_prefix, realm))) {
tr_debug("tr_cfg_default_filter: could not allocate wildcard realm name.");
*rc=TR_CFG_NOMEM;
goto cleanup;
}
- if (0!=tr_fspec_add_match(filt->lines[0]->specs[0], name)) {
- tr_debug("tr_cfg_default_filter: could not add wildcard realm name to filter spec.");
- *rc=TR_CFG_NOMEM;
- goto cleanup;
- }
+ tr_fspec_set_match(filt->lines[0]->specs[1], name);
name=NULL; /* we no longer own the name */
/* domain constraint */
if (n_prefix!=NULL)
tr_free_name(n_prefix);
- if (n_rp_realm!=NULL)
- tr_free_name(n_rp_realm);
+ if (n_rp_realm_1!=NULL)
+ tr_free_name(n_rp_realm_1);
+ if (n_rp_realm_2!=NULL)
+ tr_free_name(n_rp_realm_2);
if (n_realm!=NULL)
tr_free_name(n_realm);
if (n_domain!=NULL)
static int tr_fspec_destructor(void *obj)
{
TR_FSPEC *fspec=talloc_get_type_abort(obj, TR_FSPEC);
- int ii=0;
if (fspec->field!=NULL)
tr_free_name(fspec->field);
- for (ii=0; ii<TR_MAX_FILTER_MATCHES; ii++) {
- if (fspec->match[ii]!=NULL)
- tr_free_name(fspec->match[ii]);
- }
+ if (fspec->match!=NULL)
+ tr_free_name(fspec->match);
return 0;
}
TR_FSPEC *tr_fspec_new(TALLOC_CTX *mem_ctx)
{
TR_FSPEC *fspec=talloc(mem_ctx, TR_FSPEC);
- int ii=0;
if (fspec!=NULL) {
fspec->field=NULL;
- for (ii=0; ii<TR_MAX_FILTER_MATCHES; ii++)
- fspec->match[ii]=NULL;
+ fspec->match=NULL;
talloc_set_destructor((void *)fspec, tr_fspec_destructor);
}
return fspec;
}
-/* returns 0 on success */
-int tr_fspec_add_match(TR_FSPEC *fspec, TR_NAME *match)
+void tr_fspec_set_match(TR_FSPEC *fspec, TR_NAME *match)
{
- int ii=0;
-
- for (ii=0; ii<TR_MAX_FILTER_MATCHES; ii++) {
- if (fspec->match[ii]==NULL)
- break;
- }
- if (ii<TR_MAX_FILTER_MATCHES) {
- fspec->match[ii]=match;
- return 0;
- } else
- return -1; /* no space left */
+ if (fspec->match!=NULL)
+ tr_free_name(fspec->match);
+ fspec->match=match;
}
/* returns 1 if the spec matches */
int tr_fspec_matches(TR_FSPEC *fspec, TR_NAME *name)
{
- int ii=0;
-
- for (ii=0; ii<TR_MAX_FILTER_MATCHES; ii++) {
- if ((fspec->match[ii]!=NULL) &&
- (0!=tr_prefix_wildcard_match(name->buf, fspec->match[ii]->buf)))
- return 1;
- }
- return 0;
+ return ((fspec->match!=NULL) &&
+ (0!=tr_prefix_wildcard_match(name->buf, fspec->match->buf)));
}
void tr_fline_free(TR_FLINE *fline)
projects / trust_router.git / commitdiff