return cons;
}
-static TR_FILTER *tr_cfg_parse_one_filter(TALLOC_CTX *mem_ctx, json_t *jfilt, TR_FILTER_TYPE ftype, TR_CFG_RC *rc)
+TR_FILTER_TYPE filter_type[]={TR_FILTER_TYPE_TID_INBOUND,
+ TR_FILTER_TYPE_TRP_INBOUND,
+ TR_FILTER_TYPE_TRP_OUTBOUND};
+const char *filter_label[]={"tid_inbound",
+ "trp_inbound",
+ "trp_outbound"};
+size_t num_filter_types=sizeof(filter_type)/sizeof(filter_type[0]);
+
+static const char *filter_type_to_string(TR_FILTER_TYPE ftype)
{
- TALLOC_CTX *tmp_ctx=talloc_new(NULL);
- TR_FILTER *filt=NULL;
- json_t *jfaction=NULL;
- json_t *jfspecs=NULL;
- json_t *jffield=NULL;
- json_t *jfmatch=NULL;
- json_t *jrc=NULL;
- json_t *jdc=NULL;
- TR_NAME *name=NULL;
- int i=0, j=0;
+ size_t ii=0;
- *rc=TR_CFG_ERROR;
+ for (ii=0; ii<num_filter_types; ii++) {
+ if (ftype==filter_type[ii])
+ return filter_label[ii];
+ }
+ return "unknown";
+}
+
+static TR_FILTER_TYPE filter_type_from_string(const char *s)
+{
+ size_t ii=0;
+
+ for(ii=0; ii<num_filter_types; ii++) {
+ if (0==strcmp(s, filter_label[ii]))
+ return filter_type[ii];
+ }
+ return TR_FILTER_TYPE_UNKNOWN;
+}
- if ((jfilt==NULL) || (rc==NULL)) {
+static TR_FILTER *tr_cfg_parse_one_filter(TALLOC_CTX *mem_ctx, json_t *jfilt, TR_FILTER_TYPE ftype, TR_CFG_RC *rc)
+{
+ TALLOC_CTX *tmp_ctx = talloc_new(NULL);
+ TR_FILTER *filt = NULL;
+ json_t *jfaction = NULL;
+ json_t *jfspecs = NULL;
+ json_t *this_jfspec = NULL;
+ json_t *jfield = NULL;
+ json_t *jmatch = NULL;
+ json_t *jrc = NULL;
+ json_t *jdc = NULL;
+ json_t *this_jmatch = NULL;
+ TR_NAME *name = NULL;
+ size_t i = 0, j = 0, k = 0;
+
+ *rc = TR_CFG_ERROR;
+
+ if ((jfilt == NULL) || (rc == NULL)) {
tr_err("tr_cfg_parse_one_filter: null argument");
- *rc=TR_CFG_BAD_PARAMS;
+ *rc = TR_CFG_BAD_PARAMS;
goto cleanup;
}
-
- if (NULL==(filt=tr_filter_new(tmp_ctx))) {
+
+ if (NULL == (filt = tr_filter_new(tmp_ctx))) {
tr_err("tr_cfg_parse_one_filter: Out of memory.");
- *rc=TR_CFG_NOMEM;
+ *rc = TR_CFG_NOMEM;
goto cleanup;
}
tr_filter_set_type(filt, ftype);
/* make sure we have space to represent the filter */
if (json_array_size(jfilt) > TR_MAX_FILTER_LINES) {
tr_err("tr_cfg_parse_one_filter: Filter has too many lines, maximum of %d.", TR_MAX_FILTER_LINES);
- *rc=TR_CFG_NOPARSE;
+ *rc = TR_CFG_NOPARSE;
goto cleanup;
}
/* For each entry in the filter... */
- for (i=0; i < json_array_size(jfilt); i++) {
- if ((NULL==(jfaction=json_object_get(json_array_get(jfilt, i), "action"))) ||
+ for (i = 0; i < json_array_size(jfilt); i++) {
+ if ((NULL == (jfaction = json_object_get(json_array_get(jfilt, i), "action"))) ||
(!json_is_string(jfaction))) {
tr_debug("tr_cfg_parse_one_filter: Error parsing filter action.");
- *rc=TR_CFG_NOPARSE;
+ *rc = TR_CFG_NOPARSE;
goto cleanup;
}
-
- if ((NULL==(jfspecs=json_object_get(json_array_get(jfilt, i), "specs"))) ||
+
+ if ((NULL == (jfspecs = json_object_get(json_array_get(jfilt, i), "specs"))) ||
(!json_is_array(jfspecs)) ||
- (0==json_array_size(jfspecs))) {
+ (0 == json_array_size(jfspecs))) {
tr_debug("tr_cfg_parse_one_filter: Error parsing filter specs.");
- *rc=TR_CFG_NOPARSE;
+ *rc = TR_CFG_NOPARSE;
goto cleanup;
}
-
+
if (TR_MAX_FILTER_SPECS < json_array_size(jfspecs)) {
tr_debug("tr_cfg_parse_one_filter: Filter has too many specs, maximimum of %d.", TR_MAX_FILTER_SPECS);
- *rc=TR_CFG_NOPARSE;
+ *rc = TR_CFG_NOPARSE;
goto cleanup;
}
- if (NULL==(filt->lines[i]=tr_fline_new(filt))) {
- tr_debug("tr_cfg_parse_one_filter: Out of memory allocating filter line %d.", i+1);
- *rc=TR_CFG_NOMEM;
+ if (NULL == (filt->lines[i] = tr_fline_new(filt))) {
+ tr_debug("tr_cfg_parse_one_filter: Out of memory allocating filter line %d.", i + 1);
+ *rc = TR_CFG_NOMEM;
goto cleanup;
}
if (!strcmp(json_string_value(jfaction), "accept")) {
- filt->lines[i]->action=TR_FILTER_ACTION_ACCEPT;
- }
- else if (!strcmp(json_string_value(jfaction), "reject")) {
- filt->lines[i]->action=TR_FILTER_ACTION_REJECT;
- }
- else {
- tr_debug("tr_cfg_parse_one_filter: Error parsing filter action, unknown action' %s'.", json_string_value(jfaction));
- *rc=TR_CFG_NOPARSE;
+ filt->lines[i]->action = TR_FILTER_ACTION_ACCEPT;
+ } else if (!strcmp(json_string_value(jfaction), "reject")) {
+ filt->lines[i]->action = TR_FILTER_ACTION_REJECT;
+ } else {
+ tr_debug("tr_cfg_parse_one_filter: Error parsing filter action, unknown action' %s'.",
+ json_string_value(jfaction));
+ *rc = TR_CFG_NOPARSE;
goto cleanup;
}
- if (NULL!=(jrc=json_object_get(json_array_get(jfilt, i), "realm_constraints"))) {
+ if (NULL != (jrc = json_object_get(json_array_get(jfilt, i), "realm_constraints"))) {
if (!json_is_array(jrc)) {
tr_err("tr_cfg_parse_one_filter: cannot parse realm_constraints, not an array.");
- *rc=TR_CFG_NOPARSE;
+ *rc = TR_CFG_NOPARSE;
goto cleanup;
- } else if (json_array_size(jrc)>TR_MAX_CONST_MATCHES) {
+ } else if (json_array_size(jrc) > TR_MAX_CONST_MATCHES) {
tr_err("tr_cfg_parse_one_filter: realm_constraints has too many entries, maximum of %d.",
TR_MAX_CONST_MATCHES);
- *rc=TR_CFG_NOPARSE;
+ *rc = TR_CFG_NOPARSE;
goto cleanup;
- } else if (json_array_size(jrc)>0) {
+ } else if (json_array_size(jrc) > 0) {
/* ok we actually have entries to process */
- if (NULL==(filt->lines[i]->realm_cons=tr_cfg_parse_one_constraint(filt->lines[i], "realm", jrc, rc))) {
+ if (NULL == (filt->lines[i]->realm_cons = tr_cfg_parse_one_constraint(filt->lines[i], "realm", jrc, rc))) {
tr_debug("tr_cfg_parse_one_filter: Error parsing realm constraint");
- *rc=TR_CFG_NOPARSE;
+ *rc = TR_CFG_NOPARSE;
goto cleanup;
}
}
}
- if (NULL!=(jdc=json_object_get(json_array_get(jfilt, i), "domain_constraints"))) {
+ if (NULL != (jdc = json_object_get(json_array_get(jfilt, i), "domain_constraints"))) {
if (!json_is_array(jdc)) {
tr_err("tr_cfg_parse_one_filter: cannot parse domain_constraints, not an array.");
- *rc=TR_CFG_NOPARSE;
+ *rc = TR_CFG_NOPARSE;
goto cleanup;
- } else if (json_array_size(jdc)>TR_MAX_CONST_MATCHES) {
+ } else if (json_array_size(jdc) > TR_MAX_CONST_MATCHES) {
tr_err("tr_cfg_parse_one_filter: domain_constraints has too many entries, maximum of %d.",
TR_MAX_CONST_MATCHES);
- *rc=TR_CFG_NOPARSE;
+ *rc = TR_CFG_NOPARSE;
goto cleanup;
- } else if (json_array_size(jdc)>0) {
- if (NULL==(filt->lines[i]->domain_cons=tr_cfg_parse_one_constraint(filt->lines[i], "domain", jdc, rc))) {
+ } else if (json_array_size(jdc) > 0) {
+ if (NULL == (filt->lines[i]->domain_cons = tr_cfg_parse_one_constraint(filt->lines[i], "domain", jdc, rc))) {
tr_debug("tr_cfg_parse_one_filter: Error parsing domain constraint");
- *rc=TR_CFG_NOPARSE;
+ *rc = TR_CFG_NOPARSE;
goto cleanup;
}
}
}
/*For each filter spec within the filter line... */
- for (j=0; j <json_array_size(jfspecs); j++) {
- if ((NULL==(jffield=json_object_get(json_array_get(jfspecs, j), "field"))) ||
- (!json_is_string(jffield))) {
- tr_debug("tr_cfg_parse_one_filter: Error parsing filter: missing field for filer spec %d, filter line %d.", i, j);
- *rc=TR_CFG_NOPARSE;
+ json_array_foreach(jfspecs, j, this_jfspec) {
+ if ((NULL == (jfield = json_object_get(this_jfspec, "field"))) ||
+ (!json_is_string(jfield))) {
+ tr_debug("tr_cfg_parse_one_filter: Error parsing filter: missing field for filer spec %d, filter line %d.", i,
+ j);
+ *rc = TR_CFG_NOPARSE;
goto cleanup;
}
/* check that we have a match attribute */
- if (NULL==(jfmatch=json_object_get(json_array_get(jfspecs, j), "match"))) {
- tr_debug("tr_cfg_parse_one_filter: Error parsing filter: missing match for filer spec %d, filter line %d.", i, j);
- *rc=TR_CFG_NOPARSE;
+ if (NULL == (jmatch = json_object_get(this_jfspec, "match"))) {
+ tr_debug("tr_cfg_parse_one_filter: Error parsing filter: missing match for filer spec %d, filter line %d.", i,
+ j);
+ *rc = TR_CFG_NOPARSE;
goto cleanup;
}
- /* check that match is a string */
- if (!json_is_string(jfmatch)) {
- tr_debug("tr_cfg_parse_one_filter: Error parsing filter: match not a string for filter spec %d, filter line %d.", i, j);
- *rc=TR_CFG_NOPARSE;
+ /* check that match is a string or an array */
+ if ((!json_is_string(jmatch)) && (!json_is_array(jmatch))) {
+ tr_debug(
+ "tr_cfg_parse_one_filter: Error parsing filter: match not a string or array for filter spec %d, filter line %d.",
+ i, j);
+ *rc = TR_CFG_NOPARSE;
goto cleanup;
}
/* allocate the filter spec */
- if (NULL==(filt->lines[i]->specs[j]=tr_fspec_new(filt->lines[i]))) {
+ if (NULL == (filt->lines[i]->specs[j] = tr_fspec_new(filt->lines[i]))) {
tr_debug("tr_cfg_parse_one_filter: Out of memory.");
- *rc=TR_CFG_NOMEM;
+ *rc = TR_CFG_NOMEM;
goto cleanup;
}
/* fill in the field */
- if (NULL==(filt->lines[i]->specs[j]->field=tr_new_name(json_string_value(jffield)))) {
+ if (NULL == (filt->lines[i]->specs[j]->field = tr_new_name(json_string_value(jfield)))) {
tr_debug("tr_cfg_parse_one_filter: Out of memory.");
- *rc=TR_CFG_NOMEM;
+ *rc = TR_CFG_NOMEM;
goto cleanup;
}
/* fill in the matches */
- if (NULL==(name=tr_new_name(json_string_value(jfmatch)))) {
- tr_debug("tr_cfg_parse_one_filter: Out of memory.");
- *rc=TR_CFG_NOMEM;
+ if (json_is_string(jmatch)) {
+ if (NULL == (name = tr_new_name(json_string_value(jmatch)))) {
+ tr_debug("tr_cfg_parse_one_filter: Out of memory.");
+ *rc = TR_CFG_NOMEM;
+ goto cleanup;
+ }
+ tr_fspec_add_match(filt->lines[i]->specs[j], name);
+ } else {
+ /* jmatch is an array (we checked earlier) */
+ json_array_foreach(jmatch, k, this_jmatch) {
+ if (NULL == (name = tr_new_name(json_string_value(this_jmatch)))) {
+ tr_debug("tr_cfg_parse_one_filter: Out of memory.");
+ *rc = TR_CFG_NOMEM;
+ goto cleanup;
+ }
+ tr_fspec_add_match(filt->lines[i]->specs[j], name);
+ }
+ }
+ if (!tr_filter_validate_spec_field(ftype, filt->lines[i]->specs[j])){
+ tr_debug("tr_cfg_parse_one_filter: Invalid filter field \"%.*s\" for %s filter, spec %d, filter %d.",
+ filt->lines[i]->specs[j]->field->len,
+ filt->lines[i]->specs[j]->field->buf,
+ filter_type_to_string(filt->type),
+ i, j);
+ *rc = TR_CFG_ERROR;
goto cleanup;
}
- tr_fspec_set_match(filt->lines[i]->specs[j], name);
}
}
- *rc=TR_CFG_SUCCESS;
- talloc_steal(mem_ctx, filt);
-
+
+ /* check that the filter is valid */
+ if (!tr_filter_validate(filt)) {
+ *rc = TR_CFG_ERROR;
+ } else {
+ *rc = TR_CFG_SUCCESS;
+ talloc_steal(mem_ctx, filt);
+ }
+
cleanup:
talloc_free(tmp_ctx);
if (*rc!=TR_CFG_SUCCESS)
{
TALLOC_CTX *tmp_ctx=talloc_new(NULL);
json_t *jfilt;
+ const char *filt_label=NULL;
TR_FILTER *filt=NULL;
+ TR_FILTER_TYPE filt_type=TR_FILTER_TYPE_UNKNOWN;
*rc=TR_CFG_ERROR;
goto cleanup;
}
- jfilt=json_object_get(jfilts, "tid_inbound");
- if (jfilt!=NULL) {
- filt=tr_cfg_parse_one_filter(tmp_ctx, jfilt, TR_FILTER_TYPE_TID_INBOUND, rc);
- if (*rc!=TR_CFG_SUCCESS) {
- tr_debug("tr_cfg_parse_filters: Error parsing tid_inbound filter.");
- *rc=TR_CFG_NOPARSE;
+ json_object_foreach(jfilts, filt_label, jfilt) {
+ /* check that we got a filter */
+ if (jfilt == NULL) {
+ tr_debug("tr_cfg_parse_filters: Definition for %s filter is missing.", filt_label);
+ *rc = TR_CFG_NOPARSE;
+ goto cleanup;
+ }
+
+ /* check that we recognize the filter type */
+ filt_type=filter_type_from_string(filt_label);
+ if (filt_type==TR_FILTER_TYPE_UNKNOWN) {
+ tr_debug("tr_cfg_parse_filters: Unrecognized filter (%s) defined.", filt_label);
+ *rc = TR_CFG_NOPARSE;
+ goto cleanup;
+ }
+
+ /* finally, parse the filter */
+ tr_debug("tr_cfg_parse_filters: Found %s filter.", filt_label);
+ filt = tr_cfg_parse_one_filter(tmp_ctx, jfilt, filt_type, rc);
+ if (*rc != TR_CFG_SUCCESS) {
+ tr_debug("tr_cfg_parse_filters: Error parsing %s filter.", filt_label);
+ *rc = TR_CFG_NOPARSE;
goto cleanup;
}
- } else {
- tr_debug("tr_cfg_parse_filters: Unknown filter types in filter block.");
- *rc=TR_CFG_NOPARSE;
- goto cleanup;
}
-
+
*rc=TR_CFG_SUCCESS;
cleanup:
*rc=TR_CFG_NOMEM;
goto cleanup;
}
- tr_fspec_set_match(filt->lines[0]->specs[0], name);
+ tr_fspec_add_match(filt->lines[0]->specs[0], name);
name=NULL; /* we no longer own the name */
/* now do the wildcard name */
goto cleanup;
}
- tr_fspec_set_match(filt->lines[0]->specs[1], name);
+ tr_fspec_add_match(filt->lines[0]->specs[1], name);
name=NULL; /* we no longer own the name */
/* domain constraint */
static TR_CFG_RC tr_cfg_parse_local_orgs(TR_CFG *trc, json_t *jcfg)
{
json_t *jlocorgs=NULL;
- int ii=0;
+ size_t ii=0;
jlocorgs=json_object_get(jcfg, "local_organizations");
if (jlocorgs==NULL)
json_t *jhost=NULL;
json_t *jport=NULL;
json_t *jgss=NULL;
+ json_t *jfilt=NULL;
TRP_PEER *new_peer=NULL;
TR_GSS_NAMES *names=NULL;
+ TR_FILTER *filt=NULL;
TR_CFG_RC rc=TR_CFG_ERROR;
jhost=json_object_get(jporg, "hostname");
jport=json_object_get(jporg, "port");
jgss=json_object_get(jporg, "gss_names");
+ jfilt=json_object_get(jporg, "filters");
if ((jhost==NULL) || (!json_is_string(jhost))) {
tr_err("tr_cfg_parse_one_peer_org: hostname not specified or not a string.");
rc=TR_CFG_NOPARSE;
goto cleanup;
}
-
+
if ((jgss==NULL) || (!json_is_array(jgss))) {
tr_err("tr_cfg_parse_one_peer_org: gss_names not specified or not an array.");
rc=TR_CFG_NOPARSE;
goto cleanup;
}
+ if ((jfilt!=NULL) && (!json_is_array(jfilt))) {
+ tr_err("tr_cfg_parse_one_peer_org: filters is not an array.");
+ rc=TR_CFG_NOPARSE;
+ goto cleanup;
+ }
+
new_peer=trp_peer_new(tmp_ctx);
if (new_peer==NULL) {
tr_err("tr_cfg_parse_one_peer_org: could not allocate new peer.");
}
trp_peer_set_gss_names(new_peer, names);
+ if (jfilt) {
+ filt=tr_cfg_parse_filters(tmp_ctx, jfilt, &rc);
+ if (rc!=TR_CFG_SUCCESS) {
+ tr_err("tr_cfg_parse_one_peer_org: unable to parse filters.");
+ rc=TR_CFG_NOPARSE;
+ goto cleanup;
+ }
+ trp_peer_set_filter(new_peer, filt);
+ }
+
/* success! */
trp_ptable_add(trc->peers, new_peer);
rc=TR_CFG_SUCCESS;
json_error_t rc;
if (NULL==(jcfg=json_load_file(file_with_path,
- JSON_DISABLE_EOF_CHECK, &rc))) {
+ JSON_DISABLE_EOF_CHECK|JSON_REJECT_DUPLICATES, &rc))) {
tr_debug("tr_cfg_parse_one_config_file: Error parsing config file %s.",
file_with_path);
tr_cfg_log_json_error("tr_cfg_parse_one_config_file", &rc);
#include <trp_internal.h>
#include <tid_internal.h>
-const TR_FILTER_TYPE tr_filter_types[] = {
- TR_FILTER_TYPE_TID_INBOUND,
- TR_FILTER_TYPE_TRP_INBOUND,
- TR_FILTER_TYPE_TRP_OUTBOUND
-};
-const size_t tr_num_filter_types=sizeof(tr_filter_types)/sizeof(tr_filter_types[0]);
-static const char *tr_filter_type_strings[] = {
- "tid_inbound",
- "trp_inbound",
- "trp_outbound"
-};
-
-const char *tr_filter_type_to_string(TR_FILTER_TYPE t) {
- int ii;
- for (ii=0; ii<tr_num_filter_types;ii++) {
- if (t==tr_filter_types[ii])
- return tr_filter_type_strings[ii];
- }
- return NULL;
-}
-
-TR_FILTER_TYPE tr_filter_type_from_string(const char *s)
-{
- int ii;
- for (ii=0; ii<tr_num_filter_types; ii++) {
- if (strcasecmp(s, tr_filter_type_strings[ii])==0)
- return tr_filter_types[ii];
- }
- return TR_FILTER_TYPE_UNKNOWN;
-}
-
/* Function types for handling filter fields generally. All target values
* are represented as strings in a TR_NAME.
*/
static int tr_fspec_destructor(void *obj)
{
TR_FSPEC *fspec = talloc_get_type_abort(obj, TR_FSPEC);
+ size_t ii;
if (fspec->field != NULL)
tr_free_name(fspec->field);
- if (fspec->match != NULL)
- tr_free_name(fspec->match);
+ for (ii=0; ii<TR_MAX_FILTER_SPEC_MATCHES; ii++) {
+ if (fspec->match[ii] != NULL)
+ tr_free_name(fspec->match[ii]);
+ }
return 0;
}
TR_FSPEC *tr_fspec_new(TALLOC_CTX *mem_ctx)
{
TR_FSPEC *fspec = talloc(mem_ctx, TR_FSPEC);
+ size_t ii=0;
if (fspec != NULL) {
fspec->field = NULL;
- fspec->match = NULL;
- talloc_set_destructor((void *) fspec, tr_fspec_destructor);
+ for (ii=0; ii<TR_MAX_FILTER_SPEC_MATCHES; ii++)
+ fspec->match[ii] = NULL;
+
+ talloc_set_destructor((void *)fspec, tr_fspec_destructor);
}
return fspec;
}
-void tr_fspec_set_match(TR_FSPEC *fspec, TR_NAME *match)
+void tr_fspec_add_match(TR_FSPEC *fspec, TR_NAME *match)
{
- if (fspec->match != NULL)
- tr_free_name(fspec->match);
- fspec->match = match;
+ size_t ii;
+ for (ii=0; ii<TR_MAX_FILTER_SPEC_MATCHES; ii++) {
+ if (fspec->match[ii]==NULL) {
+ fspec->match[ii]=match;
+ break;
+ }
+ }
+ /* TODO: handle case that adding the match failed */
}
/* returns 1 if the spec matches */
{
struct tr_filter_field_entry *field=NULL;
TR_NAME *name=NULL;
+ size_t ii=0;
- if ((fspec==NULL) || (fspec->match==NULL))
+ if (fspec==NULL)
return 0;
/* Look up how to handle the requested field */
return 0;
name=field->get(target);
- return ((fspec->match != NULL) &&
- (0 != tr_name_prefix_wildcard_match(name, fspec->match)));
+ for (ii=0; ii<TR_MAX_FILTER_SPEC_MATCHES; ii++) {
+ if (fspec->match[ii]!=NULL) {
+ if (tr_name_prefix_wildcard_match(name, fspec->match[ii]))
+ return 1;
+ }
+ }
+ return 0;
}
void tr_fline_free(TR_FLINE *fline)
{
return filt->type;
}
+
+/**
+ * Check that a filter is valid, i.e., can be processed.
+ *
+ * @param filt Filter to verify
+ * @return 1 if the filter is valid, 0 otherwise
+ */
+int tr_filter_validate(TR_FILTER *filt)
+{
+ size_t ii=0, jj=0, kk=0;
+
+ if (!filt)
+ return 0;
+
+ /* check that we recognize the type */
+ switch(filt->type) {
+ case TR_FILTER_TYPE_TID_INBOUND:
+ case TR_FILTER_TYPE_TRP_INBOUND:
+ case TR_FILTER_TYPE_TRP_OUTBOUND:
+ break;
+
+ default:
+ return 0; /* if we get here, either TR_FILTER_TYPE_UNKNOWN or an invalid value was found */
+ }
+ for (ii=0; ii<TR_MAX_FILTER_LINES; ii++) {
+ if (filt->lines[ii]==NULL)
+ continue; /* an empty filter line is valid */
+
+ /* check that we recognize the action */
+ switch(filt->lines[ii]->action) {
+ case TR_FILTER_ACTION_ACCEPT:
+ case TR_FILTER_ACTION_REJECT:
+ break;
+
+ default:
+ /* if we get here, either TR_FILTER_ACTION_UNKNOWN or an invalid value was found */
+ return 0;
+ }
+
+ for (jj=0; jj<TR_MAX_FILTER_SPECS; jj++) {
+ if (filt->lines[ii]->specs[jj]==NULL)
+ continue; /* an empty filter spec is valid */
+
+ if (!tr_filter_validate_spec_field(filt->type, filt->lines[ii]->specs[jj]))
+ return 0;
+
+ /* check that at least one match is non-null */
+ for (kk=0; kk<TR_MAX_FILTER_SPEC_MATCHES; kk++) {
+ if (filt->lines[ii]->specs[jj]->match[kk]!=NULL)
+ break;
+ }
+ if (kk==TR_MAX_FILTER_SPEC_MATCHES)
+ return 0;
+ }
+ }
+
+ /* We ran the gauntlet. Success! */
+ return 1;
+}
+
+int tr_filter_validate_spec_field(TR_FILTER_TYPE ftype, TR_FSPEC *fspec)
+{
+ if ((fspec==NULL) || (tr_filter_field_entry(ftype, fspec->field)==NULL))
+ return 0; /* unknown field */
+
+ return 1;
+}
\ No newline at end of file
projects / trust_router.git / commitdiff