From e5cc55570c2c986c71fc75bcde93620598db7be4 Mon Sep 17 00:00:00 2001 From: Laurent Bercot Date: Thu, 18 Jul 2024 20:55:16 +0000 Subject: Add accept directive to cache-config Signed-off-by: Laurent Bercot --- package/deps.mak | 1 + src/cache/access.c | 47 +++++++++++++++++++++++++++++++++++++++++++++++ src/cache/tcpconnection.c | 44 -------------------------------------------- src/config/lexparse.c | 30 +++++++++++++++++++++++++++++- 4 files changed, 77 insertions(+), 45 deletions(-) create mode 100644 src/cache/access.c diff --git a/package/deps.mak b/package/deps.mak index ac7f0c4..e008943 100644 --- a/package/deps.mak +++ b/package/deps.mak @@ -8,6 +8,7 @@ src/include/shibari/packet.h: src/include/shibari/tdb.h src/include/shibari/server.h: src/include/shibari/log.h src/include/shibari/packet.h src/include/shibari/tdb.h src/include/shibari/shibari.h: src/include/shibari/cache.h src/include/shibari/client.h src/include/shibari/common.h src/include/shibari/server.h src/libdcache/dcache-internal.h: src/include/shibari/dcache.h +src/cache/access.o src/cache/access.lo: src/cache/access.c src/cache/shibari-cache-internal.h src/cache/cache.o src/cache/cache.lo: src/cache/cache.c src/cache/shibari-cache-internal.h src/include/shibari/dcache.h src/cache/conf.o src/cache/conf.lo: src/cache/conf.c src/cache/shibari-cache-internal.h src/cache/shibari-cache.o src/cache/shibari-cache.lo: src/cache/shibari-cache.c src/cache/shibari-cache-internal.h src/include/shibari/cache.h src/include/shibari/common.h src/include/shibari/config.h diff --git a/src/cache/access.c b/src/cache/access.c new file mode 100644 index 0000000..8f87125 --- /dev/null +++ b/src/cache/access.c @@ -0,0 +1,47 @@ +/* ISC license. */ + +#include + +#include + +#include "shibari-cache-internal.h" + +static inline int check (char const *key, size_t keylen) +{ + cdb_data data ; + return cdb_find(&confdb, &data, key, keylen) ; +} + +int ip4_access (char const *ip) +{ + int r ; + char key[9] = "A4:" ; + uint8_t i = 33 ; + memcpy(key+4, ip, 4) ; + key[8] = 0 ; + while (i--) + { + key[3] = i ; + key[4 + (i>>3)] &= ~(1U << (7 - (i & 7))) ; + r = check(key, 8) ; + if (r) return r ; + } + return 0 ; +} + +int ip6_access (char const *ip) +{ + int r ; + char key[21] = "A6:" ; + uint8_t i = 129 ; + memcpy(key+4, ip, 16) ; + key[20] = 0 ; + while (i--) + { + key[3] = i ; + key[4 + (i>>3)] &= ~(1U << (7 - (i & 7))) ; + r = check(key, 20) ; + if (r) return r ; + } + return 0 ; +} diff --git a/src/cache/tcpconnection.c b/src/cache/tcpconnection.c index 7c7f714..bd72fb4 100644 --- a/src/cache/tcpconnection.c +++ b/src/cache/tcpconnection.c @@ -1,49 +1,5 @@ /* ISC license. */ -#include - -#include - #include "shibari-cache-internal.h" genset *tcpconn = 0 ; - -static inline int check (char const *key, size_t keylen) -{ - cdb_data data ; - return cdb_find(&confdb, &data, key, keylen) ; -} - -int tcp4_access (char const *ip) -{ - int r ; - char key[9] = "A4:" ; - uint8_t i = 33 ; - memcpy(key+4, ip, 4) ; - key[8] = 0 ; - while (i--) - { - key[3] = i ; - key[4 + (i>>3)] &= ~(1U << (7 - (i & 7))) ; - r = check(key, 8) ; - if (r) return r ; - } - return 0 ; -} - -int tcp6_access (char const *ip) -{ - int r ; - char key[21] = "A6:" ; - uint8_t i = 129 ; - memcpy(key+4, ip, 16) ; - key[20] = 0 ; - while (i--) - { - key[3] = i ; - key[4 + (i>>3)] &= ~(1U << (7 - (i & 7))) ; - r = check(key, 20) ; - if (r) return r ; - } - return 0 ; -} diff --git a/src/config/lexparse.c b/src/config/lexparse.c index fbf1431..9fa3416 100644 --- a/src/config/lexparse.c +++ b/src/config/lexparse.c @@ -5,7 +5,9 @@ #include #include +#include #include +#include #include #include #include @@ -52,7 +54,10 @@ static void conftree_checkunique (char const *key, mdt const *md) { char fmt[UINT32_FMT] ; fmt[uint32_fmt(fmt, node->line)] = 0 ; - strerr_diefn(1, 12, "duplicate ", "key ", key, " in file ", g.storage.s + md->filepos, " line ", md->linefmt, ", previously defined", " in file ", g.storage.s + node->filepos, " line ", fmt) ; + if (key[0] == 'A') + strerr_diefn(1, 11, "duplicate ", "key in file ", g.storage.s + md->filepos, " line ", md->linefmt, ", previously defined", " in file ", g.storage.s + node->filepos, " line ", fmt) ; + else + strerr_diefn(1, 12, "duplicate ", "key ", key, " in file ", g.storage.s + md->filepos, " line ", md->linefmt, ", previously defined", " in file ", g.storage.s + node->filepos, " line ", fmt) ; } } @@ -124,6 +129,29 @@ static inline void parse_listen (char const *s, size_t const *word, size_t n, md static inline void parse_accept (char const *s, size_t const *word, size_t n, mdt const *md) { + char key[21] = "A?:" ; + if (!n) + strerr_dief6x(1, "too few arguments to directive ", "accept", " in file ", g.storage.s + md->filepos, " line ", md->linefmt) ; + for (size_t i = 0 ; i < n ; i++) + { + uint16_t mask ; + uint8_t ipz = 16 ; + size_t n = ip6_scan(s + word[i], key + 4) ; + if (!n) + { + ipz = 4 ; + n = ip4_scan(s + word[i], key + 4) ; + if (!n) goto err ; + } + if (s[word[i] + n] != '/' && s[word[i] + n] != '_') goto err ; + if (!uint160_scan(s + word[i] + n + 1, &mask) || mask > (ipz << 3)) goto err ; + key[1] = ipz == 16 ? '6' : '4' ; + key[3] = (uint8_t)mask ; + if (ipz == 16) ip6_netmask(key + 4, mask) ; else ip4_netmask(key + 4, mask) ; + add_unique(key, "", 0, md) ; + } + err: + strerr_dief6x(1, "arguments to directive ", "accept", " must be IP/mask in file ", g.storage.s + md->filepos, " line ", md->linefmt) ; } static inline void parse_server (char const *s, size_t const *word, size_t n, mdt const *md, int forward) -- cgit 1.4.1