ACL reference statements.

All ACL keywords can be used in simple statement as well as in block form. As simple statements, they take a name of an already defined named ACL. E.g.: defacl forbid { deny any; } component foo { list-acl forbid; } This commit also fixes some eventual double-frees. * doc/pies.texi: Update. * src/acl.c (pies_acl)<refcnt>: New member. (pies_acl_use): New function. (pies_acl_create): Initialize refcnt. (pies_acl_destroy): New function. (pies_acl_free): Rewrite as a wrapper over pies_acl_destroy. (_parse_sub_acl): Call pies_acl_use when installing a named ACL. (_acl_common_section_parser): Handle grecs_callback_set_value. * src/acl.h (pies_acl_destroy) (pies_acl_use): New function. * src/comp.c (component_free): Free acl.
author: Sergey Poznyakoff <gray@gnu.org> 2016-03-05 15:14:24 +0200
committer: Sergey Poznyakoff <gray@gnu.org> 2016-03-05 15:22:55 +0200
commit: ad5bd6e401657b9cb0fed04d15cdc6feeef91e15 (patch)
tree: 59838ad72680ba73145708c7a30a765ec2afdba0 /src
parent: e558ab9db422cfd2bd59a07b72119b67a7598896 (diff)
download: pies-ad5bd6e401657b9cb0fed04d15cdc6feeef91e15.tar.gz
pies-ad5bd6e401657b9cb0fed04d15cdc6feeef91e15.tar.bz2
3 files changed, 46 insertions, 6 deletions
diff --git a/src/acl.c b/src/acl.c
index 7d7b110..877adf2 100644
--- a/src/acl.c
+++ b/src/acl.c
@@ -51,12 +51,13 @@ struct acl_entry
   struct grecs_list *sockaddrs;
 };
 
 struct pies_acl
 {
   char *name;
+  size_t refcnt;
   grecs_locus_t locus;
   struct grecs_list *list;
 };
    
 
 
@@ -105,35 +106,54 @@ acl_free_entry (void *p)
 	free (ent->names[i]);
       free (ent->names);
     }
   free (ent);
 }
 
+void
+pies_acl_use (pies_acl_t acl)
+{
+  ++acl->refcnt;
+}
+
 pies_acl_t
 pies_acl_create (const char *name, grecs_locus_t *locus)
 {
   pies_acl_t acl = grecs_malloc (sizeof (acl[0]));
   acl->name = name ? grecs_strdup (name) : NULL;
+  acl->refcnt = 0;
   grecs_locus_copy (&acl->locus, locus);
   acl->list = grecs_list_create ();
   acl->list->free_entry = acl_free_entry;
+  pies_acl_use (acl);
   return acl;
 }
 
 void
-pies_acl_free (pies_acl_t acl)
+pies_acl_destroy (pies_acl_t *pacl)
 {
-  if (acl)
+  if (pacl && *pacl && (*pacl)->refcnt)
     {
-      free (acl->name);
-      grecs_locus_free (&acl->locus);
-      grecs_list_free (acl->list);
-      free (acl);
+      pies_acl_t acl = *pacl;
+      if (--acl->refcnt == 0)
+	{
+	  free (acl->name);
+	  grecs_locus_free (&acl->locus);
+	  grecs_list_free (acl->list);
+	  free (acl);
+	  *pacl = NULL;
+	}
     }
 }
 
+void
+pies_acl_free (pies_acl_t acl)
+{
+  pies_acl_destroy (&acl);
+}
+
 static struct pies_sockaddr *
 create_acl_sockaddr (int family, int len)
 {
   struct pies_sockaddr *p = grecs_zalloc (sizeof (*p));
   p->salen = len;
   p->sa.sa_family = family;
@@ -355,12 +375,14 @@ _parse_sub_acl (struct acl_entry *entry, size_t argc, grecs_value_t **argv)
       if (!entry->acl)
 	{
 	  grecs_error (&entry->locus, 0, _("ACL not defined: %s"),
 		       argv[0]->v.string);
 	  return 1;
 	}
+      pies_acl_use (entry->acl);
+      
       argc--;
       argv++;
     }
   return _parse_from (entry, argc, argv);
 }
 
@@ -545,12 +567,27 @@ _acl_common_section_parser (enum grecs_callback_command cmd,
       acl = *pacl;
       if (acl->list)
 	acl->list->cmp = acl_entry_cmp;
       break;
       
     case grecs_callback_set_value:
+      if (assert_grecs_value_type (&value->locus, value, GRECS_TYPE_STRING))
+	return 0;
+      acl = pies_acl_lookup (value->v.string);
+      if (!acl)
+	{
+	  grecs_error (&value->locus, 0, _("ACL not defined: %s"),
+		       value->v.string);
+	  return 0;
+	}
+      pies_acl_use (acl);
+      if (pacl)
+	{
+	  pies_acl_free (*pacl);
+	  *pacl = acl;
+	}
       break;
     }
   return 0;
 }
 
 int
diff --git a/src/acl.h b/src/acl.h
index db65e10..8650f95 100644
--- a/src/acl.h
+++ b/src/acl.h
@@ -22,13 +22,15 @@ struct acl_input
   struct sockaddr *addr;
   socklen_t addrlen;
   pies_identity_t identity;
 };
 
 pies_acl_t pies_acl_create (const char *name, grecs_locus_t *locus);
+void pies_acl_destroy (pies_acl_t *pacl);
 void pies_acl_free (pies_acl_t acl);
+void pies_acl_use (pies_acl_t acl);
 int pies_acl_cmp (struct pies_acl *a, struct pies_acl *b);
 int pies_acl_check (pies_acl_t acl, struct acl_input *input, int result);
 int parse_acl_line (grecs_locus_t *locus, int allow, pies_acl_t acl,
 		    grecs_value_t *value);
 pies_acl_t pies_acl_lookup (const char *name);
 pies_acl_t pies_acl_install (pies_acl_t acl);
diff --git a/src/comp.c b/src/comp.c
index 851ce5b..18d1d74 100644
--- a/src/comp.c
+++ b/src/comp.c
@@ -181,12 +181,13 @@ component_free (struct component *comp)
   free (comp->access_denied_message);
   free (comp->max_instances_message);
   free (comp->max_ip_connections_message);
   free_redirector (&comp->redir[0]);
   free_redirector (&comp->redir[1]);
   grecs_list_free (comp->act_list);
+  pies_acl_free (comp->acl);
   pies_acl_free (comp->list_acl);
   pies_acl_free (comp->adm_acl);
   free (comp);
 }
 
 void
author	Sergey Poznyakoff <gray@gnu.org>	2016-03-05 15:14:24 +0200
committer	Sergey Poznyakoff <gray@gnu.org>	2016-03-05 15:22:55 +0200
commit	ad5bd6e401657b9cb0fed04d15cdc6feeef91e15 (patch)
tree	59838ad72680ba73145708c7a30a765ec2afdba0 /src
parent	e558ab9db422cfd2bd59a07b72119b67a7598896 (diff)
download	pies-ad5bd6e401657b9cb0fed04d15cdc6feeef91e15.tar.gz pies-ad5bd6e401657b9cb0fed04d15cdc6feeef91e15.tar.bz2