diff options
author | Sergey Poznyakoff <gray@gnu.org> | 2016-03-05 15:14:24 +0200 |
---|---|---|
committer | Sergey Poznyakoff <gray@gnu.org> | 2016-03-05 15:22:55 +0200 |
commit | ad5bd6e401657b9cb0fed04d15cdc6feeef91e15 (patch) | |
tree | 59838ad72680ba73145708c7a30a765ec2afdba0 /src | |
parent | e558ab9db422cfd2bd59a07b72119b67a7598896 (diff) | |
download | pies-ad5bd6e401657b9cb0fed04d15cdc6feeef91e15.tar.gz pies-ad5bd6e401657b9cb0fed04d15cdc6feeef91e15.tar.bz2 |
ACL reference statements.
All ACL keywords can be used in simple statement as well as in block form.
As simple statements, they take a name of an already defined named ACL. E.g.:
defacl forbid {
deny any;
}
component foo {
list-acl forbid;
}
This commit also fixes some eventual double-frees.
* doc/pies.texi: Update.
* src/acl.c (pies_acl)<refcnt>: New member.
(pies_acl_use): New function.
(pies_acl_create): Initialize refcnt.
(pies_acl_destroy): New function.
(pies_acl_free): Rewrite as a wrapper over pies_acl_destroy.
(_parse_sub_acl): Call pies_acl_use when installing a named ACL.
(_acl_common_section_parser): Handle grecs_callback_set_value.
* src/acl.h (pies_acl_destroy)
(pies_acl_use): New function.
* src/comp.c (component_free): Free acl.
Diffstat (limited to 'src')
-rw-r--r-- | src/acl.c | 41 | ||||
-rw-r--r-- | src/acl.h | 2 | ||||
-rw-r--r-- | src/comp.c | 1 |
3 files changed, 42 insertions, 2 deletions
@@ -54,6 +54,7 @@ struct acl_entry struct pies_acl { char *name; + size_t refcnt; grecs_locus_t locus; struct grecs_list *list; }; @@ -108,27 +109,46 @@ acl_free_entry (void *p) free (ent); } +void +pies_acl_use (pies_acl_t acl) +{ + ++acl->refcnt; +} + pies_acl_t pies_acl_create (const char *name, grecs_locus_t *locus) { pies_acl_t acl = grecs_malloc (sizeof (acl[0])); acl->name = name ? grecs_strdup (name) : NULL; + acl->refcnt = 0; grecs_locus_copy (&acl->locus, locus); acl->list = grecs_list_create (); acl->list->free_entry = acl_free_entry; + pies_acl_use (acl); return acl; } void -pies_acl_free (pies_acl_t acl) +pies_acl_destroy (pies_acl_t *pacl) { - if (acl) + if (pacl && *pacl && (*pacl)->refcnt) + { + pies_acl_t acl = *pacl; + if (--acl->refcnt == 0) { free (acl->name); grecs_locus_free (&acl->locus); grecs_list_free (acl->list); free (acl); + *pacl = NULL; + } + } } + +void +pies_acl_free (pies_acl_t acl) +{ + pies_acl_destroy (&acl); } static struct pies_sockaddr * @@ -358,6 +378,8 @@ _parse_sub_acl (struct acl_entry *entry, size_t argc, grecs_value_t **argv) argv[0]->v.string); return 1; } + pies_acl_use (entry->acl); + argc--; argv++; } @@ -548,6 +570,21 @@ _acl_common_section_parser (enum grecs_callback_command cmd, break; case grecs_callback_set_value: + if (assert_grecs_value_type (&value->locus, value, GRECS_TYPE_STRING)) + return 0; + acl = pies_acl_lookup (value->v.string); + if (!acl) + { + grecs_error (&value->locus, 0, _("ACL not defined: %s"), + value->v.string); + return 0; + } + pies_acl_use (acl); + if (pacl) + { + pies_acl_free (*pacl); + *pacl = acl; + } break; } return 0; @@ -25,7 +25,9 @@ struct acl_input }; pies_acl_t pies_acl_create (const char *name, grecs_locus_t *locus); +void pies_acl_destroy (pies_acl_t *pacl); void pies_acl_free (pies_acl_t acl); +void pies_acl_use (pies_acl_t acl); int pies_acl_cmp (struct pies_acl *a, struct pies_acl *b); int pies_acl_check (pies_acl_t acl, struct acl_input *input, int result); int parse_acl_line (grecs_locus_t *locus, int allow, pies_acl_t acl, @@ -184,6 +184,7 @@ component_free (struct component *comp) free_redirector (&comp->redir[0]); free_redirector (&comp->redir[1]); grecs_list_free (comp->act_list); + pies_acl_free (comp->acl); pies_acl_free (comp->list_acl); pies_acl_free (comp->adm_acl); free (comp); |