summaryrefslogtreecommitdiff
path: root/examples/aclck.c
diff options
context:
space:
mode:
Diffstat (limited to 'examples/aclck.c')
-rw-r--r--examples/aclck.c89
1 files changed, 19 insertions, 70 deletions
diff --git a/examples/aclck.c b/examples/aclck.c
index 57f5c0388..033c444b1 100644
--- a/examples/aclck.c
+++ b/examples/aclck.c
@@ -28,35 +28,9 @@
#include <stdlib.h>
#include <string.h>
-struct sockaddr *target_sa;
-int target_salen;
+struct mu_sockaddr *target_sa;
mu_acl_t acl;
-struct sockaddr *
-parse_address (int *psalen, char *str)
-{
- struct sockaddr_in in;
- struct sockaddr *sa;
-
- in.sin_family = AF_INET;
- if (inet_aton (str, &in.sin_addr) == 0)
- {
- mu_error ("Invalid IPv4: %s", str);
- exit (1);
- }
- in.sin_port = 0;
- *psalen = sizeof (in);
- sa = malloc (*psalen);
- if (!sa)
- {
- mu_error ("%s", mu_strerror (errno));
- exit (1);
- }
-
- memcpy (sa, &in, sizeof (in));
- return sa;
-}
-
void
read_rules (FILE *fp)
{
@@ -76,12 +50,9 @@ read_rules (FILE *fp)
ws.ws_comment = "#";
while (fgets (buf, sizeof buf, fp))
{
- unsigned long netmask;
- int salen;
- struct sockaddr *sa;
+ struct mu_cidr cidr;
mu_acl_action_t action;
void *data = NULL;
- char *p;
int len = strlen (buf);
if (len == 0)
@@ -109,47 +80,19 @@ read_rules (FILE *fp)
continue;
}
- p = strchr (ws.ws_wordv[1], '/');
- if (p)
+ if (strcmp (ws.ws_wordv[1], "any") == 0)
+ memset (&cidr, 0, sizeof (cidr));
+ else
{
- char *q;
- unsigned netlen;
-
- *p++ = 0;
- netlen = strtoul (p, &q, 10);
- if (*q == 0)
- {
- if (netlen == 0)
- netmask = 0;
- else
- {
- netmask = 0xfffffffful >> (32 - netlen);
- netmask <<= (32 - netlen);
- netmask = htonl (netmask);
- }
- }
- else if (*q == '.')
+ rc = mu_cidr_from_string (&cidr, ws.ws_wordv[1]);
+ if (rc)
{
- struct in_addr addr;
-
- if (inet_aton (p, &addr) == 0)
- {
- mu_error ("%d: invalid netmask", line);
- continue;
- }
- netmask = addr.s_addr;
- }
- else
- {
- mu_error ("%d: invalid netmask", line);
+ mu_error ("%d: invalid source CIDR: %s",
+ line, mu_strerror (rc));
continue;
}
}
- else
- netmask = 0xfffffffful;
-
- sa = parse_address (&salen, ws.ws_wordv[1]);
-
+
/* accept addr
deny addr
log addr [rest ...]
@@ -174,7 +117,7 @@ read_rules (FILE *fp)
data = strdup (ws.ws_wordv[2]);
}
- rc = mu_acl_append (acl, action, data, sa, salen, netmask);
+ rc = mu_acl_append (acl, action, data, &cidr);
if (rc)
mu_error ("%d: cannot append acl entry: %s", line,
mu_strerror (rc));
@@ -203,7 +146,12 @@ main (int argc, char **argv)
break;
case 'a':
- target_sa = parse_address (&target_salen, optarg);
+ rc = mu_sockaddr_from_node (&target_sa, optarg, NULL, NULL);
+ if (rc)
+ {
+ mu_error ("mu_sockaddr_from_node: %s", mu_strerror (rc));
+ exit (1);
+ }
break;
case 'f':
@@ -225,7 +173,8 @@ main (int argc, char **argv)
argc -= optind;
read_rules (file ? file : stdin);
- rc = mu_acl_check_sockaddr (acl, target_sa, target_salen, &result);
+ rc = mu_acl_check_sockaddr (acl, target_sa->addr, target_sa->addrlen,
+ &result);
if (rc)
{
mu_error ("mu_acl_check_sockaddr failed: %s", mu_strerror (rc));

Return to:

Send suggestions and report system problems to the System administrator.