From ad5bd6e401657b9cb0fed04d15cdc6feeef91e15 Mon Sep 17 00:00:00 2001 From: Sergey Poznyakoff Date: Sat, 5 Mar 2016 15:14:24 +0200 Subject: ACL reference statements. All ACL keywords can be used in simple statement as well as in block form. As simple statements, they take a name of an already defined named ACL. E.g.: defacl forbid { deny any; } component foo { list-acl forbid; } This commit also fixes some eventual double-frees. * doc/pies.texi: Update. * src/acl.c (pies_acl): New member. (pies_acl_use): New function. (pies_acl_create): Initialize refcnt. (pies_acl_destroy): New function. (pies_acl_free): Rewrite as a wrapper over pies_acl_destroy. (_parse_sub_acl): Call pies_acl_use when installing a named ACL. (_acl_common_section_parser): Handle grecs_callback_set_value. * src/acl.h (pies_acl_destroy) (pies_acl_use): New function. * src/comp.c (component_free): Free acl. --- src/acl.c | 49 +++++++++++++++++++++++++++++++++++++++++++------ src/acl.h | 2 ++ src/comp.c | 1 + 3 files changed, 46 insertions(+), 6 deletions(-) (limited to 'src') diff --git a/src/acl.c b/src/acl.c index 7d7b110..877adf2 100644 --- a/src/acl.c +++ b/src/acl.c @@ -54,6 +54,7 @@ struct acl_entry struct pies_acl { char *name; + size_t refcnt; grecs_locus_t locus; struct grecs_list *list; }; @@ -108,29 +109,48 @@ acl_free_entry (void *p) free (ent); } +void +pies_acl_use (pies_acl_t acl) +{ + ++acl->refcnt; +} + pies_acl_t pies_acl_create (const char *name, grecs_locus_t *locus) { pies_acl_t acl = grecs_malloc (sizeof (acl[0])); acl->name = name ? grecs_strdup (name) : NULL; + acl->refcnt = 0; grecs_locus_copy (&acl->locus, locus); acl->list = grecs_list_create (); acl->list->free_entry = acl_free_entry; + pies_acl_use (acl); return acl; } void -pies_acl_free (pies_acl_t acl) +pies_acl_destroy (pies_acl_t *pacl) { - if (acl) + if (pacl && *pacl && (*pacl)->refcnt) { - free (acl->name); - grecs_locus_free (&acl->locus); - grecs_list_free (acl->list); - free (acl); + pies_acl_t acl = *pacl; + if (--acl->refcnt == 0) + { + free (acl->name); + grecs_locus_free (&acl->locus); + grecs_list_free (acl->list); + free (acl); + *pacl = NULL; + } } } +void +pies_acl_free (pies_acl_t acl) +{ + pies_acl_destroy (&acl); +} + static struct pies_sockaddr * create_acl_sockaddr (int family, int len) { @@ -358,6 +378,8 @@ _parse_sub_acl (struct acl_entry *entry, size_t argc, grecs_value_t **argv) argv[0]->v.string); return 1; } + pies_acl_use (entry->acl); + argc--; argv++; } @@ -548,6 +570,21 @@ _acl_common_section_parser (enum grecs_callback_command cmd, break; case grecs_callback_set_value: + if (assert_grecs_value_type (&value->locus, value, GRECS_TYPE_STRING)) + return 0; + acl = pies_acl_lookup (value->v.string); + if (!acl) + { + grecs_error (&value->locus, 0, _("ACL not defined: %s"), + value->v.string); + return 0; + } + pies_acl_use (acl); + if (pacl) + { + pies_acl_free (*pacl); + *pacl = acl; + } break; } return 0; diff --git a/src/acl.h b/src/acl.h index db65e10..8650f95 100644 --- a/src/acl.h +++ b/src/acl.h @@ -25,7 +25,9 @@ struct acl_input }; pies_acl_t pies_acl_create (const char *name, grecs_locus_t *locus); +void pies_acl_destroy (pies_acl_t *pacl); void pies_acl_free (pies_acl_t acl); +void pies_acl_use (pies_acl_t acl); int pies_acl_cmp (struct pies_acl *a, struct pies_acl *b); int pies_acl_check (pies_acl_t acl, struct acl_input *input, int result); int parse_acl_line (grecs_locus_t *locus, int allow, pies_acl_t acl, diff --git a/src/comp.c b/src/comp.c index 851ce5b..18d1d74 100644 --- a/src/comp.c +++ b/src/comp.c @@ -184,6 +184,7 @@ component_free (struct component *comp) free_redirector (&comp->redir[0]); free_redirector (&comp->redir[1]); grecs_list_free (comp->act_list); + pies_acl_free (comp->acl); pies_acl_free (comp->list_acl); pies_acl_free (comp->adm_acl); free (comp); -- cgit v1.2.1