confpars.c

DHCP服务器源码

	if (!peer -> me.port)
		parse_warn (cfile, "local port may not be omitted");
	if (!peer -> partner.port)
		parse_warn (cfile, "peer port may not be omitted");

	if (peer -> i_am == primary) {
	    if (!peer -> hba) {
		parse_warn (cfile,
			    "primary failover server must have hba or split.");
	    } else if (!peer -> mclt) {
		parse_warn (cfile,
			    "primary failover server must have mclt.");
	    }
	}
	if (!peer -> me.max_flying_updates) {
		peer -> me.max_flying_updates = 100;
	}
	if (!peer -> me.max_response_delay) {
		peer -> me.max_response_delay = 60;
	}

	if (type == SHARED_NET_DECL) {
		group -> shared_network -> failover_peer = peer;
	}

	/* Set the initial state. */
	if (peer -> i_am == primary) {
		peer -> me.state = recover;
		peer -> me.stos = cur_time;
		peer -> partner.state = unknown_state;
		peer -> partner.stos = cur_time;
	} else {
		peer -> me.state = recover;
		peer -> me.stos = cur_time;
		peer -> partner.state = unknown_state;
		peer -> partner.stos = cur_time;
	}

	status = enter_failover_peer (peer);
	if (status != ISC_R_SUCCESS)
		parse_warn (cfile, "failover peer %s: %s",
			    peer -> name, isc_result_totext (status));
	dhcp_failover_state_dereference (&peer, MDL);
}

void parse_failover_state_declaration (struct parse *cfile,
				       dhcp_failover_state_t *peer)
{
	enum dhcp_token token;
	const char *val;
	char *name;
	dhcp_failover_state_t *state;
	dhcp_failover_config_t *cp;

	if (!peer) {
		token = next_token (&val, (unsigned *)0, cfile);
		if (token != PEER) {
			parse_warn (cfile, "expecting \"peer\"");
			skip_to_semi (cfile);
			return;
		}

		token = next_token (&val, (unsigned *)0, cfile);
		if (is_identifier (token) || token == STRING) {
			name = dmalloc (strlen (val) + 1, MDL);
			if (!name)
				log_fatal ("failover peer name %s: no memory",
					   name);
			strcpy (name, val);
		} else {
			parse_warn (cfile, "expecting failover peer name.");
			skip_to_semi (cfile);
			return;
		}

		/* See if there's a peer declaration by this name. */
		state = (dhcp_failover_state_t *)0;
		find_failover_peer (&state, name, MDL);
		if (!state) {
			parse_warn (cfile, "unknown failover peer: %s", name);
			skip_to_semi (cfile);
			return;
		}

		token = next_token (&val, (unsigned *)0, cfile);
		if (token != STATE) {
			parse_warn (cfile, "expecting 'state'");
			if (token != SEMI)
				skip_to_semi (cfile);
			return;
		}
	} else {
		state = (dhcp_failover_state_t *)0;
		dhcp_failover_state_reference (&state, peer, MDL);
	}
	token = next_token (&val, (unsigned *)0, cfile);
	if (token != LBRACE) {
		parse_warn (cfile, "expecting left brace");
		if (token != SEMI)
			skip_to_semi (cfile);
		dhcp_failover_state_dereference (&state, MDL);
		return;
	}
	do {
		token = next_token (&val, (unsigned *)0, cfile);
		switch (token) {
		      case RBRACE:
			break;
		      case MY:
			cp = &state -> me;
		      do_state:
			token = next_token (&val, (unsigned *)0, cfile);
			if (token != STATE) {
				parse_warn (cfile, "expecting 'state'");
				goto bogus;
			}
			parse_failover_state (cfile,
					      &cp -> state, &cp -> stos);
			break;

		      case PARTNER:
			cp = &state -> partner;
			goto do_state;

		      case MCLT:
			if (state -> i_am == primary) {
				parse_warn (cfile,
					    "mclt not valid for primary");
				goto bogus;
			}
			token = next_token (&val, (unsigned *)0, cfile);
			if (token != NUMBER) {
				parse_warn (cfile, "expecting a number.");
				goto bogus;
			}
			state -> mclt = atoi (val);
			parse_semi (cfile);
			break;
			
		      default:
			parse_warn (cfile, "expecting state setting.");
		      bogus:
			skip_to_rbrace (cfile, 1);	
			dhcp_failover_state_dereference (&state, MDL);
			return;
		}
	} while (token != RBRACE);
	dhcp_failover_state_dereference (&state, MDL);
}

void parse_failover_state (cfile, state, stos)
	struct parse *cfile;
	enum failover_state *state;
	TIME *stos;
{
	enum dhcp_token token;
	const char *val;
	enum failover_state state_in;
	TIME stos_in;

	token = next_token (&val, (unsigned *)0, cfile);
	switch (token) {
	      case UNKNOWN_STATE:
		state_in = unknown_state;
		break;

	      case PARTNER_DOWN:
		state_in = partner_down;
		break;

	      case NORMAL:
		state_in = normal;
		break;

	      case COMMUNICATIONS_INTERRUPTED:
		state_in = communications_interrupted;
		break;

	      case RESOLUTION_INTERRUPTED:
		state_in = resolution_interrupted;
		break;

	      case POTENTIAL_CONFLICT:
		state_in = potential_conflict;
		break;

	      case RECOVER:
		state_in = recover;
		break;
		
	      case RECOVER_WAIT:
		state_in = recover_wait;
		break;
		
	      case RECOVER_DONE:
		state_in = recover_done;
		break;
		
	      case SHUTDOWN:
		state_in = shut_down;
		break;
		
	      case PAUSED:
		state_in = paused;
		break;
		
	      case STARTUP:
		state_in = startup;
		break;

	      default:
		parse_warn (cfile, "unknown failover state");
		skip_to_semi (cfile);
		return;
	}

	token = next_token (&val, (unsigned *)0, cfile);
	if (token == SEMI) {
		stos_in = cur_time;
	} else {
		if (token != AT) {
			parse_warn (cfile, "expecting \"at\"");
			skip_to_semi (cfile);
			return;
		}
		
		stos_in = parse_date (cfile);
		if (!stos_in)
			return;
	}

	/* Now that we've apparently gotten a clean parse, we
	   can trust that this is a state that was fully committed to
	   disk, so we can install it. */
	*stos = stos_in;
	*state = state_in;
}
#endif /* defined (FAILOVER_PROTOCOL) */

/* Permit_list_match returns 1 if every element of the permit list in lhs
   also appears in rhs.   Note that this doesn't by itself mean that the
   two lists are equal - to check for equality, permit_list_match has to
   return 1 with (list1, list2) and with (list2, list1). */

int permit_list_match (struct permit *lhs, struct permit *rhs)
{
	struct permit *plp, *prp;
	int matched;

	if (!lhs)
		return 1;
	if (!rhs)
		return 0;
	for (plp = lhs; plp; plp = plp -> next) {
		matched = 0;
		for (prp = rhs; prp; prp = prp -> next) {
			if (prp -> type == plp -> type &&
			    (prp -> type != permit_class ||
			     prp -> class == plp -> class)) {
				matched = 1;
				break;
			}
		}
		if (!matched)
			return 0;
	}
	return 1;
}

void parse_pool_statement (cfile, group, type)
	struct parse *cfile;
	struct group *group;
	int type;
{
	enum dhcp_token token;
	const char *val;
	int done = 0;
	struct pool *pool, **p, *pp;
	struct permit *permit;
	struct permit **permit_head;
	int declaration = 0;
	isc_result_t status;
	struct lease *lpchain = (struct lease *)0, *lp;

	pool = (struct pool *)0;
	status = pool_allocate (&pool, MDL);
	if (status != ISC_R_SUCCESS)
		log_fatal ("no memory for pool: %s",
			   isc_result_totext (status));

	if (type == SUBNET_DECL)
		shared_network_reference (&pool -> shared_network,
					  group -> subnet -> shared_network,
					  MDL);
	else
		shared_network_reference (&pool -> shared_network,
					  group -> shared_network, MDL);

	if (!clone_group (&pool -> group, pool -> shared_network -> group, MDL))
		log_fatal ("can't clone pool group.");

#if defined (FAILOVER_PROTOCOL)
	/* Inherit the failover peer from the shared network. */
	if (pool -> shared_network -> failover_peer)
	    dhcp_failover_state_reference
		    (&pool -> failover_peer, 
		     pool -> shared_network -> failover_peer, MDL);
#endif

	if (!parse_lbrace (cfile)) {
		pool_dereference (&pool, MDL);
		return;
	}

	do {
		token = peek_token (&val, (unsigned *)0, cfile);
		switch (token) {
		      case NO:
			next_token (&val, (unsigned *)0, cfile);
			token = next_token (&val, (unsigned *)0, cfile);
			if (token != FAILOVER ||
			    (token = next_token (&val, (unsigned *)0,
						 cfile)) != PEER) {
				parse_warn (cfile,
					    "expecting \"failover peer\".");
				skip_to_semi (cfile);
				continue;
			}
#if defined (FAILOVER_PROTOCOL)
			if (pool -> failover_peer)
				dhcp_failover_state_dereference
					(&pool -> failover_peer, MDL);
#endif
			break;
				
#if defined (FAILOVER_PROTOCOL)
		      case FAILOVER:
			next_token (&val, (unsigned *)0, cfile);
			token = next_token (&val, (unsigned *)0, cfile);
			if (token != PEER) {
				parse_warn (cfile, "expecting 'peer'.");
				skip_to_semi (cfile);
				break;
			}
			token = next_token (&val, (unsigned *)0, cfile);
			if (token != STRING) {
				parse_warn (cfile, "expecting string.");
				skip_to_semi (cfile);
				break;
			}
			if (pool -> failover_peer)
				dhcp_failover_state_dereference
					(&pool -> failover_peer, MDL);
			status = find_failover_peer (&pool -> failover_peer,
						     val, MDL);
			if (status != ISC_R_SUCCESS)
				parse_warn (cfile,
					    "failover peer %s: %s", val,
					    isc_result_totext (status));
			else
				pool -> failover_peer -> pool_count++;
			parse_semi (cfile);
			break;
#endif

		      case RANGE:
			next_token (&val, (unsigned *)0, cfile);
			parse_address_range (cfile, group, type,
					     pool, &lpchain);
			break;
		      case ALLOW:
			permit_head = &pool -> permit_list;
		      get_permit:
			permit = new_permit (MDL);
			if (!permit)
				log_fatal ("no memory for permit");
			next_token (&val, (unsigned *)0, cfile);
			token = next_token (&val, (unsigned *)0, cfile);
			switch (token) {
			      case UNKNOWN:
				permit -> type = permit_unknown_clients;
			      get_clients:
				if (next_token (&val, (unsigned *)0,
						cfile) != CLIENTS) {
					parse_warn (cfile,
						    "expecting \"clients\"");
					skip_to_semi (cfile);
					free_permit (permit, MDL);
					continue;
				}
				break;
				
			      case UNKNOWN_CLIENTS:
				permit -> type = permit_unknown_clients;
				break;

			      case KNOWN:
				permit -> type = permit_known_clients;
				goto get_clients;
				
			      case AUTHENTICATED:
				permit -> type = permit_authenticated_clients;
				goto get_clients;
				
			      case UNAUTHENTICATED:
				permit -> type =
					permit_unauthenticated_clients;
				goto get_clients;

			      case ALL:
				permit -> type = permit_all_clients;
				goto get_clients;
				break;
				
			      case DYNAMIC:
				permit -> type = permit_dynamic_bootp_clients;
				if (next_token (&val, (unsigned *)0,
						cfile) != TOKEN_BOOTP) {
					parse_warn (cfile,
						    "expecting \"bootp\"");
					skip_to_semi (cfile);
					free_permit (permit, MDL);
					continue;
				}
				goto get_clients;
				
			      case MEMBERS:
				if (next_token (&val, (unsigned *)0,
						cfile) != OF) {
					parse_warn (cfile, "expecting \"of\"");
					skip_to_semi (cfile);
					free_permit (permit, MDL);
					continue;
				}
				if (next_token (&val, (unsigned *)0,
						cfile) != STRING) {
					parse_warn (cfile,
						    "expecting class name.");
					skip_to_semi (cfile);
					free_permit (permit, MDL);
					continue;
				}
				permit -> type = permit_class;
				permit -> class = (struct class *)0;
				find_class (&permit -> class, val, MDL);
				if (!permit -> class)
					parse_warn (cfile,
						    "no such class: %s", val);
				break;

			      default:
				parse_warn (cfile, "expecting permit type.");
				skip_to_semi (cfile);
				break;
			}
			while (*permit_head)
				permit_head = &((*permit_head) -> next);
			*permit_head = permit;
			parse_semi (cfile);
			break;

		      case DENY:
			permit_head = &pool -> prohibit_list;
			goto get_permit;
			
		      case RBRACE:
			next_token (&val, (unsigned *)0, cfile);
			done = 1;
			break;

		      default:
			declaration = parse_statement (cfile, pool -> group,
						       POOL_DECL,
						       (struct host_decl *)0,
						       declaration);
			break;
		}
	} while (!done);

#if defined (FAILOVER_PROTOCOL)
	/* We can't do failover on a pool that supports dynamic bootp,
	   because BOOTP doesn't support leases, and failover absolutely
	   depends on lease timing. */
	if (pool -> failover_peer) {
		for (permit = pool -> permit_list;
		     permit; permit = permit -> next) {
			if (permit -> type == permit_dynamic_bootp_clients ||
			    permit -> type == permit_all_clients) {
				  dynamic_bootp_clash: