📄 acl.c
字号:
char *acl_rcs = "$Id: acl.c,v 1.8 1998/01/26 18:52:17 ACJC Exp $";/* Written and copyright 1997 Anonymous Coders and Junkbusters Corporation. * Distributed under the GNU General Public License; see the README file. * This code comes with NO WARRANTY. http://www.junkbusters.com/ht/en/gpl.html */#include <stdio.h>#include <sys/types.h>#include <sys/stat.h>#include <stdlib.h>#include <string.h>#include <ctype.h>#ifdef _WIN32#include "windows.h"#else#include <netinet/in.h>#endif#ifdef REGEX#include "gnu_regex.h"#endif#include "jcc.h"static struct file_list *current_aclfile;intblock_acl(struct access_control_addr *src, struct access_control_addr *dst, struct client_state *csp){ struct file_list *fl; struct access_control_list *a, *acl; struct access_control_addr s[1], d[1]; /* if not using an access control list, then permit the connection */ if(((fl = csp->alist) == NULL) || ((acl = fl->f) == NULL)) { return(0); } /* search the list */ for(a = acl->next ; a ; a = a->next) { *s = *src; *d = *dst; s->addr &= a->src->mask; d->addr &= a->dst->mask; if((s->addr == a->src->addr) && (d->addr == a->dst->addr) && ((s->port == a->src->port) || (s->port == 0) || (a->src->port == 0)) && ((d->port == a->dst->port) || (d->port == 0) || (a->dst->port == 0))) { if(a->action == ACL_PERMIT) { return(0); } else { return(1); } } } return(1);}voidunload_aclfile(struct access_control_list *b){ if(b == NULL) return; unload_aclfile(b->next); freez(b);}intacl_addr(char *aspec, struct access_control_addr *aca){ int i, masklength, port; char *p; masklength = 32; port = 0; if((p = strchr(aspec, '/'))) { *p++ = '\0'; if(isdigit(*p) == 0) { return(-1); } masklength = atoi(p); } if((masklength < 0) || (masklength > 32)) { return(-1); } if((p = strchr(aspec, ':'))) { *p++ = '\0'; if(isdigit(*p) == 0) { return(-1); } port = atoi(p); } aca->port = port; aca->addr = ntohl(atoip(aspec)); if(aca->addr == -1) { fprintf(logfp, "%s: can't resolve address for %s\n", prog, aspec); return(-1); } /* build the netmask */ aca->mask = 0; for(i=1; i <= masklength ; i++) { aca->mask |= (1 << (32 - i)); } /* now mask off the host portion of the ip address * (i.e. save on the network portion of the address). */ aca->addr = aca->addr & aca->mask; return(0);}intload_aclfile(struct client_state *csp){ FILE *fp; char buf[BUFSIZ], *v[3], *p; int i; struct access_control_list *a, *bl; struct file_list *fs; static struct stat prev[1], curr[1]; if(stat(aclfile, curr) < 0) { goto load_aclfile_error; } if(current_aclfile && (prev->st_mtime == curr->st_mtime)) { csp->alist = current_aclfile; return(0); } fs = (struct file_list *) zalloc(sizeof(*fs)); bl = (struct access_control_list *) zalloc(sizeof(*bl)); if((fs == NULL) || (bl == NULL)) { goto load_aclfile_error; } fs->f = bl; fs->next = files->next; files->next = fs; if(csp) { csp->alist = fs; } fp = fopen(aclfile, "r"); if(fp == NULL) { fprintf(logfp, "%s: can't open access control list %s\n", prog, aclfile); fperror(logfp, ""); goto load_aclfile_error; } while(fgets(buf, sizeof(buf), fp)) { if((p = strpbrk(buf, "#\r\n"))) *p = '\0'; if(*buf == '\0') continue; i = ssplit(buf, " \t", v, SZ(v), 1, 1); /* allocate a new node */ a = (struct access_control_list *) zalloc(sizeof(*a)); if(a == NULL) { fclose(fp); goto load_aclfile_error; } /* add it to the list */ a->next = bl->next; bl->next = a; switch(i) { case 3: if(acl_addr(v[2], a->dst) < 0) { goto load_aclfile_error; } /* no break */ case 2: if(acl_addr(v[1], a->src) < 0) { goto load_aclfile_error; } p = v[0]; if(strcmpic(p, "permit") == 0) { a->action = ACL_PERMIT; break; } if(strcmpic(p, "deny" ) == 0) { a->action = ACL_DENY; break; } /* no break */ default: goto load_aclfile_error; } } *prev = *curr; fclose(fp); if(current_aclfile) { current_aclfile->unloader = unload_aclfile; } current_aclfile = fs; return(0);load_aclfile_error: fprintf(logfp, "%s: can't load access control list '%s': ", prog, aclfile); fperror(logfp, ""); return(-1);}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -