(メッセージはありません)
@@ -0,0 +1,945 @@ | ||
1 | +Index: trunk/1.8.x/ccs-tools/usr_sbin/editpolicy.c | |
2 | +=================================================================== | |
3 | +--- trunk/1.8.x/ccs-tools/usr_sbin/editpolicy.c (revision 6397) | |
4 | ++++ trunk/1.8.x/ccs-tools/usr_sbin/editpolicy.c (working copy) | |
5 | +@@ -34,6 +34,19 @@ | |
6 | + struct ccs_path_group_entry *ccs_path_group_list = NULL; | |
7 | + /* Length of ccs_path_group_list array. */ | |
8 | + int ccs_path_group_list_len = 0; | |
9 | ++/* Array of "number_group" entry. */ | |
10 | ++struct ccs_number_group_entry *ccs_number_group_list = NULL; | |
11 | ++/* Length of ccs_number_group_list array. */ | |
12 | ++int ccs_number_group_list_len = 0; | |
13 | ++/* Array of "address_group" entry. */ | |
14 | ++struct ccs_address_group_entry *ccs_address_group_list = NULL; | |
15 | ++/* Length of ccs_address_group_list array. */ | |
16 | ++int ccs_address_group_list_len = 0; | |
17 | ++/* Array of "acl_group" entry. */ | |
18 | ++char **acl_group_list[256]; | |
19 | ++/* Length of acl_group_list array.*/ | |
20 | ++int acl_group_list_len[256]; | |
21 | ++ | |
22 | + /* Array of string ACL entries. */ | |
23 | + struct ccs_generic_acl *ccs_gacl_list = NULL; | |
24 | + /* Length of ccs_generic_list array. */ | |
25 | +@@ -126,10 +139,17 @@ | |
26 | + static enum ccs_screen_type ccs_select_window(const int current); | |
27 | + static int ccs_add_path_group_entry(const struct ccs_path_info *ns, | |
28 | + const char *group_name, | |
29 | +- const char *member_name, | |
30 | +- const _Bool is_delete); | |
31 | ++ const char *member_name); | |
32 | + static int ccs_add_path_group_policy(const struct ccs_path_info *ns, | |
33 | +- char *data, const _Bool is_delete); | |
34 | ++ char *data); | |
35 | ++static int ccs_add_number_group_entry(const char *group_name, | |
36 | ++ const char *member_name); | |
37 | ++static int ccs_add_number_group_policy(char *data); | |
38 | ++static int ccs_add_address_group_entry(const char *group_name, | |
39 | ++ const char *member_name); | |
40 | ++static int ccs_add_address_group_policy(char *data); | |
41 | ++static void ccs_add_acl_group_policy(int group, char *data); | |
42 | ++static void ccs_editpolicy_clear_groups(void); | |
43 | + static int ccs_add_transition_control_entry(const struct ccs_path_info *ns, | |
44 | + const char *domainname, | |
45 | + const char *program, const enum | |
46 | +@@ -172,6 +192,13 @@ | |
47 | + static void ccs_sigalrm_handler(int sig); | |
48 | + static void ccs_up_arrow_key(void); | |
49 | + | |
50 | ++#define ccs_alloc(ptr, size, count) \ | |
51 | ++ ({ \ | |
52 | ++ ptr = ccs_realloc((ptr), (size) * ((count) + 1)); \ | |
53 | ++ memset(&ptr[(count)], 0, size); \ | |
54 | ++ &ptr[(count)++]; \ | |
55 | ++ }) | |
56 | ++ | |
57 | + /** | |
58 | + * ccs_find_domain3 - Find a domain by name and other attributes. | |
59 | + * | |
60 | +@@ -232,16 +259,12 @@ | |
61 | + int index = ccs_find_domain3(domainname, target, is_dd); | |
62 | + if (index >= 0) | |
63 | + return index; | |
64 | +- index = ccs_dp.list_len++; | |
65 | +- ccs_dp.list = ccs_realloc(ccs_dp.list, ccs_dp.list_len * | |
66 | +- sizeof(struct ccs_domain)); | |
67 | +- ptr = &ccs_dp.list[index]; | |
68 | +- memset(ptr, 0, sizeof(*ptr)); | |
69 | ++ ptr = ccs_alloc(ccs_dp.list, sizeof(*ptr), ccs_dp.list_len); | |
70 | + ptr->domainname = ccs_savename(domainname); | |
71 | + if (target) | |
72 | + ptr->target = ccs_savename(target); | |
73 | + ptr->is_dd = is_dd; | |
74 | +- return index; | |
75 | ++ return ccs_dp.list_len - 1; | |
76 | + } | |
77 | + | |
78 | + /** | |
79 | +@@ -275,11 +298,8 @@ | |
80 | + if (cp == acl_ptr[i]) | |
81 | + return 0; | |
82 | + | |
83 | +- acl_ptr = ccs_realloc(acl_ptr, (acl_count + 1) * | |
84 | +- sizeof(const struct ccs_path_info *)); | |
85 | +- acl_ptr[acl_count++] = cp; | |
86 | +- ccs_dp.list[index].string_ptr = acl_ptr; | |
87 | +- ccs_dp.list[index].string_count = acl_count; | |
88 | ++ *ccs_alloc(ccs_dp.list[index].string_ptr, sizeof(*acl_ptr), | |
89 | ++ ccs_dp.list[index].string_count) = cp; | |
90 | + return 0; | |
91 | + } | |
92 | + | |
93 | +@@ -590,23 +610,116 @@ | |
94 | + /** | |
95 | + * ccs_add_path_group_policy - Add "path_group" entry. | |
96 | + * | |
97 | +- * @ns: Pointer to "const struct ccs_path_info". | |
98 | +- * @data: Line to parse. | |
99 | +- * @is_delete: True if it is delete request, false otherwise. | |
100 | ++ * @ns: Pointer to "const struct ccs_path_info". | |
101 | ++ * @data: Line to parse. | |
102 | + * | |
103 | + * Returns 0 on success, negative value otherwise. | |
104 | + */ | |
105 | + static int ccs_add_path_group_policy(const struct ccs_path_info *ns, | |
106 | +- char *data, const _Bool is_delete) | |
107 | ++ char *data) | |
108 | + { | |
109 | + char *cp = strchr(data, ' '); | |
110 | + if (!cp) | |
111 | + return -EINVAL; | |
112 | + *cp++ = '\0'; | |
113 | +- return ccs_add_path_group_entry(ns, data, cp, is_delete); | |
114 | ++ return ccs_add_path_group_entry(ns, data, cp); | |
115 | + } | |
116 | + | |
117 | + /** | |
118 | ++ * ccs_add_number_group_policy - Add "number_group" entry. | |
119 | ++ * | |
120 | ++ * @data: Line to parse. | |
121 | ++ * | |
122 | ++ * Returns 0 on success, negative value otherwise. | |
123 | ++ */ | |
124 | ++static int ccs_add_number_group_policy(char *data) | |
125 | ++{ | |
126 | ++ char *cp = strchr(data, ' '); | |
127 | ++ if (!cp) | |
128 | ++ return -EINVAL; | |
129 | ++ *cp++ = '\0'; | |
130 | ++ return ccs_add_number_group_entry(data, cp); | |
131 | ++} | |
132 | ++ | |
133 | ++/** | |
134 | ++ * ccs_add_address_group_policy - Add "address_group" entry. | |
135 | ++ * | |
136 | ++ * @data: Line to parse. | |
137 | ++ * | |
138 | ++ * Returns 0 on success, negative value otherwise. | |
139 | ++ */ | |
140 | ++static int ccs_add_address_group_policy(char *data) | |
141 | ++{ | |
142 | ++ char *cp = strchr(data, ' '); | |
143 | ++ if (!cp) | |
144 | ++ return -EINVAL; | |
145 | ++ *cp++ = '\0'; | |
146 | ++ return ccs_add_address_group_entry(data, cp); | |
147 | ++} | |
148 | ++ | |
149 | ++/** | |
150 | ++ * ccs_add_acl_group_policys - Add "acl_group" entry. | |
151 | ++ * | |
152 | ++ * @group: Group number. | |
153 | ++ * @data: Line to parse. | |
154 | ++ * | |
155 | ++ * Returns nothing. | |
156 | ++ */ | |
157 | ++static void ccs_add_acl_group_policy(int group, char *data) | |
158 | ++{ | |
159 | ++ char **ptr = acl_group_list[group]; | |
160 | ++ const int len = acl_group_list_len[group]; | |
161 | ++ int i; | |
162 | ++ for (i = 0; i < len; i++) | |
163 | ++ if (!strcmp(ptr[i], data)) | |
164 | ++ return; | |
165 | ++ *ccs_alloc(acl_group_list[group], sizeof(char *), | |
166 | ++ acl_group_list_len[group]) = ccs_strdup(data); | |
167 | ++} | |
168 | ++ | |
169 | ++/** | |
170 | ++ * ccs_editpolicy_clear_groups - Clear path_group/number_group/address_group for reloading policy. | |
171 | ++ * | |
172 | ++ * Returns nothing. | |
173 | ++ */ | |
174 | ++static void ccs_editpolicy_clear_groups(void) | |
175 | ++{ | |
176 | ++ int i; | |
177 | ++ for (i = 0; i < 256; i++) | |
178 | ++ while (acl_group_list_len[i]) | |
179 | ++ free(acl_group_list[i][--acl_group_list_len[i]]); | |
180 | ++ while (ccs_path_group_list_len) | |
181 | ++ free(ccs_path_group_list[--ccs_path_group_list_len]. | |
182 | ++ member_name); | |
183 | ++ while (ccs_number_group_list_len) | |
184 | ++ free(ccs_number_group_list[--ccs_number_group_list_len]. | |
185 | ++ member_name); | |
186 | ++ while (ccs_address_group_list_len) | |
187 | ++ free(ccs_address_group_list[--ccs_address_group_list_len]. | |
188 | ++ member_name); | |
189 | ++} | |
190 | ++ | |
191 | ++/** | |
192 | ++ * ccs_find_path_group_ns - Find "path_group" entry. | |
193 | ++ * | |
194 | ++ * @ns: Pointer to "const struct ccs_path_info". | |
195 | ++ * @group_name: Name of path group. | |
196 | ++ * | |
197 | ++ * Returns pointer to "struct ccs_path_group_entry" if found, NULL otherwise. | |
198 | ++ */ | |
199 | ++struct ccs_path_group_entry *ccs_find_path_group_ns | |
200 | ++(const struct ccs_path_info *ns, const char *group_name) | |
201 | ++{ | |
202 | ++ int i; | |
203 | ++ for (i = 0; i < ccs_path_group_list_len; i++) | |
204 | ++ if (!ccs_pathcmp(ccs_path_group_list[i].ns, ns) && | |
205 | ++ !strcmp(group_name, | |
206 | ++ ccs_path_group_list[i].group_name->name)) | |
207 | ++ return &ccs_path_group_list[i]; | |
208 | ++ return NULL; | |
209 | ++} | |
210 | ++ | |
211 | ++/** | |
212 | + * ccs_assign_djs - Assign domain jump source domain. | |
213 | + * | |
214 | + * @ns: Pointer to "const struct ccs_path_info". | |
215 | +@@ -1224,17 +1337,15 @@ | |
216 | + static void ccs_add_generic_entry(const char *line, const enum | |
217 | + ccs_editpolicy_directives directive) | |
218 | + { | |
219 | ++ struct ccs_generic_acl *ptr; | |
220 | + int i; | |
221 | + for (i = 0; i < ccs_gacl_list_count; i++) | |
222 | + if (ccs_gacl_list[i].directive == directive && | |
223 | + !strcmp(line, ccs_gacl_list[i].operand)) | |
224 | + return; | |
225 | +- i = ccs_gacl_list_count++; | |
226 | +- ccs_gacl_list = ccs_realloc(ccs_gacl_list, ccs_gacl_list_count * | |
227 | +- sizeof(struct ccs_generic_acl)); | |
228 | +- ccs_gacl_list[i].directive = directive; | |
229 | +- ccs_gacl_list[i].selected = 0; | |
230 | +- ccs_gacl_list[i].operand = ccs_strdup(line); | |
231 | ++ ptr = ccs_alloc(ccs_gacl_list, sizeof(*ptr), ccs_gacl_list_count); | |
232 | ++ ptr->directive = directive; | |
233 | ++ ptr->operand = ccs_strdup(line); | |
234 | + } | |
235 | + | |
236 | + /** | |
237 | +@@ -1314,16 +1425,21 @@ | |
238 | + /* Remember groups for ccs_editpolicy_optimize(). */ | |
239 | + if (directive != CCS_DIRECTIVE_PATH_GROUP && | |
240 | + directive != CCS_DIRECTIVE_NUMBER_GROUP && | |
241 | +- directive != CCS_DIRECTIVE_ADDRESS_GROUP) | |
242 | ++ directive != CCS_DIRECTIVE_ADDRESS_GROUP && | |
243 | ++ (directive < CCS_DIRECTIVE_ACL_GROUP_000 || | |
244 | ++ directive > CCS_DIRECTIVE_ACL_GROUP_255)) | |
245 | + break; | |
246 | + cp = ccs_strdup(line); | |
247 | + if (directive == CCS_DIRECTIVE_PATH_GROUP) | |
248 | +- ccs_add_path_group_policy(ccs_current_ns, cp, | |
249 | +- false); | |
250 | ++ ccs_add_path_group_policy(ccs_current_ns, cp); | |
251 | + else if (directive == CCS_DIRECTIVE_NUMBER_GROUP) | |
252 | +- ccs_add_number_group_policy(cp, false); | |
253 | ++ ccs_add_number_group_policy(cp); | |
254 | ++ else if (directive == CCS_DIRECTIVE_ADDRESS_GROUP) | |
255 | ++ ccs_add_address_group_policy(cp); | |
256 | + else | |
257 | +- ccs_add_address_group_policy(cp, false); | |
258 | ++ ccs_add_acl_group_policy | |
259 | ++ (directive - | |
260 | ++ CCS_DIRECTIVE_ACL_GROUP_000, cp); | |
261 | + free(cp); | |
262 | + break; | |
263 | + case CCS_SCREEN_ACL_LIST: | |
264 | +@@ -1404,12 +1520,8 @@ | |
265 | + if (!ccs_correct_domain(domainname)) | |
266 | + if (!ccs_correct_path(domainname)) | |
267 | + return -EINVAL; | |
268 | +- ccs_transition_control_list = | |
269 | +- ccs_realloc(ccs_transition_control_list, | |
270 | +- (ccs_transition_control_list_len + 1) * | |
271 | +- sizeof(struct ccs_transition_control_entry)); | |
272 | +- ptr = &ccs_transition_control_list[ccs_transition_control_list_len++]; | |
273 | +- memset(ptr, 0, sizeof(*ptr)); | |
274 | ++ ptr = ccs_alloc(ccs_transition_control_list, sizeof(*ptr), | |
275 | ++ ccs_transition_control_list_len); | |
276 | + ptr->ns = ns; | |
277 | + if (program && strcmp(program, "any")) | |
278 | + ptr->program = ccs_savename(program); | |
279 | +@@ -1425,14 +1537,12 @@ | |
280 | + * @ns: Pointer to "const struct ccs_path_info". | |
281 | + * @group_name: Name of address group. | |
282 | + * @member_name: Address string. | |
283 | +- * @is_delete: True if it is delete request, false otherwise. | |
284 | + * | |
285 | + * Returns 0 on success, negative value otherwise. | |
286 | + */ | |
287 | + static int ccs_add_path_group_entry(const struct ccs_path_info *ns, | |
288 | + const char *group_name, | |
289 | +- const char *member_name, | |
290 | +- const _Bool is_delete) | |
291 | ++ const char *member_name) | |
292 | + { | |
293 | + const struct ccs_path_info *saved_group_name; | |
294 | + const struct ccs_path_info *saved_member_name; | |
295 | +@@ -1449,38 +1559,104 @@ | |
296 | + continue; | |
297 | + if (saved_group_name != group->group_name) | |
298 | + continue; | |
299 | +- for (j = 0; j < group->member_name_len; j++) { | |
300 | +- if (group->member_name[j] != saved_member_name) | |
301 | +- continue; | |
302 | +- if (!is_delete) | |
303 | ++ for (j = 0; j < group->member_name_len; j++) | |
304 | ++ if (group->member_name[j] == saved_member_name) | |
305 | + return 0; | |
306 | +- while (j < group->member_name_len - 1) | |
307 | +- group->member_name[j] = | |
308 | +- group->member_name[j + 1]; | |
309 | +- group->member_name_len--; | |
310 | +- return 0; | |
311 | +- } | |
312 | + break; | |
313 | + } | |
314 | +- if (is_delete) | |
315 | +- return -ENOENT; | |
316 | + if (i == ccs_path_group_list_len) { | |
317 | +- ccs_path_group_list = | |
318 | +- ccs_realloc(ccs_path_group_list, | |
319 | +- (ccs_path_group_list_len + 1) * | |
320 | +- sizeof(struct ccs_path_group_entry)); | |
321 | +- group = &ccs_path_group_list[ccs_path_group_list_len++]; | |
322 | +- memset(group, 0, sizeof(*group)); | |
323 | ++ group = ccs_alloc(ccs_path_group_list, sizeof(*group), | |
324 | ++ ccs_path_group_list_len); | |
325 | + group->ns = ns; | |
326 | + group->group_name = saved_group_name; | |
327 | + } | |
328 | +- group->member_name = | |
329 | +- ccs_realloc(group->member_name, (group->member_name_len + 1) * | |
330 | +- sizeof(const struct ccs_path_info *)); | |
331 | +- group->member_name[group->member_name_len++] = saved_member_name; | |
332 | ++ *ccs_alloc(group->member_name, sizeof(saved_member_name), | |
333 | ++ group->member_name_len) = saved_member_name; | |
334 | + return 0; | |
335 | + } | |
336 | + | |
337 | ++/** | |
338 | ++ * ccs_add_number_group_entry - Add "number_group" entry. | |
339 | ++ * | |
340 | ++ * @group_name: Name of number group. | |
341 | ++ * @member_name: Number string. | |
342 | ++ * | |
343 | ++ * Returns 0 on success, negative value otherwise. | |
344 | ++ */ | |
345 | ++static int ccs_add_number_group_entry(const char *group_name, | |
346 | ++ const char *member_name) | |
347 | ++{ | |
348 | ++ const struct ccs_path_info *saved_group_name; | |
349 | ++ int i; | |
350 | ++ int j; | |
351 | ++ struct ccs_number_entry entry; | |
352 | ++ struct ccs_number_group_entry *group = NULL; | |
353 | ++ if (ccs_parse_number(member_name, &entry)) | |
354 | ++ return -EINVAL; | |
355 | ++ if (!ccs_correct_word(group_name)) | |
356 | ++ return -EINVAL; | |
357 | ++ saved_group_name = ccs_savename(group_name); | |
358 | ++ for (i = 0; i < ccs_number_group_list_len; i++) { | |
359 | ++ group = &ccs_number_group_list[i]; | |
360 | ++ if (saved_group_name != group->group_name) | |
361 | ++ continue; | |
362 | ++ for (j = 0; j < group->member_name_len; j++) | |
363 | ++ if (!memcmp(&group->member_name[j], &entry, | |
364 | ++ sizeof(entry))) | |
365 | ++ return 0; | |
366 | ++ break; | |
367 | ++ } | |
368 | ++ if (i == ccs_number_group_list_len) { | |
369 | ++ group = ccs_alloc(ccs_number_group_list, sizeof(*group), | |
370 | ++ ccs_number_group_list_len); | |
371 | ++ group->group_name = saved_group_name; | |
372 | ++ } | |
373 | ++ *ccs_alloc(group->member_name, sizeof(entry), group->member_name_len) = | |
374 | ++ entry; | |
375 | ++ return 0; | |
376 | ++} | |
377 | ++ | |
378 | ++/** | |
379 | ++ * ccs_add_address_group_entry - Add "address_group" entry. | |
380 | ++ * | |
381 | ++ * @group_name: Name of address group. | |
382 | ++ * @member_name: Address string. | |
383 | ++ * | |
384 | ++ * Returns 0 on success, negative value otherwise. | |
385 | ++ */ | |
386 | ++static int ccs_add_address_group_entry(const char *group_name, | |
387 | ++ const char *member_name) | |
388 | ++{ | |
389 | ++ const struct ccs_path_info *saved_group_name; | |
390 | ++ int i; | |
391 | ++ int j; | |
392 | ++ struct ccs_ip_address_entry entry; | |
393 | ++ struct ccs_address_group_entry *group = NULL; | |
394 | ++ if (ccs_parse_ip(member_name, &entry)) | |
395 | ++ return -EINVAL; | |
396 | ++ if (!ccs_correct_word(group_name)) | |
397 | ++ return -EINVAL; | |
398 | ++ saved_group_name = ccs_savename(group_name); | |
399 | ++ for (i = 0; i < ccs_address_group_list_len; i++) { | |
400 | ++ group = &ccs_address_group_list[i]; | |
401 | ++ if (saved_group_name != group->group_name) | |
402 | ++ continue; | |
403 | ++ for (j = 0; j < group->member_name_len; j++) | |
404 | ++ if (!memcmp(&group->member_name[j], &entry, | |
405 | ++ sizeof(entry))) | |
406 | ++ return 0; | |
407 | ++ break; | |
408 | ++ } | |
409 | ++ if (i == ccs_address_group_list_len) { | |
410 | ++ group = ccs_alloc(ccs_address_group_list, sizeof(*group), | |
411 | ++ ccs_address_group_list_len); | |
412 | ++ group->group_name = saved_group_name; | |
413 | ++ } | |
414 | ++ *ccs_alloc(group->member_name, sizeof(entry), group->member_name_len) = | |
415 | ++ entry; | |
416 | ++ return 0; | |
417 | ++} | |
418 | ++ | |
419 | + /* | |
420 | + * List of "task auto_domain_transition" "task manual_domain_transition" | |
421 | + * "auto_domain_transition=" part. | |
422 | +@@ -1515,9 +1691,8 @@ | |
423 | + ccs_dp.list[index].domainname->name, cp); | |
424 | + domainname[sizeof(domainname) - 1] = '\0'; | |
425 | + ccs_normalize_line(domainname); | |
426 | +- ccs_jump_list = ccs_realloc(ccs_jump_list, | |
427 | +- (ccs_jump_list_len + 1) * sizeof(char *)); | |
428 | +- ccs_jump_list[ccs_jump_list_len++] = ccs_strdup(domainname); | |
429 | ++ *ccs_alloc(ccs_jump_list, sizeof(char *), ccs_jump_list_len) = | |
430 | ++ ccs_strdup(domainname); | |
431 | + ccs_assign_domain3(domainname, *cp == '<' ? cp : domainname, false); | |
432 | + } | |
433 | + | |
434 | +@@ -1541,9 +1716,8 @@ | |
435 | + } | |
436 | + if (!ccs_correct_domain(line)) | |
437 | + return; | |
438 | +- ccs_jump_list = ccs_realloc(ccs_jump_list, | |
439 | +- (ccs_jump_list_len + 1) * sizeof(char *)); | |
440 | +- ccs_jump_list[ccs_jump_list_len++] = ccs_strdup(line); | |
441 | ++ *ccs_alloc(ccs_jump_list, sizeof(char *), ccs_jump_list_len) = | |
442 | ++ ccs_strdup(line); | |
443 | + snprintf(domainname, sizeof(domainname) - 1, "%s %s", | |
444 | + ccs_dp.list[index].domainname->name, ccs_get_last_word(line)); | |
445 | + domainname[sizeof(domainname) - 1] = '\0'; | |
446 | +@@ -1583,11 +1757,8 @@ | |
447 | + goto add; | |
448 | + return false; | |
449 | + add: | |
450 | +- ccs_transition_preference_list = | |
451 | +- ccs_realloc(ccs_transition_preference_list, sizeof(*ptr) * | |
452 | +- (ccs_transition_preference_list_len + 1)); | |
453 | +- ptr = &ccs_transition_preference_list | |
454 | +- [ccs_transition_preference_list_len++]; | |
455 | ++ ptr = ccs_alloc(ccs_transition_preference_list, sizeof(*ptr), | |
456 | ++ ccs_transition_preference_list_len); | |
457 | + ptr->index = index; | |
458 | + ptr->domainname = ccs_strdup(domainname); | |
459 | + ptr->program = ccs_strdup(program); | |
460 | +@@ -1734,16 +1905,17 @@ | |
461 | + return; | |
462 | + } | |
463 | + if (ccs_str_starts(line, "path_group ")) | |
464 | +- ccs_add_path_group_policy(ns, line, false); | |
465 | ++ ccs_add_path_group_policy(ns, line); | |
466 | + else if (ccs_str_starts(line, "address_group ")) | |
467 | +- ccs_add_address_group_policy(line, false); | |
468 | ++ ccs_add_address_group_policy(line); | |
469 | + else if (ccs_str_starts(line, "number_group ")) | |
470 | +- ccs_add_number_group_policy(line, false); | |
471 | ++ ccs_add_number_group_policy(line); | |
472 | + else if (sscanf(line, "acl_group %u", &group) == 1 && group < 256) { | |
473 | + int index; | |
474 | + line = strchr(line + 10, ' '); | |
475 | + if (!line++) | |
476 | + return; | |
477 | ++ ccs_add_acl_group_policy(group, line); | |
478 | + for (index = 0; index < ccs_dp.list_len; index++) { | |
479 | + char *cp; | |
480 | + const struct ccs_domain *ptr = &ccs_dp.list[index]; | |
481 | +@@ -3695,6 +3867,8 @@ | |
482 | + | |
483 | + int main(int argc, char *argv[]) | |
484 | + { | |
485 | ++ memset(acl_group_list, 0, sizeof(acl_group_list)); | |
486 | ++ memset(acl_group_list_len, 0, sizeof(acl_group_list_len)); | |
487 | + ccs_parse_args(argc, argv); | |
488 | + ccs_editpolicy_init_keyword_map(); | |
489 | + if (ccs_offline_mode) | |
490 | +Index: trunk/1.8.x/ccs-tools/usr_sbin/editpolicy.h | |
491 | +=================================================================== | |
492 | +--- trunk/1.8.x/ccs-tools/usr_sbin/editpolicy.h (revision 6397) | |
493 | ++++ trunk/1.8.x/ccs-tools/usr_sbin/editpolicy.h (working copy) | |
494 | +@@ -406,6 +406,18 @@ | |
495 | + int member_name_len; | |
496 | + }; | |
497 | + | |
498 | ++struct ccs_address_group_entry { | |
499 | ++ const struct ccs_path_info *group_name; | |
500 | ++ struct ccs_ip_address_entry *member_name; | |
501 | ++ int member_name_len; | |
502 | ++}; | |
503 | ++ | |
504 | ++struct ccs_number_group_entry { | |
505 | ++ const struct ccs_path_info *group_name; | |
506 | ++ struct ccs_number_entry *member_name; | |
507 | ++ int member_name_len; | |
508 | ++}; | |
509 | ++ | |
510 | + struct ccs_readline_data { | |
511 | + const char **history; | |
512 | + int count; | |
513 | +@@ -432,11 +444,8 @@ | |
514 | + enum ccs_color_pair ccs_editpolicy_color_head(void); | |
515 | + enum ccs_editpolicy_directives ccs_find_directive(const _Bool forward, | |
516 | + char *line); | |
517 | +-int ccs_add_address_group_policy(char *data, const _Bool is_delete); | |
518 | +-int ccs_add_number_group_policy(char *data, const _Bool is_delete); | |
519 | + int ccs_editpolicy_get_current(void); | |
520 | + void ccs_editpolicy_attr_change(const attr_t attr, const _Bool flg); | |
521 | +-void ccs_editpolicy_clear_groups(void); | |
522 | + void ccs_editpolicy_color_change(const attr_t attr, const _Bool flg); | |
523 | + void ccs_editpolicy_color_init(void); | |
524 | + void ccs_editpolicy_init_keyword_map(void); | |
525 | +@@ -472,9 +481,15 @@ | |
526 | + extern enum ccs_screen_type ccs_current_screen; | |
527 | + extern int ccs_list_item_count; | |
528 | + extern int ccs_path_group_list_len; | |
529 | ++extern int ccs_number_group_list_len; | |
530 | ++extern int ccs_address_group_list_len; | |
531 | ++extern int acl_group_list_len[256]; | |
532 | + extern struct ccs_domain_policy3 ccs_dp; | |
533 | + extern struct ccs_editpolicy_directive ccs_directives[CCS_MAX_DIRECTIVE_INDEX]; | |
534 | + extern struct ccs_generic_acl *ccs_gacl_list; | |
535 | + extern struct ccs_path_group_entry *ccs_path_group_list; | |
536 | ++extern struct ccs_number_group_entry *ccs_number_group_list; | |
537 | ++extern struct ccs_address_group_entry *ccs_address_group_list; | |
538 | ++extern char **acl_group_list[256]; | |
539 | + extern struct ccs_screen ccs_screen[CCS_MAXSCREEN]; | |
540 | + extern const struct ccs_path_info *ccs_current_ns; | |
541 | +Index: trunk/1.8.x/ccs-tools/usr_sbin/editpolicy_optimizer.c | |
542 | +=================================================================== | |
543 | +--- trunk/1.8.x/ccs-tools/usr_sbin/editpolicy_optimizer.c (revision 6397) | |
544 | ++++ trunk/1.8.x/ccs-tools/usr_sbin/editpolicy_optimizer.c (working copy) | |
545 | +@@ -23,77 +23,50 @@ | |
546 | + #include "ccstools.h" | |
547 | + #include "editpolicy.h" | |
548 | + | |
549 | +-struct ccs_address_group_entry { | |
550 | +- const struct ccs_path_info *group_name; | |
551 | +- struct ccs_ip_address_entry *member_name; | |
552 | +- int member_name_len; | |
553 | +-}; | |
554 | +- | |
555 | +-struct ccs_number_group_entry { | |
556 | +- const struct ccs_path_info *group_name; | |
557 | +- struct ccs_number_entry *member_name; | |
558 | +- int member_name_len; | |
559 | +-}; | |
560 | +- | |
561 | +-/* Array of "address_group" entry. */ | |
562 | +-static struct ccs_address_group_entry *ccs_address_group_list = NULL; | |
563 | +-/* Length of ccs_address_group_list array. */ | |
564 | +-static int ccs_address_group_list_len = 0; | |
565 | +-/* Array of "number_group" entry. */ | |
566 | +-static struct ccs_number_group_entry *ccs_number_group_list = NULL; | |
567 | +-/* Length of ccs_number_group_list array. */ | |
568 | +-static int ccs_number_group_list_len = 0; | |
569 | +- | |
570 | +-static _Bool ccs_compare_address(const char *sarg, const char *darg); | |
571 | +-static _Bool ccs_compare_number(const char *sarg, const char *darg); | |
572 | +-static _Bool ccs_compare_path(const char *sarg, const char *darg); | |
573 | +-static int ccs_add_address_group_entry(const char *group_name, | |
574 | +- const char *member_name, | |
575 | +- const _Bool is_delete); | |
576 | +-static int ccs_add_number_group_entry(const char *group_name, | |
577 | +- const char *member_name, | |
578 | +- const _Bool is_delete); | |
579 | + static struct ccs_address_group_entry *ccs_find_address_group | |
580 | + (const char *group_name); | |
581 | + static struct ccs_number_group_entry *ccs_find_number_group | |
582 | + (const char *group_name); | |
583 | ++static _Bool ccs_compare_address(const char *sarg, const char *darg); | |
584 | ++static _Bool ccs_compare_number(const char *sarg, const char *darg); | |
585 | ++static _Bool ccs_compare_path(const char *sarg, const char *darg); | |
586 | + | |
587 | + /** | |
588 | +- * ccs_find_path_group_ns - Find "path_group" entry. | |
589 | ++ * ccs_find_address_group - Find an "address_group" by name. | |
590 | + * | |
591 | +- * @ns: Pointer to "const struct ccs_path_info". | |
592 | +- * @group_name: Name of path group. | |
593 | ++ * @group_name: Group name to find. | |
594 | + * | |
595 | +- * Returns pointer to "struct ccs_path_group_entry" if found, NULL otherwise. | |
596 | ++ * Returns pointer to "struct ccs_address_group_entry" if found, | |
597 | ++ * NULL otherwise. | |
598 | + */ | |
599 | +-struct ccs_path_group_entry *ccs_find_path_group_ns | |
600 | +-(const struct ccs_path_info *ns, const char *group_name) | |
601 | ++static struct ccs_address_group_entry *ccs_find_address_group | |
602 | ++(const char *group_name) | |
603 | + { | |
604 | + int i; | |
605 | +- for (i = 0; i < ccs_path_group_list_len; i++) { | |
606 | +- if (!ccs_pathcmp(ccs_path_group_list[i].ns, ns) && | |
607 | +- !strcmp(group_name, | |
608 | +- ccs_path_group_list[i].group_name->name)) | |
609 | +- return &ccs_path_group_list[i]; | |
610 | +- } | |
611 | ++ for (i = 0; i < ccs_address_group_list_len; i++) | |
612 | ++ if (!strcmp(group_name, | |
613 | ++ ccs_address_group_list[i].group_name->name)) | |
614 | ++ return &ccs_address_group_list[i]; | |
615 | + return NULL; | |
616 | + } | |
617 | + | |
618 | + /** | |
619 | +- * ccs_add_address_group_policy - Add "address_group" entry. | |
620 | ++ * ccs_find_number_group - Find an "number_group" by name. | |
621 | + * | |
622 | +- * @data: Line to parse. | |
623 | +- * @is_delete: True if it is delete request, false otherwise. | |
624 | ++ * @group_name: Group name to find. | |
625 | + * | |
626 | +- * Returns 0 on success, negative value otherwise. | |
627 | ++ * Returns pointer to "struct ccs_number_group_entry" if found, | |
628 | ++ * NULL otherwise. | |
629 | + */ | |
630 | +-int ccs_add_address_group_policy(char *data, const _Bool is_delete) | |
631 | ++static struct ccs_number_group_entry *ccs_find_number_group | |
632 | ++(const char *group_name) | |
633 | + { | |
634 | +- char *cp = strchr(data, ' '); | |
635 | +- if (!cp) | |
636 | +- return -EINVAL; | |
637 | +- *cp++ = '\0'; | |
638 | +- return ccs_add_address_group_entry(data, cp, is_delete); | |
639 | ++ int i; | |
640 | ++ for (i = 0; i < ccs_number_group_list_len; i++) | |
641 | ++ if (!strcmp(group_name, | |
642 | ++ ccs_number_group_list[i].group_name->name)) | |
643 | ++ return &ccs_number_group_list[i]; | |
644 | ++ return NULL; | |
645 | + } | |
646 | + | |
647 | + /** | |
648 | +@@ -296,23 +269,6 @@ | |
649 | + } | |
650 | + | |
651 | + /** | |
652 | +- * ccs_add_number_group_policy - Add "number_group" entry. | |
653 | +- * | |
654 | +- * @data: Line to parse. | |
655 | +- * @is_delete: True if it is delete request, false otherwise. | |
656 | +- * | |
657 | +- * Returns 0 on success, negative value otherwise. | |
658 | +- */ | |
659 | +-int ccs_add_number_group_policy(char *data, const _Bool is_delete) | |
660 | +-{ | |
661 | +- char *cp = strchr(data, ' '); | |
662 | +- if (!cp) | |
663 | +- return -EINVAL; | |
664 | +- *cp++ = '\0'; | |
665 | +- return ccs_add_number_group_entry(data, cp, is_delete); | |
666 | +-} | |
667 | +- | |
668 | +-/** | |
669 | + * ccs_compare_number - Compare two numeric values. | |
670 | + * | |
671 | + * @sarg: First number. | |
672 | +@@ -350,38 +306,23 @@ | |
673 | + } | |
674 | + | |
675 | + /** | |
676 | +- * ccs_editpolicy_optimize - Try to merge entries included in other entries. | |
677 | ++ * ccs_editpolicy_do_optimize - Try to merge entries included in other entries. | |
678 | + * | |
679 | +- * @current: Index in the domain policy. | |
680 | ++ * @cp: A line containing operand. | |
681 | ++ * @s_index: Type of entry. | |
682 | ++ * @s_index2: Type of entry. | |
683 | ++ * @is_exception_list: True if optimizing acl_group, false otherwise. | |
684 | + * | |
685 | + * Returns nothing. | |
686 | + */ | |
687 | +-void ccs_editpolicy_optimize(const int current) | |
688 | ++static void ccs_editpolicy_do_optimize(char *cp, const int current, | |
689 | ++ enum ccs_editpolicy_directives s_index, | |
690 | ++ enum ccs_editpolicy_directives s_index2, | |
691 | ++ const bool is_exception_list) | |
692 | + { | |
693 | +- char *cp; | |
694 | +- const bool is_exception_list = | |
695 | +- ccs_current_screen == CCS_SCREEN_EXCEPTION_LIST; | |
696 | +- enum ccs_editpolicy_directives s_index; | |
697 | +- enum ccs_editpolicy_directives s_index2; | |
698 | + int index; | |
699 | + char *s[5]; | |
700 | + char *d[5]; | |
701 | +- if (current < 0) | |
702 | +- return; | |
703 | +- s_index = ccs_gacl_list[current].directive; | |
704 | +- if (s_index == CCS_DIRECTIVE_NONE) | |
705 | +- return; | |
706 | +- /* Allow acl_group lines to be optimized. */ | |
707 | +- if (is_exception_list && | |
708 | +- (s_index < CCS_DIRECTIVE_ACL_GROUP_000 || | |
709 | +- s_index > CCS_DIRECTIVE_ACL_GROUP_255)) | |
710 | +- return; | |
711 | +- cp = strdup(ccs_gacl_list[current].operand); | |
712 | +- if (!cp) | |
713 | +- return; | |
714 | +- s_index2 = s_index; | |
715 | +- if (is_exception_list) | |
716 | +- s_index = ccs_find_directive(true, cp); | |
717 | + ccs_tokenize(cp, s, s_index); | |
718 | + ccs_get(); | |
719 | + for (index = 0; index < ccs_list_item_count; index++) { | |
720 | +@@ -515,182 +456,56 @@ | |
721 | + ccs_gacl_list[index].selected = 1; | |
722 | + } | |
723 | + ccs_put(); | |
724 | +- free(cp); | |
725 | + } | |
726 | + | |
727 | + /** | |
728 | +- * ccs_add_address_group_entry - Add "address_group" entry. | |
729 | ++ * ccs_editpolicy_optimize - Try to merge entries included in other entries. | |
730 | + * | |
731 | +- * @group_name: Name of address group. | |
732 | +- * @member_name: Address string. | |
733 | +- * @is_delete: True if it is delete request, false otherwise. | |
734 | ++ * @current: Index in the domain policy. | |
735 | + * | |
736 | +- * Returns 0 on success, negative value otherwise. | |
737 | ++ * Returns nothing. | |
738 | + */ | |
739 | +-static int ccs_add_address_group_entry(const char *group_name, | |
740 | +- const char *member_name, | |
741 | +- const _Bool is_delete) | |
742 | ++void ccs_editpolicy_optimize(const int current) | |
743 | + { | |
744 | +- const struct ccs_path_info *saved_group_name; | |
745 | +- int i; | |
746 | +- int j; | |
747 | +- struct ccs_ip_address_entry entry; | |
748 | +- struct ccs_address_group_entry *group = NULL; | |
749 | +- if (ccs_parse_ip(member_name, &entry)) | |
750 | +- return -EINVAL; | |
751 | +- if (!ccs_correct_word(group_name)) | |
752 | +- return -EINVAL; | |
753 | +- saved_group_name = ccs_savename(group_name); | |
754 | +- for (i = 0; i < ccs_address_group_list_len; i++) { | |
755 | +- group = &ccs_address_group_list[i]; | |
756 | +- if (saved_group_name != group->group_name) | |
757 | +- continue; | |
758 | +- for (j = 0; j < group->member_name_len; j++) { | |
759 | +- if (memcmp(&group->member_name[j], &entry, | |
760 | +- sizeof(entry))) | |
761 | +- continue; | |
762 | +- if (!is_delete) | |
763 | +- return 0; | |
764 | +- while (j < group->member_name_len - 1) | |
765 | +- group->member_name[j] | |
766 | +- = group->member_name[j + 1]; | |
767 | +- group->member_name_len--; | |
768 | +- return 0; | |
769 | ++ char *cp; | |
770 | ++ const bool is_exception_list = | |
771 | ++ ccs_current_screen == CCS_SCREEN_EXCEPTION_LIST; | |
772 | ++ enum ccs_editpolicy_directives s_index; | |
773 | ++ enum ccs_editpolicy_directives s_index2; | |
774 | ++ if (current < 0) | |
775 | ++ return; | |
776 | ++ s_index = ccs_gacl_list[current].directive; | |
777 | ++ if (s_index == CCS_DIRECTIVE_NONE) | |
778 | ++ return; | |
779 | ++ /* Allow acl_group lines to be optimized. */ | |
780 | ++ if (is_exception_list && | |
781 | ++ (s_index < CCS_DIRECTIVE_ACL_GROUP_000 || | |
782 | ++ s_index > CCS_DIRECTIVE_ACL_GROUP_255)) | |
783 | ++ return; | |
784 | ++ if (s_index == CCS_DIRECTIVE_USE_GROUP) { | |
785 | ++ unsigned int group = atoi(ccs_gacl_list[current].operand); | |
786 | ++ int i; | |
787 | ++ if (group >= 256) | |
788 | ++ return; | |
789 | ++ for (i = 0; i < acl_group_list_len[group]; i++) { | |
790 | ++ cp = strdup(acl_group_list[group][i]); | |
791 | ++ if (!cp) | |
792 | ++ return; | |
793 | ++ s_index = ccs_find_directive(true, cp); | |
794 | ++ if (s_index != CCS_DIRECTIVE_NONE) | |
795 | ++ ccs_editpolicy_do_optimize(cp, -1, s_index, | |
796 | ++ s_index, false); | |
797 | ++ free(cp); | |
798 | + } | |
799 | +- break; | |
800 | ++ return; | |
801 | + } | |
802 | +- if (is_delete) | |
803 | +- return -ENOENT; | |
804 | +- if (i == ccs_address_group_list_len) { | |
805 | +- ccs_address_group_list = | |
806 | +- ccs_realloc(ccs_address_group_list, | |
807 | +- (ccs_address_group_list_len + 1) * | |
808 | +- sizeof(struct ccs_address_group_entry)); | |
809 | +- group = &ccs_address_group_list[ccs_address_group_list_len++]; | |
810 | +- memset(group, 0, sizeof(struct ccs_address_group_entry)); | |
811 | +- group->group_name = saved_group_name; | |
812 | +- } | |
813 | +- group->member_name = | |
814 | +- ccs_realloc(group->member_name, (group->member_name_len + 1) * | |
815 | +- sizeof(const struct ccs_ip_address_entry)); | |
816 | +- group->member_name[group->member_name_len++] = entry; | |
817 | +- return 0; | |
818 | ++ cp = strdup(ccs_gacl_list[current].operand); | |
819 | ++ if (!cp) | |
820 | ++ return; | |
821 | ++ s_index2 = s_index; | |
822 | ++ if (is_exception_list) | |
823 | ++ s_index = ccs_find_directive(true, cp); | |
824 | ++ ccs_editpolicy_do_optimize(cp, current, s_index, s_index2, | |
825 | ++ is_exception_list); | |
826 | ++ free(cp); | |
827 | + } | |
828 | +- | |
829 | +-/** | |
830 | +- * ccs_find_address_group - Find an "address_group" by name. | |
831 | +- * | |
832 | +- * @group_name: Group name to find. | |
833 | +- * | |
834 | +- * Returns pointer to "struct ccs_address_group_entry" if found, | |
835 | +- * NULL otherwise. | |
836 | +- */ | |
837 | +-static struct ccs_address_group_entry *ccs_find_address_group | |
838 | +-(const char *group_name) | |
839 | +-{ | |
840 | +- int i; | |
841 | +- for (i = 0; i < ccs_address_group_list_len; i++) { | |
842 | +- if (!strcmp(group_name, | |
843 | +- ccs_address_group_list[i].group_name->name)) | |
844 | +- return &ccs_address_group_list[i]; | |
845 | +- } | |
846 | +- return NULL; | |
847 | +-} | |
848 | +- | |
849 | +-/** | |
850 | +- * ccs_add_number_group_entry - Add "number_group" entry. | |
851 | +- * | |
852 | +- * @group_name: Name of number group. | |
853 | +- * @member_name: Number string. | |
854 | +- * @is_delete: True if it is delete request, false otherwise. | |
855 | +- * | |
856 | +- * Returns 0 on success, negative value otherwise. | |
857 | +- */ | |
858 | +-static int ccs_add_number_group_entry(const char *group_name, | |
859 | +- const char *member_name, | |
860 | +- const _Bool is_delete) | |
861 | +-{ | |
862 | +- const struct ccs_path_info *saved_group_name; | |
863 | +- int i; | |
864 | +- int j; | |
865 | +- struct ccs_number_entry entry; | |
866 | +- struct ccs_number_group_entry *group = NULL; | |
867 | +- if (ccs_parse_number(member_name, &entry)) | |
868 | +- return -EINVAL; | |
869 | +- if (!ccs_correct_word(group_name)) | |
870 | +- return -EINVAL; | |
871 | +- saved_group_name = ccs_savename(group_name); | |
872 | +- for (i = 0; i < ccs_number_group_list_len; i++) { | |
873 | +- group = &ccs_number_group_list[i]; | |
874 | +- if (saved_group_name != group->group_name) | |
875 | +- continue; | |
876 | +- for (j = 0; j < group->member_name_len; j++) { | |
877 | +- if (memcmp(&group->member_name[j], &entry, | |
878 | +- sizeof(entry))) | |
879 | +- continue; | |
880 | +- if (!is_delete) | |
881 | +- return 0; | |
882 | +- while (j < group->member_name_len - 1) | |
883 | +- group->member_name[j] | |
884 | +- = group->member_name[j + 1]; | |
885 | +- group->member_name_len--; | |
886 | +- return 0; | |
887 | +- } | |
888 | +- break; | |
889 | +- } | |
890 | +- if (is_delete) | |
891 | +- return -ENOENT; | |
892 | +- if (i == ccs_number_group_list_len) { | |
893 | +- ccs_number_group_list = | |
894 | +- ccs_realloc(ccs_number_group_list, | |
895 | +- (ccs_number_group_list_len + 1) * | |
896 | +- sizeof(struct ccs_number_group_entry)); | |
897 | +- group = &ccs_number_group_list[ccs_number_group_list_len++]; | |
898 | +- memset(group, 0, sizeof(struct ccs_number_group_entry)); | |
899 | +- group->group_name = saved_group_name; | |
900 | +- } | |
901 | +- group->member_name = | |
902 | +- ccs_realloc(group->member_name, (group->member_name_len + 1) * | |
903 | +- sizeof(const struct ccs_number_entry)); | |
904 | +- group->member_name[group->member_name_len++] = entry; | |
905 | +- return 0; | |
906 | +-} | |
907 | +- | |
908 | +-/** | |
909 | +- * ccs_find_number_group - Find an "number_group" by name. | |
910 | +- * | |
911 | +- * @group_name: Group name to find. | |
912 | +- * | |
913 | +- * Returns pointer to "struct ccs_number_group_entry" if found, | |
914 | +- * NULL otherwise. | |
915 | +- */ | |
916 | +-static struct ccs_number_group_entry *ccs_find_number_group | |
917 | +-(const char *group_name) | |
918 | +-{ | |
919 | +- int i; | |
920 | +- for (i = 0; i < ccs_number_group_list_len; i++) { | |
921 | +- if (!strcmp(group_name, | |
922 | +- ccs_number_group_list[i].group_name->name)) | |
923 | +- return &ccs_number_group_list[i]; | |
924 | +- } | |
925 | +- return NULL; | |
926 | +-} | |
927 | +- | |
928 | +-/** | |
929 | +- * ccs_editpolicy_clear_groups - Clear path_group/number_group/address_group for reloading policy. | |
930 | +- * | |
931 | +- * Returns nothing. | |
932 | +- */ | |
933 | +-void ccs_editpolicy_clear_groups(void) | |
934 | +-{ | |
935 | +- while (ccs_path_group_list_len) | |
936 | +- free(ccs_path_group_list[--ccs_path_group_list_len]. | |
937 | +- member_name); | |
938 | +- /* | |
939 | +- while (ccs_address_group_list_len) | |
940 | +- free(ccs_address_group_list[--ccs_address_group_list_len]. | |
941 | +- member_name); | |
942 | +- */ | |
943 | +- ccs_address_group_list_len = 0; | |
944 | +- ccs_number_group_list_len = 0; | |
945 | +-} |