OSDN -- オープンソース・ソフトウェアの開発とダウンロード
日本語の翻訳状況 translation status for ja
  • R/O
  • SSH
  • HTTPS

tomoyo: コミット


コミットメタ情報

リビジョン6398 (tree)
日時2015-04-16 17:27:25
作者kumaneko

ログメッセージ

(メッセージはありません)

変更サマリ

差分

--- branches/editpolicy.diff (nonexistent)
+++ branches/editpolicy.diff (revision 6398)
@@ -0,0 +1,945 @@
1+Index: trunk/1.8.x/ccs-tools/usr_sbin/editpolicy.c
2+===================================================================
3+--- trunk/1.8.x/ccs-tools/usr_sbin/editpolicy.c (revision 6397)
4++++ trunk/1.8.x/ccs-tools/usr_sbin/editpolicy.c (working copy)
5+@@ -34,6 +34,19 @@
6+ struct ccs_path_group_entry *ccs_path_group_list = NULL;
7+ /* Length of ccs_path_group_list array. */
8+ int ccs_path_group_list_len = 0;
9++/* Array of "number_group" entry. */
10++struct ccs_number_group_entry *ccs_number_group_list = NULL;
11++/* Length of ccs_number_group_list array. */
12++int ccs_number_group_list_len = 0;
13++/* Array of "address_group" entry. */
14++struct ccs_address_group_entry *ccs_address_group_list = NULL;
15++/* Length of ccs_address_group_list array. */
16++int ccs_address_group_list_len = 0;
17++/* Array of "acl_group" entry. */
18++char **acl_group_list[256];
19++/* Length of acl_group_list array.*/
20++int acl_group_list_len[256];
21++
22+ /* Array of string ACL entries. */
23+ struct ccs_generic_acl *ccs_gacl_list = NULL;
24+ /* Length of ccs_generic_list array. */
25+@@ -126,10 +139,17 @@
26+ static enum ccs_screen_type ccs_select_window(const int current);
27+ static int ccs_add_path_group_entry(const struct ccs_path_info *ns,
28+ const char *group_name,
29+- const char *member_name,
30+- const _Bool is_delete);
31++ const char *member_name);
32+ static int ccs_add_path_group_policy(const struct ccs_path_info *ns,
33+- char *data, const _Bool is_delete);
34++ char *data);
35++static int ccs_add_number_group_entry(const char *group_name,
36++ const char *member_name);
37++static int ccs_add_number_group_policy(char *data);
38++static int ccs_add_address_group_entry(const char *group_name,
39++ const char *member_name);
40++static int ccs_add_address_group_policy(char *data);
41++static void ccs_add_acl_group_policy(int group, char *data);
42++static void ccs_editpolicy_clear_groups(void);
43+ static int ccs_add_transition_control_entry(const struct ccs_path_info *ns,
44+ const char *domainname,
45+ const char *program, const enum
46+@@ -172,6 +192,13 @@
47+ static void ccs_sigalrm_handler(int sig);
48+ static void ccs_up_arrow_key(void);
49+
50++#define ccs_alloc(ptr, size, count) \
51++ ({ \
52++ ptr = ccs_realloc((ptr), (size) * ((count) + 1)); \
53++ memset(&ptr[(count)], 0, size); \
54++ &ptr[(count)++]; \
55++ })
56++
57+ /**
58+ * ccs_find_domain3 - Find a domain by name and other attributes.
59+ *
60+@@ -232,16 +259,12 @@
61+ int index = ccs_find_domain3(domainname, target, is_dd);
62+ if (index >= 0)
63+ return index;
64+- index = ccs_dp.list_len++;
65+- ccs_dp.list = ccs_realloc(ccs_dp.list, ccs_dp.list_len *
66+- sizeof(struct ccs_domain));
67+- ptr = &ccs_dp.list[index];
68+- memset(ptr, 0, sizeof(*ptr));
69++ ptr = ccs_alloc(ccs_dp.list, sizeof(*ptr), ccs_dp.list_len);
70+ ptr->domainname = ccs_savename(domainname);
71+ if (target)
72+ ptr->target = ccs_savename(target);
73+ ptr->is_dd = is_dd;
74+- return index;
75++ return ccs_dp.list_len - 1;
76+ }
77+
78+ /**
79+@@ -275,11 +298,8 @@
80+ if (cp == acl_ptr[i])
81+ return 0;
82+
83+- acl_ptr = ccs_realloc(acl_ptr, (acl_count + 1) *
84+- sizeof(const struct ccs_path_info *));
85+- acl_ptr[acl_count++] = cp;
86+- ccs_dp.list[index].string_ptr = acl_ptr;
87+- ccs_dp.list[index].string_count = acl_count;
88++ *ccs_alloc(ccs_dp.list[index].string_ptr, sizeof(*acl_ptr),
89++ ccs_dp.list[index].string_count) = cp;
90+ return 0;
91+ }
92+
93+@@ -590,23 +610,116 @@
94+ /**
95+ * ccs_add_path_group_policy - Add "path_group" entry.
96+ *
97+- * @ns: Pointer to "const struct ccs_path_info".
98+- * @data: Line to parse.
99+- * @is_delete: True if it is delete request, false otherwise.
100++ * @ns: Pointer to "const struct ccs_path_info".
101++ * @data: Line to parse.
102+ *
103+ * Returns 0 on success, negative value otherwise.
104+ */
105+ static int ccs_add_path_group_policy(const struct ccs_path_info *ns,
106+- char *data, const _Bool is_delete)
107++ char *data)
108+ {
109+ char *cp = strchr(data, ' ');
110+ if (!cp)
111+ return -EINVAL;
112+ *cp++ = '\0';
113+- return ccs_add_path_group_entry(ns, data, cp, is_delete);
114++ return ccs_add_path_group_entry(ns, data, cp);
115+ }
116+
117+ /**
118++ * ccs_add_number_group_policy - Add "number_group" entry.
119++ *
120++ * @data: Line to parse.
121++ *
122++ * Returns 0 on success, negative value otherwise.
123++ */
124++static int ccs_add_number_group_policy(char *data)
125++{
126++ char *cp = strchr(data, ' ');
127++ if (!cp)
128++ return -EINVAL;
129++ *cp++ = '\0';
130++ return ccs_add_number_group_entry(data, cp);
131++}
132++
133++/**
134++ * ccs_add_address_group_policy - Add "address_group" entry.
135++ *
136++ * @data: Line to parse.
137++ *
138++ * Returns 0 on success, negative value otherwise.
139++ */
140++static int ccs_add_address_group_policy(char *data)
141++{
142++ char *cp = strchr(data, ' ');
143++ if (!cp)
144++ return -EINVAL;
145++ *cp++ = '\0';
146++ return ccs_add_address_group_entry(data, cp);
147++}
148++
149++/**
150++ * ccs_add_acl_group_policys - Add "acl_group" entry.
151++ *
152++ * @group: Group number.
153++ * @data: Line to parse.
154++ *
155++ * Returns nothing.
156++ */
157++static void ccs_add_acl_group_policy(int group, char *data)
158++{
159++ char **ptr = acl_group_list[group];
160++ const int len = acl_group_list_len[group];
161++ int i;
162++ for (i = 0; i < len; i++)
163++ if (!strcmp(ptr[i], data))
164++ return;
165++ *ccs_alloc(acl_group_list[group], sizeof(char *),
166++ acl_group_list_len[group]) = ccs_strdup(data);
167++}
168++
169++/**
170++ * ccs_editpolicy_clear_groups - Clear path_group/number_group/address_group for reloading policy.
171++ *
172++ * Returns nothing.
173++ */
174++static void ccs_editpolicy_clear_groups(void)
175++{
176++ int i;
177++ for (i = 0; i < 256; i++)
178++ while (acl_group_list_len[i])
179++ free(acl_group_list[i][--acl_group_list_len[i]]);
180++ while (ccs_path_group_list_len)
181++ free(ccs_path_group_list[--ccs_path_group_list_len].
182++ member_name);
183++ while (ccs_number_group_list_len)
184++ free(ccs_number_group_list[--ccs_number_group_list_len].
185++ member_name);
186++ while (ccs_address_group_list_len)
187++ free(ccs_address_group_list[--ccs_address_group_list_len].
188++ member_name);
189++}
190++
191++/**
192++ * ccs_find_path_group_ns - Find "path_group" entry.
193++ *
194++ * @ns: Pointer to "const struct ccs_path_info".
195++ * @group_name: Name of path group.
196++ *
197++ * Returns pointer to "struct ccs_path_group_entry" if found, NULL otherwise.
198++ */
199++struct ccs_path_group_entry *ccs_find_path_group_ns
200++(const struct ccs_path_info *ns, const char *group_name)
201++{
202++ int i;
203++ for (i = 0; i < ccs_path_group_list_len; i++)
204++ if (!ccs_pathcmp(ccs_path_group_list[i].ns, ns) &&
205++ !strcmp(group_name,
206++ ccs_path_group_list[i].group_name->name))
207++ return &ccs_path_group_list[i];
208++ return NULL;
209++}
210++
211++/**
212+ * ccs_assign_djs - Assign domain jump source domain.
213+ *
214+ * @ns: Pointer to "const struct ccs_path_info".
215+@@ -1224,17 +1337,15 @@
216+ static void ccs_add_generic_entry(const char *line, const enum
217+ ccs_editpolicy_directives directive)
218+ {
219++ struct ccs_generic_acl *ptr;
220+ int i;
221+ for (i = 0; i < ccs_gacl_list_count; i++)
222+ if (ccs_gacl_list[i].directive == directive &&
223+ !strcmp(line, ccs_gacl_list[i].operand))
224+ return;
225+- i = ccs_gacl_list_count++;
226+- ccs_gacl_list = ccs_realloc(ccs_gacl_list, ccs_gacl_list_count *
227+- sizeof(struct ccs_generic_acl));
228+- ccs_gacl_list[i].directive = directive;
229+- ccs_gacl_list[i].selected = 0;
230+- ccs_gacl_list[i].operand = ccs_strdup(line);
231++ ptr = ccs_alloc(ccs_gacl_list, sizeof(*ptr), ccs_gacl_list_count);
232++ ptr->directive = directive;
233++ ptr->operand = ccs_strdup(line);
234+ }
235+
236+ /**
237+@@ -1314,16 +1425,21 @@
238+ /* Remember groups for ccs_editpolicy_optimize(). */
239+ if (directive != CCS_DIRECTIVE_PATH_GROUP &&
240+ directive != CCS_DIRECTIVE_NUMBER_GROUP &&
241+- directive != CCS_DIRECTIVE_ADDRESS_GROUP)
242++ directive != CCS_DIRECTIVE_ADDRESS_GROUP &&
243++ (directive < CCS_DIRECTIVE_ACL_GROUP_000 ||
244++ directive > CCS_DIRECTIVE_ACL_GROUP_255))
245+ break;
246+ cp = ccs_strdup(line);
247+ if (directive == CCS_DIRECTIVE_PATH_GROUP)
248+- ccs_add_path_group_policy(ccs_current_ns, cp,
249+- false);
250++ ccs_add_path_group_policy(ccs_current_ns, cp);
251+ else if (directive == CCS_DIRECTIVE_NUMBER_GROUP)
252+- ccs_add_number_group_policy(cp, false);
253++ ccs_add_number_group_policy(cp);
254++ else if (directive == CCS_DIRECTIVE_ADDRESS_GROUP)
255++ ccs_add_address_group_policy(cp);
256+ else
257+- ccs_add_address_group_policy(cp, false);
258++ ccs_add_acl_group_policy
259++ (directive -
260++ CCS_DIRECTIVE_ACL_GROUP_000, cp);
261+ free(cp);
262+ break;
263+ case CCS_SCREEN_ACL_LIST:
264+@@ -1404,12 +1520,8 @@
265+ if (!ccs_correct_domain(domainname))
266+ if (!ccs_correct_path(domainname))
267+ return -EINVAL;
268+- ccs_transition_control_list =
269+- ccs_realloc(ccs_transition_control_list,
270+- (ccs_transition_control_list_len + 1) *
271+- sizeof(struct ccs_transition_control_entry));
272+- ptr = &ccs_transition_control_list[ccs_transition_control_list_len++];
273+- memset(ptr, 0, sizeof(*ptr));
274++ ptr = ccs_alloc(ccs_transition_control_list, sizeof(*ptr),
275++ ccs_transition_control_list_len);
276+ ptr->ns = ns;
277+ if (program && strcmp(program, "any"))
278+ ptr->program = ccs_savename(program);
279+@@ -1425,14 +1537,12 @@
280+ * @ns: Pointer to "const struct ccs_path_info".
281+ * @group_name: Name of address group.
282+ * @member_name: Address string.
283+- * @is_delete: True if it is delete request, false otherwise.
284+ *
285+ * Returns 0 on success, negative value otherwise.
286+ */
287+ static int ccs_add_path_group_entry(const struct ccs_path_info *ns,
288+ const char *group_name,
289+- const char *member_name,
290+- const _Bool is_delete)
291++ const char *member_name)
292+ {
293+ const struct ccs_path_info *saved_group_name;
294+ const struct ccs_path_info *saved_member_name;
295+@@ -1449,38 +1559,104 @@
296+ continue;
297+ if (saved_group_name != group->group_name)
298+ continue;
299+- for (j = 0; j < group->member_name_len; j++) {
300+- if (group->member_name[j] != saved_member_name)
301+- continue;
302+- if (!is_delete)
303++ for (j = 0; j < group->member_name_len; j++)
304++ if (group->member_name[j] == saved_member_name)
305+ return 0;
306+- while (j < group->member_name_len - 1)
307+- group->member_name[j] =
308+- group->member_name[j + 1];
309+- group->member_name_len--;
310+- return 0;
311+- }
312+ break;
313+ }
314+- if (is_delete)
315+- return -ENOENT;
316+ if (i == ccs_path_group_list_len) {
317+- ccs_path_group_list =
318+- ccs_realloc(ccs_path_group_list,
319+- (ccs_path_group_list_len + 1) *
320+- sizeof(struct ccs_path_group_entry));
321+- group = &ccs_path_group_list[ccs_path_group_list_len++];
322+- memset(group, 0, sizeof(*group));
323++ group = ccs_alloc(ccs_path_group_list, sizeof(*group),
324++ ccs_path_group_list_len);
325+ group->ns = ns;
326+ group->group_name = saved_group_name;
327+ }
328+- group->member_name =
329+- ccs_realloc(group->member_name, (group->member_name_len + 1) *
330+- sizeof(const struct ccs_path_info *));
331+- group->member_name[group->member_name_len++] = saved_member_name;
332++ *ccs_alloc(group->member_name, sizeof(saved_member_name),
333++ group->member_name_len) = saved_member_name;
334+ return 0;
335+ }
336+
337++/**
338++ * ccs_add_number_group_entry - Add "number_group" entry.
339++ *
340++ * @group_name: Name of number group.
341++ * @member_name: Number string.
342++ *
343++ * Returns 0 on success, negative value otherwise.
344++ */
345++static int ccs_add_number_group_entry(const char *group_name,
346++ const char *member_name)
347++{
348++ const struct ccs_path_info *saved_group_name;
349++ int i;
350++ int j;
351++ struct ccs_number_entry entry;
352++ struct ccs_number_group_entry *group = NULL;
353++ if (ccs_parse_number(member_name, &entry))
354++ return -EINVAL;
355++ if (!ccs_correct_word(group_name))
356++ return -EINVAL;
357++ saved_group_name = ccs_savename(group_name);
358++ for (i = 0; i < ccs_number_group_list_len; i++) {
359++ group = &ccs_number_group_list[i];
360++ if (saved_group_name != group->group_name)
361++ continue;
362++ for (j = 0; j < group->member_name_len; j++)
363++ if (!memcmp(&group->member_name[j], &entry,
364++ sizeof(entry)))
365++ return 0;
366++ break;
367++ }
368++ if (i == ccs_number_group_list_len) {
369++ group = ccs_alloc(ccs_number_group_list, sizeof(*group),
370++ ccs_number_group_list_len);
371++ group->group_name = saved_group_name;
372++ }
373++ *ccs_alloc(group->member_name, sizeof(entry), group->member_name_len) =
374++ entry;
375++ return 0;
376++}
377++
378++/**
379++ * ccs_add_address_group_entry - Add "address_group" entry.
380++ *
381++ * @group_name: Name of address group.
382++ * @member_name: Address string.
383++ *
384++ * Returns 0 on success, negative value otherwise.
385++ */
386++static int ccs_add_address_group_entry(const char *group_name,
387++ const char *member_name)
388++{
389++ const struct ccs_path_info *saved_group_name;
390++ int i;
391++ int j;
392++ struct ccs_ip_address_entry entry;
393++ struct ccs_address_group_entry *group = NULL;
394++ if (ccs_parse_ip(member_name, &entry))
395++ return -EINVAL;
396++ if (!ccs_correct_word(group_name))
397++ return -EINVAL;
398++ saved_group_name = ccs_savename(group_name);
399++ for (i = 0; i < ccs_address_group_list_len; i++) {
400++ group = &ccs_address_group_list[i];
401++ if (saved_group_name != group->group_name)
402++ continue;
403++ for (j = 0; j < group->member_name_len; j++)
404++ if (!memcmp(&group->member_name[j], &entry,
405++ sizeof(entry)))
406++ return 0;
407++ break;
408++ }
409++ if (i == ccs_address_group_list_len) {
410++ group = ccs_alloc(ccs_address_group_list, sizeof(*group),
411++ ccs_address_group_list_len);
412++ group->group_name = saved_group_name;
413++ }
414++ *ccs_alloc(group->member_name, sizeof(entry), group->member_name_len) =
415++ entry;
416++ return 0;
417++}
418++
419+ /*
420+ * List of "task auto_domain_transition" "task manual_domain_transition"
421+ * "auto_domain_transition=" part.
422+@@ -1515,9 +1691,8 @@
423+ ccs_dp.list[index].domainname->name, cp);
424+ domainname[sizeof(domainname) - 1] = '\0';
425+ ccs_normalize_line(domainname);
426+- ccs_jump_list = ccs_realloc(ccs_jump_list,
427+- (ccs_jump_list_len + 1) * sizeof(char *));
428+- ccs_jump_list[ccs_jump_list_len++] = ccs_strdup(domainname);
429++ *ccs_alloc(ccs_jump_list, sizeof(char *), ccs_jump_list_len) =
430++ ccs_strdup(domainname);
431+ ccs_assign_domain3(domainname, *cp == '<' ? cp : domainname, false);
432+ }
433+
434+@@ -1541,9 +1716,8 @@
435+ }
436+ if (!ccs_correct_domain(line))
437+ return;
438+- ccs_jump_list = ccs_realloc(ccs_jump_list,
439+- (ccs_jump_list_len + 1) * sizeof(char *));
440+- ccs_jump_list[ccs_jump_list_len++] = ccs_strdup(line);
441++ *ccs_alloc(ccs_jump_list, sizeof(char *), ccs_jump_list_len) =
442++ ccs_strdup(line);
443+ snprintf(domainname, sizeof(domainname) - 1, "%s %s",
444+ ccs_dp.list[index].domainname->name, ccs_get_last_word(line));
445+ domainname[sizeof(domainname) - 1] = '\0';
446+@@ -1583,11 +1757,8 @@
447+ goto add;
448+ return false;
449+ add:
450+- ccs_transition_preference_list =
451+- ccs_realloc(ccs_transition_preference_list, sizeof(*ptr) *
452+- (ccs_transition_preference_list_len + 1));
453+- ptr = &ccs_transition_preference_list
454+- [ccs_transition_preference_list_len++];
455++ ptr = ccs_alloc(ccs_transition_preference_list, sizeof(*ptr),
456++ ccs_transition_preference_list_len);
457+ ptr->index = index;
458+ ptr->domainname = ccs_strdup(domainname);
459+ ptr->program = ccs_strdup(program);
460+@@ -1734,16 +1905,17 @@
461+ return;
462+ }
463+ if (ccs_str_starts(line, "path_group "))
464+- ccs_add_path_group_policy(ns, line, false);
465++ ccs_add_path_group_policy(ns, line);
466+ else if (ccs_str_starts(line, "address_group "))
467+- ccs_add_address_group_policy(line, false);
468++ ccs_add_address_group_policy(line);
469+ else if (ccs_str_starts(line, "number_group "))
470+- ccs_add_number_group_policy(line, false);
471++ ccs_add_number_group_policy(line);
472+ else if (sscanf(line, "acl_group %u", &group) == 1 && group < 256) {
473+ int index;
474+ line = strchr(line + 10, ' ');
475+ if (!line++)
476+ return;
477++ ccs_add_acl_group_policy(group, line);
478+ for (index = 0; index < ccs_dp.list_len; index++) {
479+ char *cp;
480+ const struct ccs_domain *ptr = &ccs_dp.list[index];
481+@@ -3695,6 +3867,8 @@
482+
483+ int main(int argc, char *argv[])
484+ {
485++ memset(acl_group_list, 0, sizeof(acl_group_list));
486++ memset(acl_group_list_len, 0, sizeof(acl_group_list_len));
487+ ccs_parse_args(argc, argv);
488+ ccs_editpolicy_init_keyword_map();
489+ if (ccs_offline_mode)
490+Index: trunk/1.8.x/ccs-tools/usr_sbin/editpolicy.h
491+===================================================================
492+--- trunk/1.8.x/ccs-tools/usr_sbin/editpolicy.h (revision 6397)
493++++ trunk/1.8.x/ccs-tools/usr_sbin/editpolicy.h (working copy)
494+@@ -406,6 +406,18 @@
495+ int member_name_len;
496+ };
497+
498++struct ccs_address_group_entry {
499++ const struct ccs_path_info *group_name;
500++ struct ccs_ip_address_entry *member_name;
501++ int member_name_len;
502++};
503++
504++struct ccs_number_group_entry {
505++ const struct ccs_path_info *group_name;
506++ struct ccs_number_entry *member_name;
507++ int member_name_len;
508++};
509++
510+ struct ccs_readline_data {
511+ const char **history;
512+ int count;
513+@@ -432,11 +444,8 @@
514+ enum ccs_color_pair ccs_editpolicy_color_head(void);
515+ enum ccs_editpolicy_directives ccs_find_directive(const _Bool forward,
516+ char *line);
517+-int ccs_add_address_group_policy(char *data, const _Bool is_delete);
518+-int ccs_add_number_group_policy(char *data, const _Bool is_delete);
519+ int ccs_editpolicy_get_current(void);
520+ void ccs_editpolicy_attr_change(const attr_t attr, const _Bool flg);
521+-void ccs_editpolicy_clear_groups(void);
522+ void ccs_editpolicy_color_change(const attr_t attr, const _Bool flg);
523+ void ccs_editpolicy_color_init(void);
524+ void ccs_editpolicy_init_keyword_map(void);
525+@@ -472,9 +481,15 @@
526+ extern enum ccs_screen_type ccs_current_screen;
527+ extern int ccs_list_item_count;
528+ extern int ccs_path_group_list_len;
529++extern int ccs_number_group_list_len;
530++extern int ccs_address_group_list_len;
531++extern int acl_group_list_len[256];
532+ extern struct ccs_domain_policy3 ccs_dp;
533+ extern struct ccs_editpolicy_directive ccs_directives[CCS_MAX_DIRECTIVE_INDEX];
534+ extern struct ccs_generic_acl *ccs_gacl_list;
535+ extern struct ccs_path_group_entry *ccs_path_group_list;
536++extern struct ccs_number_group_entry *ccs_number_group_list;
537++extern struct ccs_address_group_entry *ccs_address_group_list;
538++extern char **acl_group_list[256];
539+ extern struct ccs_screen ccs_screen[CCS_MAXSCREEN];
540+ extern const struct ccs_path_info *ccs_current_ns;
541+Index: trunk/1.8.x/ccs-tools/usr_sbin/editpolicy_optimizer.c
542+===================================================================
543+--- trunk/1.8.x/ccs-tools/usr_sbin/editpolicy_optimizer.c (revision 6397)
544++++ trunk/1.8.x/ccs-tools/usr_sbin/editpolicy_optimizer.c (working copy)
545+@@ -23,77 +23,50 @@
546+ #include "ccstools.h"
547+ #include "editpolicy.h"
548+
549+-struct ccs_address_group_entry {
550+- const struct ccs_path_info *group_name;
551+- struct ccs_ip_address_entry *member_name;
552+- int member_name_len;
553+-};
554+-
555+-struct ccs_number_group_entry {
556+- const struct ccs_path_info *group_name;
557+- struct ccs_number_entry *member_name;
558+- int member_name_len;
559+-};
560+-
561+-/* Array of "address_group" entry. */
562+-static struct ccs_address_group_entry *ccs_address_group_list = NULL;
563+-/* Length of ccs_address_group_list array. */
564+-static int ccs_address_group_list_len = 0;
565+-/* Array of "number_group" entry. */
566+-static struct ccs_number_group_entry *ccs_number_group_list = NULL;
567+-/* Length of ccs_number_group_list array. */
568+-static int ccs_number_group_list_len = 0;
569+-
570+-static _Bool ccs_compare_address(const char *sarg, const char *darg);
571+-static _Bool ccs_compare_number(const char *sarg, const char *darg);
572+-static _Bool ccs_compare_path(const char *sarg, const char *darg);
573+-static int ccs_add_address_group_entry(const char *group_name,
574+- const char *member_name,
575+- const _Bool is_delete);
576+-static int ccs_add_number_group_entry(const char *group_name,
577+- const char *member_name,
578+- const _Bool is_delete);
579+ static struct ccs_address_group_entry *ccs_find_address_group
580+ (const char *group_name);
581+ static struct ccs_number_group_entry *ccs_find_number_group
582+ (const char *group_name);
583++static _Bool ccs_compare_address(const char *sarg, const char *darg);
584++static _Bool ccs_compare_number(const char *sarg, const char *darg);
585++static _Bool ccs_compare_path(const char *sarg, const char *darg);
586+
587+ /**
588+- * ccs_find_path_group_ns - Find "path_group" entry.
589++ * ccs_find_address_group - Find an "address_group" by name.
590+ *
591+- * @ns: Pointer to "const struct ccs_path_info".
592+- * @group_name: Name of path group.
593++ * @group_name: Group name to find.
594+ *
595+- * Returns pointer to "struct ccs_path_group_entry" if found, NULL otherwise.
596++ * Returns pointer to "struct ccs_address_group_entry" if found,
597++ * NULL otherwise.
598+ */
599+-struct ccs_path_group_entry *ccs_find_path_group_ns
600+-(const struct ccs_path_info *ns, const char *group_name)
601++static struct ccs_address_group_entry *ccs_find_address_group
602++(const char *group_name)
603+ {
604+ int i;
605+- for (i = 0; i < ccs_path_group_list_len; i++) {
606+- if (!ccs_pathcmp(ccs_path_group_list[i].ns, ns) &&
607+- !strcmp(group_name,
608+- ccs_path_group_list[i].group_name->name))
609+- return &ccs_path_group_list[i];
610+- }
611++ for (i = 0; i < ccs_address_group_list_len; i++)
612++ if (!strcmp(group_name,
613++ ccs_address_group_list[i].group_name->name))
614++ return &ccs_address_group_list[i];
615+ return NULL;
616+ }
617+
618+ /**
619+- * ccs_add_address_group_policy - Add "address_group" entry.
620++ * ccs_find_number_group - Find an "number_group" by name.
621+ *
622+- * @data: Line to parse.
623+- * @is_delete: True if it is delete request, false otherwise.
624++ * @group_name: Group name to find.
625+ *
626+- * Returns 0 on success, negative value otherwise.
627++ * Returns pointer to "struct ccs_number_group_entry" if found,
628++ * NULL otherwise.
629+ */
630+-int ccs_add_address_group_policy(char *data, const _Bool is_delete)
631++static struct ccs_number_group_entry *ccs_find_number_group
632++(const char *group_name)
633+ {
634+- char *cp = strchr(data, ' ');
635+- if (!cp)
636+- return -EINVAL;
637+- *cp++ = '\0';
638+- return ccs_add_address_group_entry(data, cp, is_delete);
639++ int i;
640++ for (i = 0; i < ccs_number_group_list_len; i++)
641++ if (!strcmp(group_name,
642++ ccs_number_group_list[i].group_name->name))
643++ return &ccs_number_group_list[i];
644++ return NULL;
645+ }
646+
647+ /**
648+@@ -296,23 +269,6 @@
649+ }
650+
651+ /**
652+- * ccs_add_number_group_policy - Add "number_group" entry.
653+- *
654+- * @data: Line to parse.
655+- * @is_delete: True if it is delete request, false otherwise.
656+- *
657+- * Returns 0 on success, negative value otherwise.
658+- */
659+-int ccs_add_number_group_policy(char *data, const _Bool is_delete)
660+-{
661+- char *cp = strchr(data, ' ');
662+- if (!cp)
663+- return -EINVAL;
664+- *cp++ = '\0';
665+- return ccs_add_number_group_entry(data, cp, is_delete);
666+-}
667+-
668+-/**
669+ * ccs_compare_number - Compare two numeric values.
670+ *
671+ * @sarg: First number.
672+@@ -350,38 +306,23 @@
673+ }
674+
675+ /**
676+- * ccs_editpolicy_optimize - Try to merge entries included in other entries.
677++ * ccs_editpolicy_do_optimize - Try to merge entries included in other entries.
678+ *
679+- * @current: Index in the domain policy.
680++ * @cp: A line containing operand.
681++ * @s_index: Type of entry.
682++ * @s_index2: Type of entry.
683++ * @is_exception_list: True if optimizing acl_group, false otherwise.
684+ *
685+ * Returns nothing.
686+ */
687+-void ccs_editpolicy_optimize(const int current)
688++static void ccs_editpolicy_do_optimize(char *cp, const int current,
689++ enum ccs_editpolicy_directives s_index,
690++ enum ccs_editpolicy_directives s_index2,
691++ const bool is_exception_list)
692+ {
693+- char *cp;
694+- const bool is_exception_list =
695+- ccs_current_screen == CCS_SCREEN_EXCEPTION_LIST;
696+- enum ccs_editpolicy_directives s_index;
697+- enum ccs_editpolicy_directives s_index2;
698+ int index;
699+ char *s[5];
700+ char *d[5];
701+- if (current < 0)
702+- return;
703+- s_index = ccs_gacl_list[current].directive;
704+- if (s_index == CCS_DIRECTIVE_NONE)
705+- return;
706+- /* Allow acl_group lines to be optimized. */
707+- if (is_exception_list &&
708+- (s_index < CCS_DIRECTIVE_ACL_GROUP_000 ||
709+- s_index > CCS_DIRECTIVE_ACL_GROUP_255))
710+- return;
711+- cp = strdup(ccs_gacl_list[current].operand);
712+- if (!cp)
713+- return;
714+- s_index2 = s_index;
715+- if (is_exception_list)
716+- s_index = ccs_find_directive(true, cp);
717+ ccs_tokenize(cp, s, s_index);
718+ ccs_get();
719+ for (index = 0; index < ccs_list_item_count; index++) {
720+@@ -515,182 +456,56 @@
721+ ccs_gacl_list[index].selected = 1;
722+ }
723+ ccs_put();
724+- free(cp);
725+ }
726+
727+ /**
728+- * ccs_add_address_group_entry - Add "address_group" entry.
729++ * ccs_editpolicy_optimize - Try to merge entries included in other entries.
730+ *
731+- * @group_name: Name of address group.
732+- * @member_name: Address string.
733+- * @is_delete: True if it is delete request, false otherwise.
734++ * @current: Index in the domain policy.
735+ *
736+- * Returns 0 on success, negative value otherwise.
737++ * Returns nothing.
738+ */
739+-static int ccs_add_address_group_entry(const char *group_name,
740+- const char *member_name,
741+- const _Bool is_delete)
742++void ccs_editpolicy_optimize(const int current)
743+ {
744+- const struct ccs_path_info *saved_group_name;
745+- int i;
746+- int j;
747+- struct ccs_ip_address_entry entry;
748+- struct ccs_address_group_entry *group = NULL;
749+- if (ccs_parse_ip(member_name, &entry))
750+- return -EINVAL;
751+- if (!ccs_correct_word(group_name))
752+- return -EINVAL;
753+- saved_group_name = ccs_savename(group_name);
754+- for (i = 0; i < ccs_address_group_list_len; i++) {
755+- group = &ccs_address_group_list[i];
756+- if (saved_group_name != group->group_name)
757+- continue;
758+- for (j = 0; j < group->member_name_len; j++) {
759+- if (memcmp(&group->member_name[j], &entry,
760+- sizeof(entry)))
761+- continue;
762+- if (!is_delete)
763+- return 0;
764+- while (j < group->member_name_len - 1)
765+- group->member_name[j]
766+- = group->member_name[j + 1];
767+- group->member_name_len--;
768+- return 0;
769++ char *cp;
770++ const bool is_exception_list =
771++ ccs_current_screen == CCS_SCREEN_EXCEPTION_LIST;
772++ enum ccs_editpolicy_directives s_index;
773++ enum ccs_editpolicy_directives s_index2;
774++ if (current < 0)
775++ return;
776++ s_index = ccs_gacl_list[current].directive;
777++ if (s_index == CCS_DIRECTIVE_NONE)
778++ return;
779++ /* Allow acl_group lines to be optimized. */
780++ if (is_exception_list &&
781++ (s_index < CCS_DIRECTIVE_ACL_GROUP_000 ||
782++ s_index > CCS_DIRECTIVE_ACL_GROUP_255))
783++ return;
784++ if (s_index == CCS_DIRECTIVE_USE_GROUP) {
785++ unsigned int group = atoi(ccs_gacl_list[current].operand);
786++ int i;
787++ if (group >= 256)
788++ return;
789++ for (i = 0; i < acl_group_list_len[group]; i++) {
790++ cp = strdup(acl_group_list[group][i]);
791++ if (!cp)
792++ return;
793++ s_index = ccs_find_directive(true, cp);
794++ if (s_index != CCS_DIRECTIVE_NONE)
795++ ccs_editpolicy_do_optimize(cp, -1, s_index,
796++ s_index, false);
797++ free(cp);
798+ }
799+- break;
800++ return;
801+ }
802+- if (is_delete)
803+- return -ENOENT;
804+- if (i == ccs_address_group_list_len) {
805+- ccs_address_group_list =
806+- ccs_realloc(ccs_address_group_list,
807+- (ccs_address_group_list_len + 1) *
808+- sizeof(struct ccs_address_group_entry));
809+- group = &ccs_address_group_list[ccs_address_group_list_len++];
810+- memset(group, 0, sizeof(struct ccs_address_group_entry));
811+- group->group_name = saved_group_name;
812+- }
813+- group->member_name =
814+- ccs_realloc(group->member_name, (group->member_name_len + 1) *
815+- sizeof(const struct ccs_ip_address_entry));
816+- group->member_name[group->member_name_len++] = entry;
817+- return 0;
818++ cp = strdup(ccs_gacl_list[current].operand);
819++ if (!cp)
820++ return;
821++ s_index2 = s_index;
822++ if (is_exception_list)
823++ s_index = ccs_find_directive(true, cp);
824++ ccs_editpolicy_do_optimize(cp, current, s_index, s_index2,
825++ is_exception_list);
826++ free(cp);
827+ }
828+-
829+-/**
830+- * ccs_find_address_group - Find an "address_group" by name.
831+- *
832+- * @group_name: Group name to find.
833+- *
834+- * Returns pointer to "struct ccs_address_group_entry" if found,
835+- * NULL otherwise.
836+- */
837+-static struct ccs_address_group_entry *ccs_find_address_group
838+-(const char *group_name)
839+-{
840+- int i;
841+- for (i = 0; i < ccs_address_group_list_len; i++) {
842+- if (!strcmp(group_name,
843+- ccs_address_group_list[i].group_name->name))
844+- return &ccs_address_group_list[i];
845+- }
846+- return NULL;
847+-}
848+-
849+-/**
850+- * ccs_add_number_group_entry - Add "number_group" entry.
851+- *
852+- * @group_name: Name of number group.
853+- * @member_name: Number string.
854+- * @is_delete: True if it is delete request, false otherwise.
855+- *
856+- * Returns 0 on success, negative value otherwise.
857+- */
858+-static int ccs_add_number_group_entry(const char *group_name,
859+- const char *member_name,
860+- const _Bool is_delete)
861+-{
862+- const struct ccs_path_info *saved_group_name;
863+- int i;
864+- int j;
865+- struct ccs_number_entry entry;
866+- struct ccs_number_group_entry *group = NULL;
867+- if (ccs_parse_number(member_name, &entry))
868+- return -EINVAL;
869+- if (!ccs_correct_word(group_name))
870+- return -EINVAL;
871+- saved_group_name = ccs_savename(group_name);
872+- for (i = 0; i < ccs_number_group_list_len; i++) {
873+- group = &ccs_number_group_list[i];
874+- if (saved_group_name != group->group_name)
875+- continue;
876+- for (j = 0; j < group->member_name_len; j++) {
877+- if (memcmp(&group->member_name[j], &entry,
878+- sizeof(entry)))
879+- continue;
880+- if (!is_delete)
881+- return 0;
882+- while (j < group->member_name_len - 1)
883+- group->member_name[j]
884+- = group->member_name[j + 1];
885+- group->member_name_len--;
886+- return 0;
887+- }
888+- break;
889+- }
890+- if (is_delete)
891+- return -ENOENT;
892+- if (i == ccs_number_group_list_len) {
893+- ccs_number_group_list =
894+- ccs_realloc(ccs_number_group_list,
895+- (ccs_number_group_list_len + 1) *
896+- sizeof(struct ccs_number_group_entry));
897+- group = &ccs_number_group_list[ccs_number_group_list_len++];
898+- memset(group, 0, sizeof(struct ccs_number_group_entry));
899+- group->group_name = saved_group_name;
900+- }
901+- group->member_name =
902+- ccs_realloc(group->member_name, (group->member_name_len + 1) *
903+- sizeof(const struct ccs_number_entry));
904+- group->member_name[group->member_name_len++] = entry;
905+- return 0;
906+-}
907+-
908+-/**
909+- * ccs_find_number_group - Find an "number_group" by name.
910+- *
911+- * @group_name: Group name to find.
912+- *
913+- * Returns pointer to "struct ccs_number_group_entry" if found,
914+- * NULL otherwise.
915+- */
916+-static struct ccs_number_group_entry *ccs_find_number_group
917+-(const char *group_name)
918+-{
919+- int i;
920+- for (i = 0; i < ccs_number_group_list_len; i++) {
921+- if (!strcmp(group_name,
922+- ccs_number_group_list[i].group_name->name))
923+- return &ccs_number_group_list[i];
924+- }
925+- return NULL;
926+-}
927+-
928+-/**
929+- * ccs_editpolicy_clear_groups - Clear path_group/number_group/address_group for reloading policy.
930+- *
931+- * Returns nothing.
932+- */
933+-void ccs_editpolicy_clear_groups(void)
934+-{
935+- while (ccs_path_group_list_len)
936+- free(ccs_path_group_list[--ccs_path_group_list_len].
937+- member_name);
938+- /*
939+- while (ccs_address_group_list_len)
940+- free(ccs_address_group_list[--ccs_address_group_list_len].
941+- member_name);
942+- */
943+- ccs_address_group_list_len = 0;
944+- ccs_number_group_list_len = 0;
945+-}
旧リポジトリブラウザで表示