diff options
| author | markster <markster@f38db490-d61c-443f-a65b-d21fe96a405b> | 2002-05-30 01:40:29 +0000 |
|---|---|---|
| committer | markster <markster@f38db490-d61c-443f-a65b-d21fe96a405b> | 2002-05-30 01:40:29 +0000 |
| commit | 1894676b424803dd8dee2df9c0b76beeeb695fac (patch) | |
| tree | 643b78509cf00b053cdb487804b4499a1b2f0db4 /acl.c | |
| parent | add416e064b0ba02f5efd6a1a6dcfdc8a353bdb8 (diff) | |
Version 0.1.12 from FTP
git-svn-id: http://svn.digium.com/svn/asterisk/trunk@454 f38db490-d61c-443f-a65b-d21fe96a405b
Diffstat (limited to 'acl.c')
| -rwxr-xr-x | acl.c | 116 |
1 files changed, 116 insertions, 0 deletions
@@ -0,0 +1,116 @@ +/* + * Asterisk -- A telephony toolkit for Linux. + * + * Various sorts of access control + * + * Copyright (C) 1999, Mark Spencer + * + * Mark Spencer <markster@linux-support.net> + * + * This program is free software, distributed under the terms of + * the GNU General Public License + */ + +#include <stdio.h> +#include <stdlib.h> +#include <pthread.h> +#include <string.h> +#include <sys/time.h> +#include <signal.h> +#include <errno.h> +#include <unistd.h> +#include <asterisk/acl.h> +#include <asterisk/logger.h> +#include <arpa/inet.h> +#include <sys/socket.h> +#include <netdb.h> + +#define AST_SENSE_DENY 0 +#define AST_SENSE_ALLOW 1 + +struct ast_ha { + /* Host access rule */ + struct in_addr netaddr; + struct in_addr netmask; + int sense; + struct ast_ha *next; +}; + +void ast_free_ha(struct ast_ha *ha) +{ + struct ast_ha *hal; + while(ha) { + hal = ha; + ha = ha->next; + free(hal); + } +} + +struct ast_ha *ast_append_ha(char *sense, char *stuff, struct ast_ha *path) +{ + struct ast_ha *ha = malloc(sizeof(struct ast_ha)); + char *nm; + struct ast_ha *prev = NULL; + struct ast_ha *ret; + ret = path; + while(path) { + prev = path; + path = path->next; + } + if (ha) { + strtok(stuff, "/"); + nm = strtok(NULL, "/"); + if (!nm) + nm = "255.255.255.255"; + if (!inet_aton(stuff, &ha->netaddr)) { + ast_log(LOG_WARNING, "%s not a valid IP\n", stuff); + free(ha); + return NULL; + } + if (!inet_aton(nm, &ha->netmask)) { + ast_log(LOG_WARNING, "%s not a valid netmask\n", nm); + free(ha); + return NULL; + } + ha->netaddr.s_addr &= ha->netmask.s_addr; + if (!strncasecmp(sense, "p", 1)) { + ha->sense = AST_SENSE_ALLOW; + } else { + ha->sense = AST_SENSE_DENY; + } + ha->next = NULL; + if (prev) + prev->next = ha; + else + ret = ha; + } + return NULL; +} + +int ast_apply_ha(struct ast_ha *ha, struct sockaddr_in *sin) +{ + /* Start optimistic */ + int res = AST_SENSE_ALLOW; + while(ha) { + /* For each rule, if this address and the netmask = the net address + apply the current rule */ + if ((sin->sin_addr.s_addr & ha->netmask.s_addr) == (ha->netaddr.s_addr)) + res = ha->sense; + ha = ha->next; + } + return res; +} + +int ast_get_ip(struct sockaddr_in *sin, char *value) +{ + struct hostent *hp; + hp = gethostbyname(value); + if (hp) { + memcpy(&sin->sin_addr, hp->h_addr, sizeof(sin->sin_addr)); + } else { + ast_log(LOG_WARNING, "Unable to lookup '%s'\n", value); + return -1; + } + return 0; +} + |