diff options
author | Andrew Cady <d@jerkface.net> | 2020-08-21 08:01:08 -0400 |
---|---|---|
committer | Andrew Cady <d@jerkface.net> | 2020-08-21 08:01:58 -0400 |
commit | 1c8ef41b1b7c42bcfe5625f6996d02a0e3dae5d0 (patch) | |
tree | 312584112f4efea58bd09a5ead83814d87126af6 | |
parent | de2f3dcbd8e5769c24e13cb2796bab006176e437 (diff) |
Move rule check to separate function
Renamed some variables. Improved clarity of conditional.
-rw-r--r-- | main.c | 50 |
1 files changed, 30 insertions, 20 deletions
@@ -109,7 +109,7 @@ int allowed_toxid_cmp(allowed_toxid *a, allowed_toxid *b) | |||
109 | } | 109 | } |
110 | 110 | ||
111 | /* Comparison function for rule objects */ | 111 | /* Comparison function for rule objects */ |
112 | int rule_cmp(rule *a, rule *b) | 112 | int rule_match(rule *a, rule *b) |
113 | { | 113 | { |
114 | //log_printf(L_INFO, "Comparison result: %d %d\n", strcmp(a->host, b->host), (a->port == b->port)); | 114 | //log_printf(L_INFO, "Comparison result: %d %d\n", strcmp(a->host, b->host), (a->port == b->port)); |
115 | if ((strcmp(a->host, b->host)==0) && (a->port == b->port)) | 115 | if ((strcmp(a->host, b->host)==0) && (a->port == b->port)) |
@@ -423,6 +423,34 @@ int handle_ping_frame(protocol_frame *rcvd_frame) | |||
423 | return 0; | 423 | return 0; |
424 | } | 424 | } |
425 | 425 | ||
426 | bool check_requested_tunnel_against_rules(char *hostname, in_port_t port) | ||
427 | { | ||
428 | switch(rules_policy) | ||
429 | { | ||
430 | case NONE: | ||
431 | return true; | ||
432 | case VALIDATE: | ||
433 | if(nrules > 0) | ||
434 | { | ||
435 | rule candidate, *found = NULL; | ||
436 | candidate.host = hostname; | ||
437 | candidate.port = port; | ||
438 | |||
439 | LL_SEARCH(rules, found, &candidate, rule_match); | ||
440 | if(!found) | ||
441 | { | ||
442 | log_printf(L_WARNING, "Rejected, request not in rules\n"); | ||
443 | } | ||
444 | return found; | ||
445 | } | ||
446 | log_printf(L_WARNING, "Filter option active but no allowed host/port. All requests will be dropped.\n"); | ||
447 | return false; | ||
448 | default: | ||
449 | log_printf(L_WARNING, "BUG: invalid rules_policy (impossible!)\n"); | ||
450 | return false; | ||
451 | } | ||
452 | } | ||
453 | |||
426 | int handle_request_tunnel_frame(protocol_frame *rcvd_frame) | 454 | int handle_request_tunnel_frame(protocol_frame *rcvd_frame) |
427 | { | 455 | { |
428 | char *hostname = NULL; | 456 | char *hostname = NULL; |
@@ -450,30 +478,12 @@ int handle_request_tunnel_frame(protocol_frame *rcvd_frame) | |||
450 | 478 | ||
451 | log_printf(L_INFO, "Got a request to forward data from %s:%d\n", hostname, port); | 479 | log_printf(L_INFO, "Got a request to forward data from %s:%d\n", hostname, port); |
452 | 480 | ||
453 | // check rules | 481 | if (!check_requested_tunnel_against_rules(hostname, port)) |
454 | if(rules_policy == VALIDATE && nrules > 0) | ||
455 | { | 482 | { |
456 | rule temp_rule, *found = NULL; | ||
457 | temp_rule.host = hostname; | ||
458 | temp_rule.port = port; | ||
459 | |||
460 | LL_SEARCH(rules, found, &temp_rule, rule_cmp); | ||
461 | if(!found) | ||
462 | { | ||
463 | log_printf(L_WARNING, "Rejected, request not in rules\n"); | ||
464 | free(hostname); | ||
465 | return -1; | ||
466 | } | ||
467 | } | ||
468 | else if (rules_policy != NONE) | ||
469 | { | ||
470 | log_printf(L_WARNING, "Filter option active but no allowed host/port. All requests will be dropped.\n"); | ||
471 | free(hostname); | 483 | free(hostname); |
472 | return -1; | 484 | return -1; |
473 | } | 485 | } |
474 | 486 | ||
475 | |||
476 | |||
477 | tunnel_id = get_random_tunnel_id(); | 487 | tunnel_id = get_random_tunnel_id(); |
478 | log_printf(L_DEBUG, "Tunnel ID: %d\n", tunnel_id); | 488 | log_printf(L_DEBUG, "Tunnel ID: %d\n", tunnel_id); |
479 | 489 | ||