contrib/bind-9.5.2/bin/named/sortlist.c

   1 /*
   2  * Copyright (C) 2004-2007  Internet Systems Consortium, Inc. ("ISC")
   3  * Copyright (C) 2000, 2001  Internet Software Consortium.
   4  *
   5  * Permission to use, copy, modify, and/or distribute this software for any
   6  * purpose with or without fee is hereby granted, provided that the above
   7  * copyright notice and this permission notice appear in all copies.
   8  *
   9  * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
  10  * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
  11  * AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
  12  * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
  13  * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
  14  * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
  15  * PERFORMANCE OF THIS SOFTWARE.
  16  */
  17
  18 /* $Id: sortlist.c,v 1.17 2007/09/14 01:46:05 marka Exp $ */
  19
  20 /*! \file */
  21
  22 #include <config.h>
  23
  24 #include <isc/mem.h>
  25 #include <isc/util.h>
  26
  27 #include <dns/acl.h>
  28 #include <dns/result.h>
  29
  30 #include <named/globals.h>
  31 #include <named/server.h>
  32 #include <named/sortlist.h>
  33
  34 ns_sortlisttype_t
  35 ns_sortlist_setup(dns_acl_t *acl, isc_netaddr_t *clientaddr,
  36                   const void **argp)
  37 {
  38         unsigned int i;
  39
  40         if (acl == NULL)
  41                 goto dont_sort;
  42
  43         for (i = 0; i < acl->length; i++) {
  44                 /*
  45                  * 'e' refers to the current 'top level statement'
  46                  * in the sortlist (see ARM).
  47                  */
  48                 dns_aclelement_t *e = &acl->elements[i];
  49                 dns_aclelement_t *try_elt;
  50                 dns_aclelement_t *order_elt = NULL;
  51                 const dns_aclelement_t *matched_elt = NULL;
  52
  53                 if (e->type == dns_aclelementtype_nestedacl) {
  54                         dns_acl_t *inner = e->nestedacl;
  55
  56                         if (inner->length == 0)
  57                                 try_elt = e;
  58                         else if (inner->length > 2)
  59                                 goto dont_sort;
  60                         else if (inner->elements[0].negative)
  61                                 goto dont_sort;
  62                         else {
  63                                 try_elt = &inner->elements[0];
  64                                 if (inner->length == 2)
  65                                         order_elt = &inner->elements[1];
  66                         }
  67                 } else {
  68                         /*
  69                          * BIND 8 allows bare elements at the top level
  70                          * as an undocumented feature.
  71                          */
  72                         try_elt = e;
  73                 }
  74
  75                 if (dns_aclelement_match(clientaddr, NULL, try_elt,
  76                                          &ns_g_server->aclenv,
  77                                          &matched_elt)) {
  78                         if (order_elt != NULL) {
  79                                 if (order_elt->type ==
  80                                     dns_aclelementtype_nestedacl) {
  81                                         *argp = order_elt->nestedacl;
  82                                         return (NS_SORTLISTTYPE_2ELEMENT);
  83                                 } else if (order_elt->type ==
  84                                            dns_aclelementtype_localhost &&
  85                                            ns_g_server->aclenv.localhost != NULL) {
  86                                         *argp = ns_g_server->aclenv.localhost;
  87                                         return (NS_SORTLISTTYPE_2ELEMENT);
  88                                 } else if (order_elt->type ==
  89                                            dns_aclelementtype_localnets &&
  90                                            ns_g_server->aclenv.localnets != NULL) {
  91                                         *argp = ns_g_server->aclenv.localnets;
  92                                         return (NS_SORTLISTTYPE_2ELEMENT);
  93                                 } else {
  94                                         /*
  95                                          * BIND 8 allows a bare IP prefix as
  96                                          * the 2nd element of a 2-element
  97                                          * sortlist statement.
  98                                          */
  99                                         *argp = order_elt;
 100                                         return (NS_SORTLISTTYPE_1ELEMENT);
 101                                 }
 102                         } else {
 103                                 INSIST(matched_elt != NULL);
 104                                 *argp = matched_elt;
 105                                 return (NS_SORTLISTTYPE_1ELEMENT);
 106                         }
 107                 }
 108         }
 109
 110         /* No match; don't sort. */
 111  dont_sort:
 112         *argp = NULL;
 113         return (NS_SORTLISTTYPE_NONE);
 114 }
 115
 116 int
 117 ns_sortlist_addrorder2(const isc_netaddr_t *addr, const void *arg) {
 118         const dns_acl_t *sortacl = (const dns_acl_t *) arg;
 119         int match;
 120
 121         (void)dns_acl_match(addr, NULL, sortacl,
 122                             &ns_g_server->aclenv,
 123                             &match, NULL);
 124         if (match > 0)
 125                 return (match);
 126         else if (match < 0)
 127                 return (INT_MAX - (-match));
 128         else
 129                 return (INT_MAX / 2);
 130 }
 131
 132 int
 133 ns_sortlist_addrorder1(const isc_netaddr_t *addr, const void *arg) {
 134         const dns_aclelement_t *matchelt = (const dns_aclelement_t *) arg;
 135         if (dns_aclelement_match(addr, NULL, matchelt,
 136                                  &ns_g_server->aclenv,
 137                                  NULL)) {
 138                 return (0);
 139         } else {
 140                 return (INT_MAX);
 141         }
 142 }
 143
 144 void
 145 ns_sortlist_byaddrsetup(dns_acl_t *sortlist_acl, isc_netaddr_t *client_addr,
 146                        dns_addressorderfunc_t *orderp,
 147                        const void **argp)
 148 {
 149         ns_sortlisttype_t sortlisttype;
 150
 151         sortlisttype = ns_sortlist_setup(sortlist_acl, client_addr, argp);
 152
 153         switch (sortlisttype) {
 154         case NS_SORTLISTTYPE_1ELEMENT:
 155                 *orderp = ns_sortlist_addrorder1;
 156                 break;
 157         case NS_SORTLISTTYPE_2ELEMENT:
 158                 *orderp = ns_sortlist_addrorder2;
 159                 break;
 160         case NS_SORTLISTTYPE_NONE:
 161                 *orderp = NULL;
 162                 break;
 163         default:
 164                 UNEXPECTED_ERROR(__FILE__, __LINE__,
 165                                  "unexpected return from ns_sortlist_setup(): "
 166                                  "%d", sortlisttype);
 167                 break;
 168         }
 169 }
 170