Fixed a crash caused by yadif deinterlacer on Windows XP
[vlc/solaris.git] / src / network / acl.c
blobd2a4518e38ca2ce0f1d3e5322a34397104c0b277
1 /*****************************************************************************
2 * acl.c:
3 *****************************************************************************
4 * Copyright © 2005-2007 Rémi Denis-Courmont
5 * $Id$
7 * Authors: Rémi Denis-Courmont <rem # videolan.org>
9 * This program is free software; you can redistribute it and/or modify it
10 * under the terms of the GNU Lesser General Public License as published by
11 * the Free Software Foundation; either version 2.1 of the License, or
12 * (at your option) any later version.
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU Lesser General Public License for more details.
19 * You should have received a copy of the GNU Lesser General Public License
20 * along with this program; if not, write to the Free Software Foundation,
21 * Inc., 51 Franklin Street, Fifth Floor, Boston MA 02110-1301, USA.
22 *****************************************************************************/
24 /*****************************************************************************
25 * Preamble
26 *****************************************************************************/
27 #ifdef HAVE_CONFIG_H
28 # include "config.h"
29 #endif
31 #include <vlc_common.h>
33 #include <ctype.h>
34 #include <vlc_acl.h>
36 #include <vlc_network.h>
37 #include <vlc_fs.h>
39 /* FIXME: rwlock on acl, but libvlc doesn't implement rwlock */
40 typedef struct vlc_acl_entry_t
42 uint8_t host[17];
43 uint8_t i_bytes_match;
44 uint8_t i_bits_mask;
45 bool b_allow;
46 } vlc_acl_entry_t;
48 struct vlc_acl_t
50 vlc_object_t *p_owner;
51 unsigned i_size;
52 vlc_acl_entry_t *p_entries;
53 bool b_allow_default;
56 static int ACL_Resolve( vlc_object_t *p_this, uint8_t *p_bytes,
57 const char *psz_ip )
59 struct addrinfo hints, *res;
60 int i_family;
62 memset (&hints, 0, sizeof (hints));
63 hints.ai_socktype = SOCK_STREAM; /* doesn't matter */
64 hints.ai_flags = AI_NUMERICHOST;
66 if( vlc_getaddrinfo( p_this, psz_ip, 0, &hints, &res ) )
68 msg_Err( p_this, "invalid IP address %s", psz_ip );
69 return -1;
72 p_bytes[16] = 0; /* avoids overflowing when i_bytes_match = 16 */
74 i_family = res->ai_addr->sa_family;
75 switch( i_family )
77 case AF_INET:
79 struct sockaddr_in *addr;
81 addr = (struct sockaddr_in *)res->ai_addr;
82 memset( p_bytes, 0, 12 );
83 memcpy( p_bytes + 12, &addr->sin_addr, 4 );
84 break;
87 #ifdef AF_INET6
88 case AF_INET6:
90 struct sockaddr_in6 *addr;
92 addr = (struct sockaddr_in6 *)res->ai_addr;
93 memcpy( p_bytes, &addr->sin6_addr, 16 );
94 break;
96 #endif
98 default:
99 msg_Err( p_this, "unknown address family" );
100 freeaddrinfo( res );
101 return -1;
104 freeaddrinfo( res );
105 return i_family;
110 * Check if a given address passes an access control list.
112 * @param p_acl pre-existing ACL to match the address against
113 * @param psz_ip numeric IPv4/IPv6 address
115 * @return 0 if the first matching ACL entry is an access grant,
116 * 1 if the first matching ACL entry is a denial of access,
117 * -1 on error.
119 int ACL_Check( vlc_acl_t *p_acl, const char *psz_ip )
121 const vlc_acl_entry_t *p_cur, *p_end;
122 uint8_t host[17];
124 if( p_acl == NULL )
125 return -1;
127 p_cur = p_acl->p_entries;
128 p_end = p_cur + p_acl->i_size;
130 if( ACL_Resolve( p_acl->p_owner, host, psz_ip ) < 0 )
131 return -1;
133 while (p_cur < p_end)
135 unsigned i;
137 i = p_cur->i_bytes_match;
138 if( (memcmp( p_cur->host, host, i ) == 0)
139 && (((p_cur->host[i] ^ host[i]) & p_cur->i_bits_mask) == 0) )
140 return !p_cur->b_allow;
142 p_cur++;
145 return !p_acl->b_allow_default;
149 * Adds an item to an ACL.
150 * Items are always matched in the same order as they are added.
152 int ACL_AddNet( vlc_acl_t *p_acl, const char *psz_ip, int i_len,
153 bool b_allow )
155 vlc_acl_entry_t *p_ent;
156 unsigned i_size;
157 div_t d;
158 int i_family;
160 i_size = p_acl->i_size;
161 p_ent = (vlc_acl_entry_t *)realloc( p_acl->p_entries,
162 ++p_acl->i_size * sizeof( *p_ent ) );
164 if( p_ent == NULL )
165 return -1;
167 p_acl->p_entries = p_ent;
168 p_ent += i_size;
170 i_family = ACL_Resolve( p_acl->p_owner, p_ent->host, psz_ip );
171 if( i_family < 0 )
174 * I'm lazy : memory space will be re-used in the next ACL_Add call...
175 * or not.
177 p_acl->i_size--;
178 return -1;
181 if( i_len >= 0 )
183 if( i_family == AF_INET )
184 i_len += 96;
186 if( i_len > 128 )
187 i_len = 128;
189 else
190 i_len = 128; /* ACL_AddHost */
192 d = div( i_len, 8 );
193 p_ent->i_bytes_match = d.quot;
194 p_ent->i_bits_mask = 0xff << (8 - d.rem);
196 p_ent->b_allow = b_allow;
197 return 0;
200 #undef ACL_Create
202 * Creates an empty ACL.
204 * @param b_allow whether to grant (true) or deny (false) access
205 * by default (ie if none of the ACL entries matched).
207 * @return an ACL object. NULL in case of error.
209 vlc_acl_t *ACL_Create( vlc_object_t *p_this, bool b_allow )
211 vlc_acl_t *p_acl;
213 p_acl = (vlc_acl_t *)malloc( sizeof( *p_acl ) );
214 if( p_acl == NULL )
215 return NULL;
217 vlc_object_hold( p_this );
218 p_acl->p_owner = p_this;
219 p_acl->i_size = 0;
220 p_acl->p_entries = NULL;
221 p_acl->b_allow_default = b_allow;
223 return p_acl;
226 #undef ACL_Duplicate
228 * Perform a deep copy of an existing ACL.
230 * @param p_this object to attach the copy to.
231 * @param p_acl ACL object to be copied.
233 * @return a new ACL object, or NULL on error.
235 vlc_acl_t *ACL_Duplicate( vlc_object_t *p_this, const vlc_acl_t *p_acl )
237 vlc_acl_t *p_dupacl;
239 if( p_acl == NULL )
240 return NULL;
242 p_dupacl = (vlc_acl_t *)malloc( sizeof( *p_dupacl ) );
243 if( p_dupacl == NULL )
244 return NULL;
246 if( p_acl->i_size )
248 p_dupacl->p_entries = (vlc_acl_entry_t *)
249 malloc( p_acl->i_size * sizeof( vlc_acl_entry_t ) );
251 if( p_dupacl->p_entries == NULL )
253 free( p_dupacl );
254 return NULL;
257 memcpy( p_dupacl->p_entries, p_acl->p_entries,
258 p_acl->i_size * sizeof( vlc_acl_entry_t ) );
260 else
261 p_dupacl->p_entries = NULL;
263 vlc_object_hold( p_this );
264 p_dupacl->p_owner = p_this;
265 p_dupacl->i_size = p_acl->i_size;
266 p_dupacl->b_allow_default = p_acl->b_allow_default;
268 return p_dupacl;
273 * Releases all resources associated with an ACL object.
275 void ACL_Destroy( vlc_acl_t *p_acl )
277 if( p_acl != NULL )
279 free( p_acl->p_entries );
280 vlc_object_release( p_acl->p_owner );
281 free( p_acl );
287 * Reads ACL entries from a file.
289 * @param p_acl ACL object in which to insert parsed entries.
290 * @param psz_patch filename from which to parse entries.
292 * @return 0 on success, -1 on error.
294 int ACL_LoadFile( vlc_acl_t *p_acl, const char *psz_path )
296 FILE *file;
298 if( p_acl == NULL )
299 return -1;
301 file = vlc_fopen( psz_path, "r" );
302 if( file == NULL )
303 return -1;
305 msg_Dbg( p_acl->p_owner, "find .hosts in dir=%s", psz_path );
307 while( !feof( file ) )
309 char line[1024], *psz_ip, *ptr;
311 if( fgets( line, sizeof( line ), file ) == NULL )
313 if( ferror( file ) )
315 msg_Err( p_acl->p_owner, "error reading %s : %m", psz_path );
316 goto error;
318 continue;
321 /* fgets() is cool : never overflow, always nul-terminate */
322 psz_ip = line;
324 /* skips blanks - cannot overflow given '\0' is not space */
325 while( isspace( (unsigned char)*psz_ip ) )
326 psz_ip++;
328 if( *psz_ip == '\0' ) /* empty/blank line */
329 continue;
331 ptr = strchr( psz_ip, '\n' );
332 if( ptr == NULL && !feof(file) )
334 msg_Warn( p_acl->p_owner, "skipping overly long line in %s",
335 psz_path);
338 if( fgets( line, sizeof( line ), file ) == NULL )
340 if( ferror( file ) )
342 msg_Err( p_acl->p_owner, "error reading %s : %m",
343 psz_path );
345 goto error;
348 while( strchr( line, '\n' ) == NULL);
350 continue; /* skip unusable line */
353 /* look for first space, CR, LF, etc. or comment character */
354 for( ptr = psz_ip; ( *ptr!='#' ) && !isspace( (unsigned char)*ptr ) && *ptr; ++ptr );
356 *ptr = '\0';
358 /* skip lines without usable information */
359 if( ptr == psz_ip )
360 continue;
362 msg_Dbg( p_acl->p_owner, "restricted to %s", psz_ip );
364 ptr = strchr( psz_ip, '/' );
365 if( ptr != NULL )
366 *ptr++ = '\0'; /* separate address from mask length */
368 if( (ptr != NULL)
369 ? ACL_AddNet( p_acl, psz_ip, atoi( ptr ), true )
370 : ACL_AddHost( p_acl, psz_ip, true ) )
372 msg_Err( p_acl->p_owner, "cannot add ACL from %s", psz_path );
373 continue;
377 fclose( file );
378 return 0;
380 error:
381 fclose( file );
382 return -1;