From a56d61d402c68c3746f5e84be6dbfb949d897db1 Mon Sep 17 00:00:00 2001 From: Martin Mares Date: Thu, 28 Jun 2007 21:06:34 +0200 Subject: [PATCH] Submitd: each access rule can contain multiple addrmasks. --- TODO | 1 - submit/config | 8 +------- submit/submitd.c | 15 ++++++++++++--- submit/submitd.h | 7 ++++++- 4 files changed, 19 insertions(+), 12 deletions(-) diff --git a/TODO b/TODO index cf1a860..2977d02 100644 --- a/TODO +++ b/TODO @@ -20,7 +20,6 @@ New submitter: - Checking of contest time (and per-contestant exceptions) - Keeping history and pruning status files - Remember hashes -- multiple IP ranges per Access rule - contest: override failed check - contest: local history - contest: task status cache diff --git a/submit/config b/submit/config index 02dcc54..9cf54f2 100644 --- a/submit/config +++ b/submit/config @@ -33,7 +33,7 @@ ServerKey certs/server-key.pem # Rules for accepting connections (first matching rule is used) Access { - # IP address range matched by this rule + # IP address ranges matched by this rule IP 127.0.0.1 # Administrator access allowed (does not do anything yet) @@ -48,12 +48,6 @@ Access { Access { IP 195.113.18.125 - Admin 0 - PlainText 0 - MaxConn 2 -} - -Access { IP 10.10.8.0/24 Admin 0 PlainText 0 diff --git a/submit/submitd.c b/submit/submitd.c index e8578f6..4c1415b 100644 --- a/submit/submitd.c +++ b/submit/submitd.c @@ -39,10 +39,18 @@ uns max_request_size; uns max_attachment_size; uns trace_commands; +static struct cf_section ip_node_conf = { + CF_TYPE(struct ip_node), + CF_ITEMS { + CF_USER("IP", PTR_TO(struct ip_node, addrmask), &ip_addrmask_type), + CF_END + } +}; + static struct cf_section access_conf = { CF_TYPE(struct access_rule), CF_ITEMS { - CF_USER("IP", PTR_TO(struct access_rule, addrmask), &ip_addrmask_type), + CF_LIST("IP", PTR_TO(struct access_rule, ip_list), &ip_node_conf), CF_UNS("Admin", PTR_TO(struct access_rule, allow_admin)), CF_UNS("PlainText", PTR_TO(struct access_rule, plain_text)), CF_UNS("MaxConn", PTR_TO(struct access_rule, max_conn)), @@ -105,8 +113,9 @@ static struct access_rule * lookup_rule(u32 ip) { CLIST_FOR_EACH(struct access_rule *, r, access_rules) - if (ip_addrmask_match(&r->addrmask, ip)) - return r; + CLIST_FOR_EACH(struct ip_node *, n, r->ip_list) + if (ip_addrmask_match(&n->addrmask, ip)) + return r; return NULL; } diff --git a/submit/submitd.h b/submit/submitd.h index e3ae41e..5d5eea2 100644 --- a/submit/submitd.h +++ b/submit/submitd.h @@ -14,9 +14,14 @@ #include #include -struct access_rule { +struct ip_node { cnode n; struct ip_addrmask addrmask; +}; + +struct access_rule { + cnode n; + clist ip_list; uns allow_admin; uns plain_text; uns max_conn; -- 2.39.2