diff --git a/src/acl.c b/src/acl.c index 054ed0c..a8d8518 100644 --- a/src/acl.c +++ b/src/acl.c @@ -27,18 +27,18 @@ static int is_included_in_acl(int list_length, struct ip_and_mask (*list)[], uni NULLCHECK( test ); int i; - + for (i=0; i < list_length; i++) { struct ip_and_mask *entry = &(*list)[i]; int testbits; unsigned char *raw_address1, *raw_address2; - + debug("checking acl entry %d (%d/%d)", i, test->generic.sa_family, entry->ip.family); - + if (test->generic.sa_family != entry->ip.family) { continue; } - + if (test->generic.sa_family == AF_INET) { debug("it's an AF_INET"); raw_address1 = (unsigned char*) &test->v4.sin_addr; @@ -49,9 +49,9 @@ static int is_included_in_acl(int list_length, struct ip_and_mask (*list)[], uni raw_address1 = (unsigned char*) &test->v6.sin6_addr; raw_address2 = (unsigned char*) &entry->ip.v6.sin6_addr; } - + debug("testbits=%d", entry->mask); - + for (testbits = entry->mask; testbits > 0; testbits -= 8) { debug("testbits=%d, c1=%02x, c2=%02x", testbits, raw_address1[0], raw_address2[0]); if (testbits >= 8) { @@ -63,17 +63,17 @@ static int is_included_in_acl(int list_length, struct ip_and_mask (*list)[], uni (raw_address2[0] & testmasks[testbits%8]) ) goto no_match; } - + raw_address1++; raw_address2++; } - + return 1; - + no_match: ; debug("no match"); } - + return 0; } @@ -83,7 +83,7 @@ int acl_includes( struct acl * acl, union mysockaddr * addr ) if ( 0 == acl->len ) { return !( acl->default_deny ); - } + } else { return is_included_in_acl( acl->len, acl->entries, addr ); } @@ -97,3 +97,4 @@ void acl_destroy( struct acl * acl ) acl->entries = NULL; free( acl ); } + diff --git a/src/parse.c b/src/parse.c index f856cf4..e2541f6 100644 --- a/src/parse.c +++ b/src/parse.c @@ -12,9 +12,9 @@ int atoi(const char *nptr); int parse_ip_to_sockaddr(struct sockaddr* out, char* src) { char temp[64]; - struct sockaddr_in *v4 = (struct sockaddr_in *) out; + struct sockaddr_in *v4 = (struct sockaddr_in *) out; struct sockaddr_in6 *v6 = (struct sockaddr_in6 *) out; - + /* allow user to start with [ and end with any other invalid char */ { int i=0, j=0; @@ -24,7 +24,7 @@ int parse_ip_to_sockaddr(struct sockaddr* out, char* src) temp[j++] = src[i]; temp[j] = 0; } - + if (temp[0] == '0' && temp[1] == '\0') { v4->sin_family = AF_INET; v4->sin_addr.s_addr = INADDR_ANY; @@ -35,12 +35,12 @@ int parse_ip_to_sockaddr(struct sockaddr* out, char* src) out->sa_family = AF_INET; return 1; } - + if (inet_pton(AF_INET6, temp, &v6->sin6_addr) == 1) { out->sa_family = AF_INET6; return 1; } - + return 0; } @@ -48,7 +48,7 @@ int parse_acl(struct ip_and_mask (**out)[], int max, char **entries) { struct ip_and_mask* list; int i; - + if (max == 0) { *out = NULL; return 0; @@ -82,11 +82,11 @@ int parse_acl(struct ip_and_mask (**out)[], int max, char **entries) # undef MAX_MASK_BITS debug("acl ptr[%d]: %p %d",i, outentry, outentry->mask); } - + for (i=0; i < max; i++) { debug("acl entry %d @ %p has mask %d", i, list[i], list[i].mask); } - + return max; } diff --git a/tests/check_acl.c b/tests/check_acl.c index 996934a..8857894 100644 --- a/tests/check_acl.c +++ b/tests/check_acl.c @@ -58,7 +58,7 @@ START_TEST( test_includes_single_address ) char *lines[] = {"127.0.0.1"}; struct acl * acl = acl_create( 1, lines, 0 ); union mysockaddr x; - + parse_ip_to_sockaddr( &x.generic, "127.0.0.1" ); fail_unless( acl_includes( acl, &x ), "Included address wasn't covered" ); @@ -182,7 +182,8 @@ Suite* acl_suite() TCase *tc_create = tcase_create("create"); TCase *tc_includes = tcase_create("includes"); TCase *tc_destroy = tcase_create("destroy"); - + + tcase_add_test(tc_create, test_null_acl); tcase_add_test(tc_create, test_parses_single_line); tcase_add_test(tc_includes, test_parses_multiple_lines); @@ -206,7 +207,6 @@ Suite* acl_suite() suite_add_tcase(s, tc_includes); suite_add_tcase(s, tc_destroy); - return s; }