contrib/bind9/bin/named/sortlist.c

   1 /*
   2  * Copyright (C) 2004-2006  Internet Systems Consortium, Inc. ("ISC")
   3  * Copyright (C) 2000, 2001  Internet Software Consortium.
   4  *
   5  * Permission to use, copy, modify, and distribute this software for any
   6  * purpose with or without fee is hereby granted, provided that the above
   7  * copyright notice and this permission notice appear in all copies.
   8  *
   9  * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
  10  * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
  11  * AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
  12  * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
  13  * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
  14  * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
  15  * PERFORMANCE OF THIS SOFTWARE.
  16  */
  17
  18 /* $Id: sortlist.c,v 1.9.18.4 2006/03/02 00:37:21 marka Exp $ */
  19
  20 /*! \file */
  21
  22 #include <config.h>
  23
  24 #include <isc/mem.h>
  25 #include <isc/util.h>
  26
  27 #include <dns/acl.h>
  28 #include <dns/result.h>
  29
  30 #include <named/globals.h>
  31 #include <named/server.h>
  32 #include <named/sortlist.h>
  33
  34 ns_sortlisttype_t
  35 ns_sortlist_setup(dns_acl_t *acl, isc_netaddr_t *clientaddr,
  36                   const void **argp)
  37 {
  38         unsigned int i;
  39
  40         if (acl == NULL)
  41                 goto dont_sort;
  42
  43         for (i = 0; i < acl->length; i++) {
  44                 /*
  45                  * 'e' refers to the current 'top level statement'
  46                  * in the sortlist (see ARM).
  47                  */
  48                 dns_aclelement_t *e = &acl->elements[i];
  49                 dns_aclelement_t *try_elt;
  50                 dns_aclelement_t *order_elt = NULL;
  51                 const dns_aclelement_t *matched_elt = NULL;
  52
  53                 if (e->type == dns_aclelementtype_nestedacl) {
  54                         dns_acl_t *inner = e->u.nestedacl;
  55
  56                         if (inner->length < 1 || inner->length > 2)
  57                                 goto dont_sort;
  58                         if (inner->elements[0].negative)
  59                                 goto dont_sort;
  60                         try_elt = &inner->elements[0];
  61                         if (inner->length == 2)
  62                                 order_elt = &inner->elements[1];
  63                 } else {
  64                         /*
  65                          * BIND 8 allows bare elements at the top level
  66                          * as an undocumented feature.
  67                          */
  68                         try_elt = e;
  69                 }
  70
  71                 if (dns_aclelement_match(clientaddr, NULL, try_elt,
  72                                          &ns_g_server->aclenv,
  73                                          &matched_elt)) {
  74                         if (order_elt != NULL) {
  75                                 if (order_elt->type ==
  76                                     dns_aclelementtype_nestedacl) {
  77                                         *argp = order_elt->u.nestedacl;
  78                                         return (NS_SORTLISTTYPE_2ELEMENT);
  79                                 } else if (order_elt->type ==
  80                                            dns_aclelementtype_localhost &&
  81                                            ns_g_server->aclenv.localhost != NULL) {
  82                                         *argp = ns_g_server->aclenv.localhost;
  83                                         return (NS_SORTLISTTYPE_2ELEMENT);
  84                                 } else if (order_elt->type ==
  85                                            dns_aclelementtype_localnets &&
  86                                            ns_g_server->aclenv.localnets != NULL) {
  87                                         *argp = ns_g_server->aclenv.localnets;
  88                                         return (NS_SORTLISTTYPE_2ELEMENT);
  89                                 } else {
  90                                         /*
  91                                          * BIND 8 allows a bare IP prefix as
  92                                          * the 2nd element of a 2-element
  93                                          * sortlist statement.
  94                                          */
  95                                         *argp = order_elt;
  96                                         return (NS_SORTLISTTYPE_1ELEMENT);
  97                                 }
  98                         } else {
  99                                 INSIST(matched_elt != NULL);
 100                                 *argp = matched_elt;
 101                                 return (NS_SORTLISTTYPE_1ELEMENT);
 102                         }
 103                 }
 104         }
 105
 106         /* No match; don't sort. */
 107  dont_sort:
 108         *argp = NULL;
 109         return (NS_SORTLISTTYPE_NONE);
 110 }
 111
 112 int
 113 ns_sortlist_addrorder2(const isc_netaddr_t *addr, const void *arg) {
 114         const dns_acl_t *sortacl = (const dns_acl_t *) arg;
 115         int match;
 116
 117         (void)dns_acl_match(addr, NULL, sortacl,
 118                             &ns_g_server->aclenv,
 119                             &match, NULL);
 120         if (match > 0)
 121                 return (match);
 122         else if (match < 0)
 123                 return (INT_MAX - (-match));
 124         else
 125                 return (INT_MAX / 2);
 126 }
 127
 128 int
 129 ns_sortlist_addrorder1(const isc_netaddr_t *addr, const void *arg) {
 130         const dns_aclelement_t *matchelt = (const dns_aclelement_t *) arg;
 131         if (dns_aclelement_match(addr, NULL, matchelt,
 132                                  &ns_g_server->aclenv,
 133                                  NULL)) {
 134                 return (0);
 135         } else {
 136                 return (INT_MAX);
 137         }
 138 }
 139
 140 void
 141 ns_sortlist_byaddrsetup(dns_acl_t *sortlist_acl, isc_netaddr_t *client_addr,
 142                        dns_addressorderfunc_t *orderp,
 143                        const void **argp)
 144 {
 145         ns_sortlisttype_t sortlisttype;
 146
 147         sortlisttype = ns_sortlist_setup(sortlist_acl, client_addr, argp);
 148
 149         switch (sortlisttype) {
 150         case NS_SORTLISTTYPE_1ELEMENT:
 151                 *orderp = ns_sortlist_addrorder1;
 152                 break;
 153         case NS_SORTLISTTYPE_2ELEMENT:
 154                 *orderp = ns_sortlist_addrorder2;
 155                 break;
 156         case NS_SORTLISTTYPE_NONE:
 157                 *orderp = NULL;
 158                 break;
 159         default:
 160                 UNEXPECTED_ERROR(__FILE__, __LINE__,
 161                                  "unexpected return from ns_sortlist_setup(): "
 162                                  "%d", sortlisttype);
 163                 break;
 164         }
 165 }
 166