mirror of
https://github.com/ntop/n2n.git
synced 2024-09-20 00:51:10 +02:00
freed reg exp on exit, counted reg exp, warned on empty community list file, returned early from packet handling on non-matching reg exp
This commit is contained in:
parent
8ac86635e1
commit
dece8d787e
13
src/sn.c
13
src/sn.c
|
@ -30,8 +30,9 @@ static int load_allowed_sn_community(n2n_sn_t *sss, char *path) {
|
|||
char buffer[4096], *line;
|
||||
FILE *fd = fopen(path, "r");
|
||||
struct sn_community *s, *tmp;
|
||||
struct sn_community_regular_expression *re, *tmp_re;
|
||||
uint32_t num_communities = 0;
|
||||
struct sn_community_regular_expression *re, *tmp_re;
|
||||
uint32_t num_regex = 0;
|
||||
|
||||
if(fd == NULL) {
|
||||
traceEvent(TRACE_WARNING, "File %s not found", path);
|
||||
|
@ -72,6 +73,7 @@ static int load_allowed_sn_community(n2n_sn_t *sss, char *path) {
|
|||
if (re) {
|
||||
re->rule = re_compile(line);
|
||||
HASH_ADD_PTR(sss->rules, rule, re);
|
||||
num_regex++;
|
||||
traceEvent(TRACE_INFO, "Added regular expression for allowed communities '%s'", line);
|
||||
continue;
|
||||
}
|
||||
|
@ -98,9 +100,18 @@ static int load_allowed_sn_community(n2n_sn_t *sss, char *path) {
|
|||
|
||||
fclose(fd);
|
||||
|
||||
if (num_regex>0 || num_communities>0 )
|
||||
{
|
||||
traceEvent(TRACE_WARNING, "File %s does not contain any valid community names or regular expressions", path);
|
||||
return -1;
|
||||
}
|
||||
|
||||
traceEvent(TRACE_NORMAL, "Loaded %u fixed-name communities from %s",
|
||||
num_communities, path);
|
||||
|
||||
traceEvent(TRACE_NORMAL, "Loaded %u regular expressions for community name matching from %s",
|
||||
num_regex, path);
|
||||
|
||||
/* No new communities will be allowed */
|
||||
sss->lock_communities = 1;
|
||||
|
||||
|
|
|
@ -228,6 +228,7 @@ int sn_init(n2n_sn_t *sss)
|
|||
void sn_term(n2n_sn_t *sss)
|
||||
{
|
||||
struct sn_community *community, *tmp;
|
||||
struct sn_community_regular_expression *re, *tmp_re;
|
||||
|
||||
if (sss->sock >= 0)
|
||||
{
|
||||
|
@ -249,6 +250,11 @@ void sn_term(n2n_sn_t *sss)
|
|||
HASH_DEL(sss->communities, community);
|
||||
free(community);
|
||||
}
|
||||
|
||||
HASH_ITER(hh, sss->rules, re, tmp_re) {
|
||||
HASH_DEL(sss->rules, re);
|
||||
free(re);
|
||||
}
|
||||
}
|
||||
|
||||
/** Determine the appropriate lifetime for new registrations.
|
||||
|
@ -816,7 +822,7 @@ static int process_udp(n2n_sn_t * sss,
|
|||
existance (better from the security standpoint)
|
||||
*/
|
||||
|
||||
if (!comm && sss->lock_communities) {
|
||||
if(!comm && sss->lock_communities) {
|
||||
HASH_ITER(hh, sss->rules, re, tmp_re) {
|
||||
allowed_match = re_matchp(re->rule, cmn.community, &match_length);
|
||||
|
||||
|
@ -828,6 +834,11 @@ static int process_udp(n2n_sn_t * sss,
|
|||
}
|
||||
}
|
||||
}
|
||||
if(match != 1) {
|
||||
traceEvent(TRACE_INFO, "Discarded registration: unallowed community '%s'",
|
||||
(char*)cmn.community);
|
||||
return -1;
|
||||
}
|
||||
|
||||
if(!comm && (!sss->lock_communities || (match == 1))) {
|
||||
comm = calloc(1, sizeof(struct sn_community));
|
||||
|
|
Loading…
Reference in New Issue
Block a user