client: replace allow/deny parser

Use the new cmdparse function for parsing the (cmd)allow/deny commands
and refactor the code a bit to reduce the number of functions needed for
all the (cmd)allow/deny(all) combinations.

diff --git a/client.c b/client.c
index cc179c651b2cfbf3610a0c9ffa70b42e9f5889ff..4180ac5eedd040c9db952cba0989814ed01843d1 100644 (file)
--- a/client.c
+++ b/client.c
@@ -779,178 +779,21 @@ process_cmd_manual(CMD_Request *msg, const char *line)
 /* ================================================== */
 
 static int
-parse_allow_deny(CMD_Request *msg, char *line)
+process_cmd_allowdeny(CMD_Request *msg, char *line, int cmd, int allcmd)
 {
-  unsigned long a, b, c, d;
-  int n, specified_subnet_bits;
+  int all, subnet_bits;
   IPAddr ip;
-  char *p;
   
-  p = line;
-  if (!*p) {
-    /* blank line - applies to all addresses */
-    ip.family = IPADDR_UNSPEC;
-    UTI_IPHostToNetwork(&ip, &msg->data.allow_deny.ip);
-    msg->data.allow_deny.subnet_bits = htonl(0);
-  } else {
-    char *slashpos;
-    slashpos = strchr(p, '/');
-    if (slashpos) *slashpos = 0;
-    
-    n = 0;
-    if (!UTI_StringToIP(p, &ip) &&
-        (n = sscanf(p, "%lu.%lu.%lu.%lu", &a, &b, &c, &d)) <= 0) {
-
-      /* Try to parse as the name of a machine */
-      if (slashpos || DNS_Name2IPAddress(p, &ip, 1) != DNS_Success) {
-        LOG(LOGS_ERR, "Could not read address");
-        return 0;
-      } else {
-        UTI_IPHostToNetwork(&ip, &msg->data.allow_deny.ip);
-        if (ip.family == IPADDR_INET6)
-          msg->data.allow_deny.subnet_bits = htonl(128);
-        else
-          msg->data.allow_deny.subnet_bits = htonl(32);
-      }        
-    } else {
-      
-      if (n == 0) {
-        if (ip.family == IPADDR_INET6)
-          msg->data.allow_deny.subnet_bits = htonl(128);
-        else
-          msg->data.allow_deny.subnet_bits = htonl(32);
-      } else {
-        ip.family = IPADDR_INET4;
-
-        a &= 0xff;
-        b &= 0xff;
-        c &= 0xff;
-        d &= 0xff;
-        
-        switch (n) {
-          case 1:
-            ip.addr.in4 = htonl((a<<24));
-            msg->data.allow_deny.subnet_bits = htonl(8);
-            break;
-          case 2:
-            ip.addr.in4 = htonl((a<<24) | (b<<16));
-            msg->data.allow_deny.subnet_bits = htonl(16);
-            break;
-          case 3:
-            ip.addr.in4 = htonl((a<<24) | (b<<16) | (c<<8));
-            msg->data.allow_deny.subnet_bits = htonl(24);
-            break;
-          case 4:
-            ip.addr.in4 = htonl((a<<24) | (b<<16) | (c<<8) | d);
-            msg->data.allow_deny.subnet_bits = htonl(32);
-            break;
-          default:
-            assert(0);
-        }
-      }
-
-      UTI_IPHostToNetwork(&ip, &msg->data.allow_deny.ip);
-
-      if (slashpos) {
-        n = sscanf(slashpos+1, "%d", &specified_subnet_bits);
-        if (n == 1) {
-          msg->data.allow_deny.subnet_bits = htonl(specified_subnet_bits);
-        } else {
-          LOG(LOGS_WARN, "Warning: badly formatted subnet size, using %d",
-              (int)ntohl(msg->data.allow_deny.subnet_bits));
-        }
-      } 
-    }
+  if (!CPS_ParseAllowDeny(line, &all, &ip, &subnet_bits)) {
+    LOG(LOGS_ERR, "Could not read address");
+    return 0;
   }
-  return 1;
-}
-
-/* ================================================== */
-
-static int
-process_cmd_allow(CMD_Request *msg, char *line)
-{
-  int status;
-  msg->command = htons(REQ_ALLOW);
-  status = parse_allow_deny(msg, line);
-  return status;
-}
-
-/* ================================================== */
-
-static int
-process_cmd_allowall(CMD_Request *msg, char *line)
-{
-  int status;
-  msg->command = htons(REQ_ALLOWALL);
-  status = parse_allow_deny(msg, line);
-  return status;
-}
-
-/* ================================================== */
-
-static int
-process_cmd_deny(CMD_Request *msg, char *line)
-{
-  int status;
-  msg->command = htons(REQ_DENY);
-  status = parse_allow_deny(msg, line);
-  return status;
-}
-
-/* ================================================== */
-
-static int
-process_cmd_denyall(CMD_Request *msg, char *line)
-{
-  int status;
-  msg->command = htons(REQ_DENYALL);
-  status = parse_allow_deny(msg, line);
-  return status;
-}
-
-/* ================================================== */
-
-static int
-process_cmd_cmdallow(CMD_Request *msg, char *line)
-{
-  int status;
-  msg->command = htons(REQ_CMDALLOW);
-  status = parse_allow_deny(msg, line);
-  return status;
-}
-
-/* ================================================== */
-
-static int
-process_cmd_cmdallowall(CMD_Request *msg, char *line)
-{
-  int status;
-  msg->command = htons(REQ_CMDALLOWALL);
-  status = parse_allow_deny(msg, line);
-  return status;
-}
-
-/* ================================================== */
-
-static int
-process_cmd_cmddeny(CMD_Request *msg, char *line)
-{
-  int status;
-  msg->command = htons(REQ_CMDDENY);
-  status = parse_allow_deny(msg, line);
-  return status;
-}
 
-/* ================================================== */
+  msg->command = htons(all ? allcmd : cmd);
+  UTI_IPHostToNetwork(&ip, &msg->data.allow_deny.ip);
+  msg->data.allow_deny.subnet_bits = htonl(subnet_bits);
 
-static int
-process_cmd_cmddenyall(CMD_Request *msg, char *line)
-{
-  int status;
-  msg->command = htons(REQ_CMDDENYALL);
-  status = parse_allow_deny(msg, line);
-  return status;
+  return 1;
 }
 
 /* ================================================== */
@@ -3232,11 +3075,7 @@ process_line(char *line)
   } else if (!strcmp(command, "add")) {
     do_normal_submit = process_cmd_add_source(&tx_message, line);
   } else if (!strcmp(command, "allow")) {
-    if (!strncmp(line, "all", 3)) {
-      do_normal_submit = process_cmd_allowall(&tx_message, CPS_SplitWord(line));
-    } else {
-      do_normal_submit = process_cmd_allow(&tx_message, line);
-    }
+    do_normal_submit = process_cmd_allowdeny(&tx_message, line, REQ_ALLOW, REQ_ALLOWALL);
   } else if (!strcmp(command, "authdata")) {
     do_normal_submit = 0;
     ret = process_cmd_authdata(line);
@@ -3248,28 +3087,15 @@ process_line(char *line)
   } else if (!strcmp(command, "cmdaccheck")) {
     do_normal_submit = process_cmd_cmdaccheck(&tx_message, line);
   } else if (!strcmp(command, "cmdallow")) {
-    if (!strncmp(line, "all", 3)) {
-      do_normal_submit = process_cmd_cmdallowall(&tx_message, CPS_SplitWord(line));
-    } else {
-      do_normal_submit = process_cmd_cmdallow(&tx_message, line);
-    }
+    do_normal_submit = process_cmd_allowdeny(&tx_message, line, REQ_CMDALLOW, REQ_CMDALLOWALL);
   } else if (!strcmp(command, "cmddeny")) {
-    if (!strncmp(line, "all", 3)) {
-      line = CPS_SplitWord(line);
-      do_normal_submit = process_cmd_cmddenyall(&tx_message, line);
-    } else {
-      do_normal_submit = process_cmd_cmddeny(&tx_message, line);
-    }
+    do_normal_submit = process_cmd_allowdeny(&tx_message, line, REQ_CMDDENY, REQ_CMDDENYALL);
   } else if (!strcmp(command, "cyclelogs")) {
     process_cmd_cyclelogs(&tx_message, line);
   } else if (!strcmp(command, "delete")) {
     do_normal_submit = process_cmd_delete(&tx_message, line);
   } else if (!strcmp(command, "deny")) {
-    if (!strncmp(line, "all", 3)) {
-      do_normal_submit = process_cmd_denyall(&tx_message, CPS_SplitWord(line));
-    } else {
-      do_normal_submit = process_cmd_deny(&tx_message, line);
-    }
+    do_normal_submit = process_cmd_allowdeny(&tx_message, line, REQ_DENY, REQ_DENYALL);
   } else if (!strcmp(command, "dfreq")) {
     do_normal_submit = process_cmd_dfreq(&tx_message, line);
   } else if (!strcmp(command, "dns")) {

diff --git a/test/simulation/110-chronyc b/test/simulation/110-chronyc
index d2f8cfdfb9a39b53e3f24a652ee9570268d3d5db..e95dfa0d2a38cf82003ffa4231a0f56b410c1e2d 100755 (executable)
--- a/test/simulation/110-chronyc
+++ b/test/simulation/110-chronyc
@@ -399,6 +399,10 @@ noclientlog"
 commands=(
        "add server nosuchnode.net1.clk" "^Invalid host/IP address$"
        "allow nosuchnode.net1.clk" "^Could not read address$"
+       "allow 192.168.123.0/2 4" "^Could not read address$"
+       "allow 192.168.123.0/2e" "^Could not read address$"
+       "allow 192.168.12e" "^Could not read address$"
+       "allow 192.168123" "^Could not read address$"
        "allow 192.168.123.2/33" "^507 Bad subnet$"
        "clients" "Hostname.*519 Client logging is not active in the daemon$"
        "delete 192.168.123.2" "^503 No such source$"