*/
enum ast_acl_sense ast_apply_acl(struct ast_acl_list *acl_list, const struct ast_sockaddr *addr, const char *purpose);
+/*!
+ * \brief Apply a set of rules to a given IP address, don't log failure.
+ *
+ * \details
+ * Exactly like ast_apply_acl, except that it will never log anything.
+ *
+ * \param acl_list The head of the list of ACLs to evaluate
+ * \param addr An ast_sockaddr whose address is considered when matching rules
+ *
+ * \retval AST_SENSE_ALLOW The IP address passes our ACLs
+ * \retval AST_SENSE_DENY The IP address fails our ACLs
+ */
+enum ast_acl_sense ast_apply_acl_nolog(struct ast_acl_list *acl_list, const struct ast_sockaddr *addr);
+
/*!
* \brief Get the IP address given a hostname
*
}
}
-enum ast_acl_sense ast_apply_acl(struct ast_acl_list *acl_list, const struct ast_sockaddr *addr, const char *purpose)
+static enum ast_acl_sense ast_apply_acl_internal(struct ast_acl_list *acl_list, const struct ast_sockaddr *addr, const char *log_prefix)
{
struct ast_acl *acl;
AST_LIST_TRAVERSE(acl_list, acl, list) {
if (acl->is_invalid) {
/* In this case, the baseline ACL shouldn't ever trigger this, but if that somehow happens, it'll still be shown. */
- ast_log(LOG_WARNING, "%sRejecting '%s' due to use of an invalid ACL '%s'.\n", purpose ? purpose : "", ast_sockaddr_stringify_addr(addr),
- ast_strlen_zero(acl->name) ? "(BASELINE)" : acl->name);
+ if (log_prefix) {
+ ast_log(LOG_WARNING, "%sRejecting '%s' due to use of an invalid ACL '%s'.\n",
+ log_prefix, ast_sockaddr_stringify_addr(addr),
+ ast_strlen_zero(acl->name) ? "(BASELINE)" : acl->name);
+ }
AST_LIST_UNLOCK(acl_list);
return AST_SENSE_DENY;
}
if (acl->acl) {
if (ast_apply_ha(acl->acl, addr) == AST_SENSE_DENY) {
- ast_log(LOG_NOTICE, "%sRejecting '%s' due to a failure to pass ACL '%s'\n", purpose ? purpose : "", ast_sockaddr_stringify_addr(addr),
- ast_strlen_zero(acl->name) ? "(BASELINE)" : acl->name);
+ if (log_prefix) {
+ ast_log(LOG_NOTICE, "%sRejecting '%s' due to a failure to pass ACL '%s'\n",
+ log_prefix, ast_sockaddr_stringify_addr(addr),
+ ast_strlen_zero(acl->name) ? "(BASELINE)" : acl->name);
+ }
AST_LIST_UNLOCK(acl_list);
return AST_SENSE_DENY;
}
return AST_SENSE_ALLOW;
}
+
+enum ast_acl_sense ast_apply_acl(struct ast_acl_list *acl_list, const struct ast_sockaddr *addr, const char *purpose) {
+ return ast_apply_acl_internal(acl_list, addr, purpose ?: "");
+}
+
+enum ast_acl_sense ast_apply_acl_nolog(struct ast_acl_list *acl_list, const struct ast_sockaddr *addr) {
+ return ast_apply_acl_internal(acl_list, addr, NULL);
+}
+
enum ast_acl_sense ast_apply_ha(const struct ast_ha *ha, const struct ast_sockaddr *addr)
{
/* Start optimistic */
projects / thirdparty / asterisk.git / commitdiff
