From: Emeric Brun Date: Wed, 17 Oct 2012 11:38:19 +0000 (+0200) Subject: MINOR: acl: add parse and match primitives to use binary type on ACLs X-Git-Tag: v1.5-dev13~128 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=07ca496ea9b2f7916da8d944b652ee9dc22bda95;p=thirdparty%2Fhaproxy.git MINOR: acl: add parse and match primitives to use binary type on ACLs Binary ACL match patterns can now be entered as hex digit strings. --- diff --git a/include/proto/acl.h b/include/proto/acl.h index d514076e23..38ad604e34 100644 --- a/include/proto/acl.h +++ b/include/proto/acl.h @@ -138,6 +138,9 @@ int acl_parse_nothing(const char **text, struct acl_pattern *pattern, int *opaqu /* NB: For two strings to be identical, it is required that their lengths match */ int acl_match_str(struct sample *smp, struct acl_pattern *pattern); +/* NB: For two binary buffers to be identical, it is required that their lengths match */ +int acl_match_bin(struct sample *smp, struct acl_pattern *pattern); + /* Checks that the length of the pattern in is included between min and max */ int acl_match_len(struct sample *smp, struct acl_pattern *pattern); @@ -158,6 +161,9 @@ int acl_parse_range(const char **text, struct acl_pattern *pattern, int *opaque, /* Parse a string. It is allocated and duplicated. */ int acl_parse_str(const char **text, struct acl_pattern *pattern, int *opaque, char **err); +/* Parse a hexa binary definition. It is allocated and duplicated. */ +int acl_parse_bin(const char **text, struct acl_pattern *pattern, int *opaque, char **err); + /* Parse and concatenate strings into one. It is allocated and duplicated. */ int acl_parse_strcat(const char **text, struct acl_pattern *pattern, int *opaque, char **err); diff --git a/src/acl.c b/src/acl.c index f220394d96..d0ea731d28 100644 --- a/src/acl.c +++ b/src/acl.c @@ -492,6 +492,17 @@ int acl_match_str(struct sample *smp, struct acl_pattern *pattern) return ACL_PAT_FAIL; } +/* NB: For two binaries buf to be identical, it is required that their lengths match */ +int acl_match_bin(struct sample *smp, struct acl_pattern *pattern) +{ + if (pattern->len != smp->data.str.len) + return ACL_PAT_FAIL; + + if (memcmp(pattern->ptr.str, smp->data.str.str, smp->data.str.len) == 0) + return ACL_PAT_PASS; + return ACL_PAT_FAIL; +} + /* Lookup a string in the expression's pattern tree. The node is returned if it * exists, otherwise NULL. */ @@ -823,6 +834,43 @@ int acl_parse_str(const char **text, struct acl_pattern *pattern, int *opaque, c return 1; } +/* Parse a binary written in hexa. It is allocated. */ +int acl_parse_bin(const char **text, struct acl_pattern *pattern, int *opaque, char **err) +{ + int len; + const char *p = *text; + int i,j; + + len = strlen(p); + if (len%2) { + memprintf(err, "an even number of hex digit is expected"); + return 0; + } + + pattern->type = SMP_T_CBIN; + pattern->len = len >> 1; + pattern->ptr.str = malloc(pattern->len); + if (!pattern->ptr.str) { + memprintf(err, "out of memory while loading string pattern"); + return 0; + } + + i = j = 0; + while (j < pattern->len) { + if (!ishex(p[i++])) + goto bad_input; + if (!ishex(p[i++])) + goto bad_input; + pattern->ptr.str[j++] = (hex2i(p[i-2]) << 4) + hex2i(p[i-1]); + } + return 1; + +bad_input: + memprintf(err, "an hex digit is expected (found '%c')", p[i-1]); + free(pattern->ptr.str); + return 0; +} + /* Parse and concatenate all further strings into one. */ int acl_parse_strcat(const char **text, struct acl_pattern *pattern, int *opaque, char **err)