kdxcxs
/
n2n
mirror of https://github.com/ntop/n2n.git
1
0
Fork 0
Code Issues Releases Wiki Activity
Browse Source

freed reg exp on exit, counted reg exp, warned on empty community list file, returned early from packet handling on non-matching reg exp

pull/349/head
Logan007 4 years ago
parent
8ac86635e1
commit
dece8d787e
2 changed files with 24 additions and 2 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 13
      src/sn.c
  2. 13
      src/sn_utils.c

13
src/sn.c
View File

@ -30,8 +30,9 @@ static int load_allowed_sn_community(n2n_sn_t *sss, char *path) {
char buffer[4096], *line;
FILE *fd = fopen(path, "r");
struct sn_community *s, *tmp;
struct sn_community_regular_expression *re, *tmp_re;
uint32_t num_communities = 0;
struct sn_community_regular_expression *re, *tmp_re;
uint32_t num_regex = 0;
if(fd == NULL) {
traceEvent(TRACE_WARNING, "File %s not found", path);
@ -72,6 +73,7 @@ static int load_allowed_sn_community(n2n_sn_t *sss, char *path) {
if (re) {
re->rule = re_compile(line);
HASH_ADD_PTR(sss->rules, rule, re);
num_regex++;
traceEvent(TRACE_INFO, "Added regular expression for allowed communities '%s'", line);
continue;
}
@ -98,9 +100,18 @@ static int load_allowed_sn_community(n2n_sn_t *sss, char *path) {
fclose(fd);
if (num_regex>0 || num_communities>0 )
{
traceEvent(TRACE_WARNING, "File %s does not contain any valid community names or regular expressions", path);
return -1;
}
traceEvent(TRACE_NORMAL, "Loaded %u fixed-name communities from %s",
num_communities, path);
traceEvent(TRACE_NORMAL, "Loaded %u regular expressions for community name matching from %s",
num_regex, path);
/* No new communities will be allowed */
sss->lock_communities = 1;

13
src/sn_utils.c
View File

@ -228,6 +228,7 @@ int sn_init(n2n_sn_t *sss)
void sn_term(n2n_sn_t *sss)
{
struct sn_community *community, *tmp;
struct sn_community_regular_expression *re, *tmp_re;
if (sss->sock >= 0)
{
@ -249,6 +250,11 @@ void sn_term(n2n_sn_t *sss)
HASH_DEL(sss->communities, community);
free(community);
}
HASH_ITER(hh, sss->rules, re, tmp_re) {
HASH_DEL(sss->rules, re);
free(re);
}
}
/** Determine the appropriate lifetime for new registrations.
@ -816,7 +822,7 @@ static int process_udp(n2n_sn_t * sss,
existance (better from the security standpoint)
*/
if (!comm && sss->lock_communities) {
if(!comm && sss->lock_communities) {
HASH_ITER(hh, sss->rules, re, tmp_re) {
allowed_match = re_matchp(re->rule, cmn.community, &match_length);
@ -828,6 +834,11 @@ static int process_udp(n2n_sn_t * sss,
}
}
}
if(match != 1) {
traceEvent(TRACE_INFO, "Discarded registration: unallowed community '%s'",
(char*)cmn.community);
return -1;
}
if(!comm && (!sss->lock_communities || (match == 1))) {
comm = calloc(1, sizeof(struct sn_community));

Write Preview
Loading…
Cancel
Save