X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~mdw/git/preload-hacks/blobdiff_plain/2906706dbaeb4eb4142f928d1ead0812461f2e78..a6d9626bd8b7689ec679e0cdedef48be795dfd9e:/noip.c diff --git a/noip.c b/noip.c index 735a58a..2f7fd14 100644 --- a/noip.c +++ b/noip.c @@ -533,60 +533,65 @@ static void parse_acl_line(char **pp, aclnode ***tail) char *p = *pp; char *q; - SKIPSPC; - if (*p == '+') act = ALLOW; - else if (*p == '-') act = DENY; - else goto bad; + for (;;) { + SKIPSPC; + if (*p == '+') act = ALLOW; + else if (*p == '-') act = DENY; + else goto bad; - p++; - SKIPSPC; - if (KWMATCHP("any")) { - minaddr = 0; - maxaddr = 0xffffffff; - goto justone; - } else if (KWMATCHP("local")) { - parse_ports(&p, &minport, &maxport); - ACLNODE(*tail, act, 0, 0, minport, maxport); - ACLNODE(*tail, act, 0xffffffff, 0xffffffff, minport, maxport); - for (i = 0; i < n_local_ipaddrs; i++) { - minaddr = ntohl(local_ipaddrs[i].s_addr); - ACLNODE(*tail, act, minaddr, minaddr, minport, maxport); - } - } else { - if (*p == ':') { + p++; + SKIPSPC; + if (KWMATCHP("any")) { minaddr = 0; maxaddr = 0xffffffff; + goto justone; + } else if (KWMATCHP("local")) { + parse_ports(&p, &minport, &maxport); + ACLNODE(*tail, act, 0, 0, minport, maxport); + ACLNODE(*tail, act, 0xffffffff, 0xffffffff, minport, maxport); + for (i = 0; i < n_local_ipaddrs; i++) { + minaddr = ntohl(local_ipaddrs[i].s_addr); + ACLNODE(*tail, act, minaddr, minaddr, minport, maxport); + } } else { - NEXTADDR(q, del); - if (inet_pton(AF_INET, q, &addr) <= 0) goto bad; - minaddr = ntohl(addr.s_addr); - RESCAN(del); - SKIPSPC; - if (*p == '-') { - p++; + if (*p == ':') { + minaddr = 0; + maxaddr = 0xffffffff; + } else { NEXTADDR(q, del); if (inet_pton(AF_INET, q, &addr) <= 0) goto bad; + minaddr = ntohl(addr.s_addr); RESCAN(del); - maxaddr = ntohl(addr.s_addr); - } else if (*p == '/') { - p++; - NEXTADDR(q, del); - if (strchr(q, '.')) { + SKIPSPC; + if (*p == '-') { + p++; + NEXTADDR(q, del); if (inet_pton(AF_INET, q, &addr) <= 0) goto bad; - mask = ntohl(addr.s_addr); - } else { - n = atoi(q); - mask = (~0ul << (32 - n)) & 0xffffffff; - } - RESCAN(del); - minaddr &= mask; - maxaddr = minaddr | (mask ^ 0xffffffff); - } else - maxaddr = minaddr; + RESCAN(del); + maxaddr = ntohl(addr.s_addr); + } else if (*p == '/') { + p++; + NEXTADDR(q, del); + if (strchr(q, '.')) { + if (inet_pton(AF_INET, q, &addr) <= 0) goto bad; + mask = ntohl(addr.s_addr); + } else { + n = atoi(q); + mask = (~0ul << (32 - n)) & 0xffffffff; + } + RESCAN(del); + minaddr &= mask; + maxaddr = minaddr | (mask ^ 0xffffffff); + } else + maxaddr = minaddr; + } + justone: + parse_ports(&p, &minport, &maxport); + ACLNODE(*tail, act, minaddr, maxaddr, minport, maxport); } - justone: - parse_ports(&p, &minport, &maxport); - ACLNODE(*tail, act, minaddr, maxaddr, minport, maxport); + SKIPSPC; + if (*p != ',') break; + p++; } return; @@ -595,6 +600,17 @@ bad: return; } +static void parse_acl_env(const char *var, aclnode ***tail) +{ + char *p; + + if ((p = getenv(var)) != 0) { + p = xstrdup(p); + parse_acl_line(&p, tail); + free(p); + } +} + static void readconfig(void) { FILE *fp; @@ -608,6 +624,8 @@ static void readconfig(void) if ((fp = fopen(p, "r")) == 0) goto done; + parse_acl_env("NOIP_REALBIND_BEFORE", &bind_tail); + parse_acl_env("NOIP_REALCONNECT_BEFORE", &connect_tail); while (fgets(buf, sizeof(buf), fp)) { n = strlen(buf); p = buf; @@ -633,8 +651,13 @@ static void readconfig(void) fclose(fp); done: + parse_acl_env("NOIP_REALBIND", &bind_tail); + parse_acl_env("NOIP_REALCONNECT", &connect_tail); + parse_acl_env("NOIP_REALBIND_AFTER", &bind_tail); + parse_acl_env("NOIP_REALCONNECT_AFTER", &connect_tail); *bind_tail = 0; *connect_tail = 0; + if (!sockdir) sockdir = getenv("NOIP_SOCKETDIR"); if (!sockdir) { snprintf(buf, sizeof(buf), "%s/noip-%s", tmpdir(), user()); sockdir = xstrdup(buf);