You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by ch...@apache.org on 2018/05/01 20:25:25 UTC

[03/10] qpid-dispatch git commit: DISPATCH-976: instantiate and destroy policy parse trees

DISPATCH-976: instantiate and destroy policy parse trees


Project: http://git-wip-us.apache.org/repos/asf/qpid-dispatch/repo
Commit: http://git-wip-us.apache.org/repos/asf/qpid-dispatch/commit/2f35a9f0
Tree: http://git-wip-us.apache.org/repos/asf/qpid-dispatch/tree/2f35a9f0
Diff: http://git-wip-us.apache.org/repos/asf/qpid-dispatch/diff/2f35a9f0

Branch: refs/heads/master
Commit: 2f35a9f00c2d7c19a702bdeedc2041d55a7781b6
Parents: 05440db
Author: Chuck Rolke <cr...@redhat.com>
Authored: Tue May 1 13:58:17 2018 -0400
Committer: Chuck Rolke <cr...@redhat.com>
Committed: Tue May 1 15:58:35 2018 -0400

----------------------------------------------------------------------
 src/policy.c | 59 +++++++++++++++++++++++++++++++++++++++++++++++++++++--
 src/policy.h |  9 +++++++++
 src/server.c | 11 +----------
 3 files changed, 67 insertions(+), 12 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/qpid-dispatch/blob/2f35a9f0/src/policy.c
----------------------------------------------------------------------
diff --git a/src/policy.c b/src/policy.c
index 4ee1930..099295f 100644
--- a/src/policy.c
+++ b/src/policy.c
@@ -21,6 +21,7 @@
 #include "qpid/dispatch/python_embedded.h"
 #include "policy.h"
 #include "policy_internal.h"
+#include "parse_tree.h"
 #include <stdio.h>
 #include <string.h>
 #include "dispatch_private.h"
@@ -240,6 +241,44 @@ void qd_policy_socket_close(qd_policy_t *policy, const qd_connection_t *conn)
 }
 
 
+// C in the CSV string
+static const char* QPALN_COMMA_SEP =",";
+
+//
+// Given a CSV string defining parser tree specs for allowed sender or
+// receiver links, return a parse_tree
+//
+//  @param config_spec CSV string with link name match patterns
+//  @return pointer to parse tree
+//
+qd_parse_tree_t * qd_policy_parse_tree(const char *config_spec)
+{
+    if (!config_spec || strlen(config_spec) == 0)
+        // empty config specs never match so don't even create parse tree
+        return NULL;
+
+    qd_parse_tree_t *tree = qd_parse_tree_new(QD_PARSE_TREE_ADDRESS);
+    if (!tree)
+        return NULL;
+
+    // Add CSV's values to the tree.
+    // Note that tree's pattern is unused. This code uses a dummy '1'.
+    char * dup = strdup(config_spec);
+    char * dupend = dup + strlen(dup);
+    char * pch = dup;
+    while (pch < dupend) {
+        size_t vsize = strcspn(pch, QPALN_COMMA_SEP);
+        if (vsize > 0) {
+            pch[vsize] = '\0';
+            qd_parse_tree_add_pattern_str(tree, pch, (void *)1);
+        }
+        pch += vsize + 1;
+    }
+    free(dup);
+    return tree;
+}
+
+
 //
 // Functions related to authenticated connection denial.
 // An AMQP Open has been received over some connection.
@@ -326,6 +365,8 @@ bool qd_policy_open_lookup_user(
                     settings->targets              = qd_entity_get_string((qd_entity_t*)upolicy, "targets");
                     settings->sourcePattern        = qd_entity_get_string((qd_entity_t*)upolicy, "sourcePattern");
                     settings->targetPattern        = qd_entity_get_string((qd_entity_t*)upolicy, "targetPattern");
+                    settings->sourceParseTree      = qd_policy_parse_tree(settings->sourcePattern);
+                    settings->targetParseTree      = qd_policy_parse_tree(settings->targetPattern);
                     settings->denialCounts         = (qd_policy_denial_counts_t*)
                                                     qd_entity_get_long((qd_entity_t*)upolicy, "denialCounts");
                     Py_XDECREF(result2);
@@ -505,8 +546,6 @@ char * _qd_policy_link_user_name_subst(const char *uname, const char *proposed,
 #define QPALN_SIZE 1024
 // Size of user-name-substituted proposed string.
 #define QPALN_USERBUFSIZE 300
-// C in the CSV string
-#define QPALN_COMMA_SEP ","
 // Wildcard character
 #define QPALN_WILDCARD '*'
 
@@ -530,6 +569,9 @@ bool _qd_policy_approve_link_name(const char *username, const char *allowed, con
     if (a_len > QPALN_SIZE) {
         pa = (char *)malloc(a_len + 1); // malloc a buffer for larger allow lists
     }
+    if (!pa)
+        return false;
+
     strncpy(pa, allowed, a_len);
     pa[a_len] = 0;
     // Do reverse user substitution into proposed
@@ -723,3 +765,16 @@ void qd_policy_amqp_open(qd_connection_t *qd_conn) {
         qd_policy_private_deny_amqp_connection(conn, QD_AMQP_COND_RESOURCE_LIMIT_EXCEEDED, CONNECTION_DISALLOWED);
     }
 }
+
+
+void qd_policy_settings_free(qd_policy_settings_t *settings)
+{
+    if (!settings) return;
+    if (settings->sources)         free(settings->sources);
+    if (settings->targets)         free(settings->targets);
+    if (settings->sourcePattern)   free(settings->sourcePattern);
+    if (settings->targetPattern)   free(settings->targetPattern);
+    if (settings->sourceParseTree) qd_parse_tree_free(settings->sourceParseTree);
+    if (settings->targetParseTree) qd_parse_tree_free(settings->targetParseTree);
+    free (settings);
+}

http://git-wip-us.apache.org/repos/asf/qpid-dispatch/blob/2f35a9f0/src/policy.h
----------------------------------------------------------------------
diff --git a/src/policy.h b/src/policy.h
index 80d50aa..edf11f6 100644
--- a/src/policy.h
+++ b/src/policy.h
@@ -28,6 +28,7 @@
 #include "config.h"
 #include "entity.h"
 #include "entity_cache.h"
+#include "parse_tree.h"
 #include <dlfcn.h>
 
 typedef struct qd_policy_denial_counts_s qd_policy_denial_counts_t;
@@ -54,6 +55,8 @@ struct qd_policy__settings_s {
     char *targets;
     char *sourcePattern;
     char *targetPattern;
+    qd_parse_tree_t *sourceParseTree;
+    qd_parse_tree_t *targetParseTree;
     qd_policy_denial_counts_t *denialCounts;
 };
 
@@ -157,4 +160,10 @@ bool qd_policy_approve_amqp_receiver_link(pn_link_t *pn_link, qd_connection_t *q
  **/
 void qd_policy_amqp_open(qd_connection_t *conn);
 
+/** Dispose of policy settings
+ * 
+ * @param settings the settings to be destroyed
+ */
+void qd_policy_settings_free(qd_policy_settings_t *settings);
+
 #endif

http://git-wip-us.apache.org/repos/asf/qpid-dispatch/blob/2f35a9f0/src/server.c
----------------------------------------------------------------------
diff --git a/src/server.c b/src/server.c
index 2e87a15..cb90510 100644
--- a/src/server.c
+++ b/src/server.c
@@ -804,16 +804,7 @@ static void qd_connection_free(qd_connection_t *ctx)
 
     invoke_deferred_calls(ctx, true);  // Discard any pending deferred calls
     sys_mutex_free(ctx->deferred_call_lock);
-
-    if (ctx->policy_settings) {
-        if (ctx->policy_settings->sources)
-            free(ctx->policy_settings->sources);
-        if (ctx->policy_settings->targets)
-            free(ctx->policy_settings->targets);
-        free (ctx->policy_settings);
-        ctx->policy_settings = 0;
-    }
-
+    qd_policy_settings_free(ctx->policy_settings);
     if (ctx->free_user_id) free((char*)ctx->user_id);
     if (ctx->timer) qd_timer_free(ctx->timer);
     free(ctx->name);


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org