xref: /minix3/external/bsd/bind/dist/bin/named/sortlist.c (revision 00b67f09dd46474d133c95011a48590a8e8f94c7) 
1 /*	$NetBSD: sortlist.c,v 1.4 2014/12/10 04:37:52 christos Exp $	*/
2 
3 /*
4  * Copyright (C) 2004-2007  Internet Systems Consortium, Inc. ("ISC")
5  * Copyright (C) 2000, 2001  Internet Software Consortium.
6  *
7  * Permission to use, copy, modify, and/or distribute this software for any
8  * purpose with or without fee is hereby granted, provided that the above
9  * copyright notice and this permission notice appear in all copies.
10  *
11  * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
12  * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
13  * AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
14  * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
15  * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
16  * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
17  * PERFORMANCE OF THIS SOFTWARE.
18  */
19 
20 /* Id: sortlist.c,v 1.17 2007/09/14 01:46:05 marka Exp  */
21 
22 /*! \file */
23 
24 #include <config.h>
25 
26 #include <isc/mem.h>
27 #include <isc/util.h>
28 
29 #include <dns/acl.h>
30 #include <dns/result.h>
31 
32 #include <named/globals.h>
33 #include <named/server.h>
34 #include <named/sortlist.h>
35 
36 ns_sortlisttype_t
ns_sortlist_setup(dns_acl_t * acl,isc_netaddr_t * clientaddr,const void ** argp)37 ns_sortlist_setup(dns_acl_t *acl, isc_netaddr_t *clientaddr,
38 		  const void **argp)
39 {
40 	unsigned int i;
41 
42 	if (acl == NULL)
43 		goto dont_sort;
44 
45 	for (i = 0; i < acl->length; i++) {
46 		/*
47 		 * 'e' refers to the current 'top level statement'
48 		 * in the sortlist (see ARM).
49 		 */
50 		dns_aclelement_t *e = &acl->elements[i];
51 		dns_aclelement_t *try_elt;
52 		dns_aclelement_t *order_elt = NULL;
53 		const dns_aclelement_t *matched_elt = NULL;
54 
55 		if (e->type == dns_aclelementtype_nestedacl) {
56 			dns_acl_t *inner = e->nestedacl;
57 
58 			if (inner->length == 0)
59 				try_elt = e;
60 			else if (inner->length > 2)
61 				goto dont_sort;
62 			else if (inner->elements[0].negative)
63 				goto dont_sort;
64 			else {
65 				try_elt = &inner->elements[0];
66 				if (inner->length == 2)
67 					order_elt = &inner->elements[1];
68 			}
69 		} else {
70 			/*
71 			 * BIND 8 allows bare elements at the top level
72 			 * as an undocumented feature.
73 			 */
74 			try_elt = e;
75 		}
76 
77 		if (dns_aclelement_match(clientaddr, NULL, try_elt,
78 					 &ns_g_server->aclenv,
79 					 &matched_elt)) {
80 			if (order_elt != NULL) {
81 				if (order_elt->type ==
82 				    dns_aclelementtype_nestedacl) {
83 					*argp = order_elt->nestedacl;
84 					return (NS_SORTLISTTYPE_2ELEMENT);
85 				} else if (order_elt->type ==
86 					   dns_aclelementtype_localhost &&
87 					   ns_g_server->aclenv.localhost != NULL) {
88 					*argp = ns_g_server->aclenv.localhost;
89 					return (NS_SORTLISTTYPE_2ELEMENT);
90 				} else if (order_elt->type ==
91 					   dns_aclelementtype_localnets &&
92 					   ns_g_server->aclenv.localnets != NULL) {
93 					*argp = ns_g_server->aclenv.localnets;
94 					return (NS_SORTLISTTYPE_2ELEMENT);
95 				} else {
96 					/*
97 					 * BIND 8 allows a bare IP prefix as
98 					 * the 2nd element of a 2-element
99 					 * sortlist statement.
100 					 */
101 					*argp = order_elt;
102 					return (NS_SORTLISTTYPE_1ELEMENT);
103 				}
104 			} else {
105 				INSIST(matched_elt != NULL);
106 				*argp = matched_elt;
107 				return (NS_SORTLISTTYPE_1ELEMENT);
108 			}
109 		}
110 	}
111 
112 	/* No match; don't sort. */
113  dont_sort:
114 	*argp = NULL;
115 	return (NS_SORTLISTTYPE_NONE);
116 }
117 
118 int
ns_sortlist_addrorder2(const isc_netaddr_t * addr,const void * arg)119 ns_sortlist_addrorder2(const isc_netaddr_t *addr, const void *arg) {
120 	const dns_acl_t *sortacl = (const dns_acl_t *) arg;
121 	int match;
122 
123 	(void)dns_acl_match(addr, NULL, sortacl,
124 			    &ns_g_server->aclenv,
125 			    &match, NULL);
126 	if (match > 0)
127 		return (match);
128 	else if (match < 0)
129 		return (INT_MAX - (-match));
130 	else
131 		return (INT_MAX / 2);
132 }
133 
134 int
ns_sortlist_addrorder1(const isc_netaddr_t * addr,const void * arg)135 ns_sortlist_addrorder1(const isc_netaddr_t *addr, const void *arg) {
136 	const dns_aclelement_t *matchelt = (const dns_aclelement_t *) arg;
137 	if (dns_aclelement_match(addr, NULL, matchelt,
138 				 &ns_g_server->aclenv,
139 				 NULL)) {
140 		return (0);
141 	} else {
142 		return (INT_MAX);
143 	}
144 }
145 
146 void
ns_sortlist_byaddrsetup(dns_acl_t * sortlist_acl,isc_netaddr_t * client_addr,dns_addressorderfunc_t * orderp,const void ** argp)147 ns_sortlist_byaddrsetup(dns_acl_t *sortlist_acl, isc_netaddr_t *client_addr,
148 		       dns_addressorderfunc_t *orderp,
149 		       const void **argp)
150 {
151 	ns_sortlisttype_t sortlisttype;
152 
153 	sortlisttype = ns_sortlist_setup(sortlist_acl, client_addr, argp);
154 
155 	switch (sortlisttype) {
156 	case NS_SORTLISTTYPE_1ELEMENT:
157 		*orderp = ns_sortlist_addrorder1;
158 		break;
159 	case NS_SORTLISTTYPE_2ELEMENT:
160 		*orderp = ns_sortlist_addrorder2;
161 		break;
162 	case NS_SORTLISTTYPE_NONE:
163 		*orderp = NULL;
164 		break;
165 	default:
166 		UNEXPECTED_ERROR(__FILE__, __LINE__,
167 				 "unexpected return from ns_sortlist_setup(): "
168 				 "%d", sortlisttype);
169 		break;
170 	}
171 }
172 
173