Jan Engelhardt | aa37acc | 2011-02-07 04:00:50 +0100 | [diff] [blame] | 1 | /* |
| 2 | * Argument parser |
| 3 | * Copyright © Jan Engelhardt, 2011 |
| 4 | * |
| 5 | * This program is free software; you can redistribute it and/or |
| 6 | * modify it under the terms of the GNU General Public License as |
| 7 | * published by the Free Software Foundation; either version 2 of |
| 8 | * the License, or (at your option) any later version. |
| 9 | */ |
Jan Engelhardt | 2e0ec4f | 2011-03-06 16:24:43 +0100 | [diff] [blame] | 10 | #include <ctype.h> |
Jan Engelhardt | aa37acc | 2011-02-07 04:00:50 +0100 | [diff] [blame] | 11 | #include <errno.h> |
| 12 | #include <getopt.h> |
| 13 | #include <limits.h> |
| 14 | #include <netdb.h> |
| 15 | #include <stdbool.h> |
| 16 | #include <stdint.h> |
| 17 | #include <stdio.h> |
| 18 | #include <stdlib.h> |
| 19 | #include <string.h> |
Jan Engelhardt | 41a4cea | 2011-02-15 22:10:48 +0100 | [diff] [blame] | 20 | #include <syslog.h> |
Jan Engelhardt | aa37acc | 2011-02-07 04:00:50 +0100 | [diff] [blame] | 21 | #include <arpa/inet.h> |
Jan Engelhardt | 61cc52b | 2011-04-29 01:25:14 +0200 | [diff] [blame] | 22 | #include <netinet/ip.h> |
Jan Engelhardt | aa37acc | 2011-02-07 04:00:50 +0100 | [diff] [blame] | 23 | #include "xtables.h" |
| 24 | #include "xshared.h" |
Jan Engelhardt | 61cc52b | 2011-04-29 01:25:14 +0200 | [diff] [blame] | 25 | #ifndef IPTOS_NORMALSVC |
| 26 | # define IPTOS_NORMALSVC 0 |
| 27 | #endif |
Jan Engelhardt | aa37acc | 2011-02-07 04:00:50 +0100 | [diff] [blame] | 28 | |
| 29 | #define XTOPT_MKPTR(cb) \ |
| 30 | ((void *)((char *)(cb)->data + (cb)->entry->ptroff)) |
| 31 | |
| 32 | /** |
Jan Engelhardt | 41a4cea | 2011-02-15 22:10:48 +0100 | [diff] [blame] | 33 | * Simple key-value pairs for syslog levels |
| 34 | */ |
| 35 | struct syslog_level { |
| 36 | char name[8]; |
| 37 | uint8_t level; |
| 38 | }; |
| 39 | |
Jan Engelhardt | 61cc52b | 2011-04-29 01:25:14 +0200 | [diff] [blame] | 40 | struct tos_value_mask { |
| 41 | uint8_t value, mask; |
| 42 | }; |
| 43 | |
Jan Engelhardt | 41a4cea | 2011-02-15 22:10:48 +0100 | [diff] [blame] | 44 | /** |
Jan Engelhardt | aa37acc | 2011-02-07 04:00:50 +0100 | [diff] [blame] | 45 | * Creates getopt options from the x6-style option map, and assigns each a |
| 46 | * getopt id. |
| 47 | */ |
| 48 | struct option * |
| 49 | xtables_options_xfrm(struct option *orig_opts, struct option *oldopts, |
| 50 | const struct xt_option_entry *entry, unsigned int *offset) |
| 51 | { |
| 52 | unsigned int num_orig, num_old = 0, num_new, i; |
| 53 | struct option *merge, *mp; |
| 54 | |
| 55 | if (entry == NULL) |
| 56 | return oldopts; |
| 57 | for (num_orig = 0; orig_opts[num_orig].name != NULL; ++num_orig) |
| 58 | ; |
| 59 | if (oldopts != NULL) |
| 60 | for (num_old = 0; oldopts[num_old].name != NULL; ++num_old) |
| 61 | ; |
| 62 | for (num_new = 0; entry[num_new].name != NULL; ++num_new) |
| 63 | ; |
| 64 | |
| 65 | /* |
| 66 | * Since @oldopts also has @orig_opts already (and does so at the |
| 67 | * start), skip these entries. |
| 68 | */ |
| 69 | oldopts += num_orig; |
| 70 | num_old -= num_orig; |
| 71 | |
| 72 | merge = malloc(sizeof(*mp) * (num_orig + num_old + num_new + 1)); |
| 73 | if (merge == NULL) |
| 74 | return NULL; |
| 75 | |
| 76 | /* Let the base options -[ADI...] have precedence over everything */ |
| 77 | memcpy(merge, orig_opts, sizeof(*mp) * num_orig); |
| 78 | mp = merge + num_orig; |
| 79 | |
| 80 | /* Second, the new options */ |
| 81 | xt_params->option_offset += XT_OPTION_OFFSET_SCALE; |
| 82 | *offset = xt_params->option_offset; |
| 83 | |
| 84 | for (i = 0; i < num_new; ++i, ++mp, ++entry) { |
| 85 | mp->name = entry->name; |
| 86 | mp->has_arg = entry->type != XTTYPE_NONE; |
| 87 | mp->flag = NULL; |
| 88 | mp->val = entry->id + *offset; |
| 89 | } |
| 90 | |
| 91 | /* Third, the old options */ |
| 92 | memcpy(mp, oldopts, sizeof(*mp) * num_old); |
| 93 | mp += num_old; |
| 94 | xtables_free_opts(0); |
| 95 | |
| 96 | /* Clear trailing entry */ |
| 97 | memset(mp, 0, sizeof(*mp)); |
| 98 | return merge; |
| 99 | } |
| 100 | |
Jan Engelhardt | a93142d | 2011-02-16 01:22:25 +0100 | [diff] [blame] | 101 | /** |
| 102 | * Require a simple integer. |
| 103 | */ |
| 104 | static void xtopt_parse_int(struct xt_option_call *cb) |
| 105 | { |
| 106 | const struct xt_option_entry *entry = cb->entry; |
Jan Engelhardt | 8b5bdea | 2011-03-06 16:56:53 +0100 | [diff] [blame] | 107 | unsigned long long lmin = 0, lmax = UINT32_MAX; |
Jan Engelhardt | a93142d | 2011-02-16 01:22:25 +0100 | [diff] [blame] | 108 | unsigned int value; |
| 109 | |
Jan Engelhardt | dfe99f1 | 2011-02-27 19:03:28 +0100 | [diff] [blame] | 110 | if (entry->type == XTTYPE_UINT8) |
| 111 | lmax = UINT8_MAX; |
Jan Engelhardt | 0eff54b | 2011-03-06 17:42:51 +0100 | [diff] [blame] | 112 | else if (entry->type == XTTYPE_UINT16) |
| 113 | lmax = UINT16_MAX; |
Jan Engelhardt | 8b5bdea | 2011-03-06 16:56:53 +0100 | [diff] [blame] | 114 | else if (entry->type == XTTYPE_UINT64) |
| 115 | lmax = UINT64_MAX; |
Jan Engelhardt | d78254d | 2011-02-27 17:38:34 +0100 | [diff] [blame] | 116 | if (cb->entry->min != 0) |
| 117 | lmin = cb->entry->min; |
| 118 | if (cb->entry->max != 0) |
| 119 | lmax = cb->entry->max; |
| 120 | |
Jan Engelhardt | a93142d | 2011-02-16 01:22:25 +0100 | [diff] [blame] | 121 | if (!xtables_strtoui(cb->arg, NULL, &value, lmin, lmax)) |
| 122 | xt_params->exit_err(PARAMETER_PROBLEM, |
| 123 | "%s: bad value for option \"--%s\", " |
Jan Engelhardt | 8b5bdea | 2011-03-06 16:56:53 +0100 | [diff] [blame] | 124 | "or out of range (%llu-%llu).\n", |
Jan Engelhardt | a93142d | 2011-02-16 01:22:25 +0100 | [diff] [blame] | 125 | cb->ext_name, entry->name, lmin, lmax); |
| 126 | |
Jan Engelhardt | dfe99f1 | 2011-02-27 19:03:28 +0100 | [diff] [blame] | 127 | if (entry->type == XTTYPE_UINT8) { |
| 128 | cb->val.u8 = value; |
| 129 | if (entry->flags & XTOPT_PUT) |
| 130 | *(uint8_t *)XTOPT_MKPTR(cb) = cb->val.u8; |
Jan Engelhardt | 0eff54b | 2011-03-06 17:42:51 +0100 | [diff] [blame] | 131 | } else if (entry->type == XTTYPE_UINT16) { |
| 132 | cb->val.u16 = value; |
| 133 | if (entry->flags & XTOPT_PUT) |
| 134 | *(uint16_t *)XTOPT_MKPTR(cb) = cb->val.u16; |
Jan Engelhardt | dfe99f1 | 2011-02-27 19:03:28 +0100 | [diff] [blame] | 135 | } else if (entry->type == XTTYPE_UINT32) { |
Jan Engelhardt | a93142d | 2011-02-16 01:22:25 +0100 | [diff] [blame] | 136 | cb->val.u32 = value; |
| 137 | if (entry->flags & XTOPT_PUT) |
| 138 | *(uint32_t *)XTOPT_MKPTR(cb) = cb->val.u32; |
Jan Engelhardt | 8b5bdea | 2011-03-06 16:56:53 +0100 | [diff] [blame] | 139 | } else if (entry->type == XTTYPE_UINT64) { |
| 140 | cb->val.u64 = value; |
| 141 | if (entry->flags & XTOPT_PUT) |
| 142 | *(uint64_t *)XTOPT_MKPTR(cb) = cb->val.u64; |
Jan Engelhardt | a93142d | 2011-02-16 01:22:25 +0100 | [diff] [blame] | 143 | } |
| 144 | } |
| 145 | |
Jan Engelhardt | 04bb988 | 2011-02-27 23:41:10 +0100 | [diff] [blame] | 146 | /** |
Jan Engelhardt | f012b3c | 2011-05-02 18:09:59 +0200 | [diff] [blame] | 147 | * Require a simple floating point number. |
| 148 | */ |
| 149 | static void xtopt_parse_float(struct xt_option_call *cb) |
| 150 | { |
| 151 | const struct xt_option_entry *entry = cb->entry; |
| 152 | double value; |
| 153 | char *end; |
| 154 | |
| 155 | value = strtod(cb->arg, &end); |
| 156 | if (end == cb->arg || *end != '\0' || |
| 157 | (entry->min != entry->max && |
| 158 | (value < entry->min || value > entry->max))) |
| 159 | xt_params->exit_err(PARAMETER_PROBLEM, |
| 160 | "%s: bad value for option \"--%s\", " |
| 161 | "or out of range (%u-%u).\n", |
| 162 | cb->ext_name, entry->name, entry->min, entry->max); |
| 163 | |
| 164 | cb->val.dbl = value; |
| 165 | if (entry->flags & XTOPT_PUT) |
| 166 | *(double *)XTOPT_MKPTR(cb) = cb->val.dbl; |
| 167 | } |
| 168 | |
| 169 | /** |
Jan Engelhardt | 04bb988 | 2011-02-27 23:41:10 +0100 | [diff] [blame] | 170 | * Multiple integer parse routine. |
| 171 | * |
| 172 | * This function is capable of parsing any number of fields. Only the first |
| 173 | * two values from the string will be put into @cb however (and as such, |
| 174 | * @cb->val.uXX_range is just that large) to cater for the few extensions that |
| 175 | * do not have a range[2] field, but {min, max}, and which cannot use |
| 176 | * XTOPT_POINTER. |
| 177 | */ |
| 178 | static void xtopt_parse_mint(struct xt_option_call *cb) |
| 179 | { |
| 180 | const struct xt_option_entry *entry = cb->entry; |
| 181 | const char *arg = cb->arg; |
Jan Engelhardt | 564eaf4 | 2011-03-06 16:59:23 +0100 | [diff] [blame] | 182 | size_t esize = sizeof(uint32_t); |
| 183 | char *put = XTOPT_MKPTR(cb); |
Jan Engelhardt | 04bb988 | 2011-02-27 23:41:10 +0100 | [diff] [blame] | 184 | unsigned int maxiter, value; |
| 185 | char *end = ""; |
| 186 | char sep = ':'; |
| 187 | |
Jan Engelhardt | 8bf513a | 2011-03-06 17:09:19 +0100 | [diff] [blame] | 188 | if (entry->type == XTTYPE_UINT8RC) |
| 189 | esize = sizeof(uint8_t); |
| 190 | else if (entry->type == XTTYPE_UINT16RC) |
Jan Engelhardt | 564eaf4 | 2011-03-06 16:59:23 +0100 | [diff] [blame] | 191 | esize = sizeof(uint16_t); |
Jan Engelhardt | bc438c4 | 2011-03-06 17:13:54 +0100 | [diff] [blame] | 192 | else if (entry->type == XTTYPE_UINT64RC) |
| 193 | esize = sizeof(uint64_t); |
Jan Engelhardt | 564eaf4 | 2011-03-06 16:59:23 +0100 | [diff] [blame] | 194 | maxiter = entry->size / esize; |
Jan Engelhardt | 04bb988 | 2011-02-27 23:41:10 +0100 | [diff] [blame] | 195 | if (maxiter == 0) |
| 196 | maxiter = 2; /* ARRAY_SIZE(cb->val.uXX_range) */ |
Jan Engelhardt | 564eaf4 | 2011-03-06 16:59:23 +0100 | [diff] [blame] | 197 | if (entry->size % esize != 0) |
Jan Engelhardt | 04bb988 | 2011-02-27 23:41:10 +0100 | [diff] [blame] | 198 | xt_params->exit_err(OTHER_PROBLEM, "%s: memory block does " |
| 199 | "not have proper size\n", __func__); |
| 200 | |
| 201 | cb->nvals = 0; |
| 202 | for (arg = cb->arg; ; arg = end + 1) { |
| 203 | if (cb->nvals == maxiter) |
| 204 | xt_params->exit_err(PARAMETER_PROBLEM, "%s: Too many " |
| 205 | "components for option \"--%s\" (max: %u)\n", |
| 206 | cb->ext_name, entry->name, maxiter); |
| 207 | if (!xtables_strtoui(arg, &end, &value, 0, UINT32_MAX)) |
| 208 | xt_params->exit_err(PARAMETER_PROBLEM, |
| 209 | "%s: bad value for option \"--%s\", " |
| 210 | "or out of range (0-%u).\n", |
| 211 | cb->ext_name, entry->name, UINT32_MAX); |
| 212 | if (*end != '\0' && *end != sep) |
| 213 | xt_params->exit_err(PARAMETER_PROBLEM, |
| 214 | "%s: Argument to \"--%s\" has unexpected " |
| 215 | "characters.\n", cb->ext_name, entry->name); |
Jan Engelhardt | 564eaf4 | 2011-03-06 16:59:23 +0100 | [diff] [blame] | 216 | if (cb->nvals < ARRAY_SIZE(cb->val.u32_range)) { |
Jan Engelhardt | 8bf513a | 2011-03-06 17:09:19 +0100 | [diff] [blame] | 217 | if (entry->type == XTTYPE_UINT8RC) |
| 218 | cb->val.u8_range[cb->nvals] = value; |
| 219 | else if (entry->type == XTTYPE_UINT16RC) |
Jan Engelhardt | 564eaf4 | 2011-03-06 16:59:23 +0100 | [diff] [blame] | 220 | cb->val.u16_range[cb->nvals] = value; |
| 221 | else if (entry->type == XTTYPE_UINT32RC) |
| 222 | cb->val.u32_range[cb->nvals] = value; |
Jan Engelhardt | bc438c4 | 2011-03-06 17:13:54 +0100 | [diff] [blame] | 223 | else if (entry->type == XTTYPE_UINT64RC) |
| 224 | cb->val.u64_range[cb->nvals] = value; |
Jan Engelhardt | 564eaf4 | 2011-03-06 16:59:23 +0100 | [diff] [blame] | 225 | } |
Jan Engelhardt | 0787a82 | 2011-05-02 02:43:15 +0200 | [diff] [blame] | 226 | ++cb->nvals; |
Jan Engelhardt | 564eaf4 | 2011-03-06 16:59:23 +0100 | [diff] [blame] | 227 | if (entry->flags & XTOPT_PUT) { |
Jan Engelhardt | 8bf513a | 2011-03-06 17:09:19 +0100 | [diff] [blame] | 228 | if (entry->type == XTTYPE_UINT8RC) |
| 229 | *(uint8_t *)put = value; |
| 230 | else if (entry->type == XTTYPE_UINT16RC) |
Jan Engelhardt | 564eaf4 | 2011-03-06 16:59:23 +0100 | [diff] [blame] | 231 | *(uint16_t *)put = value; |
| 232 | else if (entry->type == XTTYPE_UINT32RC) |
| 233 | *(uint32_t *)put = value; |
Jan Engelhardt | bc438c4 | 2011-03-06 17:13:54 +0100 | [diff] [blame] | 234 | else if (entry->type == XTTYPE_UINT64RC) |
| 235 | *(uint64_t *)put = value; |
Jan Engelhardt | 564eaf4 | 2011-03-06 16:59:23 +0100 | [diff] [blame] | 236 | put += esize; |
| 237 | } |
Jan Engelhardt | 04bb988 | 2011-02-27 23:41:10 +0100 | [diff] [blame] | 238 | if (*end == '\0') |
| 239 | break; |
| 240 | } |
| 241 | } |
| 242 | |
Jan Engelhardt | 4a0a176 | 2011-02-15 22:09:21 +0100 | [diff] [blame] | 243 | static void xtopt_parse_string(struct xt_option_call *cb) |
| 244 | { |
| 245 | const struct xt_option_entry *entry = cb->entry; |
| 246 | size_t z = strlen(cb->arg); |
| 247 | char *p; |
| 248 | |
| 249 | if (entry->min != 0 && z < entry->min) |
| 250 | xt_params->exit_err(PARAMETER_PROBLEM, |
| 251 | "Argument must have a minimum length of " |
| 252 | "%u characters\n", entry->min); |
| 253 | if (entry->max != 0 && z > entry->max) |
| 254 | xt_params->exit_err(PARAMETER_PROBLEM, |
| 255 | "Argument must have a maximum length of " |
| 256 | "%u characters\n", entry->max); |
| 257 | if (!(entry->flags & XTOPT_PUT)) |
| 258 | return; |
| 259 | if (z >= entry->size) |
| 260 | z = entry->size - 1; |
| 261 | p = XTOPT_MKPTR(cb); |
| 262 | strncpy(p, cb->arg, z); |
| 263 | p[z] = '\0'; |
| 264 | } |
| 265 | |
Jan Engelhardt | 61cc52b | 2011-04-29 01:25:14 +0200 | [diff] [blame] | 266 | static const struct tos_symbol_info { |
| 267 | unsigned char value; |
| 268 | const char *name; |
| 269 | } tos_symbol_names[] = { |
| 270 | {IPTOS_LOWDELAY, "Minimize-Delay"}, |
| 271 | {IPTOS_THROUGHPUT, "Maximize-Throughput"}, |
| 272 | {IPTOS_RELIABILITY, "Maximize-Reliability"}, |
| 273 | {IPTOS_MINCOST, "Minimize-Cost"}, |
| 274 | {IPTOS_NORMALSVC, "Normal-Service"}, |
| 275 | {}, |
| 276 | }; |
| 277 | |
| 278 | /* |
| 279 | * tos_parse_numeric - parse a string like "15/255" |
| 280 | * |
| 281 | * @str: input string |
| 282 | * @tvm: (value/mask) tuple |
| 283 | * @max: maximum allowed value (must be pow(2,some_int)-1) |
| 284 | */ |
| 285 | static bool tos_parse_numeric(const char *str, struct xt_option_call *cb, |
| 286 | unsigned int max) |
| 287 | { |
| 288 | unsigned int value; |
| 289 | char *end; |
| 290 | |
| 291 | xtables_strtoui(str, &end, &value, 0, max); |
| 292 | cb->val.tos_value = value; |
| 293 | cb->val.tos_mask = max; |
| 294 | |
| 295 | if (*end == '/') { |
| 296 | const char *p = end + 1; |
| 297 | |
| 298 | if (!xtables_strtoui(p, &end, &value, 0, max)) |
| 299 | xtables_error(PARAMETER_PROBLEM, "Illegal value: \"%s\"", |
| 300 | str); |
| 301 | cb->val.tos_mask = value; |
| 302 | } |
| 303 | |
| 304 | if (*end != '\0') |
| 305 | xtables_error(PARAMETER_PROBLEM, "Illegal value: \"%s\"", str); |
| 306 | return true; |
| 307 | } |
| 308 | |
| 309 | /** |
| 310 | * @str: input string |
| 311 | * @tvm: (value/mask) tuple |
| 312 | * @def_mask: mask to force when a symbolic name is used |
| 313 | */ |
| 314 | static void xtopt_parse_tosmask(struct xt_option_call *cb) |
| 315 | { |
| 316 | const struct tos_symbol_info *symbol; |
| 317 | char *tmp; |
| 318 | |
| 319 | if (xtables_strtoui(cb->arg, &tmp, NULL, 0, UINT8_MAX)) { |
| 320 | tos_parse_numeric(cb->arg, cb, UINT8_MAX); |
| 321 | return; |
| 322 | } |
| 323 | /* |
| 324 | * This is our way we deal with different defaults |
| 325 | * for different revisions. |
| 326 | */ |
| 327 | cb->val.tos_mask = cb->entry->max; |
| 328 | for (symbol = tos_symbol_names; symbol->name != NULL; ++symbol) |
| 329 | if (strcasecmp(cb->arg, symbol->name) == 0) { |
| 330 | cb->val.tos_value = symbol->value; |
| 331 | return; |
| 332 | } |
| 333 | |
| 334 | xtables_error(PARAMETER_PROBLEM, "Symbolic name \"%s\" is unknown", |
| 335 | cb->arg); |
| 336 | } |
| 337 | |
Jan Engelhardt | d25e217 | 2011-03-06 14:57:44 +0100 | [diff] [blame] | 338 | /** |
| 339 | * Validate the input for being conformant to "mark[/mask]". |
| 340 | */ |
| 341 | static void xtopt_parse_markmask(struct xt_option_call *cb) |
| 342 | { |
| 343 | unsigned int mark = 0, mask = ~0U; |
| 344 | char *end; |
| 345 | |
| 346 | if (!xtables_strtoui(cb->arg, &end, &mark, 0, UINT32_MAX)) |
| 347 | xt_params->exit_err(PARAMETER_PROBLEM, |
| 348 | "%s: bad mark value for option \"--%s\", " |
| 349 | "or out of range.\n", |
| 350 | cb->ext_name, cb->entry->name); |
| 351 | if (*end == '/' && |
| 352 | !xtables_strtoui(end + 1, &end, &mask, 0, UINT32_MAX)) |
| 353 | xt_params->exit_err(PARAMETER_PROBLEM, |
| 354 | "%s: bad mask value for option \"--%s\", " |
| 355 | "or out of range.\n", |
| 356 | cb->ext_name, cb->entry->name); |
| 357 | if (*end != '\0') |
| 358 | xt_params->exit_err(PARAMETER_PROBLEM, |
| 359 | "%s: trailing garbage after value " |
| 360 | "for option \"--%s\".\n", |
| 361 | cb->ext_name, cb->entry->name); |
| 362 | cb->val.mark = mark; |
| 363 | cb->val.mask = mask; |
| 364 | } |
| 365 | |
Jan Engelhardt | 41a4cea | 2011-02-15 22:10:48 +0100 | [diff] [blame] | 366 | static int xtopt_sysloglvl_compare(const void *a, const void *b) |
| 367 | { |
| 368 | const char *name = a; |
| 369 | const struct syslog_level *entry = b; |
| 370 | |
| 371 | return strcmp(name, entry->name); |
| 372 | } |
| 373 | |
| 374 | static void xtopt_parse_sysloglevel(struct xt_option_call *cb) |
| 375 | { |
| 376 | static const struct syslog_level log_names[] = { /* must be sorted */ |
| 377 | {"alert", LOG_ALERT}, |
| 378 | {"crit", LOG_CRIT}, |
| 379 | {"debug", LOG_DEBUG}, |
| 380 | {"emerg", LOG_EMERG}, |
| 381 | {"error", LOG_ERR}, /* deprecated */ |
| 382 | {"info", LOG_INFO}, |
| 383 | {"notice", LOG_NOTICE}, |
| 384 | {"panic", LOG_EMERG}, /* deprecated */ |
| 385 | {"warning", LOG_WARNING}, |
| 386 | }; |
| 387 | const struct syslog_level *e; |
| 388 | unsigned int num = 0; |
| 389 | |
| 390 | if (!xtables_strtoui(cb->arg, NULL, &num, 0, 7)) { |
| 391 | e = bsearch(cb->arg, log_names, ARRAY_SIZE(log_names), |
| 392 | sizeof(*log_names), xtopt_sysloglvl_compare); |
| 393 | if (e == NULL) |
| 394 | xt_params->exit_err(PARAMETER_PROBLEM, |
| 395 | "log level \"%s\" unknown\n", cb->arg); |
| 396 | num = e->level; |
| 397 | } |
| 398 | cb->val.syslog_level = num; |
| 399 | if (cb->entry->flags & XTOPT_PUT) |
| 400 | *(uint8_t *)XTOPT_MKPTR(cb) = num; |
| 401 | } |
| 402 | |
Jan Engelhardt | 2b01f70 | 2011-02-14 15:10:15 +0100 | [diff] [blame] | 403 | static void *xtables_sa_host(const void *sa, unsigned int afproto) |
| 404 | { |
| 405 | if (afproto == AF_INET6) |
| 406 | return &((struct sockaddr_in6 *)sa)->sin6_addr; |
| 407 | else if (afproto == AF_INET) |
| 408 | return &((struct sockaddr_in *)sa)->sin_addr; |
| 409 | return (void *)sa; |
| 410 | } |
| 411 | |
| 412 | static socklen_t xtables_sa_hostlen(unsigned int afproto) |
| 413 | { |
| 414 | if (afproto == AF_INET6) |
| 415 | return sizeof(struct in6_addr); |
| 416 | else if (afproto == AF_INET) |
| 417 | return sizeof(struct in_addr); |
| 418 | return 0; |
| 419 | } |
| 420 | |
| 421 | /** |
| 422 | * Accepts: a hostname (DNS), or a single inetaddr. |
| 423 | */ |
| 424 | static void xtopt_parse_onehost(struct xt_option_call *cb) |
| 425 | { |
| 426 | struct addrinfo hints = {.ai_family = afinfo->family}; |
| 427 | unsigned int adcount = 0; |
| 428 | struct addrinfo *res, *p; |
| 429 | int ret; |
| 430 | |
| 431 | ret = getaddrinfo(cb->arg, NULL, &hints, &res); |
| 432 | if (ret < 0) |
| 433 | xt_params->exit_err(PARAMETER_PROBLEM, |
| 434 | "getaddrinfo: %s\n", gai_strerror(ret)); |
| 435 | |
| 436 | for (p = res; p != NULL; p = p->ai_next) { |
| 437 | if (adcount == 0) { |
| 438 | memset(&cb->val.inetaddr, 0, sizeof(cb->val.inetaddr)); |
| 439 | memcpy(&cb->val.inetaddr, |
| 440 | xtables_sa_host(p->ai_addr, p->ai_family), |
| 441 | xtables_sa_hostlen(p->ai_family)); |
| 442 | ++adcount; |
| 443 | continue; |
| 444 | } |
| 445 | if (memcmp(&cb->val.inetaddr, |
| 446 | xtables_sa_host(p->ai_addr, p->ai_family), |
| 447 | xtables_sa_hostlen(p->ai_family)) != 0) |
| 448 | xt_params->exit_err(PARAMETER_PROBLEM, |
| 449 | "%s resolves to more than one address\n", |
| 450 | cb->arg); |
| 451 | } |
| 452 | |
| 453 | freeaddrinfo(res); |
| 454 | if (cb->entry->flags & XTOPT_PUT) |
| 455 | /* Validation in xtables_option_metavalidate */ |
| 456 | memcpy(XTOPT_MKPTR(cb), &cb->val.inetaddr, |
| 457 | sizeof(cb->val.inetaddr)); |
| 458 | } |
| 459 | |
Jan Engelhardt | b8592fa | 2011-02-14 15:12:50 +0100 | [diff] [blame] | 460 | /** |
| 461 | * @name: port name, or number as a string (e.g. "http" or "80") |
| 462 | * |
| 463 | * Resolve a port name to a number. Returns the port number in integral |
| 464 | * form on success, or <0 on error. (errno will not be set.) |
| 465 | */ |
| 466 | static int xtables_getportbyname(const char *name) |
| 467 | { |
| 468 | struct addrinfo *res = NULL, *p; |
| 469 | int ret; |
| 470 | |
| 471 | ret = getaddrinfo(NULL, name, NULL, &res); |
| 472 | if (ret < 0) |
| 473 | return -1; |
| 474 | ret = -1; |
| 475 | for (p = res; p != NULL; p = p->ai_next) { |
| 476 | if (p->ai_family == AF_INET6) { |
| 477 | ret = ((struct sockaddr_in6 *)p->ai_addr)->sin6_port; |
| 478 | break; |
| 479 | } else if (p->ai_family == AF_INET) { |
| 480 | ret = ((struct sockaddr_in *)p->ai_addr)->sin_port; |
| 481 | break; |
| 482 | } |
| 483 | } |
| 484 | freeaddrinfo(res); |
Jan Engelhardt | 44517bd | 2011-04-14 13:54:24 +0200 | [diff] [blame] | 485 | if (ret < 0) |
| 486 | return ret; |
Jan Engelhardt | b8592fa | 2011-02-14 15:12:50 +0100 | [diff] [blame] | 487 | return ntohs(ret); |
| 488 | } |
| 489 | |
| 490 | /** |
| 491 | * Validate and parse a port specification and put the result into @cb. |
| 492 | */ |
| 493 | static void xtopt_parse_port(struct xt_option_call *cb) |
| 494 | { |
| 495 | int ret; |
| 496 | |
| 497 | ret = xtables_getportbyname(cb->arg); |
| 498 | if (ret < 0) |
| 499 | xt_params->exit_err(PARAMETER_PROBLEM, |
| 500 | "Port \"%s\" does not resolve to anything.\n", |
| 501 | cb->arg); |
| 502 | cb->val.port = ret; |
| 503 | if (cb->entry->type == XTTYPE_PORT_NE) |
| 504 | cb->val.port = htons(cb->val.port); |
| 505 | if (cb->entry->flags & XTOPT_PUT) |
| 506 | *(uint16_t *)XTOPT_MKPTR(cb) = cb->val.port; |
| 507 | } |
| 508 | |
Jan Engelhardt | f30231a | 2011-04-17 13:33:50 +0200 | [diff] [blame] | 509 | static void xtopt_parse_mport(struct xt_option_call *cb) |
| 510 | { |
| 511 | static const size_t esize = sizeof(uint16_t); |
| 512 | const struct xt_option_entry *entry = cb->entry; |
| 513 | char *lo_arg, *wp_arg, *arg; |
| 514 | unsigned int maxiter; |
| 515 | int value; |
| 516 | |
| 517 | wp_arg = lo_arg = strdup(cb->arg); |
| 518 | if (lo_arg == NULL) |
| 519 | xt_params->exit_err(RESOURCE_PROBLEM, "strdup"); |
| 520 | |
| 521 | maxiter = entry->size / esize; |
| 522 | if (maxiter == 0) |
| 523 | maxiter = 2; /* ARRAY_SIZE(cb->val.port_range) */ |
| 524 | if (entry->size % esize != 0) |
| 525 | xt_params->exit_err(OTHER_PROBLEM, "%s: memory block does " |
| 526 | "not have proper size\n", __func__); |
| 527 | |
| 528 | cb->val.port_range[0] = 0; |
| 529 | cb->val.port_range[1] = UINT16_MAX; |
| 530 | cb->nvals = 0; |
| 531 | |
| 532 | while ((arg = strsep(&wp_arg, ":")) != NULL) { |
| 533 | if (cb->nvals == maxiter) |
| 534 | xt_params->exit_err(PARAMETER_PROBLEM, "%s: Too many " |
| 535 | "components for option \"--%s\" (max: %u)\n", |
| 536 | cb->ext_name, entry->name, maxiter); |
| 537 | if (*arg == '\0') { |
| 538 | ++cb->nvals; |
| 539 | continue; |
| 540 | } |
| 541 | |
| 542 | value = xtables_getportbyname(arg); |
| 543 | if (value < 0) |
| 544 | xt_params->exit_err(PARAMETER_PROBLEM, |
| 545 | "Port \"%s\" does not resolve to " |
| 546 | "anything.\n", arg); |
| 547 | if (entry->type == XTTYPE_PORTRC_NE) |
| 548 | value = htons(value); |
| 549 | if (cb->nvals < ARRAY_SIZE(cb->val.port_range)) |
| 550 | cb->val.port_range[cb->nvals] = value; |
| 551 | ++cb->nvals; |
| 552 | } |
| 553 | |
| 554 | if (cb->nvals == 1) { |
| 555 | cb->val.port_range[1] = cb->val.port_range[0]; |
| 556 | ++cb->nvals; |
| 557 | } |
| 558 | if (entry->flags & XTOPT_PUT) |
| 559 | memcpy(XTOPT_MKPTR(cb), cb->val.port_range, sizeof(uint16_t) * |
| 560 | (cb->nvals <= maxiter ? cb->nvals : maxiter)); |
| 561 | free(lo_arg); |
| 562 | } |
| 563 | |
Jan Engelhardt | e8b42fe | 2011-05-02 02:13:16 +0200 | [diff] [blame^] | 564 | static void xtopt_parse_plenmask(struct xt_option_call *cb) |
| 565 | { |
| 566 | const struct xt_option_entry *entry = cb->entry; |
| 567 | uint32_t *mask = cb->val.inetmask.all; |
| 568 | unsigned int prefix_len = 128; |
| 569 | uint8_t max = 128; |
| 570 | |
| 571 | if (afinfo->family == NFPROTO_IPV6) |
| 572 | max = 128; |
| 573 | else if (afinfo->family == NFPROTO_IPV4) |
| 574 | max = 32; |
| 575 | |
| 576 | if (!xtables_strtoui(cb->arg, NULL, &prefix_len, 0, max)) |
| 577 | xt_params->exit_err(PARAMETER_PROBLEM, |
| 578 | "%s: bad value for option \"--%s\", " |
| 579 | "or out of range (%u-%u).\n", |
| 580 | cb->ext_name, entry->name, 0, max); |
| 581 | |
| 582 | memset(mask, 0xFF, sizeof(union nf_inet_addr)); |
| 583 | if (prefix_len == 0) { |
| 584 | mask[0] = mask[1] = mask[2] = mask[3] = 0; |
| 585 | } else if (prefix_len <= 32) { |
| 586 | mask[0] <<= 32 - prefix_len; |
| 587 | mask[1] = mask[2] = mask[3] = 0; |
| 588 | } else if (prefix_len <= 64) { |
| 589 | mask[1] <<= 32 - (prefix_len - 32); |
| 590 | mask[2] = mask[3] = 0; |
| 591 | } else if (prefix_len <= 96) { |
| 592 | mask[2] <<= 32 - (prefix_len - 64); |
| 593 | mask[3] = 0; |
| 594 | } else if (prefix_len <= 128) { |
| 595 | mask[3] <<= 32 - (prefix_len - 96); |
| 596 | } |
| 597 | mask[0] = htonl(mask[0]); |
| 598 | mask[1] = htonl(mask[1]); |
| 599 | mask[2] = htonl(mask[2]); |
| 600 | mask[3] = htonl(mask[3]); |
| 601 | if (entry->flags & XTOPT_PUT) |
| 602 | memcpy(XTOPT_MKPTR(cb), mask, sizeof(union nf_inet_addr)); |
| 603 | } |
| 604 | |
Jan Engelhardt | aa37acc | 2011-02-07 04:00:50 +0100 | [diff] [blame] | 605 | static void (*const xtopt_subparse[])(struct xt_option_call *) = { |
Jan Engelhardt | dfe99f1 | 2011-02-27 19:03:28 +0100 | [diff] [blame] | 606 | [XTTYPE_UINT8] = xtopt_parse_int, |
Jan Engelhardt | 0eff54b | 2011-03-06 17:42:51 +0100 | [diff] [blame] | 607 | [XTTYPE_UINT16] = xtopt_parse_int, |
Jan Engelhardt | a93142d | 2011-02-16 01:22:25 +0100 | [diff] [blame] | 608 | [XTTYPE_UINT32] = xtopt_parse_int, |
Jan Engelhardt | 8b5bdea | 2011-03-06 16:56:53 +0100 | [diff] [blame] | 609 | [XTTYPE_UINT64] = xtopt_parse_int, |
Jan Engelhardt | 8bf513a | 2011-03-06 17:09:19 +0100 | [diff] [blame] | 610 | [XTTYPE_UINT8RC] = xtopt_parse_mint, |
Jan Engelhardt | 564eaf4 | 2011-03-06 16:59:23 +0100 | [diff] [blame] | 611 | [XTTYPE_UINT16RC] = xtopt_parse_mint, |
Jan Engelhardt | 04bb988 | 2011-02-27 23:41:10 +0100 | [diff] [blame] | 612 | [XTTYPE_UINT32RC] = xtopt_parse_mint, |
Jan Engelhardt | bc438c4 | 2011-03-06 17:13:54 +0100 | [diff] [blame] | 613 | [XTTYPE_UINT64RC] = xtopt_parse_mint, |
Jan Engelhardt | f012b3c | 2011-05-02 18:09:59 +0200 | [diff] [blame] | 614 | [XTTYPE_DOUBLE] = xtopt_parse_float, |
Jan Engelhardt | 4a0a176 | 2011-02-15 22:09:21 +0100 | [diff] [blame] | 615 | [XTTYPE_STRING] = xtopt_parse_string, |
Jan Engelhardt | 61cc52b | 2011-04-29 01:25:14 +0200 | [diff] [blame] | 616 | [XTTYPE_TOSMASK] = xtopt_parse_tosmask, |
Jan Engelhardt | d25e217 | 2011-03-06 14:57:44 +0100 | [diff] [blame] | 617 | [XTTYPE_MARKMASK32] = xtopt_parse_markmask, |
Jan Engelhardt | 41a4cea | 2011-02-15 22:10:48 +0100 | [diff] [blame] | 618 | [XTTYPE_SYSLOGLEVEL] = xtopt_parse_sysloglevel, |
Jan Engelhardt | 2b01f70 | 2011-02-14 15:10:15 +0100 | [diff] [blame] | 619 | [XTTYPE_ONEHOST] = xtopt_parse_onehost, |
Jan Engelhardt | b8592fa | 2011-02-14 15:12:50 +0100 | [diff] [blame] | 620 | [XTTYPE_PORT] = xtopt_parse_port, |
| 621 | [XTTYPE_PORT_NE] = xtopt_parse_port, |
Jan Engelhardt | f30231a | 2011-04-17 13:33:50 +0200 | [diff] [blame] | 622 | [XTTYPE_PORTRC] = xtopt_parse_mport, |
| 623 | [XTTYPE_PORTRC_NE] = xtopt_parse_mport, |
Jan Engelhardt | e8b42fe | 2011-05-02 02:13:16 +0200 | [diff] [blame^] | 624 | [XTTYPE_PLENMASK] = xtopt_parse_plenmask, |
Jan Engelhardt | aa37acc | 2011-02-07 04:00:50 +0100 | [diff] [blame] | 625 | }; |
| 626 | |
| 627 | static const size_t xtopt_psize[] = { |
Jan Engelhardt | dfe99f1 | 2011-02-27 19:03:28 +0100 | [diff] [blame] | 628 | [XTTYPE_UINT8] = sizeof(uint8_t), |
Jan Engelhardt | 0eff54b | 2011-03-06 17:42:51 +0100 | [diff] [blame] | 629 | [XTTYPE_UINT16] = sizeof(uint16_t), |
Jan Engelhardt | a93142d | 2011-02-16 01:22:25 +0100 | [diff] [blame] | 630 | [XTTYPE_UINT32] = sizeof(uint32_t), |
Jan Engelhardt | 8b5bdea | 2011-03-06 16:56:53 +0100 | [diff] [blame] | 631 | [XTTYPE_UINT64] = sizeof(uint64_t), |
Jan Engelhardt | 8bf513a | 2011-03-06 17:09:19 +0100 | [diff] [blame] | 632 | [XTTYPE_UINT8RC] = sizeof(uint8_t[2]), |
Jan Engelhardt | 564eaf4 | 2011-03-06 16:59:23 +0100 | [diff] [blame] | 633 | [XTTYPE_UINT16RC] = sizeof(uint16_t[2]), |
Jan Engelhardt | 04bb988 | 2011-02-27 23:41:10 +0100 | [diff] [blame] | 634 | [XTTYPE_UINT32RC] = sizeof(uint32_t[2]), |
Jan Engelhardt | bc438c4 | 2011-03-06 17:13:54 +0100 | [diff] [blame] | 635 | [XTTYPE_UINT64RC] = sizeof(uint64_t[2]), |
Jan Engelhardt | f012b3c | 2011-05-02 18:09:59 +0200 | [diff] [blame] | 636 | [XTTYPE_DOUBLE] = sizeof(double), |
Jan Engelhardt | 4a0a176 | 2011-02-15 22:09:21 +0100 | [diff] [blame] | 637 | [XTTYPE_STRING] = -1, |
Jan Engelhardt | 41a4cea | 2011-02-15 22:10:48 +0100 | [diff] [blame] | 638 | [XTTYPE_SYSLOGLEVEL] = sizeof(uint8_t), |
Jan Engelhardt | 2b01f70 | 2011-02-14 15:10:15 +0100 | [diff] [blame] | 639 | [XTTYPE_ONEHOST] = sizeof(union nf_inet_addr), |
Jan Engelhardt | b8592fa | 2011-02-14 15:12:50 +0100 | [diff] [blame] | 640 | [XTTYPE_PORT] = sizeof(uint16_t), |
| 641 | [XTTYPE_PORT_NE] = sizeof(uint16_t), |
Jan Engelhardt | f30231a | 2011-04-17 13:33:50 +0200 | [diff] [blame] | 642 | [XTTYPE_PORTRC] = sizeof(uint16_t[2]), |
| 643 | [XTTYPE_PORTRC_NE] = sizeof(uint16_t[2]), |
Jan Engelhardt | e8b42fe | 2011-05-02 02:13:16 +0200 | [diff] [blame^] | 644 | [XTTYPE_PLENMASK] = sizeof(union nf_inet_addr), |
Jan Engelhardt | aa37acc | 2011-02-07 04:00:50 +0100 | [diff] [blame] | 645 | }; |
| 646 | |
| 647 | /** |
| 648 | * The master option parsing routine. May be used for the ".x6_parse" |
| 649 | * function pointer in extensions if fully automatic parsing is desired. |
| 650 | * It may be also called manually from a custom x6_parse function. |
| 651 | */ |
| 652 | void xtables_option_parse(struct xt_option_call *cb) |
| 653 | { |
| 654 | const struct xt_option_entry *entry = cb->entry; |
| 655 | unsigned int eflag = 1 << cb->entry->id; |
| 656 | |
| 657 | /* |
| 658 | * With {.id = P_FOO, .excl = P_FOO} we can have simple double-use |
| 659 | * prevention. Though it turned out that this is too much typing (most |
| 660 | * of the options are one-time use only), so now we also have |
| 661 | * %XTOPT_MULTI. |
| 662 | */ |
| 663 | if ((!(entry->flags & XTOPT_MULTI) || (entry->excl & eflag)) && |
| 664 | cb->xflags & eflag) |
| 665 | xt_params->exit_err(PARAMETER_PROBLEM, |
| 666 | "%s: option \"--%s\" can only be used once.\n", |
| 667 | cb->ext_name, cb->entry->name); |
| 668 | if (cb->invert && !(entry->flags & XTOPT_INVERT)) |
| 669 | xt_params->exit_err(PARAMETER_PROBLEM, |
| 670 | "%s: option \"--%s\" cannot be inverted.\n", |
| 671 | cb->ext_name, entry->name); |
| 672 | if (entry->type != XTTYPE_NONE && optarg == NULL) |
| 673 | xt_params->exit_err(PARAMETER_PROBLEM, |
| 674 | "%s: option \"--%s\" requires an argument.\n", |
| 675 | cb->ext_name, entry->name); |
| 676 | if (entry->type <= ARRAY_SIZE(xtopt_subparse) && |
| 677 | xtopt_subparse[entry->type] != NULL) |
| 678 | xtopt_subparse[entry->type](cb); |
| 679 | /* Exclusion with other flags tested later in finalize. */ |
| 680 | cb->xflags |= 1 << entry->id; |
| 681 | } |
| 682 | |
| 683 | /** |
| 684 | * Verifies that an extension's option map descriptor is valid, and ought to |
| 685 | * be called right after the extension has been loaded, and before option |
| 686 | * merging/xfrm. |
| 687 | */ |
| 688 | void xtables_option_metavalidate(const char *name, |
| 689 | const struct xt_option_entry *entry) |
| 690 | { |
| 691 | for (; entry->name != NULL; ++entry) { |
| 692 | if (entry->id >= CHAR_BIT * sizeof(unsigned int) || |
| 693 | entry->id >= XT_OPTION_OFFSET_SCALE) |
| 694 | xt_params->exit_err(OTHER_PROBLEM, |
| 695 | "Extension %s uses invalid ID %u\n", |
| 696 | name, entry->id); |
| 697 | if (!(entry->flags & XTOPT_PUT)) |
| 698 | continue; |
| 699 | if (entry->type >= ARRAY_SIZE(xtopt_psize)) |
| 700 | xt_params->exit_err(OTHER_PROBLEM, |
| 701 | "%s: entry type of option \"--%s\" cannot be " |
| 702 | "combined with XTOPT_PUT\n", |
| 703 | name, entry->name); |
Jan Engelhardt | 04bb988 | 2011-02-27 23:41:10 +0100 | [diff] [blame] | 704 | if (xtopt_psize[entry->type] != -1 && |
| 705 | xtopt_psize[entry->type] != entry->size) |
Jan Engelhardt | aa37acc | 2011-02-07 04:00:50 +0100 | [diff] [blame] | 706 | xt_params->exit_err(OTHER_PROBLEM, |
| 707 | "%s: option \"--%s\" points to a memory block " |
| 708 | "of wrong size (expected %zu, got %zu)\n", |
| 709 | name, entry->name, |
| 710 | xtopt_psize[entry->type], entry->size); |
| 711 | } |
| 712 | } |
| 713 | |
| 714 | /** |
| 715 | * Find an option entry by its id. |
| 716 | */ |
| 717 | static const struct xt_option_entry * |
| 718 | xtables_option_lookup(const struct xt_option_entry *entry, unsigned int id) |
| 719 | { |
| 720 | for (; entry->name != NULL; ++entry) |
| 721 | if (entry->id == id) |
| 722 | return entry; |
| 723 | return NULL; |
| 724 | } |
| 725 | |
| 726 | /** |
| 727 | * @c: getopt id (i.e. with offset) |
| 728 | * @fw: struct ipt_entry or ip6t_entry |
| 729 | * |
| 730 | * Dispatch arguments to the appropriate parse function, based upon the |
| 731 | * extension's choice of API. |
| 732 | */ |
| 733 | void xtables_option_tpcall(unsigned int c, char **argv, bool invert, |
| 734 | struct xtables_target *t, void *fw) |
| 735 | { |
| 736 | struct xt_option_call cb; |
| 737 | |
| 738 | if (t->x6_parse == NULL) { |
| 739 | if (t->parse != NULL) |
| 740 | t->parse(c - t->option_offset, argv, invert, |
| 741 | &t->tflags, fw, &t->t); |
| 742 | return; |
| 743 | } |
| 744 | |
| 745 | c -= t->option_offset; |
| 746 | cb.entry = xtables_option_lookup(t->x6_options, c); |
| 747 | if (cb.entry == NULL) |
| 748 | xtables_error(OTHER_PROBLEM, |
| 749 | "Extension does not know id %u\n", c); |
| 750 | cb.arg = optarg; |
| 751 | cb.invert = invert; |
| 752 | cb.ext_name = t->name; |
| 753 | cb.data = t->t->data; |
| 754 | cb.xflags = t->tflags; |
Jan Engelhardt | 33d1808 | 2011-03-06 18:11:58 +0100 | [diff] [blame] | 755 | cb.target = &t->t; |
Jan Engelhardt | aa37acc | 2011-02-07 04:00:50 +0100 | [diff] [blame] | 756 | t->x6_parse(&cb); |
| 757 | t->tflags = cb.xflags; |
| 758 | } |
| 759 | |
| 760 | /** |
| 761 | * @c: getopt id (i.e. with offset) |
| 762 | * @fw: struct ipt_entry or ip6t_entry |
| 763 | * |
| 764 | * Dispatch arguments to the appropriate parse function, based upon the |
| 765 | * extension's choice of API. |
| 766 | */ |
| 767 | void xtables_option_mpcall(unsigned int c, char **argv, bool invert, |
| 768 | struct xtables_match *m, void *fw) |
| 769 | { |
| 770 | struct xt_option_call cb; |
| 771 | |
| 772 | if (m->x6_parse == NULL) { |
| 773 | if (m->parse != NULL) |
| 774 | m->parse(c - m->option_offset, argv, invert, |
| 775 | &m->mflags, fw, &m->m); |
| 776 | return; |
| 777 | } |
| 778 | |
| 779 | c -= m->option_offset; |
| 780 | cb.entry = xtables_option_lookup(m->x6_options, c); |
| 781 | if (cb.entry == NULL) |
| 782 | xtables_error(OTHER_PROBLEM, |
| 783 | "Extension does not know id %u\n", c); |
| 784 | cb.arg = optarg; |
| 785 | cb.invert = invert; |
| 786 | cb.ext_name = m->name; |
| 787 | cb.data = m->m->data; |
| 788 | cb.xflags = m->mflags; |
Jan Engelhardt | 33d1808 | 2011-03-06 18:11:58 +0100 | [diff] [blame] | 789 | cb.match = &m->m; |
Jan Engelhardt | aa37acc | 2011-02-07 04:00:50 +0100 | [diff] [blame] | 790 | m->x6_parse(&cb); |
| 791 | m->mflags = cb.xflags; |
| 792 | } |
| 793 | |
| 794 | /** |
| 795 | * @name: name of extension |
| 796 | * @entry: current option (from all ext's entries) being validated |
| 797 | * @xflags: flags the extension has collected |
| 798 | * @i: conflicting option (id) to test for |
| 799 | */ |
| 800 | static void |
| 801 | xtables_option_fcheck2(const char *name, const struct xt_option_entry *entry, |
| 802 | const struct xt_option_entry *other, |
| 803 | unsigned int xflags) |
| 804 | { |
| 805 | unsigned int ef = 1 << entry->id, of = 1 << other->id; |
| 806 | |
| 807 | if (entry->also & of && !(xflags & of)) |
| 808 | xt_params->exit_err(PARAMETER_PROBLEM, |
| 809 | "%s: option \"--%s\" also requires \"--%s\".\n", |
| 810 | name, entry->name, other->name); |
| 811 | |
| 812 | if (!(entry->excl & of)) |
| 813 | /* Use of entry does not collide with other option, good. */ |
| 814 | return; |
| 815 | if ((xflags & (ef | of)) != (ef | of)) |
| 816 | /* Conflicting options were not used. */ |
| 817 | return; |
| 818 | |
| 819 | xt_params->exit_err(PARAMETER_PROBLEM, |
| 820 | "%s: option \"--%s\" cannot be used together with \"--%s\".\n", |
| 821 | name, entry->name, other->name); |
| 822 | } |
| 823 | |
| 824 | /** |
| 825 | * @name: name of extension |
| 826 | * @xflags: accumulated flags |
| 827 | * @entry: extension's option table |
| 828 | * |
| 829 | * Check that all option constraints have been met. This effectively replaces |
| 830 | * ->final_check of the older API. |
| 831 | */ |
| 832 | void xtables_options_fcheck(const char *name, unsigned int xflags, |
| 833 | const struct xt_option_entry *table) |
| 834 | { |
| 835 | const struct xt_option_entry *entry, *other; |
| 836 | unsigned int i; |
| 837 | |
| 838 | for (entry = table; entry->name != NULL; ++entry) { |
| 839 | if (entry->flags & XTOPT_MAND && |
| 840 | !(xflags & (1 << entry->id))) |
| 841 | xt_params->exit_err(PARAMETER_PROBLEM, |
| 842 | "%s: option \"--%s\" must be specified\n", |
| 843 | name, entry->name); |
| 844 | |
| 845 | for (i = 0; i < CHAR_BIT * sizeof(entry->id); ++i) { |
| 846 | if (entry->id == i) |
| 847 | /* |
| 848 | * Avoid conflict with self. Multi-use check |
| 849 | * was done earlier in xtables_option_parse. |
| 850 | */ |
| 851 | continue; |
| 852 | other = xtables_option_lookup(table, i); |
| 853 | if (other == NULL) |
| 854 | continue; |
| 855 | xtables_option_fcheck2(name, entry, other, xflags); |
| 856 | } |
| 857 | } |
| 858 | } |
Jan Engelhardt | 3af739b | 2011-02-10 16:57:37 +0100 | [diff] [blame] | 859 | |
| 860 | /** |
| 861 | * Dispatch arguments to the appropriate final_check function, based upon the |
| 862 | * extension's choice of API. |
| 863 | */ |
| 864 | void xtables_option_tfcall(struct xtables_target *t) |
| 865 | { |
| 866 | if (t->x6_fcheck != NULL) { |
| 867 | struct xt_fcheck_call cb; |
| 868 | |
| 869 | cb.ext_name = t->name; |
| 870 | cb.data = t->t->data; |
| 871 | cb.xflags = t->tflags; |
| 872 | t->x6_fcheck(&cb); |
| 873 | } else if (t->final_check != NULL) { |
| 874 | t->final_check(t->tflags); |
| 875 | } |
| 876 | if (t->x6_options != NULL) |
| 877 | xtables_options_fcheck(t->name, t->tflags, t->x6_options); |
| 878 | } |
| 879 | |
| 880 | /** |
| 881 | * Dispatch arguments to the appropriate final_check function, based upon the |
| 882 | * extension's choice of API. |
| 883 | */ |
| 884 | void xtables_option_mfcall(struct xtables_match *m) |
| 885 | { |
| 886 | if (m->x6_fcheck != NULL) { |
| 887 | struct xt_fcheck_call cb; |
| 888 | |
| 889 | cb.ext_name = m->name; |
| 890 | cb.data = m->m->data; |
| 891 | cb.xflags = m->mflags; |
| 892 | m->x6_fcheck(&cb); |
| 893 | } else if (m->final_check != NULL) { |
| 894 | m->final_check(m->mflags); |
| 895 | } |
| 896 | if (m->x6_options != NULL) |
| 897 | xtables_options_fcheck(m->name, m->mflags, m->x6_options); |
| 898 | } |
Jan Engelhardt | 2e0ec4f | 2011-03-06 16:24:43 +0100 | [diff] [blame] | 899 | |
| 900 | struct xtables_lmap *xtables_lmap_init(const char *file) |
| 901 | { |
| 902 | struct xtables_lmap *lmap_head = NULL, *lmap_prev = NULL, *lmap_this; |
| 903 | char buf[512]; |
| 904 | FILE *fp; |
| 905 | char *cur, *nxt; |
| 906 | int id; |
| 907 | |
| 908 | fp = fopen(file, "re"); |
| 909 | if (fp == NULL) |
| 910 | return NULL; |
| 911 | |
| 912 | while (fgets(buf, sizeof(buf), fp) != NULL) { |
| 913 | cur = buf; |
| 914 | while (isspace(*cur)) |
| 915 | ++cur; |
| 916 | if (*cur == '#' || *cur == '\n' || *cur == '\0') |
| 917 | continue; |
| 918 | |
| 919 | /* iproute2 allows hex and dec format */ |
| 920 | errno = 0; |
| 921 | id = strtoul(cur, &nxt, strncmp(cur, "0x", 2) == 0 ? 16 : 10); |
| 922 | if (nxt == cur || errno != 0) |
| 923 | continue; |
| 924 | |
| 925 | /* same boundaries as in iproute2 */ |
| 926 | if (id < 0 || id > 255) |
| 927 | continue; |
| 928 | cur = nxt; |
| 929 | |
| 930 | if (!isspace(*cur)) |
| 931 | continue; |
| 932 | while (isspace(*cur)) |
| 933 | ++cur; |
| 934 | if (*cur == '#' || *cur == '\n' || *cur == '\0') |
| 935 | continue; |
| 936 | nxt = cur; |
| 937 | while (*nxt != '\0' && !isspace(*nxt)) |
| 938 | ++nxt; |
| 939 | if (nxt == cur) |
| 940 | continue; |
| 941 | *nxt = '\0'; |
| 942 | |
| 943 | /* found valid data */ |
| 944 | lmap_this = malloc(sizeof(*lmap_this)); |
| 945 | if (lmap_this == NULL) { |
| 946 | perror("malloc"); |
| 947 | goto out; |
| 948 | } |
| 949 | lmap_this->id = id; |
| 950 | lmap_this->name = strdup(cur); |
| 951 | if (lmap_this->name == NULL) { |
| 952 | free(lmap_this); |
| 953 | goto out; |
| 954 | } |
| 955 | lmap_this->next = NULL; |
| 956 | |
| 957 | if (lmap_prev != NULL) |
| 958 | lmap_prev->next = lmap_this; |
| 959 | else |
| 960 | lmap_head = lmap_this; |
| 961 | lmap_prev = lmap_this; |
| 962 | } |
| 963 | |
| 964 | fclose(fp); |
| 965 | return lmap_head; |
| 966 | out: |
| 967 | xtables_lmap_free(lmap_head); |
| 968 | return NULL; |
| 969 | } |
| 970 | |
| 971 | void xtables_lmap_free(struct xtables_lmap *head) |
| 972 | { |
| 973 | struct xtables_lmap *next; |
| 974 | |
| 975 | for (; head != NULL; head = next) { |
| 976 | next = head->next; |
| 977 | free(head->name); |
| 978 | free(head); |
| 979 | } |
| 980 | } |
| 981 | |
| 982 | int xtables_lmap_name2id(const struct xtables_lmap *head, const char *name) |
| 983 | { |
| 984 | for (; head != NULL; head = head->next) |
| 985 | if (strcmp(head->name, name) == 0) |
| 986 | return head->id; |
| 987 | return -1; |
| 988 | } |
| 989 | |
| 990 | const char *xtables_lmap_id2name(const struct xtables_lmap *head, int id) |
| 991 | { |
| 992 | for (; head != NULL; head = head->next) |
| 993 | if (head->id == id) |
| 994 | return head->name; |
| 995 | return NULL; |
| 996 | } |