[Nufw-devel] [PATCH 3 of 5] Ignore ACL when no group is specified

nufw-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Nufw-devel] [PATCH 3 of 5] Ignore ACL when no group is specified

From:	Mikael Berthe
Subject:	[Nufw-devel] [PATCH 3 of 5] Ignore ACL when no group is specified
Date:	Tue, 25 Oct 2005 19:56:05 +0200

# HG changeset patch
# User Mikael Berthe <address@hidden>
# Node ID 033d2becb056050a947c608d44b9b9e1950bbde0
# Parent  b0e7c79601ca4bb8a504f873e2a11cd6e43c2d34
Ignore ACL when no group is specified
(svn revision r863)

diff -r b0e7c79601ca -r 033d2becb056 src/nuauth/modules/plaintext/plaintext.c
--- a/src/nuauth/modules/plaintext/plaintext.c  Sun Oct 23 19:15:45 2005 +0200
+++ b/src/nuauth/modules/plaintext/plaintext.c  Sun Oct 23 19:15:49 2005 +0200
@@ -416,10 +416,15 @@
               if (DEBUG_OR_NOT(DEBUG_LEVEL_VERBOSE_DEBUG,DEBUG_AREA_MAIN))
                   g_message("Done with ACL [%s]", newacl->aclname);
 #endif
-              // check if ACL node has minimal information (protocol?)
+              // check if ACL node has minimal information
               // Warning: this code is duplicated after the loop
-              if (newacl->proto == IPPROTO_TCP || newacl->proto == IPPROTO_UDP
-                      || newacl->proto == IPPROTO_ICMP) {
+              if (!newacl->groups) {
+                  if (DEBUG_OR_NOT(DEBUG_LEVEL_WARNING,DEBUG_AREA_AUTH))
+                      g_message("No group(s) declared in ACL %s",
+                              newacl->aclname);
+              } else if (newacl->proto == IPPROTO_TCP ||
+                         newacl->proto == IPPROTO_UDP ||
+                         newacl->proto == IPPROTO_ICMP) {
                   // ACL node is ready
                   plaintext_acllist = g_slist_prepend(plaintext_acllist, 
newacl);
               } else {
@@ -621,10 +626,15 @@
       if (DEBUG_OR_NOT(DEBUG_LEVEL_VERBOSE_DEBUG,DEBUG_AREA_MAIN))
           g_message("Done with ACL [%s]", newacl->aclname);
 #endif
-      // check if ACL node has minimal information (protocol?)
+      // check if ACL node has minimal information
       // Warning: this code is duplicated after the loop
-      if (newacl->proto == IPPROTO_TCP || newacl->proto == IPPROTO_UDP ||
-              newacl->proto == IPPROTO_ICMP) {
+      if (!newacl->groups) {
+          if (DEBUG_OR_NOT(DEBUG_LEVEL_WARNING,DEBUG_AREA_AUTH))
+              g_message("No group(s) declared in ACL %s",
+                      newacl->aclname);
+      } else if (newacl->proto == IPPROTO_TCP ||
+                 newacl->proto == IPPROTO_UDP ||
+                 newacl->proto == IPPROTO_ICMP) {
           // ACL node is ready
           plaintext_acllist = g_slist_prepend(plaintext_acllist, newacl);
       } else if (DEBUG_OR_NOT(DEBUG_LEVEL_WARNING,DEBUG_AREA_AUTH))

[Prev in Thread]

Current Thread

[Next in Thread]

[Nufw-devel] [PATCH 0 of 5] Plaintext module updates, Mikael Berthe, 2005/10/25
- [Nufw-devel] [PATCH 1 of 5] Unmix tabs and spaces in plaintext.c, Mikael Berthe, 2005/10/25
- [Nufw-devel] [PATCH 2 of 5] Free all data in g_module_unload(), Mikael Berthe, 2005/10/25
- [Nufw-devel] [PATCH 5 of 5] plaintext: Add ICMP type support, Mikael Berthe, 2005/10/25
- [Nufw-devel] [PATCH 4 of 5] plaintext: do not add a port range when the range is bad, Mikael Berthe, 2005/10/25
- [Nufw-devel] [PATCH 3 of 5] Ignore ACL when no group is specified, Mikael Berthe <=

Prev by Date: [Nufw-devel] [PATCH 0 of 5] Plaintext module updates
Next by Date: [Nufw-devel] [PATCH 0 of 7] Warning fixes
Previous by thread: [Nufw-devel] [PATCH 4 of 5] plaintext: do not add a port range when the range is bad
Next by thread: [Nufw-devel] [PATCH 0 of 7] Warning fixes
Index(es):
- Date
- Thread