diff --git a/src/acl.c b/src/acl.c index 81b6113..4efc82a 100644 --- a/src/acl.c +++ b/src/acl.c @@ -57,11 +57,6 @@ struct acl_s { } address; }; -/* - * All the access lists are stored in a vector. - */ -static vector_t access_list = NULL; - /* * Fills in the netmask array given a numeric value. * @@ -109,11 +104,11 @@ fill_netmask_array (char *bitmask_string, unsigned char array[], /** * If the access list has not been set up, create it. */ -static int init_access_list(void) +static int init_access_list(vector_t *access_list) { - if (!access_list) { - access_list = vector_create (); - if (!access_list) { + if (!*access_list) { + *access_list = vector_create (); + if (!*access_list) { log_message (LOG_ERR, "Unable to allocate memory for access list"); return -1; @@ -132,7 +127,7 @@ static int init_access_list(void) * -1 on failure * 0 otherwise. */ -int insert_acl (char *location, acl_access_t access_type) +int insert_acl (char *location, acl_access_t access_type, vector_t *access_list) { struct acl_s acl; int ret; @@ -140,7 +135,7 @@ int insert_acl (char *location, acl_access_t access_type) assert (location != NULL); - ret = init_access_list(); + ret = init_access_list(access_list); if (ret != 0) { return -1; } @@ -189,7 +184,7 @@ int insert_acl (char *location, acl_access_t access_type) } } - ret = vector_append (access_list, &acl, sizeof (struct acl_s)); + ret = vector_append (*access_list, &acl, sizeof (struct acl_s)); return ret; } @@ -311,7 +306,7 @@ static int check_numeric_acl (const struct acl_s *acl, const char *ip) * 1 if allowed * 0 if denied */ -int check_acl (const char *ip, const char *host) +int check_acl (const char *ip, const char *host, vector_t access_list) { struct acl_s *acl; int perm = 0; @@ -358,7 +353,7 @@ int check_acl (const char *ip, const char *host) return 0; } -void flush_access_list (void) +void flush_access_list (vector_t access_list) { struct acl_s *acl; size_t i; diff --git a/src/acl.h b/src/acl.h index e71444d..b1a5dee 100644 --- a/src/acl.h +++ b/src/acl.h @@ -23,8 +23,10 @@ typedef enum { ACL_ALLOW, ACL_DENY } acl_access_t; -extern int insert_acl (char *location, acl_access_t access_type); -extern int check_acl (const char *ip_address, const char *string_address); -extern void flush_access_list (void); +extern int insert_acl (char *location, acl_access_t access_type, + vector_t *access_list); +extern int check_acl (const char *ip_address, const char *string_address, + vector_t access_list); +extern void flush_access_list (vector_t access_list); #endif diff --git a/src/conf.c b/src/conf.c index e4c2c35..adc7def 100644 --- a/src/conf.c +++ b/src/conf.c @@ -618,7 +618,7 @@ static HANDLE_FUNC (handle_allow) { char *arg = get_string_arg (line, &match[2]); - insert_acl (arg, ACL_ALLOW); + insert_acl (arg, ACL_ALLOW, &conf->access_list); safefree (arg); return 0; } @@ -627,7 +627,7 @@ static HANDLE_FUNC (handle_deny) { char *arg = get_string_arg (line, &match[2]); - insert_acl (arg, ACL_DENY); + insert_acl (arg, ACL_DENY, &conf->access_list); safefree (arg); return 0; } diff --git a/src/main.h b/src/main.h index bb7ea46..1091893 100644 --- a/src/main.h +++ b/src/main.h @@ -24,6 +24,7 @@ #include "common.h" #include "hashmap.h" +#include "vector.h" /* Global variables for the main controls of the program */ #define MAXBUFFSIZE ((size_t)(1024 * 96)) /* Max size of buffer */ @@ -88,6 +89,8 @@ struct config_s { * The HTML statistics page. */ char *statpage; + + vector_t access_list; }; /* Global Structures used in the program */ diff --git a/src/reqs.c b/src/reqs.c index 0d5f0e1..1baab95 100644 --- a/src/reqs.c +++ b/src/reqs.c @@ -1403,7 +1403,7 @@ void handle_connection (int fd) return; } - if (check_acl (peer_ipaddr, peer_string) <= 0) { + if (check_acl (peer_ipaddr, peer_string, config.access_list) <= 0) { update_stats (STAT_DENIED); indicate_http_error (connptr, 403, "Access denied", "detail",