From ebe84046981c7cb0fecc319b141aaca9b595d75b Mon Sep 17 00:00:00 2001 From: Jens Mueller Date: Thu, 28 Feb 2019 21:24:03 +0100 Subject: [PATCH] remove misleading unevaluated access check --- doc/examples/vcontrold.xml | 3 -- src/socket.c | 2 +- src/socket.h | 2 +- src/vcontrold.c | 29 +---------- src/vsim.c | 4 +- src/xmlconfig.c | 103 ------------------------------------- src/xmlconfig.h | 9 ---- xml/300/vcontrold.xml | 2 - xml/kw/vcontrold.xml | 2 - 9 files changed, 5 insertions(+), 151 deletions(-) diff --git a/doc/examples/vcontrold.xml b/doc/examples/vcontrold.xml index 1b272969..989f0ded 100644 --- a/doc/examples/vcontrold.xml +++ b/doc/examples/vcontrold.xml @@ -7,9 +7,6 @@ 3002 - - - /tmp/vcontrold.log diff --git a/src/socket.c b/src/socket.c index 8ecc75f4..7e7f5251 100644 --- a/src/socket.c +++ b/src/socket.c @@ -126,7 +126,7 @@ int openSocket(int tcpport) return listenfd; } -int listenToSocket(int listenfd, int makeChild, short (*checkP)(char *)) +int listenToSocket(int listenfd, int makeChild) { int connfd; pid_t childpid; diff --git a/src/socket.h b/src/socket.h index 504ed4e5..e2f76b4c 100644 --- a/src/socket.h +++ b/src/socket.h @@ -20,7 +20,7 @@ #include int openSocket(int tcpport); -int listenToSocket(int listenfd, int makeChild, short (*checkP)(char *)); +int listenToSocket(int listenfd, int makeChild); int openCliSocket(char *host, int port, int noTCPdelay); void closeSocket(int sockfd); diff --git a/src/vcontrold.c b/src/vcontrold.c index 0e7cac57..3ccdc48b 100644 --- a/src/vcontrold.c +++ b/src/vcontrold.c @@ -76,7 +76,6 @@ void printHelp(int socketfd); int rawModus (int socketfd, char *device); static void sigPipeHandler(int signo); static void sigHupHandler(int signo); -short checkIP(char *ip); int reloadConfig(); void usage() @@ -94,19 +93,6 @@ void usage() exit(1); } -short checkIP(char *ip) -{ - allowPtr aPtr; - - if ((aPtr = getAllowNode(cfgPtr->aPtr, inet_addr(ip)))) { - logIT(LOG_INFO, "%s in allowList (%s)", ip, aPtr->text); - return 1; - } else { - logIT(LOG_INFO, "%s not in allowList", ip); - return 0; - } -} - int reloadConfig() { if (parseXMLFile(xmlfile)) { @@ -889,18 +875,7 @@ int main(int argc, char *argv[]) } int sockfd = -1; - int listenfd = -1; - // Pointer to the checkIP function - short (*checkP)(char *); - - if (cfgPtr->aPtr) { - // We have an allow list - checkP = checkIP; - } else { - checkP = NULL; - } - - listenfd = openSocket(tcpport); + int listenfd = openSocket(tcpport); // Drop privileges after binding if (0 == getuid()) { @@ -966,7 +941,7 @@ int main(int argc, char *argv[]) vcontrol_seminit(); while (1) { - sockfd = listenToSocket(listenfd, makeDaemon, checkP); + sockfd = listenToSocket(listenfd, makeDaemon); if (signal(SIGPIPE, sigPipeHandler) == SIG_ERR) { logIT1(LOG_ERR, "Signal error"); exit(1); diff --git a/src/vsim.c b/src/vsim.c index 50540244..b5036bc8 100644 --- a/src/vsim.c +++ b/src/vsim.c @@ -41,13 +41,11 @@ #define SERVERPORT 6578 int makeDaemon = 0; int inetversion = 0; -short (*checkP)(char *) = NULL; int readCmdFile(char *filename, char *result, int *resultLen, char *device ); int interactive(int socketfd, char *device); void printHelp(int socketfd); int rawModus (int socketfd, char *device); static void sigPipeHandler(int signo); -short checkIP(char *ip); void logIT (int class, char *string, ...) { @@ -158,7 +156,7 @@ int main(int argc, char *argv[]) listenfd = openSocket(SERVERPORT); while (1) { - sockfd = listenToSocket(listenfd, makeDaemon, checkP); + sockfd = listenToSocket(listenfd, makeDaemon); if (signal(SIGPIPE, sigPipeHandler) == SIG_ERR) { logIT(LOG_ERR, "Signal error"); exit(1); diff --git a/src/xmlconfig.c b/src/xmlconfig.c index 93eaf48d..62081a83 100644 --- a/src/xmlconfig.c +++ b/src/xmlconfig.c @@ -42,7 +42,6 @@ void removeMacroList(macroPtr ptr); void removeCommandList(commandPtr ptr); void removeDeviceList(devicePtr ptr); void removeIcmdList(icmdPtr ptr); -void removeAllowList(allowPtr ptr); void removeEnumList(enumPtr ptr); void freeAllLists(); @@ -385,51 +384,6 @@ void removeIcmdList(icmdPtr ptr) } } -allowPtr getAllowNode(allowPtr ptr, const in_addr_t testIP) -{ - if (! ptr) { - return NULL; - } - - if ((ntohl(ptr->ip) & ptr->mask) == (ntohl(testIP) & ptr->mask)) { - return ptr; - } - - return getAllowNode(ptr->next, testIP); -} - -allowPtr newAllowNode(allowPtr ptr) -{ - allowPtr nptr; - if (ptr && ptr->next) { - return newAllowNode(ptr->next); - } - - nptr = calloc(1, sizeof(Allow)); - if (! nptr) { - fprintf(stderr, "malloc failed\n"); - exit(1); - } - - if (ptr) { - ptr->next = nptr; - } - - return nptr; -} - -void removeAllowList(allowPtr ptr) -{ - if (ptr && ptr->next) { - removeAllowList(ptr->next); - } - - if (ptr) { - free(ptr->text); - free(ptr); - } -} - enumPtr newEnumNode(enumPtr ptr) { enumPtr nptr; @@ -555,14 +509,12 @@ configPtr parseConfig(xmlNodePtr cur) char *chrPtr; xmlNodePtr prevPtr; //char string[256]; - allowPtr aPtr; char ip[16]; cfgPtr = calloc(1, sizeof(Config)); cfgPtr->port = 0; cfgPtr->syslog = 0; cfgPtr->debug = 0; - cfgPtr->aPtr = NULL; while (cur) { logIT(LOG_INFO, "CONFIG:(%d) Node::Name=%s Type:%d Content=%s", @@ -650,60 +602,6 @@ configPtr parseConfig(xmlNodePtr cur) } (cur->next && (! (cur->next->type == XML_TEXT_NODE) || cur->next->next)) ? (cur = cur->next) : (cur = prevPtr->next); - } else if (netFound && strstr((char *)cur->name, "allow")) { - chrPtr = getPropertyNode(cur->properties, (xmlChar *)"ip"); - logIT(LOG_INFO, " (%d) Node::Name=%s Type:%d Content=%s", cur->line, cur->name, cur->type, chrPtr); - - // We now disassemble chrPtr to ip/size. - // If no mask is given, we assume /32. - // Afterwards, we build an inverse mask and put it in mask. - // ip == text content ip address mask == bitmask - - char *ptr; - short count; - short size; - in_addr_t mask; - - bzero(ip, sizeof(ip)); - //bzero(string,sizeof(string)); - if ((ptr = strchr(chrPtr, '/'))) { -#if 0 - strncpy(string, ptr + 1, sizeof(string) - 1); - size = atoi(string); -#endif - size = atoi(ptr + 1); - strncpy(ip, chrPtr, ptr - chrPtr); - } else { - strncpy(ip, chrPtr, sizeof(ip) - 1); - size = 32; - } - - if (inet_addr(ip) != INADDR_NONE) { - aPtr = newAllowNode(cfgPtr->aPtr); - aPtr->text = calloc(strlen(chrPtr) + 1, sizeof(char)); - strcpy(aPtr->text, chrPtr); - mask = 0; - // We assemble a bitmask - if (size) { - mask = 0x80000000; - for (count = 0; count < size - 1; count++) { - mask >>= 1; - mask |= 0x80000000; - } - } - aPtr->mask = mask; - aPtr->ip = inet_addr(ip); - - if (! cfgPtr->aPtr) { - cfgPtr->aPtr = aPtr; - } - - logIT(LOG_INFO, " Allow IP:%s Size:/%d", ip, size); - } - - (cur->next && (! (cur->next->type == XML_TEXT_NODE) || cur->next->next)) - ? (cur = cur->next) : (cur = prevPtr->next); - } else if (logFound && strstr((char *)cur->name, "file")) { chrPtr = getTextNode(cur); logIT(LOG_INFO, " (%d) Node::Name=%s Type:%d Content=%s", @@ -1592,7 +1490,6 @@ void freeAllLists() free(cfgPtr->tty); free(cfgPtr->logfile); free(cfgPtr->devID); - removeAllowList(cfgPtr->aPtr); free(cfgPtr); cfgPtr = NULL; } diff --git a/src/xmlconfig.h b/src/xmlconfig.h index 5a09740b..f58a4d54 100644 --- a/src/xmlconfig.h +++ b/src/xmlconfig.h @@ -34,17 +34,9 @@ int parseXMLFile(char *filename); macroPtr getMacroNode(macroPtr ptr, const char *name); unitPtr getUnitNode(unitPtr ptr, const char *name); commandPtr getCommandNode(commandPtr ptr, const char *name); -allowPtr getAllowNode(allowPtr ptr, in_addr_t testIP); enumPtr getEnumNode(enumPtr prt, char *search, int len); icmdPtr getIcmdNode(icmdPtr ptr, const char *name); -struct allow { - char *text; - in_addr_t ip; - in_addr_t mask; - allowPtr next; -} Allow; - struct compile { int token; char *send; @@ -63,7 +55,6 @@ struct config { char *groupname; char *devID; devicePtr devPtr; - allowPtr aPtr; int syslog; int debug; } Config; diff --git a/xml/300/vcontrold.xml b/xml/300/vcontrold.xml index 650f4411..94fb838e 100644 --- a/xml/300/vcontrold.xml +++ b/xml/300/vcontrold.xml @@ -13,8 +13,6 @@ 3002 - - vcontrold.log diff --git a/xml/kw/vcontrold.xml b/xml/kw/vcontrold.xml index 76244f21..c5ad14e7 100644 --- a/xml/kw/vcontrold.xml +++ b/xml/kw/vcontrold.xml @@ -7,8 +7,6 @@ 3002 - - /tmp/vcontrold.log