svn commit: r214649 - projects/jailconf/usr.sbin/jail

Mon Nov 1 21:37:28 UTC 2010

Author: jamie
Date: Mon Nov  1 21:37:28 2010
New Revision: 214649
URL: http://svn.freebsd.org/changeset/base/214649

Log:
  Combine check_intparams() and ip_params(), JF_CHECKINT and JF_IPPARAMS.

Modified:
  projects/jailconf/usr.sbin/jail/config.c
  projects/jailconf/usr.sbin/jail/jail.c
  projects/jailconf/usr.sbin/jail/jailp.h

Modified: projects/jailconf/usr.sbin/jail/config.c
==============================================================================

--- projects/jailconf/usr.sbin/jail/config.c	Mon Nov  1 21:04:23 2010	(r214648)
+++ projects/jailconf/usr.sbin/jail/config.c	Mon Nov  1 21:37:28 2010	(r214649)
@@ -380,45 +380,6 @@ add_param(struct cfjail *j, const struct
 }
 
 /*
- * Check syntax of internal parameters.
- */
-int
-check_intparams(struct cfjail *j)
-{
-	struct cfparam *p;
-	const char *val;
-	char *ep;
-	int error;
-
-	error = 0;
-	TAILQ_FOREACH(p, &j->params, tq) {
-		if (!STAILQ_EMPTY(&p->val) &&
-		    (p->flags & (PF_BOOL | PF_INT))) {
-			val = STAILQ_LAST(&p->val, cfstring, tq)->s;
-			if (p->flags & PF_BOOL) {
-				if (strcasecmp(val, "false") &&
-				    strcasecmp(val, "true") &&
-				    ((void)strtol(val, &ep, 10), *ep)) {
-					jail_warnx(j,
-					    "%s: unknown boolean value \"%s\"",
-					    p->name, val);
-					error = -1;
-				}
-			} else {
-				(void)strtol(val, &ep, 10);
-				if (ep == val || *ep) {
-					jail_warnx(j,
-					    "%s: non-integer value \"%s\"",
-					    p->name, val);
-					error = -1;
-				}
-			}
-		}
-	}
-	return error;
-}
-
-/*
  * Return if a boolean parameter exists and is true.
  */
 int
@@ -458,18 +419,21 @@ string_param(const struct cfparam *p)
 }
 
 /*
- * Look up extra IP addresses from the hostname and save interface and netmask.
+ * Check syntax and values of internal parameters.  Set some internal
+ * parameters based on the values of others.
  */
 int
-ip_params(struct cfjail *j)
+check_intparams(struct cfjail *j)
 {
 	struct in_addr addr4;
-	struct addrinfo hints, *ai0, *ai;
+	struct addrinfo hints;
+	struct addrinfo *ai0, *ai;
+	struct cfparam *p;
 	struct cfstring *s, *ns;
+	const char *hostname, *val;
 	char *cs, *ep;
-	const char *hostname;
 	size_t size;
-	int error, ip4ok, defif, prefix;
+	int error, gicode, ip4ok, defif, prefix;
 	int mib[4];
 	char avalue4[INET_ADDRSTRLEN];
 #ifdef INET6
@@ -479,11 +443,39 @@ ip_params(struct cfjail *j)
 #endif
 
 	error = 0;
+	/* Check format of boolan and integer values. */
+	TAILQ_FOREACH(p, &j->params, tq) {
+		if (!STAILQ_EMPTY(&p->val) &&
+		    (p->flags & (PF_BOOL | PF_INT))) {
+			val = STAILQ_LAST(&p->val, cfstring, tq)->s;
+			if (p->flags & PF_BOOL) {
+				if (strcasecmp(val, "false") &&
+				    strcasecmp(val, "true") &&
+				    ((void)strtol(val, &ep, 10), *ep)) {
+					jail_warnx(j,
+					    "%s: unknown boolean value \"%s\"",
+					    p->name, val);
+					error = -1;
+				}
+			} else {
+				(void)strtol(val, &ep, 10);
+				if (ep == val || *ep) {
+					jail_warnx(j,
+					    "%s: non-integer value \"%s\"",
+					    p->name, val);
+					error = -1;
+				}
+			}
+		}
+	}
+
 	/*
 	 * The ip_hostname parameter looks up the hostname, and adds parameters
 	 * for any IP addresses it finds.
 	 */
-	if (bool_param(j->intparams[IP_IP_HOSTNAME]) &&
+	if (((j->flags & JF_OP_MASK) != JF_STOP ||
+	    j->intparams[IP_INTERFACE] != NULL) &&
+	    bool_param(j->intparams[IP_IP_HOSTNAME]) &&
 	    (hostname = string_param(j->intparams[KP_HOST_HOSTNAME]))) {
 		j->intparams[IP_IP_HOSTNAME] = NULL;
 		/*
@@ -511,10 +503,10 @@ ip_params(struct cfjail *j)
 			    ip6ok ? (ip4ok ? PF_UNSPEC : PF_INET6) :
 #endif
 			    PF_INET;
-			error = getaddrinfo(hostname, NULL, &hints, &ai0);
-			if (error != 0) {
+			gicode = getaddrinfo(hostname, NULL, &hints, &ai0);
+			if (gicode != 0) {
 				jail_warnx(j, "host.hostname %s: %s", hostname,
-				    gai_strerror(error));
+				    gai_strerror(gicode));
 				error = -1;
 			} else {
 				/*
@@ -555,6 +547,7 @@ ip_params(struct cfjail *j)
 			}
 		}
 	}
+
 	/*
 	 * IP addresses may include an interface to set that address on,
 	 * and a netmask/suffix for that address.

Modified: projects/jailconf/usr.sbin/jail/jail.c
==============================================================================
--- projects/jailconf/usr.sbin/jail/jail.c	Mon Nov  1 21:04:23 2010	(r214648)
+++ projects/jailconf/usr.sbin/jail/jail.c	Mon Nov  1 21:37:28 2010	(r214649)
@@ -311,23 +311,17 @@ main(int argc, char **argv)
 			dep_done(j, 0);
 			continue;
 		}
-		if (!(j->flags & JF_CHECKINT))
+		if (!(j->flags & JF_PARAMS))
 		{
-			j->flags |= JF_CHECKINT;
+			j->flags |= JF_PARAMS;
 			if (dflag)
 				add_param(j, NULL, IP_ALLOW_DYING, NULL);
 			if (check_intparams(j) < 0)
 				continue;
-		}
-		if (!(j->flags & JF_IPPARAMS) && (!JF_DO_STOP(j->flags) ||
-		    j->intparams[IP_INTERFACE] != NULL)) {
-			j->flags |= JF_IPPARAMS;
-			if (ip_params(j) < 0)
+			if ((j->flags & (JF_START | JF_SET)) &&
+			    import_params(j) < 0)
 				continue;
 		}
-		if (j->jp == NULL && (j->flags & (JF_START | JF_SET)) &&
-		    import_params(j) < 0)
-			continue;
 		if (!j->jid)
 			running_jid(j,
 			    (j->flags & (JF_SET | JF_DEPEND)) == JF_SET

Modified: projects/jailconf/usr.sbin/jail/jailp.h
==============================================================================
--- projects/jailconf/usr.sbin/jail/jailp.h	Mon Nov  1 21:04:23 2010	(r214648)
+++ projects/jailconf/usr.sbin/jail/jailp.h	Mon Nov  1 21:37:28 2010	(r214649)
@@ -57,15 +57,14 @@
 #define JF_DEPEND	0x0008	/* Operation required by dependency */
 #define JF_WILD		0x0010	/* Not specified on the command line */
 #define JF_FAILED	0x0020	/* Operation failed */
-#define JF_CHECKINT	0x0040	/* Checked internal parameters */
-#define JF_IPPARAMS	0x0080	/* Looked up jail hostname for IP_HOSTNAME */
-#define JF_RDTUN	0x0100	/* Create-only parameter check has been done */
-#define JF_IFUP		0x0200	/* IP addresses have been configured */
-#define JF_MOUNTED	0x0400	/* Filesystems have been mounted */
-#define JF_PERSIST	0x0800	/* Jail is temporarily persistent */
-#define JF_TIMEOUT	0x1000	/* A command (or process kill) timed out */
-#define JF_RUNQ		0x2000	/* Jail was in the run qeueue */
-#define JF_BACKGROUND	0x4000	/* Command was run in the background */
+#define JF_PARAMS	0x0040	/* Parameters checked and imported */
+#define JF_RDTUN	0x0080	/* Create-only parameter check has been done */
+#define JF_IFUP		0x0100	/* IP addresses have been configured */
+#define JF_MOUNTED	0x0200	/* Filesystems have been mounted */
+#define JF_PERSIST	0x0400	/* Jail is temporarily persistent */
+#define JF_TIMEOUT	0x0800	/* A command (or process kill) timed out */
+#define JF_RUNQ		0x1000	/* Jail was in the run qeueue */
+#define JF_BACKGROUND	0x2000	/* Command was run in the background */
 
 #define JF_OP_MASK		(JF_START | JF_SET | JF_STOP)
 #define JF_RESTART		(JF_START | JF_STOP)
@@ -197,11 +196,10 @@ extern void load_config(void);
 extern struct cfjail *add_jail(void);
 extern void add_param(struct cfjail *j, const struct cfparam *p,
     enum intparam ipnum, const char *value);
-extern int check_intparams(struct cfjail *j);
 extern int bool_param(const struct cfparam *p);
 extern int int_param(const struct cfparam *p, int *ip);
 extern const char *string_param(const struct cfparam *p);
-extern int ip_params(struct cfjail *j);
+extern int check_intparams(struct cfjail *j);
 extern int import_params(struct cfjail *j);
 extern int equalopts(const char *opt1, const char *opt2);
 extern int wild_jail_name(const char *wname);
