From 787ce00e997d63a9ce1f1c16cf79b3ff1afd2588 Mon Sep 17 00:00:00 2001 From: David Sommerseth Date: Wed, 25 Aug 2010 19:22:10 +0200 Subject: Completed the needed changes for the new firewall plug-in API Moved over the missing pieces to use the eFWupdateRequest struct. This is a continuation of the work started in commit bdd956adcccd91ff553278fd73cea7 Signed-off-by: David Sommerseth --- plugin/eurephia.c | 24 +++++++++++++++++------- 1 file changed, 17 insertions(+), 7 deletions(-) (limited to 'plugin/eurephia.c') diff --git a/plugin/eurephia.c b/plugin/eurephia.c index 370885e..5e1e19c 100644 --- a/plugin/eurephia.c +++ b/plugin/eurephia.c @@ -257,7 +257,7 @@ int eurephia_tlsverify(eurephiaCTX *ctx, const char **env, const char *depth_str int result = 0; char *ipaddr; char *tls_digest, *tls_id; - unsigned int depth = atoi_nullsafe(depth_str); + unsigned int depth = atoi_nullsafe(depth_str); certinfo *ci = NULL; DEBUG(ctx, 10, "** Function call: eurephia_tlsverify(...)"); @@ -269,7 +269,9 @@ int eurephia_tlsverify(eurephiaCTX *ctx, const char **env, const char *depth_str // If fw blacklisting is configured, also blacklist there too if( (ctx->fwcfg != NULL) && (ctx->fwcfg->fwblacklist != NULL ) ) { - eFW_UpdateFirewall(ctx, FWRULE_BLACKLIST, ipaddr, ctx->fwcfg->fwblacklist, NULL); + eFWupdateRequest req = { .mode = fwBLACKLIST, }; + strncpy(req.ipaddress, ipaddr, sizeof(req.ipaddress)); + eFW_UpdateFirewall(ctx, &req); } free_nullsafe(ctx, ipaddr); return 0; @@ -341,7 +343,9 @@ int eurephia_userauth(eurephiaCTX *ctx, const char **env) // If fw blacklisting is configured, also blacklist there too if( (ctx->fwcfg != NULL) && (ctx->fwcfg->fwblacklist != NULL ) ) { - eFW_UpdateFirewall(ctx, FWRULE_BLACKLIST, ipaddr, ctx->fwcfg->fwblacklist, NULL); + eFWupdateRequest req = { .mode = fwBLACKLIST, }; + strncpy(req.ipaddress, ipaddr, sizeof(req.ipaddress)); + eFW_UpdateFirewall(ctx, &req); } free_nullsafe(ctx, ipaddr); @@ -669,8 +673,11 @@ int eurephia_learn_address(eurephiaCTX *ctx, const char *mode, const char *macad if( (fw_enabled) && (fwdest != NULL) ) { fwprofile = eDBget_firewall_profile(ctx, session); if( fwprofile != NULL ) { - eFW_UpdateFirewall(ctx, FWRULE_ADD, macaddr, fwdest, fwprofile); - free_nullsafe(ctx, fwprofile); + eFWupdateRequest req = { .mode = fwADD, }; + strncpy(req.macaddress, macaddr, sizeof(req.macaddress)); + strncpy(req.rule_destination, fwdest, sizeof(req.rule_destination)); + strncpy(req.goto_destination, fwprofile, sizeof(req.goto_destination)); + eFW_UpdateFirewall(ctx, &req); } } eDBfree_session(ctx, session); @@ -690,8 +697,11 @@ int eurephia_learn_address(eurephiaCTX *ctx, const char *mode, const char *macad if( (fw_enabled) && (fwdest != NULL) ) { fwprofile = eDBget_firewall_profile(ctx, session); if( fwprofile != NULL ) { - eFW_UpdateFirewall(ctx, FWRULE_DELETE, macaddr, fwdest, fwprofile); - free_nullsafe(ctx, fwprofile); + eFWupdateRequest req = { .mode = fwDELETE, }; + strncpy(req.macaddress, macaddr, sizeof(req.macaddress)); + strncpy(req.rule_destination, fwdest, sizeof(req.rule_destination)); + strncpy(req.goto_destination, fwprofile, sizeof(req.goto_destination)); + eFW_UpdateFirewall(ctx, &req); } } ret = eDBdestroy_session(ctx, session); -- cgit