+static void
+conf_set_blacklist_matches(void *data)
+{
+ conf_parm_t *args = data;
+
+ for (; args; args = args->next)
+ {
+ struct BlacklistFilter *filter;
+ char *str = args->v.string;
+ char *p;
+ int type = BLACKLIST_FILTER_LAST;
+
+ if (CF_TYPE(args->type) != CF_QSTRING)
+ {
+ conf_report_error("blacklist::matches -- must be quoted string");
+ continue;
+ }
+
+ if (str == NULL)
+ {
+ conf_report_error("blacklist::matches -- invalid entry");
+ continue;
+ }
+
+ if (strlen(str) > HOSTIPLEN)
+ {
+ conf_report_error("blacklist::matches has an entry too long: %s",
+ str);
+ continue;
+ }
+
+ for (p = str; *p != '\0'; p++)
+ {
+ /* Check for validity */
+ if (*p == '.')
+ type = BLACKLIST_FILTER_ALL;
+ else if (!isalnum((unsigned char)*p))
+ {
+ conf_report_error("blacklist::matches has invalid IP match entry %s",
+ str);
+ type = 0;
+ break;
+ }
+ }
+
+ if (type == BLACKLIST_FILTER_ALL)
+ {
+ /* Basic IP sanity check */
+ struct rb_sockaddr_storage tmp;
+ if (rb_inet_pton(AF_INET, str, &tmp) <= 0)
+ {
+ conf_report_error("blacklist::matches has invalid IP match entry %s",
+ str);
+ continue;
+ }
+ }
+ else if (type == BLACKLIST_FILTER_LAST)
+ {
+ /* Verify it's the correct length */
+ if (strlen(str) > 3)
+ {
+ conf_report_error("blacklist::matches has invalid octet match entry %s",
+ str);
+ continue;
+ }
+ }
+ else
+ {
+ continue; /* Invalid entry */
+ }
+
+ filter = rb_malloc(sizeof(struct BlacklistFilter));
+ filter->type = type;
+ rb_strlcpy(filter->filterstr, str, sizeof(filter->filterstr));
+
+ rb_dlinkAdd(filter, &filter->node, &yy_blacklist_filters);
+ }
+}
+