Context Navigation

source: libabac/abac_pl_yy.c @ ca72963

mei_rt2mei_rt2_fix_1

Last change on this file since ca72963 was ca72963, checked in by Mei <mei@…>, 12 years ago

1) added expanded constraint item insertion calls

add new abac_condition_x to support them

Property mode set to 100644

File size: 30.8 KB

Rev	Line
[a9494ad]	1
	2	/* C declarations */
	3	#include <stdio.h>
	4	#include <string.h>
	5	#include <stdlib.h>
[da5afdf]	6	#include <assert.h>
[a9494ad]	7
	8	#include "abac_util.h"
	9	#include "abac_pl_yy.h"
	10
	11	static int debug=0;
	12
[9335cfa]	13	int using_this=0;
	14
[b5a3da4]	15	extern void panic(char*);
	16
	17	/* from abac_pl_gen.c */
[8bd77b5]	18	extern abac_list_t generate_pl_clauses(abac_aspect_t , abac_aspect_t *);
[440ba20]	19
[b5a3da4]	20	/* from rt2.y */
	21	extern void abac_yyinit();
[a9494ad]	22
[b5a3da4]	23	int abac_yy_error_code = 0; /* keeping last error code */
[a9494ad]	24
[b5a3da4]	25	int abac_rule_is_oset=0;
	26	abac_list_t *abac_rule_clauses=NULL;
	27	abac_stack_t abac_rule_id_clauses=NULL; / tracking individual id credentials */
[8bd77b5]	28	abac_aspect_t *abac_rule_head_aspect=NULL;
	29	abac_aspect_t *abac_rule_tail_aspect=NULL;
[da5afdf]	30
[a9494ad]	31
[da5afdf]	32	/* structure to hold the range information
	33	within a static constraints on few types of
	34	oset types
	35	[a..b], [a..], [..b], [a],[a,b],[many a]
	36	e_yy_RANGE_MIN=1;
	37	e_yy_RANGE_MAX=2;
	38	e_yy_RANGE_TARGET=3;
	39	*/
	40	typedef struct _abac_yy_range_t {
	41	int type;
	42	char *val;
	43	} abac_yy_range_t;
	44
[a9494ad]	45	/* local principal structure [keyid:USC] */
	46	struct _abac_yy_principal_t {
	47	int type;
[da5afdf]	48	char *sha; // sha is null when this is of object type
	49	char *cn;
[a9494ad]	50	};
	51
[da5afdf]	52	/* [principal:?Z]:..., must match a principal name */
	53	struct _abac_yy_term_principal_t {
[a9494ad]	54	int type; /* this needs to be implicitly determined */
[9806e76]	55	int is_anonymous;
[a9494ad]	56	char *name;
[440ba20]	57	int isrange;
	58	char *cond_str; // range string ??? not sure if this is possible
	59	void *cond_ptr; // ptr to a saved abac_aspect_t or a list(item_t)
[da5afdf]	60	abac_yy_expression_t *cond_head_expr;
[a9494ad]	61	};
	62
[b5a3da4]	63	/* integer,float,time,urn,string types,
	64	if has condition, then it is a variable,
[a9494ad]	65	ie,
	66	[int:?Year]:<1930..1932>,
	67	if no condition, then it is a constant,
	68	ie,
	69	[int:10]
	70	*/
[da5afdf]	71	struct _abac_yy_term_data_t {
[a9494ad]	72	int is_variable;
[9806e76]	73	int is_anonymous;
[a9494ad]	74	int type;
	75	char *name;
[440ba20]	76	char *cond_str; // range string
	77	void *cond_ptr; // ptr to a saved abac_aspect_t
[da5afdf]	78	abac_list_t *cond_range;
	79	abac_yy_expression_t *cond_head_expr; // parking stub
[a9494ad]	80	};
	81
[da5afdf]	82	/* local term structure, will distinguish it in the future */
	83	/* e_yy_DTERM_DATA, all other types
	84	e_yy_DTERM_NAMED, keyid:bob
	85	e_yy_DTERM_PRINCIPAL, principal:?P
	86	e_yy_DTERM_ANONYMOUS ? */
	87	struct _abac_yy_term_t {
[a9494ad]	88	union {
	89	abac_yy_principal_t *n_ptr;
[da5afdf]	90	abac_yy_term_principal_t *p_ptr;
	91	abac_yy_term_data_t *d_ptr;
[a9494ad]	92	} term;
	93	int type;
[da5afdf]	94	struct _abac_yy_term_t *next;
	95	int bcnt; /* this is to track number of terms in this linked up list */
[a9494ad]	96	};
	97
[8bd77b5]	98	/* local role/oset structure,
	99	e_yy_NULL_TYPE, e_yy_ROLE_TYPE, e_yy_OSET_TYPE
	100	*/
	101	struct _abac_yy_roleoset_t {
[a9494ad]	102	int type;
	103	char *name;
[da5afdf]	104	abac_yy_term_t *terms;
[8bd77b5]	105	struct _abac_yy_roleoset_t *next;
[a9494ad]	106	int bcnt; /* this is to track number of roles in this linked up list */
	107	};
	108
[da5afdf]	109
	110	/* A, A.r, A.r.r */
	111	/* type: e_yy_EXPR_NAMED,e_yy_EXPR_ROLE,e_yy_EXPR_LINKED */
	112	/* A/obj, A.o, A.r.o */
	113	/* type: e_yy_EXPR_NAMED, e_yy_EXPR_OBJECT, e_yy_EXPR_OSET,e_yy_EXPR_LINKED */
	114	struct _abac_yy_expression_t {
	115	int type;
	116	union {
	117	abac_yy_principal_t *principal;
	118	abac_yy_term_data_t *object;
	119	};
[8bd77b5]	120	abac_yy_roleoset_t *linked_role;
	121	abac_yy_roleoset_t *roleoset;
	122
[da5afdf]	123	struct _abac_yy_expression_t *next;
[a9494ad]	124	int bcnt;
	125	};
[b5a3da4]	126
	127	static void _free_yy_expression(abac_yy_expression_t *);
	128
	129	/************************************************************************/
	130	void abac_yy_set_error_code(int v)
	131	{
	132	abac_yy_error_code=v;
	133	}
	134
	135	/************************************************************************/
	136	abac_stack_t *abac_yy_get_rule_id_clauses()
	137	{
	138	return abac_rule_id_clauses;
	139	}
	140
	141	abac_stack_t *abac_yy_init_rule_id_clauses()
	142	{
	143	abac_rule_id_clauses=abac_stack_new();
	144	return abac_rule_id_clauses;
	145	}
	146
	147	void abac_yy_free_rule_id_clauses()
	148	{
	149	if (abac_rule_id_clauses != NULL)
	150	abac_stack_free(abac_rule_id_clauses);
	151	}
	152
	153	void abac_yy_set_rule_clauses(abac_list_t *clauses)
	154	{
	155	abac_rule_clauses=clauses;
	156	if(debug) {
	157	printf("printing out abac_rule_clauses:\n");
	158	abac_print_clauses(abac_rule_clauses,NULL);
	159	}
	160	}
	161
	162	abac_list_t *abac_yy_get_rule_clauses()
	163	{
	164	return abac_rule_clauses;
	165	}
	166
	167	void abac_yy_free_rule_clauses()
	168	{
	169	if (abac_rule_clauses != NULL) {
[440ba20]	170	abac_pl_free_id_certs();
[b5a3da4]	171	abac_list_free(abac_rule_clauses);
	172	}
	173	}
	174
[8bd77b5]	175	bool abac_yy_get_rule_is_oset()
[b5a3da4]	176	{
	177	return abac_rule_is_oset;
	178	}
	179
[8bd77b5]	180	abac_aspect_t *abac_yy_get_rule_head_aspect()
[b5a3da4]	181	{
[8bd77b5]	182	return abac_rule_head_aspect;
[b5a3da4]	183	}
	184
[8bd77b5]	185	abac_aspect_t *abac_yy_get_rule_tail_aspect()
[b5a3da4]	186	{
[8bd77b5]	187	return abac_rule_tail_aspect;
[b5a3da4]	188	}
	189
[da5afdf]	190
	191	/************************************************************************/
[b5a3da4]	192	static void _free_yy_cond_range(abac_list_t *ptr)
[da5afdf]	193	{
	194	if (ptr != NULL) {
	195	abac_yy_range_t *cur;
	196	abac_list_foreach(ptr, cur,
	197	if(cur && cur->val) free(cur->val);
	198	free(cur);
	199	);
	200	abac_list_free(ptr);
	201	}
	202	}
	203
[b5a3da4]	204	static char _string_yy_cond_range(abac_list_t ptr)
[da5afdf]	205	{
	206	assert(ptr);
	207	char *tmp=NULL;
	208	char *min=NULL;
	209	char *max=NULL;
	210	char *val=NULL;
	211	int type;
[a9494ad]	212
[da5afdf]	213	abac_yy_range_t *cur;
	214	abac_list_foreach(ptr, cur,
	215	type=cur->type;
	216	switch (type) {
	217	case e_yy_RANGE_MIN:
[8bd77b5]	218	min=abac_xstrdup(cur->val);
[da5afdf]	219	break;
	220	case e_yy_RANGE_MAX:
[8bd77b5]	221	max=abac_xstrdup(cur->val);
[da5afdf]	222	break;
	223	case e_yy_RANGE_TARGET:
	224	if(val)
	225	asprintf(&val,"%s,%s",val,cur->val);
[8bd77b5]	226	else val=abac_xstrdup(cur->val);
[da5afdf]	227	break;
	228	}
	229	);
	230	if(max && min) {
	231	asprintf(&tmp,"[%s..%s]",min,max);
	232	free(max);
	233	free(min);
	234	return tmp;
	235	}
	236	if(max) {
	237	asprintf(&tmp,"[..%s]",max);
	238	free(max);
	239	return tmp;
	240	}
	241	if(min) {
	242	asprintf(&tmp,"[%s..]",min);
	243	free(min);
	244	return tmp;
	245	}
	246	if(val) {
	247	asprintf(&tmp,"[%s]",val);
	248	free(val);
	249	return tmp;
	250	}
	251	return NULL;
	252	}
	253
[b5a3da4]	254	abac_list_t add_yy_val_range(abac_list_t ptr, char * val)
[da5afdf]	255	{
	256	abac_yy_range_t *range=
	257	(abac_yy_range_t *) abac_xmalloc(sizeof(abac_yy_range_t));
	258	range->type=e_yy_RANGE_TARGET;
[8bd77b5]	259	range->val=abac_xstrdup(val);
[da5afdf]	260	abac_list_add(ptr, range);
	261	return ptr;
	262	}
	263
[b5a3da4]	264	static abac_list_t _add_yy_range(abac_list_t ptr, int type, char * val)
[da5afdf]	265	{
	266	abac_yy_range_t *range=
	267	(abac_yy_range_t *) abac_xmalloc(sizeof(abac_yy_range_t));
	268	range->type=type;
[8bd77b5]	269	range->val=abac_xstrdup(val);
[da5afdf]	270	abac_list_add(ptr, range);
	271	return ptr;
	272	}
	273
	274	abac_list_t make_yy_val_range(char val)
	275	{
	276	abac_list_t *ptr=abac_list_new();
[b5a3da4]	277	add_yy_val_range(ptr,val);
[da5afdf]	278	return ptr;
	279	}
	280
	281	abac_list_t make_yy_minmax_range(char min, char *max)
	282	{
	283	abac_list_t *ptr=abac_list_new();
[b5a3da4]	284	_add_yy_range(ptr, e_yy_RANGE_MIN, min);
	285	_add_yy_range(ptr, e_yy_RANGE_MAX, max);
[da5afdf]	286	return ptr;
	287	}
	288
	289	abac_list_t make_yy_min_range(char min)
	290	{
	291	abac_list_t *ptr=abac_list_new();
[b5a3da4]	292	_add_yy_range(ptr, e_yy_RANGE_MIN, min);
[da5afdf]	293	return ptr;
	294	}
	295
	296	abac_list_t make_yy_max_range(char max)
	297	{
	298	abac_list_t *ptr=abac_list_new();
[b5a3da4]	299	_add_yy_range(ptr, e_yy_RANGE_MAX, max);
[da5afdf]	300	return ptr;
	301	}
[a9494ad]	302
[b5a3da4]	303	/***********************************************************************/
[9806e76]	304	abac_yy_term_data_t *make_yy_term_data()
[a9494ad]	305	{
[b5a3da4]	306	abac_yy_term_data_t *ptr=
	307	(abac_yy_term_data_t*)abac_xmalloc(sizeof(abac_yy_term_data_t));
[9806e76]	308	ptr->name=NULL;
[b5a3da4]	309	ptr->type=0;
	310	ptr->is_variable=0;
[9806e76]	311	ptr->is_anonymous=0;
[b5a3da4]	312	ptr->cond_str=NULL;
	313	ptr->cond_head_expr=NULL;
	314	ptr->cond_ptr=NULL;
	315	ptr->cond_range=NULL;
	316	return ptr;
[a9494ad]	317	}
	318
[9806e76]	319	void set_yy_term_data_name(abac_yy_term_data_t ptr, char name)
	320	{
[8bd77b5]	321	ptr->name=abac_xstrdup(name);
[9806e76]	322	}
	323
[b5a3da4]	324	abac_list_t get_yy_term_data_cond_range(abac_yy_term_data_t ptr)
[a9494ad]	325	{
[b5a3da4]	326	return ptr->cond_range;
[a9494ad]	327	}
	328
[b5a3da4]	329	char get_yy_term_data_name(abac_yy_term_data_t ptr)
[a9494ad]	330	{
[b5a3da4]	331	return ptr->name;
[a9494ad]	332	}
	333
[8bd77b5]	334	bool is_yy_term_data_has_constraint(abac_yy_term_data_t *ptr)
[a9494ad]	335	{
[b5a3da4]	336	if(ptr->cond_head_expr != NULL)
	337	return 1;
[c586a3c]	338	if(ptr->cond_range != NULL)
[b5a3da4]	339	return 1;
	340	return 0;
[a9494ad]	341	}
	342
[b5a3da4]	343	void set_yy_term_data_cond_range(abac_yy_term_data_t *ptr,
	344	abac_list_t *range)
[a9494ad]	345	{
[b5a3da4]	346	ptr->cond_range=range;
[a9494ad]	347	}
	348
[b5a3da4]	349	void set_yy_term_data_cond_head_expr(abac_yy_term_data_t *ptr,
	350	abac_yy_expression_t *expr)
[a9494ad]	351	{
[b5a3da4]	352	ptr->cond_head_expr=expr;
[a9494ad]	353	}
	354
[b5a3da4]	355	abac_yy_expression_t get_yy_term_data_cond_head_expr(abac_yy_term_data_t ptr)
[da5afdf]	356	{
[b5a3da4]	357	return ptr->cond_head_expr;
[da5afdf]	358	}
	359
[b5a3da4]	360	void set_yy_term_data_type(abac_yy_term_data_t ptr, char typestr)
[a9494ad]	361	{
[440ba20]	362	int type=abac_verify_term_type(typestr);
[b5a3da4]	363	ptr->type=type;
[a9494ad]	364	}
	365
[9806e76]	366	void set_yy_term_data_is_anonymous(abac_yy_term_data_t *ptr)
	367	{
	368	ptr->is_anonymous=1;
	369	}
	370
[8bd77b5]	371	bool is_yy_term_data_type_numeric(abac_yy_term_data_t *ptr)
[d5bbd3e]	372	{
[440ba20]	373	if(ptr->type==abac_verify_term_type("integer") \|\|
	374	ptr->type==abac_verify_term_type("float"))
[d5bbd3e]	375	return 1;
	376	return 0;
	377	}
	378
[8bd77b5]	379	bool is_yy_term_data_type_time(abac_yy_term_data_t *ptr)
[7b548fa]	380	{
[440ba20]	381	if(ptr->type==abac_verify_term_type("time"))
[7b548fa]	382	return 1;
	383	return 0;
	384	}
	385
[8bd77b5]	386	bool is_yy_term_data_type_alpha(abac_yy_term_data_t *ptr)
[d5bbd3e]	387	{
[440ba20]	388	if(ptr->type==abac_verify_term_type("string") \|\|
	389	ptr->type==abac_verify_term_type("urn") \|\|
	390	ptr->type==abac_verify_term_type("boolean"))
[d5bbd3e]	391	return 1;
	392	return 0;
	393	}
	394
[b5a3da4]	395	void set_yy_term_data_cond_ptr(abac_yy_term_data_t ptr, void vptr)
[a9494ad]	396	{
[b5a3da4]	397	ptr->cond_ptr=vptr;
[a9494ad]	398	}
	399
[b5a3da4]	400	void set_yy_term_data_cond_str(abac_yy_term_data_t ptr, char cond)
[da5afdf]	401	{
[8bd77b5]	402	ptr->cond_str=abac_xstrdup(cond);
[da5afdf]	403	}
	404
[b5a3da4]	405	void set_yy_term_data_is_variable(abac_yy_term_data_t *ptr)
[da5afdf]	406	{
[b5a3da4]	407	ptr->is_variable=1;
[da5afdf]	408	}
	409
[b5a3da4]	410	int get_yy_term_data_is_variable(abac_yy_term_data_t *ptr)
[a9494ad]	411	{
[b5a3da4]	412	return ptr->is_variable;
[a9494ad]	413	}
	414
[b5a3da4]	415	static void _free_yy_term_data(abac_yy_term_data_t *ptr)
[a9494ad]	416	{
[b5a3da4]	417	free(ptr->name);
	418	if(ptr->cond_str)
	419	free(ptr->cond_str);
	420	if(ptr->cond_head_expr)
	421	_free_yy_expression(ptr->cond_head_expr);
	422	if(ptr->cond_range);
	423	_free_yy_cond_range(ptr->cond_range);
	424	free(ptr);
[a9494ad]	425	}
	426
[9806e76]	427	abac_yy_term_principal_t *make_yy_term_principal()
[a9494ad]	428	{
[b5a3da4]	429	abac_yy_term_principal_t *ptr=
	430	(abac_yy_term_principal_t*)abac_xmalloc(sizeof(abac_yy_term_principal_t));
[d845403]	431	ptr->type=0;/* this is not known */
[9806e76]	432	ptr->is_anonymous=0;
	433	ptr->name=NULL;
[440ba20]	434	ptr->isrange=0;
[b5a3da4]	435	ptr->cond_str=NULL;
[440ba20]	436	ptr->cond_ptr=NULL;
[b5a3da4]	437	ptr->cond_head_expr=NULL;
	438	return ptr;
[a9494ad]	439	}
	440
[9335cfa]	441	static void _set_using_this()
	442	{
	443	using_this=1;
	444	}
	445
[440ba20]	446	void set_yy_term_principal_isrange(abac_yy_term_principal_t *ptr, int isrange)
	447	{
	448	ptr->isrange=isrange;
	449	}
	450
[9806e76]	451	void set_yy_term_principal_name(abac_yy_term_principal_t ptr, char name)
	452	{
[9335cfa]	453	/* handle special case when the name=this, change it to This */
	454	if(strcmp(name,"this")==0) {
	455	ptr->name=abac_xstrdup("This");
	456	_set_using_this();
	457	} else ptr->name=abac_xstrdup(name);
[9806e76]	458	}
	459
[b5a3da4]	460	void set_yy_term_principal_cond_ptr(abac_yy_term_principal_t ptr, void vptr)
[a9494ad]	461	{
[b5a3da4]	462	ptr->cond_ptr=vptr;
[a9494ad]	463	}
	464
[b5a3da4]	465	void set_yy_term_principal_cond_str(abac_yy_term_principal_t ptr, char cond)
[a9494ad]	466	{
[b5a3da4]	467	ptr->cond_str=abac_xstrdup(cond);
[a9494ad]	468	}
	469
[9806e76]	470	void set_yy_term_principal_is_anonymous(abac_yy_term_principal_t *ptr)
	471	{
	472	ptr->is_anonymous=1;
	473	}
	474
[b5a3da4]	475	abac_yy_expression_t get_yy_term_principal_cond_head_expr(abac_yy_term_principal_t ptr)
[da5afdf]	476	{
[b5a3da4]	477	return ptr->cond_head_expr;
[da5afdf]	478	}
	479
[b5a3da4]	480	void set_yy_term_principal_cond_head_expr(abac_yy_term_principal_t *ptr,
	481	abac_yy_expression_t *expr)
[da5afdf]	482	{
[b5a3da4]	483	ptr->cond_head_expr=expr;
[da5afdf]	484	}
	485
[b5a3da4]	486	static void _free_yy_term_principal(abac_yy_term_principal_t *ptr)
[da5afdf]	487	{
[b5a3da4]	488	free(ptr->name);
	489	if(ptr->cond_str)
	490	free(ptr->cond_str);
	491	if(ptr->cond_head_expr)
	492	_free_yy_expression(ptr->cond_head_expr);
	493	free(ptr);
[da5afdf]	494	}
	495
[b5a3da4]	496	abac_yy_term_t *make_yy_term_dterm_anonymous()
[da5afdf]	497	{
[b5a3da4]	498	abac_yy_term_t ptr=(abac_yy_term_t)abac_xmalloc(sizeof(abac_yy_term_t));
	499	ptr->type = e_yy_DTERM_ANONYMOUS;
	500	ptr->next=NULL;
	501	ptr->bcnt=1;
	502	return ptr;
[da5afdf]	503	}
	504
[b5a3da4]	505	abac_yy_term_t make_yy_term_dterm_principal(abac_yy_term_principal_t pptr)
[da5afdf]	506	{
[b5a3da4]	507	abac_yy_term_t ptr=(abac_yy_term_t)abac_xmalloc(sizeof(abac_yy_term_t));
[9806e76]	508	if(pptr->is_anonymous)
	509	ptr->type = e_yy_DTERM_ANONYMOUS;
	510	else ptr->type = e_yy_DTERM_PRINCIPAL;
[b5a3da4]	511	ptr->term.p_ptr=pptr;
	512	ptr->next=NULL;
	513	ptr->bcnt=1;
	514	return ptr;
	515	}
	516
	517	abac_yy_term_t make_yy_term_dterm_named(abac_yy_principal_t nptr)
	518	{
	519	abac_yy_term_t ptr=(abac_yy_term_t)abac_xmalloc(sizeof(abac_yy_term_t));
	520	ptr->type = e_yy_DTERM_NAMED;
	521	ptr->term.n_ptr=nptr;
	522	ptr->next=NULL;
	523	ptr->bcnt=1;
	524	return ptr;
	525	}
	526
	527	abac_yy_term_t make_yy_term_dterm_data(abac_yy_term_data_t dptr)
	528	{
	529	abac_yy_term_t ptr=(abac_yy_term_t)abac_xmalloc(sizeof(abac_yy_term_t));
[9806e76]	530
	531	if(dptr->is_anonymous)
	532	ptr->type = e_yy_DTERM_ANONYMOUS;
	533	else ptr->type = e_yy_DTERM_DATA;
[b5a3da4]	534	ptr->term.d_ptr=dptr;
	535	ptr->next=NULL;
	536	ptr->bcnt=1;
	537	return ptr;
	538	}
	539
[a9494ad]	540	/****************************************************************************/
	541	abac_yy_principal_t make_yy_principal(char sha, char *cn, int type)
	542	{
	543	abac_yy_principal_t *ptr=
	544	(abac_yy_principal_t*)abac_xmalloc(sizeof(abac_yy_principal_t));
[7727f26]	545	/* add p to yyparse's principal */
	546	if(sha) ptr->sha=abac_xstrdup(sha);
	547	else ptr->sha=NULL;
	548	if(cn) ptr->cn=abac_xstrdup(cn);
	549	else ptr->cn=NULL;
[a9494ad]	550	ptr->type=type;
	551	return ptr;
	552	}
	553
	554	static void _free_yy_principal(abac_yy_principal_t *ptr)
	555	{
[7727f26]	556	if(ptr->sha) free(ptr->sha);
	557	if(ptr->cn) free(ptr->cn);
[a9494ad]	558	free(ptr);
	559	}
	560
[da5afdf]	561	int get_yy_principal_type(abac_yy_principal_t *ptr)
	562	{
	563	return ptr->type;
	564	}
	565
[7727f26]	566	char get_yy_principal_name(abac_yy_principal_t ptr)
[da5afdf]	567	{
[7727f26]	568	if(USE("ABAC_CN") && ptr->cn)
	569	return ptr->cn;
[da5afdf]	570	return ptr->sha;
	571	}
	572
[7727f26]	573	char get_yy_principal_cn(abac_yy_principal_t ptr)
	574	{
	575	return ptr->cn;
	576	}
	577
	578	char get_yy_principal_sha(abac_yy_principal_t ptr)
	579	{
	580	return ptr->sha;
	581	}
	582
[b5a3da4]	583	/*************************************************************************/
	584
	585	abac_yy_term_t add_yy_term(abac_yy_term_t nterm, abac_yy_term_t *terms)
	586	{
	587	int i=terms->bcnt;
	588	nterm->next=terms;
	589	nterm->bcnt=i+1;
	590	return nterm;
	591	}
	592
	593	static void _free_yy_term(abac_yy_term_t *ptr)
	594	{
	595	switch (ptr->type) {
	596	case e_yy_DTERM_DATA:
	597	_free_yy_term_data(ptr->term.d_ptr);
	598	break;
	599	case e_yy_DTERM_NAMED:
	600	_free_yy_principal(ptr->term.n_ptr);
	601	break;
	602	case e_yy_DTERM_PRINCIPAL:
	603	_free_yy_term_principal(ptr->term.p_ptr);
	604	break;
	605	case e_yy_DTERM_ANONYMOUS:
	606	break;
	607	}
	608	if(ptr->next)
	609	_free_yy_term(ptr->next);
	610	free(ptr);
	611	}
	612
	613	/*************************************************************************/
[8bd77b5]	614	abac_yy_roleoset_t make_yy_roleoset_role(char name, abac_yy_term_t *terms)
[a9494ad]	615	{
[8bd77b5]	616	abac_yy_roleoset_t *ptr=
	617	(abac_yy_roleoset_t*)abac_xmalloc(sizeof(abac_yy_roleoset_t));
[a9494ad]	618	ptr->name=abac_xstrdup(name);
[da5afdf]	619	ptr->terms=terms;
[a9494ad]	620	ptr->next=NULL;
	621	ptr->bcnt=1;
[8bd77b5]	622	ptr->type=e_yy_ROLE_TYPE;
[a9494ad]	623	return ptr;
	624	}
	625
[8bd77b5]	626	static void _free_yy_roleoset(abac_yy_roleoset_t *ptr)
[a9494ad]	627	{
	628	free(ptr->name);
[da5afdf]	629	if(ptr->terms)
	630	_free_yy_term(ptr->terms);
[a9494ad]	631	if(ptr->next)
[8bd77b5]	632	_free_yy_roleoset(ptr->next);
[a9494ad]	633	free(ptr);
	634	}
	635
[b5a3da4]	636	/***************************************************************************/
[8bd77b5]	637	abac_yy_roleoset_t make_yy_roleoset_oset(char name, abac_yy_term_t *terms)
[b5a3da4]	638	{
[8bd77b5]	639	abac_yy_roleoset_t *ptr=
	640	(abac_yy_roleoset_t*)abac_xmalloc(sizeof(abac_yy_roleoset_t));
[b5a3da4]	641	ptr->name=abac_xstrdup(name);
	642	ptr->terms=terms;
	643	ptr->next=NULL;
	644	ptr->bcnt=1;
[8bd77b5]	645	ptr->type=e_yy_OSET_TYPE;
[b5a3da4]	646	return ptr;
	647	}
	648
	649	/***************************************************************************/
	650
[da5afdf]	651	/* type: e_yy_EXPR_NAMED, e_yy_EXPR_OBJECT, e_yy_EXPR_OSET,e_yy_EXPR_LINKED */
	652
[8bd77b5]	653	abac_yy_expression_t make_yy_expression(int type,void pptr,
	654	abac_yy_roleoset_t optr, abac_yy_roleoset_t linked_role)
[a9494ad]	655	{
[da5afdf]	656	abac_yy_expression_t *ptr=
	657	(abac_yy_expression_t*)abac_xmalloc(sizeof(abac_yy_expression_t));
	658	ptr->type = type;
	659	if(type == e_yy_EXPR_OBJECT) {
	660	ptr->object=(abac_yy_term_data_t *)pptr;
	661	} else {
	662	ptr->principal = (abac_yy_principal_t *)pptr;
	663	}
[8bd77b5]	664	ptr->roleoset = optr;
[a9494ad]	665	ptr->linked_role=linked_role;
	666	ptr->next=NULL;
	667
	668	return ptr;
	669	}
	670
[da5afdf]	671	abac_yy_term_data_t get_yy_expression_object(abac_yy_expression_t ptr)
	672	{
	673	if(ptr->type == e_yy_EXPR_OBJECT)
	674	return ptr->object;
	675	return NULL;
	676	}
	677
	678	abac_yy_expression_t add_yy_expression(abac_yy_expression_t nexpr,
	679	abac_yy_expression_t *exprs)
[a9494ad]	680	{
	681	int i=exprs->bcnt;
	682	nexpr->next=exprs;
	683	nexpr->bcnt=i+1;
	684	return nexpr;
	685	}
	686
[da5afdf]	687	static void _free_yy_expression(abac_yy_expression_t *ptr)
[a9494ad]	688	{
[da5afdf]	689	if(ptr->type == e_yy_EXPR_OBJECT) {
	690	if(ptr->object)
	691	_free_yy_term_data(ptr->object);
	692	} else {
	693	if(ptr->principal)
	694	_free_yy_principal(ptr->principal);
	695	}
[8bd77b5]	696	if(ptr->roleoset) _free_yy_roleoset(ptr->roleoset);
[a9494ad]	697	if(ptr->linked_role)
[8bd77b5]	698	_free_yy_roleoset(ptr->linked_role);
[a9494ad]	699	if(ptr->next)
[da5afdf]	700	_free_yy_expression(ptr->next);
[a9494ad]	701
	702	free(ptr);
	703	}
	704
[b5a3da4]	705	/***************************************************************************/
[8bd77b5]	706	/* add the oset condition to constraint list */
[440ba20]	707	void make_yy_oset_constraint(abac_yy_term_data_t ptr, char tail_string)
[8bd77b5]	708	{
	709	abac_yy_expression_t *head_expr=get_yy_term_data_cond_head_expr(ptr);
	710	if(head_expr) {
	711	abac_aspect_t *head_aspect=validate_head(e_yy_OSET_TYPE,head_expr);
[440ba20]	712	if(head_aspect != NULL) {
	713	if(debug) printf("make_yy_oset_constraint..\n");
	714	set_yy_term_data_cond_ptr(ptr,head_aspect);
	715	}
[8bd77b5]	716	}
	717	}
[440ba20]	718
[8bd77b5]	719	/* add the role condition to constraint list */
[440ba20]	720	void make_yy_role_constraint(abac_yy_term_principal_t ptr, char tail_string)
[8bd77b5]	721	{
	722	abac_yy_expression_t *head_expr=get_yy_term_principal_cond_head_expr(ptr);
	723	if(head_expr) {
	724	abac_aspect_t *head_aspect=validate_head(e_yy_ROLE_TYPE,head_expr);
[440ba20]	725	if(head_aspect != NULL) {
	726	if(debug) printf("make_yy_role_constraint..\n");
	727	set_yy_term_principal_cond_ptr(ptr,head_aspect);
	728	set_yy_term_principal_isrange(ptr,0);
[8bd77b5]	729	}
	730	}
	731	}
	732
	733
	734	/****************************************************************/
	735	static void _aspect_add_terms(int linked, abac_aspect_t *aspect_ptr,
[da5afdf]	736	abac_yy_term_t *terms)
	737	{
	738	abac_yy_term_t *curr = terms;
	739	int type;
[d037f54]	740	int isnamed;
[440ba20]	741	int isrange;
[d037f54]	742	char *name;
	743	char *cond;
	744	void *ptr;
[7727f26]	745
[da5afdf]	746	while (curr) {
[d037f54]	747	name=NULL;
	748	cond=NULL;
	749	ptr=NULL;
	750	isnamed=0;
[440ba20]	751	isrange=0;
[da5afdf]	752	switch (curr->type) {
	753	case e_yy_DTERM_DATA:
	754	{
[8bd77b5]	755	abac_yy_term_data_t *dptr=curr->term.d_ptr;
	756	type=dptr->type;
	757	name=abac_xstrdup(dptr->name);
[440ba20]	758	if(dptr->cond_str)
[8bd77b5]	759	cond=abac_xstrdup(dptr->cond_str);
[440ba20]	760	ptr=dptr->cond_ptr;
	761	isrange=(dptr->cond_range!=NULL)?1:0;
[da5afdf]	762	break;
	763	}
	764	case e_yy_DTERM_PRINCIPAL:
	765	{
[8bd77b5]	766	abac_yy_term_principal_t *pptr=curr->term.p_ptr;
[440ba20]	767	type=abac_verify_term_type("principal");
[8bd77b5]	768	name=abac_xstrdup(pptr->name);
[440ba20]	769	if(pptr->cond_str)
[8bd77b5]	770	cond=abac_xstrdup(pptr->cond_str);
[440ba20]	771	ptr=pptr->cond_ptr;
	772	isrange=pptr->isrange;
[da5afdf]	773	break;
	774	}
	775	case e_yy_DTERM_NAMED:
	776	{
[8bd77b5]	777	abac_yy_principal_t *pptr=curr->term.n_ptr;
	778	type=pptr->type;
	779	name=abac_xstrdup(get_yy_principal_name(pptr));
[d037f54]	780	isnamed=1;
[da5afdf]	781	break;
	782	}
	783	case e_yy_DTERM_ANONYMOUS:
	784	{
[440ba20]	785	type=abac_verify_term_type("anonymous");
[da5afdf]	786	name=abac_xstrdup("_");
	787	break;
	788	}
	789	}
[d037f54]	790	abac_term_t *param=NULL;
	791	if(isnamed)
	792	param=abac_term_named_new(type,name);
[440ba20]	793	else param=abac_term_new(type,name,isrange,cond,ptr);
[da5afdf]	794	if (linked)
[8bd77b5]	795	abac_aspect_add_linked_param(aspect_ptr, param);
[da5afdf]	796	else
[8bd77b5]	797	abac_aspect_add_param(aspect_ptr, param);
[da5afdf]	798	curr=curr->next;
	799	}
	800	}
	801
[8bd77b5]	802	static void _aspect_add_linked_terms(abac_aspect_t ptr, abac_yy_term_t terms)
[da5afdf]	803	{
	804	int linked=1;
[8bd77b5]	805	_aspect_add_terms(linked, ptr, terms);
[da5afdf]	806	}
	807
[8bd77b5]	808	static void _aspect_add_aspect_terms(abac_aspect_t ptr, abac_yy_term_t terms)
[da5afdf]	809	{
	810	int linked=0;
[8bd77b5]	811	_aspect_add_terms(linked, ptr, terms);
[da5afdf]	812	}
	813
[8bd77b5]	814	abac_aspect_t validate_intersected_tail(abac_aspect_t ptr)
[da5afdf]	815	{
[8bd77b5]	816	abac_aspect_t *ret_ptr=abac_aspect_intersection_new(ptr);
	817	return ret_ptr;
[da5afdf]	818	}
	819
[8bd77b5]	820	/* A.oset, A.role */
	821	abac_aspect_t validate_head(int yytype, abac_yy_expression_t expr)
[da5afdf]	822	{
	823	abac_yy_principal_t *principal=expr->principal;
[8bd77b5]	824	abac_yy_roleoset_t *ptr=expr->roleoset;
[da5afdf]	825
[7727f26]	826	char *principalname=get_yy_principal_sha(principal);
[8bd77b5]	827	char *name=ptr->name;
	828	abac_yy_term_t *terms=ptr->terms;
[da5afdf]	829
[8bd77b5]	830	abac_aspect_t *aptr=NULL;
	831	if(yytype==e_yy_OSET_TYPE)
	832	aptr=abac_aspect_oset_new(principalname, name);
	833	else aptr=abac_aspect_role_new(principalname, name);
	834
	835	if (aptr==NULL) {
	836	abac_yy_set_error_code(ABAC_YY_INVALID_HEAD);
[da5afdf]	837	goto error;
	838	}
[8bd77b5]	839
[da5afdf]	840	// insert the params for the oset
	841	if(terms) {
[8bd77b5]	842	_aspect_add_aspect_terms(aptr, terms);
[da5afdf]	843	}
[8bd77b5]	844	return aptr;
[da5afdf]	845
	846	error:
	847	return NULL;
	848	}
	849
[8bd77b5]	850	abac_aspect_t validate_head_oset(abac_yy_expression_t expr)
	851	{
	852	return validate_head(e_yy_OSET_TYPE,expr);
	853	}
	854
	855	abac_aspect_t validate_head_role(abac_yy_expression_t expr)
	856	{
	857	return validate_head(e_yy_ROLE_TYPE,expr);
	858	}
	859
	860	/*****************************************************************************/
[da5afdf]	861	/* B */
[8bd77b5]	862	abac_aspect_t validate_named_tail(int yytype, abac_yy_expression_t expr)
[da5afdf]	863	{
	864	abac_yy_principal_t *principal=expr->principal;
[7727f26]	865	char *principalname=get_yy_principal_sha(principal);
[da5afdf]	866
[8bd77b5]	867	abac_aspect_t *ptr=NULL;
	868	if(yytype==e_yy_OSET_TYPE)
	869	ptr=abac_aspect_oset_principal_new(principalname);
	870	else ptr=abac_aspect_role_principal_new(principalname);
	871	if (ptr==NULL)
[da5afdf]	872	goto error;
[8bd77b5]	873	return ptr;
[da5afdf]	874
	875	error:
[8bd77b5]	876	panic("can not generate a simple named tail oset aspect");
[da5afdf]	877	return NULL;
	878	}
	879
	880
	881	/* [keyid:alpha].oset:documents([string:'proj1'])<-[urn:'file//fileA'] */
[8bd77b5]	882	abac_aspect_t validate_object_tail(int yytype,abac_yy_expression_t expr)
[da5afdf]	883	{
	884	abac_yy_term_data_t *object=get_yy_expression_object(expr);
	885	assert(object != NULL);
	886
	887	char *name=object->name;
	888	int type=object->type;
[b5a3da4]	889	char *cond=object->cond_str;
	890	void *ptr=object->cond_ptr;
[440ba20]	891	int isrange=(object->cond_range!=NULL)?1:0;
	892	abac_term_t *term=abac_term_new(type,name,isrange,cond,ptr);
[8bd77b5]	893	abac_aspect_t *aptr=NULL;
	894	if(yytype==e_yy_OSET_TYPE)
	895	aptr=abac_aspect_oset_object_new(term);
	896	else
	897	goto error; /* can not be a role expression with obj */
	898	if (aptr==NULL)
[da5afdf]	899	goto error;
[8bd77b5]	900	return aptr;
[da5afdf]	901
	902	error:
[8bd77b5]	903	panic("can not generate a simple object tail oset aspect");
[da5afdf]	904	return NULL;
	905	}
	906
	907
[8bd77b5]	908	/* B.role or B.oset */
	909	abac_aspect_t validate_some_tail(int yytype, abac_yy_expression_t expr)
[da5afdf]	910	{
	911	abac_yy_principal_t *principal=expr->principal;
[8bd77b5]	912	abac_yy_roleoset_t *eptr=expr->roleoset;
[da5afdf]	913
[7727f26]	914	char *principalname=get_yy_principal_sha(principal);
[8bd77b5]	915	char *name=eptr->name;
	916	abac_yy_term_t *terms=eptr->terms;
[da5afdf]	917
[8bd77b5]	918	abac_aspect_t *ptr=NULL;
	919	if(yytype==e_yy_OSET_TYPE)
	920	ptr=abac_aspect_oset_new(principalname, name);
	921	else
	922	ptr=abac_aspect_role_new(principalname, name);
	923	if (ptr==NULL)
[da5afdf]	924	goto error;
	925
	926	if(terms) {
[8bd77b5]	927	_aspect_add_aspect_terms(ptr, terms);
[da5afdf]	928	}
[8bd77b5]	929	return ptr;
[da5afdf]	930
	931	error:
[8bd77b5]	932	panic("can not generate a simple tail aspect");
[da5afdf]	933	return NULL;
	934	}
	935
[8bd77b5]	936	/* B.role.role or B.role.oset */
	937	abac_aspect_t validate_linked_tail(int yytype, abac_yy_expression_t expr)
[da5afdf]	938	{
	939	abac_yy_principal_t *principal=expr->principal;
[8bd77b5]	940
	941	abac_yy_roleoset_t *eptr=expr->roleoset;
	942	abac_yy_roleoset_t *linked_role=expr->linked_role;
[da5afdf]	943
[7727f26]	944	char *principalname=get_yy_principal_sha(principal);
[8bd77b5]	945	char *name=eptr->name;
	946	abac_yy_term_t *terms=eptr->terms;
[da5afdf]	947
	948	char *linkedrolename=linked_role->name;
	949	abac_yy_term_t *linked_terms=linked_role->terms;
	950
[8bd77b5]	951	abac_aspect_t *ptr=NULL;
	952	if(yytype==e_yy_OSET_TYPE)
	953	ptr=abac_aspect_oset_linking_new(principalname,
	954	linkedrolename, name);
	955	else ptr=abac_aspect_role_linking_new(principalname,
	956	linkedrolename, name);
	957	if (ptr==NULL)
[da5afdf]	958	goto error;
	959
	960	if(linked_terms) {
[8bd77b5]	961	_aspect_add_linked_terms(ptr, linked_terms);
[da5afdf]	962	}
	963	if(terms) {
[8bd77b5]	964	_aspect_add_aspect_terms(ptr, terms);
[da5afdf]	965	}
	966
[8bd77b5]	967	return ptr;
[da5afdf]	968
	969	error:
	970	panic("can not generate linked tail oset");
	971	return NULL;
	972	}
	973
	974
[8bd77b5]	975	/**********************************************************************/
[da5afdf]	976
	977	abac_list_t make_oset_statement(abac_yy_expression_t headexpr,
	978	abac_yy_expression_t *tailexpr)
	979	{
[8bd77b5]	980	abac_aspect_t *head_oset=NULL;
	981	abac_aspect_t *tail_oset=NULL;
[da5afdf]	982
	983	/* build up left side's abac oset structure */
[8bd77b5]	984	head_oset=validate_head(e_yy_OSET_TYPE, headexpr);
[da5afdf]	985	if(head_oset == NULL)
	986	goto error;
	987
	988	/* build up the right side's abac oset structure */
	989	abac_yy_expression_t *curr_tail = tailexpr;
	990	int intersecting=(tailexpr->next != NULL)? 1:0;
[8bd77b5]	991	abac_aspect_t *curr_oset = NULL;
[da5afdf]	992	while (curr_tail) {
	993	switch(curr_tail->type) {
	994	case e_yy_EXPR_OBJECT:
[8bd77b5]	995	curr_oset=validate_object_tail(e_yy_OSET_TYPE,curr_tail);
[da5afdf]	996	break;
	997	case e_yy_EXPR_NAMED:
[8bd77b5]	998	curr_oset=validate_named_tail(e_yy_OSET_TYPE,curr_tail);
[da5afdf]	999	break;
	1000	case e_yy_EXPR_OSET:
[8bd77b5]	1001	curr_oset=validate_some_tail(e_yy_OSET_TYPE,curr_tail);
[da5afdf]	1002	break;
	1003	case e_yy_EXPR_LINKED:
[8bd77b5]	1004	curr_oset=validate_linked_tail(e_yy_OSET_TYPE,curr_tail);
[da5afdf]	1005	break;
	1006	}
	1007	if(curr_oset==NULL)
	1008	goto error;
	1009
	1010	/* check if first one */
	1011	if(tail_oset==NULL) {
	1012	if(intersecting)
[8bd77b5]	1013	tail_oset=validate_intersected_tail(curr_oset);
[da5afdf]	1014	else
	1015	tail_oset=curr_oset;
	1016	} else {
[8bd77b5]	1017	abac_aspect_add_intersecting_aspect(tail_oset,curr_oset);
[da5afdf]	1018	}
	1019	curr_tail=curr_tail->next;
	1020	} /* while */
	1021
[440ba20]	1022	preprocess_pl_head(head_oset);
	1023	preprocess_pl_tail(tail_oset);
	1024
[da5afdf]	1025	/* XXX collect up type clauses, constraint clauses and
	1026	generate rule clauses */
[8bd77b5]	1027	abac_list_t *tmp=generate_pl_clauses(head_oset,tail_oset);
[da5afdf]	1028	if(tmp == NULL)
	1029	goto error;
	1030
	1031	if(debug) {
[8bd77b5]	1032	abac_print_aspect_string_with_condition(head_oset,NULL);
[7727f26]	1033	printf("\n");
[8bd77b5]	1034	abac_print_aspect_string_with_condition(tail_oset,NULL);
[7727f26]	1035	printf("\n");
[da5afdf]	1036	}
	1037
	1038	_free_yy_expression(headexpr);
	1039	_free_yy_expression(tailexpr);
[8bd77b5]	1040	abac_rule_head_aspect=head_oset;
	1041	abac_rule_tail_aspect=tail_oset;
[b5a3da4]	1042	abac_rule_is_oset=1;
[da5afdf]	1043	return tmp;
	1044
	1045	error:
	1046	_free_yy_expression(headexpr);
	1047	_free_yy_expression(tailexpr);
	1048	if(head_oset)
[8bd77b5]	1049	abac_aspect_free(head_oset);
[da5afdf]	1050	if(tail_oset)
[8bd77b5]	1051	abac_aspect_free(tail_oset);
[da5afdf]	1052	return NULL;
	1053	}
	1054
[440ba20]	1055	/*****************************************************************************/
	1056	abac_list_t validate_range(abac_list_t ptr)
	1057	{
	1058	abac_list_t *nlist=abac_list_new();
	1059
	1060	abac_item_t *nitem;
	1061	abac_yy_range_t *cur;
	1062	char *val;
	1063	int type;
	1064	abac_list_foreach(ptr, cur,
	1065	if(cur) {
	1066	type=cur->type;
	1067	val=cur->val;
[ca72963]	1068	if(type==e_yy_RANGE_MIN) nitem=abac_item_new(abac_min_item_type(),val);
	1069	if(type==e_yy_RANGE_MAX) nitem=abac_item_new(abac_max_item_type(),val);
	1070	if(type==e_yy_RANGE_TARGET) nitem=abac_item_new(abac_target_item_type(),val);
[440ba20]	1071	abac_list_add(nlist,nitem);
	1072	}
	1073	);
	1074	return nlist;
	1075	}
	1076
	1077	/****************************************************************/
	1078	void make_yy_range_constraint(abac_yy_term_data_t *ptr)
	1079	{
	1080	if(is_yy_term_data_type_numeric(ptr) \|\|
	1081	is_yy_term_data_type_alpha(ptr) \|\|
	1082	is_yy_term_data_type_time(ptr)) {
	1083	abac_list_t *rlist=get_yy_term_data_cond_range(ptr);
	1084	if(rlist) {
	1085	abac_list_t *nlist=validate_range(rlist);
	1086	set_yy_term_data_cond_ptr(ptr,nlist);
	1087	}
	1088	}
	1089	}
[8bd77b5]	1090	/*****************************************************************************/
[da5afdf]	1091	/* build up the abac structure and also create the yap clause
	1092	and insert it into db */
	1093	abac_list_t make_role_statement(abac_yy_expression_t headexpr,
	1094	abac_yy_expression_t *tailexpr)
[a9494ad]	1095	{
[8bd77b5]	1096	abac_aspect_t *head_role=NULL;
	1097	abac_aspect_t *tail_role=NULL;
[a9494ad]	1098
	1099	/* build up left side's abac role structure */
[8bd77b5]	1100	head_role=validate_head(e_yy_ROLE_TYPE,headexpr);
[a9494ad]	1101	if(head_role == NULL)
	1102	goto error;
	1103
	1104	/* build up the right side's abac role structure */
[da5afdf]	1105	abac_yy_expression_t *curr_tail = tailexpr;
[a9494ad]	1106	int intersecting=(tailexpr->next != NULL)? 1:0;
[8bd77b5]	1107	abac_aspect_t *curr_role = NULL;
[a9494ad]	1108	while (curr_tail) {
[da5afdf]	1109	switch(curr_tail->type) {
	1110	case e_yy_EXPR_NAMED:
[8bd77b5]	1111	curr_role=validate_named_tail(e_yy_ROLE_TYPE,curr_tail);
[a9494ad]	1112	break;
[da5afdf]	1113	case e_yy_EXPR_ROLE:
[8bd77b5]	1114	curr_role=validate_some_tail(e_yy_ROLE_TYPE,curr_tail);
[a9494ad]	1115	break;
[da5afdf]	1116	case e_yy_EXPR_LINKED:
[8bd77b5]	1117	curr_role=validate_linked_tail(e_yy_ROLE_TYPE,curr_tail);
[a9494ad]	1118	break;
	1119	}
	1120	if(curr_role==NULL)
	1121	goto error;
	1122
	1123	/* check if first one */
	1124	if(tail_role==NULL) {
	1125	if(intersecting)
[8bd77b5]	1126	tail_role=validate_intersected_tail(curr_role);
[a9494ad]	1127	else
	1128	tail_role=curr_role;
	1129	} else {
[8bd77b5]	1130	abac_aspect_add_intersecting_aspect(tail_role,curr_role);
[a9494ad]	1131	}
	1132	curr_tail=curr_tail->next;
	1133	} /* while */
	1134
[440ba20]	1135	preprocess_pl_head(head_role);
	1136	preprocess_pl_tail(tail_role);
	1137
[7727f26]	1138	/* collect up type clauses, constraint clauses and
[da5afdf]	1139	generate the final rule clauses */
[8bd77b5]	1140	abac_list_t *tmp=generate_pl_clauses(head_role,tail_role);
[a9494ad]	1141	if(tmp == NULL)
	1142	goto error;
	1143
	1144	if(debug) {
[8bd77b5]	1145	abac_print_aspect_string_with_condition(head_role,NULL);
[7727f26]	1146	printf("\n");
[8bd77b5]	1147	abac_print_aspect_string_with_condition(tail_role,NULL);
[7727f26]	1148	printf("\n");
[a9494ad]	1149	}
	1150
[da5afdf]	1151	_free_yy_expression(headexpr);
	1152	_free_yy_expression(tailexpr);
[8bd77b5]	1153	abac_rule_head_aspect=head_role;
	1154	abac_rule_tail_aspect=tail_role;
[b5a3da4]	1155	abac_rule_is_oset=0;
[a9494ad]	1156	return tmp;
	1157
	1158	error:
[da5afdf]	1159	_free_yy_expression(headexpr);
	1160	_free_yy_expression(tailexpr);
[a9494ad]	1161	if(head_role)
[8bd77b5]	1162	abac_aspect_free(head_role);
[a9494ad]	1163	if(tail_role)
[8bd77b5]	1164	abac_aspect_free(tail_role);
[a9494ad]	1165	return NULL;
	1166	}
[da5afdf]	1167
[b5a3da4]	1168	/************************************************************************/
	1169	void abac_yy_init()
	1170	{
	1171	abac_yyinit();
	1172	abac_yy_init_rule_id_clauses();
	1173	}
	1174
	1175

Note: See TracBrowser for help on using the repository browser.

Download in other formats: