summaryrefslogtreecommitdiff
path: root/libexec/spamd-setup
diff options
context:
space:
mode:
authorClaudio Jeker <claudio@cvs.openbsd.org>2009-09-09 16:05:56 +0000
committerClaudio Jeker <claudio@cvs.openbsd.org>2009-09-09 16:05:56 +0000
commitb8214251e0d8ce0bcc0241eb63bddc328e979bff (patch)
tree72f3cb8cd29d317c455900ad24653d14302ef2db /libexec/spamd-setup
parent6a766b54611bf2f9582e9e7119ef33e3532d85e6 (diff)
Change the way memory is allocated to reduce memory footprint. Loading the
large uatraps uses now around 8 times less memory. Other cleanup includes a fast implementation of imask() (stolen from bgpd), killing some unused code and try to estimate the memory needed in add_blacklist() to reduce the realloc() calls. Tested by many (sthen, matthieu, Stephan A. Rickauer) OK beck@, sthen@
Diffstat (limited to 'libexec/spamd-setup')
-rw-r--r--libexec/spamd-setup/spamd-setup.c148
1 files changed, 68 insertions, 80 deletions
diff --git a/libexec/spamd-setup/spamd-setup.c b/libexec/spamd-setup/spamd-setup.c
index 217e299ad54..ee794e76e97 100644
--- a/libexec/spamd-setup/spamd-setup.c
+++ b/libexec/spamd-setup/spamd-setup.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: spamd-setup.c,v 1.36 2009/06/02 22:38:45 ray Exp $ */
+/* $OpenBSD: spamd-setup.c,v 1.37 2009/09/09 16:05:55 claudio Exp $ */
/*
* Copyright (c) 2003 Bob Beck. All rights reserved.
@@ -64,25 +64,26 @@ struct blacklist {
int count;
};
-u_int32_t imask(u_int8_t);
-u_int8_t maxblock(u_int32_t, u_int8_t);
-u_int8_t maxdiff(u_int32_t, u_int32_t);
-struct cidr *range2cidrlist(u_int32_t, u_int32_t);
-void cidr2range(struct cidr, u_int32_t *, u_int32_t *);
-char *atop(u_int32_t);
-int parse_netblock(char *, struct bl *, struct bl *, int);
-int open_child(char *, char **);
-int fileget(char *);
-int open_file(char *, char *);
-char *fix_quoted_colons(char *);
-void do_message(FILE *, char *);
-struct bl *add_blacklist(struct bl *, size_t *, size_t *, gzFile, int);
-int cmpbl(const void *, const void *);
-struct cidr **collapse_blacklist(struct bl *, size_t);
-int configure_spamd(u_short, char *, char *, struct cidr **);
-int configure_pf(struct cidr **);
-int getlist(char **, char *, struct blacklist *, struct blacklist *);
-__dead void usage(void);
+u_int32_t imask(u_int8_t);
+u_int8_t maxblock(u_int32_t, u_int8_t);
+u_int8_t maxdiff(u_int32_t, u_int32_t);
+struct cidr *range2cidrlist(struct cidr *, int *, int *, u_int32_t,
+ u_int32_t);
+void cidr2range(struct cidr, u_int32_t *, u_int32_t *);
+char *atop(u_int32_t);
+int parse_netblock(char *, struct bl *, struct bl *, int);
+int open_child(char *, char **);
+int fileget(char *);
+int open_file(char *, char *);
+char *fix_quoted_colons(char *);
+void do_message(FILE *, char *);
+struct bl *add_blacklist(struct bl *, size_t *, size_t *, gzFile, int);
+int cmpbl(const void *, const void *);
+struct cidr *collapse_blacklist(struct bl *, size_t);
+int configure_spamd(u_short, char *, char *, struct cidr *);
+int configure_pf(struct cidr *);
+int getlist(char **, char *, struct blacklist *, struct blacklist *);
+__dead void usage(void);
int debug;
int dryrun;
@@ -93,12 +94,9 @@ extern char *__progname;
u_int32_t
imask(u_int8_t b)
{
- u_int32_t j = 0;
- int i;
-
- for (i = 31; i > 31 - b; --i)
- j |= (1 << i);
- return (j);
+ if (b == 0)
+ return (0);
+ return (0xffffffff << (32 - b));
}
u_int8_t
@@ -134,10 +132,9 @@ maxdiff(u_int32_t a, u_int32_t b)
}
struct cidr *
-range2cidrlist(u_int32_t start, u_int32_t end)
+range2cidrlist(struct cidr *list, int *cli, int *cls, u_int32_t start,
+ u_int32_t end)
{
- struct cidr *list = NULL;
- size_t cs = 0, cu = 0;
u_int8_t maxsize, diff;
struct cidr *tmp;
@@ -146,18 +143,16 @@ range2cidrlist(u_int32_t start, u_int32_t end)
diff = maxdiff(start, end);
maxsize = MAX(maxsize, diff);
- if (cs <= cu + 1) { /* one extra for terminator */
- tmp = realloc(list, (cs + 32) * sizeof(struct cidr));
+ if (*cls <= *cli + 1) { /* one extra for terminator */
+ tmp = realloc(list, (*cls + 32) * sizeof(struct cidr));
if (tmp == NULL)
errx(1, "malloc failed");
list = tmp;
- cs += 32;
+ *cls += 32;
}
- list[cu].addr = start;
- list[cu].bits = maxsize;
- cu++;
- list[cu].addr = 0;
- list[cu].bits = 0;
+ list[*cli].addr = start;
+ list[*cli].bits = maxsize;
+ (*cli)++;
start = start + (1 << (32 - maxsize));
}
return (list);
@@ -484,8 +479,19 @@ add_blacklist(struct bl *bl, size_t *blc, size_t *bls, gzFile gzf, int white)
}
parse:
start = 0;
+ /* we assume that there is an IP for every 16 bytes */
+ if (*blc + bu / 8 >= *bls) {
+ *bls += bu / 8;
+ blt = realloc(bl, *bls * sizeof(struct bl));
+ if (blt == NULL) {
+ *bls -= bu / 8;
+ serrno = errno;
+ goto bldone;
+ }
+ bl = blt;
+ }
for (i = 0; i <= bu; i++) {
- if (*blc == *bls) {
+ if (*blc + 1 >= *bls) {
*bls += 1024;
blt = realloc(bl, *bls * sizeof(struct bl));
if (blt == NULL) {
@@ -529,24 +535,24 @@ cmpbl(const void *a, const void *b)
* as lists of nonoverlapping cidr blocks suitable for feeding in
* printable form to pfctl or spamd.
*/
-struct cidr **
+struct cidr *
collapse_blacklist(struct bl *bl, size_t blc)
{
- int bs = 0, ws = 0, state=0, cli, i;
+ int bs = 0, ws = 0, state=0, cli, cls, i;
u_int32_t bstart = 0;
- struct cidr **cl;
+ struct cidr *cl;
int laststate;
u_int32_t addr;
if (blc == 0)
return (NULL);
- cl = calloc(((blc / 2) + 1), sizeof(struct cidr));
+ cli = 0;
+ cls = (blc / 2) + 1;
+ cl = calloc(cls, sizeof(struct cidr));
if (cl == NULL) {
return (NULL);
}
qsort(bl, blc, sizeof(struct bl), cmpbl);
- cli = 0;
- cl[cli] = NULL;
for (i = 0; i < blc;) {
laststate = state;
addr = bl[i].addr;
@@ -568,17 +574,17 @@ collapse_blacklist(struct bl *bl, size_t blc)
}
if (laststate == 1 && state == 0) {
/* end blacklist */
- cl[cli++] = range2cidrlist(bstart, addr - 1);
- cl[cli] = NULL;
+ cl = range2cidrlist(cl, &cli, &cls, bstart, addr - 1);
}
laststate = state;
}
+ cl[cli].addr = 0;
return (cl);
}
int
configure_spamd(u_short dport, char *name, char *message,
- struct cidr **blacklists)
+ struct cidr *blacklists)
{
int lport = IPPORT_RESERVED - 1, s;
struct sockaddr_in sin;
@@ -601,12 +607,9 @@ configure_spamd(u_short dport, char *name, char *message,
}
fprintf(sdc, "%s", name);
do_message(sdc, message);
- while (*blacklists != NULL) {
- struct cidr *b = *blacklists;
- while (b->addr != 0) {
- fprintf(sdc, ";%s/%u", atop(b->addr), (b->bits));
- b++;
- }
+ while (blacklists->addr != 0) {
+ fprintf(sdc, ";%s/%u", atop(blacklists->addr),
+ blacklists->bits);
blacklists++;
}
fputc('\n', sdc);
@@ -617,7 +620,7 @@ configure_spamd(u_short dport, char *name, char *message,
int
-configure_pf(struct cidr **blacklists)
+configure_pf(struct cidr *blacklists)
{
char *argv[9]= {"pfctl", "-q", "-t", "spamd", "-T", "replace",
"-f" "-", NULL};
@@ -651,13 +654,9 @@ configure_pf(struct cidr **blacklists)
return (-1);
}
}
- while (*blacklists != NULL) {
- struct cidr *b = *blacklists;
-
- while (b->addr != 0) {
- fprintf(pf, "%s/%u\n", atop(b->addr), (b->bits));
- b++;
- }
+ while (blacklists->addr != 0) {
+ fprintf(pf, "%s/%u\n", atop(blacklists->addr),
+ blacklists->bits);
blacklists++;
}
return (0);
@@ -757,7 +756,7 @@ getlist(char ** db_array, char *name, struct blacklist *blist,
void
send_blacklist(struct blacklist *blist, in_port_t port)
{
- struct cidr **cidrs, **tmp;
+ struct cidr *cidrs;
if (blist->blc > 0) {
cidrs = collapse_blacklist(blist->bl, blist->blc);
@@ -771,8 +770,6 @@ send_blacklist(struct blacklist *blist, in_port_t port)
if (!greyonly && configure_pf(cidrs) == -1)
err(1, "pfctl failed");
}
- for (tmp = cidrs; *tmp != NULL; tmp++)
- free(*tmp);
free(cidrs);
free(blist->bl);
}
@@ -789,11 +786,11 @@ usage(void)
int
main(int argc, char *argv[])
{
- size_t dbs, dbc, blc, bls, black, white;
- char **db_array, *buf, *name;
+ size_t blc, bls, black, white;
+ char *db_array[2], *buf, *name;
struct blacklist *blists;
struct servent *ent;
- int daemonize = 0, i, ch;
+ int daemonize = 0, ch;
while ((ch = getopt(argc, argv, "bdDn")) != -1) {
switch (ch) {
@@ -826,23 +823,14 @@ main(int argc, char *argv[])
errx(1, "cannot find service \"spamd-cfg\" in /etc/services");
ent->s_port = ntohs(ent->s_port);
- dbs = argc + 2;
- dbc = 0;
- db_array = calloc(dbs, sizeof(char *));
- if (db_array == NULL)
- errx(1, "malloc failed");
-
- db_array[dbc]= PATH_SPAMD_CONF;
- dbc++;
- for (i = 1; i < argc; i++)
- db_array[dbc++] = argv[i];
+ db_array[0] = PATH_SPAMD_CONF;
+ db_array[1] = NULL;
- blists = NULL;
- blc = bls = 0;
if (cgetent(&buf, db_array, "all") != 0)
err(1, "Can't find \"all\" in spamd config");
name = strsep(&buf, ": \t"); /* skip "all" at start */
- blc = 0;
+ blists = NULL;
+ blc = bls = 0;
while ((name = strsep(&buf, ": \t")) != NULL) {
if (*name) {
/* extract config in order specified in "all" tag */