as correctly pointed out by cedric@, the :network and :broadcast parsing

code really belongs to host_if() and not host(); I dunno why I did put it in
host()...

ok dhartmei@ deraadt@

1 files changed, 28 insertions, 25 deletions

diff --git a/sbin/pfctl/pfctl_parser.c b/sbin/pfctl/pfctl_parser.c
index bb3196f5441..69c8dca21b9 100644
--- a/sbin/pfctl/pfctl_parser.c
+++ b/sbin/pfctl/pfctl_parser.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: pfctl_parser.c,v 1.136 2003/01/30 15:41:35 henning Exp $ */
+/*	$OpenBSD: pfctl_parser.c,v 1.137 2003/02/02 18:11:43 henning Exp $ */
 
 /*
  * Copyright (c) 2001 Daniel Hartmeier
@@ -62,7 +62,7 @@ void		 print_flags (u_int8_t);
 void		 print_fromto(struct pf_rule_addr *, struct pf_rule_addr *,
 		    u_int8_t, u_int8_t, int);
 
-struct node_host	*host_if(char *, int, int);
+struct node_host	*host_if(char *, int);
 struct node_host	*host_v4(char *);
 struct node_host	*host_v6(char *, int);
 struct node_host	*host_dns(char *, int, int);
@@ -1142,7 +1142,6 @@ host(char *s, int mask)
 	struct node_host	*h = NULL;
 	int			 v4mask, v6mask, cont = 1;
 	char			*buf = NULL, *p, *q, *ps;
-	int			 mode = PFCTL_IFLOOKUP_HOST;
 
 	if ((p = strrchr(s, '/')) != NULL) {
 		if (mask != -1) {
@@ -1161,24 +1160,6 @@ host(char *s, int mask)
 			err(1, "host: malloc");
 		strlcpy(ps, s, strlen(s) - strlen(p) + 1);
 		v4mask = v6mask = mask;
-	} else if ((p = strrchr(s, ':')) != NULL &&
-	    (!strcmp(p+1, "network") || !strcmp(p+1, "broadcast"))) {
-		if (!strcmp(p+1, "network"))
-			mode = PFCTL_IFLOOKUP_NET;
-		if (!strcmp(p+1, "broadcast"))
-			mode = PFCTL_IFLOOKUP_BCAST;
-		if (mask > -1) {
-			fprintf(stderr, "network or broadcast lookup, but "
-			    "extra netmask given\n");
-			return (NULL);
-		}
-		if ((buf = strdup(s)) == NULL)
-			err(1, "host: strdup");
-		if ((ps = malloc(strlen(s) - strlen(p) + 1)) == NULL)
-			err(1, "host: malloc");
-		strlcpy(ps, s, strlen(s) - strlen(p) + 1);
-		v4mask = 32;
-		v6mask = 128;
 	} else {
 		if (asprintf(&ps, "%s", s) == -1)
 			err(1, "host: asprintf");
@@ -1198,7 +1179,7 @@ host(char *s, int mask)
 	}
 
 	/* interface with this name exists? */
-	if (cont && (h = host_if(ps, mask, mode)) != NULL)
+	if (cont && (h = host_if(ps, mask)) != NULL)
 		cont = 0;
 
 	/* IPv4 address? */
@@ -1223,16 +1204,38 @@ host(char *s, int mask)
 }
 
 struct node_host *
-host_if(char *s, int mask, int mode)
+host_if(char *s, int mask)
 {
 	struct node_host	*n, *h = NULL;
+	char			*p, *ps;
+	int			 mode = PFCTL_IFLOOKUP_HOST;
 
-	if (ifa_exists(s) || !strncmp(s, "self", IFNAMSIZ)) {
+	if ((p = strrchr(s, ':')) != NULL &&
+	    (!strcmp(p+1, "network") || !strcmp(p+1, "broadcast"))) {
+		if (!strcmp(p+1, "network"))
+			mode = PFCTL_IFLOOKUP_NET;
+		if (!strcmp(p+1, "broadcast"))
+			mode = PFCTL_IFLOOKUP_BCAST;
+		if (mask > -1) {
+			fprintf(stderr, "network or broadcast lookup, but "
+			    "extra netmask given\n");
+			return (NULL);
+		}
+		if ((ps = malloc(strlen(s) - strlen(p) + 1)) == NULL)
+			err(1, "host: malloc");
+		strlcpy(ps, s, strlen(s) - strlen(p) + 1);
+	} else
+		if ((ps = strdup(s)) == NULL)
+			err(1, "host_if: strdup");
+
+	if (ifa_exists(ps) || !strncmp(ps, "self", IFNAMSIZ)) {
 		/* interface with this name exists */
-		h = ifa_lookup(s, mode);
+		h = ifa_lookup(ps, mode);
 		for (n = h; n != NULL && mask > -1; n = n->next)
 			set_ipmask(n, mask);
 	}
+
+	free(ps);
 	return (h);
 }