def translate(self): decr = False if self.type == Flow_action.NAT: self.caction = Flow_action(self.type, len(self.args)) argtype = action_info(self.type)[ARG_IDX] check_fn = pred_type_info(argtype)[CHECK_IDX] if not self.caction.set_arg(0, check_fn(self.args[0], True)): raise Exception('Cannot set action argument.') # if dladdr given, set if len(self.args) > 1: self.caction.set_arg(1, create_eaddr(self.args[1].encode('utf-8')).hb_long()) elif self.type == Flow_action.WAYPOINT: argtype = action_info(self.type)[ARG_IDX] check_fn = pred_type_info(argtype)[CHECK_IDX] self.caction = Flow_action(self.type, len(self.args)) if self.caction is None: raise Exception('Out of memory.') args = [ check_fn(arg, True) for arg in self.args ] for i in xrange(len(args)): arg = args[i] self.to_decrement.append(arg) if not self.caction.set_arg(i, args[i]): raise Exception('Cannot set action argument.') else: self.caction = Flow_action(self.type) if self.caction is None: raise Exception('Out of memory.') if len(self.args) > 0: if self.type == Flow_action.C_FUNC: slist = strlist() fn = self.args[0].encode('utf-8') for ar in self.args[1:]: slist.push_back(ar.encode('utf-8')) success = __policy__.flow_util.set_action_argument(self.caction, fn, slist) else: argtype = action_info(self.type)[ARG_IDX] if argtype == LOC_T or argtype == HOST_T or argtype == USER_T or argtype == GROUP_T: decr = True check_fn = pred_type_info(argtype)[CHECK_IDX] a = check_fn(self.args[0], True) if decr: self.to_decrement.append(a) success = self.caction.set_arg(a) if not success: raise Exception('Cannot set action argument.')
class PyAction: "SEPL Action Representation" def __init__(self, atype, args): self.type = atype self.args = args self.caction = None self.to_decrement = [] if self.type is None: self.args.sort(PyAction.deep_cmp) def deep_cmp(self, other): if not isinstance(other, PyAction): return 1 if self.type is None or other.type is None: if self.type is None: this = self.args else: this = [self] if other.type is None: other = other.args else: other = [other] for i in xrange(len(this)): if i > len(other): return 1 c = this[i].deep_cmp(other[i]) if c != 0: return c if len(other) > len(this): return -1 if self.type < other.type: return -1 elif self.type > other.type: return 1 return cmp(self.args, other.args) def renamed(self, t, old_name, new_name, subtype): if self.type is None: ret = False for i in xrange(0,len(self.args)): if self.args[i].renamed(t, old_name, new_name, subtype): ret = True return ret ret = False if len(self.args) > 0: argtype = action_info(self.type)[ARG_IDX] if argtype == t: for i in xrange(0,len(self.args)): if self.args[i] == old_name: self.args[i] = new_name ret = True elif argtype == TLOC_T and t == LOC_T: for i in xrange(0,len(self.args)): if self.args[i][0] == old_name: self.args[i][0] = new_name ret = True break #NAT rule only uses TLOC and now second arg is mac, not list of loc return ret def translate(self): decr = False if self.type == Flow_action.NAT: self.caction = Flow_action(self.type, len(self.args)) argtype = action_info(self.type)[ARG_IDX] check_fn = pred_type_info(argtype)[CHECK_IDX] if not self.caction.set_arg(0, check_fn(self.args[0], True)): raise Exception('Cannot set action argument.') # if dladdr given, set if len(self.args) > 1: self.caction.set_arg(1, create_eaddr(self.args[1].encode('utf-8')).hb_long()) elif self.type == Flow_action.WAYPOINT: argtype = action_info(self.type)[ARG_IDX] check_fn = pred_type_info(argtype)[CHECK_IDX] self.caction = Flow_action(self.type, len(self.args)) if self.caction is None: raise Exception('Out of memory.') args = [ check_fn(arg, True) for arg in self.args ] for i in xrange(len(args)): arg = args[i] self.to_decrement.append(arg) if not self.caction.set_arg(i, args[i]): raise Exception('Cannot set action argument.') else: self.caction = Flow_action(self.type) if self.caction is None: raise Exception('Out of memory.') if len(self.args) > 0: if self.type == Flow_action.C_FUNC: slist = strlist() fn = self.args[0].encode('utf-8') for ar in self.args[1:]: slist.push_back(ar.encode('utf-8')) success = __policy__.flow_util.set_action_argument(self.caction, fn, slist) else: argtype = action_info(self.type)[ARG_IDX] if argtype == LOC_T or argtype == HOST_T or argtype == USER_T or argtype == GROUP_T: decr = True check_fn = pred_type_info(argtype)[CHECK_IDX] a = check_fn(self.args[0], True) if decr: self.to_decrement.append(a) success = self.caction.set_arg(a) if not success: raise Exception('Cannot set action argument.') def decrement_ids(self): global __policy__ if self.type is None: for arg in self.args: arg.decrement_ids() else: for id in self.to_decrement: __policy__.authenticator.decrement_id(id) self.to_decrement = [] def __le__(self, cond): if isinstance(cond, bool): cond = PyComplexPred(cond) elif not isinstance(cond, PyComplexPred): raise Exception('SEPL rule should be created with a predicate expression') if self.type is None: return PyRule(cond, self.args) return PyRule(cond, [self]) def ustr(self): if self.type is None: return unicode('compose(' + ', '.join([action.ustr() for action in self.args]) + ')') if self.type == Flow_action.C_FUNC and __supported_fns__.has_key(self.args[0]): return unicode(self.args[0] + '(' + ', '.join(['\'' + a + '\'' for a in self.args[1:]]) + ')') s = __actions__[self.type][0] + '(' if self.type == Flow_action.WAYPOINT or self.type == Flow_action.PY_FUNC or self.type == Flow_action.C_FUNC: argstr = ', '.join(['\'' + a + '\'' for a in self.args]) s = s + argstr elif self.type == Flow_action.NAT: s = s + '\'' + self.args[0][0] + '\'' if len(self.args) > 1: s = s + ', \'' + self.args[1] + '\'' s = s + ')' return unicode(s)