+ while (1)
+ {
+ struct GNUNET_NETWORK_Handle *sock;
+ struct sockaddr_in *v4;
+ struct sockaddr_in6 *v6;
+ struct sockaddr_storage sa;
+ socklen_t addrlen;
+ int ok;
+
+ addrlen = sizeof (sa);
+ sock = GNUNET_NETWORK_socket_accept (slc->listen_socket,
+ (struct sockaddr *) &sa,
+ &addrlen);
+ if (NULL == sock)
+ break;
+ switch (sa.sa_family)
+ {
+ case AF_INET:
+ GNUNET_assert (addrlen == sizeof (struct sockaddr_in));
+ v4 = (const struct sockaddr_in *) addr;
+ ok = ( ( (NULL == sh->v4_allowed) ||
+ (check_ipv4_listed (sh->v4_allowed,
+ &i4->sin_addr))) &&
+ ( (NULL == sh->v4_denied) ||
+ (! check_ipv4_listed (sh->v4_denied,
+ &i4->sin_addr)) ) );
+ break;
+ case AF_INET6:
+ GNUNET_assert (addrlen == sizeof (struct sockaddr_in6));
+ v6 = (const struct sockaddr_in6 *) addr;
+ ok = ( ( (NULL == sh->v6_allowed) ||
+ (check_ipv6_listed (sh->v6_allowed,
+ &i6->sin6_addr))) &&
+ ( (NULL == sh->v6_denied) ||
+ (! check_ipv6_listed (sh->v6_denied,
+ &i6->sin6_addr)) ) );
+ break;
+#ifndef WINDOWS
+ case AF_UNIX:
+ ok = GNUNET_OK; /* controlled using file-system ACL now */
+ break;
+#endif
+ default:
+ LOG (GNUNET_ERROR_TYPE_WARNING,
+ _("Unknown address family %d\n"),
+ addr->sa_family);
+ return GNUNET_SYSERR;
+ }
+ if (! ok)
+ {
+ LOG (GNUNET_ERROR_TYPE_DEBUG,
+ "Service rejected incoming connection from %s due to policy.\n",
+ GNUNET_a2s ((const struct sockaddr *) &sa,
+ addrlen));
+ GNUNET_NETWORK_socket_close (sock);
+ continue;
+ }
+ LOG (GNUNET_ERROR_TYPE_DEBUG,
+ "Service accepted incoming connection from %s.\n",
+ GNUNET_a2s ((const struct sockaddr *) &sa,
+ addrlen));
+ start_client (slc->sh,
+ sock);
+ }