+ if ( !b->a_authz.sai_ssf ) {
+ fprintf( stderr,
+ "%s: line %d: invalid ssf value (%s)\n",
+ fname, lineno, right );
+ acl_usage();
+ }
+ continue;
+ }
+
+ if ( strcasecmp( left, "transport_ssf" ) == 0 ) {
+ if ( sty != ACL_STYLE_REGEX && sty != ACL_STYLE_BASE ) {
+ fprintf( stderr, "%s: line %d: "
+ "inappropriate style \"%s\" in by clause\n",
+ fname, lineno, style );
+ acl_usage();
+ }
+
+ if ( b->a_authz.sai_transport_ssf ) {
+ fprintf( stderr, "%s: line %d: "
+ "transport_ssf attribute already specified.\n",
+ fname, lineno );
+ acl_usage();
+ }
+
+ if ( right == NULL || *right == '\0' ) {
+ fprintf( stderr,
+ "%s: line %d: no transport_ssf is defined\n",
+ fname, lineno );
+ acl_usage();
+ }
+
+ b->a_authz.sai_transport_ssf = strtol( right, &next, 10 );
+ if ( next == NULL || next[0] != '\0' ) {
+ fprintf( stderr, "%s: line %d: "
+ "unable to parse transport_ssf value (%s)\n",
+ fname, lineno, right );
+ acl_usage();
+ }
+
+ if ( !b->a_authz.sai_transport_ssf ) {
+ fprintf( stderr,
+ "%s: line %d: invalid transport_ssf value (%s)\n",
+ fname, lineno, right );
+ acl_usage();
+ }
+ continue;
+ }
+
+ if ( strcasecmp( left, "tls_ssf" ) == 0 ) {
+ if ( sty != ACL_STYLE_REGEX && sty != ACL_STYLE_BASE ) {
+ fprintf( stderr, "%s: line %d: "
+ "inappropriate style \"%s\" in by clause\n",
+ fname, lineno, style );
+ acl_usage();
+ }
+
+ if ( b->a_authz.sai_tls_ssf ) {
+ fprintf( stderr, "%s: line %d: "
+ "tls_ssf attribute already specified.\n",
+ fname, lineno );
+ acl_usage();
+ }
+
+ if ( right == NULL || *right == '\0' ) {
+ fprintf( stderr,
+ "%s: line %d: no tls_ssf is defined\n",
+ fname, lineno );
+ acl_usage();
+ }
+
+ b->a_authz.sai_tls_ssf = strtol( right, &next, 10 );
+ if ( next == NULL || next[0] != '\0' ) {
+ fprintf( stderr, "%s: line %d: "
+ "unable to parse tls_ssf value (%s)\n",
+ fname, lineno, right );
+ acl_usage();
+ }
+
+ if ( !b->a_authz.sai_tls_ssf ) {
+ fprintf( stderr,
+ "%s: line %d: invalid tls_ssf value (%s)\n",
+ fname, lineno, right );
+ acl_usage();
+ }
+ continue;
+ }
+
+ if ( strcasecmp( left, "sasl_ssf" ) == 0 ) {
+ if ( sty != ACL_STYLE_REGEX && sty != ACL_STYLE_BASE ) {
+ fprintf( stderr, "%s: line %d: "
+ "inappropriate style \"%s\" in by clause\n",
+ fname, lineno, style );
+ acl_usage();
+ }
+
+ if ( b->a_authz.sai_sasl_ssf ) {
+ fprintf( stderr, "%s: line %d: "
+ "sasl_ssf attribute already specified.\n",
+ fname, lineno );
+ acl_usage();
+ }
+
+ if ( right == NULL || *right == '\0' ) {
+ fprintf( stderr,
+ "%s: line %d: no sasl_ssf is defined\n",
+ fname, lineno );
+ acl_usage();
+ }
+
+ b->a_authz.sai_sasl_ssf = strtol( right, &next, 10 );
+ if ( next == NULL || next[0] != '\0' ) {
+ fprintf( stderr, "%s: line %d: "
+ "unable to parse sasl_ssf value (%s)\n",
+ fname, lineno, right );
+ acl_usage();
+ }
+
+ if ( !b->a_authz.sai_sasl_ssf ) {
+ fprintf( stderr,
+ "%s: line %d: invalid sasl_ssf value (%s)\n",
+ fname, lineno, right );
+ acl_usage();
+ }
+ continue;
+ }
+
+ if ( right != NULL ) {