More bits for kernel version:
- copy inet_aton() from libc - disable getservbyname() lookup and accept only numeric port
This commit is contained in:
parent
32b37f4983
commit
225ea2fb02
@ -143,6 +143,9 @@ struct proxy_entry {
|
||||
destination of a proxied IP packet
|
||||
*/
|
||||
|
||||
#ifdef _KERNEL /* XXX: can it be moved to libkern? */
|
||||
static int inet_aton(const char *cp, struct in_addr *addr);
|
||||
#endif
|
||||
static int IpMask(int, struct in_addr *);
|
||||
static int IpAddr(char *, struct in_addr *);
|
||||
static int IpPort(char *, int, int *);
|
||||
@ -152,6 +155,104 @@ static int RuleNumberDelete(struct libalias *la, int);
|
||||
static void ProxyEncodeTcpStream(struct alias_link *, struct ip *, int);
|
||||
static void ProxyEncodeIpHeader(struct ip *, int);
|
||||
|
||||
#ifdef _KERNEL
|
||||
static int
|
||||
inet_aton(cp, addr)
|
||||
const char *cp;
|
||||
struct in_addr *addr;
|
||||
{
|
||||
u_long parts[4];
|
||||
in_addr_t val;
|
||||
const char *c;
|
||||
char *endptr;
|
||||
int gotend, n;
|
||||
|
||||
c = (const char *)cp;
|
||||
n = 0;
|
||||
/*
|
||||
* Run through the string, grabbing numbers until
|
||||
* the end of the string, or some error
|
||||
*/
|
||||
gotend = 0;
|
||||
while (!gotend) {
|
||||
val = strtoul(c, &endptr, 0);
|
||||
|
||||
if (val == ULONG_MAX || val == 0)
|
||||
return (0);
|
||||
|
||||
/*
|
||||
* If the whole string is invalid, endptr will equal
|
||||
* c.. this way we can make sure someone hasn't
|
||||
* gone '.12' or something which would get past
|
||||
* the next check.
|
||||
*/
|
||||
if (endptr == c)
|
||||
return (0);
|
||||
parts[n] = val;
|
||||
c = endptr;
|
||||
|
||||
/* Check the next character past the previous number's end */
|
||||
switch (*c) {
|
||||
case '.' :
|
||||
/* Make sure we only do 3 dots .. */
|
||||
if (n == 3) /* Whoops. Quit. */
|
||||
return (0);
|
||||
n++;
|
||||
c++;
|
||||
break;
|
||||
|
||||
case '\0':
|
||||
gotend = 1;
|
||||
break;
|
||||
|
||||
default:
|
||||
if (isspace((unsigned char)*c)) {
|
||||
gotend = 1;
|
||||
break;
|
||||
} else
|
||||
return (0); /* Invalid character, so fail */
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
/*
|
||||
* Concoct the address according to
|
||||
* the number of parts specified.
|
||||
*/
|
||||
|
||||
switch (n) {
|
||||
case 0: /* a -- 32 bits */
|
||||
/*
|
||||
* Nothing is necessary here. Overflow checking was
|
||||
* already done in strtoul().
|
||||
*/
|
||||
break;
|
||||
case 1: /* a.b -- 8.24 bits */
|
||||
if (val > 0xffffff || parts[0] > 0xff)
|
||||
return (0);
|
||||
val |= parts[0] << 24;
|
||||
break;
|
||||
|
||||
case 2: /* a.b.c -- 8.8.16 bits */
|
||||
if (val > 0xffff || parts[0] > 0xff || parts[1] > 0xff)
|
||||
return (0);
|
||||
val |= (parts[0] << 24) | (parts[1] << 16);
|
||||
break;
|
||||
|
||||
case 3: /* a.b.c.d -- 8.8.8.8 bits */
|
||||
if (val > 0xff || parts[0] > 0xff || parts[1] > 0xff ||
|
||||
parts[2] > 0xff)
|
||||
return (0);
|
||||
val |= (parts[0] << 24) | (parts[1] << 16) | (parts[2] << 8);
|
||||
break;
|
||||
}
|
||||
|
||||
if (addr != NULL)
|
||||
addr->s_addr = htonl(val);
|
||||
return (1);
|
||||
}
|
||||
#endif
|
||||
|
||||
static int
|
||||
IpMask(int nbits, struct in_addr *mask)
|
||||
{
|
||||
@ -184,7 +285,9 @@ IpPort(char *s, int proto, int *port)
|
||||
int n;
|
||||
|
||||
n = sscanf(s, "%d", port);
|
||||
if (n != 1) {
|
||||
if (n != 1)
|
||||
#ifndef _KERNEL /* XXX: we accept only numeric ports in kernel */
|
||||
{
|
||||
struct servent *se;
|
||||
|
||||
if (proto == IPPROTO_TCP)
|
||||
@ -199,6 +302,9 @@ IpPort(char *s, int proto, int *port)
|
||||
|
||||
*port = (u_int) ntohs(se->s_port);
|
||||
}
|
||||
#else
|
||||
return (-1);
|
||||
#endif
|
||||
return (0);
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user