Google Git
Sign in
android / platform / external / apache-apr / e8508b30dd3516c91841bcad24dd314f48f0686b / . / network_io / unix / sockaddr.c
blob: 33d2400a74c02eb3dc1e5136a23da9c4f402e7f3 [file] [log] [blame]
/* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include "apr_arch_networkio.h"
#include "apr_strings.h"
#include "apr.h"
#include "apr_lib.h"
#include "apr_strings.h"
#include "apr_private.h"
#if APR_HAVE_STDLIB_H
#include <stdlib.h>
#endif
#define APR_WANT_STRFUNC
#include "apr_want.h"
struct apr_ipsubnet_t {
int family;
#if APR_HAVE_IPV6
apr_uint32_t sub[4]; /* big enough for IPv4 and IPv6 addresses */
apr_uint32_t mask[4];
#else
apr_uint32_t sub[1];
apr_uint32_t mask[1];
#endif
};
#if !defined(NETWARE) && !defined(WIN32)
#ifdef HAVE_SET_H_ERRNO
#define SET_H_ERRNO(newval) set_h_errno(newval)
#else
#define SET_H_ERRNO(newval) h_errno = (newval)
#endif
#else
#define SET_H_ERRNO(newval)
#endif
#if APR_HAS_THREADS && !defined(GETHOSTBYNAME_IS_THREAD_SAFE) && \
defined(HAVE_GETHOSTBYNAME_R)
/* This is the maximum size that may be returned from the reentrant
* gethostbyname_r function. If the system tries to use more, it
* should return ERANGE.
*/
#define GETHOSTBYNAME_BUFLEN 512
#endif
#ifdef _WIN32_WCE
/* XXX: BS solution. Need an HAVE_GETSERVBYNAME and actually
* do something here, to provide the obvious proto mappings.
*/
static void *getservbyname(const char *name, const char *proto)
{
return NULL;
}
#endif
static apr_status_t get_local_addr(apr_socket_t *sock)
{
sock->local_addr->salen = sizeof(sock->local_addr->sa);
if (getsockname(sock->socketdes, (struct sockaddr *)&sock->local_addr->sa,
&sock->local_addr->salen) < 0) {
return apr_get_netos_error();
}
else {
sock->local_port_unknown = sock->local_interface_unknown = 0;
/* XXX assumes sin_port and sin6_port at same offset */
sock->local_addr->port = ntohs(sock->local_addr->sa.sin.sin_port);
return APR_SUCCESS;
}
}
static apr_status_t get_remote_addr(apr_socket_t *sock)
{
sock->remote_addr->salen = sizeof(sock->remote_addr->sa);
if (getpeername(sock->socketdes, (struct sockaddr *)&sock->remote_addr->sa,
&sock->remote_addr->salen) < 0) {
return apr_get_netos_error();
}
else {
sock->remote_addr_unknown = 0;
/* XXX assumes sin_port and sin6_port at same offset */
sock->remote_addr->port = ntohs(sock->remote_addr->sa.sin.sin_port);
return APR_SUCCESS;
}
}
APR_DECLARE(apr_status_t) apr_sockaddr_ip_get(char **addr,
apr_sockaddr_t *sockaddr)
{
*addr = apr_palloc(sockaddr->pool, sockaddr->addr_str_len);
apr_inet_ntop(sockaddr->family,
sockaddr->ipaddr_ptr,
*addr,
sockaddr->addr_str_len);
#if APR_HAVE_IPV6
if (sockaddr->family == AF_INET6 &&
IN6_IS_ADDR_V4MAPPED((struct in6_addr *)sockaddr->ipaddr_ptr)) {
/* This is an IPv4-mapped IPv6 address; drop the leading
* part of the address string so we're left with the familiar
* IPv4 format.
*/
*addr += strlen("::ffff:");
}
#endif
return APR_SUCCESS;
}
void apr_sockaddr_vars_set(apr_sockaddr_t *addr, int family, apr_port_t port)
{
addr->family = family;
addr->sa.sin.sin_family = family;
if (port) {
/* XXX IPv6: assumes sin_port and sin6_port at same offset */
addr->sa.sin.sin_port = htons(port);
addr->port = port;
}
if (family == APR_INET) {
addr->salen = sizeof(struct sockaddr_in);
addr->addr_str_len = 16;
addr->ipaddr_ptr = &(addr->sa.sin.sin_addr);
addr->ipaddr_len = sizeof(struct in_addr);
}
#if APR_HAVE_IPV6
else if (family == APR_INET6) {
addr->salen = sizeof(struct sockaddr_in6);
addr->addr_str_len = 46;
addr->ipaddr_ptr = &(addr->sa.sin6.sin6_addr);
addr->ipaddr_len = sizeof(struct in6_addr);
}
#endif
}
APR_DECLARE(apr_status_t) apr_socket_addr_get(apr_sockaddr_t **sa,
apr_interface_e which,
apr_socket_t *sock)
{
if (which == APR_LOCAL) {
if (sock->local_interface_unknown || sock->local_port_unknown) {
apr_status_t rv = get_local_addr(sock);
if (rv != APR_SUCCESS) {
return rv;
}
}
*sa = sock->local_addr;
}
else if (which == APR_REMOTE) {
if (sock->remote_addr_unknown) {
apr_status_t rv = get_remote_addr(sock);
if (rv != APR_SUCCESS) {
return rv;
}
}
*sa = sock->remote_addr;
}
else {
*sa = NULL;
return APR_EINVAL;
}
return APR_SUCCESS;
}
APR_DECLARE(apr_status_t) apr_parse_addr_port(char **addr,
char **scope_id,
apr_port_t *port,
const char *str,
apr_pool_t *p)
{
const char *ch, *lastchar;
int big_port;
apr_size_t addrlen;
*addr = NULL; /* assume not specified */
*scope_id = NULL; /* assume not specified */
*port = 0; /* assume not specified */
/* First handle the optional port number. That may be all that
* is specified in the string.
*/
ch = lastchar = str + strlen(str) - 1;
while (ch >= str && apr_isdigit(*ch)) {
--ch;
}
if (ch < str) { /* Entire string is the port. */
big_port = atoi(str);
if (big_port < 1 || big_port > 65535) {
return APR_EINVAL;
}
*port = big_port;
return APR_SUCCESS;
}
if (*ch == ':' && ch < lastchar) { /* host and port number specified */
if (ch == str) { /* string starts with ':' -- bad */
return APR_EINVAL;
}
big_port = atoi(ch + 1);
if (big_port < 1 || big_port > 65535) {
return APR_EINVAL;
}
*port = big_port;
lastchar = ch - 1;
}
/* now handle the hostname */
addrlen = lastchar - str + 1;
/* XXX we don't really have to require APR_HAVE_IPV6 for this;
* just pass char[] for ipaddr (so we don't depend on struct in6_addr)
* and always define APR_INET6
*/
#if APR_HAVE_IPV6
if (*str == '[') {
const char *end_bracket = memchr(str, ']', addrlen);
struct in6_addr ipaddr;
const char *scope_delim;
if (!end_bracket || end_bracket != lastchar) {
*port = 0;
return APR_EINVAL;
}
/* handle scope id; this is the only context where it is allowed */
scope_delim = memchr(str, '%', addrlen);
if (scope_delim) {
if (scope_delim == end_bracket - 1) { /* '%' without scope id */
*port = 0;
return APR_EINVAL;
}
addrlen = scope_delim - str - 1;
*scope_id = apr_palloc(p, end_bracket - scope_delim);
memcpy(*scope_id, scope_delim + 1, end_bracket - scope_delim - 1);
(*scope_id)[end_bracket - scope_delim - 1] = '\0';
}
else {
addrlen = addrlen - 2; /* minus 2 for '[' and ']' */
}
*addr = apr_palloc(p, addrlen + 1);
memcpy(*addr,
str + 1,
addrlen);
(*addr)[addrlen] = '\0';
if (apr_inet_pton(AF_INET6, *addr, &ipaddr) != 1) {
*addr = NULL;
*scope_id = NULL;
*port = 0;
return APR_EINVAL;
}
}
else
#endif
{
/* XXX If '%' is not a valid char in a DNS name, we *could* check
* for bogus scope ids first.
*/
*addr = apr_palloc(p, addrlen + 1);
memcpy(*addr, str, addrlen);
(*addr)[addrlen] = '\0';
}
return APR_SUCCESS;
}
#if defined(HAVE_GETADDRINFO)
static apr_status_t call_resolver(apr_sockaddr_t **sa,
const char *hostname, apr_int32_t family,
apr_port_t port, apr_int32_t flags,
apr_pool_t *p)
{
struct addrinfo hints, *ai, *ai_list;
apr_sockaddr_t *prev_sa;
int error;
char *servname = NULL;
memset(&hints, 0, sizeof(hints));
hints.ai_family = family;
hints.ai_socktype = SOCK_STREAM;
#ifdef HAVE_GAI_ADDRCONFIG
if (family == APR_UNSPEC) {
/* By default, only look up addresses using address types for
* which a local interface is configured, i.e. no IPv6 if no
* IPv6 interfaces configured. */
hints.ai_flags = AI_ADDRCONFIG;
}
#endif
if(hostname == NULL) {
#ifdef AI_PASSIVE
/* If hostname is NULL, assume we are trying to bind to all
* interfaces. */
hints.ai_flags |= AI_PASSIVE;
#endif
/* getaddrinfo according to RFC 2553 must have either hostname
* or servname non-NULL.
*/
#ifdef OSF1
/* The Tru64 5.0 getaddrinfo() can only resolve services given
* by the name listed in /etc/services; a numeric or unknown
* servname gets an EAI_SERVICE error. So just resolve the
* appropriate anyaddr and fill in the port later. */
hostname = family == AF_INET6 ? "::" : "0.0.0.0";
servname = NULL;
#ifdef AI_NUMERICHOST
hints.ai_flags |= AI_NUMERICHOST;
#endif
#else
#ifdef _AIX
/* But current AIX getaddrinfo() doesn't like servname = "0";
* the "1" won't hurt since we use the port parameter to fill
* in the returned socket addresses later
*/
if (!port) {
servname = "1";
}
else
#endif /* _AIX */
servname = apr_itoa(p, port);
#endif /* OSF1 */
}
error = getaddrinfo(hostname, servname, &hints, &ai_list);
#ifdef HAVE_GAI_ADDRCONFIG
if (error == EAI_BADFLAGS && family == APR_UNSPEC) {
/* Retry with no flags if AI_ADDRCONFIG was rejected. */
hints.ai_flags = 0;
error = getaddrinfo(hostname, servname, &hints, &ai_list);
}
#endif
if (error) {
#ifndef WIN32
if (error == EAI_SYSTEM) {
return errno;
}
else
#endif
{
/* issues with representing this with APR's error scheme:
* glibc uses negative values for these numbers, perhaps so
* they don't conflict with h_errno values... Tru64 uses
* positive values which conflict with h_errno values
*/
#if defined(NEGATIVE_EAI)
error = -error;
#endif
return error + APR_OS_START_EAIERR;
}
}
prev_sa = NULL;
ai = ai_list;
while (ai) { /* while more addresses to report */
apr_sockaddr_t *new_sa;
/* Ignore anything bogus: getaddrinfo in some old versions of
* glibc will return AF_UNIX entries for APR_UNSPEC+AI_PASSIVE
* lookups. */
if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6) {
ai = ai->ai_next;
continue;
}
new_sa = apr_pcalloc(p, sizeof(apr_sockaddr_t));
new_sa->pool = p;
memcpy(&new_sa->sa, ai->ai_addr, ai->ai_addrlen);
apr_sockaddr_vars_set(new_sa, ai->ai_family, port);
if (!prev_sa) { /* first element in new list */
if (hostname) {
new_sa->hostname = apr_pstrdup(p, hostname);
}
*sa = new_sa;
}
else {
new_sa->hostname = prev_sa->hostname;
prev_sa->next = new_sa;
}
prev_sa = new_sa;
ai = ai->ai_next;
}
freeaddrinfo(ai_list);
return APR_SUCCESS;
}
static apr_status_t find_addresses(apr_sockaddr_t **sa,
const char *hostname, apr_int32_t family,
apr_port_t port, apr_int32_t flags,
apr_pool_t *p)
{
if (flags & APR_IPV4_ADDR_OK) {
apr_status_t error = call_resolver(sa, hostname, AF_INET, port, flags, p);
#if APR_HAVE_IPV6
if (error) {
family = AF_INET6; /* try again */
}
else
#endif
return error;
}
#if APR_HAVE_IPV6
else if (flags & APR_IPV6_ADDR_OK) {
apr_status_t error = call_resolver(sa, hostname, AF_INET6, port, flags, p);
if (error) {
family = AF_INET; /* try again */
}
else {
return APR_SUCCESS;
}
}
#endif
return call_resolver(sa, hostname, family, port, flags, p);
}
#else /* end of HAVE_GETADDRINFO code */
static apr_status_t find_addresses(apr_sockaddr_t **sa,
const char *hostname, apr_int32_t family,
apr_port_t port, apr_int32_t flags,
apr_pool_t *p)
{
struct hostent *hp;
apr_sockaddr_t *prev_sa;
int curaddr;
#if APR_HAS_THREADS && !defined(GETHOSTBYNAME_IS_THREAD_SAFE) && \
defined(HAVE_GETHOSTBYNAME_R) && !defined(BEOS)
#ifdef GETHOSTBYNAME_R_HOSTENT_DATA
struct hostent_data hd;
#else
/* If you see ERANGE, that means GETHOSBYNAME_BUFLEN needs to be
* bumped. */
char tmp[GETHOSTBYNAME_BUFLEN];
#endif
int hosterror;
#endif
struct hostent hs;
struct in_addr ipaddr;
char *addr_list[2];
const char *orig_hostname = hostname;
if (hostname == NULL) {
/* if we are given a NULL hostname, assume '0.0.0.0' */
hostname = "0.0.0.0";
}
if (*hostname >= '0' && *hostname <= '9' &&
strspn(hostname, "0123456789.") == strlen(hostname)) {
ipaddr.s_addr = inet_addr(hostname);
addr_list[0] = (char *)&ipaddr;
addr_list[1] = NULL; /* just one IP in list */
hs.h_addr_list = (char **)addr_list;
hp = &hs;
}
else {
#if APR_HAS_THREADS && !defined(GETHOSTBYNAME_IS_THREAD_SAFE) && \
defined(HAVE_GETHOSTBYNAME_R) && !defined(BEOS)
#if defined(GETHOSTBYNAME_R_HOSTENT_DATA)
/* AIX, HP/UX, D/UX et alia */
gethostbyname_r(hostname, &hs, &hd);
hp = &hs;
#else
#if defined(GETHOSTBYNAME_R_GLIBC2)
/* Linux glibc2+ */
gethostbyname_r(hostname, &hs, tmp, GETHOSTBYNAME_BUFLEN - 1,
&hp, &hosterror);
#else
/* Solaris, Irix et alia */
hp = gethostbyname_r(hostname, &hs, tmp, GETHOSTBYNAME_BUFLEN - 1,
&hosterror);
#endif /* !defined(GETHOSTBYNAME_R_GLIBC2) */
if (!hp) {
return (hosterror + APR_OS_START_SYSERR);
}
#endif /* !defined(GETHOSTBYNAME_R_HOSTENT_DATA) */
#else
hp = gethostbyname(hostname);
#endif
if (!hp) {
#ifdef WIN32
return apr_get_netos_error();
#else
return (h_errno + APR_OS_START_SYSERR);
#endif
}
}
prev_sa = NULL;
curaddr = 0;
while (hp->h_addr_list[curaddr]) {
apr_sockaddr_t *new_sa = apr_pcalloc(p, sizeof(apr_sockaddr_t));
new_sa->pool = p;
new_sa->sa.sin.sin_addr = *(struct in_addr *)hp->h_addr_list[curaddr];
apr_sockaddr_vars_set(new_sa, AF_INET, port);
if (!prev_sa) { /* first element in new list */
if (orig_hostname) {
new_sa->hostname = apr_pstrdup(p, orig_hostname);
}
*sa = new_sa;
}
else {
new_sa->hostname = prev_sa->hostname;
prev_sa->next = new_sa;
}
prev_sa = new_sa;
++curaddr;
}
return APR_SUCCESS;
}
#endif /* end of !HAVE_GETADDRINFO code */
APR_DECLARE(apr_status_t) apr_sockaddr_info_get(apr_sockaddr_t **sa,
const char *hostname,
apr_int32_t family, apr_port_t port,
apr_int32_t flags, apr_pool_t *p)
{
apr_int32_t masked;
*sa = NULL;
if ((masked = flags & (APR_IPV4_ADDR_OK | APR_IPV6_ADDR_OK))) {
if (!hostname ||
family != APR_UNSPEC ||
masked == (APR_IPV4_ADDR_OK | APR_IPV6_ADDR_OK)) {
return APR_EINVAL;
}
#if !APR_HAVE_IPV6
if (flags & APR_IPV6_ADDR_OK) {
return APR_ENOTIMPL;
}
#endif
}
#if !APR_HAVE_IPV6
/* What may happen is that APR is not IPv6-enabled, but we're still
* going to call getaddrinfo(), so we have to tell the OS we only
* want IPv4 addresses back since we won't know what to do with
* IPv6 addresses.
*/
if (family == APR_UNSPEC) {
family = APR_INET;
}
#endif
return find_addresses(sa, hostname, family, port, flags, p);
}
APR_DECLARE(apr_status_t) apr_getnameinfo(char **hostname,
apr_sockaddr_t *sockaddr,
apr_int32_t flags)
{
#if defined(HAVE_GETNAMEINFO)
int rc;
#if defined(NI_MAXHOST)
char tmphostname[NI_MAXHOST];
#else
char tmphostname[256];
#endif
/* don't know if it is portable for getnameinfo() to set h_errno;
* clear it then see if it was set */
SET_H_ERRNO(0);
/* default flags are NI_NAMREQD; otherwise, getnameinfo() will return
* a numeric address string if it fails to resolve the host name;
* that is *not* what we want here
*
* For IPv4-mapped IPv6 addresses, drop down to IPv4 before calling
* getnameinfo() to avoid getnameinfo bugs (MacOS X, glibc).
*/
#if APR_HAVE_IPV6
if (sockaddr->family == AF_INET6 &&
IN6_IS_ADDR_V4MAPPED(&sockaddr->sa.sin6.sin6_addr)) {
struct sockaddr_in tmpsa;
tmpsa.sin_family = AF_INET;
tmpsa.sin_port = 0;
tmpsa.sin_addr.s_addr = ((apr_uint32_t *)sockaddr->ipaddr_ptr)[3];
#ifdef SIN6_LEN
tmpsa.sin_len = sizeof(tmpsa);
#endif
rc = getnameinfo((const struct sockaddr *)&tmpsa, sizeof(tmpsa),
tmphostname, sizeof(tmphostname), NULL, 0,
flags != 0 ? flags : NI_NAMEREQD);
}
else
#endif
rc = getnameinfo((const struct sockaddr *)&sockaddr->sa, sockaddr->salen,
tmphostname, sizeof(tmphostname), NULL, 0,
flags != 0 ? flags : NI_NAMEREQD);
if (rc != 0) {
*hostname = NULL;
#ifndef WIN32
/* something went wrong. Look at the EAI_ error code */
if (rc == EAI_SYSTEM) {
/* EAI_SYSTEM System error returned in errno. */
/* IMHO, Implementations that set h_errno a simply broken. */
if (h_errno) { /* for broken implementations which set h_errno */
return h_errno + APR_OS_START_SYSERR;
}
else { /* "normal" case */
return errno + APR_OS_START_SYSERR;
}
}
else
#endif
{
#if defined(NEGATIVE_EAI)
if (rc < 0) rc = -rc;
#endif
return rc + APR_OS_START_EAIERR; /* return the EAI_ error */
}
}
*hostname = sockaddr->hostname = apr_pstrdup(sockaddr->pool,
tmphostname);
return APR_SUCCESS;
#else
#if APR_HAS_THREADS && !defined(GETHOSTBYADDR_IS_THREAD_SAFE) && \
defined(HAVE_GETHOSTBYADDR_R) && !defined(BEOS)
#ifdef GETHOSTBYNAME_R_HOSTENT_DATA
struct hostent_data hd;
#else
char tmp[GETHOSTBYNAME_BUFLEN];
#endif
int hosterror;
struct hostent hs, *hptr;
#if defined(GETHOSTBYNAME_R_HOSTENT_DATA)
/* AIX, HP/UX, D/UX et alia */
gethostbyaddr_r((char *)&sockaddr->sa.sin.sin_addr,
sizeof(struct in_addr), AF_INET, &hs, &hd);
hptr = &hs;
#else
#if defined(GETHOSTBYNAME_R_GLIBC2)
/* Linux glibc2+ */
gethostbyaddr_r((char *)&sockaddr->sa.sin.sin_addr,
sizeof(struct in_addr), AF_INET,
&hs, tmp, GETHOSTBYNAME_BUFLEN - 1, &hptr, &hosterror);
#else
/* Solaris, Irix et alia */
hptr = gethostbyaddr_r((char *)&sockaddr->sa.sin.sin_addr,
sizeof(struct in_addr), AF_INET,
&hs, tmp, GETHOSTBYNAME_BUFLEN, &hosterror);
#endif /* !defined(GETHOSTBYNAME_R_GLIBC2) */
if (!hptr) {
*hostname = NULL;
return hosterror + APR_OS_START_SYSERR;
}
#endif /* !defined(GETHOSTBYNAME_R_HOSTENT_DATA) */
#else
struct hostent *hptr;
hptr = gethostbyaddr((char *)&sockaddr->sa.sin.sin_addr,
sizeof(struct in_addr), AF_INET);
#endif
if (hptr) {
*hostname = sockaddr->hostname = apr_pstrdup(sockaddr->pool, hptr->h_name);
return APR_SUCCESS;
}
*hostname = NULL;
#if defined(WIN32)
return apr_get_netos_error();
#elif defined(OS2)
return h_errno;
#else
return h_errno + APR_OS_START_SYSERR;
#endif
#endif
}
APR_DECLARE(apr_status_t) apr_getservbyname(apr_sockaddr_t *sockaddr,
const char *servname)
{
struct servent *se;
if (servname == NULL)
return APR_EINVAL;
if ((se = getservbyname(servname, NULL)) != NULL){
sockaddr->port = htons(se->s_port);
sockaddr->servname = apr_pstrdup(sockaddr->pool, servname);
sockaddr->sa.sin.sin_port = se->s_port;
return APR_SUCCESS;
}
return errno;
}
#define V4MAPPED_EQUAL(a,b) \
((a)->sa.sin.sin_family == AF_INET && \
(b)->sa.sin.sin_family == AF_INET6 && \
IN6_IS_ADDR_V4MAPPED((struct in6_addr *)(b)->ipaddr_ptr) && \
!memcmp((a)->ipaddr_ptr, \
&((struct in6_addr *)(b)->ipaddr_ptr)->s6_addr[12], \
(a)->ipaddr_len))
APR_DECLARE(int) apr_sockaddr_equal(const apr_sockaddr_t *addr1,
const apr_sockaddr_t *addr2)
{
if (addr1->ipaddr_len == addr2->ipaddr_len &&
!memcmp(addr1->ipaddr_ptr, addr2->ipaddr_ptr, addr1->ipaddr_len)) {
return 1;
}
#if APR_HAVE_IPV6
if (V4MAPPED_EQUAL(addr1, addr2)) {
return 1;
}
if (V4MAPPED_EQUAL(addr2, addr1)) {
return 1;
}
#endif
return 0; /* not equal */
}
static apr_status_t parse_network(apr_ipsubnet_t *ipsub, const char *network)
{
/* legacy syntax for ip addrs: a.b.c. ==> a.b.c.0/24 for example */
int shift;
char *s, *t;
int octet;
char buf[sizeof "255.255.255.255"];
if (strlen(network) < sizeof buf) {
strcpy(buf, network);
}
else {
return APR_EBADIP;
}
/* parse components */
s = buf;
ipsub->sub[0] = 0;
ipsub->mask[0] = 0;
shift = 24;
while (*s) {
t = s;
if (!apr_isdigit(*t)) {
return APR_EBADIP;
}
while (apr_isdigit(*t)) {
++t;
}
if (*t == '.') {
*t++ = 0;
}
else if (*t) {
return APR_EBADIP;
}
if (shift < 0) {
return APR_EBADIP;
}
octet = atoi(s);
if (octet < 0 || octet > 255) {
return APR_EBADIP;
}
ipsub->sub[0] |= octet << shift;
ipsub->mask[0] |= 0xFFUL << shift;
s = t;
shift -= 8;
}
ipsub->sub[0] = ntohl(ipsub->sub[0]);
ipsub->mask[0] = ntohl(ipsub->mask[0]);
ipsub->family = AF_INET;
return APR_SUCCESS;
}
/* return values:
* APR_EINVAL not an IP address; caller should see if it is something else
* APR_BADIP IP address portion is is not valid
* APR_BADMASK mask portion is not valid
*/
static apr_status_t parse_ip(apr_ipsubnet_t *ipsub, const char *ipstr, int network_allowed)
{
/* supported flavors of IP:
*
* . IPv6 numeric address string (e.g., "fe80::1")
*
* IMPORTANT: Don't store IPv4-mapped IPv6 address as an IPv6 address.
*
* . IPv4 numeric address string (e.g., "127.0.0.1")
*
* . IPv4 network string (e.g., "9.67")
*
* IMPORTANT: This network form is only allowed if network_allowed is on.
*/
int rc;
#if APR_HAVE_IPV6
rc = apr_inet_pton(AF_INET6, ipstr, ipsub->sub);
if (rc == 1) {
if (IN6_IS_ADDR_V4MAPPED((struct in6_addr *)ipsub->sub)) {
/* apr_ipsubnet_test() assumes that we don't create IPv4-mapped IPv6
* addresses; this of course forces the user to specify IPv4 addresses
* in a.b.c.d style instead of ::ffff:a.b.c.d style.
*/
return APR_EBADIP;
}
ipsub->family = AF_INET6;
}
else
#endif
{
rc = apr_inet_pton(AF_INET, ipstr, ipsub->sub);
if (rc == 1) {
ipsub->family = AF_INET;
}
}
if (rc != 1) {
if (network_allowed) {
return parse_network(ipsub, ipstr);
}
else {
return APR_EBADIP;
}
}
return APR_SUCCESS;
}
static int looks_like_ip(const char *ipstr)
{
if (strchr(ipstr, ':')) {
/* definitely not a hostname; assume it is intended to be an IPv6 address */
return 1;
}
/* simple IPv4 address string check */
while ((*ipstr == '.') || apr_isdigit(*ipstr))
ipstr++;
return (*ipstr == '\0');
}
static void fix_subnet(apr_ipsubnet_t *ipsub)
{
/* in case caller specified more bits in network address than are
* valid according to the mask, turn off the extra bits
*/
int i;
for (i = 0; i < sizeof ipsub->mask / sizeof(apr_int32_t); i++) {
ipsub->sub[i] &= ipsub->mask[i];
}
}
/* be sure not to store any IPv4 address as a v4-mapped IPv6 address */
APR_DECLARE(apr_status_t) apr_ipsubnet_create(apr_ipsubnet_t **ipsub, const char *ipstr,
const char *mask_or_numbits, apr_pool_t *p)
{
apr_status_t rv;
char *endptr;
long bits, maxbits = 32;
/* filter out stuff which doesn't look remotely like an IP address; this helps
* callers like mod_access which have a syntax allowing hostname or IP address;
* APR_EINVAL tells the caller that it was probably not intended to be an IP
* address
*/
if (!looks_like_ip(ipstr)) {
return APR_EINVAL;
}
*ipsub = apr_pcalloc(p, sizeof(apr_ipsubnet_t));
/* assume ipstr is an individual IP address, not a subnet */
memset((*ipsub)->mask, 0xFF, sizeof (*ipsub)->mask);
rv = parse_ip(*ipsub, ipstr, mask_or_numbits == NULL);
if (rv != APR_SUCCESS) {
return rv;
}
if (mask_or_numbits) {
#if APR_HAVE_IPV6
if ((*ipsub)->family == AF_INET6) {
maxbits = 128;
}
#endif
bits = strtol(mask_or_numbits, &endptr, 10);
if (*endptr == '\0' && bits > 0 && bits <= maxbits) {
/* valid num-bits string; fill in mask appropriately */
int cur_entry = 0;
apr_int32_t cur_bit_value;
memset((*ipsub)->mask, 0, sizeof (*ipsub)->mask);
while (bits > 32) {
(*ipsub)->mask[cur_entry] = 0xFFFFFFFF; /* all 32 bits */
bits -= 32;
++cur_entry;
}
cur_bit_value = 0x80000000;
while (bits) {
(*ipsub)->mask[cur_entry] |= cur_bit_value;
--bits;
cur_bit_value /= 2;
}
(*ipsub)->mask[cur_entry] = htonl((*ipsub)->mask[cur_entry]);
}
else if (apr_inet_pton(AF_INET, mask_or_numbits, (*ipsub)->mask) == 1 &&
(*ipsub)->family == AF_INET) {
/* valid IPv4 netmask */
}
else {
return APR_EBADMASK;
}
}
fix_subnet(*ipsub);
return APR_SUCCESS;
}
APR_DECLARE(int) apr_ipsubnet_test(apr_ipsubnet_t *ipsub, apr_sockaddr_t *sa)
{
#if APR_HAVE_IPV6
/* XXX This line will segv on Win32 build with APR_HAVE_IPV6,
* but without the IPV6 drivers installed.
*/
if (sa->sa.sin.sin_family == AF_INET) {
if (ipsub->family == AF_INET &&
((sa->sa.sin.sin_addr.s_addr & ipsub->mask[0]) == ipsub->sub[0])) {
return 1;
}
}
else if (IN6_IS_ADDR_V4MAPPED((struct in6_addr *)sa->ipaddr_ptr)) {
if (ipsub->family == AF_INET &&
(((apr_uint32_t *)sa->ipaddr_ptr)[3] & ipsub->mask[0]) == ipsub->sub[0]) {
return 1;
}
}
else {
apr_uint32_t *addr = (apr_uint32_t *)sa->ipaddr_ptr;
if ((addr[0] & ipsub->mask[0]) == ipsub->sub[0] &&
(addr[1] & ipsub->mask[1]) == ipsub->sub[1] &&
(addr[2] & ipsub->mask[2]) == ipsub->sub[2] &&
(addr[3] & ipsub->mask[3]) == ipsub->sub[3]) {
return 1;
}
}
#else
if ((sa->sa.sin.sin_addr.s_addr & ipsub->mask[0]) == ipsub->sub[0]) {
return 1;
}
#endif /* APR_HAVE_IPV6 */
return 0; /* no match */
}