mirrors/zevenet-zproxy
2
0
Fork 0
mirror of https://github.com/zevenet/zproxy.git synced 2025-10-26 11:19:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

config: disallow broadcast address backends

Browse Source 
Signed-off-by: Nicolás A. Ortega Froysa <nicolas.ortega@zevenet.com>
This commit is contained in:
Nicolás A. Ortega Froysa 2023-05-17 11:26:49 +02:00
parent f9e4afc6c5
commit 44b9034cf2
3 changed files with 33 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
src/config.cpp
View File

@ -18,8 +18,10 @@
#include <stdlib.h>
#include <string.h>
#include <sys/syslog.h>
#include <net/if.h>
#include <unistd.h>
#include <dirent.h>
#include <ifaddrs.h>
#include <iostream>
#include <fstream>
#include <fnmatch.h>
@ -196,6 +198,31 @@ static const char *xhttp[6] = {
#define DEFAULT_BACKEND_CONN_LIMIT 0
#define DEFAULT_BACKEND_NFMARK 0
static bool zproxy_is_brd_addr(const struct sockaddr_in *bck_addr)
{
struct ifaddrs *if_start, *if_node;
getifaddrs(&if_start);
for (if_node = if_start; if_node; if_node = if_node->ifa_next) {
if ((if_node->ifa_flags & IFF_BROADCAST) == 0)
continue;
const struct sockaddr_in *brd_addr =
(struct sockaddr_in*)if_node->ifa_broadaddr;
if (!brd_addr)
continue;
if (brd_addr->sin_family == bck_addr->sin_family &&
brd_addr->sin_addr.s_addr == bck_addr->sin_addr.s_addr) {
freeifaddrs(if_start);
return true;
}
}
freeifaddrs(if_start);
return false;
}
void zproxy_cfg_init(struct zproxy_cfg *cfg)
{
cfg->num_threads = DEFAULT_NUM_THREADS;
@ -829,6 +856,8 @@ static int zproxy_backend_cfg_file(zproxy_cfg *cfg, zproxy_service_cfg *service,
snprintf(backend->address, CONFIG_MAX_FIN, "%s", lin + matches[1].rm_so);
backend->runtime.addr.sin_addr.s_addr = inet_addr(backend->address);
backend->runtime.addr.sin_family = AF_INET;
if (zproxy_is_brd_addr(&backend->runtime.addr))
parse_error("Broadcast addresses not allowed for backends.");
has_addr = 1;
} else if (zproxy_regex_exec(CONFIG_REGEX_Port, lin, matches)) {
lin[matches[1].rm_eo] = '\0';

4
zcutils/include/zcu_network.h
View File

@ -26,8 +26,8 @@
extern "C" {
#endif
int zcu_soc_equal_sockaddr(struct sockaddr *addr1, struct sockaddr *addr2,
int compare_port);
int zcu_soc_equal_sockaddr(const struct sockaddr *addr1,
const struct sockaddr *addr2, int compare_port);
int zcu_net_get_host(const char *name, struct addrinfo *res, int ai_family,
int port);

3
zcutils/src/zcu_network.c
View File

@ -22,7 +22,8 @@
#define ZCU_MAX_IDENT 100
int zcu_soc_equal_sockaddr(struct sockaddr *addr1, struct sockaddr *addr2, int compare_port)
int zcu_soc_equal_sockaddr(const struct sockaddr *addr1,
const struct sockaddr *addr2, int compare_port)
{
if (addr1->sa_family != addr2->sa_family)
return 0;