RepoMirrors/haproxy
1
0
Fork 0
mirror of http://git.haproxy.org/git/haproxy.git/ synced 2025-03-07 03:48:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

MINOR: tools: Add function to compare an address to a network address

Browse Source 
ipcmp2net() function may be used to compare an addres (struct
sockaddr_storage) to a network address (struct net_addr). Among other
things, this function will be used to add support of IPv6 for "except"
parameter of "forwardfor" and "originalto" options.
This commit is contained in:
Christopher Faulet 2021-02-26 09:12:50 +01:00
parent 01f02a4d84
commit 9553de7fec
2 changed files with 42 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
include/haproxy/tools.h
View File

@ -740,6 +740,13 @@ extern int v6tov4(struct in_addr *sin_addr, struct in6_addr *sin6_addr);
*/
int ipcmp(struct sockaddr_storage *ss1, struct sockaddr_storage *ss2);
/* compare a struct sockaddr_storage to a struct net_addr and return :
* 0 (true) if <addr> is matching <net>
* 1 (false) if <addr> is not matching <net>
* -1 (unable) if <addr> or <net> is not AF_INET*
*/
int ipcmp2net(const struct sockaddr_storage *addr, const struct net_addr *net);
/* copy ip from <source> into <dest>
* the caller must clear <dest> before calling.
* Returns a pointer to the destination

35
src/tools.c
View File

@ -46,6 +46,7 @@
#include <haproxy/hlua.h>
#include <haproxy/listener.h>
#include <haproxy/namespace.h>
#include <haproxy/net_helper.h>
#include <haproxy/protocol.h>
#include <haproxy/resolvers.h>
#include <haproxy/sock.h>
@ -3110,6 +3111,40 @@ int ipcmp(struct sockaddr_storage *ss1, struct sockaddr_storage *ss2)
return 1;
}
/* compare a struct sockaddr_storage to a struct net_addr and return :
* 0 (true) if <addr> is matching <net>
* 1 (false) if <addr> is not matching <net>
* -1 (unable) if <addr> or <net> is not AF_INET*
*/
int ipcmp2net(const struct sockaddr_storage *addr, const struct net_addr *net)
{
if ((addr->ss_family != AF_INET) && (addr->ss_family != AF_INET6))
return -1;
if ((net->family != AF_INET) && (net->family != AF_INET6))
return -1;
if (addr->ss_family != net->family)
return 1;
if (addr->ss_family == AF_INET &&
(((struct sockaddr_in *)addr)->sin_addr.s_addr & net->addr.v4.mask.s_addr) == net->addr.v4.ip.s_addr)
return 0;
else {
const struct in6_addr *addr6 = &(((const struct sockaddr_in6*)addr)->sin6_addr);
const struct in6_addr *nip6 = &net->addr.v6.ip;
const struct in6_addr *nmask6 = &net->addr.v6.mask;
if ((read_u32(&addr6->s6_addr[0]) & read_u32(&nmask6->s6_addr[0])) == read_u32(&nip6->s6_addr[0]) &&
(read_u32(&addr6->s6_addr[4]) & read_u32(&nmask6->s6_addr[4])) == read_u32(&nip6->s6_addr[4]) &&
(read_u32(&addr6->s6_addr[8]) & read_u32(&nmask6->s6_addr[8])) == read_u32(&nip6->s6_addr[8]) &&
(read_u32(&addr6->s6_addr[12]) & read_u32(&nmask6->s6_addr[12])) == read_u32(&nip6->s6_addr[12]))
return 0;
}
return 1;
}
/* copy IP address from <source> into <dest>
* The caller must allocate and clear <dest> before calling.
* The source must be in either AF_INET or AF_INET6 family, or the destination