bughz/3proxy
1
0
Fork 0
mirror of https://github.com/3proxy/3proxy.git synced 2025-02-23 18:45:40 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

Corrected ACLs handling + network ranges in ACLS

Browse Source 
ACL handling corrected (affected all ACL-based operations like
allow/deny/banlimin/etc).
Network ranges like
10.0.0.0-10.0.0.1.64
are winally supported in ACLS.
This commit is contained in:
z3APA3A 2014-12-13 19:48:41 +03:00
parent 042fc2afde
commit e39f4638cf
4 changed files with 19 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
src/3proxy.c
View File

@ -1186,27 +1186,28 @@ int scanipl(unsigned char *arg, struct iplist *dst){
if(dash){
if(!getip46(46, dash+1, (struct sockaddr *)&sa)) return 2;
memcpy(&dst->ip_to, SAADDR(&sa), SAADDRLEN(&sa));
if(*SAFAMILY(&sa) != dst->family || memcmp(&dst->ip_to, &dst->ip_from, SAADDRLEN(&sa)) < 0) return 3;
return 0;
}
memcpy(&dst->ip_to, &dst->ip_from, SAADDRLEN(&sa));
if(slash){
addrlen = SAADDRLEN(&sa);
masklen = atoi(slash+1);
if(masklen >= 0 && masklen<(addrlen*8)){
int i, nbytes = masklen / 8, nbits = masklen % 8;
if(masklen < 0 || masklen > (addrlen*8)) return 4;
else {
int i, nbytes = masklen / 8, nbits = (8 - (masklen % 8)) % 8;
for(i = addrlen; i; i--){
for(i = addrlen; i>(nbytes + (nbits > 0)); i--){
((unsigned char *)&dst->ip_from)[i-1] = 0x00;
((unsigned char *)&dst->ip_to)[i-1] = 0xff;
}
memcpy(&dst->ip_to, &dst->ip_from, addrlen - i);
for(;nbits;nbits--){
((unsigned char *)&dst->ip_from)[i-1] &= (0x01<<(nbits-1));
((unsigned char *)&dst->ip_to)[i-1] |= (0x01<<(nbits-1));
((unsigned char *)&dst->ip_from)[nbytes] &= ~(0x01<<(nbits-1));
((unsigned char *)&dst->ip_to)[nbytes] |= (0x01<<(nbits-1));
}
return 0;
}
}
memcpy(&dst->ip_to, &dst->ip_from, SAADDRLEN(&sa));
return 0;
}
@ -1257,7 +1258,7 @@ struct ace * make_ace (int argc, unsigned char ** argv){
}
memset(ipl, 0, sizeof(struct iplist));
if (scanipl(arg, ipl)) {
fprintf(stderr, "Invalid IP or CIDR, line %d\n", linenum);
fprintf(stderr, "Invalid IP, IP range or CIDR, line %d\n", linenum);
return(NULL);
}
} while((arg = (unsigned char *)strtok((char *)NULL, ",")));
@ -1315,7 +1316,7 @@ struct ace * make_ace (int argc, unsigned char ** argv){
}
memset(ipl, 0, sizeof(struct iplist));
if (scanipl(arg, ipl)) {
fprintf(stderr, "Invalid IP or CIDR, line %d\n", linenum);
fprintf(stderr, "Invalid IP, IP range or CIDR, line %d\n", linenum);
return(NULL);
}
}

8
src/auth.c
View File

@ -313,14 +313,18 @@ int handleredirect(struct clientparam * param, struct ace * acentry){
}
int IPInentry(struct sockaddr *sa, struct iplist *ipentry){
int i, addrlen;
int addrlen;
unsigned char *ip, *ipf, *ipt;
ip = (unsigned char *)SAADDR(sa);
ipf = (unsigned char *)&ipentry->ip_from;
ipt = (unsigned char *)&ipentry->ip_to;
if(!sa || ! ipentry || *SAFAMILY(sa) != ipentry->family) return 0;
addrlen = SAADDRLEN(sa);
for(i=0; i<addrlen; i++) if(ip[i]<ipf[i] || ip[i]>ipt[i]) return 0;
if(memcmp(ip,ipf,addrlen) < 0 || memcmp(ip,ipt,addrlen) > 0) return 0;
return 1;
}

2
src/common.c
View File

@ -224,7 +224,7 @@ int parsehostname(char *hostname, struct clientparam *param, unsigned short port
if(se){
*se = 0;
}
if(hostname != param->hostname){
if(hostname != (char *)param->hostname){
if(param->hostname) myfree(param->hostname);
param->hostname = (unsigned char *)mystrdup(hostname + (se!=0));
}

2
src/version.h
View File

@ -1,2 +1,2 @@
#define VERSION "3proxy-0.8b-devel"
#define BUILDDATE "141213035229"
#define BUILDDATE "141213192542"