/** * *this SocketAddress was created from the numeric IP address of a * connecting host. * The lo and hi addresses are one binary address pair from a range * given in an ACL file. * Return true if this binary address is '>= lo' and '<= hi'. */ bool SocketAddress::inRange(const ::addrinfo& thisInfo, const ::addrinfo& lo, const ::addrinfo& hi) const { int resLo; int resHi; if (!compareAddresses(lo, thisInfo, resLo)) { return false; } if (!compareAddresses(hi, thisInfo, resHi)) { return false; } if (resLo < 0) { return false; } if (resHi > 0) { return false; } return true; }
struct LinkStateNode* checkForMember(struct memberList* members, struct AddressInfo* local, struct AddressInfo* remote){ pthread_mutex_lock(&(members->lock)); struct LinkStateNode* ptr = members->list; struct LinkStateNode* found = NULL; while(ptr != NULL){ if((compareAddresses(remote, &(ptr->remote)) == 0) && (compareAddresses(local, &(ptr->local)) == 0)){ found = ptr; break; } else{ ptr = ptr->next; } } pthread_mutex_unlock(&(members->lock)); return found; }
/** * For ACL address matching make sure that the two addresses, *this * which is the low address and hiPeer which is the high address, are * both numeric ip addresses of the same family and that hi > *this. * * Note that if the addresses resolve to more than one struct addrinfo * then this and the hiPeer must be equal. This avoids having to do * difficult range checks where the this and hiPeer both resolve to * multiple IPv4 or IPv6 addresses. * * This check is run at acl file load time and not at run tme. */ bool SocketAddress::isComparable(const SocketAddress& hiPeer) const { try { // May only compare if this socket is IPv4 or IPv6 SocketAddress lo(*this); const ::addrinfo& peerLoInfo = getAddrInfo(lo); if (!(peerLoInfo.ai_family == AF_INET || peerLoInfo.ai_family == AF_INET6)) { return false; } try { // May only compare if peer socket is same family SocketAddress hi(hiPeer); const ::addrinfo& peerHiInfo = getAddrInfo(hi); if (peerLoInfo.ai_family != peerHiInfo.ai_family) { return false; } // Host names that resolve to lists are allowed if they are equal. // For example: localhost, or fjord.lab.example.com if ((*this).asString() == hiPeer.asString()) { return true; } // May only compare if this and peer resolve to single address. if (lo.nextAddress() || hi.nextAddress()) { return false; } // Make sure that the lo/hi relationship is ok int res; if (!compareAddresses(peerLoInfo, peerHiInfo, res) || res < 0) { return false; } return true; } catch (Exception) { // failed to resolve hi return false; } } catch (Exception) { // failed to resolve lo return false; } }