/**
* *this SocketAddress was created from the numeric IP address of a
* connecting host.
* The lo and hi addresses are one binary address pair from a range
* given in an ACL file.
* Return true if this binary address is '>= lo' and '<= hi'.
*/
bool SocketAddress::inRange(const ::addrinfo& thisInfo,
const ::addrinfo& lo,
const ::addrinfo& hi) const
{
int resLo;
int resHi;
if (!compareAddresses(lo, thisInfo, resLo)) {
return false;
}
if (!compareAddresses(hi, thisInfo, resHi)) {
return false;
}
if (resLo < 0) {
return false;
}
if (resHi > 0) {
return false;
}
return true;
}
struct LinkStateNode* checkForMember(struct memberList* members,
struct AddressInfo* local, struct AddressInfo* remote){
pthread_mutex_lock(&(members->lock));
struct LinkStateNode* ptr = members->list;
struct LinkStateNode* found = NULL;
while(ptr != NULL){
if((compareAddresses(remote, &(ptr->remote)) == 0) && (compareAddresses(local, &(ptr->local)) == 0)){
found = ptr;
break;
}
else{
ptr = ptr->next;
}
}
pthread_mutex_unlock(&(members->lock));
return found;
}
/**
* For ACL address matching make sure that the two addresses, *this
* which is the low address and hiPeer which is the high address, are
* both numeric ip addresses of the same family and that hi > *this.
*
* Note that if the addresses resolve to more than one struct addrinfo
* then this and the hiPeer must be equal. This avoids having to do
* difficult range checks where the this and hiPeer both resolve to
* multiple IPv4 or IPv6 addresses.
*
* This check is run at acl file load time and not at run tme.
*/
bool SocketAddress::isComparable(const SocketAddress& hiPeer) const {
try {
// May only compare if this socket is IPv4 or IPv6
SocketAddress lo(*this);
const ::addrinfo& peerLoInfo = getAddrInfo(lo);
if (!(peerLoInfo.ai_family == AF_INET || peerLoInfo.ai_family == AF_INET6)) {
return false;
}
try {
// May only compare if peer socket is same family
SocketAddress hi(hiPeer);
const ::addrinfo& peerHiInfo = getAddrInfo(hi);
if (peerLoInfo.ai_family != peerHiInfo.ai_family) {
return false;
}
// Host names that resolve to lists are allowed if they are equal.
// For example: localhost, or fjord.lab.example.com
if ((*this).asString() == hiPeer.asString()) {
return true;
}
// May only compare if this and peer resolve to single address.
if (lo.nextAddress() || hi.nextAddress()) {
return false;
}
// Make sure that the lo/hi relationship is ok
int res;
if (!compareAddresses(peerLoInfo, peerHiInfo, res) || res < 0) {
return false;
}
return true;
} catch (Exception) {
// failed to resolve hi
return false;
}
} catch (Exception) {
// failed to resolve lo
return false;
}
}
