static int ip_addr_check(u32_t addr, struct wordlist *addrs) { /* don't allow loopback or multicast address */ if (bad_ip_adrs(addr)) return 0; if (addrs == NULL) return !ppp_settings.auth_required; /* no addresses authorized */ /* XXX All other addresses allowed. */ return 1; }
static int /* @todo: integrate this funtion into auth_ip_addr()*/ ip_addr_check(u32_t addr, struct wordlist *addrs) { /* don't allow loopback or multicast address */ if (bad_ip_adrs(addr)) { return 0; } if (addrs == NULL) { return !ppp_settings.auth_required; /* no addresses authorized */ } /* XXX All other addresses allowed. */ return 1; }
static int ip_addr_check(u_int32_t addr, struct wordlist *addrs) { int x, y; u_int32_t a, mask, ah; int accept; char *ptr_word, *ptr_mask; struct hostent *hp; struct netent *np; /* don't allow loopback or multicast address */ if (bad_ip_adrs(addr)) return 0; if (addrs == NULL) return !auth_required; /* no addresses authorized */ x = y = 0; for (; addrs != NULL; addrs = addrs->next) { y++; /* "-" means no addresses authorized, "*" means any address allowed */ ptr_word = addrs->word; if (strcmp(ptr_word, "-") == 0) break; if (strcmp(ptr_word, "*") == 0) return 1; /* * A colon in the string means that we wish to force a specific * local:remote address, but we ignore these for now. */ if (strchr(addrs->word, ':') != NULL) x++; else { accept = 1; if (*ptr_word == '!') { accept = 0; ++ptr_word; } mask = ~ (u_int32_t) 0; ptr_mask = strchr (ptr_word, '/'); if (ptr_mask != NULL) { int bit_count; bit_count = (int) strtol (ptr_mask+1, NULL, 10); if (bit_count <= 0 || bit_count > 32) { syslog (LOG_WARNING, "invalid address length %s in auth. address list", ptr_mask); continue; } *ptr_mask = '\0'; mask <<= 32 - bit_count; } hp = gethostbyname(ptr_word); if (hp != NULL && hp->h_addrtype == AF_INET) { a = *(u_int32_t *)hp->h_addr; } else { np = getnetbyname (ptr_word); if (np != NULL && np->n_addrtype == AF_INET) { a = htonl (*(u_int32_t *)np->n_net); if (ptr_mask == NULL) { /* calculate appropriate mask for net */ ah = ntohl(a); if (IN_CLASSA(ah)) mask = IN_CLASSA_NET; else if (IN_CLASSB(ah)) mask = IN_CLASSB_NET; else if (IN_CLASSC(ah)) mask = IN_CLASSC_NET; } } else { a = inet_addr (ptr_word); } } if (ptr_mask != NULL) *ptr_mask = '/'; if (a == (u_int32_t)-1L) syslog (LOG_WARNING, "unknown host %s in auth. address list", addrs->word); else /* Here a and addr are in network byte order, and mask is in host order. */ if (((addr ^ a) & htonl(mask)) == 0) return accept; } /* else */ } return x == y; /* not in list => can't have it */ }