void testEndpoint ()
{
testcase ("Endpoint");
{
std::pair <Endpoint, bool> result (
Endpoint::from_string_checked ("1.2.3.4"));
expect (result.second);
if (expect (result.first.address().is_v4 ()))
{
expect (result.first.address().to_v4() ==
AddressV4 (1, 2, 3, 4));
expect (result.first.port() == 0);
expect (to_string (result.first) == "1.2.3.4");
}
}
{
std::pair <Endpoint, bool> result (
Endpoint::from_string_checked ("1.2.3.4:5"));
expect (result.second);
if (expect (result.first.address().is_v4 ()))
{
expect (result.first.address().to_v4() ==
AddressV4 (1, 2, 3, 4));
expect (result.first.port() == 5);
expect (to_string (result.first) == "1.2.3.4:5");
}
}
Endpoint ep;
ep = Endpoint (AddressV4 (127,0,0,1), 80);
expect (! is_unspecified (ep));
expect (! is_public (ep));
expect ( is_private (ep));
expect (! is_multicast (ep));
expect ( is_loopback (ep));
expect (to_string (ep) == "127.0.0.1:80");
ep = Endpoint (AddressV4 (10,0,0,1));
expect (AddressV4::get_class (ep.to_v4()) == 'A');
expect (! is_unspecified (ep));
expect (! is_public (ep));
expect ( is_private (ep));
expect (! is_multicast (ep));
expect (! is_loopback (ep));
expect (to_string (ep) == "10.0.0.1");
ep = Endpoint (AddressV4 (166,78,151,147));
expect (! is_unspecified (ep));
expect ( is_public (ep));
expect (! is_private (ep));
expect (! is_multicast (ep));
expect (! is_loopback (ep));
expect (to_string (ep) == "166.78.151.147");
}
static inline void netif_get_addrs_nix(struct netif_saddr_data *ifaddrs)
{
struct ifaddrs *ifaddr, *ifa;
unsigned int family, s;
char host[NI_MAXHOST];
if (getifaddrs(&ifaddr) == -1) {
warn("getifaddrs() failed");
return;
}
for (ifa = ifaddr; ifa != NULL; ifa = ifa->ifa_next) {
if (ifa->ifa_addr == NULL || is_loopback(ifa))
continue;
family = ifa->ifa_addr->sa_family;
if ((family == AF_INET) || (family == AF_INET6)) {
s = getnameinfo(ifa->ifa_addr,
(family == AF_INET) ?
sizeof(struct sockaddr_in) :
sizeof(struct sockaddr_in6),
host, NI_MAXHOST, NULL, 0, NI_NUMERICHOST);
if (s != 0) {
warn("getnameinfo() failed: %s",
gai_strerror(s));
continue;
}
netif_push(ifa->ifa_addr, ifaddrs, ifa->ifa_name);
}
}
freeifaddrs(ifaddr);
}
void get_available_address_v4(io_service& ios,std::set<address>& addrs)
{
addrs.clear();
error_code ec;
std::vector<ip_interface> interfaces=enum_net_interfaces(ios,ec);
address realBindAddr;
for(std::size_t i=0;i<interfaces.size();++i)
{
if(is_loopback(interfaces[i].interface_address)
||is_any(interfaces[i].interface_address)
||interfaces[i].interface_address.is_v6()
)
{
continue;
}
//test can we bind this port
endpoint edp(interfaces[i].interface_address,0);
boost::asio::ip::tcp::socket tcpSocket(ios);
tcpSocket.open(boost::asio::ip::tcp::v4(),ec);
tcpSocket.bind(edp,ec);
if (!ec&&!is_any(realBindAddr=tcpSocket.local_endpoint(ec).address()))
{
addrs.insert(realBindAddr);
}
else
{
addrs.erase(realBindAddr);
}
tcpSocket.close(ec);
}
}
static int is_remote(char *str)
{
/* convenience - checks if socket based connection */
if (str)
return strcmp(str, OSM_REMOTE_CONSOLE) == 0 || is_loopback(str);
return 0;
}
int is_console_enabled(osm_subn_opt_t * p_opt)
{
/* checks for a variety of types of consoles - default is off or 0 */
if (p_opt)
return is_local(p_opt->console) || is_loopback(p_opt->console)
|| is_remote(p_opt->console);
return 0;
}
int
check_access(SVCXPRT *xprt, rpcproc_t proc, rpcprog_t prog, unsigned int rpcbvers)
{
struct netbuf *caller = svc_getrpccaller(xprt);
struct sockaddr *addr = (struct sockaddr *)caller->buf;
#ifdef LIBWRAP
struct request_info req;
#endif
/*
* The older PMAP_* equivalents have the same numbers, so
* they are accounted for here as well.
*/
switch (proc) {
case RPCBPROC_SET:
case RPCBPROC_UNSET:
if (!insecure && !is_loopback(caller)) {
#ifdef RPCBIND_DEBUG
if (debugging)
fprintf(stderr, " declined (non-loopback sender) \n");
#endif
if (verboselog)
logit(log_severity, addr, proc, prog,
" declined (non-loopback sender)");
return 0;
}
break;
case RPCBPROC_GETADDR:
case RPCBPROC_CALLIT:
case RPCBPROC_INDIRECT:
case RPCBPROC_DUMP:
case RPCBPROC_GETTIME:
case RPCBPROC_UADDR2TADDR:
case RPCBPROC_TADDR2UADDR:
case RPCBPROC_GETVERSADDR:
case RPCBPROC_GETADDRLIST:
case RPCBPROC_GETSTAT:
default:
break;
}
#ifdef LIBWRAP
if (addr->sa_family == AF_LOCAL)
return 1;
request_init(&req, RQ_DAEMON, "rpcbind", RQ_CLIENT_SIN, addr, 0);
sock_methods(&req);
if(!hosts_access(&req)) {
logit(deny_severity, addr, proc, prog, ": request from unauthorized host");
return 0;
}
#endif
if (verboselog)
logit(log_severity, addr, proc, prog, "");
return 1;
}
/**
* Receiver::handle_input()
*
* Description:
* Called when input is available
*/
int Receiver::handle_input() {
if (connected_) {
// TODO: Check if really needed! (Try not to read all data from socket)
Miro::Guard guard(mutex_); /* needed for timeout handling */
CORBA::ULong header[HEADER_SIZE / sizeof(CORBA::ULong) + ACE_CDR::MAX_ALIGNMENT];
EventData eventData;
iovec iov[1];
ACE_INET_Addr from;
switch (receiveData(iov, from)) {
case -1:
PRINT_DBG(DBG_INFO, "handleInput: read");
return -1;
case 0:
PRINT_DBG(DBG_INFO, "handleInput: read 0");
return 0;
default:
/* fall through */
break;
}
/* Check if paket was sent locally and if so, drop it */
if (is_loopback(from))
return 0;
//#if DEBUG_LEVEL == DBG_TOOMUCH
struct in_addr ia;
ia.s_addr = htonl(from.get_ip_address());
PRINT("Datagram from " << inet_ntoa(ia) << ":" << from.get_port_number());
//#endif
/* Process packet */
memcpy(header, ((char *)iov[0].iov_base ), sizeof(header));
char *buf = ACE_reinterpret_cast(char *, header);
TAO_InputCDR headerCdr(buf, sizeof(header), (int)buf[0]);
eventData.systemTimestamp = ACE_OS::gettimeofday().msec();
headerCdr.read_boolean(eventData.byteOrder);
headerCdr.read_ulong(eventData.requestId);
headerCdr.read_ulong(eventData.requestSize);
headerCdr.read_ulong(eventData.fragmentSize);
headerCdr.read_ulong(eventData.fragmentOffset);
headerCdr.read_ulong(eventData.fragmentId);
headerCdr.read_ulong(eventData.fragmentCount);
headerCdr.read_ulong(eventData.timestamp);
cout << "test" << endl;
handle_event(eventData, iov);
}
return 0;
}
static bool is_reserved(struct sockaddr* sa)
{
if (sa->sa_family == AF_INET)
{
struct sockaddr_in* in = (struct sockaddr_in*) sa;
unsigned char* addr = (unsigned char*) &in->sin_addr.s_addr;
return (addr[0] == 0 ||
(addr[0] == 127 && !is_loopback(sa)) ||
addr[0] >= 240);
}
return false;
}
void utp_socket_manager::mtu_for_dest(address const& addr, int& link_mtu, int& utp_mtu)
{
int mtu = 0;
if (is_teredo(addr)) mtu = TORRENT_TEREDO_MTU;
else mtu = TORRENT_ETHERNET_MTU;
#if defined __APPLE__
// apple has a very strange loopback. It appears you can't
// send messages of the reported MTU size, and you don't get
// EWOULDBLOCK either.
if (is_loopback(addr))
{
if (is_teredo(addr)) mtu = TORRENT_TEREDO_MTU;
else mtu = TORRENT_ETHERNET_MTU;
}
#endif
// clamp the MTU within reasonable bounds
if (mtu < TORRENT_INET_MIN_MTU) mtu = TORRENT_INET_MIN_MTU;
else if (mtu > TORRENT_INET_MAX_MTU) mtu = TORRENT_INET_MAX_MTU;
link_mtu = mtu;
mtu -= TORRENT_UDP_HEADER;
if (m_sock.get_proxy_settings().type == settings_pack::socks5
|| m_sock.get_proxy_settings().type == settings_pack::socks5_pw)
{
// this is for the IP layer
address proxy_addr = m_sock.proxy_addr().address();
if (proxy_addr.is_v4()) mtu -= TORRENT_IPV4_HEADER;
else mtu -= TORRENT_IPV6_HEADER;
// this is for the SOCKS layer
mtu -= TORRENT_SOCKS5_HEADER;
// the address field in the SOCKS header
if (addr.is_v4()) mtu -= 4;
else mtu -= 16;
}
else
{
if (addr.is_v4()) mtu -= TORRENT_IPV4_HEADER;
else mtu -= TORRENT_IPV6_HEADER;
}
utp_mtu = (std::min)(mtu, restrict_mtu());
}
isc_boolean_t
dns_acl_isinsecure(dns_acl_t *a) {
unsigned int i;
for (i = 0; i < a->length; i++) {
dns_aclelement_t *e = &a->elements[i];
/* A negated match can never be insecure. */
if (e->negative)
continue;
switch (e->type) {
case dns_aclelementtype_ipprefix:
/* The loopback address is considered secure. */
if (! is_loopback(&e->u.ip_prefix))
return (ISC_TRUE);
continue;
case dns_aclelementtype_keyname:
case dns_aclelementtype_localhost:
continue;
case dns_aclelementtype_nestedacl:
if (dns_acl_isinsecure(e->u.nestedacl))
return (ISC_TRUE);
continue;
case dns_aclelementtype_localnets:
case dns_aclelementtype_any:
return (ISC_TRUE);
default:
INSIST(0);
return (ISC_TRUE);
}
}
/* No insecure elements were found. */
return (ISC_FALSE);
}
bool ip_voter::cast_vote(address const& ip
, int source_type, address const& source)
{
if (is_any(ip)) return false;
if (is_local(ip)) return false;
if (is_loopback(ip)) return false;
// don't trust source that aren't connected to us
// on a different address family than the external
// IP they claim we have
if (ip.is_v4() != source.is_v4()) return false;
// this is the key to use for the bloom filters
// it represents the identity of the voter
sha1_hash k;
hash_address(source, k);
// do we already have an entry for this external IP?
std::vector<external_ip_t>::iterator i = std::find_if(m_external_addresses.begin()
, m_external_addresses.end(), boost::bind(&external_ip_t::addr, _1) == ip);
if (i == m_external_addresses.end())
{
// each IP only gets to add a new IP once
if (m_external_address_voters.find(k)) return maybe_rotate();
if (m_external_addresses.size() > 40)
{
if (random() % 100 < 50)
return maybe_rotate();
// use stable sort here to maintain the fifo-order
// of the entries with the same number of votes
// this will sort in ascending order, i.e. the lowest
// votes first. Also, the oldest are first, so this
// is a sort of weighted LRU.
std::stable_sort(m_external_addresses.begin(), m_external_addresses.end());
// erase the last element, since it is one of the
// ones with the fewest votes
m_external_addresses.erase(m_external_addresses.end() - 1);
}
m_external_addresses.push_back(external_ip_t());
i = m_external_addresses.end() - 1;
i->addr = ip;
}
// add one more vote to this external IP
if (!i->add_vote(k, source_type)) return maybe_rotate();
++m_total_votes;
if (m_valid_external) return maybe_rotate();
i = std::min_element(m_external_addresses.begin(), m_external_addresses.end());
TORRENT_ASSERT(i != m_external_addresses.end());
if (i->addr == m_external_address) return maybe_rotate();
if (m_external_address != address_v4())
{
// we have a temporary external address. As soon as we have
// more than 25 votes, consider deciding which one to settle for
return (m_total_votes >= 25) ? maybe_rotate() : false;
}
m_external_address = i->addr;
return true;
}
void testEndpoint ()
{
testcase ("Endpoint");
{
std::pair <Endpoint, bool> result (
Endpoint::from_string_checked ("1.2.3.4"));
expect (result.second);
if (expect (result.first.address().is_v4 ()))
{
expect (result.first.address().to_v4() ==
AddressV4 (1, 2, 3, 4));
expect (result.first.port() == 0);
expect (to_string (result.first) == "1.2.3.4");
}
}
{
std::pair <Endpoint, bool> result (
Endpoint::from_string_checked ("1.2.3.4:5"));
expect (result.second);
if (expect (result.first.address().is_v4 ()))
{
expect (result.first.address().to_v4() ==
AddressV4 (1, 2, 3, 4));
expect (result.first.port() == 5);
expect (to_string (result.first) == "1.2.3.4:5");
}
}
Endpoint ep;
ep = Endpoint (AddressV4 (127,0,0,1), 80);
expect (! is_unspecified (ep));
expect (! is_public (ep));
expect ( is_private (ep));
expect (! is_multicast (ep));
expect ( is_loopback (ep));
expect (to_string (ep) == "127.0.0.1:80");
ep = Endpoint (AddressV4 (10,0,0,1));
expect (AddressV4::get_class (ep.to_v4()) == 'A');
expect (! is_unspecified (ep));
expect (! is_public (ep));
expect ( is_private (ep));
expect (! is_multicast (ep));
expect (! is_loopback (ep));
expect (to_string (ep) == "10.0.0.1");
ep = Endpoint (AddressV4 (166,78,151,147));
expect (! is_unspecified (ep));
expect ( is_public (ep));
expect (! is_private (ep));
expect (! is_multicast (ep));
expect (! is_loopback (ep));
expect (to_string (ep) == "166.78.151.147");
{
ep = Endpoint::from_string ("192.0.2.112");
expect (! is_unspecified (ep));
expect (ep == Endpoint::from_string_altform ("192.0.2.112"));
auto const ep1 = Endpoint::from_string ("192.0.2.112:2016");
expect (! is_unspecified (ep1));
expect (ep.address() == ep1.address());
expect (ep1.port() == 2016);
auto const ep2 =
Endpoint::from_string_altform ("192.0.2.112:2016");
expect (! is_unspecified (ep2));
expect (ep.address() == ep2.address());
expect (ep2.port() == 2016);
expect (ep1 == ep2);
auto const ep3 =
Endpoint::from_string_altform ("192.0.2.112 2016");
expect (! is_unspecified (ep3));
expect (ep.address() == ep3.address());
expect (ep3.port() == 2016);
expect (ep2 == ep3);
auto const ep4 =
Endpoint::from_string_altform ("192.0.2.112 2016");
expect (! is_unspecified (ep4));
expect (ep.address() == ep4.address());
expect (ep4.port() == 2016);
expect (ep3 == ep4);
expect (to_string(ep1) == to_string(ep2));
expect (to_string(ep1) == to_string(ep3));
expect (to_string(ep1) == to_string(ep4));
}
// Failures:
expect (is_unspecified (
Endpoint::from_string ("192.0.2.112:port")));
expect (is_unspecified (
Endpoint::from_string_altform ("192.0.2.112:port")));
expect (is_unspecified (
Endpoint::from_string_altform ("192.0.2.112 port")));
expect (is_unspecified (
Endpoint::from_string ("ip:port")));
expect (is_unspecified (
Endpoint::from_string_altform ("ip:port")));
expect (is_unspecified (
Endpoint::from_string_altform ("ip port")));
expect (is_unspecified (
Endpoint::from_string("")));
expect (is_unspecified (
Endpoint::from_string_altform("")));
expect (is_unspecified (
Endpoint::from_string("255")));
expect (is_unspecified (
Endpoint::from_string_altform("255")));
expect (is_unspecified (
Endpoint::from_string("512")));
expect (is_unspecified (
Endpoint::from_string_altform("512")));
expect (is_unspecified (
Endpoint::from_string("1.2.3.256")));
expect (is_unspecified (
Endpoint::from_string_altform("1.2.3.256")));
expect (is_unspecified (
Endpoint::from_string("1.2.3:80")));
expect (is_unspecified (
Endpoint::from_string_altform("1.2.3:80")));
expect (is_unspecified (
Endpoint::from_string_altform("1.2.3 80")));
expect (is_unspecified (
Endpoint::from_string("1.2.3.4:65536")));
expect (is_unspecified (
Endpoint::from_string_altform("1.2.3:65536")));
expect (is_unspecified (
Endpoint::from_string_altform("1.2.3 65536")));
expect (is_unspecified (
Endpoint::from_string("1.2.3.4:89119")));
expect (is_unspecified (
Endpoint::from_string_altform("1.2.3:89119")));
expect (is_unspecified (
Endpoint::from_string_altform("1.2.3 89119")));
}
void utp_socket_manager::mtu_for_dest(address const& addr, int& link_mtu, int& utp_mtu)
{
if (time_now() - m_last_route_update > seconds(60))
{
m_last_route_update = time_now();
error_code ec;
m_routes = enum_routes(m_sock.get_io_service(), ec);
}
int mtu = 0;
if (!m_routes.empty())
{
for (std::vector<ip_route>::iterator i = m_routes.begin()
, end(m_routes.end()); i != end; ++i)
{
if (!match_addr_mask(addr, i->destination, i->netmask)) continue;
// assume that we'll actually use the route with the largest
// MTU (seems like a reasonable assumption).
// this could however be improved by using the route metrics
// and the prefix length of the netmask to order the matches
if (mtu < i->mtu) mtu = i->mtu;
}
}
if (mtu == 0)
{
if (is_teredo(addr)) mtu = TORRENT_TEREDO_MTU;
else mtu = TORRENT_ETHERNET_MTU;
}
#if defined __APPLE__
// apple has a very strange loopback. It appears you can't
// send messages of the reported MTU size, and you don't get
// EWOULDBLOCK either.
if (is_loopback(addr))
{
if (is_teredo(addr)) mtu = TORRENT_TEREDO_MTU;
else mtu = TORRENT_ETHERNET_MTU;
}
#endif
// clamp the MTU within reasonable bounds
if (mtu < TORRENT_INET_MIN_MTU) mtu = TORRENT_INET_MIN_MTU;
else if (mtu > TORRENT_INET_MAX_MTU) mtu = TORRENT_INET_MAX_MTU;
link_mtu = mtu;
mtu -= TORRENT_UDP_HEADER;
if (m_sock.get_proxy_settings().type == proxy_settings::socks5
|| m_sock.get_proxy_settings().type == proxy_settings::socks5_pw)
{
// this is for the IP layer
address proxy_addr = m_sock.proxy_addr().address();
if (proxy_addr.is_v4()) mtu -= TORRENT_IPV4_HEADER;
else mtu -= TORRENT_IPV6_HEADER;
// this is for the SOCKS layer
mtu -= TORRENT_SOCKS5_HEADER;
// the address field in the SOCKS header
if (addr.is_v4()) mtu -= 4;
else mtu -= 16;
}
else
{
if (addr.is_v4()) mtu -= TORRENT_IPV4_HEADER;
else mtu -= TORRENT_IPV6_HEADER;
}
utp_mtu = mtu;
}
static int ftp_init_transfer(void)
{
if (!ftp_connected())
return -1;
if (!sock_dup(ftp->ctrl, &ftp->data))
return -1;
if (ftp_is_passive())
{
ftp_trace("Initializing passive connection.\n");
struct sockaddr_storage sa;
memcpy(&sa, sock_remote_addr(ftp->ctrl), sizeof(struct sockaddr_storage));
unsigned char pac[6] = { 0 };
unsigned short ipv6_port = { 0 };
if (!ftp_pasv(sa.ss_family != AF_INET, pac, &ipv6_port))
{
ftp_trace("PASV/EPSV failed.\n");
sock_destroy(ftp->data);
ftp->data = NULL;
return -1;
}
socklen_t len = sizeof(struct sockaddr_in);
if (sa.ss_family == AF_INET)
{
memcpy(&((struct sockaddr_in*)&sa)->sin_addr, pac, (size_t)4);
memcpy(&((struct sockaddr_in*)&sa)->sin_port, pac+4, (size_t)2);
}
#ifdef HAVE_IPV6
else if (sa.ss_family == AF_INET6)
{
((struct sockaddr_in6*)&sa)->sin6_port = htons(ipv6_port);
len = sizeof(struct sockaddr_in6);
}
#endif
else
{
ftp_trace("Do not know how to handle family %d.\n", sa.ss_family);
sock_destroy(ftp->data);
ftp->data = NULL;
return -1;
}
struct sockaddr_storage tmp;
memcpy(&tmp, sock_remote_addr(ftp->ctrl), sizeof(struct sockaddr_storage));
if (is_reserved((struct sockaddr*) &sa) ||
is_multicast((struct sockaddr*) &sa) ||
(is_private((struct sockaddr*) &sa) != is_private((struct sockaddr*) &tmp)) ||
(is_loopback((struct sockaddr*) &sa) != is_loopback((struct sockaddr*) &tmp)))
{
// Invalid address returned by PASV. Replace with address from control
// socket.
ftp_err(_("Address returned by PASV seems to be incorrect.\n"));
((struct sockaddr_in*)&sa)->sin_addr = ((struct sockaddr_in*)&tmp)->sin_addr;
}
if (!sock_connect_addr(ftp->data, (struct sockaddr*) &sa, len))
{
ftp_trace("Could not connect to address from PASV/EPSV.\n");
perror("connect()");
sock_destroy(ftp->data);
ftp->data = NULL;
return -1;
}
} else {
ftp_trace("Initializing active connection.\n");
const struct sockaddr* local = sock_local_addr(ftp->data);
sock_listen(ftp->data, local->sa_family);
if (local->sa_family == AF_INET)
{
struct sockaddr_in* tmp = (struct sockaddr_in*)local;
unsigned char* a = (unsigned char *)&tmp->sin_addr;
unsigned char* p = (unsigned char *)&tmp->sin_port;
ftp_set_tmp_verbosity(vbError);
ftp_cmd("PORT %d,%d,%d,%d,%d,%d",
a[0], a[1], a[2], a[3], p[0], p[1]);
}
#ifdef HAVE_IPV6
else if (local->sa_family == AF_INET6)
{
char* addr = printable_address(local);
ftp_set_tmp_verbosity(vbError);
ftp_cmd("EPRT |2|%s|%u|", addr, ntohs(((struct sockaddr_in6*)local)->sin6_port));
free(addr);
}
#endif
else
{
ftp_trace("Do not know how to handle family %d.\n", local->sa_family);
sock_destroy(ftp->data);
ftp->data = NULL;
return -1;
}
if(ftp->code != ctComplete)
{
ftp_trace("PORT/EPRT not successful\n");
sock_destroy(ftp->data);
ftp->data = NULL;
return -1;
}
}
sock_throughput(ftp->data);
return 0;
}
static int ftp_init_transfer(void)
{
struct sockaddr_storage sa;
unsigned char *a, *p;
if(!ftp_connected())
return -1;
if (!(ftp->data = sock_create())) {
return -1;
}
sock_copy(ftp->data, ftp->ctrl);
if (ftp_is_passive())
{
memcpy(&sa, sock_remote_addr(ftp->ctrl), sizeof(struct sockaddr_storage));
unsigned char pac[6];
unsigned short ipv6_port;
if (!ftp_pasv(sa.ss_family != AF_INET, pac, &ipv6_port))
goto err1;
socklen_t len = sizeof(struct sockaddr_in);
if (sa.ss_family == AF_INET)
{
memcpy(&((struct sockaddr_in*)&sa)->sin_addr, pac, (size_t)4);
memcpy(&((struct sockaddr_in*)&sa)->sin_port, pac+4, (size_t)2);
}
#ifdef HAVE_IPV6
else if (sa.ss_family == AF_INET6)
{
((struct sockaddr_in6*)&sa)->sin6_port = htons(ipv6_port);
len = sizeof(struct sockaddr_in6);
}
#endif
else
return -1;
struct sockaddr_storage tmp;
memcpy(&tmp, sock_remote_addr(ftp->ctrl), sizeof(struct sockaddr_storage));
if (is_reserved((struct sockaddr*) &sa) ||
is_multicast((struct sockaddr*) &sa) ||
(is_private((struct sockaddr*) &sa) != is_private((struct sockaddr*) &tmp)) ||
(is_loopback((struct sockaddr*) &sa) != is_loopback((struct sockaddr*) &tmp)))
{
// Invalid address returned by PASV. Replace with address from control
// socket.
ftp_err(_("Address returned by PASV seems to be incorrect.\n"));
((struct sockaddr_in*)&sa)->sin_addr = ((struct sockaddr_in*)&tmp)->sin_addr;
}
if (!sock_connect_addr(ftp->data, (struct sockaddr*) &sa, len))
{
perror("connect()");
goto err1;
}
} else {
const struct sockaddr* local = sock_local_addr(ftp->data);
sock_listen(ftp->data, local->sa_family);
if (local->sa_family == AF_INET)
{
struct sockaddr_in* tmp = (struct sockaddr_in*)local;
a = (unsigned char *)&tmp->sin_addr;
p = (unsigned char *)&tmp->sin_port;
ftp_set_tmp_verbosity(vbError);
ftp_cmd("PORT %d,%d,%d,%d,%d,%d",
a[0], a[1], a[2], a[3], p[0], p[1]);
}
#ifdef HAVE_IPV6
else if (local->sa_family == AF_INET6)
{
char* addr = printable_address(local);
ftp_set_tmp_verbosity(vbError);
ftp_cmd("EPRT |2|%s|%u", addr, ntohs(((struct sockaddr_in6*)local)->sin6_port));
free(addr);
}
#endif
else
goto err1;
if(ftp->code != ctComplete)
goto err1;
}
sock_throughput(ftp->data);
return 0;
err1:
sock_destroy(ftp->data);
ftp->data = 0;
return -1;
}
void cares_callback_req(void *argdata, int status, int timeouts,
unsigned char *abuf, int alen)
{
UNUSED_ARGUMENT(timeouts);
struct hostent *hostptr = NULL;
int is_a_reply = 0;
int nttl, cnt = 0;
int i;
struct ares_addrttl *ttls = (struct ares_addrttl*)
nkn_malloc_type(sizeof(struct ares_addrttl) * nkn_max_domain_ips,
mod_auth_addrttl);
struct ares_addr6ttl *ttls6 = (struct ares_addr6ttl*)
nkn_malloc_type(sizeof(struct ares_addr6ttl) * nkn_max_domain_ips,
mod_auth_addr6ttl);
if (http_cfg_fo_use_dns)
nttl = nkn_max_domain_ips;
else
nttl = 1;
auth_dns_t* pdns = (auth_dns_t*)(((auth_msg_t*)(argdata))->authdata);
if (pdns == NULL) {
DBG_LOG(ERROR, MOD_AUTHMGR, "invalid pdns entry");
free(ttls);
free(ttls6);
return;
}
pdns->resolved = 0;
if(status != ARES_SUCCESS) {
ip_addr_t ip;
ip.addr.v4.s_addr = INADDR_NONE;
ip.family = AF_INET;
memcpy(&pdns->ip[0], &ip, sizeof(ip_addr_t));
pdns->ttl[0] = DEFAULT_DNS_ERR_TTL; //nvsd defaults
pdns->num_ips = 1;
DBG_LOG(ERROR, MOD_AUTHMGR,
"Dnslookup for domain:%s failed:%s", pdns->domain,
ares_strerror(status));
AO_fetch_and_add1(&glob_dns_task_failed);
AO_fetch_and_add1(&glob_dns_task_completed);
free(ttls);
free(ttls6);
} else {
if (pdns->ip[0].family == AF_INET) {
status = ares_parse_a_reply(abuf, alen, &hostptr, ttls, &nttl);
is_a_reply = 1;
} else {
status = ares_parse_aaaa_reply(abuf, alen, &hostptr, ttls6, &nttl);
}
if (status != ARES_SUCCESS || !hostptr) {
ip_addr_t ip;
ip.addr.v4.s_addr = INADDR_NONE;
ip.family = AF_INET;
memcpy(&pdns->ip[0], &ip, sizeof(ip_addr_t));
pdns->ttl[0] = DEFAULT_DNS_ERR_TTL; //nvsd defaults
pdns->num_ips = 1;
DBG_LOG(ERROR, MOD_AUTHMGR,
"Dnslookup for domain:%s failed:%s in parsing ",
pdns->domain,ares_strerror(status));
AO_fetch_and_add1(&glob_dns_task_failed);
AO_fetch_and_add1(&glob_dns_task_completed);
free(ttls);
free(ttls6);
} else {
for (i=0, cnt=nttl-1; i<nttl && cnt>=0; i++, cnt--) {
/* multiple RR are given and we are chosing only
* the first one, so ttls[0].ipaddr will also provide
* the ip, memcopy not needed, its just assignment*/
if (hostptr->h_length > (int)sizeof(struct in6_addr)) {
DBG_LOG(ERROR, MOD_AUTHMGR, "incorrect host->h_length");
} else {
if (is_a_reply) {
memcpy(&(pdns->ip[i].addr.v4.s_addr), &ttls[cnt].ipaddr.s_addr, sizeof(in_addr_t));
pdns->ip[i].family = AF_INET;
//apply nvsd default if something is wrong
pdns->ttl[i] = (ttls[cnt].ttl<0)? DEFAULT_DNS_TTL:ttls[cnt].ttl;
} else {
memcpy(&(pdns->ip[i].addr.v6), &ttls6[cnt].ip6addr, sizeof(struct in6_addr));
pdns->ip[i].family = AF_INET6;
//apply nvsd default if something is wrong
pdns->ttl[i] = (ttls6[cnt].ttl<0)? DEFAULT_DNS_TTL:ttls6[cnt].ttl;
}
if (is_loopback(&(pdns->ip[i])) == 0) {
pdns->resolved = 1;
}
}
}
pdns->num_ips = nttl;
AO_fetch_and_add1(&glob_dns_task_completed);
//free ares memory
ares_free_hostent(hostptr);
free(ttls);
free(ttls6);
}
}
/* Negative hashing, forcing a failure in find_origin_server*/
dns_hash_and_insert((char*)pdns->domain, &pdns->ip[0], &pdns->ttl[0], pdns->resolved, pdns->num_ips);
nkn_task_set_action_and_state((nkn_task_id_t)(pdns->auth_task_id),
TASK_ACTION_OUTPUT, TASK_STATE_RUNNABLE);
if (enable_reinit && (status == ARES_ESERVFAIL)) {
/*
* something is wrong here. BIND9 servers do not respond to this
* channel after encountering this error, so reset everything
*/
channel_ready = 0;
AO_fetch_and_add1(&glob_dns_servfail);
}
}