Blame
Date:
Sat Nov 8 20:28:31 2014 UTC
Message:
0.9.0 is the last version of Wildcarddnsd, the succeeding project is called Delphinusdnsd and will have its first release around November 15th, 2015. The new project page is at http://delphinusdns.centroid.eu.
001
2014-05-18
pjp
/*
002
2014-05-18
pjp
* Copyright (c) 2014 Peter J. Philipp
003
2014-05-18
pjp
* All rights reserved.
004
2014-05-18
pjp
*
005
2014-05-18
pjp
* Redistribution and use in source and binary forms, with or without
006
2014-05-18
pjp
* modification, are permitted provided that the following conditions
007
2014-05-18
pjp
* are met:
008
2014-05-18
pjp
* 1. Redistributions of source code must retain the above copyright
009
2014-05-18
pjp
* notice, this list of conditions and the following disclaimer.
010
2014-05-18
pjp
* 2. Redistributions in binary form must reproduce the above copyright
011
2014-05-18
pjp
* notice, this list of conditions and the following disclaimer in the
012
2014-05-18
pjp
* documentation and/or other materials provided with the distribution.
013
2014-05-18
pjp
* 3. The name of the author may not be used to endorse or promote products
014
2014-05-18
pjp
* derived from this software without specific prior written permission
015
2014-05-18
pjp
*
016
2014-05-18
pjp
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
017
2014-05-18
pjp
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
018
2014-05-18
pjp
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
019
2014-05-18
pjp
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
020
2014-05-18
pjp
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
021
2014-05-18
pjp
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
022
2014-05-18
pjp
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
023
2014-05-18
pjp
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
024
2014-05-18
pjp
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
025
2014-05-18
pjp
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
026
2014-05-18
pjp
*
027
2014-05-18
pjp
*/
028
2014-05-18
pjp
029
2014-05-18
pjp
/*
030
2014-05-18
pjp
* this file is based on filter.c
031
2014-05-18
pjp
*/
032
2014-05-18
pjp
033
2014-05-18
pjp
#include "include.h"
034
2014-05-18
pjp
#include "dns.h"
035
2014-05-18
pjp
#include "db.h"
036
2014-05-18
pjp
037
2014-05-18
pjp
int find_whitelist(struct sockaddr_storage *, int);
038
2014-05-18
pjp
void init_whitelist(void);
039
2014-05-18
pjp
int insert_whitelist(char *, char *);
040
2014-05-18
pjp
041
2014-05-18
pjp
extern void dolog(int, char *, ...);
042
2014-05-18
pjp
extern in_addr_t getmask(int);
043
2014-05-18
pjp
extern int getmask6(int, struct sockaddr_in6 *);
044
2014-05-18
pjp
045
2014-05-18
pjp
extern int debug, verbose;
046
2014-05-18
pjp
047
2014-05-18
pjp
int whitelist = 0; /* whitelist is off by default */
048
2014-05-18
pjp
049
2014-05-18
pjp
SLIST_HEAD(listhead, whitelistentry) whitelisthead;
050
2014-05-18
pjp
051
2014-05-18
pjp
static struct whitelistentry {
052
2014-05-18
pjp
char name[INET6_ADDRSTRLEN];
053
2014-05-18
pjp
int family;
054
2014-05-18
pjp
struct sockaddr_storage hostmask;
055
2014-05-18
pjp
struct sockaddr_storage netmask;
056
2014-05-18
pjp
u_int8_t prefixlen;
057
2014-05-18
pjp
SLIST_ENTRY(whitelistentry) whitelist_entry;
058
2014-05-18
pjp
} *wln2, *wlnp;
059
2014-05-18
pjp
060
2014-05-18
pjp
061
2014-05-18
pjp
static const char rcsid[] = "$Id: whitelist.c,v 1.1 2014/05/18 18:47:54 pjp Exp $";
062
2014-05-18
pjp
063
2014-05-18
pjp
/*
064
2014-05-18
pjp
* INIT_FILTER - initialize the whitelist singly linked list
065
2014-05-18
pjp
*/
066
2014-05-18
pjp
067
2014-05-18
pjp
void
068
2014-05-18
pjp
init_whitelist(void)
069
2014-05-18
pjp
{
070
2014-05-18
pjp
SLIST_INIT(&whitelisthead);
071
2014-05-18
pjp
return;
072
2014-05-18
pjp
}
073
2014-05-18
pjp
074
2014-05-18
pjp
/*
075
2014-05-18
pjp
* INSERT_FILTER - insert an address and prefixlen into the whitelist slist
076
2014-05-18
pjp
*/
077
2014-05-18
pjp
078
2014-05-18
pjp
int
079
2014-05-18
pjp
insert_whitelist(char *address, char *prefixlen)
080
2014-05-18
pjp
{
081
2014-05-18
pjp
struct sockaddr_in *sin;
082
2014-05-18
pjp
struct sockaddr_in6 *sin6;
083
2014-05-18
pjp
int pnum;
084
2014-05-18
pjp
int ret;
085
2014-05-18
pjp
086
2014-05-18
pjp
pnum = atoi(prefixlen);
087
2014-05-18
pjp
wln2 = malloc(sizeof(struct whitelistentry)); /* Insert after. */
088
2014-05-18
pjp
089
2014-05-18
pjp
if (strchr(address, ':') != NULL) {
090
2014-05-18
pjp
wln2->family = AF_INET6;
091
2014-05-18
pjp
sin6 = (struct sockaddr_in6 *)&wln2->hostmask;
092
2014-05-18
pjp
if ((ret = inet_pton(AF_INET6, address, &sin6->sin6_addr.s6_addr)) != 1)
093
2014-05-18
pjp
return (-1);
094
2014-05-18
pjp
sin6->sin6_family = AF_INET6;
095
2014-05-18
pjp
sin6 = (struct sockaddr_in6 *)&wln2->netmask;
096
2014-05-18
pjp
sin6->sin6_family = AF_INET6;
097
2014-05-18
pjp
if (getmask6(pnum, sin6) < 0)
098
2014-05-18
pjp
return(-1);
099
2014-05-18
pjp
wln2->prefixlen = pnum;
100
2014-05-18
pjp
} else {
101
2014-05-18
pjp
102
2014-05-18
pjp
wln2->family = AF_INET;
103
2014-05-18
pjp
sin = (struct sockaddr_in *)&wln2->hostmask;
104
2014-05-18
pjp
sin->sin_family = AF_INET;
105
2014-05-18
pjp
sin->sin_addr.s_addr = inet_addr(address);
106
2014-05-18
pjp
sin = (struct sockaddr_in *)&wln2->netmask;
107
2014-05-18
pjp
sin->sin_family = AF_INET;
108
2014-05-18
pjp
sin->sin_addr.s_addr = getmask(pnum);
109
2014-05-18
pjp
wln2->prefixlen = pnum;
110
2014-05-18
pjp
111
2014-05-18
pjp
}
112
2014-05-18
pjp
113
2014-05-18
pjp
SLIST_INSERT_HEAD(&whitelisthead, wln2, whitelist_entry);
114
2014-05-18
pjp
115
2014-05-18
pjp
return (0);
116
2014-05-18
pjp
}
117
2014-05-18
pjp
118
2014-05-18
pjp
/*
119
2014-05-18
pjp
* FIND_FILTER - walk the whitelist list and find the correponding network
120
2014-05-18
pjp
* if a network matches return 1, if no match is found return
121
2014-05-18
pjp
* 0.
122
2014-05-18
pjp
*/
123
2014-05-18
pjp
124
2014-05-18
pjp
int
125
2014-05-18
pjp
find_whitelist(struct sockaddr_storage *sst, int family)
126
2014-05-18
pjp
{
127
2014-05-18
pjp
struct sockaddr_in *sin, *sin0;
128
2014-05-18
pjp
struct sockaddr_in6 *sin6, *sin60, *sin61;
129
2014-05-18
pjp
u_int32_t hostmask, netmask;
130
2014-05-18
pjp
u_int32_t a;
131
2014-05-18
pjp
#ifdef __amd64
132
2014-05-18
pjp
u_int64_t *hm[2], *nm[2], *a6[2];
133
2014-05-18
pjp
#else
134
2014-05-18
pjp
u_int32_t *hm[4], *nm[4], *a6[4];
135
2014-05-18
pjp
#endif
136
2014-05-18
pjp
137
2014-05-18
pjp
SLIST_FOREACH(wlnp, &whitelisthead, whitelist_entry) {
138
2014-05-18
pjp
if (wlnp->family == AF_INET) {
139
2014-05-18
pjp
if (family != AF_INET)
140
2014-05-18
pjp
continue;
141
2014-05-18
pjp
sin = (struct sockaddr_in *)sst;
142
2014-05-18
pjp
a = sin->sin_addr.s_addr;
143
2014-05-18
pjp
sin = (struct sockaddr_in *)&wlnp->hostmask;
144
2014-05-18
pjp
sin0 = (struct sockaddr_in *)&wlnp->netmask;
145
2014-05-18
pjp
hostmask = sin->sin_addr.s_addr;
146
2014-05-18
pjp
netmask = sin0->sin_addr.s_addr;
147
2014-05-18
pjp
if ((hostmask & netmask) == (a & netmask)) {
148
2014-05-18
pjp
return (1);
149
2014-05-18
pjp
} /* if hostmask */
150
2014-05-18
pjp
} else if (wlnp->family == AF_INET6) {
151
2014-05-18
pjp
if (family != AF_INET6)
152
2014-05-18
pjp
continue;
153
2014-05-18
pjp
sin6 = (struct sockaddr_in6 *)sst;
154
2014-05-18
pjp
sin60 = (struct sockaddr_in6 *)&wlnp->hostmask;
155
2014-05-18
pjp
sin61 = (struct sockaddr_in6 *)&wlnp->netmask;
156
2014-05-18
pjp
#ifdef __amd64
157
2014-05-18
pjp
/*
158
2014-05-18
pjp
* If this is on a 64 bit machine, we'll benefit
159
2014-05-18
pjp
* by using 64 bit registers, this should make it
160
2014-05-18
pjp
* a tad faster...
161
2014-05-18
pjp
*/
162
2014-05-18
pjp
hm[0] = (u_int64_t *)&sin60->sin6_addr.s6_addr;
163
2014-05-18
pjp
hm[1] = (hm[0] + 1);
164
2014-05-18
pjp
nm[0] = (u_int64_t *)&sin61->sin6_addr.s6_addr;
165
2014-05-18
pjp
nm[1] = (nm[0] + 1);
166
2014-05-18
pjp
a6[0] = (u_int64_t *)&sin6->sin6_addr.s6_addr;
167
2014-05-18
pjp
a6[1] = (a6[0] + 1);
168
2014-05-18
pjp
if ( ((*hm[0] & *nm[0]) == (*a6[0] & *nm[0]))&&
169
2014-05-18
pjp
((*hm[1] & *nm[1]) == (*a6[1] & *nm[1]))) {
170
2014-05-18
pjp
#else
171
2014-05-18
pjp
hm[0] = (u_int32_t *)&sin60->sin6_addr.s6_addr;
172
2014-05-18
pjp
hm[1] = (hm[0] + 1); hm[2] = (hm[1] + 1);
173
2014-05-18
pjp
hm[3] = (hm[2] + 1);
174
2014-05-18
pjp
nm[0] = (u_int32_t *)&sin61->sin6_addr.s6_addr;
175
2014-05-18
pjp
nm[1] = (nm[0] + 1); nm[2] = (nm[1] + 1);
176
2014-05-18
pjp
nm[3] = (nm[2] + 1);
177
2014-05-18
pjp
a6[0] = (u_int32_t *)&sin6->sin6_addr.s6_addr;
178
2014-05-18
pjp
a6[1] = (a6[0] + 1); a6[2] = (a6[1] + 1);
179
2014-05-18
pjp
a6[3] = (a6[2] + 1);
180
2014-05-18
pjp
181
2014-05-18
pjp
if ( ((*hm[0] & *nm[0]) == (*a6[0] & *nm[0]))&&
182
2014-05-18
pjp
((*hm[1] & *nm[1]) == (*a6[1] & *nm[1]))&&
183
2014-05-18
pjp
((*hm[2] & *nm[2]) == (*a6[2] & *nm[2]))&&
184
2014-05-18
pjp
((*hm[3] & *nm[3]) == (*a6[3] & *nm[3]))) {
185
2014-05-18
pjp
#endif
186
2014-05-18
pjp
187
2014-05-18
pjp
return (1);
188
2014-05-18
pjp
} /* if ip6 address */
189
2014-05-18
pjp
190
2014-05-18
pjp
} /* if AF_INET6 */
191
2014-05-18
pjp
} /* SLIST */
192
2014-05-18
pjp
193
2014-05-18
pjp
return (0);
194
2014-05-18
pjp
}
repomaster@centroid.eu