From: Wouter Wijngaards Date: Mon, 16 Apr 2018 13:14:24 +0000 (+0000) Subject: - Fix auth zone target lookup iterator. X-Git-Tag: release-1.7.1rc1~40 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=46919796790065a35b4040f9b5f532c0b1bc4298;p=thirdparty%2Funbound.git - Fix auth zone target lookup iterator. - notify with prefix git-svn-id: file:///svn/unbound/trunk@4624 be551aaa-1e26-0410-a405-d3ace91eadb9 --- diff --git a/doc/Changelog b/doc/Changelog index 4e8b11319..14b5c330a 100644 --- a/doc/Changelog +++ b/doc/Changelog @@ -1,3 +1,7 @@ +16 April 2018: Wouter + - Fix auth zone target lookup iterator. + - notify with prefix + 13 April 2018: Wouter - Fix for max include depth for authzones. - Fix memory free on fail for $INCLUDE in authzone. diff --git a/services/authzone.c b/services/authzone.c index 435334186..5803ab558 100644 --- a/services/authzone.c +++ b/services/authzone.c @@ -3248,14 +3248,22 @@ addr_matches_master(struct auth_master* master, struct sockaddr_storage* addr, { struct sockaddr_storage a; socklen_t alen = 0; + int net = 0; if(addr_in_list(master->list, addr, addrlen)) return 1; - /* could be nice to note host is an IP literal? TODO */ if(extstrtoaddr(master->host, &a, &alen) && sockaddr_cmp_addr(addr, addrlen, &a, alen)==0) return 1; - /* TODO prefixes need a bool to note they are or detectable with - * a detector routine, also to avoid looking them up. */ + /* prefixes, addr/len, like 10.0.0.0/8 */ + /* not http and has a / and there is one / */ + if(!master->http && strchr(master->host, '/')!=NULL && + strchr(master->host, '/') == strrchr(master->host, '/') && + netblockstrtoaddr(master->host, UNBOUND_DNS_PORT, &a, &alen, + &net) && alen == addrlen) { + if(addr_in_common(addr, (addr_is_ip6(addr, addrlen)?128:32), + &a, net, alen) >= net) + return 1; /* matches the netblock */ + } return 0; } @@ -3623,11 +3631,19 @@ xfr_transfer_nextmaster(struct auth_xfer* xfr) if(xfr->task_transfer->scan_specific) { xfr->task_transfer->scan_specific = NULL; xfr->task_transfer->scan_target = xfr->task_transfer->masters; + if(xfr->task_transfer->scan_target && xfr->task_transfer-> + scan_target->list) + xfr->task_transfer->scan_addr = + xfr->task_transfer->scan_target->list; return; } if(!xfr->task_transfer->scan_target) return; xfr->task_transfer->scan_target = xfr->task_transfer->scan_target->next; + if(xfr->task_transfer->scan_target && xfr->task_transfer-> + scan_target->list) + xfr->task_transfer->scan_addr = + xfr->task_transfer->scan_target->list; return; } @@ -3645,11 +3661,19 @@ xfr_probe_nextmaster(struct auth_xfer* xfr) if(xfr->task_probe->scan_specific) { xfr->task_probe->scan_specific = NULL; xfr->task_probe->scan_target = xfr->task_probe->masters; + if(xfr->task_probe->scan_target && xfr->task_probe-> + scan_target->list) + xfr->task_probe->scan_addr = + xfr->task_probe->scan_target->list; return; } if(!xfr->task_probe->scan_target) return; xfr->task_probe->scan_target = xfr->task_probe->scan_target->next; + if(xfr->task_probe->scan_target && xfr->task_probe-> + scan_target->list) + xfr->task_probe->scan_addr = + xfr->task_probe->scan_target->list; return; } diff --git a/util/net_help.c b/util/net_help.c index fdc8b0558..89939bf97 100644 --- a/util/net_help.c +++ b/util/net_help.c @@ -241,7 +241,8 @@ ipstrtoaddr(const char* ip, int port, struct sockaddr_storage* addr, int netblockstrtoaddr(const char* str, int port, struct sockaddr_storage* addr, socklen_t* addrlen, int* net) { - char* s = NULL; + char buf[64]; + char* s; *net = (str_is_ip6(str)?128:32); if((s=strchr(str, '/'))) { if(atoi(s+1) > *net) { @@ -253,11 +254,10 @@ int netblockstrtoaddr(const char* str, int port, struct sockaddr_storage* addr, log_err("cannot parse netblock: '%s'", str); return 0; } - if(!(s = strdup(str))) { - log_err("out of memory"); - return 0; - } - *strchr(s, '/') = '\0'; + strlcpy(buf, str, sizeof(buf)); + s = strchr(buf, '/'); + if(s) *s = 0; + s = buf; } if(!ipstrtoaddr(s?s:str, port, addr, addrlen)) { free(s); @@ -265,7 +265,6 @@ int netblockstrtoaddr(const char* str, int port, struct sockaddr_storage* addr, return 0; } if(s) { - free(s); addr_mask(addr, *addrlen, *net); } return 1; diff --git a/util/net_help.h b/util/net_help.h index 2d6fce91d..ba78c2486 100644 --- a/util/net_help.h +++ b/util/net_help.h @@ -190,7 +190,7 @@ int ipstrtoaddr(const char* ip, int port, struct sockaddr_storage* addr, /** * Convert ip netblock (ip/netsize) string and port to sockaddr. - * *SLOW*, does a malloc internally to avoid writing over 'ip' string. + * performs a copy internally to avoid writing over 'ip' string. * @param ip: ip4 or ip6 address string. * @param port: port number, host format. * @param addr: where to store sockaddr.