Commit c0d327d7 authored by Vladimír Čunát's avatar Vladimír Čunát Committed by Petr Špaček

policy.TLS_FORWARD: refusal when configuring with multiple IPs

Fixes #306
parent 817274a4
Knot Resolver 2.X.Y (2018-0M-DD)
================================
Bugfixes
--------
- detect_time_jump module: don't clear cache on suspend-resume (#284)
- stats module: fix stats.list() returning nothing, regressed in 2.0.0
- policy.TLS_FORWARD: refusal when configuring with multiple IPs (#306)
Knot Resolver 2.0.0 (2018-01-31)
......
......@@ -276,6 +276,7 @@ int kr_pkt_clear_payload(knot_pkt_t *);
const char *kr_inaddr(const struct sockaddr *);
int kr_inaddr_family(const struct sockaddr *);
int kr_inaddr_len(const struct sockaddr *);
int kr_sockaddr_len(const struct sockaddr *);
uint16_t kr_inaddr_port(const struct sockaddr *);
int kr_straddr_family(const char *);
int kr_straddr_subnet(void *, const char *);
......
......@@ -143,6 +143,7 @@ EOF
kr_inaddr
kr_inaddr_family
kr_inaddr_len
kr_sockaddr_len
kr_inaddr_port
kr_straddr_family
kr_straddr_subnet
......
......@@ -337,6 +337,18 @@ int kr_inaddr_len(const struct sockaddr *addr)
return kr_family_len(addr->sa_family);
}
int kr_sockaddr_len(const struct sockaddr *addr)
{
if (!addr) {
return kr_error(EINVAL);
}
switch (addr->sa_family) {
case AF_INET: return sizeof(struct sockaddr_in);
case AF_INET6: return sizeof(struct sockaddr_in6);
default: return kr_error(EINVAL);
}
}
uint16_t kr_inaddr_port(const struct sockaddr *addr)
{
if (!addr) {
......@@ -972,4 +984,4 @@ int knot_dname_lf2wire(knot_dname_t * const dst, uint8_t len, const uint8_t *lf)
*d = 0; /* the final zero */
++d;
return d - dst;
}
\ No newline at end of file
}
......@@ -216,9 +216,12 @@ const char *kr_inaddr(const struct sockaddr *addr);
/** Address family. */
KR_EXPORT KR_PURE
int kr_inaddr_family(const struct sockaddr *addr);
/** Address length for given family. */
/** Address length for given family, i.e. sizeof(struct in*_addr). */
KR_EXPORT KR_PURE
int kr_inaddr_len(const struct sockaddr *addr);
/** Sockaddr length for given family, i.e. sizeof(struct sockaddr_in*). */
KR_EXPORT KR_PURE
int kr_sockaddr_len(const struct sockaddr *addr);
/** Port. */
KR_EXPORT KR_PURE
uint16_t kr_inaddr_port(const struct sockaddr *addr);
......
......@@ -209,7 +209,7 @@ function policy.TLS_FORWARD(target)
local auth_type = tls_forward_target_authtype(idx, upstream_list_entry)
local string_addr = upstream_list_entry[1]
local sockaddr_c = addr2sock(string_addr, 853)
local sockaddr_lua = ffi.string(sockaddr_c, ffi.C.kr_inaddr_len(sockaddr_c))
local sockaddr_lua = ffi.string(sockaddr_c, ffi.C.kr_sockaddr_len(sockaddr_c))
if sockaddr_config[sockaddr_lua] then
error('TLS_FORWARD configuration cannot declare two configs for IP address ' .. string_addr)
end
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment