Updated Branches: refs/heads/master 216ecdabf -> af4fc8eba
TS-2158: Properly mark an IP as non-routable for IPv4 and IPv6 link local addresses as well as IPv6 private addresses and IPv4 Carrier Grade NAT addresses from RFC 6598. Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/af4fc8eb Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/af4fc8eb Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/af4fc8eb Branch: refs/heads/master Commit: af4fc8eba7e313a5a7fb5613382fd0165d44708b Parents: 216ecda Author: Phil Sorber <[email protected]> Authored: Mon Aug 26 13:42:46 2013 -0600 Committer: Phil Sorber <[email protected]> Committed: Mon Aug 26 13:43:41 2013 -0600 ---------------------------------------------------------------------- CHANGES | 4 ++++ lib/ts/ink_inet.h | 15 +++++++++++---- 2 files changed, 15 insertions(+), 4 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/trafficserver/blob/af4fc8eb/CHANGES ---------------------------------------------------------------------- diff --git a/CHANGES b/CHANGES index 0fec2af..7c41477 100644 --- a/CHANGES +++ b/CHANGES @@ -2,6 +2,10 @@ Changes with Apache Traffic Server 4.1.0 + *) [TS-2158] Properly mark an IP as non-routable for IPv4 and IPv6 link local + addresses as well as IPv6 private addresses and IPv4 Carrier Grade NAT + addresses from RFC 6598. + *) [TS-2155] Make a new RAT exclude file that uses the regular expressions now supported. Also cleanup some of minor licensing discrepancies. http://git-wip-us.apache.org/repos/asf/trafficserver/blob/af4fc8eb/lib/ts/ink_inet.h ---------------------------------------------------------------------- diff --git a/lib/ts/ink_inet.h b/lib/ts/ink_inet.h index 760c89c..21cf02b 100644 --- a/lib/ts/ink_inet.h +++ b/lib/ts/ink_inet.h @@ -571,11 +571,18 @@ inline bool ats_is_ip_nonroutable(sockaddr const* ip) { bool zret = false; if (ats_is_ip4(ip)) { in_addr_t a = ats_ip4_addr_cast(ip); - zret = ((a & htonl(0xFF000000)) == htonl(0x0A000000)) || - ((a & htonl(0xFFFF0000)) == htonl(0xC0A80000)) || - ((a & htonl(0xFFF00000)) == htonl(0xAC100000)) + zret = ((a & htonl(0xFF000000)) == htonl(0x0A000000)) || // priv 10.0.0.0/8 + ((a & htonl(0xFFC00000)) == htonl(0x64400000)) || // priv 100.64.0.0/10 + ((a & htonl(0xFFF00000)) == htonl(0xAC100000)) || // priv 172.16.0.0/12 + ((a & htonl(0xFFFF0000)) == htonl(0xC0A80000)) || // priv 192.168.0.0/16 + ((a & htonl(0xFFFF0000)) == htonl(0xA9FE0000)) // link 169.254.0.0/16 ; - } // should we do something for IPv6 addresses? + } else if (ats_is_ip6(ip)) { + in6_addr a = ats_ip6_addr_cast(ip); + zret = ((a.s6_addr[0] & 0xFE) == 0xFC) || // priv fc00::/7 + ((a.s6_addr[0] == 0xFE) && ((a.s6_addr[1] & 0xC0) == 0x80)) // link fe80::/10 + ; + } return zret; }
