Revision: 14783
Author: adrian.chadd
Date: Sat Sep 4 07:04:25 2010
Log: Migrate the "my_address" in aclChecklist to be IPv6 aware.
Some of the users (eg, ICP, HTCP) currently assume ipv6 (even though it's
set to "noaddr")
so replicate that behaviour for now.
http://code.google.com/p/lusca-cache/source/detail?r=14783
Modified:
/playpen/LUSCA_HEAD_ipv6/src/acl.c
/playpen/LUSCA_HEAD_ipv6/src/client_side.c
/playpen/LUSCA_HEAD_ipv6/src/htcp.c
/playpen/LUSCA_HEAD_ipv6/src/icp_v2.c
/playpen/LUSCA_HEAD_ipv6/src/icp_v3.c
/playpen/LUSCA_HEAD_ipv6/src/structs.h
=======================================
--- /playpen/LUSCA_HEAD_ipv6/src/acl.c Sat Sep 4 06:05:15 2010
+++ /playpen/LUSCA_HEAD_ipv6/src/acl.c Sat Sep 4 07:04:25 2010
@@ -2048,7 +2048,10 @@
return aclMatchIp4(&ae->data, checklist->src_addr);
/* NOTREACHED */
case ACL_MY_IP:
- return aclMatchIp4(&ae->data, checklist->my_addr);
+ if (sqinet_get_family(&checklist->my_address) == AF_INET)
+ return aclMatchIp(&ae->data, &checklist->my_address);
+ else
+ return 0; /* Can't do an IPv4 lookup against IPv6
"my_addr" */
/* NOTREACHED */
case ACL_DST_IP:
ia = ipcache_gethostbyname(r->host, IP_LOOKUP_IF_MISS);
@@ -2070,7 +2073,10 @@
case ACL_SRC_IP6:
return 0; /* XXX for now; no v6 address to compare! */
case ACL_MY_IP6:
- return 0; /* XXX for now; no v6 address to compare! */
+ if (sqinet_get_family(&checklist->my_address) == AF_INET6)
+ return aclMatchIp(&ae->data, &checklist->my_address);
+ else
+ return 0; /* Can't do an IPv6 lookup against IPv4
"my_addr" */
case ACL_DST_DOMAIN:
if (aclMatchDomainList(&ae->data, r->host))
return 1;
@@ -2552,6 +2558,7 @@
checklist->callback_data = NULL;
}
aclCheckCleanup(checklist);
+ sqinet_done(&checklist->my_address);
cbdataFree(checklist);
}
@@ -2669,8 +2676,8 @@
} else
#endif /* FOLLOW_X_FORWARDED_FOR */
checklist->src_addr = request->client_addr;
- checklist->my_addr = request->my_addr;
- checklist->my_port = request->my_port;
+ sqinet_set_v4_inaddr(&checklist->my_address, &request->my_addr);
+ sqinet_set_port(&checklist->my_address, request->my_port,
SQADDR_ASSERT_IS_V4);
#if 0 && USE_IDENT
/*
* this is currently broken because 'request->user_ident' has been
@@ -2707,6 +2714,7 @@
xstrncpy(checklist->rfc931, ident, USER_IDENT_SZ);
#endif
checklist->auth_user_request = NULL;
+ sqinet_init(&checklist->my_address);
return checklist;
}
=======================================
--- /playpen/LUSCA_HEAD_ipv6/src/client_side.c Thu Sep 2 08:06:04 2010
+++ /playpen/LUSCA_HEAD_ipv6/src/client_side.c Sat Sep 4 07:04:25 2010
@@ -2586,9 +2586,10 @@
if (Config.onoff.log_fqdn)
fqdncache_gethostbyaddr6(&peer, FQDN_LOOKUP_IF_MISS);
commSetTimeout(fd, Config.Timeout.request, requestTimeout, connState);
+ sqinet_init(&identChecklist.my_address);
#if USE_IDENT
identChecklist.src_addr = sqinet_get_v4_inaddr(&peer,
SQADDR_ASSERT_IS_V4);
- identChecklist.my_addr = sqinet_get_v4_inaddr(&me, SQADDR_ASSERT_IS_V4);
+ sqinet_copy(&identChecklist.my_address, &me);
identChecklist.my_port = sqinet_get_port(&me);
if (aclCheckFast(Config.accessList.identLookup, &identChecklist))
identStart(&connState->me2, &connState->peer2, clientIdentDone,
connState);
@@ -2604,6 +2605,7 @@
incoming_sockets_accepted++;
sqinet_done(&peer);
sqinet_done(&me);
+ sqinet_done(&identChecklist.my_address);
}
}
@@ -2755,10 +2757,10 @@
if (Config.onoff.log_fqdn)
fqdncache_gethostbyaddr6(&connState->peer2, FQDN_LOOKUP_IF_MISS);
commSetTimeout(fd, Config.Timeout.request, requestTimeout, connState);
+ sqinet_init(&identChecklist.my_address);
#if USE_IDENT
identChecklist.src_addr = sqinet_get_v4_inaddr(&peer,
SQADDR_ASSERT_IS_V4);
- identChecklist.my_addr = sqinet_get_v4_inaddr(&me, SQADDR_ASSERT_IS_V4);
- identChecklist.my_port = sqinet_get_port(&me);
+ sqinet_copy(&identChecklist.my_address, &me);
if (aclCheckFast(Config.accessList.identLookup, &identChecklist))
identStart(&connState->me2, &connState->peer2, clientIdentDone,
connState);
#endif
@@ -2772,6 +2774,7 @@
httpsAcceptSSL(connState, s->sslContext);
sqinet_done(&peer);
sqinet_done(&me);
+ sqinet_done(&identChecklist.my_address);
}
}
=======================================
--- /playpen/LUSCA_HEAD_ipv6/src/htcp.c Wed Aug 4 22:24:11 2010
+++ /playpen/LUSCA_HEAD_ipv6/src/htcp.c Sat Sep 4 07:04:25 2010
@@ -652,12 +652,17 @@
static int
htcpAccessCheck(acl_access * acl, htcpSpecifier * s, struct sockaddr_in
*from)
{
+ int r;
aclCheck_t checklist;
memset(&checklist, '\0', sizeof(checklist));
checklist.src_addr = from->sin_addr;
- SetNoAddr(&checklist.my_addr);
+ sqinet_init(&checklist.my_address);
+ sqinet_set_family(&checklist.my_address, AF_INET); /* XXX will need to
be taught about "from"! -adrian */
+ sqinet_set_noaddr(&checklist.my_address);
checklist.request = s->request;
- return aclCheckFast(acl, &checklist);
+ r = aclCheckFast(acl, &checklist);
+ sqinet_done(&checklist.my_address);
+ return r;
}
static void
=======================================
--- /playpen/LUSCA_HEAD_ipv6/src/icp_v2.c Sun Jul 11 16:49:18 2010
+++ /playpen/LUSCA_HEAD_ipv6/src/icp_v2.c Sat Sep 4 07:04:25 2010
@@ -230,7 +230,10 @@
}
memset(&checklist, '\0', sizeof(checklist));
checklist.src_addr = from.sin_addr;
- SetNoAddr(&checklist.my_addr);
+ sqinet_init(&checklist.my_address);
+#warning needs to be made v6 "my_address" aware!
+ sqinet_set_family(&checklist.my_address, AF_INET);
+ sqinet_set_noaddr(&checklist.my_address);
checklist.request = icp_request;
allow = aclCheckFast(Config.accessList.icp, &checklist);
if (!allow) {
@@ -318,6 +321,7 @@
}
if (icp_request)
requestDestroy(icp_request);
+ sqinet_done(&checklist.my_address);
}
#ifdef ICP_PKT_DUMP
=======================================
--- /playpen/LUSCA_HEAD_ipv6/src/icp_v3.c Sun Jul 4 06:56:53 2010
+++ /playpen/LUSCA_HEAD_ipv6/src/icp_v3.c Sat Sep 4 07:04:25 2010
@@ -83,7 +83,10 @@
}
memset(&checklist, '\0', sizeof(checklist));
checklist.src_addr = from.sin_addr;
- SetNoAddr(&checklist.my_addr);
+ sqinet_init(&checklist.my_address);
+#warning needs to be made ipv6-aware for "my_address"!
+ sqinet_set_family(&checklist.my_address, AF_INET);
+ sqinet_set_noaddr(&checklist.my_address);
checklist.request = icp_request;
allow = aclCheckFast(Config.accessList.icp, &checklist);
if (!allow) {
@@ -158,4 +161,5 @@
}
if (icp_request)
requestDestroy(icp_request);
-}
+ sqinet_done(&checklist.my_address);
+}
=======================================
--- /playpen/LUSCA_HEAD_ipv6/src/structs.h Sat Sep 4 05:24:18 2010
+++ /playpen/LUSCA_HEAD_ipv6/src/structs.h Sat Sep 4 07:04:25 2010
@@ -288,8 +288,8 @@
const acl_access *access_list;
struct in_addr src_addr;
struct in_addr dst_addr;
- struct in_addr my_addr;
struct in_addr fwdip_addr;
+ sqaddr_t my_address;
unsigned short my_port;
request_t *request;
/* for acls that look at reply data */
--
You received this message because you are subscribed to the Google Groups
"lusca-commit" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/lusca-commit?hl=en.
