Module: sip-router
Branch: master
Commit: ccebf9e536d7d5ea8fc824ea089d501e888b37c8
URL:
http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=ccebf9e536d7d5ea8fc824ea089d501e888b37c8
Author: Daniel-Constantin Mierla <[email protected]>
Committer: Daniel-Constantin Mierla <[email protected]>
Date: Fri Jul 12 13:31:12 2013 +0200
ipops: new cfg function dns_nc_match_ip(hostname, ipaddr)
- do dns query for the hostname and compare the result to see if is a
match with ipaddr
---
modules/ipops/README | 24 ++++++++++
modules/ipops/doc/ipops_admin.xml | 45 ++++++++++++++++++++
modules/ipops/ipops_mod.c | 84 +++++++++++++++++++++++++++++++++++++
3 files changed, 153 insertions(+), 0 deletions(-)
diff --git a/modules/ipops/README b/modules/ipops/README
index bd79553..901535a 100644
--- a/modules/ipops/README
+++ b/modules/ipops/README
@@ -36,6 +36,7 @@ I
4.8. compare_pure_ips (ip1, ip2)
4.9. is_ip_rfc1918 (ip)
4.10. is_in_subnet (ip, subnet)
+ 4.11. dns_nc_match_ip(hostname, ipaddr)
List of Examples
@@ -49,6 +50,7 @@ I
1.8. compare_pure_ips usage
1.9. is_ip_rfc1918 usage
1.10. is_in_subnet usage
+ 1.11. dns_nc_match_ip usage
Chapter 1. Admin Guide
@@ -73,6 +75,7 @@ Chapter 1. Admin Guide
4.8. compare_pure_ips (ip1, ip2)
4.9. is_ip_rfc1918 (ip)
4.10. is_in_subnet (ip, subnet)
+ 4.11. dns_nc_match_ip(hostname, ipaddr)
1. Overview
@@ -124,6 +127,7 @@ Chapter 1. Admin Guide
4.8. compare_pure_ips (ip1, ip2)
4.9. is_ip_rfc1918 (ip)
4.10. is_in_subnet (ip, subnet)
+ 4.11. dns_nc_match_ip(hostname, ipaddr)
4.1. is_ip (ip)
@@ -329,3 +333,23 @@ if (is_in_subnet("10.0.123.123", "10.0.123.1/24")) {
xlog("L_INFO", "it's in the subnet\n");
}
...
+
+4.11. dns_nc_match_ip(hostname, ipaddr)
+
+ Returns TRUE if ipaddr is associated by DNS to hostname. FALSE
+ otherwise. It does not use the internal DNS cache, but directly
+ getaddrinfo(...).
+
+ Parameters:
+ * ipaddr - string or pseudo-variable containing the ip address.
+ * hostname - string or pseudo-variable containing the hostname. The
+ resulting IP addresses from DNS query are compared with ipaddress.
+
+ This function can be used from ANY_ROUTE.
+
+ Example 1.11. dns_nc_match_ip usage
+...
+if (!dns_nc_match_ip("myhost.com", "1.2.3.4")) {
+ xdbg("ip address not associated with hostname\n");
+}
+...
diff --git a/modules/ipops/doc/ipops_admin.xml
b/modules/ipops/doc/ipops_admin.xml
index c7ce810..afb03d8 100644
--- a/modules/ipops/doc/ipops_admin.xml
+++ b/modules/ipops/doc/ipops_admin.xml
@@ -529,6 +529,51 @@ if (is_in_subnet("10.0.123.123", "10.0.123.1/24")) {
</section>
+ <section id="ipops.f.dns_nc_match_ip">
+ <title>
+ <function moreinfo="none">dns_nc_match_ip(hostname, ipaddr)</function>
+ </title>
+
+ <para>
+ Returns TRUE if ipaddr is associated by DNS to hostname.
FALSE otherwise. It
+ does not use the internal DNS cache, but directly
getaddrinfo(...).
+ </para>
+
+ <para>Parameters:</para>
+
+ <itemizedlist>
+ <listitem>
+ <para>
+ <emphasis>ipaddr</emphasis> - string or pseudo-variable containing
the ip address.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <emphasis>hostname</emphasis> - string or
pseudo-variable containing the hostname.
+ The resulting IP addresses from DNS query are
compared with ipaddress.
+ </para>
+ </listitem>
+ </itemizedlist>
+
+ <para>
+ This function can be used from ANY_ROUTE.
+ </para>
+
+ <example>
+ <title>
+ <function>dns_nc_match_ip</function> usage
+ </title>
+ <programlisting format="linespecific">
+...
+if (!dns_nc_match_ip("myhost.com", "1.2.3.4")) {
+ xdbg("ip address not associated with hostname\n");
+}
+...
+ </programlisting>
+ </example>
+
+ </section>
+
</section>
</chapter>
diff --git a/modules/ipops/ipops_mod.c b/modules/ipops/ipops_mod.c
index 164177b..d21546c 100644
--- a/modules/ipops/ipops_mod.c
+++ b/modules/ipops/ipops_mod.c
@@ -40,12 +40,16 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netdb.h>
#include <arpa/inet.h>
#include "../../sr_module.h"
#include "../../dprint.h"
#include "../../str.h"
#include "../../mod_fix.h"
#include "../../pvar.h"
+#include "../../resolve.h"
#include "api.h"
#include "ip_parser.h"
#include "rfc1918_parser.h"
@@ -83,6 +87,7 @@ static int w_compare_ips(struct sip_msg*, char*, char*);
static int w_compare_pure_ips(struct sip_msg*, char*, char*);
static int w_is_ip_rfc1918(struct sip_msg*, char*);
static int w_ip_is_in_subnet(struct sip_msg*, char*, char*);
+static int w_dns_nc_match_ip(sip_msg_t*, char*, char*);
/*
@@ -110,6 +115,8 @@ static cmd_export_t cmds[] =
REQUEST_ROUTE|FAILURE_ROUTE|ONREPLY_ROUTE|BRANCH_ROUTE|LOCAL_ROUTE },
{ "is_in_subnet", (cmd_function)w_ip_is_in_subnet, 2, fixup_spve_spve, 0,
REQUEST_ROUTE|FAILURE_ROUTE|ONREPLY_ROUTE|BRANCH_ROUTE|LOCAL_ROUTE },
+ { "dns_nc_match_ip", (cmd_function)w_dns_nc_match_ip, 2, fixup_spve_spve, 0,
+ ANY_ROUTE },
{ "bind_ipops", (cmd_function)bind_ipops, 0, 0, 0, 0},
{ 0, 0, 0, 0, 0, 0 }
};
@@ -596,3 +603,80 @@ static int w_is_ip_rfc1918(struct sip_msg* _msg, char* _s)
else
return -1;
}
+
+static inline ip_addr_t *strtoipX(str *ips)
+{
+ /* try to figure out INET class */
+ if(ips->s[0] == '[' || memchr(ips->s, ':', ips->len)!=NULL)
+ {
+ /* IPv6 */
+ return str2ip6(ips);
+ } else {
+ /* IPv4 */
+ return str2ip(ips);
+ }
+}
+
+static int w_dns_nc_match_ip(sip_msg_t *msg, char *hnp, char *ipp)
+{
+ struct addrinfo hints, *res, *p;
+ int status;
+ ip_addr_t *ipa;
+ void *addr;
+ str hns;
+ str ips;
+ struct sockaddr_in *ipv4;
+ struct sockaddr_in6 *ipv6;
+
+ if (fixup_get_svalue(msg, (gparam_p)hnp, &hns))
+ {
+ LM_ERR("cannot evaluate hostname parameter\n");
+ return -2;
+ }
+
+ if (fixup_get_svalue(msg, (gparam_p)ipp, &ips))
+ {
+ LM_ERR("cannot evaluate ip address parameter\n");
+ return -2;
+ }
+
+ ipa = strtoipX(&ips);
+ if(ipa==NULL)
+ {
+ LM_ERR("invalid ip address: %.*s\n", ips.len, ips.s);
+ return -3;
+ }
+
+ memset(&hints, 0, sizeof(hints));
+ hints.ai_family = AF_UNSPEC; /* allow any of AF_INET or AF_INET6 */
+
+ if ((status = getaddrinfo(hns.s, NULL, &hints, &res)) != 0)
+ {
+ LM_ERR("getaddrinfo: %s\n", gai_strerror(status));
+ return -2;
+ }
+
+ for(p = res;p != NULL; p = p->ai_next)
+ {
+ if(p->ai_family==ipa->af)
+ {
+ if (p->ai_family==AF_INET)
+ {
+ ipv4 = (struct sockaddr_in *)p->ai_addr;
+ addr = &(ipv4->sin_addr);
+ } else {
+ ipv6 = (struct sockaddr_in6 *)p->ai_addr;
+ addr = &(ipv6->sin6_addr);
+ }
+ if(memcmp(ipa->u.addr, addr, ipa->len)==0)
+ {
+ /* matched IP */
+ freeaddrinfo(res);
+ return 1;
+ }
+ }
+ }
+ freeaddrinfo(res);
+
+ return -1;
+}
_______________________________________________
sr-dev mailing list
[email protected]
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev
