tpws: block connections to ::ffff:127.0.0.0/104

This commit is contained in:
bol-van 2021-03-19 11:33:42 +03:00
parent 94405e89c3
commit 5e1adaa348
11 changed files with 5 additions and 4 deletions

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

View File

@ -76,7 +76,7 @@ bool check_local_ip(const struct sockaddr *saddr)
{ {
struct ifaddrs *addrs,*a; struct ifaddrs *addrs,*a;
if (saddr->sa_family==AF_INET && is_localnet((struct sockaddr_in *)saddr)) if (is_localnet(saddr))
return true; return true;
if (getifaddrs(&addrs)<0) return false; if (getifaddrs(&addrs)<0) return false;
@ -153,9 +153,10 @@ bool saconvmapped(struct sockaddr_storage *a)
return false; return false;
} }
bool is_localnet(const struct sockaddr_in *a) bool is_localnet(const struct sockaddr *a)
{ {
return (htonl(a->sin_addr.s_addr)>>24)==127; return a->sa_family==AF_INET && *(char*)&((struct sockaddr_in *)a)->sin_addr.s_addr==127 ||
a->sa_family==AF_INET6 && saismapped((struct sockaddr_in6 *)a) && ((struct sockaddr_in6 *)a)->sin6_addr.s6_addr[12]==127;
} }
bool is_linklocal(const struct sockaddr_in6 *a) bool is_linklocal(const struct sockaddr_in6 *a)
{ {

View File

@ -21,7 +21,7 @@ uint16_t saport(const struct sockaddr *sa);
// true = was converted // true = was converted
bool saconvmapped(struct sockaddr_storage *a); bool saconvmapped(struct sockaddr_storage *a);
bool is_localnet(const struct sockaddr_in *a); bool is_localnet(const struct sockaddr *a);
bool is_linklocal(const struct sockaddr_in6* a); bool is_linklocal(const struct sockaddr_in6* a);
bool is_private6(const struct sockaddr_in6* a); bool is_private6(const struct sockaddr_in6* a);