diff options
Diffstat (limited to 'support/misc/from_local.c')
| -rw-r--r-- | support/misc/from_local.c | 268 |
1 files changed, 268 insertions, 0 deletions
diff --git a/support/misc/from_local.c b/support/misc/from_local.c new file mode 100644 index 0000000..e2de969 --- /dev/null +++ b/support/misc/from_local.c @@ -0,0 +1,268 @@ + /* + * Check if an address belongs to the local system. Adapted from: + * + * @(#)pmap_svc.c 1.32 91/03/11 Copyright 1984,1990 Sun Microsystems, Inc. + * @(#)get_myaddress.c 2.1 88/07/29 4.0 RPCSRC. + */ + +/* + * Copyright (c) 2009, Sun Microsystems, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * - Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * - Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * - Neither the name of Sun Microsystems, Inc. nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +#if 0 +static char sccsid[] = "@(#) from_local.c 1.3 96/05/31 15:52:57"; +#endif + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif + +#include <sys/types.h> +#include <sys/socket.h> +#include <stdbool.h> +#include <stdio.h> +#include <unistd.h> +#include <netdb.h> +#include <netinet/in.h> +#include <net/if.h> +#include <sys/ioctl.h> +#include <stdlib.h> +#include <string.h> + +#include "sockaddr.h" +#include "tcpwrapper.h" +#include "xlog.h" + +#ifndef TRUE +#define TRUE 1 +#define FALSE 0 +#endif + +#ifdef HAVE_GETIFADDRS + +#include <ifaddrs.h> +#include <time.h> + +/** + * from_local - determine whether request comes from the local system + * @sap: pointer to socket address to check + * + * With virtual hosting, each hardware network interface can have + * multiple network addresses. On such machines the number of machine + * addresses can be surprisingly large. + * + * We also expect the local network configuration to change over time, + * so call getifaddrs(3) more than once, but not too often. + * + * Returns TRUE if the sockaddr contains an address of one of the local + * network interfaces. Otherwise FALSE is returned. + */ +int +from_local(const struct sockaddr *sap) +{ + static struct ifaddrs *ifaddr = NULL; + static time_t last_update = 0; + struct ifaddrs *ifa; + unsigned int count; + time_t now; + + if (time(&now) == ((time_t)-1)) { + xlog(L_ERROR, "%s: time(2): %m", __func__); + + /* If we don't know what time it is, use the + * existing ifaddr list, if one exists */ + now = last_update; + if (ifaddr == NULL) + now++; + } + if (now != last_update) { + xlog(D_GENERAL, "%s: updating local if addr list", __func__); + + if (ifaddr) + freeifaddrs(ifaddr); + + if (getifaddrs(&ifaddr) == -1) { + xlog(L_ERROR, "%s: getifaddrs(3): %m", __func__); + return FALSE; + } + + last_update = now; + } + + count = 0; + for (ifa = ifaddr; ifa; ifa = ifa->ifa_next) { + if ((ifa->ifa_flags & IFF_UP) && + nfs_compare_sockaddr(sap, ifa->ifa_addr)) { + xlog(D_GENERAL, "%s: incoming address matches " + "local interface address", __func__); + return TRUE; + } else + count++; + } + + xlog(D_GENERAL, "%s: checked %u local if addrs; " + "incoming address not found", __func__, count); + return FALSE; +} + +#else /* !HAVE_GETIFADDRS */ + +static int num_local; +static int num_addrs; +static struct in_addr *addrs; + +/* grow_addrs - extend list of local interface addresses */ + +static int grow_addrs(void) +{ + struct in_addr *new_addrs; + int new_num; + + /* + * Keep the previous result if we run out of memory. The system would + * really get hosed if we simply give up. + */ + new_num = (addrs == 0) ? 1 : num_addrs + num_addrs; + new_addrs = (struct in_addr *) malloc(sizeof(*addrs) * new_num); + if (new_addrs == 0) { + xlog_warn("%s: out of memory", __func__); + return (0); + } else { + if (addrs != 0) { + memcpy((char *) new_addrs, (char *) addrs, + sizeof(*addrs) * num_addrs); + free((char *) addrs); + } + num_addrs = new_num; + addrs = new_addrs; + return (1); + } +} + +/* find_local - find all IP addresses for this host */ +static int +find_local(void) +{ + struct ifconf ifc; + struct ifreq ifreq; + struct ifreq *ifr; + struct ifreq *the_end; + int sock; + char buf[BUFSIZ]; + + /* + * Get list of network interfaces. We use a huge buffer to allow for the + * presence of non-IP interfaces. + */ + + if ((sock = socket(PF_INET, SOCK_DGRAM, 0)) < 0) { + xlog_warn("%s: socket(2): %m", __func__); + return (0); + } + ifc.ifc_len = sizeof(buf); + ifc.ifc_buf = buf; + if (ioctl(sock, SIOCGIFCONF, (char *) &ifc) < 0) { + xlog_warn("%s: ioctl(SIOCGIFCONF): %m", __func__); + (void) close(sock); + return (0); + } + /* Get IP address of each active IP network interface. */ + + the_end = (struct ifreq *) (ifc.ifc_buf + ifc.ifc_len); + num_local = 0; + for (ifr = ifc.ifc_req; ifr < the_end; ifr++) { + if (ifr->ifr_addr.sa_family == AF_INET) { /* IP net interface */ + ifreq = *ifr; + if (ioctl(sock, SIOCGIFFLAGS, (char *) &ifreq) < 0) { + xlog_warn("%s: ioctl(SIOCGIFFLAGS): %m", __func__); + } else if (ifreq.ifr_flags & IFF_UP) { /* active interface */ + if (ioctl(sock, SIOCGIFADDR, (char *) &ifreq) < 0) { + xlog_warn("%s: ioctl(SIOCGIFADDR): %m", __func__); + } else { + if (num_local >= num_addrs) + if (grow_addrs() == 0) + break; + addrs[num_local++] = ((struct sockaddr_in *) + & ifreq.ifr_addr)->sin_addr; + } + } + } + /* Support for variable-length addresses. */ +#ifdef HAS_SA_LEN + ifr = (struct ifreq *) ((caddr_t) ifr + + ifr->ifr_addr.sa_len - sizeof(struct sockaddr)); +#endif + } + (void) close(sock); + return (num_local); +} + +/** + * from_local - determine whether request comes from the local system + * @sap: pointer to socket address to check + * + * With virtual hosting, each hardware network interface can have + * multiple network addresses. On such machines the number of machine + * addresses can be surprisingly large. + * + * Returns TRUE if the sockaddr contains an address of one of the local + * network interfaces. Otherwise FALSE is returned. + */ +int +from_local(const struct sockaddr *sap) +{ + const struct sockaddr_in *addr = (const struct sockaddr_in *)sap; + int i; + + if (sap->sa_family != AF_INET) + return (FALSE); + + if (addrs == 0 && find_local() == 0) + xlog(L_ERROR, "Cannot find any active local network interfaces"); + + for (i = 0; i < num_local; i++) { + if (memcmp((char *) &(addr->sin_addr), (char *) &(addrs[i]), + sizeof(struct in_addr)) == 0) + return (TRUE); + } + return (FALSE); +} + +#ifdef TEST + +int main(void) +{ + int i; + + find_local(); + for (i = 0; i < num_local; i++) + printf("%s\n", inet_ntoa(addrs[i])); +} + +#endif /* TEST */ + +#endif /* !HAVE_GETIFADDRS */ |