diff -N -c -r -X exclude_files squid-1.0.beta7/src/acl.c squid-1.0.beta7.henrik/src/acl.c *** squid-1.0.beta7/src/acl.c Thu May 9 04:31:50 1996 --- squid-1.0.beta7.henrik/src/acl.c Fri May 17 17:09:20 1996 *************** *** 112,173 **** return head; } static struct _acl_ip_data *aclParseIpList() { ! char *t = NULL; struct _acl_ip_data *head = NULL; struct _acl_ip_data **Tail = &head; struct _acl_ip_data *q = NULL; ! int a1, a2, a3, a4; ! int m1, m2, m3, m4; ! struct in_addr lmask; ! int c; while ((t = strtok(NULL, w_space))) { q = xcalloc(1, sizeof(struct _acl_ip_data)); - a1 = a2 = a3 = a4 = 0; if (!strcasecmp(t, "all")) { ! lmask.s_addr = 0; } else { ! c = sscanf(t, "%d.%d.%d.%d/%d.%d.%d.%d", ! &a1, &a2, &a3, &a4, ! &m1, &m2, &m3, &m4); ! switch (c) { ! case 4: ! if (a1 == 0 && a2 == 0 && a3 == 0 && a4 == 0) /* world */ ! lmask.s_addr = 0x00000000; ! else if (a2 == 0 && a3 == 0 && a4 == 0) /* class A */ ! lmask.s_addr = htonl(0xff000000); ! else if (a3 == 0 && a4 == 0) /* class B */ ! lmask.s_addr = htonl(0xffff0000); ! else if (a4 == 0) /* class C */ ! lmask.s_addr = htonl(0xffffff00); ! else ! lmask.s_addr = 0xffffffff; ! break; ! case 5: ! if (m1 < 0 || m1 > 32) { ! debug(28, 0, "%s line %d: %s\n", ! cfg_filename, config_lineno, config_input_line); ! debug(28, 0, "aclParseIpList: Ignoring invalid IP acl entry '%s'\n", t); ! safe_free(q); ! continue; ! } ! lmask.s_addr = htonl(0xffffffff << (32 - m1)); ! break; ! case 8: ! lmask.s_addr = htonl(m1 * 0x1000000 + m2 * 0x10000 + m3 * 0x100 + m4); ! break; ! default: debug(28, 0, "%s line %d: %s\n", cfg_filename, config_lineno, config_input_line); ! debug(28, 0, "aclParseIpList: Ignoring invalid IP acl entry '%s'\n", t); safe_free(q); continue; } } - q->addr1.s_addr = htonl(a1 * 0x1000000 + a2 * 0x10000 + a3 * 0x100 + a4); - q->mask1.s_addr = lmask.s_addr; *(Tail) = q; Tail = &q->next; } --- 112,219 ---- return head; } + /* Decode a ascii representation (asc) of a IP adress, and place + * adress and netmask information in addr and mask. + */ + static int decode_addr(asc,addr,mask) + char *asc; + struct in_addr *addr,*mask; + { + struct hostent *hp; + long a; + + if((a=inet_addr(asc))!=-1 || strcmp(asc,"255.255.255.255")==0) { + addr->s_addr = htonl(a); + } else + if ((hp=gethostbyname(asc)) != NULL) { + /* We got a host name */ + memcpy(addr,hp->h_addr,hp->h_length); + } else { + /* XXX: Here we could use getnetbyname */ + return 0; /* This is not valid address */ + } + + if(mask!=NULL) { + /* Guess netmask */ + a=ntohl(addr->s_addr); + if(!a&0xFFFFFFFF) + mask->s_addr = htonl(0x00000000); + else + if(!a&0x00FFFFFF) + mask->s_addr = htonl(0xFF000000); + else + if(!a&0x0000FFFF) + mask->s_addr = htonl(0xFFFF0000); + else + if(!a&0x000000FF) + mask->s_addr = htonl(0xFFFFFF00); + else + mask->s_addr = htonl(0xFFFFFFFF); + } + return 1; + } + + static struct _acl_ip_data *aclParseIpList() { ! char *t = NULL, *p=NULL; struct _acl_ip_data *head = NULL; struct _acl_ip_data **Tail = &head; struct _acl_ip_data *q = NULL; ! static char addr1[256],addr2[256],mask[256]; while ((t = strtok(NULL, w_space))) { q = xcalloc(1, sizeof(struct _acl_ip_data)); if (!strcasecmp(t, "all")) { ! q->addr1.s_addr = 0; ! q->addr2.s_addr = 0; ! q->mask.s_addr = 0; } else { ! p=t; ! memset(addr1,0,sizeof(addr1)); ! memset(addr2,0,sizeof(addr2)); ! memset(mask,0,sizeof(mask)); ! ! /* Split the adress in addr1-addr2/mask */ ! strncpy(addr1,p,strcspn(t,"-/")); ! p+=strcspn(t,"-/"); ! if(*p=='-') { ! p++; ! strncpy(addr2,p,strcspn(t,"/")); ! p+=strcspn(p,"/"); ! } ! if(*p=='/') { ! p++; ! strcpy(mask,p); ! } ! ! /* Decode addr1 */ ! if(!decode_addr(addr1,&q->addr1,&q->mask)) { debug(28, 0, "%s line %d: %s\n", cfg_filename, config_lineno, config_input_line); ! debug(28, 0, "aclParseIpList: Ignoring invalid IP acl entry '%s', unknown first address '%s'\n", addr1); ! safe_free(q); ! continue; ! } ! ! /* Decode addr2 */ ! if(*addr2 && !decode_addr(addr2,&q->addr2,&q->mask)) { ! debug(28, 0, "%s line %d: %s\n", ! cfg_filename, config_lineno, config_input_line); ! debug(28, 0, "aclParseIpList: Ignoring invalid IP acl entry '%s', unknown second address '%s'\n", addr1); ! safe_free(q); ! continue; ! } ! ! /* Decode mask */ ! if(*mask && !decode_addr(mask,&q->mask,NULL)) { ! debug(28, 0, "%s line %d: %s\n", ! cfg_filename, config_lineno, config_input_line); ! debug(28, 0, "aclParseIpList: Ignoring invalid IP acl entry '%s', unknown netmask '%s'\n", mask); safe_free(q); continue; } } *(Tail) = q; Tail = &q->next; } *************** *** 426,438 **** struct in_addr c; { struct in_addr h; while (data) { ! h.s_addr = c.s_addr & data->mask1.s_addr; debug(28, 3, "aclMatchIp: h = %s\n", inet_ntoa(h)); debug(28, 3, "aclMatchIp: addr1 = %s\n", inet_ntoa(data->addr1)); ! if (h.s_addr == data->addr1.s_addr) { ! debug(28, 3, "aclMatchIp: returning 1\n"); ! return 1; } data = data->next; } --- 472,498 ---- struct in_addr c; { struct in_addr h; + unsigned long lh,la1,la2; + while (data) { ! h.s_addr = c.s_addr & data->mask.s_addr; debug(28, 3, "aclMatchIp: h = %s\n", inet_ntoa(h)); debug(28, 3, "aclMatchIp: addr1 = %s\n", inet_ntoa(data->addr1)); ! debug(28, 3, "aclMatchIp: addr2 = %s\n", inet_ntoa(data->addr2)); ! if(!data->addr2.s_addr) { ! if(h.s_addr == data->addr1.s_addr) { ! debug(28, 3, "aclMatchIp: returning 1\n"); ! return 1; ! } ! } else { ! /* This is a range check */ ! lh=ntohl(h.s_addr); ! la1=ntohl(data->addr1.s_addr); ! la2=ntohl(data->addr2.s_addr); ! if(lh>=la1 && lh<=la2) { ! debug(28, 3, "aclMatchIp: returning 1\n"); ! return 1; ! } } data = data->next; } diff -N -c -r -X exclude_files squid-1.0.beta7/src/acl.h squid-1.0.beta7.henrik/src/acl.h *** squid-1.0.beta7/src/acl.h Thu May 9 04:31:51 1996 --- squid-1.0.beta7.henrik/src/acl.h Fri May 17 17:09:56 1996 *************** *** 24,32 **** struct _acl_ip_data { struct in_addr addr1; /* if addr2 non-zero then its a range */ - struct in_addr mask1; struct in_addr addr2; ! struct in_addr mask2; struct _acl_ip_data *next; }; --- 24,31 ---- struct _acl_ip_data { struct in_addr addr1; /* if addr2 non-zero then its a range */ struct in_addr addr2; ! struct in_addr mask; struct _acl_ip_data *next; };