Skip to content

V
varnish-cache
Commit 20de7660 authored by Poul-Henning Kamp's avatar Poul-Henning Kamp
Browse files
Options

Emit the "ipv4+ipv6 and mask" error first.

parent 83ab25a2
Hide whitespace changes
Inline Side-by-side
Showing with 27 additions and 15 deletions
lib/libvcc/vcc_acl.c
View file @ 20de7660
...@@ -138,17 +138,17 @@ vcc_acl_chk(struct vcc *tl, const struct acl_e *ae, const int l, ...@@ -138,17 +138,17 @@ vcc_acl_chk(struct vcc *tl, const struct acl_e *ae, const int l,
AN(sa); AN(sa);
VTCP_name(sa, h, sizeof h, NULL, 0); VTCP_name(sa, h, sizeof h, NULL, 0);
bprintf(t, "%s/%d", h, ae->mask); bprintf(t, "%s/%d", h, ae->mask);
VSB_printf(tl->sb, "Address/Netmask mismatch, ");
if (tl->acl_pedantic != 0) if (tl->acl_pedantic != 0)
VSB_printf(tl->sb, "Address/Netmask mismatch, need be %s\n", t); VSB_printf(tl->sb, "need be %s\n", t);
else else
VSB_printf(tl->sb, "Address/Netmask mismatch, changed to %s\n", t); VSB_printf(tl->sb, "changed to %s\n", t);
vcc_ErrWhere(tl, ae->t_addr); vcc_ErrWhere(tl, ae->t_addr);
if (tl->acl_pedantic == 0) if (tl->acl_pedantic == 0)
vcc_Warn(tl); vcc_Warn(tl);
return (strdup(t)); return (strdup(t));
} }
static void static void
vcc_acl_add_entry(struct vcc *tl, const struct acl_e *ae, int l, vcc_acl_add_entry(struct vcc *tl, const struct acl_e *ae, int l,
unsigned char *u, int fam) unsigned char *u, int fam)
...@@ -256,6 +256,30 @@ vcc_acl_try_getaddrinfo(struct vcc *tl, struct acl_e *ae) ...@@ -256,6 +256,30 @@ vcc_acl_try_getaddrinfo(struct vcc *tl, struct acl_e *ae)
} }
i4 = i6 = 0; i4 = i6 = 0;
for (res = res0; res != NULL; res = res->ai_next) {
switch (res->ai_family) {
case PF_INET:
i4++;
break;
case PF_INET6:
i6++;
break;
default:
VSB_printf(tl->sb,
"Ignoring unknown protocol family (%d) for %.*s\n",
res->ai_family, PF(ae->t_addr));
continue;
}
}
if (ae->t_mask != NULL && i4 > 0 && i6 > 0) {
VSB_printf(tl->sb,
"Mask (/%u) specified, but string resolves to"
" both IPv4 and IPv6 addresses.\n", ae->mask);
vcc_ErrWhere(tl, ae->t_mask);
return;
}
for (res = res0; res != NULL; res = res->ai_next) { for (res = res0; res != NULL; res = res->ai_next) {
switch (res->ai_family) { switch (res->ai_family) {
case PF_INET: case PF_INET:
...@@ -265,7 +289,6 @@ vcc_acl_try_getaddrinfo(struct vcc *tl, struct acl_e *ae) ...@@ -265,7 +289,6 @@ vcc_acl_try_getaddrinfo(struct vcc *tl, struct acl_e *ae)
u = (void*)&sin4->sin_addr; u = (void*)&sin4->sin_addr;
if (ae->t_mask == NULL) if (ae->t_mask == NULL)
ae->mask = 32; ae->mask = 32;
i4++;
vcc_acl_add_entry(tl, ae, 4, u, res->ai_family); vcc_acl_add_entry(tl, ae, 4, u, res->ai_family);
break; break;
case PF_INET6: case PF_INET6:
...@@ -275,13 +298,9 @@ vcc_acl_try_getaddrinfo(struct vcc *tl, struct acl_e *ae) ...@@ -275,13 +298,9 @@ vcc_acl_try_getaddrinfo(struct vcc *tl, struct acl_e *ae)
u = (void*)&sin6->sin6_addr; u = (void*)&sin6->sin6_addr;
if (ae->t_mask == NULL) if (ae->t_mask == NULL)
ae->mask = 128; ae->mask = 128;
i6++;
vcc_acl_add_entry(tl, ae, 16, u, res->ai_family); vcc_acl_add_entry(tl, ae, 16, u, res->ai_family);
break; break;
default: default:
VSB_printf(tl->sb,
"Ignoring unknown protocol family (%d) for %.*s\n",
res->ai_family, PF(ae->t_addr));
continue; continue;
} }
if (tl->err) if (tl->err)
...@@ -290,13 +309,6 @@ vcc_acl_try_getaddrinfo(struct vcc *tl, struct acl_e *ae) ...@@ -290,13 +309,6 @@ vcc_acl_try_getaddrinfo(struct vcc *tl, struct acl_e *ae)
} }
freeaddrinfo(res0); freeaddrinfo(res0);
if (ae->t_mask != NULL && i4 > 0 && i6 > 0) {
VSB_printf(tl->sb,
"Mask (/%u) specified, but string resolves to"
" both IPv4 and IPv6 addresses.\n", ae->mask);
vcc_ErrWhere(tl, ae->t_mask);
return;
}
} }
/*-------------------------------------------------------------------- /*--------------------------------------------------------------------
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment