"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "src/ipset.c" between
dnsmasq-2.80.tar.gz and dnsmasq-2.81.tar.xz

About: Dnsmasq is a lightweight caching DNS forwarder and DHCP server.

ipset.c  (dnsmasq-2.80):ipset.c  (dnsmasq-2.81.tar.xz)
skipping to change at line 25 skipping to change at line 25
*/ */
#include "dnsmasq.h" #include "dnsmasq.h"
#if defined(HAVE_IPSET) && defined(HAVE_LINUX_NETWORK) #if defined(HAVE_IPSET) && defined(HAVE_LINUX_NETWORK)
#include <string.h> #include <string.h>
#include <errno.h> #include <errno.h>
#include <sys/types.h> #include <sys/types.h>
#include <sys/socket.h> #include <sys/socket.h>
#include <sys/utsname.h>
#include <arpa/inet.h> #include <arpa/inet.h>
#include <linux/version.h>
#include <linux/netlink.h> #include <linux/netlink.h>
/* We want to be able to compile against old header files /* We want to be able to compile against old header files
Kernel version is handled at run-time. */ Kernel version is handled at run-time. */
#define NFNL_SUBSYS_IPSET 6 #define NFNL_SUBSYS_IPSET 6
#define IPSET_ATTR_DATA 7 #define IPSET_ATTR_DATA 7
#define IPSET_ATTR_IP 1 #define IPSET_ATTR_IP 1
#define IPSET_ATTR_IPADDR_IPV4 1 #define IPSET_ATTR_IPADDR_IPV4 1
skipping to change at line 89 skipping to change at line 87
struct my_nlattr *attr = (void *)nlh + NL_ALIGN(nlh->nlmsg_len); struct my_nlattr *attr = (void *)nlh + NL_ALIGN(nlh->nlmsg_len);
uint16_t payload_len = NL_ALIGN(sizeof(struct my_nlattr)) + len; uint16_t payload_len = NL_ALIGN(sizeof(struct my_nlattr)) + len;
attr->nla_type = type; attr->nla_type = type;
attr->nla_len = payload_len; attr->nla_len = payload_len;
memcpy((void *)attr + NL_ALIGN(sizeof(struct my_nlattr)), data, len); memcpy((void *)attr + NL_ALIGN(sizeof(struct my_nlattr)), data, len);
nlh->nlmsg_len += NL_ALIGN(payload_len); nlh->nlmsg_len += NL_ALIGN(payload_len);
} }
void ipset_init(void) void ipset_init(void)
{ {
struct utsname utsname; old_kernel = (daemon->kernel_version < KERNEL_VERSION(2,6,32));
int version;
char *split;
if (uname(&utsname) < 0)
die(_("failed to find kernel version: %s"), NULL, EC_MISC);
split = strtok(utsname.release, ".");
version = (split ? atoi(split) : 0);
split = strtok(NULL, ".");
version = version * 256 + (split ? atoi(split) : 0);
split = strtok(NULL, ".");
version = version * 256 + (split ? atoi(split) : 0);
old_kernel = (version < KERNEL_VERSION(2,6,32));
if (old_kernel && (ipset_sock = socket(AF_INET, SOCK_RAW, IPPROTO_RAW)) != -1) if (old_kernel && (ipset_sock = socket(AF_INET, SOCK_RAW, IPPROTO_RAW)) != -1)
return; return;
if (!old_kernel && if (!old_kernel &&
(buffer = safe_malloc(BUFF_SZ)) && (buffer = safe_malloc(BUFF_SZ)) &&
(ipset_sock = socket(AF_NETLINK, SOCK_RAW, NETLINK_NETFILTER)) != -1 && (ipset_sock = socket(AF_NETLINK, SOCK_RAW, NETLINK_NETFILTER)) != -1 &&
(bind(ipset_sock, (struct sockaddr *)&snl, sizeof(snl)) != -1)) (bind(ipset_sock, (struct sockaddr *)&snl, sizeof(snl)) != -1))
return; return;
die (_("failed to create IPset control socket: %s"), NULL, EC_MISC); die (_("failed to create IPset control socket: %s"), NULL, EC_MISC);
} }
static int new_add_to_ipset(const char *setname, const struct all_addr *ipaddr, int af, int remove) static int new_add_to_ipset(const char *setname, const union all_addr *ipaddr, i nt af, int remove)
{ {
struct nlmsghdr *nlh; struct nlmsghdr *nlh;
struct my_nfgenmsg *nfg; struct my_nfgenmsg *nfg;
struct my_nlattr *nested[2]; struct my_nlattr *nested[2];
uint8_t proto; uint8_t proto;
int addrsz = INADDRSZ; int addrsz = (af == AF_INET6) ? IN6ADDRSZ : INADDRSZ;
#ifdef HAVE_IPV6
if (af == AF_INET6)
addrsz = IN6ADDRSZ;
#endif
if (strlen(setname) >= IPSET_MAXNAMELEN) if (strlen(setname) >= IPSET_MAXNAMELEN)
{ {
errno = ENAMETOOLONG; errno = ENAMETOOLONG;
return -1; return -1;
} }
memset(buffer, 0, BUFF_SZ); memset(buffer, 0, BUFF_SZ);
nlh = (struct nlmsghdr *)buffer; nlh = (struct nlmsghdr *)buffer;
skipping to change at line 159 skipping to change at line 139
add_attr(nlh, IPSET_ATTR_PROTOCOL, sizeof(proto), &proto); add_attr(nlh, IPSET_ATTR_PROTOCOL, sizeof(proto), &proto);
add_attr(nlh, IPSET_ATTR_SETNAME, strlen(setname) + 1, setname); add_attr(nlh, IPSET_ATTR_SETNAME, strlen(setname) + 1, setname);
nested[0] = (struct my_nlattr *)(buffer + NL_ALIGN(nlh->nlmsg_len)); nested[0] = (struct my_nlattr *)(buffer + NL_ALIGN(nlh->nlmsg_len));
nlh->nlmsg_len += NL_ALIGN(sizeof(struct my_nlattr)); nlh->nlmsg_len += NL_ALIGN(sizeof(struct my_nlattr));
nested[0]->nla_type = NLA_F_NESTED | IPSET_ATTR_DATA; nested[0]->nla_type = NLA_F_NESTED | IPSET_ATTR_DATA;
nested[1] = (struct my_nlattr *)(buffer + NL_ALIGN(nlh->nlmsg_len)); nested[1] = (struct my_nlattr *)(buffer + NL_ALIGN(nlh->nlmsg_len));
nlh->nlmsg_len += NL_ALIGN(sizeof(struct my_nlattr)); nlh->nlmsg_len += NL_ALIGN(sizeof(struct my_nlattr));
nested[1]->nla_type = NLA_F_NESTED | IPSET_ATTR_IP; nested[1]->nla_type = NLA_F_NESTED | IPSET_ATTR_IP;
add_attr(nlh, add_attr(nlh,
(af == AF_INET ? IPSET_ATTR_IPADDR_IPV4 : IPSET_ATTR_IPADDR_IPV6) | NL A_F_NET_BYTEORDER, (af == AF_INET ? IPSET_ATTR_IPADDR_IPV4 : IPSET_ATTR_IPADDR_IPV6) | NL A_F_NET_BYTEORDER,
addrsz, &ipaddr->addr); addrsz, ipaddr);
nested[1]->nla_len = (void *)buffer + NL_ALIGN(nlh->nlmsg_len) - (void *)neste d[1]; nested[1]->nla_len = (void *)buffer + NL_ALIGN(nlh->nlmsg_len) - (void *)neste d[1];
nested[0]->nla_len = (void *)buffer + NL_ALIGN(nlh->nlmsg_len) - (void *)neste d[0]; nested[0]->nla_len = (void *)buffer + NL_ALIGN(nlh->nlmsg_len) - (void *)neste d[0];
while (retry_send(sendto(ipset_sock, buffer, nlh->nlmsg_len, 0, while (retry_send(sendto(ipset_sock, buffer, nlh->nlmsg_len, 0,
(struct sockaddr *)&snl, sizeof(snl)))); (struct sockaddr *)&snl, sizeof(snl))));
return errno == 0 ? 0 : -1; return errno == 0 ? 0 : -1;
} }
static int old_add_to_ipset(const char *setname, const struct all_addr *ipaddr, int remove) static int old_add_to_ipset(const char *setname, const union all_addr *ipaddr, i nt remove)
{ {
socklen_t size; socklen_t size;
struct ip_set_req_adt_get { struct ip_set_req_adt_get {
unsigned op; unsigned op;
unsigned version; unsigned version;
union { union {
char name[IPSET_MAXNAMELEN]; char name[IPSET_MAXNAMELEN];
uint16_t index; uint16_t index;
} set; } set;
char typename[IPSET_MAXNAMELEN]; char typename[IPSET_MAXNAMELEN];
skipping to change at line 201 skipping to change at line 181
} }
req_adt_get.op = 0x10; req_adt_get.op = 0x10;
req_adt_get.version = 3; req_adt_get.version = 3;
strcpy(req_adt_get.set.name, setname); strcpy(req_adt_get.set.name, setname);
size = sizeof(req_adt_get); size = sizeof(req_adt_get);
if (getsockopt(ipset_sock, SOL_IP, 83, &req_adt_get, &size) < 0) if (getsockopt(ipset_sock, SOL_IP, 83, &req_adt_get, &size) < 0)
return -1; return -1;
req_adt.op = remove ? 0x102 : 0x101; req_adt.op = remove ? 0x102 : 0x101;
req_adt.index = req_adt_get.set.index; req_adt.index = req_adt_get.set.index;
req_adt.ip = ntohl(ipaddr->addr.addr4.s_addr); req_adt.ip = ntohl(ipaddr->addr4.s_addr);
if (setsockopt(ipset_sock, SOL_IP, 83, &req_adt, sizeof(req_adt)) < 0) if (setsockopt(ipset_sock, SOL_IP, 83, &req_adt, sizeof(req_adt)) < 0)
return -1; return -1;
return 0; return 0;
} }
int add_to_ipset(const char *setname, const struct all_addr *ipaddr, int flags, int remove) int add_to_ipset(const char *setname, const union all_addr *ipaddr, int flags, i nt remove)
{ {
int ret = 0, af = AF_INET; int ret = 0, af = AF_INET;
#ifdef HAVE_IPV6
if (flags & F_IPV6) if (flags & F_IPV6)
{ {
af = AF_INET6; af = AF_INET6;
/* old method only supports IPv4 */ /* old method only supports IPv4 */
if (old_kernel) if (old_kernel)
{ {
errno = EAFNOSUPPORT ; errno = EAFNOSUPPORT ;
ret = -1; ret = -1;
} }
} }
#endif
if (ret != -1) if (ret != -1)
ret = old_kernel ? old_add_to_ipset(setname, ipaddr, remove) : new_add_to_ip set(setname, ipaddr, af, remove); ret = old_kernel ? old_add_to_ipset(setname, ipaddr, remove) : new_add_to_ip set(setname, ipaddr, af, remove);
if (ret == -1) if (ret == -1)
my_syslog(LOG_ERR, _("failed to update ipset %s: %s"), setname, strerror(er rno)); my_syslog(LOG_ERR, _("failed to update ipset %s: %s"), setname, strerror(er rno));
return ret; return ret;
} }
 End of changes. 11 change blocks. 
29 lines changed or deleted 7 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)