diff options
-rw-r--r-- | tools/libskrewt.c | 57 |
1 files changed, 38 insertions, 19 deletions
diff --git a/tools/libskrewt.c b/tools/libskrewt.c index c8f2ccd..5e06dea 100644 --- a/tools/libskrewt.c +++ b/tools/libskrewt.c @@ -236,6 +236,24 @@ void check_spf(name_tester& fqdn, const string ip) { } } +bool operator==(const struct addrinfo& aaa, + const struct addrinfo& bbb) { + if (aaa.ai_family != bbb.ai_family) return 0; + if (memcmp(aaa.ai_addr, bbb.ai_addr, aaa.ai_addrlen) != 0) return 0; + return 1; +} + +// loop over all IP addresses in linked list, checking for a match +bool matchany(const struct addrinfo& aaa, + const struct addrinfo* blist){ + for (const struct addrinfo *bbb = blist; bbb != NULL; bbb = bbb->ai_next){ + if (aaa == *bbb) { + return 1; // match + } + } + return 0; +} + void check_map2ip(name_tester& fqdn, const string ipstr) { if (ipstr.length() == 0) { cerr << progid << " check_map2ip: no addr specified." << endl; @@ -243,10 +261,13 @@ void check_map2ip(name_tester& fqdn, const string ipstr) { return; } -// convert address-as-string to address-as-bits. -// also get information about family - struct addrinfo *ipresult; - struct addrinfo *result; +// Convert address-as-string to address-as-bits. +// Also get information about family. +// The trick is, we will get address info about an /address/. +// (This is in contrast to a normal fwd dns lookup, +// which gets address info about a name.) + + struct addrinfo *ip_bits; addrinfo hints; int error; @@ -254,7 +275,7 @@ void check_map2ip(name_tester& fqdn, const string ipstr) { // restrict to TCP only; otherwise we get N records per address hints.ai_protocol = IPPROTO_TCP; - error = getaddrinfo(ipstr.c_str(), NULL, &hints, &ipresult); + error = getaddrinfo(ipstr.c_str(), NULL, &hints, &ip_bits); // EAI_NONAME covers the case of malformed IP address // e.g. 1.2.3.4.5 if (error == EAI_NONAME) { @@ -269,14 +290,17 @@ void check_map2ip(name_tester& fqdn, const string ipstr) { fqdn.map2ip = fail; return; } - if (!ipresult) { + if (!ip_bits) { cerr << progid <<" ??? should never happen (ipstr with no ipbits?)" << endl; fqdn.map2ip = fail; return; } - error = getaddrinfo(fqdn.name.c_str(), NULL, &hints, &result); +// do the forward dns lookup +// result is a list of ip addresses + struct addrinfo *fwd_rslt; + error = getaddrinfo(fqdn.name.c_str(), NULL, &hints, &fwd_rslt); if (error == EAI_NONAME) { // malformed name, or no address for name fqdn.map2ip = fail; @@ -291,19 +315,14 @@ void check_map2ip(name_tester& fqdn, const string ipstr) { return; } -// loop over all returned results and check for a match. - for (struct addrinfo *res = result; res != NULL; res = res->ai_next){ - if (memcmp(res->ai_addr, ipresult->ai_addr, res->ai_addrlen) == 0) { - // match! - goto done; - } + if (!matchany(*ip_bits, fwd_rslt)) { + fqdn.map2ip = fail; + return; } - // here if no match - fqdn.map2ip = fail; - return; -done: - fqdn.map2ip = pass; - return; + +// here if all checks have been passed + fqdn.map2ip = pass; + return; } void check_name_ip(name_tester& fqdn, const string ip) { |