summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--tools/libskrewt.c57
1 files changed, 38 insertions, 19 deletions
diff --git a/tools/libskrewt.c b/tools/libskrewt.c
index c8f2ccd..5e06dea 100644
--- a/tools/libskrewt.c
+++ b/tools/libskrewt.c
@@ -236,6 +236,24 @@ void check_spf(name_tester& fqdn, const string ip) {
}
}
+bool operator==(const struct addrinfo& aaa,
+ const struct addrinfo& bbb) {
+ if (aaa.ai_family != bbb.ai_family) return 0;
+ if (memcmp(aaa.ai_addr, bbb.ai_addr, aaa.ai_addrlen) != 0) return 0;
+ return 1;
+}
+
+// loop over all IP addresses in linked list, checking for a match
+bool matchany(const struct addrinfo& aaa,
+ const struct addrinfo* blist){
+ for (const struct addrinfo *bbb = blist; bbb != NULL; bbb = bbb->ai_next){
+ if (aaa == *bbb) {
+ return 1; // match
+ }
+ }
+ return 0;
+}
+
void check_map2ip(name_tester& fqdn, const string ipstr) {
if (ipstr.length() == 0) {
cerr << progid << " check_map2ip: no addr specified." << endl;
@@ -243,10 +261,13 @@ void check_map2ip(name_tester& fqdn, const string ipstr) {
return;
}
-// convert address-as-string to address-as-bits.
-// also get information about family
- struct addrinfo *ipresult;
- struct addrinfo *result;
+// Convert address-as-string to address-as-bits.
+// Also get information about family.
+// The trick is, we will get address info about an /address/.
+// (This is in contrast to a normal fwd dns lookup,
+// which gets address info about a name.)
+
+ struct addrinfo *ip_bits;
addrinfo hints;
int error;
@@ -254,7 +275,7 @@ void check_map2ip(name_tester& fqdn, const string ipstr) {
// restrict to TCP only; otherwise we get N records per address
hints.ai_protocol = IPPROTO_TCP;
- error = getaddrinfo(ipstr.c_str(), NULL, &hints, &ipresult);
+ error = getaddrinfo(ipstr.c_str(), NULL, &hints, &ip_bits);
// EAI_NONAME covers the case of malformed IP address
// e.g. 1.2.3.4.5
if (error == EAI_NONAME) {
@@ -269,14 +290,17 @@ void check_map2ip(name_tester& fqdn, const string ipstr) {
fqdn.map2ip = fail;
return;
}
- if (!ipresult) {
+ if (!ip_bits) {
cerr << progid
<<" ??? should never happen (ipstr with no ipbits?)" << endl;
fqdn.map2ip = fail;
return;
}
- error = getaddrinfo(fqdn.name.c_str(), NULL, &hints, &result);
+// do the forward dns lookup
+// result is a list of ip addresses
+ struct addrinfo *fwd_rslt;
+ error = getaddrinfo(fqdn.name.c_str(), NULL, &hints, &fwd_rslt);
if (error == EAI_NONAME) {
// malformed name, or no address for name
fqdn.map2ip = fail;
@@ -291,19 +315,14 @@ void check_map2ip(name_tester& fqdn, const string ipstr) {
return;
}
-// loop over all returned results and check for a match.
- for (struct addrinfo *res = result; res != NULL; res = res->ai_next){
- if (memcmp(res->ai_addr, ipresult->ai_addr, res->ai_addrlen) == 0) {
- // match!
- goto done;
- }
+ if (!matchany(*ip_bits, fwd_rslt)) {
+ fqdn.map2ip = fail;
+ return;
}
- // here if no match
- fqdn.map2ip = fail;
- return;
-done:
- fqdn.map2ip = pass;
- return;
+
+// here if all checks have been passed
+ fqdn.map2ip = pass;
+ return;
}
void check_name_ip(name_tester& fqdn, const string ip) {