diff options
author | jow <jow@3c298f89-4303-0410-b956-a3cf2f4a3e73> | 2010-08-11 00:05:34 +0000 |
---|---|---|
committer | jow <jow@3c298f89-4303-0410-b956-a3cf2f4a3e73> | 2010-08-11 00:05:34 +0000 |
commit | 262ee5065c716d2b2c4963ce024b9471f3d6f0f5 (patch) | |
tree | be0dd50c8730ad99adbd52f3d96e61bc83998e68 /uhttpd-utils.c | |
parent | eca18b19053fcd4350039ffa46c24c335f4142c4 (diff) | |
download | uhttpd-262ee5065c716d2b2c4963ce024b9471f3d6f0f5.tar.gz |
[package] uhttpd: add option to reject requests from RFC1918 IPs to public server IPs (DNS rebinding countermeasure)
git-svn-id: svn://svn.openwrt.org/openwrt/trunk/package/uhttpd/src@22589 3c298f89-4303-0410-b956-a3cf2f4a3e73
Diffstat (limited to 'uhttpd-utils.c')
-rw-r--r-- | uhttpd-utils.c | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/uhttpd-utils.c b/uhttpd-utils.c index 60badf2..4a1423c 100644 --- a/uhttpd-utils.c +++ b/uhttpd-utils.c @@ -59,6 +59,21 @@ int sa_port(void *sa) return ntohs(((struct sockaddr_in6 *)sa)->sin6_port); } +int sa_rfc1918(void *sa) +{ + struct sockaddr_in *v4 = (struct sockaddr_in *)sa; + unsigned long a = htonl(v4->sin_addr.s_addr); + + if( v4->sin_family == AF_INET ) + { + return ((a >= 0x0A000000) && (a <= 0x0AFFFFFF)) || + ((a >= 0xAC100000) && (a <= 0xAC1FFFFF)) || + ((a >= 0xC0A80000) && (a <= 0xC0A8FFFF)); + } + + return 0; +} + /* Simple strstr() like function that takes len arguments for both haystack and needle. */ char *strfind(char *haystack, int hslen, const char *needle, int ndlen) { |