upstream/haproxy
1
0
Fork 0
mirror of https://github.com/haproxy/haproxy.git synced 2026-04-21 14:17:30 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 9

MINOR: standard: avoid DNS resolution from the function str2sa_range()

Browse source 
This patch blocks the DNS resolution in the function str2sa_range(),
this is useful if the function is used during the HAProxy runtime.
This commit is contained in:
Thierry FOURNIER 2015-09-26 20:03:36 +02:00 committed by Willy Tarreau
parent 55dcaf6521
commit 7fe3be7281
4 changed files with 20 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
include/common/standard.h
View file

@ -275,9 +275,10 @@ extern const char *invalid_domainchar(const char *name);
* The IPv6 '::' address is IN6ADDR_ANY, so in order to bind to a given port on
* IPv6, use ":::port". NULL is returned if the host part cannot be resolved.
* If <pfx> is non-null, it is used as a string prefix before any path-based
* address (typically the path to a unix socket).
* address (typically the path to a unix socket). If use_dns is not true,
* the funtion cannot accept the DNS resolution.
*/
struct sockaddr_storage *str2sa_range(const char *str, int *low, int *high, char **err, const char *pfx, char **fqdn);
struct sockaddr_storage *str2sa_range(const char *str, int *low, int *high, char **err, const char *pfx, char **fqdn, int use_dns);
/* converts <str> to a struct in_addr containing a network mask. It can be
* passed in dotted form (255.255.255.0) or in CIDR form (24). It returns 1

18
src/cfgparse.c
View file

@ -240,7 +240,7 @@ int str2listener(char *str, struct proxy *curproxy, struct bind_conf *bind_conf,
ss2 = str2sa_range(str, &port, &end, err,
curproxy == global.stats_fe ? NULL : global.unix_bind.prefix,
NULL);
NULL, 1);
if (!ss2)
goto fail;
@ -1598,7 +1598,7 @@ int cfg_parse_global(const char *file, int linenum, char **args, int kwm)
}
}
sk = str2sa_range(args[1], &port1, &port2, &errmsg, NULL, NULL);
sk = str2sa_range(args[1], &port1, &port2, &errmsg, NULL, NULL, 1);
if (!sk) {
Alert("parsing [%s:%d] : '%s': %s\n", file, linenum, args[0], errmsg);
err_code |= ERR_ALERT | ERR_FATAL;
@ -2059,7 +2059,7 @@ int cfg_parse_peers(const char *file, int linenum, char **args, int kwm)
newpeer->last_change = now.tv_sec;
newpeer->id = strdup(args[1]);
sk = str2sa_range(args[2], &port1, &port2, &errmsg, NULL, NULL);
sk = str2sa_range(args[2], &port1, &port2, &errmsg, NULL, NULL, 1);
if (!sk) {
Alert("parsing [%s:%d] : '%s %s' : %s\n", file, linenum, args[0], args[1], errmsg);
err_code |= ERR_ALERT | ERR_FATAL;
@ -2259,7 +2259,7 @@ int cfg_parse_resolvers(const char *file, int linenum, char **args, int kwm)
newnameserver->conf.line = linenum;
newnameserver->id = strdup(args[1]);
sk = str2sa_range(args[2], &port1, &port2, &errmsg, NULL, NULL);
sk = str2sa_range(args[2], &port1, &port2, &errmsg, NULL, NULL, 1);
if (!sk) {
Alert("parsing [%s:%d] : '%s %s' : %s\n", file, linenum, args[0], args[1], errmsg);
err_code |= ERR_ALERT | ERR_FATAL;
@ -2443,7 +2443,7 @@ int cfg_parse_mailers(const char *file, int linenum, char **args, int kwm)
newmailer->id = strdup(args[1]);
sk = str2sa_range(args[2], &port1, &port2, &errmsg, NULL, NULL);
sk = str2sa_range(args[2], &port1, &port2, &errmsg, NULL, NULL, 1);
if (!sk) {
Alert("parsing [%s:%d] : '%s %s' : %s\n", file, linenum, args[0], args[1], errmsg);
err_code |= ERR_ALERT | ERR_FATAL;
@ -5611,7 +5611,7 @@ stats_error_parsing:
else if (warnifnotcap(curproxy, PR_CAP_BE, file, linenum, args[0], NULL))
err_code |= ERR_WARN;
sk = str2sa_range(args[1], &port1, &port2, &errmsg, NULL, NULL);
sk = str2sa_range(args[1], &port1, &port2, &errmsg, NULL, NULL, 1);
if (!sk) {
Alert("parsing [%s:%d] : '%s' : %s\n", file, linenum, args[0], errmsg);
err_code |= ERR_ALERT | ERR_FATAL;
@ -5883,7 +5883,7 @@ stats_error_parsing:
}
}
sk = str2sa_range(args[1], &port1, &port2, &errmsg, NULL, NULL);
sk = str2sa_range(args[1], &port1, &port2, &errmsg, NULL, NULL, 1);
if (!sk) {
Alert("parsing [%s:%d] : '%s': %s\n", file, linenum, args[0], errmsg);
err_code |= ERR_ALERT | ERR_FATAL;
@ -5935,7 +5935,7 @@ stats_error_parsing:
curproxy->conn_src.iface_name = NULL;
curproxy->conn_src.iface_len = 0;
sk = str2sa_range(args[1], &port1, &port2, &errmsg, NULL, NULL);
sk = str2sa_range(args[1], &port1, &port2, &errmsg, NULL, NULL, 1);
if (!sk) {
Alert("parsing [%s:%d] : '%s %s' : %s\n",
file, linenum, args[0], args[1], errmsg);
@ -6020,7 +6020,7 @@ stats_error_parsing:
} else {
struct sockaddr_storage *sk;
sk = str2sa_range(args[cur_arg + 1], &port1, &port2, &errmsg, NULL, NULL);
sk = str2sa_range(args[cur_arg + 1], &port1, &port2, &errmsg, NULL, NULL, 1);
if (!sk) {
Alert("parsing [%s:%d] : '%s %s' : %s\n",
file, linenum, args[cur_arg], args[cur_arg+1], errmsg);

8
src/server.c
View file

@ -907,7 +907,7 @@ int parse_server(const char *file, int linenum, char **args, struct proxy *curpr
* - IP:+N => port=+N, relative
* - IP:-N => port=-N, relative
*/
sk = str2sa_range(args[2], &port1, &port2, &errmsg, NULL, &fqdn);
sk = str2sa_range(args[2], &port1, &port2, &errmsg, NULL, &fqdn, 1);
if (!sk) {
Alert("parsing [%s:%d] : '%s %s' : %s\n", file, linenum, args[0], args[1], errmsg);
err_code |= ERR_ALERT | ERR_FATAL;
@ -1174,7 +1174,7 @@ int parse_server(const char *file, int linenum, char **args, struct proxy *curpr
int port1, port2;
struct protocol *proto;
sk = str2sa_range(args[cur_arg + 1], &port1, &port2, &errmsg, NULL, NULL);
sk = str2sa_range(args[cur_arg + 1], &port1, &port2, &errmsg, NULL, NULL, 1);
if (!sk) {
Alert("parsing [%s:%d] : '%s' : %s\n",
file, linenum, args[cur_arg], errmsg);
@ -1383,7 +1383,7 @@ int parse_server(const char *file, int linenum, char **args, struct proxy *curpr
}
newsrv->conn_src.opts |= CO_SRC_BIND;
sk = str2sa_range(args[cur_arg + 1], &port_low, &port_high, &errmsg, NULL, NULL);
sk = str2sa_range(args[cur_arg + 1], &port_low, &port_high, &errmsg, NULL, NULL, 1);
if (!sk) {
Alert("parsing [%s:%d] : '%s %s' : %s\n",
file, linenum, args[cur_arg], args[cur_arg+1], errmsg);
@ -1483,7 +1483,7 @@ int parse_server(const char *file, int linenum, char **args, struct proxy *curpr
struct sockaddr_storage *sk;
int port1, port2;
sk = str2sa_range(args[cur_arg + 1], &port1, &port2, &errmsg, NULL, NULL);
sk = str2sa_range(args[cur_arg + 1], &port1, &port2, &errmsg, NULL, NULL, 1);
if (!sk) {
Alert("parsing [%s:%d] : '%s %s' : %s\n",
file, linenum, args[cur_arg], args[cur_arg+1], errmsg);

6
src/standard.c
View file

@ -760,10 +760,12 @@ struct sockaddr_storage *str2ip2(const char *str, struct sockaddr_storage *sa, i
* that the caller will have to free(),
* - NULL if there was an explicit address that doesn't require resolution.
*
* Hostnames are only resolved if <resolve> is non-null.
*
* When a file descriptor is passed, its value is put into the s_addr part of
* the address when cast to sockaddr_in and the address family is AF_UNSPEC.
*/
struct sockaddr_storage *str2sa_range(const char *str, int *low, int *high, char **err, const char *pfx, char **fqdn)
struct sockaddr_storage *str2sa_range(const char *str, int *low, int *high, char **err, const char *pfx, char **fqdn, int resolve)
{
static struct sockaddr_storage ss;
struct sockaddr_storage *ret = NULL;
@ -862,7 +864,7 @@ struct sockaddr_storage *str2sa_range(const char *str, int *low, int *high, char
if (str2ip2(str2, &ss, 0) == NULL) {
use_fqdn = 1;
if (str2ip(str2, &ss) == NULL) {
if (!resolve || str2ip2(str2, &ss, 1) == NULL) {
memprintf(err, "invalid address: '%s' in '%s'\n", str2, str);
goto out;
}