Permalink
Browse files

resolve when acl_match_host failed

  • Loading branch information...
blackgear authored and madeye committed Apr 23, 2017
1 parent 54acbba commit 81006d4690cfbd04afabc176d2c1a3bb69a12808
Showing with 21 additions and 19 deletions.
  1. +21 −19 src/local.c
@@ -602,25 +602,6 @@ server_recv_cb(EV_P_ ev_io *w, int revents)
host[name_len] = '\0';
sprintf(port, "%d", p);
struct sockaddr_storage storage;
memset(&storage, 0, sizeof(struct sockaddr_storage));
// resolve domain so we can bypass domain with geoip
if (get_sockaddr(host, port, &storage, 0, ipv6first) != -1) {
switch(((struct sockaddr*)&storage)->sa_family) {
case AF_INET: {
struct sockaddr_in *addr_in = (struct sockaddr_in *)&storage;
dns_ntop(AF_INET, &(addr_in->sin_addr), ip, INET_ADDRSTRLEN);
break;
}
case AF_INET6: {
struct sockaddr_in6 *addr_in6 = (struct sockaddr_in6 *)&storage;
dns_ntop(AF_INET6, &(addr_in6->sin6_addr), ip, INET6_ADDRSTRLEN);
break;
}
default:
break;
}
}
}
} else if (atyp == 4) {
// IP V6
@@ -710,6 +691,27 @@ server_recv_cb(EV_P_ ev_io *w, int revents)
else if (host_match < 0)
bypass = 0; // proxy hostnames in white list
else {
if (atyp == 3) { // resolve domain so we can bypass domain with geoip
struct sockaddr_storage storage;
memset(&storage, 0, sizeof(struct sockaddr_storage));
if (get_sockaddr(host, port, &storage, 0, ipv6first) != -1) {
switch(((struct sockaddr*)&storage)->sa_family) {
case AF_INET: {
struct sockaddr_in *addr_in = (struct sockaddr_in *)&storage;
dns_ntop(AF_INET, &(addr_in->sin_addr), ip, INET_ADDRSTRLEN);
break;
}
case AF_INET6: {
struct sockaddr_in6 *addr_in6 = (struct sockaddr_in6 *)&storage;
dns_ntop(AF_INET6, &(addr_in6->sin6_addr), ip, INET6_ADDRSTRLEN);
break;
}
default:
break;
}
}
}
int ip_match = acl_match_host(ip);
switch (get_acl_mode()) {
case BLACK_LIST:

0 comments on commit 81006d4

Please sign in to comment.