trafficserver-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From zw...@apache.org
Subject [27/50] git commit: TS-2158: Properly mark an IP as non-routable for IPv4 and IPv6 link local addresses as well as IPv6 private addresses and IPv4 Carrier Grade NAT addresses from RFC 6598.
Date Fri, 30 Aug 2013 16:20:40 GMT
TS-2158: Properly mark an IP as non-routable for IPv4 and IPv6 link local
addresses as well as IPv6 private addresses and IPv4 Carrier Grade NAT
addresses from RFC 6598.


Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/af4fc8eb
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/af4fc8eb
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/af4fc8eb

Branch: refs/heads/5.0.x
Commit: af4fc8eba7e313a5a7fb5613382fd0165d44708b
Parents: 216ecda
Author: Phil Sorber <sorber@apache.org>
Authored: Mon Aug 26 13:42:46 2013 -0600
Committer: Phil Sorber <sorber@apache.org>
Committed: Mon Aug 26 13:43:41 2013 -0600

----------------------------------------------------------------------
 CHANGES           |  4 ++++
 lib/ts/ink_inet.h | 15 +++++++++++----
 2 files changed, 15 insertions(+), 4 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/trafficserver/blob/af4fc8eb/CHANGES
----------------------------------------------------------------------
diff --git a/CHANGES b/CHANGES
index 0fec2af..7c41477 100644
--- a/CHANGES
+++ b/CHANGES
@@ -2,6 +2,10 @@
 Changes with Apache Traffic Server 4.1.0
 
 
+  *) [TS-2158] Properly mark an IP as non-routable for IPv4 and IPv6 link local
+   addresses as well as IPv6 private addresses and IPv4 Carrier Grade NAT
+   addresses from RFC 6598.
+
   *) [TS-2155] Make a new RAT exclude file that uses the regular expressions
    now supported. Also cleanup some of minor licensing discrepancies.
 

http://git-wip-us.apache.org/repos/asf/trafficserver/blob/af4fc8eb/lib/ts/ink_inet.h
----------------------------------------------------------------------
diff --git a/lib/ts/ink_inet.h b/lib/ts/ink_inet.h
index 760c89c..21cf02b 100644
--- a/lib/ts/ink_inet.h
+++ b/lib/ts/ink_inet.h
@@ -571,11 +571,18 @@ inline bool ats_is_ip_nonroutable(sockaddr const* ip) {
   bool zret = false;
   if (ats_is_ip4(ip)) {
     in_addr_t a = ats_ip4_addr_cast(ip);
-    zret = ((a & htonl(0xFF000000)) == htonl(0x0A000000)) ||
-      ((a & htonl(0xFFFF0000)) == htonl(0xC0A80000)) ||
-      ((a & htonl(0xFFF00000)) == htonl(0xAC100000))
+    zret = ((a & htonl(0xFF000000)) == htonl(0x0A000000)) || // priv 10.0.0.0/8
+      ((a & htonl(0xFFC00000)) == htonl(0x64400000)) ||      // priv 100.64.0.0/10
+      ((a & htonl(0xFFF00000)) == htonl(0xAC100000)) ||      // priv 172.16.0.0/12
+      ((a & htonl(0xFFFF0000)) == htonl(0xC0A80000)) ||      // priv 192.168.0.0/16
+      ((a & htonl(0xFFFF0000)) == htonl(0xA9FE0000))         // link 169.254.0.0/16
       ;
-  } // should we do something for IPv6 addresses?
+  } else if (ats_is_ip6(ip)) {
+    in6_addr a = ats_ip6_addr_cast(ip);
+    zret = ((a.s6_addr[0] & 0xFE) == 0xFC) ||                     // priv fc00::/7
+      ((a.s6_addr[0] == 0xFE) && ((a.s6_addr[1] & 0xC0) == 0x80)) // link fe80::/10
+      ;
+  }
   return zret;
 }
 


Mime
View raw message