DeforaNetworks/fwknop
DeforaNetworks/fwknop
3
0
Fork 0
Code Releases Activity

Let IPs resolve to IPv6 addresses over SSL

Browse Source 
Again, this depends on the remote host to be actually supporting IPv6.
This commit is contained in:
Pierre Pronchery 2018-06-12 16:34:36 -04:00
parent 07693a9245
commit b8252dbdb8
1 changed files with 31 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

57
client/http_resolve_host.c
View File

@ -212,6 +212,7 @@ try_url(struct url *url, fko_cli_options_t *options)
return(-1); return(-1);
} }
for (rp = result; rp != NULL; rp = rp->ai_next) { for (rp = result; rp != NULL; rp = rp->ai_next) {
/* the canonical value is in the first structure returned */
strlcpy(options->allow_ip_str, strlcpy(options->allow_ip_str,
rp->ai_canonname, sizeof(options->allow_ip_str)); rp->ai_canonname, sizeof(options->allow_ip_str));
break; break;
@ -312,8 +313,9 @@ parse_url(char *res_url, struct url* url)
int int
resolve_ip_https(fko_cli_options_t *options) resolve_ip_https(fko_cli_options_t *options)
{ {
int o1, o2, o3, o4, got_resp=0, i=0; int got_resp=0, error;
char *ndx, resp[MAX_IPV4_STR_LEN+1] = {0}; char resp[MAX_IPV4_STR_LEN+1] = {0};
struct addrinfo *result=NULL, *rp, hints;
struct url url; /* for validation only */ struct url url; /* for validation only */
char wget_ssl_cmd[MAX_URL_PATH_LEN] = {0}; /* for verbose logging only */ char wget_ssl_cmd[MAX_URL_PATH_LEN] = {0}; /* for verbose logging only */
@ -482,32 +484,35 @@ resolve_ip_https(fko_cli_options_t *options)
pclose(wget); pclose(wget);
#endif #endif
if(got_resp) if(! got_resp)
{ {
ndx = resp; log_msg(LOG_VERBOSITY_ERROR,
for(i=0; i<MAX_IPV4_STR_LEN; i++) { "[-] Could not resolve IP via: '%s'", wget_ssl_cmd);
if(! isdigit((int)(unsigned char)*(ndx+i)) && *(ndx+i) != '.') return -1;
break;
}
*(ndx+i) = '\0';
if((sscanf(ndx, "%u.%u.%u.%u", &o1, &o2, &o3, &o4)) == 4
&& o1 >= 0 && o1 <= 255
&& o2 >= 0 && o2 <= 255
&& o3 >= 0 && o3 <= 255
&& o4 >= 0 && o4 <= 255)
{
strlcpy(options->allow_ip_str, ndx, sizeof(options->allow_ip_str));
log_msg(LOG_VERBOSITY_INFO,
"\n[+] Resolved external IP (via '%s') as: %s",
wget_ssl_cmd, options->allow_ip_str);
return 1;
}
} }
log_msg(LOG_VERBOSITY_ERROR,
"[-] Could not resolve IP via: '%s'", wget_ssl_cmd); memset(&hints, 0, sizeof(struct addrinfo));
return -1; hints.ai_family = AF_UNSPEC; /* Allow IPv4 or IPv6 */
hints.ai_flags = AI_NUMERICHOST | AI_CANONNAME;
error = getaddrinfo(resp, NULL, &hints, &result);
if (error != 0)
{
log_msg(LOG_VERBOSITY_ERROR,
"[-] Could not resolve IP via: '%s'", wget_ssl_cmd);
return(-1);
}
for (rp = result; rp != NULL; rp = rp->ai_next) {
/* the canonical value is in the first structure returned */
strlcpy(options->allow_ip_str,
rp->ai_canonname, sizeof(options->allow_ip_str));
break;
}
freeaddrinfo(result);
log_msg(LOG_VERBOSITY_INFO,
"\n[+] Resolved external IP (via '%s') as: %s",
wget_ssl_cmd, options->allow_ip_str);
return 1;
} }
int int