> + <function moreinfo=3D"none">dns_nc_match_ip(hostname, ipaddr)</fun= ction>

From klaus.mailinglists@pernau.at Mon Jul 15 10:35:49 2013 From: Klaus Darilion To: sr-dev@lists.kamailio.org Subject: Re: [sr-dev] git:master: ipops: new cfg function dns_nc_match_ip(hostname, ipaddr) Date: Mon, 15 Jul 2013 10:35:42 +0200 Message-ID: <51E3B45E.8050407@pernau.at> In-Reply-To: <20130712113401.78493EF8077@rimmer.ryngle.com> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============0180856431==" --===============0180856431== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Hi Daniel! Does it both, A and AAAA lookups and can it handle multiple answer RRs? regards Klaus On 12.07.2013 13:34, Daniel-Constantin Mierla wrote: > Module: sip-router > Branch: master > Commit: ccebf9e536d7d5ea8fc824ea089d501e888b37c8 > URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=3Dcommit= ;h=3Dccebf9e536d7d5ea8fc824ea089d501e888b37c8 > > Author: Daniel-Constantin Mierla > Committer: Daniel-Constantin Mierla > Date: Fri Jul 12 13:31:12 2013 +0200 > > ipops: new cfg function dns_nc_match_ip(hostname, ipaddr) > > - do dns query for the hostname and compare the result to see if is a > match with ipaddr > > --- > > modules/ipops/README | 24 ++++++++++ > modules/ipops/doc/ipops_admin.xml | 45 ++++++++++++++++++++ > modules/ipops/ipops_mod.c | 84 ++++++++++++++++++++++++++++++++= +++++ > 3 files changed, 153 insertions(+), 0 deletions(-) > > diff --git a/modules/ipops/README b/modules/ipops/README > index bd79553..901535a 100644 > --- a/modules/ipops/README > +++ b/modules/ipops/README > @@ -36,6 +36,7 @@ I > 4.8. compare_pure_ips (ip1, ip2) > 4.9. is_ip_rfc1918 (ip) > 4.10. is_in_subnet (ip, subnet) > + 4.11. dns_nc_match_ip(hostname, ipaddr) > > List of Examples > > @@ -49,6 +50,7 @@ I > 1.8. compare_pure_ips usage > 1.9. is_ip_rfc1918 usage > 1.10. is_in_subnet usage > + 1.11. dns_nc_match_ip usage > > Chapter 1. Admin Guide > > @@ -73,6 +75,7 @@ Chapter 1. Admin Guide > 4.8. compare_pure_ips (ip1, ip2) > 4.9. is_ip_rfc1918 (ip) > 4.10. is_in_subnet (ip, subnet) > + 4.11. dns_nc_match_ip(hostname, ipaddr) > > 1. Overview > > @@ -124,6 +127,7 @@ Chapter 1. Admin Guide > 4.8. compare_pure_ips (ip1, ip2) > 4.9. is_ip_rfc1918 (ip) > 4.10. is_in_subnet (ip, subnet) > + 4.11. dns_nc_match_ip(hostname, ipaddr) > > 4.1. is_ip (ip) > > @@ -329,3 +333,23 @@ if (is_in_subnet("10.0.123.123", "10.0.123.1/24")) { > xlog("L_INFO", "it's in the subnet\n"); > } > ... > + > +4.11. dns_nc_match_ip(hostname, ipaddr) > + > + Returns TRUE if ipaddr is associated by DNS to hostname. FALSE > + otherwise. It does not use the internal DNS cache, but directly > + getaddrinfo(...). > + > + Parameters: > + * ipaddr - string or pseudo-variable containing the ip address. > + * hostname - string or pseudo-variable containing the hostname. The > + resulting IP addresses from DNS query are compared with ipaddress. > + > + This function can be used from ANY_ROUTE. > + > + Example 1.11. dns_nc_match_ip usage > +... > +if (!dns_nc_match_ip("myhost.com", "1.2.3.4")) { > + xdbg("ip address not associated with hostname\n"); > +} > +... > diff --git a/modules/ipops/doc/ipops_admin.xml b/modules/ipops/doc/ipops_ad= min.xml > index c7ce810..afb03d8 100644 > --- a/modules/ipops/doc/ipops_admin.xml > +++ b/modules/ipops/doc/ipops_admin.xml > @@ -529,6 +529,51 @@ if (is_in_subnet("10.0.123.123", "10.0.123.1/24")) { > > > > +

> + > + <function moreinfo=3D"none">dns_nc_match_ip(hostname, ipaddr)</fun= ction> > + > + > + > + Returns TRUE if ipaddr is associated by DNS to hostname. FALSE otherwi= se. It > + does not use the internal DNS cache, but directly getaddrinfo(...). > + > + > + Parameters: > + > + > + > + > + ipaddr - string or pseudo-variable contai= ning the ip address. > + > + > + > + > + hostname - string or pseudo-variable containing = the hostname. > + The resulting IP addresses from DNS query are compared with ipaddress. > + > + > + > + > + > + This function can be used from ANY_ROUTE. > + > + > + > + > + <function>dns_nc_match_ip</function> usage > + > + > +... > +if (!dns_nc_match_ip("myhost.com", "1.2.3.4")) { > + xdbg("ip address not associated with hostname\n"); > +} > +... > + > + > + > +

> + > > > > diff --git a/modules/ipops/ipops_mod.c b/modules/ipops/ipops_mod.c > index 164177b..d21546c 100644 > --- a/modules/ipops/ipops_mod.c > +++ b/modules/ipops/ipops_mod.c > @@ -40,12 +40,16 @@ > #include > #include > #include > +#include > +#include > +#include > #include > #include "../../sr_module.h" > #include "../../dprint.h" > #include "../../str.h" > #include "../../mod_fix.h" > #include "../../pvar.h" > +#include "../../resolve.h" > #include "api.h" > #include "ip_parser.h" > #include "rfc1918_parser.h" > @@ -83,6 +87,7 @@ static int w_compare_ips(struct sip_msg*, char*, char*); > static int w_compare_pure_ips(struct sip_msg*, char*, char*); > static int w_is_ip_rfc1918(struct sip_msg*, char*); > static int w_ip_is_in_subnet(struct sip_msg*, char*, char*); > +static int w_dns_nc_match_ip(sip_msg_t*, char*, char*); > > > /* > @@ -110,6 +115,8 @@ static cmd_export_t cmds[] =3D > REQUEST_ROUTE|FAILURE_ROUTE|ONREPLY_ROUTE|BRANCH_ROUTE|LOCAL_ROUTE }, > { "is_in_subnet", (cmd_function)w_ip_is_in_subnet, 2, fixup_spve_spve, = 0, > REQUEST_ROUTE|FAILURE_ROUTE|ONREPLY_ROUTE|BRANCH_ROUTE|LOCAL_ROUTE }, > + { "dns_nc_match_ip", (cmd_function)w_dns_nc_match_ip, 2, fixup_spve_spve= , 0, > + ANY_ROUTE }, > { "bind_ipops", (cmd_function)bind_ipops, 0, 0, 0, 0}, > { 0, 0, 0, 0, 0, 0 } > }; > @@ -596,3 +603,80 @@ static int w_is_ip_rfc1918(struct sip_msg* _msg, char*= _s) > else > return -1; > } > + > +static inline ip_addr_t *strtoipX(str *ips) > +{ > + /* try to figure out INET class */ > + if(ips->s[0] =3D=3D '[' || memchr(ips->s, ':', ips->len)!=3DNULL) > + { > + /* IPv6 */ > + return str2ip6(ips); > + } else { > + /* IPv4 */ > + return str2ip(ips); > + } > +} > + > +static int w_dns_nc_match_ip(sip_msg_t *msg, char *hnp, char *ipp) > +{ > + struct addrinfo hints, *res, *p; > + int status; > + ip_addr_t *ipa; > + void *addr; > + str hns; > + str ips; > + struct sockaddr_in *ipv4; > + struct sockaddr_in6 *ipv6; > + > + if (fixup_get_svalue(msg, (gparam_p)hnp, &hns)) > + { > + LM_ERR("cannot evaluate hostname parameter\n"); > + return -2; > + } > + > + if (fixup_get_svalue(msg, (gparam_p)ipp, &ips)) > + { > + LM_ERR("cannot evaluate ip address parameter\n"); > + return -2; > + } > + > + ipa =3D strtoipX(&ips); > + if(ipa=3D=3DNULL) > + { > + LM_ERR("invalid ip address: %.*s\n", ips.len, ips.s); > + return -3; > + } > + > + memset(&hints, 0, sizeof(hints)); > + hints.ai_family =3D AF_UNSPEC; /* allow any of AF_INET or AF_INET6 */ > + > + if ((status =3D getaddrinfo(hns.s, NULL, &hints, &res)) !=3D 0) > + { > + LM_ERR("getaddrinfo: %s\n", gai_strerror(status)); > + return -2; > + } > + > + for(p =3D res;p !=3D NULL; p =3D p->ai_next) > + { > + if(p->ai_family=3D=3Dipa->af) > + { > + if (p->ai_family=3D=3DAF_INET) > + { > + ipv4 =3D (struct sockaddr_in *)p->ai_addr; > + addr =3D &(ipv4->sin_addr); > + } else { > + ipv6 =3D (struct sockaddr_in6 *)p->ai_addr; > + addr =3D &(ipv6->sin6_addr); > + } > + if(memcmp(ipa->u.addr, addr, ipa->len)=3D=3D0) > + { > + /* matched IP */ > + freeaddrinfo(res); > + return 1; > + } > + } > + } > + freeaddrinfo(res); > + > + return -1; > +} > > > _______________________________________________ > sr-dev mailing list > sr-dev(a)lists.sip-router.org > http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev > --===============0180856431==--