[sr-dev] [ openser-Bugs-2963040 ] allow_source_address_group() not matching correctly

[SourceForge.net]

Bugs item #2963040, was opened at 2010-03-04 04:04
Message generated for change (Comment added) made by miconda
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=743020&aid=2963040&group_id=139143

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: modules
Group: ver devel
>Status: Closed
>Resolution: Fixed
Priority: 5
Private: No
Submitted By: Nobody/Anonymous (nobody)
Assigned to: Nobody/Anonymous (nobody)
Summary: allow_source_address_group() not matching correctly

Initial Comment:
IP address subnet matching does not work properly when using the allow_source_address_group() function from the Permissions module.
The problem comes from /modules_k/permissions/hash.c:568 in function find_group_in_subnet_table(). 

subnet = ip_addr << table[i].mask;
should be
subnet = htonl(ntohl(ip_addr) >> table[i].mask);


Here is a git diff to fix it:

diff --git a/modules_k/permissions/hash.c b/modules_k/permissions/hash.c
index 7358225..7917d5a 100644
--- a/modules_k/permissions/hash.c
+++ b/modules_k/permissions/hash.c
@@ -565,7 +565,7 @@ int find_group_in_subnet_table(struct subnet* table,
 
     i = 0;
     while (i < count) {
-       subnet = ip_addr << table[i].mask;
+       subnet = htonl(ntohl(ip_addr) >> table[i].mask); //ip_addr << table[i].mask;
        if ((table[i].subnet == subnet) &&
            ((table[i].port == port) || (table[i].port == 0)))
            return table[i].grp;

----------------------------------------------------------------------

>Comment By: Daniel-Constantin Mierla (miconda)
Date: 2010-03-17 20:41

Message:
Patch was applied.

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=743020&aid=2963040&group_id=139143