Skip to content

F
ffmpeg-mt
Commit 2e23b923 authored by philipjsg's avatar philipjsg
Browse files
Options

Make ACLs work correctly for streams. Try comparing the addresses in 

host order rather than network order.


git-svn-id: file:///var/local/repositories/ffmpeg/trunk@1597 9553f0bf-9b14-0410-a0b8-cfaf0461ba5b
parent 1e20edf0
Show whitespace changes
Inline Side-by-side
Showing with 5 additions and 3 deletions
ffserver.c
View file @ 2e23b923
...@@ -165,6 +165,7 @@ enum IPAddressAction { ...@@ -165,6 +165,7 @@ enum IPAddressAction {
typedef struct IPAddressACL { typedef struct IPAddressACL {
struct IPAddressACL *next; struct IPAddressACL *next;
enum IPAddressAction action; enum IPAddressAction action;
/* These are in host order */
struct in_addr first; struct in_addr first;
struct in_addr last; struct in_addr last;
} IPAddressACL; } IPAddressACL;
...@@ -1076,9 +1077,10 @@ static int validate_acl(FFStream *stream, HTTPContext *c) ...@@ -1076,9 +1077,10 @@ static int validate_acl(FFStream *stream, HTTPContext *c)
enum IPAddressAction last_action = IP_DENY; enum IPAddressAction last_action = IP_DENY;
IPAddressACL *acl; IPAddressACL *acl;
struct in_addr *src = &c->from_addr.sin_addr; struct in_addr *src = &c->from_addr.sin_addr;
unsigned long src_addr = ntohl(src->s_addr);
for (acl = stream->acl; acl; acl = acl->next) { for (acl = stream->acl; acl; acl = acl->next) {
if (src->s_addr >= acl->first.s_addr && src->s_addr <= acl->last.s_addr) { if (src_addr >= acl->first.s_addr && src_addr <= acl->last.s_addr) {
return (acl->action == IP_ALLOW) ? 1 : 0; return (acl->action == IP_ALLOW) ? 1 : 0;
} }
last_action = acl->action; last_action = acl->action;
...@@ -4095,7 +4097,7 @@ static int parse_ffconfig(const char *filename) ...@@ -4095,7 +4097,7 @@ static int parse_ffconfig(const char *filename)
errors++; errors++;
} else { } else {
/* Only take the first */ /* Only take the first */
acl.first = *(struct in_addr *) he->h_addr_list[0]; acl.first.s_addr = ntohl(((struct in_addr *) he->h_addr_list[0])->s_addr);
acl.last = acl.first; acl.last = acl.first;
} }
...@@ -4109,7 +4111,7 @@ static int parse_ffconfig(const char *filename) ...@@ -4109,7 +4111,7 @@ static int parse_ffconfig(const char *filename)
errors++; errors++;
} else { } else {
/* Only take the first */ /* Only take the first */
acl.last = *(struct in_addr *) he->h_addr_list[0]; acl.last.s_addr = ntohl(((struct in_addr *) he->h_addr_list[0])->s_addr);
} }
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment