RMPS: validate IPs for listeners

2019-01-17 01:08:07 +02:00
parent 3afbf4d0cb
commit 85c0e8db3d
2 changed files with 14 additions and 7 deletions
--- a/src/confparser.c
+++ b/src/confparser.c
@@ -299,7 +299,7 @@ static bool test_conf_syntax(char *config)
 		} else if (!strcmp(line, "db.pass"))
 			asprintf(&conf.db.pass, "%s", val_ptr);
 		else if (!strcmp(line, "rmps.agent_ip")) {
-			/* TODO */
+			asprintf(&conf.rmps.agent_ip, "%s", val_ptr);
 		} else if (!strcmp(line, "rmps.agent_port")) {
 			i = strlen(val_ptr);
 			if (i < 6) { /* max 5 digits for network port */
@@ -316,7 +316,7 @@ static bool test_conf_syntax(char *config)
 			val_ok = false;
 			failed = true;
 		} else if (!strcmp(line, "rmps.client_ip")) {
-			/* TODO */
+			asprintf(&conf.rmps.client_ip, "%s", val_ptr);
 		} else if (!strcmp(line, "rmps.client_port")) {
 			i = strlen(val_ptr);
 			if (i < 6) { /* max 5 digits for network port */
--- a/src/rmps.c
+++ b/src/rmps.c
@@ -42,7 +42,7 @@ static void set_env(void);
 static void daemonize(const char *rundir);
 static void spawn_pidfile(const char *pidfile);
 static inline int set_reuse_addr(int sockfd);
-static int open_listener(int port);
+static int open_listener(char *ip, int port);
 static void cleanup(void);
 static void signal_handler(int sig);
 static void load_certificates(SSL_CTX *ctx, const char *certfile,
@@ -190,7 +190,7 @@ static inline int set_reuse_addr(int sockfd)
 		&yes, sizeof(yes));
 }

-static int open_listener(int port)
+static int open_listener(char *ip, int port)
 {
 	int sd;
 	struct sockaddr_in addr;
@@ -198,7 +198,14 @@ static int open_listener(int port)
 	bzero(&addr, sizeof(addr));
 	addr.sin_family = AF_INET;
 	addr.sin_port = htons(port);
-	addr.sin_addr.s_addr = INADDR_ANY;
+	unsigned long tmp;
+	if (strncmp(ip, "any", strlen(ip)) == 0)
+		addr.sin_addr.s_addr = INADDR_ANY;
+	else if (!inet_pton(AF_INET, ip, &tmp)) {
+		log(ERROR, "Invalid IP address: %s", ip);
+		exit(EXIT_FAILURE);
+	} else
+		addr.sin_addr.s_addr = inet_addr(ip);
 	sd = socket(addr.sin_family, SOCK_STREAM, 0);
 	if (sd < 0) {
 		log(ERROR, "Failed to create socket - Aborting RMPS...");
@@ -358,7 +365,7 @@ void rmps_launch(int fork_flag)
 		conf.rmps.agent_tls_key, conf.rmps.cafile);
 	log(VERBOSE, "Starting agent listener on port: %d",
 		atoi(conf.rmps.agent_port));
-	pool_args[0].srv = open_listener(atoi(conf.rmps.agent_port));
+	pool_args[0].srv = open_listener(conf.rmps.agent_ip, atoi(conf.rmps.agent_port));
 	pool_args[0].size = conf.rmps.agent_poolsize;
 	log(VERBOSE, "Creating agent thread pool (mutex).");
 	pthread_create(&pool[0], NULL, agent_pool, &pool_args[0]);
@@ -370,7 +377,7 @@ void rmps_launch(int fork_flag)
 		conf.rmps.client_tls_key, conf.rmps.cafile);
 	log(VERBOSE, "Starting client listener on port: %d",
 		atoi(conf.rmps.client_port));
-	pool_args[1].srv = open_listener(atoi(conf.rmps.client_port));
+	pool_args[1].srv = open_listener(conf.rmps.client_ip, atoi(conf.rmps.client_port));
 	pool_args[1].size = conf.rmps.client_poolsize;
 	log(VERBOSE, "Creating client thread pool (mutex).");
 	pthread_create(&pool[1], NULL, client_pool, &pool_args[1]);