Make ACLs work correctly for streams. Try comparing the addresses in

host order rather than network order. Originally committed as revision 1597 to svn://svn.ffmpeg.org/ffmpeg/trunk
2003-02-23 20:35:47 +00:00 · 2003-02-23 20:35:47 +00:00 · efa04ce296
commit efa04ce296
parent df081b2f3b
1 changed files with 5 additions and 3 deletions
--- a/ffserver.c
+++ b/ffserver.c
@ -165,6 +165,7 @@ enum IPAddressAction {
 typedef struct IPAddressACL {
    struct IPAddressACL *next;
    enum IPAddressAction action;
+    /* These are in host order */
    struct in_addr first;
    struct in_addr last;
 } IPAddressACL;
@ -1076,9 +1077,10 @@ static int validate_acl(FFStream *stream, HTTPContext *c)
    enum IPAddressAction last_action = IP_DENY;
    IPAddressACL *acl;
    struct in_addr *src = &c->from_addr.sin_addr;
+    unsigned long src_addr = ntohl(src->s_addr);

    for (acl = stream->acl; acl; acl = acl->next) {
-        if (src->s_addr >= acl->first.s_addr && src->s_addr <= acl->last.s_addr) {
+        if (src_addr >= acl->first.s_addr && src_addr <= acl->last.s_addr) {
            return (acl->action == IP_ALLOW) ? 1 : 0;
        }
        last_action = acl->action;
@ -4095,7 +4097,7 @@ static int parse_ffconfig(const char *filename)
                errors++;
            } else {
                /* Only take the first */
-                acl.first = *(struct in_addr *) he->h_addr_list[0];
+                acl.first.s_addr = ntohl(((struct in_addr *) he->h_addr_list[0])->s_addr);
                acl.last = acl.first;
            }

@ -4109,7 +4111,7 @@ static int parse_ffconfig(const char *filename)
                    errors++;
                } else {
                    /* Only take the first */
-                    acl.last = *(struct in_addr *) he->h_addr_list[0];
+                    acl.last.s_addr = ntohl(((struct in_addr *) he->h_addr_list[0])->s_addr);
                }
            }