summaryrefslogtreecommitdiff
path: root/opentracker.c
diff options
context:
space:
mode:
Diffstat (limited to 'opentracker.c')
-rw-r--r--opentracker.c50
1 files changed, 38 insertions, 12 deletions
diff --git a/opentracker.c b/opentracker.c
index 2ca9e06..ff2409c 100644
--- a/opentracker.c
+++ b/opentracker.c
@@ -104,7 +104,7 @@ static void install_signal_handlers( void ) {
104} 104}
105 105
106static void usage( char *name ) { 106static void usage( char *name ) {
107 fprintf( stderr, "Usage: %s [-i ip] [-p port] [-P port] [-r redirect] [-d dir] [-u user] [-A ip] [-f config] [-s livesyncport]" 107 fprintf( stderr, "Usage: %s [-i ip] [-p port] [-P port] [-r redirect] [-d dir] [-u user] [-A ip[/bits]] [-f config] [-s livesyncport]"
108#ifdef WANT_ACCESSLIST_BLACK 108#ifdef WANT_ACCESSLIST_BLACK
109 " [-b blacklistfile]" 109 " [-b blacklistfile]"
110#elif defined ( WANT_ACCESSLIST_WHITE ) 110#elif defined ( WANT_ACCESSLIST_WHITE )
@@ -124,7 +124,7 @@ static void help( char *name ) {
124 HELPLINE("-r redirecturl","specify url where / should be redirected to (default none)"); 124 HELPLINE("-r redirecturl","specify url where / should be redirected to (default none)");
125 HELPLINE("-d dir","specify directory to try to chroot to (default: \".\")"); 125 HELPLINE("-d dir","specify directory to try to chroot to (default: \".\")");
126 HELPLINE("-u user","specify user under whose privileges opentracker should run (default: \"nobody\")"); 126 HELPLINE("-u user","specify user under whose privileges opentracker should run (default: \"nobody\")");
127 HELPLINE("-A ip","bless an ip address as admin address (e.g. to allow syncs from this address)"); 127 HELPLINE("-A ip[/bits]","bless an ip address or net as admin address (e.g. to allow syncs from this address)");
128#ifdef WANT_ACCESSLIST_BLACK 128#ifdef WANT_ACCESSLIST_BLACK
129 HELPLINE("-b file","specify blacklist file."); 129 HELPLINE("-b file","specify blacklist file.");
130#elif defined( WANT_ACCESSLIST_WHITE ) 130#elif defined( WANT_ACCESSLIST_WHITE )
@@ -395,7 +395,7 @@ static int scan_ip6_port( const char *src, ot_ip6 ip, uint16 *port ) {
395 s += off; 395 s += off;
396 if( bracket && *s == ']' ) ++s; 396 if( bracket && *s == ']' ) ++s;
397 if( *s == 0 || isspace(*s)) return s-src; 397 if( *s == 0 || isspace(*s)) return s-src;
398 if( !ip6_isv4mapped(ip)){ 398 if( !ip6_isv4mapped(ip)) {
399 if( *s != ':' && *s != '.' ) return 0; 399 if( *s != ':' && *s != '.' ) return 0;
400 if( !bracket && *(s) == ':' ) return 0; 400 if( !bracket && *(s) == ':' ) return 0;
401 s++; 401 s++;
@@ -407,10 +407,35 @@ static int scan_ip6_port( const char *src, ot_ip6 ip, uint16 *port ) {
407 return off+s-src; 407 return off+s-src;
408} 408}
409 409
410static int scan_ip6_net( const char *src, ot_net *net) {
411 const char *s = src;
412 int off;
413 while( isspace(*s) ) ++s;
414 if( !(off = scan_ip6( s, net->address ) ) )
415 return 0;
416 s += off;
417 if(*s!='/')
418 net->bits = 128;
419 else {
420 s++;
421 if( !(off = scan_int (s, &net->bits ) ) )
422 return 0;
423 if( ip6_isv4mapped(net->address))
424 net->bits += 96;
425 if(net->bits > 128)
426 return 0;
427 s += off;
428 }
429 return off+s-src;
430}
431
410int parse_configfile( char * config_filename ) { 432int parse_configfile( char * config_filename ) {
411 FILE * accesslist_filehandle; 433 FILE * accesslist_filehandle;
412 char inbuf[512]; 434 char inbuf[512];
413 ot_ip6 tmpip; 435 ot_ip6 tmpip;
436#if defined(WANT_RESTRICT_STATS) || defined(WANT_IP_FROM_PROXY) || defined(WANT_SYNC_LIVE)
437 ot_net tmpnet;
438#endif
414 int bound = 0; 439 int bound = 0;
415 440
416 accesslist_filehandle = fopen( config_filename, "r" ); 441 accesslist_filehandle = fopen( config_filename, "r" );
@@ -474,22 +499,22 @@ int parse_configfile( char * config_filename ) {
474#endif 499#endif
475#ifdef WANT_RESTRICT_STATS 500#ifdef WANT_RESTRICT_STATS
476 } else if(!byte_diff(p, 12, "access.stats" ) && isspace(p[12])) { 501 } else if(!byte_diff(p, 12, "access.stats" ) && isspace(p[12])) {
477 if( !scan_ip6( p+13, tmpip )) goto parse_error; 502 if( !scan_ip6_net( p+13, &tmpnet )) goto parse_error;
478 accesslist_blessip( tmpip, OT_PERMISSION_MAY_STAT ); 503 accesslist_bless_net( &tmpnet, OT_PERMISSION_MAY_STAT );
479#endif 504#endif
480 } else if(!byte_diff(p, 17, "access.stats_path" ) && isspace(p[17])) { 505 } else if(!byte_diff(p, 17, "access.stats_path" ) && isspace(p[17])) {
481 set_config_option( &g_stats_path, p+18 ); 506 set_config_option( &g_stats_path, p+18 );
482#ifdef WANT_IP_FROM_PROXY 507#ifdef WANT_IP_FROM_PROXY
483 } else if(!byte_diff(p, 12, "access.proxy" ) && isspace(p[12])) { 508 } else if(!byte_diff(p, 12, "access.proxy" ) && isspace(p[12])) {
484 if( !scan_ip6( p+13, tmpip )) goto parse_error; 509 if( !scan_ip6_net( p+13, &tmpnet )) goto parse_error;
485 accesslist_blessip( tmpip, OT_PERMISSION_MAY_PROXY ); 510 accesslist_bless_net( &tmpnet, OT_PERMISSION_MAY_PROXY );
486#endif 511#endif
487 } else if(!byte_diff(p, 20, "tracker.redirect_url" ) && isspace(p[20])) { 512 } else if(!byte_diff(p, 20, "tracker.redirect_url" ) && isspace(p[20])) {
488 set_config_option( &g_redirecturl, p+21 ); 513 set_config_option( &g_redirecturl, p+21 );
489#ifdef WANT_SYNC_LIVE 514#ifdef WANT_SYNC_LIVE
490 } else if(!byte_diff(p, 24, "livesync.cluster.node_ip" ) && isspace(p[24])) { 515 } else if(!byte_diff(p, 24, "livesync.cluster.node_ip" ) && isspace(p[24])) {
491 if( !scan_ip6( p+25, tmpip )) goto parse_error; 516 if( !scan_ip6_net( p+25, &tmpnet )) goto parse_error;
492 accesslist_blessip( tmpip, OT_PERMISSION_MAY_LIVESYNC ); 517 accesslist_bless_net( &tmpnet, OT_PERMISSION_MAY_LIVESYNC );
493 } else if(!byte_diff(p, 23, "livesync.cluster.listen" ) && isspace(p[23])) { 518 } else if(!byte_diff(p, 23, "livesync.cluster.listen" ) && isspace(p[23])) {
494 uint16_t tmpport = LIVESYNC_PORT; 519 uint16_t tmpport = LIVESYNC_PORT;
495 if( !scan_ip6_port( p+24, tmpip, &tmpport )) goto parse_error; 520 if( !scan_ip6_port( p+24, tmpip, &tmpport )) goto parse_error;
@@ -591,7 +616,8 @@ int drop_privileges ( const char * const serveruser, const char * const serverdi
591} 616}
592 617
593int main( int argc, char **argv ) { 618int main( int argc, char **argv ) {
594 ot_ip6 serverip, tmpip; 619 ot_ip6 serverip;
620 ot_net tmpnet;
595 int bound = 0, scanon = 1; 621 int bound = 0, scanon = 1;
596 uint16_t tmpport; 622 uint16_t tmpport;
597 char * statefile = 0; 623 char * statefile = 0;
@@ -641,8 +667,8 @@ int main( int argc, char **argv ) {
641 case 'r': set_config_option( &g_redirecturl, optarg ); break; 667 case 'r': set_config_option( &g_redirecturl, optarg ); break;
642 case 'l': statefile = optarg; break; 668 case 'l': statefile = optarg; break;
643 case 'A': 669 case 'A':
644 if( !scan_ip6( optarg, tmpip )) { usage( argv[0] ); exit( 1 ); } 670 if( !scan_ip6_net( optarg, &tmpnet )) { usage( argv[0] ); exit( 1 ); }
645 accesslist_blessip( tmpip, 0xffff ); /* Allow everything for now */ 671 accesslist_bless_net( &tmpnet, 0xffff ); /* Allow everything for now */
646 break; 672 break;
647 case 'f': bound += parse_configfile( optarg ); break; 673 case 'f': bound += parse_configfile( optarg ); break;
648 case 'h': help( argv[0] ); exit( 0 ); 674 case 'h': help( argv[0] ); exit( 0 );
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-30 16:39:48 +0000