From: Paul Mackerras <paulus@samba.org>
Date: Wed, 18 May 1994 05:59:43 +0000 (+0000)
Subject: add check for IP addresses that we don't want to use
X-Git-Tag: ppp-2-1-2a~51
X-Git-Url: http://git.ozlabs.org/?p=ppp.git;a=commitdiff_plain;h=3b733a69c54d2572012620fcaba9b1ca9ca0ac9e

add check for IP addresses that we don't want to use
(loopback or multicast addresses).
---

diff --git a/pppd/auth.c b/pppd/auth.c
index ea6bf7b..6685ea9 100644
--- a/pppd/auth.c
+++ b/pppd/auth.c
@@ -33,7 +33,7 @@
  */
 
 #ifndef lint
-static char rcsid[] = "$Id: auth.c,v 1.3 1994/04/18 03:59:28 paulus Exp $";
+static char rcsid[] = "$Id: auth.c,v 1.4 1994/05/18 05:59:43 paulus Exp $";
 #endif
 
 #include <stdio.h>
@@ -696,6 +696,10 @@ auth_ip_addr(unit, addr)
     struct hostent *hp;
     struct wordlist *addrs;
 
+    /* don't allow loopback or multicast address */
+    if (bad_ip_adrs(addr))
+	return 0;
+
     if ((addrs = addresses[unit]) == NULL)
 	return 1;		/* no restriction */
 
@@ -717,6 +721,20 @@ auth_ip_addr(unit, addr)
     return 0;			/* not in list => can't have it */
 }
 
+/*
+ * bad_ip_adrs - return 1 if the IP address is one we don't want
+ * to use, such as an address in the loopback net or a multicast address.
+ * addr is in network byte order.
+ */
+int
+bad_ip_adrs(addr)
+    u_long addr;
+{
+    addr = ntohl(addr);
+    return (addr >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET
+	|| IN_MULTICAST(addr) || IN_BADCLASS(addr);
+}
+
 /*
  * check_access - complain if a secret file has too-liberal permissions.
  */