X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/15b5fa9b34980810f58ffe729ffc9eb2016c09b2..3be6fc361f698f8df80d7be6f32e94a835d19ba1:/addrmatch.c?ds=sidebyside diff --git a/addrmatch.c b/addrmatch.c index a0559efa..d39885b7 100644 --- a/addrmatch.c +++ b/addrmatch.c @@ -1,4 +1,4 @@ -/* $OpenBSD: addrmatch.c,v 1.2 2008/06/10 05:22:45 djm Exp $ */ +/* $OpenBSD: addrmatch.c,v 1.4 2008/12/10 03:55:20 stevesk Exp $ */ /* * Copyright (c) 2004-2008 Damien Miller @@ -31,6 +31,7 @@ #include "match.h" #include "log.h" +#include "xmalloc.h" struct xaddr { sa_family_t af; @@ -97,7 +98,9 @@ addr_sa_to_xaddr(struct sockaddr *sa, socklen_t slen, struct xaddr *xa) return -1; xa->af = AF_INET6; memcpy(&xa->v6, &in6->sin6_addr, sizeof(xa->v6)); +#ifdef HAVE_STRUCT_SOCKADDR_IN6_SIN6_SCOPE_ID xa->scope_id = in6->sin6_scope_id; +#endif break; default: return -1; @@ -366,7 +369,8 @@ addr_netmatch(const struct xaddr *host, const struct xaddr *net, u_int masklen) * * Returns 1 on match found (never returned when addr == NULL). * Returns 0 on if no match found, or no errors found when addr == NULL. - * Returns -1 on invalid list entry. + * Returns -1 on negated match found (never returned when addr == NULL). + * Returns -2 on invalid list entry. */ int addr_match_list(const char *addr, const char *_list) @@ -387,7 +391,7 @@ addr_match_list(const char *addr, const char *_list) if (neg) cp++; if (*cp == '\0') { - ret = -1; + ret = -2; break; } /* Prefer CIDR address matching */ @@ -395,14 +399,14 @@ addr_match_list(const char *addr, const char *_list) if (r == -2) { error("Inconsistent mask length for " "network \"%.100s\"", cp); - ret = -1; + ret = -2; break; } else if (r == 0) { if (addr != NULL && addr_netmatch(&try_addr, &match_addr, masklen) == 0) { foundit: if (neg) { - ret = 0; + ret = -1; break; } ret = 1; @@ -414,7 +418,7 @@ addr_match_list(const char *addr, const char *_list) goto foundit; } } - free(o); + xfree(o); return ret; }