Match Class C,B,A addresses

2014-09-29 12:08:10 +02:00 · 2014-09-29 12:08:10 +02:00 · 76320c056b
commit 76320c056b
parent a11303bd58
2 changed files with 46 additions and 12 deletions
--- a/server/core/dbusers.c
+++ b/server/core/dbusers.c
@ -333,7 +333,7 @@ getUsers(SERVICE *service, struct users *users)
 			continue;
 		}

-		/* handle ANY, Class C */
+		/* handle ANY, Class C,B,A */

 		/* if host == '%', 0 serv_addrkeeps its 0 */
 		if (strcmp(row[1], "%") == 0) {
@ -342,20 +342,32 @@ getUsers(SERVICE *service, struct users *users)
 		} else {
 			char *tmp;
 			strcpy(ret_ip, row[1]);
-			if ((tmp = strrchr(ret_ip, '%')) != NULL) {
-				// found class C
-				found_range = 1;
-				// set fake 1
-				*tmp = '1';
+			tmp = ret_ip+strlen(ret_ip);
+
+			while(tmp) {
+				if (tmp == ‘%’) {
+					/* set last byte only to 1
+					 * avoiding setipadress failure
+					 * for Class C address
+					 */	
+					if (found_range == 1)
+						*tmp = ‘1’;
+					else
+						*tmp = ‘0’;
+
+					found_range++;
+				}
+				tmp--;
 			}
-		}
+
+                }

 		if (setipaddress(&serv_addr.sin_addr, ret_ip)) {

 			memcpy(&key.ipv4, &serv_addr, sizeof(serv_addr));

 			if (found_range) {
-				/* let's zero the last IP byte: a.b.c.0 */
+				/* let's zero the last IP byte: a.b.c.0 we set above to 1*/
 				key.ipv4.sin_addr.s_addr &= 0x00FFFFFF;
 			}

--- a/server/modules/protocol/mysql_common.c
+++ b/server/modules/protocol/mysql_common.c
@ -1350,7 +1350,6 @@ int gw_find_mysql_user_password_sha1(char *username, uint8_t *gateway_password,
        user_password = mysql_users_fetch(service->users, &key);

        if (!user_password) {
-		int lastbyte=0;
 		/* The user is not authenticated @ current host */

 		/* 1) Check for localhost first.
@ -1371,11 +1370,10 @@ int gw_find_mysql_user_password_sha1(char *username, uint8_t *gateway_password,
 		}

 		/*
-		 * 2) try class C
-		 * continue to wildcard if no match
+		 * 2) try class C,B,A
 		 */
-		lastbyte = key.ipv4.sin_addr.s_addr & 0xFF000000;

+		// Class C
 		key.ipv4.sin_addr.s_addr &= 0x00FFFFFF;

 		user_password = mysql_users_fetch(service->users, &key);
@ -1387,6 +1385,30 @@ int gw_find_mysql_user_password_sha1(char *username, uint8_t *gateway_password,
 		        return 0;
 		}

+		// Class B
+		key.ipv4.sin_addr.s_addr &= 0x0000FFFF;
+
+		user_password = mysql_users_fetch(service->users, &key);
+
+		if (user_password) {
+        		if (strlen(user_password))
+                		gw_hex2bin(gateway_password, user_password, SHA_DIGEST_LENGTH * 2);
+
+		        return 0;
+		}
+		
+		// Class A
+		key.ipv4.sin_addr.s_addr &= 0x000000FF;
+
+		user_password = mysql_users_fetch(service->users, &key);
+
+		if (user_password) {
+        		if (strlen(user_password))
+                		gw_hex2bin(gateway_password, user_password, SHA_DIGEST_LENGTH * 2);
+
+		        return 0;
+		}
+
 		/* 3) Continue and check for wildcard host, user@%
 		 * Return 1 if no match
 		 */