Skip site navigation (1)Skip section navigation (2)


| raw e-mail | index | archive | help
commit a59e7964d58a07bfb570c540a72bf805678034fe
Author:     Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2025-06-27 12:15:18 +0000
Commit:     Kristof Provost <kp@FreeBSD.org>
CommitDate: 2025-06-30 15:00:28 +0000

    pfctl: Zap v4mask and v6mask in host()
    
    Simply defer checks whether a mask has been specified to where it's set in
    host_*(); this is to reduce address family specific code.
    
    OK sashan
    
    Obtained from:  OpenBSD, kn <kn@openbsd.org>, 17e25e9423
    Sponsored by:   Rubicon Communications, LLC ("Netgate")
---
 sbin/pfctl/pfctl_parser.c | 22 +++++++++-------------
 1 file changed, 9 insertions(+), 13 deletions(-)

diff --git a/sbin/pfctl/pfctl_parser.c b/sbin/pfctl/pfctl_parser.c
index 67b63ebf8229..d3017bbd2568 100644
--- a/sbin/pfctl/pfctl_parser.c
+++ b/sbin/pfctl/pfctl_parser.c
@@ -77,7 +77,7 @@ int		 ifa_skip_if(const char *filter, struct node_host *p);
 struct node_host	*host_if(const char *, int);
 struct node_host	*host_v4(const char *, int);
 struct node_host	*host_v6(const char *, int);
-struct node_host	*host_dns(const char *, int, int, int);
+struct node_host	*host_dns(const char *, int, int);
 
 const char * const tcpflags = "FSRPAUEWe";
 
@@ -1803,12 +1803,12 @@ struct node_host *
 host(const char *s, int opts)
 {
 	struct node_host	*h = NULL;
-	int			 mask, v4mask, v6mask = 128;
+	int			 mask = -1;
 	char			*p, *ps;
 	const char		*errstr;
 
 	if ((p = strrchr(s, '/')) != NULL) {
-		mask = strtonum(p+1, 0, v6mask, &errstr);
+		mask = strtonum(p+1, 0, 128, &errstr);
 		if (errstr) {
 			fprintf(stderr, "netmask is %s: %s\n", errstr, p);
 			goto error;
@@ -1816,19 +1816,15 @@ host(const char *s, int opts)
 		if ((ps = malloc(strlen(s) - strlen(p) + 1)) == NULL)
 			err(1, "host: malloc");
 		strlcpy(ps, s, strlen(s) - strlen(p) + 1);
-		v4mask = v6mask = mask;
 	} else {
 		if ((ps = strdup(s)) == NULL)
 			err(1, "host: strdup");
-		v4mask = 32;
-		v6mask = 128;
-		mask = -1;
 	}
 
 	if ((h = host_v4(s, mask)) == NULL &&
-	    (h = host_v6(ps, v6mask)) == NULL &&
+	    (h = host_v6(ps, mask)) == NULL &&
 	    (h = host_if(ps, mask)) == NULL &&
-	    (h = host_dns(ps, v4mask, v6mask, (opts & PF_OPT_NODNS))) == NULL) {
+	    (h = host_dns(ps, mask, (opts & PF_OPT_NODNS))) == NULL) {
 		fprintf(stderr, "no IP address found for %s\n", s);
 		goto error;
 	}
@@ -1877,7 +1873,7 @@ host_if(const char *s, int mask)
 		/* interface with this name exists */
 		h = ifa_lookup(ps, flags);
 		for (n = h; n != NULL && mask > -1; n = n->next)
-			set_ipmask(n, mask);
+			set_ipmask(n, mask > -1 ? mask : 128);
 	}
 
 	free(ps);
@@ -1944,7 +1940,7 @@ host_v6(const char *s, int mask)
 }
 
 struct node_host *
-host_dns(const char *s, int v4mask, int v6mask, int numeric)
+host_dns(const char *s, int mask, int numeric)
 {
 	struct addrinfo		 hints, *res0, *res;
 	struct node_host	*n, *h = NULL;
@@ -1990,7 +1986,7 @@ host_dns(const char *s, int v4mask, int v6mask, int numeric)
 			    &((struct sockaddr_in *)
 			    res->ai_addr)->sin_addr.s_addr,
 			    sizeof(struct in_addr));
-			set_ipmask(n, v4mask);
+			set_ipmask(n, mask > -1 ? mask : 32);
 		} else {
 			memcpy(&n->addr.v.a.addr,
 			    &((struct sockaddr_in6 *)
@@ -1999,7 +1995,7 @@ host_dns(const char *s, int v4mask, int v6mask, int numeric)
 			n->ifindex =
 			    ((struct sockaddr_in6 *)
 			    res->ai_addr)->sin6_scope_id;
-			set_ipmask(n, v6mask);
+			set_ipmask(n, mask > -1 ? mask : 128);
 		}
 		n->next = NULL;
 		n->tail = n;



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?>