summaryrefslogtreecommitdiffhomepage
path: root/src
diff options
context:
space:
mode:
authorAnton Khirnov <anton@khirnov.net>2020-08-26 12:32:27 +0200
committerrofl0r <rofl0r@users.noreply.github.com>2020-10-19 20:08:31 +0100
commit3bb14e04405ef918487489abb644949d03d7baa8 (patch)
treedd65d7c9e6a07aca0557833914f91e31f77be4c7 /src
parent2b49ef0e0f653eec6a128050c12ae8f7d630b1af (diff)
Allow multiple Bind directives.
Try all the addresses specified with Bind in order. This is necessary e.g. for maintaining IPv4+6 connectivity while still being restricted to one interface.
Diffstat (limited to 'src')
-rw-r--r--src/conf.c25
-rw-r--r--src/conf.h2
-rw-r--r--src/sock.c27
3 files changed, 45 insertions, 9 deletions
diff --git a/src/conf.c b/src/conf.c
index e0d6634..7e3c031 100644
--- a/src/conf.c
+++ b/src/conf.c
@@ -291,6 +291,7 @@ void free_config (struct config_s *conf)
safefree (conf->group);
stringlist_free(conf->basicauth_list);
stringlist_free(conf->listen_addrs);
+ stringlist_free(conf->bind_addrs);
#ifdef FILTER_ENABLE
safefree (conf->filter);
#endif /* FILTER_ENABLE */
@@ -302,7 +303,6 @@ void free_config (struct config_s *conf)
free_upstream_list (conf->upstream_list);
#endif /* UPSTREAM_SUPPORT */
safefree (conf->pidpath);
- safefree (conf->bind_address);
safefree (conf->via_proxy_name);
if (conf->errorpages) {
it = 0;
@@ -796,12 +796,27 @@ static HANDLE_FUNC (handle_deny)
static HANDLE_FUNC (handle_bind)
{
- int r = set_string_arg (&conf->bind_address, line, &match[2]);
+ char *arg = get_string_arg (line, &match[2]);
+
+ if (arg == NULL) {
+ return -1;
+ }
+
+ if (conf->bind_addrs == NULL) {
+ conf->bind_addrs = sblist_new(sizeof(char*), 16);
+ if (conf->bind_addrs == NULL) {
+ CP_WARN ("Could not create a list "
+ "of bind addresses.", "");
+ safefree(arg);
+ return -1;
+ }
+ }
+
+ sblist_add (conf->bind_addrs, &arg);
- if (r)
- return r;
log_message (LOG_INFO,
- "Outgoing connections bound to IP %s", conf->bind_address);
+ "Added bind address [%s] for outgoing connections.", arg);
+
return 0;
}
diff --git a/src/conf.h b/src/conf.h
index 9453d66..9914049 100644
--- a/src/conf.h
+++ b/src/conf.h
@@ -68,7 +68,7 @@ struct config_s {
#endif /* UPSTREAM_SUPPORT */
char *pidpath;
unsigned int idletimeout;
- char *bind_address;
+ sblist *bind_addrs;
unsigned int bindsame;
/*
diff --git a/src/sock.c b/src/sock.c
index 28a7f88..70169a6 100644
--- a/src/sock.c
+++ b/src/sock.c
@@ -34,6 +34,7 @@
#include "text.h"
#include "conf.h"
#include "loop.h"
+#include "sblist.h"
/*
* Return a human readable error for getaddrinfo() and getnameinfo().
@@ -87,6 +88,26 @@ bind_socket (int sockfd, const char *addr, int family)
return sockfd;
}
+/**
+ * Try binding the given socket to supplied addresses, stopping when one succeeds.
+ */
+static int
+bind_socket_list (int sockfd, sblist *addresses, int family)
+{
+ size_t nb_addresses = sblist_getsize(addresses);
+ size_t i;
+
+ for (i = 0; i < nb_addresses; i++) {
+ const char *address = *(const char **)sblist_get(addresses, i);
+ if (bind_socket(sockfd, address, family) >= 0) {
+ log_message(LOG_INFO, "Bound to %s", address);
+ return 0;
+ }
+ }
+
+ return -1;
+}
+
/*
* Open a connection to a remote host. It's been re-written to use
* the getaddrinfo() library function, which allows for a protocol
@@ -134,9 +155,9 @@ int opensock (const char *host, int port, const char *bind_to)
close (sockfd);
continue; /* can't bind, so try again */
}
- } else if (config->bind_address) {
- if (bind_socket (sockfd, config->bind_address,
- res->ai_family) < 0) {
+ } else if (config->bind_addrs) {
+ if (bind_socket_list (sockfd, config->bind_addrs,
+ res->ai_family) < 0) {
close (sockfd);
continue; /* can't bind, so try again */
}