* DNS name length must not exceed 255 characters
* DNS name characters must be limited to alphanumeric,
dash ('-'), and dot ('.')
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3312 e7ae566f-a301-0410-adde-c780ea21d3b5
... | ... |
@@ -294,13 +294,25 @@ ip_addr_dotted_quad_safe (const char *dotted_quad) |
294 | 294 |
} |
295 | 295 |
} |
296 | 296 |
|
297 |
+static bool |
|
298 |
+dns_addr_safe (const char *addr) |
|
299 |
+{ |
|
300 |
+ if (addr) |
|
301 |
+ { |
|
302 |
+ const size_t len = strlen (addr); |
|
303 |
+ return len > 0 && len <= 255 && string_class (addr, CC_ALNUM|CC_DASH|CC_DOT, 0); |
|
304 |
+ } |
|
305 |
+ else |
|
306 |
+ return false; |
|
307 |
+} |
|
308 |
+ |
|
297 | 309 |
bool |
298 |
-ip_or_dns_addr_safe (const char *dotted_quad, const bool allow_fqdn) |
|
310 |
+ip_or_dns_addr_safe (const char *addr, const bool allow_fqdn) |
|
299 | 311 |
{ |
300 |
- if (ip_addr_dotted_quad_safe (dotted_quad)) |
|
312 |
+ if (ip_addr_dotted_quad_safe (addr)) |
|
301 | 313 |
return true; |
302 | 314 |
else if (allow_fqdn) |
303 |
- return string_class (dotted_quad, CC_NAME|CC_DASH|CC_DOT, 0); |
|
315 |
+ return dns_addr_safe (addr); |
|
304 | 316 |
else |
305 | 317 |
return false; |
306 | 318 |
} |
... | ... |
@@ -399,7 +399,7 @@ int openvpn_inet_aton (const char *dotted_quad, struct in_addr *addr); |
399 | 399 |
|
400 | 400 |
/* integrity validation on pulled options */ |
401 | 401 |
bool ip_addr_dotted_quad_safe (const char *dotted_quad); |
402 |
-bool ip_or_dns_addr_safe (const char *dotted_quad, const bool allow_fqdn); |
|
402 |
+bool ip_or_dns_addr_safe (const char *addr, const bool allow_fqdn); |
|
403 | 403 |
|
404 | 404 |
socket_descriptor_t create_socket_tcp (void); |
405 | 405 |
|