From: Felix Fietkau <nbd@openwrt.org>
Date: Wed, 2 Jan 2013 15:14:15 +0000 (+0100)
Subject: add rfc1918 filter check
X-Git-Url: http://git.archive.openwrt.org/?p=project%2Fuhttpd.git;a=commitdiff_plain;h=3c4d560581795dbb6c89ec9f08fade3adcc91024;ds=sidebyside

add rfc1918 filter check
---

diff --git a/client.c b/client.c
index 1b9c524..3dc40e8 100644
--- a/client.c
+++ b/client.c
@@ -172,8 +172,25 @@ static bool client_init_cb(struct client *cl, char *buf, int len)
 	return true;
 }
 
+static bool rfc1918_filter_check(struct client *cl)
+{
+	if (!conf.rfc1918_filter)
+		return true;
+
+	if (!uh_addr_rfc1918(&cl->peer_addr) || uh_addr_rfc1918(&cl->srv_addr))
+		return true;
+
+	uh_client_error(cl, 403, "Forbidden",
+			"Rejected request from RFC1918 IP "
+			"to public server address");
+	return false;
+}
+
 static void client_header_complete(struct client *cl)
 {
+	if (!rfc1918_filter_check(cl))
+		return;
+
 	uh_handle_request(cl);
 }