[core] parse $HTTP["remote-ip"] CIDR mask at start

parse $HTTP["remote-ip"] CIDR mask into structured data at startup

note: adds buffer_move() to configparser.y to reduce memory copying
for all config values, and is required for remote-ip to preserve the
structured data added after the config value string.  (Alternatively,
could have normalized the remote-ip value after copying into dc->string)

1 files changed, 4 insertions, 63 deletions

diff --git a/src/configparser.y b/src/configparser.y
index 839c5bd0..06123ac6 100644
--- a/src/configparser.y
+++ b/src/configparser.y
@@ -134,34 +134,6 @@ static data_unset *configparser_merge_data(data_unset *op1, const data_unset *op
   return op1;
 }
 
-static int configparser_remoteip_normalize_compat(buffer *rvalue) {
-  /* $HTTP["remoteip"] IPv6 accepted with or without '[]' for config compat
-   * http_request_host_normalize() expects IPv6 with '[]',
-   * and config processing at runtime expects COMP_HTTP_REMOTE_IP
-   * compared without '[]', so strip '[]' after normalization */
-  buffer *b = buffer_init();
-  int rc;
-
-  if (rvalue->ptr[0] != '[') {
-      buffer_append_str3(b, CONST_STR_LEN("["),
-                            BUF_PTR_LEN(rvalue),
-                            CONST_STR_LEN("]"));
-  } else {
-      buffer_append_string_buffer(b, rvalue);
-  }
-
-  rc = http_request_host_normalize(b, 0);
-
-  if (0 == rc) {
-    /* remove surrounding '[]' */
-    size_t blen = buffer_clen(b);
-    if (blen > 1) buffer_copy_string_len(rvalue, b->ptr+1, blen-2);
-  }
-
-  buffer_free(b);
-  return rc;
-}
-
 __attribute_pure__
 static comp_key_t
 configparser_comp_key_id(const buffer * const obj_tag, const buffer * const comp_tag)
@@ -264,40 +236,9 @@ configparser_parse_condition(config_t * const ctx, const buffer * const obj_tag,
       }
       else if (COMP_HTTP_REMOTE_IP == dc->comp
                && (dc->cond == CONFIG_COND_EQ || dc->cond == CONFIG_COND_NE)) {
-        char * const slash = strchr(rvalue->ptr, '/'); /* CIDR mask */
-        char * const colon = strchr(rvalue->ptr, ':'); /* IPv6 */
-        if (NULL != slash && slash == rvalue->ptr){/*(skip AF_UNIX /path/file)*/
-        }
-        else if (NULL != slash) {
-          char *nptr;
-          const unsigned long nm_bits = strtoul(slash + 1, &nptr, 10);
-          if (*nptr || 0 == nm_bits || nm_bits > (NULL != colon ? 128 : 32)) {
-            /*(also rejects (slash+1 == nptr) which results in nm_bits = 0)*/
-            fprintf(stderr, "invalid or missing netmask: %s\n", rvalue->ptr);
-            ctx->ok = 0;
-          }
-          else {
-            int rc;
-            buffer_truncate(rvalue, (size_t)(slash - rvalue->ptr));
-            rc = (NULL == colon)
-              ? http_request_host_normalize(rvalue, 0)
-              : configparser_remoteip_normalize_compat(rvalue);
-            buffer_append_string_len(rvalue, CONST_STR_LEN("/"));
-            buffer_append_int(rvalue, (int)nm_bits);
-            if (0 != rc) {
-              fprintf(stderr, "invalid IP addr: %s\n", rvalue->ptr);
-              ctx->ok = 0;
-            }
-          }
-        }
-        else {
-          int rc = (NULL == colon)
-            ? http_request_host_normalize(rvalue, 0)
-            : configparser_remoteip_normalize_compat(rvalue);
-          if (0 != rc) {
-            fprintf(stderr, "invalid IP addr: %s\n", rvalue->ptr);
-            ctx->ok = 0;
-          }
+        if (!config_remoteip_normalize(rvalue, tb)) {
+          fprintf(stderr, "invalid IP addr: %s\n", rvalue->ptr);
+          ctx->ok = 0;
         }
       }
       else if (COMP_SERVER_SOCKET == dc->comp) {
@@ -323,7 +264,7 @@ configparser_parse_condition(config_t * const ctx, const buffer * const obj_tag,
         dc->ext = http_header_hkey_get(BUF_PTR_LEN(&dc->comp_tag));
       }
 
-      buffer_copy_buffer(&dc->string, rvalue);
+      buffer_move(&dc->string, rvalue);
 
       if (ctx->ok)
         configparser_push(ctx, dc, 1);