HevSocks5Session: Add support for limiting access to the UDP associat…

…ion based on the source address.

HevSocks5Core: Update to bf6fa2f.

src/hev-socks5-session.c

@@ -105,7 +105,8 @@ hev_socks5_session_bind (HevSocks5 *self, int fd, const struct sockaddr *dest)
 }
 
 static int
-hev_socks5_session_udp_bind (HevSocks5Server *self, int sock)
+hev_socks5_session_udp_bind (HevSocks5Server *self, int sock,
+                             const struct sockaddr *src)
 {
     struct sockaddr_in6 addr;
     const char *saddr;
@@ -143,11 +144,19 @@ hev_socks5_session_udp_bind (HevSocks5Server *self, int sock)
     }
 
     addr.sin6_port = sport ? htons (strtoul (sport, NULL, 10)) : 0;
-
     res = bind (sock, (struct sockaddr *)&addr, alen);
     if (res < 0)
         return -1;
 
+    if (hev_netaddr_is_any ((struct sockaddr_in6 *)src))
+        return 0;
+
+    res = connect (sock, src, sizeof (struct sockaddr_in6));
+    if (res < 0)
+        return -1;
+
+    HEV_SOCKS5 (self)->udp_associated = 1;
+
     return 0;
 }
 

src/misc/hev-misc.c

@@ -61,6 +61,18 @@ hev_netaddr_resolve (struct sockaddr_in6 *daddr, const char *addr,
     return 0;
 }
 
+int
+hev_netaddr_is_any (struct sockaddr_in6 *addr)
+{
+    if (addr->sin6_port)
+        return 0;
+
+    if (!IN6_IS_ADDR_V4MAPPED (&addr->sin6_addr))
+        return !memcmp (&addr->sin6_addr, &in6addr_any, 16);
+
+    return !memcmp (&addr->sin6_addr.s6_addr[12], &in6addr_any, 4);
+}
+
 void
 run_as_daemon (const char *pid_file)
 {

src/misc/hev-misc.h

@@ -14,6 +14,7 @@
 
 int hev_netaddr_resolve (struct sockaddr_in6 *daddr, const char *addr,
                          const char *port);
+int hev_netaddr_is_any (struct sockaddr_in6 *addr);
 
 void run_as_daemon (const char *pid_file);
 int set_limit_nofile (int limit_nofile);