From 772ea4ace1c76543d75eb93dfc5fc7ac68697cc2 Mon Sep 17 00:00:00 2001
From: Franco Fichtner <franco@opnsense.org>
Date: Sat, 22 Sep 2018 21:15:41 +0200
Subject: [PATCH] interfaces: tweak interfaces_addresses() slightly

* Input an array of interfaces to get addresses from,
  saving multiple calls to ifconfig in the best case.

* Return interface name, family and scope along with
  the actual address for further analysis.
---
 src/etc/inc/interfaces.inc            | 30 ++++++++++++++++++---------
 src/etc/inc/plugins.inc.d/dnsmasq.inc | 20 ++++++++++--------
 src/etc/inc/plugins.inc.d/openssh.inc | 10 ++++-----
 src/etc/inc/plugins.inc.d/unbound.inc | 12 +++++------
 src/etc/inc/plugins.inc.d/webgui.inc  | 10 ++++-----
 5 files changed, 47 insertions(+), 35 deletions(-)

diff --git a/src/etc/inc/interfaces.inc b/src/etc/inc/interfaces.inc
index a5cacc129..ac47ad625 100644
--- a/src/etc/inc/interfaces.inc
+++ b/src/etc/inc/interfaces.inc
@@ -4674,23 +4674,29 @@ function make_ipv6_64_address($prefix, $suffix)
     return implode(':', $prefix_array);
 }
 
-function interfaces_addresses($interface)
+function interfaces_addresses($interfaces)
 {
     global $config;
 
     $realifs = array();
     $result = array();
 
-    if ($interface == 'lo0') {
-        $realifs[] = 'lo0';
-    } elseif (!isset($config['interfaces'][$interface])) {
-        return $result;
+    if (!is_array($interfaces)) {
+        $interfaces = array($interfaces);
     }
 
-    foreach (array('all', 'inet6') as $af) {
-        $realif = get_real_interface($interface, $af);
-        if (!empty($realif) && !in_array($realif, $realifs)) {
-            $realifs[] = $realif;
+    foreach ($interfaces as $interface) {
+        if ($interface == 'lo0') {
+            $realifs[] = 'lo0';
+        }
+
+        if (isset($config['interfaces'][$interface])) {
+            foreach (array('all', 'inet6') as $family) {
+                $realif = get_real_interface($interface, $family);
+                if (!empty($realif) && !in_array($realif, $realifs)) {
+                    $realifs[] = $realif;
+                }
+            }
         }
     }
 
@@ -4713,7 +4719,11 @@ function interfaces_addresses($interface)
                 if (!empty($address['link-local'])) {
                     $scope = "%{$realif}";
                 }
-                $result[] = "{$address['ipaddr']}{$scope}";
+                $result["{$address['ipaddr']}{$scope}"] = array(
+                    'family' => $proto == 'ipv4' ? 'inet' : 'inet6',
+                    'scope' => !empty($scope),
+                    'name' => $realif,
+                );
             }
         }
     }
diff --git a/src/etc/inc/plugins.inc.d/dnsmasq.inc b/src/etc/inc/plugins.inc.d/dnsmasq.inc
index 68d8bf584..27d399b8d 100644
--- a/src/etc/inc/plugins.inc.d/dnsmasq.inc
+++ b/src/etc/inc/plugins.inc.d/dnsmasq.inc
@@ -122,16 +122,18 @@ function dnsmasq_configure_do($verbose = false)
         $interfaces[] = 'lo0';
         $addresses = array();
 
-        foreach ($interfaces as $interface) {
-            foreach (interfaces_addresses($interface) as $tmpaddr) {
-                if ($interface == 'lo0' && is_ipaddrv4($tmpaddr) && $tmpaddr != '127.0.0.1') {
-                    continue;
-                }
-                /* link-local does not seem to be supported */
-                if (strstr($tmpaddr, '%') === false && !is_linklocal($tmpaddr)) {
-                    $addresses[] = $tmpaddr;
-                }
+        foreach (interfaces_addresses($interfaces) as $tmpaddr => $info) {
+            if ($info['name'] == 'lo0' && $info['family'] == 'inet' && $tmpaddr != '127.0.0.1') {
+                /* allow other DNS services to bind to loopback aliases */
+                continue;
             }
+
+            if ($info['scope']) {
+                /* link-local does not seem to be supported */
+                continue;
+            }
+
+            $addresses[] = $tmpaddr;
         }
 
         foreach ($addresses as $address) {
diff --git a/src/etc/inc/plugins.inc.d/openssh.inc b/src/etc/inc/plugins.inc.d/openssh.inc
index 0c55a8ee1..79baa86de 100644
--- a/src/etc/inc/plugins.inc.d/openssh.inc
+++ b/src/etc/inc/plugins.inc.d/openssh.inc
@@ -186,13 +186,13 @@ function openssh_configure_do($verbose = false, $interface = '')
 
     $listeners = array();
 
-    foreach ($interfaces as $interface) {
-        foreach (interfaces_addresses($interface) as $tmpaddr) {
+    foreach (interfaces_addresses($interfaces) as $tmpaddr => $info) {
+        if ($info['scope']) {
             /* link-local does not seem to be supported */
-            if (strstr($tmpaddr, '%') === false && !is_linklocal($tmpaddr)) {
-                $listeners[] = $tmpaddr;
-            }
+            continue;
         }
+
+        $listeners[] = $tmpaddr;
     }
 
     foreach ($listeners as $listener) {
diff --git a/src/etc/inc/plugins.inc.d/unbound.inc b/src/etc/inc/plugins.inc.d/unbound.inc
index e3c0b0e5c..d0b2a0943 100644
--- a/src/etc/inc/plugins.inc.d/unbound.inc
+++ b/src/etc/inc/plugins.inc.d/unbound.inc
@@ -166,13 +166,13 @@ EOF;
         $active_interfaces[] = 'lo0';
         $addresses = array();
 
-        foreach ($active_interfaces as $ubif) {
-            foreach (interfaces_addresses($ubif) as $tmpaddr) {
-                if ($ubif == 'lo0' && is_ipaddrv4($tmpaddr) && $tmpaddr != '127.0.0.1') {
-                    continue;
-                }
-                $addresses[] = $tmpaddr;
+        foreach (interfaces_addresses($active_interfaces) as $tmpaddr => $info) {
+            if ($info['name'] == 'lo0' && $info['family'] == 'inet' && $tmpaddr != '127.0.0.1') {
+                /* allow other DNS services to bind to loopback aliases */
+                continue;
             }
+
+            $addresses[] = $tmpaddr;
         }
 
         foreach ($addresses as $address) {
diff --git a/src/etc/inc/plugins.inc.d/webgui.inc b/src/etc/inc/plugins.inc.d/webgui.inc
index 7cad1b7f8..2722bfdd9 100644
--- a/src/etc/inc/plugins.inc.d/webgui.inc
+++ b/src/etc/inc/plugins.inc.d/webgui.inc
@@ -58,13 +58,13 @@ function webgui_configure_do($verbose = false, $interface = '')
 
     $listeners = count($interfaces) ? array() : array('0.0.0.0', '::');
 
-    foreach ($interfaces as $interface) {
-        foreach (interfaces_addresses($interface) as $tmpaddr) {
+    foreach (interfaces_addresses($interfaces) as $tmpaddr => $info) {
+        if ($info['scope']) {
             /* link-local does not seem to be supported */
-            if (strstr($tmpaddr, '%') === false && !is_linklocal($tmpaddr)) {
-                $listeners[] = $tmpaddr;
-            }
+            continue;
         }
+
+        $listeners[] = $tmpaddr;
     }
 
     chdir('/usr/local/www');