Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/libexec/rlogind reject connection attempt from IPv4 mapped a...
details: https://anonhg.NetBSD.org/src/rev/b8dbc15f95d5
branches: trunk
changeset: 484888:b8dbc15f95d5
user: itojun <itojun%NetBSD.org@localhost>
date: Fri Apr 14 12:29:49 2000 +0000
description:
reject connection attempt from IPv4 mapped addr, for safety.
diffstat:
libexec/rlogind/rlogind.c | 35 +++++++++++++++++++++++++++++++++--
1 files changed, 33 insertions(+), 2 deletions(-)
diffs (56 lines):
diff -r 66ced9bb63f7 -r b8dbc15f95d5 libexec/rlogind/rlogind.c
--- a/libexec/rlogind/rlogind.c Fri Apr 14 12:28:51 2000 +0000
+++ b/libexec/rlogind/rlogind.c Fri Apr 14 12:29:49 2000 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: rlogind.c,v 1.20 2000/01/31 14:20:13 itojun Exp $ */
+/* $NetBSD: rlogind.c,v 1.21 2000/04/14 12:29:49 itojun Exp $ */
/*
* Copyright (C) 1998 WIDE Project.
@@ -73,7 +73,7 @@
#if 0
static char sccsid[] = "@(#)rlogind.c 8.2 (Berkeley) 4/28/95";
#else
-__RCSID("$NetBSD: rlogind.c,v 1.20 2000/01/31 14:20:13 itojun Exp $");
+__RCSID("$NetBSD: rlogind.c,v 1.21 2000/04/14 12:29:49 itojun Exp $");
#endif
#endif /* not lint */
@@ -183,6 +183,37 @@
syslog(LOG_ERR,"Can't get peer name of remote host: %m");
fatal(STDERR_FILENO, "Can't get peer name of remote host", 1);
}
+#ifdef INET6
+ if (((struct sockaddr *)&from)->sa_family == AF_INET6 &&
+ IN6_IS_ADDR_V4MAPPED(&((struct sockaddr_in6 *)&from)->sin6_addr) &&
+ sizeof(struct sockaddr_in) <= sizeof(from)) {
+ struct sockaddr_in sin;
+ struct sockaddr_in6 *sin6;
+ const int off = sizeof(struct sockaddr_in6) -
+ sizeof(struct sockaddr_in);
+
+ sin6 = (struct sockaddr_in6 *)&from;
+ memset(&sin, 0, sizeof(sin));
+ sin.sin_family = AF_INET;
+ sin.sin_len = sizeof(struct sockaddr_in);
+ memcpy(&sin.sin_addr, &sin6->sin6_addr.s6_addr[off],
+ sizeof(sin.sin_addr));
+ memcpy(&from, &sin, sizeof(sin));
+ fromlen = sin.sin_len;
+ }
+#else
+ if (((struct sockaddr *)&from)->sa_family == AF_INET6 &&
+ IN6_IS_ADDR_V4MAPPED(&((struct sockaddr_in6 *)&from)->sin6_addr)) {
+ char hbuf[NI_MAXHOST];
+ if (getnameinfo((struct sockaddr *)&from, fromlen, hbuf,
+ sizeof(hbuf), NULL, 0, NI_NUMERICHOST) != 0) {
+ strncpy(hbuf, "invalid", sizeof(hbuf));
+ }
+ syslog(LOG_ERR, "malformed \"from\" address (v4 mapped, %s)\n",
+ hbuf);
+ exit(1);
+ }
+#endif
on = 1;
if (keepalive &&
setsockopt(0, SOL_SOCKET, SO_KEEPALIVE, &on, sizeof (on)) < 0)
Home |
Main Index |
Thread Index |
Old Index