Message ID | 1314720708.2935.29.camel@edumazet-HP-Compaq-6005-Pro-SFF-PC |
---|---|
State | RFC, archived |
Delegated to: | David Miller |
Headers | show |
From: Eric Dumazet <eric.dumazet@gmail.com> Date: Tue, 30 Aug 2011 18:11:48 +0200 > Yep, we should relax the check and accept AF_UNSPEC. I guess we'll have to do this, but I just can't bring myself to accept that we can just do zero validation of what the user is passing us, see an AF_UNSPEC, and say "yeah it's fine to assume there's an ipv4 address in there." -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Le mardi 30 août 2011 à 14:07 -0400, David Miller a écrit : > From: Eric Dumazet <eric.dumazet@gmail.com> > Date: Tue, 30 Aug 2011 18:11:48 +0200 > > > Yep, we should relax the check and accept AF_UNSPEC. > > I guess we'll have to do this, but I just can't bring myself to accept > that we can just do zero validation of what the user is passing us, > see an AF_UNSPEC, and say "yeah it's fine to assume there's an ipv4 > address in there." I couldnt accept it either ;) By the way, if we accept it, strace() will probably still print binary blob instead of the IP address (not necessarily ANY address ?) connect ( AF_UNSPEC ) has special semantic, but AFAIK, bind (AF_UNSPEC) only brings some mixed results : FreeBSD was accepting it in old versions it seems. I guess I should try current FreeBSD versions. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Le mardi 30 août 2011 à 21:16 +0200, Eric Dumazet a écrit : > Le mardi 30 août 2011 à 14:07 -0400, David Miller a écrit : > > From: Eric Dumazet <eric.dumazet@gmail.com> > > Date: Tue, 30 Aug 2011 18:11:48 +0200 > > > > > Yep, we should relax the check and accept AF_UNSPEC. > > > > I guess we'll have to do this, but I just can't bring myself to accept > > that we can just do zero validation of what the user is passing us, > > see an AF_UNSPEC, and say "yeah it's fine to assume there's an ipv4 > > address in there." > > I couldnt accept it either ;) > > By the way, if we accept it, strace() will probably still print binary > blob instead of the IP address (not necessarily ANY address ?) > > connect ( AF_UNSPEC ) has special semantic, but AFAIK, bind (AF_UNSPEC) > only brings some mixed results : FreeBSD was accepting it in old > versions it seems. I guess I should try current FreeBSD versions. > Status on FreeBSD 8.1-RELEASE bind(AF_UNSPEC) is accepted (converted to AF_INET), only with a 0.0.0.0 address. Following code works : struct sockaddr_in addr; fd = socket(PF_INET, SOCK_STREAM, 0); memset(&addr, 0, sizeof(addr)) bind(fd, (struct sockaddr *)&addr, sizeof(addr)); -> 0 If tried on ipv6 sockets, it doesnt work : bind() returns -1, errno=47 struct sockaddr_in6 addr; fd = socket(PF_INET6, SOCK_STREAM, 0); memset(&addr, 0, sizeof(addr)) bind(fd, (struct sockaddr *)&addr, sizeof(addr)); -> -1 errno=47 -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
From: Eric Dumazet <eric.dumazet@gmail.com> Date: Tue, 30 Aug 2011 21:44:19 +0200 > Status on FreeBSD 8.1-RELEASE > > bind(AF_UNSPEC) is accepted (converted to AF_INET), only with a 0.0.0.0 > address. > > Following code works : > > struct sockaddr_in addr; > fd = socket(PF_INET, SOCK_STREAM, 0); > memset(&addr, 0, sizeof(addr)) > bind(fd, (struct sockaddr *)&addr, sizeof(addr)); -> 0 > > If tried on ipv6 sockets, it doesnt work : bind() returns -1, errno=47 Ok if we could add that 0.0.0.0 check too that would make me feel better about this change. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Le mardi 30 août 2011 à 15:52 -0400, David Miller a écrit : > From: Eric Dumazet <eric.dumazet@gmail.com> > Date: Tue, 30 Aug 2011 21:44:19 +0200 > > > Status on FreeBSD 8.1-RELEASE > > > > bind(AF_UNSPEC) is accepted (converted to AF_INET), only with a 0.0.0.0 > > address. > > > > Following code works : > > > > struct sockaddr_in addr; > > fd = socket(PF_INET, SOCK_STREAM, 0); > > memset(&addr, 0, sizeof(addr)) > > bind(fd, (struct sockaddr *)&addr, sizeof(addr)); -> 0 > > > > If tried on ipv6 sockets, it doesnt work : bind() returns -1, errno=47 > > Ok if we could add that 0.0.0.0 check too that would make me feel > better about this change. Sure, I will send a patch in a couple of minutes. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/net/ipv4/af_inet.c b/net/ipv4/af_inet.c index 1b745d4..60fd64e 100644 --- a/net/ipv4/af_inet.c +++ b/net/ipv4/af_inet.c @@ -465,7 +465,7 @@ int inet_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len) if (addr_len < sizeof(struct sockaddr_in)) goto out; - if (addr->sin_family != AF_INET) { + if (addr->sin_family != AF_INET && addr->sin_family != AF_UNSPEC) { err = -EAFNOSUPPORT; goto out; }