Socat only checked the first character of the host name to decide if it is an IPv4 address

This commit is contained in:
Gerhard Rieger 2018-07-29 11:30:40 +02:00
parent 479d9cbbda
commit 42864922e7
3 changed files with 10 additions and 24 deletions

View file

@ -49,6 +49,12 @@ corrections:
The syntax has now been changed from "[::1/128]" to "[::1]/128"! The syntax has now been changed from "[::1/128]" to "[::1]/128"!
Thanks Leah Neukirchen for sending an initial fix. Thanks Leah Neukirchen for sending an initial fix.
For name resolution Socat only checked the first character of the host
name to decide if it is an IPv4 address. This was not RFC conform. This
fix removes the possibility for use of IPv4 addresses with IPv6, e.g.
TCP6:127.0.0.1:80
Thanks to Nicolas Fournil for reporting this issue.
testing: testing:
test.sh: Show a warning when phase-1 (insecure phase) of a security test.sh: Show a warning when phase-1 (insecure phase) of a security
test fails test fails

View file

@ -6761,6 +6761,8 @@ case "$TESTS" in
*%$N%*|*%functions%*|*%tcp%*|*%tcp6%*|*%ip6%*|*%$NAME%*) *%$N%*|*%functions%*|*%tcp%*|*%tcp6%*|*%ip6%*|*%$NAME%*)
TEST="$NAME: TCP4 mapped into TCP6 address space" TEST="$NAME: TCP4 mapped into TCP6 address space"
if ! eval $NUMCOND; then :; if ! eval $NUMCOND; then :;
elif true; then
$PRINTF "test $F_n $TEST... ${YELLOW}Feature reoved${NORMAL}\n" $N
elif ! testaddrs tcp ip6 >/dev/null || ! runsip6 >/dev/null; then elif ! testaddrs tcp ip6 >/dev/null || ! runsip6 >/dev/null; then
$PRINTF "test $F_n $TEST... ${YELLOW}TCP6 not available${NORMAL}\n" $N $PRINTF "test $F_n $TEST... ${YELLOW}TCP6 not available${NORMAL}\n" $N
numCANT=$((numCANT+1)) numCANT=$((numCANT+1))

View file

@ -167,30 +167,8 @@ int xiogetaddrinfo(const char *node, const char *service,
/* the resolver functions might handle numeric forms of node names by /* the resolver functions might handle numeric forms of node names by
reverse lookup, that's not what we want. reverse lookup, that's not what we want.
So we detect these and handle them specially */ So we detect these and handle them specially */
if (node && isdigit(node[0]&0xff)) { if (0) { /* for canonical reasons */
#if HAVE_GETADDRINFO ;
hints.ai_flags |= AI_NUMERICHOST;
#endif /* HAVE_GETADDRINFO */
if (family == PF_UNSPEC) {
family = PF_INET;
#if HAVE_GETADDRINFO
} else if (family == PF_INET6) {
/* map "explicitely" into IPv6 address space; getipnodebyname() does
this with AI_V4MAPPED, but not getaddrinfo() */
if ((numnode = Malloc(strlen(node)+7+1)) == NULL) {
#if HAVE_RESOLV_H
if (res_opts0 | res_opts1) {
_res.options = (_res.options & (~res_opts0&~res_opts1) |
save_res_opts& ( res_opts0| res_opts1));
}
#endif
return STAT_NORETRY;
}
sprintf(numnode, "::ffff:%s", node);
node = numnode;
hints.ai_flags |= AI_NUMERICHOST;
#endif /* HAVE_GETADDRINFO */
}
#if WITH_IP6 #if WITH_IP6
} else if (node && node[0] == '[' && node[(nodelen=strlen(node))-1]==']') { } else if (node && node[0] == '[' && node[(nodelen=strlen(node))-1]==']') {
if ((numnode = Malloc(nodelen-1)) == NULL) { if ((numnode = Malloc(nodelen-1)) == NULL) {