diff options
author | Stefano Brivio <sbrivio@redhat.com> | 2022-11-09 18:21:44 +0100 |
---|---|---|
committer | Stefano Brivio <sbrivio@redhat.com> | 2022-11-10 11:17:50 +0100 |
commit | 817eedc28a63c4067e592753988c9d8a97babaf1 (patch) | |
tree | 7763a5056ed528f3f22300ea163254e3d58fffc0 | |
parent | 6533a4a07bb684ad778fca329ad90ecc4797336a (diff) | |
download | passt-817eedc28a63c4067e592753988c9d8a97babaf1.tar passt-817eedc28a63c4067e592753988c9d8a97babaf1.tar.gz passt-817eedc28a63c4067e592753988c9d8a97babaf1.tar.bz2 passt-817eedc28a63c4067e592753988c9d8a97babaf1.tar.lz passt-817eedc28a63c4067e592753988c9d8a97babaf1.tar.xz passt-817eedc28a63c4067e592753988c9d8a97babaf1.tar.zst passt-817eedc28a63c4067e592753988c9d8a97babaf1.zip |
tcp, udp: Don't initialise IPv6/IPv4 sockets if IPv4/IPv6 are not enabled
If we disable a given IP version automatically (no corresponding
default route on host) or administratively (--ipv4-only or
--ipv6-only options), we don't initialise related buffers and
services (DHCP for IPv4, NDP and DHCPv6 for IPv6). The "tap"
handlers will also ignore packets with a disabled IP version.
However, in commit 3c6ae625101a ("conf, tcp, udp: Allow address
specification for forwarded ports") I happily changed socket
initialisation functions to take AF_UNSPEC meaning "any enabled
IP version", but I forgot to add checks back for the "enabled"
part.
Reported by Paul: on a host without default IPv6 route, but IPv6
enabled, connect, using IPv6, to a port handled by pasta, which
tries to send data to a tap device without initialised buffers
for that IP version and exits because the resulting write() fails.
Simpler way to reproduce: pasta -6 and inbound IPv4 connection, or
pasta -4 and inbound IPv6 connection.
Reported-by: Paul Holzinger <pholzing@redhat.com>
Fixes: 3c6ae625101a ("conf, tcp, udp: Allow address specification for forwarded ports")
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
-rw-r--r-- | tcp.c | 4 | ||||
-rw-r--r-- | udp.c | 4 |
2 files changed, 4 insertions, 4 deletions
@@ -3213,9 +3213,9 @@ static void tcp_sock_init6(const struct ctx *c, int ns, void tcp_sock_init(const struct ctx *c, int ns, sa_family_t af, const void *addr, const char *ifname, in_port_t port) { - if (af == AF_INET || af == AF_UNSPEC) + if ((af == AF_INET || af == AF_UNSPEC) && c->ifi4) tcp_sock_init4(c, ns, addr, ifname, port); - if (af == AF_INET6 || af == AF_UNSPEC) + if ((af == AF_INET6 || af == AF_UNSPEC) && c->ifi6) tcp_sock_init6(c, ns, addr, ifname, port); } @@ -1129,7 +1129,7 @@ void udp_sock_init(const struct ctx *c, int ns, sa_family_t af, c->udp.fwd_in.f.delta[port]); } - if (af == AF_INET || af == AF_UNSPEC) { + if ((af == AF_INET || af == AF_UNSPEC) && c->ifi4) { if (!addr && c->mode == MODE_PASTA) bind_addr = &c->ip4.addr; else @@ -1162,7 +1162,7 @@ void udp_sock_init(const struct ctx *c, int ns, sa_family_t af, } } - if (af == AF_INET6 || af == AF_UNSPEC) { + if ((af == AF_INET6 || af == AF_UNSPEC) && c->ifi6) { if (!addr && c->mode == MODE_PASTA) bind_addr = &c->ip6.addr; else |