[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipfilter
Subject:    Problem with userauth sample
From:       Soeren koepping <soeren.koepping () rub ! de>
Date:       2005-05-09 12:07:22
Message-ID: 427F527A.4050500 () rub ! de
[Download RAW message or body]

Hi,
I have a problem with ipfilter 4.1.8 on solaris 9 using sunwspro
compiler.  I could not get samples/userauth to work properly.  It seems
to be from version 3.4.x and incompatible with ipfilter 4.1.x.

My ipf.conf contains:
auth in quick on hme0 from any to any
pass in from any to any
pass out from any to any

The userauth from ipfilter 4.1.8 exits reporting invalid argument
(EINVAL).  I wrote the attached patch that fixes at least the EINVAL.
It seems to work, but it crashes if SIOCAUTHW is called without any
packets pending.  I had a look at ip_auth.c.  Maybe this problem only
exists on solaris.

Regards,
Soeren


["userauth-4.1.8.diff" (text/plain)]

--- userauth.orig.c	2001-03-04 13:33:47.000000000 +0100
+++ userauth.c	2005-05-09 14:04:18.568538000 +0200
@@ -9,11 +9,14 @@
 #include "ip_compat.h"
 #include "ip_fil.h"
 #include "ip_auth.h"
+#include "netinet/ipl.h"
+
 
 extern	int	errno;
 
 main()
 {
+	struct ipfobj obj;
 	struct frauth fra;
 	struct frauth *frap = &fra;
 	fr_info_t *fin = &fra.fra_info;
@@ -21,10 +24,19 @@
 	char yn[16];
 	int fd;
 
-	fd = open(IPL_NAME, O_RDWR);
+	bzero((char *)&obj, sizeof(obj));
+	obj.ipfo_rev = IPFILTER_VERSION;
+	obj.ipfo_size = sizeof(fra);
+	obj.ipfo_ptr = &fra;
+	obj.ipfo_type = IPFOBJ_FRAUTH;
+
+	bzero((char *)&fra, sizeof(fra));
 	fra.fra_len = 0;
 	fra.fra_buf = NULL;
-	while (ioctl(fd, SIOCAUTHW, &frap) == 0) {
+	
+	fd = open(IPAUTH_NAME, O_RDONLY);
+
+	while (ioctl(fd, SIOCAUTHW, &obj) == 0) {
 		if (fra.fra_info.fin_out)
 			fra.fra_pass = FR_OUTQUE;
 		else
@@ -52,7 +64,7 @@
 			fra.fra_pass |= FR_NOMATCH;
 		printf("answer = %c (%x), id %d idx %d\n", yn[0],
 			fra.fra_pass, fra.fra_info.fin_id, fra.fra_index);
-		if (ioctl(fd, SIOCAUTHR, &frap) != 0)
+		if (ioctl(fd, SIOCAUTHR, &obj) != 0)
 			perror("SIOCAUTHR");
 	}
 	fprintf(stderr, "errno=%d \n", errno);



[prev in list] [next in list] [prev in thread] [next in thread]