'[PATCH][Beta3] Fix IPv6 handling in BIO_get_accept_socket()'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openssl-dev
Subject:    [PATCH][Beta3] Fix IPv6 handling in BIO_get_accept_socket()
From:       David Lee <live4thee () gmail ! com>
Date:       2009-08-21 6:13:30
Message-ID: 8f62e1cd0908202313x7cd809c8oe6c1f8ff99ddef5a () mail ! gmail ! com
[Download RAW message or body]

Hi, list
I downloaded OpenSSL 1.0 beta3 and found a bug in the function
BIO_get_accept_socket(), when dealing with an IPv6 address.

The line below copies the content of `res->ai_addr' to `server', but
sizeof(server) = 16, while for IPv6 address, res->ai_addrlen is 28.
i.e, sizeof(struct sockadr_in6).  The missing 12 bytes will cause
the later bind() always fail.

 struct sockaddr server,client;
 server = *res->ai_addr;

To fix it, I use the type `struct sockaddr_storage' to hold the
address information so that its storage can satisfy any type of socket
address, for example:

 struct sockaddr_storage server,client;
 memcpy(&server, res->ai_addr, res->ai_addrlen);

Pls see the patch in attachment for details.

-- 
Thanks,
Li Qun

["fix-ipv6-handling.patch" (application/octet-stream)]

diff -r 97f29e34d19e crypto/bio/b_sock.c
--- a/crypto/bio/b_sock.c	Fri Aug 21 06:15:56 2009 -0400
+++ b/crypto/bio/b_sock.c	Fri Aug 21 10:03:36 2009 -0400
@@ -593,7 +593,7 @@
 int BIO_get_accept_socket(char *host, int bind_mode)
 	{
 	int ret=0;
-	struct sockaddr server,client;
+	struct sockaddr_storage server,client;
 	struct sockaddr_in *sa_in;
 	int s=INVALID_SOCKET,cs;
 	unsigned char ip[4];
@@ -665,7 +665,7 @@
 		}
 
 	if ((*p_getaddrinfo.f)(h,p,&hint,&res)) break;
-	server = *res->ai_addr;
+	memcpy(&server, res->ai_addr, res->ai_addrlen);
 	(*p_freeaddrinfo.f)(res);
 	goto again;
 	} while (0);
@@ -692,7 +692,7 @@
 		}
 
 again:
-	s=socket(server.sa_family,SOCK_STREAM,SOCKET_PROTOCOL);
+	s=socket(server.ss_family,SOCK_STREAM,SOCKET_PROTOCOL);
 	if (s == INVALID_SOCKET)
 		{
 		SYSerr(SYS_F_SOCKET,get_last_socket_error());
@@ -710,7 +710,7 @@
 		bind_mode=BIO_BIND_NORMAL;
 		}
 #endif
-	if (bind(s,&server,sizeof(server)) == -1)
+	if (bind(s,(struct sockaddr*)&server,sizeof(server)) == -1)
 		{
 #ifdef SO_REUSEADDR
 		err_num=get_last_socket_error();
@@ -721,7 +721,7 @@
 			if (h == NULL || strcmp(h,"*") == 0)
 				{
 #ifdef AF_INET6
-				if (client.sa_family == AF_INET6)
+				if (client.ss_family == AF_INET6)
 					{
 					struct sockaddr_in6 *sin6 =
 						(struct sockaddr_in6 *)&client;
@@ -730,7 +730,7 @@
 					}
 				else
 #endif
-				if (client.sa_family == AF_INET)
+				if (client.ss_family == AF_INET)
 					{
 					struct sockaddr_in *sin4 =
 						(struct sockaddr_in *)&client;
@@ -738,7 +738,7 @@
 					}
 				else	goto err;
 				}
-			cs=socket(client.sa_family,SOCK_STREAM,SOCKET_PROTOCOL);
+			cs=socket(client.ss_family,SOCK_STREAM,SOCKET_PROTOCOL);
 			if (cs != INVALID_SOCKET)
 				{
 				int ii;

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev@openssl.org
Automated List Manager                           majordomo@openssl.org

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic