From 8aee320c88d9513a150be9e70d945848bb6a5c4b Mon Sep 17 00:00:00 2001 From: Nikolai Kondrashov Date: Tue, 21 Feb 2017 16:14:04 +0100 Subject: [PATCH] Fix long hostnames interpreted as IP addresses --- ...adius-Handle-hostnames-in-fr_pton4-6.patch | 68 +++++++++++++++++++ freeradius.spec | 3 + 2 files changed, 71 insertions(+) create mode 100644 freeradius-Handle-hostnames-in-fr_pton4-6.patch diff --git a/freeradius-Handle-hostnames-in-fr_pton4-6.patch b/freeradius-Handle-hostnames-in-fr_pton4-6.patch new file mode 100644 index 0000000..6f124d1 --- /dev/null +++ b/freeradius-Handle-hostnames-in-fr_pton4-6.patch @@ -0,0 +1,68 @@ +From 881f11e7d4c5303a5b1e44f854be22bb65a29142 Mon Sep 17 00:00:00 2001 +From: Nikolai Kondrashov +Date: Fri, 17 Feb 2017 16:16:42 +0100 +Subject: [PATCH] Handle hostnames in fr_pton4/6 + +Make fr_pton4/6 handle hostnames longer than the longest address + +prefix. + +(cherry picked from commit d825d4e73fb0c61dc76f535fceb2930e555fe148) +--- + src/lib/misc.c | 18 +++++++++++------- + 1 file changed, 11 insertions(+), 7 deletions(-) + +diff --git a/src/lib/misc.c b/src/lib/misc.c +index af6ee2ce9..ba3fc362f 100644 +--- a/src/lib/misc.c ++++ b/src/lib/misc.c +@@ -302,10 +302,12 @@ static int ip_prefix_from_str(char const *str, uint32_t *paddr) + } + + +-/** Parse an IPv4 address or IPv4 prefix in presentation format (and others) ++/** ++ * Parse an IPv4 address, IPv4 prefix in presentation format (and others), or ++ * a hostname. + * + * @param out Where to write the ip address value. +- * @param value to parse, may be dotted quad [+ prefix], or integer, or octal number, or '*' (INADDR_ANY). ++ * @param value to parse, may be dotted quad [+ prefix], or integer, or octal number, or '*' (INADDR_ANY), or a hostname. + * @param inlen Length of value, if value is \0 terminated inlen may be -1. + * @param resolve If true and value doesn't look like an IP address, try and resolve value as a hostname. + * @param fallback to IPv6 resolution if no A records can be found. +@@ -317,8 +319,8 @@ int fr_pton4(fr_ipaddr_t *out, char const *value, ssize_t inlen, bool resolve, b + unsigned int mask; + char *eptr; + +- /* Dotted quad + / + [0-9]{1,2} */ +- char buffer[INET_ADDRSTRLEN + 3]; ++ /* Dotted quad + / + [0-9]{1,2} or a hostname (RFC1035 2.3.4 Size limits) */ ++ char buffer[256]; + + /* + * Copy to intermediary buffer if we were given a length +@@ -400,7 +402,9 @@ int fr_pton4(fr_ipaddr_t *out, char const *value, ssize_t inlen, bool resolve, b + return 0; + } + +-/** Parse an IPv6 address or IPv6 prefix in presentation format (and others) ++/** ++ * Parse an IPv6 address or IPv6 prefix in presentation format (and others), ++ * or a hostname. + * + * @param out Where to write the ip address value. + * @param value to parse. +@@ -415,8 +419,8 @@ int fr_pton6(fr_ipaddr_t *out, char const *value, ssize_t inlen, bool resolve, b + unsigned int prefix; + char *eptr; + +- /* IPv6 + / + [0-9]{1,3} */ +- char buffer[INET6_ADDRSTRLEN + 4]; ++ /* IPv6 + / + [0-9]{1,3} or a hostname (RFC1035 2.3.4 Size limits) */ ++ char buffer[256]; + + /* + * Copy to intermediary buffer if we were given a length +-- +2.11.0 + diff --git a/freeradius.spec b/freeradius.spec index 1363b16..7f4b9d7 100644 --- a/freeradius.spec +++ b/freeradius.spec @@ -26,6 +26,7 @@ Patch2: freeradius-Use-system-crypto-policy-by-default.patch Patch3: freeradius-Fix-three-cases-of-comparing-pointer-to-zero-char.patch Patch4: freeradius-Support-OpenSSL-v1.1.0.patch Patch5: freeradius-suid-down-after-fchown.-Fixes-1914.patch +Patch6: freeradius-Handle-hostnames-in-fr_pton4-6.patch %global docdir %{?_pkgdocdir}%{!?_pkgdocdir:%{_docdir}/%{name}-%{version}} @@ -196,6 +197,7 @@ This plugin provides the REST support for the FreeRADIUS server project. %patch3 -p1 %patch4 -p1 %patch5 -p1 +%patch6 -p1 %build # Force compile/link options, extra security for network facing daemon @@ -800,6 +802,7 @@ exit 0 * Tue Feb 21 2017 Nikolai Kondrashov - 3.0.12-3 - Do not fail logrotate if radiusd is not running. - Fix output to log file specified with -l option. +- Fix long hostnames interpreted as IP addresses. * Mon Feb 20 2017 Nikolai Kondrashov - 3.0.12-2 - Fix three cases of comparing pointers to zero characters