Fix long hostnames interpreted as IP addresses

2017-02-21 16:14:04 +01:00 · 2017-02-21 16:14:04 +01:00 · 8aee320c88
commit 8aee320c88
parent a687c9a985
2 changed files with 71 additions and 0 deletions
--- a/freeradius-Handle-hostnames-in-fr_pton4-6.patch
+++ b/freeradius-Handle-hostnames-in-fr_pton4-6.patch
@ -0,0 +1,68 @@
+From 881f11e7d4c5303a5b1e44f854be22bb65a29142 Mon Sep 17 00:00:00 2001
+From: Nikolai Kondrashov <Nikolai.Kondrashov@redhat.com>
+Date: Fri, 17 Feb 2017 16:16:42 +0100
+Subject: [PATCH] Handle hostnames in fr_pton4/6
+
+Make fr_pton4/6 handle hostnames longer than the longest address +
+prefix.
+
+(cherry picked from commit d825d4e73fb0c61dc76f535fceb2930e555fe148)
+---
+ src/lib/misc.c | 18 +++++++++++-------
+ 1 file changed, 11 insertions(+), 7 deletions(-)
+
+diff --git a/src/lib/misc.c b/src/lib/misc.c
+index af6ee2ce9..ba3fc362f 100644
+--- a/src/lib/misc.c
+++ b/src/lib/misc.c
+@@ -302,10 +302,12 @@ static int ip_prefix_from_str(char const *str, uint32_t *paddr)
+ }
+ 
+ 
+-/** Parse an IPv4 address or IPv4 prefix in presentation format (and others)
+/**
+ * Parse an IPv4 address, IPv4 prefix in presentation format (and others), or
+ * a hostname.
+  *
+  * @param out Where to write the ip address value.
+- * @param value to parse, may be dotted quad [+ prefix], or integer, or octal number, or '*' (INADDR_ANY).
+ * @param value to parse, may be dotted quad [+ prefix], or integer, or octal number, or '*' (INADDR_ANY), or a hostname.
+  * @param inlen Length of value, if value is \0 terminated inlen may be -1.
+  * @param resolve If true and value doesn't look like an IP address, try and resolve value as a hostname.
+  * @param fallback to IPv6 resolution if no A records can be found.
+@@ -317,8 +319,8 @@ int fr_pton4(fr_ipaddr_t *out, char const *value, ssize_t inlen, bool resolve, b
+ 	unsigned int mask;
+ 	char *eptr;
+ 
+-	/* Dotted quad + / + [0-9]{1,2} */
+-	char buffer[INET_ADDRSTRLEN + 3];
+	/* Dotted quad + / + [0-9]{1,2} or a hostname (RFC1035 2.3.4 Size limits) */
+	char buffer[256];
+ 
+ 	/*
+ 	 *	Copy to intermediary buffer if we were given a length
+@@ -400,7 +402,9 @@ int fr_pton4(fr_ipaddr_t *out, char const *value, ssize_t inlen, bool resolve, b
+ 	return 0;
+ }
+ 
+-/** Parse an IPv6 address or IPv6 prefix in presentation format (and others)
+/**
+ * Parse an IPv6 address or IPv6 prefix in presentation format (and others),
+ * or a hostname.
+  *
+  * @param out Where to write the ip address value.
+  * @param value to parse.
+@@ -415,8 +419,8 @@ int fr_pton6(fr_ipaddr_t *out, char const *value, ssize_t inlen, bool resolve, b
+ 	unsigned int prefix;
+ 	char *eptr;
+ 
+-	/* IPv6  + / + [0-9]{1,3} */
+-	char buffer[INET6_ADDRSTRLEN + 4];
+	/* IPv6  + / + [0-9]{1,3} or a hostname (RFC1035 2.3.4 Size limits) */
+	char buffer[256];
+ 
+ 	/*
+ 	 *	Copy to intermediary buffer if we were given a length
+-- 
+2.11.0
+
--- a/freeradius.spec
+++ b/freeradius.spec
@ -26,6 +26,7 @@ Patch2: freeradius-Use-system-crypto-policy-by-default.patch
 Patch3: freeradius-Fix-three-cases-of-comparing-pointer-to-zero-char.patch
 Patch4: freeradius-Support-OpenSSL-v1.1.0.patch
 Patch5: freeradius-suid-down-after-fchown.-Fixes-1914.patch
+Patch6: freeradius-Handle-hostnames-in-fr_pton4-6.patch

 %global docdir %{?_pkgdocdir}%{!?_pkgdocdir:%{_docdir}/%{name}-%{version}}

@ -196,6 +197,7 @@ This plugin provides the REST support for the FreeRADIUS server project.
 %patch3 -p1
 %patch4 -p1
 %patch5 -p1
+%patch6 -p1

 %build
 # Force compile/link options, extra security for network facing daemon
@ -800,6 +802,7 @@ exit 0
 * Tue Feb 21 2017 Nikolai Kondrashov <Nikolai.Kondrashov@redhat.com> - 3.0.12-3
 - Do not fail logrotate if radiusd is not running.
 - Fix output to log file specified with -l option.
+- Fix long hostnames interpreted as IP addresses.

 * Mon Feb 20 2017 Nikolai Kondrashov <Nikolai.Kondrashov@redhat.com> - 3.0.12-2
 - Fix three cases of comparing pointers to zero characters