Репозитории ALT
| S: | 2.3.15-alt6 |
| 5.1: | 2.3.14-alt3 |
| 4.1: | 2.3.14-alt3 |
| 4.0: | 2.3.14-alt2 |
| 3.0: | 2.3.13-alt4 |
Группа :: Система/Основа
Пакет: xinetd
навигация по пакетам
Главная Изменения Спек Патчи Sources Загрузить Gear Bugs and FR Repocop
Патч: xinetd-2.3.15-owl-bad_port_check.patch
Скачать
Скачать
Re-introduce bad_port_check(), which upstream dropped between 2.3.13 and 2.3.14
for it having been "rather antiquated for years", with no justification given
for that claim.
--- xinetd/xinetd/builtins.c
+++ xinetd/xinetd/builtins.c
@@ -52,6 +52,7 @@ static void dgram_daytime(const struct server *) ;
static void stream_chargen(const struct server *) ;
static void dgram_chargen(const struct server *) ;
static void tcpmux_handler(const struct server *) ;
+static int bad_port_check(const union xsockaddr *, const char *);
/*
* SG - This is the call sequence to get to a built-in service
@@ -163,6 +164,25 @@ static void stream_echo( const struct server *serp )
Sclose(descriptor);
}
+/* For internal UDP services, make sure we don't respond to our ports
+ * on other servers and to low ports of other services (such as DNS).
+ * This can cause looping.
+ */
+static int bad_port_check( const union xsockaddr *sa, const char *func )
+{+ uint16_t port = 0;
+
+ port = ntohs( xaddrport( sa ) );
+
+ if ( port < 1024 ) {+ msg(LOG_WARNING, func,
+ "Possible Denial of Service attack from/against %s:%u (likely spoofed)", xaddrname(sa), (unsigned int)port);
+ return (-1);
+ }
+
+ return (0);
+}
+
static void dgram_echo( const struct server *serp )
{char buf[ DATAGRAM_SIZE ] ;
@@ -178,6 +198,7 @@ static void dgram_echo( const struct server *serp )
cc = recvfrom( descriptor, buf, sizeof( buf ), 0, (struct sockaddr *)( &lsin ), &sin_len ) ;
if ( cc != (ssize_t)-1 ) {+ if( bad_port_check(&lsin, "dgram_echo") != 0 ) return;
(void) sendto( descriptor, buf, (size_t)cc, 0, SA( &lsin ), sizeof( lsin ) ) ;
}
}
@@ -303,6 +324,8 @@ static void dgram_daytime( const struct server *serp )
if ( val == (ssize_t)-1 )
return ;
+ if( bad_port_check(&lsin, "dgram_daytime") != 0 ) return;
+
daytime_protocol( time_buf, &buflen ) ;
(void) sendto( descriptor, time_buf, buflen, 0, SA(&lsin), sizeof( lsin ) ) ;
@@ -369,6 +392,8 @@ static void dgram_time( const struct server *serp )
if ( val == (ssize_t)-1 )
return ;
+ if( bad_port_check(&lsin, "dgram_time") != 0 ) return;
+
time_protocol( time_buf ) ;
(void) sendto( fd, (char *) time_buf, 4, 0, SA( &lsin ), sin_len ) ;
}
@@ -476,6 +501,8 @@ static void dgram_chargen( const struct server *serp )
if ( val == (ssize_t)-1 )
return ;
+ if( bad_port_check(&lsin, "dgram_chargen") != 0 ) return;
+
#if BUFFER_SIZE < LINE_LENGTH+2
bad_variable = 1 ; /* this will cause a compilation error */
#endif