[ipfilter-cvs] ipfilter ip_dns_pxy.c, ip_ipsec_pxy.c, ip_irc_pxy.c, ip_pptp_pxy.c, ip_raudio_pxy.c,
Brought to you by:
darren_r
Menu
▾
▴
[ipfilter-cvs] ipfilter ip_dns_pxy.c, ip_ipsec_pxy.c, ip_irc_pxy.c, ip_pptp_pxy.c, ip_raudio_pxy.c, ip_rpcb_pxy.c,
|
From: Darren <dar...@us...> - 2012-07-20 07:58:08
|
Update of /cvsroot/ipfilter/ipfilter
In directory vz-cvs-4.sog:/tmp/cvs-serv28088
Modified Files:
ip_dns_pxy.c ip_ipsec_pxy.c ip_irc_pxy.c ip_pptp_pxy.c
ip_raudio_pxy.c ip_rpcb_pxy.c
Log Message:
3545309 non-ipv6 safe proxies do not fail with ipv6
Index: ip_ipsec_pxy.c
===================================================================
RCS file: /cvsroot/ipfilter/ipfilter/ip_ipsec_pxy.c,v
retrieving revision 1.18
retrieving revision 1.19
diff -C2 -d -r1.18 -r1.19
*** ip_ipsec_pxy.c 13 Jul 2012 11:56:51 -0000 1.18
--- ip_ipsec_pxy.c 20 Jul 2012 07:58:06 -0000 1.19
***************
*** 151,154 ****
--- 151,157 ----
mb_t *m;
+ if (fin->fin_v != 4)
+ return -1;
+
off = fin->fin_plen - fin->fin_dlen + fin->fin_ipoff;
bzero(softi->ipsec_buffer, sizeof(softi->ipsec_buffer));
Index: ip_pptp_pxy.c
===================================================================
RCS file: /cvsroot/ipfilter/ipfilter/ip_pptp_pxy.c,v
retrieving revision 1.17
retrieving revision 1.18
diff -C2 -d -r1.17 -r1.18
*** ip_pptp_pxy.c 13 Jul 2012 11:56:51 -0000 1.17
--- ip_pptp_pxy.c 20 Jul 2012 07:58:06 -0000 1.18
***************
*** 120,123 ****
--- 120,126 ----
ip_t *ip;
+ if (fin->fin_v != 4)
+ return -1;
+
ip = fin->fin_ip;
np = nat->nat_ptr;
Index: ip_raudio_pxy.c
===================================================================
RCS file: /cvsroot/ipfilter/ipfilter/ip_raudio_pxy.c,v
retrieving revision 1.10
retrieving revision 1.11
diff -C2 -d -r1.10 -r1.11
*** ip_raudio_pxy.c 29 Jul 2009 06:13:00 -0000 1.10
--- ip_raudio_pxy.c 20 Jul 2012 07:58:06 -0000 1.11
***************
*** 57,67 ****
raudio_t *rap;
KMALLOCS(aps->aps_data, void *, sizeof(raudio_t));
if (aps->aps_data == NULL)
return -1;
- fin = fin; /* LINT */
- nat = nat; /* LINT */
-
bzero(aps->aps_data, sizeof(raudio_t));
rap = aps->aps_data;
--- 57,69 ----
raudio_t *rap;
+ nat = nat; /* LINT */
+
+ if (fin->fin_v != 4)
+ return -1;
+
KMALLOCS(aps->aps_data, void *, sizeof(raudio_t));
if (aps->aps_data == NULL)
return -1;
bzero(aps->aps_data, sizeof(raudio_t));
rap = aps->aps_data;
Index: ip_irc_pxy.c
===================================================================
RCS file: /cvsroot/ipfilter/ipfilter/ip_irc_pxy.c,v
retrieving revision 1.11
retrieving revision 1.12
diff -C2 -d -r1.11 -r1.12
*** ip_irc_pxy.c 29 May 2012 12:47:41 -0000 1.11
--- ip_irc_pxy.c 20 Jul 2012 07:58:06 -0000 1.12
***************
*** 233,241 ****
ircinfo_t *irc;
KMALLOC(irc, ircinfo_t *);
if (irc == NULL)
return -1;
- fin = fin; /* LINT */
nat = nat; /* LINT */
--- 233,243 ----
ircinfo_t *irc;
+ if (fin->fin_v != 4)
+ return -1;
+
KMALLOC(irc, ircinfo_t *);
if (irc == NULL)
return -1;
nat = nat; /* LINT */
***************
*** 357,360 ****
--- 359,363 ----
#endif
COPYBACK(m, off, nlen, newbuf);
+ fin->fin_flx |= FI_DOCKSUM;
if (inc != 0) {
Index: ip_rpcb_pxy.c
===================================================================
RCS file: /cvsroot/ipfilter/ipfilter/ip_rpcb_pxy.c,v
retrieving revision 1.15
retrieving revision 1.16
diff -C2 -d -r1.15 -r1.16
*** ip_rpcb_pxy.c 13 Jul 2012 06:38:23 -0000 1.15
--- ip_rpcb_pxy.c 20 Jul 2012 07:58:06 -0000 1.16
***************
*** 149,155 ****
rpcb_session_t *rs;
- fin = fin; /* LINT */
nat = nat; /* LINT */
KMALLOC(rs, rpcb_session_t *);
if (rs == NULL)
--- 149,157 ----
rpcb_session_t *rs;
nat = nat; /* LINT */
+ if (fin->fin_v != 4)
+ return -1;
+
KMALLOC(rs, rpcb_session_t *);
if (rs == NULL)
Index: ip_dns_pxy.c
===================================================================
RCS file: /cvsroot/ipfilter/ipfilter/ip_dns_pxy.c,v
retrieving revision 1.5
retrieving revision 1.6
diff -C2 -d -r1.5 -r1.6
*** ip_dns_pxy.c 29 Jan 2012 05:31:05 -0000 1.5
--- ip_dns_pxy.c 20 Jul 2012 07:58:06 -0000 1.6
***************
*** 184,187 ****
--- 184,190 ----
int dlen;
+ if (fin->fin_v != 4)
+ return -1;
+
dlen = fin->fin_dlen - sizeof(udphdr_t);
if (dlen < sizeof(ipf_dns_hdr_t)) {
|