diff options
| author | Jun-ichiro itojun Hagino <itojun@cvs.openbsd.org> | 2002-06-07 07:37:42 +0000 |
|---|---|---|
| committer | Jun-ichiro itojun Hagino <itojun@cvs.openbsd.org> | 2002-06-07 07:37:42 +0000 |
| commit | f9f4cd0cdcf1d242a39aaf4449d27c60fa98418c (patch) | |
| tree | 0922903b633f0e3c75663fc8c6dc1655ab2f18dc /usr.sbin/inetd/inetd.c | |
| parent | bc07d889b62322dfd38f175baabfc95a4005f5ad (diff) | |
do not respond to udp service if ip_src matches broadcast addr. theo ok
Diffstat (limited to 'usr.sbin/inetd/inetd.c')
| -rw-r--r-- | usr.sbin/inetd/inetd.c | 33 |
1 files changed, 29 insertions, 4 deletions
diff --git a/usr.sbin/inetd/inetd.c b/usr.sbin/inetd/inetd.c index 349c9de15de..3d83e1eca3c 100644 --- a/usr.sbin/inetd/inetd.c +++ b/usr.sbin/inetd/inetd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: inetd.c,v 1.98 2002/06/01 03:42:06 itojun Exp $ */ +/* $OpenBSD: inetd.c,v 1.99 2002/06/07 07:37:41 itojun Exp $ */ /* $NetBSD: inetd.c,v 1.11 1996/02/22 11:14:41 mycroft Exp $ */ /* * Copyright (c) 1983,1991 The Regents of the University of California. @@ -41,7 +41,7 @@ char copyright[] = #ifndef lint /*static char sccsid[] = "from: @(#)inetd.c 5.30 (Berkeley) 6/3/91";*/ -static char rcsid[] = "$OpenBSD: inetd.c,v 1.98 2002/06/01 03:42:06 itojun Exp $"; +static char rcsid[] = "$OpenBSD: inetd.c,v 1.99 2002/06/07 07:37:41 itojun Exp $"; #endif /* not lint */ /* @@ -150,6 +150,7 @@ static char rcsid[] = "$OpenBSD: inetd.c,v 1.98 2002/06/01 03:42:06 itojun Exp $ #define RLIMIT_NOFILE RLIMIT_OFILE #endif +#include <net/if.h> #include <netinet/in.h> #include <arpa/inet.h> @@ -165,6 +166,7 @@ static char rcsid[] = "$OpenBSD: inetd.c,v 1.98 2002/06/01 03:42:06 itojun Exp $ #include <unistd.h> #include <string.h> #include <login_cap.h> +#include <ifaddrs.h> #include <rpc/rpc.h> #include <rpc/pmap_clnt.h> #include <rpcsvc/nfs_prot.h> @@ -567,7 +569,8 @@ dg_badinput(sa) case 0: case 127: case 255: goto bad; } - /* XXX should check for subnet broadcast using getifaddrs(3) */ + if (dg_broadcast(&in)) + goto bad; break; case AF_INET6: in6 = &((struct sockaddr_in6 *)sa)->sin6_addr; @@ -600,6 +603,29 @@ bad: return (1); } +int +dg_broadcast(in) + struct in_addr *in; +{ + struct ifaddrs *ifa, *ifap; + struct sockaddr_in *sin; + + if (getifaddrs(&ifap) < 0) + return (0); + for (ifa = ifap; ifa; ifa = ifa->ifa_next) { + if (ifa->ifa_addr->sa_family != AF_INET || + (ifa->ifa_flags & IFF_BROADCAST) == 0) + continue; + sin = (struct sockaddr_in *)ifa->ifa_addr; + if (sin->sin_addr.s_addr == in->s_addr) { + freeifaddrs(ifap); + return (1); + } + } + freeifaddrs(ifap); + return (0); +} + void reap(int sig) { @@ -2054,4 +2080,3 @@ spawn(sep, ctrl) if (!sep->se_wait && sep->se_socktype == SOCK_STREAM) close(ctrl); } - |