From: Lutz Jaenicke <ljaenicke@innominate.com>
To: netfilter-devel@vger.kernel.org
Cc: Lutz Jaenicke <ljaenicke@innominate.com>
Subject: [PATCH] Provide family and protocol to make getaddrinfo happy
Date: Wed, 25 May 2011 14:16:26 +0200 [thread overview]
Message-ID: <1306325786-16849-2-git-send-email-ljaenicke@innominate.com> (raw)
In-Reply-To: <1306325786-16849-1-git-send-email-ljaenicke@innominate.com>
getaddrinfo() will fail for numeric port numbers if neither
the socket type (stream/datagram) nor the protocol is
provided.
Since matches on ports only make sense if the protocol is known
we "just" have to derive the protocol number from the information
already collected.
Signed-off-by: Lutz Jaenicke <ljaenicke@innominate.com>
---
xtoptions.c | 34 +++++++++++++++++++++++++++++-----
1 files changed, 29 insertions(+), 5 deletions(-)
diff --git a/xtoptions.c b/xtoptions.c
index ac0601f..e38b7ef 100644
--- a/xtoptions.c
+++ b/xtoptions.c
@@ -556,12 +556,15 @@ static void xtopt_parse_host(struct xt_option_call *cb)
* Resolve a port name to a number. Returns the port number in integral
* form on success, or <0 on error. (errno will not be set.)
*/
-static int xtables_getportbyname(const char *name)
+static int xtables_getportbyname(const char *name, int family, int protocol)
{
- struct addrinfo *res = NULL, *p;
+ struct addrinfo hints, *res = NULL, *p;
int ret;
- ret = getaddrinfo(NULL, name, NULL, &res);
+ memset(&hints, 0, sizeof(hints));
+ hints.ai_family = family;
+ hints.ai_protocol = protocol;
+ ret = getaddrinfo(NULL, name, &hints, &res);
if (ret < 0)
return -1;
ret = -1;
@@ -598,9 +601,19 @@ static void xtopt_parse_protocol(struct xt_option_call *cb)
static void xtopt_parse_port(struct xt_option_call *cb)
{
const struct xt_option_entry *entry = cb->entry;
+ struct ipt_entry *fw = cb->xt_entry;
+ struct ip6t_entry *fw6 = cb->xt_entry;
+ int family, protocol;
int ret;
- ret = xtables_getportbyname(cb->arg);
+ if (afinfo->family == NFPROTO_IPV4) {
+ family = AF_INET;
+ protocol = fw->ip.proto;
+ } else {
+ family = AF_INET6;
+ protocol = fw6->ipv6.proto;
+ }
+ ret = xtables_getportbyname(cb->arg, family, protocol);
if (ret < 0)
xt_params->exit_err(PARAMETER_PROBLEM,
"Port \"%s\" does not resolve to anything.\n",
@@ -616,10 +629,21 @@ static void xtopt_parse_mport(struct xt_option_call *cb)
{
static const size_t esize = sizeof(uint16_t);
const struct xt_option_entry *entry = cb->entry;
+ struct ipt_entry *fw = cb->xt_entry;
+ struct ip6t_entry *fw6 = cb->xt_entry;
char *lo_arg, *wp_arg, *arg;
unsigned int maxiter;
+ int family, protocol;
int value;
+ if (afinfo->family == NFPROTO_IPV4) {
+ family = AF_INET;
+ protocol = fw->ip.proto;
+ } else {
+ family = AF_INET6;
+ protocol = fw6->ipv6.proto;
+ }
+
wp_arg = lo_arg = strdup(cb->arg);
if (lo_arg == NULL)
xt_params->exit_err(RESOURCE_PROBLEM, "strdup");
@@ -645,7 +669,7 @@ static void xtopt_parse_mport(struct xt_option_call *cb)
continue;
}
- value = xtables_getportbyname(arg);
+ value = xtables_getportbyname(arg, family, protocol);
if (value < 0)
xt_params->exit_err(PARAMETER_PROBLEM,
"Port \"%s\" does not resolve to "
--
1.7.2.5
next prev parent reply other threads:[~2011-05-25 12:16 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-05-25 12:16 Proposed fix for getaddrinfo() issue Lutz Jaenicke
2011-05-25 12:16 ` Lutz Jaenicke [this message]
2011-05-25 12:31 ` [PATCH] Provide family and protocol to make getaddrinfo happy Jan Engelhardt
2011-05-25 13:26 ` Lutz Jaenicke
2011-05-25 13:41 ` Jan Engelhardt
2011-05-25 14:06 ` Lutz Jaenicke
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1306325786-16849-2-git-send-email-ljaenicke@innominate.com \
--to=ljaenicke@innominate.com \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).