net: do not allow resolving to an internal address
In order to prevent mixups, our internal range is never allowed as a resolve result. This means that no user-provided string will ever be confused with an internal address.
This commit is contained in:
parent
7f31762cb6
commit
6d0bd5b73d
2 changed files with 12 additions and 2 deletions
|
@ -108,17 +108,22 @@ bool static LookupIntern(const char *pszName, std::vector<CNetAddr>& vIP, unsign
|
||||||
struct addrinfo *aiTrav = aiRes;
|
struct addrinfo *aiTrav = aiRes;
|
||||||
while (aiTrav != NULL && (nMaxSolutions == 0 || vIP.size() < nMaxSolutions))
|
while (aiTrav != NULL && (nMaxSolutions == 0 || vIP.size() < nMaxSolutions))
|
||||||
{
|
{
|
||||||
|
CNetAddr resolved;
|
||||||
if (aiTrav->ai_family == AF_INET)
|
if (aiTrav->ai_family == AF_INET)
|
||||||
{
|
{
|
||||||
assert(aiTrav->ai_addrlen >= sizeof(sockaddr_in));
|
assert(aiTrav->ai_addrlen >= sizeof(sockaddr_in));
|
||||||
vIP.push_back(CNetAddr(((struct sockaddr_in*)(aiTrav->ai_addr))->sin_addr));
|
resolved = CNetAddr(((struct sockaddr_in*)(aiTrav->ai_addr))->sin_addr);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (aiTrav->ai_family == AF_INET6)
|
if (aiTrav->ai_family == AF_INET6)
|
||||||
{
|
{
|
||||||
assert(aiTrav->ai_addrlen >= sizeof(sockaddr_in6));
|
assert(aiTrav->ai_addrlen >= sizeof(sockaddr_in6));
|
||||||
struct sockaddr_in6* s6 = (struct sockaddr_in6*) aiTrav->ai_addr;
|
struct sockaddr_in6* s6 = (struct sockaddr_in6*) aiTrav->ai_addr;
|
||||||
vIP.push_back(CNetAddr(s6->sin6_addr, s6->sin6_scope_id));
|
resolved = CNetAddr(s6->sin6_addr, s6->sin6_scope_id);
|
||||||
|
}
|
||||||
|
/* Never allow resolving to an internal address. Consider any such result invalid */
|
||||||
|
if (!resolved.IsInternal()) {
|
||||||
|
vIP.push_back(resolved);
|
||||||
}
|
}
|
||||||
|
|
||||||
aiTrav = aiTrav->ai_next;
|
aiTrav = aiTrav->ai_next;
|
||||||
|
|
|
@ -113,6 +113,11 @@ BOOST_AUTO_TEST_CASE(netbase_lookupnumeric)
|
||||||
BOOST_CHECK(TestParse("[::]:8333", "[::]:8333"));
|
BOOST_CHECK(TestParse("[::]:8333", "[::]:8333"));
|
||||||
BOOST_CHECK(TestParse("[127.0.0.1]", "127.0.0.1:65535"));
|
BOOST_CHECK(TestParse("[127.0.0.1]", "127.0.0.1:65535"));
|
||||||
BOOST_CHECK(TestParse(":::", "[::]:0"));
|
BOOST_CHECK(TestParse(":::", "[::]:0"));
|
||||||
|
|
||||||
|
// verify that an internal address fails to resolve
|
||||||
|
BOOST_CHECK(TestParse("[fd6b:88c0:8724:1:2:3:4:5]", "[::]:0"));
|
||||||
|
// and that a one-off resolves correctly
|
||||||
|
BOOST_CHECK(TestParse("[fd6c:88c0:8724:1:2:3:4:5]", "[fd6c:88c0:8724:1:2:3:4:5]:65535"));
|
||||||
}
|
}
|
||||||
|
|
||||||
BOOST_AUTO_TEST_CASE(onioncat_test)
|
BOOST_AUTO_TEST_CASE(onioncat_test)
|
||||||
|
|
Loading…
Reference in a new issue