Reworked fix for #21
This commit is contained in:
parent
0d3494ae78
commit
f06b208f3e
|
@ -66,6 +66,15 @@ sigint(int sig)
|
|||
running = 0;
|
||||
}
|
||||
|
||||
static int
|
||||
ip_cmp(int userid, struct query *q)
|
||||
{
|
||||
struct sockaddr_in *tempin;
|
||||
|
||||
tempin = (struct sockaddr_in *) &(q->from);
|
||||
return memcmp(&(users[userid].host), &(tempin->sin_addr), sizeof(struct in_addr));
|
||||
}
|
||||
|
||||
static int
|
||||
tunnel_tun(int tun_fd, int dns_fd)
|
||||
{
|
||||
|
@ -167,10 +176,14 @@ tunnel_dns(int tun_fd, int dns_fd)
|
|||
if (version == VERSION) {
|
||||
userid = find_available_user();
|
||||
if (userid >= 0) {
|
||||
struct sockaddr_in *tempin;
|
||||
|
||||
users[userid].seed = rand();
|
||||
memcpy(&(users[userid].host), &(dummy.q.from), dummy.q.fromlen);
|
||||
/* Store remote IP number */
|
||||
tempin = (struct sockaddr_in *) &(dummy.q.from);
|
||||
memcpy(&(users[userid].host), &(tempin->sin_addr), sizeof(struct in_addr));
|
||||
|
||||
memcpy(&(users[userid].q), &(dummy.q), sizeof(struct query));
|
||||
users[userid].addrlen = dummy.q.fromlen;
|
||||
users[userid].encoder = get_base32_encoder();
|
||||
send_version_response(dns_fd, VERSION_ACK, users[userid].seed, &users[userid]);
|
||||
users[userid].q.id = 0;
|
||||
|
@ -192,8 +205,7 @@ tunnel_dns(int tun_fd, int dns_fd)
|
|||
users[userid].last_pkt = time(NULL);
|
||||
login_calculate(logindata, 16, password, users[userid].seed);
|
||||
|
||||
if (check_ip && (dummy.q.fromlen != users[userid].addrlen ||
|
||||
memcmp(&(users[userid].host), &(dummy.q.from), dummy.q.fromlen) != 0)) {
|
||||
if (check_ip && ip_cmp(userid, &(dummy.q)) != 0) {
|
||||
write_dns(dns_fd, &(dummy.q), "BADIP", 5);
|
||||
} else {
|
||||
if (read >= 18 && (memcmp(logindata, unpacked+1, 16) == 0)) {
|
||||
|
@ -220,7 +232,7 @@ tunnel_dns(int tun_fd, int dns_fd)
|
|||
read = unpack_data(unpacked, sizeof(unpacked), &(in[1]), read - 1, b32);
|
||||
/* Ping packet, store userid */
|
||||
userid = unpacked[0];
|
||||
if (userid < 0 || userid >= USERS) {
|
||||
if (userid < 0 || userid >= USERS || ip_cmp(userid, &(dummy.q)) != 0) {
|
||||
write_dns(dns_fd, &(dummy.q), "BADIP", 5);
|
||||
return 0; /* illegal id */
|
||||
}
|
||||
|
@ -249,8 +261,7 @@ tunnel_dns(int tun_fd, int dns_fd)
|
|||
}
|
||||
|
||||
/* Check sending ip number */
|
||||
if (check_ip && (dummy.q.fromlen != users[userid].addrlen ||
|
||||
memcmp(&(users[userid].host), &(dummy.q.from), dummy.q.fromlen) != 0)) {
|
||||
if (check_ip && ip_cmp(userid, &(dummy.q)) != 0) {
|
||||
write_dns(dns_fd, &(dummy.q), "BADIP", 5);
|
||||
} else {
|
||||
/* decode with this users encoding */
|
||||
|
@ -259,7 +270,6 @@ tunnel_dns(int tun_fd, int dns_fd)
|
|||
|
||||
users[userid].last_pkt = time(NULL);
|
||||
memcpy(&(users[userid].q), &(dummy.q), sizeof(struct query));
|
||||
users[userid].addrlen = dummy.q.fromlen;
|
||||
memcpy(users[userid].inpacket.data + users[userid].inpacket.offset, unpacked, read);
|
||||
users[userid].inpacket.len += read;
|
||||
users[userid].inpacket.offset += read;
|
||||
|
@ -288,10 +298,7 @@ tunnel_dns(int tun_fd, int dns_fd)
|
|||
}
|
||||
}
|
||||
/* userid must be set for a reply to be sent */
|
||||
if (userid >= 0 && userid < USERS && dummy.q.fromlen == users[userid].addrlen &&
|
||||
memcmp(&(users[userid].host), &(dummy.q.from), dummy.q.fromlen) == 0 &&
|
||||
users[userid].outpacket.len > 0) {
|
||||
|
||||
if (userid >= 0 && userid < USERS && ip_cmp(userid, &(dummy.q)) == 0 && users[userid].outpacket.len > 0) {
|
||||
write_dns(dns_fd, &(dummy.q), users[userid].outpacket.data, users[userid].outpacket.len);
|
||||
users[userid].outpacket.len = 0;
|
||||
users[userid].q.id = 0;
|
||||
|
|
|
@ -25,8 +25,7 @@ struct user {
|
|||
time_t last_pkt;
|
||||
int seed;
|
||||
in_addr_t tun_ip;
|
||||
struct sockaddr host;
|
||||
int addrlen;
|
||||
struct in_addr host;
|
||||
struct query q;
|
||||
struct packet inpacket;
|
||||
struct packet outpacket;
|
||||
|
|
Loading…
Reference in New Issue