Ticket #107: diff
| File diff, 24.3 KB (added by guest, 19 months ago) |
|---|
-
iodine-0.6.0-rc1
diff -ur iodine-0.6.0-rc1.ORIG/src/client.c iodine-0.6.0-rc1/src/client.c
old new 58 58 static int running; 59 59 static const char *password; 60 60 61 static struct sockaddr_in nameserv;62 static struct sockaddr_in raw_serv;61 static struct sockaddr_in6 nameserv; 62 static struct sockaddr_in6 raw_serv; 63 63 static const char *topdomain; 64 64 65 65 static uint16_t rand_seed; … … 148 148 void 149 149 client_set_nameserver(const char *cp, int port) 150 150 { 151 struct in _addr addr;151 struct in6_addr addr; 152 152 153 if (inet_ aton(cp, &addr) != 1) {153 if (inet_pton(AF_INET6, cp, &addr) != 1) { 154 154 /* try resolving if a domain is given */ 155 struct hostent *host;155 struct addrinfo *res; 156 156 const char *err; 157 host = gethostbyname(cp); 158 if (host != NULL && h_errno > 0) { 159 int i = 0; 160 while (host->h_addr_list[i] != 0) { 161 addr = *(struct in_addr *) host->h_addr_list[i++]; 162 fprintf(stderr, "Resolved %s to %s\n", cp, inet_ntoa(addr)); 157 int error = getaddrinfo(cp, NULL, NULL, &res); 158 if (!error) { 159 struct addrinfo *rp; 160 for (rp = res; rp != NULL; rp = rp->ai_next) { 161 if (rp->ai_family == AF_INET6) 162 addr = ((struct sockaddr_in6 *)(rp->ai_addr))->sin6_addr; 163 else { 164 addr.s6_addr32[0] = 0; 165 addr.s6_addr32[1] = 0; 166 addr.s6_addr32[2] = htonl(0xffff); 167 addr.s6_addr32[3] = ((struct sockaddr_in *)(rp->ai_addr))->sin_addr.s_addr; 168 } 169 fprintf(stderr, "Resolved %s to %s\n", cp, inet6_ntoa(addr)); 163 170 goto setaddr; 164 171 } 165 172 } 166 173 #ifndef WINDOWS32 167 err = hstrerror(h_errno);174 err = gai_strerror(error); 168 175 #else 169 176 { 170 177 DWORD wserr = WSAGetLastError(); … … 186 193 187 194 setaddr: 188 195 memset(&nameserv, 0, sizeof(nameserv)); 189 nameserv.sin _family = AF_INET;190 nameserv.sin _port = htons(port);191 nameserv.sin _addr = addr;196 nameserv.sin6_family = AF_INET6; 197 nameserv.sin6_port = htons(port); 198 nameserv.sin6_addr = addr; 192 199 } 193 200 194 201 void … … 272 279 const char * 273 280 client_get_raw_addr() 274 281 { 275 return inet _ntoa(raw_serv.sin_addr);282 return inet6_ntoa(raw_serv.sin6_addr); 276 283 } 277 284 278 285 static void … … 601 608 socklen_t addrlen; 602 609 int r; 603 610 604 addrlen = sizeof(struct sockaddr );611 addrlen = sizeof(struct sockaddr_in6); 605 612 if ((r = recvfrom(dns_fd, data, sizeof(data), 0, 606 613 (struct sockaddr*)&from, &addrlen)) < 0) { 607 614 warn("recvfrom"); … … 1522 1529 int r; 1523 1530 int len; 1524 1531 unsigned remoteaddr = 0; 1525 struct in _addr server;1532 struct in6_addr server; 1526 1533 1527 1534 fprintf(stderr, "Testing raw UDP data to the server (skip with -r)"); 1528 1535 for (i=0; running && i<3 ;i++) { … … 1541 1548 remoteaddr |= (in[3] & 0xff); 1542 1549 remoteaddr <<= 8; 1543 1550 remoteaddr |= (in[4] & 0xff); 1544 server.s_addr = ntohl(remoteaddr); 1551 server.s6_addr32[0] = 0; 1552 server.s6_addr32[1] = 0; 1553 server.s6_addr32[2] = ntohl(0xffff); 1554 server.s6_addr32[3] = ntohl(remoteaddr); 1545 1555 break; 1556 } else if (len == 17 && in[0] == 'I') { 1557 remoteaddr = -1; 1558 memcpy(&server, in + 1, sizeof(struct in6_addr)); 1546 1559 } 1547 1560 /*XXX END adjust indent 1 tab back*/ 1548 1561 … … 1557 1570 fprintf(stderr, "Failed to get raw server IP, will use DNS mode.\n"); 1558 1571 return 0; 1559 1572 } 1560 fprintf(stderr, "Server is at %s, trying raw login: ", inet _ntoa(server));1573 fprintf(stderr, "Server is at %s, trying raw login: ", inet6_ntoa(server)); 1561 1574 fflush(stderr); 1562 1575 1563 1576 /* Store address to iodined server */ 1564 1577 memset(&raw_serv, 0, sizeof(raw_serv)); 1565 raw_serv.sin _family = AF_INET;1566 raw_serv.sin _port = htons(53);1567 raw_serv.sin _addr = server;1578 raw_serv.sin6_family = AF_INET6; 1579 raw_serv.sin6_port = htons(53); 1580 raw_serv.sin6_addr = server; 1568 1581 1569 1582 /* do login against port 53 on remote server 1570 1583 * based on the old seed. If reply received, -
iodine-0.6.0-rc1
diff -ur iodine-0.6.0-rc1.ORIG/src/common.c iodine-0.6.0-rc1/src/common.c
old new 53 53 /* The raw header used when not using DNS protocol */ 54 54 const unsigned char raw_header[RAW_HDR_LEN] = { 0x10, 0xd1, 0x9e, 0x00 }; 55 55 56 /* Transparent socket */ 57 struct sockaddr_in6 tsock; 58 56 59 /* daemon(3) exists only in 4.4BSD or later, and in GNU libc */ 57 60 #if !defined(WINDOWS32) && !(defined(BSD) && (BSD >= 199306)) && !defined(__GLIBC__) 58 61 static int daemon(int nochdir, int noclose) … … 112 115 } 113 116 114 117 int 115 open_dns(int localport, in_addr_tlisten_ip)118 open_dns(int localport, struct in6_addr listen_ip) 116 119 { 117 struct sockaddr_in addr;120 struct sockaddr_in6 addr; 118 121 int flag = 1; 119 122 int fd; 120 123 121 124 memset(&addr, 0, sizeof(addr)); 122 addr.sin _family = AF_INET;123 addr.sin _port = htons(localport);125 addr.sin6_family = AF_INET6; 126 addr.sin6_port = htons(localport); 124 127 /* listen_ip already in network byte order from inet_addr, or 0 */ 125 addr.sin _addr.s_addr = listen_ip;128 addr.sin6_addr = listen_ip; 126 129 127 if ((fd = socket(AF_INET , SOCK_DGRAM, IPPROTO_UDP)) < 0) {130 if ((fd = socket(AF_INET6, SOCK_DGRAM, IPPROTO_UDP)) < 0) { 128 131 fprintf(stderr, "got fd %d\n", fd); 129 132 err(1, "socket"); 130 133 } … … 138 141 #ifndef WINDOWS32 139 142 /* To get destination address from each UDP datagram, see iodined.c:read_dns() */ 140 143 setsockopt(fd, IPPROTO_IP, DSTADDR_SOCKOPT, (const void*) &flag, sizeof(flag)); 144 setsockopt(fd, IPPROTO_IPV6, IPV6_RECVORIGDSTADDR, (const void*) &flag, sizeof(flag)); 145 #ifdef IP_TRANSPARENT 146 /* To be able to use TPROXY in incoming queries */ 147 if (localport && localport != DNS_PORT) { 148 setsockopt(fd, SOL_IP, IP_TRANSPARENT, (const void*) &flag, sizeof(flag)); 149 tsock = addr; 150 } 151 #endif 141 152 #endif 142 153 143 154 #ifdef IP_OPT_DONT_FRAG … … 348 359 } 349 360 return 0; 350 361 } 362 363 char *inet6_ntoa(struct in6_addr src) { 364 static char dst[INET6_ADDRSTRLEN]; 365 366 if (IN6_IS_ADDR_V4MAPPED(&src)) 367 { 368 struct in_addr ia; 369 ia.s_addr = src.s6_addr32[3]; 370 inet_ntop(AF_INET, &ia, dst, sizeof(dst)); 371 } else 372 inet_ntop(AF_INET6, &src, dst, sizeof(dst)); 373 374 return dst; 375 } 376 377 int 378 sendto_tproxy(int sockfd, const void *buf, size_t len, int flags, 379 struct sockaddr_in6 *s_addr, 380 const struct sockaddr *dest_addr, socklen_t daddrlen) 381 { 382 int fd; 383 #ifdef IP_TRANSPARENT 384 static int tfd = -1; 385 if (tsock.sin6_family && (tsock.sin6_port != s_addr->sin6_port)) { 386 static struct sockaddr_in6 src_addr; 387 int flag = 1; 388 389 if (memcmp(&src_addr, s_addr, sizeof(src_addr))) { 390 if (tfd >= 0) 391 close(tfd); 392 393 src_addr = *s_addr; 394 395 if ((tfd = socket(AF_INET6, SOCK_DGRAM, IPPROTO_UDP)) < 0) { 396 fprintf(stderr, "got fd %d\n", tfd); 397 err(1, "socket"); 398 } 399 400 #ifdef SO_REUSEPORT 401 setsockopt(tfd, SOL_SOCKET, SO_REUSEPORT, (const void*) &flag, sizeof(flag)); 402 #endif 403 setsockopt(tfd, SOL_SOCKET, SO_REUSEADDR, (const void*) &flag, sizeof(flag)); 404 405 setsockopt(tfd, SOL_SOCKET, SO_BROADCAST, (const void*) &flag, sizeof(flag)); 406 setsockopt(tfd, SOL_IP, IP_TRANSPARENT, (const void*) &flag, sizeof(flag)); 407 408 #ifdef IP_OPT_DONT_FRAG 409 /* Set dont-fragment ip header flag */ 410 flag = DONT_FRAG_VALUE; 411 setsockopt(tfd, IPPROTO_IP, IP_OPT_DONT_FRAG, (const void*) &flag, sizeof(flag)); 412 #endif 413 if(bind(tfd, (struct sockaddr*)&src_addr, sizeof(src_addr)) < 0) 414 err(1, "bind"); 415 } 416 fd = tfd; 417 } else 418 #endif 419 fd = sockfd; 420 421 return sendto(fd, buf, len, flags, dest_addr, daddrlen); 422 } -
iodine-0.6.0-rc1
diff -ur iodine-0.6.0-rc1.ORIG/src/common.h iodine-0.6.0-rc1/src/common.h
old new 52 52 53 53 #define QUERY_NAME_SIZE 256 54 54 55 #if defined IP_RECVDSTADDR 55 #if defined IP_RECVORIGDSTADDR 56 # define IPV6_RECVORIGDSTADDR 74 57 # define DSTADDR_SOCKOPT IP_RECVORIGDSTADDR 58 # define dstaddr(x) (&(((struct sockaddr_in *)(CMSG_DATA(x)))->sin_addr.s_addr)) 59 # define dstport(x) (((struct sockaddr_in *)(CMSG_DATA(x)))->sin_port) 60 # define dstsock6(x) ((struct sockaddr_in6 *)(CMSG_DATA(x))) 61 #elif defined IP_RECVDSTADDR 56 62 # define DSTADDR_SOCKOPT IP_RECVDSTADDR 57 63 # define dstaddr(x) ((struct in_addr *) CMSG_DATA(x)) 64 # define dstport(x) (DNS_PORT) 58 65 #elif defined IP_PKTINFO 59 66 # define DSTADDR_SOCKOPT IP_PKTINFO 60 67 # define dstaddr(x) (&(((struct in_pktinfo *)(CMSG_DATA(x)))->ipi_addr)) 68 # define dstport(x) (DNS_PORT) 61 69 #endif 62 70 63 71 #if defined IP_MTU_DISCOVER … … 92 100 unsigned short type; 93 101 unsigned short rcode; 94 102 unsigned short id; 95 struct in_addrdestination;96 struct sockaddr from;103 struct sockaddr_in6 destination; 104 struct sockaddr_in6 from; 97 105 int fromlen; 98 106 unsigned short id2; 99 struct sockaddr from2;107 struct sockaddr_in6 from2; 100 108 int fromlen2; 101 109 }; 102 110 … … 107 115 }; 108 116 109 117 void check_superuser(void (*usage_fn)(void)); 110 int open_dns(int, in_addr_t);118 int open_dns(int, struct in6_addr); 111 119 void close_dns(int); 112 120 113 121 void do_chroot(char *); … … 129 137 #endif 130 138 131 139 int recent_seqno(int , int); 140 char *inet6_ntoa(struct in6_addr src); 141 int sendto_tproxy(int sockfd, const void *buf, size_t len, int flags, 142 struct sockaddr_in6 *s_addr, 143 const struct sockaddr *dest_addr, socklen_t daddrlen); 132 144 133 145 #endif -
iodine-0.6.0-rc1
diff -ur iodine-0.6.0-rc1.ORIG/src/iodine.c iodine-0.6.0-rc1/src/iodine.c
old new 317 317 retval = 1; 318 318 goto cleanup1; 319 319 } 320 if ((dns_fd = open_dns(0, INADDR_ANY)) == -1) {320 if ((dns_fd = open_dns(0, in6addr_any)) == -1) { 321 321 retval = 1; 322 322 goto cleanup2; 323 323 } -
iodine-0.6.0-rc1
diff -ur iodine-0.6.0-rc1.ORIG/src/iodined.c iodine-0.6.0-rc1/src/iodined.c
old new 80 80 static in_addr_t my_ip; 81 81 static int netmask; 82 82 83 static in_addr_tns_ip;83 static struct in6_addr ns_ip; 84 84 85 85 static int bind_port; 86 86 static int debug; … … 119 119 static int 120 120 check_user_and_ip(int userid, struct query *q) 121 121 { 122 struct sockaddr_in *tempin;122 struct sockaddr_in6 *tempin; 123 123 124 124 /* Note: duplicate in handle_raw_login() except IP-address check */ 125 125 … … 138 138 return 0; 139 139 } 140 140 141 tempin = (struct sockaddr_in *) &(q->from);142 return memcmp(&(users[userid].host), &(tempin->sin_addr), sizeof(struct in_addr));141 tempin = (struct sockaddr_in6 *) &(q->from); 142 return (!IN6_ARE_ADDR_EQUAL(&users[userid].host, &tempin->sin6_addr)); 143 143 } 144 144 145 145 static void … … 159 159 packet[RAW_HDR_CMD] = cmd | (user & 0x0F); 160 160 161 161 if (debug >= 2) { 162 struct sockaddr_in *tempin;163 tempin = (struct sockaddr_in *) &(q->from);162 struct sockaddr_in6 *tempin; 163 tempin = (struct sockaddr_in6 *) &(q->from); 164 164 fprintf(stderr, "TX-raw: client %s, cmd %d, %d bytes\n", 165 inet _ntoa(tempin->sin_addr), cmd, len);165 inet6_ntoa(tempin->sin6_addr), cmd, len); 166 166 } 167 167 168 sendto (fd, packet, len, 0,&q->from, q->fromlen);168 sendto_tproxy(fd, packet, len, 0, &q->destination, (struct sockaddr *)&q->from, q->fromlen); 169 169 } 170 170 171 171 … … 698 698 userid = find_available_user(); 699 699 if (userid >= 0) { 700 700 int i; 701 struct sockaddr_in *tempin;701 struct sockaddr_in6 *tempin; 702 702 703 703 users[userid].seed = rand(); 704 704 /* Store remote IP number */ 705 tempin = (struct sockaddr_in *) &(q->from);706 memcpy(&(users[userid].host), &(tempin->sin _addr), sizeof(struct in_addr));705 tempin = (struct sockaddr_in6 *) &(q->from); 706 memcpy(&(users[userid].host), &(tempin->sin6_addr), sizeof(struct in6_addr)); 707 707 708 708 memcpy(&(users[userid].q), q, sizeof(struct query)); 709 709 users[userid].encoder = get_base32_encoder(); 710 710 users[userid].downenc = 'T'; 711 711 send_version_response(dns_fd, VERSION_ACK, users[userid].seed, userid, q); 712 712 syslog(LOG_INFO, "accepted version for user #%d from %s", 713 userid, inet _ntoa(tempin->sin_addr));713 userid, inet6_ntoa(tempin->sin6_addr)); 714 714 users[userid].q.id = 0; 715 715 users[userid].q.id2 = 0; 716 716 users[userid].q_sendrealsoon.id = 0; … … 752 752 /* No space for another user */ 753 753 send_version_response(dns_fd, VERSION_FULL, created_users, 0, q); 754 754 syslog(LOG_INFO, "dropped user from %s, server full", 755 inet _ntoa(((struct sockaddr_in *) &q->from)->sin_addr));755 inet6_ntoa(((struct sockaddr_in6 *) &q->from)->sin6_addr)); 756 756 } 757 757 } else { 758 758 send_version_response(dns_fd, VERSION_NACK, VERSION, 0, q); 759 759 syslog(LOG_INFO, "dropped user from %s, sent bad version %08X", 760 inet _ntoa(((struct sockaddr_in *) &q->from)->sin_addr), version);760 inet6_ntoa(((struct sockaddr_in6 *) &q->from)->sin6_addr), version); 761 761 } 762 762 return; 763 763 } else if(in[0] == 'L' || in[0] == 'l') { … … 773 773 if (check_user_and_ip(userid, q) != 0) { 774 774 write_dns(dns_fd, q, "BADIP", 5, 'T'); 775 775 syslog(LOG_WARNING, "dropped login request from user #%d from unexpected source %s", 776 userid, inet _ntoa(((struct sockaddr_in *) &q->from)->sin_addr));776 userid, inet6_ntoa(((struct sockaddr_in6 *) &q->from)->sin6_addr)); 777 777 return; 778 778 } else { 779 779 users[userid].last_pkt = time(NULL); … … 799 799 } else { 800 800 write_dns(dns_fd, q, "LNAK", 4, 'T'); 801 801 syslog(LOG_WARNING, "rejected login request from user #%d from %s, bad password", 802 userid, inet _ntoa(((struct sockaddr_in *) &q->from)->sin_addr));802 userid, inet6_ntoa(((struct sockaddr_in6 *) &q->from)->sin6_addr)); 803 803 } 804 804 } 805 805 return; 806 806 } else if(in[0] == 'I' || in[0] == 'i') { 807 807 /* Request for IP number */ 808 in_addr_treplyaddr;808 struct in6_addr replyaddr; 809 809 unsigned addr; 810 810 char reply[5]; 811 811 … … 815 815 return; /* illegal id */ 816 816 } 817 817 818 if ( ns_ip != INADDR_ANY) {818 if (!IN6_IS_ADDR_UNSPECIFIED(&ns_ip)) { 819 819 /* If set, use assigned external ip (-n option) */ 820 820 replyaddr = ns_ip; 821 821 } else { 822 822 /* otherwise return destination ip from packet */ 823 memcpy(&replyaddr, &q->destination.s_addr, sizeof(in_addr_t));823 replyaddr = q->destination.sin6_addr; 824 824 } 825 825 826 addr = htonl(replyaddr); 827 reply[0] = 'I'; 828 reply[1] = (addr >> 24) & 0xFF; 829 reply[2] = (addr >> 16) & 0xFF; 830 reply[3] = (addr >> 8) & 0xFF; 831 reply[4] = (addr >> 0) & 0xFF; 832 write_dns(dns_fd, q, reply, sizeof(reply), 'T'); 826 if (!IN6_IS_ADDR_V4MAPPED(&replyaddr)) 827 { 828 char reply[17]; 829 reply[0] = 'I'; 830 memcpy(reply+1, &replyaddr, sizeof(struct in6_addr)); 831 write_dns(dns_fd, q, reply, sizeof(reply), 'T'); 832 } else { 833 addr = htonl(replyaddr.s6_addr32[3]); 834 reply[0] = 'I'; 835 reply[1] = (addr >> 24) & 0xFF; 836 reply[2] = (addr >> 16) & 0xFF; 837 reply[3] = (addr >> 8) & 0xFF; 838 reply[4] = (addr >> 0) & 0xFF; 839 write_dns(dns_fd, q, reply, sizeof(reply), 'T'); 840 } 833 841 } else if(in[0] == 'Z' || in[0] == 'z') { 834 842 /* Check for case conservation and chars not allowed according to RFC */ 835 843 … … 1424 1432 char buf[64*1024]; 1425 1433 int len; 1426 1434 1427 if ( ns_ip != INADDR_ANY) {1435 if (!IN6_IS_ADDR_UNSPECIFIED(&ns_ip)) { 1428 1436 /* If ns_ip set, overwrite destination addr with it. 1429 1437 * Destination addr will be sent as additional record (A, IN) */ 1430 memcpy(&q->destination.s_addr, &ns_ip, sizeof(in_addr_t)); 1438 q->destination.sin6_family = AF_INET6; 1439 q->destination.sin6_addr = ns_ip; 1440 q->destination.sin6_port = htons(DNS_PORT); 1431 1441 } 1432 1442 1433 1443 len = dns_encode_ns_response(buf, sizeof(buf), q, topdomain); … … 1437 1447 } 1438 1448 1439 1449 if (debug >= 2) { 1440 struct sockaddr_in *tempin;1441 tempin = (struct sockaddr_in *) &(q->from);1450 struct sockaddr_in6 *tempin; 1451 tempin = (struct sockaddr_in6 *) &(q->from); 1442 1452 fprintf(stderr, "TX: client %s, type %d, name %s, %d bytes NS reply\n", 1443 inet _ntoa(tempin->sin_addr), q->type, q->name, len);1453 inet6_ntoa(tempin->sin6_addr), q->type, q->name, len); 1444 1454 } 1445 if (sendto (dns_fd, buf, len, 0, (struct sockaddr*)&q->from, q->fromlen) <= 0) {1455 if (sendto_tproxy(dns_fd, buf, len, 0, &q->destination, (struct sockaddr*)&q->from, q->fromlen) <= 0) { 1446 1456 warn("ns reply send error"); 1447 1457 } 1448 1458 } … … 1455 1465 int len; 1456 1466 1457 1467 if (fakeip) { 1458 in_addr_t ip = inet_addr("127.0.0.1"); 1459 memcpy(&q->destination.s_addr, &ip, sizeof(in_addr_t)); 1468 inet_pton(AF_INET6,"::FFFF:127.0.0.1",&q->destination.sin6_addr); 1469 q->destination.sin6_family = AF_INET6; 1470 q->destination.sin6_port = htons(DNS_PORT); 1460 1471 1461 } else if ( ns_ip != INADDR_ANY) {1472 } else if (!IN6_IS_ADDR_UNSPECIFIED(&ns_ip)) { 1462 1473 /* If ns_ip set, overwrite destination addr with it. 1463 1474 * Destination addr will be sent as additional record (A, IN) */ 1464 memcpy(&q->destination.s_addr, &ns_ip, sizeof(in_addr_t)); 1475 q->destination.sin6_family = AF_INET6; 1476 q->destination.sin6_addr = ns_ip; 1477 q->destination.sin6_port = htons(DNS_PORT); 1465 1478 } 1466 1479 1467 1480 len = dns_encode_a_response(buf, sizeof(buf), q); … … 1471 1484 } 1472 1485 1473 1486 if (debug >= 2) { 1474 struct sockaddr_in *tempin;1475 tempin = (struct sockaddr_in *) &(q->from);1487 struct sockaddr_in6 *tempin; 1488 tempin = (struct sockaddr_in6 *) &(q->from); 1476 1489 fprintf(stderr, "TX: client %s, type %d, name %s, %d bytes A reply\n", 1477 inet _ntoa(tempin->sin_addr), q->type, q->name, len);1490 inet6_ntoa(tempin->sin6_addr), q->type, q->name, len); 1478 1491 } 1479 if (sendto (dns_fd, buf, len, 0, (struct sockaddr*)&q->from, q->fromlen) <= 0) {1492 if (sendto_tproxy(dns_fd, buf, len, 0, &q->destination, (struct sockaddr*)&q->from, q->fromlen) <= 0) { 1480 1493 warn("a reply send error"); 1481 1494 } 1482 1495 } … … 1487 1500 char buf[64*1024]; 1488 1501 int len; 1489 1502 struct fw_query fwq; 1490 struct sockaddr_in *myaddr; 1491 in_addr_t newaddr; 1503 struct sockaddr_in6 *myaddr; 1492 1504 1493 1505 len = dns_encode(buf, sizeof(buf), q, QR_QUERY, q->name, strlen(q->name)); 1494 1506 if (len < 1) { … … 1502 1514 fwq.id = q->id; 1503 1515 fw_query_put(&fwq); 1504 1516 1505 newaddr = inet_addr("127.0.0.1"); 1506 myaddr = (struct sockaddr_in *) &(q->from); 1507 memcpy(&(myaddr->sin_addr), &newaddr, sizeof(in_addr_t)); 1508 myaddr->sin_port = htons(bind_port); 1517 myaddr = (struct sockaddr_in6 *) &(q->from); 1518 inet_pton(AF_INET6,"::FFFF:127.0.0.1",&(myaddr->sin6_addr)); 1519 myaddr->sin6_port = htons(bind_port); 1509 1520 1510 1521 if (debug >= 2) { 1511 1522 fprintf(stderr, "TX: NS reply \n"); … … 1520 1531 tunnel_bind(int bind_fd, int dns_fd) 1521 1532 { 1522 1533 char packet[64*1024]; 1523 struct sockaddr_in from;1534 struct sockaddr_in6 from; 1524 1535 socklen_t fromlen; 1525 1536 struct fw_query *query; 1526 1537 unsigned short id; 1527 1538 int r; 1528 1539 1529 fromlen = sizeof(struct sockaddr );1540 fromlen = sizeof(struct sockaddr_in6); 1530 1541 r = recvfrom(bind_fd, packet, sizeof(packet), 0, 1531 1542 (struct sockaddr*)&from, &fromlen); 1532 1543 … … 1547 1558 } 1548 1559 1549 1560 if (debug >= 2) { 1550 struct sockaddr_in *in;1551 in = (struct sockaddr_in *) &(query->addr);1561 struct sockaddr_in6 *in; 1562 in = (struct sockaddr_in6 *) &(query->addr); 1552 1563 fprintf(stderr, "TX: client %s id %u, %d bytes\n", 1553 inet _ntoa(in->sin_addr), (id & 0xffff), r);1564 inet6_ntoa(in->sin6_addr), (id & 0xffff), r); 1554 1565 } 1555 1566 1556 1567 if (sendto(dns_fd, packet, r, 0, (const struct sockaddr *) &(query->addr), … … 1573 1584 return 0; 1574 1585 1575 1586 if (debug >= 2) { 1576 struct sockaddr_in *tempin;1577 tempin = (struct sockaddr_in *) &(q.from);1587 struct sockaddr_in6 *tempin; 1588 tempin = (struct sockaddr_in6 *) &(q.from); 1578 1589 fprintf(stderr, "RX: client %s, type %d, name %s\n", 1579 inet _ntoa(tempin->sin_addr), q.type, q.name);1590 inet6_ntoa(tempin->sin6_addr), q.type, q.name); 1580 1591 } 1581 1592 1582 1593 domain_len = strlen(q.name) - strlen(topdomain); … … 1799 1810 /* User sends hash of seed + 1 */ 1800 1811 login_calculate(myhash, 16, password, users[userid].seed + 1); 1801 1812 if (memcmp(packet, myhash, 16) == 0) { 1802 struct sockaddr_in *tempin;1813 struct sockaddr_in6 *tempin; 1803 1814 1804 1815 /* Update query and time info for user */ 1805 1816 users[userid].last_pkt = time(NULL); 1806 1817 memcpy(&(users[userid].q), q, sizeof(struct query)); 1807 1818 1808 1819 /* Store remote IP number */ 1809 tempin = (struct sockaddr_in *) &(q->from);1810 memcpy(&(users[userid].host), &(tempin->sin _addr), sizeof(struct in_addr));1820 tempin = (struct sockaddr_in6 *) &(q->from); 1821 memcpy(&(users[userid].host), &(tempin->sin6_addr), sizeof(struct in6_addr)); 1811 1822 1812 1823 /* Correct hash, reply with hash of seed - 1 */ 1813 1824 user_set_conn_type(userid, CONN_RAW_UDP); … … 1893 1904 static int 1894 1905 read_dns(int fd, int tun_fd, struct query *q) /* FIXME: tun_fd is because of raw_decode() below */ 1895 1906 { 1896 struct sockaddr_in from;1907 struct sockaddr_in6 from; 1897 1908 socklen_t addrlen; 1898 1909 char packet[64*1024]; 1899 1910 int r; … … 1903 1914 struct iovec iov; 1904 1915 struct cmsghdr *cmsg; 1905 1916 1906 addrlen = sizeof(struct sockaddr );1917 addrlen = sizeof(struct sockaddr_in6); 1907 1918 iov.iov_base = packet; 1908 1919 iov.iov_len = sizeof(packet); 1909 1920 … … 1917 1928 1918 1929 r = recvmsg(fd, &msg, 0); 1919 1930 #else 1920 addrlen = sizeof(struct sockaddr );1931 addrlen = sizeof(struct sockaddr_in6); 1921 1932 r = recvfrom(fd, packet, sizeof(packet), 0, (struct sockaddr*)&from, &addrlen); 1922 1933 #endif /* !WINDOWS32 */ 1923 1934 … … 1940 1951 if (cmsg->cmsg_level == IPPROTO_IP && 1941 1952 cmsg->cmsg_type == DSTADDR_SOCKOPT) { 1942 1953 1943 q->destination = *dstaddr(cmsg); 1954 q->destination.sin6_family = AF_INET6; 1955 q->destination.sin6_addr.s6_addr32[0] = 0; 1956 q->destination.sin6_addr.s6_addr32[1] = 0; 1957 q->destination.sin6_addr.s6_addr32[2] = htonl(0xffff); 1958 q->destination.sin6_addr.s6_addr32[3] = *dstaddr(cmsg); 1959 q->destination.sin6_port = dstport(cmsg); 1960 break; 1961 } else if (cmsg->cmsg_level == IPPROTO_IPV6 && 1962 cmsg->cmsg_type == IPV6_RECVORIGDSTADDR) { 1963 1964 memcpy(&q->destination, dstsock6(cmsg), sizeof(struct sockaddr_in6)); 1944 1965 break; 1945 1966 } 1946 1967 } … … 2106 2127 } 2107 2128 2108 2129 if (debug >= 2) { 2109 struct sockaddr_in *tempin;2110 tempin = (struct sockaddr_in *) &(q->from);2130 struct sockaddr_in6 *tempin; 2131 tempin = (struct sockaddr_in6 *) &(q->from); 2111 2132 fprintf(stderr, "TX: client %s, type %d, name %s, %d bytes data\n", 2112 inet _ntoa(tempin->sin_addr), q->type, q->name, datalen);2133 inet6_ntoa(tempin->sin6_addr), q->type, q->name, datalen); 2113 2134 } 2114 2135 2115 sendto (fd, buf, len, 0, (struct sockaddr*)&q->from, q->fromlen);2136 sendto_tproxy(fd, buf, len, 0, &q->destination, (struct sockaddr*)&q->from, q->fromlen); 2116 2137 } 2117 2138 2118 2139 static void … … 2173 2194 main(int argc, char **argv) 2174 2195 { 2175 2196 extern char *__progname; 2176 in_addr_tlisten_ip;2197 struct in6_addr listen_ip; 2177 2198 #ifndef WINDOWS32 2178 2199 struct passwd *pw; 2179 2200 #endif … … 2210 2231 bind_fd = 0; 2211 2232 mtu = 1130; /* Very many relays give fragsize 1150 or slightly 2212 2233 higher for NULL; tun/zlib adds ~17 bytes. */ 2213 listen_ip = INADDR_ANY;2234 listen_ip = in6addr_any; 2214 2235 port = 53; 2215 ns_ip = INADDR_ANY;2236 ns_ip = in6addr_any; 2216 2237 check_ip = 1; 2217 2238 skipipconfig = 0; 2218 2239 debug = 0; … … 2275 2296 mtu = atoi(optarg); 2276 2297 break; 2277 2298 case 'l': 2278 listen_ip = inet_addr(optarg); 2299 if (!inet_pton(AF_INET6, optarg, &listen_ip)) { 2300 warnx("Bad IP address to listen on."); 2301 usage(); 2302 } 2279 2303 break; 2280 2304 case 'p': 2281 2305 port = atoi(optarg); 2282 2306 break; 2283 2307 case 'n': 2284 ns_ip = inet_addr(optarg); 2308 if (!inet_pton(AF_INET, optarg, &ns_ip)) { 2309 warnx("Bad IP address to return as nameserver."); 2310 usage(); 2311 } 2285 2312 break; 2286 2313 case 'b': 2287 2314 bind_enable = 1; … … 2321 2348 netmask = atoi(netsize); 2322 2349 } 2323 2350 2324 my_ip = inet_addr(argv[0]); 2325 2326 if (my_ip == INADDR_NONE) { 2351 if (!inet_pton(AF_INET, argv[0], &my_ip)) { 2327 2352 warnx("Bad IP address to use inside tunnel."); 2328 2353 usage(); 2329 2354 } … … 2346 2371 usage(); 2347 2372 } 2348 2373 #endif 2374 if (port != DNS_PORT) { 2375 warnx("setuid and tproxy options incompatible!"); 2376 usage(); 2377 } 2349 2378 } 2350 2379 2351 2380 if (mtu <= 0) { … … 2365 2394 /* NOTREACHED */ 2366 2395 } 2367 2396 /* Avoid forwarding loops */ 2368 if (bind_port == port && ( listen_ip == INADDR_ANY || listen_ip == htonl(0x7f000001L))) {2397 if (bind_port == port && (IN6_IS_ADDR_UNSPECIFIED(&listen_ip) || IN6_IS_ADDR_LOOPBACK(&listen_ip))) { 2369 2398 warnx("Forward port is same as listen port (%d), will create a loop!", bind_port); 2370 2399 fprintf(stderr, "Use -l to set listen ip to avoid this.\n"); 2371 2400 usage(); … … 2386 2415 foreground = 1; 2387 2416 } 2388 2417 2389 if (listen_ip == INADDR_NONE) {2390 warnx("Bad IP address to listen on.");2391 usage();2392 }2393 2394 if (ns_ip == INADDR_NONE) {2395 warnx("Bad IP address to return as nameserver.");2396 usage();2397 }2398 2418 if (netmask > 30 || netmask < 8) { 2399 2419 warnx("Bad netmask (%d bits). Use 8-30 bits.", netmask); 2400 2420 usage(); … … 2424 2444 goto cleanup2; 2425 2445 } 2426 2446 if (bind_enable) { 2427 if ((bind_fd = open_dns(0, INADDR_ANY)) == -1) {2447 if ((bind_fd = open_dns(0, in6addr_any)) == -1) { 2428 2448 retval = 1; 2429 2449 goto cleanup3; 2430 2450 } -
iodine-0.6.0-rc1
diff -ur iodine-0.6.0-rc1.ORIG/src/user.h iodine-0.6.0-rc1/src/user.h
old new 40 40 time_t last_pkt; 41 41 int seed; 42 42 in_addr_t tun_ip; 43 struct in _addr host;43 struct in6_addr host; 44 44 struct query q; 45 45 struct query q_sendrealsoon; 46 46 int q_sendrealsoon_new;
