From 3a9b276debdd7217e0fb4246245772a1e8bb3c71 Mon Sep 17 00:00:00 2001 From: Olof hagsand Date: Sun, 31 Jul 2022 10:11:51 +0200 Subject: [PATCH] Fixed struct sockaddr memory issues Test: fixed docker yang repo copy Test: disable restconf-callhome for fcgi --- apps/restconf/restconf_lib.c | 7 ++-- apps/restconf/restconf_main_native.c | 9 +++--- docker/main/Dockerfile | 2 +- docker/main/Dockerfile.fcgi | 2 +- docker/main/Dockerfile.native | 3 +- lib/src/clixon_proto.c | 5 +-- test/test_restconf_callhome.sh | 5 +++ util/clixon_netconf_ssh_callhome.c | 44 +++++++------------------- util/clixon_restconf_callhome_client.c | 7 ++-- 9 files changed, 36 insertions(+), 48 deletions(-) diff --git a/apps/restconf/restconf_lib.c b/apps/restconf/restconf_lib.c index 51fa6a6b..6a57af01 100644 --- a/apps/restconf/restconf_lib.c +++ b/apps/restconf/restconf_lib.c @@ -841,7 +841,8 @@ restconf_socket_init(const char *netns0, int *ss) { int retval = -1; - struct sockaddr sa = {0,}; + struct sockaddr_in6 sin6 = {0,}; // because its larger than sin and sa + struct sockaddr *sa = (struct sockaddr *)&sin6; size_t sa_len; const char *netns; @@ -851,9 +852,9 @@ restconf_socket_init(const char *netns0, netns = NULL; else netns = netns0; - if (clixon_inet2sin(addrtype, addrstr, port, &sa, &sa_len) < 0) + if (clixon_inet2sin(addrtype, addrstr, port, sa, &sa_len) < 0) goto done; - if (clixon_netns_socket(netns, &sa, sa_len, backlog, flags, addrstr, ss) < 0) + if (clixon_netns_socket(netns, sa, sa_len, backlog, flags, addrstr, ss) < 0) goto done; clicon_debug(1, "%s ss=%d", __FUNCTION__, *ss); retval = 0; diff --git a/apps/restconf/restconf_main_native.c b/apps/restconf/restconf_main_native.c index d7fbcff5..5118b976 100644 --- a/apps/restconf/restconf_main_native.c +++ b/apps/restconf/restconf_main_native.c @@ -1060,7 +1060,8 @@ restconf_callhome_timer(int fd, struct timeval t; struct timeval t1 = {1, 0}; // XXX once every second restconf_socket *rs; - struct sockaddr sa = {0,}; + struct sockaddr_in6 sin6 = {0,}; // because its larger than sin and sa + struct sockaddr *sa = (struct sockaddr *)&sin6; size_t sa_len; int s; @@ -1071,14 +1072,14 @@ restconf_callhome_timer(int fd, goto done; } h = rs->rs_h; - if (clixon_inet2sin(rs->rs_addrtype, rs->rs_addrstr, rs->rs_port, &sa, &sa_len) < 0) + if (clixon_inet2sin(rs->rs_addrtype, rs->rs_addrstr, rs->rs_port, sa, &sa_len) < 0) goto done; - if ((s = socket(sa.sa_family, SOCK_STREAM, 0)) < 0) { + if ((s = socket(sa->sa_family, SOCK_STREAM, 0)) < 0) { clicon_err(OE_UNIX, errno, "socket"); goto done; } clicon_debug(1, "%s connect", __FUNCTION__); - if (connect(s, &sa, sa_len) < 0){ + if (connect(s, sa, sa_len) < 0){ close(s); /* Fail: Initiate new timer */ timeradd(&now, &t1, &t); diff --git a/docker/main/Dockerfile b/docker/main/Dockerfile index 07e9ecc3..41098693 100644 --- a/docker/main/Dockerfile +++ b/docker/main/Dockerfile @@ -135,7 +135,7 @@ RUN apk add --update sudo curl procps grep make bash expect RUN adduser -D -H clicon COPY --from=0 /clixon/build/ /usr/local/ -COPY --from=0 /usr/local/share/yang/* /usr/local/share/yang/standard/ +COPY --from=0 /usr/local/share/yang/ /usr/local/share/yang/ COPY --from=0 /usr/local/share/mib-yangs/* /usr/local/share/mib-yangs/ # Log to stderr. diff --git a/docker/main/Dockerfile.fcgi b/docker/main/Dockerfile.fcgi index 27f231cc..d0375926 100644 --- a/docker/main/Dockerfile.fcgi +++ b/docker/main/Dockerfile.fcgi @@ -158,7 +158,7 @@ RUN adduser nginx clicon RUN adduser www-data clicon COPY --from=0 /clixon/build/ /usr/local/ -COPY --from=0 /usr/local/share/yang/* /usr/local/share/yang/standard/ +COPY --from=0 /usr/local/share/yang/ /usr/local/share/yang/ COPY --from=0 /usr/local/share/mib-yangs/* /usr/local/share/mib-yangs/ COPY --from=0 /clixon/build/mibs/* /usr/share/snmp/mibs/ diff --git a/docker/main/Dockerfile.native b/docker/main/Dockerfile.native index e1cf1585..5e70a5d0 100644 --- a/docker/main/Dockerfile.native +++ b/docker/main/Dockerfile.native @@ -162,8 +162,7 @@ EXPOSE 443/tcp RUN adduser -D -H clicon COPY --from=0 /clixon/build/ /usr/local/ -COPY --from=0 /usr/local/share/yang/* /usr/local/share/yang/standard/ -COPY --from=0 /usr/local/share/yang/* /usr/local/share/yang/experimental/ +COPY --from=0 /usr/local/share/yang/ /usr/local/share/yang/ COPY --from=0 /usr/local/share/openconfig/* /usr/local/share/openconfig/ COPY --from=0 /usr/local/share/mib-yangs/* /usr/local/share/mib-yangs/ COPY --from=0 /clixon/build/mibs/* /usr/share/snmp/mibs/ diff --git a/lib/src/clixon_proto.c b/lib/src/clixon_proto.c index ac067301..d15fc198 100644 --- a/lib/src/clixon_proto.c +++ b/lib/src/clixon_proto.c @@ -819,9 +819,10 @@ detect_endtag(char *tag, * @param[out] sa sockaddr, should be allocated * @param[out] salen length of sockaddr data * @code - * struct sockaddr sa = {0,}; + * struct sockaddr_in6 sin6 = {0,}; // because its larger than sin and sa + * struct sockaddr *sa = &sin6; * size_t sa_len; - * if (clixon_inet2sin(inet:ipv4-address, "0.0.0.0", 80, &sa, &sa_len) < 0) + * if (clixon_inet2sin(inet:ipv4-address, "0.0.0.0", 80, sa, &sa_len) < 0) * err; * @endcode * Probably misplaced, need a clixon_network file? diff --git a/test/test_restconf_callhome.sh b/test/test_restconf_callhome.sh index 61d02d8e..6dce2257 100755 --- a/test/test_restconf_callhome.sh +++ b/test/test_restconf_callhome.sh @@ -8,6 +8,11 @@ s="$_" ; . ./lib.sh || if [ "$s" = $0 ]; then exit 0; else return 0; fi APPNAME=example +# Only works with native +if [ "${WITH_RESTCONF}" != "native" ]; then + if [ "$s" = $0 ]; then exit 0; else return 0; fi # skip +fi + : ${clixon_restconf_callhome_client:=clixon_restconf_callhome_client} cfg=$dir/conf_yang.xml diff --git a/util/clixon_netconf_ssh_callhome.c b/util/clixon_netconf_ssh_callhome.c index 7e1b478a..9dd0c2d4 100644 --- a/util/clixon_netconf_ssh_callhome.c +++ b/util/clixon_netconf_ssh_callhome.c @@ -108,24 +108,24 @@ callhome_connect(struct sockaddr *sa, /* @see clixon_inet2sin */ static int inet2sin(const char *addrtype, - const char *addrstr, - uint16_t port, - struct sockaddr *sa, - size_t *sa_len) + const char *addrstr, + uint16_t port, + struct sockaddr *sa, + size_t *sa_len) { struct sockaddr_in6 *sin6; struct sockaddr_in *sin; if (strcmp(addrtype, "inet:ipv6-address") == 0) { sin6 = (struct sockaddr_in6 *)sa; - *sa_len = sizeof(struct sockaddr_in6); + *sa_len = sizeof(struct sockaddr_in6); sin6->sin6_port = htons(port); sin6->sin6_family = AF_INET6; inet_pton(AF_INET6, addrstr, &sin6->sin6_addr); } else if (strcmp(addrtype, "inet:ipv4-address") == 0) { sin = (struct sockaddr_in *)sa; - *sa_len = sizeof(struct sockaddr_in); + *sa_len = sizeof(struct sockaddr_in); sin->sin_family = AF_INET; sin->sin_port = htons(port); sin->sin_addr.s_addr = inet_addr(addrstr); @@ -234,7 +234,7 @@ usage(char *argv0) "where options are\n" "\t-h \tHelp\n" "\t-D \tDebug\n" - "\t-f ipv4|ipv6 \tSocket address family(ipv4 default)\n" + "\t-f ipv4|ipv6 \tSocket address family(inet:ipv4-address default)\n" "\t-a \tIP address (eg 1.2.3.4) - mandatory\n" "\t-p \tPort (default 4334)\n" "\t-c \tClixon config file - (default /usr/local/etc/clixon.xml)\n" @@ -251,9 +251,10 @@ main(int argc, { int retval = -1; int c; - char *family = "ipv4"; + char *family = "inet:ipv4-address"; char *addr = NULL; - struct sockaddr sa = {0, }; + struct sockaddr_in6 sin6 = {0, }; + struct sockaddr *sa = (struct sockaddr *)&sin6; size_t sa_len; int dbg = 0; uint16_t port = NETCONF_CH_SSH; @@ -304,30 +305,9 @@ main(int argc, usage(argv[0]); goto done; } -#if 1 - if (inet2sin(family, addr, port, &sa, &sa_len) < 0) + if (inet2sin(family, addr, port, sa, &sa_len) < 0) goto done; -#else - if (strcmp(family, "ipv6") == 0){ - sin_len = sizeof(struct sockaddr_in6); - sin6.sin6_port = htons(port); - sin6.sin6_family = AF_INET6; - inet_pton(AF_INET6, addr, &sin6.sin6_addr); - sa = (struct sockaddr *)&sin6; - } - else if (strcmp(family, "ipv4") == 0){ - sin_len = sizeof(struct sockaddr_in); - sin.sin_family = AF_INET; - sin.sin_port = htons(port); - sin.sin_addr.s_addr = inet_addr(addr); - sa = (struct sockaddr *)&sin; - } - else{ - fprintf(stderr, "-f <%s> is invalid family\n", family); - goto done; - } -#endif - if (callhome_connect(&sa, sa_len, &s) < 0) + if (callhome_connect(sa, sa_len, &s) < 0) goto done; /* For some reason this sshd returns -1 which is unclear why */ if (ssh_server_exec(s, sshdbin, sshdconfigfile, clixonconfigfile, dbg) < 0) diff --git a/util/clixon_restconf_callhome_client.c b/util/clixon_restconf_callhome_client.c index c3cf14a9..a032273a 100644 --- a/util/clixon_restconf_callhome_client.c +++ b/util/clixon_restconf_callhome_client.c @@ -422,10 +422,11 @@ main(int argc, char *cert_path = NULL; char *key_path = NULL; FILE *fp = stdin; /* base file, stdin, can be overridden with -f */ + struct sockaddr_in6 sin6 = {0,}; // because its larger than sin and sa + struct sockaddr *sa = (struct sockaddr *)&sin6; size_t sa_len; char *addr = "127.0.0.1"; char *family = "inet:ipv4-address"; - struct sockaddr sa = {0,}; /* In the startup, logs to stderr & debug flag set later */ clicon_log_init(__FILE__, LOG_INFO, CLICON_LOG_STDERR); @@ -499,10 +500,10 @@ main(int argc, usage(argv[0]); goto done; } - if (clixon_inet2sin(family, addr, port, &sa, &sa_len) < 0) + if (clixon_inet2sin(family, addr, port, sa, &sa_len) < 0) goto done; /* Bind port */ - if (callhome_bind(&sa, sa_len, 1, &ss) < 0) + if (callhome_bind(sa, sa_len, 1, &ss) < 0) goto done; clicon_debug(1, "bind"); if ((ta = malloc(sizeof(*ta))) == NULL){