Enhanced checks on incoming queries, check user exists and is active

This commit is contained in:
Erik Ekman 2009-01-10 20:23:50 +00:00
parent db13d81caf
commit d7f07d2f1f
2 changed files with 25 additions and 19 deletions

View file

@ -24,6 +24,7 @@ CHANGES:
This fixes #27. This fixes #27.
- Downstream data is now fragmented, and the fragment size is auto- - Downstream data is now fragmented, and the fragment size is auto-
probed after login. Fixes #7. It only took a few years :) probed after login. Fixes #7. It only took a few years :)
- Enhanced the checks that validates incoming packets
2008-08-06: 0.4.2 "Opened Zone" 2008-08-06: 0.4.2 "Opened Zone"
- Applied a few small patches from Maxim Bourmistrov and Gregor Herrmann - Applied a few small patches from Maxim Bourmistrov and Gregor Herrmann

View file

@ -82,10 +82,22 @@ sigint(int sig)
} }
static int static int
ip_cmp(int userid, struct query *q) check_user_and_ip(int userid, struct query *q)
{ {
struct sockaddr_in *tempin; struct sockaddr_in *tempin;
if (userid < 0 || userid >= created_users ) {
return 1;
}
if (!users[userid].active) {
return 1;
}
/* return early if IP checking is disabled */
if (!check_ip) {
return 0;
}
tempin = (struct sockaddr_in *) &(q->from); tempin = (struct sockaddr_in *) &(q->from);
return memcmp(&(users[userid].host), &(tempin->sin_addr), sizeof(struct in_addr)); return memcmp(&(users[userid].host), &(tempin->sin_addr), sizeof(struct in_addr));
} }
@ -307,16 +319,14 @@ handle_null_request(int tun_fd, int dns_fd, struct query *q, int domain_len)
read = unpack_data(unpacked, sizeof(unpacked), &(in[1]), domain_len - 1, b32); read = unpack_data(unpacked, sizeof(unpacked), &(in[1]), domain_len - 1, b32);
/* Login phase, handle auth */ /* Login phase, handle auth */
userid = unpacked[0]; userid = unpacked[0];
if (userid < 0 || userid >= USERS) {
write_dns(dns_fd, q, "BADIP", 5);
return; /* illegal id */
}
users[userid].last_pkt = time(NULL);
login_calculate(logindata, 16, password, users[userid].seed);
if (check_ip && ip_cmp(userid, q) != 0) { if (check_user_and_ip(userid, q) != 0) {
write_dns(dns_fd, q, "BADIP", 5); write_dns(dns_fd, q, "BADIP", 5);
return;
} else { } else {
users[userid].last_pkt = time(NULL);
login_calculate(logindata, 16, password, users[userid].seed);
if (read >= 18 && (memcmp(logindata, unpacked+1, 16) == 0)) { if (read >= 18 && (memcmp(logindata, unpacked+1, 16) == 0)) {
/* Login ok, send ip/mtu/netmask info */ /* Login ok, send ip/mtu/netmask info */
@ -354,7 +364,7 @@ handle_null_request(int tun_fd, int dns_fd, struct query *q, int domain_len)
userid = b32_8to5(in[1]); userid = b32_8to5(in[1]);
if (ip_cmp(userid, q) != 0) { if (check_user_and_ip(userid, q) != 0) {
write_dns(dns_fd, q, "BADIP", 5); write_dns(dns_fd, q, "BADIP", 5);
return; /* illegal id */ return; /* illegal id */
} }
@ -382,7 +392,7 @@ handle_null_request(int tun_fd, int dns_fd, struct query *q, int domain_len)
/* Downstream fragsize probe packet */ /* Downstream fragsize probe packet */
userid = (b32_8to5(in[1]) >> 1) & 15; userid = (b32_8to5(in[1]) >> 1) & 15;
if (userid < 0 || userid >= USERS || ip_cmp(userid, q) != 0) { if (check_user_and_ip(userid, q) != 0) {
write_dns(dns_fd, q, "BADIP", 5); write_dns(dns_fd, q, "BADIP", 5);
return; /* illegal id */ return; /* illegal id */
} }
@ -405,7 +415,7 @@ handle_null_request(int tun_fd, int dns_fd, struct query *q, int domain_len)
read = unpack_data(unpacked, sizeof(unpacked), &(in[1]), domain_len - 1, b32); read = unpack_data(unpacked, sizeof(unpacked), &(in[1]), domain_len - 1, b32);
/* Downstream fragsize packet */ /* Downstream fragsize packet */
userid = unpacked[0]; userid = unpacked[0];
if (userid < 0 || userid >= USERS || ip_cmp(userid, q) != 0) { if (check_user_and_ip(userid, q) != 0) {
write_dns(dns_fd, q, "BADIP", 5); write_dns(dns_fd, q, "BADIP", 5);
return; /* illegal id */ return; /* illegal id */
} }
@ -425,7 +435,7 @@ handle_null_request(int tun_fd, int dns_fd, struct query *q, int domain_len)
read = unpack_data(unpacked, sizeof(unpacked), &(in[1]), domain_len - 1, b32); read = unpack_data(unpacked, sizeof(unpacked), &(in[1]), domain_len - 1, b32);
/* Ping packet, store userid */ /* Ping packet, store userid */
userid = unpacked[0]; userid = unpacked[0];
if (userid < 0 || userid >= USERS || ip_cmp(userid, q) != 0) { if (check_user_and_ip(userid, q) != 0) {
write_dns(dns_fd, q, "BADIP", 5); write_dns(dns_fd, q, "BADIP", 5);
return; /* illegal id */ return; /* illegal id */
} }
@ -457,13 +467,8 @@ handle_null_request(int tun_fd, int dns_fd, struct query *q, int domain_len)
code = in[0] - 'A' + 10; code = in[0] - 'A' + 10;
userid = code; userid = code;
if (userid < 0 || userid >= USERS) { /* Check user and sending ip number */
write_dns(dns_fd, q, "BADIP", 5); if (check_user_and_ip(userid, q) != 0) {
return; /* illegal id */
}
/* Check sending ip number */
if (check_ip && ip_cmp(userid, q) != 0) {
write_dns(dns_fd, q, "BADIP", 5); write_dns(dns_fd, q, "BADIP", 5);
} else { } else {
/* Decode data header */ /* Decode data header */