*** empty log message ***

14 years ago · 69f6ea9303
parent 96adbfa1c4
commit 69f6ea9303
2 changed files with 35 additions and 3 deletions
--- a/6
+++ b/6
@ -1,5 +1,11 @@
 Revision history for libev, a high-performance and full-featured event loop.

+        - actually verify that local and remote port are matching in
+          libev's socketpair emulation, which makes denial-of-service
+          attacks harder (but not impossible - it's windows). Make sure
+          it even works under vista, which thinks that getpeername should
+          return some fantasy port number.
+
 3.51 Wed Dec 24 23:00:11 CET 2008
        - fix a bug where an inotify watcher was added twice, causing
          freezes on hash collisions (reported and analysed by Graham Leggett).
--- a/ev_win32.c
+++ b/ev_win32.c
@ -54,6 +54,8 @@ ev_pipe (int filedes [2])
 {
  struct sockaddr_in addr = { 0 };
  int addr_size = sizeof (addr);
+  struct sockaddr_in adr2;
+  int adr2_size;
  SOCKET listener;
  SOCKET sock [2] = { -1, -1 };

@ -67,7 +69,7 @@ ev_pipe (int filedes [2])
  if (bind (listener, (struct sockaddr *)&addr, addr_size))
    goto fail;

-  if (getsockname(listener, (struct sockaddr *)&addr, &addr_size))
+  if (getsockname (listener, (struct sockaddr *)&addr, &addr_size))
    goto fail;

  if (listen (listener, 1))
@ -76,10 +78,34 @@ ev_pipe (int filedes [2])
  if ((sock [0] = socket (AF_INET, SOCK_STREAM, 0)) == INVALID_SOCKET) 
    goto fail;

-  if (connect (sock[0], (struct sockaddr *)&addr, addr_size))
+  if (connect (sock [0], (struct sockaddr *)&addr, addr_size))
    goto fail;

-  if ((sock[1] = accept (listener, 0, 0)) < 0)
+  if ((sock [1] = accept (listener, 0, 0)) < 0)
+    goto fail;
+
+  /* windows vista returns fantasy port numbers for getpeername.
+   * example for two interconnected tcp sockets:
+   *
+   * (Socket::unpack_sockaddr_in getsockname $sock0)[0] == 53364
+   * (Socket::unpack_sockaddr_in getpeername $sock0)[0] == 53363
+   * (Socket::unpack_sockaddr_in getsockname $sock1)[0] == 53363
+   * (Socket::unpack_sockaddr_in getpeername $sock1)[0] == 53365
+   *
+   * wow! tridirectional sockets!
+   *
+   * this way of checking ports seems to work:
+   */
+  if (getpeername (sock [0], (struct sockaddr *)&addr, &addr_size))
+    goto fail;
+
+  if (getsockname (sock [1], (struct sockaddr *)&adr2, &adr2_size))
+    goto fail;
+
+  errno = WSAEINVAL;
+  if (addr_size != adr2_size
+      || addr.sin_addr.s_addr != adr2.sin_addr.s_addr /* just to be sure, I mean, it's windows */
+      || addr.sin_port        != adr2.sin_port)
    goto fail;

  closesocket (listener);