bin/58012: Multihomed tftpd enhancement
reinier at protocomix.nl
reinier at protocomix.nl
Tue Oct 14 07:50:29 PDT 2003
>Number: 58012
>Category: bin
>Synopsis: Multihomed tftpd enhancement
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: update
>Submitter-Id: current-users
>Arrival-Date: Tue Oct 14 07:50:20 PDT 2003
>Closed-Date:
>Last-Modified:
>Originator: Reinier Kleipool
>Release: FreeBSD 4.7-RELEASE i386
>Organization:
Protocomix
>Environment:
System: FreeBSD titan.kleipool.org 4.7-RELEASE FreeBSD 4.7-RELEASE #1: Sat Dec 28 13:19:57 CET 2002 reinierk at mail.uitwisseling.nl:/usr/src/sys/compile/OPTIPLEX i386
>Description:
tftpd confuses clients on multihomed hosts:
When the tftpd receives a connection from the client it answers on a new
connection. This connection is bound to INADDR_ANY. On a multihomed host
the routing may select another interface closer to the client as its source
IP address. This confuses the client (they are trivial afterall!) because
it may think the reply is coming from another host.
This enhancement extracts the original destination IP address on a multihomed
host from the first arriving packet, and uses that as the ip address to bind
the new connection to.
>How-To-Repeat:
Connect from a tftp client to the IP address of an interface on the server
host that is not the closest one to the client. The return connection will
have the IP address of the closer interface.
You can watch this with tcpdump.
>Fix:
Patch /usr/src/libexec/tftpd.c with this diff -u: (diff.out.gz.uue)
begin 644 diff.out.gz
M'XL("!\'C#\``V1I9F8N;W5T`(57ZV_B1A#_[/P5HYPN at N`0'@E'DA(EUW`I
MNEQ`A.NIK2K+V$M8Q?:ZWC6/5O>_=V9W[7`$V@^097;>C]]L3DY.0,U4&M:#
MNLCXLS/)&0P#!<TS:+8NV]W+Q at 6T&HWV0:U6*SA_8.I<MEJ7S8YANKF!D_,/
M;@=J^/T!;FX.X!U/@B@/&?PDU_)4*E_5Y]=OR")X8;LNU#IEDNBU'^DY%YI[
MDS]ABN/GE"=;BOPL]4_)=Z*3B]TVN=@]LR[R1#DI8]F5.69L%:N%'T$/)H,O
M_>'7B;V(_97B,1.YPJOSX_*R1I<R"]Q0JBOM4\AFZ(HS^CQY&OS>=Y[Z]_2W
M=G8`P=S/G&D^^\/>_7FE/;IHD$<7+;?5UBY)E>4!*L6\^&&8>5*)S']F,,M$
M;+VA8\02,E@[/88GIO(4?(CE\SS,K((\0Q&1P8QG4J%4(&*>/$/J4[H/:G`,
M4L"20>`GP%8J\[&H:LX at 9!)SZ2LN$B#[3$H0,[K20D:=T5+7E&\,$L9"Y.`2
M?&3.T07\"MBK?`)Q'BD^%S$RSH544HO>1NB#9*A`*"9ARB*QI(O3 at YH)`AP;
MDS;K&;-7Q:W#Q8(%@"GU\.\58"H,A>)&ZJ8BB-=>8)7]@S:(^3;T4V4BQ0B+
MVR57<\B$B+4:'U/G41P4FLZ/KS#3+)ZR3.MWG-S#F@!H!1Z5Q4'=FFVZ5IA@
MD2?*!=.25`(R8B2-7"FY8)&6I6G4):!Z94*)0$2[)&A"M$#!=")3%O`9#X"N
MK(A-0!&&$EID at J'PM*R0+EZ,)^JT)88J&5I2 at E1\QQ`2E8G(LPRV[3,6+#QJ
MEUY3YY[2)9FBQA6I at L'(&_=__O7N:7)[=S?6SAS`0O#0H7D$SQM5*M8W(NBL
M4)I4M7I%4X#Q!YH?\B3VTY2%VO]-N7)&>-*!8RVG1ZKYH4LSU;PHD`BSL):1
M>*X\#.^]_GCLPB$7 at 8HJGP;#QX^#8?42WL>').\X;,55I:G/WPE[9CC1\#1X
MO'_H>[\,O_3O\,(.(&*!Y'\S;)X*4;0,$2DS1*@T7.I#M^3"'U47&B[R416W
MX\`8CDC.A2-KH6HPHMD]IX!:C7.WW=D746%U?RPLDCC%5/Y1)J81BTVS;\RF
M+HUDV8)E\A)9:;[G&"AU?A!Q:@KLC!`''8/\*\?B8Y,`0LA&+VFTP':B.7<-
M<)`>HQ5YY1*5D]B&4@(;A)$EV'4``ZO$_`8\37&.T$%AM`T>J:N\V\??D,\W
M#F8(SS0SL;]&:Q'#S))GB6+9S`_(ED`G?K1LM"TI1N,9*JCC=*!![/I9+ID9
M^T.5\07WHT,KAQXJB(1XD1#Q%QNB=H*ET1JTN`9<J at BJ%GB7Z934#2\.8,9P
M9!B!<)QC(O>A\'9J69EZK;M,L('FXLY@)5HF9,;H,!(+T<7("YARG5&+VD9+
M)`+<?P633HP.B?)B.,:,)QR#^1PQG at J$)DNXL3`4\U4]B?2KH-EHMK40(=$F
MAM<)OQ(_9KTCL]?V7.,(](KA>3OT59*S\%]'Z/>FOF0])&S37]7H$=QI#OEZ
M1\4NV<-`>IH[+RU$]H[>8N5>Y at VOMJ1`N\@IZ!)0"4P&H]%X.!EZ at Y&[A:\(
M&24>%WA3*2G5*OP$#:C2ZMN!''M1NX"2V@:4U`A*2IC#<,BQH\T87?CR=.]]
MNQU,;A\>RD at 2<F&?!U;57GOO$'3X#&'L])BP\Q@>Q9(&7]'TS/T%S82O.[W<
M8O16L_/R]6YDI`R:N"2$H_>BIX,,U0'G,9>T?I@*$16C")YQ/C`<C;\MLU#:
MK>[K0D'H#.90B5E=2F_FQSQ:4W1X%6`7PNTG;_#8GUP2P=FUL0CL8U8]N9:X
MFE.1T<NRH4/_?W:BU:59Z+WM]5Q7PM[I'>!,,34O5]N.=?9[UMFTU=GPC5+1
M;N at 7=/O\S&VV]ZTB`I:]:\C13Z^0$[@AU*#D,P$EUJIX-F)5=CQ#$8D1Q$*L
MD<%OD20(\<2 at X05?X+U$B7FT/4RO^=#=A*]URP?[\JR7^=M,D[A]W\/'RJJ*
M\OAU!(W5;%8ES=MI&+.`\06Z7/2D!NSW45[?^-#NVR(=ND"HB4;0V>OKUAD^
M&NRYV7D]=XMCM>3'))3\^FSY];E;'*N@:T%3:;-8H7^"W/]XD-`W-3J]28I!
1WE5YJV]7\?\%0G+T'W$.````
`
end
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list