From nobody Mon Aug 19 04:02:29 2024 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WnJpG00GLz5Tv0n; Mon, 19 Aug 2024 04:02:30 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WnJpF6hmvz4s2R; Mon, 19 Aug 2024 04:02:29 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724040149; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=uP8SQlaSQSE1ScKuxzlgcwd0OOSKgScF/Fk/5vezJbU=; b=vKoNeooujI110nOVIWyy5ttQR9T3zUrito0uySxxX+a62Sb0wl8VILbjTWzzvrf+fNfGfM IL5s0Tw0z8b1nSnWNvTJALIiG26OcLIWIoubzhH/09eyc0axIhhHLL80IC2d8AOxmNrsIF RFoGSE3rFgWYPe163WyiXS6ORrgrN+Vd5Wxpyx1KhuN0CMhAECscbCNctKdhPytvLJ+br1 PFYw6UFDhwly9h+pPEYEUrSt9pjfTjlkIX9HViBynepzKNoJus8Zg9EZzeSGJEYsy5iYXj O7GJfa0Qfnqk5WwzLXtuNT2K7oCQ4uS+1m/ZrgcT9/sEXF+wtb0olYtsf1rYDQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724040149; a=rsa-sha256; cv=none; b=sg2sSUuPu3I3LzSNMIN5lqYhYGM3wKf3Q8FClTqCzy3194A3v4+vY1O5Q1bkVQu+ZWK+7p bV81ynVBVp7oScBop+v7M1qsRkD29g0+fC5a1C6J9LtoDbq8o9Yec2hKZbB2BwjS12AcgJ OVrbbDi8+ScVoJhNfNFkrcfjv16Gj16UfKfjo9oqrCr3b8/my31POJfKcj2t0atLR5iOrw CTWXnbjOPgW+Ar2CHvqlkROLNwdpWJiHo1FJsaxSNd6XxymTSzPa+jh3PSwCOi4q33RnH8 ditX4iQVN/Lm1RIpgCscXG9Ds822IL47p2XumY6JI32jAmk7IVKjAlMrG5Iq1Q== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724040149; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=uP8SQlaSQSE1ScKuxzlgcwd0OOSKgScF/Fk/5vezJbU=; b=md3BxInPD0cQh2vSt6YNxI2S3SNVqXnukE4nwFqkd7Wj7bpsWiz6zDvGBZ3bEQ+SZMeKFS SxDrSoZmrmjZXI2myMG72510gXSLIi5Nyg5TpOW00XrqM63YEder9lC8VJXfkNTz95ZhxX rGmF0XFsNlMzFaFxp6Ui/igXQyHYn/QKOrnydxZEOx8nDBZe3BAI/o3YBJupUPqcSNQze0 wGshU22JA9DymwfCX+Rb6yY55gWKWT8gOfnmr18aEb9BvLWrcWz/y4SPKFdc2Uwkv5Uq78 E/PgOlJ++mEl0z+/+mVSoKd2ylmdULuw43iWHpElPKq8bCQdVSX5qH9WfuHmJA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WnJpF6JLcz11cl; Mon, 19 Aug 2024 04:02:29 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47J42TDm028369; Mon, 19 Aug 2024 04:02:29 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47J42TTP028366; Mon, 19 Aug 2024 04:02:29 GMT (envelope-from git) Date: Mon, 19 Aug 2024 04:02:29 GMT Message-Id: <202408190402.47J42TTP028366@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Eugene Grosbein Subject: git: 8132e959099f - main - libalias: fix subtle racy problem in outside-inside forwarding List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: eugen X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 8132e959099f0c533f698d8fbc17386f9144432f Auto-Submitted: auto-generated The branch main has been updated by eugen: URL: https://cgit.FreeBSD.org/src/commit/?id=8132e959099f0c533f698d8fbc17386f9144432f commit 8132e959099f0c533f698d8fbc17386f9144432f Author: Eugene Grosbein AuthorDate: 2024-08-19 03:34:37 +0000 Commit: Eugene Grosbein CommitDate: 2024-08-19 03:34:37 +0000 libalias: fix subtle racy problem in outside-inside forwarding sys/netinet/libalias/alias_db.c has internal static function UseLink() that passes a link to CleanupLink() to verify if the link has expired. If so, UseLink() may return NULL. _FindLinkIn()'s usage of UseLink() is not quite correct. Assume there is "redirect_port udp" configured to forward incoming traffic for specific port to some internal address. Such a rule creates partially specified permanent link. After first such packet libalias creates new fully specifiled temporary LINK_UDP with default timeout 60 seconds. Also, in case of low traffic libalias may assign "timestamp" for this new temporary link way in the past because LibAliasTime is updated seldom and can keep old value for tens of seconds, and it will be used for the temporary link. It may happen that next incoming packet for redirected port passed to _FindLinkIn() results in a call to UseLink() that returns NULL due to detected expiration. Immediate return of NULL results in broken translation: either a packet is dropped (deny_incoming mode) or delivered to original destination address instead of internal one. Fix it with additional check for NULL to proceed with a search for original partially specified link. In case of UDP, it also recreates temporary fully specified link with a call to ReLink(). Practical examples are "redirect_port udp" rules for unidirectional SYSLOG protocol (port 514) or some low volume VPN encapsulated in UDP. Thanks to Peter Much for initial analysis and first version of a patch. Reported by: Peter Much PR: 269770 MFC after: 1 week --- sys/netinet/libalias/alias_db.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/sys/netinet/libalias/alias_db.c b/sys/netinet/libalias/alias_db.c index 167201fa1b8f..d516b6cda96c 100644 --- a/sys/netinet/libalias/alias_db.c +++ b/sys/netinet/libalias/alias_db.c @@ -868,8 +868,15 @@ _FindLinkIn(struct libalias *la, struct in_addr dst_addr, case 0: LIST_FOREACH(lnk, &grp->full, all.in) { if (lnk->dst_addr.s_addr == dst_addr.s_addr && - lnk->dst_port == dst_port) - return (UseLink(la, lnk)); + lnk->dst_port == dst_port) { + struct alias_link *found; + + found = UseLink(la, lnk); + if (found != NULL) + return (found); + /* link expired */ + break; + } } break; case LINK_UNKNOWN_DEST_PORT: