Date: Tue, 14 Oct 2003 16:41:08 +0200 (CEST) From: reinier@protocomix.nl To: FreeBSD-gnats-submit@FreeBSD.org Cc: reinier@protocomix.nl Subject: bin/58012: Multihomed tftpd enhancement Message-ID: <200310141441.h9EEf8NP006731@titan.kleipool.org> Resent-Message-ID: <200310141450.h9EEoNKO038330@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 58012
>Category: bin
>Synopsis: Multihomed tftpd enhancement
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: update
>Submitter-Id: current-users
>Arrival-Date: Tue Oct 14 07:50:20 PDT 2003
>Closed-Date:
>Last-Modified:
>Originator: Reinier Kleipool
>Release: FreeBSD 4.7-RELEASE i386
>Organization:
Protocomix
>Environment:
System: FreeBSD titan.kleipool.org 4.7-RELEASE FreeBSD 4.7-RELEASE #1: Sat Dec 28 13:19:57 CET 2002 reinierk@mail.uitwisseling.nl:/usr/src/sys/compile/OPTIPLEX i386
>Description:
tftpd confuses clients on multihomed hosts:
When the tftpd receives a connection from the client it answers on a new
connection. This connection is bound to INADDR_ANY. On a multihomed host
the routing may select another interface closer to the client as its source
IP address. This confuses the client (they are trivial afterall!) because
it may think the reply is coming from another host.
This enhancement extracts the original destination IP address on a multihomed
host from the first arriving packet, and uses that as the ip address to bind
the new connection to.
>How-To-Repeat:
Connect from a tftp client to the IP address of an interface on the server
host that is not the closest one to the client. The return connection will
have the IP address of the closer interface.
You can watch this with tcpdump.
>Fix:
Patch /usr/src/libexec/tftpd.c with this diff -u: (diff.out.gz.uue)
begin 644 diff.out.gz
M'XL("!\'C#\``V1I9F8N;W5T`(57ZV_B1A#_[/P5HYPN@N`0'@E'DA(EUW`I
MNEQ`A.NIK2K+V$M8Q?:ZWC6/5O>_=V9W[7`$V@^097;>C]]L3DY.0,U4&M:#
MNLCXLS/)&0P#!<TS:+8NV]W+Q@6T&HWV0:U6*SA_8.I<MEJ7S8YANKF!D_,/
M;@=J^/T!;FX.X!U/@B@/&?PDU_)4*E_5Y]=OR")X8;LNU#IEDNBU'^DY%YI[
MDS]ABN/GE"=;BOPL]4_)=Z*3B]TVN=@]LR[R1#DI8]F5.69L%:N%'T$/)H,O
M_>'7B;V(_97B,1.YPJOSX_*R1I<R"]Q0JBOM4\AFZ(HS^CQY&OS>=Y[Z]_2W
M=G8`P=S/G&D^^\/>_7FE/;IHD$<7+;?5UBY)E>4!*L6\^&&8>5*)S']F,,M$
M;+VA8\02,E@[/88GIO(4?(CE\SS,K((\0Q&1P8QG4J%4(&*>/$/J4[H/:G`,
M4L"20>`GP%8J\[&H:LX@9!)SZ2LN$B#[3$H0,[K20D:=T5+7E&\,$L9"Y.`2
M?&3.T07\"MBK?`)Q'BD^%S$RSH544HO>1NB#9*A`*"9ARB*QI(O3@YH)`AP;
MDS;K&;-7Q:W#Q8(%@"GU\.\58"H,A>)&ZJ8BB-=>8)7]@S:(^3;T4V4BQ0B+
MVR57<\B$B+4:'U/G41P4FLZ/KS#3+)ZR3.MWG-S#F@!H!1Z5Q4'=FFVZ5IA@
MD2?*!=.25`(R8B2-7"FY8)&6I6G4):!Z94*)0$2[)&A"M$#!=")3%O`9#X"N
MK(A-0!&&$EID@J'PM*R0+EZ,)^JT)88J&5I2@E1\QQ`2E8G(LPRV[3,6+#QJ
MEUY3YY[2)9FBQA6I@L'(&_=__O7N:7)[=S?6SAS`0O#0H7D$SQM5*M8W(NBL
M4)I4M7I%4X#Q!YH?\B3VTY2%VO]-N7)&>-*!8RVG1ZKYH4LSU;PHD`BSL):1
M>*X\#.^]_GCLPB$7@8HJGP;#QX^#8?42WL>').\X;,55I:G/WPE[9CC1\#1X
MO'_H>[\,O_3O\,(.(&*!Y'\S;)X*4;0,$2DS1*@T7.I#M^3"'U47&B[R416W
MX\`8CDC.A2-KH6HPHMD]IX!:C7.WW=D746%U?RPLDCC%5/Y1)J81BTVS;\RF
M+HUDV8)E\A)9:;[G&"AU?A!Q:@KLC!`''8/\*\?B8Y,`0LA&+VFTP':B.7<-
M<)`>HQ5YY1*5D]B&4@(;A)$EV'4``ZO$_`8\37&.T$%AM`T>J:N\V\??D,\W
M#F8(SS0SL;]&:Q'#S))GB6+9S`_(ED`G?K1LM"TI1N,9*JCC=*!![/I9+ID9
M^T.5\07WHT,KAQXJB(1XD1#Q%QNB=H*ET1JTN`9<J@BJ%GB7Z934#2\.8,9P
M9!B!<)QC(O>A\'9J69EZK;M,L('FXLY@)5HF9,;H,!(+T<7("YARG5&+VD9+
M)`+<?P633HP.B?)B.,:,)QR#^1PQG@J$)DNXL3`4\U4]B?2KH-EHMK40(=$F
MAM<)OQ(_9KTCL]?V7.,(](KA>3OT59*S\%]'Z/>FOF0])&S37]7H$=QI#OEZ
M1\4NV<-`>IH[+RU$]H[>8N5>Y@VOMJ1`N\@IZ!)0"4P&H]%X.!EZ@Y&[A:\(
M&24>%WA3*2G5*OP$#:C2ZMN!''M1NX"2V@:4U`A*2IC#<,BQH\T87?CR=.]]
MNQU,;A\>RD@2<F&?!U;57GOO$'3X#&'L])BP\Q@>Q9(&7]'TS/T%S82O.[W<
M8O16L_/R]6YDI`R:N"2$H_>BIX,,U0'G,9>T?I@*$16C")YQ/C`<C;\MLU#:
MK>[K0D'H#.90B5E=2F_FQSQ:4W1X%6`7PNTG;_#8GUP2P=FUL0CL8U8]N9:X
MFE.1T<NRH4/_?W:BU:59Z+WM]5Q7PM[I'>!,,34O5]N.=?9[UMFTU=GPC5+1
M;N@7=/O\S&VV]ZTB`I:]:\C13Z^0$[@AU*#D,P$EUJIX-F)5=CQ#$8D1Q$*L
MD<%OD20(\<2@X05?X+U$B7FT/4RO^=#=A*]URP?[\JR7^=M,D[A]W\/'RJJ*
M\OAU!(W5;%8ES=MI&+.`\06Z7/2D!NSW45[?^-#NVR(=ND"HB4;0V>OKUAD^
M&NRYV7D]=XMCM>3'))3\^FSY];E;'*N@:T%3:;-8H7^"W/]XD-`W-3J]28I!
1WE5YJV]7\?\%0G+T'W$.````
`
end
>Release-Note:
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200310141441.h9EEf8NP006731>