Re: DeleteConn can delete the wrong connection in cfservd...

bug-cfengine

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: DeleteConn can delete the wrong connection in cfservd...

From:	Phil D Amore
Subject:	Re: DeleteConn can delete the wrong connection in cfservd...
Date:	Wed, 3 Apr 2002 10:06:00 -0500 (EST)

I originally thought this, however DeleteItemMatching uses a regex, and I 
was afraid that the dots in the IP address would be treated as wildcards 
and cause a similar (albeit more obscure) problem.  That is why I 
concluded that only a true match would suffice to make sure this problem 
never happened.

On Tue, 2 Apr 2002 address@hidden wrote:

> 
> It should be sufficient to replace 
> 
> DeleteItemStarting(&CONNECTIONLIST,conn->ipaddr); 
> 
> with
> 
> DeleteItemMatching
> 
> This will be in 2.0.1 shortly...
> 
> Mark
> 
> On 31 Mar, Phil D Amore wrote:
> > It appears that it is possible for the DeleteConn function in cfservd to 
> > remove the wrong IP address from its connection list if two hosts with 
> > similar IPs connect at the same time.  For example, given the two 
> > addresses:
> > 
> > 172.16.52.3
> > 172.16.52.36
> > 
> > I found that this line in the DeleteConn fucntion in cfservd.c:
> > 
> > DeleteItemStarting(&CONNECTIONLIST,conn->ipaddr); 
> > 
> > when called with the first IP would incorrectly match and delete the 2nd
> > IP if they were both connected at the same time, locking out the first IP
> > because of repeated connections.
> > 
> > I noticed this in 2.0.a14, but the code appears unchanged in 2.0.0.  
> > Attached is my current patch for the issue in 2.0.a14.  From what I can
> > tell, to work in 2.0.0, the line in the patch:
> > 
> > -DeleteItemStarting(&CONNECTIONLIST,conn->ipaddr); 
> > 
> > needs to say:
> > 
> > -DeleteItemStarting(&CONNECTIONLIST,MapAddress(conn->ipaddr)); 
> > 
> > But I have not really tested 2.0.0 here yet, so I cannot say for sure if
> > things will run properly this way.  Basically what I did was create a new 
> > function, DeleteItemExact that used strcmp instead of strncmp to make sure 
> > the entire string passed in matches the entire string in the list.  I then 
> > replace the DeleteItemStarting call in DeleteConn with this new function.
> > 
> > 
> 
> 
> 
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> Work: +47 22453272            Email:  address@hidden
> Fax : +47 22453205            WWW  :  http://www.iu.hio.no/~mark
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> 
> 

-- 
Phil D'Amore                             The path of least resistance
Senior System Administrator              is the path you never wasted
Red Hat, Inc                             your energy taking.
919.754.3700 x44395

[Prev in Thread]

Current Thread

[Next in Thread]

Re: DeleteConn can delete the wrong connection in cfservd..., Mark . Burgess, 2002/04/02
- Re: DeleteConn can delete the wrong connection in cfservd..., Phil D Amore <=

Prev by Date: Re: Owner/permission for ~.cfengine for non-root users
Next by Date: New Website
Previous by thread: Re: DeleteConn can delete the wrong connection in cfservd...
Next by thread: [�� ]�� (?)
Index(es):
- Date
- Thread