lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date:	Mon, 07 Apr 2008 16:11:44 +0400
From:	Dmitry Butskoy <buc@...sz.so-cdu.ru>
To:	netdev@...r.kernel.org
Subject: [PATCH] for reopen bug #8747 -- complete the fix

There was a bug #8747, http://bugzilla.kernel.org/show_bug.cgi?id=8747,

"MSG_ERRQUEUE messages do not pass to connected raw sockets",

which still is not fixed, due to absence of proper tests.


I've made an additional patch (attached), against the 2.6.24.4 tree. The 
patch fixes the issue completely for me. Tested.

Sorry that I have not checked up the previous attempt in real tests. I
assumed that the "typo" which I had found at that time (saddr/daddr
swapped) is just "a typo", and things "obviously" should work then...
Unfortunately, it seems that I am a first person who actually use
MSG_ERRQUEUE on connected ipv6 raw sockets. It is a reason why all the 
last years nobody reported this bug.

Note, that "connected raw sockets" is a good feature for new
traceroute(8) implementation for Linux 
(http://traceroute.sourceforge.net), included now into Fedora and other 
distros. This feature allows to filter all alien packets from the 
socket's input. Without this, the program will receive all the incoming 
raw packets (for the "icmp" and "tcp" tracerouting methods, which use 
raw sockets).

Because of that wrong assumption, I've implemented a check, whether the 
kernel version is more than 2.6.22.2, and if so, allow raw ipv6 sockets 
to connect. But since 2.6.22.2, the issue still not fixed, and now any 
combination of "traceroute >= 2.0.8" and "kernel >= 2.6.22.2" leads to 
impossibility to do "icmp" and "tcp" tracerouting for IPv6. :(

Now I have to ship an update for traceroute. If the bug can be fixed in 
the nearest future (note the patch is too simple), I'll just change the 
version to check. If not, I'll be compelled to drop the raw sockets 
connection for a while.


Regards,
Dmitry Butskoy
http://www.fedoraproject.org/wiki/DmitryButskoy
An upstream maintainer of http://traceroute.sourceforge.net


View attachment "ipv6-raw_socket_msg_errqueue.patch" of type "text/x-diff" (517 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ