Bug 29026

Summary: traceroute -s option allows any IP address
Product: Base System Reporter: Pierre Beyssac <pb>
Component: binAssignee: Pierre Beyssac <pb>
Status: Closed FIXED    
Severity: Affects Only Me    
Priority: Normal    
Version: Unspecified   
Hardware: Any   
OS: Any   

Description Pierre Beyssac 2001-07-16 18:40:00 UTC 

    


    


      



        
          Comment 1
        

        
          Pierre Beyssac

        

        
        

        
          2001-08-13 20:45:26 UTC
        

      






----- Forwarded message from Pierre Beyssac <pb@fasterix.freenix.org> -----

Date: Mon, 16 Jul 2001 21:06:37 +0200
From: Pierre Beyssac <pb@fasterix.freenix.org>
To: freebsd-net@FreeBSD.ORG
Cc: traceroute@ee.lbl.gov
Subject: fix for traceroute (bin/29026)

Could anyone check this fix for PR bin/29026 (traceroute -s option)?

It just reenables the bind(2) call checking for the source address
correctness, and moves the IP_HDRINCL after that (once IP_HDRINCL
is enabled on the socket, bind doesn't check this anymore).

It seems to work on my (very outdated) current as well as -stable,
but I'm not able to check it on a recent -current, and although I
have tested it with and without -s I may have missed some side
effects with weird options combinations.

If someone can confirm that this works, I can commit it.

Index: traceroute.c
===================================================================
RCS file: /home/ncvs/src/contrib/traceroute/traceroute.c,v
retrieving revision 1.18
diff -u -r1.18 traceroute.c
--- traceroute.c	2001/06/06 16:12:59	1.18
+++ traceroute.c	2001/07/16 18:53:44
@@ -727,13 +727,6 @@
 		exit(1);
 	}
 #endif
-#ifdef IP_HDRINCL
-	if (setsockopt(sndsock, IPPROTO_IP, IP_HDRINCL, (char *)&on,
-	    sizeof(on)) < 0) {
-		Fprintf(stderr, "%s: IP_HDRINCL: %s\n", prog, strerror(errno));
-		exit(1);
-	}
-#endif
 	if (options & SO_DEBUG)
 		(void)setsockopt(sndsock, SOL_SOCKET, SO_DEBUG, (char *)&on,
 		    sizeof(on));
@@ -744,14 +737,19 @@
 	if (source != NULL) {
 		source = savestr(getsin(&from, source));
 		outip->ip_src = from.sin_addr;
-#ifndef IP_HDRINCL
 		if (bind(sndsock, (struct sockaddr *)&from, sizeof(from)) < 0) {
 			Fprintf(stderr, "%s: bind: %s\n",
 			    prog, strerror(errno));
 			exit (1);
 		}
-#endif
 	}
+#ifdef IP_HDRINCL
+	if (setsockopt(sndsock, IPPROTO_IP, IP_HDRINCL, (char *)&on,
+	    sizeof(on)) < 0) {
+		Fprintf(stderr, "%s: IP_HDRINCL: %s\n", prog, strerror(errno));
+		exit(1);
+	}
+#endif
 
 #if	defined(IPSEC) && defined(IPSEC_POLICY_IPSEC)
 	if (setpolicy(sndsock, "in bypass") < 0)

-- 
Pierre Beyssac	      pb@fasterix.frmug.org pb@fasterix.freenix.org
       Why write portable code when you can write Linux code?
    Free domains: http://www.eu.org/ or mail dns-manager@EU.org

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message

----- End forwarded message -----

    


    


      



        
          Comment 2
        

        
          Kris Kennaway

        

        
            freebsd_committer
            freebsd_triage
        

        
          2003-07-13 06:23:56 UTC
        

      






Responsible Changed
From-To: freebsd-bugs->pb

Assign this PR to pb to determine whether it is still valid

    


    


      



        
          Comment 3
        

        
          Pierre Beyssac

        

        
            freebsd_committer
            freebsd_triage
        

        
          2004-04-17 19:45:25 UTC
        

      






State Changed
From-To: open->closed

Fix committed (in a simpler/shorter version).