1
0
mirror of https://github.com/SoftEtherVPN/SoftEtherVPN.git synced 2024-11-26 19:39:53 +03:00

Compare commits

..

5 Commits

Author SHA1 Message Date
hiura2023
bcb896b178
Merge branch 'SoftEtherVPN:master' into master 2024-05-03 17:19:47 +09:00
hiura
6e5395cc8d Fix Virtual DHCP Server: Correct DHCP renewal request 2024-05-03 17:18:13 +09:00
Ilya Shipitsin
9ce27f363e
Merge pull request #1990 from SoftEtherVPN/fix1972
Fix memory access error when IPv6 prefix reading, should resolve #1972
2024-04-28 17:25:16 +02:00
Evengard
d568cc1727 Fix another memory access error again because of a missing MAC address in IPv6 headers 2024-04-27 21:57:36 +03:00
Evengard
c9b5e25c87 Fix memory access error when IPv6 prefix reading, should resolve #1972 2024-04-27 02:01:48 +03:00
2 changed files with 74 additions and 10 deletions

View File

@ -1517,7 +1517,9 @@ void IPCProcessL3EventsEx(IPC *ipc, UINT64 now)
// We save the router advertisement data for later use // We save the router advertisement data for later use
IPCIPv6AddRouterPrefixes(ipc, &p->ICMPv6HeaderPacketInfo.OptionList, src_mac, &ip_src); IPCIPv6AddRouterPrefixes(ipc, &p->ICMPv6HeaderPacketInfo.OptionList, src_mac, &ip_src);
IPCIPv6AssociateOnNDTEx(ipc, &ip_src, src_mac, true); IPCIPv6AssociateOnNDTEx(ipc, &ip_src, src_mac, true);
if (p->ICMPv6HeaderPacketInfo.OptionList.SourceLinkLayer != NULL) {
IPCIPv6AssociateOnNDTEx(ipc, &ip_src, p->ICMPv6HeaderPacketInfo.OptionList.SourceLinkLayer->Address, true); IPCIPv6AssociateOnNDTEx(ipc, &ip_src, p->ICMPv6HeaderPacketInfo.OptionList.SourceLinkLayer->Address, true);
}
ndtProcessed = true; ndtProcessed = true;
header_size = sizeof(ICMPV6_ROUTER_ADVERTISEMENT_HEADER); header_size = sizeof(ICMPV6_ROUTER_ADVERTISEMENT_HEADER);
break; break;
@ -2354,7 +2356,14 @@ void IPCIPv6AddRouterPrefixes(IPC *ipc, ICMPV6_OPTION_LIST *recvPrefix, UCHAR *m
IntToSubnetMask6(&newRA->RoutedMask, recvPrefix->Prefix[i]->SubnetLength); IntToSubnetMask6(&newRA->RoutedMask, recvPrefix->Prefix[i]->SubnetLength);
CopyIP(&newRA->RouterAddress, ip); CopyIP(&newRA->RouterAddress, ip);
Copy(newRA->RouterMacAddress, macAddress, 6); Copy(newRA->RouterMacAddress, macAddress, 6);
if (recvPrefix->SourceLinkLayer != NULL)
{
Copy(newRA->RouterLinkLayerAddress, recvPrefix->SourceLinkLayer->Address, 6); Copy(newRA->RouterLinkLayerAddress, recvPrefix->SourceLinkLayer->Address, 6);
}
else
{
Zero(newRA->RouterLinkLayerAddress, 6);
}
Add(ipc->IPv6RouterAdvs, newRA); Add(ipc->IPv6RouterAdvs, newRA);
} }
} }
@ -2657,7 +2666,7 @@ void IPCIPv6SendUnicast(IPC *ipc, void *data, UINT size, IP *next_ip)
} }
destMac = ra.RouterMacAddress; destMac = ra.RouterMacAddress;
if (!IsMacUnicast(destMac) && !IsMacInvalid(ra.RouterMacAddress)) if (!IsMacUnicast(destMac) && !IsMacInvalid(ra.RouterLinkLayerAddress))
{ {
destMac = ra.RouterLinkLayerAddress; destMac = ra.RouterLinkLayerAddress;
} }

View File

@ -9340,20 +9340,75 @@ UINT ServeDhcpDiscoverEx(VH *v, UCHAR *mac, UINT request_ip, bool is_static_ip)
return 0; return 0;
} }
UINT ret = 0;
DHCP_LEASE *d = SearchDhcpLeaseByIp(v, request_ip); DHCP_LEASE *d = SearchDhcpLeaseByIp(v, request_ip);
if (d != NULL) if (d != NULL)
{ {
// The requested IP address is used already // If an entry for the same IP address already exists,
return 0; // check whether it is a request from the same MAC address
} if (Cmp(mac, d->MacAddress, 6) == 0)
// For static IP, the requested IP address must NOT be within the range of the DHCP pool
if (Endian32(request_ip) < Endian32(v->DhcpIpStart) || Endian32(request_ip) > Endian32(v->DhcpIpEnd))
{ {
return request_ip; // Examine whether the specified IP address is within the range of assignment
if (Endian32(v->DhcpIpStart) > Endian32(request_ip) ||
Endian32(request_ip) > Endian32(v->DhcpIpEnd))
{
// Accept if within the range
ret = request_ip;
}
}
else {
// Duplicated IPV4 address found. The DHCP server replies to DHCPREQUEST with DHCP NAK.
char ipstr[MAX_HOST_NAME_LEN + 1] = { 0 };
char macstr[128] = { 0 };
IPToStr32(ipstr, sizeof(ipstr), request_ip);
BinToStr(macstr, sizeof(macstr), d->MacAddress, 6);
Debug("Virtual DHC Server: Duplicated IP address detected. Static IP: %s, Used by MAC:%s\n", ipstr, macstr);
return ret;
}
}
else
{
// Examine whether the specified IP address is within the range of assignment
if (Endian32(v->DhcpIpStart) > Endian32(request_ip) ||
Endian32(request_ip) > Endian32(v->DhcpIpEnd))
{
// Accept if within the range
ret = request_ip;
}
else
{
// Propose an IP in the range since it's a Discover although It is out of range
}
}
if (ret == 0)
{
// If there is any entry with the same MAC address
// that are already registered, use it with priority
DHCP_LEASE *d = SearchDhcpLeaseByMac(v, mac);
if (d != NULL)
{
// Examine whether the found IP address is in the allocation region
if (Endian32(v->DhcpIpStart) > Endian32(d->IpAddress) ||
Endian32(d->IpAddress) > Endian32(v->DhcpIpEnd))
{
// Use the IP address if it's found within the range
ret = d->IpAddress;
}
}
}
if (ret == 0)
{
// For static IP, the requested IP address must NOT be within the range of the DHCP pool
if (Endian32(v->DhcpIpStart) > Endian32(request_ip) ||
Endian32(request_ip) > Endian32(v->DhcpIpEnd))
{
ret = request_ip;
}
} }
return 0; return ret;
} }
// Take an appropriate IP addresses that can be assigned newly // Take an appropriate IP addresses that can be assigned newly