aboutsummaryrefslogtreecommitdiff
path: root/socket.c
diff options
context:
space:
mode:
authorjames <james@e7ae566f-a301-0410-adde-c780ea21d3b5>2008-09-19 20:12:43 +0000
committerjames <james@e7ae566f-a301-0410-adde-c780ea21d3b5>2008-09-19 20:12:43 +0000
commit6e2c457d5964e9a6efea0c21e3b1ff862df4060c (patch)
tree815f17d1c5920951df10e467f8608e9504780bff /socket.c
parentPatched Makefile.am so that the new t_cltsrv-down.sh script becomes (diff)
downloadopenvpn-6e2c457d5964e9a6efea0c21e3b1ff862df4060c.tar.xz
Fixed --lladdr bug introduced in 2.1-rc9 where input validation code
was incorrectly expecting the lladdr parameter to be an IP address when it is actually a MAC address (HoverHell). git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3339 e7ae566f-a301-0410-adde-c780ea21d3b5
Diffstat (limited to 'socket.c')
-rw-r--r--socket.c39
1 files changed, 39 insertions, 0 deletions
diff --git a/socket.c b/socket.c
index df922a9..fe58c3e 100644
--- a/socket.c
+++ b/socket.c
@@ -317,6 +317,45 @@ ip_or_dns_addr_safe (const char *addr, const bool allow_fqdn)
return false;
}
+bool
+mac_addr_safe (const char *mac_addr)
+{
+ /* verify non-NULL */
+ if (!mac_addr)
+ return false;
+
+ /* verify length is within limits */
+ if (strlen (mac_addr) > 17)
+ return false;
+
+ /* verify that all chars are either alphanumeric or ':' and that no
+ alphanumeric substring is greater than 2 chars */
+ {
+ int nnum = 0;
+ const char *p = mac_addr;
+ int c;
+
+ while ((c = *p++))
+ {
+ if ( (c >= '0' && c <= '9') || (c >= 'a' && c <= 'f') || (c >= 'A' && c <= 'F') )
+ {
+ ++nnum;
+ if (nnum > 2)
+ return false;
+ }
+ else if (c == ':')
+ {
+ nnum = 0;
+ }
+ else
+ return false;
+ }
+ }
+
+ /* error-checking is left to script invoked in lladdr.c */
+ return true;
+}
+
static void
update_remote (const char* host,
struct openvpn_sockaddr *addr,