diff options
| author | Tobias Brunner <tobias@strongswan.org> | 2012-11-12 19:39:34 +0100 |
|---|---|---|
| committer | Tobias Brunner <tobias@strongswan.org> | 2012-11-13 09:06:02 +0100 |
| commit | cbd52e7ddc368dbbc88d236c3f2ce856ce96a6b3 (patch) | |
| tree | 4f7e921596cc48174cc71611620d9e97709fb624 /src/libhydra/plugins/kernel_netlink/kernel_netlink_net.c | |
| parent | 5be88ca6bb0f53d53b40aba34ec3eba178df6f0c (diff) | |
| download | strongswan-cbd52e7ddc368dbbc88d236c3f2ce856ce96a6b3.tar.bz2 strongswan-cbd52e7ddc368dbbc88d236c3f2ce856ce96a6b3.tar.xz | |
Limit recursion when searching for source addresses
This could be required if e.g. two default routes list gateways but the
corresponding outbound interfaces do not have any IP addresses on them.
Diffstat (limited to 'src/libhydra/plugins/kernel_netlink/kernel_netlink_net.c')
| -rw-r--r-- | src/libhydra/plugins/kernel_netlink/kernel_netlink_net.c | 19 |
1 files changed, 14 insertions, 5 deletions
diff --git a/src/libhydra/plugins/kernel_netlink/kernel_netlink_net.c b/src/libhydra/plugins/kernel_netlink/kernel_netlink_net.c index 79ab35ca0..7653d470c 100644 --- a/src/libhydra/plugins/kernel_netlink/kernel_netlink_net.c +++ b/src/libhydra/plugins/kernel_netlink/kernel_netlink_net.c @@ -65,6 +65,9 @@ /** delay before reinstalling routes (ms) */ #define ROUTE_DELAY 100 +/** maximum recursion when searching for addresses in get_route() */ +#define MAX_ROUTE_RECURSION 2 + typedef struct addr_entry_t addr_entry_t; /** @@ -1390,7 +1393,7 @@ static rt_entry_t *parse_route(struct nlmsghdr *hdr, rt_entry_t *route) * Get a route: If "nexthop", the nexthop is returned. source addr otherwise. */ static host_t *get_route(private_kernel_netlink_net_t *this, host_t *dest, - bool nexthop, host_t *candidate) + bool nexthop, host_t *candidate, u_int recursion) { netlink_buf_t request; struct nlmsghdr *hdr, *out, *current; @@ -1402,6 +1405,11 @@ static host_t *get_route(private_kernel_netlink_net_t *this, host_t *dest, enumerator_t *enumerator; host_t *addr = NULL; + if (recursion > MAX_ROUTE_RECURSION) + { + return NULL; + } + memset(&request, 0, sizeof(request)); hdr = (struct nlmsghdr*)request; @@ -1559,7 +1567,8 @@ static host_t *get_route(private_kernel_netlink_net_t *this, host_t *dest, gtw = host_create_from_chunk(msg->rtm_family, route->gtw, 0); if (gtw && !gtw->ip_equals(gtw, dest)) { - route->src_host = get_route(this, gtw, FALSE, candidate); + route->src_host = get_route(this, gtw, FALSE, candidate, + recursion + 1); } DESTROY_IF(gtw); if (route->src_host) @@ -1600,7 +1609,7 @@ static host_t *get_route(private_kernel_netlink_net_t *this, host_t *dest, DBG2(DBG_KNL, "using %H as %s to reach %H", addr, nexthop ? "nexthop" : "address", dest); } - else + else if (!recursion) { DBG2(DBG_KNL, "no %s found to reach %H", nexthop ? "nexthop" : "address", dest); @@ -1611,13 +1620,13 @@ static host_t *get_route(private_kernel_netlink_net_t *this, host_t *dest, METHOD(kernel_net_t, get_source_addr, host_t*, private_kernel_netlink_net_t *this, host_t *dest, host_t *src) { - return get_route(this, dest, FALSE, src); + return get_route(this, dest, FALSE, src, 0); } METHOD(kernel_net_t, get_nexthop, host_t*, private_kernel_netlink_net_t *this, host_t *dest, host_t *src) { - return get_route(this, dest, TRUE, src); + return get_route(this, dest, TRUE, src, 0); } /** |