From 376a11db3cdd0b1346886789bcd65dddf95ac2cd Mon Sep 17 00:00:00 2001 From: Martin Willi Date: Tue, 1 Dec 2009 15:46:56 +0100 Subject: Do not install invalid 0.0.0.0 DNS servers --- src/charon/plugins/resolve/resolve_handler.c | 23 ++++++++++++++--------- 1 file changed, 14 insertions(+), 9 deletions(-) (limited to 'src/charon/plugins/resolve/resolve_handler.c') diff --git a/src/charon/plugins/resolve/resolve_handler.c b/src/charon/plugins/resolve/resolve_handler.c index ff0e5943e..1d18335be 100644 --- a/src/charon/plugins/resolve/resolve_handler.c +++ b/src/charon/plugins/resolve/resolve_handler.c @@ -52,22 +52,26 @@ static bool handle(private_resolve_handler_t *this, identification_t *server, FILE *in, *out; char buf[1024]; host_t *addr; - int family; size_t len; bool handled = FALSE; switch (type) { case INTERNAL_IP4_DNS: - family = AF_INET; + addr = host_create_from_chunk(AF_INET, data, 0); break; case INTERNAL_IP6_DNS: - family = AF_INET6; + addr = host_create_from_chunk(AF_INET6, data, 0); break; default: return FALSE; } + if (!addr || addr->is_anyaddr(addr)) + { + DESTROY_IF(addr); + return FALSE; + } this->mutex->lock(this->mutex); in = fopen(this->file, "r"); @@ -76,11 +80,8 @@ static bool handle(private_resolve_handler_t *this, identification_t *server, out = fopen(this->file, "w"); if (out) { - addr = host_create_from_chunk(family, data, 0); - fprintf(out, "nameserver %H # by strongSwan, from %Y\n", - addr, server); + fprintf(out, "nameserver %H # by strongSwan, from %Y\n", addr, server); DBG1(DBG_IKE, "installing DNS server %H to %s", addr, this->file); - addr->destroy(addr); handled = TRUE; /* copy rest of the file */ @@ -90,16 +91,20 @@ static bool handle(private_resolve_handler_t *this, identification_t *server, { ignore_result(fwrite(buf, 1, len, out)); } - fclose(in); } fclose(out); } + if (in) + { + fclose(in); + } + this->mutex->unlock(this->mutex); + addr->destroy(addr); if (!handled) { DBG1(DBG_IKE, "adding DNS server failed", this->file); } - this->mutex->unlock(this->mutex); return handled; } -- cgit v1.2.3