as,rsrv: use real client IP instead of untrusted host name

2018-06-16 09:45:00 -07:00
parent 383b6b1c36
commit 530eba133f
6 changed files with 61 additions and 6 deletions
--- a/modules/database/src/ioc/rsrv/camessage.c
+++ b/modules/database/src/ioc/rsrv/camessage.c
@@ -861,6 +861,14 @@ static int host_name_action ( caHdrLargeArray *mp, void *pPayload,
        return RSRV_ERROR;
    }

+    /* after all validation */
+    if(asUseIP) {
+
+        DLOG (2, ( "CAS: host_name_action for \"%s\" ignores clist provided host name\n",
+            client->pHostName ) );
+        return RSRV_OK;
+    }
+
    /*
     * user name will not change if there isnt enough memory
     */
--- a/modules/database/src/ioc/rsrv/caservertask.c
+++ b/modules/database/src/ioc/rsrv/caservertask.c
@@ -1421,6 +1421,20 @@ struct client *create_tcp_client (SOCKET sock , const osiSockAddr *peerAddr)
    }

    client->addr = peerAddr->ia;
+    if(asUseIP) {
+        epicsUInt32 ip = ntohl(client->addr.sin_addr.s_addr);
+        client->pHostName = malloc(24);
+        if(!client->pHostName) {
+            destroy_client ( client );
+            return NULL;
+        }
+        epicsSnprintf(client->pHostName, 24,
+                      "%u.%u.%u.%u",
+                      (ip>>24)&0xff,
+                      (ip>>16)&0xff,
+                      (ip>>8)&0xff,
+                      (ip>>0)&0xff);
+    }

    /*
     * see TCP(4P) this seems to make unsolicited single events much
--- a/modules/database/src/ioc/rsrv/server.h
+++ b/modules/database/src/ioc/rsrv/server.h
@@ -86,7 +86,7 @@ typedef struct client {
  ELLLIST               chanList;
  ELLLIST               chanPendingUpdateARList;
  ELLLIST               putNotifyQue;
-  struct sockaddr_in    addr;
+  struct sockaddr_in    addr; /* peer address, TCP only */
  epicsTimeStamp        time_at_last_send;
  epicsTimeStamp        time_at_last_recv;
  void                  *evuser;
--- a/modules/libcom/src/as/asLib.h
+++ b/modules/libcom/src/as/asLib.h
@@ -21,6 +21,11 @@
 extern "C" {
 #endif

+/* 0 - Use (unverified) client provided host name string.
+ * 1 - Use actual client IP address.  HAG() are resolved to IPs at ACF load time.
+ */
+epicsShareExtern int asUseIP;
+
 typedef struct asgMember *ASMEMBERPVT;
 typedef struct asgClient *ASCLIENTPVT;
 typedef int (*ASINPUTFUNCPTR)(char *buf,int max_size);
--- a/modules/libcom/src/as/asLibRoutines.c
+++ b/modules/libcom/src/as/asLibRoutines.c
@@ -15,6 +15,8 @@
 #include <ctype.h>

 #define epicsExportSharedSymbols
+#include "osiSock.h"
+#include "epicsTypes.h"
 #include "epicsStdio.h"
 #include "dbDefs.h"
 #include "epicsThread.h"
@@ -27,6 +29,8 @@
 #include "postfix.h"
 #include "asLib.h"

+int asUseIP;
+
 static epicsMutexId asLock;
 #define LOCK epicsMutexMustLock(asLock)
 #define UNLOCK epicsMutexUnlock(asLock)
@@ -1206,11 +1210,29 @@ static long asHagAddHost(HAG *phag,const char *host)
    int     len, i;

    if (!phag) return 0;
-    len = strlen(host);
-    phagname = asCalloc(1, sizeof(HAGNAME) + len + 1);
-    phagname->host = (char *)(phagname + 1);
-    for (i = 0; i < len; i++) {
-        phagname->host[i] = (char)tolower((int)host[i]);
+    if(!asUseIP) {
+        len = strlen(host);
+        phagname = asCalloc(1, sizeof(HAGNAME) + len + 1);
+        phagname->host = (char *)(phagname + 1);
+        for (i = 0; i < len; i++) {
+            phagname->host[i] = (char)tolower((int)host[i]);
+        }
+    } else {
+        struct sockaddr_in addr;
+        epicsUInt32 ip;
+        if(aToIPAddr(host, 0, &addr)) {
+            errlogPrintf("Unable to resolve host '%s'\n", host);
+            return S_asLib_noHag;
+        }
+        ip = ntohl(addr.sin_addr.s_addr);
+        phagname = asCalloc(1, sizeof(HAGNAME) + 24);
+        phagname->host = (char *)(phagname + 1);
+        epicsSnprintf(phagname->host, 24,
+                      "%u.%u.%u.%u",
+                      (ip>>24)&0xff,
+                      (ip>>16)&0xff,
+                      (ip>>8)&0xff,
+                      (ip>>0)&0xff);
    }
    ellAdd(&phag->list, &phagname->node);
    return 0;
--- a/modules/libcom/src/iocsh/libComRegister.c
+++ b/modules/libcom/src/iocsh/libComRegister.c
@@ -12,6 +12,7 @@

 #define epicsExportSharedSymbols
 #include "iocsh.h"
+#include "asLib.h"
 #include "epicsStdioRedirect.h"
 #include "epicsString.h"
 #include "epicsTime.h"
@@ -392,6 +393,8 @@ static void installLastResortEventProviderCallFunc(const iocshArgBuf *args)
    installLastResortEventProvider();
 }

+static iocshVarDef asUseIPDef = {"asUseIP", iocshArgInt, 0};
+
 void epicsShareAPI libComRegister(void)
 {
    iocshRegister(&dateFuncDef, dateCallFunc);
@@ -424,4 +427,7 @@ void epicsShareAPI libComRegister(void)
    
    iocshRegister(&generalTimeReportFuncDef,generalTimeReportCallFunc);
    iocshRegister(&installLastResortEventProviderFuncDef, installLastResortEventProviderCallFunc);
+
+    asUseIPDef.pval = &asUseIP;
+    iocshRegisterVariable(&asUseIPDef);
 }