Previously, a client connecting over IPv4 would not be matched
properly when the server had an IPv6 listening socket.
PR: 7407
Submitted by: Taketo Kabe <kiabe@sra-tohoku.co.jp>
Reviewed by: Jeff Trawick
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@88561
13f79535-47bb-0310-9956-
ffa450edef68
Changes with Apache 2.0.15-dev
+ *) Fix a major security problem with double-reverse lookup checking.
+ Previously, a client connecting over IPv4 would not be matched
+ properly when the server had an IPv6 listening socket. PR #7407
+ [Taketo Kabe <kiabe@sra-tohoku.co.jp>]
+
*) Change the way the beos MPM handles polling to allow it to stop and
restart. Problem was the sockets being polled were being reset by
the select call, so once it had accepted a connection it was no
conn->double_reverse = 1;
return;
}
+#if APR_HAVE_IPV6
+ /* match IPv4-mapped IPv6 addresses with IPv4 A record */
+ if (conn->remote_addr->sa.sin.sin_family == APR_INET6 &&
+ sa->sa.sin.sin_family == APR_INET &&
+ IN6_IS_ADDR_V4MAPPED((struct in6_addr *)conn->remote_addr->ipaddr_ptr) &&
+ !memcmp(&((struct in6_addr *)conn->remote_addr->ipaddr_ptr)->s6_addr[12],
+ sa->ipaddr_ptr,
+ sizeof (((struct in_addr *)0)->s_addr))) {
+ conn->double_reverse = 1;
+ return;
+ }
+#endif
sa = sa->next;
}
}