secnet 0.2.1 - authbind fix
Ian Jackson
ijackson at chiark.greenend.org.uk
Sun Dec 11 14:11:37 GMT 2011
I wrote:
> We are pleased to announce the release of secnet 0.2.0.
secnet 0.2.0 contains a bug which makes it not work with authbind.
(This same bug is in 0.1.16 to 0.1.18.1 inclusive.)
This is fixed in secnet 0.2.1. A copy of the relevant patch is below,
in case you need to apply it to 0.1.18.1; we do not currently plan to
make a new 0.1.18.x release especially for this fix.
Sources and .deb binaries (built on Debian lenny) can be found here:
http://www.chiark.greenend.org.uk/~ianmdlvl/secnet/download/
The git repository is here:
http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git/secnet.git/
chiark's secnet has already (really, this time) been upgraded to 0.2.1.
Ian.
commit 51b259535294bb46757a040596ab052e53f29483
Author: Ian Jackson <ijackson at chiark.greenend.org.uk>
Date: Sun Dec 11 12:40:37 2011 +0000
authbind: get endianness right (again)
It appears that:
* authbind's documentation authbind-helper(8) describes the
endianness convention of authbind's helper program incorrectly.
See Debian #651694.
* The version of secnet 0.1.16 tagged as such in revision control
contains a "fix" which was based on the authbind documentation but
not apparently tested against authbind. Ie, this part from NEWS:
4) Change the endianess of the arguments to authbind-helper.
sprintf("%04X") already translates from machine repesentation to most
significant octet first so htons reversed it again.
* The version of secnet 0.1.16 actually in service on chiark had an
out-of-version-control change to udp.c to make it work with
chiark's authbind 1.2.0. The actual code found has been recorded
on the dead branch "chiark-0.1.16" in the master git repo, but the
version of udp.c is exactly that from 0.1.15 so it looks like we
just reverted to the previous udp.c during deployment of 0.1.16.
* We (re)discovered all this after the release of secnet 0.2.0
because my attempt to deploy 0.2.0 on chiark was not actually
effective.
Therefore, undo the authbind endianness change introduced in secnet
0.1.16. This is most easily achieved by constructing the arguments to
the helper from the sockaddr rather than the contents of "st".
Thanks are due to Simon Tatham for the bug report.
Signed-off-by: Ian Jackson <ijackson at chiark.greenend.org.uk>
diff --git a/udp.c b/udp.c
index f420664..bbf8c64 100644
--- a/udp.c
+++ b/udp.c
@@ -241,8 +241,8 @@ static void udp_phase_hook(void *sst, uint32_t new_phase)
}
if (c==0) {
char *argv[4], addrstr[9], portstr[5];
- sprintf(addrstr,"%08lX",(long)st->addr);
- sprintf(portstr,"%04X",st->port);
+ sprintf(addrstr,"%08lX",(long)addr.sin_addr.s_addr);
+ sprintf(portstr,"%04X",addr.sin_port);
argv[0]=st->authbind;
argv[1]=addrstr;
argv[2]=portstr;
More information about the sgo-software-announce
mailing list