[pisa-src] r1763 - trunk/pisacd/cdservers.c
- From: Thomas Jansen <mithi@xxxxxxxxx>
- To: pisa-src@xxxxxxxxxxxxx
- Date: Tue, 24 Nov 2009 11:13:11 +0100
Author: tjansen
Date: Tue Nov 24 11:13:11 2009
New Revision: 1763
Log:
Error handling for pisa_servers_query_dns.
If the DNS lookup fails, we delete the preliminary mapping. This allows us to
try again later. It also prevents failed DNS lookups from keeping memory
allocated we don't need anymore and reduces the probability of a memory
exhaustion DOS.
Modified:
trunk/pisacd/cdservers.c
Modified: trunk/pisacd/cdservers.c
==============================================================================
--- trunk/pisacd/cdservers.c Tue Nov 24 11:08:50 2009 (r1762)
+++ trunk/pisacd/cdservers.c Tue Nov 24 11:13:11 2009 (r1763)
@@ -266,11 +266,8 @@
}
/**
- * Retrieve the NAT mapping and the conmgr entry from DNS.
- *
- * TODO: Remove the NAT mapping if an error occurs. Otherwise we might have a
- * DOS attack vector: Attacker sends a lot of packets to different
- * (non-existant) virtual addresses the allocate memory for a NAT mapping.
+ * Retrieve the NAT mapping and the conmgr entry from DNS. This function is
+ * used as a scheduler task callback.
*
* @param data NAT mapping
*/
@@ -283,16 +280,19 @@
struct in_addr remote;
if (!pisa_servers_build_domain_name(&nat->local_private, dn,
sizeof(dn)))
- return;
+ goto failed;
if (!pisa_servers_lookup_dns(dn, &hit, &remote))
- return;
+ goto failed;
/* TODO: If no conmgr entry exists we have to build one... */
if (!(entry = pisa_conmgr_findby_hit(cd_ctx.conlist, &hit)))
- return;
+ goto failed;
pisa_nat_upgrade_preliminary(cd_ctx.natlist, nat, &remote, entry, NULL);
- /* TODO: clean up after failure, otherwise we're stuck */
+ return;
+
+failed:
+ pisa_nat_del_mapping(cd_ctx.natlist, nat);
}
/**
Other related posts:
- » [pisa-src] r1763 - trunk/pisacd/cdservers.c - Thomas Jansen
