From nobody@FreeBSD.org  Mon Feb 19 10:38:04 2007
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id E70E016A401
	for <freebsd-gnats-submit@FreeBSD.org>; Mon, 19 Feb 2007 10:38:04 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [69.147.83.33])
	by mx1.freebsd.org (Postfix) with ESMTP id CC37C13C47E
	for <freebsd-gnats-submit@FreeBSD.org>; Mon, 19 Feb 2007 10:38:04 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.13.1/8.13.1) with ESMTP id l1JAc4j8081700
	for <freebsd-gnats-submit@FreeBSD.org>; Mon, 19 Feb 2007 10:38:04 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.13.1/8.13.1/Submit) id l1JAc4YR081698;
	Mon, 19 Feb 2007 10:38:04 GMT
	(envelope-from nobody)
Message-Id: <200702191038.l1JAc4YR081698@www.freebsd.org>
Date: Mon, 19 Feb 2007 10:38:04 GMT
From: Aragon Gouveia<aragon@phat.za.net>
To: freebsd-gnats-submit@FreeBSD.org
Subject: inetd UNIX socket bug
X-Send-Pr-Version: www-3.0

>Number:         109315
>Category:       kern
>Synopsis:       [patch] inetd UNIX socket bug
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Feb 19 10:40:05 GMT 2007
>Closed-Date:    Sun Apr 29 19:33:41 GMT 2007
>Last-Modified:  Tue Jul 10 03:39:30 UTC 2012
>Originator:     Aragon Gouveia
>Release:        4.10-RELEASE (confirmed on 6.2-RELEASE too)
>Organization:
>Environment:
FreeBSD <snip> 4.10-RELEASE-p2 FreeBSD 4.10-RELEASE-p2 #2: Sat Sep 25 14:19:19 SAST 2004     root@<snip>:/usr/obj/usr/src/sys/DECODER  i386
  and
FreeBSD sulaco.intranet 6.2-RELEASE FreeBSD 6.2-RELEASE #0: Fri Jan 12 11:05:30 UTC 2007     root@dessler.cse.buffalo.edu:/usr/obj/usr/src/sys/SMP  i386

>Description:
Hello,

I have been trying to setup a UNIX socket service in inetd, but it
appears the functionality has been broken for some time.  I guess I'm
the first to notice.

With a UNIX socket service entry in inetd.conf the socket file is created
as it should be, but when I try make a connection to the socket (telnet -u),
it establishes and then immediately closes.  There is nothing logged to
syslog and not much info when in debug mode (inetd -d).

In my code references below I should mention that I'm still running
4.10-RELEASE so my line numbering might be out.  But after testing this
on a 6.2-RELEASE install I can confirm that the bug is still there. 

I had a look through inetd.c and found the following in cpmip() starting at line 2202:

---
                        case AF_INET:
                                p = (char *)&sin4->sin_addr;
                                addrlen = sizeof(struct in_addr);
                                break;
#ifdef INET6
                        case AF_INET6:
                                p = (char *)&sin6->sin6_addr;
                                addrlen = sizeof(struct in6_addr);
                                break;
#endif 
                        default:
                                /* should not happen */
                                return -1;
                        }
---

There is no case entry for AF_UNIX.  From my testing, execution was
reaching the default: entry when an AF_UNIX connection was established.
When cpmip() returns a negative value it looks like inetd silently
closes the socket.

I've included a patch which seems to make it work.  The only oddity is
that when logging is enabled (inetd -l), AF_UNIX connections are logged
as coming from "unknown".  No biggie for me, but there might be a better fix.


>How-To-Repeat:
Add unix socket type entry to inetd.conf:

/tmp/telnet    stream  unix    nowait  root    /usr/libexec/telnetd   telnetd

Rehup and telnet to the socket:

# telnet -u /tmp/telnet 
Trying /tmp/telnet...
Connected to /tmp/telnet.
Escape character is '^]'.
Connection closed by foreign host.

>Fix:


Patch attached with submission follows:

--- inetd.c.orig        Sun Jul 27 15:58:05 2003
+++ inetd.c     Fri Oct 20 21:18:59 2006
@@ -2209,6 +2209,10 @@
                                addrlen = sizeof(struct in6_addr);
                                break;
 #endif
+                       case AF_UNIX:
+                               p = (char *)&sin4->sin_addr;
+                               addrlen = sizeof(struct in_addr);
+                               break;
                        default:
                                /* should not happen */
                                return -1;

>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->dwmalone 
Responsible-Changed-By: dwmalone 
Responsible-Changed-When: Mon Feb 19 10:42:59 UTC 2007 
Responsible-Changed-Why:  
I'll take a look at this. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=109315 

From: Maxim Konovalov <maxim@macomnet.ru>
To: Aragon Gouveia <aragon@phat.za.net>
Cc: bug-followup@freebsd.org
Subject: Re: misc/109315: inetd UNIX socket bug
Date: Mon, 19 Feb 2007 13:54:21 +0300 (MSK)

 > >Description:
 > Hello,
 >
 > I have been trying to setup a UNIX socket service in inetd, but it
 > appears the functionality has been broken for some time.  I guess
 > I'm the first to notice.
 >
 > With a UNIX socket service entry in inetd.conf the socket file is
 > created as it should be, but when I try make a connection to the
 > socket (telnet -u), it establishes and then immediately closes.
 > There is nothing logged to syslog and not much info when in debug
 > mode (inetd -d).
 >
 > In my code references below I should mention that I'm still running
 > 4.10-RELEASE so my line numbering might be out.  But after testing
 > this on a 6.2-RELEASE install I can confirm that the bug is still
 > there.
 
 A couple of months ago I checked this fuctionality on HEAD and it
 worked OK.  Could you show a relevant part of your inetd.conf?
 
 -- 
 Maxim Konovalov

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: kern/109315: commit references a PR
Date: Sun, 11 Mar 2007 16:31:00 +0000 (UTC)

 dwmalone    2007-03-11 16:30:49 UTC
 
   FreeBSD src repository
 
   Modified files:
     usr.sbin/inetd       inetd.c 
   Log:
   Don't try to apply connection-per-ip rate limiting to unix domain
   sockets.  Instead of rejecting all unix domain connections when the
   -C flag is given, allow them instead. Aragon tested an earlier
   version of the patch.
   
   PR:             109315
   MFC after:      2 weeks
   Tested-by:      Aragon Gouveia <aragon@phat.za.net>
   
   Revision  Changes    Path
   1.135     +1 -0      src/usr.sbin/inetd/inetd.c
 _______________________________________________
 cvs-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/cvs-all
 To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
 
State-Changed-From-To: open->patched 
State-Changed-By: linimon 
State-Changed-When: Sun Apr 22 10:00:39 UTC 2007 
State-Changed-Why:  
Set as MFC reminder. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=109315 
State-Changed-From-To: patched->closed 
State-Changed-By: dwmalone 
State-Changed-When: Sun Apr 29 19:33:06 UTC 2007 
State-Changed-Why:  
Now patched in CURRENT, RELENG_[456]. Thanks for the PR. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=109315 
Responsible-Changed-From-To: dwmalone->freebsd-bugs 
Responsible-Changed-By: eadler 
Responsible-Changed-When: Tue Jul 10 03:39:29 UTC 2012 
Responsible-Changed-Why:  
over to the pool (approved by bugmeister) 

http://www.freebsd.org/cgi/query-pr.cgi?pr=109315 
>Unformatted:
