From: George Thessalonikefs Date: Tue, 11 Oct 2022 15:39:30 +0000 (+0200) Subject: - Fix PROXYv2 header read for TCP connections when no proxied addresses X-Git-Tag: release-1.17.0^0 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=d25e0cd9b0545ff13120430c94326ceaf14b074f;p=thirdparty%2Funbound.git - Fix PROXYv2 header read for TCP connections when no proxied addresses are provided. --- diff --git a/doc/Changelog b/doc/Changelog index 790d7793f..727d1543e 100644 --- a/doc/Changelog +++ b/doc/Changelog @@ -1,3 +1,7 @@ +11 October 2022: George + - Fix PROXYv2 header read for TCP connections when no proxied addresses + are provided. + 7 October 2022: George - Fix to stop possible loops in the tcp reuse code (write_wait list and tcp_wait list). Based on analysis and patch from Prad Seniappan diff --git a/util/netevent.c b/util/netevent.c index 9e5436b93..da59a9d60 100644 --- a/util/netevent.c +++ b/util/netevent.c @@ -1694,7 +1694,10 @@ ssl_handle_read(struct comm_point* c) "part of PROXYv2 header (len %lu)", (unsigned long)want_read_size); current_read_size = PP2_HEADER_SIZE + want_read_size; - if(c->tcp_byte_count < current_read_size) { + if(want_read_size == 0) { + /* nothing more to read; header is complete */ + c->pp2_header_state = pp2_header_done; + } else if(c->tcp_byte_count < current_read_size) { ERR_clear_error(); if((r=SSL_read(c->ssl, (void*)sldns_buffer_at( c->buffer, c->tcp_byte_count), @@ -2083,7 +2086,10 @@ comm_point_tcp_handle_read(int fd, struct comm_point* c, int short_ok) "part of PROXYv2 header (len %lu)", (unsigned long)want_read_size); current_read_size = PP2_HEADER_SIZE + want_read_size; - if(c->tcp_byte_count < current_read_size) { + if(want_read_size == 0) { + /* nothing more to read; header is complete */ + c->pp2_header_state = pp2_header_done; + } else if(c->tcp_byte_count < current_read_size) { r = recv(fd, (void*)sldns_buffer_at(c->buffer, c->tcp_byte_count), current_read_size-c->tcp_byte_count, MSG_DONTWAIT);