From: W.C.A. Wijngaards <wouter@nlnetlabs.nl>
Date: Mon, 29 Nov 2021 13:59:39 +0000 (+0100)
Subject: - Fix #574: unbound-checkconf reports fatal error if interface names
X-Git-Tag: release-1.14.0rc1~22
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=dcad9d586329961efed36cf7c3b26ad8c27ddd64;p=thirdparty%2Funbound.git

- Fix #574: unbound-checkconf reports fatal error if interface names
  are used as value for interfaces:
---

diff --git a/doc/Changelog b/doc/Changelog
index 63ab8def2..a8b304d91 100644
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -2,6 +2,8 @@
 	- Merge PR #570 from rex4539: Fix typos.
 	- Fix for #570: regen aclocal.m4, fix configure.ac for spelling.
 	- Fix to make python module opt_list use opt_list_in.
+	- Fix #574: unbound-checkconf reports fatal error if interface names
+	  are used as value for interfaces:
 
 15 November 2021: Tom
 	- Improve EDNS option handling, now also works for synthesised
diff --git a/smallapp/unbound-checkconf.c b/smallapp/unbound-checkconf.c
index 52c15238c..b88d010da 100644
--- a/smallapp/unbound-checkconf.c
+++ b/smallapp/unbound-checkconf.c
@@ -334,19 +334,62 @@ interfacechecks(struct config_file* cfg)
 	int d;
 	struct sockaddr_storage a;
 	socklen_t alen;
-	int i, j;
+	int i, j, i2, j2;
+	char*** resif = NULL;
+	int* num_resif = 0;
+
+	if(cfg->num_ifs != 0) {
+		resif = (char***)calloc(cfg->num_ifs, sizeof(char**));
+		num_resif = (int*)calloc(cfg->num_ifs, sizeof(int*));
+	}
 	for(i=0; i<cfg->num_ifs; i++) {
-		if(!extstrtoaddr(cfg->ifs[i], &a, &alen)) {
-			fatal_exit("cannot parse interface specified as '%s'",
-				cfg->ifs[i]);
-		}
-		for(j=0; j<cfg->num_ifs; j++) {
-			if(i!=j && strcmp(cfg->ifs[i], cfg->ifs[j])==0)
+		/* search for duplicates in IP or ifname arguments */
+		for(i2=0; i2<i; i2++) {
+			if(strcmp(cfg->ifs[i], cfg->ifs[i2]) == 0) {
 				fatal_exit("interface: %s present twice, "
 					"cannot bind same ports twice.",
 					cfg->ifs[i]);
+			}
+		}
+		if(!resolve_interface_names(&cfg->ifs[i], 1, NULL, &resif[i],
+			&num_resif[i])) {
+			fatal_exit("could not resolve interface names, for %s",
+				cfg->ifs[i]);
+		}
+		/* search for duplicates in the returned addresses */
+		for(j=0; j<num_resif[i]; j++) {
+			if(!extstrtoaddr(resif[i][j], &a, &alen)) {
+				if(strcmp(cfg->ifs[i], resif[i][j]) != 0)
+					fatal_exit("cannot parse interface address '%s' from the interace specified as '%s'",
+						resif[i][j], cfg->ifs[i]);
+				else
+					fatal_exit("cannot parse interface specified as '%s'",
+						cfg->ifs[i]);
+			}
+			for(i2=0; i2<i; i2++) {
+				for(j2=0; j2<num_resif[i2]; j2++) {
+					if(strcmp(resif[i][j], resif[i2][j2])
+						== 0) {
+						char info1[1024], info2[1024];
+						if(strcmp(cfg->ifs[i], resif[i][j]) != 0)
+							snprintf(info1, sizeof(info1), "address %s from interface: %s", resif[i][j], cfg->ifs[i]);
+						else	snprintf(info1, sizeof(info1), "interface: %s", cfg->ifs[i]);
+						if(strcmp(cfg->ifs[i2], resif[i2][j2]) != 0)
+							snprintf(info2, sizeof(info2), "address %s from interface: %s", resif[i2][j2], cfg->ifs[i2]);
+						else	snprintf(info2, sizeof(info2), "interface: %s", cfg->ifs[i2]);
+						fatal_exit("%s present twice, cannot bind the same ports twice. The first entry is %s and the second is %s", resif[i][j], info2, info1);
+					}
+				}
+			}
 		}
 	}
+
+	for(i=0; i<cfg->num_ifs; i++) {
+		config_del_strarray(resif[i], num_resif[i]);
+	}
+	free(resif);
+	free(num_resif);
+
 	for(i=0; i<cfg->num_out_ifs; i++) {
 		if(!ipstrtoaddr(cfg->out_ifs[i], UNBOUND_DNS_PORT, &a, &alen) &&
 		   !netblockstrtoaddr(cfg->out_ifs[i], UNBOUND_DNS_PORT, &a, &alen, &d)) {