Don't leak interface name via multicast, ensure zone is always correct when dialling link-local

This commit is contained in:
Neil Alexander 2019-03-09 09:24:52 +00:00
parent a0e6edd219
commit 03eec4b14d
No known key found for this signature in database
GPG Key ID: A02A2019A2BB0944
2 changed files with 17 additions and 9 deletions

View File

@ -166,6 +166,7 @@ func (m *multicast) announce() {
// Get the listener details and construct the multicast beacon
lladdr := listener.listener.Addr().String()
if a, err := net.ResolveTCPAddr("tcp6", lladdr); err == nil {
a.Zone = ""
destAddr.Zone = iface.Name
msg := []byte(a.String())
m.sock.WriteTo(msg, nil, destAddr)
@ -208,8 +209,9 @@ func (m *multicast) listen() {
if addr.IP.String() != from.IP.String() {
continue
}
addr.Zone = from.Zone
saddr := addr.String()
m.core.link.call("tcp://"+saddr, addr.Zone)
addr.Zone = ""
if err := m.core.link.call("tcp://"+addr.String(), from.Zone); err != nil {
m.core.log.Debugln("Call from multicast failed:", err)
}
}
}

View File

@ -259,6 +259,16 @@ func (t *tcp) call(saddr string, options interface{}, sintf string) {
}
t.handler(conn, false, dialerdst.String())
} else {
dst, err := net.ResolveTCPAddr("tcp", saddr)
if err != nil {
return
}
if dst.IP.IsLinkLocalUnicast() {
dst.Zone = sintf
if dst.Zone == "" {
return
}
}
dialer := net.Dialer{
Control: t.tcpContext,
}
@ -272,10 +282,6 @@ func (t *tcp) call(saddr string, options interface{}, sintf string) {
}
addrs, err := ief.Addrs()
if err == nil {
dst, err := net.ResolveTCPAddr("tcp", saddr)
if err != nil {
return
}
for addrindex, addr := range addrs {
src, _, err := net.ParseCIDR(addr.String())
if err != nil {
@ -309,9 +315,9 @@ func (t *tcp) call(saddr string, options interface{}, sintf string) {
}
}
}
conn, err = dialer.Dial("tcp", saddr)
conn, err = dialer.Dial("tcp", dst.String())
if err != nil {
t.link.core.log.Debugln("Failed to dial TCP:", err)
return
}
t.handler(conn, false, nil)