mirror of
https://github.com/moparisthebest/curl
synced 2024-12-21 15:48:49 -05:00
connect: treat an interface bindlocal() problem as a non-fatal error
I am using curl_easy_setopt(CURLOPT_INTERFACE, "if!something") to force transfers to use a particular interface but the transfer fails with CURLE_INTERFACE_FAILED, "Failed binding local connection end" if the interface I specify has no IPv6 address. The cause is as follows: The remote hostname resolves successfully and has an IPv6 address and an IPv4 address. cURL attempts to connect to the IPv6 address first. bindlocal (in lib/connect.c) fails because Curl_if2ip cannot find an IPv6 address on the interface. This is a fatal error in singleipconnect() This change will make cURL try the next IP address in the list. Also included are two changes related to IPv6 address scope: - Filter the choice of address in Curl_if2ip to only consider addresses with the same scope ID as the connection address (mismatched scope for local and remote address does not result in a working connection). - bindlocal was ignoring the scope ID of addresses returned by Curl_if2ip . Now it uses them. Bug: http://curl.haxx.se/bug/view.cgi?id=1189
This commit is contained in:
parent
a181e7b084
commit
090b55c100
105
lib/connect.c
105
lib/connect.c
@ -310,41 +310,54 @@ static CURLcode bindlocal(struct connectdata *conn,
|
||||
}
|
||||
|
||||
/* interface */
|
||||
if(!is_host && (is_interface || Curl_if_is_interface_name(dev))) {
|
||||
if(Curl_if2ip(af, dev, myhost, sizeof(myhost)) == NULL)
|
||||
return CURLE_INTERFACE_FAILED;
|
||||
|
||||
/*
|
||||
* We now have the numerical IP address in the 'myhost' buffer
|
||||
*/
|
||||
infof(data, "Local Interface %s is ip %s using address family %i\n",
|
||||
dev, myhost, af);
|
||||
done = 1;
|
||||
if(!is_host) {
|
||||
switch(Curl_if2ip(af, conn->scope, dev, myhost, sizeof(myhost))) {
|
||||
case IF2IP_NOT_FOUND:
|
||||
if(is_interface) {
|
||||
/* Do not fall back to treating it as a host name */
|
||||
failf(data, "Couldn't bind to interface '%s'", dev);
|
||||
return CURLE_INTERFACE_FAILED;
|
||||
}
|
||||
break;
|
||||
case IF2IP_AF_NOT_SUPPORTED:
|
||||
/* Signal the caller to try another address family if available */
|
||||
return CURLE_UNSUPPORTED_PROTOCOL;
|
||||
case IF2IP_FOUND:
|
||||
is_interface = TRUE;
|
||||
/*
|
||||
* We now have the numerical IP address in the 'myhost' buffer
|
||||
*/
|
||||
infof(data, "Local Interface %s is ip %s using address family %i\n",
|
||||
dev, myhost, af);
|
||||
done = 1;
|
||||
|
||||
#ifdef SO_BINDTODEVICE
|
||||
/* I am not sure any other OSs than Linux that provide this feature, and
|
||||
* at the least I cannot test. --Ben
|
||||
*
|
||||
* This feature allows one to tightly bind the local socket to a
|
||||
* particular interface. This will force even requests to other local
|
||||
* interfaces to go out the external interface.
|
||||
*
|
||||
*
|
||||
* Only bind to the interface when specified as interface, not just as a
|
||||
* hostname or ip address.
|
||||
*/
|
||||
if(setsockopt(sockfd, SOL_SOCKET, SO_BINDTODEVICE,
|
||||
dev, (curl_socklen_t)strlen(dev)+1) != 0) {
|
||||
error = SOCKERRNO;
|
||||
infof(data, "SO_BINDTODEVICE %s failed with errno %d: %s;"
|
||||
" will do regular bind\n",
|
||||
dev, error, Curl_strerror(conn, error));
|
||||
/* This is typically "errno 1, error: Operation not permitted" if
|
||||
you're not running as root or another suitable privileged user */
|
||||
}
|
||||
/* I am not sure any other OSs than Linux that provide this feature,
|
||||
* and at the least I cannot test. --Ben
|
||||
*
|
||||
* This feature allows one to tightly bind the local socket to a
|
||||
* particular interface. This will force even requests to other
|
||||
* local interfaces to go out the external interface.
|
||||
*
|
||||
*
|
||||
* Only bind to the interface when specified as interface, not just
|
||||
* as a hostname or ip address.
|
||||
*/
|
||||
if(setsockopt(sockfd, SOL_SOCKET, SO_BINDTODEVICE,
|
||||
dev, (curl_socklen_t)strlen(dev)+1) != 0) {
|
||||
error = SOCKERRNO;
|
||||
infof(data, "SO_BINDTODEVICE %s failed with errno %d: %s;"
|
||||
" will do regular bind\n",
|
||||
dev, error, Curl_strerror(conn, error));
|
||||
/* This is typically "errno 1, error: Operation not permitted" if
|
||||
you're not running as root or another suitable privileged
|
||||
user */
|
||||
}
|
||||
#endif
|
||||
break;
|
||||
}
|
||||
}
|
||||
else {
|
||||
if(!is_interface) {
|
||||
/*
|
||||
* This was not an interface, resolve the name as a host name
|
||||
* or IP number
|
||||
@ -388,11 +401,26 @@ static CURLcode bindlocal(struct connectdata *conn,
|
||||
if(done > 0) {
|
||||
#ifdef ENABLE_IPV6
|
||||
/* ipv6 address */
|
||||
if((af == AF_INET6) &&
|
||||
(Curl_inet_pton(AF_INET6, myhost, &si6->sin6_addr) > 0)) {
|
||||
si6->sin6_family = AF_INET6;
|
||||
si6->sin6_port = htons(port);
|
||||
sizeof_sa = sizeof(struct sockaddr_in6);
|
||||
if(af == AF_INET6) {
|
||||
#ifdef HAVE_SOCKADDR_IN6_SIN6_SCOPE_ID
|
||||
char *scope_ptr = strchr(myhost, '%');
|
||||
|
||||
if(scope_ptr) *(scope_ptr++) = 0;
|
||||
#endif
|
||||
if(Curl_inet_pton(AF_INET6, myhost, &si6->sin6_addr) > 0) {
|
||||
si6->sin6_family = AF_INET6;
|
||||
si6->sin6_port = htons(port);
|
||||
#ifdef HAVE_SOCKADDR_IN6_SIN6_SCOPE_ID
|
||||
if(scope_ptr) {
|
||||
/* The "myhost" string either comes from Curl_if2ip or
|
||||
from Curl_printable_address. The latter returns only
|
||||
numeric scope IDs and the former returns none at all.
|
||||
So the scope ID, if present, is known to be numeric */
|
||||
si6->sin6_scope_id = atoi(scope_ptr);
|
||||
}
|
||||
}
|
||||
#endif
|
||||
sizeof_sa = sizeof(struct sockaddr_in6);
|
||||
}
|
||||
else
|
||||
#endif
|
||||
@ -966,6 +994,11 @@ singleipconnect(struct connectdata *conn,
|
||||
res = bindlocal(conn, sockfd, addr.family);
|
||||
if(res) {
|
||||
Curl_closesocket(conn, sockfd); /* close socket and bail out */
|
||||
if(res == CURLE_UNSUPPORTED_PROTOCOL) {
|
||||
/* The address family is not supported on this interface.
|
||||
We can continue trying addresses */
|
||||
return CURLE_OK;
|
||||
}
|
||||
return res;
|
||||
}
|
||||
|
||||
|
17
lib/ftp.c
17
lib/ftp.c
@ -1066,12 +1066,17 @@ static CURLcode ftp_state_use_port(struct connectdata *conn,
|
||||
|
||||
if(*addr != '\0') {
|
||||
/* attempt to get the address of the given interface name */
|
||||
if(!Curl_if2ip(conn->ip_addr->ai_family, addr,
|
||||
hbuf, sizeof(hbuf)))
|
||||
/* not an interface, use the given string as host name instead */
|
||||
host = addr;
|
||||
else
|
||||
host = hbuf; /* use the hbuf for host name */
|
||||
switch(Curl_if2ip(conn->ip_addr->ai_family, conn->scope, addr,
|
||||
hbuf, sizeof(hbuf))) {
|
||||
case IF2IP_NOT_FOUND:
|
||||
/* not an interface, use the given string as host name instead */
|
||||
host = addr;
|
||||
break;
|
||||
case IF2IP_AF_NOT_SUPPORTED:
|
||||
return CURLE_FTP_PORT_FAILED;
|
||||
case IF2IP_FOUND:
|
||||
host = hbuf; /* use the hbuf for host name */
|
||||
}
|
||||
}
|
||||
else
|
||||
/* there was only a port(-range) given, default the host */
|
||||
|
92
lib/if2ip.c
92
lib/if2ip.c
@ -83,42 +83,59 @@ bool Curl_if_is_interface_name(const char *interf)
|
||||
return result;
|
||||
}
|
||||
|
||||
char *Curl_if2ip(int af, const char *interf, char *buf, int buf_size)
|
||||
if2ip_result_t Curl_if2ip(int af, unsigned int remote_scope,
|
||||
const char *interf, char *buf, int buf_size)
|
||||
{
|
||||
struct ifaddrs *iface, *head;
|
||||
char *ip = NULL;
|
||||
if2ip_result_t res = IF2IP_NOT_FOUND;
|
||||
|
||||
if(getifaddrs(&head) >= 0) {
|
||||
for(iface=head; iface != NULL; iface=iface->ifa_next) {
|
||||
if((iface->ifa_addr != NULL) &&
|
||||
(iface->ifa_addr->sa_family == af) &&
|
||||
curl_strequal(iface->ifa_name, interf)) {
|
||||
void *addr;
|
||||
char scope[12]="";
|
||||
char ipstr[64];
|
||||
if(iface->ifa_addr != NULL) {
|
||||
if(iface->ifa_addr->sa_family == af) {
|
||||
if(curl_strequal(iface->ifa_name, interf)) {
|
||||
void *addr;
|
||||
char *ip;
|
||||
char scope[12]="";
|
||||
char ipstr[64];
|
||||
#ifdef ENABLE_IPV6
|
||||
if(af == AF_INET6) {
|
||||
unsigned int scopeid = 0;
|
||||
addr = &((struct sockaddr_in6 *)iface->ifa_addr)->sin6_addr;
|
||||
if(af == AF_INET6) {
|
||||
unsigned int scopeid = 0;
|
||||
addr = &((struct sockaddr_in6 *)iface->ifa_addr)->sin6_addr;
|
||||
#ifdef HAVE_SOCKADDR_IN6_SIN6_SCOPE_ID
|
||||
/* Include the scope of this interface as part of the address */
|
||||
scopeid = ((struct sockaddr_in6 *)iface->ifa_addr)->sin6_scope_id;
|
||||
/* Include the scope of this interface as part of the address */
|
||||
scopeid =
|
||||
((struct sockaddr_in6 *)iface->ifa_addr)->sin6_scope_id;
|
||||
#endif
|
||||
if(scopeid)
|
||||
snprintf(scope, sizeof(scope), "%%%u", scopeid);
|
||||
if(scopeid != remote_scope) {
|
||||
/* We are interested only in interface addresses whose
|
||||
scope ID matches the remote address we want to
|
||||
connect to: global (0) for global, link-local for
|
||||
link-local, etc... */
|
||||
if(res == IF2IP_NOT_FOUND) res = IF2IP_AF_NOT_SUPPORTED;
|
||||
continue;
|
||||
}
|
||||
if(scopeid)
|
||||
snprintf(scope, sizeof(scope), "%%%u", scopeid);
|
||||
}
|
||||
else
|
||||
#endif
|
||||
addr = &((struct sockaddr_in *)iface->ifa_addr)->sin_addr;
|
||||
res = IF2IP_FOUND;
|
||||
ip = (char *) Curl_inet_ntop(af, addr, ipstr, sizeof(ipstr));
|
||||
snprintf(buf, buf_size, "%s%s", ip, scope);
|
||||
break;
|
||||
}
|
||||
}
|
||||
else if((res == IF2IP_NOT_FOUND) &&
|
||||
curl_strequal(iface->ifa_name, interf)) {
|
||||
res = IF2IP_AF_NOT_SUPPORTED;
|
||||
}
|
||||
else
|
||||
#endif
|
||||
addr = &((struct sockaddr_in *)iface->ifa_addr)->sin_addr;
|
||||
ip = (char *) Curl_inet_ntop(af, addr, ipstr, sizeof(ipstr));
|
||||
snprintf(buf, buf_size, "%s%s", ip, scope);
|
||||
ip = buf;
|
||||
break;
|
||||
}
|
||||
}
|
||||
freeifaddrs(head);
|
||||
}
|
||||
return ip;
|
||||
return res;
|
||||
}
|
||||
|
||||
#elif defined(HAVE_IOCTL_SIOCGIFADDR)
|
||||
@ -128,30 +145,29 @@ bool Curl_if_is_interface_name(const char *interf)
|
||||
/* This is here just to support the old interfaces */
|
||||
char buf[256];
|
||||
|
||||
char *ip = Curl_if2ip(AF_INET, interf, buf, sizeof(buf));
|
||||
|
||||
return (ip != NULL) ? TRUE : FALSE;
|
||||
return (Curl_if2ip(AF_INET, 0, interf, buf, sizeof(buf)) ==
|
||||
IF2IP_NOT_FOUND) ? FALSE : TRUE;
|
||||
}
|
||||
|
||||
char *Curl_if2ip(int af, const char *interf, char *buf, int buf_size)
|
||||
if2ip_result_t Curl_if2ip(int af, unsigned int remote_scope,
|
||||
const char *interf, char *buf, int buf_size)
|
||||
{
|
||||
struct ifreq req;
|
||||
struct in_addr in;
|
||||
struct sockaddr_in *s;
|
||||
curl_socket_t dummy;
|
||||
size_t len;
|
||||
char *ip;
|
||||
|
||||
if(!interf || (af != AF_INET))
|
||||
return NULL;
|
||||
return IF2IP_NOT_FOUND;
|
||||
|
||||
len = strlen(interf);
|
||||
if(len >= sizeof(req.ifr_name))
|
||||
return NULL;
|
||||
return IF2IP_NOT_FOUND;
|
||||
|
||||
dummy = socket(AF_INET, SOCK_STREAM, 0);
|
||||
if(CURL_SOCKET_BAD == dummy)
|
||||
return NULL;
|
||||
return IF2IP_NOT_FOUND;
|
||||
|
||||
memset(&req, 0, sizeof(req));
|
||||
memcpy(req.ifr_name, interf, len+1);
|
||||
@ -159,15 +175,18 @@ char *Curl_if2ip(int af, const char *interf, char *buf, int buf_size)
|
||||
|
||||
if(ioctl(dummy, SIOCGIFADDR, &req) < 0) {
|
||||
sclose(dummy);
|
||||
return NULL;
|
||||
/* With SIOCGIFADDR, we cannot tell the difference between an interface
|
||||
that does not exist and an interface that has no address of the
|
||||
correct family. Assume the interface does not exist */
|
||||
return IF2IP_NOT_FOUND;
|
||||
}
|
||||
|
||||
s = (struct sockaddr_in *)&req.ifr_addr;
|
||||
memcpy(&in, &s->sin_addr, sizeof(in));
|
||||
ip = (char *) Curl_inet_ntop(s->sin_family, &in, buf, buf_size);
|
||||
Curl_inet_ntop(s->sin_family, &in, buf, buf_size);
|
||||
|
||||
sclose(dummy);
|
||||
return ip;
|
||||
return IF2IP_FOUND;
|
||||
}
|
||||
|
||||
#else
|
||||
@ -179,13 +198,14 @@ bool Curl_if_is_interface_name(const char *interf)
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
char *Curl_if2ip(int af, const char *interf, char *buf, int buf_size)
|
||||
if2ip_result_t Curl_if2ip(int af, unsigned int remote_scope,
|
||||
const char *interf, char *buf, int buf_size)
|
||||
{
|
||||
(void) af;
|
||||
(void) interf;
|
||||
(void) buf;
|
||||
(void) buf_size;
|
||||
return NULL;
|
||||
return IF2IP_NOT_FOUND;
|
||||
}
|
||||
|
||||
#endif
|
||||
|
10
lib/if2ip.h
10
lib/if2ip.h
@ -24,7 +24,15 @@
|
||||
#include "curl_setup.h"
|
||||
|
||||
bool Curl_if_is_interface_name(const char *interf);
|
||||
char *Curl_if2ip(int af, const char *interf, char *buf, int buf_size);
|
||||
|
||||
typedef enum {
|
||||
IF2IP_NOT_FOUND = 0, /* Interface not found */
|
||||
IF2IP_AF_NOT_SUPPORTED = 1, /* Int. exists but has no address for this af */
|
||||
IF2IP_FOUND = 2 /* The address has been stored in "buf" */
|
||||
} if2ip_result_t;
|
||||
|
||||
if2ip_result_t Curl_if2ip(int af, unsigned int remote_scope,
|
||||
const char *interf, char *buf, int buf_size);
|
||||
|
||||
#ifdef __INTERIX
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user