From cb4ef1ea12789af09fe9a6634012cf0f3797a56a Mon Sep 17 00:00:00 2001 From: Ben Pfaff Date: Tue, 18 Oct 2011 08:57:37 -0700 Subject: [PATCH] bridge: Allow specially named "unix:" controllers. Some users want to use Unix domain socket controllers, so this relaxes the restriction. Requested-by: Jari Sundell --- vswitchd/bridge.c | 45 +++++++++++++++++++++++++++++++++++++++------ 1 file changed, 39 insertions(+), 6 deletions(-) diff --git a/vswitchd/bridge.c b/vswitchd/bridge.c index d4335c10..1319df8a 100644 --- a/vswitchd/bridge.c +++ b/vswitchd/bridge.c @@ -1990,6 +1990,26 @@ bridge_configure_local_iface_netdev(struct bridge *br, } } +/* Returns true if 'a' and 'b' are the same except that any number of slashes + * in either string are treated as equal to any number of slashes in the other, + * e.g. "x///y" is equal to "x/y". */ +static bool +equal_pathnames(const char *a, const char *b) +{ + while (*a == *b) { + if (*a == '/') { + a += strspn(a, "/"); + b += strspn(b, "/"); + } else if (*a == '\0') { + return true; + } else { + a++; + b++; + } + } + return false; +} + static void bridge_configure_remotes(struct bridge *br, const struct sockaddr_in *managers, size_t n_managers) @@ -2036,13 +2056,26 @@ bridge_configure_remotes(struct bridge *br, if (!strncmp(c->target, "punix:", 6) || !strncmp(c->target, "unix:", 5)) { static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5); + char *whitelist; + + whitelist = xasprintf("unix:%s/%s.controller", + ovs_rundir(), br->name); + if (!equal_pathnames(c->target, whitelist)) { + /* Prevent remote ovsdb-server users from accessing arbitrary + * Unix domain sockets and overwriting arbitrary local + * files. */ + VLOG_ERR_RL(&rl, "bridge %s: Not adding Unix domain socket " + "controller \"%s\" due to possibility for remote " + "exploit. Instead, specify whitelisted \"%s\" or " + "connect to \"unix:%s/%s.mgmt\" (which is always " + "available without special configuration).", + br->name, c->target, whitelist, + ovs_rundir(), br->name); + free(whitelist); + continue; + } - /* Prevent remote ovsdb-server users from accessing arbitrary Unix - * domain sockets and overwriting arbitrary local files. */ - VLOG_ERR_RL(&rl, "bridge %s: not adding Unix domain socket " - "controller \"%s\" due to possibility for remote " - "exploit", br->name, c->target); - continue; + free(whitelist); } bridge_configure_local_iface_netdev(br, c); -- 2.30.2