Bugs item #1888101, was opened at 2008-02-06 18:29 Message generated for change (Comment added) made by henningw You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=743020&aid=1888101&group_id=139143
Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: modules Group: ver 1.3.x Status: Open Resolution: None Priority: 5 Private: No Submitted By: Giovanni Coriasco (gcoriasco) >Assigned to: Henning Westerholt (henningw) Summary: Patch to bug in hash.c (permission module) Initial Comment: I'm running an Openser version 1.3.0 on a Linux machine. I think I found a bug in the "permissions" module. The allow_address() and allow_source_address() operate properly only with /0, /8, /16, /24, /32 netmasks so far. The problem is in the fact that a shift operator (<<) is used with addresses in network byte order. In fact, an IP address A.B.C.D has the following form in network byte order: ddddddddccccccccbbbbbbbbaaaaaaaa where the aaa are the bits (in LITTLE endian format) of the byte A. The problem with the shift operation is that the byte order is BIG endian, BUT each byte has a LITTLE endian order for its bits. Instead, in host byte order, both bits and bytes have little endian format and you just have to invert the shift operation (<< to >> and >> to <<). The patch I wrote converts the address to host byte order before shifting and convert back the result to network byte order. ---------------------------------------------------------------------- >Comment By: Henning Westerholt (henningw) Date: 2008-06-27 15:45 Message: Logged In: YES user_id=337916 Originator: NO I'll take a look. Henning ---------------------------------------------------------------------- Comment By: Giovanni Coriasco (gcoriasco) Date: 2008-06-26 13:07 Message: Logged In: YES user_id=2002223 Originator: YES Hi, Yeah, I'm running the patch in production Concerning bug 1925738, I don't think it is the same issue cause allow_trusted operates only on single host addresses, not network addresses, so that subnetwork information is not used. Otherwise, the bug I think to have found relates to subnetwork address calculation. Giovanni ---------------------------------------------------------------------- Comment By: Henning Westerholt (henningw) Date: 2008-06-26 12:56 Message: Logged In: YES user_id=337916 Originator: NO Hi, i found also another bug, 1925738 that is perhaps related to this one. Do you run this patch in production? Henning ---------------------------------------------------------------------- Comment By: Giovanni Coriasco (gcoriasco) Date: 2008-06-26 12:49 Message: Logged In: YES user_id=2002223 Originator: YES Hi Henning, I'm using a virtual machine with i386 architecture, running on a Intel(R) Xeon(TM) CPU 3.20GHz server. The OS is a Linux Slackware ---------------------------------------------------------------------- Comment By: Henning Westerholt (henningw) Date: 2008-06-26 11:44 Message: Logged In: YES user_id=337916 Originator: NO Hi Giovanni, i looks that this bug is still not fixed. Do run OpenSER on a certain (not that common) architecture? Otherwise i would think that more people would run into this bug.. Cheers, Henning ---------------------------------------------------------------------- Comment By: Bogdan-Andrei Iancu (bogdan_iancu) Date: 2008-03-10 15:24 Message: Logged In: YES user_id=1275325 Originator: NO Hi Giovanni, This looks like a bug, so I re-posting your message accordingly. Thanks and Regards, Bogdan ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=743020&aid=1888101&group_id=139143 _______________________________________________ Devel mailing list Devel@lists.openser.org http://lists.openser.org/cgi-bin/mailman/listinfo/devel
