On 02/09/2018 11:35 AM, Ben Pfaff wrote:
On Fri, Feb 09, 2018 at 09:11:00AM -0600, Mark Michelson wrote:
There was a bug in DNS request handling where the incoming packet was
assumed to be IPv4.

The result was that for the outgoing packet, we would attempt to write
the IPv4 checksum and total length into what was actually an IPv6
header. This resulted in the source IPv6 address getting corrupted.
Later, the source and destination IPv6 addresses would get swapped,
resulting in the DNS response being sent to a nonsense destination.

With this change, we check the ethertype of the packet to determine what
l3 information to write, and where to write it. A test is also included
that verifies that this works as expected.

Reported-at: https://bugzilla.redhat.com/show_bug.cgi?id=1539608
Signed-off-by: Mark Michelson <mmich...@redhat.com>

Thank you for the fix and the test!  I applied this to master and
branch-2.9.  Let me know if you want it backported further.

I folded in the following nonessential correction pointed out by

--8<--------------------------cut here-------------------------->8--

diff --git a/ovn/controller/pinctrl.c b/ovn/controller/pinctrl.c
index 6654d7f49396..14c95ff547ff 100644
--- a/ovn/controller/pinctrl.c
+++ b/ovn/controller/pinctrl.c
@@ -917,7 +917,7 @@ pinctrl_handle_dns_lookup(
      out_udp->udp_csum = 0;
struct eth_header *eth = dp_packet_data(&pkt_out);
-    if (eth->eth_type == ntohs(ETH_TYPE_IP)) {
+    if (eth->eth_type == htons(ETH_TYPE_IP)) {
          struct ip_header *out_ip = dp_packet_l3(&pkt_out);
          out_ip->ip_tot_len = htons(pkt_out.l4_ofs - pkt_out.l3_ofs
                                     + new_l4_size);

Thanks Ben. This error is present in 2.8 as well.
dev mailing list

Reply via email to