[client] bug fix to set non-zero random source port for UDP raw SPA mode
authorMichael Rash <mbr@cipherdyne.org>
Thu, 6 Mar 2014 04:10:47 +0000 (23:10 -0500)
committerMichael Rash <mbr@cipherdyne.org>
Sun, 9 Mar 2014 23:08:40 +0000 (19:08 -0400)
client/fwknop.c

index 8a3241f..28ed226 100644 (file)
@@ -451,6 +451,8 @@ main(int argc, char **argv)
     if (options.save_packet_file[0] != 0x0)
         write_spa_packet_data(ctx, &options);
 
+    /* SPA packet random destination port handling
+    */
     if (options.rand_port)
     {
         tmp_port = get_rand_port(ctx);
@@ -460,6 +462,22 @@ main(int argc, char **argv)
         options.spa_dst_port = tmp_port;
     }
 
+    /* If we are using one the "raw" modes (normally because
+     * we're going to spoof the SPA packet source IP), then select
+     * a random source port unless the source port is already set
+    */
+    if ((options.spa_proto == FKO_PROTO_TCP_RAW
+            || options.spa_proto == FKO_PROTO_UDP_RAW
+            || options.spa_proto == FKO_PROTO_ICMP)
+            && !options.spa_src_port)
+    {
+        tmp_port = get_rand_port();
+        if(tmp_port < 0)
+            clean_exit(ctx, &options, key, &orig_key_len,
+                    hmac_key, &hmac_key_len, EXIT_FAILURE);
+        options.spa_src_port = tmp_port;
+    }
+
     res = send_spa_packet(ctx, &options);
     if(res < 0)
     {