From 9237bb5162841d0db46ea4e6f4cb73051edc735e Mon Sep 17 00:00:00 2001 From: Shawn Carey Date: Wed, 20 Dec 2023 02:59:41 +0000 Subject: [PATCH] don't access source_addr through io->app_data. keep addrinfo for source address until bind is attempted (#770) --- lib/ziti-tunnel-cbs/ziti_hosting.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/lib/ziti-tunnel-cbs/ziti_hosting.c b/lib/ziti-tunnel-cbs/ziti_hosting.c index b0e33a2b..3ce7215f 100644 --- a/lib/ziti-tunnel-cbs/ziti_hosting.c +++ b/lib/ziti-tunnel-cbs/ziti_hosting.c @@ -390,7 +390,7 @@ static const char *compute_dst_port(const host_ctx_t *service, const tunneler_ap static int do_bind(hosted_io_context io, const char *addr, int socktype) { // split out the ip and port if port was specified - char *src_ip = strdup(io->app_data->source_addr); + char *src_ip = strdup(addr); char *port = strchr(src_ip, ':'); if (port != NULL) { *port = '\0'; @@ -419,8 +419,6 @@ static int do_bind(hosted_io_context io, const char *addr, int socktype) { ziti_address src_za; ziti_address_from_sockaddr(&src_za, ai_req.addrinfo->ai_addr); // convert for easy validation - uv_freeaddrinfo(ai_req.addrinfo); - if (!address_match(&src_za, &io->service->allowed_source_addresses)) { ZITI_LOG(ERROR, "hosted_service[%s], client[%s] client requested source IP %s is not allowed", io->service->service_name, io->client_identity, io->app_data->source_addr); @@ -437,9 +435,11 @@ static int do_bind(hosted_io_context io, const char *addr, int socktype) { default: ZITI_LOG(ERROR, "hosted_service[%s] client[%s] unsupported protocol %d when binding source address", io->service->service_name, io->client_identity, hints.ai_protocol); - return -1; + uv_err = UV_EINVAL; } + uv_freeaddrinfo(ai_req.addrinfo); + if (uv_err != 0) { ZITI_LOG(ERROR, "hosted_service[%s] client[%s]: bind failed: %s", io->service->service_name, io->client_identity, uv_strerror(uv_err));