Hi, I just found the same bug while I was trying to connect to the iodined from a debian stable using the iodine client from the source code (version 0.5.1).
I have seen in the code, that it checks the version number, but it isn't done correctly. I know that the last version of this code have solved this issue, but the current version in debian stable has this bug, and it is very dangerous. I attach a patch that solves the segmentation fault. Greetings. -- Albert Sellarès GPG id: 0x13053FFE http://www.wekk.net wh...@jabber.org Linux User: 324456
diff -bBur a/iodined.c b/iodined.c
--- a/iodined.c 2008-08-06 22:26:36.000000000 +0200
+++ b/iodined.c 2009-04-26 12:55:55.000000000 +0200
@@ -189,7 +188,6 @@
((unpacked[3] & 0xff)));
}
- if (version == VERSION) {
userid = find_available_user();
if (userid >= 0) {
struct sockaddr_in *tempin;
@@ -201,15 +199,16 @@
memcpy(&(users[userid].q), q, sizeof(struct query));
users[userid].encoder = get_base32_encoder();
+ if (version == VERSION) {
send_version_response(dns_fd, VERSION_ACK, users[userid].seed, &users[userid]);
+ } else {
+ send_version_response(dns_fd, VERSION_NACK, VERSION, &users[userid]);
+ }
users[userid].q.id = 0;
} else {
/* No space for another user */
send_version_response(dns_fd, VERSION_FULL, USERS, NULL);
}
- } else {
- send_version_response(dns_fd, VERSION_NACK, VERSION, NULL);
- }
} else if(in[0] == 'L' || in[0] == 'l') {
read = unpack_data(unpacked, sizeof(unpacked), &(in[1]), read - 1, b32);
/* Login phase, handle auth */
signature.asc
Description: Això és una part d'un missatge signada digitalment
