ws2_32: Work around the host name resolving to 127.x.x.x when using that for binding.

Paul Chitescu paulc at voip.null.ro
Tue Apr 15 06:11:46 CDT 2008 

On Mon, 14 Apr 2008, Kai Blin wrote:
> On Monday 14 April 2008 18:42:26 Paul Chitescu wrote:
>
>> Binding to a specific address is the only easy way of detecting which
>> interface an UDP packet was received on since recvfrom() only gives source
>> address, not destination. Listening on 0.0.0.0 would make impossible to
>> tell which interface a packet was received on. Furthermore, a program that
>> explicitely tries to bind to each interface would fail all but the first
>> bind and possibly bail out. Probably many games that use UDP would break.
>
> I'm currently trying to fix apps that fail doing the following (which seems to
> be a popular way among game developers), in pseudo-code.
>
> hostname = gethostname();
> hostent = gethostbyname(hostname);
> sockaddr->sin_addr = hostent->addr;
> sock = socket();
> bind(sock, sockaddr);
>
> Which, as Christoph noted, cause windows apps to bind to loopback addresses,
> breaking the networking. This only started to happen recently as recently
> Linux distros started mapping the machine's hostname to a loopback address. I
> don't think Wine ever used the registry for anything like that.
>
> Cheers,
> Kai
>
> -- 
> Kai Blin
> WorldForge developer  http://www.worldforge.org/
> Wine developer        http://wiki.winehq.org/KaiBlin
> Samba team member     http://www.samba.org/samba/team/
> --
> Will code for cotton.


Hi, Kai!

Your patch seems quite safe to me as it checks lots of stuff. I disagreed 
to Christoph Frick's proposal of always binding to 0.0.0.0

As a security enhancement, what about randomly initializing the last 3 
octets of magic_loopback_addr at every run instance? This could help fend 
off potential attacks targeted at buggy applications running in Wine by 
sending this special address over some other protocol. A remote attacker 
can convince a local application to listen on all interfaces including 
Internet attached ones while thinking it (safely) listens only on 
loopback.

Regards,

Paul Chitescu

More information about the wine-devel mailing list