ip6: fix ip6-local urpf checking

[vpp.git] / src / vnet / session / session_api.c

diff --git a/src/vnet/session/session_api.c b/src/vnet/session/session_api.c
index 6694a40..9236b19 100755 (executable)
--- a/src/vnet/session/session_api.c
+++ b/src/vnet/session/session_api.c
@@ -561,12 +561,10 @@ vl_api_connect_uri_t_handler (vl_api_connect_uri_t * mp)
       a->uri = (char *) mp->uri;
       a->api_context = mp->context;
       a->app_index = app->index;
-      a->mp = mp;
       if ((error = vnet_connect_uri (a)))
        {
          rv = clib_error_get_code (error);
-         if (rv != VNET_API_ERROR_SESSION_REDIRECT)
-           clib_error_report (error);
+         clib_error_report (error);
        }
     }
   else
@@ -579,7 +577,7 @@ vl_api_connect_uri_t_handler (vl_api_connect_uri_t * mp)
    * the connection is established. In case of the redirects, the reply
    * will come from the server app.
    */
-  if (rv == 0 || rv == VNET_API_ERROR_SESSION_REDIRECT)
+  if (rv == 0)
     return;
 
 done:
@@ -774,6 +772,7 @@ done:
       {
        rmp->handle = a->handle;
         rmp->lcl_port = mp->port;
+       rmp->lcl_is_ip4 = mp->is_ip4;
        if (app && application_has_global_scope (app))
          {
            s = listen_session_get_from_handle (a->handle);
@@ -838,6 +837,7 @@ vl_api_connect_sock_t_handler (vl_api_connect_sock_t * mp)
       svm_queue_t *client_q;
       ip46_address_t *ip46 = (ip46_address_t *) mp->ip;
 
+      memset (a, 0, sizeof (*a));
       client_q = vl_api_client_index_to_input_queue (mp->client_index);
       mp->client_queue_address = pointer_to_uword (client_q);
       a->sep.is_ip4 = mp->is_ip4;
@@ -846,22 +846,26 @@ vl_api_connect_sock_t_handler (vl_api_connect_sock_t * mp)
       a->sep.transport_proto = mp->proto;
       a->sep.fib_index = mp->vrf;
       a->sep.sw_if_index = ENDPOINT_INVALID_INDEX;
+      if (mp->hostname_len)
+       {
+         vec_validate (a->sep.hostname, mp->hostname_len - 1);
+         clib_memcpy (a->sep.hostname, mp->hostname, mp->hostname_len);
+       }
       a->api_context = mp->context;
       a->app_index = app->index;
-      a->mp = mp;
       if ((error = vnet_connect (a)))
        {
          rv = clib_error_get_code (error);
-         if (rv != VNET_API_ERROR_SESSION_REDIRECT)
-           clib_error_report (error);
+         clib_error_report (error);
        }
+      vec_free (a->sep.hostname);
     }
   else
     {
       rv = VNET_API_ERROR_APPLICATION_NOT_ATTACHED;
     }
 
-  if (rv == 0 || rv == VNET_API_ERROR_SESSION_REDIRECT)
+  if (rv == 0)
     return;
 
   /* Got some error, relay it */
@@ -1127,6 +1131,11 @@ vl_api_application_tls_cert_add_t_handler (vl_api_application_tls_cert_add_t *
   memset (a, 0, sizeof (*a));
   a->app_index = app->index;
   cert_len = clib_net_to_host_u16 (mp->cert_len);
+  if (cert_len > 10000)
+    {
+      rv = VNET_API_ERROR_INVALID_VALUE;
+      goto done;
+    }
   vec_validate (a->cert, cert_len);
   clib_memcpy (a->cert, mp->cert, cert_len);
   if ((error = vnet_app_add_tls_cert (a)))
@@ -1162,6 +1171,11 @@ vl_api_application_tls_key_add_t_handler (vl_api_application_tls_key_add_t *
   memset (a, 0, sizeof (*a));
   a->app_index = app->index;
   key_len = clib_net_to_host_u16 (mp->key_len);
+  if (key_len > 10000)
+    {
+      rv = VNET_API_ERROR_INVALID_VALUE;
+      goto done;
+    }
   vec_validate (a->key, key_len);
   clib_memcpy (a->key, mp->key, key_len);
   if ((error = vnet_app_add_tls_key (a)))