summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGünther Deschner <gd@samba.org>2010-05-14 23:21:47 +0200
committerGünther Deschner <gd@samba.org>2010-05-17 12:47:34 +0200
commit14ac2bb36ee22be6133ca1d069dc5de6c1891f47 (patch)
treecf5781df2d2e4e3f30c2b6db990c8a19b18f57b5
parentd040658e1a5a48c6cc33640de37771d601c69a76 (diff)
downloadsamba-14ac2bb36ee22be6133ca1d069dc5de6c1891f47.tar.gz
samba-14ac2bb36ee22be6133ca1d069dc5de6c1891f47.tar.bz2
samba-14ac2bb36ee22be6133ca1d069dc5de6c1891f47.zip
s3-winbind: make the getpeername() checks in cm_prepare_connection IPv6 aware.
Note that this failure was hard to track, as winbind did only log a super helpful "cm_prepare_connection: Success" debug message. IPv6 gurus, please check Successfully tested in two independent IPv6 networks now. Guenther
-rw-r--r--source3/winbindd/winbindd_cm.c30
1 files changed, 25 insertions, 5 deletions
diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c
index 9715363f70..45747d4a36 100644
--- a/source3/winbindd/winbindd_cm.c
+++ b/source3/winbindd/winbindd_cm.c
@@ -808,11 +808,31 @@ static NTSTATUS cm_prepare_connection(const struct winbindd_domain *domain,
peeraddr_len = sizeof(peeraddr);
- if ((getpeername((*cli)->fd, &peeraddr, &peeraddr_len) != 0) ||
- (peeraddr_len != sizeof(struct sockaddr_in)) ||
- (peeraddr_in->sin_family != PF_INET))
- {
- DEBUG(0,("cm_prepare_connection: %s\n", strerror(errno)));
+ if ((getpeername((*cli)->fd, &peeraddr, &peeraddr_len) != 0)) {
+ DEBUG(0,("cm_prepare_connection: getpeername failed with: %s\n",
+ strerror(errno)));
+ result = NT_STATUS_UNSUCCESSFUL;
+ goto done;
+ }
+
+ if ((peeraddr_len != sizeof(struct sockaddr_in))
+#ifdef HAVE_IPV6
+ && (peeraddr_len != sizeof(struct sockaddr_in6))
+#endif
+ ) {
+ DEBUG(0,("cm_prepare_connection: got unexpected peeraddr len %d\n",
+ peeraddr_len));
+ result = NT_STATUS_UNSUCCESSFUL;
+ goto done;
+ }
+
+ if ((peeraddr_in->sin_family != PF_INET)
+#ifdef HAVE_IPV6
+ && (peeraddr_in->sin_family != PF_INET6)
+#endif
+ ) {
+ DEBUG(0,("cm_prepare_connection: got unexpected family %d\n",
+ peeraddr_in->sin_family));
result = NT_STATUS_UNSUCCESSFUL;
goto done;
}