diff options
author | Günther Deschner <gd@samba.org> | 2010-01-19 00:33:57 +0100 |
---|---|---|
committer | Günther Deschner <gd@samba.org> | 2010-01-19 14:14:30 +0100 |
commit | f720f7512e66687f745732b86305eecec8f66d77 (patch) | |
tree | e59e817ceb0a3a704c233bd884d64414c3491e97 /source3 | |
parent | c971c10a63841d9b850d10ce856e813e37cace36 (diff) | |
download | samba-f720f7512e66687f745732b86305eecec8f66d77.tar.gz samba-f720f7512e66687f745732b86305eecec8f66d77.tar.bz2 samba-f720f7512e66687f745732b86305eecec8f66d77.zip |
s3-spoolss: stricter name checks when opening back-channel notify connection.
Make sure to always check if the name the client passed in
spoolss_RemoteFindFirstPrinterChangeNotifyEx is not one of our names.
Guenther
Diffstat (limited to 'source3')
-rw-r--r-- | source3/rpc_server/srv_spoolss_nt.c | 20 |
1 files changed, 13 insertions, 7 deletions
diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c index 0028ec0188..b1513dd329 100644 --- a/source3/rpc_server/srv_spoolss_nt.c +++ b/source3/rpc_server/srv_spoolss_nt.c @@ -2340,27 +2340,30 @@ static bool spoolss_connect_to_client(struct rpc_pipe_client **pp_pipe, NTSTATUS ret; struct cli_state *the_cli; struct sockaddr_storage rm_addr; + char addr[INET6_ADDRSTRLEN]; if ( is_zero_addr((struct sockaddr *)client_ss) ) { + DEBUG(2,("spoolss_connect_to_client: resolving %s\n", + remote_machine)); if ( !resolve_name( remote_machine, &rm_addr, 0x20, false) ) { DEBUG(2,("spoolss_connect_to_client: Can't resolve address for %s\n", remote_machine)); return false; } - - if (ismyaddr((struct sockaddr *)&rm_addr)) { - DEBUG(0,("spoolss_connect_to_client: Machine %s is one of our addresses. Cannot add to ourselves.\n", remote_machine)); - return false; - } + print_sockaddr(addr, sizeof(addr), &rm_addr); } else { - char addr[INET6_ADDRSTRLEN]; rm_addr = *client_ss; print_sockaddr(addr, sizeof(addr), &rm_addr); DEBUG(5,("spoolss_connect_to_client: Using address %s (no name resolution necessary)\n", addr)); } - /* setup the connection */ + if (ismyaddr((struct sockaddr *)&rm_addr)) { + DEBUG(0,("spoolss_connect_to_client: Machine %s is one of our addresses. Cannot add to ourselves.\n", + addr)); + return false; + } + /* setup the connection */ ret = cli_full_connection( &the_cli, global_myname(), remote_machine, &rm_addr, 0, "IPC$", "IPC", "", /* username */ @@ -2549,6 +2552,9 @@ WERROR _spoolss_RemoteFindFirstPrinterChangeNotifyEx(pipes_struct *p, !get_printer_snum(p, r->in.handle, &snum, NULL) ) return WERR_BADFID; + DEBUG(10,("_spoolss_RemoteFindFirstPrinterChangeNotifyEx: " + "client_address is %s\n", p->client_address)); + if (!interpret_string_addr(&client_ss, p->client_address, AI_NUMERICHOST)) { return WERR_SERVER_UNAVAILABLE; |