summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/include/proto.h6
-rw-r--r--source3/lib/access.c7
-rw-r--r--source3/lib/util.c126
-rw-r--r--source3/rpc_server/srv_netlog.c5
-rw-r--r--source3/smbd/connection.c3
-rw-r--r--source3/smbd/password.c22
-rw-r--r--source3/smbd/reply.c2
-rw-r--r--source3/smbd/server.c8
-rw-r--r--source3/web/cgi.c21
-rw-r--r--source3/web/swat.c1
10 files changed, 119 insertions, 82 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h
index dfd9ca8be8..b7c64cbc25 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -1873,8 +1873,8 @@ uint32 interpret_addr(char *str);
struct in_addr *interpret_addr2(char *str);
BOOL zero_ip(struct in_addr ip);
void reset_globals_after_fork();
-char *client_name(void);
-char *client_addr(void);
+char *client_name(int fd);
+char *client_addr(int fd);
char *automount_server(char *user_name);
char *automount_path(char *user_name);
void standard_sub_basic(char *str);
@@ -1927,6 +1927,8 @@ void cgi_setup(char *rootdir, int auth_required);
char *cgi_baseurl(void);
char *cgi_rooturl(void);
char *cgi_pathinfo(void);
+char *cgi_remote_host(void);
+char *cgi_remote_addr(void);
/*The following definitions come from web/diagnose.c */
diff --git a/source3/lib/access.c b/source3/lib/access.c
index c338517ed6..cc2bf8632b 100644
--- a/source3/lib/access.c
+++ b/source3/lib/access.c
@@ -60,18 +60,19 @@ BOOL check_access(int snum)
if (!ret)
{
- if (allow_access(denyl,allowl,client_name(),client_addr()))
+ extern int Client;
+ if (allow_access(denyl,allowl,client_name(Client),client_addr(Client)))
{
if (snum >= 0)
DEBUG(2,("Allowed connection from %s (%s) to %s\n",
- client_name(),client_addr(),
+ client_name(Client),client_addr(Client),
lp_servicename(snum)));
ret = True;
}
else
if (snum >= 0)
DEBUG(0,("%s Denied connection from %s (%s) to %s\n",
- timestring(), client_name(),client_addr(),
+ timestring(), client_name(Client),client_addr(Client),
lp_servicename(snum)));
}
diff --git a/source3/lib/util.c b/source3/lib/util.c
index e9ece49170..8c30aad68e 100644
--- a/source3/lib/util.c
+++ b/source3/lib/util.c
@@ -3716,73 +3716,81 @@ void reset_globals_after_fork()
/*******************************************************************
return the DNS name of the client
******************************************************************/
-char *client_name(void)
-{
- struct sockaddr sa;
- struct sockaddr_in *sockin = (struct sockaddr_in *) (&sa);
- int length = sizeof(sa);
- static pstring name_buf;
- struct hostent *hp;
-
- if (global_client_name_done)
- return name_buf;
-
- strcpy(name_buf,"UNKNOWN");
-
- if (Client == -1) {
- return name_buf;
- }
-
- if (getpeername(Client, &sa, &length) < 0) {
- DEBUG(0,("getpeername failed\n"));
- return name_buf;
- }
-
- /* Look up the remote host name. */
- if ((hp = gethostbyaddr((char *) &sockin->sin_addr,
- sizeof(sockin->sin_addr),
- AF_INET)) == 0) {
- DEBUG(1,("Gethostbyaddr failed for %s\n",client_addr()));
- StrnCpy(name_buf,client_addr(),sizeof(name_buf) - 1);
- } else {
- StrnCpy(name_buf,(char *)hp->h_name,sizeof(name_buf) - 1);
- if (!matchname(name_buf, sockin->sin_addr)) {
- DEBUG(0,("Matchname failed on %s %s\n",name_buf,client_addr()));
- strcpy(name_buf,"UNKNOWN");
- }
- }
- global_client_name_done = True;
- return name_buf;
+char *client_name(int fd)
+{
+ struct sockaddr sa;
+ struct sockaddr_in *sockin = (struct sockaddr_in *) (&sa);
+ int length = sizeof(sa);
+ static pstring name_buf;
+ struct hostent *hp;
+ static int last_fd=-1;
+
+ if (global_client_name_done && last_fd == fd)
+ return name_buf;
+
+ last_fd = fd;
+ global_client_name_done = False;
+
+ strcpy(name_buf,"UNKNOWN");
+
+ if (fd == -1) {
+ return name_buf;
+ }
+
+ if (getpeername(fd, &sa, &length) < 0) {
+ DEBUG(0,("getpeername failed\n"));
+ return name_buf;
+ }
+
+ /* Look up the remote host name. */
+ if ((hp = gethostbyaddr((char *) &sockin->sin_addr,
+ sizeof(sockin->sin_addr),
+ AF_INET)) == 0) {
+ DEBUG(1,("Gethostbyaddr failed for %s\n",client_addr(fd)));
+ StrnCpy(name_buf,client_addr(fd),sizeof(name_buf) - 1);
+ } else {
+ StrnCpy(name_buf,(char *)hp->h_name,sizeof(name_buf) - 1);
+ if (!matchname(name_buf, sockin->sin_addr)) {
+ DEBUG(0,("Matchname failed on %s %s\n",name_buf,client_addr(fd)));
+ strcpy(name_buf,"UNKNOWN");
+ }
+ }
+ global_client_name_done = True;
+ return name_buf;
}
/*******************************************************************
return the IP addr of the client as a string
******************************************************************/
-char *client_addr(void)
+char *client_addr(int fd)
{
- struct sockaddr sa;
- struct sockaddr_in *sockin = (struct sockaddr_in *) (&sa);
- int length = sizeof(sa);
- static fstring addr_buf;
+ struct sockaddr sa;
+ struct sockaddr_in *sockin = (struct sockaddr_in *) (&sa);
+ int length = sizeof(sa);
+ static fstring addr_buf;
+ static int last_fd = -1;
- if (global_client_addr_done)
- return addr_buf;
+ if (global_client_addr_done && fd == last_fd)
+ return addr_buf;
- strcpy(addr_buf,"0.0.0.0");
+ last_fd = fd;
+ global_client_addr_done = False;
- if (Client == -1) {
- return addr_buf;
- }
+ strcpy(addr_buf,"0.0.0.0");
- if (getpeername(Client, &sa, &length) < 0) {
- DEBUG(0,("getpeername failed\n"));
- return addr_buf;
- }
-
- fstrcpy(addr_buf,(char *)inet_ntoa(sockin->sin_addr));
-
- global_client_addr_done = True;
- return addr_buf;
+ if (fd == -1) {
+ return addr_buf;
+ }
+
+ if (getpeername(fd, &sa, &length) < 0) {
+ DEBUG(0,("getpeername failed\n"));
+ return addr_buf;
+ }
+
+ fstrcpy(addr_buf,(char *)inet_ntoa(sockin->sin_addr));
+
+ global_client_addr_done = True;
+ return addr_buf;
}
/*******************************************************************
@@ -3946,9 +3954,9 @@ void standard_sub_basic(char *str)
break;
}
case 'N' : string_sub(p,"%N", automount_server(username)); break;
- case 'I' : string_sub(p,"%I", client_addr()); break;
+ case 'I' : string_sub(p,"%I", client_addr(Client)); break;
case 'L' : string_sub(p,"%L", local_machine); break;
- case 'M' : string_sub(p,"%M", client_name()); break;
+ case 'M' : string_sub(p,"%M", client_name(Client)); break;
case 'R' : string_sub(p,"%R", remote_proto); break;
case 'T' : string_sub(p,"%T", timestring()); break;
case 'U' : string_sub(p,"%U", username); break;
diff --git a/source3/rpc_server/srv_netlog.c b/source3/rpc_server/srv_netlog.c
index 94d6faa992..f85330fd3c 100644
--- a/source3/rpc_server/srv_netlog.c
+++ b/source3/rpc_server/srv_netlog.c
@@ -227,10 +227,11 @@ static void net_reply_sam_logoff(NET_Q_SAM_LOGOFF *q_s, prs_struct *rdata,
******************************************************************/
static BOOL get_md4pw(char *md4pw, char *mach_name, char *mach_acct)
{
- struct smb_passwd *smb_pass;
+ struct smb_passwd *smb_pass;
+ extern int Client;
if (!allow_access(lp_domain_hostsdeny(), lp_domain_hostsallow(),
- client_name(), client_addr()))
+ client_name(Client), client_addr(Client)))
{
DEBUG(0,("get_md4pw: Workstation %s denied access to domain\n", mach_acct));
return False;
diff --git a/source3/smbd/connection.c b/source3/smbd/connection.c
index 610afbc3e5..5cf8b800f2 100644
--- a/source3/smbd/connection.c
+++ b/source3/smbd/connection.c
@@ -115,6 +115,7 @@ simple routines to do connection counting
****************************************************************************/
BOOL claim_connection(int cnum,char *name,int max_connections,BOOL Clear)
{
+ extern int Client;
struct connect_record crec;
pstring fname;
int fd=-1;
@@ -200,7 +201,7 @@ BOOL claim_connection(int cnum,char *name,int max_connections,BOOL Clear)
crec.start = time(NULL);
StrnCpy(crec.machine,remote_machine,sizeof(crec.machine)-1);
- StrnCpy(crec.addr,client_addr(),sizeof(crec.addr)-1);
+ StrnCpy(crec.addr,client_addr(Client),sizeof(crec.addr)-1);
/* make our mark */
if (lseek(fd,foundi*sizeof(crec),SEEK_SET) != foundi*sizeof(crec) ||
diff --git a/source3/smbd/password.c b/source3/smbd/password.c
index bb0aacac7e..ffa75d7d0b 100644
--- a/source3/smbd/password.c
+++ b/source3/smbd/password.c
@@ -1640,21 +1640,21 @@ BOOL check_hosts_equiv(char *user)
fname = lp_hosts_equiv();
/* note: don't allow hosts.equiv on root */
- if (fname && *fname && (pass->pw_uid != 0))
- {
- if (check_user_equiv(user,client_name(),fname))
- return(True);
- }
+ if (fname && *fname && (pass->pw_uid != 0)) {
+ extern int Client;
+ if (check_user_equiv(user,client_name(Client),fname))
+ return(True);
+ }
if (lp_use_rhosts())
{
char *home = get_home_dir(user);
- if (home)
- {
- sprintf(rhostsfile, "%s/.rhosts", home);
- if (check_user_equiv(user,client_name(),rhostsfile))
- return(True);
- }
+ if (home) {
+ extern int Client;
+ sprintf(rhostsfile, "%s/.rhosts", home);
+ if (check_user_equiv(user,client_name(Client),rhostsfile))
+ return(True);
+ }
}
return(False);
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index 4d163d70a0..8afda69b32 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -57,7 +57,7 @@ static void overflow_attack(int len)
{
DEBUG(0,("%s: ERROR: Invalid password length %d\n", timestring(), len));
DEBUG(0,("your machine may be under attack by a user exploiting an old bug\n"));
- DEBUG(0,("Attack was from IP=%s\n", client_addr()));
+ DEBUG(0,("Attack was from IP=%s\n", client_addr(Client)));
exit_server("possible attack");
}
diff --git a/source3/smbd/server.c b/source3/smbd/server.c
index 248a2cee5f..f51342d0e5 100644
--- a/source3/smbd/server.c
+++ b/source3/smbd/server.c
@@ -2625,7 +2625,7 @@ static void process_smb(char *inbuf, char *outbuf)
name" */
static unsigned char buf[5] = {0x83, 0, 0, 1, 0x81};
DEBUG(1,("%s Connection denied from %s\n",
- timestring(),client_addr()));
+ timestring(),client_addr(Client)));
send_smb(Client,(char *)buf);
exit_server("connection denied");
}
@@ -3597,10 +3597,11 @@ int make_connection(char *service,char *user,char *password, int pwlen, char *de
}
{
+ extern int Client;
DEBUG(IS_IPC(cnum)?3:1,("%s %s (%s) connect to service %s as user %s (uid=%d,gid=%d) (pid %d)\n",
timestring(),
remote_machine,
- client_addr(),
+ client_addr(Client),
lp_servicename(SNUM(cnum)),user,
pcon->uid,
pcon->gid,
@@ -4143,6 +4144,7 @@ close a cnum
****************************************************************************/
void close_cnum(int cnum, uint16 vuid)
{
+ extern int Client;
DirCacheFlush(SNUM(cnum));
unbecome_user();
@@ -4155,7 +4157,7 @@ void close_cnum(int cnum, uint16 vuid)
DEBUG(IS_IPC(cnum)?3:1,("%s %s (%s) closed connection to service %s\n",
timestring(),
- remote_machine,client_addr(),
+ remote_machine,client_addr(Client),
lp_servicename(SNUM(cnum))));
yield_connection(cnum,
diff --git a/source3/web/cgi.c b/source3/web/cgi.c
index 46654b1303..9931ca1468 100644
--- a/source3/web/cgi.c
+++ b/source3/web/cgi.c
@@ -665,3 +665,24 @@ char *cgi_pathinfo(void)
return r;
}
+/***************************************************************************
+return the hostname of the client
+ ***************************************************************************/
+char *cgi_remote_host(void)
+{
+ if (baseurl) {
+ return client_name(1);
+ }
+ return getenv("REMOTE_HOST");
+}
+
+/***************************************************************************
+return the hostname of the client
+ ***************************************************************************/
+char *cgi_remote_addr(void)
+{
+ if (baseurl) {
+ return client_addr(1);
+ }
+ return getenv("REMOTE_ADDR");
+}
diff --git a/source3/web/swat.c b/source3/web/swat.c
index a41249a9ee..7378cf682b 100644
--- a/source3/web/swat.c
+++ b/source3/web/swat.c
@@ -172,6 +172,7 @@ static void show_parameters(int snum, int allparameters, int advanced, int print
static void write_config(FILE *f, BOOL show_defaults)
{
fprintf(f, "# Samba config file created using SWAT\n");
+ fprintf(f, "# from %s (%s)\n", cgi_remote_host(), cgi_remote_addr());
fprintf(f, "# Date: %s\n\n", timestring());
lp_dump(f, show_defaults);