diff options
-rw-r--r-- | source3/include/proto.h | 6 | ||||
-rw-r--r-- | source3/lib/access.c | 7 | ||||
-rw-r--r-- | source3/lib/util.c | 126 | ||||
-rw-r--r-- | source3/rpc_server/srv_netlog.c | 5 | ||||
-rw-r--r-- | source3/smbd/connection.c | 3 | ||||
-rw-r--r-- | source3/smbd/password.c | 22 | ||||
-rw-r--r-- | source3/smbd/reply.c | 2 | ||||
-rw-r--r-- | source3/smbd/server.c | 8 | ||||
-rw-r--r-- | source3/web/cgi.c | 21 | ||||
-rw-r--r-- | source3/web/swat.c | 1 |
10 files changed, 119 insertions, 82 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h index dfd9ca8be8..b7c64cbc25 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -1873,8 +1873,8 @@ uint32 interpret_addr(char *str); struct in_addr *interpret_addr2(char *str); BOOL zero_ip(struct in_addr ip); void reset_globals_after_fork(); -char *client_name(void); -char *client_addr(void); +char *client_name(int fd); +char *client_addr(int fd); char *automount_server(char *user_name); char *automount_path(char *user_name); void standard_sub_basic(char *str); @@ -1927,6 +1927,8 @@ void cgi_setup(char *rootdir, int auth_required); char *cgi_baseurl(void); char *cgi_rooturl(void); char *cgi_pathinfo(void); +char *cgi_remote_host(void); +char *cgi_remote_addr(void); /*The following definitions come from web/diagnose.c */ diff --git a/source3/lib/access.c b/source3/lib/access.c index c338517ed6..cc2bf8632b 100644 --- a/source3/lib/access.c +++ b/source3/lib/access.c @@ -60,18 +60,19 @@ BOOL check_access(int snum) if (!ret) { - if (allow_access(denyl,allowl,client_name(),client_addr())) + extern int Client; + if (allow_access(denyl,allowl,client_name(Client),client_addr(Client))) { if (snum >= 0) DEBUG(2,("Allowed connection from %s (%s) to %s\n", - client_name(),client_addr(), + client_name(Client),client_addr(Client), lp_servicename(snum))); ret = True; } else if (snum >= 0) DEBUG(0,("%s Denied connection from %s (%s) to %s\n", - timestring(), client_name(),client_addr(), + timestring(), client_name(Client),client_addr(Client), lp_servicename(snum))); } diff --git a/source3/lib/util.c b/source3/lib/util.c index e9ece49170..8c30aad68e 100644 --- a/source3/lib/util.c +++ b/source3/lib/util.c @@ -3716,73 +3716,81 @@ void reset_globals_after_fork() /******************************************************************* return the DNS name of the client ******************************************************************/ -char *client_name(void) -{ - struct sockaddr sa; - struct sockaddr_in *sockin = (struct sockaddr_in *) (&sa); - int length = sizeof(sa); - static pstring name_buf; - struct hostent *hp; - - if (global_client_name_done) - return name_buf; - - strcpy(name_buf,"UNKNOWN"); - - if (Client == -1) { - return name_buf; - } - - if (getpeername(Client, &sa, &length) < 0) { - DEBUG(0,("getpeername failed\n")); - return name_buf; - } - - /* Look up the remote host name. */ - if ((hp = gethostbyaddr((char *) &sockin->sin_addr, - sizeof(sockin->sin_addr), - AF_INET)) == 0) { - DEBUG(1,("Gethostbyaddr failed for %s\n",client_addr())); - StrnCpy(name_buf,client_addr(),sizeof(name_buf) - 1); - } else { - StrnCpy(name_buf,(char *)hp->h_name,sizeof(name_buf) - 1); - if (!matchname(name_buf, sockin->sin_addr)) { - DEBUG(0,("Matchname failed on %s %s\n",name_buf,client_addr())); - strcpy(name_buf,"UNKNOWN"); - } - } - global_client_name_done = True; - return name_buf; +char *client_name(int fd) +{ + struct sockaddr sa; + struct sockaddr_in *sockin = (struct sockaddr_in *) (&sa); + int length = sizeof(sa); + static pstring name_buf; + struct hostent *hp; + static int last_fd=-1; + + if (global_client_name_done && last_fd == fd) + return name_buf; + + last_fd = fd; + global_client_name_done = False; + + strcpy(name_buf,"UNKNOWN"); + + if (fd == -1) { + return name_buf; + } + + if (getpeername(fd, &sa, &length) < 0) { + DEBUG(0,("getpeername failed\n")); + return name_buf; + } + + /* Look up the remote host name. */ + if ((hp = gethostbyaddr((char *) &sockin->sin_addr, + sizeof(sockin->sin_addr), + AF_INET)) == 0) { + DEBUG(1,("Gethostbyaddr failed for %s\n",client_addr(fd))); + StrnCpy(name_buf,client_addr(fd),sizeof(name_buf) - 1); + } else { + StrnCpy(name_buf,(char *)hp->h_name,sizeof(name_buf) - 1); + if (!matchname(name_buf, sockin->sin_addr)) { + DEBUG(0,("Matchname failed on %s %s\n",name_buf,client_addr(fd))); + strcpy(name_buf,"UNKNOWN"); + } + } + global_client_name_done = True; + return name_buf; } /******************************************************************* return the IP addr of the client as a string ******************************************************************/ -char *client_addr(void) +char *client_addr(int fd) { - struct sockaddr sa; - struct sockaddr_in *sockin = (struct sockaddr_in *) (&sa); - int length = sizeof(sa); - static fstring addr_buf; + struct sockaddr sa; + struct sockaddr_in *sockin = (struct sockaddr_in *) (&sa); + int length = sizeof(sa); + static fstring addr_buf; + static int last_fd = -1; - if (global_client_addr_done) - return addr_buf; + if (global_client_addr_done && fd == last_fd) + return addr_buf; - strcpy(addr_buf,"0.0.0.0"); + last_fd = fd; + global_client_addr_done = False; - if (Client == -1) { - return addr_buf; - } + strcpy(addr_buf,"0.0.0.0"); - if (getpeername(Client, &sa, &length) < 0) { - DEBUG(0,("getpeername failed\n")); - return addr_buf; - } - - fstrcpy(addr_buf,(char *)inet_ntoa(sockin->sin_addr)); - - global_client_addr_done = True; - return addr_buf; + if (fd == -1) { + return addr_buf; + } + + if (getpeername(fd, &sa, &length) < 0) { + DEBUG(0,("getpeername failed\n")); + return addr_buf; + } + + fstrcpy(addr_buf,(char *)inet_ntoa(sockin->sin_addr)); + + global_client_addr_done = True; + return addr_buf; } /******************************************************************* @@ -3946,9 +3954,9 @@ void standard_sub_basic(char *str) break; } case 'N' : string_sub(p,"%N", automount_server(username)); break; - case 'I' : string_sub(p,"%I", client_addr()); break; + case 'I' : string_sub(p,"%I", client_addr(Client)); break; case 'L' : string_sub(p,"%L", local_machine); break; - case 'M' : string_sub(p,"%M", client_name()); break; + case 'M' : string_sub(p,"%M", client_name(Client)); break; case 'R' : string_sub(p,"%R", remote_proto); break; case 'T' : string_sub(p,"%T", timestring()); break; case 'U' : string_sub(p,"%U", username); break; diff --git a/source3/rpc_server/srv_netlog.c b/source3/rpc_server/srv_netlog.c index 94d6faa992..f85330fd3c 100644 --- a/source3/rpc_server/srv_netlog.c +++ b/source3/rpc_server/srv_netlog.c @@ -227,10 +227,11 @@ static void net_reply_sam_logoff(NET_Q_SAM_LOGOFF *q_s, prs_struct *rdata, ******************************************************************/ static BOOL get_md4pw(char *md4pw, char *mach_name, char *mach_acct) { - struct smb_passwd *smb_pass; + struct smb_passwd *smb_pass; + extern int Client; if (!allow_access(lp_domain_hostsdeny(), lp_domain_hostsallow(), - client_name(), client_addr())) + client_name(Client), client_addr(Client))) { DEBUG(0,("get_md4pw: Workstation %s denied access to domain\n", mach_acct)); return False; diff --git a/source3/smbd/connection.c b/source3/smbd/connection.c index 610afbc3e5..5cf8b800f2 100644 --- a/source3/smbd/connection.c +++ b/source3/smbd/connection.c @@ -115,6 +115,7 @@ simple routines to do connection counting ****************************************************************************/ BOOL claim_connection(int cnum,char *name,int max_connections,BOOL Clear) { + extern int Client; struct connect_record crec; pstring fname; int fd=-1; @@ -200,7 +201,7 @@ BOOL claim_connection(int cnum,char *name,int max_connections,BOOL Clear) crec.start = time(NULL); StrnCpy(crec.machine,remote_machine,sizeof(crec.machine)-1); - StrnCpy(crec.addr,client_addr(),sizeof(crec.addr)-1); + StrnCpy(crec.addr,client_addr(Client),sizeof(crec.addr)-1); /* make our mark */ if (lseek(fd,foundi*sizeof(crec),SEEK_SET) != foundi*sizeof(crec) || diff --git a/source3/smbd/password.c b/source3/smbd/password.c index bb0aacac7e..ffa75d7d0b 100644 --- a/source3/smbd/password.c +++ b/source3/smbd/password.c @@ -1640,21 +1640,21 @@ BOOL check_hosts_equiv(char *user) fname = lp_hosts_equiv(); /* note: don't allow hosts.equiv on root */ - if (fname && *fname && (pass->pw_uid != 0)) - { - if (check_user_equiv(user,client_name(),fname)) - return(True); - } + if (fname && *fname && (pass->pw_uid != 0)) { + extern int Client; + if (check_user_equiv(user,client_name(Client),fname)) + return(True); + } if (lp_use_rhosts()) { char *home = get_home_dir(user); - if (home) - { - sprintf(rhostsfile, "%s/.rhosts", home); - if (check_user_equiv(user,client_name(),rhostsfile)) - return(True); - } + if (home) { + extern int Client; + sprintf(rhostsfile, "%s/.rhosts", home); + if (check_user_equiv(user,client_name(Client),rhostsfile)) + return(True); + } } return(False); diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 4d163d70a0..8afda69b32 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -57,7 +57,7 @@ static void overflow_attack(int len) { DEBUG(0,("%s: ERROR: Invalid password length %d\n", timestring(), len)); DEBUG(0,("your machine may be under attack by a user exploiting an old bug\n")); - DEBUG(0,("Attack was from IP=%s\n", client_addr())); + DEBUG(0,("Attack was from IP=%s\n", client_addr(Client))); exit_server("possible attack"); } diff --git a/source3/smbd/server.c b/source3/smbd/server.c index 248a2cee5f..f51342d0e5 100644 --- a/source3/smbd/server.c +++ b/source3/smbd/server.c @@ -2625,7 +2625,7 @@ static void process_smb(char *inbuf, char *outbuf) name" */ static unsigned char buf[5] = {0x83, 0, 0, 1, 0x81}; DEBUG(1,("%s Connection denied from %s\n", - timestring(),client_addr())); + timestring(),client_addr(Client))); send_smb(Client,(char *)buf); exit_server("connection denied"); } @@ -3597,10 +3597,11 @@ int make_connection(char *service,char *user,char *password, int pwlen, char *de } { + extern int Client; DEBUG(IS_IPC(cnum)?3:1,("%s %s (%s) connect to service %s as user %s (uid=%d,gid=%d) (pid %d)\n", timestring(), remote_machine, - client_addr(), + client_addr(Client), lp_servicename(SNUM(cnum)),user, pcon->uid, pcon->gid, @@ -4143,6 +4144,7 @@ close a cnum ****************************************************************************/ void close_cnum(int cnum, uint16 vuid) { + extern int Client; DirCacheFlush(SNUM(cnum)); unbecome_user(); @@ -4155,7 +4157,7 @@ void close_cnum(int cnum, uint16 vuid) DEBUG(IS_IPC(cnum)?3:1,("%s %s (%s) closed connection to service %s\n", timestring(), - remote_machine,client_addr(), + remote_machine,client_addr(Client), lp_servicename(SNUM(cnum)))); yield_connection(cnum, diff --git a/source3/web/cgi.c b/source3/web/cgi.c index 46654b1303..9931ca1468 100644 --- a/source3/web/cgi.c +++ b/source3/web/cgi.c @@ -665,3 +665,24 @@ char *cgi_pathinfo(void) return r; } +/*************************************************************************** +return the hostname of the client + ***************************************************************************/ +char *cgi_remote_host(void) +{ + if (baseurl) { + return client_name(1); + } + return getenv("REMOTE_HOST"); +} + +/*************************************************************************** +return the hostname of the client + ***************************************************************************/ +char *cgi_remote_addr(void) +{ + if (baseurl) { + return client_addr(1); + } + return getenv("REMOTE_ADDR"); +} diff --git a/source3/web/swat.c b/source3/web/swat.c index a41249a9ee..7378cf682b 100644 --- a/source3/web/swat.c +++ b/source3/web/swat.c @@ -172,6 +172,7 @@ static void show_parameters(int snum, int allparameters, int advanced, int print static void write_config(FILE *f, BOOL show_defaults) { fprintf(f, "# Samba config file created using SWAT\n"); + fprintf(f, "# from %s (%s)\n", cgi_remote_host(), cgi_remote_addr()); fprintf(f, "# Date: %s\n\n", timestring()); lp_dump(f, show_defaults); |