summaryrefslogtreecommitdiff
path: root/source3/lib
diff options
context:
space:
mode:
Diffstat (limited to 'source3/lib')
-rw-r--r--source3/lib/access.c10
-rw-r--r--source3/lib/substitute.c3
-rw-r--r--source3/lib/util_sock.c27
3 files changed, 23 insertions, 17 deletions
diff --git a/source3/lib/access.c b/source3/lib/access.c
index 7b78017a64..31bc515b47 100644
--- a/source3/lib/access.c
+++ b/source3/lib/access.c
@@ -346,6 +346,8 @@ bool check_access(int sock, const char **allow_list, const char **deny_list)
ret = true;
if (!ret) {
+ char addr[INET6_ADDRSTRLEN];
+
/* Bypass name resolution calls if the lists
* only contain IP addrs */
if (only_ipaddrs_in_list(allow_list) &&
@@ -356,24 +358,24 @@ bool check_access(int sock, const char **allow_list, const char **deny_list)
ret = allow_access(deny_list,
allow_list,
"",
- get_peer_addr(sock));
+ get_peer_addr(sock,addr));
} else {
DEBUG (3, ("check_access: hostnames in "
"host allow/deny list.\n"));
ret = allow_access(deny_list,
allow_list,
get_peer_name(sock,true),
- get_peer_addr(sock));
+ get_peer_addr(sock,addr));
}
if (ret) {
DEBUG(2,("Allowed connection from %s (%s)\n",
only_ip ? "" : get_peer_name(sock,true),
- get_peer_addr(sock)));
+ get_peer_addr(sock,addr)));
} else {
DEBUG(0,("Denied connection from %s (%s)\n",
only_ip ? "" : get_peer_name(sock,true),
- get_peer_addr(sock)));
+ get_peer_addr(sock,addr)));
}
}
diff --git a/source3/lib/substitute.c b/source3/lib/substitute.c
index 07cea81bd1..a6195ef9d7 100644
--- a/source3/lib/substitute.c
+++ b/source3/lib/substitute.c
@@ -449,6 +449,7 @@ char *alloc_sub_basic(const char *smb_name, const char *domain_name,
char *b, *p, *s, *r, *a_string;
fstring pidstr, vnnstr;
struct passwd *pass;
+ char addr[INET6_ADDRSTRLEN];
const char *local_machine_name = get_local_machine_name();
/* workaround to prevent a crash while looking at bug #687 */
@@ -494,7 +495,7 @@ char *alloc_sub_basic(const char *smb_name, const char *domain_name,
a_string = realloc_string_sub(a_string, "%D", r);
break;
case 'I' :
- a_string = realloc_string_sub(a_string, "%I", client_addr());
+ a_string = realloc_string_sub(a_string, "%I", client_addr(addr));
break;
case 'i':
a_string = realloc_string_sub( a_string, "%i", client_socket_addr() );
diff --git a/source3/lib/util_sock.c b/source3/lib/util_sock.c
index ea33de8077..b1e508182d 100644
--- a/source3/lib/util_sock.c
+++ b/source3/lib/util_sock.c
@@ -587,9 +587,10 @@ char *print_canonical_sockaddr(TALLOC_CTX *ctx,
void client_setfd(int fd)
{
+ char addr[INET6_ADDRSTRLEN];
client_fd = fd;
safe_strcpy(client_ip_string,
- get_peer_addr(client_fd),
+ get_peer_addr(client_fd,addr),
sizeof(client_ip_string)-1);
}
@@ -658,9 +659,9 @@ const char *client_name(void)
return get_peer_name(client_fd,false);
}
-const char *client_addr(void)
+const char *client_addr(char addr[INET6_ADDRSTRLEN])
{
- return get_peer_addr(client_fd);
+ return get_peer_addr(client_fd,addr);
}
const char *client_socket_addr(void)
@@ -1699,12 +1700,12 @@ int open_udp_socket(const char *host, int port)
******************************************************************/
static const char *get_peer_addr_internal(int fd,
+ char addr_buf[INET6_ADDRSTRLEN],
struct sockaddr_storage *pss,
socklen_t *plength)
{
struct sockaddr_storage ss;
socklen_t length = sizeof(ss);
- static char addr_buf[INET6_ADDRSTRLEN];
safe_strcpy(addr_buf,"0.0.0.0",sizeof(addr_buf)-1);
@@ -1732,7 +1733,6 @@ static const char *get_peer_addr_internal(int fd,
return addr_buf;
}
-
/*******************************************************************
Matchname - determine if host name matches IP address. Used to
confirm a hostname lookup to prevent spoof attacks.
@@ -1807,10 +1807,12 @@ static bool matchname(const char *remotehost,
Return the DNS name of the remote end of a socket.
******************************************************************/
+static char addr_buf_cache[INET6_ADDRSTRLEN];
+
const char *get_peer_name(int fd, bool force_lookup)
{
- static fstring addr_buf;
static pstring name_buf;
+ char addr_buf[INET6_ADDRSTRLEN];
struct sockaddr_storage ss;
socklen_t length = sizeof(ss);
const char *p;
@@ -1822,13 +1824,14 @@ const char *get_peer_name(int fd, bool force_lookup)
with dns. To avoid the delay we avoid the lookup if
possible */
if (!lp_hostname_lookups() && (force_lookup == false)) {
- return get_peer_addr(fd);
+ pstrcpy(name_buf, get_peer_addr(fd, addr_buf));
+ return name_buf;
}
- p = get_peer_addr_internal(fd, &ss, &length);
+ p = get_peer_addr_internal(fd, addr_buf, &ss, &length);
/* it might be the same as the last one - save some DNS work */
- if (strcmp(p, addr_buf) == 0) {
+ if (strcmp(p, addr_buf_cache) == 0) {
return name_buf;
}
@@ -1837,7 +1840,7 @@ const char *get_peer_name(int fd, bool force_lookup)
return name_buf;
}
- fstrcpy(addr_buf, p);
+ safe_strcpy(addr_buf_cache, p, sizeof(addr_buf_cache)-1);
/* Look up the remote host name. */
ret = getnameinfo((struct sockaddr *)&ss,
@@ -1878,9 +1881,9 @@ const char *get_peer_name(int fd, bool force_lookup)
Return the IP addr of the remote end of a socket as a string.
******************************************************************/
-const char *get_peer_addr(int fd)
+const char *get_peer_addr(int fd, char addr[INET6_ADDRSTRLEN])
{
- return get_peer_addr_internal(fd, NULL, NULL);
+ return get_peer_addr_internal(fd, addr, NULL, NULL);
}
/*******************************************************************
generated by cgit (git 2.34.1) at 2024-07-04 22:21:38 +0000