when doing a "secure nbns" wack response and check with owner for a

multihomed registration we were sending the packet to the wrong host!
We sent it to the person trying to register rather than to the person
who currently holds the name. That means we were not secure and we
could allow two people to register the same name.

Jeremy, you may wish to merge this change into 2.0.X
(This used to be commit 94ca1d1250d12918311a402cc689050ba1d06e24)

diff --git a/source3/nmbd/nmbd_winsserver.c b/source3/nmbd/nmbd_winsserver.c
index e978718106a8e4fe02e7f5ef11c5c1cf750767be..2b99a8ce53bf58d956bd165fe8e1dffc0751bc4a 100644 (file)
--- a/source3/nmbd/nmbd_winsserver.c
+++ b/source3/nmbd/nmbd_winsserver.c
@@ -1176,9 +1176,12 @@ is one of our (WINS server) names. Denying registration.\n", nmb_namestr(questio
      * the recursion desired flag is not set (you were right Luke :-).
      * This function should *only* be called from the WINS server
      * code. JRA.
+     *
+     * Note that this packet is sent to the current owner of the name,
+     * not the person who sent the packet 
      */
 
-    query_name_from_wins_server( p->ip,
+    query_name_from_wins_server( namerec->data.ip[0],
                                  question->name,
                                  question->name_type, 
                                  wins_multihomed_register_query_success,