{
int pam_error;
const char *our_rhost;
+ char addr[INET6_ADDRSTRLEN];
*pamh = (pam_handle_t *)NULL;
if (rhost == NULL) {
our_rhost = client_name();
if (strequal(our_rhost,"UNKNOWN"))
- our_rhost = client_addr();
+ our_rhost = client_addr(addr);
} else {
our_rhost = rhost;
}
ret = true;
if (!ret) {
+ char addr[INET6_ADDRSTRLEN];
+
/* Bypass name resolution calls if the lists
* only contain IP addrs */
if (only_ipaddrs_in_list(allow_list) &&
ret = allow_access(deny_list,
allow_list,
"",
- get_peer_addr(sock));
+ get_peer_addr(sock,addr));
} else {
DEBUG (3, ("check_access: hostnames in "
"host allow/deny list.\n"));
ret = allow_access(deny_list,
allow_list,
get_peer_name(sock,true),
- get_peer_addr(sock));
+ get_peer_addr(sock,addr));
}
if (ret) {
DEBUG(2,("Allowed connection from %s (%s)\n",
only_ip ? "" : get_peer_name(sock,true),
- get_peer_addr(sock)));
+ get_peer_addr(sock,addr)));
} else {
DEBUG(0,("Denied connection from %s (%s)\n",
only_ip ? "" : get_peer_name(sock,true),
- get_peer_addr(sock)));
+ get_peer_addr(sock,addr)));
}
}
char *b, *p, *s, *r, *a_string;
fstring pidstr, vnnstr;
struct passwd *pass;
+ char addr[INET6_ADDRSTRLEN];
const char *local_machine_name = get_local_machine_name();
/* workaround to prevent a crash while looking at bug #687 */
a_string = realloc_string_sub(a_string, "%D", r);
break;
case 'I' :
- a_string = realloc_string_sub(a_string, "%I", client_addr());
+ a_string = realloc_string_sub(a_string, "%I", client_addr(addr));
break;
case 'i':
a_string = realloc_string_sub( a_string, "%i", client_socket_addr() );
void client_setfd(int fd)
{
+ char addr[INET6_ADDRSTRLEN];
client_fd = fd;
safe_strcpy(client_ip_string,
- get_peer_addr(client_fd),
+ get_peer_addr(client_fd,addr),
sizeof(client_ip_string)-1);
}
return get_peer_name(client_fd,false);
}
-const char *client_addr(void)
+const char *client_addr(char addr[INET6_ADDRSTRLEN])
{
- return get_peer_addr(client_fd);
+ return get_peer_addr(client_fd,addr);
}
const char *client_socket_addr(void)
******************************************************************/
static const char *get_peer_addr_internal(int fd,
+ char addr_buf[INET6_ADDRSTRLEN],
struct sockaddr_storage *pss,
socklen_t *plength)
{
struct sockaddr_storage ss;
socklen_t length = sizeof(ss);
- static char addr_buf[INET6_ADDRSTRLEN];
safe_strcpy(addr_buf,"0.0.0.0",sizeof(addr_buf)-1);
return addr_buf;
}
-
/*******************************************************************
Matchname - determine if host name matches IP address. Used to
confirm a hostname lookup to prevent spoof attacks.
Return the DNS name of the remote end of a socket.
******************************************************************/
+static char addr_buf_cache[INET6_ADDRSTRLEN];
+
const char *get_peer_name(int fd, bool force_lookup)
{
- static fstring addr_buf;
static pstring name_buf;
+ char addr_buf[INET6_ADDRSTRLEN];
struct sockaddr_storage ss;
socklen_t length = sizeof(ss);
const char *p;
with dns. To avoid the delay we avoid the lookup if
possible */
if (!lp_hostname_lookups() && (force_lookup == false)) {
- return get_peer_addr(fd);
+ pstrcpy(name_buf, get_peer_addr(fd, addr_buf));
+ return name_buf;
}
- p = get_peer_addr_internal(fd, &ss, &length);
+ p = get_peer_addr_internal(fd, addr_buf, &ss, &length);
/* it might be the same as the last one - save some DNS work */
- if (strcmp(p, addr_buf) == 0) {
+ if (strcmp(p, addr_buf_cache) == 0) {
return name_buf;
}
return name_buf;
}
- fstrcpy(addr_buf, p);
+ safe_strcpy(addr_buf_cache, p, sizeof(addr_buf_cache)-1);
/* Look up the remote host name. */
ret = getnameinfo((struct sockaddr *)&ss,
Return the IP addr of the remote end of a socket as a string.
******************************************************************/
-const char *get_peer_addr(int fd)
+const char *get_peer_addr(int fd, char addr[INET6_ADDRSTRLEN])
{
- return get_peer_addr_internal(fd, NULL, NULL);
+ return get_peer_addr_internal(fd, addr, NULL, NULL);
}
/*******************************************************************
DEBUG(10, ("Scanning mapfile [%s]\n", mapfile));
while (x_fgets(buf, sizeof(buf), f) != NULL) {
+ char addr[INET6_ADDRSTRLEN];
if ((strlen(buf) > 0) && (buf[strlen(buf)-1] == '\n'))
buf[strlen(buf)-1] = '\0';
*space = '\0';
- if (strncmp(client_addr(), buf, strlen(buf)) == 0) {
+ if (strncmp(client_addr(addr), buf, strlen(buf)) == 0) {
found = True;
break;
}
pstring new_jobname;
int num_options = 0;
cups_option_t *options = NULL;
+ char addr[INET6_ADDRSTRLEN];
DEBUG(5,("cups_job_submit(%d, %p (%d))\n", snum, pjob, pjob->sysjob));
clientname = client_name();
if (strcmp(clientname, "UNKNOWN") == 0) {
- clientname = client_addr();
+ clientname = client_addr(addr);
}
ippAddString(request, IPP_TAG_OPERATION, IPP_TAG_NAME,
cups_lang_t *language = NULL; /* Default language */
char uri[HTTP_MAX_URI]; /* printer-uri attribute */
const char *clientname = NULL; /* hostname of client for job-originating-host attribute */
+ char addr[INET6_ADDRSTRLEN];
DEBUG(5,("iprint_job_submit(%d, %p (%d))\n", snum, pjob, pjob->sysjob));
clientname = client_name();
if (strcmp(clientname, "UNKNOWN") == 0) {
- clientname = client_addr();
+ clientname = client_addr(addr);
}
ippAddString(request, IPP_TAG_OPERATION, IPP_TAG_NAME,
const uint8 *pass;
bool ret;
uint32 acct_ctrl;
-
+
#if 0
+ char addr[INET6_ADDRSTRLEN];
+
/*
* Currently this code is redundent as we already have a filter
* by hostname list. What this code really needs to do is to
*/
if (!allow_access(lp_domain_hostsdeny(), lp_domain_hostsallow(),
- client_name(), client_addr()))
+ client_name(), client_addr(addr)))
{
DEBUG(0,("get_md4pw: Workstation %s denied access to domain\n", mach_acct));
return False;
struct connections_data crec;
TDB_DATA dbuf;
NTSTATUS status;
+ char addr[INET6_ADDRSTRLEN];
DEBUG(5,("claiming [%s]\n", name));
crec.bcast_msg_flags = msg_flags;
strlcpy(crec.machine,get_remote_machine_name(),sizeof(crec.machine));
- strlcpy(crec.addr,conn?conn->client_address:client_addr(),
+ strlcpy(crec.addr,conn?conn->client_address:client_addr(addr),
sizeof(crec.addr));
dbuf.dptr = (uint8 *)&crec;
DO_PROFILE_INC(smb_count);
if (trans_num == 0) {
+ char addr[INET6_ADDRSTRLEN];
+
/* on the first packet, check the global hosts allow/ hosts
deny parameters before doing any parsing of the packet
passed to us by the client. This prevents attacks on our
parsing code from hosts not in the hosts allow list */
+
if (!check_access(smbd_server_fd(), lp_hostsallow(-1),
lp_hostsdeny(-1))) {
/* send a negative session response "not listening on calling name" */
static unsigned char buf[5] = {0x83, 0, 0, 1, 0x81};
- DEBUG( 1, ( "Connection denied from %s\n", client_addr() ) );
+ DEBUG( 1, ( "Connection denied from %s\n", client_addr(addr) ) );
(void)send_smb(smbd_server_fd(),(char *)buf);
exit_server_cleanly("connection denied");
}
if (allowable_number_of_smbd_processes() &&
smbd_server_fd() != -1 &&
((child = sys_fork())==0)) {
+ char remaddr[INET6_ADDRSTRLEN];
+
/* Child code ... */
/* Stop zombies, the parent explicitly handles
/* this is needed so that we get decent entries
in smbstatus for port 445 connects */
- set_remote_machine_name(get_peer_addr(smbd_server_fd()),
+ set_remote_machine_name(get_peer_addr(smbd_server_fd(),remaddr),
False);
/* Reset the state of the random
fstring user;
fstring dev;
int ret;
+ char addr[INET6_ADDRSTRLEN];
*user = 0;
fstrcpy(dev, pdev);
add_session_user(user);
- safe_strcpy(conn->client_address, client_addr(),
+ safe_strcpy(conn->client_address, client_addr(addr),
sizeof(conn->client_address)-1);
conn->num_files_open = 0;
conn->lastused = conn->lastused_count = time(NULL);
fstring service;
fstring dev;
int snum = -1;
+ char addr[INET6_ADDRSTRLEN];
fstrcpy(dev, pdev);
}
DEBUG(0,("%s (%s) couldn't find service %s\n",
- get_remote_machine_name(), client_addr(), service));
+ get_remote_machine_name(), client_addr(addr), service));
*status = NT_STATUS_BAD_NETWORK_NAME;
return NULL;
}
struct db_context *ctx;
struct db_record *rec;
NTSTATUS status;
+ char addr[INET6_ADDRSTRLEN];
vuser->session_keystr = NULL;
hostname = client_name();
if (strcmp(hostname, "UNKNOWN") == 0) {
- hostname = client_addr();
+ hostname = client_addr(addr);
}
fstrcpy(sessionid.username, vuser->user.unix_name);
sessionid.uid = vuser->uid;
sessionid.gid = vuser->gid;
fstrcpy(sessionid.remote_machine, get_remote_machine_name());
- fstrcpy(sessionid.ip_addr_str, client_addr());
+ fstrcpy(sessionid.ip_addr_str, client_addr(addr));
sessionid.connect_start = time(NULL);
if (!smb_pam_claim_session(sessionid.username, sessionid.id_str,
static void setup_new_vc_session(void)
{
+ char addr[INET6_ADDRSTRLEN];
+
DEBUG(2,("setup_new_vc_session: New VC == 0, if NT4.x "
"compatible we would close all old resources.\n"));
#if 0
#endif
if (lp_reset_on_zero_vc()) {
connections_forall(shutdown_other_smbds,
- CONST_DISCARD(void *,client_addr()));
+ CONST_DISCARD(void *,client_addr(addr)));
}
}
const char *cgi_remote_addr(void)
{
if (inetd_server) {
- return get_peer_addr(1);
+ char addr[INET6_ADDRSTRLEN];
+ return get_peer_addr(1,addr);
}
return getenv("REMOTE_ADDR");
}