40 lines
1.4 KiB
Diff
40 lines
1.4 KiB
Diff
------------------------------------------------------------------------
|
|
r24967 | ghudson | 2011-06-13 14:54:33 -0400 (Mon, 13 Jun 2011) | 11 lines
|
|
|
|
ticket: 6920
|
|
subject: Fix old-style GSSRPC authentication
|
|
target_version: 1.9.2
|
|
tags: pullup
|
|
|
|
r24147 (ticket #6746) made libgssrpc ignorant of the remote address of
|
|
the kadmin socket, even when it's IPv4. This made old-style GSSAPI
|
|
authentication fail because it uses the wrong channel bindings. Fix
|
|
this problem by making clnttcp_create() get the remote address from
|
|
the socket using getpeername() if the caller doesn't provide it and
|
|
it's an IPv4 address.
|
|
------------------------------------------------------------------------
|
|
Index: src/lib/rpc/clnt_tcp.c
|
|
===================================================================
|
|
--- src/lib/rpc/clnt_tcp.c (revision 24966)
|
|
+++ src/lib/rpc/clnt_tcp.c (revision 24967)
|
|
@@ -187,9 +187,16 @@
|
|
ct->ct_sock = *sockp;
|
|
ct->ct_wait.tv_usec = 0;
|
|
ct->ct_waitset = FALSE;
|
|
- if (raddr == NULL)
|
|
- memset(&ct->ct_addr, 0, sizeof(ct->ct_addr));
|
|
- else
|
|
+ if (raddr == NULL) {
|
|
+ /* Get the remote address from the socket, if it's IPv4. */
|
|
+ struct sockaddr_in sin;
|
|
+ socklen_t len = sizeof(sin);
|
|
+ int ret = getpeername(ct->ct_sock, (struct sockaddr *)&sin, &len);
|
|
+ if (ret == 0 && len == sizeof(sin) && sin.sin_family == AF_INET)
|
|
+ ct->ct_addr = sin;
|
|
+ else
|
|
+ memset(&ct->ct_addr, 0, sizeof(ct->ct_addr));
|
|
+ } else
|
|
ct->ct_addr = *raddr;
|
|
|
|
/*
|