torque/CVE-2013-4319.patch
2014-10-02 09:42:45 +02:00

27 lines
826 B
Diff

diff --git a/src/server/process_request.c b/src/server/process_request.c
index 4817ed0..6b4c955 100644
--- a/src/server/process_request.c
+++ b/src/server/process_request.c
@@ -679,6 +679,21 @@ void process_request(
log_buffer);
}
+ if (svr_conn[sfds].cn_authen != PBS_NET_CONN_FROM_PRIVIL)
+ {
+ sprintf(log_buffer, "request type %s from host %s rejected (connection not privileged)",
+ reqtype_to_txt(request->rq_type),
+ request->rq_host);
+
+ log_record(PBSEVENT_JOB, PBS_EVENTCLASS_JOB, id, log_buffer);
+
+ req_reject(PBSE_BADHOST, 0, request, NULL, "request not authorized");
+
+ close_client(sfds);
+
+ return;
+ }
+
/* if (!tfind(svr_conn[sfds].cn_addr, &okclients)) */
if (!AVL_is_in_tree(svr_conn[sfds].cn_addr, 0, okclients))
{