aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorHenrik Nord <[email protected]>2011-04-08 17:17:36 +0200
committerHenrik Nord <[email protected]>2011-04-08 17:17:57 +0200
commitb42123ea3de0a9d5d9294fe10ee1bbca33b08fb0 (patch)
treec7a914efcbb72827ea450664cfd8aab3001f2052
parentfc7428eaab27b8cd87a463bd13450ef3362ba67d (diff)
parent5b68030b9d57a839ad798415f30936660ca83904 (diff)
downloadotp-b42123ea3de0a9d5d9294fe10ee1bbca33b08fb0.tar.gz
otp-b42123ea3de0a9d5d9294fe10ee1bbca33b08fb0.tar.bz2
otp-b42123ea3de0a9d5d9294fe10ee1bbca33b08fb0.zip
Merge branch 'ms/epmd-local-access-check' into dev
* ms/epmd-local-access-check: epmd: include host address in local access check OTP-9214
-rw-r--r--erts/epmd/src/epmd_srv.c11
1 files changed, 8 insertions, 3 deletions
diff --git a/erts/epmd/src/epmd_srv.c b/erts/epmd/src/epmd_srv.c
index 8a4a915614..4d9b454f97 100644
--- a/erts/epmd/src/epmd_srv.c
+++ b/erts/epmd/src/epmd_srv.c
@@ -809,6 +809,7 @@ static int conn_open(EpmdVars *g,int fd)
for (i = 0; i < g->max_conn; i++) {
if (g->conn[i].open == EPMD_FALSE) {
struct sockaddr_in si;
+ struct sockaddr_in di;
#ifdef HAVE_SOCKLEN_T
socklen_t st;
#else
@@ -829,12 +830,16 @@ static int conn_open(EpmdVars *g,int fd)
/* Determine if connection is from localhost */
if (getpeername(s->fd,(struct sockaddr*) &si,&st) ||
st < sizeof(si)) {
- /* Failure to get peername is regarder as non local host */
+ /* Failure to get peername is regarded as non local host */
s->local_peer = EPMD_FALSE;
} else {
+ /* Only 127.x.x.x and connections from the host's IP address
+ allowed, no false positives */
s->local_peer =
- ((((unsigned) ntohl(si.sin_addr.s_addr)) & 0xFF000000U) ==
- 0x7F000000U); /* Only 127.x.x.x allowed, no false positives */
+ (((((unsigned) ntohl(si.sin_addr.s_addr)) & 0xFF000000U) ==
+ 0x7F000000U) ||
+ (getsockname(s->fd,(struct sockaddr*) &di,&st) ?
+ EPMD_FALSE : si.sin_addr.s_addr == di.sin_addr.s_addr));
}
dbg_tty_printf(g,2,(s->local_peer) ? "Local peer connected" :
"Non-local peer connected");