diff options
author | Henrik Nord <henrik@erlang.org> | 2011-04-08 17:17:36 +0200 |
---|---|---|
committer | Henrik Nord <henrik@erlang.org> | 2011-04-08 17:17:57 +0200 |
commit | b42123ea3de0a9d5d9294fe10ee1bbca33b08fb0 (patch) | |
tree | c7a914efcbb72827ea450664cfd8aab3001f2052 /erts/epmd/src | |
parent | fc7428eaab27b8cd87a463bd13450ef3362ba67d (diff) | |
parent | 5b68030b9d57a839ad798415f30936660ca83904 (diff) | |
download | otp-b42123ea3de0a9d5d9294fe10ee1bbca33b08fb0.tar.gz otp-b42123ea3de0a9d5d9294fe10ee1bbca33b08fb0.tar.bz2 otp-b42123ea3de0a9d5d9294fe10ee1bbca33b08fb0.zip |
Merge branch 'ms/epmd-local-access-check' into dev
* ms/epmd-local-access-check:
epmd: include host address in local access check
OTP-9214
Diffstat (limited to 'erts/epmd/src')
-rw-r--r-- | erts/epmd/src/epmd_srv.c | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/erts/epmd/src/epmd_srv.c b/erts/epmd/src/epmd_srv.c index 8a4a915614..4d9b454f97 100644 --- a/erts/epmd/src/epmd_srv.c +++ b/erts/epmd/src/epmd_srv.c @@ -809,6 +809,7 @@ static int conn_open(EpmdVars *g,int fd) for (i = 0; i < g->max_conn; i++) { if (g->conn[i].open == EPMD_FALSE) { struct sockaddr_in si; + struct sockaddr_in di; #ifdef HAVE_SOCKLEN_T socklen_t st; #else @@ -829,12 +830,16 @@ static int conn_open(EpmdVars *g,int fd) /* Determine if connection is from localhost */ if (getpeername(s->fd,(struct sockaddr*) &si,&st) || st < sizeof(si)) { - /* Failure to get peername is regarder as non local host */ + /* Failure to get peername is regarded as non local host */ s->local_peer = EPMD_FALSE; } else { + /* Only 127.x.x.x and connections from the host's IP address + allowed, no false positives */ s->local_peer = - ((((unsigned) ntohl(si.sin_addr.s_addr)) & 0xFF000000U) == - 0x7F000000U); /* Only 127.x.x.x allowed, no false positives */ + (((((unsigned) ntohl(si.sin_addr.s_addr)) & 0xFF000000U) == + 0x7F000000U) || + (getsockname(s->fd,(struct sockaddr*) &di,&st) ? + EPMD_FALSE : si.sin_addr.s_addr == di.sin_addr.s_addr)); } dbg_tty_printf(g,2,(s->local_peer) ? "Local peer connected" : "Non-local peer connected"); |