aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--erts/epmd/src/epmd_srv.c11
1 files changed, 8 insertions, 3 deletions
diff --git a/erts/epmd/src/epmd_srv.c b/erts/epmd/src/epmd_srv.c
index 8a4a915614..4d9b454f97 100644
--- a/erts/epmd/src/epmd_srv.c
+++ b/erts/epmd/src/epmd_srv.c
@@ -809,6 +809,7 @@ static int conn_open(EpmdVars *g,int fd)
for (i = 0; i < g->max_conn; i++) {
if (g->conn[i].open == EPMD_FALSE) {
struct sockaddr_in si;
+ struct sockaddr_in di;
#ifdef HAVE_SOCKLEN_T
socklen_t st;
#else
@@ -829,12 +830,16 @@ static int conn_open(EpmdVars *g,int fd)
/* Determine if connection is from localhost */
if (getpeername(s->fd,(struct sockaddr*) &si,&st) ||
st < sizeof(si)) {
- /* Failure to get peername is regarder as non local host */
+ /* Failure to get peername is regarded as non local host */
s->local_peer = EPMD_FALSE;
} else {
+ /* Only 127.x.x.x and connections from the host's IP address
+ allowed, no false positives */
s->local_peer =
- ((((unsigned) ntohl(si.sin_addr.s_addr)) & 0xFF000000U) ==
- 0x7F000000U); /* Only 127.x.x.x allowed, no false positives */
+ (((((unsigned) ntohl(si.sin_addr.s_addr)) & 0xFF000000U) ==
+ 0x7F000000U) ||
+ (getsockname(s->fd,(struct sockaddr*) &di,&st) ?
+ EPMD_FALSE : si.sin_addr.s_addr == di.sin_addr.s_addr));
}
dbg_tty_printf(g,2,(s->local_peer) ? "Local peer connected" :
"Non-local peer connected");