From 879fd42ed181f236590ebd676bb98f847ff38076 Mon Sep 17 00:00:00 2001 From: Tom Yu Date: Mon, 20 Jun 2011 15:31:34 +0000 Subject: [PATCH] pull up r24967 from trunk ------------------------------------------------------------------------ r24967 | ghudson | 2011-06-13 14:54:33 -0400 (Mon, 13 Jun 2011) | 12 lines ticket: 6920 subject: Fix old-style GSSRPC authentication target_version: 1.9.2 tags: pullup r24147 (ticket #6746) made libgssrpc ignorant of the remote address of the kadmin socket, even when it's IPv4. This made old-style GSSAPI authentication fail because it uses the wrong channel bindings. Fix this problem by making clnttcp_create() get the remote address from the socket using getpeername() if the caller doesn't provide it and it's an IPv4 address. ticket: 6920 version_fixed: 1.9.2 status: resolved git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-9@24971 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/rpc/clnt_tcp.c | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/src/lib/rpc/clnt_tcp.c b/src/lib/rpc/clnt_tcp.c index 37f127560..2affc28bd 100644 --- a/src/lib/rpc/clnt_tcp.c +++ b/src/lib/rpc/clnt_tcp.c @@ -187,9 +187,16 @@ clnttcp_create( ct->ct_sock = *sockp; ct->ct_wait.tv_usec = 0; ct->ct_waitset = FALSE; - if (raddr == NULL) - memset(&ct->ct_addr, 0, sizeof(ct->ct_addr)); - else + if (raddr == NULL) { + /* Get the remote address from the socket, if it's IPv4. */ + struct sockaddr_in sin; + socklen_t len = sizeof(sin); + int ret = getpeername(ct->ct_sock, (struct sockaddr *)&sin, &len); + if (ret == 0 && len == sizeof(sin) && sin.sin_family == AF_INET) + ct->ct_addr = sin; + else + memset(&ct->ct_addr, 0, sizeof(ct->ct_addr)); + } else ct->ct_addr = *raddr; /* -- 2.26.2