From c9d90e662746a64853580e8275a1b302a93b7d91 Mon Sep 17 00:00:00 2001 From: jhay Date: Wed, 14 Mar 2007 18:42:40 +0000 Subject: Fix access control and logging of IPv6 addresses. --- www/ffproxy/files/patch-socket.c | 35 +++++++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 www/ffproxy/files/patch-socket.c (limited to 'www/ffproxy') diff --git a/www/ffproxy/files/patch-socket.c b/www/ffproxy/files/patch-socket.c new file mode 100644 index 00000000000..68a7a326136 --- /dev/null +++ b/www/ffproxy/files/patch-socket.c @@ -0,0 +1,35 @@ +--- socket.c.orig Fri Dec 31 10:59:54 2004 ++++ socket.c Thu Nov 9 20:19:53 2006 +@@ -58,7 +58,7 @@ + open_socket(void) + { + extern struct cfg config; +- struct sockaddr claddr; ++ struct sockaddr_storage claddr; + struct addrinfo hints[2], *res; + struct clinfo *clinfo; + struct pollfd s[2]; +@@ -135,7 +135,6 @@ + if (config.bind_ipv6) + info("waiting for requests on %s port %d (IPv6)", *config.ipv6 ? config.ipv6 : "(any)", config.port); + +- claddr_len = sizeof(claddr); + config.ccount = 0; + cl = 0; + isipv4 = config.bind_ipv4; +@@ -160,13 +159,14 @@ + } + } else + st = s[0].fd; ++ claddr_len = sizeof(claddr); + if ((cl = accept(st, (struct sockaddr *) & claddr, &claddr_len)) == -1) { + DEBUG(("open_socket() => accept() failed")); + continue; + } + + DEBUG(("open_socket() => connection, checking access")); +- clinfo = identify(&claddr, (socklen_t) isipv4 ? sizeof(struct sockaddr_in) : sizeof(struct sockaddr_in6)); ++ clinfo = identify((struct sockaddr *)&claddr, claddr_len); + if (check_access(clinfo) != 0) { + DEBUG(("open_socket() => no access")); + if (config.logrequests) -- cgit