From 26b873784e215f9e40afa030392b82600e7ebeef Mon Sep 17 00:00:00 2001 From: wpaul Date: Mon, 14 Aug 1995 23:52:49 +0000 Subject: Submitted by: Bill Fenner Fix for PR #510. The original problem was that __ivaliduser() was failing to grant access to a machine listed in a +@netgroup specified in /etc/hosts.equiv, even though the host being checked was most certainly in the +@netgroup. The /etc/hosts.equiv file in question looked like this: localhost +@netgroup The reason for the failure was had to do with gethostbyaddr(). Inside the __ivaliduser() routine, we need to do a gethostbyaddr() in order to get back the actual name of the host we're trying to validate since we're only passed its IP address. The hostname returned by gethostbyaddr() is later passed as an argument to innetgr(). The problem is that __icheckhost() later does a gethostbyname() of its own, which clobbers the buffer returned by gethostbyaddr(). The fix is just to copy the hostname into a private buffer and use _that_ as the 'host' argument that gets passed to innetgr(). And here I was crawling all over the innetgr() code thinking the problem was there. *sigh* --- lib/libc/net/rcmd.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'lib/libc/net') diff --git a/lib/libc/net/rcmd.c b/lib/libc/net/rcmd.c index f0d756c..405dd8e 100644 --- a/lib/libc/net/rcmd.c +++ b/lib/libc/net/rcmd.c @@ -361,6 +361,7 @@ __ivaliduser(hostf, raddr, luser, ruser) register char *user, *p; int ch; char buf[MAXHOSTNAMELEN + 128]; /* host + login */ + char hname[MAXHOSTNAMELEN]; struct hostent *hp; /* Presumed guilty until proven innocent. */ int userok = 0, hostok = 0; @@ -376,6 +377,7 @@ __ivaliduser(hostf, raddr, luser, ruser) if ((hp = gethostbyaddr((char *)&raddr, sizeof(u_long), AF_INET)) == NULL) return (-1); + strcpy(hname, hp->h_name); while (fgets(buf, sizeof(buf), hostf)) { p = buf; @@ -414,15 +416,15 @@ __ivaliduser(hostf, raddr, luser, ruser) break; } if (buf[1] == '@') /* match a host by netgroup */ - hostok = innetgr((char *)&buf[2], hp->h_name, - NULL, ypdomain); + hostok = innetgr((char *)&buf[2], + (char *)&hname, NULL, ypdomain); else /* match a host by addr */ hostok = __icheckhost(raddr,(char *)&buf[1]); break; case '-': /* reject '-' hosts and all their users */ if (buf[1] == '@') { if (innetgr((char *)&buf[2], - hp->h_name, NULL, ypdomain)) + (char *)&hname, NULL, ypdomain)) return(-1); } else { if (__icheckhost(raddr,(char *)&buf[1])) -- cgit v1.1