diff options
author | Guy Harris <guy@alum.mit.edu> | 2019-01-09 21:51:50 -0800 |
---|---|---|
committer | Guy Harris <guy@alum.mit.edu> | 2019-01-09 21:51:50 -0800 |
commit | 0bc1785ff8b491195679629e949a738fa0a21ce6 (patch) | |
tree | f7defec64f1ad134c27ded9783ea26906111f12e /rpcapd | |
parent | 5ec780d84809c8be1398f55527ada06f4ec7034e (diff) | |
download | libpcap-0bc1785ff8b491195679629e949a738fa0a21ce6.tar.gz |
Properly check the return status of sock_check_hostlist().
It's not a boolean with 0 meaning "host not authorized" and 1 meaning
"host authorized"; it's negative if we shouldn't let them connect, with
-1 meaning "not in the host list" and -2 meaning "an error occurred in
the process of checking", and non-negative if we should let them
connect, with 0 meaning "they're in the host list" and 1 meaning "the
host list is empty, so we're letting everybody in".
Diffstat (limited to 'rpcapd')
-rw-r--r-- | rpcapd/daemon.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/rpcapd/daemon.c b/rpcapd/daemon.c index 75d4ccca..b6e1de7c 100644 --- a/rpcapd/daemon.c +++ b/rpcapd/daemon.c @@ -149,7 +149,7 @@ daemon_serviceloop(SOCKET sockctrl, int isactive, char *passiveClients, struct daemon_slpars pars; // service loop parameters char errbuf[PCAP_ERRBUF_SIZE + 1]; // keeps the error string, prior to be printed char errmsgbuf[PCAP_ERRBUF_SIZE + 1]; // buffer for errors to send to the client - int host_port_ok; + int host_port_check_status; SSL *ssl = NULL; int nrecv; struct rpcap_header header; // RPCAP message general header @@ -258,13 +258,13 @@ daemon_serviceloop(SOCKET sockctrl, int isactive, char *passiveClients, // // Are they in the list of host/port combinations we allow? // - host_port_ok = (sock_check_hostlist(passiveClients, RPCAP_HOSTLIST_SEP, &from, errmsgbuf, PCAP_ERRBUF_SIZE) == 0); + host_port_check_status = sock_check_hostlist(passiveClients, RPCAP_HOSTLIST_SEP, &from, errmsgbuf, PCAP_ERRBUF_SIZE); free(passiveClients); passiveClients = NULL; - if (!host_port_ok) + if (host_port_check_status < 0) { // - // Sorry, you're not on the guest list. + // Sorry, we can't let you in. // if (rpcap_senderror(pars.sockctrl, pars.ssl, 0, PCAP_ERR_HOSTNOAUTH, errmsgbuf, errbuf) == -1) rpcapd_log(LOGPRIO_ERROR, "Send to client failed: %s", errbuf); |