Don't check FCGI_WEB_SERVER_ADDRS for UNIX sockets

author: Dmitry Stogov <dmitry@php.net> 2010-08-27 08:50:32 +0000
committer: Dmitry Stogov <dmitry@php.net> 2010-08-27 08:50:32 +0000
commit: d4c2c6c6ba20ae082d148b91a3fcf3fb9719c965 (patch)
tree: b482bb84e9bb7ecc02b25f1abb2e1696988bc649 /sapi
parent: a95dd97752d73c213d21ce97200e64e3ff6f40f0 (diff)
download: php-git-d4c2c6c6ba20ae082d148b91a3fcf3fb9719c965.tar.gz
1 files changed, 9 insertions, 7 deletions
diff --git a/sapi/cgi/fastcgi.c b/sapi/cgi/fastcgi.c
index e6632adafa..3ca08c1786 100644
--- a/sapi/cgi/fastcgi.c
+++ b/sapi/cgi/fastcgi.c
@@ -1157,17 +1157,19 @@ int fcgi_accept_request(fcgi_request *req)
 					FCGI_LOCK(req->listen_socket);
 					req->fd = accept(listen_socket, (struct sockaddr *)&sa, &len);
 					FCGI_UNLOCK(req->listen_socket);
-					if (req->fd >= 0 && allowed_clients) {
+					if (req->fd >= 0 &&
+					    allowed_clients &&
+					    ((struct sockaddr *)&sa)->sa_family == AF_INET) {
 						int n = 0;
 						int allowed = 0;
 
-							while (allowed_clients[n] != INADDR_NONE) {
-								if (allowed_clients[n] == sa.sa_inet.sin_addr.s_addr) {
-									allowed = 1;
-									break;
-								}
-								n++;
+						while (allowed_clients[n] != INADDR_NONE) {
+							if (allowed_clients[n] == sa.sa_inet.sin_addr.s_addr) {
+								allowed = 1;
+								break;
 							}
+							n++;
+						}
 						if (!allowed) {
 							fprintf(stderr, "Connection from disallowed IP address '%s' is dropped.\n", inet_ntoa(sa.sa_inet.sin_addr));
 							closesocket(req->fd);
author	Dmitry Stogov <dmitry@php.net>	2010-08-27 08:50:32 +0000
committer	Dmitry Stogov <dmitry@php.net>	2010-08-27 08:50:32 +0000
commit	d4c2c6c6ba20ae082d148b91a3fcf3fb9719c965 (patch)
tree	b482bb84e9bb7ecc02b25f1abb2e1696988bc649 /sapi
parent	a95dd97752d73c213d21ce97200e64e3ff6f40f0 (diff)
download	php-git-d4c2c6c6ba20ae082d148b91a3fcf3fb9719c965.tar.gz