~mdw
/
yaid
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
linux.c, yaid.c: Correct policy application for proxied queries.
[yaid]
/
linux.c
diff --git
a/linux.c
b/linux.c
index
d7d8475
..
2c9a1d7
100644
(file)
--- a/
linux.c
+++ b/
linux.c
@@
-296,21
+296,23
@@
void identify(struct query *q)
* query is our gateway then don't check the remote address in the
* field (but do check the port number).
*/
* query is our gateway then don't check the remote address in the
* field (but do check the port number).
*/
- if (q->ao->sys->parseaddr(&p, &s[
0
].addr)) goto next_row;
+ if (q->ao->sys->parseaddr(&p, &s[
i
].addr)) goto next_row;
if (*p != ':') break; p++;
if (*p != ':') break; p++;
- s[
0
].port = strtoul(p, 0, 16);
+ s[
i
].port = strtoul(p, 0, 16);
if ((i == R && gwp) ?
if ((i == R && gwp) ?
- q->s[R].port != s[
0
].port :
- !sockeq(q->ao, &q->s[i], &s[
0
]))
+ q->s[R].port != s[
i
].port :
+ !sockeq(q->ao, &q->s[i], &s[
i
]))
goto next_row;
}
/* We got to the end, and everything matched. If we found a UID then
goto next_row;
}
/* We got to the end, and everything matched. If we found a UID then
- * we're done.
+ * we're done. If the apparent remote address is our gateway then copy
+ * the true one into the query structure.
*/
if (uid != -1) {
q->resp = R_UID;
q->u.uid = uid;
*/
if (uid != -1) {
q->resp = R_UID;
q->u.uid = uid;
+ if (gwp) q->s[R].addr = s[i].addr;
goto done;
}
next_row:;
goto done;
}
next_row:;