519
519
access_control(struct tcsd_thread_data *thread_data)
522
struct hostent *local_hostent = NULL;
523
static char *localhostname = NULL;
524
static int localhostname_len = 0;
526
if (!localhostname) {
527
if ((local_hostent = gethostbyname("localhost")) == NULL) {
528
LogError("Error resolving localhost: %s", hstrerror(h_errno));
532
LogDebugFn("Cached local hostent:");
533
LogDebugFn("h_name: %s", local_hostent->h_name);
534
for (i = 0; local_hostent->h_aliases[i]; i++) {
535
LogDebugFn("h_aliases[%d]: %s", i, local_hostent->h_aliases[i]);
537
LogDebugFn("h_addrtype: %s",
538
(local_hostent->h_addrtype == AF_INET6 ? "AF_INET6" : "AF_INET"));
540
localhostname_len = strlen(local_hostent->h_name);
541
if ((localhostname = strdup(local_hostent->h_name)) == NULL) {
542
LogError("malloc of %d bytes failed.", localhostname_len);
543
return TCSERR(TSS_E_OUTOFMEMORY);
523
struct sockaddr_storage sas;
525
socklen_t sas_len = sizeof(sas);
527
if (!getpeername(thread_data->sock, (struct sockaddr *)&sas, &sas_len)) {
528
LogError("Error retrieving local socket address: %s", strerror(errno));
532
sa = (struct sockaddr *)&sas;
535
// Check if it's localhost for both inet protocols
536
if (sa->sa_family == AF_INET) {
537
struct sockaddr_in *sa_in = (struct sockaddr_in *)sa;
538
uint32_t nloopaddr = htonl(INADDR_LOOPBACK);
539
if (memcmp(&sa_in->sin_addr.s_addr, &nloopaddr,
540
sizeof(struct sockaddr_in)) == 0)
542
else if (sa->sa_family == AF_INET6) {
543
struct sockaddr_in6 *sa_in6 = (struct sockaddr_in6 *)sa;
544
if (memcmp(&sa_in6->sin6_addr.s6_addr, &in6addr_loopback,
545
sizeof(struct sockaddr_in6)) == 0)
547
549
/* if the request comes from localhost, or is in the accepted ops list,
549
if (!strncmp(thread_data->hostname, localhostname,
550
MIN((size_t)localhostname_len, strlen(thread_data->hostname)))) {
553
554
while (tcsd_options.remote_ops[i]) {