From 859713d10f92888d96843c4b8c05bc71a0bbf0aa Mon Sep 17 00:00:00 2001 From: z3APA3A <3APA3A@3proxy.ru> Date: Wed, 17 Jun 2020 16:05:23 +0300 Subject: [PATCH] Fail if can not bind to device --- src/auth.c | 29 +++++++++++++++++++++++------ src/common.c | 5 ++++- src/conf.c | 4 +++- 3 files changed, 30 insertions(+), 8 deletions(-) diff --git a/src/auth.c b/src/auth.c index 2532228..d6770aa 100644 --- a/src/auth.c +++ b/src/auth.c @@ -706,10 +706,11 @@ struct authcache { char * password; time_t expires; #ifndef NOIPV6 - struct sockaddr_in6 sa; + struct sockaddr_in6 sa, sinsl; #else - struct sockaddr_in sa; + struct sockaddr_in sa, sinsl; #endif + struct ace *acl; struct authcache *next; } *authc = NULL; @@ -734,13 +735,19 @@ int cacheauth(struct clientparam * param){ continue; } - if((!(conf.authcachetype&2) || (param->username && ac->username && !strcmp(ac->username, (char *)param->username))) && - (!(conf.authcachetype&4) || (ac->password && param->password && !strcmp(ac->password, (char *)param->password)))) { + if( + (!(conf.authcachetype&2) || (param->username && ac->username && !strcmp(ac->username, (char *)param->username))) && + (!(conf.authcachetype&4) || (ac->password && param->password && !strcmp(ac->password, (char *)param->password))) && + (!(conf.authcachetype&16) || (ac->acl == param->srv->acl)) + ) { if(!(conf.authcachetype&1) || ((*SAFAMILY(&ac->sa) == *SAFAMILY(¶m->sincr) && !memcmp(SAADDR(&ac->sa), SAADDR(¶m->sincr), SAADDRLEN(&ac->sa))))){ + if(conf.authcachetype&16) { + param->sinsl = ac->sinsl; + } if(param->username){ myfree(param->username); } @@ -777,9 +784,12 @@ int doauth(struct clientparam * param){ if(conf.authcachetype && authfuncs->authenticate && authfuncs->authenticate != cacheauth && param->username && (!(conf.authcachetype&4) || (!param->pwtype && param->password))){ pthread_mutex_lock(&hash_mutex); for(ac = authc; ac; ac = ac->next){ - if((!(conf.authcachetype&2) || !strcmp(ac->username, (char *)param->username)) && + if( + (!(conf.authcachetype&2) || !strcmp(ac->username, (char *)param->username)) && (!(conf.authcachetype&1) || (*SAFAMILY(&ac->sa) == *SAFAMILY(¶m->sincr) && !memcmp(SAADDR(&ac->sa), SAADDR(¶m->sincr), SAADDRLEN(&ac->sa)))) && - (!(conf.authcachetype&4) || (ac->password && !strcmp(ac->password, (char *)param->password)))) { + (!(conf.authcachetype&4) || (ac->password && !strcmp(ac->password, (char *)param->password))) && + (!(conf.authcachetype&16) || (ac->acl == param->srv->acl)) + ) { ac->expires = conf.time + conf.authcachetime; if(strcmp(ac->username, (char *)param->username)){ tmp = ac->username; @@ -792,6 +802,10 @@ int doauth(struct clientparam * param){ myfree(tmp); } ac->sa = param->sincr; + if(conf.authcachetype&16) { + ac->sinsl = param-> sinsl; + } + break; } } @@ -803,6 +817,9 @@ int doauth(struct clientparam * param){ ac->sa = param->sincr; ac->password = NULL; if((conf.authcachetype&4) && param->password) ac->password = mystrdup((char *)param->password); + if(conf.authcachetype&16) { + ac->sinsl = param->sinsl; + } } ac->next = authc; authc = ac; diff --git a/src/common.c b/src/common.c index 4180ec4..1be40a3 100644 --- a/src/common.c +++ b/src/common.c @@ -746,7 +746,10 @@ int doconnect(struct clientparam * param){ } #endif #ifdef SO_BINDTODEVICE - if(param->srv->obindtodevice) so._setsockopt(param->remsock, SOL_SOCKET, SO_BINDTODEVICE, param->srv->obindtodevice, strlen(param->srv->obindtodevice) + 1); + if(param->srv->obindtodevice) { + if(so._setsockopt(param->remsock, SOL_SOCKET, SO_BINDTODEVICE, param->srv->obindtodevice, strlen(param->srv->obindtodevice) + 1)) + return 12; + } #endif if(SAISNULL(¶m->sinsl)){ #ifndef NOIPV6 diff --git a/src/conf.c b/src/conf.c index 8b6e3c6..2375b52 100644 --- a/src/conf.c +++ b/src/conf.c @@ -1337,6 +1337,8 @@ static int h_authcache(int argc, unsigned char **argv){ if(strstr((char *) *(argv + 1), "user")) conf.authcachetype |= 2; if(strstr((char *) *(argv + 1), "pass")) conf.authcachetype |= 4; if(strstr((char *) *(argv + 1), "limit")) conf.authcachetype |= 8; + if(strstr((char *) *(argv + 1), "acl")) conf.authcachetype |= 16; + if(strstr((char *) *(argv + 1), "ext")) conf.authcachetype |= 32; if(argc > 2) conf.authcachetime = (unsigned) atoi((char *) *(argv + 2)); if(!conf.authcachetype) conf.authcachetype = 6; if(!conf.authcachetime) conf.authcachetime = 600; @@ -1468,7 +1470,7 @@ static int h_chroot(int argc, unsigned char **argv){ fprintf(stderr, "Unable to set uid %d", (int)uid); return(5); } - + chdir("/"); return 0; } #endif