summaryrefslogtreecommitdiff
path: root/server/dispatch.c
diff options
context:
space:
mode:
authorGravatar Richard Basch <probe@mit.edu>1993-03-22 08:48:05 +0000
committerGravatar Richard Basch <probe@mit.edu>1993-03-22 08:48:05 +0000
commit7737d3bad5e9d27c720142204dd7a9f0bf66840c (patch)
tree9ce0b48e143c98e7e41dd18668a9b627fba9b11f /server/dispatch.c
parent75563982e38a977faf0842ae477aca7a9626d466 (diff)
Discard packets that are faking their source address.
Only permissible exception: authentic and source is 0.0.0.0.
Diffstat (limited to 'server/dispatch.c')
-rw-r--r--server/dispatch.c12
1 files changed, 12 insertions, 0 deletions
diff --git a/server/dispatch.c b/server/dispatch.c
index 834386d..a3f241a 100644
--- a/server/dispatch.c
+++ b/server/dispatch.c
@@ -387,6 +387,18 @@ sendit(notice, auth, who)
/* max size is 255.255.255.255 */
char buffer[16];
(void) strcpy(buffer, inet_ntoa(who->sin_addr));
+ if (!auth) {
+ syslog(LOG_WARNING, "sendit unauthentic fake packet: claimed %s, real %s",
+ inet_ntoa(notice->z_sender_addr), buffer);
+ clt_ack(notice, who, AUTH_FAILED);
+ return;
+ }
+ if (ntohl(notice->z_sender_addr.s_addr) != 0) {
+ syslog(LOG_WARNING, "sendit invalid address: claimed %s, real %s",
+ inet_ntoa(notice->z_sender_addr), buffer);
+ clt_ack(notice, who, AUTH_FAILED);
+ return;
+ }
syslog(LOG_WARNING, "sendit addr mismatch: claimed %s, real %s",
inet_ntoa(notice->z_sender_addr), buffer);
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-31 00:39:13 +0000