5 年前 · 859713d10f
--- a/src/auth.c
+++ b/src/auth.c
@@ -706,10 +706,11 @@ struct authcache {
 
				 	char * password;
			
 
				 	time_t expires;
			
 
				 #ifndef NOIPV6
			
 
				-	struct sockaddr_in6 sa;
			
 
				+	struct sockaddr_in6 sa, sinsl;
			
 
				 #else
			
 
				-	struct sockaddr_in sa;
			
 
				+	struct sockaddr_in sa, sinsl;
			
 
				 #endif
			
 
				+	struct ace *acl;
			
 
				 	struct authcache *next;
			
 
				 } *authc = NULL;
			
 
				 
			
@@ -734,13 +735,19 @@ int cacheauth(struct clientparam * param){
 
				 			continue;
			
 
				 			
			
 
				 		}
			
 
				-		if((!(conf.authcachetype&2) || (param->username && ac->username && !strcmp(ac->username, (char *)param->username))) &&
			
 
				-		   (!(conf.authcachetype&4) || (ac->password && param->password && !strcmp(ac->password, (char *)param->password)))) {
			
 
				+		if(
			
 
				+		 (!(conf.authcachetype&2) || (param->username && ac->username && !strcmp(ac->username, (char *)param->username))) &&
			
 
				+		 (!(conf.authcachetype&4) || (ac->password && param->password && !strcmp(ac->password, (char *)param->password))) &&
			
 
				+		 (!(conf.authcachetype&16) || (ac->acl == param->srv->acl))
			
 
				+		) {
			
 
				 
			
 
				 			if(!(conf.authcachetype&1)
			
 
				 				|| ((*SAFAMILY(&ac->sa) ==  *SAFAMILY(&param->sincr) 
			
 
				 				   && !memcmp(SAADDR(&ac->sa), SAADDR(&param->sincr), SAADDRLEN(&ac->sa))))){
			
 
				 
			
 
				+				if(conf.authcachetype&16) {
			
 
				+					param->sinsl = ac->sinsl;
			
 
				+				}
			
 
				 				if(param->username){
			
 
				 					myfree(param->username);
			
 
				 				}
			
@@ -777,9 +784,12 @@ int doauth(struct clientparam * param){
 
				 			if(conf.authcachetype && authfuncs->authenticate && authfuncs->authenticate != cacheauth && param->username && (!(conf.authcachetype&4) || (!param->pwtype && param->password))){
			
 
				 				pthread_mutex_lock(&hash_mutex);
			
 
				 				for(ac = authc; ac; ac = ac->next){
			
 
				-					if((!(conf.authcachetype&2) || !strcmp(ac->username, (char *)param->username)) &&
			
 
				+					if(
			
 
				+					   (!(conf.authcachetype&2) || !strcmp(ac->username, (char *)param->username)) &&
			
 
				 					   (!(conf.authcachetype&1) || (*SAFAMILY(&ac->sa) ==  *SAFAMILY(&param->sincr) && !memcmp(SAADDR(&ac->sa), SAADDR(&param->sincr), SAADDRLEN(&ac->sa))))  &&
			
 
				-					   (!(conf.authcachetype&4) || (ac->password && !strcmp(ac->password, (char *)param->password)))) {
			
 
				+					   (!(conf.authcachetype&4) || (ac->password && !strcmp(ac->password, (char *)param->password))) &&
			
 
				+					   (!(conf.authcachetype&16) || (ac->acl == param->srv->acl))
			
 
				+					) {
			
 
				 						ac->expires = conf.time + conf.authcachetime;
			
 
				 						if(strcmp(ac->username, (char *)param->username)){
			
 
				 							tmp = ac->username;
			
@@ -792,6 +802,10 @@ int doauth(struct clientparam * param){
 
				 							myfree(tmp);
			
 
				 						}
			
 
				 						ac->sa = param->sincr;
			
 
				+						if(conf.authcachetype&16) {
			
 
				+							ac->sinsl = param-> sinsl;
			
 
				+						}
			
 
				+
			
 
				 						break;
			
 
				 					}
			
 
				 				}
			
@@ -803,6 +817,9 @@ int doauth(struct clientparam * param){
 
				 						ac->sa = param->sincr;
			
 
				 						ac->password = NULL;
			
 
				 						if((conf.authcachetype&4) && param->password) ac->password = mystrdup((char *)param->password);
			
 
				+						if(conf.authcachetype&16) {
			
 
				+							ac->sinsl = param->sinsl;
			
 
				+						}
			
 
				 					}
			
 
				 					ac->next = authc;
			
 
				 					authc = ac;
			
--- a/src/common.c
+++ b/src/common.c
@@ -746,7 +746,10 @@ int doconnect(struct clientparam * param){
 
				 	}
			
 
				 #endif
			
 
				 #ifdef SO_BINDTODEVICE
			
 
				-	if(param->srv->obindtodevice) so._setsockopt(param->remsock, SOL_SOCKET, SO_BINDTODEVICE, param->srv->obindtodevice, strlen(param->srv->obindtodevice) + 1);
			
 
				+	if(param->srv->obindtodevice) {
			
 
				+		if(so._setsockopt(param->remsock, SOL_SOCKET, SO_BINDTODEVICE, param->srv->obindtodevice, strlen(param->srv->obindtodevice) + 1))
			
 
				+			return 12;
			
 
				+	}
			
 
				 #endif
			
 
				 	if(SAISNULL(&param->sinsl)){
			
 
				 #ifndef NOIPV6
			
--- a/src/conf.c
+++ b/src/conf.c
@@ -1337,6 +1337,8 @@ static int h_authcache(int argc, unsigned char **argv){
 
				 	if(strstr((char *) *(argv + 1), "user")) conf.authcachetype |= 2;
			
 
				 	if(strstr((char *) *(argv + 1), "pass")) conf.authcachetype |= 4;
			
 
				 	if(strstr((char *) *(argv + 1), "limit")) conf.authcachetype |= 8;
			
 
				+	if(strstr((char *) *(argv + 1), "acl")) conf.authcachetype |= 16;
			
 
				+	if(strstr((char *) *(argv + 1), "ext")) conf.authcachetype |= 32;
			
 
				 	if(argc > 2) conf.authcachetime = (unsigned) atoi((char *) *(argv + 2));
			
 
				 	if(!conf.authcachetype) conf.authcachetype = 6;
			
 
				 	if(!conf.authcachetime) conf.authcachetime = 600;
			
@@ -1468,7 +1470,7 @@ static int h_chroot(int argc, unsigned char **argv){
 
				 		fprintf(stderr, "Unable to set uid %d", (int)uid);
			
 
				 		return(5);
			
 
				 	}
			
 
				-
			
 
				+	chdir("/");
			
 
				 	return 0;
			
 
				 }
			
 
				 #endif