return -1;
}
- bzero((char *)&sock,sizeof(sock));
+ memset((char *)&sock,0,sizeof(sock));
memcpy((char *)&sock.sin_addr,(char *)hp->h_addr, hp->h_length);
sock.sin_port = htons(port);
sock.sin_family = hp->h_addrtype;
{
int s;
- signal(SIGCHLD, SIG_IGN);
-
/* open an incoming socket */
s = open_socket_in(SOCK_STREAM, port);
if (s == -1)
if (fd == -1) continue;
+ signal(SIGCHLD, SIG_IGN);
+
+ /* we shouldn't have any children left hanging around
+ but I have had reports that on Digital Unix zombies
+ are produced, so this ensures that they are reaped */
+#ifdef WNOHANG
+ waitpid(-1, NULL, WNOHANG);
+#endif
+
if (fork()==0) {
close(s);
****************************************************************************/
void become_daemon(void)
{
+ int i;
+
if (fork())
_exit(0);
}
#endif /* TIOCNOTTY */
#endif
- close(0);
- close(1);
- close(2);
+ /* make sure that stdin, stdout an stderr don't stuff things
+ up (library functions, for example) */
+ for (i=0;i<3;i++) {
+ close(i);
+ open("/dev/null", O_RDWR);
+ }
}
/*******************************************************************
int length = sizeof(sa);
static char name_buf[100];
struct hostent *hp;
+ char **p;
+ char *def = "UNKNOWN";
- strcpy(name_buf,"UNKNOWN");
+ strcpy(name_buf,def);
if (getpeername(fd, &sa, &length)) {
exit_cleanup(1);
strlcpy(name_buf,(char *)hp->h_name,sizeof(name_buf) - 1);
}
+
+ /* do a forward lookup as well to prevent spoofing */
+ hp = gethostbyname(name_buf);
+ if (!hp) {
+ strcpy(name_buf,def);
+ rprintf(FERROR,"reverse name lookup failed\n");
+ } else {
+ for (p=hp->h_addr_list;*p;p++) {
+ if (memcmp(*p, &sockin->sin_addr, hp->h_length) == 0) {
+ break;
+ }
+ }
+ if (!*p) {
+ strcpy(name_buf,def);
+ rprintf(FERROR,"reverse name lookup mismatch - spoofed address?\n");
+ }
+ }
+
return name_buf;
}