Posting over innd/lc.c

[Jeffrey M. Vinocur]

On Sun, 17 Feb 2002, Russ Allbery wrote:

> RCcanpost() is called for any connection, and it doesn't look like it has
> any special logic to distinguish.  This used to work fine for you?  I've
> already had localhost with full permissions... hm.

I haven't restored everything to try, but I swear it used to work just
fine.


>         new->Address.s_addr = MyAddress.s_addr;
>
> This is where MyAddress got used.  Hm.  It should be all zeroes, so
> something somewhere is creating a permission entry for an address of all
> zeroes or is somehow special-casing this.

Right, that's what we figured.  But I can't for the life of me figure out
where it is.  (It was changing that MyAddress assignment to using memset
to zero the struct that caused the problem.  But I don't get it.)


> This is all screaming latent bug; it's good to dig this out and actually
> do something structured and reasonable with local nnrpd connections.  I
> think maybe we should do something glaringly obvious, like setting a
> trusted flag on those connections that RCcanpost() then looks at, so that
> we don't have to do detective work to figure out how these connections are
> recognized.

Agreed.  Except that it we need to track down the existing code to
expunge, hopefully, and that we're having trouble doing.

On the plus side, adding a check for ==0 to the top of RCcanpost and
returning 1 in that case, bypassing incoming.conf, causes everything to
work.  So it's fixed for the time being, in which case I think it's time
to commit this and we can work on figuring this out more as we like.

Is it worth adding to TODO?


-- 
Jeffrey M. Vinocur
jeff at litech.org