Blame CVE-2013-4319.patch
|
 |
3e961a6 |
diff --git a/src/server/process_request.c b/src/server/process_request.c
|
|
|
3e961a6 |
index 4817ed0..6b4c955 100644
|
|
|
3e961a6 |
--- a/src/server/process_request.c
|
|
|
3e961a6 |
+++ b/src/server/process_request.c
|
|
|
3e961a6 |
@@ -679,6 +679,21 @@ void process_request(
|
|
|
3e961a6 |
log_buffer);
|
|
|
3e961a6 |
}
|
|
|
3e961a6 |
|
|
|
3e961a6 |
+ if (svr_conn[sfds].cn_authen != PBS_NET_CONN_FROM_PRIVIL)
|
|
|
3e961a6 |
+ {
|
|
|
3e961a6 |
+ sprintf(log_buffer, "request type %s from host %s rejected (connection not privileged)",
|
|
|
3e961a6 |
+ reqtype_to_txt(request->rq_type),
|
|
|
3e961a6 |
+ request->rq_host);
|
|
|
3e961a6 |
+
|
|
|
3e961a6 |
+ log_record(PBSEVENT_JOB, PBS_EVENTCLASS_JOB, id, log_buffer);
|
|
|
3e961a6 |
+
|
|
|
3e961a6 |
+ req_reject(PBSE_BADHOST, 0, request, NULL, "request not authorized");
|
|
|
3e961a6 |
+
|
|
|
3e961a6 |
+ close_client(sfds);
|
|
|
3e961a6 |
+
|
|
|
3e961a6 |
+ return;
|
|
|
3e961a6 |
+ }
|
|
|
3e961a6 |
+
|
|
|
3e961a6 |
/* if (!tfind(svr_conn[sfds].cn_addr, &okclients)) */
|
|
|
3e961a6 |
if (!AVL_is_in_tree(svr_conn[sfds].cn_addr, 0, okclients))
|
|
|
3e961a6 |
{
|