Interfaces code ignores non-broadcast links
Andrew Bartlett
abartlet at samba.org
Fri Feb 3 23:24:55 GMT 2006
Maurice Massar pointed out to me recently of the need to correctly
identify and bind to all interfaces in the KDC. The cryptographic calls
used to secure the kpasswd and some KDC communication and address
sensitive (this is a protocol that well predates NAT), and in -r 13321,
I now have the KDC binding to all interfaces one by one.
However, Maurice points out that we don't bind to point-to-point
interfaces.
Back in the original days of the interfaces code, this wasn't an issue,
as the only UDP traffic was netbios, and the interfaces mattered mostly
for broadcasts.
The fix looks easy enough:
Index: lib/netif/interface.c
===================================================================
--- lib/netif/interface.c (revision 13313)
+++ lib/netif/interface.c (working copy)
@@ -213,8 +213,7 @@
DEBUG(0,("ERROR: Could not determine network
interfaces, you must use a interfaces config line\n"));
}
for (i=0;i<total_probed;i++) {
- if (ifaces[i].netmask.s_addr != ~0 &&
- ifaces[i].ip.s_addr != loopback_ip.addr) {
+ if (ifaces[i].ip.s_addr != loopback_ip.addr) {
add_interface(ifaces[i].ip,
ifaces[i].netmask);
}
But I wonder what other code depends on the existing behaviour?
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Student Network Administrator, Hawker College http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20060204/ee3281c1/attachment.bin
More information about the samba-technical
mailing list