DeleteConn can delete the wrong connection in cfservd...

[Phil D Amore]

It appears that it is possible for the DeleteConn function in cfservd to 
remove the wrong IP address from its connection list if two hosts with 
similar IPs connect at the same time.  For example, given the two 
addresses:

172.16.52.3
172.16.52.36

I found that this line in the DeleteConn fucntion in cfservd.c:

DeleteItemStarting(&CONNECTIONLIST,conn->ipaddr); 

when called with the first IP would incorrectly match and delete the 2nd
IP if they were both connected at the same time, locking out the first IP
because of repeated connections.

I noticed this in 2.0.a14, but the code appears unchanged in 2.0.0.  
Attached is my current patch for the issue in 2.0.a14.  From what I can
tell, to work in 2.0.0, the line in the patch:

-DeleteItemStarting(&CONNECTIONLIST,conn->ipaddr); 

needs to say:

-DeleteItemStarting(&CONNECTIONLIST,MapAddress(conn->ipaddr)); 

But I have not really tested 2.0.0 here yet, so I cannot say for sure if
things will run properly this way.  Basically what I did was create a new 
function, DeleteItemExact that used strcmp instead of strncmp to make sure 
the entire string passed in matches the entire string in the list.  I then 
replace the DeleteItemStarting call in DeleteConn with this new function.


-- 
Phil D'Amore                             The path of least resistance
Senior System Administrator              is the path you never wasted
Red Hat, Inc                             your energy taking.
919.754.3700 x44395

cfengine-2.0.a14-connlist.patch
Description: Text document