From aadc71e0b4ded19a4dbfeafd509d265e42659c92 Mon Sep 17 00:00:00 2001
From: Simo Sorce <simo@redhat.com>
Date: Wed, 19 Jun 2013 12:18:31 -0400
Subject: Properly check socket for connection matching.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

We always need to chekc if the socket matches otherwise the worng service may
be selected if a specific socket is being used but a service allowing the same
euid is confgured to use the deault socket as well.

Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Günther Deschner <gdeschner@redhat.com>
---
 proxy/src/gp_creds.c | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

(limited to 'proxy/src')

diff --git a/proxy/src/gp_creds.c b/proxy/src/gp_creds.c
index 2517665..cd51308 100644
--- a/proxy/src/gp_creds.c
+++ b/proxy/src/gp_creds.c
@@ -103,9 +103,14 @@ struct gp_service *gp_creds_match_conn(struct gssproxy_ctx *gpctx,
 
     for (i = 0; i < gpctx->config->num_svcs; i++) {
         if (gpctx->config->svcs[i]->euid == gcs->ucred.uid) {
-            if (gpctx->config->svcs[i]->socket &&
-                !gp_same(socket, gpctx->config->svcs[i]->socket)) {
-                continue;
+            if (gpctx->config->svcs[i]->socket) {
+                if (!gp_same(socket, gpctx->config->svcs[i]->socket)) {
+                    continue;
+                }
+            } else {
+                if (!gp_same(socket, gpctx->config->socket_name)) {
+                    continue;
+                }
             }
             return gpctx->config->svcs[i];
         }
-- 
cgit