It appears that:
* authbind's documentation authbind-helper(8) describes the
endianness convention of authbind's helper program incorrectly.
See Debian #651694.
* The version of secnet 0.1.16 tagged as such in revision control
contains a "fix" which was based on the authbind documentation but
not apparently tested against authbind. Ie, this part from NEWS:
4) Change the endianess of the arguments to authbind-helper.
sprintf("%04X") already translates from machine repesentation to most
significant octet first so htons reversed it again.
* The version of secnet 0.1.16 actually in service on chiark had an
out-of-version-control change to udp.c to make it work with
chiark's authbind 1.2.0. The actual code found has been recorded
on the dead branch "chiark-0.1.16" in the master git repo, but the
version of udp.c is exactly that from 0.1.15 so it looks like we
just reverted to the previous udp.c during deployment of 0.1.16.
* We (re)discovered all this after the release of secnet 0.2.0
because my attempt to deploy 0.2.0 on chiark was not actually
effective.
Therefore, undo the authbind endianness change introduced in secnet
0.1.16. This is most easily achieved by constructing the arguments to
the helper from the sockaddr rather than the contents of "st".
Thanks are due to Simon Tatham for the bug report.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
(cherry picked from commit
51b259535294bb46757a040596ab052e53f29483)
}
if (c==0) {
char *argv[4], addrstr[9], portstr[5];
- sprintf(addrstr,"%08lX",(long)st->addr);
- sprintf(portstr,"%04X",st->port);
+ sprintf(addrstr,"%08lX",(long)addr.sin_addr.s_addr);
+ sprintf(portstr,"%04X",addr.sin_port);
argv[0]=st->authbind;
argv[1]=addrstr;
argv[2]=portstr;
~ianmdlvl / secnet.git / commitdiff