Fix the handling of connection requests on the failover port.

This was a security issue in 4.2.0 but is not in  4.0.x.
[ISC-Bugs #22679]

2 files changed, 7 insertions, 2 deletions

diff --git a/RELNOTES b/RELNOTES
index a7110b95..2e8f290f 100644
--- a/RELNOTES
+++ b/RELNOTES
@@ -63,6 +63,10 @@ suggested fixes to <dhcp-users@isc.org>.
   as a hex list.  We shall investigate other ways of displaying time
   values more usefully.  [ISC-Bugs #22626]
 
+- Fix the handling of connection requests on the failover port.
+  This was a security issue in 4.2.0 but is not in  4.0.x.
+  [ISC-Bugs #22679]
+
 			Changes since 4.0.3rc1
 
 ! Handle a relay forward message with an unspecified address in the
diff --git a/server/failover.c b/server/failover.c
index e1e6f490..6b93fb63 100644
--- a/server/failover.c
+++ b/server/failover.c
@@ -3,7 +3,7 @@
    Failover protocol support code... */
 
 /*
- * Copyright (c) 2004-2009 by Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (c) 2004-2010 by Internet Systems Consortium, Inc. ("ISC")
  * Copyright (c) 1999-2003 by Internet Software Consortium
  *
  * Permission to use, copy, modify, and distribute this software for any
@@ -1089,7 +1089,8 @@ isc_result_t dhcp_failover_listener_signal (omapi_object_t *o,
 	}		
 	if (!state) {
 		log_info ("failover: listener: no matching state");
-		return omapi_disconnect ((omapi_object_t *)c, 1);
+		omapi_disconnect ((omapi_object_t *)c, 1);
+		return(ISC_R_NOTFOUND);
 	}
 
 	obj = (dhcp_failover_link_t *)0;