finally got sick of the "extern int Client" code and the stupid

assumption that we have one socket everywhere

while doing so I discovered a few bugs!

1) the clientgen session retarget code if used from smbd or nmbd would
cause a crash as it called close_sockets() which closed our main
socket! fixed by removing close_sockets() completely - it is unnecessary

2) the caching in client_addr() and client_name() was bogus - it could
easily get fooled and give the wrong result. fixed.

3) the retarget could could recurse, allowing an easy denial of
service attack on nmbd. fixed.

1 files changed, 3 insertions, 3 deletions

diff --git a/source/web/cgi.c b/source/web/cgi.c
index b33feb30c25..ea73a0f1a70 100644
--- a/source/web/cgi.c
+++ b/source/web/cgi.c
@@ -504,7 +504,7 @@ void cgi_setup(char *rootdir, int auth_required)
 	f = sys_fopen("/tmp/cgi.log", "a");
 	if (f) fprintf(f,"\n[Date: %s   %s (%s)]\n", 
 		       http_timestring(time(NULL)),
-		       client_name(1), client_addr(1));
+		       get_socket_name(1), get_socket_addr(1));
 #endif
 
 	/* we are a mini-web server. We need to read the request from stdin
@@ -604,7 +604,7 @@ return the hostname of the client
 char *cgi_remote_host(void)
 {
 	if (inetd_server) {
-		return client_name(1);
+		return get_socket_name(1);
 	}
 	return getenv("REMOTE_HOST");
 }
@@ -615,7 +615,7 @@ return the hostname of the client
 char *cgi_remote_addr(void)
 {
 	if (inetd_server) {
-		return client_addr(1);
+		return get_socket_addr(1);
 	}
 	return getenv("REMOTE_ADDR");
 }