s3-winbind: make the getpeername() checks in cm_prepare_connection IPv6 aware.

Note that this failure was hard to track, as winbind did only log a super helpful
"cm_prepare_connection: Success" debug message.

IPv6 gurus, please check

Successfully tested in two independent IPv6 networks now.

Guenther
(cherry picked from commit 14ac2bb36ee22be6133ca1d069dc5de6c1891f47)
(cherry picked from commit 43e4323d4a009c2b18be090f183dfd8c9f561fed)

1 files changed, 25 insertions, 5 deletions

diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c
index 670e4941ba3..a0b4c9cd4ab 100644
--- a/source3/winbindd/winbindd_cm.c
+++ b/source3/winbindd/winbindd_cm.c
@@ -794,11 +794,31 @@ static NTSTATUS cm_prepare_connection(const struct winbindd_domain *domain,
 
 	peeraddr_len = sizeof(peeraddr);
 
-	if ((getpeername((*cli)->fd, &peeraddr, &peeraddr_len) != 0) ||
-	    (peeraddr_len != sizeof(struct sockaddr_in)) ||
-	    (peeraddr_in->sin_family != PF_INET))
-	{
-		DEBUG(0,("cm_prepare_connection: %s\n", strerror(errno)));
+	if ((getpeername((*cli)->fd, &peeraddr, &peeraddr_len) != 0)) {
+		DEBUG(0,("cm_prepare_connection: getpeername failed with: %s\n",
+			strerror(errno)));
+		result = NT_STATUS_UNSUCCESSFUL;
+		goto done;
+	}
+
+	if ((peeraddr_len != sizeof(struct sockaddr_in))
+#ifdef HAVE_IPV6
+	    && (peeraddr_len != sizeof(struct sockaddr_in6))
+#endif
+	    ) {
+		DEBUG(0,("cm_prepare_connection: got unexpected peeraddr len %d\n",
+			peeraddr_len));
+		result = NT_STATUS_UNSUCCESSFUL;
+		goto done;
+	}
+
+	if ((peeraddr_in->sin_family != PF_INET)
+#ifdef HAVE_IPV6
+	    && (peeraddr_in->sin_family != PF_INET6)
+#endif
+	    ) {
+		DEBUG(0,("cm_prepare_connection: got unexpected family %d\n",
+			peeraddr_in->sin_family));
 		result = NT_STATUS_UNSUCCESSFUL;
 		goto done;
 	}