Fix the handling of connection requests on the failover port.

Previously a connection request from a source that wasn't
listed as a failover peer would cause the server to become
non-responsive.  [ISC-Bugs #22679]
CERT: VU#159528 CVE: CVE-2010-3616

diff --git a/RELNOTES b/RELNOTES
index 028b81694684ecfc881f12d84cba5f47158044f4..af906bf279ff319762a3be014ce0420e840a7c32 100644 (file)
--- a/RELNOTES
+++ b/RELNOTES
@@ -150,6 +150,12 @@ work on other platforms. Please report any problems and suggested fixes to
   as a hex list.  We shall investigate other ways of displaying time
   values more usefully.  [ISC-Bugs #22626]
 
+! Fix the handling of connection requests on the failover port.
+  Previously a connection request from a source that wasn't
+  listed as a failover peer would cause the server to become
+  non-responsive.  [ISC-Bugs #22679]
+  CERT: VU#159528 CVE: CVE-2010-3616 
+
                        Changes since 4.2.0b2
 
 - Add declaration for variable in debug code in alloc.c.  [ISC-Bugs #21472]

diff --git a/server/failover.c b/server/failover.c
index 53957bb1a75cbf937296b06600ea8a07418cef5c..1dbcc1d101e9c8836dc145ae3400b33b85847941 100644 (file)
--- a/server/failover.c
+++ b/server/failover.c
@@ -3,7 +3,7 @@
    Failover protocol support code... */
 
 /*
- * Copyright (c) 2004-2009 by Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (c) 2004-2010 by Internet Systems Consortium, Inc. ("ISC")
  * Copyright (c) 1999-2003 by Internet Software Consortium
  *
  * Permission to use, copy, modify, and distribute this software for any
@@ -1101,7 +1101,8 @@ isc_result_t dhcp_failover_listener_signal (omapi_object_t *o,
        }               
        if (!state) {
                log_info ("failover: listener: no matching state");
-               return omapi_disconnect ((omapi_object_t *)c, 1);
+               omapi_disconnect ((omapi_object_t *)c, 1);
+               return(ISC_R_NOTFOUND);
        }
 
        obj = (dhcp_failover_link_t *)0;