From b0317d31d98b17cd8b9b5d29f438191ac045cd33 Mon Sep 17 00:00:00 2001
From: Rainer Gerhards <rgerhards@adiscon.com>
Date: Mon, 8 Dec 2008 12:26:36 +0100
Subject: backport of $AllowedSender security fix

- security bugfix: $AllowedSender was not honored, all senders were
  permitted instead (see http://www.rsyslog.com/Article322.phtml)
  (backport from v3-stable, v3.20.9)
- minor bugfix: dual close() call on tcp session closure
---
 plugins/imtcp/imtcp.c | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

(limited to 'plugins/imtcp/imtcp.c')

diff --git a/plugins/imtcp/imtcp.c b/plugins/imtcp/imtcp.c
index 7baa95f2..9b4d49f5 100644
--- a/plugins/imtcp/imtcp.c
+++ b/plugins/imtcp/imtcp.c
@@ -66,7 +66,7 @@ static int
 isPermittedHost(struct sockaddr *addr, char *fromHostFQDN, void __attribute__((unused)) *pUsrSrv,
 	        void __attribute__((unused)) *pUsrSess)
 {
-	return net.isAllowedSender(net.pAllowedSenders_TCP, addr, fromHostFQDN);
+	return net.isAllowedSender((uchar*) "TCP", addr, fromHostFQDN);
 }
 
 
@@ -158,10 +158,7 @@ ENDwillRun
 BEGINafterRun
 CODESTARTafterRun
 	/* do cleanup here */
-	if(net.pAllowedSenders_TCP != NULL) {
-		net.clearAllowedSenders(net.pAllowedSenders_TCP);
-		net.pAllowedSenders_TCP = NULL;
-	}
+	net.clearAllowedSenders((char*)"TCP");
 ENDafterRun
 
 
-- 
cgit v1.2.3