From 5c6ccb2d8f564ddfa3fff267b776036a0539b3b0 Mon Sep 17 00:00:00 2001 From: Remi Collet Date: Thu, 20 Nov 2014 15:14:34 +0100 Subject: [PATCH] Fix bug #68463 listen.allowed_clients can silently result in no allowed access Add a "There are no allowed addresses for this pool" --- sapi/fpm/fpm/fastcgi.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/sapi/fpm/fpm/fastcgi.c b/sapi/fpm/fpm/fastcgi.c index 36e37b79d3..d2764a59b7 100644 --- a/sapi/fpm/fpm/fastcgi.c +++ b/sapi/fpm/fpm/fastcgi.c @@ -280,6 +280,10 @@ void fcgi_set_allowed_clients(char *ip) } allowed_clients[n].sa.sa_family = 0; free(ip); + if (!n) { + zlog(ZLOG_ERROR, "There are no allowed addresses for this pool"); + /* don't clear allowed_clients as it will create an "open for all" security issue */ + } } } -- 2.40.0