|
|
89af843 |
commit 6e3f696e788a56f30b5b3f8250647fe4cd63c884
|
|
|
89af843 |
Author: Steve Dickson <steved@redhat.com>
|
|
|
89af843 |
Date: Sat Jan 3 14:08:25 2009 -0500
|
|
|
89af843 |
|
|
|
89af843 |
Now that the TCP wrapper actually works, mounts will
|
|
|
89af843 |
be denied with misconfigured DNS configurations. Warnings
|
|
|
89af843 |
will be logged when these types of configurations are
|
|
|
89af843 |
detected.
|
|
|
89af843 |
|
|
|
89af843 |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
89af843 |
|
|
|
89af843 |
diff -up nfs-utils-1.1.4/support/misc/tcpwrapper.c.orig nfs-utils-1.1.4/support/misc/tcpwrapper.c
|
|
|
89af843 |
--- nfs-utils-1.1.4/support/misc/tcpwrapper.c.orig 2009-01-03 13:02:15.000000000 -0500
|
|
|
89af843 |
+++ nfs-utils-1.1.4/support/misc/tcpwrapper.c 2009-01-03 14:05:42.000000000 -0500
|
|
|
89af843 |
@@ -48,6 +48,8 @@
|
|
|
89af843 |
#include <sys/stat.h>
|
|
|
89af843 |
#include <unistd.h>
|
|
|
89af843 |
|
|
|
89af843 |
+#include "xlog.h"
|
|
|
89af843 |
+
|
|
|
89af843 |
#ifdef SYSV40
|
|
|
89af843 |
#include <netinet/in.h>
|
|
|
89af843 |
#include <rpc/rpcent.h>
|
|
|
89af843 |
@@ -179,17 +181,27 @@ struct sockaddr_in *addr;
|
|
|
89af843 |
/* Now do the hostname lookup */
|
|
|
89af843 |
hp = gethostbyaddr ((const char *) &(addr->sin_addr),
|
|
|
89af843 |
sizeof (addr->sin_addr), AF_INET);
|
|
|
89af843 |
- if (!hp)
|
|
|
89af843 |
+ if (!hp) {
|
|
|
89af843 |
+ xlog(L_WARNING,
|
|
|
89af843 |
+ "Warning: Client IP address '%s' not found in host lookup",
|
|
|
89af843 |
+ inet_ntoa(addr->sin_addr));
|
|
|
89af843 |
return DENY; /* never heard of it. misconfigured DNS? */
|
|
|
89af843 |
+ }
|
|
|
89af843 |
|
|
|
89af843 |
/* Make sure the hostent is authorative. */
|
|
|
89af843 |
tmpname = strdup(hp->h_name);
|
|
|
89af843 |
- if (!tmpname)
|
|
|
89af843 |
+ if (!tmpname) {
|
|
|
89af843 |
+ xlog(L_WARNING, "Warning: No memory for Host access check");
|
|
|
89af843 |
return DENY;
|
|
|
89af843 |
+ }
|
|
|
89af843 |
hp = gethostbyname(tmpname);
|
|
|
89af843 |
- free(tmpname);
|
|
|
89af843 |
- if (!hp)
|
|
|
89af843 |
+ if (!hp) {
|
|
|
89af843 |
+ xlog(L_WARNING,
|
|
|
89af843 |
+ "Warning: Client hostname '%s' not found in host lookup", tmpname);
|
|
|
89af843 |
+ free(tmpname);
|
|
|
89af843 |
return DENY; /* never heard of it. misconfigured DNS? */
|
|
|
89af843 |
+ }
|
|
|
89af843 |
+ free(tmpname);
|
|
|
89af843 |
|
|
|
89af843 |
/* Now make sure the address is on the list */
|
|
|
89af843 |
for (sp = hp->h_addr_list ; *sp ; sp++) {
|