| @@ -1,14 +1,14 @@ | | | @@ -1,14 +1,14 @@ |
| 1 | /* $NetBSD: ypbind.c,v 1.91 2014/06/10 17:18:02 dholland Exp $ */ | | 1 | /* $NetBSD: ypbind.c,v 1.92 2014/06/10 17:18:18 dholland Exp $ */ |
| 2 | | | 2 | |
| 3 | /* | | 3 | /* |
| 4 | * Copyright (c) 1992, 1993 Theo de Raadt <deraadt@fsa.ca> | | 4 | * Copyright (c) 1992, 1993 Theo de Raadt <deraadt@fsa.ca> |
| 5 | * All rights reserved. | | 5 | * All rights reserved. |
| 6 | * | | 6 | * |
| 7 | * Redistribution and use in source and binary forms, with or without | | 7 | * Redistribution and use in source and binary forms, with or without |
| 8 | * modification, are permitted provided that the following conditions | | 8 | * modification, are permitted provided that the following conditions |
| 9 | * are met: | | 9 | * are met: |
| 10 | * 1. Redistributions of source code must retain the above copyright | | 10 | * 1. Redistributions of source code must retain the above copyright |
| 11 | * notice, this list of conditions and the following disclaimer. | | 11 | * notice, this list of conditions and the following disclaimer. |
| 12 | * 2. Redistributions in binary form must reproduce the above copyright | | 12 | * 2. Redistributions in binary form must reproduce the above copyright |
| 13 | * notice, this list of conditions and the following disclaimer in the | | 13 | * notice, this list of conditions and the following disclaimer in the |
| 14 | * documentation and/or other materials provided with the distribution. | | 14 | * documentation and/or other materials provided with the distribution. |
| @@ -18,27 +18,27 @@ | | | @@ -18,27 +18,27 @@ |
| 18 | * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | | 18 | * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
| 19 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY | | 19 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY |
| 20 | * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | | 20 | * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL |
| 21 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | | 21 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS |
| 22 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | | 22 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
| 23 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | | 23 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
| 24 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | | 24 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
| 25 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | | 25 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
| 26 | * SUCH DAMAGE. | | 26 | * SUCH DAMAGE. |
| 27 | */ | | 27 | */ |
| 28 | | | 28 | |
| 29 | #include <sys/cdefs.h> | | 29 | #include <sys/cdefs.h> |
| 30 | #ifndef LINT | | 30 | #ifndef LINT |
| 31 | __RCSID("$NetBSD: ypbind.c,v 1.91 2014/06/10 17:18:02 dholland Exp $"); | | 31 | __RCSID("$NetBSD: ypbind.c,v 1.92 2014/06/10 17:18:18 dholland Exp $"); |
| 32 | #endif | | 32 | #endif |
| 33 | | | 33 | |
| 34 | #include <sys/types.h> | | 34 | #include <sys/types.h> |
| 35 | #include <sys/param.h> | | 35 | #include <sys/param.h> |
| 36 | #include <sys/file.h> | | 36 | #include <sys/file.h> |
| 37 | #include <sys/ioctl.h> | | 37 | #include <sys/ioctl.h> |
| 38 | #include <sys/signal.h> | | 38 | #include <sys/signal.h> |
| 39 | #include <sys/socket.h> | | 39 | #include <sys/socket.h> |
| 40 | #include <sys/stat.h> | | 40 | #include <sys/stat.h> |
| 41 | #include <sys/syslog.h> | | 41 | #include <sys/syslog.h> |
| 42 | #include <sys/uio.h> | | 42 | #include <sys/uio.h> |
| 43 | #include <arpa/inet.h> | | 43 | #include <arpa/inet.h> |
| 44 | #include <net/if.h> | | 44 | #include <net/if.h> |
| @@ -332,50 +332,66 @@ purge_bindingdir(const char *dirpath) | | | @@ -332,50 +332,66 @@ purge_bindingdir(const char *dirpath) |
| 332 | if (unlinkedfiles) | | 332 | if (unlinkedfiles) |
| 333 | rewinddir(dirp); | | 333 | rewinddir(dirp); |
| 334 | | | 334 | |
| 335 | } while (unlinkedfiles); | | 335 | } while (unlinkedfiles); |
| 336 | | | 336 | |
| 337 | closedir(dirp); | | 337 | closedir(dirp); |
| 338 | return(0); | | 338 | return(0); |
| 339 | } | | 339 | } |
| 340 | | | 340 | |
| 341 | //////////////////////////////////////////////////////////// | | 341 | //////////////////////////////////////////////////////////// |
| 342 | // sunrpc twaddle | | 342 | // sunrpc twaddle |
| 343 | | | 343 | |
| 344 | /* | | 344 | /* |
| | | 345 | * Check if the info coming in is (at least somewhat) valid. |
| | | 346 | */ |
| | | 347 | static int |
| | | 348 | rpc_is_valid_response(char *name, struct sockaddr_in *addr) |
| | | 349 | { |
| | | 350 | if (name == NULL) { |
| | | 351 | return 0; |
| | | 352 | } |
| | | 353 | |
| | | 354 | if (_yp_invalid_domain(name)) { |
| | | 355 | return 0; |
| | | 356 | } |
| | | 357 | |
| | | 358 | /* don't support insecure servers by default */ |
| | | 359 | if (!insecure && ntohs(addr->sin_port) >= IPPORT_RESERVED) { |
| | | 360 | return 0; |
| | | 361 | } |
| | | 362 | |
| | | 363 | return 1; |
| | | 364 | } |
| | | 365 | |
| | | 366 | /* |
| 345 | * LOOPBACK IS MORE IMPORTANT: PUT IN HACK | | 367 | * LOOPBACK IS MORE IMPORTANT: PUT IN HACK |
| 346 | */ | | 368 | */ |
| 347 | static void | | 369 | static void |
| 348 | rpc_received(char *dom_name, struct sockaddr_in *raddrp, int force, | | 370 | rpc_received(char *dom_name, struct sockaddr_in *raddrp, int force, |
| 349 | int is_ypset) | | 371 | int is_ypset) |
| 350 | { | | 372 | { |
| 351 | struct domain *dom; | | 373 | struct domain *dom; |
| 352 | struct iovec iov[2]; | | 374 | struct iovec iov[2]; |
| 353 | struct ypbind_resp ybr; | | 375 | struct ypbind_resp ybr; |
| 354 | ssize_t result; | | 376 | ssize_t result; |
| 355 | int fd; | | 377 | int fd; |
| 356 | | | 378 | |
| 357 | DPRINTF("returned from %s about %s\n", | | 379 | DPRINTF("returned from %s about %s\n", |
| 358 | inet_ntoa(raddrp->sin_addr), dom_name); | | 380 | inet_ntoa(raddrp->sin_addr), dom_name); |
| 359 | | | 381 | |
| 360 | if (dom_name == NULL) | | 382 | if (!rpc_is_valid_response(dom_name, raddrp)) { |
| 361 | return; | | | |
| 362 | | | | |
| 363 | if (_yp_invalid_domain(dom_name)) | | | |
| 364 | return; | | | |
| 365 | | | | |
| 366 | /* don't support insecure servers by default */ | | | |
| 367 | if (!insecure && ntohs(raddrp->sin_port) >= IPPORT_RESERVED) | | | |
| 368 | return; | | 383 | return; |
| | | 384 | } |
| 369 | | | 385 | |
| 370 | for (dom = domains; dom != NULL; dom = dom->dom_next) | | 386 | for (dom = domains; dom != NULL; dom = dom->dom_next) |
| 371 | if (!strcmp(dom->dom_name, dom_name)) | | 387 | if (!strcmp(dom->dom_name, dom_name)) |
| 372 | break; | | 388 | break; |
| 373 | | | 389 | |
| 374 | if (dom == NULL) { | | 390 | if (dom == NULL) { |
| 375 | if (force == 0) | | 391 | if (force == 0) |
| 376 | return; | | 392 | return; |
| 377 | dom = domain_create(dom_name); | | 393 | dom = domain_create(dom_name); |
| 378 | } | | 394 | } |
| 379 | | | 395 | |
| 380 | if (is_ypset) { | | 396 | if (is_ypset) { |
| 381 | dom->dom_been_ypset = 1; | | 397 | dom->dom_been_ypset = 1; |