| @@ -1,14 +1,14 @@ | | | @@ -1,14 +1,14 @@ |
1 | /* $NetBSD: ypbind.c,v 1.91 2014/06/10 17:18:02 dholland Exp $ */ | | 1 | /* $NetBSD: ypbind.c,v 1.92 2014/06/10 17:18:18 dholland Exp $ */ |
2 | | | 2 | |
3 | /* | | 3 | /* |
4 | * Copyright (c) 1992, 1993 Theo de Raadt <deraadt@fsa.ca> | | 4 | * Copyright (c) 1992, 1993 Theo de Raadt <deraadt@fsa.ca> |
5 | * All rights reserved. | | 5 | * All rights reserved. |
6 | * | | 6 | * |
7 | * Redistribution and use in source and binary forms, with or without | | 7 | * Redistribution and use in source and binary forms, with or without |
8 | * modification, are permitted provided that the following conditions | | 8 | * modification, are permitted provided that the following conditions |
9 | * are met: | | 9 | * are met: |
10 | * 1. Redistributions of source code must retain the above copyright | | 10 | * 1. Redistributions of source code must retain the above copyright |
11 | * notice, this list of conditions and the following disclaimer. | | 11 | * notice, this list of conditions and the following disclaimer. |
12 | * 2. Redistributions in binary form must reproduce the above copyright | | 12 | * 2. Redistributions in binary form must reproduce the above copyright |
13 | * notice, this list of conditions and the following disclaimer in the | | 13 | * notice, this list of conditions and the following disclaimer in the |
14 | * documentation and/or other materials provided with the distribution. | | 14 | * documentation and/or other materials provided with the distribution. |
| @@ -18,27 +18,27 @@ | | | @@ -18,27 +18,27 @@ |
18 | * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | | 18 | * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
19 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY | | 19 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY |
20 | * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | | 20 | * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL |
21 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | | 21 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS |
22 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | | 22 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
23 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | | 23 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
24 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | | 24 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
25 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | | 25 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
26 | * SUCH DAMAGE. | | 26 | * SUCH DAMAGE. |
27 | */ | | 27 | */ |
28 | | | 28 | |
29 | #include <sys/cdefs.h> | | 29 | #include <sys/cdefs.h> |
30 | #ifndef LINT | | 30 | #ifndef LINT |
31 | __RCSID("$NetBSD: ypbind.c,v 1.91 2014/06/10 17:18:02 dholland Exp $"); | | 31 | __RCSID("$NetBSD: ypbind.c,v 1.92 2014/06/10 17:18:18 dholland Exp $"); |
32 | #endif | | 32 | #endif |
33 | | | 33 | |
34 | #include <sys/types.h> | | 34 | #include <sys/types.h> |
35 | #include <sys/param.h> | | 35 | #include <sys/param.h> |
36 | #include <sys/file.h> | | 36 | #include <sys/file.h> |
37 | #include <sys/ioctl.h> | | 37 | #include <sys/ioctl.h> |
38 | #include <sys/signal.h> | | 38 | #include <sys/signal.h> |
39 | #include <sys/socket.h> | | 39 | #include <sys/socket.h> |
40 | #include <sys/stat.h> | | 40 | #include <sys/stat.h> |
41 | #include <sys/syslog.h> | | 41 | #include <sys/syslog.h> |
42 | #include <sys/uio.h> | | 42 | #include <sys/uio.h> |
43 | #include <arpa/inet.h> | | 43 | #include <arpa/inet.h> |
44 | #include <net/if.h> | | 44 | #include <net/if.h> |
| @@ -332,50 +332,66 @@ purge_bindingdir(const char *dirpath) | | | @@ -332,50 +332,66 @@ purge_bindingdir(const char *dirpath) |
332 | if (unlinkedfiles) | | 332 | if (unlinkedfiles) |
333 | rewinddir(dirp); | | 333 | rewinddir(dirp); |
334 | | | 334 | |
335 | } while (unlinkedfiles); | | 335 | } while (unlinkedfiles); |
336 | | | 336 | |
337 | closedir(dirp); | | 337 | closedir(dirp); |
338 | return(0); | | 338 | return(0); |
339 | } | | 339 | } |
340 | | | 340 | |
341 | //////////////////////////////////////////////////////////// | | 341 | //////////////////////////////////////////////////////////// |
342 | // sunrpc twaddle | | 342 | // sunrpc twaddle |
343 | | | 343 | |
344 | /* | | 344 | /* |
| | | 345 | * Check if the info coming in is (at least somewhat) valid. |
| | | 346 | */ |
| | | 347 | static int |
| | | 348 | rpc_is_valid_response(char *name, struct sockaddr_in *addr) |
| | | 349 | { |
| | | 350 | if (name == NULL) { |
| | | 351 | return 0; |
| | | 352 | } |
| | | 353 | |
| | | 354 | if (_yp_invalid_domain(name)) { |
| | | 355 | return 0; |
| | | 356 | } |
| | | 357 | |
| | | 358 | /* don't support insecure servers by default */ |
| | | 359 | if (!insecure && ntohs(addr->sin_port) >= IPPORT_RESERVED) { |
| | | 360 | return 0; |
| | | 361 | } |
| | | 362 | |
| | | 363 | return 1; |
| | | 364 | } |
| | | 365 | |
| | | 366 | /* |
345 | * LOOPBACK IS MORE IMPORTANT: PUT IN HACK | | 367 | * LOOPBACK IS MORE IMPORTANT: PUT IN HACK |
346 | */ | | 368 | */ |
347 | static void | | 369 | static void |
348 | rpc_received(char *dom_name, struct sockaddr_in *raddrp, int force, | | 370 | rpc_received(char *dom_name, struct sockaddr_in *raddrp, int force, |
349 | int is_ypset) | | 371 | int is_ypset) |
350 | { | | 372 | { |
351 | struct domain *dom; | | 373 | struct domain *dom; |
352 | struct iovec iov[2]; | | 374 | struct iovec iov[2]; |
353 | struct ypbind_resp ybr; | | 375 | struct ypbind_resp ybr; |
354 | ssize_t result; | | 376 | ssize_t result; |
355 | int fd; | | 377 | int fd; |
356 | | | 378 | |
357 | DPRINTF("returned from %s about %s\n", | | 379 | DPRINTF("returned from %s about %s\n", |
358 | inet_ntoa(raddrp->sin_addr), dom_name); | | 380 | inet_ntoa(raddrp->sin_addr), dom_name); |
359 | | | 381 | |
360 | if (dom_name == NULL) | | 382 | if (!rpc_is_valid_response(dom_name, raddrp)) { |
361 | return; | | | |
362 | | | | |
363 | if (_yp_invalid_domain(dom_name)) | | | |
364 | return; | | | |
365 | | | | |
366 | /* don't support insecure servers by default */ | | | |
367 | if (!insecure && ntohs(raddrp->sin_port) >= IPPORT_RESERVED) | | | |
368 | return; | | 383 | return; |
| | | 384 | } |
369 | | | 385 | |
370 | for (dom = domains; dom != NULL; dom = dom->dom_next) | | 386 | for (dom = domains; dom != NULL; dom = dom->dom_next) |
371 | if (!strcmp(dom->dom_name, dom_name)) | | 387 | if (!strcmp(dom->dom_name, dom_name)) |
372 | break; | | 388 | break; |
373 | | | 389 | |
374 | if (dom == NULL) { | | 390 | if (dom == NULL) { |
375 | if (force == 0) | | 391 | if (force == 0) |
376 | return; | | 392 | return; |
377 | dom = domain_create(dom_name); | | 393 | dom = domain_create(dom_name); |
378 | } | | 394 | } |
379 | | | 395 | |
380 | if (is_ypset) { | | 396 | if (is_ypset) { |
381 | dom->dom_been_ypset = 1; | | 397 | dom->dom_been_ypset = 1; |