diff options
author | Doug Rabson <dfr@FreeBSD.org> | 2008-11-13 14:36:52 +0000 |
---|---|---|
committer | Doug Rabson <dfr@FreeBSD.org> | 2008-11-13 14:36:52 +0000 |
commit | 36b83ac1b0d1c396095771755a3ed13a0da307ea (patch) | |
tree | 79b8914f161da5a467f67c10ef4013dae5d923dd | |
parent | 0eec5c87bfad5acce401e684a54a265a969783b4 (diff) | |
download | src-test2-36b83ac1b0d1c396095771755a3ed13a0da307ea.tar.gz src-test2-36b83ac1b0d1c396095771755a3ed13a0da307ea.zip |
Notes
-rw-r--r-- | sys/nfsserver/nfs_srvkrpc.c | 46 | ||||
-rw-r--r-- | sys/xdr/xdr_mbuf.c | 1 |
2 files changed, 45 insertions, 2 deletions
diff --git a/sys/nfsserver/nfs_srvkrpc.c b/sys/nfsserver/nfs_srvkrpc.c index 1cea46577085..e52ac03a403a 100644 --- a/sys/nfsserver/nfs_srvkrpc.c +++ b/sys/nfsserver/nfs_srvkrpc.c @@ -348,19 +348,61 @@ nfssvc_program(struct svc_req *rqst, SVCXPRT *xprt) nfs_realign(&mreq); /* - * Note: we want rq_addr, not svc_getrpccaller - + * Note: we want rq_addr, not svc_getrpccaller for nd_nam2 - * NFS_SRVMAXDATA uses a NULL value for nd_nam2 to detect TCP * mounts. */ memset(&nd, 0, sizeof(nd)); nd.nd_md = nd.nd_mrep = mreq; nd.nd_dpos = mtod(mreq, caddr_t); - nd.nd_nam = (struct sockaddr *) &xprt->xp_ltaddr; + nd.nd_nam = svc_getrpccaller(rqst); nd.nd_nam2 = rqst->rq_addr; nd.nd_procnum = procnum; nd.nd_cr = NULL; nd.nd_flag = flag; + if (nfs_privport) { + /* Check if source port is privileged */ + u_short port; + struct sockaddr *nam = nd.nd_nam; + struct sockaddr_in *sin; + + sin = (struct sockaddr_in *)nam; + /* + * INET/INET6 - same code: + * sin_port and sin6_port are at same offset + */ + port = ntohs(sin->sin_port); + if (port >= IPPORT_RESERVED && + nd.nd_procnum != NFSPROC_NULL) { +#ifdef INET6 + char b6[INET6_ADDRSTRLEN]; +#if defined(KLD_MODULE) + /* Do not use ip6_sprintf: the nfs module should work without INET6. */ +#define ip6_sprintf(buf, a) \ + (sprintf((buf), "%x:%x:%x:%x:%x:%x:%x:%x", \ + (a)->s6_addr16[0], (a)->s6_addr16[1], \ + (a)->s6_addr16[2], (a)->s6_addr16[3], \ + (a)->s6_addr16[4], (a)->s6_addr16[5], \ + (a)->s6_addr16[6], (a)->s6_addr16[7]), \ + (buf)) +#endif +#endif + printf("NFS request from unprivileged port (%s:%d)\n", +#ifdef INET6 + sin->sin_family == AF_INET6 ? + ip6_sprintf(b6, &satosin6(sin)->sin6_addr) : +#if defined(KLD_MODULE) +#undef ip6_sprintf +#endif +#endif + inet_ntoa(sin->sin_addr), port); + svcerr_weakauth(rqst); + svc_freereq(rqst); + return; + } + } + if (proc != nfsrv_null) { if (!svc_getcred(rqst, &nd.nd_cr, &nd.nd_credflavor)) { svcerr_weakauth(rqst); diff --git a/sys/xdr/xdr_mbuf.c b/sys/xdr/xdr_mbuf.c index 8ebd35b081ba..ab79e19e29a1 100644 --- a/sys/xdr/xdr_mbuf.c +++ b/sys/xdr/xdr_mbuf.c @@ -65,6 +65,7 @@ void xdrmbuf_create(XDR *xdrs, struct mbuf *m, enum xdr_op op) { + KASSERT(m != NULL, ("xdrmbuf_create with NULL mbuf chain")); xdrs->x_op = op; xdrs->x_ops = &xdrmbuf_ops; xdrs->x_base = (char *) m; |