diff options
author | Chuck Lever <chuck.lever@oracle.com> | 2010-01-14 12:23:42 -0500 |
---|---|---|
committer | Steve Dickson <steved@redhat.com> | 2010-01-15 14:55:51 -0500 |
commit | d5836a3c08b1b43afc78b18e0c06bab6d89be3b1 (patch) | |
tree | 65bf80544e1a9d023a6f905bbbfd4279db567178 /utils | |
parent | d1f7c031ee37a7b962777e18dd46cb79b806e1c3 (diff) | |
download | nfs-utils-d5836a3c08b1b43afc78b18e0c06bab6d89be3b1.tar.gz nfs-utils-d5836a3c08b1b43afc78b18e0c06bab6d89be3b1.tar.xz nfs-utils-d5836a3c08b1b43afc78b18e0c06bab6d89be3b1.zip |
statd: Support IPv6 in sm_simu_crash_1_svc
Ensure that SM_SIMU_CRASH does not allow non-AF_INET callers to
bypass the localhost check.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Diffstat (limited to 'utils')
-rw-r--r-- | utils/statd/simu.c | 35 |
1 files changed, 19 insertions, 16 deletions
diff --git a/utils/statd/simu.c b/utils/statd/simu.c index 7df04d9..825e428 100644 --- a/utils/statd/simu.c +++ b/utils/statd/simu.c @@ -8,8 +8,10 @@ #include <config.h> #endif +#include <netdb.h> #include <arpa/inet.h> +#include "sockaddr.h" #include "rpcmisc.h" #include "statd.h" #include "notlist.h" @@ -19,30 +21,25 @@ extern void my_svc_exit (void); /* * Services SM_SIMU_CRASH requests. + * + * Although the kernel contacts the statd service via only IPv4 + * transports, the statd service can receive other requests, such + * as SM_NOTIFY, from remote peers via IPv6. */ void * -sm_simu_crash_1_svc (void *argp, struct svc_req *rqstp) +sm_simu_crash_1_svc (__attribute__ ((unused)) void *argp, struct svc_req *rqstp) { - struct sockaddr_in *sin = nfs_getrpccaller_in(rqstp->rq_xprt); + struct sockaddr *sap = nfs_getrpccaller(rqstp->rq_xprt); + char buf[INET6_ADDRSTRLEN]; static char *result = NULL; - struct in_addr caller; xlog(D_CALL, "Received SM_SIMU_CRASH"); - if (sin->sin_family != AF_INET) { - xlog_warn("Call to statd from non-AF_INET address"); - goto failure; - } + if (!nfs_is_v4_loopback(sap)) + goto out_nonlocal; - caller = sin->sin_addr; - if (caller.s_addr != htonl(INADDR_LOOPBACK)) { - xlog_warn("Call to statd from non-local host %s", - inet_ntoa(caller)); - goto failure; - } - - if (ntohs(sin->sin_port) >= 1024) { - xlog_warn("Call to statd-simu-crash from unprivileged port"); + if ((int)nfs_get_port(sap) >= IPPORT_RESERVED) { + xlog_warn("SM_SIMU_CRASH call from unprivileged port"); goto failure; } @@ -54,4 +51,10 @@ sm_simu_crash_1_svc (void *argp, struct svc_req *rqstp) failure: return ((void *)&result); + + out_nonlocal: + if (!statd_present_address(sap, buf, sizeof(buf))) + buf[0] = '\0'; + xlog_warn("SM_SIMU_CRASH call from non-local host %s", buf); + goto failure; } |