*** ./rpcb_stat.c-	Tue Aug 30 04:57:49 1994
--- ./rpcb_stat.c	Fri Sep  9 18:38:49 1994
***************
*** 121,127 ****
  			return;
  		if ((al->prog == prog) && (al->vers == vers) &&
  		    (strcmp(al->netid, netid) == 0)) {
! 			if ((uaddr == NULL) || (uaddr[0] == NULL))
  				al->failure++;
  			else
  				al->success++;
--- 121,127 ----
  			return;
  		if ((al->prog == prog) && (al->vers == vers) &&
  		    (strcmp(al->netid, netid) == 0)) {
! 			if ((uaddr == 0) || (uaddr[0] == 0))
  				al->failure++;
  			else
  				al->success++;
***************
*** 139,145 ****
  	al->prog = prog;
  	al->vers = vers;
  	al->netid = nconf->nc_netid;
! 	if ((uaddr == NULL) || (uaddr[0] == NULL)) {
  		al->failure = 1;
  		al->success = 0;
  	} else {
--- 139,145 ----
  	al->prog = prog;
  	al->vers = vers;
  	al->netid = nconf->nc_netid;
! 	if ((uaddr == 0) || (uaddr[0] == 0)) {
  		al->failure = 1;
  		al->success = 0;
  	} else {
*** ./pmap_svc.c-	Tue Aug 30 04:57:48 1994
--- ./pmap_svc.c	Fri Sep  9 18:34:52 1994
***************
*** 58,67 ****
  #include <sys/socket.h>
  #include <netdir.h>
  
  #ifndef INADDR_LOOPBACK		/* Some <netinet/in.h> files do not have this */
  #define	INADDR_LOOPBACK		(u_long)0x7F000001
  #endif
! static bool_t chklocal();
  static int getlocal();
  #endif  /* CHECK_LOCAL */
  
--- 58,69 ----
  #include <sys/socket.h>
  #include <netdir.h>
  
+ #include "rpcb_check.h"
+ 
  #ifndef INADDR_LOOPBACK		/* Some <netinet/in.h> files do not have this */
  #define	INADDR_LOOPBACK		(u_long)0x7F000001
  #endif
! bool_t chklocal();
  static int getlocal();
  #endif  /* CHECK_LOCAL */
  
***************
*** 87,92 ****
--- 89,99 ----
  #ifdef RPCBIND_DEBUG
  		fprintf(stderr, "PMAPPROC_NULL\n");
  #endif
+ 		/* Drop and report requests from random hosts. */
+ 		if (pmap_check(svc_getcaller(xprt), rqstp->rq_proc, 0) == 0) {
+ 			return;
+ 		}
+ 		pmap_log(TRUE, svc_getcaller(xprt), rqstp->rq_proc, 0);
  		if ((!svc_sendreply(xprt, (xdrproc_t) xdr_void, NULL)) &&
  			debugging) {
  			if (doabort) {
***************
*** 124,129 ****
--- 131,141 ----
  #ifdef RPCBIND_DEBUG
  		fprintf(stderr, "PMAPPROC_DUMP\n");
  #endif
+ 		/* Drop and report requests from random hosts. */
+ 		if (pmap_check(svc_getcaller(xprt), rqstp->rq_proc, 0) == 0) {
+ 			return;
+ 		}
+ 		pmap_log(TRUE, svc_getcaller(xprt), rqstp->rq_proc, 0);
  		pmapproc_dump(rqstp, xprt);
  		break;
  
***************
*** 139,144 ****
--- 151,161 ----
  		break;
  
  	default:
+ 		/* Drop and report requests from random hosts. */
+ 		if (pmap_check(svc_getcaller(xprt), rqstp->rq_proc, 0) == 0) {
+ 			return;
+ 		}
+ 		pmap_log(TRUE, svc_getcaller(xprt), rqstp->rq_proc, 0);
  		svcerr_noproc(xprt);
  		break;
  	}
***************
*** 250,255 ****
--- 267,274 ----
  		ans = FALSE;
  	}
  done_change:
+ 	/* Log permitted changes when verbose, log rejected changes always. */
+ 	pmap_log(ans, who, op, reg.pm_prog);
  	if ((!svc_sendreply(xprt, (xdrproc_t) xdr_long, (caddr_t) &ans)) &&
  	    debugging) {
  		fprintf(stderr, "portmap: svc_sendreply\n");
***************
*** 284,289 ****
--- 303,314 ----
  		svcerr_decode(xprt);
  		return (FALSE);
  	}
+ 	/* Drop and report requests from random hosts. */
+ 	if (pmap_check(svc_getcaller(xprt), rqstp->rq_proc, reg.pm_prog) == 0) {
+ 		return (FALSE);
+ 	}
+ 	pmap_log(TRUE, svc_getcaller(xprt), rqstp->rq_proc, reg.pm_prog);
+ 
  #ifdef RPCBIND_DEBUG
  	uaddr =  taddr2uaddr(rpcbind_get_conf(xprt->xp_netid),
  			    svc_getrpccaller(xprt));
***************
*** 370,376 ****
  static int num_local = -1;
  static struct in_addr addrs[MAX_LOCAL];
  
! static bool_t
  chklocal(taddr)
  	struct in_addr	taddr;
  {
--- 395,401 ----
  static int num_local = -1;
  static struct in_addr addrs[MAX_LOCAL];
  
! bool_t
  chklocal(taddr)
  	struct in_addr	taddr;
  {
*** ./rpcb_svc_4.c-	Tue Aug 30 04:57:50 1994
--- ./rpcb_svc_4.c	Fri Sep  9 18:45:51 1994
***************
*** 50,55 ****
--- 50,57 ----
  #include <stdlib.h>
  #include "rpcbind.h"
  
+ #include "rpcb_check.h"
+ 
  static void free_rpcb_entry_list();
  
  /*
***************
*** 74,79 ****
--- 76,87 ----
  
  	rpcbs_procinfo(RPCBVERS_4_STAT, rqstp->rq_proc);
  
+ 	/* Drop and report requests from random hosts. */
+ 	if (rpcb_check(transp, rqstp->rq_proc, 0) == 0) {
+ 		return;
+ 	}
+ 	rpcb_log(TRUE, transp, rqstp->rq_proc, 0);
+ 
  	switch (rqstp->rq_proc) {
  	case NULLPROC:
  		/*
***************
*** 250,256 ****
   * address of the caller.
   */
  /* ARGSUSED */
! static char **
  rpcbproc_getaddr_4(regp, rqstp, transp, rpcbversnum)
  	rpcb *regp;
  	struct svc_req *rqstp;	/* Not used here */
--- 258,264 ----
   * address of the caller.
   */
  /* ARGSUSED */
! char **
  rpcbproc_getaddr_4(regp, rqstp, transp, rpcbversnum)
  	rpcb *regp;
  	struct svc_req *rqstp;	/* Not used here */
***************
*** 279,285 ****
   * address of the caller.
   */
  /* ARGSUSED */
! static char **
  rpcbproc_getversaddr_4(regp, rqstp, transp)
  	rpcb *regp;
  	struct svc_req *rqstp;	/* Not used here */
--- 287,293 ----
   * address of the caller.
   */
  /* ARGSUSED */
! char **
  rpcbproc_getversaddr_4(regp, rqstp, transp)
  	rpcb *regp;
  	struct svc_req *rqstp;	/* Not used here */
***************
*** 304,310 ****
   * We return a merged address.
   */
  /* ARGSUSED */
! static rpcb_entry_list_ptr *
  rpcbproc_getaddrlist_4(regp, rqstp, transp)
  	rpcb *regp;
  	struct svc_req *rqstp;	/* Not used here */
--- 312,318 ----
   * We return a merged address.
   */
  /* ARGSUSED */
! rpcb_entry_list_ptr *
  rpcbproc_getaddrlist_4(regp, rqstp, transp)
  	rpcb *regp;
  	struct svc_req *rqstp;	/* Not used here */
***************
*** 425,431 ****
  }
  
  /* VARARGS */
! static rpcblist_ptr *
  rpcbproc_dump_4()
  {
  	return ((rpcblist_ptr *)&list_rbl);
--- 433,439 ----
  }
  
  /* VARARGS */
! rpcblist_ptr *
  rpcbproc_dump_4()
  {
  	return ((rpcblist_ptr *)&list_rbl);
*** ./rpcb_svc.c-	Tue Aug 30 04:57:49 1994
--- ./rpcb_svc.c	Fri Sep  9 18:41:05 1994
***************
*** 49,54 ****
--- 49,56 ----
  #include <stdlib.h>
  #include "rpcbind.h"
  
+ #include "rpcb_check.h"
+ 
  /*
   * Called by svc_getreqset. There is a separate server handle for
   * every transport that it waits on.
***************
*** 72,77 ****
--- 74,85 ----
  
  	rpcbs_procinfo((u_long) RPCBVERS_3_STAT, rqstp->rq_proc);
  
+ 	/* Drop and report requests from random hosts. */
+ 	if (rpcb_check(transp, rqstp->rq_proc, 0) == 0) {
+ 		return;
+ 	}
+ 	rpcb_log(TRUE, transp, rqstp->rq_proc, 0);
+ 
  	switch (rqstp->rq_proc) {
  	case NULLPROC:
  		/*
***************
*** 218,224 ****
   * address of the caller.
   */
  /* ARGSUSED */
! static char **
  rpcbproc_getaddr_3(regp, rqstp, transp)
  	RPCB *regp;
  	struct svc_req *rqstp;	/* Not used here */
--- 226,232 ----
   * address of the caller.
   */
  /* ARGSUSED */
! char **
  rpcbproc_getaddr_3(regp, rqstp, transp)
  	RPCB *regp;
  	struct svc_req *rqstp;	/* Not used here */
***************
*** 238,244 ****
  }
  
  /* ARGSUSED */
! static rpcblist_ptr *
  rpcbproc_dump_3()
  {
  	return ((rpcblist_ptr *)&list_rbl);
--- 246,252 ----
  }
  
  /* ARGSUSED */
! rpcblist_ptr *
  rpcbproc_dump_3()
  {
  	return ((rpcblist_ptr *)&list_rbl);
*** ./rpcbind.c-	Tue Aug 30 04:57:51 1994
--- ./rpcbind.c	Fri Sep  9 18:46:19 1994
***************
*** 125,131 ****
  			rl.rlim_cur = 128;
  		setrlimit(RLIMIT_NOFILE, &rl);
  	}
! 	openlog("rpcbind", LOG_CONS, LOG_DAEMON);
  	if (geteuid()) { /* This command allowed only to root */
  		fprintf(stderr, "Sorry. You are not superuser\n");
  		exit(1);
--- 125,131 ----
  			rl.rlim_cur = 128;
  		setrlimit(RLIMIT_NOFILE, &rl);
  	}
! 	openlog("rpcbind", LOG_CONS, FACILITY);
  	if (geteuid()) { /* This command allowed only to root */
  		fprintf(stderr, "Sorry. You are not superuser\n");
  		exit(1);
***************
*** 168,175 ****
  	}
  	endnetconfig(nc_handle);
  
! 	if ((loopback_dg[0] == NULL) && (loopback_vc[0] == NULL) &&
! 		(loopback_vc_ord[0] == NULL)) {
  		syslog(LOG_ERR, "could not find loopback transports");
  		exit(1);
  	}
--- 168,175 ----
  	}
  	endnetconfig(nc_handle);
  
! 	if ((loopback_dg[0] == 0) && (loopback_vc[0] == 0) &&
! 		(loopback_vc_ord[0] == 0)) {
  		syslog(LOG_ERR, "could not find loopback transports");
  		exit(1);
  	}
***************
*** 195,200 ****
--- 195,201 ----
  	} else {
  		detachfromtty();
  	}
+ 	rpcb_check_init();
  	my_svc_run();
  	syslog(LOG_ERR, "svc_run returned unexpectedly");
  	rpcbind_abort();
***************
*** 477,483 ****
  		PMAPLIST *pml;
  
  		if (!svc_register(my_xprt, PMAPPROG, PMAPVERS,
! 			pmap_service, NULL)) {
  			syslog(LOG_ERR, "could not register on %s",
  					nconf->nc_netid);
  			goto error;
--- 478,484 ----
  		PMAPLIST *pml;
  
  		if (!svc_register(my_xprt, PMAPPROG, PMAPVERS,
! 			pmap_service, 0)) {
  			syslog(LOG_ERR, "could not register on %s",
  					nconf->nc_netid);
  			goto error;
*** ./rpcb_svc_com.c-	Tue Aug 30 04:57:50 1994
--- ./rpcb_svc_com.c	Fri Sep  9 18:51:55 1994
***************
*** 56,61 ****
--- 56,68 ----
  #include <netdir.h>
  #include "rpcbind.h"
  
+ /* Be careful when forwarding requests to these services. */
+ #include <rpcsvc/yp_prot.h>
+ #include <rpcsvc/nfs_prot.h>
+ 
+ #define MOUNTPROG	((u_long) 100005)	/* XXX */
+ #define MOUNTPROC_MNT	((u_long) 1)		/* XXX */
+ 
  extern char *malloc();
  extern char *strdup(), *strcpy();
  extern int errno, t_errno;
***************
*** 713,741 ****
  		free((void *) uaddr);
  #endif
  	/*
! 	 * Disallow calling rpcbind for certain procedures.
! 	 * Luckily Portmap set/unset/callit also have same procedure numbers.
! 	 * So, will not check for those.
  	 */
! 	if (a.rmt_prog == RPCBPROG) {
! 		if ((a.rmt_proc == RPCBPROC_SET) ||
! 			(a.rmt_proc == RPCBPROC_UNSET) ||
! 			(a.rmt_proc == RPCBPROC_CALLIT)) {
! 			if (reply_type == RPCBPROC_INDIRECT)
! 				svcerr_weakauth(transp); /* XXX */
! 			if (debugging)
! 				fprintf(stderr,
! "rpcbproc_callit_com: calling RPCBPROG procs SET, UNSET, or CALLIT not \
! allowed\n");
  			goto error;
  		}
- 		/*
- 		 * Ideally, we should have called rpcb_service() or
- 		 * pmap_service() with appropriate parameters instead of
- 		 * going about in a roundabout manner.  Hopefully,
- 		 * this case should happen rarely.
- 		 */
- 	}
  	rbl = find_service(a.rmt_prog, a.rmt_vers, transp->xp_netid);
  
  	rpcbs_rmtcall(versnum - 2, reply_type, a.rmt_prog, a.rmt_vers,
--- 720,739 ----
  		free((void *) uaddr);
  #endif
  	/*
! 	 * Disallow forwarding spoofs.
  	 */
! 	if ((a.rmt_prog == RPCBPROG && (a.rmt_proc == RPCBPROC_SET
! 					|| a.rmt_proc == RPCBPROC_UNSET 
! #ifdef RPCBVERS4 /* V4 stuff */
! 					|| a.rmt_proc == RPCBPROC_INDIRECT
! #endif
! 					|| a.rmt_proc == RPCBPROC_CALLIT))
! 	|| a.rmt_prog == NFS_PROGRAM
! 	|| (a.rmt_prog == YPPROG && a.rmt_proc != YPPROC_DOMAIN_NONACK)
! 	|| (a.rmt_prog == MOUNTPROG && a.rmt_proc == MOUNTPROC_MNT)) {
! 		rpcb_log(FALSE, transp, RPCBPROC_CALLIT, a.rmt_prog);
  			goto error;
  	}
  	rbl = find_service(a.rmt_prog, a.rmt_vers, transp->xp_netid);
  
  	rpcbs_rmtcall(versnum - 2, reply_type, a.rmt_prog, a.rmt_vers,
***************
*** 1521,1527 ****
  /*
   * Add this to the pmap list only if it is UDP or TCP.
   */
! static int
  add_pmaplist(arg)
  	RPCB *arg;
  {
--- 1519,1525 ----
  /*
   * Add this to the pmap list only if it is UDP or TCP.
   */
! int
  add_pmaplist(arg)
  	RPCB *arg;
  {
***************
*** 1572,1578 ****
  /*
   * Delete this from the pmap list only if it is UDP or TCP.
   */
! static int
  del_pmaplist(arg)
  	RPCB *arg;
  {
--- 1570,1576 ----
  /*
   * Delete this from the pmap list only if it is UDP or TCP.
   */
! int
  del_pmaplist(arg)
  	RPCB *arg;
  {
***************
*** 1586,1592 ****
  	} else if (strcmp(arg->r_netid, tcptrans) == 0) {
  		/* It is TCP */
  		prot = IPPROTO_TCP;
! 	} else if (arg->r_netid[0] == NULL) {
  		prot = 0;	/* Remove all occurrences */
  	} else {
  		/* Not a IP protocol */
--- 1584,1590 ----
  	} else if (strcmp(arg->r_netid, tcptrans) == 0) {
  		/* It is TCP */
  		prot = IPPROTO_TCP;
! 	} else if (arg->r_netid[0] == 0) {
  		prot = 0;	/* Remove all occurrences */
  	} else {
  		/* Not a IP protocol */
*** ./Makefile-	Tue Aug 30 04:57:47 1994
--- ./Makefile	Sat Sep 10 19:50:00 1994
***************
*** 1,6 ****
  #
- #ident	"@(#)Makefile	1.12	94/08/23 SMI"
- #
  # Sun RPC is a product of Sun Microsystems, Inc. and is provided for
  # unrestricted use provided that this legend is included on all tape
  # media and as a part of the software program in whole or part.  Users
--- 1,4 ----
***************
*** 32,70 ****
  #ident	"@(#)Makefile	1.3	90/05/14 SMI"
  #
  # Copyright (c) 1989 by Sun Microsystems, Inc.
- #
- # cmd/rpcbind/Makefile
  
! PROG= rpcbind
  
  
  OBJS= check_bound.o pmap_svc.o rpcb_svc.o rpcb_svc_com.o rpcb_svc_4.o \
! 	 rpcb_stat.o rpcbind.o warmstart.o
  	
- 
  SRCS= $(OBJS:%.o=%.c)
  
! include ../Makefile.cmd
  
! CPPFLAGS= -I. -DPORTMAP $(CPPFLAGS.master)
! LDLIBS += -lrpc -lnsl -lcrypt -ldl
  
! .KEEP_STATE:
  
- all: $(PROG) 
- 
  $(PROG): $(OBJS)
! 	$(LINK.c) $(OBJS) -o $@ $(LDLIBS)
! 	$(POST_PROCESS)
  
! install: all $(DIRS) $(ROOTUSRSBINPROG)
  
! $(DIRS):
! 	$(INS.dir)
  
  clean:
! 	$(RM) $(OBJS)
  
  lint: lint_SRCS
  
! include ../Makefile.targ
--- 30,100 ----
  #ident	"@(#)Makefile	1.3	90/05/14 SMI"
  #
  # Copyright (c) 1989 by Sun Microsystems, Inc.
  
! # Preprocessor flags:
! #       FACILITY        The sylog message class.
! #       SEVERITY        Severity for verbose-mode logging.
! #       PORTMAP         Support the portmap protocol
! #       CHECK_LOCAL     Allow RPC procedures to be set and unset via
! #                       the portmap protocol.  Normally this is disallowed,
! #                       requiring sets/unsets to be done through the rpcbind
! #                       protocol, which is more secure through the use of the
! #                       loopback transport.  But it allows programs that use
! #                       the old rpc library to work with rpcbind.
! #       DEBUG           Enable a variety of debugging printouts.  Do not
! #                       detach from tty when running.
  
  
+ PROG= rpcbind
+ 
  OBJS= check_bound.o pmap_svc.o rpcb_svc.o rpcb_svc_com.o rpcb_svc_4.o \
! 	 rpcb_stat.o rpcbind.o warmstart.o rpcb_check.o
  
  SRCS= $(OBJS:%.o=%.c)
  
! FILES	= README Makefile check_bound.c pmap_svc.c rpcb_check.c rpcb_check.h \
! 	rpcb_stat.c rpcb_svc.c rpcb_svc_4.c rpcb_svc_com.c rpcbind.c \
! 	rpcbind.h warmstart.c Changes
  
! CPPFLAGS= -g -I. -DPORTMAP \
! 	-DCHECK_LOCAL \
! 	-DFACILITY=LOG_MAIL \
! 	-DSEVERITY=LOG_INFO
! LDLIBS = $(WRAP_DIR)/libwrap.a -lsocket -lnsl -ldl
  
! all: config-check $(PROG) $(TXTS)
  
  $(PROG): $(OBJS)
! 	$(CC) -g $(OBJS) -o $@ $(LDLIBS)
  
! config-check:
! 	@set +e; test -n "$(WRAP_DIR)" || { \
! 	    echo "Do a 'setenv WRAP_DIR /dir/with/libwrap.a' first." 1>&2; \
! 	    exit 1; \
! 	}
  
! Changes: pmap_svc.c rpcb_svc.c rpcb_svc_com.c rpcbind.c rpcb_svc_4.c rpcb_stat.c
! 	-(diff -c pmap_svc.c- pmap_svc.c; \
! 	diff -c rpcb_svc.c- rpcb_svc.c; \
! 	diff -c rpcb_svc_com.c- rpcb_svc_com.c; \
! 	diff -c rpcbind.c- rpcbind.c; \
! 	diff -c rpcb_stat.c- rpcb_stat.c; \
! 	diff -c rpcb_svc_4.c- rpcb_svc_4.c) >$@
  
+ shar: $(FILES)
+ 	@shar $(FILES)
+ 
  clean:
! 	$(RM) $(OBJS) $(PROG)
  
  lint: lint_SRCS
  
! check_bound.o : check_bound.c rpcbind.h 
! pmap_svc.o : pmap_svc.c 
! rpcb_check.o : rpcb_check.c rpcbind.h rpcb_check.h 
! rpcb_stat.o : rpcb_stat.c rpcbind.h 
! rpcb_svc.o : rpcb_svc.c rpcbind.h rpcb_check.h 
! rpcb_svc_4.o : rpcb_svc_4.c rpcbind.h 
! rpcb_svc_com.o : rpcb_svc_com.c rpcbind.h 
! rpcbind.o : rpcbind.c rpcbind.h 
! warmstart.o : warmstart.c rpcbind.h 
