diff options
| author |   otto <otto@openbsd.org> | 2007-01-02 20:12:01 +0000 |
|---|---|---|
| committer | otto <otto@openbsd.org> | 2007-01-02 20:12:01 +0000 |
| commit | 96724a9ea624380bfcdeffee8b2ecc37d4c70e71 (patch) | |
| tree | a1144b276545cb6536ef8ebb3920ee9bcaa99ca3 /usr.sbin/ypbind | |
| parent | Fix setting up the more specific binding for the ypsetme (diff) | |
| download | wireguard-openbsd-96724a9ea624380bfcdeffee8b2ecc37d4c70e71.tar.xz wireguard-openbsd-96724a9ea624380bfcdeffee8b2ecc37d4c70e71.zip | |
return proper server error on failed ypset. Inspired by freebsd; ok
deraadt@
Diffstat (limited to 'usr.sbin/ypbind')
| -rw-r--r-- | usr.sbin/ypbind/ypbind.c | 32 |
1 files changed, 19 insertions, 13 deletions
diff --git a/usr.sbin/ypbind/ypbind.c b/usr.sbin/ypbind/ypbind.c index 07731ffbece..34784cf0481 100644 --- a/usr.sbin/ypbind/ypbind.c +++ b/usr.sbin/ypbind/ypbind.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ypbind.c,v 1.54 2007/01/02 20:10:48 otto Exp $ */ +/* $OpenBSD: ypbind.c,v 1.55 2007/01/02 20:12:01 otto Exp $ */ /* * Copyright (c) 1992, 1993, 1996, 1997, 1998 Theo de Raadt <deraadt@openbsd.org> @@ -27,7 +27,7 @@ */ #ifndef lint -static char rcsid[] = "$OpenBSD: ypbind.c,v 1.54 2007/01/02 20:10:48 otto Exp $"; +static char rcsid[] = "$OpenBSD: ypbind.c,v 1.55 2007/01/02 20:12:01 otto Exp $"; #endif #include <sys/param.h> @@ -221,32 +221,39 @@ static bool_t * ypbindproc_setdom_2x(SVCXPRT *transp, struct ypbind_setdom *argp, CLIENT *clnt) { struct sockaddr_in *fromsin, bindsin; - static bool_t res; + static bool_t res = 1; - memset(&res, 0, sizeof(res)); fromsin = svc_getcaller(transp); switch (ypsetmode) { case YPSET_LOCAL: if (transp != ludptransp && transp != ltcptransp) { syslog(LOG_WARNING, "attempted spoof of ypsetme"); - return (bool_t *)NULL; + svcerr_weakauth(transp); + return NULL; + } + if (fromsin->sin_addr.s_addr != htonl(INADDR_LOOPBACK)) { + svcerr_weakauth(transp); + return NULL; } - if (fromsin->sin_addr.s_addr != htonl(INADDR_LOOPBACK)) - return (bool_t *)NULL; break; case YPSET_ALL: break; case YPSET_NO: default: - return &res; + svcerr_weakauth(transp); + return NULL; } - if (ntohs(fromsin->sin_port) >= IPPORT_RESERVED) - return &res; + if (ntohs(fromsin->sin_port) >= IPPORT_RESERVED) { + svcerr_weakauth(transp); + return NULL; + } - if (argp->ypsetdom_vers != YPVERS) - return &res; + if (argp->ypsetdom_vers != YPVERS) { + svcerr_noprog(transp); + return NULL; + } memset(&bindsin, 0, sizeof bindsin); bindsin.sin_family = AF_INET; @@ -257,7 +264,6 @@ ypbindproc_setdom_2x(SVCXPRT *transp, struct ypbind_setdom *argp, CLIENT *clnt) sizeof(argp->ypsetdom_binding.ypbind_binding_port)); rpc_received(argp->ypsetdom_domain, &bindsin, 1); - res = 1; return &res; } |