rpms/nfs-utils/F-10 nfs-utils-1.1.4-tcpwrap-warn.patch, NONE, 1.1 nfs-utils.spec, 1.196, 1.197

[Steve Dickson]

Author: steved

Update of /cvs/pkgs/rpms/nfs-utils/F-10
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv12845

Modified Files:
	nfs-utils.spec 
Added Files:
	nfs-utils-1.1.4-tcpwrap-warn.patch 
Log Message:
- Added warnings to tcp wrapper code when mounts are 
  denied due to misconfigured DNS configurations.


nfs-utils-1.1.4-tcpwrap-warn.patch:

--- NEW FILE nfs-utils-1.1.4-tcpwrap-warn.patch ---
commit 6e3f696e788a56f30b5b3f8250647fe4cd63c884
Author: Steve Dickson <steved at redhat.com>
Date:   Sat Jan 3 14:08:25 2009 -0500

    Now that the TCP wrapper actually works, mounts will
    be denied with misconfigured DNS configurations. Warnings
    will be logged when these types of configurations are
    detected.
    
    Signed-off-by: Steve Dickson <steved at redhat.com>

diff -up nfs-utils-1.1.4/support/misc/tcpwrapper.c.orig nfs-utils-1.1.4/support/misc/tcpwrapper.c
--- nfs-utils-1.1.4/support/misc/tcpwrapper.c.orig	2009-01-03 13:02:15.000000000 -0500
+++ nfs-utils-1.1.4/support/misc/tcpwrapper.c	2009-01-03 14:05:42.000000000 -0500
@@ -48,6 +48,8 @@
 #include <sys/stat.h>
 #include <unistd.h>
 
+#include "xlog.h"
+
 #ifdef SYSV40
 #include <netinet/in.h>
 #include <rpc/rpcent.h>
@@ -179,17 +181,27 @@ struct sockaddr_in *addr;
 	/* Now do the hostname lookup */
 	hp = gethostbyaddr ((const char *) &(addr->sin_addr),
 		sizeof (addr->sin_addr), AF_INET);
-	if (!hp)
+	if (!hp) {
+		xlog(L_WARNING, 
+			"Warning: Client IP address '%s' not found in host lookup",
+			inet_ntoa(addr->sin_addr));
 		return DENY; /* never heard of it. misconfigured DNS? */
+	}
 
 	/* Make sure the hostent is authorative. */
 	tmpname = strdup(hp->h_name);
-	if (!tmpname)
+	if (!tmpname) {
+		xlog(L_WARNING, "Warning: No memory for Host access check");
 		return DENY;
+	}
 	hp = gethostbyname(tmpname);
-	free(tmpname);
-	if (!hp)
+	if (!hp) {
+		xlog(L_WARNING, 
+			"Warning: Client hostname '%s' not found in host lookup", tmpname);
+		free(tmpname);
 		return DENY; /* never heard of it. misconfigured DNS? */
+	}
+	free(tmpname);
 
 	/* Now make sure the address is on the list */
 	for (sp = hp->h_addr_list ; *sp ; sp++) {


Index: nfs-utils.spec
===================================================================
RCS file: /cvs/pkgs/rpms/nfs-utils/F-10/nfs-utils.spec,v
retrieving revision 1.196
retrieving revision 1.197
diff -u -r1.196 -r1.197
--- nfs-utils.spec	20 Dec 2008 12:31:18 -0000	1.196
+++ nfs-utils.spec	5 Jan 2009 18:13:50 -0000	1.197
@@ -2,7 +2,7 @@
 Name: nfs-utils
 URL: http://sourceforge.net/projects/nfs
 Version: 1.1.4
-Release: 5%{?dist}
+Release: 6%{?dist}
 Epoch: 1
 
 # group all 32bit related archs
@@ -28,6 +28,7 @@
 Patch03: nfs-utils-1.1.4-sm-notify-typo.patch
 Patch04: nfs-utils-1.1.4-statd-unlink.patch
 Patch05: nfs-utils-1.1.4-tcpwrapper-update.patch
+Patch06: nfs-utils-1.1.4-tcpwrap-warn.patch
 
 %if %{enablefscache}
 Patch90: nfs-utils-1.1.0-mount-fsc.patch
@@ -84,6 +85,7 @@
 %patch03 -p1
 %patch04 -p1
 %patch05 -p1
+%patch06 -p1
 
 %if %{enablefscache}
 %patch90 -p1
@@ -247,6 +249,10 @@
 %attr(4755,root,root)   /sbin/umount.nfs4
 
 %changelog
+* Mon Jan  5 2009 Steve Dickson <steved at redhat.com> 1.1.4-6
+- Added warnings to tcp wrapper code when mounts are 
+  denied due to misconfigured DNS configurations.
+
 * Sat Dec 20 2008 Steve Dickson <steved at redhat.com> 1.1.4-5
 - Re-enabled and fixed/enhanced tcp wrappers.