rpms/nfs-utils/F-10 nfs-utils-1.1.4-tcpwrap-warn.patch, NONE, 1.1 nfs-utils.spec, 1.196, 1.197
Steve Dickson
steved at fedoraproject.org
Mon Jan 5 18:14:20 UTC 2009
- Previous message (by thread): rpms/thunderbird/F-8 .cvsignore, 1.22, 1.23 sources, 1.29, 1.30 thunderbird.spec, 1.117, 1.118
- Next message (by thread): rpms/nfs-utils/F-9 nfs-utils-1.1.2-tcpwrap-warn.patch, NONE, 1.1 nfs-utils.spec, 1.177, 1.178
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: steved
Update of /cvs/pkgs/rpms/nfs-utils/F-10
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv12845
Modified Files:
nfs-utils.spec
Added Files:
nfs-utils-1.1.4-tcpwrap-warn.patch
Log Message:
- Added warnings to tcp wrapper code when mounts are
denied due to misconfigured DNS configurations.
nfs-utils-1.1.4-tcpwrap-warn.patch:
--- NEW FILE nfs-utils-1.1.4-tcpwrap-warn.patch ---
commit 6e3f696e788a56f30b5b3f8250647fe4cd63c884
Author: Steve Dickson <steved at redhat.com>
Date: Sat Jan 3 14:08:25 2009 -0500
Now that the TCP wrapper actually works, mounts will
be denied with misconfigured DNS configurations. Warnings
will be logged when these types of configurations are
detected.
Signed-off-by: Steve Dickson <steved at redhat.com>
diff -up nfs-utils-1.1.4/support/misc/tcpwrapper.c.orig nfs-utils-1.1.4/support/misc/tcpwrapper.c
--- nfs-utils-1.1.4/support/misc/tcpwrapper.c.orig 2009-01-03 13:02:15.000000000 -0500
+++ nfs-utils-1.1.4/support/misc/tcpwrapper.c 2009-01-03 14:05:42.000000000 -0500
@@ -48,6 +48,8 @@
#include <sys/stat.h>
#include <unistd.h>
+#include "xlog.h"
+
#ifdef SYSV40
#include <netinet/in.h>
#include <rpc/rpcent.h>
@@ -179,17 +181,27 @@ struct sockaddr_in *addr;
/* Now do the hostname lookup */
hp = gethostbyaddr ((const char *) &(addr->sin_addr),
sizeof (addr->sin_addr), AF_INET);
- if (!hp)
+ if (!hp) {
+ xlog(L_WARNING,
+ "Warning: Client IP address '%s' not found in host lookup",
+ inet_ntoa(addr->sin_addr));
return DENY; /* never heard of it. misconfigured DNS? */
+ }
/* Make sure the hostent is authorative. */
tmpname = strdup(hp->h_name);
- if (!tmpname)
+ if (!tmpname) {
+ xlog(L_WARNING, "Warning: No memory for Host access check");
return DENY;
+ }
hp = gethostbyname(tmpname);
- free(tmpname);
- if (!hp)
+ if (!hp) {
+ xlog(L_WARNING,
+ "Warning: Client hostname '%s' not found in host lookup", tmpname);
+ free(tmpname);
return DENY; /* never heard of it. misconfigured DNS? */
+ }
+ free(tmpname);
/* Now make sure the address is on the list */
for (sp = hp->h_addr_list ; *sp ; sp++) {
Index: nfs-utils.spec
===================================================================
RCS file: /cvs/pkgs/rpms/nfs-utils/F-10/nfs-utils.spec,v
retrieving revision 1.196
retrieving revision 1.197
diff -u -r1.196 -r1.197
--- nfs-utils.spec 20 Dec 2008 12:31:18 -0000 1.196
+++ nfs-utils.spec 5 Jan 2009 18:13:50 -0000 1.197
@@ -2,7 +2,7 @@
Name: nfs-utils
URL: http://sourceforge.net/projects/nfs
Version: 1.1.4
-Release: 5%{?dist}
+Release: 6%{?dist}
Epoch: 1
# group all 32bit related archs
@@ -28,6 +28,7 @@
Patch03: nfs-utils-1.1.4-sm-notify-typo.patch
Patch04: nfs-utils-1.1.4-statd-unlink.patch
Patch05: nfs-utils-1.1.4-tcpwrapper-update.patch
+Patch06: nfs-utils-1.1.4-tcpwrap-warn.patch
%if %{enablefscache}
Patch90: nfs-utils-1.1.0-mount-fsc.patch
@@ -84,6 +85,7 @@
%patch03 -p1
%patch04 -p1
%patch05 -p1
+%patch06 -p1
%if %{enablefscache}
%patch90 -p1
@@ -247,6 +249,10 @@
%attr(4755,root,root) /sbin/umount.nfs4
%changelog
+* Mon Jan 5 2009 Steve Dickson <steved at redhat.com> 1.1.4-6
+- Added warnings to tcp wrapper code when mounts are
+ denied due to misconfigured DNS configurations.
+
* Sat Dec 20 2008 Steve Dickson <steved at redhat.com> 1.1.4-5
- Re-enabled and fixed/enhanced tcp wrappers.
- Previous message (by thread): rpms/thunderbird/F-8 .cvsignore, 1.22, 1.23 sources, 1.29, 1.30 thunderbird.spec, 1.117, 1.118
- Next message (by thread): rpms/nfs-utils/F-9 nfs-utils-1.1.2-tcpwrap-warn.patch, NONE, 1.1 nfs-utils.spec, 1.177, 1.178
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list