#include "nfslib.h"
#include "exportfs.h"
#include "mountd.h"
+#include "xmalloc.h"
enum auth_error
{
not_exported,
illegal_port,
faked_hostent,
+ no_forward_dns,
success
};
}
auth_fixpath(path);
- if (!(*hpp = gethostbyaddr((const char *)&addr, sizeof(addr), AF_INET)))
- *hpp = get_hostent((const char *)&addr, sizeof(addr),
- AF_INET);
- else {
+ /* First try it w/o doing a hostname lookup... */
+ *hpp = get_hostent((const char *)&addr, sizeof(addr), AF_INET);
+ exp = export_find(*hpp, path);
+
+ if (!exp) {
+ /* Ok, that didn't fly. Try it with a reverse lookup. */
+ free (*hpp);
+ *hpp = gethostbyaddr((const char *)&addr, sizeof(addr),
+ AF_INET);
+ if (!(*hpp)) {
+ *error = no_entry;
+ *hpp = get_hostent((const char *)&addr, sizeof(addr), AF_INET);
+ return NULL;
+ } else {
/* must make sure the hostent is authorative. */
- char *name = strdup((*hpp)->h_name);
char **sp;
- *hpp = gethostbyname(name);
- /* now make sure the "addr" is in the list */
- for (sp = (*hpp)->h_addr_list ; *sp ; sp++) {
- if (memcmp(*sp, &addr, (*hpp)->h_length)==0)
- break;
+ struct hostent *forward = NULL;
+ char *tmpname;
+
+ *hpp = hostent_dup (*hpp);
+ tmpname = xstrdup((*hpp)->h_name);
+ if (tmpname) {
+ forward = gethostbyname(tmpname);
+ free(tmpname);
}
+ if (forward) {
+ /* now make sure the "addr" is in the list */
+ for (sp = forward->h_addr_list ; *sp ; sp++) {
+ if (memcmp(*sp, &addr, forward->h_length)==0)
+ break;
+ }
- if (!*sp) {
- free(name);
- /* it was a FAKE */
- *error = faked_hostent;
- *hpp = NULL;
+ if (!*sp) {
+ /* it was a FAKE */
+ *error = faked_hostent;
+ return NULL;
+ }
+ free (*hpp);
+ *hpp = hostent_dup (forward);
+ }
+ else {
+ /* never heard of it. misconfigured DNS? */
+ *error = no_forward_dns;
return NULL;
}
- *hpp = hostent_dup (*hpp);
- free(name);
- }
+ }
- if (!(exp = export_find(*hpp, path))) {
+ if (!(exp = export_find(*hpp, path))) {
*error = no_entry;
return NULL;
+ }
}
+
if (!exp->m_mayexport) {
*error = not_exported;
return NULL;
break;
case faked_hostent:
- xlog(L_WARNING, "refused %s request from %s for %s (%s): faked hostent",
- what, inet_ntoa(addr), path, epath);
+ xlog(L_WARNING, "refused %s request from %s (%s) for %s (%s): DNS forward lookup does't match with reverse",
+ what, inet_ntoa(addr), hp->h_name, path, epath);
+ break;
+
+ case no_forward_dns:
+ xlog(L_WARNING, "refused %s request from %s (%s) for %s (%s): no DNS forward lookup",
+ what, inet_ntoa(addr), hp->h_name, path, epath);
break;
case success: