#include "nfslib.h"
#include "exportfs.h"
#include "mountd.h"
+#include "xmalloc.h"
enum auth_error
{
not_exported,
illegal_port,
faked_hostent,
+ no_forward_dns,
success
};
AF_INET);
else {
/* must make sure the hostent is authorative. */
- char *name = strdup((*hpp)->h_name);
char **sp;
- *hpp = gethostbyname(name);
- /* now make sure the "addr" is in the list */
- for (sp = (*hpp)->h_addr_list ; *sp ; sp++) {
- if (memcmp(*sp, &addr, (*hpp)->h_length)==0)
- break;
+ struct hostent *forward = NULL;
+ char *tmpname;
+
+ *hpp = hostent_dup (*hpp);
+ tmpname = xstrdup((*hpp)->h_name);
+ if (tmpname) {
+ forward = gethostbyname(tmpname);
+ free(tmpname);
}
+ if (forward) {
+ /* now make sure the "addr" is in the list */
+ for (sp = forward->h_addr_list ; *sp ; sp++) {
+ if (memcmp(*sp, &addr, forward->h_length)==0)
+ break;
+ }
- if (!*sp) {
- free(name);
- /* it was a FAKE */
- *error = faked_hostent;
- *hpp = NULL;
+ if (!*sp) {
+ /* it was a FAKE */
+ *error = faked_hostent;
+ return NULL;
+ }
+ free (*hpp);
+ *hpp = hostent_dup (forward);
+ }
+ else {
+ /* never heard of it. misconfigured DNS? */
+ *error = no_forward_dns;
return NULL;
}
- *hpp = hostent_dup (*hpp);
- free(name);
}
if (!(exp = export_find(*hpp, path))) {
struct in_addr addr = caller->sin_addr;
enum auth_error error;
- if (path [0] != '/') return exp;
+ if (path [0] != '/') {
+ xlog(L_WARNING, "bad path in %s request from %s: \"%s\"",
+ what, inet_ntoa(addr), path);
+ return exp;
+ }
strncpy(epath, path, sizeof (epath) - 1);
epath[sizeof (epath) - 1] = '\0';
break;
case faked_hostent:
- xlog(L_WARNING, "refused %s request from %s for %s (%s): faked hostent",
- what, inet_ntoa(addr), path, epath);
+ xlog(L_WARNING, "refused %s request from %s (%s) for %s (%s): DNS forward lookup does't match with reverse",
+ what, inet_ntoa(addr), hp->h_name, path, epath);
+ break;
+
+ case no_forward_dns:
+ xlog(L_WARNING, "refused %s request from %s (%s) for %s (%s): no DNS forward lookup",
+ what, inet_ntoa(addr), hp->h_name, path, epath);
break;
case success: