From: Steve Dickson Date: Sat, 3 Jan 2009 19:08:25 +0000 (-0500) Subject: Now that the TCP wrapper actually works, mounts will X-Git-Tag: nfs-utils-1-1-5~36 X-Git-Url: https://git.decadent.org.uk/gitweb/?a=commitdiff_plain;h=6e3f696e788a56f30b5b3f8250647fe4cd63c884;p=nfs-utils.git Now that the TCP wrapper actually works, mounts will be denied with misconfigured DNS configurations. Warnings will be logged when these types of configurations are detected. Signed-off-by: Steve Dickson --- diff --git a/support/misc/tcpwrapper.c b/support/misc/tcpwrapper.c index bc7fb4a..977dfca 100644 --- a/support/misc/tcpwrapper.c +++ b/support/misc/tcpwrapper.c @@ -48,6 +48,8 @@ #include #include +#include "xlog.h" + #ifdef SYSV40 #include #include @@ -181,17 +183,27 @@ struct sockaddr_in *addr; /* Now do the hostname lookup */ hp = gethostbyaddr ((const char *) &(addr->sin_addr), sizeof (addr->sin_addr), AF_INET); - if (!hp) + if (!hp) { + xlog(L_WARNING, + "Warning: Client IP address '%s' not found in host lookup", + inet_ntoa(addr->sin_addr)); return DENY; /* never heard of it. misconfigured DNS? */ + } /* Make sure the hostent is authorative. */ tmpname = strdup(hp->h_name); - if (!tmpname) + if (!tmpname) { + xlog(L_WARNING, "Warning: No memory for Host access check"); return DENY; + } hp = gethostbyname(tmpname); - free(tmpname); - if (!hp) + if (!hp) { + xlog(L_WARNING, + "Warning: Client hostname '%s' not found in host lookup", tmpname); + free(tmpname); return DENY; /* never heard of it. misconfigured DNS? */ + } + free(tmpname); /* Now make sure the address is on the list */ for (sp = hp->h_addr_list ; *sp ; sp++) {