Make --enable-secure-statd the default.

[nfs-utils.git] / utils / statd / simu.c

diff --git a/utils/statd/simu.c b/utils/statd/simu.c
index fa4e3a63da246608bd11fd934639c9d2c55aa3cc..82d794e1c2667a20198f0cb24a89bcf5e95f75ca 100644 (file)
--- a/utils/statd/simu.c
+++ b/utils/statd/simu.c
@@ -4,7 +4,11 @@
  * NSM for Linux.
  */
 
-#include "config.h"
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+#include <arpa/inet.h>
+
 #include "statd.h"
 #include "notlist.h"
 
@@ -19,11 +23,34 @@ sm_simu_crash_1_svc (void *argp, struct svc_req *rqstp)
 {
   static char *result = NULL;
 
-  log (L_WARNING, "*** SIMULATING CRASH! ***");
+#ifdef RESTRICTED_STATD
+       struct in_addr  caller;
+
+       /* 1.   Reject anyone not calling from 127.0.0.1.
+        *      Ignore the my_name specified by the caller, and
+        *      use "127.0.0.1" instead.
+        */
+       caller = svc_getcaller(rqstp->rq_xprt)->sin_addr;
+       if (caller.s_addr != htonl(INADDR_LOOPBACK)) {
+               note(N_WARNING,
+                       "Call to statd from non-local host %s",
+                       inet_ntoa(caller));
+               goto failure;
+       }
+       if (ntohs(svc_getcaller(rqstp->rq_xprt)->sin_port) >= 1024) {
+               note(N_WARNING,
+                    "Call to statd-simu-crash from unprivileged port\n");
+               goto failure;
+       }
+#endif
+  note (N_WARNING, "*** SIMULATING CRASH! ***");
   my_svc_exit ();
 
   if (rtnl)
     nlist_kill (&rtnl);
 
+#ifdef RESTRICTED_STATD
+ failure:
+#endif
   return ((void *)&result);
 }