From 6e3f696e788a56f30b5b3f8250647fe4cd63c884 Mon Sep 17 00:00:00 2001 From: Steve Dickson Date: Sat, 3 Jan 2009 14:08:25 -0500 Subject: [PATCH] Now that the TCP wrapper actually works, mounts will be denied with misconfigured DNS configurations. Warnings will be logged when these types of configurations are detected. Signed-off-by: Steve Dickson --- support/misc/tcpwrapper.c | 20 ++++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) diff --git a/support/misc/tcpwrapper.c b/support/misc/tcpwrapper.c index bc7fb4a..977dfca 100644 --- a/support/misc/tcpwrapper.c +++ b/support/misc/tcpwrapper.c @@ -48,6 +48,8 @@ #include #include +#include "xlog.h" + #ifdef SYSV40 #include #include @@ -181,17 +183,27 @@ struct sockaddr_in *addr; /* Now do the hostname lookup */ hp = gethostbyaddr ((const char *) &(addr->sin_addr), sizeof (addr->sin_addr), AF_INET); - if (!hp) + if (!hp) { + xlog(L_WARNING, + "Warning: Client IP address '%s' not found in host lookup", + inet_ntoa(addr->sin_addr)); return DENY; /* never heard of it. misconfigured DNS? */ + } /* Make sure the hostent is authorative. */ tmpname = strdup(hp->h_name); - if (!tmpname) + if (!tmpname) { + xlog(L_WARNING, "Warning: No memory for Host access check"); return DENY; + } hp = gethostbyname(tmpname); - free(tmpname); - if (!hp) + if (!hp) { + xlog(L_WARNING, + "Warning: Client hostname '%s' not found in host lookup", tmpname); + free(tmpname); return DENY; /* never heard of it. misconfigured DNS? */ + } + free(tmpname); /* Now make sure the address is on the list */ for (sp = hp->h_addr_list ; *sp ; sp++) { -- 2.39.2