diff options
author | Bill Paul <wpaul@FreeBSD.org> | 1995-12-16 20:54:17 +0000 |
---|---|---|
committer | Bill Paul <wpaul@FreeBSD.org> | 1995-12-16 20:54:17 +0000 |
commit | 778c7b1c1c6bcd696918f410306457c989a65d33 (patch) | |
tree | b482c0df4aeed97dbf67034a03c60d54726b3959 /usr.sbin/ypserv/yp_access.c | |
parent | f998a45ff5bb611c86e43032333c385dbc3d9476 (diff) | |
download | src-778c7b1c1c6bcd696918f410306457c989a65d33.tar.gz src-778c7b1c1c6bcd696918f410306457c989a65d33.zip |
Import the new, non-GPL ypserv, written by yours truly. Functionally
equivalent to the old ypserv, except that it doesn't support the
-p [port] option to force the server to use a particular port.
The server stubs and yp.h header file are auto-generated from the yp.x
protocol definition file. The auto-generated XDR routines in libc/yp
are also used. The database access code has been broken out into a
seperate module so that other NIS utilities (ypxfr in particular)
can use it.
Note that the old mknetid script is being temporarily moved here; it
will be replaced by an mknetid program which will eventually have
a home under /usr/src/libexec. (The existing script is actually
somewhat broken -- it doesn't handle hosts -- but this isn't a big
deal at this point since the netid.byname map is really only useful
fopr Secure RPC, which we don't have yet.)
Notes
Notes:
svn path=/cvs2svn/branches/WPAUL/dist/; revision=12891
Diffstat (limited to 'usr.sbin/ypserv/yp_access.c')
-rw-r--r-- | usr.sbin/ypserv/yp_access.c | 146 |
1 files changed, 146 insertions, 0 deletions
diff --git a/usr.sbin/ypserv/yp_access.c b/usr.sbin/ypserv/yp_access.c new file mode 100644 index 000000000000..d022d8e2fdc4 --- /dev/null +++ b/usr.sbin/ypserv/yp_access.c @@ -0,0 +1,146 @@ +/* + * Copyright (c) 1995 + * Bill Paul <wpaul@ctr.columbia.edu>. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Bill Paul. + * 4. Neither the name of the author nor the names of any co-contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY Bill Paul AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL Bill Paul OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + */ + +#include <rpc/rpc.h> +#include <sys/types.h> +#include <sys/socket.h> +#include <netinet/in.h> +#include <arpa/inet.h> +#include <sys/stat.h> +#include <paths.h> +#include <sys/param.h> +#include "yp_extern.h" +#ifdef TCP_WRAPPER +#include "tcpd.h" +#endif + +extern int debug; + +char *yp_procs[] = { "ypproc_null" , + "ypproc_domain", + "ypproc_domain_nonack", + "ypproc_match", + "ypproc_first", + "ypproc_next", + "ypproc_xfr", + "ypproc_clear", + "ypproc_all", + "ypproc_master", + "ypproc_order", + "ypproc_maplist" + }; + +/* + * Access control functions. + * + * yp_access() checks the mapname and client host address and watches for + * the following things: + * + * - If the client is referencing one of the master.passwd.* maps, it must + * be using a privileged port to make its RPC to us. If it is, then we can + * assume that the caller is root and allow the RPC to succeed. If it + * isn't access is denied. + * + * - If we are compiled with the tcpwrapper package, we also check to see + * if the host makes it past the libwrap checks and deny access if it + * doesn't. Host address checks are disabled if not compiled with the + * tcp_wrapper package. + * + * The yp_validdomain() functions checks the domain specified by the caller + * to make sure it's actually served by this server. This is more a sanity + * check than an a security check, but this seems to be the best place for + * it. + */ + +int yp_access(map, rqstp) + const char *map; + const struct svc_req *rqstp; +{ + struct sockaddr_in *rqhost; +#ifdef TCP_WRAPPER + int status = 0; + unsigned long oldaddr; +#endif + + rqhost = svc_getcaller(rqstp->rq_xprt); + + if (debug) { + yp_error("Procedure %s called from %s:%d", + yp_procs[rqstp->rq_proc], inet_ntoa(rqhost->sin_addr), + ntohs(rqhost->sin_port)); + if (map != NULL) + yp_error("Client is referencing map \"%s\".", map); + } + + /* Check the map name if one was supplied. */ + if (map != NULL) { + if (strstr(map, "master.passwd.") && ntohs(rqhost->sin_port) > 1023) { + yp_error("Access to %s denied -- client not privileged", map); + return(1); + } + } + +#ifdef TCP_WRAPPER + /* Check client address if TCP_WRAPPER is enalbled. */ + status = hosts_ctl(progname, STRING_UNKNOWN, + inet_ntoa(rqhost->sin_addr, ""); + + if (!status && rqhost->sin_addr.s_addr != oldaddr) { + yp_error("connect from %s:%d refused", + inet_ntoa(rqhost->sin_addr, ntohs(rqhost->sin_port)); + oldaddr = rqhost->sin_addr.s_addr; + return(1); + } +#endif + return(0); + +} + +int yp_validdomain(domain) + const char *domain; +{ + struct stat statbuf; + char dompath[MAXPATHLEN + 2]; + + if (domain == NULL || strstr(domain, "binding") || + !strcmp(domain, ".") || !strcmp(domain, "..") || + strchr(domain, '/')) + return(1); + + snprintf(dompath, sizeof(dompath), "%s/%s", yp_dir, domain); + + if (stat(dompath, &statbuf) < 0 || !S_ISDIR(statbuf.st_mode)) + return(1); + + return(0); +} |