From owner-freebsd-security@FreeBSD.ORG Tue Mar 2 13:58:14 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C716816A4CE for ; Tue, 2 Mar 2004 13:58:14 -0800 (PST) Received: from arginine.spc.org (arginine.spc.org [195.206.69.236]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5423143D1F for ; Tue, 2 Mar 2004 13:58:14 -0800 (PST) (envelope-from bms@spc.org) Received: from localhost (localhost [127.0.0.1]) by arginine.spc.org (Postfix) with ESMTP id 348A065414 for ; Tue, 2 Mar 2004 21:58:13 +0000 (GMT) Received: from arginine.spc.org ([127.0.0.1]) by localhost (arginine.spc.org [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 29922-03-3 for ; Tue, 2 Mar 2004 21:58:12 +0000 (GMT) Received: from saboteur.dek.spc.org (82-147-17-88.dsl.uk.rapidplay.com [82.147.17.88]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by arginine.spc.org (Postfix) with ESMTP id F2D1765468 for ; Tue, 2 Mar 2004 21:58:11 +0000 (GMT) Received: by saboteur.dek.spc.org (Postfix, from userid 1001) id 158B518; Tue, 2 Mar 2004 21:58:11 +0000 (GMT) Date: Tue, 2 Mar 2004 21:58:10 +0000 From: Bruce M Simpson To: freebsd-security@FreeBSD.org Message-ID: <20040302215810.GK7115@saboteur.dek.spc.org> Mail-Followup-To: freebsd-security@FreeBSD.org References: <20040302211030.GJ7115@saboteur.dek.spc.org> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="X3gaHHMYHkYqP6yf" Content-Disposition: inline In-Reply-To: <20040302211030.GJ7115@saboteur.dek.spc.org> Subject: [RELENG_4] Re: [PATCH] Force mountd(8) to a specified port. X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 02 Mar 2004 21:58:14 -0000 --X3gaHHMYHkYqP6yf Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Tue, Mar 02, 2004 at 09:10:30PM +0000, Bruce M Simpson wrote: > As you are aware, RPC applications can be forced to listen on a known port > through the sin/sa argument to bindresvport[_sa](). Why several Linux > distributions have this feature yet none of the BSDs do is beyond me... Here's a similar patch for RELENG_4. Please give me feedback. Regards, BMS --X3gaHHMYHkYqP6yf Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="mountd-port-stable.diff" ? .mountd.c.rej.swp Index: mountd.8 =================================================================== RCS file: /home/ncvs/src/sbin/mountd/Attic/mountd.8,v retrieving revision 1.16.2.2 diff -u -r1.16.2.2 mountd.8 --- mountd.8 8 Dec 2000 14:04:02 -0000 1.16.2.2 +++ mountd.8 2 Mar 2004 21:56:11 -0000 @@ -43,6 +43,7 @@ .Sh SYNOPSIS .Nm .Op Fl 2dlnr +.Op Fl p Ar port .Op Ar exportsfile .Sh DESCRIPTION .Nm Mountd @@ -76,6 +77,18 @@ that require it. It will automatically clear the vfs.nfs.nfs_privport sysctl flag, which controls if the kernel will accept NFS requests from reserved ports only. +.It Fl p Ar port +Force +.Nm +to bind to the specified port, for both +.Vt AF_INET +and +.Vt AF_INET6 +address families. +If +.Nm +cannot bind to this port, an appropriate error will be recorded in +the system log, and the daemon will then exit. .It Fl r Allow mount RPCs requests for regular files to be served. Although this seems to violate the mount protocol specification, Index: mountd.c =================================================================== RCS file: /home/ncvs/src/sbin/mountd/Attic/mountd.c,v retrieving revision 1.39.2.5 diff -u -r1.39.2.5 mountd.c --- mountd.c 13 Sep 2002 15:57:43 -0000 1.39.2.5 +++ mountd.c 2 Mar 2004 21:56:11 -0000 @@ -238,8 +238,12 @@ int argc; char **argv; { + struct sockaddr_in sin; SVCXPRT *udptransp, *tcptransp; + char *endptr; int c, error, mib[3]; + int tcpsock, udpsock; + in_port_t svcport; struct vfsconf vfc; error = getvfsbyname("nfs", &vfc); @@ -252,7 +256,7 @@ if (error) errx(1, "NFS support is not available in the running kernel"); - while ((c = getopt(argc, argv, "2dlnr")) != -1) + while ((c = getopt(argc, argv, "2dlnp:r")) != -1) switch (c) { case '2': force_v2 = 1; @@ -269,6 +273,14 @@ case 'l': log = 1; break; + case 'p': + endptr = NULL; + svcport = (in_port_t)strtoul(optarg, &endptr, 10); + if (endptr == NULL || *endptr != '\0' || + svcport < IPPORT_RESERVEDSTART || + svcport >= 65535) + usage(); + break; default: usage(); }; @@ -313,8 +325,24 @@ exit(1); } } - if ((udptransp = svcudp_create(RPC_ANYSOCK)) == NULL || - (tcptransp = svctcp_create(RPC_ANYSOCK, 0, 0)) == NULL) { + if ((udpsock = socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP)) == -1 || + (tcpsock = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP)) == -1) { + syslog(LOG_ERR, "can't create socket"); + exit(1); + } + if (svcport != 0) { + bzero(&sin, sizeof(struct sockaddr_in)); + sin.sin_len = sizeof(struct sockaddr_in); + sin.sin_family = AF_INET; + sin.sin_port = htons(svcport); + if (bind(udpsock, (struct sockaddr *)&sin, sizeof(sin)) == -1 || + bind(tcpsock, (struct sockaddr *)&sin, sizeof(sin)) == -1) { + syslog(LOG_ERR, "can't bind socket"); + exit(1); + } + } + if ((udptransp = svcudp_create(udpsock)) == NULL || + (tcptransp = svctcp_create(tcpsock, 0, 0)) == NULL) { syslog(LOG_ERR, "can't create socket"); exit(1); } @@ -340,7 +368,8 @@ usage() { fprintf(stderr, - "usage: mountd [-2] [-d] [-l] [-n] [-r] [export_file]\n"); + "usage: mountd [-2] [-d] [-l] [-n] [-p ] [-r] " + "[export_file]\n"); exit(1); } --X3gaHHMYHkYqP6yf--