From owner-freebsd-current Sat Jan 11 09:27:00 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.4/8.8.4) id JAA24821 for current-outgoing; Sat, 11 Jan 1997 09:27:00 -0800 (PST) Received: from freeside.fc.net ([204.157.153.2]) by freefall.freebsd.org (8.8.4/8.8.4) with SMTP id JAA24812 for ; Sat, 11 Jan 1997 09:26:54 -0800 (PST) Received: from rider.fc.net (rider.fc.net [206.224.74.198]) by freeside.fc.net (8.6.12/8.6.6) with ESMTP id LAA03251; Sat, 11 Jan 1997 11:25:57 -0600 Received: from papillon.lemis.de ([192.109.197.159]) by rider.fc.net (8.7.5/8.7.3) with ESMTP id LAA04958; Sat, 11 Jan 1997 11:27:57 -0600 (CST) From: Greg Lehey Received: (grog@localhost) by papillon.lemis.de (8.8.4/8.6.12) id NAA00382; Fri, 10 Jan 1997 13:47:32 -0600 (CST) Organisation: LEMIS, Schellnhausen 2, 36325 Feldatal, Germany Phone: +49-6637-919123 Fax: +49-6637-919122 Message-Id: <199701101947.NAA00382@papillon.lemis.de> Subject: Re: What's happened to nfsd and mountd? In-Reply-To: <199701100612.BAA27329@skynet.ctr.columbia.edu> from Bill Paul at "Jan 10, 97 01:12:34 am" To: wpaul@skynet.ctr.columbia.edu (Bill Paul) Date: Fri, 10 Jan 1997 13:47:32 -0600 (CST) Cc: FreeBSD-current@FreeBSD.ORG (FreeBSD current users) Reply-to: grog@lemis.de (Greg Lehey) X-Mailer: ELM [version 2.4ME+ PL28 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-current@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk Bill Paul writes: > Of all the gin joints in all the towns in all the world, grog@lemis.de > had to walk into mine and say: > >> Peter Wemm writes: >>> Greg Lehey wrote: >>>> A pointer to the problem, by the look of it: >>>> >>>> === grog@freebie (/dev/ttypa) ~/src 3 -> gma >>>> get_myaddress() returns 0 >>>> sin_family = 0 (AF_INET = 2) >>>> sin_len = 3 (16) >>>> sin_port = 0 >>>> sin_addr = 0.32.0.0 >>>> SIOCFIGCONF used 1008 bytes of a buffer 1024 long >>> >>> YIKES! >> chop] > > Indeed. > >> Unfortunately, mountd still fails (and draws portmap in for sympathy) >> with a message which completely baffles me: >> >> Jan 9 12:08:28 freebie portmap[754]: connect from 127.0.0.1 to unset(mountd): request from non-local host >> chop] > > Aha. Okay, I think get_myaddress() is fine now, but next somebody will have > to fix src/usr.sbin/portmap/from_local.c. Yes, I thought it would be something like that. I just didn't have time to go look. > This code is supposed to compare the client IP address against > everything it considers to be a local interface address. However, it > allocates a static buffer that's only large enough for 16 > interfaces. In both these cases, there are much more than 16 > interfaces involved, so SIOCGIFCONF is probably failing. There are > two bugs here: the first is that portmap doesn't use a flexible > enough mechanism to read all the local interfaces and 2) it doesn't > syslog() an appropriate error message when SIOCGIFCONF fails so that > you have some idea of what's going on. Sounds a reasonable hypothesis. > Bumping up the buffer size is not the correct solution, unfortunately. > The correct solution is to do what ifconfig(8) does and use sysctl(). > Only problem is that the correct solution is also tough to implement. :) > > I was hoping to eventually make from_local.c go away: if portmap uses > a local-only transport (AF_UNIX socket) for pmap_set() and pmap_unset(), > then you don't really need from_local() anymore. This also closes a > security hole since from_local() is not really secure, thanks to > IP spoofing. Also, it just occured to me tonight that this whole > situation can get really weird if you're using IP address translation. The situation certainly seems to be crying out for a better solution. I never got round to looking at the code: is AF_UNIX faster than AF_INET to localhost? Greg