Commit Graph

124 Commits

Author SHA1 Message Date
David Bright
d18c9a9197 RPCBIND: skip ipv6 link local when request is not from link local address
RPCINFO on macOS behaves different compared to other linux clients and
doesn't provide request address in rpcb structure of the
RPCBPROC_GETADDRLIST call which doesn't seem to be forbidden.

In this case RPCBIND uses RPC call's source address and picks a
closest corresponding local address. If there are no addresses in the
same subnet as the source address, return of RPCBIND may vary
depending on the order of addresses returned in getifaddrs. If a link
local precedes global address it may be returned even if the request
comes from neither a link local nor from link local in a different
scope, which will prevent services like nfs from working in tpc6
scenario on macOS clients. Issue can be seen only on FreeBSD rpcbind
port due to changes in workflow of addrmerge call.

Submitted by:	Dmitry Ovsyannikov (Dmitry.Ovsyannikov@dell.com)
Reviewers:	dab
Differential Revision:	https://reviews.freebsd.org/D31491
Sponsored by:	Dell EMC
MFC to:	stable/12, stable/13
MFC after:	1 week
2021-10-04 10:45:26 -07:00
Alex Richardson
c826e08841 Fix MK_TESTS build with MK_ASAN/MK_UBSAN
Reviewed By:	markj
Differential Revision: https://reviews.freebsd.org/D31049
2021-08-02 14:33:24 +01:00
Simon J. Gerraty
2c9a9dfc18 Update Makefile.depend files
Update a bunch of Makefile.depend files as
a result of adding Makefile.depend.options files

Reviewed by:	 bdrewery
MFC after:	1 week
Sponsored by:   Juniper Networks
Differential Revision:  https://reviews.freebsd.org/D22494
2019-12-11 17:37:53 +00:00
Simon J. Gerraty
5ab1c5846f Add Makefile.depend.options
Leaf directories that have dependencies impacted
by options need a Makefile.depend.options file
to avoid churn in Makefile.depend

DIRDEPS for cases such as OPENSSL, TCP_WRAPPERS etc
can be set in local.dirdeps-options.mk
which can add to those set in Makefile.depend.options

See share/mk/dirdeps-options.mk

Reviewed by:	 bdrewery
MFC after:	1 week
Sponsored by:   Juniper Networks
Differential Revision:  https://reviews.freebsd.org/D22469
2019-12-11 17:37:37 +00:00
Xin LI
3e09403f77 Plug a possible memory leak.
MFC after:	2 weeks
2018-03-19 05:49:26 +00:00
Hiroki Sato
7ef6eb24c9 - Remove extra NULL check before free().
- Fix null pointer dereference in netbuffree() and use netbuffree()
  where applicable.
2018-03-05 03:38:31 +00:00
Hiroki Sato
c5814cf61c Partially back out changes in r327464. stdlib.h is used when
RPCBIND_DEBUG is enabled.
2018-03-05 03:34:01 +00:00
Conrad Meyer
35f85edc80 rpcbind: Fix race in signal termination
If a signal was delivered while the main thread was not in poll(2) and after
check was performed, we could reenter poll and never detect termination. Fix
this with the pipefd trick.  (This race was introduced very recently, in
r327482.)

PR:		224503
Reported by:	kib
Reviewed by:	kib, markj
Sponsored by:	Dell EMC Isilon
2018-01-02 17:25:13 +00:00
Conrad Meyer
b545252a16 rpcbind: Fix build
Add missed unistd.h include.  Not sure where it was lost; I believe it
compiled before I submitted the change.

PR:		224503
Reported by:	Cy Schubert <Cy.Schubert AT komquats.com>
Sponsored by:	Dell EMC Isilon
2018-01-02 01:48:11 +00:00
Conrad Meyer
055569f608 rpcbind: Do not use signal-unsafe functions in SIGTERM handler
syslog(3), routines used in write_warmstart(), and exit(3) are all
signal-unsafe.  Instead, set a signal-safe flag and check the flag in the
rpcbind main loop to shutdown safely.

PR:		224503
Reviewed by:	kib, markj
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D13728
2018-01-02 00:48:19 +00:00
Xin LI
c3fc0d96f3 Remove unused includes. 2018-01-01 09:41:18 +00:00
Pedro F. Giffuni
1de7b4b805 various: general adoption of SPDX licensing ID tags.
Mainly focus on files that use BSD 2-Clause license, however the tool I
was using misidentified many licenses so this was mostly a manual - error
prone - task.

The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.

No functional change intended.
2017-11-27 15:37:16 +00:00
Pedro F. Giffuni
8a16b7a18f General further adoption of SPDX licensing ID tags.
Mainly focus on files that use BSD 3-Clause license.

The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.

Special thanks to Wind River for providing access to "The Duke of
Highlander" tool: an older (2014) run over FreeBSD tree was useful as a
starting point.
2017-11-20 19:49:47 +00:00
Bryan Drewery
ea825d0274 DIRDEPS_BUILD: Update dependencies.
Sponsored by:	Dell EMC Isilon
2017-10-31 00:07:04 +00:00
Enji Cooper
d511b20a69 Add HAS_TESTS to all Makefiles that are currently using the
`SUBDIR.${MK_TESTS}+= tests` idiom.

This is a follow up to r321912.
2017-08-02 08:50:42 +00:00
Enji Cooper
4b330699f8 Convert traditional ${MK_TESTS} conditional idiom for including test
directories to SUBDIR.${MK_TESTS} idiom

This is being done to pave the way for future work (and homogenity) in
^/projects/make-check-sandbox .

No functional change intended.

MFC after:	1 weeks
2017-08-02 08:35:51 +00:00
Xin LI
6448ec89e7 * limit size of buffers to RPC_MAXDATASIZE
* don't leak memory
 * be more picky about bad parameters

From:

https://raw.githubusercontent.com/guidovranken/rpcbomb/master/libtirpc_patch.txt
https://github.com/guidovranken/rpcbomb/blob/master/rpcbind_patch.txt

via NetBSD.

Reviewed by:	emaste, cem (earlier version)
Differential Revision:	https://reviews.freebsd.org/D10922
MFC after:	3 days
2017-06-01 06:12:25 +00:00
Enji Cooper
609b7b269d Add a knob, WITH*_RPCBIND_WARMSTART_SUPPORT, to allow the end-user to build
rpcbind(8) with/without warmstart support.

The knob defaults to off to preserve POLA for the feature.

See rpcbind(8) for more details about the warmstart feature.

MFC after:	7 weeks
Relnotes:	yes
Sponsored by:	Dell EMC Isilon
2017-04-19 20:45:46 +00:00
Enji Cooper
ebb27fd055 Fix indentation per style.Makefile(5)
MFC after:	7 weeks
Sponsored by:	Dell EMC Isilon
2017-04-19 20:27:13 +00:00
Enji Cooper
bffe25839c rpcbind(8): post-humously document -w (warmstart) support added in r74462
warmstart support saves portmap/rpcbind(8) registration state on exit and
restores the saved registration state on restart.

MFC after:	7 weeks
Sponsored by:	Dell EMC Isilon
2017-04-19 20:23:27 +00:00
Enji Cooper
7e84e1cb45 rpcbind(8): add a description for /var/run/rpcbind.sock under the FILES section
MFC after:	7 weeks
Sponsored by:	Dell EMC Isilon
2017-04-19 20:04:45 +00:00
Enji Cooper
218d5aa052 rpcbind(8): wordsmith -h description and mention -W in the SYNOPSIS section
-W was already documented in the OPTIONS section.

MFC after:	7 weeks
Reported by:	igor (-h wordsmith'ing)
Sponsored by:	Dell EMC Isilon
2017-04-19 18:01:53 +00:00
Enji Cooper
fadafdfa69 Print out the signal number on exit in terminate(..) if WARMSTART is compiled
into rpcbind.

The signal number can provide helpful diagnostic info.

MFC after:	1 week
Obtained from:	Isilon OneFS
Sponsored by:	Dell EMC Isilon
2017-04-19 17:51:32 +00:00
Enji Cooper
64a0982bee usr.sbin: normalize paths using SRCTOP-relative paths or :H when possible
This simplifies make logic/output

MFC after:	1 month
Sponsored by:	Dell EMC Isilon
2017-03-04 11:38:03 +00:00
Enji Cooper
74410f9362 Conditionalize wrap(3) use based on MK_TCP_WRAPPERS instead of
always building support into rpcbind.

MFC after:	2 weeks
2017-01-06 04:13:08 +00:00
Alan Somers
498a196b80 Fix usr.sbin/rpcbind ATF tests on 32-bit platforms
usr.sbin/rpcbind/tests/addrmerge_test.c
	Fix some sizeof calculations that work only by luck on 64-bit
	platforms.

PR:		210314
Reviewed by:	ngie
Approved by:	re (kib)
Reported by:	Mark Millard
MFC after:	4 weeks
Sponsored by:	Spectra Logic Corp
Differential Revision:	https://reviews.freebsd.org/D6855
2016-06-16 15:25:37 +00:00
Pedro F. Giffuni
c7310cbc6a rpcbind(8): Make use of some xdr_* macros.
xdr_rpcproc, xdr_rpcprog and xdr_rpcvers were broken in older
versions of FreeBSD but fixed in r296394.  Give them some use
hoping they help make the code somewhat more readable.
2016-06-09 22:25:00 +00:00
Enji Cooper
6ee7c85891 Bounds check rpcbs_rmtcall(..) to ensure rtype is less than RPCBVERS_STAT
Not returning if rtype == RPCBVERS_STAT will cause us to overrun the inf array, as
it's defined to be exactly RPCBVERS_STAT elements in rpcb_prot.x:

> include/rpc/rpcb_prot.x:typedef rpcb_stat rpcb_stat_byvers[RPCBVERS_STAT];

The proposed change also matches the rest of the rtype upper bound checks in the
file, so the original change was likely a typo.

MFC after: 2 weeks
Reported by: Coverity
CID: 1007567
Reviewed by: truckman
Sponsored by: EMC / Isilon Storage Division
2016-06-08 12:45:22 +00:00
Enji Cooper
98a7b0ba5c Follow up to r300932
In the event MK_INET6 != no in userspace, but is disabled in the
kernel, or if there aren't any IPv6 addresses configured in userspace
(for lo0 and all physical interfaces), rpcbind would terminate
immediately instead of silently failing on

Skip over the IPv6 block to its respective cleanup with freeifaddrs if
creating the socket failed instead of terminating rpcbind immediately

MFC after: 6 days
X-MFC with: r300932
Reported by: O. Hartmann <ohartman@zedat.fu-berlin.de>
Sponsored by: EMC / Isilon Storage Division
2016-05-29 20:28:01 +00:00
Mark Johnston
5656b5057e Fix rpcbind init after r300941.
- getaddrinfo() sets res = NULL on failure and freeaddrinfo() always
  dereferences its argument, so we should only free the address list after
  a successful call.
- Address a second potential leak caused by getaddrinfo(AF_INET6)
  overwriting the address list returned by getaddrinfo(AF_INET).

X-MFC-With:	r300941
2016-05-29 19:46:34 +00:00
Enji Cooper
4eb767eab0 Staticize variables only used in rpcbind.c
This is some low hanging fruit necessary for making this WARNS?= 6 clean

MFC after: 3 days
Sponsored by: EMC / Isilon Storage Division
2016-05-29 07:01:12 +00:00
Enji Cooper
370b69af0f Remove unnecessary caller_uaddr != NULL test before calling free on it
MFC after: 3 days
Sponsored by: EMC / Isilon Storage Division
2016-05-29 06:29:22 +00:00
Enji Cooper
3f78f0a950 Remove a useless if (x != NULL) check before calling free on allocated_uaddr
MFC after: 3 days
Sponsored by: EMC / Isilon Storage Division
2016-05-29 06:01:18 +00:00
Enji Cooper
b07f123b60 Don't leak res in network_init(..)
Call freeaddrinfo on it after it's been used

MFC after: 1 week
Reported by: Coverity
CID: 1225050
Sponsored by: EMC / Isilon Storage Division
2016-05-29 05:55:21 +00:00
Enji Cooper
4b528ceaf7 Plug leak with ifp by calling freeifaddrs after calling getifaddrs
MFC after: 1 week
Obtained from: NetBSD v1.18
Sponsored by: EMC / Isilon Storage Division
2016-05-29 04:02:02 +00:00
Enji Cooper
43db5d126c Catch malloc(3) errors and socket(2) errors
- malloc failing will result in a delayed segfault
- socket failing will result in delayed failures with setsockopt

Exit in the event that either of these high-level conditions are met.

Reported by: Coverity
CID: 976288, 976321, 976858
Sponsored by: EMC / Isilon Storage Division
2016-05-29 03:42:50 +00:00
Enji Cooper
65d4c609a4 Only expose hint_uaddr in the ND_DEBUG case
This fixes a -Wunused-but-set-variable warning with gcc

MFC after: 1 week
Reported by: gcc 5
Sponsored by: EMC / Isilon Storage Division
2016-05-27 19:30:13 +00:00
Enji Cooper
430f7286a5 Merge ^/user/ngie/release-pkg-fix-tests to unbreak how test files are installed
after r298107

Summary of changes:

- Replace all instances of FILES/TESTS with ${PACKAGE}FILES. This ensures that
  namespacing is kept with FILES appropriately, and that this shouldn't need
  to be repeated if the namespace changes -- only the definition of PACKAGE
  needs to be changed
- Allow PACKAGE to be overridden by callers instead of forcing it to always be
  `tests`. In the event we get to the point where things can be split up
  enough in the base system, it would make more sense to group the tests
  with the blocks they're a part of, e.g. byacc with byacc-tests, etc
- Remove PACKAGE definitions where possible, i.e. where FILES wasn't used
  previously.
- Remove unnecessary TESTSPACKAGE definitions; this has been elided into
  bsd.tests.mk
- Remove unnecessary BINDIRs used previously with ${PACKAGE}FILES;
  ${PACKAGE}FILESDIR is now automatically defined in bsd.test.mk.
- Fix installation of files under data/ subdirectories in lib/libc/tests/hash
  and lib/libc/tests/net/getaddrinfo
- Remove unnecessary .include <bsd.own.mk>s (some opportunistic cleanup)

Document the proposed changes in share/examples/tests/tests/... via examples
so it's clear that ${PACKAGES}FILES is the suggested way forward in terms of
replacing FILES. share/mk/bsd.README didn't seem like the appropriate method
of communicating that info.

MFC after: never probably
X-MFC with: r298107
PR: 209114
Relnotes: yes
Tested with: buildworld, installworld, checkworld; buildworld, packageworld
Sponsored by: EMC / Isilon Storage Division
2016-05-04 23:20:53 +00:00
Pedro F. Giffuni
e9fc928faa rpcbind: use our roundup() macro when available through <sys/param.h>.
No functional change.
2016-05-02 02:15:05 +00:00
Glen Barber
7d536dc855 MFH
Sponsored by:	The FreeBSD Foundation
2016-03-10 21:16:01 +00:00
Bryan Drewery
15c433351f DIRDEPS_BUILD: Connect MK_TESTS.
Sponsored by:	EMC / Isilon Storage Division
2016-03-09 22:46:01 +00:00
Glen Barber
43faedc133 First pass to fix the 'tests' packages.
Sponsored by:	The FreeBSD Foundation
2016-02-02 22:26:49 +00:00
Alan Somers
0191f57ff1 Fix Coverity warnings regarding r293229
rpcbind/check_bound.c
	Fix CID1347798, a memory leak in mergeaddr.

rpcbind/tests/addrmerge_test.c
	Fix CID1347800 through CID1347803, memory leaks in ATF tests.  They
	are harmless because each ATF test case runs in its own process, but
	they are trivial to fix.  Fix a few other leaks that Coverity didn't
	detect, too.

Coverity CID:	1347798, 1347800, 1347801, 1347802, 1347803
MFC after:	2 weeks
X-MFC-With:	293229
Sponsored by:	Spectra Logic Corp
2016-01-13 17:33:50 +00:00
Alan Somers
a85f12322c "source routing" in rpcbind
Fix a bug in rpcbind for multihomed hosts. If the server had interfaces on
two separate subnets, and a client on the first subnet contacted rpcbind at
the address on the second subnet, rpcbind would advertise addresses on the
first subnet. This is a bug, because it should prefer to advertise the
address where it was contacted. The requested service might be firewalled
off from the address on the first subnet, for example.

usr.sbin/rpcbind/check_bound.c
	If the address on which a request was received is known, pass that
	to addrmerge as the clnt_uaddr parameter. That is what addrmerge's
	comment indicates the parameter is supposed to mean. The previous
	behavior is that clnt_uaddr would contain the address from which the
	client sent the request.

usr.sbin/rpcbind/util.c
	Modify addrmerge to prefer to use an IP that is equal to clnt_uaddr,
	if one is found. Refactor the relevant portion of the function for
	clarity, and to reduce the number of ifdefs.

etc/mtree/BSD.tests.dist
usr.sbin/rpcbind/tests/Makefile
usr.sbin/rpcbind/tests/addrmerge_test.c
	Add unit tests for usr.sbin/rpcbind/util.c:addrmerge.

usr.sbin/rpcbind/check_bound.c
usr.sbin/rpcbind/rpcbind.h
usr.sbin/rpcbind/util.c
	Constify some function arguments

Reviewed by:	imp
MFC after:	4 weeks
Sponsored by:	Spectra Logic Corp
Differential Revision:	https://reviews.freebsd.org/D4690
2016-01-06 00:00:11 +00:00
Hiroki Sato
c1d0909a53 Reallocate a maxlen-long buffer only when the current maxlen is
shorter than the required length.  Note that it rarely happens
because maxlen is almost always 128 which covers struct sockaddr_storage.
2015-10-06 08:43:48 +00:00
Xin LI
0ed633d0f8 Fix a regression with SA-15:24 patch that prevented NIS from
working.
2015-10-02 16:35:41 +00:00
Xin LI
066c492a77 The Sun RPC framework uses a netbuf structure to represent the
transport specific form of a universal transport address.  The
structure is expected to be opaque to consumers.  In the current
implementation, the structure contains a pointer to a buffer
that holds the actual address.

In rpcbind(8), netbuf structures are copied directly, which would
result in two netbuf structures that reference to one shared
address buffer.  When one of the two netbuf structures is freed,
access to the other netbuf structure would result in an undefined
result that may crash the rpcbind(8) daemon.

Fix this by making a copy of the buffer that is going to be freed
instead of doing a shallow copy.

Security:	FreeBSD-SA-15:24.rpcbind
Security:	CVE-2015-7236
2015-09-29 18:05:54 +00:00
Simon J. Gerraty
ccfb965433 Add META_MODE support.
Off by default, build behaves normally.
WITH_META_MODE we get auto objdir creation, the ability to
start build from anywhere in the tree.

Still need to add real targets under targets/ to build packages.

Differential Revision:       D2796
Reviewed by: brooks imp
2015-06-13 19:20:56 +00:00
Simon J. Gerraty
44d314f704 dirdeps.mk now sets DEP_RELDIR 2015-06-08 23:35:17 +00:00
Simon J. Gerraty
98e0ffaefb Merge sync of head 2015-05-27 01:19:58 +00:00