|
|
4f2874 |
diff -up nfs-utils-1.3.0/support/include/nfslib.h.orig nfs-utils-1.3.0/support/include/nfslib.h
|
|
|
4f2874 |
--- nfs-utils-1.3.0/support/include/nfslib.h.orig 2014-03-25 11:12:07.000000000 -0400
|
|
|
4f2874 |
+++ nfs-utils-1.3.0/support/include/nfslib.h 2014-11-14 11:16:06.785633197 -0500
|
|
|
4f2874 |
@@ -174,6 +174,7 @@ void closeall(int min);
|
|
|
4f2874 |
|
|
|
4f2874 |
int svctcp_socket (u_long __number, int __reuse);
|
|
|
4f2874 |
int svcudp_socket (u_long __number);
|
|
|
4f2874 |
+int svcsock_nonblock (int __sock);
|
|
|
4f2874 |
|
|
|
4f2874 |
/* Misc shared code prototypes */
|
|
|
4f2874 |
size_t strlcat(char *, const char *, size_t);
|
|
|
4f2874 |
diff -up nfs-utils-1.3.0/support/nfs/rpcmisc.c.orig nfs-utils-1.3.0/support/nfs/rpcmisc.c
|
|
|
4f2874 |
--- nfs-utils-1.3.0/support/nfs/rpcmisc.c.orig 2014-03-25 11:12:07.000000000 -0400
|
|
|
4f2874 |
+++ nfs-utils-1.3.0/support/nfs/rpcmisc.c 2014-11-14 11:16:06.785633197 -0500
|
|
|
4f2874 |
@@ -104,7 +104,7 @@ makesock(int port, int proto)
|
|
|
4f2874 |
return -1;
|
|
|
4f2874 |
}
|
|
|
4f2874 |
|
|
|
4f2874 |
- return sock;
|
|
|
4f2874 |
+ return svcsock_nonblock(sock);
|
|
|
4f2874 |
}
|
|
|
4f2874 |
|
|
|
4f2874 |
void
|
|
|
4f2874 |
diff -up nfs-utils-1.3.0/support/nfs/svc_create.c.orig nfs-utils-1.3.0/support/nfs/svc_create.c
|
|
|
4f2874 |
--- nfs-utils-1.3.0/support/nfs/svc_create.c.orig 2014-03-25 11:12:07.000000000 -0400
|
|
|
4f2874 |
+++ nfs-utils-1.3.0/support/nfs/svc_create.c 2014-11-14 11:16:06.785633197 -0500
|
|
|
4f2874 |
@@ -49,6 +49,8 @@
|
|
|
4f2874 |
|
|
|
4f2874 |
#ifdef HAVE_LIBTIRPC
|
|
|
4f2874 |
|
|
|
4f2874 |
+#include <rpc/rpc_com.h>
|
|
|
4f2874 |
+
|
|
|
4f2874 |
#define SVC_CREATE_XPRT_CACHE_SIZE (8)
|
|
|
4f2874 |
static SVCXPRT *svc_create_xprt_cache[SVC_CREATE_XPRT_CACHE_SIZE] = { NULL, };
|
|
|
4f2874 |
|
|
|
4f2874 |
@@ -277,6 +279,12 @@ svc_create_nconf_rand_port(const char *n
|
|
|
4f2874 |
"(%s, %u, %s)", name, version, nconf->nc_netid);
|
|
|
4f2874 |
return 0;
|
|
|
4f2874 |
}
|
|
|
4f2874 |
+ if (svcsock_nonblock(xprt->xp_fd) < 0) {
|
|
|
4f2874 |
+ /* close() already done by svcsock_nonblock() */
|
|
|
4f2874 |
+ xprt->xp_fd = RPC_ANYFD;
|
|
|
4f2874 |
+ SVC_DESTROY(xprt);
|
|
|
4f2874 |
+ return 0;
|
|
|
4f2874 |
+ }
|
|
|
4f2874 |
|
|
|
4f2874 |
if (!svc_reg(xprt, program, version, dispatch, nconf)) {
|
|
|
4f2874 |
/* svc_reg(3) destroys @xprt in this case */
|
|
|
4f2874 |
@@ -332,6 +340,7 @@ svc_create_nconf_fixed_port(const char *
|
|
|
4f2874 |
int fd;
|
|
|
4f2874 |
|
|
|
4f2874 |
fd = svc_create_sock(ai->ai_addr, ai->ai_addrlen, nconf);
|
|
|
4f2874 |
+ fd = svcsock_nonblock(fd);
|
|
|
4f2874 |
if (fd == -1)
|
|
|
4f2874 |
goto out_free;
|
|
|
4f2874 |
|
|
|
4f2874 |
@@ -394,6 +403,7 @@ nfs_svc_create(char *name, const rpcprog
|
|
|
4f2874 |
const struct sigaction create_sigaction = {
|
|
|
4f2874 |
.sa_handler = SIG_IGN,
|
|
|
4f2874 |
};
|
|
|
4f2874 |
+ int maxrec = RPC_MAXDATASIZE;
|
|
|
4f2874 |
unsigned int visible, up, servport;
|
|
|
4f2874 |
struct netconfig *nconf;
|
|
|
4f2874 |
void *handlep;
|
|
|
4f2874 |
@@ -405,6 +415,20 @@ nfs_svc_create(char *name, const rpcprog
|
|
|
4f2874 |
*/
|
|
|
4f2874 |
(void)sigaction(SIGPIPE, &create_sigaction, NULL);
|
|
|
4f2874 |
|
|
|
4f2874 |
+ /*
|
|
|
4f2874 |
+ * Setting MAXREC also enables non-blocking mode for tcp connections.
|
|
|
4f2874 |
+ * This avoids DOS attacks by a client sending many requests but never
|
|
|
4f2874 |
+ * reading the reply:
|
|
|
4f2874 |
+ * - if a second request already is present for reading in the socket,
|
|
|
4f2874 |
+ * after the first request just was read, libtirpc will break the
|
|
|
4f2874 |
+ * connection. Thus an attacker can't simply send requests as fast as
|
|
|
4f2874 |
+ * he can without waiting for the response.
|
|
|
4f2874 |
+ * - if the write buffer of the socket is full, the next write() will
|
|
|
4f2874 |
+ * fail with EAGAIN. libtirpc will retry the write in a loop for max.
|
|
|
4f2874 |
+ * 2 seconds. If write still fails, the connection will be closed.
|
|
|
4f2874 |
+ */
|
|
|
4f2874 |
+ rpc_control(RPC_SVC_CONNMAXREC_SET, &maxrec);
|
|
|
4f2874 |
+
|
|
|
4f2874 |
handlep = setnetconfig();
|
|
|
4f2874 |
if (handlep == NULL) {
|
|
|
4f2874 |
xlog(L_ERROR, "Failed to access local netconfig database: %s",
|
|
|
4f2874 |
diff -up nfs-utils-1.3.0/support/nfs/svc_socket.c.orig nfs-utils-1.3.0/support/nfs/svc_socket.c
|
|
|
4f2874 |
--- nfs-utils-1.3.0/support/nfs/svc_socket.c.orig 2014-03-25 11:12:07.000000000 -0400
|
|
|
4f2874 |
+++ nfs-utils-1.3.0/support/nfs/svc_socket.c 2014-11-14 11:16:06.785633197 -0500
|
|
|
4f2874 |
@@ -67,6 +67,39 @@ int getservport(u_long number, const cha
|
|
|
4f2874 |
return 0;
|
|
|
4f2874 |
}
|
|
|
4f2874 |
|
|
|
4f2874 |
+int
|
|
|
4f2874 |
+svcsock_nonblock(int sock)
|
|
|
4f2874 |
+{
|
|
|
4f2874 |
+ int flags;
|
|
|
4f2874 |
+
|
|
|
4f2874 |
+ if (sock < 0)
|
|
|
4f2874 |
+ return sock;
|
|
|
4f2874 |
+
|
|
|
4f2874 |
+ /* This socket might be shared among multiple processes
|
|
|
4f2874 |
+ * if mountd is run multi-threaded. So it is safest to
|
|
|
4f2874 |
+ * make it non-blocking, else all threads might wake
|
|
|
4f2874 |
+ * one will get the data, and the others will block
|
|
|
4f2874 |
+ * indefinitely.
|
|
|
4f2874 |
+ * In all cases, transaction on this socket are atomic
|
|
|
4f2874 |
+ * (accept for TCP, packet-read and packet-write for UDP)
|
|
|
4f2874 |
+ * so O_NONBLOCK will not confuse unprepared code causing
|
|
|
4f2874 |
+ * it to corrupt messages.
|
|
|
4f2874 |
+ * It generally safest to have O_NONBLOCK when doing an accept
|
|
|
4f2874 |
+ * as if we get a RST after the SYN and before accept runs,
|
|
|
4f2874 |
+ * we can block despite being told there was an acceptable
|
|
|
4f2874 |
+ * connection.
|
|
|
4f2874 |
+ */
|
|
|
4f2874 |
+ if ((flags = fcntl(sock, F_GETFL)) < 0)
|
|
|
4f2874 |
+ perror(_("svc_socket: can't get socket flags"));
|
|
|
4f2874 |
+ else if (fcntl(sock, F_SETFL, flags|O_NONBLOCK) < 0)
|
|
|
4f2874 |
+ perror(_("svc_socket: can't set socket flags"));
|
|
|
4f2874 |
+ else
|
|
|
4f2874 |
+ return sock;
|
|
|
4f2874 |
+
|
|
|
4f2874 |
+ (void) __close(sock);
|
|
|
4f2874 |
+ return -1;
|
|
|
4f2874 |
+}
|
|
|
4f2874 |
+
|
|
|
4f2874 |
static int
|
|
|
4f2874 |
svc_socket (u_long number, int type, int protocol, int reuse)
|
|
|
4f2874 |
{
|
|
|
4f2874 |
@@ -104,38 +137,7 @@ svc_socket (u_long number, int type, int
|
|
|
4f2874 |
sock = -1;
|
|
|
4f2874 |
}
|
|
|
4f2874 |
|
|
|
4f2874 |
- if (sock >= 0)
|
|
|
4f2874 |
- {
|
|
|
4f2874 |
- /* This socket might be shared among multiple processes
|
|
|
4f2874 |
- * if mountd is run multi-threaded. So it is safest to
|
|
|
4f2874 |
- * make it non-blocking, else all threads might wake
|
|
|
4f2874 |
- * one will get the data, and the others will block
|
|
|
4f2874 |
- * indefinitely.
|
|
|
4f2874 |
- * In all cases, transaction on this socket are atomic
|
|
|
4f2874 |
- * (accept for TCP, packet-read and packet-write for UDP)
|
|
|
4f2874 |
- * so O_NONBLOCK will not confuse unprepared code causing
|
|
|
4f2874 |
- * it to corrupt messages.
|
|
|
4f2874 |
- * It generally safest to have O_NONBLOCK when doing an accept
|
|
|
4f2874 |
- * as if we get a RST after the SYN and before accept runs,
|
|
|
4f2874 |
- * we can block despite being told there was an acceptable
|
|
|
4f2874 |
- * connection.
|
|
|
4f2874 |
- */
|
|
|
4f2874 |
- int flags;
|
|
|
4f2874 |
- if ((flags = fcntl(sock, F_GETFL)) < 0)
|
|
|
4f2874 |
- {
|
|
|
4f2874 |
- perror (_("svc_socket: can't get socket flags"));
|
|
|
4f2874 |
- (void) __close (sock);
|
|
|
4f2874 |
- sock = -1;
|
|
|
4f2874 |
- }
|
|
|
4f2874 |
- else if (fcntl(sock, F_SETFL, flags|O_NONBLOCK) < 0)
|
|
|
4f2874 |
- {
|
|
|
4f2874 |
- perror (_("svc_socket: can't set socket flags"));
|
|
|
4f2874 |
- (void) __close (sock);
|
|
|
4f2874 |
- sock = -1;
|
|
|
4f2874 |
- }
|
|
|
4f2874 |
- }
|
|
|
4f2874 |
-
|
|
|
4f2874 |
- return sock;
|
|
|
4f2874 |
+ return svcsock_nonblock(sock);
|
|
|
4f2874 |
}
|
|
|
4f2874 |
|
|
|
4f2874 |
/*
|