Blame SOURCES/nfs-utils-1.3.0-mountd-dos.patch

4f2874
diff -up nfs-utils-1.3.0/support/include/nfslib.h.orig nfs-utils-1.3.0/support/include/nfslib.h
4f2874
--- nfs-utils-1.3.0/support/include/nfslib.h.orig	2014-03-25 11:12:07.000000000 -0400
4f2874
+++ nfs-utils-1.3.0/support/include/nfslib.h	2014-11-14 11:16:06.785633197 -0500
4f2874
@@ -174,6 +174,7 @@ void closeall(int min);
4f2874
 
4f2874
 int			svctcp_socket (u_long __number, int __reuse);
4f2874
 int			svcudp_socket (u_long __number);
4f2874
+int			svcsock_nonblock (int __sock);
4f2874
 
4f2874
 /* Misc shared code prototypes */
4f2874
 size_t  strlcat(char *, const char *, size_t);
4f2874
diff -up nfs-utils-1.3.0/support/nfs/rpcmisc.c.orig nfs-utils-1.3.0/support/nfs/rpcmisc.c
4f2874
--- nfs-utils-1.3.0/support/nfs/rpcmisc.c.orig	2014-03-25 11:12:07.000000000 -0400
4f2874
+++ nfs-utils-1.3.0/support/nfs/rpcmisc.c	2014-11-14 11:16:06.785633197 -0500
4f2874
@@ -104,7 +104,7 @@ makesock(int port, int proto)
4f2874
 		return -1;
4f2874
 	}
4f2874
 
4f2874
-	return sock;
4f2874
+	return svcsock_nonblock(sock);
4f2874
 }
4f2874
 
4f2874
 void
4f2874
diff -up nfs-utils-1.3.0/support/nfs/svc_create.c.orig nfs-utils-1.3.0/support/nfs/svc_create.c
4f2874
--- nfs-utils-1.3.0/support/nfs/svc_create.c.orig	2014-03-25 11:12:07.000000000 -0400
4f2874
+++ nfs-utils-1.3.0/support/nfs/svc_create.c	2014-11-14 11:16:06.785633197 -0500
4f2874
@@ -49,6 +49,8 @@
4f2874
 
4f2874
 #ifdef HAVE_LIBTIRPC
4f2874
 
4f2874
+#include <rpc/rpc_com.h>
4f2874
+
4f2874
 #define SVC_CREATE_XPRT_CACHE_SIZE	(8)
4f2874
 static SVCXPRT *svc_create_xprt_cache[SVC_CREATE_XPRT_CACHE_SIZE] = { NULL, };
4f2874
 
4f2874
@@ -277,6 +279,12 @@ svc_create_nconf_rand_port(const char *n
4f2874
 			"(%s, %u, %s)", name, version, nconf->nc_netid);
4f2874
 		return 0;
4f2874
 	}
4f2874
+	if (svcsock_nonblock(xprt->xp_fd) < 0) {
4f2874
+		/* close() already done by svcsock_nonblock() */
4f2874
+		xprt->xp_fd = RPC_ANYFD;
4f2874
+		SVC_DESTROY(xprt);
4f2874
+		return 0;
4f2874
+	}
4f2874
 
4f2874
 	if (!svc_reg(xprt, program, version, dispatch, nconf)) {
4f2874
 		/* svc_reg(3) destroys @xprt in this case */
4f2874
@@ -332,6 +340,7 @@ svc_create_nconf_fixed_port(const char *
4f2874
 		int fd;
4f2874
 
4f2874
 		fd = svc_create_sock(ai->ai_addr, ai->ai_addrlen, nconf);
4f2874
+		fd = svcsock_nonblock(fd);
4f2874
 		if (fd == -1)
4f2874
 			goto out_free;
4f2874
 
4f2874
@@ -394,6 +403,7 @@ nfs_svc_create(char *name, const rpcprog
4f2874
 	const struct sigaction create_sigaction = {
4f2874
 		.sa_handler	= SIG_IGN,
4f2874
 	};
4f2874
+	int maxrec = RPC_MAXDATASIZE;
4f2874
 	unsigned int visible, up, servport;
4f2874
 	struct netconfig *nconf;
4f2874
 	void *handlep;
4f2874
@@ -405,6 +415,20 @@ nfs_svc_create(char *name, const rpcprog
4f2874
 	 */
4f2874
 	(void)sigaction(SIGPIPE, &create_sigaction, NULL);
4f2874
 
4f2874
+	/*
4f2874
+	 * Setting MAXREC also enables non-blocking mode for tcp connections.
4f2874
+	 * This avoids DOS attacks by a client sending many requests but never
4f2874
+	 * reading the reply:
4f2874
+	 * - if a second request already is present for reading in the socket,
4f2874
+	 *   after the first request just was read, libtirpc will break the
4f2874
+	 *   connection. Thus an attacker can't simply send requests as fast as
4f2874
+	 *   he can without waiting for the response.
4f2874
+	 * - if the write buffer of the socket is full, the next write() will
4f2874
+	 *   fail with EAGAIN. libtirpc will retry the write in a loop for max.
4f2874
+	 *   2 seconds. If write still fails, the connection will be closed.
4f2874
+	 */   
4f2874
+	rpc_control(RPC_SVC_CONNMAXREC_SET, &maxrec);
4f2874
+
4f2874
 	handlep = setnetconfig();
4f2874
 	if (handlep == NULL) {
4f2874
 		xlog(L_ERROR, "Failed to access local netconfig database: %s",
4f2874
diff -up nfs-utils-1.3.0/support/nfs/svc_socket.c.orig nfs-utils-1.3.0/support/nfs/svc_socket.c
4f2874
--- nfs-utils-1.3.0/support/nfs/svc_socket.c.orig	2014-03-25 11:12:07.000000000 -0400
4f2874
+++ nfs-utils-1.3.0/support/nfs/svc_socket.c	2014-11-14 11:16:06.785633197 -0500
4f2874
@@ -67,6 +67,39 @@ int getservport(u_long number, const cha
4f2874
 	return 0;
4f2874
 }
4f2874
 
4f2874
+int
4f2874
+svcsock_nonblock(int sock)
4f2874
+{
4f2874
+	int flags;
4f2874
+
4f2874
+	if (sock < 0)
4f2874
+		return sock;
4f2874
+
4f2874
+	/* This socket might be shared among multiple processes
4f2874
+	 * if mountd is run multi-threaded.  So it is safest to
4f2874
+	 * make it non-blocking, else all threads might wake
4f2874
+	 * one will get the data, and the others will block
4f2874
+	 * indefinitely.
4f2874
+	 * In all cases, transaction on this socket are atomic
4f2874
+	 * (accept for TCP, packet-read and packet-write for UDP)
4f2874
+	 * so O_NONBLOCK will not confuse unprepared code causing
4f2874
+	 * it to corrupt messages.
4f2874
+	 * It generally safest to have O_NONBLOCK when doing an accept
4f2874
+	 * as if we get a RST after the SYN and before accept runs,
4f2874
+	 * we can block despite being told there was an acceptable
4f2874
+	 * connection.
4f2874
+	 */
4f2874
+	if ((flags = fcntl(sock, F_GETFL)) < 0)
4f2874
+		perror(_("svc_socket: can't get socket flags"));
4f2874
+	else if (fcntl(sock, F_SETFL, flags|O_NONBLOCK) < 0)
4f2874
+		perror(_("svc_socket: can't set socket flags"));
4f2874
+	else
4f2874
+		return sock;
4f2874
+
4f2874
+	(void) __close(sock);
4f2874
+	return -1;
4f2874
+}
4f2874
+
4f2874
 static int
4f2874
 svc_socket (u_long number, int type, int protocol, int reuse)
4f2874
 {
4f2874
@@ -104,38 +137,7 @@ svc_socket (u_long number, int type, int
4f2874
       sock = -1;
4f2874
     }
4f2874
 
4f2874
-  if (sock >= 0)
4f2874
-    {
4f2874
-	    /* This socket might be shared among multiple processes
4f2874
-	     * if mountd is run multi-threaded.  So it is safest to
4f2874
-	     * make it non-blocking, else all threads might wake
4f2874
-	     * one will get the data, and the others will block
4f2874
-	     * indefinitely.
4f2874
-	     * In all cases, transaction on this socket are atomic
4f2874
-	     * (accept for TCP, packet-read and packet-write for UDP)
4f2874
-	     * so O_NONBLOCK will not confuse unprepared code causing
4f2874
-	     * it to corrupt messages.
4f2874
-	     * It generally safest to have O_NONBLOCK when doing an accept
4f2874
-	     * as if we get a RST after the SYN and before accept runs,
4f2874
-	     * we can block despite being told there was an acceptable
4f2874
-	     * connection.
4f2874
-	     */
4f2874
-	int flags;
4f2874
-	if ((flags = fcntl(sock, F_GETFL)) < 0)
4f2874
-	  {
4f2874
-	      perror (_("svc_socket: can't get socket flags"));
4f2874
-	      (void) __close (sock);
4f2874
-	      sock = -1;
4f2874
-	  }
4f2874
-	else if (fcntl(sock, F_SETFL, flags|O_NONBLOCK) < 0)
4f2874
-	  {
4f2874
-	      perror (_("svc_socket: can't set socket flags"));
4f2874
-	      (void) __close (sock);
4f2874
-	      sock = -1;
4f2874
-	  }
4f2874
-    }
4f2874
-
4f2874
-  return sock;
4f2874
+  return svcsock_nonblock(sock);
4f2874
 }
4f2874
 
4f2874
 /*