diff --git a/.gitignore b/.gitignore
index 5a7546c..bee4bab 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,4 @@
+INSTALL
Makefile
Makefile.in
aclocal.m4
@@ -13,18 +14,14 @@ depcomp
install-sh
libtool
ltmain.sh
-man/Makefile
-man/Makefile.in
missing
-src/.deps/
-src/Makefile
-src/Makefile.in
src/config.h
src/stamp-h2
stamp-h1
# file generated during compilation
+.deps
*.o
-src/rpcbind
-src/rpcinfo
+rpcbind
+rpcinfo
# cscope database files
cscope.*
diff --git a/INSTALL b/INSTALL
index 98e5d87..7d1c323 100644
--- a/INSTALL
+++ b/INSTALL
@@ -1,32 +1,25 @@
-Copyright 1994, 1995, 1996, 1999, 2000, 2001, 2002 Free Software
-Foundation, Inc.
+Installation Instructions
+*************************
- This file is free documentation; the Free Software Foundation gives
-unlimited permission to copy, distribute and modify it.
-
-
-rpcbind Quick Installation
-==========================
-
-$ ./configure
-$ make
-# make install
-
- The install phase will install the rpcbind and rpcinfo commands
-under /usr/bin. If you wish they replace the basic portmap and
-rpcinfo commands, you can run:
-
-# mv /sbin/portmap /sbin/portmap.sav
-# ln -s /usr/bin/rpcbind /sbin/portmap
-
-# mv /usr/sbin/rpcinfo /usr/sbin/rpcinfo.sav
-# ln -s /usr/bin/rpcinfo /usr/sbin/rpcinfo
+Copyright (C) 1994, 1995, 1996, 1999, 2000, 2001, 2002, 2004, 2005,
+2006, 2007, 2008, 2009 Free Software Foundation, Inc.
+ Copying and distribution of this file, with or without modification,
+are permitted in any medium without royalty provided the copyright
+notice and this notice are preserved. This file is offered as-is,
+without warranty of any kind.
Basic Installation
==================
- These are generic installation instructions.
+ Briefly, the shell commands `./configure; make; make install' should
+configure, build, and install this package. The following
+more-detailed instructions are generic; see the `README' file for
+instructions specific to this package. Some packages provide this
+`INSTALL' file but do not implement all of the features documented
+below. The lack of an optional feature in a given package is not
+necessarily a bug. More recommendations for GNU packages can be found
+in *note Makefile Conventions: (standards)Makefile Conventions.
The `configure' shell script attempts to guess correct values for
various system-dependent variables used during compilation. It uses
@@ -39,9 +32,9 @@ debugging `configure').
It can also use an optional file (typically called `config.cache'
and enabled with `--cache-file=config.cache' or simply `-C') that saves
-the results of its tests to speed up reconfiguring. (Caching is
+the results of its tests to speed up reconfiguring. Caching is
disabled by default to prevent problems with accidental use of stale
-cache files.)
+cache files.
If you need to do unusual things to compile the package, please try
to figure out how `configure' could check whether to do them, and mail
@@ -51,30 +44,37 @@ some point `config.cache' contains results you don't want to keep, you
may remove or edit it.
The file `configure.ac' (or `configure.in') is used to create
-`configure' by a program called `autoconf'. You only need
-`configure.ac' if you want to change it or regenerate `configure' using
-a newer version of `autoconf'.
+`configure' by a program called `autoconf'. You need `configure.ac' if
+you want to change it or regenerate `configure' using a newer version
+of `autoconf'.
-The simplest way to compile this package is:
+ The simplest way to compile this package is:
1. `cd' to the directory containing the package's source code and type
- `./configure' to configure the package for your system. If you're
- using `csh' on an old version of System V, you might need to type
- `sh ./configure' instead to prevent `csh' from trying to execute
- `configure' itself.
+ `./configure' to configure the package for your system.
- Running `configure' takes awhile. While running, it prints some
- messages telling which features it is checking for.
+ Running `configure' might take a while. While running, it prints
+ some messages telling which features it is checking for.
2. Type `make' to compile the package.
3. Optionally, type `make check' to run any self-tests that come with
- the package.
+ the package, generally using the just-built uninstalled binaries.
4. Type `make install' to install the programs and any data files and
- documentation.
-
- 5. You can remove the program binaries and object files from the
+ documentation. When installing into a prefix owned by root, it is
+ recommended that the package be configured and built as a regular
+ user, and only the `make install' phase executed with root
+ privileges.
+
+ 5. Optionally, type `make installcheck' to repeat any self-tests, but
+ this time using the binaries in their final installed location.
+ This target does not install anything. Running this target as a
+ regular user, particularly if the prior `make install' required
+ root privileges, verifies that the installation completed
+ correctly.
+
+ 6. You can remove the program binaries and object files from the
source code directory by typing `make clean'. To also remove the
files that `configure' created (so you can compile the package for
a different kind of computer), type `make distclean'. There is
@@ -83,6 +83,16 @@ The simplest way to compile this package is:
all sorts of other programs in order to regenerate files that came
with the distribution.
+ 7. Often, you can also type `make uninstall' to remove the installed
+ files again. In practice, not all packages have tested that
+ uninstallation works correctly, even though it is required by the
+ GNU Coding Standards.
+
+ 8. Some packages, particularly those that use Automake, provide `make
+ distcheck', which can by used by developers to test that all other
+ targets like `make install' and `make uninstall' work correctly.
+ This target is generally not run by end users.
+
Compilers and Options
=====================
@@ -94,7 +104,7 @@ for details on some of the pertinent environment variables.
by setting variables in the command line or in the environment. Here
is an example:
- ./configure CC=c89 CFLAGS=-O2 LIBS=-lposix
+ ./configure CC=c99 CFLAGS=-g LIBS=-lposix
*Note Defining Variables::, for more details.
@@ -103,44 +113,89 @@ Compiling For Multiple Architectures
You can compile the package for more than one kind of computer at the
same time, by placing the object files for each architecture in their
-own directory. To do this, you must use a version of `make' that
-supports the `VPATH' variable, such as GNU `make'. `cd' to the
+own directory. To do this, you can use GNU `make'. `cd' to the
directory where you want the object files and executables to go and run
the `configure' script. `configure' automatically checks for the
-source code in the directory that `configure' is in and in `..'.
+source code in the directory that `configure' is in and in `..'. This
+is known as a "VPATH" build.
- If you have to use a `make' that does not support the `VPATH'
-variable, you have to compile the package for one architecture at a
-time in the source code directory. After you have installed the
-package for one architecture, use `make distclean' before reconfiguring
-for another architecture.
+ With a non-GNU `make', it is safer to compile the package for one
+architecture at a time in the source code directory. After you have
+installed the package for one architecture, use `make distclean' before
+reconfiguring for another architecture.
+
+ On MacOS X 10.5 and later systems, you can create libraries and
+executables that work on multiple system types--known as "fat" or
+"universal" binaries--by specifying multiple `-arch' options to the
+compiler but only a single `-arch' option to the preprocessor. Like
+this:
+
+ ./configure CC="gcc -arch i386 -arch x86_64 -arch ppc -arch ppc64" \
+ CXX="g++ -arch i386 -arch x86_64 -arch ppc -arch ppc64" \
+ CPP="gcc -E" CXXCPP="g++ -E"
+
+ This is not guaranteed to produce working output in all cases, you
+may have to build one architecture at a time and combine the results
+using the `lipo' tool if you have problems.
Installation Names
==================
- By default, `make install' will install the package's files in
-`/usr/local/bin', `/usr/local/man', etc. You can specify an
-installation prefix other than `/usr/local' by giving `configure' the
-option `--prefix=PATH'.
+ By default, `make install' installs the package's commands under
+`/usr/local/bin', include files under `/usr/local/include', etc. You
+can specify an installation prefix other than `/usr/local' by giving
+`configure' the option `--prefix=PREFIX', where PREFIX must be an
+absolute file name.
You can specify separate installation prefixes for
architecture-specific files and architecture-independent files. If you
-give `configure' the option `--exec-prefix=PATH', the package will use
-PATH as the prefix for installing programs and libraries.
-Documentation and other data files will still use the regular prefix.
+pass the option `--exec-prefix=PREFIX' to `configure', the package uses
+PREFIX as the prefix for installing programs and libraries.
+Documentation and other data files still use the regular prefix.
In addition, if you use an unusual directory layout you can give
-options like `--bindir=PATH' to specify different values for particular
+options like `--bindir=DIR' to specify different values for particular
kinds of files. Run `configure --help' for a list of the directories
-you can set and what kinds of files go in them.
+you can set and what kinds of files go in them. In general, the
+default for these options is expressed in terms of `${prefix}', so that
+specifying just `--prefix' will affect all of the other directory
+specifications that were not explicitly provided.
+
+ The most portable way to affect installation locations is to pass the
+correct locations to `configure'; however, many packages provide one or
+both of the following shortcuts of passing variable assignments to the
+`make install' command line to change installation locations without
+having to reconfigure or recompile.
+
+ The first method involves providing an override variable for each
+affected directory. For example, `make install
+prefix=/alternate/directory' will choose an alternate location for all
+directory configuration variables that were expressed in terms of
+`${prefix}'. Any directories that were specified during `configure',
+but not in terms of `${prefix}', must each be overridden at install
+time for the entire installation to be relocated. The approach of
+makefile variable overrides for each directory variable is required by
+the GNU Coding Standards, and ideally causes no recompilation.
+However, some platforms have known limitations with the semantics of
+shared libraries that end up requiring recompilation when using this
+method, particularly noticeable in packages that use GNU Libtool.
+
+ The second method involves providing the `DESTDIR' variable. For
+example, `make install DESTDIR=/alternate/directory' will prepend
+`/alternate/directory' before all installation names. The approach of
+`DESTDIR' overrides is not required by the GNU Coding Standards, and
+does not work on platforms that have drive letters. On the other hand,
+it does better at avoiding recompilation issues, and works well even
+when some directory options were not specified in terms of `${prefix}'
+at `configure' time.
+
+Optional Features
+=================
If the package supports it, you can cause programs to be installed
with an extra prefix or suffix on their names by giving `configure' the
option `--program-prefix=PREFIX' or `--program-suffix=SUFFIX'.
-Optional Features
-=================
-
Some packages pay attention to `--enable-FEATURE' options to
`configure', where FEATURE indicates an optional part of the package.
They may also pay attention to `--with-PACKAGE' options, where PACKAGE
@@ -153,6 +208,45 @@ find the X include and library files automatically, but if it doesn't,
you can use the `configure' options `--x-includes=DIR' and
`--x-libraries=DIR' to specify their locations.
+ Some packages offer the ability to configure how verbose the
+execution of `make' will be. For these packages, running `./configure
+--enable-silent-rules' sets the default to minimal output, which can be
+overridden with `make V=1'; while running `./configure
+--disable-silent-rules' sets the default to verbose, which can be
+overridden with `make V=0'.
+
+Particular systems
+==================
+
+ On HP-UX, the default C compiler is not ANSI C compatible. If GNU
+CC is not installed, it is recommended to use the following options in
+order to use an ANSI C compiler:
+
+ ./configure CC="cc -Ae -D_XOPEN_SOURCE=500"
+
+and if that doesn't work, install pre-built binaries of GCC for HP-UX.
+
+ On OSF/1 a.k.a. Tru64, some versions of the default C compiler cannot
+parse its `<wchar.h>' header file. The option `-nodtk' can be used as
+a workaround. If GNU CC is not installed, it is therefore recommended
+to try
+
+ ./configure CC="cc"
+
+and if that doesn't work, try
+
+ ./configure CC="cc -nodtk"
+
+ On Solaris, don't put `/usr/ucb' early in your `PATH'. This
+directory contains several dysfunctional programs; working variants of
+these programs are available in `/usr/bin'. So, if you need `/usr/ucb'
+in your `PATH', put it _after_ `/usr/bin'.
+
+ On Haiku, software installed for all users goes in `/boot/common',
+not `/usr/local'. It is recommended to use the following options:
+
+ ./configure --prefix=/boot/common
+
Specifying the System Type
==========================
@@ -168,14 +262,15 @@ type, such as `sun4', or a canonical name which has the form:
where SYSTEM can have one of these forms:
- OS KERNEL-OS
+ OS
+ KERNEL-OS
See the file `config.sub' for the possible values of each field. If
`config.sub' isn't included in this package, then this package doesn't
need to know the machine type.
If you are _building_ compiler tools for cross-compiling, you should
-use the `--target=TYPE' option to select the type of system they will
+use the option `--target=TYPE' to select the type of system they will
produce code for.
If you want to _use_ a cross compiler, that generates code for a
@@ -205,9 +300,14 @@ them in the `configure' command line, using `VAR=value'. For example:
./configure CC=/usr/local2/bin/gcc
-will cause the specified gcc to be used as the C compiler (unless it is
+causes the specified `gcc' to be used as the C compiler (unless it is
overridden in the site shell script).
+Unfortunately, this technique does not work for `CONFIG_SHELL' due to
+an Autoconf bug. Until the bug is fixed you can use this workaround:
+
+ CONFIG_SHELL=/bin/bash /bin/bash ./configure CONFIG_SHELL=/bin/bash
+
`configure' Invocation
======================
@@ -216,7 +316,14 @@ operates.
`--help'
`-h'
- Print a summary of the options to `configure', and exit.
+ Print a summary of all of the options to `configure', and exit.
+
+`--help=short'
+`--help=recursive'
+ Print a summary of the options unique to this package's
+ `configure', and exit. The `short' variant lists options used
+ only in the top level, while the `recursive' variant lists options
+ also present in any nested packages.
`--version'
`-V'
@@ -243,6 +350,16 @@ operates.
Look for the package's source code in directory DIR. Usually
`configure' can determine that directory automatically.
+`--prefix=DIR'
+ Use DIR as the installation prefix. *note Installation Names::
+ for more details, including other options available for fine-tuning
+ the installation locations.
+
+`--no-create'
+`-n'
+ Run the configure checks, but stop before creating any output
+ files.
+
`configure' also accepts some other, not widely useful, options. Run
`configure --help' for more details.
diff --git a/Makefile.am b/Makefile.am
index cd56148..d10c906 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -1,2 +1,44 @@
-SUBDIRS= src man
+AM_CPPFLAGS = \
+ -DCHECK_LOCAL \
+ -DPORTMAP \
+ -DFACILITY=LOG_MAIL \
+ -DSEVERITY=LOG_INFO \
+ -DINET6 \
+ -DRPCBIND_STATEDIR="\"$(statedir)\"" \
+ -DRPCBIND_USER="\"$(rpcuser)\"" \
+ -D_GNU_SOURCE \
+ $(TIRPC_CFLAGS)
+if DEBUG
+AM_CPPFLAGS += -DRPCBIND_DEBUG -DSVC_RUN_DEBUG -DDEBUG_RMTCALL
+AM_CPPFLAGS += -DND_DEBUG -DBIND_DEBUG
+endif
+
+if WARMSTART
+AM_CPPFLAGS += -DWARMSTART
+endif
+
+if LIBWRAP
+AM_CPPFLAGS += -DLIBWRAP
+endif
+
+bin_PROGRAMS = rpcbind rpcinfo
+
+rpcbind_SOURCES = \
+ src/check_bound.c \
+ src/pmap_svc.c \
+ src/rpcb_stat.c \
+ src/rpcb_svc.c \
+ src/rpcb_svc_4.c \
+ src/rpcb_svc_com.c \
+ src/rpcbind.c \
+ src/rpcbind.h \
+ src/security.c \
+ src/util.c \
+ src/warmstart.c
+rpcbind_LDADD = $(TIRPC_LIBS)
+
+rpcinfo_SOURCES = src/rpcinfo.c
+rpcinfo_LDADD = $(TIRPC_LIBS)
+
+dist_man8_MANS = man/rpcbind.8 man/rpcinfo.8
diff --git a/autogen.sh b/autogen.sh
index 1613b6d..761db90 100755
--- a/autogen.sh
+++ b/autogen.sh
@@ -36,7 +36,7 @@ if test x"${1}" = x"clean"; then
fi
aclocal
-libtoolize --force --copy
-autoheader
+#libtoolize --force --copy
+#autoheader
automake --add-missing --copy --gnu # -Wall
autoconf # -Wall
diff --git a/configure.in b/configure.in
index de1c730..2b67720 100644
--- a/configure.in
+++ b/configure.in
@@ -1,66 +1,39 @@
- AC_INIT(rpcbind, 0.2.0)
+AC_INIT(rpcbind, 0.2.0)
- AM_INIT_AUTOMAKE
-# AM_MAINTAINER_MODE
+AM_INIT_AUTOMAKE
AC_CONFIG_SRCDIR([src/rpcbind.c])
- AC_PROG_CC
- AM_CONFIG_HEADER(config.h)
- AC_HEADER_DIRENT
- AC_PREFIX_DEFAULT(/usr)
-
-AC_CONFIG_SRCDIR([src/config.h.in])
-AC_CONFIG_HEADERS([src/config.h])
-
-AC_PROG_LIBTOOL
-
-AC_ARG_ENABLE(debug,[ --enable-debug Turns on rpcbind debugging],
- [case "${enableval}" in
- yes) debug=true ;;
- no) debug=no ;;
- *) AC_MSG_ERROR(bad value ${enableval} for --enable-debug) ;;
- esac],[debug=false])
-AM_CONDITIONAL(DEBUG, test x$debug = xtrue)
-
-AC_ARG_ENABLE(warmstarts,[ --enable-warmstarts Enables Warm Starts],
- [case "${enableval}" in
- yes) warmstarts=true ;;
- no) warmstarts=no ;;
- *) AC_MSG_ERROR(bad value ${enableval} for --enable-warmstarts) ;;
- esac],[warmstarts=false])
-AM_CONDITIONAL(WARMSTART, test x$warmstarts = xtrue)
-
-if test "$warmstarts" = "true" ; then
- AC_ARG_WITH(statedir,
- [ --with-statedir=/foo use state dir /foo [/tmp]],
- statedir=$withval,
- statedir=/tmp)
- AC_SUBST(statedir)
- AC_DEFINE_UNQUOTED(RPCBIND_STATEDIR, "$statedir", [This defines the location where the state files will be kept for warm starts])
-fi
-AC_ARG_WITH(rpcuser,
- [ --with-rpcuser=user uid to use [root]],
- rpcuser=$withval,
- rpcuser=root)
- AC_SUBST(rpcuser)
-AC_DEFINE_UNQUOTED(RPCBIND_USER, "$rpcuser", [This defines the uid to run as])
+AC_PREFIX_DEFAULT(/usr)
+AC_PROG_CC
+
+AC_ARG_ENABLE([libwrap],
+ AS_HELP_STRING([--enable-libwrap], [Enables host name checking through tcpd @<:@default=no@:>@]))
+AM_CONDITIONAL(LIBWRAP, test x$enable_libwrap = xyes)
+
+AC_ARG_ENABLE([debug],
+ AS_HELP_STRING([--enable-debug], [Turns on rpcbind debugging @<:@default=no@:>@]))
+AM_CONDITIONAL(DEBUG, test x$enable_debug = xyes)
+
+AC_ARG_ENABLE([warmstarts],
+ AS_HELP_STRING([--enable-warmstarts], [Enables Warm Starts @<:@default=no@:>@]))
+AM_CONDITIONAL(WARMSTART, test x$enable_warmstarts = xyes)
+
+AC_ARG_WITH([statedir],
+ AS_HELP_STRING([--with-statedir=ARG], [use ARG as state dir @<:@default=/tmp@:>@])
+ ,, [with_statedir=/tmp])
+AC_SUBST([statedir], [$with_statedir])
+
+AC_ARG_WITH([rpcuser],
+ AS_HELP_STRING([--with-rpcuser=ARG], [use ARG for RPC @<:@default=root@:>@]),
+ ,, [with_rpcuser=root])
+AC_SUBST([rpcuser], [$with_rpcuser])
+
+PKG_CHECK_MODULES([TIRPC], [libtirpc])
-AC_CHECK_HEADERS([arpa/inet.h fcntl.h netdb.h \
- netinet/in.h stdlib.h string.h \
- sys/param.h sys/socket.h \
- sys/time.h syslog.h \
- unistd.h nss.h])
+AS_IF([test x$enable_libwrap = xyes], [
+ AC_CHECK_LIB([wrap], [hosts_access], ,
+ AC_MSG_ERROR([libwrap support requested but unable to find libwrap]))
+])
-AC_CHECK_LIB([pthread], [pthread_create])
-AC_CHECK_LIB([tirpc], [clnt_create])
-AC_ARG_ENABLE(libwrap,[ --enable-libwrap Enables host name checking],
- [case "${enableval}" in
- yes) libwarp=true
- AC_CHECK_LIB([wrap], [hosts_access]) ;;
- no) libwarp=no ;;
- *) AC_MSG_ERROR(bad value ${enableval} for --enable-libwrap) ;;
- esac],[libwarp=false])
-AM_CONDITIONAL(LIBWRAP, test x$libwarp = xtrue)
+AC_SEARCH_LIBS([pthread_create], [pthread])
-AC_CONFIG_FILES([Makefile src/Makefile man/Makefile])
-AC_OUTPUT()
-
+AC_OUTPUT([Makefile])
diff --git a/man/Makefile.am b/man/Makefile.am
deleted file mode 100644
index 84818e9..0000000
--- a/man/Makefile.am
+++ /dev/null
@@ -1,2 +0,0 @@
-man8_MANS = rpcbind.8
-EXTRA_DIST = $(man8_MANS)
diff --git a/man/rpcbind.8 b/man/rpcbind.8
index 32806d4..da32701 100644
--- a/man/rpcbind.8
+++ b/man/rpcbind.8
@@ -82,6 +82,8 @@ during operation, and will abort on certain errors if
is also specified.
With this option, the name-to-address translation consistency
checks are shown in detail.
+.It Fl f
+Do not fork and become a background process.
.It Fl h
Specify specific IP addresses to bind to for UDP requests.
This option
@@ -141,7 +143,6 @@ All RPC servers must be restarted if
.Nm
is restarted.
.Sh SEE ALSO
-.Xr rpcbind 3 ,
.Xr rpcinfo 8
.Sh LINUX PORT
.Bl Aurelien Charbon <aurelien.charbon@bull.net>
diff --git a/src/Makefile.am b/src/Makefile.am
deleted file mode 100644
index cc0a85b..0000000
--- a/src/Makefile.am
+++ /dev/null
@@ -1,34 +0,0 @@
-INCLUDES = -I$(srcdir)/tirpc -DPORTMAP -DINET6 -DVERSION="\"$(VERSION)\"" \
- -D_GNU_SOURCE -Wall -pipe
-if DEBUG
-INCLUDES += -DRPCBIND_DEBUG -DSVC_RUN_DEBUG -DDEBUG_RMTCALL
-INCLUDES += -DND_DEBUG -DBIND_DEBUG
-endif
-
-if WARMSTART
-INCLUDES += -DWARMSTART
-endif
-
-if LIBWRAP
-INCLUDES += -DLIBWRAP
-endif
-
-
-bin_PROGRAMS = rpcbind rpcinfo
-
-rpcbind_SOURCES = check_bound.c rpcbind.c \
- rpcb_svc_4.c rpcb_svc_com.c \
- util.c pmap_svc.c rpcb_stat.c \
- rpcb_svc.c security.c warmstart.c \
- rpcbind.h
-
-rpcinfo_SOURCES = rpcinfo.c
-rpcinfo_LDFLAGS = -lpthread -ltirpc
-rpcinfo_LDADD = $(LIB_TIRPC)
-
-
-rpcbind_LDFLAGS = -lpthread -ltirpc
-rpcbind_LDADD = $(LIB_TIRPC)
-AM_CPPFLAGS = -I/usr/include/tirpc -DCHECK_LOCAL -DPORTMAP \
- -DFACILITY=LOG_MAIL -DSEVERITY=LOG_INFO
-
diff --git a/src/config.h.in b/src/config.h.in
deleted file mode 100644
index 67a0e39..0000000
--- a/src/config.h.in
+++ /dev/null
@@ -1,105 +0,0 @@
-/* config.h.in. Generated from configure.in by autoheader. */
-
-/* Define to 1 if you have the <arpa/inet.h> header file. */
-#undef HAVE_ARPA_INET_H
-
-/* Define to 1 if you have the <dirent.h> header file, and it defines `DIR'.
- */
-#undef HAVE_DIRENT_H
-
-/* Define to 1 if you have the <fcntl.h> header file. */
-#undef HAVE_FCNTL_H
-
-/* Define to 1 if you have the <inttypes.h> header file. */
-#undef HAVE_INTTYPES_H
-
-/* Define to 1 if you have the `pthread' library (-lpthread). */
-#undef HAVE_LIBPTHREAD
-
-/* Define to 1 if you have the `tirpc' library (-ltirpc). */
-#undef HAVE_LIBTIRPC
-
-/* Define to 1 if you have the <memory.h> header file. */
-#undef HAVE_MEMORY_H
-
-/* Define to 1 if you have the <ndir.h> header file, and it defines `DIR'. */
-#undef HAVE_NDIR_H
-
-/* Define to 1 if you have the <netdb.h> header file. */
-#undef HAVE_NETDB_H
-
-/* Define to 1 if you have the <netinet/in.h> header file. */
-#undef HAVE_NETINET_IN_H
-
-/* Define to 1 if you have the <stdint.h> header file. */
-#undef HAVE_STDINT_H
-
-/* Define to 1 if you have the <stdlib.h> header file. */
-#undef HAVE_STDLIB_H
-
-/* Define to 1 if you have the <strings.h> header file. */
-#undef HAVE_STRINGS_H
-
-/* Define to 1 if you have the <string.h> header file. */
-#undef HAVE_STRING_H
-
-/* Define to 1 if you have the <syslog.h> header file. */
-#undef HAVE_SYSLOG_H
-
-/* Define to 1 if you have the <sys/dir.h> header file, and it defines `DIR'.
- */
-#undef HAVE_SYS_DIR_H
-
-/* Define to 1 if you have the <sys/ndir.h> header file, and it defines `DIR'.
- */
-#undef HAVE_SYS_NDIR_H
-
-/* Define to 1 if you have the <sys/param.h> header file. */
-#undef HAVE_SYS_PARAM_H
-
-/* Define to 1 if you have the <sys/socket.h> header file. */
-#undef HAVE_SYS_SOCKET_H
-
-/* Define to 1 if you have the <sys/stat.h> header file. */
-#undef HAVE_SYS_STAT_H
-
-/* Define to 1 if you have the <sys/time.h> header file. */
-#undef HAVE_SYS_TIME_H
-
-/* Define to 1 if you have the <sys/types.h> header file. */
-#undef HAVE_SYS_TYPES_H
-
-/* Define to 1 if you have the <unistd.h> header file. */
-#undef HAVE_UNISTD_H
-
-/* Name of package */
-#undef PACKAGE
-
-/* Define to the address where bug reports for this package should be sent. */
-#undef PACKAGE_BUGREPORT
-
-/* Define to the full name of this package. */
-#undef PACKAGE_NAME
-
-/* Define to the full name and version of this package. */
-#undef PACKAGE_STRING
-
-/* Define to the one symbol short name of this package. */
-#undef PACKAGE_TARNAME
-
-/* Define to the version of this package. */
-#undef PACKAGE_VERSION
-
-/* Define to 1 if you have the ANSI C header files. */
-#undef STDC_HEADERS
-
-/* Version number of package */
-#undef VERSION
-
-/* This defines the location where the state files will be kept for warm
- starts */
-#undef RPCBIND_STATEDIR
-
-/* This defines the uid to run as */
-#undef RPCBIND_USER
-
diff --git a/src/pmap_svc.c b/src/pmap_svc.c
index 4736700..337e64d 100644
--- a/src/pmap_svc.c
+++ b/src/pmap_svc.c
@@ -80,7 +80,7 @@ pmap_service(struct svc_req *rqstp, SVCXPRT *xprt)
if (debugging)
fprintf(stderr, "PMAPPROC_NULL\n");
#endif
- check_access(xprt, rqstp->rq_proc, NULL, PMAPVERS);
+ check_access(xprt, rqstp->rq_proc, 0, PMAPVERS);
if ((!svc_sendreply(xprt, (xdrproc_t) xdr_void, NULL)) &&
debugging) {
if (doabort) {
@@ -201,11 +201,11 @@ pmapproc_change(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt, unsigned long
reg.pm_prog, reg.pm_vers);
#endif
- if (!check_access(xprt, op, ®, PMAPVERS)) {
+ if (!check_access(xprt, op, reg.pm_prog, PMAPVERS)) {
svcerr_weakauth(xprt);
return (FALSE);
}
-
+
rpcbreg.r_prog = reg.pm_prog;
rpcbreg.r_vers = reg.pm_vers;
@@ -276,7 +276,7 @@ pmapproc_getport(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt)
return (FALSE);
}
- if (!check_access(xprt, PMAPPROC_GETPORT, ®, PMAPVERS)) {
+ if (!check_access(xprt, PMAPPROC_GETPORT, reg.pm_prog, PMAPVERS)) {
svcerr_weakauth(xprt);
return FALSE;
}
@@ -340,7 +340,7 @@ pmapproc_dump(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt)
return (FALSE);
}
- if (!check_access(xprt, PMAPPROC_DUMP, NULL, PMAPVERS)) {
+ if (!check_access(xprt, PMAPPROC_DUMP, 0, PMAPVERS)) {
svcerr_weakauth(xprt);
return FALSE;
}
diff --git a/src/rpcb_svc.c b/src/rpcb_svc.c
index 0514ba5..e350f85 100644
--- a/src/rpcb_svc.c
+++ b/src/rpcb_svc.c
@@ -75,6 +75,7 @@ rpcb_service_3(struct svc_req *rqstp, SVCXPRT *transp)
char *result;
xdrproc_t xdr_argument, xdr_result;
void *(*local) __P((void *, struct svc_req *, SVCXPRT *, rpcvers_t));
+ rpcprog_t setprog = 0;
rpcbs_procinfo(RPCBVERS_3_STAT, rqstp->rq_proc);
@@ -88,7 +89,7 @@ rpcb_service_3(struct svc_req *rqstp, SVCXPRT *transp)
fprintf(stderr, "RPCBPROC_NULL\n");
#endif
/* This call just logs, no actual checks */
- check_access(transp, rqstp->rq_proc, NULL, RPCBVERS);
+ check_access(transp, rqstp->rq_proc, 0, RPCBVERS);
(void) svc_sendreply(transp, (xdrproc_t)xdr_void, (char *)NULL);
return;
@@ -166,7 +167,13 @@ rpcb_service_3(struct svc_req *rqstp, SVCXPRT *transp)
(void) fprintf(stderr, "rpcbind: could not decode\n");
return;
}
- if (!check_access(transp, rqstp->rq_proc, &argument, RPCBVERS)) {
+
+ if (rqstp->rq_proc == RPCBPROC_SET
+ || rqstp->rq_proc == RPCBPROC_UNSET
+ || rqstp->rq_proc == RPCBPROC_GETADDR)
+ setprog = argument.rpcbproc_set_3_arg.r_prog;
+
+ if (!check_access(transp, rqstp->rq_proc, setprog, RPCBVERS)) {
svcerr_weakauth(transp);
goto done;
}
diff --git a/src/rpcb_svc_4.c b/src/rpcb_svc_4.c
index 9fd5bef..313e6d1 100644
--- a/src/rpcb_svc_4.c
+++ b/src/rpcb_svc_4.c
@@ -78,6 +78,7 @@ rpcb_service_4(struct svc_req *rqstp, SVCXPRT *transp)
char *result;
xdrproc_t xdr_argument, xdr_result;
void *(*local) __P((void *, struct svc_req *, SVCXPRT *, rpcvers_t));
+ rpcprog_t setprog = 0;
rpcbs_procinfo(RPCBVERS_4_STAT, rqstp->rq_proc);
@@ -90,7 +91,7 @@ rpcb_service_4(struct svc_req *rqstp, SVCXPRT *transp)
if (debugging)
fprintf(stderr, "RPCBPROC_NULL\n");
#endif
- check_access(transp, rqstp->rq_proc, NULL, RPCBVERS4);
+ check_access(transp, rqstp->rq_proc, 0, RPCBVERS4);
(void) svc_sendreply(transp, (xdrproc_t) xdr_void,
(char *)NULL);
return;
@@ -220,7 +221,13 @@ rpcb_service_4(struct svc_req *rqstp, SVCXPRT *transp)
(void) fprintf(stderr, "rpcbind: could not decode\n");
return;
}
- if (!check_access(transp, rqstp->rq_proc, &argument, RPCBVERS4)) {
+
+ if (rqstp->rq_proc == RPCBPROC_SET
+ || rqstp->rq_proc == RPCBPROC_UNSET
+ || rqstp->rq_proc == RPCBPROC_GETADDR)
+ setprog = argument.rpcbproc_set_4_arg.r_prog;
+
+ if (!check_access(transp, rqstp->rq_proc, setprog, RPCBVERS4)) {
svcerr_weakauth(transp);
goto done;
}
diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c
index 291421f..f6bd6bd 100644
--- a/src/rpcb_svc_com.c
+++ b/src/rpcb_svc_com.c
@@ -1227,6 +1227,8 @@ send_svcsyserr(SVCXPRT *xprt, struct finfo *fi)
return;
}
+extern SVCAUTH svc_auth_none;
+
static void
handle_reply(int fd, SVCXPRT *xprt)
{
@@ -1293,7 +1295,10 @@ handle_reply(int fd, SVCXPRT *xprt)
a.rmt_localvers = fi->versnum;
xprt_set_caller(xprt, fi);
+ xprt->xp_auth = &svc_auth_none;
svc_sendreply(xprt, (xdrproc_t) xdr_rmtcall_result, (char *) &a);
+ SVCAUTH_DESTROY(xprt->xp_auth);
+ xprt->xp_auth = NULL;
done:
if (buffer)
free(buffer);
@@ -1372,10 +1377,13 @@ static char *
getowner(SVCXPRT *transp, char *owner, size_t ownersize)
{
uid_t uid;
-
- if (__rpc_get_local_uid(transp, &uid) < 0)
- snprintf(owner, ownersize, "unknown");
- else if (uid == 0)
+
+ if (__rpc_get_local_uid(transp, &uid) < 0) {
+ if (is_localroot(svc_getrpccaller(transp)))
+ snprintf(owner, ownersize, "superuser");
+ else
+ snprintf(owner, ownersize, "unknown");
+ } else if (uid == 0)
snprintf(owner, ownersize, "superuser");
else
snprintf(owner, ownersize, "%d", uid);
diff --git a/src/rpcbind.c b/src/rpcbind.c
index 525ffba..9a0504d 100644
--- a/src/rpcbind.c
+++ b/src/rpcbind.c
@@ -68,7 +68,6 @@
#include <string.h>
#include <errno.h>
#include <nss.h>
-#include "config.h"
#include "rpcbind.h"
/*#define RPCBIND_DEBUG*/
@@ -77,6 +76,7 @@
int debugging = 0; /* Tell me what's going on */
int doabort = 0; /* When debugging, do an abort on errors */
+int dofork = 1; /* fork? */
rpcblist_ptr list_rbl; /* A list of version 3/4 rpcbind services */
@@ -213,8 +213,8 @@ main(int argc, char *argv[])
printf("\n");
}
#endif
- } else {
- if (daemon(0, 0))
+ } else if (dofork) {
+ if (daemon(0, 0))
err(1, "fork failed");
}
@@ -236,6 +236,10 @@ main(int argc, char *argv[])
syslog(LOG_ERR, "setgid to '%s' (%d) failed: %m", id, p->pw_gid);
exit(1);
}
+ if (setgroups(0, NULL) == -1) {
+ syslog(LOG_ERR, "dropping supplemental groups failed: %m");
+ exit(1);
+ }
if (setuid(p->pw_uid) == -1) {
syslog(LOG_ERR, "setuid to '%s' (%d) failed: %m", id, p->pw_uid);
exit(1);
@@ -276,6 +280,7 @@ init_transport(struct netconfig *nconf)
int addrlen = 0;
int nhostsbak;
int checkbind;
+ int on = 1;
struct sockaddr *sa = NULL;
u_int32_t host_addr[4]; /* IPv4 or IPv6 */
struct sockaddr_un sun;
@@ -493,6 +498,14 @@ init_transport(struct netconfig *nconf)
}
oldmask = umask(S_IXUSR|S_IXGRP|S_IXOTH);
__rpc_fd2sockinfo(fd, &si);
+ if (setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, &on,
+ sizeof(on)) != 0) {
+ syslog(LOG_ERR, "cannot set SO_REUSEADDR on %s",
+ nconf->nc_netid);
+ if (res != NULL)
+ freeaddrinfo(res);
+ return 1;
+ }
if (bind(fd, sa, addrlen) < 0) {
syslog(LOG_ERR, "cannot bind %s: %m", nconf->nc_netid);
if (res != NULL)
@@ -731,7 +744,7 @@ parseargs(int argc, char *argv[])
{
int c;
oldstyle_local = 1;
- while ((c = getopt(argc, argv, "dwah:ils")) != -1) {
+ while ((c = getopt(argc, argv, "adh:ilswf")) != -1) {
switch (c) {
case 'a':
doabort = 1; /* when debugging, do an abort on */
@@ -758,13 +771,16 @@ parseargs(int argc, char *argv[])
case 's':
runasdaemon = 1;
break;
+ case 'f':
+ dofork = 0;
+ break;
#ifdef WARMSTART
case 'w':
warmstart = 1;
break;
#endif
default: /* error */
- fprintf(stderr, "usage: rpcbind [-Idwils]\n");
+ fprintf(stderr, "usage: rpcbind [-adhilswf]\n");
exit (1);
}
}
diff --git a/src/rpcbind.h b/src/rpcbind.h
index c800577..74f9591 100644
--- a/src/rpcbind.h
+++ b/src/rpcbind.h
@@ -119,7 +119,7 @@ void rpcbind_abort(void);
void reap(int);
void toggle_verboselog(int);
-int check_access(SVCXPRT *, rpcproc_t, void *, unsigned int);
+int check_access(SVCXPRT *, rpcproc_t, rpcprog_t, unsigned int);
int check_callit(SVCXPRT *, struct r_rmtcall_args *, int);
void logit(int, struct sockaddr *, rpcproc_t, rpcprog_t, const char *);
int is_loopback(struct netbuf *);
diff --git a/src/security.c b/src/security.c
index 0edeac6..d272f74 100644
--- a/src/security.c
+++ b/src/security.c
@@ -62,34 +62,21 @@ int log_severity = PORTMAP_LOG_FACILITY|PORTMAP_LOG_SEVERITY;
extern int verboselog;
int
-check_access(SVCXPRT *xprt, rpcproc_t proc, void *args, unsigned int rpcbvers)
+check_access(SVCXPRT *xprt, rpcproc_t proc, rpcprog_t prog, unsigned int rpcbvers)
{
struct netbuf *caller = svc_getrpccaller(xprt);
struct sockaddr *addr = (struct sockaddr *)caller->buf;
#ifdef LIBWRAP
struct request_info req;
#endif
- rpcprog_t prog = 0;
- rpcb *rpcbp;
- struct pmap *pmap;
/*
* The older PMAP_* equivalents have the same numbers, so
* they are accounted for here as well.
*/
switch (proc) {
- case RPCBPROC_GETADDR:
case RPCBPROC_SET:
case RPCBPROC_UNSET:
- if (rpcbvers > PMAPVERS) {
- rpcbp = (rpcb *)args;
- prog = rpcbp->r_prog;
- } else {
- pmap = (struct pmap *)args;
- prog = pmap->pm_prog;
- }
- if (proc == RPCBPROC_GETADDR)
- break;
if (!insecure && !is_loopback(caller)) {
#ifdef RPCBIND_DEBUG
if (debugging)
@@ -101,6 +88,7 @@ check_access(SVCXPRT *xprt, rpcproc_t proc, void *args, unsigned int rpcbvers)
return 0;
}
break;
+ case RPCBPROC_GETADDR:
case RPCBPROC_CALLIT:
case RPCBPROC_INDIRECT:
case RPCBPROC_DUMP:
@@ -150,8 +138,7 @@ is_loopback(struct netbuf *nbuf)
"Checking caller's adress (port = %d)\n",
ntohs(sin->sin_port));
#endif
- return ((sin->sin_addr.s_addr == htonl(INADDR_LOOPBACK)) &&
- (ntohs(sin->sin_port) < IPPORT_RESERVED));
+ return (sin->sin_addr.s_addr == htonl(INADDR_LOOPBACK));
#ifdef INET6
case AF_INET6:
if (!oldstyle_local)
@@ -163,10 +150,9 @@ is_loopback(struct netbuf *nbuf)
"Checking caller's adress (port = %d)\n",
ntohs(sin6->sin6_port));
#endif
- return ((IN6_IS_ADDR_LOOPBACK(&sin6->sin6_addr) ||
+ return (IN6_IS_ADDR_LOOPBACK(&sin6->sin6_addr) ||
(IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr) &&
- sin6->sin6_addr.s6_addr32[3] == htonl(INADDR_LOOPBACK))) &&
- (ntohs(sin6->sin6_port) < IPV6PORT_RESERVED));
+ sin6->sin6_addr.s6_addr32[3] == htonl(INADDR_LOOPBACK)));
#endif
case AF_LOCAL:
return 1;
diff --git a/src/warmstart.c b/src/warmstart.c
index 25e5d89..d1bb971 100644
--- a/src/warmstart.c
+++ b/src/warmstart.c
@@ -46,7 +46,6 @@
#include <unistd.h>
#include <errno.h>
-#include "config.h"
#include "rpcbind.h"
#ifndef RPCBIND_STATEDIR