2021-02-25 06:05:51

by NeilBrown

[permalink] [raw]
Subject: [PATCH 1/5] mountd: reject unknown client IP when !use_ipaddr.

From: NeilBrown <[email protected]>

When use_ipaddr is not in effect, an auth_unix_ip lookup request from
the kernel for an unknown client will be rejected.
When it IS in effect, these requests are always granted with the IP
address being mapped to a string form of the address, preceded by a '$'.

This is inconsistent behaviour and could present a small information
leak.
It means that, for example, a SETCLIENT NFSv4 request may or may not
succeed depending on an internal setting in rpc.mountd.

This is easily rectified by always checking if the client is known.

Signed-off-by: NeilBrown <[email protected]>
---
support/export/cache.c | 17 +++++++----------
1 file changed, 7 insertions(+), 10 deletions(-)

diff --git a/support/export/cache.c b/support/export/cache.c
index f1569afb558c..156ebfd4087c 100644
--- a/support/export/cache.c
+++ b/support/export/cache.c
@@ -114,6 +114,7 @@ static void auth_unix_ip(int f)
char class[20];
char ipaddr[INET6_ADDRSTRLEN + 1];
char *client = NULL;
+ struct addrinfo *ai = NULL;
struct addrinfo *tmp = NULL;
char buf[RPC_CHAN_BUF_SIZE], *bp;
int blen;
@@ -139,21 +140,17 @@ static void auth_unix_ip(int f)

auth_reload();

- /* addr is a valid, interesting address, find the domain name... */
- if (!use_ipaddr) {
- struct addrinfo *ai = NULL;
-
- ai = client_resolve(tmp->ai_addr);
- if (ai) {
- client = client_compose(ai);
- nfs_freeaddrinfo(ai);
- }
+ /* addr is a valid address, find the domain name... */
+ ai = client_resolve(tmp->ai_addr);
+ if (ai) {
+ client = client_compose(ai);
+ nfs_freeaddrinfo(ai);
}
bp = buf; blen = sizeof(buf);
qword_add(&bp, &blen, "nfsd");
qword_add(&bp, &blen, ipaddr);
qword_adduint(&bp, &blen, time(0) + DEFAULT_TTL);
- if (use_ipaddr) {
+ if (use_ipaddr && client) {
memmove(ipaddr + 1, ipaddr, strlen(ipaddr) + 1);
ipaddr[0] = '$';
qword_add(&bp, &blen, ipaddr);