summaryrefslogtreecommitdiff
path: root/usr.sbin
diff options
context:
space:
mode:
authorOtto Moerbeek <otto@cvs.openbsd.org>2007-01-02 20:12:02 +0000
committerOtto Moerbeek <otto@cvs.openbsd.org>2007-01-02 20:12:02 +0000
commit990d3e080aef453a40b55e0085cdf3f8806b3b08 (patch)
tree1b292fbaa4dcbbf7a9b5a9e71edee78242f058de /usr.sbin
parent5d8696e6abdf4d18437d4e1613983362f535cf45 (diff)
return proper server error on failed ypset. Inspired by freebsd; ok
deraadt@
Diffstat (limited to 'usr.sbin')
-rw-r--r--usr.sbin/ypbind/ypbind.c32
1 files changed, 19 insertions, 13 deletions
diff --git a/usr.sbin/ypbind/ypbind.c b/usr.sbin/ypbind/ypbind.c
index 07731ffbece..34784cf0481 100644
--- a/usr.sbin/ypbind/ypbind.c
+++ b/usr.sbin/ypbind/ypbind.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ypbind.c,v 1.54 2007/01/02 20:10:48 otto Exp $ */
+/* $OpenBSD: ypbind.c,v 1.55 2007/01/02 20:12:01 otto Exp $ */
/*
* Copyright (c) 1992, 1993, 1996, 1997, 1998 Theo de Raadt <deraadt@openbsd.org>
@@ -27,7 +27,7 @@
*/
#ifndef lint
-static char rcsid[] = "$OpenBSD: ypbind.c,v 1.54 2007/01/02 20:10:48 otto Exp $";
+static char rcsid[] = "$OpenBSD: ypbind.c,v 1.55 2007/01/02 20:12:01 otto Exp $";
#endif
#include <sys/param.h>
@@ -221,32 +221,39 @@ static bool_t *
ypbindproc_setdom_2x(SVCXPRT *transp, struct ypbind_setdom *argp, CLIENT *clnt)
{
struct sockaddr_in *fromsin, bindsin;
- static bool_t res;
+ static bool_t res = 1;
- memset(&res, 0, sizeof(res));
fromsin = svc_getcaller(transp);
switch (ypsetmode) {
case YPSET_LOCAL:
if (transp != ludptransp && transp != ltcptransp) {
syslog(LOG_WARNING, "attempted spoof of ypsetme");
- return (bool_t *)NULL;
+ svcerr_weakauth(transp);
+ return NULL;
+ }
+ if (fromsin->sin_addr.s_addr != htonl(INADDR_LOOPBACK)) {
+ svcerr_weakauth(transp);
+ return NULL;
}
- if (fromsin->sin_addr.s_addr != htonl(INADDR_LOOPBACK))
- return (bool_t *)NULL;
break;
case YPSET_ALL:
break;
case YPSET_NO:
default:
- return &res;
+ svcerr_weakauth(transp);
+ return NULL;
}
- if (ntohs(fromsin->sin_port) >= IPPORT_RESERVED)
- return &res;
+ if (ntohs(fromsin->sin_port) >= IPPORT_RESERVED) {
+ svcerr_weakauth(transp);
+ return NULL;
+ }
- if (argp->ypsetdom_vers != YPVERS)
- return &res;
+ if (argp->ypsetdom_vers != YPVERS) {
+ svcerr_noprog(transp);
+ return NULL;
+ }
memset(&bindsin, 0, sizeof bindsin);
bindsin.sin_family = AF_INET;
@@ -257,7 +264,6 @@ ypbindproc_setdom_2x(SVCXPRT *transp, struct ypbind_setdom *argp, CLIENT *clnt)
sizeof(argp->ypsetdom_binding.ypbind_binding_port));
rpc_received(argp->ypsetdom_domain, &bindsin, 1);
- res = 1;
return &res;
}