Re: rpcbind does not honor -h flag

From: Kurt Jaeger <lists_at_c0mplx.org>
Date: Sat, 1 Sep 2012 16:42:13 +0200
Hi!

> >>>>      Please file a PR against rc ASAP.

> >> http://www.freebsd.org/cgi/query-pr.cgi?pr=kern/117711

> Looks like Matteo Riondato had created a patch for the problem in 2008:
> 
> http://people.freebsd.org/~matteo/diff/117711rpcbind.diff
> 
> but he never received any feedback from Carlos Eduardo Monti to see if
> the patch fixed the problem.

> I don't know if the patch will apply to the current FreeBSD rpcbind
> code, give it a try and submit a follow up to the PR.

In the current form the patch fails in rpcbind.c on 9.1-RC1.

There are two problems with the current rpcbind.c.

1) It seems to be that even if some -h is given, the
rpcbind code uses some SUN-RPC trickery around the /etc/netconfig
file to open sockets for localhost in v4 and v6.

Is it required to bind to localhost according to the RPC spec ?

2) And it opens some dynamic ports for other uses -- anybody has an
idea why this is necessary ? Is there an requirement for this in the spec ?

Below is an example of both issues.

root     rpcbind    2134  4  udp6   *:*                   *:*
root     rpcbind    2134  5  stream /var/run/rpcbind.sock
root     rpcbind    2134  6  udp6   *:111                 *:*
root     rpcbind    2134  7  udp6   *:924                 *:*
root     rpcbind    2134  8  tcp6   *:111                 *:*
root     rpcbind    2134  9  udp4   *:111                 *:*
root     rpcbind    2134  10 udp4   *:645                 *:*
root     rpcbind    2134  11 tcp4   *:111                 *:*

Here's rpcbind started with -h <myip>:

root     rpcbind    2195  4  udp6   *:*                   *:*
root     rpcbind    2195  5  stream /var/run/rpcbind.sock
root     rpcbind    2195  6  udp6   ::1:111               *:*
root     rpcbind    2195  7  udp6   *:1013                *:*
root     rpcbind    2195  8  tcp6   ::1:111               *:*
root     rpcbind    2195  9  udp4   127.0.0.1:111         *:*
root     rpcbind    2195  10 udp4   <myip>:111            *:*
root     rpcbind    2195  11 udp4   *:634                 *:*
root     rpcbind    2195  12 tcp4   127.0.0.1:111         *:*
root     rpcbind    2195  13 tcp4   <myip>:111            *:*

One can see two dynamic udp ports opened (one v4, one v6).

I might be naive, but from what I understand, it should not open
that many sockets, but only like this:

root     rpcbind    2195  10 udp4   <myip>:111            *:*
root     rpcbind    2195  13 tcp4   <myip>:111            *:*

If this naive 'spec' is correct, would a patch to do just this and
nothing more be OK ?

-- 
pi_at_opsec.eu            +49 171 3101372                         8 years to go !
Received on Sat Sep 01 2012 - 12:42:16 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:30 UTC