The 'Security Digest' Archives (TM)

Archive: About | Browse | Search | Contributions | Feedback
Site: Help | Index | Search | Contact | Notices | Changes

ARCHIVE: Core 'Security Digest' - Archives (1990 - 1991)
DOCUMENT: Core 'Security Digest' V1 #4 1990-07-17 (1 file, 1918 bytes)
SOURCE: http://securitydigest.org/exec/display?f=core/archive/104.txt&t=text/plain
NOTICE: securitydigest.org recognises the rights of all third-party works.

START OF DOCUMENT


Date: Tue Jul 17 15:08:42 PDT 1990
Subject: Core Security Digest V1 #4

Core Security Digest Volume 1 Issue 4

subject(s):

            More recent patch to ypserv

The unix core security mailing list is by invitation only and contains
sensitive material which SHOULD NOT BE REVEALED to non-members.
DO NOT PUT ANY LIST CONTENTS IN LOCATIONS ACCESSABLE TO NON-MEMBERS.
If you must keep copies on-line, please encrypt them at the very least.

PLEASE POST TO:                              core@uninet.cpd.com
PLEASE SEND EMERGENCY ALERTS TO:   core-emergency@uninet.cpd.com
PLEASE SEND REQUESTS TO:             core-request@uninet.cpd.com


------------------------------------------------------------------------

Date: Wed, 11 Jul 90 23:42:25 EST
From: uunet!cs.purdue.edu!trinkle
Subject: More recent patch to ypserv

     Here is a more recent patch for ypserv that fixes a problem with
using a netmask of 255.255.255.255.  Unfortunately inet_addr() returns
a -1 to indicate an error AND a -1 for a legitimate value of all 1's.

====================== ypserv securenets patch ======================
RCS file: RCS/ypserv.c,v
retrieving revision 1.1
diff -c -r1.1 ypserv.c
*** /tmp/,RCSt1017343	Wed Apr  4 09:03:54 1990
--- ypserv.c	Tue Apr  3 13:46:50 1990
***************
*** 121,127
  	pmap_unset(YPPROG, YPVERS);
  	pmap_unset(YPPROG, YPOLDVERS);
  	ypget_command_line_args(argc, argv);
!
  	if (silent) {

  		pid = fork();

--- 121,127 -----
  	pmap_unset(YPPROG, YPVERS);
  	pmap_unset(YPPROG, YPOLDVERS);
  	ypget_command_line_args(argc, argv);
! 	get_secure_nets();
  	if (silent) {

  		pid = fork();
RCS file: RCS/ypserv_map.c,v
retrieving revision 1.1
diff -c -r1.1 ypserv_map.c
*** /tmp/,RCSt1017368	Wed Apr  4 09:03:59 1990
--- ypserv_map.c	Tue Apr  3 14:51:31 1990
***************
*** 232,237
  		return (TRUE);
  	}
  	caller = svc_getcaller(transp);
  	if ((caller->sin_family == AF_INET) &&
  	    (ntohs(caller->sin_port)) < IPPORT_RESERVED) {
  		return (TRUE);

--- 232,239 -----
  		return (TRUE);
  	}
  	caller = svc_getcaller(transp);
+ 	if (!(check_secure_net(caller)))
+ 	    return(FALSE);
  	if ((caller->sin_family == AF_INET) &&
  	    (ntohs(caller->sin_port)) < IPPORT_RESERVED) {
  		return (TRUE);
*** /tmp/,RCSt1017375	Thu Apr 12 10:10:04 1990
--- ypserv_net_secure.c	Thu Apr  5 16:18:59 1990
***************
*** 0 ****
--- 1,99 ----
+ /*
+  * Author:
+  *	Richard Watterson
+  *	Purdue University
+  *	Department of Computer Sciences
+  *	April 3, 1990
+  */
+
+ #include <sys/types.h>
+ #include <sys/socket.h>
+ #include <netinet/in.h>
+ #include <arpa/inet.h>
+ #include <stdio.h>
+ #include <syslog.h>
+ #define ACCFILE "/var/yp/securenets"
+ #define MAXLINE 128
+ struct seclist {
+     u_long mask;
+     u_long net;
+     struct seclist *next;
+ };
+ static struct seclist *slist ;
+ static int nofile = 0;
+ get_secure_nets()
+ {
+     FILE *fp;
+     char strung[MAXLINE],nmask[MAXLINE],net[MAXLINE];
+     unsigned long maskin, netin;
+     struct seclist *tmp1,*tmp2;
+     int line = 0;
+     if (fp = fopen(ACCFILE,"r")) {
+ 	tmp1 = (struct seclist *) malloc(sizeof (struct seclist));
+ 	slist = tmp1;
+ 	while (fgets(strung,MAXLINE,fp)) {
+ 	    line++;
+ 	    if (strung[strlen(strung) - 1] != '\n'){
+ 		syslog(LOG_ERR|LOG_DAEMON,
+ 		       "ypserv: %s line %d: too long\n",ACCFILE,line);
+ 		exit(1);
+ 	    }
+ 	    if (strung[0] == '#')
+ 		continue;
+ 	    if (sscanf(strung,"%16s%16s",nmask,net) < 2) {
+ 		syslog(LOG_ERR|LOG_DAEMON,
+ 		       "ypserv: %s line %d: missing fields\n",ACCFILE,line);
+ 		exit(1);
+ 	    }
+ 	    maskin = inet_addr(nmask);
+ 	    if (maskin == -1 && strcmp(nmask, "255.255.255.255") != 0) {
+ 		syslog(LOG_ERR|LOG_DAEMON,
+ 		       "ypserv: %s line %d: error in netmask\n",ACCFILE,line);
+ 		exit(1);
+ 	    }
+ 	    netin = inet_addr(net);
+ 	    if (netin == -1 && strcmp(net, "255.255.255.255") != 0) {
+ 		syslog(LOG_ERR|LOG_DAEMON,
+ 		       "ypserv: %s line %d: error in address\n",ACCFILE,line);
+ 		exit(1);
+ 	    }
+
+ 	    if ((maskin & netin) != netin) {
+ 		syslog(LOG_ERR|LOG_DAEMON,
+ 		       "ypserv: %s line %d: netmask does not match network\n",
+ 		       ACCFILE,line);
+ 		exit(1);
+ 	    }
+ 	    tmp1->mask = maskin;
+ 	    tmp1->net = netin;
+ 	    tmp1->next = (struct seclist *) malloc(sizeof (struct seclist));
+ 	    tmp2 = tmp1;
+ 	    tmp1 = tmp1->next;
+ 	}
+ 	tmp2->next = NULL;
+
+     }
+     else {
+ 	syslog(LOG_INFO|LOG_DAEMON,"ypserv: no %s file\n",ACCFILE);
+ 	nofile = 1 ;
+     }
+ }
+
+ check_secure_net(caller)
+ struct sockaddr_in *caller;
+ {
+
+     struct seclist *tmp;
+     tmp = slist ;
+     if (nofile)
+ 	return(1);
+     while (tmp != NULL) {
+ 	if ((caller->sin_addr.s_addr & tmp->mask) == tmp->net){
+ 	    return(1);
+ 	}
+ 	tmp = tmp->next;
+     }
+     syslog(LOG_ERR|LOG_DAEMON,"ypserv: access denied for %s\n",
+ 	   inet_ntoa(caller->sin_addr));
+     return(0);
+ }
======================================================================

------------------------------------------------------------------------

        End of Core Security Digest Volume 1 Issue 4
        **********************

END OF DOCUMENT