1 diff --git a/.gitignore b/.gitignore
2 index 5a7546c..bee4bab 100644
10 @@ -13,18 +14,14 @@ depcomp
23 # file generated during compilation
30 # cscope database files
32 diff --git a/INSTALL b/INSTALL
33 index 98e5d87..7d1c323 100644
37 -Copyright 1994, 1995, 1996, 1999, 2000, 2001, 2002 Free Software
39 +Installation Instructions
40 +*************************
42 - This file is free documentation; the Free Software Foundation gives
43 -unlimited permission to copy, distribute and modify it.
46 -rpcbind Quick Installation
47 -==========================
53 - The install phase will install the rpcbind and rpcinfo commands
54 -under /usr/bin. If you wish they replace the basic portmap and
55 -rpcinfo commands, you can run:
57 -# mv /sbin/portmap /sbin/portmap.sav
58 -# ln -s /usr/bin/rpcbind /sbin/portmap
60 -# mv /usr/sbin/rpcinfo /usr/sbin/rpcinfo.sav
61 -# ln -s /usr/bin/rpcinfo /usr/sbin/rpcinfo
62 +Copyright (C) 1994, 1995, 1996, 1999, 2000, 2001, 2002, 2004, 2005,
63 +2006, 2007, 2008, 2009 Free Software Foundation, Inc.
65 + Copying and distribution of this file, with or without modification,
66 +are permitted in any medium without royalty provided the copyright
67 +notice and this notice are preserved. This file is offered as-is,
68 +without warranty of any kind.
73 - These are generic installation instructions.
74 + Briefly, the shell commands `./configure; make; make install' should
75 +configure, build, and install this package. The following
76 +more-detailed instructions are generic; see the `README' file for
77 +instructions specific to this package. Some packages provide this
78 +`INSTALL' file but do not implement all of the features documented
79 +below. The lack of an optional feature in a given package is not
80 +necessarily a bug. More recommendations for GNU packages can be found
81 +in *note Makefile Conventions: (standards)Makefile Conventions.
83 The `configure' shell script attempts to guess correct values for
84 various system-dependent variables used during compilation. It uses
85 @@ -39,9 +32,9 @@ debugging `configure').
87 It can also use an optional file (typically called `config.cache'
88 and enabled with `--cache-file=config.cache' or simply `-C') that saves
89 -the results of its tests to speed up reconfiguring. (Caching is
90 +the results of its tests to speed up reconfiguring. Caching is
91 disabled by default to prevent problems with accidental use of stale
95 If you need to do unusual things to compile the package, please try
96 to figure out how `configure' could check whether to do them, and mail
97 @@ -51,30 +44,37 @@ some point `config.cache' contains results you don't want to keep, you
98 may remove or edit it.
100 The file `configure.ac' (or `configure.in') is used to create
101 -`configure' by a program called `autoconf'. You only need
102 -`configure.ac' if you want to change it or regenerate `configure' using
103 -a newer version of `autoconf'.
104 +`configure' by a program called `autoconf'. You need `configure.ac' if
105 +you want to change it or regenerate `configure' using a newer version
108 -The simplest way to compile this package is:
109 + The simplest way to compile this package is:
111 1. `cd' to the directory containing the package's source code and type
112 - `./configure' to configure the package for your system. If you're
113 - using `csh' on an old version of System V, you might need to type
114 - `sh ./configure' instead to prevent `csh' from trying to execute
115 - `configure' itself.
116 + `./configure' to configure the package for your system.
118 - Running `configure' takes awhile. While running, it prints some
119 - messages telling which features it is checking for.
120 + Running `configure' might take a while. While running, it prints
121 + some messages telling which features it is checking for.
123 2. Type `make' to compile the package.
125 3. Optionally, type `make check' to run any self-tests that come with
127 + the package, generally using the just-built uninstalled binaries.
129 4. Type `make install' to install the programs and any data files and
132 - 5. You can remove the program binaries and object files from the
133 + documentation. When installing into a prefix owned by root, it is
134 + recommended that the package be configured and built as a regular
135 + user, and only the `make install' phase executed with root
138 + 5. Optionally, type `make installcheck' to repeat any self-tests, but
139 + this time using the binaries in their final installed location.
140 + This target does not install anything. Running this target as a
141 + regular user, particularly if the prior `make install' required
142 + root privileges, verifies that the installation completed
145 + 6. You can remove the program binaries and object files from the
146 source code directory by typing `make clean'. To also remove the
147 files that `configure' created (so you can compile the package for
148 a different kind of computer), type `make distclean'. There is
149 @@ -83,6 +83,16 @@ The simplest way to compile this package is:
150 all sorts of other programs in order to regenerate files that came
151 with the distribution.
153 + 7. Often, you can also type `make uninstall' to remove the installed
154 + files again. In practice, not all packages have tested that
155 + uninstallation works correctly, even though it is required by the
156 + GNU Coding Standards.
158 + 8. Some packages, particularly those that use Automake, provide `make
159 + distcheck', which can by used by developers to test that all other
160 + targets like `make install' and `make uninstall' work correctly.
161 + This target is generally not run by end users.
163 Compilers and Options
164 =====================
166 @@ -94,7 +104,7 @@ for details on some of the pertinent environment variables.
167 by setting variables in the command line or in the environment. Here
170 - ./configure CC=c89 CFLAGS=-O2 LIBS=-lposix
171 + ./configure CC=c99 CFLAGS=-g LIBS=-lposix
173 *Note Defining Variables::, for more details.
175 @@ -103,44 +113,89 @@ Compiling For Multiple Architectures
177 You can compile the package for more than one kind of computer at the
178 same time, by placing the object files for each architecture in their
179 -own directory. To do this, you must use a version of `make' that
180 -supports the `VPATH' variable, such as GNU `make'. `cd' to the
181 +own directory. To do this, you can use GNU `make'. `cd' to the
182 directory where you want the object files and executables to go and run
183 the `configure' script. `configure' automatically checks for the
184 -source code in the directory that `configure' is in and in `..'.
185 +source code in the directory that `configure' is in and in `..'. This
186 +is known as a "VPATH" build.
188 - If you have to use a `make' that does not support the `VPATH'
189 -variable, you have to compile the package for one architecture at a
190 -time in the source code directory. After you have installed the
191 -package for one architecture, use `make distclean' before reconfiguring
192 -for another architecture.
193 + With a non-GNU `make', it is safer to compile the package for one
194 +architecture at a time in the source code directory. After you have
195 +installed the package for one architecture, use `make distclean' before
196 +reconfiguring for another architecture.
198 + On MacOS X 10.5 and later systems, you can create libraries and
199 +executables that work on multiple system types--known as "fat" or
200 +"universal" binaries--by specifying multiple `-arch' options to the
201 +compiler but only a single `-arch' option to the preprocessor. Like
204 + ./configure CC="gcc -arch i386 -arch x86_64 -arch ppc -arch ppc64" \
205 + CXX="g++ -arch i386 -arch x86_64 -arch ppc -arch ppc64" \
206 + CPP="gcc -E" CXXCPP="g++ -E"
208 + This is not guaranteed to produce working output in all cases, you
209 +may have to build one architecture at a time and combine the results
210 +using the `lipo' tool if you have problems.
215 - By default, `make install' will install the package's files in
216 -`/usr/local/bin', `/usr/local/man', etc. You can specify an
217 -installation prefix other than `/usr/local' by giving `configure' the
218 -option `--prefix=PATH'.
219 + By default, `make install' installs the package's commands under
220 +`/usr/local/bin', include files under `/usr/local/include', etc. You
221 +can specify an installation prefix other than `/usr/local' by giving
222 +`configure' the option `--prefix=PREFIX', where PREFIX must be an
225 You can specify separate installation prefixes for
226 architecture-specific files and architecture-independent files. If you
227 -give `configure' the option `--exec-prefix=PATH', the package will use
228 -PATH as the prefix for installing programs and libraries.
229 -Documentation and other data files will still use the regular prefix.
230 +pass the option `--exec-prefix=PREFIX' to `configure', the package uses
231 +PREFIX as the prefix for installing programs and libraries.
232 +Documentation and other data files still use the regular prefix.
234 In addition, if you use an unusual directory layout you can give
235 -options like `--bindir=PATH' to specify different values for particular
236 +options like `--bindir=DIR' to specify different values for particular
237 kinds of files. Run `configure --help' for a list of the directories
238 -you can set and what kinds of files go in them.
239 +you can set and what kinds of files go in them. In general, the
240 +default for these options is expressed in terms of `${prefix}', so that
241 +specifying just `--prefix' will affect all of the other directory
242 +specifications that were not explicitly provided.
244 + The most portable way to affect installation locations is to pass the
245 +correct locations to `configure'; however, many packages provide one or
246 +both of the following shortcuts of passing variable assignments to the
247 +`make install' command line to change installation locations without
248 +having to reconfigure or recompile.
250 + The first method involves providing an override variable for each
251 +affected directory. For example, `make install
252 +prefix=/alternate/directory' will choose an alternate location for all
253 +directory configuration variables that were expressed in terms of
254 +`${prefix}'. Any directories that were specified during `configure',
255 +but not in terms of `${prefix}', must each be overridden at install
256 +time for the entire installation to be relocated. The approach of
257 +makefile variable overrides for each directory variable is required by
258 +the GNU Coding Standards, and ideally causes no recompilation.
259 +However, some platforms have known limitations with the semantics of
260 +shared libraries that end up requiring recompilation when using this
261 +method, particularly noticeable in packages that use GNU Libtool.
263 + The second method involves providing the `DESTDIR' variable. For
264 +example, `make install DESTDIR=/alternate/directory' will prepend
265 +`/alternate/directory' before all installation names. The approach of
266 +`DESTDIR' overrides is not required by the GNU Coding Standards, and
267 +does not work on platforms that have drive letters. On the other hand,
268 +it does better at avoiding recompilation issues, and works well even
269 +when some directory options were not specified in terms of `${prefix}'
270 +at `configure' time.
275 If the package supports it, you can cause programs to be installed
276 with an extra prefix or suffix on their names by giving `configure' the
277 option `--program-prefix=PREFIX' or `--program-suffix=SUFFIX'.
282 Some packages pay attention to `--enable-FEATURE' options to
283 `configure', where FEATURE indicates an optional part of the package.
284 They may also pay attention to `--with-PACKAGE' options, where PACKAGE
285 @@ -153,6 +208,45 @@ find the X include and library files automatically, but if it doesn't,
286 you can use the `configure' options `--x-includes=DIR' and
287 `--x-libraries=DIR' to specify their locations.
289 + Some packages offer the ability to configure how verbose the
290 +execution of `make' will be. For these packages, running `./configure
291 +--enable-silent-rules' sets the default to minimal output, which can be
292 +overridden with `make V=1'; while running `./configure
293 +--disable-silent-rules' sets the default to verbose, which can be
294 +overridden with `make V=0'.
299 + On HP-UX, the default C compiler is not ANSI C compatible. If GNU
300 +CC is not installed, it is recommended to use the following options in
301 +order to use an ANSI C compiler:
303 + ./configure CC="cc -Ae -D_XOPEN_SOURCE=500"
305 +and if that doesn't work, install pre-built binaries of GCC for HP-UX.
307 + On OSF/1 a.k.a. Tru64, some versions of the default C compiler cannot
308 +parse its `<wchar.h>' header file. The option `-nodtk' can be used as
309 +a workaround. If GNU CC is not installed, it is therefore recommended
312 + ./configure CC="cc"
314 +and if that doesn't work, try
316 + ./configure CC="cc -nodtk"
318 + On Solaris, don't put `/usr/ucb' early in your `PATH'. This
319 +directory contains several dysfunctional programs; working variants of
320 +these programs are available in `/usr/bin'. So, if you need `/usr/ucb'
321 +in your `PATH', put it _after_ `/usr/bin'.
323 + On Haiku, software installed for all users goes in `/boot/common',
324 +not `/usr/local'. It is recommended to use the following options:
326 + ./configure --prefix=/boot/common
328 Specifying the System Type
329 ==========================
331 @@ -168,14 +262,15 @@ type, such as `sun4', or a canonical name which has the form:
333 where SYSTEM can have one of these forms:
339 See the file `config.sub' for the possible values of each field. If
340 `config.sub' isn't included in this package, then this package doesn't
341 need to know the machine type.
343 If you are _building_ compiler tools for cross-compiling, you should
344 -use the `--target=TYPE' option to select the type of system they will
345 +use the option `--target=TYPE' to select the type of system they will
348 If you want to _use_ a cross compiler, that generates code for a
349 @@ -205,9 +300,14 @@ them in the `configure' command line, using `VAR=value'. For example:
351 ./configure CC=/usr/local2/bin/gcc
353 -will cause the specified gcc to be used as the C compiler (unless it is
354 +causes the specified `gcc' to be used as the C compiler (unless it is
355 overridden in the site shell script).
357 +Unfortunately, this technique does not work for `CONFIG_SHELL' due to
358 +an Autoconf bug. Until the bug is fixed you can use this workaround:
360 + CONFIG_SHELL=/bin/bash /bin/bash ./configure CONFIG_SHELL=/bin/bash
362 `configure' Invocation
363 ======================
365 @@ -216,7 +316,14 @@ operates.
369 - Print a summary of the options to `configure', and exit.
370 + Print a summary of all of the options to `configure', and exit.
374 + Print a summary of the options unique to this package's
375 + `configure', and exit. The `short' variant lists options used
376 + only in the top level, while the `recursive' variant lists options
377 + also present in any nested packages.
381 @@ -243,6 +350,16 @@ operates.
382 Look for the package's source code in directory DIR. Usually
383 `configure' can determine that directory automatically.
386 + Use DIR as the installation prefix. *note Installation Names::
387 + for more details, including other options available for fine-tuning
388 + the installation locations.
392 + Run the configure checks, but stop before creating any output
395 `configure' also accepts some other, not widely useful, options. Run
396 `configure --help' for more details.
398 diff --git a/Makefile.am b/Makefile.am
399 index cd56148..d10c906 100644
407 + -DFACILITY=LOG_MAIL \
408 + -DSEVERITY=LOG_INFO \
410 + -DRPCBIND_STATEDIR="\"$(statedir)\"" \
411 + -DRPCBIND_USER="\"$(rpcuser)\"" \
416 +AM_CPPFLAGS += -DRPCBIND_DEBUG -DSVC_RUN_DEBUG -DDEBUG_RMTCALL
417 +AM_CPPFLAGS += -DND_DEBUG -DBIND_DEBUG
421 +AM_CPPFLAGS += -DWARMSTART
425 +AM_CPPFLAGS += -DLIBWRAP
428 +bin_PROGRAMS = rpcbind rpcinfo
431 + src/check_bound.c \
436 + src/rpcb_svc_com.c \
442 +rpcbind_LDADD = $(TIRPC_LIBS)
444 +rpcinfo_SOURCES = src/rpcinfo.c
445 +rpcinfo_LDADD = $(TIRPC_LIBS)
447 +dist_man8_MANS = man/rpcbind.8 man/rpcinfo.8
448 diff --git a/autogen.sh b/autogen.sh
449 index 1613b6d..761db90 100755
452 @@ -36,7 +36,7 @@ if test x"${1}" = x"clean"; then
456 -libtoolize --force --copy
458 +#libtoolize --force --copy
460 automake --add-missing --copy --gnu # -Wall
462 diff --git a/configure.in b/configure.in
463 index de1c730..2b67720 100644
467 - AC_INIT(rpcbind, 0.2.0)
468 +AC_INIT(rpcbind, 0.2.0)
471 -# AM_MAINTAINER_MODE
473 AC_CONFIG_SRCDIR([src/rpcbind.c])
475 - AM_CONFIG_HEADER(config.h)
477 - AC_PREFIX_DEFAULT(/usr)
479 -AC_CONFIG_SRCDIR([src/config.h.in])
480 -AC_CONFIG_HEADERS([src/config.h])
484 -AC_ARG_ENABLE(debug,[ --enable-debug Turns on rpcbind debugging],
485 - [case "${enableval}" in
488 - *) AC_MSG_ERROR(bad value ${enableval} for --enable-debug) ;;
489 - esac],[debug=false])
490 -AM_CONDITIONAL(DEBUG, test x$debug = xtrue)
492 -AC_ARG_ENABLE(warmstarts,[ --enable-warmstarts Enables Warm Starts],
493 - [case "${enableval}" in
494 - yes) warmstarts=true ;;
495 - no) warmstarts=no ;;
496 - *) AC_MSG_ERROR(bad value ${enableval} for --enable-warmstarts) ;;
497 - esac],[warmstarts=false])
498 -AM_CONDITIONAL(WARMSTART, test x$warmstarts = xtrue)
500 -if test "$warmstarts" = "true" ; then
501 - AC_ARG_WITH(statedir,
502 - [ --with-statedir=/foo use state dir /foo [/tmp]],
506 - AC_DEFINE_UNQUOTED(RPCBIND_STATEDIR, "$statedir", [This defines the location where the state files will be kept for warm starts])
508 -AC_ARG_WITH(rpcuser,
509 - [ --with-rpcuser=user uid to use [root]],
513 -AC_DEFINE_UNQUOTED(RPCBIND_USER, "$rpcuser", [This defines the uid to run as])
514 +AC_PREFIX_DEFAULT(/usr)
517 +AC_ARG_ENABLE([libwrap],
518 + AS_HELP_STRING([--enable-libwrap], [Enables host name checking through tcpd @<:@default=no@:>@]))
519 +AM_CONDITIONAL(LIBWRAP, test x$enable_libwrap = xyes)
521 +AC_ARG_ENABLE([debug],
522 + AS_HELP_STRING([--enable-debug], [Turns on rpcbind debugging @<:@default=no@:>@]))
523 +AM_CONDITIONAL(DEBUG, test x$enable_debug = xyes)
525 +AC_ARG_ENABLE([warmstarts],
526 + AS_HELP_STRING([--enable-warmstarts], [Enables Warm Starts @<:@default=no@:>@]))
527 +AM_CONDITIONAL(WARMSTART, test x$enable_warmstarts = xyes)
529 +AC_ARG_WITH([statedir],
530 + AS_HELP_STRING([--with-statedir=ARG], [use ARG as state dir @<:@default=/tmp@:>@])
531 + ,, [with_statedir=/tmp])
532 +AC_SUBST([statedir], [$with_statedir])
534 +AC_ARG_WITH([rpcuser],
535 + AS_HELP_STRING([--with-rpcuser=ARG], [use ARG for RPC @<:@default=root@:>@]),
536 + ,, [with_rpcuser=root])
537 +AC_SUBST([rpcuser], [$with_rpcuser])
539 +PKG_CHECK_MODULES([TIRPC], [libtirpc])
541 -AC_CHECK_HEADERS([arpa/inet.h fcntl.h netdb.h \
542 - netinet/in.h stdlib.h string.h \
543 - sys/param.h sys/socket.h \
544 - sys/time.h syslog.h \
546 +AS_IF([test x$enable_libwrap = xyes], [
547 + AC_CHECK_LIB([wrap], [hosts_access], ,
548 + AC_MSG_ERROR([libwrap support requested but unable to find libwrap]))
551 -AC_CHECK_LIB([pthread], [pthread_create])
552 -AC_CHECK_LIB([tirpc], [clnt_create])
553 -AC_ARG_ENABLE(libwrap,[ --enable-libwrap Enables host name checking],
554 - [case "${enableval}" in
556 - AC_CHECK_LIB([wrap], [hosts_access]) ;;
558 - *) AC_MSG_ERROR(bad value ${enableval} for --enable-libwrap) ;;
559 - esac],[libwarp=false])
560 -AM_CONDITIONAL(LIBWRAP, test x$libwarp = xtrue)
561 +AC_SEARCH_LIBS([pthread_create], [pthread])
563 -AC_CONFIG_FILES([Makefile src/Makefile man/Makefile])
566 +AC_OUTPUT([Makefile])
567 diff --git a/man/Makefile.am b/man/Makefile.am
568 deleted file mode 100644
569 index 84818e9..0000000
570 --- a/man/Makefile.am
573 -man8_MANS = rpcbind.8
574 -EXTRA_DIST = $(man8_MANS)
575 diff --git a/man/rpcbind.8 b/man/rpcbind.8
576 index 32806d4..da32701 100644
579 @@ -82,6 +82,8 @@ during operation, and will abort on certain errors if
581 With this option, the name-to-address translation consistency
582 checks are shown in detail.
584 +Do not fork and become a background process.
586 Specify specific IP addresses to bind to for UDP requests.
588 @@ -141,7 +143,6 @@ All RPC servers must be restarted if
595 .Bl Aurelien Charbon <aurelien.charbon@bull.net>
596 diff --git a/src/Makefile.am b/src/Makefile.am
597 deleted file mode 100644
598 index cc0a85b..0000000
599 --- a/src/Makefile.am
602 -INCLUDES = -I$(srcdir)/tirpc -DPORTMAP -DINET6 -DVERSION="\"$(VERSION)\"" \
603 - -D_GNU_SOURCE -Wall -pipe
605 -INCLUDES += -DRPCBIND_DEBUG -DSVC_RUN_DEBUG -DDEBUG_RMTCALL
606 -INCLUDES += -DND_DEBUG -DBIND_DEBUG
610 -INCLUDES += -DWARMSTART
614 -INCLUDES += -DLIBWRAP
618 -bin_PROGRAMS = rpcbind rpcinfo
620 -rpcbind_SOURCES = check_bound.c rpcbind.c \
621 - rpcb_svc_4.c rpcb_svc_com.c \
622 - util.c pmap_svc.c rpcb_stat.c \
623 - rpcb_svc.c security.c warmstart.c \
626 -rpcinfo_SOURCES = rpcinfo.c
627 -rpcinfo_LDFLAGS = -lpthread -ltirpc
628 -rpcinfo_LDADD = $(LIB_TIRPC)
631 -rpcbind_LDFLAGS = -lpthread -ltirpc
632 -rpcbind_LDADD = $(LIB_TIRPC)
633 -AM_CPPFLAGS = -I/usr/include/tirpc -DCHECK_LOCAL -DPORTMAP \
634 - -DFACILITY=LOG_MAIL -DSEVERITY=LOG_INFO
636 diff --git a/src/config.h.in b/src/config.h.in
637 deleted file mode 100644
638 index 67a0e39..0000000
639 --- a/src/config.h.in
642 -/* config.h.in. Generated from configure.in by autoheader. */
644 -/* Define to 1 if you have the <arpa/inet.h> header file. */
645 -#undef HAVE_ARPA_INET_H
647 -/* Define to 1 if you have the <dirent.h> header file, and it defines `DIR'.
649 -#undef HAVE_DIRENT_H
651 -/* Define to 1 if you have the <fcntl.h> header file. */
654 -/* Define to 1 if you have the <inttypes.h> header file. */
655 -#undef HAVE_INTTYPES_H
657 -/* Define to 1 if you have the `pthread' library (-lpthread). */
658 -#undef HAVE_LIBPTHREAD
660 -/* Define to 1 if you have the `tirpc' library (-ltirpc). */
661 -#undef HAVE_LIBTIRPC
663 -/* Define to 1 if you have the <memory.h> header file. */
664 -#undef HAVE_MEMORY_H
666 -/* Define to 1 if you have the <ndir.h> header file, and it defines `DIR'. */
669 -/* Define to 1 if you have the <netdb.h> header file. */
672 -/* Define to 1 if you have the <netinet/in.h> header file. */
673 -#undef HAVE_NETINET_IN_H
675 -/* Define to 1 if you have the <stdint.h> header file. */
676 -#undef HAVE_STDINT_H
678 -/* Define to 1 if you have the <stdlib.h> header file. */
679 -#undef HAVE_STDLIB_H
681 -/* Define to 1 if you have the <strings.h> header file. */
682 -#undef HAVE_STRINGS_H
684 -/* Define to 1 if you have the <string.h> header file. */
685 -#undef HAVE_STRING_H
687 -/* Define to 1 if you have the <syslog.h> header file. */
688 -#undef HAVE_SYSLOG_H
690 -/* Define to 1 if you have the <sys/dir.h> header file, and it defines `DIR'.
692 -#undef HAVE_SYS_DIR_H
694 -/* Define to 1 if you have the <sys/ndir.h> header file, and it defines `DIR'.
696 -#undef HAVE_SYS_NDIR_H
698 -/* Define to 1 if you have the <sys/param.h> header file. */
699 -#undef HAVE_SYS_PARAM_H
701 -/* Define to 1 if you have the <sys/socket.h> header file. */
702 -#undef HAVE_SYS_SOCKET_H
704 -/* Define to 1 if you have the <sys/stat.h> header file. */
705 -#undef HAVE_SYS_STAT_H
707 -/* Define to 1 if you have the <sys/time.h> header file. */
708 -#undef HAVE_SYS_TIME_H
710 -/* Define to 1 if you have the <sys/types.h> header file. */
711 -#undef HAVE_SYS_TYPES_H
713 -/* Define to 1 if you have the <unistd.h> header file. */
714 -#undef HAVE_UNISTD_H
716 -/* Name of package */
719 -/* Define to the address where bug reports for this package should be sent. */
720 -#undef PACKAGE_BUGREPORT
722 -/* Define to the full name of this package. */
725 -/* Define to the full name and version of this package. */
726 -#undef PACKAGE_STRING
728 -/* Define to the one symbol short name of this package. */
729 -#undef PACKAGE_TARNAME
731 -/* Define to the version of this package. */
732 -#undef PACKAGE_VERSION
734 -/* Define to 1 if you have the ANSI C header files. */
737 -/* Version number of package */
740 -/* This defines the location where the state files will be kept for warm
742 -#undef RPCBIND_STATEDIR
744 -/* This defines the uid to run as */
747 diff --git a/src/pmap_svc.c b/src/pmap_svc.c
748 index 4736700..337e64d 100644
751 @@ -80,7 +80,7 @@ pmap_service(struct svc_req *rqstp, SVCXPRT *xprt)
753 fprintf(stderr, "PMAPPROC_NULL\n");
755 - check_access(xprt, rqstp->rq_proc, NULL, PMAPVERS);
756 + check_access(xprt, rqstp->rq_proc, 0, PMAPVERS);
757 if ((!svc_sendreply(xprt, (xdrproc_t) xdr_void, NULL)) &&
760 @@ -201,11 +201,11 @@ pmapproc_change(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt, unsigned long
761 reg.pm_prog, reg.pm_vers);
764 - if (!check_access(xprt, op, ®, PMAPVERS)) {
765 + if (!check_access(xprt, op, reg.pm_prog, PMAPVERS)) {
766 svcerr_weakauth(xprt);
771 rpcbreg.r_prog = reg.pm_prog;
772 rpcbreg.r_vers = reg.pm_vers;
774 @@ -276,7 +276,7 @@ pmapproc_getport(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt)
778 - if (!check_access(xprt, PMAPPROC_GETPORT, ®, PMAPVERS)) {
779 + if (!check_access(xprt, PMAPPROC_GETPORT, reg.pm_prog, PMAPVERS)) {
780 svcerr_weakauth(xprt);
783 @@ -340,7 +340,7 @@ pmapproc_dump(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt)
787 - if (!check_access(xprt, PMAPPROC_DUMP, NULL, PMAPVERS)) {
788 + if (!check_access(xprt, PMAPPROC_DUMP, 0, PMAPVERS)) {
789 svcerr_weakauth(xprt);
792 diff --git a/src/rpcb_svc.c b/src/rpcb_svc.c
793 index 0514ba5..e350f85 100644
796 @@ -75,6 +75,7 @@ rpcb_service_3(struct svc_req *rqstp, SVCXPRT *transp)
798 xdrproc_t xdr_argument, xdr_result;
799 void *(*local) __P((void *, struct svc_req *, SVCXPRT *, rpcvers_t));
800 + rpcprog_t setprog = 0;
802 rpcbs_procinfo(RPCBVERS_3_STAT, rqstp->rq_proc);
804 @@ -88,7 +89,7 @@ rpcb_service_3(struct svc_req *rqstp, SVCXPRT *transp)
805 fprintf(stderr, "RPCBPROC_NULL\n");
807 /* This call just logs, no actual checks */
808 - check_access(transp, rqstp->rq_proc, NULL, RPCBVERS);
809 + check_access(transp, rqstp->rq_proc, 0, RPCBVERS);
810 (void) svc_sendreply(transp, (xdrproc_t)xdr_void, (char *)NULL);
813 @@ -166,7 +167,13 @@ rpcb_service_3(struct svc_req *rqstp, SVCXPRT *transp)
814 (void) fprintf(stderr, "rpcbind: could not decode\n");
817 - if (!check_access(transp, rqstp->rq_proc, &argument, RPCBVERS)) {
819 + if (rqstp->rq_proc == RPCBPROC_SET
820 + || rqstp->rq_proc == RPCBPROC_UNSET
821 + || rqstp->rq_proc == RPCBPROC_GETADDR)
822 + setprog = argument.rpcbproc_set_3_arg.r_prog;
824 + if (!check_access(transp, rqstp->rq_proc, setprog, RPCBVERS)) {
825 svcerr_weakauth(transp);
828 diff --git a/src/rpcb_svc_4.c b/src/rpcb_svc_4.c
829 index 9fd5bef..313e6d1 100644
830 --- a/src/rpcb_svc_4.c
831 +++ b/src/rpcb_svc_4.c
832 @@ -78,6 +78,7 @@ rpcb_service_4(struct svc_req *rqstp, SVCXPRT *transp)
834 xdrproc_t xdr_argument, xdr_result;
835 void *(*local) __P((void *, struct svc_req *, SVCXPRT *, rpcvers_t));
836 + rpcprog_t setprog = 0;
838 rpcbs_procinfo(RPCBVERS_4_STAT, rqstp->rq_proc);
840 @@ -90,7 +91,7 @@ rpcb_service_4(struct svc_req *rqstp, SVCXPRT *transp)
842 fprintf(stderr, "RPCBPROC_NULL\n");
844 - check_access(transp, rqstp->rq_proc, NULL, RPCBVERS4);
845 + check_access(transp, rqstp->rq_proc, 0, RPCBVERS4);
846 (void) svc_sendreply(transp, (xdrproc_t) xdr_void,
849 @@ -220,7 +221,13 @@ rpcb_service_4(struct svc_req *rqstp, SVCXPRT *transp)
850 (void) fprintf(stderr, "rpcbind: could not decode\n");
853 - if (!check_access(transp, rqstp->rq_proc, &argument, RPCBVERS4)) {
855 + if (rqstp->rq_proc == RPCBPROC_SET
856 + || rqstp->rq_proc == RPCBPROC_UNSET
857 + || rqstp->rq_proc == RPCBPROC_GETADDR)
858 + setprog = argument.rpcbproc_set_4_arg.r_prog;
860 + if (!check_access(transp, rqstp->rq_proc, setprog, RPCBVERS4)) {
861 svcerr_weakauth(transp);
864 diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c
865 index 291421f..f6bd6bd 100644
866 --- a/src/rpcb_svc_com.c
867 +++ b/src/rpcb_svc_com.c
868 @@ -1227,6 +1227,8 @@ send_svcsyserr(SVCXPRT *xprt, struct finfo *fi)
872 +extern SVCAUTH svc_auth_none;
875 handle_reply(int fd, SVCXPRT *xprt)
877 @@ -1293,7 +1295,10 @@ handle_reply(int fd, SVCXPRT *xprt)
878 a.rmt_localvers = fi->versnum;
880 xprt_set_caller(xprt, fi);
881 + xprt->xp_auth = &svc_auth_none;
882 svc_sendreply(xprt, (xdrproc_t) xdr_rmtcall_result, (char *) &a);
883 + SVCAUTH_DESTROY(xprt->xp_auth);
884 + xprt->xp_auth = NULL;
888 @@ -1372,10 +1377,13 @@ static char *
889 getowner(SVCXPRT *transp, char *owner, size_t ownersize)
893 - if (__rpc_get_local_uid(transp, &uid) < 0)
894 - snprintf(owner, ownersize, "unknown");
897 + if (__rpc_get_local_uid(transp, &uid) < 0) {
898 + if (is_localroot(svc_getrpccaller(transp)))
899 + snprintf(owner, ownersize, "superuser");
901 + snprintf(owner, ownersize, "unknown");
902 + } else if (uid == 0)
903 snprintf(owner, ownersize, "superuser");
905 snprintf(owner, ownersize, "%d", uid);
906 diff --git a/src/rpcbind.c b/src/rpcbind.c
907 index 525ffba..9a0504d 100644
917 /*#define RPCBIND_DEBUG*/
920 int debugging = 0; /* Tell me what's going on */
921 int doabort = 0; /* When debugging, do an abort on errors */
922 +int dofork = 1; /* fork? */
924 rpcblist_ptr list_rbl; /* A list of version 3/4 rpcbind services */
926 @@ -213,8 +213,8 @@ main(int argc, char *argv[])
932 + } else if (dofork) {
934 err(1, "fork failed");
937 @@ -236,6 +236,10 @@ main(int argc, char *argv[])
938 syslog(LOG_ERR, "setgid to '%s' (%d) failed: %m", id, p->pw_gid);
941 + if (setgroups(0, NULL) == -1) {
942 + syslog(LOG_ERR, "dropping supplemental groups failed: %m");
945 if (setuid(p->pw_uid) == -1) {
946 syslog(LOG_ERR, "setuid to '%s' (%d) failed: %m", id, p->pw_uid);
948 @@ -276,6 +280,7 @@ init_transport(struct netconfig *nconf)
953 struct sockaddr *sa = NULL;
954 u_int32_t host_addr[4]; /* IPv4 or IPv6 */
955 struct sockaddr_un sun;
956 @@ -493,6 +498,14 @@ init_transport(struct netconfig *nconf)
958 oldmask = umask(S_IXUSR|S_IXGRP|S_IXOTH);
959 __rpc_fd2sockinfo(fd, &si);
960 + if (setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, &on,
961 + sizeof(on)) != 0) {
962 + syslog(LOG_ERR, "cannot set SO_REUSEADDR on %s",
968 if (bind(fd, sa, addrlen) < 0) {
969 syslog(LOG_ERR, "cannot bind %s: %m", nconf->nc_netid);
971 @@ -731,7 +744,7 @@ parseargs(int argc, char *argv[])
975 - while ((c = getopt(argc, argv, "dwah:ils")) != -1) {
976 + while ((c = getopt(argc, argv, "adh:ilswf")) != -1) {
979 doabort = 1; /* when debugging, do an abort on */
980 @@ -758,13 +771,16 @@ parseargs(int argc, char *argv[])
993 - fprintf(stderr, "usage: rpcbind [-Idwils]\n");
994 + fprintf(stderr, "usage: rpcbind [-adhilswf]\n");
998 diff --git a/src/rpcbind.h b/src/rpcbind.h
999 index c800577..74f9591 100644
1002 @@ -119,7 +119,7 @@ void rpcbind_abort(void);
1004 void toggle_verboselog(int);
1006 -int check_access(SVCXPRT *, rpcproc_t, void *, unsigned int);
1007 +int check_access(SVCXPRT *, rpcproc_t, rpcprog_t, unsigned int);
1008 int check_callit(SVCXPRT *, struct r_rmtcall_args *, int);
1009 void logit(int, struct sockaddr *, rpcproc_t, rpcprog_t, const char *);
1010 int is_loopback(struct netbuf *);
1011 diff --git a/src/security.c b/src/security.c
1012 index 0edeac6..d272f74 100644
1013 --- a/src/security.c
1014 +++ b/src/security.c
1015 @@ -62,34 +62,21 @@ int log_severity = PORTMAP_LOG_FACILITY|PORTMAP_LOG_SEVERITY;
1016 extern int verboselog;
1019 -check_access(SVCXPRT *xprt, rpcproc_t proc, void *args, unsigned int rpcbvers)
1020 +check_access(SVCXPRT *xprt, rpcproc_t proc, rpcprog_t prog, unsigned int rpcbvers)
1022 struct netbuf *caller = svc_getrpccaller(xprt);
1023 struct sockaddr *addr = (struct sockaddr *)caller->buf;
1025 struct request_info req;
1027 - rpcprog_t prog = 0;
1029 - struct pmap *pmap;
1032 * The older PMAP_* equivalents have the same numbers, so
1033 * they are accounted for here as well.
1036 - case RPCBPROC_GETADDR:
1038 case RPCBPROC_UNSET:
1039 - if (rpcbvers > PMAPVERS) {
1040 - rpcbp = (rpcb *)args;
1041 - prog = rpcbp->r_prog;
1043 - pmap = (struct pmap *)args;
1044 - prog = pmap->pm_prog;
1046 - if (proc == RPCBPROC_GETADDR)
1048 if (!insecure && !is_loopback(caller)) {
1049 #ifdef RPCBIND_DEBUG
1051 @@ -101,6 +88,7 @@ check_access(SVCXPRT *xprt, rpcproc_t proc, void *args, unsigned int rpcbvers)
1055 + case RPCBPROC_GETADDR:
1056 case RPCBPROC_CALLIT:
1057 case RPCBPROC_INDIRECT:
1059 @@ -150,8 +138,7 @@ is_loopback(struct netbuf *nbuf)
1060 "Checking caller's adress (port = %d)\n",
1061 ntohs(sin->sin_port));
1063 - return ((sin->sin_addr.s_addr == htonl(INADDR_LOOPBACK)) &&
1064 - (ntohs(sin->sin_port) < IPPORT_RESERVED));
1065 + return (sin->sin_addr.s_addr == htonl(INADDR_LOOPBACK));
1068 if (!oldstyle_local)
1069 @@ -163,10 +150,9 @@ is_loopback(struct netbuf *nbuf)
1070 "Checking caller's adress (port = %d)\n",
1071 ntohs(sin6->sin6_port));
1073 - return ((IN6_IS_ADDR_LOOPBACK(&sin6->sin6_addr) ||
1074 + return (IN6_IS_ADDR_LOOPBACK(&sin6->sin6_addr) ||
1075 (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr) &&
1076 - sin6->sin6_addr.s6_addr32[3] == htonl(INADDR_LOOPBACK))) &&
1077 - (ntohs(sin6->sin6_port) < IPV6PORT_RESERVED));
1078 + sin6->sin6_addr.s6_addr32[3] == htonl(INADDR_LOOPBACK)));
1082 diff --git a/src/warmstart.c b/src/warmstart.c
1083 index 25e5d89..d1bb971 100644
1084 --- a/src/warmstart.c
1085 +++ b/src/warmstart.c
1090 -#include "config.h"
1091 #include "rpcbind.h"
1093 #ifndef RPCBIND_STATEDIR