commit 6e3f696e788a56f30b5b3f8250647fe4cd63c884

Author: Steve Dickson <steved@redhat.com>

Date:   Sat Jan 3 14:08:25 2009 -0500

    Now that the TCP wrapper actually works, mounts will

    be denied with misconfigured DNS configurations. Warnings

    will be logged when these types of configurations are

    detected.

    Signed-off-by: Steve Dickson <steved@redhat.com>

diff -up nfs-utils-1.1.4/support/misc/tcpwrapper.c.orig nfs-utils-1.1.4/support/misc/tcpwrapper.c

--- nfs-utils-1.1.4/support/misc/tcpwrapper.c.orig	2009-01-03 13:02:15.000000000 -0500

+++ nfs-utils-1.1.4/support/misc/tcpwrapper.c	2009-01-03 14:05:42.000000000 -0500

@@ -48,6 +48,8 @@

 #include <sys/stat.h>

 #include <unistd.h>

+#include "xlog.h"

+

 #ifdef SYSV40

 #include <netinet/in.h>

 #include <rpc/rpcent.h>

@@ -179,17 +181,27 @@ struct sockaddr_in *addr;

 	/* Now do the hostname lookup */

 	hp = gethostbyaddr ((const char *) &(addr->sin_addr),

 		sizeof (addr->sin_addr), AF_INET);

-	if (!hp)

+	if (!hp) {

+		xlog(L_WARNING, 

+			"Warning: Client IP address '%s' not found in host lookup",

+			inet_ntoa(addr->sin_addr));

 		return DENY; /* never heard of it. misconfigured DNS? */

+	}

 	/* Make sure the hostent is authorative. */

 	tmpname = strdup(hp->h_name);

-	if (!tmpname)

+	if (!tmpname) {

+		xlog(L_WARNING, "Warning: No memory for Host access check");

 		return DENY;

+	}

 	hp = gethostbyname(tmpname);

-	free(tmpname);

-	if (!hp)

+	if (!hp) {

+		xlog(L_WARNING, 

+			"Warning: Client hostname '%s' not found in host lookup", tmpname);

+		free(tmpname);

 		return DENY; /* never heard of it. misconfigured DNS? */

+	}

+	free(tmpname);

 	/* Now make sure the address is on the list */

 	for (sp = hp->h_addr_list ; *sp ; sp++) {