From: NeilBrown <neilb@xxxxxxxx>
Support for broadcast RPC involves binding a second privileged
port. It is possible that rpcbind might choose a port that some
other service will need, and that can cause problems.
Having this port open increases the attack surface of rpcbind. RPC
replies can be sent to it by any host, and they will only be rejected
once they have been parsed enough to determine that the xid doesn't
match.
Boardcast is not widely used. It is not used at all for NFS. For NIS
(previously yellow pages) it can be used to find a local NIS server,
though this can also be statically configured.
In cases where broadcast-RPC is not needed, it is best to disable the
port. This patch adds a new "-b" option to disable broadcast RPC.
Signed-off-by: NeilBrown <neilb@xxxxxxxx>
---
man/rpcbind.8 | 5 +++++
src/rpcbind.c | 10 +++++++---
2 files changed, 12 insertions(+), 3 deletions(-)
diff --git a/man/rpcbind.8 b/man/rpcbind.8
index 6ba318f5ff77..ba1b191b119d 100644
--- a/man/rpcbind.8
+++ b/man/rpcbind.8
@@ -103,6 +103,11 @@ With this option, the name-to-address translation consistency
checks are shown in detail.
.It Fl f
Do not fork and become a background process.
+.It Fl b
+Do not support broadcast RPC and do not bind the extra port.
+This is useful if
+.Nm
+inadvertently binds a port that some other service needs to use.
.It Fl h
Specify specific IP addresses to bind to for UDP requests.
This option may be specified multiple times and can be used to
diff --git a/src/rpcbind.c b/src/rpcbind.c
index ecebe97da435..4819d6e5ba41 100644
--- a/src/rpcbind.c
+++ b/src/rpcbind.c
@@ -87,6 +87,7 @@ int debugging = 0; /* Tell me what's going on */
int doabort = 0; /* When debugging, do an abort on errors */
int dofork = 1; /* fork? */
int createdsocket = 0; /* Did I create the socket or systemd did it for me? */
+int dobroadcast = 1; /* Support forwarding of broadcast RPC calls (CALLIT) */
rpcblist_ptr list_rbl; /* A list of version 3/4 rpcbind services */
@@ -801,7 +802,7 @@ got_socket:
/*
* rmtcall only supported on CLTS transports for now.
*/
- if (nconf->nc_semantics == NC_TPI_CLTS) {
+ if (dobroadcast && nconf->nc_semantics == NC_TPI_CLTS) {
status = create_rmtcall_fd(nconf);
#ifdef RPCBIND_DEBUG
if (debugging) {
@@ -886,7 +887,7 @@ parseargs(int argc, char *argv[])
{
int c;
oldstyle_local = 1;
- while ((c = getopt(argc, argv, "adh:ilswf")) != -1) {
+ while ((c = getopt(argc, argv, "adh:ilswfb")) != -1) {
switch (c) {
case 'a':
doabort = 1; /* when debugging, do an abort on */
@@ -921,8 +922,11 @@ parseargs(int argc, char *argv[])
warmstart = 1;
break;
#endif
+ case 'b':
+ dobroadcast = 0;
+ break;
default: /* error */
- fprintf(stderr, "usage: rpcbind [-adhilswf]\n");
+ fprintf(stderr, "usage: rpcbind [-adhilswfb]\n");
exit (1);
}
}
--
2.43.0
