From 2e9c289246c647e25649914bdb0d9400c66f486e Mon Sep 17 00:00:00 2001 From: Steve Dickson Date: Wed, 15 Aug 2018 10:22:36 -0400 Subject: rpcbind: Disable remote calls by default Added a new configuration flag --enable-rmtcalls which will be needed to enable the remote call functionality. This also stops rpcbind from opening up random listening ports. Signed-off-by: Steve Dickson --- Makefile.am | 4 ++++ configure.ac | 4 ++++ src/rpcbind.c | 6 +++++- 3 files changed, 13 insertions(+), 1 deletion(-) diff --git a/Makefile.am b/Makefile.am index c160a95..a536ffb 100644 --- a/Makefile.am +++ b/Makefile.am @@ -29,6 +29,10 @@ if LIBWRAP AM_CPPFLAGS += -DLIBWRAP endif +if RMTCALLS +AM_CPPFLAGS += -DRMTCALLS +endif + bin_PROGRAMS = rpcinfo sbin_PROGRAMS = rpcbind diff --git a/configure.ac b/configure.ac index 359a418..1587d4d 100644 --- a/configure.ac +++ b/configure.ac @@ -21,6 +21,10 @@ AC_ARG_ENABLE([warmstarts], AS_HELP_STRING([--enable-warmstarts], [Enables Warm Starts @<:@default=no@:>@])) AM_CONDITIONAL(WARMSTART, test x$enable_warmstarts = xyes) +AC_ARG_ENABLE([rmtcalls], + AS_HELP_STRING([--enable-rmtcalls], [Enables Remote Calls @<:@default=no@:>@])) +AM_CONDITIONAL(RMTCALLS, test x$enable_rmtcalls = xyes) + AC_ARG_WITH([statedir], AS_HELP_STRING([--with-statedir=ARG], [use ARG as state dir @<:@default=/var/run/rpcbind@:>@]) ,, [with_statedir=/var/run/rpcbind]) diff --git a/src/rpcbind.c b/src/rpcbind.c index 8db8dfc..cc848b1 100644 --- a/src/rpcbind.c +++ b/src/rpcbind.c @@ -794,12 +794,14 @@ got_socket: } } #endif + + +#ifdef RMTCALLS /* * rmtcall only supported on CLTS transports for now. */ if (nconf->nc_semantics == NC_TPI_CLTS) { status = create_rmtcall_fd(nconf); - #ifdef RPCBIND_DEBUG if (debugging) { if (status < 0) { @@ -813,6 +815,8 @@ got_socket: } #endif } +#endif + return (0); error: close(fd); -- cgit v1.2.1