From Tor.Egge@idi.ntnu.no  Tue Apr 15 10:20:17 1997
Received: from pat.idt.unit.no (0@pat.idt.unit.no [129.241.103.5])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id KAA22350
          for <FreeBSD-gnats-submit@freebsd.org>; Tue, 15 Apr 1997 10:20:12 -0700 (PDT)
Received: from ikke.idt.unit.no (tegge@ikke.idt.unit.no [129.241.111.65])
	by pat.idt.unit.no (8.8.5/8.8.5) with ESMTP id TAA10523
	for <FreeBSD-gnats-submit@freebsd.org>; Tue, 15 Apr 1997 19:19:56 +0200 (MET DST)
Received: (from tegge@localhost)
	by ikke.idt.unit.no (8.8.5/8.8.5) id TAA11528;
	Tue, 15 Apr 1997 19:19:56 +0200 (MET DST)
Message-Id: <199704151719.TAA11528@ikke.idt.unit.no>
Date: Tue, 15 Apr 1997 19:19:56 +0200 (MET DST)
From: Tor Egge <Tor.Egge@idi.ntnu.no>
Reply-To: Tor.Egge@idi.ntnu.no
To: FreeBSD-gnats-submit@freebsd.org
Subject: NFS privport handling is broken
X-Send-Pr-Version: 3.2

>Number:         3298
>Category:       kern
>Synopsis:       NFS privport handling is broken
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:
>Keywords:
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Tue Apr 15 10:30:01 PDT 1997
>Closed-Date:    Wed Apr 30 02:51:50 PDT 1997
>Last-Modified:  Wed Apr 30 02:52:15 PDT 1997
>Originator:     Tor Egge
>Release:        FreeBSD 3.0-CURRENT i386
>Organization:
Norwegian University of Science and Technology, Trondheim, Norway
>Environment:

FreeBSD ikke.idt.unit.no 3.0-CURRENT FreeBSD 3.0-CURRENT #0: Tue Apr  8 03:18:44 MET DST 1997     root@ikke.idt.unit.no:/usr/src/sys/compile/TEGGE  i386

FreeBSD 3.0-CURRENT NFS server.
SunOS 5.4 NFS client.

>Description:

	Some (older) versions of amd or automount, and some versions
	of mount use unprivileged ports when checking for the availability
	of nfsd on the NFS server. 

	[On the SunOS 5.4 client]
	staude# mount ikke:/export/akg2/store /mnt
	nfs mount: ikke: NFS service not responding
	nfs mount: retrying: /mnt

	[On the FreeBSD 3.0-CURRENT NFS server]
	Apr 15 17:17:17 ikke /kernel: NFS request from unprivileged port (129.241.111.23

>How-To-Repeat:

>Fix:
	
	As a special case, allow the NFS NULL procedure even when the client
	port is not privileged.

Index: nfs_syscalls.c
===================================================================
RCS file: /home/ncvs/src/sys/nfs/nfs_syscalls.c,v
retrieving revision 1.20
diff -u -r1.20 nfs_syscalls.c
--- nfs_syscalls.c	1997/03/27 20:01:07	1.20
+++ nfs_syscalls.c	1997/04/15 15:24:56
@@ -605,7 +605,8 @@
 
 			sin = mtod(nam, struct sockaddr_in *);
 			port = ntohs(sin->sin_port);
-			if (port >= IPPORT_RESERVED) {
+			if (port >= IPPORT_RESERVED && 
+			    nd->nd_procnum != NFSPROC_NULL) {
 			    nd->nd_procnum = NFSPROC_NOOP;
 			    nd->nd_repstat = (NFSERR_AUTHERR | AUTH_TOOWEAK);
 			    cacherep = RC_DOIT;
>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->closed 
State-Changed-By: dfr 
State-Changed-When: Wed Apr 30 02:51:50 PDT 1997 
State-Changed-Why:  
Fixed in rev 1.22 of nfs_syscalls.c. 
>Unformatted:
