1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21
22 /*
23 * Copyright 2015 Nexenta Systems, Inc. All rights reserved.
24 * Copyright (c) 1992, 2010, Oracle and/or its affiliates. All rights reserved.
25 */
26
27 #include <stdio.h>
28 #include <unistd.h>
29 #include <stdlib.h>
30 #include <ctype.h>
31 #include <syslog.h>
32 #include <string.h>
33 #include <deflt.h>
34 #include <kstat.h>
35 #include <sys/param.h>
36 #include <sys/types.h>
37 #include <sys/time.h>
38 #include <sys/stat.h>
39 #include <sys/wait.h>
40 #include <sys/socket.h>
41 #include <netinet/in.h>
42 #include <signal.h>
43 #include <sys/signal.h>
44 #include <rpc/rpc.h>
45 #include <rpc/pmap_clnt.h>
46 #include <sys/mount.h>
47 #include <sys/mntent.h>
48 #include <sys/mnttab.h>
49 #include <sys/fstyp.h>
50 #include <sys/fsid.h>
51 #include <arpa/inet.h>
52 #include <netdb.h>
53 #include <netconfig.h>
54 #include <netdir.h>
55 #include <errno.h>
56 #define NFSCLIENT
57 #include <nfs/nfs.h>
58 #include <nfs/mount.h>
59 #include <rpcsvc/mount.h>
60 #include <rpc/nettype.h>
61 #include <locale.h>
62 #include <setjmp.h>
63 #include <sys/socket.h>
64 #include <thread.h>
65 #include <limits.h>
66 #include <nss_dbdefs.h> /* for NSS_BUFLEN_HOSTS */
67 #include <nfs/nfs_sec.h>
68 #include <sys/sockio.h>
69 #include <net/if.h>
70 #include <assert.h>
71 #include <nfs/nfs_clnt.h>
72 #include <rpcsvc/nfs4_prot.h>
73 #include <nfs/nfs4.h>
74 #define NO_RDDIR_CACHE
75 #include "automount.h"
76 #include "replica.h"
77 #include "nfs_subr.h"
78 #include "webnfs.h"
79 #include "nfs_resolve.h"
80 #include <sys/sockio.h>
81 #include <net/if.h>
82 #include <rpcsvc/daemon_utils.h>
83 #include <pwd.h>
84 #include <strings.h>
85 #include <tsol/label.h>
86 #include <zone.h>
87 #include <limits.h>
88 #include <libscf.h>
89 #include <libshare.h>
90 #include "smfcfg.h"
91
92 extern void set_nfsv4_ephemeral_mount_to(void);
93
94 extern char *nfs_get_qop_name();
95 extern AUTH *nfs_create_ah();
96 extern enum snego_stat nfs_sec_nego();
97
98 #define MAXHOSTS 512
99
100 #define MNTTYPE_CACHEFS "cachefs"
101
102 /*
103 * host cache states
104 */
105 #define NOHOST 0
106 #define GOODHOST 1
107 #define DEADHOST 2
108
109 #define NFS_ARGS_EXTB_secdata(args, secdata) \
110 { (args).nfs_args_ext = NFS_ARGS_EXTB, \
111 (args).nfs_ext_u.nfs_extB.secdata = secdata; }
112
113 struct cache_entry {
114 struct cache_entry *cache_next;
115 char *cache_host;
116 time_t cache_time;
117 int cache_state;
118 rpcvers_t cache_reqvers;
119 rpcvers_t cache_outvers;
120 char *cache_proto;
121 };
122
123 struct mfs_snego_t {
124 int sec_opt;
125 bool_t snego_done;
126 char *nfs_flavor;
127 seconfig_t nfs_sec;
128 };
129 typedef struct mfs_snego_t mfs_snego_t;
130
131 static struct cache_entry *cache_head = NULL;
132 rwlock_t cache_lock; /* protect the cache chain */
133
134 static enum nfsstat nfsmount(struct mapfs *, char *, char *, int, int, uid_t,
135 action_list *);
136 static int is_nfs_port(char *);
137
138 static void netbuf_free(struct netbuf *);
139 static int get_pathconf(CLIENT *, char *, char *, struct pathcnf **, int);
140 static struct mapfs *enum_servers(struct mapent *, char *);
141 static struct mapfs *get_mysubnet_servers(struct mapfs *);
142 static int subnet_test(int af, struct sioc_addrreq *);
143 static struct netbuf *get_addr(char *, rpcprog_t, rpcvers_t,
144 struct netconfig **, char *, ushort_t, struct t_info *);
145
146 static struct netbuf *get_pubfh(char *, rpcvers_t, mfs_snego_t *,
147 struct netconfig **, char *, ushort_t, struct t_info *, caddr_t *,
148 bool_t, char *);
149
150 static int create_homedir(const char *, const char *);
151
152 enum type_of_stuff {
153 SERVER_ADDR = 0,
154 SERVER_PING = 1,
155 SERVER_FH = 2
156 };
157
158 static void *get_server_netinfo(enum type_of_stuff, char *, rpcprog_t,
159 rpcvers_t, mfs_snego_t *, struct netconfig **, char *, ushort_t,
160 struct t_info *, caddr_t *, bool_t, char *, enum clnt_stat *);
161 static void *get_netconfig_info(enum type_of_stuff, char *, rpcprog_t,
162 rpcvers_t, struct netconfig *, ushort_t, struct t_info *,
163 struct t_bind *, caddr_t *, bool_t, char *, enum clnt_stat *,
164 mfs_snego_t *);
165 static void *get_server_addrorping(char *, rpcprog_t, rpcvers_t,
166 struct netconfig *, ushort_t, struct t_info *, struct t_bind *,
167 caddr_t *, bool_t, char *, enum clnt_stat *, int);
168 static void *get_server_fh(char *, rpcprog_t, rpcvers_t, mfs_snego_t *,
169 struct netconfig *, ushort_t, struct t_info *, struct t_bind *,
170 caddr_t *, bool_t, char *, enum clnt_stat *);
171
172 struct mapfs *add_mfs(struct mapfs *, int, struct mapfs **, struct mapfs **);
173 void free_mfs(struct mapfs *);
174 static void dump_mfs(struct mapfs *, char *, int);
175 static char *dump_distance(struct mapfs *);
176 static void cache_free(struct cache_entry *);
177 static int cache_check(char *, rpcvers_t *, char *);
178 static void cache_enter(char *, rpcvers_t, rpcvers_t, char *, int);
179 void destroy_auth_client_handle(CLIENT *cl);
180
181 #ifdef CACHE_DEBUG
182 static void trace_host_cache();
183 static void trace_portmap_cache();
184 #endif /* CACHE_DEBUG */
185
186 static int rpc_timeout = 20;
187
188 #ifdef CACHE_DEBUG
189 /*
190 * host cache counters. These variables do not need to be protected
191 * by mutex's. They have been added to measure the utility of the
192 * goodhost/deadhost cache in the lazy hierarchical mounting scheme.
193 */
194 static int host_cache_accesses = 0;
195 static int host_cache_lookups = 0;
196 static int deadhost_cache_hits = 0;
197 static int goodhost_cache_hits = 0;
198
199 /*
200 * portmap cache counters. These variables do not need to be protected
201 * by mutex's. They have been added to measure the utility of the portmap
202 * cache in the lazy hierarchical mounting scheme.
203 */
204 static int portmap_cache_accesses = 0;
205 static int portmap_cache_lookups = 0;
206 static int portmap_cache_hits = 0;
207 #endif /* CACHE_DEBUG */
208
209 /*
210 * There are the defaults (range) for the client when determining
211 * which NFS version to use when probing the server (see above).
212 * These will only be used when the vers mount option is not used and
213 * these may be reset if /etc/default/nfs is configured to do so.
214 */
215 static rpcvers_t vers_max_default = NFS_VERSMAX_DEFAULT;
216 static rpcvers_t vers_min_default = NFS_VERSMIN_DEFAULT;
217
218 /*
219 * list of support services needed
220 */
221 static char *service_list[] = { STATD, LOCKD, NULL };
222 static char *service_list_v4[] = { STATD, LOCKD, NFS4CBD, NFSMAPID, NULL };
223
224 static void read_default_nfs(void);
225 static int is_v4_mount(char *);
226 static void start_nfs4cbd(void);
227
228 int
mount_nfs(struct mapent * me,char * mntpnt,char * prevhost,int overlay,uid_t uid,action_list ** alpp)229 mount_nfs(
230 struct mapent *me,
231 char *mntpnt,
232 char *prevhost,
233 int overlay,
234 uid_t uid,
235 action_list **alpp)
236 {
237 struct mapfs *mfs, *mp;
238 int err = -1;
239 int cached;
240 action_list *alp;
241 char *dir;
242
243
244 alp = *alpp;
245
246 read_default_nfs();
247
248 mfs = enum_servers(me, prevhost);
249 if (mfs == NULL)
250 return (ENOENT);
251
252 /*
253 * Try loopback if we have something on localhost; if nothing
254 * works, we will fall back to NFS
255 */
256 if (is_nfs_port(me->map_mntopts)) {
257 for (mp = mfs; mp; mp = mp->mfs_next) {
258 if (self_check(mp->mfs_host)) {
259 err = loopbackmount(mp->mfs_dir,
260 mntpnt, me->map_mntopts, overlay);
261 if (err) {
262 mp->mfs_ignore = 1;
263 } else {
264 /*
265 * Free action_list if there
266 * is one as it is not needed.
267 * Make sure to set alpp to null
268 * so caller doesn't try to free it
269 * again.
270 */
271 if (*alpp) {
272 free(*alpp);
273 *alpp = NULL;
274 }
275 break;
276 }
277 }
278 }
279 }
280 if (err) {
281 cached = strcmp(me->map_mounter, MNTTYPE_CACHEFS) == 0;
282 dir = strdup(mfs->mfs_dir);
283 err = nfsmount(mfs, mntpnt, me->map_mntopts,
284 cached, overlay, uid, alp);
285 if (err && trace > 1) {
286 trace_prt(1, " Couldn't mount %s:%s, err=%d\n",
287 mfs->mfs_host ? mfs->mfs_host : "",
288 mfs->mfs_dir ? mfs->mfs_dir : dir, err);
289 }
290 free(dir);
291 }
292 free_mfs(mfs);
293 return (err);
294 }
295
296
297 /*
298 * Using the new ioctl SIOCTONLINK to determine if a host is on the same
299 * subnet. Remove the old network, subnet check.
300 */
301
302 static struct mapfs *
get_mysubnet_servers(struct mapfs * mfs_in)303 get_mysubnet_servers(struct mapfs *mfs_in)
304 {
305 int s;
306 struct mapfs *mfs, *p, *mfs_head = NULL, *mfs_tail = NULL;
307
308 struct netconfig *nconf;
309 NCONF_HANDLE *nc = NULL;
310 struct nd_hostserv hs;
311 struct nd_addrlist *retaddrs;
312 struct netbuf *nb;
313 struct sioc_addrreq areq;
314 int res;
315 int af;
316 int i;
317 int sa_size;
318
319 hs.h_serv = "rpcbind";
320
321 for (mfs = mfs_in; mfs; mfs = mfs->mfs_next) {
322 nc = setnetconfig();
323
324 while (nconf = getnetconfig(nc)) {
325
326 /*
327 * Care about INET family only. proto_done flag
328 * indicates if we have already covered this
329 * protocol family. If so skip it
330 */
331 if (((strcmp(nconf->nc_protofmly, NC_INET6) == 0) ||
332 (strcmp(nconf->nc_protofmly, NC_INET) == 0)) &&
333 (nconf->nc_semantics == NC_TPI_CLTS)) {
334 } else
335 continue;
336
337 hs.h_host = mfs->mfs_host;
338
339 if (netdir_getbyname(nconf, &hs, &retaddrs) != ND_OK)
340 continue;
341
342 /*
343 * For each host address see if it's on our
344 * local subnet.
345 */
346
347 if (strcmp(nconf->nc_protofmly, NC_INET6) == 0)
348 af = AF_INET6;
349 else
350 af = AF_INET;
351 nb = retaddrs->n_addrs;
352 for (i = 0; i < retaddrs->n_cnt; i++, nb++) {
353 memset(&areq.sa_addr, 0, sizeof (areq.sa_addr));
354 memcpy(&areq.sa_addr, nb->buf, MIN(nb->len,
355 sizeof (areq.sa_addr)));
356 if (res = subnet_test(af, &areq)) {
357 p = add_mfs(mfs, DIST_MYNET,
358 &mfs_head, &mfs_tail);
359 if (!p) {
360 netdir_free(retaddrs,
361 ND_ADDRLIST);
362 endnetconfig(nc);
363 return (NULL);
364 }
365 break;
366 }
367 } /* end of every host */
368 if (trace > 2) {
369 trace_prt(1, "get_mysubnet_servers: host=%s "
370 "netid=%s res=%s\n", mfs->mfs_host,
371 nconf->nc_netid, res == 1?"SUC":"FAIL");
372 }
373
374 netdir_free(retaddrs, ND_ADDRLIST);
375 } /* end of while */
376
377 endnetconfig(nc);
378
379 } /* end of every map */
380
381 return (mfs_head);
382
383 }
384
385 int
subnet_test(int af,struct sioc_addrreq * areq)386 subnet_test(int af, struct sioc_addrreq *areq)
387 {
388 int s;
389
390 if ((s = socket(af, SOCK_DGRAM, 0)) < 0) {
391 return (0);
392 }
393
394 areq->sa_res = -1;
395
396 if (ioctl(s, SIOCTONLINK, (caddr_t)areq) < 0) {
397 syslog(LOG_ERR, "subnet_test:SIOCTONLINK failed");
398 return (0);
399 }
400 close(s);
401 if (areq->sa_res == 1)
402 return (1);
403 else
404 return (0);
405
406
407 }
408
409 /*
410 * ping a bunch of hosts at once and sort by who responds first
411 */
412 static struct mapfs *
sort_servers(struct mapfs * mfs_in,int timeout)413 sort_servers(struct mapfs *mfs_in, int timeout)
414 {
415 struct mapfs *m1 = NULL;
416 enum clnt_stat clnt_stat;
417
418 if (!mfs_in)
419 return (NULL);
420
421 clnt_stat = nfs_cast(mfs_in, &m1, timeout);
422
423 if (!m1) {
424 char buff[2048] = {'\0'};
425
426 for (m1 = mfs_in; m1; m1 = m1->mfs_next) {
427 (void) strcat(buff, m1->mfs_host);
428 if (m1->mfs_next)
429 (void) strcat(buff, ",");
430 }
431
432 syslog(LOG_ERR, "servers %s not responding: %s",
433 buff, clnt_sperrno(clnt_stat));
434 }
435
436 return (m1);
437 }
438
439 /*
440 * Add a mapfs entry to the list described by *mfs_head and *mfs_tail,
441 * provided it is not marked "ignored" and isn't a dupe of ones we've
442 * already seen.
443 */
444 struct mapfs *
add_mfs(struct mapfs * mfs,int distance,struct mapfs ** mfs_head,struct mapfs ** mfs_tail)445 add_mfs(struct mapfs *mfs, int distance, struct mapfs **mfs_head,
446 struct mapfs **mfs_tail)
447 {
448 struct mapfs *tmp, *new;
449
450 for (tmp = *mfs_head; tmp; tmp = tmp->mfs_next)
451 if ((strcmp(tmp->mfs_host, mfs->mfs_host) == 0 &&
452 strcmp(tmp->mfs_dir, mfs->mfs_dir) == 0) ||
453 mfs->mfs_ignore)
454 return (*mfs_head);
455 new = (struct mapfs *)malloc(sizeof (struct mapfs));
456 if (!new) {
457 syslog(LOG_ERR, "Memory allocation failed: %m");
458 return (NULL);
459 }
460 bcopy(mfs, new, sizeof (struct mapfs));
461 new->mfs_next = NULL;
462 if (distance)
463 new->mfs_distance = distance;
464 if (!*mfs_head)
465 *mfs_tail = *mfs_head = new;
466 else {
467 (*mfs_tail)->mfs_next = new;
468 *mfs_tail = new;
469 }
470 return (*mfs_head);
471 }
472
473 static void
dump_mfs(struct mapfs * mfs,char * message,int level)474 dump_mfs(struct mapfs *mfs, char *message, int level)
475 {
476 struct mapfs *m1;
477
478 if (trace <= level)
479 return;
480
481 trace_prt(1, "%s", message);
482 if (!mfs) {
483 trace_prt(0, "mfs is null\n");
484 return;
485 }
486 for (m1 = mfs; m1; m1 = m1->mfs_next)
487 trace_prt(0, "%s[%s] ", m1->mfs_host, dump_distance(m1));
488 trace_prt(0, "\n");
489 }
490
491 static char *
dump_distance(struct mapfs * mfs)492 dump_distance(struct mapfs *mfs)
493 {
494 switch (mfs->mfs_distance) {
495 case 0: return ("zero");
496 case DIST_SELF: return ("self");
497 case DIST_MYSUB: return ("mysub");
498 case DIST_MYNET: return ("mynet");
499 case DIST_OTHER: return ("other");
500 default: return ("other");
501 }
502 }
503
504 /*
505 * Walk linked list "raw", building a new list consisting of members
506 * NOT found in list "filter", returning the result.
507 */
508 static struct mapfs *
filter_mfs(struct mapfs * raw,struct mapfs * filter)509 filter_mfs(struct mapfs *raw, struct mapfs *filter)
510 {
511 struct mapfs *mfs, *p, *mfs_head = NULL, *mfs_tail = NULL;
512 int skip;
513
514 if (!raw)
515 return (NULL);
516 for (mfs = raw; mfs; mfs = mfs->mfs_next) {
517 for (skip = 0, p = filter; p; p = p->mfs_next) {
518 if (strcmp(p->mfs_host, mfs->mfs_host) == 0 &&
519 strcmp(p->mfs_dir, mfs->mfs_dir) == 0) {
520 skip = 1;
521 break;
522 }
523 }
524 if (skip)
525 continue;
526 p = add_mfs(mfs, 0, &mfs_head, &mfs_tail);
527 if (!p)
528 return (NULL);
529 }
530 return (mfs_head);
531 }
532
533 /*
534 * Walk a linked list of mapfs structs, freeing each member.
535 */
536 void
free_mfs(struct mapfs * mfs)537 free_mfs(struct mapfs *mfs)
538 {
539 struct mapfs *tmp;
540
541 while (mfs) {
542 tmp = mfs->mfs_next;
543 free(mfs);
544 mfs = tmp;
545 }
546 }
547
548 /*
549 * New code for NFS client failover: we need to carry and sort
550 * lists of server possibilities rather than return a single
551 * entry. It preserves previous behaviour of sorting first by
552 * locality (loopback-or-preferred/subnet/net/other) and then
553 * by ping times. We'll short-circuit this process when we
554 * have ENOUGH or more entries.
555 */
556 static struct mapfs *
enum_servers(struct mapent * me,char * preferred)557 enum_servers(struct mapent *me, char *preferred)
558 {
559 struct mapfs *p, *m1, *m2, *mfs_head = NULL, *mfs_tail = NULL;
560
561 /*
562 * Short-circuit for simple cases.
563 */
564 if (!me->map_fs->mfs_next) {
565 p = add_mfs(me->map_fs, DIST_OTHER, &mfs_head, &mfs_tail);
566 if (!p)
567 return (NULL);
568 return (mfs_head);
569 }
570
571 dump_mfs(me->map_fs, " enum_servers: mapent: ", 2);
572
573 /*
574 * get addresses & see if any are myself
575 * or were mounted from previously in a
576 * hierarchical mount.
577 */
578 if (trace > 2)
579 trace_prt(1, " enum_servers: looking for pref/self\n");
580 for (m1 = me->map_fs; m1; m1 = m1->mfs_next) {
581 if (m1->mfs_ignore)
582 continue;
583 if (self_check(m1->mfs_host) ||
584 strcmp(m1->mfs_host, preferred) == 0) {
585 p = add_mfs(m1, DIST_SELF, &mfs_head, &mfs_tail);
586 if (!p)
587 return (NULL);
588 }
589 }
590 if (trace > 2 && m1)
591 trace_prt(1, " enum_servers: pref/self found, %s\n",
592 m1->mfs_host);
593
594 /*
595 * look for entries on this subnet
596 */
597 dump_mfs(m1, " enum_servers: input of get_mysubnet_servers: ", 2);
598 m1 = get_mysubnet_servers(me->map_fs);
599 dump_mfs(m1, " enum_servers: output of get_mysubnet_servers: ", 3);
600 if (m1 && m1->mfs_next) {
601 m2 = sort_servers(m1, rpc_timeout / 2);
602 dump_mfs(m2, " enum_servers: output of sort_servers: ", 3);
603 free_mfs(m1);
604 m1 = m2;
605 }
606
607 for (m2 = m1; m2; m2 = m2->mfs_next) {
608 p = add_mfs(m2, 0, &mfs_head, &mfs_tail);
609 if (!p)
610 return (NULL);
611 }
612 if (m1)
613 free_mfs(m1);
614
615 /*
616 * add the rest of the entries at the end
617 */
618 m1 = filter_mfs(me->map_fs, mfs_head);
619 dump_mfs(m1, " enum_servers: etc: output of filter_mfs: ", 3);
620 m2 = sort_servers(m1, rpc_timeout / 2);
621 dump_mfs(m2, " enum_servers: etc: output of sort_servers: ", 3);
622 if (m1)
623 free_mfs(m1);
624 m1 = m2;
625 for (m2 = m1; m2; m2 = m2->mfs_next) {
626 p = add_mfs(m2, DIST_OTHER, &mfs_head, &mfs_tail);
627 if (!p)
628 return (NULL);
629 }
630 if (m1)
631 free_mfs(m1);
632
633 done:
634 dump_mfs(mfs_head, " enum_servers: output: ", 1);
635 return (mfs_head);
636 }
637
638 static enum nfsstat
nfsmount(struct mapfs * mfs_in,char * mntpnt,char * opts,int cached,int overlay,uid_t uid,action_list * alp)639 nfsmount(
640 struct mapfs *mfs_in,
641 char *mntpnt, char *opts,
642 int cached, int overlay,
643 uid_t uid,
644 action_list *alp)
645 {
646 CLIENT *cl;
647 char remname[MAXPATHLEN], *mnttabtext = NULL;
648 char mopts[MAX_MNTOPT_STR];
649 char netname[MAXNETNAMELEN+1];
650 char *mntopts = NULL;
651 int mnttabcnt = 0;
652 int loglevel;
653 struct mnttab m;
654 struct nfs_args *argp = NULL, *head = NULL, *tail = NULL,
655 *prevhead, *prevtail;
656 int flags;
657 struct fhstatus fhs;
658 struct timeval timeout;
659 enum clnt_stat rpc_stat;
660 enum nfsstat status;
661 struct stat stbuf;
662 struct netconfig *nconf;
663 rpcvers_t vers, versmin; /* used to negotiate nfs version in pingnfs */
664 /* and mount version with mountd */
665 rpcvers_t outvers; /* final version to be used during mount() */
666 rpcvers_t nfsvers; /* version in map options, 0 if not there */
667 rpcvers_t mountversmax; /* tracks the max mountvers during retries */
668
669 /* used to negotiate nfs version using webnfs */
670 rpcvers_t pubvers, pubversmin, pubversmax;
671 int posix;
672 struct nd_addrlist *retaddrs;
673 struct mountres3 res3;
674 nfs_fh3 fh3;
675 char *fstype;
676 int count, i;
677 char scerror_msg[MAXMSGLEN];
678 int *auths;
679 int delay;
680 int retries;
681 char *nfs_proto = NULL;
682 uint_t nfs_port = 0;
683 char *p, *host, *rhost, *dir;
684 struct mapfs *mfs = NULL;
685 int error, last_error = 0;
686 int replicated;
687 int entries = 0;
688 int v2cnt = 0, v3cnt = 0, v4cnt = 0;
689 int v2near = 0, v3near = 0, v4near = 0;
690 int skipentry = 0;
691 char *nfs_flavor;
692 seconfig_t nfs_sec;
693 int sec_opt, scerror;
694 struct sec_data *secdata;
695 int secflags;
696 struct netbuf *syncaddr;
697 bool_t use_pubfh;
698 ushort_t thisport;
699 int got_val;
700 mfs_snego_t mfssnego_init, mfssnego;
701
702 dump_mfs(mfs_in, " nfsmount: input: ", 2);
703 replicated = (mfs_in->mfs_next != NULL);
704 m.mnt_mntopts = opts;
705 if (replicated && hasmntopt(&m, MNTOPT_SOFT)) {
706 if (verbose)
707 syslog(LOG_WARNING,
708 "mount on %s is soft and will not be replicated.", mntpnt);
709 replicated = 0;
710 }
711 if (replicated && !hasmntopt(&m, MNTOPT_RO)) {
712 if (verbose)
713 syslog(LOG_WARNING,
714 "mount on %s is not read-only and will not be replicated.",
715 mntpnt);
716 replicated = 0;
717 }
718 if (replicated && cached) {
719 if (verbose)
720 syslog(LOG_WARNING,
721 "mount on %s is cached and will not be replicated.",
722 mntpnt);
723 replicated = 0;
724 }
725 if (replicated)
726 loglevel = LOG_WARNING;
727 else
728 loglevel = LOG_ERR;
729
730 if (trace > 1) {
731 if (replicated)
732 trace_prt(1, " nfsmount: replicated mount on %s %s:\n",
733 mntpnt, opts);
734 else
735 trace_prt(1, " nfsmount: standard mount on %s %s:\n",
736 mntpnt, opts);
737 for (mfs = mfs_in; mfs; mfs = mfs->mfs_next)
738 trace_prt(1, " %s:%s\n",
739 mfs->mfs_host, mfs->mfs_dir);
740 }
741
742 /*
743 * Make sure mountpoint is safe to mount on
744 */
745 if (lstat(mntpnt, &stbuf) < 0) {
746 syslog(LOG_ERR, "Couldn't stat %s: %m", mntpnt);
747 return (NFSERR_NOENT);
748 }
749
750 /*
751 * Get protocol specified in options list, if any.
752 */
753 if ((str_opt(&m, "proto", &nfs_proto)) == -1) {
754 return (NFSERR_NOENT);
755 }
756
757 /*
758 * Get port specified in options list, if any.
759 */
760 got_val = nopt(&m, MNTOPT_PORT, (int *)&nfs_port);
761 if (!got_val)
762 nfs_port = 0; /* "unspecified" */
763 if (nfs_port > USHRT_MAX) {
764 syslog(LOG_ERR, "%s: invalid port number %d", mntpnt, nfs_port);
765 return (NFSERR_NOENT);
766 }
767
768 /*
769 * Set mount(2) flags here, outside of the loop.
770 */
771 flags = MS_OPTIONSTR;
772 flags |= (hasmntopt(&m, MNTOPT_RO) == NULL) ? 0 : MS_RDONLY;
773 flags |= (hasmntopt(&m, MNTOPT_NOSUID) == NULL) ? 0 : MS_NOSUID;
774 flags |= overlay ? MS_OVERLAY : 0;
775 if (mntpnt[strlen(mntpnt) - 1] != ' ')
776 /* direct mount point without offsets */
777 flags |= MS_OVERLAY;
778
779 use_pubfh = (hasmntopt(&m, MNTOPT_PUBLIC) == NULL) ? FALSE : TRUE;
780
781 (void) memset(&mfssnego_init, 0, sizeof (mfs_snego_t));
782 if (hasmntopt(&m, MNTOPT_SECURE) != NULL) {
783 if (++mfssnego_init.sec_opt > 1) {
784 syslog(loglevel,
785 "conflicting security options");
786 return (NFSERR_IO);
787 }
788 if (nfs_getseconfig_byname("dh", &mfssnego_init.nfs_sec)) {
789 syslog(loglevel,
790 "error getting dh information from %s",
791 NFSSEC_CONF);
792 return (NFSERR_IO);
793 }
794 }
795
796 if (hasmntopt(&m, MNTOPT_SEC) != NULL) {
797 if ((str_opt(&m, MNTOPT_SEC,
798 &mfssnego_init.nfs_flavor)) == -1) {
799 syslog(LOG_ERR, "nfsmount: no memory");
800 return (NFSERR_IO);
801 }
802 }
803
804 if (mfssnego_init.nfs_flavor) {
805 if (++mfssnego_init.sec_opt > 1) {
806 syslog(loglevel,
807 "conflicting security options");
808 free(mfssnego_init.nfs_flavor);
809 return (NFSERR_IO);
810 }
811 if (nfs_getseconfig_byname(mfssnego_init.nfs_flavor,
812 &mfssnego_init.nfs_sec)) {
813 syslog(loglevel,
814 "error getting %s information from %s",
815 mfssnego_init.nfs_flavor, NFSSEC_CONF);
816 free(mfssnego_init.nfs_flavor);
817 return (NFSERR_IO);
818 }
819 free(mfssnego_init.nfs_flavor);
820 }
821
822 nextentry:
823 skipentry = 0;
824
825 got_val = nopt(&m, MNTOPT_VERS, (int *)&nfsvers);
826 if (!got_val)
827 nfsvers = 0; /* "unspecified" */
828 if (set_versrange(nfsvers, &vers, &versmin) != 0) {
829 syslog(LOG_ERR, "Incorrect NFS version specified for %s",
830 mntpnt);
831 last_error = NFSERR_NOENT;
832 goto ret;
833 }
834
835 if (nfsvers != 0) {
836 pubversmax = pubversmin = nfsvers;
837 } else {
838 pubversmax = vers;
839 pubversmin = versmin;
840 }
841
842 /*
843 * Walk the whole list, pinging and collecting version
844 * info so that we can make sure the mount will be
845 * homogeneous with respect to version.
846 *
847 * If we have a version preference, this is easy; we'll
848 * just reject anything that doesn't match.
849 *
850 * If not, we want to try to provide the best compromise
851 * that considers proximity, preference for a higher version,
852 * sorted order, and number of replicas. We will count
853 * the number of V2 and V3 replicas and also the number
854 * which are "near", i.e. the localhost or on the same
855 * subnet.
856 */
857 for (mfs = mfs_in; mfs; mfs = mfs->mfs_next) {
858
859
860 if (mfs->mfs_ignore)
861 continue;
862
863 /*
864 * If the host is '[a:d:d:r:e:s:s'],
865 * only use 'a:d:d:r:e:s:s' for communication
866 */
867 host = strdup(mfs->mfs_host);
868 if (host == NULL) {
869 syslog(LOG_ERR, "nfsmount: no memory");
870 last_error = NFSERR_IO;
871 goto out;
872 }
873 unbracket(&host);
874
875 (void) memcpy(&mfssnego, &mfssnego_init, sizeof (mfs_snego_t));
876
877 if (use_pubfh == TRUE || mfs->mfs_flags & MFS_URL) {
878 char *path;
879
880 if (nfs_port != 0 && mfs->mfs_port != 0 &&
881 nfs_port != mfs->mfs_port) {
882
883 syslog(LOG_ERR, "nfsmount: port (%u) in nfs URL"
884 " not the same as port (%d) in port "
885 "option\n", mfs->mfs_port, nfs_port);
886 last_error = NFSERR_IO;
887 goto out;
888
889 } else if (nfs_port != 0)
890 thisport = nfs_port;
891 else
892 thisport = mfs->mfs_port;
893
894 dir = mfs->mfs_dir;
895
896 if ((mfs->mfs_flags & MFS_URL) == 0) {
897 path = malloc(strlen(dir) + 2);
898 if (path == NULL) {
899 syslog(LOG_ERR, "nfsmount: no memory");
900 last_error = NFSERR_IO;
901 goto out;
902 }
903 path[0] = (char)WNL_NATIVEPATH;
904 (void) strcpy(&path[1], dir);
905 } else {
906 path = dir;
907 }
908
909 argp = (struct nfs_args *)
910 malloc(sizeof (struct nfs_args));
911
912 if (!argp) {
913 if (path != dir)
914 free(path);
915 syslog(LOG_ERR, "nfsmount: no memory");
916 last_error = NFSERR_IO;
917 goto out;
918 }
919 (void) memset(argp, 0, sizeof (*argp));
920
921 /*
922 * RDMA support
923 * By now Mount argument struct has been allocated,
924 * either a pub_fh path will be taken or the regular
925 * one. So here if a protocol was specified and it
926 * was not rdma we let it be, else we set DO_RDMA.
927 * If no proto was there we advise on trying RDMA.
928 */
929 if (nfs_proto) {
930 if (strcmp(nfs_proto, "rdma") == 0) {
931 free(nfs_proto);
932 nfs_proto = NULL;
933 argp->flags |= NFSMNT_DORDMA;
934 }
935 } else
936 argp->flags |= NFSMNT_TRYRDMA;
937
938 for (pubvers = pubversmax; pubvers >= pubversmin;
939 pubvers--) {
940
941 nconf = NULL;
942 argp->addr = get_pubfh(host, pubvers, &mfssnego,
943 &nconf, nfs_proto, thisport, NULL,
944 &argp->fh, TRUE, path);
945
946 if (argp->addr != NULL)
947 break;
948
949 if (nconf != NULL)
950 freenetconfigent(nconf);
951 }
952
953 if (path != dir)
954 free(path);
955
956 if (argp->addr != NULL) {
957
958 /*
959 * The use of llock option for NFSv4
960 * mounts is not required since file
961 * locking is included within the protocol
962 */
963 if (pubvers != NFS_V4)
964 argp->flags |= NFSMNT_LLOCK;
965
966 argp->flags |= NFSMNT_PUBLIC;
967
968 vers = pubvers;
969 mfs->mfs_args = argp;
970 mfs->mfs_version = pubvers;
971 mfs->mfs_nconf = nconf;
972 mfs->mfs_flags |= MFS_FH_VIA_WEBNFS;
973
974 } else {
975 free(argp);
976
977 /*
978 * If -public was specified, give up
979 * on this entry now.
980 */
981 if (use_pubfh == TRUE) {
982 syslog(loglevel,
983 "%s: no public file handle support",
984 host);
985 last_error = NFSERR_NOENT;
986 mfs->mfs_ignore = 1;
987 continue;
988 }
989
990 /*
991 * Back off to a conventional mount.
992 *
993 * URL's can contain escape characters. Get
994 * rid of them.
995 */
996 path = malloc(strlen(dir) + 2);
997
998 if (path == NULL) {
999 syslog(LOG_ERR, "nfsmount: no memory");
1000 last_error = NFSERR_IO;
1001 goto out;
1002 }
1003
1004 strcpy(path, dir);
1005 URLparse(path);
1006 mfs->mfs_dir = path;
1007 mfs->mfs_flags |= MFS_ALLOC_DIR;
1008 mfs->mfs_flags &= ~MFS_URL;
1009 }
1010 }
1011
1012 if ((mfs->mfs_flags & MFS_FH_VIA_WEBNFS) == 0) {
1013 i = pingnfs(host, get_retry(opts) + 1, &vers, versmin,
1014 0, FALSE, NULL, nfs_proto);
1015 if (i != RPC_SUCCESS) {
1016 if (i == RPC_PROGVERSMISMATCH) {
1017 syslog(loglevel, "server %s: NFS "
1018 "protocol version mismatch",
1019 host);
1020 } else {
1021 syslog(loglevel, "server %s not "
1022 "responding", host);
1023 }
1024 mfs->mfs_ignore = 1;
1025 last_error = NFSERR_NOENT;
1026 continue;
1027 }
1028 if (nfsvers != 0 && nfsvers != vers) {
1029 if (nfs_proto == NULL)
1030 syslog(loglevel,
1031 "NFS version %d "
1032 "not supported by %s",
1033 nfsvers, host);
1034 else
1035 syslog(loglevel,
1036 "NFS version %d "
1037 "with proto %s "
1038 "not supported by %s",
1039 nfsvers, nfs_proto, host);
1040 mfs->mfs_ignore = 1;
1041 last_error = NFSERR_NOENT;
1042 continue;
1043 }
1044 }
1045
1046 free(host);
1047
1048 switch (vers) {
1049 case NFS_V4: v4cnt++; break;
1050 case NFS_V3: v3cnt++; break;
1051 case NFS_VERSION: v2cnt++; break;
1052 default: break;
1053 }
1054
1055 /*
1056 * It's not clear how useful this stuff is if
1057 * we are using webnfs across the internet, but it
1058 * can't hurt.
1059 */
1060 if (mfs->mfs_distance &&
1061 mfs->mfs_distance <= DIST_MYSUB) {
1062 switch (vers) {
1063 case NFS_V4: v4near++; break;
1064 case NFS_V3: v3near++; break;
1065 case NFS_VERSION: v2near++; break;
1066 default: break;
1067 }
1068 }
1069
1070 /*
1071 * If the mount is not replicated, we don't want to
1072 * ping every entry, so we'll stop here. This means
1073 * that we may have to go back to "nextentry" above
1074 * to consider another entry if we can't get
1075 * all the way to mount(2) with this one.
1076 */
1077 if (!replicated)
1078 break;
1079
1080 }
1081
1082 if (nfsvers == 0) {
1083 /*
1084 * Choose the NFS version.
1085 * We prefer higher versions, but will choose a one-
1086 * version downgrade in service if we can use a local
1087 * network interface and avoid a router.
1088 */
1089 if (v4cnt && v4cnt >= v3cnt && (v4near || !v3near))
1090 nfsvers = NFS_V4;
1091 else if (v3cnt && v3cnt >= v2cnt && (v3near || !v2near))
1092 nfsvers = NFS_V3;
1093 else
1094 nfsvers = NFS_VERSION;
1095 if (trace > 2)
1096 trace_prt(1,
1097 " nfsmount: v4=%d[%d]v3=%d[%d],v2=%d[%d] => v%d.\n",
1098 v4cnt, v4near, v3cnt, v3near,
1099 v2cnt, v2near, nfsvers);
1100 }
1101
1102 /*
1103 * Since we don't support different NFS versions in replicated
1104 * mounts, set fstype now.
1105 * Also take the opportunity to set
1106 * the mount protocol version as appropriate.
1107 */
1108 switch (nfsvers) {
1109 case NFS_V4:
1110 fstype = MNTTYPE_NFS4;
1111 break;
1112 case NFS_V3:
1113 fstype = MNTTYPE_NFS3;
1114 if (use_pubfh == FALSE) {
1115 mountversmax = MOUNTVERS3;
1116 versmin = MOUNTVERS3;
1117 }
1118 break;
1119 case NFS_VERSION:
1120 fstype = MNTTYPE_NFS;
1121 if (use_pubfh == FALSE) {
1122 mountversmax = MOUNTVERS_POSIX;
1123 versmin = MOUNTVERS;
1124 }
1125 break;
1126 }
1127
1128 /*
1129 * Our goal here is to evaluate each of several possible
1130 * replicas and try to come up with a list we can hand
1131 * to mount(2). If we don't have a valid "head" at the
1132 * end of this process, it means we have rejected all
1133 * potential server:/path tuples. We will fail quietly
1134 * in front of mount(2), and will have printed errors
1135 * where we found them.
1136 * XXX - do option work outside loop w careful design
1137 * XXX - use macro for error condition free handling
1138 */
1139 for (mfs = mfs_in; mfs; mfs = mfs->mfs_next) {
1140
1141 /*
1142 * Initialize retry and delay values on a per-server basis.
1143 */
1144 retries = get_retry(opts);
1145 delay = INITDELAY;
1146 retry:
1147 if (mfs->mfs_ignore)
1148 continue;
1149
1150 /*
1151 * If we don't have a fh yet, and if this is not a replicated
1152 * mount, we haven't done a pingnfs() on the next entry,
1153 * so we don't know if the next entry is up or if it
1154 * supports an NFS version we like. So if we had a problem
1155 * with an entry, we need to go back and run through some new
1156 * code.
1157 */
1158 if ((mfs->mfs_flags & MFS_FH_VIA_WEBNFS) == 0 &&
1159 !replicated && skipentry)
1160 goto nextentry;
1161
1162 vers = mountversmax;
1163 host = mfs->mfs_host;
1164 dir = mfs->mfs_dir;
1165
1166 /*
1167 * Remember the possible '[a:d:d:r:e:s:s]' as the address to be
1168 * later passed to mount(2) and used in the mnttab line, but
1169 * only use 'a:d:d:r:e:s:s' for communication
1170 */
1171 rhost = strdup(host);
1172 if (rhost == NULL) {
1173 syslog(LOG_ERR, "nfsmount: no memory");
1174 last_error = NFSERR_IO;
1175 goto out;
1176 }
1177 unbracket(&host);
1178
1179 (void) sprintf(remname, "%s:%s", rhost, dir);
1180 if (trace > 4 && replicated)
1181 trace_prt(1, " nfsmount: examining %s\n", remname);
1182
1183 /*
1184 * If it's cached we need to get cachefs to mount it.
1185 */
1186 if (cached) {
1187 char *copts = opts;
1188
1189 /*
1190 * If we started with a URL we need to turn on
1191 * -o public if not on already
1192 */
1193 if (use_pubfh == FALSE &&
1194 (mfs->mfs_flags & MFS_FH_VIA_WEBNFS)) {
1195
1196 copts = malloc(strlen(opts) +
1197 strlen(",public")+1);
1198
1199 if (copts == NULL) {
1200 syslog(LOG_ERR, "nfsmount: no memory");
1201 last_error = NFSERR_IO;
1202 goto out;
1203 }
1204
1205 strcpy(copts, opts);
1206
1207 if (strlen(copts) != 0)
1208 strcat(copts, ",");
1209
1210 strcat(copts, "public");
1211 }
1212
1213 last_error = mount_generic(remname, MNTTYPE_CACHEFS,
1214 copts, mntpnt, overlay);
1215
1216 if (copts != opts)
1217 free(copts);
1218
1219 if (last_error) {
1220 skipentry = 1;
1221 mfs->mfs_ignore = 1;
1222 continue;
1223 }
1224 goto out;
1225 }
1226
1227 if (mfs->mfs_args == NULL) {
1228
1229 /*
1230 * Allocate nfs_args structure
1231 */
1232 argp = (struct nfs_args *)
1233 malloc(sizeof (struct nfs_args));
1234
1235 if (!argp) {
1236 syslog(LOG_ERR, "nfsmount: no memory");
1237 last_error = NFSERR_IO;
1238 goto out;
1239 }
1240
1241 (void) memset(argp, 0, sizeof (*argp));
1242
1243 /*
1244 * RDMA support
1245 * By now Mount argument struct has been allocated,
1246 * either a pub_fh path will be taken or the regular
1247 * one. So here if a protocol was specified and it
1248 * was not rdma we let it be, else we set DO_RDMA.
1249 * If no proto was there we advise on trying RDMA.
1250 */
1251 if (nfs_proto) {
1252 if (strcmp(nfs_proto, "rdma") == 0) {
1253 free(nfs_proto);
1254 nfs_proto = NULL;
1255 argp->flags |= NFSMNT_DORDMA;
1256 }
1257 } else
1258 argp->flags |= NFSMNT_TRYRDMA;
1259 } else {
1260 argp = mfs->mfs_args;
1261 mfs->mfs_args = NULL;
1262
1263 /*
1264 * Skip entry if we already have file handle but the
1265 * NFS version is wrong.
1266 */
1267 if ((mfs->mfs_flags & MFS_FH_VIA_WEBNFS) &&
1268 mfs->mfs_version != nfsvers) {
1269
1270 free(argp);
1271 skipentry = 1;
1272 mfs->mfs_ignore = 1;
1273 continue;
1274 }
1275 }
1276
1277 prevhead = head;
1278 prevtail = tail;
1279 if (!head)
1280 head = tail = argp;
1281 else
1282 tail = tail->nfs_ext_u.nfs_extB.next = argp;
1283
1284 /*
1285 * WebNFS and NFSv4 behave similarly in that they
1286 * don't use the mount protocol. Therefore, avoid
1287 * mount protocol like things when version 4 is being
1288 * used.
1289 */
1290 if ((mfs->mfs_flags & MFS_FH_VIA_WEBNFS) == 0 &&
1291 nfsvers != NFS_V4) {
1292 timeout.tv_usec = 0;
1293 timeout.tv_sec = rpc_timeout;
1294 rpc_stat = RPC_TIMEDOUT;
1295
1296 /* Create the client handle. */
1297
1298 if (trace > 1) {
1299 trace_prt(1,
1300 " nfsmount: Get mount version: request "
1301 "vers=%d min=%d\n", vers, versmin);
1302 }
1303
1304 while ((cl = clnt_create_vers(host, MOUNTPROG, &outvers,
1305 versmin, vers, "udp")) == NULL) {
1306 if (trace > 4) {
1307 trace_prt(1,
1308 " nfsmount: Can't get mount "
1309 "version: rpcerr=%d\n",
1310 rpc_createerr.cf_stat);
1311 }
1312 if (rpc_createerr.cf_stat == RPC_UNKNOWNHOST ||
1313 rpc_createerr.cf_stat == RPC_TIMEDOUT)
1314 break;
1315
1316 /*
1317 * backoff and return lower version to retry the ping.
1318 * XXX we should be more careful and handle
1319 * RPC_PROGVERSMISMATCH here, because that error
1320 * is handled in clnt_create_vers(). It's not done to
1321 * stay in sync with the nfs mount command.
1322 */
1323 vers--;
1324 if (vers < versmin)
1325 break;
1326 if (trace > 4) {
1327 trace_prt(1,
1328 " nfsmount: Try version=%d\n",
1329 vers);
1330 }
1331 }
1332
1333 if (cl == NULL) {
1334 free(argp);
1335 head = prevhead;
1336 tail = prevtail;
1337 if (tail)
1338 tail->nfs_ext_u.nfs_extB.next = NULL;
1339 last_error = NFSERR_NOENT;
1340
1341 if (rpc_createerr.cf_stat != RPC_UNKNOWNHOST &&
1342 rpc_createerr.cf_stat !=
1343 RPC_PROGVERSMISMATCH &&
1344 retries-- > 0) {
1345 DELAY(delay);
1346 goto retry;
1347 }
1348
1349 syslog(loglevel, "%s %s", host,
1350 clnt_spcreateerror(
1351 "server not responding"));
1352 skipentry = 1;
1353 mfs->mfs_ignore = 1;
1354 continue;
1355 }
1356 if (trace > 1) {
1357 trace_prt(1,
1358 " nfsmount: mount version=%d\n", outvers);
1359 }
1360 #ifdef MALLOC_DEBUG
1361 add_alloc("CLNT_HANDLE", cl, 0, __FILE__, __LINE__);
1362 add_alloc("AUTH_HANDLE", cl->cl_auth, 0,
1363 __FILE__, __LINE__);
1364 #endif
1365
1366 if (__clnt_bindresvport(cl) < 0) {
1367 free(argp);
1368 head = prevhead;
1369 tail = prevtail;
1370 if (tail)
1371 tail->nfs_ext_u.nfs_extB.next = NULL;
1372 last_error = NFSERR_NOENT;
1373
1374 if (retries-- > 0) {
1375 destroy_auth_client_handle(cl);
1376 DELAY(delay);
1377 goto retry;
1378 }
1379
1380 syslog(loglevel, "mount %s: %s", host,
1381 "Couldn't bind to reserved port");
1382 destroy_auth_client_handle(cl);
1383 skipentry = 1;
1384 mfs->mfs_ignore = 1;
1385 continue;
1386 }
1387
1388 #ifdef MALLOC_DEBUG
1389 drop_alloc("AUTH_HANDLE", cl->cl_auth,
1390 __FILE__, __LINE__);
1391 #endif
1392 AUTH_DESTROY(cl->cl_auth);
1393 if ((cl->cl_auth = authsys_create_default()) == NULL) {
1394 free(argp);
1395 head = prevhead;
1396 tail = prevtail;
1397 if (tail)
1398 tail->nfs_ext_u.nfs_extB.next = NULL;
1399 last_error = NFSERR_NOENT;
1400
1401 if (retries-- > 0) {
1402 destroy_auth_client_handle(cl);
1403 DELAY(delay);
1404 goto retry;
1405 }
1406
1407 syslog(loglevel, "mount %s: %s", host,
1408 "Failed creating default auth handle");
1409 destroy_auth_client_handle(cl);
1410 skipentry = 1;
1411 mfs->mfs_ignore = 1;
1412 continue;
1413 }
1414 #ifdef MALLOC_DEBUG
1415 add_alloc("AUTH_HANDLE", cl->cl_auth, 0,
1416 __FILE__, __LINE__);
1417 #endif
1418 } else
1419 cl = NULL;
1420
1421 /*
1422 * set security options
1423 */
1424 sec_opt = 0;
1425 (void) memset(&nfs_sec, 0, sizeof (nfs_sec));
1426 if (hasmntopt(&m, MNTOPT_SECURE) != NULL) {
1427 if (++sec_opt > 1) {
1428 syslog(loglevel,
1429 "conflicting security options for %s",
1430 remname);
1431 free(argp);
1432 head = prevhead;
1433 tail = prevtail;
1434 if (tail)
1435 tail->nfs_ext_u.nfs_extB.next = NULL;
1436 last_error = NFSERR_IO;
1437 destroy_auth_client_handle(cl);
1438 skipentry = 1;
1439 mfs->mfs_ignore = 1;
1440 continue;
1441 }
1442 if (nfs_getseconfig_byname("dh", &nfs_sec)) {
1443 syslog(loglevel,
1444 "error getting dh information from %s",
1445 NFSSEC_CONF);
1446 free(argp);
1447 head = prevhead;
1448 tail = prevtail;
1449 if (tail)
1450 tail->nfs_ext_u.nfs_extB.next = NULL;
1451 last_error = NFSERR_IO;
1452 destroy_auth_client_handle(cl);
1453 skipentry = 1;
1454 mfs->mfs_ignore = 1;
1455 continue;
1456 }
1457 }
1458
1459 nfs_flavor = NULL;
1460 if (hasmntopt(&m, MNTOPT_SEC) != NULL) {
1461 if ((str_opt(&m, MNTOPT_SEC, &nfs_flavor)) == -1) {
1462 syslog(LOG_ERR, "nfsmount: no memory");
1463 last_error = NFSERR_IO;
1464 destroy_auth_client_handle(cl);
1465 goto out;
1466 }
1467 }
1468
1469 if (nfs_flavor) {
1470 if (++sec_opt > 1) {
1471 syslog(loglevel,
1472 "conflicting security options for %s",
1473 remname);
1474 free(nfs_flavor);
1475 free(argp);
1476 head = prevhead;
1477 tail = prevtail;
1478 if (tail)
1479 tail->nfs_ext_u.nfs_extB.next = NULL;
1480 last_error = NFSERR_IO;
1481 destroy_auth_client_handle(cl);
1482 skipentry = 1;
1483 mfs->mfs_ignore = 1;
1484 continue;
1485 }
1486 if (nfs_getseconfig_byname(nfs_flavor, &nfs_sec)) {
1487 syslog(loglevel,
1488 "error getting %s information from %s",
1489 nfs_flavor, NFSSEC_CONF);
1490 free(nfs_flavor);
1491 free(argp);
1492 head = prevhead;
1493 tail = prevtail;
1494 if (tail)
1495 tail->nfs_ext_u.nfs_extB.next = NULL;
1496 last_error = NFSERR_IO;
1497 destroy_auth_client_handle(cl);
1498 skipentry = 1;
1499 mfs->mfs_ignore = 1;
1500 continue;
1501 }
1502 free(nfs_flavor);
1503 }
1504
1505 posix = (nfsvers != NFS_V4 &&
1506 hasmntopt(&m, MNTOPT_POSIX) != NULL) ? 1 : 0;
1507
1508 if ((mfs->mfs_flags & MFS_FH_VIA_WEBNFS) == 0 &&
1509 nfsvers != NFS_V4) {
1510 bool_t give_up_on_mnt;
1511 bool_t got_mnt_error;
1512 /*
1513 * If we started with a URL, if first byte of path is not "/",
1514 * then the mount will likely fail, so we should try again
1515 * with a prepended "/".
1516 */
1517 if (mfs->mfs_flags & MFS_ALLOC_DIR && *dir != '/')
1518 give_up_on_mnt = FALSE;
1519 else
1520 give_up_on_mnt = TRUE;
1521
1522 got_mnt_error = FALSE;
1523
1524 try_mnt_slash:
1525 if (got_mnt_error == TRUE) {
1526 int i, l;
1527
1528 give_up_on_mnt = TRUE;
1529 l = strlen(dir);
1530
1531 /*
1532 * Insert a "/" to front of mfs_dir.
1533 */
1534 for (i = l; i > 0; i--)
1535 dir[i] = dir[i-1];
1536
1537 dir[0] = '/';
1538 }
1539
1540 /* Get fhandle of remote path from server's mountd */
1541
1542 switch (outvers) {
1543 case MOUNTVERS:
1544 if (posix) {
1545 free(argp);
1546 head = prevhead;
1547 tail = prevtail;
1548 if (tail)
1549 tail->nfs_ext_u.nfs_extB.next =
1550 NULL;
1551 last_error = NFSERR_NOENT;
1552 syslog(loglevel,
1553 "can't get posix info for %s",
1554 host);
1555 destroy_auth_client_handle(cl);
1556 skipentry = 1;
1557 mfs->mfs_ignore = 1;
1558 continue;
1559 }
1560 /* FALLTHRU */
1561 case MOUNTVERS_POSIX:
1562 if (nfsvers == NFS_V3) {
1563 free(argp);
1564 head = prevhead;
1565 tail = prevtail;
1566 if (tail)
1567 tail->nfs_ext_u.nfs_extB.next =
1568 NULL;
1569 last_error = NFSERR_NOENT;
1570 syslog(loglevel,
1571 "%s doesn't support NFS Version 3",
1572 host);
1573 destroy_auth_client_handle(cl);
1574 skipentry = 1;
1575 mfs->mfs_ignore = 1;
1576 continue;
1577 }
1578 rpc_stat = clnt_call(cl, MOUNTPROC_MNT,
1579 xdr_dirpath, (caddr_t)&dir,
1580 xdr_fhstatus, (caddr_t)&fhs, timeout);
1581 if (rpc_stat != RPC_SUCCESS) {
1582
1583 if (give_up_on_mnt == FALSE) {
1584 got_mnt_error = TRUE;
1585 goto try_mnt_slash;
1586 }
1587
1588 /*
1589 * Given the way "clnt_sperror" works, the "%s"
1590 * immediately following the "not responding"
1591 * is correct.
1592 */
1593 free(argp);
1594 head = prevhead;
1595 tail = prevtail;
1596 if (tail)
1597 tail->nfs_ext_u.nfs_extB.next =
1598 NULL;
1599 last_error = NFSERR_NOENT;
1600
1601 if (retries-- > 0) {
1602 destroy_auth_client_handle(cl);
1603 DELAY(delay);
1604 goto retry;
1605 }
1606
1607 if (trace > 3) {
1608 trace_prt(1,
1609 " nfsmount: mount RPC "
1610 "failed for %s\n",
1611 host);
1612 }
1613 syslog(loglevel,
1614 "%s server not responding%s",
1615 host, clnt_sperror(cl, ""));
1616 destroy_auth_client_handle(cl);
1617 skipentry = 1;
1618 mfs->mfs_ignore = 1;
1619 continue;
1620 }
1621 if ((errno = fhs.fhs_status) != MNT_OK) {
1622
1623 if (give_up_on_mnt == FALSE) {
1624 got_mnt_error = TRUE;
1625 goto try_mnt_slash;
1626 }
1627
1628 free(argp);
1629 head = prevhead;
1630 tail = prevtail;
1631 if (tail)
1632 tail->nfs_ext_u.nfs_extB.next =
1633 NULL;
1634 if (errno == EACCES) {
1635 status = NFSERR_ACCES;
1636 } else {
1637 syslog(loglevel, "%s: %m",
1638 host);
1639 status = NFSERR_IO;
1640 }
1641 if (trace > 3) {
1642 trace_prt(1,
1643 " nfsmount: mount RPC gave"
1644 " %d for %s:%s\n",
1645 errno, host, dir);
1646 }
1647 last_error = status;
1648 destroy_auth_client_handle(cl);
1649 skipentry = 1;
1650 mfs->mfs_ignore = 1;
1651 continue;
1652 }
1653 argp->fh = malloc((sizeof (fhandle)));
1654 if (!argp->fh) {
1655 syslog(LOG_ERR, "nfsmount: no memory");
1656 last_error = NFSERR_IO;
1657 destroy_auth_client_handle(cl);
1658 goto out;
1659 }
1660 (void) memcpy(argp->fh,
1661 &fhs.fhstatus_u.fhs_fhandle,
1662 sizeof (fhandle));
1663 break;
1664 case MOUNTVERS3:
1665 posix = 0;
1666 (void) memset((char *)&res3, '\0',
1667 sizeof (res3));
1668 rpc_stat = clnt_call(cl, MOUNTPROC_MNT,
1669 xdr_dirpath, (caddr_t)&dir,
1670 xdr_mountres3, (caddr_t)&res3, timeout);
1671 if (rpc_stat != RPC_SUCCESS) {
1672
1673 if (give_up_on_mnt == FALSE) {
1674 got_mnt_error = TRUE;
1675 goto try_mnt_slash;
1676 }
1677
1678 /*
1679 * Given the way "clnt_sperror" works, the "%s"
1680 * immediately following the "not responding"
1681 * is correct.
1682 */
1683 free(argp);
1684 head = prevhead;
1685 tail = prevtail;
1686 if (tail)
1687 tail->nfs_ext_u.nfs_extB.next =
1688 NULL;
1689 last_error = NFSERR_NOENT;
1690
1691 if (retries-- > 0) {
1692 destroy_auth_client_handle(cl);
1693 DELAY(delay);
1694 goto retry;
1695 }
1696
1697 if (trace > 3) {
1698 trace_prt(1,
1699 " nfsmount: mount RPC "
1700 "failed for %s\n",
1701 host);
1702 }
1703 syslog(loglevel,
1704 "%s server not responding%s",
1705 remname, clnt_sperror(cl, ""));
1706 destroy_auth_client_handle(cl);
1707 skipentry = 1;
1708 mfs->mfs_ignore = 1;
1709 continue;
1710 }
1711 if ((errno = res3.fhs_status) != MNT_OK) {
1712
1713 if (give_up_on_mnt == FALSE) {
1714 got_mnt_error = TRUE;
1715 goto try_mnt_slash;
1716 }
1717
1718 free(argp);
1719 head = prevhead;
1720 tail = prevtail;
1721 if (tail)
1722 tail->nfs_ext_u.nfs_extB.next =
1723 NULL;
1724 if (errno == EACCES) {
1725 status = NFSERR_ACCES;
1726 } else {
1727 syslog(loglevel, "%s: %m",
1728 remname);
1729 status = NFSERR_IO;
1730 }
1731 if (trace > 3) {
1732 trace_prt(1,
1733 " nfsmount: mount RPC gave"
1734 " %d for %s:%s\n",
1735 errno, host, dir);
1736 }
1737 last_error = status;
1738 destroy_auth_client_handle(cl);
1739 skipentry = 1;
1740 mfs->mfs_ignore = 1;
1741 continue;
1742 }
1743
1744 /*
1745 * Negotiate the security flavor for nfs_mount
1746 */
1747 auths = res3.mountres3_u.mountinfo.
1748 auth_flavors.auth_flavors_val;
1749 count = res3.mountres3_u.mountinfo.
1750 auth_flavors.auth_flavors_len;
1751
1752 if (sec_opt) {
1753 for (i = 0; i < count; i++)
1754 if (auths[i] ==
1755 nfs_sec.sc_nfsnum) {
1756 break;
1757 }
1758 if (i >= count) {
1759 syslog(LOG_ERR,
1760 "%s: does not support "
1761 "security \"%s\"\n",
1762 remname, nfs_sec.sc_name);
1763 clnt_freeres(cl, xdr_mountres3,
1764 (caddr_t)&res3);
1765 free(argp);
1766 head = prevhead;
1767 tail = prevtail;
1768 if (tail)
1769 tail->nfs_ext_u.
1770 nfs_extB.next =
1771 NULL;
1772 last_error = NFSERR_IO;
1773 destroy_auth_client_handle(cl);
1774 skipentry = 1;
1775 mfs->mfs_ignore = 1;
1776 continue;
1777 }
1778 } else if (count > 0) {
1779 for (i = 0; i < count; i++) {
1780 if (!(scerror =
1781 nfs_getseconfig_bynumber(
1782 auths[i], &nfs_sec))) {
1783 sec_opt++;
1784 break;
1785 }
1786 }
1787 if (i >= count) {
1788 if (nfs_syslog_scerr(scerror,
1789 scerror_msg)
1790 != -1) {
1791 syslog(LOG_ERR,
1792 "%s cannot be "
1793 "mounted because it"
1794 " is shared with "
1795 "security flavor %d"
1796 " which %s",
1797 remname,
1798 auths[i-1],
1799 scerror_msg);
1800 }
1801 clnt_freeres(cl, xdr_mountres3,
1802 (caddr_t)&res3);
1803 free(argp);
1804 head = prevhead;
1805 tail = prevtail;
1806 if (tail)
1807 tail->nfs_ext_u.
1808 nfs_extB.next =
1809 NULL;
1810 last_error = NFSERR_IO;
1811 destroy_auth_client_handle(cl);
1812 skipentry = 1;
1813 mfs->mfs_ignore = 1;
1814 continue;
1815 }
1816 }
1817
1818 fh3.fh3_length =
1819 res3.mountres3_u.mountinfo.fhandle.
1820 fhandle3_len;
1821 (void) memcpy(fh3.fh3_u.data,
1822 res3.mountres3_u.mountinfo.fhandle.
1823 fhandle3_val,
1824 fh3.fh3_length);
1825 clnt_freeres(cl, xdr_mountres3,
1826 (caddr_t)&res3);
1827 argp->fh = malloc(sizeof (nfs_fh3));
1828 if (!argp->fh) {
1829 syslog(LOG_ERR, "nfsmount: no memory");
1830 last_error = NFSERR_IO;
1831 destroy_auth_client_handle(cl);
1832 goto out;
1833 }
1834 (void) memcpy(argp->fh, &fh3, sizeof (nfs_fh3));
1835 break;
1836 default:
1837 free(argp);
1838 head = prevhead;
1839 tail = prevtail;
1840 if (tail)
1841 tail->nfs_ext_u.nfs_extB.next = NULL;
1842 last_error = NFSERR_NOENT;
1843 syslog(loglevel,
1844 "unknown MOUNT version %ld on %s",
1845 vers, remname);
1846 destroy_auth_client_handle(cl);
1847 skipentry = 1;
1848 mfs->mfs_ignore = 1;
1849 continue;
1850 } /* switch */
1851 }
1852 if (nfsvers == NFS_V4) {
1853 argp->fh = strdup(dir);
1854 if (argp->fh == NULL) {
1855 syslog(LOG_ERR, "nfsmount: no memory");
1856 last_error = NFSERR_IO;
1857 goto out;
1858 }
1859 }
1860
1861 if (trace > 4)
1862 trace_prt(1, " nfsmount: have %s filehandle for %s\n",
1863 fstype, remname);
1864
1865 argp->flags |= NFSMNT_NEWARGS;
1866 argp->flags |= NFSMNT_INT; /* default is "intr" */
1867 argp->flags |= NFSMNT_HOSTNAME;
1868 argp->hostname = strdup(host);
1869 if (argp->hostname == NULL) {
1870 syslog(LOG_ERR, "nfsmount: no memory");
1871 last_error = NFSERR_IO;
1872 goto out;
1873 }
1874
1875 /*
1876 * In this case, we want NFSv4 to behave like
1877 * non-WebNFS so that we get the server address.
1878 */
1879 if ((mfs->mfs_flags & MFS_FH_VIA_WEBNFS) == 0) {
1880 nconf = NULL;
1881
1882 if (nfs_port != 0)
1883 thisport = nfs_port;
1884 else
1885 thisport = mfs->mfs_port;
1886
1887 /*
1888 * For NFSv4, we want to avoid rpcbind, so call
1889 * get_server_netinfo() directly to tell it that
1890 * we want to go "direct_to_server". Otherwise,
1891 * do what has always been done.
1892 */
1893 if (nfsvers == NFS_V4) {
1894 enum clnt_stat cstat;
1895
1896 argp->addr = get_server_netinfo(SERVER_ADDR,
1897 host, NFS_PROGRAM, nfsvers, NULL,
1898 &nconf, nfs_proto, thisport, NULL,
1899 NULL, TRUE, NULL, &cstat);
1900 } else {
1901 argp->addr = get_addr(host, NFS_PROGRAM,
1902 nfsvers, &nconf, nfs_proto,
1903 thisport, NULL);
1904 }
1905
1906 if (argp->addr == NULL) {
1907 if (argp->hostname)
1908 free(argp->hostname);
1909 free(argp->fh);
1910 free(argp);
1911 head = prevhead;
1912 tail = prevtail;
1913 if (tail)
1914 tail->nfs_ext_u.nfs_extB.next = NULL;
1915 last_error = NFSERR_NOENT;
1916
1917 if (retries-- > 0) {
1918 destroy_auth_client_handle(cl);
1919 DELAY(delay);
1920 goto retry;
1921 }
1922
1923 syslog(loglevel, "%s: no NFS service", host);
1924 destroy_auth_client_handle(cl);
1925 skipentry = 1;
1926 mfs->mfs_ignore = 1;
1927 continue;
1928 }
1929 if (trace > 4)
1930 trace_prt(1,
1931 "\tnfsmount: have net address for %s\n",
1932 remname);
1933
1934 } else {
1935 nconf = mfs->mfs_nconf;
1936 mfs->mfs_nconf = NULL;
1937 }
1938
1939 argp->flags |= NFSMNT_KNCONF;
1940 argp->knconf = get_knconf(nconf);
1941 if (argp->knconf == NULL) {
1942 netbuf_free(argp->addr);
1943 freenetconfigent(nconf);
1944 if (argp->hostname)
1945 free(argp->hostname);
1946 free(argp->fh);
1947 free(argp);
1948 head = prevhead;
1949 tail = prevtail;
1950 if (tail)
1951 tail->nfs_ext_u.nfs_extB.next = NULL;
1952 last_error = NFSERR_NOSPC;
1953 destroy_auth_client_handle(cl);
1954 skipentry = 1;
1955 mfs->mfs_ignore = 1;
1956 continue;
1957 }
1958 if (trace > 4)
1959 trace_prt(1,
1960 "\tnfsmount: have net config for %s\n",
1961 remname);
1962
1963 if (hasmntopt(&m, MNTOPT_SOFT) != NULL) {
1964 argp->flags |= NFSMNT_SOFT;
1965 }
1966 if (hasmntopt(&m, MNTOPT_NOINTR) != NULL) {
1967 argp->flags &= ~(NFSMNT_INT);
1968 }
1969 if (hasmntopt(&m, MNTOPT_NOAC) != NULL) {
1970 argp->flags |= NFSMNT_NOAC;
1971 }
1972 if (hasmntopt(&m, MNTOPT_NOCTO) != NULL) {
1973 argp->flags |= NFSMNT_NOCTO;
1974 }
1975 if (hasmntopt(&m, MNTOPT_FORCEDIRECTIO) != NULL) {
1976 argp->flags |= NFSMNT_DIRECTIO;
1977 }
1978 if (hasmntopt(&m, MNTOPT_NOFORCEDIRECTIO) != NULL) {
1979 argp->flags &= ~(NFSMNT_DIRECTIO);
1980 }
1981
1982 /*
1983 * Set up security data for argp->nfs_ext_u.nfs_extB.secdata.
1984 */
1985 if (mfssnego.snego_done) {
1986 memcpy(&nfs_sec, &mfssnego.nfs_sec,
1987 sizeof (seconfig_t));
1988 } else if (!sec_opt) {
1989 /*
1990 * Get default security mode.
1991 */
1992 if (nfs_getseconfig_default(&nfs_sec)) {
1993 syslog(loglevel,
1994 "error getting default security entry\n");
1995 free_knconf(argp->knconf);
1996 netbuf_free(argp->addr);
1997 freenetconfigent(nconf);
1998 if (argp->hostname)
1999 free(argp->hostname);
2000 free(argp->fh);
2001 free(argp);
2002 head = prevhead;
2003 tail = prevtail;
2004 if (tail)
2005 tail->nfs_ext_u.nfs_extB.next = NULL;
2006 last_error = NFSERR_NOSPC;
2007 destroy_auth_client_handle(cl);
2008 skipentry = 1;
2009 mfs->mfs_ignore = 1;
2010 continue;
2011 }
2012 argp->flags |= NFSMNT_SECDEFAULT;
2013 }
2014
2015 /*
2016 * For AUTH_DH
2017 * get the network address for the time service on
2018 * the server. If an RPC based time service is
2019 * not available then try the IP time service.
2020 *
2021 * Eventurally, we want to move this code to nfs_clnt_secdata()
2022 * when autod_nfs.c and mount.c can share the same
2023 * get_the_addr/get_netconfig_info routine.
2024 */
2025 secflags = 0;
2026 syncaddr = NULL;
2027 retaddrs = NULL;
2028
2029 if (nfs_sec.sc_rpcnum == AUTH_DH || nfsvers == NFS_V4) {
2030 /*
2031 * If not using the public fh and not NFS_V4, we can try
2032 * talking RPCBIND. Otherwise, assume that firewalls
2033 * prevent us from doing that.
2034 */
2035 if ((mfs->mfs_flags & MFS_FH_VIA_WEBNFS) == 0 &&
2036 nfsvers != NFS_V4) {
2037 enum clnt_stat cstat;
2038 syncaddr = get_server_netinfo(SERVER_ADDR,
2039 host, RPCBPROG, RPCBVERS, NULL, &nconf,
2040 NULL, 0, NULL, NULL, FALSE, NULL, &cstat);
2041 }
2042
2043 if (syncaddr != NULL) {
2044 /* for flags in sec_data */
2045 secflags |= AUTH_F_RPCTIMESYNC;
2046 } else {
2047 struct nd_hostserv hs;
2048 int error;
2049
2050 hs.h_host = host;
2051 hs.h_serv = "timserver";
2052 error = netdir_getbyname(nconf, &hs, &retaddrs);
2053
2054 if (error != ND_OK &&
2055 nfs_sec.sc_rpcnum == AUTH_DH) {
2056 syslog(loglevel,
2057 "%s: secure: no time service\n",
2058 host);
2059 free_knconf(argp->knconf);
2060 netbuf_free(argp->addr);
2061 freenetconfigent(nconf);
2062 if (argp->hostname)
2063 free(argp->hostname);
2064 free(argp->fh);
2065 free(argp);
2066 head = prevhead;
2067 tail = prevtail;
2068 if (tail)
2069 tail->nfs_ext_u.nfs_extB.next =
2070 NULL;
2071 last_error = NFSERR_IO;
2072 destroy_auth_client_handle(cl);
2073 skipentry = 1;
2074 mfs->mfs_ignore = 1;
2075 continue;
2076 }
2077
2078 if (error == ND_OK)
2079 syncaddr = retaddrs->n_addrs;
2080
2081 /*
2082 * For potential usage by NFS V4 when AUTH_DH
2083 * is negotiated via SECINFO in the kernel.
2084 */
2085 if (nfsvers == NFS_V4 && syncaddr &&
2086 host2netname(netname, host, NULL)) {
2087 argp->syncaddr =
2088 malloc(sizeof (struct netbuf));
2089 argp->syncaddr->buf =
2090 malloc(syncaddr->len);
2091 (void) memcpy(argp->syncaddr->buf,
2092 syncaddr->buf, syncaddr->len);
2093 argp->syncaddr->len = syncaddr->len;
2094 argp->syncaddr->maxlen =
2095 syncaddr->maxlen;
2096 argp->netname = strdup(netname);
2097 argp->flags |= NFSMNT_SECURE;
2098 }
2099 } /* syncaddr */
2100 } /* AUTH_DH */
2101
2102 /*
2103 * TSOL notes: automountd in tsol extension
2104 * has "read down" capability, i.e. we allow
2105 * a user to trigger an nfs mount into a lower
2106 * labeled zone. We achieve this by always having
2107 * root issue the mount request so that the
2108 * lookup ops can go past /zone/<zone_name>
2109 * on the server side.
2110 */
2111 if (is_system_labeled())
2112 nfs_sec.sc_uid = (uid_t)0;
2113 else
2114 nfs_sec.sc_uid = uid;
2115 /*
2116 * If AUTH_DH is a chosen flavor now, its data will be stored
2117 * in the sec_data structure via nfs_clnt_secdata().
2118 */
2119 if (!(secdata = nfs_clnt_secdata(&nfs_sec, host, argp->knconf,
2120 syncaddr, secflags))) {
2121 syslog(LOG_ERR,
2122 "errors constructing security related data\n");
2123 if (secflags & AUTH_F_RPCTIMESYNC)
2124 netbuf_free(syncaddr);
2125 else if (retaddrs)
2126 netdir_free(retaddrs, ND_ADDRLIST);
2127 if (argp->syncaddr)
2128 netbuf_free(argp->syncaddr);
2129 if (argp->netname)
2130 free(argp->netname);
2131 if (argp->hostname)
2132 free(argp->hostname);
2133 free_knconf(argp->knconf);
2134 netbuf_free(argp->addr);
2135 freenetconfigent(nconf);
2136 free(argp->fh);
2137 free(argp);
2138 head = prevhead;
2139 tail = prevtail;
2140 if (tail)
2141 tail->nfs_ext_u.nfs_extB.next = NULL;
2142 last_error = NFSERR_IO;
2143 destroy_auth_client_handle(cl);
2144 skipentry = 1;
2145 mfs->mfs_ignore = 1;
2146 continue;
2147 }
2148 NFS_ARGS_EXTB_secdata(*argp, secdata);
2149 /* end of security stuff */
2150
2151 if (trace > 4)
2152 trace_prt(1,
2153 " nfsmount: have secure info for %s\n", remname);
2154
2155 if (hasmntopt(&m, MNTOPT_GRPID) != NULL) {
2156 argp->flags |= NFSMNT_GRPID;
2157 }
2158 if (nopt(&m, MNTOPT_RSIZE, &argp->rsize)) {
2159 argp->flags |= NFSMNT_RSIZE;
2160 }
2161 if (nopt(&m, MNTOPT_WSIZE, &argp->wsize)) {
2162 argp->flags |= NFSMNT_WSIZE;
2163 }
2164 if (nopt(&m, MNTOPT_TIMEO, &argp->timeo)) {
2165 argp->flags |= NFSMNT_TIMEO;
2166 }
2167 if (nopt(&m, MNTOPT_RETRANS, &argp->retrans)) {
2168 argp->flags |= NFSMNT_RETRANS;
2169 }
2170 if (nopt(&m, MNTOPT_ACTIMEO, &argp->acregmax)) {
2171 argp->flags |= NFSMNT_ACREGMAX;
2172 argp->flags |= NFSMNT_ACDIRMAX;
2173 argp->flags |= NFSMNT_ACDIRMIN;
2174 argp->flags |= NFSMNT_ACREGMIN;
2175 argp->acdirmin = argp->acregmin = argp->acdirmax
2176 = argp->acregmax;
2177 } else {
2178 if (nopt(&m, MNTOPT_ACREGMIN, &argp->acregmin)) {
2179 argp->flags |= NFSMNT_ACREGMIN;
2180 }
2181 if (nopt(&m, MNTOPT_ACREGMAX, &argp->acregmax)) {
2182 argp->flags |= NFSMNT_ACREGMAX;
2183 }
2184 if (nopt(&m, MNTOPT_ACDIRMIN, &argp->acdirmin)) {
2185 argp->flags |= NFSMNT_ACDIRMIN;
2186 }
2187 if (nopt(&m, MNTOPT_ACDIRMAX, &argp->acdirmax)) {
2188 argp->flags |= NFSMNT_ACDIRMAX;
2189 }
2190 }
2191
2192 if (posix) {
2193 argp->pathconf = NULL;
2194 if (error = get_pathconf(cl, dir, remname,
2195 &argp->pathconf, retries)) {
2196 if (secflags & AUTH_F_RPCTIMESYNC)
2197 netbuf_free(syncaddr);
2198 else if (retaddrs)
2199 netdir_free(retaddrs, ND_ADDRLIST);
2200 free_knconf(argp->knconf);
2201 netbuf_free(argp->addr);
2202 freenetconfigent(nconf);
2203 nfs_free_secdata(
2204 argp->nfs_ext_u.nfs_extB.secdata);
2205 if (argp->syncaddr)
2206 netbuf_free(argp->syncaddr);
2207 if (argp->netname)
2208 free(argp->netname);
2209 if (argp->hostname)
2210 free(argp->hostname);
2211 free(argp->fh);
2212 free(argp);
2213 head = prevhead;
2214 tail = prevtail;
2215 if (tail)
2216 tail->nfs_ext_u.nfs_extB.next = NULL;
2217 last_error = NFSERR_IO;
2218
2219 if (error == RET_RETRY && retries-- > 0) {
2220 destroy_auth_client_handle(cl);
2221 DELAY(delay);
2222 goto retry;
2223 }
2224
2225 destroy_auth_client_handle(cl);
2226 skipentry = 1;
2227 mfs->mfs_ignore = 1;
2228 continue;
2229 }
2230 argp->flags |= NFSMNT_POSIX;
2231 if (trace > 4)
2232 trace_prt(1,
2233 " nfsmount: have pathconf for %s\n",
2234 remname);
2235 }
2236
2237 /*
2238 * free loop-specific data structures
2239 */
2240 destroy_auth_client_handle(cl);
2241 freenetconfigent(nconf);
2242 if (secflags & AUTH_F_RPCTIMESYNC)
2243 netbuf_free(syncaddr);
2244 else if (retaddrs)
2245 netdir_free(retaddrs, ND_ADDRLIST);
2246
2247 /*
2248 * Decide whether to use remote host's lockd or local locking.
2249 * If we are using the public fh, we've already turned
2250 * LLOCK on.
2251 */
2252 if (hasmntopt(&m, MNTOPT_LLOCK))
2253 argp->flags |= NFSMNT_LLOCK;
2254 if (!(argp->flags & NFSMNT_LLOCK) && nfsvers == NFS_VERSION &&
2255 remote_lock(host, argp->fh)) {
2256 syslog(loglevel, "No network locking on %s : "
2257 "contact admin to install server change", host);
2258 argp->flags |= NFSMNT_LLOCK;
2259 }
2260
2261 /*
2262 * Build a string for /etc/mnttab.
2263 * If possible, coalesce strings with same 'dir' info.
2264 */
2265 if ((mfs->mfs_flags & MFS_URL) == 0) {
2266 char *tmp;
2267
2268 if (mnttabcnt) {
2269 p = strrchr(mnttabtext, (int)':');
2270 if (!p || strcmp(p+1, dir) != 0) {
2271 mnttabcnt += strlen(remname) + 2;
2272 } else {
2273 *p = '\0';
2274 mnttabcnt += strlen(rhost) + 2;
2275 }
2276 if ((tmp = realloc(mnttabtext,
2277 mnttabcnt)) != NULL) {
2278 mnttabtext = tmp;
2279 strcat(mnttabtext, ",");
2280 } else {
2281 free(mnttabtext);
2282 mnttabtext = NULL;
2283 }
2284 } else {
2285 mnttabcnt = strlen(remname) + 1;
2286 if ((mnttabtext = malloc(mnttabcnt)) != NULL)
2287 mnttabtext[0] = '\0';
2288 }
2289
2290 if (mnttabtext != NULL)
2291 strcat(mnttabtext, remname);
2292
2293 } else {
2294 char *tmp;
2295 int more_cnt = 0;
2296 char sport[16];
2297
2298 more_cnt += strlen("nfs://");
2299 more_cnt += strlen(mfs->mfs_host);
2300
2301 if (mfs->mfs_port != 0) {
2302 (void) sprintf(sport, ":%u", mfs->mfs_port);
2303 } else
2304 sport[0] = '\0';
2305
2306 more_cnt += strlen(sport);
2307 more_cnt += 1; /* "/" */
2308 more_cnt += strlen(mfs->mfs_dir);
2309
2310 if (mnttabcnt) {
2311 more_cnt += 1; /* "," */
2312 mnttabcnt += more_cnt;
2313
2314 if ((tmp = realloc(mnttabtext,
2315 mnttabcnt)) != NULL) {
2316 mnttabtext = tmp;
2317 strcat(mnttabtext, ",");
2318 } else {
2319 free(mnttabtext);
2320 mnttabtext = NULL;
2321 }
2322 } else {
2323 mnttabcnt = more_cnt + 1;
2324 if ((mnttabtext = malloc(mnttabcnt)) != NULL)
2325 mnttabtext[0] = '\0';
2326 }
2327
2328 if (mnttabtext != NULL) {
2329 strcat(mnttabtext, "nfs://");
2330 strcat(mnttabtext, mfs->mfs_host);
2331 strcat(mnttabtext, sport);
2332 strcat(mnttabtext, "/");
2333 strcat(mnttabtext, mfs->mfs_dir);
2334 }
2335 }
2336
2337 if (!mnttabtext) {
2338 syslog(LOG_ERR, "nfsmount: no memory");
2339 last_error = NFSERR_IO;
2340 goto out;
2341 }
2342
2343 /*
2344 * At least one entry, can call mount(2).
2345 */
2346 entries++;
2347
2348 /*
2349 * If replication was defeated, don't do more work
2350 */
2351 if (!replicated)
2352 break;
2353 }
2354
2355
2356 /*
2357 * Did we get through all possibilities without success?
2358 */
2359 if (!entries)
2360 goto out;
2361
2362 /* Make "xattr" the default if "noxattr" is not specified. */
2363 strcpy(mopts, opts);
2364 if (!hasmntopt(&m, MNTOPT_NOXATTR) && !hasmntopt(&m, MNTOPT_XATTR)) {
2365 if (strlen(mopts) > 0)
2366 strcat(mopts, ",");
2367 strcat(mopts, "xattr");
2368 }
2369
2370 /*
2371 * enable services as needed.
2372 */
2373 {
2374 char **sl;
2375
2376 if (strcmp(fstype, MNTTYPE_NFS4) == 0)
2377 sl = service_list_v4;
2378 else
2379 sl = service_list;
2380
2381 (void) _check_services(sl);
2382 }
2383
2384 /*
2385 * Whew; do the mount, at last.
2386 */
2387 if (trace > 1) {
2388 trace_prt(1, " mount %s %s (%s)\n", mnttabtext, mntpnt, mopts);
2389 }
2390
2391 /*
2392 * About to do a nfs mount, make sure the mount_to is set for
2393 * potential ephemeral mounts with NFSv4.
2394 */
2395 set_nfsv4_ephemeral_mount_to();
2396
2397 /*
2398 * If no action list pointer then do the mount, otherwise
2399 * build the actions list pointer with the mount information.
2400 * so the mount can be done in the kernel.
2401 */
2402 if (alp == NULL) {
2403 if (mount(mnttabtext, mntpnt, flags | MS_DATA, fstype,
2404 head, sizeof (*head), mopts, MAX_MNTOPT_STR) < 0) {
2405 if (trace > 1)
2406 trace_prt(1, " Mount of %s on %s: %d\n",
2407 mnttabtext, mntpnt, errno);
2408 if (errno != EBUSY || verbose)
2409 syslog(LOG_ERR,
2410 "Mount of %s on %s: %m", mnttabtext, mntpnt);
2411 last_error = NFSERR_IO;
2412 goto out;
2413 }
2414
2415 last_error = NFS_OK;
2416 if (stat(mntpnt, &stbuf) == 0) {
2417 if (trace > 1) {
2418 trace_prt(1, " mount %s dev=%x rdev=%x OK\n",
2419 mnttabtext, stbuf.st_dev, stbuf.st_rdev);
2420 }
2421 } else {
2422 if (trace > 1) {
2423 trace_prt(1, " mount %s OK\n", mnttabtext);
2424 trace_prt(1, " stat of %s failed\n", mntpnt);
2425 }
2426
2427 }
2428 } else {
2429 alp->action.action = AUTOFS_MOUNT_RQ;
2430 alp->action.action_list_entry_u.mounta.spec =
2431 strdup(mnttabtext);
2432 alp->action.action_list_entry_u.mounta.dir = strdup(mntpnt);
2433 alp->action.action_list_entry_u.mounta.flags =
2434 flags | MS_DATA;
2435 alp->action.action_list_entry_u.mounta.fstype =
2436 strdup(fstype);
2437 alp->action.action_list_entry_u.mounta.dataptr = (char *)head;
2438 alp->action.action_list_entry_u.mounta.datalen =
2439 sizeof (*head);
2440 mntopts = malloc(strlen(mopts) + 1);
2441 strcpy(mntopts, mopts);
2442 mntopts[strlen(mopts)] = '\0';
2443 alp->action.action_list_entry_u.mounta.optptr = mntopts;
2444 alp->action.action_list_entry_u.mounta.optlen =
2445 strlen(mntopts) + 1;
2446 last_error = NFS_OK;
2447 goto ret;
2448 }
2449
2450 out:
2451 argp = head;
2452 while (argp) {
2453 if (argp->pathconf)
2454 free(argp->pathconf);
2455 free_knconf(argp->knconf);
2456 netbuf_free(argp->addr);
2457 if (argp->syncaddr)
2458 netbuf_free(argp->syncaddr);
2459 if (argp->netname) {
2460 free(argp->netname);
2461 }
2462 if (argp->hostname)
2463 free(argp->hostname);
2464 nfs_free_secdata(argp->nfs_ext_u.nfs_extB.secdata);
2465 free(argp->fh);
2466 head = argp;
2467 argp = argp->nfs_ext_u.nfs_extB.next;
2468 free(head);
2469 }
2470 ret:
2471 if (nfs_proto)
2472 free(nfs_proto);
2473 if (mnttabtext)
2474 free(mnttabtext);
2475
2476 for (mfs = mfs_in; mfs; mfs = mfs->mfs_next) {
2477
2478 if (mfs->mfs_flags & MFS_ALLOC_DIR) {
2479 free(mfs->mfs_dir);
2480 mfs->mfs_dir = NULL;
2481 mfs->mfs_flags &= ~MFS_ALLOC_DIR;
2482 }
2483
2484 if (mfs->mfs_args != NULL && alp == NULL) {
2485 free(mfs->mfs_args);
2486 mfs->mfs_args = NULL;
2487 }
2488
2489 if (mfs->mfs_nconf != NULL) {
2490 freenetconfigent(mfs->mfs_nconf);
2491 mfs->mfs_nconf = NULL;
2492 }
2493 }
2494
2495 return (last_error);
2496 }
2497
2498 /*
2499 * get_pathconf(cl, path, fsname, pcnf, cretries)
2500 * ugliness that requires that ppathcnf and pathcnf stay consistent
2501 * cretries is a copy of retries used to determine when to syslog
2502 * on retry situations.
2503 */
2504 static int
get_pathconf(CLIENT * cl,char * path,char * fsname,struct pathcnf ** pcnf,int cretries)2505 get_pathconf(CLIENT *cl, char *path, char *fsname, struct pathcnf **pcnf,
2506 int cretries)
2507 {
2508 struct ppathcnf *p = NULL;
2509 enum clnt_stat rpc_stat;
2510 struct timeval timeout;
2511
2512 p = (struct ppathcnf *)malloc(sizeof (struct ppathcnf));
2513 if (p == NULL) {
2514 syslog(LOG_ERR, "get_pathconf: Out of memory");
2515 return (RET_ERR);
2516 }
2517 memset((caddr_t)p, 0, sizeof (struct ppathcnf));
2518
2519 timeout.tv_sec = 10;
2520 timeout.tv_usec = 0;
2521 rpc_stat = clnt_call(cl, MOUNTPROC_PATHCONF,
2522 xdr_dirpath, (caddr_t)&path, xdr_ppathcnf, (caddr_t)p, timeout);
2523 if (rpc_stat != RPC_SUCCESS) {
2524 if (cretries-- <= 0) {
2525 syslog(LOG_ERR,
2526 "get_pathconf: %s: server not responding: %s",
2527 fsname, clnt_sperror(cl, ""));
2528 }
2529 free(p);
2530 return (RET_RETRY);
2531 }
2532 if (_PC_ISSET(_PC_ERROR, p->pc_mask)) {
2533 syslog(LOG_ERR, "get_pathconf: no info for %s", fsname);
2534 free(p);
2535 return (RET_ERR);
2536 }
2537 *pcnf = (struct pathcnf *)p;
2538 return (RET_OK);
2539 }
2540
2541 void
netbuf_free(nb)2542 netbuf_free(nb)
2543 struct netbuf *nb;
2544 {
2545 if (nb == NULL)
2546 return;
2547 if (nb->buf)
2548 free(nb->buf);
2549 free(nb);
2550 }
2551
2552 #define SMALL_HOSTNAME 20
2553 #define SMALL_PROTONAME 10
2554 #define SMALL_PROTOFMLYNAME 10
2555
2556 struct portmap_cache {
2557 int cache_prog;
2558 int cache_vers;
2559 time_t cache_time;
2560 char cache_small_hosts[SMALL_HOSTNAME + 1];
2561 char *cache_hostname;
2562 char *cache_proto;
2563 char *cache_protofmly;
2564 char cache_small_protofmly[SMALL_PROTOFMLYNAME + 1];
2565 char cache_small_proto[SMALL_PROTONAME + 1];
2566 struct netbuf cache_srv_addr;
2567 struct portmap_cache *cache_prev, *cache_next;
2568 };
2569
2570 rwlock_t portmap_cache_lock;
2571 static int portmap_cache_valid_time = 30;
2572 struct portmap_cache *portmap_cache_head, *portmap_cache_tail;
2573
2574 #ifdef MALLOC_DEBUG
2575 void
portmap_cache_flush()2576 portmap_cache_flush()
2577 {
2578 struct portmap_cache *next = NULL, *cp;
2579
2580 (void) rw_wrlock(&portmap_cache_lock);
2581 for (cp = portmap_cache_head; cp; cp = cp->cache_next) {
2582 if (cp->cache_hostname != NULL &&
2583 cp->cache_hostname !=
2584 cp->cache_small_hosts)
2585 free(cp->cache_hostname);
2586 if (cp->cache_proto != NULL &&
2587 cp->cache_proto !=
2588 cp->cache_small_proto)
2589 free(cp->cache_proto);
2590 if (cp->cache_srv_addr.buf != NULL)
2591 free(cp->cache_srv_addr.buf);
2592 next = cp->cache_next;
2593 free(cp);
2594 }
2595 portmap_cache_head = NULL;
2596 portmap_cache_tail = NULL;
2597 (void) rw_unlock(&portmap_cache_lock);
2598 }
2599 #endif
2600
2601 /*
2602 * Returns 1 if the entry is found in the cache, 0 otherwise.
2603 */
2604 static int
portmap_cache_lookup(hostname,prog,vers,nconf,addrp)2605 portmap_cache_lookup(hostname, prog, vers, nconf, addrp)
2606 char *hostname;
2607 rpcprog_t prog;
2608 rpcvers_t vers;
2609 struct netconfig *nconf;
2610 struct netbuf *addrp;
2611 {
2612 struct portmap_cache *cachep, *prev, *next = NULL, *cp;
2613 int retval = 0;
2614
2615 timenow = time(NULL);
2616
2617 (void) rw_rdlock(&portmap_cache_lock);
2618
2619 /*
2620 * Increment the portmap cache counters for # accesses and lookups
2621 * Use a smaller factor (100 vs 1000 for the host cache) since
2622 * initial analysis shows this cache is looked up 10% that of the
2623 * host cache.
2624 */
2625 #ifdef CACHE_DEBUG
2626 portmap_cache_accesses++;
2627 portmap_cache_lookups++;
2628 if ((portmap_cache_lookups%100) == 0)
2629 trace_portmap_cache();
2630 #endif /* CACHE_DEBUG */
2631
2632 for (cachep = portmap_cache_head; cachep;
2633 cachep = cachep->cache_next) {
2634 if (timenow > cachep->cache_time) {
2635 /*
2636 * We stumbled across an entry in the cache which
2637 * has timed out. Free up all the entries that
2638 * were added before it, which will positionally
2639 * be after this entry. And adjust neighboring
2640 * pointers.
2641 * When we drop the lock and re-acquire it, we
2642 * need to start from the beginning.
2643 */
2644 (void) rw_unlock(&portmap_cache_lock);
2645 (void) rw_wrlock(&portmap_cache_lock);
2646 for (cp = portmap_cache_head;
2647 cp && (cp->cache_time >= timenow);
2648 cp = cp->cache_next)
2649 ;
2650 if (cp == NULL)
2651 goto done;
2652 /*
2653 * Adjust the link of the predecessor.
2654 * Make the tail point to the new last entry.
2655 */
2656 prev = cp->cache_prev;
2657 if (prev == NULL) {
2658 portmap_cache_head = NULL;
2659 portmap_cache_tail = NULL;
2660 } else {
2661 prev->cache_next = NULL;
2662 portmap_cache_tail = prev;
2663 }
2664 for (; cp; cp = next) {
2665 if (cp->cache_hostname != NULL &&
2666 cp->cache_hostname !=
2667 cp->cache_small_hosts)
2668 free(cp->cache_hostname);
2669 if (cp->cache_proto != NULL &&
2670 cp->cache_proto !=
2671 cp->cache_small_proto)
2672 free(cp->cache_proto);
2673 if (cp->cache_srv_addr.buf != NULL)
2674 free(cp->cache_srv_addr.buf);
2675 next = cp->cache_next;
2676 free(cp);
2677 }
2678 goto done;
2679 }
2680 if (cachep->cache_hostname == NULL ||
2681 prog != cachep->cache_prog || vers != cachep->cache_vers ||
2682 strcmp(nconf->nc_proto, cachep->cache_proto) != 0 ||
2683 strcmp(nconf->nc_protofmly, cachep->cache_protofmly) != 0 ||
2684 strcmp(hostname, cachep->cache_hostname) != 0)
2685 continue;
2686 /*
2687 * Cache Hit.
2688 */
2689 #ifdef CACHE_DEBUG
2690 portmap_cache_hits++; /* up portmap cache hit counter */
2691 #endif /* CACHE_DEBUG */
2692 addrp->len = cachep->cache_srv_addr.len;
2693 memcpy(addrp->buf, cachep->cache_srv_addr.buf, addrp->len);
2694 retval = 1;
2695 break;
2696 }
2697 done:
2698 (void) rw_unlock(&portmap_cache_lock);
2699 return (retval);
2700 }
2701
2702 static void
portmap_cache_enter(hostname,prog,vers,nconf,addrp)2703 portmap_cache_enter(hostname, prog, vers, nconf, addrp)
2704 char *hostname;
2705 rpcprog_t prog;
2706 rpcvers_t vers;
2707 struct netconfig *nconf;
2708 struct netbuf *addrp;
2709 {
2710 struct portmap_cache *cachep;
2711 int protofmlylen;
2712 int protolen, hostnamelen;
2713
2714 timenow = time(NULL);
2715
2716 cachep = malloc(sizeof (struct portmap_cache));
2717 if (cachep == NULL)
2718 return;
2719 memset((char *)cachep, 0, sizeof (*cachep));
2720
2721 hostnamelen = strlen(hostname);
2722 if (hostnamelen <= SMALL_HOSTNAME)
2723 cachep->cache_hostname = cachep->cache_small_hosts;
2724 else {
2725 cachep->cache_hostname = malloc(hostnamelen + 1);
2726 if (cachep->cache_hostname == NULL)
2727 goto nomem;
2728 }
2729 strcpy(cachep->cache_hostname, hostname);
2730 protolen = strlen(nconf->nc_proto);
2731 if (protolen <= SMALL_PROTONAME)
2732 cachep->cache_proto = cachep->cache_small_proto;
2733 else {
2734 cachep->cache_proto = malloc(protolen + 1);
2735 if (cachep->cache_proto == NULL)
2736 goto nomem;
2737 }
2738 protofmlylen = strlen(nconf->nc_protofmly);
2739 if (protofmlylen <= SMALL_PROTOFMLYNAME)
2740 cachep->cache_protofmly = cachep->cache_small_protofmly;
2741 else {
2742 cachep->cache_protofmly = malloc(protofmlylen + 1);
2743 if (cachep->cache_protofmly == NULL)
2744 goto nomem;
2745 }
2746
2747 strcpy(cachep->cache_proto, nconf->nc_proto);
2748 cachep->cache_prog = prog;
2749 cachep->cache_vers = vers;
2750 cachep->cache_time = timenow + portmap_cache_valid_time;
2751 cachep->cache_srv_addr.len = addrp->len;
2752 cachep->cache_srv_addr.buf = malloc(addrp->len);
2753 if (cachep->cache_srv_addr.buf == NULL)
2754 goto nomem;
2755 memcpy(cachep->cache_srv_addr.buf, addrp->buf, addrp->maxlen);
2756 cachep->cache_prev = NULL;
2757 (void) rw_wrlock(&portmap_cache_lock);
2758 /*
2759 * There's a window in which we could have multiple threads making
2760 * the same cache entry. This can be avoided by walking the cache
2761 * once again here to check and see if there are duplicate entries
2762 * (after grabbing the write lock). This isn't fatal and I'm not
2763 * going to bother with this.
2764 */
2765 #ifdef CACHE_DEBUG
2766 portmap_cache_accesses++; /* up portmap cache access counter */
2767 #endif /* CACHE_DEBUG */
2768 cachep->cache_next = portmap_cache_head;
2769 if (portmap_cache_head != NULL)
2770 portmap_cache_head->cache_prev = cachep;
2771 portmap_cache_head = cachep;
2772 (void) rw_unlock(&portmap_cache_lock);
2773 return;
2774
2775 nomem:
2776 syslog(LOG_ERR, "portmap_cache_enter: Memory allocation failed");
2777 if (cachep->cache_srv_addr.buf)
2778 free(cachep->cache_srv_addr.buf);
2779 if (cachep->cache_proto && protolen > SMALL_PROTONAME)
2780 free(cachep->cache_proto);
2781 if (cachep->cache_hostname && hostnamelen > SMALL_HOSTNAME)
2782 free(cachep->cache_hostname);
2783 if (cachep->cache_protofmly && protofmlylen > SMALL_PROTOFMLYNAME)
2784 free(cachep->cache_protofmly);
2785 if (cachep)
2786 free(cachep);
2787 cachep = NULL;
2788 }
2789
2790 static int
get_cached_srv_addr(char * hostname,rpcprog_t prog,rpcvers_t vers,struct netconfig * nconf,struct netbuf * addrp)2791 get_cached_srv_addr(char *hostname, rpcprog_t prog, rpcvers_t vers,
2792 struct netconfig *nconf, struct netbuf *addrp)
2793 {
2794 if (portmap_cache_lookup(hostname, prog, vers, nconf, addrp))
2795 return (1);
2796 if (rpcb_getaddr(prog, vers, nconf, addrp, hostname) == 0)
2797 return (0);
2798 portmap_cache_enter(hostname, prog, vers, nconf, addrp);
2799 return (1);
2800 }
2801
2802 /*
2803 * Get a network address on "hostname" for program "prog"
2804 * with version "vers". If the port number is specified (non zero)
2805 * then try for a TCP/UDP transport and set the port number of the
2806 * resulting IP address.
2807 *
2808 * If the address of a netconfig pointer was passed and
2809 * if it's not null, use it as the netconfig otherwise
2810 * assign the address of the netconfig that was used to
2811 * establish contact with the service.
2812 *
2813 * tinfo argument is for matching the get_addr() defined in
2814 * ../nfs/mount/mount.c
2815 */
2816
2817 static struct netbuf *
get_addr(char * hostname,rpcprog_t prog,rpcvers_t vers,struct netconfig ** nconfp,char * proto,ushort_t port,struct t_info * tinfo)2818 get_addr(char *hostname, rpcprog_t prog, rpcvers_t vers,
2819 struct netconfig **nconfp, char *proto, ushort_t port,
2820 struct t_info *tinfo)
2821
2822 {
2823 enum clnt_stat cstat;
2824
2825 return (get_server_netinfo(SERVER_ADDR, hostname, prog, vers, NULL,
2826 nconfp, proto, port, tinfo, NULL, FALSE, NULL, &cstat));
2827 }
2828
2829 static struct netbuf *
get_pubfh(char * hostname,rpcvers_t vers,mfs_snego_t * mfssnego,struct netconfig ** nconfp,char * proto,ushort_t port,struct t_info * tinfo,caddr_t * fhp,bool_t get_pubfh,char * fspath)2830 get_pubfh(char *hostname, rpcvers_t vers, mfs_snego_t *mfssnego,
2831 struct netconfig **nconfp, char *proto, ushort_t port,
2832 struct t_info *tinfo, caddr_t *fhp, bool_t get_pubfh, char *fspath)
2833 {
2834 enum clnt_stat cstat;
2835
2836 return (get_server_netinfo(SERVER_FH, hostname, NFS_PROGRAM, vers,
2837 mfssnego, nconfp, proto, port, tinfo, fhp, get_pubfh, fspath,
2838 &cstat));
2839 }
2840
2841 static enum clnt_stat
get_ping(char * hostname,rpcprog_t prog,rpcvers_t vers,struct netconfig ** nconfp,ushort_t port,bool_t direct_to_server)2842 get_ping(char *hostname, rpcprog_t prog, rpcvers_t vers,
2843 struct netconfig **nconfp, ushort_t port, bool_t direct_to_server)
2844 {
2845 enum clnt_stat cstat;
2846
2847 (void) get_server_netinfo(SERVER_PING, hostname, prog,
2848 vers, NULL, nconfp, NULL, port, NULL, NULL,
2849 direct_to_server, NULL, &cstat);
2850
2851 return (cstat);
2852 }
2853
2854 void *
get_server_netinfo(enum type_of_stuff type_of_stuff,char * hostname,rpcprog_t prog,rpcvers_t vers,mfs_snego_t * mfssnego,struct netconfig ** nconfp,char * proto,ushort_t port,struct t_info * tinfo,caddr_t * fhp,bool_t direct_to_server,char * fspath,enum clnt_stat * cstatp)2855 get_server_netinfo(
2856 enum type_of_stuff type_of_stuff,
2857 char *hostname,
2858 rpcprog_t prog,
2859 rpcvers_t vers,
2860 mfs_snego_t *mfssnego,
2861 struct netconfig **nconfp,
2862 char *proto,
2863 ushort_t port, /* may be zero */
2864 struct t_info *tinfo,
2865 caddr_t *fhp,
2866 bool_t direct_to_server,
2867 char *fspath,
2868 enum clnt_stat *cstatp)
2869 {
2870 struct netbuf *nb = NULL;
2871 struct netconfig *nconf = NULL;
2872 NCONF_HANDLE *nc = NULL;
2873 int error = 0;
2874 int fd = 0;
2875 struct t_bind *tbind = NULL;
2876 int nthtry = FIRST_TRY;
2877
2878 if (nconfp && *nconfp) {
2879 return (get_netconfig_info(type_of_stuff, hostname,
2880 prog, vers, nconf, port, tinfo, tbind, fhp,
2881 direct_to_server, fspath, cstatp, mfssnego));
2882 }
2883
2884 /*
2885 * No nconf passed in.
2886 *
2887 * Try to get a nconf from /etc/netconfig.
2888 * First choice is COTS, second is CLTS unless proto
2889 * is specified. When we retry, we reset the
2890 * netconfig list, so that we search the whole list
2891 * for the next choice.
2892 */
2893 if ((nc = setnetpath()) == NULL)
2894 goto done;
2895
2896 /*
2897 * If proto is specified, then only search for the match,
2898 * otherwise try COTS first, if failed, then try CLTS.
2899 */
2900 if (proto) {
2901 while ((nconf = getnetpath(nc)) != NULL) {
2902 if (strcmp(nconf->nc_proto, proto))
2903 continue;
2904 /*
2905 * If the port number is specified then TCP/UDP
2906 * is needed. Otherwise any cots/clts will do.
2907 */
2908 if (port) {
2909 if ((strcmp(nconf->nc_protofmly, NC_INET) &&
2910 strcmp(nconf->nc_protofmly, NC_INET6)) ||
2911 (strcmp(nconf->nc_proto, NC_TCP) &&
2912 strcmp(nconf->nc_proto, NC_UDP)))
2913 continue;
2914 }
2915 nb = get_netconfig_info(type_of_stuff, hostname,
2916 prog, vers, nconf, port, tinfo, tbind, fhp,
2917 direct_to_server, fspath, cstatp, mfssnego);
2918 if (*cstatp == RPC_SUCCESS)
2919 break;
2920
2921 assert(nb == NULL);
2922
2923 }
2924 if (nconf == NULL)
2925 goto done;
2926 } else {
2927 retry:
2928 while ((nconf = getnetpath(nc)) != NULL) {
2929 if (nconf->nc_flag & NC_VISIBLE) {
2930 if (nthtry == FIRST_TRY) {
2931 if ((nconf->nc_semantics ==
2932 NC_TPI_COTS_ORD) ||
2933 (nconf->nc_semantics ==
2934 NC_TPI_COTS)) {
2935 if (port == 0)
2936 break;
2937 if ((strcmp(nconf->nc_protofmly,
2938 NC_INET) == 0 ||
2939 strcmp(nconf->nc_protofmly,
2940 NC_INET6) == 0) &&
2941 (strcmp(nconf->nc_proto,
2942 NC_TCP) == 0))
2943 break;
2944 }
2945 }
2946 if (nthtry == SECOND_TRY) {
2947 if (nconf->nc_semantics ==
2948 NC_TPI_CLTS) {
2949 if (port == 0)
2950 break;
2951 if ((strcmp(nconf->nc_protofmly,
2952 NC_INET) == 0 ||
2953 strcmp(nconf->nc_protofmly,
2954 NC_INET6) == 0) &&
2955 (strcmp(nconf->nc_proto,
2956 NC_UDP) == 0))
2957 break;
2958 }
2959 }
2960 }
2961 }
2962
2963 if (nconf == NULL) {
2964 if (++nthtry <= MNT_PREF_LISTLEN) {
2965 endnetpath(nc);
2966 if ((nc = setnetpath()) == NULL)
2967 goto done;
2968 goto retry;
2969 } else
2970 goto done;
2971 } else {
2972 nb = get_netconfig_info(type_of_stuff, hostname,
2973 prog, vers, nconf, port, tinfo, tbind, fhp,
2974 direct_to_server, fspath, cstatp, mfssnego);
2975 if (*cstatp != RPC_SUCCESS)
2976 /*
2977 * Continue the same search path in the
2978 * netconfig db until no more matched nconf
2979 * (nconf == NULL).
2980 */
2981 goto retry;
2982 }
2983 }
2984
2985 /*
2986 * Got nconf and nb. Now dup the netconfig structure (nconf)
2987 * and return it thru nconfp.
2988 */
2989 if (nconf != NULL) {
2990 if ((*nconfp = getnetconfigent(nconf->nc_netid)) == NULL) {
2991 syslog(LOG_ERR, "no memory\n");
2992 free(nb);
2993 nb = NULL;
2994 }
2995 } else {
2996 *nconfp = NULL;
2997 }
2998 done:
2999 if (nc)
3000 endnetpath(nc);
3001 return (nb);
3002 }
3003
3004 void *
get_server_fh(char * hostname,rpcprog_t prog,rpcvers_t vers,mfs_snego_t * mfssnego,struct netconfig * nconf,ushort_t port,struct t_info * tinfo,struct t_bind * tbind,caddr_t * fhp,bool_t direct_to_server,char * fspath,enum clnt_stat * cstat)3005 get_server_fh(char *hostname, rpcprog_t prog, rpcvers_t vers,
3006 mfs_snego_t *mfssnego, struct netconfig *nconf, ushort_t port,
3007 struct t_info *tinfo, struct t_bind *tbind, caddr_t *fhp,
3008 bool_t direct_to_server, char *fspath, enum clnt_stat *cstat)
3009 {
3010 AUTH *ah = NULL;
3011 AUTH *new_ah = NULL;
3012 struct snego_t snego;
3013 enum clnt_stat cs = RPC_TIMEDOUT;
3014 struct timeval tv;
3015 bool_t file_handle = 1;
3016 enum snego_stat sec;
3017 CLIENT *cl = NULL;
3018 int fd = -1;
3019 struct netbuf *nb = NULL;
3020
3021 if (direct_to_server != TRUE)
3022 return (NULL);
3023
3024 if (prog == NFS_PROGRAM && vers == NFS_V4)
3025 if (strncasecmp(nconf->nc_proto, NC_UDP, strlen(NC_UDP)) == 0)
3026 goto done;
3027
3028 if ((fd = t_open(nconf->nc_device, O_RDWR, tinfo)) < 0)
3029 goto done;
3030
3031 /* LINTED pointer alignment */
3032 if ((tbind = (struct t_bind *)t_alloc(fd, T_BIND, T_ADDR)) == NULL)
3033 goto done;
3034
3035 if (setup_nb_parms(nconf, tbind, tinfo, hostname, fd,
3036 direct_to_server, port, prog, vers, file_handle) < 0) {
3037 goto done;
3038 }
3039
3040 cl = clnt_tli_create(fd, nconf, &tbind->addr, prog, vers, 0, 0);
3041 if (cl == NULL)
3042 goto done;
3043
3044 ah = authsys_create_default();
3045 if (ah != NULL) {
3046 #ifdef MALLOC_DEBUG
3047 drop_alloc("AUTH_HANDLE", cl->cl_auth,
3048 __FILE__, __LINE__);
3049 #endif
3050 AUTH_DESTROY(cl->cl_auth);
3051 cl->cl_auth = ah;
3052 #ifdef MALLOC_DEBUG
3053 add_alloc("AUTH_HANDLE", cl->cl_auth, 0,
3054 __FILE__, __LINE__);
3055 #endif
3056 }
3057
3058 if (!mfssnego->snego_done && vers != NFS_V4) {
3059 /*
3060 * negotiate sec flavor.
3061 */
3062 snego.cnt = 0;
3063 if ((sec = nfs_sec_nego(vers, cl, fspath, &snego)) ==
3064 SNEGO_SUCCESS) {
3065 int jj;
3066
3067 /*
3068 * check if server supports the one
3069 * specified in the sec= option.
3070 */
3071 if (mfssnego->sec_opt) {
3072 for (jj = 0; jj < snego.cnt; jj++) {
3073 if (snego.array[jj] ==
3074 mfssnego->nfs_sec.sc_nfsnum) {
3075 mfssnego->snego_done = TRUE;
3076 break;
3077 }
3078 }
3079 }
3080
3081 /*
3082 * find a common sec flavor
3083 */
3084 if (!mfssnego->snego_done) {
3085 for (jj = 0; jj < snego.cnt; jj++) {
3086 if (!nfs_getseconfig_bynumber(
3087 snego.array[jj],
3088 &mfssnego->nfs_sec)) {
3089 mfssnego->snego_done = TRUE;
3090 break;
3091 }
3092 }
3093 }
3094 if (!mfssnego->snego_done)
3095 goto done;
3096 /*
3097 * Now that the flavor has been
3098 * negotiated, get the fh.
3099 *
3100 * First, create an auth handle using the negotiated
3101 * sec flavor in the next lookup to
3102 * fetch the filehandle.
3103 */
3104 new_ah = nfs_create_ah(cl, hostname,
3105 &mfssnego->nfs_sec);
3106 if (new_ah == NULL)
3107 goto done;
3108 #ifdef MALLOC_DEBUG
3109 drop_alloc("AUTH_HANDLE", cl->cl_auth,
3110 __FILE__, __LINE__);
3111 #endif
3112 AUTH_DESTROY(cl->cl_auth);
3113 cl->cl_auth = new_ah;
3114 #ifdef MALLOC_DEBUG
3115 add_alloc("AUTH_HANDLE", cl->cl_auth, 0,
3116 __FILE__, __LINE__);
3117 #endif
3118 } else if (sec == SNEGO_ARRAY_TOO_SMALL ||
3119 sec == SNEGO_FAILURE) {
3120 goto done;
3121 }
3122 }
3123
3124 switch (vers) {
3125 case NFS_VERSION:
3126 {
3127 wnl_diropargs arg;
3128 wnl_diropres res;
3129
3130 memset((char *)&arg.dir, 0, sizeof (wnl_fh));
3131 memset((char *)&res, 0, sizeof (wnl_diropres));
3132 arg.name = fspath;
3133 if (wnlproc_lookup_2(&arg, &res, cl) !=
3134 RPC_SUCCESS || res.status != WNL_OK)
3135 goto done;
3136 *fhp = malloc(sizeof (wnl_fh));
3137
3138 if (*fhp == NULL) {
3139 syslog(LOG_ERR, "no memory\n");
3140 goto done;
3141 }
3142
3143 memcpy((char *)*fhp,
3144 (char *)&res.wnl_diropres_u.wnl_diropres.file,
3145 sizeof (wnl_fh));
3146 cs = RPC_SUCCESS;
3147 }
3148 break;
3149 case NFS_V3:
3150 {
3151 WNL_LOOKUP3args arg;
3152 WNL_LOOKUP3res res;
3153 nfs_fh3 *fh3p;
3154
3155 memset((char *)&arg.what.dir, 0, sizeof (wnl_fh3));
3156 memset((char *)&res, 0, sizeof (WNL_LOOKUP3res));
3157 arg.what.name = fspath;
3158 if (wnlproc3_lookup_3(&arg, &res, cl) !=
3159 RPC_SUCCESS || res.status != WNL3_OK)
3160 goto done;
3161
3162 fh3p = (nfs_fh3 *)malloc(sizeof (*fh3p));
3163
3164 if (fh3p == NULL) {
3165 syslog(LOG_ERR, "no memory\n");
3166 goto done;
3167 }
3168
3169 fh3p->fh3_length =
3170 res.WNL_LOOKUP3res_u.res_ok.object.data.data_len;
3171 memcpy(fh3p->fh3_u.data,
3172 res.WNL_LOOKUP3res_u.res_ok.object.data.data_val,
3173 fh3p->fh3_length);
3174
3175 *fhp = (caddr_t)fh3p;
3176
3177 cs = RPC_SUCCESS;
3178 }
3179 break;
3180 case NFS_V4:
3181 tv.tv_sec = 10;
3182 tv.tv_usec = 0;
3183 cs = clnt_call(cl, NULLPROC, xdr_void, 0,
3184 xdr_void, 0, tv);
3185 if (cs != RPC_SUCCESS)
3186 goto done;
3187
3188 *fhp = strdup(fspath);
3189 if (fhp == NULL) {
3190 cs = RPC_SYSTEMERROR;
3191 goto done;
3192 }
3193 break;
3194 }
3195 nb = (struct netbuf *)malloc(sizeof (struct netbuf));
3196 if (nb == NULL) {
3197 syslog(LOG_ERR, "no memory\n");
3198 cs = RPC_SYSTEMERROR;
3199 goto done;
3200 }
3201 nb->buf = (char *)malloc(tbind->addr.maxlen);
3202 if (nb->buf == NULL) {
3203 syslog(LOG_ERR, "no memory\n");
3204 free(nb);
3205 nb = NULL;
3206 cs = RPC_SYSTEMERROR;
3207 goto done;
3208 }
3209 (void) memcpy(nb->buf, tbind->addr.buf, tbind->addr.len);
3210 nb->len = tbind->addr.len;
3211 nb->maxlen = tbind->addr.maxlen;
3212 done:
3213 if (cstat != NULL)
3214 *cstat = cs;
3215 destroy_auth_client_handle(cl);
3216 cleanup_tli_parms(tbind, fd);
3217 return (nb);
3218 }
3219
3220 /*
3221 * Sends a null call to the remote host's (NFS program, versp). versp
3222 * may be "NULL" in which case the default maximum version is used.
3223 * Upon return, versp contains the maximum version supported iff versp!= NULL.
3224 */
3225 enum clnt_stat
pingnfs(char * hostpart,int attempts,rpcvers_t * versp,rpcvers_t versmin,ushort_t port,bool_t usepub,char * path,char * proto)3226 pingnfs(
3227 char *hostpart,
3228 int attempts,
3229 rpcvers_t *versp,
3230 rpcvers_t versmin,
3231 ushort_t port, /* may be zero */
3232 bool_t usepub,
3233 char *path,
3234 char *proto)
3235 {
3236 CLIENT *cl = NULL;
3237 struct timeval rpc_to_new = {15, 0};
3238 static struct timeval rpc_rtrans_new = {-1, -1};
3239 enum clnt_stat clnt_stat;
3240 int i, j;
3241 rpcvers_t versmax; /* maximum version to try against server */
3242 rpcvers_t outvers; /* version supported by host on last call */
3243 rpcvers_t vers_to_try; /* to try different versions against host */
3244 char *hostname;
3245 struct netconfig *nconf;
3246
3247 hostname = strdup(hostpart);
3248 if (hostname == NULL) {
3249 return (RPC_SYSTEMERROR);
3250 }
3251 unbracket(&hostname);
3252
3253 if (path != NULL && strcmp(hostname, "nfs") == 0 &&
3254 strncmp(path, "//", 2) == 0) {
3255 char *sport;
3256
3257 hostname = strdup(path+2);
3258
3259 if (hostname == NULL)
3260 return (RPC_SYSTEMERROR);
3261
3262 path = strchr(hostname, '/');
3263
3264 /*
3265 * This cannot happen. If it does, give up
3266 * on the ping as this is obviously a corrupt
3267 * entry.
3268 */
3269 if (path == NULL) {
3270 free(hostname);
3271 return (RPC_SUCCESS);
3272 }
3273
3274 /*
3275 * Probable end point of host string.
3276 */
3277 *path = '\0';
3278
3279 sport = strchr(hostname, ':');
3280
3281 if (sport != NULL && sport < path) {
3282
3283 /*
3284 * Actual end point of host string.
3285 */
3286 *sport = '\0';
3287 port = htons((ushort_t)atoi(sport+1));
3288 }
3289
3290 usepub = TRUE;
3291 }
3292
3293 /* Pick up the default versions and then set them appropriately */
3294 if (versp) {
3295 versmax = *versp;
3296 /* use versmin passed in */
3297 } else {
3298 read_default_nfs();
3299 set_versrange(0, &versmax, &versmin);
3300 }
3301
3302 if (proto &&
3303 strncasecmp(proto, NC_UDP, strlen(NC_UDP)) == 0 &&
3304 versmax == NFS_V4) {
3305 if (versmin == NFS_V4) {
3306 if (versp) {
3307 *versp = versmax - 1;
3308 return (RPC_SUCCESS);
3309 }
3310 return (RPC_PROGUNAVAIL);
3311 } else {
3312 versmax--;
3313 }
3314 }
3315
3316 if (versp)
3317 *versp = versmax;
3318
3319 switch (cache_check(hostname, versp, proto)) {
3320 case GOODHOST:
3321 if (hostname != hostpart)
3322 free(hostname);
3323 return (RPC_SUCCESS);
3324 case DEADHOST:
3325 if (hostname != hostpart)
3326 free(hostname);
3327 return (RPC_TIMEDOUT);
3328 case NOHOST:
3329 default:
3330 break;
3331 }
3332
3333 /*
3334 * XXX The retransmission time rpcbrmttime is a global defined
3335 * in the rpc library (rpcb_clnt.c). We use (and like) the default
3336 * value of 15 sec in the rpc library. The code below is to protect
3337 * us in case it changes. This need not be done under a lock since
3338 * any # of threads entering this function will get the same
3339 * retransmission value.
3340 */
3341 if (rpc_rtrans_new.tv_sec == -1 && rpc_rtrans_new.tv_usec == -1) {
3342 __rpc_control(CLCR_GET_RPCB_RMTTIME, (char *)&rpc_rtrans_new);
3343 if (rpc_rtrans_new.tv_sec != 15 && rpc_rtrans_new.tv_sec != 0)
3344 if (trace > 1)
3345 trace_prt(1, "RPC library rttimer changed\n");
3346 }
3347
3348 /*
3349 * XXX Manipulate the total timeout to get the number of
3350 * desired retransmissions. This code is heavily dependant on
3351 * the RPC backoff mechanism in clnt_dg_call (clnt_dg.c).
3352 */
3353 for (i = 0, j = rpc_rtrans_new.tv_sec; i < attempts-1; i++) {
3354 if (j < RPC_MAX_BACKOFF)
3355 j *= 2;
3356 else
3357 j = RPC_MAX_BACKOFF;
3358 rpc_to_new.tv_sec += j;
3359 }
3360
3361 vers_to_try = versmax;
3362
3363 /*
3364 * check the host's version within the timeout
3365 */
3366 if (trace > 1)
3367 trace_prt(1, " ping: %s timeout=%ld request vers=%d min=%d\n",
3368 hostname, rpc_to_new.tv_sec, versmax, versmin);
3369
3370 if (usepub == FALSE) {
3371 do {
3372 /*
3373 * If NFSv4, then we do the same thing as is used
3374 * for public filehandles so that we avoid rpcbind
3375 */
3376 if (vers_to_try == NFS_V4) {
3377 if (trace > 4) {
3378 trace_prt(1, " pingnfs: Trying ping via "
3379 "\"circuit_v\"\n");
3380 }
3381
3382 cl = clnt_create_service_timed(hostname, "nfs",
3383 NFS_PROGRAM, vers_to_try,
3384 port, "circuit_v", &rpc_to_new);
3385 if (cl != NULL) {
3386 outvers = vers_to_try;
3387 break;
3388 }
3389 if (trace > 4) {
3390 trace_prt(1,
3391 " pingnfs: Can't ping via "
3392 "\"circuit_v\" %s: RPC error=%d\n",
3393 hostname, rpc_createerr.cf_stat);
3394 }
3395
3396 } else {
3397 cl = clnt_create_vers_timed(hostname,
3398 NFS_PROGRAM, &outvers, versmin, vers_to_try,
3399 "datagram_v", &rpc_to_new);
3400 if (cl != NULL)
3401 break;
3402 if (trace > 4) {
3403 trace_prt(1,
3404 " pingnfs: Can't ping via "
3405 "\"datagram_v\"%s: RPC error=%d\n",
3406 hostname, rpc_createerr.cf_stat);
3407 }
3408 if (rpc_createerr.cf_stat == RPC_UNKNOWNHOST ||
3409 rpc_createerr.cf_stat == RPC_TIMEDOUT)
3410 break;
3411 if (rpc_createerr.cf_stat ==
3412 RPC_PROGNOTREGISTERED) {
3413 if (trace > 4) {
3414 trace_prt(1,
3415 " pingnfs: Trying ping "
3416 "via \"circuit_v\"\n");
3417 }
3418 cl = clnt_create_vers_timed(hostname,
3419 NFS_PROGRAM, &outvers,
3420 versmin, vers_to_try,
3421 "circuit_v", &rpc_to_new);
3422 if (cl != NULL)
3423 break;
3424 if (trace > 4) {
3425 trace_prt(1,
3426 " pingnfs: Can't ping "
3427 "via \"circuit_v\" %s: "
3428 "RPC error=%d\n",
3429 hostname,
3430 rpc_createerr.cf_stat);
3431 }
3432 }
3433 }
3434
3435 /*
3436 * backoff and return lower version to retry the ping.
3437 * XXX we should be more careful and handle
3438 * RPC_PROGVERSMISMATCH here, because that error is handled
3439 * in clnt_create_vers(). It's not done to stay in sync
3440 * with the nfs mount command.
3441 */
3442 vers_to_try--;
3443 if (vers_to_try < versmin)
3444 break;
3445 if (versp != NULL) { /* recheck the cache */
3446 *versp = vers_to_try;
3447 if (trace > 4) {
3448 trace_prt(1,
3449 " pingnfs: check cache: vers=%d\n",
3450 *versp);
3451 }
3452 switch (cache_check(hostname, versp, proto)) {
3453 case GOODHOST:
3454 if (hostname != hostpart)
3455 free(hostname);
3456 return (RPC_SUCCESS);
3457 case DEADHOST:
3458 if (hostname != hostpart)
3459 free(hostname);
3460 return (RPC_TIMEDOUT);
3461 case NOHOST:
3462 default:
3463 break;
3464 }
3465 }
3466 if (trace > 4) {
3467 trace_prt(1, " pingnfs: Try version=%d\n",
3468 vers_to_try);
3469 }
3470 } while (cl == NULL);
3471
3472
3473 if (cl == NULL) {
3474 if (verbose)
3475 syslog(LOG_ERR, "pingnfs: %s%s",
3476 hostname, clnt_spcreateerror(""));
3477 clnt_stat = rpc_createerr.cf_stat;
3478 } else {
3479 clnt_destroy(cl);
3480 clnt_stat = RPC_SUCCESS;
3481 }
3482
3483 } else {
3484 for (vers_to_try = versmax; vers_to_try >= versmin;
3485 vers_to_try--) {
3486
3487 nconf = NULL;
3488
3489 if (trace > 4) {
3490 trace_prt(1, " pingnfs: Try version=%d "
3491 "using get_ping()\n", vers_to_try);
3492 }
3493
3494 clnt_stat = get_ping(hostname, NFS_PROGRAM,
3495 vers_to_try, &nconf, port, TRUE);
3496
3497 if (nconf != NULL)
3498 freenetconfigent(nconf);
3499
3500 if (clnt_stat == RPC_SUCCESS) {
3501 outvers = vers_to_try;
3502 break;
3503 }
3504 }
3505 }
3506
3507 if (trace > 1)
3508 clnt_stat == RPC_SUCCESS ?
3509 trace_prt(1, " pingnfs OK: nfs version=%d\n", outvers):
3510 trace_prt(1, " pingnfs FAIL: can't get nfs version\n");
3511
3512 if (clnt_stat == RPC_SUCCESS) {
3513 cache_enter(hostname, versmax, outvers, proto, GOODHOST);
3514 if (versp != NULL)
3515 *versp = outvers;
3516 } else
3517 cache_enter(hostname, versmax, versmax, proto, DEADHOST);
3518
3519 if (hostpart != hostname)
3520 free(hostname);
3521
3522 return (clnt_stat);
3523 }
3524
3525 #define MNTTYPE_LOFS "lofs"
3526
3527 int
loopbackmount(fsname,dir,mntopts,overlay)3528 loopbackmount(fsname, dir, mntopts, overlay)
3529 char *fsname; /* Directory being mounted */
3530 char *dir; /* Directory being mounted on */
3531 char *mntopts;
3532 int overlay;
3533 {
3534 struct mnttab mnt;
3535 int flags = 0;
3536 char fstype[] = MNTTYPE_LOFS;
3537 int dirlen;
3538 struct stat st;
3539 char optbuf[MAX_MNTOPT_STR];
3540
3541 dirlen = strlen(dir);
3542 if (dir[dirlen-1] == ' ')
3543 dirlen--;
3544
3545 if (dirlen == strlen(fsname) &&
3546 strncmp(fsname, dir, dirlen) == 0) {
3547 syslog(LOG_ERR,
3548 "Mount of %s on %s would result in deadlock, aborted\n",
3549 fsname, dir);
3550 return (RET_ERR);
3551 }
3552 mnt.mnt_mntopts = mntopts;
3553 if (hasmntopt(&mnt, MNTOPT_RO) != NULL)
3554 flags |= MS_RDONLY;
3555
3556 (void) strlcpy(optbuf, mntopts, sizeof (optbuf));
3557
3558 if (overlay)
3559 flags |= MS_OVERLAY;
3560
3561 if (trace > 1)
3562 trace_prt(1,
3563 " loopbackmount: fsname=%s, dir=%s, flags=%d\n",
3564 fsname, dir, flags);
3565
3566 if (is_system_labeled()) {
3567 if (create_homedir((const char *)fsname,
3568 (const char *)dir) == 0) {
3569 return (NFSERR_NOENT);
3570 }
3571 }
3572
3573 if (mount(fsname, dir, flags | MS_DATA | MS_OPTIONSTR, fstype,
3574 NULL, 0, optbuf, sizeof (optbuf)) < 0) {
3575 syslog(LOG_ERR, "Mount of %s on %s: %m", fsname, dir);
3576 return (RET_ERR);
3577 }
3578
3579 if (stat(dir, &st) == 0) {
3580 if (trace > 1) {
3581 trace_prt(1,
3582 " loopbackmount of %s on %s dev=%x rdev=%x OK\n",
3583 fsname, dir, st.st_dev, st.st_rdev);
3584 }
3585 } else {
3586 if (trace > 1) {
3587 trace_prt(1,
3588 " loopbackmount of %s on %s OK\n", fsname, dir);
3589 trace_prt(1, " stat of %s failed\n", dir);
3590 }
3591 }
3592
3593 return (0);
3594 }
3595
3596 /*
3597 * Look for the value of a numeric option of the form foo=x. If found, set
3598 * *valp to the value and return non-zero. If not found or the option is
3599 * malformed, return zero.
3600 */
3601
3602 int
nopt(mnt,opt,valp)3603 nopt(mnt, opt, valp)
3604 struct mnttab *mnt;
3605 char *opt;
3606 int *valp; /* OUT */
3607 {
3608 char *equal;
3609 char *str;
3610
3611 /*
3612 * We should never get a null pointer, but if we do, it's better to
3613 * ignore the option than to dump core.
3614 */
3615
3616 if (valp == NULL) {
3617 syslog(LOG_DEBUG, "null pointer for %s option", opt);
3618 return (0);
3619 }
3620
3621 if (str = hasmntopt(mnt, opt)) {
3622 if (equal = strchr(str, '=')) {
3623 *valp = atoi(&equal[1]);
3624 return (1);
3625 } else {
3626 syslog(LOG_ERR, "Bad numeric option '%s'", str);
3627 }
3628 }
3629 return (0);
3630 }
3631
3632 int
nfsunmount(mnt)3633 nfsunmount(mnt)
3634 struct mnttab *mnt;
3635 {
3636 struct timeval timeout;
3637 CLIENT *cl;
3638 enum clnt_stat rpc_stat;
3639 char *host, *path;
3640 struct replica *list;
3641 int i, count = 0;
3642 int isv4mount = is_v4_mount(mnt->mnt_mountp);
3643
3644 if (trace > 1)
3645 trace_prt(1, " nfsunmount: umount %s\n", mnt->mnt_mountp);
3646
3647 if (umount(mnt->mnt_mountp) < 0) {
3648 if (trace > 1)
3649 trace_prt(1, " nfsunmount: umount %s FAILED\n",
3650 mnt->mnt_mountp);
3651 if (errno)
3652 return (errno);
3653 }
3654
3655 /*
3656 * If this is a NFSv4 mount, the mount protocol was not used
3657 * so we just return.
3658 */
3659 if (isv4mount) {
3660 if (trace > 1)
3661 trace_prt(1, " nfsunmount: umount %s OK\n",
3662 mnt->mnt_mountp);
3663 return (0);
3664 }
3665
3666 /*
3667 * If mounted with -o public, then no need to contact server
3668 * because mount protocol was not used.
3669 */
3670 if (hasmntopt(mnt, MNTOPT_PUBLIC) != NULL) {
3671 return (0);
3672 }
3673
3674 /*
3675 * The rest of this code is advisory to the server.
3676 * If it fails return success anyway.
3677 */
3678
3679 list = parse_replica(mnt->mnt_special, &count);
3680 if (!list) {
3681 if (count >= 0)
3682 syslog(LOG_ERR,
3683 "Memory allocation failed: %m");
3684 return (ENOMEM);
3685 }
3686
3687 for (i = 0; i < count; i++) {
3688
3689 host = list[i].host;
3690 path = list[i].path;
3691
3692 /*
3693 * Skip file systems mounted using WebNFS, because mount
3694 * protocol was not used.
3695 */
3696 if (strcmp(host, "nfs") == 0 && strncmp(path, "//", 2) == 0)
3697 continue;
3698
3699 cl = clnt_create(host, MOUNTPROG, MOUNTVERS, "datagram_v");
3700 if (cl == NULL)
3701 break;
3702 #ifdef MALLOC_DEBUG
3703 add_alloc("CLNT_HANDLE", cl, 0, __FILE__, __LINE__);
3704 add_alloc("AUTH_HANDLE", cl->cl_auth, 0,
3705 __FILE__, __LINE__);
3706 #endif
3707 if (__clnt_bindresvport(cl) < 0) {
3708 if (verbose)
3709 syslog(LOG_ERR, "umount %s:%s: %s",
3710 host, path,
3711 "Couldn't bind to reserved port");
3712 destroy_auth_client_handle(cl);
3713 continue;
3714 }
3715 #ifdef MALLOC_DEBUG
3716 drop_alloc("AUTH_HANDLE", cl->cl_auth, __FILE__, __LINE__);
3717 #endif
3718 AUTH_DESTROY(cl->cl_auth);
3719 if ((cl->cl_auth = authsys_create_default()) == NULL) {
3720 if (verbose)
3721 syslog(LOG_ERR, "umount %s:%s: %s",
3722 host, path,
3723 "Failed creating default auth handle");
3724 destroy_auth_client_handle(cl);
3725 continue;
3726 }
3727 #ifdef MALLOC_DEBUG
3728 add_alloc("AUTH_HANDLE", cl->cl_auth, 0, __FILE__, __LINE__);
3729 #endif
3730 timeout.tv_usec = 0;
3731 timeout.tv_sec = 5;
3732 rpc_stat = clnt_call(cl, MOUNTPROC_UMNT, xdr_dirpath,
3733 (caddr_t)&path, xdr_void, (char *)NULL, timeout);
3734 if (verbose && rpc_stat != RPC_SUCCESS)
3735 syslog(LOG_ERR, "%s: %s",
3736 host, clnt_sperror(cl, "unmount"));
3737 destroy_auth_client_handle(cl);
3738 }
3739
3740 free_replica(list, count);
3741
3742 if (trace > 1)
3743 trace_prt(1, " nfsunmount: umount %s OK\n", mnt->mnt_mountp);
3744
3745 done:
3746 return (0);
3747 }
3748
3749 /*
3750 * Put a new entry in the cache chain by prepending it to the front.
3751 * If there isn't enough memory then just give up.
3752 */
3753 static void
cache_enter(host,reqvers,outvers,proto,state)3754 cache_enter(host, reqvers, outvers, proto, state)
3755 char *host;
3756 rpcvers_t reqvers;
3757 rpcvers_t outvers;
3758 char *proto;
3759 int state;
3760 {
3761 struct cache_entry *entry;
3762 int cache_time = 30; /* sec */
3763
3764 timenow = time(NULL);
3765
3766 entry = (struct cache_entry *)malloc(sizeof (struct cache_entry));
3767 if (entry == NULL)
3768 return;
3769 (void) memset((caddr_t)entry, 0, sizeof (struct cache_entry));
3770 entry->cache_host = strdup(host);
3771 if (entry->cache_host == NULL) {
3772 cache_free(entry);
3773 return;
3774 }
3775 entry->cache_reqvers = reqvers;
3776 entry->cache_outvers = outvers;
3777 entry->cache_proto = (proto == NULL ? NULL : strdup(proto));
3778 entry->cache_state = state;
3779 entry->cache_time = timenow + cache_time;
3780 (void) rw_wrlock(&cache_lock);
3781 #ifdef CACHE_DEBUG
3782 host_cache_accesses++; /* up host cache access counter */
3783 #endif /* CACHE DEBUG */
3784 entry->cache_next = cache_head;
3785 cache_head = entry;
3786 (void) rw_unlock(&cache_lock);
3787 }
3788
3789 static int
cache_check(host,versp,proto)3790 cache_check(host, versp, proto)
3791 char *host;
3792 rpcvers_t *versp;
3793 char *proto;
3794 {
3795 int state = NOHOST;
3796 struct cache_entry *ce, *prev;
3797
3798 timenow = time(NULL);
3799
3800 (void) rw_rdlock(&cache_lock);
3801
3802 #ifdef CACHE_DEBUG
3803 /* Increment the lookup and access counters for the host cache */
3804 host_cache_accesses++;
3805 host_cache_lookups++;
3806 if ((host_cache_lookups%1000) == 0)
3807 trace_host_cache();
3808 #endif /* CACHE DEBUG */
3809
3810 for (ce = cache_head; ce; ce = ce->cache_next) {
3811 if (timenow > ce->cache_time) {
3812 (void) rw_unlock(&cache_lock);
3813 (void) rw_wrlock(&cache_lock);
3814 for (prev = NULL, ce = cache_head; ce;
3815 prev = ce, ce = ce->cache_next) {
3816 if (timenow > ce->cache_time) {
3817 cache_free(ce);
3818 if (prev)
3819 prev->cache_next = NULL;
3820 else
3821 cache_head = NULL;
3822 break;
3823 }
3824 }
3825 (void) rw_unlock(&cache_lock);
3826 return (state);
3827 }
3828 if (strcmp(host, ce->cache_host) != 0)
3829 continue;
3830 if ((proto == NULL && ce->cache_proto != NULL) ||
3831 (proto != NULL && ce->cache_proto == NULL))
3832 continue;
3833 if (proto != NULL &&
3834 strcmp(proto, ce->cache_proto) != 0)
3835 continue;
3836
3837 if (versp == NULL ||
3838 (versp != NULL && *versp == ce->cache_reqvers) ||
3839 (versp != NULL && *versp == ce->cache_outvers)) {
3840 if (versp != NULL)
3841 *versp = ce->cache_outvers;
3842 state = ce->cache_state;
3843
3844 /* increment the host cache hit counters */
3845 #ifdef CACHE_DEBUG
3846 if (state == GOODHOST)
3847 goodhost_cache_hits++;
3848 if (state == DEADHOST)
3849 deadhost_cache_hits++;
3850 #endif /* CACHE_DEBUG */
3851 (void) rw_unlock(&cache_lock);
3852 return (state);
3853 }
3854 }
3855 (void) rw_unlock(&cache_lock);
3856 return (state);
3857 }
3858
3859 /*
3860 * Free a cache entry and all entries
3861 * further down the chain since they
3862 * will also be expired.
3863 */
3864 static void
cache_free(entry)3865 cache_free(entry)
3866 struct cache_entry *entry;
3867 {
3868 struct cache_entry *ce, *next = NULL;
3869
3870 for (ce = entry; ce; ce = next) {
3871 if (ce->cache_host)
3872 free(ce->cache_host);
3873 if (ce->cache_proto)
3874 free(ce->cache_proto);
3875 next = ce->cache_next;
3876 free(ce);
3877 }
3878 }
3879
3880 #ifdef MALLOC_DEBUG
3881 void
cache_flush()3882 cache_flush()
3883 {
3884 (void) rw_wrlock(&cache_lock);
3885 cache_free(cache_head);
3886 cache_head = NULL;
3887 (void) rw_unlock(&cache_lock);
3888 }
3889
3890 void
flush_caches()3891 flush_caches()
3892 {
3893 mutex_lock(&cleanup_lock);
3894 cond_signal(&cleanup_start_cv);
3895 (void) cond_wait(&cleanup_done_cv, &cleanup_lock);
3896 mutex_unlock(&cleanup_lock);
3897 cache_flush();
3898 portmap_cache_flush();
3899 }
3900 #endif
3901
3902 /*
3903 * Returns 1, if port option is NFS_PORT or
3904 * nfsd is running on the port given
3905 * Returns 0, if both port is not NFS_PORT and nfsd is not
3906 * running on the port.
3907 */
3908
3909 static int
is_nfs_port(char * opts)3910 is_nfs_port(char *opts)
3911 {
3912 struct mnttab m;
3913 uint_t nfs_port = 0;
3914 struct servent sv;
3915 char buf[256];
3916 int got_port;
3917
3918 m.mnt_mntopts = opts;
3919
3920 /*
3921 * Get port specified in options list, if any.
3922 */
3923 got_port = nopt(&m, MNTOPT_PORT, (int *)&nfs_port);
3924
3925 /*
3926 * if no port specified or it is same as NFS_PORT return nfs
3927 * To use any other daemon the port number should be different
3928 */
3929 if (!got_port || nfs_port == NFS_PORT)
3930 return (1);
3931 /*
3932 * If daemon is nfsd, return nfs
3933 */
3934 if (getservbyport_r(nfs_port, NULL, &sv, buf, 256) == &sv &&
3935 strcmp(sv.s_name, "nfsd") == 0)
3936 return (1);
3937
3938 /*
3939 * daemon is not nfs
3940 */
3941 return (0);
3942 }
3943
3944
3945 /*
3946 * destroy_auth_client_handle(cl)
3947 * destroys the created client handle
3948 */
3949 void
destroy_auth_client_handle(CLIENT * cl)3950 destroy_auth_client_handle(CLIENT *cl)
3951 {
3952 if (cl) {
3953 if (cl->cl_auth) {
3954 #ifdef MALLOC_DEBUG
3955 drop_alloc("AUTH_HANDLE", cl->cl_auth,
3956 __FILE__, __LINE__);
3957 #endif
3958 AUTH_DESTROY(cl->cl_auth);
3959 cl->cl_auth = NULL;
3960 }
3961 #ifdef MALLOC_DEBUG
3962 drop_alloc("CLNT_HANDLE", cl,
3963 __FILE__, __LINE__);
3964 #endif
3965 clnt_destroy(cl);
3966 }
3967 }
3968
3969
3970 /*
3971 * Attempt to figure out which version of NFS to use in pingnfs(). If
3972 * the version number was specified (i.e., non-zero), then use it.
3973 * Otherwise, default to the compiled-in default or the default as set
3974 * by the /etc/default/nfs configuration (as read by read_default().
3975 */
3976 int
set_versrange(rpcvers_t nfsvers,rpcvers_t * vers,rpcvers_t * versmin)3977 set_versrange(rpcvers_t nfsvers, rpcvers_t *vers, rpcvers_t *versmin)
3978 {
3979 switch (nfsvers) {
3980 case 0:
3981 *vers = vers_max_default;
3982 *versmin = vers_min_default;
3983 break;
3984 case NFS_V4:
3985 *vers = NFS_V4;
3986 *versmin = NFS_V4;
3987 break;
3988 case NFS_V3:
3989 *vers = NFS_V3;
3990 *versmin = NFS_V3;
3991 break;
3992 case NFS_VERSION:
3993 *vers = NFS_VERSION; /* version 2 */
3994 *versmin = NFS_VERSMIN; /* version 2 */
3995 break;
3996 default:
3997 return (-1);
3998 }
3999 return (0);
4000 }
4001
4002 #ifdef CACHE_DEBUG
4003 /*
4004 * trace_portmap_cache()
4005 * traces the portmap cache values at desired points
4006 */
4007 static void
trace_portmap_cache()4008 trace_portmap_cache()
4009 {
4010 syslog(LOG_ERR, "portmap_cache: accesses=%d lookups=%d hits=%d\n",
4011 portmap_cache_accesses, portmap_cache_lookups,
4012 portmap_cache_hits);
4013 }
4014
4015 /*
4016 * trace_host_cache()
4017 * traces the host cache values at desired points
4018 */
4019 static void
trace_host_cache()4020 trace_host_cache()
4021 {
4022 syslog(LOG_ERR,
4023 "host_cache: accesses=%d lookups=%d deadhits=%d goodhits=%d\n",
4024 host_cache_accesses, host_cache_lookups, deadhost_cache_hits,
4025 goodhost_cache_hits);
4026 }
4027 #endif /* CACHE_DEBUG */
4028
4029 /*
4030 * Read the NFS SMF properties to determine if the
4031 * client has been configured for a new min/max for the NFS version to
4032 * use.
4033 */
4034
4035 #define SVC_NFS_CLIENT "svc:/network/nfs/client"
4036
4037 static void
read_default_nfs(void)4038 read_default_nfs(void)
4039 {
4040 static time_t lastread = 0;
4041 struct stat buf;
4042 char defval[4];
4043 int errno, bufsz;
4044 int tmp, ret = 0;
4045
4046 bufsz = 4;
4047 ret = nfs_smf_get_prop("client_versmin", defval, DEFAULT_INSTANCE,
4048 SCF_TYPE_INTEGER, SVC_NFS_CLIENT, &bufsz);
4049 if (ret == SA_OK) {
4050 errno = 0;
4051 tmp = strtol(defval, (char **)NULL, 10);
4052 if (errno == 0) {
4053 vers_min_default = tmp;
4054 }
4055 }
4056
4057 bufsz = 4;
4058 ret = nfs_smf_get_prop("client_versmax", defval, DEFAULT_INSTANCE,
4059 SCF_TYPE_INTEGER, SVC_NFS_CLIENT, &bufsz);
4060 if (ret == SA_OK) {
4061 errno = 0;
4062 tmp = strtol(defval, (char **)NULL, 10);
4063 if (errno == 0) {
4064 vers_max_default = tmp;
4065 }
4066 }
4067
4068 lastread = buf.st_mtime;
4069
4070 /*
4071 * Quick sanity check on the values picked up from the
4072 * defaults file. Make sure that a mistake wasn't
4073 * made that will confuse things later on.
4074 * If so, reset to compiled-in defaults
4075 */
4076 if (vers_min_default > vers_max_default ||
4077 vers_min_default < NFS_VERSMIN ||
4078 vers_max_default > NFS_VERSMAX) {
4079 if (trace > 1) {
4080 trace_prt(1,
4081 " read_default: version minimum/maximum incorrectly configured\n");
4082 trace_prt(1,
4083 " read_default: config is min=%d, max%d. Resetting to min=%d, max%d\n",
4084 vers_min_default, vers_max_default,
4085 NFS_VERSMIN_DEFAULT,
4086 NFS_VERSMAX_DEFAULT);
4087 }
4088 vers_min_default = NFS_VERSMIN_DEFAULT;
4089 vers_max_default = NFS_VERSMAX_DEFAULT;
4090 }
4091 }
4092
4093 /*
4094 * Find the mnttab entry that corresponds to "name".
4095 * We're not sure what the name represents: either
4096 * a mountpoint name, or a special name (server:/path).
4097 * Return the last entry in the file that matches.
4098 */
4099 static struct extmnttab *
mnttab_find(dirname)4100 mnttab_find(dirname)
4101 char *dirname;
4102 {
4103 FILE *fp;
4104 struct extmnttab mnt;
4105 struct extmnttab *res = NULL;
4106
4107 fp = fopen(MNTTAB, "r");
4108 if (fp == NULL) {
4109 if (trace > 1)
4110 trace_prt(1, " mnttab_find: unable to open mnttab\n");
4111 return (NULL);
4112 }
4113 while (getextmntent(fp, &mnt, sizeof (struct extmnttab)) == 0) {
4114 if (strcmp(mnt.mnt_mountp, dirname) == 0 ||
4115 strcmp(mnt.mnt_special, dirname) == 0) {
4116 if (res)
4117 fsfreemnttab(res);
4118 res = fsdupmnttab(&mnt);
4119 }
4120 }
4121
4122 resetmnttab(fp);
4123 fclose(fp);
4124 if (res == NULL) {
4125 if (trace > 1)
4126 trace_prt(1, " mnttab_find: unable to find %s\n",
4127 dirname);
4128 }
4129 return (res);
4130 }
4131
4132 /*
4133 * This function's behavior is taken from nfsstat.
4134 * Trying to determine what NFS version was used for the mount.
4135 */
4136 static int
is_v4_mount(char * mntpath)4137 is_v4_mount(char *mntpath)
4138 {
4139 kstat_ctl_t *kc = NULL; /* libkstat cookie */
4140 kstat_t *ksp;
4141 ulong_t fsid;
4142 struct mntinfo_kstat mik;
4143 struct extmnttab *mntp;
4144 uint_t mnt_minor;
4145
4146 if ((mntp = mnttab_find(mntpath)) == NULL)
4147 return (FALSE);
4148
4149 /* save the minor number and free the struct so we don't forget */
4150 mnt_minor = mntp->mnt_minor;
4151 fsfreemnttab(mntp);
4152
4153 if ((kc = kstat_open()) == NULL)
4154 return (FALSE);
4155
4156 for (ksp = kc->kc_chain; ksp; ksp = ksp->ks_next) {
4157 if (ksp->ks_type != KSTAT_TYPE_RAW)
4158 continue;
4159 if (strcmp(ksp->ks_module, "nfs") != 0)
4160 continue;
4161 if (strcmp(ksp->ks_name, "mntinfo") != 0)
4162 continue;
4163 if (mnt_minor != ksp->ks_instance)
4164 continue;
4165
4166 if (kstat_read(kc, ksp, &mik) == -1)
4167 continue;
4168
4169 (void) kstat_close(kc);
4170 if (mik.mik_vers == 4)
4171 return (TRUE);
4172 else
4173 return (FALSE);
4174 }
4175 (void) kstat_close(kc);
4176
4177 return (FALSE);
4178 }
4179
4180 static int
create_homedir(const char * src,const char * dst)4181 create_homedir(const char *src, const char *dst) {
4182
4183 struct stat stbuf;
4184 char *dst_username;
4185 struct passwd *pwd, pwds;
4186 char buf_pwd[NSS_BUFLEN_PASSWD];
4187 int homedir_len;
4188 int dst_dir_len;
4189 int src_dir_len;
4190
4191 if (trace > 1)
4192 trace_prt(1, "entered create_homedir\n");
4193
4194 if (stat(src, &stbuf) == 0) {
4195 if (trace > 1)
4196 trace_prt(1, "src exists\n");
4197 return (1);
4198 }
4199
4200 dst_username = strrchr(dst, '/');
4201 if (dst_username) {
4202 dst_username++; /* Skip over slash */
4203 pwd = getpwnam_r(dst_username, &pwds, buf_pwd,
4204 sizeof (buf_pwd));
4205 if (pwd == NULL) {
4206 return (0);
4207 }
4208 } else {
4209 return (0);
4210 }
4211
4212 homedir_len = strlen(pwd->pw_dir);
4213 dst_dir_len = strlen(dst) - homedir_len;
4214 src_dir_len = strlen(src) - homedir_len;
4215
4216 /* Check that the paths are in the same zone */
4217 if (src_dir_len < dst_dir_len ||
4218 (strncmp(dst, src, dst_dir_len) != 0)) {
4219 if (trace > 1)
4220 trace_prt(1, " paths don't match\n");
4221 return (0);
4222 }
4223 /* Check that mountpoint is an auto_home entry */
4224 if (dst_dir_len < 0 ||
4225 (strcmp(pwd->pw_dir, dst + dst_dir_len) != 0)) {
4226 return (0);
4227 }
4228
4229 /* Check that source is an home directory entry */
4230 if (src_dir_len < 0 ||
4231 (strcmp(pwd->pw_dir, src + src_dir_len) != 0)) {
4232 if (trace > 1)
4233 trace_prt(1, " homedir (2) doesn't match %s\n",
4234 src+src_dir_len);
4235 return (0);
4236 }
4237
4238 if (mkdir(src,
4239 S_IRUSR | S_IWUSR | S_IXUSR | S_IXGRP | S_IXOTH) == -1) {
4240 if (trace > 1) {
4241 trace_prt(1, " Couldn't mkdir %s\n", src);
4242 }
4243 return (0);
4244 }
4245
4246 if (chown(src, pwd->pw_uid, pwd->pw_gid) == -1) {
4247 unlink(src);
4248 return (0);
4249 }
4250
4251 /* Created new home directory for the user */
4252 return (1);
4253 }
4254
4255 void
free_nfs_args(struct nfs_args * argp)4256 free_nfs_args(struct nfs_args *argp)
4257 {
4258 struct nfs_args *oldp;
4259 while (argp) {
4260 if (argp->pathconf)
4261 free(argp->pathconf);
4262 if (argp->knconf)
4263 free_knconf(argp->knconf);
4264 if (argp->addr)
4265 netbuf_free(argp->addr);
4266 if (argp->syncaddr)
4267 netbuf_free(argp->syncaddr);
4268 if (argp->netname)
4269 free(argp->netname);
4270 if (argp->hostname)
4271 free(argp->hostname);
4272 if (argp->nfs_ext_u.nfs_extB.secdata)
4273 nfs_free_secdata(argp->nfs_ext_u.nfs_extB.secdata);
4274 if (argp->fh)
4275 free(argp->fh);
4276 if (argp->nfs_ext_u.nfs_extA.secdata) {
4277 sec_data_t *sd;
4278 sd = argp->nfs_ext_u.nfs_extA.secdata;
4279 if (sd == NULL)
4280 break;
4281 switch (sd->rpcflavor) {
4282 case AUTH_NONE:
4283 case AUTH_UNIX:
4284 case AUTH_LOOPBACK:
4285 break;
4286 case AUTH_DES:
4287 {
4288 dh_k4_clntdata_t *dhk4;
4289 dhk4 = (dh_k4_clntdata_t *)sd->data;
4290 if (dhk4 == NULL)
4291 break;
4292 if (dhk4->syncaddr.buf)
4293 free(dhk4->syncaddr.buf);
4294 if (dhk4->knconf->knc_protofmly)
4295 free(dhk4->knconf->knc_protofmly);
4296 if (dhk4->knconf->knc_proto)
4297 free(dhk4->knconf->knc_proto);
4298 if (dhk4->knconf)
4299 free(dhk4->knconf);
4300 if (dhk4->netname)
4301 free(dhk4->netname);
4302 free(dhk4);
4303 break;
4304 }
4305 case RPCSEC_GSS:
4306 {
4307 gss_clntdata_t *gss;
4308 gss = (gss_clntdata_t *)sd->data;
4309 if (gss == NULL)
4310 break;
4311 if (gss->mechanism.elements)
4312 free(gss->mechanism.elements);
4313 free(gss);
4314 break;
4315 }
4316 }
4317 }
4318 oldp = argp;
4319 if (argp->nfs_args_ext == NFS_ARGS_EXTB)
4320 argp = argp->nfs_ext_u.nfs_extB.next;
4321 else
4322 argp = NULL;
4323 free(oldp);
4324 }
4325 }
4326
4327 void *
get_netconfig_info(enum type_of_stuff type_of_stuff,char * hostname,rpcprog_t prog,rpcvers_t vers,struct netconfig * nconf,ushort_t port,struct t_info * tinfo,struct t_bind * tbind,caddr_t * fhp,bool_t direct_to_server,char * fspath,enum clnt_stat * cstat,mfs_snego_t * mfssnego)4328 get_netconfig_info(enum type_of_stuff type_of_stuff, char *hostname,
4329 rpcprog_t prog, rpcvers_t vers, struct netconfig *nconf,
4330 ushort_t port, struct t_info *tinfo, struct t_bind *tbind,
4331 caddr_t *fhp, bool_t direct_to_server, char *fspath,
4332 enum clnt_stat *cstat, mfs_snego_t *mfssnego)
4333 {
4334 struct netconfig *nb = NULL;
4335 int ping_server = 0;
4336
4337
4338 if (nconf == NULL)
4339 return (NULL);
4340
4341 switch (type_of_stuff) {
4342 case SERVER_FH:
4343 nb = get_server_fh(hostname, prog, vers, mfssnego,
4344 nconf, port, tinfo, tbind, fhp, direct_to_server,
4345 fspath, cstat);
4346 break;
4347 case SERVER_PING:
4348 ping_server = 1;
4349 case SERVER_ADDR:
4350 nb = get_server_addrorping(hostname, prog, vers,
4351 nconf, port, tinfo, tbind, fhp, direct_to_server,
4352 fspath, cstat, ping_server);
4353 break;
4354 default:
4355 assert(nb != NULL);
4356 }
4357 return (nb);
4358 }
4359
4360 /*
4361 * Get the server address or can we ping it or not.
4362 * Check the portmap cache first for server address.
4363 * If no entries there, ping the server with a NULLPROC rpc.
4364 */
4365 void *
get_server_addrorping(char * hostname,rpcprog_t prog,rpcvers_t vers,struct netconfig * nconf,ushort_t port,struct t_info * tinfo,struct t_bind * tbind,caddr_t * fhp,bool_t direct_to_server,char * fspath,enum clnt_stat * cstat,int ping_server)4366 get_server_addrorping(char *hostname, rpcprog_t prog, rpcvers_t vers,
4367 struct netconfig *nconf, ushort_t port, struct t_info *tinfo,
4368 struct t_bind *tbind, caddr_t *fhp, bool_t direct_to_server,
4369 char *fspath, enum clnt_stat *cstat, int ping_server)
4370 {
4371 struct timeval tv;
4372 enum clnt_stat cs = RPC_TIMEDOUT;
4373 struct netbuf *nb = NULL;
4374 CLIENT *cl = NULL;
4375 int fd = -1;
4376
4377 if (prog == NFS_PROGRAM && vers == NFS_V4)
4378 if (strncasecmp(nconf->nc_proto, NC_UDP, strlen(NC_UDP)) == 0)
4379 goto done;
4380
4381 if ((fd = t_open(nconf->nc_device, O_RDWR, tinfo)) < 0) {
4382 goto done;
4383 }
4384
4385 /* LINTED pointer alignment */
4386 if ((tbind = (struct t_bind *)t_alloc(fd, T_BIND, T_ADDR))
4387 == NULL) {
4388 goto done;
4389 }
4390
4391 if (direct_to_server != TRUE) {
4392 if (!ping_server) {
4393 if (get_cached_srv_addr(hostname, prog, vers,
4394 nconf, &tbind->addr) == 0)
4395 goto done;
4396 } else {
4397 if (port == 0)
4398 goto done;
4399 }
4400 }
4401 if (setup_nb_parms(nconf, tbind, tinfo, hostname,
4402 fd, direct_to_server, port, prog, vers, 0) < 0)
4403 goto done;
4404
4405 if (port || (direct_to_server == TRUE)) {
4406 tv.tv_sec = 10;
4407 tv.tv_usec = 0;
4408 cl = clnt_tli_create(fd, nconf, &tbind->addr,
4409 prog, vers, 0, 0);
4410 if (cl == NULL)
4411 goto done;
4412
4413 cs = clnt_call(cl, NULLPROC, xdr_void, 0,
4414 xdr_void, 0, tv);
4415 if (cs != RPC_SUCCESS) {
4416 syslog(LOG_ERR, "error is %d", cs);
4417 goto done;
4418 }
4419 }
4420 if (!ping_server) {
4421 nb = (struct netbuf *)malloc(sizeof (struct netbuf));
4422 if (nb == NULL) {
4423 syslog(LOG_ERR, "no memory\n");
4424 goto done;
4425 }
4426 nb->buf = (char *)malloc(tbind->addr.maxlen);
4427 if (nb->buf == NULL) {
4428 syslog(LOG_ERR, "no memory\n");
4429 free(nb);
4430 nb = NULL;
4431 goto done;
4432 }
4433 (void) memcpy(nb->buf, tbind->addr.buf, tbind->addr.len);
4434 nb->len = tbind->addr.len;
4435 nb->maxlen = tbind->addr.maxlen;
4436 cs = RPC_SUCCESS;
4437 }
4438 done:
4439 destroy_auth_client_handle(cl);
4440 cleanup_tli_parms(tbind, fd);
4441 *cstat = cs;
4442 return (nb);
4443 }
4444