xref: /freebsd/libexec/ypxfr/ypxfr_main.c (revision 99282790b7d01ec3c4072621d46a0d7302517ad4)
1 /*-
2  * SPDX-License-Identifier: BSD-4-Clause
3  *
4  * Copyright (c) 1995
5  *	Bill Paul <wpaul@ctr.columbia.edu>.  All rights reserved.
6  *
7  * Redistribution and use in source and binary forms, with or without
8  * modification, are permitted provided that the following conditions
9  * are met:
10  * 1. Redistributions of source code must retain the above copyright
11  *    notice, this list of conditions and the following disclaimer.
12  * 2. Redistributions in binary form must reproduce the above copyright
13  *    notice, this list of conditions and the following disclaimer in the
14  *    documentation and/or other materials provided with the distribution.
15  * 3. All advertising materials mentioning features or use of this software
16  *    must display the following acknowledgement:
17  *	This product includes software developed by Bill Paul.
18  * 4. Neither the name of the author nor the names of any co-contributors
19  *    may be used to endorse or promote products derived from this software
20  *    without specific prior written permission.
21  *
22  * THIS SOFTWARE IS PROVIDED BY Bill Paul AND CONTRIBUTORS ``AS IS'' AND
23  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25  * ARE DISCLAIMED.  IN NO EVENT SHALL Bill Paul OR CONTRIBUTORS BE LIABLE
26  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32  * SUCH DAMAGE.
33  */
34 
35 #include <sys/cdefs.h>
36 __FBSDID("$FreeBSD$");
37 
38 #include <errno.h>
39 #include <stdio.h>
40 #include <stdlib.h>
41 #include <string.h>
42 #include <syslog.h>
43 #include <unistd.h>
44 #include <sys/types.h>
45 #include <sys/param.h>
46 #include <sys/socket.h>
47 #include <netinet/in.h>
48 #include <arpa/inet.h>
49 #include <rpc/rpc.h>
50 #include <rpc/clnt.h>
51 #include <rpcsvc/yp.h>
52 #include <rpcsvc/ypclnt.h>
53 #include <rpcsvc/ypxfrd.h>
54 #include "ypxfr_extern.h"
55 
56 int debug = 1;
57 
58 char *progname = "ypxfr";
59 char *yp_dir = _PATH_YP;
60 int _rpcpmstart = 0;
61 static int ypxfr_use_yplib = 0; /* Assume the worst. */
62 static int ypxfr_clear = 1;
63 static int ypxfr_prognum = 0;
64 static struct sockaddr_in ypxfr_callback_addr;
65 static struct yppushresp_xfr ypxfr_resp;
66 static DB *dbp;
67 
68 static void
69 ypxfr_exit(ypxfrstat retval, char *temp)
70 {
71 	CLIENT *clnt;
72 	int sock = RPC_ANYSOCK;
73 	struct timeval timeout;
74 
75 	/* Clean up no matter what happened previously. */
76 	if (temp != NULL) {
77 		if (dbp != NULL)
78 			(void)(dbp->close)(dbp);
79 		if (unlink(temp) == -1) {
80 			yp_error("failed to unlink %s",strerror(errno));
81 		}
82 	}
83 
84 	if (ypxfr_prognum) {
85 		timeout.tv_sec = 20;
86 		timeout.tv_usec = 0;
87 
88 		if ((clnt = clntudp_create(&ypxfr_callback_addr, ypxfr_prognum,
89 					1, timeout, &sock)) == NULL) {
90 			yp_error("%s", clnt_spcreateerror("failed to "
91 			    "establish callback handle"));
92 			exit(1);
93 		}
94 
95 		ypxfr_resp.status = (yppush_status)retval;
96 
97 		if (yppushproc_xfrresp_1(&ypxfr_resp, clnt) == NULL) {
98 			yp_error("%s", clnt_sperror(clnt, "callback failed"));
99 			clnt_destroy(clnt);
100 			exit(1);
101 		}
102 		clnt_destroy(clnt);
103 	} else {
104 		yp_error("Exiting: %s", ypxfrerr_string(retval));
105 	}
106 
107 	exit(0);
108 }
109 
110 static void
111 usage(void)
112 {
113 	if (_rpcpmstart) {
114 		ypxfr_exit(YPXFR_BADARGS,NULL);
115 	} else {
116 		fprintf(stderr, "%s\n%s\n%s\n",
117 	"usage: ypxfr [-f] [-c] [-d target domain] [-h source host]",
118 	"             [-s source domain] [-p path]",
119 	"             [-C taskid program-number ipaddr port] mapname");
120 		exit(1);
121 	}
122 }
123 
124 int
125 ypxfr_foreach(int status, char *key, int keylen, char *val, int vallen,
126     char *data)
127 {
128 	DBT dbkey, dbval;
129 
130 	if (status != YP_TRUE)
131 		return (status);
132 
133 	/*
134 	 * XXX Do not attempt to write zero-length keys or
135 	 * data into a Berkeley DB hash database. It causes a
136 	 * strange failure mode where sequential searches get
137 	 * caught in an infinite loop.
138 	 */
139 	if (keylen) {
140 		dbkey.data = key;
141 		dbkey.size = keylen;
142 	} else {
143 		dbkey.data = "";
144 		dbkey.size = 1;
145 	}
146 	if (vallen) {
147 		dbval.data = val;
148 		dbval.size = vallen;
149 	} else {
150 		dbval.data = "";
151 		dbval.size = 1;
152 	}
153 
154 	if (yp_put_record(dbp, &dbkey, &dbval, 0) != YP_TRUE)
155 		return(yp_errno);
156 
157 	return (0);
158 }
159 
160 int
161 main(int argc, char *argv[])
162 {
163 	int ch;
164 	int ypxfr_force = 0;
165 	char *ypxfr_dest_domain = NULL;
166 	char *ypxfr_source_host = NULL;
167 	char *ypxfr_source_domain = NULL;
168 	char *ypxfr_local_domain = NULL;
169 	char *ypxfr_master = NULL;
170 	unsigned long ypxfr_order = -1, ypxfr_skew_check = -1;
171 	char *ypxfr_mapname = NULL;
172 	int ypxfr_args = 0;
173 	char ypxfr_temp_map[MAXPATHLEN + 2];
174 	char tempmap[MAXPATHLEN + 2];
175 	char buf[MAXPATHLEN + 2];
176 	DBT key, data;
177 	int remoteport;
178 	int interdom = 0;
179 	int secure = 0;
180 
181 	if (!isatty(fileno(stderr))) {
182 		openlog("ypxfr", LOG_PID, LOG_DAEMON);
183 		_rpcpmstart = 1;
184 	}
185 
186 	if (argc < 2)
187 		usage();
188 
189 	while ((ch = getopt(argc, argv, "fcd:h:s:p:C:")) != -1) {
190 		int my_optind;
191 		switch (ch) {
192 		case 'f':
193 			ypxfr_force++;
194 			ypxfr_args++;
195 			break;
196 		case 'c':
197 			ypxfr_clear = 0;
198 			ypxfr_args++;
199 			break;
200 		case 'd':
201 			ypxfr_dest_domain = optarg;
202 			ypxfr_args += 2;
203 			break;
204 		case 'h':
205 			ypxfr_source_host = optarg;
206 			ypxfr_args += 2;
207 			break;
208 		case 's':
209 			ypxfr_source_domain = optarg;
210 			ypxfr_args += 2;
211 			break;
212 		case 'p':
213 			yp_dir = optarg;
214 			ypxfr_args += 2;
215 			break;
216 		case 'C':
217 			/*
218 			 * Whoever decided that the -C flag should take
219 			 * four arguments is a twit.
220 			 */
221 			my_optind = optind - 1;
222 			if (argv[my_optind] == NULL || !strlen(argv[my_optind])) {
223 				yp_error("transaction ID not specified");
224 				usage();
225 			}
226 			ypxfr_resp.transid = atol(argv[my_optind]);
227 			my_optind++;
228 			if (argv[my_optind] == NULL || !strlen(argv[my_optind])) {
229 				yp_error("RPC program number not specified");
230 				usage();
231 			}
232 			ypxfr_prognum = atol(argv[my_optind]);
233 			my_optind++;
234 			if (argv[my_optind] == NULL || !strlen(argv[my_optind])) {
235 				yp_error("address not specified");
236 				usage();
237 			}
238 			if (!inet_aton(argv[my_optind], &ypxfr_callback_addr.sin_addr)) {
239 				yp_error("failed to convert '%s' to IP addr",
240 					argv[my_optind]);
241 				exit(1);
242 			}
243 			my_optind++;
244 			if (argv[my_optind] == NULL || !strlen(argv[my_optind])) {
245 				yp_error("port not specified");
246 				usage();
247 			}
248 			ypxfr_callback_addr.sin_port = htons((u_short)atoi(argv[my_optind]));
249 			ypxfr_args += 5;
250 			break;
251 		default:
252 			usage();
253 			break;
254 		}
255 	}
256 
257 	ypxfr_mapname = argv[ypxfr_args + 1];
258 
259 	if (ypxfr_mapname == NULL) {
260 		yp_error("no map name specified");
261 		usage();
262 	}
263 
264 	/* Always the case. */
265 	ypxfr_callback_addr.sin_family = AF_INET;
266 
267 	/* Determine if local NIS client facilities are turned on. */
268 	if (!yp_get_default_domain(&ypxfr_local_domain) &&
269 	    _yp_check(&ypxfr_local_domain))
270 		ypxfr_use_yplib = 1;
271 
272 	/*
273 	 * If no destination domain is specified, assume that the
274 	 * local default domain is to be used and try to obtain it.
275 	 * Fails if NIS client facilities are turned off.
276 	 */
277 	if (ypxfr_dest_domain == NULL) {
278 		if (ypxfr_use_yplib) {
279 			yp_get_default_domain(&ypxfr_dest_domain);
280 		} else {
281 			yp_error("no destination domain specified and \
282 the local domain name isn't set");
283 			ypxfr_exit(YPXFR_BADARGS,NULL);
284 		}
285 	}
286 
287 	/*
288 	 * If a source domain is not specified, assume it to
289 	 * be the same as the destination domain.
290 	 */
291 	if (ypxfr_source_domain == NULL) {
292 		ypxfr_source_domain = ypxfr_dest_domain;
293 	}
294 
295 	/*
296 	 * If the source host is not specified, assume it to be the
297 	 * master for the specified map. If local NIS client facilities
298 	 * are turned on, we can figure this out using yp_master().
299 	 * If not, we have to see if a local copy of the map exists
300 	 * and extract its YP_MASTER_NAME record. If _that_ fails,
301 	 * we are stuck and must ask the user for more information.
302 	 */
303 	if (ypxfr_source_host == NULL) {
304 		if (!ypxfr_use_yplib) {
305 		/*
306 		 * Double whammy: NIS isn't turned on and the user
307 		 * didn't specify a source host.
308 		 */
309 			char *dptr;
310 			key.data = "YP_MASTER_NAME";
311 			key.size = sizeof("YP_MASTER_NAME") - 1;
312 
313 			if (yp_get_record(ypxfr_dest_domain, ypxfr_mapname,
314 					 &key, &data, 1) != YP_TRUE) {
315 				yp_error("no source host specified");
316 				ypxfr_exit(YPXFR_BADARGS,NULL);
317 			}
318 			dptr = data.data;
319 			dptr[data.size] = '\0';
320 			ypxfr_master = ypxfr_source_host = strdup(dptr);
321 		}
322 	} else {
323 		if (ypxfr_use_yplib)
324 			ypxfr_use_yplib = 0;
325 	}
326 
327 	if (ypxfr_master == NULL) {
328 		if ((ypxfr_master = ypxfr_get_master(ypxfr_source_domain,
329 					    	 ypxfr_mapname,
330 					     	ypxfr_source_host,
331 					     	ypxfr_use_yplib)) == NULL) {
332 			yp_error("failed to find master of %s in domain %s: %s",
333 				  ypxfr_mapname, ypxfr_source_domain,
334 				  ypxfrerr_string((ypxfrstat)yp_errno));
335 			ypxfr_exit(YPXFR_MADDR,NULL);
336 		}
337 	}
338 
339 	/*
340 	 * If we got here and ypxfr_source_host is still undefined,
341 	 * it means we had to resort to using yp_master() to find the
342 	 * master server for the map. The source host and master should
343 	 * be identical.
344 	 */
345 	if (ypxfr_source_host == NULL)
346 		ypxfr_source_host = ypxfr_master;
347 
348 	/*
349 	 * Don't talk to ypservs on unprivileged ports.
350 	 */
351 	remoteport = getrpcport(ypxfr_source_host, YPPROG, YPVERS, IPPROTO_UDP);
352 	if (remoteport >= IPPORT_RESERVED) {
353 		yp_error("ypserv on %s not running on reserved port",
354 						ypxfr_source_host);
355 		ypxfr_exit(YPXFR_REFUSED, NULL);
356 	}
357 
358 	if ((ypxfr_order = ypxfr_get_order(ypxfr_source_domain,
359 					     ypxfr_mapname,
360 					     ypxfr_master, 0)) == 0) {
361 		yp_error("failed to get order number of %s: %s",
362 				ypxfr_mapname, yp_errno == YP_TRUE ?
363 				"map has order 0" :
364 				ypxfrerr_string((ypxfrstat)yp_errno));
365 		ypxfr_exit(YPXFR_YPERR,NULL);
366 	}
367 
368 	if (ypxfr_match(ypxfr_master, ypxfr_source_domain, ypxfr_mapname,
369 			"YP_INTERDOMAIN", sizeof("YP_INTERDOMAIN") - 1))
370 		interdom++;
371 
372 	if (ypxfr_match(ypxfr_master, ypxfr_source_domain, ypxfr_mapname,
373 			"YP_SECURE", sizeof("YP_SECURE") - 1))
374 		secure++;
375 
376 	key.data = "YP_LAST_MODIFIED";
377 	key.size = sizeof("YP_LAST_MODIFIED") - 1;
378 
379 	/* The order number is immaterial when the 'force' flag is set. */
380 
381 	if (!ypxfr_force) {
382 		int ignore = 0;
383 		if (yp_get_record(ypxfr_dest_domain,ypxfr_mapname,&key,&data,1) != YP_TRUE) {
384 			switch (yp_errno) {
385 			case YP_NOKEY:
386 				ypxfr_exit(YPXFR_FORCE,NULL);
387 				break;
388 			case YP_NOMAP:
389 				/*
390 				 * If the map doesn't exist, we're
391 				 * creating it. Ignore the error.
392 				 */
393 				ignore++;
394 				break;
395 			case YP_BADDB:
396 			default:
397 				ypxfr_exit(YPXFR_DBM,NULL);
398 				break;
399 			}
400 		}
401 		if (!ignore && ypxfr_order <= atoi(data.data))
402 			ypxfr_exit(YPXFR_AGE, NULL);
403 
404 	}
405 
406 	/* Construct a temporary map file name */
407 	snprintf(tempmap, sizeof(tempmap), "%s.%d",ypxfr_mapname, getpid());
408 	snprintf(ypxfr_temp_map, sizeof(ypxfr_temp_map), "%s/%s/%s", yp_dir,
409 		 ypxfr_dest_domain, tempmap);
410 
411 	if ((remoteport = getrpcport(ypxfr_source_host, YPXFRD_FREEBSD_PROG,
412 					YPXFRD_FREEBSD_VERS, IPPROTO_TCP))) {
413 
414 		/* Don't talk to rpc.ypxfrds on unprovileged ports. */
415 		if (remoteport >= IPPORT_RESERVED) {
416 			yp_error("rpc.ypxfrd on %s not using privileged port",
417 							ypxfr_source_host);
418 			ypxfr_exit(YPXFR_REFUSED, NULL);
419 		}
420 
421 		/* Try to send using ypxfrd. If it fails, use old method. */
422 		if (!ypxfrd_get_map(ypxfr_source_host, ypxfr_mapname,
423 					ypxfr_source_domain, ypxfr_temp_map))
424 			goto leave;
425 	}
426 
427 	/* Open the temporary map read/write. */
428 	if ((dbp = yp_open_db_rw(ypxfr_dest_domain, tempmap, 0)) == NULL) {
429 		yp_error("failed to open temporary map file");
430 		ypxfr_exit(YPXFR_DBM,NULL);
431 	}
432 
433 	/*
434 	 * Fill in the keys we already know, such as the order number,
435 	 * master name, input file name (we actually make up a bogus
436 	 * name for that) and output file name.
437 	 */
438 	snprintf(buf, sizeof(buf), "%lu", ypxfr_order);
439 	data.data = buf;
440 	data.size = strlen(buf);
441 
442 	if (yp_put_record(dbp, &key, &data, 0) != YP_TRUE) {
443 		yp_error("failed to write order number to database");
444 		ypxfr_exit(YPXFR_DBM,ypxfr_temp_map);
445 	}
446 
447 	key.data = "YP_MASTER_NAME";
448 	key.size = sizeof("YP_MASTER_NAME") - 1;
449 	data.data = ypxfr_master;
450 	data.size = strlen(ypxfr_master);
451 
452 	if (yp_put_record(dbp, &key, &data, 0) != YP_TRUE) {
453 		yp_error("failed to write master name to database");
454 		ypxfr_exit(YPXFR_DBM,ypxfr_temp_map);
455 	}
456 
457 	key.data = "YP_DOMAIN_NAME";
458 	key.size = sizeof("YP_DOMAIN_NAME") - 1;
459 	data.data = ypxfr_dest_domain;
460 	data.size = strlen(ypxfr_dest_domain);
461 
462 	if (yp_put_record(dbp, &key, &data, 0) != YP_TRUE) {
463 		yp_error("failed to write domain name to database");
464 		ypxfr_exit(YPXFR_DBM,ypxfr_temp_map);
465 	}
466 
467 	snprintf (buf, sizeof(buf), "%s:%s", ypxfr_source_host, ypxfr_mapname);
468 
469 	key.data = "YP_INPUT_NAME";
470 	key.size = sizeof("YP_INPUT_NAME") - 1;
471 	data.data = &buf;
472 	data.size = strlen(buf);
473 
474 	if (yp_put_record(dbp, &key, &data, 0) != YP_TRUE) {
475 		yp_error("failed to write input name to database");
476 		ypxfr_exit(YPXFR_DBM,ypxfr_temp_map);
477 
478 	}
479 
480 	snprintf(buf, sizeof(buf), "%s/%s/%s", yp_dir, ypxfr_dest_domain,
481 							ypxfr_mapname);
482 
483 	key.data = "YP_OUTPUT_NAME";
484 	key.size = sizeof("YP_OUTPUT_NAME") - 1;
485 	data.data = &buf;
486 	data.size = strlen(buf);
487 
488 	if (yp_put_record(dbp, &key, &data, 0) != YP_TRUE) {
489 		yp_error("failed to write output name to database");
490 		ypxfr_exit(YPXFR_DBM,ypxfr_temp_map);
491 	}
492 
493 	if (interdom) {
494 		key.data = "YP_INTERDOMAIN";
495 		key.size = sizeof("YP_INTERDOMAIN") - 1;
496 		data.data = "";
497 		data.size = 0;
498 
499 		if (yp_put_record(dbp, &key, &data, 0) != YP_TRUE) {
500 			yp_error("failed to add interdomain flag to database");
501 			ypxfr_exit(YPXFR_DBM,ypxfr_temp_map);
502 		}
503 	}
504 
505 	if (secure) {
506 		key.data = "YP_SECURE";
507 		key.size = sizeof("YP_SECURE") - 1;
508 		data.data = "";
509 		data.size = 0;
510 
511 		if (yp_put_record(dbp, &key, &data, 0) != YP_TRUE) {
512 			yp_error("failed to add secure flag to database");
513 			ypxfr_exit(YPXFR_DBM,ypxfr_temp_map);
514 		}
515 	}
516 
517 	/* Now suck over the contents of the map from the master. */
518 
519 	if (ypxfr_get_map(ypxfr_mapname,ypxfr_source_domain,
520 			  ypxfr_source_host, ypxfr_foreach)){
521 		yp_error("failed to retrieve map from source host");
522 		ypxfr_exit(YPXFR_YPERR,ypxfr_temp_map);
523 	}
524 
525 	(void)(dbp->close)(dbp);
526 	dbp = NULL; /* <- yes, it seems this is necessary. */
527 
528 leave:
529 
530 	snprintf(buf, sizeof(buf), "%s/%s/%s", yp_dir, ypxfr_dest_domain,
531 							ypxfr_mapname);
532 
533 	/* Peek at the order number again and check for skew. */
534 	if ((ypxfr_skew_check = ypxfr_get_order(ypxfr_source_domain,
535 					     ypxfr_mapname,
536 					     ypxfr_master, 0)) == 0) {
537 		yp_error("failed to get order number of %s: %s",
538 				ypxfr_mapname, yp_errno == YP_TRUE ?
539 				"map has order 0" :
540 				ypxfrerr_string((ypxfrstat)yp_errno));
541 		ypxfr_exit(YPXFR_YPERR,ypxfr_temp_map);
542 	}
543 
544 	if (ypxfr_order != ypxfr_skew_check)
545 		ypxfr_exit(YPXFR_SKEW,ypxfr_temp_map);
546 
547 	/*
548 	 * Send a YPPROC_CLEAR to the local ypserv.
549 	 */
550 	if (ypxfr_clear) {
551 		char in = 0;
552 		char *out = NULL;
553 		int stat;
554 		if ((stat = callrpc("localhost",YPPROG,YPVERS,YPPROC_CLEAR,
555 			(xdrproc_t)xdr_void, (void *)&in,
556 			(xdrproc_t)xdr_void, (void *)out)) != RPC_SUCCESS) {
557 			yp_error("failed to send 'clear' to local ypserv: %s",
558 				 clnt_sperrno((enum clnt_stat) stat));
559 			ypxfr_exit(YPXFR_CLEAR, ypxfr_temp_map);
560 		}
561 	}
562 
563 	/*
564 	 * Put the new map in place immediately. I'm not sure if the
565 	 * kernel does an unlink() and rename() atomically in the event
566 	 * that we move a new copy of a map over the top of an existing
567 	 * one, but there's less chance of a race condition happening
568 	 * than if we were to do the unlink() ourselves.
569 	 */
570 	if (rename(ypxfr_temp_map, buf) == -1) {
571 		yp_error("rename(%s,%s) failed: %s", ypxfr_temp_map, buf,
572 							strerror(errno));
573 		ypxfr_exit(YPXFR_FILE,NULL);
574 	}
575 
576 	ypxfr_exit(YPXFR_SUCC,NULL);
577 
578 	return(1);
579 }
580