1 /* 2 * Copyright (c) 1989, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * This code is derived from software contributed to Berkeley by 6 * Herb Hasler and Rick Macklem at The University of Guelph. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. All advertising materials mentioning features or use of this software 17 * must display the following acknowledgement: 18 * This product includes software developed by the University of 19 * California, Berkeley and its contributors. 20 * 4. Neither the name of the University nor the names of its contributors 21 * may be used to endorse or promote products derived from this software 22 * without specific prior written permission. 23 * 24 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 25 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 26 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 27 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 28 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 29 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 30 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 31 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 32 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 33 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 34 * SUCH DAMAGE. 35 */ 36 37 #ifndef lint 38 static const char copyright[] = 39 "@(#) Copyright (c) 1989, 1993\n\ 40 The Regents of the University of California. All rights reserved.\n"; 41 #endif /*not lint*/ 42 43 #if 0 44 #ifndef lint 45 static char sccsid[] = "@(#)mountd.c 8.15 (Berkeley) 5/1/95"; 46 #endif /*not lint*/ 47 #endif 48 49 #include <sys/cdefs.h> 50 __FBSDID("$FreeBSD$"); 51 52 #include <sys/param.h> 53 #include <sys/mount.h> 54 #include <sys/fcntl.h> 55 #include <sys/stat.h> 56 #include <sys/syslog.h> 57 #include <sys/sysctl.h> 58 #include <sys/linker.h> 59 #include <sys/module.h> 60 61 #include <rpc/rpc.h> 62 #include <rpc/pmap_clnt.h> 63 #include <rpc/pmap_prot.h> 64 #include <rpcsvc/mount.h> 65 #include <nfs/rpcv2.h> 66 #include <nfs/nfsproto.h> 67 #include <nfsserver/nfs.h> 68 #include <ufs/ufs/ufsmount.h> 69 #include <fs/msdosfs/msdosfsmount.h> 70 #include <fs/ntfs/ntfsmount.h> 71 #include <isofs/cd9660/cd9660_mount.h> /* XXX need isofs in include */ 72 73 #include <arpa/inet.h> 74 75 #include <ctype.h> 76 #include <err.h> 77 #include <errno.h> 78 #include <grp.h> 79 #include <limits.h> 80 #include <netdb.h> 81 #include <pwd.h> 82 #include <signal.h> 83 #include <stdio.h> 84 #include <stdlib.h> 85 #include <string.h> 86 #include <unistd.h> 87 #include "pathnames.h" 88 89 #ifdef DEBUG 90 #include <stdarg.h> 91 #endif 92 93 #ifndef MOUNTDLOCK 94 #define MOUNTDLOCK "/var/run/mountd.lock" 95 #endif 96 97 /* 98 * Structures for keeping the mount list and export list 99 */ 100 struct mountlist { 101 struct mountlist *ml_next; 102 char ml_host[RPCMNT_NAMELEN+1]; 103 char ml_dirp[RPCMNT_PATHLEN+1]; 104 }; 105 106 struct dirlist { 107 struct dirlist *dp_left; 108 struct dirlist *dp_right; 109 int dp_flag; 110 struct hostlist *dp_hosts; /* List of hosts this dir exported to */ 111 char dp_dirp[1]; /* Actually malloc'd to size of dir */ 112 }; 113 /* dp_flag bits */ 114 #define DP_DEFSET 0x1 115 #define DP_HOSTSET 0x2 116 117 struct exportlist { 118 struct exportlist *ex_next; 119 struct dirlist *ex_dirl; 120 struct dirlist *ex_defdir; 121 int ex_flag; 122 fsid_t ex_fs; 123 char *ex_fsdir; 124 char *ex_indexfile; 125 }; 126 /* ex_flag bits */ 127 #define EX_LINKED 0x1 128 129 struct netmsk { 130 struct sockaddr_storage nt_net; 131 struct sockaddr_storage nt_mask; 132 char *nt_name; 133 }; 134 135 union grouptypes { 136 struct addrinfo *gt_addrinfo; 137 struct netmsk gt_net; 138 }; 139 140 struct grouplist { 141 int gr_type; 142 union grouptypes gr_ptr; 143 struct grouplist *gr_next; 144 }; 145 /* Group types */ 146 #define GT_NULL 0x0 147 #define GT_HOST 0x1 148 #define GT_NET 0x2 149 #define GT_DEFAULT 0x3 150 #define GT_IGNORE 0x5 151 152 struct hostlist { 153 int ht_flag; /* Uses DP_xx bits */ 154 struct grouplist *ht_grp; 155 struct hostlist *ht_next; 156 }; 157 158 struct fhreturn { 159 int fhr_flag; 160 int fhr_vers; 161 nfsfh_t fhr_fh; 162 }; 163 164 /* Global defs */ 165 char *add_expdir(struct dirlist **, char *, int); 166 void add_dlist(struct dirlist **, struct dirlist *, 167 struct grouplist *, int); 168 void add_mlist(char *, char *); 169 int check_dirpath(char *); 170 int check_options(struct dirlist *); 171 int checkmask(struct sockaddr *sa); 172 int chk_host(struct dirlist *, struct sockaddr *, int *, int *); 173 void del_mlist(char *hostp, char *dirp); 174 struct dirlist *dirp_search(struct dirlist *, char *); 175 int do_mount(struct exportlist *, struct grouplist *, int, 176 struct xucred *, char *, int, struct statfs *); 177 int do_opt(char **, char **, struct exportlist *, struct grouplist *, 178 int *, int *, struct xucred *); 179 struct exportlist *ex_search(fsid_t *); 180 struct exportlist *get_exp(void); 181 void free_dir(struct dirlist *); 182 void free_exp(struct exportlist *); 183 void free_grp(struct grouplist *); 184 void free_host(struct hostlist *); 185 void get_exportlist(void); 186 int get_host(char *, struct grouplist *, struct grouplist *); 187 struct hostlist *get_ht(void); 188 int get_line(void); 189 void get_mountlist(void); 190 int get_net(char *, struct netmsk *, int); 191 void getexp_err(struct exportlist *, struct grouplist *); 192 struct grouplist *get_grp(void); 193 void hang_dirp(struct dirlist *, struct grouplist *, 194 struct exportlist *, int); 195 void huphandler(int sig); 196 int makemask(struct sockaddr_storage *ssp, int bitlen); 197 void mntsrv(struct svc_req *, SVCXPRT *); 198 void nextfield(char **, char **); 199 void out_of_mem(void); 200 void parsecred(char *, struct xucred *); 201 int put_exlist(struct dirlist *, XDR *, struct dirlist *, int *, int); 202 void *sa_rawaddr(struct sockaddr *sa, int *nbytes); 203 int sacmp(struct sockaddr *sa1, struct sockaddr *sa2, 204 struct sockaddr *samask); 205 int scan_tree(struct dirlist *, struct sockaddr *); 206 static void usage(void); 207 int xdr_dir(XDR *, char *); 208 int xdr_explist(XDR *, caddr_t); 209 int xdr_explist_brief(XDR *, caddr_t); 210 int xdr_fhs(XDR *, caddr_t); 211 int xdr_mlist(XDR *, caddr_t); 212 void terminate(int); 213 214 struct exportlist *exphead; 215 struct mountlist *mlhead; 216 struct grouplist *grphead; 217 char exname[MAXPATHLEN]; 218 struct xucred def_anon = { 219 XUCRED_VERSION, 220 (uid_t)-2, 221 1, 222 { (gid_t)-2 }, 223 NULL 224 }; 225 int force_v2 = 0; 226 int resvport_only = 1; 227 int dir_only = 1; 228 int log = 0; 229 int got_sighup = 0; 230 231 int opt_flags; 232 static int have_v6 = 1; 233 #ifdef NI_WITHSCOPEID 234 static const int ninumeric = NI_NUMERICHOST | NI_WITHSCOPEID; 235 #else 236 static const int ninumeric = NI_NUMERICHOST; 237 #endif 238 239 int mountdlockfd; 240 /* Bits for opt_flags above */ 241 #define OP_MAPROOT 0x01 242 #define OP_MAPALL 0x02 243 /* 0x4 free */ 244 #define OP_MASK 0x08 245 #define OP_NET 0x10 246 #define OP_ALLDIRS 0x40 247 #define OP_HAVEMASK 0x80 /* A mask was specified or inferred. */ 248 #define OP_QUIET 0x100 249 #define OP_MASKLEN 0x200 250 251 #ifdef DEBUG 252 int debug = 1; 253 void SYSLOG(int, const char *, ...) __printflike(2, 3); 254 #define syslog SYSLOG 255 #else 256 int debug = 0; 257 #endif 258 259 /* 260 * Mountd server for NFS mount protocol as described in: 261 * NFS: Network File System Protocol Specification, RFC1094, Appendix A 262 * The optional arguments are the exports file name 263 * default: _PATH_EXPORTS 264 * and "-n" to allow nonroot mount. 265 */ 266 int 267 main(argc, argv) 268 int argc; 269 char **argv; 270 { 271 fd_set readfds; 272 SVCXPRT *udptransp, *tcptransp, *udp6transp, *tcp6transp; 273 struct netconfig *udpconf, *tcpconf, *udp6conf, *tcp6conf; 274 int udpsock, tcpsock, udp6sock, tcp6sock; 275 int xcreated = 0, s; 276 int one = 1; 277 int c; 278 279 udp6conf = tcp6conf = NULL; 280 udp6sock = tcp6sock = NULL; 281 282 /* Check that another mountd isn't already running. */ 283 if ((mountdlockfd = (open(MOUNTDLOCK, O_RDONLY|O_CREAT, 0444))) == -1) 284 err(1, "%s", MOUNTDLOCK); 285 286 if(flock(mountdlockfd, LOCK_EX|LOCK_NB) == -1 && errno == EWOULDBLOCK) 287 errx(1, "another mountd is already running. Aborting"); 288 s = socket(AF_INET6, SOCK_DGRAM, IPPROTO_UDP); 289 if (s < 0) 290 have_v6 = 0; 291 else 292 close(s); 293 if (modfind("nfsserver") < 0) { 294 /* Not present in kernel, try loading it */ 295 if (kldload("nfsserver") < 0 || modfind("nfsserver") < 0) 296 errx(1, "NFS server is not available or loadable"); 297 } 298 299 while ((c = getopt(argc, argv, "2dlnr")) != -1) 300 switch (c) { 301 case '2': 302 force_v2 = 1; 303 break; 304 case 'n': 305 resvport_only = 0; 306 break; 307 case 'r': 308 dir_only = 0; 309 break; 310 case 'd': 311 debug = debug ? 0 : 1; 312 break; 313 case 'l': 314 log = 1; 315 break; 316 default: 317 usage(); 318 }; 319 argc -= optind; 320 argv += optind; 321 grphead = (struct grouplist *)NULL; 322 exphead = (struct exportlist *)NULL; 323 mlhead = (struct mountlist *)NULL; 324 if (argc == 1) { 325 strncpy(exname, *argv, MAXPATHLEN-1); 326 exname[MAXPATHLEN-1] = '\0'; 327 } else 328 strcpy(exname, _PATH_EXPORTS); 329 openlog("mountd", LOG_PID, LOG_DAEMON); 330 if (debug) 331 warnx("getting export list"); 332 get_exportlist(); 333 if (debug) 334 warnx("getting mount list"); 335 get_mountlist(); 336 if (debug) 337 warnx("here we go"); 338 if (debug == 0) { 339 daemon(0, 0); 340 signal(SIGINT, SIG_IGN); 341 signal(SIGQUIT, SIG_IGN); 342 } 343 signal(SIGHUP, huphandler); 344 signal(SIGTERM, terminate); 345 { FILE *pidfile = fopen(_PATH_MOUNTDPID, "w"); 346 if (pidfile != NULL) { 347 fprintf(pidfile, "%d\n", getpid()); 348 fclose(pidfile); 349 } 350 } 351 rpcb_unset(RPCPROG_MNT, RPCMNT_VER1, NULL); 352 rpcb_unset(RPCPROG_MNT, RPCMNT_VER3, NULL); 353 udpsock = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP); 354 tcpsock = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); 355 udpconf = getnetconfigent("udp"); 356 tcpconf = getnetconfigent("tcp"); 357 if (!have_v6) 358 goto skip_v6; 359 udp6sock = socket(AF_INET6, SOCK_DGRAM, IPPROTO_UDP); 360 tcp6sock = socket(AF_INET6, SOCK_STREAM, IPPROTO_TCP); 361 /* 362 * We're doing host-based access checks here, so don't allow 363 * v4-in-v6 to confuse things. The kernel will disable it 364 * by default on NFS sockets too. 365 */ 366 if (udp6sock != -1 && setsockopt(udp6sock, IPPROTO_IPV6, 367 IPV6_V6ONLY, &one, sizeof one) < 0){ 368 syslog(LOG_ERR, "can't disable v4-in-v6 on UDP socket"); 369 exit(1); 370 } 371 if (tcp6sock != -1 && setsockopt(tcp6sock, IPPROTO_IPV6, 372 IPV6_V6ONLY, &one, sizeof one) < 0){ 373 syslog(LOG_ERR, "can't disable v4-in-v6 on UDP socket"); 374 exit(1); 375 } 376 udp6conf = getnetconfigent("udp6"); 377 tcp6conf = getnetconfigent("tcp6"); 378 379 skip_v6: 380 if (!resvport_only) { 381 if (sysctlbyname("vfs.nfsrv.nfs_privport", NULL, NULL, 382 &resvport_only, sizeof(resvport_only)) != 0 && 383 errno != ENOENT) { 384 syslog(LOG_ERR, "sysctl: %m"); 385 exit(1); 386 } 387 } 388 if (udpsock != -1 && udpconf != NULL) { 389 bindresvport(udpsock, NULL); 390 udptransp = svc_dg_create(udpsock, 0, 0); 391 if (udptransp != NULL) { 392 if (!svc_reg(udptransp, RPCPROG_MNT, RPCMNT_VER1, 393 mntsrv, udpconf)) 394 syslog(LOG_WARNING, "can't register UDP RPCMNT_VER1 service"); 395 else 396 xcreated++; 397 if (!force_v2) { 398 if (!svc_reg(udptransp, RPCPROG_MNT, RPCMNT_VER3, 399 mntsrv, udpconf)) 400 syslog(LOG_WARNING, "can't register UDP RPCMNT_VER3 service"); 401 else 402 xcreated++; 403 } 404 } else 405 syslog(LOG_WARNING, "can't create UDP services"); 406 407 } 408 if (tcpsock != -1 && tcpconf != NULL) { 409 bindresvport(tcpsock, NULL); 410 listen(tcpsock, SOMAXCONN); 411 tcptransp = svc_vc_create(tcpsock, 0, 0); 412 if (tcptransp != NULL) { 413 if (!svc_reg(tcptransp, RPCPROG_MNT, RPCMNT_VER1, 414 mntsrv, tcpconf)) 415 syslog(LOG_WARNING, "can't register TCP RPCMNT_VER1 service"); 416 else 417 xcreated++; 418 if (!force_v2) { 419 if (!svc_reg(tcptransp, RPCPROG_MNT, RPCMNT_VER3, 420 mntsrv, tcpconf)) 421 syslog(LOG_WARNING, "can't register TCP RPCMNT_VER3 service"); 422 else 423 xcreated++; 424 } 425 } else 426 syslog(LOG_WARNING, "can't create TCP service"); 427 428 } 429 if (have_v6 && udp6sock != -1 && udp6conf != NULL) { 430 bindresvport(udp6sock, NULL); 431 udp6transp = svc_dg_create(udp6sock, 0, 0); 432 if (udp6transp != NULL) { 433 if (!svc_reg(udp6transp, RPCPROG_MNT, RPCMNT_VER1, 434 mntsrv, udp6conf)) 435 syslog(LOG_WARNING, "can't register UDP6 RPCMNT_VER1 service"); 436 else 437 xcreated++; 438 if (!force_v2) { 439 if (!svc_reg(udp6transp, RPCPROG_MNT, RPCMNT_VER3, 440 mntsrv, udp6conf)) 441 syslog(LOG_WARNING, "can't register UDP6 RPCMNT_VER3 service"); 442 else 443 xcreated++; 444 } 445 } else 446 syslog(LOG_WARNING, "can't create UDP6 service"); 447 448 } 449 if (have_v6 && tcp6sock != -1 && tcp6conf != NULL) { 450 bindresvport(tcp6sock, NULL); 451 listen(tcp6sock, SOMAXCONN); 452 tcp6transp = svc_vc_create(tcp6sock, 0, 0); 453 if (tcp6transp != NULL) { 454 if (!svc_reg(tcp6transp, RPCPROG_MNT, RPCMNT_VER1, 455 mntsrv, tcp6conf)) 456 syslog(LOG_WARNING, "can't register TCP6 RPCMNT_VER1 service"); 457 else 458 xcreated++; 459 if (!force_v2) { 460 if (!svc_reg(tcp6transp, RPCPROG_MNT, RPCMNT_VER3, 461 mntsrv, tcp6conf)) 462 syslog(LOG_WARNING, "can't register TCP6 RPCMNT_VER3 service"); 463 else 464 xcreated++; 465 } 466 } else 467 syslog(LOG_WARNING, "can't create TCP6 service"); 468 469 } 470 if (xcreated == 0) { 471 syslog(LOG_ERR, "could not create any services"); 472 exit(1); 473 } 474 475 /* Expand svc_run() here so that we can call get_exportlist(). */ 476 for (;;) { 477 if (got_sighup) { 478 get_exportlist(); 479 got_sighup = 0; 480 } 481 readfds = svc_fdset; 482 switch (select(svc_maxfd + 1, &readfds, NULL, NULL, NULL)) { 483 case -1: 484 if (errno == EINTR) 485 continue; 486 syslog(LOG_ERR, "mountd died: select: %m"); 487 exit(1); 488 case 0: 489 continue; 490 default: 491 svc_getreqset(&readfds); 492 } 493 } 494 } 495 496 static void 497 usage() 498 { 499 fprintf(stderr, 500 "usage: mountd [-2] [-d] [-l] [-n] [-r] [export_file]\n"); 501 exit(1); 502 } 503 504 /* 505 * The mount rpc service 506 */ 507 void 508 mntsrv(rqstp, transp) 509 struct svc_req *rqstp; 510 SVCXPRT *transp; 511 { 512 struct exportlist *ep; 513 struct dirlist *dp; 514 struct fhreturn fhr; 515 struct stat stb; 516 struct statfs fsb; 517 struct addrinfo *ai; 518 char host[NI_MAXHOST], numerichost[NI_MAXHOST]; 519 int lookup_failed = 1; 520 struct sockaddr *saddr; 521 u_short sport; 522 char rpcpath[RPCMNT_PATHLEN + 1], dirpath[MAXPATHLEN]; 523 int bad = 0, defset, hostset; 524 sigset_t sighup_mask; 525 526 sigemptyset(&sighup_mask); 527 sigaddset(&sighup_mask, SIGHUP); 528 saddr = svc_getrpccaller(transp)->buf; 529 switch (saddr->sa_family) { 530 case AF_INET6: 531 sport = ntohs(((struct sockaddr_in6 *)saddr)->sin6_port); 532 break; 533 case AF_INET: 534 sport = ntohs(((struct sockaddr_in *)saddr)->sin_port); 535 break; 536 default: 537 syslog(LOG_ERR, "request from unknown address family"); 538 return; 539 } 540 lookup_failed = getnameinfo(saddr, saddr->sa_len, host, sizeof host, 541 NULL, 0, 0); 542 getnameinfo(saddr, saddr->sa_len, numerichost, 543 sizeof numerichost, NULL, 0, NI_NUMERICHOST); 544 ai = NULL; 545 switch (rqstp->rq_proc) { 546 case NULLPROC: 547 if (!svc_sendreply(transp, xdr_void, NULL)) 548 syslog(LOG_ERR, "can't send reply"); 549 return; 550 case RPCMNT_MOUNT: 551 if (sport >= IPPORT_RESERVED && resvport_only) { 552 syslog(LOG_NOTICE, 553 "mount request from %s from unprivileged port", 554 numerichost); 555 svcerr_weakauth(transp); 556 return; 557 } 558 if (!svc_getargs(transp, xdr_dir, rpcpath)) { 559 syslog(LOG_NOTICE, "undecodable mount request from %s", 560 numerichost); 561 svcerr_decode(transp); 562 return; 563 } 564 565 /* 566 * Get the real pathname and make sure it is a directory 567 * or a regular file if the -r option was specified 568 * and it exists. 569 */ 570 if (realpath(rpcpath, dirpath) == NULL || 571 stat(dirpath, &stb) < 0 || 572 (!S_ISDIR(stb.st_mode) && 573 (dir_only || !S_ISREG(stb.st_mode))) || 574 statfs(dirpath, &fsb) < 0) { 575 chdir("/"); /* Just in case realpath doesn't */ 576 syslog(LOG_NOTICE, 577 "mount request from %s for non existent path %s", 578 numerichost, dirpath); 579 if (debug) 580 warnx("stat failed on %s", dirpath); 581 bad = ENOENT; /* We will send error reply later */ 582 } 583 584 /* Check in the exports list */ 585 sigprocmask(SIG_BLOCK, &sighup_mask, NULL); 586 ep = ex_search(&fsb.f_fsid); 587 hostset = defset = 0; 588 if (ep && (chk_host(ep->ex_defdir, saddr, &defset, &hostset) || 589 ((dp = dirp_search(ep->ex_dirl, dirpath)) && 590 chk_host(dp, saddr, &defset, &hostset)) || 591 (defset && scan_tree(ep->ex_defdir, saddr) == 0 && 592 scan_tree(ep->ex_dirl, saddr) == 0))) { 593 if (bad) { 594 if (!svc_sendreply(transp, xdr_long, 595 (caddr_t)&bad)) 596 syslog(LOG_ERR, "can't send reply"); 597 sigprocmask(SIG_UNBLOCK, &sighup_mask, NULL); 598 return; 599 } 600 if (hostset & DP_HOSTSET) 601 fhr.fhr_flag = hostset; 602 else 603 fhr.fhr_flag = defset; 604 fhr.fhr_vers = rqstp->rq_vers; 605 /* Get the file handle */ 606 memset(&fhr.fhr_fh, 0, sizeof(nfsfh_t)); 607 if (getfh(dirpath, (fhandle_t *)&fhr.fhr_fh) < 0) { 608 bad = errno; 609 syslog(LOG_ERR, "can't get fh for %s", dirpath); 610 if (!svc_sendreply(transp, xdr_long, 611 (caddr_t)&bad)) 612 syslog(LOG_ERR, "can't send reply"); 613 sigprocmask(SIG_UNBLOCK, &sighup_mask, NULL); 614 return; 615 } 616 if (!svc_sendreply(transp, xdr_fhs, (caddr_t)&fhr)) 617 syslog(LOG_ERR, "can't send reply"); 618 if (!lookup_failed) 619 add_mlist(host, dirpath); 620 else 621 add_mlist(numerichost, dirpath); 622 if (debug) 623 warnx("mount successful"); 624 if (log) 625 syslog(LOG_NOTICE, 626 "mount request succeeded from %s for %s", 627 numerichost, dirpath); 628 } else { 629 bad = EACCES; 630 syslog(LOG_NOTICE, 631 "mount request denied from %s for %s", 632 numerichost, dirpath); 633 } 634 635 if (bad && !svc_sendreply(transp, xdr_long, (caddr_t)&bad)) 636 syslog(LOG_ERR, "can't send reply"); 637 sigprocmask(SIG_UNBLOCK, &sighup_mask, NULL); 638 return; 639 case RPCMNT_DUMP: 640 if (!svc_sendreply(transp, xdr_mlist, (caddr_t)NULL)) 641 syslog(LOG_ERR, "can't send reply"); 642 else if (log) 643 syslog(LOG_NOTICE, 644 "dump request succeeded from %s", 645 numerichost); 646 return; 647 case RPCMNT_UMOUNT: 648 if (sport >= IPPORT_RESERVED && resvport_only) { 649 syslog(LOG_NOTICE, 650 "umount request from %s from unprivileged port", 651 numerichost); 652 svcerr_weakauth(transp); 653 return; 654 } 655 if (!svc_getargs(transp, xdr_dir, rpcpath)) { 656 syslog(LOG_NOTICE, "undecodable umount request from %s", 657 numerichost); 658 svcerr_decode(transp); 659 return; 660 } 661 if (realpath(rpcpath, dirpath) == NULL) { 662 syslog(LOG_NOTICE, "umount request from %s " 663 "for non existent path %s", 664 numerichost, dirpath); 665 } 666 if (!svc_sendreply(transp, xdr_void, (caddr_t)NULL)) 667 syslog(LOG_ERR, "can't send reply"); 668 if (!lookup_failed) 669 del_mlist(host, dirpath); 670 del_mlist(numerichost, dirpath); 671 if (log) 672 syslog(LOG_NOTICE, 673 "umount request succeeded from %s for %s", 674 numerichost, dirpath); 675 return; 676 case RPCMNT_UMNTALL: 677 if (sport >= IPPORT_RESERVED && resvport_only) { 678 syslog(LOG_NOTICE, 679 "umountall request from %s from unprivileged port", 680 numerichost); 681 svcerr_weakauth(transp); 682 return; 683 } 684 if (!svc_sendreply(transp, xdr_void, (caddr_t)NULL)) 685 syslog(LOG_ERR, "can't send reply"); 686 if (!lookup_failed) 687 del_mlist(host, NULL); 688 del_mlist(numerichost, NULL); 689 if (log) 690 syslog(LOG_NOTICE, 691 "umountall request succeeded from %s", 692 numerichost); 693 return; 694 case RPCMNT_EXPORT: 695 if (!svc_sendreply(transp, xdr_explist, (caddr_t)NULL)) 696 if (!svc_sendreply(transp, xdr_explist_brief, (caddr_t)NULL)) 697 syslog(LOG_ERR, "can't send reply"); 698 if (log) 699 syslog(LOG_NOTICE, 700 "export request succeeded from %s", 701 numerichost); 702 return; 703 default: 704 svcerr_noproc(transp); 705 return; 706 } 707 } 708 709 /* 710 * Xdr conversion for a dirpath string 711 */ 712 int 713 xdr_dir(xdrsp, dirp) 714 XDR *xdrsp; 715 char *dirp; 716 { 717 return (xdr_string(xdrsp, &dirp, RPCMNT_PATHLEN)); 718 } 719 720 /* 721 * Xdr routine to generate file handle reply 722 */ 723 int 724 xdr_fhs(xdrsp, cp) 725 XDR *xdrsp; 726 caddr_t cp; 727 { 728 struct fhreturn *fhrp = (struct fhreturn *)cp; 729 u_long ok = 0, len, auth; 730 731 if (!xdr_long(xdrsp, &ok)) 732 return (0); 733 switch (fhrp->fhr_vers) { 734 case 1: 735 return (xdr_opaque(xdrsp, (caddr_t)&fhrp->fhr_fh, NFSX_V2FH)); 736 case 3: 737 len = NFSX_V3FH; 738 if (!xdr_long(xdrsp, &len)) 739 return (0); 740 if (!xdr_opaque(xdrsp, (caddr_t)&fhrp->fhr_fh, len)) 741 return (0); 742 auth = RPCAUTH_UNIX; 743 len = 1; 744 if (!xdr_long(xdrsp, &len)) 745 return (0); 746 return (xdr_long(xdrsp, &auth)); 747 }; 748 return (0); 749 } 750 751 int 752 xdr_mlist(xdrsp, cp) 753 XDR *xdrsp; 754 caddr_t cp; 755 { 756 struct mountlist *mlp; 757 int true = 1; 758 int false = 0; 759 char *strp; 760 761 mlp = mlhead; 762 while (mlp) { 763 if (!xdr_bool(xdrsp, &true)) 764 return (0); 765 strp = &mlp->ml_host[0]; 766 if (!xdr_string(xdrsp, &strp, RPCMNT_NAMELEN)) 767 return (0); 768 strp = &mlp->ml_dirp[0]; 769 if (!xdr_string(xdrsp, &strp, RPCMNT_PATHLEN)) 770 return (0); 771 mlp = mlp->ml_next; 772 } 773 if (!xdr_bool(xdrsp, &false)) 774 return (0); 775 return (1); 776 } 777 778 /* 779 * Xdr conversion for export list 780 */ 781 int 782 xdr_explist_common(xdrsp, cp, brief) 783 XDR *xdrsp; 784 caddr_t cp; 785 int brief; 786 { 787 struct exportlist *ep; 788 int false = 0; 789 int putdef; 790 sigset_t sighup_mask; 791 792 sigemptyset(&sighup_mask); 793 sigaddset(&sighup_mask, SIGHUP); 794 sigprocmask(SIG_BLOCK, &sighup_mask, NULL); 795 ep = exphead; 796 while (ep) { 797 putdef = 0; 798 if (put_exlist(ep->ex_dirl, xdrsp, ep->ex_defdir, 799 &putdef, brief)) 800 goto errout; 801 if (ep->ex_defdir && putdef == 0 && 802 put_exlist(ep->ex_defdir, xdrsp, (struct dirlist *)NULL, 803 &putdef, brief)) 804 goto errout; 805 ep = ep->ex_next; 806 } 807 sigprocmask(SIG_UNBLOCK, &sighup_mask, NULL); 808 if (!xdr_bool(xdrsp, &false)) 809 return (0); 810 return (1); 811 errout: 812 sigprocmask(SIG_UNBLOCK, &sighup_mask, NULL); 813 return (0); 814 } 815 816 /* 817 * Called from xdr_explist() to traverse the tree and export the 818 * directory paths. 819 */ 820 int 821 put_exlist(dp, xdrsp, adp, putdefp, brief) 822 struct dirlist *dp; 823 XDR *xdrsp; 824 struct dirlist *adp; 825 int *putdefp; 826 int brief; 827 { 828 struct grouplist *grp; 829 struct hostlist *hp; 830 int true = 1; 831 int false = 0; 832 int gotalldir = 0; 833 char *strp; 834 835 if (dp) { 836 if (put_exlist(dp->dp_left, xdrsp, adp, putdefp, brief)) 837 return (1); 838 if (!xdr_bool(xdrsp, &true)) 839 return (1); 840 strp = dp->dp_dirp; 841 if (!xdr_string(xdrsp, &strp, RPCMNT_PATHLEN)) 842 return (1); 843 if (adp && !strcmp(dp->dp_dirp, adp->dp_dirp)) { 844 gotalldir = 1; 845 *putdefp = 1; 846 } 847 if (brief) { 848 if (!xdr_bool(xdrsp, &true)) 849 return (1); 850 strp = "(...)"; 851 if (!xdr_string(xdrsp, &strp, RPCMNT_PATHLEN)) 852 return (1); 853 } else if ((dp->dp_flag & DP_DEFSET) == 0 && 854 (gotalldir == 0 || (adp->dp_flag & DP_DEFSET) == 0)) { 855 hp = dp->dp_hosts; 856 while (hp) { 857 grp = hp->ht_grp; 858 if (grp->gr_type == GT_HOST) { 859 if (!xdr_bool(xdrsp, &true)) 860 return (1); 861 strp = grp->gr_ptr.gt_addrinfo->ai_canonname; 862 if (!xdr_string(xdrsp, &strp, 863 RPCMNT_NAMELEN)) 864 return (1); 865 } else if (grp->gr_type == GT_NET) { 866 if (!xdr_bool(xdrsp, &true)) 867 return (1); 868 strp = grp->gr_ptr.gt_net.nt_name; 869 if (!xdr_string(xdrsp, &strp, 870 RPCMNT_NAMELEN)) 871 return (1); 872 } 873 hp = hp->ht_next; 874 if (gotalldir && hp == (struct hostlist *)NULL) { 875 hp = adp->dp_hosts; 876 gotalldir = 0; 877 } 878 } 879 } 880 if (!xdr_bool(xdrsp, &false)) 881 return (1); 882 if (put_exlist(dp->dp_right, xdrsp, adp, putdefp, brief)) 883 return (1); 884 } 885 return (0); 886 } 887 888 int 889 xdr_explist(xdrsp, cp) 890 XDR *xdrsp; 891 caddr_t cp; 892 { 893 894 return xdr_explist_common(xdrsp, cp, 0); 895 } 896 897 int 898 xdr_explist_brief(xdrsp, cp) 899 XDR *xdrsp; 900 caddr_t cp; 901 { 902 903 return xdr_explist_common(xdrsp, cp, 1); 904 } 905 906 char *line; 907 int linesize; 908 FILE *exp_file; 909 910 /* 911 * Get the export list 912 */ 913 void 914 get_exportlist() 915 { 916 struct exportlist *ep, *ep2; 917 struct grouplist *grp, *tgrp; 918 struct exportlist **epp; 919 struct dirlist *dirhead; 920 struct statfs fsb, *fsp; 921 struct xucred anon; 922 char *cp, *endcp, *dirp, *hst, *usr, *dom, savedc; 923 int len, has_host, exflags, got_nondir, dirplen, num, i, netgrp; 924 925 dirp = NULL; 926 dirplen = 0; 927 928 /* 929 * First, get rid of the old list 930 */ 931 ep = exphead; 932 while (ep) { 933 ep2 = ep; 934 ep = ep->ex_next; 935 free_exp(ep2); 936 } 937 exphead = (struct exportlist *)NULL; 938 939 grp = grphead; 940 while (grp) { 941 tgrp = grp; 942 grp = grp->gr_next; 943 free_grp(tgrp); 944 } 945 grphead = (struct grouplist *)NULL; 946 947 /* 948 * And delete exports that are in the kernel for all local 949 * filesystems. 950 * XXX: Should know how to handle all local exportable filesystems 951 * instead of just "ufs". 952 */ 953 num = getmntinfo(&fsp, MNT_NOWAIT); 954 for (i = 0; i < num; i++) { 955 union { 956 struct ufs_args ua; 957 struct iso_args ia; 958 struct msdosfs_args da; 959 struct ntfs_args na; 960 } targs; 961 962 if (!strcmp(fsp->f_fstypename, "ufs") || 963 !strcmp(fsp->f_fstypename, "msdosfs") || 964 !strcmp(fsp->f_fstypename, "ntfs") || 965 !strcmp(fsp->f_fstypename, "cd9660")) { 966 targs.ua.fspec = NULL; 967 targs.ua.export.ex_flags = MNT_DELEXPORT; 968 if (mount(fsp->f_fstypename, fsp->f_mntonname, 969 fsp->f_flags | MNT_UPDATE, (caddr_t)&targs) < 0 && 970 errno != ENOENT) 971 syslog(LOG_ERR, 972 "can't delete exports for %s: %m", 973 fsp->f_mntonname); 974 } 975 fsp++; 976 } 977 978 /* 979 * Read in the exports file and build the list, calling 980 * mount() as we go along to push the export rules into the kernel. 981 */ 982 if ((exp_file = fopen(exname, "r")) == NULL) { 983 syslog(LOG_ERR, "can't open %s", exname); 984 exit(2); 985 } 986 dirhead = (struct dirlist *)NULL; 987 while (get_line()) { 988 if (debug) 989 warnx("got line %s", line); 990 cp = line; 991 nextfield(&cp, &endcp); 992 if (*cp == '#') 993 goto nextline; 994 995 /* 996 * Set defaults. 997 */ 998 has_host = FALSE; 999 anon = def_anon; 1000 exflags = MNT_EXPORTED; 1001 got_nondir = 0; 1002 opt_flags = 0; 1003 ep = (struct exportlist *)NULL; 1004 1005 /* 1006 * Create new exports list entry 1007 */ 1008 len = endcp-cp; 1009 tgrp = grp = get_grp(); 1010 while (len > 0) { 1011 if (len > RPCMNT_NAMELEN) { 1012 getexp_err(ep, tgrp); 1013 goto nextline; 1014 } 1015 if (*cp == '-') { 1016 if (ep == (struct exportlist *)NULL) { 1017 getexp_err(ep, tgrp); 1018 goto nextline; 1019 } 1020 if (debug) 1021 warnx("doing opt %s", cp); 1022 got_nondir = 1; 1023 if (do_opt(&cp, &endcp, ep, grp, &has_host, 1024 &exflags, &anon)) { 1025 getexp_err(ep, tgrp); 1026 goto nextline; 1027 } 1028 } else if (*cp == '/') { 1029 savedc = *endcp; 1030 *endcp = '\0'; 1031 if (check_dirpath(cp) && 1032 statfs(cp, &fsb) >= 0) { 1033 if (got_nondir) { 1034 syslog(LOG_ERR, "dirs must be first"); 1035 getexp_err(ep, tgrp); 1036 goto nextline; 1037 } 1038 if (ep) { 1039 if (ep->ex_fs.val[0] != fsb.f_fsid.val[0] || 1040 ep->ex_fs.val[1] != fsb.f_fsid.val[1]) { 1041 getexp_err(ep, tgrp); 1042 goto nextline; 1043 } 1044 } else { 1045 /* 1046 * See if this directory is already 1047 * in the list. 1048 */ 1049 ep = ex_search(&fsb.f_fsid); 1050 if (ep == (struct exportlist *)NULL) { 1051 ep = get_exp(); 1052 ep->ex_fs = fsb.f_fsid; 1053 ep->ex_fsdir = (char *) 1054 malloc(strlen(fsb.f_mntonname) + 1); 1055 if (ep->ex_fsdir) 1056 strcpy(ep->ex_fsdir, 1057 fsb.f_mntonname); 1058 else 1059 out_of_mem(); 1060 if (debug) 1061 warnx("making new ep fs=0x%x,0x%x", 1062 fsb.f_fsid.val[0], 1063 fsb.f_fsid.val[1]); 1064 } else if (debug) 1065 warnx("found ep fs=0x%x,0x%x", 1066 fsb.f_fsid.val[0], 1067 fsb.f_fsid.val[1]); 1068 } 1069 1070 /* 1071 * Add dirpath to export mount point. 1072 */ 1073 dirp = add_expdir(&dirhead, cp, len); 1074 dirplen = len; 1075 } else { 1076 getexp_err(ep, tgrp); 1077 goto nextline; 1078 } 1079 *endcp = savedc; 1080 } else { 1081 savedc = *endcp; 1082 *endcp = '\0'; 1083 got_nondir = 1; 1084 if (ep == (struct exportlist *)NULL) { 1085 getexp_err(ep, tgrp); 1086 goto nextline; 1087 } 1088 1089 /* 1090 * Get the host or netgroup. 1091 */ 1092 setnetgrent(cp); 1093 netgrp = getnetgrent(&hst, &usr, &dom); 1094 do { 1095 if (has_host) { 1096 grp->gr_next = get_grp(); 1097 grp = grp->gr_next; 1098 } 1099 if (netgrp) { 1100 if (hst == 0) { 1101 syslog(LOG_ERR, 1102 "null hostname in netgroup %s, skipping", cp); 1103 grp->gr_type = GT_IGNORE; 1104 } else if (get_host(hst, grp, tgrp)) { 1105 syslog(LOG_ERR, 1106 "bad host %s in netgroup %s, skipping", hst, cp); 1107 grp->gr_type = GT_IGNORE; 1108 } 1109 } else if (get_host(cp, grp, tgrp)) { 1110 syslog(LOG_ERR, "bad host %s, skipping", cp); 1111 grp->gr_type = GT_IGNORE; 1112 } 1113 has_host = TRUE; 1114 } while (netgrp && getnetgrent(&hst, &usr, &dom)); 1115 endnetgrent(); 1116 *endcp = savedc; 1117 } 1118 cp = endcp; 1119 nextfield(&cp, &endcp); 1120 len = endcp - cp; 1121 } 1122 if (check_options(dirhead)) { 1123 getexp_err(ep, tgrp); 1124 goto nextline; 1125 } 1126 if (!has_host) { 1127 grp->gr_type = GT_DEFAULT; 1128 if (debug) 1129 warnx("adding a default entry"); 1130 1131 /* 1132 * Don't allow a network export coincide with a list of 1133 * host(s) on the same line. 1134 */ 1135 } else if ((opt_flags & OP_NET) && tgrp->gr_next) { 1136 syslog(LOG_ERR, "network/host conflict"); 1137 getexp_err(ep, tgrp); 1138 goto nextline; 1139 1140 /* 1141 * If an export list was specified on this line, make sure 1142 * that we have at least one valid entry, otherwise skip it. 1143 */ 1144 } else { 1145 grp = tgrp; 1146 while (grp && grp->gr_type == GT_IGNORE) 1147 grp = grp->gr_next; 1148 if (! grp) { 1149 getexp_err(ep, tgrp); 1150 goto nextline; 1151 } 1152 } 1153 1154 /* 1155 * Loop through hosts, pushing the exports into the kernel. 1156 * After loop, tgrp points to the start of the list and 1157 * grp points to the last entry in the list. 1158 */ 1159 grp = tgrp; 1160 do { 1161 if (do_mount(ep, grp, exflags, &anon, dirp, dirplen, 1162 &fsb)) { 1163 getexp_err(ep, tgrp); 1164 goto nextline; 1165 } 1166 } while (grp->gr_next && (grp = grp->gr_next)); 1167 1168 /* 1169 * Success. Update the data structures. 1170 */ 1171 if (has_host) { 1172 hang_dirp(dirhead, tgrp, ep, opt_flags); 1173 grp->gr_next = grphead; 1174 grphead = tgrp; 1175 } else { 1176 hang_dirp(dirhead, (struct grouplist *)NULL, ep, 1177 opt_flags); 1178 free_grp(grp); 1179 } 1180 dirhead = (struct dirlist *)NULL; 1181 if ((ep->ex_flag & EX_LINKED) == 0) { 1182 ep2 = exphead; 1183 epp = &exphead; 1184 1185 /* 1186 * Insert in the list in alphabetical order. 1187 */ 1188 while (ep2 && strcmp(ep2->ex_fsdir, ep->ex_fsdir) < 0) { 1189 epp = &ep2->ex_next; 1190 ep2 = ep2->ex_next; 1191 } 1192 if (ep2) 1193 ep->ex_next = ep2; 1194 *epp = ep; 1195 ep->ex_flag |= EX_LINKED; 1196 } 1197 nextline: 1198 if (dirhead) { 1199 free_dir(dirhead); 1200 dirhead = (struct dirlist *)NULL; 1201 } 1202 } 1203 fclose(exp_file); 1204 } 1205 1206 /* 1207 * Allocate an export list element 1208 */ 1209 struct exportlist * 1210 get_exp() 1211 { 1212 struct exportlist *ep; 1213 1214 ep = (struct exportlist *)malloc(sizeof (struct exportlist)); 1215 if (ep == (struct exportlist *)NULL) 1216 out_of_mem(); 1217 memset(ep, 0, sizeof(struct exportlist)); 1218 return (ep); 1219 } 1220 1221 /* 1222 * Allocate a group list element 1223 */ 1224 struct grouplist * 1225 get_grp() 1226 { 1227 struct grouplist *gp; 1228 1229 gp = (struct grouplist *)malloc(sizeof (struct grouplist)); 1230 if (gp == (struct grouplist *)NULL) 1231 out_of_mem(); 1232 memset(gp, 0, sizeof(struct grouplist)); 1233 return (gp); 1234 } 1235 1236 /* 1237 * Clean up upon an error in get_exportlist(). 1238 */ 1239 void 1240 getexp_err(ep, grp) 1241 struct exportlist *ep; 1242 struct grouplist *grp; 1243 { 1244 struct grouplist *tgrp; 1245 1246 if (!(opt_flags & OP_QUIET)) 1247 syslog(LOG_ERR, "bad exports list line %s", line); 1248 if (ep && (ep->ex_flag & EX_LINKED) == 0) 1249 free_exp(ep); 1250 while (grp) { 1251 tgrp = grp; 1252 grp = grp->gr_next; 1253 free_grp(tgrp); 1254 } 1255 } 1256 1257 /* 1258 * Search the export list for a matching fs. 1259 */ 1260 struct exportlist * 1261 ex_search(fsid) 1262 fsid_t *fsid; 1263 { 1264 struct exportlist *ep; 1265 1266 ep = exphead; 1267 while (ep) { 1268 if (ep->ex_fs.val[0] == fsid->val[0] && 1269 ep->ex_fs.val[1] == fsid->val[1]) 1270 return (ep); 1271 ep = ep->ex_next; 1272 } 1273 return (ep); 1274 } 1275 1276 /* 1277 * Add a directory path to the list. 1278 */ 1279 char * 1280 add_expdir(dpp, cp, len) 1281 struct dirlist **dpp; 1282 char *cp; 1283 int len; 1284 { 1285 struct dirlist *dp; 1286 1287 dp = (struct dirlist *)malloc(sizeof (struct dirlist) + len); 1288 if (dp == (struct dirlist *)NULL) 1289 out_of_mem(); 1290 dp->dp_left = *dpp; 1291 dp->dp_right = (struct dirlist *)NULL; 1292 dp->dp_flag = 0; 1293 dp->dp_hosts = (struct hostlist *)NULL; 1294 strcpy(dp->dp_dirp, cp); 1295 *dpp = dp; 1296 return (dp->dp_dirp); 1297 } 1298 1299 /* 1300 * Hang the dir list element off the dirpath binary tree as required 1301 * and update the entry for host. 1302 */ 1303 void 1304 hang_dirp(dp, grp, ep, flags) 1305 struct dirlist *dp; 1306 struct grouplist *grp; 1307 struct exportlist *ep; 1308 int flags; 1309 { 1310 struct hostlist *hp; 1311 struct dirlist *dp2; 1312 1313 if (flags & OP_ALLDIRS) { 1314 if (ep->ex_defdir) 1315 free((caddr_t)dp); 1316 else 1317 ep->ex_defdir = dp; 1318 if (grp == (struct grouplist *)NULL) { 1319 ep->ex_defdir->dp_flag |= DP_DEFSET; 1320 } else while (grp) { 1321 hp = get_ht(); 1322 hp->ht_grp = grp; 1323 hp->ht_next = ep->ex_defdir->dp_hosts; 1324 ep->ex_defdir->dp_hosts = hp; 1325 grp = grp->gr_next; 1326 } 1327 } else { 1328 1329 /* 1330 * Loop through the directories adding them to the tree. 1331 */ 1332 while (dp) { 1333 dp2 = dp->dp_left; 1334 add_dlist(&ep->ex_dirl, dp, grp, flags); 1335 dp = dp2; 1336 } 1337 } 1338 } 1339 1340 /* 1341 * Traverse the binary tree either updating a node that is already there 1342 * for the new directory or adding the new node. 1343 */ 1344 void 1345 add_dlist(dpp, newdp, grp, flags) 1346 struct dirlist **dpp; 1347 struct dirlist *newdp; 1348 struct grouplist *grp; 1349 int flags; 1350 { 1351 struct dirlist *dp; 1352 struct hostlist *hp; 1353 int cmp; 1354 1355 dp = *dpp; 1356 if (dp) { 1357 cmp = strcmp(dp->dp_dirp, newdp->dp_dirp); 1358 if (cmp > 0) { 1359 add_dlist(&dp->dp_left, newdp, grp, flags); 1360 return; 1361 } else if (cmp < 0) { 1362 add_dlist(&dp->dp_right, newdp, grp, flags); 1363 return; 1364 } else 1365 free((caddr_t)newdp); 1366 } else { 1367 dp = newdp; 1368 dp->dp_left = (struct dirlist *)NULL; 1369 *dpp = dp; 1370 } 1371 if (grp) { 1372 1373 /* 1374 * Hang all of the host(s) off of the directory point. 1375 */ 1376 do { 1377 hp = get_ht(); 1378 hp->ht_grp = grp; 1379 hp->ht_next = dp->dp_hosts; 1380 dp->dp_hosts = hp; 1381 grp = grp->gr_next; 1382 } while (grp); 1383 } else { 1384 dp->dp_flag |= DP_DEFSET; 1385 } 1386 } 1387 1388 /* 1389 * Search for a dirpath on the export point. 1390 */ 1391 struct dirlist * 1392 dirp_search(dp, dirp) 1393 struct dirlist *dp; 1394 char *dirp; 1395 { 1396 int cmp; 1397 1398 if (dp) { 1399 cmp = strcmp(dp->dp_dirp, dirp); 1400 if (cmp > 0) 1401 return (dirp_search(dp->dp_left, dirp)); 1402 else if (cmp < 0) 1403 return (dirp_search(dp->dp_right, dirp)); 1404 else 1405 return (dp); 1406 } 1407 return (dp); 1408 } 1409 1410 /* 1411 * Scan for a host match in a directory tree. 1412 */ 1413 int 1414 chk_host(dp, saddr, defsetp, hostsetp) 1415 struct dirlist *dp; 1416 struct sockaddr *saddr; 1417 int *defsetp; 1418 int *hostsetp; 1419 { 1420 struct hostlist *hp; 1421 struct grouplist *grp; 1422 struct addrinfo *ai; 1423 1424 if (dp) { 1425 if (dp->dp_flag & DP_DEFSET) 1426 *defsetp = dp->dp_flag; 1427 hp = dp->dp_hosts; 1428 while (hp) { 1429 grp = hp->ht_grp; 1430 switch (grp->gr_type) { 1431 case GT_HOST: 1432 ai = grp->gr_ptr.gt_addrinfo; 1433 for (; ai; ai = ai->ai_next) { 1434 if (!sacmp(ai->ai_addr, saddr, NULL)) { 1435 *hostsetp = 1436 (hp->ht_flag | DP_HOSTSET); 1437 return (1); 1438 } 1439 } 1440 break; 1441 case GT_NET: 1442 if (!sacmp(saddr, (struct sockaddr *) 1443 &grp->gr_ptr.gt_net.nt_net, 1444 (struct sockaddr *) 1445 &grp->gr_ptr.gt_net.nt_mask)) { 1446 *hostsetp = (hp->ht_flag | DP_HOSTSET); 1447 return (1); 1448 } 1449 break; 1450 } 1451 hp = hp->ht_next; 1452 } 1453 } 1454 return (0); 1455 } 1456 1457 /* 1458 * Scan tree for a host that matches the address. 1459 */ 1460 int 1461 scan_tree(dp, saddr) 1462 struct dirlist *dp; 1463 struct sockaddr *saddr; 1464 { 1465 int defset, hostset; 1466 1467 if (dp) { 1468 if (scan_tree(dp->dp_left, saddr)) 1469 return (1); 1470 if (chk_host(dp, saddr, &defset, &hostset)) 1471 return (1); 1472 if (scan_tree(dp->dp_right, saddr)) 1473 return (1); 1474 } 1475 return (0); 1476 } 1477 1478 /* 1479 * Traverse the dirlist tree and free it up. 1480 */ 1481 void 1482 free_dir(dp) 1483 struct dirlist *dp; 1484 { 1485 1486 if (dp) { 1487 free_dir(dp->dp_left); 1488 free_dir(dp->dp_right); 1489 free_host(dp->dp_hosts); 1490 free((caddr_t)dp); 1491 } 1492 } 1493 1494 /* 1495 * Parse the option string and update fields. 1496 * Option arguments may either be -<option>=<value> or 1497 * -<option> <value> 1498 */ 1499 int 1500 do_opt(cpp, endcpp, ep, grp, has_hostp, exflagsp, cr) 1501 char **cpp, **endcpp; 1502 struct exportlist *ep; 1503 struct grouplist *grp; 1504 int *has_hostp; 1505 int *exflagsp; 1506 struct xucred *cr; 1507 { 1508 char *cpoptarg, *cpoptend; 1509 char *cp, *endcp, *cpopt, savedc, savedc2; 1510 int allflag, usedarg; 1511 1512 savedc2 = '\0'; 1513 cpopt = *cpp; 1514 cpopt++; 1515 cp = *endcpp; 1516 savedc = *cp; 1517 *cp = '\0'; 1518 while (cpopt && *cpopt) { 1519 allflag = 1; 1520 usedarg = -2; 1521 if ((cpoptend = strchr(cpopt, ','))) { 1522 *cpoptend++ = '\0'; 1523 if ((cpoptarg = strchr(cpopt, '='))) 1524 *cpoptarg++ = '\0'; 1525 } else { 1526 if ((cpoptarg = strchr(cpopt, '='))) 1527 *cpoptarg++ = '\0'; 1528 else { 1529 *cp = savedc; 1530 nextfield(&cp, &endcp); 1531 **endcpp = '\0'; 1532 if (endcp > cp && *cp != '-') { 1533 cpoptarg = cp; 1534 savedc2 = *endcp; 1535 *endcp = '\0'; 1536 usedarg = 0; 1537 } 1538 } 1539 } 1540 if (!strcmp(cpopt, "ro") || !strcmp(cpopt, "o")) { 1541 *exflagsp |= MNT_EXRDONLY; 1542 } else if (cpoptarg && (!strcmp(cpopt, "maproot") || 1543 !(allflag = strcmp(cpopt, "mapall")) || 1544 !strcmp(cpopt, "root") || !strcmp(cpopt, "r"))) { 1545 usedarg++; 1546 parsecred(cpoptarg, cr); 1547 if (allflag == 0) { 1548 *exflagsp |= MNT_EXPORTANON; 1549 opt_flags |= OP_MAPALL; 1550 } else 1551 opt_flags |= OP_MAPROOT; 1552 } else if (cpoptarg && (!strcmp(cpopt, "mask") || 1553 !strcmp(cpopt, "m"))) { 1554 if (get_net(cpoptarg, &grp->gr_ptr.gt_net, 1)) { 1555 syslog(LOG_ERR, "bad mask: %s", cpoptarg); 1556 return (1); 1557 } 1558 usedarg++; 1559 opt_flags |= OP_MASK; 1560 } else if (cpoptarg && (!strcmp(cpopt, "network") || 1561 !strcmp(cpopt, "n"))) { 1562 if (strchr(cpoptarg, '/') != NULL) { 1563 if (debug) 1564 fprintf(stderr, "setting OP_MASKLEN\n"); 1565 opt_flags |= OP_MASKLEN; 1566 } 1567 if (grp->gr_type != GT_NULL) { 1568 syslog(LOG_ERR, "network/host conflict"); 1569 return (1); 1570 } else if (get_net(cpoptarg, &grp->gr_ptr.gt_net, 0)) { 1571 syslog(LOG_ERR, "bad net: %s", cpoptarg); 1572 return (1); 1573 } 1574 grp->gr_type = GT_NET; 1575 *has_hostp = 1; 1576 usedarg++; 1577 opt_flags |= OP_NET; 1578 } else if (!strcmp(cpopt, "alldirs")) { 1579 opt_flags |= OP_ALLDIRS; 1580 } else if (!strcmp(cpopt, "public")) { 1581 *exflagsp |= MNT_EXPUBLIC; 1582 } else if (!strcmp(cpopt, "webnfs")) { 1583 *exflagsp |= (MNT_EXPUBLIC|MNT_EXRDONLY|MNT_EXPORTANON); 1584 opt_flags |= OP_MAPALL; 1585 } else if (cpoptarg && !strcmp(cpopt, "index")) { 1586 ep->ex_indexfile = strdup(cpoptarg); 1587 } else if (!strcmp(cpopt, "quiet")) { 1588 opt_flags |= OP_QUIET; 1589 } else { 1590 syslog(LOG_ERR, "bad opt %s", cpopt); 1591 return (1); 1592 } 1593 if (usedarg >= 0) { 1594 *endcp = savedc2; 1595 **endcpp = savedc; 1596 if (usedarg > 0) { 1597 *cpp = cp; 1598 *endcpp = endcp; 1599 } 1600 return (0); 1601 } 1602 cpopt = cpoptend; 1603 } 1604 **endcpp = savedc; 1605 return (0); 1606 } 1607 1608 /* 1609 * Translate a character string to the corresponding list of network 1610 * addresses for a hostname. 1611 */ 1612 int 1613 get_host(cp, grp, tgrp) 1614 char *cp; 1615 struct grouplist *grp; 1616 struct grouplist *tgrp; 1617 { 1618 struct grouplist *checkgrp; 1619 struct addrinfo *ai, *tai, hints; 1620 int ecode; 1621 char host[NI_MAXHOST]; 1622 1623 if (grp->gr_type != GT_NULL) { 1624 syslog(LOG_ERR, "Bad netgroup type for ip host %s", cp); 1625 return (1); 1626 } 1627 memset(&hints, 0, sizeof hints); 1628 hints.ai_flags = AI_CANONNAME; 1629 hints.ai_protocol = IPPROTO_UDP; 1630 ecode = getaddrinfo(cp, NULL, &hints, &ai); 1631 if (ecode != 0) { 1632 syslog(LOG_ERR,"can't get address info for host %s", cp); 1633 return 1; 1634 } 1635 grp->gr_ptr.gt_addrinfo = ai; 1636 while (ai != NULL) { 1637 if (ai->ai_canonname == NULL) { 1638 if (getnameinfo(ai->ai_addr, ai->ai_addrlen, host, 1639 sizeof host, NULL, 0, ninumeric) != 0) 1640 strlcpy(host, "?", sizeof(host)); 1641 ai->ai_canonname = strdup(host); 1642 ai->ai_flags |= AI_CANONNAME; 1643 } 1644 if (debug) 1645 fprintf(stderr, "got host %s\n", ai->ai_canonname); 1646 /* 1647 * Sanity check: make sure we don't already have an entry 1648 * for this host in the grouplist. 1649 */ 1650 for (checkgrp = tgrp; checkgrp != NULL; 1651 checkgrp = checkgrp->gr_next) { 1652 if (checkgrp->gr_type != GT_HOST) 1653 continue; 1654 for (tai = checkgrp->gr_ptr.gt_addrinfo; tai != NULL; 1655 tai = tai->ai_next) { 1656 if (sacmp(tai->ai_addr, ai->ai_addr, NULL) != 0) 1657 continue; 1658 if (debug) 1659 fprintf(stderr, 1660 "ignoring duplicate host %s\n", 1661 ai->ai_canonname); 1662 grp->gr_type = GT_IGNORE; 1663 return (0); 1664 } 1665 } 1666 ai = ai->ai_next; 1667 } 1668 grp->gr_type = GT_HOST; 1669 return (0); 1670 } 1671 1672 /* 1673 * Free up an exports list component 1674 */ 1675 void 1676 free_exp(ep) 1677 struct exportlist *ep; 1678 { 1679 1680 if (ep->ex_defdir) { 1681 free_host(ep->ex_defdir->dp_hosts); 1682 free((caddr_t)ep->ex_defdir); 1683 } 1684 if (ep->ex_fsdir) 1685 free(ep->ex_fsdir); 1686 if (ep->ex_indexfile) 1687 free(ep->ex_indexfile); 1688 free_dir(ep->ex_dirl); 1689 free((caddr_t)ep); 1690 } 1691 1692 /* 1693 * Free hosts. 1694 */ 1695 void 1696 free_host(hp) 1697 struct hostlist *hp; 1698 { 1699 struct hostlist *hp2; 1700 1701 while (hp) { 1702 hp2 = hp; 1703 hp = hp->ht_next; 1704 free((caddr_t)hp2); 1705 } 1706 } 1707 1708 struct hostlist * 1709 get_ht() 1710 { 1711 struct hostlist *hp; 1712 1713 hp = (struct hostlist *)malloc(sizeof (struct hostlist)); 1714 if (hp == (struct hostlist *)NULL) 1715 out_of_mem(); 1716 hp->ht_next = (struct hostlist *)NULL; 1717 hp->ht_flag = 0; 1718 return (hp); 1719 } 1720 1721 /* 1722 * Out of memory, fatal 1723 */ 1724 void 1725 out_of_mem() 1726 { 1727 1728 syslog(LOG_ERR, "out of memory"); 1729 exit(2); 1730 } 1731 1732 /* 1733 * Do the mount syscall with the update flag to push the export info into 1734 * the kernel. 1735 */ 1736 int 1737 do_mount(ep, grp, exflags, anoncrp, dirp, dirplen, fsb) 1738 struct exportlist *ep; 1739 struct grouplist *grp; 1740 int exflags; 1741 struct xucred *anoncrp; 1742 char *dirp; 1743 int dirplen; 1744 struct statfs *fsb; 1745 { 1746 struct statfs fsb1; 1747 struct addrinfo *ai; 1748 struct export_args *eap; 1749 char *cp = NULL; 1750 int done; 1751 char savedc = '\0'; 1752 union { 1753 struct ufs_args ua; 1754 struct iso_args ia; 1755 struct msdosfs_args da; 1756 struct ntfs_args na; 1757 } args; 1758 1759 bzero(&args, sizeof args); 1760 /* XXX, we assume that all xx_args look like ufs_args. */ 1761 args.ua.fspec = 0; 1762 eap = &args.ua.export; 1763 1764 eap->ex_flags = exflags; 1765 eap->ex_anon = *anoncrp; 1766 eap->ex_indexfile = ep->ex_indexfile; 1767 if (grp->gr_type == GT_HOST) 1768 ai = grp->gr_ptr.gt_addrinfo; 1769 else 1770 ai = NULL; 1771 done = FALSE; 1772 while (!done) { 1773 switch (grp->gr_type) { 1774 case GT_HOST: 1775 if (ai->ai_addr->sa_family == AF_INET6 && have_v6 == 0) 1776 goto skip; 1777 eap->ex_addr = ai->ai_addr; 1778 eap->ex_addrlen = ai->ai_addrlen; 1779 eap->ex_masklen = 0; 1780 break; 1781 case GT_NET: 1782 if (grp->gr_ptr.gt_net.nt_net.ss_family == AF_INET6 && 1783 have_v6 == 0) 1784 goto skip; 1785 eap->ex_addr = 1786 (struct sockaddr *)&grp->gr_ptr.gt_net.nt_net; 1787 eap->ex_addrlen = args.ua.export.ex_addr->sa_len; 1788 eap->ex_mask = 1789 (struct sockaddr *)&grp->gr_ptr.gt_net.nt_mask; 1790 eap->ex_masklen = args.ua.export.ex_mask->sa_len; 1791 break; 1792 case GT_DEFAULT: 1793 eap->ex_addr = NULL; 1794 eap->ex_addrlen = 0; 1795 eap->ex_mask = NULL; 1796 eap->ex_masklen = 0; 1797 break; 1798 case GT_IGNORE: 1799 return(0); 1800 break; 1801 default: 1802 syslog(LOG_ERR, "bad grouptype"); 1803 if (cp) 1804 *cp = savedc; 1805 return (1); 1806 }; 1807 1808 /* 1809 * XXX: 1810 * Maybe I should just use the fsb->f_mntonname path instead 1811 * of looping back up the dirp to the mount point?? 1812 * Also, needs to know how to export all types of local 1813 * exportable filesystems and not just "ufs". 1814 */ 1815 while (mount(fsb->f_fstypename, dirp, 1816 fsb->f_flags | MNT_UPDATE, (caddr_t)&args) < 0) { 1817 if (cp) 1818 *cp-- = savedc; 1819 else 1820 cp = dirp + dirplen - 1; 1821 if (opt_flags & OP_QUIET) 1822 return (1); 1823 if (errno == EPERM) { 1824 if (debug) 1825 warnx("can't change attributes for %s", 1826 dirp); 1827 syslog(LOG_ERR, 1828 "can't change attributes for %s", dirp); 1829 return (1); 1830 } 1831 if (opt_flags & OP_ALLDIRS) { 1832 if (errno == EINVAL) 1833 syslog(LOG_ERR, 1834 "-alldirs requested but %s is not a filesystem mountpoint", 1835 dirp); 1836 else 1837 syslog(LOG_ERR, 1838 "could not remount %s: %m", 1839 dirp); 1840 return (1); 1841 } 1842 /* back up over the last component */ 1843 while (*cp == '/' && cp > dirp) 1844 cp--; 1845 while (*(cp - 1) != '/' && cp > dirp) 1846 cp--; 1847 if (cp == dirp) { 1848 if (debug) 1849 warnx("mnt unsucc"); 1850 syslog(LOG_ERR, "can't export %s", dirp); 1851 return (1); 1852 } 1853 savedc = *cp; 1854 *cp = '\0'; 1855 /* Check that we're still on the same filesystem. */ 1856 if (statfs(dirp, &fsb1) != 0 || bcmp(&fsb1.f_fsid, 1857 &fsb->f_fsid, sizeof(fsb1.f_fsid)) != 0) { 1858 *cp = savedc; 1859 syslog(LOG_ERR, "can't export %s", dirp); 1860 return (1); 1861 } 1862 } 1863 skip: 1864 if (ai != NULL) 1865 ai = ai->ai_next; 1866 if (ai == NULL) 1867 done = TRUE; 1868 } 1869 if (cp) 1870 *cp = savedc; 1871 return (0); 1872 } 1873 1874 /* 1875 * Translate a net address. 1876 * 1877 * If `maskflg' is nonzero, then `cp' is a netmask, not a network address. 1878 */ 1879 int 1880 get_net(cp, net, maskflg) 1881 char *cp; 1882 struct netmsk *net; 1883 int maskflg; 1884 { 1885 struct netent *np = NULL; 1886 char *name, *p, *prefp; 1887 struct sockaddr_in sin; 1888 struct sockaddr *sa = NULL; 1889 struct addrinfo hints, *ai = NULL; 1890 char netname[NI_MAXHOST]; 1891 long preflen; 1892 1893 p = prefp = NULL; 1894 if ((opt_flags & OP_MASKLEN) && !maskflg) { 1895 p = strchr(cp, '/'); 1896 *p = '\0'; 1897 prefp = p + 1; 1898 } 1899 1900 /* 1901 * Check for a numeric address first. We wish to avoid 1902 * possible DNS lookups in getnetbyname(). 1903 */ 1904 if (isxdigit(*cp) || *cp == ':') { 1905 memset(&hints, 0, sizeof hints); 1906 /* Ensure the mask and the network have the same family. */ 1907 if (maskflg && (opt_flags & OP_NET)) 1908 hints.ai_family = net->nt_net.ss_family; 1909 else if (!maskflg && (opt_flags & OP_HAVEMASK)) 1910 hints.ai_family = net->nt_mask.ss_family; 1911 else 1912 hints.ai_family = AF_UNSPEC; 1913 hints.ai_flags = AI_NUMERICHOST; 1914 if (getaddrinfo(cp, NULL, &hints, &ai) == 0) 1915 sa = ai->ai_addr; 1916 if (sa != NULL && ai->ai_family == AF_INET) { 1917 /* 1918 * The address in `cp' is really a network address, so 1919 * use inet_network() to re-interpret this correctly. 1920 * e.g. "127.1" means 127.1.0.0, not 127.0.0.1. 1921 */ 1922 bzero(&sin, sizeof sin); 1923 sin.sin_family = AF_INET; 1924 sin.sin_len = sizeof sin; 1925 sin.sin_addr = inet_makeaddr(inet_network(cp), 0); 1926 if (debug) 1927 fprintf(stderr, "get_net: v4 addr %s\n", 1928 inet_ntoa(sin.sin_addr)); 1929 sa = (struct sockaddr *)&sin; 1930 } 1931 } 1932 if (sa == NULL && (np = getnetbyname(cp)) != NULL) { 1933 bzero(&sin, sizeof sin); 1934 sin.sin_family = AF_INET; 1935 sin.sin_len = sizeof sin; 1936 sin.sin_addr = inet_makeaddr(np->n_net, 0); 1937 sa = (struct sockaddr *)&sin; 1938 } 1939 if (sa == NULL) 1940 goto fail; 1941 1942 if (maskflg) { 1943 /* The specified sockaddr is a mask. */ 1944 if (checkmask(sa) != 0) 1945 goto fail; 1946 bcopy(sa, &net->nt_mask, sa->sa_len); 1947 opt_flags |= OP_HAVEMASK; 1948 } else { 1949 /* The specified sockaddr is a network address. */ 1950 bcopy(sa, &net->nt_net, sa->sa_len); 1951 1952 /* Get a network name for the export list. */ 1953 if (np) { 1954 name = np->n_name; 1955 } else if (getnameinfo(sa, sa->sa_len, netname, sizeof netname, 1956 NULL, 0, ninumeric) == 0) { 1957 name = netname; 1958 } else { 1959 goto fail; 1960 } 1961 if ((net->nt_name = strdup(name)) == NULL) 1962 out_of_mem(); 1963 1964 /* 1965 * Extract a mask from either a "/<masklen>" suffix, or 1966 * from the class of an IPv4 address. 1967 */ 1968 if (opt_flags & OP_MASKLEN) { 1969 preflen = strtol(prefp, NULL, 10); 1970 if (preflen < 0L || preflen == LONG_MAX) 1971 goto fail; 1972 bcopy(sa, &net->nt_mask, sa->sa_len); 1973 if (makemask(&net->nt_mask, (int)preflen) != 0) 1974 goto fail; 1975 opt_flags |= OP_HAVEMASK; 1976 *p = '/'; 1977 } else if (sa->sa_family == AF_INET && 1978 (opt_flags & OP_MASK) == 0) { 1979 in_addr_t addr; 1980 1981 addr = ((struct sockaddr_in *)sa)->sin_addr.s_addr; 1982 if (IN_CLASSA(addr)) 1983 preflen = 8; 1984 else if (IN_CLASSB(addr)) 1985 preflen = 16; 1986 else if (IN_CLASSC(addr)) 1987 preflen = 24; 1988 else if (IN_CLASSD(addr)) 1989 preflen = 28; 1990 else 1991 preflen = 32; /* XXX */ 1992 1993 bcopy(sa, &net->nt_mask, sa->sa_len); 1994 makemask(&net->nt_mask, (int)preflen); 1995 opt_flags |= OP_HAVEMASK; 1996 } 1997 } 1998 1999 if (ai) 2000 freeaddrinfo(ai); 2001 return 0; 2002 2003 fail: 2004 if (ai) 2005 freeaddrinfo(ai); 2006 return 1; 2007 } 2008 2009 /* 2010 * Parse out the next white space separated field 2011 */ 2012 void 2013 nextfield(cp, endcp) 2014 char **cp; 2015 char **endcp; 2016 { 2017 char *p; 2018 2019 p = *cp; 2020 while (*p == ' ' || *p == '\t') 2021 p++; 2022 if (*p == '\n' || *p == '\0') 2023 *cp = *endcp = p; 2024 else { 2025 *cp = p++; 2026 while (*p != ' ' && *p != '\t' && *p != '\n' && *p != '\0') 2027 p++; 2028 *endcp = p; 2029 } 2030 } 2031 2032 /* 2033 * Get an exports file line. Skip over blank lines and handle line 2034 * continuations. 2035 */ 2036 int 2037 get_line() 2038 { 2039 char *p, *cp; 2040 size_t len; 2041 int totlen, cont_line; 2042 2043 /* 2044 * Loop around ignoring blank lines and getting all continuation lines. 2045 */ 2046 p = line; 2047 totlen = 0; 2048 do { 2049 if ((p = fgetln(exp_file, &len)) == NULL) 2050 return (0); 2051 cp = p + len - 1; 2052 cont_line = 0; 2053 while (cp >= p && 2054 (*cp == ' ' || *cp == '\t' || *cp == '\n' || *cp == '\\')) { 2055 if (*cp == '\\') 2056 cont_line = 1; 2057 cp--; 2058 len--; 2059 } 2060 if (cont_line) { 2061 *++cp = ' '; 2062 len++; 2063 } 2064 if (linesize < len + totlen + 1) { 2065 linesize = len + totlen + 1; 2066 line = realloc(line, linesize); 2067 if (line == NULL) 2068 out_of_mem(); 2069 } 2070 memcpy(line + totlen, p, len); 2071 totlen += len; 2072 line[totlen] = '\0'; 2073 } while (totlen == 0 || cont_line); 2074 return (1); 2075 } 2076 2077 /* 2078 * Parse a description of a credential. 2079 */ 2080 void 2081 parsecred(namelist, cr) 2082 char *namelist; 2083 struct xucred *cr; 2084 { 2085 char *name; 2086 int cnt; 2087 char *names; 2088 struct passwd *pw; 2089 struct group *gr; 2090 int ngroups, groups[NGROUPS + 1]; 2091 2092 cr->cr_version = XUCRED_VERSION; 2093 /* 2094 * Set up the unprivileged user. 2095 */ 2096 cr->cr_uid = -2; 2097 cr->cr_groups[0] = -2; 2098 cr->cr_ngroups = 1; 2099 /* 2100 * Get the user's password table entry. 2101 */ 2102 names = strsep(&namelist, " \t\n"); 2103 name = strsep(&names, ":"); 2104 if (isdigit(*name) || *name == '-') 2105 pw = getpwuid(atoi(name)); 2106 else 2107 pw = getpwnam(name); 2108 /* 2109 * Credentials specified as those of a user. 2110 */ 2111 if (names == NULL) { 2112 if (pw == NULL) { 2113 syslog(LOG_ERR, "unknown user: %s", name); 2114 return; 2115 } 2116 cr->cr_uid = pw->pw_uid; 2117 ngroups = NGROUPS + 1; 2118 if (getgrouplist(pw->pw_name, pw->pw_gid, groups, &ngroups)) 2119 syslog(LOG_ERR, "too many groups"); 2120 /* 2121 * Convert from int's to gid_t's and compress out duplicate 2122 */ 2123 cr->cr_ngroups = ngroups - 1; 2124 cr->cr_groups[0] = groups[0]; 2125 for (cnt = 2; cnt < ngroups; cnt++) 2126 cr->cr_groups[cnt - 1] = groups[cnt]; 2127 return; 2128 } 2129 /* 2130 * Explicit credential specified as a colon separated list: 2131 * uid:gid:gid:... 2132 */ 2133 if (pw != NULL) 2134 cr->cr_uid = pw->pw_uid; 2135 else if (isdigit(*name) || *name == '-') 2136 cr->cr_uid = atoi(name); 2137 else { 2138 syslog(LOG_ERR, "unknown user: %s", name); 2139 return; 2140 } 2141 cr->cr_ngroups = 0; 2142 while (names != NULL && *names != '\0' && cr->cr_ngroups < NGROUPS) { 2143 name = strsep(&names, ":"); 2144 if (isdigit(*name) || *name == '-') { 2145 cr->cr_groups[cr->cr_ngroups++] = atoi(name); 2146 } else { 2147 if ((gr = getgrnam(name)) == NULL) { 2148 syslog(LOG_ERR, "unknown group: %s", name); 2149 continue; 2150 } 2151 cr->cr_groups[cr->cr_ngroups++] = gr->gr_gid; 2152 } 2153 } 2154 if (names != NULL && *names != '\0' && cr->cr_ngroups == NGROUPS) 2155 syslog(LOG_ERR, "too many groups"); 2156 } 2157 2158 #define STRSIZ (RPCMNT_NAMELEN+RPCMNT_PATHLEN+50) 2159 /* 2160 * Routines that maintain the remote mounttab 2161 */ 2162 void 2163 get_mountlist() 2164 { 2165 struct mountlist *mlp, **mlpp; 2166 char *host, *dirp, *cp; 2167 char str[STRSIZ]; 2168 FILE *mlfile; 2169 2170 if ((mlfile = fopen(_PATH_RMOUNTLIST, "r")) == NULL) { 2171 if (errno == ENOENT) 2172 return; 2173 else { 2174 syslog(LOG_ERR, "can't open %s", _PATH_RMOUNTLIST); 2175 return; 2176 } 2177 } 2178 mlpp = &mlhead; 2179 while (fgets(str, STRSIZ, mlfile) != NULL) { 2180 cp = str; 2181 host = strsep(&cp, " \t\n"); 2182 dirp = strsep(&cp, " \t\n"); 2183 if (host == NULL || dirp == NULL) 2184 continue; 2185 mlp = (struct mountlist *)malloc(sizeof (*mlp)); 2186 if (mlp == (struct mountlist *)NULL) 2187 out_of_mem(); 2188 strncpy(mlp->ml_host, host, RPCMNT_NAMELEN); 2189 mlp->ml_host[RPCMNT_NAMELEN] = '\0'; 2190 strncpy(mlp->ml_dirp, dirp, RPCMNT_PATHLEN); 2191 mlp->ml_dirp[RPCMNT_PATHLEN] = '\0'; 2192 mlp->ml_next = (struct mountlist *)NULL; 2193 *mlpp = mlp; 2194 mlpp = &mlp->ml_next; 2195 } 2196 fclose(mlfile); 2197 } 2198 2199 void 2200 del_mlist(char *hostp, char *dirp) 2201 { 2202 struct mountlist *mlp, **mlpp; 2203 struct mountlist *mlp2; 2204 FILE *mlfile; 2205 int fnd = 0; 2206 2207 mlpp = &mlhead; 2208 mlp = mlhead; 2209 while (mlp) { 2210 if (!strcmp(mlp->ml_host, hostp) && 2211 (!dirp || !strcmp(mlp->ml_dirp, dirp))) { 2212 fnd = 1; 2213 mlp2 = mlp; 2214 *mlpp = mlp = mlp->ml_next; 2215 free((caddr_t)mlp2); 2216 } else { 2217 mlpp = &mlp->ml_next; 2218 mlp = mlp->ml_next; 2219 } 2220 } 2221 if (fnd) { 2222 if ((mlfile = fopen(_PATH_RMOUNTLIST, "w")) == NULL) { 2223 syslog(LOG_ERR,"can't update %s", _PATH_RMOUNTLIST); 2224 return; 2225 } 2226 mlp = mlhead; 2227 while (mlp) { 2228 fprintf(mlfile, "%s %s\n", mlp->ml_host, mlp->ml_dirp); 2229 mlp = mlp->ml_next; 2230 } 2231 fclose(mlfile); 2232 } 2233 } 2234 2235 void 2236 add_mlist(hostp, dirp) 2237 char *hostp, *dirp; 2238 { 2239 struct mountlist *mlp, **mlpp; 2240 FILE *mlfile; 2241 2242 mlpp = &mlhead; 2243 mlp = mlhead; 2244 while (mlp) { 2245 if (!strcmp(mlp->ml_host, hostp) && !strcmp(mlp->ml_dirp, dirp)) 2246 return; 2247 mlpp = &mlp->ml_next; 2248 mlp = mlp->ml_next; 2249 } 2250 mlp = (struct mountlist *)malloc(sizeof (*mlp)); 2251 if (mlp == (struct mountlist *)NULL) 2252 out_of_mem(); 2253 strncpy(mlp->ml_host, hostp, RPCMNT_NAMELEN); 2254 mlp->ml_host[RPCMNT_NAMELEN] = '\0'; 2255 strncpy(mlp->ml_dirp, dirp, RPCMNT_PATHLEN); 2256 mlp->ml_dirp[RPCMNT_PATHLEN] = '\0'; 2257 mlp->ml_next = (struct mountlist *)NULL; 2258 *mlpp = mlp; 2259 if ((mlfile = fopen(_PATH_RMOUNTLIST, "a")) == NULL) { 2260 syslog(LOG_ERR, "can't update %s", _PATH_RMOUNTLIST); 2261 return; 2262 } 2263 fprintf(mlfile, "%s %s\n", mlp->ml_host, mlp->ml_dirp); 2264 fclose(mlfile); 2265 } 2266 2267 /* 2268 * Free up a group list. 2269 */ 2270 void 2271 free_grp(grp) 2272 struct grouplist *grp; 2273 { 2274 if (grp->gr_type == GT_HOST) { 2275 if (grp->gr_ptr.gt_addrinfo != NULL) 2276 freeaddrinfo(grp->gr_ptr.gt_addrinfo); 2277 } else if (grp->gr_type == GT_NET) { 2278 if (grp->gr_ptr.gt_net.nt_name) 2279 free(grp->gr_ptr.gt_net.nt_name); 2280 } 2281 free((caddr_t)grp); 2282 } 2283 2284 #ifdef DEBUG 2285 void 2286 SYSLOG(int pri, const char *fmt, ...) 2287 { 2288 va_list ap; 2289 2290 va_start(ap, fmt); 2291 vfprintf(stderr, fmt, ap); 2292 va_end(ap); 2293 } 2294 #endif /* DEBUG */ 2295 2296 /* 2297 * Check options for consistency. 2298 */ 2299 int 2300 check_options(dp) 2301 struct dirlist *dp; 2302 { 2303 2304 if (dp == (struct dirlist *)NULL) 2305 return (1); 2306 if ((opt_flags & (OP_MAPROOT | OP_MAPALL)) == (OP_MAPROOT | OP_MAPALL)) { 2307 syslog(LOG_ERR, "-mapall and -maproot mutually exclusive"); 2308 return (1); 2309 } 2310 if ((opt_flags & OP_MASK) && (opt_flags & OP_NET) == 0) { 2311 syslog(LOG_ERR, "-mask requires -network"); 2312 return (1); 2313 } 2314 if ((opt_flags & OP_NET) && (opt_flags & OP_HAVEMASK) == 0) { 2315 syslog(LOG_ERR, "-network requires mask specification"); 2316 return (1); 2317 } 2318 if ((opt_flags & OP_MASK) && (opt_flags & OP_MASKLEN)) { 2319 syslog(LOG_ERR, "-mask and /masklen are mutually exclusive"); 2320 return (1); 2321 } 2322 if ((opt_flags & OP_ALLDIRS) && dp->dp_left) { 2323 syslog(LOG_ERR, "-alldirs has multiple directories"); 2324 return (1); 2325 } 2326 return (0); 2327 } 2328 2329 /* 2330 * Check an absolute directory path for any symbolic links. Return true 2331 */ 2332 int 2333 check_dirpath(dirp) 2334 char *dirp; 2335 { 2336 char *cp; 2337 int ret = 1; 2338 struct stat sb; 2339 2340 cp = dirp + 1; 2341 while (*cp && ret) { 2342 if (*cp == '/') { 2343 *cp = '\0'; 2344 if (lstat(dirp, &sb) < 0 || !S_ISDIR(sb.st_mode)) 2345 ret = 0; 2346 *cp = '/'; 2347 } 2348 cp++; 2349 } 2350 if (lstat(dirp, &sb) < 0 || !S_ISDIR(sb.st_mode)) 2351 ret = 0; 2352 return (ret); 2353 } 2354 2355 /* 2356 * Make a netmask according to the specified prefix length. The ss_family 2357 * and other non-address fields must be initialised before calling this. 2358 */ 2359 int 2360 makemask(struct sockaddr_storage *ssp, int bitlen) 2361 { 2362 u_char *p; 2363 int bits, i, len; 2364 2365 if ((p = sa_rawaddr((struct sockaddr *)ssp, &len)) == NULL) 2366 return (-1); 2367 if (bitlen > len * CHAR_BIT) 2368 return (-1); 2369 2370 for (i = 0; i < len; i++) { 2371 bits = (bitlen > CHAR_BIT) ? CHAR_BIT : bitlen; 2372 *p++ = (1 << bits) - 1; 2373 bitlen -= bits; 2374 } 2375 return 0; 2376 } 2377 2378 /* 2379 * Check that the sockaddr is a valid netmask. Returns 0 if the mask 2380 * is acceptable (i.e. of the form 1...10....0). 2381 */ 2382 int 2383 checkmask(struct sockaddr *sa) 2384 { 2385 u_char *mask; 2386 int i, len; 2387 2388 if ((mask = sa_rawaddr(sa, &len)) == NULL) 2389 return (-1); 2390 2391 for (i = 0; i < len; i++) 2392 if (mask[i] != 0xff) 2393 break; 2394 if (i < len) { 2395 if (~mask[i] & (u_char)(~mask[i] + 1)) 2396 return (-1); 2397 i++; 2398 } 2399 for (; i < len; i++) 2400 if (mask[i] != 0) 2401 return (-1); 2402 return (0); 2403 } 2404 2405 /* 2406 * Compare two sockaddrs according to a specified mask. Return zero if 2407 * `sa1' matches `sa2' when filtered by the netmask in `samask'. 2408 * If samask is NULL, perform a full comparision. 2409 */ 2410 int 2411 sacmp(struct sockaddr *sa1, struct sockaddr *sa2, struct sockaddr *samask) 2412 { 2413 unsigned char *p1, *p2, *mask; 2414 int len, i; 2415 2416 if (sa1->sa_family != sa2->sa_family || 2417 (p1 = sa_rawaddr(sa1, &len)) == NULL || 2418 (p2 = sa_rawaddr(sa2, NULL)) == NULL) 2419 return (1); 2420 2421 switch (sa1->sa_family) { 2422 case AF_INET6: 2423 if (((struct sockaddr_in6 *)sa1)->sin6_scope_id != 2424 ((struct sockaddr_in6 *)sa2)->sin6_scope_id) 2425 return (1); 2426 break; 2427 } 2428 2429 /* Simple binary comparison if no mask specified. */ 2430 if (samask == NULL) 2431 return (memcmp(p1, p2, len)); 2432 2433 /* Set up the mask, and do a mask-based comparison. */ 2434 if (sa1->sa_family != samask->sa_family || 2435 (mask = sa_rawaddr(samask, NULL)) == NULL) 2436 return (1); 2437 2438 for (i = 0; i < len; i++) 2439 if ((p1[i] & mask[i]) != (p2[i] & mask[i])) 2440 return (1); 2441 return (0); 2442 } 2443 2444 /* 2445 * Return a pointer to the part of the sockaddr that contains the 2446 * raw address, and set *nbytes to its length in bytes. Returns 2447 * NULL if the address family is unknown. 2448 */ 2449 void * 2450 sa_rawaddr(struct sockaddr *sa, int *nbytes) { 2451 void *p; 2452 int len; 2453 2454 switch (sa->sa_family) { 2455 case AF_INET: 2456 len = sizeof(((struct sockaddr_in *)sa)->sin_addr); 2457 p = &((struct sockaddr_in *)sa)->sin_addr; 2458 break; 2459 case AF_INET6: 2460 len = sizeof(((struct sockaddr_in6 *)sa)->sin6_addr); 2461 p = &((struct sockaddr_in6 *)sa)->sin6_addr; 2462 break; 2463 default: 2464 p = NULL; 2465 len = 0; 2466 } 2467 2468 if (nbytes != NULL) 2469 *nbytes = len; 2470 return (p); 2471 } 2472 2473 void 2474 huphandler(int sig) 2475 { 2476 got_sighup = 1; 2477 } 2478 2479 void terminate(sig) 2480 int sig; 2481 { 2482 close(mountdlockfd); 2483 unlink(MOUNTDLOCK); 2484 rpcb_unset(RPCPROG_MNT, RPCMNT_VER1, NULL); 2485 rpcb_unset(RPCPROG_MNT, RPCMNT_VER3, NULL); 2486 exit (0); 2487 } 2488