1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright 2007 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25 26 #pragma ident "%Z%%M% %I% %E% SMI" 27 28 #include <stdio.h> 29 #include <unistd.h> 30 #include <stdlib.h> 31 #include <ctype.h> 32 #include <syslog.h> 33 #include <string.h> 34 #include <deflt.h> 35 #include <kstat.h> 36 #include <sys/param.h> 37 #include <sys/types.h> 38 #include <sys/time.h> 39 #include <sys/stat.h> 40 #include <sys/wait.h> 41 #include <sys/socket.h> 42 #include <netinet/in.h> 43 #include <signal.h> 44 #include <sys/signal.h> 45 #include <rpc/rpc.h> 46 #include <rpc/pmap_clnt.h> 47 #include <sys/mount.h> 48 #include <sys/mntent.h> 49 #include <sys/mnttab.h> 50 #include <sys/fstyp.h> 51 #include <sys/fsid.h> 52 #include <arpa/inet.h> 53 #include <netdb.h> 54 #include <netconfig.h> 55 #include <netdir.h> 56 #include <errno.h> 57 #define NFSCLIENT 58 #include <nfs/nfs.h> 59 #include <nfs/mount.h> 60 #include <rpcsvc/mount.h> 61 #include <rpc/nettype.h> 62 #include <locale.h> 63 #include <setjmp.h> 64 #include <sys/socket.h> 65 #include <thread.h> 66 #include <limits.h> 67 #include <nss_dbdefs.h> /* for NSS_BUFLEN_HOSTS */ 68 #include <nfs/nfs_sec.h> 69 #include <sys/sockio.h> 70 #include <net/if.h> 71 #include <assert.h> 72 #include <nfs/nfs_clnt.h> 73 #include <rpcsvc/nfs4_prot.h> 74 #define NO_RDDIR_CACHE 75 #include "automount.h" 76 #include "replica.h" 77 #include "nfs_subr.h" 78 #include "webnfs.h" 79 #include <sys/sockio.h> 80 #include <net/if.h> 81 #include <assert.h> 82 #include <rpcsvc/daemon_utils.h> 83 #include <pwd.h> 84 #include <strings.h> 85 #include <tsol/label.h> 86 #include <zone.h> 87 88 extern char *nfs_get_qop_name(); 89 extern AUTH *nfs_create_ah(); 90 extern enum snego_stat nfs_sec_nego(); 91 92 #define MAXHOSTS 512 93 94 /* number of transports to try */ 95 #define MNT_PREF_LISTLEN 2 96 #define FIRST_TRY 1 97 #define SECOND_TRY 2 98 99 #define MNTTYPE_CACHEFS "cachefs" 100 101 /* 102 * host cache states 103 */ 104 #define NOHOST 0 105 #define GOODHOST 1 106 #define DEADHOST 2 107 108 #define NFS_ARGS_EXTB_secdata(args, secdata) \ 109 { (args).nfs_args_ext = NFS_ARGS_EXTB, \ 110 (args).nfs_ext_u.nfs_extB.secdata = secdata; } 111 112 struct cache_entry { 113 struct cache_entry *cache_next; 114 char *cache_host; 115 time_t cache_time; 116 int cache_state; 117 rpcvers_t cache_reqvers; 118 rpcvers_t cache_outvers; 119 char *cache_proto; 120 }; 121 122 struct mfs_snego_t { 123 int sec_opt; 124 bool_t snego_done; 125 char *nfs_flavor; 126 seconfig_t nfs_sec; 127 }; 128 typedef struct mfs_snego_t mfs_snego_t; 129 130 static struct cache_entry *cache_head = NULL; 131 rwlock_t cache_lock; /* protect the cache chain */ 132 133 static enum nfsstat nfsmount(struct mapfs *, char *, char *, int, int, uid_t, 134 action_list *); 135 static int is_nfs_port(char *); 136 137 void netbuf_free(struct netbuf *); 138 struct knetconfig *get_knconf(struct netconfig *); 139 void free_knconf(struct knetconfig *); 140 static int get_pathconf(CLIENT *, char *, char *, struct pathcnf **, int); 141 static struct mapfs *enum_servers(struct mapent *, char *); 142 static struct mapfs *get_mysubnet_servers(struct mapfs *); 143 static int subnet_test(int af, struct sioc_addrreq *); 144 static struct netbuf *get_addr(char *, rpcprog_t, rpcvers_t, 145 struct netconfig **, char *, ushort_t, struct t_info *); 146 147 static struct netbuf *get_pubfh(char *, rpcvers_t, mfs_snego_t *, 148 struct netconfig **, char *, ushort_t, struct t_info *, caddr_t *, 149 bool_t, char *); 150 151 static int create_homedir(const char *, const char *); 152 153 enum type_of_stuff { 154 SERVER_ADDR = 0, 155 SERVER_PING = 1, 156 SERVER_FH = 2 157 }; 158 159 void *get_server_stuff(enum type_of_stuff, char *, rpcprog_t, 160 rpcvers_t, mfs_snego_t *, struct netconfig **, char *, ushort_t, 161 struct t_info *, caddr_t *, bool_t, char *, enum clnt_stat *); 162 163 void *get_the_stuff(enum type_of_stuff, char *, rpcprog_t, 164 rpcvers_t, mfs_snego_t *, struct netconfig *, ushort_t, struct t_info *, 165 caddr_t *, bool_t, char *, enum clnt_stat *); 166 167 struct mapfs *add_mfs(struct mapfs *, int, struct mapfs **, struct mapfs **); 168 void free_mfs(struct mapfs *); 169 static void dump_mfs(struct mapfs *, char *, int); 170 static char *dump_distance(struct mapfs *); 171 static void cache_free(struct cache_entry *); 172 static int cache_check(char *, rpcvers_t *, char *); 173 static void cache_enter(char *, rpcvers_t, rpcvers_t, char *, int); 174 void destroy_auth_client_handle(CLIENT *cl); 175 176 #ifdef CACHE_DEBUG 177 static void trace_host_cache(); 178 static void trace_portmap_cache(); 179 #endif /* CACHE_DEBUG */ 180 181 static int rpc_timeout = 20; 182 183 #ifdef CACHE_DEBUG 184 /* 185 * host cache counters. These variables do not need to be protected 186 * by mutex's. They have been added to measure the utility of the 187 * goodhost/deadhost cache in the lazy hierarchical mounting scheme. 188 */ 189 static int host_cache_accesses = 0; 190 static int host_cache_lookups = 0; 191 static int deadhost_cache_hits = 0; 192 static int goodhost_cache_hits = 0; 193 194 /* 195 * portmap cache counters. These variables do not need to be protected 196 * by mutex's. They have been added to measure the utility of the portmap 197 * cache in the lazy hierarchical mounting scheme. 198 */ 199 static int portmap_cache_accesses = 0; 200 static int portmap_cache_lookups = 0; 201 static int portmap_cache_hits = 0; 202 #endif /* CACHE_DEBUG */ 203 204 /* 205 * There are the defaults (range) for the client when determining 206 * which NFS version to use when probing the server (see above). 207 * These will only be used when the vers mount option is not used and 208 * these may be reset if /etc/default/nfs is configured to do so. 209 */ 210 static rpcvers_t vers_max_default = NFS_VERSMAX_DEFAULT; 211 static rpcvers_t vers_min_default = NFS_VERSMIN_DEFAULT; 212 213 /* 214 * list of support services needed 215 */ 216 static char *service_list[] = { STATD, LOCKD, NULL }; 217 static char *service_list_v4[] = { STATD, LOCKD, NFS4CBD, NFSMAPID, NULL }; 218 219 static void read_default_nfs(void); 220 static int is_v4_mount(char *); 221 static void start_nfs4cbd(void); 222 223 int 224 mount_nfs( 225 struct mapent *me, 226 char *mntpnt, 227 char *prevhost, 228 int overlay, 229 uid_t uid, 230 action_list **alpp) 231 { 232 struct mapfs *mfs, *mp; 233 int err = -1; 234 int cached; 235 action_list *alp; 236 237 238 alp = *alpp; 239 240 read_default_nfs(); 241 242 mfs = enum_servers(me, prevhost); 243 if (mfs == NULL) 244 return (ENOENT); 245 246 /* 247 * Try loopback if we have something on localhost; if nothing 248 * works, we will fall back to NFS 249 */ 250 if (is_nfs_port(me->map_mntopts)) { 251 for (mp = mfs; mp; mp = mp->mfs_next) { 252 if (self_check(mp->mfs_host)) { 253 err = loopbackmount(mp->mfs_dir, 254 mntpnt, me->map_mntopts, overlay); 255 if (err) { 256 mp->mfs_ignore = 1; 257 } else { 258 /* 259 * Free action_list if there 260 * is one as it is not needed. 261 * Make sure to set alpp to null 262 * so caller doesn't try to free it 263 * again. 264 */ 265 if (*alpp) { 266 free(*alpp); 267 *alpp = NULL; 268 } 269 break; 270 } 271 } 272 } 273 } 274 if (err) { 275 cached = strcmp(me->map_mounter, MNTTYPE_CACHEFS) == 0; 276 err = nfsmount(mfs, mntpnt, me->map_mntopts, 277 cached, overlay, uid, alp); 278 if (err && trace > 1) { 279 trace_prt(1, " Couldn't mount %s:%s, err=%d\n", 280 mfs->mfs_host, mfs->mfs_dir, err); 281 } 282 } 283 free_mfs(mfs); 284 return (err); 285 } 286 287 288 /* 289 * Using the new ioctl SIOCTONLINK to determine if a host is on the same 290 * subnet. Remove the old network, subnet check. 291 */ 292 293 static struct mapfs * 294 get_mysubnet_servers(struct mapfs *mfs_in) 295 { 296 int s; 297 struct mapfs *mfs, *p, *mfs_head = NULL, *mfs_tail = NULL; 298 299 struct netconfig *nconf; 300 NCONF_HANDLE *nc = NULL; 301 struct nd_hostserv hs; 302 struct nd_addrlist *retaddrs; 303 struct netbuf *nb; 304 struct sioc_addrreq areq; 305 int res; 306 int af; 307 int i; 308 int sa_size; 309 310 hs.h_serv = "rpcbind"; 311 312 for (mfs = mfs_in; mfs; mfs = mfs->mfs_next) { 313 nc = setnetconfig(); 314 315 while (nconf = getnetconfig(nc)) { 316 317 /* 318 * Care about INET family only. proto_done flag 319 * indicates if we have already covered this 320 * protocol family. If so skip it 321 */ 322 if (((strcmp(nconf->nc_protofmly, NC_INET6) == 0) || 323 (strcmp(nconf->nc_protofmly, NC_INET) == 0)) && 324 (nconf->nc_semantics == NC_TPI_CLTS)) { 325 } else 326 continue; 327 328 hs.h_host = mfs->mfs_host; 329 330 if (netdir_getbyname(nconf, &hs, &retaddrs) != ND_OK) 331 continue; 332 333 /* 334 * For each host address see if it's on our 335 * local subnet. 336 */ 337 338 if (strcmp(nconf->nc_protofmly, NC_INET6) == 0) 339 af = AF_INET6; 340 else 341 af = AF_INET; 342 nb = retaddrs->n_addrs; 343 for (i = 0; i < retaddrs->n_cnt; i++, nb++) { 344 memset(&areq.sa_addr, 0, sizeof (areq.sa_addr)); 345 memcpy(&areq.sa_addr, nb->buf, MIN(nb->len, 346 sizeof (areq.sa_addr))); 347 if (res = subnet_test(af, &areq)) { 348 p = add_mfs(mfs, DIST_MYNET, 349 &mfs_head, &mfs_tail); 350 if (!p) { 351 netdir_free(retaddrs, 352 ND_ADDRLIST); 353 endnetconfig(nc); 354 return (NULL); 355 } 356 break; 357 } 358 } /* end of every host */ 359 if (trace > 2) { 360 trace_prt(1, "get_mysubnet_servers: host=%s " 361 "netid=%s res=%s\n", mfs->mfs_host, 362 nconf->nc_netid, res == 1?"SUC":"FAIL"); 363 } 364 365 netdir_free(retaddrs, ND_ADDRLIST); 366 } /* end of while */ 367 368 endnetconfig(nc); 369 370 } /* end of every map */ 371 372 return (mfs_head); 373 374 } 375 376 int 377 subnet_test(int af, struct sioc_addrreq *areq) 378 { 379 int s; 380 381 if ((s = socket(af, SOCK_DGRAM, 0)) < 0) { 382 return (0); 383 } 384 385 areq->sa_res = -1; 386 387 if (ioctl(s, SIOCTONLINK, (caddr_t)areq) < 0) { 388 syslog(LOG_ERR, "subnet_test:SIOCTONLINK failed"); 389 return (0); 390 } 391 close(s); 392 if (areq->sa_res == 1) 393 return (1); 394 else 395 return (0); 396 397 398 } 399 400 /* 401 * ping a bunch of hosts at once and sort by who responds first 402 */ 403 static struct mapfs * 404 sort_servers(struct mapfs *mfs_in, int timeout) 405 { 406 struct mapfs *m1 = NULL; 407 enum clnt_stat clnt_stat; 408 409 if (!mfs_in) 410 return (NULL); 411 412 clnt_stat = nfs_cast(mfs_in, &m1, timeout); 413 414 if (!m1) { 415 char buff[2048] = {'\0'}; 416 417 for (m1 = mfs_in; m1; m1 = m1->mfs_next) { 418 (void) strcat(buff, m1->mfs_host); 419 if (m1->mfs_next) 420 (void) strcat(buff, ","); 421 } 422 423 syslog(LOG_ERR, "servers %s not responding: %s", 424 buff, clnt_sperrno(clnt_stat)); 425 } 426 427 return (m1); 428 } 429 430 /* 431 * Add a mapfs entry to the list described by *mfs_head and *mfs_tail, 432 * provided it is not marked "ignored" and isn't a dupe of ones we've 433 * already seen. 434 */ 435 struct mapfs * 436 add_mfs(struct mapfs *mfs, int distance, struct mapfs **mfs_head, 437 struct mapfs **mfs_tail) 438 { 439 struct mapfs *tmp, *new; 440 441 for (tmp = *mfs_head; tmp; tmp = tmp->mfs_next) 442 if ((strcmp(tmp->mfs_host, mfs->mfs_host) == 0 && 443 strcmp(tmp->mfs_dir, mfs->mfs_dir) == 0) || 444 mfs->mfs_ignore) 445 return (*mfs_head); 446 new = (struct mapfs *)malloc(sizeof (struct mapfs)); 447 if (!new) { 448 syslog(LOG_ERR, "Memory allocation failed: %m"); 449 return (NULL); 450 } 451 bcopy(mfs, new, sizeof (struct mapfs)); 452 new->mfs_next = NULL; 453 if (distance) 454 new->mfs_distance = distance; 455 if (!*mfs_head) 456 *mfs_tail = *mfs_head = new; 457 else { 458 (*mfs_tail)->mfs_next = new; 459 *mfs_tail = new; 460 } 461 return (*mfs_head); 462 } 463 464 static void 465 dump_mfs(struct mapfs *mfs, char *message, int level) 466 { 467 struct mapfs *m1; 468 469 if (trace <= level) 470 return; 471 472 trace_prt(1, "%s", message); 473 if (!mfs) { 474 trace_prt(0, "mfs is null\n"); 475 return; 476 } 477 for (m1 = mfs; m1; m1 = m1->mfs_next) 478 trace_prt(0, "%s[%s] ", m1->mfs_host, dump_distance(m1)); 479 trace_prt(0, "\n"); 480 } 481 482 static char * 483 dump_distance(struct mapfs *mfs) 484 { 485 switch (mfs->mfs_distance) { 486 case 0: return ("zero"); 487 case DIST_SELF: return ("self"); 488 case DIST_MYSUB: return ("mysub"); 489 case DIST_MYNET: return ("mynet"); 490 case DIST_OTHER: return ("other"); 491 default: return ("other"); 492 } 493 } 494 495 /* 496 * Walk linked list "raw", building a new list consisting of members 497 * NOT found in list "filter", returning the result. 498 */ 499 static struct mapfs * 500 filter_mfs(struct mapfs *raw, struct mapfs *filter) 501 { 502 struct mapfs *mfs, *p, *mfs_head = NULL, *mfs_tail = NULL; 503 int skip; 504 505 if (!raw) 506 return (NULL); 507 for (mfs = raw; mfs; mfs = mfs->mfs_next) { 508 for (skip = 0, p = filter; p; p = p->mfs_next) { 509 if (strcmp(p->mfs_host, mfs->mfs_host) == 0 && 510 strcmp(p->mfs_dir, mfs->mfs_dir) == 0) { 511 skip = 1; 512 break; 513 } 514 } 515 if (skip) 516 continue; 517 p = add_mfs(mfs, 0, &mfs_head, &mfs_tail); 518 if (!p) 519 return (NULL); 520 } 521 return (mfs_head); 522 } 523 524 /* 525 * Walk a linked list of mapfs structs, freeing each member. 526 */ 527 void 528 free_mfs(struct mapfs *mfs) 529 { 530 struct mapfs *tmp; 531 532 while (mfs) { 533 tmp = mfs->mfs_next; 534 free(mfs); 535 mfs = tmp; 536 } 537 } 538 539 /* 540 * New code for NFS client failover: we need to carry and sort 541 * lists of server possibilities rather than return a single 542 * entry. It preserves previous behaviour of sorting first by 543 * locality (loopback-or-preferred/subnet/net/other) and then 544 * by ping times. We'll short-circuit this process when we 545 * have ENOUGH or more entries. 546 */ 547 static struct mapfs * 548 enum_servers(struct mapent *me, char *preferred) 549 { 550 struct mapfs *p, *m1, *m2, *mfs_head = NULL, *mfs_tail = NULL; 551 552 /* 553 * Short-circuit for simple cases. 554 */ 555 if (!me->map_fs->mfs_next) { 556 p = add_mfs(me->map_fs, DIST_OTHER, &mfs_head, &mfs_tail); 557 if (!p) 558 return (NULL); 559 return (mfs_head); 560 } 561 562 dump_mfs(me->map_fs, " enum_servers: mapent: ", 2); 563 564 /* 565 * get addresses & see if any are myself 566 * or were mounted from previously in a 567 * hierarchical mount. 568 */ 569 if (trace > 2) 570 trace_prt(1, " enum_servers: looking for pref/self\n"); 571 for (m1 = me->map_fs; m1; m1 = m1->mfs_next) { 572 if (m1->mfs_ignore) 573 continue; 574 if (self_check(m1->mfs_host) || 575 strcmp(m1->mfs_host, preferred) == 0) { 576 p = add_mfs(m1, DIST_SELF, &mfs_head, &mfs_tail); 577 if (!p) 578 return (NULL); 579 } 580 } 581 if (trace > 2 && m1) 582 trace_prt(1, " enum_servers: pref/self found, %s\n", 583 m1->mfs_host); 584 585 /* 586 * look for entries on this subnet 587 */ 588 dump_mfs(m1, " enum_servers: input of get_mysubnet_servers: ", 2); 589 m1 = get_mysubnet_servers(me->map_fs); 590 dump_mfs(m1, " enum_servers: output of get_mysubnet_servers: ", 3); 591 if (m1 && m1->mfs_next) { 592 m2 = sort_servers(m1, rpc_timeout / 2); 593 dump_mfs(m2, " enum_servers: output of sort_servers: ", 3); 594 free_mfs(m1); 595 m1 = m2; 596 } 597 598 for (m2 = m1; m2; m2 = m2->mfs_next) { 599 p = add_mfs(m2, 0, &mfs_head, &mfs_tail); 600 if (!p) 601 return (NULL); 602 } 603 if (m1) 604 free_mfs(m1); 605 606 /* 607 * add the rest of the entries at the end 608 */ 609 m1 = filter_mfs(me->map_fs, mfs_head); 610 dump_mfs(m1, " enum_servers: etc: output of filter_mfs: ", 3); 611 m2 = sort_servers(m1, rpc_timeout / 2); 612 dump_mfs(m2, " enum_servers: etc: output of sort_servers: ", 3); 613 if (m1) 614 free_mfs(m1); 615 m1 = m2; 616 for (m2 = m1; m2; m2 = m2->mfs_next) { 617 p = add_mfs(m2, DIST_OTHER, &mfs_head, &mfs_tail); 618 if (!p) 619 return (NULL); 620 } 621 if (m1) 622 free_mfs(m1); 623 624 done: 625 dump_mfs(mfs_head, " enum_servers: output: ", 1); 626 return (mfs_head); 627 } 628 629 static enum nfsstat 630 nfsmount( 631 struct mapfs *mfs_in, 632 char *mntpnt, char *opts, 633 int cached, int overlay, 634 uid_t uid, 635 action_list *alp) 636 { 637 CLIENT *cl; 638 char remname[MAXPATHLEN], *mnttabtext = NULL; 639 char mopts[MAX_MNTOPT_STR]; 640 char netname[MAXNETNAMELEN+1]; 641 char *mntopts = NULL; 642 int mnttabcnt = 0; 643 int loglevel; 644 struct mnttab m; 645 struct nfs_args *argp = NULL, *head = NULL, *tail = NULL, 646 *prevhead, *prevtail; 647 int flags; 648 struct fhstatus fhs; 649 struct timeval timeout; 650 enum clnt_stat rpc_stat; 651 enum nfsstat status; 652 struct stat stbuf; 653 struct netconfig *nconf; 654 rpcvers_t vers, versmin; /* used to negotiate nfs version in pingnfs */ 655 /* and mount version with mountd */ 656 rpcvers_t outvers; /* final version to be used during mount() */ 657 rpcvers_t nfsvers; /* version in map options, 0 if not there */ 658 rpcvers_t mountversmax; /* tracks the max mountvers during retries */ 659 660 /* used to negotiate nfs version using webnfs */ 661 rpcvers_t pubvers, pubversmin, pubversmax; 662 int posix; 663 struct nd_addrlist *retaddrs; 664 struct mountres3 res3; 665 nfs_fh3 fh3; 666 char *fstype; 667 int count, i; 668 char scerror_msg[MAXMSGLEN]; 669 int *auths; 670 int delay; 671 int retries; 672 char *nfs_proto = NULL; 673 uint_t nfs_port = 0; 674 char *p, *host, *rhost, *dir; 675 struct mapfs *mfs = NULL; 676 int error, last_error = 0; 677 int replicated; 678 int entries = 0; 679 int v2cnt = 0, v3cnt = 0, v4cnt = 0; 680 int v2near = 0, v3near = 0, v4near = 0; 681 int skipentry = 0; 682 char *nfs_flavor; 683 seconfig_t nfs_sec; 684 int sec_opt, scerror; 685 struct sec_data *secdata; 686 int secflags; 687 struct netbuf *syncaddr; 688 bool_t use_pubfh; 689 ushort_t thisport; 690 int got_val; 691 mfs_snego_t mfssnego_init, mfssnego; 692 693 dump_mfs(mfs_in, " nfsmount: input: ", 2); 694 replicated = (mfs_in->mfs_next != NULL); 695 m.mnt_mntopts = opts; 696 if (replicated && hasmntopt(&m, MNTOPT_SOFT)) { 697 if (verbose) 698 syslog(LOG_WARNING, 699 "mount on %s is soft and will not be replicated.", mntpnt); 700 replicated = 0; 701 } 702 if (replicated && !hasmntopt(&m, MNTOPT_RO)) { 703 if (verbose) 704 syslog(LOG_WARNING, 705 "mount on %s is not read-only and will not be replicated.", 706 mntpnt); 707 replicated = 0; 708 } 709 if (replicated && cached) { 710 if (verbose) 711 syslog(LOG_WARNING, 712 "mount on %s is cached and will not be replicated.", 713 mntpnt); 714 replicated = 0; 715 } 716 if (replicated) 717 loglevel = LOG_WARNING; 718 else 719 loglevel = LOG_ERR; 720 721 if (trace > 1) { 722 if (replicated) 723 trace_prt(1, " nfsmount: replicated mount on %s %s:\n", 724 mntpnt, opts); 725 else 726 trace_prt(1, " nfsmount: standard mount on %s %s:\n", 727 mntpnt, opts); 728 for (mfs = mfs_in; mfs; mfs = mfs->mfs_next) 729 trace_prt(1, " %s:%s\n", 730 mfs->mfs_host, mfs->mfs_dir); 731 } 732 733 /* 734 * Make sure mountpoint is safe to mount on 735 */ 736 if (lstat(mntpnt, &stbuf) < 0) { 737 syslog(LOG_ERR, "Couldn't stat %s: %m", mntpnt); 738 return (NFSERR_NOENT); 739 } 740 741 /* 742 * Get protocol specified in options list, if any. 743 */ 744 if ((str_opt(&m, "proto", &nfs_proto)) == -1) { 745 return (NFSERR_NOENT); 746 } 747 748 /* 749 * Get port specified in options list, if any. 750 */ 751 got_val = nopt(&m, MNTOPT_PORT, (int *)&nfs_port); 752 if (!got_val) 753 nfs_port = 0; /* "unspecified" */ 754 if (nfs_port > USHRT_MAX) { 755 syslog(LOG_ERR, "%s: invalid port number %d", mntpnt, nfs_port); 756 return (NFSERR_NOENT); 757 } 758 759 /* 760 * Set mount(2) flags here, outside of the loop. 761 */ 762 flags = MS_OPTIONSTR; 763 flags |= (hasmntopt(&m, MNTOPT_RO) == NULL) ? 0 : MS_RDONLY; 764 flags |= (hasmntopt(&m, MNTOPT_NOSUID) == NULL) ? 0 : MS_NOSUID; 765 flags |= overlay ? MS_OVERLAY : 0; 766 if (mntpnt[strlen(mntpnt) - 1] != ' ') 767 /* direct mount point without offsets */ 768 flags |= MS_OVERLAY; 769 770 use_pubfh = (hasmntopt(&m, MNTOPT_PUBLIC) == NULL) ? FALSE : TRUE; 771 772 (void) memset(&mfssnego_init, 0, sizeof (mfs_snego_t)); 773 if (hasmntopt(&m, MNTOPT_SECURE) != NULL) { 774 if (++mfssnego_init.sec_opt > 1) { 775 syslog(loglevel, 776 "conflicting security options"); 777 return (NFSERR_IO); 778 } 779 if (nfs_getseconfig_byname("dh", &mfssnego_init.nfs_sec)) { 780 syslog(loglevel, 781 "error getting dh information from %s", 782 NFSSEC_CONF); 783 return (NFSERR_IO); 784 } 785 } 786 787 /* 788 * Have to workaround the fact that hasmntopt() returns true 789 * when comparing "secure" (in &m) with "sec". 790 */ 791 if (hasmntopt(&m, "sec=") != NULL) { 792 if ((str_opt(&m, MNTOPT_SEC, 793 &mfssnego_init.nfs_flavor)) == -1) { 794 syslog(LOG_ERR, "nfsmount: no memory"); 795 return (NFSERR_IO); 796 } 797 } 798 799 if (mfssnego_init.nfs_flavor) { 800 if (++mfssnego_init.sec_opt > 1) { 801 syslog(loglevel, 802 "conflicting security options"); 803 free(mfssnego_init.nfs_flavor); 804 return (NFSERR_IO); 805 } 806 if (nfs_getseconfig_byname(mfssnego_init.nfs_flavor, 807 &mfssnego_init.nfs_sec)) { 808 syslog(loglevel, 809 "error getting %s information from %s", 810 mfssnego_init.nfs_flavor, NFSSEC_CONF); 811 free(mfssnego_init.nfs_flavor); 812 return (NFSERR_IO); 813 } 814 free(mfssnego_init.nfs_flavor); 815 } 816 817 nextentry: 818 skipentry = 0; 819 820 got_val = nopt(&m, MNTOPT_VERS, (int *)&nfsvers); 821 if (!got_val) 822 nfsvers = 0; /* "unspecified" */ 823 if (set_versrange(nfsvers, &vers, &versmin) != 0) { 824 syslog(LOG_ERR, "Incorrect NFS version specified for %s", 825 mntpnt); 826 last_error = NFSERR_NOENT; 827 goto ret; 828 } 829 830 if (nfsvers != 0) { 831 pubversmax = pubversmin = nfsvers; 832 } else { 833 pubversmax = vers; 834 pubversmin = versmin; 835 } 836 837 /* 838 * Walk the whole list, pinging and collecting version 839 * info so that we can make sure the mount will be 840 * homogeneous with respect to version. 841 * 842 * If we have a version preference, this is easy; we'll 843 * just reject anything that doesn't match. 844 * 845 * If not, we want to try to provide the best compromise 846 * that considers proximity, preference for a higher version, 847 * sorted order, and number of replicas. We will count 848 * the number of V2 and V3 replicas and also the number 849 * which are "near", i.e. the localhost or on the same 850 * subnet. 851 */ 852 for (mfs = mfs_in; mfs; mfs = mfs->mfs_next) { 853 854 855 if (mfs->mfs_ignore) 856 continue; 857 858 /* 859 * If the host is '[a:d:d:r:e:s:s'], 860 * only use 'a:d:d:r:e:s:s' for communication 861 */ 862 host = strdup(mfs->mfs_host); 863 if (host == NULL) { 864 syslog(LOG_ERR, "nfsmount: no memory"); 865 last_error = NFSERR_IO; 866 goto out; 867 } 868 unbracket(&host); 869 870 (void) memcpy(&mfssnego, &mfssnego_init, sizeof (mfs_snego_t)); 871 872 if (use_pubfh == TRUE || mfs->mfs_flags & MFS_URL) { 873 char *path; 874 875 if (nfs_port != 0 && mfs->mfs_port != 0 && 876 nfs_port != mfs->mfs_port) { 877 878 syslog(LOG_ERR, "nfsmount: port (%u) in nfs URL" 879 " not the same as port (%d) in port " 880 "option\n", mfs->mfs_port, nfs_port); 881 last_error = NFSERR_IO; 882 goto out; 883 884 } else if (nfs_port != 0) 885 thisport = nfs_port; 886 else 887 thisport = mfs->mfs_port; 888 889 dir = mfs->mfs_dir; 890 891 if ((mfs->mfs_flags & MFS_URL) == 0) { 892 path = malloc(strlen(dir) + 2); 893 if (path == NULL) { 894 syslog(LOG_ERR, "nfsmount: no memory"); 895 last_error = NFSERR_IO; 896 goto out; 897 } 898 path[0] = (char)WNL_NATIVEPATH; 899 (void) strcpy(&path[1], dir); 900 } else { 901 path = dir; 902 } 903 904 argp = (struct nfs_args *) 905 malloc(sizeof (struct nfs_args)); 906 907 if (!argp) { 908 if (path != dir) 909 free(path); 910 syslog(LOG_ERR, "nfsmount: no memory"); 911 last_error = NFSERR_IO; 912 goto out; 913 } 914 (void) memset(argp, 0, sizeof (*argp)); 915 916 /* 917 * RDMA support 918 * By now Mount argument struct has been allocated, 919 * either a pub_fh path will be taken or the regular 920 * one. So here if a protocol was specified and it 921 * was not rdma we let it be, else we set DO_RDMA. 922 * If no proto was there we advise on trying RDMA. 923 */ 924 if (nfs_proto) { 925 if (strcmp(nfs_proto, "rdma") == 0) { 926 free(nfs_proto); 927 nfs_proto = NULL; 928 argp->flags |= NFSMNT_DORDMA; 929 } 930 } else 931 argp->flags |= NFSMNT_TRYRDMA; 932 933 for (pubvers = pubversmax; pubvers >= pubversmin; 934 pubvers--) { 935 936 nconf = NULL; 937 argp->addr = get_pubfh(host, pubvers, &mfssnego, 938 &nconf, nfs_proto, thisport, NULL, 939 &argp->fh, TRUE, path); 940 941 if (argp->addr != NULL) 942 break; 943 944 if (nconf != NULL) 945 freenetconfigent(nconf); 946 } 947 948 if (path != dir) 949 free(path); 950 951 if (argp->addr != NULL) { 952 953 /* 954 * The use of llock option for NFSv4 955 * mounts is not required since file 956 * locking is included within the protocol 957 */ 958 if (pubvers != NFS_V4) 959 argp->flags |= NFSMNT_LLOCK; 960 961 argp->flags |= NFSMNT_PUBLIC; 962 963 mfs->mfs_args = argp; 964 mfs->mfs_version = pubvers; 965 mfs->mfs_nconf = nconf; 966 mfs->mfs_flags |= MFS_FH_VIA_WEBNFS; 967 968 } else { 969 free(argp); 970 971 /* 972 * If -public was specified, give up 973 * on this entry now. 974 */ 975 if (use_pubfh == TRUE) { 976 syslog(loglevel, 977 "%s: no public file handle support", 978 host); 979 last_error = NFSERR_NOENT; 980 mfs->mfs_ignore = 1; 981 continue; 982 } 983 984 /* 985 * Back off to a conventional mount. 986 * 987 * URL's can contain escape characters. Get 988 * rid of them. 989 */ 990 path = malloc(strlen(dir) + 2); 991 992 if (path == NULL) { 993 syslog(LOG_ERR, "nfsmount: no memory"); 994 last_error = NFSERR_IO; 995 goto out; 996 } 997 998 strcpy(path, dir); 999 URLparse(path); 1000 mfs->mfs_dir = path; 1001 mfs->mfs_flags |= MFS_ALLOC_DIR; 1002 mfs->mfs_flags &= ~MFS_URL; 1003 } 1004 } 1005 1006 if ((mfs->mfs_flags & MFS_FH_VIA_WEBNFS) == 0) { 1007 i = pingnfs(host, get_retry(opts) + 1, &vers, versmin, 1008 0, FALSE, NULL, nfs_proto); 1009 if (i != RPC_SUCCESS) { 1010 if (i == RPC_PROGVERSMISMATCH) { 1011 syslog(loglevel, "server %s: NFS " 1012 "protocol version mismatch", 1013 host); 1014 } else { 1015 syslog(loglevel, "server %s not " 1016 "responding", host); 1017 } 1018 mfs->mfs_ignore = 1; 1019 last_error = NFSERR_NOENT; 1020 continue; 1021 } 1022 if (nfsvers != 0 && nfsvers != vers) { 1023 if (nfs_proto == NULL) 1024 syslog(loglevel, 1025 "NFS version %d " 1026 "not supported by %s", 1027 nfsvers, host); 1028 else 1029 syslog(loglevel, 1030 "NFS version %d " 1031 "with proto %s " 1032 "not supported by %s", 1033 nfsvers, nfs_proto, host); 1034 mfs->mfs_ignore = 1; 1035 last_error = NFSERR_NOENT; 1036 continue; 1037 } 1038 } 1039 1040 free(host); 1041 1042 switch (vers) { 1043 case NFS_V4: v4cnt++; break; 1044 case NFS_V3: v3cnt++; break; 1045 case NFS_VERSION: v2cnt++; break; 1046 default: break; 1047 } 1048 1049 /* 1050 * It's not clear how useful this stuff is if 1051 * we are using webnfs across the internet, but it 1052 * can't hurt. 1053 */ 1054 if (mfs->mfs_distance && 1055 mfs->mfs_distance <= DIST_MYSUB) { 1056 switch (vers) { 1057 case NFS_V4: v4near++; break; 1058 case NFS_V3: v3near++; break; 1059 case NFS_VERSION: v2near++; break; 1060 default: break; 1061 } 1062 } 1063 1064 /* 1065 * If the mount is not replicated, we don't want to 1066 * ping every entry, so we'll stop here. This means 1067 * that we may have to go back to "nextentry" above 1068 * to consider another entry if we can't get 1069 * all the way to mount(2) with this one. 1070 */ 1071 if (!replicated) 1072 break; 1073 1074 } 1075 1076 if (nfsvers == 0) { 1077 /* 1078 * Choose the NFS version. 1079 * We prefer higher versions, but will choose a one- 1080 * version downgrade in service if we can use a local 1081 * network interface and avoid a router. 1082 */ 1083 if (v4cnt && v4cnt >= v3cnt && (v4near || !v3near)) 1084 nfsvers = NFS_V4; 1085 else if (v3cnt && v3cnt >= v2cnt && (v3near || !v2near)) 1086 nfsvers = NFS_V3; 1087 else 1088 nfsvers = NFS_VERSION; 1089 if (trace > 2) 1090 trace_prt(1, 1091 " nfsmount: v4=%d[%d]v3=%d[%d],v2=%d[%d] => v%d.\n", 1092 v4cnt, v4near, v3cnt, v3near, 1093 v2cnt, v2near, nfsvers); 1094 } 1095 1096 /* 1097 * Since we don't support different NFS versions in replicated 1098 * mounts, set fstype now. 1099 * Also take the opportunity to set 1100 * the mount protocol version as appropriate. 1101 */ 1102 switch (nfsvers) { 1103 case NFS_V4: 1104 fstype = MNTTYPE_NFS4; 1105 break; 1106 case NFS_V3: 1107 fstype = MNTTYPE_NFS3; 1108 if (use_pubfh == FALSE) { 1109 mountversmax = MOUNTVERS3; 1110 versmin = MOUNTVERS3; 1111 } 1112 break; 1113 case NFS_VERSION: 1114 fstype = MNTTYPE_NFS; 1115 if (use_pubfh == FALSE) { 1116 mountversmax = MOUNTVERS_POSIX; 1117 versmin = MOUNTVERS; 1118 } 1119 break; 1120 } 1121 1122 /* 1123 * Our goal here is to evaluate each of several possible 1124 * replicas and try to come up with a list we can hand 1125 * to mount(2). If we don't have a valid "head" at the 1126 * end of this process, it means we have rejected all 1127 * potential server:/path tuples. We will fail quietly 1128 * in front of mount(2), and will have printed errors 1129 * where we found them. 1130 * XXX - do option work outside loop w careful design 1131 * XXX - use macro for error condition free handling 1132 */ 1133 for (mfs = mfs_in; mfs; mfs = mfs->mfs_next) { 1134 1135 /* 1136 * Initialize retry and delay values on a per-server basis. 1137 */ 1138 retries = get_retry(opts); 1139 delay = INITDELAY; 1140 retry: 1141 if (mfs->mfs_ignore) 1142 continue; 1143 1144 /* 1145 * If we don't have a fh yet, and if this is not a replicated 1146 * mount, we haven't done a pingnfs() on the next entry, 1147 * so we don't know if the next entry is up or if it 1148 * supports an NFS version we like. So if we had a problem 1149 * with an entry, we need to go back and run through some new 1150 * code. 1151 */ 1152 if ((mfs->mfs_flags & MFS_FH_VIA_WEBNFS) == 0 && 1153 !replicated && skipentry) 1154 goto nextentry; 1155 1156 vers = mountversmax; 1157 host = mfs->mfs_host; 1158 dir = mfs->mfs_dir; 1159 1160 /* 1161 * Remember the possible '[a:d:d:r:e:s:s]' as the address to be 1162 * later passed to mount(2) and used in the mnttab line, but 1163 * only use 'a:d:d:r:e:s:s' for communication 1164 */ 1165 rhost = strdup(host); 1166 if (rhost == NULL) { 1167 syslog(LOG_ERR, "nfsmount: no memory"); 1168 last_error = NFSERR_IO; 1169 goto out; 1170 } 1171 unbracket(&host); 1172 1173 (void) sprintf(remname, "%s:%s", rhost, dir); 1174 if (trace > 4 && replicated) 1175 trace_prt(1, " nfsmount: examining %s\n", remname); 1176 1177 /* 1178 * If it's cached we need to get cachefs to mount it. 1179 */ 1180 if (cached) { 1181 char *copts = opts; 1182 1183 /* 1184 * If we started with a URL we need to turn on 1185 * -o public if not on already 1186 */ 1187 if (use_pubfh == FALSE && 1188 (mfs->mfs_flags & MFS_FH_VIA_WEBNFS)) { 1189 1190 copts = malloc(strlen(opts) + 1191 strlen(",public")+1); 1192 1193 if (copts == NULL) { 1194 syslog(LOG_ERR, "nfsmount: no memory"); 1195 last_error = NFSERR_IO; 1196 goto out; 1197 } 1198 1199 strcpy(copts, opts); 1200 1201 if (strlen(copts) != 0) 1202 strcat(copts, ","); 1203 1204 strcat(copts, "public"); 1205 } 1206 1207 last_error = mount_generic(remname, MNTTYPE_CACHEFS, 1208 copts, mntpnt, overlay); 1209 1210 if (copts != opts) 1211 free(copts); 1212 1213 if (last_error) { 1214 skipentry = 1; 1215 mfs->mfs_ignore = 1; 1216 continue; 1217 } 1218 goto out; 1219 } 1220 1221 if (mfs->mfs_args == NULL) { 1222 1223 /* 1224 * Allocate nfs_args structure 1225 */ 1226 argp = (struct nfs_args *) 1227 malloc(sizeof (struct nfs_args)); 1228 1229 if (!argp) { 1230 syslog(LOG_ERR, "nfsmount: no memory"); 1231 last_error = NFSERR_IO; 1232 goto out; 1233 } 1234 1235 (void) memset(argp, 0, sizeof (*argp)); 1236 1237 /* 1238 * RDMA support 1239 * By now Mount argument struct has been allocated, 1240 * either a pub_fh path will be taken or the regular 1241 * one. So here if a protocol was specified and it 1242 * was not rdma we let it be, else we set DO_RDMA. 1243 * If no proto was there we advise on trying RDMA. 1244 */ 1245 if (nfs_proto) { 1246 if (strcmp(nfs_proto, "rdma") == 0) { 1247 free(nfs_proto); 1248 nfs_proto = NULL; 1249 argp->flags |= NFSMNT_DORDMA; 1250 } 1251 } else 1252 argp->flags |= NFSMNT_TRYRDMA; 1253 } else { 1254 argp = mfs->mfs_args; 1255 mfs->mfs_args = NULL; 1256 1257 /* 1258 * Skip entry if we already have file handle but the 1259 * NFS version is wrong. 1260 */ 1261 if ((mfs->mfs_flags & MFS_FH_VIA_WEBNFS) && 1262 mfs->mfs_version != nfsvers) { 1263 1264 free(argp); 1265 skipentry = 1; 1266 mfs->mfs_ignore = 1; 1267 continue; 1268 } 1269 } 1270 1271 prevhead = head; 1272 prevtail = tail; 1273 if (!head) 1274 head = tail = argp; 1275 else 1276 tail = tail->nfs_ext_u.nfs_extB.next = argp; 1277 1278 /* 1279 * WebNFS and NFSv4 behave similarly in that they 1280 * don't use the mount protocol. Therefore, avoid 1281 * mount protocol like things when version 4 is being 1282 * used. 1283 */ 1284 if ((mfs->mfs_flags & MFS_FH_VIA_WEBNFS) == 0 && 1285 nfsvers != NFS_V4) { 1286 timeout.tv_usec = 0; 1287 timeout.tv_sec = rpc_timeout; 1288 rpc_stat = RPC_TIMEDOUT; 1289 1290 /* Create the client handle. */ 1291 1292 if (trace > 1) { 1293 trace_prt(1, " nfsmount: Get mount version: request " 1294 "vers=%d min=%d\n", vers, versmin); 1295 } 1296 1297 while ((cl = clnt_create_vers(host, MOUNTPROG, &outvers, 1298 versmin, vers, "udp")) == NULL) { 1299 if (trace > 4) { 1300 trace_prt(1, 1301 " nfsmount: Can't get mount version: rpcerr=%d\n", 1302 rpc_createerr.cf_stat); 1303 } 1304 if (rpc_createerr.cf_stat == RPC_UNKNOWNHOST || 1305 rpc_createerr.cf_stat == RPC_TIMEDOUT) 1306 break; 1307 1308 /* 1309 * backoff and return lower version to retry the ping. 1310 * XXX we should be more careful and handle 1311 * RPC_PROGVERSMISMATCH here, because that error 1312 * is handled in clnt_create_vers(). It's not done to 1313 * stay in sync with the nfs mount command. 1314 */ 1315 vers--; 1316 if (vers < versmin) 1317 break; 1318 if (trace > 4) { 1319 trace_prt(1, " nfsmount: Try version=%d\n", vers); 1320 } 1321 } 1322 1323 if (cl == NULL) { 1324 free(argp); 1325 head = prevhead; 1326 tail = prevtail; 1327 if (tail) 1328 tail->nfs_ext_u.nfs_extB.next = NULL; 1329 last_error = NFSERR_NOENT; 1330 1331 if (rpc_createerr.cf_stat != RPC_UNKNOWNHOST && 1332 rpc_createerr.cf_stat != RPC_PROGVERSMISMATCH && 1333 retries-- > 0) { 1334 DELAY(delay) 1335 goto retry; 1336 } 1337 1338 syslog(loglevel, "%s %s", host, 1339 clnt_spcreateerror("server not responding")); 1340 skipentry = 1; 1341 mfs->mfs_ignore = 1; 1342 continue; 1343 } 1344 if (trace > 1) { 1345 trace_prt(1, " nfsmount: mount version=%d\n", outvers); 1346 } 1347 #ifdef MALLOC_DEBUG 1348 add_alloc("CLNT_HANDLE", cl, 0, __FILE__, __LINE__); 1349 add_alloc("AUTH_HANDLE", cl->cl_auth, 0, 1350 __FILE__, __LINE__); 1351 #endif 1352 1353 if (__clnt_bindresvport(cl) < 0) { 1354 free(argp); 1355 head = prevhead; 1356 tail = prevtail; 1357 if (tail) 1358 tail->nfs_ext_u.nfs_extB.next = NULL; 1359 last_error = NFSERR_NOENT; 1360 1361 if (retries-- > 0) { 1362 destroy_auth_client_handle(cl); 1363 DELAY(delay); 1364 goto retry; 1365 } 1366 1367 syslog(loglevel, "mount %s: %s", host, 1368 "Couldn't bind to reserved port"); 1369 destroy_auth_client_handle(cl); 1370 skipentry = 1; 1371 mfs->mfs_ignore = 1; 1372 continue; 1373 } 1374 1375 #ifdef MALLOC_DEBUG 1376 drop_alloc("AUTH_HANDLE", cl->cl_auth, __FILE__, __LINE__); 1377 #endif 1378 AUTH_DESTROY(cl->cl_auth); 1379 if ((cl->cl_auth = authsys_create_default()) == NULL) { 1380 free(argp); 1381 head = prevhead; 1382 tail = prevtail; 1383 if (tail) 1384 tail->nfs_ext_u.nfs_extB.next = NULL; 1385 last_error = NFSERR_NOENT; 1386 1387 if (retries-- > 0) { 1388 destroy_auth_client_handle(cl); 1389 DELAY(delay); 1390 goto retry; 1391 } 1392 1393 syslog(loglevel, "mount %s: %s", host, 1394 "Failed creating default auth handle"); 1395 destroy_auth_client_handle(cl); 1396 skipentry = 1; 1397 mfs->mfs_ignore = 1; 1398 continue; 1399 } 1400 #ifdef MALLOC_DEBUG 1401 add_alloc("AUTH_HANDLE", cl->cl_auth, 0, 1402 __FILE__, __LINE__); 1403 #endif 1404 } else 1405 cl = NULL; 1406 1407 /* 1408 * set security options 1409 */ 1410 sec_opt = 0; 1411 (void) memset(&nfs_sec, 0, sizeof (nfs_sec)); 1412 if (hasmntopt(&m, MNTOPT_SECURE) != NULL) { 1413 if (++sec_opt > 1) { 1414 syslog(loglevel, 1415 "conflicting security options for %s", 1416 remname); 1417 free(argp); 1418 head = prevhead; 1419 tail = prevtail; 1420 if (tail) 1421 tail->nfs_ext_u.nfs_extB.next = NULL; 1422 last_error = NFSERR_IO; 1423 destroy_auth_client_handle(cl); 1424 skipentry = 1; 1425 mfs->mfs_ignore = 1; 1426 continue; 1427 } 1428 if (nfs_getseconfig_byname("dh", &nfs_sec)) { 1429 syslog(loglevel, 1430 "error getting dh information from %s", 1431 NFSSEC_CONF); 1432 free(argp); 1433 head = prevhead; 1434 tail = prevtail; 1435 if (tail) 1436 tail->nfs_ext_u.nfs_extB.next = NULL; 1437 last_error = NFSERR_IO; 1438 destroy_auth_client_handle(cl); 1439 skipentry = 1; 1440 mfs->mfs_ignore = 1; 1441 continue; 1442 } 1443 } 1444 1445 nfs_flavor = NULL; 1446 /* 1447 * Have to workaround the fact that hasmntopt() returns true 1448 * when comparing "secure" (in &m) with "sec". 1449 */ 1450 if (hasmntopt(&m, "sec=") != NULL) { 1451 if ((str_opt(&m, MNTOPT_SEC, &nfs_flavor)) == -1) { 1452 syslog(LOG_ERR, "nfsmount: no memory"); 1453 last_error = NFSERR_IO; 1454 destroy_auth_client_handle(cl); 1455 goto out; 1456 } 1457 } 1458 1459 if (nfs_flavor) { 1460 if (++sec_opt > 1) { 1461 syslog(loglevel, 1462 "conflicting security options for %s", 1463 remname); 1464 free(nfs_flavor); 1465 free(argp); 1466 head = prevhead; 1467 tail = prevtail; 1468 if (tail) 1469 tail->nfs_ext_u.nfs_extB.next = NULL; 1470 last_error = NFSERR_IO; 1471 destroy_auth_client_handle(cl); 1472 skipentry = 1; 1473 mfs->mfs_ignore = 1; 1474 continue; 1475 } 1476 if (nfs_getseconfig_byname(nfs_flavor, &nfs_sec)) { 1477 syslog(loglevel, 1478 "error getting %s information from %s", 1479 nfs_flavor, NFSSEC_CONF); 1480 free(nfs_flavor); 1481 free(argp); 1482 head = prevhead; 1483 tail = prevtail; 1484 if (tail) 1485 tail->nfs_ext_u.nfs_extB.next = NULL; 1486 last_error = NFSERR_IO; 1487 destroy_auth_client_handle(cl); 1488 skipentry = 1; 1489 mfs->mfs_ignore = 1; 1490 continue; 1491 } 1492 free(nfs_flavor); 1493 } 1494 1495 posix = (nfsvers != NFS_V4 && 1496 hasmntopt(&m, MNTOPT_POSIX) != NULL) ? 1 : 0; 1497 1498 if ((mfs->mfs_flags & MFS_FH_VIA_WEBNFS) == 0 && 1499 nfsvers != NFS_V4) { 1500 bool_t give_up_on_mnt; 1501 bool_t got_mnt_error; 1502 /* 1503 * If we started with a URL, if first byte of path is not "/", 1504 * then the mount will likely fail, so we should try again 1505 * with a prepended "/". 1506 */ 1507 if (mfs->mfs_flags & MFS_ALLOC_DIR && *dir != '/') 1508 give_up_on_mnt = FALSE; 1509 else 1510 give_up_on_mnt = TRUE; 1511 1512 got_mnt_error = FALSE; 1513 1514 try_mnt_slash: 1515 if (got_mnt_error == TRUE) { 1516 int i, l; 1517 1518 give_up_on_mnt = TRUE; 1519 l = strlen(dir); 1520 1521 /* 1522 * Insert a "/" to front of mfs_dir. 1523 */ 1524 for (i = l; i > 0; i--) 1525 dir[i] = dir[i-1]; 1526 1527 dir[0] = '/'; 1528 } 1529 1530 /* Get fhandle of remote path from server's mountd */ 1531 1532 switch (outvers) { 1533 case MOUNTVERS: 1534 if (posix) { 1535 free(argp); 1536 head = prevhead; 1537 tail = prevtail; 1538 if (tail) 1539 tail->nfs_ext_u.nfs_extB.next = NULL; 1540 last_error = NFSERR_NOENT; 1541 syslog(loglevel, "can't get posix info for %s", 1542 host); 1543 destroy_auth_client_handle(cl); 1544 skipentry = 1; 1545 mfs->mfs_ignore = 1; 1546 continue; 1547 } 1548 /* FALLTHRU */ 1549 case MOUNTVERS_POSIX: 1550 if (nfsvers == NFS_V3) { 1551 free(argp); 1552 head = prevhead; 1553 tail = prevtail; 1554 if (tail) 1555 tail->nfs_ext_u.nfs_extB.next = NULL; 1556 last_error = NFSERR_NOENT; 1557 syslog(loglevel, 1558 "%s doesn't support NFS Version 3", 1559 host); 1560 destroy_auth_client_handle(cl); 1561 skipentry = 1; 1562 mfs->mfs_ignore = 1; 1563 continue; 1564 } 1565 rpc_stat = clnt_call(cl, MOUNTPROC_MNT, 1566 xdr_dirpath, (caddr_t)&dir, 1567 xdr_fhstatus, (caddr_t)&fhs, timeout); 1568 if (rpc_stat != RPC_SUCCESS) { 1569 1570 if (give_up_on_mnt == FALSE) { 1571 got_mnt_error = TRUE; 1572 goto try_mnt_slash; 1573 } 1574 1575 /* 1576 * Given the way "clnt_sperror" works, the "%s" 1577 * immediately following the "not responding" 1578 * is correct. 1579 */ 1580 free(argp); 1581 head = prevhead; 1582 tail = prevtail; 1583 if (tail) 1584 tail->nfs_ext_u.nfs_extB.next = NULL; 1585 last_error = NFSERR_NOENT; 1586 1587 if (retries-- > 0) { 1588 destroy_auth_client_handle(cl); 1589 DELAY(delay); 1590 goto retry; 1591 } 1592 1593 if (trace > 3) { 1594 trace_prt(1, 1595 " nfsmount: mount RPC failed for %s\n", 1596 host); 1597 } 1598 syslog(loglevel, "%s server not responding%s", 1599 host, clnt_sperror(cl, "")); 1600 destroy_auth_client_handle(cl); 1601 skipentry = 1; 1602 mfs->mfs_ignore = 1; 1603 continue; 1604 } 1605 if ((errno = fhs.fhs_status) != MNT_OK) { 1606 1607 if (give_up_on_mnt == FALSE) { 1608 got_mnt_error = TRUE; 1609 goto try_mnt_slash; 1610 } 1611 1612 free(argp); 1613 head = prevhead; 1614 tail = prevtail; 1615 if (tail) 1616 tail->nfs_ext_u.nfs_extB.next = NULL; 1617 if (errno == EACCES) { 1618 status = NFSERR_ACCES; 1619 } else { 1620 syslog(loglevel, "%s: %m", host); 1621 status = NFSERR_IO; 1622 } 1623 if (trace > 3) { 1624 trace_prt(1, " nfsmount: mount RPC gave" 1625 " %d for %s:%s\n", 1626 errno, host, dir); 1627 } 1628 last_error = status; 1629 destroy_auth_client_handle(cl); 1630 skipentry = 1; 1631 mfs->mfs_ignore = 1; 1632 continue; 1633 } 1634 argp->fh = malloc((sizeof (fhandle))); 1635 if (!argp->fh) { 1636 syslog(LOG_ERR, "nfsmount: no memory"); 1637 last_error = NFSERR_IO; 1638 destroy_auth_client_handle(cl); 1639 goto out; 1640 } 1641 (void) memcpy(argp->fh, &fhs.fhstatus_u.fhs_fhandle, 1642 sizeof (fhandle)); 1643 break; 1644 case MOUNTVERS3: 1645 posix = 0; 1646 (void) memset((char *)&res3, '\0', sizeof (res3)); 1647 rpc_stat = clnt_call(cl, MOUNTPROC_MNT, 1648 xdr_dirpath, (caddr_t)&dir, 1649 xdr_mountres3, (caddr_t)&res3, timeout); 1650 if (rpc_stat != RPC_SUCCESS) { 1651 1652 if (give_up_on_mnt == FALSE) { 1653 got_mnt_error = TRUE; 1654 goto try_mnt_slash; 1655 } 1656 1657 /* 1658 * Given the way "clnt_sperror" works, the "%s" 1659 * immediately following the "not responding" 1660 * is correct. 1661 */ 1662 free(argp); 1663 head = prevhead; 1664 tail = prevtail; 1665 if (tail) 1666 tail->nfs_ext_u.nfs_extB.next = NULL; 1667 last_error = NFSERR_NOENT; 1668 1669 if (retries-- > 0) { 1670 destroy_auth_client_handle(cl); 1671 DELAY(delay); 1672 goto retry; 1673 } 1674 1675 if (trace > 3) { 1676 trace_prt(1, 1677 " nfsmount: mount RPC failed for %s\n", 1678 host); 1679 } 1680 syslog(loglevel, "%s server not responding%s", 1681 remname, clnt_sperror(cl, "")); 1682 destroy_auth_client_handle(cl); 1683 skipentry = 1; 1684 mfs->mfs_ignore = 1; 1685 continue; 1686 } 1687 if ((errno = res3.fhs_status) != MNT_OK) { 1688 1689 if (give_up_on_mnt == FALSE) { 1690 got_mnt_error = TRUE; 1691 goto try_mnt_slash; 1692 } 1693 1694 free(argp); 1695 head = prevhead; 1696 tail = prevtail; 1697 if (tail) 1698 tail->nfs_ext_u.nfs_extB.next = NULL; 1699 if (errno == EACCES) { 1700 status = NFSERR_ACCES; 1701 } else { 1702 syslog(loglevel, "%s: %m", remname); 1703 status = NFSERR_IO; 1704 } 1705 if (trace > 3) { 1706 trace_prt(1, " nfsmount: mount RPC gave" 1707 " %d for %s:%s\n", 1708 errno, host, dir); 1709 } 1710 last_error = status; 1711 destroy_auth_client_handle(cl); 1712 skipentry = 1; 1713 mfs->mfs_ignore = 1; 1714 continue; 1715 } 1716 1717 /* 1718 * Negotiate the security flavor for nfs_mount 1719 */ 1720 auths = 1721 res3.mountres3_u.mountinfo.auth_flavors.auth_flavors_val; 1722 count = 1723 res3.mountres3_u.mountinfo.auth_flavors.auth_flavors_len; 1724 1725 if (sec_opt) { 1726 for (i = 0; i < count; i++) 1727 if (auths[i] == nfs_sec.sc_nfsnum) { 1728 break; 1729 } 1730 if (i >= count) { 1731 syslog(LOG_ERR, 1732 "%s: does not support security \"%s\"\n", 1733 remname, nfs_sec.sc_name); 1734 clnt_freeres(cl, xdr_mountres3, 1735 (caddr_t)&res3); 1736 free(argp); 1737 head = prevhead; 1738 tail = prevtail; 1739 if (tail) 1740 tail->nfs_ext_u.nfs_extB.next = NULL; 1741 last_error = NFSERR_IO; 1742 destroy_auth_client_handle(cl); 1743 skipentry = 1; 1744 mfs->mfs_ignore = 1; 1745 continue; 1746 } 1747 } else { 1748 if (count > 0) { 1749 for (i = 0; i < count; i++) { 1750 if (!(scerror = 1751 nfs_getseconfig_bynumber(auths[i], &nfs_sec))) { 1752 sec_opt++; 1753 break; 1754 } 1755 } 1756 if (i >= count) { 1757 if (nfs_syslog_scerr(scerror, 1758 scerror_msg) 1759 != -1) { 1760 syslog(LOG_ERR, 1761 "%s cannot be mounted because it is shared with " 1762 "security flavor %d which %s", 1763 remname, 1764 auths[i-1], 1765 scerror_msg); 1766 } 1767 clnt_freeres(cl, xdr_mountres3, 1768 (caddr_t)&res3); 1769 free(argp); 1770 head = prevhead; 1771 tail = prevtail; 1772 if (tail) 1773 tail->nfs_ext_u.nfs_extB.next = NULL; 1774 last_error = NFSERR_IO; 1775 destroy_auth_client_handle(cl); 1776 skipentry = 1; 1777 mfs->mfs_ignore = 1; 1778 continue; 1779 } 1780 } 1781 } 1782 1783 fh3.fh3_length = 1784 res3.mountres3_u.mountinfo.fhandle.fhandle3_len; 1785 (void) memcpy(fh3.fh3_u.data, 1786 res3.mountres3_u.mountinfo.fhandle.fhandle3_val, 1787 fh3.fh3_length); 1788 clnt_freeres(cl, xdr_mountres3, 1789 (caddr_t)&res3); 1790 argp->fh = malloc(sizeof (nfs_fh3)); 1791 if (!argp->fh) { 1792 syslog(LOG_ERR, "nfsmount: no memory"); 1793 last_error = NFSERR_IO; 1794 destroy_auth_client_handle(cl); 1795 goto out; 1796 } 1797 (void) memcpy(argp->fh, &fh3, sizeof (nfs_fh3)); 1798 break; 1799 default: 1800 free(argp); 1801 head = prevhead; 1802 tail = prevtail; 1803 if (tail) 1804 tail->nfs_ext_u.nfs_extB.next = NULL; 1805 last_error = NFSERR_NOENT; 1806 syslog(loglevel, "unknown MOUNT version %ld on %s", 1807 vers, remname); 1808 destroy_auth_client_handle(cl); 1809 skipentry = 1; 1810 mfs->mfs_ignore = 1; 1811 continue; 1812 } /* switch */ 1813 } 1814 if (nfsvers == NFS_V4) { 1815 argp->fh = strdup(dir); 1816 if (argp->fh == NULL) { 1817 syslog(LOG_ERR, "nfsmount: no memory"); 1818 last_error = NFSERR_IO; 1819 goto out; 1820 } 1821 } 1822 1823 if (trace > 4) 1824 trace_prt(1, " nfsmount: have %s filehandle for %s\n", 1825 fstype, remname); 1826 1827 argp->flags |= NFSMNT_NEWARGS; 1828 argp->flags |= NFSMNT_INT; /* default is "intr" */ 1829 argp->flags |= NFSMNT_HOSTNAME; 1830 argp->hostname = strdup(host); 1831 if (argp->hostname == NULL) { 1832 syslog(LOG_ERR, "nfsmount: no memory"); 1833 last_error = NFSERR_IO; 1834 goto out; 1835 } 1836 1837 /* 1838 * In this case, we want NFSv4 to behave like 1839 * non-WebNFS so that we get the server address. 1840 */ 1841 if ((mfs->mfs_flags & MFS_FH_VIA_WEBNFS) == 0) { 1842 nconf = NULL; 1843 1844 if (nfs_port != 0) 1845 thisport = nfs_port; 1846 else 1847 thisport = mfs->mfs_port; 1848 1849 /* 1850 * For NFSv4, we want to avoid rpcbind, so call 1851 * get_server_stuff() directly to tell it that 1852 * we want to go "direct_to_server". Otherwise, 1853 * do what has always been done. 1854 */ 1855 if (nfsvers == NFS_V4) { 1856 enum clnt_stat cstat; 1857 argp->addr = get_server_stuff(SERVER_ADDR, 1858 host, NFS_PROGRAM, nfsvers, NULL, 1859 &nconf, nfs_proto, thisport, NULL, 1860 NULL, TRUE, NULL, &cstat); 1861 } else { 1862 argp->addr = get_addr(host, NFS_PROGRAM, 1863 nfsvers, &nconf, nfs_proto, 1864 thisport, NULL); 1865 } 1866 1867 if (argp->addr == NULL) { 1868 if (argp->hostname) 1869 free(argp->hostname); 1870 free(argp->fh); 1871 free(argp); 1872 head = prevhead; 1873 tail = prevtail; 1874 if (tail) 1875 tail->nfs_ext_u.nfs_extB.next = NULL; 1876 last_error = NFSERR_NOENT; 1877 1878 if (retries-- > 0) { 1879 destroy_auth_client_handle(cl); 1880 DELAY(delay); 1881 goto retry; 1882 } 1883 1884 syslog(loglevel, "%s: no NFS service", host); 1885 destroy_auth_client_handle(cl); 1886 skipentry = 1; 1887 mfs->mfs_ignore = 1; 1888 continue; 1889 } 1890 if (trace > 4) 1891 trace_prt(1, 1892 "\tnfsmount: have net address for %s\n", 1893 remname); 1894 1895 } else { 1896 nconf = mfs->mfs_nconf; 1897 mfs->mfs_nconf = NULL; 1898 } 1899 1900 argp->flags |= NFSMNT_KNCONF; 1901 argp->knconf = get_knconf(nconf); 1902 if (argp->knconf == NULL) { 1903 netbuf_free(argp->addr); 1904 freenetconfigent(nconf); 1905 if (argp->hostname) 1906 free(argp->hostname); 1907 free(argp->fh); 1908 free(argp); 1909 head = prevhead; 1910 tail = prevtail; 1911 if (tail) 1912 tail->nfs_ext_u.nfs_extB.next = NULL; 1913 last_error = NFSERR_NOSPC; 1914 destroy_auth_client_handle(cl); 1915 skipentry = 1; 1916 mfs->mfs_ignore = 1; 1917 continue; 1918 } 1919 if (trace > 4) 1920 trace_prt(1, 1921 "\tnfsmount: have net config for %s\n", 1922 remname); 1923 1924 if (hasmntopt(&m, MNTOPT_SOFT) != NULL) { 1925 argp->flags |= NFSMNT_SOFT; 1926 } 1927 if (hasmntopt(&m, MNTOPT_NOINTR) != NULL) { 1928 argp->flags &= ~(NFSMNT_INT); 1929 } 1930 if (hasmntopt(&m, MNTOPT_NOAC) != NULL) { 1931 argp->flags |= NFSMNT_NOAC; 1932 } 1933 if (hasmntopt(&m, MNTOPT_NOCTO) != NULL) { 1934 argp->flags |= NFSMNT_NOCTO; 1935 } 1936 if (hasmntopt(&m, MNTOPT_FORCEDIRECTIO) != NULL) { 1937 argp->flags |= NFSMNT_DIRECTIO; 1938 } 1939 if (hasmntopt(&m, MNTOPT_NOFORCEDIRECTIO) != NULL) { 1940 argp->flags &= ~(NFSMNT_DIRECTIO); 1941 } 1942 1943 /* 1944 * Set up security data for argp->nfs_ext_u.nfs_extB.secdata. 1945 */ 1946 if (mfssnego.snego_done) { 1947 memcpy(&nfs_sec, &mfssnego.nfs_sec, 1948 sizeof (seconfig_t)); 1949 } else if (!sec_opt) { 1950 /* 1951 * Get default security mode. 1952 */ 1953 if (nfs_getseconfig_default(&nfs_sec)) { 1954 syslog(loglevel, 1955 "error getting default security entry\n"); 1956 free_knconf(argp->knconf); 1957 netbuf_free(argp->addr); 1958 freenetconfigent(nconf); 1959 if (argp->hostname) 1960 free(argp->hostname); 1961 free(argp->fh); 1962 free(argp); 1963 head = prevhead; 1964 tail = prevtail; 1965 if (tail) 1966 tail->nfs_ext_u.nfs_extB.next = NULL; 1967 last_error = NFSERR_NOSPC; 1968 destroy_auth_client_handle(cl); 1969 skipentry = 1; 1970 mfs->mfs_ignore = 1; 1971 continue; 1972 } 1973 argp->flags |= NFSMNT_SECDEFAULT; 1974 } 1975 1976 /* 1977 * For AUTH_DH 1978 * get the network address for the time service on 1979 * the server. If an RPC based time service is 1980 * not available then try the IP time service. 1981 * 1982 * Eventurally, we want to move this code to nfs_clnt_secdata() 1983 * when autod_nfs.c and mount.c can share the same 1984 * get_the_addr/get_the_stuff routine. 1985 */ 1986 secflags = 0; 1987 syncaddr = NULL; 1988 retaddrs = NULL; 1989 1990 if (nfs_sec.sc_rpcnum == AUTH_DH || nfsvers == NFS_V4) { 1991 /* 1992 * If not using the public fh and not NFS_V4, we can try 1993 * talking RPCBIND. Otherwise, assume that firewalls 1994 * prevent us from doing that. 1995 */ 1996 if ((mfs->mfs_flags & MFS_FH_VIA_WEBNFS) == 0 && 1997 nfsvers != NFS_V4) { 1998 syncaddr = get_the_stuff(SERVER_ADDR, host, RPCBPROG, 1999 RPCBVERS, NULL, nconf, 0, NULL, NULL, FALSE, 2000 NULL, NULL); 2001 } 2002 2003 if (syncaddr != NULL) { 2004 /* for flags in sec_data */ 2005 secflags |= AUTH_F_RPCTIMESYNC; 2006 } else { 2007 struct nd_hostserv hs; 2008 int error; 2009 2010 hs.h_host = host; 2011 hs.h_serv = "timserver"; 2012 error = netdir_getbyname(nconf, &hs, &retaddrs); 2013 2014 if (error != ND_OK && nfs_sec.sc_rpcnum == AUTH_DH) { 2015 syslog(loglevel, 2016 "%s: secure: no time service\n", host); 2017 free_knconf(argp->knconf); 2018 netbuf_free(argp->addr); 2019 freenetconfigent(nconf); 2020 if (argp->hostname) 2021 free(argp->hostname); 2022 free(argp->fh); 2023 free(argp); 2024 head = prevhead; 2025 tail = prevtail; 2026 if (tail) 2027 tail->nfs_ext_u.nfs_extB.next = NULL; 2028 last_error = NFSERR_IO; 2029 destroy_auth_client_handle(cl); 2030 skipentry = 1; 2031 mfs->mfs_ignore = 1; 2032 continue; 2033 } 2034 2035 if (error == ND_OK) 2036 syncaddr = retaddrs->n_addrs; 2037 2038 /* 2039 * For potential usage by NFS V4 when AUTH_DH 2040 * is negotiated via SECINFO in the kernel. 2041 */ 2042 if (nfsvers == NFS_V4 && syncaddr && 2043 host2netname(netname, host, NULL)) { 2044 argp->syncaddr = malloc(sizeof (struct netbuf)); 2045 argp->syncaddr->buf = malloc(syncaddr->len); 2046 (void) memcpy(argp->syncaddr->buf, 2047 syncaddr->buf, syncaddr->len); 2048 argp->syncaddr->len = syncaddr->len; 2049 argp->syncaddr->maxlen = syncaddr->maxlen; 2050 argp->netname = strdup(netname); 2051 argp->flags |= NFSMNT_SECURE; 2052 } 2053 } /* syncaddr */ 2054 } /* AUTH_DH */ 2055 2056 /* 2057 * TSOL notes: automountd in tsol extension 2058 * has "read down" capability, i.e. we allow 2059 * a user to trigger an nfs mount into a lower 2060 * labeled zone. We achieve this by always having 2061 * root issue the mount request so that the 2062 * lookup ops can go past /zone/<zone_name> 2063 * on the server side. 2064 */ 2065 if (is_system_labeled()) 2066 nfs_sec.sc_uid = (uid_t)0; 2067 else 2068 nfs_sec.sc_uid = uid; 2069 /* 2070 * If AUTH_DH is a chosen flavor now, its data will be stored 2071 * in the sec_data structure via nfs_clnt_secdata(). 2072 */ 2073 if (!(secdata = nfs_clnt_secdata(&nfs_sec, host, argp->knconf, 2074 syncaddr, secflags))) { 2075 syslog(LOG_ERR, 2076 "errors constructing security related data\n"); 2077 if (secflags & AUTH_F_RPCTIMESYNC) 2078 netbuf_free(syncaddr); 2079 else if (retaddrs) 2080 netdir_free(retaddrs, ND_ADDRLIST); 2081 if (argp->syncaddr) 2082 netbuf_free(argp->syncaddr); 2083 if (argp->netname) 2084 free(argp->netname); 2085 if (argp->hostname) 2086 free(argp->hostname); 2087 free_knconf(argp->knconf); 2088 netbuf_free(argp->addr); 2089 freenetconfigent(nconf); 2090 free(argp->fh); 2091 free(argp); 2092 head = prevhead; 2093 tail = prevtail; 2094 if (tail) 2095 tail->nfs_ext_u.nfs_extB.next = NULL; 2096 last_error = NFSERR_IO; 2097 destroy_auth_client_handle(cl); 2098 skipentry = 1; 2099 mfs->mfs_ignore = 1; 2100 continue; 2101 } 2102 NFS_ARGS_EXTB_secdata(*argp, secdata); 2103 /* end of security stuff */ 2104 2105 if (trace > 4) 2106 trace_prt(1, 2107 " nfsmount: have secure info for %s\n", remname); 2108 2109 if (hasmntopt(&m, MNTOPT_GRPID) != NULL) { 2110 argp->flags |= NFSMNT_GRPID; 2111 } 2112 if (nopt(&m, MNTOPT_RSIZE, &argp->rsize)) { 2113 argp->flags |= NFSMNT_RSIZE; 2114 } 2115 if (nopt(&m, MNTOPT_WSIZE, &argp->wsize)) { 2116 argp->flags |= NFSMNT_WSIZE; 2117 } 2118 if (nopt(&m, MNTOPT_TIMEO, &argp->timeo)) { 2119 argp->flags |= NFSMNT_TIMEO; 2120 } 2121 if (nopt(&m, MNTOPT_RETRANS, &argp->retrans)) { 2122 argp->flags |= NFSMNT_RETRANS; 2123 } 2124 if (nopt(&m, MNTOPT_ACTIMEO, &argp->acregmax)) { 2125 argp->flags |= NFSMNT_ACREGMAX; 2126 argp->flags |= NFSMNT_ACDIRMAX; 2127 argp->flags |= NFSMNT_ACDIRMIN; 2128 argp->flags |= NFSMNT_ACREGMIN; 2129 argp->acdirmin = argp->acregmin = argp->acdirmax 2130 = argp->acregmax; 2131 } else { 2132 if (nopt(&m, MNTOPT_ACREGMIN, &argp->acregmin)) { 2133 argp->flags |= NFSMNT_ACREGMIN; 2134 } 2135 if (nopt(&m, MNTOPT_ACREGMAX, &argp->acregmax)) { 2136 argp->flags |= NFSMNT_ACREGMAX; 2137 } 2138 if (nopt(&m, MNTOPT_ACDIRMIN, &argp->acdirmin)) { 2139 argp->flags |= NFSMNT_ACDIRMIN; 2140 } 2141 if (nopt(&m, MNTOPT_ACDIRMAX, &argp->acdirmax)) { 2142 argp->flags |= NFSMNT_ACDIRMAX; 2143 } 2144 } 2145 2146 if (posix) { 2147 argp->pathconf = NULL; 2148 if (error = get_pathconf(cl, dir, remname, 2149 &argp->pathconf, retries)) { 2150 if (secflags & AUTH_F_RPCTIMESYNC) 2151 netbuf_free(syncaddr); 2152 else if (retaddrs) 2153 netdir_free(retaddrs, ND_ADDRLIST); 2154 free_knconf(argp->knconf); 2155 netbuf_free(argp->addr); 2156 freenetconfigent(nconf); 2157 nfs_free_secdata( 2158 argp->nfs_ext_u.nfs_extB.secdata); 2159 if (argp->syncaddr) 2160 netbuf_free(argp->syncaddr); 2161 if (argp->netname) 2162 free(argp->netname); 2163 if (argp->hostname) 2164 free(argp->hostname); 2165 free(argp->fh); 2166 free(argp); 2167 head = prevhead; 2168 tail = prevtail; 2169 if (tail) 2170 tail->nfs_ext_u.nfs_extB.next = NULL; 2171 last_error = NFSERR_IO; 2172 2173 if (error == RET_RETRY && retries-- > 0) { 2174 destroy_auth_client_handle(cl); 2175 DELAY(delay); 2176 goto retry; 2177 } 2178 2179 destroy_auth_client_handle(cl); 2180 skipentry = 1; 2181 mfs->mfs_ignore = 1; 2182 continue; 2183 } 2184 argp->flags |= NFSMNT_POSIX; 2185 if (trace > 4) 2186 trace_prt(1, 2187 " nfsmount: have pathconf for %s\n", 2188 remname); 2189 } 2190 2191 /* 2192 * free loop-specific data structures 2193 */ 2194 destroy_auth_client_handle(cl); 2195 freenetconfigent(nconf); 2196 if (secflags & AUTH_F_RPCTIMESYNC) 2197 netbuf_free(syncaddr); 2198 else if (retaddrs) 2199 netdir_free(retaddrs, ND_ADDRLIST); 2200 2201 /* 2202 * Decide whether to use remote host's lockd or local locking. 2203 * If we are using the public fh, we've already turned 2204 * LLOCK on. 2205 */ 2206 if (hasmntopt(&m, MNTOPT_LLOCK)) 2207 argp->flags |= NFSMNT_LLOCK; 2208 if (!(argp->flags & NFSMNT_LLOCK) && nfsvers == NFS_VERSION && 2209 remote_lock(host, argp->fh)) { 2210 syslog(loglevel, "No network locking on %s : " 2211 "contact admin to install server change", host); 2212 argp->flags |= NFSMNT_LLOCK; 2213 } 2214 2215 /* 2216 * Build a string for /etc/mnttab. 2217 * If possible, coalesce strings with same 'dir' info. 2218 */ 2219 if ((mfs->mfs_flags & MFS_URL) == 0) { 2220 char *tmp; 2221 2222 if (mnttabcnt) { 2223 p = strrchr(mnttabtext, (int)':'); 2224 if (!p || strcmp(p+1, dir) != 0) { 2225 mnttabcnt += strlen(remname) + 2; 2226 } else { 2227 *p = '\0'; 2228 mnttabcnt += strlen(rhost) + 2; 2229 } 2230 if ((tmp = realloc(mnttabtext, 2231 mnttabcnt)) != NULL) { 2232 mnttabtext = tmp; 2233 strcat(mnttabtext, ","); 2234 } else { 2235 free(mnttabtext); 2236 mnttabtext = NULL; 2237 } 2238 } else { 2239 mnttabcnt = strlen(remname) + 1; 2240 if ((mnttabtext = malloc(mnttabcnt)) != NULL) 2241 mnttabtext[0] = '\0'; 2242 } 2243 2244 if (mnttabtext != NULL) 2245 strcat(mnttabtext, remname); 2246 2247 } else { 2248 char *tmp; 2249 int more_cnt = 0; 2250 char sport[16]; 2251 2252 more_cnt += strlen("nfs://"); 2253 more_cnt += strlen(mfs->mfs_host); 2254 2255 if (mfs->mfs_port != 0) { 2256 (void) sprintf(sport, ":%u", mfs->mfs_port); 2257 } else 2258 sport[0] = '\0'; 2259 2260 more_cnt += strlen(sport); 2261 more_cnt += 1; /* "/" */ 2262 more_cnt += strlen(mfs->mfs_dir); 2263 2264 if (mnttabcnt) { 2265 more_cnt += 1; /* "," */ 2266 mnttabcnt += more_cnt; 2267 2268 if ((tmp = realloc(mnttabtext, 2269 mnttabcnt)) != NULL) { 2270 mnttabtext = tmp; 2271 strcat(mnttabtext, ","); 2272 } else { 2273 free(mnttabtext); 2274 mnttabtext = NULL; 2275 } 2276 } else { 2277 mnttabcnt = more_cnt + 1; 2278 if ((mnttabtext = malloc(mnttabcnt)) != NULL) 2279 mnttabtext[0] = '\0'; 2280 } 2281 2282 if (mnttabtext != NULL) { 2283 strcat(mnttabtext, "nfs://"); 2284 strcat(mnttabtext, mfs->mfs_host); 2285 strcat(mnttabtext, sport); 2286 strcat(mnttabtext, "/"); 2287 strcat(mnttabtext, mfs->mfs_dir); 2288 } 2289 } 2290 2291 if (!mnttabtext) { 2292 syslog(LOG_ERR, "nfsmount: no memory"); 2293 last_error = NFSERR_IO; 2294 goto out; 2295 } 2296 2297 /* 2298 * At least one entry, can call mount(2). 2299 */ 2300 entries++; 2301 2302 /* 2303 * If replication was defeated, don't do more work 2304 */ 2305 if (!replicated) 2306 break; 2307 } 2308 2309 2310 /* 2311 * Did we get through all possibilities without success? 2312 */ 2313 if (!entries) 2314 goto out; 2315 2316 /* Make "xattr" the default if "noxattr" is not specified. */ 2317 strcpy(mopts, opts); 2318 if (!hasmntopt(&m, MNTOPT_NOXATTR) && !hasmntopt(&m, MNTOPT_XATTR)) { 2319 if (strlen(mopts) > 0) 2320 strcat(mopts, ","); 2321 strcat(mopts, "xattr"); 2322 } 2323 2324 /* 2325 * enable services as needed. 2326 */ 2327 { 2328 char **sl; 2329 2330 if (strcmp(fstype, MNTTYPE_NFS4) == 0) 2331 sl = service_list_v4; 2332 else 2333 sl = service_list; 2334 2335 (void) _check_services(sl); 2336 } 2337 2338 /* 2339 * Whew; do the mount, at last. 2340 */ 2341 if (trace > 1) { 2342 trace_prt(1, " mount %s %s (%s)\n", mnttabtext, mntpnt, mopts); 2343 } 2344 2345 /* 2346 * If no action list pointer then do the mount, otherwise 2347 * build the actions list pointer with the mount information. 2348 * so the mount can be done in the kernel. 2349 */ 2350 if (alp == NULL) { 2351 if (mount(mnttabtext, mntpnt, flags | MS_DATA, fstype, 2352 head, sizeof (*head), mopts, MAX_MNTOPT_STR) < 0) { 2353 if (trace > 1) 2354 trace_prt(1, " Mount of %s on %s: %d\n", 2355 mnttabtext, mntpnt, errno); 2356 if (errno != EBUSY || verbose) 2357 syslog(LOG_ERR, 2358 "Mount of %s on %s: %m", mnttabtext, mntpnt); 2359 last_error = NFSERR_IO; 2360 goto out; 2361 } 2362 2363 last_error = NFS_OK; 2364 if (stat(mntpnt, &stbuf) == 0) { 2365 if (trace > 1) { 2366 trace_prt(1, " mount %s dev=%x rdev=%x OK\n", 2367 mnttabtext, stbuf.st_dev, stbuf.st_rdev); 2368 } 2369 } else { 2370 if (trace > 1) { 2371 trace_prt(1, " mount %s OK\n", mnttabtext); 2372 trace_prt(1, " stat of %s failed\n", mntpnt); 2373 } 2374 2375 } 2376 } else { 2377 alp->action.action = AUTOFS_MOUNT_RQ; 2378 alp->action.action_list_entry_u.mounta.spec = 2379 strdup(mnttabtext); 2380 alp->action.action_list_entry_u.mounta.dir = strdup(mntpnt); 2381 alp->action.action_list_entry_u.mounta.flags = 2382 flags | MS_DATA; 2383 alp->action.action_list_entry_u.mounta.fstype = 2384 strdup(fstype); 2385 alp->action.action_list_entry_u.mounta.dataptr = (char *)head; 2386 alp->action.action_list_entry_u.mounta.datalen = 2387 sizeof (*head); 2388 mntopts = malloc(strlen(mopts) + 1); 2389 strcpy(mntopts, mopts); 2390 mntopts[strlen(mopts)] = '\0'; 2391 alp->action.action_list_entry_u.mounta.optptr = mntopts; 2392 alp->action.action_list_entry_u.mounta.optlen = 2393 strlen(mntopts) + 1; 2394 last_error = NFS_OK; 2395 goto ret; 2396 } 2397 2398 out: 2399 argp = head; 2400 while (argp) { 2401 if (argp->pathconf) 2402 free(argp->pathconf); 2403 free_knconf(argp->knconf); 2404 netbuf_free(argp->addr); 2405 if (argp->syncaddr) 2406 netbuf_free(argp->syncaddr); 2407 if (argp->netname) { 2408 free(argp->netname); 2409 } 2410 if (argp->hostname) 2411 free(argp->hostname); 2412 nfs_free_secdata(argp->nfs_ext_u.nfs_extB.secdata); 2413 free(argp->fh); 2414 head = argp; 2415 argp = argp->nfs_ext_u.nfs_extB.next; 2416 free(head); 2417 } 2418 ret: 2419 if (nfs_proto) 2420 free(nfs_proto); 2421 if (mnttabtext) 2422 free(mnttabtext); 2423 2424 for (mfs = mfs_in; mfs; mfs = mfs->mfs_next) { 2425 2426 if (mfs->mfs_flags & MFS_ALLOC_DIR) { 2427 free(mfs->mfs_dir); 2428 mfs->mfs_dir = NULL; 2429 mfs->mfs_flags &= ~MFS_ALLOC_DIR; 2430 } 2431 2432 if (mfs->mfs_args != NULL && alp == NULL) { 2433 free(mfs->mfs_args); 2434 mfs->mfs_args = NULL; 2435 } 2436 2437 if (mfs->mfs_nconf != NULL) { 2438 freenetconfigent(mfs->mfs_nconf); 2439 mfs->mfs_nconf = NULL; 2440 } 2441 } 2442 2443 return (last_error); 2444 } 2445 2446 /* 2447 * get_pathconf(cl, path, fsname, pcnf, cretries) 2448 * ugliness that requires that ppathcnf and pathcnf stay consistent 2449 * cretries is a copy of retries used to determine when to syslog 2450 * on retry situations. 2451 */ 2452 static int 2453 get_pathconf(CLIENT *cl, char *path, char *fsname, struct pathcnf **pcnf, 2454 int cretries) 2455 { 2456 struct ppathcnf *p = NULL; 2457 enum clnt_stat rpc_stat; 2458 struct timeval timeout; 2459 2460 p = (struct ppathcnf *)malloc(sizeof (struct ppathcnf)); 2461 if (p == NULL) { 2462 syslog(LOG_ERR, "get_pathconf: Out of memory"); 2463 return (RET_ERR); 2464 } 2465 memset((caddr_t)p, 0, sizeof (struct ppathcnf)); 2466 2467 timeout.tv_sec = 10; 2468 timeout.tv_usec = 0; 2469 rpc_stat = clnt_call(cl, MOUNTPROC_PATHCONF, 2470 xdr_dirpath, (caddr_t)&path, xdr_ppathcnf, (caddr_t)p, timeout); 2471 if (rpc_stat != RPC_SUCCESS) { 2472 if (cretries-- <= 0) { 2473 syslog(LOG_ERR, 2474 "get_pathconf: %s: server not responding: %s", 2475 fsname, clnt_sperror(cl, "")); 2476 } 2477 free(p); 2478 return (RET_RETRY); 2479 } 2480 if (_PC_ISSET(_PC_ERROR, p->pc_mask)) { 2481 syslog(LOG_ERR, "get_pathconf: no info for %s", fsname); 2482 free(p); 2483 return (RET_ERR); 2484 } 2485 *pcnf = (struct pathcnf *)p; 2486 return (RET_OK); 2487 } 2488 2489 struct knetconfig * 2490 get_knconf(nconf) 2491 struct netconfig *nconf; 2492 { 2493 struct stat stbuf; 2494 struct knetconfig *k; 2495 2496 if (stat(nconf->nc_device, &stbuf) < 0) { 2497 syslog(LOG_ERR, "get_knconf: stat %s: %m", nconf->nc_device); 2498 return (NULL); 2499 } 2500 k = (struct knetconfig *)malloc(sizeof (*k)); 2501 if (k == NULL) 2502 goto nomem; 2503 k->knc_semantics = nconf->nc_semantics; 2504 k->knc_protofmly = strdup(nconf->nc_protofmly); 2505 if (k->knc_protofmly == NULL) 2506 goto nomem; 2507 k->knc_proto = strdup(nconf->nc_proto); 2508 if (k->knc_proto == NULL) 2509 goto nomem; 2510 k->knc_rdev = stbuf.st_rdev; 2511 2512 return (k); 2513 2514 nomem: 2515 syslog(LOG_ERR, "get_knconf: no memory"); 2516 free_knconf(k); 2517 return (NULL); 2518 } 2519 2520 void 2521 free_knconf(k) 2522 struct knetconfig *k; 2523 { 2524 if (k == NULL) 2525 return; 2526 if (k->knc_protofmly) 2527 free(k->knc_protofmly); 2528 if (k->knc_proto) 2529 free(k->knc_proto); 2530 free(k); 2531 } 2532 2533 void 2534 netbuf_free(nb) 2535 struct netbuf *nb; 2536 { 2537 if (nb == NULL) 2538 return; 2539 if (nb->buf) 2540 free(nb->buf); 2541 free(nb); 2542 } 2543 2544 #define SMALL_HOSTNAME 20 2545 #define SMALL_PROTONAME 10 2546 #define SMALL_PROTOFMLYNAME 10 2547 2548 struct portmap_cache { 2549 int cache_prog; 2550 int cache_vers; 2551 time_t cache_time; 2552 char cache_small_hosts[SMALL_HOSTNAME + 1]; 2553 char *cache_hostname; 2554 char *cache_proto; 2555 char *cache_protofmly; 2556 char cache_small_protofmly[SMALL_PROTOFMLYNAME + 1]; 2557 char cache_small_proto[SMALL_PROTONAME + 1]; 2558 struct netbuf cache_srv_addr; 2559 struct portmap_cache *cache_prev, *cache_next; 2560 }; 2561 2562 rwlock_t portmap_cache_lock; 2563 static int portmap_cache_valid_time = 30; 2564 struct portmap_cache *portmap_cache_head, *portmap_cache_tail; 2565 2566 #ifdef MALLOC_DEBUG 2567 void 2568 portmap_cache_flush() 2569 { 2570 struct portmap_cache *next = NULL, *cp; 2571 2572 (void) rw_wrlock(&portmap_cache_lock); 2573 for (cp = portmap_cache_head; cp; cp = cp->cache_next) { 2574 if (cp->cache_hostname != NULL && 2575 cp->cache_hostname != 2576 cp->cache_small_hosts) 2577 free(cp->cache_hostname); 2578 if (cp->cache_proto != NULL && 2579 cp->cache_proto != 2580 cp->cache_small_proto) 2581 free(cp->cache_proto); 2582 if (cp->cache_srv_addr.buf != NULL) 2583 free(cp->cache_srv_addr.buf); 2584 next = cp->cache_next; 2585 free(cp); 2586 } 2587 portmap_cache_head = NULL; 2588 portmap_cache_tail = NULL; 2589 (void) rw_unlock(&portmap_cache_lock); 2590 } 2591 #endif 2592 2593 /* 2594 * Returns 1 if the entry is found in the cache, 0 otherwise. 2595 */ 2596 static int 2597 portmap_cache_lookup(hostname, prog, vers, nconf, addrp) 2598 char *hostname; 2599 rpcprog_t prog; 2600 rpcvers_t vers; 2601 struct netconfig *nconf; 2602 struct netbuf *addrp; 2603 { 2604 struct portmap_cache *cachep, *prev, *next = NULL, *cp; 2605 int retval = 0; 2606 2607 timenow = time(NULL); 2608 2609 (void) rw_rdlock(&portmap_cache_lock); 2610 2611 /* 2612 * Increment the portmap cache counters for # accesses and lookups 2613 * Use a smaller factor (100 vs 1000 for the host cache) since 2614 * initial analysis shows this cache is looked up 10% that of the 2615 * host cache. 2616 */ 2617 #ifdef CACHE_DEBUG 2618 portmap_cache_accesses++; 2619 portmap_cache_lookups++; 2620 if ((portmap_cache_lookups%100) == 0) 2621 trace_portmap_cache(); 2622 #endif /* CACHE_DEBUG */ 2623 2624 for (cachep = portmap_cache_head; cachep; 2625 cachep = cachep->cache_next) { 2626 if (timenow > cachep->cache_time) { 2627 /* 2628 * We stumbled across an entry in the cache which 2629 * has timed out. Free up all the entries that 2630 * were added before it, which will positionally 2631 * be after this entry. And adjust neighboring 2632 * pointers. 2633 * When we drop the lock and re-acquire it, we 2634 * need to start from the beginning. 2635 */ 2636 (void) rw_unlock(&portmap_cache_lock); 2637 (void) rw_wrlock(&portmap_cache_lock); 2638 for (cp = portmap_cache_head; 2639 cp && (cp->cache_time >= timenow); 2640 cp = cp->cache_next) 2641 ; 2642 if (cp == NULL) 2643 goto done; 2644 /* 2645 * Adjust the link of the predecessor. 2646 * Make the tail point to the new last entry. 2647 */ 2648 prev = cp->cache_prev; 2649 if (prev == NULL) { 2650 portmap_cache_head = NULL; 2651 portmap_cache_tail = NULL; 2652 } else { 2653 prev->cache_next = NULL; 2654 portmap_cache_tail = prev; 2655 } 2656 for (; cp; cp = next) { 2657 if (cp->cache_hostname != NULL && 2658 cp->cache_hostname != 2659 cp->cache_small_hosts) 2660 free(cp->cache_hostname); 2661 if (cp->cache_proto != NULL && 2662 cp->cache_proto != 2663 cp->cache_small_proto) 2664 free(cp->cache_proto); 2665 if (cp->cache_srv_addr.buf != NULL) 2666 free(cp->cache_srv_addr.buf); 2667 next = cp->cache_next; 2668 free(cp); 2669 } 2670 goto done; 2671 } 2672 if (cachep->cache_hostname == NULL || 2673 prog != cachep->cache_prog || vers != cachep->cache_vers || 2674 strcmp(nconf->nc_proto, cachep->cache_proto) != 0 || 2675 strcmp(nconf->nc_protofmly, cachep->cache_protofmly) != 0 || 2676 strcmp(hostname, cachep->cache_hostname) != 0) 2677 continue; 2678 /* 2679 * Cache Hit. 2680 */ 2681 #ifdef CACHE_DEBUG 2682 portmap_cache_hits++; /* up portmap cache hit counter */ 2683 #endif /* CACHE_DEBUG */ 2684 addrp->len = cachep->cache_srv_addr.len; 2685 memcpy(addrp->buf, cachep->cache_srv_addr.buf, addrp->len); 2686 retval = 1; 2687 break; 2688 } 2689 done: 2690 (void) rw_unlock(&portmap_cache_lock); 2691 return (retval); 2692 } 2693 2694 static void 2695 portmap_cache_enter(hostname, prog, vers, nconf, addrp) 2696 char *hostname; 2697 rpcprog_t prog; 2698 rpcvers_t vers; 2699 struct netconfig *nconf; 2700 struct netbuf *addrp; 2701 { 2702 struct portmap_cache *cachep; 2703 int protofmlylen; 2704 int protolen, hostnamelen; 2705 2706 timenow = time(NULL); 2707 2708 cachep = malloc(sizeof (struct portmap_cache)); 2709 if (cachep == NULL) 2710 return; 2711 memset((char *)cachep, 0, sizeof (*cachep)); 2712 2713 hostnamelen = strlen(hostname); 2714 if (hostnamelen <= SMALL_HOSTNAME) 2715 cachep->cache_hostname = cachep->cache_small_hosts; 2716 else { 2717 cachep->cache_hostname = malloc(hostnamelen + 1); 2718 if (cachep->cache_hostname == NULL) 2719 goto nomem; 2720 } 2721 strcpy(cachep->cache_hostname, hostname); 2722 protolen = strlen(nconf->nc_proto); 2723 if (protolen <= SMALL_PROTONAME) 2724 cachep->cache_proto = cachep->cache_small_proto; 2725 else { 2726 cachep->cache_proto = malloc(protolen + 1); 2727 if (cachep->cache_proto == NULL) 2728 goto nomem; 2729 } 2730 protofmlylen = strlen(nconf->nc_protofmly); 2731 if (protofmlylen <= SMALL_PROTOFMLYNAME) 2732 cachep->cache_protofmly = cachep->cache_small_protofmly; 2733 else { 2734 cachep->cache_protofmly = malloc(protofmlylen + 1); 2735 if (cachep->cache_protofmly == NULL) 2736 goto nomem; 2737 } 2738 2739 strcpy(cachep->cache_proto, nconf->nc_proto); 2740 cachep->cache_prog = prog; 2741 cachep->cache_vers = vers; 2742 cachep->cache_time = timenow + portmap_cache_valid_time; 2743 cachep->cache_srv_addr.len = addrp->len; 2744 cachep->cache_srv_addr.buf = malloc(addrp->len); 2745 if (cachep->cache_srv_addr.buf == NULL) 2746 goto nomem; 2747 memcpy(cachep->cache_srv_addr.buf, addrp->buf, addrp->maxlen); 2748 cachep->cache_prev = NULL; 2749 (void) rw_wrlock(&portmap_cache_lock); 2750 /* 2751 * There's a window in which we could have multiple threads making 2752 * the same cache entry. This can be avoided by walking the cache 2753 * once again here to check and see if there are duplicate entries 2754 * (after grabbing the write lock). This isn't fatal and I'm not 2755 * going to bother with this. 2756 */ 2757 #ifdef CACHE_DEBUG 2758 portmap_cache_accesses++; /* up portmap cache access counter */ 2759 #endif /* CACHE_DEBUG */ 2760 cachep->cache_next = portmap_cache_head; 2761 if (portmap_cache_head != NULL) 2762 portmap_cache_head->cache_prev = cachep; 2763 portmap_cache_head = cachep; 2764 (void) rw_unlock(&portmap_cache_lock); 2765 return; 2766 2767 nomem: 2768 syslog(LOG_ERR, "portmap_cache_enter: Memory allocation failed"); 2769 if (cachep->cache_srv_addr.buf) 2770 free(cachep->cache_srv_addr.buf); 2771 if (cachep->cache_proto && protolen > SMALL_PROTONAME) 2772 free(cachep->cache_proto); 2773 if (cachep->cache_hostname && hostnamelen > SMALL_HOSTNAME) 2774 free(cachep->cache_hostname); 2775 if (cachep->cache_protofmly && protofmlylen > SMALL_PROTOFMLYNAME) 2776 free(cachep->cache_protofmly); 2777 if (cachep) 2778 free(cachep); 2779 cachep = NULL; 2780 } 2781 2782 static int 2783 get_cached_srv_addr(char *hostname, rpcprog_t prog, rpcvers_t vers, 2784 struct netconfig *nconf, struct netbuf *addrp) 2785 { 2786 if (portmap_cache_lookup(hostname, prog, vers, nconf, addrp)) 2787 return (1); 2788 if (rpcb_getaddr(prog, vers, nconf, addrp, hostname) == 0) 2789 return (0); 2790 portmap_cache_enter(hostname, prog, vers, nconf, addrp); 2791 return (1); 2792 } 2793 2794 /* 2795 * Get the network address on "hostname" for program "prog" 2796 * with version "vers" by using the nconf configuration data 2797 * passed in. 2798 * 2799 * If the address of a netconfig pointer is null then 2800 * information is not sufficient and no netbuf will be returned. 2801 * 2802 * tinfo argument is for matching the get_the_addr() defined in 2803 * ../nfs/mount/mount.c 2804 */ 2805 void * 2806 get_the_stuff( 2807 enum type_of_stuff type_of_stuff, 2808 char *hostname, 2809 rpcprog_t prog, 2810 rpcprog_t vers, 2811 mfs_snego_t *mfssnego, 2812 struct netconfig *nconf, 2813 ushort_t port, 2814 struct t_info *tinfo, 2815 caddr_t *fhp, 2816 bool_t direct_to_server, 2817 char *fspath, 2818 enum clnt_stat *cstat) 2819 2820 { 2821 struct netbuf *nb = NULL; 2822 struct t_bind *tbind = NULL; 2823 int fd = -1; 2824 enum clnt_stat cs = RPC_TIMEDOUT; 2825 CLIENT *cl = NULL; 2826 struct timeval tv; 2827 AUTH *ah = NULL; 2828 AUTH *new_ah = NULL; 2829 struct snego_t snego; 2830 2831 if (nconf == NULL) { 2832 goto done; 2833 } 2834 2835 if (prog == NFS_PROGRAM && vers == NFS_V4) 2836 if (strncasecmp(nconf->nc_proto, NC_UDP, strlen(NC_UDP)) == 0) 2837 goto done; 2838 2839 if ((fd = t_open(nconf->nc_device, O_RDWR, tinfo)) < 0) { 2840 goto done; 2841 } 2842 2843 /* LINTED pointer alignment */ 2844 if ((tbind = (struct t_bind *)t_alloc(fd, T_BIND, T_ADDR)) 2845 == NULL) { 2846 goto done; 2847 } 2848 2849 if (direct_to_server == TRUE) { 2850 struct nd_hostserv hs; 2851 struct nd_addrlist *retaddrs; 2852 hs.h_host = hostname; 2853 2854 if (trace > 1) 2855 trace_prt(1, " get_the_stuff: %s call " 2856 "direct to server %s\n", 2857 type_of_stuff == SERVER_FH ? "pub fh" : 2858 type_of_stuff == SERVER_ADDR ? "get address" : 2859 type_of_stuff == SERVER_PING ? "ping" : 2860 "unknown", hostname); 2861 if (port == 0) 2862 hs.h_serv = "nfs"; 2863 else 2864 hs.h_serv = NULL; 2865 2866 if (netdir_getbyname(nconf, &hs, &retaddrs) != ND_OK) { 2867 goto done; 2868 } 2869 memcpy(tbind->addr.buf, retaddrs->n_addrs->buf, 2870 retaddrs->n_addrs->len); 2871 tbind->addr.len = retaddrs->n_addrs->len; 2872 netdir_free((void *)retaddrs, ND_ADDRLIST); 2873 if (port) { 2874 /* LINTED pointer alignment */ 2875 2876 if (strcmp(nconf->nc_protofmly, NC_INET) == NULL) 2877 ((struct sockaddr_in *) 2878 tbind->addr.buf)->sin_port = 2879 htons((ushort_t)port); 2880 else if (strcmp(nconf->nc_protofmly, NC_INET6) == NULL) 2881 ((struct sockaddr_in6 *) 2882 tbind->addr.buf)->sin6_port = 2883 htons((ushort_t)port); 2884 } 2885 2886 if (type_of_stuff == SERVER_FH) { 2887 if (netdir_options(nconf, ND_SET_RESERVEDPORT, fd, 2888 NULL) == -1) 2889 if (trace > 1) 2890 trace_prt(1, "\tget_the_stuff: " 2891 "ND_SET_RESERVEDPORT(%s) " 2892 "failed\n", hostname); 2893 } 2894 2895 cl = clnt_tli_create(fd, nconf, &tbind->addr, prog, 2896 vers, 0, 0); 2897 2898 if (trace > 1) 2899 trace_prt(1, " get_the_stuff: clnt_tli_create(%s) " 2900 "returned %p\n", hostname, cl); 2901 if (cl == NULL) 2902 goto done; 2903 #ifdef MALLOC_DEBUG 2904 add_alloc("CLNT_HANDLE", cl, 0, __FILE__, __LINE__); 2905 add_alloc("AUTH_HANDLE", cl->cl_auth, 0, 2906 __FILE__, __LINE__); 2907 #endif 2908 2909 switch (type_of_stuff) { 2910 case SERVER_FH: 2911 { 2912 enum snego_stat sec; 2913 2914 ah = authsys_create_default(); 2915 if (ah != NULL) { 2916 #ifdef MALLOC_DEBUG 2917 drop_alloc("AUTH_HANDLE", cl->cl_auth, 2918 __FILE__, __LINE__); 2919 #endif 2920 AUTH_DESTROY(cl->cl_auth); 2921 cl->cl_auth = ah; 2922 #ifdef MALLOC_DEBUG 2923 add_alloc("AUTH_HANDLE", cl->cl_auth, 0, 2924 __FILE__, __LINE__); 2925 #endif 2926 } 2927 2928 if (!mfssnego->snego_done && vers != NFS_V4) { 2929 /* 2930 * negotiate sec flavor. 2931 */ 2932 snego.cnt = 0; 2933 if ((sec = nfs_sec_nego(vers, cl, fspath, &snego)) == 2934 SNEGO_SUCCESS) { 2935 int jj; 2936 2937 /* 2938 * check if server supports the one 2939 * specified in the sec= option. 2940 */ 2941 if (mfssnego->sec_opt) { 2942 for (jj = 0; jj < snego.cnt; jj++) { 2943 if (snego.array[jj] == 2944 mfssnego->nfs_sec.sc_nfsnum) { 2945 mfssnego->snego_done = TRUE; 2946 break; 2947 } 2948 } 2949 } 2950 2951 /* 2952 * find a common sec flavor 2953 */ 2954 if (!mfssnego->snego_done) { 2955 for (jj = 0; jj < snego.cnt; jj++) { 2956 if (!nfs_getseconfig_bynumber( 2957 snego.array[jj], &mfssnego->nfs_sec)) { 2958 mfssnego->snego_done = TRUE; 2959 break; 2960 } 2961 } 2962 } 2963 if (!mfssnego->snego_done) 2964 return (NULL); 2965 2966 /* 2967 * Now that the flavor has been 2968 * negotiated, get the fh. 2969 * 2970 * First, create an auth handle using the negotiated 2971 * sec flavor in the next lookup to 2972 * fetch the filehandle. 2973 */ 2974 new_ah = nfs_create_ah(cl, hostname, 2975 &mfssnego->nfs_sec); 2976 if (new_ah == NULL) 2977 goto done; 2978 #ifdef MALLOC_DEBUG 2979 drop_alloc("AUTH_HANDLE", cl->cl_auth, 2980 __FILE__, __LINE__); 2981 #endif 2982 AUTH_DESTROY(cl->cl_auth); 2983 cl->cl_auth = new_ah; 2984 #ifdef MALLOC_DEBUG 2985 add_alloc("AUTH_HANDLE", cl->cl_auth, 0, 2986 __FILE__, __LINE__); 2987 #endif 2988 } else if (sec == SNEGO_ARRAY_TOO_SMALL || 2989 sec == SNEGO_FAILURE) { 2990 goto done; 2991 } 2992 /* 2993 * Note that if sec == SNEGO_DEF_VALID 2994 * the default sec flavor is acceptable. 2995 * Use it to get the filehandle. 2996 */ 2997 } 2998 } 2999 3000 switch (vers) { 3001 case NFS_VERSION: 3002 { 3003 wnl_diropargs arg; 3004 wnl_diropres *res; 3005 3006 memset((char *)&arg.dir, 0, sizeof (wnl_fh)); 3007 arg.name = fspath; 3008 res = wnlproc_lookup_2(&arg, cl); 3009 3010 if (res == NULL || res->status != NFS_OK) 3011 goto done; 3012 *fhp = malloc(sizeof (wnl_fh)); 3013 3014 if (*fhp == NULL) { 3015 syslog(LOG_ERR, "no memory\n"); 3016 goto done; 3017 } 3018 3019 memcpy((char *)*fhp, 3020 (char *)&res->wnl_diropres_u.wnl_diropres.file, 3021 sizeof (wnl_fh)); 3022 cs = RPC_SUCCESS; 3023 } 3024 break; 3025 case NFS_V3: 3026 { 3027 WNL_LOOKUP3args arg; 3028 WNL_LOOKUP3res *res; 3029 nfs_fh3 *fh3p; 3030 3031 memset((char *)&arg.what.dir, 0, sizeof (wnl_fh3)); 3032 arg.what.name = fspath; 3033 res = wnlproc3_lookup_3(&arg, cl); 3034 3035 if (res == NULL || res->status != NFS3_OK) 3036 goto done; 3037 3038 fh3p = (nfs_fh3 *)malloc(sizeof (*fh3p)); 3039 3040 if (fh3p == NULL) { 3041 syslog(LOG_ERR, "no memory\n"); 3042 CLNT_FREERES(cl, xdr_WNL_LOOKUP3res, 3043 (char *)res); 3044 goto done; 3045 } 3046 3047 fh3p->fh3_length = res-> 3048 WNL_LOOKUP3res_u.res_ok.object.data.data_len; 3049 memcpy(fh3p->fh3_u.data, res-> 3050 WNL_LOOKUP3res_u.res_ok.object.data.data_val, 3051 fh3p->fh3_length); 3052 3053 *fhp = (caddr_t)fh3p; 3054 3055 CLNT_FREERES(cl, xdr_WNL_LOOKUP3res, (char *)res); 3056 cs = RPC_SUCCESS; 3057 } 3058 break; 3059 case NFS_V4: 3060 *fhp = strdup(fspath); 3061 cs = RPC_SUCCESS; 3062 break; 3063 } 3064 break; 3065 case SERVER_ADDR: 3066 case SERVER_PING: 3067 tv.tv_sec = 10; 3068 tv.tv_usec = 0; 3069 cs = clnt_call(cl, NULLPROC, xdr_void, 0, 3070 xdr_void, 0, tv); 3071 if (trace > 1) 3072 trace_prt(1, 3073 "get_the_stuff: clnt_call(%s) " 3074 "returned %s\n", 3075 hostname, 3076 cs == RPC_SUCCESS ? "success" : 3077 "failure"); 3078 3079 if (cs != RPC_SUCCESS) 3080 goto done; 3081 break; 3082 } 3083 3084 } else if (type_of_stuff != SERVER_FH) { 3085 3086 if (type_of_stuff == SERVER_ADDR) { 3087 if (get_cached_srv_addr(hostname, prog, vers, nconf, 3088 &tbind->addr) == 0) 3089 goto done; 3090 } 3091 3092 if (port) { 3093 /* LINTED pointer alignment */ 3094 if (strcmp(nconf->nc_protofmly, NC_INET) == NULL) 3095 ((struct sockaddr_in *) 3096 tbind->addr.buf)->sin_port = 3097 htons((ushort_t)port); 3098 else if (strcmp(nconf->nc_protofmly, NC_INET6) == NULL) 3099 ((struct sockaddr_in6 *) 3100 tbind->addr.buf)->sin6_port = 3101 htons((ushort_t)port); 3102 cl = clnt_tli_create(fd, nconf, &tbind->addr, 3103 prog, vers, 0, 0); 3104 if (cl == NULL) 3105 goto done; 3106 #ifdef MALLOC_DEBUG 3107 add_alloc("CLNT_HANDLE", cl, 0, __FILE__, __LINE__); 3108 add_alloc("AUTH_HANDLE", cl->cl_auth, 0, 3109 __FILE__, __LINE__); 3110 #endif 3111 tv.tv_sec = 10; 3112 tv.tv_usec = 0; 3113 cs = clnt_call(cl, NULLPROC, xdr_void, 0, xdr_void, 3114 0, tv); 3115 if (cs != RPC_SUCCESS) 3116 goto done; 3117 } 3118 3119 } else { 3120 /* can't happen */ 3121 goto done; 3122 } 3123 3124 if (type_of_stuff != SERVER_PING) { 3125 3126 cs = RPC_SYSTEMERROR; 3127 3128 /* 3129 * Make a copy of the netbuf to return 3130 */ 3131 nb = (struct netbuf *)malloc(sizeof (struct netbuf)); 3132 if (nb == NULL) { 3133 syslog(LOG_ERR, "no memory\n"); 3134 goto done; 3135 } 3136 *nb = tbind->addr; 3137 nb->buf = (char *)malloc(nb->maxlen); 3138 if (nb->buf == NULL) { 3139 syslog(LOG_ERR, "no memory\n"); 3140 free(nb); 3141 nb = NULL; 3142 goto done; 3143 } 3144 (void) memcpy(nb->buf, tbind->addr.buf, tbind->addr.len); 3145 3146 cs = RPC_SUCCESS; 3147 } 3148 3149 done: 3150 if (cl != NULL) { 3151 if (ah != NULL) { 3152 #ifdef MALLOC_DEBUG 3153 drop_alloc("AUTH_HANDLE", cl->cl_auth, 3154 __FILE__, __LINE__); 3155 #endif 3156 AUTH_DESTROY(cl->cl_auth); 3157 cl->cl_auth = NULL; 3158 } 3159 #ifdef MALLOC_DEBUG 3160 drop_alloc("CLNT_HANDLE", cl, __FILE__, __LINE__); 3161 #endif 3162 clnt_destroy(cl); 3163 } 3164 3165 if (tbind) { 3166 t_free((char *)tbind, T_BIND); 3167 tbind = NULL; 3168 } 3169 3170 if (fd >= 0) 3171 (void) t_close(fd); 3172 3173 if (cstat != NULL) 3174 *cstat = cs; 3175 3176 return (nb); 3177 } 3178 3179 /* 3180 * Get a network address on "hostname" for program "prog" 3181 * with version "vers". If the port number is specified (non zero) 3182 * then try for a TCP/UDP transport and set the port number of the 3183 * resulting IP address. 3184 * 3185 * If the address of a netconfig pointer was passed and 3186 * if it's not null, use it as the netconfig otherwise 3187 * assign the address of the netconfig that was used to 3188 * establish contact with the service. 3189 * 3190 * tinfo argument is for matching the get_addr() defined in 3191 * ../nfs/mount/mount.c 3192 */ 3193 3194 static struct netbuf * 3195 get_addr(char *hostname, rpcprog_t prog, rpcvers_t vers, 3196 struct netconfig **nconfp, char *proto, ushort_t port, 3197 struct t_info *tinfo) 3198 3199 { 3200 enum clnt_stat cstat; 3201 3202 return (get_server_stuff(SERVER_ADDR, hostname, prog, vers, NULL, 3203 nconfp, proto, port, tinfo, NULL, FALSE, NULL, &cstat)); 3204 } 3205 3206 static struct netbuf * 3207 get_pubfh(char *hostname, rpcvers_t vers, mfs_snego_t *mfssnego, 3208 struct netconfig **nconfp, char *proto, ushort_t port, 3209 struct t_info *tinfo, caddr_t *fhp, bool_t get_pubfh, char *fspath) 3210 { 3211 enum clnt_stat cstat; 3212 3213 return (get_server_stuff(SERVER_FH, hostname, NFS_PROGRAM, vers, 3214 mfssnego, nconfp, proto, port, tinfo, fhp, get_pubfh, fspath, 3215 &cstat)); 3216 } 3217 3218 static enum clnt_stat 3219 get_ping(char *hostname, rpcprog_t prog, rpcvers_t vers, 3220 struct netconfig **nconfp, ushort_t port, bool_t direct_to_server) 3221 { 3222 enum clnt_stat cstat; 3223 3224 (void) get_server_stuff(SERVER_PING, hostname, prog, vers, NULL, nconfp, 3225 NULL, port, NULL, NULL, direct_to_server, NULL, &cstat); 3226 3227 return (cstat); 3228 } 3229 3230 void * 3231 get_server_stuff( 3232 enum type_of_stuff type_of_stuff, 3233 char *hostname, 3234 rpcprog_t prog, 3235 rpcvers_t vers, 3236 mfs_snego_t *mfssnego, 3237 struct netconfig **nconfp, 3238 char *proto, 3239 ushort_t port, /* may be zero */ 3240 struct t_info *tinfo, 3241 caddr_t *fhp, 3242 bool_t direct_to_server, 3243 char *fspath, 3244 enum clnt_stat *cstatp) 3245 { 3246 struct netbuf *nb = NULL; 3247 struct netconfig *nconf = NULL; 3248 NCONF_HANDLE *nc = NULL; 3249 int nthtry = FIRST_TRY; 3250 3251 if (nconfp && *nconfp) 3252 return (get_the_stuff(type_of_stuff, hostname, prog, vers, 3253 mfssnego, *nconfp, port, tinfo, fhp, direct_to_server, 3254 fspath, cstatp)); 3255 3256 3257 /* 3258 * No nconf passed in. 3259 * 3260 * Try to get a nconf from /etc/netconfig. 3261 * First choice is COTS, second is CLTS unless proto 3262 * is specified. When we retry, we reset the 3263 * netconfig list, so that we search the whole list 3264 * for the next choice. 3265 */ 3266 if ((nc = setnetpath()) == NULL) 3267 goto done; 3268 3269 /* 3270 * If proto is specified, then only search for the match, 3271 * otherwise try COTS first, if failed, then try CLTS. 3272 */ 3273 if (proto) { 3274 3275 while (nconf = getnetpath(nc)) { 3276 if (strcmp(nconf->nc_proto, proto)) 3277 continue; 3278 /* 3279 * If the port number is specified then TCP/UDP 3280 * is needed. Otherwise any cots/clts will do. 3281 */ 3282 if (port) { 3283 if ((strcmp(nconf->nc_protofmly, NC_INET) && 3284 strcmp(nconf->nc_protofmly, NC_INET6)) || 3285 (strcmp(nconf->nc_proto, NC_TCP) && 3286 strcmp(nconf->nc_proto, NC_UDP))) 3287 continue; 3288 } 3289 3290 nb = get_the_stuff(type_of_stuff, hostname, prog, vers, 3291 mfssnego, nconf, port, tinfo, fhp, 3292 direct_to_server, fspath, cstatp); 3293 3294 if (*cstatp == RPC_SUCCESS) 3295 break; 3296 3297 assert(nb == NULL); 3298 3299 } /* end of while */ 3300 3301 if (nconf == NULL) 3302 goto done; 3303 3304 } else { 3305 retry: 3306 while (nconf = getnetpath(nc)) { 3307 if (nconf->nc_flag & NC_VISIBLE) { 3308 if (nthtry == FIRST_TRY) { 3309 if ((nconf->nc_semantics == NC_TPI_COTS_ORD) || 3310 (nconf->nc_semantics == NC_TPI_COTS)) { 3311 if (port == 0) 3312 break; 3313 if ((strcmp(nconf->nc_protofmly, 3314 NC_INET) == 0 || 3315 strcmp(nconf->nc_protofmly, 3316 NC_INET6) == 0) && 3317 (strcmp(nconf->nc_proto, NC_TCP) == 0)) 3318 break; 3319 } 3320 } 3321 if (nthtry == SECOND_TRY) { 3322 if (nconf->nc_semantics == NC_TPI_CLTS) { 3323 if (port == 0) 3324 break; 3325 if ((strcmp(nconf->nc_protofmly, 3326 NC_INET) == 0 || 3327 strcmp(nconf->nc_protofmly, 3328 NC_INET6) == 0) && 3329 (strcmp(nconf->nc_proto, NC_UDP) == 0)) 3330 break; 3331 } 3332 } 3333 } 3334 } /* while */ 3335 if (nconf == NULL) { 3336 if (++nthtry <= MNT_PREF_LISTLEN) { 3337 endnetpath(nc); 3338 if ((nc = setnetpath()) == NULL) 3339 goto done; 3340 goto retry; 3341 } else 3342 goto done; 3343 } else { 3344 nb = get_the_stuff(type_of_stuff, hostname, prog, vers, 3345 mfssnego, nconf, port, tinfo, fhp, direct_to_server, 3346 fspath, cstatp); 3347 if (*cstatp != RPC_SUCCESS) 3348 /* 3349 * Continue the same search path in the 3350 * netconfig db until no more matched nconf 3351 * (nconf == NULL). 3352 */ 3353 goto retry; 3354 } 3355 } /* if !proto */ 3356 3357 /* 3358 * Got nconf and nb. Now dup the netconfig structure (nconf) 3359 * and return it thru nconfp. 3360 */ 3361 *nconfp = getnetconfigent(nconf->nc_netid); 3362 if (*nconfp == NULL) { 3363 syslog(LOG_ERR, "no memory\n"); 3364 free(nb); 3365 nb = NULL; 3366 } 3367 done: 3368 if (nc) 3369 endnetpath(nc); 3370 return (nb); 3371 } 3372 3373 3374 /* 3375 * Sends a null call to the remote host's (NFS program, versp). versp 3376 * may be "NULL" in which case the default maximum version is used. 3377 * Upon return, versp contains the maximum version supported iff versp!= NULL. 3378 */ 3379 enum clnt_stat 3380 pingnfs( 3381 char *hostpart, 3382 int attempts, 3383 rpcvers_t *versp, 3384 rpcvers_t versmin, 3385 ushort_t port, /* may be zero */ 3386 bool_t usepub, 3387 char *path, 3388 char *proto) 3389 { 3390 CLIENT *cl = NULL; 3391 struct timeval rpc_to_new = {15, 0}; 3392 static struct timeval rpc_rtrans_new = {-1, -1}; 3393 enum clnt_stat clnt_stat; 3394 int i, j; 3395 rpcvers_t versmax; /* maximum version to try against server */ 3396 rpcvers_t outvers; /* version supported by host on last call */ 3397 rpcvers_t vers_to_try; /* to try different versions against host */ 3398 char *hostname; 3399 struct netconfig *nconf; 3400 3401 hostname = strdup(hostpart); 3402 if (hostname == NULL) { 3403 return (RPC_SYSTEMERROR); 3404 } 3405 unbracket(&hostname); 3406 3407 if (path != NULL && strcmp(hostname, "nfs") == 0 && 3408 strncmp(path, "//", 2) == 0) { 3409 char *sport; 3410 3411 hostname = strdup(path+2); 3412 3413 if (hostname == NULL) 3414 return (RPC_SYSTEMERROR); 3415 3416 path = strchr(hostname, '/'); 3417 3418 /* 3419 * This cannot happen. If it does, give up 3420 * on the ping as this is obviously a corrupt 3421 * entry. 3422 */ 3423 if (path == NULL) { 3424 free(hostname); 3425 return (RPC_SUCCESS); 3426 } 3427 3428 /* 3429 * Probable end point of host string. 3430 */ 3431 *path = '\0'; 3432 3433 sport = strchr(hostname, ':'); 3434 3435 if (sport != NULL && sport < path) { 3436 3437 /* 3438 * Actual end point of host string. 3439 */ 3440 *sport = '\0'; 3441 port = htons((ushort_t)atoi(sport+1)); 3442 } 3443 3444 usepub = TRUE; 3445 } 3446 3447 /* Pick up the default versions and then set them appropriately */ 3448 if (versp) { 3449 versmax = *versp; 3450 /* use versmin passed in */ 3451 } else { 3452 read_default_nfs(); 3453 set_versrange(0, &versmax, &versmin); 3454 } 3455 3456 if (proto && 3457 strncasecmp(proto, NC_UDP, strlen(NC_UDP)) == 0 && 3458 versmax == NFS_V4) { 3459 if (versmin == NFS_V4) { 3460 if (versp) { 3461 *versp = versmax - 1; 3462 return (RPC_SUCCESS); 3463 } 3464 return (RPC_PROGUNAVAIL); 3465 } else { 3466 versmax--; 3467 } 3468 } 3469 3470 if (versp) 3471 *versp = versmax; 3472 3473 switch (cache_check(hostname, versp, proto)) { 3474 case GOODHOST: 3475 if (hostname != hostpart) 3476 free(hostname); 3477 return (RPC_SUCCESS); 3478 case DEADHOST: 3479 if (hostname != hostpart) 3480 free(hostname); 3481 return (RPC_TIMEDOUT); 3482 case NOHOST: 3483 default: 3484 break; 3485 } 3486 3487 /* 3488 * XXX The retransmission time rpcbrmttime is a global defined 3489 * in the rpc library (rpcb_clnt.c). We use (and like) the default 3490 * value of 15 sec in the rpc library. The code below is to protect 3491 * us in case it changes. This need not be done under a lock since 3492 * any # of threads entering this function will get the same 3493 * retransmission value. 3494 */ 3495 if (rpc_rtrans_new.tv_sec == -1 && rpc_rtrans_new.tv_usec == -1) { 3496 __rpc_control(CLCR_GET_RPCB_RMTTIME, (char *)&rpc_rtrans_new); 3497 if (rpc_rtrans_new.tv_sec != 15 && rpc_rtrans_new.tv_sec != 0) 3498 if (trace > 1) 3499 trace_prt(1, "RPC library rttimer changed\n"); 3500 } 3501 3502 /* 3503 * XXX Manipulate the total timeout to get the number of 3504 * desired retransmissions. This code is heavily dependant on 3505 * the RPC backoff mechanism in clnt_dg_call (clnt_dg.c). 3506 */ 3507 for (i = 0, j = rpc_rtrans_new.tv_sec; i < attempts-1; i++) { 3508 if (j < RPC_MAX_BACKOFF) 3509 j *= 2; 3510 else 3511 j = RPC_MAX_BACKOFF; 3512 rpc_to_new.tv_sec += j; 3513 } 3514 3515 vers_to_try = versmax; 3516 3517 /* 3518 * check the host's version within the timeout 3519 */ 3520 if (trace > 1) 3521 trace_prt(1, " ping: %s timeout=%ld request vers=%d min=%d\n", 3522 hostname, rpc_to_new.tv_sec, versmax, versmin); 3523 3524 if (usepub == FALSE) { 3525 do { 3526 /* 3527 * If NFSv4, then we do the same thing as is used 3528 * for public filehandles so that we avoid rpcbind 3529 */ 3530 if (vers_to_try == NFS_V4) { 3531 if (trace > 4) { 3532 trace_prt(1, " pingnfs: Trying ping via " 3533 "\"circuit_v\"\n"); 3534 } 3535 3536 if ((cl = clnt_create_service_timed(hostname, "nfs", 3537 NFS_PROGRAM, 3538 vers_to_try, 3539 port, "circuit_v", 3540 &rpc_to_new)) 3541 != NULL) { 3542 outvers = vers_to_try; 3543 break; 3544 } 3545 if (trace > 4) { 3546 trace_prt(1, " pingnfs: Can't ping via " 3547 "\"circuit_v\" %s: RPC error=%d\n", 3548 hostname, rpc_createerr.cf_stat); 3549 } 3550 3551 } else { 3552 if ((cl = clnt_create_vers_timed(hostname, NFS_PROGRAM, 3553 &outvers, versmin, vers_to_try, 3554 "datagram_v", &rpc_to_new)) 3555 != NULL) 3556 break; 3557 if (trace > 4) { 3558 trace_prt(1, " pingnfs: Can't ping via " 3559 "\"datagram_v\"%s: RPC error=%d\n", 3560 hostname, rpc_createerr.cf_stat); 3561 } 3562 if (rpc_createerr.cf_stat == RPC_UNKNOWNHOST || 3563 rpc_createerr.cf_stat == RPC_TIMEDOUT) 3564 break; 3565 if (rpc_createerr.cf_stat == RPC_PROGNOTREGISTERED) { 3566 if (trace > 4) { 3567 trace_prt(1, " pingnfs: Trying ping " 3568 "via \"circuit_v\"\n"); 3569 } 3570 if ((cl = clnt_create_vers_timed(hostname, 3571 NFS_PROGRAM, &outvers, 3572 versmin, vers_to_try, 3573 "circuit_v", &rpc_to_new)) != NULL) 3574 break; 3575 if (trace > 4) { 3576 trace_prt(1, " pingnfs: Can't ping " 3577 "via \"circuit_v\" %s: " 3578 "RPC error=%d\n", 3579 hostname, 3580 rpc_createerr.cf_stat); 3581 } 3582 } 3583 } 3584 3585 /* 3586 * backoff and return lower version to retry the ping. 3587 * XXX we should be more careful and handle 3588 * RPC_PROGVERSMISMATCH here, because that error is handled 3589 * in clnt_create_vers(). It's not done to stay in sync 3590 * with the nfs mount command. 3591 */ 3592 vers_to_try--; 3593 if (vers_to_try < versmin) 3594 break; 3595 if (versp != NULL) { /* recheck the cache */ 3596 *versp = vers_to_try; 3597 if (trace > 4) { 3598 trace_prt(1, 3599 " pingnfs: check cache: vers=%d\n", 3600 *versp); 3601 } 3602 switch (cache_check(hostname, versp, proto)) { 3603 case GOODHOST: 3604 if (hostname != hostpart) 3605 free(hostname); 3606 return (RPC_SUCCESS); 3607 case DEADHOST: 3608 if (hostname != hostpart) 3609 free(hostname); 3610 return (RPC_TIMEDOUT); 3611 case NOHOST: 3612 default: 3613 break; 3614 } 3615 } 3616 if (trace > 4) { 3617 trace_prt(1, " pingnfs: Try version=%d\n", 3618 vers_to_try); 3619 } 3620 } while (cl == NULL); 3621 3622 3623 if (cl == NULL) { 3624 if (verbose) 3625 syslog(LOG_ERR, "pingnfs: %s%s", 3626 hostname, clnt_spcreateerror("")); 3627 clnt_stat = rpc_createerr.cf_stat; 3628 } else { 3629 clnt_destroy(cl); 3630 clnt_stat = RPC_SUCCESS; 3631 } 3632 3633 } else { 3634 for (vers_to_try = versmax; vers_to_try >= versmin; 3635 vers_to_try--) { 3636 3637 nconf = NULL; 3638 3639 if (trace > 4) { 3640 trace_prt(1, " pingnfs: Try version=%d " 3641 "using get_ping()\n", vers_to_try); 3642 } 3643 3644 clnt_stat = get_ping(hostname, NFS_PROGRAM, 3645 vers_to_try, &nconf, port, TRUE); 3646 3647 if (nconf != NULL) 3648 freenetconfigent(nconf); 3649 3650 if (clnt_stat == RPC_SUCCESS) { 3651 outvers = vers_to_try; 3652 break; 3653 } 3654 } 3655 } 3656 3657 if (trace > 1) 3658 clnt_stat == RPC_SUCCESS ? 3659 trace_prt(1, " pingnfs OK: nfs version=%d\n", outvers): 3660 trace_prt(1, " pingnfs FAIL: can't get nfs version\n"); 3661 3662 if (clnt_stat == RPC_SUCCESS) { 3663 cache_enter(hostname, versmax, outvers, proto, GOODHOST); 3664 if (versp != NULL) 3665 *versp = outvers; 3666 } else 3667 cache_enter(hostname, versmax, versmax, proto, DEADHOST); 3668 3669 if (hostpart != hostname) 3670 free(hostname); 3671 3672 return (clnt_stat); 3673 } 3674 3675 #define MNTTYPE_LOFS "lofs" 3676 3677 int 3678 loopbackmount(fsname, dir, mntopts, overlay) 3679 char *fsname; /* Directory being mounted */ 3680 char *dir; /* Directory being mounted on */ 3681 char *mntopts; 3682 int overlay; 3683 { 3684 struct mnttab mnt; 3685 int flags = 0; 3686 char fstype[] = MNTTYPE_LOFS; 3687 int dirlen; 3688 struct stat st; 3689 char optbuf[MAX_MNTOPT_STR]; 3690 3691 dirlen = strlen(dir); 3692 if (dir[dirlen-1] == ' ') 3693 dirlen--; 3694 3695 if (dirlen == strlen(fsname) && 3696 strncmp(fsname, dir, dirlen) == 0) { 3697 syslog(LOG_ERR, 3698 "Mount of %s on %s would result in deadlock, aborted\n", 3699 fsname, dir); 3700 return (RET_ERR); 3701 } 3702 mnt.mnt_mntopts = mntopts; 3703 if (hasmntopt(&mnt, MNTOPT_RO) != NULL) 3704 flags |= MS_RDONLY; 3705 3706 (void) strlcpy(optbuf, mntopts, sizeof (optbuf)); 3707 3708 if (overlay) 3709 flags |= MS_OVERLAY; 3710 3711 if (trace > 1) 3712 trace_prt(1, 3713 " loopbackmount: fsname=%s, dir=%s, flags=%d\n", 3714 fsname, dir, flags); 3715 3716 if (is_system_labeled()) { 3717 if (create_homedir((const char *)fsname, 3718 (const char *)dir) == 0) { 3719 return (NFSERR_NOENT); 3720 } 3721 } 3722 3723 if (mount(fsname, dir, flags | MS_DATA | MS_OPTIONSTR, fstype, 3724 NULL, 0, optbuf, sizeof (optbuf)) < 0) { 3725 syslog(LOG_ERR, "Mount of %s on %s: %m", fsname, dir); 3726 return (RET_ERR); 3727 } 3728 3729 if (stat(dir, &st) == 0) { 3730 if (trace > 1) { 3731 trace_prt(1, 3732 " loopbackmount of %s on %s dev=%x rdev=%x OK\n", 3733 fsname, dir, st.st_dev, st.st_rdev); 3734 } 3735 } else { 3736 if (trace > 1) { 3737 trace_prt(1, 3738 " loopbackmount of %s on %s OK\n", fsname, dir); 3739 trace_prt(1, " stat of %s failed\n", dir); 3740 } 3741 } 3742 3743 return (0); 3744 } 3745 3746 /* 3747 * Look for the value of a numeric option of the form foo=x. If found, set 3748 * *valp to the value and return non-zero. If not found or the option is 3749 * malformed, return zero. 3750 */ 3751 3752 int 3753 nopt(mnt, opt, valp) 3754 struct mnttab *mnt; 3755 char *opt; 3756 int *valp; /* OUT */ 3757 { 3758 char *equal; 3759 char *str; 3760 3761 /* 3762 * We should never get a null pointer, but if we do, it's better to 3763 * ignore the option than to dump core. 3764 */ 3765 3766 if (valp == NULL) { 3767 syslog(LOG_DEBUG, "null pointer for %s option", opt); 3768 return (0); 3769 } 3770 3771 if (str = hasmntopt(mnt, opt)) { 3772 if (equal = strchr(str, '=')) { 3773 *valp = atoi(&equal[1]); 3774 return (1); 3775 } else { 3776 syslog(LOG_ERR, "Bad numeric option '%s'", str); 3777 } 3778 } 3779 return (0); 3780 } 3781 3782 int 3783 nfsunmount(mnt) 3784 struct mnttab *mnt; 3785 { 3786 struct timeval timeout; 3787 CLIENT *cl; 3788 enum clnt_stat rpc_stat; 3789 char *host, *path; 3790 struct replica *list; 3791 int i, count = 0; 3792 int isv4mount = is_v4_mount(mnt->mnt_mountp); 3793 3794 if (trace > 1) 3795 trace_prt(1, " nfsunmount: umount %s\n", mnt->mnt_mountp); 3796 3797 if (umount(mnt->mnt_mountp) < 0) { 3798 if (trace > 1) 3799 trace_prt(1, " nfsunmount: umount %s FAILED\n", 3800 mnt->mnt_mountp); 3801 if (errno) 3802 return (errno); 3803 } 3804 3805 /* 3806 * If this is a NFSv4 mount, the mount protocol was not used 3807 * so we just return. 3808 */ 3809 if (isv4mount) { 3810 if (trace > 1) 3811 trace_prt(1, " nfsunmount: umount %s OK\n", 3812 mnt->mnt_mountp); 3813 return (0); 3814 } 3815 3816 /* 3817 * If mounted with -o public, then no need to contact server 3818 * because mount protocol was not used. 3819 */ 3820 if (hasmntopt(mnt, MNTOPT_PUBLIC) != NULL) { 3821 return (0); 3822 } 3823 3824 /* 3825 * The rest of this code is advisory to the server. 3826 * If it fails return success anyway. 3827 */ 3828 3829 list = parse_replica(mnt->mnt_special, &count); 3830 if (!list) { 3831 if (count >= 0) 3832 syslog(LOG_ERR, 3833 "Memory allocation failed: %m"); 3834 return (ENOMEM); 3835 } 3836 3837 for (i = 0; i < count; i++) { 3838 3839 host = list[i].host; 3840 path = list[i].path; 3841 3842 /* 3843 * Skip file systems mounted using WebNFS, because mount 3844 * protocol was not used. 3845 */ 3846 if (strcmp(host, "nfs") == 0 && strncmp(path, "//", 2) == 0) 3847 continue; 3848 3849 cl = clnt_create(host, MOUNTPROG, MOUNTVERS, "datagram_v"); 3850 if (cl == NULL) 3851 break; 3852 #ifdef MALLOC_DEBUG 3853 add_alloc("CLNT_HANDLE", cl, 0, __FILE__, __LINE__); 3854 add_alloc("AUTH_HANDLE", cl->cl_auth, 0, 3855 __FILE__, __LINE__); 3856 #endif 3857 if (__clnt_bindresvport(cl) < 0) { 3858 if (verbose) 3859 syslog(LOG_ERR, "umount %s:%s: %s", 3860 host, path, 3861 "Couldn't bind to reserved port"); 3862 destroy_auth_client_handle(cl); 3863 continue; 3864 } 3865 #ifdef MALLOC_DEBUG 3866 drop_alloc("AUTH_HANDLE", cl->cl_auth, __FILE__, __LINE__); 3867 #endif 3868 AUTH_DESTROY(cl->cl_auth); 3869 if ((cl->cl_auth = authsys_create_default()) == NULL) { 3870 if (verbose) 3871 syslog(LOG_ERR, "umount %s:%s: %s", 3872 host, path, 3873 "Failed creating default auth handle"); 3874 destroy_auth_client_handle(cl); 3875 continue; 3876 } 3877 #ifdef MALLOC_DEBUG 3878 add_alloc("AUTH_HANDLE", cl->cl_auth, 0, __FILE__, __LINE__); 3879 #endif 3880 timeout.tv_usec = 0; 3881 timeout.tv_sec = 5; 3882 rpc_stat = clnt_call(cl, MOUNTPROC_UMNT, xdr_dirpath, 3883 (caddr_t)&path, xdr_void, (char *)NULL, timeout); 3884 if (verbose && rpc_stat != RPC_SUCCESS) 3885 syslog(LOG_ERR, "%s: %s", 3886 host, clnt_sperror(cl, "unmount")); 3887 destroy_auth_client_handle(cl); 3888 } 3889 3890 free_replica(list, count); 3891 3892 if (trace > 1) 3893 trace_prt(1, " nfsunmount: umount %s OK\n", mnt->mnt_mountp); 3894 3895 done: 3896 return (0); 3897 } 3898 3899 /* 3900 * Put a new entry in the cache chain by prepending it to the front. 3901 * If there isn't enough memory then just give up. 3902 */ 3903 static void 3904 cache_enter(host, reqvers, outvers, proto, state) 3905 char *host; 3906 rpcvers_t reqvers; 3907 rpcvers_t outvers; 3908 char *proto; 3909 int state; 3910 { 3911 struct cache_entry *entry; 3912 int cache_time = 30; /* sec */ 3913 3914 timenow = time(NULL); 3915 3916 entry = (struct cache_entry *)malloc(sizeof (struct cache_entry)); 3917 if (entry == NULL) 3918 return; 3919 (void) memset((caddr_t)entry, 0, sizeof (struct cache_entry)); 3920 entry->cache_host = strdup(host); 3921 if (entry->cache_host == NULL) { 3922 cache_free(entry); 3923 return; 3924 } 3925 entry->cache_reqvers = reqvers; 3926 entry->cache_outvers = outvers; 3927 entry->cache_proto = (proto == NULL ? NULL : strdup(proto)); 3928 entry->cache_state = state; 3929 entry->cache_time = timenow + cache_time; 3930 (void) rw_wrlock(&cache_lock); 3931 #ifdef CACHE_DEBUG 3932 host_cache_accesses++; /* up host cache access counter */ 3933 #endif /* CACHE DEBUG */ 3934 entry->cache_next = cache_head; 3935 cache_head = entry; 3936 (void) rw_unlock(&cache_lock); 3937 } 3938 3939 static int 3940 cache_check(host, versp, proto) 3941 char *host; 3942 rpcvers_t *versp; 3943 char *proto; 3944 { 3945 int state = NOHOST; 3946 struct cache_entry *ce, *prev; 3947 3948 timenow = time(NULL); 3949 3950 (void) rw_rdlock(&cache_lock); 3951 3952 #ifdef CACHE_DEBUG 3953 /* Increment the lookup and access counters for the host cache */ 3954 host_cache_accesses++; 3955 host_cache_lookups++; 3956 if ((host_cache_lookups%1000) == 0) 3957 trace_host_cache(); 3958 #endif /* CACHE DEBUG */ 3959 3960 for (ce = cache_head; ce; ce = ce->cache_next) { 3961 if (timenow > ce->cache_time) { 3962 (void) rw_unlock(&cache_lock); 3963 (void) rw_wrlock(&cache_lock); 3964 for (prev = NULL, ce = cache_head; ce; 3965 prev = ce, ce = ce->cache_next) { 3966 if (timenow > ce->cache_time) { 3967 cache_free(ce); 3968 if (prev) 3969 prev->cache_next = NULL; 3970 else 3971 cache_head = NULL; 3972 break; 3973 } 3974 } 3975 (void) rw_unlock(&cache_lock); 3976 return (state); 3977 } 3978 if (strcmp(host, ce->cache_host) != 0) 3979 continue; 3980 if ((proto == NULL && ce->cache_proto != NULL) || 3981 (proto != NULL && ce->cache_proto == NULL)) 3982 continue; 3983 if (proto != NULL && 3984 strcmp(proto, ce->cache_proto) != 0) 3985 continue; 3986 3987 if (versp == NULL || 3988 (versp != NULL && *versp == ce->cache_reqvers) || 3989 (versp != NULL && *versp == ce->cache_outvers)) { 3990 if (versp != NULL) 3991 *versp = ce->cache_outvers; 3992 state = ce->cache_state; 3993 3994 /* increment the host cache hit counters */ 3995 #ifdef CACHE_DEBUG 3996 if (state == GOODHOST) 3997 goodhost_cache_hits++; 3998 if (state == DEADHOST) 3999 deadhost_cache_hits++; 4000 #endif /* CACHE_DEBUG */ 4001 (void) rw_unlock(&cache_lock); 4002 return (state); 4003 } 4004 } 4005 (void) rw_unlock(&cache_lock); 4006 return (state); 4007 } 4008 4009 /* 4010 * Free a cache entry and all entries 4011 * further down the chain since they 4012 * will also be expired. 4013 */ 4014 static void 4015 cache_free(entry) 4016 struct cache_entry *entry; 4017 { 4018 struct cache_entry *ce, *next = NULL; 4019 4020 for (ce = entry; ce; ce = next) { 4021 if (ce->cache_host) 4022 free(ce->cache_host); 4023 if (ce->cache_proto) 4024 free(ce->cache_proto); 4025 next = ce->cache_next; 4026 free(ce); 4027 } 4028 } 4029 4030 #ifdef MALLOC_DEBUG 4031 void 4032 cache_flush() 4033 { 4034 (void) rw_wrlock(&cache_lock); 4035 cache_free(cache_head); 4036 cache_head = NULL; 4037 (void) rw_unlock(&cache_lock); 4038 } 4039 4040 void 4041 flush_caches() 4042 { 4043 mutex_lock(&cleanup_lock); 4044 cond_signal(&cleanup_start_cv); 4045 (void) cond_wait(&cleanup_done_cv, &cleanup_lock); 4046 mutex_unlock(&cleanup_lock); 4047 cache_flush(); 4048 portmap_cache_flush(); 4049 } 4050 #endif 4051 4052 /* 4053 * Returns 1, if port option is NFS_PORT or 4054 * nfsd is running on the port given 4055 * Returns 0, if both port is not NFS_PORT and nfsd is not 4056 * running on the port. 4057 */ 4058 4059 static int 4060 is_nfs_port(char *opts) 4061 { 4062 struct mnttab m; 4063 uint_t nfs_port = 0; 4064 struct servent sv; 4065 char buf[256]; 4066 int got_port; 4067 4068 m.mnt_mntopts = opts; 4069 4070 /* 4071 * Get port specified in options list, if any. 4072 */ 4073 got_port = nopt(&m, MNTOPT_PORT, (int *)&nfs_port); 4074 4075 /* 4076 * if no port specified or it is same as NFS_PORT return nfs 4077 * To use any other daemon the port number should be different 4078 */ 4079 if (!got_port || nfs_port == NFS_PORT) 4080 return (1); 4081 /* 4082 * If daemon is nfsd, return nfs 4083 */ 4084 if (getservbyport_r(nfs_port, NULL, &sv, buf, 256) == &sv && 4085 strcmp(sv.s_name, "nfsd") == 0) 4086 return (1); 4087 4088 /* 4089 * daemon is not nfs 4090 */ 4091 return (0); 4092 } 4093 4094 4095 /* 4096 * destroy_auth_client_handle(cl) 4097 * destroys the created client handle 4098 */ 4099 void 4100 destroy_auth_client_handle(CLIENT *cl) 4101 { 4102 if (cl) { 4103 if (cl->cl_auth) { 4104 #ifdef MALLOC_DEBUG 4105 drop_alloc("AUTH_HANDLE", cl->cl_auth, 4106 __FILE__, __LINE__); 4107 #endif 4108 AUTH_DESTROY(cl->cl_auth); 4109 cl->cl_auth = NULL; 4110 } 4111 #ifdef MALLOC_DEBUG 4112 drop_alloc("CLNT_HANDLE", cl, 4113 __FILE__, __LINE__); 4114 #endif 4115 clnt_destroy(cl); 4116 } 4117 } 4118 4119 4120 /* 4121 * Attempt to figure out which version of NFS to use in pingnfs(). If 4122 * the version number was specified (i.e., non-zero), then use it. 4123 * Otherwise, default to the compiled-in default or the default as set 4124 * by the /etc/default/nfs configuration (as read by read_default(). 4125 */ 4126 int 4127 set_versrange(rpcvers_t nfsvers, rpcvers_t *vers, rpcvers_t *versmin) 4128 { 4129 switch (nfsvers) { 4130 case 0: 4131 *vers = vers_max_default; 4132 *versmin = vers_min_default; 4133 break; 4134 case NFS_V4: 4135 *vers = NFS_V4; 4136 *versmin = NFS_V4; 4137 break; 4138 case NFS_V3: 4139 *vers = NFS_V3; 4140 *versmin = NFS_V3; 4141 break; 4142 case NFS_VERSION: 4143 *vers = NFS_VERSION; /* version 2 */ 4144 *versmin = NFS_VERSMIN; /* version 2 */ 4145 break; 4146 default: 4147 return (-1); 4148 } 4149 return (0); 4150 } 4151 4152 #ifdef CACHE_DEBUG 4153 /* 4154 * trace_portmap_cache() 4155 * traces the portmap cache values at desired points 4156 */ 4157 static void 4158 trace_portmap_cache() 4159 { 4160 syslog(LOG_ERR, "portmap_cache: accesses=%d lookups=%d hits=%d\n", 4161 portmap_cache_accesses, portmap_cache_lookups, 4162 portmap_cache_hits); 4163 } 4164 4165 /* 4166 * trace_host_cache() 4167 * traces the host cache values at desired points 4168 */ 4169 static void 4170 trace_host_cache() 4171 { 4172 syslog(LOG_ERR, 4173 "host_cache: accesses=%d lookups=%d deadhits=%d goodhits=%d\n", 4174 host_cache_accesses, host_cache_lookups, deadhost_cache_hits, 4175 goodhost_cache_hits); 4176 } 4177 #endif /* CACHE_DEBUG */ 4178 4179 /* 4180 * Read the /etc/default/nfs configuration file to determine if the 4181 * client has been configured for a new min/max for the NFS version to 4182 * use. 4183 */ 4184 4185 #define NFS_DEFAULT_CHECK 60 /* Seconds to check for nfs default changes */ 4186 4187 static void 4188 read_default_nfs(void) 4189 { 4190 static time_t lastread = 0; 4191 struct stat buf; 4192 char *defval; 4193 int errno; 4194 int tmp; 4195 4196 /* 4197 * Fail silently if we can't stat the default nfs config file 4198 */ 4199 if (stat(NFSADMIN, &buf)) 4200 return; 4201 4202 if (buf.st_mtime == lastread) 4203 return; 4204 4205 /* 4206 * Fail silently if error in opening the default nfs config file 4207 * We'll check back in NFS_DEFAULT_CHECK seconds 4208 */ 4209 if ((defopen(NFSADMIN)) == 0) { 4210 if ((defval = defread("NFS_CLIENT_VERSMIN=")) != NULL) { 4211 errno = 0; 4212 tmp = strtol(defval, (char **)NULL, 10); 4213 if (errno == 0) { 4214 vers_min_default = tmp; 4215 } 4216 } 4217 if ((defval = defread("NFS_CLIENT_VERSMAX=")) != NULL) { 4218 errno = 0; 4219 tmp = strtol(defval, (char **)NULL, 10); 4220 if (errno == 0) { 4221 vers_max_default = tmp; 4222 } 4223 } 4224 /* close defaults file */ 4225 defopen(NULL); 4226 4227 lastread = buf.st_mtime; 4228 4229 /* 4230 * Quick sanity check on the values picked up from the 4231 * defaults file. Make sure that a mistake wasn't 4232 * made that will confuse things later on. 4233 * If so, reset to compiled-in defaults 4234 */ 4235 if (vers_min_default > vers_max_default || 4236 vers_min_default < NFS_VERSMIN || 4237 vers_max_default > NFS_VERSMAX) { 4238 if (trace > 1) { 4239 trace_prt(1, 4240 " read_default: version minimum/maximum incorrectly configured\n"); 4241 trace_prt(1, 4242 " read_default: config is min=%d, max%d. Resetting to min=%d, max%d\n", 4243 vers_min_default, vers_max_default, 4244 NFS_VERSMIN_DEFAULT, 4245 NFS_VERSMAX_DEFAULT); 4246 } 4247 vers_min_default = NFS_VERSMIN_DEFAULT; 4248 vers_max_default = NFS_VERSMAX_DEFAULT; 4249 } 4250 } 4251 } 4252 4253 /* 4254 * Find the mnttab entry that corresponds to "name". 4255 * We're not sure what the name represents: either 4256 * a mountpoint name, or a special name (server:/path). 4257 * Return the last entry in the file that matches. 4258 */ 4259 static struct extmnttab * 4260 mnttab_find(dirname) 4261 char *dirname; 4262 { 4263 FILE *fp; 4264 struct extmnttab mnt; 4265 struct extmnttab *res = NULL; 4266 4267 fp = fopen(MNTTAB, "r"); 4268 if (fp == NULL) { 4269 if (trace > 1) 4270 trace_prt(1, " mnttab_find: unable to open mnttab\n"); 4271 return (NULL); 4272 } 4273 while (getextmntent(fp, &mnt, sizeof (struct extmnttab)) == 0) { 4274 if (strcmp(mnt.mnt_mountp, dirname) == 0 || 4275 strcmp(mnt.mnt_special, dirname) == 0) { 4276 if (res) 4277 fsfreemnttab(res); 4278 res = fsdupmnttab(&mnt); 4279 } 4280 } 4281 4282 resetmnttab(fp); 4283 fclose(fp); 4284 if (res == NULL) { 4285 if (trace > 1) 4286 trace_prt(1, " mnttab_find: unable to find %s\n", 4287 dirname); 4288 } 4289 return (res); 4290 } 4291 4292 /* 4293 * This function's behavior is taken from nfsstat. 4294 * Trying to determine what NFS version was used for the mount. 4295 */ 4296 static int 4297 is_v4_mount(char *mntpath) 4298 { 4299 kstat_ctl_t *kc = NULL; /* libkstat cookie */ 4300 kstat_t *ksp; 4301 ulong_t fsid; 4302 struct mntinfo_kstat mik; 4303 struct extmnttab *mntp; 4304 uint_t mnt_minor; 4305 4306 if ((mntp = mnttab_find(mntpath)) == NULL) 4307 return (FALSE); 4308 4309 /* save the minor number and free the struct so we don't forget */ 4310 mnt_minor = mntp->mnt_minor; 4311 fsfreemnttab(mntp); 4312 4313 if ((kc = kstat_open()) == NULL) 4314 return (FALSE); 4315 4316 for (ksp = kc->kc_chain; ksp; ksp = ksp->ks_next) { 4317 if (ksp->ks_type != KSTAT_TYPE_RAW) 4318 continue; 4319 if (strcmp(ksp->ks_module, "nfs") != 0) 4320 continue; 4321 if (strcmp(ksp->ks_name, "mntinfo") != 0) 4322 continue; 4323 if (mnt_minor != ksp->ks_instance) 4324 continue; 4325 4326 if (kstat_read(kc, ksp, &mik) == -1) 4327 continue; 4328 4329 (void) kstat_close(kc); 4330 if (mik.mik_vers == 4) 4331 return (TRUE); 4332 else 4333 return (FALSE); 4334 } 4335 (void) kstat_close(kc); 4336 4337 return (FALSE); 4338 } 4339 4340 static int 4341 create_homedir(const char *src, const char *dst) { 4342 4343 struct stat stbuf; 4344 char *dst_username; 4345 struct passwd *pwd, pwds; 4346 char buf_pwd[NSS_BUFLEN_PASSWD]; 4347 int homedir_len; 4348 int dst_dir_len; 4349 int src_dir_len; 4350 4351 if (trace > 1) 4352 trace_prt(1, "entered create_homedir\n"); 4353 4354 if (stat(src, &stbuf) == 0) { 4355 if (trace > 1) 4356 trace_prt(1, "src exists\n"); 4357 return (1); 4358 } 4359 4360 dst_username = strrchr(dst, '/'); 4361 if (dst_username) { 4362 dst_username++; /* Skip over slash */ 4363 pwd = getpwnam_r(dst_username, &pwds, buf_pwd, 4364 sizeof (buf_pwd)); 4365 if (pwd == NULL) { 4366 return (0); 4367 } 4368 } else { 4369 return (0); 4370 } 4371 4372 homedir_len = strlen(pwd->pw_dir); 4373 dst_dir_len = strlen(dst) - homedir_len; 4374 src_dir_len = strlen(src) - homedir_len; 4375 4376 /* Check that the paths are in the same zone */ 4377 if (src_dir_len < dst_dir_len || 4378 (strncmp(dst, src, dst_dir_len) != 0)) { 4379 if (trace > 1) 4380 trace_prt(1, " paths don't match\n"); 4381 return (0); 4382 } 4383 /* Check that mountpoint is an auto_home entry */ 4384 if (dst_dir_len < 0 || 4385 (strcmp(pwd->pw_dir, dst + dst_dir_len) != 0)) { 4386 return (0); 4387 } 4388 4389 /* Check that source is an home directory entry */ 4390 if (src_dir_len < 0 || 4391 (strcmp(pwd->pw_dir, src + src_dir_len) != 0)) { 4392 if (trace > 1) 4393 trace_prt(1, " homedir (2) doesn't match %s\n", 4394 src+src_dir_len); 4395 return (0); 4396 } 4397 4398 if (mkdir(src, 4399 S_IRUSR | S_IWUSR | S_IXUSR | S_IXGRP | S_IXOTH) == -1) { 4400 if (trace > 1) { 4401 trace_prt(1, " Couldn't mkdir %s\n", src); 4402 } 4403 return (0); 4404 } 4405 4406 if (chown(src, pwd->pw_uid, pwd->pw_gid) == -1) { 4407 unlink(src); 4408 return (0); 4409 } 4410 4411 /* Created new home directory for the user */ 4412 return (1); 4413 } 4414 4415 void 4416 free_nfs_args(struct nfs_args *argp) 4417 { 4418 struct nfs_args *oldp; 4419 while (argp) { 4420 if (argp->pathconf) 4421 free(argp->pathconf); 4422 if (argp->knconf) 4423 free_knconf(argp->knconf); 4424 if (argp->addr) 4425 netbuf_free(argp->addr); 4426 if (argp->syncaddr) 4427 netbuf_free(argp->syncaddr); 4428 if (argp->netname) 4429 free(argp->netname); 4430 if (argp->hostname) 4431 free(argp->hostname); 4432 if (argp->nfs_ext_u.nfs_extB.secdata) 4433 nfs_free_secdata(argp->nfs_ext_u.nfs_extB.secdata); 4434 if (argp->fh) 4435 free(argp->fh); 4436 if (argp->nfs_ext_u.nfs_extA.secdata) { 4437 sec_data_t *sd; 4438 sd = argp->nfs_ext_u.nfs_extA.secdata; 4439 if (sd == NULL) 4440 break; 4441 switch (sd->rpcflavor) { 4442 case AUTH_NONE: 4443 case AUTH_UNIX: 4444 case AUTH_LOOPBACK: 4445 break; 4446 case AUTH_DES: 4447 { 4448 dh_k4_clntdata_t *dhk4; 4449 dhk4 = (dh_k4_clntdata_t *)sd->data; 4450 if (dhk4 == NULL) 4451 break; 4452 if (dhk4->syncaddr.buf) 4453 free(dhk4->syncaddr.buf); 4454 if (dhk4->knconf->knc_protofmly) 4455 free(dhk4->knconf->knc_protofmly); 4456 if (dhk4->knconf->knc_proto) 4457 free(dhk4->knconf->knc_proto); 4458 if (dhk4->knconf) 4459 free(dhk4->knconf); 4460 if (dhk4->netname) 4461 free(dhk4->netname); 4462 free(dhk4); 4463 break; 4464 } 4465 case RPCSEC_GSS: 4466 { 4467 gss_clntdata_t *gss; 4468 gss = (gss_clntdata_t *)sd->data; 4469 if (gss == NULL) 4470 break; 4471 if (gss->mechanism.elements) 4472 free(gss->mechanism.elements); 4473 free(gss); 4474 break; 4475 } 4476 } 4477 } 4478 oldp = argp; 4479 if (argp->nfs_args_ext == NFS_ARGS_EXTB) 4480 argp = argp->nfs_ext_u.nfs_extB.next; 4481 else 4482 argp = NULL; 4483 free(oldp); 4484 } 4485 } 4486