xref: /illumos-gate/usr/src/cmd/ypcmd/ypserv_map.c (revision 35a5a3587fd94b666239c157d3722745250ccbd7)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License, Version 1.0 only
6  * (the "License").  You may not use this file except in compliance
7  * with the License.
8  *
9  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10  * or http://www.opensolaris.org/os/licensing.
11  * See the License for the specific language governing permissions
12  * and limitations under the License.
13  *
14  * When distributing Covered Code, include this CDDL HEADER in each
15  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16  * If applicable, add the following below this CDDL HEADER, with the
17  * fields enclosed by brackets "[]" replaced with your own identifying
18  * information: Portions Copyright [yyyy] [name of copyright owner]
19  *
20  * CDDL HEADER END
21  */
22 /*
23  * Copyright 2004 Sun Microsystems, Inc.  All rights reserved.
24  * Use is subject to license terms.
25  */
26 
27 /*	Copyright (c) 1983, 1984, 1985, 1986, 1987, 1988, 1989 AT&T	*/
28 /*	  All Rights Reserved  	*/
29 
30 /*
31  * Portions of this source code were derived from Berkeley 4.3 BSD
32  * under license from the Regents of the University of California.
33  */
34 
35 #pragma ident	"%Z%%M%	%I%	%E% SMI"
36 
37 #include <stdlib.h>
38 #include <dirent.h>
39 #include <string.h>
40 #include <malloc.h>
41 #include "ypsym.h"
42 #include "ypdefs.h"
43 
44 /* Use N2L version of DBM calls */
45 #include "shim_hooks.h"
46 
47 USE_YP_MASTER_NAME
48 USE_YP_LAST_MODIFIED
49 USE_YPDBPATH
50 USE_YP_SECURE
51 USE_DBM
52 
53 #include <ctype.h>
54 
55 static DBM *cur_fdb; /* will be passwd back up by ypset_current_map */
56 static enum { UNKNOWN, SECURE, PUBLIC } current_map_access = UNKNOWN;
57 static char map_owner[MAX_MASTER_NAME + 1];
58 
59 extern unsigned int ypcheck_domain();
60 int check_secure_net_ti(struct netbuf *caller, char *ypname);
61 
62 /*
63  * The retrieves the order number of a named map from the order number datum
64  * in the map data base.
65  */
66 bool
67 ypget_map_order(char *map, char *domain, uint_t *order)
68 {
69 	datum key;
70 	datum val;
71 	char toconvert[MAX_ASCII_ORDER_NUMBER_LENGTH + 1];
72 	uint_t error;
73 	DBM *fdb;
74 
75 	if ((fdb = ypset_current_map(map, domain, &error)) != NULL) {
76 		key.dptr = yp_last_modified;
77 		key.dsize = yp_last_modified_sz;
78 		val = dbm_fetch(fdb, key);
79 
80 		if (val.dptr != (char *)NULL) {
81 
82 			if (val.dsize > MAX_ASCII_ORDER_NUMBER_LENGTH) {
83 			return (FALSE);
84 			}
85 
86 			/*
87 			 * This is getting recopied here because val.dptr
88 			 * points to static memory owned by the dbm package,
89 			 * and we have no idea whether numeric characters
90 			 * follow the order number characters, nor whether
91 			 * the mess is null-terminated at all.
92 			 */
93 
94 			memcpy(toconvert, val.dptr, val.dsize);
95 			toconvert[val.dsize] = '\0';
96 			*order = (unsigned long) atol(toconvert);
97 			return (TRUE);
98 		} else {
99 			return (FALSE);
100 		}
101 
102 	} else {
103 		return (FALSE);
104 	}
105 }
106 
107 /*
108  * The retrieves the master server name of a named map from the master datum
109  * in the map data base.
110  */
111 bool
112 ypget_map_master(char **owner, DBM *fdb)
113 {
114 	datum key;
115 	datum val;
116 
117 	key.dptr = yp_master_name;
118 	key.dsize = yp_master_name_sz;
119 	val = dbm_fetch(fdb, key);
120 
121 	if (val.dptr != (char *)NULL) {
122 
123 		if (val.dsize > MAX_MASTER_NAME) {
124 			return (FALSE);
125 		}
126 
127 		/*
128 		 * This is getting recopied here because val.dptr
129 		 * points to static memory owned by the dbm package.
130 		 */
131 		memcpy(map_owner, val.dptr, val.dsize);
132 		map_owner[val.dsize] = '\0';
133 		*owner = map_owner;
134 		return (TRUE);
135 	} else {
136 		return (FALSE);
137 	}
138 }
139 
140 /*
141  * This makes a map into the current map, and calls dbminit on that map
142  * and returns the DBM pointer to the map. Procedures called by
143  * ypserv dispatch routine would use this pointer for successive
144  * ndbm operations.  Returns an YP_xxxx error code in error if FALSE.
145  */
146 DBM *
147 ypset_current_map(char *map, char *domain, uint_t *error)
148 {
149 	char mapname[MAXNAMLEN + 1];
150 	int lenm, lend;
151 
152 	/* Do not allow any path as a domain name or a map name.   */
153 	if (!map || ((lenm = (int)strlen(map)) == 0) || (lenm > YPMAXMAP) ||
154 	    !domain || ((lend = (int)strlen(domain)) == 0) ||
155 	    (lend > YPMAXDOMAIN) || (strchr(map, '/') != NULL) ||
156 	    (strchr(domain, '/') != NULL)) {
157 		*error = YP_BADARGS;
158 		return (FALSE);
159 	}
160 
161 	if (FALSE == ypmkfilename(domain, map, mapname))
162 		return (FALSE);
163 
164 	if ((cur_fdb) && (strcmp(mapname, get_map_name(cur_fdb)) == 0)) {
165 		return (cur_fdb);
166 	}
167 
168 	/* If there was a previous open map close it */
169 	if (NULL != cur_fdb)
170 		dbm_close(cur_fdb);
171 
172 	/* Set the map access as "unknown" as the new map has not been loaded */
173 	current_map_access = UNKNOWN;
174 
175 	/* All the map locking is now handled inside the dbm_open shim */
176 	if ((cur_fdb = dbm_open(mapname, O_RDWR, 0644)) != NULL) {
177 		return (cur_fdb);
178 	}
179 
180 	if (ypcheck_domain(domain)) {
181 
182 		if (ypcheck_map_existence(mapname)) {
183 			*error = YP_BADDB;
184 		} else {
185 			*error = YP_NOMAP;
186 		}
187 
188 	} else {
189 		*error = YP_NODOM;
190 	}
191 
192 	return (NULL);
193 }
194 
195 /*
196  * This checks to see if there is a current map, and, if there is, does a
197  * dbmclose on it and sets the current map name and its DBM ptr to null.
198  */
199 void
200 ypclr_current_map(void)
201 {
202 	if (cur_fdb != NULL) {
203 		(void) dbm_close(cur_fdb);
204 		cur_fdb = NULL;
205 	}
206 	current_map_access = UNKNOWN;
207 }
208 
209 /*
210  * Checks to see if caller has permission to query the current map (as
211  * set by ypset_current_map()).  Returns TRUE if access is granted and
212  * FALSE otherwise.  If FALSE then sets *error to YP_xxxxxxxx.
213  */
214 bool
215 yp_map_access(SVCXPRT *transp, uint_t *error, DBM *fdb)
216 {
217 	char *ypname = "ypserv";
218 	struct netbuf *nbuf;
219 	sa_family_t af;
220 	in_port_t port;
221 
222 	nbuf = svc_getrpccaller(transp);
223 	af = ((struct sockaddr_storage *)nbuf->buf)->ss_family;
224 	if (af != AF_INET && af != AF_INET6)
225 		return (FALSE);
226 
227 	if (!(check_secure_net_ti(nbuf, ypname))) {
228 		*error = YP_NOMAP;
229 		return (FALSE);
230 	}
231 
232 	/* XXX - I expect that this won't happen much */
233 	if (current_map_access == PUBLIC) {
234 		return (TRUE);
235 	}
236 
237 	if (af == AF_INET6) {
238 		port = ntohs(((struct sockaddr_in6 *)nbuf->buf)->sin6_port);
239 	} else {
240 		port = ntohs(((struct sockaddr_in *)nbuf->buf)->sin_port);
241 	}
242 	if (port < IPPORT_RESERVED) {
243 		return (TRUE);
244 	}
245 
246 	if (current_map_access == UNKNOWN) {
247 		datum key;
248 		datum val;
249 
250 		key.dptr = yp_secure;
251 		key.dsize = yp_secure_sz;
252 		val = dbm_fetch(fdb, key);
253 		if (val.dptr == (char *)NULL) {
254 			current_map_access = PUBLIC;
255 			return (TRUE);
256 		}
257 		current_map_access = SECURE;
258 	}
259 
260 	/* current_map_access == SECURE and non-priviledged caller */
261 	*error = YP_NOMAP;
262 	return (FALSE);
263 }
264