1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License, Version 1.0 only 6 * (the "License"). You may not use this file except in compliance 7 * with the License. 8 * 9 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10 * or http://www.opensolaris.org/os/licensing. 11 * See the License for the specific language governing permissions 12 * and limitations under the License. 13 * 14 * When distributing Covered Code, include this CDDL HEADER in each 15 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16 * If applicable, add the following below this CDDL HEADER, with the 17 * fields enclosed by brackets "[]" replaced with your own identifying 18 * information: Portions Copyright [yyyy] [name of copyright owner] 19 * 20 * CDDL HEADER END 21 */ 22 /* 23 * Copyright 2017 Joyent Inc 24 * Copyright 2000 Sun Microsystems, Inc. All rights reserved. 25 * Use is subject to license terms. 26 */ 27 28 /* Copyright (c) 1983, 1984, 1985, 1986, 1987, 1988, 1989 AT&T */ 29 /* All Rights Reserved */ 30 31 /* 32 * Portions of this source code were derived from Berkeley 4.3 BSD 33 * under license from the Regents of the University of California. 34 */ 35 36 /* 37 * YP update service 38 */ 39 #include <stdio.h> 40 #include <stdlib.h> 41 #include <sys/types.h> 42 #include <sys/file.h> 43 #include <sys/signal.h> 44 #include <sys/wait.h> 45 #include <rpc/rpc.h> 46 #include <rpc/nettype.h> 47 #include <rpcsvc/ypupd.h> 48 #include <rpcsvc/ypclnt.h> 49 #include <sys/debug.h> 50 #include <netdir.h> 51 #include <stropts.h> 52 #ifdef SYSLOG 53 #include <syslog.h> 54 #else 55 #define LOG_ERR 1 56 #define openlog(a, b, c) 57 #endif 58 59 #ifdef DEBUG 60 #define RPC_SVC_FG 61 #define debug(msg) fprintf(stderr, "%s\n", msg); 62 #else 63 #define debug(msg) /* turn off debugging */ 64 #endif 65 66 static char YPDIR[] = "/var/yp"; 67 static char UPDATEFILE[] = "/var/yp/updaters"; 68 #define _RPCSVC_CLOSEDOWN 120 69 70 static int addr2netname(); 71 static void closedown(); 72 static void ypupdate_prog(); 73 static void msgout(); 74 static int update(); 75 static int insecure; 76 static int _rpcpmstart; /* Started by a port monitor ? */ 77 static int _rpcsvcdirty; /* Still serving ? */ 78 79 extern unsigned int alarm(); 80 extern void exit(); 81 extern int close(); 82 extern long fork(); 83 extern int free(); 84 extern struct netconfig *getnetconfigent(); 85 extern int strcmp(); 86 extern int strcpy(); 87 extern int syslog(); 88 extern void *signal(); 89 extern int setsid(); 90 extern int t_getinfo(); 91 extern int user2netname(); 92 extern int _openchild(); 93 94 main(argc, argv) 95 int argc; 96 char *argv[]; 97 { 98 pid_t pid; 99 char *cmd; 100 char mname[FMNAMESZ + 1]; 101 102 if (geteuid() != 0) { 103 (void) fprintf(stderr, "must be root to run %s\n", argv[0]); 104 exit(1); 105 } 106 107 cmd = argv[0]; 108 switch (argc) { 109 case 0: 110 cmd = "ypupdated"; 111 break; 112 case 1: 113 break; 114 case 2: 115 if (strcmp(argv[1], "-i") == 0) { 116 insecure++; 117 break; 118 } 119 default: 120 fprintf(stderr, "%s: warning -- options ignored\n", cmd); 121 break; 122 } 123 124 if (chdir(YPDIR) < 0) { 125 fprintf(stderr, "%s: can't chdir to ", cmd); 126 perror(YPDIR); 127 exit(1); 128 } 129 130 if (!ioctl(0, I_LOOK, mname) && 131 (strcmp(mname, "sockmod") == 0 || 132 strcmp(mname, "timod") == 0)) { 133 /* 134 * Started from port monitor: use 0 as fd 135 */ 136 char *netid; 137 struct netconfig *nconf = NULL; 138 SVCXPRT *transp; 139 int pmclose; 140 extern char *getenv(); 141 142 _rpcpmstart = 1; 143 if ((netid = getenv("NLSPROVIDER")) == NULL) { 144 msgout("cannot get transport name"); 145 } 146 if ((nconf = getnetconfigent(netid)) == NULL) { 147 msgout("cannot get transport info"); 148 } 149 if (strcmp(mname, "sockmod") == 0) { 150 if (ioctl(0, I_POP, 0) || ioctl(0, I_PUSH, "timod")) { 151 msgout("could not get the right module"); 152 exit(1); 153 } 154 } 155 pmclose = (t_getstate(0) != T_DATAXFER); 156 if ((transp = svc_tli_create(0, nconf, NULL, 0, 0)) == NULL) { 157 msgout("cannot create update server handle"); 158 exit(1); 159 } 160 if (!svc_reg(transp, YPU_PROG, YPU_VERS, ypupdate_prog, 0)) { 161 msgout("unable to register (YPBINDPROG, YPBINDVERS)."); 162 exit(1); 163 } 164 if (nconf) 165 freenetconfigent(nconf); 166 167 if (pmclose) { 168 (void) signal(SIGALRM, closedown); 169 (void) alarm(_RPCSVC_CLOSEDOWN); 170 } 171 svc_run(); 172 exit(1); 173 } 174 #ifndef RPC_SVC_FG 175 /* 176 * Started from shell; background thyself and run 177 */ 178 pid = fork(); 179 180 if (pid < 0) { 181 perror("cannot fork"); 182 exit(1); 183 } 184 if (pid) 185 exit(0); 186 closefrom(0); 187 (void) setsid(); 188 openlog("ypupdated", LOG_PID, LOG_DAEMON); 189 #endif 190 if (!svc_create(ypupdate_prog, YPU_PROG, YPU_VERS, "netpath")) { 191 msgout("unable to create (YPU_PROG, YPU_VERS) for netpath."); 192 exit(1); 193 } 194 195 svc_run(); 196 msgout("svc_run returned"); 197 exit(1); 198 /* NOTREACHED */ 199 } 200 201 static void 202 ypupdate_prog(rqstp, transp) 203 struct svc_req *rqstp; 204 SVCXPRT *transp; 205 { 206 struct ypupdate_args args; 207 uint_t rslt; 208 uint_t op; 209 char *netname; 210 char namebuf[MAXNETNAMELEN+1]; 211 struct authunix_parms *aup; 212 213 switch (rqstp->rq_proc) { 214 case NULLPROC: 215 svc_sendreply(transp, xdr_void, NULL); 216 return; 217 case YPU_CHANGE: 218 op = YPOP_CHANGE; 219 break; 220 case YPU_DELETE: 221 op = YPOP_DELETE; 222 break; 223 case YPU_INSERT: 224 op = YPOP_INSERT; 225 break; 226 case YPU_STORE: 227 op = YPOP_STORE; 228 break; 229 default: 230 svcerr_noproc(transp); 231 return; 232 } 233 #ifdef DEBUG 234 fprintf(stderr, "ypupdated: request received\n"); 235 #endif 236 switch (rqstp->rq_cred.oa_flavor) { 237 case AUTH_DES: 238 CTASSERT(sizeof (struct authdes_cred) <= RQCRED_SIZE); 239 netname = ((struct authdes_cred *) 240 rqstp->rq_clntcred)->adc_fullname.name; 241 break; 242 case AUTH_UNIX: 243 if (insecure) { 244 CTASSERT(sizeof (struct authunix_parms) <= RQCRED_SIZE); 245 aup = (struct authunix_parms *)rqstp->rq_clntcred; 246 if (aup->aup_uid == 0) { 247 if (addr2netname(namebuf, transp) != 0) { 248 fprintf(stderr, 249 "addr2netname failing for %d\n", 250 aup->aup_uid); 251 svcerr_systemerr(transp); 252 return; 253 } 254 } else { 255 if (user2netname(namebuf, aup->aup_uid, NULL) 256 != 0) { 257 fprintf(stderr, 258 "user2netname failing for %d\n", 259 aup->aup_uid); 260 svcerr_systemerr(transp); 261 return; 262 } 263 } 264 netname = namebuf; 265 break; 266 } 267 default: 268 svcerr_weakauth(transp); 269 return; 270 } 271 memset(&args, 0, sizeof (args)); 272 if (!svc_getargs(transp, xdr_ypupdate_args, (char *)&args)) { 273 svcerr_decode(transp); 274 return; 275 } 276 #ifdef DEBUG 277 fprintf(stderr, "netname = %s\n, map=%s\n key=%s\n", 278 netname, args.mapname, args.key.yp_buf_val); 279 #endif 280 rslt = update(netname, args.mapname, op, 281 args.key.yp_buf_len, args.key.yp_buf_val, 282 args.datum.yp_buf_len, args.datum.yp_buf_val); 283 if (!svc_sendreply(transp, xdr_u_int, (char *)&rslt)) { 284 debug("svc_sendreply failed"); 285 } 286 if (!svc_freeargs(transp, xdr_ypupdate_args, (char *)&args)) { 287 debug("svc_freeargs failed"); 288 } 289 } 290 291 /* 292 * Determine if requester is allowed to update the given map, 293 * and update it if so. Returns the yp status, which is zero 294 * if there is no access violation. 295 */ 296 static 297 update(requester, mapname, op, keylen, key, datalen, data) 298 char *requester; 299 char *mapname; 300 uint_t op; 301 uint_t keylen; 302 char *key; 303 uint_t datalen; 304 char *data; 305 { 306 char updater[MAXMAPNAMELEN + 40]; 307 FILE *childargs; 308 FILE *childrslt; 309 int status; 310 int yperrno = 0; 311 int pid; 312 313 sprintf(updater, "/usr/ccs/bin/make -s -f %s %s", UPDATEFILE, mapname); 314 #ifdef DEBUG 315 fprintf(stderr, "updater: %s\n", updater); 316 fprintf(stderr, "requestor = %s, op = %d, key = %s\n", 317 requester, op, key); 318 fprintf(stderr, "data = %s\n", data); 319 #endif 320 pid = _openchild(updater, &childargs, &childrslt); 321 if (pid < 0) { 322 debug("openpipes failed"); 323 return (YPERR_YPERR); 324 } 325 326 /* 327 * Write to child 328 */ 329 fprintf(childargs, "%s\n", requester); 330 fprintf(childargs, "%u\n", op); 331 fprintf(childargs, "%u\n", keylen); 332 fwrite(key, keylen, 1, childargs); 333 fprintf(childargs, "\n"); 334 fprintf(childargs, "%u\n", datalen); 335 fwrite(data, datalen, 1, childargs); 336 fprintf(childargs, "\n"); 337 fclose(childargs); 338 339 /* 340 * Read from child 341 */ 342 fscanf(childrslt, "%d", &yperrno); 343 fclose(childrslt); 344 345 wait(&status); 346 if (!WIFEXITED(status)) { 347 return (YPERR_YPERR); 348 } 349 return (yperrno); 350 } 351 352 static void 353 msgout(msg) 354 char *msg; 355 { 356 if (_rpcpmstart) 357 syslog(LOG_ERR, msg); 358 else 359 (void) fprintf(stderr, "%s\n", msg); 360 } 361 362 void 363 closedown() 364 { 365 if (_rpcsvcdirty == 0) { 366 int i, openfd; 367 struct t_info tinfo; 368 369 if (t_getinfo(0, tinfo) || (tinfo.servtype == T_CLTS)) 370 exit(0); 371 372 for (i = 0, openfd = 0; i < svc_max_pollfd && openfd < 2; i++) 373 if (svc_pollfd[i].fd >= 0) 374 openfd++; 375 376 if (openfd <= 1) 377 exit(0); 378 } 379 (void) alarm(_RPCSVC_CLOSEDOWN); 380 } 381 382 static int 383 addr2netname(namebuf, transp) 384 char *namebuf; 385 SVCXPRT *transp; 386 { 387 struct nd_hostservlist *hostservs = NULL; 388 struct netconfig *nconf; 389 struct netbuf *who; 390 391 who = svc_getrpccaller(transp); 392 if ((who == NULL) || (who->len == 0)) 393 return (-1); 394 if ((nconf = getnetconfigent(transp->xp_netid)) 395 == (struct netconfig *)NULL) 396 return (-1); 397 if (netdir_getbyaddr(nconf, &hostservs, who) != 0) { 398 (void) freenetconfigent(nconf); 399 return (-1); 400 } 401 if (hostservs == NULL) { 402 msgout("ypupdated: netdir_getbyaddr failed\n"); 403 } else { 404 strcpy(namebuf, hostservs->h_hostservs->h_host); 405 } 406 (void) freenetconfigent(nconf); 407 netdir_free((char *)hostservs, ND_HOSTSERVLIST); 408 return (0); 409 } 410