1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright 2007 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25 26 #pragma ident "%Z%%M% %I% %E% SMI" 27 28 #include <stdio.h> 29 #include <unistd.h> 30 #include <stdlib.h> 31 #include <ctype.h> 32 #include <syslog.h> 33 #include <string.h> 34 #include <deflt.h> 35 #include <kstat.h> 36 #include <sys/param.h> 37 #include <sys/types.h> 38 #include <sys/time.h> 39 #include <sys/stat.h> 40 #include <sys/wait.h> 41 #include <sys/socket.h> 42 #include <netinet/in.h> 43 #include <signal.h> 44 #include <sys/signal.h> 45 #include <rpc/rpc.h> 46 #include <rpc/pmap_clnt.h> 47 #include <sys/mount.h> 48 #include <sys/mntent.h> 49 #include <sys/mnttab.h> 50 #include <sys/fstyp.h> 51 #include <sys/fsid.h> 52 #include <arpa/inet.h> 53 #include <netdb.h> 54 #include <netconfig.h> 55 #include <netdir.h> 56 #include <errno.h> 57 #define NFSCLIENT 58 #include <nfs/nfs.h> 59 #include <nfs/mount.h> 60 #include <rpcsvc/mount.h> 61 #include <rpc/nettype.h> 62 #include <locale.h> 63 #include <setjmp.h> 64 #include <sys/socket.h> 65 #include <thread.h> 66 #include <limits.h> 67 #include <nss_dbdefs.h> /* for NSS_BUFLEN_HOSTS */ 68 #include <nfs/nfs_sec.h> 69 #include <sys/sockio.h> 70 #include <net/if.h> 71 #include <assert.h> 72 #include <nfs/nfs_clnt.h> 73 #include <rpcsvc/nfs4_prot.h> 74 #define NO_RDDIR_CACHE 75 #include "automount.h" 76 #include "replica.h" 77 #include "nfs_subr.h" 78 #include "webnfs.h" 79 #include <sys/sockio.h> 80 #include <net/if.h> 81 #include <assert.h> 82 #include <rpcsvc/daemon_utils.h> 83 #include <pwd.h> 84 #include <strings.h> 85 #include <tsol/label.h> 86 #include <zone.h> 87 88 extern char *nfs_get_qop_name(); 89 extern AUTH *nfs_create_ah(); 90 extern enum snego_stat nfs_sec_nego(); 91 92 #define MAXHOSTS 512 93 94 /* number of transports to try */ 95 #define MNT_PREF_LISTLEN 2 96 #define FIRST_TRY 1 97 #define SECOND_TRY 2 98 99 #define MNTTYPE_CACHEFS "cachefs" 100 101 /* 102 * host cache states 103 */ 104 #define NOHOST 0 105 #define GOODHOST 1 106 #define DEADHOST 2 107 108 #define NFS_ARGS_EXTB_secdata(args, secdata) \ 109 { (args).nfs_args_ext = NFS_ARGS_EXTB, \ 110 (args).nfs_ext_u.nfs_extB.secdata = secdata; } 111 112 struct cache_entry { 113 struct cache_entry *cache_next; 114 char *cache_host; 115 time_t cache_time; 116 int cache_state; 117 rpcvers_t cache_reqvers; 118 rpcvers_t cache_outvers; 119 char *cache_proto; 120 }; 121 122 struct mfs_snego_t { 123 int sec_opt; 124 bool_t snego_done; 125 char *nfs_flavor; 126 seconfig_t nfs_sec; 127 }; 128 typedef struct mfs_snego_t mfs_snego_t; 129 130 static struct cache_entry *cache_head = NULL; 131 rwlock_t cache_lock; /* protect the cache chain */ 132 133 static enum nfsstat nfsmount(struct mapfs *, char *, char *, int, int, uid_t, 134 action_list *); 135 static int is_nfs_port(char *); 136 137 void netbuf_free(struct netbuf *); 138 struct knetconfig *get_knconf(struct netconfig *); 139 void free_knconf(struct knetconfig *); 140 static int get_pathconf(CLIENT *, char *, char *, struct pathcnf **, int); 141 static struct mapfs *enum_servers(struct mapent *, char *); 142 static struct mapfs *get_mysubnet_servers(struct mapfs *); 143 static int subnet_test(int af, struct sioc_addrreq *); 144 static struct netbuf *get_addr(char *, rpcprog_t, rpcvers_t, 145 struct netconfig **, char *, ushort_t, struct t_info *); 146 147 static struct netbuf *get_pubfh(char *, rpcvers_t, mfs_snego_t *, 148 struct netconfig **, char *, ushort_t, struct t_info *, caddr_t *, 149 bool_t, char *); 150 151 static int create_homedir(const char *, const char *); 152 153 enum type_of_stuff { 154 SERVER_ADDR = 0, 155 SERVER_PING = 1, 156 SERVER_FH = 2 157 }; 158 159 void *get_server_stuff(enum type_of_stuff, char *, rpcprog_t, 160 rpcvers_t, mfs_snego_t *, struct netconfig **, char *, ushort_t, 161 struct t_info *, caddr_t *, bool_t, char *, enum clnt_stat *); 162 163 void *get_the_stuff(enum type_of_stuff, char *, rpcprog_t, 164 rpcvers_t, mfs_snego_t *, struct netconfig *, ushort_t, struct t_info *, 165 caddr_t *, bool_t, char *, enum clnt_stat *); 166 167 struct mapfs *add_mfs(struct mapfs *, int, struct mapfs **, struct mapfs **); 168 void free_mfs(struct mapfs *); 169 static void dump_mfs(struct mapfs *, char *, int); 170 static char *dump_distance(struct mapfs *); 171 static void cache_free(struct cache_entry *); 172 static int cache_check(char *, rpcvers_t *, char *); 173 static void cache_enter(char *, rpcvers_t, rpcvers_t, char *, int); 174 void destroy_auth_client_handle(CLIENT *cl); 175 176 #ifdef CACHE_DEBUG 177 static void trace_host_cache(); 178 static void trace_portmap_cache(); 179 #endif /* CACHE_DEBUG */ 180 181 static int rpc_timeout = 20; 182 183 #ifdef CACHE_DEBUG 184 /* 185 * host cache counters. These variables do not need to be protected 186 * by mutex's. They have been added to measure the utility of the 187 * goodhost/deadhost cache in the lazy hierarchical mounting scheme. 188 */ 189 static int host_cache_accesses = 0; 190 static int host_cache_lookups = 0; 191 static int deadhost_cache_hits = 0; 192 static int goodhost_cache_hits = 0; 193 194 /* 195 * portmap cache counters. These variables do not need to be protected 196 * by mutex's. They have been added to measure the utility of the portmap 197 * cache in the lazy hierarchical mounting scheme. 198 */ 199 static int portmap_cache_accesses = 0; 200 static int portmap_cache_lookups = 0; 201 static int portmap_cache_hits = 0; 202 #endif /* CACHE_DEBUG */ 203 204 /* 205 * There are the defaults (range) for the client when determining 206 * which NFS version to use when probing the server (see above). 207 * These will only be used when the vers mount option is not used and 208 * these may be reset if /etc/default/nfs is configured to do so. 209 */ 210 static rpcvers_t vers_max_default = NFS_VERSMAX_DEFAULT; 211 static rpcvers_t vers_min_default = NFS_VERSMIN_DEFAULT; 212 213 /* 214 * list of support services needed 215 */ 216 static char *service_list[] = { STATD, LOCKD, NULL }; 217 static char *service_list_v4[] = { STATD, LOCKD, NFS4CBD, NFSMAPID, NULL }; 218 219 static void read_default_nfs(void); 220 static int is_v4_mount(char *); 221 static void start_nfs4cbd(void); 222 223 int 224 mount_nfs( 225 struct mapent *me, 226 char *mntpnt, 227 char *prevhost, 228 int overlay, 229 uid_t uid, 230 action_list **alpp) 231 { 232 struct mapfs *mfs, *mp; 233 int err = -1; 234 int cached; 235 action_list *alp; 236 237 238 alp = *alpp; 239 240 read_default_nfs(); 241 242 mfs = enum_servers(me, prevhost); 243 if (mfs == NULL) 244 return (ENOENT); 245 246 /* 247 * Try loopback if we have something on localhost; if nothing 248 * works, we will fall back to NFS 249 */ 250 if (is_nfs_port(me->map_mntopts)) { 251 for (mp = mfs; mp; mp = mp->mfs_next) { 252 if (self_check(mp->mfs_host)) { 253 err = loopbackmount(mp->mfs_dir, 254 mntpnt, me->map_mntopts, overlay); 255 if (err) { 256 mp->mfs_ignore = 1; 257 } else { 258 /* 259 * Free action_list if there 260 * is one as it is not needed. 261 * Make sure to set alpp to null 262 * so caller doesn't try to free it 263 * again. 264 */ 265 if (*alpp) { 266 free(*alpp); 267 *alpp = NULL; 268 } 269 break; 270 } 271 } 272 } 273 } 274 if (err) { 275 cached = strcmp(me->map_mounter, MNTTYPE_CACHEFS) == 0; 276 err = nfsmount(mfs, mntpnt, me->map_mntopts, 277 cached, overlay, uid, alp); 278 if (err && trace > 1) { 279 trace_prt(1, " Couldn't mount %s:%s, err=%d\n", 280 mfs->mfs_host, mfs->mfs_dir, err); 281 } 282 } 283 free_mfs(mfs); 284 return (err); 285 } 286 287 288 /* 289 * Using the new ioctl SIOCTONLINK to determine if a host is on the same 290 * subnet. Remove the old network, subnet check. 291 */ 292 293 static struct mapfs * 294 get_mysubnet_servers(struct mapfs *mfs_in) 295 { 296 int s; 297 struct mapfs *mfs, *p, *mfs_head = NULL, *mfs_tail = NULL; 298 299 struct netconfig *nconf; 300 NCONF_HANDLE *nc = NULL; 301 struct nd_hostserv hs; 302 struct nd_addrlist *retaddrs; 303 struct netbuf *nb; 304 struct sioc_addrreq areq; 305 int res; 306 int af; 307 int i; 308 int sa_size; 309 310 hs.h_serv = "rpcbind"; 311 312 for (mfs = mfs_in; mfs; mfs = mfs->mfs_next) { 313 nc = setnetconfig(); 314 315 while (nconf = getnetconfig(nc)) { 316 317 /* 318 * Care about INET family only. proto_done flag 319 * indicates if we have already covered this 320 * protocol family. If so skip it 321 */ 322 if (((strcmp(nconf->nc_protofmly, NC_INET6) == 0) || 323 (strcmp(nconf->nc_protofmly, NC_INET) == 0)) && 324 (nconf->nc_semantics == NC_TPI_CLTS)) { 325 } else 326 continue; 327 328 hs.h_host = mfs->mfs_host; 329 330 if (netdir_getbyname(nconf, &hs, &retaddrs) != ND_OK) 331 continue; 332 333 /* 334 * For each host address see if it's on our 335 * local subnet. 336 */ 337 338 if (strcmp(nconf->nc_protofmly, NC_INET6) == 0) 339 af = AF_INET6; 340 else 341 af = AF_INET; 342 nb = retaddrs->n_addrs; 343 for (i = 0; i < retaddrs->n_cnt; i++, nb++) { 344 memset(&areq.sa_addr, 0, sizeof (areq.sa_addr)); 345 memcpy(&areq.sa_addr, nb->buf, MIN(nb->len, 346 sizeof (areq.sa_addr))); 347 if (res = subnet_test(af, &areq)) { 348 p = add_mfs(mfs, DIST_MYNET, 349 &mfs_head, &mfs_tail); 350 if (!p) { 351 netdir_free(retaddrs, 352 ND_ADDRLIST); 353 endnetconfig(nc); 354 return (NULL); 355 } 356 break; 357 } 358 } /* end of every host */ 359 if (trace > 2) { 360 trace_prt(1, "get_mysubnet_servers: host=%s " 361 "netid=%s res=%s\n", mfs->mfs_host, 362 nconf->nc_netid, res == 1?"SUC":"FAIL"); 363 } 364 365 netdir_free(retaddrs, ND_ADDRLIST); 366 } /* end of while */ 367 368 endnetconfig(nc); 369 370 } /* end of every map */ 371 372 return (mfs_head); 373 374 } 375 376 int 377 subnet_test(int af, struct sioc_addrreq *areq) 378 { 379 int s; 380 381 if ((s = socket(af, SOCK_DGRAM, 0)) < 0) { 382 return (0); 383 } 384 385 areq->sa_res = -1; 386 387 if (ioctl(s, SIOCTONLINK, (caddr_t)areq) < 0) { 388 syslog(LOG_ERR, "subnet_test:SIOCTONLINK failed"); 389 return (0); 390 } 391 close(s); 392 if (areq->sa_res == 1) 393 return (1); 394 else 395 return (0); 396 397 398 } 399 400 /* 401 * ping a bunch of hosts at once and sort by who responds first 402 */ 403 static struct mapfs * 404 sort_servers(struct mapfs *mfs_in, int timeout) 405 { 406 struct mapfs *m1 = NULL; 407 enum clnt_stat clnt_stat; 408 409 if (!mfs_in) 410 return (NULL); 411 412 clnt_stat = nfs_cast(mfs_in, &m1, timeout); 413 414 if (!m1) { 415 char buff[2048] = {'\0'}; 416 417 for (m1 = mfs_in; m1; m1 = m1->mfs_next) { 418 (void) strcat(buff, m1->mfs_host); 419 if (m1->mfs_next) 420 (void) strcat(buff, ","); 421 } 422 423 syslog(LOG_ERR, "servers %s not responding: %s", 424 buff, clnt_sperrno(clnt_stat)); 425 } 426 427 return (m1); 428 } 429 430 /* 431 * Add a mapfs entry to the list described by *mfs_head and *mfs_tail, 432 * provided it is not marked "ignored" and isn't a dupe of ones we've 433 * already seen. 434 */ 435 struct mapfs * 436 add_mfs(struct mapfs *mfs, int distance, struct mapfs **mfs_head, 437 struct mapfs **mfs_tail) 438 { 439 struct mapfs *tmp, *new; 440 441 for (tmp = *mfs_head; tmp; tmp = tmp->mfs_next) 442 if ((strcmp(tmp->mfs_host, mfs->mfs_host) == 0 && 443 strcmp(tmp->mfs_dir, mfs->mfs_dir) == 0) || 444 mfs->mfs_ignore) 445 return (*mfs_head); 446 new = (struct mapfs *)malloc(sizeof (struct mapfs)); 447 if (!new) { 448 syslog(LOG_ERR, "Memory allocation failed: %m"); 449 return (NULL); 450 } 451 bcopy(mfs, new, sizeof (struct mapfs)); 452 new->mfs_next = NULL; 453 if (distance) 454 new->mfs_distance = distance; 455 if (!*mfs_head) 456 *mfs_tail = *mfs_head = new; 457 else { 458 (*mfs_tail)->mfs_next = new; 459 *mfs_tail = new; 460 } 461 return (*mfs_head); 462 } 463 464 static void 465 dump_mfs(struct mapfs *mfs, char *message, int level) 466 { 467 struct mapfs *m1; 468 469 if (trace <= level) 470 return; 471 472 trace_prt(1, "%s", message); 473 if (!mfs) { 474 trace_prt(0, "mfs is null\n"); 475 return; 476 } 477 for (m1 = mfs; m1; m1 = m1->mfs_next) 478 trace_prt(0, "%s[%s] ", m1->mfs_host, dump_distance(m1)); 479 trace_prt(0, "\n"); 480 } 481 482 static char * 483 dump_distance(struct mapfs *mfs) 484 { 485 switch (mfs->mfs_distance) { 486 case 0: return ("zero"); 487 case DIST_SELF: return ("self"); 488 case DIST_MYSUB: return ("mysub"); 489 case DIST_MYNET: return ("mynet"); 490 case DIST_OTHER: return ("other"); 491 default: return ("other"); 492 } 493 } 494 495 /* 496 * Walk linked list "raw", building a new list consisting of members 497 * NOT found in list "filter", returning the result. 498 */ 499 static struct mapfs * 500 filter_mfs(struct mapfs *raw, struct mapfs *filter) 501 { 502 struct mapfs *mfs, *p, *mfs_head = NULL, *mfs_tail = NULL; 503 int skip; 504 505 if (!raw) 506 return (NULL); 507 for (mfs = raw; mfs; mfs = mfs->mfs_next) { 508 for (skip = 0, p = filter; p; p = p->mfs_next) { 509 if (strcmp(p->mfs_host, mfs->mfs_host) == 0 && 510 strcmp(p->mfs_dir, mfs->mfs_dir) == 0) { 511 skip = 1; 512 break; 513 } 514 } 515 if (skip) 516 continue; 517 p = add_mfs(mfs, 0, &mfs_head, &mfs_tail); 518 if (!p) 519 return (NULL); 520 } 521 return (mfs_head); 522 } 523 524 /* 525 * Walk a linked list of mapfs structs, freeing each member. 526 */ 527 void 528 free_mfs(struct mapfs *mfs) 529 { 530 struct mapfs *tmp; 531 532 while (mfs) { 533 tmp = mfs->mfs_next; 534 free(mfs); 535 mfs = tmp; 536 } 537 } 538 539 /* 540 * New code for NFS client failover: we need to carry and sort 541 * lists of server possibilities rather than return a single 542 * entry. It preserves previous behaviour of sorting first by 543 * locality (loopback-or-preferred/subnet/net/other) and then 544 * by ping times. We'll short-circuit this process when we 545 * have ENOUGH or more entries. 546 */ 547 static struct mapfs * 548 enum_servers(struct mapent *me, char *preferred) 549 { 550 struct mapfs *p, *m1, *m2, *mfs_head = NULL, *mfs_tail = NULL; 551 552 /* 553 * Short-circuit for simple cases. 554 */ 555 if (!me->map_fs->mfs_next) { 556 p = add_mfs(me->map_fs, DIST_OTHER, &mfs_head, &mfs_tail); 557 if (!p) 558 return (NULL); 559 return (mfs_head); 560 } 561 562 dump_mfs(me->map_fs, " enum_servers: mapent: ", 2); 563 564 /* 565 * get addresses & see if any are myself 566 * or were mounted from previously in a 567 * hierarchical mount. 568 */ 569 if (trace > 2) 570 trace_prt(1, " enum_servers: looking for pref/self\n"); 571 for (m1 = me->map_fs; m1; m1 = m1->mfs_next) { 572 if (m1->mfs_ignore) 573 continue; 574 if (self_check(m1->mfs_host) || 575 strcmp(m1->mfs_host, preferred) == 0) { 576 p = add_mfs(m1, DIST_SELF, &mfs_head, &mfs_tail); 577 if (!p) 578 return (NULL); 579 } 580 } 581 if (trace > 2 && m1) 582 trace_prt(1, " enum_servers: pref/self found, %s\n", 583 m1->mfs_host); 584 585 /* 586 * look for entries on this subnet 587 */ 588 dump_mfs(m1, " enum_servers: input of get_mysubnet_servers: ", 2); 589 m1 = get_mysubnet_servers(me->map_fs); 590 dump_mfs(m1, " enum_servers: output of get_mysubnet_servers: ", 3); 591 if (m1 && m1->mfs_next) { 592 m2 = sort_servers(m1, rpc_timeout / 2); 593 dump_mfs(m2, " enum_servers: output of sort_servers: ", 3); 594 free_mfs(m1); 595 m1 = m2; 596 } 597 598 for (m2 = m1; m2; m2 = m2->mfs_next) { 599 p = add_mfs(m2, 0, &mfs_head, &mfs_tail); 600 if (!p) 601 return (NULL); 602 } 603 if (m1) 604 free_mfs(m1); 605 606 /* 607 * add the rest of the entries at the end 608 */ 609 m1 = filter_mfs(me->map_fs, mfs_head); 610 dump_mfs(m1, " enum_servers: etc: output of filter_mfs: ", 3); 611 m2 = sort_servers(m1, rpc_timeout / 2); 612 dump_mfs(m2, " enum_servers: etc: output of sort_servers: ", 3); 613 if (m1) 614 free_mfs(m1); 615 m1 = m2; 616 for (m2 = m1; m2; m2 = m2->mfs_next) { 617 p = add_mfs(m2, DIST_OTHER, &mfs_head, &mfs_tail); 618 if (!p) 619 return (NULL); 620 } 621 if (m1) 622 free_mfs(m1); 623 624 done: 625 dump_mfs(mfs_head, " enum_servers: output: ", 1); 626 return (mfs_head); 627 } 628 629 static enum nfsstat 630 nfsmount( 631 struct mapfs *mfs_in, 632 char *mntpnt, char *opts, 633 int cached, int overlay, 634 uid_t uid, 635 action_list *alp) 636 { 637 CLIENT *cl; 638 char remname[MAXPATHLEN], *mnttabtext = NULL; 639 char mopts[MAX_MNTOPT_STR]; 640 char netname[MAXNETNAMELEN+1]; 641 char *mntopts = NULL; 642 int mnttabcnt = 0; 643 int loglevel; 644 struct mnttab m; 645 struct nfs_args *argp = NULL, *head = NULL, *tail = NULL, 646 *prevhead, *prevtail; 647 int flags; 648 struct fhstatus fhs; 649 struct timeval timeout; 650 enum clnt_stat rpc_stat; 651 enum nfsstat status; 652 struct stat stbuf; 653 struct netconfig *nconf; 654 rpcvers_t vers, versmin; /* used to negotiate nfs version in pingnfs */ 655 /* and mount version with mountd */ 656 rpcvers_t outvers; /* final version to be used during mount() */ 657 rpcvers_t nfsvers; /* version in map options, 0 if not there */ 658 rpcvers_t mountversmax; /* tracks the max mountvers during retries */ 659 660 /* used to negotiate nfs version using webnfs */ 661 rpcvers_t pubvers, pubversmin, pubversmax; 662 int posix; 663 struct nd_addrlist *retaddrs; 664 struct mountres3 res3; 665 nfs_fh3 fh3; 666 char *fstype; 667 int count, i; 668 char scerror_msg[MAXMSGLEN]; 669 int *auths; 670 int delay; 671 int retries; 672 char *nfs_proto = NULL; 673 uint_t nfs_port = 0; 674 char *p, *host, *rhost, *dir; 675 struct mapfs *mfs = NULL; 676 int error, last_error = 0; 677 int replicated; 678 int entries = 0; 679 int v2cnt = 0, v3cnt = 0, v4cnt = 0; 680 int v2near = 0, v3near = 0, v4near = 0; 681 int skipentry = 0; 682 char *nfs_flavor; 683 seconfig_t nfs_sec; 684 int sec_opt, scerror; 685 struct sec_data *secdata; 686 int secflags; 687 struct netbuf *syncaddr; 688 bool_t use_pubfh; 689 ushort_t thisport; 690 int got_val; 691 mfs_snego_t mfssnego_init, mfssnego; 692 693 dump_mfs(mfs_in, " nfsmount: input: ", 2); 694 replicated = (mfs_in->mfs_next != NULL); 695 m.mnt_mntopts = opts; 696 if (replicated && hasmntopt(&m, MNTOPT_SOFT)) { 697 if (verbose) 698 syslog(LOG_WARNING, 699 "mount on %s is soft and will not be replicated.", mntpnt); 700 replicated = 0; 701 } 702 if (replicated && !hasmntopt(&m, MNTOPT_RO)) { 703 if (verbose) 704 syslog(LOG_WARNING, 705 "mount on %s is not read-only and will not be replicated.", 706 mntpnt); 707 replicated = 0; 708 } 709 if (replicated && cached) { 710 if (verbose) 711 syslog(LOG_WARNING, 712 "mount on %s is cached and will not be replicated.", 713 mntpnt); 714 replicated = 0; 715 } 716 if (replicated) 717 loglevel = LOG_WARNING; 718 else 719 loglevel = LOG_ERR; 720 721 if (trace > 1) { 722 if (replicated) 723 trace_prt(1, " nfsmount: replicated mount on %s %s:\n", 724 mntpnt, opts); 725 else 726 trace_prt(1, " nfsmount: standard mount on %s %s:\n", 727 mntpnt, opts); 728 for (mfs = mfs_in; mfs; mfs = mfs->mfs_next) 729 trace_prt(1, " %s:%s\n", 730 mfs->mfs_host, mfs->mfs_dir); 731 } 732 733 /* 734 * Make sure mountpoint is safe to mount on 735 */ 736 if (lstat(mntpnt, &stbuf) < 0) { 737 syslog(LOG_ERR, "Couldn't stat %s: %m", mntpnt); 738 return (NFSERR_NOENT); 739 } 740 741 /* 742 * Get protocol specified in options list, if any. 743 */ 744 if ((str_opt(&m, "proto", &nfs_proto)) == -1) { 745 return (NFSERR_NOENT); 746 } 747 748 /* 749 * Get port specified in options list, if any. 750 */ 751 got_val = nopt(&m, MNTOPT_PORT, (int *)&nfs_port); 752 if (!got_val) 753 nfs_port = 0; /* "unspecified" */ 754 if (nfs_port > USHRT_MAX) { 755 syslog(LOG_ERR, "%s: invalid port number %d", mntpnt, nfs_port); 756 return (NFSERR_NOENT); 757 } 758 759 /* 760 * Set mount(2) flags here, outside of the loop. 761 */ 762 flags = MS_OPTIONSTR; 763 flags |= (hasmntopt(&m, MNTOPT_RO) == NULL) ? 0 : MS_RDONLY; 764 flags |= (hasmntopt(&m, MNTOPT_NOSUID) == NULL) ? 0 : MS_NOSUID; 765 flags |= overlay ? MS_OVERLAY : 0; 766 if (mntpnt[strlen(mntpnt) - 1] != ' ') 767 /* direct mount point without offsets */ 768 flags |= MS_OVERLAY; 769 770 use_pubfh = (hasmntopt(&m, MNTOPT_PUBLIC) == NULL) ? FALSE : TRUE; 771 772 (void) memset(&mfssnego_init, 0, sizeof (mfs_snego_t)); 773 if (hasmntopt(&m, MNTOPT_SECURE) != NULL) { 774 if (++mfssnego_init.sec_opt > 1) { 775 syslog(loglevel, 776 "conflicting security options"); 777 return (NFSERR_IO); 778 } 779 if (nfs_getseconfig_byname("dh", &mfssnego_init.nfs_sec)) { 780 syslog(loglevel, 781 "error getting dh information from %s", 782 NFSSEC_CONF); 783 return (NFSERR_IO); 784 } 785 } 786 787 if (hasmntopt(&m, MNTOPT_SEC) != NULL) { 788 if ((str_opt(&m, MNTOPT_SEC, 789 &mfssnego_init.nfs_flavor)) == -1) { 790 syslog(LOG_ERR, "nfsmount: no memory"); 791 return (NFSERR_IO); 792 } 793 } 794 795 if (mfssnego_init.nfs_flavor) { 796 if (++mfssnego_init.sec_opt > 1) { 797 syslog(loglevel, 798 "conflicting security options"); 799 free(mfssnego_init.nfs_flavor); 800 return (NFSERR_IO); 801 } 802 if (nfs_getseconfig_byname(mfssnego_init.nfs_flavor, 803 &mfssnego_init.nfs_sec)) { 804 syslog(loglevel, 805 "error getting %s information from %s", 806 mfssnego_init.nfs_flavor, NFSSEC_CONF); 807 free(mfssnego_init.nfs_flavor); 808 return (NFSERR_IO); 809 } 810 free(mfssnego_init.nfs_flavor); 811 } 812 813 nextentry: 814 skipentry = 0; 815 816 got_val = nopt(&m, MNTOPT_VERS, (int *)&nfsvers); 817 if (!got_val) 818 nfsvers = 0; /* "unspecified" */ 819 if (set_versrange(nfsvers, &vers, &versmin) != 0) { 820 syslog(LOG_ERR, "Incorrect NFS version specified for %s", 821 mntpnt); 822 last_error = NFSERR_NOENT; 823 goto ret; 824 } 825 826 if (nfsvers != 0) { 827 pubversmax = pubversmin = nfsvers; 828 } else { 829 pubversmax = vers; 830 pubversmin = versmin; 831 } 832 833 /* 834 * Walk the whole list, pinging and collecting version 835 * info so that we can make sure the mount will be 836 * homogeneous with respect to version. 837 * 838 * If we have a version preference, this is easy; we'll 839 * just reject anything that doesn't match. 840 * 841 * If not, we want to try to provide the best compromise 842 * that considers proximity, preference for a higher version, 843 * sorted order, and number of replicas. We will count 844 * the number of V2 and V3 replicas and also the number 845 * which are "near", i.e. the localhost or on the same 846 * subnet. 847 */ 848 for (mfs = mfs_in; mfs; mfs = mfs->mfs_next) { 849 850 851 if (mfs->mfs_ignore) 852 continue; 853 854 /* 855 * If the host is '[a:d:d:r:e:s:s'], 856 * only use 'a:d:d:r:e:s:s' for communication 857 */ 858 host = strdup(mfs->mfs_host); 859 if (host == NULL) { 860 syslog(LOG_ERR, "nfsmount: no memory"); 861 last_error = NFSERR_IO; 862 goto out; 863 } 864 unbracket(&host); 865 866 (void) memcpy(&mfssnego, &mfssnego_init, sizeof (mfs_snego_t)); 867 868 if (use_pubfh == TRUE || mfs->mfs_flags & MFS_URL) { 869 char *path; 870 871 if (nfs_port != 0 && mfs->mfs_port != 0 && 872 nfs_port != mfs->mfs_port) { 873 874 syslog(LOG_ERR, "nfsmount: port (%u) in nfs URL" 875 " not the same as port (%d) in port " 876 "option\n", mfs->mfs_port, nfs_port); 877 last_error = NFSERR_IO; 878 goto out; 879 880 } else if (nfs_port != 0) 881 thisport = nfs_port; 882 else 883 thisport = mfs->mfs_port; 884 885 dir = mfs->mfs_dir; 886 887 if ((mfs->mfs_flags & MFS_URL) == 0) { 888 path = malloc(strlen(dir) + 2); 889 if (path == NULL) { 890 syslog(LOG_ERR, "nfsmount: no memory"); 891 last_error = NFSERR_IO; 892 goto out; 893 } 894 path[0] = (char)WNL_NATIVEPATH; 895 (void) strcpy(&path[1], dir); 896 } else { 897 path = dir; 898 } 899 900 argp = (struct nfs_args *) 901 malloc(sizeof (struct nfs_args)); 902 903 if (!argp) { 904 if (path != dir) 905 free(path); 906 syslog(LOG_ERR, "nfsmount: no memory"); 907 last_error = NFSERR_IO; 908 goto out; 909 } 910 (void) memset(argp, 0, sizeof (*argp)); 911 912 /* 913 * RDMA support 914 * By now Mount argument struct has been allocated, 915 * either a pub_fh path will be taken or the regular 916 * one. So here if a protocol was specified and it 917 * was not rdma we let it be, else we set DO_RDMA. 918 * If no proto was there we advise on trying RDMA. 919 */ 920 if (nfs_proto) { 921 if (strcmp(nfs_proto, "rdma") == 0) { 922 free(nfs_proto); 923 nfs_proto = NULL; 924 argp->flags |= NFSMNT_DORDMA; 925 } 926 } else 927 argp->flags |= NFSMNT_TRYRDMA; 928 929 for (pubvers = pubversmax; pubvers >= pubversmin; 930 pubvers--) { 931 932 nconf = NULL; 933 argp->addr = get_pubfh(host, pubvers, &mfssnego, 934 &nconf, nfs_proto, thisport, NULL, 935 &argp->fh, TRUE, path); 936 937 if (argp->addr != NULL) 938 break; 939 940 if (nconf != NULL) 941 freenetconfigent(nconf); 942 } 943 944 if (path != dir) 945 free(path); 946 947 if (argp->addr != NULL) { 948 949 /* 950 * The use of llock option for NFSv4 951 * mounts is not required since file 952 * locking is included within the protocol 953 */ 954 if (pubvers != NFS_V4) 955 argp->flags |= NFSMNT_LLOCK; 956 957 argp->flags |= NFSMNT_PUBLIC; 958 959 vers = pubvers; 960 mfs->mfs_args = argp; 961 mfs->mfs_version = pubvers; 962 mfs->mfs_nconf = nconf; 963 mfs->mfs_flags |= MFS_FH_VIA_WEBNFS; 964 965 } else { 966 free(argp); 967 968 /* 969 * If -public was specified, give up 970 * on this entry now. 971 */ 972 if (use_pubfh == TRUE) { 973 syslog(loglevel, 974 "%s: no public file handle support", 975 host); 976 last_error = NFSERR_NOENT; 977 mfs->mfs_ignore = 1; 978 continue; 979 } 980 981 /* 982 * Back off to a conventional mount. 983 * 984 * URL's can contain escape characters. Get 985 * rid of them. 986 */ 987 path = malloc(strlen(dir) + 2); 988 989 if (path == NULL) { 990 syslog(LOG_ERR, "nfsmount: no memory"); 991 last_error = NFSERR_IO; 992 goto out; 993 } 994 995 strcpy(path, dir); 996 URLparse(path); 997 mfs->mfs_dir = path; 998 mfs->mfs_flags |= MFS_ALLOC_DIR; 999 mfs->mfs_flags &= ~MFS_URL; 1000 } 1001 } 1002 1003 if ((mfs->mfs_flags & MFS_FH_VIA_WEBNFS) == 0) { 1004 i = pingnfs(host, get_retry(opts) + 1, &vers, versmin, 1005 0, FALSE, NULL, nfs_proto); 1006 if (i != RPC_SUCCESS) { 1007 if (i == RPC_PROGVERSMISMATCH) { 1008 syslog(loglevel, "server %s: NFS " 1009 "protocol version mismatch", 1010 host); 1011 } else { 1012 syslog(loglevel, "server %s not " 1013 "responding", host); 1014 } 1015 mfs->mfs_ignore = 1; 1016 last_error = NFSERR_NOENT; 1017 continue; 1018 } 1019 if (nfsvers != 0 && nfsvers != vers) { 1020 if (nfs_proto == NULL) 1021 syslog(loglevel, 1022 "NFS version %d " 1023 "not supported by %s", 1024 nfsvers, host); 1025 else 1026 syslog(loglevel, 1027 "NFS version %d " 1028 "with proto %s " 1029 "not supported by %s", 1030 nfsvers, nfs_proto, host); 1031 mfs->mfs_ignore = 1; 1032 last_error = NFSERR_NOENT; 1033 continue; 1034 } 1035 } 1036 1037 free(host); 1038 1039 switch (vers) { 1040 case NFS_V4: v4cnt++; break; 1041 case NFS_V3: v3cnt++; break; 1042 case NFS_VERSION: v2cnt++; break; 1043 default: break; 1044 } 1045 1046 /* 1047 * It's not clear how useful this stuff is if 1048 * we are using webnfs across the internet, but it 1049 * can't hurt. 1050 */ 1051 if (mfs->mfs_distance && 1052 mfs->mfs_distance <= DIST_MYSUB) { 1053 switch (vers) { 1054 case NFS_V4: v4near++; break; 1055 case NFS_V3: v3near++; break; 1056 case NFS_VERSION: v2near++; break; 1057 default: break; 1058 } 1059 } 1060 1061 /* 1062 * If the mount is not replicated, we don't want to 1063 * ping every entry, so we'll stop here. This means 1064 * that we may have to go back to "nextentry" above 1065 * to consider another entry if we can't get 1066 * all the way to mount(2) with this one. 1067 */ 1068 if (!replicated) 1069 break; 1070 1071 } 1072 1073 if (nfsvers == 0) { 1074 /* 1075 * Choose the NFS version. 1076 * We prefer higher versions, but will choose a one- 1077 * version downgrade in service if we can use a local 1078 * network interface and avoid a router. 1079 */ 1080 if (v4cnt && v4cnt >= v3cnt && (v4near || !v3near)) 1081 nfsvers = NFS_V4; 1082 else if (v3cnt && v3cnt >= v2cnt && (v3near || !v2near)) 1083 nfsvers = NFS_V3; 1084 else 1085 nfsvers = NFS_VERSION; 1086 if (trace > 2) 1087 trace_prt(1, 1088 " nfsmount: v4=%d[%d]v3=%d[%d],v2=%d[%d] => v%d.\n", 1089 v4cnt, v4near, v3cnt, v3near, 1090 v2cnt, v2near, nfsvers); 1091 } 1092 1093 /* 1094 * Since we don't support different NFS versions in replicated 1095 * mounts, set fstype now. 1096 * Also take the opportunity to set 1097 * the mount protocol version as appropriate. 1098 */ 1099 switch (nfsvers) { 1100 case NFS_V4: 1101 fstype = MNTTYPE_NFS4; 1102 break; 1103 case NFS_V3: 1104 fstype = MNTTYPE_NFS3; 1105 if (use_pubfh == FALSE) { 1106 mountversmax = MOUNTVERS3; 1107 versmin = MOUNTVERS3; 1108 } 1109 break; 1110 case NFS_VERSION: 1111 fstype = MNTTYPE_NFS; 1112 if (use_pubfh == FALSE) { 1113 mountversmax = MOUNTVERS_POSIX; 1114 versmin = MOUNTVERS; 1115 } 1116 break; 1117 } 1118 1119 /* 1120 * Our goal here is to evaluate each of several possible 1121 * replicas and try to come up with a list we can hand 1122 * to mount(2). If we don't have a valid "head" at the 1123 * end of this process, it means we have rejected all 1124 * potential server:/path tuples. We will fail quietly 1125 * in front of mount(2), and will have printed errors 1126 * where we found them. 1127 * XXX - do option work outside loop w careful design 1128 * XXX - use macro for error condition free handling 1129 */ 1130 for (mfs = mfs_in; mfs; mfs = mfs->mfs_next) { 1131 1132 /* 1133 * Initialize retry and delay values on a per-server basis. 1134 */ 1135 retries = get_retry(opts); 1136 delay = INITDELAY; 1137 retry: 1138 if (mfs->mfs_ignore) 1139 continue; 1140 1141 /* 1142 * If we don't have a fh yet, and if this is not a replicated 1143 * mount, we haven't done a pingnfs() on the next entry, 1144 * so we don't know if the next entry is up or if it 1145 * supports an NFS version we like. So if we had a problem 1146 * with an entry, we need to go back and run through some new 1147 * code. 1148 */ 1149 if ((mfs->mfs_flags & MFS_FH_VIA_WEBNFS) == 0 && 1150 !replicated && skipentry) 1151 goto nextentry; 1152 1153 vers = mountversmax; 1154 host = mfs->mfs_host; 1155 dir = mfs->mfs_dir; 1156 1157 /* 1158 * Remember the possible '[a:d:d:r:e:s:s]' as the address to be 1159 * later passed to mount(2) and used in the mnttab line, but 1160 * only use 'a:d:d:r:e:s:s' for communication 1161 */ 1162 rhost = strdup(host); 1163 if (rhost == NULL) { 1164 syslog(LOG_ERR, "nfsmount: no memory"); 1165 last_error = NFSERR_IO; 1166 goto out; 1167 } 1168 unbracket(&host); 1169 1170 (void) sprintf(remname, "%s:%s", rhost, dir); 1171 if (trace > 4 && replicated) 1172 trace_prt(1, " nfsmount: examining %s\n", remname); 1173 1174 /* 1175 * If it's cached we need to get cachefs to mount it. 1176 */ 1177 if (cached) { 1178 char *copts = opts; 1179 1180 /* 1181 * If we started with a URL we need to turn on 1182 * -o public if not on already 1183 */ 1184 if (use_pubfh == FALSE && 1185 (mfs->mfs_flags & MFS_FH_VIA_WEBNFS)) { 1186 1187 copts = malloc(strlen(opts) + 1188 strlen(",public")+1); 1189 1190 if (copts == NULL) { 1191 syslog(LOG_ERR, "nfsmount: no memory"); 1192 last_error = NFSERR_IO; 1193 goto out; 1194 } 1195 1196 strcpy(copts, opts); 1197 1198 if (strlen(copts) != 0) 1199 strcat(copts, ","); 1200 1201 strcat(copts, "public"); 1202 } 1203 1204 last_error = mount_generic(remname, MNTTYPE_CACHEFS, 1205 copts, mntpnt, overlay); 1206 1207 if (copts != opts) 1208 free(copts); 1209 1210 if (last_error) { 1211 skipentry = 1; 1212 mfs->mfs_ignore = 1; 1213 continue; 1214 } 1215 goto out; 1216 } 1217 1218 if (mfs->mfs_args == NULL) { 1219 1220 /* 1221 * Allocate nfs_args structure 1222 */ 1223 argp = (struct nfs_args *) 1224 malloc(sizeof (struct nfs_args)); 1225 1226 if (!argp) { 1227 syslog(LOG_ERR, "nfsmount: no memory"); 1228 last_error = NFSERR_IO; 1229 goto out; 1230 } 1231 1232 (void) memset(argp, 0, sizeof (*argp)); 1233 1234 /* 1235 * RDMA support 1236 * By now Mount argument struct has been allocated, 1237 * either a pub_fh path will be taken or the regular 1238 * one. So here if a protocol was specified and it 1239 * was not rdma we let it be, else we set DO_RDMA. 1240 * If no proto was there we advise on trying RDMA. 1241 */ 1242 if (nfs_proto) { 1243 if (strcmp(nfs_proto, "rdma") == 0) { 1244 free(nfs_proto); 1245 nfs_proto = NULL; 1246 argp->flags |= NFSMNT_DORDMA; 1247 } 1248 } else 1249 argp->flags |= NFSMNT_TRYRDMA; 1250 } else { 1251 argp = mfs->mfs_args; 1252 mfs->mfs_args = NULL; 1253 1254 /* 1255 * Skip entry if we already have file handle but the 1256 * NFS version is wrong. 1257 */ 1258 if ((mfs->mfs_flags & MFS_FH_VIA_WEBNFS) && 1259 mfs->mfs_version != nfsvers) { 1260 1261 free(argp); 1262 skipentry = 1; 1263 mfs->mfs_ignore = 1; 1264 continue; 1265 } 1266 } 1267 1268 prevhead = head; 1269 prevtail = tail; 1270 if (!head) 1271 head = tail = argp; 1272 else 1273 tail = tail->nfs_ext_u.nfs_extB.next = argp; 1274 1275 /* 1276 * WebNFS and NFSv4 behave similarly in that they 1277 * don't use the mount protocol. Therefore, avoid 1278 * mount protocol like things when version 4 is being 1279 * used. 1280 */ 1281 if ((mfs->mfs_flags & MFS_FH_VIA_WEBNFS) == 0 && 1282 nfsvers != NFS_V4) { 1283 timeout.tv_usec = 0; 1284 timeout.tv_sec = rpc_timeout; 1285 rpc_stat = RPC_TIMEDOUT; 1286 1287 /* Create the client handle. */ 1288 1289 if (trace > 1) { 1290 trace_prt(1, 1291 " nfsmount: Get mount version: request " 1292 "vers=%d min=%d\n", vers, versmin); 1293 } 1294 1295 while ((cl = clnt_create_vers(host, MOUNTPROG, &outvers, 1296 versmin, vers, "udp")) == NULL) { 1297 if (trace > 4) { 1298 trace_prt(1, 1299 " nfsmount: Can't get mount " 1300 "version: rpcerr=%d\n", 1301 rpc_createerr.cf_stat); 1302 } 1303 if (rpc_createerr.cf_stat == RPC_UNKNOWNHOST || 1304 rpc_createerr.cf_stat == RPC_TIMEDOUT) 1305 break; 1306 1307 /* 1308 * backoff and return lower version to retry the ping. 1309 * XXX we should be more careful and handle 1310 * RPC_PROGVERSMISMATCH here, because that error 1311 * is handled in clnt_create_vers(). It's not done to 1312 * stay in sync with the nfs mount command. 1313 */ 1314 vers--; 1315 if (vers < versmin) 1316 break; 1317 if (trace > 4) { 1318 trace_prt(1, 1319 " nfsmount: Try version=%d\n", 1320 vers); 1321 } 1322 } 1323 1324 if (cl == NULL) { 1325 free(argp); 1326 head = prevhead; 1327 tail = prevtail; 1328 if (tail) 1329 tail->nfs_ext_u.nfs_extB.next = NULL; 1330 last_error = NFSERR_NOENT; 1331 1332 if (rpc_createerr.cf_stat != RPC_UNKNOWNHOST && 1333 rpc_createerr.cf_stat != 1334 RPC_PROGVERSMISMATCH && 1335 retries-- > 0) { 1336 DELAY(delay); 1337 goto retry; 1338 } 1339 1340 syslog(loglevel, "%s %s", host, 1341 clnt_spcreateerror( 1342 "server not responding")); 1343 skipentry = 1; 1344 mfs->mfs_ignore = 1; 1345 continue; 1346 } 1347 if (trace > 1) { 1348 trace_prt(1, 1349 " nfsmount: mount version=%d\n", outvers); 1350 } 1351 #ifdef MALLOC_DEBUG 1352 add_alloc("CLNT_HANDLE", cl, 0, __FILE__, __LINE__); 1353 add_alloc("AUTH_HANDLE", cl->cl_auth, 0, 1354 __FILE__, __LINE__); 1355 #endif 1356 1357 if (__clnt_bindresvport(cl) < 0) { 1358 free(argp); 1359 head = prevhead; 1360 tail = prevtail; 1361 if (tail) 1362 tail->nfs_ext_u.nfs_extB.next = NULL; 1363 last_error = NFSERR_NOENT; 1364 1365 if (retries-- > 0) { 1366 destroy_auth_client_handle(cl); 1367 DELAY(delay); 1368 goto retry; 1369 } 1370 1371 syslog(loglevel, "mount %s: %s", host, 1372 "Couldn't bind to reserved port"); 1373 destroy_auth_client_handle(cl); 1374 skipentry = 1; 1375 mfs->mfs_ignore = 1; 1376 continue; 1377 } 1378 1379 #ifdef MALLOC_DEBUG 1380 drop_alloc("AUTH_HANDLE", cl->cl_auth, 1381 __FILE__, __LINE__); 1382 #endif 1383 AUTH_DESTROY(cl->cl_auth); 1384 if ((cl->cl_auth = authsys_create_default()) == NULL) { 1385 free(argp); 1386 head = prevhead; 1387 tail = prevtail; 1388 if (tail) 1389 tail->nfs_ext_u.nfs_extB.next = NULL; 1390 last_error = NFSERR_NOENT; 1391 1392 if (retries-- > 0) { 1393 destroy_auth_client_handle(cl); 1394 DELAY(delay); 1395 goto retry; 1396 } 1397 1398 syslog(loglevel, "mount %s: %s", host, 1399 "Failed creating default auth handle"); 1400 destroy_auth_client_handle(cl); 1401 skipentry = 1; 1402 mfs->mfs_ignore = 1; 1403 continue; 1404 } 1405 #ifdef MALLOC_DEBUG 1406 add_alloc("AUTH_HANDLE", cl->cl_auth, 0, 1407 __FILE__, __LINE__); 1408 #endif 1409 } else 1410 cl = NULL; 1411 1412 /* 1413 * set security options 1414 */ 1415 sec_opt = 0; 1416 (void) memset(&nfs_sec, 0, sizeof (nfs_sec)); 1417 if (hasmntopt(&m, MNTOPT_SECURE) != NULL) { 1418 if (++sec_opt > 1) { 1419 syslog(loglevel, 1420 "conflicting security options for %s", 1421 remname); 1422 free(argp); 1423 head = prevhead; 1424 tail = prevtail; 1425 if (tail) 1426 tail->nfs_ext_u.nfs_extB.next = NULL; 1427 last_error = NFSERR_IO; 1428 destroy_auth_client_handle(cl); 1429 skipentry = 1; 1430 mfs->mfs_ignore = 1; 1431 continue; 1432 } 1433 if (nfs_getseconfig_byname("dh", &nfs_sec)) { 1434 syslog(loglevel, 1435 "error getting dh information from %s", 1436 NFSSEC_CONF); 1437 free(argp); 1438 head = prevhead; 1439 tail = prevtail; 1440 if (tail) 1441 tail->nfs_ext_u.nfs_extB.next = NULL; 1442 last_error = NFSERR_IO; 1443 destroy_auth_client_handle(cl); 1444 skipentry = 1; 1445 mfs->mfs_ignore = 1; 1446 continue; 1447 } 1448 } 1449 1450 nfs_flavor = NULL; 1451 if (hasmntopt(&m, MNTOPT_SEC) != NULL) { 1452 if ((str_opt(&m, MNTOPT_SEC, &nfs_flavor)) == -1) { 1453 syslog(LOG_ERR, "nfsmount: no memory"); 1454 last_error = NFSERR_IO; 1455 destroy_auth_client_handle(cl); 1456 goto out; 1457 } 1458 } 1459 1460 if (nfs_flavor) { 1461 if (++sec_opt > 1) { 1462 syslog(loglevel, 1463 "conflicting security options for %s", 1464 remname); 1465 free(nfs_flavor); 1466 free(argp); 1467 head = prevhead; 1468 tail = prevtail; 1469 if (tail) 1470 tail->nfs_ext_u.nfs_extB.next = NULL; 1471 last_error = NFSERR_IO; 1472 destroy_auth_client_handle(cl); 1473 skipentry = 1; 1474 mfs->mfs_ignore = 1; 1475 continue; 1476 } 1477 if (nfs_getseconfig_byname(nfs_flavor, &nfs_sec)) { 1478 syslog(loglevel, 1479 "error getting %s information from %s", 1480 nfs_flavor, NFSSEC_CONF); 1481 free(nfs_flavor); 1482 free(argp); 1483 head = prevhead; 1484 tail = prevtail; 1485 if (tail) 1486 tail->nfs_ext_u.nfs_extB.next = NULL; 1487 last_error = NFSERR_IO; 1488 destroy_auth_client_handle(cl); 1489 skipentry = 1; 1490 mfs->mfs_ignore = 1; 1491 continue; 1492 } 1493 free(nfs_flavor); 1494 } 1495 1496 posix = (nfsvers != NFS_V4 && 1497 hasmntopt(&m, MNTOPT_POSIX) != NULL) ? 1 : 0; 1498 1499 if ((mfs->mfs_flags & MFS_FH_VIA_WEBNFS) == 0 && 1500 nfsvers != NFS_V4) { 1501 bool_t give_up_on_mnt; 1502 bool_t got_mnt_error; 1503 /* 1504 * If we started with a URL, if first byte of path is not "/", 1505 * then the mount will likely fail, so we should try again 1506 * with a prepended "/". 1507 */ 1508 if (mfs->mfs_flags & MFS_ALLOC_DIR && *dir != '/') 1509 give_up_on_mnt = FALSE; 1510 else 1511 give_up_on_mnt = TRUE; 1512 1513 got_mnt_error = FALSE; 1514 1515 try_mnt_slash: 1516 if (got_mnt_error == TRUE) { 1517 int i, l; 1518 1519 give_up_on_mnt = TRUE; 1520 l = strlen(dir); 1521 1522 /* 1523 * Insert a "/" to front of mfs_dir. 1524 */ 1525 for (i = l; i > 0; i--) 1526 dir[i] = dir[i-1]; 1527 1528 dir[0] = '/'; 1529 } 1530 1531 /* Get fhandle of remote path from server's mountd */ 1532 1533 switch (outvers) { 1534 case MOUNTVERS: 1535 if (posix) { 1536 free(argp); 1537 head = prevhead; 1538 tail = prevtail; 1539 if (tail) 1540 tail->nfs_ext_u.nfs_extB.next = 1541 NULL; 1542 last_error = NFSERR_NOENT; 1543 syslog(loglevel, 1544 "can't get posix info for %s", 1545 host); 1546 destroy_auth_client_handle(cl); 1547 skipentry = 1; 1548 mfs->mfs_ignore = 1; 1549 continue; 1550 } 1551 /* FALLTHRU */ 1552 case MOUNTVERS_POSIX: 1553 if (nfsvers == NFS_V3) { 1554 free(argp); 1555 head = prevhead; 1556 tail = prevtail; 1557 if (tail) 1558 tail->nfs_ext_u.nfs_extB.next = 1559 NULL; 1560 last_error = NFSERR_NOENT; 1561 syslog(loglevel, 1562 "%s doesn't support NFS Version 3", 1563 host); 1564 destroy_auth_client_handle(cl); 1565 skipentry = 1; 1566 mfs->mfs_ignore = 1; 1567 continue; 1568 } 1569 rpc_stat = clnt_call(cl, MOUNTPROC_MNT, 1570 xdr_dirpath, (caddr_t)&dir, 1571 xdr_fhstatus, (caddr_t)&fhs, timeout); 1572 if (rpc_stat != RPC_SUCCESS) { 1573 1574 if (give_up_on_mnt == FALSE) { 1575 got_mnt_error = TRUE; 1576 goto try_mnt_slash; 1577 } 1578 1579 /* 1580 * Given the way "clnt_sperror" works, the "%s" 1581 * immediately following the "not responding" 1582 * is correct. 1583 */ 1584 free(argp); 1585 head = prevhead; 1586 tail = prevtail; 1587 if (tail) 1588 tail->nfs_ext_u.nfs_extB.next = 1589 NULL; 1590 last_error = NFSERR_NOENT; 1591 1592 if (retries-- > 0) { 1593 destroy_auth_client_handle(cl); 1594 DELAY(delay); 1595 goto retry; 1596 } 1597 1598 if (trace > 3) { 1599 trace_prt(1, 1600 " nfsmount: mount RPC " 1601 "failed for %s\n", 1602 host); 1603 } 1604 syslog(loglevel, 1605 "%s server not responding%s", 1606 host, clnt_sperror(cl, "")); 1607 destroy_auth_client_handle(cl); 1608 skipentry = 1; 1609 mfs->mfs_ignore = 1; 1610 continue; 1611 } 1612 if ((errno = fhs.fhs_status) != MNT_OK) { 1613 1614 if (give_up_on_mnt == FALSE) { 1615 got_mnt_error = TRUE; 1616 goto try_mnt_slash; 1617 } 1618 1619 free(argp); 1620 head = prevhead; 1621 tail = prevtail; 1622 if (tail) 1623 tail->nfs_ext_u.nfs_extB.next = 1624 NULL; 1625 if (errno == EACCES) { 1626 status = NFSERR_ACCES; 1627 } else { 1628 syslog(loglevel, "%s: %m", 1629 host); 1630 status = NFSERR_IO; 1631 } 1632 if (trace > 3) { 1633 trace_prt(1, 1634 " nfsmount: mount RPC gave" 1635 " %d for %s:%s\n", 1636 errno, host, dir); 1637 } 1638 last_error = status; 1639 destroy_auth_client_handle(cl); 1640 skipentry = 1; 1641 mfs->mfs_ignore = 1; 1642 continue; 1643 } 1644 argp->fh = malloc((sizeof (fhandle))); 1645 if (!argp->fh) { 1646 syslog(LOG_ERR, "nfsmount: no memory"); 1647 last_error = NFSERR_IO; 1648 destroy_auth_client_handle(cl); 1649 goto out; 1650 } 1651 (void) memcpy(argp->fh, 1652 &fhs.fhstatus_u.fhs_fhandle, 1653 sizeof (fhandle)); 1654 break; 1655 case MOUNTVERS3: 1656 posix = 0; 1657 (void) memset((char *)&res3, '\0', 1658 sizeof (res3)); 1659 rpc_stat = clnt_call(cl, MOUNTPROC_MNT, 1660 xdr_dirpath, (caddr_t)&dir, 1661 xdr_mountres3, (caddr_t)&res3, timeout); 1662 if (rpc_stat != RPC_SUCCESS) { 1663 1664 if (give_up_on_mnt == FALSE) { 1665 got_mnt_error = TRUE; 1666 goto try_mnt_slash; 1667 } 1668 1669 /* 1670 * Given the way "clnt_sperror" works, the "%s" 1671 * immediately following the "not responding" 1672 * is correct. 1673 */ 1674 free(argp); 1675 head = prevhead; 1676 tail = prevtail; 1677 if (tail) 1678 tail->nfs_ext_u.nfs_extB.next = 1679 NULL; 1680 last_error = NFSERR_NOENT; 1681 1682 if (retries-- > 0) { 1683 destroy_auth_client_handle(cl); 1684 DELAY(delay); 1685 goto retry; 1686 } 1687 1688 if (trace > 3) { 1689 trace_prt(1, 1690 " nfsmount: mount RPC " 1691 "failed for %s\n", 1692 host); 1693 } 1694 syslog(loglevel, 1695 "%s server not responding%s", 1696 remname, clnt_sperror(cl, "")); 1697 destroy_auth_client_handle(cl); 1698 skipentry = 1; 1699 mfs->mfs_ignore = 1; 1700 continue; 1701 } 1702 if ((errno = res3.fhs_status) != MNT_OK) { 1703 1704 if (give_up_on_mnt == FALSE) { 1705 got_mnt_error = TRUE; 1706 goto try_mnt_slash; 1707 } 1708 1709 free(argp); 1710 head = prevhead; 1711 tail = prevtail; 1712 if (tail) 1713 tail->nfs_ext_u.nfs_extB.next = 1714 NULL; 1715 if (errno == EACCES) { 1716 status = NFSERR_ACCES; 1717 } else { 1718 syslog(loglevel, "%s: %m", 1719 remname); 1720 status = NFSERR_IO; 1721 } 1722 if (trace > 3) { 1723 trace_prt(1, 1724 " nfsmount: mount RPC gave" 1725 " %d for %s:%s\n", 1726 errno, host, dir); 1727 } 1728 last_error = status; 1729 destroy_auth_client_handle(cl); 1730 skipentry = 1; 1731 mfs->mfs_ignore = 1; 1732 continue; 1733 } 1734 1735 /* 1736 * Negotiate the security flavor for nfs_mount 1737 */ 1738 auths = res3.mountres3_u.mountinfo. 1739 auth_flavors.auth_flavors_val; 1740 count = res3.mountres3_u.mountinfo. 1741 auth_flavors.auth_flavors_len; 1742 1743 if (sec_opt) { 1744 for (i = 0; i < count; i++) 1745 if (auths[i] == 1746 nfs_sec.sc_nfsnum) { 1747 break; 1748 } 1749 if (i >= count) { 1750 syslog(LOG_ERR, 1751 "%s: does not support " 1752 "security \"%s\"\n", 1753 remname, nfs_sec.sc_name); 1754 clnt_freeres(cl, xdr_mountres3, 1755 (caddr_t)&res3); 1756 free(argp); 1757 head = prevhead; 1758 tail = prevtail; 1759 if (tail) 1760 tail->nfs_ext_u. 1761 nfs_extB.next = 1762 NULL; 1763 last_error = NFSERR_IO; 1764 destroy_auth_client_handle(cl); 1765 skipentry = 1; 1766 mfs->mfs_ignore = 1; 1767 continue; 1768 } 1769 } else if (count > 0) { 1770 for (i = 0; i < count; i++) { 1771 if (!(scerror = 1772 nfs_getseconfig_bynumber( 1773 auths[i], &nfs_sec))) { 1774 sec_opt++; 1775 break; 1776 } 1777 } 1778 if (i >= count) { 1779 if (nfs_syslog_scerr(scerror, 1780 scerror_msg) 1781 != -1) { 1782 syslog(LOG_ERR, 1783 "%s cannot be " 1784 "mounted because it" 1785 " is shared with " 1786 "security flavor %d" 1787 " which %s", 1788 remname, 1789 auths[i-1], 1790 scerror_msg); 1791 } 1792 clnt_freeres(cl, xdr_mountres3, 1793 (caddr_t)&res3); 1794 free(argp); 1795 head = prevhead; 1796 tail = prevtail; 1797 if (tail) 1798 tail->nfs_ext_u. 1799 nfs_extB.next = 1800 NULL; 1801 last_error = NFSERR_IO; 1802 destroy_auth_client_handle(cl); 1803 skipentry = 1; 1804 mfs->mfs_ignore = 1; 1805 continue; 1806 } 1807 } 1808 1809 fh3.fh3_length = 1810 res3.mountres3_u.mountinfo.fhandle. 1811 fhandle3_len; 1812 (void) memcpy(fh3.fh3_u.data, 1813 res3.mountres3_u.mountinfo.fhandle. 1814 fhandle3_val, 1815 fh3.fh3_length); 1816 clnt_freeres(cl, xdr_mountres3, 1817 (caddr_t)&res3); 1818 argp->fh = malloc(sizeof (nfs_fh3)); 1819 if (!argp->fh) { 1820 syslog(LOG_ERR, "nfsmount: no memory"); 1821 last_error = NFSERR_IO; 1822 destroy_auth_client_handle(cl); 1823 goto out; 1824 } 1825 (void) memcpy(argp->fh, &fh3, sizeof (nfs_fh3)); 1826 break; 1827 default: 1828 free(argp); 1829 head = prevhead; 1830 tail = prevtail; 1831 if (tail) 1832 tail->nfs_ext_u.nfs_extB.next = NULL; 1833 last_error = NFSERR_NOENT; 1834 syslog(loglevel, 1835 "unknown MOUNT version %ld on %s", 1836 vers, remname); 1837 destroy_auth_client_handle(cl); 1838 skipentry = 1; 1839 mfs->mfs_ignore = 1; 1840 continue; 1841 } /* switch */ 1842 } 1843 if (nfsvers == NFS_V4) { 1844 argp->fh = strdup(dir); 1845 if (argp->fh == NULL) { 1846 syslog(LOG_ERR, "nfsmount: no memory"); 1847 last_error = NFSERR_IO; 1848 goto out; 1849 } 1850 } 1851 1852 if (trace > 4) 1853 trace_prt(1, " nfsmount: have %s filehandle for %s\n", 1854 fstype, remname); 1855 1856 argp->flags |= NFSMNT_NEWARGS; 1857 argp->flags |= NFSMNT_INT; /* default is "intr" */ 1858 argp->flags |= NFSMNT_HOSTNAME; 1859 argp->hostname = strdup(host); 1860 if (argp->hostname == NULL) { 1861 syslog(LOG_ERR, "nfsmount: no memory"); 1862 last_error = NFSERR_IO; 1863 goto out; 1864 } 1865 1866 /* 1867 * In this case, we want NFSv4 to behave like 1868 * non-WebNFS so that we get the server address. 1869 */ 1870 if ((mfs->mfs_flags & MFS_FH_VIA_WEBNFS) == 0) { 1871 nconf = NULL; 1872 1873 if (nfs_port != 0) 1874 thisport = nfs_port; 1875 else 1876 thisport = mfs->mfs_port; 1877 1878 /* 1879 * For NFSv4, we want to avoid rpcbind, so call 1880 * get_server_stuff() directly to tell it that 1881 * we want to go "direct_to_server". Otherwise, 1882 * do what has always been done. 1883 */ 1884 if (nfsvers == NFS_V4) { 1885 enum clnt_stat cstat; 1886 argp->addr = get_server_stuff(SERVER_ADDR, 1887 host, NFS_PROGRAM, nfsvers, NULL, 1888 &nconf, nfs_proto, thisport, NULL, 1889 NULL, TRUE, NULL, &cstat); 1890 } else { 1891 argp->addr = get_addr(host, NFS_PROGRAM, 1892 nfsvers, &nconf, nfs_proto, 1893 thisport, NULL); 1894 } 1895 1896 if (argp->addr == NULL) { 1897 if (argp->hostname) 1898 free(argp->hostname); 1899 free(argp->fh); 1900 free(argp); 1901 head = prevhead; 1902 tail = prevtail; 1903 if (tail) 1904 tail->nfs_ext_u.nfs_extB.next = NULL; 1905 last_error = NFSERR_NOENT; 1906 1907 if (retries-- > 0) { 1908 destroy_auth_client_handle(cl); 1909 DELAY(delay); 1910 goto retry; 1911 } 1912 1913 syslog(loglevel, "%s: no NFS service", host); 1914 destroy_auth_client_handle(cl); 1915 skipentry = 1; 1916 mfs->mfs_ignore = 1; 1917 continue; 1918 } 1919 if (trace > 4) 1920 trace_prt(1, 1921 "\tnfsmount: have net address for %s\n", 1922 remname); 1923 1924 } else { 1925 nconf = mfs->mfs_nconf; 1926 mfs->mfs_nconf = NULL; 1927 } 1928 1929 argp->flags |= NFSMNT_KNCONF; 1930 argp->knconf = get_knconf(nconf); 1931 if (argp->knconf == NULL) { 1932 netbuf_free(argp->addr); 1933 freenetconfigent(nconf); 1934 if (argp->hostname) 1935 free(argp->hostname); 1936 free(argp->fh); 1937 free(argp); 1938 head = prevhead; 1939 tail = prevtail; 1940 if (tail) 1941 tail->nfs_ext_u.nfs_extB.next = NULL; 1942 last_error = NFSERR_NOSPC; 1943 destroy_auth_client_handle(cl); 1944 skipentry = 1; 1945 mfs->mfs_ignore = 1; 1946 continue; 1947 } 1948 if (trace > 4) 1949 trace_prt(1, 1950 "\tnfsmount: have net config for %s\n", 1951 remname); 1952 1953 if (hasmntopt(&m, MNTOPT_SOFT) != NULL) { 1954 argp->flags |= NFSMNT_SOFT; 1955 } 1956 if (hasmntopt(&m, MNTOPT_NOINTR) != NULL) { 1957 argp->flags &= ~(NFSMNT_INT); 1958 } 1959 if (hasmntopt(&m, MNTOPT_NOAC) != NULL) { 1960 argp->flags |= NFSMNT_NOAC; 1961 } 1962 if (hasmntopt(&m, MNTOPT_NOCTO) != NULL) { 1963 argp->flags |= NFSMNT_NOCTO; 1964 } 1965 if (hasmntopt(&m, MNTOPT_FORCEDIRECTIO) != NULL) { 1966 argp->flags |= NFSMNT_DIRECTIO; 1967 } 1968 if (hasmntopt(&m, MNTOPT_NOFORCEDIRECTIO) != NULL) { 1969 argp->flags &= ~(NFSMNT_DIRECTIO); 1970 } 1971 1972 /* 1973 * Set up security data for argp->nfs_ext_u.nfs_extB.secdata. 1974 */ 1975 if (mfssnego.snego_done) { 1976 memcpy(&nfs_sec, &mfssnego.nfs_sec, 1977 sizeof (seconfig_t)); 1978 } else if (!sec_opt) { 1979 /* 1980 * Get default security mode. 1981 */ 1982 if (nfs_getseconfig_default(&nfs_sec)) { 1983 syslog(loglevel, 1984 "error getting default security entry\n"); 1985 free_knconf(argp->knconf); 1986 netbuf_free(argp->addr); 1987 freenetconfigent(nconf); 1988 if (argp->hostname) 1989 free(argp->hostname); 1990 free(argp->fh); 1991 free(argp); 1992 head = prevhead; 1993 tail = prevtail; 1994 if (tail) 1995 tail->nfs_ext_u.nfs_extB.next = NULL; 1996 last_error = NFSERR_NOSPC; 1997 destroy_auth_client_handle(cl); 1998 skipentry = 1; 1999 mfs->mfs_ignore = 1; 2000 continue; 2001 } 2002 argp->flags |= NFSMNT_SECDEFAULT; 2003 } 2004 2005 /* 2006 * For AUTH_DH 2007 * get the network address for the time service on 2008 * the server. If an RPC based time service is 2009 * not available then try the IP time service. 2010 * 2011 * Eventurally, we want to move this code to nfs_clnt_secdata() 2012 * when autod_nfs.c and mount.c can share the same 2013 * get_the_addr/get_the_stuff routine. 2014 */ 2015 secflags = 0; 2016 syncaddr = NULL; 2017 retaddrs = NULL; 2018 2019 if (nfs_sec.sc_rpcnum == AUTH_DH || nfsvers == NFS_V4) { 2020 /* 2021 * If not using the public fh and not NFS_V4, we can try 2022 * talking RPCBIND. Otherwise, assume that firewalls 2023 * prevent us from doing that. 2024 */ 2025 if ((mfs->mfs_flags & MFS_FH_VIA_WEBNFS) == 0 && 2026 nfsvers != NFS_V4) { 2027 syncaddr = get_the_stuff(SERVER_ADDR, host, RPCBPROG, 2028 RPCBVERS, NULL, nconf, 0, NULL, NULL, FALSE, 2029 NULL, NULL); 2030 } 2031 2032 if (syncaddr != NULL) { 2033 /* for flags in sec_data */ 2034 secflags |= AUTH_F_RPCTIMESYNC; 2035 } else { 2036 struct nd_hostserv hs; 2037 int error; 2038 2039 hs.h_host = host; 2040 hs.h_serv = "timserver"; 2041 error = netdir_getbyname(nconf, &hs, &retaddrs); 2042 2043 if (error != ND_OK && 2044 nfs_sec.sc_rpcnum == AUTH_DH) { 2045 syslog(loglevel, 2046 "%s: secure: no time service\n", 2047 host); 2048 free_knconf(argp->knconf); 2049 netbuf_free(argp->addr); 2050 freenetconfigent(nconf); 2051 if (argp->hostname) 2052 free(argp->hostname); 2053 free(argp->fh); 2054 free(argp); 2055 head = prevhead; 2056 tail = prevtail; 2057 if (tail) 2058 tail->nfs_ext_u.nfs_extB.next = 2059 NULL; 2060 last_error = NFSERR_IO; 2061 destroy_auth_client_handle(cl); 2062 skipentry = 1; 2063 mfs->mfs_ignore = 1; 2064 continue; 2065 } 2066 2067 if (error == ND_OK) 2068 syncaddr = retaddrs->n_addrs; 2069 2070 /* 2071 * For potential usage by NFS V4 when AUTH_DH 2072 * is negotiated via SECINFO in the kernel. 2073 */ 2074 if (nfsvers == NFS_V4 && syncaddr && 2075 host2netname(netname, host, NULL)) { 2076 argp->syncaddr = 2077 malloc(sizeof (struct netbuf)); 2078 argp->syncaddr->buf = 2079 malloc(syncaddr->len); 2080 (void) memcpy(argp->syncaddr->buf, 2081 syncaddr->buf, syncaddr->len); 2082 argp->syncaddr->len = syncaddr->len; 2083 argp->syncaddr->maxlen = 2084 syncaddr->maxlen; 2085 argp->netname = strdup(netname); 2086 argp->flags |= NFSMNT_SECURE; 2087 } 2088 } /* syncaddr */ 2089 } /* AUTH_DH */ 2090 2091 /* 2092 * TSOL notes: automountd in tsol extension 2093 * has "read down" capability, i.e. we allow 2094 * a user to trigger an nfs mount into a lower 2095 * labeled zone. We achieve this by always having 2096 * root issue the mount request so that the 2097 * lookup ops can go past /zone/<zone_name> 2098 * on the server side. 2099 */ 2100 if (is_system_labeled()) 2101 nfs_sec.sc_uid = (uid_t)0; 2102 else 2103 nfs_sec.sc_uid = uid; 2104 /* 2105 * If AUTH_DH is a chosen flavor now, its data will be stored 2106 * in the sec_data structure via nfs_clnt_secdata(). 2107 */ 2108 if (!(secdata = nfs_clnt_secdata(&nfs_sec, host, argp->knconf, 2109 syncaddr, secflags))) { 2110 syslog(LOG_ERR, 2111 "errors constructing security related data\n"); 2112 if (secflags & AUTH_F_RPCTIMESYNC) 2113 netbuf_free(syncaddr); 2114 else if (retaddrs) 2115 netdir_free(retaddrs, ND_ADDRLIST); 2116 if (argp->syncaddr) 2117 netbuf_free(argp->syncaddr); 2118 if (argp->netname) 2119 free(argp->netname); 2120 if (argp->hostname) 2121 free(argp->hostname); 2122 free_knconf(argp->knconf); 2123 netbuf_free(argp->addr); 2124 freenetconfigent(nconf); 2125 free(argp->fh); 2126 free(argp); 2127 head = prevhead; 2128 tail = prevtail; 2129 if (tail) 2130 tail->nfs_ext_u.nfs_extB.next = NULL; 2131 last_error = NFSERR_IO; 2132 destroy_auth_client_handle(cl); 2133 skipentry = 1; 2134 mfs->mfs_ignore = 1; 2135 continue; 2136 } 2137 NFS_ARGS_EXTB_secdata(*argp, secdata); 2138 /* end of security stuff */ 2139 2140 if (trace > 4) 2141 trace_prt(1, 2142 " nfsmount: have secure info for %s\n", remname); 2143 2144 if (hasmntopt(&m, MNTOPT_GRPID) != NULL) { 2145 argp->flags |= NFSMNT_GRPID; 2146 } 2147 if (nopt(&m, MNTOPT_RSIZE, &argp->rsize)) { 2148 argp->flags |= NFSMNT_RSIZE; 2149 } 2150 if (nopt(&m, MNTOPT_WSIZE, &argp->wsize)) { 2151 argp->flags |= NFSMNT_WSIZE; 2152 } 2153 if (nopt(&m, MNTOPT_TIMEO, &argp->timeo)) { 2154 argp->flags |= NFSMNT_TIMEO; 2155 } 2156 if (nopt(&m, MNTOPT_RETRANS, &argp->retrans)) { 2157 argp->flags |= NFSMNT_RETRANS; 2158 } 2159 if (nopt(&m, MNTOPT_ACTIMEO, &argp->acregmax)) { 2160 argp->flags |= NFSMNT_ACREGMAX; 2161 argp->flags |= NFSMNT_ACDIRMAX; 2162 argp->flags |= NFSMNT_ACDIRMIN; 2163 argp->flags |= NFSMNT_ACREGMIN; 2164 argp->acdirmin = argp->acregmin = argp->acdirmax 2165 = argp->acregmax; 2166 } else { 2167 if (nopt(&m, MNTOPT_ACREGMIN, &argp->acregmin)) { 2168 argp->flags |= NFSMNT_ACREGMIN; 2169 } 2170 if (nopt(&m, MNTOPT_ACREGMAX, &argp->acregmax)) { 2171 argp->flags |= NFSMNT_ACREGMAX; 2172 } 2173 if (nopt(&m, MNTOPT_ACDIRMIN, &argp->acdirmin)) { 2174 argp->flags |= NFSMNT_ACDIRMIN; 2175 } 2176 if (nopt(&m, MNTOPT_ACDIRMAX, &argp->acdirmax)) { 2177 argp->flags |= NFSMNT_ACDIRMAX; 2178 } 2179 } 2180 2181 if (posix) { 2182 argp->pathconf = NULL; 2183 if (error = get_pathconf(cl, dir, remname, 2184 &argp->pathconf, retries)) { 2185 if (secflags & AUTH_F_RPCTIMESYNC) 2186 netbuf_free(syncaddr); 2187 else if (retaddrs) 2188 netdir_free(retaddrs, ND_ADDRLIST); 2189 free_knconf(argp->knconf); 2190 netbuf_free(argp->addr); 2191 freenetconfigent(nconf); 2192 nfs_free_secdata( 2193 argp->nfs_ext_u.nfs_extB.secdata); 2194 if (argp->syncaddr) 2195 netbuf_free(argp->syncaddr); 2196 if (argp->netname) 2197 free(argp->netname); 2198 if (argp->hostname) 2199 free(argp->hostname); 2200 free(argp->fh); 2201 free(argp); 2202 head = prevhead; 2203 tail = prevtail; 2204 if (tail) 2205 tail->nfs_ext_u.nfs_extB.next = NULL; 2206 last_error = NFSERR_IO; 2207 2208 if (error == RET_RETRY && retries-- > 0) { 2209 destroy_auth_client_handle(cl); 2210 DELAY(delay); 2211 goto retry; 2212 } 2213 2214 destroy_auth_client_handle(cl); 2215 skipentry = 1; 2216 mfs->mfs_ignore = 1; 2217 continue; 2218 } 2219 argp->flags |= NFSMNT_POSIX; 2220 if (trace > 4) 2221 trace_prt(1, 2222 " nfsmount: have pathconf for %s\n", 2223 remname); 2224 } 2225 2226 /* 2227 * free loop-specific data structures 2228 */ 2229 destroy_auth_client_handle(cl); 2230 freenetconfigent(nconf); 2231 if (secflags & AUTH_F_RPCTIMESYNC) 2232 netbuf_free(syncaddr); 2233 else if (retaddrs) 2234 netdir_free(retaddrs, ND_ADDRLIST); 2235 2236 /* 2237 * Decide whether to use remote host's lockd or local locking. 2238 * If we are using the public fh, we've already turned 2239 * LLOCK on. 2240 */ 2241 if (hasmntopt(&m, MNTOPT_LLOCK)) 2242 argp->flags |= NFSMNT_LLOCK; 2243 if (!(argp->flags & NFSMNT_LLOCK) && nfsvers == NFS_VERSION && 2244 remote_lock(host, argp->fh)) { 2245 syslog(loglevel, "No network locking on %s : " 2246 "contact admin to install server change", host); 2247 argp->flags |= NFSMNT_LLOCK; 2248 } 2249 2250 /* 2251 * Build a string for /etc/mnttab. 2252 * If possible, coalesce strings with same 'dir' info. 2253 */ 2254 if ((mfs->mfs_flags & MFS_URL) == 0) { 2255 char *tmp; 2256 2257 if (mnttabcnt) { 2258 p = strrchr(mnttabtext, (int)':'); 2259 if (!p || strcmp(p+1, dir) != 0) { 2260 mnttabcnt += strlen(remname) + 2; 2261 } else { 2262 *p = '\0'; 2263 mnttabcnt += strlen(rhost) + 2; 2264 } 2265 if ((tmp = realloc(mnttabtext, 2266 mnttabcnt)) != NULL) { 2267 mnttabtext = tmp; 2268 strcat(mnttabtext, ","); 2269 } else { 2270 free(mnttabtext); 2271 mnttabtext = NULL; 2272 } 2273 } else { 2274 mnttabcnt = strlen(remname) + 1; 2275 if ((mnttabtext = malloc(mnttabcnt)) != NULL) 2276 mnttabtext[0] = '\0'; 2277 } 2278 2279 if (mnttabtext != NULL) 2280 strcat(mnttabtext, remname); 2281 2282 } else { 2283 char *tmp; 2284 int more_cnt = 0; 2285 char sport[16]; 2286 2287 more_cnt += strlen("nfs://"); 2288 more_cnt += strlen(mfs->mfs_host); 2289 2290 if (mfs->mfs_port != 0) { 2291 (void) sprintf(sport, ":%u", mfs->mfs_port); 2292 } else 2293 sport[0] = '\0'; 2294 2295 more_cnt += strlen(sport); 2296 more_cnt += 1; /* "/" */ 2297 more_cnt += strlen(mfs->mfs_dir); 2298 2299 if (mnttabcnt) { 2300 more_cnt += 1; /* "," */ 2301 mnttabcnt += more_cnt; 2302 2303 if ((tmp = realloc(mnttabtext, 2304 mnttabcnt)) != NULL) { 2305 mnttabtext = tmp; 2306 strcat(mnttabtext, ","); 2307 } else { 2308 free(mnttabtext); 2309 mnttabtext = NULL; 2310 } 2311 } else { 2312 mnttabcnt = more_cnt + 1; 2313 if ((mnttabtext = malloc(mnttabcnt)) != NULL) 2314 mnttabtext[0] = '\0'; 2315 } 2316 2317 if (mnttabtext != NULL) { 2318 strcat(mnttabtext, "nfs://"); 2319 strcat(mnttabtext, mfs->mfs_host); 2320 strcat(mnttabtext, sport); 2321 strcat(mnttabtext, "/"); 2322 strcat(mnttabtext, mfs->mfs_dir); 2323 } 2324 } 2325 2326 if (!mnttabtext) { 2327 syslog(LOG_ERR, "nfsmount: no memory"); 2328 last_error = NFSERR_IO; 2329 goto out; 2330 } 2331 2332 /* 2333 * At least one entry, can call mount(2). 2334 */ 2335 entries++; 2336 2337 /* 2338 * If replication was defeated, don't do more work 2339 */ 2340 if (!replicated) 2341 break; 2342 } 2343 2344 2345 /* 2346 * Did we get through all possibilities without success? 2347 */ 2348 if (!entries) 2349 goto out; 2350 2351 /* Make "xattr" the default if "noxattr" is not specified. */ 2352 strcpy(mopts, opts); 2353 if (!hasmntopt(&m, MNTOPT_NOXATTR) && !hasmntopt(&m, MNTOPT_XATTR)) { 2354 if (strlen(mopts) > 0) 2355 strcat(mopts, ","); 2356 strcat(mopts, "xattr"); 2357 } 2358 2359 /* 2360 * enable services as needed. 2361 */ 2362 { 2363 char **sl; 2364 2365 if (strcmp(fstype, MNTTYPE_NFS4) == 0) 2366 sl = service_list_v4; 2367 else 2368 sl = service_list; 2369 2370 (void) _check_services(sl); 2371 } 2372 2373 /* 2374 * Whew; do the mount, at last. 2375 */ 2376 if (trace > 1) { 2377 trace_prt(1, " mount %s %s (%s)\n", mnttabtext, mntpnt, mopts); 2378 } 2379 2380 /* 2381 * If no action list pointer then do the mount, otherwise 2382 * build the actions list pointer with the mount information. 2383 * so the mount can be done in the kernel. 2384 */ 2385 if (alp == NULL) { 2386 if (mount(mnttabtext, mntpnt, flags | MS_DATA, fstype, 2387 head, sizeof (*head), mopts, MAX_MNTOPT_STR) < 0) { 2388 if (trace > 1) 2389 trace_prt(1, " Mount of %s on %s: %d\n", 2390 mnttabtext, mntpnt, errno); 2391 if (errno != EBUSY || verbose) 2392 syslog(LOG_ERR, 2393 "Mount of %s on %s: %m", mnttabtext, mntpnt); 2394 last_error = NFSERR_IO; 2395 goto out; 2396 } 2397 2398 last_error = NFS_OK; 2399 if (stat(mntpnt, &stbuf) == 0) { 2400 if (trace > 1) { 2401 trace_prt(1, " mount %s dev=%x rdev=%x OK\n", 2402 mnttabtext, stbuf.st_dev, stbuf.st_rdev); 2403 } 2404 } else { 2405 if (trace > 1) { 2406 trace_prt(1, " mount %s OK\n", mnttabtext); 2407 trace_prt(1, " stat of %s failed\n", mntpnt); 2408 } 2409 2410 } 2411 } else { 2412 alp->action.action = AUTOFS_MOUNT_RQ; 2413 alp->action.action_list_entry_u.mounta.spec = 2414 strdup(mnttabtext); 2415 alp->action.action_list_entry_u.mounta.dir = strdup(mntpnt); 2416 alp->action.action_list_entry_u.mounta.flags = 2417 flags | MS_DATA; 2418 alp->action.action_list_entry_u.mounta.fstype = 2419 strdup(fstype); 2420 alp->action.action_list_entry_u.mounta.dataptr = (char *)head; 2421 alp->action.action_list_entry_u.mounta.datalen = 2422 sizeof (*head); 2423 mntopts = malloc(strlen(mopts) + 1); 2424 strcpy(mntopts, mopts); 2425 mntopts[strlen(mopts)] = '\0'; 2426 alp->action.action_list_entry_u.mounta.optptr = mntopts; 2427 alp->action.action_list_entry_u.mounta.optlen = 2428 strlen(mntopts) + 1; 2429 last_error = NFS_OK; 2430 goto ret; 2431 } 2432 2433 out: 2434 argp = head; 2435 while (argp) { 2436 if (argp->pathconf) 2437 free(argp->pathconf); 2438 free_knconf(argp->knconf); 2439 netbuf_free(argp->addr); 2440 if (argp->syncaddr) 2441 netbuf_free(argp->syncaddr); 2442 if (argp->netname) { 2443 free(argp->netname); 2444 } 2445 if (argp->hostname) 2446 free(argp->hostname); 2447 nfs_free_secdata(argp->nfs_ext_u.nfs_extB.secdata); 2448 free(argp->fh); 2449 head = argp; 2450 argp = argp->nfs_ext_u.nfs_extB.next; 2451 free(head); 2452 } 2453 ret: 2454 if (nfs_proto) 2455 free(nfs_proto); 2456 if (mnttabtext) 2457 free(mnttabtext); 2458 2459 for (mfs = mfs_in; mfs; mfs = mfs->mfs_next) { 2460 2461 if (mfs->mfs_flags & MFS_ALLOC_DIR) { 2462 free(mfs->mfs_dir); 2463 mfs->mfs_dir = NULL; 2464 mfs->mfs_flags &= ~MFS_ALLOC_DIR; 2465 } 2466 2467 if (mfs->mfs_args != NULL && alp == NULL) { 2468 free(mfs->mfs_args); 2469 mfs->mfs_args = NULL; 2470 } 2471 2472 if (mfs->mfs_nconf != NULL) { 2473 freenetconfigent(mfs->mfs_nconf); 2474 mfs->mfs_nconf = NULL; 2475 } 2476 } 2477 2478 return (last_error); 2479 } 2480 2481 /* 2482 * get_pathconf(cl, path, fsname, pcnf, cretries) 2483 * ugliness that requires that ppathcnf and pathcnf stay consistent 2484 * cretries is a copy of retries used to determine when to syslog 2485 * on retry situations. 2486 */ 2487 static int 2488 get_pathconf(CLIENT *cl, char *path, char *fsname, struct pathcnf **pcnf, 2489 int cretries) 2490 { 2491 struct ppathcnf *p = NULL; 2492 enum clnt_stat rpc_stat; 2493 struct timeval timeout; 2494 2495 p = (struct ppathcnf *)malloc(sizeof (struct ppathcnf)); 2496 if (p == NULL) { 2497 syslog(LOG_ERR, "get_pathconf: Out of memory"); 2498 return (RET_ERR); 2499 } 2500 memset((caddr_t)p, 0, sizeof (struct ppathcnf)); 2501 2502 timeout.tv_sec = 10; 2503 timeout.tv_usec = 0; 2504 rpc_stat = clnt_call(cl, MOUNTPROC_PATHCONF, 2505 xdr_dirpath, (caddr_t)&path, xdr_ppathcnf, (caddr_t)p, timeout); 2506 if (rpc_stat != RPC_SUCCESS) { 2507 if (cretries-- <= 0) { 2508 syslog(LOG_ERR, 2509 "get_pathconf: %s: server not responding: %s", 2510 fsname, clnt_sperror(cl, "")); 2511 } 2512 free(p); 2513 return (RET_RETRY); 2514 } 2515 if (_PC_ISSET(_PC_ERROR, p->pc_mask)) { 2516 syslog(LOG_ERR, "get_pathconf: no info for %s", fsname); 2517 free(p); 2518 return (RET_ERR); 2519 } 2520 *pcnf = (struct pathcnf *)p; 2521 return (RET_OK); 2522 } 2523 2524 struct knetconfig * 2525 get_knconf(nconf) 2526 struct netconfig *nconf; 2527 { 2528 struct stat stbuf; 2529 struct knetconfig *k; 2530 2531 if (stat(nconf->nc_device, &stbuf) < 0) { 2532 syslog(LOG_ERR, "get_knconf: stat %s: %m", nconf->nc_device); 2533 return (NULL); 2534 } 2535 k = (struct knetconfig *)malloc(sizeof (*k)); 2536 if (k == NULL) 2537 goto nomem; 2538 k->knc_semantics = nconf->nc_semantics; 2539 k->knc_protofmly = strdup(nconf->nc_protofmly); 2540 if (k->knc_protofmly == NULL) 2541 goto nomem; 2542 k->knc_proto = strdup(nconf->nc_proto); 2543 if (k->knc_proto == NULL) 2544 goto nomem; 2545 k->knc_rdev = stbuf.st_rdev; 2546 2547 return (k); 2548 2549 nomem: 2550 syslog(LOG_ERR, "get_knconf: no memory"); 2551 free_knconf(k); 2552 return (NULL); 2553 } 2554 2555 void 2556 free_knconf(k) 2557 struct knetconfig *k; 2558 { 2559 if (k == NULL) 2560 return; 2561 if (k->knc_protofmly) 2562 free(k->knc_protofmly); 2563 if (k->knc_proto) 2564 free(k->knc_proto); 2565 free(k); 2566 } 2567 2568 void 2569 netbuf_free(nb) 2570 struct netbuf *nb; 2571 { 2572 if (nb == NULL) 2573 return; 2574 if (nb->buf) 2575 free(nb->buf); 2576 free(nb); 2577 } 2578 2579 #define SMALL_HOSTNAME 20 2580 #define SMALL_PROTONAME 10 2581 #define SMALL_PROTOFMLYNAME 10 2582 2583 struct portmap_cache { 2584 int cache_prog; 2585 int cache_vers; 2586 time_t cache_time; 2587 char cache_small_hosts[SMALL_HOSTNAME + 1]; 2588 char *cache_hostname; 2589 char *cache_proto; 2590 char *cache_protofmly; 2591 char cache_small_protofmly[SMALL_PROTOFMLYNAME + 1]; 2592 char cache_small_proto[SMALL_PROTONAME + 1]; 2593 struct netbuf cache_srv_addr; 2594 struct portmap_cache *cache_prev, *cache_next; 2595 }; 2596 2597 rwlock_t portmap_cache_lock; 2598 static int portmap_cache_valid_time = 30; 2599 struct portmap_cache *portmap_cache_head, *portmap_cache_tail; 2600 2601 #ifdef MALLOC_DEBUG 2602 void 2603 portmap_cache_flush() 2604 { 2605 struct portmap_cache *next = NULL, *cp; 2606 2607 (void) rw_wrlock(&portmap_cache_lock); 2608 for (cp = portmap_cache_head; cp; cp = cp->cache_next) { 2609 if (cp->cache_hostname != NULL && 2610 cp->cache_hostname != 2611 cp->cache_small_hosts) 2612 free(cp->cache_hostname); 2613 if (cp->cache_proto != NULL && 2614 cp->cache_proto != 2615 cp->cache_small_proto) 2616 free(cp->cache_proto); 2617 if (cp->cache_srv_addr.buf != NULL) 2618 free(cp->cache_srv_addr.buf); 2619 next = cp->cache_next; 2620 free(cp); 2621 } 2622 portmap_cache_head = NULL; 2623 portmap_cache_tail = NULL; 2624 (void) rw_unlock(&portmap_cache_lock); 2625 } 2626 #endif 2627 2628 /* 2629 * Returns 1 if the entry is found in the cache, 0 otherwise. 2630 */ 2631 static int 2632 portmap_cache_lookup(hostname, prog, vers, nconf, addrp) 2633 char *hostname; 2634 rpcprog_t prog; 2635 rpcvers_t vers; 2636 struct netconfig *nconf; 2637 struct netbuf *addrp; 2638 { 2639 struct portmap_cache *cachep, *prev, *next = NULL, *cp; 2640 int retval = 0; 2641 2642 timenow = time(NULL); 2643 2644 (void) rw_rdlock(&portmap_cache_lock); 2645 2646 /* 2647 * Increment the portmap cache counters for # accesses and lookups 2648 * Use a smaller factor (100 vs 1000 for the host cache) since 2649 * initial analysis shows this cache is looked up 10% that of the 2650 * host cache. 2651 */ 2652 #ifdef CACHE_DEBUG 2653 portmap_cache_accesses++; 2654 portmap_cache_lookups++; 2655 if ((portmap_cache_lookups%100) == 0) 2656 trace_portmap_cache(); 2657 #endif /* CACHE_DEBUG */ 2658 2659 for (cachep = portmap_cache_head; cachep; 2660 cachep = cachep->cache_next) { 2661 if (timenow > cachep->cache_time) { 2662 /* 2663 * We stumbled across an entry in the cache which 2664 * has timed out. Free up all the entries that 2665 * were added before it, which will positionally 2666 * be after this entry. And adjust neighboring 2667 * pointers. 2668 * When we drop the lock and re-acquire it, we 2669 * need to start from the beginning. 2670 */ 2671 (void) rw_unlock(&portmap_cache_lock); 2672 (void) rw_wrlock(&portmap_cache_lock); 2673 for (cp = portmap_cache_head; 2674 cp && (cp->cache_time >= timenow); 2675 cp = cp->cache_next) 2676 ; 2677 if (cp == NULL) 2678 goto done; 2679 /* 2680 * Adjust the link of the predecessor. 2681 * Make the tail point to the new last entry. 2682 */ 2683 prev = cp->cache_prev; 2684 if (prev == NULL) { 2685 portmap_cache_head = NULL; 2686 portmap_cache_tail = NULL; 2687 } else { 2688 prev->cache_next = NULL; 2689 portmap_cache_tail = prev; 2690 } 2691 for (; cp; cp = next) { 2692 if (cp->cache_hostname != NULL && 2693 cp->cache_hostname != 2694 cp->cache_small_hosts) 2695 free(cp->cache_hostname); 2696 if (cp->cache_proto != NULL && 2697 cp->cache_proto != 2698 cp->cache_small_proto) 2699 free(cp->cache_proto); 2700 if (cp->cache_srv_addr.buf != NULL) 2701 free(cp->cache_srv_addr.buf); 2702 next = cp->cache_next; 2703 free(cp); 2704 } 2705 goto done; 2706 } 2707 if (cachep->cache_hostname == NULL || 2708 prog != cachep->cache_prog || vers != cachep->cache_vers || 2709 strcmp(nconf->nc_proto, cachep->cache_proto) != 0 || 2710 strcmp(nconf->nc_protofmly, cachep->cache_protofmly) != 0 || 2711 strcmp(hostname, cachep->cache_hostname) != 0) 2712 continue; 2713 /* 2714 * Cache Hit. 2715 */ 2716 #ifdef CACHE_DEBUG 2717 portmap_cache_hits++; /* up portmap cache hit counter */ 2718 #endif /* CACHE_DEBUG */ 2719 addrp->len = cachep->cache_srv_addr.len; 2720 memcpy(addrp->buf, cachep->cache_srv_addr.buf, addrp->len); 2721 retval = 1; 2722 break; 2723 } 2724 done: 2725 (void) rw_unlock(&portmap_cache_lock); 2726 return (retval); 2727 } 2728 2729 static void 2730 portmap_cache_enter(hostname, prog, vers, nconf, addrp) 2731 char *hostname; 2732 rpcprog_t prog; 2733 rpcvers_t vers; 2734 struct netconfig *nconf; 2735 struct netbuf *addrp; 2736 { 2737 struct portmap_cache *cachep; 2738 int protofmlylen; 2739 int protolen, hostnamelen; 2740 2741 timenow = time(NULL); 2742 2743 cachep = malloc(sizeof (struct portmap_cache)); 2744 if (cachep == NULL) 2745 return; 2746 memset((char *)cachep, 0, sizeof (*cachep)); 2747 2748 hostnamelen = strlen(hostname); 2749 if (hostnamelen <= SMALL_HOSTNAME) 2750 cachep->cache_hostname = cachep->cache_small_hosts; 2751 else { 2752 cachep->cache_hostname = malloc(hostnamelen + 1); 2753 if (cachep->cache_hostname == NULL) 2754 goto nomem; 2755 } 2756 strcpy(cachep->cache_hostname, hostname); 2757 protolen = strlen(nconf->nc_proto); 2758 if (protolen <= SMALL_PROTONAME) 2759 cachep->cache_proto = cachep->cache_small_proto; 2760 else { 2761 cachep->cache_proto = malloc(protolen + 1); 2762 if (cachep->cache_proto == NULL) 2763 goto nomem; 2764 } 2765 protofmlylen = strlen(nconf->nc_protofmly); 2766 if (protofmlylen <= SMALL_PROTOFMLYNAME) 2767 cachep->cache_protofmly = cachep->cache_small_protofmly; 2768 else { 2769 cachep->cache_protofmly = malloc(protofmlylen + 1); 2770 if (cachep->cache_protofmly == NULL) 2771 goto nomem; 2772 } 2773 2774 strcpy(cachep->cache_proto, nconf->nc_proto); 2775 cachep->cache_prog = prog; 2776 cachep->cache_vers = vers; 2777 cachep->cache_time = timenow + portmap_cache_valid_time; 2778 cachep->cache_srv_addr.len = addrp->len; 2779 cachep->cache_srv_addr.buf = malloc(addrp->len); 2780 if (cachep->cache_srv_addr.buf == NULL) 2781 goto nomem; 2782 memcpy(cachep->cache_srv_addr.buf, addrp->buf, addrp->maxlen); 2783 cachep->cache_prev = NULL; 2784 (void) rw_wrlock(&portmap_cache_lock); 2785 /* 2786 * There's a window in which we could have multiple threads making 2787 * the same cache entry. This can be avoided by walking the cache 2788 * once again here to check and see if there are duplicate entries 2789 * (after grabbing the write lock). This isn't fatal and I'm not 2790 * going to bother with this. 2791 */ 2792 #ifdef CACHE_DEBUG 2793 portmap_cache_accesses++; /* up portmap cache access counter */ 2794 #endif /* CACHE_DEBUG */ 2795 cachep->cache_next = portmap_cache_head; 2796 if (portmap_cache_head != NULL) 2797 portmap_cache_head->cache_prev = cachep; 2798 portmap_cache_head = cachep; 2799 (void) rw_unlock(&portmap_cache_lock); 2800 return; 2801 2802 nomem: 2803 syslog(LOG_ERR, "portmap_cache_enter: Memory allocation failed"); 2804 if (cachep->cache_srv_addr.buf) 2805 free(cachep->cache_srv_addr.buf); 2806 if (cachep->cache_proto && protolen > SMALL_PROTONAME) 2807 free(cachep->cache_proto); 2808 if (cachep->cache_hostname && hostnamelen > SMALL_HOSTNAME) 2809 free(cachep->cache_hostname); 2810 if (cachep->cache_protofmly && protofmlylen > SMALL_PROTOFMLYNAME) 2811 free(cachep->cache_protofmly); 2812 if (cachep) 2813 free(cachep); 2814 cachep = NULL; 2815 } 2816 2817 static int 2818 get_cached_srv_addr(char *hostname, rpcprog_t prog, rpcvers_t vers, 2819 struct netconfig *nconf, struct netbuf *addrp) 2820 { 2821 if (portmap_cache_lookup(hostname, prog, vers, nconf, addrp)) 2822 return (1); 2823 if (rpcb_getaddr(prog, vers, nconf, addrp, hostname) == 0) 2824 return (0); 2825 portmap_cache_enter(hostname, prog, vers, nconf, addrp); 2826 return (1); 2827 } 2828 2829 /* 2830 * Get the network address on "hostname" for program "prog" 2831 * with version "vers" by using the nconf configuration data 2832 * passed in. 2833 * 2834 * If the address of a netconfig pointer is null then 2835 * information is not sufficient and no netbuf will be returned. 2836 * 2837 * tinfo argument is for matching the get_the_addr() defined in 2838 * ../nfs/mount/mount.c 2839 */ 2840 void * 2841 get_the_stuff( 2842 enum type_of_stuff type_of_stuff, 2843 char *hostname, 2844 rpcprog_t prog, 2845 rpcprog_t vers, 2846 mfs_snego_t *mfssnego, 2847 struct netconfig *nconf, 2848 ushort_t port, 2849 struct t_info *tinfo, 2850 caddr_t *fhp, 2851 bool_t direct_to_server, 2852 char *fspath, 2853 enum clnt_stat *cstat) 2854 2855 { 2856 struct netbuf *nb = NULL; 2857 struct t_bind *tbind = NULL; 2858 int fd = -1; 2859 enum clnt_stat cs = RPC_TIMEDOUT; 2860 CLIENT *cl = NULL; 2861 struct timeval tv; 2862 AUTH *ah = NULL; 2863 AUTH *new_ah = NULL; 2864 struct snego_t snego; 2865 2866 if (nconf == NULL) { 2867 goto done; 2868 } 2869 2870 if (prog == NFS_PROGRAM && vers == NFS_V4) 2871 if (strncasecmp(nconf->nc_proto, NC_UDP, strlen(NC_UDP)) == 0) 2872 goto done; 2873 2874 if ((fd = t_open(nconf->nc_device, O_RDWR, tinfo)) < 0) { 2875 goto done; 2876 } 2877 2878 /* LINTED pointer alignment */ 2879 if ((tbind = (struct t_bind *)t_alloc(fd, T_BIND, T_ADDR)) 2880 == NULL) { 2881 goto done; 2882 } 2883 2884 if (direct_to_server == TRUE) { 2885 struct nd_hostserv hs; 2886 struct nd_addrlist *retaddrs; 2887 hs.h_host = hostname; 2888 2889 if (trace > 1) 2890 trace_prt(1, " get_the_stuff: %s call " 2891 "direct to server %s\n", 2892 type_of_stuff == SERVER_FH ? "pub fh" : 2893 type_of_stuff == SERVER_ADDR ? "get address" : 2894 type_of_stuff == SERVER_PING ? "ping" : 2895 "unknown", hostname); 2896 if (port == 0) 2897 hs.h_serv = "nfs"; 2898 else 2899 hs.h_serv = NULL; 2900 2901 if (netdir_getbyname(nconf, &hs, &retaddrs) != ND_OK) { 2902 goto done; 2903 } 2904 memcpy(tbind->addr.buf, retaddrs->n_addrs->buf, 2905 retaddrs->n_addrs->len); 2906 tbind->addr.len = retaddrs->n_addrs->len; 2907 netdir_free((void *)retaddrs, ND_ADDRLIST); 2908 if (port) { 2909 /* LINTED pointer alignment */ 2910 2911 if (strcmp(nconf->nc_protofmly, NC_INET) == NULL) 2912 ((struct sockaddr_in *) 2913 tbind->addr.buf)->sin_port = 2914 htons((ushort_t)port); 2915 else if (strcmp(nconf->nc_protofmly, NC_INET6) == NULL) 2916 ((struct sockaddr_in6 *) 2917 tbind->addr.buf)->sin6_port = 2918 htons((ushort_t)port); 2919 } 2920 2921 if (type_of_stuff == SERVER_FH) { 2922 if (netdir_options(nconf, ND_SET_RESERVEDPORT, fd, 2923 NULL) == -1) 2924 if (trace > 1) 2925 trace_prt(1, "\tget_the_stuff: " 2926 "ND_SET_RESERVEDPORT(%s) " 2927 "failed\n", hostname); 2928 } 2929 2930 cl = clnt_tli_create(fd, nconf, &tbind->addr, prog, 2931 vers, 0, 0); 2932 2933 if (trace > 1) 2934 trace_prt(1, " get_the_stuff: clnt_tli_create(%s) " 2935 "returned %p\n", hostname, cl); 2936 if (cl == NULL) 2937 goto done; 2938 #ifdef MALLOC_DEBUG 2939 add_alloc("CLNT_HANDLE", cl, 0, __FILE__, __LINE__); 2940 add_alloc("AUTH_HANDLE", cl->cl_auth, 0, 2941 __FILE__, __LINE__); 2942 #endif 2943 2944 switch (type_of_stuff) { 2945 case SERVER_FH: 2946 { 2947 enum snego_stat sec; 2948 2949 ah = authsys_create_default(); 2950 if (ah != NULL) { 2951 #ifdef MALLOC_DEBUG 2952 drop_alloc("AUTH_HANDLE", cl->cl_auth, 2953 __FILE__, __LINE__); 2954 #endif 2955 AUTH_DESTROY(cl->cl_auth); 2956 cl->cl_auth = ah; 2957 #ifdef MALLOC_DEBUG 2958 add_alloc("AUTH_HANDLE", cl->cl_auth, 0, 2959 __FILE__, __LINE__); 2960 #endif 2961 } 2962 2963 if (!mfssnego->snego_done && vers != NFS_V4) { 2964 /* 2965 * negotiate sec flavor. 2966 */ 2967 snego.cnt = 0; 2968 if ((sec = nfs_sec_nego(vers, cl, fspath, &snego)) == 2969 SNEGO_SUCCESS) { 2970 int jj; 2971 2972 /* 2973 * check if server supports the one 2974 * specified in the sec= option. 2975 */ 2976 if (mfssnego->sec_opt) { 2977 for (jj = 0; jj < snego.cnt; jj++) { 2978 if (snego.array[jj] == 2979 mfssnego->nfs_sec.sc_nfsnum) { 2980 mfssnego->snego_done = TRUE; 2981 break; 2982 } 2983 } 2984 } 2985 2986 /* 2987 * find a common sec flavor 2988 */ 2989 if (!mfssnego->snego_done) { 2990 for (jj = 0; jj < snego.cnt; jj++) { 2991 if (!nfs_getseconfig_bynumber( 2992 snego.array[jj], &mfssnego->nfs_sec)) { 2993 mfssnego->snego_done = TRUE; 2994 break; 2995 } 2996 } 2997 } 2998 if (!mfssnego->snego_done) 2999 return (NULL); 3000 3001 /* 3002 * Now that the flavor has been 3003 * negotiated, get the fh. 3004 * 3005 * First, create an auth handle using the negotiated 3006 * sec flavor in the next lookup to 3007 * fetch the filehandle. 3008 */ 3009 new_ah = nfs_create_ah(cl, hostname, 3010 &mfssnego->nfs_sec); 3011 if (new_ah == NULL) 3012 goto done; 3013 #ifdef MALLOC_DEBUG 3014 drop_alloc("AUTH_HANDLE", cl->cl_auth, 3015 __FILE__, __LINE__); 3016 #endif 3017 AUTH_DESTROY(cl->cl_auth); 3018 cl->cl_auth = new_ah; 3019 #ifdef MALLOC_DEBUG 3020 add_alloc("AUTH_HANDLE", cl->cl_auth, 0, 3021 __FILE__, __LINE__); 3022 #endif 3023 } else if (sec == SNEGO_ARRAY_TOO_SMALL || 3024 sec == SNEGO_FAILURE) { 3025 goto done; 3026 } 3027 /* 3028 * Note that if sec == SNEGO_DEF_VALID 3029 * the default sec flavor is acceptable. 3030 * Use it to get the filehandle. 3031 */ 3032 } 3033 } 3034 3035 switch (vers) { 3036 case NFS_VERSION: 3037 { 3038 wnl_diropargs arg; 3039 wnl_diropres *res; 3040 3041 memset((char *)&arg.dir, 0, sizeof (wnl_fh)); 3042 arg.name = fspath; 3043 res = wnlproc_lookup_2(&arg, cl); 3044 3045 if (res == NULL || res->status != NFS_OK) 3046 goto done; 3047 *fhp = malloc(sizeof (wnl_fh)); 3048 3049 if (*fhp == NULL) { 3050 syslog(LOG_ERR, "no memory\n"); 3051 goto done; 3052 } 3053 3054 memcpy((char *)*fhp, 3055 (char *)&res->wnl_diropres_u.wnl_diropres.file, 3056 sizeof (wnl_fh)); 3057 cs = RPC_SUCCESS; 3058 } 3059 break; 3060 case NFS_V3: 3061 { 3062 WNL_LOOKUP3args arg; 3063 WNL_LOOKUP3res *res; 3064 nfs_fh3 *fh3p; 3065 3066 memset((char *)&arg.what.dir, 0, sizeof (wnl_fh3)); 3067 arg.what.name = fspath; 3068 res = wnlproc3_lookup_3(&arg, cl); 3069 3070 if (res == NULL || res->status != NFS3_OK) 3071 goto done; 3072 3073 fh3p = (nfs_fh3 *)malloc(sizeof (*fh3p)); 3074 3075 if (fh3p == NULL) { 3076 syslog(LOG_ERR, "no memory\n"); 3077 CLNT_FREERES(cl, xdr_WNL_LOOKUP3res, 3078 (char *)res); 3079 goto done; 3080 } 3081 3082 fh3p->fh3_length = res-> 3083 WNL_LOOKUP3res_u.res_ok.object.data.data_len; 3084 memcpy(fh3p->fh3_u.data, res-> 3085 WNL_LOOKUP3res_u.res_ok.object.data.data_val, 3086 fh3p->fh3_length); 3087 3088 *fhp = (caddr_t)fh3p; 3089 3090 CLNT_FREERES(cl, xdr_WNL_LOOKUP3res, (char *)res); 3091 cs = RPC_SUCCESS; 3092 } 3093 break; 3094 case NFS_V4: 3095 tv.tv_sec = 10; 3096 tv.tv_usec = 0; 3097 cs = clnt_call(cl, NULLPROC, xdr_void, 0, 3098 xdr_void, 0, tv); 3099 if (cs != RPC_SUCCESS) 3100 goto done; 3101 *fhp = strdup(fspath); 3102 break; 3103 } 3104 break; 3105 case SERVER_ADDR: 3106 case SERVER_PING: 3107 tv.tv_sec = 10; 3108 tv.tv_usec = 0; 3109 cs = clnt_call(cl, NULLPROC, xdr_void, 0, 3110 xdr_void, 0, tv); 3111 if (trace > 1) 3112 trace_prt(1, 3113 "get_the_stuff: clnt_call(%s) " 3114 "returned %s\n", 3115 hostname, 3116 cs == RPC_SUCCESS ? "success" : 3117 "failure"); 3118 3119 if (cs != RPC_SUCCESS) 3120 goto done; 3121 break; 3122 } 3123 3124 } else if (type_of_stuff != SERVER_FH) { 3125 3126 if (type_of_stuff == SERVER_ADDR) { 3127 if (get_cached_srv_addr(hostname, prog, vers, nconf, 3128 &tbind->addr) == 0) 3129 goto done; 3130 } 3131 3132 if (port) { 3133 /* LINTED pointer alignment */ 3134 if (strcmp(nconf->nc_protofmly, NC_INET) == NULL) 3135 ((struct sockaddr_in *) 3136 tbind->addr.buf)->sin_port = 3137 htons((ushort_t)port); 3138 else if (strcmp(nconf->nc_protofmly, NC_INET6) == NULL) 3139 ((struct sockaddr_in6 *) 3140 tbind->addr.buf)->sin6_port = 3141 htons((ushort_t)port); 3142 cl = clnt_tli_create(fd, nconf, &tbind->addr, 3143 prog, vers, 0, 0); 3144 if (cl == NULL) 3145 goto done; 3146 #ifdef MALLOC_DEBUG 3147 add_alloc("CLNT_HANDLE", cl, 0, __FILE__, __LINE__); 3148 add_alloc("AUTH_HANDLE", cl->cl_auth, 0, 3149 __FILE__, __LINE__); 3150 #endif 3151 tv.tv_sec = 10; 3152 tv.tv_usec = 0; 3153 cs = clnt_call(cl, NULLPROC, xdr_void, 0, xdr_void, 3154 0, tv); 3155 if (cs != RPC_SUCCESS) 3156 goto done; 3157 } 3158 3159 } else { 3160 /* can't happen */ 3161 goto done; 3162 } 3163 3164 if (type_of_stuff != SERVER_PING) { 3165 3166 cs = RPC_SYSTEMERROR; 3167 3168 /* 3169 * Make a copy of the netbuf to return 3170 */ 3171 nb = (struct netbuf *)malloc(sizeof (struct netbuf)); 3172 if (nb == NULL) { 3173 syslog(LOG_ERR, "no memory\n"); 3174 goto done; 3175 } 3176 *nb = tbind->addr; 3177 nb->buf = (char *)malloc(nb->maxlen); 3178 if (nb->buf == NULL) { 3179 syslog(LOG_ERR, "no memory\n"); 3180 free(nb); 3181 nb = NULL; 3182 goto done; 3183 } 3184 (void) memcpy(nb->buf, tbind->addr.buf, tbind->addr.len); 3185 3186 cs = RPC_SUCCESS; 3187 } 3188 3189 done: 3190 if (cl != NULL) { 3191 if (ah != NULL) { 3192 #ifdef MALLOC_DEBUG 3193 drop_alloc("AUTH_HANDLE", cl->cl_auth, 3194 __FILE__, __LINE__); 3195 #endif 3196 AUTH_DESTROY(cl->cl_auth); 3197 cl->cl_auth = NULL; 3198 } 3199 #ifdef MALLOC_DEBUG 3200 drop_alloc("CLNT_HANDLE", cl, __FILE__, __LINE__); 3201 #endif 3202 clnt_destroy(cl); 3203 } 3204 3205 if (tbind) { 3206 t_free((char *)tbind, T_BIND); 3207 tbind = NULL; 3208 } 3209 3210 if (fd >= 0) 3211 (void) t_close(fd); 3212 3213 if (cstat != NULL) 3214 *cstat = cs; 3215 3216 return (nb); 3217 } 3218 3219 /* 3220 * Get a network address on "hostname" for program "prog" 3221 * with version "vers". If the port number is specified (non zero) 3222 * then try for a TCP/UDP transport and set the port number of the 3223 * resulting IP address. 3224 * 3225 * If the address of a netconfig pointer was passed and 3226 * if it's not null, use it as the netconfig otherwise 3227 * assign the address of the netconfig that was used to 3228 * establish contact with the service. 3229 * 3230 * tinfo argument is for matching the get_addr() defined in 3231 * ../nfs/mount/mount.c 3232 */ 3233 3234 static struct netbuf * 3235 get_addr(char *hostname, rpcprog_t prog, rpcvers_t vers, 3236 struct netconfig **nconfp, char *proto, ushort_t port, 3237 struct t_info *tinfo) 3238 3239 { 3240 enum clnt_stat cstat; 3241 3242 return (get_server_stuff(SERVER_ADDR, hostname, prog, vers, NULL, 3243 nconfp, proto, port, tinfo, NULL, FALSE, NULL, &cstat)); 3244 } 3245 3246 static struct netbuf * 3247 get_pubfh(char *hostname, rpcvers_t vers, mfs_snego_t *mfssnego, 3248 struct netconfig **nconfp, char *proto, ushort_t port, 3249 struct t_info *tinfo, caddr_t *fhp, bool_t get_pubfh, char *fspath) 3250 { 3251 enum clnt_stat cstat; 3252 3253 return (get_server_stuff(SERVER_FH, hostname, NFS_PROGRAM, vers, 3254 mfssnego, nconfp, proto, port, tinfo, fhp, get_pubfh, fspath, 3255 &cstat)); 3256 } 3257 3258 static enum clnt_stat 3259 get_ping(char *hostname, rpcprog_t prog, rpcvers_t vers, 3260 struct netconfig **nconfp, ushort_t port, bool_t direct_to_server) 3261 { 3262 enum clnt_stat cstat; 3263 3264 (void) get_server_stuff(SERVER_PING, hostname, prog, vers, NULL, nconfp, 3265 NULL, port, NULL, NULL, direct_to_server, NULL, &cstat); 3266 3267 return (cstat); 3268 } 3269 3270 void * 3271 get_server_stuff( 3272 enum type_of_stuff type_of_stuff, 3273 char *hostname, 3274 rpcprog_t prog, 3275 rpcvers_t vers, 3276 mfs_snego_t *mfssnego, 3277 struct netconfig **nconfp, 3278 char *proto, 3279 ushort_t port, /* may be zero */ 3280 struct t_info *tinfo, 3281 caddr_t *fhp, 3282 bool_t direct_to_server, 3283 char *fspath, 3284 enum clnt_stat *cstatp) 3285 { 3286 struct netbuf *nb = NULL; 3287 struct netconfig *nconf = NULL; 3288 NCONF_HANDLE *nc = NULL; 3289 int nthtry = FIRST_TRY; 3290 3291 if (nconfp && *nconfp) 3292 return (get_the_stuff(type_of_stuff, hostname, prog, vers, 3293 mfssnego, *nconfp, port, tinfo, fhp, direct_to_server, 3294 fspath, cstatp)); 3295 3296 3297 /* 3298 * No nconf passed in. 3299 * 3300 * Try to get a nconf from /etc/netconfig. 3301 * First choice is COTS, second is CLTS unless proto 3302 * is specified. When we retry, we reset the 3303 * netconfig list, so that we search the whole list 3304 * for the next choice. 3305 */ 3306 if ((nc = setnetpath()) == NULL) 3307 goto done; 3308 3309 /* 3310 * If proto is specified, then only search for the match, 3311 * otherwise try COTS first, if failed, then try CLTS. 3312 */ 3313 if (proto) { 3314 3315 while (nconf = getnetpath(nc)) { 3316 if (strcmp(nconf->nc_proto, proto)) 3317 continue; 3318 /* 3319 * If the port number is specified then TCP/UDP 3320 * is needed. Otherwise any cots/clts will do. 3321 */ 3322 if (port) { 3323 if ((strcmp(nconf->nc_protofmly, NC_INET) && 3324 strcmp(nconf->nc_protofmly, NC_INET6)) || 3325 (strcmp(nconf->nc_proto, NC_TCP) && 3326 strcmp(nconf->nc_proto, NC_UDP))) 3327 continue; 3328 } 3329 3330 nb = get_the_stuff(type_of_stuff, hostname, prog, vers, 3331 mfssnego, nconf, port, tinfo, fhp, 3332 direct_to_server, fspath, cstatp); 3333 3334 if (*cstatp == RPC_SUCCESS) 3335 break; 3336 3337 assert(nb == NULL); 3338 3339 } /* end of while */ 3340 3341 if (nconf == NULL) 3342 goto done; 3343 3344 } else { 3345 retry: 3346 while (nconf = getnetpath(nc)) { 3347 if (nconf->nc_flag & NC_VISIBLE) { 3348 if (nthtry == FIRST_TRY) { 3349 if ((nconf->nc_semantics == 3350 NC_TPI_COTS_ORD) || 3351 (nconf->nc_semantics == 3352 NC_TPI_COTS)) { 3353 if (port == 0) 3354 break; 3355 if ((strcmp(nconf->nc_protofmly, 3356 NC_INET) == 0 || 3357 strcmp(nconf->nc_protofmly, 3358 NC_INET6) == 0) && 3359 (strcmp(nconf->nc_proto, 3360 NC_TCP) == 0)) 3361 break; 3362 } 3363 } 3364 if (nthtry == SECOND_TRY) { 3365 if (nconf->nc_semantics == 3366 NC_TPI_CLTS) { 3367 if (port == 0) 3368 break; 3369 if ((strcmp(nconf->nc_protofmly, 3370 NC_INET) == 0 || 3371 strcmp(nconf->nc_protofmly, 3372 NC_INET6) == 0) && 3373 (strcmp(nconf->nc_proto, 3374 NC_UDP) == 0)) 3375 break; 3376 } 3377 } 3378 } 3379 } /* while */ 3380 if (nconf == NULL) { 3381 if (++nthtry <= MNT_PREF_LISTLEN) { 3382 endnetpath(nc); 3383 if ((nc = setnetpath()) == NULL) 3384 goto done; 3385 goto retry; 3386 } else 3387 goto done; 3388 } else { 3389 nb = get_the_stuff(type_of_stuff, hostname, prog, vers, 3390 mfssnego, nconf, port, tinfo, fhp, direct_to_server, 3391 fspath, cstatp); 3392 if (*cstatp != RPC_SUCCESS) 3393 /* 3394 * Continue the same search path in the 3395 * netconfig db until no more matched nconf 3396 * (nconf == NULL). 3397 */ 3398 goto retry; 3399 } 3400 } /* if !proto */ 3401 3402 /* 3403 * Got nconf and nb. Now dup the netconfig structure (nconf) 3404 * and return it thru nconfp. 3405 */ 3406 *nconfp = getnetconfigent(nconf->nc_netid); 3407 if (*nconfp == NULL) { 3408 syslog(LOG_ERR, "no memory\n"); 3409 free(nb); 3410 nb = NULL; 3411 } 3412 done: 3413 if (nc) 3414 endnetpath(nc); 3415 return (nb); 3416 } 3417 3418 3419 /* 3420 * Sends a null call to the remote host's (NFS program, versp). versp 3421 * may be "NULL" in which case the default maximum version is used. 3422 * Upon return, versp contains the maximum version supported iff versp!= NULL. 3423 */ 3424 enum clnt_stat 3425 pingnfs( 3426 char *hostpart, 3427 int attempts, 3428 rpcvers_t *versp, 3429 rpcvers_t versmin, 3430 ushort_t port, /* may be zero */ 3431 bool_t usepub, 3432 char *path, 3433 char *proto) 3434 { 3435 CLIENT *cl = NULL; 3436 struct timeval rpc_to_new = {15, 0}; 3437 static struct timeval rpc_rtrans_new = {-1, -1}; 3438 enum clnt_stat clnt_stat; 3439 int i, j; 3440 rpcvers_t versmax; /* maximum version to try against server */ 3441 rpcvers_t outvers; /* version supported by host on last call */ 3442 rpcvers_t vers_to_try; /* to try different versions against host */ 3443 char *hostname; 3444 struct netconfig *nconf; 3445 3446 hostname = strdup(hostpart); 3447 if (hostname == NULL) { 3448 return (RPC_SYSTEMERROR); 3449 } 3450 unbracket(&hostname); 3451 3452 if (path != NULL && strcmp(hostname, "nfs") == 0 && 3453 strncmp(path, "//", 2) == 0) { 3454 char *sport; 3455 3456 hostname = strdup(path+2); 3457 3458 if (hostname == NULL) 3459 return (RPC_SYSTEMERROR); 3460 3461 path = strchr(hostname, '/'); 3462 3463 /* 3464 * This cannot happen. If it does, give up 3465 * on the ping as this is obviously a corrupt 3466 * entry. 3467 */ 3468 if (path == NULL) { 3469 free(hostname); 3470 return (RPC_SUCCESS); 3471 } 3472 3473 /* 3474 * Probable end point of host string. 3475 */ 3476 *path = '\0'; 3477 3478 sport = strchr(hostname, ':'); 3479 3480 if (sport != NULL && sport < path) { 3481 3482 /* 3483 * Actual end point of host string. 3484 */ 3485 *sport = '\0'; 3486 port = htons((ushort_t)atoi(sport+1)); 3487 } 3488 3489 usepub = TRUE; 3490 } 3491 3492 /* Pick up the default versions and then set them appropriately */ 3493 if (versp) { 3494 versmax = *versp; 3495 /* use versmin passed in */ 3496 } else { 3497 read_default_nfs(); 3498 set_versrange(0, &versmax, &versmin); 3499 } 3500 3501 if (proto && 3502 strncasecmp(proto, NC_UDP, strlen(NC_UDP)) == 0 && 3503 versmax == NFS_V4) { 3504 if (versmin == NFS_V4) { 3505 if (versp) { 3506 *versp = versmax - 1; 3507 return (RPC_SUCCESS); 3508 } 3509 return (RPC_PROGUNAVAIL); 3510 } else { 3511 versmax--; 3512 } 3513 } 3514 3515 if (versp) 3516 *versp = versmax; 3517 3518 switch (cache_check(hostname, versp, proto)) { 3519 case GOODHOST: 3520 if (hostname != hostpart) 3521 free(hostname); 3522 return (RPC_SUCCESS); 3523 case DEADHOST: 3524 if (hostname != hostpart) 3525 free(hostname); 3526 return (RPC_TIMEDOUT); 3527 case NOHOST: 3528 default: 3529 break; 3530 } 3531 3532 /* 3533 * XXX The retransmission time rpcbrmttime is a global defined 3534 * in the rpc library (rpcb_clnt.c). We use (and like) the default 3535 * value of 15 sec in the rpc library. The code below is to protect 3536 * us in case it changes. This need not be done under a lock since 3537 * any # of threads entering this function will get the same 3538 * retransmission value. 3539 */ 3540 if (rpc_rtrans_new.tv_sec == -1 && rpc_rtrans_new.tv_usec == -1) { 3541 __rpc_control(CLCR_GET_RPCB_RMTTIME, (char *)&rpc_rtrans_new); 3542 if (rpc_rtrans_new.tv_sec != 15 && rpc_rtrans_new.tv_sec != 0) 3543 if (trace > 1) 3544 trace_prt(1, "RPC library rttimer changed\n"); 3545 } 3546 3547 /* 3548 * XXX Manipulate the total timeout to get the number of 3549 * desired retransmissions. This code is heavily dependant on 3550 * the RPC backoff mechanism in clnt_dg_call (clnt_dg.c). 3551 */ 3552 for (i = 0, j = rpc_rtrans_new.tv_sec; i < attempts-1; i++) { 3553 if (j < RPC_MAX_BACKOFF) 3554 j *= 2; 3555 else 3556 j = RPC_MAX_BACKOFF; 3557 rpc_to_new.tv_sec += j; 3558 } 3559 3560 vers_to_try = versmax; 3561 3562 /* 3563 * check the host's version within the timeout 3564 */ 3565 if (trace > 1) 3566 trace_prt(1, " ping: %s timeout=%ld request vers=%d min=%d\n", 3567 hostname, rpc_to_new.tv_sec, versmax, versmin); 3568 3569 if (usepub == FALSE) { 3570 do { 3571 /* 3572 * If NFSv4, then we do the same thing as is used 3573 * for public filehandles so that we avoid rpcbind 3574 */ 3575 if (vers_to_try == NFS_V4) { 3576 if (trace > 4) { 3577 trace_prt(1, " pingnfs: Trying ping via " 3578 "\"circuit_v\"\n"); 3579 } 3580 3581 cl = clnt_create_service_timed(hostname, "nfs", 3582 NFS_PROGRAM, vers_to_try, 3583 port, "circuit_v", &rpc_to_new); 3584 if (cl != NULL) { 3585 outvers = vers_to_try; 3586 break; 3587 } 3588 if (trace > 4) { 3589 trace_prt(1, 3590 " pingnfs: Can't ping via " 3591 "\"circuit_v\" %s: RPC error=%d\n", 3592 hostname, rpc_createerr.cf_stat); 3593 } 3594 3595 } else { 3596 cl = clnt_create_vers_timed(hostname, 3597 NFS_PROGRAM, &outvers, versmin, vers_to_try, 3598 "datagram_v", &rpc_to_new); 3599 if (cl != NULL) 3600 break; 3601 if (trace > 4) { 3602 trace_prt(1, 3603 " pingnfs: Can't ping via " 3604 "\"datagram_v\"%s: RPC error=%d\n", 3605 hostname, rpc_createerr.cf_stat); 3606 } 3607 if (rpc_createerr.cf_stat == RPC_UNKNOWNHOST || 3608 rpc_createerr.cf_stat == RPC_TIMEDOUT) 3609 break; 3610 if (rpc_createerr.cf_stat == 3611 RPC_PROGNOTREGISTERED) { 3612 if (trace > 4) { 3613 trace_prt(1, 3614 " pingnfs: Trying ping " 3615 "via \"circuit_v\"\n"); 3616 } 3617 cl = clnt_create_vers_timed(hostname, 3618 NFS_PROGRAM, &outvers, 3619 versmin, vers_to_try, 3620 "circuit_v", &rpc_to_new); 3621 if (cl != NULL) 3622 break; 3623 if (trace > 4) { 3624 trace_prt(1, 3625 " pingnfs: Can't ping " 3626 "via \"circuit_v\" %s: " 3627 "RPC error=%d\n", 3628 hostname, 3629 rpc_createerr.cf_stat); 3630 } 3631 } 3632 } 3633 3634 /* 3635 * backoff and return lower version to retry the ping. 3636 * XXX we should be more careful and handle 3637 * RPC_PROGVERSMISMATCH here, because that error is handled 3638 * in clnt_create_vers(). It's not done to stay in sync 3639 * with the nfs mount command. 3640 */ 3641 vers_to_try--; 3642 if (vers_to_try < versmin) 3643 break; 3644 if (versp != NULL) { /* recheck the cache */ 3645 *versp = vers_to_try; 3646 if (trace > 4) { 3647 trace_prt(1, 3648 " pingnfs: check cache: vers=%d\n", 3649 *versp); 3650 } 3651 switch (cache_check(hostname, versp, proto)) { 3652 case GOODHOST: 3653 if (hostname != hostpart) 3654 free(hostname); 3655 return (RPC_SUCCESS); 3656 case DEADHOST: 3657 if (hostname != hostpart) 3658 free(hostname); 3659 return (RPC_TIMEDOUT); 3660 case NOHOST: 3661 default: 3662 break; 3663 } 3664 } 3665 if (trace > 4) { 3666 trace_prt(1, " pingnfs: Try version=%d\n", 3667 vers_to_try); 3668 } 3669 } while (cl == NULL); 3670 3671 3672 if (cl == NULL) { 3673 if (verbose) 3674 syslog(LOG_ERR, "pingnfs: %s%s", 3675 hostname, clnt_spcreateerror("")); 3676 clnt_stat = rpc_createerr.cf_stat; 3677 } else { 3678 clnt_destroy(cl); 3679 clnt_stat = RPC_SUCCESS; 3680 } 3681 3682 } else { 3683 for (vers_to_try = versmax; vers_to_try >= versmin; 3684 vers_to_try--) { 3685 3686 nconf = NULL; 3687 3688 if (trace > 4) { 3689 trace_prt(1, " pingnfs: Try version=%d " 3690 "using get_ping()\n", vers_to_try); 3691 } 3692 3693 clnt_stat = get_ping(hostname, NFS_PROGRAM, 3694 vers_to_try, &nconf, port, TRUE); 3695 3696 if (nconf != NULL) 3697 freenetconfigent(nconf); 3698 3699 if (clnt_stat == RPC_SUCCESS) { 3700 outvers = vers_to_try; 3701 break; 3702 } 3703 } 3704 } 3705 3706 if (trace > 1) 3707 clnt_stat == RPC_SUCCESS ? 3708 trace_prt(1, " pingnfs OK: nfs version=%d\n", outvers): 3709 trace_prt(1, " pingnfs FAIL: can't get nfs version\n"); 3710 3711 if (clnt_stat == RPC_SUCCESS) { 3712 cache_enter(hostname, versmax, outvers, proto, GOODHOST); 3713 if (versp != NULL) 3714 *versp = outvers; 3715 } else 3716 cache_enter(hostname, versmax, versmax, proto, DEADHOST); 3717 3718 if (hostpart != hostname) 3719 free(hostname); 3720 3721 return (clnt_stat); 3722 } 3723 3724 #define MNTTYPE_LOFS "lofs" 3725 3726 int 3727 loopbackmount(fsname, dir, mntopts, overlay) 3728 char *fsname; /* Directory being mounted */ 3729 char *dir; /* Directory being mounted on */ 3730 char *mntopts; 3731 int overlay; 3732 { 3733 struct mnttab mnt; 3734 int flags = 0; 3735 char fstype[] = MNTTYPE_LOFS; 3736 int dirlen; 3737 struct stat st; 3738 char optbuf[MAX_MNTOPT_STR]; 3739 3740 dirlen = strlen(dir); 3741 if (dir[dirlen-1] == ' ') 3742 dirlen--; 3743 3744 if (dirlen == strlen(fsname) && 3745 strncmp(fsname, dir, dirlen) == 0) { 3746 syslog(LOG_ERR, 3747 "Mount of %s on %s would result in deadlock, aborted\n", 3748 fsname, dir); 3749 return (RET_ERR); 3750 } 3751 mnt.mnt_mntopts = mntopts; 3752 if (hasmntopt(&mnt, MNTOPT_RO) != NULL) 3753 flags |= MS_RDONLY; 3754 3755 (void) strlcpy(optbuf, mntopts, sizeof (optbuf)); 3756 3757 if (overlay) 3758 flags |= MS_OVERLAY; 3759 3760 if (trace > 1) 3761 trace_prt(1, 3762 " loopbackmount: fsname=%s, dir=%s, flags=%d\n", 3763 fsname, dir, flags); 3764 3765 if (is_system_labeled()) { 3766 if (create_homedir((const char *)fsname, 3767 (const char *)dir) == 0) { 3768 return (NFSERR_NOENT); 3769 } 3770 } 3771 3772 if (mount(fsname, dir, flags | MS_DATA | MS_OPTIONSTR, fstype, 3773 NULL, 0, optbuf, sizeof (optbuf)) < 0) { 3774 syslog(LOG_ERR, "Mount of %s on %s: %m", fsname, dir); 3775 return (RET_ERR); 3776 } 3777 3778 if (stat(dir, &st) == 0) { 3779 if (trace > 1) { 3780 trace_prt(1, 3781 " loopbackmount of %s on %s dev=%x rdev=%x OK\n", 3782 fsname, dir, st.st_dev, st.st_rdev); 3783 } 3784 } else { 3785 if (trace > 1) { 3786 trace_prt(1, 3787 " loopbackmount of %s on %s OK\n", fsname, dir); 3788 trace_prt(1, " stat of %s failed\n", dir); 3789 } 3790 } 3791 3792 return (0); 3793 } 3794 3795 /* 3796 * Look for the value of a numeric option of the form foo=x. If found, set 3797 * *valp to the value and return non-zero. If not found or the option is 3798 * malformed, return zero. 3799 */ 3800 3801 int 3802 nopt(mnt, opt, valp) 3803 struct mnttab *mnt; 3804 char *opt; 3805 int *valp; /* OUT */ 3806 { 3807 char *equal; 3808 char *str; 3809 3810 /* 3811 * We should never get a null pointer, but if we do, it's better to 3812 * ignore the option than to dump core. 3813 */ 3814 3815 if (valp == NULL) { 3816 syslog(LOG_DEBUG, "null pointer for %s option", opt); 3817 return (0); 3818 } 3819 3820 if (str = hasmntopt(mnt, opt)) { 3821 if (equal = strchr(str, '=')) { 3822 *valp = atoi(&equal[1]); 3823 return (1); 3824 } else { 3825 syslog(LOG_ERR, "Bad numeric option '%s'", str); 3826 } 3827 } 3828 return (0); 3829 } 3830 3831 int 3832 nfsunmount(mnt) 3833 struct mnttab *mnt; 3834 { 3835 struct timeval timeout; 3836 CLIENT *cl; 3837 enum clnt_stat rpc_stat; 3838 char *host, *path; 3839 struct replica *list; 3840 int i, count = 0; 3841 int isv4mount = is_v4_mount(mnt->mnt_mountp); 3842 3843 if (trace > 1) 3844 trace_prt(1, " nfsunmount: umount %s\n", mnt->mnt_mountp); 3845 3846 if (umount(mnt->mnt_mountp) < 0) { 3847 if (trace > 1) 3848 trace_prt(1, " nfsunmount: umount %s FAILED\n", 3849 mnt->mnt_mountp); 3850 if (errno) 3851 return (errno); 3852 } 3853 3854 /* 3855 * If this is a NFSv4 mount, the mount protocol was not used 3856 * so we just return. 3857 */ 3858 if (isv4mount) { 3859 if (trace > 1) 3860 trace_prt(1, " nfsunmount: umount %s OK\n", 3861 mnt->mnt_mountp); 3862 return (0); 3863 } 3864 3865 /* 3866 * If mounted with -o public, then no need to contact server 3867 * because mount protocol was not used. 3868 */ 3869 if (hasmntopt(mnt, MNTOPT_PUBLIC) != NULL) { 3870 return (0); 3871 } 3872 3873 /* 3874 * The rest of this code is advisory to the server. 3875 * If it fails return success anyway. 3876 */ 3877 3878 list = parse_replica(mnt->mnt_special, &count); 3879 if (!list) { 3880 if (count >= 0) 3881 syslog(LOG_ERR, 3882 "Memory allocation failed: %m"); 3883 return (ENOMEM); 3884 } 3885 3886 for (i = 0; i < count; i++) { 3887 3888 host = list[i].host; 3889 path = list[i].path; 3890 3891 /* 3892 * Skip file systems mounted using WebNFS, because mount 3893 * protocol was not used. 3894 */ 3895 if (strcmp(host, "nfs") == 0 && strncmp(path, "//", 2) == 0) 3896 continue; 3897 3898 cl = clnt_create(host, MOUNTPROG, MOUNTVERS, "datagram_v"); 3899 if (cl == NULL) 3900 break; 3901 #ifdef MALLOC_DEBUG 3902 add_alloc("CLNT_HANDLE", cl, 0, __FILE__, __LINE__); 3903 add_alloc("AUTH_HANDLE", cl->cl_auth, 0, 3904 __FILE__, __LINE__); 3905 #endif 3906 if (__clnt_bindresvport(cl) < 0) { 3907 if (verbose) 3908 syslog(LOG_ERR, "umount %s:%s: %s", 3909 host, path, 3910 "Couldn't bind to reserved port"); 3911 destroy_auth_client_handle(cl); 3912 continue; 3913 } 3914 #ifdef MALLOC_DEBUG 3915 drop_alloc("AUTH_HANDLE", cl->cl_auth, __FILE__, __LINE__); 3916 #endif 3917 AUTH_DESTROY(cl->cl_auth); 3918 if ((cl->cl_auth = authsys_create_default()) == NULL) { 3919 if (verbose) 3920 syslog(LOG_ERR, "umount %s:%s: %s", 3921 host, path, 3922 "Failed creating default auth handle"); 3923 destroy_auth_client_handle(cl); 3924 continue; 3925 } 3926 #ifdef MALLOC_DEBUG 3927 add_alloc("AUTH_HANDLE", cl->cl_auth, 0, __FILE__, __LINE__); 3928 #endif 3929 timeout.tv_usec = 0; 3930 timeout.tv_sec = 5; 3931 rpc_stat = clnt_call(cl, MOUNTPROC_UMNT, xdr_dirpath, 3932 (caddr_t)&path, xdr_void, (char *)NULL, timeout); 3933 if (verbose && rpc_stat != RPC_SUCCESS) 3934 syslog(LOG_ERR, "%s: %s", 3935 host, clnt_sperror(cl, "unmount")); 3936 destroy_auth_client_handle(cl); 3937 } 3938 3939 free_replica(list, count); 3940 3941 if (trace > 1) 3942 trace_prt(1, " nfsunmount: umount %s OK\n", mnt->mnt_mountp); 3943 3944 done: 3945 return (0); 3946 } 3947 3948 /* 3949 * Put a new entry in the cache chain by prepending it to the front. 3950 * If there isn't enough memory then just give up. 3951 */ 3952 static void 3953 cache_enter(host, reqvers, outvers, proto, state) 3954 char *host; 3955 rpcvers_t reqvers; 3956 rpcvers_t outvers; 3957 char *proto; 3958 int state; 3959 { 3960 struct cache_entry *entry; 3961 int cache_time = 30; /* sec */ 3962 3963 timenow = time(NULL); 3964 3965 entry = (struct cache_entry *)malloc(sizeof (struct cache_entry)); 3966 if (entry == NULL) 3967 return; 3968 (void) memset((caddr_t)entry, 0, sizeof (struct cache_entry)); 3969 entry->cache_host = strdup(host); 3970 if (entry->cache_host == NULL) { 3971 cache_free(entry); 3972 return; 3973 } 3974 entry->cache_reqvers = reqvers; 3975 entry->cache_outvers = outvers; 3976 entry->cache_proto = (proto == NULL ? NULL : strdup(proto)); 3977 entry->cache_state = state; 3978 entry->cache_time = timenow + cache_time; 3979 (void) rw_wrlock(&cache_lock); 3980 #ifdef CACHE_DEBUG 3981 host_cache_accesses++; /* up host cache access counter */ 3982 #endif /* CACHE DEBUG */ 3983 entry->cache_next = cache_head; 3984 cache_head = entry; 3985 (void) rw_unlock(&cache_lock); 3986 } 3987 3988 static int 3989 cache_check(host, versp, proto) 3990 char *host; 3991 rpcvers_t *versp; 3992 char *proto; 3993 { 3994 int state = NOHOST; 3995 struct cache_entry *ce, *prev; 3996 3997 timenow = time(NULL); 3998 3999 (void) rw_rdlock(&cache_lock); 4000 4001 #ifdef CACHE_DEBUG 4002 /* Increment the lookup and access counters for the host cache */ 4003 host_cache_accesses++; 4004 host_cache_lookups++; 4005 if ((host_cache_lookups%1000) == 0) 4006 trace_host_cache(); 4007 #endif /* CACHE DEBUG */ 4008 4009 for (ce = cache_head; ce; ce = ce->cache_next) { 4010 if (timenow > ce->cache_time) { 4011 (void) rw_unlock(&cache_lock); 4012 (void) rw_wrlock(&cache_lock); 4013 for (prev = NULL, ce = cache_head; ce; 4014 prev = ce, ce = ce->cache_next) { 4015 if (timenow > ce->cache_time) { 4016 cache_free(ce); 4017 if (prev) 4018 prev->cache_next = NULL; 4019 else 4020 cache_head = NULL; 4021 break; 4022 } 4023 } 4024 (void) rw_unlock(&cache_lock); 4025 return (state); 4026 } 4027 if (strcmp(host, ce->cache_host) != 0) 4028 continue; 4029 if ((proto == NULL && ce->cache_proto != NULL) || 4030 (proto != NULL && ce->cache_proto == NULL)) 4031 continue; 4032 if (proto != NULL && 4033 strcmp(proto, ce->cache_proto) != 0) 4034 continue; 4035 4036 if (versp == NULL || 4037 (versp != NULL && *versp == ce->cache_reqvers) || 4038 (versp != NULL && *versp == ce->cache_outvers)) { 4039 if (versp != NULL) 4040 *versp = ce->cache_outvers; 4041 state = ce->cache_state; 4042 4043 /* increment the host cache hit counters */ 4044 #ifdef CACHE_DEBUG 4045 if (state == GOODHOST) 4046 goodhost_cache_hits++; 4047 if (state == DEADHOST) 4048 deadhost_cache_hits++; 4049 #endif /* CACHE_DEBUG */ 4050 (void) rw_unlock(&cache_lock); 4051 return (state); 4052 } 4053 } 4054 (void) rw_unlock(&cache_lock); 4055 return (state); 4056 } 4057 4058 /* 4059 * Free a cache entry and all entries 4060 * further down the chain since they 4061 * will also be expired. 4062 */ 4063 static void 4064 cache_free(entry) 4065 struct cache_entry *entry; 4066 { 4067 struct cache_entry *ce, *next = NULL; 4068 4069 for (ce = entry; ce; ce = next) { 4070 if (ce->cache_host) 4071 free(ce->cache_host); 4072 if (ce->cache_proto) 4073 free(ce->cache_proto); 4074 next = ce->cache_next; 4075 free(ce); 4076 } 4077 } 4078 4079 #ifdef MALLOC_DEBUG 4080 void 4081 cache_flush() 4082 { 4083 (void) rw_wrlock(&cache_lock); 4084 cache_free(cache_head); 4085 cache_head = NULL; 4086 (void) rw_unlock(&cache_lock); 4087 } 4088 4089 void 4090 flush_caches() 4091 { 4092 mutex_lock(&cleanup_lock); 4093 cond_signal(&cleanup_start_cv); 4094 (void) cond_wait(&cleanup_done_cv, &cleanup_lock); 4095 mutex_unlock(&cleanup_lock); 4096 cache_flush(); 4097 portmap_cache_flush(); 4098 } 4099 #endif 4100 4101 /* 4102 * Returns 1, if port option is NFS_PORT or 4103 * nfsd is running on the port given 4104 * Returns 0, if both port is not NFS_PORT and nfsd is not 4105 * running on the port. 4106 */ 4107 4108 static int 4109 is_nfs_port(char *opts) 4110 { 4111 struct mnttab m; 4112 uint_t nfs_port = 0; 4113 struct servent sv; 4114 char buf[256]; 4115 int got_port; 4116 4117 m.mnt_mntopts = opts; 4118 4119 /* 4120 * Get port specified in options list, if any. 4121 */ 4122 got_port = nopt(&m, MNTOPT_PORT, (int *)&nfs_port); 4123 4124 /* 4125 * if no port specified or it is same as NFS_PORT return nfs 4126 * To use any other daemon the port number should be different 4127 */ 4128 if (!got_port || nfs_port == NFS_PORT) 4129 return (1); 4130 /* 4131 * If daemon is nfsd, return nfs 4132 */ 4133 if (getservbyport_r(nfs_port, NULL, &sv, buf, 256) == &sv && 4134 strcmp(sv.s_name, "nfsd") == 0) 4135 return (1); 4136 4137 /* 4138 * daemon is not nfs 4139 */ 4140 return (0); 4141 } 4142 4143 4144 /* 4145 * destroy_auth_client_handle(cl) 4146 * destroys the created client handle 4147 */ 4148 void 4149 destroy_auth_client_handle(CLIENT *cl) 4150 { 4151 if (cl) { 4152 if (cl->cl_auth) { 4153 #ifdef MALLOC_DEBUG 4154 drop_alloc("AUTH_HANDLE", cl->cl_auth, 4155 __FILE__, __LINE__); 4156 #endif 4157 AUTH_DESTROY(cl->cl_auth); 4158 cl->cl_auth = NULL; 4159 } 4160 #ifdef MALLOC_DEBUG 4161 drop_alloc("CLNT_HANDLE", cl, 4162 __FILE__, __LINE__); 4163 #endif 4164 clnt_destroy(cl); 4165 } 4166 } 4167 4168 4169 /* 4170 * Attempt to figure out which version of NFS to use in pingnfs(). If 4171 * the version number was specified (i.e., non-zero), then use it. 4172 * Otherwise, default to the compiled-in default or the default as set 4173 * by the /etc/default/nfs configuration (as read by read_default(). 4174 */ 4175 int 4176 set_versrange(rpcvers_t nfsvers, rpcvers_t *vers, rpcvers_t *versmin) 4177 { 4178 switch (nfsvers) { 4179 case 0: 4180 *vers = vers_max_default; 4181 *versmin = vers_min_default; 4182 break; 4183 case NFS_V4: 4184 *vers = NFS_V4; 4185 *versmin = NFS_V4; 4186 break; 4187 case NFS_V3: 4188 *vers = NFS_V3; 4189 *versmin = NFS_V3; 4190 break; 4191 case NFS_VERSION: 4192 *vers = NFS_VERSION; /* version 2 */ 4193 *versmin = NFS_VERSMIN; /* version 2 */ 4194 break; 4195 default: 4196 return (-1); 4197 } 4198 return (0); 4199 } 4200 4201 #ifdef CACHE_DEBUG 4202 /* 4203 * trace_portmap_cache() 4204 * traces the portmap cache values at desired points 4205 */ 4206 static void 4207 trace_portmap_cache() 4208 { 4209 syslog(LOG_ERR, "portmap_cache: accesses=%d lookups=%d hits=%d\n", 4210 portmap_cache_accesses, portmap_cache_lookups, 4211 portmap_cache_hits); 4212 } 4213 4214 /* 4215 * trace_host_cache() 4216 * traces the host cache values at desired points 4217 */ 4218 static void 4219 trace_host_cache() 4220 { 4221 syslog(LOG_ERR, 4222 "host_cache: accesses=%d lookups=%d deadhits=%d goodhits=%d\n", 4223 host_cache_accesses, host_cache_lookups, deadhost_cache_hits, 4224 goodhost_cache_hits); 4225 } 4226 #endif /* CACHE_DEBUG */ 4227 4228 /* 4229 * Read the /etc/default/nfs configuration file to determine if the 4230 * client has been configured for a new min/max for the NFS version to 4231 * use. 4232 */ 4233 4234 #define NFS_DEFAULT_CHECK 60 /* Seconds to check for nfs default changes */ 4235 4236 static void 4237 read_default_nfs(void) 4238 { 4239 static time_t lastread = 0; 4240 struct stat buf; 4241 char *defval; 4242 int errno; 4243 int tmp; 4244 4245 /* 4246 * Fail silently if we can't stat the default nfs config file 4247 */ 4248 if (stat(NFSADMIN, &buf)) 4249 return; 4250 4251 if (buf.st_mtime == lastread) 4252 return; 4253 4254 /* 4255 * Fail silently if error in opening the default nfs config file 4256 * We'll check back in NFS_DEFAULT_CHECK seconds 4257 */ 4258 if ((defopen(NFSADMIN)) == 0) { 4259 if ((defval = defread("NFS_CLIENT_VERSMIN=")) != NULL) { 4260 errno = 0; 4261 tmp = strtol(defval, (char **)NULL, 10); 4262 if (errno == 0) { 4263 vers_min_default = tmp; 4264 } 4265 } 4266 if ((defval = defread("NFS_CLIENT_VERSMAX=")) != NULL) { 4267 errno = 0; 4268 tmp = strtol(defval, (char **)NULL, 10); 4269 if (errno == 0) { 4270 vers_max_default = tmp; 4271 } 4272 } 4273 /* close defaults file */ 4274 defopen(NULL); 4275 4276 lastread = buf.st_mtime; 4277 4278 /* 4279 * Quick sanity check on the values picked up from the 4280 * defaults file. Make sure that a mistake wasn't 4281 * made that will confuse things later on. 4282 * If so, reset to compiled-in defaults 4283 */ 4284 if (vers_min_default > vers_max_default || 4285 vers_min_default < NFS_VERSMIN || 4286 vers_max_default > NFS_VERSMAX) { 4287 if (trace > 1) { 4288 trace_prt(1, 4289 " read_default: version minimum/maximum incorrectly configured\n"); 4290 trace_prt(1, 4291 " read_default: config is min=%d, max%d. Resetting to min=%d, max%d\n", 4292 vers_min_default, vers_max_default, 4293 NFS_VERSMIN_DEFAULT, 4294 NFS_VERSMAX_DEFAULT); 4295 } 4296 vers_min_default = NFS_VERSMIN_DEFAULT; 4297 vers_max_default = NFS_VERSMAX_DEFAULT; 4298 } 4299 } 4300 } 4301 4302 /* 4303 * Find the mnttab entry that corresponds to "name". 4304 * We're not sure what the name represents: either 4305 * a mountpoint name, or a special name (server:/path). 4306 * Return the last entry in the file that matches. 4307 */ 4308 static struct extmnttab * 4309 mnttab_find(dirname) 4310 char *dirname; 4311 { 4312 FILE *fp; 4313 struct extmnttab mnt; 4314 struct extmnttab *res = NULL; 4315 4316 fp = fopen(MNTTAB, "r"); 4317 if (fp == NULL) { 4318 if (trace > 1) 4319 trace_prt(1, " mnttab_find: unable to open mnttab\n"); 4320 return (NULL); 4321 } 4322 while (getextmntent(fp, &mnt, sizeof (struct extmnttab)) == 0) { 4323 if (strcmp(mnt.mnt_mountp, dirname) == 0 || 4324 strcmp(mnt.mnt_special, dirname) == 0) { 4325 if (res) 4326 fsfreemnttab(res); 4327 res = fsdupmnttab(&mnt); 4328 } 4329 } 4330 4331 resetmnttab(fp); 4332 fclose(fp); 4333 if (res == NULL) { 4334 if (trace > 1) 4335 trace_prt(1, " mnttab_find: unable to find %s\n", 4336 dirname); 4337 } 4338 return (res); 4339 } 4340 4341 /* 4342 * This function's behavior is taken from nfsstat. 4343 * Trying to determine what NFS version was used for the mount. 4344 */ 4345 static int 4346 is_v4_mount(char *mntpath) 4347 { 4348 kstat_ctl_t *kc = NULL; /* libkstat cookie */ 4349 kstat_t *ksp; 4350 ulong_t fsid; 4351 struct mntinfo_kstat mik; 4352 struct extmnttab *mntp; 4353 uint_t mnt_minor; 4354 4355 if ((mntp = mnttab_find(mntpath)) == NULL) 4356 return (FALSE); 4357 4358 /* save the minor number and free the struct so we don't forget */ 4359 mnt_minor = mntp->mnt_minor; 4360 fsfreemnttab(mntp); 4361 4362 if ((kc = kstat_open()) == NULL) 4363 return (FALSE); 4364 4365 for (ksp = kc->kc_chain; ksp; ksp = ksp->ks_next) { 4366 if (ksp->ks_type != KSTAT_TYPE_RAW) 4367 continue; 4368 if (strcmp(ksp->ks_module, "nfs") != 0) 4369 continue; 4370 if (strcmp(ksp->ks_name, "mntinfo") != 0) 4371 continue; 4372 if (mnt_minor != ksp->ks_instance) 4373 continue; 4374 4375 if (kstat_read(kc, ksp, &mik) == -1) 4376 continue; 4377 4378 (void) kstat_close(kc); 4379 if (mik.mik_vers == 4) 4380 return (TRUE); 4381 else 4382 return (FALSE); 4383 } 4384 (void) kstat_close(kc); 4385 4386 return (FALSE); 4387 } 4388 4389 static int 4390 create_homedir(const char *src, const char *dst) { 4391 4392 struct stat stbuf; 4393 char *dst_username; 4394 struct passwd *pwd, pwds; 4395 char buf_pwd[NSS_BUFLEN_PASSWD]; 4396 int homedir_len; 4397 int dst_dir_len; 4398 int src_dir_len; 4399 4400 if (trace > 1) 4401 trace_prt(1, "entered create_homedir\n"); 4402 4403 if (stat(src, &stbuf) == 0) { 4404 if (trace > 1) 4405 trace_prt(1, "src exists\n"); 4406 return (1); 4407 } 4408 4409 dst_username = strrchr(dst, '/'); 4410 if (dst_username) { 4411 dst_username++; /* Skip over slash */ 4412 pwd = getpwnam_r(dst_username, &pwds, buf_pwd, 4413 sizeof (buf_pwd)); 4414 if (pwd == NULL) { 4415 return (0); 4416 } 4417 } else { 4418 return (0); 4419 } 4420 4421 homedir_len = strlen(pwd->pw_dir); 4422 dst_dir_len = strlen(dst) - homedir_len; 4423 src_dir_len = strlen(src) - homedir_len; 4424 4425 /* Check that the paths are in the same zone */ 4426 if (src_dir_len < dst_dir_len || 4427 (strncmp(dst, src, dst_dir_len) != 0)) { 4428 if (trace > 1) 4429 trace_prt(1, " paths don't match\n"); 4430 return (0); 4431 } 4432 /* Check that mountpoint is an auto_home entry */ 4433 if (dst_dir_len < 0 || 4434 (strcmp(pwd->pw_dir, dst + dst_dir_len) != 0)) { 4435 return (0); 4436 } 4437 4438 /* Check that source is an home directory entry */ 4439 if (src_dir_len < 0 || 4440 (strcmp(pwd->pw_dir, src + src_dir_len) != 0)) { 4441 if (trace > 1) 4442 trace_prt(1, " homedir (2) doesn't match %s\n", 4443 src+src_dir_len); 4444 return (0); 4445 } 4446 4447 if (mkdir(src, 4448 S_IRUSR | S_IWUSR | S_IXUSR | S_IXGRP | S_IXOTH) == -1) { 4449 if (trace > 1) { 4450 trace_prt(1, " Couldn't mkdir %s\n", src); 4451 } 4452 return (0); 4453 } 4454 4455 if (chown(src, pwd->pw_uid, pwd->pw_gid) == -1) { 4456 unlink(src); 4457 return (0); 4458 } 4459 4460 /* Created new home directory for the user */ 4461 return (1); 4462 } 4463 4464 void 4465 free_nfs_args(struct nfs_args *argp) 4466 { 4467 struct nfs_args *oldp; 4468 while (argp) { 4469 if (argp->pathconf) 4470 free(argp->pathconf); 4471 if (argp->knconf) 4472 free_knconf(argp->knconf); 4473 if (argp->addr) 4474 netbuf_free(argp->addr); 4475 if (argp->syncaddr) 4476 netbuf_free(argp->syncaddr); 4477 if (argp->netname) 4478 free(argp->netname); 4479 if (argp->hostname) 4480 free(argp->hostname); 4481 if (argp->nfs_ext_u.nfs_extB.secdata) 4482 nfs_free_secdata(argp->nfs_ext_u.nfs_extB.secdata); 4483 if (argp->fh) 4484 free(argp->fh); 4485 if (argp->nfs_ext_u.nfs_extA.secdata) { 4486 sec_data_t *sd; 4487 sd = argp->nfs_ext_u.nfs_extA.secdata; 4488 if (sd == NULL) 4489 break; 4490 switch (sd->rpcflavor) { 4491 case AUTH_NONE: 4492 case AUTH_UNIX: 4493 case AUTH_LOOPBACK: 4494 break; 4495 case AUTH_DES: 4496 { 4497 dh_k4_clntdata_t *dhk4; 4498 dhk4 = (dh_k4_clntdata_t *)sd->data; 4499 if (dhk4 == NULL) 4500 break; 4501 if (dhk4->syncaddr.buf) 4502 free(dhk4->syncaddr.buf); 4503 if (dhk4->knconf->knc_protofmly) 4504 free(dhk4->knconf->knc_protofmly); 4505 if (dhk4->knconf->knc_proto) 4506 free(dhk4->knconf->knc_proto); 4507 if (dhk4->knconf) 4508 free(dhk4->knconf); 4509 if (dhk4->netname) 4510 free(dhk4->netname); 4511 free(dhk4); 4512 break; 4513 } 4514 case RPCSEC_GSS: 4515 { 4516 gss_clntdata_t *gss; 4517 gss = (gss_clntdata_t *)sd->data; 4518 if (gss == NULL) 4519 break; 4520 if (gss->mechanism.elements) 4521 free(gss->mechanism.elements); 4522 free(gss); 4523 break; 4524 } 4525 } 4526 } 4527 oldp = argp; 4528 if (argp->nfs_args_ext == NFS_ARGS_EXTB) 4529 argp = argp->nfs_ext_u.nfs_extB.next; 4530 else 4531 argp = NULL; 4532 free(oldp); 4533 } 4534 } 4535