xref: /titanic_51/usr/src/cmd/fs.d/nfs/mount/mount.c (revision 8eea8e29cc4374d1ee24c25a07f45af132db3499)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License, Version 1.0 only
6  * (the "License").  You may not use this file except in compliance
7  * with the License.
8  *
9  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10  * or http://www.opensolaris.org/os/licensing.
11  * See the License for the specific language governing permissions
12  * and limitations under the License.
13  *
14  * When distributing Covered Code, include this CDDL HEADER in each
15  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16  * If applicable, add the following below this CDDL HEADER, with the
17  * fields enclosed by brackets "[]" replaced with your own identifying
18  * information: Portions Copyright [yyyy] [name of copyright owner]
19  *
20  * CDDL HEADER END
21  */
22 /*
23  * Copyright 2005 Sun Microsystems, Inc.  All rights reserved.
24  * Use is subject to license terms.
25  */
26 
27 /*	Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T	*/
28 /*	  All Rights Reserved  	*/
29 
30 /*
31  * University Copyright- Copyright (c) 1982, 1986, 1988
32  * The Regents of the University of California
33  * All Rights Reserved
34  *
35  * University Acknowledgment- Portions of this document are derived from
36  * software developed by the University of California, Berkeley, and its
37  * contributors.
38  */
39 
40 #pragma ident	"%Z%%M%	%I%	%E% SMI"
41 
42 /*
43  * nfs mount
44  */
45 
46 #define	NFSCLIENT
47 #include <locale.h>
48 #include <stdio.h>
49 #include <string.h>
50 #include <memory.h>
51 #include <stdarg.h>
52 #include <unistd.h>
53 #include <ctype.h>
54 #include <stdlib.h>
55 #include <signal.h>
56 #include <sys/param.h>
57 #include <rpc/rpc.h>
58 #include <errno.h>
59 #include <sys/stat.h>
60 #include <netdb.h>
61 #include <sys/mount.h>
62 #include <sys/mntent.h>
63 #include <sys/mnttab.h>
64 #include <nfs/nfs.h>
65 #include <nfs/mount.h>
66 #include <rpcsvc/mount.h>
67 #include <sys/pathconf.h>
68 #include <netdir.h>
69 #include <netconfig.h>
70 #include <sys/sockio.h>
71 #include <net/if.h>
72 #include <syslog.h>
73 #include <fslib.h>
74 #include <deflt.h>
75 #include <sys/wait.h>
76 #include "replica.h"
77 #include <netinet/in.h>
78 #include <nfs/nfs_sec.h>
79 #include <rpcsvc/daemon_utils.h>
80 #include <priv.h>
81 #include "nfs_subr.h"
82 #include "webnfs.h"
83 #include <rpcsvc/nfs4_prot.h>
84 
85 #ifndef	NFS_VERSMAX
86 #define	NFS_VERSMAX	4
87 #endif
88 #ifndef	NFS_VERSMIN
89 #define	NFS_VERSMIN	2
90 #endif
91 
92 #define	RET_OK		0
93 #define	RET_RETRY	32
94 #define	RET_ERR		33
95 #define	RET_MNTERR	1000
96 #define	ERR_PROTO_NONE		0
97 #define	ERR_PROTO_INVALID	901
98 #define	ERR_PROTO_UNSUPP	902
99 #define	ERR_NETPATH		903
100 #define	ERR_NOHOST		904
101 #define	ERR_RPCERROR		905
102 
103 typedef struct err_ret {
104 	int error_type;
105 	int error_value;
106 } err_ret_t;
107 
108 #define	SET_ERR_RET(errst, etype, eval) \
109 	if (errst) { \
110 		(errst)->error_type = etype; \
111 		(errst)->error_value = eval; \
112 	}
113 
114 /* number of transports to try */
115 #define	MNT_PREF_LISTLEN	2
116 #define	FIRST_TRY		1
117 #define	SECOND_TRY		2
118 
119 #define	BIGRETRY	10000
120 
121 /* maximum length of RPC header for NFS messages */
122 #define	NFS_RPC_HDR	432
123 
124 #define	NFS_ARGS_EXTB_secdata(args, secdata) \
125 	{ (args)->nfs_args_ext = NFS_ARGS_EXTB, \
126 	(args)->nfs_ext_u.nfs_extB.secdata = secdata; }
127 
128 extern int __clnt_bindresvport();
129 extern char *nfs_get_qop_name();
130 extern AUTH * nfs_create_ah();
131 extern enum snego_stat nfs_sec_nego();
132 
133 static void usage(void);
134 static int retry(struct mnttab *, int);
135 static int set_args(int *, struct nfs_args *, char *, struct mnttab *);
136 static int get_fh_via_pub(struct nfs_args *, char *, char *, bool_t, bool_t,
137 	int *, struct netconfig **, ushort_t);
138 static int get_fh(struct nfs_args *, char *, char *, int *, bool_t,
139 	struct netconfig **, ushort_t);
140 static int make_secure(struct nfs_args *, char *, struct netconfig *,
141 	bool_t, rpcvers_t);
142 static int mount_nfs(struct mnttab *, int);
143 static int getaddr_nfs(struct nfs_args *, char *, struct netconfig **,
144 		    bool_t, char *, ushort_t, err_ret_t *, bool_t);
145 static void pr_err(const char *fmt, ...);
146 static void usage(void);
147 static struct netbuf *get_addr(char *, rpcprog_t, rpcvers_t,
148 	struct netconfig **, char *, ushort_t, struct t_info *,
149 	caddr_t *, bool_t, char *, err_ret_t *);
150 
151 static struct netbuf *get_the_addr(char *, rpcprog_t, rpcvers_t,
152 	struct netconfig *, ushort_t, struct t_info *, caddr_t *,
153 	bool_t, char *, err_ret_t *);
154 
155 extern int self_check(char *);
156 
157 static void read_default(void);
158 
159 static char typename[64];
160 
161 static int bg = 0;
162 static int backgrounded = 0;
163 static int posix = 0;
164 static int retries = BIGRETRY;
165 static ushort_t nfs_port = 0;
166 static char *nfs_proto = NULL;
167 
168 static int mflg = 0;
169 static int Oflg = 0;	/* Overlay mounts */
170 static int qflg = 0;	/* quiet - don't print warnings on bad options */
171 
172 static char *fstype = MNTTYPE_NFS;
173 
174 static seconfig_t nfs_sec;
175 static int sec_opt = 0;	/* any security option ? */
176 static bool_t snego_done;
177 static void sigusr1(int);
178 
179 /*
180  * list of support services needed
181  */
182 static char	*service_list[] = { STATD, LOCKD, NULL };
183 static char	*service_list_v4[] = { STATD, LOCKD, NFS4CBD, NFSMAPID, NULL };
184 
185 /*
186  * These two variables control the NFS version number to be used.
187  *
188  * nfsvers defaults to 0 which means to use the highest number that
189  * both the client and the server support.  It can also be set to
190  * a particular value, either 2, 3, or 4 to indicate the version
191  * number of choice.  If the server (or the client) do not support
192  * the version indicated, then the mount attempt will be failed.
193  *
194  * nfsvers_to_use is the actual version number found to use.  It
195  * is determined in get_fh by pinging the various versions of the
196  * NFS service on the server to see which responds positively.
197  */
198 static rpcvers_t nfsvers = 0;
199 static rpcvers_t nfsvers_to_use = 0;
200 
201 /*
202  * There are the defaults (range) for the client when determining
203  * which NFS version to use when probing the server (see above).
204  * These will only be used when the vers mount option is not used and
205  * these may be reset if /etc/default/nfs is configured to do so.
206  */
207 static rpcvers_t vers_max_default = NFS_VERSMAX_DEFAULT;
208 static rpcvers_t vers_min_default = NFS_VERSMIN_DEFAULT;
209 
210 /*
211  * This variable controls whether to try the public file handle.
212  */
213 static bool_t public_opt;
214 
215 main(int argc, char **argv)
216 {
217 	struct mnttab mnt;
218 	extern char *optarg;
219 	extern int optind;
220 	char optbuf[MAX_MNTOPT_STR];
221 	int ro = 0;
222 	int r;
223 	int c;
224 	char *myname;
225 
226 	(void) setlocale(LC_ALL, "");
227 #if !defined(TEXT_DOMAIN)
228 #define	TEXT_DOMAIN	"SYS_TEST"
229 #endif
230 	(void) textdomain(TEXT_DOMAIN);
231 
232 	myname = strrchr(argv[0], '/');
233 	myname = myname ? myname + 1 : argv[0];
234 	(void) snprintf(typename, sizeof (typename), "%s %s",
235 	    MNTTYPE_NFS, myname);
236 	argv[0] = typename;
237 
238 	mnt.mnt_mntopts = optbuf;
239 	(void) strcpy(optbuf, "rw");
240 
241 	/*
242 	 * Set options
243 	 */
244 	while ((c = getopt(argc, argv, "ro:mOq")) != EOF) {
245 		switch (c) {
246 		case 'r':
247 			ro++;
248 			break;
249 		case 'o':
250 			if (strlen(optarg) >= MAX_MNTOPT_STR) {
251 				pr_err(gettext("option string too long"));
252 				return (RET_ERR);
253 			}
254 			(void) strcpy(mnt.mnt_mntopts, optarg);
255 #ifdef LATER					/* XXX */
256 			if (strstr(optarg, MNTOPT_REMOUNT)) {
257 				/*
258 				 * If remount is specified, only rw is allowed.
259 				 */
260 				if ((strcmp(optarg, MNTOPT_REMOUNT) != 0) &&
261 				    (strcmp(optarg, "remount,rw") != 0) &&
262 				    (strcmp(optarg, "rw,remount") != 0)) {
263 					pr_err(gettext("Invalid options\n"));
264 					exit(RET_ERR);
265 				}
266 			}
267 #endif /* LATER */				/* XXX */
268 			break;
269 		case 'm':
270 			mflg++;
271 			break;
272 		case 'O':
273 			Oflg++;
274 			break;
275 		case 'q':
276 			qflg++;
277 			break;
278 		default:
279 			usage();
280 			exit(RET_ERR);
281 		}
282 	}
283 	if (argc - optind != 2) {
284 		usage();
285 		exit(RET_ERR);
286 	}
287 
288 	mnt.mnt_special = argv[optind];
289 	mnt.mnt_mountp = argv[optind+1];
290 
291 	if (!priv_ineffect(PRIV_SYS_MOUNT) ||
292 	    !priv_ineffect(PRIV_NET_PRIVADDR)) {
293 		pr_err(gettext("insufficient privileges\n"));
294 		exit(RET_ERR);
295 	}
296 
297 	/*
298 	 * Read the defaults file to see if the min/max versions have
299 	 * been set and therefore would override the encoded defaults.
300 	 * Then check to make sure that if they were set that the
301 	 * values are reasonable.
302 	 */
303 	read_default();
304 	if (vers_min_default > vers_max_default ||
305 		vers_min_default < NFS_VERSMIN ||
306 		vers_max_default > NFS_VERSMAX) {
307 		pr_err("%s %s\n%s %s\n",
308 			gettext("Incorrect configuration of client\'s"),
309 			NFSADMIN,
310 			gettext("NFS_CLIENT_VERSMIN or NFS_CLIENT_VERSMAX"),
311 			gettext("is either out of range or overlaps."));
312 	}
313 
314 	r = mount_nfs(&mnt, ro);
315 	if (r == RET_RETRY && retries)
316 		r = retry(&mnt, ro);
317 
318 	/*
319 	 * exit(r);
320 	 */
321 	return (r);
322 }
323 
324 static void
325 pr_err(const char *fmt, ...)
326 {
327 	va_list ap;
328 
329 	va_start(ap, fmt);
330 	if (backgrounded != 0) {
331 		(void) vsyslog(LOG_ERR, fmt, ap);
332 	} else {
333 		(void) fprintf(stderr, "%s: ", typename);
334 		(void) vfprintf(stderr, fmt, ap);
335 		(void) fflush(stderr);
336 	}
337 	va_end(ap);
338 }
339 
340 static void
341 usage()
342 {
343 	(void) fprintf(stderr,
344 	    gettext("Usage: nfs mount [-r] [-o opts] [server:]path dir\n"));
345 	exit(RET_ERR);
346 }
347 
348 static int
349 mount_nfs(struct mnttab *mntp, int ro)
350 {
351 	struct nfs_args *args = NULL, *argp = NULL, *prev_argp = NULL;
352 	struct netconfig *nconf = NULL;
353 	struct replica *list = NULL;
354 	int mntflags = 0;
355 	int i, r, n;
356 	int oldvers = 0, vers = 0;
357 	int last_error = RET_OK;
358 	int replicated = 0;
359 	char *p;
360 	bool_t url;
361 	bool_t use_pubfh;
362 	char *special = NULL;
363 	char *oldpath = NULL;
364 	char *newpath = NULL;
365 	char *service;
366 	pid_t pi;
367 	struct flock f;
368 	char *saveopts = NULL;
369 	char **sl = NULL;
370 
371 	mntp->mnt_fstype = MNTTYPE_NFS;
372 
373 	if (ro) {
374 		mntflags |= MS_RDONLY;
375 		/* convert "rw"->"ro" */
376 		if (p = strstr(mntp->mnt_mntopts, "rw")) {
377 			if (*(p+2) == ',' || *(p+2) == '\0')
378 				*(p+1) = 'o';
379 		}
380 	}
381 
382 	if (Oflg)
383 		mntflags |= MS_OVERLAY;
384 
385 	list = parse_replica(mntp->mnt_special, &n);
386 	if (list == NULL) {
387 		if (n < 0)
388 			pr_err(gettext("nfs file system; use [host:]path\n"));
389 		else
390 			pr_err(gettext("no memory\n"));
391 		return (RET_ERR);
392 	}
393 
394 	replicated = (n > 1);
395 
396 	/*
397 	 * There are some free() calls at the bottom of this loop, so be
398 	 * careful about adding continue statements.
399 	 */
400 	for (i = 0; i < n; i++) {
401 		char *path;
402 		char *host;
403 		ushort_t port;
404 
405 		argp = (struct nfs_args *)malloc(sizeof (*argp));
406 		if (argp == NULL) {
407 			pr_err(gettext("no memory\n"));
408 			last_error = RET_ERR;
409 			goto out;
410 		}
411 		memset(argp, 0, sizeof (*argp));
412 
413 		memset(&nfs_sec, 0, sizeof (nfs_sec));
414 		sec_opt = 0;
415 		use_pubfh = FALSE;
416 		url = FALSE;
417 		port = 0;
418 		snego_done = FALSE;
419 
420 		/*
421 		 * Looking for resources of the form
422 		 *	nfs://server_host[:port_number]/path_name
423 		 */
424 		if (strcmp(list[i].host, "nfs") == 0 && strncmp(list[i].path,
425 		    "//", 2) == 0) {
426 			char *sport, *cb;
427 			url = TRUE;
428 			oldpath = strdup(list[i].path);
429 			if (oldpath == NULL) {
430 				pr_err(gettext("memory allocation failure\n"));
431 				last_error = RET_ERR;
432 				goto out;
433 			}
434 			host = list[i].path+2;
435 			path = strchr(host, '/');
436 
437 			if (path == NULL) {
438 				pr_err(gettext(
439 				    "illegal nfs url syntax\n"));
440 				last_error = RET_ERR;
441 				goto out;
442 			}
443 
444 			*path = '\0';
445 			if (*host == '[') {
446 				cb = strchr(host, ']');
447 				if (cb == NULL) {
448 					pr_err(gettext(
449 						"illegal nfs url syntax\n"));
450 					last_error = RET_ERR;
451 					goto out;
452 				} else {
453 					*cb = '\0';
454 					host++;
455 					cb++;
456 					if (*cb == ':')
457 						port = htons((ushort_t)
458 							atoi(cb+1));
459 				}
460 			} else {
461 				sport = strchr(host, ':');
462 
463 				if (sport != NULL && sport < path) {
464 					*sport = '\0';
465 					port = htons((ushort_t)atoi(sport+1));
466 				}
467 			}
468 
469 			path++;
470 			if (*path == '\0')
471 				path = ".";
472 
473 		} else {
474 			host = list[i].host;
475 			path = list[i].path;
476 		}
477 
478 		if (r = set_args(&mntflags, argp, host, mntp)) {
479 			last_error = r;
480 			goto out;
481 		}
482 
483 		if (public_opt == TRUE)
484 			use_pubfh = TRUE;
485 
486 		if (port == 0) {
487 			port = nfs_port;
488 		} else if (nfs_port != 0 && nfs_port != port) {
489 			pr_err(gettext(
490 			    "port (%u) in nfs URL not the same"
491 			    " as port (%u) in port option\n"),
492 			    (unsigned int)ntohs(port),
493 			    (unsigned int)ntohs(nfs_port));
494 			last_error = RET_ERR;
495 			goto out;
496 		}
497 
498 
499 		if (replicated && !(mntflags & MS_RDONLY)) {
500 			pr_err(gettext(
501 				"replicated mounts must be read-only\n"));
502 			last_error = RET_ERR;
503 			goto out;
504 		}
505 
506 		if (replicated && (argp->flags & NFSMNT_SOFT)) {
507 			pr_err(gettext(
508 				"replicated mounts must not be soft\n"));
509 			last_error = RET_ERR;
510 			goto out;
511 		}
512 
513 		oldvers = vers;
514 		nconf = NULL;
515 
516 		r = RET_ERR;
517 
518 		/*
519 		 * If -o public was specified, and/or a URL was specified,
520 		 * then try the public file handle method.
521 		 */
522 		if ((use_pubfh == TRUE) || (url == TRUE)) {
523 			r = get_fh_via_pub(argp, host, path, url, use_pubfh,
524 				&vers, &nconf, port);
525 
526 			if (r != RET_OK) {
527 				/*
528 				 * If -o public was specified, then return the
529 				 * error now.
530 				 */
531 				if (use_pubfh == TRUE) {
532 					last_error = r;
533 					goto out;
534 				}
535 			} else
536 				use_pubfh = TRUE;
537 			argp->flags |= NFSMNT_PUBLIC;
538 		}
539 
540 		if ((r != RET_OK) || (vers == NFS_V4)) {
541 			bool_t loud_on_mnt_err;
542 
543 			/*
544 			 * This can happen if -o public is not specified,
545 			 * special is a URL, and server doesn't support
546 			 * public file handle.
547 			 */
548 			if (url) {
549 				URLparse(path);
550 			}
551 
552 			/*
553 			 * If the path portion of the URL didn't have
554 			 * a leading / then there is good possibility
555 			 * that a mount without a leading slash will
556 			 * fail.
557 			 */
558 			if (url == TRUE && *path != '/')
559 				loud_on_mnt_err = FALSE;
560 			else
561 				loud_on_mnt_err = TRUE;
562 
563 			r = get_fh(argp, host, path, &vers,
564 				loud_on_mnt_err, &nconf, port);
565 
566 			if (r != RET_OK) {
567 
568 				/*
569 				 * If there was no leading / and the path was
570 				 * derived from a URL, then try again
571 				 * with a leading /.
572 				 */
573 				if ((r == RET_MNTERR) &&
574 				    (loud_on_mnt_err == FALSE)) {
575 
576 					newpath = malloc(strlen(path)+2);
577 
578 					if (newpath == NULL) {
579 						pr_err(gettext("memory "
580 						    "allocation failure\n"));
581 						last_error = RET_ERR;
582 						goto out;
583 					}
584 
585 					strcpy(newpath, "/");
586 					strcat(newpath, path);
587 
588 					r = get_fh(argp, host, newpath, &vers,
589 						TRUE, &nconf, port);
590 
591 					if (r == RET_OK)
592 						path = newpath;
593 				}
594 
595 				/*
596 				 * map exit code back to RET_ERR.
597 				 */
598 				if (r == RET_MNTERR)
599 					r = RET_ERR;
600 
601 				if (r != RET_OK) {
602 
603 					if (replicated) {
604 						if (argp->fh)
605 							free(argp->fh);
606 						if (argp->pathconf)
607 							free(argp->pathconf);
608 						free(argp);
609 						goto cont;
610 					}
611 
612 					last_error = r;
613 					goto out;
614 				}
615 			}
616 		}
617 
618 		if (oldvers && vers != oldvers) {
619 			pr_err(
620 			    gettext("replicas must have the same version\n"));
621 			last_error = RET_ERR;
622 			goto out;
623 		}
624 
625 		/*
626 		 * decide whether to use remote host's
627 		 * lockd or do local locking
628 		 */
629 		if (!(argp->flags & NFSMNT_LLOCK) && vers == NFS_VERSION &&
630 		    remote_lock(host, argp->fh)) {
631 			(void) fprintf(stderr, gettext(
632 			    "WARNING: No network locking on %s:%s:"),
633 			    host, path);
634 			(void) fprintf(stderr, gettext(
635 			    " contact admin to install server change\n"));
636 				argp->flags |= NFSMNT_LLOCK;
637 		}
638 
639 		if (self_check(host))
640 			argp->flags |= NFSMNT_LOOPBACK;
641 
642 		if (use_pubfh == FALSE) {
643 			/*
644 			 * Call to get_fh() above may have obtained the
645 			 * netconfig info and NULL proc'd the server.
646 			 * This would be the case with v4
647 			 */
648 			if (!(argp->flags & NFSMNT_KNCONF)) {
649 				nconf = NULL;
650 				if (r = getaddr_nfs(argp, host, &nconf,
651 					    FALSE, path, port, NULL, TRUE)) {
652 					last_error = r;
653 					goto out;
654 				}
655 			}
656 		}
657 
658 		if (make_secure(argp, host, nconf, use_pubfh, vers) < 0) {
659 			last_error = RET_ERR;
660 			goto out;
661 		}
662 
663 		if ((url == TRUE) && (use_pubfh == FALSE)) {
664 			/*
665 			 * Convert the special from
666 			 *	nfs://host/path
667 			 * to
668 			 *	host:path
669 			 */
670 			if (convert_special(&special, host, oldpath, path,
671 			    mntp->mnt_special) == -1) {
672 				(void) fprintf(stderr, gettext(
673 				    "could not convert URL nfs:%s to %s:%s\n"),
674 				    oldpath, host, path);
675 				last_error = RET_ERR;
676 				goto out;
677 			} else {
678 				mntp->mnt_special = special;
679 			}
680 		}
681 
682 		if (prev_argp == NULL)
683 			args = argp;
684 		else
685 			prev_argp->nfs_ext_u.nfs_extB.next = argp;
686 		prev_argp = argp;
687 
688 cont:
689 		if (oldpath != NULL) {
690 			free(oldpath);
691 			oldpath = NULL;
692 		}
693 
694 		if (newpath != NULL) {
695 			free(newpath);
696 			newpath = NULL;
697 		}
698 	}
699 
700 	argp = NULL;
701 
702 	if (args == NULL) {
703 		last_error = RET_RETRY;
704 		goto out;
705 	}
706 
707 	/* Determine which services are appropriate for the NFS version */
708 	if (strcmp(fstype, MNTTYPE_NFS4) == 0)
709 		sl = service_list_v4;
710 	else
711 		sl = service_list;
712 
713 	/*
714 	 * enable services as needed.
715 	 */
716 	_check_services(sl);
717 
718 	mntflags |= MS_DATA | MS_OPTIONSTR;
719 
720 	if (mflg)
721 		mntflags |= MS_NOMNTTAB;
722 
723 	if (!qflg)
724 		saveopts = strdup(mntp->mnt_mntopts);
725 
726 	if (mount(mntp->mnt_special, mntp->mnt_mountp, mntflags, fstype, args,
727 		sizeof (*args), mntp->mnt_mntopts, MAX_MNTOPT_STR) < 0) {
728 		if (errno != ENOENT) {
729 			pr_err(gettext("mount: %s: %s\n"),
730 				mntp->mnt_mountp, strerror(errno));
731 		} else {
732 			struct stat sb;
733 			if (stat(mntp->mnt_mountp, &sb) < 0 && errno == ENOENT)
734 				pr_err(gettext("mount: %s: %s\n"),
735 					mntp->mnt_mountp, strerror(ENOENT));
736 			else
737 				pr_err("%s: %s\n", mntp->mnt_special,
738 					strerror(ENOENT));
739 		}
740 
741 		last_error = RET_ERR;
742 		goto out;
743 	}
744 
745 	if (!qflg && saveopts != NULL) {
746 		cmp_requested_to_actual_options(saveopts, mntp->mnt_mntopts,
747 		    mntp->mnt_special, mntp->mnt_mountp);
748 	}
749 
750 out:
751 	if (saveopts != NULL)
752 		free(saveopts);
753 	if (special != NULL)
754 		free(special);
755 	if (oldpath != NULL)
756 		free(oldpath);
757 	if (newpath != NULL)
758 		free(newpath);
759 
760 	free_replica(list, n);
761 
762 	if (argp != NULL) {
763 		/*
764 		 * If we had a new entry which was not added to the
765 		 * list yet, then add it now that it can be freed.
766 		 */
767 		if (prev_argp == NULL)
768 			args = argp;
769 		else
770 			prev_argp->nfs_ext_u.nfs_extB.next = argp;
771 	}
772 	argp = args;
773 	while (argp != NULL) {
774 		if (argp->fh)
775 			free(argp->fh);
776 		if (argp->pathconf)
777 			free(argp->pathconf);
778 		if (argp->knconf)
779 			free(argp->knconf);
780 		if (argp->addr) {
781 			free(argp->addr->buf);
782 			free(argp->addr);
783 		}
784 		nfs_free_secdata(argp->nfs_ext_u.nfs_extB.secdata);
785 		if (argp->syncaddr) {
786 			free(argp->syncaddr->buf);
787 			free(argp->syncaddr);
788 		}
789 		if (argp->netname)
790 			free(argp->netname);
791 		prev_argp = argp;
792 		argp = argp->nfs_ext_u.nfs_extB.next;
793 		free(prev_argp);
794 	}
795 
796 	return (last_error);
797 }
798 
799 /*
800  * These options are duplicated in uts/common/fs/nfs/nfs_dlinet.c
801  * Changes must be made to both lists.
802  */
803 static char *optlist[] = {
804 #define	OPT_RO		0
805 	MNTOPT_RO,
806 #define	OPT_RW		1
807 	MNTOPT_RW,
808 #define	OPT_QUOTA	2
809 	MNTOPT_QUOTA,
810 #define	OPT_NOQUOTA	3
811 	MNTOPT_NOQUOTA,
812 #define	OPT_SOFT	4
813 	MNTOPT_SOFT,
814 #define	OPT_HARD	5
815 	MNTOPT_HARD,
816 #define	OPT_SUID	6
817 	MNTOPT_SUID,
818 #define	OPT_NOSUID	7
819 	MNTOPT_NOSUID,
820 #define	OPT_GRPID	8
821 	MNTOPT_GRPID,
822 #define	OPT_REMOUNT	9
823 	MNTOPT_REMOUNT,
824 #define	OPT_NOSUB	10
825 	MNTOPT_NOSUB,
826 #define	OPT_INTR	11
827 	MNTOPT_INTR,
828 #define	OPT_NOINTR	12
829 	MNTOPT_NOINTR,
830 #define	OPT_PORT	13
831 	MNTOPT_PORT,
832 #define	OPT_SECURE	14
833 	MNTOPT_SECURE,
834 #define	OPT_RSIZE	15
835 	MNTOPT_RSIZE,
836 #define	OPT_WSIZE	16
837 	MNTOPT_WSIZE,
838 #define	OPT_TIMEO	17
839 	MNTOPT_TIMEO,
840 #define	OPT_RETRANS	18
841 	MNTOPT_RETRANS,
842 #define	OPT_ACTIMEO	19
843 	MNTOPT_ACTIMEO,
844 #define	OPT_ACREGMIN	20
845 	MNTOPT_ACREGMIN,
846 #define	OPT_ACREGMAX	21
847 	MNTOPT_ACREGMAX,
848 #define	OPT_ACDIRMIN	22
849 	MNTOPT_ACDIRMIN,
850 #define	OPT_ACDIRMAX	23
851 	MNTOPT_ACDIRMAX,
852 #define	OPT_BG		24
853 	MNTOPT_BG,
854 #define	OPT_FG		25
855 	MNTOPT_FG,
856 #define	OPT_RETRY	26
857 	MNTOPT_RETRY,
858 #define	OPT_NOAC	27
859 	MNTOPT_NOAC,
860 #define	OPT_NOCTO	28
861 	MNTOPT_NOCTO,
862 #define	OPT_LLOCK	29
863 	MNTOPT_LLOCK,
864 #define	OPT_POSIX	30
865 	MNTOPT_POSIX,
866 #define	OPT_VERS	31
867 	MNTOPT_VERS,
868 #define	OPT_PROTO	32
869 	MNTOPT_PROTO,
870 #define	OPT_SEMISOFT	33
871 	MNTOPT_SEMISOFT,
872 #define	OPT_NOPRINT	34
873 	MNTOPT_NOPRINT,
874 #define	OPT_SEC		35
875 	MNTOPT_SEC,
876 #define	OPT_LARGEFILES	36
877 	MNTOPT_LARGEFILES,
878 #define	OPT_NOLARGEFILES 37
879 	MNTOPT_NOLARGEFILES,
880 #define	OPT_PUBLIC	38
881 	MNTOPT_PUBLIC,
882 #define	OPT_DIRECTIO	39
883 	MNTOPT_FORCEDIRECTIO,
884 #define	OPT_NODIRECTIO	40
885 	MNTOPT_NOFORCEDIRECTIO,
886 #define	OPT_XATTR	41
887 	MNTOPT_XATTR,
888 #define	OPT_NOXATTR	42
889 	MNTOPT_NOXATTR,
890 #define	OPT_DEVICES	43
891 	MNTOPT_DEVICES,
892 #define	OPT_NODEVICES	44
893 	MNTOPT_NODEVICES,
894 #define	OPT_SETUID	45
895 	MNTOPT_SETUID,
896 #define	OPT_NOSETUID	46
897 	MNTOPT_NOSETUID,
898 #define	OPT_EXEC	47
899 	MNTOPT_EXEC,
900 #define	OPT_NOEXEC	48
901 	MNTOPT_NOEXEC,
902 	NULL
903 };
904 
905 #define	bad(val) (val == NULL || !isdigit(*val))
906 
907 static int
908 set_args(int *mntflags, struct nfs_args *args, char *fshost, struct mnttab *mnt)
909 {
910 	char *saveopt, *optstr, *opts, *newopts, *val;
911 	int largefiles = 0;
912 	int invalid = 0;
913 	int attrpref = 0;
914 	int optlen;
915 
916 	args->flags = NFSMNT_INT;	/* default is "intr" */
917 	args->flags |= NFSMNT_HOSTNAME;
918 	args->flags |= NFSMNT_NEWARGS;	/* using extented nfs_args structure */
919 	args->hostname = fshost;
920 
921 	optstr = opts = strdup(mnt->mnt_mntopts);
922 	/* sizeof (MNTOPT_XXX) includes one extra byte we may need for "," */
923 	optlen = strlen(mnt->mnt_mntopts) + sizeof (MNTOPT_XATTR) + 1;
924 	if (optlen > MAX_MNTOPT_STR) {
925 		pr_err(gettext("option string too long"));
926 		return (RET_ERR);
927 	}
928 	newopts = malloc(optlen);
929 	if (opts == NULL || newopts == NULL) {
930 		pr_err(gettext("no memory"));
931 		if (opts)
932 			free(opts);
933 		if (newopts)
934 			free(newopts);
935 		return (RET_ERR);
936 	}
937 	newopts[0] = '\0';
938 
939 	while (*opts) {
940 		invalid = 0;
941 		saveopt = opts;
942 		switch (getsubopt(&opts, optlist, &val)) {
943 		case OPT_RO:
944 			*mntflags |= MS_RDONLY;
945 			break;
946 		case OPT_RW:
947 			*mntflags &= ~(MS_RDONLY);
948 			break;
949 		case OPT_QUOTA:
950 		case OPT_NOQUOTA:
951 			break;
952 		case OPT_SOFT:
953 			args->flags |= NFSMNT_SOFT;
954 			args->flags &= ~(NFSMNT_SEMISOFT);
955 			break;
956 		case OPT_SEMISOFT:
957 			args->flags |= NFSMNT_SOFT;
958 			args->flags |= NFSMNT_SEMISOFT;
959 			break;
960 		case OPT_HARD:
961 			args->flags &= ~(NFSMNT_SOFT);
962 			args->flags &= ~(NFSMNT_SEMISOFT);
963 			break;
964 		case OPT_SUID:
965 			*mntflags &= ~(MS_NOSUID);
966 			break;
967 		case OPT_NOSUID:
968 			*mntflags |= MS_NOSUID;
969 			break;
970 		case OPT_GRPID:
971 			args->flags |= NFSMNT_GRPID;
972 			break;
973 		case OPT_REMOUNT:
974 			*mntflags |= MS_REMOUNT;
975 			break;
976 		case OPT_INTR:
977 			args->flags |= NFSMNT_INT;
978 			break;
979 		case OPT_NOINTR:
980 			args->flags &= ~(NFSMNT_INT);
981 			break;
982 		case OPT_NOAC:
983 			args->flags |= NFSMNT_NOAC;
984 			break;
985 		case OPT_PORT:
986 			if (bad(val))
987 				goto badopt;
988 			nfs_port = htons((ushort_t)atoi(val));
989 			break;
990 
991 		case OPT_SECURE:
992 			if (nfs_getseconfig_byname("dh", &nfs_sec)) {
993 			    pr_err(gettext("can not get \"dh\" from %s\n"),
994 						NFSSEC_CONF);
995 			    goto badopt;
996 			}
997 			sec_opt++;
998 			break;
999 
1000 		case OPT_NOCTO:
1001 			args->flags |= NFSMNT_NOCTO;
1002 			break;
1003 
1004 		case OPT_RSIZE:
1005 			args->flags |= NFSMNT_RSIZE;
1006 			if (bad(val))
1007 				goto badopt;
1008 			args->rsize = atoi(val);
1009 			break;
1010 		case OPT_WSIZE:
1011 			args->flags |= NFSMNT_WSIZE;
1012 			if (bad(val))
1013 				goto badopt;
1014 			args->wsize = atoi(val);
1015 			break;
1016 		case OPT_TIMEO:
1017 			args->flags |= NFSMNT_TIMEO;
1018 			if (bad(val))
1019 				goto badopt;
1020 			args->timeo = atoi(val);
1021 			break;
1022 		case OPT_RETRANS:
1023 			args->flags |= NFSMNT_RETRANS;
1024 			if (bad(val))
1025 				goto badopt;
1026 			args->retrans = atoi(val);
1027 			break;
1028 		case OPT_ACTIMEO:
1029 			args->flags |= NFSMNT_ACDIRMAX;
1030 			args->flags |= NFSMNT_ACREGMAX;
1031 			args->flags |= NFSMNT_ACDIRMIN;
1032 			args->flags |= NFSMNT_ACREGMIN;
1033 			if (bad(val))
1034 				goto badopt;
1035 			args->acdirmin = args->acregmin = args->acdirmax
1036 				= args->acregmax = atoi(val);
1037 			break;
1038 		case OPT_ACREGMIN:
1039 			args->flags |= NFSMNT_ACREGMIN;
1040 			if (bad(val))
1041 				goto badopt;
1042 			args->acregmin = atoi(val);
1043 			break;
1044 		case OPT_ACREGMAX:
1045 			args->flags |= NFSMNT_ACREGMAX;
1046 			if (bad(val))
1047 				goto badopt;
1048 			args->acregmax = atoi(val);
1049 			break;
1050 		case OPT_ACDIRMIN:
1051 			args->flags |= NFSMNT_ACDIRMIN;
1052 			if (bad(val))
1053 				goto badopt;
1054 			args->acdirmin = atoi(val);
1055 			break;
1056 		case OPT_ACDIRMAX:
1057 			args->flags |= NFSMNT_ACDIRMAX;
1058 			if (bad(val))
1059 				goto badopt;
1060 			args->acdirmax = atoi(val);
1061 			break;
1062 		case OPT_BG:
1063 			bg++;
1064 			break;
1065 		case OPT_FG:
1066 			bg = 0;
1067 			break;
1068 		case OPT_RETRY:
1069 			if (bad(val))
1070 				goto badopt;
1071 			retries = atoi(val);
1072 			break;
1073 		case OPT_LLOCK:
1074 			args->flags |= NFSMNT_LLOCK;
1075 			break;
1076 		case OPT_POSIX:
1077 			posix = 1;
1078 			break;
1079 		case OPT_VERS:
1080 			if (bad(val))
1081 				goto badopt;
1082 			nfsvers = (rpcvers_t)atoi(val);
1083 			break;
1084 		case OPT_PROTO:
1085 			nfs_proto = (char *)malloc(strlen(val)+1);
1086 			(void) strcpy(nfs_proto, val);
1087 			break;
1088 		case OPT_NOPRINT:
1089 			args->flags |= NFSMNT_NOPRINT;
1090 			break;
1091 		case OPT_LARGEFILES:
1092 			largefiles = 1;
1093 			break;
1094 		case OPT_NOLARGEFILES:
1095 			pr_err(gettext("NFS can't support \"nolargefiles\"\n"));
1096 			free(optstr);
1097 			return (RET_ERR);
1098 
1099 		case OPT_SEC:
1100 			if (nfs_getseconfig_byname(val, &nfs_sec)) {
1101 			    pr_err(gettext("can not get \"%s\" from %s\n"),
1102 						val, NFSSEC_CONF);
1103 			    return (RET_ERR);
1104 			}
1105 			sec_opt++;
1106 			break;
1107 
1108 		case OPT_PUBLIC:
1109 			public_opt = TRUE;
1110 			break;
1111 
1112 		case OPT_DIRECTIO:
1113 			args->flags |= NFSMNT_DIRECTIO;
1114 			break;
1115 
1116 		case OPT_NODIRECTIO:
1117 			args->flags &= ~(NFSMNT_DIRECTIO);
1118 			break;
1119 
1120 		case OPT_XATTR:
1121 		case OPT_NOXATTR:
1122 			/*
1123 			 * VFS options; just need to get them into the
1124 			 * new mount option string and note we've seen them
1125 			 */
1126 			attrpref = 1;
1127 			break;
1128 		default:
1129 			/*
1130 			 * Note that this could be a valid OPT_* option so
1131 			 * we can't use "val" but need to use "saveopt".
1132 			 */
1133 			if (fsisstdopt(saveopt))
1134 				break;
1135 			invalid = 1;
1136 			if (!qflg)
1137 				(void) fprintf(stderr, gettext(
1138 				    "mount: %s on %s - WARNING unknown option"
1139 				    " \"%s\"\n"), mnt->mnt_special,
1140 				    mnt->mnt_mountp, saveopt);
1141 			break;
1142 		}
1143 		if (!invalid) {
1144 			if (newopts[0])
1145 				strcat(newopts, ",");
1146 			strcat(newopts, saveopt);
1147 		}
1148 	}
1149 	/* Default is to turn extended attrs on */
1150 	if (!attrpref) {
1151 		if (newopts[0])
1152 			strcat(newopts, ",");
1153 		strcat(newopts, MNTOPT_XATTR);
1154 	}
1155 	strcpy(mnt->mnt_mntopts, newopts);
1156 	free(newopts);
1157 	free(optstr);
1158 
1159 	/* ensure that only one secure mode is requested */
1160 	if (sec_opt > 1) {
1161 		pr_err(gettext("Security options conflict\n"));
1162 		return (RET_ERR);
1163 	}
1164 
1165 	/* ensure that the user isn't trying to get large files over V2 */
1166 	if (nfsvers == NFS_VERSION && largefiles) {
1167 		pr_err(gettext("NFS V2 can't support \"largefiles\"\n"));
1168 		return (RET_ERR);
1169 	}
1170 
1171 	if (nfsvers == NFS_V4 &&
1172 	    nfs_proto != NULL &&
1173 	    strncasecmp(nfs_proto, NC_UDP, strlen(NC_UDP)) == 0) {
1174 		pr_err(gettext("NFS V4 does not support %s\n"), nfs_proto);
1175 		return (RET_ERR);
1176 	}
1177 
1178 	return (RET_OK);
1179 
1180 badopt:
1181 	pr_err(gettext("invalid option: \"%s\"\n"), saveopt);
1182 	free(optstr);
1183 	return (RET_ERR);
1184 }
1185 
1186 static int
1187 make_secure(struct nfs_args *args, char *hostname, struct netconfig *nconf,
1188 	bool_t use_pubfh, rpcvers_t vers)
1189 {
1190 	sec_data_t *secdata;
1191 	int flags;
1192 	struct netbuf *syncaddr = NULL;
1193 	struct nd_addrlist *retaddrs = NULL;
1194 	char netname[MAXNETNAMELEN+1];
1195 
1196 	/*
1197 	 * check to see if any secure mode is requested.
1198 	 * if not, use default security mode.
1199 	 */
1200 	if (!snego_done && !sec_opt) {
1201 		/*
1202 		 *  Get default security mode.
1203 		 *  AUTH_UNIX has been the default choice for a long time.
1204 		 *  The better NFS security service becomes, the better chance
1205 		 *  we will set stronger security service as the default NFS
1206 		 *  security mode.
1207 		 *
1208 		 */
1209 	    if (nfs_getseconfig_default(&nfs_sec)) {
1210 		pr_err(gettext("error getting default security entry\n"));
1211 		return (-1);
1212 	    }
1213 	    args->flags |= NFSMNT_SECDEFAULT;
1214 	}
1215 
1216 	/*
1217 	 * Get the network address for the time service on the server.
1218 	 * If an RPC based time service is not available then try the
1219 	 * IP time service.
1220 	 *
1221 	 * This is for AUTH_DH processing. We will also pass down syncaddr
1222 	 * and netname for NFS V4 even if AUTH_DH is not requested right now.
1223 	 * NFS V4 does security negotiation in the kernel via SECINFO.
1224 	 * These information might be needed later in the kernel.
1225 	 *
1226 	 * Eventurally, we want to move this code to nfs_clnt_secdata()
1227 	 * when autod_nfs.c and mount.c can share the same get_the_addr()
1228 	 * routine.
1229 	 */
1230 	flags = 0;
1231 	syncaddr = NULL;
1232 
1233 	if (nfs_sec.sc_rpcnum == AUTH_DH || vers == NFS_V4) {
1234 		/*
1235 		 * If using the public fh or nfsv4, we will not contact the
1236 		 * remote RPCBINDer, since it is possibly behind a firewall.
1237 		 */
1238 		if (use_pubfh == FALSE && vers != NFS_V4) {
1239 			syncaddr = get_the_addr(hostname, RPCBPROG, RPCBVERS,
1240 				nconf, 0, NULL, NULL, FALSE, NULL, NULL);
1241 		}
1242 
1243 		if (syncaddr != NULL) {
1244 			/* for flags in sec_data */
1245 			flags |= AUTH_F_RPCTIMESYNC;
1246 		} else {
1247 			struct nd_hostserv hs;
1248 			int error;
1249 
1250 			hs.h_host = hostname;
1251 			hs.h_serv = "timserver";
1252 
1253 			error = netdir_getbyname(nconf, &hs, &retaddrs);
1254 
1255 			if (error != ND_OK && (nfs_sec.sc_rpcnum == AUTH_DH)) {
1256 			    pr_err(gettext("%s: secure: no time service\n"),
1257 						hostname);
1258 			    return (-1);
1259 			}
1260 
1261 			if (error == ND_OK)
1262 				syncaddr = retaddrs->n_addrs;
1263 
1264 			/*
1265 			 * For NFS_V4 if AUTH_DH is negotiated later in the
1266 			 * kernel thru SECINFO, it will need syncaddr
1267 			 * and netname data.
1268 			 */
1269 			if (vers == NFS_V4 && syncaddr &&
1270 				    host2netname(netname, hostname, NULL)) {
1271 			    args->syncaddr = malloc(sizeof (struct netbuf));
1272 			    args->syncaddr->buf = malloc(syncaddr->len);
1273 			    (void) memcpy(args->syncaddr->buf, syncaddr->buf,
1274 							syncaddr->len);
1275 			    args->syncaddr->len = syncaddr->len;
1276 			    args->syncaddr->maxlen = syncaddr->maxlen;
1277 			    args->netname = strdup(netname);
1278 			    args->flags |= NFSMNT_SECURE;
1279 			}
1280 		}
1281 	}
1282 
1283 	/*
1284 	 * For the initial chosen flavor (any flavor defined in nfssec.conf),
1285 	 * the data will be stored in the sec_data structure via
1286 	 * nfs_clnt_secdata() and be passed to the kernel via nfs_args_*
1287 	 * extended data structure.
1288 	 */
1289 	if (!(secdata = nfs_clnt_secdata(&nfs_sec, hostname, args->knconf,
1290 					syncaddr, flags))) {
1291 		pr_err(gettext("errors constructing security related data\n"));
1292 		if (flags & AUTH_F_RPCTIMESYNC) {
1293 			free(syncaddr->buf);
1294 			free(syncaddr);
1295 		} else if (retaddrs)
1296 			netdir_free((void *)retaddrs, ND_ADDRLIST);
1297 		return (-1);
1298 	}
1299 
1300 	NFS_ARGS_EXTB_secdata(args, secdata);
1301 	if (flags & AUTH_F_RPCTIMESYNC) {
1302 		free(syncaddr->buf);
1303 		free(syncaddr);
1304 	} else if (retaddrs)
1305 		netdir_free((void *)retaddrs, ND_ADDRLIST);
1306 	return (0);
1307 }
1308 
1309 /*
1310  * Get the network address on "hostname" for program "prog"
1311  * with version "vers" by using the nconf configuration data
1312  * passed in.
1313  *
1314  * If the address of a netconfig pointer is null then
1315  * information is not sufficient and no netbuf will be returned.
1316  *
1317  * Finally, ping the null procedure of that service.
1318  *
1319  * A similar routine is also defined in ../../autofs/autod_nfs.c.
1320  * This is a potential routine to move to ../lib for common usage.
1321  */
1322 static struct netbuf *
1323 get_the_addr(char *hostname, ulong_t prog, ulong_t vers,
1324 	struct netconfig *nconf, ushort_t port, struct t_info *tinfo,
1325 	caddr_t *fhp, bool_t get_pubfh, char *fspath, err_ret_t *error)
1326 {
1327 	struct netbuf *nb = NULL;
1328 	struct t_bind *tbind = NULL;
1329 	CLIENT *cl = NULL;
1330 	struct timeval tv;
1331 	int fd = -1;
1332 	AUTH *ah = NULL;
1333 	AUTH *new_ah = NULL;
1334 	struct snego_t snego;
1335 
1336 	if (nconf == NULL)
1337 		return (NULL);
1338 
1339 	if ((fd = t_open(nconf->nc_device, O_RDWR, tinfo)) == -1)
1340 		    goto done;
1341 
1342 	/* LINTED pointer alignment */
1343 	if ((tbind = (struct t_bind *)t_alloc(fd, T_BIND, T_ADDR))
1344 		== NULL)
1345 		goto done;
1346 
1347 	/*
1348 	 * In the case of public filehandle usage or NFSv4 we want to
1349 	 * avoid use of the rpcbind/portmap protocol
1350 	 */
1351 	if ((get_pubfh == TRUE) || (vers == NFS_V4)) {
1352 		struct nd_hostserv hs;
1353 		struct nd_addrlist *retaddrs;
1354 		int retval;
1355 		hs.h_host = hostname;
1356 
1357 		/* NFS where vers==4 does not support UDP */
1358 		if (vers == NFS_V4 &&
1359 		    strncasecmp(nconf->nc_proto, NC_UDP,
1360 				strlen(NC_UDP)) == 0) {
1361 			SET_ERR_RET(error, ERR_RPCERROR, 0);
1362 			goto done;
1363 		}
1364 
1365 		if (port == 0)
1366 			hs.h_serv = "nfs";
1367 		else
1368 			hs.h_serv = NULL;
1369 
1370 		if ((retval = netdir_getbyname(nconf, &hs, &retaddrs))
1371 		    != ND_OK) {
1372 			/*
1373 			 * Carefully set the error value here. Want to signify
1374 			 * that the error was an unknown host.
1375 			 */
1376 			if (retval == ND_NOHOST) {
1377 				SET_ERR_RET(error, ERR_NOHOST, retval);
1378 			}
1379 
1380 			goto done;
1381 		}
1382 		memcpy(tbind->addr.buf, retaddrs->n_addrs->buf,
1383 			retaddrs->n_addrs->len);
1384 		tbind->addr.len = retaddrs->n_addrs->len;
1385 		netdir_free((void *)retaddrs, ND_ADDRLIST);
1386 		(void) netdir_options(nconf, ND_SET_RESERVEDPORT, fd, NULL);
1387 
1388 	} else {
1389 		if (rpcb_getaddr(prog, vers, nconf, &tbind->addr,
1390 		    hostname) == FALSE) {
1391 			goto done;
1392 		}
1393 	}
1394 
1395 	if (port) {
1396 		/* LINTED pointer alignment */
1397 		if (strcmp(nconf->nc_protofmly, NC_INET) == 0)
1398 			((struct sockaddr_in *)tbind->addr.buf)->sin_port
1399 				= port;
1400 		else if (strcmp(nconf->nc_protofmly, NC_INET6) == 0)
1401 			((struct sockaddr_in6 *)tbind->addr.buf)->sin6_port
1402 				= port;
1403 
1404 	}
1405 
1406 	cl = clnt_tli_create(fd, nconf, &tbind->addr, prog, vers, 0, 0);
1407 	if (cl == NULL) {
1408 		SET_ERR_RET(error, ERR_RPCERROR, rpc_createerr.cf_stat);
1409 		goto done;
1410 	}
1411 
1412 	ah = authsys_create_default();
1413 	if (ah != NULL)
1414 		cl->cl_auth = ah;
1415 
1416 	tv.tv_sec = 5;
1417 	tv.tv_usec = 0;
1418 
1419 	(void) clnt_control(cl, CLSET_TIMEOUT, (char *)&tv);
1420 
1421 	if ((get_pubfh == TRUE) && (vers != NFS_V4)) {
1422 	    enum snego_stat sec;
1423 
1424 	    if (!snego_done) {
1425 		/*
1426 		 * negotiate sec flavor.
1427 		 */
1428 		snego.cnt = 0;
1429 		if ((sec = nfs_sec_nego(vers, cl, fspath, &snego)) ==
1430 			SNEGO_SUCCESS) {
1431 		    int jj;
1432 
1433 		/*
1434 		 * check if server supports the one
1435 		 * specified in the sec= option.
1436 		 */
1437 		    if (sec_opt) {
1438 			for (jj = 0; jj < snego.cnt; jj++) {
1439 			    if (snego.array[jj] == nfs_sec.sc_nfsnum) {
1440 				snego_done = TRUE;
1441 				break;
1442 			    }
1443 			}
1444 		    }
1445 
1446 		/*
1447 		 * find a common sec flavor
1448 		 */
1449 		    if (!snego_done) {
1450 			if (sec_opt) {
1451 			    pr_err(gettext(
1452 				"Server does not support the security"
1453 				" flavor specified.\n"));
1454 			}
1455 			for (jj = 0; jj < snego.cnt; jj++) {
1456 			    if (!nfs_getseconfig_bynumber(snego.array[jj],
1457 				&nfs_sec)) {
1458 				snego_done = TRUE;
1459 				if (sec_opt) {
1460 				    pr_err(gettext(
1461 					"Security flavor %d was negotiated and"
1462 					" will be used.\n"),
1463 					nfs_sec.sc_nfsnum);
1464 				}
1465 				break;
1466 			    }
1467 			}
1468 		    }
1469 		    if (!snego_done)
1470 			return (NULL);
1471 
1472 		/*
1473 		 * Now that the flavor has been
1474 		 * negotiated, get the fh.
1475 		 *
1476 		 * First, create an auth handle using the negotiated
1477 		 * sec flavor in the next lookup to
1478 		 * fetch the filehandle.
1479 		 */
1480 		    new_ah = nfs_create_ah(cl, hostname, &nfs_sec);
1481 		    if (new_ah == NULL)
1482 			goto done;
1483 		    cl->cl_auth = new_ah;
1484 		} else if (sec == SNEGO_ARRAY_TOO_SMALL || sec ==
1485 		    SNEGO_FAILURE) {
1486 			goto done;
1487 		}
1488 		/*
1489 		 * Note that if sec == SNEGO_DEF_VALID
1490 		 * default sec flavor is acceptable.
1491 		 * Use it to get the filehandle.
1492 		 */
1493 	    }
1494 
1495 	    if (vers == NFS_VERSION) {
1496 		wnl_diropargs arg;
1497 		wnl_diropres *res;
1498 
1499 		memset((char *)&arg.dir, 0, sizeof (wnl_fh));
1500 		arg.name = fspath;
1501 		res = wnlproc_lookup_2(&arg, cl);
1502 
1503 		if (res == NULL || res->status != NFS_OK)
1504 		    goto done;
1505 		*fhp = malloc(sizeof (wnl_fh));
1506 
1507 		if (*fhp == NULL) {
1508 		    pr_err(gettext("no memory\n"));
1509 		    goto done;
1510 		}
1511 
1512 		memcpy((char *)*fhp,
1513 		    (char *)&res->wnl_diropres_u.wnl_diropres.file,
1514 		    sizeof (wnl_fh));
1515 	    } else {
1516 		WNL_LOOKUP3args arg;
1517 		WNL_LOOKUP3res *res;
1518 		nfs_fh3 *fh3p;
1519 
1520 		memset((char *)&arg.what.dir, 0, sizeof (wnl_fh3));
1521 		arg.what.name = fspath;
1522 		res = wnlproc3_lookup_3(&arg, cl);
1523 
1524 		if (res == NULL || res->status != NFS3_OK)
1525 		    goto done;
1526 
1527 		fh3p = (nfs_fh3 *)malloc(sizeof (*fh3p));
1528 
1529 		if (fh3p == NULL) {
1530 		    pr_err(gettext("no memory\n"));
1531 		    CLNT_FREERES(cl, xdr_WNL_LOOKUP3res, (char *)res);
1532 		    goto done;
1533 		}
1534 
1535 		fh3p->fh3_length =
1536 		    res->WNL_LOOKUP3res_u.res_ok.object.data.data_len;
1537 		memcpy(fh3p->fh3_u.data,
1538 		    res->WNL_LOOKUP3res_u.res_ok.object.data.data_val,
1539 		    fh3p->fh3_length);
1540 
1541 		*fhp = (caddr_t)fh3p;
1542 
1543 		CLNT_FREERES(cl, xdr_WNL_LOOKUP3res, (char *)res);
1544 	    }
1545 	} else {
1546 		void *res;
1547 		struct rpc_err r_err;
1548 
1549 		if (vers == NFS_VERSION)
1550 		    res = wnlproc_null_2(NULL, cl);
1551 		else if (vers == NFS_V3)
1552 		    res = wnlproc3_null_3(NULL, cl);
1553 		else
1554 		    res = wnlproc4_null_4(NULL, cl);
1555 
1556 		if (res == NULL) {
1557 			clnt_geterr(cl, &r_err);
1558 			if (strcmp(nconf->nc_protofmly, NC_LOOPBACK) == 0) {
1559 				switch (r_err.re_status) {
1560 				case RPC_TLIERROR:
1561 				case RPC_CANTRECV:
1562 				case RPC_CANTSEND:
1563 					r_err.re_status = RPC_PROGVERSMISMATCH;
1564 				}
1565 			}
1566 			SET_ERR_RET(error, ERR_RPCERROR, r_err.re_status);
1567 			goto done;
1568 		}
1569 	}
1570 
1571 	/*
1572 	 * Make a copy of the netbuf to return
1573 	 */
1574 	nb = (struct netbuf *)malloc(sizeof (*nb));
1575 	if (nb == NULL) {
1576 		pr_err(gettext("no memory\n"));
1577 		goto done;
1578 	}
1579 	*nb = tbind->addr;
1580 	nb->buf = (char *)malloc(nb->maxlen);
1581 	if (nb->buf == NULL) {
1582 		pr_err(gettext("no memory\n"));
1583 		free(nb);
1584 		nb = NULL;
1585 		goto done;
1586 	}
1587 	(void) memcpy(nb->buf, tbind->addr.buf, tbind->addr.len);
1588 
1589 done:
1590 	if (cl) {
1591 	    if (ah != NULL) {
1592 		if (new_ah != NULL)
1593 		    AUTH_DESTROY(ah);
1594 		AUTH_DESTROY(cl->cl_auth);
1595 		cl->cl_auth = NULL;
1596 	    }
1597 	    clnt_destroy(cl);
1598 	    cl = NULL;
1599 	}
1600 	if (tbind) {
1601 		t_free((char *)tbind, T_BIND);
1602 		tbind = NULL;
1603 	}
1604 	if (fd >= 0)
1605 		(void) t_close(fd);
1606 	return (nb);
1607 }
1608 
1609 /*
1610  * Get a network address on "hostname" for program "prog"
1611  * with version "vers".  If the port number is specified (non zero)
1612  * then try for a TCP/UDP transport and set the port number of the
1613  * resulting IP address.
1614  *
1615  * If the address of a netconfig pointer was passed and
1616  * if it's not null, use it as the netconfig otherwise
1617  * assign the address of the netconfig that was used to
1618  * establish contact with the service.
1619  *
1620  * A similar routine is also defined in ../../autofs/autod_nfs.c.
1621  * This is a potential routine to move to ../lib for common usage.
1622  *
1623  * "error" refers to a more descriptive term when get_addr fails
1624  * and returns NULL: ERR_PROTO_NONE if no error introduced by
1625  * -o proto option, ERR_NETPATH if error found in NETPATH
1626  * environment variable, ERR_PROTO_INVALID if an unrecognized
1627  * protocol is specified by user, and ERR_PROTO_UNSUPP for a
1628  * recognized but invalid protocol (eg. ticlts, ticots, etc.).
1629  * "error" is ignored if get_addr returns non-NULL result.
1630  *
1631  */
1632 static struct netbuf *
1633 get_addr(char *hostname, ulong_t prog, ulong_t vers, struct netconfig **nconfp,
1634 	char *proto, ushort_t port, struct t_info *tinfo, caddr_t *fhp,
1635 	bool_t get_pubfh, char *fspath, err_ret_t *error)
1636 {
1637 	struct netbuf *nb = NULL;
1638 	struct netconfig *nconf = NULL;
1639 	NCONF_HANDLE *nc = NULL;
1640 	int nthtry = FIRST_TRY;
1641 	err_ret_t errsave_nohost, errsave_rpcerr;
1642 
1643 	SET_ERR_RET(&errsave_nohost, ERR_PROTO_NONE, 0);
1644 	SET_ERR_RET(&errsave_rpcerr, ERR_PROTO_NONE, 0);
1645 
1646 	SET_ERR_RET(error, ERR_PROTO_NONE, 0);
1647 
1648 	if (nconfp && *nconfp)
1649 		return (get_the_addr(hostname, prog, vers, *nconfp, port,
1650 			tinfo, fhp, get_pubfh, fspath, error));
1651 	/*
1652 	 * No nconf passed in.
1653 	 *
1654 	 * Try to get a nconf from /etc/netconfig filtered by
1655 	 * the NETPATH environment variable.
1656 	 * First search for COTS, second for CLTS unless proto
1657 	 * is specified.  When we retry, we reset the
1658 	 * netconfig list so that we would search the whole list
1659 	 * all over again.
1660 	 */
1661 
1662 	if ((nc = setnetpath()) == NULL) {
1663 		/* should only return an error if problems with NETPATH */
1664 		/* In which case you are hosed */
1665 		SET_ERR_RET(error, ERR_NETPATH, 0);
1666 		goto done;
1667 	}
1668 
1669 	/*
1670 	 * If proto is specified, then only search for the match,
1671 	 * otherwise try COTS first, if failed, try CLTS.
1672 	 */
1673 	if (proto) {
1674 		/* no matching proto name */
1675 		SET_ERR_RET(error, ERR_PROTO_INVALID, 0);
1676 
1677 		while (nconf = getnetpath(nc)) {
1678 			if (strcmp(nconf->nc_netid, proto))
1679 				continue;
1680 
1681 			/* may be unsupported */
1682 			SET_ERR_RET(error, ERR_PROTO_UNSUPP, 0);
1683 
1684 			if ((port != 0) &&
1685 				((strcmp(nconf->nc_protofmly, NC_INET) == 0 ||
1686 				strcmp(nconf->nc_protofmly, NC_INET6) == 0) &&
1687 				(strcmp(nconf->nc_proto, NC_TCP) != 0 &&
1688 				strcmp(nconf->nc_proto, NC_UDP) != 0)))
1689 
1690 				continue;
1691 
1692 			else {
1693 				nb = get_the_addr(hostname, prog,
1694 					vers, nconf, port, tinfo,
1695 						fhp, get_pubfh, fspath, error);
1696 
1697 				if (nb != NULL)
1698 					break;
1699 
1700 				/* nb is NULL - deal with errors */
1701 				if (error) {
1702 					if (error->error_type == ERR_NOHOST)
1703 						SET_ERR_RET(&errsave_nohost,
1704 							error->error_type,
1705 							error->error_value);
1706 					if (error->error_type == ERR_RPCERROR)
1707 						SET_ERR_RET(&errsave_rpcerr,
1708 							error->error_type,
1709 							error->error_value);
1710 				}
1711 				/*
1712 				 * continue with same protocol
1713 				 * selection
1714 				 */
1715 				continue;
1716 			}
1717 		} /* end of while */
1718 
1719 		if (nconf == NULL)
1720 			goto done;
1721 
1722 		if ((nb = get_the_addr(hostname, prog, vers, nconf, port,
1723 				tinfo, fhp, get_pubfh, fspath, error)) == NULL)
1724 			goto done;
1725 
1726 
1727 	} else {
1728 retry:
1729 		SET_ERR_RET(error, ERR_NETPATH, 0);
1730 		while (nconf = getnetpath(nc)) {
1731 			SET_ERR_RET(error, ERR_PROTO_NONE, 0);
1732 			if (nconf->nc_flag & NC_VISIBLE) {
1733 				if (nthtry == FIRST_TRY) {
1734 					if ((nconf->nc_semantics ==
1735 						NC_TPI_COTS_ORD) ||
1736 					    (nconf->nc_semantics ==
1737 						NC_TPI_COTS)) {
1738 
1739 						if (port == 0)
1740 							break;
1741 
1742 						if ((strcmp(nconf->nc_protofmly,
1743 							NC_INET) == 0 ||
1744 							strcmp(nconf->
1745 							nc_protofmly,
1746 							NC_INET6) == 0) &&
1747 						    (strcmp(nconf->nc_proto,
1748 							NC_TCP) == 0))
1749 
1750 							break;
1751 					}
1752 				}
1753 				if (nthtry == SECOND_TRY) {
1754 					if (nconf->nc_semantics ==
1755 						NC_TPI_CLTS) {
1756 						if (port == 0)
1757 							break;
1758 						if ((strcmp(nconf->nc_protofmly,
1759 							NC_INET) == 0 ||
1760 							strcmp(nconf->
1761 							nc_protofmly, NC_INET6)
1762 							== 0) &&
1763 							(strcmp(
1764 							nconf->nc_proto,
1765 							NC_UDP) == 0))
1766 							break;
1767 					}
1768 				}
1769 			}
1770 		} /* while */
1771 		if (nconf == NULL) {
1772 			if (++nthtry <= MNT_PREF_LISTLEN) {
1773 				endnetpath(nc);
1774 				if ((nc = setnetpath()) == NULL)
1775 					goto done;
1776 				goto retry;
1777 			} else
1778 				goto done;
1779 		} else {
1780 			if ((nb = get_the_addr(hostname, prog, vers, nconf,
1781 				port, tinfo, fhp, get_pubfh, fspath, error))
1782 				== NULL) {
1783 				/* nb is NULL - deal with errors */
1784 				if (error) {
1785 					if (error->error_type == ERR_NOHOST)
1786 						SET_ERR_RET(&errsave_nohost,
1787 							error->error_type,
1788 							error->error_value);
1789 					if (error->error_type == ERR_RPCERROR)
1790 						SET_ERR_RET(&errsave_rpcerr,
1791 							error->error_type,
1792 							error->error_value);
1793 				}
1794 				/*
1795 				 * Continue the same search path in the
1796 				 * netconfig db until no more matched
1797 				 * nconf (nconf == NULL).
1798 				 */
1799 				goto retry;
1800 			}
1801 		}
1802 	}
1803 	SET_ERR_RET(error, ERR_PROTO_NONE, 0);
1804 
1805 	/*
1806 	 * Got nconf and nb.  Now dup the netconfig structure (nconf)
1807 	 * and return it thru nconfp.
1808 	 */
1809 	*nconfp = getnetconfigent(nconf->nc_netid);
1810 	if (*nconfp == NULL) {
1811 		syslog(LOG_ERR, "no memory\n");
1812 		free(nb);
1813 		nb = NULL;
1814 	}
1815 done:
1816 	if (nc)
1817 		endnetpath(nc);
1818 
1819 	if (nb == NULL) {
1820 		if (error) {
1821 			/*
1822 			 * Check the saved errors. The RPC error has *
1823 			 * precedence over the no host error.
1824 			 */
1825 			if (errsave_nohost.error_type != ERR_PROTO_NONE)
1826 				SET_ERR_RET(error, errsave_nohost.error_type,
1827 					errsave_nohost.error_value);
1828 			if (errsave_rpcerr.error_type != ERR_PROTO_NONE)
1829 				SET_ERR_RET(error, errsave_rpcerr.error_type,
1830 					errsave_rpcerr.error_value);
1831 		}
1832 	}
1833 	return (nb);
1834 }
1835 
1836 /*
1837  * Get a file handle usinging multi-component lookup with the public
1838  * file handle.
1839  */
1840 static int
1841 get_fh_via_pub(struct nfs_args *args, char *fshost, char *fspath, bool_t url,
1842 	bool_t loud, int *versp, struct netconfig **nconfp, ushort_t port)
1843 {
1844 	uint_t vers_min;
1845 	uint_t vers_max;
1846 	int r;
1847 	char *path;
1848 
1849 	if (nfsvers != 0) {
1850 		vers_max = vers_min = nfsvers;
1851 	} else {
1852 		vers_max = vers_max_default;
1853 		vers_min = vers_min_default;
1854 	}
1855 
1856 	if (url == FALSE) {
1857 		path = malloc(strlen(fspath) + 2);
1858 		if (path == NULL) {
1859 			if (loud == TRUE)  {
1860 				pr_err(gettext("no memory\n"));
1861 			}
1862 			return (RET_ERR);
1863 		}
1864 
1865 		path[0] = (char)WNL_NATIVEPATH;
1866 		(void) strcpy(&path[1], fspath);
1867 
1868 	} else  {
1869 		path = fspath;
1870 	}
1871 
1872 	for (nfsvers_to_use = vers_max; nfsvers_to_use >= vers_min;
1873 	    nfsvers_to_use--) {
1874 		/*
1875 		 * getaddr_nfs will also fill in the fh for us.
1876 		 */
1877 		r = getaddr_nfs(args, fshost, nconfp,
1878 				TRUE, path, port, NULL, FALSE);
1879 
1880 		if (r == RET_OK) {
1881 			/*
1882 			 * Since we are using the public fh, and NLM is
1883 			 * not firewall friendly, use local locking.
1884 			 * Not the case for v4.
1885 			 */
1886 			*versp = nfsvers_to_use;
1887 			switch (nfsvers_to_use) {
1888 			case NFS_V4:
1889 				fstype = MNTTYPE_NFS4;
1890 				break;
1891 			case NFS_V3:
1892 				fstype = MNTTYPE_NFS3;
1893 				/* fall through to pick up llock option */
1894 			default:
1895 				args->flags |= NFSMNT_LLOCK;
1896 				break;
1897 			}
1898 			if (fspath != path)
1899 				free(path);
1900 
1901 			return (r);
1902 		}
1903 	}
1904 
1905 	if (fspath != path) {
1906 		free(path);
1907 	}
1908 
1909 	if (loud == TRUE) {
1910 		pr_err(gettext("Could not use public filehandle in request to"
1911 			" server %s\n"), fshost);
1912 	}
1913 
1914 	return (r);
1915 }
1916 
1917 /*
1918  * get fhandle of remote path from server's mountd
1919  */
1920 static int
1921 get_fh(struct nfs_args *args, char *fshost, char *fspath, int *versp,
1922 	bool_t loud_on_mnt_err, struct netconfig **nconfp, ushort_t port)
1923 {
1924 	static struct fhstatus fhs;
1925 	static struct mountres3 mountres3;
1926 	static struct pathcnf p;
1927 	nfs_fh3 *fh3p;
1928 	struct timeval timeout = { 25, 0};
1929 	CLIENT *cl;
1930 	enum clnt_stat rpc_stat;
1931 	rpcvers_t outvers = 0;
1932 	rpcvers_t vers_to_try;
1933 	rpcvers_t vers_min;
1934 	static int printed = 0;
1935 	int count, i, *auths;
1936 	char *msg;
1937 
1938 	switch (nfsvers) {
1939 	case 2: /* version 2 specified try that only */
1940 		vers_to_try = MOUNTVERS_POSIX;
1941 		vers_min = MOUNTVERS;
1942 		break;
1943 	case 3: /* version 3 specified try that only */
1944 		vers_to_try = MOUNTVERS3;
1945 		vers_min = MOUNTVERS3;
1946 		break;
1947 	case 4: /* version 4 specified try that only */
1948 		/*
1949 		 * This assignment is in the wrong version sequence.
1950 		 * The above are MOUNT program and this is NFS
1951 		 * program.  However, it happens to work out since the
1952 		 * two don't collide for NFSv4.
1953 		 */
1954 		vers_to_try = NFS_V4;
1955 		vers_min = NFS_V4;
1956 		break;
1957 	default: /* no version specified, start with default */
1958 		vers_to_try = vers_max_default;
1959 		vers_min = vers_min_default;
1960 		break;
1961 	}
1962 
1963 	/*
1964 	 * In the case of version 4, just NULL proc the server since
1965 	 * there is no MOUNT program.  If this fails, then decrease
1966 	 * vers_to_try and continue on with regular MOUNT program
1967 	 * processing.
1968 	 */
1969 	if (vers_to_try == NFS_V4) {
1970 		int savevers = nfsvers_to_use;
1971 		err_ret_t error;
1972 		int retval;
1973 		SET_ERR_RET(&error, ERR_PROTO_NONE, 0);
1974 
1975 		/* Let's hope for the best */
1976 		nfsvers_to_use = NFS_V4;
1977 		retval =
1978 			getaddr_nfs(args, fshost, nconfp, FALSE,
1979 				    fspath, port, &error, vers_min == NFS_V4);
1980 
1981 		if (retval == RET_OK) {
1982 			*versp = nfsvers_to_use = NFS_V4;
1983 			fstype = MNTTYPE_NFS4;
1984 			args->fh = strdup(fspath);
1985 			if (args->fh == NULL) {
1986 				pr_err(gettext("no memory\n"));
1987 				*versp = nfsvers_to_use = savevers;
1988 				return (RET_ERR);
1989 			}
1990 			return (RET_OK);
1991 		}
1992 		nfsvers_to_use = savevers;
1993 
1994 		vers_to_try--;
1995 		/* If no more versions to try, let the user know. */
1996 		if (vers_to_try < vers_min) {
1997 			return (retval);
1998 		}
1999 
2000 		/*
2001 		 * If we are here, there are more versions to try but
2002 		 * there has been an error of some sort.  If it is not
2003 		 * an RPC error (e.g. host unknown), we just stop and
2004 		 * return the error since the other versions would see
2005 		 * the same error as well.
2006 		 */
2007 		if (retval == RET_ERR && error.error_type != ERR_RPCERROR)
2008 			return (retval);
2009 	}
2010 
2011 	while ((cl = clnt_create_vers(fshost, MOUNTPROG, &outvers,
2012 			vers_min, vers_to_try, "datagram_v")) == NULL) {
2013 		if (rpc_createerr.cf_stat == RPC_UNKNOWNHOST) {
2014 			pr_err(gettext("%s: %s\n"), fshost,
2015 			    clnt_spcreateerror(""));
2016 			return (RET_ERR);
2017 		}
2018 
2019 		/*
2020 		 * We don't want to downgrade version on lost packets
2021 		 */
2022 		if ((rpc_createerr.cf_stat == RPC_TIMEDOUT) ||
2023 			(rpc_createerr.cf_stat == RPC_PMAPFAILURE)) {
2024 			pr_err(gettext("%s: %s\n"), fshost,
2025 			    clnt_spcreateerror(""));
2026 			return (RET_RETRY);
2027 		}
2028 
2029 		/*
2030 		 * back off and try the previous version - patch to the
2031 		 * problem of version numbers not being contigous and
2032 		 * clnt_create_vers failing (SunOS4.1 clients & SGI servers)
2033 		 * The problem happens with most non-Sun servers who
2034 		 * don't support mountd protocol #2. So, in case the
2035 		 * call fails, we re-try the call anyway.
2036 		 */
2037 		vers_to_try--;
2038 		if (vers_to_try < vers_min) {
2039 			if (rpc_createerr.cf_stat == RPC_PROGVERSMISMATCH) {
2040 				if (nfsvers == 0) {
2041 					pr_err(gettext(
2042 			"%s:%s: no applicable versions of NFS supported\n"),
2043 					    fshost, fspath);
2044 				} else {
2045 					pr_err(gettext(
2046 			"%s:%s: NFS Version %d not supported\n"),
2047 					    fshost, fspath, nfsvers);
2048 				}
2049 				return (RET_ERR);
2050 			}
2051 			if (!printed) {
2052 				pr_err(gettext("%s: %s\n"), fshost,
2053 				    clnt_spcreateerror(""));
2054 				printed = 1;
2055 			}
2056 			return (RET_RETRY);
2057 		}
2058 	}
2059 	if (posix && outvers < MOUNTVERS_POSIX) {
2060 		pr_err(gettext("%s: %s: no pathconf info\n"),
2061 		    fshost, clnt_sperror(cl, ""));
2062 		clnt_destroy(cl);
2063 		return (RET_ERR);
2064 	}
2065 
2066 	if (__clnt_bindresvport(cl) < 0) {
2067 		pr_err(gettext("Couldn't bind to reserved port\n"));
2068 		clnt_destroy(cl);
2069 		return (RET_RETRY);
2070 	}
2071 
2072 	if ((cl->cl_auth = authsys_create_default()) == NULL) {
2073 		pr_err(
2074 		    gettext("Couldn't create default authentication handle\n"));
2075 		clnt_destroy(cl);
2076 		return (RET_RETRY);
2077 	}
2078 
2079 	switch (outvers) {
2080 	case MOUNTVERS:
2081 	case MOUNTVERS_POSIX:
2082 		*versp = nfsvers_to_use = NFS_VERSION;
2083 		rpc_stat = clnt_call(cl, MOUNTPROC_MNT, xdr_dirpath,
2084 			(caddr_t)&fspath, xdr_fhstatus, (caddr_t)&fhs, timeout);
2085 		if (rpc_stat != RPC_SUCCESS) {
2086 			pr_err(gettext("%s:%s: server not responding %s\n"),
2087 			    fshost, fspath, clnt_sperror(cl, ""));
2088 			clnt_destroy(cl);
2089 			return (RET_RETRY);
2090 		}
2091 
2092 		if ((errno = fhs.fhs_status) != MNT_OK) {
2093 			if (loud_on_mnt_err) {
2094 			    if (errno == EACCES) {
2095 				pr_err(gettext("%s:%s: access denied\n"),
2096 				    fshost, fspath);
2097 			    } else {
2098 				pr_err(gettext("%s:%s: %s\n"), fshost, fspath,
2099 				    strerror(errno));
2100 			    }
2101 			}
2102 			clnt_destroy(cl);
2103 			return (RET_MNTERR);
2104 		}
2105 		args->fh = malloc(sizeof (fhs.fhstatus_u.fhs_fhandle));
2106 		if (args->fh == NULL) {
2107 			pr_err(gettext("no memory\n"));
2108 			return (RET_ERR);
2109 		}
2110 		memcpy((caddr_t)args->fh, (caddr_t)&fhs.fhstatus_u.fhs_fhandle,
2111 			sizeof (fhs.fhstatus_u.fhs_fhandle));
2112 		if (!errno && posix) {
2113 			rpc_stat = clnt_call(cl, MOUNTPROC_PATHCONF,
2114 				xdr_dirpath, (caddr_t)&fspath, xdr_ppathcnf,
2115 				(caddr_t)&p, timeout);
2116 			if (rpc_stat != RPC_SUCCESS) {
2117 				pr_err(gettext(
2118 				    "%s:%s: server not responding %s\n"),
2119 				    fshost, fspath, clnt_sperror(cl, ""));
2120 				free(args->fh);
2121 				clnt_destroy(cl);
2122 				return (RET_RETRY);
2123 			}
2124 			if (_PC_ISSET(_PC_ERROR, p.pc_mask)) {
2125 				pr_err(gettext(
2126 				    "%s:%s: no pathconf info\n"),
2127 				    fshost, fspath);
2128 				free(args->fh);
2129 				clnt_destroy(cl);
2130 				return (RET_ERR);
2131 			}
2132 			args->flags |= NFSMNT_POSIX;
2133 			args->pathconf = malloc(sizeof (p));
2134 			if (args->pathconf == NULL) {
2135 				pr_err(gettext("no memory\n"));
2136 				free(args->fh);
2137 				clnt_destroy(cl);
2138 				return (RET_ERR);
2139 			}
2140 			memcpy((caddr_t)args->pathconf, (caddr_t)&p,
2141 				sizeof (p));
2142 		}
2143 		break;
2144 
2145 	case MOUNTVERS3:
2146 		*versp = nfsvers_to_use = NFS_V3;
2147 		rpc_stat = clnt_call(cl, MOUNTPROC_MNT, xdr_dirpath,
2148 				(caddr_t)&fspath,
2149 				xdr_mountres3, (caddr_t)&mountres3, timeout);
2150 		if (rpc_stat != RPC_SUCCESS) {
2151 			pr_err(gettext("%s:%s: server not responding %s\n"),
2152 			    fshost, fspath, clnt_sperror(cl, ""));
2153 			clnt_destroy(cl);
2154 			return (RET_RETRY);
2155 		}
2156 
2157 		/*
2158 		 * Assume here that most of the MNT3ERR_*
2159 		 * codes map into E* errors.
2160 		 */
2161 		if ((errno = mountres3.fhs_status) != MNT_OK) {
2162 		    if (loud_on_mnt_err) {
2163 			switch (errno) {
2164 			case MNT3ERR_NAMETOOLONG:
2165 				msg = "path name is too long";
2166 				break;
2167 			case MNT3ERR_NOTSUPP:
2168 				msg = "operation not supported";
2169 				break;
2170 			case MNT3ERR_SERVERFAULT:
2171 				msg = "server fault";
2172 				break;
2173 			default:
2174 				msg = strerror(errno);
2175 				break;
2176 			}
2177 			pr_err(gettext("%s:%s: %s\n"), fshost, fspath, msg);
2178 		    }
2179 		    clnt_destroy(cl);
2180 		    return (RET_MNTERR);
2181 		}
2182 
2183 		fh3p = (nfs_fh3 *)malloc(sizeof (*fh3p));
2184 		if (fh3p == NULL) {
2185 			pr_err(gettext("no memory\n"));
2186 			return (RET_ERR);
2187 		}
2188 		fh3p->fh3_length =
2189 			mountres3.mountres3_u.mountinfo.fhandle.fhandle3_len;
2190 		(void) memcpy(fh3p->fh3_u.data,
2191 			mountres3.mountres3_u.mountinfo.fhandle.fhandle3_val,
2192 			fh3p->fh3_length);
2193 		args->fh = (caddr_t)fh3p;
2194 		fstype = MNTTYPE_NFS3;
2195 
2196 		/*
2197 		 * Check the security flavor to be used.
2198 		 *
2199 		 * If "secure" or "sec=flavor" is a mount
2200 		 * option, check if the server supports the "flavor".
2201 		 * If the server does not support the flavor, return
2202 		 * error.
2203 		 *
2204 		 * If no mount option is given then use the first supported
2205 		 * security flavor (by the client) in the auth list returned
2206 		 * from the server.
2207 		 *
2208 		 */
2209 		auths =
2210 		mountres3.mountres3_u.mountinfo.auth_flavors.auth_flavors_val;
2211 		count =
2212 		mountres3.mountres3_u.mountinfo.auth_flavors.auth_flavors_len;
2213 
2214 		if (sec_opt) {
2215 			for (i = 0; i < count; i++) {
2216 				if (auths[i] == nfs_sec.sc_nfsnum)
2217 				    break;
2218 			}
2219 			if (i >= count) {
2220 				goto autherr;
2221 			}
2222 		} else {
2223 		    if (count > 0) {
2224 			for (i = 0; i < count; i++) {
2225 			    if (!nfs_getseconfig_bynumber(auths[i], &nfs_sec)) {
2226 				sec_opt++;
2227 				break;
2228 			    }
2229 			}
2230 			if (i >= count) {
2231 			    goto autherr;
2232 			}
2233 		    }
2234 		}
2235 		break;
2236 	default:
2237 		pr_err(gettext("%s:%s: Unknown MOUNT version %d\n"),
2238 		    fshost, fspath, outvers);
2239 		clnt_destroy(cl);
2240 		return (RET_ERR);
2241 	}
2242 
2243 	clnt_destroy(cl);
2244 	return (RET_OK);
2245 
2246 autherr:
2247 	pr_err(gettext(
2248 		"security mode does not match the server exporting %s:%s\n"),
2249 		fshost, fspath);
2250 	clnt_destroy(cl);
2251 	return (RET_ERR);
2252 }
2253 
2254 /*
2255  * Fill in the address for the server's NFS service and
2256  * fill in a knetconfig structure for the transport that
2257  * the service is available on.
2258  */
2259 static int
2260 getaddr_nfs(struct nfs_args *args, char *fshost, struct netconfig **nconfp,
2261 	    bool_t get_pubfh, char *fspath, ushort_t port, err_ret_t *error,
2262 	    bool_t print_rpcerror)
2263 {
2264 	struct stat sb;
2265 	struct netconfig *nconf;
2266 	struct knetconfig *knconfp;
2267 	static int printed = 0;
2268 	struct t_info tinfo;
2269 	err_ret_t addr_error;
2270 
2271 	SET_ERR_RET(error, ERR_PROTO_NONE, 0);
2272 	SET_ERR_RET(&addr_error, ERR_PROTO_NONE, 0);
2273 
2274 	if (nfs_proto) {
2275 		/*
2276 		 * If a proto is specified and its rdma try this. The kernel
2277 		 * will later do the reachablity test and fail form there
2278 		 * if rdma transport is not available to kernel rpc
2279 		 */
2280 		if (strcmp(nfs_proto, "rdma") == 0) {
2281 			args->addr = get_addr(fshost, NFS_PROGRAM,
2282 			    nfsvers_to_use, nconfp, NULL, port, &tinfo,
2283 			    &args->fh, get_pubfh, fspath, &addr_error);
2284 
2285 			args->flags |= NFSMNT_DORDMA;
2286 		} else {
2287 			args->addr = get_addr(fshost, NFS_PROGRAM,
2288 			    nfsvers_to_use, nconfp, nfs_proto, port, &tinfo,
2289 			    &args->fh, get_pubfh, fspath, &addr_error);
2290 		}
2291 	} else {
2292 		args->addr = get_addr(fshost, NFS_PROGRAM, nfsvers_to_use,
2293 		    nconfp, nfs_proto, port, &tinfo, &args->fh, get_pubfh,
2294 		    fspath, &addr_error);
2295 		/*
2296 		 * If no proto is specified set this flag.
2297 		 * Kernel mount code will try to use RDMA if its on the
2298 		 * system, otherwise it will keep on using the protocol
2299 		 * selected here, through the above get_addr call.
2300 		 */
2301 		if (nfs_proto == NULL)
2302 			args->flags |= NFSMNT_TRYRDMA;
2303 	}
2304 
2305 	if (args->addr == NULL) {
2306 		/*
2307 		 * We could have failed because the server had no public
2308 		 * file handle support. So don't print a message and don't
2309 		 * retry.
2310 		 */
2311 		if (get_pubfh == TRUE)
2312 			return (RET_ERR);
2313 
2314 		if (!printed) {
2315 			switch (addr_error.error_type) {
2316 			case 0:
2317 				break;
2318 			case ERR_RPCERROR:
2319 				if (!print_rpcerror)
2320 					/* no error print at this time */
2321 					break;
2322 				pr_err(gettext("%s NFS service not"
2323 					    " available %s\n"), fshost,
2324 				    clnt_sperrno(addr_error.error_value));
2325 				break;
2326 			case ERR_NETPATH:
2327 				pr_err(gettext("%s: Error in NETPATH.\n"),
2328 					fshost);
2329 				break;
2330 			case ERR_PROTO_INVALID:
2331 				pr_err(gettext("%s: NFS service does not"
2332 					" recognize protocol: %s.\n"), fshost,
2333 					nfs_proto);
2334 				break;
2335 			case ERR_PROTO_UNSUPP:
2336 				pr_err(gettext("%s: NFS service does not"
2337 					" support protocol: %s.\n"), fshost,
2338 					nfs_proto);
2339 				break;
2340 			case ERR_NOHOST:
2341 				pr_err("%s: %s\n", fshost, netdir_sperror());
2342 				break;
2343 			default:
2344 				/* case ERR_PROTO_NONE falls through */
2345 				pr_err(gettext("%s: NFS service not responding"
2346 					"\n"), fshost);
2347 				break;
2348 			}
2349 			printed = 1;
2350 		}
2351 		SET_ERR_RET(error,
2352 			addr_error.error_type, addr_error.error_value);
2353 		if (addr_error.error_type == ERR_PROTO_NONE)
2354 			return (RET_RETRY);
2355 		else if (addr_error.error_type == ERR_RPCERROR &&
2356 			! IS_UNRECOVERABLE_RPC(addr_error.error_value)) {
2357 			return (RET_RETRY);
2358 		}
2359 		else
2360 			return (RET_ERR);
2361 	}
2362 	nconf = *nconfp;
2363 
2364 	if (stat(nconf->nc_device, &sb) < 0) {
2365 		pr_err(gettext("getaddr_nfs: couldn't stat: %s: %s\n"),
2366 		    nconf->nc_device, strerror(errno));
2367 		return (RET_ERR);
2368 	}
2369 
2370 	knconfp = (struct knetconfig *)malloc(sizeof (*knconfp));
2371 	if (!knconfp) {
2372 		pr_err(gettext("no memory\n"));
2373 		return (RET_ERR);
2374 	}
2375 	knconfp->knc_semantics = nconf->nc_semantics;
2376 	knconfp->knc_protofmly = nconf->nc_protofmly;
2377 	knconfp->knc_proto = nconf->nc_proto;
2378 	knconfp->knc_rdev = sb.st_rdev;
2379 
2380 	/* make sure we don't overload the transport */
2381 	if (tinfo.tsdu > 0 && tinfo.tsdu < NFS_MAXDATA + NFS_RPC_HDR) {
2382 		args->flags |= (NFSMNT_RSIZE | NFSMNT_WSIZE);
2383 		if (args->rsize == 0 || args->rsize > tinfo.tsdu - NFS_RPC_HDR)
2384 			args->rsize = tinfo.tsdu - NFS_RPC_HDR;
2385 		if (args->wsize == 0 || args->wsize > tinfo.tsdu - NFS_RPC_HDR)
2386 			args->wsize = tinfo.tsdu - NFS_RPC_HDR;
2387 	}
2388 
2389 	args->flags |= NFSMNT_KNCONF;
2390 	args->knconf = knconfp;
2391 	return (RET_OK);
2392 }
2393 
2394 static int
2395 retry(struct mnttab *mntp, int ro)
2396 {
2397 	int delay = 5;
2398 	int count = retries;
2399 	int r;
2400 
2401 	if (bg) {
2402 		if (fork() > 0)
2403 			return (RET_OK);
2404 		pr_err(gettext("backgrounding: %s\n"), mntp->mnt_mountp);
2405 		backgrounded = 1;
2406 	} else
2407 		pr_err(gettext("retrying: %s\n"), mntp->mnt_mountp);
2408 
2409 	while (count--) {
2410 		if ((r = mount_nfs(mntp, ro)) == RET_OK) {
2411 			pr_err(gettext("%s: mounted OK\n"), mntp->mnt_mountp);
2412 			return (RET_OK);
2413 		}
2414 		if (r != RET_RETRY)
2415 			break;
2416 
2417 		if (count > 0) {
2418 		    (void) sleep(delay);
2419 		    delay *= 2;
2420 		    if (delay > 120)
2421 			    delay = 120;
2422 		}
2423 	}
2424 	pr_err(gettext("giving up on: %s\n"), mntp->mnt_mountp);
2425 	return (RET_ERR);
2426 }
2427 
2428 /*
2429  * Read the /etc/default/nfs configuration file to determine if the
2430  * client has been configured for a new min/max for the NFS version to
2431  * use.
2432  */
2433 static void
2434 read_default(void)
2435 {
2436 	char *defval;
2437 	int errno;
2438 	int tmp;
2439 
2440 	/* Fail silently if error in opening the default nfs config file */
2441 	if ((defopen(NFSADMIN)) == 0) {
2442 		if ((defval = defread("NFS_CLIENT_VERSMIN=")) != NULL) {
2443 			errno = 0;
2444 			tmp = strtol(defval, (char **)NULL, 10);
2445 			if (errno == 0) {
2446 				vers_min_default = tmp;
2447 			}
2448 		}
2449 		if ((defval = defread("NFS_CLIENT_VERSMAX=")) != NULL) {
2450 			errno = 0;
2451 			tmp = strtol(defval, (char **)NULL, 10);
2452 			if (errno == 0) {
2453 				vers_max_default = tmp;
2454 			}
2455 		}
2456 		/* close defaults file */
2457 		defopen(NULL);
2458 	}
2459 }
2460 
2461 static void
2462 sigusr1(int s)
2463 {
2464 }
2465