xref: /titanic_51/usr/src/lib/libtsnet/common/tsol_sgetrhent.c (revision 45916cd2fec6e79bca5dee0421bd39e3c2910d1e)
1*45916cd2Sjpk /*
2*45916cd2Sjpk  * CDDL HEADER START
3*45916cd2Sjpk  *
4*45916cd2Sjpk  * The contents of this file are subject to the terms of the
5*45916cd2Sjpk  * Common Development and Distribution License (the "License").
6*45916cd2Sjpk  * You may not use this file except in compliance with the License.
7*45916cd2Sjpk  *
8*45916cd2Sjpk  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9*45916cd2Sjpk  * or http://www.opensolaris.org/os/licensing.
10*45916cd2Sjpk  * See the License for the specific language governing permissions
11*45916cd2Sjpk  * and limitations under the License.
12*45916cd2Sjpk  *
13*45916cd2Sjpk  * When distributing Covered Code, include this CDDL HEADER in each
14*45916cd2Sjpk  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15*45916cd2Sjpk  * If applicable, add the following below this CDDL HEADER, with the
16*45916cd2Sjpk  * fields enclosed by brackets "[]" replaced with your own identifying
17*45916cd2Sjpk  * information: Portions Copyright [yyyy] [name of copyright owner]
18*45916cd2Sjpk  *
19*45916cd2Sjpk  * CDDL HEADER END
20*45916cd2Sjpk  */
21*45916cd2Sjpk /*
22*45916cd2Sjpk  * Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
23*45916cd2Sjpk  * Use is subject to license terms.
24*45916cd2Sjpk  *
25*45916cd2Sjpk  * From	"tsol_tndb_parser.c	7.24	01/09/05 SMI; TSOL 2.x"
26*45916cd2Sjpk  *
27*45916cd2Sjpk  * These functions parse entries in the "thrhdb" (remote host database) file.
28*45916cd2Sjpk  * Each entry in the file has two fields, separated by a colon.  The first
29*45916cd2Sjpk  * field is the IP host or network address.  The second is the name of the
30*45916cd2Sjpk  * template to use (from tnrhtp).
31*45916cd2Sjpk  *
32*45916cd2Sjpk  * In order to help preserve sanity, we do not allow more than one unescaped
33*45916cd2Sjpk  * colon in a line.
34*45916cd2Sjpk  */
35*45916cd2Sjpk 
36*45916cd2Sjpk #pragma ident	"%Z%%M%	%I%	%E% SMI"
37*45916cd2Sjpk 
38*45916cd2Sjpk #include <stdio.h>
39*45916cd2Sjpk #include <ctype.h>
40*45916cd2Sjpk #include <stdlib.h>
41*45916cd2Sjpk #include <stddef.h>
42*45916cd2Sjpk #include <string.h>
43*45916cd2Sjpk #include <strings.h>
44*45916cd2Sjpk #include <libtsnet.h>
45*45916cd2Sjpk #include <sys/types.h>
46*45916cd2Sjpk #include <sys/socket.h>
47*45916cd2Sjpk #include <netinet/in.h>
48*45916cd2Sjpk #include <inet/ip.h>
49*45916cd2Sjpk #include <arpa/inet.h>
50*45916cd2Sjpk #include <nss.h>
51*45916cd2Sjpk #include <errno.h>
52*45916cd2Sjpk 
53*45916cd2Sjpk /*
54*45916cd2Sjpk  * This routine deals with old pre-CIDR subnet address specifications.  In the
55*45916cd2Sjpk  * bad old days, a subnet was represented as:
56*45916cd2Sjpk  *
57*45916cd2Sjpk  *	Expression	Implied Prefix
58*45916cd2Sjpk  *	10.1.1.0	/24
59*45916cd2Sjpk  *	10.1.0.0	/16
60*45916cd2Sjpk  *	10.0.0.0	/8
61*45916cd2Sjpk  *	0.0.0.0		/0
62*45916cd2Sjpk  */
63*45916cd2Sjpk static int
64*45916cd2Sjpk get_classful_prefix(in_addr_t addr)
65*45916cd2Sjpk {
66*45916cd2Sjpk 	int bits;
67*45916cd2Sjpk 
68*45916cd2Sjpk 	if (addr == 0)
69*45916cd2Sjpk 		return (0);
70*45916cd2Sjpk 	addr = ntohl(addr);
71*45916cd2Sjpk 	for (bits = IP_ABITS; bits > 0 && (addr & 0xFF) == 0; bits -= 8)
72*45916cd2Sjpk 		addr >>= 8;
73*45916cd2Sjpk 
74*45916cd2Sjpk 	return (bits);
75*45916cd2Sjpk }
76*45916cd2Sjpk 
77*45916cd2Sjpk /*
78*45916cd2Sjpk  * This routine deals with old pre-CIDR network address specifications.  In the
79*45916cd2Sjpk  * bad old days, a network was represented as:
80*45916cd2Sjpk  *
81*45916cd2Sjpk  *	Expression	Implied Prefix
82*45916cd2Sjpk  *	10.1.1		/24
83*45916cd2Sjpk  *	10.1		/16
84*45916cd2Sjpk  *	10		/8
85*45916cd2Sjpk  *
86*45916cd2Sjpk  * This routine must compute the mask and left-align the address.
87*45916cd2Sjpk  */
88*45916cd2Sjpk static int
89*45916cd2Sjpk get_network_prefix(in_addr_t *addrp)
90*45916cd2Sjpk {
91*45916cd2Sjpk 	int bits;
92*45916cd2Sjpk 	in_addr_t addr;
93*45916cd2Sjpk 
94*45916cd2Sjpk 	addr = ntohl(*addrp);
95*45916cd2Sjpk 	for (bits = IP_ABITS; bits > 0 && addr < 0x01000000; bits -= 8)
96*45916cd2Sjpk 		addr <<= 8;
97*45916cd2Sjpk 	*addrp = htonl(addr);
98*45916cd2Sjpk 
99*45916cd2Sjpk 	return (bits);
100*45916cd2Sjpk }
101*45916cd2Sjpk 
102*45916cd2Sjpk static boolean_t
103*45916cd2Sjpk parse_address(tsol_rhent_t *rh, const char *addrbuf)
104*45916cd2Sjpk {
105*45916cd2Sjpk 	int upper_lim;
106*45916cd2Sjpk 	int len;
107*45916cd2Sjpk 	const uchar_t *aptr;
108*45916cd2Sjpk 
109*45916cd2Sjpk 	if (strchr(addrbuf, ':') == NULL) {
110*45916cd2Sjpk 		/* IPv4 address */
111*45916cd2Sjpk 		rh->rh_address.ta_family = AF_INET;
112*45916cd2Sjpk 		if (inet_pton(AF_INET, addrbuf,
113*45916cd2Sjpk 		    &rh->rh_address.ta_addr_v4) > 0) {
114*45916cd2Sjpk 			if (rh->rh_prefix == -1)
115*45916cd2Sjpk 				rh->rh_prefix = get_classful_prefix(rh->
116*45916cd2Sjpk 				    rh_address.ta_addr_v4.s_addr);
117*45916cd2Sjpk 		} else if ((rh->rh_address.ta_addr_v4.s_addr =
118*45916cd2Sjpk 		    inet_network(addrbuf)) != (in_addr_t)-1) {
119*45916cd2Sjpk 			len = get_network_prefix(&rh->rh_address.ta_addr_v4.
120*45916cd2Sjpk 			    s_addr);
121*45916cd2Sjpk 			if (rh->rh_prefix == -1)
122*45916cd2Sjpk 				rh->rh_prefix = len;
123*45916cd2Sjpk 		} else {
124*45916cd2Sjpk 			return (B_FALSE);
125*45916cd2Sjpk 		}
126*45916cd2Sjpk 		upper_lim = IP_ABITS;
127*45916cd2Sjpk 		aptr = (const uchar_t *)&rh->rh_address.ta_addr_v4;
128*45916cd2Sjpk 	} else {
129*45916cd2Sjpk 		/* IPv6 address */
130*45916cd2Sjpk 		rh->rh_address.ta_family = AF_INET6;
131*45916cd2Sjpk 		if (inet_pton(AF_INET6, addrbuf,
132*45916cd2Sjpk 		    &rh->rh_address.ta_addr_v6) <= 0)
133*45916cd2Sjpk 			return (B_FALSE);
134*45916cd2Sjpk 		if (rh->rh_prefix == -1)
135*45916cd2Sjpk 			rh->rh_prefix = IPV6_ABITS;
136*45916cd2Sjpk 		upper_lim = IPV6_ABITS;
137*45916cd2Sjpk 		aptr = (const uchar_t *)&rh->rh_address.ta_addr_v6;
138*45916cd2Sjpk 	}
139*45916cd2Sjpk 
140*45916cd2Sjpk 	if (rh->rh_prefix < 0 || rh->rh_prefix > upper_lim)
141*45916cd2Sjpk 		return (B_FALSE);
142*45916cd2Sjpk 
143*45916cd2Sjpk 	/*
144*45916cd2Sjpk 	 * Verify that there are no bits set in the "host" portion of the
145*45916cd2Sjpk 	 * IP address.
146*45916cd2Sjpk 	 */
147*45916cd2Sjpk 	len = rh->rh_prefix;
148*45916cd2Sjpk 	aptr += len / 8;
149*45916cd2Sjpk 	if ((len & 7) != 0) {
150*45916cd2Sjpk 		if ((*aptr++ & (0xff >> (len & 7))) != 0)
151*45916cd2Sjpk 			return (B_FALSE);
152*45916cd2Sjpk 		len = (len + 7) & ~7;
153*45916cd2Sjpk 	}
154*45916cd2Sjpk 	while (len < upper_lim) {
155*45916cd2Sjpk 		if (*aptr++ != 0)
156*45916cd2Sjpk 			return (B_FALSE);
157*45916cd2Sjpk 		len += 8;
158*45916cd2Sjpk 	}
159*45916cd2Sjpk 
160*45916cd2Sjpk 	return (B_TRUE);
161*45916cd2Sjpk }
162*45916cd2Sjpk 
163*45916cd2Sjpk tsol_rhent_t *
164*45916cd2Sjpk rhstr_to_ent(tsol_rhstr_t *rhstrp, int *errp, char **errstrp)
165*45916cd2Sjpk {
166*45916cd2Sjpk 	int		len;
167*45916cd2Sjpk 	int		err = 0;
168*45916cd2Sjpk 	char		*cp, *cp2, *errstr;
169*45916cd2Sjpk 	char		*address = rhstrp->address;
170*45916cd2Sjpk 	char		*template = rhstrp->template;
171*45916cd2Sjpk 	char		addrbuf[1024];
172*45916cd2Sjpk 	tsol_rhent_t	*rhentp = NULL;
173*45916cd2Sjpk 
174*45916cd2Sjpk 	/*
175*45916cd2Sjpk 	 * The user can specify NULL pointers for these.  Make sure that we
176*45916cd2Sjpk 	 * don't have to deal with checking for NULL everywhere by just
177*45916cd2Sjpk 	 * pointing to our own variables if the user gives NULL.
178*45916cd2Sjpk 	 */
179*45916cd2Sjpk 	if (errp == NULL)
180*45916cd2Sjpk 		errp = &err;
181*45916cd2Sjpk 	if (errstrp == NULL)
182*45916cd2Sjpk 		errstrp = &errstr;
183*45916cd2Sjpk 	/* The default, unless we find a more specific error locus. */
184*45916cd2Sjpk 	*errstrp = address;
185*45916cd2Sjpk 
186*45916cd2Sjpk 	if (address == NULL || *address == '#' || *address == '\n') {
187*45916cd2Sjpk 		*errp = LTSNET_EMPTY;
188*45916cd2Sjpk 		if (template && *template != '\0' && *template != '#' &&
189*45916cd2Sjpk 		    *template != '\n')
190*45916cd2Sjpk 			*errstrp = template;
191*45916cd2Sjpk 		else if (address == NULL)
192*45916cd2Sjpk 			*errstrp = "   ";
193*45916cd2Sjpk 		goto err_ret;
194*45916cd2Sjpk 	}
195*45916cd2Sjpk 	if (*address == '\0') {
196*45916cd2Sjpk 		*errp = LTSNET_NO_ADDR;
197*45916cd2Sjpk 		if (template && *template != '\0' && *template != '#' &&
198*45916cd2Sjpk 		    *template != '\n')
199*45916cd2Sjpk 			*errstrp = template;
200*45916cd2Sjpk 		goto err_ret;
201*45916cd2Sjpk 	}
202*45916cd2Sjpk 	if (template == NULL || *template == '#' || *template == '\n' ||
203*45916cd2Sjpk 	    *template == '\0') {
204*45916cd2Sjpk 		*errp = LTSNET_NO_HOSTTYPE;
205*45916cd2Sjpk 		goto err_ret;
206*45916cd2Sjpk 	}
207*45916cd2Sjpk 	if ((rhentp = calloc(1, sizeof (*rhentp))) == NULL) {
208*45916cd2Sjpk 		*errp = LTSNET_SYSERR;
209*45916cd2Sjpk 		return (NULL);
210*45916cd2Sjpk 	}
211*45916cd2Sjpk 	if ((cp = strrchr(address, '/')) != NULL) {
212*45916cd2Sjpk 		len = cp - address;
213*45916cd2Sjpk 		if (len >= sizeof (addrbuf)) {
214*45916cd2Sjpk 			*errp = LTSNET_ILL_ADDR;
215*45916cd2Sjpk 			goto err_ret;
216*45916cd2Sjpk 		}
217*45916cd2Sjpk 		(void) memset(addrbuf, '\0', sizeof (addrbuf));
218*45916cd2Sjpk 		(void) memcpy(addrbuf, address, len);
219*45916cd2Sjpk 		cp++;
220*45916cd2Sjpk 		errno = 0;
221*45916cd2Sjpk 		rhentp->rh_prefix = strtol(cp, &cp2, 0);
222*45916cd2Sjpk 		if (errno != 0) {
223*45916cd2Sjpk 			*errp = LTSNET_SYSERR;
224*45916cd2Sjpk 			*errstrp = cp2;
225*45916cd2Sjpk 			goto err_ret;
226*45916cd2Sjpk 		}
227*45916cd2Sjpk 		if ((isdigit(*cp) == 0)) {
228*45916cd2Sjpk 			*errp = LTSNET_ILL_ADDR;
229*45916cd2Sjpk 			*errstrp = address;
230*45916cd2Sjpk 			goto err_ret;
231*45916cd2Sjpk 		}
232*45916cd2Sjpk 	} else {
233*45916cd2Sjpk 		rhentp->rh_prefix = -1;
234*45916cd2Sjpk 		(void) strlcpy(addrbuf, address, sizeof (addrbuf));
235*45916cd2Sjpk 	}
236*45916cd2Sjpk 	if (strlcpy(rhentp->rh_template, template,
237*45916cd2Sjpk 	    sizeof (rhentp->rh_template)) >= sizeof (rhentp->rh_template)) {
238*45916cd2Sjpk 		*errstrp = template;
239*45916cd2Sjpk 		*errp = LTSNET_ILL_NAME;
240*45916cd2Sjpk 		goto err_ret;
241*45916cd2Sjpk 	}
242*45916cd2Sjpk 	if (!parse_address(rhentp, addrbuf)) {
243*45916cd2Sjpk 		*errp = LTSNET_ILL_ADDR;
244*45916cd2Sjpk 		*errstrp = address;
245*45916cd2Sjpk 		goto err_ret;
246*45916cd2Sjpk 	}
247*45916cd2Sjpk 
248*45916cd2Sjpk #ifdef	DEBUG
249*45916cd2Sjpk 	(void) fprintf(stdout, "rhstr_to_ent: %s:%s\n",
250*45916cd2Sjpk 	    address, rhentp->rh_template);
251*45916cd2Sjpk #endif	/* DEBUG */
252*45916cd2Sjpk 
253*45916cd2Sjpk 	return (rhentp);
254*45916cd2Sjpk 
255*45916cd2Sjpk err_ret:
256*45916cd2Sjpk 	err = errno;
257*45916cd2Sjpk 	tsol_freerhent(rhentp);
258*45916cd2Sjpk 	errno = err;
259*45916cd2Sjpk #ifdef	DEBUG
260*45916cd2Sjpk 	(void) fprintf(stderr, "\nrhstr_to_ent: %s: %s\n",
261*45916cd2Sjpk 	    *errstrp, (char *)tsol_strerror(*errp, errno));
262*45916cd2Sjpk #endif	/* DEBUG */
263*45916cd2Sjpk 
264*45916cd2Sjpk 	return (NULL);
265*45916cd2Sjpk }
266*45916cd2Sjpk 
267*45916cd2Sjpk void
268*45916cd2Sjpk tsol_freerhent(tsol_rhent_t *rh)
269*45916cd2Sjpk {
270*45916cd2Sjpk 	if (rh != NULL)
271*45916cd2Sjpk 		free(rh);
272*45916cd2Sjpk }
273