1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 22 /* 23 * Copyright 2006 Sun Microsystems, Inc. All rights reserved. 24 * Use is subject to license terms. 25 */ 26 27 /* Copyright (c) 1988 AT&T */ 28 /* All Rights Reserved */ 29 30 #pragma ident "%Z%%M% %I% %E% SMI" 31 32 /* 33 * svc_generic.c, Server side for RPC. 34 * 35 */ 36 37 #include "mt.h" 38 #include <stdlib.h> 39 #include <sys/socket.h> 40 #include <netinet/in.h> 41 #include <netinet/tcp.h> 42 #include <netinet/udp.h> 43 #include <inttypes.h> 44 #include "rpc_mt.h" 45 #include <stdio.h> 46 #include <rpc/rpc.h> 47 #include <sys/types.h> 48 #include <errno.h> 49 #include <syslog.h> 50 #include <rpc/nettype.h> 51 #include <malloc.h> 52 #include <string.h> 53 #include <stropts.h> 54 #include <tsol/label.h> 55 #include <nfs/nfs.h> 56 #include <nfs/nfs_acl.h> 57 #include <rpcsvc/mount.h> 58 #include <rpcsvc/nsm_addr.h> 59 #include <rpcsvc/rquota.h> 60 #include <rpcsvc/sm_inter.h> 61 #include <rpcsvc/nlm_prot.h> 62 63 extern int __svc_vc_setflag(SVCXPRT *, int); 64 65 extern SVCXPRT *svc_dg_create_private(int, uint_t, uint_t); 66 extern SVCXPRT *svc_vc_create_private(int, uint_t, uint_t); 67 extern SVCXPRT *svc_fd_create_private(int, uint_t, uint_t); 68 69 extern bool_t __svc_add_to_xlist(SVCXPRT_LIST **, SVCXPRT *, mutex_t *); 70 extern void __svc_free_xlist(SVCXPRT_LIST **, mutex_t *); 71 72 extern bool_t __rpc_try_doors(const char *, bool_t *); 73 74 /* 75 * The highest level interface for server creation. 76 * It tries for all the nettokens in that particular class of token 77 * and returns the number of handles it can create and/or find. 78 * 79 * It creates a link list of all the handles it could create. 80 * If svc_create() is called multiple times, it uses the handle 81 * created earlier instead of creating a new handle every time. 82 */ 83 84 /* VARIABLES PROTECTED BY xprtlist_lock: xprtlist */ 85 86 SVCXPRT_LIST *_svc_xprtlist = NULL; 87 extern mutex_t xprtlist_lock; 88 89 static SVCXPRT * svc_tli_create_common(int, const struct netconfig *, 90 const struct t_bind *, uint_t, uint_t, boolean_t); 91 92 boolean_t 93 is_multilevel(rpcprog_t prognum) 94 { 95 /* This is a list of identified multilevel service provider */ 96 if ((prognum == MOUNTPROG) || (prognum == NFS_PROGRAM) || 97 (prognum == NFS_ACL_PROGRAM) || (prognum == NLM_PROG) || 98 (prognum == NSM_ADDR_PROGRAM) || (prognum == RQUOTAPROG) || 99 (prognum == SM_PROG)) 100 return (B_TRUE); 101 102 return (B_FALSE); 103 } 104 105 void 106 __svc_free_xprtlist(void) 107 { 108 __svc_free_xlist(&_svc_xprtlist, &xprtlist_lock); 109 } 110 111 int 112 svc_create(void (*dispatch)(), const rpcprog_t prognum, const rpcvers_t versnum, 113 const char *nettype) 114 { 115 SVCXPRT_LIST *l; 116 int num = 0; 117 SVCXPRT *xprt; 118 struct netconfig *nconf; 119 void *handle; 120 bool_t try_others; 121 122 /* 123 * Check if service should register over doors transport. 124 */ 125 if (__rpc_try_doors(nettype, &try_others)) { 126 if (svc_door_create(dispatch, prognum, versnum, 0) == NULL) 127 (void) syslog(LOG_ERR, 128 "svc_create: could not register over doors"); 129 else 130 num++; 131 } 132 if (!try_others) 133 return (num); 134 if ((handle = __rpc_setconf((char *)nettype)) == NULL) { 135 (void) syslog(LOG_ERR, "svc_create: unknown protocol"); 136 return (0); 137 } 138 while (nconf = __rpc_getconf(handle)) { 139 (void) mutex_lock(&xprtlist_lock); 140 for (l = _svc_xprtlist; l; l = l->next) { 141 if (strcmp(l->xprt->xp_netid, nconf->nc_netid) == 0) { 142 /* Found an old one, use it */ 143 (void) rpcb_unset(prognum, versnum, nconf); 144 if (svc_reg(l->xprt, prognum, versnum, 145 dispatch, nconf) == FALSE) 146 (void) syslog(LOG_ERR, 147 "svc_create: could not register prog %d vers %d on %s", 148 prognum, versnum, nconf->nc_netid); 149 else 150 num++; 151 break; 152 } 153 } 154 (void) mutex_unlock(&xprtlist_lock); 155 if (l == NULL) { 156 /* It was not found. Now create a new one */ 157 xprt = svc_tp_create(dispatch, prognum, versnum, nconf); 158 if (xprt) { 159 if (!__svc_add_to_xlist(&_svc_xprtlist, xprt, 160 &xprtlist_lock)) { 161 (void) syslog(LOG_ERR, 162 "svc_create: no memory"); 163 return (0); 164 } 165 num++; 166 } 167 } 168 } 169 __rpc_endconf(handle); 170 /* 171 * In case of num == 0; the error messages are generated by the 172 * underlying layers; and hence not needed here. 173 */ 174 return (num); 175 } 176 177 /* 178 * The high level interface to svc_tli_create(). 179 * It tries to create a server for "nconf" and registers the service 180 * with the rpcbind. It calls svc_tli_create(); 181 */ 182 SVCXPRT * 183 svc_tp_create(void (*dispatch)(), const rpcprog_t prognum, 184 const rpcvers_t versnum, const struct netconfig *nconf) 185 { 186 SVCXPRT *xprt; 187 boolean_t anon_mlp = B_FALSE; 188 189 if (nconf == NULL) { 190 (void) syslog(LOG_ERR, 191 "svc_tp_create: invalid netconfig structure for prog %d vers %d", 192 prognum, versnum); 193 return (NULL); 194 } 195 196 /* Some programs need to allocate MLP for multilevel services */ 197 if (is_system_labeled() && is_multilevel(prognum)) 198 anon_mlp = B_TRUE; 199 xprt = svc_tli_create_common(RPC_ANYFD, nconf, NULL, 0, 0, anon_mlp); 200 if (xprt == NULL) 201 return (NULL); 202 (void) rpcb_unset(prognum, versnum, (struct netconfig *)nconf); 203 if (svc_reg(xprt, prognum, versnum, dispatch, nconf) == FALSE) { 204 (void) syslog(LOG_ERR, 205 "svc_tp_create: Could not register prog %d vers %d on %s", 206 prognum, versnum, nconf->nc_netid); 207 SVC_DESTROY(xprt); 208 return (NULL); 209 } 210 return (xprt); 211 } 212 213 SVCXPRT * 214 svc_tli_create(const int fd, const struct netconfig *nconf, 215 const struct t_bind *bindaddr, const uint_t sendsz, const uint_t recvsz) 216 { 217 return (svc_tli_create_common(fd, nconf, bindaddr, sendsz, recvsz, 0)); 218 } 219 220 /* 221 * If fd is RPC_ANYFD, then it opens a fd for the given transport 222 * provider (nconf cannot be NULL then). If the t_state is T_UNBND and 223 * bindaddr is NON-NULL, it performs a t_bind using the bindaddr. For 224 * NULL bindadr and Connection oriented transports, the value of qlen 225 * is set arbitrarily. 226 * 227 * If sendsz or recvsz are zero, their default values are chosen. 228 */ 229 SVCXPRT * 230 svc_tli_create_common(const int ofd, const struct netconfig *nconf, 231 const struct t_bind *bindaddr, const uint_t sendsz, 232 const uint_t recvsz, boolean_t mlp_flag) 233 { 234 SVCXPRT *xprt = NULL; /* service handle */ 235 struct t_info tinfo; /* transport info */ 236 struct t_bind *tres = NULL; /* bind info */ 237 bool_t madefd = FALSE; /* whether fd opened here */ 238 int state; /* state of the transport provider */ 239 int fd = ofd; 240 241 if (fd == RPC_ANYFD) { 242 if (nconf == NULL) { 243 (void) syslog(LOG_ERR, 244 "svc_tli_create: invalid netconfig"); 245 return (NULL); 246 } 247 fd = t_open(nconf->nc_device, O_RDWR, &tinfo); 248 if (fd == -1) { 249 char errorstr[100]; 250 251 __tli_sys_strerror(errorstr, sizeof (errorstr), 252 t_errno, errno); 253 (void) syslog(LOG_ERR, 254 "svc_tli_create: could not open connection for %s: %s", 255 nconf->nc_netid, errorstr); 256 return (NULL); 257 } 258 madefd = TRUE; 259 state = T_UNBND; 260 } else { 261 /* 262 * It is an open descriptor. Sync it & get the transport info. 263 */ 264 if ((state = t_sync(fd)) == -1) { 265 char errorstr[100]; 266 267 __tli_sys_strerror(errorstr, sizeof (errorstr), 268 t_errno, errno); 269 (void) syslog(LOG_ERR, 270 "svc_tli_create: could not do t_sync: %s", 271 errorstr); 272 return (NULL); 273 } 274 if (t_getinfo(fd, &tinfo) == -1) { 275 char errorstr[100]; 276 277 __tli_sys_strerror(errorstr, sizeof (errorstr), 278 t_errno, errno); 279 (void) syslog(LOG_ERR, 280 "svc_tli_create: could not get transport information: %s", 281 errorstr); 282 return (NULL); 283 } 284 /* Enable options of returning the ip's for udp */ 285 if (nconf) { 286 int ret = 0; 287 if (strcmp(nconf->nc_netid, "udp6") == 0) { 288 ret = __rpc_tli_set_options(fd, IPPROTO_IPV6, 289 IPV6_RECVPKTINFO, 1); 290 if (ret < 0) { 291 char errorstr[100]; 292 293 __tli_sys_strerror(errorstr, sizeof (errorstr), 294 t_errno, errno); 295 (void) syslog(LOG_ERR, 296 "svc_tli_create: IPV6_RECVPKTINFO(1): %s", 297 errorstr); 298 return (NULL); 299 } 300 } else if (strcmp(nconf->nc_netid, "udp") == 0) { 301 ret = __rpc_tli_set_options(fd, IPPROTO_IP, 302 IP_RECVDSTADDR, 1); 303 if (ret < 0) { 304 char errorstr[100]; 305 306 __tli_sys_strerror(errorstr, sizeof (errorstr), 307 t_errno, errno); 308 (void) syslog(LOG_ERR, 309 "svc_tli_create: IP_RECVDSTADDR(1): %s", 310 errorstr); 311 return (NULL); 312 } 313 } 314 } 315 } 316 317 /* 318 * If the fd is unbound, try to bind it. 319 * In any case, try to get its bound info in tres 320 */ 321 /* LINTED pointer alignment */ 322 tres = (struct t_bind *)t_alloc(fd, T_BIND, T_ADDR); 323 if (tres == NULL) { 324 (void) syslog(LOG_ERR, "svc_tli_create: No memory!"); 325 goto freedata; 326 } 327 328 switch (state) { 329 bool_t tcp, exclbind; 330 case T_UNBND: 331 /* If this is a labeled system, then ask for an MLP */ 332 if (is_system_labeled() && 333 (strcmp(nconf->nc_protofmly, NC_INET) == 0 || 334 strcmp(nconf->nc_protofmly, NC_INET6) == 0)) { 335 (void) __rpc_tli_set_options(fd, SOL_SOCKET, 336 SO_RECVUCRED, 1); 337 if (mlp_flag) 338 (void) __rpc_tli_set_options(fd, SOL_SOCKET, 339 SO_ANON_MLP, 1); 340 } 341 342 /* 343 * SO_EXCLBIND has the following properties 344 * - an fd bound to port P via IPv4 will prevent an IPv6 345 * bind to port P (and vice versa) 346 * - an fd bound to a wildcard IP address for port P will 347 * prevent a more specific IP address bind to port P 348 * (see {tcp,udp}.c for details) 349 * 350 * We use the latter property to prevent hijacking of RPC 351 * services that reside at non-privileged ports. 352 */ 353 tcp = nconf ? (strcmp(nconf->nc_proto, NC_TCP) == 0) : 0; 354 if (nconf && 355 (tcp || (strcmp(nconf->nc_proto, NC_UDP) == 0)) && 356 rpc_control(__RPC_SVC_EXCLBIND_GET, &exclbind)) { 357 if (exclbind) { 358 if (__rpc_tli_set_options(fd, SOL_SOCKET, 359 SO_EXCLBIND, 1) < 0) { 360 syslog(LOG_ERR, 361 "svc_tli_create: can't set EXCLBIND [netid='%s']", 362 nconf->nc_netid); 363 goto freedata; 364 } 365 } 366 } 367 if (bindaddr) { 368 if (t_bind(fd, (struct t_bind *)bindaddr, 369 tres) == -1) { 370 char errorstr[100]; 371 372 __tli_sys_strerror(errorstr, sizeof (errorstr), 373 t_errno, errno); 374 (void) syslog(LOG_ERR, 375 "svc_tli_create: could not bind: %s", 376 errorstr); 377 goto freedata; 378 } 379 /* 380 * Should compare the addresses only if addr.len 381 * was non-zero 382 */ 383 if (bindaddr->addr.len && 384 (memcmp(bindaddr->addr.buf, tres->addr.buf, 385 (int)tres->addr.len) != 0)) { 386 (void) syslog(LOG_ERR, 387 "svc_tli_create: could not bind to requested address: %s", 388 "address mismatch"); 389 goto freedata; 390 } 391 } else { 392 tres->qlen = 64; /* Chosen Arbitrarily */ 393 tres->addr.len = 0; 394 if (t_bind(fd, tres, tres) == -1) { 395 char errorstr[100]; 396 397 __tli_sys_strerror(errorstr, sizeof (errorstr), 398 t_errno, errno); 399 (void) syslog(LOG_ERR, 400 "svc_tli_create: could not bind: %s", 401 errorstr); 402 goto freedata; 403 } 404 } 405 406 /* Enable options of returning the ip's for udp */ 407 if (nconf) { 408 int ret = 0; 409 if (strcmp(nconf->nc_netid, "udp6") == 0) { 410 ret = __rpc_tli_set_options(fd, IPPROTO_IPV6, 411 IPV6_RECVPKTINFO, 1); 412 if (ret < 0) { 413 char errorstr[100]; 414 415 __tli_sys_strerror(errorstr, sizeof (errorstr), 416 t_errno, errno); 417 (void) syslog(LOG_ERR, 418 "svc_tli_create: IPV6_RECVPKTINFO(2): %s", 419 errorstr); 420 goto freedata; 421 } 422 } else if (strcmp(nconf->nc_netid, "udp") == 0) { 423 ret = __rpc_tli_set_options(fd, IPPROTO_IP, 424 IP_RECVDSTADDR, 1); 425 if (ret < 0) { 426 char errorstr[100]; 427 428 __tli_sys_strerror(errorstr, sizeof (errorstr), 429 t_errno, errno); 430 (void) syslog(LOG_ERR, 431 "svc_tli_create: IP_RECVDSTADDR(2): %s", 432 errorstr); 433 goto freedata; 434 } 435 } 436 } 437 break; 438 439 case T_IDLE: 440 if (bindaddr) { 441 /* Copy the entire stuff in tres */ 442 if (tres->addr.maxlen < bindaddr->addr.len) { 443 (void) syslog(LOG_ERR, 444 "svc_tli_create: illegal netbuf length"); 445 goto freedata; 446 } 447 tres->addr.len = bindaddr->addr.len; 448 (void) memcpy(tres->addr.buf, bindaddr->addr.buf, 449 (int)tres->addr.len); 450 } else 451 if (t_getname(fd, &(tres->addr), LOCALNAME) == -1) 452 tres->addr.len = 0; 453 break; 454 case T_INREL: 455 (void) t_rcvrel(fd); 456 (void) t_sndrel(fd); 457 (void) syslog(LOG_ERR, 458 "svc_tli_create: other side wants to\ 459 release connection"); 460 goto freedata; 461 462 case T_INCON: 463 /* Do nothing here. Assume this is handled in rendezvous */ 464 break; 465 case T_DATAXFER: 466 /* 467 * This takes care of the case where a fd 468 * is passed on which a connection has already 469 * been accepted. 470 */ 471 if (t_getname(fd, &(tres->addr), LOCALNAME) == -1) 472 tres->addr.len = 0; 473 break; 474 default: 475 (void) syslog(LOG_ERR, 476 "svc_tli_create: connection in a wierd state (%d)", state); 477 goto freedata; 478 } 479 480 /* 481 * call transport specific function. 482 */ 483 switch (tinfo.servtype) { 484 case T_COTS_ORD: 485 case T_COTS: 486 if (state == T_DATAXFER) 487 xprt = svc_fd_create_private(fd, sendsz, 488 recvsz); 489 else 490 xprt = svc_vc_create_private(fd, sendsz, 491 recvsz); 492 if (!nconf || !xprt) 493 break; 494 if ((tinfo.servtype == T_COTS_ORD) && 495 (state != T_DATAXFER) && 496 (strcmp(nconf->nc_protofmly, "inet") == 0)) 497 (void) __svc_vc_setflag(xprt, TRUE); 498 break; 499 case T_CLTS: 500 xprt = svc_dg_create_private(fd, sendsz, recvsz); 501 break; 502 default: 503 (void) syslog(LOG_ERR, 504 "svc_tli_create: bad service type"); 505 goto freedata; 506 } 507 if (xprt == NULL) 508 /* 509 * The error messages here are spitted out by the lower layers: 510 * svc_vc_create(), svc_fd_create() and svc_dg_create(). 511 */ 512 goto freedata; 513 514 /* fill in the other xprt information */ 515 516 /* Assign the local bind address */ 517 xprt->xp_ltaddr = tres->addr; 518 /* Fill in type of service */ 519 xprt->xp_type = tinfo.servtype; 520 tres->addr.buf = NULL; 521 (void) t_free((char *)tres, T_BIND); 522 tres = NULL; 523 524 xprt->xp_rtaddr.len = 0; 525 xprt->xp_rtaddr.maxlen = __rpc_get_a_size(tinfo.addr); 526 527 /* Allocate space for the remote bind info */ 528 if ((xprt->xp_rtaddr.buf = malloc(xprt->xp_rtaddr.maxlen)) == NULL) { 529 (void) syslog(LOG_ERR, "svc_tli_create: No memory!"); 530 goto freedata; 531 } 532 533 if (nconf) { 534 xprt->xp_netid = strdup(nconf->nc_netid); 535 if (xprt->xp_netid == NULL) { 536 if (xprt->xp_rtaddr.buf) 537 free(xprt->xp_rtaddr.buf); 538 syslog(LOG_ERR, "svc_tli_create: strdup failed!"); 539 goto freedata; 540 } 541 xprt->xp_tp = strdup(nconf->nc_device); 542 if (xprt->xp_tp == NULL) { 543 if (xprt->xp_rtaddr.buf) 544 free(xprt->xp_rtaddr.buf); 545 if (xprt->xp_netid) 546 free(xprt->xp_netid); 547 syslog(LOG_ERR, "svc_tli_create: strdup failed!"); 548 goto freedata; 549 } 550 } 551 552 /* 553 * if (madefd && (tinfo.servtype == T_CLTS)) 554 * (void) ioctl(fd, I_POP, NULL); 555 */ 556 xprt_register(xprt); 557 return (xprt); 558 559 freedata: 560 if (madefd) 561 (void) t_close(fd); 562 if (tres) 563 (void) t_free((char *)tres, T_BIND); 564 if (xprt) { 565 if (!madefd) /* so that svc_destroy doesnt close fd */ 566 xprt->xp_fd = RPC_ANYFD; 567 SVC_DESTROY(xprt); 568 } 569 return (NULL); 570 } 571