autod_nfs.c revision 7693:6fa3b1da138b
1/* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21/* 22 * Copyright 2008 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25 26#include <stdio.h> 27#include <unistd.h> 28#include <stdlib.h> 29#include <ctype.h> 30#include <syslog.h> 31#include <string.h> 32#include <deflt.h> 33#include <kstat.h> 34#include <sys/param.h> 35#include <sys/types.h> 36#include <sys/time.h> 37#include <sys/stat.h> 38#include <sys/wait.h> 39#include <sys/socket.h> 40#include <netinet/in.h> 41#include <signal.h> 42#include <sys/signal.h> 43#include <rpc/rpc.h> 44#include <rpc/pmap_clnt.h> 45#include <sys/mount.h> 46#include <sys/mntent.h> 47#include <sys/mnttab.h> 48#include <sys/fstyp.h> 49#include <sys/fsid.h> 50#include <arpa/inet.h> 51#include <netdb.h> 52#include <netconfig.h> 53#include <netdir.h> 54#include <errno.h> 55#define NFSCLIENT 56#include <nfs/nfs.h> 57#include <nfs/mount.h> 58#include <rpcsvc/mount.h> 59#include <rpc/nettype.h> 60#include <locale.h> 61#include <setjmp.h> 62#include <sys/socket.h> 63#include <thread.h> 64#include <limits.h> 65#include <nss_dbdefs.h> /* for NSS_BUFLEN_HOSTS */ 66#include <nfs/nfs_sec.h> 67#include <sys/sockio.h> 68#include <net/if.h> 69#include <assert.h> 70#include <nfs/nfs_clnt.h> 71#include <rpcsvc/nfs4_prot.h> 72#define NO_RDDIR_CACHE 73#include "automount.h" 74#include "replica.h" 75#include "nfs_subr.h" 76#include "webnfs.h" 77#include <sys/sockio.h> 78#include <net/if.h> 79#include <assert.h> 80#include <rpcsvc/daemon_utils.h> 81#include <pwd.h> 82#include <strings.h> 83#include <tsol/label.h> 84#include <zone.h> 85 86extern void set_nfsv4_ephemeral_mount_to(void); 87 88extern char *nfs_get_qop_name(); 89extern AUTH *nfs_create_ah(); 90extern enum snego_stat nfs_sec_nego(); 91 92#define MAXHOSTS 512 93 94/* number of transports to try */ 95#define MNT_PREF_LISTLEN 2 96#define FIRST_TRY 1 97#define SECOND_TRY 2 98 99#define MNTTYPE_CACHEFS "cachefs" 100 101/* 102 * host cache states 103 */ 104#define NOHOST 0 105#define GOODHOST 1 106#define DEADHOST 2 107 108#define NFS_ARGS_EXTB_secdata(args, secdata) \ 109 { (args).nfs_args_ext = NFS_ARGS_EXTB, \ 110 (args).nfs_ext_u.nfs_extB.secdata = secdata; } 111 112struct cache_entry { 113 struct cache_entry *cache_next; 114 char *cache_host; 115 time_t cache_time; 116 int cache_state; 117 rpcvers_t cache_reqvers; 118 rpcvers_t cache_outvers; 119 char *cache_proto; 120}; 121 122struct mfs_snego_t { 123 int sec_opt; 124 bool_t snego_done; 125 char *nfs_flavor; 126 seconfig_t nfs_sec; 127}; 128typedef struct mfs_snego_t mfs_snego_t; 129 130static struct cache_entry *cache_head = NULL; 131rwlock_t cache_lock; /* protect the cache chain */ 132 133static enum nfsstat nfsmount(struct mapfs *, char *, char *, int, int, uid_t, 134 action_list *); 135static int is_nfs_port(char *); 136 137void netbuf_free(struct netbuf *); 138struct knetconfig *get_knconf(struct netconfig *); 139void free_knconf(struct knetconfig *); 140static int get_pathconf(CLIENT *, char *, char *, struct pathcnf **, int); 141static struct mapfs *enum_servers(struct mapent *, char *); 142static struct mapfs *get_mysubnet_servers(struct mapfs *); 143static int subnet_test(int af, struct sioc_addrreq *); 144static struct netbuf *get_addr(char *, rpcprog_t, rpcvers_t, 145 struct netconfig **, char *, ushort_t, struct t_info *); 146 147static struct netbuf *get_pubfh(char *, rpcvers_t, mfs_snego_t *, 148 struct netconfig **, char *, ushort_t, struct t_info *, caddr_t *, 149 bool_t, char *); 150 151static int create_homedir(const char *, const char *); 152 153enum type_of_stuff { 154 SERVER_ADDR = 0, 155 SERVER_PING = 1, 156 SERVER_FH = 2 157}; 158 159void *get_server_stuff(enum type_of_stuff, char *, rpcprog_t, 160 rpcvers_t, mfs_snego_t *, struct netconfig **, char *, ushort_t, 161 struct t_info *, caddr_t *, bool_t, char *, enum clnt_stat *); 162 163void *get_the_stuff(enum type_of_stuff, char *, rpcprog_t, 164 rpcvers_t, mfs_snego_t *, struct netconfig *, ushort_t, struct t_info *, 165 caddr_t *, bool_t, char *, enum clnt_stat *); 166 167struct mapfs *add_mfs(struct mapfs *, int, struct mapfs **, struct mapfs **); 168void free_mfs(struct mapfs *); 169static void dump_mfs(struct mapfs *, char *, int); 170static char *dump_distance(struct mapfs *); 171static void cache_free(struct cache_entry *); 172static int cache_check(char *, rpcvers_t *, char *); 173static void cache_enter(char *, rpcvers_t, rpcvers_t, char *, int); 174void destroy_auth_client_handle(CLIENT *cl); 175 176#ifdef CACHE_DEBUG 177static void trace_host_cache(); 178static void trace_portmap_cache(); 179#endif /* CACHE_DEBUG */ 180 181static int rpc_timeout = 20; 182 183#ifdef CACHE_DEBUG 184/* 185 * host cache counters. These variables do not need to be protected 186 * by mutex's. They have been added to measure the utility of the 187 * goodhost/deadhost cache in the lazy hierarchical mounting scheme. 188 */ 189static int host_cache_accesses = 0; 190static int host_cache_lookups = 0; 191static int deadhost_cache_hits = 0; 192static int goodhost_cache_hits = 0; 193 194/* 195 * portmap cache counters. These variables do not need to be protected 196 * by mutex's. They have been added to measure the utility of the portmap 197 * cache in the lazy hierarchical mounting scheme. 198 */ 199static int portmap_cache_accesses = 0; 200static int portmap_cache_lookups = 0; 201static int portmap_cache_hits = 0; 202#endif /* CACHE_DEBUG */ 203 204/* 205 * There are the defaults (range) for the client when determining 206 * which NFS version to use when probing the server (see above). 207 * These will only be used when the vers mount option is not used and 208 * these may be reset if /etc/default/nfs is configured to do so. 209 */ 210static rpcvers_t vers_max_default = NFS_VERSMAX_DEFAULT; 211static rpcvers_t vers_min_default = NFS_VERSMIN_DEFAULT; 212 213/* 214 * list of support services needed 215 */ 216static char *service_list[] = { STATD, LOCKD, NULL }; 217static char *service_list_v4[] = { STATD, LOCKD, NFS4CBD, NFSMAPID, NULL }; 218 219static void read_default_nfs(void); 220static int is_v4_mount(char *); 221static void start_nfs4cbd(void); 222 223int 224mount_nfs( 225 struct mapent *me, 226 char *mntpnt, 227 char *prevhost, 228 int overlay, 229 uid_t uid, 230 action_list **alpp) 231{ 232 struct mapfs *mfs, *mp; 233 int err = -1; 234 int cached; 235 action_list *alp; 236 237 238 alp = *alpp; 239 240 read_default_nfs(); 241 242 mfs = enum_servers(me, prevhost); 243 if (mfs == NULL) 244 return (ENOENT); 245 246 /* 247 * Try loopback if we have something on localhost; if nothing 248 * works, we will fall back to NFS 249 */ 250 if (is_nfs_port(me->map_mntopts)) { 251 for (mp = mfs; mp; mp = mp->mfs_next) { 252 if (self_check(mp->mfs_host)) { 253 err = loopbackmount(mp->mfs_dir, 254 mntpnt, me->map_mntopts, overlay); 255 if (err) { 256 mp->mfs_ignore = 1; 257 } else { 258 /* 259 * Free action_list if there 260 * is one as it is not needed. 261 * Make sure to set alpp to null 262 * so caller doesn't try to free it 263 * again. 264 */ 265 if (*alpp) { 266 free(*alpp); 267 *alpp = NULL; 268 } 269 break; 270 } 271 } 272 } 273 } 274 if (err) { 275 cached = strcmp(me->map_mounter, MNTTYPE_CACHEFS) == 0; 276 err = nfsmount(mfs, mntpnt, me->map_mntopts, 277 cached, overlay, uid, alp); 278 if (err && trace > 1) { 279 trace_prt(1, " Couldn't mount %s:%s, err=%d\n", 280 mfs->mfs_host, mfs->mfs_dir, err); 281 } 282 } 283 free_mfs(mfs); 284 return (err); 285} 286 287 288/* 289 * Using the new ioctl SIOCTONLINK to determine if a host is on the same 290 * subnet. Remove the old network, subnet check. 291 */ 292 293static struct mapfs * 294get_mysubnet_servers(struct mapfs *mfs_in) 295{ 296 int s; 297 struct mapfs *mfs, *p, *mfs_head = NULL, *mfs_tail = NULL; 298 299 struct netconfig *nconf; 300 NCONF_HANDLE *nc = NULL; 301 struct nd_hostserv hs; 302 struct nd_addrlist *retaddrs; 303 struct netbuf *nb; 304 struct sioc_addrreq areq; 305 int res; 306 int af; 307 int i; 308 int sa_size; 309 310 hs.h_serv = "rpcbind"; 311 312 for (mfs = mfs_in; mfs; mfs = mfs->mfs_next) { 313 nc = setnetconfig(); 314 315 while (nconf = getnetconfig(nc)) { 316 317 /* 318 * Care about INET family only. proto_done flag 319 * indicates if we have already covered this 320 * protocol family. If so skip it 321 */ 322 if (((strcmp(nconf->nc_protofmly, NC_INET6) == 0) || 323 (strcmp(nconf->nc_protofmly, NC_INET) == 0)) && 324 (nconf->nc_semantics == NC_TPI_CLTS)) { 325 } else 326 continue; 327 328 hs.h_host = mfs->mfs_host; 329 330 if (netdir_getbyname(nconf, &hs, &retaddrs) != ND_OK) 331 continue; 332 333 /* 334 * For each host address see if it's on our 335 * local subnet. 336 */ 337 338 if (strcmp(nconf->nc_protofmly, NC_INET6) == 0) 339 af = AF_INET6; 340 else 341 af = AF_INET; 342 nb = retaddrs->n_addrs; 343 for (i = 0; i < retaddrs->n_cnt; i++, nb++) { 344 memset(&areq.sa_addr, 0, sizeof (areq.sa_addr)); 345 memcpy(&areq.sa_addr, nb->buf, MIN(nb->len, 346 sizeof (areq.sa_addr))); 347 if (res = subnet_test(af, &areq)) { 348 p = add_mfs(mfs, DIST_MYNET, 349 &mfs_head, &mfs_tail); 350 if (!p) { 351 netdir_free(retaddrs, 352 ND_ADDRLIST); 353 endnetconfig(nc); 354 return (NULL); 355 } 356 break; 357 } 358 } /* end of every host */ 359 if (trace > 2) { 360 trace_prt(1, "get_mysubnet_servers: host=%s " 361 "netid=%s res=%s\n", mfs->mfs_host, 362 nconf->nc_netid, res == 1?"SUC":"FAIL"); 363 } 364 365 netdir_free(retaddrs, ND_ADDRLIST); 366 } /* end of while */ 367 368 endnetconfig(nc); 369 370 } /* end of every map */ 371 372 return (mfs_head); 373 374} 375 376int 377subnet_test(int af, struct sioc_addrreq *areq) 378{ 379 int s; 380 381 if ((s = socket(af, SOCK_DGRAM, 0)) < 0) { 382 return (0); 383 } 384 385 areq->sa_res = -1; 386 387 if (ioctl(s, SIOCTONLINK, (caddr_t)areq) < 0) { 388 syslog(LOG_ERR, "subnet_test:SIOCTONLINK failed"); 389 return (0); 390 } 391 close(s); 392 if (areq->sa_res == 1) 393 return (1); 394 else 395 return (0); 396 397 398} 399 400/* 401 * ping a bunch of hosts at once and sort by who responds first 402 */ 403static struct mapfs * 404sort_servers(struct mapfs *mfs_in, int timeout) 405{ 406 struct mapfs *m1 = NULL; 407 enum clnt_stat clnt_stat; 408 409 if (!mfs_in) 410 return (NULL); 411 412 clnt_stat = nfs_cast(mfs_in, &m1, timeout); 413 414 if (!m1) { 415 char buff[2048] = {'\0'}; 416 417 for (m1 = mfs_in; m1; m1 = m1->mfs_next) { 418 (void) strcat(buff, m1->mfs_host); 419 if (m1->mfs_next) 420 (void) strcat(buff, ","); 421 } 422 423 syslog(LOG_ERR, "servers %s not responding: %s", 424 buff, clnt_sperrno(clnt_stat)); 425 } 426 427 return (m1); 428} 429 430/* 431 * Add a mapfs entry to the list described by *mfs_head and *mfs_tail, 432 * provided it is not marked "ignored" and isn't a dupe of ones we've 433 * already seen. 434 */ 435struct mapfs * 436add_mfs(struct mapfs *mfs, int distance, struct mapfs **mfs_head, 437 struct mapfs **mfs_tail) 438{ 439 struct mapfs *tmp, *new; 440 441 for (tmp = *mfs_head; tmp; tmp = tmp->mfs_next) 442 if ((strcmp(tmp->mfs_host, mfs->mfs_host) == 0 && 443 strcmp(tmp->mfs_dir, mfs->mfs_dir) == 0) || 444 mfs->mfs_ignore) 445 return (*mfs_head); 446 new = (struct mapfs *)malloc(sizeof (struct mapfs)); 447 if (!new) { 448 syslog(LOG_ERR, "Memory allocation failed: %m"); 449 return (NULL); 450 } 451 bcopy(mfs, new, sizeof (struct mapfs)); 452 new->mfs_next = NULL; 453 if (distance) 454 new->mfs_distance = distance; 455 if (!*mfs_head) 456 *mfs_tail = *mfs_head = new; 457 else { 458 (*mfs_tail)->mfs_next = new; 459 *mfs_tail = new; 460 } 461 return (*mfs_head); 462} 463 464static void 465dump_mfs(struct mapfs *mfs, char *message, int level) 466{ 467 struct mapfs *m1; 468 469 if (trace <= level) 470 return; 471 472 trace_prt(1, "%s", message); 473 if (!mfs) { 474 trace_prt(0, "mfs is null\n"); 475 return; 476 } 477 for (m1 = mfs; m1; m1 = m1->mfs_next) 478 trace_prt(0, "%s[%s] ", m1->mfs_host, dump_distance(m1)); 479 trace_prt(0, "\n"); 480} 481 482static char * 483dump_distance(struct mapfs *mfs) 484{ 485 switch (mfs->mfs_distance) { 486 case 0: return ("zero"); 487 case DIST_SELF: return ("self"); 488 case DIST_MYSUB: return ("mysub"); 489 case DIST_MYNET: return ("mynet"); 490 case DIST_OTHER: return ("other"); 491 default: return ("other"); 492 } 493} 494 495/* 496 * Walk linked list "raw", building a new list consisting of members 497 * NOT found in list "filter", returning the result. 498 */ 499static struct mapfs * 500filter_mfs(struct mapfs *raw, struct mapfs *filter) 501{ 502 struct mapfs *mfs, *p, *mfs_head = NULL, *mfs_tail = NULL; 503 int skip; 504 505 if (!raw) 506 return (NULL); 507 for (mfs = raw; mfs; mfs = mfs->mfs_next) { 508 for (skip = 0, p = filter; p; p = p->mfs_next) { 509 if (strcmp(p->mfs_host, mfs->mfs_host) == 0 && 510 strcmp(p->mfs_dir, mfs->mfs_dir) == 0) { 511 skip = 1; 512 break; 513 } 514 } 515 if (skip) 516 continue; 517 p = add_mfs(mfs, 0, &mfs_head, &mfs_tail); 518 if (!p) 519 return (NULL); 520 } 521 return (mfs_head); 522} 523 524/* 525 * Walk a linked list of mapfs structs, freeing each member. 526 */ 527void 528free_mfs(struct mapfs *mfs) 529{ 530 struct mapfs *tmp; 531 532 while (mfs) { 533 tmp = mfs->mfs_next; 534 free(mfs); 535 mfs = tmp; 536 } 537} 538 539/* 540 * New code for NFS client failover: we need to carry and sort 541 * lists of server possibilities rather than return a single 542 * entry. It preserves previous behaviour of sorting first by 543 * locality (loopback-or-preferred/subnet/net/other) and then 544 * by ping times. We'll short-circuit this process when we 545 * have ENOUGH or more entries. 546 */ 547static struct mapfs * 548enum_servers(struct mapent *me, char *preferred) 549{ 550 struct mapfs *p, *m1, *m2, *mfs_head = NULL, *mfs_tail = NULL; 551 552 /* 553 * Short-circuit for simple cases. 554 */ 555 if (!me->map_fs->mfs_next) { 556 p = add_mfs(me->map_fs, DIST_OTHER, &mfs_head, &mfs_tail); 557 if (!p) 558 return (NULL); 559 return (mfs_head); 560 } 561 562 dump_mfs(me->map_fs, " enum_servers: mapent: ", 2); 563 564 /* 565 * get addresses & see if any are myself 566 * or were mounted from previously in a 567 * hierarchical mount. 568 */ 569 if (trace > 2) 570 trace_prt(1, " enum_servers: looking for pref/self\n"); 571 for (m1 = me->map_fs; m1; m1 = m1->mfs_next) { 572 if (m1->mfs_ignore) 573 continue; 574 if (self_check(m1->mfs_host) || 575 strcmp(m1->mfs_host, preferred) == 0) { 576 p = add_mfs(m1, DIST_SELF, &mfs_head, &mfs_tail); 577 if (!p) 578 return (NULL); 579 } 580 } 581 if (trace > 2 && m1) 582 trace_prt(1, " enum_servers: pref/self found, %s\n", 583 m1->mfs_host); 584 585 /* 586 * look for entries on this subnet 587 */ 588 dump_mfs(m1, " enum_servers: input of get_mysubnet_servers: ", 2); 589 m1 = get_mysubnet_servers(me->map_fs); 590 dump_mfs(m1, " enum_servers: output of get_mysubnet_servers: ", 3); 591 if (m1 && m1->mfs_next) { 592 m2 = sort_servers(m1, rpc_timeout / 2); 593 dump_mfs(m2, " enum_servers: output of sort_servers: ", 3); 594 free_mfs(m1); 595 m1 = m2; 596 } 597 598 for (m2 = m1; m2; m2 = m2->mfs_next) { 599 p = add_mfs(m2, 0, &mfs_head, &mfs_tail); 600 if (!p) 601 return (NULL); 602 } 603 if (m1) 604 free_mfs(m1); 605 606 /* 607 * add the rest of the entries at the end 608 */ 609 m1 = filter_mfs(me->map_fs, mfs_head); 610 dump_mfs(m1, " enum_servers: etc: output of filter_mfs: ", 3); 611 m2 = sort_servers(m1, rpc_timeout / 2); 612 dump_mfs(m2, " enum_servers: etc: output of sort_servers: ", 3); 613 if (m1) 614 free_mfs(m1); 615 m1 = m2; 616 for (m2 = m1; m2; m2 = m2->mfs_next) { 617 p = add_mfs(m2, DIST_OTHER, &mfs_head, &mfs_tail); 618 if (!p) 619 return (NULL); 620 } 621 if (m1) 622 free_mfs(m1); 623 624done: 625 dump_mfs(mfs_head, " enum_servers: output: ", 1); 626 return (mfs_head); 627} 628 629static enum nfsstat 630nfsmount( 631 struct mapfs *mfs_in, 632 char *mntpnt, char *opts, 633 int cached, int overlay, 634 uid_t uid, 635 action_list *alp) 636{ 637 CLIENT *cl; 638 char remname[MAXPATHLEN], *mnttabtext = NULL; 639 char mopts[MAX_MNTOPT_STR]; 640 char netname[MAXNETNAMELEN+1]; 641 char *mntopts = NULL; 642 int mnttabcnt = 0; 643 int loglevel; 644 struct mnttab m; 645 struct nfs_args *argp = NULL, *head = NULL, *tail = NULL, 646 *prevhead, *prevtail; 647 int flags; 648 struct fhstatus fhs; 649 struct timeval timeout; 650 enum clnt_stat rpc_stat; 651 enum nfsstat status; 652 struct stat stbuf; 653 struct netconfig *nconf; 654 rpcvers_t vers, versmin; /* used to negotiate nfs version in pingnfs */ 655 /* and mount version with mountd */ 656 rpcvers_t outvers; /* final version to be used during mount() */ 657 rpcvers_t nfsvers; /* version in map options, 0 if not there */ 658 rpcvers_t mountversmax; /* tracks the max mountvers during retries */ 659 660 /* used to negotiate nfs version using webnfs */ 661 rpcvers_t pubvers, pubversmin, pubversmax; 662 int posix; 663 struct nd_addrlist *retaddrs; 664 struct mountres3 res3; 665 nfs_fh3 fh3; 666 char *fstype; 667 int count, i; 668 char scerror_msg[MAXMSGLEN]; 669 int *auths; 670 int delay; 671 int retries; 672 char *nfs_proto = NULL; 673 uint_t nfs_port = 0; 674 char *p, *host, *rhost, *dir; 675 struct mapfs *mfs = NULL; 676 int error, last_error = 0; 677 int replicated; 678 int entries = 0; 679 int v2cnt = 0, v3cnt = 0, v4cnt = 0; 680 int v2near = 0, v3near = 0, v4near = 0; 681 int skipentry = 0; 682 char *nfs_flavor; 683 seconfig_t nfs_sec; 684 int sec_opt, scerror; 685 struct sec_data *secdata; 686 int secflags; 687 struct netbuf *syncaddr; 688 bool_t use_pubfh; 689 ushort_t thisport; 690 int got_val; 691 mfs_snego_t mfssnego_init, mfssnego; 692 693 dump_mfs(mfs_in, " nfsmount: input: ", 2); 694 replicated = (mfs_in->mfs_next != NULL); 695 m.mnt_mntopts = opts; 696 if (replicated && hasmntopt(&m, MNTOPT_SOFT)) { 697 if (verbose) 698 syslog(LOG_WARNING, 699 "mount on %s is soft and will not be replicated.", mntpnt); 700 replicated = 0; 701 } 702 if (replicated && !hasmntopt(&m, MNTOPT_RO)) { 703 if (verbose) 704 syslog(LOG_WARNING, 705 "mount on %s is not read-only and will not be replicated.", 706 mntpnt); 707 replicated = 0; 708 } 709 if (replicated && cached) { 710 if (verbose) 711 syslog(LOG_WARNING, 712 "mount on %s is cached and will not be replicated.", 713 mntpnt); 714 replicated = 0; 715 } 716 if (replicated) 717 loglevel = LOG_WARNING; 718 else 719 loglevel = LOG_ERR; 720 721 if (trace > 1) { 722 if (replicated) 723 trace_prt(1, " nfsmount: replicated mount on %s %s:\n", 724 mntpnt, opts); 725 else 726 trace_prt(1, " nfsmount: standard mount on %s %s:\n", 727 mntpnt, opts); 728 for (mfs = mfs_in; mfs; mfs = mfs->mfs_next) 729 trace_prt(1, " %s:%s\n", 730 mfs->mfs_host, mfs->mfs_dir); 731 } 732 733 /* 734 * Make sure mountpoint is safe to mount on 735 */ 736 if (lstat(mntpnt, &stbuf) < 0) { 737 syslog(LOG_ERR, "Couldn't stat %s: %m", mntpnt); 738 return (NFSERR_NOENT); 739 } 740 741 /* 742 * Get protocol specified in options list, if any. 743 */ 744 if ((str_opt(&m, "proto", &nfs_proto)) == -1) { 745 return (NFSERR_NOENT); 746 } 747 748 /* 749 * Get port specified in options list, if any. 750 */ 751 got_val = nopt(&m, MNTOPT_PORT, (int *)&nfs_port); 752 if (!got_val) 753 nfs_port = 0; /* "unspecified" */ 754 if (nfs_port > USHRT_MAX) { 755 syslog(LOG_ERR, "%s: invalid port number %d", mntpnt, nfs_port); 756 return (NFSERR_NOENT); 757 } 758 759 /* 760 * Set mount(2) flags here, outside of the loop. 761 */ 762 flags = MS_OPTIONSTR; 763 flags |= (hasmntopt(&m, MNTOPT_RO) == NULL) ? 0 : MS_RDONLY; 764 flags |= (hasmntopt(&m, MNTOPT_NOSUID) == NULL) ? 0 : MS_NOSUID; 765 flags |= overlay ? MS_OVERLAY : 0; 766 if (mntpnt[strlen(mntpnt) - 1] != ' ') 767 /* direct mount point without offsets */ 768 flags |= MS_OVERLAY; 769 770 use_pubfh = (hasmntopt(&m, MNTOPT_PUBLIC) == NULL) ? FALSE : TRUE; 771 772 (void) memset(&mfssnego_init, 0, sizeof (mfs_snego_t)); 773 if (hasmntopt(&m, MNTOPT_SECURE) != NULL) { 774 if (++mfssnego_init.sec_opt > 1) { 775 syslog(loglevel, 776 "conflicting security options"); 777 return (NFSERR_IO); 778 } 779 if (nfs_getseconfig_byname("dh", &mfssnego_init.nfs_sec)) { 780 syslog(loglevel, 781 "error getting dh information from %s", 782 NFSSEC_CONF); 783 return (NFSERR_IO); 784 } 785 } 786 787 if (hasmntopt(&m, MNTOPT_SEC) != NULL) { 788 if ((str_opt(&m, MNTOPT_SEC, 789 &mfssnego_init.nfs_flavor)) == -1) { 790 syslog(LOG_ERR, "nfsmount: no memory"); 791 return (NFSERR_IO); 792 } 793 } 794 795 if (mfssnego_init.nfs_flavor) { 796 if (++mfssnego_init.sec_opt > 1) { 797 syslog(loglevel, 798 "conflicting security options"); 799 free(mfssnego_init.nfs_flavor); 800 return (NFSERR_IO); 801 } 802 if (nfs_getseconfig_byname(mfssnego_init.nfs_flavor, 803 &mfssnego_init.nfs_sec)) { 804 syslog(loglevel, 805 "error getting %s information from %s", 806 mfssnego_init.nfs_flavor, NFSSEC_CONF); 807 free(mfssnego_init.nfs_flavor); 808 return (NFSERR_IO); 809 } 810 free(mfssnego_init.nfs_flavor); 811 } 812 813nextentry: 814 skipentry = 0; 815 816 got_val = nopt(&m, MNTOPT_VERS, (int *)&nfsvers); 817 if (!got_val) 818 nfsvers = 0; /* "unspecified" */ 819 if (set_versrange(nfsvers, &vers, &versmin) != 0) { 820 syslog(LOG_ERR, "Incorrect NFS version specified for %s", 821 mntpnt); 822 last_error = NFSERR_NOENT; 823 goto ret; 824 } 825 826 if (nfsvers != 0) { 827 pubversmax = pubversmin = nfsvers; 828 } else { 829 pubversmax = vers; 830 pubversmin = versmin; 831 } 832 833 /* 834 * Walk the whole list, pinging and collecting version 835 * info so that we can make sure the mount will be 836 * homogeneous with respect to version. 837 * 838 * If we have a version preference, this is easy; we'll 839 * just reject anything that doesn't match. 840 * 841 * If not, we want to try to provide the best compromise 842 * that considers proximity, preference for a higher version, 843 * sorted order, and number of replicas. We will count 844 * the number of V2 and V3 replicas and also the number 845 * which are "near", i.e. the localhost or on the same 846 * subnet. 847 */ 848 for (mfs = mfs_in; mfs; mfs = mfs->mfs_next) { 849 850 851 if (mfs->mfs_ignore) 852 continue; 853 854 /* 855 * If the host is '[a:d:d:r:e:s:s'], 856 * only use 'a:d:d:r:e:s:s' for communication 857 */ 858 host = strdup(mfs->mfs_host); 859 if (host == NULL) { 860 syslog(LOG_ERR, "nfsmount: no memory"); 861 last_error = NFSERR_IO; 862 goto out; 863 } 864 unbracket(&host); 865 866 (void) memcpy(&mfssnego, &mfssnego_init, sizeof (mfs_snego_t)); 867 868 if (use_pubfh == TRUE || mfs->mfs_flags & MFS_URL) { 869 char *path; 870 871 if (nfs_port != 0 && mfs->mfs_port != 0 && 872 nfs_port != mfs->mfs_port) { 873 874 syslog(LOG_ERR, "nfsmount: port (%u) in nfs URL" 875 " not the same as port (%d) in port " 876 "option\n", mfs->mfs_port, nfs_port); 877 last_error = NFSERR_IO; 878 goto out; 879 880 } else if (nfs_port != 0) 881 thisport = nfs_port; 882 else 883 thisport = mfs->mfs_port; 884 885 dir = mfs->mfs_dir; 886 887 if ((mfs->mfs_flags & MFS_URL) == 0) { 888 path = malloc(strlen(dir) + 2); 889 if (path == NULL) { 890 syslog(LOG_ERR, "nfsmount: no memory"); 891 last_error = NFSERR_IO; 892 goto out; 893 } 894 path[0] = (char)WNL_NATIVEPATH; 895 (void) strcpy(&path[1], dir); 896 } else { 897 path = dir; 898 } 899 900 argp = (struct nfs_args *) 901 malloc(sizeof (struct nfs_args)); 902 903 if (!argp) { 904 if (path != dir) 905 free(path); 906 syslog(LOG_ERR, "nfsmount: no memory"); 907 last_error = NFSERR_IO; 908 goto out; 909 } 910 (void) memset(argp, 0, sizeof (*argp)); 911 912 /* 913 * RDMA support 914 * By now Mount argument struct has been allocated, 915 * either a pub_fh path will be taken or the regular 916 * one. So here if a protocol was specified and it 917 * was not rdma we let it be, else we set DO_RDMA. 918 * If no proto was there we advise on trying RDMA. 919 */ 920 if (nfs_proto) { 921 if (strcmp(nfs_proto, "rdma") == 0) { 922 free(nfs_proto); 923 nfs_proto = NULL; 924 argp->flags |= NFSMNT_DORDMA; 925 } 926 } else 927 argp->flags |= NFSMNT_TRYRDMA; 928 929 for (pubvers = pubversmax; pubvers >= pubversmin; 930 pubvers--) { 931 932 nconf = NULL; 933 argp->addr = get_pubfh(host, pubvers, &mfssnego, 934 &nconf, nfs_proto, thisport, NULL, 935 &argp->fh, TRUE, path); 936 937 if (argp->addr != NULL) 938 break; 939 940 if (nconf != NULL) 941 freenetconfigent(nconf); 942 } 943 944 if (path != dir) 945 free(path); 946 947 if (argp->addr != NULL) { 948 949 /* 950 * The use of llock option for NFSv4 951 * mounts is not required since file 952 * locking is included within the protocol 953 */ 954 if (pubvers != NFS_V4) 955 argp->flags |= NFSMNT_LLOCK; 956 957 argp->flags |= NFSMNT_PUBLIC; 958 959 vers = pubvers; 960 mfs->mfs_args = argp; 961 mfs->mfs_version = pubvers; 962 mfs->mfs_nconf = nconf; 963 mfs->mfs_flags |= MFS_FH_VIA_WEBNFS; 964 965 } else { 966 free(argp); 967 968 /* 969 * If -public was specified, give up 970 * on this entry now. 971 */ 972 if (use_pubfh == TRUE) { 973 syslog(loglevel, 974 "%s: no public file handle support", 975 host); 976 last_error = NFSERR_NOENT; 977 mfs->mfs_ignore = 1; 978 continue; 979 } 980 981 /* 982 * Back off to a conventional mount. 983 * 984 * URL's can contain escape characters. Get 985 * rid of them. 986 */ 987 path = malloc(strlen(dir) + 2); 988 989 if (path == NULL) { 990 syslog(LOG_ERR, "nfsmount: no memory"); 991 last_error = NFSERR_IO; 992 goto out; 993 } 994 995 strcpy(path, dir); 996 URLparse(path); 997 mfs->mfs_dir = path; 998 mfs->mfs_flags |= MFS_ALLOC_DIR; 999 mfs->mfs_flags &= ~MFS_URL; 1000 } 1001 } 1002 1003 if ((mfs->mfs_flags & MFS_FH_VIA_WEBNFS) == 0) { 1004 i = pingnfs(host, get_retry(opts) + 1, &vers, versmin, 1005 0, FALSE, NULL, nfs_proto); 1006 if (i != RPC_SUCCESS) { 1007 if (i == RPC_PROGVERSMISMATCH) { 1008 syslog(loglevel, "server %s: NFS " 1009 "protocol version mismatch", 1010 host); 1011 } else { 1012 syslog(loglevel, "server %s not " 1013 "responding", host); 1014 } 1015 mfs->mfs_ignore = 1; 1016 last_error = NFSERR_NOENT; 1017 continue; 1018 } 1019 if (nfsvers != 0 && nfsvers != vers) { 1020 if (nfs_proto == NULL) 1021 syslog(loglevel, 1022 "NFS version %d " 1023 "not supported by %s", 1024 nfsvers, host); 1025 else 1026 syslog(loglevel, 1027 "NFS version %d " 1028 "with proto %s " 1029 "not supported by %s", 1030 nfsvers, nfs_proto, host); 1031 mfs->mfs_ignore = 1; 1032 last_error = NFSERR_NOENT; 1033 continue; 1034 } 1035 } 1036 1037 free(host); 1038 1039 switch (vers) { 1040 case NFS_V4: v4cnt++; break; 1041 case NFS_V3: v3cnt++; break; 1042 case NFS_VERSION: v2cnt++; break; 1043 default: break; 1044 } 1045 1046 /* 1047 * It's not clear how useful this stuff is if 1048 * we are using webnfs across the internet, but it 1049 * can't hurt. 1050 */ 1051 if (mfs->mfs_distance && 1052 mfs->mfs_distance <= DIST_MYSUB) { 1053 switch (vers) { 1054 case NFS_V4: v4near++; break; 1055 case NFS_V3: v3near++; break; 1056 case NFS_VERSION: v2near++; break; 1057 default: break; 1058 } 1059 } 1060 1061 /* 1062 * If the mount is not replicated, we don't want to 1063 * ping every entry, so we'll stop here. This means 1064 * that we may have to go back to "nextentry" above 1065 * to consider another entry if we can't get 1066 * all the way to mount(2) with this one. 1067 */ 1068 if (!replicated) 1069 break; 1070 1071 } 1072 1073 if (nfsvers == 0) { 1074 /* 1075 * Choose the NFS version. 1076 * We prefer higher versions, but will choose a one- 1077 * version downgrade in service if we can use a local 1078 * network interface and avoid a router. 1079 */ 1080 if (v4cnt && v4cnt >= v3cnt && (v4near || !v3near)) 1081 nfsvers = NFS_V4; 1082 else if (v3cnt && v3cnt >= v2cnt && (v3near || !v2near)) 1083 nfsvers = NFS_V3; 1084 else 1085 nfsvers = NFS_VERSION; 1086 if (trace > 2) 1087 trace_prt(1, 1088 " nfsmount: v4=%d[%d]v3=%d[%d],v2=%d[%d] => v%d.\n", 1089 v4cnt, v4near, v3cnt, v3near, 1090 v2cnt, v2near, nfsvers); 1091 } 1092 1093 /* 1094 * Since we don't support different NFS versions in replicated 1095 * mounts, set fstype now. 1096 * Also take the opportunity to set 1097 * the mount protocol version as appropriate. 1098 */ 1099 switch (nfsvers) { 1100 case NFS_V4: 1101 fstype = MNTTYPE_NFS4; 1102 break; 1103 case NFS_V3: 1104 fstype = MNTTYPE_NFS3; 1105 if (use_pubfh == FALSE) { 1106 mountversmax = MOUNTVERS3; 1107 versmin = MOUNTVERS3; 1108 } 1109 break; 1110 case NFS_VERSION: 1111 fstype = MNTTYPE_NFS; 1112 if (use_pubfh == FALSE) { 1113 mountversmax = MOUNTVERS_POSIX; 1114 versmin = MOUNTVERS; 1115 } 1116 break; 1117 } 1118 1119 /* 1120 * Our goal here is to evaluate each of several possible 1121 * replicas and try to come up with a list we can hand 1122 * to mount(2). If we don't have a valid "head" at the 1123 * end of this process, it means we have rejected all 1124 * potential server:/path tuples. We will fail quietly 1125 * in front of mount(2), and will have printed errors 1126 * where we found them. 1127 * XXX - do option work outside loop w careful design 1128 * XXX - use macro for error condition free handling 1129 */ 1130 for (mfs = mfs_in; mfs; mfs = mfs->mfs_next) { 1131 1132 /* 1133 * Initialize retry and delay values on a per-server basis. 1134 */ 1135 retries = get_retry(opts); 1136 delay = INITDELAY; 1137retry: 1138 if (mfs->mfs_ignore) 1139 continue; 1140 1141 /* 1142 * If we don't have a fh yet, and if this is not a replicated 1143 * mount, we haven't done a pingnfs() on the next entry, 1144 * so we don't know if the next entry is up or if it 1145 * supports an NFS version we like. So if we had a problem 1146 * with an entry, we need to go back and run through some new 1147 * code. 1148 */ 1149 if ((mfs->mfs_flags & MFS_FH_VIA_WEBNFS) == 0 && 1150 !replicated && skipentry) 1151 goto nextentry; 1152 1153 vers = mountversmax; 1154 host = mfs->mfs_host; 1155 dir = mfs->mfs_dir; 1156 1157 /* 1158 * Remember the possible '[a:d:d:r:e:s:s]' as the address to be 1159 * later passed to mount(2) and used in the mnttab line, but 1160 * only use 'a:d:d:r:e:s:s' for communication 1161 */ 1162 rhost = strdup(host); 1163 if (rhost == NULL) { 1164 syslog(LOG_ERR, "nfsmount: no memory"); 1165 last_error = NFSERR_IO; 1166 goto out; 1167 } 1168 unbracket(&host); 1169 1170 (void) sprintf(remname, "%s:%s", rhost, dir); 1171 if (trace > 4 && replicated) 1172 trace_prt(1, " nfsmount: examining %s\n", remname); 1173 1174 /* 1175 * If it's cached we need to get cachefs to mount it. 1176 */ 1177 if (cached) { 1178 char *copts = opts; 1179 1180 /* 1181 * If we started with a URL we need to turn on 1182 * -o public if not on already 1183 */ 1184 if (use_pubfh == FALSE && 1185 (mfs->mfs_flags & MFS_FH_VIA_WEBNFS)) { 1186 1187 copts = malloc(strlen(opts) + 1188 strlen(",public")+1); 1189 1190 if (copts == NULL) { 1191 syslog(LOG_ERR, "nfsmount: no memory"); 1192 last_error = NFSERR_IO; 1193 goto out; 1194 } 1195 1196 strcpy(copts, opts); 1197 1198 if (strlen(copts) != 0) 1199 strcat(copts, ","); 1200 1201 strcat(copts, "public"); 1202 } 1203 1204 last_error = mount_generic(remname, MNTTYPE_CACHEFS, 1205 copts, mntpnt, overlay); 1206 1207 if (copts != opts) 1208 free(copts); 1209 1210 if (last_error) { 1211 skipentry = 1; 1212 mfs->mfs_ignore = 1; 1213 continue; 1214 } 1215 goto out; 1216 } 1217 1218 if (mfs->mfs_args == NULL) { 1219 1220 /* 1221 * Allocate nfs_args structure 1222 */ 1223 argp = (struct nfs_args *) 1224 malloc(sizeof (struct nfs_args)); 1225 1226 if (!argp) { 1227 syslog(LOG_ERR, "nfsmount: no memory"); 1228 last_error = NFSERR_IO; 1229 goto out; 1230 } 1231 1232 (void) memset(argp, 0, sizeof (*argp)); 1233 1234 /* 1235 * RDMA support 1236 * By now Mount argument struct has been allocated, 1237 * either a pub_fh path will be taken or the regular 1238 * one. So here if a protocol was specified and it 1239 * was not rdma we let it be, else we set DO_RDMA. 1240 * If no proto was there we advise on trying RDMA. 1241 */ 1242 if (nfs_proto) { 1243 if (strcmp(nfs_proto, "rdma") == 0) { 1244 free(nfs_proto); 1245 nfs_proto = NULL; 1246 argp->flags |= NFSMNT_DORDMA; 1247 } 1248 } else 1249 argp->flags |= NFSMNT_TRYRDMA; 1250 } else { 1251 argp = mfs->mfs_args; 1252 mfs->mfs_args = NULL; 1253 1254 /* 1255 * Skip entry if we already have file handle but the 1256 * NFS version is wrong. 1257 */ 1258 if ((mfs->mfs_flags & MFS_FH_VIA_WEBNFS) && 1259 mfs->mfs_version != nfsvers) { 1260 1261 free(argp); 1262 skipentry = 1; 1263 mfs->mfs_ignore = 1; 1264 continue; 1265 } 1266 } 1267 1268 prevhead = head; 1269 prevtail = tail; 1270 if (!head) 1271 head = tail = argp; 1272 else 1273 tail = tail->nfs_ext_u.nfs_extB.next = argp; 1274 1275 /* 1276 * WebNFS and NFSv4 behave similarly in that they 1277 * don't use the mount protocol. Therefore, avoid 1278 * mount protocol like things when version 4 is being 1279 * used. 1280 */ 1281 if ((mfs->mfs_flags & MFS_FH_VIA_WEBNFS) == 0 && 1282 nfsvers != NFS_V4) { 1283 timeout.tv_usec = 0; 1284 timeout.tv_sec = rpc_timeout; 1285 rpc_stat = RPC_TIMEDOUT; 1286 1287 /* Create the client handle. */ 1288 1289 if (trace > 1) { 1290 trace_prt(1, 1291 " nfsmount: Get mount version: request " 1292 "vers=%d min=%d\n", vers, versmin); 1293 } 1294 1295 while ((cl = clnt_create_vers(host, MOUNTPROG, &outvers, 1296 versmin, vers, "udp")) == NULL) { 1297 if (trace > 4) { 1298 trace_prt(1, 1299 " nfsmount: Can't get mount " 1300 "version: rpcerr=%d\n", 1301 rpc_createerr.cf_stat); 1302 } 1303 if (rpc_createerr.cf_stat == RPC_UNKNOWNHOST || 1304 rpc_createerr.cf_stat == RPC_TIMEDOUT) 1305 break; 1306 1307 /* 1308 * backoff and return lower version to retry the ping. 1309 * XXX we should be more careful and handle 1310 * RPC_PROGVERSMISMATCH here, because that error 1311 * is handled in clnt_create_vers(). It's not done to 1312 * stay in sync with the nfs mount command. 1313 */ 1314 vers--; 1315 if (vers < versmin) 1316 break; 1317 if (trace > 4) { 1318 trace_prt(1, 1319 " nfsmount: Try version=%d\n", 1320 vers); 1321 } 1322 } 1323 1324 if (cl == NULL) { 1325 free(argp); 1326 head = prevhead; 1327 tail = prevtail; 1328 if (tail) 1329 tail->nfs_ext_u.nfs_extB.next = NULL; 1330 last_error = NFSERR_NOENT; 1331 1332 if (rpc_createerr.cf_stat != RPC_UNKNOWNHOST && 1333 rpc_createerr.cf_stat != 1334 RPC_PROGVERSMISMATCH && 1335 retries-- > 0) { 1336 DELAY(delay); 1337 goto retry; 1338 } 1339 1340 syslog(loglevel, "%s %s", host, 1341 clnt_spcreateerror( 1342 "server not responding")); 1343 skipentry = 1; 1344 mfs->mfs_ignore = 1; 1345 continue; 1346 } 1347 if (trace > 1) { 1348 trace_prt(1, 1349 " nfsmount: mount version=%d\n", outvers); 1350 } 1351#ifdef MALLOC_DEBUG 1352 add_alloc("CLNT_HANDLE", cl, 0, __FILE__, __LINE__); 1353 add_alloc("AUTH_HANDLE", cl->cl_auth, 0, 1354 __FILE__, __LINE__); 1355#endif 1356 1357 if (__clnt_bindresvport(cl) < 0) { 1358 free(argp); 1359 head = prevhead; 1360 tail = prevtail; 1361 if (tail) 1362 tail->nfs_ext_u.nfs_extB.next = NULL; 1363 last_error = NFSERR_NOENT; 1364 1365 if (retries-- > 0) { 1366 destroy_auth_client_handle(cl); 1367 DELAY(delay); 1368 goto retry; 1369 } 1370 1371 syslog(loglevel, "mount %s: %s", host, 1372 "Couldn't bind to reserved port"); 1373 destroy_auth_client_handle(cl); 1374 skipentry = 1; 1375 mfs->mfs_ignore = 1; 1376 continue; 1377 } 1378 1379#ifdef MALLOC_DEBUG 1380 drop_alloc("AUTH_HANDLE", cl->cl_auth, 1381 __FILE__, __LINE__); 1382#endif 1383 AUTH_DESTROY(cl->cl_auth); 1384 if ((cl->cl_auth = authsys_create_default()) == NULL) { 1385 free(argp); 1386 head = prevhead; 1387 tail = prevtail; 1388 if (tail) 1389 tail->nfs_ext_u.nfs_extB.next = NULL; 1390 last_error = NFSERR_NOENT; 1391 1392 if (retries-- > 0) { 1393 destroy_auth_client_handle(cl); 1394 DELAY(delay); 1395 goto retry; 1396 } 1397 1398 syslog(loglevel, "mount %s: %s", host, 1399 "Failed creating default auth handle"); 1400 destroy_auth_client_handle(cl); 1401 skipentry = 1; 1402 mfs->mfs_ignore = 1; 1403 continue; 1404 } 1405#ifdef MALLOC_DEBUG 1406 add_alloc("AUTH_HANDLE", cl->cl_auth, 0, 1407 __FILE__, __LINE__); 1408#endif 1409 } else 1410 cl = NULL; 1411 1412 /* 1413 * set security options 1414 */ 1415 sec_opt = 0; 1416 (void) memset(&nfs_sec, 0, sizeof (nfs_sec)); 1417 if (hasmntopt(&m, MNTOPT_SECURE) != NULL) { 1418 if (++sec_opt > 1) { 1419 syslog(loglevel, 1420 "conflicting security options for %s", 1421 remname); 1422 free(argp); 1423 head = prevhead; 1424 tail = prevtail; 1425 if (tail) 1426 tail->nfs_ext_u.nfs_extB.next = NULL; 1427 last_error = NFSERR_IO; 1428 destroy_auth_client_handle(cl); 1429 skipentry = 1; 1430 mfs->mfs_ignore = 1; 1431 continue; 1432 } 1433 if (nfs_getseconfig_byname("dh", &nfs_sec)) { 1434 syslog(loglevel, 1435 "error getting dh information from %s", 1436 NFSSEC_CONF); 1437 free(argp); 1438 head = prevhead; 1439 tail = prevtail; 1440 if (tail) 1441 tail->nfs_ext_u.nfs_extB.next = NULL; 1442 last_error = NFSERR_IO; 1443 destroy_auth_client_handle(cl); 1444 skipentry = 1; 1445 mfs->mfs_ignore = 1; 1446 continue; 1447 } 1448 } 1449 1450 nfs_flavor = NULL; 1451 if (hasmntopt(&m, MNTOPT_SEC) != NULL) { 1452 if ((str_opt(&m, MNTOPT_SEC, &nfs_flavor)) == -1) { 1453 syslog(LOG_ERR, "nfsmount: no memory"); 1454 last_error = NFSERR_IO; 1455 destroy_auth_client_handle(cl); 1456 goto out; 1457 } 1458 } 1459 1460 if (nfs_flavor) { 1461 if (++sec_opt > 1) { 1462 syslog(loglevel, 1463 "conflicting security options for %s", 1464 remname); 1465 free(nfs_flavor); 1466 free(argp); 1467 head = prevhead; 1468 tail = prevtail; 1469 if (tail) 1470 tail->nfs_ext_u.nfs_extB.next = NULL; 1471 last_error = NFSERR_IO; 1472 destroy_auth_client_handle(cl); 1473 skipentry = 1; 1474 mfs->mfs_ignore = 1; 1475 continue; 1476 } 1477 if (nfs_getseconfig_byname(nfs_flavor, &nfs_sec)) { 1478 syslog(loglevel, 1479 "error getting %s information from %s", 1480 nfs_flavor, NFSSEC_CONF); 1481 free(nfs_flavor); 1482 free(argp); 1483 head = prevhead; 1484 tail = prevtail; 1485 if (tail) 1486 tail->nfs_ext_u.nfs_extB.next = NULL; 1487 last_error = NFSERR_IO; 1488 destroy_auth_client_handle(cl); 1489 skipentry = 1; 1490 mfs->mfs_ignore = 1; 1491 continue; 1492 } 1493 free(nfs_flavor); 1494 } 1495 1496 posix = (nfsvers != NFS_V4 && 1497 hasmntopt(&m, MNTOPT_POSIX) != NULL) ? 1 : 0; 1498 1499 if ((mfs->mfs_flags & MFS_FH_VIA_WEBNFS) == 0 && 1500 nfsvers != NFS_V4) { 1501 bool_t give_up_on_mnt; 1502 bool_t got_mnt_error; 1503 /* 1504 * If we started with a URL, if first byte of path is not "/", 1505 * then the mount will likely fail, so we should try again 1506 * with a prepended "/". 1507 */ 1508 if (mfs->mfs_flags & MFS_ALLOC_DIR && *dir != '/') 1509 give_up_on_mnt = FALSE; 1510 else 1511 give_up_on_mnt = TRUE; 1512 1513 got_mnt_error = FALSE; 1514 1515try_mnt_slash: 1516 if (got_mnt_error == TRUE) { 1517 int i, l; 1518 1519 give_up_on_mnt = TRUE; 1520 l = strlen(dir); 1521 1522 /* 1523 * Insert a "/" to front of mfs_dir. 1524 */ 1525 for (i = l; i > 0; i--) 1526 dir[i] = dir[i-1]; 1527 1528 dir[0] = '/'; 1529 } 1530 1531 /* Get fhandle of remote path from server's mountd */ 1532 1533 switch (outvers) { 1534 case MOUNTVERS: 1535 if (posix) { 1536 free(argp); 1537 head = prevhead; 1538 tail = prevtail; 1539 if (tail) 1540 tail->nfs_ext_u.nfs_extB.next = 1541 NULL; 1542 last_error = NFSERR_NOENT; 1543 syslog(loglevel, 1544 "can't get posix info for %s", 1545 host); 1546 destroy_auth_client_handle(cl); 1547 skipentry = 1; 1548 mfs->mfs_ignore = 1; 1549 continue; 1550 } 1551 /* FALLTHRU */ 1552 case MOUNTVERS_POSIX: 1553 if (nfsvers == NFS_V3) { 1554 free(argp); 1555 head = prevhead; 1556 tail = prevtail; 1557 if (tail) 1558 tail->nfs_ext_u.nfs_extB.next = 1559 NULL; 1560 last_error = NFSERR_NOENT; 1561 syslog(loglevel, 1562 "%s doesn't support NFS Version 3", 1563 host); 1564 destroy_auth_client_handle(cl); 1565 skipentry = 1; 1566 mfs->mfs_ignore = 1; 1567 continue; 1568 } 1569 rpc_stat = clnt_call(cl, MOUNTPROC_MNT, 1570 xdr_dirpath, (caddr_t)&dir, 1571 xdr_fhstatus, (caddr_t)&fhs, timeout); 1572 if (rpc_stat != RPC_SUCCESS) { 1573 1574 if (give_up_on_mnt == FALSE) { 1575 got_mnt_error = TRUE; 1576 goto try_mnt_slash; 1577 } 1578 1579 /* 1580 * Given the way "clnt_sperror" works, the "%s" 1581 * immediately following the "not responding" 1582 * is correct. 1583 */ 1584 free(argp); 1585 head = prevhead; 1586 tail = prevtail; 1587 if (tail) 1588 tail->nfs_ext_u.nfs_extB.next = 1589 NULL; 1590 last_error = NFSERR_NOENT; 1591 1592 if (retries-- > 0) { 1593 destroy_auth_client_handle(cl); 1594 DELAY(delay); 1595 goto retry; 1596 } 1597 1598 if (trace > 3) { 1599 trace_prt(1, 1600 " nfsmount: mount RPC " 1601 "failed for %s\n", 1602 host); 1603 } 1604 syslog(loglevel, 1605 "%s server not responding%s", 1606 host, clnt_sperror(cl, "")); 1607 destroy_auth_client_handle(cl); 1608 skipentry = 1; 1609 mfs->mfs_ignore = 1; 1610 continue; 1611 } 1612 if ((errno = fhs.fhs_status) != MNT_OK) { 1613 1614 if (give_up_on_mnt == FALSE) { 1615 got_mnt_error = TRUE; 1616 goto try_mnt_slash; 1617 } 1618 1619 free(argp); 1620 head = prevhead; 1621 tail = prevtail; 1622 if (tail) 1623 tail->nfs_ext_u.nfs_extB.next = 1624 NULL; 1625 if (errno == EACCES) { 1626 status = NFSERR_ACCES; 1627 } else { 1628 syslog(loglevel, "%s: %m", 1629 host); 1630 status = NFSERR_IO; 1631 } 1632 if (trace > 3) { 1633 trace_prt(1, 1634 " nfsmount: mount RPC gave" 1635 " %d for %s:%s\n", 1636 errno, host, dir); 1637 } 1638 last_error = status; 1639 destroy_auth_client_handle(cl); 1640 skipentry = 1; 1641 mfs->mfs_ignore = 1; 1642 continue; 1643 } 1644 argp->fh = malloc((sizeof (fhandle))); 1645 if (!argp->fh) { 1646 syslog(LOG_ERR, "nfsmount: no memory"); 1647 last_error = NFSERR_IO; 1648 destroy_auth_client_handle(cl); 1649 goto out; 1650 } 1651 (void) memcpy(argp->fh, 1652 &fhs.fhstatus_u.fhs_fhandle, 1653 sizeof (fhandle)); 1654 break; 1655 case MOUNTVERS3: 1656 posix = 0; 1657 (void) memset((char *)&res3, '\0', 1658 sizeof (res3)); 1659 rpc_stat = clnt_call(cl, MOUNTPROC_MNT, 1660 xdr_dirpath, (caddr_t)&dir, 1661 xdr_mountres3, (caddr_t)&res3, timeout); 1662 if (rpc_stat != RPC_SUCCESS) { 1663 1664 if (give_up_on_mnt == FALSE) { 1665 got_mnt_error = TRUE; 1666 goto try_mnt_slash; 1667 } 1668 1669 /* 1670 * Given the way "clnt_sperror" works, the "%s" 1671 * immediately following the "not responding" 1672 * is correct. 1673 */ 1674 free(argp); 1675 head = prevhead; 1676 tail = prevtail; 1677 if (tail) 1678 tail->nfs_ext_u.nfs_extB.next = 1679 NULL; 1680 last_error = NFSERR_NOENT; 1681 1682 if (retries-- > 0) { 1683 destroy_auth_client_handle(cl); 1684 DELAY(delay); 1685 goto retry; 1686 } 1687 1688 if (trace > 3) { 1689 trace_prt(1, 1690 " nfsmount: mount RPC " 1691 "failed for %s\n", 1692 host); 1693 } 1694 syslog(loglevel, 1695 "%s server not responding%s", 1696 remname, clnt_sperror(cl, "")); 1697 destroy_auth_client_handle(cl); 1698 skipentry = 1; 1699 mfs->mfs_ignore = 1; 1700 continue; 1701 } 1702 if ((errno = res3.fhs_status) != MNT_OK) { 1703 1704 if (give_up_on_mnt == FALSE) { 1705 got_mnt_error = TRUE; 1706 goto try_mnt_slash; 1707 } 1708 1709 free(argp); 1710 head = prevhead; 1711 tail = prevtail; 1712 if (tail) 1713 tail->nfs_ext_u.nfs_extB.next = 1714 NULL; 1715 if (errno == EACCES) { 1716 status = NFSERR_ACCES; 1717 } else { 1718 syslog(loglevel, "%s: %m", 1719 remname); 1720 status = NFSERR_IO; 1721 } 1722 if (trace > 3) { 1723 trace_prt(1, 1724 " nfsmount: mount RPC gave" 1725 " %d for %s:%s\n", 1726 errno, host, dir); 1727 } 1728 last_error = status; 1729 destroy_auth_client_handle(cl); 1730 skipentry = 1; 1731 mfs->mfs_ignore = 1; 1732 continue; 1733 } 1734 1735 /* 1736 * Negotiate the security flavor for nfs_mount 1737 */ 1738 auths = res3.mountres3_u.mountinfo. 1739 auth_flavors.auth_flavors_val; 1740 count = res3.mountres3_u.mountinfo. 1741 auth_flavors.auth_flavors_len; 1742 1743 if (sec_opt) { 1744 for (i = 0; i < count; i++) 1745 if (auths[i] == 1746 nfs_sec.sc_nfsnum) { 1747 break; 1748 } 1749 if (i >= count) { 1750 syslog(LOG_ERR, 1751 "%s: does not support " 1752 "security \"%s\"\n", 1753 remname, nfs_sec.sc_name); 1754 clnt_freeres(cl, xdr_mountres3, 1755 (caddr_t)&res3); 1756 free(argp); 1757 head = prevhead; 1758 tail = prevtail; 1759 if (tail) 1760 tail->nfs_ext_u. 1761 nfs_extB.next = 1762 NULL; 1763 last_error = NFSERR_IO; 1764 destroy_auth_client_handle(cl); 1765 skipentry = 1; 1766 mfs->mfs_ignore = 1; 1767 continue; 1768 } 1769 } else if (count > 0) { 1770 for (i = 0; i < count; i++) { 1771 if (!(scerror = 1772 nfs_getseconfig_bynumber( 1773 auths[i], &nfs_sec))) { 1774 sec_opt++; 1775 break; 1776 } 1777 } 1778 if (i >= count) { 1779 if (nfs_syslog_scerr(scerror, 1780 scerror_msg) 1781 != -1) { 1782 syslog(LOG_ERR, 1783 "%s cannot be " 1784 "mounted because it" 1785 " is shared with " 1786 "security flavor %d" 1787 " which %s", 1788 remname, 1789 auths[i-1], 1790 scerror_msg); 1791 } 1792 clnt_freeres(cl, xdr_mountres3, 1793 (caddr_t)&res3); 1794 free(argp); 1795 head = prevhead; 1796 tail = prevtail; 1797 if (tail) 1798 tail->nfs_ext_u. 1799 nfs_extB.next = 1800 NULL; 1801 last_error = NFSERR_IO; 1802 destroy_auth_client_handle(cl); 1803 skipentry = 1; 1804 mfs->mfs_ignore = 1; 1805 continue; 1806 } 1807 } 1808 1809 fh3.fh3_length = 1810 res3.mountres3_u.mountinfo.fhandle. 1811 fhandle3_len; 1812 (void) memcpy(fh3.fh3_u.data, 1813 res3.mountres3_u.mountinfo.fhandle. 1814 fhandle3_val, 1815 fh3.fh3_length); 1816 clnt_freeres(cl, xdr_mountres3, 1817 (caddr_t)&res3); 1818 argp->fh = malloc(sizeof (nfs_fh3)); 1819 if (!argp->fh) { 1820 syslog(LOG_ERR, "nfsmount: no memory"); 1821 last_error = NFSERR_IO; 1822 destroy_auth_client_handle(cl); 1823 goto out; 1824 } 1825 (void) memcpy(argp->fh, &fh3, sizeof (nfs_fh3)); 1826 break; 1827 default: 1828 free(argp); 1829 head = prevhead; 1830 tail = prevtail; 1831 if (tail) 1832 tail->nfs_ext_u.nfs_extB.next = NULL; 1833 last_error = NFSERR_NOENT; 1834 syslog(loglevel, 1835 "unknown MOUNT version %ld on %s", 1836 vers, remname); 1837 destroy_auth_client_handle(cl); 1838 skipentry = 1; 1839 mfs->mfs_ignore = 1; 1840 continue; 1841 } /* switch */ 1842 } 1843 if (nfsvers == NFS_V4) { 1844 argp->fh = strdup(dir); 1845 if (argp->fh == NULL) { 1846 syslog(LOG_ERR, "nfsmount: no memory"); 1847 last_error = NFSERR_IO; 1848 goto out; 1849 } 1850 } 1851 1852 if (trace > 4) 1853 trace_prt(1, " nfsmount: have %s filehandle for %s\n", 1854 fstype, remname); 1855 1856 argp->flags |= NFSMNT_NEWARGS; 1857 argp->flags |= NFSMNT_INT; /* default is "intr" */ 1858 argp->flags |= NFSMNT_HOSTNAME; 1859 argp->hostname = strdup(host); 1860 if (argp->hostname == NULL) { 1861 syslog(LOG_ERR, "nfsmount: no memory"); 1862 last_error = NFSERR_IO; 1863 goto out; 1864 } 1865 1866 /* 1867 * In this case, we want NFSv4 to behave like 1868 * non-WebNFS so that we get the server address. 1869 */ 1870 if ((mfs->mfs_flags & MFS_FH_VIA_WEBNFS) == 0) { 1871 nconf = NULL; 1872 1873 if (nfs_port != 0) 1874 thisport = nfs_port; 1875 else 1876 thisport = mfs->mfs_port; 1877 1878 /* 1879 * For NFSv4, we want to avoid rpcbind, so call 1880 * get_server_stuff() directly to tell it that 1881 * we want to go "direct_to_server". Otherwise, 1882 * do what has always been done. 1883 */ 1884 if (nfsvers == NFS_V4) { 1885 enum clnt_stat cstat; 1886 argp->addr = get_server_stuff(SERVER_ADDR, 1887 host, NFS_PROGRAM, nfsvers, NULL, 1888 &nconf, nfs_proto, thisport, NULL, 1889 NULL, TRUE, NULL, &cstat); 1890 } else { 1891 argp->addr = get_addr(host, NFS_PROGRAM, 1892 nfsvers, &nconf, nfs_proto, 1893 thisport, NULL); 1894 } 1895 1896 if (argp->addr == NULL) { 1897 if (argp->hostname) 1898 free(argp->hostname); 1899 free(argp->fh); 1900 free(argp); 1901 head = prevhead; 1902 tail = prevtail; 1903 if (tail) 1904 tail->nfs_ext_u.nfs_extB.next = NULL; 1905 last_error = NFSERR_NOENT; 1906 1907 if (retries-- > 0) { 1908 destroy_auth_client_handle(cl); 1909 DELAY(delay); 1910 goto retry; 1911 } 1912 1913 syslog(loglevel, "%s: no NFS service", host); 1914 destroy_auth_client_handle(cl); 1915 skipentry = 1; 1916 mfs->mfs_ignore = 1; 1917 continue; 1918 } 1919 if (trace > 4) 1920 trace_prt(1, 1921 "\tnfsmount: have net address for %s\n", 1922 remname); 1923 1924 } else { 1925 nconf = mfs->mfs_nconf; 1926 mfs->mfs_nconf = NULL; 1927 } 1928 1929 argp->flags |= NFSMNT_KNCONF; 1930 argp->knconf = get_knconf(nconf); 1931 if (argp->knconf == NULL) { 1932 netbuf_free(argp->addr); 1933 freenetconfigent(nconf); 1934 if (argp->hostname) 1935 free(argp->hostname); 1936 free(argp->fh); 1937 free(argp); 1938 head = prevhead; 1939 tail = prevtail; 1940 if (tail) 1941 tail->nfs_ext_u.nfs_extB.next = NULL; 1942 last_error = NFSERR_NOSPC; 1943 destroy_auth_client_handle(cl); 1944 skipentry = 1; 1945 mfs->mfs_ignore = 1; 1946 continue; 1947 } 1948 if (trace > 4) 1949 trace_prt(1, 1950 "\tnfsmount: have net config for %s\n", 1951 remname); 1952 1953 if (hasmntopt(&m, MNTOPT_SOFT) != NULL) { 1954 argp->flags |= NFSMNT_SOFT; 1955 } 1956 if (hasmntopt(&m, MNTOPT_NOINTR) != NULL) { 1957 argp->flags &= ~(NFSMNT_INT); 1958 } 1959 if (hasmntopt(&m, MNTOPT_NOAC) != NULL) { 1960 argp->flags |= NFSMNT_NOAC; 1961 } 1962 if (hasmntopt(&m, MNTOPT_NOCTO) != NULL) { 1963 argp->flags |= NFSMNT_NOCTO; 1964 } 1965 if (hasmntopt(&m, MNTOPT_FORCEDIRECTIO) != NULL) { 1966 argp->flags |= NFSMNT_DIRECTIO; 1967 } 1968 if (hasmntopt(&m, MNTOPT_NOFORCEDIRECTIO) != NULL) { 1969 argp->flags &= ~(NFSMNT_DIRECTIO); 1970 } 1971 1972 /* 1973 * Set up security data for argp->nfs_ext_u.nfs_extB.secdata. 1974 */ 1975 if (mfssnego.snego_done) { 1976 memcpy(&nfs_sec, &mfssnego.nfs_sec, 1977 sizeof (seconfig_t)); 1978 } else if (!sec_opt) { 1979 /* 1980 * Get default security mode. 1981 */ 1982 if (nfs_getseconfig_default(&nfs_sec)) { 1983 syslog(loglevel, 1984 "error getting default security entry\n"); 1985 free_knconf(argp->knconf); 1986 netbuf_free(argp->addr); 1987 freenetconfigent(nconf); 1988 if (argp->hostname) 1989 free(argp->hostname); 1990 free(argp->fh); 1991 free(argp); 1992 head = prevhead; 1993 tail = prevtail; 1994 if (tail) 1995 tail->nfs_ext_u.nfs_extB.next = NULL; 1996 last_error = NFSERR_NOSPC; 1997 destroy_auth_client_handle(cl); 1998 skipentry = 1; 1999 mfs->mfs_ignore = 1; 2000 continue; 2001 } 2002 argp->flags |= NFSMNT_SECDEFAULT; 2003 } 2004 2005 /* 2006 * For AUTH_DH 2007 * get the network address for the time service on 2008 * the server. If an RPC based time service is 2009 * not available then try the IP time service. 2010 * 2011 * Eventurally, we want to move this code to nfs_clnt_secdata() 2012 * when autod_nfs.c and mount.c can share the same 2013 * get_the_addr/get_the_stuff routine. 2014 */ 2015 secflags = 0; 2016 syncaddr = NULL; 2017 retaddrs = NULL; 2018 2019 if (nfs_sec.sc_rpcnum == AUTH_DH || nfsvers == NFS_V4) { 2020 /* 2021 * If not using the public fh and not NFS_V4, we can try 2022 * talking RPCBIND. Otherwise, assume that firewalls 2023 * prevent us from doing that. 2024 */ 2025 if ((mfs->mfs_flags & MFS_FH_VIA_WEBNFS) == 0 && 2026 nfsvers != NFS_V4) { 2027 syncaddr = get_the_stuff(SERVER_ADDR, host, RPCBPROG, 2028 RPCBVERS, NULL, nconf, 0, NULL, NULL, FALSE, 2029 NULL, NULL); 2030 } 2031 2032 if (syncaddr != NULL) { 2033 /* for flags in sec_data */ 2034 secflags |= AUTH_F_RPCTIMESYNC; 2035 } else { 2036 struct nd_hostserv hs; 2037 int error; 2038 2039 hs.h_host = host; 2040 hs.h_serv = "timserver"; 2041 error = netdir_getbyname(nconf, &hs, &retaddrs); 2042 2043 if (error != ND_OK && 2044 nfs_sec.sc_rpcnum == AUTH_DH) { 2045 syslog(loglevel, 2046 "%s: secure: no time service\n", 2047 host); 2048 free_knconf(argp->knconf); 2049 netbuf_free(argp->addr); 2050 freenetconfigent(nconf); 2051 if (argp->hostname) 2052 free(argp->hostname); 2053 free(argp->fh); 2054 free(argp); 2055 head = prevhead; 2056 tail = prevtail; 2057 if (tail) 2058 tail->nfs_ext_u.nfs_extB.next = 2059 NULL; 2060 last_error = NFSERR_IO; 2061 destroy_auth_client_handle(cl); 2062 skipentry = 1; 2063 mfs->mfs_ignore = 1; 2064 continue; 2065 } 2066 2067 if (error == ND_OK) 2068 syncaddr = retaddrs->n_addrs; 2069 2070 /* 2071 * For potential usage by NFS V4 when AUTH_DH 2072 * is negotiated via SECINFO in the kernel. 2073 */ 2074 if (nfsvers == NFS_V4 && syncaddr && 2075 host2netname(netname, host, NULL)) { 2076 argp->syncaddr = 2077 malloc(sizeof (struct netbuf)); 2078 argp->syncaddr->buf = 2079 malloc(syncaddr->len); 2080 (void) memcpy(argp->syncaddr->buf, 2081 syncaddr->buf, syncaddr->len); 2082 argp->syncaddr->len = syncaddr->len; 2083 argp->syncaddr->maxlen = 2084 syncaddr->maxlen; 2085 argp->netname = strdup(netname); 2086 argp->flags |= NFSMNT_SECURE; 2087 } 2088 } /* syncaddr */ 2089 } /* AUTH_DH */ 2090 2091 /* 2092 * TSOL notes: automountd in tsol extension 2093 * has "read down" capability, i.e. we allow 2094 * a user to trigger an nfs mount into a lower 2095 * labeled zone. We achieve this by always having 2096 * root issue the mount request so that the 2097 * lookup ops can go past /zone/<zone_name> 2098 * on the server side. 2099 */ 2100 if (is_system_labeled()) 2101 nfs_sec.sc_uid = (uid_t)0; 2102 else 2103 nfs_sec.sc_uid = uid; 2104 /* 2105 * If AUTH_DH is a chosen flavor now, its data will be stored 2106 * in the sec_data structure via nfs_clnt_secdata(). 2107 */ 2108 if (!(secdata = nfs_clnt_secdata(&nfs_sec, host, argp->knconf, 2109 syncaddr, secflags))) { 2110 syslog(LOG_ERR, 2111 "errors constructing security related data\n"); 2112 if (secflags & AUTH_F_RPCTIMESYNC) 2113 netbuf_free(syncaddr); 2114 else if (retaddrs) 2115 netdir_free(retaddrs, ND_ADDRLIST); 2116 if (argp->syncaddr) 2117 netbuf_free(argp->syncaddr); 2118 if (argp->netname) 2119 free(argp->netname); 2120 if (argp->hostname) 2121 free(argp->hostname); 2122 free_knconf(argp->knconf); 2123 netbuf_free(argp->addr); 2124 freenetconfigent(nconf); 2125 free(argp->fh); 2126 free(argp); 2127 head = prevhead; 2128 tail = prevtail; 2129 if (tail) 2130 tail->nfs_ext_u.nfs_extB.next = NULL; 2131 last_error = NFSERR_IO; 2132 destroy_auth_client_handle(cl); 2133 skipentry = 1; 2134 mfs->mfs_ignore = 1; 2135 continue; 2136 } 2137 NFS_ARGS_EXTB_secdata(*argp, secdata); 2138 /* end of security stuff */ 2139 2140 if (trace > 4) 2141 trace_prt(1, 2142 " nfsmount: have secure info for %s\n", remname); 2143 2144 if (hasmntopt(&m, MNTOPT_GRPID) != NULL) { 2145 argp->flags |= NFSMNT_GRPID; 2146 } 2147 if (nopt(&m, MNTOPT_RSIZE, &argp->rsize)) { 2148 argp->flags |= NFSMNT_RSIZE; 2149 } 2150 if (nopt(&m, MNTOPT_WSIZE, &argp->wsize)) { 2151 argp->flags |= NFSMNT_WSIZE; 2152 } 2153 if (nopt(&m, MNTOPT_TIMEO, &argp->timeo)) { 2154 argp->flags |= NFSMNT_TIMEO; 2155 } 2156 if (nopt(&m, MNTOPT_RETRANS, &argp->retrans)) { 2157 argp->flags |= NFSMNT_RETRANS; 2158 } 2159 if (nopt(&m, MNTOPT_ACTIMEO, &argp->acregmax)) { 2160 argp->flags |= NFSMNT_ACREGMAX; 2161 argp->flags |= NFSMNT_ACDIRMAX; 2162 argp->flags |= NFSMNT_ACDIRMIN; 2163 argp->flags |= NFSMNT_ACREGMIN; 2164 argp->acdirmin = argp->acregmin = argp->acdirmax 2165 = argp->acregmax; 2166 } else { 2167 if (nopt(&m, MNTOPT_ACREGMIN, &argp->acregmin)) { 2168 argp->flags |= NFSMNT_ACREGMIN; 2169 } 2170 if (nopt(&m, MNTOPT_ACREGMAX, &argp->acregmax)) { 2171 argp->flags |= NFSMNT_ACREGMAX; 2172 } 2173 if (nopt(&m, MNTOPT_ACDIRMIN, &argp->acdirmin)) { 2174 argp->flags |= NFSMNT_ACDIRMIN; 2175 } 2176 if (nopt(&m, MNTOPT_ACDIRMAX, &argp->acdirmax)) { 2177 argp->flags |= NFSMNT_ACDIRMAX; 2178 } 2179 } 2180 2181 if (posix) { 2182 argp->pathconf = NULL; 2183 if (error = get_pathconf(cl, dir, remname, 2184 &argp->pathconf, retries)) { 2185 if (secflags & AUTH_F_RPCTIMESYNC) 2186 netbuf_free(syncaddr); 2187 else if (retaddrs) 2188 netdir_free(retaddrs, ND_ADDRLIST); 2189 free_knconf(argp->knconf); 2190 netbuf_free(argp->addr); 2191 freenetconfigent(nconf); 2192 nfs_free_secdata( 2193 argp->nfs_ext_u.nfs_extB.secdata); 2194 if (argp->syncaddr) 2195 netbuf_free(argp->syncaddr); 2196 if (argp->netname) 2197 free(argp->netname); 2198 if (argp->hostname) 2199 free(argp->hostname); 2200 free(argp->fh); 2201 free(argp); 2202 head = prevhead; 2203 tail = prevtail; 2204 if (tail) 2205 tail->nfs_ext_u.nfs_extB.next = NULL; 2206 last_error = NFSERR_IO; 2207 2208 if (error == RET_RETRY && retries-- > 0) { 2209 destroy_auth_client_handle(cl); 2210 DELAY(delay); 2211 goto retry; 2212 } 2213 2214 destroy_auth_client_handle(cl); 2215 skipentry = 1; 2216 mfs->mfs_ignore = 1; 2217 continue; 2218 } 2219 argp->flags |= NFSMNT_POSIX; 2220 if (trace > 4) 2221 trace_prt(1, 2222 " nfsmount: have pathconf for %s\n", 2223 remname); 2224 } 2225 2226 /* 2227 * free loop-specific data structures 2228 */ 2229 destroy_auth_client_handle(cl); 2230 freenetconfigent(nconf); 2231 if (secflags & AUTH_F_RPCTIMESYNC) 2232 netbuf_free(syncaddr); 2233 else if (retaddrs) 2234 netdir_free(retaddrs, ND_ADDRLIST); 2235 2236 /* 2237 * Decide whether to use remote host's lockd or local locking. 2238 * If we are using the public fh, we've already turned 2239 * LLOCK on. 2240 */ 2241 if (hasmntopt(&m, MNTOPT_LLOCK)) 2242 argp->flags |= NFSMNT_LLOCK; 2243 if (!(argp->flags & NFSMNT_LLOCK) && nfsvers == NFS_VERSION && 2244 remote_lock(host, argp->fh)) { 2245 syslog(loglevel, "No network locking on %s : " 2246 "contact admin to install server change", host); 2247 argp->flags |= NFSMNT_LLOCK; 2248 } 2249 2250 /* 2251 * Build a string for /etc/mnttab. 2252 * If possible, coalesce strings with same 'dir' info. 2253 */ 2254 if ((mfs->mfs_flags & MFS_URL) == 0) { 2255 char *tmp; 2256 2257 if (mnttabcnt) { 2258 p = strrchr(mnttabtext, (int)':'); 2259 if (!p || strcmp(p+1, dir) != 0) { 2260 mnttabcnt += strlen(remname) + 2; 2261 } else { 2262 *p = '\0'; 2263 mnttabcnt += strlen(rhost) + 2; 2264 } 2265 if ((tmp = realloc(mnttabtext, 2266 mnttabcnt)) != NULL) { 2267 mnttabtext = tmp; 2268 strcat(mnttabtext, ","); 2269 } else { 2270 free(mnttabtext); 2271 mnttabtext = NULL; 2272 } 2273 } else { 2274 mnttabcnt = strlen(remname) + 1; 2275 if ((mnttabtext = malloc(mnttabcnt)) != NULL) 2276 mnttabtext[0] = '\0'; 2277 } 2278 2279 if (mnttabtext != NULL) 2280 strcat(mnttabtext, remname); 2281 2282 } else { 2283 char *tmp; 2284 int more_cnt = 0; 2285 char sport[16]; 2286 2287 more_cnt += strlen("nfs://"); 2288 more_cnt += strlen(mfs->mfs_host); 2289 2290 if (mfs->mfs_port != 0) { 2291 (void) sprintf(sport, ":%u", mfs->mfs_port); 2292 } else 2293 sport[0] = '\0'; 2294 2295 more_cnt += strlen(sport); 2296 more_cnt += 1; /* "/" */ 2297 more_cnt += strlen(mfs->mfs_dir); 2298 2299 if (mnttabcnt) { 2300 more_cnt += 1; /* "," */ 2301 mnttabcnt += more_cnt; 2302 2303 if ((tmp = realloc(mnttabtext, 2304 mnttabcnt)) != NULL) { 2305 mnttabtext = tmp; 2306 strcat(mnttabtext, ","); 2307 } else { 2308 free(mnttabtext); 2309 mnttabtext = NULL; 2310 } 2311 } else { 2312 mnttabcnt = more_cnt + 1; 2313 if ((mnttabtext = malloc(mnttabcnt)) != NULL) 2314 mnttabtext[0] = '\0'; 2315 } 2316 2317 if (mnttabtext != NULL) { 2318 strcat(mnttabtext, "nfs://"); 2319 strcat(mnttabtext, mfs->mfs_host); 2320 strcat(mnttabtext, sport); 2321 strcat(mnttabtext, "/"); 2322 strcat(mnttabtext, mfs->mfs_dir); 2323 } 2324 } 2325 2326 if (!mnttabtext) { 2327 syslog(LOG_ERR, "nfsmount: no memory"); 2328 last_error = NFSERR_IO; 2329 goto out; 2330 } 2331 2332 /* 2333 * At least one entry, can call mount(2). 2334 */ 2335 entries++; 2336 2337 /* 2338 * If replication was defeated, don't do more work 2339 */ 2340 if (!replicated) 2341 break; 2342 } 2343 2344 2345 /* 2346 * Did we get through all possibilities without success? 2347 */ 2348 if (!entries) 2349 goto out; 2350 2351 /* Make "xattr" the default if "noxattr" is not specified. */ 2352 strcpy(mopts, opts); 2353 if (!hasmntopt(&m, MNTOPT_NOXATTR) && !hasmntopt(&m, MNTOPT_XATTR)) { 2354 if (strlen(mopts) > 0) 2355 strcat(mopts, ","); 2356 strcat(mopts, "xattr"); 2357 } 2358 2359 /* 2360 * enable services as needed. 2361 */ 2362 { 2363 char **sl; 2364 2365 if (strcmp(fstype, MNTTYPE_NFS4) == 0) 2366 sl = service_list_v4; 2367 else 2368 sl = service_list; 2369 2370 (void) _check_services(sl); 2371 } 2372 2373 /* 2374 * Whew; do the mount, at last. 2375 */ 2376 if (trace > 1) { 2377 trace_prt(1, " mount %s %s (%s)\n", mnttabtext, mntpnt, mopts); 2378 } 2379 2380 /* 2381 * About to do a nfs mount, make sure the mount_to is set for 2382 * potential ephemeral mounts with NFSv4. 2383 */ 2384 set_nfsv4_ephemeral_mount_to(); 2385 2386 /* 2387 * If no action list pointer then do the mount, otherwise 2388 * build the actions list pointer with the mount information. 2389 * so the mount can be done in the kernel. 2390 */ 2391 if (alp == NULL) { 2392 if (mount(mnttabtext, mntpnt, flags | MS_DATA, fstype, 2393 head, sizeof (*head), mopts, MAX_MNTOPT_STR) < 0) { 2394 if (trace > 1) 2395 trace_prt(1, " Mount of %s on %s: %d\n", 2396 mnttabtext, mntpnt, errno); 2397 if (errno != EBUSY || verbose) 2398 syslog(LOG_ERR, 2399 "Mount of %s on %s: %m", mnttabtext, mntpnt); 2400 last_error = NFSERR_IO; 2401 goto out; 2402 } 2403 2404 last_error = NFS_OK; 2405 if (stat(mntpnt, &stbuf) == 0) { 2406 if (trace > 1) { 2407 trace_prt(1, " mount %s dev=%x rdev=%x OK\n", 2408 mnttabtext, stbuf.st_dev, stbuf.st_rdev); 2409 } 2410 } else { 2411 if (trace > 1) { 2412 trace_prt(1, " mount %s OK\n", mnttabtext); 2413 trace_prt(1, " stat of %s failed\n", mntpnt); 2414 } 2415 2416 } 2417 } else { 2418 alp->action.action = AUTOFS_MOUNT_RQ; 2419 alp->action.action_list_entry_u.mounta.spec = 2420 strdup(mnttabtext); 2421 alp->action.action_list_entry_u.mounta.dir = strdup(mntpnt); 2422 alp->action.action_list_entry_u.mounta.flags = 2423 flags | MS_DATA; 2424 alp->action.action_list_entry_u.mounta.fstype = 2425 strdup(fstype); 2426 alp->action.action_list_entry_u.mounta.dataptr = (char *)head; 2427 alp->action.action_list_entry_u.mounta.datalen = 2428 sizeof (*head); 2429 mntopts = malloc(strlen(mopts) + 1); 2430 strcpy(mntopts, mopts); 2431 mntopts[strlen(mopts)] = '\0'; 2432 alp->action.action_list_entry_u.mounta.optptr = mntopts; 2433 alp->action.action_list_entry_u.mounta.optlen = 2434 strlen(mntopts) + 1; 2435 last_error = NFS_OK; 2436 goto ret; 2437 } 2438 2439out: 2440 argp = head; 2441 while (argp) { 2442 if (argp->pathconf) 2443 free(argp->pathconf); 2444 free_knconf(argp->knconf); 2445 netbuf_free(argp->addr); 2446 if (argp->syncaddr) 2447 netbuf_free(argp->syncaddr); 2448 if (argp->netname) { 2449 free(argp->netname); 2450 } 2451 if (argp->hostname) 2452 free(argp->hostname); 2453 nfs_free_secdata(argp->nfs_ext_u.nfs_extB.secdata); 2454 free(argp->fh); 2455 head = argp; 2456 argp = argp->nfs_ext_u.nfs_extB.next; 2457 free(head); 2458 } 2459ret: 2460 if (nfs_proto) 2461 free(nfs_proto); 2462 if (mnttabtext) 2463 free(mnttabtext); 2464 2465 for (mfs = mfs_in; mfs; mfs = mfs->mfs_next) { 2466 2467 if (mfs->mfs_flags & MFS_ALLOC_DIR) { 2468 free(mfs->mfs_dir); 2469 mfs->mfs_dir = NULL; 2470 mfs->mfs_flags &= ~MFS_ALLOC_DIR; 2471 } 2472 2473 if (mfs->mfs_args != NULL && alp == NULL) { 2474 free(mfs->mfs_args); 2475 mfs->mfs_args = NULL; 2476 } 2477 2478 if (mfs->mfs_nconf != NULL) { 2479 freenetconfigent(mfs->mfs_nconf); 2480 mfs->mfs_nconf = NULL; 2481 } 2482 } 2483 2484 return (last_error); 2485} 2486 2487/* 2488 * get_pathconf(cl, path, fsname, pcnf, cretries) 2489 * ugliness that requires that ppathcnf and pathcnf stay consistent 2490 * cretries is a copy of retries used to determine when to syslog 2491 * on retry situations. 2492 */ 2493static int 2494get_pathconf(CLIENT *cl, char *path, char *fsname, struct pathcnf **pcnf, 2495 int cretries) 2496{ 2497 struct ppathcnf *p = NULL; 2498 enum clnt_stat rpc_stat; 2499 struct timeval timeout; 2500 2501 p = (struct ppathcnf *)malloc(sizeof (struct ppathcnf)); 2502 if (p == NULL) { 2503 syslog(LOG_ERR, "get_pathconf: Out of memory"); 2504 return (RET_ERR); 2505 } 2506 memset((caddr_t)p, 0, sizeof (struct ppathcnf)); 2507 2508 timeout.tv_sec = 10; 2509 timeout.tv_usec = 0; 2510 rpc_stat = clnt_call(cl, MOUNTPROC_PATHCONF, 2511 xdr_dirpath, (caddr_t)&path, xdr_ppathcnf, (caddr_t)p, timeout); 2512 if (rpc_stat != RPC_SUCCESS) { 2513 if (cretries-- <= 0) { 2514 syslog(LOG_ERR, 2515 "get_pathconf: %s: server not responding: %s", 2516 fsname, clnt_sperror(cl, "")); 2517 } 2518 free(p); 2519 return (RET_RETRY); 2520 } 2521 if (_PC_ISSET(_PC_ERROR, p->pc_mask)) { 2522 syslog(LOG_ERR, "get_pathconf: no info for %s", fsname); 2523 free(p); 2524 return (RET_ERR); 2525 } 2526 *pcnf = (struct pathcnf *)p; 2527 return (RET_OK); 2528} 2529 2530struct knetconfig * 2531get_knconf(nconf) 2532 struct netconfig *nconf; 2533{ 2534 struct stat stbuf; 2535 struct knetconfig *k; 2536 2537 if (stat(nconf->nc_device, &stbuf) < 0) { 2538 syslog(LOG_ERR, "get_knconf: stat %s: %m", nconf->nc_device); 2539 return (NULL); 2540 } 2541 k = (struct knetconfig *)malloc(sizeof (*k)); 2542 if (k == NULL) 2543 goto nomem; 2544 k->knc_semantics = nconf->nc_semantics; 2545 k->knc_protofmly = strdup(nconf->nc_protofmly); 2546 if (k->knc_protofmly == NULL) 2547 goto nomem; 2548 k->knc_proto = strdup(nconf->nc_proto); 2549 if (k->knc_proto == NULL) 2550 goto nomem; 2551 k->knc_rdev = stbuf.st_rdev; 2552 2553 return (k); 2554 2555nomem: 2556 syslog(LOG_ERR, "get_knconf: no memory"); 2557 free_knconf(k); 2558 return (NULL); 2559} 2560 2561void 2562free_knconf(k) 2563 struct knetconfig *k; 2564{ 2565 if (k == NULL) 2566 return; 2567 if (k->knc_protofmly) 2568 free(k->knc_protofmly); 2569 if (k->knc_proto) 2570 free(k->knc_proto); 2571 free(k); 2572} 2573 2574void 2575netbuf_free(nb) 2576 struct netbuf *nb; 2577{ 2578 if (nb == NULL) 2579 return; 2580 if (nb->buf) 2581 free(nb->buf); 2582 free(nb); 2583} 2584 2585#define SMALL_HOSTNAME 20 2586#define SMALL_PROTONAME 10 2587#define SMALL_PROTOFMLYNAME 10 2588 2589struct portmap_cache { 2590 int cache_prog; 2591 int cache_vers; 2592 time_t cache_time; 2593 char cache_small_hosts[SMALL_HOSTNAME + 1]; 2594 char *cache_hostname; 2595 char *cache_proto; 2596 char *cache_protofmly; 2597 char cache_small_protofmly[SMALL_PROTOFMLYNAME + 1]; 2598 char cache_small_proto[SMALL_PROTONAME + 1]; 2599 struct netbuf cache_srv_addr; 2600 struct portmap_cache *cache_prev, *cache_next; 2601}; 2602 2603rwlock_t portmap_cache_lock; 2604static int portmap_cache_valid_time = 30; 2605struct portmap_cache *portmap_cache_head, *portmap_cache_tail; 2606 2607#ifdef MALLOC_DEBUG 2608void 2609portmap_cache_flush() 2610{ 2611 struct portmap_cache *next = NULL, *cp; 2612 2613 (void) rw_wrlock(&portmap_cache_lock); 2614 for (cp = portmap_cache_head; cp; cp = cp->cache_next) { 2615 if (cp->cache_hostname != NULL && 2616 cp->cache_hostname != 2617 cp->cache_small_hosts) 2618 free(cp->cache_hostname); 2619 if (cp->cache_proto != NULL && 2620 cp->cache_proto != 2621 cp->cache_small_proto) 2622 free(cp->cache_proto); 2623 if (cp->cache_srv_addr.buf != NULL) 2624 free(cp->cache_srv_addr.buf); 2625 next = cp->cache_next; 2626 free(cp); 2627 } 2628 portmap_cache_head = NULL; 2629 portmap_cache_tail = NULL; 2630 (void) rw_unlock(&portmap_cache_lock); 2631} 2632#endif 2633 2634/* 2635 * Returns 1 if the entry is found in the cache, 0 otherwise. 2636 */ 2637static int 2638portmap_cache_lookup(hostname, prog, vers, nconf, addrp) 2639 char *hostname; 2640 rpcprog_t prog; 2641 rpcvers_t vers; 2642 struct netconfig *nconf; 2643 struct netbuf *addrp; 2644{ 2645 struct portmap_cache *cachep, *prev, *next = NULL, *cp; 2646 int retval = 0; 2647 2648 timenow = time(NULL); 2649 2650 (void) rw_rdlock(&portmap_cache_lock); 2651 2652 /* 2653 * Increment the portmap cache counters for # accesses and lookups 2654 * Use a smaller factor (100 vs 1000 for the host cache) since 2655 * initial analysis shows this cache is looked up 10% that of the 2656 * host cache. 2657 */ 2658#ifdef CACHE_DEBUG 2659 portmap_cache_accesses++; 2660 portmap_cache_lookups++; 2661 if ((portmap_cache_lookups%100) == 0) 2662 trace_portmap_cache(); 2663#endif /* CACHE_DEBUG */ 2664 2665 for (cachep = portmap_cache_head; cachep; 2666 cachep = cachep->cache_next) { 2667 if (timenow > cachep->cache_time) { 2668 /* 2669 * We stumbled across an entry in the cache which 2670 * has timed out. Free up all the entries that 2671 * were added before it, which will positionally 2672 * be after this entry. And adjust neighboring 2673 * pointers. 2674 * When we drop the lock and re-acquire it, we 2675 * need to start from the beginning. 2676 */ 2677 (void) rw_unlock(&portmap_cache_lock); 2678 (void) rw_wrlock(&portmap_cache_lock); 2679 for (cp = portmap_cache_head; 2680 cp && (cp->cache_time >= timenow); 2681 cp = cp->cache_next) 2682 ; 2683 if (cp == NULL) 2684 goto done; 2685 /* 2686 * Adjust the link of the predecessor. 2687 * Make the tail point to the new last entry. 2688 */ 2689 prev = cp->cache_prev; 2690 if (prev == NULL) { 2691 portmap_cache_head = NULL; 2692 portmap_cache_tail = NULL; 2693 } else { 2694 prev->cache_next = NULL; 2695 portmap_cache_tail = prev; 2696 } 2697 for (; cp; cp = next) { 2698 if (cp->cache_hostname != NULL && 2699 cp->cache_hostname != 2700 cp->cache_small_hosts) 2701 free(cp->cache_hostname); 2702 if (cp->cache_proto != NULL && 2703 cp->cache_proto != 2704 cp->cache_small_proto) 2705 free(cp->cache_proto); 2706 if (cp->cache_srv_addr.buf != NULL) 2707 free(cp->cache_srv_addr.buf); 2708 next = cp->cache_next; 2709 free(cp); 2710 } 2711 goto done; 2712 } 2713 if (cachep->cache_hostname == NULL || 2714 prog != cachep->cache_prog || vers != cachep->cache_vers || 2715 strcmp(nconf->nc_proto, cachep->cache_proto) != 0 || 2716 strcmp(nconf->nc_protofmly, cachep->cache_protofmly) != 0 || 2717 strcmp(hostname, cachep->cache_hostname) != 0) 2718 continue; 2719 /* 2720 * Cache Hit. 2721 */ 2722#ifdef CACHE_DEBUG 2723 portmap_cache_hits++; /* up portmap cache hit counter */ 2724#endif /* CACHE_DEBUG */ 2725 addrp->len = cachep->cache_srv_addr.len; 2726 memcpy(addrp->buf, cachep->cache_srv_addr.buf, addrp->len); 2727 retval = 1; 2728 break; 2729 } 2730done: 2731 (void) rw_unlock(&portmap_cache_lock); 2732 return (retval); 2733} 2734 2735static void 2736portmap_cache_enter(hostname, prog, vers, nconf, addrp) 2737 char *hostname; 2738 rpcprog_t prog; 2739 rpcvers_t vers; 2740 struct netconfig *nconf; 2741 struct netbuf *addrp; 2742{ 2743 struct portmap_cache *cachep; 2744 int protofmlylen; 2745 int protolen, hostnamelen; 2746 2747 timenow = time(NULL); 2748 2749 cachep = malloc(sizeof (struct portmap_cache)); 2750 if (cachep == NULL) 2751 return; 2752 memset((char *)cachep, 0, sizeof (*cachep)); 2753 2754 hostnamelen = strlen(hostname); 2755 if (hostnamelen <= SMALL_HOSTNAME) 2756 cachep->cache_hostname = cachep->cache_small_hosts; 2757 else { 2758 cachep->cache_hostname = malloc(hostnamelen + 1); 2759 if (cachep->cache_hostname == NULL) 2760 goto nomem; 2761 } 2762 strcpy(cachep->cache_hostname, hostname); 2763 protolen = strlen(nconf->nc_proto); 2764 if (protolen <= SMALL_PROTONAME) 2765 cachep->cache_proto = cachep->cache_small_proto; 2766 else { 2767 cachep->cache_proto = malloc(protolen + 1); 2768 if (cachep->cache_proto == NULL) 2769 goto nomem; 2770 } 2771 protofmlylen = strlen(nconf->nc_protofmly); 2772 if (protofmlylen <= SMALL_PROTOFMLYNAME) 2773 cachep->cache_protofmly = cachep->cache_small_protofmly; 2774 else { 2775 cachep->cache_protofmly = malloc(protofmlylen + 1); 2776 if (cachep->cache_protofmly == NULL) 2777 goto nomem; 2778 } 2779 2780 strcpy(cachep->cache_proto, nconf->nc_proto); 2781 cachep->cache_prog = prog; 2782 cachep->cache_vers = vers; 2783 cachep->cache_time = timenow + portmap_cache_valid_time; 2784 cachep->cache_srv_addr.len = addrp->len; 2785 cachep->cache_srv_addr.buf = malloc(addrp->len); 2786 if (cachep->cache_srv_addr.buf == NULL) 2787 goto nomem; 2788 memcpy(cachep->cache_srv_addr.buf, addrp->buf, addrp->maxlen); 2789 cachep->cache_prev = NULL; 2790 (void) rw_wrlock(&portmap_cache_lock); 2791 /* 2792 * There's a window in which we could have multiple threads making 2793 * the same cache entry. This can be avoided by walking the cache 2794 * once again here to check and see if there are duplicate entries 2795 * (after grabbing the write lock). This isn't fatal and I'm not 2796 * going to bother with this. 2797 */ 2798#ifdef CACHE_DEBUG 2799 portmap_cache_accesses++; /* up portmap cache access counter */ 2800#endif /* CACHE_DEBUG */ 2801 cachep->cache_next = portmap_cache_head; 2802 if (portmap_cache_head != NULL) 2803 portmap_cache_head->cache_prev = cachep; 2804 portmap_cache_head = cachep; 2805 (void) rw_unlock(&portmap_cache_lock); 2806 return; 2807 2808nomem: 2809 syslog(LOG_ERR, "portmap_cache_enter: Memory allocation failed"); 2810 if (cachep->cache_srv_addr.buf) 2811 free(cachep->cache_srv_addr.buf); 2812 if (cachep->cache_proto && protolen > SMALL_PROTONAME) 2813 free(cachep->cache_proto); 2814 if (cachep->cache_hostname && hostnamelen > SMALL_HOSTNAME) 2815 free(cachep->cache_hostname); 2816 if (cachep->cache_protofmly && protofmlylen > SMALL_PROTOFMLYNAME) 2817 free(cachep->cache_protofmly); 2818 if (cachep) 2819 free(cachep); 2820 cachep = NULL; 2821} 2822 2823static int 2824get_cached_srv_addr(char *hostname, rpcprog_t prog, rpcvers_t vers, 2825 struct netconfig *nconf, struct netbuf *addrp) 2826{ 2827 if (portmap_cache_lookup(hostname, prog, vers, nconf, addrp)) 2828 return (1); 2829 if (rpcb_getaddr(prog, vers, nconf, addrp, hostname) == 0) 2830 return (0); 2831 portmap_cache_enter(hostname, prog, vers, nconf, addrp); 2832 return (1); 2833} 2834 2835/* 2836 * Get the network address on "hostname" for program "prog" 2837 * with version "vers" by using the nconf configuration data 2838 * passed in. 2839 * 2840 * If the address of a netconfig pointer is null then 2841 * information is not sufficient and no netbuf will be returned. 2842 * 2843 * tinfo argument is for matching the get_the_addr() defined in 2844 * ../nfs/mount/mount.c 2845 */ 2846void * 2847get_the_stuff( 2848 enum type_of_stuff type_of_stuff, 2849 char *hostname, 2850 rpcprog_t prog, 2851 rpcprog_t vers, 2852 mfs_snego_t *mfssnego, 2853 struct netconfig *nconf, 2854 ushort_t port, 2855 struct t_info *tinfo, 2856 caddr_t *fhp, 2857 bool_t direct_to_server, 2858 char *fspath, 2859 enum clnt_stat *cstat) 2860 2861{ 2862 struct netbuf *nb = NULL; 2863 struct t_bind *tbind = NULL; 2864 int fd = -1; 2865 enum clnt_stat cs = RPC_TIMEDOUT; 2866 CLIENT *cl = NULL; 2867 struct timeval tv; 2868 AUTH *ah = NULL; 2869 AUTH *new_ah = NULL; 2870 struct snego_t snego; 2871 2872 if (nconf == NULL) { 2873 goto done; 2874 } 2875 2876 if (prog == NFS_PROGRAM && vers == NFS_V4) 2877 if (strncasecmp(nconf->nc_proto, NC_UDP, strlen(NC_UDP)) == 0) 2878 goto done; 2879 2880 if ((fd = t_open(nconf->nc_device, O_RDWR, tinfo)) < 0) { 2881 goto done; 2882 } 2883 2884 /* LINTED pointer alignment */ 2885 if ((tbind = (struct t_bind *)t_alloc(fd, T_BIND, T_ADDR)) 2886 == NULL) { 2887 goto done; 2888 } 2889 2890 if (direct_to_server == TRUE) { 2891 struct nd_hostserv hs; 2892 struct nd_addrlist *retaddrs; 2893 hs.h_host = hostname; 2894 2895 if (trace > 1) 2896 trace_prt(1, " get_the_stuff: %s call " 2897 "direct to server %s\n", 2898 type_of_stuff == SERVER_FH ? "pub fh" : 2899 type_of_stuff == SERVER_ADDR ? "get address" : 2900 type_of_stuff == SERVER_PING ? "ping" : 2901 "unknown", hostname); 2902 if (port == 0) 2903 hs.h_serv = "nfs"; 2904 else 2905 hs.h_serv = NULL; 2906 2907 if (netdir_getbyname(nconf, &hs, &retaddrs) != ND_OK) { 2908 goto done; 2909 } 2910 memcpy(tbind->addr.buf, retaddrs->n_addrs->buf, 2911 retaddrs->n_addrs->len); 2912 tbind->addr.len = retaddrs->n_addrs->len; 2913 netdir_free((void *)retaddrs, ND_ADDRLIST); 2914 if (port) { 2915 /* LINTED pointer alignment */ 2916 2917 if (strcmp(nconf->nc_protofmly, NC_INET) == NULL) 2918 ((struct sockaddr_in *) 2919 tbind->addr.buf)->sin_port = 2920 htons((ushort_t)port); 2921 else if (strcmp(nconf->nc_protofmly, NC_INET6) == NULL) 2922 ((struct sockaddr_in6 *) 2923 tbind->addr.buf)->sin6_port = 2924 htons((ushort_t)port); 2925 } 2926 2927 if (type_of_stuff == SERVER_FH) { 2928 if (netdir_options(nconf, ND_SET_RESERVEDPORT, fd, 2929 NULL) == -1) 2930 if (trace > 1) 2931 trace_prt(1, "\tget_the_stuff: " 2932 "ND_SET_RESERVEDPORT(%s) " 2933 "failed\n", hostname); 2934 } 2935 2936 cl = clnt_tli_create(fd, nconf, &tbind->addr, prog, 2937 vers, 0, 0); 2938 2939 if (trace > 1) 2940 trace_prt(1, " get_the_stuff: clnt_tli_create(%s) " 2941 "returned %p\n", hostname, cl); 2942 if (cl == NULL) 2943 goto done; 2944#ifdef MALLOC_DEBUG 2945 add_alloc("CLNT_HANDLE", cl, 0, __FILE__, __LINE__); 2946 add_alloc("AUTH_HANDLE", cl->cl_auth, 0, 2947 __FILE__, __LINE__); 2948#endif 2949 2950 switch (type_of_stuff) { 2951 case SERVER_FH: 2952 { 2953 enum snego_stat sec; 2954 2955 ah = authsys_create_default(); 2956 if (ah != NULL) { 2957#ifdef MALLOC_DEBUG 2958 drop_alloc("AUTH_HANDLE", cl->cl_auth, 2959 __FILE__, __LINE__); 2960#endif 2961 AUTH_DESTROY(cl->cl_auth); 2962 cl->cl_auth = ah; 2963#ifdef MALLOC_DEBUG 2964 add_alloc("AUTH_HANDLE", cl->cl_auth, 0, 2965 __FILE__, __LINE__); 2966#endif 2967 } 2968 2969 if (!mfssnego->snego_done && vers != NFS_V4) { 2970 /* 2971 * negotiate sec flavor. 2972 */ 2973 snego.cnt = 0; 2974 if ((sec = nfs_sec_nego(vers, cl, fspath, &snego)) == 2975 SNEGO_SUCCESS) { 2976 int jj; 2977 2978 /* 2979 * check if server supports the one 2980 * specified in the sec= option. 2981 */ 2982 if (mfssnego->sec_opt) { 2983 for (jj = 0; jj < snego.cnt; jj++) { 2984 if (snego.array[jj] == 2985 mfssnego->nfs_sec.sc_nfsnum) { 2986 mfssnego->snego_done = TRUE; 2987 break; 2988 } 2989 } 2990 } 2991 2992 /* 2993 * find a common sec flavor 2994 */ 2995 if (!mfssnego->snego_done) { 2996 for (jj = 0; jj < snego.cnt; jj++) { 2997 if (!nfs_getseconfig_bynumber( 2998 snego.array[jj], &mfssnego->nfs_sec)) { 2999 mfssnego->snego_done = TRUE; 3000 break; 3001 } 3002 } 3003 } 3004 if (!mfssnego->snego_done) 3005 return (NULL); 3006 3007 /* 3008 * Now that the flavor has been 3009 * negotiated, get the fh. 3010 * 3011 * First, create an auth handle using the negotiated 3012 * sec flavor in the next lookup to 3013 * fetch the filehandle. 3014 */ 3015 new_ah = nfs_create_ah(cl, hostname, 3016 &mfssnego->nfs_sec); 3017 if (new_ah == NULL) 3018 goto done; 3019#ifdef MALLOC_DEBUG 3020 drop_alloc("AUTH_HANDLE", cl->cl_auth, 3021 __FILE__, __LINE__); 3022#endif 3023 AUTH_DESTROY(cl->cl_auth); 3024 cl->cl_auth = new_ah; 3025#ifdef MALLOC_DEBUG 3026 add_alloc("AUTH_HANDLE", cl->cl_auth, 0, 3027 __FILE__, __LINE__); 3028#endif 3029 } else if (sec == SNEGO_ARRAY_TOO_SMALL || 3030 sec == SNEGO_FAILURE) { 3031 goto done; 3032 } 3033 /* 3034 * Note that if sec == SNEGO_DEF_VALID 3035 * the default sec flavor is acceptable. 3036 * Use it to get the filehandle. 3037 */ 3038 } 3039 } 3040 3041 switch (vers) { 3042 case NFS_VERSION: 3043 { 3044 wnl_diropargs arg; 3045 wnl_diropres res; 3046 3047 memset((char *)&arg.dir, 0, sizeof (wnl_fh)); 3048 memset((char *)&res, 0, sizeof (wnl_diropres)); 3049 arg.name = fspath; 3050 if (wnlproc_lookup_2(&arg, &res, cl) != 3051 RPC_SUCCESS || res.status != NFS_OK) 3052 goto done; 3053 *fhp = malloc(sizeof (wnl_fh)); 3054 3055 if (*fhp == NULL) { 3056 syslog(LOG_ERR, "no memory\n"); 3057 goto done; 3058 } 3059 3060 memcpy((char *)*fhp, 3061 (char *)&res.wnl_diropres_u.wnl_diropres.file, 3062 sizeof (wnl_fh)); 3063 cs = RPC_SUCCESS; 3064 } 3065 break; 3066 case NFS_V3: 3067 { 3068 WNL_LOOKUP3args arg; 3069 WNL_LOOKUP3res res; 3070 nfs_fh3 *fh3p; 3071 3072 memset((char *)&arg.what.dir, 0, sizeof (wnl_fh3)); 3073 memset((char *)&res, 0, sizeof (WNL_LOOKUP3res)); 3074 arg.what.name = fspath; 3075 if (wnlproc3_lookup_3(&arg, &res, cl) != 3076 RPC_SUCCESS || res.status != NFS3_OK) 3077 goto done; 3078 3079 fh3p = (nfs_fh3 *)malloc(sizeof (*fh3p)); 3080 3081 if (fh3p == NULL) { 3082 syslog(LOG_ERR, "no memory\n"); 3083 goto done; 3084 } 3085 3086 fh3p->fh3_length = res. 3087 WNL_LOOKUP3res_u.res_ok.object.data.data_len; 3088 memcpy(fh3p->fh3_u.data, &res. 3089 WNL_LOOKUP3res_u.res_ok.object.data.data_val, 3090 fh3p->fh3_length); 3091 3092 *fhp = (caddr_t)fh3p; 3093 3094 cs = RPC_SUCCESS; 3095 } 3096 break; 3097 case NFS_V4: 3098 tv.tv_sec = 10; 3099 tv.tv_usec = 0; 3100 cs = clnt_call(cl, NULLPROC, xdr_void, 0, 3101 xdr_void, 0, tv); 3102 if (cs != RPC_SUCCESS) 3103 goto done; 3104 *fhp = strdup(fspath); 3105 break; 3106 } 3107 break; 3108 case SERVER_ADDR: 3109 case SERVER_PING: 3110 tv.tv_sec = 10; 3111 tv.tv_usec = 0; 3112 cs = clnt_call(cl, NULLPROC, xdr_void, 0, 3113 xdr_void, 0, tv); 3114 if (trace > 1) 3115 trace_prt(1, 3116 "get_the_stuff: clnt_call(%s) " 3117 "returned %s\n", 3118 hostname, 3119 cs == RPC_SUCCESS ? "success" : 3120 "failure"); 3121 3122 if (cs != RPC_SUCCESS) 3123 goto done; 3124 break; 3125 } 3126 3127 } else if (type_of_stuff != SERVER_FH) { 3128 3129 if (type_of_stuff == SERVER_ADDR) { 3130 if (get_cached_srv_addr(hostname, prog, vers, nconf, 3131 &tbind->addr) == 0) 3132 goto done; 3133 } 3134 3135 if (port) { 3136 /* LINTED pointer alignment */ 3137 if (strcmp(nconf->nc_protofmly, NC_INET) == NULL) 3138 ((struct sockaddr_in *) 3139 tbind->addr.buf)->sin_port = 3140 htons((ushort_t)port); 3141 else if (strcmp(nconf->nc_protofmly, NC_INET6) == NULL) 3142 ((struct sockaddr_in6 *) 3143 tbind->addr.buf)->sin6_port = 3144 htons((ushort_t)port); 3145 cl = clnt_tli_create(fd, nconf, &tbind->addr, 3146 prog, vers, 0, 0); 3147 if (cl == NULL) 3148 goto done; 3149#ifdef MALLOC_DEBUG 3150 add_alloc("CLNT_HANDLE", cl, 0, __FILE__, __LINE__); 3151 add_alloc("AUTH_HANDLE", cl->cl_auth, 0, 3152 __FILE__, __LINE__); 3153#endif 3154 tv.tv_sec = 10; 3155 tv.tv_usec = 0; 3156 cs = clnt_call(cl, NULLPROC, xdr_void, 0, xdr_void, 3157 0, tv); 3158 if (cs != RPC_SUCCESS) 3159 goto done; 3160 } 3161 3162 } else { 3163 /* can't happen */ 3164 goto done; 3165 } 3166 3167 if (type_of_stuff != SERVER_PING) { 3168 3169 cs = RPC_SYSTEMERROR; 3170 3171 /* 3172 * Make a copy of the netbuf to return 3173 */ 3174 nb = (struct netbuf *)malloc(sizeof (struct netbuf)); 3175 if (nb == NULL) { 3176 syslog(LOG_ERR, "no memory\n"); 3177 goto done; 3178 } 3179 *nb = tbind->addr; 3180 nb->buf = (char *)malloc(nb->maxlen); 3181 if (nb->buf == NULL) { 3182 syslog(LOG_ERR, "no memory\n"); 3183 free(nb); 3184 nb = NULL; 3185 goto done; 3186 } 3187 (void) memcpy(nb->buf, tbind->addr.buf, tbind->addr.len); 3188 3189 cs = RPC_SUCCESS; 3190 } 3191 3192done: 3193 if (cl != NULL) { 3194 if (ah != NULL) { 3195#ifdef MALLOC_DEBUG 3196 drop_alloc("AUTH_HANDLE", cl->cl_auth, 3197 __FILE__, __LINE__); 3198#endif 3199 AUTH_DESTROY(cl->cl_auth); 3200 cl->cl_auth = NULL; 3201 } 3202#ifdef MALLOC_DEBUG 3203 drop_alloc("CLNT_HANDLE", cl, __FILE__, __LINE__); 3204#endif 3205 clnt_destroy(cl); 3206 } 3207 3208 if (tbind) { 3209 t_free((char *)tbind, T_BIND); 3210 tbind = NULL; 3211 } 3212 3213 if (fd >= 0) 3214 (void) t_close(fd); 3215 3216 if (cstat != NULL) 3217 *cstat = cs; 3218 3219 return (nb); 3220} 3221 3222/* 3223 * Get a network address on "hostname" for program "prog" 3224 * with version "vers". If the port number is specified (non zero) 3225 * then try for a TCP/UDP transport and set the port number of the 3226 * resulting IP address. 3227 * 3228 * If the address of a netconfig pointer was passed and 3229 * if it's not null, use it as the netconfig otherwise 3230 * assign the address of the netconfig that was used to 3231 * establish contact with the service. 3232 * 3233 * tinfo argument is for matching the get_addr() defined in 3234 * ../nfs/mount/mount.c 3235 */ 3236 3237static struct netbuf * 3238get_addr(char *hostname, rpcprog_t prog, rpcvers_t vers, 3239 struct netconfig **nconfp, char *proto, ushort_t port, 3240 struct t_info *tinfo) 3241 3242{ 3243 enum clnt_stat cstat; 3244 3245 return (get_server_stuff(SERVER_ADDR, hostname, prog, vers, NULL, 3246 nconfp, proto, port, tinfo, NULL, FALSE, NULL, &cstat)); 3247} 3248 3249static struct netbuf * 3250get_pubfh(char *hostname, rpcvers_t vers, mfs_snego_t *mfssnego, 3251 struct netconfig **nconfp, char *proto, ushort_t port, 3252 struct t_info *tinfo, caddr_t *fhp, bool_t get_pubfh, char *fspath) 3253{ 3254 enum clnt_stat cstat; 3255 3256 return (get_server_stuff(SERVER_FH, hostname, NFS_PROGRAM, vers, 3257 mfssnego, nconfp, proto, port, tinfo, fhp, get_pubfh, fspath, 3258 &cstat)); 3259} 3260 3261static enum clnt_stat 3262get_ping(char *hostname, rpcprog_t prog, rpcvers_t vers, 3263 struct netconfig **nconfp, ushort_t port, bool_t direct_to_server) 3264{ 3265 enum clnt_stat cstat; 3266 3267 (void) get_server_stuff(SERVER_PING, hostname, prog, vers, NULL, nconfp, 3268 NULL, port, NULL, NULL, direct_to_server, NULL, &cstat); 3269 3270 return (cstat); 3271} 3272 3273void * 3274get_server_stuff( 3275 enum type_of_stuff type_of_stuff, 3276 char *hostname, 3277 rpcprog_t prog, 3278 rpcvers_t vers, 3279 mfs_snego_t *mfssnego, 3280 struct netconfig **nconfp, 3281 char *proto, 3282 ushort_t port, /* may be zero */ 3283 struct t_info *tinfo, 3284 caddr_t *fhp, 3285 bool_t direct_to_server, 3286 char *fspath, 3287 enum clnt_stat *cstatp) 3288{ 3289 struct netbuf *nb = NULL; 3290 struct netconfig *nconf = NULL; 3291 NCONF_HANDLE *nc = NULL; 3292 int nthtry = FIRST_TRY; 3293 3294 if (nconfp && *nconfp) 3295 return (get_the_stuff(type_of_stuff, hostname, prog, vers, 3296 mfssnego, *nconfp, port, tinfo, fhp, direct_to_server, 3297 fspath, cstatp)); 3298 3299 3300 /* 3301 * No nconf passed in. 3302 * 3303 * Try to get a nconf from /etc/netconfig. 3304 * First choice is COTS, second is CLTS unless proto 3305 * is specified. When we retry, we reset the 3306 * netconfig list, so that we search the whole list 3307 * for the next choice. 3308 */ 3309 if ((nc = setnetpath()) == NULL) 3310 goto done; 3311 3312 /* 3313 * If proto is specified, then only search for the match, 3314 * otherwise try COTS first, if failed, then try CLTS. 3315 */ 3316 if (proto) { 3317 3318 while (nconf = getnetpath(nc)) { 3319 if (strcmp(nconf->nc_proto, proto)) 3320 continue; 3321 /* 3322 * If the port number is specified then TCP/UDP 3323 * is needed. Otherwise any cots/clts will do. 3324 */ 3325 if (port) { 3326 if ((strcmp(nconf->nc_protofmly, NC_INET) && 3327 strcmp(nconf->nc_protofmly, NC_INET6)) || 3328 (strcmp(nconf->nc_proto, NC_TCP) && 3329 strcmp(nconf->nc_proto, NC_UDP))) 3330 continue; 3331 } 3332 3333 nb = get_the_stuff(type_of_stuff, hostname, prog, vers, 3334 mfssnego, nconf, port, tinfo, fhp, 3335 direct_to_server, fspath, cstatp); 3336 3337 if (*cstatp == RPC_SUCCESS) 3338 break; 3339 3340 assert(nb == NULL); 3341 3342 } /* end of while */ 3343 3344 if (nconf == NULL) 3345 goto done; 3346 3347 } else { 3348retry: 3349 while (nconf = getnetpath(nc)) { 3350 if (nconf->nc_flag & NC_VISIBLE) { 3351 if (nthtry == FIRST_TRY) { 3352 if ((nconf->nc_semantics == 3353 NC_TPI_COTS_ORD) || 3354 (nconf->nc_semantics == 3355 NC_TPI_COTS)) { 3356 if (port == 0) 3357 break; 3358 if ((strcmp(nconf->nc_protofmly, 3359 NC_INET) == 0 || 3360 strcmp(nconf->nc_protofmly, 3361 NC_INET6) == 0) && 3362 (strcmp(nconf->nc_proto, 3363 NC_TCP) == 0)) 3364 break; 3365 } 3366 } 3367 if (nthtry == SECOND_TRY) { 3368 if (nconf->nc_semantics == 3369 NC_TPI_CLTS) { 3370 if (port == 0) 3371 break; 3372 if ((strcmp(nconf->nc_protofmly, 3373 NC_INET) == 0 || 3374 strcmp(nconf->nc_protofmly, 3375 NC_INET6) == 0) && 3376 (strcmp(nconf->nc_proto, 3377 NC_UDP) == 0)) 3378 break; 3379 } 3380 } 3381 } 3382 } /* while */ 3383 if (nconf == NULL) { 3384 if (++nthtry <= MNT_PREF_LISTLEN) { 3385 endnetpath(nc); 3386 if ((nc = setnetpath()) == NULL) 3387 goto done; 3388 goto retry; 3389 } else 3390 goto done; 3391 } else { 3392 nb = get_the_stuff(type_of_stuff, hostname, prog, vers, 3393 mfssnego, nconf, port, tinfo, fhp, direct_to_server, 3394 fspath, cstatp); 3395 if (*cstatp != RPC_SUCCESS) 3396 /* 3397 * Continue the same search path in the 3398 * netconfig db until no more matched nconf 3399 * (nconf == NULL). 3400 */ 3401 goto retry; 3402 } 3403 } /* if !proto */ 3404 3405 /* 3406 * Got nconf and nb. Now dup the netconfig structure (nconf) 3407 * and return it thru nconfp. 3408 */ 3409 *nconfp = getnetconfigent(nconf->nc_netid); 3410 if (*nconfp == NULL) { 3411 syslog(LOG_ERR, "no memory\n"); 3412 free(nb); 3413 nb = NULL; 3414 } 3415done: 3416 if (nc) 3417 endnetpath(nc); 3418 return (nb); 3419} 3420 3421 3422/* 3423 * Sends a null call to the remote host's (NFS program, versp). versp 3424 * may be "NULL" in which case the default maximum version is used. 3425 * Upon return, versp contains the maximum version supported iff versp!= NULL. 3426 */ 3427enum clnt_stat 3428pingnfs( 3429 char *hostpart, 3430 int attempts, 3431 rpcvers_t *versp, 3432 rpcvers_t versmin, 3433 ushort_t port, /* may be zero */ 3434 bool_t usepub, 3435 char *path, 3436 char *proto) 3437{ 3438 CLIENT *cl = NULL; 3439 struct timeval rpc_to_new = {15, 0}; 3440 static struct timeval rpc_rtrans_new = {-1, -1}; 3441 enum clnt_stat clnt_stat; 3442 int i, j; 3443 rpcvers_t versmax; /* maximum version to try against server */ 3444 rpcvers_t outvers; /* version supported by host on last call */ 3445 rpcvers_t vers_to_try; /* to try different versions against host */ 3446 char *hostname; 3447 struct netconfig *nconf; 3448 3449 hostname = strdup(hostpart); 3450 if (hostname == NULL) { 3451 return (RPC_SYSTEMERROR); 3452 } 3453 unbracket(&hostname); 3454 3455 if (path != NULL && strcmp(hostname, "nfs") == 0 && 3456 strncmp(path, "//", 2) == 0) { 3457 char *sport; 3458 3459 hostname = strdup(path+2); 3460 3461 if (hostname == NULL) 3462 return (RPC_SYSTEMERROR); 3463 3464 path = strchr(hostname, '/'); 3465 3466 /* 3467 * This cannot happen. If it does, give up 3468 * on the ping as this is obviously a corrupt 3469 * entry. 3470 */ 3471 if (path == NULL) { 3472 free(hostname); 3473 return (RPC_SUCCESS); 3474 } 3475 3476 /* 3477 * Probable end point of host string. 3478 */ 3479 *path = '\0'; 3480 3481 sport = strchr(hostname, ':'); 3482 3483 if (sport != NULL && sport < path) { 3484 3485 /* 3486 * Actual end point of host string. 3487 */ 3488 *sport = '\0'; 3489 port = htons((ushort_t)atoi(sport+1)); 3490 } 3491 3492 usepub = TRUE; 3493 } 3494 3495 /* Pick up the default versions and then set them appropriately */ 3496 if (versp) { 3497 versmax = *versp; 3498 /* use versmin passed in */ 3499 } else { 3500 read_default_nfs(); 3501 set_versrange(0, &versmax, &versmin); 3502 } 3503 3504 if (proto && 3505 strncasecmp(proto, NC_UDP, strlen(NC_UDP)) == 0 && 3506 versmax == NFS_V4) { 3507 if (versmin == NFS_V4) { 3508 if (versp) { 3509 *versp = versmax - 1; 3510 return (RPC_SUCCESS); 3511 } 3512 return (RPC_PROGUNAVAIL); 3513 } else { 3514 versmax--; 3515 } 3516 } 3517 3518 if (versp) 3519 *versp = versmax; 3520 3521 switch (cache_check(hostname, versp, proto)) { 3522 case GOODHOST: 3523 if (hostname != hostpart) 3524 free(hostname); 3525 return (RPC_SUCCESS); 3526 case DEADHOST: 3527 if (hostname != hostpart) 3528 free(hostname); 3529 return (RPC_TIMEDOUT); 3530 case NOHOST: 3531 default: 3532 break; 3533 } 3534 3535 /* 3536 * XXX The retransmission time rpcbrmttime is a global defined 3537 * in the rpc library (rpcb_clnt.c). We use (and like) the default 3538 * value of 15 sec in the rpc library. The code below is to protect 3539 * us in case it changes. This need not be done under a lock since 3540 * any # of threads entering this function will get the same 3541 * retransmission value. 3542 */ 3543 if (rpc_rtrans_new.tv_sec == -1 && rpc_rtrans_new.tv_usec == -1) { 3544 __rpc_control(CLCR_GET_RPCB_RMTTIME, (char *)&rpc_rtrans_new); 3545 if (rpc_rtrans_new.tv_sec != 15 && rpc_rtrans_new.tv_sec != 0) 3546 if (trace > 1) 3547 trace_prt(1, "RPC library rttimer changed\n"); 3548 } 3549 3550 /* 3551 * XXX Manipulate the total timeout to get the number of 3552 * desired retransmissions. This code is heavily dependant on 3553 * the RPC backoff mechanism in clnt_dg_call (clnt_dg.c). 3554 */ 3555 for (i = 0, j = rpc_rtrans_new.tv_sec; i < attempts-1; i++) { 3556 if (j < RPC_MAX_BACKOFF) 3557 j *= 2; 3558 else 3559 j = RPC_MAX_BACKOFF; 3560 rpc_to_new.tv_sec += j; 3561 } 3562 3563 vers_to_try = versmax; 3564 3565 /* 3566 * check the host's version within the timeout 3567 */ 3568 if (trace > 1) 3569 trace_prt(1, " ping: %s timeout=%ld request vers=%d min=%d\n", 3570 hostname, rpc_to_new.tv_sec, versmax, versmin); 3571 3572 if (usepub == FALSE) { 3573 do { 3574 /* 3575 * If NFSv4, then we do the same thing as is used 3576 * for public filehandles so that we avoid rpcbind 3577 */ 3578 if (vers_to_try == NFS_V4) { 3579 if (trace > 4) { 3580 trace_prt(1, " pingnfs: Trying ping via " 3581 "\"circuit_v\"\n"); 3582 } 3583 3584 cl = clnt_create_service_timed(hostname, "nfs", 3585 NFS_PROGRAM, vers_to_try, 3586 port, "circuit_v", &rpc_to_new); 3587 if (cl != NULL) { 3588 outvers = vers_to_try; 3589 break; 3590 } 3591 if (trace > 4) { 3592 trace_prt(1, 3593 " pingnfs: Can't ping via " 3594 "\"circuit_v\" %s: RPC error=%d\n", 3595 hostname, rpc_createerr.cf_stat); 3596 } 3597 3598 } else { 3599 cl = clnt_create_vers_timed(hostname, 3600 NFS_PROGRAM, &outvers, versmin, vers_to_try, 3601 "datagram_v", &rpc_to_new); 3602 if (cl != NULL) 3603 break; 3604 if (trace > 4) { 3605 trace_prt(1, 3606 " pingnfs: Can't ping via " 3607 "\"datagram_v\"%s: RPC error=%d\n", 3608 hostname, rpc_createerr.cf_stat); 3609 } 3610 if (rpc_createerr.cf_stat == RPC_UNKNOWNHOST || 3611 rpc_createerr.cf_stat == RPC_TIMEDOUT) 3612 break; 3613 if (rpc_createerr.cf_stat == 3614 RPC_PROGNOTREGISTERED) { 3615 if (trace > 4) { 3616 trace_prt(1, 3617 " pingnfs: Trying ping " 3618 "via \"circuit_v\"\n"); 3619 } 3620 cl = clnt_create_vers_timed(hostname, 3621 NFS_PROGRAM, &outvers, 3622 versmin, vers_to_try, 3623 "circuit_v", &rpc_to_new); 3624 if (cl != NULL) 3625 break; 3626 if (trace > 4) { 3627 trace_prt(1, 3628 " pingnfs: Can't ping " 3629 "via \"circuit_v\" %s: " 3630 "RPC error=%d\n", 3631 hostname, 3632 rpc_createerr.cf_stat); 3633 } 3634 } 3635 } 3636 3637 /* 3638 * backoff and return lower version to retry the ping. 3639 * XXX we should be more careful and handle 3640 * RPC_PROGVERSMISMATCH here, because that error is handled 3641 * in clnt_create_vers(). It's not done to stay in sync 3642 * with the nfs mount command. 3643 */ 3644 vers_to_try--; 3645 if (vers_to_try < versmin) 3646 break; 3647 if (versp != NULL) { /* recheck the cache */ 3648 *versp = vers_to_try; 3649 if (trace > 4) { 3650 trace_prt(1, 3651 " pingnfs: check cache: vers=%d\n", 3652 *versp); 3653 } 3654 switch (cache_check(hostname, versp, proto)) { 3655 case GOODHOST: 3656 if (hostname != hostpart) 3657 free(hostname); 3658 return (RPC_SUCCESS); 3659 case DEADHOST: 3660 if (hostname != hostpart) 3661 free(hostname); 3662 return (RPC_TIMEDOUT); 3663 case NOHOST: 3664 default: 3665 break; 3666 } 3667 } 3668 if (trace > 4) { 3669 trace_prt(1, " pingnfs: Try version=%d\n", 3670 vers_to_try); 3671 } 3672 } while (cl == NULL); 3673 3674 3675 if (cl == NULL) { 3676 if (verbose) 3677 syslog(LOG_ERR, "pingnfs: %s%s", 3678 hostname, clnt_spcreateerror("")); 3679 clnt_stat = rpc_createerr.cf_stat; 3680 } else { 3681 clnt_destroy(cl); 3682 clnt_stat = RPC_SUCCESS; 3683 } 3684 3685 } else { 3686 for (vers_to_try = versmax; vers_to_try >= versmin; 3687 vers_to_try--) { 3688 3689 nconf = NULL; 3690 3691 if (trace > 4) { 3692 trace_prt(1, " pingnfs: Try version=%d " 3693 "using get_ping()\n", vers_to_try); 3694 } 3695 3696 clnt_stat = get_ping(hostname, NFS_PROGRAM, 3697 vers_to_try, &nconf, port, TRUE); 3698 3699 if (nconf != NULL) 3700 freenetconfigent(nconf); 3701 3702 if (clnt_stat == RPC_SUCCESS) { 3703 outvers = vers_to_try; 3704 break; 3705 } 3706 } 3707 } 3708 3709 if (trace > 1) 3710 clnt_stat == RPC_SUCCESS ? 3711 trace_prt(1, " pingnfs OK: nfs version=%d\n", outvers): 3712 trace_prt(1, " pingnfs FAIL: can't get nfs version\n"); 3713 3714 if (clnt_stat == RPC_SUCCESS) { 3715 cache_enter(hostname, versmax, outvers, proto, GOODHOST); 3716 if (versp != NULL) 3717 *versp = outvers; 3718 } else 3719 cache_enter(hostname, versmax, versmax, proto, DEADHOST); 3720 3721 if (hostpart != hostname) 3722 free(hostname); 3723 3724 return (clnt_stat); 3725} 3726 3727#define MNTTYPE_LOFS "lofs" 3728 3729int 3730loopbackmount(fsname, dir, mntopts, overlay) 3731 char *fsname; /* Directory being mounted */ 3732 char *dir; /* Directory being mounted on */ 3733 char *mntopts; 3734 int overlay; 3735{ 3736 struct mnttab mnt; 3737 int flags = 0; 3738 char fstype[] = MNTTYPE_LOFS; 3739 int dirlen; 3740 struct stat st; 3741 char optbuf[MAX_MNTOPT_STR]; 3742 3743 dirlen = strlen(dir); 3744 if (dir[dirlen-1] == ' ') 3745 dirlen--; 3746 3747 if (dirlen == strlen(fsname) && 3748 strncmp(fsname, dir, dirlen) == 0) { 3749 syslog(LOG_ERR, 3750 "Mount of %s on %s would result in deadlock, aborted\n", 3751 fsname, dir); 3752 return (RET_ERR); 3753 } 3754 mnt.mnt_mntopts = mntopts; 3755 if (hasmntopt(&mnt, MNTOPT_RO) != NULL) 3756 flags |= MS_RDONLY; 3757 3758 (void) strlcpy(optbuf, mntopts, sizeof (optbuf)); 3759 3760 if (overlay) 3761 flags |= MS_OVERLAY; 3762 3763 if (trace > 1) 3764 trace_prt(1, 3765 " loopbackmount: fsname=%s, dir=%s, flags=%d\n", 3766 fsname, dir, flags); 3767 3768 if (is_system_labeled()) { 3769 if (create_homedir((const char *)fsname, 3770 (const char *)dir) == 0) { 3771 return (NFSERR_NOENT); 3772 } 3773 } 3774 3775 if (mount(fsname, dir, flags | MS_DATA | MS_OPTIONSTR, fstype, 3776 NULL, 0, optbuf, sizeof (optbuf)) < 0) { 3777 syslog(LOG_ERR, "Mount of %s on %s: %m", fsname, dir); 3778 return (RET_ERR); 3779 } 3780 3781 if (stat(dir, &st) == 0) { 3782 if (trace > 1) { 3783 trace_prt(1, 3784 " loopbackmount of %s on %s dev=%x rdev=%x OK\n", 3785 fsname, dir, st.st_dev, st.st_rdev); 3786 } 3787 } else { 3788 if (trace > 1) { 3789 trace_prt(1, 3790 " loopbackmount of %s on %s OK\n", fsname, dir); 3791 trace_prt(1, " stat of %s failed\n", dir); 3792 } 3793 } 3794 3795 return (0); 3796} 3797 3798/* 3799 * Look for the value of a numeric option of the form foo=x. If found, set 3800 * *valp to the value and return non-zero. If not found or the option is 3801 * malformed, return zero. 3802 */ 3803 3804int 3805nopt(mnt, opt, valp) 3806 struct mnttab *mnt; 3807 char *opt; 3808 int *valp; /* OUT */ 3809{ 3810 char *equal; 3811 char *str; 3812 3813 /* 3814 * We should never get a null pointer, but if we do, it's better to 3815 * ignore the option than to dump core. 3816 */ 3817 3818 if (valp == NULL) { 3819 syslog(LOG_DEBUG, "null pointer for %s option", opt); 3820 return (0); 3821 } 3822 3823 if (str = hasmntopt(mnt, opt)) { 3824 if (equal = strchr(str, '=')) { 3825 *valp = atoi(&equal[1]); 3826 return (1); 3827 } else { 3828 syslog(LOG_ERR, "Bad numeric option '%s'", str); 3829 } 3830 } 3831 return (0); 3832} 3833 3834int 3835nfsunmount(mnt) 3836 struct mnttab *mnt; 3837{ 3838 struct timeval timeout; 3839 CLIENT *cl; 3840 enum clnt_stat rpc_stat; 3841 char *host, *path; 3842 struct replica *list; 3843 int i, count = 0; 3844 int isv4mount = is_v4_mount(mnt->mnt_mountp); 3845 3846 if (trace > 1) 3847 trace_prt(1, " nfsunmount: umount %s\n", mnt->mnt_mountp); 3848 3849 if (umount(mnt->mnt_mountp) < 0) { 3850 if (trace > 1) 3851 trace_prt(1, " nfsunmount: umount %s FAILED\n", 3852 mnt->mnt_mountp); 3853 if (errno) 3854 return (errno); 3855 } 3856 3857 /* 3858 * If this is a NFSv4 mount, the mount protocol was not used 3859 * so we just return. 3860 */ 3861 if (isv4mount) { 3862 if (trace > 1) 3863 trace_prt(1, " nfsunmount: umount %s OK\n", 3864 mnt->mnt_mountp); 3865 return (0); 3866 } 3867 3868 /* 3869 * If mounted with -o public, then no need to contact server 3870 * because mount protocol was not used. 3871 */ 3872 if (hasmntopt(mnt, MNTOPT_PUBLIC) != NULL) { 3873 return (0); 3874 } 3875 3876 /* 3877 * The rest of this code is advisory to the server. 3878 * If it fails return success anyway. 3879 */ 3880 3881 list = parse_replica(mnt->mnt_special, &count); 3882 if (!list) { 3883 if (count >= 0) 3884 syslog(LOG_ERR, 3885 "Memory allocation failed: %m"); 3886 return (ENOMEM); 3887 } 3888 3889 for (i = 0; i < count; i++) { 3890 3891 host = list[i].host; 3892 path = list[i].path; 3893 3894 /* 3895 * Skip file systems mounted using WebNFS, because mount 3896 * protocol was not used. 3897 */ 3898 if (strcmp(host, "nfs") == 0 && strncmp(path, "//", 2) == 0) 3899 continue; 3900 3901 cl = clnt_create(host, MOUNTPROG, MOUNTVERS, "datagram_v"); 3902 if (cl == NULL) 3903 break; 3904#ifdef MALLOC_DEBUG 3905 add_alloc("CLNT_HANDLE", cl, 0, __FILE__, __LINE__); 3906 add_alloc("AUTH_HANDLE", cl->cl_auth, 0, 3907 __FILE__, __LINE__); 3908#endif 3909 if (__clnt_bindresvport(cl) < 0) { 3910 if (verbose) 3911 syslog(LOG_ERR, "umount %s:%s: %s", 3912 host, path, 3913 "Couldn't bind to reserved port"); 3914 destroy_auth_client_handle(cl); 3915 continue; 3916 } 3917#ifdef MALLOC_DEBUG 3918 drop_alloc("AUTH_HANDLE", cl->cl_auth, __FILE__, __LINE__); 3919#endif 3920 AUTH_DESTROY(cl->cl_auth); 3921 if ((cl->cl_auth = authsys_create_default()) == NULL) { 3922 if (verbose) 3923 syslog(LOG_ERR, "umount %s:%s: %s", 3924 host, path, 3925 "Failed creating default auth handle"); 3926 destroy_auth_client_handle(cl); 3927 continue; 3928 } 3929#ifdef MALLOC_DEBUG 3930 add_alloc("AUTH_HANDLE", cl->cl_auth, 0, __FILE__, __LINE__); 3931#endif 3932 timeout.tv_usec = 0; 3933 timeout.tv_sec = 5; 3934 rpc_stat = clnt_call(cl, MOUNTPROC_UMNT, xdr_dirpath, 3935 (caddr_t)&path, xdr_void, (char *)NULL, timeout); 3936 if (verbose && rpc_stat != RPC_SUCCESS) 3937 syslog(LOG_ERR, "%s: %s", 3938 host, clnt_sperror(cl, "unmount")); 3939 destroy_auth_client_handle(cl); 3940 } 3941 3942 free_replica(list, count); 3943 3944 if (trace > 1) 3945 trace_prt(1, " nfsunmount: umount %s OK\n", mnt->mnt_mountp); 3946 3947done: 3948 return (0); 3949} 3950 3951/* 3952 * Put a new entry in the cache chain by prepending it to the front. 3953 * If there isn't enough memory then just give up. 3954 */ 3955static void 3956cache_enter(host, reqvers, outvers, proto, state) 3957 char *host; 3958 rpcvers_t reqvers; 3959 rpcvers_t outvers; 3960 char *proto; 3961 int state; 3962{ 3963 struct cache_entry *entry; 3964 int cache_time = 30; /* sec */ 3965 3966 timenow = time(NULL); 3967 3968 entry = (struct cache_entry *)malloc(sizeof (struct cache_entry)); 3969 if (entry == NULL) 3970 return; 3971 (void) memset((caddr_t)entry, 0, sizeof (struct cache_entry)); 3972 entry->cache_host = strdup(host); 3973 if (entry->cache_host == NULL) { 3974 cache_free(entry); 3975 return; 3976 } 3977 entry->cache_reqvers = reqvers; 3978 entry->cache_outvers = outvers; 3979 entry->cache_proto = (proto == NULL ? NULL : strdup(proto)); 3980 entry->cache_state = state; 3981 entry->cache_time = timenow + cache_time; 3982 (void) rw_wrlock(&cache_lock); 3983#ifdef CACHE_DEBUG 3984 host_cache_accesses++; /* up host cache access counter */ 3985#endif /* CACHE DEBUG */ 3986 entry->cache_next = cache_head; 3987 cache_head = entry; 3988 (void) rw_unlock(&cache_lock); 3989} 3990 3991static int 3992cache_check(host, versp, proto) 3993 char *host; 3994 rpcvers_t *versp; 3995 char *proto; 3996{ 3997 int state = NOHOST; 3998 struct cache_entry *ce, *prev; 3999 4000 timenow = time(NULL); 4001 4002 (void) rw_rdlock(&cache_lock); 4003 4004#ifdef CACHE_DEBUG 4005 /* Increment the lookup and access counters for the host cache */ 4006 host_cache_accesses++; 4007 host_cache_lookups++; 4008 if ((host_cache_lookups%1000) == 0) 4009 trace_host_cache(); 4010#endif /* CACHE DEBUG */ 4011 4012 for (ce = cache_head; ce; ce = ce->cache_next) { 4013 if (timenow > ce->cache_time) { 4014 (void) rw_unlock(&cache_lock); 4015 (void) rw_wrlock(&cache_lock); 4016 for (prev = NULL, ce = cache_head; ce; 4017 prev = ce, ce = ce->cache_next) { 4018 if (timenow > ce->cache_time) { 4019 cache_free(ce); 4020 if (prev) 4021 prev->cache_next = NULL; 4022 else 4023 cache_head = NULL; 4024 break; 4025 } 4026 } 4027 (void) rw_unlock(&cache_lock); 4028 return (state); 4029 } 4030 if (strcmp(host, ce->cache_host) != 0) 4031 continue; 4032 if ((proto == NULL && ce->cache_proto != NULL) || 4033 (proto != NULL && ce->cache_proto == NULL)) 4034 continue; 4035 if (proto != NULL && 4036 strcmp(proto, ce->cache_proto) != 0) 4037 continue; 4038 4039 if (versp == NULL || 4040 (versp != NULL && *versp == ce->cache_reqvers) || 4041 (versp != NULL && *versp == ce->cache_outvers)) { 4042 if (versp != NULL) 4043 *versp = ce->cache_outvers; 4044 state = ce->cache_state; 4045 4046 /* increment the host cache hit counters */ 4047#ifdef CACHE_DEBUG 4048 if (state == GOODHOST) 4049 goodhost_cache_hits++; 4050 if (state == DEADHOST) 4051 deadhost_cache_hits++; 4052#endif /* CACHE_DEBUG */ 4053 (void) rw_unlock(&cache_lock); 4054 return (state); 4055 } 4056 } 4057 (void) rw_unlock(&cache_lock); 4058 return (state); 4059} 4060 4061/* 4062 * Free a cache entry and all entries 4063 * further down the chain since they 4064 * will also be expired. 4065 */ 4066static void 4067cache_free(entry) 4068 struct cache_entry *entry; 4069{ 4070 struct cache_entry *ce, *next = NULL; 4071 4072 for (ce = entry; ce; ce = next) { 4073 if (ce->cache_host) 4074 free(ce->cache_host); 4075 if (ce->cache_proto) 4076 free(ce->cache_proto); 4077 next = ce->cache_next; 4078 free(ce); 4079 } 4080} 4081 4082#ifdef MALLOC_DEBUG 4083void 4084cache_flush() 4085{ 4086 (void) rw_wrlock(&cache_lock); 4087 cache_free(cache_head); 4088 cache_head = NULL; 4089 (void) rw_unlock(&cache_lock); 4090} 4091 4092void 4093flush_caches() 4094{ 4095 mutex_lock(&cleanup_lock); 4096 cond_signal(&cleanup_start_cv); 4097 (void) cond_wait(&cleanup_done_cv, &cleanup_lock); 4098 mutex_unlock(&cleanup_lock); 4099 cache_flush(); 4100 portmap_cache_flush(); 4101} 4102#endif 4103 4104/* 4105 * Returns 1, if port option is NFS_PORT or 4106 * nfsd is running on the port given 4107 * Returns 0, if both port is not NFS_PORT and nfsd is not 4108 * running on the port. 4109 */ 4110 4111static int 4112is_nfs_port(char *opts) 4113{ 4114 struct mnttab m; 4115 uint_t nfs_port = 0; 4116 struct servent sv; 4117 char buf[256]; 4118 int got_port; 4119 4120 m.mnt_mntopts = opts; 4121 4122 /* 4123 * Get port specified in options list, if any. 4124 */ 4125 got_port = nopt(&m, MNTOPT_PORT, (int *)&nfs_port); 4126 4127 /* 4128 * if no port specified or it is same as NFS_PORT return nfs 4129 * To use any other daemon the port number should be different 4130 */ 4131 if (!got_port || nfs_port == NFS_PORT) 4132 return (1); 4133 /* 4134 * If daemon is nfsd, return nfs 4135 */ 4136 if (getservbyport_r(nfs_port, NULL, &sv, buf, 256) == &sv && 4137 strcmp(sv.s_name, "nfsd") == 0) 4138 return (1); 4139 4140 /* 4141 * daemon is not nfs 4142 */ 4143 return (0); 4144} 4145 4146 4147/* 4148 * destroy_auth_client_handle(cl) 4149 * destroys the created client handle 4150 */ 4151void 4152destroy_auth_client_handle(CLIENT *cl) 4153{ 4154 if (cl) { 4155 if (cl->cl_auth) { 4156#ifdef MALLOC_DEBUG 4157 drop_alloc("AUTH_HANDLE", cl->cl_auth, 4158 __FILE__, __LINE__); 4159#endif 4160 AUTH_DESTROY(cl->cl_auth); 4161 cl->cl_auth = NULL; 4162 } 4163#ifdef MALLOC_DEBUG 4164 drop_alloc("CLNT_HANDLE", cl, 4165 __FILE__, __LINE__); 4166#endif 4167 clnt_destroy(cl); 4168 } 4169} 4170 4171 4172/* 4173 * Attempt to figure out which version of NFS to use in pingnfs(). If 4174 * the version number was specified (i.e., non-zero), then use it. 4175 * Otherwise, default to the compiled-in default or the default as set 4176 * by the /etc/default/nfs configuration (as read by read_default(). 4177 */ 4178int 4179set_versrange(rpcvers_t nfsvers, rpcvers_t *vers, rpcvers_t *versmin) 4180{ 4181 switch (nfsvers) { 4182 case 0: 4183 *vers = vers_max_default; 4184 *versmin = vers_min_default; 4185 break; 4186 case NFS_V4: 4187 *vers = NFS_V4; 4188 *versmin = NFS_V4; 4189 break; 4190 case NFS_V3: 4191 *vers = NFS_V3; 4192 *versmin = NFS_V3; 4193 break; 4194 case NFS_VERSION: 4195 *vers = NFS_VERSION; /* version 2 */ 4196 *versmin = NFS_VERSMIN; /* version 2 */ 4197 break; 4198 default: 4199 return (-1); 4200 } 4201 return (0); 4202} 4203 4204#ifdef CACHE_DEBUG 4205/* 4206 * trace_portmap_cache() 4207 * traces the portmap cache values at desired points 4208 */ 4209static void 4210trace_portmap_cache() 4211{ 4212 syslog(LOG_ERR, "portmap_cache: accesses=%d lookups=%d hits=%d\n", 4213 portmap_cache_accesses, portmap_cache_lookups, 4214 portmap_cache_hits); 4215} 4216 4217/* 4218 * trace_host_cache() 4219 * traces the host cache values at desired points 4220 */ 4221static void 4222trace_host_cache() 4223{ 4224 syslog(LOG_ERR, 4225 "host_cache: accesses=%d lookups=%d deadhits=%d goodhits=%d\n", 4226 host_cache_accesses, host_cache_lookups, deadhost_cache_hits, 4227 goodhost_cache_hits); 4228} 4229#endif /* CACHE_DEBUG */ 4230 4231/* 4232 * Read the /etc/default/nfs configuration file to determine if the 4233 * client has been configured for a new min/max for the NFS version to 4234 * use. 4235 */ 4236 4237#define NFS_DEFAULT_CHECK 60 /* Seconds to check for nfs default changes */ 4238 4239static void 4240read_default_nfs(void) 4241{ 4242 static time_t lastread = 0; 4243 struct stat buf; 4244 char *defval; 4245 int errno; 4246 int tmp; 4247 4248 /* 4249 * Fail silently if we can't stat the default nfs config file 4250 */ 4251 if (stat(NFSADMIN, &buf)) 4252 return; 4253 4254 if (buf.st_mtime == lastread) 4255 return; 4256 4257 /* 4258 * Fail silently if error in opening the default nfs config file 4259 * We'll check back in NFS_DEFAULT_CHECK seconds 4260 */ 4261 if ((defopen(NFSADMIN)) == 0) { 4262 if ((defval = defread("NFS_CLIENT_VERSMIN=")) != NULL) { 4263 errno = 0; 4264 tmp = strtol(defval, (char **)NULL, 10); 4265 if (errno == 0) { 4266 vers_min_default = tmp; 4267 } 4268 } 4269 if ((defval = defread("NFS_CLIENT_VERSMAX=")) != NULL) { 4270 errno = 0; 4271 tmp = strtol(defval, (char **)NULL, 10); 4272 if (errno == 0) { 4273 vers_max_default = tmp; 4274 } 4275 } 4276 /* close defaults file */ 4277 defopen(NULL); 4278 4279 lastread = buf.st_mtime; 4280 4281 /* 4282 * Quick sanity check on the values picked up from the 4283 * defaults file. Make sure that a mistake wasn't 4284 * made that will confuse things later on. 4285 * If so, reset to compiled-in defaults 4286 */ 4287 if (vers_min_default > vers_max_default || 4288 vers_min_default < NFS_VERSMIN || 4289 vers_max_default > NFS_VERSMAX) { 4290 if (trace > 1) { 4291 trace_prt(1, 4292 " read_default: version minimum/maximum incorrectly configured\n"); 4293 trace_prt(1, 4294" read_default: config is min=%d, max%d. Resetting to min=%d, max%d\n", 4295 vers_min_default, vers_max_default, 4296 NFS_VERSMIN_DEFAULT, 4297 NFS_VERSMAX_DEFAULT); 4298 } 4299 vers_min_default = NFS_VERSMIN_DEFAULT; 4300 vers_max_default = NFS_VERSMAX_DEFAULT; 4301 } 4302 } 4303} 4304 4305/* 4306 * Find the mnttab entry that corresponds to "name". 4307 * We're not sure what the name represents: either 4308 * a mountpoint name, or a special name (server:/path). 4309 * Return the last entry in the file that matches. 4310 */ 4311static struct extmnttab * 4312mnttab_find(dirname) 4313 char *dirname; 4314{ 4315 FILE *fp; 4316 struct extmnttab mnt; 4317 struct extmnttab *res = NULL; 4318 4319 fp = fopen(MNTTAB, "r"); 4320 if (fp == NULL) { 4321 if (trace > 1) 4322 trace_prt(1, " mnttab_find: unable to open mnttab\n"); 4323 return (NULL); 4324 } 4325 while (getextmntent(fp, &mnt, sizeof (struct extmnttab)) == 0) { 4326 if (strcmp(mnt.mnt_mountp, dirname) == 0 || 4327 strcmp(mnt.mnt_special, dirname) == 0) { 4328 if (res) 4329 fsfreemnttab(res); 4330 res = fsdupmnttab(&mnt); 4331 } 4332 } 4333 4334 resetmnttab(fp); 4335 fclose(fp); 4336 if (res == NULL) { 4337 if (trace > 1) 4338 trace_prt(1, " mnttab_find: unable to find %s\n", 4339 dirname); 4340 } 4341 return (res); 4342} 4343 4344/* 4345 * This function's behavior is taken from nfsstat. 4346 * Trying to determine what NFS version was used for the mount. 4347 */ 4348static int 4349is_v4_mount(char *mntpath) 4350{ 4351 kstat_ctl_t *kc = NULL; /* libkstat cookie */ 4352 kstat_t *ksp; 4353 ulong_t fsid; 4354 struct mntinfo_kstat mik; 4355 struct extmnttab *mntp; 4356 uint_t mnt_minor; 4357 4358 if ((mntp = mnttab_find(mntpath)) == NULL) 4359 return (FALSE); 4360 4361 /* save the minor number and free the struct so we don't forget */ 4362 mnt_minor = mntp->mnt_minor; 4363 fsfreemnttab(mntp); 4364 4365 if ((kc = kstat_open()) == NULL) 4366 return (FALSE); 4367 4368 for (ksp = kc->kc_chain; ksp; ksp = ksp->ks_next) { 4369 if (ksp->ks_type != KSTAT_TYPE_RAW) 4370 continue; 4371 if (strcmp(ksp->ks_module, "nfs") != 0) 4372 continue; 4373 if (strcmp(ksp->ks_name, "mntinfo") != 0) 4374 continue; 4375 if (mnt_minor != ksp->ks_instance) 4376 continue; 4377 4378 if (kstat_read(kc, ksp, &mik) == -1) 4379 continue; 4380 4381 (void) kstat_close(kc); 4382 if (mik.mik_vers == 4) 4383 return (TRUE); 4384 else 4385 return (FALSE); 4386 } 4387 (void) kstat_close(kc); 4388 4389 return (FALSE); 4390} 4391 4392static int 4393create_homedir(const char *src, const char *dst) { 4394 4395 struct stat stbuf; 4396 char *dst_username; 4397 struct passwd *pwd, pwds; 4398 char buf_pwd[NSS_BUFLEN_PASSWD]; 4399 int homedir_len; 4400 int dst_dir_len; 4401 int src_dir_len; 4402 4403 if (trace > 1) 4404 trace_prt(1, "entered create_homedir\n"); 4405 4406 if (stat(src, &stbuf) == 0) { 4407 if (trace > 1) 4408 trace_prt(1, "src exists\n"); 4409 return (1); 4410 } 4411 4412 dst_username = strrchr(dst, '/'); 4413 if (dst_username) { 4414 dst_username++; /* Skip over slash */ 4415 pwd = getpwnam_r(dst_username, &pwds, buf_pwd, 4416 sizeof (buf_pwd)); 4417 if (pwd == NULL) { 4418 return (0); 4419 } 4420 } else { 4421 return (0); 4422 } 4423 4424 homedir_len = strlen(pwd->pw_dir); 4425 dst_dir_len = strlen(dst) - homedir_len; 4426 src_dir_len = strlen(src) - homedir_len; 4427 4428 /* Check that the paths are in the same zone */ 4429 if (src_dir_len < dst_dir_len || 4430 (strncmp(dst, src, dst_dir_len) != 0)) { 4431 if (trace > 1) 4432 trace_prt(1, " paths don't match\n"); 4433 return (0); 4434 } 4435 /* Check that mountpoint is an auto_home entry */ 4436 if (dst_dir_len < 0 || 4437 (strcmp(pwd->pw_dir, dst + dst_dir_len) != 0)) { 4438 return (0); 4439 } 4440 4441 /* Check that source is an home directory entry */ 4442 if (src_dir_len < 0 || 4443 (strcmp(pwd->pw_dir, src + src_dir_len) != 0)) { 4444 if (trace > 1) 4445 trace_prt(1, " homedir (2) doesn't match %s\n", 4446 src+src_dir_len); 4447 return (0); 4448 } 4449 4450 if (mkdir(src, 4451 S_IRUSR | S_IWUSR | S_IXUSR | S_IXGRP | S_IXOTH) == -1) { 4452 if (trace > 1) { 4453 trace_prt(1, " Couldn't mkdir %s\n", src); 4454 } 4455 return (0); 4456 } 4457 4458 if (chown(src, pwd->pw_uid, pwd->pw_gid) == -1) { 4459 unlink(src); 4460 return (0); 4461 } 4462 4463 /* Created new home directory for the user */ 4464 return (1); 4465} 4466 4467void 4468free_nfs_args(struct nfs_args *argp) 4469{ 4470 struct nfs_args *oldp; 4471 while (argp) { 4472 if (argp->pathconf) 4473 free(argp->pathconf); 4474 if (argp->knconf) 4475 free_knconf(argp->knconf); 4476 if (argp->addr) 4477 netbuf_free(argp->addr); 4478 if (argp->syncaddr) 4479 netbuf_free(argp->syncaddr); 4480 if (argp->netname) 4481 free(argp->netname); 4482 if (argp->hostname) 4483 free(argp->hostname); 4484 if (argp->nfs_ext_u.nfs_extB.secdata) 4485 nfs_free_secdata(argp->nfs_ext_u.nfs_extB.secdata); 4486 if (argp->fh) 4487 free(argp->fh); 4488 if (argp->nfs_ext_u.nfs_extA.secdata) { 4489 sec_data_t *sd; 4490 sd = argp->nfs_ext_u.nfs_extA.secdata; 4491 if (sd == NULL) 4492 break; 4493 switch (sd->rpcflavor) { 4494 case AUTH_NONE: 4495 case AUTH_UNIX: 4496 case AUTH_LOOPBACK: 4497 break; 4498 case AUTH_DES: 4499 { 4500 dh_k4_clntdata_t *dhk4; 4501 dhk4 = (dh_k4_clntdata_t *)sd->data; 4502 if (dhk4 == NULL) 4503 break; 4504 if (dhk4->syncaddr.buf) 4505 free(dhk4->syncaddr.buf); 4506 if (dhk4->knconf->knc_protofmly) 4507 free(dhk4->knconf->knc_protofmly); 4508 if (dhk4->knconf->knc_proto) 4509 free(dhk4->knconf->knc_proto); 4510 if (dhk4->knconf) 4511 free(dhk4->knconf); 4512 if (dhk4->netname) 4513 free(dhk4->netname); 4514 free(dhk4); 4515 break; 4516 } 4517 case RPCSEC_GSS: 4518 { 4519 gss_clntdata_t *gss; 4520 gss = (gss_clntdata_t *)sd->data; 4521 if (gss == NULL) 4522 break; 4523 if (gss->mechanism.elements) 4524 free(gss->mechanism.elements); 4525 free(gss); 4526 break; 4527 } 4528 } 4529 } 4530 oldp = argp; 4531 if (argp->nfs_args_ext == NFS_ARGS_EXTB) 4532 argp = argp->nfs_ext_u.nfs_extB.next; 4533 else 4534 argp = NULL; 4535 free(oldp); 4536 } 4537} 4538