/*
* Get the client's hostname from the transport handle
* If the name is not available then return "(anon)".
*/
void
getclientsnames(SVCXPRT *transp, struct netbuf **nbuf,
struct nd_hostservlist **serv)
{
struct netconfig *nconf;
char tmp[MAXIPADDRLEN];
char *host = NULL;
nconf = getnetconfigent(transp->xp_netid);
if (nconf == NULL) {
syslog(LOG_ERR, "%s: getnetconfigent failed",
transp->xp_netid);
*serv = anon_client(host);
return;
}
*nbuf = svc_getrpccaller(transp);
if (*nbuf == NULL) {
freenetconfigent(nconf);
*serv = anon_client(host);
return;
}
/*
* Use the this API instead of the netdir_getbyaddr()
* to avoid service lookup.
*/
if (__netdir_getbyaddr_nosrv(nconf, serv, *nbuf)) {
host = &tmp[0];
if (strcmp(nconf->nc_protofmly, NC_INET) == 0) {
struct sockaddr_in *sa;
/* LINTED pointer alignment */
sa = (struct sockaddr_in *)((*nbuf)->buf);
(void) inet_ntoa_r(sa->sin_addr, tmp);
*serv = anon_client(host);
freenetconfigent(nconf);
return;
} else if (strcmp(nconf->nc_protofmly, NC_INET6) == 0) {
struct sockaddr_in6 *sa;
/* LINTED pointer alignment */
sa = (struct sockaddr_in6 *)((*nbuf)->buf);
(void) inet_ntop(AF_INET6, sa->sin6_addr.s6_addr,
tmp, INET6_ADDRSTRLEN);
*serv = anon_client(host);
freenetconfigent(nconf);
return;
}
freenetconfigent(nconf);
*serv = anon_client(host);
return;
}
freenetconfigent(nconf);
}
/*
* check for trusted host and user
*/
static int
check_host(
struct svc_req *rqstp /* RPC stuff */
)
{
struct authsys_parms *sys_credp;
SVCXPRT *transp = rqstp->rq_xprt;
struct netconfig *nconfp = NULL;
struct nd_hostservlist *hservlistp = NULL;
int i;
int rval = -1;
char *inplace = NULL;
/* check for root */
/*LINTED*/
sys_credp = (struct authsys_parms *)rqstp->rq_clntcred;
assert(sys_credp != NULL);
if (sys_credp->aup_uid != 0)
goto out;
/* get hostnames */
if (transp->xp_netid == NULL) {
md_eprintf("transp->xp_netid == NULL\n");
goto out;
}
if ((nconfp = getnetconfigent(transp->xp_netid)) == NULL) {
#ifdef DEBUG
nc_perror("getnetconfigent(transp->xp_netid)");
#endif
goto out;
}
if ((__netdir_getbyaddr_nosrv(nconfp, &hservlistp, &transp->xp_rtaddr)
!= 0) || (hservlistp == NULL)) {
#ifdef DEBUG
netdir_perror("netdir_getbyaddr(transp->xp_rtaddr)");
#endif
goto out;
}
/* check hostnames */
for (i = 0; (i < hservlistp->h_cnt); ++i) {
struct nd_hostserv *hservp = &hservlistp->h_hostservs[i];
char *hostname = hservp->h_host;
inplace = strdup(hostname);
/* localhost is OK */
if (strcmp(hostname, mynode()) == 0) {
rval = 0;
goto out;
}
/* check for remote root access */
if (ruserok(hostname, 1, "root", "root") == 0) {
rval = 0;
goto out;
}
sdssc_cm_nm2nid(inplace);
if (strcmp(inplace, hostname)) {
/*
* If the names are now different it indicates
* that hostname was converted to a nodeid. This
* will only occur if hostname is part of the same
* cluster that the current node is in.
* If the machine is not running in a cluster than
* sdssc_cm_nm2nid is a noop which leaves inplace
* alone.
*/
rval = 0;
goto out;
}
}
/* cleanup, return success */
out:
if (inplace)
free(inplace);
if (hservlistp != NULL)
netdir_free(hservlistp, ND_HOSTSERVLIST);
if (nconfp != NULL)
Free(nconfp);
return (rval);
}
static char *
charmap_search(struct netbuf *nbuf, char *opts)
{
char *copts;
char *next;
char *name;
char *result = NULL;
char *netid;
struct netconfig *nconf;
struct nd_hostservlist *hl = NULL;
struct sockaddr *sa;
/* eventually charopts should be dynamically setup */
if (charopts == NULL) {
free(copts);
return (NULL);
}
sa = (struct sockaddr *)nbuf->buf;
switch (sa->sa_family) {
case AF_INET:
nconf = getnetconfigent("tcp");
break;
case AF_INET6:
nconf = getnetconfigent("tcp6");
break;
default:
return (NULL);
}
if (nconf == NULL) {
return (NULL);
}
/*
* Use the this API instead of the netdir_getbyaddr()
* to avoid service lookup.
*/
if (__netdir_getbyaddr_nosrv(nconf, &hl, nbuf)) {
syslog(LOG_ERR, "netdir: %s\n", netdir_sperror());
freenetconfigent(nconf);
return (NULL);
}
copts = strdup(opts);
if (copts == NULL) {
freenetconfigent(nconf);
return (NULL);
}
next = copts;
while (*next != '\0') {
char *val;
name = next;
if (getsubopt(&next, charopts, &val) >= 0) {
char *cp;
/*
* name will have the whole opt and val the value. Set
* the '=' to '\0' and we have the charmap in name and
* the access list in val.
*/
cp = strchr(name, '=');
if (cp != NULL)
*cp = '\0';
if (in_access_list(nbuf, hl, val)) {
result = name;
break;
}
}
}
if (result != NULL)
result = strdup(result);
free(copts);
freenetconfigent(nconf);
return (result);
}
