/*
* Services SM_SIMU_CRASH requests.
*/
void *
sm_simu_crash_1_svc (void *argp, struct svc_req *rqstp)
{
struct sockaddr_in *sin = nfs_getrpccaller_in(rqstp->rq_xprt);
static char *result = NULL;
struct in_addr caller;
if (sin->sin_family != AF_INET) {
note(N_WARNING, "Call to statd from non-AF_INET address");
goto failure;
}
caller = sin->sin_addr;
if (caller.s_addr != htonl(INADDR_LOOPBACK)) {
note(N_WARNING, "Call to statd from non-local host %s",
inet_ntoa(caller));
goto failure;
}
if (ntohs(sin->sin_port) >= 1024) {
note(N_WARNING, "Call to statd-simu-crash from unprivileged port");
goto failure;
}
note (N_WARNING, "*** SIMULATING CRASH! ***");
my_svc_exit ();
if (rtnl)
nlist_kill (&rtnl);
failure:
return ((void *)&result);
}
bool_t
mount_umntall_1_svc(struct svc_req *rqstp, void *argp, void *resp)
{
/* Reload /etc/xtab if necessary */
auth_reload();
mountlist_del_all(nfs_getrpccaller_in(rqstp->rq_xprt));
return 1;
}
bool_t
mount_exportall_1_svc(struct svc_req *rqstp, void *argp, exports *resp)
{
struct sockaddr_in *addr = nfs_getrpccaller_in(rqstp->rq_xprt);
xlog(D_CALL, "exportall request from %s.", inet_ntoa(addr->sin_addr));
*resp = get_exportlist();
return 1;
}
bool_t
mount_dump_1_svc(struct svc_req *rqstp, void *argp, mountlist *res)
{
struct sockaddr_in *addr = nfs_getrpccaller_in(rqstp->rq_xprt);
xlog(D_CALL, "dump request from %s.", inet_ntoa(addr->sin_addr));
*res = mountlist_list();
return 1;
}
static void
sm_prog_1_wrapper (struct svc_req *rqstp, register SVCXPRT *transp)
{
struct sockaddr_in *sin = nfs_getrpccaller_in(transp);
/* remote host authorization check */
if (sin->sin_family == AF_INET &&
!check_default("statd", sin, rqstp->rq_proc, SM_PROG)) {
svcerr_auth (transp, AUTH_FAILED);
return;
}
sm_prog_1 (rqstp, transp);
}
/*
* Reject requests from non-loopback addresses in order
* to prevent attack described in CERT CA-99.05.
*/
static int
caller_is_localhost(struct svc_req *rqstp)
{
struct sockaddr_in *sin = nfs_getrpccaller_in(rqstp->rq_xprt);
struct in_addr caller;
caller = sin->sin_addr;
if (caller.s_addr != htonl(INADDR_LOOPBACK)) {
note(N_WARNING,
"Call to statd from non-local host %s",
inet_ntoa(caller));
return 0;
}
return 1;
}
/*
* MNTv2 pathconf procedure
*
* The protocol doesn't include a status field, so Sun apparently considers
* it good practice to let anyone snoop on your system, even if it's
* pretty harmless data such as pathconf. We don't.
*
* Besides, many of the pathconf values don't make much sense on NFS volumes.
* FIFOs and tty device files represent devices on the *client*, so there's
* no point in getting the server's buffer sizes etc.
*/
bool_t
mount_pathconf_2_svc(struct svc_req *rqstp, dirpath *path, ppathcnf *res)
{
struct sockaddr_in *sin = nfs_getrpccaller_in(rqstp->rq_xprt);
struct stat stb;
nfs_export *exp;
char rpath[MAXPATHLEN+1];
char *p = *path;
memset(res, 0, sizeof(*res));
if (*p == '\0')
p = "/";
/* Reload /etc/xtab if necessary */
auth_reload();
/* Resolve symlinks */
if (realpath(p, rpath) != NULL) {
rpath[sizeof (rpath) - 1] = '\0';
p = rpath;
}
/* Now authenticate the intruder... */
exp = auth_authenticate("pathconf", sin, p);
if (!exp) {
return 1;
} else if (stat(p, &stb) < 0) {
xlog(L_WARNING, "can't stat exported dir %s: %s",
p, strerror(errno));
return 1;
}
res->pc_link_max = pathconf(p, _PC_LINK_MAX);
res->pc_max_canon = pathconf(p, _PC_MAX_CANON);
res->pc_max_input = pathconf(p, _PC_MAX_INPUT);
res->pc_name_max = pathconf(p, _PC_NAME_MAX);
res->pc_path_max = pathconf(p, _PC_PATH_MAX);
res->pc_pipe_buf = pathconf(p, _PC_PIPE_BUF);
res->pc_vdisable = pathconf(p, _PC_VDISABLE);
/* Can't figure out what to do with pc_mask */
res->pc_mask[0] = 0;
res->pc_mask[1] = 0;
return 1;
}
bool_t
mount_umnt_1_svc(struct svc_req *rqstp, dirpath *argp, void *resp)
{
struct sockaddr_in *sin = nfs_getrpccaller_in(rqstp->rq_xprt);
nfs_export *exp;
char *p = *argp;
char rpath[MAXPATHLEN+1];
if (*p == '\0')
p = "/";
if (realpath(p, rpath) != NULL) {
rpath[sizeof (rpath) - 1] = '\0';
p = rpath;
}
if (!(exp = auth_authenticate("unmount", sin, p))) {
return 1;
}
mountlist_del(inet_ntoa(sin->sin_addr), p);
return 1;
}
static struct nfs_fh_len *
get_rootfh(struct svc_req *rqstp, dirpath *path, nfs_export **expret,
mountstat3 *error, int v3)
{
struct sockaddr_in *sin = nfs_getrpccaller_in(rqstp->rq_xprt);
struct stat stb, estb;
nfs_export *exp;
struct nfs_fh_len *fh;
char rpath[MAXPATHLEN+1];
char *p = *path;
if (*p == '\0')
p = "/";
/* Reload /var/lib/nfs/etab if necessary */
auth_reload();
/* Resolve symlinks */
if (realpath(p, rpath) != NULL) {
rpath[sizeof (rpath) - 1] = '\0';
p = rpath;
}
/* Now authenticate the intruder... */
exp = auth_authenticate("mount", sin, p);
if (!exp) {
*error = NFSERR_ACCES;
return NULL;
}
if (stat(p, &stb) < 0) {
xlog(L_WARNING, "can't stat exported dir %s: %s",
p, strerror(errno));
if (errno == ENOENT)
*error = NFSERR_NOENT;
else
*error = NFSERR_ACCES;
return NULL;
}
if (!S_ISDIR(stb.st_mode) && !S_ISREG(stb.st_mode)) {
xlog(L_WARNING, "%s is not a directory or regular file", p);
*error = NFSERR_NOTDIR;
return NULL;
}
if (stat(exp->m_export.e_path, &estb) < 0) {
xlog(L_WARNING, "can't stat export point %s: %s",
p, strerror(errno));
*error = NFSERR_NOENT;
return NULL;
}
if (estb.st_dev != stb.st_dev
&& (!new_cache
|| !(exp->m_export.e_flags & NFSEXP_CROSSMOUNT))) {
xlog(L_WARNING, "request to export directory %s below nearest filesystem %s",
p, exp->m_export.e_path);
*error = NFSERR_ACCES;
return NULL;
}
if (exp->m_export.e_mountpoint &&
!is_mountpoint(exp->m_export.e_mountpoint[0]?
exp->m_export.e_mountpoint:
exp->m_export.e_path)) {
xlog(L_WARNING, "request to export an unmounted filesystem: %s",
p);
*error = NFSERR_NOENT;
return NULL;
}
if (new_cache) {
/* This will be a static private nfs_export with just one
* address. We feed it to kernel then extract the filehandle,
*
*/
if (cache_export(exp, p)) {
*error = NFSERR_ACCES;
return NULL;
}
fh = cache_get_filehandle(exp, v3?64:32, p);
if (fh == NULL) {
*error = NFSERR_ACCES;
return NULL;
}
} else {
int did_export = 0;
retry:
if (exp->m_exported<1) {
export_export(exp);
did_export = 1;
}
if (!exp->m_xtabent)
xtab_append(exp);
if (v3)
fh = getfh_size ((struct sockaddr *) sin, p, 64);
if (!v3 || (fh == NULL && errno == EINVAL)) {
/* We first try the new nfs syscall. */
fh = getfh ((struct sockaddr *) sin, p);
if (fh == NULL && errno == EINVAL)
/* Let's try the old one. */
fh = getfh_old ((struct sockaddr *) sin,
stb.st_dev, stb.st_ino);
}
if (fh == NULL && !did_export) {
exp->m_exported = 0;
goto retry;
}
if (fh == NULL) {
xlog(L_WARNING, "getfh failed: %s", strerror(errno));
*error = NFSERR_ACCES;
return NULL;
}
}
*error = NFS_OK;
mountlist_add(inet_ntoa(sin->sin_addr), p);
if (expret)
*expret = exp;
return fh;
}
