1 /* $NetBSD: xdr_rec.c,v 1.18 2000/07/06 03:10:35 christos Exp $ */
4 * SPDX-License-Identifier: BSD-3-Clause
6 * Copyright (c) 2010, Oracle America, Inc.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions are
12 * * Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 * * Redistributions in binary form must reproduce the above
15 * copyright notice, this list of conditions and the following
16 * disclaimer in the documentation and/or other materials
17 * provided with the distribution.
18 * * Neither the name of the "Oracle America, Inc." nor the names of its
19 * contributors may be used to endorse or promote products derived
20 * from this software without specific prior written permission.
22 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
23 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
24 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
25 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
26 * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
27 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
29 * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
30 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
31 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
32 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
33 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
37 * xdr_rec.c, Implements TCP/IP based XDR streams with a "record marking"
38 * layer above tcp (for rpc's use).
40 * These routines interface XDRSTREAMS to a tcp/ip connection.
41 * There is a record marking layer between the xdr stream
42 * and the tcp transport level. A record is composed on one or more
43 * record fragments. A record fragment is a thirty-two bit header followed
44 * by n bytes of data, where n is contained in the header. The header
45 * is represented as a htonl(u_long). Thegh order bit encodes
46 * whether or not the fragment is the last fragment of the record
47 * (1 => fragment is last, 0 => more fragments to follow.
48 * The other 31 bits encode the byte length of the fragment.
51 #include "namespace.h"
52 #include <sys/types.h>
54 #include <netinet/in.h>
61 #include <rpc/types.h>
66 #include <sys/stddef.h>
67 #include "un-namespace.h"
70 static bool_t xdrrec_getlong(XDR *, long *);
71 static bool_t xdrrec_putlong(XDR *, const long *);
72 static bool_t xdrrec_getbytes(XDR *, char *, u_int);
74 static bool_t xdrrec_putbytes(XDR *, const char *, u_int);
75 static u_int xdrrec_getpos(XDR *);
76 static bool_t xdrrec_setpos(XDR *, u_int);
77 static int32_t *xdrrec_inline(XDR *, u_int);
78 static void xdrrec_destroy(XDR *);
80 static const struct xdr_ops xdrrec_ops = {
92 * A record is composed of one or more record fragments.
93 * A record fragment is a four-byte header followed by zero to
94 * 2**32-1 bytes. The header is treated as a long unsigned and is
95 * encode/decoded to the network via htonl/ntohl. The low order 31 bits
96 * are a byte count of the fragment. The highest order bit is a boolean:
97 * 1 => this fragment is the last fragment of the record,
98 * 0 => this fragment is followed by more fragment(s).
100 * The fragment/record machinery is not general; it is constructed to
101 * meet the needs of xdr and rpc based on tcp.
104 #define LAST_FRAG ((u_int32_t)(1U << 31))
106 typedef struct rec_strm {
111 int (*writeit)(void *, void *, int);
112 char *out_base; /* output buffer (points to frag header) */
113 char *out_finger; /* next output position */
114 char *out_boundry; /* data cannot up to this address */
115 u_int32_t *frag_header; /* beginning of current fragment */
116 bool_t frag_sent; /* true if buffer sent in middle of record */
120 int (*readit)(void *, void *, int);
121 u_long in_size; /* fixed size of the input buffer */
123 char *in_finger; /* location of next byte to be had */
124 char *in_boundry; /* can read up to this location */
125 long fbtbc; /* fragment bytes to be consumed */
131 bool_t in_haveheader;
140 static u_int fix_buf_size(u_int);
141 static bool_t flush_out(RECSTREAM *, bool_t);
142 static bool_t fill_input_buf(RECSTREAM *);
143 static bool_t get_input_bytes(RECSTREAM *, char *, int);
144 static bool_t set_input_fragment(RECSTREAM *);
145 static bool_t skip_input_bytes(RECSTREAM *, long);
146 static bool_t realloc_stream(RECSTREAM *, int);
150 * Create an xdr handle for xdrrec
151 * xdrrec_create fills in xdrs. Sendsize and recvsize are
152 * send and recv buffer sizes (0 => use default).
153 * tcp_handle is an opaque handle that is passed as the first parameter to
154 * the procedures readit and writeit. Readit and writeit are read and
155 * write respectively. They are like the system
156 * calls expect that they take an opaque handle rather than an fd.
159 xdrrec_create(XDR *xdrs, u_int sendsize, u_int recvsize, void *tcp_handle,
160 int (*readit)(void *, void *, int), int (*writeit)(void *, void *, int))
166 * // like read, but pass it a tcp_handle, not sock
167 * int (*readit)(void *, void *, int);
168 * // like write, but pass it a tcp_handle, not sock
169 * int (*writeit)(void *, void *, int);
172 RECSTREAM *rstrm = mem_alloc(sizeof(RECSTREAM));
175 warnx("xdrrec_create: out of memory");
177 * This is bad. Should rework xdrrec_create to
178 * return a handle, and in this case return NULL
182 rstrm->sendsize = sendsize = fix_buf_size(sendsize);
183 rstrm->out_base = mem_alloc(rstrm->sendsize);
184 if (rstrm->out_base == NULL) {
185 warnx("xdrrec_create: out of memory");
186 mem_free(rstrm, sizeof(RECSTREAM));
189 rstrm->recvsize = recvsize = fix_buf_size(recvsize);
190 rstrm->in_base = mem_alloc(recvsize);
191 if (rstrm->in_base == NULL) {
192 warnx("xdrrec_create: out of memory");
193 mem_free(rstrm->out_base, sendsize);
194 mem_free(rstrm, sizeof(RECSTREAM));
200 xdrs->x_ops = &xdrrec_ops;
201 xdrs->x_private = rstrm;
202 rstrm->tcp_handle = tcp_handle;
203 rstrm->readit = readit;
204 rstrm->writeit = writeit;
205 rstrm->out_finger = rstrm->out_boundry = rstrm->out_base;
206 rstrm->frag_header = (u_int32_t *)(void *)rstrm->out_base;
207 rstrm->out_finger += sizeof(u_int32_t);
208 rstrm->out_boundry += sendsize;
209 rstrm->frag_sent = FALSE;
210 rstrm->in_size = recvsize;
211 rstrm->in_boundry = rstrm->in_base;
212 rstrm->in_finger = (rstrm->in_boundry += recvsize);
214 rstrm->last_frag = TRUE;
215 rstrm->in_haveheader = FALSE;
216 rstrm->in_hdrlen = 0;
217 rstrm->in_hdrp = (char *)(void *)&rstrm->in_header;
218 rstrm->nonblock = FALSE;
219 rstrm->in_reclen = 0;
220 rstrm->in_received = 0;
225 * The reoutines defined below are the xdr ops which will go into the
226 * xdr handle filled in by xdrrec_create.
230 xdrrec_getlong(XDR *xdrs, long *lp)
232 RECSTREAM *rstrm = (RECSTREAM *)(xdrs->x_private);
233 int32_t *buflp = (int32_t *)(void *)(rstrm->in_finger);
236 /* first try the inline, fast case */
237 if ((rstrm->fbtbc >= sizeof(int32_t)) &&
238 (((long)rstrm->in_boundry - (long)buflp) >= sizeof(int32_t))) {
239 *lp = (long)ntohl((u_int32_t)(*buflp));
240 rstrm->fbtbc -= sizeof(int32_t);
241 rstrm->in_finger += sizeof(int32_t);
243 if (! xdrrec_getbytes(xdrs, (char *)(void *)&mylong,
246 *lp = (long)ntohl((u_int32_t)mylong);
252 xdrrec_putlong(XDR *xdrs, const long *lp)
254 RECSTREAM *rstrm = (RECSTREAM *)(xdrs->x_private);
255 int32_t *dest_lp = ((int32_t *)(void *)(rstrm->out_finger));
257 if ((rstrm->out_finger += sizeof(int32_t)) > rstrm->out_boundry) {
259 * this case should almost never happen so the code is
262 rstrm->out_finger -= sizeof(int32_t);
263 rstrm->frag_sent = TRUE;
264 if (! flush_out(rstrm, FALSE))
266 dest_lp = ((int32_t *)(void *)(rstrm->out_finger));
267 rstrm->out_finger += sizeof(int32_t);
269 *dest_lp = (int32_t)htonl((u_int32_t)(*lp));
273 static bool_t /* must manage buffers, fragments, and records */
274 xdrrec_getbytes(XDR *xdrs, char *addr, u_int len)
276 RECSTREAM *rstrm = (RECSTREAM *)(xdrs->x_private);
280 current = (int)rstrm->fbtbc;
282 if (rstrm->last_frag)
284 if (! set_input_fragment(rstrm))
288 current = (len < current) ? len : current;
289 if (! get_input_bytes(rstrm, addr, current))
292 rstrm->fbtbc -= current;
299 xdrrec_putbytes(XDR *xdrs, const char *addr, u_int len)
301 RECSTREAM *rstrm = (RECSTREAM *)(xdrs->x_private);
305 current = (size_t)((u_long)rstrm->out_boundry -
306 (u_long)rstrm->out_finger);
307 current = (len < current) ? len : current;
308 memmove(rstrm->out_finger, addr, current);
309 rstrm->out_finger += current;
312 if (rstrm->out_finger == rstrm->out_boundry) {
313 rstrm->frag_sent = TRUE;
314 if (! flush_out(rstrm, FALSE))
322 xdrrec_getpos(XDR *xdrs)
324 RECSTREAM *rstrm = (RECSTREAM *)xdrs->x_private;
327 pos = lseek((int)(u_long)rstrm->tcp_handle, (off_t)0, 1);
330 switch (xdrs->x_op) {
333 pos += rstrm->out_finger - rstrm->out_base;
337 pos -= rstrm->in_boundry - rstrm->in_finger;
344 return ((u_int) pos);
348 xdrrec_setpos(XDR *xdrs, u_int pos)
350 RECSTREAM *rstrm = (RECSTREAM *)xdrs->x_private;
351 u_int currpos = xdrrec_getpos(xdrs);
352 int delta = currpos - pos;
355 if ((int)currpos != -1)
356 switch (xdrs->x_op) {
359 newpos = rstrm->out_finger - delta;
360 if ((newpos > (char *)(void *)(rstrm->frag_header)) &&
361 (newpos < rstrm->out_boundry)) {
362 rstrm->out_finger = newpos;
368 newpos = rstrm->in_finger - delta;
369 if ((delta < (int)(rstrm->fbtbc)) &&
370 (newpos <= rstrm->in_boundry) &&
371 (newpos >= rstrm->in_base)) {
372 rstrm->in_finger = newpos;
373 rstrm->fbtbc -= delta;
385 xdrrec_inline(XDR *xdrs, u_int len)
387 RECSTREAM *rstrm = (RECSTREAM *)xdrs->x_private;
390 switch (xdrs->x_op) {
393 if ((rstrm->out_finger + len) <= rstrm->out_boundry) {
394 buf = (int32_t *)(void *)rstrm->out_finger;
395 rstrm->out_finger += len;
400 if ((len <= rstrm->fbtbc) &&
401 ((rstrm->in_finger + len) <= rstrm->in_boundry)) {
402 buf = (int32_t *)(void *)rstrm->in_finger;
404 rstrm->in_finger += len;
415 xdrrec_destroy(XDR *xdrs)
417 RECSTREAM *rstrm = (RECSTREAM *)xdrs->x_private;
419 mem_free(rstrm->out_base, rstrm->sendsize);
420 mem_free(rstrm->in_base, rstrm->recvsize);
421 mem_free(rstrm, sizeof(RECSTREAM));
426 * Exported routines to manage xdr records
430 * Before reading (deserializing from the stream, one should always call
431 * this procedure to guarantee proper record alignment.
434 xdrrec_skiprecord(XDR *xdrs)
436 RECSTREAM *rstrm = (RECSTREAM *)(xdrs->x_private);
437 enum xprt_stat xstat;
439 if (rstrm->nonblock) {
440 if (__xdrrec_getrec(xdrs, &xstat, FALSE)) {
444 if (rstrm->in_finger == rstrm->in_boundry &&
445 xstat == XPRT_MOREREQS) {
452 while (rstrm->fbtbc > 0 || (! rstrm->last_frag)) {
453 if (! skip_input_bytes(rstrm, rstrm->fbtbc))
456 if ((! rstrm->last_frag) && (! set_input_fragment(rstrm)))
459 rstrm->last_frag = FALSE;
464 * Look ahead function.
465 * Returns TRUE iff there is no more input in the buffer
466 * after consuming the rest of the current record.
469 xdrrec_eof(XDR *xdrs)
471 RECSTREAM *rstrm = (RECSTREAM *)(xdrs->x_private);
473 while (rstrm->fbtbc > 0 || (! rstrm->last_frag)) {
474 if (! skip_input_bytes(rstrm, rstrm->fbtbc))
477 if ((! rstrm->last_frag) && (! set_input_fragment(rstrm)))
480 if (rstrm->in_finger == rstrm->in_boundry)
486 * The client must tell the package when an end-of-record has occurred.
487 * The second paraemters tells whether the record should be flushed to the
488 * (output) tcp stream. (This let's the package support batched or
489 * pipelined procedure calls.) TRUE => immediate flush to tcp connection.
492 xdrrec_endofrecord(XDR *xdrs, bool_t sendnow)
494 RECSTREAM *rstrm = (RECSTREAM *)(xdrs->x_private);
495 u_long len; /* fragment length */
497 if (sendnow || rstrm->frag_sent ||
498 ((u_long)rstrm->out_finger + sizeof(u_int32_t) >=
499 (u_long)rstrm->out_boundry)) {
500 rstrm->frag_sent = FALSE;
501 return (flush_out(rstrm, TRUE));
503 len = (u_long)(rstrm->out_finger) - (u_long)(rstrm->frag_header) -
505 *(rstrm->frag_header) = htonl((u_int32_t)len | LAST_FRAG);
506 rstrm->frag_header = (u_int32_t *)(void *)rstrm->out_finger;
507 rstrm->out_finger += sizeof(u_int32_t);
512 * Fill the stream buffer with a record for a non-blocking connection.
513 * Return true if a record is available in the buffer, false if not.
516 __xdrrec_getrec(XDR *xdrs, enum xprt_stat *statp, bool_t expectdata)
518 RECSTREAM *rstrm = (RECSTREAM *)(xdrs->x_private);
522 if (!rstrm->in_haveheader) {
523 n = rstrm->readit(rstrm->tcp_handle, rstrm->in_hdrp,
524 (int)sizeof (rstrm->in_header) - rstrm->in_hdrlen);
526 *statp = expectdata ? XPRT_DIED : XPRT_IDLE;
534 rstrm->in_hdrlen += n;
535 if (rstrm->in_hdrlen < sizeof (rstrm->in_header)) {
536 *statp = XPRT_MOREREQS;
539 rstrm->in_header = ntohl(rstrm->in_header);
540 fraglen = (int)(rstrm->in_header & ~LAST_FRAG);
541 if (fraglen == 0 || fraglen > rstrm->in_maxrec ||
542 (rstrm->in_reclen + fraglen) > rstrm->in_maxrec) {
546 rstrm->in_reclen += fraglen;
547 if (rstrm->in_reclen > rstrm->recvsize)
548 realloc_stream(rstrm, rstrm->in_reclen);
549 if (rstrm->in_header & LAST_FRAG) {
550 rstrm->in_header &= ~LAST_FRAG;
551 rstrm->last_frag = TRUE;
554 * We can only reasonably expect to read once from a
555 * non-blocking stream. Reading the fragment header
556 * may have drained the stream.
561 n = rstrm->readit(rstrm->tcp_handle,
562 rstrm->in_base + rstrm->in_received,
563 (rstrm->in_reclen - rstrm->in_received));
571 *statp = expectdata ? XPRT_DIED : XPRT_IDLE;
575 rstrm->in_received += n;
577 if (rstrm->in_received == rstrm->in_reclen) {
578 rstrm->in_haveheader = FALSE;
579 rstrm->in_hdrp = (char *)(void *)&rstrm->in_header;
580 rstrm->in_hdrlen = 0;
581 if (rstrm->last_frag) {
582 rstrm->fbtbc = rstrm->in_reclen;
583 rstrm->in_boundry = rstrm->in_base + rstrm->in_reclen;
584 rstrm->in_finger = rstrm->in_base;
585 rstrm->in_reclen = rstrm->in_received = 0;
586 *statp = XPRT_MOREREQS;
591 *statp = XPRT_MOREREQS;
596 __xdrrec_setnonblock(XDR *xdrs, int maxrec)
598 RECSTREAM *rstrm = (RECSTREAM *)(xdrs->x_private);
600 rstrm->nonblock = TRUE;
602 maxrec = rstrm->recvsize;
603 rstrm->in_maxrec = maxrec;
608 * Internal useful routines
611 flush_out(RECSTREAM *rstrm, bool_t eor)
613 u_int32_t eormask = (eor == TRUE) ? LAST_FRAG : 0;
614 u_int32_t len = (u_int32_t)((u_long)(rstrm->out_finger) -
615 (u_long)(rstrm->frag_header) - sizeof(u_int32_t));
617 *(rstrm->frag_header) = htonl(len | eormask);
618 len = (u_int32_t)((u_long)(rstrm->out_finger) -
619 (u_long)(rstrm->out_base));
620 if ((*(rstrm->writeit))(rstrm->tcp_handle, rstrm->out_base, (int)len)
623 rstrm->frag_header = (u_int32_t *)(void *)rstrm->out_base;
624 rstrm->out_finger = (char *)rstrm->out_base + sizeof(u_int32_t);
628 static bool_t /* knows nothing about records! Only about input buffers */
629 fill_input_buf(RECSTREAM *rstrm)
638 where = rstrm->in_base;
639 i = (u_int32_t)((u_long)rstrm->in_boundry % BYTES_PER_XDR_UNIT);
641 len = (u_int32_t)(rstrm->in_size - i);
642 if ((len = (*(rstrm->readit))(rstrm->tcp_handle, where, len)) == -1)
644 rstrm->in_finger = where;
646 rstrm->in_boundry = where;
650 static bool_t /* knows nothing about records! Only about input buffers */
651 get_input_bytes(RECSTREAM *rstrm, char *addr, int len)
655 if (rstrm->nonblock) {
656 if (len > (int)(rstrm->in_boundry - rstrm->in_finger))
658 memcpy(addr, rstrm->in_finger, (size_t)len);
659 rstrm->in_finger += len;
664 current = (size_t)((long)rstrm->in_boundry -
665 (long)rstrm->in_finger);
667 if (! fill_input_buf(rstrm))
671 current = (len < current) ? len : current;
672 memmove(addr, rstrm->in_finger, current);
673 rstrm->in_finger += current;
680 static bool_t /* next two bytes of the input stream are treated as a header */
681 set_input_fragment(RECSTREAM *rstrm)
687 if (! get_input_bytes(rstrm, (char *)(void *)&header, sizeof(header)))
689 header = ntohl(header);
690 rstrm->last_frag = ((header & LAST_FRAG) == 0) ? FALSE : TRUE;
692 * Sanity check. Try not to accept wildly incorrect
693 * record sizes. Unfortunately, the only record size
694 * we can positively identify as being 'wildly incorrect'
695 * is zero. Ridiculously large record sizes may look wrong,
696 * but we don't have any way to be certain that they aren't
697 * what the client actually intended to send us.
701 rstrm->fbtbc = header & (~LAST_FRAG);
705 static bool_t /* consumes input bytes; knows nothing about records! */
706 skip_input_bytes(RECSTREAM *rstrm, long cnt)
711 current = (size_t)((long)rstrm->in_boundry -
712 (long)rstrm->in_finger);
714 if (! fill_input_buf(rstrm))
718 current = (u_int32_t)((cnt < current) ? cnt : current);
719 rstrm->in_finger += current;
726 fix_buf_size(u_int s)
735 * Reallocate the input buffer for a non-block stream.
738 realloc_stream(RECSTREAM *rstrm, int size)
743 if (size > rstrm->recvsize) {
744 buf = realloc(rstrm->in_base, (size_t)size);
747 diff = buf - rstrm->in_base;
748 rstrm->in_finger += diff;
749 rstrm->in_base = buf;
750 rstrm->in_boundry = buf + size;
751 rstrm->recvsize = size;
752 rstrm->in_size = size;