2 * Copyright (c) 1989, 1993
3 * The Regents of the University of California. All rights reserved.
5 * This code is derived from software contributed to Berkeley by
6 * Herb Hasler and Rick Macklem at The University of Guelph.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 4. Neither the name of the University nor the names of its contributors
17 * may be used to endorse or promote products derived from this software
18 * without specific prior written permission.
20 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 static const char copyright[] =
35 "@(#) Copyright (c) 1989, 1993\n\
36 The Regents of the University of California. All rights reserved.\n";
41 static char sccsid[] = "@(#)mountd.c 8.15 (Berkeley) 5/1/95";
45 #include <sys/cdefs.h>
46 __FBSDID("$FreeBSD$");
48 #include <sys/param.h>
49 #include <sys/fcntl.h>
50 #include <sys/linker.h>
51 #include <sys/module.h>
52 #include <sys/mount.h>
54 #include <sys/sysctl.h>
55 #include <sys/syslog.h>
58 #include <rpc/rpc_com.h>
59 #include <rpc/pmap_clnt.h>
60 #include <rpc/pmap_prot.h>
61 #include <rpcsvc/mount.h>
62 #include <nfs/nfsproto.h>
63 #include <nfs/nfssvc.h>
64 #include <nfsserver/nfs.h>
66 #include <fs/nfs/nfsport.h>
68 #include <arpa/inet.h>
83 #include "pathnames.h"
91 * Structures for keeping the mount list and export list
94 struct mountlist *ml_next;
95 char ml_host[MNTNAMLEN+1];
96 char ml_dirp[MNTPATHLEN+1];
100 struct dirlist *dp_left;
101 struct dirlist *dp_right;
103 struct hostlist *dp_hosts; /* List of hosts this dir exported to */
104 char dp_dirp[1]; /* Actually malloc'd to size of dir */
107 #define DP_DEFSET 0x1
108 #define DP_HOSTSET 0x2
111 struct exportlist *ex_next;
112 struct dirlist *ex_dirl;
113 struct dirlist *ex_defdir;
118 int ex_numsecflavors;
119 int ex_secflavors[MAXSECFLAVORS];
120 int ex_defnumsecflavors;
121 int ex_defsecflavors[MAXSECFLAVORS];
124 #define EX_LINKED 0x1
127 struct sockaddr_storage nt_net;
128 struct sockaddr_storage nt_mask;
133 struct addrinfo *gt_addrinfo;
134 struct netmsk gt_net;
139 union grouptypes gr_ptr;
140 struct grouplist *gr_next;
141 int gr_numsecflavors;
142 int gr_secflavors[MAXSECFLAVORS];
148 #define GT_DEFAULT 0x3
149 #define GT_IGNORE 0x5
152 int ht_flag; /* Uses DP_xx bits */
153 struct grouplist *ht_grp;
154 struct hostlist *ht_next;
161 int fhr_numsecflavors;
165 #define GETPORT_MAXTRY 20 /* Max tries to get a port # */
168 char *add_expdir(struct dirlist **, char *, int);
169 void add_dlist(struct dirlist **, struct dirlist *,
170 struct grouplist *, int, struct exportlist *);
171 void add_mlist(char *, char *);
172 int check_dirpath(char *);
173 int check_options(struct dirlist *);
174 int checkmask(struct sockaddr *sa);
175 int chk_host(struct dirlist *, struct sockaddr *, int *, int *, int *,
177 static int create_service(struct netconfig *nconf);
178 static void complete_service(struct netconfig *nconf, char *port_str);
179 static void clearout_service(void);
180 void del_mlist(char *hostp, char *dirp);
181 struct dirlist *dirp_search(struct dirlist *, char *);
182 int do_mount(struct exportlist *, struct grouplist *, int,
183 struct xucred *, char *, int, struct statfs *);
184 int do_opt(char **, char **, struct exportlist *, struct grouplist *,
185 int *, int *, struct xucred *);
186 struct exportlist *ex_search(fsid_t *);
187 struct exportlist *get_exp(void);
188 void free_dir(struct dirlist *);
189 void free_exp(struct exportlist *);
190 void free_grp(struct grouplist *);
191 void free_host(struct hostlist *);
192 void get_exportlist(void);
193 int get_host(char *, struct grouplist *, struct grouplist *);
194 struct hostlist *get_ht(void);
196 void get_mountlist(void);
197 int get_net(char *, struct netmsk *, int);
198 void getexp_err(struct exportlist *, struct grouplist *);
199 struct grouplist *get_grp(void);
200 void hang_dirp(struct dirlist *, struct grouplist *,
201 struct exportlist *, int);
202 void huphandler(int sig);
203 int makemask(struct sockaddr_storage *ssp, int bitlen);
204 void mntsrv(struct svc_req *, SVCXPRT *);
205 void nextfield(char **, char **);
206 void out_of_mem(void);
207 void parsecred(char *, struct xucred *);
208 int parsesec(char *, struct exportlist *);
209 int put_exlist(struct dirlist *, XDR *, struct dirlist *, int *, int);
210 void *sa_rawaddr(struct sockaddr *sa, int *nbytes);
211 int sacmp(struct sockaddr *sa1, struct sockaddr *sa2,
212 struct sockaddr *samask);
213 int scan_tree(struct dirlist *, struct sockaddr *);
214 static void usage(void);
215 int xdr_dir(XDR *, char *);
216 int xdr_explist(XDR *, caddr_t);
217 int xdr_explist_brief(XDR *, caddr_t);
218 int xdr_explist_common(XDR *, caddr_t, int);
219 int xdr_fhs(XDR *, caddr_t);
220 int xdr_mlist(XDR *, caddr_t);
223 struct exportlist *exphead;
224 struct mountlist *mlhead;
225 struct grouplist *grphead;
226 char *exnames_default[2] = { _PATH_EXPORTS, NULL };
229 struct xucred def_anon = {
237 int resvport_only = 1;
244 char *svcport_str = NULL;
245 static int mallocd_svcport = 0;
247 static int sock_fdcnt;
248 static int sock_fdpos;
251 static int have_v6 = 1;
253 int v4root_phase = 0;
254 char v4root_dirpath[PATH_MAX + 1];
255 int run_v4server = 0;
256 int has_publicfh = 0;
258 struct pidfh *pfh = NULL;
259 /* Bits for opt_flags above */
260 #define OP_MAPROOT 0x01
261 #define OP_MAPALL 0x02
265 #define OP_ALLDIRS 0x40
266 #define OP_HAVEMASK 0x80 /* A mask was specified or inferred. */
267 #define OP_QUIET 0x100
268 #define OP_MASKLEN 0x200
273 void SYSLOG(int, const char *, ...) __printflike(2, 3);
274 #define syslog SYSLOG
280 * Mountd server for NFS mount protocol as described in:
281 * NFS: Network File System Protocol Specification, RFC1094, Appendix A
282 * The optional arguments are the exports file name
283 * default: _PATH_EXPORTS
284 * and "-n" to allow nonroot mount.
287 main(int argc, char **argv)
290 struct netconfig *nconf;
291 char *endptr, **hosts_bak;
296 int maxrec = RPC_MAXDATASIZE;
297 int attempt_cnt, port_len, port_pos, ret;
300 /* Check that another mountd isn't already running. */
301 pfh = pidfile_open(_PATH_MOUNTDPID, 0600, &otherpid);
304 errx(1, "mountd already running, pid: %d.", otherpid);
305 warn("cannot open or create pidfile");
308 s = socket(AF_INET6, SOCK_DGRAM, IPPROTO_UDP);
314 while ((c = getopt(argc, argv, "2deh:lnp:r")) != -1)
329 debug = debug ? 0 : 1;
336 svcport = (in_port_t)strtoul(optarg, &endptr, 10);
337 if (endptr == NULL || *endptr != '\0' ||
338 svcport == 0 || svcport >= IPPORT_MAX)
340 svcport_str = strdup(optarg);
345 hosts_bak = realloc(hosts, nhosts * sizeof(char *));
346 if (hosts_bak == NULL) {
348 for (k = 0; k < nhosts; k++)
355 hosts[nhosts - 1] = strdup(optarg);
356 if (hosts[nhosts - 1] == NULL) {
357 for (k = 0; k < (nhosts - 1); k++)
368 * If the "-e" option was specified OR only the nfsd module is
369 * found in the server, run "nfsd".
370 * Otherwise, try and run "nfsserver".
372 if (run_v4server > 0) {
373 if (modfind("nfsd") < 0) {
374 /* Not present in kernel, try loading it */
375 if (kldload("nfsd") < 0 || modfind("nfsd") < 0)
376 errx(1, "NFS server is not available");
378 } else if (modfind("nfsserver") < 0 && modfind("nfsd") >= 0) {
380 } else if (modfind("nfsserver") < 0) {
381 /* Not present in kernel, try loading it */
382 if (kldload("nfsserver") < 0 || modfind("nfsserver") < 0)
383 errx(1, "NFS server is not available");
388 grphead = (struct grouplist *)NULL;
389 exphead = (struct exportlist *)NULL;
390 mlhead = (struct mountlist *)NULL;
394 exnames = exnames_default;
395 openlog("mountd", LOG_PID, LOG_DAEMON);
397 warnx("getting export list");
400 warnx("getting mount list");
406 signal(SIGINT, SIG_IGN);
407 signal(SIGQUIT, SIG_IGN);
409 signal(SIGHUP, huphandler);
410 signal(SIGTERM, terminate);
411 signal(SIGPIPE, SIG_IGN);
415 rpcb_unset(MOUNTPROG, MOUNTVERS, NULL);
416 rpcb_unset(MOUNTPROG, MOUNTVERS3, NULL);
417 rpc_control(RPC_SVC_CONNMAXREC_SET, &maxrec);
419 if (!resvport_only) {
420 if (sysctlbyname("vfs.nfsrv.nfs_privport", NULL, NULL,
421 &resvport_only, sizeof(resvport_only)) != 0 &&
423 syslog(LOG_ERR, "sysctl: %m");
429 * If no hosts were specified, add a wildcard entry to bind to
430 * INADDR_ANY. Otherwise make sure 127.0.0.1 and ::1 are added to the
434 hosts = malloc(sizeof(char**));
442 hosts_bak = realloc(hosts, (nhosts + 2) *
444 if (hosts_bak == NULL) {
445 for (k = 0; k < nhosts; k++)
452 hosts[nhosts - 2] = "::1";
454 hosts_bak = realloc(hosts, (nhosts + 1) * sizeof(char *));
455 if (hosts_bak == NULL) {
456 for (k = 0; k < nhosts; k++)
466 hosts[nhosts - 1] = "127.0.0.1";
474 nc_handle = setnetconfig();
475 while ((nconf = getnetconfig(nc_handle))) {
476 if (nconf->nc_flag & NC_VISIBLE) {
477 if (have_v6 == 0 && strcmp(nconf->nc_protofmly,
481 ret = create_service(nconf);
483 /* Ignore this call */
487 * Failed to bind port, so close off
488 * all sockets created and try again
489 * if the port# was dynamically
490 * assigned via bind(2).
493 if (mallocd_svcport != 0 &&
494 attempt_cnt < GETPORT_MAXTRY) {
501 "bindresvport_sa: %m");
505 /* Start over at the first service. */
509 nc_handle = setnetconfig();
511 } else if (mallocd_svcport != 0 &&
512 attempt_cnt == GETPORT_MAXTRY) {
514 * For the last attempt, allow
515 * different port #s for each nconf
516 * by saving the svcport_str and
517 * setting it back to NULL.
519 port_list = realloc(port_list,
520 (port_len + 1) * sizeof(char *));
521 if (port_list == NULL)
523 port_list[port_len++] = svcport_str;
532 * Successfully bound the ports, so call complete_service() to
533 * do the rest of the setup on the service(s).
537 nc_handle = setnetconfig();
538 while ((nconf = getnetconfig(nc_handle))) {
539 if (nconf->nc_flag & NC_VISIBLE) {
540 if (have_v6 == 0 && strcmp(nconf->nc_protofmly,
543 } else if (port_list != NULL) {
544 if (port_pos >= port_len) {
545 syslog(LOG_ERR, "too many port#s");
548 complete_service(nconf, port_list[port_pos++]);
550 complete_service(nconf, svcport_str);
553 endnetconfig(nc_handle);
555 if (port_list != NULL) {
556 for (port_pos = 0; port_pos < port_len; port_pos++)
557 free(port_list[port_pos]);
562 syslog(LOG_ERR, "could not create any services");
566 /* Expand svc_run() here so that we can call get_exportlist(). */
573 switch (select(svc_maxfd + 1, &readfds, NULL, NULL, NULL)) {
577 syslog(LOG_ERR, "mountd died: select: %m");
582 svc_getreqset(&readfds);
588 * This routine creates and binds sockets on the appropriate
589 * addresses. It gets called one time for each transport.
590 * It returns 0 upon success, 1 for ingore the call and -1 to indicate
591 * bind failed with EADDRINUSE.
592 * Any file descriptors that have been created are stored in sock_fd and
593 * the total count of them is maintained in sock_fdcnt.
596 create_service(struct netconfig *nconf)
598 struct addrinfo hints, *res = NULL;
599 struct sockaddr_in *sin;
600 struct sockaddr_in6 *sin6;
601 struct __rpc_sockinfo si;
607 u_int32_t host_addr[4]; /* IPv4 or IPv6 */
610 if ((nconf->nc_semantics != NC_TPI_CLTS) &&
611 (nconf->nc_semantics != NC_TPI_COTS) &&
612 (nconf->nc_semantics != NC_TPI_COTS_ORD))
613 return (1); /* not my type */
616 * XXX - using RPC library internal functions.
618 if (!__rpc_nconf2sockinfo(nconf, &si)) {
619 syslog(LOG_ERR, "cannot get information for %s",
624 /* Get mountd's address on this transport */
625 memset(&hints, 0, sizeof hints);
626 hints.ai_flags = AI_PASSIVE;
627 hints.ai_family = si.si_af;
628 hints.ai_socktype = si.si_socktype;
629 hints.ai_protocol = si.si_proto;
632 * Bind to specific IPs if asked to
635 while (nhostsbak > 0) {
637 sock_fd = realloc(sock_fd, (sock_fdcnt + 1) * sizeof(int));
640 sock_fd[sock_fdcnt++] = -1; /* Set invalid for now. */
644 * XXX - using RPC library internal functions.
646 if ((fd = __rpc_nconf2fd(nconf)) < 0) {
648 if (errno == EPROTONOSUPPORT &&
649 nconf->nc_semantics != NC_TPI_CLTS)
652 syslog(non_fatal ? LOG_DEBUG : LOG_ERR,
653 "cannot create socket for %s", nconf->nc_netid);
659 switch (hints.ai_family) {
661 if (inet_pton(AF_INET, hosts[nhostsbak],
663 hints.ai_flags |= AI_NUMERICHOST;
666 * Skip if we have an AF_INET6 address.
668 if (inet_pton(AF_INET6, hosts[nhostsbak],
676 if (inet_pton(AF_INET6, hosts[nhostsbak],
678 hints.ai_flags |= AI_NUMERICHOST;
681 * Skip if we have an AF_INET address.
683 if (inet_pton(AF_INET, hosts[nhostsbak],
691 * We're doing host-based access checks here, so don't
692 * allow v4-in-v6 to confuse things. The kernel will
693 * disable it by default on NFS sockets too.
695 if (setsockopt(fd, IPPROTO_IPV6, IPV6_V6ONLY, &one,
698 "can't disable v4-in-v6 on IPv6 socket");
707 * If no hosts were specified, just bind to INADDR_ANY
709 if (strcmp("*", hosts[nhostsbak]) == 0) {
710 if (svcport_str == NULL) {
711 res = malloc(sizeof(struct addrinfo));
715 res->ai_flags = hints.ai_flags;
716 res->ai_family = hints.ai_family;
717 res->ai_protocol = hints.ai_protocol;
718 switch (res->ai_family) {
720 sin = malloc(sizeof(struct sockaddr_in));
723 sin->sin_family = AF_INET;
724 sin->sin_port = htons(0);
725 sin->sin_addr.s_addr = htonl(INADDR_ANY);
726 res->ai_addr = (struct sockaddr*) sin;
727 res->ai_addrlen = (socklen_t)
728 sizeof(struct sockaddr_in);
731 sin6 = malloc(sizeof(struct sockaddr_in6));
734 sin6->sin6_family = AF_INET6;
735 sin6->sin6_port = htons(0);
736 sin6->sin6_addr = in6addr_any;
737 res->ai_addr = (struct sockaddr*) sin6;
738 res->ai_addrlen = (socklen_t)
739 sizeof(struct sockaddr_in6);
742 syslog(LOG_ERR, "bad addr fam %d",
747 if ((aicode = getaddrinfo(NULL, svcport_str,
748 &hints, &res)) != 0) {
750 "cannot get local address for %s: %s",
752 gai_strerror(aicode));
758 if ((aicode = getaddrinfo(hosts[nhostsbak], svcport_str,
759 &hints, &res)) != 0) {
761 "cannot get local address for %s: %s",
762 nconf->nc_netid, gai_strerror(aicode));
769 sock_fd[sock_fdcnt - 1] = fd;
771 /* Now, attempt the bind. */
772 r = bindresvport_sa(fd, res->ai_addr);
774 if (errno == EADDRINUSE && mallocd_svcport != 0) {
775 if (mallocd_res != 0) {
782 syslog(LOG_ERR, "bindresvport_sa: %m");
786 if (svcport_str == NULL) {
787 svcport_str = malloc(NI_MAXSERV * sizeof(char));
788 if (svcport_str == NULL)
792 if (getnameinfo(res->ai_addr,
793 res->ai_addr->sa_len, NULL, NI_MAXHOST,
794 svcport_str, NI_MAXSERV * sizeof(char),
795 NI_NUMERICHOST | NI_NUMERICSERV))
796 errx(1, "Cannot get port number");
798 if (mallocd_res != 0) {
809 * Called after all the create_service() calls have succeeded, to complete
810 * the setup and registration.
813 complete_service(struct netconfig *nconf, char *port_str)
815 struct addrinfo hints, *res = NULL;
816 struct __rpc_sockinfo si;
817 struct netbuf servaddr;
818 SVCXPRT *transp = NULL;
819 int aicode, fd, nhostsbak;
822 if ((nconf->nc_semantics != NC_TPI_CLTS) &&
823 (nconf->nc_semantics != NC_TPI_COTS) &&
824 (nconf->nc_semantics != NC_TPI_COTS_ORD))
825 return; /* not my type */
828 * XXX - using RPC library internal functions.
830 if (!__rpc_nconf2sockinfo(nconf, &si)) {
831 syslog(LOG_ERR, "cannot get information for %s",
837 while (nhostsbak > 0) {
839 if (sock_fdpos >= sock_fdcnt) {
840 /* Should never happen. */
841 syslog(LOG_ERR, "Ran out of socket fd's");
844 fd = sock_fd[sock_fdpos++];
848 if (nconf->nc_semantics != NC_TPI_CLTS)
849 listen(fd, SOMAXCONN);
851 if (nconf->nc_semantics == NC_TPI_CLTS )
852 transp = svc_dg_create(fd, 0, 0);
854 transp = svc_vc_create(fd, RPC_MAXDATASIZE,
857 if (transp != (SVCXPRT *) NULL) {
858 if (!svc_reg(transp, MOUNTPROG, MOUNTVERS, mntsrv,
861 "can't register %s MOUNTVERS service",
864 if (!svc_reg(transp, MOUNTPROG, MOUNTVERS3,
867 "can't register %s MOUNTVERS3 service",
871 syslog(LOG_WARNING, "can't create %s services",
874 if (registered == 0) {
876 memset(&hints, 0, sizeof hints);
877 hints.ai_flags = AI_PASSIVE;
878 hints.ai_family = si.si_af;
879 hints.ai_socktype = si.si_socktype;
880 hints.ai_protocol = si.si_proto;
882 if ((aicode = getaddrinfo(NULL, port_str, &hints,
884 syslog(LOG_ERR, "cannot get local address: %s",
885 gai_strerror(aicode));
889 servaddr.buf = malloc(res->ai_addrlen);
890 memcpy(servaddr.buf, res->ai_addr, res->ai_addrlen);
891 servaddr.len = res->ai_addrlen;
893 rpcb_set(MOUNTPROG, MOUNTVERS, nconf, &servaddr);
894 rpcb_set(MOUNTPROG, MOUNTVERS3, nconf, &servaddr);
903 * Clear out sockets after a failure to bind one of them, so that the
904 * cycle of socket creation/binding can start anew.
907 clearout_service(void)
911 for (i = 0; i < sock_fdcnt; i++) {
912 if (sock_fd[i] >= 0) {
913 shutdown(sock_fd[i], SHUT_RDWR);
923 "usage: mountd [-2] [-d] [-e] [-l] [-n] [-p <port>] [-r] "
924 "[-h <bindip>] [export_file ...]\n");
929 * The mount rpc service
932 mntsrv(struct svc_req *rqstp, SVCXPRT *transp)
934 struct exportlist *ep;
939 char host[NI_MAXHOST], numerichost[NI_MAXHOST];
940 int lookup_failed = 1;
941 struct sockaddr *saddr;
943 char rpcpath[MNTPATHLEN + 1], dirpath[MAXPATHLEN];
944 int bad = 0, defset, hostset;
945 sigset_t sighup_mask;
946 int numsecflavors, *secflavorsp;
948 sigemptyset(&sighup_mask);
949 sigaddset(&sighup_mask, SIGHUP);
950 saddr = svc_getrpccaller(transp)->buf;
951 switch (saddr->sa_family) {
953 sport = ntohs(((struct sockaddr_in6 *)saddr)->sin6_port);
956 sport = ntohs(((struct sockaddr_in *)saddr)->sin_port);
959 syslog(LOG_ERR, "request from unknown address family");
962 lookup_failed = getnameinfo(saddr, saddr->sa_len, host, sizeof host,
964 getnameinfo(saddr, saddr->sa_len, numerichost,
965 sizeof numerichost, NULL, 0, NI_NUMERICHOST);
966 switch (rqstp->rq_proc) {
968 if (!svc_sendreply(transp, (xdrproc_t)xdr_void, NULL))
969 syslog(LOG_ERR, "can't send reply");
972 if (sport >= IPPORT_RESERVED && resvport_only) {
974 "mount request from %s from unprivileged port",
976 svcerr_weakauth(transp);
979 if (!svc_getargs(transp, (xdrproc_t)xdr_dir, rpcpath)) {
980 syslog(LOG_NOTICE, "undecodable mount request from %s",
982 svcerr_decode(transp);
987 * Get the real pathname and make sure it is a directory
988 * or a regular file if the -r option was specified
991 if (realpath(rpcpath, dirpath) == NULL ||
992 stat(dirpath, &stb) < 0 ||
993 (!S_ISDIR(stb.st_mode) &&
994 (dir_only || !S_ISREG(stb.st_mode))) ||
995 statfs(dirpath, &fsb) < 0) {
996 chdir("/"); /* Just in case realpath doesn't */
998 "mount request from %s for non existent path %s",
999 numerichost, dirpath);
1001 warnx("stat failed on %s", dirpath);
1002 bad = ENOENT; /* We will send error reply later */
1005 /* Check in the exports list */
1006 sigprocmask(SIG_BLOCK, &sighup_mask, NULL);
1007 ep = ex_search(&fsb.f_fsid);
1008 hostset = defset = 0;
1009 if (ep && (chk_host(ep->ex_defdir, saddr, &defset, &hostset,
1010 &numsecflavors, &secflavorsp) ||
1011 ((dp = dirp_search(ep->ex_dirl, dirpath)) &&
1012 chk_host(dp, saddr, &defset, &hostset, &numsecflavors,
1014 (defset && scan_tree(ep->ex_defdir, saddr) == 0 &&
1015 scan_tree(ep->ex_dirl, saddr) == 0))) {
1017 if (!svc_sendreply(transp, (xdrproc_t)xdr_long,
1019 syslog(LOG_ERR, "can't send reply");
1020 sigprocmask(SIG_UNBLOCK, &sighup_mask, NULL);
1023 if (hostset & DP_HOSTSET) {
1024 fhr.fhr_flag = hostset;
1025 fhr.fhr_numsecflavors = numsecflavors;
1026 fhr.fhr_secflavors = secflavorsp;
1028 fhr.fhr_flag = defset;
1029 fhr.fhr_numsecflavors = ep->ex_defnumsecflavors;
1030 fhr.fhr_secflavors = ep->ex_defsecflavors;
1032 fhr.fhr_vers = rqstp->rq_vers;
1033 /* Get the file handle */
1034 memset(&fhr.fhr_fh, 0, sizeof(nfsfh_t));
1035 if (getfh(dirpath, (fhandle_t *)&fhr.fhr_fh) < 0) {
1037 syslog(LOG_ERR, "can't get fh for %s", dirpath);
1038 if (!svc_sendreply(transp, (xdrproc_t)xdr_long,
1040 syslog(LOG_ERR, "can't send reply");
1041 sigprocmask(SIG_UNBLOCK, &sighup_mask, NULL);
1044 if (!svc_sendreply(transp, (xdrproc_t)xdr_fhs,
1046 syslog(LOG_ERR, "can't send reply");
1048 add_mlist(host, dirpath);
1050 add_mlist(numerichost, dirpath);
1052 warnx("mount successful");
1055 "mount request succeeded from %s for %s",
1056 numerichost, dirpath);
1060 "mount request denied from %s for %s",
1061 numerichost, dirpath);
1064 if (bad && !svc_sendreply(transp, (xdrproc_t)xdr_long,
1066 syslog(LOG_ERR, "can't send reply");
1067 sigprocmask(SIG_UNBLOCK, &sighup_mask, NULL);
1069 case MOUNTPROC_DUMP:
1070 if (!svc_sendreply(transp, (xdrproc_t)xdr_mlist, (caddr_t)NULL))
1071 syslog(LOG_ERR, "can't send reply");
1074 "dump request succeeded from %s",
1077 case MOUNTPROC_UMNT:
1078 if (sport >= IPPORT_RESERVED && resvport_only) {
1080 "umount request from %s from unprivileged port",
1082 svcerr_weakauth(transp);
1085 if (!svc_getargs(transp, (xdrproc_t)xdr_dir, rpcpath)) {
1086 syslog(LOG_NOTICE, "undecodable umount request from %s",
1088 svcerr_decode(transp);
1091 if (realpath(rpcpath, dirpath) == NULL) {
1092 syslog(LOG_NOTICE, "umount request from %s "
1093 "for non existent path %s",
1094 numerichost, dirpath);
1096 if (!svc_sendreply(transp, (xdrproc_t)xdr_void, (caddr_t)NULL))
1097 syslog(LOG_ERR, "can't send reply");
1099 del_mlist(host, dirpath);
1100 del_mlist(numerichost, dirpath);
1103 "umount request succeeded from %s for %s",
1104 numerichost, dirpath);
1106 case MOUNTPROC_UMNTALL:
1107 if (sport >= IPPORT_RESERVED && resvport_only) {
1109 "umountall request from %s from unprivileged port",
1111 svcerr_weakauth(transp);
1114 if (!svc_sendreply(transp, (xdrproc_t)xdr_void, (caddr_t)NULL))
1115 syslog(LOG_ERR, "can't send reply");
1117 del_mlist(host, NULL);
1118 del_mlist(numerichost, NULL);
1121 "umountall request succeeded from %s",
1124 case MOUNTPROC_EXPORT:
1125 if (!svc_sendreply(transp, (xdrproc_t)xdr_explist, (caddr_t)NULL))
1126 if (!svc_sendreply(transp, (xdrproc_t)xdr_explist_brief,
1128 syslog(LOG_ERR, "can't send reply");
1131 "export request succeeded from %s",
1135 svcerr_noproc(transp);
1141 * Xdr conversion for a dirpath string
1144 xdr_dir(XDR *xdrsp, char *dirp)
1146 return (xdr_string(xdrsp, &dirp, MNTPATHLEN));
1150 * Xdr routine to generate file handle reply
1153 xdr_fhs(XDR *xdrsp, caddr_t cp)
1155 struct fhreturn *fhrp = (struct fhreturn *)cp;
1156 u_long ok = 0, len, auth;
1159 if (!xdr_long(xdrsp, &ok))
1161 switch (fhrp->fhr_vers) {
1163 return (xdr_opaque(xdrsp, (caddr_t)&fhrp->fhr_fh, NFSX_V2FH));
1166 if (!xdr_long(xdrsp, &len))
1168 if (!xdr_opaque(xdrsp, (caddr_t)&fhrp->fhr_fh, len))
1170 if (fhrp->fhr_numsecflavors) {
1171 if (!xdr_int(xdrsp, &fhrp->fhr_numsecflavors))
1173 for (i = 0; i < fhrp->fhr_numsecflavors; i++)
1174 if (!xdr_int(xdrsp, &fhrp->fhr_secflavors[i]))
1180 if (!xdr_long(xdrsp, &len))
1182 return (xdr_long(xdrsp, &auth));
1189 xdr_mlist(XDR *xdrsp, caddr_t cp __unused)
1191 struct mountlist *mlp;
1198 if (!xdr_bool(xdrsp, &true))
1200 strp = &mlp->ml_host[0];
1201 if (!xdr_string(xdrsp, &strp, MNTNAMLEN))
1203 strp = &mlp->ml_dirp[0];
1204 if (!xdr_string(xdrsp, &strp, MNTPATHLEN))
1208 if (!xdr_bool(xdrsp, &false))
1214 * Xdr conversion for export list
1217 xdr_explist_common(XDR *xdrsp, caddr_t cp __unused, int brief)
1219 struct exportlist *ep;
1222 sigset_t sighup_mask;
1224 sigemptyset(&sighup_mask);
1225 sigaddset(&sighup_mask, SIGHUP);
1226 sigprocmask(SIG_BLOCK, &sighup_mask, NULL);
1230 if (put_exlist(ep->ex_dirl, xdrsp, ep->ex_defdir,
1233 if (ep->ex_defdir && putdef == 0 &&
1234 put_exlist(ep->ex_defdir, xdrsp, (struct dirlist *)NULL,
1239 sigprocmask(SIG_UNBLOCK, &sighup_mask, NULL);
1240 if (!xdr_bool(xdrsp, &false))
1244 sigprocmask(SIG_UNBLOCK, &sighup_mask, NULL);
1249 * Called from xdr_explist() to traverse the tree and export the
1253 put_exlist(struct dirlist *dp, XDR *xdrsp, struct dirlist *adp, int *putdefp,
1256 struct grouplist *grp;
1257 struct hostlist *hp;
1264 if (put_exlist(dp->dp_left, xdrsp, adp, putdefp, brief))
1266 if (!xdr_bool(xdrsp, &true))
1269 if (!xdr_string(xdrsp, &strp, MNTPATHLEN))
1271 if (adp && !strcmp(dp->dp_dirp, adp->dp_dirp)) {
1276 if (!xdr_bool(xdrsp, &true))
1279 if (!xdr_string(xdrsp, &strp, MNTPATHLEN))
1281 } else if ((dp->dp_flag & DP_DEFSET) == 0 &&
1282 (gotalldir == 0 || (adp->dp_flag & DP_DEFSET) == 0)) {
1286 if (grp->gr_type == GT_HOST) {
1287 if (!xdr_bool(xdrsp, &true))
1289 strp = grp->gr_ptr.gt_addrinfo->ai_canonname;
1290 if (!xdr_string(xdrsp, &strp,
1293 } else if (grp->gr_type == GT_NET) {
1294 if (!xdr_bool(xdrsp, &true))
1296 strp = grp->gr_ptr.gt_net.nt_name;
1297 if (!xdr_string(xdrsp, &strp,
1302 if (gotalldir && hp == (struct hostlist *)NULL) {
1308 if (!xdr_bool(xdrsp, &false))
1310 if (put_exlist(dp->dp_right, xdrsp, adp, putdefp, brief))
1317 xdr_explist(XDR *xdrsp, caddr_t cp)
1320 return xdr_explist_common(xdrsp, cp, 0);
1324 xdr_explist_brief(XDR *xdrsp, caddr_t cp)
1327 return xdr_explist_common(xdrsp, cp, 1);
1335 * Get the export list from one, currently open file
1338 get_exportlist_one(void)
1340 struct exportlist *ep, *ep2;
1341 struct grouplist *grp, *tgrp;
1342 struct exportlist **epp;
1343 struct dirlist *dirhead;
1346 char *cp, *endcp, *dirp, *hst, *usr, *dom, savedc;
1347 int len, has_host, exflags, got_nondir, dirplen, netgrp;
1350 dirhead = (struct dirlist *)NULL;
1351 while (get_line()) {
1353 warnx("got line %s", line);
1355 nextfield(&cp, &endcp);
1364 exflags = MNT_EXPORTED;
1367 ep = (struct exportlist *)NULL;
1371 * Handle the V4 root dir.
1373 if (*cp == 'V' && *(cp + 1) == '4' && *(cp + 2) == ':') {
1375 * V4: just indicates that it is the v4 root point,
1376 * so skip over that and set v4root_phase.
1378 if (v4root_phase > 0) {
1379 syslog(LOG_ERR, "V4:duplicate line, ignored");
1384 nextfield(&cp, &endcp);
1388 * Create new exports list entry
1391 tgrp = grp = get_grp();
1393 if (len > MNTNAMLEN) {
1394 getexp_err(ep, tgrp);
1398 if (ep == (struct exportlist *)NULL) {
1399 getexp_err(ep, tgrp);
1403 warnx("doing opt %s", cp);
1405 if (do_opt(&cp, &endcp, ep, grp, &has_host,
1407 getexp_err(ep, tgrp);
1410 } else if (*cp == '/') {
1413 if (v4root_phase > 1) {
1415 syslog(LOG_ERR, "Multiple V4 dirs");
1416 getexp_err(ep, tgrp);
1420 if (check_dirpath(cp) &&
1421 statfs(cp, &fsb) >= 0) {
1423 syslog(LOG_ERR, "dirs must be first");
1424 getexp_err(ep, tgrp);
1427 if (v4root_phase == 1) {
1429 syslog(LOG_ERR, "Multiple V4 dirs");
1430 getexp_err(ep, tgrp);
1433 if (strlen(v4root_dirpath) == 0) {
1434 strlcpy(v4root_dirpath, cp,
1435 sizeof (v4root_dirpath));
1436 } else if (strcmp(v4root_dirpath, cp)
1439 "different V4 dirpath %s", cp);
1440 getexp_err(ep, tgrp);
1449 if (ep->ex_fs.val[0] !=
1450 fsb.f_fsid.val[0] ||
1452 fsb.f_fsid.val[1]) {
1453 getexp_err(ep, tgrp);
1458 * See if this directory is already
1461 ep = ex_search(&fsb.f_fsid);
1462 if (ep == (struct exportlist *)NULL) {
1464 ep->ex_fs = fsb.f_fsid;
1465 ep->ex_fsdir = (char *)malloc
1466 (strlen(fsb.f_mntonname) + 1);
1468 strcpy(ep->ex_fsdir,
1474 "making new ep fs=0x%x,0x%x",
1478 warnx("found ep fs=0x%x,0x%x",
1484 * Add dirpath to export mount point.
1486 dirp = add_expdir(&dirhead, cp, len);
1490 getexp_err(ep, tgrp);
1498 if (ep == (struct exportlist *)NULL) {
1499 getexp_err(ep, tgrp);
1504 * Get the host or netgroup.
1507 netgrp = getnetgrent(&hst, &usr, &dom);
1510 grp->gr_next = get_grp();
1516 "null hostname in netgroup %s, skipping", cp);
1517 grp->gr_type = GT_IGNORE;
1518 } else if (get_host(hst, grp, tgrp)) {
1520 "bad host %s in netgroup %s, skipping", hst, cp);
1521 grp->gr_type = GT_IGNORE;
1523 } else if (get_host(cp, grp, tgrp)) {
1524 syslog(LOG_ERR, "bad host %s, skipping", cp);
1525 grp->gr_type = GT_IGNORE;
1528 } while (netgrp && getnetgrent(&hst, &usr, &dom));
1533 nextfield(&cp, &endcp);
1536 if (check_options(dirhead)) {
1537 getexp_err(ep, tgrp);
1541 grp->gr_type = GT_DEFAULT;
1543 warnx("adding a default entry");
1546 * Don't allow a network export coincide with a list of
1547 * host(s) on the same line.
1549 } else if ((opt_flags & OP_NET) && tgrp->gr_next) {
1550 syslog(LOG_ERR, "network/host conflict");
1551 getexp_err(ep, tgrp);
1555 * If an export list was specified on this line, make sure
1556 * that we have at least one valid entry, otherwise skip it.
1560 while (grp && grp->gr_type == GT_IGNORE)
1563 getexp_err(ep, tgrp);
1568 if (v4root_phase == 1) {
1569 syslog(LOG_ERR, "V4:root, no dirp, ignored");
1570 getexp_err(ep, tgrp);
1575 * Loop through hosts, pushing the exports into the kernel.
1576 * After loop, tgrp points to the start of the list and
1577 * grp points to the last entry in the list.
1581 if (do_mount(ep, grp, exflags, &anon, dirp, dirplen,
1583 getexp_err(ep, tgrp);
1586 } while (grp->gr_next && (grp = grp->gr_next));
1589 * For V4: don't enter in mount lists.
1591 if (v4root_phase > 0 && v4root_phase <= 2) {
1593 * Since these structures aren't used by mountd,
1598 while (tgrp != NULL) {
1600 tgrp = tgrp->gr_next;
1607 * Success. Update the data structures.
1610 hang_dirp(dirhead, tgrp, ep, opt_flags);
1611 grp->gr_next = grphead;
1614 hang_dirp(dirhead, (struct grouplist *)NULL, ep,
1618 dirhead = (struct dirlist *)NULL;
1619 if ((ep->ex_flag & EX_LINKED) == 0) {
1624 * Insert in the list in alphabetical order.
1626 while (ep2 && strcmp(ep2->ex_fsdir, ep->ex_fsdir) < 0) {
1627 epp = &ep2->ex_next;
1633 ep->ex_flag |= EX_LINKED;
1639 dirhead = (struct dirlist *)NULL;
1645 * Get the export list from all specified files
1648 get_exportlist(void)
1650 struct exportlist *ep, *ep2;
1651 struct grouplist *grp, *tgrp;
1652 struct export_args export;
1654 struct statfs *fsp, *mntbufp;
1655 struct xvfsconf vfc;
1658 int dirplen, num, i;
1661 struct nfsex_args eargs;
1663 v4root_dirpath[0] = '\0';
1664 bzero(&export, sizeof(export));
1665 export.ex_flags = MNT_DELEXPORT;
1670 bzero(errmsg, sizeof(errmsg));
1673 * First, get rid of the old list
1681 exphead = (struct exportlist *)NULL;
1689 grphead = (struct grouplist *)NULL;
1692 * and the old V4 root dir.
1694 bzero(&eargs, sizeof (eargs));
1695 eargs.export.ex_flags = MNT_DELEXPORT;
1696 if (run_v4server > 0 &&
1697 nfssvc(NFSSVC_V4ROOTEXPORT, (caddr_t)&eargs) < 0 &&
1699 syslog(LOG_ERR, "Can't delete exports for V4:");
1702 * and clear flag that notes if a public fh has been exported.
1707 * And delete exports that are in the kernel for all local
1709 * XXX: Should know how to handle all local exportable filesystems.
1711 num = getmntinfo(&mntbufp, MNT_NOWAIT);
1714 build_iovec(&iov, &iovlen, "fstype", NULL, 0);
1715 build_iovec(&iov, &iovlen, "fspath", NULL, 0);
1716 build_iovec(&iov, &iovlen, "from", NULL, 0);
1717 build_iovec(&iov, &iovlen, "update", NULL, 0);
1718 build_iovec(&iov, &iovlen, "export", &export, sizeof(export));
1719 build_iovec(&iov, &iovlen, "errmsg", errmsg, sizeof(errmsg));
1722 for (i = 0; i < num; i++) {
1724 if (getvfsbyname(fsp->f_fstypename, &vfc) != 0) {
1725 syslog(LOG_ERR, "getvfsbyname() failed for %s",
1731 * Do not delete export for network filesystem by
1732 * passing "export" arg to nmount().
1733 * It only makes sense to do this for local filesystems.
1735 if (vfc.vfc_flags & VFCF_NETWORK)
1738 iov[1].iov_base = fsp->f_fstypename;
1739 iov[1].iov_len = strlen(fsp->f_fstypename) + 1;
1740 iov[3].iov_base = fsp->f_mntonname;
1741 iov[3].iov_len = strlen(fsp->f_mntonname) + 1;
1742 iov[5].iov_base = fsp->f_mntfromname;
1743 iov[5].iov_len = strlen(fsp->f_mntfromname) + 1;
1745 if (nmount(iov, iovlen, fsp->f_flags) < 0 &&
1746 errno != ENOENT && errno != ENOTSUP) {
1748 "can't delete exports for %s: %m %s",
1749 fsp->f_mntonname, errmsg);
1754 /* Free strings allocated by strdup() in getmntopts.c */
1755 free(iov[0].iov_base); /* fstype */
1756 free(iov[2].iov_base); /* fspath */
1757 free(iov[4].iov_base); /* from */
1758 free(iov[6].iov_base); /* update */
1759 free(iov[8].iov_base); /* export */
1760 free(iov[10].iov_base); /* errmsg */
1762 /* free iov, allocated by realloc() */
1768 * Read in the exports file and build the list, calling
1769 * nmount() as we go along to push the export rules into the kernel.
1772 for (i = 0; exnames[i] != NULL; i++) {
1774 warnx("reading exports from %s", exnames[i]);
1775 if ((exp_file = fopen(exnames[i], "r")) == NULL) {
1776 syslog(LOG_WARNING, "can't open %s", exnames[i]);
1779 get_exportlist_one();
1784 syslog(LOG_ERR, "can't open any exports file");
1789 * If there was no public fh, clear any previous one set.
1791 if (run_v4server > 0 && has_publicfh == 0)
1792 (void) nfssvc(NFSSVC_NOPUBLICFH, NULL);
1796 * Allocate an export list element
1801 struct exportlist *ep;
1803 ep = (struct exportlist *)calloc(1, sizeof (struct exportlist));
1804 if (ep == (struct exportlist *)NULL)
1810 * Allocate a group list element
1815 struct grouplist *gp;
1817 gp = (struct grouplist *)calloc(1, sizeof (struct grouplist));
1818 if (gp == (struct grouplist *)NULL)
1824 * Clean up upon an error in get_exportlist().
1827 getexp_err(struct exportlist *ep, struct grouplist *grp)
1829 struct grouplist *tgrp;
1831 if (!(opt_flags & OP_QUIET))
1832 syslog(LOG_ERR, "bad exports list line %s", line);
1833 if (ep && (ep->ex_flag & EX_LINKED) == 0)
1843 * Search the export list for a matching fs.
1846 ex_search(fsid_t *fsid)
1848 struct exportlist *ep;
1852 if (ep->ex_fs.val[0] == fsid->val[0] &&
1853 ep->ex_fs.val[1] == fsid->val[1])
1861 * Add a directory path to the list.
1864 add_expdir(struct dirlist **dpp, char *cp, int len)
1868 dp = (struct dirlist *)malloc(sizeof (struct dirlist) + len);
1869 if (dp == (struct dirlist *)NULL)
1872 dp->dp_right = (struct dirlist *)NULL;
1874 dp->dp_hosts = (struct hostlist *)NULL;
1875 strcpy(dp->dp_dirp, cp);
1877 return (dp->dp_dirp);
1881 * Hang the dir list element off the dirpath binary tree as required
1882 * and update the entry for host.
1885 hang_dirp(struct dirlist *dp, struct grouplist *grp, struct exportlist *ep,
1888 struct hostlist *hp;
1889 struct dirlist *dp2;
1891 if (flags & OP_ALLDIRS) {
1896 if (grp == (struct grouplist *)NULL) {
1897 ep->ex_defdir->dp_flag |= DP_DEFSET;
1898 /* Save the default security flavors list. */
1899 ep->ex_defnumsecflavors = ep->ex_numsecflavors;
1900 if (ep->ex_numsecflavors > 0)
1901 memcpy(ep->ex_defsecflavors, ep->ex_secflavors,
1902 sizeof(ep->ex_secflavors));
1903 } else while (grp) {
1906 hp->ht_next = ep->ex_defdir->dp_hosts;
1907 ep->ex_defdir->dp_hosts = hp;
1908 /* Save the security flavors list for this host set. */
1909 grp->gr_numsecflavors = ep->ex_numsecflavors;
1910 if (ep->ex_numsecflavors > 0)
1911 memcpy(grp->gr_secflavors, ep->ex_secflavors,
1912 sizeof(ep->ex_secflavors));
1918 * Loop through the directories adding them to the tree.
1922 add_dlist(&ep->ex_dirl, dp, grp, flags, ep);
1929 * Traverse the binary tree either updating a node that is already there
1930 * for the new directory or adding the new node.
1933 add_dlist(struct dirlist **dpp, struct dirlist *newdp, struct grouplist *grp,
1934 int flags, struct exportlist *ep)
1937 struct hostlist *hp;
1942 cmp = strcmp(dp->dp_dirp, newdp->dp_dirp);
1944 add_dlist(&dp->dp_left, newdp, grp, flags, ep);
1946 } else if (cmp < 0) {
1947 add_dlist(&dp->dp_right, newdp, grp, flags, ep);
1950 free((caddr_t)newdp);
1953 dp->dp_left = (struct dirlist *)NULL;
1959 * Hang all of the host(s) off of the directory point.
1964 hp->ht_next = dp->dp_hosts;
1966 /* Save the security flavors list for this host set. */
1967 grp->gr_numsecflavors = ep->ex_numsecflavors;
1968 if (ep->ex_numsecflavors > 0)
1969 memcpy(grp->gr_secflavors, ep->ex_secflavors,
1970 sizeof(ep->ex_secflavors));
1974 dp->dp_flag |= DP_DEFSET;
1975 /* Save the default security flavors list. */
1976 ep->ex_defnumsecflavors = ep->ex_numsecflavors;
1977 if (ep->ex_numsecflavors > 0)
1978 memcpy(ep->ex_defsecflavors, ep->ex_secflavors,
1979 sizeof(ep->ex_secflavors));
1984 * Search for a dirpath on the export point.
1987 dirp_search(struct dirlist *dp, char *dirp)
1992 cmp = strcmp(dp->dp_dirp, dirp);
1994 return (dirp_search(dp->dp_left, dirp));
1996 return (dirp_search(dp->dp_right, dirp));
2004 * Scan for a host match in a directory tree.
2007 chk_host(struct dirlist *dp, struct sockaddr *saddr, int *defsetp,
2008 int *hostsetp, int *numsecflavors, int **secflavorsp)
2010 struct hostlist *hp;
2011 struct grouplist *grp;
2012 struct addrinfo *ai;
2015 if (dp->dp_flag & DP_DEFSET)
2016 *defsetp = dp->dp_flag;
2020 switch (grp->gr_type) {
2022 ai = grp->gr_ptr.gt_addrinfo;
2023 for (; ai; ai = ai->ai_next) {
2024 if (!sacmp(ai->ai_addr, saddr, NULL)) {
2026 (hp->ht_flag | DP_HOSTSET);
2027 if (numsecflavors != NULL) {
2029 grp->gr_numsecflavors;
2038 if (!sacmp(saddr, (struct sockaddr *)
2039 &grp->gr_ptr.gt_net.nt_net,
2041 &grp->gr_ptr.gt_net.nt_mask)) {
2042 *hostsetp = (hp->ht_flag | DP_HOSTSET);
2043 if (numsecflavors != NULL) {
2045 grp->gr_numsecflavors;
2060 * Scan tree for a host that matches the address.
2063 scan_tree(struct dirlist *dp, struct sockaddr *saddr)
2065 int defset, hostset;
2068 if (scan_tree(dp->dp_left, saddr))
2070 if (chk_host(dp, saddr, &defset, &hostset, NULL, NULL))
2072 if (scan_tree(dp->dp_right, saddr))
2079 * Traverse the dirlist tree and free it up.
2082 free_dir(struct dirlist *dp)
2086 free_dir(dp->dp_left);
2087 free_dir(dp->dp_right);
2088 free_host(dp->dp_hosts);
2094 * Parse a colon separated list of security flavors
2097 parsesec(char *seclist, struct exportlist *ep)
2102 ep->ex_numsecflavors = 0;
2104 cp = strchr(seclist, ':');
2110 if (!strcmp(seclist, "sys"))
2112 else if (!strcmp(seclist, "krb5"))
2113 flavor = RPCSEC_GSS_KRB5;
2114 else if (!strcmp(seclist, "krb5i"))
2115 flavor = RPCSEC_GSS_KRB5I;
2116 else if (!strcmp(seclist, "krb5p"))
2117 flavor = RPCSEC_GSS_KRB5P;
2121 syslog(LOG_ERR, "bad sec flavor: %s", seclist);
2124 if (ep->ex_numsecflavors == MAXSECFLAVORS) {
2127 syslog(LOG_ERR, "too many sec flavors: %s", seclist);
2130 ep->ex_secflavors[ep->ex_numsecflavors] = flavor;
2131 ep->ex_numsecflavors++;
2143 * Parse the option string and update fields.
2144 * Option arguments may either be -<option>=<value> or
2148 do_opt(char **cpp, char **endcpp, struct exportlist *ep, struct grouplist *grp,
2149 int *has_hostp, int *exflagsp, struct xucred *cr)
2151 char *cpoptarg, *cpoptend;
2152 char *cp, *endcp, *cpopt, savedc, savedc2;
2153 int allflag, usedarg;
2161 while (cpopt && *cpopt) {
2164 if ((cpoptend = strchr(cpopt, ','))) {
2166 if ((cpoptarg = strchr(cpopt, '=')))
2169 if ((cpoptarg = strchr(cpopt, '=')))
2173 nextfield(&cp, &endcp);
2175 if (endcp > cp && *cp != '-') {
2183 if (!strcmp(cpopt, "ro") || !strcmp(cpopt, "o")) {
2184 *exflagsp |= MNT_EXRDONLY;
2185 } else if (cpoptarg && (!strcmp(cpopt, "maproot") ||
2186 !(allflag = strcmp(cpopt, "mapall")) ||
2187 !strcmp(cpopt, "root") || !strcmp(cpopt, "r"))) {
2189 parsecred(cpoptarg, cr);
2191 *exflagsp |= MNT_EXPORTANON;
2192 opt_flags |= OP_MAPALL;
2194 opt_flags |= OP_MAPROOT;
2195 } else if (cpoptarg && (!strcmp(cpopt, "mask") ||
2196 !strcmp(cpopt, "m"))) {
2197 if (get_net(cpoptarg, &grp->gr_ptr.gt_net, 1)) {
2198 syslog(LOG_ERR, "bad mask: %s", cpoptarg);
2202 opt_flags |= OP_MASK;
2203 } else if (cpoptarg && (!strcmp(cpopt, "network") ||
2204 !strcmp(cpopt, "n"))) {
2205 if (strchr(cpoptarg, '/') != NULL) {
2207 fprintf(stderr, "setting OP_MASKLEN\n");
2208 opt_flags |= OP_MASKLEN;
2210 if (grp->gr_type != GT_NULL) {
2211 syslog(LOG_ERR, "network/host conflict");
2213 } else if (get_net(cpoptarg, &grp->gr_ptr.gt_net, 0)) {
2214 syslog(LOG_ERR, "bad net: %s", cpoptarg);
2217 grp->gr_type = GT_NET;
2220 opt_flags |= OP_NET;
2221 } else if (!strcmp(cpopt, "alldirs")) {
2222 opt_flags |= OP_ALLDIRS;
2223 } else if (!strcmp(cpopt, "public")) {
2224 *exflagsp |= MNT_EXPUBLIC;
2225 } else if (!strcmp(cpopt, "webnfs")) {
2226 *exflagsp |= (MNT_EXPUBLIC|MNT_EXRDONLY|MNT_EXPORTANON);
2227 opt_flags |= OP_MAPALL;
2228 } else if (cpoptarg && !strcmp(cpopt, "index")) {
2229 ep->ex_indexfile = strdup(cpoptarg);
2230 } else if (!strcmp(cpopt, "quiet")) {
2231 opt_flags |= OP_QUIET;
2232 } else if (cpoptarg && !strcmp(cpopt, "sec")) {
2233 if (parsesec(cpoptarg, ep))
2235 opt_flags |= OP_SEC;
2238 syslog(LOG_ERR, "bad opt %s", cpopt);
2257 * Translate a character string to the corresponding list of network
2258 * addresses for a hostname.
2261 get_host(char *cp, struct grouplist *grp, struct grouplist *tgrp)
2263 struct grouplist *checkgrp;
2264 struct addrinfo *ai, *tai, hints;
2266 char host[NI_MAXHOST];
2268 if (grp->gr_type != GT_NULL) {
2269 syslog(LOG_ERR, "Bad netgroup type for ip host %s", cp);
2272 memset(&hints, 0, sizeof hints);
2273 hints.ai_flags = AI_CANONNAME;
2274 hints.ai_protocol = IPPROTO_UDP;
2275 ecode = getaddrinfo(cp, NULL, &hints, &ai);
2277 syslog(LOG_ERR,"can't get address info for host %s", cp);
2280 grp->gr_ptr.gt_addrinfo = ai;
2281 while (ai != NULL) {
2282 if (ai->ai_canonname == NULL) {
2283 if (getnameinfo(ai->ai_addr, ai->ai_addrlen, host,
2284 sizeof host, NULL, 0, NI_NUMERICHOST) != 0)
2285 strlcpy(host, "?", sizeof(host));
2286 ai->ai_canonname = strdup(host);
2287 ai->ai_flags |= AI_CANONNAME;
2290 fprintf(stderr, "got host %s\n", ai->ai_canonname);
2292 * Sanity check: make sure we don't already have an entry
2293 * for this host in the grouplist.
2295 for (checkgrp = tgrp; checkgrp != NULL;
2296 checkgrp = checkgrp->gr_next) {
2297 if (checkgrp->gr_type != GT_HOST)
2299 for (tai = checkgrp->gr_ptr.gt_addrinfo; tai != NULL;
2300 tai = tai->ai_next) {
2301 if (sacmp(tai->ai_addr, ai->ai_addr, NULL) != 0)
2305 "ignoring duplicate host %s\n",
2307 grp->gr_type = GT_IGNORE;
2313 grp->gr_type = GT_HOST;
2318 * Free up an exports list component
2321 free_exp(struct exportlist *ep)
2324 if (ep->ex_defdir) {
2325 free_host(ep->ex_defdir->dp_hosts);
2326 free((caddr_t)ep->ex_defdir);
2330 if (ep->ex_indexfile)
2331 free(ep->ex_indexfile);
2332 free_dir(ep->ex_dirl);
2340 free_host(struct hostlist *hp)
2342 struct hostlist *hp2;
2354 struct hostlist *hp;
2356 hp = (struct hostlist *)malloc(sizeof (struct hostlist));
2357 if (hp == (struct hostlist *)NULL)
2359 hp->ht_next = (struct hostlist *)NULL;
2365 * Out of memory, fatal
2371 syslog(LOG_ERR, "out of memory");
2376 * Do the nmount() syscall with the update flag to push the export info into
2380 do_mount(struct exportlist *ep, struct grouplist *grp, int exflags,
2381 struct xucred *anoncrp, char *dirp, int dirplen, struct statfs *fsb)
2384 struct addrinfo *ai;
2385 struct export_args ea, *eap;
2393 struct nfsex_args nfsea;
2395 if (run_v4server > 0)
2396 eap = &nfsea.export;
2406 bzero(eap, sizeof (struct export_args));
2407 bzero(errmsg, sizeof(errmsg));
2408 eap->ex_flags = exflags;
2409 eap->ex_anon = *anoncrp;
2410 eap->ex_indexfile = ep->ex_indexfile;
2411 if (grp->gr_type == GT_HOST)
2412 ai = grp->gr_ptr.gt_addrinfo;
2415 eap->ex_numsecflavors = ep->ex_numsecflavors;
2416 for (i = 0; i < eap->ex_numsecflavors; i++)
2417 eap->ex_secflavors[i] = ep->ex_secflavors[i];
2418 if (eap->ex_numsecflavors == 0) {
2419 eap->ex_numsecflavors = 1;
2420 eap->ex_secflavors[0] = AUTH_SYS;
2424 if (v4root_phase == 0) {
2425 build_iovec(&iov, &iovlen, "fstype", NULL, 0);
2426 build_iovec(&iov, &iovlen, "fspath", NULL, 0);
2427 build_iovec(&iov, &iovlen, "from", NULL, 0);
2428 build_iovec(&iov, &iovlen, "update", NULL, 0);
2429 build_iovec(&iov, &iovlen, "export", eap,
2430 sizeof (struct export_args));
2431 build_iovec(&iov, &iovlen, "errmsg", errmsg, sizeof(errmsg));
2435 switch (grp->gr_type) {
2437 if (ai->ai_addr->sa_family == AF_INET6 && have_v6 == 0)
2439 eap->ex_addr = ai->ai_addr;
2440 eap->ex_addrlen = ai->ai_addrlen;
2441 eap->ex_masklen = 0;
2444 if (grp->gr_ptr.gt_net.nt_net.ss_family == AF_INET6 &&
2448 (struct sockaddr *)&grp->gr_ptr.gt_net.nt_net;
2450 ((struct sockaddr *)&grp->gr_ptr.gt_net.nt_net)->sa_len;
2452 (struct sockaddr *)&grp->gr_ptr.gt_net.nt_mask;
2453 eap->ex_masklen = ((struct sockaddr *)&grp->gr_ptr.gt_net.nt_mask)->sa_len;
2456 eap->ex_addr = NULL;
2457 eap->ex_addrlen = 0;
2458 eap->ex_mask = NULL;
2459 eap->ex_masklen = 0;
2466 syslog(LOG_ERR, "bad grouptype");
2474 * For V4:, use the nfssvc() syscall, instead of mount().
2476 if (v4root_phase == 2) {
2477 nfsea.fspec = v4root_dirpath;
2478 if (run_v4server > 0 &&
2479 nfssvc(NFSSVC_V4ROOTEXPORT, (caddr_t)&nfsea) < 0) {
2480 syslog(LOG_ERR, "Exporting V4: failed");
2486 * Maybe I should just use the fsb->f_mntonname path
2487 * instead of looping back up the dirp to the mount
2489 * Also, needs to know how to export all types of local
2490 * exportable filesystems and not just "ufs".
2492 iov[1].iov_base = fsb->f_fstypename; /* "fstype" */
2493 iov[1].iov_len = strlen(fsb->f_fstypename) + 1;
2494 iov[3].iov_base = fsb->f_mntonname; /* "fspath" */
2495 iov[3].iov_len = strlen(fsb->f_mntonname) + 1;
2496 iov[5].iov_base = fsb->f_mntfromname; /* "from" */
2497 iov[5].iov_len = strlen(fsb->f_mntfromname) + 1;
2499 while (nmount(iov, iovlen, fsb->f_flags) < 0) {
2503 cp = dirp + dirplen - 1;
2504 if (opt_flags & OP_QUIET) {
2508 if (errno == EPERM) {
2510 warnx("can't change attributes for %s: %s",
2513 "can't change attributes for %s: %s",
2518 if (opt_flags & OP_ALLDIRS) {
2519 if (errno == EINVAL)
2521 "-alldirs requested but %s is not a filesystem mountpoint",
2525 "could not remount %s: %m",
2530 /* back up over the last component */
2531 while (*cp == '/' && cp > dirp)
2533 while (*(cp - 1) != '/' && cp > dirp)
2537 warnx("mnt unsucc");
2538 syslog(LOG_ERR, "can't export %s %s",
2546 * Check that we're still on the same
2549 if (statfs(dirp, &fsb1) != 0 ||
2550 bcmp(&fsb1.f_fsid, &fsb->f_fsid,
2551 sizeof (fsb1.f_fsid)) != 0) {
2554 "can't export %s %s", dirp,
2563 * For the experimental server:
2564 * If this is the public directory, get the file handle
2565 * and load it into the kernel via the nfssvc() syscall.
2567 if (run_v4server > 0 && (exflags & MNT_EXPUBLIC) != 0) {
2571 if (eap->ex_indexfile != NULL)
2572 public_name = eap->ex_indexfile;
2575 if (getfh(public_name, &fh) < 0)
2577 "Can't get public fh for %s", public_name);
2578 else if (nfssvc(NFSSVC_PUBLICFH, (caddr_t)&fh) < 0)
2580 "Can't set public fh for %s", public_name);
2593 /* free strings allocated by strdup() in getmntopts.c */
2595 free(iov[0].iov_base); /* fstype */
2596 free(iov[2].iov_base); /* fspath */
2597 free(iov[4].iov_base); /* from */
2598 free(iov[6].iov_base); /* update */
2599 free(iov[8].iov_base); /* export */
2600 free(iov[10].iov_base); /* errmsg */
2602 /* free iov, allocated by realloc() */
2609 * Translate a net address.
2611 * If `maskflg' is nonzero, then `cp' is a netmask, not a network address.
2614 get_net(char *cp, struct netmsk *net, int maskflg)
2616 struct netent *np = NULL;
2617 char *name, *p, *prefp;
2618 struct sockaddr_in sin;
2619 struct sockaddr *sa = NULL;
2620 struct addrinfo hints, *ai = NULL;
2621 char netname[NI_MAXHOST];
2625 if ((opt_flags & OP_MASKLEN) && !maskflg) {
2626 p = strchr(cp, '/');
2632 * Check for a numeric address first. We wish to avoid
2633 * possible DNS lookups in getnetbyname().
2635 if (isxdigit(*cp) || *cp == ':') {
2636 memset(&hints, 0, sizeof hints);
2637 /* Ensure the mask and the network have the same family. */
2638 if (maskflg && (opt_flags & OP_NET))
2639 hints.ai_family = net->nt_net.ss_family;
2640 else if (!maskflg && (opt_flags & OP_HAVEMASK))
2641 hints.ai_family = net->nt_mask.ss_family;
2643 hints.ai_family = AF_UNSPEC;
2644 hints.ai_flags = AI_NUMERICHOST;
2645 if (getaddrinfo(cp, NULL, &hints, &ai) == 0)
2647 if (sa != NULL && ai->ai_family == AF_INET) {
2649 * The address in `cp' is really a network address, so
2650 * use inet_network() to re-interpret this correctly.
2651 * e.g. "127.1" means 127.1.0.0, not 127.0.0.1.
2653 bzero(&sin, sizeof sin);
2654 sin.sin_family = AF_INET;
2655 sin.sin_len = sizeof sin;
2656 sin.sin_addr = inet_makeaddr(inet_network(cp), 0);
2658 fprintf(stderr, "get_net: v4 addr %s\n",
2659 inet_ntoa(sin.sin_addr));
2660 sa = (struct sockaddr *)&sin;
2663 if (sa == NULL && (np = getnetbyname(cp)) != NULL) {
2664 bzero(&sin, sizeof sin);
2665 sin.sin_family = AF_INET;
2666 sin.sin_len = sizeof sin;
2667 sin.sin_addr = inet_makeaddr(np->n_net, 0);
2668 sa = (struct sockaddr *)&sin;
2674 /* The specified sockaddr is a mask. */
2675 if (checkmask(sa) != 0)
2677 bcopy(sa, &net->nt_mask, sa->sa_len);
2678 opt_flags |= OP_HAVEMASK;
2680 /* The specified sockaddr is a network address. */
2681 bcopy(sa, &net->nt_net, sa->sa_len);
2683 /* Get a network name for the export list. */
2686 } else if (getnameinfo(sa, sa->sa_len, netname, sizeof netname,
2687 NULL, 0, NI_NUMERICHOST) == 0) {
2692 if ((net->nt_name = strdup(name)) == NULL)
2696 * Extract a mask from either a "/<masklen>" suffix, or
2697 * from the class of an IPv4 address.
2699 if (opt_flags & OP_MASKLEN) {
2700 preflen = strtol(prefp, NULL, 10);
2701 if (preflen < 0L || preflen == LONG_MAX)
2703 bcopy(sa, &net->nt_mask, sa->sa_len);
2704 if (makemask(&net->nt_mask, (int)preflen) != 0)
2706 opt_flags |= OP_HAVEMASK;
2708 } else if (sa->sa_family == AF_INET &&
2709 (opt_flags & OP_MASK) == 0) {
2712 addr = ((struct sockaddr_in *)sa)->sin_addr.s_addr;
2713 if (IN_CLASSA(addr))
2715 else if (IN_CLASSB(addr))
2717 else if (IN_CLASSC(addr))
2719 else if (IN_CLASSD(addr))
2722 preflen = 32; /* XXX */
2724 bcopy(sa, &net->nt_mask, sa->sa_len);
2725 makemask(&net->nt_mask, (int)preflen);
2726 opt_flags |= OP_HAVEMASK;
2741 * Parse out the next white space separated field
2744 nextfield(char **cp, char **endcp)
2749 while (*p == ' ' || *p == '\t')
2751 if (*p == '\n' || *p == '\0')
2755 while (*p != ' ' && *p != '\t' && *p != '\n' && *p != '\0')
2762 * Get an exports file line. Skip over blank lines and handle line
2770 int totlen, cont_line;
2773 * Loop around ignoring blank lines and getting all continuation lines.
2778 if ((p = fgetln(exp_file, &len)) == NULL)
2783 (*cp == ' ' || *cp == '\t' || *cp == '\n' || *cp == '\\')) {
2793 if (linesize < len + totlen + 1) {
2794 linesize = len + totlen + 1;
2795 line = realloc(line, linesize);
2799 memcpy(line + totlen, p, len);
2801 line[totlen] = '\0';
2802 } while (totlen == 0 || cont_line);
2807 * Parse a description of a credential.
2810 parsecred(char *namelist, struct xucred *cr)
2817 gid_t groups[XU_NGROUPS + 1];
2820 cr->cr_version = XUCRED_VERSION;
2822 * Set up the unprivileged user.
2825 cr->cr_groups[0] = -2;
2828 * Get the user's password table entry.
2830 names = strsep(&namelist, " \t\n");
2831 name = strsep(&names, ":");
2832 if (isdigit(*name) || *name == '-')
2833 pw = getpwuid(atoi(name));
2835 pw = getpwnam(name);
2837 * Credentials specified as those of a user.
2839 if (names == NULL) {
2841 syslog(LOG_ERR, "unknown user: %s", name);
2844 cr->cr_uid = pw->pw_uid;
2845 ngroups = XU_NGROUPS + 1;
2846 if (getgrouplist(pw->pw_name, pw->pw_gid, groups, &ngroups))
2847 syslog(LOG_ERR, "too many groups");
2849 * Compress out duplicate.
2851 cr->cr_ngroups = ngroups - 1;
2852 cr->cr_groups[0] = groups[0];
2853 for (cnt = 2; cnt < ngroups; cnt++)
2854 cr->cr_groups[cnt - 1] = groups[cnt];
2858 * Explicit credential specified as a colon separated list:
2862 cr->cr_uid = pw->pw_uid;
2863 else if (isdigit(*name) || *name == '-')
2864 cr->cr_uid = atoi(name);
2866 syslog(LOG_ERR, "unknown user: %s", name);
2870 while (names != NULL && *names != '\0' && cr->cr_ngroups < XU_NGROUPS) {
2871 name = strsep(&names, ":");
2872 if (isdigit(*name) || *name == '-') {
2873 cr->cr_groups[cr->cr_ngroups++] = atoi(name);
2875 if ((gr = getgrnam(name)) == NULL) {
2876 syslog(LOG_ERR, "unknown group: %s", name);
2879 cr->cr_groups[cr->cr_ngroups++] = gr->gr_gid;
2882 if (names != NULL && *names != '\0' && cr->cr_ngroups == XU_NGROUPS)
2883 syslog(LOG_ERR, "too many groups");
2886 #define STRSIZ (MNTNAMLEN+MNTPATHLEN+50)
2888 * Routines that maintain the remote mounttab
2893 struct mountlist *mlp, **mlpp;
2894 char *host, *dirp, *cp;
2898 if ((mlfile = fopen(_PATH_RMOUNTLIST, "r")) == NULL) {
2899 if (errno == ENOENT)
2902 syslog(LOG_ERR, "can't open %s", _PATH_RMOUNTLIST);
2907 while (fgets(str, STRSIZ, mlfile) != NULL) {
2909 host = strsep(&cp, " \t\n");
2910 dirp = strsep(&cp, " \t\n");
2911 if (host == NULL || dirp == NULL)
2913 mlp = (struct mountlist *)malloc(sizeof (*mlp));
2914 if (mlp == (struct mountlist *)NULL)
2916 strncpy(mlp->ml_host, host, MNTNAMLEN);
2917 mlp->ml_host[MNTNAMLEN] = '\0';
2918 strncpy(mlp->ml_dirp, dirp, MNTPATHLEN);
2919 mlp->ml_dirp[MNTPATHLEN] = '\0';
2920 mlp->ml_next = (struct mountlist *)NULL;
2922 mlpp = &mlp->ml_next;
2928 del_mlist(char *hostp, char *dirp)
2930 struct mountlist *mlp, **mlpp;
2931 struct mountlist *mlp2;
2938 if (!strcmp(mlp->ml_host, hostp) &&
2939 (!dirp || !strcmp(mlp->ml_dirp, dirp))) {
2942 *mlpp = mlp = mlp->ml_next;
2943 free((caddr_t)mlp2);
2945 mlpp = &mlp->ml_next;
2950 if ((mlfile = fopen(_PATH_RMOUNTLIST, "w")) == NULL) {
2951 syslog(LOG_ERR,"can't update %s", _PATH_RMOUNTLIST);
2956 fprintf(mlfile, "%s %s\n", mlp->ml_host, mlp->ml_dirp);
2964 add_mlist(char *hostp, char *dirp)
2966 struct mountlist *mlp, **mlpp;
2972 if (!strcmp(mlp->ml_host, hostp) && !strcmp(mlp->ml_dirp, dirp))
2974 mlpp = &mlp->ml_next;
2977 mlp = (struct mountlist *)malloc(sizeof (*mlp));
2978 if (mlp == (struct mountlist *)NULL)
2980 strncpy(mlp->ml_host, hostp, MNTNAMLEN);
2981 mlp->ml_host[MNTNAMLEN] = '\0';
2982 strncpy(mlp->ml_dirp, dirp, MNTPATHLEN);
2983 mlp->ml_dirp[MNTPATHLEN] = '\0';
2984 mlp->ml_next = (struct mountlist *)NULL;
2986 if ((mlfile = fopen(_PATH_RMOUNTLIST, "a")) == NULL) {
2987 syslog(LOG_ERR, "can't update %s", _PATH_RMOUNTLIST);
2990 fprintf(mlfile, "%s %s\n", mlp->ml_host, mlp->ml_dirp);
2995 * Free up a group list.
2998 free_grp(struct grouplist *grp)
3000 if (grp->gr_type == GT_HOST) {
3001 if (grp->gr_ptr.gt_addrinfo != NULL)
3002 freeaddrinfo(grp->gr_ptr.gt_addrinfo);
3003 } else if (grp->gr_type == GT_NET) {
3004 if (grp->gr_ptr.gt_net.nt_name)
3005 free(grp->gr_ptr.gt_net.nt_name);
3012 SYSLOG(int pri, const char *fmt, ...)
3017 vfprintf(stderr, fmt, ap);
3023 * Check options for consistency.
3026 check_options(struct dirlist *dp)
3029 if (v4root_phase == 0 && dp == NULL)
3031 if ((opt_flags & (OP_MAPROOT | OP_MAPALL)) == (OP_MAPROOT | OP_MAPALL)) {
3032 syslog(LOG_ERR, "-mapall and -maproot mutually exclusive");
3035 if ((opt_flags & OP_MASK) && (opt_flags & OP_NET) == 0) {
3036 syslog(LOG_ERR, "-mask requires -network");
3039 if ((opt_flags & OP_NET) && (opt_flags & OP_HAVEMASK) == 0) {
3040 syslog(LOG_ERR, "-network requires mask specification");
3043 if ((opt_flags & OP_MASK) && (opt_flags & OP_MASKLEN)) {
3044 syslog(LOG_ERR, "-mask and /masklen are mutually exclusive");
3047 if (v4root_phase > 0 &&
3049 ~(OP_SEC | OP_MASK | OP_NET | OP_HAVEMASK | OP_MASKLEN)) != 0) {
3050 syslog(LOG_ERR,"only -sec,-net,-mask options allowed on V4:");
3053 if ((opt_flags & OP_ALLDIRS) && dp->dp_left) {
3054 syslog(LOG_ERR, "-alldirs has multiple directories");
3061 * Check an absolute directory path for any symbolic links. Return true
3064 check_dirpath(char *dirp)
3071 while (*cp && ret) {
3074 if (lstat(dirp, &sb) < 0 || !S_ISDIR(sb.st_mode))
3080 if (lstat(dirp, &sb) < 0 || !S_ISDIR(sb.st_mode))
3086 * Make a netmask according to the specified prefix length. The ss_family
3087 * and other non-address fields must be initialised before calling this.
3090 makemask(struct sockaddr_storage *ssp, int bitlen)
3095 if ((p = sa_rawaddr((struct sockaddr *)ssp, &len)) == NULL)
3097 if (bitlen > len * CHAR_BIT)
3100 for (i = 0; i < len; i++) {
3101 bits = (bitlen > CHAR_BIT) ? CHAR_BIT : bitlen;
3102 *p++ = (u_char)~0 << (CHAR_BIT - bits);
3109 * Check that the sockaddr is a valid netmask. Returns 0 if the mask
3110 * is acceptable (i.e. of the form 1...10....0).
3113 checkmask(struct sockaddr *sa)
3118 if ((mask = sa_rawaddr(sa, &len)) == NULL)
3121 for (i = 0; i < len; i++)
3122 if (mask[i] != 0xff)
3125 if (~mask[i] & (u_char)(~mask[i] + 1))
3129 for (; i < len; i++)
3136 * Compare two sockaddrs according to a specified mask. Return zero if
3137 * `sa1' matches `sa2' when filtered by the netmask in `samask'.
3138 * If samask is NULL, perform a full comparision.
3141 sacmp(struct sockaddr *sa1, struct sockaddr *sa2, struct sockaddr *samask)
3143 unsigned char *p1, *p2, *mask;
3146 if (sa1->sa_family != sa2->sa_family ||
3147 (p1 = sa_rawaddr(sa1, &len)) == NULL ||
3148 (p2 = sa_rawaddr(sa2, NULL)) == NULL)
3151 switch (sa1->sa_family) {
3153 if (((struct sockaddr_in6 *)sa1)->sin6_scope_id !=
3154 ((struct sockaddr_in6 *)sa2)->sin6_scope_id)
3159 /* Simple binary comparison if no mask specified. */
3161 return (memcmp(p1, p2, len));
3163 /* Set up the mask, and do a mask-based comparison. */
3164 if (sa1->sa_family != samask->sa_family ||
3165 (mask = sa_rawaddr(samask, NULL)) == NULL)
3168 for (i = 0; i < len; i++)
3169 if ((p1[i] & mask[i]) != (p2[i] & mask[i]))
3175 * Return a pointer to the part of the sockaddr that contains the
3176 * raw address, and set *nbytes to its length in bytes. Returns
3177 * NULL if the address family is unknown.
3180 sa_rawaddr(struct sockaddr *sa, int *nbytes) {
3184 switch (sa->sa_family) {
3186 len = sizeof(((struct sockaddr_in *)sa)->sin_addr);
3187 p = &((struct sockaddr_in *)sa)->sin_addr;
3190 len = sizeof(((struct sockaddr_in6 *)sa)->sin6_addr);
3191 p = &((struct sockaddr_in6 *)sa)->sin6_addr;
3204 huphandler(int sig __unused)
3209 void terminate(int sig __unused)
3211 pidfile_remove(pfh);
3212 rpcb_unset(MOUNTPROG, MOUNTVERS, NULL);
3213 rpcb_unset(MOUNTPROG, MOUNTVERS3, NULL);
projects / FreeBSD / stable / 8.git / blob