4 * Authentication procedures for mountd.
6 * Copyright (C) 1995, 1996 Olaf Kirch <okir@monad.swb.de>
12 #include <netinet/in.h>
13 #include <arpa/inet.h>
31 static void auth_fixpath(char *path);
32 static char *export_file = NULL;
35 auth_init(char *exports)
38 export_file = exports;
47 static time_t last_modified = 0;
49 if (stat(_PATH_ETAB, &stb) < 0)
50 xlog(L_FATAL, "couldn't stat %s", _PATH_ETAB);
51 if (stb.st_mtime == last_modified)
53 last_modified = stb.st_mtime;
56 // export_read(export_file);
63 auth_authenticate_internal(char *what, struct sockaddr_in *caller,
64 char *path, struct hostent *hp,
65 enum auth_error *error)
69 if (!(exp = export_find(hp, path))) {
73 if (!exp->m_mayexport) {
74 *error = not_exported;
78 if (!(exp->m_export.e_flags & NFSEXP_INSECURE_PORT) &&
79 (ntohs(caller->sin_port) < IPPORT_RESERVED/2 ||
80 ntohs(caller->sin_port) >= IPPORT_RESERVED)) {
81 *error = illegal_port;
91 auth_authenticate(char *what, struct sockaddr_in *caller, char *path)
93 nfs_export *exp = NULL;
94 char epath[MAXPATHLEN+1];
96 struct hostent *hp = NULL;
97 struct in_addr addr = caller->sin_addr;
98 enum auth_error error;
100 if (path [0] != '/') {
101 xlog(L_WARNING, "bad path in %s request from %s: \"%s\"",
102 what, inet_ntoa(addr), path);
106 strncpy(epath, path, sizeof (epath) - 1);
107 epath[sizeof (epath) - 1] = '\0';
108 auth_fixpath(epath); /* strip duplicate '/' etc */
110 hp = get_reliable_hostbyaddr((const char*)&caller->sin_addr, sizeof(struct in_addr),
113 hp = get_hostent((const char*)&caller->sin_addr, sizeof(struct in_addr),
118 /* Try the longest matching exported pathname. */
120 exp = auth_authenticate_internal(what, caller, epath,
122 if (exp || (error != not_exported && error != no_entry))
124 /* We have to treat the root, "/", specially. */
125 if (p == &epath[1]) break;
126 p = strrchr(epath, '/');
134 xlog(L_WARNING, "bad path in %s request from %s: \"%s\"",
135 what, inet_ntoa(addr), path);
139 xlog(L_WARNING, "%s request from unknown host %s for %s (%s)",
140 what, inet_ntoa(addr), path, epath);
144 xlog(L_WARNING, "refused %s request from %s for %s (%s): no export entry",
145 what, hp->h_name, path, epath);
149 xlog(L_WARNING, "refused %s request from %s for %s (%s): not exported",
150 what, hp->h_name, path, epath);
154 xlog(L_WARNING, "refused %s request from %s for %s (%s): illegal port %d",
155 what, hp->h_name, path, epath, ntohs(caller->sin_port));
159 xlog(L_NOTICE, "authenticated %s request from %s:%d for %s (%s)",
160 what, hp->h_name, ntohs(caller->sin_port), path, epath);
163 xlog(L_NOTICE, "%s request from %s:%d for %s (%s) gave %d",
164 what, hp->h_name, ntohs(caller->sin_port), path, epath, error);
174 auth_fixpath(char *path)
178 for (sp = cp = path; *sp; sp++) {
179 if (*sp != '/' || sp[1] != '/')
182 while (cp > path+1 && cp[-1] == '/')