static int sockfd = -1; /* notify socket */
/*
- * Initialize callback socket
+ * Initialize socket used to notify lockd of peer reboots.
+ *
+ * Returns the file descriptor of the new socket if successful;
+ * otherwise returns -1 and logs an error.
+ *
+ * Lockd rejects such requests if the source port is not privileged.
+ * statd_get_socket() must be invoked while statd still holds root
+ * privileges in order for the socket to acquire a privileged source
+ * port.
*/
int
statd_get_socket(void)
{
struct sockaddr_in sin;
+ struct servent *se;
+ int loopcnt = 100;
if (sockfd >= 0)
return sockfd;
- if ((sockfd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP)) < 0) {
- note(N_CRIT, "Can't create socket: %m");
- return -1;
- }
-
- FD_SET(sockfd, &SVC_FDSET);
+ while (loopcnt-- > 0) {
- memset(&sin, 0, sizeof(sin));
- sin.sin_family = AF_INET;
- sin.sin_addr.s_addr = INADDR_ANY;
+ if (sockfd >= 0) close(sockfd);
- if (bindresvport(sockfd, &sin) < 0) {
- dprintf(N_WARNING,
- "process_hosts: can't bind to reserved port\n");
- }
- return sockfd;
-}
-
-/*
- * Try to resolve host name for notify/callback request
- *
- * When compiled with RESTRICTED_STATD defined, we expect all
- * host names to be dotted quads. See monitor.c for details. --okir
- */
-#ifdef RESTRICTED_STATD
-static int
-try_to_resolve(notify_list *lp)
-{
- char *hname;
-
- hname = NL_MY_NAME(lp);
- if (!inet_aton(hname, &(NL_ADDR(lp)))) {
- note(N_ERROR, "%s is not an dotted-quad address", hname);
- NL_TIMES(lp) = 0;
- return 0;
- }
-
- /* XXX: In order to handle multi-homed hosts, we could do
- * a reverse lookup, a forward lookup, and cycle through
- * all the addresses.
- */
- return 1;
-}
-#else
-static int
-try_to_resolve(notify_list *lp)
-{
- struct hostent *hp;
- char *hname;
+ if ((sockfd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP)) < 0) {
+ note(N_CRIT, "%s: Can't create socket: %m", __func__);
+ return -1;
+ }
- hname = NL_MY_NAME(lp);
- dprintf(N_DEBUG, "Trying to resolve %s.", hname);
- if (!(hp = gethostbyname(hname))) {
- herror("gethostbyname");
- NL_TIMES(lp) -= 1;
- return 0;
- }
+ memset(&sin, 0, sizeof(sin));
+ sin.sin_family = AF_INET;
+ sin.sin_addr.s_addr = INADDR_ANY;
- if (hp->h_addrtype != AF_INET) {
- note(N_ERROR, "%s is not an AF_INET address", hname);
- NL_TIMES(lp) = 0;
- return 0;
+ if (bindresvport(sockfd, &sin) < 0) {
+ dprintf(N_WARNING, "%s: can't bind to reserved port",
+ __func__);
+ break;
+ }
+ se = getservbyport(sin.sin_port, "udp");
+ if (se == NULL)
+ break;
+ /* rather not use that port, try again */
}
-
- /* FIXME: should try all addresses for multi-homed hosts in
- * alternation because one interface might be down/unreachable. */
- NL_ADDR(lp) = *(struct in_addr *) hp->h_addr;
-
- dprintf(N_DEBUG, "address of %s is %s", hname, inet_ntoa(NL_ADDR(lp)));
- return 1;
+ FD_SET(sockfd, &SVC_FDSET);
+ return sockfd;
}
-#endif
static unsigned long
-xmit_call(int sockfd, struct sockaddr_in *sin,
+xmit_call(struct sockaddr_in *sin,
u_int32_t prog, u_int32_t vers, u_int32_t proc,
xdrproc_t func, void *obj)
/* __u32 prog, __u32 vers, __u32 proc, xdrproc_t func, void *obj) */
/* Encode the RPC header part and payload */
if (!xdr_callmsg(xdrs, &mesg) || !func(xdrs, obj)) {
- dprintf(N_WARNING, "xmit_mesg: can't encode RPC message!\n");
+ dprintf(N_WARNING, "%s: can't encode RPC message!", __func__);
xdr_destroy(xdrs);
return 0;
}
if ((err = sendto(sockfd, msgbuf, msglen, 0,
(struct sockaddr *) sin, sizeof(*sin))) < 0) {
- dprintf(N_WARNING, "xmit_mesg: sendto failed: %m");
+ dprintf(N_WARNING, "%s: sendto failed: %m", __func__);
} else if (err != msglen) {
- dprintf(N_WARNING, "xmit_mesg: short write: %m\n");
+ dprintf(N_WARNING, "%s: short write: %m", __func__);
}
xdr_destroy(xdrs);
}
static notify_list *
-recv_rply(int sockfd, struct sockaddr_in *sin, u_long *portp)
+recv_rply(struct sockaddr_in *sin, u_long *portp)
{
unsigned int msgbuf[MAXMSGSIZE], msglen;
struct rpc_msg mesg;
/* Receive message */
if ((msglen = recvfrom(sockfd, msgbuf, sizeof(msgbuf), 0,
(struct sockaddr *) sin, &alen)) < 0) {
- dprintf(N_WARNING, "recv_rply: recvfrom failed: %m");
+ dprintf(N_WARNING, "%s: recvfrom failed: %m", __func__);
return NULL;
}
mesg.rm_reply.rp_acpt.ar_results.proc = (xdrproc_t) xdr_void;
if (!xdr_replymsg(xdrs, &mesg)) {
- note(N_WARNING, "recv_rply: can't decode RPC message!\n");
+ note(N_WARNING, "%s: can't decode RPC message!", __func__);
goto done;
}
if (mesg.rm_reply.rp_stat != 0) {
- note(N_WARNING, "recv_rply: [%s] RPC status %d\n",
+ note(N_WARNING, "%s: [%s] RPC status %d",
+ __func__,
inet_ntoa(sin->sin_addr),
mesg.rm_reply.rp_stat);
goto done;
}
if (mesg.rm_reply.rp_acpt.ar_stat != 0) {
- note(N_WARNING, "recv_rply: [%s] RPC status %d\n",
+ note(N_WARNING, "%s: [%s] RPC status %d",
+ __func__,
inet_ntoa(sin->sin_addr),
mesg.rm_reply.rp_acpt.ar_stat);
goto done;
strncpy (addr, inet_ntoa(lp->addr),
sizeof (addr) - 1);
addr [sizeof (addr) - 1] = '\0';
- dprintf(N_WARNING, "address mismatch: "
- "expected %s, got %s\n",
+ dprintf(N_WARNING, "%s: address mismatch: "
+ "expected %s, got %s", __func__,
addr, inet_ntoa(sin->sin_addr));
}
if (lp->port == 0) {
if (!xdr_u_long(xdrs, portp)) {
- note(N_WARNING, "recv_rply: [%s] "
- "can't decode reply body!\n",
+ note(N_WARNING,
+ "%s: [%s] can't decode reply body!",
+ __func__,
inet_ntoa(sin->sin_addr));
lp = NULL;
goto done;
* Notify operation for a single list entry
*/
static int
-process_entry(int sockfd, notify_list *lp)
+process_entry(notify_list *lp)
{
struct sockaddr_in sin;
struct status new_status;
u_int32_t proc, vers, prog;
/* __u32 proc, vers, prog; */
- if (lp->addr.s_addr == INADDR_ANY && !try_to_resolve(lp))
- return NL_TIMES(lp);
if (NL_TIMES(lp) == 0) {
- note(N_DEBUG, "Cannot notify %s, giving up.\n",
- inet_ntoa(NL_ADDR(lp)));
+ note(N_DEBUG, "%s: Cannot notify %s, giving up.",
+ __func__, inet_ntoa(NL_ADDR(lp)));
return 0;
}
new_status.state = NL_STATE(lp);
memcpy(new_status.priv, NL_PRIV(lp), SM_PRIV_SIZE);
- lp->xid = xmit_call(sockfd, &sin, prog, vers, proc, func, objp);
+ lp->xid = xmit_call(&sin, prog, vers, proc, func, objp);
if (!lp->xid) {
- note(N_WARNING, "notify_host: failed to notify %s\n",
- inet_ntoa(lp->addr));
+ note(N_WARNING, "%s: failed to notify port %d",
+ __func__, ntohs(lp->port));
}
NL_TIMES(lp) -= 1;
if (sockfd == -1 || !FD_ISSET(sockfd, rfds))
return 0;
- if (!(lp = recv_rply(sockfd, &sin, &port)))
+ if (!(lp = recv_rply(&sin, &port)))
return 1;
if (lp->port == 0) {
if (port != 0) {
lp->port = htons((unsigned short) port);
- process_entry(sockfd, lp);
+ process_entry(lp);
NL_WHEN(lp) = time(NULL) + NOTIFY_TIMEOUT;
nlist_remove(¬ify, lp);
nlist_insert_timer(¬ify, lp);
return 1;
}
- note(N_WARNING, "recv_rply: [%s] service %d not registered",
- inet_ntoa(lp->addr), NL_MY_PROG(lp));
+ note(N_WARNING, "%s: [%s] service %d not registered",
+ __func__, inet_ntoa(lp->addr), NL_MY_PROG(lp));
} else {
- dprintf(N_DEBUG, "Callback to %s (for %d) succeeded.",
- NL_MY_NAME(lp), NL_MON_NAME(lp));
+ dprintf(N_DEBUG, "%s: Callback to %s (for %d) succeeded.",
+ __func__, NL_MY_NAME(lp), NL_MON_NAME(lp));
}
nlist_free(¬ify, lp);
return 1;
{
notify_list *entry;
time_t now;
- int fd;
-
- if ((fd = statd_get_socket()) < 0)
- return 0;
while ((entry = notify) != NULL && NL_WHEN(entry) < time(&now)) {
- if (process_entry(fd, entry)) {
+ if (process_entry(entry)) {
NL_WHEN(entry) = time(NULL) + NOTIFY_TIMEOUT;
nlist_remove(¬ify, entry);
nlist_insert_timer(¬ify, entry);
} else {
note(N_ERROR,
- "Can't callback %s (%d,%d), giving up.",
+ "%s: Can't callback %s (%d,%d), giving up.",
+ __func__,
NL_MY_NAME(entry),
NL_MY_PROG(entry),
NL_MY_VERS(entry));