* it won't if it's worth its money).
*/
-#include "config.h"
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/time.h>
#include <netinet/in.h>
+#include <net/if.h>
#include <arpa/inet.h>
#include <rpc/rpc.h>
#include <rpc/pmap_prot.h>
#include <netdb.h>
#include <string.h>
#include <unistd.h>
+#ifdef HAVE_IFADDRS_H
+#include <ifaddrs.h>
+#endif /* HAVE_IFADDRS_H */
#include "sm_inter.h"
#include "statd.h"
#include "notlist.h"
#include "log.h"
#include "ha-callout.h"
+#if SIZEOF_SOCKLEN_T - 0 == 0
+#define socklen_t int
+#endif
+
#define MAXMSGSIZE (2048 / sizeof(unsigned int))
static unsigned long xid = 0; /* RPC XID counter */
static int sockfd = -1; /* notify socket */
/*
- * Initialize callback socket
+ * Initialize socket used to notify lockd of peer reboots.
+ *
+ * Returns the file descriptor of the new socket if successful;
+ * otherwise returns -1 and logs an error.
+ *
+ * Lockd rejects such requests if the source port is not privileged.
+ * statd_get_socket() must be invoked while statd still holds root
+ * privileges in order for the socket to acquire a privileged source
+ * port.
*/
int
-statd_get_socket(int port)
+statd_get_socket(void)
{
struct sockaddr_in sin;
+ struct servent *se;
+ int loopcnt = 100;
if (sockfd >= 0)
return sockfd;
- if ((sockfd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP)) < 0) {
- note(N_CRIT, "Can't create socket: %m");
- return -1;
- }
+ while (loopcnt-- > 0) {
- FD_SET(sockfd, &SVC_FDSET);
+ if (sockfd >= 0) close(sockfd);
- memset(&sin, 0, sizeof(sin));
- sin.sin_family = AF_INET;
- sin.sin_addr.s_addr = INADDR_ANY;
- /*
- * If a local hostname is given (-n option to statd), bind to the address
- * specified. This is required to support clients that ignore the mon_name in
- * the statd protocol but use the source address from the request packet.
- */
- if (MY_NAME) {
- struct hostent *hp = gethostbyname(MY_NAME);
- if (hp)
- sin.sin_addr = *(struct in_addr *) hp->h_addr;
- }
- if (port != 0) {
- sin.sin_port = htons(port);
- if (bind(sockfd, &sin, sizeof(sin)) == 0)
- goto out_success;
- note(N_CRIT, "statd: failed to bind to outgoing port, %d\n"
- " falling back on randomly chosen port\n", port);
- }
- if (bindresvport(sockfd, &sin) < 0) {
- dprintf(N_WARNING,
- "process_hosts: can't bind to reserved port\n");
- }
-out_success:
- return sockfd;
-}
+ if ((sockfd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP)) < 0) {
+ note(N_CRIT, "%s: Can't create socket: %m", __func__);
+ return -1;
+ }
-/*
- * Try to resolve host name for notify/callback request
- *
- * When compiled with RESTRICTED_STATD defined, we expect all
- * host names to be dotted quads. See monitor.c for details. --okir
- */
-#ifdef RESTRICTED_STATD
-static int
-try_to_resolve(notify_list *lp)
-{
- char *hname;
-
- if (NL_TYPE(lp) == NOTIFY_REBOOT)
- hname = NL_MON_NAME(lp);
- else
- hname = NL_MY_NAME(lp);
- if (!inet_aton(hname, &(NL_ADDR(lp)))) {
- note(N_ERROR, "%s is not an dotted-quad address", hname);
- NL_TIMES(lp) = 0;
- return 0;
- }
- /* XXX: In order to handle multi-homed hosts, we could do
- * a reverse lookup, a forward lookup, and cycle through
- * all the addresses.
- */
- return 1;
-}
-#else
-static int
-try_to_resolve(notify_list *lp)
-{
- struct hostent *hp;
- char *hname;
-
- if (NL_TYPE(lp) == NOTIFY_REBOOT)
- hname = NL_MON_NAME(lp);
- else
- hname = NL_MY_NAME(lp);
-
- dprintf(N_DEBUG, "Trying to resolve %s.", hname);
- if (!(hp = gethostbyname(hname))) {
- herror("gethostbyname");
- NL_TIMES(lp) -= 1;
- return 0;
- }
+ memset(&sin, 0, sizeof(sin));
+ sin.sin_family = AF_INET;
+ sin.sin_addr.s_addr = INADDR_ANY;
- if (hp->h_addrtype != AF_INET) {
- note(N_ERROR, "%s is not an AF_INET address", hname);
- NL_TIMES(lp) = 0;
- return 0;
+ if (bindresvport(sockfd, &sin) < 0) {
+ dprintf(N_WARNING, "%s: can't bind to reserved port",
+ __func__);
+ break;
+ }
+ se = getservbyport(sin.sin_port, "udp");
+ if (se == NULL)
+ break;
+ /* rather not use that port, try again */
}
-
- /* FIXME: should try all addresses for multi-homed hosts in
- * alternation because one interface might be down/unreachable. */
- NL_ADDR(lp) = *(struct in_addr *) hp->h_addr;
-
- dprintf(N_DEBUG, "address of %s is %s", hname, inet_ntoa(NL_ADDR(lp)));
- return 1;
+ FD_SET(sockfd, &SVC_FDSET);
+ return sockfd;
}
-#endif
static unsigned long
-xmit_call(int sockfd, struct sockaddr_in *sin,
+xmit_call(struct sockaddr_in *sin,
u_int32_t prog, u_int32_t vers, u_int32_t proc,
xdrproc_t func, void *obj)
/* __u32 prog, __u32 vers, __u32 proc, xdrproc_t func, void *obj) */
/* Encode the RPC header part and payload */
if (!xdr_callmsg(xdrs, &mesg) || !func(xdrs, obj)) {
- dprintf(N_WARNING, "xmit_mesg: can't encode RPC message!\n");
+ dprintf(N_WARNING, "%s: can't encode RPC message!", __func__);
xdr_destroy(xdrs);
return 0;
}
if ((err = sendto(sockfd, msgbuf, msglen, 0,
(struct sockaddr *) sin, sizeof(*sin))) < 0) {
- dprintf(N_WARNING, "xmit_mesg: sendto failed: %m");
+ dprintf(N_WARNING, "%s: sendto failed: %m", __func__);
} else if (err != msglen) {
- dprintf(N_WARNING, "xmit_mesg: short write: %m\n");
+ dprintf(N_WARNING, "%s: short write: %m", __func__);
}
xdr_destroy(xdrs);
}
static notify_list *
-recv_rply(int sockfd, struct sockaddr_in *sin, u_long *portp)
+recv_rply(struct sockaddr_in *sin, u_long *portp)
{
unsigned int msgbuf[MAXMSGSIZE], msglen;
struct rpc_msg mesg;
notify_list *lp = NULL;
XDR xdr, *xdrs = &xdr;
- int alen = sizeof(*sin);
+ socklen_t alen = sizeof(*sin);
/* Receive message */
if ((msglen = recvfrom(sockfd, msgbuf, sizeof(msgbuf), 0,
(struct sockaddr *) sin, &alen)) < 0) {
- dprintf(N_WARNING, "recv_rply: recvfrom failed: %m");
+ dprintf(N_WARNING, "%s: recvfrom failed: %m", __func__);
return NULL;
}
mesg.rm_reply.rp_acpt.ar_results.proc = (xdrproc_t) xdr_void;
if (!xdr_replymsg(xdrs, &mesg)) {
- note(N_WARNING, "recv_rply: can't decode RPC message!\n");
+ note(N_WARNING, "%s: can't decode RPC message!", __func__);
goto done;
}
if (mesg.rm_reply.rp_stat != 0) {
- note(N_WARNING, "recv_rply: [%s] RPC status %d\n",
+ note(N_WARNING, "%s: [%s] RPC status %d",
+ __func__,
inet_ntoa(sin->sin_addr),
mesg.rm_reply.rp_stat);
goto done;
}
if (mesg.rm_reply.rp_acpt.ar_stat != 0) {
- note(N_WARNING, "recv_rply: [%s] RPC status %d\n",
+ note(N_WARNING, "%s: [%s] RPC status %d",
+ __func__,
inet_ntoa(sin->sin_addr),
mesg.rm_reply.rp_acpt.ar_stat);
goto done;
strncpy (addr, inet_ntoa(lp->addr),
sizeof (addr) - 1);
addr [sizeof (addr) - 1] = '\0';
- dprintf(N_WARNING, "address mismatch: "
- "expected %s, got %s\n",
+ dprintf(N_WARNING, "%s: address mismatch: "
+ "expected %s, got %s", __func__,
addr, inet_ntoa(sin->sin_addr));
}
if (lp->port == 0) {
if (!xdr_u_long(xdrs, portp)) {
- note(N_WARNING, "recv_rply: [%s] "
- "can't decode reply body!\n",
+ note(N_WARNING,
+ "%s: [%s] can't decode reply body!",
+ __func__,
inet_ntoa(sin->sin_addr));
lp = NULL;
goto done;
* Notify operation for a single list entry
*/
static int
-process_entry(int sockfd, notify_list *lp)
+process_entry(notify_list *lp)
{
struct sockaddr_in sin;
struct status new_status;
u_int32_t proc, vers, prog;
/* __u32 proc, vers, prog; */
- if (lp->addr.s_addr == INADDR_ANY && !try_to_resolve(lp))
- return NL_TIMES(lp);
if (NL_TIMES(lp) == 0) {
- note(N_DEBUG, "Cannot notify %s, giving up.\n",
- inet_ntoa(NL_ADDR(lp)));
+ note(N_DEBUG, "%s: Cannot notify %s, giving up.",
+ __func__, inet_ntoa(NL_ADDR(lp)));
return 0;
}
sin.sin_port = lp->port;
/* LH - moved address into switch */
- switch (NL_TYPE(lp)) {
- case NOTIFY_REBOOT:
- prog = SM_PROG;
- vers = SM_VERS;
- proc = SM_NOTIFY;
+ prog = NL_MY_PROG(lp);
+ vers = NL_MY_VERS(lp);
+ proc = NL_MY_PROC(lp);
- /* Use source address for notify replies */
- sin.sin_addr = lp->addr;
+ /* __FORCE__ loopback for callbacks to lockd ... */
+ /* Just in case we somehow ignored it thus far */
+ sin.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
- func = (xdrproc_t) xdr_stat_chge;
- objp = &SM_stat_chge;
- break;
- case NOTIFY_CALLBACK:
- prog = NL_MY_PROG(lp);
- vers = NL_MY_VERS(lp);
- proc = NL_MY_PROC(lp);
-
- /* __FORCE__ loopback for callbacks to lockd ... */
- /* Just in case we somehow ignored it thus far */
- sin.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
-
- func = (xdrproc_t) xdr_status;
- objp = &new_status;
- new_status.mon_name = NL_MON_NAME(lp);
- new_status.state = NL_STATE(lp);
- memcpy(new_status.priv, NL_PRIV(lp), SM_PRIV_SIZE);
- break;
- default:
- note(N_ERROR, "notify_host: unknown notify type %d",
- NL_TYPE(lp));
- return 0;
- }
+ func = (xdrproc_t) xdr_status;
+ objp = &new_status;
+ new_status.mon_name = NL_MON_NAME(lp);
+ new_status.state = NL_STATE(lp);
+ memcpy(new_status.priv, NL_PRIV(lp), SM_PRIV_SIZE);
- lp->xid = xmit_call(sockfd, &sin, prog, vers, proc, func, objp);
+ lp->xid = xmit_call(&sin, prog, vers, proc, func, objp);
if (!lp->xid) {
- note(N_WARNING, "notify_host: failed to notify %s\n",
- inet_ntoa(lp->addr));
+ note(N_WARNING, "%s: failed to notify port %d",
+ __func__, ntohs(lp->port));
}
NL_TIMES(lp) -= 1;
if (sockfd == -1 || !FD_ISSET(sockfd, rfds))
return 0;
- if (!(lp = recv_rply(sockfd, &sin, &port)))
+ if (!(lp = recv_rply(&sin, &port)))
return 1;
if (lp->port == 0) {
if (port != 0) {
lp->port = htons((unsigned short) port);
- process_entry(sockfd, lp);
+ process_entry(lp);
NL_WHEN(lp) = time(NULL) + NOTIFY_TIMEOUT;
nlist_remove(¬ify, lp);
nlist_insert_timer(¬ify, lp);
return 1;
}
- note(N_WARNING, "recv_rply: [%s] service %d not registered",
- inet_ntoa(lp->addr),
- NL_TYPE(lp) == NOTIFY_REBOOT? SM_PROG : NL_MY_PROG(lp));
- } else if (NL_TYPE(lp) == NOTIFY_REBOOT) {
- dprintf(N_DEBUG, "Notification of %s succeeded.",
- NL_MON_NAME(lp));
- xunlink(SM_BAK_DIR, NL_MON_NAME(lp), 0);
+ note(N_WARNING, "%s: [%s] service %d not registered",
+ __func__, inet_ntoa(lp->addr), NL_MY_PROG(lp));
} else {
- dprintf(N_DEBUG, "Callback to %s (for %d) succeeded.",
- NL_MY_NAME(lp), NL_MON_NAME(lp));
+ dprintf(N_DEBUG, "%s: Callback to %s (for %d) succeeded.",
+ __func__, NL_MY_NAME(lp), NL_MON_NAME(lp));
}
nlist_free(¬ify, lp);
return 1;
{
notify_list *entry;
time_t now;
- int fd;
-
- if ((fd = statd_get_socket(0)) < 0)
- return 0;
while ((entry = notify) != NULL && NL_WHEN(entry) < time(&now)) {
- if (process_entry(fd, entry)) {
+ if (process_entry(entry)) {
NL_WHEN(entry) = time(NULL) + NOTIFY_TIMEOUT;
nlist_remove(¬ify, entry);
nlist_insert_timer(¬ify, entry);
- } else if (NL_TYPE(entry) == NOTIFY_CALLBACK) {
+ } else {
note(N_ERROR,
- "Can't callback %s (%d,%d), giving up.",
+ "%s: Can't callback %s (%d,%d), giving up.",
+ __func__,
NL_MY_NAME(entry),
NL_MY_PROG(entry),
NL_MY_VERS(entry));
nlist_free(¬ify, entry);
- } else {
- note(N_ERROR,
- "Can't notify %s, giving up.",
- NL_MON_NAME(entry));
- /* PRC: do the HA callout */
- ha_callout("del-client", NL_MON_NAME(entry), NL_MY_NAME(entry), -1);
- xunlink(SM_BAK_DIR, NL_MON_NAME(entry), 0);
- nlist_free(¬ify, entry);
}
}