#include <errno.h>
#include <arpa/inet.h>
#include <dirent.h>
-#include "misc.h"
+
+#include "sockaddr.h"
+#include "rpcmisc.h"
+#include "nsm.h"
#include "statd.h"
#include "notlist.h"
#include "ha-callout.h"
notify_list * rtnl = NULL; /* Run-time notify list. */
-#define LINELEN (4*(8+1)+SM_PRIV_SIZE*2+1)
-
-#ifdef RESTRICTED_STATD
/*
* Reject requests from non-loopback addresses in order
* to prevent attack described in CERT CA-99.05.
+ *
+ * Although the kernel contacts the statd service via only IPv4
+ * transports, the statd service can receive other requests, such
+ * as SM_NOTIFY, from remote peers via IPv6.
*/
-static int
-caller_is_localhost(struct svc_req *rqstp)
-{
- struct in_addr caller;
-
- caller = svc_getcaller(rqstp->rq_xprt)->sin_addr;
- if (caller.s_addr != htonl(INADDR_LOOPBACK)) {
- note(N_WARNING,
- "Call to statd from non-local host %s",
- inet_ntoa(caller));
- return 0;
- }
- return 1;
-}
-#else /* RESTRICTED_STATD */
-/*
- * No restrictions for remote callers.
- */
-static int
+static _Bool
caller_is_localhost(struct svc_req *rqstp)
{
- return 1;
+ struct sockaddr *sap = nfs_getrpccaller(rqstp->rq_xprt);
+ char buf[INET6_ADDRSTRLEN];
+
+ if (!nfs_is_v4_loopback(sap))
+ goto out_nonlocal;
+ return true;
+
+out_nonlocal:
+ if (!statd_present_address(sap, buf, sizeof(buf)))
+ buf[0] = '\0';
+ xlog_warn("SM_MON/SM_UNMON call from non-local host %s", buf);
+ return false;
}
-#endif /* RESTRICTED_STATD */
/*
* Services SM_MON requests.
char *mon_name = argp->mon_id.mon_name,
*my_name = argp->mon_id.my_id.my_name;
struct my_id *id = &argp->mon_id.my_id;
- char *path;
char *cp;
- int fd;
notify_list *clnt;
- struct in_addr my_addr;
- char *dnsname;
- struct hostent *hostinfo = NULL;
+ struct sockaddr_in my_addr = {
+ .sin_family = AF_INET,
+ .sin_addr.s_addr = htonl(INADDR_LOOPBACK),
+ };
+ char *dnsname = NULL;
+
+ xlog(D_CALL, "Received SM_MON for %s from %s", mon_name, my_name);
/* Assume that we'll fail. */
result.res_stat = STAT_FAIL;
result.state = -1; /* State is undefined for STAT_FAIL. */
-#ifdef RESTRICTED_STATD
/* 1. Reject any remote callers.
* Ignore the my_name specified by the caller, and
* use "127.0.0.1" instead.
*/
if (!caller_is_localhost(rqstp))
goto failure;
- my_addr.s_addr = htonl(INADDR_LOOPBACK);
/* 2. Reject any registrations for non-lockd services.
*
if (id->my_prog != 100021 ||
(id->my_proc != 16 && id->my_proc != 24))
{
- note(N_WARNING,
- "Attempt to register callback to %d/%d",
+ xlog_warn("Attempt to register callback to %d/%d",
id->my_prog, id->my_proc);
goto failure;
}
-#if 0
- This is not usable anymore. Linux-kernel can be configured to use
- host names with NSM so that multi-homed hosts are handled properly.
- NeilBrown 15mar2007
-
- /* 3. mon_name must be an address in dotted quad.
- * Again, specific to the linux kernel lockd.
- */
- if (!inet_aton(mon_name, &mon_addr)) {
- note(N_WARNING,
- "Attempt to register host %s (not a dotted quad)",
- mon_name);
- goto failure;
- }
-#endif
-#else
- if (!(hostinfo = gethostbyname(my_name))) {
- note(N_WARNING, "gethostbyname error for %s", my_name);
- goto failure;
- } else
- my_addr = *(struct in_addr *) hostinfo->h_addr;
-#endif
/*
* Check hostnames. If I can't look them up, I won't monitor. This
* might not be legal, but it adds a little bit of safety and sanity.
/* must check for /'s in hostname! See CERT's CA-96.09 for details. */
if (strchr(mon_name, '/') || mon_name[0] == '.') {
- note(N_CRIT, "SM_MON request for hostname containing '/' "
+ xlog(L_ERROR, "SM_MON request for hostname containing '/' "
"or starting '.': %s", mon_name);
- note(N_CRIT, "POSSIBLE SPOOF/ATTACK ATTEMPT!");
- goto failure;
- } else if ((hostinfo = gethostbyname(mon_name)) == NULL) {
- note(N_WARNING, "gethostbyname error for %s", mon_name);
+ xlog(L_ERROR, "POSSIBLE SPOOF/ATTACK ATTEMPT!");
goto failure;
}
* Now choose a hostname to use for matching. We cannot
* really trust much in the incoming NOTIFY, so to make
* sure that multi-homed hosts work nicely, we get an
- * FQDN now, and use that for matching
+ * FQDN now, and use that for matching.
*/
- hostinfo = gethostbyaddr(hostinfo->h_addr,
- hostinfo->h_length,
- hostinfo->h_addrtype);
- if (hostinfo)
- dnsname = xstrdup(hostinfo->h_name);
- else
- dnsname = xstrdup(my_name);
+ dnsname = statd_canonical_name(mon_name);
+ if (dnsname == NULL) {
+ xlog(L_WARNING, "No canonical hostname found for %s", mon_name);
+ goto failure;
+ }
/* Now check to see if this is a duplicate, and warn if so.
* I will also return STAT_FAIL. (I *think* this is how I should
clnt = rtnl;
while ((clnt = nlist_gethost(clnt, mon_name, 0))) {
- if (matchhostname(NL_MY_NAME(clnt), my_name) &&
+ if (statd_matchhostname(NL_MY_NAME(clnt), my_name) &&
NL_MY_PROC(clnt) == id->my_proc &&
NL_MY_PROG(clnt) == id->my_prog &&
NL_MY_VERS(clnt) == id->my_vers &&
memcmp(NL_PRIV(clnt), argp->priv, SM_PRIV_SIZE) == 0) {
/* Hey! We already know you guys! */
- dprintf(N_DEBUG,
+ xlog(D_GENERAL,
"Duplicate SM_MON request for %s "
"from procedure on %s",
mon_name, my_name);
/* But we'll let you pass anyway. */
+ free(dnsname);
goto success;
}
clnt = NL_NEXT(clnt);
* doesn't fail. (I should probably fix this assumption.)
*/
if (!(clnt = nlist_new(my_name, mon_name, 0))) {
- note(N_WARNING, "out of memory");
+ free(dnsname);
+ xlog_warn("out of memory");
goto failure;
}
- NL_ADDR(clnt) = my_addr;
NL_MY_PROG(clnt) = id->my_prog;
NL_MY_VERS(clnt) = id->my_vers;
NL_MY_PROC(clnt) = id->my_proc;
/*
* Now, Create file on stable storage for host.
*/
-
- path=xmalloc(strlen(SM_DIR)+strlen(dnsname)+2);
- sprintf(path, "%s/%s", SM_DIR, dnsname);
- if ((fd = open(path, O_WRONLY|O_SYNC|O_CREAT|O_APPEND,
- S_IRUSR|S_IWUSR)) < 0) {
- /* Didn't fly. We won't monitor. */
- note(N_ERROR, "creat(%s) failed: %s", path, strerror (errno));
+ if (!nsm_insert_monitored_host(dnsname,
+ (struct sockaddr *)(char *)&my_addr, argp)) {
nlist_free(NULL, clnt);
- free(path);
goto failure;
}
- {
- char buf[LINELEN + 1 + SM_MAXSTRLEN*2 + 4];
- char *e;
- int i;
- e = buf + sprintf(buf, "%08x %08x %08x %08x ",
- my_addr.s_addr, id->my_prog,
- id->my_vers, id->my_proc);
- for (i=0; i<SM_PRIV_SIZE; i++)
- e += sprintf(e, "%02x", 0xff & (argp->priv[i]));
- if (e+1-buf != LINELEN) abort();
- e += sprintf(e, " %s %s\n", mon_name, my_name);
- write(fd, buf, e-buf);
- }
- free(path);
/* PRC: do the HA callout: */
ha_callout("add-client", mon_name, my_name, -1);
nlist_insert(&rtnl, clnt);
- close(fd);
- dprintf(N_DEBUG, "MONITORING %s for %s", mon_name, my_name);
+ xlog(D_GENERAL, "MONITORING %s for %s", mon_name, my_name);
success:
result.res_stat = STAT_SUCC;
/* SUN's sm_inter.x says this should be "state number of local site".
return (&result);
failure:
- note(N_WARNING, "STAT_FAIL to %s for SM_MON of %s", my_name, mon_name);
+ xlog_warn("STAT_FAIL to %s for SM_MON of %s", my_name, mon_name);
return (&result);
}
-void load_state(void)
+static unsigned int
+load_one_host(const char *hostname,
+ __attribute__ ((unused)) const struct sockaddr *sap,
+ const struct mon *m,
+ __attribute__ ((unused)) const time_t timestamp)
{
- DIR *d;
- struct dirent *de;
- char buf[LINELEN + 1 + SM_MAXSTRLEN + 2];
-
- d = opendir(SM_DIR);
- if (!d)
- return;
- while ((de = readdir(d))) {
- char *path;
- FILE *f;
- int p;
-
- if (de->d_name[0] == '.')
- continue;
- path = xmalloc(strlen(SM_DIR)+strlen(de->d_name)+2);
- sprintf(path, "%s/%s", SM_DIR, de->d_name);
- f = fopen(path, "r");
- free(path);
- if (f == NULL)
- continue;
- while (fgets(buf, sizeof(buf), f) != NULL) {
- int addr, proc, prog, vers;
- char priv[SM_PRIV_SIZE];
- char *monname, *myname;
- char *b;
- int i;
- notify_list *clnt;
-
- buf[sizeof(buf)-1] = 0;
- b = strchr(buf, '\n');
- if (b) *b = 0;
- sscanf(buf, "%x %x %x %x ",
- &addr, &prog, &vers, &proc);
- b = buf+36;
- for (i=0; i<SM_PRIV_SIZE; i++) {
- sscanf(b, "%2x", &p);
- priv[i] = p;
- b += 2;
- }
- b++;
- monname = b;
- while (*b && *b != ' ') b++;
- if (*b) *b++ = '\0';
- while (*b == ' ') b++;
- myname = b;
- clnt = nlist_new(myname, monname, 0);
- if (!clnt)
- break;
- NL_ADDR(clnt).s_addr = addr;
- NL_MY_PROG(clnt) = prog;
- NL_MY_VERS(clnt) = vers;
- NL_MY_PROC(clnt) = proc;
- clnt->dns_name = xstrdup(de->d_name);
- memcpy(NL_PRIV(clnt), priv, SM_PRIV_SIZE);
- nlist_insert(&rtnl, clnt);
- }
- fclose(f);
+ notify_list *clnt;
+
+ clnt = nlist_new(m->mon_id.my_id.my_name,
+ m->mon_id.mon_name, 0);
+ if (clnt == NULL)
+ return 0;
+
+ clnt->dns_name = strdup(hostname);
+ if (clnt->dns_name == NULL) {
+ nlist_free(NULL, clnt);
+ return 0;
}
- closedir(d);
-}
+ xlog(D_GENERAL, "Adding record for %s to the monitor list...",
+ hostname);
+ NL_MY_PROG(clnt) = m->mon_id.my_id.my_prog;
+ NL_MY_VERS(clnt) = m->mon_id.my_id.my_vers;
+ NL_MY_PROC(clnt) = m->mon_id.my_id.my_proc;
+ memcpy(NL_PRIV(clnt), m->priv, SM_PRIV_SIZE);
+ nlist_insert(&rtnl, clnt);
+ return 1;
+}
+
+void load_state(void)
+{
+ unsigned int count;
+
+ count = nsm_load_monitor_list(load_one_host);
+ if (count)
+ xlog(D_GENERAL, "Loaded %u previously monitored hosts");
+}
/*
* Services SM_UNMON requests.
struct my_id *id = &argp->my_id;
char *cp;
+ xlog(D_CALL, "Received SM_UNMON for %s from %s", mon_name, my_name);
+
result.state = MY_STATE;
if (!caller_is_localhost(rqstp))
/* Check if we're monitoring anyone. */
- if (!(clnt = rtnl)) {
- note(N_WARNING,
- "Received SM_UNMON request from %s for %s while not "
- "monitoring any hosts.", my_name, argp->mon_name);
+ if (rtnl == NULL) {
+ xlog_warn("Received SM_UNMON request from %s for %s while not "
+ "monitoring any hosts", my_name, argp->mon_name);
return (&result);
}
+ clnt = rtnl;
/*
* OK, we are. Now look for appropriate entry in run-time list.
* entry winds up in the list the way I'm currently handling them.)
*/
while ((clnt = nlist_gethost(clnt, mon_name, 0))) {
- if (matchhostname(NL_MY_NAME(clnt), my_name) &&
+ if (statd_matchhostname(NL_MY_NAME(clnt), my_name) &&
NL_MY_PROC(clnt) == id->my_proc &&
NL_MY_PROG(clnt) == id->my_prog &&
NL_MY_VERS(clnt) == id->my_vers) {
/* Match! */
- dprintf(N_DEBUG, "UNMONITORING %s for %s",
+ xlog(D_GENERAL, "UNMONITORING %s for %s",
mon_name, my_name);
/* PRC: do the HA callout: */
ha_callout("del-client", mon_name, my_name, -1);
- xunlink(SM_DIR, clnt->dns_name, 1);
+ nsm_delete_monitored_host(clnt->dns_name,
+ mon_name, my_name);
nlist_free(&rtnl, clnt);
return (&result);
}
failure:
- note(N_WARNING, "Received erroneous SM_UNMON request from %s for %s",
+ xlog_warn("Received erroneous SM_UNMON request from %s for %s",
my_name, mon_name);
return (&result);
}
notify_list *clnt;
char *my_name = argp->my_name;
+ xlog(D_CALL, "Received SM_UNMON_ALL for %s", my_name);
+
if (!caller_is_localhost(rqstp))
goto failure;
result.state = MY_STATE;
- if (!(clnt = rtnl)) {
- note(N_WARNING, "Received SM_UNMON_ALL request from %s "
+ if (rtnl == NULL) {
+ xlog_warn("Received SM_UNMON_ALL request from %s "
"while not monitoring any hosts", my_name);
return (&result);
}
+ clnt = rtnl;
while ((clnt = nlist_gethost(clnt, my_name, 1))) {
if (NL_MY_PROC(clnt) == argp->my_proc &&
char mon_name[SM_MAXSTRLEN + 1];
notify_list *temp;
- dprintf(N_DEBUG,
+ xlog(D_GENERAL,
"UNMONITORING (SM_UNMON_ALL) %s for %s",
NL_MON_NAME(clnt), NL_MY_NAME(clnt));
strncpy(mon_name, NL_MON_NAME(clnt),
temp = NL_NEXT(clnt);
/* PRC: do the HA callout: */
ha_callout("del-client", mon_name, my_name, -1);
- xunlink(SM_DIR, clnt->dns_name, 1);
+ nsm_delete_monitored_host(clnt->dns_name,
+ mon_name, my_name);
nlist_free(&rtnl, clnt);
++count;
clnt = temp;
}
if (!count) {
- dprintf(N_DEBUG, "SM_UNMON_ALL request from %s with no "
- "SM_MON requests from it.", my_name);
+ xlog(D_GENERAL, "SM_UNMON_ALL request from %s with no "
+ "SM_MON requests from it", my_name);
}
failure: