* it won't if it's worth its money).
*/
-#include "config.h"
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/time.h>
#include <netinet/in.h>
+#include <net/if.h>
#include <arpa/inet.h>
#include <rpc/rpc.h>
#include <rpc/pmap_prot.h>
#include <netdb.h>
#include <string.h>
#include <unistd.h>
+
#include "sm_inter.h"
#include "statd.h"
#include "notlist.h"
-#include "log.h"
#include "ha-callout.h"
-#define MAXMSGSIZE (2048 / sizeof(unsigned int))
+#include "nsm.h"
+#include "nfsrpc.h"
+
+#if SIZEOF_SOCKLEN_T - 0 == 0
+#define socklen_t int
+#endif
-static unsigned long xid = 0; /* RPC XID counter */
static int sockfd = -1; /* notify socket */
/*
- * Initialize callback socket
+ * Initialize socket used to notify lockd of peer reboots.
+ *
+ * Returns the file descriptor of the new socket if successful;
+ * otherwise returns -1 and logs an error.
+ *
+ * Lockd rejects such requests if the source port is not privileged.
+ * statd_get_socket() must be invoked while statd still holds root
+ * privileges in order for the socket to acquire a privileged source
+ * port.
*/
int
-statd_get_socket(int port)
+statd_get_socket(void)
{
struct sockaddr_in sin;
+ struct servent *se;
+ int loopcnt = 100;
if (sockfd >= 0)
return sockfd;
- if ((sockfd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP)) < 0) {
- note(N_CRIT, "Can't create socket: %m");
- return -1;
- }
+ while (loopcnt-- > 0) {
- FD_SET(sockfd, &SVC_FDSET);
+ if (sockfd >= 0) close(sockfd);
- memset(&sin, 0, sizeof(sin));
- sin.sin_family = AF_INET;
- sin.sin_addr.s_addr = INADDR_ANY;
- /*
- * If a local hostname is given (-n option to statd), bind to the address
- * specified. This is required to support clients that ignore the mon_name in
- * the statd protocol but use the source address from the request packet.
- */
- if (MY_NAME) {
- struct hostent *hp = gethostbyname(MY_NAME);
- if (hp)
- sin.sin_addr = *(struct in_addr *) hp->h_addr;
- }
- if (port != 0) {
- sin.sin_port = htons(port);
- if (bind(sockfd, &sin, sizeof(sin)) == 0)
- goto out_success;
- note(N_CRIT, "statd: failed to bind to outgoing port, %d\n"
- " falling back on randomly chosen port\n", port);
- }
- if (bindresvport(sockfd, &sin) < 0) {
- dprintf(N_WARNING,
- "process_hosts: can't bind to reserved port\n");
- }
-out_success:
- return sockfd;
-}
-
-/*
- * Try to resolve host name for notify/callback request
- *
- * When compiled with RESTRICTED_STATD defined, we expect all
- * host names to be dotted quads. See monitor.c for details. --okir
- */
-#ifdef RESTRICTED_STATD
-static int
-try_to_resolve(notify_list *lp)
-{
- char *hname;
-
- if (NL_TYPE(lp) == NOTIFY_REBOOT)
- hname = NL_MON_NAME(lp);
- else
- hname = NL_MY_NAME(lp);
- if (!inet_aton(hname, &(NL_ADDR(lp)))) {
- note(N_ERROR, "%s is not an dotted-quad address", hname);
- NL_TIMES(lp) = 0;
- return 0;
- }
-
- /* XXX: In order to handle multi-homed hosts, we could do
- * a reverse lookup, a forward lookup, and cycle through
- * all the addresses.
- */
- return 1;
-}
-#else
-static int
-try_to_resolve(notify_list *lp)
-{
- struct hostent *hp;
- char *hname;
-
- if (NL_TYPE(lp) == NOTIFY_REBOOT)
- hname = NL_MON_NAME(lp);
- else
- hname = NL_MY_NAME(lp);
-
- dprintf(N_DEBUG, "Trying to resolve %s.", hname);
- if (!(hp = gethostbyname(hname))) {
- herror("gethostbyname");
- NL_TIMES(lp) -= 1;
- return 0;
- }
-
- if (hp->h_addrtype != AF_INET) {
- note(N_ERROR, "%s is not an AF_INET address", hname);
- NL_TIMES(lp) = 0;
- return 0;
- }
-
- /* FIXME: should try all addresses for multi-homed hosts in
- * alternation because one interface might be down/unreachable. */
- NL_ADDR(lp) = *(struct in_addr *) hp->h_addr;
-
- dprintf(N_DEBUG, "address of %s is %s", hname, inet_ntoa(NL_ADDR(lp)));
- return 1;
-}
-#endif
+ if ((sockfd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP)) < 0) {
+ xlog(L_ERROR, "%s: Can't create socket: %m", __func__);
+ return -1;
+ }
-static unsigned long
-xmit_call(int sockfd, struct sockaddr_in *sin,
- u_int32_t prog, u_int32_t vers, u_int32_t proc,
- xdrproc_t func, void *obj)
-/* __u32 prog, __u32 vers, __u32 proc, xdrproc_t func, void *obj) */
-{
- unsigned int msgbuf[MAXMSGSIZE], msglen;
- struct rpc_msg mesg;
- struct pmap pmap;
- XDR xdr, *xdrs = &xdr;
- int err;
-
- if (!xid)
- xid = getpid() + time(NULL);
-
- mesg.rm_xid = ++xid;
- mesg.rm_direction = CALL;
- mesg.rm_call.cb_rpcvers = 2;
- if (sin->sin_port == 0) {
- sin->sin_port = htons(PMAPPORT);
- mesg.rm_call.cb_prog = PMAPPROG;
- mesg.rm_call.cb_vers = PMAPVERS;
- mesg.rm_call.cb_proc = PMAPPROC_GETPORT;
- pmap.pm_prog = prog;
- pmap.pm_vers = vers;
- pmap.pm_prot = IPPROTO_UDP;
- pmap.pm_port = 0;
- func = (xdrproc_t) xdr_pmap;
- obj = &pmap;
- } else {
- mesg.rm_call.cb_prog = prog;
- mesg.rm_call.cb_vers = vers;
- mesg.rm_call.cb_proc = proc;
- }
- mesg.rm_call.cb_cred.oa_flavor = AUTH_NULL;
- mesg.rm_call.cb_cred.oa_base = (caddr_t) NULL;
- mesg.rm_call.cb_cred.oa_length = 0;
- mesg.rm_call.cb_verf.oa_flavor = AUTH_NULL;
- mesg.rm_call.cb_verf.oa_base = (caddr_t) NULL;
- mesg.rm_call.cb_verf.oa_length = 0;
-
- /* Create XDR memory object for encoding */
- xdrmem_create(xdrs, (caddr_t) msgbuf, sizeof(msgbuf), XDR_ENCODE);
-
- /* Encode the RPC header part and payload */
- if (!xdr_callmsg(xdrs, &mesg) || !func(xdrs, obj)) {
- dprintf(N_WARNING, "xmit_mesg: can't encode RPC message!\n");
- xdr_destroy(xdrs);
- return 0;
- }
- /* Get overall length of datagram */
- msglen = xdr_getpos(xdrs);
+ memset(&sin, 0, sizeof(sin));
+ sin.sin_family = AF_INET;
+ sin.sin_addr.s_addr = INADDR_ANY;
- if ((err = sendto(sockfd, msgbuf, msglen, 0,
- (struct sockaddr *) sin, sizeof(*sin))) < 0) {
- dprintf(N_WARNING, "xmit_mesg: sendto failed: %m");
- } else if (err != msglen) {
- dprintf(N_WARNING, "xmit_mesg: short write: %m\n");
+ if (bindresvport(sockfd, &sin) < 0) {
+ xlog(D_GENERAL, "%s: can't bind to reserved port",
+ __func__);
+ break;
+ }
+ se = getservbyport(sin.sin_port, "udp");
+ if (se == NULL)
+ break;
+ /* rather not use that port, try again */
}
-
- xdr_destroy(xdrs);
-
- return err == msglen? xid : 0;
+ FD_SET(sockfd, &SVC_FDSET);
+ return sockfd;
}
static notify_list *
-recv_rply(int sockfd, struct sockaddr_in *sin, u_long *portp)
+recv_rply(u_long *portp)
{
- unsigned int msgbuf[MAXMSGSIZE], msglen;
- struct rpc_msg mesg;
+ char msgbuf[NSM_MAXMSGSIZE];
+ ssize_t msglen;
notify_list *lp = NULL;
- XDR xdr, *xdrs = &xdr;
- int alen = sizeof(*sin);
-
- /* Receive message */
- if ((msglen = recvfrom(sockfd, msgbuf, sizeof(msgbuf), 0,
- (struct sockaddr *) sin, &alen)) < 0) {
- dprintf(N_WARNING, "recv_rply: recvfrom failed: %m");
+ XDR xdr;
+ struct sockaddr_in sin;
+ socklen_t alen = (socklen_t)sizeof(sin);
+ uint32_t xid;
+
+ memset(msgbuf, 0, sizeof(msgbuf));
+ msglen = recvfrom(sockfd, msgbuf, sizeof(msgbuf), 0,
+ (struct sockaddr *)(char *)&sin, &alen);
+ if (msglen == (ssize_t)-1) {
+ xlog_warn("%s: recvfrom failed: %m", __func__);
return NULL;
}
- /* Create XDR object for decoding buffer */
- xdrmem_create(xdrs, (caddr_t) msgbuf, msglen, XDR_DECODE);
-
- memset(&mesg, 0, sizeof(mesg));
- mesg.rm_reply.rp_acpt.ar_results.where = NULL;
- mesg.rm_reply.rp_acpt.ar_results.proc = (xdrproc_t) xdr_void;
-
- if (!xdr_replymsg(xdrs, &mesg)) {
- note(N_WARNING, "recv_rply: can't decode RPC message!\n");
- goto done;
- }
-
- if (mesg.rm_reply.rp_stat != 0) {
- note(N_WARNING, "recv_rply: [%s] RPC status %d\n",
- inet_ntoa(sin->sin_addr),
- mesg.rm_reply.rp_stat);
- goto done;
- }
- if (mesg.rm_reply.rp_acpt.ar_stat != 0) {
- note(N_WARNING, "recv_rply: [%s] RPC status %d\n",
- inet_ntoa(sin->sin_addr),
- mesg.rm_reply.rp_acpt.ar_stat);
+ memset(&xdr, 0, sizeof(xdr));
+ xdrmem_create(&xdr, msgbuf, (unsigned int)msglen, XDR_DECODE);
+ xid = nsm_parse_reply(&xdr);
+ if (xid == 0)
goto done;
- }
for (lp = notify; lp != NULL; lp = lp->next) {
/* LH - this was a bug... it should have been checking
* the xid from the response message from the client,
* not the static, internal xid */
- if (lp->xid != mesg.rm_xid)
+ if (lp->xid != xid)
continue;
- if (lp->addr.s_addr != sin->sin_addr.s_addr) {
+ if (lp->addr.s_addr != sin.sin_addr.s_addr) {
char addr [18];
strncpy (addr, inet_ntoa(lp->addr),
sizeof (addr) - 1);
addr [sizeof (addr) - 1] = '\0';
- dprintf(N_WARNING, "address mismatch: "
- "expected %s, got %s\n",
- addr, inet_ntoa(sin->sin_addr));
- }
- if (lp->port == 0) {
- if (!xdr_u_long(xdrs, portp)) {
- note(N_WARNING, "recv_rply: [%s] "
- "can't decode reply body!\n",
- inet_ntoa(sin->sin_addr));
- lp = NULL;
- goto done;
- }
+ xlog_warn("%s: address mismatch: "
+ "expected %s, got %s", __func__,
+ addr, inet_ntoa(sin.sin_addr));
}
+ if (lp->port == 0)
+ *portp = nsm_recv_getport(&xdr);
break;
}
done:
- xdr_destroy(xdrs);
+ xdr_destroy(&xdr);
return lp;
}
* Notify operation for a single list entry
*/
static int
-process_entry(int sockfd, notify_list *lp)
+process_entry(notify_list *lp)
{
struct sockaddr_in sin;
- struct status new_status;
- xdrproc_t func;
- void *objp;
- u_int32_t proc, vers, prog;
-/* __u32 proc, vers, prog; */
-
- if (lp->addr.s_addr == INADDR_ANY && !try_to_resolve(lp))
- return NL_TIMES(lp);
+
if (NL_TIMES(lp) == 0) {
- note(N_DEBUG, "Cannot notify %s, giving up.\n",
- inet_ntoa(NL_ADDR(lp)));
+ xlog(D_GENERAL, "%s: Cannot notify %s, giving up",
+ __func__, inet_ntoa(NL_ADDR(lp)));
return 0;
}
sin.sin_port = lp->port;
/* LH - moved address into switch */
- switch (NL_TYPE(lp)) {
- case NOTIFY_REBOOT:
- prog = SM_PROG;
- vers = SM_VERS;
- proc = SM_NOTIFY;
+ /* __FORCE__ loopback for callbacks to lockd ... */
+ /* Just in case we somehow ignored it thus far */
+ sin.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
- /* Use source address for notify replies */
- sin.sin_addr = lp->addr;
+ if (sin.sin_port == 0)
+ lp->xid = nsm_xmit_getport(sockfd, &sin,
+ (rpcprog_t)NL_MY_PROG(lp),
+ (rpcvers_t)NL_MY_VERS(lp));
+ else {
+ struct mon m;
- func = (xdrproc_t) xdr_stat_chge;
- objp = &SM_stat_chge;
- break;
- case NOTIFY_CALLBACK:
- prog = NL_MY_PROG(lp);
- vers = NL_MY_VERS(lp);
- proc = NL_MY_PROC(lp);
-
- /* __FORCE__ loopback for callbacks to lockd ... */
- /* Just in case we somehow ignored it thus far */
- sin.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
-
- func = (xdrproc_t) xdr_status;
- objp = &new_status;
- new_status.mon_name = NL_MON_NAME(lp);
- new_status.state = NL_STATE(lp);
- memcpy(new_status.priv, NL_PRIV(lp), SM_PRIV_SIZE);
- break;
- default:
- note(N_ERROR, "notify_host: unknown notify type %d",
- NL_TYPE(lp));
- return 0;
- }
+ memcpy(m.priv, NL_PRIV(lp), SM_PRIV_SIZE);
+
+ m.mon_id.mon_name = NL_MON_NAME(lp);
+ m.mon_id.my_id.my_name = NULL;
+ m.mon_id.my_id.my_prog = NL_MY_PROG(lp);
+ m.mon_id.my_id.my_vers = NL_MY_VERS(lp);
+ m.mon_id.my_id.my_proc = NL_MY_PROC(lp);
- lp->xid = xmit_call(sockfd, &sin, prog, vers, proc, func, objp);
- if (!lp->xid) {
- note(N_WARNING, "notify_host: failed to notify %s\n",
- inet_ntoa(lp->addr));
+ lp->xid = nsm_xmit_nlmcall(sockfd,
+ (struct sockaddr *)(char *)&sin,
+ (socklen_t)sizeof(sin), &m, NL_STATE(lp));
+ }
+ if (lp->xid == 0) {
+ xlog_warn("%s: failed to notify port %d",
+ __func__, ntohs(lp->port));
}
NL_TIMES(lp) -= 1;
int
process_reply(FD_SET_TYPE *rfds)
{
- struct sockaddr_in sin;
notify_list *lp;
u_long port;
if (sockfd == -1 || !FD_ISSET(sockfd, rfds))
return 0;
- if (!(lp = recv_rply(sockfd, &sin, &port)))
+ if (!(lp = recv_rply(&port)))
return 1;
if (lp->port == 0) {
if (port != 0) {
lp->port = htons((unsigned short) port);
- process_entry(sockfd, lp);
+ process_entry(lp);
NL_WHEN(lp) = time(NULL) + NOTIFY_TIMEOUT;
nlist_remove(¬ify, lp);
nlist_insert_timer(¬ify, lp);
return 1;
}
- note(N_WARNING, "recv_rply: [%s] service %d not registered",
- inet_ntoa(lp->addr),
- NL_TYPE(lp) == NOTIFY_REBOOT? SM_PROG : NL_MY_PROG(lp));
- } else if (NL_TYPE(lp) == NOTIFY_REBOOT) {
- dprintf(N_DEBUG, "Notification of %s succeeded.",
- NL_MON_NAME(lp));
- xunlink(SM_BAK_DIR, NL_MON_NAME(lp), 0);
+ xlog_warn("%s: [%s] service %d not registered",
+ __func__, inet_ntoa(lp->addr), NL_MY_PROG(lp));
} else {
- dprintf(N_DEBUG, "Callback to %s (for %d) succeeded.",
- NL_MY_NAME(lp), NL_MON_NAME(lp));
+ xlog(D_GENERAL, "%s: Callback to %s (for %d) succeeded",
+ __func__, NL_MY_NAME(lp), NL_MON_NAME(lp));
}
nlist_free(¬ify, lp);
return 1;
{
notify_list *entry;
time_t now;
- int fd;
-
- if ((fd = statd_get_socket(0)) < 0)
- return 0;
while ((entry = notify) != NULL && NL_WHEN(entry) < time(&now)) {
- if (process_entry(fd, entry)) {
+ if (process_entry(entry)) {
NL_WHEN(entry) = time(NULL) + NOTIFY_TIMEOUT;
nlist_remove(¬ify, entry);
nlist_insert_timer(¬ify, entry);
- } else if (NL_TYPE(entry) == NOTIFY_CALLBACK) {
- note(N_ERROR,
- "Can't callback %s (%d,%d), giving up.",
+ } else {
+ xlog(L_ERROR,
+ "%s: Can't callback %s (%d,%d), giving up",
+ __func__,
NL_MY_NAME(entry),
NL_MY_PROG(entry),
NL_MY_VERS(entry));
nlist_free(¬ify, entry);
- } else {
- note(N_ERROR,
- "Can't notify %s, giving up.",
- NL_MON_NAME(entry));
- /* PRC: do the HA callout */
- ha_callout("del-client", NL_MON_NAME(entry), NL_MY_NAME(entry), -1);
- xunlink(SM_BAK_DIR, NL_MON_NAME(entry), 0);
- nlist_free(¬ify, entry);
}
}