2 * support/export/client.c
4 * Maintain list of nfsd clients.
6 * Copyright (C) 1995, 1996 Olaf Kirch <okir@monad.swb.de>
13 #include <sys/types.h>
14 #include <netinet/in.h>
15 #include <arpa/inet.h>
27 /* netgroup stuff never seems to be defined in any header file. Linux is
30 #if !defined(__GLIBC__) || __GLIBC__ < 2
31 extern int innetgr(char *netgr, char *host, char *, char *);
34 static char *add_name(char *old, const char *add);
36 nfs_client *clientlist[MCL_MAXTYPES] = { NULL, };
40 init_addrlist(nfs_client *clp, const struct addrinfo *ai)
47 for (i = 0; (ai != NULL) && (i < NFSCLNT_ADDRMAX); i++) {
48 set_addrlist(clp, i, ai->ai_addr);
56 client_free(nfs_client *clp)
58 free(clp->m_hostname);
63 init_netmask(nfs_client *clp, const char *slash, const sa_family_t family)
65 struct sockaddr_in sin = {
66 .sin_family = AF_INET,
68 unsigned long prefixlen;
71 struct sockaddr_in6 sin6 = {
72 .sin6_family = AF_INET6,
77 /* No slash present; assume netmask is all ones */
94 /* A spelled out netmask address, perhaps? */
95 if (strchr(slash + 1, '.') != NULL) {
96 if (inet_pton(AF_INET, slash + 1,
97 &sin.sin_addr.s_addr) == 0)
99 set_addrlist_in(clp, 1, &sin);
102 #ifdef IPV6_SUPPORTED
103 if (strchr(slash + 1, ':')) {
104 if (!inet_pton(AF_INET6, slash + 1, &sin6.sin6_addr))
106 set_addrlist_in6(clp, 1, &sin6);
111 /* A prefixlen was given */
112 prefixlen = strtoul(slash + 1, &endptr, 10);
113 if (*endptr != '\0' && prefixlen != ULONG_MAX && errno != ERANGE)
121 shift = 32 - (uint32_t)prefixlen;
122 sin.sin_addr.s_addr = htonl((uint32_t)~0 << shift);
123 set_addrlist_in(clp, 1, &sin);
125 #ifdef IPV6_SUPPORTED
129 for (i = 0; prefixlen > 32; i++) {
130 sin6.sin6_addr.s6_addr32[i] = 0xffffffff;
133 shift = 32 - (uint32_t)prefixlen;
134 sin6.sin6_addr.s6_addr32[i] = htonl((uint32_t)~0 << shift);
135 set_addrlist_in6(clp, 1, &sin6);
141 xlog(L_ERROR, "Unsupported address family for %s", clp->m_hostname);
145 xlog(L_ERROR, "Invalid netmask `%s' for %s", slash + 1, clp->m_hostname);
149 xlog(L_ERROR, "Invalid prefix `%s' for %s", slash + 1, clp->m_hostname);
154 init_subnetwork(nfs_client *clp)
160 slash = strchr(clp->m_hostname, '/');
163 ai = host_pton(clp->m_hostname);
166 ai = host_pton(clp->m_hostname);
168 xlog(L_ERROR, "Invalid IP address %s", clp->m_hostname);
172 set_addrlist(clp, 0, ai->ai_addr);
173 family = ai->ai_addr->sa_family;
177 return init_netmask(clp, slash, family);
181 client_init(nfs_client *clp, const char *hname, const struct addrinfo *ai)
183 clp->m_hostname = strdup(hname);
184 if (clp->m_hostname == NULL)
191 if (clp->m_type == MCL_SUBNETWORK)
192 return init_subnetwork(clp);
194 init_addrlist(clp, ai);
199 client_add(nfs_client *clp)
203 cpp = &clientlist[clp->m_type];
205 cpp = &((*cpp)->m_next);
211 * client_lookup - look for @hname in our list of cached nfs_clients
212 * @hname: '\0'-terminated ASCII string containing hostname to look for
213 * @canonical: if set, @hname is known to be canonical DNS name
215 * Returns pointer to a matching or freshly created nfs_client. NULL
216 * is returned if some problem occurs.
219 client_lookup(char *hname, int canonical)
221 nfs_client *clp = NULL;
223 struct addrinfo *ai = NULL;
225 htype = client_gettype(hname);
227 if (htype == MCL_FQDN && !canonical) {
228 ai = host_addrinfo(hname);
230 xlog(L_ERROR, "Failed to resolve %s", hname);
233 hname = ai->ai_canonname;
235 for (clp = clientlist[htype]; clp; clp = clp->m_next)
236 if (client_check(clp, ai))
239 for (clp = clientlist[htype]; clp; clp = clp->m_next) {
240 if (strcasecmp(hname, clp->m_hostname)==0)
246 clp = calloc(1, sizeof(*clp));
250 if (!client_init(clp, hname, NULL)) {
258 if (htype == MCL_FQDN && clp->m_naddr == 0)
259 init_addrlist(clp, ai);
267 * client_dup - create a copy of an nfs_client
268 * @clp: pointer to nfs_client to copy
269 * @ai: pointer to addrinfo used to initialize the new client's addrlist
271 * Returns a dynamically allocated nfs_client if successful, or
272 * NULL if some problem occurs. Caller must free the returned
273 * nfs_client with free(3).
276 client_dup(const nfs_client *clp, const struct addrinfo *ai)
280 new = (nfs_client *)malloc(sizeof(*new));
283 memcpy(new, clp, sizeof(*new));
284 new->m_type = MCL_FQDN;
285 new->m_hostname = NULL;
287 if (!client_init(new, ai->ai_canonname, ai)) {
296 * client_release - drop a reference to an nfs_client record
300 client_release(nfs_client *clp)
302 if (clp->m_count <= 0)
303 xlog(L_FATAL, "client_free: m_count <= 0!");
308 * client_freeall - deallocate all nfs_client records
314 nfs_client *clp, **head;
317 for (i = 0; i < MCL_MAXTYPES; i++) {
318 head = clientlist + i;
320 *head = (clp = *head)->m_next;
327 * client_resolve - look up an IP address
328 * @sap: pointer to socket address to resolve
330 * Returns an addrinfo structure, or NULL if some problem occurred.
331 * Caller must free the result with freeaddrinfo(3).
334 client_resolve(const struct sockaddr *sap)
336 struct addrinfo *ai = NULL;
338 if (clientlist[MCL_WILDCARD] || clientlist[MCL_NETGROUP])
339 ai = host_reliable_addrinfo(sap);
341 ai = host_numeric_addrinfo(sap);
347 * client_compose - Make a list of cached hostnames that match an IP address
348 * @ai: pointer to addrinfo containing IP address information to match
350 * Gather all known client hostnames that match the IP address, and sort
351 * the result into a comma-separated list.
353 * Returns a '\0'-terminated ASCII string containing a comma-separated
354 * sorted list of client hostnames, or NULL if no client records matched
355 * the IP address or memory could not be allocated. Caller must free the
356 * returned string with free(3).
359 client_compose(const struct addrinfo *ai)
364 for (i = 0 ; i < MCL_MAXTYPES; i++) {
366 for (clp = clientlist[i]; clp ; clp = clp->m_next) {
367 if (!client_check(clp, ai))
369 name = add_name(name, clp->m_hostname);
376 * client_member - check if @name is contained in the list @client
377 * @client: '\0'-terminated ASCII string containing
378 * comma-separated list of hostnames
379 * @name: '\0'-terminated ASCII string containing hostname to look for
381 * Returns 1 if @name was found in @client, otherwise zero is returned.
384 client_member(const char *client, const char *name)
386 size_t l = strlen(name);
389 if (strncmp(client, name, l) == 0 &&
390 (client[l] == ',' || client[l] == '\0'))
392 client = strchr(client, ',');
401 name_cmp(const char *a, const char *b)
403 /* compare strings a and b, but only upto ',' in a */
404 while (*a && *b && *a != ',' && *a == *b)
406 if (!*b && (!*a || *a == ','))
409 if (!*a || *a == ',') return -1;
414 add_name(char *old, const char *add)
416 size_t len = strlen(add) + 2;
419 if (old) len += strlen(old);
427 while (cp && *cp && name_cmp(cp, add) < 0) {
428 /* step cp forward over a name */
429 char *e = strchr(cp, ',');
433 cp = cp + strlen(cp);
435 strncpy(new, old, cp-old);
437 if (cp != old && !*cp)
449 * Check each address listed in @ai against each address
450 * stored in @clp. Return 1 if a match is found, otherwise
454 check_fqdn(const nfs_client *clp, const struct addrinfo *ai)
458 for (; ai; ai = ai->ai_next)
459 for (i = 0; i < clp->m_naddr; i++)
460 if (nfs_compare_sockaddr(ai->ai_addr,
461 get_addrlist(clp, i)))
468 mask_match(const uint32_t a, const uint32_t b, const uint32_t m)
470 return ((a ^ b) & m) == 0;
474 check_subnet_v4(const struct sockaddr_in *address,
475 const struct sockaddr_in *mask, const struct addrinfo *ai)
477 for (; ai; ai = ai->ai_next) {
478 struct sockaddr_in *sin = (struct sockaddr_in *)ai->ai_addr;
480 if (sin->sin_family != AF_INET)
483 if (mask_match(address->sin_addr.s_addr,
484 sin->sin_addr.s_addr,
485 mask->sin_addr.s_addr))
491 #ifdef IPV6_SUPPORTED
493 check_subnet_v6(const struct sockaddr_in6 *address,
494 const struct sockaddr_in6 *mask, const struct addrinfo *ai)
496 for (; ai; ai = ai->ai_next) {
497 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)ai->ai_addr;
499 if (sin6->sin6_family != AF_INET6)
502 if (mask_match(address->sin6_addr.s6_addr32[0],
503 sin6->sin6_addr.s6_addr32[0],
504 mask->sin6_addr.s6_addr32[0]) &&
505 mask_match(address->sin6_addr.s6_addr32[1],
506 sin6->sin6_addr.s6_addr32[1],
507 mask->sin6_addr.s6_addr32[1]) &&
508 mask_match(address->sin6_addr.s6_addr32[2],
509 sin6->sin6_addr.s6_addr32[2],
510 mask->sin6_addr.s6_addr32[2]) &&
511 mask_match(address->sin6_addr.s6_addr32[3],
512 sin6->sin6_addr.s6_addr32[3],
513 mask->sin6_addr.s6_addr32[3]))
518 #else /* !IPV6_SUPPORTED */
520 check_subnet_v6(const struct sockaddr_in6 *UNUSED(address),
521 const struct sockaddr_in6 *UNUSED(mask),
522 const struct addrinfo *UNUSED(ai))
526 #endif /* !IPV6_SUPPORTED */
529 * Check each address listed in @ai against the subnetwork or
530 * host address stored in @clp. Return 1 if an address in @hp
531 * matches the host address stored in @clp, otherwise zero.
534 check_subnetwork(const nfs_client *clp, const struct addrinfo *ai)
536 switch (get_addrlist(clp, 0)->sa_family) {
538 return check_subnet_v4(get_addrlist_in(clp, 0),
539 get_addrlist_in(clp, 1), ai);
541 return check_subnet_v6(get_addrlist_in6(clp, 0),
542 get_addrlist_in6(clp, 1), ai);
549 * Check if a wildcard nfs_client record matches the canonical name
550 * or the aliases of a host. Return 1 if a match is found, otherwise
554 check_wildcard(const nfs_client *clp, const struct addrinfo *ai)
556 char *cname = clp->m_hostname;
557 char *hname = ai->ai_canonname;
561 if (wildmat(hname, cname))
564 /* See if hname aliases listed in /etc/hosts or nis[+]
565 * match the requested wildcard */
566 hp = gethostbyname(hname);
568 for (ap = hp->h_aliases; *ap; ap++)
569 if (wildmat(*ap, cname))
577 * Check if @ai's hostname or aliases fall in a given netgroup.
578 * Return 1 if @ai represents a host in the netgroup, otherwise
583 check_netgroup(const nfs_client *clp, const struct addrinfo *ai)
585 const char *netgroup = clp->m_hostname + 1;
586 struct addrinfo *tmp = NULL;
593 hname = strdup(ai->ai_canonname);
595 xlog(D_GENERAL, "%s: no memory for strdup", __func__);
599 /* First, try to match the hostname without
600 * splitting off the domain */
601 if (innetgr(netgroup, hname, NULL, NULL)) {
606 /* See if hname aliases listed in /etc/hosts or nis[+]
607 * match the requested netgroup */
608 hp = gethostbyname(hname);
610 for (i = 0; hp->h_aliases[i]; i++)
611 if (innetgr(netgroup, hp->h_aliases[i], NULL, NULL)) {
617 /* If hname happens to be an IP address, convert it
618 * to a the canonical DNS name bound to this address. */
619 tmp = host_pton(hname);
621 char *cname = host_canonname(tmp->ai_addr);
624 /* The resulting FQDN may be in our netgroup. */
628 if (innetgr(netgroup, hname, NULL, NULL)) {
635 /* Okay, strip off the domain (if we have one) */
636 dot = strchr(hname, '.');
641 match = innetgr(netgroup, hname, NULL, NULL);
647 #else /* !HAVE_INNETGR */
649 check_netgroup(__attribute__((unused)) const nfs_client *clp,
650 __attribute__((unused)) const struct addrinfo *ai)
654 #endif /* !HAVE_INNETGR */
657 * client_check - check if IP address information matches a cached nfs_client
658 * @clp: pointer to a cached nfs_client record
659 * @ai: pointer to addrinfo to compare it with
661 * Returns 1 if the address information matches the cached nfs_client,
665 client_check(const nfs_client *clp, const struct addrinfo *ai)
667 switch (clp->m_type) {
669 return check_fqdn(clp, ai);
671 return check_subnetwork(clp, ai);
673 return check_wildcard(clp, ai);
675 return check_netgroup(clp, ai);
681 xlog(D_GENERAL, "%s: unrecognized client type: %d",
682 __func__, clp->m_type);
689 * client_gettype - determine type of nfs_client given an identifier
690 * @ident: '\0'-terminated ASCII string containing a client identifier
692 * Returns the type of nfs_client record that would be used for
696 client_gettype(char *ident)
701 if (ident[0] == '\0' || strcmp(ident, "*")==0)
702 return MCL_ANONYMOUS;
703 if (strncmp(ident, "gss/", 4) == 0)
705 if (ident[0] == '@') {
707 xlog(L_WARNING, "netgroup support not compiled in");
711 for (sp = ident; *sp; sp++) {
712 if (*sp == '*' || *sp == '?' || *sp == '[')
715 return MCL_SUBNETWORK;
716 if (*sp == '\\' && sp[1])
721 * Treat unadorned IP addresses as MCL_SUBNETWORK.
722 * Everything else is MCL_FQDN.
724 ai = host_pton(ident);
727 return MCL_SUBNETWORK;
projects / nfs-utils.git / blob