mountd: auth.c no longer needs #include xmalloc.h

[nfs-utils.git] / utils / mountd / auth.c

diff --git a/utils/mountd/auth.c b/utils/mountd/auth.c
index ccc849a7222f9d596764547b7b2c681d88bc914e..330cab531ea5b7832c987b8824b3200f392650a7 100644 (file)
--- a/utils/mountd/auth.c
+++ b/utils/mountd/auth.c
@@ -10,10 +10,12 @@
 #include <config.h>
 #endif
 
+#include <sys/types.h>
 #include <sys/stat.h>
 #include <netinet/in.h>
 #include <arpa/inet.h>
 #include <errno.h>
+#include <fcntl.h>
 #include <unistd.h>
 
 #include "sockaddr.h"
@@ -21,7 +23,6 @@
 #include "nfslib.h"
 #include "exportfs.h"
 #include "mountd.h"
-#include "xmalloc.h"
 #include "v4root.h"
 
 enum auth_error
@@ -112,15 +113,23 @@ auth_reload()
        return counter;
 }
 
+static char *get_client_ipaddr_name(const struct sockaddr *caller)
+{
+       char buf[INET6_ADDRSTRLEN + 1];
+
+       buf[0] = '$';
+       host_ntop(caller, buf + 1, sizeof(buf) - 1);
+       return strdup(buf);
+}
+
 static char *
 get_client_hostname(const struct sockaddr *caller, struct addrinfo *ai,
                enum auth_error *error)
 {
-       char buf[INET6_ADDRSTRLEN];
        char *n;
 
        if (use_ipaddr)
-               return strdup(host_ntop(caller, buf, sizeof(buf)));
+               return get_client_ipaddr_name(caller);
        n = client_compose(ai);
        *error = unknown_host;
        if (!n)
@@ -131,6 +140,23 @@ get_client_hostname(const struct sockaddr *caller, struct addrinfo *ai,
        return strdup("DEFAULT");
 }
 
+bool ipaddr_client_matches(nfs_export *exp, struct addrinfo *ai)
+{
+       return client_check(exp->m_client, ai);
+}
+
+bool namelist_client_matches(nfs_export *exp, char *dom)
+{
+       return client_member(dom, exp->m_client->m_hostname);
+}
+
+bool client_matches(nfs_export *exp, char *dom, struct addrinfo *ai)
+{
+       if (is_ipaddr_client(dom))
+               return ipaddr_client_matches(exp, ai);
+       return namelist_client_matches(exp, dom);
+}
+
 /* return static nfs_export with details filled in */
 static nfs_export *
 auth_authenticate_newcache(const struct sockaddr *caller,
@@ -155,9 +181,10 @@ auth_authenticate_newcache(const struct sockaddr *caller,
                for (exp = exportlist[i].p_head; exp; exp = exp->m_next) {
                        if (strcmp(path, exp->m_export.e_path))
                                continue;
-                       if (!use_ipaddr && !client_member(my_client.m_hostname, exp->m_client->m_hostname))
+                       if (!client_matches(exp, my_client.m_hostname, ai))
                                continue;
-                       if (use_ipaddr && !client_check(exp->m_client, ai))
+                       if (exp->m_export.e_flags & NFSEXP_V4ROOT)
+                               /* not acceptable for v[23] export */
                                continue;
                        break;
                }
@@ -187,10 +214,6 @@ auth_authenticate_internal(const struct sockaddr *caller, const char *path,
                        return NULL;
                }
        }
-       if (exp->m_export.e_flags & NFSEXP_V4ROOT) {
-               *error = no_entry;
-               return NULL;
-       }
        if (!(exp->m_export.e_flags & NFSEXP_INSECURE_PORT) &&
                     nfs_get_port(caller) >= IPPORT_RESERVED) {
                *error = illegal_port;