char ipaddr[INET6_ADDRSTRLEN];
char *client = NULL;
struct addrinfo *tmp = NULL;
- struct addrinfo *ai = NULL;
if (readline(fileno(f), &lbuf, &lbuflen) != 1)
return;
/* addr is a valid, interesting address, find the domain name... */
if (!use_ipaddr) {
+ struct addrinfo *ai = NULL;
+
ai = client_resolve(tmp->ai_addr);
+ if (ai == NULL)
+ goto out;
client = client_compose(ai);
freeaddrinfo(ai);
+ if (!client)
+ goto out;
}
- freeaddrinfo(tmp);
-
qword_print(f, "nfsd");
qword_print(f, ipaddr);
qword_printuint(f, time(0) + DEFAULT_TTL);
xlog(D_CALL, "auth_unix_ip: client %p '%s'", client, client?client: "DEFAULT");
free(client);
+out:
+ freeaddrinfo(tmp);
+
}
static void auth_unix_gid(FILE *f)
return false;
}
+struct addrinfo *lookup_client_addr(char *dom)
+{
+ struct addrinfo *ret;
+ struct addrinfo *tmp;
+
+ dom++; /* skip initial "$" */
+
+ tmp = host_pton(dom);
+ if (tmp == NULL)
+ return NULL;
+ ret = client_resolve(tmp->ai_addr);
+ freeaddrinfo(tmp);
+ return ret;
+}
+
static void nfsd_fh(FILE *f)
{
/* request are:
auth_reload();
+ if (is_ipaddr_client(dom)) {
+ ai = lookup_client_addr(dom);
+ if (!ai)
+ goto out;
+ }
+
/* Now determine export point for this fsid/domain */
for (i=0 ; i < MCL_MAXTYPES; i++) {
nfs_export *next_exp;
next_exp = exp->m_next;
}
- if (!use_ipaddr && !client_member(dom, exp->m_client->m_hostname))
+ if (!is_ipaddr_client(dom)
+ && !namelist_client_matches(exp, dom))
continue;
if (exp->m_export.e_mountpoint &&
!is_mountpoint(exp->m_export.e_mountpoint[0]?
if (!match_fsid(&parsed, exp, path))
continue;
- if (use_ipaddr) {
- if (ai == NULL) {
- struct addrinfo *tmp;
- tmp = host_pton(dom);
- if (tmp == NULL)
- goto out;
- ai = client_resolve(tmp->ai_addr);
- freeaddrinfo(tmp);
- }
- if (!client_check(exp->m_client, ai))
- continue;
- }
+ if (is_ipaddr_client(dom)
+ && !ipaddr_client_matches(exp, ai))
+ continue;
if (!found || subexport(&exp->m_export, found)) {
found = &exp->m_export;
free(found_path);
found_path = strdup(path);
if (found_path == NULL)
goto out;
- } else if (strcmp(found->e_path, exp->m_export.e_path)
+ } else if (strcmp(found->e_path, exp->m_export.e_path) != 0
&& !subexport(found, &exp->m_export))
{
xlog(L_WARNING, "%s and %s have same filehandle for %s, using first",
found_path, path, dom);
+ } else {
+ /* same path, if one is V4ROOT, choose the other */
+ if (found->e_flags & NFSEXP_V4ROOT) {
+ found = &exp->m_export;
+ free(found_path);
+ found_path = strdup(path);
+ if (found_path == NULL)
+ goto out;
+ }
}
}
}
return strcmp(path, exp->m_export.e_path) == 0;
}
-static int
-client_matches(nfs_export *exp, char *dom, struct addrinfo *ai)
-{
- if (use_ipaddr)
- return client_check(exp->m_client, ai);
- return client_member(dom, exp->m_client->m_hostname);
-}
-
static int
export_matches(nfs_export *exp, char *dom, char *path, struct addrinfo *ai)
{
found_type = i;
continue;
}
-
- /* Always prefer non-V4ROOT mounts */
- if (found->m_export.e_flags & NFSEXP_V4ROOT)
+ /* Always prefer non-V4ROOT exports */
+ if (exp->m_export.e_flags & NFSEXP_V4ROOT)
continue;
+ if (found->m_export.e_flags & NFSEXP_V4ROOT) {
+ found = exp;
+ found_type = i;
+ continue;
+ }
/* If one is a CROSSMOUNT, then prefer the longest path */
if (((found->m_export.e_flags & NFSEXP_CROSSMOUNT) ||
return found;
}
+#ifdef HAVE_NFS_PLUGIN_H
+#include <dlfcn.h>
+#include <nfs-plugin.h>
+
+/*
+ * Walk through a set of FS locations and build a set of export options.
+ * Returns true if all went to plan; otherwise, false.
+ */
+static _Bool
+locations_to_options(struct jp_ops *ops, nfs_fsloc_set_t locations,
+ char *options, size_t remaining, int *ttl)
+{
+ char *server, *last_path, *rootpath, *ptr;
+ _Bool seen = false;
+
+ last_path = NULL;
+ rootpath = NULL;
+ server = NULL;
+ ptr = options;
+ *ttl = 0;
+
+ for (;;) {
+ enum jp_status status;
+ int len;
+
+ status = ops->jp_get_next_location(locations, &server,
+ &rootpath, ttl);
+ if (status == JP_EMPTY)
+ break;
+ if (status != JP_OK) {
+ xlog(D_GENERAL, "%s: failed to parse location: %s",
+ __func__, ops->jp_error(status));
+ goto out_false;
+ }
+ xlog(D_GENERAL, "%s: Location: %s:%s",
+ __func__, server, rootpath);
+
+ if (last_path && strcmp(rootpath, last_path) == 0) {
+ len = snprintf(ptr, remaining, "+%s", server);
+ if (len < 0) {
+ xlog(D_GENERAL, "%s: snprintf: %m", __func__);
+ goto out_false;
+ }
+ if ((size_t)len >= remaining) {
+ xlog(D_GENERAL, "%s: options buffer overflow", __func__);
+ goto out_false;
+ }
+ remaining -= (size_t)len;
+ ptr += len;
+ } else {
+ if (last_path == NULL)
+ len = snprintf(ptr, remaining, "refer=%s@%s",
+ rootpath, server);
+ else
+ len = snprintf(ptr, remaining, ":%s@%s",
+ rootpath, server);
+ if (len < 0) {
+ xlog(D_GENERAL, "%s: snprintf: %m", __func__);
+ goto out_false;
+ }
+ if ((size_t)len >= remaining) {
+ xlog(D_GENERAL, "%s: options buffer overflow",
+ __func__);
+ goto out_false;
+ }
+ remaining -= (size_t)len;
+ ptr += len;
+ last_path = rootpath;
+ }
+
+ seen = true;
+ free(rootpath);
+ free(server);
+ }
+
+ xlog(D_CALL, "%s: options='%s', ttl=%d",
+ __func__, options, *ttl);
+ return seen;
+
+out_false:
+ free(rootpath);
+ free(server);
+ return false;
+}
+
+/*
+ * Walk through the set of FS locations and build an exportent.
+ * Returns pointer to an exportent if "junction" refers to a junction.
+ *
+ * Returned exportent points to static memory.
+ */
+static struct exportent *locations_to_export(struct jp_ops *ops,
+ nfs_fsloc_set_t locations, const char *junction)
+{
+ static char options[BUFSIZ];
+ struct exportent *exp;
+ int ttl;
+
+ options[0] = '\0';
+ if (!locations_to_options(ops, locations, options, sizeof(options), &ttl))
+ return NULL;
+
+ exp = mkexportent("*", (char *)junction, options);
+ if (exp == NULL) {
+ xlog(L_ERROR, "%s: Failed to construct exportent", __func__);
+ return NULL;
+ }
+
+ exp->e_uuid = NULL;
+ exp->e_ttl = ttl;
+ return exp;
+}
+
+/*
+ * Retrieve locations information in "junction" and dump it to the
+ * kernel. Returns pointer to an exportent if "junction" refers
+ * to a junction.
+ *
+ * Returned exportent points to static memory.
+ */
+static struct exportent *invoke_junction_ops(void *handle,
+ const char *junction)
+{
+ struct exportent *exp = NULL;
+ nfs_fsloc_set_t locations;
+ enum jp_status status;
+ struct jp_ops *ops;
+ char *error;
+
+ ops = (struct jp_ops *)dlsym(handle, "nfs_junction_ops");
+ error = dlerror();
+ if (error != NULL) {
+ xlog(D_GENERAL, "%s: dlsym(jp_junction_ops): %s",
+ __func__, error);
+ return NULL;
+ }
+ if (ops->jp_api_version != JP_API_VERSION) {
+ xlog(D_GENERAL, "%s: unrecognized junction API version: %u",
+ __func__, ops->jp_api_version);
+ return NULL;
+ }
+
+ status = ops->jp_init(false);
+ if (status != JP_OK) {
+ xlog(D_GENERAL, "%s: failed to resolve %s: %s",
+ __func__, junction, ops->jp_error(status));
+ return NULL;
+ }
+
+ status = ops->jp_get_locations(junction, &locations);
+ switch (status) {
+ case JP_OK:
+ break;
+ case JP_NOTJUNCTION:
+ xlog(D_GENERAL, "%s: %s is not a junction",
+ __func__, junction);
+ goto out;
+ default:
+ xlog(L_WARNING, "Dangling junction %s: %s",
+ junction, ops->jp_error(status));
+ goto out;
+ }
+
+ exp = locations_to_export(ops, locations, junction);
+
+ ops->jp_put_locations(locations);
+
+out:
+ ops->jp_done();
+ return exp;
+}
+
+/*
+ * Load the junction plug-in, then try to resolve "pathname".
+ * Returns pointer to an initialized exportent if "junction"
+ * refers to a junction, or NULL if not.
+ *
+ * Returned exportent points to static memory.
+ */
+static struct exportent *lookup_junction(const char *pathname)
+{
+ struct exportent *exp;
+ void *handle;
+
+ handle = dlopen("libnfsjunct.so", RTLD_NOW);
+ if (handle == NULL) {
+ xlog(D_GENERAL, "%s: dlopen: %s", __func__, dlerror());
+ return NULL;
+ }
+ (void)dlerror(); /* Clear any error */
+
+ exp = invoke_junction_ops(handle, pathname);
+
+ /* We could leave it loaded to make junction resolution
+ * faster next time. However, if we want to replace the
+ * library, that would require restarting mountd. */
+ (void)dlclose(handle);
+ return exp;
+}
+#else /* !HAVE_NFS_PLUGIN_H */
+static inline struct exportent *lookup_junction(const char *UNUSED(pathname))
+{
+ return NULL;
+}
+#endif /* !HAVE_NFS_PLUGIN_H */
+
static void nfsd_export(FILE *f)
{
/* requests are:
auth_reload();
- if (use_ipaddr) {
- struct addrinfo *tmp;
- tmp = host_pton(dom);
- if (tmp == NULL)
- goto out;
- ai = client_resolve(tmp->ai_addr);
- freeaddrinfo(tmp);
+ if (is_ipaddr_client(dom)) {
+ ai = lookup_client_addr(dom);
+ if (!ai)
goto out;
}
dump_to_cache(f, dom, path, NULL);
}
} else {
- dump_to_cache(f, dom, path, NULL);
+ dump_to_cache(f, dom, path, lookup_junction(path));
}
out:
xlog(D_CALL, "nfsd_export: found %p path %s", found, path ? path : NULL);
projects / nfs-utils.git / blobdiff