#include "nfslib.h"
#include "exportfs.h"
#include "mountd.h"
-#include "xmalloc.h"
#include "fsloc.h"
#include "pseudoflavors.h"
char ipaddr[INET6_ADDRSTRLEN];
char *client = NULL;
struct addrinfo *tmp = NULL;
- struct addrinfo *ai = NULL;
if (readline(fileno(f), &lbuf, &lbuflen) != 1)
return;
/* addr is a valid, interesting address, find the domain name... */
if (!use_ipaddr) {
+ struct addrinfo *ai = NULL;
+
ai = client_resolve(tmp->ai_addr);
- client = client_compose(ai);
- freeaddrinfo(ai);
+ if (ai) {
+ client = client_compose(ai);
+ freeaddrinfo(ai);
+ }
}
- freeaddrinfo(tmp);
-
qword_print(f, "nfsd");
qword_print(f, ipaddr);
- qword_printuint(f, time(0) + DEFAULT_TTL);
+ qword_printtimefrom(f, DEFAULT_TTL);
if (use_ipaddr)
qword_print(f, ipaddr);
else if (client)
xlog(D_CALL, "auth_unix_ip: client %p '%s'", client, client?client: "DEFAULT");
free(client);
+ freeaddrinfo(tmp);
+
}
static void auth_unix_gid(FILE *f)
}
}
qword_printuint(f, uid);
- qword_printuint(f, time(0) + DEFAULT_TTL);
+ qword_printtimefrom(f, DEFAULT_TTL);
if (rv >= 0) {
qword_printuint(f, ngroups);
for (i=0; i<ngroups; i++)
#define get_uuid_blkdev(path) (NULL)
#endif
-static int get_uuid(const char *val, int uuidlen, char *u)
+static int get_uuid(const char *val, size_t uuidlen, char *u)
{
/* extract hex digits from uuidstr and compose a uuid
* of the given length (max 16), xoring bytes to make
* a smaller uuid.
*/
- int i = 0;
+ size_t i = 0;
memset(u, 0, uuidlen);
for ( ; *val ; val++) {
- char c = *val;
+ int c = *val;
if (!isxdigit(c))
continue;
if (isalpha(c)) {
c = c - '0' + 0;
if ((i&1) == 0)
c <<= 4;
- u[i/2] ^= c;
+ u[i/2] ^= (char)c;
i++;
if (i == uuidlen*2)
i = 0;
return 1;
}
-static int uuid_by_path(char *path, int type, int uuidlen, char *uuid)
+static int uuid_by_path(char *path, int type, size_t uuidlen, char *uuid)
{
/* get a uuid for the filesystem found at 'path'.
* There are several possible ways of generating the
{
FILE *f;
struct mntent *me;
- int l = strlen(p);
+ size_t l = strlen(p);
if (*v == NULL) {
f = setmntent("/etc/mtab", "r");
*v = f;
return me->mnt_dir;
}
+static int is_subdirectory(char *child, char *parent)
+{
+ size_t l = strlen(parent);
+
+ if (strcmp(parent, "/") == 0)
+ return 1;
+
+ return strcmp(child, parent) == 0
+ || (strncmp(child, parent, l) == 0 && child[l] == '/');
+}
+
+static int path_matches(nfs_export *exp, char *path)
+{
+ if (exp->m_export.e_flags & NFSEXP_CROSSMOUNT)
+ return is_subdirectory(path, exp->m_export.e_path);
+ return strcmp(path, exp->m_export.e_path) == 0;
+}
+
+static int
+export_matches(nfs_export *exp, char *dom, char *path, struct addrinfo *ai)
+{
+ return path_matches(exp, path) && client_matches(exp, dom, ai);
+}
+
/* True iff e1 is a child of e2 and e2 has crossmnt set: */
static bool subexport(struct exportent *e1, struct exportent *e2)
{
char *p1 = e1->e_path, *p2 = e2->e_path;
- int l2 = strlen(p2);
+ size_t l2 = strlen(p2);
return e2->e_flags & NFSEXP_CROSSMOUNT
- && strncmp(p1, p2, l2) == 0
- && p1[l2] == '/';
+ && strncmp(p1, p2, l2) == 0
+ && p1[l2] == '/';
}
struct parsed_fsid {
unsigned int minor;
unsigned int major;
unsigned int fsidnum;
- int uuidlen;
+ size_t uuidlen;
char *fhuuid;
};
-int parse_fsid(int fsidtype, int fsidlen, char *fsid, struct parsed_fsid *parsed)
+static int parse_fsid(int fsidtype, int fsidlen, char *fsid,
+ struct parsed_fsid *parsed)
{
unsigned int dev;
unsigned long long inode64;
+ memset(parsed, 0, sizeof(*parsed));
parsed->fsidtype = fsidtype;
switch(fsidtype) {
case FSID_DEV: /* 4 bytes: 2 major, 2 minor, 4 inode */
return false;
}
+static struct addrinfo *lookup_client_addr(char *dom)
+{
+ struct addrinfo *ret;
+ struct addrinfo *tmp;
+
+ dom++; /* skip initial "$" */
+
+ tmp = host_pton(dom);
+ if (tmp == NULL)
+ return NULL;
+ ret = client_resolve(tmp->ai_addr);
+ freeaddrinfo(tmp);
+ return ret;
+}
+
static void nfsd_fh(FILE *f)
{
/* request are:
auth_reload();
+ if (is_ipaddr_client(dom)) {
+ ai = lookup_client_addr(dom);
+ if (!ai)
+ goto out;
+ }
+
/* Now determine export point for this fsid/domain */
for (i=0 ; i < MCL_MAXTYPES; i++) {
nfs_export *next_exp;
next_exp = exp->m_next;
}
- if (!use_ipaddr && !client_member(dom, exp->m_client->m_hostname))
+ if (!is_ipaddr_client(dom)
+ && !namelist_client_matches(exp, dom))
continue;
if (exp->m_export.e_mountpoint &&
!is_mountpoint(exp->m_export.e_mountpoint[0]?
if (!match_fsid(&parsed, exp, path))
continue;
- if (use_ipaddr) {
- if (ai == NULL) {
- struct addrinfo *tmp;
- tmp = host_pton(dom);
- if (tmp == NULL)
- goto out;
- ai = client_resolve(tmp->ai_addr);
- freeaddrinfo(tmp);
- }
- if (!client_check(exp->m_client, ai))
- continue;
- }
+ if (is_ipaddr_client(dom)
+ && !ipaddr_client_matches(exp, ai))
+ continue;
if (!found || subexport(&exp->m_export, found)) {
found = &exp->m_export;
free(found_path);
found_path = strdup(path);
if (found_path == NULL)
goto out;
- } else if (strcmp(found->e_path, exp->m_export.e_path)
+ } else if (strcmp(found->e_path, exp->m_export.e_path) != 0
&& !subexport(found, &exp->m_export))
{
xlog(L_WARNING, "%s and %s have same filehandle for %s, using first",
found_path, path, dom);
+ } else {
+ /* same path, if one is V4ROOT, choose the other */
+ if (found->e_flags & NFSEXP_V4ROOT) {
+ found = &exp->m_export;
+ free(found_path);
+ found_path = strdup(path);
+ if (found_path == NULL)
+ goto out;
+ }
}
}
}
int different_fs = strcmp(path, exp->e_path) != 0;
int flag_mask = different_fs ? ~NFSEXP_FSID : ~0;
- qword_printuint(f, time(0) + exp->e_ttl);
+ qword_printtimefrom(f, exp->e_ttl);
qword_printint(f, exp->e_flags & flag_mask);
qword_printint(f, exp->e_anonuid);
qword_printint(f, exp->e_anongid);
qword_printhex(f, u, 16);
}
} else
- qword_printuint(f, time(0) + DEFAULT_TTL);
+ qword_printtimefrom(f, DEFAULT_TTL);
return qword_eol(f);
}
-static int is_subdirectory(char *child, char *parent)
-{
- int l = strlen(parent);
-
- return strcmp(child, parent) == 0
- || (strncmp(child, parent, l) == 0 && child[l] == '/');
-}
-
-static int path_matches(nfs_export *exp, char *path)
-{
- if (exp->m_export.e_flags & NFSEXP_CROSSMOUNT)
- return is_subdirectory(path, exp->m_export.e_path);
- return strcmp(path, exp->m_export.e_path) == 0;
-}
-
-static int
-client_matches(nfs_export *exp, char *dom, struct addrinfo *ai)
-{
- if (use_ipaddr)
- return client_check(exp->m_client, ai);
- return client_member(dom, exp->m_client->m_hostname);
-}
-
-static int
-export_matches(nfs_export *exp, char *dom, char *path, struct addrinfo *ai)
-{
- return path_matches(exp, path) && client_matches(exp, dom, ai);
-}
-
static nfs_export *
lookup_export(char *dom, char *path, struct addrinfo *ai)
{
found_type = i;
continue;
}
-
- /* Always prefer non-V4ROOT mounts */
- if (found->m_export.e_flags & NFSEXP_V4ROOT)
+ /* Always prefer non-V4ROOT exports */
+ if (exp->m_export.e_flags & NFSEXP_V4ROOT)
continue;
+ if (found->m_export.e_flags & NFSEXP_V4ROOT) {
+ found = exp;
+ found_type = i;
+ continue;
+ }
/* If one is a CROSSMOUNT, then prefer the longest path */
if (((found->m_export.e_flags & NFSEXP_CROSSMOUNT) ||
#ifdef HAVE_NFS_PLUGIN_H
#include <dlfcn.h>
+#include <link.h>
#include <nfs-plugin.h>
/*
- * Walk through a set of FS locations and build a set of export options.
+ * Find the export entry for the parent of "pathname".
+ * Caller must not free returned exportent.
+ */
+static struct exportent *lookup_parent_export(char *dom,
+ const char *pathname, struct addrinfo *ai)
+{
+ char *parent, *slash;
+ nfs_export *result;
+
+ parent = strdup(pathname);
+ if (parent == NULL) {
+ xlog(D_GENERAL, "%s: failed to allocate parent path buffer",
+ __func__);
+ goto out_default;
+ }
+ xlog(D_CALL, "%s: pathname = '%s'", __func__, pathname);
+
+again:
+ /* shorten pathname by one component */
+ slash = strrchr(parent, '/');
+ if (slash == NULL) {
+ xlog(D_GENERAL, "%s: no slash found in pathname",
+ __func__);
+ goto out_default;
+ }
+ *slash = '\0';
+
+ if (strlen(parent) == 0) {
+ result = lookup_export(dom, "/", ai);
+ if (result == NULL) {
+ xlog(L_ERROR, "%s: no root export found.", __func__);
+ goto out_default;
+ }
+ goto out;
+ }
+
+ result = lookup_export(dom, parent, ai);
+ if (result == NULL) {
+ xlog(D_GENERAL, "%s: lookup_export(%s) found nothing",
+ __func__, parent);
+ goto again;
+ }
+
+out:
+ xlog(D_CALL, "%s: found export for %s", __func__, parent);
+ free(parent);
+ return &result->m_export;
+
+out_default:
+ free(parent);
+ return mkexportent("*", "/", "insecure");
+}
+
+/*
+ * Walk through a set of FS locations and build an e_fslocdata string.
* Returns true if all went to plan; otherwise, false.
*/
-static _Bool
-locations_to_options(struct jp_ops *ops, nfs_fsloc_set_t locations,
- char *options, size_t remaining, int *ttl)
+static bool locations_to_fslocdata(struct jp_ops *ops,
+ nfs_fsloc_set_t locations, char *fslocdata,
+ size_t remaining, int *ttl)
{
char *server, *last_path, *rootpath, *ptr;
_Bool seen = false;
last_path = NULL;
rootpath = NULL;
server = NULL;
- ptr = options;
+ ptr = fslocdata;
*ttl = 0;
for (;;) {
goto out_false;
}
if ((size_t)len >= remaining) {
- xlog(D_GENERAL, "%s: options buffer overflow", __func__);
+ xlog(D_GENERAL, "%s: fslocdata buffer overflow", __func__);
goto out_false;
}
remaining -= (size_t)len;
ptr += len;
} else {
if (last_path == NULL)
- len = snprintf(ptr, remaining, "refer=%s@%s",
+ len = snprintf(ptr, remaining, "%s@%s",
rootpath, server);
else
len = snprintf(ptr, remaining, ":%s@%s",
goto out_false;
}
if ((size_t)len >= remaining) {
- xlog(D_GENERAL, "%s: options buffer overflow",
+ xlog(D_GENERAL, "%s: fslocdata buffer overflow",
__func__);
goto out_false;
}
free(server);
}
- xlog(D_CALL, "%s: options='%s', ttl=%d",
- __func__, options, *ttl);
+ xlog(D_CALL, "%s: fslocdata='%s', ttl=%d",
+ __func__, fslocdata, *ttl);
return seen;
out_false:
}
/*
- * Walk through the set of FS locations and build an exportent.
- * Returns pointer to an exportent if "junction" refers to a junction.
- *
- * Returned exportent points to static memory.
+ * Duplicate the junction's parent's export options and graft in
+ * the fslocdata we constructed from the locations list.
*/
-static struct exportent *do_locations_to_export(struct jp_ops *ops,
- nfs_fsloc_set_t locations, const char *junction,
- char *options, size_t options_len)
+static struct exportent *create_junction_exportent(struct exportent *parent,
+ const char *junction, const char *fslocdata, int ttl)
{
- struct exportent *exp;
- int ttl;
-
- if (!locations_to_options(ops, locations, options, options_len, &ttl))
- return NULL;
-
- exp = mkexportent("*", (char *)junction, options);
- if (exp == NULL) {
- xlog(L_ERROR, "%s: Failed to construct exportent", __func__);
- return NULL;
+ static struct exportent *eep;
+
+ eep = (struct exportent *)malloc(sizeof(*eep));
+ if (eep == NULL)
+ goto out_nomem;
+
+ dupexportent(eep, parent);
+ strcpy(eep->e_path, junction);
+ eep->e_hostname = strdup(parent->e_hostname);
+ if (eep->e_hostname == NULL) {
+ free(eep);
+ goto out_nomem;
}
+ free(eep->e_uuid);
+ eep->e_uuid = NULL;
+ eep->e_ttl = (unsigned int)ttl;
+
+ free(eep->e_fslocdata);
+ eep->e_fslocdata = strdup(fslocdata);
+ if (eep->e_fslocdata == NULL) {
+ free(eep->e_hostname);
+ free(eep);
+ goto out_nomem;
+ }
+ eep->e_fslocmethod = FSLOC_REFER;
+ return eep;
- exp->e_uuid = NULL;
- exp->e_ttl = ttl;
- return exp;
+out_nomem:
+ xlog(L_ERROR, "%s: No memory", __func__);
+ return NULL;
}
/*
- * Convert set of FS locations to an exportent. Returns pointer to
- * an exportent if "junction" refers to a junction.
- *
- * Returned exportent points to static memory.
+ * Walk through the set of FS locations and build an exportent.
+ * Returns pointer to an exportent if "junction" refers to a junction.
*/
static struct exportent *locations_to_export(struct jp_ops *ops,
- nfs_fsloc_set_t locations, const char *junction)
+ nfs_fsloc_set_t locations, const char *junction,
+ struct exportent *parent)
{
- struct exportent *exp;
- char *options;
+ static char fslocdata[BUFSIZ];
+ int ttl;
- options = malloc(BUFSIZ);
- if (options == NULL) {
- xlog(D_GENERAL, "%s: failed to allocate options buffer",
- __func__);
+ fslocdata[0] = '\0';
+ if (!locations_to_fslocdata(ops, locations,
+ fslocdata, sizeof(fslocdata), &ttl))
return NULL;
- }
- options[0] = '\0';
-
- exp = do_locations_to_export(ops, locations, junction,
- options, BUFSIZ);
-
- free(options);
- return exp;
+ return create_junction_exportent(parent, junction, fslocdata, ttl);
}
/*
* Retrieve locations information in "junction" and dump it to the
* kernel. Returns pointer to an exportent if "junction" refers
* to a junction.
- *
- * Returned exportent points to static memory.
*/
-static struct exportent *invoke_junction_ops(void *handle,
- const char *junction)
+static struct exportent *invoke_junction_ops(void *handle, char *dom,
+ const char *junction, struct addrinfo *ai)
{
+ struct exportent *parent, *exp = NULL;
nfs_fsloc_set_t locations;
- struct exportent *exp;
enum jp_status status;
struct jp_ops *ops;
char *error;
}
status = ops->jp_get_locations(junction, &locations);
- if (status != JP_OK) {
- xlog(D_GENERAL, "%s: failed to resolve %s: %s",
- __func__, junction, ops->jp_error(status));
- return NULL;
+ switch (status) {
+ case JP_OK:
+ break;
+ case JP_NOTJUNCTION:
+ xlog(D_GENERAL, "%s: %s is not a junction",
+ __func__, junction);
+ goto out;
+ default:
+ xlog(L_WARNING, "Dangling junction %s: %s",
+ junction, ops->jp_error(status));
+ goto out;
}
- exp = locations_to_export(ops, locations, junction);
+ parent = lookup_parent_export(dom, junction, ai);
+ if (parent == NULL)
+ goto out;
+
+ exp = locations_to_export(ops, locations, junction, parent);
ops->jp_put_locations(locations);
+
+out:
ops->jp_done();
return exp;
}
* Load the junction plug-in, then try to resolve "pathname".
* Returns pointer to an initialized exportent if "junction"
* refers to a junction, or NULL if not.
- *
- * Returned exportent points to static memory.
*/
-static struct exportent *lookup_junction(const char *pathname)
+static struct exportent *lookup_junction(char *dom, const char *pathname,
+ struct addrinfo *ai)
{
struct exportent *exp;
+ struct link_map *map;
void *handle;
handle = dlopen("libnfsjunct.so", RTLD_NOW);
xlog(D_GENERAL, "%s: dlopen: %s", __func__, dlerror());
return NULL;
}
+
+ if (dlinfo(handle, RTLD_DI_LINKMAP, &map) == 0)
+ xlog(D_GENERAL, "%s: loaded plug-in %s",
+ __func__, map->l_name);
+
(void)dlerror(); /* Clear any error */
- exp = invoke_junction_ops(handle, pathname);
+ exp = invoke_junction_ops(handle, dom, pathname, ai);
/* We could leave it loaded to make junction resolution
* faster next time. However, if we want to replace the
(void)dlclose(handle);
return exp;
}
+
+static void lookup_nonexport(FILE *f, char *dom, char *path,
+ struct addrinfo *ai)
+{
+ struct exportent *eep;
+
+ eep = lookup_junction(dom, path, ai);
+ dump_to_cache(f, dom, path, eep);
+ if (eep == NULL)
+ return;
+ exportent_release(eep);
+ free(eep);
+}
#else /* !HAVE_NFS_PLUGIN_H */
-static inline struct exportent *lookup_junction(const char *UNUSED(pathname))
+static void lookup_nonexport(FILE *f, char *dom, char *path,
+ struct addrinfo *UNUSED(ai))
{
- return NULL;
+ dump_to_cache(f, dom, path, NULL);
}
#endif /* !HAVE_NFS_PLUGIN_H */
auth_reload();
- if (use_ipaddr) {
- struct addrinfo *tmp;
- tmp = host_pton(dom);
- if (tmp == NULL)
- goto out;
- ai = client_resolve(tmp->ai_addr);
- freeaddrinfo(tmp);
+ if (is_ipaddr_client(dom)) {
+ ai = lookup_client_addr(dom);
+ if (!ai)
goto out;
}
" or fsid= required", path);
dump_to_cache(f, dom, path, NULL);
}
- } else {
- dump_to_cache(f, dom, path, lookup_junction(path));
- }
+ } else
+ lookup_nonexport(f, dom, path, ai);
+
out:
xlog(D_CALL, "nfsd_export: found %p path %s", found, path ? path : NULL);
if (dom) free(dom);
qword_print(f, "nfsd");
qword_print(f,
host_ntop(get_addrlist(exp->m_client, 0), buf, sizeof(buf)));
- qword_printuint(f, time(0) + exp->m_export.e_ttl);
+ qword_printtimefrom(f, exp->m_export.e_ttl);
qword_print(f, exp->m_client->m_hostname);
err = qword_eol(f);
projects / nfs-utils.git / blobdiff