1 /* Copyright (C) 1997-2014 Free Software Foundation, Inc.
2 This file is part of the GNU C Library.
3 Contributed by Thorsten Kukuk <kukuk@vt.uni-paderborn.de>, 1997.
5 The GNU C Library is free software; you can redistribute it and/or
6 modify it under the terms of the GNU Lesser General Public
7 License as published by the Free Software Foundation; either
8 version 2.1 of the License, or (at your option) any later version.
10 The GNU C Library is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Lesser General Public License for more details.
15 You should have received a copy of the GNU Lesser General Public
16 License along with the GNU C Library; if not, see
17 <http://www.gnu.org/licenses/>. */
25 #include <rpcsvc/nis.h>
26 #include <sys/socket.h>
29 #include <netinet/in.h>
30 #include <arpa/inet.h>
31 #include <bits/libc-lock.h>
34 #include "nis_intern.h"
37 static const struct timeval RPCTIMEOUT = {10, 0};
38 static const struct timeval UDPTIMEOUT = {5, 0};
40 extern u_short __pmap_getnisport (struct sockaddr_in *address, u_long program,
41 u_long version, u_int protocol);
44 inetstr2int (const char *str)
47 for (size_t i = 0; str[i] != '\0'; ++i)
48 if (str[i] == '.' && __builtin_expect (++j == 4, 0))
52 return inet_addr (memcpy (buffer, str, i));
55 return inet_addr (str);
59 __nisbind_destroy (dir_binding *bind)
61 if (bind->clnt != NULL)
64 auth_destroy (bind->clnt->cl_auth);
65 clnt_destroy (bind->clnt);
68 libnsl_hidden_def (__nisbind_destroy)
71 __nisbind_next (dir_binding *bind)
73 if (bind->clnt != NULL)
76 auth_destroy (bind->clnt->cl_auth);
77 clnt_destroy (bind->clnt);
81 if (bind->trys >= bind->server_len)
84 for (u_int j = bind->current_ep + 1;
85 j < bind->server_val[bind->server_used].ep.ep_len; ++j)
86 if (strcmp (bind->server_val[bind->server_used].ep.ep_val[j].family,
88 if (bind->server_val[bind->server_used].ep.ep_val[j].proto[0] == '-')
96 if (bind->server_used >= bind->server_len)
97 bind->server_used = 0;
99 for (u_int j = 0; j < bind->server_val[bind->server_used].ep.ep_len; ++j)
100 if (strcmp (bind->server_val[bind->server_used].ep.ep_val[j].family,
102 if (bind->server_val[bind->server_used].ep.ep_val[j].proto[0] == '-')
104 bind->current_ep = j;
110 libnsl_hidden_def (__nisbind_next)
112 static struct ckey_cache_entry
114 struct in_addr inaddr;
116 unsigned int protocol;
119 static size_t ckey_cache_size;
120 static size_t ckey_cache_allocated;
121 static pid_t ckey_cache_pid;
122 static uid_t ckey_cache_euid;
123 __libc_lock_define_initialized (static, ckey_cache_lock)
126 get_ckey (des_block *ckey, struct sockaddr_in *addr, unsigned int protocol)
129 pid_t pid = getpid ();
130 uid_t euid = geteuid ();
133 __libc_lock_lock (ckey_cache_lock);
135 if (ckey_cache_pid != pid || ckey_cache_euid != euid)
138 ckey_cache_pid = pid;
139 ckey_cache_euid = euid;
142 for (i = 0; i < ckey_cache_size; ++i)
143 if (ckey_cache[i].port == addr->sin_port
144 && ckey_cache[i].protocol == protocol
145 && memcmp (&ckey_cache[i].inaddr, &addr->sin_addr,
146 sizeof (addr->sin_addr)) == 0)
148 *ckey = ckey_cache[i].ckey;
153 if (!ret && key_gendes (ckey) >= 0)
156 /* Don't grow the cache indefinitely. */
157 if (ckey_cache_size == 256)
159 if (ckey_cache_size == ckey_cache_allocated)
161 size_t size = ckey_cache_allocated ? ckey_cache_allocated * 2 : 16;
162 struct ckey_cache_entry *new_cache
163 = realloc (ckey_cache, size * sizeof (*ckey_cache));
164 if (new_cache != NULL)
166 ckey_cache = new_cache;
167 ckey_cache_allocated = size;
170 ckey_cache[ckey_cache_size].inaddr = addr->sin_addr;
171 ckey_cache[ckey_cache_size].port = addr->sin_port;
172 ckey_cache[ckey_cache_size].protocol = protocol;
173 ckey_cache[ckey_cache_size++].ckey = *ckey;
176 __libc_lock_unlock (ckey_cache_lock);
181 __nisbind_connect (dir_binding *dbp)
189 serv = &dbp->server_val[dbp->server_used];
191 memset (&dbp->addr, '\0', sizeof (dbp->addr));
192 dbp->addr.sin_family = AF_INET;
194 dbp->addr.sin_addr.s_addr =
195 inetstr2int (serv->ep.ep_val[dbp->current_ep].uaddr);
197 if (dbp->addr.sin_addr.s_addr == INADDR_NONE)
200 /* Check, if the host is online and rpc.nisd is running. Much faster
201 then the clnt*_create functions: */
202 port = __pmap_getnisport (&dbp->addr, NIS_PROG, NIS_VERSION,
203 dbp->use_udp ? IPPROTO_UDP : IPPROTO_TCP);
207 dbp->addr.sin_port = htons (port);
208 dbp->socket = RPC_ANYSOCK;
210 dbp->clnt = clntudp_create (&dbp->addr, NIS_PROG, NIS_VERSION,
211 UDPTIMEOUT, &dbp->socket);
213 dbp->clnt = clnttcp_create (&dbp->addr, NIS_PROG, NIS_VERSION,
216 if (dbp->clnt == NULL)
219 clnt_control (dbp->clnt, CLSET_TIMEOUT, (caddr_t) &RPCTIMEOUT);
220 /* If the program exists, close the socket */
221 if (fcntl (dbp->socket, F_SETFD, 1) == -1)
222 perror ("fcntl: F_SETFD");
226 if (serv->key_type == NIS_PK_DH)
228 char netname[MAXNETNAMELEN + 1];
232 p = stpcpy (netname, "unix@");
233 strncpy (p, serv->name, MAXNETNAMELEN - 5);
234 netname[MAXNETNAMELEN] = '\0';
235 dbp->clnt->cl_auth = NULL;
236 if (get_ckey (&ckey, &dbp->addr,
237 dbp->use_udp ? IPPROTO_UDP : IPPROTO_TCP))
239 authdes_pk_create (netname, &serv->pkey, 300, NULL, &ckey);
240 if (!dbp->clnt->cl_auth)
241 dbp->clnt->cl_auth = authunix_create_default ();
244 dbp->clnt->cl_auth = authunix_create_default ();
249 libnsl_hidden_def (__nisbind_connect)
252 __nisbind_create (dir_binding *dbp, const nis_server *serv_val,
253 unsigned int serv_len, unsigned int server_used,
254 unsigned int current_ep, unsigned int flags)
258 dbp->server_len = serv_len;
259 dbp->server_val = (nis_server *)serv_val;
261 if (flags & USE_DGRAM)
264 dbp->use_udp = FALSE;
266 if (flags & NO_AUTHINFO)
267 dbp->use_auth = FALSE;
269 dbp->use_auth = TRUE;
271 if (flags & MASTER_ONLY)
272 dbp->master_only = TRUE;
274 dbp->master_only = FALSE;
276 /* We try the first server */
280 if (server_used == ~0)
282 if (__nis_findfastest (dbp) < 1)
283 return NIS_NAMEUNREACHABLE;
287 dbp->server_used = server_used;
288 dbp->current_ep = current_ep;
293 libnsl_hidden_def (__nisbind_create)
295 /* __nisbind_connect (dbp) must be run before calling this function !
296 So we could use the same binding twice */
298 __do_niscall3 (dir_binding *dbp, u_long prog, xdrproc_t xargs, caddr_t req,
299 xdrproc_t xres, caddr_t resp, unsigned int flags, nis_cb *cb)
301 enum clnt_stat result;
305 return NIS_NAMEUNREACHABLE;
310 result = clnt_call (dbp->clnt, prog, xargs, req, xres, resp, RPCTIMEOUT);
312 if (result != RPC_SUCCESS)
313 retcode = NIS_RPCERROR;
319 if ((((nis_result *)resp)->status == NIS_CBRESULTS) &&
322 __nis_do_callback (dbp, &((nis_result *) resp)->cookie, cb);
325 /* Yes, the missing break is correct. If we doesn't have to
326 start a callback, look if we have to search another server */
336 if (((nis_result *)resp)->status == NIS_SYSTEMERROR
337 || ((nis_result *)resp)->status == NIS_NOSUCHNAME
338 || ((nis_result *)resp)->status == NIS_NOT_ME)
341 if (__nisbind_next (dbp) == NIS_SUCCESS)
343 while (__nisbind_connect (dbp) != NIS_SUCCESS)
345 if (__nisbind_next (dbp) != NIS_SUCCESS)
350 break; /* No more servers to search in */
354 case NIS_FINDDIRECTORY:
355 if (((fd_result *)resp)->status == NIS_SYSTEMERROR
356 || ((fd_result *)resp)->status == NIS_NOSUCHNAME
357 || ((fd_result *)resp)->status == NIS_NOT_ME)
360 case NIS_DUMPLOG: /* log_result */
362 if (((log_result *)resp)->lr_status == NIS_SYSTEMERROR
363 || ((log_result *)resp)->lr_status == NIS_NOSUCHNAME
364 || ((log_result *)resp)->lr_status == NIS_NOT_ME)
370 retcode = NIS_SUCCESS;
373 while ((flags & HARD_LOOKUP) && retcode == NIS_RPCERROR);
377 libnsl_hidden_def (__do_niscall3)
381 __do_niscall2 (const nis_server *server, u_int server_len, u_long prog,
382 xdrproc_t xargs, caddr_t req, xdrproc_t xres, caddr_t resp,
383 unsigned int flags, nis_cb *cb)
388 if (flags & MASTER_ONLY)
391 status = __nisbind_create (&dbp, server, server_len, ~0, ~0, flags);
392 if (status != NIS_SUCCESS)
395 while (__nisbind_connect (&dbp) != NIS_SUCCESS)
396 if (__nisbind_next (&dbp) != NIS_SUCCESS)
397 return NIS_NAMEUNREACHABLE;
399 status = __do_niscall3 (&dbp, prog, xargs, req, xres, resp, flags, cb);
401 __nisbind_destroy (&dbp);
407 static directory_obj *
408 rec_dirsearch (const_nis_name name, directory_obj *dir, nis_error *status)
413 switch (nis_dir_cmp (name, dir->do_name))
416 *status = NIS_SUCCESS;
419 /* NOT_SEQUENTIAL means, go one up and try it there ! */
421 { /* We need data from a parent domain */
423 const char *ndomain = __nis_domain_of (dir->do_name);
425 /* The root server of our domain is a replica of the parent
426 domain ! (Now I understand why a root server must be a
427 replica of the parent domain) */
428 fd_res = __nis_finddirectory (dir, ndomain);
431 nis_free_directory (dir);
432 *status = NIS_NOMEMORY;
435 *status = fd_res->status;
436 if (fd_res->status != NIS_SUCCESS)
438 /* Try the current directory obj, maybe it works */
439 __free_fdresult (fd_res);
442 nis_free_directory (dir);
443 obj = calloc (1, sizeof (directory_obj));
446 __free_fdresult (fd_res);
447 *status = NIS_NOMEMORY;
450 xdrmem_create (&xdrs, fd_res->dir_data.dir_data_val,
451 fd_res->dir_data.dir_data_len, XDR_DECODE);
452 _xdr_directory_obj (&xdrs, obj);
454 __free_fdresult (fd_res);
456 /* We have found a NIS+ server serving ndomain, now
457 let us search for "name" */
458 return rec_dirsearch (name, obj, status);
464 size_t namelen = strlen (name);
465 char leaf[namelen + 3];
466 char domain[namelen + 3];
470 strcpy (domain, name);
474 if (domain[0] == '\0')
476 nis_free_directory (dir);
479 nis_leaf_of_r (domain, leaf, sizeof (leaf));
480 ndomain = __nis_domain_of (domain);
481 memmove (domain, ndomain, strlen (ndomain) + 1);
483 while (nis_dir_cmp (domain, dir->do_name) != SAME_NAME);
485 cp = rawmemchr (leaf, '\0');
489 fd_res = __nis_finddirectory (dir, leaf);
492 nis_free_directory (dir);
493 *status = NIS_NOMEMORY;
496 *status = fd_res->status;
497 if (fd_res->status != NIS_SUCCESS)
499 /* Try the current directory object, maybe it works */
500 __free_fdresult (fd_res);
503 nis_free_directory (dir);
504 obj = calloc (1, sizeof(directory_obj));
507 __free_fdresult (fd_res);
508 *status = NIS_NOMEMORY;
511 xdrmem_create (&xdrs, fd_res->dir_data.dir_data_val,
512 fd_res->dir_data.dir_data_len, XDR_DECODE);
513 _xdr_directory_obj (&xdrs, obj);
515 __free_fdresult (fd_res);
516 /* We have found a NIS+ server serving ndomain, now
517 let us search for "name" */
518 return rec_dirsearch (name, obj, status);
522 nis_free_directory (dir);
523 *status = NIS_BADNAME;
526 nis_free_directory (dir);
531 /* We try to query the current server for the searched object,
532 maybe he know about it ? */
533 static directory_obj *
534 first_shoot (const_nis_name name, directory_obj *dir)
536 directory_obj *obj = NULL;
540 if (nis_dir_cmp (name, dir->do_name) == SAME_NAME)
543 fd_res = __nis_finddirectory (dir, name);
546 if (fd_res->status == NIS_SUCCESS
547 && (obj = calloc (1, sizeof (directory_obj))) != NULL)
549 xdrmem_create (&xdrs, fd_res->dir_data.dir_data_val,
550 fd_res->dir_data.dir_data_len, XDR_DECODE);
551 _xdr_directory_obj (&xdrs, obj);
554 if (strcmp (dir->do_name, obj->do_name) != 0)
556 nis_free_directory (obj);
561 __free_fdresult (fd_res);
564 nis_free_directory (dir);
569 static struct nis_server_cache
574 unsigned int server_used;
575 unsigned int current_ep;
578 } *nis_server_cache[16];
579 static time_t nis_cold_start_mtime;
580 __libc_lock_define_initialized (static, nis_server_cache_lock)
582 static directory_obj *
583 nis_server_cache_search (const_nis_name name, int search_parent,
584 unsigned int *server_used, unsigned int *current_ep,
587 directory_obj *ret = NULL;
593 int saved_errno = errno;
594 if (stat64 ("/var/nis/NIS_COLD_START", &st) < 0)
595 st.st_mtime = nis_cold_start_mtime + 1;
596 __set_errno (saved_errno);
598 __libc_lock_lock (nis_server_cache_lock);
600 for (i = 0; i < 16; ++i)
601 if (nis_server_cache[i] == NULL)
603 else if (st.st_mtime != nis_cold_start_mtime
604 || now->tv_sec > nis_server_cache[i]->expires)
606 free (nis_server_cache[i]);
607 nis_server_cache[i] = NULL;
609 else if (nis_server_cache[i]->search_parent == search_parent
610 && strcmp (nis_server_cache[i]->name, name) == 0)
612 ret = calloc (1, sizeof (directory_obj));
616 addr = rawmemchr (nis_server_cache[i]->name, '\0') + 8;
617 addr = (char *) ((uintptr_t) addr & ~(uintptr_t) 7);
618 xdrmem_create (&xdrs, addr, nis_server_cache[i]->size, XDR_DECODE);
619 if (!_xdr_directory_obj (&xdrs, ret))
624 free (nis_server_cache[i]);
625 nis_server_cache[i] = NULL;
629 *server_used = nis_server_cache[i]->server_used;
630 *current_ep = nis_server_cache[i]->current_ep;
634 nis_cold_start_mtime = st.st_mtime;
636 __libc_lock_unlock (nis_server_cache_lock);
641 nis_server_cache_add (const_nis_name name, int search_parent,
642 directory_obj *dir, unsigned int server_used,
643 unsigned int current_ep, struct timeval *now)
645 struct nis_server_cache **loc;
646 struct nis_server_cache *new;
647 struct nis_server_cache *old;
656 size = xdr_sizeof ((xdrproc_t) _xdr_directory_obj, (char *) dir);
657 new = calloc (1, sizeof (*new) + strlen (name) + 8 + size);
660 new->search_parent = search_parent;
662 new->expires = now->tv_sec + dir->do_ttl;
664 new->server_used = server_used;
665 new->current_ep = current_ep;
666 addr = stpcpy (new->name, name) + 8;
667 addr = (char *) ((uintptr_t) addr & ~(uintptr_t) 7);
669 xdrmem_create(&xdrs, addr, size, XDR_ENCODE);
670 if (!_xdr_directory_obj (&xdrs, dir))
678 __libc_lock_lock (nis_server_cache_lock);
680 /* Choose which entry should be evicted from the cache. */
681 loc = &nis_server_cache[0];
683 for (i = 1; i < 16; ++i)
684 if (nis_server_cache[i] == NULL)
686 loc = &nis_server_cache[i];
689 else if ((*loc)->uses > nis_server_cache[i]->uses
690 || ((*loc)->uses == nis_server_cache[i]->uses
691 && (*loc)->expires > nis_server_cache[i]->expires))
692 loc = &nis_server_cache[i];
696 __libc_lock_unlock (nis_server_cache_lock);
701 __nisfind_server (const_nis_name name, int search_parent,
702 directory_obj **dir, dir_binding *dbp, unsigned int flags)
704 nis_error result = NIS_SUCCESS;
708 unsigned int server_used = ~0;
709 unsigned int current_ep = ~0;
717 (void) gettimeofday (&now, NULL);
719 if ((flags & NO_CACHE) == 0)
720 *dir = nis_server_cache_search (name, search_parent, &server_used,
724 unsigned int server_len = (*dir)->do_servers.do_servers_len;
725 if (flags & MASTER_ONLY)
728 if (server_used != 0)
734 result = __nisbind_create (dbp, (*dir)->do_servers.do_servers_val,
735 server_len, server_used, current_ep, flags);
736 if (result != NIS_SUCCESS)
738 nis_free_directory (*dir);
744 int saved_errno = errno;
745 *dir = readColdStartFile ();
746 __set_errno (saved_errno);
748 /* No /var/nis/NIS_COLD_START->no NIS+ installed. */
751 /* Try at first, if servers in "dir" know our object */
752 const char *search_name = name;
754 search_name = __nis_domain_of (name);
755 obj = first_shoot (search_name, *dir);
758 obj = rec_dirsearch (search_name, *dir, &status);
763 if (result == NIS_SUCCESS)
765 unsigned int server_len = obj->do_servers.do_servers_len;
766 if (flags & MASTER_ONLY)
768 result = __nisbind_create (dbp, obj->do_servers.do_servers_val,
769 server_len, ~0, ~0, flags);
770 if (result == NIS_SUCCESS)
772 if ((flags & MASTER_ONLY) == 0
773 || obj->do_servers.do_servers_len == 1)
775 server_used = dbp->server_used;
776 current_ep = dbp->current_ep;
778 if ((flags & NO_CACHE) == 0)
779 nis_server_cache_add (name, search_parent, obj,
780 server_used, current_ep, &now);
784 nis_free_directory (obj);
796 __prepare_niscall (const_nis_name name, directory_obj **dirp,
797 dir_binding *bptrp, unsigned int flags)
799 nis_error retcode = __nisfind_server (name, 1, dirp, bptrp, flags);
800 if (__glibc_unlikely (retcode != NIS_SUCCESS))
804 if (__nisbind_connect (bptrp) == NIS_SUCCESS)
806 while (__nisbind_next (bptrp) == NIS_SUCCESS);
808 __nisbind_destroy (bptrp);
809 memset (bptrp, '\0', sizeof (*bptrp));
811 retcode = NIS_NAMEUNREACHABLE;
812 nis_free_directory (*dirp);
817 libnsl_hidden_def (__prepare_niscall)
821 __do_niscall (const_nis_name name, u_long prog, xdrproc_t xargs,
822 caddr_t req, xdrproc_t xres, caddr_t resp, unsigned int flags,
826 directory_obj *dir = NULL;
827 int saved_errno = errno;
829 nis_error retcode = __prepare_niscall (name, &dir, &bptr, flags);
830 if (retcode == NIS_SUCCESS)
832 retcode = __do_niscall3 (&bptr, prog, xargs, req, xres, resp, flags, cb);
834 __nisbind_destroy (&bptr);
836 nis_free_directory (dir);
839 __set_errno (saved_errno);