4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
23 * Copyright 2015 Nexenta Systems, Inc. All rights reserved.
24 * Copyright (c) 1989, 2010, Oracle and/or its affiliates. All rights reserved.
27 /* Copyright (c) 1983, 1984, 1985, 1986, 1987, 1988, 1989 AT&T */
28 /* All Rights Reserved */
31 * Portions of this source code were derived from Berkeley 4.3 BSD
32 * under license from the Regents of the University of California.
36 #include <stdio_ext.h>
39 #include <sys/types.h>
42 #include <sys/param.h>
45 #include <netconfig.h>
49 #include <sys/errno.h>
50 #include <rpcsvc/mount.h>
51 #include <sys/pathconf.h>
52 #include <sys/systeminfo.h>
53 #include <sys/utsname.h>
55 #include <sys/resource.h>
60 #include <sys/socket.h>
61 #include <netinet/in.h>
62 #include <arpa/inet.h>
66 #include <priv_utils.h>
68 #include <nfs/nfssys.h>
70 #include <nfs/nfs_sec.h>
71 #include <rpcsvc/daemon_utils.h>
73 #include "../../fslib.h"
74 #include <sharefs/share.h>
75 #include <sharefs/sharetab.h>
76 #include "../lib/sharetab.h"
78 #include <tsol/label.h>
79 #include <sys/tsol/label_macro.h>
84 #include <sys/nvpair.h>
91 extern int daemonize_init(void);
92 extern void daemonize_fini(int);
94 extern int _nfssys(int, void *);
96 struct sh_list
*share_list
;
98 rwlock_t sharetab_lock
; /* lock to protect the cached sharetab */
99 static mutex_t mnttab_lock
; /* prevent concurrent mnttab readers */
101 static mutex_t logging_queue_lock
;
102 static cond_t logging_queue_cv
;
104 static share_t
*find_lofsentry(char *, int *);
105 static int getclientsflavors_old(share_t
*, struct cln
*, int *);
106 static int getclientsflavors_new(share_t
*, struct cln
*, int *);
107 static int check_client_old(share_t
*, struct cln
*, int, uid_t
, gid_t
, uint_t
,
108 gid_t
*, uid_t
*, gid_t
*, uint_t
*, gid_t
**);
109 static int check_client_new(share_t
*, struct cln
*, int, uid_t
, gid_t
, uint_t
,
110 gid_t
*, uid_t
*, gid_t
*i
, uint_t
*, gid_t
**);
111 static void mnt(struct svc_req
*, SVCXPRT
*);
112 static void mnt_pathconf(struct svc_req
*);
113 static int mount(struct svc_req
*r
);
114 static void sh_free(struct sh_list
*);
115 static void umount(struct svc_req
*);
116 static void umountall(struct svc_req
*);
117 static int newopts(char *);
118 static tsol_tpent_t
*get_client_template(struct sockaddr
*);
121 static int rejecting
;
122 static int mount_vers_min
= MOUNTVERS
;
123 static int mount_vers_max
= MOUNTVERS3
;
125 extern void nfscmd_func(void *, char *, size_t, door_desc_t
*, uint_t
);
127 thread_t nfsauth_thread
;
129 thread_t logging_thread
;
131 typedef struct logging_data
{
137 struct netbuf
*ld_nb
;
138 struct logging_data
*ld_next
;
141 static logging_data
*logging_head
= NULL
;
142 static logging_data
*logging_tail
= NULL
;
145 * Our copy of some system variables obtained using sysconf(3c)
147 static long ngroups_max
; /* _SC_NGROUPS_MAX */
148 static long pw_size
; /* _SC_GETPW_R_SIZE_MAX */
152 nfsauth_svc(void *arg
)
160 if ((doorfd
= door_create(nfsauth_func
, NULL
,
161 DOOR_REFUSE_DESC
| DOOR_NO_CANCEL
)) == -1) {
162 syslog(LOG_ERR
, "Unable to create door: %m\n");
168 * Create a file system path for the door
170 if ((dfd
= open(MOUNTD_DOOR
, O_RDWR
|O_CREAT
|O_TRUNC
,
171 S_IRUSR
|S_IWUSR
|S_IRGRP
|S_IROTH
)) == -1) {
172 syslog(LOG_ERR
, "Unable to open %s: %m\n", MOUNTD_DOOR
);
173 (void) close(doorfd
);
178 * Clean up any stale namespace associations
180 (void) fdetach(MOUNTD_DOOR
);
183 * Register in namespace to pass to the kernel to door_ki_open
185 if (fattach(doorfd
, MOUNTD_DOOR
) == -1) {
186 syslog(LOG_ERR
, "Unable to fattach door: %m\n");
188 (void) close(doorfd
);
195 * Must pass the doorfd down to the kernel.
198 (void) _nfssys(MOUNTD_ARGS
, &darg
);
201 * Wait for incoming calls
208 syslog(LOG_ERR
, gettext("Door server exited"));
213 * NFS command service thread code for setup and handling of the
214 * nfs_cmd requests for character set conversion and other future
224 if ((doorfd
= door_create(nfscmd_func
, NULL
,
225 DOOR_REFUSE_DESC
| DOOR_NO_CANCEL
)) == -1) {
226 syslog(LOG_ERR
, "Unable to create cmd door: %m\n");
231 * Must pass the doorfd down to the kernel.
234 (void) _nfssys(NFSCMD_ARGS
, &darg
);
237 * Wait for incoming calls
244 syslog(LOG_ERR
, gettext("Cmd door server exited"));
249 free_logging_data(logging_data
*lq
)
255 if (lq
->ld_nb
!= NULL
) {
256 free(lq
->ld_nb
->buf
);
267 static logging_data
*
268 remove_head_of_queue(void)
273 * Pull it off the queue.
277 logging_head
= lq
->ld_next
;
282 if (logging_head
== NULL
) {
291 do_logging_queue(logging_data
*lq
)
299 if (lq
->ld_host
== NULL
) {
300 DTRACE_PROBE(mountd
, name_by_lazy
);
301 cln_init_lazy(&cln
, lq
->ld_netid
, lq
->ld_nb
);
302 host
= cln_gethost(&cln
);
306 audit_mountd_mount(host
, lq
->ld_path
, lq
->ld_status
); /* BSM */
308 /* add entry to mount list */
310 mntlist_new(host
, lq
->ld_rpath
);
312 if (lq
->ld_host
== NULL
)
315 free_logging_data(lq
);
318 (void) mutex_lock(&logging_queue_lock
);
319 lq
= remove_head_of_queue();
320 (void) mutex_unlock(&logging_queue_lock
);
323 DTRACE_PROBE1(mountd
, logging_cleared
, cleared
);
327 logging_svc(void *arg
)
332 (void) mutex_lock(&logging_queue_lock
);
333 while (logging_head
== NULL
) {
334 (void) cond_wait(&logging_queue_cv
,
335 &logging_queue_lock
);
338 lq
= remove_head_of_queue();
339 (void) mutex_unlock(&logging_queue_lock
);
341 do_logging_queue(lq
);
345 syslog(LOG_ERR
, gettext("Logging server exited"));
350 convert_int(int *val
, char *str
)
354 if (str
== NULL
|| !isdigit(*str
))
357 lval
= strtol(str
, &str
, 10);
358 if (*str
!= '\0' || lval
> INT_MAX
)
366 main(int argc
, char *argv
[])
370 int rpc_svc_fdunlim
= 1;
371 int rpc_svc_mode
= RPC_SVC_MT_AUTO
;
372 int maxrecsz
= RPC_MAXDATASIZE
;
373 bool_t exclbind
= TRUE
;
375 long thr_flags
= (THR_NEW_LWP
|THR_DAEMON
);
377 int defvers
, ret
, bufsz
;
379 int listen_backlog
= 0;
386 * Mountd requires uid 0 for:
387 * /etc/rmtab updates (we could chown it to daemon)
388 * /etc/dfs/dfstab reading (it wants to lock out share which
389 * doesn't do any locking before first truncate;
390 * NFS share does; should use fcntl locking instead)
394 * file dac search (so it can stat all files)
395 * Optional privileges:
398 can_do_mlp
= priv_ineffect(PRIV_NET_BINDMLP
);
399 if (__init_daemon_priv(PU_RESETGROUPS
|PU_CLEARLIMITSET
, -1, -1,
400 PRIV_SYS_NFS
, PRIV_PROC_AUDIT
, PRIV_FILE_DAC_SEARCH
,
401 can_do_mlp
? PRIV_NET_BINDMLP
: NULL
, NULL
) == -1) {
402 (void) fprintf(stderr
,
403 "%s: must be run with sufficient privileges\n",
408 if (getrlimit(RLIMIT_NOFILE
, &rl
) != 0) {
409 syslog(LOG_ERR
, "getrlimit failed");
411 rl
.rlim_cur
= rl
.rlim_max
;
412 if (setrlimit(RLIMIT_NOFILE
, &rl
) != 0)
413 syslog(LOG_ERR
, "setrlimit failed");
416 (void) enable_extended_FILE_stdio(-1, -1);
418 ret
= nfs_smf_get_iprop("mountd_max_threads", &max_threads
,
419 DEFAULT_INSTANCE
, SCF_TYPE_INTEGER
, NFSD
);
421 syslog(LOG_ERR
, "Reading of mountd_max_threads from SMF "
422 "failed, using default value");
425 while ((c
= getopt(argc
, argv
, "vrm:")) != EOF
) {
434 if (convert_int(&tmp
, optarg
) != 0 || tmp
< 1) {
435 (void) fprintf(stderr
, "%s: invalid "
436 "max_threads option, using defaults\n",
443 fprintf(stderr
, "usage: mountd [-v] [-r]\n");
449 * Read in the NFS version values from config file.
452 ret
= nfs_smf_get_prop("server_versmin", defval
, DEFAULT_INSTANCE
,
453 SCF_TYPE_INTEGER
, NFSD
, &bufsz
);
456 defvers
= strtol(defval
, (char **)NULL
, 10);
458 mount_vers_min
= defvers
;
460 * special because NFSv2 is
461 * supported by mount v1 & v2
463 if (defvers
== NFS_VERSION
)
464 mount_vers_min
= MOUNTVERS
;
469 ret
= nfs_smf_get_prop("server_versmax", defval
, DEFAULT_INSTANCE
,
470 SCF_TYPE_INTEGER
, NFSD
, &bufsz
);
473 defvers
= strtol(defval
, (char **)NULL
, 10);
475 mount_vers_max
= defvers
;
479 ret
= nfs_smf_get_iprop("mountd_listen_backlog", &listen_backlog
,
480 DEFAULT_INSTANCE
, SCF_TYPE_INTEGER
, NFSD
);
482 syslog(LOG_ERR
, "Reading of mountd_listen_backlog from SMF "
483 "failed, using default value");
487 * Sanity check versions,
488 * even though we may get versions > MOUNTVERS3, we still need
489 * to start nfsauth service, so continue on regardless of values.
491 if (mount_vers_min
> mount_vers_max
) {
492 fprintf(stderr
, "server_versmin > server_versmax\n");
493 mount_vers_max
= mount_vers_min
;
495 (void) setlocale(LC_ALL
, "");
496 (void) rwlock_init(&sharetab_lock
, USYNC_THREAD
, NULL
);
497 (void) mutex_init(&mnttab_lock
, USYNC_THREAD
, NULL
);
498 (void) mutex_init(&logging_queue_lock
, USYNC_THREAD
, NULL
);
499 (void) cond_init(&logging_queue_cv
, USYNC_THREAD
, NULL
);
503 #if !defined(TEXT_DOMAIN)
504 #define TEXT_DOMAIN "SYS_TEST"
506 (void) textdomain(TEXT_DOMAIN
);
508 /* Don't drop core if the NFS module isn't loaded. */
509 (void) signal(SIGSYS
, SIG_IGN
);
511 pipe_fd
= daemonize_init();
514 * If we coredump it'll be in /core
517 fprintf(stderr
, "chdir /: %s\n", strerror(errno
));
519 openlog("mountd", LOG_PID
, LOG_DAEMON
);
522 * establish our lock on the lock file and write our pid to it.
523 * exit if some other process holds the lock, or if there's any
524 * error in writing/locking the file.
526 pid
= _enter_daemon_lock(MOUNTD
);
531 fprintf(stderr
, "error locking for %s: %s\n", MOUNTD
,
535 /* daemon was already running */
539 audit_mountd_setup(); /* BSM */
542 * Get required system variables
544 if ((ngroups_max
= sysconf(_SC_NGROUPS_MAX
)) == -1) {
545 syslog(LOG_ERR
, "Unable to get _SC_NGROUPS_MAX");
548 if ((pw_size
= sysconf(_SC_GETPW_R_SIZE_MAX
)) == -1) {
549 syslog(LOG_ERR
, "Unable to get _SC_GETPW_R_SIZE_MAX");
554 * Set number of file descriptors to unlimited
556 if (!rpc_control(RPC_SVC_USE_POLLFD
, &rpc_svc_fdunlim
)) {
557 syslog(LOG_INFO
, "unable to set number of FDs to unlimited");
561 * Tell RPC that we want automatic thread mode.
562 * A new thread will be spawned for each request.
564 if (!rpc_control(RPC_SVC_MTMODE_SET
, &rpc_svc_mode
)) {
565 fprintf(stderr
, "unable to set automatic MT mode\n");
570 * Enable non-blocking mode and maximum record size checks for
571 * connection oriented transports.
573 if (!rpc_control(RPC_SVC_CONNMAXREC_SET
, &maxrecsz
)) {
574 fprintf(stderr
, "unable to set RPC max record size\n");
578 * Prevent our non-priv udp and tcp ports bound w/wildcard addr
579 * from being hijacked by a bind to a more specific addr.
581 if (!rpc_control(__RPC_SVC_EXCLBIND_SET
, &exclbind
)) {
582 fprintf(stderr
, "warning: unable to set udp/tcp EXCLBIND\n");
586 * Set the maximum number of outstanding connection
587 * indications (listen backlog) to the value specified.
589 if (listen_backlog
> 0 && !rpc_control(__RPC_SVC_LSTNBKLOG_SET
,
591 fprintf(stderr
, "unable to set listen backlog\n");
596 * If max_threads was specified, then set the
597 * maximum number of threads to the value specified.
599 if (max_threads
> 0 && !rpc_control(RPC_SVC_THRMAX_SET
, &max_threads
)) {
600 fprintf(stderr
, "unable to set max_threads\n");
605 * Make sure to unregister any previous versions in case the
606 * user is reconfiguring the server in interesting ways.
608 svc_unreg(MOUNTPROG
, MOUNTVERS
);
609 svc_unreg(MOUNTPROG
, MOUNTVERS_POSIX
);
610 svc_unreg(MOUNTPROG
, MOUNTVERS3
);
613 * Create the nfsauth thread with same signal disposition
614 * as the main thread. We need to create a separate thread
615 * since mountd() will be both an RPC server (for remote
616 * traffic) _and_ a doors server (for kernel upcalls).
618 if (thr_create(NULL
, 0, nfsauth_svc
, 0, thr_flags
, &nfsauth_thread
)) {
620 gettext("Failed to create NFSAUTH svc thread\n"));
625 * Create the cmd service thread with same signal disposition
626 * as the main thread. We need to create a separate thread
627 * since mountd() will be both an RPC server (for remote
628 * traffic) _and_ a doors server (for kernel upcalls).
630 if (thr_create(NULL
, 0, cmd_svc
, 0, thr_flags
, &cmd_thread
)) {
631 syslog(LOG_ERR
, gettext("Failed to create CMD svc thread"));
636 * Create an additional thread to service the rmtab and
637 * audit_mountd_mount logging for mount requests. Use the same
638 * signal disposition as the main thread. We create
639 * a separate thread to allow the mount request threads to
640 * clear as soon as possible.
642 if (thr_create(NULL
, 0, logging_svc
, 0, thr_flags
, &logging_thread
)) {
643 syslog(LOG_ERR
, gettext("Failed to create LOGGING svc thread"));
648 * Create datagram and connection oriented services
650 if (mount_vers_max
>= MOUNTVERS
) {
651 if (svc_create(mnt
, MOUNTPROG
, MOUNTVERS
, "datagram_v") == 0) {
653 "couldn't register datagram_v MOUNTVERS\n");
656 if (svc_create(mnt
, MOUNTPROG
, MOUNTVERS
, "circuit_v") == 0) {
658 "couldn't register circuit_v MOUNTVERS\n");
663 if (mount_vers_max
>= MOUNTVERS_POSIX
) {
664 if (svc_create(mnt
, MOUNTPROG
, MOUNTVERS_POSIX
,
665 "datagram_v") == 0) {
667 "couldn't register datagram_v MOUNTVERS_POSIX\n");
670 if (svc_create(mnt
, MOUNTPROG
, MOUNTVERS_POSIX
,
673 "couldn't register circuit_v MOUNTVERS_POSIX\n");
678 if (mount_vers_max
>= MOUNTVERS3
) {
679 if (svc_create(mnt
, MOUNTPROG
, MOUNTVERS3
, "datagram_v") == 0) {
681 "couldn't register datagram_v MOUNTVERS3\n");
684 if (svc_create(mnt
, MOUNTPROG
, MOUNTVERS3
, "circuit_v") == 0) {
686 "couldn't register circuit_v MOUNTVERS3\n");
696 daemonize_fini(pipe_fd
);
698 /* Get rid of the most dangerous basic privileges. */
699 __fini_daemon_priv(PRIV_PROC_EXEC
, PRIV_PROC_INFO
, PRIV_PROC_SESSION
,
703 syslog(LOG_ERR
, "Error: svc_run shouldn't have returned");
711 * Server procedure switch routine
714 mnt(struct svc_req
*rqstp
, SVCXPRT
*transp
)
716 switch (rqstp
->rq_proc
) {
719 if (!svc_sendreply(transp
, xdr_void
, (char *)0))
720 log_cant_reply(transp
);
728 mntlist_send(transp
);
735 case MOUNTPROC_UMNTALL
:
739 case MOUNTPROC_EXPORT
:
740 case MOUNTPROC_EXPORTALL
:
744 case MOUNTPROC_PATHCONF
:
745 if (rqstp
->rq_vers
== MOUNTVERS_POSIX
)
748 svcerr_noproc(transp
);
752 svcerr_noproc(transp
);
758 log_cant_reply_cln(struct cln
*cln
)
763 saverrno
= errno
; /* save error code */
765 host
= cln_gethost(cln
);
771 syslog(LOG_ERR
, "couldn't send reply to %s", host
);
773 syslog(LOG_ERR
, "couldn't send reply to %s: %m", host
);
777 log_cant_reply(SVCXPRT
*transp
)
782 saverrno
= errno
; /* save error code */
783 cln_init(&cln
, transp
);
786 log_cant_reply_cln(&cln
);
792 * Answer pathconf questions for the mount point fs
795 mnt_pathconf(struct svc_req
*rqstp
)
799 char *path
, rpath
[MAXPATHLEN
];
802 transp
= rqstp
->rq_xprt
;
804 (void) memset((caddr_t
)&p
, 0, sizeof (p
));
806 if (!svc_getargs(transp
, xdr_dirpath
, (caddr_t
)&path
)) {
807 svcerr_decode(transp
);
810 if (lstat(path
, &st
) < 0) {
811 _PC_SET(_PC_ERROR
, p
.pc_mask
);
815 * Get a path without symbolic links.
817 if (realpath(path
, rpath
) == NULL
) {
819 "mount request: realpath failed on %s: %m",
821 _PC_SET(_PC_ERROR
, p
.pc_mask
);
824 (void) memset((caddr_t
)&p
, 0, sizeof (p
));
826 * can't ask about devices over NFS
828 _PC_SET(_PC_MAX_CANON
, p
.pc_mask
);
829 _PC_SET(_PC_MAX_INPUT
, p
.pc_mask
);
830 _PC_SET(_PC_PIPE_BUF
, p
.pc_mask
);
831 _PC_SET(_PC_VDISABLE
, p
.pc_mask
);
834 p
.pc_link_max
= pathconf(rpath
, _PC_LINK_MAX
);
836 _PC_SET(_PC_LINK_MAX
, p
.pc_mask
);
837 p
.pc_name_max
= pathconf(rpath
, _PC_NAME_MAX
);
839 _PC_SET(_PC_NAME_MAX
, p
.pc_mask
);
840 p
.pc_path_max
= pathconf(rpath
, _PC_PATH_MAX
);
842 _PC_SET(_PC_PATH_MAX
, p
.pc_mask
);
843 if (pathconf(rpath
, _PC_NO_TRUNC
) == 1)
844 _PC_SET(_PC_NO_TRUNC
, p
.pc_mask
);
845 if (pathconf(rpath
, _PC_CHOWN_RESTRICTED
) == 1)
846 _PC_SET(_PC_CHOWN_RESTRICTED
, p
.pc_mask
);
850 if (!svc_sendreply(transp
, xdr_ppathcnf
, (char *)&p
))
851 log_cant_reply(transp
);
853 svc_freeargs(transp
, xdr_dirpath
, (caddr_t
)&path
);
857 * If the rootmount (export) option is specified, the all mount requests for
858 * subdirectories return EACCES.
861 checkrootmount(share_t
*sh
, char *rpath
)
865 if ((val
= getshareopt(sh
->sh_opts
, SHOPT_NOSUB
)) != NULL
) {
867 if (strcmp(sh
->sh_path
, rpath
) != 0)
875 #define MAX_FLAVORS 128
878 * Return only EACCES if client does not have access
880 * "If the server exports only /a/b, an attempt to
881 * mount a/b/c will fail with ENOENT if the directory
882 * does not exist"... However, if the client
883 * does not have access to /a/b, an attacker can
884 * determine whether the directory exists.
885 * This routine checks either existence of the file or
886 * existence of the file name entry in the mount table.
887 * If the file exists and there is no file name entry,
888 * the error returned should be EACCES.
889 * If the file does not exist, it must be determined
890 * whether the client has access to a parent
891 * directory. If the client has access to a parent
892 * directory, the error returned should be ENOENT,
896 mount_enoent_error(struct cln
*cln
, char *path
, char *rpath
, int *flavor_list
)
898 char *checkpath
, *dp
;
900 int realpath_error
= ENOENT
, reply_error
= EACCES
, lofs_tried
= 0;
903 checkpath
= strdup(path
);
904 if (checkpath
== NULL
) {
905 syslog(LOG_ERR
, "mount_enoent: no memory");
916 if ((sh
= findentry(rpath
)) == NULL
&&
917 (sh
= find_lofsentry(rpath
, &lofs_tried
)) == NULL
) {
919 * There is no file name entry.
920 * If the file (with symbolic links resolved) exists,
921 * the error returned should be EACCES.
923 if (realpath_error
== 0)
925 } else if (checkrootmount(sh
, rpath
) == 0) {
927 * This is a "nosub" only export, in which case,
928 * mounting subdirectories isn't allowed.
929 * If the file (with symbolic links resolved) exists,
930 * the error returned should be EACCES.
932 if (realpath_error
== 0)
936 * Check permissions in mount table.
938 if (newopts(sh
->sh_opts
))
939 flavor_count
= getclientsflavors_new(sh
, cln
,
942 flavor_count
= getclientsflavors_old(sh
, cln
,
944 if (flavor_count
!= 0) {
946 * Found entry in table and
947 * client has correct permissions.
949 reply_error
= ENOENT
;
955 * Check all parent directories.
957 dp
= strrchr(checkpath
, '/');
961 if (strlen(checkpath
) == 0)
964 * Get the real path (no symbolic links in it)
966 if (realpath(checkpath
, rpath
) == NULL
) {
977 return (reply_error
);
981 * We need to inform the caller whether or not we were
982 * able to add a node to the queue. If we are not, then
983 * it is up to the caller to go ahead and log the data.
986 enqueue_logging_data(char *host
, SVCXPRT
*transp
, char *path
,
987 char *rpath
, int status
, int error
)
992 lq
= (logging_data
*)calloc(1, sizeof (logging_data
));
997 * We might not yet have the host...
1000 DTRACE_PROBE1(mountd
, log_host
, host
);
1001 lq
->ld_host
= strdup(host
);
1002 if (lq
->ld_host
== NULL
)
1005 DTRACE_PROBE(mountd
, log_no_host
);
1007 lq
->ld_netid
= strdup(transp
->xp_netid
);
1008 if (lq
->ld_netid
== NULL
)
1011 lq
->ld_nb
= calloc(1, sizeof (struct netbuf
));
1012 if (lq
->ld_nb
== NULL
)
1015 nb
= svc_getrpccaller(transp
);
1017 DTRACE_PROBE(mountd
, e__nb__enqueue
);
1021 DTRACE_PROBE(mountd
, nb_set_enqueue
);
1023 lq
->ld_nb
->maxlen
= nb
->maxlen
;
1024 lq
->ld_nb
->len
= nb
->len
;
1026 lq
->ld_nb
->buf
= malloc(lq
->ld_nb
->len
);
1027 if (lq
->ld_nb
->buf
== NULL
)
1030 bcopy(nb
->buf
, lq
->ld_nb
->buf
, lq
->ld_nb
->len
);
1033 lq
->ld_path
= strdup(path
);
1034 if (lq
->ld_path
== NULL
)
1038 lq
->ld_rpath
= strdup(rpath
);
1039 if (lq
->ld_rpath
== NULL
)
1043 lq
->ld_status
= status
;
1046 * Add to the tail of the logging queue.
1048 (void) mutex_lock(&logging_queue_lock
);
1049 if (logging_tail
== NULL
) {
1050 logging_tail
= logging_head
= lq
;
1052 logging_tail
->ld_next
= lq
;
1055 (void) cond_signal(&logging_queue_cv
);
1056 (void) mutex_unlock(&logging_queue_lock
);
1062 free_logging_data(lq
);
1068 #define CLN_CLNAMES (1 << 0)
1069 #define CLN_HOST (1 << 1)
1072 cln_init_common(struct cln
*cln
, SVCXPRT
*transp
, char *netid
,
1073 struct netbuf
*nbuf
)
1075 if ((cln
->transp
= transp
) != NULL
) {
1076 assert(netid
== NULL
&& nbuf
== NULL
);
1077 cln
->netid
= transp
->xp_netid
;
1078 cln
->nbuf
= svc_getrpccaller(transp
);
1085 cln
->clnames
= NULL
;
1092 cln_init(struct cln
*cln
, SVCXPRT
*transp
)
1094 cln_init_common(cln
, transp
, NULL
, NULL
);
1098 cln_init_lazy(struct cln
*cln
, char *netid
, struct netbuf
*nbuf
)
1100 cln_init_common(cln
, NULL
, netid
, nbuf
);
1104 cln_fini(struct cln
*cln
)
1106 if (cln
->nconf
!= NULL
)
1107 freenetconfigent(cln
->nconf
);
1109 if (cln
->clnames
!= NULL
)
1110 netdir_free(cln
->clnames
, ND_HOSTSERVLIST
);
1116 cln_getnbuf(struct cln
*cln
)
1121 struct nd_hostservlist
*
1122 cln_getclientsnames(struct cln
*cln
)
1124 if ((cln
->flags
& CLN_CLNAMES
) == 0) {
1126 * nconf is not needed if we do not have nbuf (see
1127 * cln_gethost() too), so we check for nbuf and in a case it is
1128 * NULL we do not try to get nconf.
1130 if (cln
->netid
!= NULL
&& cln
->nbuf
!= NULL
) {
1131 cln
->nconf
= getnetconfigent(cln
->netid
);
1132 if (cln
->nconf
== NULL
)
1133 syslog(LOG_ERR
, "%s: getnetconfigent failed",
1137 if (cln
->nconf
!= NULL
&& cln
->nbuf
!= NULL
)
1138 (void) __netdir_getbyaddr_nosrv(cln
->nconf
,
1139 &cln
->clnames
, cln
->nbuf
);
1141 cln
->flags
|= CLN_CLNAMES
;
1144 return (cln
->clnames
);
1148 * Return B_TRUE if the host is already available at no cost
1151 cln_havehost(struct cln
*cln
)
1153 return ((cln
->flags
& (CLN_CLNAMES
| CLN_HOST
)) != 0);
1157 cln_gethost(struct cln
*cln
)
1159 if (cln_getclientsnames(cln
) != NULL
)
1160 return (cln
->clnames
->h_hostservs
[0].h_host
);
1162 if ((cln
->flags
& CLN_HOST
) == 0) {
1163 if (cln
->nconf
== NULL
|| cln
->nbuf
== NULL
) {
1164 cln
->host
= strdup("(anon)");
1166 char host
[MAXIPADDRLEN
];
1168 if (strcmp(cln
->nconf
->nc_protofmly
, NC_INET
) == 0) {
1169 struct sockaddr_in
*sa
;
1171 /* LINTED pointer alignment */
1172 sa
= (struct sockaddr_in
*)(cln
->nbuf
->buf
);
1173 (void) inet_ntoa_r(sa
->sin_addr
, host
);
1175 cln
->host
= strdup(host
);
1176 } else if (strcmp(cln
->nconf
->nc_protofmly
,
1178 struct sockaddr_in6
*sa
;
1180 /* LINTED pointer alignment */
1181 sa
= (struct sockaddr_in6
*)(cln
->nbuf
->buf
);
1182 (void) inet_ntop(AF_INET6
,
1183 sa
->sin6_addr
.s6_addr
,
1184 host
, INET6_ADDRSTRLEN
);
1186 cln
->host
= strdup(host
);
1188 syslog(LOG_ERR
, gettext("Client's address is "
1189 "neither IPv4 nor IPv6"));
1191 cln
->host
= strdup("(anon)");
1195 cln
->flags
|= CLN_HOST
;
1202 * Check mount requests, add to mounted list if ok
1205 mount(struct svc_req
*rqstp
)
1209 struct fhstatus fhs
;
1210 struct mountres3 mountres3
;
1213 char *path
, rpath
[MAXPATHLEN
];
1217 int error
= 0, lofs_tried
= 0, enqueued
;
1218 int flavor_list
[MAX_FLAVORS
];
1224 transp
= rqstp
->rq_xprt
;
1225 version
= rqstp
->rq_vers
;
1228 if (!svc_getargs(transp
, xdr_dirpath
, (caddr_t
)&path
)) {
1229 svcerr_decode(transp
);
1233 cln_init(&cln
, transp
);
1236 * Put off getting the name for the client until we
1237 * need it. This is a performance gain. If we are logging,
1238 * then we don't care about performance and might as well
1239 * get the host name now in case we need to spit out an
1243 DTRACE_PROBE(mountd
, name_by_verbose
);
1244 if ((host
= cln_gethost(&cln
)) == NULL
) {
1246 * We failed to get a name for the client, even
1247 * 'anon', probably because we ran out of memory.
1248 * In this situation it doesn't make sense to
1249 * allow the mount to succeed.
1257 * If the version being used is less than the minimum version,
1258 * the filehandle translation should not be provided to the
1261 if (rejecting
|| version
< mount_vers_min
) {
1263 syslog(LOG_NOTICE
, "Rejected mount: %s for %s",
1270 * Trusted Extension doesn't support nfsv2. nfsv2 client
1271 * uses MOUNT protocol v1 and v2. To prevent circumventing
1272 * TX label policy via using nfsv2 client, reject a mount
1273 * request with version less than 3 and log an error.
1275 if (is_system_labeled()) {
1279 "Rejected mount: TX doesn't support NFSv2");
1286 * Get the real path (no symbolic links in it)
1288 if (realpath(path
, rpath
) == NULL
) {
1292 "mount request: realpath: %s: %m", path
);
1293 if (error
== ENOENT
)
1294 error
= mount_enoent_error(&cln
, path
, rpath
,
1299 if ((sh
= findentry(rpath
)) == NULL
&&
1300 (sh
= find_lofsentry(rpath
, &lofs_tried
)) == NULL
) {
1306 * Check if this is a "nosub" only export, in which case, mounting
1307 * subdirectories isn't allowed. Bug 1184573.
1309 if (checkrootmount(sh
, rpath
) == 0) {
1314 if (newopts(sh
->sh_opts
))
1315 flavor_count
= getclientsflavors_new(sh
, &cln
, flavor_list
);
1317 flavor_count
= getclientsflavors_old(sh
, &cln
, flavor_list
);
1319 if (flavor_count
== 0) {
1325 * Check MAC policy here. The server side policy should be
1326 * consistent with client side mount policy, i.e.
1327 * - we disallow an admin_low unlabeled client to mount
1328 * - we disallow mount from a lower labeled client.
1330 if (is_system_labeled()) {
1331 m_label_t
*clabel
= NULL
;
1332 m_label_t
*slabel
= NULL
;
1333 m_label_t admin_low
;
1335 if (svc_getcallerucred(rqstp
->rq_xprt
, &uc
) != 0) {
1337 "mount request: Failed to get caller's ucred : %m");
1341 if ((clabel
= ucred_getlabel(uc
)) == NULL
) {
1343 "mount request: can't get client label from ucred");
1349 if (blequal(&admin_low
, clabel
)) {
1350 struct sockaddr
*ca
;
1353 ca
= (struct sockaddr
*)(void *)svc_getrpccaller(
1354 rqstp
->rq_xprt
)->buf
;
1360 * get trusted network template associated
1363 tp
= get_client_template(ca
);
1364 if (tp
== NULL
|| tp
->host_type
!= SUN_CIPSO
) {
1372 if ((slabel
= m_label_alloc(MAC_LABEL
)) == NULL
) {
1377 if (getlabel(rpath
, slabel
) != 0) {
1378 m_label_free(slabel
);
1383 if (!bldominates(clabel
, slabel
)) {
1384 m_label_free(slabel
);
1388 m_label_free(slabel
);
1393 * Now get the filehandle.
1395 * NFS V2 clients get a 32 byte filehandle.
1396 * NFS V3 clients get a 32 or 64 byte filehandle, depending on
1397 * the embedded FIDs.
1399 vers
= (version
== MOUNTVERS3
) ? NFS_V3
: NFS_VERSION
;
1401 /* LINTED pointer alignment */
1402 while (nfs_getfh(rpath
, vers
, &len
, fh
) < 0) {
1403 if (errno
== EINVAL
&&
1404 (sh
= find_lofsentry(rpath
, &lofs_tried
)) != NULL
) {
1408 error
= errno
== EINVAL
? EACCES
: errno
;
1409 syslog(LOG_DEBUG
, "mount request: getfh failed on %s: %m",
1414 if (version
== MOUNTVERS3
) {
1415 mountres3
.mountres3_u
.mountinfo
.fhandle
.fhandle3_len
= len
;
1416 mountres3
.mountres3_u
.mountinfo
.fhandle
.fhandle3_val
= fh
;
1418 bcopy(fh
, &fhs
.fhstatus_u
.fhs_fhandle
, NFS_FHSIZE
);
1427 case MOUNTVERS_POSIX
:
1428 if (error
== EINVAL
)
1429 fhs
.fhs_status
= NFSERR_ACCES
;
1430 else if (error
== EREMOTE
)
1431 fhs
.fhs_status
= NFSERR_REMOTE
;
1433 fhs
.fhs_status
= error
;
1435 if (!svc_sendreply(transp
, xdr_fhstatus
, (char *)&fhs
))
1436 log_cant_reply_cln(&cln
);
1438 audit_status
= fhs
.fhs_status
;
1443 mountres3
.mountres3_u
.mountinfo
.auth_flavors
.auth_flavors_val
=
1445 mountres3
.mountres3_u
.mountinfo
.auth_flavors
.auth_flavors_len
=
1448 } else if (error
== ENAMETOOLONG
)
1449 error
= MNT3ERR_NAMETOOLONG
;
1451 mountres3
.fhs_status
= error
;
1452 if (!svc_sendreply(transp
, xdr_mountres3
, (char *)&mountres3
))
1453 log_cant_reply_cln(&cln
);
1455 audit_status
= mountres3
.fhs_status
;
1459 if (cln_havehost(&cln
))
1460 host
= cln_gethost(&cln
);
1463 syslog(LOG_NOTICE
, "MOUNT: %s %s %s",
1464 (host
== NULL
) ? "unknown host" : host
,
1465 error
? "denied" : "mounted", path
);
1468 * If we can not create a queue entry, go ahead and do it
1469 * in the context of this thread.
1471 enqueued
= enqueue_logging_data(host
, transp
, path
, rpath
,
1472 audit_status
, error
);
1473 if (enqueued
== FALSE
) {
1475 DTRACE_PROBE(mountd
, name_by_in_thread
);
1476 host
= cln_gethost(&cln
);
1479 DTRACE_PROBE(mountd
, logged_in_thread
);
1480 audit_mountd_mount(host
, path
, audit_status
); /* BSM */
1482 mntlist_new(host
, rpath
); /* add entry to mount list */
1486 svc_freeargs(transp
, xdr_dirpath
, (caddr_t
)&path
);
1497 * Determine whether two paths are within the same file system.
1498 * Returns nonzero (true) if paths are the same, zero (false) if
1499 * they are different. If an error occurs, return false.
1501 * Use the actual FSID if it's available (via getattrat()); otherwise,
1502 * fall back on st_dev.
1504 * With ZFS snapshots, st_dev differs from the regular file system
1505 * versus the snapshot. But the fsid is the same throughout. Thus
1506 * the fsid is a better test.
1509 same_file_system(const char *path1
, const char *path2
)
1511 uint64_t fsid1
, fsid2
;
1512 struct stat64 st1
, st2
;
1513 nvlist_t
*nvl1
= NULL
;
1514 nvlist_t
*nvl2
= NULL
;
1516 if ((getattrat(AT_FDCWD
, XATTR_VIEW_READONLY
, path1
, &nvl1
) == 0) &&
1517 (getattrat(AT_FDCWD
, XATTR_VIEW_READONLY
, path2
, &nvl2
) == 0) &&
1518 (nvlist_lookup_uint64(nvl1
, A_FSID
, &fsid1
) == 0) &&
1519 (nvlist_lookup_uint64(nvl2
, A_FSID
, &fsid2
) == 0)) {
1523 * We have found fsid's for both paths.
1536 * We were unable to find fsid's for at least one of the paths.
1537 * fall back on st_dev.
1540 if (stat64(path1
, &st1
) < 0) {
1541 syslog(LOG_NOTICE
, "%s: %m", path1
);
1544 if (stat64(path2
, &st2
) < 0) {
1545 syslog(LOG_NOTICE
, "%s: %m", path2
);
1549 if (st1
.st_dev
== st2
.st_dev
)
1556 findentry(char *path
)
1559 struct sh_list
*shp
;
1564 (void) rw_rdlock(&sharetab_lock
);
1566 for (shp
= share_list
; shp
; shp
= shp
->shl_next
) {
1568 for (p1
= sh
->sh_path
, p2
= path
; *p1
== *p2
; p1
++, p2
++)
1570 goto done
; /* exact match */
1573 * Now compare the pathnames for three cases:
1575 * Parent: /export/foo (no trailing slash on parent)
1576 * Child: /export/foo/bar
1578 * Parent: /export/foo/ (trailing slash on parent)
1579 * Child: /export/foo/bar
1581 * Parent: /export/foo/ (no trailing slash on child)
1582 * Child: /export/foo
1584 if ((*p1
== '\0' && *p2
== '/') ||
1585 (*p1
== '\0' && *(p1
-1) == '/') ||
1586 (*p2
== '\0' && *p1
== '/' && *(p1
+1) == '\0')) {
1588 * We have a subdirectory. Test whether the
1589 * subdirectory is in the same file system.
1591 if (same_file_system(path
, sh
->sh_path
))
1596 sh
= shp
? sharedup(sh
) : NULL
;
1598 (void) rw_unlock(&sharetab_lock
);
1605 is_substring(char **mntp
, char **path
)
1607 char *p1
= *mntp
, *p2
= *path
;
1609 if (*p1
== '\0' && *p2
== '\0') /* exact match */
1611 else if (*p1
== '\0' && *p2
== '/')
1613 else if (*p1
== '\0' && *(p1
-1) == '/') {
1614 *path
= --p2
; /* we need the slash in p2 */
1616 } else if (*p2
== '\0') {
1619 if (*p1
== '\0') /* exact match */
1626 * find_lofsentry() searches for the real path which this requested LOFS path
1627 * (rpath) shadows. If found, it will return the sharetab entry of
1628 * the real path that corresponds to the LOFS path.
1629 * We first search mnttab to see if the requested path is an automounted
1630 * path. If it is an automounted path, it will trigger the mount by stat()ing
1631 * the requested path. Note that it is important to check that this path is
1632 * actually an automounted path, otherwise we would stat() a path which may
1633 * turn out to be NFS and block indefinitely on a dead server. The automounter
1634 * times-out if the server is dead, so there's no risk of hanging this
1635 * thread waiting for stat().
1636 * After the mount has been triggered (if necessary), we look for a
1637 * mountpoint of type LOFS (by searching /etc/mnttab again) which
1638 * is a substring of the rpath. If found, we construct a new path by
1639 * concatenating the mnt_special and the remaining of rpath, call findentry()
1640 * to make sure the 'real path' is shared.
1643 find_lofsentry(char *rpath
, int *done_flag
)
1645 struct stat r_stbuf
;
1646 mntlist_t
*ml
, *mntl
, *mntpnt
= NULL
;
1647 share_t
*retcode
= NULL
;
1648 char tmp_path
[MAXPATHLEN
];
1649 int mntpnt_len
= 0, tmp
;
1656 * While fsgetmntlist() uses lockf() to
1657 * lock the mnttab before reading it in,
1658 * the lock ignores threads in the same process.
1659 * Read in the mnttab with the protection of a mutex.
1661 (void) mutex_lock(&mnttab_lock
);
1662 mntl
= fsgetmntlist();
1663 (void) mutex_unlock(&mnttab_lock
);
1666 * Obtain the mountpoint for the requested path.
1668 for (ml
= mntl
; ml
; ml
= ml
->mntl_next
) {
1669 for (p1
= ml
->mntl_mnt
->mnt_mountp
, p2
= rpath
;
1670 *p1
== *p2
&& *p1
; p1
++, p2
++)
1672 if (is_substring(&p1
, &p2
) &&
1673 (tmp
= strlen(ml
->mntl_mnt
->mnt_mountp
)) >= mntpnt_len
) {
1680 * If the path needs to be autoFS mounted, trigger the mount by
1681 * stat()ing it. This is determined by checking whether the
1682 * mountpoint we just found is of type autofs.
1684 if (mntpnt
!= NULL
&&
1685 strcmp(mntpnt
->mntl_mnt
->mnt_fstype
, "autofs") == 0) {
1687 * The requested path is a substring of an autoFS filesystem.
1688 * Trigger the mount.
1690 if (stat(rpath
, &r_stbuf
) < 0) {
1692 syslog(LOG_NOTICE
, "%s: %m", rpath
);
1695 if ((r_stbuf
.st_mode
& S_IFMT
) == S_IFDIR
) {
1697 * The requested path is a directory, stat(2) it
1698 * again with a trailing '.' to force the autoFS
1699 * module to trigger the mount of indirect
1700 * automount entries, such as /net/jurassic/.
1702 if (strlen(rpath
) + 2 > MAXPATHLEN
) {
1705 "%s/.: exceeds MAXPATHLEN %d",
1710 (void) strcpy(tmp_path
, rpath
);
1711 (void) strcat(tmp_path
, "/.");
1713 if (stat(tmp_path
, &r_stbuf
) < 0) {
1715 syslog(LOG_NOTICE
, "%s: %m", tmp_path
);
1721 * The mount has been triggered, re-read mnttab to pick up
1722 * the changes made by autoFS.
1724 fsfreemntlist(mntl
);
1725 (void) mutex_lock(&mnttab_lock
);
1726 mntl
= fsgetmntlist();
1727 (void) mutex_unlock(&mnttab_lock
);
1731 * The autoFS mountpoint has been triggered if necessary,
1732 * now search mnttab again to determine if the requested path
1733 * is an LOFS mount of a shared path.
1736 for (ml
= mntl
; ml
; ml
= ml
->mntl_next
) {
1737 if (strcmp(ml
->mntl_mnt
->mnt_fstype
, "lofs"))
1740 for (p1
= ml
->mntl_mnt
->mnt_mountp
, p2
= rpath
;
1741 *p1
== *p2
&& *p1
; p1
++, p2
++)
1744 if (is_substring(&p1
, &p2
) &&
1745 ((tmp
= strlen(ml
->mntl_mnt
->mnt_mountp
)) >= mntpnt_len
)) {
1748 if ((strlen(ml
->mntl_mnt
->mnt_special
) + strlen(p2
)) >
1751 syslog(LOG_NOTICE
, "%s%s: exceeds %d",
1752 ml
->mntl_mnt
->mnt_special
, p2
,
1761 (void) strcpy(tmp_path
, ml
->mntl_mnt
->mnt_special
);
1762 (void) strcat(tmp_path
, p2
);
1765 retcode
= findentry(tmp_path
);
1770 assert(strlen(tmp_path
) > 0);
1771 (void) strcpy(rpath
, tmp_path
);
1775 fsfreemntlist(mntl
);
1780 * Determine whether an access list grants rights to a particular host.
1781 * We match on aliases of the hostname as well as on the canonical name.
1782 * Names in the access list may be either hosts or netgroups; they're
1783 * not distinguished syntactically. We check for hosts first because
1784 * it's cheaper, then try netgroups.
1787 * 1 - access is granted
1788 * 0 - access is denied
1789 * -1 - an error occured
1792 in_access_list(struct cln
*cln
,
1793 char *access_list
) /* N.B. we clobber this "input" parameter */
1795 char addr
[INET_ADDRSTRLEN
];
1798 char *cstr
= access_list
;
1799 char *gr
= access_list
;
1804 struct nd_hostservlist
*clnames
= NULL
;
1806 /* If no access list - then it's unrestricted */
1807 if (access_list
== NULL
|| *access_list
== '\0')
1810 if ((pnb
= cln_getnbuf(cln
)) == NULL
)
1814 if ((cstr
= strpbrk(cstr
, "[:")) != NULL
) {
1818 assert(*cstr
== '[');
1819 cstr
= strchr(cstr
+ 1, ']');
1828 * If the list name has a '-' prepended then a match of
1829 * the following name implies failure instead of success.
1839 * First check if we have '@' entry, as it doesn't
1840 * require client hostname.
1845 /* Netname support */
1846 if (!isdigit(*gr
) && *gr
!= '[') {
1847 struct netent n
, *np
;
1849 if ((np
= getnetbyname_r(gr
, &n
, buff
,
1850 sizeof (buff
))) != NULL
&&
1852 while ((np
->n_net
& 0xFF000000u
) == 0)
1854 np
->n_net
= htonl(np
->n_net
);
1855 if (inet_ntop(AF_INET
, &np
->n_net
, addr
,
1856 INET_ADDRSTRLEN
) == NULL
)
1858 ret
= inet_matchaddr(pnb
->buf
, addr
);
1860 if (errno
== EINVAL
) {
1867 } else if (ret
== 1) {
1872 ret
= inet_matchaddr(pnb
->buf
, gr
);
1874 if (errno
== EINVAL
) {
1876 "invalid access list "
1880 } else if (ret
== 1) {
1889 * No other checks can be performed if client address
1890 * can't be resolved.
1892 if ((clnames
= cln_getclientsnames(cln
)) == NULL
)
1895 /* Otherwise loop through all client hostname aliases */
1896 for (i
= 0; i
< clnames
->h_cnt
; i
++) {
1897 char *host
= clnames
->h_hostservs
[i
].h_host
;
1900 * If the list name begins with a dot then
1901 * do a domain name suffix comparison.
1902 * A single dot matches any name with no
1906 if (*(gr
+ 1) == '\0') { /* single dot */
1907 if (strchr(host
, '.') == NULL
)
1910 int off
= strlen(host
) - strlen(gr
);
1912 strcasecmp(host
+ off
, gr
) == 0) {
1917 /* Just do a hostname match */
1918 if (strcasecmp(gr
, host
) == 0)
1932 if (clnames
== NULL
)
1935 return (netgroup_check(clnames
, access_list
, nentries
));
1939 static char *optlist
[] = {
1946 #define OPT_SECURE 3
1950 #define OPT_WINDOW 5
1952 #define OPT_NOSUID 6
1960 #define OPT_UIDMAP 10
1962 #define OPT_GIDMAP 11
1968 map_flavor(char *str
)
1972 if (nfs_getseconfig_byname(str
, &sec
))
1975 return (sec
.sc_nfsnum
);
1979 * If the option string contains a "sec="
1980 * option, then use new option syntax.
1985 char *head
, *p
, *val
;
1987 if (!opts
|| *opts
== '\0')
1990 head
= strdup(opts
);
1992 syslog(LOG_ERR
, "opts: no memory");
1998 if (getsubopt(&p
, optlist
, &val
) == OPT_SEC
) {
2009 * Given an export and the clients hostname(s)
2010 * determine the security flavors that this
2011 * client is permitted to use.
2013 * This routine is called only for "old" syntax, i.e.
2014 * only one security flavor is allowed. So we need
2015 * to determine two things: the particular flavor,
2016 * and whether the client is allowed to use this
2017 * flavor, i.e. is in the access list.
2019 * Note that if there is no access list, then the
2020 * default is that access is granted.
2023 getclientsflavors_old(share_t
*sh
, struct cln
*cln
, int *flavors
)
2025 char *opts
, *p
, *val
;
2026 boolean_t ok
= B_FALSE
;
2027 int defaultaccess
= 1;
2028 boolean_t reject
= B_FALSE
;
2030 opts
= strdup(sh
->sh_opts
);
2032 syslog(LOG_ERR
, "getclientsflavors: no memory");
2036 flavors
[0] = AUTH_SYS
;
2041 switch (getsubopt(&p
, optlist
, &val
)) {
2043 flavors
[0] = AUTH_DES
;
2049 if (in_access_list(cln
, val
) > 0)
2055 if (in_access_list(cln
, val
) > 0)
2062 /* none takes precedence over everything else */
2066 return (defaultaccess
|| ok
);
2070 * Given an export and the clients hostname(s)
2071 * determine the security flavors that this
2072 * client is permitted to use.
2074 * This is somewhat more complicated than the "old"
2075 * routine because the options may contain multiple
2076 * security flavors (sec=) each with its own access
2077 * lists. So a client could be granted access based
2078 * on a number of security flavors. Note that the
2079 * type of access might not always be the same, the
2080 * client may get readonly access with one flavor
2081 * and readwrite with another, however the client
2082 * is not told this detail, it gets only the list
2083 * of flavors, and only if the client is using
2084 * version 3 of the mount protocol.
2087 getclientsflavors_new(share_t
*sh
, struct cln
*cln
, int *flavors
)
2089 char *opts
, *p
, *val
;
2092 boolean_t defaultaccess
= B_TRUE
; /* default access is rw */
2093 boolean_t access_ok
= B_FALSE
;
2095 boolean_t reject
= B_FALSE
;
2097 opts
= strdup(sh
->sh_opts
);
2099 syslog(LOG_ERR
, "getclientsflavors: no memory");
2107 switch (getsubopt(&p
, optlist
, &val
)) {
2110 access_ok
= B_FALSE
;
2113 * Before a new sec=xxx option, check if we need
2114 * to move the c index back to the previous count.
2116 if (!defaultaccess
&& !access_ok
) {
2120 /* get all the sec=f1[:f2] flavors */
2121 while ((f
= strtok_r(val
, ":", &lasts
)) != NULL
) {
2122 flavors
[c
++] = map_flavor(f
);
2126 /* for a new sec=xxx option, default is rw access */
2127 defaultaccess
= B_TRUE
;
2128 access_ok
= B_FALSE
;
2134 defaultaccess
= B_FALSE
;
2135 if (in_access_list(cln
, val
) > 0)
2140 defaultaccess
= B_FALSE
;
2141 if (in_access_list(cln
, val
) > 0)
2142 reject
= B_TRUE
; /* none overides rw/ro */
2148 access_ok
= B_FALSE
;
2150 if (!defaultaccess
&& !access_ok
)
2159 * This is a tricky piece of code that parses the
2160 * share options looking for a match on the auth
2161 * flavor that the client is using. If it finds
2162 * a match, then the client is given ro, rw, or
2163 * no access depending whether it is in the access
2164 * list. There is a special case for "secure"
2165 * flavor. Other flavors are values of the new "sec=" option.
2168 check_client(share_t
*sh
, struct cln
*cln
, int flavor
, uid_t clnt_uid
,
2169 gid_t clnt_gid
, uint_t clnt_ngids
, gid_t
*clnt_gids
, uid_t
*srv_uid
,
2170 gid_t
*srv_gid
, uint_t
*srv_ngids
, gid_t
**srv_gids
)
2172 if (newopts(sh
->sh_opts
))
2173 return (check_client_new(sh
, cln
, flavor
, clnt_uid
, clnt_gid
,
2174 clnt_ngids
, clnt_gids
, srv_uid
, srv_gid
, srv_ngids
,
2177 return (check_client_old(sh
, cln
, flavor
, clnt_uid
, clnt_gid
,
2178 clnt_ngids
, clnt_gids
, srv_uid
, srv_gid
, srv_ngids
,
2182 extern int _getgroupsbymember(const char *, gid_t
[], int, int);
2185 * Get supplemental groups for uid
2188 getusergroups(uid_t uid
, uint_t
*ngrps
, gid_t
**grps
)
2191 char *pwbuf
= alloca(pw_size
);
2192 gid_t
*tmpgrps
= alloca(ngroups_max
* sizeof (gid_t
));
2195 if (getpwuid_r(uid
, &pwd
, pwbuf
, pw_size
) == NULL
)
2198 tmpgrps
[0] = pwd
.pw_gid
;
2200 tmpngrps
= _getgroupsbymember(pwd
.pw_name
, tmpgrps
, ngroups_max
, 1);
2201 if (tmpngrps
<= 0) {
2203 "getusergroups(): Unable to get groups for user %s",
2209 *grps
= malloc(tmpngrps
* sizeof (gid_t
));
2210 if (*grps
== NULL
) {
2212 "getusergroups(): Memory allocation failed: %m");
2218 (void) memcpy(*grps
, tmpgrps
, tmpngrps
* sizeof (gid_t
));
2224 * is_a_number(number)
2226 * is the string a number in one of the forms we want to use?
2230 is_a_number(char *number
)
2235 if (strncmp(number
, "0x", 2) == 0) {
2238 } else if (*number
== '-') {
2239 number
++; /* skip the minus */
2241 while (ret
== 1 && *number
!= '\0') {
2243 ret
= isxdigit(*number
++);
2245 ret
= isdigit(*number
++);
2252 get_uid(char *value
, uid_t
*uid
)
2254 if (!is_a_number(value
)) {
2257 * in this case it would have to be a
2260 pw
= getpwnam(value
);
2267 intval
= strtoull(value
, NULL
, 0);
2268 if (intval
> UID_MAX
&& intval
!= -1)
2270 *uid
= (uid_t
)intval
;
2277 get_gid(char *value
, gid_t
*gid
)
2279 if (!is_a_number(value
)) {
2282 * in this case it would have to be a
2285 gr
= getgrnam(value
);
2292 intval
= strtoull(value
, NULL
, 0);
2293 if (intval
> UID_MAX
&& intval
!= -1)
2295 *gid
= (gid_t
)intval
;
2302 check_client_old(share_t
*sh
, struct cln
*cln
, int flavor
, uid_t clnt_uid
,
2303 gid_t clnt_gid
, uint_t clnt_ngids
, gid_t
*clnt_gids
, uid_t
*srv_uid
,
2304 gid_t
*srv_gid
, uint_t
*srv_ngids
, gid_t
**srv_gids
)
2306 char *opts
, *p
, *val
;
2307 int match
; /* Set when a flavor is matched */
2308 int perm
= 0; /* Set when "ro", "rw" or "root" is matched */
2309 int list
= 0; /* Set when "ro", "rw" is found */
2310 int ro_val
= 0; /* Set if ro option is 'ro=' */
2311 int rw_val
= 0; /* Set if rw option is 'rw=' */
2313 boolean_t map_deny
= B_FALSE
;
2315 opts
= strdup(sh
->sh_opts
);
2317 syslog(LOG_ERR
, "check_client: no memory");
2322 * If client provided 16 supplemental groups with AUTH_SYS, lookup
2323 * locally for all of them
2325 if (flavor
== AUTH_SYS
&& clnt_ngids
== NGRPS
&& ngroups_max
> NGRPS
)
2326 if (getusergroups(clnt_uid
, srv_ngids
, srv_gids
) == 0)
2327 perm
|= NFSAUTH_GROUPS
;
2333 switch (getsubopt(&p
, optlist
, &val
)) {
2338 if (perm
& NFSAUTH_GROUPS
) {
2342 perm
&= ~NFSAUTH_GROUPS
;
2351 if (in_access_list(cln
, val
) > 0)
2359 if (in_access_list(cln
, val
) > 0)
2365 * Check if the client is in
2366 * the root list. Only valid
2369 if (flavor
!= AUTH_SYS
)
2372 if (val
== NULL
|| *val
== '\0')
2378 if (in_access_list(cln
, val
) > 0) {
2379 perm
|= NFSAUTH_ROOT
;
2380 perm
|= NFSAUTH_UIDMAP
| NFSAUTH_GIDMAP
;
2383 if (perm
& NFSAUTH_GROUPS
) {
2387 perm
&= ~NFSAUTH_GROUPS
;
2394 * Check if the client should have no access
2395 * to this share at all. This option behaves
2396 * more like "root" than either "rw" or "ro".
2398 if (in_access_list(cln
, val
) > 0)
2399 perm
|= NFSAUTH_DENIED
;
2407 * The uidmap is supported for AUTH_SYS only.
2409 if (flavor
!= AUTH_SYS
)
2412 if (perm
& NFSAUTH_UIDMAP
|| map_deny
)
2415 for (c
= val
; c
!= NULL
; c
= n
) {
2427 al
= strchr(s
, ':');
2432 if (s
== NULL
|| al
== NULL
)
2436 if (clnt_uid
!= (uid_t
)-1)
2438 } else if (strcmp(c
, "*") != 0) {
2441 if (!get_uid(c
, &clnt
))
2444 if (clnt_uid
!= clnt
)
2450 else if (!get_uid(s
, &srv
))
2452 else if (srv
== (uid_t
)-1) {
2457 if (in_access_list(cln
, al
) > 0) {
2459 perm
|= NFSAUTH_UIDMAP
;
2461 if (perm
& NFSAUTH_GROUPS
) {
2465 perm
&= ~NFSAUTH_GROUPS
;
2480 * The gidmap is supported for AUTH_SYS only.
2482 if (flavor
!= AUTH_SYS
)
2485 if (perm
& NFSAUTH_GIDMAP
|| map_deny
)
2488 for (c
= val
; c
!= NULL
; c
= n
) {
2500 al
= strchr(s
, ':');
2505 if (s
== NULL
|| al
== NULL
)
2509 if (clnt_gid
!= (gid_t
)-1)
2511 } else if (strcmp(c
, "*") != 0) {
2514 if (!get_gid(c
, &clnt
))
2517 if (clnt_gid
!= clnt
)
2523 else if (!get_gid(s
, &srv
))
2525 else if (srv
== (gid_t
)-1) {
2530 if (in_access_list(cln
, al
) > 0) {
2532 perm
|= NFSAUTH_GIDMAP
;
2534 if (perm
& NFSAUTH_GROUPS
) {
2538 perm
&= ~NFSAUTH_GROUPS
;
2555 if (perm
& NFSAUTH_ROOT
) {
2561 perm
|= NFSAUTH_DENIED
;
2563 if (!(perm
& NFSAUTH_UIDMAP
))
2564 *srv_uid
= clnt_uid
;
2565 if (!(perm
& NFSAUTH_GIDMAP
))
2566 *srv_gid
= clnt_gid
;
2568 if (flavor
!= match
|| perm
& NFSAUTH_DENIED
)
2569 return (NFSAUTH_DENIED
);
2573 * If the client doesn't match an "ro" or "rw"
2574 * list then set no access.
2576 if ((perm
& (NFSAUTH_RO
| NFSAUTH_RW
)) == 0)
2577 perm
|= NFSAUTH_DENIED
;
2580 * The client matched a flavor entry that
2581 * has no explicit "rw" or "ro" determination.
2582 * Default it to "rw".
2588 * The client may show up in both ro= and rw=
2589 * lists. If so, then turn off the RO access
2590 * bit leaving RW access.
2592 if (perm
& NFSAUTH_RO
&& perm
& NFSAUTH_RW
) {
2594 * Logically cover all permutations of rw=,ro=.
2595 * In the case where, rw,ro=<host> we would like
2596 * to remove RW access for the host. In all other cases
2597 * RW wins the precedence battle.
2599 if (!rw_val
&& ro_val
) {
2600 perm
&= ~(NFSAUTH_RW
);
2602 perm
&= ~(NFSAUTH_RO
);
2610 * Check if the client has access by using a flavor different from
2611 * the given "flavor". If "flavor" is not in the flavor list,
2612 * return TRUE to indicate that this "flavor" is a wrong sec.
2615 is_wrongsec(share_t
*sh
, struct cln
*cln
, int flavor
)
2617 int flavor_list
[MAX_FLAVORS
];
2618 int flavor_count
, i
;
2620 /* get the flavor list that the client has access with */
2621 flavor_count
= getclientsflavors_new(sh
, cln
, flavor_list
);
2623 if (flavor_count
== 0)
2627 * Check if the given "flavor" is in the flavor_list.
2629 for (i
= 0; i
< flavor_count
; i
++) {
2630 if (flavor
== flavor_list
[i
])
2635 * If "flavor" is not in the flavor_list, return TRUE to indicate
2636 * that the client should have access by using a security flavor
2637 * different from this "flavor".
2643 * Given an export and the client's hostname, we
2644 * check the security options to see whether the
2645 * client is allowed to use the given security flavor.
2647 * The strategy is to proceed through the options looking
2648 * for a flavor match, then pay attention to the ro, rw,
2651 * Note that an entry may list several flavors in a
2652 * single entry, e.g.
2654 * sec=krb5,rw=clnt1:clnt2,ro,sec=sys,ro
2659 check_client_new(share_t
*sh
, struct cln
*cln
, int flavor
, uid_t clnt_uid
,
2660 gid_t clnt_gid
, uint_t clnt_ngids
, gid_t
*clnt_gids
, uid_t
*srv_uid
,
2661 gid_t
*srv_gid
, uint_t
*srv_ngids
, gid_t
**srv_gids
)
2663 char *opts
, *p
, *val
;
2666 int match
= 0; /* Set when a flavor is matched */
2667 int perm
= 0; /* Set when "ro", "rw" or "root" is matched */
2668 int list
= 0; /* Set when "ro", "rw" is found */
2669 int ro_val
= 0; /* Set if ro option is 'ro=' */
2670 int rw_val
= 0; /* Set if rw option is 'rw=' */
2672 boolean_t map_deny
= B_FALSE
;
2674 opts
= strdup(sh
->sh_opts
);
2676 syslog(LOG_ERR
, "check_client: no memory");
2681 * If client provided 16 supplemental groups with AUTH_SYS, lookup
2682 * locally for all of them
2684 if (flavor
== AUTH_SYS
&& clnt_ngids
== NGRPS
&& ngroups_max
> NGRPS
)
2685 if (getusergroups(clnt_uid
, srv_ngids
, srv_gids
) == 0)
2686 perm
|= NFSAUTH_GROUPS
;
2691 switch (getsubopt(&p
, optlist
, &val
)) {
2697 while ((f
= strtok_r(val
, ":", &lasts
))
2699 if (flavor
== map_flavor(f
)) {
2714 if (in_access_list(cln
, val
) > 0)
2725 if (in_access_list(cln
, val
) > 0)
2731 * Check if the client is in
2732 * the root list. Only valid
2735 if (flavor
!= AUTH_SYS
)
2741 if (val
== NULL
|| *val
== '\0')
2747 if (in_access_list(cln
, val
) > 0) {
2748 perm
|= NFSAUTH_ROOT
;
2749 perm
|= NFSAUTH_UIDMAP
| NFSAUTH_GIDMAP
;
2752 if (perm
& NFSAUTH_GROUPS
) {
2756 perm
&= ~NFSAUTH_GROUPS
;
2763 * Check if the client should have no access
2764 * to this share at all. This option behaves
2765 * more like "root" than either "rw" or "ro".
2767 if (in_access_list(cln
, val
) > 0)
2768 perm
|= NFSAUTH_DENIED
;
2776 * The uidmap is supported for AUTH_SYS only.
2778 if (flavor
!= AUTH_SYS
)
2781 if (!match
|| perm
& NFSAUTH_UIDMAP
|| map_deny
)
2784 for (c
= val
; c
!= NULL
; c
= n
) {
2796 al
= strchr(s
, ':');
2801 if (s
== NULL
|| al
== NULL
)
2805 if (clnt_uid
!= (uid_t
)-1)
2807 } else if (strcmp(c
, "*") != 0) {
2810 if (!get_uid(c
, &clnt
))
2813 if (clnt_uid
!= clnt
)
2819 else if (!get_uid(s
, &srv
))
2821 else if (srv
== (uid_t
)-1) {
2826 if (in_access_list(cln
, al
) > 0) {
2828 perm
|= NFSAUTH_UIDMAP
;
2830 if (perm
& NFSAUTH_GROUPS
) {
2834 perm
&= ~NFSAUTH_GROUPS
;
2849 * The gidmap is supported for AUTH_SYS only.
2851 if (flavor
!= AUTH_SYS
)
2854 if (!match
|| perm
& NFSAUTH_GIDMAP
|| map_deny
)
2857 for (c
= val
; c
!= NULL
; c
= n
) {
2869 al
= strchr(s
, ':');
2874 if (s
== NULL
|| al
== NULL
)
2878 if (clnt_gid
!= (gid_t
)-1)
2880 } else if (strcmp(c
, "*") != 0) {
2883 if (!get_gid(c
, &clnt
))
2886 if (clnt_gid
!= clnt
)
2892 else if (!get_gid(s
, &srv
))
2894 else if (srv
== (gid_t
)-1) {
2899 if (in_access_list(cln
, al
) > 0) {
2901 perm
|= NFSAUTH_GIDMAP
;
2903 if (perm
& NFSAUTH_GROUPS
) {
2907 perm
&= ~NFSAUTH_GROUPS
;
2923 if (perm
& NFSAUTH_ROOT
) {
2929 perm
|= NFSAUTH_DENIED
;
2931 if (!(perm
& NFSAUTH_UIDMAP
))
2932 *srv_uid
= clnt_uid
;
2933 if (!(perm
& NFSAUTH_GIDMAP
))
2934 *srv_gid
= clnt_gid
;
2937 * If no match then set the perm accordingly
2939 if (!match
|| perm
& NFSAUTH_DENIED
) {
2941 return (NFSAUTH_DENIED
);
2946 * If the client doesn't match an "ro" or "rw" list then
2947 * check if it may have access by using a different flavor.
2948 * If so, return NFSAUTH_WRONGSEC.
2949 * If not, return NFSAUTH_DENIED.
2951 if ((perm
& (NFSAUTH_RO
| NFSAUTH_RW
)) == 0) {
2952 if (is_wrongsec(sh
, cln
, flavor
))
2953 perm
|= NFSAUTH_WRONGSEC
;
2955 perm
|= NFSAUTH_DENIED
;
2959 * The client matched a flavor entry that
2960 * has no explicit "rw" or "ro" determination.
2961 * Make sure it defaults to "rw".
2967 * The client may show up in both ro= and rw=
2968 * lists. If so, then turn off the RO access
2969 * bit leaving RW access.
2971 if (perm
& NFSAUTH_RO
&& perm
& NFSAUTH_RW
) {
2973 * Logically cover all permutations of rw=,ro=.
2974 * In the case where, rw,ro=<host> we would like
2975 * to remove RW access for the host. In all other cases
2976 * RW wins the precedence battle.
2978 if (!rw_val
&& ro_val
) {
2979 perm
&= ~(NFSAUTH_RW
);
2981 perm
&= ~(NFSAUTH_RO
);
2995 static timestruc_t last_sharetab_time
;
2996 timestruc_t prev_sharetab_time
;
2998 struct sh_list
*shp
, *shp_prev
;
3002 * read in /etc/dfs/sharetab if it has changed
3004 if (stat(SHARETAB
, &st
) != 0) {
3005 syslog(LOG_ERR
, "Cannot stat %s: %m", SHARETAB
);
3009 if (st
.st_mtim
.tv_sec
== last_sharetab_time
.tv_sec
&&
3010 st
.st_mtim
.tv_nsec
== last_sharetab_time
.tv_nsec
) {
3018 * Remember the mod time, then after getting the
3019 * write lock check again. If another thread
3020 * already did the update, then there's no
3023 prev_sharetab_time
= last_sharetab_time
;
3025 (void) rw_wrlock(&sharetab_lock
);
3027 if (prev_sharetab_time
.tv_sec
!= last_sharetab_time
.tv_sec
||
3028 prev_sharetab_time
.tv_nsec
!= last_sharetab_time
.tv_nsec
) {
3029 (void) rw_unlock(&sharetab_lock
);
3034 * Note that since the sharetab is now in memory
3035 * and a snapshot is taken, we no longer have to
3038 f
= fopen(SHARETAB
, "r");
3040 syslog(LOG_ERR
, "Cannot open %s: %m", SHARETAB
);
3041 (void) rw_unlock(&sharetab_lock
);
3046 * Once we are sure /etc/dfs/sharetab has been
3047 * modified, flush netgroup cache entries.
3049 netgrp_cache_flush();
3051 sh_free(share_list
); /* free old list */
3054 while ((res
= getshare(f
, &sh
)) > 0) {
3056 if (strcmp(sh
->sh_fstype
, "nfs") != 0)
3059 shp
= malloc(sizeof (*shp
));
3062 if (share_list
== NULL
)
3065 /* LINTED not used before set */
3066 shp_prev
->shl_next
= shp
;
3068 shp
->shl_next
= NULL
;
3069 shp
->shl_sh
= sharedup(sh
);
3070 if (shp
->shl_sh
== NULL
)
3075 syslog(LOG_ERR
, "%s: invalid at line %d\n",
3078 if (stat(SHARETAB
, &st
) != 0) {
3079 syslog(LOG_ERR
, "Cannot stat %s: %m", SHARETAB
);
3081 (void) rw_unlock(&sharetab_lock
);
3085 last_sharetab_time
= st
.st_mtim
;
3087 (void) rw_unlock(&sharetab_lock
);
3093 syslog(LOG_ERR
, "check_sharetab: no memory");
3094 sh_free(share_list
);
3097 (void) rw_unlock(&sharetab_lock
);
3101 sh_free(struct sh_list
*shp
)
3103 struct sh_list
*next
;
3106 sharefree(shp
->shl_sh
);
3107 next
= shp
->shl_next
;
3115 * Remove an entry from mounted list
3118 umount(struct svc_req
*rqstp
)
3120 char *host
, *path
, *remove_path
;
3121 char rpath
[MAXPATHLEN
];
3125 transp
= rqstp
->rq_xprt
;
3127 if (!svc_getargs(transp
, xdr_dirpath
, (caddr_t
)&path
)) {
3128 svcerr_decode(transp
);
3132 cln_init(&cln
, transp
);
3135 if (!svc_sendreply(transp
, xdr_void
, (char *)NULL
))
3136 log_cant_reply_cln(&cln
);
3138 host
= cln_gethost(&cln
);
3141 * Without the hostname we can't do audit or delete
3142 * this host from the mount entries.
3144 svc_freeargs(transp
, xdr_dirpath
, (caddr_t
)&path
);
3149 syslog(LOG_NOTICE
, "UNMOUNT: %s unmounted %s", host
, path
);
3151 audit_mountd_umount(host
, path
);
3153 remove_path
= rpath
; /* assume we will use the cannonical path */
3154 if (realpath(path
, rpath
) == NULL
) {
3156 syslog(LOG_WARNING
, "UNMOUNT: realpath: %s: %m ", path
);
3157 remove_path
= path
; /* use path provided instead */
3160 mntlist_delete(host
, remove_path
); /* remove from mount list */
3164 svc_freeargs(transp
, xdr_dirpath
, (caddr_t
)&path
);
3168 * Remove all entries for one machine from mounted list
3171 umountall(struct svc_req
*rqstp
)
3177 transp
= rqstp
->rq_xprt
;
3178 if (!svc_getargs(transp
, xdr_void
, NULL
)) {
3179 svcerr_decode(transp
);
3183 * We assume that this call is asynchronous and made via rpcbind
3184 * callit routine. Therefore return control immediately. The error
3185 * causes rpcbind to remain silent, as opposed to every machine
3186 * on the net blasting the requester with a response.
3188 svcerr_systemerr(transp
);
3190 cln_init(&cln
, transp
);
3192 host
= cln_gethost(&cln
);
3194 /* Can't do anything without the name of the client */
3199 * Remove all hosts entries from mount list
3201 mntlist_delete_all(host
);
3204 syslog(LOG_NOTICE
, "UNMOUNTALL: from %s", host
);
3210 exmalloc(size_t size
)
3214 if ((ret
= malloc(size
)) == NULL
) {
3215 syslog(LOG_ERR
, "Out of memory");
3221 static tsol_tpent_t
*
3222 get_client_template(struct sockaddr
*sock
)
3225 in6_addr_t v6client
;
3226 char v4_addr
[INET_ADDRSTRLEN
];
3227 char v6_addr
[INET6_ADDRSTRLEN
];
3231 switch (sock
->sa_family
) {
3233 v4client
= ((struct sockaddr_in
*)(void *)sock
)->
3235 if (inet_ntop(AF_INET
, &v4client
, v4_addr
, INET_ADDRSTRLEN
) ==
3238 rh
= tsol_getrhbyaddr(v4_addr
, sizeof (v4_addr
), AF_INET
);
3241 tp
= tsol_gettpbyname(rh
->rh_template
);
3246 v6client
= ((struct sockaddr_in6
*)(void *)sock
)->sin6_addr
;
3247 if (inet_ntop(AF_INET6
, &v6client
, v6_addr
, INET6_ADDRSTRLEN
) ==
3250 rh
= tsol_getrhbyaddr(v6_addr
, sizeof (v6_addr
), AF_INET6
);
3253 tp
= tsol_gettpbyname(rh
->rh_template
);