mount_nfs.c revision 1.40
1 /* $NetBSD: mount_nfs.c,v 1.40 2003/04/11 17:39:09 christos Exp $ */ 2 3 /* 4 * Copyright (c) 1992, 1993, 1994 5 * The Regents of the University of California. All rights reserved. 6 * 7 * This code is derived from software contributed to Berkeley by 8 * Rick Macklem at The University of Guelph. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. All advertising materials mentioning features or use of this software 19 * must display the following acknowledgement: 20 * This product includes software developed by the University of 21 * California, Berkeley and its contributors. 22 * 4. Neither the name of the University nor the names of its contributors 23 * may be used to endorse or promote products derived from this software 24 * without specific prior written permission. 25 * 26 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 29 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 */ 38 39 #include <sys/cdefs.h> 40 #ifndef lint 41 __COPYRIGHT("@(#) Copyright (c) 1992, 1993, 1994\n\ 42 The Regents of the University of California. All rights reserved.\n"); 43 #endif /* not lint */ 44 45 #ifndef lint 46 #if 0 47 static char sccsid[] = "@(#)mount_nfs.c 8.11 (Berkeley) 5/4/95"; 48 #else 49 __RCSID("$NetBSD: mount_nfs.c,v 1.40 2003/04/11 17:39:09 christos Exp $"); 50 #endif 51 #endif /* not lint */ 52 53 #include <sys/param.h> 54 #include <sys/mount.h> 55 #include <sys/socket.h> 56 #include <sys/stat.h> 57 #include <syslog.h> 58 59 #include <rpc/rpc.h> 60 #include <rpc/pmap_clnt.h> 61 #include <rpc/pmap_prot.h> 62 63 #ifdef ISO 64 #include <netiso/iso.h> 65 #endif 66 67 #ifdef NFSKERB 68 #include <kerberosIV/des.h> 69 #include <kerberosIV/krb.h> 70 #endif 71 72 #include <nfs/rpcv2.h> 73 #include <nfs/nfsproto.h> 74 #define _KERNEL 75 #include <nfs/nfs.h> 76 #undef _KERNEL 77 #include <nfs/nqnfs.h> 78 #include <nfs/nfsmount.h> 79 80 #include <arpa/inet.h> 81 82 #include <ctype.h> 83 #include <err.h> 84 #include <errno.h> 85 #include <fcntl.h> 86 #include <netdb.h> 87 #include <signal.h> 88 #include <stdio.h> 89 #include <stdlib.h> 90 #include <string.h> 91 #include <unistd.h> 92 #include <util.h> 93 94 #include <mntopts.h> 95 96 #define ALTF_BG 0x00000001 97 #define ALTF_CONN 0x00000002 98 #define ALTF_DUMBTIMR 0x00000004 99 #define ALTF_INTR 0x00000008 100 #define ALTF_KERB 0x00000010 101 #define ALTF_NFSV3 0x00000020 102 #define ALTF_RDIRPLUS 0x00000040 103 #define ALTF_MNTUDP 0x00000080 104 #define ALTF_NORESPORT 0x00000100 105 #define ALTF_SEQPACKET 0x00000200 106 #define ALTF_NQNFS 0x00000400 107 #define ALTF_SOFT 0x00000800 108 #define ALTF_TCP 0x00001000 109 #define ALTF_NFSV2 0x00002000 110 #define ALTF_PORT 0x00004000 111 #define ALTF_RSIZE 0x00008000 112 #define ALTF_WSIZE 0x00010000 113 #define ALTF_RDIRSIZE 0x00020000 114 #define ALTF_MAXGRPS 0x00040000 115 #define ALTF_LEASETERM 0x00080000 116 #define ALTF_READAHEAD 0x00100000 117 #define ALTF_DEADTHRESH 0x00200000 118 #define ALTF_TIMEO 0x00400000 119 #define ALTF_RETRANS 0x00800000 120 121 static const struct mntopt mopts[] = { 122 MOPT_STDOPTS, 123 MOPT_FORCE, 124 MOPT_UPDATE, 125 MOPT_GETARGS, 126 { "bg", 0, ALTF_BG, 1 }, 127 { "conn", 0, ALTF_CONN, 1 }, 128 { "dumbtimer", 0, ALTF_DUMBTIMR, 1 }, 129 { "intr", 0, ALTF_INTR, 1 }, 130 #ifdef NFSKERB 131 { "kerb", 0, ALTF_KERB, 1 }, 132 #endif 133 { "nfsv3", 0, ALTF_NFSV3, 1 }, 134 { "rdirplus", 0, ALTF_RDIRPLUS, 1 }, 135 { "mntudp", 0, ALTF_MNTUDP, 1 }, 136 { "noresport", 0, ALTF_NORESPORT, 1 }, 137 #ifdef ISO 138 { "seqpacket", 0, ALTF_SEQPACKET, 1 }, 139 #endif 140 { "nqnfs", 0, ALTF_NQNFS, 1 }, 141 { "soft", 0, ALTF_SOFT, 1 }, 142 { "tcp", 0, ALTF_TCP, 1 }, 143 { "nfsv2", 0, ALTF_NFSV2, 1 }, 144 { "port", 0, ALTF_PORT, 1 }, 145 { "rsize", 0, ALTF_RSIZE, 1 }, 146 { "wsize", 0, ALTF_WSIZE, 1 }, 147 { "rdirsize", 0, ALTF_RDIRSIZE, 1 }, 148 { "maxgrps", 0, ALTF_MAXGRPS, 1 }, 149 { "leaseterm", 0, ALTF_LEASETERM, 1 }, 150 { "readahead", 0, ALTF_READAHEAD, 1 }, 151 { "deadthresh", 0, ALTF_DEADTHRESH, 1 }, 152 { "timeo", 0, ALTF_TIMEO, 1 }, 153 { NULL } 154 155 }; 156 157 struct nfs_args nfsdefargs = { 158 NFS_ARGSVERSION, 159 (struct sockaddr *)0, 160 sizeof (struct sockaddr_in), 161 SOCK_DGRAM, 162 0, 163 (u_char *)0, 164 0, 165 NFSMNT_NFSV3|NFSMNT_NOCONN|NFSMNT_RESVPORT, 166 NFS_WSIZE, 167 NFS_RSIZE, 168 NFS_READDIRSIZE, 169 10, 170 NFS_RETRANS, 171 NFS_MAXGRPS, 172 NFS_DEFRAHEAD, 173 NQ_DEFLEASE, 174 NQ_DEADTHRESH, 175 (char *)0, 176 }; 177 178 struct nfhret { 179 u_long stat; 180 long vers; 181 long auth; 182 long fhsize; 183 u_char nfh[NFSX_V3FHMAX]; 184 }; 185 #define DEF_RETRY 10000 186 #define BGRND 1 187 #define ISBGRND 2 188 int retrycnt; 189 int opflags = 0; 190 int nfsproto = IPPROTO_UDP; 191 int force2 = 0; 192 int force3 = 0; 193 int mnttcp_ok = 1; 194 int port = 0; 195 196 #ifdef NFSKERB 197 static char inst[INST_SZ]; 198 static char realm[REALM_SZ]; 199 static struct { 200 u_long kind; 201 KTEXT_ST kt; 202 } ktick; 203 static struct nfsrpc_nickverf kverf; 204 static struct nfsrpc_fullblock kin, kout; 205 static NFSKERBKEY_T kivec; 206 static CREDENTIALS kcr; 207 static struct timeval ktv; 208 static NFSKERBKEYSCHED_T kerb_keysched; 209 #endif 210 211 static void shownfsargs __P((const struct nfs_args *)); 212 static int getnfsargs __P((char *, struct nfs_args *)); 213 #ifdef ISO 214 static struct iso_addr *iso_addr __P((const char *)); 215 #endif 216 int main __P((int, char *[])); 217 int mount_nfs __P((int argc, char **argv)); 218 /* void set_rpc_maxgrouplist __P((int)); */ 219 static void usage __P((void)); 220 static int xdr_dir __P((XDR *, char *)); 221 static int xdr_fh __P((XDR *, struct nfhret *)); 222 223 #ifndef MOUNT_NOMAIN 224 int 225 main(argc, argv) 226 int argc; 227 char **argv; 228 { 229 return mount_nfs(argc, argv); 230 } 231 #endif 232 233 int 234 mount_nfs(argc, argv) 235 int argc; 236 char *argv[]; 237 { 238 int c, retval; 239 struct nfs_args *nfsargsp; 240 struct nfs_args nfsargs; 241 struct nfsd_cargs ncd; 242 struct sockaddr_storage sa; 243 int mntflags, altflags, i, nfssvc_flag, num; 244 char *name, *p, *spec, *ospec; 245 mntoptparse_t mp; 246 #ifdef NFSKERB 247 uid_t last_ruid; 248 249 last_ruid = -1; 250 if (krb_get_lrealm(realm, 0) != KSUCCESS) 251 (void)strcpy(realm, KRB_REALM); 252 if (sizeof (struct nfsrpc_nickverf) != RPCX_NICKVERF || 253 sizeof (struct nfsrpc_fullblock) != RPCX_FULLBLOCK || 254 ((char *)&ktick.kt) - ((char *)&ktick) != NFSX_UNSIGNED || 255 ((char *)ktick.kt.dat) - ((char *)&ktick) != 2 * NFSX_UNSIGNED) 256 warnx("Yikes! NFSKERB structs not packed!!\n"); 257 #endif 258 retrycnt = DEF_RETRY; 259 260 mntflags = 0; 261 altflags = 0; 262 nfsargs = nfsdefargs; 263 nfsargsp = &nfsargs; 264 while ((c = getopt(argc, argv, 265 "23a:bcCdD:g:I:iKL:lm:o:PpqR:r:sTt:w:x:UX")) != -1) 266 switch (c) { 267 case '3': 268 if (force2) 269 errx(1, "-2 and -3 are mutually exclusive"); 270 force3 = 1; 271 break; 272 case '2': 273 if (force3) 274 errx(1, "-2 and -3 are mutually exclusive"); 275 force2 = 1; 276 nfsargsp->flags &= ~NFSMNT_NFSV3; 277 break; 278 case 'a': 279 num = strtol(optarg, &p, 10); 280 if (*p || num < 0) 281 errx(1, "illegal -a value -- %s", optarg); 282 nfsargsp->readahead = num; 283 nfsargsp->flags |= NFSMNT_READAHEAD; 284 break; 285 case 'b': 286 opflags |= BGRND; 287 break; 288 case 'c': 289 nfsargsp->flags |= NFSMNT_NOCONN; 290 break; 291 case 'C': 292 nfsargsp->flags &= ~NFSMNT_NOCONN; 293 break; 294 case 'D': 295 num = strtol(optarg, &p, 10); 296 if (*p || num <= 0) 297 errx(1, "illegal -D value -- %s", optarg); 298 nfsargsp->deadthresh = num; 299 nfsargsp->flags |= NFSMNT_DEADTHRESH; 300 break; 301 case 'd': 302 nfsargsp->flags |= NFSMNT_DUMBTIMR; 303 break; 304 #if 0 /* XXXX */ 305 case 'g': 306 num = strtol(optarg, &p, 10); 307 if (*p || num <= 0) 308 errx(1, "illegal -g value -- %s", optarg); 309 set_rpc_maxgrouplist(num); 310 nfsargsp->maxgrouplist = num; 311 nfsargsp->flags |= NFSMNT_MAXGRPS; 312 break; 313 #endif 314 case 'I': 315 num = strtol(optarg, &p, 10); 316 if (*p || num <= 0) 317 errx(1, "illegal -I value -- %s", optarg); 318 nfsargsp->readdirsize = num; 319 nfsargsp->flags |= NFSMNT_READDIRSIZE; 320 break; 321 case 'i': 322 nfsargsp->flags |= NFSMNT_INT; 323 break; 324 #ifdef NFSKERB 325 case 'K': 326 nfsargsp->flags |= NFSMNT_KERB; 327 break; 328 #endif 329 case 'L': 330 num = strtol(optarg, &p, 10); 331 if (*p || num < 2) 332 errx(1, "illegal -L value -- %s", optarg); 333 nfsargsp->leaseterm = num; 334 nfsargsp->flags |= NFSMNT_LEASETERM; 335 break; 336 case 'l': 337 nfsargsp->flags |= NFSMNT_RDIRPLUS; 338 break; 339 #ifdef NFSKERB 340 case 'm': 341 (void)strncpy(realm, optarg, REALM_SZ - 1); 342 realm[REALM_SZ - 1] = '\0'; 343 break; 344 #endif 345 case 'o': 346 mp = getmntopts(optarg, mopts, &mntflags, &altflags); 347 if (mp == NULL) 348 err(1, NULL); 349 if (altflags & ALTF_BG) 350 opflags |= BGRND; 351 if (altflags & ALTF_CONN) 352 nfsargsp->flags &= ~NFSMNT_NOCONN; 353 if (altflags & ALTF_DUMBTIMR) 354 nfsargsp->flags |= NFSMNT_DUMBTIMR; 355 if (altflags & ALTF_INTR) 356 nfsargsp->flags |= NFSMNT_INT; 357 #ifdef NFSKERB 358 if (altflags & ALTF_KERB) 359 nfsargsp->flags |= NFSMNT_KERB; 360 #endif 361 if (altflags & ALTF_NFSV3) { 362 if (force2) 363 errx(1, "conflicting version options"); 364 force3 = 1; 365 } 366 if (altflags & ALTF_NFSV2) { 367 if (force3) 368 errx(1, "conflicting version options"); 369 force2 = 1; 370 nfsargsp->flags &= ~NFSMNT_NFSV3; 371 } 372 if (altflags & ALTF_RDIRPLUS) 373 nfsargsp->flags |= NFSMNT_RDIRPLUS; 374 if (altflags & ALTF_MNTUDP) 375 mnttcp_ok = 0; 376 if (altflags & ALTF_NORESPORT) 377 nfsargsp->flags &= ~NFSMNT_RESVPORT; 378 #ifdef ISO 379 if (altflags & ALTF_SEQPACKET) 380 nfsargsp->sotype = SOCK_SEQPACKET; 381 #endif 382 if (altflags & ALTF_NQNFS) { 383 if (force2) 384 errx(1, "nqnfs only available with v3"); 385 force3 = 1; 386 nfsargsp->flags |= NFSMNT_NQNFS; 387 } 388 if (altflags & ALTF_SOFT) 389 nfsargsp->flags |= NFSMNT_SOFT; 390 if (altflags & ALTF_TCP) { 391 nfsargsp->sotype = SOCK_STREAM; 392 nfsproto = IPPROTO_TCP; 393 } 394 if (altflags & ALTF_PORT) { 395 port = getmntoptnum(mp, "port"); 396 } 397 if (altflags & ALTF_RSIZE) { 398 nfsargsp->rsize = 399 (int)getmntoptnum(mp, "rsize"); 400 nfsargsp->flags |= NFSMNT_RSIZE; 401 } 402 if (altflags & ALTF_WSIZE) { 403 nfsargsp->rsize = 404 (int)getmntoptnum(mp, "wsize"); 405 nfsargsp->flags |= NFSMNT_WSIZE; 406 } 407 if (altflags & ALTF_RDIRSIZE) { 408 nfsargsp->rsize = 409 (int)getmntoptnum(mp, "rdirsize"); 410 nfsargsp->flags |= NFSMNT_READDIRSIZE; 411 } 412 #if 0 413 if (altflags & ALTF_MAXGRPS) { 414 set_rpc_maxgrouplist(num); 415 nfsargsp->maxgrouplist = 416 (int)getmntoptnum(mp, "maxgrps"); 417 nfsargsp->flags |= NFSMNT_MAXGRPS; 418 } 419 #endif 420 if (altflags & ALTF_LEASETERM) { 421 nfsargsp->leaseterm = 422 (int)getmntoptnum(mp, "leaseterm"); 423 nfsargsp->flags |= NFSMNT_LEASETERM; 424 } 425 if (altflags & ALTF_READAHEAD) { 426 nfsargsp->readahead = 427 (int)getmntoptnum(mp, "readahead"); 428 nfsargsp->flags |= NFSMNT_READAHEAD; 429 } 430 if (altflags & ALTF_DEADTHRESH) { 431 nfsargsp->deadthresh = 432 (int)getmntoptnum(mp, "deadthresh"); 433 nfsargsp->flags |= NFSMNT_DEADTHRESH; 434 } 435 if (altflags & ALTF_TIMEO) { 436 nfsargsp->timeo = 437 (int)getmntoptnum(mp, "timeo"); 438 nfsargsp->flags |= NFSMNT_TIMEO; 439 } 440 if (altflags & ALTF_RETRANS) { 441 nfsargsp->retrans = 442 (int)getmntoptnum(mp, "retrans"); 443 nfsargsp->flags |= NFSMNT_RETRANS; 444 } 445 altflags = 0; 446 freemntopts(mp); 447 break; 448 case 'P': 449 nfsargsp->flags |= NFSMNT_RESVPORT; 450 break; 451 case 'p': 452 nfsargsp->flags &= ~NFSMNT_RESVPORT; 453 break; 454 case 'q': 455 if (force2) 456 errx(1, "nqnfs only available with v3"); 457 force3 = 1; 458 nfsargsp->flags |= NFSMNT_NQNFS; 459 break; 460 case 'R': 461 num = strtol(optarg, &p, 10); 462 if (*p || num <= 0) 463 errx(1, "illegal -R value -- %s", optarg); 464 retrycnt = num; 465 break; 466 case 'r': 467 num = strtol(optarg, &p, 10); 468 if (*p || num <= 0) 469 errx(1, "illegal -r value -- %s", optarg); 470 nfsargsp->rsize = num; 471 nfsargsp->flags |= NFSMNT_RSIZE; 472 break; 473 #ifdef ISO 474 case 'S': 475 nfsargsp->sotype = SOCK_SEQPACKET; 476 break; 477 #endif 478 case 's': 479 nfsargsp->flags |= NFSMNT_SOFT; 480 break; 481 case 'T': 482 nfsargsp->sotype = SOCK_STREAM; 483 nfsproto = IPPROTO_TCP; 484 break; 485 case 't': 486 num = strtol(optarg, &p, 10); 487 if (*p || num <= 0) 488 errx(1, "illegal -t value -- %s", optarg); 489 nfsargsp->timeo = num; 490 nfsargsp->flags |= NFSMNT_TIMEO; 491 break; 492 case 'w': 493 num = strtol(optarg, &p, 10); 494 if (*p || num <= 0) 495 errx(1, "illegal -w value -- %s", optarg); 496 nfsargsp->wsize = num; 497 nfsargsp->flags |= NFSMNT_WSIZE; 498 break; 499 case 'x': 500 num = strtol(optarg, &p, 10); 501 if (*p || num <= 0) 502 errx(1, "illegal -x value -- %s", optarg); 503 nfsargsp->retrans = num; 504 nfsargsp->flags |= NFSMNT_RETRANS; 505 break; 506 case 'X': 507 nfsargsp->flags |= NFSMNT_XLATECOOKIE; 508 break; 509 case 'U': 510 mnttcp_ok = 0; 511 break; 512 default: 513 usage(); 514 break; 515 } 516 argc -= optind; 517 argv += optind; 518 519 if (argc != 2) 520 usage(); 521 522 spec = *argv++; 523 name = *argv; 524 if ((ospec = strdup(spec)) == NULL) { 525 err(1, "strdup"); 526 } 527 528 if ((mntflags & MNT_GETARGS) != 0) { 529 memset(&sa, 0, sizeof(sa)); 530 nfsargsp->addr = (struct sockaddr *)&sa; 531 nfsargsp->addrlen = sizeof(sa); 532 } else { 533 if (!getnfsargs(spec, nfsargsp)) 534 exit(1); 535 } 536 if ((retval = mount(MOUNT_NFS, name, mntflags, nfsargsp))) { 537 /* Did we just default to v3 on a v2-only kernel? 538 * If so, default to v2 & try again */ 539 if ((errno == EPROGMISMATCH) && !force3) { 540 nfsargsp->flags &= ~NFSMNT_NFSV3; 541 retval = mount(MOUNT_NFS, name, mntflags, nfsargsp); 542 } 543 } 544 if (retval) 545 err(1, "%s on %s", ospec, name); 546 if (mntflags & MNT_GETARGS) { 547 shownfsargs(nfsargsp); 548 return (0); 549 } 550 551 if (nfsargsp->flags & (NFSMNT_NQNFS | NFSMNT_KERB)) { 552 if ((opflags & ISBGRND) == 0) { 553 if ((i = fork()) != 0) { 554 if (i == -1) 555 err(1, "nqnfs 1"); 556 exit(0); 557 } 558 (void) setsid(); 559 (void) close(STDIN_FILENO); 560 (void) close(STDOUT_FILENO); 561 (void) close(STDERR_FILENO); 562 (void) chdir("/"); 563 } 564 openlog("mount_nfs", LOG_PID, LOG_DAEMON); 565 nfssvc_flag = NFSSVC_MNTD; 566 ncd.ncd_dirp = name; 567 while (nfssvc(nfssvc_flag, (caddr_t)&ncd) < 0) { 568 if (errno != ENEEDAUTH) { 569 syslog(LOG_ERR, "nfssvc err %m"); 570 continue; 571 } 572 nfssvc_flag = 573 NFSSVC_MNTD | NFSSVC_GOTAUTH | NFSSVC_AUTHINFAIL; 574 #ifdef NFSKERB 575 /* 576 * Set up as ncd_authuid for the kerberos call. 577 * Must set ruid to ncd_authuid and reset the 578 * ticket name iff ncd_authuid is not the same 579 * as last time, so that the right ticket file 580 * is found. 581 * Get the Kerberos credential structure so that 582 * we have the seesion key and get a ticket for 583 * this uid. 584 * For more info see the IETF Draft "Authentication 585 * in ONC RPC". 586 */ 587 if (ncd.ncd_authuid != last_ruid) { 588 krb_set_tkt_string(""); 589 last_ruid = ncd.ncd_authuid; 590 } 591 setreuid(ncd.ncd_authuid, 0); 592 kret = krb_get_cred(NFS_KERBSRV, inst, realm, &kcr); 593 if (kret == RET_NOTKT) { 594 kret = get_ad_tkt(NFS_KERBSRV, inst, realm, 595 DEFAULT_TKT_LIFE); 596 if (kret == KSUCCESS) 597 kret = krb_get_cred(NFS_KERBSRV, inst, realm, 598 &kcr); 599 } 600 if (kret == KSUCCESS) 601 kret = krb_mk_req(&ktick.kt, NFS_KERBSRV, inst, 602 realm, 0); 603 604 /* 605 * Fill in the AKN_FULLNAME authenticator and verfier. 606 * Along with the Kerberos ticket, we need to build 607 * the timestamp verifier and encrypt it in CBC mode. 608 */ 609 if (kret == KSUCCESS && 610 ktick.kt.length <= (RPCAUTH_MAXSIZ-3*NFSX_UNSIGNED) 611 && gettimeofday(&ktv, (struct timezone *)0) == 0) { 612 ncd.ncd_authtype = RPCAUTH_KERB4; 613 ncd.ncd_authstr = (u_char *)&ktick; 614 ncd.ncd_authlen = nfsm_rndup(ktick.kt.length) + 615 3 * NFSX_UNSIGNED; 616 ncd.ncd_verfstr = (u_char *)&kverf; 617 ncd.ncd_verflen = sizeof (kverf); 618 memmove(ncd.ncd_key, kcr.session, 619 sizeof (kcr.session)); 620 kin.t1 = htonl(ktv.tv_sec); 621 kin.t2 = htonl(ktv.tv_usec); 622 kin.w1 = htonl(NFS_KERBTTL); 623 kin.w2 = htonl(NFS_KERBTTL - 1); 624 memset((caddr_t)kivec, 0, sizeof (kivec)); 625 626 /* 627 * Encrypt kin in CBC mode using the session 628 * key in kcr. 629 */ 630 XXX 631 632 /* 633 * Finally, fill the timestamp verifier into the 634 * authenticator and verifier. 635 */ 636 ktick.kind = htonl(RPCAKN_FULLNAME); 637 kverf.kind = htonl(RPCAKN_FULLNAME); 638 NFS_KERBW1(ktick.kt) = kout.w1; 639 ktick.kt.length = htonl(ktick.kt.length); 640 kverf.verf.t1 = kout.t1; 641 kverf.verf.t2 = kout.t2; 642 kverf.verf.w2 = kout.w2; 643 nfssvc_flag = NFSSVC_MNTD | NFSSVC_GOTAUTH; 644 } 645 setreuid(0, 0); 646 #endif /* NFSKERB */ 647 } 648 } 649 exit(0); 650 } 651 652 static void 653 shownfsargs(nfsargsp) 654 const struct nfs_args *nfsargsp; 655 { 656 char fbuf[2048]; 657 char host[NI_MAXHOST], serv[NI_MAXSERV]; 658 int error; 659 660 (void)snprintb(fbuf, sizeof(fbuf), NFSMNT_BITS, nfsargsp->flags); 661 if (nfsargsp->addr != NULL) { 662 error = getnameinfo(nfsargsp->addr, nfsargsp->addrlen, host, 663 sizeof(host), serv, sizeof(serv), 664 NI_NUMERICHOST | NI_NUMERICSERV); 665 if (error != 0) 666 warnx("getnameinfo: %s", gai_strerror(error)); 667 } else 668 error = -1; 669 670 if (error == 0) 671 printf("addr=%s, port=%s, addrlen=%d, ", 672 host, serv, nfsargsp->addrlen); 673 printf("sotype=%d, proto=%d, fhsize=%d, " 674 "flags=%s, wsize=%d, rsize=%d, readdirsize=%d, timeo=%d, " 675 "retrans=%d, maxgrouplist=%d, readahead=%d, leaseterm=%d, " 676 "deadthresh=%d\n", 677 nfsargsp->sotype, 678 nfsargsp->proto, 679 nfsargsp->fhsize, 680 fbuf, 681 nfsargsp->wsize, 682 nfsargsp->rsize, 683 nfsargsp->readdirsize, 684 nfsargsp->timeo, 685 nfsargsp->retrans, 686 nfsargsp->maxgrouplist, 687 nfsargsp->readahead, 688 nfsargsp->leaseterm, 689 nfsargsp->deadthresh); 690 } 691 692 static int 693 getnfsargs(spec, nfsargsp) 694 char *spec; 695 struct nfs_args *nfsargsp; 696 { 697 CLIENT *clp; 698 struct addrinfo hints, *ai_nfs, *ai; 699 int ecode; 700 char host[NI_MAXHOST], serv[NI_MAXSERV]; 701 static struct netbuf nfs_nb; 702 static struct sockaddr_storage nfs_ss; 703 struct netconfig *nconf; 704 char *netid; 705 #ifdef ISO 706 static struct sockaddr_iso isoaddr; 707 struct iso_addr *isop; 708 int isoflag = 0; 709 #endif 710 struct timeval pertry, try; 711 enum clnt_stat clnt_stat; 712 int i, nfsvers, mntvers, orgcnt; 713 char *hostp, *delimp; 714 #ifdef NFSKERB 715 char *cp; 716 #endif 717 static struct nfhret nfhret; 718 static char nam[MNAMELEN + 1]; 719 720 strncpy(nam, spec, MNAMELEN); 721 nam[MNAMELEN] = '\0'; 722 if ((delimp = strchr(spec, '@')) != NULL) { 723 hostp = delimp + 1; 724 } else if ((delimp = strrchr(spec, ':')) != NULL) { 725 hostp = spec; 726 spec = delimp + 1; 727 } else { 728 warnx("no <host>:<dirpath> or <dirpath>@<host> spec"); 729 return (0); 730 } 731 *delimp = '\0'; 732 /* 733 * DUMB!! Until the mount protocol works on iso transport, we must 734 * supply both an iso and an inet address for the host. 735 */ 736 #ifdef ISO 737 if (!strncmp(hostp, "iso=", 4)) { 738 u_short isoport; 739 740 hostp += 4; 741 isoflag++; 742 if ((delimp = strchr(hostp, '+')) == NULL) { 743 warnx("no iso+inet address"); 744 return (0); 745 } 746 *delimp = '\0'; 747 if ((isop = iso_addr(hostp)) == NULL) { 748 warnx("bad ISO address"); 749 return (0); 750 } 751 memset(&isoaddr, 0, sizeof (isoaddr)); 752 memcpy(&isoaddr.siso_addr, isop, sizeof (struct iso_addr)); 753 isoaddr.siso_len = sizeof (isoaddr); 754 isoaddr.siso_family = AF_ISO; 755 isoaddr.siso_tlen = 2; 756 isoport = htons(NFS_PORT); 757 memcpy(TSEL(&isoaddr), &isoport, isoaddr.siso_tlen); 758 hostp = delimp + 1; 759 } 760 #endif /* ISO */ 761 762 /* 763 * Handle an internet host address and reverse resolve it if 764 * doing Kerberos. 765 */ 766 memset(&hints, 0, sizeof hints); 767 hints.ai_flags = AI_NUMERICHOST; 768 hints.ai_socktype = nfsargsp->sotype; 769 if (getaddrinfo(hostp, "nfs", &hints, &ai_nfs) == 0) { 770 if ((nfsargsp->flags & NFSMNT_KERB)) { 771 hints.ai_flags = 0; 772 if (getnameinfo(ai->ai_addr, ai->ai_addrlen, host, 773 sizeof host, serv, sizeof serv, 0) != 0) { 774 warnx("can't reverse resolve net address for " 775 "host \"%s\": %s", hostp, 776 gai_strerror(ecode)); 777 return (0); 778 } 779 hostp = host; 780 } 781 } else { 782 hints.ai_flags = 0; 783 if ((ecode = getaddrinfo(hostp, "nfs", &hints, &ai_nfs)) != 0) { 784 warnx("can't get net id for host \"%s\": %s", hostp, 785 gai_strerror(ecode)); 786 return (0); 787 } 788 } 789 #ifdef NFSKERB 790 if (nfsargsp->flags & NFSMNT_KERB) { 791 strncpy(inst, hp->h_name, INST_SZ); 792 inst[INST_SZ - 1] = '\0'; 793 if (cp = strchr(inst, '.')) 794 *cp = '\0'; 795 } 796 #endif /* NFSKERB */ 797 798 if (force2) { 799 nfsvers = NFS_VER2; 800 mntvers = RPCMNT_VER1; 801 } else { 802 nfsvers = NFS_VER3; 803 mntvers = RPCMNT_VER3; 804 } 805 orgcnt = retrycnt; 806 nfhret.stat = EACCES; /* Mark not yet successful */ 807 808 for (ai = ai_nfs; ai; ai = ai->ai_next) { 809 /* 810 * XXX. Nead a generic (family, type, proto) -> nconf interface. 811 * __rpc_*2nconf exist, maybe they should be exported. 812 */ 813 if (nfsargsp->sotype == SOCK_STREAM) { 814 if (ai->ai_family == AF_INET6) 815 netid = "tcp6"; 816 else 817 netid = "tcp"; 818 } else { 819 if (ai->ai_family == AF_INET6) 820 netid = "udp6"; 821 else 822 netid = "udp"; 823 } 824 825 nconf = getnetconfigent(netid); 826 827 tryagain: 828 retrycnt = orgcnt; 829 830 while (retrycnt > 0) { 831 nfs_nb.buf = &nfs_ss; 832 nfs_nb.maxlen = sizeof nfs_ss; 833 if (!rpcb_getaddr(RPCPROG_NFS, nfsvers, nconf, &nfs_nb, hostp)){ 834 if (rpc_createerr.cf_stat == RPC_SYSTEMERROR) { 835 nfhret.stat = rpc_createerr.cf_error.re_errno; 836 break; 837 } 838 if (rpc_createerr.cf_stat == RPC_UNKNOWNPROTO) { 839 nfhret.stat = EPROTONOSUPPORT; 840 break; 841 } 842 if ((opflags & ISBGRND) == 0) 843 clnt_pcreateerror( 844 "mount_nfs: rpcbind to nfs on server"); 845 } else { 846 pertry.tv_sec = 10; 847 pertry.tv_usec = 0; 848 /* 849 * XXX relies on clnt_tcp_create to bind to a reserved 850 * socket. 851 */ 852 clp = clnt_tp_create(hostp, RPCPROG_MNT, mntvers, 853 mnttcp_ok ? nconf : getnetconfigent("udp")); 854 if (clp == NULL) { 855 if ((opflags & ISBGRND) == 0) { 856 clnt_pcreateerror( 857 "Cannot MNT RPC (mountd)"); 858 } 859 } else { 860 CLNT_CONTROL(clp, CLSET_RETRY_TIMEOUT, 861 (char *)&pertry); 862 clp->cl_auth = authsys_create_default(); 863 try.tv_sec = 10; 864 try.tv_usec = 0; 865 if (nfsargsp->flags & NFSMNT_KERB) 866 nfhret.auth = RPCAUTH_KERB4; 867 else 868 nfhret.auth = RPCAUTH_UNIX; 869 nfhret.vers = mntvers; 870 clnt_stat = clnt_call(clp, RPCMNT_MOUNT, 871 xdr_dir, spec, xdr_fh, &nfhret, try); 872 switch (clnt_stat) { 873 case RPC_PROGVERSMISMATCH: 874 if (nfsvers == NFS_VER3 && !force3) { 875 nfsvers = NFS_VER2; 876 mntvers = RPCMNT_VER1; 877 nfsargsp->flags &= 878 ~NFSMNT_NFSV3; 879 goto tryagain; 880 } else { 881 errx(1, "%s", clnt_sperror(clp, 882 "MNT RPC")); 883 } 884 case RPC_SUCCESS: 885 auth_destroy(clp->cl_auth); 886 clnt_destroy(clp); 887 retrycnt = 0; 888 break; 889 default: 890 /* XXX should give up on some errors */ 891 if ((opflags & ISBGRND) == 0) 892 warnx("%s", clnt_sperror(clp, 893 "bad MNT RPC")); 894 break; 895 } 896 } 897 } 898 if (--retrycnt > 0) { 899 if (opflags & BGRND) { 900 opflags &= ~BGRND; 901 if ((i = fork()) != 0) { 902 if (i == -1) 903 err(1, "nqnfs 2"); 904 exit(0); 905 } 906 (void) setsid(); 907 (void) close(STDIN_FILENO); 908 (void) close(STDOUT_FILENO); 909 (void) close(STDERR_FILENO); 910 (void) chdir("/"); 911 opflags |= ISBGRND; 912 } 913 sleep(60); 914 } 915 } 916 if (nfhret.stat == 0) 917 break; 918 } 919 freeaddrinfo(ai_nfs); 920 if (nfhret.stat) { 921 if (opflags & ISBGRND) 922 exit(1); 923 errno = nfhret.stat; 924 warnx("can't access %s: %s", spec, strerror(nfhret.stat)); 925 return (0); 926 } 927 #ifdef ISO 928 if (isoflag) { 929 nfsargsp->addr = (struct sockaddr *) &isoaddr; 930 nfsargsp->addrlen = sizeof (isoaddr); 931 } else 932 #endif /* ISO */ 933 { 934 nfsargsp->addr = (struct sockaddr *) nfs_nb.buf; 935 nfsargsp->addrlen = nfs_nb.len; 936 if (port != 0) { 937 struct sockaddr *sa = nfsargsp->addr; 938 switch (sa->sa_family) { 939 case AF_INET: 940 ((struct sockaddr_in *)sa)->sin_port = port; 941 #ifdef INET6 942 case AF_INET6: 943 ((struct sockaddr_in6 *)sa)->sin6_port = port; 944 break; 945 #endif 946 default: 947 errx(1, "Unsupported socket family %d", 948 sa->sa_family); 949 } 950 } 951 } 952 nfsargsp->fh = nfhret.nfh; 953 nfsargsp->fhsize = nfhret.fhsize; 954 nfsargsp->hostname = nam; 955 return (1); 956 } 957 958 /* 959 * xdr routines for mount rpc's 960 */ 961 static int 962 xdr_dir(xdrsp, dirp) 963 XDR *xdrsp; 964 char *dirp; 965 { 966 return (xdr_string(xdrsp, &dirp, RPCMNT_PATHLEN)); 967 } 968 969 static int 970 xdr_fh(xdrsp, np) 971 XDR *xdrsp; 972 struct nfhret *np; 973 { 974 int i; 975 long auth, authcnt, authfnd = 0; 976 977 if (!xdr_u_long(xdrsp, &np->stat)) 978 return (0); 979 if (np->stat) 980 return (1); 981 switch (np->vers) { 982 case 1: 983 np->fhsize = NFSX_V2FH; 984 return (xdr_opaque(xdrsp, (caddr_t)np->nfh, NFSX_V2FH)); 985 case 3: 986 if (!xdr_long(xdrsp, &np->fhsize)) 987 return (0); 988 if (np->fhsize <= 0 || np->fhsize > NFSX_V3FHMAX) 989 return (0); 990 if (!xdr_opaque(xdrsp, (caddr_t)np->nfh, np->fhsize)) 991 return (0); 992 if (!xdr_long(xdrsp, &authcnt)) 993 return (0); 994 for (i = 0; i < authcnt; i++) { 995 if (!xdr_long(xdrsp, &auth)) 996 return (0); 997 if (auth == np->auth) 998 authfnd++; 999 } 1000 /* 1001 * Some servers, such as DEC's OSF/1 return a nil authenticator 1002 * list to indicate RPCAUTH_UNIX. 1003 */ 1004 if (!authfnd && (authcnt > 0 || np->auth != RPCAUTH_UNIX)) 1005 np->stat = EAUTH; 1006 return (1); 1007 }; 1008 return (0); 1009 } 1010 1011 static void 1012 usage() 1013 { 1014 (void)fprintf(stderr, "usage: mount_nfs %s\n%s\n%s\n%s\n%s\n", 1015 "[-23bcCdiKlpPqsTUX] [-a maxreadahead] [-D deadthresh]", 1016 "\t[-g maxgroups] [-I readdirsize] [-L leaseterm] [-m realm]", 1017 "\t[-o options] [-R retrycnt] [-r readsize] [-t timeout]", 1018 "\t[-w writesize] [-x retrans]", 1019 "\trhost:path node"); 1020 exit(1); 1021 } 1022
Indexes created Wed Oct 01 07:09:59 GMT 2025