]> git.saurik.com Git - apple/network_cmds.git/blob - ypserv.tproj/ypserv_proc.c
projects / apple / network_cmds.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
network_cmds-245.1.3.tar.gz
[apple/network_cmds.git] / ypserv.tproj / ypserv_proc.c
1 /*
2 * Copyright (c) 1999 Apple Computer, Inc. All rights reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23 /* $OpenBSD: ypserv_proc.c,v 1.14 1997/09/12 01:44:57 deraadt Exp $ */
24
25 /*
26 * Copyright (c) 1994 Mats O Jansson <moj@stacken.kth.se>
27 * All rights reserved.
28 *
29 * Redistribution and use in source and binary forms, with or without
30 * modification, are permitted provided that the following conditions
31 * are met:
32 * 1. Redistributions of source code must retain the above copyright
33 * notice, this list of conditions and the following disclaimer.
34 * 2. Redistributions in binary form must reproduce the above copyright
35 * notice, this list of conditions and the following disclaimer in the
36 * documentation and/or other materials provided with the distribution.
37 * 3. All advertising materials mentioning features or use of this software
38 * must display the following acknowledgement:
39 * This product includes software developed by Mats O Jansson
40 * 4. The name of the author may not be used to endorse or promote products
41 * derived from this software without specific prior written permission.
42 *
43 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS
44 * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
45 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
46 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
47 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
48 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
49 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
50 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
51 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
52 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
53 * SUCH DAMAGE.
54 */
55
56 #ifndef LINT
57 static char rcsid[] = "$OpenBSD: ypserv_proc.c,v 1.14 1997/09/12 01:44:57 deraadt Exp $";
58 #endif
59
60 #include <rpc/rpc.h>
61 #include "yp.h"
62 #include "ypv1.h"
63 #include <rpcsvc/ypclnt.h>
64 #include <sys/stat.h>
65 #include <sys/socket.h>
66 #include <sys/param.h>
67 #include <netinet/in.h>
68 #include <arpa/inet.h>
69 #include "ypdb.h"
70 #include <fcntl.h>
71 #include <dirent.h>
72 #include <stdio.h>
73 #include <string.h>
74 #include <unistd.h>
75 #include <stdlib.h>
76 #include "yplog.h"
77 #include "ypdef.h"
78
79 #ifdef DEBUG
80 #define YPLOG yplog
81 #else /* DEBUG */
82 #define YPLOG if (!ok) yplog
83 #endif /* DEBUG */
84
85 extern ypresp_val ypdb_get_record();
86 extern ypresp_key_val ypdb_get_first();
87 extern ypresp_key_val ypdb_get_next();
88 extern ypresp_order ypdb_get_order();
89 extern ypresp_master ypdb_get_master();
90 extern bool_t ypdb_xdr_get_all();
91 extern void ypdb_close_all();
92 extern int ypdb_secure();
93
94 static char *True = "true";
95 static char *False = "FALSE";
96 #define TORF(N) ((N) ? True : False)
97 void *
98 ypproc_null_2_svc(argp, rqstp)
99 void *argp;
100 struct svc_req *rqstp;
101 {
102 static char *result;
103 struct sockaddr_in *caller = svc_getcaller(rqstp->rq_xprt);
104 int ok = yp_acl_check_host(&caller->sin_addr);
105
106 YPLOG("null_2: caller=[%s].%d, auth_ok=%s",
107 inet_ntoa(caller->sin_addr), ntohs(caller->sin_port), TORF(ok));
108
109 if (!ok) {
110 svcerr_auth(rqstp->rq_xprt, AUTH_FAILED);
111 return(NULL);
112 }
113
114 result = NULL;
115
116 return ((void *)&result);
117 }
118
119 bool_t *
120 ypproc_domain_2_svc(argp, rqstp)
121 domainname *argp;
122 struct svc_req *rqstp;
123 {
124 static bool_t result; /* is domain_served? */
125 struct sockaddr_in *caller = svc_getcaller(rqstp->rq_xprt);
126 int ok = yp_acl_check_host(&caller->sin_addr);
127 static char domain_path[MAXPATHLEN];
128 struct stat finfo;
129
130 if (strchr(*argp, '/'))
131 goto bail;
132 snprintf(domain_path, sizeof(domain_path), "%s/%s", YP_DB_PATH, *argp);
133 result = (bool_t) ((stat(domain_path, &finfo) == 0) &&
134 (finfo.st_mode & S_IFDIR));
135
136 YPLOG("domain_2: caller=[%s].%d, auth_ok=%s, domain=%s, served=%s",
137 inet_ntoa(caller->sin_addr), ntohs(caller->sin_port),
138 TORF(ok), *argp, TORF(result));
139
140 if (!ok) {
141 bail:
142 svcerr_auth(rqstp->rq_xprt, AUTH_FAILED);
143 return(NULL);
144 }
145
146 return (&result);
147 }
148
149 bool_t *
150 ypproc_domain_nonack_2_svc(argp, rqstp)
151 domainname *argp;
152 struct svc_req *rqstp;
153 {
154 static bool_t result; /* is domain served? */
155 struct sockaddr_in *caller = svc_getcaller(rqstp->rq_xprt);
156 int ok = yp_acl_check_host(&caller->sin_addr);
157 static char domain_path[MAXPATHLEN];
158 struct stat finfo;
159
160 if (strchr(*argp, '/'))
161 goto bail;
162 snprintf(domain_path, sizeof(domain_path), "%s/%s", YP_DB_PATH, *argp);
163 result = (bool_t) ((stat(domain_path, &finfo) == 0) &&
164 (finfo.st_mode & S_IFDIR));
165
166 YPLOG(
167 "domain_nonack_2: caller=[%s].%d, auth_ok=%s, domain=%s, served=%s",
168 inet_ntoa(caller->sin_addr), ntohs(caller->sin_port), TORF(ok),
169 *argp, TORF(result));
170
171 if (!ok) {
172 bail:
173 svcerr_auth(rqstp->rq_xprt, AUTH_FAILED);
174 return(NULL);
175 }
176
177 if (!result) {
178 return(NULL); /* don't send nack */
179 }
180
181 return (&result);
182 }
183
184 ypresp_val *
185 ypproc_match_2_svc(argp, rqstp)
186 ypreq_key *argp;
187 struct svc_req *rqstp;
188 {
189 static ypresp_val res;
190 struct sockaddr_in *caller = svc_getcaller(rqstp->rq_xprt);
191 int ok = yp_acl_check_host(&caller->sin_addr);
192 int secure = ypdb_secure(argp->domain,argp->map);
193
194 if (strchr(argp->domain, '/') || strchr(argp->map, '/'))
195 goto bail;
196 YPLOG(
197 "match_2: caller=[%s].%d, auth_ok=%s, secure=%s, domain=%s, map=%s, key=%.*s",
198 inet_ntoa(caller->sin_addr), ntohs(caller->sin_port),
199 TORF(ok), TORF(secure),
200 argp->domain, argp->map, argp->key.keydat_len, argp->key.keydat_val);
201
202 if (!ok) {
203 bail:
204 svcerr_auth(rqstp->rq_xprt, AUTH_FAILED);
205 return(NULL);
206 }
207
208 if (secure && (ntohs(caller->sin_port) >= IPPORT_RESERVED)) {
209 res.stat = YP_YPERR;
210 } else {
211 res = ypdb_get_record(argp->domain,argp->map,argp->key, FALSE);
212 }
213
214 #ifdef DEBUG
215 yplog(" match2_status: %s", yperr_string(ypprot_err(res.stat)));
216 #endif
217
218 return (&res);
219 }
220
221 ypresp_key_val *
222 ypproc_first_2_svc(argp, rqstp)
223 ypreq_nokey *argp;
224 struct svc_req *rqstp;
225 {
226 static ypresp_key_val res;
227 struct sockaddr_in *caller = svc_getcaller(rqstp->rq_xprt);
228 int ok = yp_acl_check_host(&caller->sin_addr);
229 int secure = ypdb_secure(argp->domain,argp->map);
230
231 if (strchr(argp->domain, '/') || strchr(argp->map, '/'))
232 goto bail;
233 YPLOG( "first_2: caller=[%s].%d, auth_ok=%s, secure=%s, domain=%s, map=%s",
234 inet_ntoa(caller->sin_addr), ntohs(caller->sin_port),
235 TORF(ok), TORF(secure),
236 argp->domain, argp->map);
237
238 if (!ok) {
239 bail:
240 svcerr_auth(rqstp->rq_xprt, AUTH_FAILED);
241 return(NULL);
242 }
243
244 if (secure && (ntohs(caller->sin_port) >= IPPORT_RESERVED)) {
245 res.stat = YP_YPERR;
246 } else {
247 res = ypdb_get_first(argp->domain,argp->map,FALSE);
248 }
249
250 #ifdef DEBUG
251 yplog(" first2_status: %s", yperr_string(ypprot_err(res.stat)));
252 #endif
253
254 return (&res);
255 }
256
257 ypresp_key_val *
258 ypproc_next_2_svc(argp, rqstp)
259 ypreq_key *argp;
260 struct svc_req *rqstp;
261 {
262 static ypresp_key_val res;
263 struct sockaddr_in *caller = svc_getcaller(rqstp->rq_xprt);
264 int ok = yp_acl_check_host(&caller->sin_addr);
265 int secure = ypdb_secure(argp->domain,argp->map);
266
267 if (strchr(argp->domain, '/') || strchr(argp->map, '/'))
268 goto bail;
269 YPLOG(
270 "next_2: caller=[%s].%d, auth_ok=%s, secure=%s, domain=%s, map=%s, key=%.*s",
271 inet_ntoa(caller->sin_addr), ntohs(caller->sin_port),
272 TORF(ok), TORF(secure),
273 argp->domain, argp->map, argp->key.keydat_len, argp->key.keydat_val);
274
275 if (!ok) {
276 bail:
277 svcerr_auth(rqstp->rq_xprt, AUTH_FAILED);
278 return(NULL);
279 }
280
281 if (secure && (ntohs(caller->sin_port) >= IPPORT_RESERVED)) {
282 res.stat = YP_YPERR;
283 } else {
284 res = ypdb_get_next(argp->domain,argp->map,argp->key,FALSE);
285 }
286
287 #ifdef DEBUG
288 yplog(" next2_status: %s", yperr_string(ypprot_err(res.stat)));
289 #endif
290
291 return (&res);
292 }
293
294 ypresp_xfr *
295 ypproc_xfr_2_svc(argp, rqstp)
296 ypreq_xfr *argp;
297 struct svc_req *rqstp;
298 {
299 static ypresp_xfr res;
300 struct sockaddr_in *caller = svc_getcaller(rqstp->rq_xprt);
301 int ok = yp_acl_check_host(&caller->sin_addr);
302 pid_t pid;
303 char tid[11];
304 char prog[11];
305 char port[11];
306 char ypxfr_proc[] = YPXFR_PROC;
307 char *ipadd;
308
309 bzero((char *)&res, sizeof(res));
310
311 YPLOG("xfr_2: caller=[%s].%d, auth_ok=%s, domain=%s, tid=%d, prog=%d",
312 inet_ntoa(caller->sin_addr), ntohs(caller->sin_port), TORF(ok),
313 argp->map_parms.domain, argp->transid, argp->prog);
314 YPLOG(" ipadd=%s, port=%d, map=%s", inet_ntoa(caller->sin_addr),
315 argp->port, argp->map_parms.map);
316
317 if (strchr(argp->map_parms.domain, '/') ||
318 strchr(argp->map_parms.map, '/') ||
319 ntohs(caller->sin_port) >= IPPORT_RESERVED) {
320 svcerr_auth(rqstp->rq_xprt, AUTH_FAILED);
321 return(NULL);
322 }
323
324 snprintf(tid, sizeof(tid), "%d",argp->transid);
325 snprintf(prog, sizeof(prog), "%d", argp->prog);
326 snprintf(port, sizeof(port), "%d", argp->port);
327 ipadd = inet_ntoa(caller->sin_addr);
328
329 pid = vfork();
330 if (pid == -1) {
331 svcerr_systemerr(rqstp->rq_xprt);
332 return(NULL);
333 }
334 if (pid == 0) {
335 execl(ypxfr_proc, "ypxfr", "-d", argp->map_parms.domain,
336 "-C",tid, prog, ipadd, port, argp->map_parms.map, NULL);
337 _exit(1);
338 }
339
340 /*
341 * XXX: fill in res
342 */
343 return (&res);
344 }
345
346 void *
347 ypproc_clear_2_svc(argp, rqstp)
348 void *argp;
349 struct svc_req *rqstp;
350 {
351 static char *res;
352 struct sockaddr_in *caller = svc_getcaller(rqstp->rq_xprt);
353 int ok = yp_acl_check_host(&caller->sin_addr);
354
355 YPLOG( "clear_2: caller=[%s].%d, auth_ok=%s, opt=%s",
356 inet_ntoa(caller->sin_addr), ntohs(caller->sin_port), TORF(ok),
357 #ifdef OPTDB
358 True
359 #else
360 False
361 #endif
362 );
363
364 if (ntohs(caller->sin_port) >= IPPORT_RESERVED)
365 ok = FALSE;
366
367 if (!ok) {
368 svcerr_auth(rqstp->rq_xprt, AUTH_FAILED);
369 return(NULL);
370 }
371
372 res = NULL;
373
374 #ifdef OPTDB
375 ypdb_close_all();
376 #endif
377
378 return ((void *)&res);
379 }
380
381 ypresp_all *
382 ypproc_all_2_svc(argp, rqstp)
383 ypreq_nokey *argp;
384 struct svc_req *rqstp;
385 {
386 static ypresp_all res;
387 pid_t pid;
388 struct sockaddr_in *caller = svc_getcaller(rqstp->rq_xprt);
389 int ok = yp_acl_check_host(&caller->sin_addr);
390 int secure = ypdb_secure(argp->domain,argp->map);
391
392 if (strchr(argp->domain, '/') || strchr(argp->map, '/'))
393 goto bail;
394 YPLOG( "all_2: caller=[%s].%d, auth_ok=%s, secure=%s, domain=%s, map=%s",
395 inet_ntoa(caller->sin_addr), ntohs(caller->sin_port),
396 TORF(ok), TORF(secure), argp->domain, argp->map);
397
398 if (!ok) {
399 bail:
400 svcerr_auth(rqstp->rq_xprt, AUTH_FAILED);
401 return(NULL);
402 }
403
404 bzero((char *)&res, sizeof(res));
405
406 if (secure && (ntohs(caller->sin_port) >= IPPORT_RESERVED)) {
407 res.ypresp_all_u.val.stat = YP_YPERR;
408 return(&res);
409 }
410
411 pid = fork();
412
413 if (pid) {
414
415 if (pid == -1) {
416 /* XXXCDC An error has occurred */
417 }
418
419 return(NULL); /* PARENT: continue */
420
421 }
422 /* CHILD: send result, then exit */
423
424 if (!svc_sendreply(rqstp->rq_xprt, ypdb_xdr_get_all, (char *) argp)) {
425 svcerr_systemerr(rqstp->rq_xprt);
426 }
427
428 /* note: no need to free args, we are exiting */
429
430 exit(0);
431 }
432
433 ypresp_master *
434 ypproc_master_2_svc(argp, rqstp)
435 ypreq_nokey *argp;
436 struct svc_req *rqstp;
437 {
438 static ypresp_master res;
439 static peername nopeer = "";
440 struct sockaddr_in *caller = svc_getcaller(rqstp->rq_xprt);
441 int ok = yp_acl_check_host(&caller->sin_addr);
442 int secure = ypdb_secure(argp->domain,argp->map);
443
444 if (strchr(argp->domain, '/') || strchr(argp->map, '/'))
445 goto bail;
446 YPLOG( "master_2: caller=[%s].%d, auth_ok=%s, secure=%s, domain=%s, map=%s",
447 inet_ntoa(caller->sin_addr), ntohs(caller->sin_port),
448 TORF(ok), TORF(secure), argp->domain, argp->map);
449
450 if (!ok) {
451 bail:
452 svcerr_auth(rqstp->rq_xprt, AUTH_FAILED);
453 return(NULL);
454 }
455
456 if (secure && (ntohs(caller->sin_port) >= IPPORT_RESERVED)) {
457 res.stat = YP_YPERR;
458 } else {
459 res = ypdb_get_master(argp->domain,argp->map);
460 }
461
462 #ifdef DEBUG
463 yplog(" master2_status: %s", yperr_string(ypprot_err(res.stat)));
464 #endif
465
466 /* This code was added because a yppoll <unknown-domain> */
467 /* from a sun crashed the server in xdr_string, trying */
468 /* to access the peer through a NULL-pointer. yppoll in */
469 /* this server start asking for order. If order is ok */
470 /* then it will ask for master. SunOS 4 asks for both */
471 /* always. I'm not sure this is the best place for the */
472 /* fix, but for now it will do. xdr_peername or */
473 /* xdr_string in ypserv_xdr.c may be a better place? */
474
475 if (res.peer == NULL) {
476 res.peer = nopeer;
477 }
478
479 /* End of fix */
480
481 return (&res);
482 }
483
484
485 ypresp_order *
486 ypproc_order_2_svc(argp, rqstp)
487 ypreq_nokey *argp;
488 struct svc_req *rqstp;
489 {
490 static ypresp_order res;
491 struct sockaddr_in *caller = svc_getcaller(rqstp->rq_xprt);
492 int ok = yp_acl_check_host(&caller->sin_addr);
493 int secure = ypdb_secure(argp->domain,argp->map);
494
495 if (strchr(argp->domain, '/'))
496 goto bail;
497 YPLOG( "order_2: caller=[%s].%d, auth_ok=%s, secure=%s, domain=%s, map=%s",
498 inet_ntoa(caller->sin_addr), ntohs(caller->sin_port),
499 TORF(ok), TORF(secure), argp->domain, argp->map);
500
501 if (!ok) {
502 bail:
503 svcerr_auth(rqstp->rq_xprt, AUTH_FAILED);
504 return(NULL);
505 }
506
507 if (secure && (ntohs(caller->sin_port) >= IPPORT_RESERVED)) {
508 res.stat = YP_YPERR;
509 } else if (strchr(argp->map, '/')) {
510 res.stat = YP_NOMAP;
511 } else {
512 res = ypdb_get_order(argp->domain,argp->map);
513 }
514
515 #ifdef DEBUG
516 yplog(" order2_status: %s", yperr_string(ypprot_err(res.stat)));
517 #endif
518
519 return (&res);
520 }
521
522
523 ypresp_maplist *
524 ypproc_maplist_2_svc(argp, rqstp)
525 domainname *argp;
526 struct svc_req *rqstp;
527 {
528 static ypresp_maplist res;
529 struct sockaddr_in *caller = svc_getcaller(rqstp->rq_xprt);
530 int ok = yp_acl_check_host(&caller->sin_addr);
531 static char domain_path[MAXPATHLEN];
532 struct stat finfo;
533 DIR *dirp = NULL;
534 struct dirent *dp;
535 char *suffix;
536 ypstat status;
537 struct ypmaplist *m;
538 char *map_name;
539
540 if (strchr(*argp, '/'))
541 goto bail;
542 YPLOG("maplist_2: caller=[%s].%d, auth_ok=%s, domain=%s",
543 inet_ntoa(caller->sin_addr), ntohs(caller->sin_port), TORF(ok),
544 *argp);
545
546 if (!ok) {
547 bail:
548 svcerr_auth(rqstp->rq_xprt, AUTH_FAILED);
549 return(NULL);
550 }
551
552 bzero((char *)&res, sizeof(res));
553
554 snprintf(domain_path,MAXPATHLEN, "%s/%s",YP_DB_PATH,*argp);
555
556 status = YP_TRUE;
557
558 res.maps = NULL;
559
560 if (!((stat(domain_path, &finfo) == 0) &&
561 ((finfo.st_mode & S_IFMT) == S_IFDIR)))
562 status = YP_NODOM;
563
564 if (status >= 0) {
565 if ((dirp = opendir(domain_path)) == NULL) {
566 status = YP_NODOM;
567 }
568 }
569
570 if (status >= 0) {
571 for(dp = readdir(dirp); dp != NULL; dp = readdir(dirp)) {
572 if ((!strcmp(dp->d_name, ".")) ||
573 ((!strcmp(dp->d_name, ".."))) ||
574 (dp->d_namlen < 4))
575 continue;
576 suffix = (char *) &dp->d_name[dp->d_namlen-3];
577 if (strcmp(suffix,".db") == 0) {
578
579 if ((m = (struct ypmaplist *)
580 malloc((unsigned) sizeof(struct ypmaplist))) == NULL) {
581 status = YP_YPERR;
582 break;
583 }
584
585 if ((map_name = (char *)
586 malloc((unsigned) dp->d_namlen - 2)) == NULL) {
587 status = YP_YPERR;
588 break;
589 }
590
591 m->next = res.maps;
592 m->map = map_name;
593 res.maps = m;
594 strncpy(map_name, dp->d_name, dp->d_namlen - 3);
595 m->map[dp->d_namlen - 3] = '\0';
596
597 }
598 }
599 }
600
601 if (dirp != NULL) {
602 closedir(dirp);
603 }
604
605 res.stat = status;
606
607 #ifdef DEBUG
608 yplog(" maplist_status: %s", yperr_string(ypprot_err(res.stat)));
609 #endif
610
611 return (&res);
612 }
613
614 void *
615 ypproc_null_1_svc(argp, rqstp)
616 void *argp;
617 struct svc_req *rqstp;
618 {
619 static char *result;
620 struct sockaddr_in *caller = svc_getcaller(rqstp->rq_xprt);
621 int ok = yp_acl_check_host(&caller->sin_addr);
622
623 YPLOG("null_1: caller=[%s].%d, auth_ok=%s",
624 inet_ntoa(caller->sin_addr), ntohs(caller->sin_port), TORF(ok));
625
626 if (!ok) {
627 svcerr_auth(rqstp->rq_xprt, AUTH_FAILED);
628 return(NULL);
629 }
630
631 result = NULL;
632
633 return ((void *)&result);
634 }
635
636 bool_t *
637 ypproc_domain_1_svc(argp, rqstp)
638 domainname *argp;
639 struct svc_req *rqstp;
640 {
641 static bool_t result; /* is domain_served? */
642 struct sockaddr_in *caller = svc_getcaller(rqstp->rq_xprt);
643 int ok = yp_acl_check_host(&caller->sin_addr);
644 static char domain_path[MAXPATHLEN];
645 struct stat finfo;
646
647 if (strchr(*argp, '/'))
648 goto bail;
649 snprintf(domain_path, sizeof(domain_path), "%s/%s", YP_DB_PATH, *argp);
650 result = (bool_t) ((stat(domain_path, &finfo) == 0) &&
651 (finfo.st_mode & S_IFDIR));
652
653 YPLOG("domain_1: caller=[%s].%d, auth_ok=%s, domain=%s, served=%s",
654 inet_ntoa(caller->sin_addr), ntohs(caller->sin_port),
655 TORF(ok), *argp, TORF(result));
656
657 if (!ok) {
658 bail:
659 svcerr_auth(rqstp->rq_xprt, AUTH_FAILED);
660 return(NULL);
661 }
662
663 return (&result);
664 }
665
666 bool_t *
667 ypproc_domain_nonack_1_svc(argp, rqstp)
668 domainname *argp;
669 struct svc_req *rqstp;
670 {
671 static bool_t result; /* is domain served? */
672 struct sockaddr_in *caller = svc_getcaller(rqstp->rq_xprt);
673 int ok = yp_acl_check_host(&caller->sin_addr);
674 static char domain_path[MAXPATHLEN];
675 struct stat finfo;
676
677 if (strchr(*argp, '/'))
678 goto bail;
679 snprintf(domain_path, sizeof(domain_path), "%s/%s", YP_DB_PATH, *argp);
680 result = (bool_t) ((stat(domain_path, &finfo) == 0) &&
681 (finfo.st_mode & S_IFDIR));
682
683 YPLOG(
684 "domain_nonack_1: caller=[%s].%d, auth_ok=%s, domain=%s, served=%s",
685 inet_ntoa(caller->sin_addr), ntohs(caller->sin_port), TORF(ok),
686 *argp, TORF(result));
687
688 if (!ok) {
689 bail:
690 svcerr_auth(rqstp->rq_xprt, AUTH_FAILED);
691 return(NULL);
692 }
693
694 if (!result) {
695 return(NULL); /* don't send nack */
696 }
697
698 return (&result);
699 }
700
701 ypresponse *
702 ypproc_match_1_svc(argp, rqstp)
703 yprequest *argp;
704 struct svc_req *rqstp;
705 {
706 static ypresponse res;
707 struct sockaddr_in *caller = svc_getcaller(rqstp->rq_xprt);
708 int ok = yp_acl_check_host(&caller->sin_addr);
709 int secure;
710
711 if (strchr(argp->ypmatch_req_domain, '/') ||
712 strchr(argp->ypmatch_req_map, '/'))
713 goto bail;
714 res.yp_resptype = YPMATCH_RESPTYPE;
715 res.ypmatch_resp_valptr = "";
716 res.ypmatch_resp_valsize = 0;
717
718 if (argp->yp_reqtype != YPMATCH_REQTYPE) {
719 res.ypmatch_resp_status = YP_BADARGS;
720 return(&res);
721 }
722
723 secure = ypdb_secure(argp->ypmatch_req_domain, argp->ypmatch_req_map);
724
725 YPLOG(
726 "match_1: caller=[%s].%d, auth_ok=%s, secure=%s, domain=%s, map=%s, key=%.*s",
727 inet_ntoa(caller->sin_addr), ntohs(caller->sin_port),
728 TORF(ok), TORF(secure),
729 argp->ypmatch_req_domain, argp->ypmatch_req_map,
730 argp->ypmatch_req_keysize, argp->ypmatch_req_keyptr);
731
732 if (!ok) {
733 bail:
734 svcerr_auth(rqstp->rq_xprt, AUTH_FAILED);
735 return(NULL);
736 }
737
738 if (secure && (ntohs(caller->sin_port) >= IPPORT_RESERVED)) {
739 res.ypmatch_resp_status = YP_YPERR;
740 } else {
741 res.ypmatch_resp_val =
742 ypdb_get_record(argp->ypmatch_req_domain,
743 argp->ypmatch_req_map,
744 argp->ypmatch_req_keydat,
745 FALSE);
746 }
747
748 #ifdef DEBUG
749 yplog(" match1_status: %s",
750 yperr_string(ypprot_err(res.ypmatch_resp_status)));
751 #endif
752
753 return (&res);
754 }
755
756 ypresponse *
757 ypproc_first_1_svc(argp, rqstp)
758 yprequest *argp;
759 struct svc_req *rqstp;
760 {
761 static ypresponse res;
762 struct sockaddr_in *caller = svc_getcaller(rqstp->rq_xprt);
763 int ok = yp_acl_check_host(&caller->sin_addr);
764 int secure;
765
766 if (strchr(argp->ypfirst_req_domain, '/') ||
767 strchr(argp->ypfirst_req_map, '/'))
768 goto bail;
769 res.yp_resptype = YPFIRST_RESPTYPE;
770 res.ypfirst_resp_valptr = res.ypfirst_resp_keyptr = "";
771 res.ypfirst_resp_valsize = res.ypfirst_resp_keysize = 0;
772
773 if (argp->yp_reqtype != YPREQ_NOKEY) {
774 res.ypfirst_resp_status = YP_BADARGS;
775 return(&res);
776 }
777
778 secure = ypdb_secure(argp->ypfirst_req_domain, argp->ypfirst_req_map);
779
780 YPLOG( "first_1: caller=[%s].%d, auth_ok=%s, secure=%s, domain=%s, map=%s",
781 inet_ntoa(caller->sin_addr), ntohs(caller->sin_port),
782 TORF(ok), TORF(secure),
783 argp->ypfirst_req_domain, argp->ypfirst_req_map);
784
785 if (!ok) {
786 bail:
787 svcerr_auth(rqstp->rq_xprt, AUTH_FAILED);
788 return(NULL);
789 }
790
791 if (secure && (ntohs(caller->sin_port) >= IPPORT_RESERVED)) {
792 res.ypfirst_resp_status = YP_YPERR;
793 } else {
794 res.ypfirst_resp_val =
795 ypdb_get_first(argp->ypfirst_req_domain,
796 argp->ypfirst_req_map,
797 FALSE);
798 }
799
800 #ifdef DEBUG
801 yplog(" first1_status: %s",
802 yperr_string(ypprot_err(res.ypfirst_resp_status)));
803 #endif
804
805 return (&res);
806 }
807
808 ypresponse *
809 ypproc_next_1_svc(argp, rqstp)
810 yprequest *argp;
811 struct svc_req *rqstp;
812 {
813 static ypresponse res;
814 struct sockaddr_in *caller = svc_getcaller(rqstp->rq_xprt);
815 int ok = yp_acl_check_host(&caller->sin_addr);
816 int secure;
817
818 if (strchr(argp->ypnext_req_domain, '/') ||
819 strchr(argp->ypnext_req_map, '/'))
820 goto bail;
821 res.yp_resptype = YPNEXT_RESPTYPE;
822 res.ypnext_resp_valptr = res.ypnext_resp_keyptr = "";
823 res.ypnext_resp_valsize = res.ypnext_resp_keysize = 0;
824
825 if (argp->yp_reqtype != YPNEXT_REQTYPE) {
826 res.ypnext_resp_status = YP_BADARGS;
827 return(&res);
828 }
829
830 secure = ypdb_secure(argp->ypnext_req_domain, argp->ypnext_req_map);
831
832 YPLOG(
833 "next_1: caller=[%s].%d, auth_ok=%s, secure=%s, domain=%s, map=%s, key=%.*s",
834 inet_ntoa(caller->sin_addr), ntohs(caller->sin_port),
835 TORF(ok), TORF(secure),
836 argp->ypnext_req_domain, argp->ypnext_req_map,
837 argp->ypnext_req_keysize, argp->ypnext_req_keyptr);
838
839 if (!ok) {
840 bail:
841 svcerr_auth(rqstp->rq_xprt, AUTH_FAILED);
842 return(NULL);
843 }
844
845 if (secure && (ntohs(caller->sin_port) >= IPPORT_RESERVED)) {
846 res.ypnext_resp_status = YP_YPERR;
847 } else {
848 res.ypnext_resp_val =
849 ypdb_get_next(argp->ypnext_req_domain,
850 argp->ypnext_req_map,
851 argp->ypnext_req_keydat,
852 FALSE);
853 }
854
855 #ifdef DEBUG
856 yplog(" next1_status: %s",
857 yperr_string(ypprot_err(res.ypnext_resp_status)));
858 #endif
859
860 return (&res);
861 }
862
863 ypresponse *
864 ypproc_poll_1_svc(argp, rqstp)
865 yprequest *argp;
866 struct svc_req *rqstp;
867 {
868 static ypresponse res;
869 ypresp_order order;
870 ypresp_master master;
871 struct sockaddr_in *caller = svc_getcaller(rqstp->rq_xprt);
872 int ok = yp_acl_check_host(&caller->sin_addr);
873 int secure;
874
875 if (strchr(argp->yppoll_req_domain, '/') ||
876 strchr(argp->yppoll_req_map, '/'))
877 goto bail;
878 res.yp_resptype = YPPOLL_RESPTYPE;
879 res.yppoll_resp_domain = argp->yppoll_req_domain;
880 res.yppoll_resp_map = argp->yppoll_req_map;
881 res.yppoll_resp_ordernum = 0;
882 res.yppoll_resp_owner = "";
883
884 if (argp->yp_reqtype != YPPOLL_REQTYPE) {
885 return(&res);
886 }
887
888 secure = ypdb_secure(argp->yppoll_req_domain, argp->yppoll_req_map);
889
890 YPLOG( "poll_1: caller=[%s].%d, auth_ok=%s, secure=%s, domain=%s, map=%s",
891 inet_ntoa(caller->sin_addr), ntohs(caller->sin_port),
892 TORF(ok), TORF(secure),
893 argp->yppoll_req_domain, argp->yppoll_req_map);
894
895 if (!ok) {
896 bail:
897 svcerr_auth(rqstp->rq_xprt, AUTH_FAILED);
898 return(NULL);
899 }
900
901 if (!(secure && (ntohs(caller->sin_port) >= IPPORT_RESERVED))) {
902 order = ypdb_get_order(argp->yppoll_req_domain,
903 argp->yppoll_req_map);
904 master = ypdb_get_master(argp->yppoll_req_domain,
905 argp->yppoll_req_map);
906 res.yppoll_resp_ordernum = order.ordernum;
907 res.yppoll_resp_owner = master.peer;
908 }
909
910 #ifdef DEBUG
911 yplog(" poll1_status: %s", "none");
912 #endif
913 return (&res);
914 }
915
916 void *
917 ypproc_push_1_svc(argp, rqstp)
918 yprequest *argp;
919 struct svc_req *rqstp;
920 {
921 struct sockaddr_in *caller = svc_getcaller(rqstp->rq_xprt);
922 int ok = yp_acl_check_host(&caller->sin_addr);
923 int secure;
924 pid_t pid;
925 char yppush_proc[] = YPPUSH_PROC;
926
927 if (strchr(argp->yppush_req_domain, '/') ||
928 strchr(argp->yppush_req_map, '/'))
929 goto bail;
930 if (argp->yp_reqtype != YPPUSH_REQTYPE) {
931 return(NULL);
932 }
933
934 secure = ypdb_secure(argp->yppush_req_domain, argp->yppush_req_map);
935
936 YPLOG( "push_1: caller=[%s].%d, auth_ok=%s, secure=%s, domain=%s, map=%s",
937 inet_ntoa(caller->sin_addr), ntohs(caller->sin_port),
938 TORF(ok), TORF(secure),
939 argp->yppush_req_domain, argp->yppush_req_map);
940
941 if (ntohs(caller->sin_port) >= IPPORT_RESERVED)
942 ok = FALSE;
943
944 if (!ok) {
945 bail:
946 svcerr_auth(rqstp->rq_xprt, AUTH_FAILED);
947 return(NULL);
948 }
949
950 pid = vfork();
951 if (pid == -1) {
952 svcerr_systemerr(rqstp->rq_xprt);
953 return(NULL);
954 }
955 if (pid == 0) {
956 execl(yppush_proc, "yppush", "-d", argp->yppush_req_domain,
957 argp->yppush_req_map, NULL);
958 _exit(1);
959 }
960
961 return (NULL);
962 }
963
964 void *
965 ypproc_pull_1_svc(argp, rqstp)
966 yprequest *argp;
967 struct svc_req *rqstp;
968 {
969 struct sockaddr_in *caller = svc_getcaller(rqstp->rq_xprt);
970 int ok = yp_acl_check_host(&caller->sin_addr);
971 int secure;
972 pid_t pid;
973 char ypxfr_proc[] = YPXFR_PROC;
974
975 if (strchr(argp->yppull_req_domain, '/') ||
976 strchr(argp->yppull_req_map, '/'))
977 goto bail;
978 if (argp->yp_reqtype != YPPULL_REQTYPE) {
979 return(NULL);
980 }
981
982 secure = ypdb_secure(argp->yppull_req_domain, argp->yppull_req_map);
983
984 YPLOG( "pull_1: caller=[%s].%d, auth_ok=%s, secure=%s, domain=%s, map=%s",
985 inet_ntoa(caller->sin_addr), ntohs(caller->sin_port),
986 TORF(ok), TORF(secure),
987 argp->yppull_req_domain, argp->yppull_req_map);
988
989 if (ntohs(caller->sin_port) >= IPPORT_RESERVED)
990 ok = FALSE;
991
992 if (!ok) {
993 bail:
994 svcerr_auth(rqstp->rq_xprt, AUTH_FAILED);
995 return(NULL);
996 }
997
998 pid = vfork();
999 if (pid == -1) {
1000 svcerr_systemerr(rqstp->rq_xprt);
1001 return(NULL);
1002 }
1003 if (pid == 0) {
1004 execl(ypxfr_proc, "ypxfr", "-d", argp->yppull_req_domain,
1005 argp->yppull_req_map, NULL);
1006 _exit(1);
1007 }
1008
1009 return (NULL);
1010 }
1011
1012 void *
1013 ypproc_get_1_svc(argp, rqstp)
1014 yprequest *argp;
1015 struct svc_req *rqstp;
1016 {
1017 char *res;
1018 struct sockaddr_in *caller = svc_getcaller(rqstp->rq_xprt);
1019 int ok = yp_acl_check_host(&caller->sin_addr);
1020 int secure;
1021 pid_t pid;
1022 char ypxfr_proc[] = YPXFR_PROC;
1023
1024 if (strchr(argp->ypget_req_domain, '/') ||
1025 strchr(argp->ypget_req_map, '/'))
1026 goto bail;
1027 if (argp->yp_reqtype != YPGET_REQTYPE) {
1028 return(NULL);
1029 }
1030
1031 secure = ypdb_secure(argp->ypget_req_domain, argp->ypget_req_map);
1032
1033 YPLOG( "get_1: caller=[%s].%d, auth_ok=%s, secure=%s, domain=%s, map=%s, owner=%s",
1034 inet_ntoa(caller->sin_addr), ntohs(caller->sin_port),
1035 TORF(ok), TORF(secure),
1036 argp->ypget_req_domain, argp->ypget_req_map,
1037 argp->ypget_req_owner);
1038
1039 if (ntohs(caller->sin_port) >= IPPORT_RESERVED)
1040 ok = FALSE;
1041
1042 if (!ok) {
1043 bail:
1044 svcerr_auth(rqstp->rq_xprt, AUTH_FAILED);
1045 return(NULL);
1046 }
1047
1048 pid = vfork();
1049 if (pid == -1) {
1050 svcerr_systemerr(rqstp->rq_xprt);
1051 return(NULL);
1052 }
1053 if (pid == 0) {
1054 execl(ypxfr_proc, "ypxfr", "-d", argp->ypget_req_domain, "-h",
1055 argp->ypget_req_owner, argp->yppush_req_map, NULL);
1056 _exit(1);
1057 }
1058
1059 return (NULL);
1060 }
mirror of network_cmds