From ac2f15b3eadabcc5cceb4bb7f642395e9616a902 Mon Sep 17 00:00:00 2001 From: Apple Date: Fri, 24 Oct 2003 23:18:55 +0000 Subject: [PATCH] network_cmds-176.tar.gz --- Makefile | 7 +- PB.project | 6 +- alias/alias.c | 23 +- alias/alias.h | 23 +- alias/alias_cuseeme.c | 23 +- alias/alias_db.c | 125 +- alias/alias_ftp.c | 23 +- alias/alias_irc.c | 23 +- alias/alias_local.h | 23 +- alias/alias_nbt.c | 23 +- alias/alias_pptp.c | 23 +- alias/alias_proxy.c | 23 +- alias/alias_smedia.c | 23 +- alias/alias_util.c | 23 +- arp.tproj/arp.c | 653 +++-- bootparams/bootparamd.tproj/bootparam_proc.c | 21 +- bootparams/bootparamd.tproj/bootparamd.c | 21 +- bootparams/bootparams/bootparam_prot.x | 21 +- bootparams/bpwhoami.tproj/bpwhoami.1 | 1 + bootparams/bpwhoami.tproj/bpwhoami.c | 21 +- domainname.tproj/Makefile | 2 +- domainname.tproj/Makefile.postamble | 3 + domainname.tproj/domainname.1 | 10 +- domainname.tproj/domainname.c | 21 +- identd.tproj/CREDITS | 52 - identd.tproj/Makefile.dist | 10 - identd.tproj/Makefile.postamble | 3 - identd.tproj/README | 129 - identd.tproj/config.c | 71 - identd.tproj/error.h | 67 - identd.tproj/identd.8 | 238 -- identd.tproj/identd.c | 643 ----- identd.tproj/identd.h | 68 - identd.tproj/netbsd.c | 265 -- identd.tproj/parse.c | 425 --- identd.tproj/proxy.c | 123 - identd.tproj/version.c | 25 - identd.tproj/xpaths.h | 89 - ifconfig.tproj/ifconfig.8 | 7 - ifconfig.tproj/ifconfig.c | 4 +- inetd.tproj/inetd.c | 21 +- inetd.tproj/pathnames.h | 21 +- ip6conf.tproj/ip6config | 4 +- ip6conf.tproj/ip6tool.c | 112 +- {racoonctl.tproj => ip6fw.tproj}/Makefile | 13 +- .../Makefile.postamble | 4 + .../Makefile.preamble | 12 +- ip6fw.tproj/PB.project | 25 + ip6fw.tproj/ip6fw.8 | 570 ++++ ip6fw.tproj/ip6fw.c | 1417 +++++++++ ipfw.tproj/ipfw.8 | 437 +-- ipfw.tproj/ipfw.c | 23 +- ipsec/policy_token.l | 4 +- {identd.tproj => kdumpd.tproj}/Makefile | 13 +- kdumpd.tproj/Makefile.postamble | 112 + kdumpd.tproj/Makefile.preamble | 121 + {identd.tproj => kdumpd.tproj}/PB.project | 17 +- kdumpd.tproj/kdump.h | 109 + kdumpd.tproj/kdumpd.8 | 78 + kdumpd.tproj/kdumpd.c | 636 ++++ kdumpd.tproj/kdumpsubs.c | 268 ++ .../pathnames.h => kdumpd.tproj/kdumpsubs.h | 40 +- logger.tproj/logger.c | 21 +- makedbm.tproj/Makefile | 2 +- makedbm.tproj/Makefile.postamble | 4 + makedbm.tproj/Makefile.preamble | 2 + makedbm.tproj/{db.h => _db.h} | 21 +- makedbm.tproj/db.c | 23 +- makedbm.tproj/makedbm.c | 21 +- makedbm.tproj/ypdb.c | 21 +- makedbm.tproj/ypdb.h | 23 +- makedbm.tproj/ypdef.h | 21 +- natd.tproj/icmp.c | 23 +- natd.tproj/natd.8 | 2 +- natd.tproj/natd.c | 23 +- natd.tproj/natd.h | 23 +- netstat.tproj/Makefile.preamble | 2 +- netstat.tproj/data.c | 21 +- netstat.tproj/inet.c | 115 +- netstat.tproj/inet6.c | 15 +- netstat.tproj/main.c | 31 +- netstat.tproj/mbuf.c | 21 +- netstat.tproj/mroute.c | 21 +- netstat.tproj/netstat.h | 21 +- netstat.tproj/route.c | 25 +- netstat.tproj/unix.c | 21 +- nfsd.tproj/nfsd.c | 27 +- nfsiod.tproj/nfsiod.8 | 5 +- nfsiod.tproj/nfsiod.c | 135 +- nfsstat.tproj/nfsstat.c | 21 +- ping.tproj/Makefile.postamble | 4 + ping.tproj/ping.c | 21 +- ping6.tproj/Makefile.preamble | 2 +- ping6.tproj/ping6.c | 2 + racoon.tproj/Makefile | 10 +- racoon.tproj/Makefile.postamble | 2 + racoon.tproj/Makefile.preamble | 2 +- racoon.tproj/PB.project | 7 +- racoon.tproj/admin.c | 2 +- racoon.tproj/admin.h | 2 +- racoon.tproj/admin_var.h | 2 +- racoon.tproj/algorithm.c | 16 +- racoon.tproj/algorithm.h | 2 +- racoon.tproj/anonymous.conf | 34 + .../str2val.h => racoon.tproj/arc4random.h | 7 +- racoon.tproj/backupsa.c | 4 +- racoon.tproj/backupsa.h | 2 +- racoon.tproj/cfparse.y | 26 +- racoon.tproj/cftoken.l | 81 +- racoon.tproj/crypto_openssl.c | 23 +- racoon.tproj/crypto_openssl.h | 3 +- racoon.tproj/debug.h | 2 +- racoon.tproj/dhgroup.h | 2 +- racoon.tproj/dnssec.c | 2 +- racoon.tproj/dnssec.h | 2 +- racoon.tproj/gcmalloc.h | 2 +- racoon.tproj/getcertsbyname.c | 4 +- racoon.tproj/grabmyaddr.c | 59 +- racoon.tproj/grabmyaddr.h | 5 +- racoon.tproj/gssapi.c | 2 +- racoon.tproj/gssapi.h | 2 +- racoon.tproj/handler.c | 7 +- racoon.tproj/handler.h | 17 +- racoon.tproj/ipsec_doi.c | 44 +- racoon.tproj/ipsec_doi.h | 9 +- racoon.tproj/isakmp.c | 432 ++- racoon.tproj/isakmp.h | 5 +- racoon.tproj/isakmp_agg.c | 188 +- racoon.tproj/isakmp_agg.h | 2 +- racoon.tproj/isakmp_base.c | 2 +- racoon.tproj/isakmp_base.h | 2 +- racoon.tproj/isakmp_ident.c | 122 +- racoon.tproj/isakmp_ident.h | 2 +- racoon.tproj/isakmp_inf.c | 13 +- racoon.tproj/isakmp_inf.h | 2 +- racoon.tproj/isakmp_natd.c | 159 + racoon.tproj/isakmp_natd.h | 15 + racoon.tproj/isakmp_newg.c | 2 +- racoon.tproj/isakmp_newg.h | 2 +- racoon.tproj/isakmp_quick.c | 2 +- racoon.tproj/isakmp_quick.h | 2 +- racoon.tproj/isakmp_var.h | 4 +- racoon.tproj/libpfkey.h | 4 +- racoon.tproj/localconf.c | 81 +- racoon.tproj/localconf.h | 4 +- racoon.tproj/logger.c | 4 +- racoon.tproj/logger.h | 2 +- racoon.tproj/main.c | 19 +- racoon.tproj/misc.c | 2 +- racoon.tproj/misc.h | 2 +- racoon.tproj/netdb_dnssec.h | 2 +- racoon.tproj/oakley.c | 39 +- racoon.tproj/oakley.h | 2 +- racoon.tproj/pfkey.c | 57 +- racoon.tproj/pfkey.h | 4 +- racoon.tproj/pfkey2.c | 86 +- racoon.tproj/pfkey_dump.c | 4 +- racoon.tproj/plog.c | 10 +- racoon.tproj/plog.h | 2 +- racoon.tproj/policy.c | 2 +- racoon.tproj/policy.h | 2 +- racoon.tproj/proposal.c | 23 +- racoon.tproj/proposal.h | 2 +- racoon.tproj/racoon.8 | 10 +- racoon.tproj/racoon.conf | 83 +- racoon.tproj/racoon.conf.5 | 21 +- racoon.tproj/remoteconf.c | 11 +- racoon.tproj/remoteconf.h | 5 +- racoon.tproj/safefile.c | 2 +- racoon.tproj/safefile.h | 4 +- racoon.tproj/sainfo.c | 2 +- racoon.tproj/sainfo.h | 2 +- racoon.tproj/schedule.c | 2 +- racoon.tproj/schedule.h | 2 +- racoon.tproj/session.c | 44 +- racoon.tproj/session.h | 2 +- racoon.tproj/sockmisc.c | 12 +- racoon.tproj/sockmisc.h | 2 +- racoon.tproj/str2val.c | 2 +- racoon.tproj/str2val.h | 2 +- racoon.tproj/strnames.c | 6 +- racoon.tproj/strnames.h | 2 +- racoon.tproj/var.h | 2 +- racoon.tproj/vendorid.c | 2 +- racoon.tproj/vendorid.h | 6 +- racoon.tproj/vmbuf.c | 2 +- racoon.tproj/vmbuf.h | 2 +- racoonctl.tproj/PB.project | 35 - racoonctl.tproj/key_debug.c | 751 ----- racoonctl.tproj/kmpstat.c | 1101 ------- racoonctl.tproj/misc.c | 167 -- racoonctl.tproj/pfkey.c | 2108 -------------- racoonctl.tproj/pfkey_dump.c | 596 ---- racoonctl.tproj/str2val.c | 122 - racoonctl.tproj/vmbuf.c | 115 - racoonctl.tproj/vmbuf.h | 63 - rarpd.tproj/rarpd.c | 21 +- rcp.tproj/extern.h | 21 +- rcp.tproj/pathnames.h | 21 +- rcp.tproj/rcp.c | 21 +- rcp.tproj/util.c | 21 +- revnetgroup.tproj/Makefile.postamble | 4 + revnetgroup.tproj/Makefile.preamble | 2 + revnetgroup.tproj/hash.c | 21 +- revnetgroup.tproj/hash.h | 21 +- revnetgroup.tproj/parse_netgroup.c | 21 +- revnetgroup.tproj/revnetgroup.c | 21 +- rexecd.tproj/rexecd.c | 21 +- rlogin.tproj/des_rw.c | 21 +- rlogin.tproj/kcmd.c | 21 +- rlogin.tproj/krb.h | 21 +- rlogin.tproj/krcmd.c | 21 +- rlogin.tproj/rlogin.c | 21 +- rlogind.tproj/pathnames.h | 21 +- rlogind.tproj/rlogind.c | 21 +- route.tproj/keywords.h | 21 +- route.tproj/route.c | 33 +- routed.tproj/af.c | 21 +- routed.tproj/af.h | 21 +- routed.tproj/defs.c | 21 +- routed.tproj/defs.h | 21 +- routed.tproj/if.c | 21 +- routed.tproj/inet.c | 21 +- routed.tproj/input.c | 21 +- routed.tproj/interface.h | 21 +- routed.tproj/main.c | 21 +- routed.tproj/output.c | 21 +- routed.tproj/pathnames.h | 21 +- routed.tproj/routed.8 | 15 +- routed.tproj/startup.c | 21 +- routed.tproj/table.h | 21 +- routed.tproj/tables.c | 21 +- routed.tproj/timer.c | 21 +- routed.tproj/trace.c | 21 +- routed.tproj/trace.h | 21 +- rpc_lockd.tproj/Makefile | 46 + rpc_lockd.tproj/Makefile.dist | 32 + rpc_lockd.tproj/Makefile.postamble | 3 + .../Makefile.preamble | 1 + rpc_lockd.tproj/PB.project | 39 + rpc_lockd.tproj/kern.c | 639 ++++ rpc_lockd.tproj/lock_proc.c | 1399 +++++++++ rpc_lockd.tproj/lockd.c | 371 +++ .../misc.h => rpc_lockd.tproj/lockd.h | 45 +- rpc_lockd.tproj/lockd_lock.c | 2571 +++++++++++++++++ rpc_lockd.tproj/lockd_lock.h | 26 + rpc_lockd.tproj/nlm_prot_svc.c | 610 ++++ rpc_lockd.tproj/nlm_prot_xdr.c | 524 ++++ rpc_lockd.tproj/rpc.lockd.8 | 135 + rpc_lockd.tproj/sm_inter_xdr.c | 110 + rpc_lockd.tproj/test.c | 365 +++ rpc_statd.tproj/Makefile | 46 + rpc_statd.tproj/Makefile.dist | 29 + rpc_statd.tproj/Makefile.postamble | 3 + rpc_statd.tproj/Makefile.preamble | 3 + rpc_statd.tproj/PB.project | 36 + rpc_statd.tproj/file.c | 335 +++ rpc_statd.tproj/procs.c | 424 +++ rpc_statd.tproj/rpc.statd.8 | 112 + rpc_statd.tproj/sm_inter_svc.c | 115 + rpc_statd.tproj/sm_inter_xdr.c | 110 + rpc_statd.tproj/statd.c | 268 ++ rpc_statd.tproj/statd.h | 118 + rpc_statd.tproj/test.c | 144 + rpc_yppasswdd.tproj/passwd.c | 21 +- rpc_yppasswdd.tproj/rpc.yppasswdd.c | 21 +- rpc_yppasswdd.tproj/yppasswd.h | 21 +- rpc_yppasswdd.tproj/yppasswdd_mkpw.c | 21 +- rpc_yppasswdd.tproj/yppasswdd_proc.c | 21 +- rpcinfo.tproj/rpcinfo.c | 21 +- rsh.tproj/Makefile | 2 +- rsh.tproj/Makefile.preamble | 5 +- rsh.tproj/rsh.1 | 110 +- rsh.tproj/rsh.c | 341 +-- rshd.tproj/rshd.c | 21 +- ruptime.tproj/ruptime.c | 21 +- rwho.tproj/rwho.c | 21 +- rwhod.tproj/rwhod.c | 21 +- setkey.tproj/pfkey_dump.c | 4 +- setkey.tproj/setkey.c | 2 +- slattach.tproj/slattach.c | 21 +- spray.tproj/Makefile | 2 +- spray.tproj/Makefile.postamble | 3 + spray.tproj/spray.8 | 75 + spray.tproj/spray.c | 21 +- spray.tproj/spray.x | 21 +- stdethers.tproj/Makefile.postamble | 4 + stdethers.tproj/Makefile.preamble | 2 + stdethers.tproj/stdethers.c | 22 +- stdhosts.tproj/Makefile.postamble | 4 + stdhosts.tproj/Makefile.preamble | 2 + stdhosts.tproj/stdhosts.c | 21 +- syslogd.tproj/Makefile | 4 +- syslogd.tproj/Makefile.postamble | 5 + syslogd.tproj/Makefile.preamble | 7 +- syslogd.tproj/pathnames.h | 23 - syslogd.tproj/syslog.conf.5 | 12 +- syslogd.tproj/syslogd.8 | 271 +- syslogd.tproj/syslogd.c | 2196 +++++++++++--- syslogd.tproj/ttymsg.c | 163 ++ syslogd.tproj/ttymsg.h | 3 + talk.tproj/ctl.c | 21 +- talk.tproj/ctl_transact.c | 21 +- talk.tproj/display.c | 21 +- talk.tproj/get_addrs.c | 21 +- talk.tproj/get_names.c | 21 +- talk.tproj/init_disp.c | 21 +- talk.tproj/invite.c | 21 +- talk.tproj/io.c | 21 +- talk.tproj/look_up.c | 21 +- talk.tproj/msgs.c | 21 +- talk.tproj/talk.c | 21 +- talk.tproj/talk.h | 21 +- talk.tproj/talk_ctl.h | 21 +- talkd.tproj/announce.c | 21 +- talkd.tproj/print.c | 21 +- talkd.tproj/process.c | 21 +- talkd.tproj/table.c | 21 +- talkd.tproj/talkd.c | 21 +- talkd.tproj/talkd.h | 21 +- telnet.tproj/commands.c | 8 +- telnet.tproj/krb4-proto.h | 21 +- telnet.tproj/tn3270.c | 21 +- telnetd.tproj/Makefile.postamble | 3 + tftp.tproj/extern.h | 21 +- tftp.tproj/main.c | 21 +- tftp.tproj/tftp.c | 21 +- tftp.tproj/tftpsubs.c | 21 +- tftp.tproj/tftpsubs.h | 21 +- timed.tproj/timed.tproj/acksend.c | 21 +- timed.tproj/timed.tproj/byteorder.c | 21 +- timed.tproj/timed.tproj/candidate.c | 21 +- timed.tproj/timed.tproj/cksum.c | 21 +- timed.tproj/timed.tproj/correct.c | 21 +- timed.tproj/timed.tproj/extern.h | 21 +- timed.tproj/timed.tproj/globals.h | 21 +- timed.tproj/timed.tproj/master.c | 21 +- timed.tproj/timed.tproj/measure.c | 21 +- timed.tproj/timed.tproj/networkdelta.c | 21 +- timed.tproj/timed.tproj/pathnames.h | 21 +- timed.tproj/timed.tproj/readmsg.c | 21 +- timed.tproj/timed.tproj/slave.c | 21 +- timed.tproj/timed.tproj/timed.8 | 2 +- timed.tproj/timed.tproj/timed.c | 21 +- timed.tproj/timedc.tproj/Makefile | 2 +- timed.tproj/timedc.tproj/Makefile.postamble | 3 + timed.tproj/timedc.tproj/cmds.c | 21 +- timed.tproj/timedc.tproj/cmdtab.c | 21 +- timed.tproj/timedc.tproj/extern.h | 21 +- timed.tproj/timedc.tproj/timedc.8 | 144 + timed.tproj/timedc.tproj/timedc.c | 21 +- timed.tproj/timedc.tproj/timedc.h | 21 +- traceroute.tproj/traceroute.c | 21 +- trpt.tproj/trpt.c | 21 +- wall.tproj/Makefile | 2 + wall.tproj/ttymsg.c | 77 +- wall.tproj/ttymsg.h | 3 + wall.tproj/wall.1 | 20 +- wall.tproj/wall.c | 233 +- ypbind.tproj/yp.x | 21 +- ypbind.tproj/ypbind.c | 21 +- ypcat.tproj/ypcat.c | 21 +- ypinit.tproj/Makefile | 2 +- ypinit.tproj/Makefile.yp | 3 +- ypmatch.tproj/Makefile | 2 +- ypmatch.tproj/Makefile.postamble | 103 + ypmatch.tproj/Makefile.preamble | 2 + ypmatch.tproj/ypmatch.c | 21 +- yppoll.tproj/yppoll.c | 21 +- yppush.tproj/ypdb.c | 21 +- yppush.tproj/ypdb.h | 21 +- yppush.tproj/ypdef.h | 21 +- yppush.tproj/yplib_host.c | 21 +- yppush.tproj/yplib_host.h | 21 +- yppush.tproj/yppush.c | 21 +- yppush.tproj/yppush.h | 21 +- yppush.tproj/yppush_err.c | 21 +- yppush.tproj/yppush_proc.c | 21 +- yppush.tproj/yppush_svc.c | 21 +- yppush.tproj/yppush_xdr.c | 21 +- ypserv.tproj/acl.c | 21 +- ypserv.tproj/acl.h | 21 +- ypserv.tproj/yp.h | 21 +- ypserv.tproj/ypdb.c | 21 +- ypserv.tproj/ypdb.h | 21 +- ypserv.tproj/ypdef.h | 21 +- ypserv.tproj/yplog.c | 21 +- ypserv.tproj/yplog.h | 21 +- ypserv.tproj/ypserv.c | 21 +- ypserv.tproj/ypserv_db.c | 21 +- ypserv.tproj/ypserv_proc.c | 21 +- ypserv.tproj/ypserv_xdr.c | 21 +- ypserv.tproj/ypserv_xdr_v1.c | 21 +- ypserv.tproj/ypv1.h | 21 +- ypset.tproj/ypset.c | 21 +- ypwhich.tproj/Makefile | 2 +- ypwhich.tproj/Makefile.postamble | 103 + ypwhich.tproj/Makefile.preamble | 1 + ypwhich.tproj/ypwhich.c | 21 +- ypxfr.tproj/ypdb.c | 21 +- ypxfr.tproj/ypdb.h | 21 +- ypxfr.tproj/ypdef.h | 21 +- ypxfr.tproj/yplib_host.c | 21 +- ypxfr.tproj/yplib_host.h | 21 +- ypxfr.tproj/yplog.c | 21 +- ypxfr.tproj/yplog.h | 21 +- ypxfr.tproj/ypxfr.c | 21 +- ypxfr.tproj/ypxfr_xdr.c | 21 +- 408 files changed, 19485 insertions(+), 11244 deletions(-) create mode 100644 domainname.tproj/Makefile.postamble delete mode 100644 identd.tproj/CREDITS delete mode 100644 identd.tproj/Makefile.dist delete mode 100644 identd.tproj/Makefile.postamble delete mode 100644 identd.tproj/README delete mode 100644 identd.tproj/config.c delete mode 100644 identd.tproj/error.h delete mode 100644 identd.tproj/identd.8 delete mode 100644 identd.tproj/identd.c delete mode 100644 identd.tproj/identd.h delete mode 100644 identd.tproj/netbsd.c delete mode 100644 identd.tproj/parse.c delete mode 100644 identd.tproj/proxy.c delete mode 100644 identd.tproj/version.c delete mode 100644 identd.tproj/xpaths.h rename {racoonctl.tproj => ip6fw.tproj}/Makefile (79%) rename {racoonctl.tproj => ip6fw.tproj}/Makefile.postamble (97%) rename {racoonctl.tproj => ip6fw.tproj}/Makefile.preamble (89%) create mode 100644 ip6fw.tproj/PB.project create mode 100644 ip6fw.tproj/ip6fw.8 create mode 100644 ip6fw.tproj/ip6fw.c rename {identd.tproj => kdumpd.tproj}/Makefile (82%) create mode 100644 kdumpd.tproj/Makefile.postamble create mode 100644 kdumpd.tproj/Makefile.preamble rename {identd.tproj => kdumpd.tproj}/PB.project (72%) create mode 100644 kdumpd.tproj/kdump.h create mode 100755 kdumpd.tproj/kdumpd.8 create mode 100644 kdumpd.tproj/kdumpd.c create mode 100644 kdumpd.tproj/kdumpsubs.c rename rsh.tproj/pathnames.h => kdumpd.tproj/kdumpsubs.h (67%) rename makedbm.tproj/{db.h => _db.h} (78%) create mode 100644 racoon.tproj/anonymous.conf rename racoonctl.tproj/str2val.h => racoon.tproj/arc4random.h (86%) create mode 100644 racoon.tproj/isakmp_natd.c create mode 100644 racoon.tproj/isakmp_natd.h delete mode 100644 racoonctl.tproj/PB.project delete mode 100644 racoonctl.tproj/key_debug.c delete mode 100644 racoonctl.tproj/kmpstat.c delete mode 100644 racoonctl.tproj/misc.c delete mode 100644 racoonctl.tproj/pfkey.c delete mode 100644 racoonctl.tproj/pfkey_dump.c delete mode 100644 racoonctl.tproj/str2val.c delete mode 100644 racoonctl.tproj/vmbuf.c delete mode 100644 racoonctl.tproj/vmbuf.h create mode 100644 rpc_lockd.tproj/Makefile create mode 100644 rpc_lockd.tproj/Makefile.dist create mode 100644 rpc_lockd.tproj/Makefile.postamble rename {identd.tproj => rpc_lockd.tproj}/Makefile.preamble (66%) create mode 100644 rpc_lockd.tproj/PB.project create mode 100644 rpc_lockd.tproj/kern.c create mode 100644 rpc_lockd.tproj/lock_proc.c create mode 100644 rpc_lockd.tproj/lockd.c rename racoonctl.tproj/misc.h => rpc_lockd.tproj/lockd.h (55%) create mode 100644 rpc_lockd.tproj/lockd_lock.c create mode 100644 rpc_lockd.tproj/lockd_lock.h create mode 100644 rpc_lockd.tproj/nlm_prot_svc.c create mode 100644 rpc_lockd.tproj/nlm_prot_xdr.c create mode 100644 rpc_lockd.tproj/rpc.lockd.8 create mode 100644 rpc_lockd.tproj/sm_inter_xdr.c create mode 100644 rpc_lockd.tproj/test.c create mode 100644 rpc_statd.tproj/Makefile create mode 100644 rpc_statd.tproj/Makefile.dist create mode 100644 rpc_statd.tproj/Makefile.postamble create mode 100644 rpc_statd.tproj/Makefile.preamble create mode 100644 rpc_statd.tproj/PB.project create mode 100644 rpc_statd.tproj/file.c create mode 100644 rpc_statd.tproj/procs.c create mode 100644 rpc_statd.tproj/rpc.statd.8 create mode 100644 rpc_statd.tproj/sm_inter_svc.c create mode 100644 rpc_statd.tproj/sm_inter_xdr.c create mode 100644 rpc_statd.tproj/statd.c create mode 100644 rpc_statd.tproj/statd.h create mode 100644 rpc_statd.tproj/test.c create mode 100644 spray.tproj/spray.8 create mode 100644 syslogd.tproj/ttymsg.c create mode 100644 syslogd.tproj/ttymsg.h create mode 100644 timed.tproj/timedc.tproj/timedc.8 create mode 100644 wall.tproj/ttymsg.h create mode 100644 ypmatch.tproj/Makefile.postamble create mode 100644 ypwhich.tproj/Makefile.postamble diff --git a/Makefile b/Makefile index 8badaa5..9c7b2da 100644 --- a/Makefile +++ b/Makefile @@ -14,7 +14,8 @@ PROJECT_TYPE = Aggregate SUBPROJECTS = timed.tproj bootparams -TOOLS = arp.tproj domainname.tproj identd.tproj\ +TOOLS = arp.tproj domainname.tproj \ + rpc_lockd.tproj rpc_statd.tproj \ ifconfig.tproj inetd.tproj logger.tproj netstat.tproj\ nfsd.tproj nfsiod.tproj nfsstat.tproj ping.tproj rarpd.tproj\ rcp.tproj rexecd.tproj rlogin.tproj rlogind.tproj\ @@ -27,9 +28,9 @@ TOOLS = arp.tproj domainname.tproj identd.tproj\ yppush.tproj ypserv.tproj ypset.tproj ypwhich.tproj\ ypxfr.tproj makedbm.tproj revnetgroup.tproj rpc_yppasswdd.tproj\ stdethers.tproj stdhosts.tproj natd.tproj ipfw.tproj\ - setkey.tproj racoon.tproj racoonctl.tproj eaytest.tproj\ + setkey.tproj racoon.tproj eaytest.tproj\ ping6.tproj traceroute6.tproj rtsol.tproj ndp.tproj rtadvd.tproj\ - ip6conf.tproj + ip6conf.tproj ip6fw.tproj kdumpd.tproj LIBRARIES = alias ipsec diff --git a/PB.project b/PB.project index e1340e0..ca2c5e7 100644 --- a/PB.project +++ b/PB.project @@ -8,6 +8,8 @@ bootparams, domainname.tproj, identd.tproj, + rpc_lockd.tproj, + rpc_statd.tproj, ifconfig.tproj, inetd.tproj, logger.tproj, @@ -68,7 +70,9 @@ rtsol.tproj, rtadvd.tproj, ndp.tproj, - ip6conf.tproj + ip6conf.tproj, + ip6fw.tproj, + kdumpd.tproj ); }; LANGUAGE = English; diff --git a/alias/alias.c b/alias/alias.c index 561245a..1d3cd05 100644 --- a/alias/alias.c +++ b/alias/alias.c @@ -3,19 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * The contents of this file constitute Original Code as defined in and - * are subject to the Apple Public Source License Version 1.1 (the - * "License"). You may not use this file except in compliance with the - * License. Please obtain a copy of the License at - * http://www.apple.com/publicsource and read it before using this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. * - * This Original Code and all software distributed under the License are - * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. + * + * The Original Code and all software distributed under the License are + * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License. + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/alias/alias.h b/alias/alias.h index a84dd6c..f6df7fc 100644 --- a/alias/alias.h +++ b/alias/alias.h @@ -3,19 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * The contents of this file constitute Original Code as defined in and - * are subject to the Apple Public Source License Version 1.1 (the - * "License"). You may not use this file except in compliance with the - * License. Please obtain a copy of the License at - * http://www.apple.com/publicsource and read it before using this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. * - * This Original Code and all software distributed under the License are - * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. + * + * The Original Code and all software distributed under the License are + * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License. + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/alias/alias_cuseeme.c b/alias/alias_cuseeme.c index a19be96..fcf0d0d 100644 --- a/alias/alias_cuseeme.c +++ b/alias/alias_cuseeme.c @@ -3,19 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * The contents of this file constitute Original Code as defined in and - * are subject to the Apple Public Source License Version 1.1 (the - * "License"). You may not use this file except in compliance with the - * License. Please obtain a copy of the License at - * http://www.apple.com/publicsource and read it before using this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. * - * This Original Code and all software distributed under the License are - * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. + * + * The Original Code and all software distributed under the License are + * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License. + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/alias/alias_db.c b/alias/alias_db.c index e67705b..8c8c708 100644 --- a/alias/alias_db.c +++ b/alias/alias_db.c @@ -3,19 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * The contents of this file constitute Original Code as defined in and - * are subject to the Apple Public Source License Version 1.1 (the - * "License"). You may not use this file except in compliance with the - * License. Please obtain a copy of the License at - * http://www.apple.com/publicsource and read it before using this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. * - * This Original Code and all software distributed under the License are - * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. + * + * The Original Code and all software distributed under the License are + * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License. + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ @@ -231,6 +234,9 @@ #endif +static int iChatAVHack = 1; + + /* Dummy port number codes used for FindLinkIn/Out() and AddLink(). These constants can be anything except zero, which indicates an unknown port number. */ @@ -332,6 +338,7 @@ struct alias_link /* Main data structure */ #define LINK_PARTIALLY_SPECIFIED 0x03 /* logical-or of first two bits */ #define LINK_UNFIREWALLED 0x08 #define LINK_LAST_LINE_CRLF_TERMED 0x10 +#define LINK_CONE 0x20 int timestamp; /* Time link was last accessed */ int expire_time; /* Expire time for link */ @@ -998,14 +1005,41 @@ DeleteLink(struct alias_link *link) break; } +#ifdef DEBUG + if ((packetAliasMode & PKT_ALIAS_LOG) != 0 && + !IN_MULTICAST(link->src_addr.s_addr) && + !IN_MULTICAST(link->dst_addr.s_addr)) + { + char src[16]; + char dst[16]; + char alias[16]; + char *proto; + switch(link->link_type) + { + case LINK_TCP: + proto = " [TCP]"; + break; + case LINK_UDP: + proto = " [UDP]"; + break; + default: + proto = ""; + } + fprintf(monitorFile, "Deleted%s %s:%d<->%s:%d to %s:%d<->%s:%d\n", + proto, + inet_ntop(AF_INET, &link->src_addr, src, sizeof(src)), link->src_port, + inet_ntop(AF_INET, &link->dst_addr, dst, sizeof(dst)), link->dst_port, + inet_ntop(AF_INET, &link->alias_addr, alias, sizeof(alias)), link->alias_port, + dst, link->dst_port); + fflush(monitorFile); + } +#else + if (packetAliasMode & PKT_ALIAS_LOG) + ShowAliasStats(); +#endif + /* Free memory */ free(link); - -/* Write statistics, if logging enabled */ - if (packetAliasMode & PKT_ALIAS_LOG) - { - ShowAliasStats(); - } } @@ -1045,7 +1079,10 @@ AddLink(struct in_addr src_addr, link->expire_time = ICMP_EXPIRE_TIME; break; case LINK_UDP: - link->expire_time = UDP_EXPIRE_TIME; + if (dst_addr.s_addr == 0 && dst_port == 0) + link->expire_time = UDP_EXPIRE_TIME * 5; + else + link->expire_time = UDP_EXPIRE_TIME; break; case LINK_TCP: link->expire_time = TCP_EXPIRE_INITIAL; @@ -1149,10 +1186,37 @@ AddLink(struct in_addr src_addr, #endif } - if (packetAliasMode & PKT_ALIAS_LOG) +#ifdef DEBUG + if ((packetAliasMode & PKT_ALIAS_LOG) != 0 && + !IN_MULTICAST(link->src_addr.s_addr) && + !IN_MULTICAST(link->dst_addr.s_addr)) { - ShowAliasStats(); - } + char src[16]; + char dst[16]; + char alias[16]; + char *proto; + switch(link->link_type) + { + case LINK_TCP: + proto = " [TCP]"; + break; + case LINK_UDP: + proto = " [UDP]"; + break; + default: + proto = ""; + } + fprintf(monitorFile, "Added %s %s:%d<->%s:%d to %s:%d<->%s:%d\n", + proto, + inet_ntop(AF_INET, &link->src_addr, src, sizeof(src)), link->src_port, + inet_ntop(AF_INET, &link->dst_addr, dst, sizeof(dst)), link->dst_port, + inet_ntop(AF_INET, &link->alias_addr, alias, sizeof(alias)), link->alias_port, + dst, link->dst_port); + } +#else + if (packetAliasMode & PKT_ALIAS_LOG) + ShowAliasStats(); +#endif return(link); } @@ -1179,7 +1243,8 @@ ReLink(struct alias_link *old_link, PunchFWHole(new_link); } #endif - DeleteLink(old_link); + if ((old_link->flags & LINK_CONE) == 0) + DeleteLink(old_link); return new_link; } @@ -1668,11 +1733,25 @@ FindUdpTcpOut(struct in_addr src_addr, if (link == NULL && create) { struct in_addr alias_addr; + struct in_addr dst_addr2 = dst_addr; + u_short dst_port2 = dst_port; alias_addr = FindAliasAddress(src_addr); - link = AddLink(src_addr, dst_addr, alias_addr, - src_port, dst_port, GET_ALIAS_PORT, + + if (iChatAVHack && link_type == LINK_UDP && dst_port == htons(5678)) { + dst_addr2.s_addr = 0; + dst_port2 = 0; + } + link = AddLink(src_addr, dst_addr2, alias_addr, + src_port, dst_port2, GET_ALIAS_PORT, link_type); + if (link != NULL && + (link->flags & (LINK_UNKNOWN_DEST_ADDR | LINK_UNKNOWN_DEST_PORT)) != 0) + { + link->flags |= LINK_CONE; + link = ReLink(link, link->src_addr, dst_addr, link->alias_addr, + link->src_port, dst_port, link->alias_port, link_type); + } } return(link); diff --git a/alias/alias_ftp.c b/alias/alias_ftp.c index 7985a95..db53902 100644 --- a/alias/alias_ftp.c +++ b/alias/alias_ftp.c @@ -3,19 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * The contents of this file constitute Original Code as defined in and - * are subject to the Apple Public Source License Version 1.1 (the - * "License"). You may not use this file except in compliance with the - * License. Please obtain a copy of the License at - * http://www.apple.com/publicsource and read it before using this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. * - * This Original Code and all software distributed under the License are - * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. + * + * The Original Code and all software distributed under the License are + * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License. + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/alias/alias_irc.c b/alias/alias_irc.c index e33ad75..090b430 100644 --- a/alias/alias_irc.c +++ b/alias/alias_irc.c @@ -3,19 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * The contents of this file constitute Original Code as defined in and - * are subject to the Apple Public Source License Version 1.1 (the - * "License"). You may not use this file except in compliance with the - * License. Please obtain a copy of the License at - * http://www.apple.com/publicsource and read it before using this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. * - * This Original Code and all software distributed under the License are - * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. + * + * The Original Code and all software distributed under the License are + * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License. + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/alias/alias_local.h b/alias/alias_local.h index 8aeb983..2ff5b64 100644 --- a/alias/alias_local.h +++ b/alias/alias_local.h @@ -3,19 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * The contents of this file constitute Original Code as defined in and - * are subject to the Apple Public Source License Version 1.1 (the - * "License"). You may not use this file except in compliance with the - * License. Please obtain a copy of the License at - * http://www.apple.com/publicsource and read it before using this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. * - * This Original Code and all software distributed under the License are - * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. + * + * The Original Code and all software distributed under the License are + * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License. + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/alias/alias_nbt.c b/alias/alias_nbt.c index f0b8048..2afc21d 100644 --- a/alias/alias_nbt.c +++ b/alias/alias_nbt.c @@ -3,19 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * The contents of this file constitute Original Code as defined in and - * are subject to the Apple Public Source License Version 1.1 (the - * "License"). You may not use this file except in compliance with the - * License. Please obtain a copy of the License at - * http://www.apple.com/publicsource and read it before using this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. * - * This Original Code and all software distributed under the License are - * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. + * + * The Original Code and all software distributed under the License are + * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License. + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/alias/alias_pptp.c b/alias/alias_pptp.c index 03e1a22..3e76de4 100644 --- a/alias/alias_pptp.c +++ b/alias/alias_pptp.c @@ -3,19 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * The contents of this file constitute Original Code as defined in and - * are subject to the Apple Public Source License Version 1.1 (the - * "License"). You may not use this file except in compliance with the - * License. Please obtain a copy of the License at - * http://www.apple.com/publicsource and read it before using this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. * - * This Original Code and all software distributed under the License are - * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. + * + * The Original Code and all software distributed under the License are + * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License. + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/alias/alias_proxy.c b/alias/alias_proxy.c index 67299c0..70827b1 100644 --- a/alias/alias_proxy.c +++ b/alias/alias_proxy.c @@ -3,19 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * The contents of this file constitute Original Code as defined in and - * are subject to the Apple Public Source License Version 1.1 (the - * "License"). You may not use this file except in compliance with the - * License. Please obtain a copy of the License at - * http://www.apple.com/publicsource and read it before using this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. * - * This Original Code and all software distributed under the License are - * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. + * + * The Original Code and all software distributed under the License are + * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License. + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/alias/alias_smedia.c b/alias/alias_smedia.c index 8937903..933c1b2 100644 --- a/alias/alias_smedia.c +++ b/alias/alias_smedia.c @@ -3,19 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * The contents of this file constitute Original Code as defined in and - * are subject to the Apple Public Source License Version 1.1 (the - * "License"). You may not use this file except in compliance with the - * License. Please obtain a copy of the License at - * http://www.apple.com/publicsource and read it before using this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. * - * This Original Code and all software distributed under the License are - * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. + * + * The Original Code and all software distributed under the License are + * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License. + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/alias/alias_util.c b/alias/alias_util.c index 28ea257..ef1cf42 100644 --- a/alias/alias_util.c +++ b/alias/alias_util.c @@ -3,19 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * The contents of this file constitute Original Code as defined in and - * are subject to the Apple Public Source License Version 1.1 (the - * "License"). You may not use this file except in compliance with the - * License. Please obtain a copy of the License at - * http://www.apple.com/publicsource and read it before using this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. * - * This Original Code and all software distributed under the License are - * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. + * + * The Original Code and all software distributed under the License are + * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License. + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/arp.tproj/arp.c b/arp.tproj/arp.c index d366781..43864cd 100644 --- a/arp.tproj/arp.c +++ b/arp.tproj/arp.c @@ -1,26 +1,3 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ /* * Copyright (c) 1984, 1993 * The Regents of the University of California. All rights reserved. @@ -58,13 +35,17 @@ */ #ifndef lint -static char copyright[] = +static char const copyright[] = "@(#) Copyright (c) 1984, 1993\n\ The Regents of the University of California. All rights reserved.\n"; #endif /* not lint */ #ifndef lint -static char sccsid[] = "@(#)arp.c 8.3 (Berkeley) 4/28/95"; +#if 0 +static char const sccsid[] = "@(#)from: arp.c 8.2 (Berkeley) 1/2/94"; +#endif +static const char rcsid[] = + "$FreeBSD: src/usr.sbin/arp/arp.c,v 1.22.2.10 2002/06/18 00:16:59 kbyanc Exp $"; #endif /* not lint */ /* @@ -75,7 +56,10 @@ static char sccsid[] = "@(#)arp.c 8.3 (Berkeley) 4/28/95"; #include #include #include +#include #include +#include +#include #include #include @@ -94,83 +78,153 @@ static char sccsid[] = "@(#)arp.c 8.3 (Berkeley) 4/28/95"; #include #include #include -#include +#include #include +#include +#include +#include + +void search(u_long addr, void (*action)(struct sockaddr_dl *sdl, + struct sockaddr_inarp *sin, struct rt_msghdr *rtm)); +void print_entry(struct sockaddr_dl *sdl, + struct sockaddr_inarp *addr, struct rt_msghdr *rtm); +void nuke_entry(struct sockaddr_dl *sdl, + struct sockaddr_inarp *addr, struct rt_msghdr *rtm); +int delete(char *host, char *info); +void usage(void); +int set(int argc, char **argv); +int get(char *host); +int file(char *name); +void getsocket(void); +int my_ether_aton(char *a, struct ether_addr *n); +int rtmsg(int cmd); +int get_ether_addr(u_int32_t ipaddr, struct ether_addr *hwaddr); + static int pid; -static int nflag; -static int aflag = 0; +static int nflag; /* no reverse dns lookups */ +static int aflag; /* do it for all entries */ static int s = -1; -int delete __P((char *, char *)); -void dump __P((u_long)); -int ether_aton __P((char *, u_char *)); -void ether_print __P((u_char *)); -int file __P((char *)); -void get __P((char *)); -void getsocket __P((void)); -int rtmsg __P((int)); -int set __P((int, char **)); -void usage __P((void)); +struct sockaddr_in so_mask; +struct sockaddr_inarp blank_sin, sin_m; +struct sockaddr_dl blank_sdl, sdl_m; +int expire_time, flags, doing_proxy, proxy_only, found_entry; +struct { + struct rt_msghdr m_rtm; + char m_space[512]; +} m_rtmsg; + +/* which function we're supposed to do */ +#define F_GET 1 +#define F_SET 2 +#define F_FILESET 3 +#define F_REPLACE 4 +#define F_DELETE 5 + +#define ROUNDUP(a) \ + ((a) > 0 ? (1 + (((a) - 1) | (sizeof(long) - 1))) : sizeof(long)) +#define SETFUNC(f) { if (func) usage(); func = (f); } int -main(argc, argv) - int argc; - char **argv; +main(int argc, char *argv[]) { - int ch; + int ch, func = 0; + int rtn = 0; pid = getpid(); - while ((ch = getopt(argc, argv, "ands")) != EOF) + while ((ch = getopt(argc, argv, "andfsS")) != -1) switch((char)ch) { case 'a': aflag = 1; break; case 'd': - if (argc < 3 || argc > 4) - usage(); - delete(argv[2], argv[3]); - exit(0); + SETFUNC(F_DELETE); + break; case 'n': nflag = 1; break; + case 'S': + SETFUNC(F_REPLACE); + break; case 's': - if (argc < 4 || argc > 7) - usage(); - exit(set(argc-2, &argv[2]) ? 1 : 0); + SETFUNC(F_SET); + break; + case 'f' : + SETFUNC(F_FILESET); + break; case '?': default: usage(); } - if( aflag ) { - dump(0); - exit(0); - } - if( nflag && (argc == 3) ) { - get(argv[2]); - exit(0); + argc -= optind; + argv += optind; + + bzero(&so_mask, sizeof(so_mask)); + so_mask.sin_len = 8; + so_mask.sin_addr.s_addr = 0xffffffff; + bzero(&blank_sin, sizeof(blank_sin)); + blank_sin.sin_len = sizeof(blank_sin); + blank_sin.sin_family = AF_INET; + bzero(&blank_sdl, sizeof(blank_sdl)); + blank_sdl.sdl_len = sizeof(blank_sdl); + blank_sdl.sdl_family = AF_LINK; + + if (!func) + func = F_GET; + switch (func) { + case F_GET: + if (aflag) { + if (argc != 0) + usage(); + search(0, print_entry); + } else { + if (argc != 1) + usage(); + get(argv[0]); + } + break; + case F_SET: + case F_REPLACE: + if (argc < 2 || argc > 6) + usage(); + if (func == F_REPLACE) + (void) delete(argv[0], NULL); + rtn = set(argc, argv) ? 1 : 0; + break; + case F_DELETE: + if (aflag) { + if (argc != 0) + usage(); + search(0, nuke_entry); + } else { + if (argc < 1 || argc > 2) + usage(); + rtn = delete(argv[0], argv[1]); + } + break; + case F_FILESET: + if (argc != 1) + usage(); + rtn = file(argv[0]); + break; } - if (argc != 2) - usage(); - get(argv[1]); - return (0); + + return(rtn); } /* * Process a file to set standard arp entries */ int -file(name) - char *name; +file(char *name) { FILE *fp; int i, retval; char line[100], arg[5][50], *args[5]; - if ((fp = fopen(name, "r")) == NULL) { - fprintf(stderr, "arp: cannot open %s\n", name); - exit(1); - } + if ((fp = fopen(name, "r")) == NULL) + errx(1, "cannot open %s", name); args[0] = &arg[0][0]; args[1] = &arg[1][0]; args[2] = &arg[2][0]; @@ -178,10 +232,10 @@ file(name) args[4] = &arg[4][0]; retval = 0; while(fgets(line, 100, fp) != NULL) { - i = sscanf(line, "%s %s %s %s %s", arg[0], arg[1], arg[2], - arg[3], arg[4]); + i = sscanf(line, "%49s %49s %49s %49s %49s", arg[0], arg[1], + arg[2], arg[3], arg[4]); if (i < 2) { - fprintf(stderr, "arp: bad line: %s\n", line); + warnx("bad line: %s", line); retval = 1; continue; } @@ -193,38 +247,26 @@ file(name) } void -getsocket() { +getsocket(void) +{ if (s < 0) { s = socket(PF_ROUTE, SOCK_RAW, 0); - if (s < 0) { - perror("arp: socket"); - exit(1); - } + if (s < 0) + err(1, "socket"); } } -struct sockaddr_in so_mask = {8, 0, 0, { 0xffffffff}}; -struct sockaddr_inarp blank_sin = {sizeof(blank_sin), AF_INET }, sin_m; -struct sockaddr_dl blank_sdl = {sizeof(blank_sdl), AF_LINK }, sdl_m; -int expire_time, flags, export_only, doing_proxy, found_entry; -struct { - struct rt_msghdr m_rtm; - char m_space[512]; -} m_rtmsg; - /* - * Set an individual arp entry + * Set an individual arp entry */ int -set(argc, argv) - int argc; - char **argv; +set(int argc, char **argv) { struct hostent *hp; - register struct sockaddr_inarp *sin = &sin_m; + register struct sockaddr_inarp *addr = &sin_m; register struct sockaddr_dl *sdl; register struct rt_msghdr *rtm = &(m_rtmsg.m_rtm); - u_char *ea; + struct ether_addr *ea; char *host = argv[0], *eaddr = argv[1]; getsocket(); @@ -232,48 +274,61 @@ set(argc, argv) argv += 2; sdl_m = blank_sdl; sin_m = blank_sin; - sin->sin_addr.s_addr = inet_addr(host); - if (sin->sin_addr.s_addr == -1) { + addr->sin_addr.s_addr = inet_addr(host); + if (addr->sin_addr.s_addr == INADDR_NONE) { if (!(hp = gethostbyname(host))) { - fprintf(stderr, "arp: %s: ", host); - herror((char *)NULL); + warnx("%s: %s", host, hstrerror(h_errno)); return (1); } - bcopy((char *)hp->h_addr, (char *)&sin->sin_addr, - sizeof sin->sin_addr); + bcopy((char *)hp->h_addr, (char *)&addr->sin_addr, + sizeof addr->sin_addr); } - ea = (u_char *)LLADDR(&sdl_m); - if (ether_aton(eaddr, ea) == 0) - sdl_m.sdl_alen = 6; - doing_proxy = flags = export_only = expire_time = 0; + doing_proxy = flags = proxy_only = expire_time = 0; while (argc-- > 0) { if (strncmp(argv[0], "temp", 4) == 0) { - struct timeval time; - gettimeofday(&time, 0); - expire_time = time.tv_sec + 20 * 60; + struct timeval tv; + gettimeofday(&tv, 0); + expire_time = tv.tv_sec + 20 * 60; } else if (strncmp(argv[0], "pub", 3) == 0) { flags |= RTF_ANNOUNCE; - doing_proxy = SIN_PROXY; + doing_proxy = 1; + if (argc && strncmp(argv[1], "only", 3) == 0) { + proxy_only = 1; + sin_m.sin_other = SIN_PROXY; + argc--; argv++; + } } else if (strncmp(argv[0], "trail", 5) == 0) { printf("%s: Sending trailers is no longer supported\n", host); } argv++; } + ea = (struct ether_addr *)LLADDR(&sdl_m); + if (doing_proxy && !strcmp(eaddr, "auto")) { + if (!get_ether_addr(addr->sin_addr.s_addr, ea)) { + printf("no interface found for %s\n", + inet_ntoa(addr->sin_addr)); + return (1); + } + sdl_m.sdl_alen = ETHER_ADDR_LEN; + } else { + if (my_ether_aton(eaddr, ea) == 0) + sdl_m.sdl_alen = ETHER_ADDR_LEN; + } tryagain: if (rtmsg(RTM_GET) < 0) { - perror(host); + warn("%s", host); return (1); } - sin = (struct sockaddr_inarp *)(rtm + 1); - sdl = (struct sockaddr_dl *)(sin->sin_len + (char *)sin); - if (sin->sin_addr.s_addr == sin_m.sin_addr.s_addr) { + addr = (struct sockaddr_inarp *)(rtm + 1); + sdl = (struct sockaddr_dl *)(ROUNDUP(addr->sin_len) + (char *)addr); + if (addr->sin_addr.s_addr == sin_m.sin_addr.s_addr) { if (sdl->sdl_family == AF_LINK && (rtm->rtm_flags & RTF_LLINFO) && !(rtm->rtm_flags & RTF_GATEWAY)) switch (sdl->sdl_type) { case IFT_ETHER: case IFT_FDDI: case IFT_ISO88023: - case IFT_ISO88024: case IFT_ISO88025: + case IFT_ISO88024: case IFT_ISO88025: case IFT_L2VLAN: goto overwrite; } if (doing_proxy == 0) { @@ -285,7 +340,7 @@ tryagain: return(1); } sin_m.sin_other = SIN_PROXY; - export_only = 1; + proxy_only = 1; goto tryagain; } overwrite: @@ -301,72 +356,70 @@ overwrite: /* * Display an individual arp entry */ -void -get(host) - char *host; +int +get(char *host) { struct hostent *hp; - struct sockaddr_inarp *sin = &sin_m; + struct sockaddr_inarp *addr = &sin_m; sin_m = blank_sin; - sin->sin_addr.s_addr = inet_addr(host); - if (sin->sin_addr.s_addr == -1) { - if (!(hp = gethostbyname(host))) { - fprintf(stderr, "arp: %s: ", host); - herror((char *)NULL); - exit(1); - } - bcopy((char *)hp->h_addr, (char *)&sin->sin_addr, - sizeof sin->sin_addr); + addr->sin_addr.s_addr = inet_addr(host); + if (addr->sin_addr.s_addr == INADDR_NONE) { + if (!(hp = gethostbyname(host))) + errx(1, "%s: %s", host, hstrerror(h_errno)); + bcopy((char *)hp->h_addr, (char *)&addr->sin_addr, + sizeof addr->sin_addr); } - dump(sin->sin_addr.s_addr); + search(addr->sin_addr.s_addr, print_entry); if (found_entry == 0) { printf("%s (%s) -- no entry\n", - host, inet_ntoa(sin->sin_addr)); - exit(1); + host, inet_ntoa(addr->sin_addr)); + return(1); } + return(0); } /* - * Delete an arp entry + * Delete an arp entry */ int -delete(host, info) - char *host; - char *info; +delete(char *host, char *info) { struct hostent *hp; - register struct sockaddr_inarp *sin = &sin_m; + register struct sockaddr_inarp *addr = &sin_m; register struct rt_msghdr *rtm = &m_rtmsg.m_rtm; struct sockaddr_dl *sdl; - if (info && strncmp(info, "pro", 3) ) - export_only = 1; getsocket(); sin_m = blank_sin; - sin->sin_addr.s_addr = inet_addr(host); - if (sin->sin_addr.s_addr == -1) { + if (info) { + if (strncmp(info, "pub", 3) == 0) + sin_m.sin_other = SIN_PROXY; + else + usage(); + } + addr->sin_addr.s_addr = inet_addr(host); + if (addr->sin_addr.s_addr == INADDR_NONE) { if (!(hp = gethostbyname(host))) { - fprintf(stderr, "arp: %s: ", host); - herror((char *)NULL); + warnx("%s: %s", host, hstrerror(h_errno)); return (1); } - bcopy((char *)hp->h_addr, (char *)&sin->sin_addr, - sizeof sin->sin_addr); + bcopy((char *)hp->h_addr, (char *)&addr->sin_addr, + sizeof addr->sin_addr); } tryagain: if (rtmsg(RTM_GET) < 0) { - perror(host); + warn("%s", host); return (1); } - sin = (struct sockaddr_inarp *)(rtm + 1); - sdl = (struct sockaddr_dl *)(sin->sin_len + (char *)sin); - if (sin->sin_addr.s_addr == sin_m.sin_addr.s_addr) { + addr = (struct sockaddr_inarp *)(rtm + 1); + sdl = (struct sockaddr_dl *)(ROUNDUP(addr->sin_len) + (char *)addr); + if (addr->sin_addr.s_addr == sin_m.sin_addr.s_addr) { if (sdl->sdl_family == AF_LINK && (rtm->rtm_flags & RTF_LLINFO) && !(rtm->rtm_flags & RTF_GATEWAY)) switch (sdl->sdl_type) { case IFT_ETHER: case IFT_FDDI: case IFT_ISO88023: - case IFT_ISO88024: case IFT_ISO88025: + case IFT_ISO88024: case IFT_ISO88025: case IFT_L2VLAN: goto delete; } } @@ -382,27 +435,26 @@ delete: printf("cannot locate %s\n", host); return (1); } - if (rtmsg(RTM_DELETE)) - return (1); - printf("%s (%s) deleted\n", host, inet_ntoa(sin->sin_addr)); - return (0); + if (rtmsg(RTM_DELETE) == 0) { + printf("%s (%s) deleted\n", host, inet_ntoa(addr->sin_addr)); + return (0); + } + return (1); } /* - * Dump the entire arp table + * Search the arp table and do some action on matching entries */ void -dump(addr) - u_long addr; +search(u_long addr, void (*action)(struct sockaddr_dl *sdl, + struct sockaddr_inarp *sin, struct rt_msghdr *rtm)) { int mib[6]; size_t needed; - char *host, *lim, *buf, *next; + char *lim, *buf, *next; struct rt_msghdr *rtm; - struct sockaddr_inarp *sin; + struct sockaddr_inarp *sin2; struct sockaddr_dl *sdl; - extern int h_errno; - struct hostent *hp; mib[0] = CTL_NET; mib[1] = PF_ROUTE; @@ -411,93 +463,160 @@ dump(addr) mib[4] = NET_RT_FLAGS; mib[5] = RTF_LLINFO; if (sysctl(mib, 6, NULL, &needed, NULL, 0) < 0) - err(1, "route-sysctl-estimate"); + errx(1, "route-sysctl-estimate"); if ((buf = malloc(needed)) == NULL) - err(1, "malloc"); + errx(1, "malloc"); if (sysctl(mib, 6, buf, &needed, NULL, 0) < 0) - err(1, "actual retrieval of routing table"); + errx(1, "actual retrieval of routing table"); lim = buf + needed; for (next = buf; next < lim; next += rtm->rtm_msglen) { rtm = (struct rt_msghdr *)next; - sin = (struct sockaddr_inarp *)(rtm + 1); - sdl = (struct sockaddr_dl *)(sin + 1); + sin2 = (struct sockaddr_inarp *)(rtm + 1); + (char *)sdl = (char *)sin2 + ROUNDUP(sin2->sin_len); if (addr) { - if (addr != sin->sin_addr.s_addr) + if (addr != sin2->sin_addr.s_addr) continue; found_entry = 1; } - if (nflag == 0) - hp = gethostbyaddr((caddr_t)&(sin->sin_addr), - sizeof sin->sin_addr, AF_INET); - else - hp = 0; - if (hp) - host = hp->h_name; - else { - host = "?"; - if (h_errno == TRY_AGAIN) - nflag = 1; - } - printf("%s (%s) at ", host, inet_ntoa(sin->sin_addr)); - if (sdl->sdl_alen) - ether_print((u_char *)LLADDR(sdl)); - else - printf("(incomplete)"); - if (rtm->rtm_rmx.rmx_expire == 0) - printf(" permanent"); - if (sin->sin_other & SIN_PROXY) - printf(" published (proxy only)"); - if (rtm->rtm_addrs & RTA_NETMASK) { - sin = (struct sockaddr_inarp *) - (sdl->sdl_len + (char *)sdl); - if (sin->sin_addr.s_addr == 0xffffffff) - printf(" published"); - if (sin->sin_len != 8) - printf("(wierd)"); - } - printf("\n"); + (*action)(sdl, sin2, rtm); } + free(buf); } + +/* + * Stolen and adapted from ifconfig + */ +static void +print_lladdr(struct sockaddr_dl *sdl) +{ + char *cp; + int n; + + cp = (char *)LLADDR(sdl); + if ((n = sdl->sdl_alen) > 0) { + while (--n >= 0) + printf("%x%s",*cp++ & 0xff, n>0? ":" : ""); + } +} + + +/* + * Display an arp entry + */ void -ether_print(cp) - u_char *cp; +print_entry(struct sockaddr_dl *sdl, + struct sockaddr_inarp *addr, struct rt_msghdr *rtm) { - printf("%x:%x:%x:%x:%x:%x", cp[0], cp[1], cp[2], cp[3], cp[4], cp[5]); + const char *host; + struct hostent *hp; + struct iso88025_sockaddr_dl_data *trld; + char ifname[IF_NAMESIZE]; + int seg; + + if (nflag == 0) + hp = gethostbyaddr((caddr_t)&(addr->sin_addr), + sizeof addr->sin_addr, AF_INET); + else + hp = 0; + if (hp) + host = hp->h_name; + else { + host = "?"; + if (h_errno == TRY_AGAIN) + nflag = 1; + } + printf("%s (%s) at ", host, inet_ntoa(addr->sin_addr)); + if (sdl->sdl_alen) { + print_lladdr(sdl); + } else + printf("(incomplete)"); + if (if_indextoname(sdl->sdl_index, ifname) != NULL) + printf(" on %s", ifname); + if (rtm->rtm_rmx.rmx_expire == 0) + printf(" permanent"); + if (addr->sin_other & SIN_PROXY) + printf(" published (proxy only)"); + if (rtm->rtm_addrs & RTA_NETMASK) { + addr = (struct sockaddr_inarp *) + (ROUNDUP(sdl->sdl_len) + (char *)sdl); + if (addr->sin_addr.s_addr == 0xffffffff) + printf(" published"); + if (addr->sin_len != 8) + printf("(weird)"); + } + switch(sdl->sdl_type) { + case IFT_ETHER: + printf(" [ethernet]"); + break; + case IFT_ISO88025: +#ifndef __APPLE__ + printf(" [token-ring]"); + trld = SDL_ISO88025(sdl); + if (trld->trld_rcf != 0) { + printf(" rt=%x", ntohs(trld->trld_rcf)); + for (seg = 0; + seg < ((TR_RCF_RIFLEN(trld->trld_rcf) - 2 ) / 2); + seg++) + printf(":%x", ntohs(*(trld->trld_route[seg]))); + } +#endif + break; + case IFT_L2VLAN: + printf(" [vlan]"); + break; + case IFT_IEEE1394: + printf(" [firewire]"); + break; + default: + } + + printf("\n"); + +} + +/* + * Nuke an arp entry + */ +void +nuke_entry(struct sockaddr_dl *sdl, + struct sockaddr_inarp *addr, struct rt_msghdr *rtm ) +{ + char ip[20]; + + snprintf(ip, sizeof(ip), "%s", inet_ntoa(addr->sin_addr)); + delete(ip, NULL); } int -ether_aton(a, n) - char *a; - u_char *n; +my_ether_aton(char *a, struct ether_addr *n) { - int i, o[6]; + struct ether_addr *ea; - i = sscanf(a, "%x:%x:%x:%x:%x:%x", &o[0], &o[1], &o[2], - &o[3], &o[4], &o[5]); - if (i != 6) { - fprintf(stderr, "arp: invalid Ethernet address '%s'\n", a); + if ((ea = ether_aton(a)) == NULL) { + warnx("invalid Ethernet address '%s'", a); return (1); } - for (i=0; i<6; i++) - n[i] = o[i]; + *n = *ea; return (0); } void -usage() +usage(void) { - printf("usage: arp [-n] hostname\n"); - printf(" arp [-n] -a\n"); - printf(" arp -d hostname\n"); - printf(" arp -s hostname ether_addr [temp] [pub]\n"); - printf(" arp -f filename\n"); + fprintf(stderr, "%s\n%s\n%s\n%s\n%s\n%s\n%s\n", + "usage: arp [-n] hostname", + " arp [-n] -a", + " arp -d hostname [pub]", + " arp -d -a", + " arp -s hostname ether_addr [temp] [pub]", + " arp -S hostname ether_addr [temp] [pub]", + " arp -f filename"); exit(1); } int -rtmsg(cmd) - int cmd; +rtmsg(int cmd) { static int seq; int rlen; @@ -514,8 +633,7 @@ rtmsg(cmd) switch (cmd) { default: - fprintf(stderr, "arp: internal wrong cmd\n"); - exit(1); + errx(1, "internal wrong cmd"); case RTM_ADD: rtm->rtm_addrs |= RTA_GATEWAY; rtm->rtm_rmx.rmx_expire = expire_time; @@ -523,7 +641,7 @@ rtmsg(cmd) rtm->rtm_flags |= (RTF_HOST | RTF_STATIC); sin_m.sin_other = 0; if (doing_proxy) { - if (export_only) + if (proxy_only) sin_m.sin_other = SIN_PROXY; else { rtm->rtm_addrs |= RTA_NETMASK; @@ -536,7 +654,7 @@ rtmsg(cmd) } #define NEXTADDR(w, s) \ if (rtm->rtm_addrs & (w)) { \ - bcopy((char *)&s, cp, sizeof(s)); cp += sizeof(s);} + bcopy((char *)&s, cp, sizeof(s)); cp += ROUNDUP(sizeof(s));} NEXTADDR(RTA_DST, sin_m); NEXTADDR(RTA_GATEWAY, sdl_m); @@ -549,7 +667,7 @@ doit: rtm->rtm_type = cmd; if ((rlen = write(s, (char *)&m_rtmsg, l)) < 0) { if (errno != ESRCH || cmd != RTM_DELETE) { - perror("writing to routing socket"); + warn("writing to routing socket"); return (-1); } } @@ -557,7 +675,104 @@ doit: l = read(s, (char *)&m_rtmsg, sizeof(m_rtmsg)); } while (l > 0 && (rtm->rtm_seq != seq || rtm->rtm_pid != pid)); if (l < 0) - (void) fprintf(stderr, "arp: read from routing socket: %s\n", - strerror(errno)); + warn("read from routing socket"); return (0); } + +/* + * get_ether_addr - get the hardware address of an interface on the + * the same subnet as ipaddr. + */ +#define MAX_IFS 32 + +int +get_ether_addr(u_int32_t ipaddr, struct ether_addr *hwaddr) +{ + struct ifreq *ifr, *ifend, *ifp; + u_int32_t ina, mask; + struct sockaddr_dl *dla; + struct ifreq ifreq; + struct ifconf ifc; + struct ifreq ifs[MAX_IFS]; + int sock; + + sock = socket(AF_INET, SOCK_DGRAM, 0); + if (sock < 0) + err(1, "socket"); + + ifc.ifc_len = sizeof(ifs); + ifc.ifc_req = ifs; + if (ioctl(sock, SIOCGIFCONF, &ifc) < 0) { + warnx("ioctl(SIOCGIFCONF)"); + close(sock); + return 0; + } + + /* + * Scan through looking for an interface with an Internet + * address on the same subnet as `ipaddr'. + */ + ifend = (struct ifreq *) (ifc.ifc_buf + ifc.ifc_len); + for (ifr = ifc.ifc_req; ifr < ifend; ) { + if (ifr->ifr_addr.sa_family == AF_INET) { + ina = ((struct sockaddr_in *) + &ifr->ifr_addr)->sin_addr.s_addr; + strncpy(ifreq.ifr_name, ifr->ifr_name, + sizeof(ifreq.ifr_name)); + /* + * Check that the interface is up, + * and not point-to-point or loopback. + */ + if (ioctl(sock, SIOCGIFFLAGS, &ifreq) < 0) + continue; + if ((ifreq.ifr_flags & + (IFF_UP|IFF_BROADCAST|IFF_POINTOPOINT| + IFF_LOOPBACK|IFF_NOARP)) + != (IFF_UP|IFF_BROADCAST)) + goto nextif; + /* + * Get its netmask and check that it's on + * the right subnet. + */ + if (ioctl(sock, SIOCGIFNETMASK, &ifreq) < 0) + continue; + mask = ((struct sockaddr_in *) + &ifreq.ifr_addr)->sin_addr.s_addr; + if ((ipaddr & mask) != (ina & mask)) + goto nextif; + break; + } +nextif: + ifr = (struct ifreq *) ((char *)&ifr->ifr_addr + + MAX(ifr->ifr_addr.sa_len, sizeof(ifr->ifr_addr))); + } + + if (ifr >= ifend) { + close(sock); + return 0; + } + + /* + * Now scan through again looking for a link-level address + * for this interface. + */ + ifp = ifr; + for (ifr = ifc.ifc_req; ifr < ifend; ) { + if (strcmp(ifp->ifr_name, ifr->ifr_name) == 0 + && ifr->ifr_addr.sa_family == AF_LINK) { + /* + * Found the link-level address - copy it out + */ + dla = (struct sockaddr_dl *) &ifr->ifr_addr; + close (sock); + printf("using interface %s for proxy with address ", + ifp->ifr_name); + print_lladdr(dla); + printf("\n"); + return dla->sdl_alen; + } + ifr = (struct ifreq *) ((char *)&ifr->ifr_addr + + MAX(ifr->ifr_addr.sa_len, sizeof(ifr->ifr_addr))); + } + return 0; +} diff --git a/bootparams/bootparamd.tproj/bootparam_proc.c b/bootparams/bootparamd.tproj/bootparam_proc.c index faa0ff3..b7a64c3 100644 --- a/bootparams/bootparamd.tproj/bootparam_proc.c +++ b/bootparams/bootparamd.tproj/bootparam_proc.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/bootparams/bootparamd.tproj/bootparamd.c b/bootparams/bootparamd.tproj/bootparamd.c index e76bd42..c8da199 100644 --- a/bootparams/bootparamd.tproj/bootparamd.c +++ b/bootparams/bootparamd.tproj/bootparamd.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/bootparams/bootparams/bootparam_prot.x b/bootparams/bootparams/bootparam_prot.x index 0339a81..e28c544 100644 --- a/bootparams/bootparams/bootparam_prot.x +++ b/bootparams/bootparams/bootparam_prot.x @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/bootparams/bpwhoami.tproj/bpwhoami.1 b/bootparams/bpwhoami.tproj/bpwhoami.1 index dd73e36..cc2aa11 100644 --- a/bootparams/bpwhoami.tproj/bpwhoami.1 +++ b/bootparams/bpwhoami.tproj/bpwhoami.1 @@ -29,3 +29,4 @@ Successfully retrieved information. RPC timed out while attempting to retrieve information. .It 2 Unrecoverable error. +.El diff --git a/bootparams/bpwhoami.tproj/bpwhoami.c b/bootparams/bpwhoami.tproj/bpwhoami.c index 68a4c6d..bf43da3 100644 --- a/bootparams/bpwhoami.tproj/bpwhoami.c +++ b/bootparams/bpwhoami.tproj/bpwhoami.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/domainname.tproj/Makefile b/domainname.tproj/Makefile index 12a1e35..5be6c01 100644 --- a/domainname.tproj/Makefile +++ b/domainname.tproj/Makefile @@ -14,7 +14,7 @@ PROJECT_TYPE = Tool CFILES = domainname.c -OTHERSRCS = Makefile.dist domainname.1 +OTHERSRCS = Makefile.dist Makefile.postamble domainname.1 MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles diff --git a/domainname.tproj/Makefile.postamble b/domainname.tproj/Makefile.postamble new file mode 100644 index 0000000..d979753 --- /dev/null +++ b/domainname.tproj/Makefile.postamble @@ -0,0 +1,3 @@ +after_install: + install -o root -m 755 -d $(DSTROOT)/usr/share/man/man1 + install -o root -m 644 -c domainname.1 $(DSTROOT)/usr/share/man/man1 diff --git a/domainname.tproj/domainname.1 b/domainname.tproj/domainname.1 index 074bf43..ddaf675 100644 --- a/domainname.tproj/domainname.1 +++ b/domainname.tproj/domainname.1 @@ -30,7 +30,7 @@ .\" SUCH DAMAGE. .\" .\" from: @(#)domainname.1 6.8 (Berkeley) 7/27/91 -.\" $Id: domainname.1,v 1.1.1.1 1999/05/02 03:57:38 wsanchez Exp $ +.\" $Id: domainname.1,v 1.2 2003/07/15 23:03:46 melville Exp $ .\" .Dd July 27, 1991 .Dt DOMAINNAME 1 @@ -43,12 +43,8 @@ .Op Ar name-of-domain .Sh DESCRIPTION .Nm Domainname -prints the domain name of the current host. The super-user can -set the domain name by supplying an argument; this is usually done in the -network initialization script -.Pa /etc/netstart , -normally run at boot -time. +prints the domain name of the current host. +The super-user can set the domain name by supplying an argument. .Sh SEE ALSO .Xr hostname 1 , .Xr getdomainname 2 , diff --git a/domainname.tproj/domainname.c b/domainname.tproj/domainname.c index a229731..57eb463 100644 --- a/domainname.tproj/domainname.c +++ b/domainname.tproj/domainname.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/identd.tproj/CREDITS b/identd.tproj/CREDITS deleted file mode 100644 index c117a03..0000000 --- a/identd.tproj/CREDITS +++ /dev/null @@ -1,52 +0,0 @@ -Credits go to (I've probably forgot someone - please don't hesitate -to tell me!) for helping making Pidentd what it is: - -Casper Dik , Math & CS Faculty, U. of Amsterdam, NL - (Added support for SunOS 5 (Solaris 2)) - -Dave Shield , CS Dept. Liverpool U., UK - (Added support for HP9K HPUX 8.*) - -Jan L. Peterson , Math Dept. BYU, USA - (Added support for MIPS RISC/os and fixed a few other things) - -Fletcher Mattox , University of Texas, USA - (Added support for HP9K HP-UX 7.*) - -Mark Monnin , Rose-Hulman Inst. of Tech, USA - (Added support for DEC Ultrix 4.*) - -Simon Leinen , Switzerland - (Added support for Silicon Graphics IRIX 4.*) - -Frank Maas , Delft Univ. of Technology, The Netherlands - (Added support for Sequent Dynix 3.*) - -Andrew Herbert , Monash University, Australia - (Added support for System V/Release 4) - -David Bennet , Australia - (Added support for 386BSD) - -Fishman M. Shmuel , Technion Inst. of Tech., Israel - (Added support for Convex & 4.3BSDtahoe (then heavily hacked by me)) - -Bradley E. Smith , Bradley University, USA - (Added support for AT&T's own version of SVR4) - -RenE J.V. Bertin , Uni. of Utrecht, The Netherlands - (Added support for Apple A/UX 2.*) - -Douglas Lee Schales , Texas A&M University, USA - (Added support for Cray UNICOS 6.*) - -Don Hazlewood , SW Texas State U., USA - (Added support for A/UX 3.*) - - Nigel Metheringham , University of York, UK - (Added support for NeXT, SunOS 3.*, corrections for MIPS) - ----------------------------------------------------------------------------- -Peter Eriksson , Lysator, Linkoping University, Sweden. - (Original code for Sun SunOS 4.* and Sequent Dynix 2.*) - diff --git a/identd.tproj/Makefile.dist b/identd.tproj/Makefile.dist deleted file mode 100644 index fad1caa..0000000 --- a/identd.tproj/Makefile.dist +++ /dev/null @@ -1,10 +0,0 @@ -# $Id: Makefile.dist,v 1.1.1.1 1999/05/02 03:57:40 wsanchez Exp $ - -PROG= identd -SRCS= config.c identd.c netbsd.c parse.c proxy.c version.c -MAN8= identd.0 - -LDADD= -lkvm -DPADD= ${LIBKVM} - -.include diff --git a/identd.tproj/Makefile.postamble b/identd.tproj/Makefile.postamble deleted file mode 100644 index b4ab713..0000000 --- a/identd.tproj/Makefile.postamble +++ /dev/null @@ -1,3 +0,0 @@ -after_install: - install -d $(DSTROOT)/usr/share/man/man8 - install -c -m 444 identd.8 $(DSTROOT)/usr/share/man/man8 diff --git a/identd.tproj/README b/identd.tproj/README deleted file mode 100644 index f1e1d3b..0000000 --- a/identd.tproj/README +++ /dev/null @@ -1,129 +0,0 @@ - pidentd - - ("Peter's Ident Daemon" or is it "Portable Ident Daemon"?) - - Peter Eriksson - - -This program is released into the public domain and can be used by -anyone who wants to. Vendors may include it into their distributions -if they want to without any restrictions. (Although it would be nice -to be notified by email if someone decides to do that, and/or a note -somewhere about who wrote this program. Like in the man-page or so.. :-) - -This is a program that implements the RFC1413 identification server. It -was very much inspired by Dan Bernstein's original 'authd' (but unlike -that program doesn't use 'netstat' to get some of the information) It -uses the kernel information directly. (And is due to that fact a lot -faster). Dan has now written another version of the 'authd' daemon that -uses his 'kstuff' to read the kernel information. Unlike that daemon, -this will use only normally available kernel access functions (and is due -to that more limited in the different machines it support). Please note -that this daemon used to be called pauthd but has changed name to better -reflect what it does (and to conform to the new RFC). - -This daemon has been tested on the following machines/OS (please report -to me if you've tested a newer version, or if your machine/OS isn't among -the ones below): - -Machine Operating System Pidentd version ----------------------- ---------------------- -------------------------- - Sequent Balance Dynix 3.0.14 2.1beta.12 - Sequent Symmetry Dynix 3.1.2 2.1beta.3 - Sun 3/50 SunOS 3.5 2.1beta.8.1 (3) - Sun 386i SunOS 4.0.2 1.9beta - Sun 2/120 SunOS 4.0.3 2.1beta.10 - Sun 3/280 SunOS 4.1.1 2.1beta.12 - Sun 4/380 SunOS 4.1.3 2.1beta.12 - Sun SS1/41 SunOS 5.1 2.1beta.11 - HP 9000/375 HP-UX 7.0 2.1beta.10.1 (1) - HP 9000/300 HP-UX 8.0 2.1beta.12 - HP 9000/340 HP-UX 8.0 2.1beta.10.1 - HP 9000/360 HP-UX 8.0 2.1beta.10.1 - HP 9000/710 HP-UX 8.07 2.1beta.10.1 - HP 9000/720 HP-UX 8.07 2.1beta.10.1 - HP 9000/715 HP-UX 9.0 2.1beta.9.1 - HP 9000/827 HP-UX 8.02 2.1beta.8.1 - HP 9000/834 HP-UX 7.0 2.0beta.4 - HP 9000/835 HP-UX 8.00 2.1beta.10.1 - MIPS RISC/OS 4.5x 2.1beta.8.1 - DECstation 2100 Ultrix 4.2-96 2.1beta.2 (2) - DECstation 5000/133 Ultrix 4.2 2.1beta.9.1 (2) [?] - DEC VAXstation 2000 Ultrix-32 3.1 2.1beta.12 (2) [?] - DEC VAX vs3520 Ultrix 3.0 2.1beta.9.1 (2) [?] - DEC VAX 11/780 4.3BSD Reno 2.1beta.12 (2) - i486-PC UHC SVR4 2.0 2.0beta.4 (2) - i486-PC Dell SVR4 2.2 2.0beta.4 (2) - i486-PC ESIX SVR4 4.0.4 2.1beta.2 (2) - i486-PC 386BSD 0.1 2.1beta.3 (2) - Cray UNICOS 6.0.12 2.1beta.7 - NeXT NeXTSTEP 2.1 2.1beta.9.1 (3) - NeXT NeXTSTEP 3.0 2.1beta.9.1 (3) - Pyramid 90x dualPort OSx 4.1 2.1beta.12 - Silicon Graphics IRIX 4 2.1beta.10 - -Notes: - 1) HP-UX 7.0 doesn't support running streams based services from - Inetd with the "wait" option (and the "-w" flag to Pidentd). - - It also has problems with starting stuff as user "sys" from Inetd. - (It doesn't correctly set the group id to "sys") so I suggest you - either starts it as user "root" and use the "-u" and "-g" flags - to setuid and setgid itself to user "sys", group "sys", or do a - 'chgrp sys in.identd' and then a 'chmod g+s in.identd' and start - it as user "sys" from Inetd. - - 2) These systems also doesn't support running streams based - services from Inetd with the "wait" option. - - 3) See notes in the READMEs/README. specific files. - - -Please let me know if you find any bugs, or have ported it to other -machines (and care to share the changes with me and the world!). - -See the manual page for information about the various command line -options that are available. - -NOTE: One should NOT use the -d option when using it for normal use! - -If you intend to create or modify daemons that use the IDENT protocol -then you may wish to get the "libident" library that contains some -functions to implement the client side of this protocol. It is available -as "libident-*.tar.Z" in "pub/ident/libs" at "ftp.lysator.liu.se". - -There is a mailing list for users of the IDENT(RFC1413)/TAP protocol called -'ident-users@lysator.liu.se' that you may want to consider joining. -Send mail to the address 'ident-users-request@lysator.liu.se' to -join it. This list is intended for generic discussions on using this -protocol and it's associated tools. - -If you only want to receive news about new (non-alpha/beta) releases of -Pidentd then you can join the 'ident-announce@lysator.liu.se' mailing -list. Send mail to the address 'ident-announce-request@lysator.liu.se' to -join it. No discussions will take place on this list. - -I also run a small mailing list for people who wants to act as testers -of new alpha/beta-versions of Pidentd. If you wish to join, please send -mail to the address 'pidentd-testers-request@lysator.liu.se'. (I can always -use more testers, so don't hesitate :-) - -It's a human (namely me :-) that reads the letters sent to *-request. -Please include the full email address to which to wish to have the -letters sent. - -I'm grateful for success/failure stories about installing/compiling this -daemon... - -Information of interrest: - - 1. Machine and operating system type and version. - 2. Command line flags. - 3. Inetd.conf configuration. - 4. Did it work, or not. And if not - what did it report to the - syslog file? (You'll have to add the "-l" option and probably - reconfigure your Syslogd). If you use the "-d" option then - you can see a verbose error if you Telnet into it directly and - send it a query manually. (See the INSTALL file for more information). - -/Peter Eriksson , 5 April 1993 diff --git a/identd.tproj/config.c b/identd.tproj/config.c deleted file mode 100644 index 19eec4c..0000000 --- a/identd.tproj/config.c +++ /dev/null @@ -1,71 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* -** $Id: config.c,v 1.1.1.1 1999/05/02 03:57:41 wsanchez Exp $ -** -** config.c This file handles the config file -** -** This program is in the public domain and may be used freely by anyone -** who wants to. -** -** Last update: 6 Dec 1992 -** -** Please send bug fixes/bug reports to: Peter Eriksson -*/ - -#include -#include - -#include "error.h" -#include "identd.h" -#include "xpaths.h" - - -int parse_config(path, silent_flag) - char *path; - int silent_flag; -{ - FILE *fp; - - if (!path) - path = PATH_CONFIG; - - fp = fopen(path, "r"); - if (!fp) - { - if (silent_flag) - return 0; - - ERROR1("error opening %s", path); - } - - /* - ** Code should go here to parse the config file data. - ** For now we just ignore the contents... - */ - - - fclose(fp); - return 0; -} diff --git a/identd.tproj/error.h b/identd.tproj/error.h deleted file mode 100644 index d5f1990..0000000 --- a/identd.tproj/error.h +++ /dev/null @@ -1,67 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* -** $Id: error.h,v 1.1.1.1 1999/05/02 03:57:41 wsanchez Exp $ -** -** error.h Error handling macros -** -** This program is in the public domain and may be used freely by anyone -** who wants to. -** -** Last update: 19 Aug 1992 -** -** Please send bug fixes/bug reports to: Peter Eriksson -*/ - -#ifndef __ERROR_H__ -#define __ERROR_H__ - -#include - -#define ERROR(fmt) \ - ((syslog_flag ? (syslog(LOG_ERR, fmt),0) : 0), \ - (debug_flag ? (fprintf(stderr, "%d , %d : ERROR : X-DBG : ", \ - lport, fport), \ - fprintf(stderr, fmt), perror(": "), 0) : \ - (printf("%d , %d : ERROR : UNKNOWN-ERROR\r\n", lport, fport), 0)), \ - fflush(stdout), fflush(stderr), exit(1), 0) - - -#define ERROR1(fmt,v1) \ - ((syslog_flag ? (syslog(LOG_ERR, fmt, v1),0) : 0), \ - (debug_flag ? (fprintf(stderr, "%d , %d : ERROR : X-DBG : ", \ - lport, fport), \ - fprintf(stderr, fmt, v1), perror(": "), 0) : \ - (printf("%d , %d : ERROR : UNKNOWN-ERROR\r\n", lport, fport), 0)), \ - fflush(stdout), fflush(stderr), exit(1), 0) - -#define ERROR2(fmt,v1,v2) \ - ((syslog_flag ? (syslog(LOG_ERR, fmt, v1, v2),0) : 0), \ - (debug_flag ? (fprintf(stderr, "%d , %d : ERROR : X-DBG : ", \ - lport, fport), \ - fprintf(stderr, fmt, v1, v2), perror(": "), 0) : \ - (printf("%d , %d : ERROR : UNKNOWN-ERROR\r\n", lport, fport), 0)), \ - fflush(stdout), fflush(stderr), exit(1), 0) - -#endif diff --git a/identd.tproj/identd.8 b/identd.tproj/identd.8 deleted file mode 100644 index 6c8a67e..0000000 --- a/identd.tproj/identd.8 +++ /dev/null @@ -1,238 +0,0 @@ -.\" @(#)identd.8 1.9 92/02/11 Lysator -.\" Copyright (c) 1992 Peter Eriksson, Lysator, Linkoping University. -.\" This software has been released into the public domain. -.\" -.\" $Id: identd.8,v 1.2 2002/03/29 01:34:27 bbraun Exp $ -.\" -.TH IDENTD 8 "27 May 1992" -.SH NAME -identd \- TCP/IP IDENT protocol server -.SH SYNOPSIS -.B identd -.RB [ \-i | \-w | \-b ] -.RB [ \-t ] -.RB [ \-u ] -.RB [ \-g ] -.RB [ \-p ] -.RB [ \-a
] -.RB [ \-c ] -.RB [ \-n ] -.RB [ \-o ] -.RB [ \-e ] -.RB [ \-l ] -.RB [ \-V ] -.RB [ \-v ] -.RB [ \-m ] -.RB [ \-N ] -.RB [ \-d ] -.RB [ kernelfile [ kmemfile ] ] -.SH DESCRIPTION -.IX "identd daemon" "" \fLidentd\fP daemon" -.B identd -is a server which implements the -.SM TCP/IP -proposed standard -.SM IDENT -user identification protocol as specified in the -.SM RFC\s0 1413 -document. -.PP -.B identd -operates by looking up specific -.SM TCP/IP -connections and returning the user name of the -process owning the connection. -.SH ARGUMENTS -The -.B -i -flag, which is the default mode, should be used when starting the -daemon from -.B inetd -with the "nowait" option in the -.B /etc/inetd.conf -file. Use of this mode will make -.B inetd -start one -.B identd -daemon for each connection request. -.PP -The -.B -w -flag should be used when starting the daemon from -.B inetd -with the "wait" option in the -.B /etc/inetd.conf -file . This is the preferred mode of -operation since that will start a copy of -.B identd -at the first connection request and then -.B identd -will handle subsequent requests -without having to do the nlist lookup in the kernel file for -every request as in the -.B -i -mode above. The -.B identd -daemon will run either forever, until a bug -makes it crash or a timeout, as specified by the -.B -t -flag, occurs. -.PP -The -.B -b -flag can be used to make the daemon run in standalone mode without -the assistance from -.B inetd. -This mode is the least preferred mode since -a bug or any other fatal condition in the server will make it terminate -and it will then have to be restarted manually. Other than that is has the -same advantage as the -.B -w -mode in that it parses the nlist only once. -.PP -The -.B -t -option is used to specify the timeout limit. This is the number -of seconds a server started with the -.B -w -flag will wait for new connections before terminating. The server is -automatically restarted by -.B inetd -whenever a new connection is requested -if it has terminated. A suitable value for this is 120 (2 minutes), if -used. It defaults to no timeout (ie, will wait forever, or until a -fatal condition occurs in the server). -.PP -The -.B -u -option is used to specify a user id number which the -.B ident -server should -switch to after binding itself to the -.SM TCP/IP -port if using the -.B -b -mode of operation. -.PP -The -.B -g -option is used to specify a group id number which the -.B ident -server should -switch to after binding itself to the -.SM TCP/IP -port if using the -.B -b -mode of operation. -.PP -The -.B -p -option is used to specify an alternative port number to bind to if using -the -.B -b -mode of operation. It can be specified by name or by number. Defaults to the -.SM IDENT -port (113). -.PP -The -.B -a
-option is used to specify the local address to bind the socket to if using -the -.B -b -mode of operation. Can only be specified by IP address and not by domain -name. Defaults to the -.SM INADDR_ANY -address which normally means all local addresses. -.PP -The -.B -V -flag makes -.B identd -display the version number and the exit. -.PP -The -.B -l -flag tells -.B identd -to use the System logging daemon -.B syslogd -for logging purposes. -.PP -The -.B -v -flag causes -.B identd -to log every request made, if the use of -.B syslogd -is enabled. -.PP -The -.B -o -flag tells -.B identd -to not reveal the operating system type it is run on and to instead -always return "OTHER". -.PP -The -.B -e -flag tells -.B identd -to always return "UNKNOWN-ERROR" instead of the "NO-USER" or -"INVALID-PORT" errors. -.PP -The -.B -c -flags tells -.B identd -to add the optional (according to the IDENT protocol) character set -designator to the reply generated. should be a valid character -set as described in the MIME RFC in upper case characters. -.PP -The -.B -n -flags tells -.B identd -to always return user numbers instead of user names if you wish to -keep the user names a secret. -.PP -The -.B -N -flag makes -.B identd -check for a file ".noident" in each homedirectory for a user which the -daemon is about to return the user name for. It that file exists then the -daemon will give the error -.B HIDDEN-USER -instead of the normal USERID response. -.PP -.B -m -flag makes -.B identd -use a mode of operation that will allow multiple requests to be -processed per session. Each request is specified one per line and -the responses will be returned one per line. The connection will not -be closed until the connecting part closes it's end of the line. -PLEASE NOTE THAT THIS MODE VIOLATES THE PROTOCOL SPECIFICATION AS -IT CURRENTLY STANDS. -.PP -The -.B -d -flag enables some debugging code that normally should NOT -be enabled since that breaks the protocol and may reveal information -that should not be available to outsiders. -.PP -.B kernelfile -defaults to the normally running kernel file. -.PP -.B kmemfile -defaults to the memory space of the normally running kernel. -.SH SEE ALSO -.BR inetd.conf (5) -.SH BUGS -The handling of fatal errors could be better. -.PP -If the -.B -N -flag is specified and a user's ".noident" file is not accessible, -then ident information regarding that user will be returned -if requested. diff --git a/identd.tproj/identd.c b/identd.tproj/identd.c deleted file mode 100644 index 7380de1..0000000 --- a/identd.tproj/identd.c +++ /dev/null @@ -1,643 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* -** $Id: identd.c,v 1.1.1.2 2000/01/11 01:48:48 wsanchez Exp $ -** -** identd.c A TCP/IP link identification protocol server -** -** This program is in the public domain and may be used freely by anyone -** who wants to. -** -** Last update: 22 April 1993 -** -** Please send bug fixes/bug reports to: Peter Eriksson -*/ - -#if defined(IRIX) || defined(SVR4) || defined(__APPLE__) || defined(__NetBSD__) -# define SIGRETURN_TYPE void -# define SIGRETURN_TYPE_IS_VOID -#else -# define SIGRETURN_TYPE int -#endif - -#ifdef SVR4 -# define STRNET -#endif - -#include -#include -#include -#include -#include -#include - -#include -#include -#include -#include -#ifndef _AUX_SOURCE -# include -#endif -#include -#include - -#include -#include - -#include - -#ifndef HPUX7 -# include -#endif - -#if defined(MIPS) || defined(BSD43) -extern int errno; -#endif - -#include "identd.h" -#include "error.h" - -/* Antique unixes do not have these things defined... */ -#ifndef FD_SETSIZE -# define FD_SETSIZE 256 -#endif - -#ifndef FD_SET -# ifndef NFDBITS -# define NFDBITS (sizeof(int) * NBBY) /* bits per mask */ -# endif -# define FD_SET(n, p) ((p)->fds_bits[(n)/NFDBITS] |= (1 << ((n) % NFDBITS))) -#endif - -#ifndef FD_ZERO -# define FD_ZERO(p) bzero((char *)(p), sizeof(*(p))) -#endif - -extern char *version; - -extern void *calloc(); -extern void *malloc(); - - -char *path_unix = NULL; -char *path_kmem = NULL; - -int verbose_flag = 0; -int debug_flag = 0; -int syslog_flag = 0; -int multi_flag = 0; -int other_flag = 0; -int unknown_flag = 0; -int number_flag = 0; -int noident_flag = 0; - -int lport = 0; -int fport = 0; - -char *charset_name = NULL; -char *indirect_host = NULL; -char *indirect_password = NULL; - -static int child_pid; - -#ifdef LOG_DAEMON -static int syslog_facility = LOG_DAEMON; -#endif - -/* -** The structure passing convention for GCC is incompatible with -** Suns own C compiler, so we define our own inet_ntoa() function. -** (This should only affect GCC version 1 I think, a well, this works -** for version 2 also so why bother.. :-) -*/ -#if defined(__GNUC__) && defined(__sparc__) - -#ifdef inet_ntoa -#undef inet_ntoa -#endif - -char *inet_ntoa(ad) - struct in_addr ad; -{ - unsigned long int s_ad; - int a, b, c, d; - static char addr[20]; - - s_ad = ad.s_addr; - d = s_ad % 256; - s_ad /= 256; - c = s_ad % 256; - s_ad /= 256; - b = s_ad % 256; - a = s_ad / 256; - sprintf(addr, "%d.%d.%d.%d", a, b, c, d); - - return addr; -} -#endif - - -/* -** Return the name of the connecting host, or the IP number as a string. -*/ -char *gethost(addr) - struct in_addr *addr; -{ - struct hostent *hp; - - - hp = gethostbyaddr((char *) addr, sizeof(struct in_addr), AF_INET); - if (hp) - return hp->h_name; - else - return inet_ntoa(*addr); -} - -/* -** Exit cleanly after our time's up. -*/ -static SIGRETURN_TYPE -alarm_handler() -{ - if (syslog_flag) - syslog(LOG_DEBUG, "SIGALRM triggered, exiting"); - - exit(0); -} - -#if !defined(hpux) && !defined(__hpux) && !defined(SVR4) || defined(_CRAY) -/* -** This is used to clean up zombie child processes -** if the -w or -b options are used. -*/ -static SIGRETURN_TYPE -child_handler() -{ -#if defined(IRIX) || defined(__APPLE__) - union wait status; -#else - int status; -#endif - - while (wait3(&status, WNOHANG, NULL) > 0) - ; - -#ifndef SIGRETURN_TYPE_IS_VOID - return 0; -#endif -} -#endif - - -char *clearmem(bp, len) - char *bp; - int len; -{ - char *cp; - - cp = bp; - while (len-- > 0) - *cp++ = 0; - - return bp; -} - - -/* -** Main entry point into this daemon -*/ -int main(argc,argv) - int argc; - char *argv[]; -{ - int i, len; - struct sockaddr_in sin; - struct in_addr laddr, faddr; - struct timeval tv; - - int background_flag = 0; - int timeout = 0; - char *portno = "113"; - char *bind_address = NULL; - int set_uid = 0; - int set_gid = 0; - int inhibit_default_config = 0; - int opt_count = 0; /* Count of option flags */ - -#ifdef __convex__ - argc--; /* get rid of extra argument passed by inetd */ -#endif - - /* - ** Prescan the arguments for "-f" switches - */ - inhibit_default_config = 0; - for (i = 1; i < argc && argv[i][0] == '-'; i++) - if (argv[i][1] == 'f') - inhibit_default_config = 1; - - /* - ** Parse the default config file - if it exists - */ - if (!inhibit_default_config) - parse_config(NULL, 1); - - /* - ** Parse the command line arguments - */ - for (i = 1; i < argc && argv[i][0] == '-'; i++) { - opt_count++; - switch (argv[i][1]) - { - case 'b': /* Start as standalone daemon */ - background_flag = 1; - break; - - case 'w': /* Start from Inetd, wait mode */ - background_flag = 2; - break; - - case 'i': /* Start from Inetd, nowait mode */ - background_flag = 0; - break; - - case 't': - timeout = atoi(argv[i]+2); - break; - - case 'p': - portno = argv[i]+2; - break; - - case 'a': - bind_address = argv[i]+2; - break; - - case 'u': - if (isdigit(argv[i][2])) - set_uid = atoi(argv[i]+2); - else - { - struct passwd *pwd; - - pwd = getpwnam(argv[i]+2); - if (!pwd) - ERROR1("no such user (%s) for -u option", argv[i]+2); - else - { - set_uid = pwd->pw_uid; - set_gid = pwd->pw_gid; - } - } - break; - - case 'g': - if (isdigit(argv[i][2])) - set_gid = atoi(argv[i]+2); - else - { - struct group *grp; - - grp = getgrnam(argv[i]+2); - if (!grp) - ERROR1("no such group (%s) for -g option", argv[i]+2); - else - set_gid = grp->gr_gid; - } - break; - - case 'c': - charset_name = argv[i]+2; - break; - - case 'r': - indirect_host = argv[i]+2; - break; - - case 'l': /* Use the Syslog daemon for logging */ - syslog_flag++; - break; - - case 'o': - other_flag = 1; - break; - - case 'e': - unknown_flag = 1; - break; - - case 'n': - number_flag = 1; - break; - - case 'V': /* Give version of this daemon */ - printf("[in.identd, version %s]\r\n", version); - exit(0); - break; - - case 'v': /* Be verbose */ - verbose_flag++; - break; - - case 'd': /* Enable debugging */ - debug_flag++; - break; - - case 'm': /* Enable multiline queries */ - multi_flag++; - break; - - case 'N': /* Enable users ".noident" files */ - noident_flag++; - break; - } - } - -#if defined(_AUX_SOURCE) || defined (SUNOS35) - /* A/UX 2.0* & SunOS 3.5 calls us with an argument XXXXXXXX.YYYY - ** where XXXXXXXXX is the hexadecimal version of the callers - ** IP number, and YYYY is the port/socket or something. - ** It seems to be impossible to pass arguments to a daemon started - ** by inetd. - ** - ** Just in case it is started from something else, then we only - ** skip the argument if no option flags have been seen. - */ - if (opt_count == 0) - argc--; -#endif - - /* - ** Path to kernel namelist file specified on command line - */ - if (i < argc) - path_unix = argv[i++]; - - /* - ** Path to kernel memory device specified on command line - */ - if (i < argc) - path_kmem = argv[i++]; - - - /* - ** Open the kernel memory device and read the nlist table - */ - if (k_open() < 0) - ERROR("main: k_open"); - - /* - ** Do the special handling needed for the "-b" flag - */ - if (background_flag == 1) - { - struct sockaddr_in addr; - struct servent *sp; - int fd; - - - if (fork()) - exit(0); - - close(0); - close(1); - close(2); - - if (fork()) - exit(0); - - fd = socket(AF_INET, SOCK_STREAM, 0); - if (fd == -1) - ERROR("main: socket"); - - if (fd != 0) - dup2(fd, 0); - - clearmem(&addr, sizeof(addr)); - - addr.sin_family = AF_INET; - if (bind_address == NULL) - addr.sin_addr.s_addr = htonl(INADDR_ANY); - else - { - if (isdigit(bind_address[0])) - addr.sin_addr.s_addr = inet_addr(bind_address); - else - { - struct hostent *hp; - - hp = gethostbyname(bind_address); - if (!hp) - ERROR1("no such address (%s) for -a switch", bind_address); - - /* This is ugly, should use memcpy() or bcopy() but... */ - addr.sin_addr.s_addr = * (unsigned long *) (hp->h_addr); - } - } - - if (isdigit(portno[0])) - addr.sin_port = htons(atoi(portno)); - else - { - sp = getservbyname(portno, "tcp"); - if (sp == NULL) - ERROR1("main: getservbyname: %s", portno); - addr.sin_port = sp->s_port; - } - - if (bind(0, (struct sockaddr *) &addr, sizeof(addr)) < 0) - ERROR("main: bind"); - - if (listen(0, 3) < 0) - ERROR("main: listen"); - } - - if (set_gid) - if (setgid(set_gid) == -1) - ERROR("main: setgid"); - - if (set_uid) - if (setuid(set_uid) == -1) - ERROR("main: setuid"); - - /* - ** Do some special handling if the "-b" or "-w" flags are used - */ - if (background_flag) - { - int nfds, fd; - fd_set read_set; - - - /* - ** Set up the SIGCHLD signal child termination handler so - ** that we can avoid zombie processes hanging around and - ** handle childs terminating before being able to complete the - ** handshake. - */ -#if (defined(SVR4) || defined(hpux) || defined(__hpux) || \ - defined(_CRAY) || defined(_AUX_SOURCE)) - signal(SIGCHLD, SIG_IGN); -#else - signal(SIGCHLD, (SIGRETURN_TYPE (*)()) child_handler); -#endif - - /* - ** Loop and dispatch client handling processes - */ - do - { - /* - ** Terminate if we've been idle for 'timeout' seconds - */ - if (background_flag == 2 && timeout) - { - signal(SIGALRM, alarm_handler); - alarm(timeout); - } - - /* - ** Wait for a connection request to occur. - ** Ignore EINTR (Interrupted System Call). - */ - do - { - FD_ZERO(&read_set); - FD_SET(0, &read_set); - - if (timeout) - { - tv.tv_sec = timeout; - tv.tv_usec = 0; - nfds = select(FD_SETSIZE, &read_set, NULL, NULL, &tv); - } - else - - nfds = select(FD_SETSIZE, &read_set, NULL, NULL, NULL); - } while (nfds < 0 && errno == EINTR); - - /* - ** An error occured in select? Just die - */ - if (nfds < 0) - ERROR("main: select"); - - /* - ** Timeout limit reached. Exit nicely - */ - if (nfds == 0) - exit(0); - - /* - ** Disable the alarm timeout - */ - alarm(0); - - /* - ** Accept the new client - */ - fd = accept(0, NULL, NULL); - if (fd == -1) - ERROR1("main: accept. errno = %d", errno); - - /* - ** And fork, then close the fd if we are the parent. - */ - child_pid = fork(); - } while (child_pid && (close(fd), 1)); - - /* - ** We are now in child, the parent has returned to "do" above. - */ - if (dup2(fd, 0) == -1) - ERROR("main: dup2: failed fd 0"); - - if (dup2(fd, 1) == -1) - ERROR("main: dup2: failed fd 1"); - - if (dup2(fd, 2) == -1) - ERROR("main: dup2: failed fd 2"); - } - - /* - ** Get foreign internet address - */ - len = sizeof(sin); - if (getpeername(0, (struct sockaddr *) &sin, &len) == -1) - { - /* - ** A user has tried to start us from the command line or - ** the network link died, in which case this message won't - ** reach to other end anyway, so lets give the poor user some - ** errors. - */ - perror("in.identd: getpeername()"); - exit(1); - } - - faddr = sin.sin_addr; - - - /* - ** Open the connection to the Syslog daemon if requested - */ - if (syslog_flag) - { -#ifdef LOG_DAEMON - openlog("identd", LOG_PID, syslog_facility); -#else - openlog("identd", LOG_PID); -#endif - - syslog(LOG_INFO, "Connection from %s", gethost(&faddr)); - } - - - /* - ** Get local internet address - */ - len = sizeof(sin); -#ifdef ATTSVR4 - if (t_getsockname(0, (struct sockaddr *) &sin, &len) == -1) -#else - if (getsockname(0, (struct sockaddr *) &sin, &len) == -1) -#endif - { - /* - ** We can just die here, because if this fails then the - ** network has died and we haven't got anyone to return - ** errors to. - */ - exit(1); - } - laddr = sin.sin_addr; - - - /* - ** Get the local/foreign port pair from the luser - */ - parse(stdin, &laddr, &faddr); - - exit(0); -} diff --git a/identd.tproj/identd.h b/identd.tproj/identd.h deleted file mode 100644 index 61ece7c..0000000 --- a/identd.tproj/identd.h +++ /dev/null @@ -1,68 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* -** $Id: identd.h,v 1.1.1.1 1999/05/02 03:57:41 wsanchez Exp $ -** -** identd.h Common variables for the Pidentd daemon -** -** This program is in the public domain and may be used freely by anyone -** who wants to. -** -** Last update: 6 Dec 1992 -** -** Please send bug fixes/bug reports to: Peter Eriksson -*/ - -#ifndef __IDENTD_H__ -#define __IDENTD_H__ - -extern char *version; - -extern char *path_unix; -extern char *path_kmem; - -extern int verbose_flag; -extern int debug_flag; -extern int syslog_flag; -extern int multi_flag; -extern int other_flag; -extern int unknown_flag; -extern int number_flag; -extern int noident_flag; - -extern char *charset_name; -extern char *indirect_host; -extern char *indirect_password; - -extern int lport; -extern int fport; - -extern char *gethost(); - -extern int k_open(); -extern int k_getuid(); -extern int parse(); -extern int parse_config(); - -#endif diff --git a/identd.tproj/netbsd.c b/identd.tproj/netbsd.c deleted file mode 100644 index 83626a4..0000000 --- a/identd.tproj/netbsd.c +++ /dev/null @@ -1,265 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* -** $Id: netbsd.c,v 1.1.1.2 2000/01/11 01:48:48 wsanchez Exp $ -** -** netbsd.c Low level kernel access functions for NetBSD -** -** This program is in the public domain and may be used freely by anyone -** who wants to. -** -** Last update: 17 March 1993 -** -** Please send bug fixes/bug reports to: Peter Eriksson -*/ - -#include -#include -#include -#include -#include -#include -#include - -#include "kvm.h" - -#include -#include -#include -#include -#include - -#include - -#define KERNEL - -#include - -#undef KERNEL -#include - -#include - -#include - -#include - -#include -#include -#include - -#include -#include - -#include - -#include -#include -#include -#include - -#include - -#include "identd.h" -#include "error.h" - - -extern void *calloc(); -extern void *malloc(); - - -struct nlist nl[] = -{ -#define N_FILE 0 -#define N_NFILE 1 -#define N_TCB 2 - - { "_filehead" }, - { "_nfiles" }, - { "_tcb" }, - { "" } -}; - -static kvm_t *kd; - -static struct file *xfile; -static int nfile; - -static struct inpcbhead tcb; - - -int k_open() -{ - /* - ** Open the kernel memory device - */ - if ((kd = kvm_openfiles(path_unix, path_kmem, NULL, O_RDONLY, "identd")) == - NULL) - ERROR("main: kvm_open"); - - /* - ** Extract offsets to the needed variables in the kernel - */ - if (kvm_nlist(kd, nl) < 0) - ERROR("main: kvm_nlist"); - - return 0; -} - - -/* -** Get a piece of kernel memory with error handling. -** Returns 1 if call succeeded, else 0 (zero). -*/ -static int getbuf(addr, buf, len, what) - long addr; - char *buf; - int len; - char *what; -{ - if (kvm_read(kd, addr, buf, len) < 0) - { - if (syslog_flag) - syslog(LOG_ERR, "getbuf: kvm_read(%08x, %d) - %s : %m", - addr, len, what); - - return 0; - } - - return 1; -} - - - -/* -** Traverse the inpcb list until a match is found. -** Returns NULL if no match. -*/ -static struct socket * - getlist(pcbp_head, faddr, fport, laddr, lport) - struct inpcbhead *pcbp_head; - struct in_addr *faddr; - int fport; - struct in_addr *laddr; - int lport; -{ - struct inpcb *pcbp; - struct inpcb pcb; - - pcbp = pcbp_head->lh_first; - while (pcbp && - getbuf((long) pcbp, - &pcb, - sizeof(struct inpcb), - "tcblist")) - { - if ( pcb.inp_faddr.s_addr == faddr->s_addr && - pcb.inp_laddr.s_addr == laddr->s_addr && - pcb.inp_fport == fport && - pcb.inp_lport == lport ) - return pcb.inp_socket; - - pcbp = pcb.inp_list.le_next; - } - - return NULL; -} - - - -/* -** Return the user number for the connection owner -*/ -int k_getuid(faddr, fport, laddr, lport, uid) - struct in_addr *faddr; - int fport; - struct in_addr *laddr; - int lport; - int *uid; -{ - long addr; - struct socket *sockp; - int i, mib[2]; - struct ucred ucb; - - /* -------------------- FILE DESCRIPTOR TABLE -------------------- */ - if (!getbuf(nl[N_NFILE].n_value, &nfile, sizeof(nfile), "nfile")) - return -1; - - if (!getbuf(nl[N_FILE].n_value, &addr, sizeof(addr), "&file")) - return -1; - - { - int siz, rv; - - mib[0] = CTL_KERN; - mib[1] = KERN_FILE; - if ((rv = sysctl(mib, 2, NULL, &siz, NULL, 0)) == -1) - { - ERROR1("k_getuid: sysctl 1 (%d)", rv); - return -1; - } - xfile = malloc(siz); - if (!xfile) - ERROR1("k_getuid: malloc(%d)", siz); - if ((rv = sysctl(mib, 2, xfile, &siz, NULL, 0)) == -1) - { - ERROR1("k_getuid: sysctl 2 (%d)", rv); - return -1; - } - xfile = (struct file *)((char *)xfile + sizeof(filehead)); - } - - /* -------------------- TCP PCB LIST -------------------- */ - if (!getbuf(nl[N_TCB].n_value, &tcb, sizeof(tcb), "tcb")) - return -1; - - sockp = getlist(&tcb, faddr, fport, laddr, lport); - - if (!sockp) - return -1; - - /* - ** Locate the file descriptor that has the socket in question - ** open so that we can get the 'ucred' information - */ - for (i = 0; i < nfile; i++) - { - if (xfile[i].f_count == 0) - continue; - - if (xfile[i].f_type == DTYPE_SOCKET && - (struct socket *) xfile[i].f_data == sockp) - { - if (!getbuf(xfile[i].f_cred, &ucb, sizeof(ucb), "ucb")) - return -1; - - *uid = ucb.cr_uid; - return 0; - } - } - - return -1; -} - diff --git a/identd.tproj/parse.c b/identd.tproj/parse.c deleted file mode 100644 index 2d978ad..0000000 --- a/identd.tproj/parse.c +++ /dev/null @@ -1,425 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* -** $Id: parse.c,v 1.2 2000/10/03 02:38:32 lindak Exp $ -** -** parse.c This file contains the protocol parser -** -** This program is in the public domain and may be used freely by anyone -** who wants to. -** -** Last update: 6 Dec 1992 -** -** Please send bug fixes/bug reports to: Peter Eriksson -*/ - -#include -#include -#include -#include - -#include -#include - -#ifndef HPUX7 -# include -#endif - -#include -#include - -#include -#include - -#if defined(MIPS) || defined(BSD43) -extern int errno; -#endif - -#include "identd.h" -#include "error.h" - -extern void *malloc(); - -/* -** This function will eat whitespace characters until -** either a non-whitespace character is read, or EOF -** occurs. This function is only used if the "-m" option -** is enabled. -*/ -static int eat_whitespace() -{ - int c; - - - while ((c = getchar()) != EOF && - !(c == '\r' || c == '\n')) - ; - - if (c != EOF) - while ((c = getchar()) != EOF && - (c == ' ' || c == '\t' || c == '\n' || c == '\r')) - ; - - if (c != EOF) - ungetc(c, stdin); - - return (c != EOF); -} - - -#ifdef INCLUDE_EXTENSIONS -/* -** Validate an indirect request -*/ -static int valid_fhost(faddr, password) - struct in_addr *faddr; - char *password; -{ - if (indirect_host == NULL) - return 0; - - if (strcmp(indirect_host, "*") != 0) - { - if (isdigit(indirect_host[0])) - { - if (strcmp(inet_ntoa(*faddr), indirect_host)) - { - syslog(LOG_NOTICE, "valid_fhost: access denied for: %s", - gethost(faddr)); - return 0; - } - } - else - { - if (strcmp(gethost(faddr), indirect_host)) - { - syslog(LOG_NOTICE, "valid_fhost: access denied for: %s", - gethost(faddr)); - return 0; - } - } - } - - if (indirect_password == NULL) - return 1; - - if (strcmp(password, indirect_password)) - { - syslog(LOG_NOTICE, "valid_fhost: invalid password from: %s", - gethost(faddr)); - return 0; - } - - return 1; -} -#endif - -/* -** A small routine to check for the existance of the ".noident" -** file in a users home directory. -*/ -static int check_noident(homedir) - char *homedir; -{ - char *tmp_path; - struct stat sbuf; - int rcode; - - - if (!homedir) - return 0; - - tmp_path = (char *) malloc(strlen(homedir) + sizeof("/.noident") + 1); - if (!tmp_path) - return 0; - - strcpy(tmp_path, homedir); - strcat(tmp_path, "/.noident"); - - rcode = stat(tmp_path, &sbuf); - free(tmp_path); - - return (rcode == 0); -} - - -int parse(fp, laddr, faddr) - FILE *fp; - struct in_addr *laddr, *faddr; -{ - int uid, try, rcode; - struct passwd *pwp; - char lhostaddr[16]; - char fhostaddr[16]; - char password[33]; -#ifdef INCLUDE_EXTENSIONS - char arg[33]; - int c; -#endif - struct in_addr laddr2; - struct in_addr faddr2; - - - if (debug_flag && syslog_flag) - syslog(LOG_DEBUG, "In function parse()"); - - /* - ** Get the local/foreign port pair from the luser - */ - do - { - if (debug_flag && syslog_flag) - syslog(LOG_DEBUG, " Before fscanf()"); - - faddr2 = *faddr; - laddr2 = *laddr; - lport = fport = 0; - lhostaddr[0] = fhostaddr[0] = password[0] = '\0'; - - /* Read query from client */ - rcode = fscanf(fp, " %d , %d", &lport, &fport); - -#ifdef INCLUDE_EXTENSIONS - /* - ** Do additional parsing in case of extended request - */ - if (rcode == 0) - { - rcode = fscanf(fp, "%32[^ \t\n\r:]", arg); - - /* Skip leading space up to EOF, EOL or non-space char */ - while ((c = getc(fp)) == ' ' || c == '\t') - ; - - if (rcode <= 0) - { - printf("%d , %d : ERROR : %s\r\n", - lport, fport, - unknown_flag ? "UNKNOWN-ERROR" : "X-INVALID-REQUEST"); - continue; - } - - /* - ** Non-standard extended request, returns with Pidentd - ** version information - */ - if (strcmp(arg, "VERSION") == 0) - { - printf("%d , %d : ERROR : X-VERSION : %s\r\n", lport, fport, - version); - continue; - } - - /* - ** Non-standard extended proxy request - */ - else if (strcmp(arg, "PROXY") == 0 && c == ':') - { - /* We have a colon char, check for port numbers */ - rcode = fscanf(fp, " %d , %d : %15[0-9.] , %15[0-9.]", - &lport, &fport, fhostaddr, lhostaddr); - - if (!(rcode == 3 || rcode == 4)) - { - printf("%d , %d : ERROR : %s\r\n", - lport, fport, - unknown_flag ? "UNKNOWN-ERROR" : "X-INVALID-REQUEST"); - continue; - } - - if (rcode == 4) - laddr2.s_addr = inet_addr(lhostaddr); - - faddr2.s_addr = inet_addr(fhostaddr); - - proxy(&laddr2, &faddr2, lport, fport, NULL); - continue; - } - - /* - ** Non-standard extended remote indirect request - */ - else if (strcmp(arg, "REMOTE") == 0 && c == ':') - { - /* We have a colon char, check for port numbers */ - rcode = fscanf(fp, " %d , %d", &lport, &fport); - - /* Skip leading space up to EOF, EOL or non-space char */ - while ((c = getc(fp)) == ' ' || c == '\t') - ; - - if (rcode != 2 || c != ':') - { - printf("%d , %d : ERROR : %s\r\n", - lport, fport, - unknown_flag ? "UNKNOWN-ERROR" : "X-INVALID-REQUEST"); - continue; - } - - /* We have a colon char, check for addr and password */ - rcode = fscanf(fp, " %15[0-9.] , %32[^ \t\r\n]", - fhostaddr, password); - if (rcode > 0) - rcode += 2; - else - { - printf("%d , %d : ERROR : %s\r\n", - lport, fport, - unknown_flag ? "UNKNOWN-ERROR" : "X-INVALID-REQUEST"); - continue; - } - - /* - ** Verify that the host originating the indirect request - ** is allowed to do that - */ - if (!valid_fhost(faddr, password)) - { - printf("%d , %d : ERROR : %s\r\n", - lport, fport, - unknown_flag ? "UNKNOWN-ERROR" : "X-ACCESS-DENIED"); - continue; - } - - faddr2.s_addr = inet_addr(fhostaddr); - } - - else - { - printf("%d , %d : ERROR : %s\r\n", - lport, fport, - unknown_flag ? "UNKNOWN-ERROR" : "X-INVALID-REQUEST"); - continue; - } - } -#endif /* EXTENSIONS */ - - if (rcode < 2 || lport < 1 || lport > 65535 || fport < 1 || fport > 65535) - { - if (syslog_flag && rcode > 0) - syslog(LOG_NOTICE, "scanf: invalid-port(s): %d , %d from %s", - lport, fport, gethost(faddr)); - - printf("%d , %d : ERROR : %s\r\n", - lport, fport, - unknown_flag ? "UNKNOWN-ERROR" : "INVALID-PORT"); - continue; - } - - if (syslog_flag && verbose_flag) - syslog(LOG_NOTICE, "request for (%d,%d) from %s", - lport, fport, gethost(faddr)); - - if (debug_flag && syslog_flag) - syslog(LOG_DEBUG, " After fscanf(), before k_getuid()"); - - /* - ** Next - get the specific TCP connection and return the - ** uid - user number. - ** - ** Try to fetch the information 5 times incase the - ** kernel changed beneath us and we missed or took - ** a fault. - */ - for (try = 0; - (try < 5 && - k_getuid(&faddr2, htons(fport), laddr, htons(lport), &uid) == -1); - try++) - ; - - if (try >= 5) - { - if (syslog_flag) - syslog(LOG_DEBUG, "Returned: %d , %d : NO-USER", lport, fport); - - printf("%d , %d : ERROR : %s\r\n", - lport, fport, - unknown_flag ? "UNKNOWN-ERROR" : "NO-USER"); - continue; - } - - if (try > 0 && syslog_flag) - syslog(LOG_NOTICE, "k_getuid retries: %d", try); - - if (debug_flag && syslog_flag) - syslog(LOG_DEBUG, " After k_getuid(), before getpwuid()"); - - /* - ** Then we should try to get the username. If that fails we - ** return it as an OTHER identifier - */ - pwp = getpwuid(uid); - - if (!pwp) - { - if (syslog_flag) - syslog(LOG_WARNING, "getpwuid() could not map uid (%d) to name", - uid); - - printf("%d , %d : USERID : OTHER%s%s : %d\r\n", - lport, fport, - charset_name ? " , " : "", - charset_name ? charset_name : "", - uid); - continue; - } - - /* - ** Hey! We finally made it!!! - */ - if (syslog_flag) - syslog(LOG_DEBUG, "Successful lookup: %d , %d : %s", - lport, fport, pwp->pw_name); - - if (noident_flag && check_noident(pwp->pw_dir)) - { - if (syslog_flag && verbose_flag) - syslog(LOG_NOTICE, "user %s requested HIDDEN-USER for host %s: %d, %d", - pwp->pw_name, - gethost(faddr), - lport, fport); - - printf("%d , %d : ERROR : HIDDEN-USER\r\n", - lport, fport); - continue; - } - - if (number_flag) - printf("%d , %d : USERID : OTHER%s%s : %d\r\n", - lport, fport, - charset_name ? " , " : "", - charset_name ? charset_name : "", - uid); - else - printf("%d , %d : USERID : %s%s%s : %s\r\n", - lport, fport, - other_flag ? "OTHER" : "UNIX", - charset_name ? " , " : "", - charset_name ? charset_name : "", - pwp->pw_name); - - } while(fflush(stdout), fflush(stderr), multi_flag && eat_whitespace()); - - return 0; -} diff --git a/identd.tproj/proxy.c b/identd.tproj/proxy.c deleted file mode 100644 index a64c581..0000000 --- a/identd.tproj/proxy.c +++ /dev/null @@ -1,123 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* -** $Id: proxy.c,v 1.1.1.1 1999/05/02 03:57:41 wsanchez Exp $ -** -** proxy.c This file implements the proxy() call. -** -** This program is in the public domain and may be used freely by anyone -** who wants to. -** -** Last update: 12 Dec 1992 -** -** Please send bug fixes/bug reports to: Peter Eriksson -*/ - -#include -#include - -#include "identd.h" - - -#ifdef INCLUDE_PROXY -#include -#include -#include - -#include -#endif - - -/* -** This function should establish a connection to a remote IDENT -** server and query it for the information associated with the -** specified connection and the return that to the caller. -** -** Should there be three different timeouts (Connection Establishment, -** Query Transmit and Query Receive)? -*/ -int proxy(laddr, faddr, lport, fport, timeout) - struct in_addr *laddr; - struct in_addr *faddr; - int lport; - int fport; - struct timeval *timeout; -{ -#ifndef INCLUDE_PROXY - printf("%d , %d : ERROR : %s\r\n", - lport, fport, - unknown_flag ? "UNKNOWN-ERROR" : "X-NOT-YET-IMPLEMENTED"); - - return -1; -#else - id_t *idp; - char *answer; - char *opsys; - char *charset; - - idp = id_open(laddr, faddr, timeout); - if (!idp) - { - printf("%d , %d : ERROR : %s\r\n", - lport, fport, - unknown_flag ? "UNKNOWN-ERROR" : "X-CONNECTION-REFUSED"); - return -1; - } - - if (id_query(idp, lport, fport, timeout) < 0) - { - printf("%d , %d : ERROR : %s\r\n", - lport, fport, - unknown_flag ? "UNKNOWN-ERROR" : "X-TRANSMIT-QUERY-ERROR"); - id_close(idp); - return -1; - } - - switch (id_parse(idp, timeout, &lport, &fport, &answer, &opsys, &charset)) - { - case 1: - printf("%d , %d : USERID : %s %s%s : %s\r\n", - lport, fport, - opsys, - charset ? "," : "", - charset ? charset : "", - answer); - break; - - case 2: - printf("%d , %d : ERROR : %s\r\n", - lport, fport, answer); - break; - - case 0: /* More to parse - fix this later! */ - case -1: /* Internal error */ - default: - printf("%d , %d : ERROR : %s\r\n", - lport, fport, - unknown_flag ? "UNKNOWN-ERROR" : "X-PARSE-REPLY-ERROR"); - } - - id_close(idp); -#endif -} diff --git a/identd.tproj/version.c b/identd.tproj/version.c deleted file mode 100644 index dbeeab2..0000000 --- a/identd.tproj/version.c +++ /dev/null @@ -1,25 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* $Id: version.c,v 1.1.1.1 1999/05/02 03:57:41 wsanchez Exp $ */ -char *version = "2.1.2"; diff --git a/identd.tproj/xpaths.h b/identd.tproj/xpaths.h deleted file mode 100644 index df55f1a..0000000 --- a/identd.tproj/xpaths.h +++ /dev/null @@ -1,89 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* -** $Id: xpaths.h,v 1.1.1.2 2000/01/11 01:48:48 wsanchez Exp $ -** -** paths.h Common path definitions for the in.identd daemon -** -** Last update: 11 Dec 1992 -** -** Please send bug fixes/bug reports to: Peter Eriksson -*/ - -#include - -#ifdef SEQUENT -# define _PATH_UNIX "/dynix" -#endif - -#if defined(MIPS) || defined(IRIX) -# define _PATH_UNIX "/unix" -#endif - -#if defined(hpux) || defined(__hpux) -# define _PATH_UNIX "/hp-ux" -#endif - -#ifdef SOLARIS -# define _PATH_UNIX "/dev/ksyms" -#else -# ifdef SVR4 -# define _PATH_UNIX "/stand/unix" -# endif -#endif - -#ifdef BSD43 -# define _PATH_SWAP "/dev/drum" -# define _PATH_MEM "/dev/mem" -#endif - -#ifdef _AUX_SOURCE -# define _PATH_UNIX "/unix" -#endif - -#ifdef _CRAY -# define _PATH_UNIX "/unicos" -# define _PATH_MEM "/dev/mem" -#endif - -#ifdef __APPLE__ -# define _PATH_UNIX "/mach" -#endif - - -/* - * Some defaults... - */ -#ifndef _PATH_KMEM -# define _PATH_KMEM "/dev/kmem" -#endif - -#ifndef _PATH_UNIX -# define _PATH_UNIX "/vmunix" -#endif - - -#ifndef PATH_CONFIG -# define PATH_CONFIG "/etc/identd.conf" -#endif diff --git a/ifconfig.tproj/ifconfig.8 b/ifconfig.tproj/ifconfig.8 index f525c81..5f7828a 100644 --- a/ifconfig.tproj/ifconfig.8 +++ b/ifconfig.tproj/ifconfig.8 @@ -70,7 +70,6 @@ .Op Fl d .Op Fl m .Op Fl u -.Op Fl C .Sh DESCRIPTION .Nm Ifconfig is used to assign an address @@ -465,12 +464,6 @@ and .Fl u (only list interfaces that are up). .Pp -The -.Fl C -flag may be used to list all of the interface cloners available on -the system, with no additional information. -Use of this flag is mutually exclusive with all other flags and commands. -.Pp Only the super-user may modify the configuration of a network interface. .Sh NOTES The media selection system is relatively new and only some drivers support diff --git a/ifconfig.tproj/ifconfig.c b/ifconfig.tproj/ifconfig.c index 39f344a..6444c62 100644 --- a/ifconfig.tproj/ifconfig.c +++ b/ifconfig.tproj/ifconfig.c @@ -42,7 +42,7 @@ static const char copyright[] = static char sccsid[] = "@(#)ifconfig.c 8.2 (Berkeley) 2/16/94"; #endif static const char rcsid[] = - "$Id: ifconfig.c,v 1.4 2002/03/05 20:35:12 lindak Exp $"; + "$Id: ifconfig.c,v 1.5 2003/07/02 01:22:29 lindak Exp $"; #endif /* not lint */ #include @@ -360,7 +360,6 @@ usage() fprintf(stderr, "%s\n%s\n%s\n%s\n%s\n%s\n%s\n", "usage: ifconfig interface address_family [address [dest_address]]", " [parameters]", - " ifconfig -C", " ifconfig interface create", " ifconfig -a [-d] [-m] [-u] [address_family]", " ifconfig -l [-d] [-u] [address_family]", @@ -369,7 +368,6 @@ usage() fprintf(stderr, "%s\n%s\n%s\n%s\n%s\n%s\n%s\n", "usage: ifconfig [-L] interface address_family [address [dest_address]]", " [parameters]", - " ifconfig -C", " ifconfig interface create", " ifconfig -a [-L] [-d] [-m] [-u] [address_family]", " ifconfig -l [-d] [-u] [address_family]", diff --git a/inetd.tproj/inetd.c b/inetd.tproj/inetd.c index 1b93a68..b5a70db 100644 --- a/inetd.tproj/inetd.c +++ b/inetd.tproj/inetd.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/inetd.tproj/pathnames.h b/inetd.tproj/pathnames.h index 4a7b367..6cd4f94 100644 --- a/inetd.tproj/pathnames.h +++ b/inetd.tproj/pathnames.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ip6conf.tproj/ip6config b/ip6conf.tproj/ip6config index 5a8aaf2..7294275 100644 --- a/ip6conf.tproj/ip6config +++ b/ip6conf.tproj/ip6config @@ -54,7 +54,9 @@ sub do_6to4_setup # Take the requested interface from the user # Figure out addressing, etc. # - $localadr4 = `ifconfig $ARGV[1] inet | grep inet`; + $localadr4 = `ifconfig $ARGV[1] inet | grep inet | grep -v "10.*.*.*"| \ + grep -v "172.[^16-31].*.*" | grep -v "192.168.*.*" | \ + grep -v "169.254.*.*" | grep -v alias`; $localadr4 =~ s/^.*inet\s*//; $localadr4 =~ s/\s.*$//; chomp($localadr4); diff --git a/ip6conf.tproj/ip6tool.c b/ip6conf.tproj/ip6tool.c index a17b63b..37f7846 100644 --- a/ip6conf.tproj/ip6tool.c +++ b/ip6conf.tproj/ip6tool.c @@ -2,21 +2,22 @@ * * @APPLE_LICENSE_HEADER_START@ * -* "Portions Copyright (c) 2002 Apple Computer, Inc. All Rights -* Reserved. This file contains Original Code and/or Modifications of -* Original Code as defined in and that are subject to the Apple Public -* Source License Version 1.0 (the 'License'). You may not use this file -* except in compliance with the License. Please obtain a copy of the -* License at http://www.apple.com/publicsource and read it before using -* this file. +* Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. +* +* This file contains Original Code and/or Modifications of Original Code +* as defined in and that are subject to the Apple Public Source License +* Version 2.0 (the 'License'). You may not use this file except in +* compliance with the License. Please obtain a copy of the License at +* http://www.opensource.apple.com/apsl/ and read it before using this +* file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, -* FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the -* License for the specific language governing rights and limitations -* under the License." +* FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. +* Please see the License for the specific language governing rights and +* limitations under the License. * * @APPLE_LICENSE_HEADER_END@ * @@ -25,15 +26,28 @@ #include #include #include +#include #include -/* this is needed to get SIOCPROTOATTACH/SIOCPROTODETACH */ -#define KERNEL_PRIVATE #include -#undef KERNEL_PRIVATE #include #include +#include +#include #include +/* From netinet6/in6_var.h */ +#ifndef SIOCPROTOATTACH_IN6 +#define SIOCPROTOATTACH_IN6 _IOWR('i', 110, struct in6_aliasreq) /* attach proto to interface */ +#endif +#ifndef SIOCPROTODETACH_IN6 +#define SIOCPROTODETACH_IN6 _IOWR('i', 111, struct in6_ifreq) /* detach proto from interface */ +#endif +#ifndef SIOCLL_START +#define SIOCLL_START _IOWR('i', 130, struct in6_aliasreq) /* start aquiring linklocal on interface */ +#endif +#ifndef SIOCLL_STOP +#define SIOCLL_STOP _IOWR('i', 131, struct in6_ifreq) /* deconfigure linklocal from interface */ +#endif /* options */ #define IPv6_STARTUP 1 @@ -48,8 +62,8 @@ extern char *optarg; void do_usage(void); int do_protoattach(int s, char *name); int do_protodetach(int s, char *name); -int do_protoattach_all(int s); -int do_protodetach_all(int s); +void do_protoattach_all(int s); +void do_protodetach_all(int s); int @@ -101,25 +115,21 @@ main(int argc, char **argv) case IPv6_STARTUP: err = do_protoattach(s, interface); if (err < 0) - printf("%s: Error %d encountered attaching to interface %s.\n", argv[0], err, interface); + printf("%s: Error %d encountered attaching interface %s.\n", argv[0], err, interface); break; case IPv6_SHUTDOWN: err = do_protodetach(s, interface); if (err < 0) - printf("%s: Error %d encountered detaching to interface %s.\n", argv[0], err, interface); + printf("%s: Error %d encountered detaching interface %s.\n", argv[0], err, interface); break; case IPv6_STARTUP_ALL: - err = do_protoattach_all(s); - if (err < 0) - printf("%s: Error %d encountered attaching to interfaces.\n", argv[0], err); + do_protoattach_all(s); break; case IPv6_SHUTDOWN_ALL: - err = do_protodetach_all(s); - if (err < 0) - printf("%s: Error %d encountered detaching to interfaces.\n", argv[0], err); + do_protodetach_all(s); break; default: @@ -144,31 +154,41 @@ do_usage(void) int do_protoattach(int s, char *name) { - struct ifreq ifr; + struct in6_aliasreq ifr; + int err; bzero(&ifr, sizeof(ifr)); - strncpy(ifr.ifr_name, name, sizeof(ifr.ifr_name)); - return (ioctl(s, SIOCPROTOATTACH, &ifr)); + strncpy(ifr.ifra_name, name, sizeof(ifr.ifra_name)); + + if ((err = ioctl(s, SIOCPROTOATTACH_IN6, &ifr)) != 0) + return (err); + + return (ioctl(s, SIOCLL_START, &ifr)); } int do_protodetach(int s, char *name) { - struct ifreq ifr; + struct in6_ifreq ifr; + int err; bzero(&ifr, sizeof(ifr)); strncpy(ifr.ifr_name, name, sizeof(ifr.ifr_name)); - return (ioctl(s, SIOCPROTODETACH, &ifr)); + + if ((err = ioctl(s, SIOCLL_STOP, &ifr)) != 0) + return (err); + + return (ioctl(s, SIOCPROTODETACH_IN6, &ifr)); } -int +void do_protoattach_all(int s) { struct ifaddrs *ifaddrs, *ifa; - int err; - - if ((err = getifaddrs(&ifaddrs)) < 0) - return err; /* getifaddrs properly sets errno */ + + if (getifaddrs(&ifaddrs)) { + printf("ip6: getifaddrs returned error (%s)", strerror(errno)); + } for (ifa = ifaddrs; ifa != NULL; ifa = ifa->ifa_next) { /* skip over invalid interfaces */ @@ -177,9 +197,9 @@ do_protoattach_all(int s) if (strcmp(ifa->ifa_name, if_exceptions[2])) if (strcmp(ifa->ifa_name, if_exceptions[3])) { /* this is a valid interface */ - err = do_protoattach(s, ifa->ifa_name); - if (err) - break; + if (do_protoattach(s, ifa->ifa_name)) { + printf("ip6: error attaching %s\n", ifa->ifa_name); + } while (ifa->ifa_next != NULL && !(strcmp(ifa->ifa_name, ifa->ifa_next->ifa_name))) { @@ -191,17 +211,17 @@ do_protoattach_all(int s) freeifaddrs(ifaddrs); - return err; + return; } -int +void do_protodetach_all(int s) { struct ifaddrs *ifaddrs, *ifa; - int err; - if ((err = getifaddrs(&ifaddrs)) < 0) - return err; /* getifaddrs properly sets errno */ + if (getifaddrs(&ifaddrs)) { + printf("ip6: getifaddrs returned error (%s)", strerror(errno)); + } for (ifa = ifaddrs; ifa != NULL; ifa = ifa->ifa_next) { /* skip over invalid interfaces */ @@ -210,9 +230,9 @@ do_protodetach_all(int s) if (strcmp(ifa->ifa_name, if_exceptions[2])) if (strcmp(ifa->ifa_name, if_exceptions[3])) { /* this is a valid interface */ - err = do_protodetach(s, ifa->ifa_name); - if (err) - break; + if (do_protodetach(s, ifa->ifa_name)) { + printf("ip6: error detaching %s\n", ifa->ifa_name); + } while (ifa->ifa_next != NULL && !(strcmp(ifa->ifa_name, ifa->ifa_next->ifa_name))) { @@ -224,5 +244,5 @@ do_protodetach_all(int s) freeifaddrs(ifaddrs); - return err; -} \ No newline at end of file + return; +} diff --git a/racoonctl.tproj/Makefile b/ip6fw.tproj/Makefile similarity index 79% rename from racoonctl.tproj/Makefile rename to ip6fw.tproj/Makefile index 603d7f1..6dec21a 100644 --- a/racoonctl.tproj/Makefile +++ b/ip6fw.tproj/Makefile @@ -7,26 +7,23 @@ # and Makefile.postamble (both optional), and Makefile will include them. # -NAME = racoonctl +NAME = ip6fw PROJECTVERSION = 2.8 PROJECT_TYPE = Tool -HFILES = misc.h str2val.h vmbuf.h +CFILES = ip6fw.c -CFILES = key_debug.c kmpstat.c misc.c pfkey.c pfkey_dump.c str2val.c\ - vmbuf.c - -OTHERSRCS = Makefile.preamble Makefile Makefile.postamble +OTHERSRCS = Makefile.preamble Makefile Makefile.postamble ip6fw.8 MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles CODE_GEN_STYLE = DYNAMIC MAKEFILE = tool.make -NEXTSTEP_INSTALLDIR = /usr/sbin +NEXTSTEP_INSTALLDIR = /sbin WINDOWS_INSTALLDIR = /Library/Executables PDO_UNIX_INSTALLDIR = /bin -LIBS = -lipsec +LIBS = DEBUG_LIBS = $(LIBS) PROF_LIBS = $(LIBS) diff --git a/racoonctl.tproj/Makefile.postamble b/ip6fw.tproj/Makefile.postamble similarity index 97% rename from racoonctl.tproj/Makefile.postamble rename to ip6fw.tproj/Makefile.postamble index 411cde6..d4c1e9c 100644 --- a/racoonctl.tproj/Makefile.postamble +++ b/ip6fw.tproj/Makefile.postamble @@ -98,3 +98,7 @@ # owned by the top-level Makefile API and no context has been set up for where # derived files should go. # + +install-man-page: + install -d $(DSTROOT)/usr/share/man/man8 + install -c -m 444 ip6fw.8 $(DSTROOT)/usr/share/man/man8/ip6fw.8 diff --git a/racoonctl.tproj/Makefile.preamble b/ip6fw.tproj/Makefile.preamble similarity index 89% rename from racoonctl.tproj/Makefile.preamble rename to ip6fw.tproj/Makefile.preamble index 68b3736..a4606c6 100644 --- a/racoonctl.tproj/Makefile.preamble +++ b/ip6fw.tproj/Makefile.preamble @@ -39,15 +39,6 @@ # OTHER_RPCFLAGS, LOCAL_RPCFLAGS: additional flags passed to rpcgen # OTHER_YFLAGS, LOCAL_YFLAGS: additional flags passed to yacc # OTHER_LFLAGS, LOCAL_LFLAGS: additional flags passed to lex -OTHER_CFLAGS=-DHAVE_FUNCTION_MACRO=1 -DENABLE_IPV6=1 -DADVAPI=1 -DHAVE_GETADDRINFO=1 \ --DHAVE_GETNAMEINFO=1 -DHAVE_LIBSSL=1 -DHAVE_LIBCRYPTO=1 -DHAVE_LIBL=1 -DHAVE_LIBY=1 \ --DSTDC_HEADERS=1 -DHAVE_SYS_WAIT_H=1 -DHAVE_LIMITS_H=1 -DHAVE_SYS_TIME_H=1 -DHAVE_UNISTD_H=1 \ --DHAVE_STDARG_H=1 -DHAVE_VARARGS_H=1 -DHAVE_OPENSSL_RSA_H=1 -DHAVE_OPENSSL_PEM_H=1 \ --DHAVE_OPENSSL_EVP_H=1 -DHAVE_OPENSSL_X509_H=1 -DHAVE_SIGNING_C=1 -DHAVE_OPENSSL_OPENSSLV_H=1 \ --DTIME_WITH_SYS_TIME=1 -DRETSIGTYPE=void -DHAVE_VPRINTF=1 -DHAVE_GETTIMEOFDAY=1 -DHAVE_SELECT=1 \ --DHAVE_SOCKET=1 -DHAVE_STRERROR=1 -DHAVE_STRTOL=1 -DHAVE_STRTOUL=1 -DHAVE_STRDUP=1 \ --DHAVE_GETIFADDRS=1 -DINET6 -DHAVE_PFKEYV2 -O -DYIPS_DEBUG -DIPSEC -Dss_family=__ss_family \ --Dss_len=__ss_len -DSYSCONFDIR=\"/etc\" -DYY_NO_UNPUT -I../racoon.tproj -I../ipsec # These variables provide hooks enabling you to add behavior at almost every # stage of the make: @@ -144,3 +135,6 @@ OTHER_CFLAGS=-DHAVE_FUNCTION_MACRO=1 -DENABLE_IPV6=1 -DADVAPI=1 -DHAVE_GETADDRIN # standard locations. NEXT_ROOT defaults to "C:/Apple" on Windows systems # and "" on other systems. DSTROOT = $(HOME) + +AFTER_INSTALL += install-man-page + diff --git a/ip6fw.tproj/PB.project b/ip6fw.tproj/PB.project new file mode 100644 index 0000000..32e331f --- /dev/null +++ b/ip6fw.tproj/PB.project @@ -0,0 +1,25 @@ +{ + DYNAMIC_CODE_GEN = YES; + FILESTABLE = { + FRAMEWORKS = (); + OTHER_LINKED = (ip6fw.c); + OTHER_SOURCES = (Makefile.preamble, Makefile, Makefile.postamble, ip6fw.8); + }; + LANGUAGE = English; + MAKEFILEDIR = "$(MAKEFILEPATH)/pb_makefiles"; + NEXTSTEP_BUILDTOOL = /bin/gnumake; + NEXTSTEP_INSTALLDIR = /sbin; + NEXTSTEP_JAVA_COMPILER = /usr/bin/javac; + NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc; + PDO_UNIX_BUILDTOOL = $NEXT_ROOT/Developer/bin/make; + PDO_UNIX_INSTALLDIR = /bin; + PDO_UNIX_JAVA_COMPILER = "$(JDKBINDIR)/javac"; + PDO_UNIX_OBJCPLUS_COMPILER = "$(NEXTDEV_BIN)/gcc"; + PROJECTNAME = ip6fw; + PROJECTTYPE = Tool; + PROJECTVERSION = 2.8; + WINDOWS_BUILDTOOL = $NEXT_ROOT/Developer/Executables/make; + WINDOWS_INSTALLDIR = /Library/Executables; + WINDOWS_JAVA_COMPILER = "$(JDKBINDIR)/javac.exe"; + WINDOWS_OBJCPLUS_COMPILER = "$(DEVDIR)/gcc"; +} diff --git a/ip6fw.tproj/ip6fw.8 b/ip6fw.tproj/ip6fw.8 new file mode 100644 index 0000000..cdbaf6b --- /dev/null +++ b/ip6fw.tproj/ip6fw.8 @@ -0,0 +1,570 @@ +.\" +.\" $FreeBSD: src/sbin/ip6fw/ip6fw.8,v 1.3.2.12 2003/02/23 20:17:15 trhodes Exp $ +.\" +.\" $KAME$ +.\" +.\" Copyright (C) 1998, 1999, 2000 and 2001 WIDE Project. +.\" All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. Neither the name of the project nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.Dd March 13, 2000 +.Dt IP6FW 8 +.Os +.Sh NAME +.Nm ip6fw +.Nd controlling utility for IPv6 firewall +.Sh SYNOPSIS +.Nm +.Op Fl q +.Oo +.Fl p Ar preproc +.Oo Fl D +.Ar macro Ns Op = Ns Ar value +.Oc +.Op Fl U Ar macro +.Oc +.Ar pathname +.Nm +.Op Fl f | Fl q +flush +.Nm +.Op Fl q +zero +.Op Ar number ... +.Nm +delete +.Ar number ... +.Nm +.Op Fl aftN +list +.Op Ar number ... +.Nm +.Op Fl ftN +show +.Op Ar number ... +.Nm +.Op Fl q +add +.Op Ar number +.Ar action +.Op log +.Ar proto +from +.Ar src +to +.Ar dst +.Op via Ar name | ipv6no +.Op Ar options +.Sh DESCRIPTION +To ease configuration, rules can be put into a file which is +processed using +.Nm +as shown in the first synopsis line. +An absolute +.Ar pathname +must be used. +The file +will be read line by line and applied as arguments to the +.Nm +utility. +.Pp +Optionally, a preprocessor can be specified using +.Fl p Ar preproc +where +.Ar pathname +is to be piped through. +Useful preprocessors include +.Xr cpp 1 +and +.Xr m4 1 . +If +.Ar preproc +doesn't start with a slash +.Pq Ql / +as its first character, the usual +.Ev PATH +name search is performed. +Care should be taken with this in environments where not all +file systems are mounted (yet) by the time +.Nm +is being run (e.g. when they are mounted over NFS). +Once +.Fl p +has been specified, optional +.Fl D +and +.Fl U +specifications can follow and will be passed on to the preprocessor. +This allows for flexible configuration files (like conditionalizing +them on the local hostname) and the use of macros to centralize +frequently required arguments like IP addresses. +.Pp +The +.Nm +code works by going through the rule-list for each packet, +until a match is found. +All rules have two associated counters, a packet count and +a byte count. +These counters are updated when a packet matches the rule. +.Pp +The rules are ordered by a +.Dq line-number +from 1 to 65534 that is used +to order and delete rules. +Rules are tried in increasing order, and the +first rule that matches a packet applies. +Multiple rules may share the same number and apply in +the order in which they were added. +.Pp +If a rule is added without a number, it is numbered 100 higher +than the previous rule. +If the highest defined rule number is +greater than 65434, new rules are appended to the last rule. +.Pp +The delete operation deletes the first rule with number +.Ar number , +if any. +.Pp +The list command prints out the current rule set. +.Pp +The show command is equivalent to `ip6fw -a list'. +.Pp +The zero operation zeroes the counters associated with rule number +.Ar number . +.Pp +The flush operation removes all rules. +.Pp +Any command beginning with a +.Sq # , +or being all blank, is ignored. +.Pp +One rule is always present: +.Bd -literal -offset center +65535 deny all from any to any +.Ed +.Pp +This rule is the default policy, i.e., don't allow anything at all. +Your job in setting up rules is to modify this policy to match your +needs. +.Pp +The following options are available: +.Bl -tag -width flag +.It Fl a +While listing, show counter values. See also +.Dq show +command. +.It Fl f +Don't ask for confirmation for commands that can cause problems if misused +(ie; flush). +.Ar Note , +if there is no tty associated with the process, this is implied. +.It Fl q +While adding, zeroing or flushing, be quiet about actions (implies '-f'). +This is useful for adjusting rules by executing multiple ip6fw commands in a +script (e.g. sh /etc/rc.firewall), or by processing a file of many ip6fw rules, +across a remote login session. If a flush is performed in normal +(verbose) mode, it prints a message. Because all rules are flushed, the +message cannot be delivered to the login session, the login session is +closed and the remainder of the ruleset is not processed. Access to the +console is required to recover. +.It Fl t +While listing, show last match timestamp. +.It Fl N +Try to resolve addresses and service names in output. +.El +.Pp +.Ar action : +.Bl -hang -offset flag -width 16n +.It Ar allow +Allow packets that match rule. +The search terminates. +Aliases are +.Ar pass , +.Ar permit , +and +.Ar accept . +.It Ar deny +Discard packets that match this rule. +The search terminates. +.Ar Drop +is an alias for +.Ar deny . +.It Ar reject +(Deprecated.) Discard packets that match this rule, and try to send an ICMPv6 +host unreachable notice. +The search terminates. +.It Ar unreach code +Discard packets that match this rule, and try to send an ICMPv6 +unreachable notice with code +.Ar code , +where +.Ar code +is a number from zero to 255, or one of these aliases: +.Ar noroute , +.Ar admin , +.Ar notneighbor , +.Ar addr , +or +.Ar noport , +The search terminates. +.It Ar reset +TCP packets only. +Discard packets that match this rule, +and try to send a TCP reset (RST) notice. +The search terminates +.Em ( "not working yet" ) . +.It Ar count +Update counters for all packets that match rule. +The search continues with the next rule. +.It Ar skipto number +Skip all subsequent rules numbered less than +.Ar number . +The search continues with the first rule numbered +.Ar number +or higher. +.El +.Pp +If the kernel was compiled with +.Dv IPV6FIREWALL_VERBOSE , +then when a packet matches a rule with the +.Dq log +keyword or a clear/resetlog is performed, a message will be logged to +.Xr syslogd 8 , +or, if that fails, to the console. If the kernel was compiled with the +.Dv IPV6FIREWALL_VERBOSE_LIMIT +option, then logging will cease after the number of packets +specified by the option are received for that particular +chain entry. +When this limit is reached, the limit and rule number will be logged. +Logging may then be re-enabled by clearing +the packet counter for that entry. +.Pp +The +.Xr syslogd 8 +logging and the default log limit are adjustable dynamically through the +.Xr sysctl 8 +interface. +.Pp +.Ar proto : +.Bl -hang -offset flag -width 16n +.It Ar ipv6 +All packets match. +The alias +.Ar all +has the same effect. +.It Ar tcp +Only TCP packets match. +.It Ar udp +Only UDP packets match. +.It Ar ipv6-icmp +Only ICMPv6 packets match. +.It Ar +Only packets for the specified protocol matches (see +.Pa /etc/protocols +for a complete list). +.El +.Pp +.Ar src +and +.Ar dst : +.Bl -hang -offset flag +.It Ar
+.Op Ar ports +.El +.Pp +The +.Em
+may be specified as: +.Bl -hang -offset flag -width 16n +.It Ar ipv6no +An ipv6number of the form +.Li fec0::1:2:3:4 . +.It Ar ipv6no/prefixlen +An ipv6number with a prefix length of the form +.Li fec0::1:2:3:4/112 . +.El +.Pp +The sense of the match can be inverted by preceding an address with the +.Dq not +modifier, causing all other addresses to be matched instead. +This +does not affect the selection of port numbers. +.Pp +With the TCP and UDP protocols, optional +.Em ports +may be specified as: +.Pp +.Bl -hang -offset flag +.It Ns {port|port-port} Ns Op ,port Ns Op ,... +.El +.Pp +Service names (from +.Pa /etc/services ) +may be used instead of numeric port values. +A range may only be specified as the first value, +and the length of the port list is limited to +.Dv IPV6_FW_MAX_PORTS +(as defined in +.Pa /usr/src/sys/netinet6/ip6_fw.h ) +ports. +.Pp +Fragmented packets which have a non-zero offset (i.e. not the first +fragment) will never match a rule which has one or more port +specifications. See the +.Ar frag +option for details on matching fragmented packets. +.Pp +Rules can apply to packets when they are incoming, or outgoing, or both. +The +.Ar in +keyword indicates the rule should only match incoming packets. +The +.Ar out +keyword indicates the rule should only match outgoing packets. +.Pp +To match packets going through a certain interface, specify +the interface using +.Ar via : +.Bl -hang -offset flag -width 16n +.It Ar via ifX +Packet must be going through interface +.Ar ifX . +.It Ar via if* +Packet must be going through interface +.Ar ifX , +where X is any unit number. +.It Ar via any +Packet must be going through +.Em some +interface. +.It Ar via ipv6no +Packet must be going through the interface having IPv6 address +.Ar ipv6no . +.El +.Pp +The +.Ar via +keyword causes the interface to always be checked. +If +.Ar recv +or +.Ar xmit +is used instead of +.Ar via , +then the only receive or transmit interface (respectively) is checked. +By specifying both, it is possible to match packets based on both receive +and transmit interface, e.g.: +.Pp +.Dl "ip6fw add 100 deny ip from any to any out recv ed0 xmit ed1" +.Pp +The +.Ar recv +interface can be tested on either incoming or outgoing packets, while the +.Ar xmit +interface can only be tested on outgoing packets. +So +.Ar out +is required (and +.Ar in +invalid) whenever +.Ar xmit +is used. +Specifying +.Ar via +together with +.Ar xmit +or +.Ar recv +is invalid. +.Pp +A packet may not have a receive or transmit interface: packets originating +from the local host have no receive interface. while packets destined for +the local host have no transmit interface. +.Pp +Additional +.Ar options : +.Bl -hang -offset flag -width 16n +.It frag +Matches if the packet is a fragment and this is not the first fragment +of the datagram. +.Ar frag +may not be used in conjunction with either +.Ar tcpflags +or TCP/UDP port specifications. +.It in +Matches if this packet was on the way in. +.It out +Matches if this packet was on the way out. +.It ipv6options Ar spec +Matches if the IPv6 header contains the comma separated list of +options specified in +.Ar spec . +The supported IPv6 options are: +.Ar hopopt +(hop-by-hop options header), +.Ar route +(routing header), +.Ar frag +(fragment header), +.Ar esp +(encapsulating security payload), +.Ar ah +(authentication header), +.Ar nonxt +(no next header), and +.Ar opts +(destination options header). +The absence of a particular option may be denoted +with a +.Dq \&! +.Em ( "not working yet" ) . +.It established +Matches packets that have the RST or ACK bits set. +TCP packets only. +.It setup +Matches packets that have the SYN bit set but no ACK bit. +TCP packets only. +.It tcpflags Ar spec +Matches if the TCP header contains the comma separated list of +flags specified in +.Ar spec . +The supported TCP flags are: +.Ar fin , +.Ar syn , +.Ar rst , +.Ar psh , +.Ar ack , +and +.Ar urg . +The absence of a particular flag may be denoted +with a +.Dq \&! . +A rule which contains a +.Ar tcpflags +specification can never match a fragmented packet which has +a non-zero offset. See the +.Ar frag +option for details on matching fragmented packets. +.It icmptypes Ar types +Matches if the ICMPv6 type is in the list +.Ar types . +The list may be specified as any combination of ranges +or individual types separated by commas. +.El +.Sh CHECKLIST +Here are some important points to consider when designing your +rules: +.Bl -bullet -offset flag +.It +Remember that you filter both packets going in and out. +Most connections need packets going in both directions. +.It +Remember to test very carefully. +It is a good idea to be near the console when doing this. +.It +Don't forget the loopback interface. +.El +.Sh FINE POINTS +There is one kind of packet that the firewall will always discard, +that is an IPv6 fragment with a fragment offset of one. +This is a valid packet, but it only has one use, to try to circumvent +firewalls. +.Pp +If you are logged in over a network, loading the KLD version of +.Nm +is probably not as straightforward as you would think +.Em ( "not supported" ) . +I recommend this command line: +.Bd -literal -offset center +kldload /modules/ip6fw_mod.o && \e +ip6fw add 32000 allow all from any to any +.Ed +.Pp +Along the same lines, doing an +.Bd -literal -offset center +ip6fw flush +.Ed +.Pp +in similar surroundings is also a bad idea. +.Sh PACKET DIVERSION +not supported. +.Sh EXAMPLES +This command adds an entry which denies all tcp packets from +.Em hacker.evil.org +to the telnet port of +.Em wolf.tambov.su +from being forwarded by the host: +.Pp +.Dl ip6fw add deny tcp from hacker.evil.org to wolf.tambov.su 23 +.Pp +This one disallows any connection from the entire hackers network to +my host: +.Pp +.Dl ip6fw add deny all from fec0::123:45:67:0/112 to my.host.org +.Pp +Here is a good usage of the list command to see accounting records +and timestamp information: +.Pp +.Dl ip6fw -at l +.Pp +or in short form without timestamps: +.Pp +.Dl ip6fw -a l +.Sh SEE ALSO +.Xr ip 4 , +.Xr ipfirewall 4 , +.Xr protocols 5 , +.Xr services 5 , +.Xr reboot 8 , +.Xr sysctl 8 , +.Xr syslogd 8 +.Sh BUGS +.Em WARNING!!WARNING!!WARNING!!WARNING!!WARNING!!WARNING!!WARNING!! +.Pp +This program can put your computer in rather unusable state. +When +using it for the first time, work on the console of the computer, and +do +.Em NOT +do anything you don't understand. +.Pp +When manipulating/adding chain entries, service and protocol names are +not accepted. +.Sh AUTHORS +.An Ugen J. S. Antsilevich , +.An Poul-Henning Kamp , +.An Alex Nash , +.An Archie Cobbs . +.Pp +.An -nosplit +API based upon code written by +.An Daniel Boulet +for BSDI. +.Sh HISTORY +A +.Nm +utility first appeared in +.Fx 4.0 . diff --git a/ip6fw.tproj/ip6fw.c b/ip6fw.tproj/ip6fw.c new file mode 100644 index 0000000..f54b916 --- /dev/null +++ b/ip6fw.tproj/ip6fw.c @@ -0,0 +1,1417 @@ +/* + * Copyright (c) 1996 Alex Nash, Paul Traina, Poul-Henning Kamp + * Copyright (c) 1994 Ugen J.S.Antsilevich + * + * Idea and grammar partially left from: + * Copyright (c) 1993 Daniel Boulet + * + * Redistribution and use in source forms, with and without modification, + * are permitted provided that this entire comment appears intact. + * + * Redistribution in binary form may occur without any restrictions. + * Obviously, it would be nice if you gave credit where credit is due + * but requiring it would be too onerous. + * + * This software is provided ``AS IS'' without any warranties of any kind. + * + * NEW command line interface for IP firewall facility + * + * $Id: ip6fw.c,v 1.2 2003/02/28 07:01:29 mscopp Exp $ + * $FreeBSD: src/sbin/ip6fw/ip6fw.c,v 1.1.2.6 2001/08/01 06:52:18 obrien Exp $ + */ + +#include +#include +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include +#include +#include +#include + +int lineno = -1; + +int s; /* main RAW socket */ +int do_resolv=0; /* Would try to resolv all */ +int do_acct=0; /* Show packet/byte count */ +int do_time=0; /* Show time stamps */ +int do_quiet=0; /* Be quiet in add and flush */ +int do_force=0; /* Don't ask for confirmation */ + +struct icmpcode { + int code; + char *str; +}; + +static struct icmpcode icmp6codes[] = { + { ICMP6_DST_UNREACH_NOROUTE, "noroute" }, + { ICMP6_DST_UNREACH_ADMIN, "admin" }, + { ICMP6_DST_UNREACH_NOTNEIGHBOR, "notneighbor" }, + { ICMP6_DST_UNREACH_ADDR, "addr" }, + { ICMP6_DST_UNREACH_NOPORT, "noport" }, + { 0, NULL } +}; + +static char ntop_buf[INET6_ADDRSTRLEN]; + +static void show_usage(const char *fmt, ...); + +static int +mask_bits(u_char *m_ad, int m_len) +{ + int h_num = 0,i; + + for (i = 0; i < m_len; i++, m_ad++) { + if (*m_ad != 0xff) + break; + h_num += 8; + } + if (i < m_len) { + switch (*m_ad) { +#define MASKLEN(m, l) case m: h_num += l; break + MASKLEN(0xfe, 7); + MASKLEN(0xfc, 6); + MASKLEN(0xf8, 5); + MASKLEN(0xf0, 4); + MASKLEN(0xe0, 3); + MASKLEN(0xc0, 2); + MASKLEN(0x80, 1); +#undef MASKLEN + } + } + return h_num; +} + +static int pl2m[9] = { 0x00, 0x80, 0xc0, 0xe0, 0xf0, 0xf8, 0xfc, 0xfe, 0xff }; + +struct in6_addr *plen2mask(int n) +{ + static struct in6_addr ia; + u_char *p; + int i; + + memset(&ia, 0, sizeof(struct in6_addr)); + p = (u_char *)&ia; + for (i = 0; i < 16; i++, p++, n -= 8) { + if (n >= 8) { + *p = 0xff; + continue; + } + *p = pl2m[n]; + break; + } + return &ia; +} + +void +print_port(prot, port, comma) + u_char prot; + u_short port; + const char *comma; +{ + struct servent *se; + struct protoent *pe; + const char *protocol; + int printed = 0; + + if (do_resolv) { + pe = getprotobynumber(prot); + if (pe) + protocol = pe->p_name; + else + protocol = NULL; + + se = getservbyport(htons(port), protocol); + if (se) { + printf("%s%s", comma, se->s_name); + printed = 1; + } + } + if (!printed) + printf("%s%d",comma,port); +} + +static void +print_iface(char *key, union ip6_fw_if *un, int byname) +{ + char ifnb[IP6FW_IFNLEN+1]; + + if (byname) { + strncpy(ifnb, un->fu_via_if.name, IP6FW_IFNLEN); + ifnb[IP6FW_IFNLEN]='\0'; + if (un->fu_via_if.unit == -1) + printf(" %s %s*", key, ifnb); + else + printf(" %s %s%d", key, ifnb, un->fu_via_if.unit); + } else if (!IN6_IS_ADDR_UNSPECIFIED(&un->fu_via_ip6)) { + printf(" %s %s", key, inet_ntop(AF_INET6,&un->fu_via_ip6,ntop_buf,sizeof(ntop_buf))); + } else + printf(" %s any", key); +} + +static void +print_reject_code(int code) +{ + struct icmpcode *ic; + + for (ic = icmp6codes; ic->str; ic++) + if (ic->code == code) { + printf("%s", ic->str); + return; + } + printf("%u", code); +} + +static void +show_ip6fw(struct ip6_fw *chain) +{ + char *comma; + struct hostent *he; + struct protoent *pe; + int i, mb; + int nsp = IPV6_FW_GETNSRCP(chain); + int ndp = IPV6_FW_GETNDSTP(chain); + + if (do_resolv) + setservent(1/*stayopen*/); + + printf("%05u ", chain->fw_number); + + if (do_acct) + printf("%10lu %10lu ",chain->fw_pcnt,chain->fw_bcnt); + + if (do_time) + { + if (chain->timestamp) + { + char timestr[30]; + + strcpy(timestr, ctime((time_t *)&chain->timestamp)); + *strchr(timestr, '\n') = '\0'; + printf("%s ", timestr); + } + else + printf(" "); + } + + switch (chain->fw_flg & IPV6_FW_F_COMMAND) + { + case IPV6_FW_F_ACCEPT: + printf("allow"); + break; + case IPV6_FW_F_DENY: + printf("deny"); + break; + case IPV6_FW_F_COUNT: + printf("count"); + break; + case IPV6_FW_F_DIVERT: + printf("divert %u", chain->fw_divert_port); + break; + case IPV6_FW_F_TEE: + printf("tee %u", chain->fw_divert_port); + break; + case IPV6_FW_F_SKIPTO: + printf("skipto %u", chain->fw_skipto_rule); + break; + case IPV6_FW_F_REJECT: + if (chain->fw_reject_code == IPV6_FW_REJECT_RST) + printf("reset"); + else { + printf("unreach "); + print_reject_code(chain->fw_reject_code); + } + break; + default: + errx(EX_OSERR, "impossible"); + } + + if (chain->fw_flg & IPV6_FW_F_PRN) + printf(" log"); + + pe = getprotobynumber(chain->fw_prot); + if (pe) + printf(" %s", pe->p_name); + else + printf(" %u", chain->fw_prot); + + printf(" from %s", chain->fw_flg & IPV6_FW_F_INVSRC ? "not " : ""); + + mb=mask_bits((u_char *)&chain->fw_smsk,sizeof(chain->fw_smsk)); + if (mb==128 && do_resolv) { + he=gethostbyaddr((char *)&(chain->fw_src),sizeof(chain->fw_src),AF_INET6); + if (he==NULL) { + printf(inet_ntop(AF_INET6,&chain->fw_src,ntop_buf,sizeof(ntop_buf))); + } else + printf("%s",he->h_name); + } else { + if (mb!=128) { + if (mb == 0) { + printf("any"); + } else { + printf(inet_ntop(AF_INET6,&chain->fw_src,ntop_buf,sizeof(ntop_buf))); + printf("/%d",mb); + } + } else + printf(inet_ntop(AF_INET6,&chain->fw_src,ntop_buf,sizeof(ntop_buf))); + } + + if (chain->fw_prot == IPPROTO_TCP || chain->fw_prot == IPPROTO_UDP) { + comma = " "; + for (i = 0; i < nsp; i++) { + print_port(chain->fw_prot, chain->fw_pts[i], comma); + if (i==0 && (chain->fw_flg & IPV6_FW_F_SRNG)) + comma = "-"; + else + comma = ","; + } + } + + printf(" to %s", chain->fw_flg & IPV6_FW_F_INVDST ? "not " : ""); + + mb=mask_bits((u_char *)&chain->fw_dmsk,sizeof(chain->fw_dmsk)); + if (mb==128 && do_resolv) { + he=gethostbyaddr((char *)&(chain->fw_dst),sizeof(chain->fw_dst),AF_INET); + if (he==NULL) { + printf(inet_ntop(AF_INET6,&chain->fw_dst,ntop_buf,sizeof(ntop_buf))); + } else + printf("%s",he->h_name); + } else { + if (mb!=128) { + if (mb == 0) { + printf("any"); + } else { + printf(inet_ntop(AF_INET6,&chain->fw_dst,ntop_buf,sizeof(ntop_buf))); + printf("/%d",mb); + } + } else + printf(inet_ntop(AF_INET6,&chain->fw_dst,ntop_buf,sizeof(ntop_buf))); + } + + if (chain->fw_prot == IPPROTO_TCP || chain->fw_prot == IPPROTO_UDP) { + comma = " "; + for (i = 0; i < ndp; i++) { + print_port(chain->fw_prot, chain->fw_pts[nsp+i], comma); + if (i==0 && (chain->fw_flg & IPV6_FW_F_DRNG)) + comma = "-"; + else + comma = ","; + } + } + + /* Direction */ + if ((chain->fw_flg & IPV6_FW_F_IN) && !(chain->fw_flg & IPV6_FW_F_OUT)) + printf(" in"); + if (!(chain->fw_flg & IPV6_FW_F_IN) && (chain->fw_flg & IPV6_FW_F_OUT)) + printf(" out"); + + /* Handle hack for "via" backwards compatibility */ + if ((chain->fw_flg & IF6_FW_F_VIAHACK) == IF6_FW_F_VIAHACK) { + print_iface("via", + &chain->fw_in_if, chain->fw_flg & IPV6_FW_F_IIFNAME); + } else { + /* Receive interface specified */ + if (chain->fw_flg & IPV6_FW_F_IIFACE) + print_iface("recv", &chain->fw_in_if, + chain->fw_flg & IPV6_FW_F_IIFNAME); + /* Transmit interface specified */ + if (chain->fw_flg & IPV6_FW_F_OIFACE) + print_iface("xmit", &chain->fw_out_if, + chain->fw_flg & IPV6_FW_F_OIFNAME); + } + + if (chain->fw_flg & IPV6_FW_F_FRAG) + printf(" frag"); + + if (chain->fw_ip6opt || chain->fw_ip6nopt) { + int _opt_printed = 0; +#define PRINTOPT(x) {if (_opt_printed) printf(",");\ + printf(x); _opt_printed = 1;} + + printf(" ip6opt "); + if (chain->fw_ip6opt & IPV6_FW_IP6OPT_HOPOPT) PRINTOPT("hopopt"); + if (chain->fw_ip6nopt & IPV6_FW_IP6OPT_HOPOPT) PRINTOPT("!hopopt"); + if (chain->fw_ip6opt & IPV6_FW_IP6OPT_ROUTE) PRINTOPT("route"); + if (chain->fw_ip6nopt & IPV6_FW_IP6OPT_ROUTE) PRINTOPT("!route"); + if (chain->fw_ip6opt & IPV6_FW_IP6OPT_FRAG) PRINTOPT("frag"); + if (chain->fw_ip6nopt & IPV6_FW_IP6OPT_FRAG) PRINTOPT("!frag"); + if (chain->fw_ip6opt & IPV6_FW_IP6OPT_ESP) PRINTOPT("esp"); + if (chain->fw_ip6nopt & IPV6_FW_IP6OPT_ESP) PRINTOPT("!esp"); + if (chain->fw_ip6opt & IPV6_FW_IP6OPT_AH) PRINTOPT("ah"); + if (chain->fw_ip6nopt & IPV6_FW_IP6OPT_AH) PRINTOPT("!ah"); + if (chain->fw_ip6opt & IPV6_FW_IP6OPT_NONXT) PRINTOPT("nonxt"); + if (chain->fw_ip6nopt & IPV6_FW_IP6OPT_NONXT) PRINTOPT("!nonxt"); + if (chain->fw_ip6opt & IPV6_FW_IP6OPT_OPTS) PRINTOPT("opts"); + if (chain->fw_ip6nopt & IPV6_FW_IP6OPT_OPTS) PRINTOPT("!opts"); + } + + if (chain->fw_ipflg & IPV6_FW_IF_TCPEST) + printf(" established"); + else if (chain->fw_tcpf == IPV6_FW_TCPF_SYN && + chain->fw_tcpnf == IPV6_FW_TCPF_ACK) + printf(" setup"); + else if (chain->fw_tcpf || chain->fw_tcpnf) { + int _flg_printed = 0; +#define PRINTFLG(x) {if (_flg_printed) printf(",");\ + printf(x); _flg_printed = 1;} + + printf(" tcpflg "); + if (chain->fw_tcpf & IPV6_FW_TCPF_FIN) PRINTFLG("fin"); + if (chain->fw_tcpnf & IPV6_FW_TCPF_FIN) PRINTFLG("!fin"); + if (chain->fw_tcpf & IPV6_FW_TCPF_SYN) PRINTFLG("syn"); + if (chain->fw_tcpnf & IPV6_FW_TCPF_SYN) PRINTFLG("!syn"); + if (chain->fw_tcpf & IPV6_FW_TCPF_RST) PRINTFLG("rst"); + if (chain->fw_tcpnf & IPV6_FW_TCPF_RST) PRINTFLG("!rst"); + if (chain->fw_tcpf & IPV6_FW_TCPF_PSH) PRINTFLG("psh"); + if (chain->fw_tcpnf & IPV6_FW_TCPF_PSH) PRINTFLG("!psh"); + if (chain->fw_tcpf & IPV6_FW_TCPF_ACK) PRINTFLG("ack"); + if (chain->fw_tcpnf & IPV6_FW_TCPF_ACK) PRINTFLG("!ack"); + if (chain->fw_tcpf & IPV6_FW_TCPF_URG) PRINTFLG("urg"); + if (chain->fw_tcpnf & IPV6_FW_TCPF_URG) PRINTFLG("!urg"); + } + if (chain->fw_flg & IPV6_FW_F_ICMPBIT) { + int type_index; + int first = 1; + + printf(" icmptype"); + + for (type_index = 0; type_index < IPV6_FW_ICMPTYPES_DIM * sizeof(unsigned) * 8; ++type_index) + if (chain->fw_icmp6types[type_index / (sizeof(unsigned) * 8)] & + (1U << (type_index % (sizeof(unsigned) * 8)))) { + printf("%c%d", first == 1 ? ' ' : ',', type_index); + first = 0; + } + } + printf("\n"); + if (do_resolv) + endservent(); +} + +void +list(ac, av) + int ac; + char **av; +{ + struct ip6_fw *r, *rules; + int l,i; + unsigned long rulenum; + int nalloc, bytes, maxbytes; + + /* extract rules from kernel, resizing array as necessary */ + rules = NULL; + nalloc = sizeof *rules; + bytes = nalloc; + maxbytes = 65536 * sizeof *rules; + while (bytes >= nalloc) { + nalloc = nalloc * 2 + 200; + bytes = nalloc; + if ((rules = realloc(rules, bytes)) == NULL) + err(EX_OSERR, "realloc"); + memset(rules, 0, sizeof *rules); + rules->version = IPV6_FW_CURRENT_API_VERSION; + i = getsockopt(s, IPPROTO_IPV6, IPV6_FW_GET, rules, &bytes); + if ((i < 0 && errno != EINVAL) || nalloc > maxbytes) + err(EX_OSERR, "getsockopt(IPV6_FW_GET)"); + } + if (!ac) { + /* display all rules */ + for (r = rules, l = bytes; l >= sizeof rules[0]; + r++, l-=sizeof rules[0]) + show_ip6fw(r); + } + else { + /* display specific rules requested on command line */ + int exitval = 0; + + while (ac--) { + char *endptr; + int seen; + + /* convert command line rule # */ + rulenum = strtoul(*av++, &endptr, 10); + if (*endptr) { + exitval = 1; + warn("invalid rule number: %s", av[-1]); + continue; + } + seen = 0; + for (r = rules, l = bytes; + l >= sizeof rules[0] && r->fw_number <= rulenum; + r++, l-=sizeof rules[0]) + if (rulenum == r->fw_number) { + show_ip6fw(r); + seen = 1; + } + if (!seen) { + exitval = 1; + warnx("rule %lu does not exist", rulenum); + } + } + if (exitval != 0) + exit(exitval); + } +} + +static void +show_usage(const char *fmt, ...) +{ + if (fmt) { + char buf[100]; + va_list args; + + va_start(args, fmt); + vsnprintf(buf, sizeof(buf), fmt, args); + va_end(args); + warnx("error: %s", buf); + } + fprintf(stderr, "usage: ip6fw [options]\n" +" flush\n" +" add [number] rule\n" +" delete number ...\n" +" list [number ...]\n" +" show [number ...]\n" +" zero [number ...]\n" +" rule: action proto src dst extras...\n" +" action:\n" +" {allow|permit|accept|pass|deny|drop|reject|unreach code|\n" +" reset|count|skipto num} [log]\n" +" proto: {ipv6|tcp|udp|ipv6-icmp|}\n" +" src: from [not] {any|ipv6[/prefixlen]} [{port|port-port},[port],...]\n" +" dst: to [not] {any|ipv6[/prefixlen]} [{port|port-port},[port],...]\n" +" extras:\n" +" fragment (may not be used with ports or tcpflags)\n" +" in\n" +" out\n" +" {xmit|recv|via} {iface|ipv6|any}\n" +" {established|setup}\n" +" tcpflags [!]{syn|fin|rst|ack|psh|urg},...\n" +" ipv6options [!]{hopopt|route|frag|esp|ah|nonxt|opts},...\n" +" icmptypes {type[,type]}...\n"); + + exit(1); +} + +static int +lookup_host (host, addr, family) + char *host; + u_char *addr; +{ + struct hostent *he = gethostbyname2(host, family); + + if (!he) + return(-1); + + memcpy(addr, he->h_addr_list[0], he->h_length); + + return(0); +} + +void +fill_ip6(ipno, mask, acp, avp) + struct in6_addr *ipno, *mask; + int *acp; + char ***avp; +{ + int ac = *acp; + char **av = *avp; + char *p = 0, md = 0; + int i; + + if (ac && !strncmp(*av,"any",strlen(*av))) { + *ipno = *mask = in6addr_any; av++; ac--; + } else { + p = strchr(*av, '/'); + if (p) { + md = *p; + *p++ = '\0'; + } + + if (lookup_host(*av, ipno, AF_INET6) != 0) + show_usage("hostname ``%s'' unknown", *av); + switch (md) { + case '/': + if (atoi(p) == 0) { + *mask = in6addr_any; + } else if (atoi(p) > 128) { + show_usage("bad width ``%s''", p); + } else { + *mask = *(plen2mask(atoi(p))); + } + break; + default: + *mask = *(plen2mask(128)); + break; + } + for (i = 0; i < sizeof(*ipno); i++) + ipno->s6_addr[i] &= mask->s6_addr[i]; + av++; + ac--; + } + *acp = ac; + *avp = av; +} + +static void +fill_reject_code6(u_short *codep, char *str) +{ + struct icmpcode *ic; + u_long val; + char *s; + + val = strtoul(str, &s, 0); + if (s != str && *s == '\0' && val < 0x100) { + *codep = val; + return; + } + for (ic = icmp6codes; ic->str; ic++) + if (!strcasecmp(str, ic->str)) { + *codep = ic->code; + return; + } + show_usage("unknown ICMP6 unreachable code ``%s''", str); +} + +static void +add_port(cnt, ptr, off, port) + u_short *cnt, *ptr, off, port; +{ + if (off + *cnt >= IPV6_FW_MAX_PORTS) + errx(1, "too many ports (max is %d)", IPV6_FW_MAX_PORTS); + ptr[off+*cnt] = port; + (*cnt)++; +} + +static int +lookup_port(const char *arg, int test, int nodash) +{ + int val; + char *earg, buf[32]; + struct servent *s; + + snprintf(buf, sizeof(buf), "%s", arg); + buf[strcspn(arg, nodash ? "-," : ",")] = 0; + val = (int) strtoul(buf, &earg, 0); + if (!*buf || *earg) { + setservent(1); + if ((s = getservbyname(buf, NULL))) { + val = htons(s->s_port); + } else { + if (!test) { + errx(1, "unknown port ``%s''", arg); + } + val = -1; + } + } else { + if (val < 0 || val > 0xffff) { + if (!test) { + errx(1, "port ``%s'' out of range", arg); + } + val = -1; + } + } + return(val); +} + +int +fill_port(cnt, ptr, off, arg) + u_short *cnt, *ptr, off; + char *arg; +{ + char *s; + int initial_range = 0; + + s = arg + strcspn(arg, "-,"); /* first port name can't have a dash */ + if (*s == '-') { + *s++ = '\0'; + if (strchr(arg, ',')) + errx(1, "port range must be first in list"); + add_port(cnt, ptr, off, *arg ? lookup_port(arg, 0, 0) : 0x0000); + arg = s; + s = strchr(arg,','); + if (s) + *s++ = '\0'; + add_port(cnt, ptr, off, *arg ? lookup_port(arg, 0, 0) : 0xffff); + arg = s; + initial_range = 1; + } + while (arg != NULL) { + s = strchr(arg,','); + if (s) + *s++ = '\0'; + add_port(cnt, ptr, off, lookup_port(arg, 0, 0)); + arg = s; + } + return initial_range; +} + +void +fill_tcpflag(set, reset, vp) + u_char *set, *reset; + char **vp; +{ + char *p = *vp,*q; + u_char *d; + + while (p && *p) { + struct tpcflags { + char * name; + u_char value; + } flags[] = { + { "syn", IPV6_FW_TCPF_SYN }, + { "fin", IPV6_FW_TCPF_FIN }, + { "ack", IPV6_FW_TCPF_ACK }, + { "psh", IPV6_FW_TCPF_PSH }, + { "rst", IPV6_FW_TCPF_RST }, + { "urg", IPV6_FW_TCPF_URG } + }; + int i; + + if (*p == '!') { + p++; + d = reset; + } else { + d = set; + } + q = strchr(p, ','); + if (q) + *q++ = '\0'; + for (i = 0; i < sizeof(flags) / sizeof(flags[0]); ++i) + if (!strncmp(p, flags[i].name, strlen(p))) { + *d |= flags[i].value; + break; + } + if (i == sizeof(flags) / sizeof(flags[0])) + show_usage("invalid tcp flag ``%s''", p); + p = q; + } +} + +static void +fill_ip6opt(u_char *set, u_char *reset, char **vp) +{ + char *p = *vp,*q; + u_char *d; + + while (p && *p) { + if (*p == '!') { + p++; + d = reset; + } else { + d = set; + } + q = strchr(p, ','); + if (q) + *q++ = '\0'; + if (!strncmp(p,"hopopt",strlen(p))) *d |= IPV6_FW_IP6OPT_HOPOPT; + if (!strncmp(p,"route",strlen(p))) *d |= IPV6_FW_IP6OPT_ROUTE; + if (!strncmp(p,"frag",strlen(p))) *d |= IPV6_FW_IP6OPT_FRAG; + if (!strncmp(p,"esp",strlen(p))) *d |= IPV6_FW_IP6OPT_ESP; + if (!strncmp(p,"ah",strlen(p))) *d |= IPV6_FW_IP6OPT_AH; + if (!strncmp(p,"nonxt",strlen(p))) *d |= IPV6_FW_IP6OPT_NONXT; + if (!strncmp(p,"opts",strlen(p))) *d |= IPV6_FW_IP6OPT_OPTS; + p = q; + } +} + +void +fill_icmptypes(types, vp, fw_flg) + u_long *types; + char **vp; + u_short *fw_flg; +{ + char *c = *vp; + + while (*c) + { + unsigned long icmptype; + + if ( *c == ',' ) + ++c; + + icmptype = strtoul(c, &c, 0); + + if ( *c != ',' && *c != '\0' ) + show_usage("invalid ICMP6 type"); + + if (icmptype >= IPV6_FW_ICMPTYPES_DIM * sizeof(unsigned) * 8) + show_usage("ICMP6 type out of range"); + + types[icmptype / (sizeof(unsigned) * 8)] |= + 1 << (icmptype % (sizeof(unsigned) * 8)); + *fw_flg |= IPV6_FW_F_ICMPBIT; + } +} + +void +delete(ac,av) + int ac; + char **av; +{ + struct ip6_fw rule; + int i; + int exitval = 0; + + memset(&rule, 0, sizeof rule); + rule.version = IPV6_FW_CURRENT_API_VERSION; + + av++; ac--; + + /* Rule number */ + while (ac && isdigit(**av)) { + rule.fw_number = atoi(*av); av++; ac--; + i = setsockopt(s, IPPROTO_IPV6, IPV6_FW_DEL, &rule, sizeof rule); + if (i) { + exitval = 1; + warn("rule %u: setsockopt(%s)", rule.fw_number, "IPV6_FW_DEL"); + } + } + if (exitval != 0) + exit(exitval); +} + +static void +verify_interface(union ip6_fw_if *ifu) +{ + struct ifreq ifr; + + /* + * If a unit was specified, check for that exact interface. + * If a wildcard was specified, check for unit 0. + */ + snprintf(ifr.ifr_name, sizeof(ifr.ifr_name), "%s%d", + ifu->fu_via_if.name, + ifu->fu_via_if.unit == -1 ? 0 : ifu->fu_via_if.unit); + + if (ioctl(s, SIOCGIFFLAGS, &ifr) < 0) + warnx("warning: interface ``%s'' does not exist", ifr.ifr_name); +} + +static void +fill_iface(char *which, union ip6_fw_if *ifu, int *byname, int ac, char *arg) +{ + if (!ac) + show_usage("missing argument for ``%s''", which); + + /* Parse the interface or address */ + if (!strcmp(arg, "any")) { + ifu->fu_via_ip6 = in6addr_any; + *byname = 0; + } else if (!isdigit(*arg)) { + char *q; + + *byname = 1; + strncpy(ifu->fu_via_if.name, arg, sizeof(ifu->fu_via_if.name)); + ifu->fu_via_if.name[sizeof(ifu->fu_via_if.name) - 1] = '\0'; + for (q = ifu->fu_via_if.name; + *q && !isdigit(*q) && *q != '*'; q++) + continue; + ifu->fu_via_if.unit = (*q == '*') ? -1 : atoi(q); + *q = '\0'; + verify_interface(ifu); + } else if (inet_pton(AF_INET6, arg, &ifu->fu_via_ip6) != 1) { + show_usage("bad ip6 address ``%s''", arg); + } else + *byname = 0; +} + +static void +add(ac,av) + int ac; + char **av; +{ + struct ip6_fw rule; + int i; + u_char proto; + struct protoent *pe; + int saw_xmrc = 0, saw_via = 0; + + memset(&rule, 0, sizeof rule); + rule.version = IPV6_FW_CURRENT_API_VERSION; + + av++; ac--; + + /* Rule number */ + if (ac && isdigit(**av)) { + rule.fw_number = atoi(*av); av++; ac--; + } + + /* Action */ + if (ac == 0) + show_usage("missing action"); + if (!strncmp(*av,"accept",strlen(*av)) + || !strncmp(*av,"pass",strlen(*av)) + || !strncmp(*av,"allow",strlen(*av)) + || !strncmp(*av,"permit",strlen(*av))) { + rule.fw_flg |= IPV6_FW_F_ACCEPT; av++; ac--; + } else if (!strncmp(*av,"count",strlen(*av))) { + rule.fw_flg |= IPV6_FW_F_COUNT; av++; ac--; + } +#if 0 + else if (!strncmp(*av,"divert",strlen(*av))) { + rule.fw_flg |= IPV6_FW_F_DIVERT; av++; ac--; + if (!ac) + show_usage("missing divert port"); + rule.fw_divert_port = strtoul(*av, NULL, 0); av++; ac--; + if (rule.fw_divert_port == 0) { + struct servent *s; + setservent(1); + s = getservbyname(av[-1], "divert"); + if (s != NULL) + rule.fw_divert_port = ntohs(s->s_port); + else + show_usage("illegal divert port"); + } + } else if (!strncmp(*av,"tee",strlen(*av))) { + rule.fw_flg |= IPV6_FW_F_TEE; av++; ac--; + if (!ac) + show_usage("missing divert port"); + rule.fw_divert_port = strtoul(*av, NULL, 0); av++; ac--; + if (rule.fw_divert_port == 0) { + struct servent *s; + setservent(1); + s = getservbyname(av[-1], "divert"); + if (s != NULL) + rule.fw_divert_port = ntohs(s->s_port); + else + show_usage("illegal divert port"); + } + } +#endif + else if (!strncmp(*av,"skipto",strlen(*av))) { + rule.fw_flg |= IPV6_FW_F_SKIPTO; av++; ac--; + if (!ac) + show_usage("missing skipto rule number"); + rule.fw_skipto_rule = strtoul(*av, NULL, 0); av++; ac--; + } else if ((!strncmp(*av,"deny",strlen(*av)) + || !strncmp(*av,"drop",strlen(*av)))) { + rule.fw_flg |= IPV6_FW_F_DENY; av++; ac--; + } else if (!strncmp(*av,"reject",strlen(*av))) { + rule.fw_flg |= IPV6_FW_F_REJECT; av++; ac--; + rule.fw_reject_code = ICMP6_DST_UNREACH_NOROUTE; + } else if (!strncmp(*av,"reset",strlen(*av))) { + rule.fw_flg |= IPV6_FW_F_REJECT; av++; ac--; + rule.fw_reject_code = IPV6_FW_REJECT_RST; /* check TCP later */ + } else if (!strncmp(*av,"unreach",strlen(*av))) { + rule.fw_flg |= IPV6_FW_F_REJECT; av++; ac--; + fill_reject_code6(&rule.fw_reject_code, *av); av++; ac--; + } else { + show_usage("invalid action ``%s''", *av); + } + + /* [log] */ + if (ac && !strncmp(*av,"log",strlen(*av))) { + rule.fw_flg |= IPV6_FW_F_PRN; av++; ac--; + } + + /* protocol */ + if (ac == 0) + show_usage("missing protocol"); + if ((proto = atoi(*av)) > 0) { + rule.fw_prot = proto; av++; ac--; + } else if (!strncmp(*av,"all",strlen(*av))) { + rule.fw_prot = IPPROTO_IPV6; av++; ac--; + } else if ((pe = getprotobyname(*av)) != NULL) { + rule.fw_prot = pe->p_proto; av++; ac--; + } else { + show_usage("invalid protocol ``%s''", *av); + } + + if (rule.fw_prot != IPPROTO_TCP + && (rule.fw_flg & IPV6_FW_F_COMMAND) == IPV6_FW_F_REJECT + && rule.fw_reject_code == IPV6_FW_REJECT_RST) + show_usage("``reset'' is only valid for tcp packets"); + + /* from */ + if (ac && !strncmp(*av,"from",strlen(*av))) { av++; ac--; } + else + show_usage("missing ``from''"); + + if (ac && !strncmp(*av,"not",strlen(*av))) { + rule.fw_flg |= IPV6_FW_F_INVSRC; + av++; ac--; + } + if (!ac) + show_usage("missing arguments"); + + fill_ip6(&rule.fw_src, &rule.fw_smsk, &ac, &av); + + if (ac && (isdigit(**av) || lookup_port(*av, 1, 1) >= 0)) { + u_short nports = 0; + + if (fill_port(&nports, rule.fw_pts, 0, *av)) + rule.fw_flg |= IPV6_FW_F_SRNG; + IPV6_FW_SETNSRCP(&rule, nports); + av++; ac--; + } + + /* to */ + if (ac && !strncmp(*av,"to",strlen(*av))) { av++; ac--; } + else + show_usage("missing ``to''"); + + if (ac && !strncmp(*av,"not",strlen(*av))) { + rule.fw_flg |= IPV6_FW_F_INVDST; + av++; ac--; + } + if (!ac) + show_usage("missing arguments"); + + fill_ip6(&rule.fw_dst, &rule.fw_dmsk, &ac, &av); + + if (ac && (isdigit(**av) || lookup_port(*av, 1, 1) >= 0)) { + u_short nports = 0; + + if (fill_port(&nports, + rule.fw_pts, IPV6_FW_GETNSRCP(&rule), *av)) + rule.fw_flg |= IPV6_FW_F_DRNG; + IPV6_FW_SETNDSTP(&rule, nports); + av++; ac--; + } + + if ((rule.fw_prot != IPPROTO_TCP) && (rule.fw_prot != IPPROTO_UDP) + && (IPV6_FW_GETNSRCP(&rule) || IPV6_FW_GETNDSTP(&rule))) { + show_usage("only TCP and UDP protocols are valid" + " with port specifications"); + } + + while (ac) { + if (!strncmp(*av,"in",strlen(*av))) { + rule.fw_flg |= IPV6_FW_F_IN; + av++; ac--; continue; + } + if (!strncmp(*av,"out",strlen(*av))) { + rule.fw_flg |= IPV6_FW_F_OUT; + av++; ac--; continue; + } + if (ac && !strncmp(*av,"xmit",strlen(*av))) { + union ip6_fw_if ifu; + int byname; + + if (saw_via) { +badviacombo: + show_usage("``via'' is incompatible" + " with ``xmit'' and ``recv''"); + } + saw_xmrc = 1; + av++; ac--; + fill_iface("xmit", &ifu, &byname, ac, *av); + rule.fw_out_if = ifu; + rule.fw_flg |= IPV6_FW_F_OIFACE; + if (byname) + rule.fw_flg |= IPV6_FW_F_OIFNAME; + av++; ac--; continue; + } + if (ac && !strncmp(*av,"recv",strlen(*av))) { + union ip6_fw_if ifu; + int byname; + + if (saw_via) + goto badviacombo; + saw_xmrc = 1; + av++; ac--; + fill_iface("recv", &ifu, &byname, ac, *av); + rule.fw_in_if = ifu; + rule.fw_flg |= IPV6_FW_F_IIFACE; + if (byname) + rule.fw_flg |= IPV6_FW_F_IIFNAME; + av++; ac--; continue; + } + if (ac && !strncmp(*av,"via",strlen(*av))) { + union ip6_fw_if ifu; + int byname = 0; + + if (saw_xmrc) + goto badviacombo; + saw_via = 1; + av++; ac--; + fill_iface("via", &ifu, &byname, ac, *av); + rule.fw_out_if = rule.fw_in_if = ifu; + if (byname) + rule.fw_flg |= + (IPV6_FW_F_IIFNAME | IPV6_FW_F_OIFNAME); + av++; ac--; continue; + } + if (!strncmp(*av,"fragment",strlen(*av))) { + rule.fw_flg |= IPV6_FW_F_FRAG; + av++; ac--; continue; + } + if (!strncmp(*av,"ipv6options",strlen(*av))) { + av++; ac--; + if (!ac) + show_usage("missing argument" + " for ``ipv6options''"); + fill_ip6opt(&rule.fw_ip6opt, &rule.fw_ip6nopt, av); + av++; ac--; continue; + } + if (rule.fw_prot == IPPROTO_TCP) { + if (!strncmp(*av,"established",strlen(*av))) { + rule.fw_ipflg |= IPV6_FW_IF_TCPEST; + av++; ac--; continue; + } + if (!strncmp(*av,"setup",strlen(*av))) { + rule.fw_tcpf |= IPV6_FW_TCPF_SYN; + rule.fw_tcpnf |= IPV6_FW_TCPF_ACK; + av++; ac--; continue; + } + if (!strncmp(*av,"tcpflags",strlen(*av))) { + av++; ac--; + if (!ac) + show_usage("missing argument" + " for ``tcpflags''"); + fill_tcpflag(&rule.fw_tcpf, &rule.fw_tcpnf, av); + av++; ac--; continue; + } + } + if (rule.fw_prot == IPPROTO_ICMPV6) { + if (!strncmp(*av,"icmptypes",strlen(*av))) { + av++; ac--; + if (!ac) + show_usage("missing argument" + " for ``icmptypes''"); + fill_icmptypes(rule.fw_icmp6types, + av, &rule.fw_flg); + av++; ac--; continue; + } + } + show_usage("unknown argument ``%s''", *av); + } + + /* No direction specified -> do both directions */ + if (!(rule.fw_flg & (IPV6_FW_F_OUT|IPV6_FW_F_IN))) + rule.fw_flg |= (IPV6_FW_F_OUT|IPV6_FW_F_IN); + + /* Sanity check interface check, but handle "via" case separately */ + if (saw_via) { + if (rule.fw_flg & IPV6_FW_F_IN) + rule.fw_flg |= IPV6_FW_F_IIFACE; + if (rule.fw_flg & IPV6_FW_F_OUT) + rule.fw_flg |= IPV6_FW_F_OIFACE; + } else if ((rule.fw_flg & IPV6_FW_F_OIFACE) && (rule.fw_flg & IPV6_FW_F_IN)) + show_usage("can't check xmit interface of incoming packets"); + + /* frag may not be used in conjunction with ports or TCP flags */ + if (rule.fw_flg & IPV6_FW_F_FRAG) { + if (rule.fw_tcpf || rule.fw_tcpnf) + show_usage("can't mix 'frag' and tcpflags"); + + if (rule.fw_nports) + show_usage("can't mix 'frag' and port specifications"); + } + + if (!do_quiet) + show_ip6fw(&rule); + i = setsockopt(s, IPPROTO_IPV6, IPV6_FW_ADD, &rule, sizeof rule); + if (i) + err(EX_UNAVAILABLE, "setsockopt(%s)", "IPV6_FW_ADD"); +} + +static void +zero (ac, av) + int ac; + char **av; +{ + struct ip6_fw rule; + + av++; ac--; + memset(&rule, 0, sizeof rule); + rule.version = IPV6_FW_CURRENT_API_VERSION; + + if (!ac) { + /* clear all entries */ + if (setsockopt(s, IPPROTO_IPV6, IPV6_FW_ZERO, &rule, sizeof rule) < 0) + err(EX_UNAVAILABLE, "setsockopt(%s)", "IPV6_FW_ZERO"); + if (!do_quiet) + printf("Accounting cleared.\n"); + } else { + int failed = 0; + + while (ac) { + /* Rule number */ + if (isdigit(**av)) { + rule.fw_number = atoi(*av); av++; ac--; + if (setsockopt(s, IPPROTO_IPV6, + IPV6_FW_ZERO, &rule, sizeof rule)) { + warn("rule %u: setsockopt(%s)", rule.fw_number, + "IPV6_FW_ZERO"); + failed = 1; + } + else if (!do_quiet) + printf("Entry %d cleared\n", + rule.fw_number); + } else + show_usage("invalid rule number ``%s''", *av); + } + if (failed != 0) + exit(failed); + } +} + +int +ip6fw_main(ac,av) + int ac; + char **av; +{ + int ch; + extern int optind; + + /* init optind to 1 */ + optind = 1; + + if ( ac == 1 ) { + show_usage(NULL); + } + + /* Set the force flag for non-interactive processes */ + do_force = !isatty(STDIN_FILENO); + + while ((ch = getopt(ac, av ,"afqtN")) != -1) + switch(ch) { + case 'a': + do_acct=1; + break; + case 'f': + do_force=1; + break; + case 'q': + do_quiet=1; + break; + case 't': + do_time=1; + break; + case 'N': + do_resolv=1; + break; + default: + show_usage(NULL); + } + + ac -= optind; + if (*(av+=optind)==NULL) { + show_usage("Bad arguments"); + } + + if (!strncmp(*av, "add", strlen(*av))) { + add(ac,av); + } else if (!strncmp(*av, "delete", strlen(*av))) { + delete(ac,av); + } else if (!strncmp(*av, "flush", strlen(*av))) { + int do_flush = 0; + + if ( do_force || do_quiet ) + do_flush = 1; + else { + int c; + + /* Ask the user */ + printf("Are you sure? [yn] "); + do { + fflush(stdout); + c = toupper(getc(stdin)); + while (c != '\n' && getc(stdin) != '\n') + if (feof(stdin)) + return (0); + } while (c != 'Y' && c != 'N'); + printf("\n"); + if (c == 'Y') + do_flush = 1; + } + if ( do_flush ) { + struct ip6_fw rule; + + memset(&rule, 0, sizeof rule); + rule.version = IPV6_FW_CURRENT_API_VERSION; + if (setsockopt(s, IPPROTO_IPV6, IPV6_FW_FLUSH, &rule, sizeof rule) < 0) + err(EX_UNAVAILABLE, "setsockopt(%s)", "IPV6_FW_FLUSH"); + if (!do_quiet) + printf("Flushed all rules.\n"); + } + } else if (!strncmp(*av, "zero", strlen(*av))) { + zero(ac,av); + } else if (!strncmp(*av, "print", strlen(*av))) { + list(--ac,++av); + } else if (!strncmp(*av, "list", strlen(*av))) { + list(--ac,++av); + } else if (!strncmp(*av, "show", strlen(*av))) { + do_acct++; + list(--ac,++av); + } else { + show_usage("Bad arguments"); + } + return 0; +} + +int +main(ac, av) + int ac; + char **av; +{ +#define MAX_ARGS 32 +#define WHITESP " \t\f\v\n\r" + char buf[BUFSIZ]; + char *a, *p, *args[MAX_ARGS], *cmd = NULL; + char linename[10]; + int i, c, lineno, qflag, pflag, status; + FILE *f = NULL; + pid_t preproc = 0; + + s = socket( AF_INET6, SOCK_RAW, IPPROTO_RAW ); + if ( s < 0 ) + err(EX_UNAVAILABLE, "socket"); + + setbuf(stdout,0); + + /* + * Only interpret the last command line argument as a file to + * be preprocessed if it is specified as an absolute pathname. + */ + + if (ac > 1 && av[ac - 1][0] == '/' && access(av[ac - 1], R_OK) == 0) { + qflag = pflag = i = 0; + lineno = 0; + + while ((c = getopt(ac, av, "D:U:p:q")) != -1) + switch(c) { + case 'D': + if (!pflag) + errx(EX_USAGE, "-D requires -p"); + if (i > MAX_ARGS - 2) + errx(EX_USAGE, + "too many -D or -U options"); + args[i++] = "-D"; + args[i++] = optarg; + break; + + case 'U': + if (!pflag) + errx(EX_USAGE, "-U requires -p"); + if (i > MAX_ARGS - 2) + errx(EX_USAGE, + "too many -D or -U options"); + args[i++] = "-U"; + args[i++] = optarg; + break; + + case 'p': + pflag = 1; + cmd = optarg; + args[0] = cmd; + i = 1; + break; + + case 'q': + qflag = 1; + break; + + default: + show_usage(NULL); + } + + av += optind; + ac -= optind; + if (ac != 1) + show_usage("extraneous filename arguments"); + + if ((f = fopen(av[0], "r")) == NULL) + err(EX_UNAVAILABLE, "fopen: %s", av[0]); + + if (pflag) { + /* pipe through preprocessor (cpp or m4) */ + int pipedes[2]; + + args[i] = 0; + + if (pipe(pipedes) == -1) + err(EX_OSERR, "cannot create pipe"); + + switch((preproc = fork())) { + case -1: + err(EX_OSERR, "cannot fork"); + + case 0: + /* child */ + if (dup2(fileno(f), 0) == -1 || + dup2(pipedes[1], 1) == -1) + err(EX_OSERR, "dup2()"); + fclose(f); + close(pipedes[1]); + close(pipedes[0]); + execvp(cmd, args); + err(EX_OSERR, "execvp(%s) failed", cmd); + + default: + /* parent */ + fclose(f); + close(pipedes[1]); + if ((f = fdopen(pipedes[0], "r")) == NULL) { + int savederrno = errno; + + (void)kill(preproc, SIGTERM); + errno = savederrno; + err(EX_OSERR, "fdopen()"); + } + } + } + + while (fgets(buf, BUFSIZ, f)) { + lineno++; + sprintf(linename, "Line %d", lineno); + args[0] = linename; + + if (*buf == '#') + continue; + if ((p = strchr(buf, '#')) != NULL) + *p = '\0'; + i=1; + if (qflag) args[i++]="-q"; + for (a = strtok(buf, WHITESP); + a && i < MAX_ARGS; a = strtok(NULL, WHITESP), i++) + args[i] = a; + if (i == (qflag? 2: 1)) + continue; + if (i == MAX_ARGS) + errx(EX_USAGE, "%s: too many arguments", linename); + args[i] = NULL; + + ip6fw_main(i, args); + } + fclose(f); + if (pflag) { + if (waitpid(preproc, &status, 0) != -1) { + if (WIFEXITED(status)) { + if (WEXITSTATUS(status) != EX_OK) + errx(EX_UNAVAILABLE, + "preprocessor exited with status %d", + WEXITSTATUS(status)); + } else if (WIFSIGNALED(status)) { + errx(EX_UNAVAILABLE, + "preprocessor exited with signal %d", + WTERMSIG(status)); + } + } + } + } else + ip6fw_main(ac,av); + return 0; +} diff --git a/ipfw.tproj/ipfw.8 b/ipfw.tproj/ipfw.8 index fea3024..c332dc0 100644 --- a/ipfw.tproj/ipfw.8 +++ b/ipfw.tproj/ipfw.8 @@ -1,4 +1,4 @@ -.Dd February 16, 2000 +.Dd July 2, 2003 .Dt IPFW 8 .Os Darwin .Sh NAME @@ -34,43 +34,20 @@ .Cm add .Op Ar number .Ar rule-body -.Nm -.Cm pipe -.Ar number -.Cm config -.Ar pipe-config-options -.Nm -.Cm pipe -.Es \&{ \&} -.En Cm delete | list | show -.Op Ar number ... -.Nm -.Cm queue -.Ar number -.Cm config -.Ar queue-config-options -.Nm -.Cm queue -.Es \&{ \&} -.En Cm delete | list | show -.Op Ar number ... .Sh DESCRIPTION .Nm is the user interface for controlling the .Xr ipfirewall 4 -and the -.Xr dummynet 4 -traffic shaper in -.Fx . +. .Pp Each incoming or outgoing packet is passed through the .Nm rules. -If host is acting as a gateway, packets forwarded by +If the host is acting as a gateway, packets forwarded by the gateway are processed by .Nm twice. -In case a host is acting as a bridge, packets forwarded by +When the host is acting as a bridge, packets forwarded by the bridge are processed by .Nm once. @@ -188,9 +165,6 @@ Access to the console is required to recover. While listing, show last match timestamp. .It Fl N Try to resolve addresses and service names in output. -.It Fl s Op Ar field -While listing pipes, sort according to one of the four -counters (total and current packets or bytes). .El .Pp To ease configuration, rules can be put into a file which is @@ -235,13 +209,6 @@ specifications can follow and will be passed on to the preprocessor. This allows for flexible configuration files (like conditionalizing them on the local hostname) and the use of macros to centralize frequently required arguments like IP addresses. -.Pp -The -.Nm -.Cm pipe -commands are used to configure the traffic shaper, as shown in the -.Sx TRAFFIC SHAPER CONFIGURATION -section below. .Sh RULE FORMAT The .Nm @@ -275,7 +242,7 @@ associated with it: .It IP fragment flag .It IP options .It ICMP types -.It User/group ID of the socket associated with the packet +.It User ID of the socket associated with the packet .El .Pp Note that it may be dangerous to filter on the source IP @@ -286,11 +253,7 @@ easily be spoofed. A match is only declared with the specified probability (floating point number between 0 and 1). This can be useful for a number of applications such as -random packet drop or -(in conjunction with -.Xr dummynet 4 ) -to simulate the effect of multiple paths leading to out-of-order -packet delivery. +random packet drop. .It Ar action : .Bl -tag -width indent .It Cm allow @@ -388,26 +351,6 @@ Y would be forwarded to local port Y. The kernel must have been compiled with the .Dv IPFIREWALL_FORWARD option. -.It Cm pipe Ar pipe_nr -Pass packet to a -.Xr dummynet 4 -.Dq pipe -(for bandwidth limitation, delay, etc.). -See the -.Sx TRAFFIC SHAPER CONFIGURATION -section for further information. -The search terminates; however, on exit from the pipe and if -the -.Xr sysctl 8 -variable -.Em net.inet.ip.fw.one_pass -is not set, the packet is passed again to the firewall code -starting from the next rule. -.It Cm queue Ar queue_nr -Pass packet to a -.Xr dummynet 4 -.Dq queue -(for bandwidth limitation using WF2Q). .It Cm skipto Ar number Skip all subsequent rules numbered less than .Ar number . @@ -424,11 +367,11 @@ keyword a message will be logged to .Xr syslogd 8 with a -.Dv LOG_SECURITY +.Dv LOG_AUTHPRIV facility. .Em Note : by default, they are appended to the -.Pa /var/log/security +.Pa /var/log/system.log file (see .Xr syslog.conf 5 ) . If the kernel was compiled with the @@ -629,12 +572,6 @@ This can be useful for multicast or broadcast traffic, which would otherwise pass through the firewall twice: once during bridging, and a second time when the packet is delivered to the local stack. -.Pp -Apart from a small performance penalty, this would be a problem -when using -.Em pipes -because the same packet would be accounted for twice in terms -of bandwidth, queue occupation, and also counters. .It Cm frag Match if the packet is a fragment and this is not the first fragment of the datagram. @@ -752,234 +689,6 @@ Match all TCP or UDP packets sent by or received for a A .Ar user may be matched by name or identification number. -.It Cm gid Ar group -Match all TCP or UDP packets sent by or received for a -.Ar group . -A -.Ar group -may be matched by name or identification number. -.El -.El -.Sh TRAFFIC SHAPER CONFIGURATION -The -.Nm -utility is also the user interface for the -.Xr dummynet 4 -traffic shaper. -The shaper operates by dividing packets into -.Em flows -according to a user-specified mask on different fields -of the IP header. -Packets belonging to the same flow are then passed to two -different objects, named -.Em pipe -or -.Em queue . -.Pp -A -.Em pipe -emulates a link with given bandwidth, propagation delay, -queue size and packet loss rate. -Packets transit through the pipe according to its parameters. -.Pp -A -.Em queue -is an abstraction used to implement the WF2Q+ policy. -The queue associates to each flow a weight and a reference pipe. -Then, all flows linked to the same pipe are scheduled at the -rate fixed by the pipe according to the WF2Q+ policy. -.Pp -The -.Nm -pipe configuration format is the following: -.Bd -ragged -.Cm pipe Ar number Cm config -.Op Cm bw Ar bandwidth | device -.Op Cm delay Ar ms-delay -.Oo -.Cm queue -.Es \&{ \&} -.En Ar slots | size -.Oc -.Op Cm plr Ar loss-probability -.Op Cm mask Ar mask-specifier -.Op Cm buckets Ar hash-table-size -.Oo -.Cm red | gred -.Sm off -.Ar w_q No / Xo -.Ar min_th No / -.Ar max_th No / -.Ar max_p -.Xc -.Sm on -.Oc -.Ed -.Pp -The -.Nm -queue configuration format is the following: -.Bd -ragged -.Cm queue Ar number Cm config -.Op Cm pipe Ar pipe_nr -.Op Cm weight Ar weight -.Oo -.Cm queue -.Es \&{ \&} -.En Ar slots | size -.Oc -.Op Cm plr Ar loss-probability -.Op Cm mask Ar mask-specifier -.Op Cm buckets Ar hash-table-size -.Oo -.Cm red | gred -.Sm off -.Ar w_q No / Xo -.Ar min_th No / -.Ar max_th No / -.Ar max_p -.Xc -.Sm on -.Oc -.Ed -.Pp -The following parameters can be configured for a pipe: -.Bl -tag -width indent -.It Cm bw Ar bandwidth | device -Bandwidth, measured in -.Sm off -.Oo -.Cm K | M -.Oc Eo \&{ -.Cm bit/s | Byte/s -.Ec \&} . -.Sm on -.Pp -A value of 0 (default) means unlimited bandwidth. -The unit must follow immediately the number, as in -.Pp -.Dl "ipfw pipe 1 config bw 300Kbit/s queue 50KBytes" -.Pp -If a device name is specified instead of a numeric -value, then the transmit clock is supplied by the specified -device. -At the moment only the -.Xr tun 4 -device supports this -functionality, for use in conjunction with -.Xr ppp 8 . -.It Cm delay Ar ms-delay -Propagation delay, measured in milliseconds. -The value is rounded to the next multiple of the clock tick -(typically 10ms, but it is a good practice to run kernels -with -.Dq "options HZ=1000" -to reduce -the granularity to 1ms or less). -Default value is 0, meaning no delay. -.It Cm queue Xo -.Es \&{ \&} -.En Ar slots | size Ns Cm Kbytes -.Xc -Queue size, in -.Ar slots -or -.Cm KBytes . -Default value is 50 slots, which -is the typical queue size for Ethernet devices. -Note that for slow speed links you should keep the queue -size short or your traffic might be affected by a significant -queueing delay. -E.g., 50 max-sized ethernet packets (1500 bytes) mean 600Kbit -or 20s of queue on a 30Kbit/s pipe. -Even worse effect can result if you get packets from an -interface with a much larger MTU, e.g. the loopback interface -with its 16KB packets. -.It Cm plr Ar packet-loss-rate -Packet loss rate. -Argument -.Ar packet-loss-rate -is a floating-point number between 0 and 1, with 0 meaning no -loss, 1 meaning 100% loss. -The loss rate is internally represented on 31 bits. -.It Cm mask Ar mask-specifier -The -.Xr dummynet 4 -lets you to create per-flow queues. -A flow identifier is constructed by masking the IP addresses, -ports and protocol types as specified in the pipe configuration. -Packets with the same identifier after masking fall into the -same queue. -Available mask specifiers are a combination of the following: -.Cm dst-ip Ar mask , -.Cm src-ip Ar mask , -.Cm dst-port Ar mask , -.Cm src-port Ar mask , -.Cm proto Ar mask -or -.Cm all , -where the latter means all bits in all fields are significant. -When used within a -.Ar pipe -configuration, each flow is assigned a rate equal -to the rate of the pipe. -When used within a -.Ar queue -configuration, each flow is assigned a weight equal to the -weight of the queue, and all flows insisting on the same pipe -share bandwidth proportionally to their weight. -.It Cm buckets Ar hash-table-size -Specifies the size of the hash table used for storing the -various queues. -Default value is 64 controlled by the -.Xr sysctl 8 -variable -.Em net.inet.ip.dummynet.hash_size , -allowed range is 16 to 1024. -.It Cm pipe Ar pipe_nr -Connects a queue to the specified pipe. -Multiple queues (usually -with different weights) can be connected to the same pipe, which -specifies the aggregate rate for the set of queues. -.It Cm weight Ar weight -Specifies the weight to be used for flows matching this queue. -The weight must be in the range 1..100, and defaults to 1. -.It Cm red | gred Xo -.Sm off -.Ar w_q No / -.Ar min_th No / -.Ar max_th No / -.Ar max_p -.Sm on -.Xc -Make use of the RED queue management algorithm. -.Ar w_q -and -.Ar max_p -are floating -point numbers between 0 and 1 (0 not included), while -.Ar min_th -and -.Ar max_th -are integer numbers specifying thresholds for queue management -(thresholds are computed in bytes if the queue has been defined -in bytes, in slots otherwise). -The -.Xr dummynet 4 -also supports the gentle RED variant (gred). -Three -.Xr sysctl 8 -variables can be used to control the RED behaviour: -.Bl -tag -width indent -.It Em net.inet.ip.dummynet.red_lookup_depth -specifies the accuracy in computing the average queue -when the link is idle (defaults to 256, must be greater than zero) -.It Em net.inet.ip.dummynet.red_avg_pkt_size -specifies the expected average packet size (defaults to 512, must be -greater than zero) -.It Em net.inet.ip.dummynet.red_max_pkt_size -specifies the expected maximum packet size, only used when queue -thresholds are in bytes (defaults to 1500, must be greater than zero). .El .El .Sh CHECKLIST @@ -996,8 +705,7 @@ Most connections need packets going in both directions. Remember to test very carefully. It is a good idea to be near the console when doing this. If you cannot be near the console, -use an auto-recovery script such as the one in -.Pa /usr/share/examples/ipfw/change_rules.sh . +use an auto-recovery script. .It Don't forget the loopback interface. .El @@ -1012,24 +720,6 @@ to circumvent firewalls. When logging is enabled, these packets are reported as being dropped by rule -1. .It -If you are logged in over a network, loading the -.Xr kld 4 -version of -.Nm -is probably not as straightforward as you would think. -I recommend the following command line: -.Bd -literal -offset indent -kldload /modules/ipfw.ko && \e -ipfw add 32000 allow ip from any to any -.Ed -.Pp -Along the same lines, doing an -.Bd -literal -offset indent -ipfw flush -.Ed -.Pp -in similar surroundings is also a bad idea. -.It The .Nm filter list may not be modified if the system security level @@ -1056,12 +746,6 @@ meaning: .It Em net.inet.ip.fw.debug : No 1 Controls debugging messages produced by .Nm . -.It Em net.inet.ip.fw.one_pass : No 1 -When set, the packet exiting from the -.Xr dummynet 4 -pipe is not passed though the firewall again. -Otherwise, after a pipe action, the packet is -reinjected into the firewall at the next rule. .It Em net.inet.ip.fw.verbose : No 1 Enables verbose messages. .It Em net.inet.ip.fw.enable : No 1 @@ -1111,7 +795,7 @@ network to my host: .Pp .Dl "ipfw add deny ip from 123.45.67.0/24 to my.host.org" .Pp -A first and efficient way to limit access (not using dynamic rules) +A fast and efficient way to limit access (not using dynamic rules) is the use of the following rules: .Pp .Dl "ipfw add allow tcp from any to any established" @@ -1173,109 +857,15 @@ to divert port 5000: .Pp .Dl ipfw divert 5000 ip from 192.168.2.0/24 to any in .Pp -The following rules show some of the applications of -.Nm -and -.Xr dummynet 4 -for simulations and the like. -.Pp -This rule drops random incoming packets with a probability -of 5%: -.Pp -.Dl "ipfw add prob 0.05 deny ip from any to any in" -.Pp -A similar effect can be achieved making use of dummynet pipes: -.Pp -.Dl "ipfw add pipe 10 ip from any to any" -.Dl "ipfw pipe 10 config plr 0.05" -.Pp -We can use pipes to artificially limit bandwidth, e.g. on a -machine acting as a router, if we want to limit traffic from -local clients on 192.168.2.0/24 we do: -.Pp -.Dl "ipfw add pipe 1 ip from 192.168.2.0/24 to any out" -.Dl "ipfw pipe 1 config bw 300Kbit/s queue 50KBytes" -.Pp -note that we use the -.Cm out -modifier so that the rule is not used twice. -Remember in fact that -.Nm -rules are checked both on incoming and outgoing packets. -.Pp -Should we like to simulate a bidirectional link with bandwidth -limitations, the correct way is the following: -.Pp -.Dl "ipfw add pipe 1 ip from any to any out" -.Dl "ipfw add pipe 2 ip from any to any in" -.Dl "ipfw pipe 1 config bw 64Kbit/s queue 10Kbytes" -.Dl "ipfw pipe 2 config bw 64Kbit/s queue 10Kbytes" -.Pp -The above can be very useful, e.g. if you want to see how -your fancy Web page will look for a residential user which -is connected only through a slow link. -You should not use only one pipe for both directions, unless -you want to simulate a half-duplex medium (e.g. AppleTalk, -Ethernet, IRDA). -It is not necessary that both pipes have the same configuration, -so we can also simulate asymmetric links. -.Pp -Should we like to verify network performance with the RED queue -management algorithm: -.Pp -.Dl "ipfw add pipe 1 ip from any to any" -.Dl "ipfw pipe 1 config bw 500Kbit/s queue 100 red 0.002/30/80/0.1" -.Pp -Another typical application of the traffic shaper is to -introduce some delay in the communication. -This can affect a lot applications which do a lot of Remote -Procedure Calls, and where the round-trip-time of the -connection often becomes a limiting factor much more than -bandwidth: -.Pp -.Dl "ipfw add pipe 1 ip from any to any out" -.Dl "ipfw add pipe 2 ip from any to any in" -.Dl "ipfw pipe 1 config delay 250ms bw 1Mbit/s" -.Dl "ipfw pipe 2 config delay 250ms bw 1Mbit/s" -.Pp -Per-flow queueing can be useful for a variety of purposes. -A very simple one is counting traffic: -.Pp -.Dl "ipfw add pipe 1 tcp from any to any" -.Dl "ipfw add pipe 1 udp from any to any" -.Dl "ipfw add pipe 1 ip from any to any" -.Dl "ipfw pipe 1 config mask all" -.Pp -The above set of rules will create queues (and collect -statistics) for all traffic. -Because the pipes have no limitations, the only effect is -collecting statistics. -Note that we need 3 rules, not just the last one, because -when -.Nm -tries to match IP packets it will not consider ports, so we -would not see connections on separate ports as different -ones. -.Pp -A more sophisticated example is limiting the outbound traffic -on a net with per-host limits, rather than per-network limits: -.Pp -.Dl "ipfw add pipe 1 ip from 192.168.2.0/24 to any out" -.Dl "ipfw add pipe 2 ip from any to 192.168.2.0/24 in" -.Dl "ipfw pipe 1 config mask src-ip 0x000000ff bw 200Kbit/s queue 20Kbytes" -.Dl "ipfw pipe 2 config mask dst-ip 0x000000ff bw 200Kbit/s queue 20Kbytes" .Sh SEE ALSO .Xr cpp 1 , .Xr m4 1 , -.Xr bridge 4 , .Xr divert 4 , -.Xr dummynet 4 , .Xr ip 4 , .Xr ipfirewall 4 , .Xr protocols 5 , .Xr services 5 , .Xr init 8 , -.Xr kldload 8 , .Xr reboot 8 , .Xr sysctl 8 , .Xr syslogd 8 @@ -1315,17 +905,10 @@ This may be fixed in a later version. API based upon code written by .An Daniel Boulet for BSDI. -.Pp -Work on -.Xr dummynet 4 -traffic shaper supported by Akamba Corp. .Sh HISTORY The .Nm utility first appeared in .Fx 2.0 . -.Xr dummynet 4 -was introduced in -.Fx 2.2.8 . Stateful extensions were introduced in .Fx 4.0 . diff --git a/ipfw.tproj/ipfw.c b/ipfw.tproj/ipfw.c index 3eba9bc..f173a81 100644 --- a/ipfw.tproj/ipfw.c +++ b/ipfw.tproj/ipfw.c @@ -3,19 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * The contents of this file constitute Original Code as defined in and - * are subject to the Apple Public Source License Version 1.1 (the - * "License"). You may not use this file except in compliance with the - * License. Please obtain a copy of the License at - * http://www.apple.com/publicsource and read it before using this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. * - * This Original Code and all software distributed under the License are - * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. + * + * The Original Code and all software distributed under the License are + * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License. + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ipsec/policy_token.l b/ipsec/policy_token.l index 3dee127..0084c81 100644 --- a/ipsec/policy_token.l +++ b/ipsec/policy_token.l @@ -139,7 +139,9 @@ __policy__strbuffer__init__(msg) char *msg; { YY_BUFFER_STATE yyb; - + + if (yy_current_buffer) + yy_delete_buffer(yy_current_buffer); yyb = (YY_BUFFER_STATE)yy_scan_string(msg); yy_switch_to_buffer(yyb); diff --git a/identd.tproj/Makefile b/kdumpd.tproj/Makefile similarity index 82% rename from identd.tproj/Makefile rename to kdumpd.tproj/Makefile index c3ee7d2..f90da80 100644 --- a/identd.tproj/Makefile +++ b/kdumpd.tproj/Makefile @@ -7,16 +7,14 @@ # and Makefile.postamble (both optional), and Makefile will include them. # -NAME = identd +NAME = kdumpd PROJECTVERSION = 2.8 PROJECT_TYPE = Tool -HFILES = error.h identd.h xpaths.h - -CFILES = config.c identd.c netbsd.c parse.c proxy.c version.c - -OTHERSRCS = CREDITS Makefile.dist README identd.8 Makefile.preamble Makefile.postamble +CFILES = kdumpd.c kdumpsubs.c +HFILES = kdump.h kdumpsubs.h +OTHERSRCS = Makefile.preamble Makefile Makefile.postamble kdumpd.8 MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles @@ -30,7 +28,10 @@ DEBUG_LIBS = $(LIBS) PROF_LIBS = $(LIBS) +HEADER_PATHS = -I. + +NEXTSTEP_BUILD_OUTPUT_DIR = /$(USER)/BUILD NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc WINDOWS_OBJCPLUS_COMPILER = $(DEVDIR)/gcc diff --git a/kdumpd.tproj/Makefile.postamble b/kdumpd.tproj/Makefile.postamble new file mode 100644 index 0000000..b71dd48 --- /dev/null +++ b/kdumpd.tproj/Makefile.postamble @@ -0,0 +1,112 @@ +############################################################################### +# NeXT Makefile.postamble Template +# Copyright 1993, NeXT Computer, Inc. +# +# This Makefile is used for configuring the standard app makefiles associated +# with ProjectBuilder. +# +# Use this template to set attributes for a project, sub-project, bundle, or +# palette. Each node in the project's tree of sub-projects and bundles +# should have it's own Makefile.preamble and Makefile.postamble. Additional +# rules (e.g., after_install) that are defined by the developer should be +# defined in this file. +# +############################################################################### +# +# Here are the variables exported by the common "app" makefiles that can be +# used in any customizations you make to the template below: +# +# PRODUCT_ROOT - Name of the directory to which resources are copied. +# OFILE_DIR - Directory into which .o object files are generated. +# (Note that this name is calculated based on the target +# architectures specified in Project Builder). +# DERIVED_SRC_DIR - Directory used for all other derived files +# ALL_CFLAGS - All the flags passed to the cc(1) driver for compilations +# +# NAME - name of application, bundle, subproject, palette, etc. +# LANGUAGE - langage in which the project is written (default "English") +# ENGLISH - boolean flag set iff $(LANGUAGE) = "English" +# JAPANESE - boolean flag set iff $(LANGUAGE) = "Japanese" +# LOCAL_RESOURCES - localized resources (e.g. nib's, images) of project +# GLOBAL_RESOURCES - non-localized resources of project +# PROJECTVERSION - version of ProjectBuilder that output Makefile +# APPICON - application icon file +# DOCICONS - dock icon files +# ICONSECTIONS - Specifies icon sections when linking executable +# +# CLASSES - Class implementation files in project. +# HFILES - Header files in project. +# MFILES - Other Objective-C source files in project. +# CFILES - Other C source files in project. +# PSWFILES - .psw files in the project +# PSWMFILES - .pswm files in the project +# SUBPROJECTS - Subprojects of this project +# BUNDLES - Bundle subprojects of this project +# OTHERSRCS - Other miscellaneous sources of this project +# OTHERLINKED - Source files not matching a standard source extention +# +# LIBS - Libraries to link with when making app target +# DEBUG_LIBS - Libraries to link with when making debug target +# PROF_LIBS - Libraries to link with when making profile target +# OTHERLINKEDOFILES - Other relocatable files to (always) link in. +# +# APP_MAKEFILE_DIR - Directory in which to find generic set of Makefiles +# MAKEFILEDIR - Directory in which to find $(MAKEFILE) +# MAKEFILE - Top level mechanism Makefile (e.g., app.make, bundle.make) +# INSTALLDIR - Directory app will be installed into by 'install' target +# +############################################################################### + + +# Change defaults assumed by the standard makefiles here. Edit the +# following default values as appropriate. (Note that if no Makefile.postamble +# exists, these values will have defaults set in common.make). + +# Versioning of frameworks, libraries, bundles, and palettes: +#CURRENTLY_ACTIVE_VERSION = YES # Set to "NO" to produce a compatibility binary +#DEPLOY_WITH_VERSION_NAME = A +#COMPATIBILITY_PROJECT_VERSION = 1 + +# Some compiler flags can be easily overridden here, but onlytake effect at +# the top-level: +#OPTIMIZATION_CFLAG = -O +#DEBUG_SYMBOLS_CFLAG = -g +#WARNING_CFLAGS = -Wall +#DEBUG_BUILD_CFLAGS = -DDEBUG +#PROFILE_BUILD_CFLAGS = -pg -DPROFILE + +# Flags passed to yacc +#YFLAGS = -d + +# Library and Framework projects only: +# 1. If you want something other than the default .dylib name, override it here +#DYLIB_INSTALL_NAME = lib$(NAME).dylib + +# 2. If you want to change the -install_name flag from the absolute path to the development area, change it here. One good choice is the installation directory. Another one might be none at all. +#DYLIB_INSTALL_DIR = $(INSTALLDIR) + +# Ownership and permissions of files installed by 'install' target +#INSTALL_AS_USER = root # User/group ownership +#INSTALL_AS_GROUP = wheel # (probably want to set both of these) +#INSTALL_PERMISSIONS = # If set, 'install' chmod's executable to this + +# Options to strip for various project types. Note: -S strips debugging symbols +# (executables can be stripped down further with -x or, if they load no bundles, with no +# options at all). +#APP_STRIP_OPTS = -S +#TOOL_STRIP_OPTS = -S +#LIBRARY_STRIP_OPTS = -S # for .a archives +#DYNAMIC_STRIP_OPTS = -S # for bundles and shared libraries +STRIPFLAGS = + +######################################################################### +# Put rules to extend the behavior of the standard Makefiles here. "Official" +# user-defined rules are: +# * before_install +# * after_install +# * after_installhdrs +# You should avoid redefining things like "install" or "app", as they are +# owned by the top-level Makefile API and no context has been set up for where +# derived files should go. + +VPATH += :../kdumpd.tproj diff --git a/kdumpd.tproj/Makefile.preamble b/kdumpd.tproj/Makefile.preamble new file mode 100644 index 0000000..cecb7c1 --- /dev/null +++ b/kdumpd.tproj/Makefile.preamble @@ -0,0 +1,121 @@ +############################################################################### +# NeXT Makefile.preamble Template +# Copyright 1993, NeXT Computer, Inc. +# +# This Makefile is used for configuring the standard app makefiles associated +# with ProjectBuilder. +# +# Use this template to set attributes for a project. Each node in a project +# tree of sub-projects, tools, etc. should have its own Makefile.preamble and +# Makefile.postamble. +# +############################################################################### +## Configure the flags passed to $(CC) here. These flags will also be +## inherited by all nested sub-projects and bundles. Put your -I, -D, -U, and +## -L flags in ProjectBuilder's Build Options inspector if at all possible. +## To change the default flags that get passed to ${CC} +## (e.g. change -O to -O2), see Makefile.postamble. + +# Flags passed to compiler (in addition to -g, -O, etc) +OTHER_CFLAGS = +# Flags passed to ld (in addition to -ObjC, etc.) +OTHER_LDFLAGS = +# Flags passed to libtool when building libraries +OTHER_LIBTOOL_FLAGS = +# For ordering named sections on NEXTSTEP (see ld(1)) +SECTORDER_FLAGS = + +# Stuff related to exporting headers from this project that isn't already +# handled by PB. +OTHER_PUBLIC_HEADERS = +OTHER_PROJECT_HEADERS = +OTHER_PRIVATE_HEADERS = + +# Set all three of these if you want a precomp to be built as part of +# installation. The cc -precomp will be run in the specified dir on the +# specified public header files with the specified additional flags. Don't put +# $(DSTROOT) in PUBLIC_HEADER_DIR; this is done for you. +PUBLIC_HEADER_DIR = +PUBLIC_PRECOMPILED_HEADERS = +PUBLIC_PRECOMPILED_HEADERS_CFLAGS = + +PRIVATE_HEADER_DIR = + +# If, in a subproject, you want to append to the parent's PUBLIC_HEADER_DIR# +# (say, to add a subdirectory like "/sys"), you can use: +PUBLIC_HEADER_DIR_SUFFIX = +PRIVATE_HEADER_DIR_SUFFIX = + +# Additional (non-localized) resources for this project, which can be generated +OTHER_RESOURCES = + +# Set this to YES if you don't want a final libtool call for a library/framework. +BUILD_OFILES_LIST_ONLY = + +# Additional relocatables to be linked into this project +OTHER_OFILES = +# Additional libraries to link against +OTHER_LIBS = +# To include a version string, project source must exist in a directory named +# $(NAME).%d[.%d][.%d] and the following line must be uncommented. +OTHER_GENERATED_OFILES = $(VERS_OFILE) + +## Configure how things get built here. Additional dependencies, source files, +## derived files, and build order should be specified here. + +# Other dependencies of this project +OTHER_PRODUCT_DEPENDS = +# Built *before* building subprojects/bundles +OTHER_INITIAL_TARGETS = +# Other source files maintained by .pre/postamble +OTHER_SOURCEFILES = +# Additional files to be removed by `make clean' +OTHER_GARBAGE = + +# Targets to build before installation +OTHER_INSTALL_DEPENDS = + +# A virtual root directory (other than /) to be prepended to the $(INSTALLDIR) +# passed from ProjectBuilder. +DSTROOT = + +# More obscure flags you might want to set for pswrap, yacc, lex, etc. +PSWFLAGS = +YFLAGS = +LFLAGS = + +## Delete this line if you want fast and loose cleans that will not remove +## things like precomps and user-defined OTHER_GARBAGE in subprojects. +CLEAN_ALL_SUBPROJECTS = YES + +## Add more obscure source files here to cause them to be automatically +## processed by the appropriate tool. Note that these files should also be +## added to "Supporting Files" in ProjectBuilder. The desired .o files that +## result from these files should also be added to OTHER_OFILES above so they +## will be linked in. + +# .msg files that should have msgwrap run on them +MSGFILES = +# .defs files that should have mig run on them +DEFSFILES = +# .mig files (no .defs files) that should have mig run on them +MIGFILES = + +## Add additional Help directories here (add them to the project as "Other +## Resources" in Project Builder) so that they will be compressed into .store +## files and copied into the app wrapper. If the help directories themselves +## need to also be in the app wrapper, then a cp command will need to be added +## in an after_install target. +OTHER_HELP_DIRS = + +# After you have saved your project using the 4.0 PB, you will automatically +# start using the makefiles in $(SYSTEM_DEVELOPER_DIR)/Makefiles/project. If you should +# need to revert back to the old 3.3 Makefile behavior, override MAKEFILEDIR to +# be $(SYSTEM_DEVELOPER_DIR)/Makefiles/app. + +# Don't add more rules here unless you want the first one to be the default +# target for make! Put all your targets in Makefile.postamble. + +OTHER_OFILES = + +-include ../Makefile.include diff --git a/identd.tproj/PB.project b/kdumpd.tproj/PB.project similarity index 72% rename from identd.tproj/PB.project rename to kdumpd.tproj/PB.project index b6dd3a8..4971f33 100644 --- a/identd.tproj/PB.project +++ b/kdumpd.tproj/PB.project @@ -1,24 +1,25 @@ { FILESTABLE = { C_FILES = (); - H_FILES = (error.h, identd.h, xpaths.h); + HEADERSEARCH = (.); + H_FILES = (kdump.h, kdumpsubs.h); M_FILES = (); OTHER_LIBS = (); - OTHER_LINKED = (config.c, identd.c, netbsd.c, parse.c, proxy.c, version.c); - OTHER_SOURCES = (CREDITS, Makefile.dist, README, identd.8, Makefile.preamble); + OTHER_LINKED = (kdumpd.c, kdumpsubs.c); + OTHER_SOURCES = (Makefile.preamble, Makefile, Makefile.postamble, kdumpd.8); PRECOMPILED_HEADERS = (); PROJECT_HEADERS = (); PUBLIC_HEADERS = (); SUBPROJECTS = (); }; + GENERATEMAIN = YES; LANGUAGE = English; LOCALIZABLE_FILES = {}; - NEXTSTEP_BUILDDIR = ""; - NEXTSTEP_BUILDTOOL = /bin/make; - NEXTSTEP_COMPILEROPTIONS = ""; + NEXTSTEP_BUILDDIR = "/$(USER)/BUILD"; + NEXTSTEP_BUILDTOOL = /bin/gnumake; + NEXTSTEP_DOCUMENTEXTENSIONS = (); NEXTSTEP_INSTALLDIR = /usr/libexec; NEXTSTEP_JAVA_COMPILER = /usr/bin/javac; - NEXTSTEP_LINKEROPTIONS = ""; NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc; PDO_UNIX_BUILDDIR = ""; PDO_UNIX_BUILDTOOL = /bin/make; @@ -27,7 +28,7 @@ PDO_UNIX_JAVA_COMPILER = "$(NEXTDEV_BIN)/javac"; PDO_UNIX_LINKEROPTIONS = ""; PDO_UNIX_OBJCPLUS_COMPILER = "$(NEXTDEV_BIN)/gcc"; - PROJECTNAME = identd; + PROJECTNAME = kdumpd; PROJECTTYPE = Tool; PROJECTVERSION = 2.8; WINDOWS_BUILDDIR = ""; diff --git a/kdumpd.tproj/kdump.h b/kdumpd.tproj/kdump.h new file mode 100644 index 0000000..0df2702 --- /dev/null +++ b/kdumpd.tproj/kdump.h @@ -0,0 +1,109 @@ +/* + * Copyright (c) 2000 Apple Computer, Inc. All rights reserved. + * + * @APPLE_LICENSE_HEADER_START@ + * + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. + * + * The Original Code and all software distributed under the License are + * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER + * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, + * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. + * + * @APPLE_LICENSE_HEADER_END@ + */ +/* + * Copyright (c) 1983, 1993 + * The Regents of the University of California. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the University of + * California, Berkeley and its contributors. + * 4. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * @(#)kdump.h 8.1 (Berkeley) 6/2/93 + */ + +#ifndef _KDUMP_H_ +#define _KDUMP_H_ + +/* Mac OS X kernel core dump server, based on the BSD trivial file + * transfer protocol server (FreeBSD distribution), with several + * modifications. This server is *not* compatible with tftp, as the + * protocol has changed considerably. + */ + +#define SEGSIZE 512 /* data segment size */ + +/* + * Packet types. + */ +#define RRQ 1 /* read request */ +#define WRQ 2 /* write request */ +#define DATA 3 /* data packet */ +#define ACK 4 /* acknowledgement */ +#define ERROR 5 /* error code */ +#define KDP_SEEK 6 /* Seek to specified offset */ +#define KDP_EOF 7 /* end of file */ + +struct kdumphdr { + short th_opcode; /* packet type */ + union { + unsigned int tu_block; /* block # */ + unsigned int tu_code; /* error code */ + char tu_stuff[1]; /* request packet stuff */ + } th_u; + char th_data[1]; /* data or error string */ +}__attribute__((packed)); + +#define th_block th_u.tu_block +#define th_code th_u.tu_code +#define th_stuff th_u.tu_stuff +#define th_msg th_data + +/* + * Error codes. + */ +#define EUNDEF 0 /* not defined */ +#define ENOTFOUND 1 /* file not found */ +#define EACCESS 2 /* access violation */ +#define ENOSPACE 3 /* disk full or allocation exceeded */ +#define EBADOP 4 /* illegal KDUMP operation */ +#define EBADID 5 /* unknown transfer ID */ +#define EEXISTS 6 /* file already exists */ +#define ENOUSER 7 /* no such user */ + +#endif diff --git a/kdumpd.tproj/kdumpd.8 b/kdumpd.tproj/kdumpd.8 new file mode 100755 index 0000000..a51e7e6 --- /dev/null +++ b/kdumpd.tproj/kdumpd.8 @@ -0,0 +1,78 @@ +.\" Copyright (c) 1983, 1991, 1993 +.\" The Regents of the University of California. All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. All advertising materials mentioning features or use of this software +.\" must display the following acknowledgement: +.\" This product includes software developed by the University of +.\" California, Berkeley and its contributors. +.\" 4. Neither the name of the University nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" @(#)tftpd.8 8.1 (Berkeley) 6/4/93 +.\" $FreeBSD: src/libexec/tftpd/tftpd.8,v 1.15 2001/07/15 07:53:42 dd Exp $ +.\" +.Dd August 29, 2003 +.Dt KDUMPD 8 +.Os +.Sh NAME +.Nm kdumpd +.Nd Mac OS X remote kernel core dump server +.Sh SYNOPSIS +.Nm /usr/libexec/kdumpd +.Op Ar directory +.Sh DESCRIPTION +.Nm Kdumpd +is a server which receives +kernel states in the form of +a core dump from a remote +Mac OS X machine. +The +.Tn kdumpd +server operates +on UDP port 1069, although this +may be configurable in the future. +The server should be started by +.Xr inetd 8 . +.Pp +The server should have the user ID +with the lowest possible privilege, +usually the user "nobody". +The directory specified as a server +program argument in +.Pa /etc/inetd.conf +directs the server to store kernel cores +in that directory and nowhere else. +The server returns an EEXIST error +to the remote kernel if it receives a +request for an existing file - i.e. +only new files can be created. The server +also disallows path specifications in the +incoming file name. +.Sh HISTORY +The +.Nm +command is based on Berkeley +.Xr tftpd 8 +by way of FreeBSD, with several modifications. + diff --git a/kdumpd.tproj/kdumpd.c b/kdumpd.tproj/kdumpd.c new file mode 100644 index 0000000..fc21ba1 --- /dev/null +++ b/kdumpd.tproj/kdumpd.c @@ -0,0 +1,636 @@ +/* + * Copyright (c) 1983, 1993 + * The Regents of the University of California. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the University of + * California, Berkeley and its contributors. + * 4. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifndef lint +static const char copyright[] = +"@(#) Copyright (c) 1983, 1993\n\ + The Regents of the University of California. All rights reserved.\n"; +#endif /* not lint */ + +/* Mac OS X kernel core dump server, based on the BSD trivial file + * transfer protocol server (FreeBSD distribution), with several + * modifications. This server is *not* compatible with tftp, as the + * protocol has changed considerably. + */ + +/* + * Based on the trivial file transfer protocol server. + * + * The original version included many modifications by Jim Guyton + * . + */ + +#include +#include +#include +#include +#include + +#include +#include "kdump.h" +#include + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "kdumpsubs.h" + +#define TIMEOUT 5 + +int peer; +int rexmtval = TIMEOUT; +int maxtimeout = 10*TIMEOUT; + +#define PKTSIZE SEGSIZE+6 +char buf[PKTSIZE]; +char ackbuf[PKTSIZE]; +struct sockaddr_in from; +int fromlen; + +void kdump __P((struct kdumphdr *, int)); + +/* + * Null-terminated directory prefix list for absolute pathname requests and + * search list for relative pathname requests. + * + * MAXDIRS should be at least as large as the number of arguments that + * inetd allows (currently 20). + */ +#define MAXDIRS 20 +static struct dirlist { + char *name; + int len; +} dirs[MAXDIRS+1]; +static int suppress_naks; +static int logging = 1; +static int ipchroot; + +static char *errtomsg __P((int)); +static void nak __P((int)); +static char * __P(verifyhost(struct sockaddr_in *)); + +int +main(argc, argv) + int argc; + char *argv[]; +{ + register struct kdumphdr *tp; + register int n; + int ch, on; + struct sockaddr_in sin; + char *chroot_dir = NULL; + struct passwd *nobody; + char *chuser = "nobody"; + + openlog("kdumpd", LOG_PID | LOG_NDELAY, LOG_FTP); + while ((ch = getopt(argc, argv, "cClns:u:")) != -1) { + switch (ch) { + case 'c': + ipchroot = 1; + break; + case 'C': + ipchroot = 2; + break; + case 'l': + logging = 1; + break; + case 'n': + suppress_naks = 1; + break; + case 's': + chroot_dir = optarg; + break; + case 'u': + chuser = optarg; + break; + default: + syslog(LOG_WARNING, "ignoring unknown option -%c", ch); + } + } + + if (optind < argc) { + struct dirlist *dirp; + + /* Get list of directory prefixes. Skip relative pathnames. */ + for (dirp = dirs; optind < argc && dirp < &dirs[MAXDIRS]; + optind++) { + if (argv[optind][0] == '/') { + dirp->name = argv[optind]; + dirp->len = strlen(dirp->name); + dirp++; + } + } + } + else if (chroot_dir) { + dirs->name = "/"; + dirs->len = 1; + } + if (ipchroot && chroot_dir == NULL) { + syslog(LOG_ERR, "-c requires -s"); + exit(1); + } + + on = 1; + if (ioctl(0, FIONBIO, &on) < 0) { + syslog(LOG_ERR, "ioctl(FIONBIO): %m"); + exit(1); + } + fromlen = sizeof (from); + n = recvfrom(0, buf, sizeof (buf), 0, + (struct sockaddr *)&from, &fromlen); + if (n < 0) { + syslog(LOG_ERR, "recvfrom: %m"); + exit(1); + } + /* + * Now that we have read the message out of the UDP + * socket, we fork and exit. Thus, inetd will go back + * to listening to the kdump port, and the next request + * to come in will start up a new instance of kdumpd. + * + * We do this so that inetd can run kdumpd in "wait" mode. + * The problem with kdumpd running in "nowait" mode is that + * inetd may get one or more successful "selects" on the + * kdump port before we do our receive, so more than one + * instance of kdumpd may be started up. Worse, if kdumpd + * breaks before doing the above "recvfrom", inetd would + * spawn endless instances, clogging the system. + */ + { + int pid; + int i, j; + + for (i = 1; i < 20; i++) { + pid = fork(); + if (pid < 0) { + sleep(i); + /* + * flush out to most recently sent request. + * + * This may drop some requests, but those + * will be resent by the clients when + * they timeout. The positive effect of + * this flush is to (try to) prevent more + * than one kdumpd being started up to service + * a single request from a single client. + */ + j = sizeof from; + i = recvfrom(0, buf, sizeof (buf), 0, + (struct sockaddr *)&from, &j); + if (i > 0) { + n = i; + fromlen = j; + } + } else { + break; + } + } + if (pid < 0) { + syslog(LOG_ERR, "fork: %m"); + exit(1); + } else if (pid != 0) { + exit(0); + } + } + + /* + * Since we exit here, we should do that only after the above + * recvfrom to keep inetd from constantly forking should there + * be a problem. See the above comment about system clogging. + */ + if (chroot_dir) { + if (ipchroot) { + char tempchroot[MAXPATHLEN]; + char *tempaddr; + struct stat sb; + int statret; + + tempaddr = inet_ntoa(from.sin_addr); + snprintf(tempchroot, sizeof(tempchroot), "%s/%s", chroot_dir, tempaddr); + statret = stat(tempchroot, &sb); + if ((sb.st_mode & S_IFDIR) && + (statret == 0 || (statret == -1 && ipchroot == 1))) + chroot_dir = tempchroot; + } + /* Must get this before chroot because /etc might go away */ + if ((nobody = getpwnam(chuser)) == NULL) { + syslog(LOG_ERR, "%s: no such user", chuser); + exit(1); + } + if (chroot(chroot_dir)) { + syslog(LOG_ERR, "chroot: %s: %m", chroot_dir); + exit(1); + } + chdir( "/" ); + setuid(nobody->pw_uid); + } + else + if (0 != chdir(dirs->name)) + syslog(LOG_ERR, "chdir%s: %m", dirs->name); + + from.sin_family = AF_INET; + alarm(0); + close(0); + close(1); + peer = socket(AF_INET, SOCK_DGRAM, 0); + if (peer < 0) { + syslog(LOG_ERR, "socket: %m"); + exit(1); + } + memset(&sin, 0, sizeof(sin)); + sin.sin_family = AF_INET; + if (bind(peer, (struct sockaddr *)&sin, sizeof (sin)) < 0) { + syslog(LOG_ERR, "bind: %m"); + exit(1); + } + if (connect(peer, (struct sockaddr *)&from, sizeof(from)) < 0) { + syslog(LOG_ERR, "connect: %m"); + exit(1); + } + tp = (struct kdumphdr *)buf; + tp->th_opcode = ntohs(tp->th_opcode); + if (tp->th_opcode == WRQ) + kdump(tp, n); + exit(1); +} + +struct formats; +int validate_access __P((char **, int)); + +void recvfile __P((struct formats *)); + +struct formats { + char *f_mode; + int (*f_validate) __P((char **, int)); + + void (*f_recv) __P((struct formats *)); + int f_convert; +} formats[] = { + { "netascii", validate_access, recvfile, 1 }, + { "octet", validate_access, recvfile, 0 }, + { 0 } +}; + +/* + * Handle initial connection protocol. + */ +void +kdump(tp, size) + struct kdumphdr *tp; + int size; +{ + register char *cp; + int first = 1, ecode; + register struct formats *pf; + char *filename, *mode = NULL; + + filename = cp = tp->th_stuff; +again: + while (cp < buf + size) { + if (*cp == '\0') + break; + cp++; + } + if (*cp != '\0') { + nak(EBADOP); + exit(1); + } + if (first) { + mode = ++cp; + first = 0; + goto again; + } + for (cp = mode; *cp; cp++) + if (isupper(*cp)) + *cp = tolower(*cp); + for (pf = formats; pf->f_mode; pf++) + if (strcmp(pf->f_mode, mode) == 0) + break; + if (pf->f_mode == 0) { + nak(EBADOP); + exit(1); + } + ecode = (*pf->f_validate)(&filename, tp->th_opcode); + if (logging) { + syslog(LOG_INFO, "%s: %s request for %s: %s", verifyhost(&from), + tp->th_opcode == WRQ ? "write" : "read", + filename, errtomsg(ecode)); + } + if (ecode) { + /* + * Avoid storms of naks to a RRQ broadcast for a relative + * bootfile pathname from a diskless Sun. + */ + if (suppress_naks && *filename != '/' && ecode == ENOTFOUND) + exit(0); + nak(ecode); + exit(1); + } + if (tp->th_opcode == WRQ) + (*pf->f_recv)(pf); + + exit(0); +} + + +FILE *file; + +/* + * Validate file access. We only allow storage of files that do not already + * exist, and that do not include directory specifiers in their pathnames. + * This is because kernel coredump filenames should always be of the form + * "core-version-IP as dotted quad-random string" as in : + * core-custom-17.202.40.204-a75b4eec + * The file is written to the directory supplied as the first argument + * in inetd.conf + */ + +int +validate_access(char **filep, int mode) +{ + struct stat stbuf; + int fd; + char *filename = *filep; + static char pathname[MAXPATHLEN]; + + if (strstr(filename, "/") || strstr(filename, "..")) + return (EACCESS); + + snprintf(pathname, sizeof(pathname), "./%s", filename); + + if (0 == stat(pathname, &stbuf)) + return (EEXIST); + + if (errno != ENOENT) + return (errno); + + + fd = open(filename, O_WRONLY|O_CREAT|O_TRUNC); + + if (fd < 0) + return (errno + 100); + + file = fdopen(fd, (mode == RRQ)? "r":"w"); + if (file == NULL) { + return errno+100; + } + if (fchmod(fd, S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP) < 0) + return errno+100; + + return (0); +} + +int timeout; +jmp_buf timeoutbuf; + +void +timer() +{ + + timeout += rexmtval; + if (timeout >= maxtimeout) + { + longjmp(timeoutbuf, 2); + } + longjmp(timeoutbuf, 1); +} + +void +justquit() +{ + exit(0); +} + + +/* + * Receive a file. + */ +void +recvfile(pf) + struct formats *pf; +{ + struct kdumphdr *dp, *w_init(); + register struct kdumphdr *ap; /* ack buffer */ + register int n, size; + volatile unsigned int block; + volatile unsigned int jmpval = 0; + + signal(SIGALRM, timer); + dp = w_init(); + ap = (struct kdumphdr *)ackbuf; + block = 0; + do { +send_seek_ack: timeout = 0; + ap->th_opcode = htons((u_short)ACK); + ap->th_block = htonl((unsigned int)block); + block++; + jmpval = setjmp(timeoutbuf); + if (2 == jmpval) + { + syslog (LOG_ERR, "Timing out and flushing file to disk"); + goto flushfile; + } +send_ack: + if (send(peer, ackbuf, 6 , 0) != 6) { + syslog(LOG_ERR, "write: %m"); + goto abort; + } + write_behind(file, pf->f_convert); + for ( ; ; ) { + alarm(rexmtval); + n = recv(peer, dp, PKTSIZE, 0); + alarm(0); + if (n < 0) { /* really? */ + syslog(LOG_ERR, "read: %m"); + goto abort; + } + dp->th_opcode = ntohs((u_short)dp->th_opcode); + dp->th_block = ntohl((unsigned int)dp->th_block); + if (dp->th_opcode == ERROR) + goto abort; + if (dp->th_opcode == KDP_EOF) + { + syslog (LOG_ERR, "Received last panic dump packet"); + goto final_ack; + } + if (dp->th_opcode == KDP_SEEK) + { + if (dp->th_block == block) + { + unsigned int tempoff = 0; + bcopy (dp->th_data, &tempoff, sizeof(unsigned int)); + lseek (fileno (file), ntohl(tempoff), SEEK_SET); + if (errno) + syslog (LOG_ERR, "lseek: %m"); + + goto send_seek_ack; + } + (void) synchnet(peer); + if (dp->th_block == (block-1)) + { + syslog (LOG_DAEMON|LOG_ERR, "Retransmitting seek ack - current block %hu, received block %hu", block, dp->th_block); + goto send_ack; /* rexmit */ + } + } + + if (dp->th_opcode == DATA) { + if (dp->th_block == block) { + break; /* normal */ + } + /* Re-synchronize with the other side */ + (void) synchnet(peer); + if (dp->th_block == (block-1)) + { + syslog (LOG_DAEMON|LOG_ERR, "Retransmitting ack - current block %hu, received block %hu", block, dp->th_block); + goto send_ack; /* rexmit */ + } + else + syslog (LOG_DAEMON|LOG_ERR, "Not retransmitting ack - current block %hu, received block %hu", block, dp->th_block); + } + } + + size = writeit(file, &dp, n - 6, pf->f_convert); + if (size != (n-6)) { /* ahem */ + if (size < 0) nak(errno + 100); + else nak(ENOSPACE); + goto abort; + } + } while (dp->th_opcode != KDP_EOF); + +final_ack: + ap->th_opcode = htons((u_short)ACK); /* send the "final" ack */ + ap->th_block = htonl((unsigned int) (block)); + (void) send(peer, ackbuf, 6, 0); +flushfile: + write_behind(file, pf->f_convert); + (void) fclose(file); /* close data file */ + syslog (LOG_ERR, "file closed, sending final ACK\n"); + + signal(SIGALRM, justquit); /* just quit on timeout */ + alarm(rexmtval); + n = recv(peer, buf, sizeof (buf), 0); /* normally times out and quits */ + alarm(0); + if (n >= 6 && /* if read some data */ + dp->th_opcode == DATA && /* and got a data block */ + block == dp->th_block) { /* then my last ack was lost */ + (void) send(peer, ackbuf, 6, 0); /* resend final ack */ + } +abort: + return; +} + +struct errmsg { + int e_code; + char *e_msg; +} errmsgs[] = { + { EUNDEF, "Undefined error code" }, + { ENOTFOUND, "File not found" }, + { EACCESS, "Access violation" }, + { ENOSPACE, "Disk full or allocation exceeded" }, + { EBADOP, "Illegal KDUMP operation" }, + { EBADID, "Unknown transfer ID" }, + { EEXISTS, "File already exists" }, + { ENOUSER, "No such user" }, + { -1, 0 } +}; + +static char * +errtomsg(error) + int error; +{ + static char buf[20]; + register struct errmsg *pe; + if (error == 0) + return "success"; + for (pe = errmsgs; pe->e_code >= 0; pe++) + if (pe->e_code == error) + return pe->e_msg; + snprintf(buf, sizeof(buf), "error %d", error); + return buf; +} + +/* + * Send a nak packet (error message). + * Error code passed in is one of the + * standard KDUMP codes, or a UNIX errno + * offset by 100. + */ +static void +nak(error) + int error; +{ + register struct kdumphdr *tp; + int length; + register struct errmsg *pe; + + tp = (struct kdumphdr *)buf; + tp->th_opcode = htons((u_short)ERROR); + tp->th_code = htons((unsigned int)error); + for (pe = errmsgs; pe->e_code >= 0; pe++) + if (pe->e_code == error) + break; + if (pe->e_code < 0) { + pe->e_msg = strerror(error - 100); + tp->th_code = EUNDEF; /* set 'undef' errorcode */ + } + strcpy(tp->th_msg, pe->e_msg); + length = strlen(pe->e_msg); + tp->th_msg[length] = '\0'; + length += 5; + if (send(peer, buf, length, 0) != length) + syslog(LOG_ERR, "nak: %m"); +} + +static char * +verifyhost(fromp) + struct sockaddr_in *fromp; +{ + struct hostent *hp; + + hp = gethostbyaddr((char *)&fromp->sin_addr, sizeof(fromp->sin_addr), + fromp->sin_family); + if(hp) + return hp->h_name; + else + return inet_ntoa(fromp->sin_addr); +} diff --git a/kdumpd.tproj/kdumpsubs.c b/kdumpd.tproj/kdumpsubs.c new file mode 100644 index 0000000..717f256 --- /dev/null +++ b/kdumpd.tproj/kdumpsubs.c @@ -0,0 +1,268 @@ +/* + * Copyright (c) 1983, 1993 + * The Regents of the University of California. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 4. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* Simple minded read-ahead/write-behind subroutines for tftp user and + server. Written originally with multiple buffers in mind, but current + implementation has two buffer logic wired in. + + Todo: add some sort of final error check so when the write-buffer + is finally flushed, the caller can detect if the disk filled up + (or had an i/o error) and return a nak to the other side. + + Jim Guyton 10/85 + */ + +#ifdef HAVE_CONFIG_H +#include +#endif + +#include +#include +#include +#ifdef HAVE_SYS_FILIO_H +#include +#endif +#include +#include "kdump.h" + +#include +#include + +#include "kdumpsubs.h" + +#define PKTSIZE SEGSIZE+6 /* should be moved to kdump.h */ + +struct bf { + int counter; /* size of data in buffer, or flag */ + char buf[PKTSIZE]; /* room for data packet */ +} bfs[2]; + + /* Values for bf.counter */ +#define BF_ALLOC -3 /* alloc'd but not yet filled */ +#define BF_FREE -2 /* free */ +/* [-1 .. SEGSIZE] = size of data in the data buffer */ + +static int nextone; /* index of next buffer to use */ +static int current; /* index of buffer in use */ + + /* control flags for crlf conversions */ +int newline = 0; /* fillbuf: in middle of newline expansion */ +int prevchar = -1; /* putbuf: previous char (cr check) */ + +static struct kdumphdr *rw_init __P ((int)); + +struct kdumphdr *w_init() { return rw_init(0); } /* write-behind */ +struct kdumphdr *r_init() { return rw_init(1); } /* read-ahead */ + +/* init for either read-ahead or write-behind */ +/* zero for write-behind, one for read-head */ +static struct kdumphdr * +rw_init(int x) +{ + newline = 0; /* init crlf flag */ + prevchar = -1; + bfs[0].counter = BF_ALLOC; /* pass out the first buffer */ + current = 0; + bfs[1].counter = BF_FREE; + nextone = x; /* ahead or behind? */ + return (struct kdumphdr *)bfs[0].buf; +} + + +/* Have emptied current buffer by sending to net and getting ack. + Free it and return next buffer filled with data. + */ +/* if true, convert to ascii */ +/* file opened for read */ + +/* int */ +/* readit(FILE *file, struct kdumphdr **dpp, int convert) */ +/* { */ +/* struct bf *b; */ + +/* bfs[current].counter = BF_FREE; /\* free old one *\/ */ +/* current = !current; /\* "incr" current *\/ */ + +/* b = &bfs[current]; /\* look at new buffer *\/ */ +/* if (b->counter == BF_FREE) /\* if it's empty *\/ */ +/* read_ahead(file, convert); /\* fill it *\/ */ +/* /\* assert(b->counter != BF_FREE);*\//\* check *\/ */ +/* *dpp = (struct kdumphdr *)b->buf; /\* set caller's ptr *\/ */ +/* return b->counter; */ +/* } */ + +/* + * fill the input buffer, doing ascii conversions if requested + * conversions are lf -> cr,lf and cr -> cr, nul + */ +/* FILE *file; file opened for read */ +/* int convert; if true, convert to ascii */ +void +read_ahead(FILE *file, int convert) +{ + register int i; + register char *p; + register int c; + struct bf *b; + struct kdumphdr *dp; + + b = &bfs[nextone]; /* look at "next" buffer */ + if (b->counter != BF_FREE) /* nop if not free */ + return; + nextone = !nextone; /* "incr" next buffer ptr */ + + dp = (struct kdumphdr *)b->buf; + + if (convert == 0) { + b->counter = read(fileno(file), dp->th_data, SEGSIZE); + return; + } + + p = dp->th_data; + for (i = 0 ; i < SEGSIZE; i++) { + if (newline) { + if (prevchar == '\n') + c = '\n'; /* lf to cr,lf */ + else c = '\0'; /* cr to cr,nul */ + newline = 0; + } + else { + c = getc(file); + if (c == EOF) break; + if (c == '\n' || c == '\r') { + prevchar = c; + c = '\r'; + newline = 1; + } + } + *p++ = c; + } + b->counter = (int)(p - dp->th_data); +} + +/* Update count associated with the buffer, get new buffer + from the queue. Calls write_behind only if next buffer not + available. + */ +int +writeit(FILE *file, struct kdumphdr **dpp, int ct, int convert) +{ + bfs[current].counter = ct; /* set size of data to write */ + current = !current; /* switch to other buffer */ + if (bfs[current].counter != BF_FREE) /* if not free */ + (void)write_behind(file, convert); /* flush it */ + bfs[current].counter = BF_ALLOC; /* mark as alloc'd */ + *dpp = (struct kdumphdr *)bfs[current].buf; + return ct; /* this is a lie of course */ +} + +/* + * Output a buffer to a file, converting from netascii if requested. + * CR,NUL -> CR and CR,LF => LF. + * Note spec is undefined if we get CR as last byte of file or a + * CR followed by anything else. In this case we leave it alone. + */ +int +write_behind(FILE *file, int convert) +{ + char *buf; + int count; + register int ct; + register char *p; + register int c; /* current character */ + struct bf *b; + struct kdumphdr *dp; + + b = &bfs[nextone]; + if (b->counter < -1) /* anything to flush? */ + return 0; /* just nop if nothing to do */ + + count = b->counter; /* remember byte count */ + b->counter = BF_FREE; /* reset flag */ + dp = (struct kdumphdr *)b->buf; + nextone = !nextone; /* incr for next time */ + buf = dp->th_data; + + if (count <= 0) return -1; /* nak logic? */ + + if (convert == 0) + return write(fileno(file), buf, count); + + p = buf; + ct = count; + while (ct--) { /* loop over the buffer */ + c = *p++; /* pick up a character */ + if (prevchar == '\r') { /* if prev char was cr */ + if (c == '\n') /* if have cr,lf then just */ + fseek(file, -1, 1); /* smash lf on top of the cr */ + else + if (c == '\0') /* if have cr,nul then */ + goto skipit; /* just skip over the putc */ + /* else just fall through and allow it */ + } + putc(c, file); +skipit: + prevchar = c; + } + return count; +} + + +/* When an error has occurred, it is possible that the two sides + * are out of synch. Ie: that what I think is the other side's + * response to packet N is really their response to packet N-1. + * + * So, to try to prevent that, we flush all the input queued up + * for us on the network connection on our host. + * + * We return the number of packets we flushed (mostly for reporting + * when trace is active). + */ + +/*int f;socket to flush */ +int +synchnet(int f) +{ + int i, j = 0; + char rbuf[PKTSIZE]; + struct sockaddr_in from; + int fromlen; + + while (1) { + (void) ioctl(f, FIONREAD, &i); + if (i) { + j++; + fromlen = sizeof from; + (void) recvfrom(f, rbuf, sizeof (rbuf), 0, + (struct sockaddr *)&from, &fromlen); + } else { + return(j); + } + } +} diff --git a/rsh.tproj/pathnames.h b/kdumpd.tproj/kdumpsubs.h similarity index 67% rename from rsh.tproj/pathnames.h rename to kdumpd.tproj/kdumpsubs.h index 812b0d0..2bc213e 100644 --- a/rsh.tproj/pathnames.h +++ b/kdumpd.tproj/kdumpsubs.h @@ -3,26 +3,27 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ /* - * Copyright (c) 1989, 1993 + * Copyright (c) 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -53,7 +54,20 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * from: @(#)pathnames.h 8.1 (Berkeley) 6/6/93 + * @(#)kdumpsubs.h 8.1 (Berkeley) 6/6/93 + */ + +/* + * Prototypes for read-ahead/write-behind subroutines for kdump user and + * server. */ +struct kdumphdr *r_init __P((void)); +void read_ahead __P((FILE *, int)); +int readit __P((FILE *, struct kdumphdr **, int)); + +int synchnet __P((int)); + +struct kdumphdr *w_init __P((void)); +int write_behind __P((FILE *, int)); +int writeit __P((FILE *, struct kdumphdr **, int, int)); -#define _PATH_RLOGIN "/usr/bin/rlogin" diff --git a/logger.tproj/logger.c b/logger.tproj/logger.c index 0ec8b27..ba5493d 100644 --- a/logger.tproj/logger.c +++ b/logger.tproj/logger.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/makedbm.tproj/Makefile b/makedbm.tproj/Makefile index 143e661..599e390 100644 --- a/makedbm.tproj/Makefile +++ b/makedbm.tproj/Makefile @@ -12,7 +12,7 @@ NAME = makedbm PROJECTVERSION = 2.8 PROJECT_TYPE = Tool -HFILES = db.h ypdb.h ypdef.h +HFILES = _db.h ypdb.h ypdef.h CFILES = db.c makedbm.c ypdb.c diff --git a/makedbm.tproj/Makefile.postamble b/makedbm.tproj/Makefile.postamble index 509e7f5..2be911b 100644 --- a/makedbm.tproj/Makefile.postamble +++ b/makedbm.tproj/Makefile.postamble @@ -99,3 +99,7 @@ STRIPFLAGS = # owned by the top-level Makefile API and no context has been set up for where # derived files should go. # + +install-man-page: + install -d $(DSTROOT)/usr/share/man/man8 + install -c -m 444 makedbm.8 $(DSTROOT)/usr/share/man/man8/makedbm.8 diff --git a/makedbm.tproj/Makefile.preamble b/makedbm.tproj/Makefile.preamble index 83f25c7..e48625d 100644 --- a/makedbm.tproj/Makefile.preamble +++ b/makedbm.tproj/Makefile.preamble @@ -121,3 +121,5 @@ # This definition will suppress stripping of debug symbols when an executable # is installed. By default it is YES. # STRIP_ON_INSTALL = NO + +AFTER_INSTALL += install-man-page diff --git a/makedbm.tproj/db.h b/makedbm.tproj/_db.h similarity index 78% rename from makedbm.tproj/db.h rename to makedbm.tproj/_db.h index bbcf1a1..e3e1164 100644 --- a/makedbm.tproj/db.h +++ b/makedbm.tproj/_db.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/makedbm.tproj/db.c b/makedbm.tproj/db.c index b5562b4..65ede66 100644 --- a/makedbm.tproj/db.c +++ b/makedbm.tproj/db.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ @@ -62,7 +63,7 @@ static char rcsid[] = "$OpenBSD: db.c,v 1.1 1997/07/22 10:52:59 maja Exp $"; #include #include #include -#include "db.h" +#include "_db.h" #include "ypdb.h" /* diff --git a/makedbm.tproj/makedbm.c b/makedbm.tproj/makedbm.c index 8d2f73e..d34ba0a 100644 --- a/makedbm.tproj/makedbm.c +++ b/makedbm.tproj/makedbm.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/makedbm.tproj/ypdb.c b/makedbm.tproj/ypdb.c index c9bd178..9530e42 100644 --- a/makedbm.tproj/ypdb.c +++ b/makedbm.tproj/ypdb.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/makedbm.tproj/ypdb.h b/makedbm.tproj/ypdb.h index 9afbad5..61e9547 100644 --- a/makedbm.tproj/ypdb.h +++ b/makedbm.tproj/ypdb.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ @@ -67,7 +68,7 @@ #define _YPDB_H_ #ifndef _DB_H_ -#include +#include #endif #define YPDB_SUFFIX ".db" diff --git a/makedbm.tproj/ypdef.h b/makedbm.tproj/ypdef.h index 89970d7..ade70ef 100644 --- a/makedbm.tproj/ypdef.h +++ b/makedbm.tproj/ypdef.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/natd.tproj/icmp.c b/natd.tproj/icmp.c index 4e62d3f..e05f255 100644 --- a/natd.tproj/icmp.c +++ b/natd.tproj/icmp.c @@ -3,19 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * The contents of this file constitute Original Code as defined in and - * are subject to the Apple Public Source License Version 1.1 (the - * "License"). You may not use this file except in compliance with the - * License. Please obtain a copy of the License at - * http://www.apple.com/publicsource and read it before using this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. * - * This Original Code and all software distributed under the License are - * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. + * + * The Original Code and all software distributed under the License are + * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License. + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/natd.tproj/natd.8 b/natd.tproj/natd.8 index e3786fa..2520d24 100644 --- a/natd.tproj/natd.8 +++ b/natd.tproj/natd.8 @@ -1,5 +1,5 @@ .\" manual page [] for natd 1.4 -.\" $Id: natd.8,v 1.4.32.1 2003/03/11 00:59:15 mscopp Exp $ +.\" $Id: natd.8,v 1.5 2003/02/07 01:19:25 mscopp Exp $ .Dd June 27, 2000 .Os Darwin .Dt NATD 8 diff --git a/natd.tproj/natd.c b/natd.tproj/natd.c index d643767..429c7f4 100644 --- a/natd.tproj/natd.c +++ b/natd.tproj/natd.c @@ -3,19 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * The contents of this file constitute Original Code as defined in and - * are subject to the Apple Public Source License Version 1.1 (the - * "License"). You may not use this file except in compliance with the - * License. Please obtain a copy of the License at - * http://www.apple.com/publicsource and read it before using this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. * - * This Original Code and all software distributed under the License are - * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. + * + * The Original Code and all software distributed under the License are + * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License. + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/natd.tproj/natd.h b/natd.tproj/natd.h index f2c1f26..204c305 100644 --- a/natd.tproj/natd.h +++ b/natd.tproj/natd.h @@ -3,19 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * The contents of this file constitute Original Code as defined in and - * are subject to the Apple Public Source License Version 1.1 (the - * "License"). You may not use this file except in compliance with the - * License. Please obtain a copy of the License at - * http://www.apple.com/publicsource and read it before using this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. * - * This Original Code and all software distributed under the License are - * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. + * + * The Original Code and all software distributed under the License are + * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License. + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/netstat.tproj/Makefile.preamble b/netstat.tproj/Makefile.preamble index 28e0879..ffc363f 100644 --- a/netstat.tproj/Makefile.preamble +++ b/netstat.tproj/Makefile.preamble @@ -1,6 +1,6 @@ CLEAN_ALL_SUBPROJECTS = YES OTHER_GENERATED_OFILES = $(VERS_OFILE) -OTHER_CFLAGS += -DINET6 -DIPSEC +OTHER_CFLAGS += -DINET6 -DIPSEC -DSRVCACHE AFTER_INSTALL += install-man-page -include ../Makefile.include vpath %.c `pwd` diff --git a/netstat.tproj/data.c b/netstat.tproj/data.c index 9e0bbe2..16aeae5 100644 --- a/netstat.tproj/data.c +++ b/netstat.tproj/data.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/netstat.tproj/inet.c b/netstat.tproj/inet.c index 7200bad..325aa4f 100644 --- a/netstat.tproj/inet.c +++ b/netstat.tproj/inet.c @@ -36,7 +36,7 @@ static char sccsid[] = "@(#)inet.c 8.5 (Berkeley) 5/24/95"; */ static const char rcsid[] = - "$Id: inet.c,v 1.4 2002/06/06 00:18:13 laurent Exp $"; + "$Id: inet.c,v 1.6 2003/07/08 22:49:49 lindak Exp $"; #endif /* not lint */ #include @@ -75,6 +75,7 @@ static const char rcsid[] = #include #include #include +#include #include #include #include "netstat.h" @@ -86,6 +87,77 @@ extern void inet6print (struct in6_addr *, int, char *, int); static int udp_done, tcp_done; #endif /* INET6 */ +#ifdef SRVCACHE +typedef struct __table_private table_t; + +extern table_t *_nc_table_new(uint32_t n); +extern void _nc_table_free(table_t *tin); + +extern void _nc_table_insert(table_t *t, const char *key, void *datum); +extern void *_nc_table_find(table_t *t, const char *key); +extern void _nc_table_delete(table_t *t, const char *key); + +static table_t *_serv_cache = NULL; + +/* + * Read and cache all known services + */ +static void +_serv_cache_open() +{ + struct servent *s; + char *key, *name; + + if (_serv_cache != NULL) return; + + _serv_cache = _nc_table_new(8192); + setservent(0); + + while (NULL != (s = getservent())) + { + if (s->s_name == NULL) continue; + key = NULL; + asprintf(&key, "%hu/%s", (unsigned short)ntohs(s->s_port), s->s_proto); + name = strdup(s->s_name); + name = _nc_table_find(_serv_cache, key); + if (name == NULL) _nc_table_insert(_serv_cache, key, name); + free(key); + } + + endservent(); +} + +void +_serv_cache_close() +{ + _nc_table_free(_serv_cache); + _serv_cache = NULL; +} + +struct servent * +_serv_cache_getservbyport(int port, char *proto) +{ + static struct servent s; + char *key; + unsigned short p; + + _serv_cache_open(); + + memset(&s, 0, sizeof(struct servent)); + asprintf(&key, "%u/%s", port, (proto == NULL) ? "udp" : proto); + + s.s_name = _nc_table_find(_serv_cache, key); + free(key); + if (s.s_name == NULL) return NULL; + + p = port; + s.s_port = htons(p); + s.s_proto = proto; + return &s; +} + +#endif SRVCACHE + /* * Print a summary of connections related to an Internet * protocol. For TCP, also give state of connection. @@ -192,7 +264,16 @@ protopr(u_long proto, /* for sysctl version we pass proto # */ )) ) continue; - if (!aflag && +#ifdef __APPLE__ + /* + * Local address is not an indication of listening socket or + * server sockey but just rather the socket has been bound. + * That why many UDP sockets were not displayed in the original code. + */ + if (!aflag && istcp && tp->t_state <= TCPS_LISTEN) + continue; +#else + if (!aflag && ( (af == AF_INET && inet_lnaof(inp->inp_laddr) == INADDR_ANY) @@ -209,9 +290,13 @@ protopr(u_long proto, /* for sysctl version we pass proto # */ #endif )) )) - continue; + continue; +#endif - if (first) { + if (Lflag && !so->so_qlimit) + continue; + + if (first) { if (!Lflag) { printf("Active Internet connections"); if (aflag) @@ -234,21 +319,19 @@ protopr(u_long proto, /* for sysctl version we pass proto # */ "(state)"); first = 0; } - if (Aflag) { - if (istcp) - printf("%8lx ", (u_long)inp->inp_ppcb); - else - printf("%8lx ", (u_long)so->so_pcb); - } - if (Lflag) - if (so->so_qlimit) { + if (Aflag) { + if (istcp) + printf("%8lx ", (u_long)inp->inp_ppcb); + else + printf("%8lx ", (u_long)so->so_pcb); + } + if (Lflag) { char buf[15]; snprintf(buf, 15, "%d/%d/%d", so->so_qlen, so->so_incqlen, so->so_qlimit); printf("%-14.14s ", buf); - } else - continue; + } else { const char *vchar; @@ -696,7 +779,11 @@ inetprint(struct in_addr *in, int port, char *proto, int numeric_port) sprintf(line, "%.*s.", (Aflag && !numeric_port) ? 12 : 16, inetname(in)); cp = index(line, '\0'); if (!numeric_port && port) +#ifdef _SERVICE_CACHE_ + sp = _serv_cache_getservbyport(port, proto); +#else sp = getservbyport((int)port, proto); +#endif if (sp || port == 0) sprintf(cp, "%.15s ", sp ? sp->s_name : "*"); else diff --git a/netstat.tproj/inet6.c b/netstat.tproj/inet6.c index 8fefbeb..c8bb084 100644 --- a/netstat.tproj/inet6.c +++ b/netstat.tproj/inet6.c @@ -1035,6 +1035,19 @@ rip6_stats(u_long off __unused, char *name, int af __unused) * Pretty print an Internet address (net address + port). * If the nflag was specified, use numbers instead of names. */ +#ifdef SRVCACHE +extern struct servent * _serv_cache_getservbyport(int port, char *proto); + +#define GETSERVBYPORT6(port, proto, ret)\ +{\ + if (strcmp((proto), "tcp6") == 0)\ + (ret) = _serv_cache_getservbyport((int)(port), "tcp");\ + else if (strcmp((proto), "udp6") == 0)\ + (ret) = _serv_cache_getservbyport((int)(port), "udp");\ + else\ + (ret) = _serv_cache_getservbyport((int)(port), (proto));\ +}; +#else #define GETSERVBYPORT6(port, proto, ret)\ {\ if (strcmp((proto), "tcp6") == 0)\ @@ -1044,7 +1057,7 @@ rip6_stats(u_long off __unused, char *name, int af __unused) else\ (ret) = getservbyport((int)(port), (proto));\ }; - +#endif void inet6print(struct in6_addr *in6, int port, char *proto, int numeric) { diff --git a/netstat.tproj/main.c b/netstat.tproj/main.c index b6144de..9eea7a3 100644 --- a/netstat.tproj/main.c +++ b/netstat.tproj/main.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ @@ -65,7 +66,7 @@ char const copyright[] = static char sccsid[] = "@(#)main.c 8.4 (Berkeley) 3/1/94"; #endif static const char rcsid[] = - "$Id: main.c,v 1.4 2002/03/05 20:35:14 lindak Exp $"; + "$Id: main.c,v 1.5 2003/07/08 22:49:49 lindak Exp $"; #endif /* not lint */ #include @@ -100,7 +101,7 @@ static const char rcsid[] = * this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp * ---------------------------------------------------------------------------- * - * $Id: main.c,v 1.4 2002/03/05 20:35:14 lindak Exp $ + * $Id: main.c,v 1.5 2003/07/08 22:49:49 lindak Exp $ * */ @@ -347,6 +348,9 @@ static void printproto (struct protox *, char *); static void usage (void); static struct protox *name2protox (char *); static struct protox *knownname (char *); +#ifdef SRVCACHE +extern void _serv_cache_close(); +#endif static kvm_t *kvmd; static char *nlistf = NULL, *memf = NULL; @@ -630,6 +634,9 @@ main(argc, argv) #endif if ((af == AF_UNIX || af == AF_UNSPEC) && !Lflag && !sflag) unixpr(); +#ifdef SRVCACHE + _serv_cache_close(); +#endif exit(0); } diff --git a/netstat.tproj/mbuf.c b/netstat.tproj/mbuf.c index 95f81b4..260f6aa 100644 --- a/netstat.tproj/mbuf.c +++ b/netstat.tproj/mbuf.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/netstat.tproj/mroute.c b/netstat.tproj/mroute.c index a2d22f9..4c94d2b 100644 --- a/netstat.tproj/mroute.c +++ b/netstat.tproj/mroute.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/netstat.tproj/netstat.h b/netstat.tproj/netstat.h index b64150a..64030ca 100644 --- a/netstat.tproj/netstat.h +++ b/netstat.tproj/netstat.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/netstat.tproj/route.c b/netstat.tproj/route.c index 5a3bfb1..493437b 100644 --- a/netstat.tproj/route.c +++ b/netstat.tproj/route.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ @@ -59,7 +60,7 @@ static char sccsid[] = "From: @(#)route.c 8.6 (Berkeley) 4/28/95"; #endif static const char rcsid[] = - "$Id: route.c,v 1.3 2002/03/05 20:35:15 lindak Exp $"; + "$Id: route.c,v 1.4 2003/07/08 23:03:54 lindak Exp $"; #endif /* not lint */ #include @@ -862,7 +863,7 @@ routename6(struct sockaddr_in6 *sa6) static char line[MAXHOSTNAMELEN]; int flag = NI_WITHSCOPEID; /* use local variable for safety */ - struct sockaddr_in6 sa6_local = {AF_INET6, sizeof(sa6_local),}; + struct sockaddr_in6 sa6_local = {sizeof(sa6_local), AF_INET6, }; sa6_local.sin6_addr = sa6->sin6_addr; sa6_local.sin6_scope_id = sa6->sin6_scope_id; diff --git a/netstat.tproj/unix.c b/netstat.tproj/unix.c index 541c716..2711e01 100644 --- a/netstat.tproj/unix.c +++ b/netstat.tproj/unix.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/nfsd.tproj/nfsd.c b/nfsd.tproj/nfsd.c index 1c5acec..84eed6b 100644 --- a/nfsd.tproj/nfsd.c +++ b/nfsd.tproj/nfsd.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ @@ -173,7 +174,7 @@ main(argc, argv, envp) envp++; LastArg = envp[-1] + strlen(envp[-1]); -#define MAXNFSDCNT 20 +#define MAXNFSDCNT 64 #define DEFNFSDCNT 4 nfsdcnt = DEFNFSDCNT; cltpflag = reregister = tcpflag = tp4cnt = tp4flag = tpipcnt = 0; @@ -190,7 +191,7 @@ main(argc, argv, envp) case 'n': nfsdcnt = atoi(optarg); if (nfsdcnt < 1 || nfsdcnt > MAXNFSDCNT) { - warnx("nfsd count %d; reset to %d", DEFNFSDCNT); + warnx("nfsd count %d; reset to %d", nfsdcnt, DEFNFSDCNT); nfsdcnt = DEFNFSDCNT; } break; @@ -232,7 +233,7 @@ main(argc, argv, envp) if (argc == 1) { nfsdcnt = atoi(argv[0]); if (nfsdcnt < 1 || nfsdcnt > MAXNFSDCNT) { - warnx("nfsd count %d; reset to %d", DEFNFSDCNT); + warnx("nfsd count %d; reset to %d", nfsdcnt, DEFNFSDCNT); nfsdcnt = DEFNFSDCNT; } } diff --git a/nfsiod.tproj/nfsiod.8 b/nfsiod.tproj/nfsiod.8 index 2acd365..8622c93 100644 --- a/nfsiod.tproj/nfsiod.8 +++ b/nfsiod.tproj/nfsiod.8 @@ -57,8 +57,9 @@ The options are as follows: Specify how many servers are to be started. .El .Pp -A client should run enough daemons to handle its maximum -level of concurrency, typically four to six. +A client should run enough servers to handle its maximum +level of concurrency, typically four to six. Each server +runs as a separate thread within the nfsiod process. .Pp The .Nm nfsiod diff --git a/nfsiod.tproj/nfsiod.c b/nfsiod.tproj/nfsiod.c index 07a87ff..dfc48d0 100644 --- a/nfsiod.tproj/nfsiod.c +++ b/nfsiod.tproj/nfsiod.c @@ -1,23 +1,24 @@ /* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. + * Copyright (c) 1999-2003 Apple Computer, Inc. All rights reserved. * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ @@ -77,6 +78,8 @@ #include #include #include +#include +#include /* Global defs */ #ifdef DEBUG @@ -84,10 +87,13 @@ int debug = 1; #else int debug = 0; #endif +int *thread_status = NULL; +pthread_cond_t cond; +pthread_mutex_t mutex; void nonfs __P((int)); -void reapchild __P((int)); void usage __P((void)); +void *nfsiod_thread __P((void *)); /* * Nfsiod does asynchronous buffered I/O on behalf of the NFS client. @@ -100,18 +106,19 @@ main(argc, argv) char *argv[]; { int ch, num_servers; + int i, rv, threadcnt; -#define MAXNFSDCNT 20 -#define DEFNFSDCNT 1 - num_servers = DEFNFSDCNT; +#define MAXNFSIODCNT 32 +#define DEFNFSIODCNT 1 + num_servers = DEFNFSIODCNT; while ((ch = getopt(argc, argv, "n:")) != EOF) switch (ch) { case 'n': num_servers = atoi(optarg); - if (num_servers < 1 || num_servers > MAXNFSDCNT) { + if (num_servers < 1 || num_servers > MAXNFSIODCNT) { warnx("nfsiod count %d; reset to %d", - DEFNFSDCNT); - num_servers = DEFNFSDCNT; + num_servers, DEFNFSIODCNT); + num_servers = DEFNFSIODCNT; } break; case '?': @@ -129,12 +136,23 @@ main(argc, argv) usage(); if (argc == 1) { num_servers = atoi(argv[0]); - if (num_servers < 1 || num_servers > MAXNFSDCNT) { - warnx("nfsiod count %d; reset to %d", DEFNFSDCNT); - num_servers = DEFNFSDCNT; + if (num_servers < 1 || num_servers > MAXNFSIODCNT) { + warnx("nfsiod count %d; reset to %d", + num_servers, DEFNFSIODCNT); + num_servers = DEFNFSIODCNT; } } + thread_status = malloc(sizeof(int) * num_servers); + if (thread_status == NULL) + errx(1, "unable to allocate memory"); + rv = pthread_cond_init(&cond, NULL); + if (rv) + errc(1, rv, "condition variable init failed"); + rv = pthread_mutex_init(&mutex, NULL); + if (rv) + errc(1, rv, "mutex init failed"); + if (debug == 0) { daemon(0, 0); (void)signal(SIGHUP, SIG_IGN); @@ -142,38 +160,75 @@ main(argc, argv) (void)signal(SIGQUIT, SIG_IGN); (void)signal(SIGSYS, nonfs); } - (void)signal(SIGCHLD, reapchild); openlog("nfsiod:", LOG_PID, LOG_DAEMON); - while (num_servers--) - switch (fork()) { - case -1: - syslog(LOG_ERR, "fork: %m"); - exit (1); - case 0: - if (nfssvc(NFSSVC_BIOD, NULL) < 0) { - syslog(LOG_ERR, "nfssvc: %m"); - exit (1); - } - exit(0); + threadcnt = 0; + for (i=0; i < num_servers; i++) { + pthread_t thd; + thread_status[i] = 1; + rv = pthread_create(&thd, NULL, nfsiod_thread, (void*)i); + if (rv) { + syslog(LOG_ERR, "thread_create: %s", strerror(rv)); + thread_status[i] = 0; + continue; + } + threadcnt++; + } + /* if no threads started exit */ + if (!threadcnt) + errx(1, "unable to start any threads"); + if (threadcnt != num_servers) + syslog(LOG_ERR, "only able to create %d of %d threads", + threadcnt, num_servers); + + /* wait for threads to complete */ + rv = pthread_mutex_lock(&mutex); + if (rv) + errc(1, rv, "mutex lock failed"); + while (threadcnt > 0) { + rv = pthread_cond_wait(&cond, &mutex); + if (rv) + errc(1, rv, "nfsiod: cond wait failed"); + for (i=0; i < num_servers; i++) { + if (!thread_status[i]) + continue; + if (thread_status[i] == 1) + continue; + threadcnt--; + thread_status[i] = 0; + syslog(LOG_ERR, "lost nfsiod thread %d - " + "%d of %d threads remain", + i, threadcnt, num_servers); } + rv = pthread_mutex_lock(&mutex); + if (rv) + errc(1, rv, "mutex lock failed"); + } + exit (0); } -void -nonfs(signo) - int signo; +void * +nfsiod_thread(void *arg) { - syslog(LOG_ERR, "missing system call: NFS not available."); + int rv, thread = (int)arg; + if ((rv = nfssvc(NFSSVC_BIOD, NULL)) < 0) { + thread_status[thread] = rv; + syslog(LOG_ERR, "nfssvc: %s", strerror(rv)); + pthread_cond_signal(&cond); + return NULL; + } + thread_status[thread] = 0; + pthread_cond_signal(&cond); + return NULL; } void -reapchild(signo) +nonfs(signo) int signo; { - - while (wait3(NULL, WNOHANG, NULL)); + syslog(LOG_ERR, "missing system call: NFS not available."); } void diff --git a/nfsstat.tproj/nfsstat.c b/nfsstat.tproj/nfsstat.c index 1f589c3..b91f089 100644 --- a/nfsstat.tproj/nfsstat.c +++ b/nfsstat.tproj/nfsstat.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ping.tproj/Makefile.postamble b/ping.tproj/Makefile.postamble index 23e0214..8c86f26 100644 --- a/ping.tproj/Makefile.postamble +++ b/ping.tproj/Makefile.postamble @@ -1 +1,5 @@ INSTALL_PERMISSIONS = 4555 # If set, 'install' chmod's executable to this + +after_install:: + /usr/bin/install -m 755 -d $(DSTROOT)/usr/share/man/man8 + /usr/bin/install -m 444 -c ping.8 $(DSTROOT)/usr/share/man/man8 diff --git a/ping.tproj/ping.c b/ping.tproj/ping.c index 4aad17e..c152f09 100644 --- a/ping.tproj/ping.c +++ b/ping.tproj/ping.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ping6.tproj/Makefile.preamble b/ping6.tproj/Makefile.preamble index 604fd2a..e3cfeab 100644 --- a/ping6.tproj/Makefile.preamble +++ b/ping6.tproj/Makefile.preamble @@ -1,4 +1,4 @@ OTHER_GENERATED_OFILES = $(VERS_OFILE) -include ../Makefile.include -LOCAL_CFLAGS= -DINET6 -DIPSEC_DEBUG -DKAME_SCOPEID +LOCAL_CFLAGS= -DINET6 -DIPSEC_DEBUG -DKAME_SCOPEID -DIPSEC AFTER_INSTALL += install-man-page diff --git a/ping6.tproj/ping6.c b/ping6.tproj/ping6.c index b49a37b..e1a225e 100644 --- a/ping6.tproj/ping6.c +++ b/ping6.tproj/ping6.c @@ -104,6 +104,8 @@ static const char rcsid[] = * network attached to 1 or more interfaces) */ +#define BIND_8_COMPAT + #include #include #include diff --git a/racoon.tproj/Makefile b/racoon.tproj/Makefile index 5582c9c..7836daf 100644 --- a/racoon.tproj/Makefile +++ b/racoon.tproj/Makefile @@ -12,7 +12,7 @@ NAME = racoon PROJECTVERSION = 2.8 PROJECT_TYPE = Tool -HFILES = admin.h algorithm.h backupsa.h crypto_openssl.h dnssec.h\ +HFILES = admin.h algorithm.h arc4random.h backupsa.h crypto_openssl.h dnssec.h\ grabmyaddr.h gssapi.h handler.h ipsec_doi.h isakmp_agg.h\ isakmp_base.h isakmp_ident.h isakmp_inf.h isakmp_newg.h\ isakmp_quick.h isakmp.h localconf.h logger.h misc.h oakley.h\ @@ -21,7 +21,7 @@ HFILES = admin.h algorithm.h backupsa.h crypto_openssl.h dnssec.h\ schedule.h session.h sha2.h sockmisc.h str2val.h strnames.h\ vendorid.h vmbuf.h admin_var.h cftoken.h debug.h dhgroup.h\ gcmalloc.h isakmp_var.h libpfkey.h netdb_dnssec.h\ - rijndael_local.h rijndael.h var.h + rijndael_local.h rijndael.h var.h isakmp_natd.h OTHERLINKED = cfparse.y cftoken.l @@ -33,10 +33,10 @@ CFILES = admin.c algorithm.c backupsa.c crypto_openssl.c dnssec.c\ pfkey2.c pfkey_dump.c plog.c policy.c proposal.c\ remoteconf.c rijndael-alg-fst.c rijndael-api-fst.c safefile.c\ sainfo.c schedule.c session.c sha2.c sockmisc.c str2val.c\ - strnames.c vendorid.c vmbuf.c + strnames.c vendorid.c vmbuf.c isakmp_natd.c OTHERSRCS = Makefile.preamble Makefile Makefile.postamble boxes-fst.dat\ - psk.txt racoon.8 racoon.conf racoon.conf.5 + psk.txt racoon.8 racoon.conf anonymous.conf racoon.conf.5 OTHERLINKEDOFILES = cfparse.o cftoken.o @@ -50,7 +50,7 @@ LIBS = -lcrypto -lipsec -lssl DEBUG_LIBS = $(LIBS) PROF_LIBS = $(LIBS) - +FRAMEWORKS = -framework CoreFoundation -framework Security NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc diff --git a/racoon.tproj/Makefile.postamble b/racoon.tproj/Makefile.postamble index 4537084..f29e360 100644 --- a/racoon.tproj/Makefile.postamble +++ b/racoon.tproj/Makefile.postamble @@ -106,5 +106,7 @@ install-man-page: install-config-files: install -d $(DSTROOT)/private/etc/racoon + install -d $(DSTROOT)/private/etc/racoon/remote install -c -m 644 racoon.conf $(DSTROOT)/private/etc/racoon/racoon.conf + install -c -m 600 anonymous.conf $(DSTROOT)/private/etc/racoon/remote/anonymous.conf install -c -m 600 psk.txt $(DSTROOT)/private/etc/racoon/psk.txt diff --git a/racoon.tproj/Makefile.preamble b/racoon.tproj/Makefile.preamble index d80d596..327db3d 100644 --- a/racoon.tproj/Makefile.preamble +++ b/racoon.tproj/Makefile.preamble @@ -47,7 +47,7 @@ LOCAL_CFLAGS=-DHAVE_FUNCTION_MACRO=1 -DENABLE_IPV6=1 -DADVAPI=1 -DHAVE_GETADDRIN -DTIME_WITH_SYS_TIME=1 -DRETSIGTYPE=void -DHAVE_VPRINTF=1 -DHAVE_GETTIMEOFDAY=1 -DHAVE_SELECT=1 \ -DHAVE_SOCKET=1 -DHAVE_STRERROR=1 -DHAVE_STRTOL=1 -DHAVE_STRTOUL=1 -DHAVE_STRDUP=1 \ -DHAVE_GETIFADDRS=1 -DINET6 -DHAVE_PFKEYV2 -O -DYIPS_DEBUG -DIPSEC -Dss_family=__ss_family \ --Dss_len=__ss_len -DSYSCONFDIR=\"/etc/racoon\" -DYY_NO_UNPUT -I../ipsec +-Dss_len=__ss_len -DSYSCONFDIR=\"/etc/racoon\" -DYY_NO_UNPUT -DIKE_NAT_T -I../ipsec LOCAL_YFLAGS= -d diff --git a/racoon.tproj/PB.project b/racoon.tproj/PB.project index c46b63a..6bb393f 100644 --- a/racoon.tproj/PB.project +++ b/racoon.tproj/PB.project @@ -50,7 +50,8 @@ "netdb_dnssec.h", "rijndael_local.h", "rijndael.h", - "var.h" + "var.h", + "isakmp_natd.h" ); "OTHER_LIBS" = (crypto, ipsec, ssl); "OTHER_LINKED" = ( @@ -97,7 +98,8 @@ "str2val.c", "strnames.c", "vendorid.c", - "vmbuf.c" + "vmbuf.c", + "isakmp_natd.c" ); "OTHER_SOURCES" = ( "Makefile.preamble", @@ -107,6 +109,7 @@ "psk.txt", "racoon.8", "racoon.conf", + "anonymous.conf", "racoon.conf.5" ); }; diff --git a/racoon.tproj/admin.c b/racoon.tproj/admin.c index 575c556..bcbba55 100644 --- a/racoon.tproj/admin.c +++ b/racoon.tproj/admin.c @@ -1,4 +1,4 @@ -/* $KAME: admin.c,v 1.22 2001/04/03 15:51:54 thorpej Exp $ */ +/* $KAME: admin.c,v 1.23 2001/06/01 10:12:55 sakane Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. diff --git a/racoon.tproj/admin.h b/racoon.tproj/admin.h index 8cf15ee..ef0b3ef 100644 --- a/racoon.tproj/admin.h +++ b/racoon.tproj/admin.h @@ -1,4 +1,4 @@ -/* $KAME: admin.h,v 1.7 2000/09/13 04:50:23 itojun Exp $ */ +/* $KAME: admin.h,v 1.8 2000/10/04 17:40:58 itojun Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. diff --git a/racoon.tproj/admin_var.h b/racoon.tproj/admin_var.h index ff3aea4..60d88ac 100644 --- a/racoon.tproj/admin_var.h +++ b/racoon.tproj/admin_var.h @@ -1,4 +1,4 @@ -/* $KAME: admin_var.h,v 1.3 2000/10/04 17:40:58 itojun Exp $ */ +/* $KAME: admin_var.h,v 1.4 2001/06/01 10:12:55 sakane Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. diff --git a/racoon.tproj/algorithm.c b/racoon.tproj/algorithm.c index 90e0824..0c05a5c 100644 --- a/racoon.tproj/algorithm.c +++ b/racoon.tproj/algorithm.c @@ -1,4 +1,4 @@ -/* $KAME: algorithm.c,v 1.21 2001/10/05 02:42:55 sakane Exp $ */ +/* $KAME: algorithm.c,v 1.25 2002/06/10 20:01:21 itojun Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -60,15 +60,15 @@ static struct hash_algorithm oakley_hashdef[] = { { "sha2_256", algtype_sha2_256, OAKLEY_ATTR_HASH_ALG_SHA2_256, eay_sha2_256_init, eay_sha2_256_update, eay_sha2_256_final, eay_sha2_256_hashlen, - eay_sha1_one, }, + eay_sha2_256_one, }, { "sha2_384", algtype_sha2_384, OAKLEY_ATTR_HASH_ALG_SHA2_384, eay_sha2_384_init, eay_sha2_384_update, eay_sha2_384_final, eay_sha2_384_hashlen, - eay_sha1_one, }, + eay_sha2_384_one, }, { "sha2_512", algtype_sha2_512, OAKLEY_ATTR_HASH_ALG_SHA2_512, eay_sha2_512_init, eay_sha2_512_update, eay_sha2_512_final, eay_sha2_512_hashlen, - eay_sha1_one, }, + eay_sha2_512_one, }, }; static struct hmac_algorithm oakley_hmacdef[] = { @@ -148,7 +148,7 @@ static struct enc_algorithm ipsec_encdef[] = { NULL, eay_des_keylen, }, { "null", algtype_null_enc, IPSECDOI_ESP_NULL, 8, NULL, NULL, - NULL, eay_3des_keylen, }, + NULL, eay_null_keylen, }, { "rijndael", algtype_rijndael, IPSECDOI_ESP_RIJNDAEL, 16, NULL, NULL, NULL, eay_aes_keylen, }, @@ -363,7 +363,7 @@ alg_oakley_hmacdef_one(doi, key, buf) #ifdef ENABLE_STATS gettimeofday(&end, NULL); - syslog(LOG_NOTICE, "%s(%s size=%d): %8.6f", __FUNCTION__, + syslog(LOG_NOTICE, "%s(%s size=%d): %8.6f", __func__, f->name, buf->l, timedelta(&start, &end)); #endif @@ -462,7 +462,7 @@ alg_oakley_encdef_decrypt(doi, buf, key, iv) #ifdef ENABLE_STATS gettimeofday(&end, NULL); - syslog(LOG_NOTICE, "%s(%s klen=%d size=%d): %8.6f", __FUNCTION__, + syslog(LOG_NOTICE, "%s(%s klen=%d size=%d): %8.6f", __func__, f->name, key->l << 3, buf->l, timedelta(&start, &end)); #endif return res; @@ -491,7 +491,7 @@ alg_oakley_encdef_encrypt(doi, buf, key, iv) #ifdef ENABLE_STATS gettimeofday(&end, NULL); - syslog(LOG_NOTICE, "%s(%s klen=%d size=%d): %8.6f", __FUNCTION__, + syslog(LOG_NOTICE, "%s(%s klen=%d size=%d): %8.6f", __func__, f->name, key->l << 3, buf->l, timedelta(&start, &end)); #endif return res; diff --git a/racoon.tproj/algorithm.h b/racoon.tproj/algorithm.h index 91a8734..0e7bd2b 100644 --- a/racoon.tproj/algorithm.h +++ b/racoon.tproj/algorithm.h @@ -1,4 +1,4 @@ -/* $KAME: algorithm.h,v 1.19 2001/08/16 06:17:12 sakane Exp $ */ +/* $KAME: algorithm.h,v 1.20 2001/12/12 18:23:41 sakane Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. diff --git a/racoon.tproj/anonymous.conf b/racoon.tproj/anonymous.conf new file mode 100644 index 0000000..70b0ed4 --- /dev/null +++ b/racoon.tproj/anonymous.conf @@ -0,0 +1,34 @@ +remote anonymous +{ + #exchange_mode main,aggressive; + exchange_mode aggressive,main; + doi ipsec_doi; + situation identity_only; + + #my_identifier address; + my_identifier user_fqdn "macuser@localhost"; + peers_identifier user_fqdn "macuser@localhost"; + #certificate_type x509 "mycert" "mypriv"; + + nonce_size 16; + lifetime time 1 min; # sec,min,hour + initial_contact on; + support_mip6 on; + proposal_check obey; # obey, strict or claim + + proposal { + encryption_algorithm 3des; + hash_algorithm sha1; + authentication_method pre_shared_key ; + dh_group 2 ; + } +} + +sainfo anonymous +{ + pfs_group 1; + lifetime time 30 sec; + encryption_algorithm aes, 3des ; + authentication_algorithm hmac_sha1; + compression_algorithm deflate ; +} diff --git a/racoonctl.tproj/str2val.h b/racoon.tproj/arc4random.h similarity index 86% rename from racoonctl.tproj/str2val.h rename to racoon.tproj/arc4random.h index 15f5245..f89e924 100644 --- a/racoonctl.tproj/str2val.h +++ b/racoon.tproj/arc4random.h @@ -1,7 +1,7 @@ -/* $KAME: str2val.h,v 1.5 2000/10/04 17:41:04 itojun Exp $ */ +/* $KAME: arc4random.h,v 1.1 2002/06/04 05:23:26 itojun Exp $ */ /* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. + * Copyright (C) 2000 WIDE Project. * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -29,5 +29,4 @@ * SUCH DAMAGE. */ -extern caddr_t val2str __P((const char *, size_t)); -extern char *str2val __P((const char *, int, size_t *)); +extern u_int32_t arc4random __P((void)); diff --git a/racoon.tproj/backupsa.c b/racoon.tproj/backupsa.c index 96a4ff6..4462770 100644 --- a/racoon.tproj/backupsa.c +++ b/racoon.tproj/backupsa.c @@ -1,4 +1,4 @@ -/* $KAME: backupsa.c,v 1.15 2001/11/16 04:08:10 sakane Exp $ */ +/* $KAME: backupsa.c,v 1.16 2001/12/31 20:13:40 thorpej Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -329,7 +329,7 @@ do { \ wsize, keymat, e_type, e_keylen, a_type, a_keylen, flags, - 0, l_bytes, l_addtime, 0, seq) < 0) { + 0, l_bytes, l_addtime, 0, seq, 0) < 0) { plog(LLV_ERROR, LOCATION, NULL, "restore SA filed line#%d in %s: %s\n", line, lcconf->pathinfo[LC_PATHTYPE_BACKUPSA], ipsec_strerror()); diff --git a/racoon.tproj/backupsa.h b/racoon.tproj/backupsa.h index 42b1fe7..c3b2533 100644 --- a/racoon.tproj/backupsa.h +++ b/racoon.tproj/backupsa.h @@ -1,4 +1,4 @@ -/* $KAME: backupsa.h,v 1.1 2001/01/31 05:32:55 sakane Exp $ */ +/* $KAME: backupsa.h,v 1.2 2001/01/31 05:38:44 sakane Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. diff --git a/racoon.tproj/cfparse.y b/racoon.tproj/cfparse.y index a3d87f0..13376a7 100644 --- a/racoon.tproj/cfparse.y +++ b/racoon.tproj/cfparse.y @@ -1,4 +1,4 @@ -/* $KAME: cfparse.y,v 1.111 2001/12/31 20:13:40 thorpej Exp $ */ +/* $KAME: cfparse.y,v 1.114 2003/02/03 08:27:50 itojun Exp $ */ %{ #include @@ -141,6 +141,7 @@ static int fix_lifebyte __P((u_long)); %token EXCHANGE_MODE EXCHANGETYPE DOI DOITYPE SITUATION SITUATIONTYPE %token CERTIFICATE_TYPE CERTTYPE PEERS_CERTFILE VERIFY_CERT SEND_CERT SEND_CR %token IDENTIFIERTYPE MY_IDENTIFIER PEERS_IDENTIFIER VERIFY_IDENTIFIER +%token SHARED_SECRET SECRETTYPE %token DNSSEC CERT_X509 %token NONCE_SIZE DH_GROUP KEEPALIVE PASSIVE INITIAL_CONTACT %token PROPOSAL_CHECK PROPOSAL_CHECK_LEVEL @@ -161,6 +162,7 @@ static int fix_lifebyte __P((u_long)); %type NUMBER BOOLEAN SWITCH keylength %type PATHTYPE IDENTIFIERTYPE LOGLEV +%type SECRETTYPE %type ALGORITHM_CLASS dh_group_num %type ALGORITHMTYPE STRENGTHTYPE %type PREFIX prefix PORT port ike_port @@ -219,7 +221,7 @@ special_statement /* include */ include_statement - : INCLUDE QUOTEDSTRING + : INCLUDE QUOTEDSTRING EOS { char path[MAXPATHLEN]; @@ -229,7 +231,6 @@ include_statement if (yycf_switch_buffer(path) != 0) return -1; } - EOS ; /* self infomation */ @@ -577,7 +578,7 @@ algorithm $$ = newsainfoalg(); if ($$ == NULL) { - yyerror("failed to get algorithm alocation"); + yyerror("failed to get algorithm allocation"); return -1; } @@ -782,6 +783,7 @@ remote_spec yyerror("failed to set identifer.\n"); return -1; } + vfree($3); cur_rmconf->idvtype = $2; } EOS @@ -791,10 +793,12 @@ remote_spec yyerror("failed to set identifer.\n"); return -1; } + vfree($3); cur_rmconf->idvtype_p = $2; } EOS | VERIFY_IDENTIFIER SWITCH { cur_rmconf->verify_identifier = $2; } EOS + | SHARED_SECRET SECRETTYPE QUOTEDSTRING { cur_rmconf->secrettype = $2; cur_rmconf->shared_secret = $3; } EOS | NONCE_SIZE NUMBER { cur_rmconf->nonce_size = $2; } EOS | DH_GROUP { @@ -1059,6 +1063,11 @@ cleanprhead() return; for (p = prhead; p != NULL; p = next) { + struct secprotospec *psp, *nextsp; + for (psp = p->spspec; psp; psp = nextsp) { + nextsp = psp->next; + racoon_free(p->spspec); + } next = p->next; racoon_free(p); } @@ -1317,6 +1326,8 @@ fix_lifebyte(t) } #endif +extern int yyparse(void); + int cfparse() { @@ -1324,7 +1335,7 @@ cfparse() yycf_init_buffer(); - if (yycf_set_buffer(lcconf->racoon_conf) != 0) + if (yycf_switch_buffer(lcconf->racoon_conf) != 0) return -1; prhead = NULL; @@ -1362,12 +1373,9 @@ cfreparse() flushph2(); flushph1(); flushrmconf(); + flushsainfo(); cleanprhead(); clean_tmpalgtype(); - yycf_init_buffer(); - - if (yycf_set_buffer(lcconf->racoon_conf) != 0) - return -1; return(cfparse()); } diff --git a/racoon.tproj/cftoken.l b/racoon.tproj/cftoken.l index e05a0ae..1695072 100644 --- a/racoon.tproj/cftoken.l +++ b/racoon.tproj/cftoken.l @@ -1,4 +1,4 @@ -/* $KAME: cftoken.l,v 1.66 2001/12/07 03:35:14 sakane Exp $ */ +/* $KAME: cftoken.l,v 1.69 2002/09/27 06:03:51 itojun Exp $ */ %{ #include @@ -14,6 +14,7 @@ #include #include #include +#include #ifdef HAVE_STDARG_H #include #else @@ -60,8 +61,10 @@ int yyerrorcount = 0; static struct include_stack { char *path; FILE *fp; - YY_BUFFER_STATE state; + YY_BUFFER_STATE prevstate; int lineno; + glob_t matches; + int matchon; } incstack[MAX_INCLUDE_DEPTH]; static int incstackp = 0; @@ -209,6 +212,7 @@ hexstring 0x{hexdigit}+ peers_identifier { YYD; return(PEERS_IDENTIFIER); } verify_identifier { YYD; return(VERIFY_IDENTIFIER); } certificate_type { YYD; return(CERTIFICATE_TYPE); } +shared_secret { YYD; return(SHARED_SECRET); } x509 { YYD; yylval.num = ISAKMP_CERT_X509SIGN; return(CERT_X509); } peers_certfile { YYD; return(PEERS_CERTFILE); } dnssec { YYD; return(DNSSEC); } @@ -333,6 +337,11 @@ address { YYD; yylval.num = IDTYPE_ADDRESS; return(IDENTIFIERTYPE); } asn1dn { YYD; yylval.num = IDTYPE_ASN1DN; return(IDENTIFIERTYPE); } certname { YYD; yywarn("certname will be obsoleted in near future."); yylval.num = IDTYPE_ASN1DN; return(IDENTIFIERTYPE); } + /* shared secret type */ +use { YYD; yylval.num = SECRETTYPE_USE; return(SECRETTYPE); } +key { YYD; yylval.num = SECRETTYPE_KEY; return(SECRETTYPE); } +keychain { YYD; yylval.num = SECRETTYPE_KEYCHAIN; return(SECRETTYPE); } + /* units */ B|byte|bytes { YYD; return(UNITTYPE_BYTE); } KB { YYD; return(UNITTYPE_KBYTES); } @@ -407,11 +416,35 @@ no { YYD; yylval.num = FALSE; return(BOOLEAN); } } <> { - if ( --incstackp < 0 ) { - yyterminate(); - } else { - yy_delete_buffer(YY_CURRENT_BUFFER); - yy_switch_to_buffer(incstack[incstackp].state); + yy_delete_buffer(YY_CURRENT_BUFFER); + fclose(incstack[incstackp].fp); + incstack[incstackp].fp = -1; + racoon_free(incstack[incstackp].path); + incstack[incstackp].path = NULL; + incstackp--; +nextfile: + if (incstack[incstackp].matchon < incstack[incstackp].matches.gl_pathc) + { + char* filepath = incstack[incstackp].matches.gl_pathv[incstack[incstackp].matchon]; + incstack[incstackp].matchon++; + incstackp++; + if (yycf_set_buffer(filepath) != 0) + { + incstackp--; + goto nextfile; + } + + yy_switch_to_buffer(yy_create_buffer(yyin, YY_BUF_SIZE)); + + BEGIN(S_INI); + } + else + { + globfree(&incstack[incstackp].matches); + if (incstackp == 0) + yyterminate(); + else + yy_switch_to_buffer(incstack[incstackp].prevstate); } } @@ -466,17 +499,35 @@ int yycf_switch_buffer(path) char *path; { + char* filepath = NULL; /* got the include file name */ if (incstackp >= MAX_INCLUDE_DEPTH) { plog(LLV_ERROR, LOCATION, NULL, "Includes nested too deeply"); return -1; } - - incstack[incstackp++].state = YY_CURRENT_BUFFER; - - if (yycf_set_buffer(path) != 0) - return -1; + + if (glob(path, GLOB_TILDE, NULL, &incstack[incstackp].matches) != 0 || + incstack[incstackp].matches.gl_pathc == 0) + { + plog(LLV_DEBUG, LOCATION, NULL, + "glob found no matches for path\n"); + return 0; + } + incstack[incstackp].matchon = 0; + incstack[incstackp].prevstate = YY_CURRENT_BUFFER; + +nextmatch: + if (incstack[incstackp].matchon >= incstack[incstackp].matches.gl_pathc) return -1; + filepath = incstack[incstackp].matches.gl_pathv[incstack[incstackp].matchon]; + incstack[incstackp].matchon++; + incstackp++; + + if (yycf_set_buffer(filepath) != 0) + { + incstackp--; + goto nextmatch; + } yy_switch_to_buffer(yy_create_buffer(yyin, YY_BUF_SIZE)); @@ -503,6 +554,9 @@ yycf_set_buffer(path) incstack[incstackp].fp = yyin; incstack[incstackp].path = strdup(path); incstack[incstackp].lineno = 1; + plog(LLV_DEBUG, LOCATION, NULL, + "reading config file %s\n", + path, 0); return 0; } @@ -524,7 +578,8 @@ yycf_clean_buffer() for (i = 0; i < MAX_INCLUDE_DEPTH; i++) { if (incstack[i].path != NULL) { - fclose(incstack[i].fp); + if (incstack[i].fp >= 0) + fclose(incstack[i].fp); racoon_free(incstack[i].path); incstack[i].path = NULL; } diff --git a/racoon.tproj/crypto_openssl.c b/racoon.tproj/crypto_openssl.c index c042c33..b569986 100644 --- a/racoon.tproj/crypto_openssl.c +++ b/racoon.tproj/crypto_openssl.c @@ -1,4 +1,4 @@ -/* $KAME: crypto_openssl.c,v 1.69 2001/09/11 13:25:00 sakane Exp $ */ +/* $KAME: crypto_openssl.c,v 1.73 2003/04/24 02:21:22 itojun Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -463,7 +463,7 @@ eay_get_x509subjectaltname(cert, altname, type, pos) sk_CONF_VALUE_pop_free(nval, X509V3_conf_free); goto end; } - strcpy(*altname, cval->value); + strlcpy(*altname, cval->value, len); /* set type of the name */ eay_setgentype(cval->name, type); @@ -1171,7 +1171,7 @@ eay_bf_keylen(len) return 448; if (len < 40 || len > 448) return -1; - return len + 7 / 8; + return (len + 7) / 8; } #ifdef HAVE_OPENSSL_RC5_H @@ -1236,7 +1236,7 @@ eay_rc5_keylen(len) return 128; if (len < 40 || len > 2040) return -1; - return len + 7 / 8; + return (len + 7) / 8; } #endif @@ -1378,7 +1378,7 @@ eay_cast_keylen(len) return 128; if (len < 40 || len > 128) return -1; - return len + 7 / 8; + return (len + 7) / 8; } /* @@ -1476,6 +1476,13 @@ eay_twofish_keylen(len) return len; } +int +eay_null_keylen(len) + int len; +{ + return 0; +} + /* * HMAC functions */ @@ -1486,6 +1493,7 @@ eay_hmac_init(key, md) { HMAC_CTX *c = racoon_malloc(sizeof(*c)); + HMAC_CTX_init(c); HMAC_Init(c, key->v, key->l, md); return (caddr_t)c; @@ -1535,6 +1543,7 @@ eay_hmacsha2_512_final(c) HMAC_Final((HMAC_CTX *)c, res->v, &l); res->l = l; + HMAC_CTX_cleanup(c); (void)racoon_free(c); if (SHA512_DIGEST_LENGTH != res->l) { @@ -1595,6 +1604,7 @@ eay_hmacsha2_384_final(c) HMAC_Final((HMAC_CTX *)c, res->v, &l); res->l = l; + HMAC_CTX_cleanup(c); (void)racoon_free(c); if (SHA384_DIGEST_LENGTH != res->l) { @@ -1655,6 +1665,7 @@ eay_hmacsha2_256_final(c) HMAC_Final((HMAC_CTX *)c, res->v, &l); res->l = l; + HMAC_CTX_cleanup(c); (void)racoon_free(c); if (SHA256_DIGEST_LENGTH != res->l) { @@ -1715,6 +1726,7 @@ eay_hmacsha1_final(c) HMAC_Final((HMAC_CTX *)c, res->v, &l); res->l = l; + HMAC_CTX_cleanup(c); (void)racoon_free(c); if (SHA_DIGEST_LENGTH != res->l) { @@ -1775,6 +1787,7 @@ eay_hmacmd5_final(c) HMAC_Final((HMAC_CTX *)c, res->v, &l); res->l = l; + HMAC_CTX_cleanup(c); (void)racoon_free(c); if (MD5_DIGEST_LENGTH != res->l) { diff --git a/racoon.tproj/crypto_openssl.h b/racoon.tproj/crypto_openssl.h index 51c920f..6b3661e 100644 --- a/racoon.tproj/crypto_openssl.h +++ b/racoon.tproj/crypto_openssl.h @@ -1,4 +1,4 @@ -/* $KAME: crypto_openssl.h,v 1.23 2001/08/14 12:26:06 sakane Exp $ */ +/* $KAME: crypto_openssl.h,v 1.25 2002/04/25 09:48:32 sakane Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -108,6 +108,7 @@ extern int eay_aes_weakkey __P((vchar_t *)); extern int eay_aes_keylen __P((int)); /* misc */ +extern int eay_null_keylen __P((int)); extern int eay_null_hashlen __P((void)); extern int eay_kpdk_hashlen __P((void)); extern int eay_twofish_keylen __P((int)); diff --git a/racoon.tproj/debug.h b/racoon.tproj/debug.h index d6926b4..e98118d 100644 --- a/racoon.tproj/debug.h +++ b/racoon.tproj/debug.h @@ -1,4 +1,4 @@ -/* $KAME: debug.h,v 1.16 2000/12/15 13:43:54 sakane Exp $ */ +/* $KAME: debug.h,v 1.17 2001/01/10 02:58:58 sakane Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. diff --git a/racoon.tproj/dhgroup.h b/racoon.tproj/dhgroup.h index 7b403ff..4824079 100644 --- a/racoon.tproj/dhgroup.h +++ b/racoon.tproj/dhgroup.h @@ -1,4 +1,4 @@ -/* $KAME: dhgroup.h,v 1.1 2001/08/14 15:00:47 sakane Exp $ */ +/* $KAME: dhgroup.h,v 1.2 2001/12/12 18:23:41 sakane Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. diff --git a/racoon.tproj/dnssec.c b/racoon.tproj/dnssec.c index 7cb297b..c9fe652 100644 --- a/racoon.tproj/dnssec.c +++ b/racoon.tproj/dnssec.c @@ -1,4 +1,4 @@ -/* $KAME: dnssec.c,v 1.1 2001/04/11 06:11:55 sakane Exp $ */ +/* $KAME: dnssec.c,v 1.2 2001/08/05 18:46:07 itojun Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. diff --git a/racoon.tproj/dnssec.h b/racoon.tproj/dnssec.h index 1c0a78b..f2e25bb 100644 --- a/racoon.tproj/dnssec.h +++ b/racoon.tproj/dnssec.h @@ -1,4 +1,4 @@ -/* $KAME$ */ +/* $KAME: dnssec.h,v 1.1 2001/04/11 06:11:55 sakane Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. diff --git a/racoon.tproj/gcmalloc.h b/racoon.tproj/gcmalloc.h index 53a882a..ca08528 100644 --- a/racoon.tproj/gcmalloc.h +++ b/racoon.tproj/gcmalloc.h @@ -1,4 +1,4 @@ -/* $KAME: gcmalloc.h,v 1.3 2001/04/04 22:23:05 thorpej Exp $ */ +/* $KAME: gcmalloc.h,v 1.4 2001/11/16 04:34:57 sakane Exp $ */ /* * Copyright (C) 2000, 2001 WIDE Project. diff --git a/racoon.tproj/getcertsbyname.c b/racoon.tproj/getcertsbyname.c index e797fc4..d9f4d94 100644 --- a/racoon.tproj/getcertsbyname.c +++ b/racoon.tproj/getcertsbyname.c @@ -1,4 +1,4 @@ -/* $KAME: getcertsbyname.c,v 1.6 2001/08/07 09:17:49 itojun Exp $ */ +/* $KAME: getcertsbyname.c,v 1.7 2001/11/16 04:12:59 sakane Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -29,6 +29,8 @@ * SUCH DAMAGE. */ +#define BIND_8_COMPAT + #include #include #include diff --git a/racoon.tproj/grabmyaddr.c b/racoon.tproj/grabmyaddr.c index d3a364f..1ba6d8b 100644 --- a/racoon.tproj/grabmyaddr.c +++ b/racoon.tproj/grabmyaddr.c @@ -1,4 +1,4 @@ -/* $KAME: grabmyaddr.c,v 1.28 2001/12/12 15:29:12 sakane Exp $ */ +/* $KAME: grabmyaddr.c,v 1.35 2003/01/14 07:07:36 sakane Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -144,9 +144,7 @@ grab_myaddrs() #endif #endif -#if defined(YIPS_DEBUG) - char _addr1_[NI_MAXHOST]; -#endif + char addr1[NI_MAXHOST]; if (getifaddrs(&ifa0)) { plog(LLV_ERROR, LOCATION, NULL, @@ -168,8 +166,9 @@ grab_myaddrs() if (!suitable_ifaddr(ifap->ifa_name, ifap->ifa_addr)) { plog(LLV_ERROR, LOCATION, NULL, - "unsuitable ifaddr: %s\n", - saddr2str(ifap->ifa_addr)); + "unsuitable address: %s %s\n", + ifap->ifa_name, + saddrwop2str(ifap->ifa_addr)); continue; } @@ -198,18 +197,25 @@ grab_myaddrs() #endif #endif if (getnameinfo(p->addr, p->addr->sa_len, - _addr1_, sizeof(_addr1_), + addr1, sizeof(addr1), NULL, 0, NI_NUMERICHOST | niflags)) - strcpy(_addr1_, "(invalid)"); + strlcpy(addr1, "(invalid)", sizeof(addr1)); plog(LLV_DEBUG, LOCATION, NULL, "my interface: %s (%s)\n", - _addr1_, ifap->ifa_name); + addr1, ifap->ifa_name); q = find_myaddr(old, p); - if (q) + if (q) { p->sock = q->sock; - else +#ifdef IKE_NAT_T + p->nattsock = q->nattsock; +#endif + } else { p->sock = -1; +#ifdef IKE_NAT_T + p->nattsock = -1; +#endif + } p->next = lcconf->myaddrs; lcconf->myaddrs = p; } @@ -232,9 +238,7 @@ grab_myaddrs() #endif #endif -#if defined(YIPS_DEBUG) - char _addr1_[NI_MAXHOST]; -#endif + char addr1[NI_MAXHOST]; maxif = if_maxindex() + 1; len = maxif * sizeof(struct sockaddr_storage) * 4; /* guess guess */ @@ -285,8 +289,10 @@ grab_myaddrs() case AF_INET6: #endif if (!suitable_ifaddr(ifr->ifr_name, &ifr->ifr_addr)) { - plog(LLV_DEBUG, LOCATION, NULL, - "unsuitable ifaddr %s\n"); + plog(LLV_ERROR, LOCATION, NULL, + "unsuitable address: %s %s\n", + ifr->ifr_name, + saddrwop2str(&ifr->ifr_addr)); continue; } @@ -313,13 +319,13 @@ grab_myaddrs() #endif #endif if (getnameinfo(p->addr, p->addr->sa_len, - _addr1_, sizeof(_addr1_), + addr1, sizeof(addr1), NULL, 0, NI_NUMERICHOST | niflags)) - strcpy(_addr1_, "(invalid)"); + strlcpy(addr1, "(invalid)", sizeof(addr1)); plog(LLV_DEBUG, LOCATION, NULL, "my interface: %s (%s)\n", - _addr1_, ifr->ifr_name); + addr1, ifr->ifr_name); q = find_myaddr(old, p); if (q) p->sock = q->sock; @@ -426,7 +432,7 @@ update_myaddrs() plog(LLV_ERROR, LOCATION, NULL, "routing socket version mismatch\n"); close(lcconf->rtsock); - lcconf->rtsock = 0; + lcconf->rtsock = -1; return 0; } switch (rtm->rtm_type) { @@ -610,6 +616,19 @@ getsockmyaddr(my) && memcmp(my, p->addr, my->sa_len) == 0) { break; } +#ifdef IKE_NAT_T + if (my->sa_family == p->addr->sa_family && + my->sa_family == AF_INET && + ((struct sockaddr_in*)my)->sin_addr.s_addr == + ((struct sockaddr_in*)p->addr)->sin_addr.s_addr && + ((struct sockaddr_in*)my)->sin_port == htons(PORT_ISAKMP_NATT)) + { + plog(LLV_DEBUG, LOCATION, NULL, + "picked natt socket (%d - %s) for sending\n", + p->nattsock, saddr2str(my)); + return p->nattsock; + } +#endif } if (!p) p = lastresort; diff --git a/racoon.tproj/grabmyaddr.h b/racoon.tproj/grabmyaddr.h index 5417e38..d05fbae 100644 --- a/racoon.tproj/grabmyaddr.h +++ b/racoon.tproj/grabmyaddr.h @@ -1,4 +1,4 @@ -/* $KAME: grabmyaddr.h,v 1.5 2000/10/04 17:40:59 itojun Exp $ */ +/* $KAME: grabmyaddr.h,v 1.6 2001/12/12 15:29:12 sakane Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -33,6 +33,9 @@ struct myaddrs { struct myaddrs *next; struct sockaddr *addr; int sock; +#ifdef IKE_NAT_T + int nattsock; /* nat-traversal socket (port PORT_ISAKMP_NATT), for IPv4 sockets only */ +#endif }; extern void clear_myaddr __P((struct myaddrs **)); diff --git a/racoon.tproj/gssapi.c b/racoon.tproj/gssapi.c index 07a50ca..af25582 100644 --- a/racoon.tproj/gssapi.c +++ b/racoon.tproj/gssapi.c @@ -1,4 +1,4 @@ -/* $KAME: gssapi.c,v 1.18 2001/03/05 23:36:31 thorpej Exp $ */ +/* $KAME: gssapi.c,v 1.19 2001/04/03 15:51:55 thorpej Exp $ */ /* * Copyright 2000 Wasabi Systems, Inc. diff --git a/racoon.tproj/gssapi.h b/racoon.tproj/gssapi.h index bbdb186..4a487e1 100644 --- a/racoon.tproj/gssapi.h +++ b/racoon.tproj/gssapi.h @@ -1,4 +1,4 @@ -/* $KAME: gssapi.h,v 1.3 2001/01/29 17:37:52 thorpej Exp $ */ +/* $KAME: gssapi.h,v 1.5 2002/05/07 18:13:25 sakane Exp $ */ /* * Copyright 2000 Wasabi Systems, Inc. diff --git a/racoon.tproj/handler.c b/racoon.tproj/handler.c index 1ca5b5c..d4dd8fd 100644 --- a/racoon.tproj/handler.c +++ b/racoon.tproj/handler.c @@ -1,4 +1,4 @@ -/* $KAME: handler.c,v 1.56 2002/01/02 09:05:25 jinmei Exp $ */ +/* $KAME: handler.c,v 1.57 2002/01/21 08:45:54 sakane Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -262,6 +262,11 @@ delph1(iph1) gssapi_free_state(iph1); #endif +#ifdef IKE_NAT_T + VPTRINIT(iph1->local_natd); + VPTRINIT(iph1->remote_natd); +#endif + racoon_free(iph1); } diff --git a/racoon.tproj/handler.h b/racoon.tproj/handler.h index 484376b..1e11fb1 100644 --- a/racoon.tproj/handler.h +++ b/racoon.tproj/handler.h @@ -1,4 +1,4 @@ -/* $KAME: handler.h,v 1.42 2001/12/12 15:29:13 sakane Exp $ */ +/* $KAME: handler.h,v 1.44 2002/07/10 23:22:03 itojun Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -83,6 +83,13 @@ #define PHASE1ST_EXPIRED 10 #define PHASE1ST_MAX 11 +typedef enum { + natt_remote_support = 0x0001, + natt_natd_received = 0x0002, + natt_no_remote_nat = 0x0010, + natt_no_local_nat = 0x0020 +} natt_flags_t; + /* About address semantics in each case. * initiator(addr=I) responder(addr=R) * src dst src dst @@ -90,7 +97,7 @@ * phase 1 handler I R R I * phase 2 handler I R R I * getspi msg R I I R - * aquire msg I R + * acquire msg I R * ID payload I R I R */ struct ph1handle { @@ -167,6 +174,12 @@ struct ph1handle { struct timeval end; #endif +#ifdef IKE_NAT_T + natt_flags_t natt_flags; + vchar_t *local_natd; + vchar_t *remote_natd; +#endif + u_int32_t msgid2; /* msgid counter for Phase 2 */ int ph2cnt; /* the number which is negotiated by this phase 1 */ LIST_HEAD(_ph2ofph1_, ph2handle) ph2tree; diff --git a/racoon.tproj/ipsec_doi.c b/racoon.tproj/ipsec_doi.c index 2b039c5..c046103 100644 --- a/racoon.tproj/ipsec_doi.c +++ b/racoon.tproj/ipsec_doi.c @@ -1,4 +1,4 @@ -/* $KAME: ipsec_doi.c,v 1.154 2001/12/31 20:13:40 thorpej Exp $ */ +/* $KAME: ipsec_doi.c,v 1.158 2002/09/27 05:55:52 itojun Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -80,6 +80,7 @@ #include "crypto_openssl.h" #include "strnames.h" #include "gcmalloc.h" +#include "isakmp_natd.h" #ifdef HAVE_GSSAPI #include "gssapi.h" @@ -315,9 +316,7 @@ get_ph1approvalx(p, proposal, sap) struct prop_pair *p; struct isakmpsa *proposal, *sap; { -#ifdef YIPS_DEBUG struct isakmp_pl_p *prop = p->prop; -#endif struct isakmp_pl_t *trns = p->trns; struct isakmpsa sa, *s, *tsap; @@ -2085,6 +2084,8 @@ check_attr_ipsec(proto_id, trns) switch (lorv) { case IPSECDOI_ATTR_ENC_MODE_TUNNEL: case IPSECDOI_ATTR_ENC_MODE_TRNS: + case IPSECDOI_ATTR_ENC_MODE_UDP_TUNNEL: + case IPSECDOI_ATTR_ENC_MODE_UDP_TRNS: break; default: plog(LLV_ERROR, LOCATION, NULL, @@ -2260,6 +2261,8 @@ check_attr_ipcomp(trns) switch (lorv) { case IPSECDOI_ATTR_ENC_MODE_TUNNEL: case IPSECDOI_ATTR_ENC_MODE_TRNS: + case IPSECDOI_ATTR_ENC_MODE_UDP_TUNNEL: + case IPSECDOI_ATTR_ENC_MODE_UDP_TRNS: break; default: plog(LLV_ERROR, LOCATION, NULL, @@ -2797,6 +2800,27 @@ ipsecdoi_setph2proposal(iph2) propoff = 0; for (a = proposal; a; a = a->next) { for (b = a->head; b; b = b->next) { +#ifdef IKE_NAT_T + /* + * Hack to fix encmode, we may have detected a nat since + * we last set pr->encmode. We need to fix this if + * we now have a NAT. NAT-T doesn't work with AH. + */ + if (iph2->ph1 && natd_hasnat(iph2->ph1) && + b->proto_id != IPSECDOI_PROTO_IPSEC_AH) + { + switch (b->encmode) + { + case IPSECDOI_ATTR_ENC_MODE_TUNNEL: + b->encmode = IPSECDOI_ATTR_ENC_MODE_UDP_TUNNEL; + break; + case IPSECDOI_ATTR_ENC_MODE_TRNS: + b->encmode = IPSECDOI_ATTR_ENC_MODE_UDP_TRNS; + break; + } + } +#endif + q = setph2proposal0(iph2, a, b); if (q == NULL) { vfree(iph2->sa); @@ -2838,7 +2862,8 @@ ipsecdoi_transportmode(iph2) for (pp = iph2->proposal; pp; pp = pp->next) { for (pr = pp->head; pr; pr = pr->next) { - if (pr->encmode != IPSECDOI_ATTR_ENC_MODE_TRNS) + if (pr->encmode != IPSECDOI_ATTR_ENC_MODE_TRNS && + pr->encmode != IPSECDOI_ATTR_ENC_MODE_UDP_TRNS) return 0; } } @@ -3327,6 +3352,11 @@ ipsecdoi_setid2(iph2) vchar_t *ident; id_b.type = idtype2doi(iph2->sainfo->idvtype); + if (id_b.type == 255) { + plog(LLV_ERROR, LOCATION, NULL, + "failed to convert ID type to DOI.\n"); + return -1; + } id_b.proto_id = 0; id_b.port = 0; @@ -3862,14 +3892,14 @@ static int rm_idtype2doi[] = { IPSECDOI_ID_FQDN, IPSECDOI_ID_USER_FQDN, IPSECDOI_ID_KEY_ID, - -1, /* it's type of "address" + 255, /* it's type of "address" * it expands into 4 types by another function. */ IPSECDOI_ID_DER_ASN1_DN, }; /* * convert idtype to DOI value. - * OUT -1 : NG + * OUT 255 : NG * other: converted. */ int @@ -3878,7 +3908,7 @@ idtype2doi(idtype) { if (ARRAYLEN(rm_idtype2doi) > idtype) return rm_idtype2doi[idtype]; - return -1; + return 255; } int diff --git a/racoon.tproj/ipsec_doi.h b/racoon.tproj/ipsec_doi.h index b901a98..6e5a5aa 100644 --- a/racoon.tproj/ipsec_doi.h +++ b/racoon.tproj/ipsec_doi.h @@ -1,4 +1,4 @@ -/* $KAME: ipsec_doi.h,v 1.33 2001/08/14 12:26:06 sakane Exp $ */ +/* $KAME: ipsec_doi.h,v 1.34 2001/08/16 06:20:35 itojun Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -100,6 +100,8 @@ #define IPSECDOI_ATTR_ENC_MODE_ANY 0 /* NOTE:internal use */ #define IPSECDOI_ATTR_ENC_MODE_TUNNEL 1 #define IPSECDOI_ATTR_ENC_MODE_TRNS 2 +#define IPSECDOI_ATTR_ENC_MODE_UDP_TUNNEL 3 /* UDP Encapsulated IPSec, NAT-T */ +#define IPSECDOI_ATTR_ENC_MODE_UDP_TRNS 4 /* UDP Encapsulated IPSec, NAT-T */ #define IPSECDOI_ATTR_AUTH 5 /* B */ /* 0 means not to use authentication. */ #define IPSECDOI_ATTR_AUTH_HMAC_MD5 1 @@ -168,6 +170,11 @@ struct ipsecdoi_pl_id { #define IDTYPE_ADDRESS 3 #define IDTYPE_ASN1DN 4 +/* shared secret type, it's internal use. */ +#define SECRETTYPE_USE 0 +#define SECRETTYPE_KEY 1 +#define SECRETTYPE_KEYCHAIN 2 + /* The use for checking proposal payload. This is not exchange type. */ #define IPSECDOI_TYPE_PH1 0 #define IPSECDOI_TYPE_PH2 1 diff --git a/racoon.tproj/isakmp.c b/racoon.tproj/isakmp.c index d2fa6e1..218f3dd 100644 --- a/racoon.tproj/isakmp.c +++ b/racoon.tproj/isakmp.c @@ -1,4 +1,4 @@ -/* $KAME: isakmp.c,v 1.171 2001/12/12 22:35:37 itojun Exp $ */ +/* $KAME: isakmp.c,v 1.176 2002/08/28 04:08:30 itojun Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -87,6 +87,9 @@ #include "isakmp_inf.h" #include "isakmp_newg.h" #include "strnames.h" +#ifndef HAVE_ARC4RANDOM +#include "arc4random.h" +#endif static int nostate1 __P((struct ph1handle *, vchar_t *)); static int nostate2 __P((struct ph2handle *, vchar_t *)); @@ -173,8 +176,8 @@ isakmp_handler(so_isakmp) goto end; } - /* check isakmp header length */ - if (len < sizeof(isakmp)) { + /* check isakmp header length, as well as sanity of header length */ + if (len < sizeof(isakmp) || ntohl(isakmp.len) < sizeof(isakmp)) { plog(LLV_ERROR, LOCATION, (struct sockaddr *)&remote, "packet shorter than isakmp header size.\n"); /* dummy receive */ @@ -269,6 +272,179 @@ end: return(error); } +#ifdef IKE_NAT_T +/* + * isakmp packet handler for natt port (4500) + */ +int +isakmp_natt_handler(so_isakmp) + int so_isakmp; +{ + u_char temp_buffer[sizeof(struct isakmp) + 4]; + struct isakmp *isakmp = (struct isakmp*)(temp_buffer + 4); + struct sockaddr_storage remote; + struct sockaddr_storage local; + int remote_len = sizeof(remote); + int local_len = sizeof(local); + int len; + u_short port; + vchar_t *buf = NULL; + int error = -1; + + /* read message by MSG_PEEK */ + while ((len = recvfromto(so_isakmp, temp_buffer, sizeof(temp_buffer), + MSG_PEEK, (struct sockaddr *)&remote, &remote_len, + (struct sockaddr *)&local, &local_len)) < 0) { + if (errno == EINTR) + continue; + plog(LLV_ERROR, LOCATION, NULL, + "failed to receive isakmp packet\n"); + goto end; + } + + /* remove the four bytes of zeros on nat traversal port */ + if (*(u_long*)temp_buffer != 0L) + { + /* + * This is a UDP encapsulated IPSec packet, + * we should drop it. + * + * TBD: Need a way to read the packet. + * The kernel intercepts these packets on Mac OS X + * but not all kernels will handle this the same way. + */ + goto end; + } + + /* check isakmp header length */ + if (len < sizeof(temp_buffer)) { + plog(LLV_ERROR, LOCATION, (struct sockaddr *)&remote, + "packet shorter than isakmp header size.\n"); + /* dummy receive */ + if ((len = recvfrom(so_isakmp, (char *)temp_buffer, sizeof(temp_buffer), + 0, (struct sockaddr *)&remote, &remote_len)) < 0) { + plog(LLV_ERROR, LOCATION, NULL, + "failed to receive isakmp packet\n"); + } + goto end; + } + + /* read real message */ + if ((buf = vmalloc(ntohl(isakmp->len) + 4)) == NULL) { + plog(LLV_ERROR, LOCATION, NULL, + "failed to allocate reading buffer\n"); + /* dummy receive */ + if ((len = recvfrom(so_isakmp, (char *)temp_buffer, sizeof(temp_buffer), + 0, (struct sockaddr *)&remote, &remote_len)) < 0) { + plog(LLV_ERROR, LOCATION, NULL, + "failed to receive isakmp packet\n"); + } + goto end; + } + + while ((len = recvfromto(so_isakmp, buf->v, buf->l, + 0, (struct sockaddr *)&remote, &remote_len, + (struct sockaddr *)&local, &local_len)) < 0) { + if (errno == EINTR) + continue; + plog(LLV_ERROR, LOCATION, NULL, + "failed to receive isakmp packet\n"); + goto end; + } + + if (len != buf->l) { + plog(LLV_ERROR, LOCATION, (struct sockaddr *)&remote, + "received invalid length, header says %d, packet is %d bytes why ?\n", + len, buf->l); + goto end; + } + + /* + * Discard first 4 bytes, they're either: + * 0 - this is IKE traffic + * !0 - first four bytes are the SPI of a UDP encapsulated IPSec packet + * The seond type of packet should be interecepted by the kernel + * or dropped before we get to this point. + */ + { + vchar_t *newbuf = vmalloc(buf->l - 4); + if (newbuf == NULL) + { + plog(LLV_ERROR, LOCATION, (struct sockaddr *)&remote, + "couldn't allocate smaller buffer.\n"); + goto end; + } + memcpy(newbuf->v, buf->v + 4, newbuf->l); + vfree(buf); + buf = newbuf; + len = buf->l; + } + + plog(LLV_DEBUG, LOCATION, NULL, "===\n"); + plog(LLV_DEBUG, LOCATION, (struct sockaddr *)&local, + "%d bytes message received from %s\n", + len, saddr2str((struct sockaddr *)&remote)); + plogdump(LLV_DEBUG, buf->v, buf->l); + + /* avoid packets with malicious port/address */ + switch (remote.ss_family) { + case AF_INET: + port = ((struct sockaddr_in *)&remote)->sin_port; + break; +#ifdef INET6 + case AF_INET6: + port = ((struct sockaddr_in6 *)&remote)->sin6_port; + break; +#endif + default: + plog(LLV_ERROR, LOCATION, NULL, + "invalid family: %d\n", remote.ss_family); + goto end; + } + if (port == 0) { + plog(LLV_ERROR, LOCATION, (struct sockaddr *)&remote, + "src port == 0 (valid as UDP but not with IKE)\n"); + goto end; + } + + { + struct isakmp *isakmp = (struct isakmp*)buf->v; + plog(LLV_DEBUG, LOCATION, (struct sockaddr*)&remote, + "natt receiving packet %.8X%.8X:%.8X%.8X %u\n", + *(u_long*)isakmp->i_ck, *(u_long*)&isakmp->i_ck[4], + *(u_long*)isakmp->r_ck, *(u_long*)&isakmp->r_ck[4], + isakmp->msgid); + } + + /* XXX: check sender whether to be allowed or not to accept */ + + /* XXX: I don't know how to check isakmp half connection attack. */ + + /* simply reply if the packet was processed. */ + if (check_recvdpkt((struct sockaddr *)&remote, + (struct sockaddr *)&local, buf)) { + plog(LLV_NOTIFY, LOCATION, NULL, + "the packet is retransmitted by %s.\n", + saddr2str((struct sockaddr *)&remote)); + error = 0; + goto end; + } + + /* isakmp main routine */ + if (isakmp_main(buf, (struct sockaddr *)&remote, + (struct sockaddr *)&local) != 0) goto end; + + error = 0; + +end: + if (buf != NULL) + vfree(buf); + + return(error); +} +#endif + + /* * main processing to handle isakmp payload */ @@ -348,17 +524,40 @@ isakmp_main(msg, remote, local) /* must be same addresses in one stream of a phase at least. */ if (cmpsaddrstrict(iph1->remote, remote) != 0) { - char *saddr_db, *saddr_act; - - saddr_db = strdup(saddr2str(iph1->remote)); - saddr_act = strdup(saddr2str(remote)); - - plog(LLV_WARNING, LOCATION, remote, - "remote address mismatched. db=%s, act=%s\n", - saddr_db, saddr_act); - - racoon_free(saddr_db); - racoon_free(saddr_act); +#ifdef IKE_NAT_T + if (iph1->side == RESPONDER && + (iph1->natt_flags & natt_remote_support) != 0 && + cmpsaddrwop(iph1->remote, remote) == 0) + { + /* + * If the initiator detects a NAT it may switch to a + * new port. Technically, the remote address may change + * as well, depending on the NAT. Handling that would + * require more changes. + * + * We should record the new remote port so we can + * send + */ + plog(LLV_WARNING, LOCATION, remote, + "remote port changed from %s\n", saddr2str(iph1->remote)); + memcpy(iph1->remote, remote, iph1->remote->sa_len); + memcpy(iph1->local, local, iph1->local->sa_len); + } + else +#endif + { + char *saddr_db, *saddr_act; + + saddr_db = strdup(saddr2str(iph1->remote)); + saddr_act = strdup(saddr2str(remote)); + + plog(LLV_WARNING, LOCATION, remote, + "remote address mismatched. db=%s, act=%s\n", + saddr_db, saddr_act); + + racoon_free(saddr_db); + racoon_free(saddr_act); + } } /* * don't check of exchange type here because other type will be @@ -1208,8 +1407,6 @@ isakmp_init() initctdtree(); init_recvdpkt(); - srandom(time(0)); - if (isakmp_open() < 0) goto err; @@ -1254,15 +1451,86 @@ isakmp_pindex(index, msgid) return buf; } -/* open ISAKMP sockets. */ int -isakmp_open() +isakmp_setup_socket(struct sockaddr* in_addr) { + int sock = -1; const int yes = 1; - int ifnum; #ifdef INET6 int pktinfo; #endif + if ((sock = socket(in_addr->sa_family, SOCK_DGRAM, 0)) < 0) { + plog(LLV_ERROR, LOCATION, NULL, + "socket (%s)\n", strerror(errno)); + return -1; + } + + /* receive my interface address on inbound packets. */ + switch (in_addr->sa_family) { + case AF_INET: + if (setsockopt(sock, IPPROTO_IP, IP_RECVDSTADDR, + (const void *)&yes, sizeof(yes)) < 0) { + plog(LLV_ERROR, LOCATION, NULL, + "setsockopt (%s)\n", strerror(errno)); + close(sock); + return -1; + } + break; +#ifdef INET6 + case AF_INET6: +#ifdef ADVAPI +#ifdef IPV6_RECVPKTINFO + pktinfo = IPV6_RECVPKTINFO; +#else /* old adv. API */ + pktinfo = IPV6_PKTINFO; +#endif /* IPV6_RECVPKTINFO */ +#else + pktinfo = IPV6_RECVDSTADDR; +#endif + if (setsockopt(sock, IPPROTO_IPV6, pktinfo, + (const void *)&yes, sizeof(yes)) < 0) + { + plog(LLV_ERROR, LOCATION, NULL, + "setsockopt(%d): %s\n", + pktinfo, strerror(errno)); + close(sock); + return -1; + } + break; +#endif + } + +#ifdef IPV6_USE_MIN_MTU + if (in_addr->sa_family == AF_INET6 && + setsockopt(sock, IPPROTO_IPV6, IPV6_USE_MIN_MTU, + (void *)&yes, sizeof(yes)) < 0) { + plog(LLV_ERROR, LOCATION, NULL, + "setsockopt (%s)\n", strerror(errno)); + close(sock); + return -1; + } +#endif + + if (setsockopt_bypass(sock, in_addr->sa_family) < 0) { + close(sock); + return -1; + } + + if (bind(sock, in_addr, in_addr->sa_len) < 0) { + plog(LLV_ERROR, LOCATION, in_addr, + "failed to bind (%s).\n", strerror(errno)); + close(sock); + return -1; + } + + return sock; +} + +/* open ISAKMP sockets. */ +int +isakmp_open() +{ + int ifnum; struct myaddrs *p; ifnum = 0; @@ -1292,72 +1560,36 @@ isakmp_open() lcconf->default_af); goto err_and_next; } + + p->sock = isakmp_setup_socket(p->addr); + if (p->sock < 0) goto err_and_next; - if ((p->sock = socket(p->addr->sa_family, SOCK_DGRAM, 0)) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "socket (%s)\n", strerror(errno)); - goto err_and_next; - } + plog(LLV_DEBUG, LOCATION, NULL, + "%s used as isakmp port (fd=%d)\n", + saddr2str(p->addr), p->sock); - /* receive my interface address on inbound packets. */ - switch (p->addr->sa_family) { - case AF_INET: - if (setsockopt(p->sock, IPPROTO_IP, IP_RECVDSTADDR, - (const void *)&yes, sizeof(yes)) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "setsockopt (%s)\n", strerror(errno)); - goto err_and_next; - } - break; -#ifdef INET6 - case AF_INET6: -#ifdef ADVAPI -#ifdef IPV6_RECVPKTINFO - pktinfo = IPV6_RECVPKTINFO; -#else /* old adv. API */ - pktinfo = IPV6_PKTINFO; -#endif /* IPV6_RECVPKTINFO */ -#else - pktinfo = IPV6_RECVDSTADDR; -#endif - if (setsockopt(p->sock, IPPROTO_IPV6, pktinfo, - (const void *)&yes, sizeof(yes)) < 0) + ifnum++; + +#ifdef IKE_NAT_T + /* + * We have to listen on 4500 in addition to 500 with IPv4 + * to support NAT traversal. + */ + if (p->addr->sa_family == AF_INET) + { + struct sockaddr_in sin = *(struct sockaddr_in*)p->addr; + + sin.sin_port = ntohs(PORT_ISAKMP_NATT); + p->nattsock = isakmp_setup_socket((struct sockaddr*)&sin); + if (p->nattsock >= 0) { - plog(LLV_ERROR, LOCATION, NULL, - "setsockopt(%d): %s\n", - pktinfo, strerror(errno)); - goto err_and_next; + plog(LLV_DEBUG, LOCATION, NULL, + "%s used as nat-t isakmp port (fd=%d)\n", + saddr2str((struct sockaddr*)&sin), p->nattsock); } - break; -#endif - } - -#ifdef IPV6_USE_MIN_MTU - if (p->addr->sa_family == AF_INET6 && - setsockopt(p->sock, IPPROTO_IPV6, IPV6_USE_MIN_MTU, - (void *)&yes, sizeof(yes)) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "setsockopt (%s)\n", strerror(errno)); - return -1; } #endif - if (setsockopt_bypass(p->sock, p->addr->sa_family) < 0) - goto err_and_next; - - if (bind(p->sock, p->addr, p->addr->sa_len) < 0) { - plog(LLV_ERROR, LOCATION, p->addr, - "failed to bind (%s).\n", strerror(errno)); - close(p->sock); - goto err_and_next; - } - - ifnum++; - - plog(LLV_INFO, LOCATION, NULL, - "%s used as isakmp port (fd=%d)\n", - saddr2str(p->addr), p->sock); - continue; err_and_next: @@ -1385,9 +1617,14 @@ isakmp_close() for (p = lcconf->myaddrs; p; p = next) { next = p->next; - if (!p->addr) + if (!p->addr) { + racoon_free(p); continue; + } close(p->sock); +#ifdef IKE_NAT_T + if (p->nattsock >= 0) close(p->nattsock); +#endif racoon_free(p->addr); racoon_free(p); } @@ -1402,11 +1639,32 @@ isakmp_send(iph1, sbuf) { int len = 0; int s; + vchar_t *newbuf = NULL; /* select the socket to be sent */ s = getsockmyaddr(iph1->local); if (s == -1) return -1; + +#ifdef IKE_NAT_T + /* prepend four bytes of zeros if source or destination port is PORT_ISAKMP_NATT */ + if (iph1->remote->sa_family == AF_INET && + (((struct sockaddr_in*)(iph1->remote))->sin_port == htons(PORT_ISAKMP_NATT)) || + ((struct sockaddr_in*)(iph1->local))->sin_port == htons(PORT_ISAKMP_NATT)) + { + + /* There's probably a better way to do this */ + newbuf = vmalloc(sbuf->l + 4); + if (newbuf == NULL) { + plog(LLV_ERROR, LOCATION, NULL, "sendfromto natt prepend failed\n"); + return -1; + } + + memset(newbuf->v, 0, 4); + memcpy(newbuf->v + 4, sbuf->v, sbuf->l); + sbuf = newbuf; + } +#endif len = sendfromto(s, sbuf->v, sbuf->l, iph1->local, iph1->remote, lcconf->count_persend); @@ -1414,6 +1672,8 @@ isakmp_send(iph1, sbuf) plog(LLV_ERROR, LOCATION, NULL, "sendfromto failed\n"); return -1; } + + if (newbuf) vfree(newbuf); return 0; } @@ -2035,7 +2295,7 @@ isakmp_newmsgid2(iph1) u_int32_t msgid2; do { - msgid2 = random(); + msgid2 = arc4random(); } while (getph2bymsgid(iph1, msgid2)); return msgid2; @@ -2179,7 +2439,7 @@ getname(ap) if (getnameinfo((struct sockaddr *)&addr, addr.sin_len, ntop_buf, sizeof(ntop_buf), NULL, 0, NI_NUMERICHOST | niflags)) - strncpy(ntop_buf, "?", sizeof(ntop_buf)); + strlcpy(ntop_buf, "?", sizeof(ntop_buf)); return ntop_buf; } @@ -2203,7 +2463,7 @@ getname6(ap) if (getnameinfo((struct sockaddr *)&addr, addr.sin6_len, ntop_buf, sizeof(ntop_buf), NULL, 0, NI_NUMERICHOST | niflags)) - strncpy(ntop_buf, "?", sizeof(ntop_buf)); + strlcpy(ntop_buf, "?", sizeof(ntop_buf)); return ntop_buf; } @@ -2252,8 +2512,8 @@ isakmp_printpacket(msg, from, my, decoded) if (getnameinfo(from, from->sa_len, hostbuf, sizeof(hostbuf), portbuf, sizeof(portbuf), NI_NUMERICHOST | NI_NUMERICSERV | niflags)) { - strncpy(hostbuf, "?", sizeof(hostbuf)); - strncpy(portbuf, "?", sizeof(portbuf)); + strlcpy(hostbuf, "?", sizeof(hostbuf)); + strlcpy(portbuf, "?", sizeof(portbuf)); } printf("%s:%s", hostbuf, portbuf); } else @@ -2263,8 +2523,8 @@ isakmp_printpacket(msg, from, my, decoded) if (getnameinfo(my, my->sa_len, hostbuf, sizeof(hostbuf), portbuf, sizeof(portbuf), NI_NUMERICHOST | NI_NUMERICSERV | niflags)) { - strncpy(hostbuf, "?", sizeof(hostbuf)); - strncpy(portbuf, "?", sizeof(portbuf)); + strlcpy(hostbuf, "?", sizeof(hostbuf)); + strlcpy(portbuf, "?", sizeof(portbuf)); } printf("%s:%s", hostbuf, portbuf); } else diff --git a/racoon.tproj/isakmp.h b/racoon.tproj/isakmp.h index d4e3afb..d0c097a 100644 --- a/racoon.tproj/isakmp.h +++ b/racoon.tproj/isakmp.h @@ -1,4 +1,4 @@ -/* $KAME: isakmp.h,v 1.18 2001/03/26 17:27:40 thorpej Exp $ */ +/* $KAME: isakmp.h,v 1.19 2001/04/11 06:11:55 sakane Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -82,7 +82,8 @@ struct isakmp { #define ISAKMP_NPTYPE_N 11 /* Notification */ #define ISAKMP_NPTYPE_D 12 /* Delete */ #define ISAKMP_NPTYPE_VID 13 /* Vendor ID */ -#define ISAKMP_NPTYPE_MAX 14 +#define ISAKMP_NPTYPE_NATD 15 /* NAT detection hash value */ +#define ISAKMP_NPTYPE_MAX 16 /* 128 - 255 Private Use */ /* diff --git a/racoon.tproj/isakmp_agg.c b/racoon.tproj/isakmp_agg.c index bc6e377..23442a2 100644 --- a/racoon.tproj/isakmp_agg.c +++ b/racoon.tproj/isakmp_agg.c @@ -1,4 +1,4 @@ -/* $KAME: isakmp_agg.c,v 1.54 2001/12/11 20:33:41 sakane Exp $ */ +/* $KAME: isakmp_agg.c,v 1.55 2001/12/12 15:29:13 sakane Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -48,6 +48,7 @@ # include # endif #endif +#include #include "var.h" #include "misc.h" @@ -68,6 +69,7 @@ #include "pfkey.h" #include "isakmp_agg.h" #include "isakmp_inf.h" +#include "isakmp_natd.h" #include "vendorid.h" #include "strnames.h" @@ -97,6 +99,7 @@ agg_i1send(iph1, msg) int tlen; int need_cr = 0; vchar_t *cr = NULL, *gsstoken = NULL; + vchar_t *vid = NULL; int error = -1; int nptype; #ifdef HAVE_GSSAPI @@ -144,6 +147,10 @@ agg_i1send(iph1, msg) iph1->nonce = eay_set_random(iph1->rmconf->nonce_size); if (iph1->nonce == NULL) goto end; + +#ifdef IKE_NAT_T + vid = set_vendorid(VENDORID_NATT); +#endif #ifdef HAVE_SIGNING_C /* create CR if need */ @@ -176,6 +183,8 @@ agg_i1send(iph1, msg) tlen += sizeof (*gen) + len; } #endif + if (vid) + tlen += sizeof(*gen) + vid->l; iph1->sendbuf = vmalloc(tlen); if (iph1->sendbuf == NULL) { @@ -208,7 +217,7 @@ agg_i1send(iph1, msg) if (need_cr) nptype = ISAKMP_NPTYPE_CR; else - nptype = ISAKMP_NPTYPE_NONE; + nptype = vid ? ISAKMP_NPTYPE_VID : ISAKMP_NPTYPE_NONE; p = set_isakmp_payload(p, iph1->id, nptype); @@ -216,12 +225,15 @@ agg_i1send(iph1, msg) if (iph1->rmconf->proposal->authmethod == OAKLEY_ATTR_AUTH_METHOD_GSSAPI_KRB) { gssapi_get_token_to_send(iph1, &gsstoken); - p = set_isakmp_payload(p, gsstoken, ISAKMP_NPTYPE_NONE); + p = set_isakmp_payload(p, gsstoken, vid ? ISAKMP_NPTYPE_VID : ISAKMP_NPTYPE_NONE); } else #endif if (need_cr) /* create isakmp CR payload */ - p = set_isakmp_payload(p, cr, ISAKMP_NPTYPE_NONE); + p = set_isakmp_payload(p, cr, vid ? ISAKMP_NPTYPE_VID : ISAKMP_NPTYPE_NONE); + + if (vid) + p = set_isakmp_payload(p, vid, ISAKMP_NPTYPE_NONE); #ifdef HAVE_PRINT_ISAKMP_C isakmp_printpacket(iph1->sendbuf, iph1->local, iph1->remote, 0); @@ -241,6 +253,8 @@ end: vfree(cr); if (gsstoken) vfree(gsstoken); + if (vid) + vfree(vid); return error; } @@ -328,7 +342,12 @@ agg_i2recv(iph1, msg) break; #endif case ISAKMP_NPTYPE_VID: - (void)check_vendorid(pa->ptr); + if (check_vendorid(pa->ptr) == VENDORID_NATT) + { +#ifdef IKE_NAT_T + iph1->natt_flags |= natt_remote_support; +#endif + } break; case ISAKMP_NPTYPE_N: isakmp_check_notify(pa->ptr, iph1); @@ -340,6 +359,13 @@ agg_i2recv(iph1, msg) gssapi_save_received_token(iph1, gsstoken); break; #endif + case ISAKMP_NPTYPE_NATD: + /* + * ignored for now, we need to know the hash + * algorithm before we can evaluate the natd + * payload. + */ + break; default: /* don't send information, see isakmp_ident_r1() */ plog(LLV_ERROR, LOCATION, iph1->remote, @@ -375,6 +401,24 @@ agg_i2recv(iph1, msg) /* fix isakmp index */ memcpy(&iph1->index.r_ck, &((struct isakmp *)msg->v)->r_ck, sizeof(cookie_t)); + + /* check natd payloads */ +#ifdef IKE_NAT_T + for (pa = (struct isakmp_parse_t *)pbuf->v; + pa->type != ISAKMP_NPTYPE_NONE; + pa++) + { + if (pa->type == ISAKMP_NPTYPE_NATD) + { + natd_match_t match = natd_matches(iph1, pa->ptr); + iph1->natt_flags |= natt_natd_received; + if ((match & natd_match_local) != 0) + iph1->natt_flags |= natt_no_local_nat; + if ((match & natd_match_remote) != 0) + iph1->natt_flags |= natt_no_remote_nat; + } + } +#endif /* compute sharing secret of DH */ if (oakley_dh_compute(iph1->rmconf->dhgrp, iph1->dhpub, @@ -390,6 +434,24 @@ agg_i2recv(iph1, msg) goto end; if (oakley_newiv(iph1) < 0) goto end; + +#ifdef IKE_NAT_T + /* Determine if we need to switch to port 4500 */ + if (natd_hasnat(iph1)) + { + /* There is a NAT between us! Switch to port 4500. */ + if (iph1->remote->sa_family == AF_INET) + { + struct sockaddr_in *sin = (struct sockaddr_in*)iph1->remote; + plog(LLV_INFO, LOCATION, NULL, + "detected NAT, switching to port %d for %s", + PORT_ISAKMP_NATT, saddr2str(iph1->remote)); + sin->sin_port = htons(PORT_ISAKMP_NATT); + sin = (struct sockaddr_in*)iph1->local; + sin->sin_port = htons(PORT_ISAKMP_NATT); + } + } +#endif /* validate authentication value */ { @@ -452,11 +514,12 @@ agg_i2send(iph1, msg) vchar_t *msg; { struct isakmp_gen *gen; - char *p; + char *p = NULL; int tlen; int need_cert = 0; int error = -1; vchar_t *gsshash = NULL; + int need_natd = 0; /* validity check */ if (iph1->status != PHASE1ST_MSG2RECEIVED) { @@ -479,6 +542,17 @@ agg_i2send(iph1, msg) tlen = sizeof(struct isakmp); +#ifdef IKE_NAT_T + if ((iph1->natt_flags & natt_remote_support) != 0) { + need_natd = 1; + natd_create(iph1); + if (iph1->local_natd) + tlen += sizeof(*gen) + iph1->local_natd->l; + if (iph1->remote_natd) + tlen += sizeof(*gen) + iph1->remote_natd->l; + } +#endif + switch (iph1->approval->authmethod) { case OAKLEY_ATTR_AUTH_METHOD_PSKEY: tlen += sizeof(*gen) + iph1->hash->l; @@ -496,7 +570,9 @@ agg_i2send(iph1, msg) goto end; /* set HASH payload */ - p = set_isakmp_payload(p, iph1->hash, ISAKMP_NPTYPE_NONE); + p = set_isakmp_payload(p, iph1->hash, + need_natd ? ISAKMP_NPTYPE_NATD + : ISAKMP_NPTYPE_NONE); break; #ifdef HAVE_SIGNING_C case OAKLEY_ATTR_AUTH_METHOD_DSSSIG: @@ -534,7 +610,9 @@ agg_i2send(iph1, msg) if (need_cert) p = set_isakmp_payload(p, iph1->cert->pl, ISAKMP_NPTYPE_SIG); /* add SIG payload */ - p = set_isakmp_payload(p, iph1->sig, ISAKMP_NPTYPE_NONE); + p = set_isakmp_payload(p, iph1->sig, + need_natd ? ISAKMP_NPTYPE_NATD + : ISAKMP_NPTYPE_NONE); break; #endif case OAKLEY_ATTR_AUTH_METHOD_RSAENC: @@ -563,11 +641,22 @@ agg_i2send(iph1, msg) p = set_isakmp_header(iph1->sendbuf, iph1, ISAKMP_NPTYPE_HASH); if (p == NULL) goto end; - p = set_isakmp_payload(p, gsshash, ISAKMP_NPTYPE_NONE); + p = set_isakmp_payload(p, gsshash, + need_natd ? ISAKMP_NPTYPE_NATD + : ISAKMP_NPTYPE_NONE); break; #endif } +#ifdef IKE_NAT_T + if (need_natd) { + if (iph1->local_natd) + p = set_isakmp_payload(p, iph1->local_natd, ISAKMP_NPTYPE_NATD); + if (iph1->remote_natd) + p = set_isakmp_payload(p, iph1->remote_natd, ISAKMP_NPTYPE_NONE); + } +#endif + #ifdef HAVE_PRINT_ISAKMP_C isakmp_printpacket(iph1->sendbuf, iph1->local, iph1->remote, 0); #endif @@ -664,7 +753,12 @@ agg_r1recv(iph1, msg) goto end; break; case ISAKMP_NPTYPE_VID: - (void)check_vendorid(pa->ptr); + if (check_vendorid(pa->ptr) == VENDORID_NATT) + { +#ifdef IKE_NAT_T + iph1->natt_flags |= natt_remote_support; +#endif + } break; #ifdef HAVE_SIGNING_C case ISAKMP_NPTYPE_CR: @@ -747,7 +841,7 @@ agg_r1send(iph1, msg) vchar_t *msg; { struct isakmp_gen *gen; - char *p; + char *p = NULL; int tlen; int need_cr = 0; int need_cert = 0; @@ -759,6 +853,7 @@ agg_r1send(iph1, msg) vchar_t *gsstoken = NULL, *gsshash = NULL; vchar_t *gss_sa = NULL; #endif + vchar_t *nattvid = NULL; /* validity check */ if (iph1->status != PHASE1ST_MSG1RECEIVED) { @@ -834,6 +929,20 @@ agg_r1send(iph1, msg) tlen = sizeof(struct isakmp); +#ifdef IKE_NAT_T + if ((iph1->natt_flags & natt_remote_support) != 0) { + nattvid = set_vendorid(VENDORID_NATT); + natd_create(iph1); + if (nattvid) { + tlen += sizeof(*gen) + nattvid->l; + if (iph1->local_natd) + tlen += sizeof(*gen) + iph1->local_natd->l; + if (iph1->remote_natd) + tlen += sizeof(*gen) + iph1->remote_natd->l; + } + } +#endif + switch (iph1->approval->authmethod) { case OAKLEY_ATTR_AUTH_METHOD_PSKEY: /* create buffer to send isakmp payload */ @@ -875,17 +984,21 @@ agg_r1send(iph1, msg) p = set_isakmp_payload(p, iph1->hash, vid ? ISAKMP_NPTYPE_VID : (need_cr ? ISAKMP_NPTYPE_CR - : ISAKMP_NPTYPE_NONE)); + : (nattvid ? ISAKMP_NPTYPE_VID + : ISAKMP_NPTYPE_NONE))); /* append vendor id, if needed */ if (vid) p = set_isakmp_payload(p, vid, need_cr ? ISAKMP_NPTYPE_CR - : ISAKMP_NPTYPE_NONE); + : (nattvid ? ISAKMP_NPTYPE_VID + : ISAKMP_NPTYPE_NONE)); /* create isakmp CR payload if needed */ if (need_cr) - p = set_isakmp_payload(p, cr, ISAKMP_NPTYPE_NONE); + p = set_isakmp_payload(p, cr, + nattvid ? ISAKMP_NPTYPE_VID + : ISAKMP_NPTYPE_NONE); break; #ifdef HAVE_SIGNING_C case OAKLEY_ATTR_AUTH_METHOD_DSSSIG: @@ -952,11 +1065,24 @@ agg_r1send(iph1, msg) if (vid) p = set_isakmp_payload(p, vid, need_cr ? ISAKMP_NPTYPE_CR - : ISAKMP_NPTYPE_NONE); + : (nattvid ? ISAKMP_NPTYPE_VID + : ISAKMP_NPTYPE_NONE)); /* create isakmp CR payload if needed */ if (need_cr) - p = set_isakmp_payload(p, cr, ISAKMP_NPTYPE_NONE); + p = set_isakmp_payload(p, cr, + nattvid ? ISAKMP_NPTYPE_VID + : ISAKMP_NPTYPE_NONE); + +#ifdef IKE_NAT_T + if (nattvid) { + p = set_isakmp_payload(p, nattvid, ISAKMP_NPTYPE_NATD); + if (iph1->local_natd) + p = set_isakmp_payload(p, iph1->local_natd, ISAKMP_NPTYPE_NATD); + if (iph1->remote_natd) + p = set_isakmp_payload(p, iph1->remote_natd, ISAKMP_NPTYPE_NONE); + } +#endif break; #endif case OAKLEY_ATTR_AUTH_METHOD_RSAENC: @@ -1023,15 +1149,27 @@ agg_r1send(iph1, msg) /* create isakmp HASH payload */ p = set_isakmp_payload(p, gsshash, - vid != NULL ? ISAKMP_NPTYPE_VID + vid != NULL || nattvid != NULL ? ISAKMP_NPTYPE_VID : ISAKMP_NPTYPE_NONE); /* append vendor id, if needed */ if (vid) - p = set_isakmp_payload(p, vid, ISAKMP_NPTYPE_NONE); + p = set_isakmp_payload(p, vid, + nattvid != NULL ? ISAKMP_NPTYPE_VID + : ISAKMP_NPTYPE_NONE); break; #endif } + +#ifdef IKE_NAT_T + if (nattvid) { + p = set_isakmp_payload(p, nattvid, ISAKMP_NPTYPE_NATD); + if (iph1->local_natd) + p = set_isakmp_payload(p, iph1->local_natd, ISAKMP_NPTYPE_NATD); + if (iph1->remote_natd) + p = set_isakmp_payload(p, iph1->remote_natd, ISAKMP_NPTYPE_NONE); + } +#endif #ifdef HAVE_PRINT_ISAKMP_C @@ -1059,6 +1197,8 @@ end: vfree(cr); if (vid) vfree(vid); + if (nattvid) + vfree(nattvid); #ifdef HAVE_GSSAPI if (gsstoken) vfree(gsstoken); @@ -1137,6 +1277,18 @@ agg_r2recv(iph1, msg0) case ISAKMP_NPTYPE_N: isakmp_check_notify(pa->ptr, iph1); break; + case ISAKMP_NPTYPE_NATD: +#ifdef IKE_NAT_T + { + natd_match_t match = natd_matches(iph1, pa->ptr); + iph1->natt_flags |= natt_natd_received; + if ((match & natd_match_local) != 0) + iph1->natt_flags |= natt_no_local_nat; + if ((match & natd_match_remote) != 0) + iph1->natt_flags |= natt_no_remote_nat; + } +#endif + break; default: /* don't send information, see isakmp_ident_r1() */ plog(LLV_ERROR, LOCATION, iph1->remote, diff --git a/racoon.tproj/isakmp_agg.h b/racoon.tproj/isakmp_agg.h index f79ee1b..0609be7 100644 --- a/racoon.tproj/isakmp_agg.h +++ b/racoon.tproj/isakmp_agg.h @@ -1,4 +1,4 @@ -/* $KAME: isakmp_agg.h,v 1.3 2000/09/13 04:50:25 itojun Exp $ */ +/* $KAME: isakmp_agg.h,v 1.4 2000/10/04 17:41:00 itojun Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. diff --git a/racoon.tproj/isakmp_base.c b/racoon.tproj/isakmp_base.c index 5878d94..673bc02 100644 --- a/racoon.tproj/isakmp_base.c +++ b/racoon.tproj/isakmp_base.c @@ -1,4 +1,4 @@ -/* $KAME: isakmp_base.c,v 1.47 2001/12/11 20:33:41 sakane Exp $ */ +/* $KAME: isakmp_base.c,v 1.48 2001/12/12 15:29:13 sakane Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. diff --git a/racoon.tproj/isakmp_base.h b/racoon.tproj/isakmp_base.h index 72efde1..5e71818 100644 --- a/racoon.tproj/isakmp_base.h +++ b/racoon.tproj/isakmp_base.h @@ -1,4 +1,4 @@ -/* $KAME: isakmp_base.h,v 1.5 2000/09/21 15:18:25 sakane Exp $ */ +/* $KAME: isakmp_base.h,v 1.6 2000/10/04 17:41:00 itojun Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. diff --git a/racoon.tproj/isakmp_ident.c b/racoon.tproj/isakmp_ident.c index 4e15a47..58a6a2c 100644 --- a/racoon.tproj/isakmp_ident.c +++ b/racoon.tproj/isakmp_ident.c @@ -1,4 +1,4 @@ -/* $KAME: isakmp_ident.c,v 1.62 2001/12/12 15:29:13 sakane Exp $ */ +/* $KAME: isakmp_ident.c,v 1.63 2001/12/12 17:57:26 sakane Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -38,6 +38,7 @@ #include #include #include +#include #if TIME_WITH_SYS_TIME # include # include @@ -68,6 +69,7 @@ #include "pfkey.h" #include "isakmp_ident.h" #include "isakmp_inf.h" +#include "isakmp_natd.h" #include "vendorid.h" #ifdef HAVE_GSSAPI @@ -96,6 +98,7 @@ ident_i1send(iph1, msg) caddr_t p; int tlen; int error = -1; + vchar_t *vid = NULL; /* validity check */ if (msg != NULL) { @@ -122,6 +125,11 @@ ident_i1send(iph1, msg) tlen = sizeof(struct isakmp) + sizeof(*gen) + iph1->sa->l; +#ifdef IKE_NAT_T + vid = set_vendorid(VENDORID_NATT); + if (vid) tlen += sizeof(*gen) + vid->l; +#endif + iph1->sendbuf = vmalloc(tlen); if (iph1->sendbuf == NULL) { plog(LLV_ERROR, LOCATION, NULL, @@ -135,7 +143,12 @@ ident_i1send(iph1, msg) goto end; /* set SA payload to propose */ - p = set_isakmp_payload(p, iph1->sa, ISAKMP_NPTYPE_NONE); + p = set_isakmp_payload(p, iph1->sa, vid ? ISAKMP_NPTYPE_VID : ISAKMP_NPTYPE_NONE); + + if (vid) { + p = set_isakmp_payload(p, vid, ISAKMP_NPTYPE_NONE); + vfree(vid); + } #ifdef HAVE_PRINT_ISAKMP_C isakmp_printpacket(iph1->sendbuf, iph1->local, iph1->remote, 0); @@ -212,7 +225,12 @@ ident_i2recv(iph1, msg) switch (pa->type) { case ISAKMP_NPTYPE_VID: - (void)check_vendorid(pa->ptr); + if (check_vendorid(pa->ptr) == VENDORID_NATT) + { +#ifdef IKE_NAT_T + iph1->natt_flags |= natt_remote_support; +#endif + } break; default: /* don't send information, see ident_r1recv() */ @@ -381,6 +399,18 @@ ident_i3recv(iph1, msg) gssapi_save_received_token(iph1, gsstoken); break; #endif + case ISAKMP_NPTYPE_NATD: +#ifdef IKE_NAT_T + { + natd_match_t match = natd_matches(iph1, pa->ptr); + iph1->natt_flags |= natt_natd_received; + if ((match & natd_match_local) != 0) + iph1->natt_flags |= natt_no_local_nat; + if ((match & natd_match_remote) != 0) + iph1->natt_flags |= natt_no_remote_nat; + } +#endif + break; default: /* don't send information, see ident_r1recv() */ plog(LLV_ERROR, LOCATION, iph1->remote, @@ -390,6 +420,24 @@ ident_i3recv(iph1, msg) goto end; } } + +#ifdef IKE_NAT_T + /* Determine if we need to switch to port 4500 */ + if (natd_hasnat(iph1)) + { + /* There is a NAT between us! Switch to port 4500. */ + if (iph1->remote->sa_family == AF_INET) + { + struct sockaddr_in *sin = (struct sockaddr_in*)iph1->remote; + plog(LLV_INFO, LOCATION, NULL, + "detected NAT, switching to port %d for %s", + PORT_ISAKMP_NATT, saddr2str(iph1->remote)); + sin->sin_port = htons(PORT_ISAKMP_NATT); + sin = (struct sockaddr_in*)iph1->local; + sin->sin_port = htons(PORT_ISAKMP_NATT); + } + } +#endif /* payload existency check */ if (iph1->dhpub_p == NULL || iph1->nonce_p == NULL) { @@ -759,7 +807,10 @@ ident_r1recv(iph1, msg) switch (pa->type) { case ISAKMP_NPTYPE_VID: - (void)check_vendorid(pa->ptr); + if (check_vendorid(pa->ptr) == VENDORID_NATT) + { + iph1->natt_flags |= natt_remote_support; + } break; default: /* @@ -817,6 +868,9 @@ ident_r1send(iph1, msg) int error = -1; vchar_t *gss_sa = NULL; vchar_t *vid = NULL; +#ifdef IKE_NAT_T + vchar_t *nattvid = NULL; +#endif /* validity check */ if (iph1->status != PHASE1ST_MSG1RECEIVED) { @@ -842,6 +896,13 @@ ident_r1send(iph1, msg) if ((vid = set_vendorid(iph1->approval->vendorid)) != NULL) tlen += sizeof(*gen) + vid->l; +#ifdef IKE_NAT_T + if ((nattvid = set_vendorid(VENDORID_NATT)) != NULL) + { + tlen += sizeof(*gen) + nattvid->l; + } +#endif + iph1->sendbuf = vmalloc(tlen); if (iph1->sendbuf == NULL) { plog(LLV_ERROR, LOCATION, NULL, @@ -856,12 +917,16 @@ ident_r1send(iph1, msg) /* set SA payload to reply */ p = set_isakmp_payload(p, gss_sa, - vid ? ISAKMP_NPTYPE_VID + (vid || nattvid) ? ISAKMP_NPTYPE_VID : ISAKMP_NPTYPE_NONE); /* Set Vendor ID, if necessary. */ if (vid) - p = set_isakmp_payload(p, vid, ISAKMP_NPTYPE_NONE); + p = set_isakmp_payload(p, vid, nattvid ? ISAKMP_NPTYPE_VID + : ISAKMP_NPTYPE_NONE); + + if (nattvid) + p = set_isakmp_payload(p, nattvid, ISAKMP_NPTYPE_NONE); #ifdef HAVE_PRINT_ISAKMP_C isakmp_printpacket(iph1->sendbuf, iph1->local, iph1->remote, 0); @@ -890,6 +955,8 @@ end: #endif if (vid) vfree(vid); + if (nattvid) + vfree(nattvid); return error; } @@ -954,6 +1021,18 @@ ident_r2recv(iph1, msg) gssapi_save_received_token(iph1, gsstoken); break; #endif + case ISAKMP_NPTYPE_NATD: +#ifdef IKE_NAT_T + { + natd_match_t match = natd_matches(iph1, pa->ptr); + iph1->natt_flags |= natt_natd_received; + if ((match & natd_match_local) != 0) + iph1->natt_flags |= natt_no_local_nat; + if ((match & natd_match_remote) != 0) + iph1->natt_flags |= natt_no_remote_nat; + } +#endif + break; default: /* don't send information, see ident_r1recv() */ plog(LLV_ERROR, LOCATION, iph1->remote, @@ -1392,6 +1471,7 @@ ident_ir2mx(iph1) #ifdef HAVE_GSSAPI vchar_t *gsstoken = NULL; #endif + int need_natd = 0; #ifdef HAVE_SIGNING_C /* create CR if need */ @@ -1427,6 +1507,17 @@ ident_ir2mx(iph1) tlen += sizeof(*gen) + gsstoken->l; #endif +#ifdef IKE_NAT_T + if ((iph1->natt_flags & natt_remote_support) != 0) { + need_natd = 1; + natd_create(iph1); + if (iph1->local_natd) + tlen += sizeof(*gen) + iph1->local_natd->l; + if (iph1->remote_natd) + tlen += sizeof(*gen) + iph1->remote_natd->l; + } +#endif + buf = vmalloc(tlen); if (buf == NULL) { plog(LLV_ERROR, LOCATION, NULL, @@ -1449,7 +1540,8 @@ ident_ir2mx(iph1) else #endif nptype = vid ? ISAKMP_NPTYPE_VID : - (need_cr ? ISAKMP_NPTYPE_CR : ISAKMP_NPTYPE_NONE); + (need_cr ? ISAKMP_NPTYPE_CR : + (need_natd ? ISAKMP_NPTYPE_NATD : ISAKMP_NPTYPE_NONE)); p = set_isakmp_payload(p, iph1->nonce, nptype); #ifdef HAVE_GSSAPI @@ -1457,7 +1549,7 @@ ident_ir2mx(iph1) p = set_isakmp_payload(p, gsstoken, vid ? ISAKMP_NPTYPE_VID : (need_cr ? ISAKMP_NPTYPE_CR - : ISAKMP_NPTYPE_NONE)); + : (need_natd ? ISAKMP_NPTYPE_NATD : ISAKMP_NPTYPE_NONE))); } #endif @@ -1465,12 +1557,20 @@ ident_ir2mx(iph1) if (vid) p = set_isakmp_payload(p, vid, need_cr ? ISAKMP_NPTYPE_CR - : ISAKMP_NPTYPE_NONE); + : (need_natd ? ISAKMP_NPTYPE_NATD : ISAKMP_NPTYPE_NONE)); /* create isakmp CR payload if needed */ if (need_cr) - p = set_isakmp_payload(p, cr, ISAKMP_NPTYPE_NONE); - + p = set_isakmp_payload(p, cr, need_natd ? ISAKMP_NPTYPE_NATD : ISAKMP_NPTYPE_NONE); + +#ifdef IKE_NAT_T + if (need_natd) { + if (iph1->local_natd) + p = set_isakmp_payload(p, iph1->local_natd, ISAKMP_NPTYPE_NATD); + if (iph1->remote_natd) + p = set_isakmp_payload(p, iph1->remote_natd, ISAKMP_NPTYPE_NONE); + } +#endif error = 0; end: diff --git a/racoon.tproj/isakmp_ident.h b/racoon.tproj/isakmp_ident.h index a167f12..85937cc 100644 --- a/racoon.tproj/isakmp_ident.h +++ b/racoon.tproj/isakmp_ident.h @@ -1,4 +1,4 @@ -/* $KAME: isakmp_ident.h,v 1.3 2000/09/13 04:50:26 itojun Exp $ */ +/* $KAME: isakmp_ident.h,v 1.4 2000/10/04 17:41:00 itojun Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. diff --git a/racoon.tproj/isakmp_inf.c b/racoon.tproj/isakmp_inf.c index 0bf9a2f..6927873 100644 --- a/racoon.tproj/isakmp_inf.c +++ b/racoon.tproj/isakmp_inf.c @@ -1,4 +1,4 @@ -/* $KAME: isakmp_inf.c,v 1.78 2001/12/19 18:29:39 sakane Exp $ */ +/* $KAME: isakmp_inf.c,v 1.81 2002/04/15 01:58:37 itojun Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -1062,10 +1062,13 @@ info_recv_initialcontact(iph1) * racoon only deletes SA which is matched both the * source address and the destination accress. */ - if ((cmpsaddrwop(iph1->local, src) && - cmpsaddrwop(iph1->remote, dst)) || - (cmpsaddrwop(iph1->remote, src) && - cmpsaddrwop(iph1->local, dst))) { + if (cmpsaddrwop(iph1->local, src) == 0 && + cmpsaddrwop(iph1->remote, dst) == 0) + ; + else if (cmpsaddrwop(iph1->remote, src) == 0 && + cmpsaddrwop(iph1->local, dst) == 0) + ; + else { msg = next; continue; } diff --git a/racoon.tproj/isakmp_inf.h b/racoon.tproj/isakmp_inf.h index e6dbf51..26ad55a 100644 --- a/racoon.tproj/isakmp_inf.h +++ b/racoon.tproj/isakmp_inf.h @@ -1,4 +1,4 @@ -/* $KAME: isakmp_inf.h,v 1.12 2000/09/13 04:50:26 itojun Exp $ */ +/* $KAME: isakmp_inf.h,v 1.13 2000/10/04 17:41:00 itojun Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. diff --git a/racoon.tproj/isakmp_natd.c b/racoon.tproj/isakmp_natd.c new file mode 100644 index 0000000..6d8c8d9 --- /dev/null +++ b/racoon.tproj/isakmp_natd.c @@ -0,0 +1,159 @@ + +#include +#include +#include +#include +#include + +#include + +#include "vmbuf.h" +#include "plog.h" +#include "misc.h" +#include "isakmp_var.h" +#include "oakley.h" +#include "isakmp.h" + +#include "handler.h" +#include "isakmp_natd.h" + +natd_match_t +natd_matches( + struct ph1handle* iph1, + struct isakmp_gen *natd_record) +{ + natd_match_t matches = 0; +#ifdef IKE_NAT_T + int dataLen = ntohs(natd_record->len) - sizeof(*natd_record); + char* dataPtr = ((char*)natd_record) + sizeof(*natd_record); + + /* Always recreate the natd records in case the ports change */ + natd_create(iph1); + + if (iph1->local_natd != NULL && dataLen == iph1->local_natd->l && + memcmp(dataPtr, iph1->local_natd->v, dataLen) == 0) + { + plog(LLV_DEBUG, LOCATION, iph1->remote, + "natd payload matches local address\n"); + matches |= natd_match_local; + } + + if (iph1->remote_natd != NULL && dataLen == iph1->remote_natd->l && + memcmp(dataPtr, iph1->remote_natd->v, dataLen) == 0) + { + plog(LLV_DEBUG, LOCATION, iph1->remote, + "natd payload matches remote address\n"); + matches |= natd_match_remote; + } +#else + matches = natd_match_local | natd_match_remote; +#endif + + if (matches == 0) + { + plog(LLV_DEBUG, LOCATION, iph1->remote, + "natd payload matches no address\n"); + } + + return matches; +} + +/* + * NAT detection record contains a hash of the initiator cookie, + * responder cookie, address, and port. + */ +typedef struct { + cookie_t initiator_cookie; + cookie_t responder_cookie; + struct in_addr address; + u_short port; +} __attribute__((__packed__)) natd_hash_contents; + +int +natd_create( + struct ph1handle* iph1) +{ +#ifdef IKE_NAT_T + natd_hash_contents hash_this; + vchar_t data_to_hash; + + if (iph1->remote->sa_family != AF_INET || + iph1->local->sa_family != AF_INET) + { + /* + * NAT traversal is intentionally unsupported on IPv6. + * + * The only reason for using NAT is a lack of addresses. + * IPv6 does not suffer from a lack of addresses. If I + * find that anyone is using NAT with IPv6, I would break + * their kneecaps and poke their eyes out with sharp + * sticks. I don't really want to go to jail though, so + * instead, I'll spare myself the effort of support nat + * traversal magic when IPv6 is involved in hopes this will + * cause boneheads who would try to use IPv6 NAT to give up + * since so many things will stop working. I'm sick of + * working around all of the problems that NATs introduce. + * + * IPv6 is our opportunity to move to a NAT free world. + */ + return -1; + } + + data_to_hash.l = sizeof(hash_this); + data_to_hash.v = (char*)&hash_this; + + memcpy(hash_this.initiator_cookie, iph1->index.i_ck, + sizeof(hash_this.initiator_cookie)); + memcpy(hash_this.responder_cookie, iph1->index.r_ck, + sizeof(hash_this.responder_cookie)); + + /* Local address */ + if (iph1->local_natd != NULL) + vfree(iph1->local_natd); + iph1->local_natd = NULL; + hash_this.address = ((struct sockaddr_in*)(iph1->local))->sin_addr; + hash_this.port = ((struct sockaddr_in*)(iph1->local))->sin_port; + plog(LLV_DEBUG, LOCATION, iph1->remote, + "creating local %.8X%.8X:%.8X%.8X %s:%d\n", + *(u_long*)&hash_this.initiator_cookie[0], + *(u_long*)&hash_this.initiator_cookie[4], + *(u_long*)&hash_this.responder_cookie[0], + *(u_long*)&hash_this.responder_cookie[4], + inet_ntoa(hash_this.address), hash_this.port); + iph1->local_natd = oakley_hash(&data_to_hash, iph1); + plogdump(LLV_DEBUG, iph1->local_natd->v, iph1->local_natd->l); + + /* Remote address */ + if (iph1->remote_natd != NULL) + vfree(iph1->remote_natd); + iph1->remote_natd = NULL; + hash_this.address = ((struct sockaddr_in*)(iph1->remote))->sin_addr; + hash_this.port = ((struct sockaddr_in*)(iph1->remote))->sin_port; + plog(LLV_DEBUG, LOCATION, iph1->remote, + "creating remote %.8X%.8X:%.8X%.8X %s:%d\n", + *(u_long*)&hash_this.initiator_cookie[0], + *(u_long*)&hash_this.initiator_cookie[4], + *(u_long*)&hash_this.responder_cookie[0], + *(u_long*)&hash_this.responder_cookie[4], + inet_ntoa(hash_this.address), hash_this.port); + iph1->remote_natd = oakley_hash(&data_to_hash, iph1); + plogdump(LLV_DEBUG, iph1->remote_natd->v, iph1->remote_natd->l); + + return (iph1->local_natd != NULL) && (iph1->remote_natd != NULL); +#else + return 0; +#endif +} + +int +natd_hasnat( + const struct ph1handle* iph1) +{ +#if IKE_NAT_T + return (iph1->natt_flags & natt_natd_received) && + (iph1->natt_flags & (natt_no_remote_nat | natt_no_local_nat)) != + (natt_no_remote_nat | natt_no_local_nat); +#else + return 0; +#endif +} diff --git a/racoon.tproj/isakmp_natd.h b/racoon.tproj/isakmp_natd.h new file mode 100644 index 0000000..84cc4f1 --- /dev/null +++ b/racoon.tproj/isakmp_natd.h @@ -0,0 +1,15 @@ +// natd_matches checks if the natd_record matches either the +// source address and port or the destination address and port +// if natd_record matches source, returns 1. +// if natd_record matches desination, returns 2. +// if natd_record doesn't match any entries, returns 0. +typedef enum +{ + natd_match_none = 0, + natd_match_local = 1, + natd_match_remote = 2 +} natd_match_t; + +natd_match_t natd_matches(struct ph1handle* iph1, struct isakmp_gen *natd_record); +int natd_create(struct ph1handle* iph1); +int natd_hasnat(const struct ph1handle* iph1); \ No newline at end of file diff --git a/racoon.tproj/isakmp_newg.c b/racoon.tproj/isakmp_newg.c index 5d6b9db..588ffdf 100644 --- a/racoon.tproj/isakmp_newg.c +++ b/racoon.tproj/isakmp_newg.c @@ -1,4 +1,4 @@ -/* $KAME: isakmp_newg.c,v 1.8 2000/12/15 13:43:55 sakane Exp $ */ +/* $KAME: isakmp_newg.c,v 1.10 2002/09/27 05:55:52 itojun Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. diff --git a/racoon.tproj/isakmp_newg.h b/racoon.tproj/isakmp_newg.h index 680f6ca..6d1a17f 100644 --- a/racoon.tproj/isakmp_newg.h +++ b/racoon.tproj/isakmp_newg.h @@ -1,4 +1,4 @@ -/* $KAME: isakmp_newg.h,v 1.3 2000/09/13 04:50:26 itojun Exp $ */ +/* $KAME: isakmp_newg.h,v 1.4 2000/10/04 17:41:01 itojun Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. diff --git a/racoon.tproj/isakmp_quick.c b/racoon.tproj/isakmp_quick.c index c0d8004..55fd177 100644 --- a/racoon.tproj/isakmp_quick.c +++ b/racoon.tproj/isakmp_quick.c @@ -1,4 +1,4 @@ -/* $KAME: isakmp_quick.c,v 1.91 2001/12/31 20:13:41 thorpej Exp $ */ +/* $KAME: isakmp_quick.c,v 1.93 2002/05/07 17:47:55 sakane Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. diff --git a/racoon.tproj/isakmp_quick.h b/racoon.tproj/isakmp_quick.h index edb4d56..d87f78f 100644 --- a/racoon.tproj/isakmp_quick.h +++ b/racoon.tproj/isakmp_quick.h @@ -1,4 +1,4 @@ -/* $KAME: isakmp_quick.h,v 1.4 2000/09/13 04:50:26 itojun Exp $ */ +/* $KAME: isakmp_quick.h,v 1.5 2000/10/04 17:41:01 itojun Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. diff --git a/racoon.tproj/isakmp_var.h b/racoon.tproj/isakmp_var.h index 01d410c..ec78bd3 100644 --- a/racoon.tproj/isakmp_var.h +++ b/racoon.tproj/isakmp_var.h @@ -1,4 +1,4 @@ -/* $KAME: isakmp_var.h,v 1.19 2000/10/04 17:41:01 itojun Exp $ */ +/* $KAME: isakmp_var.h,v 1.20 2001/12/12 15:29:14 sakane Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -30,6 +30,7 @@ */ #define PORT_ISAKMP 500 +#define PORT_ISAKMP_NATT 4500 #define DEFAULT_NONCE_SIZE 16 @@ -54,6 +55,7 @@ struct isakmp_pl_ke; /* XXX */ struct isakmp_pl_nonce; /* XXX */ extern int isakmp_handler __P((int)); +extern int isakmp_natt_handler __P((int)); extern int isakmp_ph1begin_i __P((struct remoteconf *, struct sockaddr *)); extern vchar_t *isakmp_parsewoh __P((int, struct isakmp_gen *, int)); diff --git a/racoon.tproj/libpfkey.h b/racoon.tproj/libpfkey.h index 28adea7..99428f5 100644 --- a/racoon.tproj/libpfkey.h +++ b/racoon.tproj/libpfkey.h @@ -46,11 +46,11 @@ int pfkey_send_getspi __P((int, u_int, u_int, struct sockaddr *, int pfkey_send_update __P((int, u_int, u_int, struct sockaddr *, struct sockaddr *, u_int32_t, u_int32_t, u_int, caddr_t, u_int, u_int, u_int, u_int, u_int, u_int32_t, u_int64_t, - u_int64_t, u_int64_t, u_int32_t)); + u_int64_t, u_int64_t, u_int32_t, u_int16_t)); int pfkey_send_add __P((int, u_int, u_int, struct sockaddr *, struct sockaddr *, u_int32_t, u_int32_t, u_int, caddr_t, u_int, u_int, u_int, u_int, u_int, u_int32_t, u_int64_t, - u_int64_t, u_int64_t, u_int32_t)); + u_int64_t, u_int64_t, u_int32_t, u_int16_t)); int pfkey_send_delete __P((int, u_int, u_int, struct sockaddr *, struct sockaddr *, u_int32_t)); int pfkey_send_delete_all __P((int, u_int, u_int, diff --git a/racoon.tproj/localconf.c b/racoon.tproj/localconf.c index dbb42a2..87ba373 100644 --- a/racoon.tproj/localconf.c +++ b/racoon.tproj/localconf.c @@ -1,4 +1,5 @@ -/* $KAME: localconf.c,v 1.32 2001/06/01 08:26:05 sakane Exp $ */ + +/* $KAME: localconf.c,v 1.33 2001/08/09 07:32:19 sakane Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -57,10 +58,12 @@ #include "admin.h" #include "gcmalloc.h" +#include +#include + struct localconf *lcconf; static void setdefault __P((void)); -static vchar_t *getpsk __P((const char *, const int)); void initlcconf() @@ -143,6 +146,77 @@ end: return key; } +/* + * get PSK from keyChain. + */ +vchar_t * +getpskfromkeychain(const char *name) +{ + SecKeychainRef keychain = NULL; + vchar_t *key = NULL; + void *cur_password = NULL; + UInt32 cur_password_len = 0; + OSStatus status; + char serviceName[] = "com.apple.net.racoon"; + + status = SecKeychainSetPreferenceDomain(kSecPreferencesDomainSystem); + if (status != noErr) { + plog(LLV_ERROR, LOCATION, NULL, + "failed to set system keychain domain.\n"); + goto end; + } + + status = SecKeychainCopyDomainDefault(kSecPreferencesDomainSystem, + &keychain); + if (status != noErr) { + plog(LLV_ERROR, LOCATION, NULL, + "failed to get system keychain domain.\n"); + goto end; + } + + status = SecKeychainFindGenericPassword(keychain, + strlen(serviceName), + serviceName, + strlen(name), + name, + &cur_password_len, + &cur_password, + NULL); + + switch (status) { + + case noErr : + break; + + case errSecItemNotFound : + break; + + default : + plog(LLV_ERROR, LOCATION, NULL, + "failed to get preshared key from system keychain (error %d).\n", status); + } + +end: + + if (cur_password) { + key = vmalloc(cur_password_len + 1); + if (key == NULL) { + plog(LLV_ERROR, LOCATION, NULL, + "failed to allocate key buffer.\n"); + } + else { + memcpy(key->v, cur_password, key->l); + key->v[cur_password_len] = 0; + } + free(cur_password); + } + + if (keychain) + CFRelease(keychain); + + return key; +} + /* * get PSK by address. */ @@ -160,7 +234,7 @@ getpskbyaddr(remote) return key; } -static vchar_t * +vchar_t * getpsk(str, len) const char *str; const int len; @@ -200,6 +274,7 @@ getpsk(str, len) if (*p == '\0') continue; /* no 2nd parameter */ p--; + if (strncmp(buf, str, len) == 0 && buf[len] == '\0') { p++; keylen = 0; diff --git a/racoon.tproj/localconf.h b/racoon.tproj/localconf.h index c1406f3..8f7219f 100644 --- a/racoon.tproj/localconf.h +++ b/racoon.tproj/localconf.h @@ -1,4 +1,4 @@ -/* $KAME: localconf.h,v 1.27 2001/08/09 07:32:19 sakane Exp $ */ +/* $KAME: localconf.h,v 1.28 2001/12/11 23:44:08 sakane Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -106,6 +106,8 @@ extern void initlcconf __P((void)); extern void flushlcconf __P((void)); extern vchar_t *getpskbyname __P((vchar_t *)); extern vchar_t *getpskbyaddr __P((struct sockaddr *)); +extern vchar_t *getpsk __P((const char *str, const int len)); +extern vchar_t *getpskfromkeychain __P((const char *)); extern void getpathname __P((char *, int, int, const char *)); extern int sittype2doi __P((int)); extern int doitype2doi __P((int)); diff --git a/racoon.tproj/logger.c b/racoon.tproj/logger.c index 0f3b5df..b42a9d3 100644 --- a/racoon.tproj/logger.c +++ b/racoon.tproj/logger.c @@ -1,4 +1,4 @@ -/* $KAME: logger.c,v 1.7 2000/10/04 17:41:01 itojun Exp $ */ +/* $KAME: logger.c,v 1.9 2002/09/03 14:37:03 itojun Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -77,8 +77,8 @@ log_open(siz, fname) p->tbuf = (time_t *)racoon_malloc(sizeof(time_t *) * siz); if (p->tbuf == NULL) { - racoon_free(p); racoon_free(p->buf); + racoon_free(p); return NULL; } memset(p->tbuf, 0, sizeof(time_t *) * siz); diff --git a/racoon.tproj/logger.h b/racoon.tproj/logger.h index 280f041..eb5c556 100644 --- a/racoon.tproj/logger.h +++ b/racoon.tproj/logger.h @@ -1,4 +1,4 @@ -/* $KAME: logger.h,v 1.3 2000/09/13 04:50:27 itojun Exp $ */ +/* $KAME: logger.h,v 1.4 2000/10/04 17:41:01 itojun Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. diff --git a/racoon.tproj/main.c b/racoon.tproj/main.c index 109f96d..99b60f2 100644 --- a/racoon.tproj/main.c +++ b/racoon.tproj/main.c @@ -1,4 +1,4 @@ -/* $KAME: main.c,v 1.43 2001/11/16 04:34:57 sakane Exp $ */ +/* $KAME: main.c,v 1.48 2002/11/20 02:06:07 itojun Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -34,6 +34,7 @@ #include #include #include +#include #include @@ -70,6 +71,9 @@ #include "pfkey.h" #include "crypto_openssl.h" #include "backupsa.h" +#ifndef HAVE_ARC4RANDOM +#include "arc4random.h" +#endif int f_foreground = 0; /* force running in foreground. */ int f_local = 0; /* local test mode. behave like a wall. */ @@ -126,6 +130,8 @@ usage() exit(1); } +extern int cfparse(void); + int main(ac, av) int ac; @@ -162,6 +168,7 @@ main(ac, av) parse(ac, av); ploginit(); + (void)arc4random(); /* XXX test if random number is available */ #ifdef RACOON_PKG_VERSION plog(LLV_INFO, LOCATION, NULL, "%s\n", version0); @@ -187,6 +194,16 @@ main(ac, av) errx(1, "failed to parse configuration file."); restore_params(); +#ifdef IKE_NAT_T + /* Tell the kernel which port to use for UDP encapsulation */ + { + int udp_port = PORT_ISAKMP_NATT; + if (sysctlbyname("net.inet.ipsec.esp_port", NULL, NULL, &udp_port, sizeof(udp_port)) != 0) + errx(1, "couldn't set net.inet.ipsec.esp_port to %d. (%s)", + udp_port, strerror(errno)); + } +#endif + /* * install SAs from the specified file. If the file is not specified * by the configuration file, racoon will exit. diff --git a/racoon.tproj/misc.c b/racoon.tproj/misc.c index 8906017..35dfb68 100644 --- a/racoon.tproj/misc.c +++ b/racoon.tproj/misc.c @@ -1,4 +1,4 @@ -/* $KAME: misc.c,v 1.22 2001/07/14 05:48:33 sakane Exp $ */ +/* $KAME: misc.c,v 1.23 2001/08/16 14:37:29 itojun Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. diff --git a/racoon.tproj/misc.h b/racoon.tproj/misc.h index c5f2846..989e583 100644 --- a/racoon.tproj/misc.h +++ b/racoon.tproj/misc.h @@ -1,4 +1,4 @@ -/* $KAME: misc.h,v 1.11 2001/07/14 05:48:33 sakane Exp $ */ +/* $KAME: misc.h,v 1.13 2002/06/10 19:58:29 itojun Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. diff --git a/racoon.tproj/netdb_dnssec.h b/racoon.tproj/netdb_dnssec.h index f0d3582..94c933f 100644 --- a/racoon.tproj/netdb_dnssec.h +++ b/racoon.tproj/netdb_dnssec.h @@ -1,4 +1,4 @@ -/* $KAME: netdb_dnssec.h,v 1.1 2001/04/11 06:11:55 sakane Exp $ */ +/* $KAME: netdb_dnssec.h,v 1.2 2001/04/11 09:52:00 sakane Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. diff --git a/racoon.tproj/oakley.c b/racoon.tproj/oakley.c index 5caa962..d7e47da 100644 --- a/racoon.tproj/oakley.c +++ b/racoon.tproj/oakley.c @@ -1,4 +1,4 @@ -/* $KAME: oakley.c,v 1.111 2001/12/20 23:33:22 sakane Exp $ */ +/* $KAME: oakley.c,v 1.115 2003/01/10 08:38:23 sakane Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -74,6 +74,9 @@ #include "sockmisc.h" #include "strnames.h" #include "gcmalloc.h" +#ifndef HAVE_ARC4RANDOM +#include "arc4random.h" +#endif #ifdef HAVE_GSSAPI #include "gssapi.h" @@ -89,6 +92,7 @@ do { \ memset(&a, 0, sizeof(struct dhgroup)); \ a.type = (t); \ a.prime = vdup(&buf); \ + racoon_free(buf.v); \ a.gen1 = 2; \ a.gen2 = 0; \ } while(0); @@ -199,7 +203,7 @@ oakley_dh_compute(dh, pub, priv, pub_p, gxy) #ifdef ENABLE_STATS gettimeofday(&end, NULL); - syslog(LOG_NOTICE, "%s(%s%d): %8.6f", __FUNCTION__, + syslog(LOG_NOTICE, "%s(%s%d): %8.6f", __func__, s_attr_isakmp_group(dh->type), dh->prime->l << 3, timedelta(&start, &end)); #endif @@ -246,7 +250,7 @@ oakley_dh_generate(dh, pub, priv) #ifdef ENABLE_STATS gettimeofday(&end, NULL); - syslog(LOG_NOTICE, "%s(%s%d): %8.6f", __FUNCTION__, + syslog(LOG_NOTICE, "%s(%s%d): %8.6f", __func__, s_attr_isakmp_group(dh->type), dh->prime->l << 3, timedelta(&start, &end)); #endif @@ -356,7 +360,7 @@ oakley_hash(buf, iph1) res = alg_oakley_hashdef_one(type, buf); if (res == NULL) { plog(LLV_ERROR, LOCATION, NULL, - "invalid hash algoriym %d.\n", type); + "invalid hash algorithm %d.\n", type); return NULL; } @@ -1286,7 +1290,7 @@ oakley_validate_auth(iph1) } if (error != 0) { plog(LLV_ERROR, LOCATION, NULL, - "Invalid authority of the CERT.\n"); + "the peer's certificate is not verified.\n"); return ISAKMP_NTYPE_INVALID_CERT_AUTHORITY; } } @@ -1395,7 +1399,7 @@ oakley_validate_auth(iph1) } #ifdef ENABLE_STATS gettimeofday(&end, NULL); - syslog(LOG_NOTICE, "%s(%s): %8.6f", __FUNCTION__, + syslog(LOG_NOTICE, "%s(%s): %8.6f", __func__, s_oakley_attr_method(iph1->approval->authmethod), timedelta(&start, &end)); #endif @@ -2026,7 +2030,23 @@ oakley_skeyid(iph1) /* SKEYID */ switch(iph1->approval->authmethod) { case OAKLEY_ATTR_AUTH_METHOD_PSKEY: - if (iph1->etype != ISAKMP_ETYPE_IDENT) { + /* if we have a preshared key defined, just use it */ + if (iph1->rmconf->shared_secret) { + + switch (iph1->rmconf->secrettype) { + case SECRETTYPE_KEY: + iph1->authstr = getpsk(iph1->rmconf->shared_secret->v, iph1->rmconf->shared_secret->l-1); + break; + case SECRETTYPE_KEYCHAIN: + iph1->authstr = getpskfromkeychain(iph1->rmconf->shared_secret->v); + break; + case SECRETTYPE_USE: + default: + iph1->authstr = vdup(iph1->rmconf->shared_secret); + } + + } + else if (iph1->etype != ISAKMP_ETYPE_IDENT) { iph1->authstr = getpskbyname(iph1->id_p); if (iph1->authstr == NULL) { if (iph1->rmconf->verify_identifier) { @@ -2769,7 +2789,7 @@ oakley_do_encrypt(iph1, msg, ivep, ivp) char *p = &buf->v[len]; if (lcconf->pad_random) { for (i = 0; i < padlen; i++) - *p++ = (char)random(); + *p++ = arc4random() & 0xff; } } memcpy(buf->v, pl, len); @@ -2845,7 +2865,8 @@ oakley_padlen(len, base) padlen = base - len % base; if (lcconf->pad_randomlen) - padlen += ((random() % (lcconf->pad_maxsize + 1) + 1) * base); + padlen += ((arc4random() % (lcconf->pad_maxsize + 1) + 1) * + base); return padlen; } diff --git a/racoon.tproj/oakley.h b/racoon.tproj/oakley.h index 6d2a58e..488f430 100644 --- a/racoon.tproj/oakley.h +++ b/racoon.tproj/oakley.h @@ -1,4 +1,4 @@ -/* $KAME: oakley.h,v 1.27 2001/08/17 10:50:27 sakane Exp $ */ +/* $KAME: oakley.h,v 1.28 2001/12/12 18:23:42 sakane Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. diff --git a/racoon.tproj/pfkey.c b/racoon.tproj/pfkey.c index 5403c6f..fbb1f7c 100644 --- a/racoon.tproj/pfkey.c +++ b/racoon.tproj/pfkey.c @@ -1,4 +1,4 @@ -/* $KAME: pfkey.c,v 1.132 2001/10/19 05:31:22 sakane Exp $ */ +/* $KAME: pfkey.c,v 1.134 2002/06/04 05:20:27 itojun Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -72,6 +72,7 @@ #include "isakmp_var.h" #include "isakmp.h" #include "isakmp_inf.h" +#include "isakmp_natd.h" #include "ipsec_doi.h" #include "oakley.h" #include "pfkey.h" @@ -84,6 +85,9 @@ #include "strnames.h" #include "backupsa.h" #include "gcmalloc.h" +#ifndef HAVE_ARC4RANDOM +#include "arc4random.h" +#endif /* prototype */ static u_int ipsecdoi2pfkey_aalg __P((u_int)); @@ -576,8 +580,10 @@ ipsecdoi2pfkey_mode(mode) { switch (mode) { case IPSECDOI_ATTR_ENC_MODE_TUNNEL: + case IPSECDOI_ATTR_ENC_MODE_UDP_TUNNEL: return IPSEC_MODE_TUNNEL; case IPSECDOI_ATTR_ENC_MODE_TRNS: + case IPSECDOI_ATTR_ENC_MODE_UDP_TRNS: return IPSEC_MODE_TRANSPORT; default: plog(LLV_ERROR, LOCATION, NULL, "Invalid mode type: %u\n", mode); @@ -588,14 +594,15 @@ ipsecdoi2pfkey_mode(mode) /* IPSECDOI_ATTR_ENC_MODE -> IPSEC_MODE */ u_int -pfkey2ipsecdoi_mode(mode) +pfkey2ipsecdoi_mode(mode, hasnat) u_int mode; + int hasnat; { switch (mode) { case IPSEC_MODE_TUNNEL: - return IPSECDOI_ATTR_ENC_MODE_TUNNEL; + return hasnat == 0 ? IPSECDOI_ATTR_ENC_MODE_TUNNEL : IPSECDOI_ATTR_ENC_MODE_UDP_TUNNEL; case IPSEC_MODE_TRANSPORT: - return IPSECDOI_ATTR_ENC_MODE_TRNS; + return hasnat == 0 ? IPSECDOI_ATTR_ENC_MODE_TRNS : IPSECDOI_ATTR_ENC_MODE_UDP_TRNS; case IPSEC_MODE_ANY: return IPSECDOI_ATTR_ENC_MODE_ANY; default: @@ -917,6 +924,7 @@ pk_sendupdate(iph2) int e_type, e_keylen, a_type, a_keylen, flags; u_int satype, mode; u_int64_t lifebyte = 0; + u_short port = 0; /* sanity check */ if (iph2->approval == NULL) { @@ -962,6 +970,16 @@ pk_sendupdate(iph2) &a_type, &a_keylen, &flags) < 0) return -1; +#ifdef IKE_NAT_T + if ((pr->encmode == IPSECDOI_ATTR_ENC_MODE_UDP_TUNNEL || + pr->encmode == IPSECDOI_ATTR_ENC_MODE_UDP_TRNS) && + iph2->ph1->remote->sa_family == AF_INET) + { + flags |= SADB_X_EXT_NATT; + port = ((struct sockaddr_in*)iph2->ph1->remote)->sin_port; + } +#endif + #if 0 lifebyte = iph2->approval->lifebyte * 1024, #else @@ -982,7 +1000,7 @@ pk_sendupdate(iph2) pr->keymat->v, e_type, e_keylen, a_type, a_keylen, flags, 0, lifebyte, iph2->approval->lifetime, 0, - iph2->seq) < 0) { + iph2->seq, port) < 0) { plog(LLV_ERROR, LOCATION, NULL, "libipsec failed send update (%s)\n", ipsec_strerror()); @@ -1087,7 +1105,7 @@ pk_recvupdate(mhp) "invalid proto_id %d\n", msg->sadb_msg_satype); return -1; } - encmode = pfkey2ipsecdoi_mode(sa_mode); + encmode = pfkey2ipsecdoi_mode(sa_mode, iph2->ph1 && natd_hasnat(iph2->ph1)); if (encmode == ~0) { plog(LLV_ERROR, LOCATION, NULL, "invalid encmode %d\n", sa_mode); @@ -1158,6 +1176,7 @@ pk_sendadd(iph2) int e_type, e_keylen, a_type, a_keylen, flags; u_int satype, mode; u_int64_t lifebyte = 0; + u_short port = 0; /* sanity check */ if (iph2->approval == NULL) { @@ -1203,6 +1222,20 @@ pk_sendadd(iph2) &a_type, &a_keylen, &flags) < 0) return -1; +#ifdef IKE_NAT_T + if ((pr->encmode == IPSECDOI_ATTR_ENC_MODE_UDP_TUNNEL || + pr->encmode == IPSECDOI_ATTR_ENC_MODE_UDP_TRNS) && + iph2->ph1->remote->sa_family == AF_INET) + { + flags |= SADB_X_EXT_NATT; + port = ((struct sockaddr_in*)iph2->ph1->remote)->sin_port; + + /* If we're the side behind the NAT, send keepalives */ + if ((iph2->ph1->natt_flags & natt_no_local_nat) == 0) + flags |= SADB_X_EXT_NATT_KEEPALIVE; + } +#endif + #if 0 lifebyte = iph2->approval->lifebyte * 1024, #else @@ -1223,7 +1256,7 @@ pk_sendadd(iph2) pr->keymat_p->v, e_type, e_keylen, a_type, a_keylen, flags, 0, lifebyte, iph2->approval->lifetime, 0, - iph2->seq) < 0) { + iph2->seq, port) < 0) { plog(LLV_ERROR, LOCATION, NULL, "libipsec failed send add (%s)\n", ipsec_strerror()); @@ -1749,7 +1782,8 @@ getsadbpolicy(policy0, policylen0, type, iph2) if (type != SADB_X_SPDDELETE) { for (pr = iph2->approval->head; pr; pr = pr->next) { xisrlen = sizeof(*xisr); - if (pr->encmode == IPSECDOI_ATTR_ENC_MODE_TUNNEL) { + if (pr->encmode == IPSECDOI_ATTR_ENC_MODE_TUNNEL || + pr->encmode == IPSECDOI_ATTR_ENC_MODE_UDP_TUNNEL) { xisrlen += (iph2->src->sa_len + iph2->dst->sa_len); } @@ -1806,7 +1840,8 @@ getsadbpolicy(policy0, policylen0, type, iph2) xisrlen = sizeof(*xisr); - if (pr->encmode == IPSECDOI_ATTR_ENC_MODE_TUNNEL) { + if (pr->encmode == IPSECDOI_ATTR_ENC_MODE_TUNNEL || + pr->encmode == IPSECDOI_ATTR_ENC_MODE_UDP_TUNNEL) { xisrlen += (iph2->src->sa_len + iph2->dst->sa_len); memcpy(p, iph2->src, iph2->src->sa_len); @@ -2317,7 +2352,7 @@ pk_recv(so, lenp) u_int32_t pk_getseq() { - return (u_int32_t)random(); + return arc4random(); } static int @@ -2508,7 +2543,7 @@ sadbsecas2str(src, dst, proto, spi, mode) if (doi_proto == ~0) return NULL; if (mode) { - doi_mode = pfkey2ipsecdoi_mode(mode); + doi_mode = pfkey2ipsecdoi_mode(mode, 0); if (doi_mode == ~0) return NULL; } diff --git a/racoon.tproj/pfkey.h b/racoon.tproj/pfkey.h index ebc9ef8..0813dde 100644 --- a/racoon.tproj/pfkey.h +++ b/racoon.tproj/pfkey.h @@ -1,4 +1,4 @@ -/* $KAME: pfkey.h,v 1.19 2001/06/27 15:54:40 sakane Exp $ */ +/* $KAME: pfkey.h,v 1.20 2001/06/28 06:21:04 sakane Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -60,7 +60,7 @@ extern void pfkey_timeover __P((struct ph2handle *)); extern u_int pfkey2ipsecdoi_proto __P((u_int)); extern u_int ipsecdoi2pfkey_proto __P((u_int)); -extern u_int pfkey2ipsecdoi_mode __P((u_int)); +extern u_int pfkey2ipsecdoi_mode __P((u_int, int)); extern u_int ipsecdoi2pfkey_mode __P((u_int)); extern int pfkey_convertfromipsecdoi __P(( u_int, u_int, u_int, diff --git a/racoon.tproj/pfkey2.c b/racoon.tproj/pfkey2.c index 813b304..ad8cc73 100644 --- a/racoon.tproj/pfkey2.c +++ b/racoon.tproj/pfkey2.c @@ -33,6 +33,7 @@ #include #include #include +#include #include #include #include @@ -46,6 +47,8 @@ #include "ipsec_strerror.h" #include "libpfkey.h" +#include "misc.h" +#include "plog.h" #define CALLOC(size, cast) (cast)calloc(1, (size)) @@ -55,7 +58,7 @@ static struct sadb_alg *findsupportedalg __P((u_int, u_int)); static int pfkey_send_x1 __P((int, u_int, u_int, u_int, struct sockaddr *, struct sockaddr *, u_int32_t, u_int32_t, u_int, caddr_t, u_int, u_int, u_int, u_int, u_int, u_int32_t, u_int32_t, - u_int32_t, u_int32_t, u_int32_t)); + u_int32_t, u_int32_t, u_int32_t, u_int16_t)); static int pfkey_send_x2 __P((int, u_int, u_int, u_int, struct sockaddr *, struct sockaddr *, u_int32_t)); static int pfkey_send_x3 __P((int, u_int, u_int)); @@ -66,8 +69,8 @@ static int pfkey_send_x5 __P((int, u_int, u_int32_t)); static caddr_t pfkey_setsadbmsg __P((caddr_t, caddr_t, u_int, u_int, u_int, u_int32_t, pid_t)); -static caddr_t pfkey_setsadbsa __P((caddr_t, caddr_t, u_int32_t, u_int, - u_int, u_int, u_int32_t)); +static caddr_t pfkey_setsadbsa2 __P((caddr_t, caddr_t, u_int32_t, u_int, + u_int, u_int, u_int32_t, u_int16_t)); static caddr_t pfkey_setsadbaddr __P((caddr_t, caddr_t, u_int, struct sockaddr *, u_int, u_int)); static caddr_t pfkey_setsadbkey __P((caddr_t, caddr_t, u_int, caddr_t, u_int)); @@ -470,7 +473,7 @@ pfkey_send_getspi(so, satype, mode, src, dst, min, max, reqid, seq) int pfkey_send_update(so, satype, mode, src, dst, spi, reqid, wsize, keymat, e_type, e_keylen, a_type, a_keylen, flags, - l_alloc, l_bytes, l_addtime, l_usetime, seq) + l_alloc, l_bytes, l_addtime, l_usetime, seq, port) int so; u_int satype, mode, wsize; struct sockaddr *src, *dst; @@ -480,12 +483,13 @@ pfkey_send_update(so, satype, mode, src, dst, spi, reqid, wsize, u_int32_t l_alloc; u_int64_t l_bytes, l_addtime, l_usetime; u_int32_t seq; + u_int16_t port; { int len; if ((len = pfkey_send_x1(so, SADB_UPDATE, satype, mode, src, dst, spi, reqid, wsize, keymat, e_type, e_keylen, a_type, a_keylen, flags, - l_alloc, l_bytes, l_addtime, l_usetime, seq)) < 0) + l_alloc, l_bytes, l_addtime, l_usetime, seq, port)) < 0) return -1; return len; @@ -501,7 +505,7 @@ pfkey_send_update(so, satype, mode, src, dst, spi, reqid, wsize, int pfkey_send_add(so, satype, mode, src, dst, spi, reqid, wsize, keymat, e_type, e_keylen, a_type, a_keylen, flags, - l_alloc, l_bytes, l_addtime, l_usetime, seq) + l_alloc, l_bytes, l_addtime, l_usetime, seq, port) int so; u_int satype, mode, wsize; struct sockaddr *src, *dst; @@ -511,12 +515,13 @@ pfkey_send_add(so, satype, mode, src, dst, spi, reqid, wsize, u_int32_t l_alloc; u_int64_t l_bytes, l_addtime, l_usetime; u_int32_t seq; + u_int16_t port; { int len; if ((len = pfkey_send_x1(so, SADB_ADD, satype, mode, src, dst, spi, reqid, wsize, keymat, e_type, e_keylen, a_type, a_keylen, flags, - l_alloc, l_bytes, l_addtime, l_usetime, seq)) < 0) + l_alloc, l_bytes, l_addtime, l_usetime, seq, port)) < 0) return -1; return len; @@ -1101,7 +1106,7 @@ pfkey_send_spddump(so) static int pfkey_send_x1(so, type, satype, mode, src, dst, spi, reqid, wsize, keymat, e_type, e_keylen, a_type, a_keylen, flags, - l_alloc, l_bytes, l_addtime, l_usetime, seq) + l_alloc, l_bytes, l_addtime, l_usetime, seq, port) int so; u_int type, satype, mode; struct sockaddr *src, *dst; @@ -1110,6 +1115,7 @@ pfkey_send_x1(so, type, satype, mode, src, dst, spi, reqid, wsize, caddr_t keymat; u_int e_type, e_keylen, a_type, a_keylen, flags; u_int32_t l_alloc, l_bytes, l_addtime, l_usetime, seq; + u_int16_t port; { struct sadb_msg *newmsg; int len; @@ -1172,7 +1178,7 @@ pfkey_send_x1(so, type, satype, mode, src, dst, spi, reqid, wsize, /* create new sadb_msg to reply. */ len = sizeof(struct sadb_msg) - + sizeof(struct sadb_sa) + + sizeof(struct sadb_sa_2) + sizeof(struct sadb_x_sa2) + sizeof(struct sadb_address) + PFKEY_ALIGN8(src->sa_len) @@ -1198,7 +1204,7 @@ pfkey_send_x1(so, type, satype, mode, src, dst, spi, reqid, wsize, free(newmsg); return -1; } - p = pfkey_setsadbsa(p, ep, spi, wsize, a_type, e_type, flags); + p = pfkey_setsadbsa2(p, ep, spi, wsize, a_type, e_type, flags, port); if (!p) { free(newmsg); return -1; @@ -1300,7 +1306,7 @@ pfkey_send_x2(so, type, satype, mode, src, dst, spi) /* create new sadb_msg to reply. */ len = sizeof(struct sadb_msg) - + sizeof(struct sadb_sa) + + sizeof(struct sadb_sa_2) + sizeof(struct sadb_address) + PFKEY_ALIGN8(src->sa_len) + sizeof(struct sadb_address) @@ -1318,7 +1324,7 @@ pfkey_send_x2(so, type, satype, mode, src, dst, spi) free(newmsg); return -1; } - p = pfkey_setsadbsa(p, ep, spi, 0, 0, 0, 0); + p = pfkey_setsadbsa2(p, ep, spi, 0, 0, 0, 0, 0); if (!p) { free(newmsg); return -1; @@ -1564,7 +1570,11 @@ int pfkey_open() { int so; - const int bufsiz = 128 * 1024; /*is 128K enough?*/ + int bufsiz = 0; /* Max allowed by default */ + const unsigned long newbufk = 512; + unsigned long oldmax; + size_t oldmaxsize = sizeof(oldmax); + unsigned long newmax = newbufk * (1024 + 128); if ((so = socket(PF_KEY, SOCK_RAW, PF_KEY_V2)) < 0) { __ipsec_set_strerror(strerror(errno)); @@ -1575,8 +1585,26 @@ pfkey_open() * This is a temporary workaround for KAME PR 154. * Don't really care even if it fails. */ - (void)setsockopt(so, SOL_SOCKET, SO_SNDBUF, &bufsiz, sizeof(bufsiz)); - (void)setsockopt(so, SOL_SOCKET, SO_RCVBUF, &bufsiz, sizeof(bufsiz)); + if (sysctlbyname("kern.ipc.maxsockbuf", &oldmax, &oldmaxsize, &newmax, sizeof(newmax)) != 0) { + plog(LLV_WARNING, LOCATION, NULL, + "sysctlbyname kern.ipc.maxsockbuf failed: %s\n", strerror(errno)); + bufsiz = 233016; /* Max allowed by default */ + } + else + { + bufsiz = newbufk * 1024; + } + if (setsockopt(so, SOL_SOCKET, SO_SNDBUF, &bufsiz, sizeof(bufsiz)) != 0) + plog(LLV_ERROR, LOCATION, NULL, + "setsockopt SOL_SOCKET SO_SNDBUF failed: %s\n", strerror(errno)); + if (setsockopt(so, SOL_SOCKET, SO_RCVBUF, &bufsiz, sizeof(bufsiz)) != 0) + plog(LLV_ERROR, LOCATION, NULL, + "setsockopt SOL_SOCKET SO_RCVBUF failed: %s\n", strerror(errno)); + + if (bufsiz == newbufk * 1024) + if (sysctlbyname("kern.ipc.maxsockbuf", NULL, NULL, &oldmax, oldmaxsize) != 0) + plog(LLV_WARNING, LOCATION, NULL, + "sysctlbyname kern.ipc.maxsockbuf (restore) failed: %s\n", strerror(errno)); __ipsec_errcode = EIPSEC_NO_ERROR; return so; @@ -1937,30 +1965,34 @@ pfkey_setsadbmsg(buf, lim, type, tlen, satype, seq, pid) * `buf' must has been allocated sufficiently. */ static caddr_t -pfkey_setsadbsa(buf, lim, spi, wsize, auth, enc, flags) +pfkey_setsadbsa2(buf, lim, spi, wsize, auth, enc, flags, port) caddr_t buf; caddr_t lim; u_int32_t spi, flags; u_int wsize, auth, enc; + u_int16_t port; { - struct sadb_sa *p; + struct sadb_sa_2 *p; u_int len; - p = (struct sadb_sa *)buf; - len = sizeof(struct sadb_sa); + p = (struct sadb_sa_2 *)buf; + len = sizeof(struct sadb_sa_2); if (buf + len > lim) return NULL; memset(p, 0, len); - p->sadb_sa_len = PFKEY_UNIT64(len); - p->sadb_sa_exttype = SADB_EXT_SA; - p->sadb_sa_spi = spi; - p->sadb_sa_replay = wsize; - p->sadb_sa_state = SADB_SASTATE_LARVAL; - p->sadb_sa_auth = auth; - p->sadb_sa_encrypt = enc; - p->sadb_sa_flags = flags; + p->sa.sadb_sa_len = PFKEY_UNIT64(len); + p->sa.sadb_sa_exttype = SADB_EXT_SA; + p->sa.sadb_sa_spi = spi; + p->sa.sadb_sa_replay = wsize; + p->sa.sadb_sa_state = SADB_SASTATE_LARVAL; + p->sa.sadb_sa_auth = auth; + p->sa.sadb_sa_encrypt = enc; + p->sa.sadb_sa_flags = flags; + p->sadb_sa_natt_port = port; + + printf("pfkey_setsadbsa2: flags = 0x%X, port = %u.\n", flags, ntohs(port)); return(buf + len); } diff --git a/racoon.tproj/pfkey_dump.c b/racoon.tproj/pfkey_dump.c index 485ed46..507a0dd 100644 --- a/racoon.tproj/pfkey_dump.c +++ b/racoon.tproj/pfkey_dump.c @@ -506,8 +506,8 @@ str_prefport(family, pref, port) u_int family, pref, port; { static char buf[128]; - char prefbuf[10]; - char portbuf[10]; + char prefbuf[20]; + char portbuf[20]; int plen; switch (family) { diff --git a/racoon.tproj/plog.c b/racoon.tproj/plog.c index d864f1c..b7141e3 100644 --- a/racoon.tproj/plog.c +++ b/racoon.tproj/plog.c @@ -1,4 +1,4 @@ -/* $KAME: plog.c,v 1.19 2001/09/23 12:40:32 itojun Exp $ */ +/* $KAME: plog.c,v 1.23 2002/05/07 08:56:19 sakane Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -76,7 +76,7 @@ static struct plogtags { { "(not defined)", 0, }, { "INFO", LOG_INFO, }, { "NOTIFY", LOG_INFO, }, - { "WARNING", LOG_INFO, }, + { "WARNING", LOG_INFO, }, { "ERROR", LOG_INFO, }, { "DEBUG", LOG_DEBUG, }, { "DEBUG2", LOG_DEBUG, }, @@ -142,6 +142,12 @@ plogv(int pri, const char *func, struct sockaddr *sa, if (f_foreground) vprintf(newfmt, ap); + + /* + * If we're not running in the foreground and the loglevel is + * set to the default, don't dump LLV_INFO message to the log. + */ + if (!f_foreground && pri == LLV_INFO && loglevel == LLV_BASE) return; if (logfile) log_vaprint(logp, newfmt, ap); diff --git a/racoon.tproj/plog.h b/racoon.tproj/plog.h index a8d21b4..1302bd4 100644 --- a/racoon.tproj/plog.h +++ b/racoon.tproj/plog.h @@ -1,4 +1,4 @@ -/* $KAME: plog.h,v 1.7 2001/01/10 02:58:58 sakane Exp $ */ +/* $KAME: plog.h,v 1.10 2002/05/07 08:56:19 sakane Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. diff --git a/racoon.tproj/policy.c b/racoon.tproj/policy.c index 7ab1e5f..8bb16a7 100644 --- a/racoon.tproj/policy.c +++ b/racoon.tproj/policy.c @@ -1,4 +1,4 @@ -/* $KAME: policy.c,v 1.45 2001/10/16 14:55:57 sakane Exp $ */ +/* $KAME: policy.c,v 1.46 2001/11/16 04:08:10 sakane Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. diff --git a/racoon.tproj/policy.h b/racoon.tproj/policy.h index a9bd525..e43ded0 100644 --- a/racoon.tproj/policy.h +++ b/racoon.tproj/policy.h @@ -1,4 +1,4 @@ -/* $KAME: policy.h,v 1.17 2001/06/27 15:55:58 sakane Exp $ */ +/* $KAME: policy.h,v 1.18 2001/10/02 04:10:17 sakane Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. diff --git a/racoon.tproj/proposal.c b/racoon.tproj/proposal.c index bb284f9..ecd74b5 100644 --- a/racoon.tproj/proposal.c +++ b/racoon.tproj/proposal.c @@ -1,4 +1,4 @@ -/* $KAME: proposal.c,v 1.45 2001/11/16 04:08:10 sakane Exp $ */ +/* $KAME: proposal.c,v 1.48 2002/05/07 09:32:50 sakane Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -54,6 +54,7 @@ #include "pfkey.h" #include "isakmp_var.h" #include "isakmp.h" +#include "isakmp_natd.h" #include "ipsec_doi.h" #include "algorithm.h" #include "proposal.h" @@ -937,7 +938,8 @@ set_proposal_from_policy(iph2, sp_main, sp_sub) encmodesv = IPSEC_MODE_TRANSPORT; for (req = sp_main->req; req; req = req->next) { if (req->saidx.mode == IPSEC_MODE_TUNNEL) { - encmodesv = pfkey2ipsecdoi_mode(req->saidx.mode); + encmodesv = pfkey2ipsecdoi_mode(req->saidx.mode, + iph2->ph1 && natd_hasnat(iph2->ph1)); break; } } @@ -979,11 +981,15 @@ set_proposal_from_policy(iph2, sp_main, sp_sub) newpr->proto_id = ipproto2doi(req->saidx.proto); newpr->spisize = 4; if (lcconf->complex_bundle) - newpr->encmode = pfkey2ipsecdoi_mode(req->saidx.mode); + newpr->encmode = pfkey2ipsecdoi_mode(req->saidx.mode, + iph2->ph1 && natd_hasnat(iph2->ph1)); else newpr->encmode = encmodesv; - newpr->reqid_out = req->saidx.reqid; + if (iph2->side == INITIATOR) + newpr->reqid_out = req->saidx.reqid; + else + newpr->reqid_in = req->saidx.reqid; if (set_satrnsbysainfo(newpr, iph2->sainfo) < 0) { plog(LLV_ERROR, LOCATION, NULL, @@ -1002,7 +1008,10 @@ set_proposal_from_policy(iph2, sp_main, sp_sub) req = sp_sub->req; pr = newpp->head; while (req && pr) { - pr->reqid_in = req->saidx.reqid; + if (iph2->side == INITIATOR) + pr->reqid_in = req->saidx.reqid; + else + pr->reqid_out = req->saidx.reqid; pr = pr->next; req = req->next; } @@ -1031,7 +1040,7 @@ int set_proposal_from_proposal(iph2) struct ph2handle *iph2; { - struct saprop *newpp = NULL, *pp0, *pp_peer; + struct saprop *newpp = NULL, *pp0, *pp_peer = NULL; struct saproto *newpr = NULL, *pr; struct prop_pair **pair; int error = -1; @@ -1108,6 +1117,8 @@ end: if (error && newpp) flushsaprop(newpp); + if (pp_peer) + flushsaprop(pp_peer); free_proppair(pair); return error; } diff --git a/racoon.tproj/proposal.h b/racoon.tproj/proposal.h index d1501a7..d38291e 100644 --- a/racoon.tproj/proposal.h +++ b/racoon.tproj/proposal.h @@ -1,4 +1,4 @@ -/* $KAME: proposal.h,v 1.15 2001/04/06 14:23:48 sakane Exp $ */ +/* $KAME: proposal.h,v 1.16 2001/08/16 05:02:13 itojun Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. diff --git a/racoon.tproj/racoon.8 b/racoon.tproj/racoon.8 index 8c4db9b..210f0c6 100644 --- a/racoon.tproj/racoon.8 +++ b/racoon.tproj/racoon.8 @@ -1,4 +1,4 @@ -.\" $KAME: racoon.8,v 1.28 2001/10/19 05:04:32 sakane Exp $ +.\" $KAME: racoon.8,v 1.30 2002/04/26 02:53:11 itojun Exp $ .\" .\" Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. .\" All rights reserved. @@ -114,21 +114,21 @@ You have to configure .Xr syslog.conf 5 if you want to see them in a logging file. .\" +.Sh RETURN VALUES +The command exits with 0 on success, and non-zero on errors. +.\" .Sh FILES .Bl -tag -width /usr/local/v6/etc/racoon.conf -compact .It Pa /usr/local/v6/etc/racoon.conf default configuration file. .El .\" -.Sh RETURN VALUES -The command exits with 0 on success, and non-zero on errors. -.\" .Sh SEE ALSO .Xr ipsec 4 , .Xr racoon.conf 5 , +.Xr syslog.conf 5 , .Xr setkey 8 , .Xr syslogd 8 -.Xr syslog.conf 5 .\" .Sh HISTORY The diff --git a/racoon.tproj/racoon.conf b/racoon.tproj/racoon.conf index 9487f2a..8eff697 100644 --- a/racoon.tproj/racoon.conf +++ b/racoon.tproj/racoon.conf @@ -3,7 +3,10 @@ # "path" must be placed before it should be used. # You can overwrite which you defined, but it should not use due to confusing. path include "/etc/racoon" ; -#include "remote.conf" ; + +# Allow third parties the ability to specify remote and sainfo entries +# by including all files matching /etc/racoon/remote/*.conf +include "/etc/racoon/remote/*.conf" ; # search this file for pre_shared_key with various ID key. path pre_shared_key "/etc/racoon/psk.txt" ; @@ -39,40 +42,43 @@ listen timer { # These value can be changed per remote node. - counter 5; # maximum trying count to send. - interval 20 sec; # maximum interval to resend. + counter 10; # maximum trying count to send. + interval 3 sec; # interval to resend (retransmit) persend 1; # the number of packets per a send. # timer for waiting to complete each phase. phase1 30 sec; - phase2 15 sec; + phase2 30 sec; } -remote anonymous -{ - #exchange_mode main,aggressive; - exchange_mode aggressive,main; - doi ipsec_doi; - situation identity_only; - - #my_identifier address; - my_identifier user_fqdn "macuser@localhost"; - peers_identifier user_fqdn "macuser@localhost"; - #certificate_type x509 "mycert" "mypriv"; - - nonce_size 16; - lifetime time 1 min; # sec,min,hour - initial_contact on; - support_mip6 on; - proposal_check obey; # obey, strict or claim - - proposal { - encryption_algorithm 3des; - hash_algorithm sha1; - authentication_method pre_shared_key ; - dh_group 2 ; - } -} +# +# anonymous entry is defined in /etc/racoon/remote/anonymous.conf +# +#remote anonymous +#{ +# #exchange_mode main,aggressive; +# exchange_mode aggressive,main; +# doi ipsec_doi; +# situation identity_only; +# +# #my_identifier address; +# my_identifier user_fqdn "macuser@localhost"; +# peers_identifier user_fqdn "macuser@localhost"; +# #certificate_type x509 "mycert" "mypriv"; +# +# nonce_size 16; +# lifetime time 1 min; # sec,min,hour +# initial_contact on; +# support_mip6 on; +# proposal_check obey; # obey, strict or claim +# +# proposal { +# encryption_algorithm 3des; +# hash_algorithm sha1; +# authentication_method pre_shared_key ; +# dh_group 2 ; +# } +#} remote ::1 [8000] { @@ -96,14 +102,17 @@ remote ::1 [8000] } } -sainfo anonymous -{ - pfs_group 1; - lifetime time 30 sec; - encryption_algorithm 3des ; - authentication_algorithm hmac_sha1; - compression_algorithm deflate ; -} +# +# anonymous entry is defined in /etc/racoon/remote/anonymous.conf +# +#sainfo anonymous +#{ +# pfs_group 1; +# lifetime time 30 sec; +# encryption_algorithm aes, 3des ; +# authentication_algorithm hmac_sha1; +# compression_algorithm deflate ; +#} # sainfo address 203.178.141.209 any address 203.178.141.218 any # { diff --git a/racoon.tproj/racoon.conf.5 b/racoon.tproj/racoon.conf.5 index ec8f822..e9de0b6 100644 --- a/racoon.tproj/racoon.conf.5 +++ b/racoon.tproj/racoon.conf.5 @@ -1,4 +1,4 @@ -.\" $KAME: racoon.conf.5,v 1.96 2002/02/21 14:30:21 sakane Exp $ +.\" $KAME: racoon.conf.5,v 1.102 2003/04/07 00:46:19 itojun Exp $ .\" .\" Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. .\" All rights reserved. @@ -219,9 +219,9 @@ This statement will be ignored if you do not specify any addresses. .Xc specifies the parameters for IKE phase 1 for each remote node. The default port is 500. -If +If .Ic anonymous -is specified, the statements apply to all peers which do not match +is specified, the statements apply to all peers which do not match any other .Ic remote directive. @@ -238,7 +238,7 @@ All of the modes are acceptable. The first exchange mode is what racoon uses when it is the initiator. .\" .It Ic doi Ic ipsec_doi ; -means to use IPSEC-DOI as specified RFC 2407. +means to use IPsec-DOI as specified RFC 2407. You can omit this statement. .\" .It Ic situation Ic identity_only ; @@ -274,7 +274,7 @@ If is omitted, .Xr racoon 8 will get DN from Subject field in the certificate. -.El +.El .\" .It Ic peers_identifier Ar idtype ... ; specifies the peer's identifier to be received. @@ -415,9 +415,10 @@ will choice the first proposal in the SA payload from the initiator, and generate policy entries from the proposal. It is useful to negotiate with the client which is allocated IP address dynamically. -Note that inappropriate policy might be installed by the initiator -because the responder just installs policies as the initiator proposes. -So that other communication might fail if such policies installed. +Note that inappropriate policy might be installed into the responder's SPD +by the initiator. +So that other communication might fail if such policies installed +due to some policy mismatches between the initiator and the responder. This directive is ignored in the initiator case. The default value is .Ic off . @@ -670,7 +671,7 @@ Note that the file must be owned by the user ID running .Pq usually the privileged user , and must not be accessible by others. .\" -.Sh EXAMPLE +.Sh EXAMPLES The following shows how the remote directive should be configured. .Bd -literal -offset path pre_shared_key "/usr/local/v6/etc/psk.txt" ; @@ -695,7 +696,7 @@ sainfo anonymous compression_algorithm deflate ; } .Ed - +.Pp The following is a sample of the file defined pre-shared key. .Bd -literal -offset 10.160.94.3 mekmitasdigoat diff --git a/racoon.tproj/remoteconf.c b/racoon.tproj/remoteconf.c index 0908976..9e569b1 100644 --- a/racoon.tproj/remoteconf.c +++ b/racoon.tproj/remoteconf.c @@ -1,4 +1,4 @@ -/* $KAME: remoteconf.c,v 1.28 2001/10/02 03:46:41 sakane Exp $ */ +/* $KAME: remoteconf.c,v 1.29 2001/12/07 08:39:39 sakane Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -180,6 +180,15 @@ delrmconf(rmconf) oakley_dhgrp_free(rmconf->dhgrp); if (rmconf->proposal) delisakmpsa(rmconf->proposal); + if (rmconf->idv) + vfree(rmconf->idv); + if (rmconf->idv_p) + vfree(rmconf->idv_p); + if (rmconf->remote) + racoon_free(rmconf->remote); + if (rmconf->shared_secret) + vfree(rmconf->shared_secret); + racoon_free(rmconf); } diff --git a/racoon.tproj/remoteconf.h b/racoon.tproj/remoteconf.h index dcccbe9..fd3c898 100644 --- a/racoon.tproj/remoteconf.h +++ b/racoon.tproj/remoteconf.h @@ -1,4 +1,4 @@ -/* $KAME: remoteconf.h,v 1.26 2001/09/26 05:30:35 sakane Exp $ */ +/* $KAME: remoteconf.h,v 1.27 2001/12/07 08:39:39 sakane Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -53,6 +53,9 @@ struct remoteconf { int idvtype_p; /* peer's identifier type */ vchar_t *idv_p; /* peer's identifier */ + int secrettype; /* type of secret [use, key, keychain] */ + vchar_t *shared_secret; /* shared secret */ + int certtype; /* certificate type if need */ char *mycertfile; /* file name of my certificate */ char *myprivfile; /* file name of my private key file */ diff --git a/racoon.tproj/safefile.c b/racoon.tproj/safefile.c index e59ca11..19dd9fb 100644 --- a/racoon.tproj/safefile.c +++ b/racoon.tproj/safefile.c @@ -1,4 +1,4 @@ -/* $KAME: safefile.c,v 1.4 2000/12/15 13:43:57 sakane Exp $ */ +/* $KAME: safefile.c,v 1.5 2001/03/05 19:54:06 thorpej Exp $ */ /* * Copyright (C) 2000 WIDE Project. diff --git a/racoon.tproj/safefile.h b/racoon.tproj/safefile.h index 54a3ce6..aa61ecb 100644 --- a/racoon.tproj/safefile.h +++ b/racoon.tproj/safefile.h @@ -1,6 +1,6 @@ -/* $KAME$ */ +/* $KAME: safefile.h,v 1.2 2000/09/13 04:50:28 itojun Exp $ */ -/* $KAME: safefile.h,v 1.1 2000/06/13 05:01:41 itojun Exp $ */ +/* $KAME: safefile.h,v 1.2 2000/09/13 04:50:28 itojun Exp $ */ /* * Copyright (C) 2000 WIDE Project. diff --git a/racoon.tproj/sainfo.c b/racoon.tproj/sainfo.c index 32bc20e..1ba2135 100644 --- a/racoon.tproj/sainfo.c +++ b/racoon.tproj/sainfo.c @@ -1,4 +1,4 @@ -/* $KAME: sainfo.c,v 1.14 2001/04/03 15:51:56 thorpej Exp $ */ +/* $KAME: sainfo.c,v 1.15 2001/11/16 04:12:59 sakane Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. diff --git a/racoon.tproj/sainfo.h b/racoon.tproj/sainfo.h index 1d27ad5..5a3a841 100644 --- a/racoon.tproj/sainfo.h +++ b/racoon.tproj/sainfo.h @@ -1,4 +1,4 @@ -/* $KAME: sainfo.h,v 1.6 2000/10/04 17:41:03 itojun Exp $ */ +/* $KAME: sainfo.h,v 1.7 2000/10/11 19:54:08 sakane Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. diff --git a/racoon.tproj/schedule.c b/racoon.tproj/schedule.c index 7b4a2fb..dd3f5dc 100644 --- a/racoon.tproj/schedule.c +++ b/racoon.tproj/schedule.c @@ -1,4 +1,4 @@ -/* $KAME: schedule.c,v 1.18 2001/10/08 23:58:22 sakane Exp $ */ +/* $KAME: schedule.c,v 1.19 2001/11/05 10:53:19 sakane Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. diff --git a/racoon.tproj/schedule.h b/racoon.tproj/schedule.h index 94e7932..b793bb6 100644 --- a/racoon.tproj/schedule.h +++ b/racoon.tproj/schedule.h @@ -1,4 +1,4 @@ -/* $KAME: schedule.h,v 1.11 2000/10/04 17:41:03 itojun Exp $ */ +/* $KAME: schedule.h,v 1.12 2001/03/06 20:41:02 thorpej Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. diff --git a/racoon.tproj/session.c b/racoon.tproj/session.c index a6c9e78..1c21779 100644 --- a/racoon.tproj/session.c +++ b/racoon.tproj/session.c @@ -1,4 +1,4 @@ -/* $KAME: session.c,v 1.27 2001/11/16 04:34:57 sakane Exp $ */ +/* $KAME: session.c,v 1.31 2002/11/20 02:06:18 itojun Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -156,12 +156,16 @@ session(void) continue; if (FD_ISSET(p->sock, &rfds)) isakmp_handler(p->sock); +#ifdef IKE_NAT_T + if (p->nattsock >= 0 && FD_ISSET(p->nattsock, &rfds)) + isakmp_natt_handler(p->nattsock); +#endif } if (FD_ISSET(lcconf->sock_pfkey, &rfds)) pfkey_handler(); - if (FD_ISSET(lcconf->rtsock, &rfds)) { + if (lcconf->rtsock >= 0 && FD_ISSET(lcconf->rtsock, &rfds)) { if (update_myaddrs() && lcconf->autograbaddr) sched_new(5, check_rtsock, NULL); initfds(); @@ -204,19 +208,47 @@ initfds() FD_ZERO(&mask0); #ifdef ENABLE_ADMINPORT + if (lcconf->sock_admin >= FD_SETSIZE) { + plog(LLV_ERROR, LOCATION, NULL, "fd_set overrun\n"); + exit(1); + } FD_SET(lcconf->sock_admin, &mask0); nfds = (nfds > lcconf->sock_admin ? nfds : lcconf->sock_admin); #endif + if (lcconf->sock_pfkey >= FD_SETSIZE) { + plog(LLV_ERROR, LOCATION, NULL, "fd_set overrun\n"); + exit(1); + } FD_SET(lcconf->sock_pfkey, &mask0); nfds = (nfds > lcconf->sock_pfkey ? nfds : lcconf->sock_pfkey); - FD_SET(lcconf->rtsock, &mask0); - nfds = (nfds > lcconf->rtsock ? nfds : lcconf->rtsock); + if (lcconf->rtsock >= 0) { + if (lcconf->rtsock >= FD_SETSIZE) { + plog(LLV_ERROR, LOCATION, NULL, "fd_set overrun\n"); + exit(1); + } + FD_SET(lcconf->rtsock, &mask0); + nfds = (nfds > lcconf->rtsock ? nfds : lcconf->rtsock); + } for (p = lcconf->myaddrs; p; p = p->next) { if (!p->addr) continue; + if (p->sock >= FD_SETSIZE) { + plog(LLV_ERROR, LOCATION, NULL, "fd_set overrun\n"); + exit(1); + } FD_SET(p->sock, &mask0); nfds = (nfds > p->sock ? nfds : p->sock); +#ifdef IKE_NAT_T + if (p->nattsock >= 0) { + if (p-> nattsock >= FD_SETSIZE) { + plog(LLV_ERROR, LOCATION, NULL, "fd_set overrun\n"); + exit(1); + } + FD_SET(p->nattsock, &mask0); + nfds = (nfds > p->nattsock ? nfds : p->nattsock); + } +#endif } nfds++; } @@ -261,6 +293,8 @@ signal_handler(sig) } } +extern int cfreparse(void); + static void check_sigreq() { @@ -344,6 +378,8 @@ check_flushsa() msg = next; } + + if (buf) vfree(buf); if (n) { sched_new(1, check_flushsa_stub, NULL); diff --git a/racoon.tproj/session.h b/racoon.tproj/session.h index ecd4ab5..78704d7 100644 --- a/racoon.tproj/session.h +++ b/racoon.tproj/session.h @@ -1,4 +1,4 @@ -/* $KAME: session.h,v 1.3 2000/09/13 04:50:29 itojun Exp $ */ +/* $KAME: session.h,v 1.4 2000/10/04 17:41:04 itojun Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. diff --git a/racoon.tproj/sockmisc.c b/racoon.tproj/sockmisc.c index 15883ba..24abd4e 100644 --- a/racoon.tproj/sockmisc.c +++ b/racoon.tproj/sockmisc.c @@ -1,4 +1,4 @@ -/* $KAME: sockmisc.c,v 1.34 2001/12/07 21:35:46 sakane Exp $ */ +/* $KAME: sockmisc.c,v 1.36 2002/04/15 06:20:08 sakane Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -531,6 +531,7 @@ sendfromto(s, buf, buflen, src, dst, cnt) (void *)&yes, sizeof(yes)) < 0) { plog(LLV_ERROR, LOCATION, NULL, "setsockopt (%s)\n", strerror(errno)); + close(sendsock); return -1; } #ifdef IPV6_USE_MIN_MTU @@ -539,15 +540,19 @@ sendfromto(s, buf, buflen, src, dst, cnt) (void *)&yes, sizeof(yes)) < 0) { plog(LLV_ERROR, LOCATION, NULL, "setsockopt (%s)\n", strerror(errno)); + close(sendsock); return -1; } #endif - if (setsockopt_bypass(sendsock, src->sa_family) < 0) + if (setsockopt_bypass(sendsock, src->sa_family) < 0) { + close(sendsock); return -1; + } if (bind(sendsock, (struct sockaddr *)src, src->sa_len) < 0) { plog(LLV_ERROR, LOCATION, NULL, "bind 1 (%s)\n", strerror(errno)); + close(sendsock); return -1; } needclose = 1; @@ -558,6 +563,8 @@ sendfromto(s, buf, buflen, src, dst, cnt) if (len < 0) { plog(LLV_ERROR, LOCATION, NULL, "sendto (%s)\n", strerror(errno)); + if (needclose) + close(sendsock); return len; } plog(LLV_DEBUG, LOCATION, NULL, @@ -742,6 +749,7 @@ str2saddr(host, port) return NULL; } memcpy(saddr, res->ai_addr, res->ai_addrlen); + freeaddrinfo(res); return saddr; } diff --git a/racoon.tproj/sockmisc.h b/racoon.tproj/sockmisc.h index 22d5b4f..5b786df 100644 --- a/racoon.tproj/sockmisc.h +++ b/racoon.tproj/sockmisc.h @@ -1,4 +1,4 @@ -/* $KAME: sockmisc.h,v 1.11 2001/08/16 14:37:29 itojun Exp $ */ +/* $KAME: sockmisc.h,v 1.12 2001/12/07 08:39:39 sakane Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. diff --git a/racoon.tproj/str2val.c b/racoon.tproj/str2val.c index 72aee51..fa8c6cf 100644 --- a/racoon.tproj/str2val.c +++ b/racoon.tproj/str2val.c @@ -1,4 +1,4 @@ -/* $KAME: str2val.c,v 1.10 2001/04/03 15:51:57 thorpej Exp $ */ +/* $KAME: str2val.c,v 1.11 2001/08/16 14:37:29 itojun Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. diff --git a/racoon.tproj/str2val.h b/racoon.tproj/str2val.h index 15f5245..a100da8 100644 --- a/racoon.tproj/str2val.h +++ b/racoon.tproj/str2val.h @@ -1,4 +1,4 @@ -/* $KAME: str2val.h,v 1.5 2000/10/04 17:41:04 itojun Exp $ */ +/* $KAME: str2val.h,v 1.6 2001/08/16 14:37:29 itojun Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. diff --git a/racoon.tproj/strnames.c b/racoon.tproj/strnames.c index 10c6094..d8d77a5 100644 --- a/racoon.tproj/strnames.c +++ b/racoon.tproj/strnames.c @@ -1,4 +1,4 @@ -/* $KAME: strnames.c,v 1.22 2001/11/16 04:12:59 sakane Exp $ */ +/* $KAME: strnames.c,v 1.23 2001/12/12 18:23:42 sakane Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -293,6 +293,8 @@ static struct ksmap name_isakmp_nptype[] = { { ISAKMP_NPTYPE_D, "delete", NULL }, { ISAKMP_NPTYPE_VID, "vid", NULL }, { ISAKMP_NPTYPE_GSS, "gss id", NULL }, +{ 0, "", NULL }, +{ ISAKMP_NPTYPE_NATD, "natd", NULL } }; char * @@ -456,6 +458,8 @@ static struct ksmap name_attr_ipsec_encmode[] = { { IPSECDOI_ATTR_ENC_MODE_ANY, "Any", NULL }, { IPSECDOI_ATTR_ENC_MODE_TUNNEL, "Tunnel", NULL }, { IPSECDOI_ATTR_ENC_MODE_TRNS, "Transport", NULL }, +{ IPSECDOI_ATTR_ENC_MODE_UDP_TUNNEL, "UDP Encapsulated Tunnel", NULL }, +{ IPSECDOI_ATTR_ENC_MODE_UDP_TRNS, "UDP Encapsulated Transport", NULL }, }; char * diff --git a/racoon.tproj/strnames.h b/racoon.tproj/strnames.h index e84666f..587ada3 100644 --- a/racoon.tproj/strnames.h +++ b/racoon.tproj/strnames.h @@ -1,4 +1,4 @@ -/* $KAME: strnames.h,v 1.11 2001/07/14 14:06:40 sakane Exp $ */ +/* $KAME: strnames.h,v 1.12 2001/08/09 07:32:19 sakane Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. diff --git a/racoon.tproj/var.h b/racoon.tproj/var.h index a4b4ff2..a4d3891 100644 --- a/racoon.tproj/var.h +++ b/racoon.tproj/var.h @@ -1,4 +1,4 @@ -/* $KAME: var.h,v 1.11 2001/07/14 05:48:33 sakane Exp $ */ +/* $KAME: var.h,v 1.12 2001/11/13 12:38:51 jinmei Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. diff --git a/racoon.tproj/vendorid.c b/racoon.tproj/vendorid.c index 088226b..7c57233 100644 --- a/racoon.tproj/vendorid.c +++ b/racoon.tproj/vendorid.c @@ -1,4 +1,4 @@ -/* $KAME: vendorid.c,v 1.7 2000/12/15 13:43:57 sakane Exp $ */ +/* $KAME: vendorid.c,v 1.8 2001/03/27 02:39:57 thorpej Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. diff --git a/racoon.tproj/vendorid.h b/racoon.tproj/vendorid.h index 84ed725..cf4785d 100644 --- a/racoon.tproj/vendorid.h +++ b/racoon.tproj/vendorid.h @@ -1,4 +1,4 @@ -/* $KAME: vendorid.h,v 1.5 2000/10/04 17:41:04 itojun Exp $ */ +/* $KAME: vendorid.h,v 1.6 2001/03/27 02:39:58 thorpej Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -45,8 +45,9 @@ ((x) == VENDORID_GSSAPI_LONG || \ (x) == VENDORID_GSSAPI || \ (x) == VENDORID_MS_NT5) +#define VENDORID_NATT 4 -#define NUMVENDORIDS 4 +#define NUMVENDORIDS 5 #define VENDORID_STRINGS \ { \ @@ -54,6 +55,7 @@ "A GSS-API Authentication Method for IKE", \ "GSSAPI", \ "MS NT5 ISAKMPOAKLEY", \ + "draft-ietf-ipsec-nat-t-ike" \ } extern const char *vendorid_strings[]; diff --git a/racoon.tproj/vmbuf.c b/racoon.tproj/vmbuf.c index cdb4110..1533131 100644 --- a/racoon.tproj/vmbuf.c +++ b/racoon.tproj/vmbuf.c @@ -1,4 +1,4 @@ -/* $KAME: vmbuf.c,v 1.10 2001/04/03 15:51:57 thorpej Exp $ */ +/* $KAME: vmbuf.c,v 1.11 2001/11/26 16:54:29 sakane Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. diff --git a/racoon.tproj/vmbuf.h b/racoon.tproj/vmbuf.h index 0a2a1b9..829c0f2 100644 --- a/racoon.tproj/vmbuf.h +++ b/racoon.tproj/vmbuf.h @@ -1,4 +1,4 @@ -/* $KAME: vmbuf.h,v 1.7 2000/10/04 17:41:05 itojun Exp $ */ +/* $KAME: vmbuf.h,v 1.8 2001/12/12 21:18:33 sakane Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. diff --git a/racoonctl.tproj/PB.project b/racoonctl.tproj/PB.project deleted file mode 100644 index 8651f3e..0000000 --- a/racoonctl.tproj/PB.project +++ /dev/null @@ -1,35 +0,0 @@ -{ - "DYNAMIC_CODE_GEN" = YES; - FILESTABLE = { - FRAMEWORKS = (); - "H_FILES" = ("misc.h", "str2val.h", "vmbuf.h"); - "OTHER_LIBS" = (ipsec); - "OTHER_LINKED" = ( - "key_debug.c", - "kmpstat.c", - "misc.c", - "pfkey.c", - "pfkey_dump.c", - "str2val.c", - "vmbuf.c" - ); - "OTHER_SOURCES" = ("Makefile.preamble", Makefile, "Makefile.postamble"); - }; - LANGUAGE = English; - MAKEFILEDIR = "$(MAKEFILEPATH)/pb_makefiles"; - "NEXTSTEP_BUILDTOOL" = "/bin/gnumake"; - "NEXTSTEP_INSTALLDIR" = "/bin"; - "NEXTSTEP_JAVA_COMPILER" = "/usr/bin/javac"; - "NEXTSTEP_OBJCPLUS_COMPILER" = "/usr/bin/cc"; - "PDO_UNIX_BUILDTOOL" = "$NEXT_ROOT/Developer/bin/make"; - "PDO_UNIX_INSTALLDIR" = "/bin"; - "PDO_UNIX_JAVA_COMPILER" = "$(JDKBINDIR)/javac"; - "PDO_UNIX_OBJCPLUS_COMPILER" = "$(NEXTDEV_BIN)/gcc"; - PROJECTNAME = racoonctl; - PROJECTTYPE = Tool; - PROJECTVERSION = "2.8"; - "WINDOWS_BUILDTOOL" = "$NEXT_ROOT/Developer/Executables/make"; - "WINDOWS_INSTALLDIR" = "/Library/Executables"; - "WINDOWS_JAVA_COMPILER" = "$(JDKBINDIR)/javac.exe"; - "WINDOWS_OBJCPLUS_COMPILER" = "$(DEVDIR)/gcc"; -} diff --git a/racoonctl.tproj/key_debug.c b/racoonctl.tproj/key_debug.c deleted file mode 100644 index 7ace6be..0000000 --- a/racoonctl.tproj/key_debug.c +++ /dev/null @@ -1,751 +0,0 @@ -/* $FreeBSD: src/sys/netkey/key_debug.c,v 1.10.2.2 2001/07/03 11:01:59 ume Exp $ */ -/* $KAME: key_debug.c,v 1.25 2000/07/24 13:23:12 itojun Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef _KERNEL -#include "opt_inet.h" -#include "opt_inet6.h" -#include "opt_ipsec.h" -#endif - -#include -#include -#ifdef _KERNEL -#include -#include -#include -#endif -#include - -#include - -#include -#include - -#include -#include - -#ifndef _KERNEL -#include -#include -#include -#endif /* !_KERNEL */ - -#if !defined(_KERNEL) || (defined(_KERNEL) && defined(IPSEC_DEBUG)) - -static void kdebug_sadb_prop __P((struct sadb_ext *)); -static void kdebug_sadb_identity __P((struct sadb_ext *)); -static void kdebug_sadb_supported __P((struct sadb_ext *)); -static void kdebug_sadb_lifetime __P((struct sadb_ext *)); -static void kdebug_sadb_sa __P((struct sadb_ext *)); -static void kdebug_sadb_address __P((struct sadb_ext *)); -static void kdebug_sadb_key __P((struct sadb_ext *)); -static void kdebug_sadb_x_sa2 __P((struct sadb_ext *)); - -#ifdef _KERNEL -static void kdebug_secreplay __P((struct secreplay *)); -#endif - -#ifndef _KERNEL -#define panic(param) { printf(param); exit(-1); } -#endif - -/* NOTE: host byte order */ - -/* %%%: about struct sadb_msg */ -void -kdebug_sadb(base) - struct sadb_msg *base; -{ - struct sadb_ext *ext; - int tlen, extlen; - - /* sanity check */ - if (base == NULL) - panic("kdebug_sadb: NULL pointer was passed.\n"); - - printf("sadb_msg{ version=%u type=%u errno=%u satype=%u\n", - base->sadb_msg_version, base->sadb_msg_type, - base->sadb_msg_errno, base->sadb_msg_satype); - printf(" len=%u reserved=%u seq=%u pid=%u\n", - base->sadb_msg_len, base->sadb_msg_reserved, - base->sadb_msg_seq, base->sadb_msg_pid); - - tlen = PFKEY_UNUNIT64(base->sadb_msg_len) - sizeof(struct sadb_msg); - ext = (struct sadb_ext *)((caddr_t)base + sizeof(struct sadb_msg)); - - while (tlen > 0) { - printf("sadb_ext{ len=%u type=%u }\n", - ext->sadb_ext_len, ext->sadb_ext_type); - - if (ext->sadb_ext_len == 0) { - printf("kdebug_sadb: invalid ext_len=0 was passed.\n"); - return; - } - if (ext->sadb_ext_len > tlen) { - printf("kdebug_sadb: ext_len exceeds end of buffer.\n"); - return; - } - - switch (ext->sadb_ext_type) { - case SADB_EXT_SA: - kdebug_sadb_sa(ext); - break; - case SADB_EXT_LIFETIME_CURRENT: - case SADB_EXT_LIFETIME_HARD: - case SADB_EXT_LIFETIME_SOFT: - kdebug_sadb_lifetime(ext); - break; - case SADB_EXT_ADDRESS_SRC: - case SADB_EXT_ADDRESS_DST: - case SADB_EXT_ADDRESS_PROXY: - kdebug_sadb_address(ext); - break; - case SADB_EXT_KEY_AUTH: - case SADB_EXT_KEY_ENCRYPT: - kdebug_sadb_key(ext); - break; - case SADB_EXT_IDENTITY_SRC: - case SADB_EXT_IDENTITY_DST: - kdebug_sadb_identity(ext); - break; - case SADB_EXT_SENSITIVITY: - break; - case SADB_EXT_PROPOSAL: - kdebug_sadb_prop(ext); - break; - case SADB_EXT_SUPPORTED_AUTH: - case SADB_EXT_SUPPORTED_ENCRYPT: - kdebug_sadb_supported(ext); - break; - case SADB_EXT_SPIRANGE: - case SADB_X_EXT_KMPRIVATE: - break; - case SADB_X_EXT_POLICY: - kdebug_sadb_x_policy(ext); - break; - case SADB_X_EXT_SA2: - kdebug_sadb_x_sa2(ext); - break; - default: - printf("kdebug_sadb: invalid ext_type %u was passed.\n", - ext->sadb_ext_type); - return; - } - - extlen = PFKEY_UNUNIT64(ext->sadb_ext_len); - tlen -= extlen; - ext = (struct sadb_ext *)((caddr_t)ext + extlen); - } - - return; -} - -static void -kdebug_sadb_prop(ext) - struct sadb_ext *ext; -{ - struct sadb_prop *prop = (struct sadb_prop *)ext; - struct sadb_comb *comb; - int len; - - /* sanity check */ - if (ext == NULL) - panic("kdebug_sadb_prop: NULL pointer was passed.\n"); - - len = (PFKEY_UNUNIT64(prop->sadb_prop_len) - sizeof(*prop)) - / sizeof(*comb); - comb = (struct sadb_comb *)(prop + 1); - printf("sadb_prop{ replay=%u\n", prop->sadb_prop_replay); - - while (len--) { - printf("sadb_comb{ auth=%u encrypt=%u " - "flags=0x%04x reserved=0x%08x\n", - comb->sadb_comb_auth, comb->sadb_comb_encrypt, - comb->sadb_comb_flags, comb->sadb_comb_reserved); - - printf(" auth_minbits=%u auth_maxbits=%u " - "encrypt_minbits=%u encrypt_maxbits=%u\n", - comb->sadb_comb_auth_minbits, - comb->sadb_comb_auth_maxbits, - comb->sadb_comb_encrypt_minbits, - comb->sadb_comb_encrypt_maxbits); - - printf(" soft_alloc=%u hard_alloc=%u " - "soft_bytes=%lu hard_bytes=%lu\n", - comb->sadb_comb_soft_allocations, - comb->sadb_comb_hard_allocations, - (unsigned long)comb->sadb_comb_soft_bytes, - (unsigned long)comb->sadb_comb_hard_bytes); - - printf(" soft_alloc=%lu hard_alloc=%lu " - "soft_bytes=%lu hard_bytes=%lu }\n", - (unsigned long)comb->sadb_comb_soft_addtime, - (unsigned long)comb->sadb_comb_hard_addtime, - (unsigned long)comb->sadb_comb_soft_usetime, - (unsigned long)comb->sadb_comb_hard_usetime); - comb++; - } - printf("}\n"); - - return; -} - -static void -kdebug_sadb_identity(ext) - struct sadb_ext *ext; -{ - struct sadb_ident *id = (struct sadb_ident *)ext; - int len; - - /* sanity check */ - if (ext == NULL) - panic("kdebug_sadb_identity: NULL pointer was passed.\n"); - - len = PFKEY_UNUNIT64(id->sadb_ident_len) - sizeof(*id); - printf("sadb_ident_%s{", - id->sadb_ident_exttype == SADB_EXT_IDENTITY_SRC ? "src" : "dst"); - switch (id->sadb_ident_type) { - default: - printf(" type=%d id=%lu", - id->sadb_ident_type, (u_long)id->sadb_ident_id); - if (len) { -#ifdef _KERNEL - ipsec_hexdump((caddr_t)(id + 1), len); /*XXX cast ?*/ -#else - char *p, *ep; - printf("\n str=\""); - p = (char *)(id + 1); - ep = p + len; - for (/*nothing*/; *p && p < ep; p++) { - if (isprint(*p)) - printf("%c", *p & 0xff); - else - printf("\\%03o", *p & 0xff); - } -#endif - printf("\""); - } - break; - } - - printf(" }\n"); - - return; -} - -static void -kdebug_sadb_supported(ext) - struct sadb_ext *ext; -{ - struct sadb_supported *sup = (struct sadb_supported *)ext; - struct sadb_alg *alg; - int len; - - /* sanity check */ - if (ext == NULL) - panic("kdebug_sadb_supported: NULL pointer was passed.\n"); - - len = (PFKEY_UNUNIT64(sup->sadb_supported_len) - sizeof(*sup)) - / sizeof(*alg); - alg = (struct sadb_alg *)(sup + 1); - printf("sadb_sup{\n"); - while (len--) { - printf(" { id=%d ivlen=%d min=%d max=%d }\n", - alg->sadb_alg_id, alg->sadb_alg_ivlen, - alg->sadb_alg_minbits, alg->sadb_alg_maxbits); - alg++; - } - printf("}\n"); - - return; -} - -static void -kdebug_sadb_lifetime(ext) - struct sadb_ext *ext; -{ - struct sadb_lifetime *lft = (struct sadb_lifetime *)ext; - - /* sanity check */ - if (ext == NULL) - printf("kdebug_sadb_lifetime: NULL pointer was passed.\n"); - - printf("sadb_lifetime{ alloc=%u, bytes=%u\n", - lft->sadb_lifetime_allocations, - (u_int32_t)lft->sadb_lifetime_bytes); - printf(" addtime=%u, usetime=%u }\n", - (u_int32_t)lft->sadb_lifetime_addtime, - (u_int32_t)lft->sadb_lifetime_usetime); - - return; -} - -static void -kdebug_sadb_sa(ext) - struct sadb_ext *ext; -{ - struct sadb_sa *sa = (struct sadb_sa *)ext; - - /* sanity check */ - if (ext == NULL) - panic("kdebug_sadb_sa: NULL pointer was passed.\n"); - - printf("sadb_sa{ spi=%u replay=%u state=%u\n", - (u_int32_t)ntohl(sa->sadb_sa_spi), sa->sadb_sa_replay, - sa->sadb_sa_state); - printf(" auth=%u encrypt=%u flags=0x%08x }\n", - sa->sadb_sa_auth, sa->sadb_sa_encrypt, sa->sadb_sa_flags); - - return; -} - -static void -kdebug_sadb_address(ext) - struct sadb_ext *ext; -{ - struct sadb_address *addr = (struct sadb_address *)ext; - - /* sanity check */ - if (ext == NULL) - panic("kdebug_sadb_address: NULL pointer was passed.\n"); - - printf("sadb_address{ proto=%u prefixlen=%u reserved=0x%02x%02x }\n", - addr->sadb_address_proto, addr->sadb_address_prefixlen, - ((u_char *)&addr->sadb_address_reserved)[0], - ((u_char *)&addr->sadb_address_reserved)[1]); - - kdebug_sockaddr((struct sockaddr *)((caddr_t)ext + sizeof(*addr))); - - return; -} - -static void -kdebug_sadb_key(ext) - struct sadb_ext *ext; -{ - struct sadb_key *key = (struct sadb_key *)ext; - - /* sanity check */ - if (ext == NULL) - panic("kdebug_sadb_key: NULL pointer was passed.\n"); - - printf("sadb_key{ bits=%u reserved=%u\n", - key->sadb_key_bits, key->sadb_key_reserved); - printf(" key="); - - /* sanity check 2 */ - if ((key->sadb_key_bits >> 3) > - (PFKEY_UNUNIT64(key->sadb_key_len) - sizeof(struct sadb_key))) { - printf("kdebug_sadb_key: key length mismatch, bit:%d len:%ld.\n", - key->sadb_key_bits >> 3, - (long)PFKEY_UNUNIT64(key->sadb_key_len) - sizeof(struct sadb_key)); - } - - ipsec_hexdump((caddr_t)key + sizeof(struct sadb_key), - key->sadb_key_bits >> 3); - printf(" }\n"); - return; -} - -static void -kdebug_sadb_x_sa2(ext) - struct sadb_ext *ext; -{ - struct sadb_x_sa2 *sa2 = (struct sadb_x_sa2 *)ext; - - /* sanity check */ - if (ext == NULL) - panic("kdebug_sadb_x_sa2: NULL pointer was passed.\n"); - - printf("sadb_x_sa2{ mode=%u reqid=%u\n", - sa2->sadb_x_sa2_mode, sa2->sadb_x_sa2_reqid); - printf(" reserved1=%u reserved2=%u reserved3=%u }\n", - sa2->sadb_x_sa2_reserved1, sa2->sadb_x_sa2_reserved1, - sa2->sadb_x_sa2_reserved1); - - return; -} - -void -kdebug_sadb_x_policy(ext) - struct sadb_ext *ext; -{ - struct sadb_x_policy *xpl = (struct sadb_x_policy *)ext; - struct sockaddr *addr; - - /* sanity check */ - if (ext == NULL) - panic("kdebug_sadb_x_policy: NULL pointer was passed.\n"); - - printf("sadb_x_policy{ type=%u dir=%u id=%x }\n", - xpl->sadb_x_policy_type, xpl->sadb_x_policy_dir, - xpl->sadb_x_policy_id); - - if (xpl->sadb_x_policy_type == IPSEC_POLICY_IPSEC) { - int tlen; - struct sadb_x_ipsecrequest *xisr; - - tlen = PFKEY_UNUNIT64(xpl->sadb_x_policy_len) - sizeof(*xpl); - xisr = (struct sadb_x_ipsecrequest *)(xpl + 1); - - while (tlen > 0) { - printf(" { len=%u proto=%u mode=%u level=%u reqid=%u\n", - xisr->sadb_x_ipsecrequest_len, - xisr->sadb_x_ipsecrequest_proto, - xisr->sadb_x_ipsecrequest_mode, - xisr->sadb_x_ipsecrequest_level, - xisr->sadb_x_ipsecrequest_reqid); - - if (xisr->sadb_x_ipsecrequest_len > sizeof(*xisr)) { - addr = (struct sockaddr *)(xisr + 1); - kdebug_sockaddr(addr); - addr = (struct sockaddr *)((caddr_t)addr - + addr->sa_len); - kdebug_sockaddr(addr); - } - - printf(" }\n"); - - /* prevent infinite loop */ - if (xisr->sadb_x_ipsecrequest_len <= 0) { - printf("kdebug_sadb_x_policy: wrong policy struct.\n"); - return; - } - /* prevent overflow */ - if (xisr->sadb_x_ipsecrequest_len > tlen) { - printf("invalid ipsec policy length\n"); - return; - } - - tlen -= xisr->sadb_x_ipsecrequest_len; - - xisr = (struct sadb_x_ipsecrequest *)((caddr_t)xisr - + xisr->sadb_x_ipsecrequest_len); - } - - if (tlen != 0) - panic("kdebug_sadb_x_policy: wrong policy struct.\n"); - } - - return; -} - -#ifdef _KERNEL -/* %%%: about SPD and SAD */ -void -kdebug_secpolicy(sp) - struct secpolicy *sp; -{ - /* sanity check */ - if (sp == NULL) - panic("kdebug_secpolicy: NULL pointer was passed.\n"); - - printf("secpolicy{ refcnt=%u state=%u policy=%u\n", - sp->refcnt, sp->state, sp->policy); - - kdebug_secpolicyindex(&sp->spidx); - - switch (sp->policy) { - case IPSEC_POLICY_DISCARD: - printf(" type=discard }\n"); - break; - case IPSEC_POLICY_NONE: - printf(" type=none }\n"); - break; - case IPSEC_POLICY_IPSEC: - { - struct ipsecrequest *isr; - for (isr = sp->req; isr != NULL; isr = isr->next) { - - printf(" level=%u\n", isr->level); - kdebug_secasindex(&isr->saidx); - - if (isr->sav != NULL) - kdebug_secasv(isr->sav); - } - printf(" }\n"); - } - break; - case IPSEC_POLICY_BYPASS: - printf(" type=bypass }\n"); - break; - case IPSEC_POLICY_ENTRUST: - printf(" type=entrust }\n"); - break; - default: - printf("kdebug_secpolicy: Invalid policy found. %d\n", - sp->policy); - break; - } - - return; -} - -void -kdebug_secpolicyindex(spidx) - struct secpolicyindex *spidx; -{ - /* sanity check */ - if (spidx == NULL) - panic("kdebug_secpolicyindex: NULL pointer was passed.\n"); - - printf("secpolicyindex{ dir=%u prefs=%u prefd=%u ul_proto=%u\n", - spidx->dir, spidx->prefs, spidx->prefd, spidx->ul_proto); - - ipsec_hexdump((caddr_t)&spidx->src, - ((struct sockaddr *)&spidx->src)->sa_len); - printf("\n"); - ipsec_hexdump((caddr_t)&spidx->dst, - ((struct sockaddr *)&spidx->dst)->sa_len); - printf("}\n"); - - return; -} - -void -kdebug_secasindex(saidx) - struct secasindex *saidx; -{ - /* sanity check */ - if (saidx == NULL) - panic("kdebug_secpolicyindex: NULL pointer was passed.\n"); - - printf("secasindex{ mode=%u proto=%u\n", - saidx->mode, saidx->proto); - - ipsec_hexdump((caddr_t)&saidx->src, - ((struct sockaddr *)&saidx->src)->sa_len); - printf("\n"); - ipsec_hexdump((caddr_t)&saidx->dst, - ((struct sockaddr *)&saidx->dst)->sa_len); - printf("\n"); - - return; -} - -void -kdebug_secasv(sav) - struct secasvar *sav; -{ - /* sanity check */ - if (sav == NULL) - panic("kdebug_secasv: NULL pointer was passed.\n"); - - printf("secas{"); - kdebug_secasindex(&sav->sah->saidx); - - printf(" refcnt=%u state=%u auth=%u enc=%u\n", - sav->refcnt, sav->state, sav->alg_auth, sav->alg_enc); - printf(" spi=%u flags=%u\n", - (u_int32_t)ntohl(sav->spi), sav->flags); - - if (sav->key_auth != NULL) - kdebug_sadb_key((struct sadb_ext *)sav->key_auth); - if (sav->key_enc != NULL) - kdebug_sadb_key((struct sadb_ext *)sav->key_enc); - if (sav->iv != NULL) { - printf(" iv="); - ipsec_hexdump(sav->iv, sav->ivlen ? sav->ivlen : 8); - printf("\n"); - } - - if (sav->replay != NULL) - kdebug_secreplay(sav->replay); - if (sav->lft_c != NULL) - kdebug_sadb_lifetime((struct sadb_ext *)sav->lft_c); - if (sav->lft_h != NULL) - kdebug_sadb_lifetime((struct sadb_ext *)sav->lft_h); - if (sav->lft_s != NULL) - kdebug_sadb_lifetime((struct sadb_ext *)sav->lft_s); - -#if notyet - /* XXX: misc[123] ? */ -#endif - - return; -} - -static void -kdebug_secreplay(rpl) - struct secreplay *rpl; -{ - int len, l; - - /* sanity check */ - if (rpl == NULL) - panic("kdebug_secreplay: NULL pointer was passed.\n"); - - printf(" secreplay{ count=%u wsize=%u seq=%u lastseq=%u", - rpl->count, rpl->wsize, rpl->seq, rpl->lastseq); - - if (rpl->bitmap == NULL) { - printf(" }\n"); - return; - } - - printf("\n bitmap { "); - - for (len = 0; len < rpl->wsize; len++) { - for (l = 7; l >= 0; l--) - printf("%u", (((rpl->bitmap)[len] >> l) & 1) ? 1 : 0); - } - printf(" }\n"); - - return; -} - -void -kdebug_mbufhdr(m) - struct mbuf *m; -{ - /* sanity check */ - if (m == NULL) - return; - - printf("mbuf(%p){ m_next:%p m_nextpkt:%p m_data:%p " - "m_len:%d m_type:0x%02x m_flags:0x%02x }\n", - m, m->m_next, m->m_nextpkt, m->m_data, - m->m_len, m->m_type, m->m_flags); - - if (m->m_flags & M_PKTHDR) { - printf(" m_pkthdr{ len:%d rcvif:%p }\n", - m->m_pkthdr.len, m->m_pkthdr.rcvif); - } - - if (m->m_flags & M_EXT) { - printf(" m_ext{ ext_buf:%p ext_free:%p " - "ext_size:%u ext_ref:%p }\n", - m->m_ext.ext_buf, m->m_ext.ext_free, - m->m_ext.ext_size, m->m_ext.ext_ref); - } - - return; -} - -void -kdebug_mbuf(m0) - struct mbuf *m0; -{ - struct mbuf *m = m0; - int i, j; - - for (j = 0; m; m = m->m_next) { - kdebug_mbufhdr(m); - printf(" m_data:\n"); - for (i = 0; i < m->m_len; i++) { - if (i && i % 32 == 0) - printf("\n"); - if (i % 4 == 0) - printf(" "); - printf("%02x", mtod(m, u_char *)[i]); - j++; - } - printf("\n"); - } - - return; -} -#endif /* _KERNEL */ - -void -kdebug_sockaddr(addr) - struct sockaddr *addr; -{ - struct sockaddr_in *sin; -#ifdef INET6 - struct sockaddr_in6 *sin6; -#endif - - /* sanity check */ - if (addr == NULL) - panic("kdebug_sockaddr: NULL pointer was passed.\n"); - - /* NOTE: We deal with port number as host byte order. */ - printf("sockaddr{ len=%u family=%u", addr->sa_len, addr->sa_family); - - switch (addr->sa_family) { - case AF_INET: - sin = (struct sockaddr_in *)addr; - printf(" port=%u\n", ntohs(sin->sin_port)); - ipsec_hexdump((caddr_t)&sin->sin_addr, sizeof(sin->sin_addr)); - break; -#ifdef INET6 - case AF_INET6: - sin6 = (struct sockaddr_in6 *)addr; - printf(" port=%u\n", ntohs(sin6->sin6_port)); - printf(" flowinfo=0x%08x, scope_id=0x%08x\n", - sin6->sin6_flowinfo, sin6->sin6_scope_id); - ipsec_hexdump((caddr_t)&sin6->sin6_addr, - sizeof(sin6->sin6_addr)); - break; -#endif - } - - printf(" }\n"); - - return; -} - -void -ipsec_bindump(buf, len) - caddr_t buf; - int len; -{ - int i; - - for (i = 0; i < len; i++) - printf("%c", (unsigned char)buf[i]); - - return; -} - - -void -ipsec_hexdump(buf, len) - caddr_t buf; - int len; -{ - int i; - - for (i = 0; i < len; i++) { - if (i != 0 && i % 32 == 0) printf("\n"); - if (i % 4 == 0) printf(" "); - printf("%02x", (unsigned char)buf[i]); - } -#if 0 - if (i % 32 != 0) printf("\n"); -#endif - - return; -} - -#endif /* !defined(_KERNEL) || (defined(_KERNEL) && defined(IPSEC_DEBUG)) */ diff --git a/racoonctl.tproj/kmpstat.c b/racoonctl.tproj/kmpstat.c deleted file mode 100644 index 883f6fe..0000000 --- a/racoonctl.tproj/kmpstat.c +++ /dev/null @@ -1,1101 +0,0 @@ -/* $KAME: kmpstat.c,v 1.28 2001/06/01 10:14:49 sakane Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include -#include -#include - -#include -#include -#include -#include - -#include -#include -#include -#include -#if TIME_WITH_SYS_TIME -# include -# include -#else -# if HAVE_SYS_TIME_H -# include -# else -# include -# endif -#endif -#include -#ifdef HAVE_UNISTD_H -#include -#endif -#include - -#include "libpfkey.h" - -#include "var.h" -#include "misc.h" -#include "vmbuf.h" -#include "plog.h" -#include "debug.h" - -#include "schedule.h" -#include "isakmp_var.h" -#include "isakmp.h" -#include "oakley.h" -#include "handler.h" -#include "pfkey.h" -#include "admin.h" -#include "admin_var.h" - -static void usage __P((void)); -static void com_init __P((void)); -static int com_send __P((vchar_t *)); -static vchar_t *com_recv __P((void)); - -static vchar_t *get_combuf __P((int, char **)); -static vchar_t *f_reload __P((int, char **)); -static vchar_t *f_getsched __P((int, char **)); -static vchar_t *f_getsa __P((int, char **)); -static vchar_t *f_flushsa __P((int, char **)); -static vchar_t *f_deletesa __P((int, char **)); -static vchar_t *f_exchangesa __P((int, char **)); - -struct cmd_tag { - vchar_t *(*func) __P((int, char **)); - int cmd; - char *str; -} cmdtab[] = { - { f_reload, ADMIN_RELOAD_CONF, "reload-config" }, - { f_reload, ADMIN_RELOAD_CONF, "rc" }, - { f_getsched, ADMIN_SHOW_SCHED, "show-schedule" }, - { f_getsched, ADMIN_SHOW_SCHED, "sc" }, - { f_getsa, ADMIN_SHOW_SA, "show-sa" }, - { f_getsa, ADMIN_SHOW_SA, "ss" }, - { f_flushsa, ADMIN_FLUSH_SA, "flush-sa" }, - { f_flushsa, ADMIN_FLUSH_SA, "fs" }, - { f_deletesa, ADMIN_DELETE_SA, "delete-sa" }, - { f_deletesa, ADMIN_DELETE_SA, "ds" }, - { f_exchangesa, ADMIN_ESTABLISH_SA, "establish-sa" }, - { f_exchangesa, ADMIN_ESTABLISH_SA, "es" }, - { NULL, 0, NULL }, -}; - -static int get_proto __P((char *)); -static vchar_t *get_index __P((int, char **)); -static int get_family __P((char *)); -static vchar_t *get_comindexes __P((int, int, char **)); -static int get_comindex __P((char *, char **, char **, char **)); -static struct sockaddr *get_sockaddr __P((int, char *, char *)); -static int get_ulproto __P((char *)); - -struct proto_tag { - int proto; - char *str; -} prototab[] = { - { ADMIN_PROTO_ISAKMP, "isakmp" }, - { ADMIN_PROTO_IPSEC, "ipsec" }, - { ADMIN_PROTO_AH, "ah" }, - { ADMIN_PROTO_ESP, "esp" }, - { ADMIN_PROTO_INTERNAL, "internal" }, - { 0, NULL }, -}; - -struct ulproto_tag { - int ul_proto; - char *str; -} ulprototab[] = { - { 0, "any" }, - { IPPROTO_ICMP, "icmp" }, - { IPPROTO_TCP, "tcp" }, - { IPPROTO_UDP, "udp" }, - { 0, NULL }, -}; - -int so; - -static char _addr1_[NI_MAXHOST], _addr2_[NI_MAXHOST]; - -char *pname; -int long_format = 0; -u_int32_t loglevel = 4; - -void dump_isakmp_sa __P((char *, int)); -void dump_internal __P((char *, int)); -char *pindex_isakmp __P((isakmp_index *)); -void print_schedule __P((caddr_t, int)); -char * fixed_addr __P((char *, char *, int)); - -static void -usage() -{ - printf( -"Usage:\n" -" %s reload-config\n" -" %s [-l [-l]] show-sa [protocol]\n" -" %s flush-sa [protocol]\n" -" %s delete-sa \n" -" %s establish-sa \n" -"\n" -" : \"isakmp\", \"esp\" or \"ah\".\n" -" In the case of \"show-sa\" or \"flush-sa\", you can use \"ipsec\".\n" -"\n" -" : \"isakmp\" \n" -" : {\"esp\",\"ah\"} \n" -" \n" -" : \"inet\" or \"inet6\"\n" -" : \"icmp\", \"tcp\", \"udp\" or \"any\"\n", - pname, pname, pname, pname, pname); -} - -int -main(ac, av) - int ac; - char **av; -{ - extern char *optarg; - extern int optind; - vchar_t *combuf; - int c; - - pname = *av; - - while ((c = getopt(ac, av, "ld")) != -1) { - switch(c) { - case 'l': - long_format++; - break; - - case 'd': - loglevel++; - break; - - default: - usage(); - exit(0); - } - } - - ac -= optind; - av += optind; - - combuf = get_combuf(ac, av); - if (!combuf) - err(1, "kmpstat"); - - if (loglevel) - hexdump(combuf, ((struct admin_com *)combuf)->ac_len); - - com_init(); - - if (com_send(combuf) < 0) - goto bad; - - vfree(combuf); - - combuf = com_recv(); - if (!combuf) - goto bad; - - exit(0); - - bad: - exit(1); -} - -static void -com_init() -{ - struct sockaddr_un name; - - memset(&name, 0, sizeof(name)); - name.sun_family = AF_UNIX; - snprintf(name.sun_path, sizeof(name.sun_path), - "%s", PORT_ADMIN); - - so = socket(AF_UNIX, SOCK_STREAM, 0); - if (so < 0) - err(1, "socket"); - - if (connect(so, (struct sockaddr *)&name, sizeof(name)) < 0) { - (void)close(so); - err(1, "connect"); - } -} - -static int -com_send(combuf) - vchar_t *combuf; -{ - int len; - - if ((len = send(so, combuf->v, combuf->l, 0)) < 0){ - perror("send"); - (void)close(so); - return -1; - } - - return len; -} - -static vchar_t * -com_recv() -{ - vchar_t *combuf = NULL; - struct admin_com h, *com; - caddr_t buf; - int len; - - /* receive by PEEK */ - len = recv(so, &h, sizeof(h), MSG_PEEK); - if (len == -1) - goto bad; - - /* sanity check */ - if (len < sizeof(h)) - return NULL; - if (len == 0) - goto bad; - - /* error ? */ - if (h.ac_errno) { - errno = h.ac_errno; - goto bad; - } - - /* allocate buffer */ - combuf = vmalloc(h.ac_len); - if (combuf == NULL) - goto bad; - - /* read real message */ - { - int l = 0; - caddr_t p = combuf->v; - while (l < combuf->l) { - if ((len = recv(so, p, h.ac_len, 0)) < 0) { - perror("recv"); - goto bad; - } - l += len; - p += len; - } - } - - com = (struct admin_com *)combuf->v; - len = com->ac_len - sizeof(*com); - buf = combuf->v + sizeof(*com); - - switch (com->ac_cmd) { - case ADMIN_SHOW_SCHED: - print_schedule(buf, len); - break; - - case ADMIN_SHOW_SA: - { - switch (com->ac_proto) { - case ADMIN_PROTO_ISAKMP: - dump_isakmp_sa(buf, len); - break; - case ADMIN_PROTO_IPSEC: - case ADMIN_PROTO_AH: - case ADMIN_PROTO_ESP: - { - struct sadb_msg *msg = (struct sadb_msg *)buf; - - switch (msg->sadb_msg_errno) { - case ENOENT: - switch (msg->sadb_msg_type) { - case SADB_DELETE: - case SADB_GET: - printf("No entry.\n"); - break; - case SADB_DUMP: - printf("No SAD entries.\n"); - break; - } - break; - case 0: - while (1) { - pfkey_sadump(msg); - if (msg->sadb_msg_seq == 0) - break; - msg = (struct sadb_msg *)((caddr_t)msg + - PFKEY_UNUNIT64(msg->sadb_msg_len)); - } - break; - default: - printf("%s.\n", strerror(msg->sadb_msg_errno)); - } - } - break; - case ADMIN_PROTO_INTERNAL: - dump_internal(buf, len); - break; - default: - printf("Invalid proto [%d]\n", com->ac_proto); - } - - } - break; - -/* default:*/ - /* IGNORE */ - } - - (void)close(so); - return combuf; - - bad: - (void)close(so); - return NULL; -} - -/* %%% */ -/* - * return command buffer. - */ -static vchar_t * -get_combuf(ac, av) - int ac; - char **av; -{ - struct cmd_tag *cp; - - if (ac == 0) { - usage(); - exit(0); - } - - /* checking the string of command. */ - for (cp = &cmdtab[0]; cp->str; cp++) { - if (strcmp(*av, cp->str) == 0) { - break; - } - } - if (!cp->str) { - printf("Invalid command [%s]\n", *av); - errno = EINVAL; - return NULL; - } - - ac--; - av++; - return (cp->func)(ac, av); -} - -static vchar_t * -f_reload(ac, av) - int ac; - char **av; -{ - vchar_t *buf; - struct admin_com *head; - - buf = vmalloc(sizeof(*head)); - if (buf == NULL) - errx(1, "not enough core"); - - head = (struct admin_com *)buf->v; - head->ac_len = buf->l; - head->ac_cmd = ADMIN_RELOAD_CONF; - head->ac_errno = 0; - head->ac_proto = 0; - - return buf; -} - -static vchar_t * -f_getsched(ac, av) - int ac; - char **av; -{ - vchar_t *buf; - struct admin_com *head; - - buf = vmalloc(sizeof(*head)); - if (buf == NULL) - errx(1, "not enough core"); - - head = (struct admin_com *)buf->v; - head->ac_len = buf->l; - head->ac_cmd = ADMIN_SHOW_SCHED; - head->ac_errno = 0; - head->ac_proto = 0; - - return buf; -} - -static vchar_t * -f_getsa(ac, av) - int ac; - char **av; -{ - vchar_t *buf; - struct admin_com *head; - int proto; - - /* need protocol */ - if (ac != 1) - errx(1, "insufficient arguments"); - proto = get_proto(*av); - if (proto == -1) - errx(1, "unknown protocol %s", *av); - - buf = vmalloc(sizeof(*head)); - if (buf == NULL) - errx(1, "not enough core"); - - head = (struct admin_com *)buf->v; - head->ac_len = buf->l; - head->ac_cmd = ADMIN_SHOW_SA; - head->ac_errno = 0; - head->ac_proto = proto; - - return buf; -} - -static vchar_t * -f_flushsa(ac, av) - int ac; - char **av; -{ - vchar_t *buf; - struct admin_com *head; - int proto; - - /* need protocol */ - if (ac != 1) - errx(1, "insufficient arguments"); - proto = get_proto(*av); - if (proto == -1) - errx(1, "unknown protocol %s", *av); - - buf = vmalloc(sizeof(*head)); - if (buf == NULL) - errx(1, "not enough core"); - - head = (struct admin_com *)buf->v; - head->ac_len = buf->l; - head->ac_cmd = ADMIN_FLUSH_SA; - head->ac_errno = 0; - head->ac_proto = proto; - - return buf; -} - -static vchar_t * -f_deletesa(ac, av) - int ac; - char **av; -{ - vchar_t *buf, *index; - struct admin_com *head; - int proto; - - /* need protocol */ - if (ac < 1) - errx(1, "insufficient arguments"); - proto = get_proto(*av); - if (proto == -1) - errx(1, "unknown protocol %s", *av); - - /* get index(es) */ - av++; - ac--; - switch (proto) { - case ADMIN_PROTO_ISAKMP: - index = get_index(ac, av); - if (index == NULL) - return NULL; - break; - case ADMIN_PROTO_AH: - case ADMIN_PROTO_ESP: - index = get_index(ac, av); - if (index == NULL) - return NULL; - break; - default: - errno = EPROTONOSUPPORT; - return NULL; - } - - buf = vmalloc(sizeof(*head) + index->l); - if (buf == NULL) - return NULL; - - head = (struct admin_com *)buf->v; - head->ac_len = buf->l + index->l; - head->ac_cmd = ADMIN_DELETE_SA; - head->ac_errno = 0; - head->ac_proto = proto; - - return buf; -} - -static vchar_t * -f_exchangesa(ac, av) - int ac; - char **av; -{ - vchar_t *buf, *index; - struct admin_com *head; - int proto; - - /* need protocol */ - if (ac < 1) - errx(1, "insufficient arguments"); - if ((proto = get_proto(*av)) == -1) - errx(1, "unknown protocol %s", *av); - - /* get index(es) */ - av++; - ac--; - switch (proto) { - case ADMIN_PROTO_ISAKMP: - index = get_index(ac, av); - if (index == NULL) - return NULL; - break; - case ADMIN_PROTO_AH: - case ADMIN_PROTO_ESP: - index = get_index(ac, av); - if (index == NULL) - return NULL; - break; - default: - errno = EPROTONOSUPPORT; - return NULL; - } - - buf = vmalloc(sizeof(*head) + index->l); - if (buf == NULL) - return NULL; - - head = (struct admin_com *)buf->v; - head->ac_len = buf->l + index->l; - head->ac_cmd = ADMIN_DELETE_SA; - head->ac_errno = 0; - head->ac_proto = proto; - - return buf; -} - -static int -get_proto(str) - char *str; -{ - struct proto_tag *cp; - - if (str == NULL) { - errno = EINVAL; - return -1; - } - - /* checking the string of command. */ - for (cp = &prototab[0]; cp->str; cp++) { - if (strcmp(str, cp->str) == 0) - return cp->proto; - } - - errno = EINVAL; - return -1; -} - -static vchar_t * -get_index(ac, av) - int ac; - char **av; -{ - int family; - - if (ac != 3) { - errno = EINVAL; - return NULL; - } - - /* checking the string of family */ - family = get_family(*av); - if (family == -1) - return NULL; - av++; - - return get_comindexes(family, ac, av); -} - -static int -get_family(str) - char *str; -{ - if (strcmp("inet", str) == 0) - return AF_INET; -#ifdef INET6 - else if (strcmp("inet6", str) == 0) - return AF_INET6; -#endif - errno = EAFNOSUPPORT; - return -1; -} - -static vchar_t * -get_comindexes(family, ac, av) - int family; - int ac; - char **av; -{ - vchar_t *buf; - struct admin_com_indexes *ci; - char *p_name = NULL, *p_port = NULL; - char *p_prefs = NULL, *p_prefd = NULL; - struct sockaddr *src = NULL, *dst = NULL; - int ulproto; - - if (ac != 2) { - errno = EINVAL; - return NULL; - } - - if (get_comindex(*av, &p_name, &p_port, &p_prefs) == -1) - goto bad; - src = get_sockaddr(family, p_name, p_port); - if (p_name) { - racoon_free(p_name); - p_name = NULL; - } - if (p_port) { - racoon_free(p_port); - p_port = NULL; - } - if (src == NULL) - goto bad; - av++; - if (get_comindex(*av, &p_name, &p_port, &p_prefd) == -1) - goto bad; - dst = get_sockaddr(family, p_name, p_port); - if (dst == NULL) - goto bad; - - buf = vmalloc(sizeof(*ci)); - if (buf == NULL) - goto bad; - - av++; - ulproto = get_ulproto(*av); - if (ulproto == -1) - goto bad; - - ci = (struct admin_com_indexes *)buf; - ci->prefs = (u_int8_t)atoi(p_prefs); /* XXX should be handled error. */ - ci->prefd = (u_int8_t)atoi(p_prefd); /* XXX should be handled error. */ - ci->ul_proto = ulproto; - memcpy(&ci->src, src, src->sa_len); - memcpy(&ci->dst, dst, dst->sa_len); - - if (p_name) - - return buf; - - bad: - if (p_name) - racoon_free(p_name); - if (p_port) - racoon_free(p_port); - if (p_prefs); - racoon_free(p_prefs); - if (p_prefd); - racoon_free(p_prefd); - return NULL; -} - -static int -get_comindex(str, name, port, pref) - char *str, **name, **port, **pref; -{ - char *p; - - *name = *port = *pref = NULL; - - *name = strdup(str); - p = strpbrk(*name, "/["); - if (p != NULL) { - if (*(p + 1) == '\0') - goto bad; - if (*p == '/') { - *p = '\0'; - *pref = strdup(p + 1); - p = strchr(*pref, '['); - if (p != NULL) { - if (*(p + 1) == '\0') - goto bad; - *p = '\0'; - *port = strdup(p + 1); - p = strchr(*pref, ']'); - if (p == NULL) - goto bad; - *p = '\0'; - } - } else if (*p == '[') { - *p = '\0'; - *port = strdup(p + 1); - p = strchr(*pref, ']'); - if (p == NULL) - goto bad; - *p = '\0'; - } else { - /* XXX */ - } - } - - return 0; - - bad: - if (*name) - racoon_free(*name); - if (*port) - racoon_free(*port); - if (*pref) - racoon_free(*pref); - *name = *port = *pref = NULL; - return -1; -} - -static struct sockaddr * -get_sockaddr(family, name, port) - int family; - char *name, *port; -{ - struct addrinfo hint, *ai; - int error; - - memset(&hint, 0, sizeof(hint)); - hint.ai_family = PF_UNSPEC; - hint.ai_socktype = SOCK_STREAM; - - error = getaddrinfo(name, port, &hint, &ai); - if (error != 0) { - printf("%s: %s/%s\n", gai_strerror(error), name, port); - return NULL; - } - - return ai->ai_addr; -} - -static int -get_ulproto(str) - char *str; -{ - struct ulproto_tag *cp; - - /* checking the string of upper layer protocol. */ - for (cp = &ulprototab[0]; cp->str; cp++) { - if (strcmp(str, cp->str) == 0) - return cp->ul_proto; - } - - errno = EINVAL; - return -1; -} - -/* %%% */ -void -dump_isakmp_sa(buf, len) - char *buf; - int len; -{ - struct ph1dump *pd; - struct tm *tm; - char tbuf[56]; - caddr_t p = NULL; - -/* isakmp status header */ -/* short header; - 1234567890123456789012 0000000000000000:0000000000000000 000000000000 -*/ -char *header1 = -"Destination Cookies Created"; - -/* semi long header; - 1234567890123456789012 0000000000000000:0000000000000000 00 X 00 X 0000-00-00 00:00:00 000000 -*/ -char *header2 = -"Destination Cookies ST S V E Created Phase2"; - -/* long header; - 0000:0000:0000:0000:0000:0000:0000:0000.00000 0000:0000:0000:0000:0000:0000:0000:0000.00000 0000000000000000:0000000000000000 00 X 00 X 0000-00-00 00:00:00 000000 -*/ -char *header3 = -"Source Destination Cookies ST S V E Created Phase2"; - -/* phase status header */ -/* short format; - side stats source address destination address - xxx xxxxx 1234567890123456789012 1234567890123456789012 -*/ - - static char *estr[] = { "", "B", "M", "U", "A", "I", }; - - switch (long_format) { - case 0: - printf("%s\n", header1); - break; - case 1: - printf("%s\n", header2); - break; - case 2: - default: - printf("%s\n", header3); - break; - } - - if (len % sizeof(*pd)) - printf("invalid length %d\n", len); - len /= sizeof(*pd); - - pd = (struct ph1dump *)buf; - - while (len-- > 0) { - /* source address */ - if (long_format >= 2) { - GETNAMEINFO((struct sockaddr *)&pd->local, _addr1_, _addr2_); - switch (long_format) { - case 0: - break; - case 1: - p = fixed_addr(_addr1_, _addr2_, 22); - break; - case 2: - default: - p = fixed_addr(_addr1_, _addr2_, 45); - break; - } - printf("%s ", p); - } - - /* destination address */ - GETNAMEINFO((struct sockaddr *)&pd->remote, _addr1_, _addr2_); - switch (long_format) { - case 0: - case 1: - p = fixed_addr(_addr1_, _addr2_, 22); - break; - case 2: - default: - p = fixed_addr(_addr1_, _addr2_, 45); - break; - } - printf("%s ", p); - - printf("%s ", pindex_isakmp(&pd->index)); - - /* statuc, side and version */ - if (long_format >= 1) { - printf("%2d %c %2x ", - pd->status, - pd->side == INITIATOR ? 'I' : 'R', - pd->version); - if (ARRAYLEN(estr) > pd->etype) - printf("%s ", estr[pd->etype]); - } - - /* created date */ - if (pd->created) { - tm = localtime(&pd->created); - strftime(tbuf, sizeof(tbuf), "%Y-%m-%d %T", tm); - } else - snprintf(tbuf, sizeof(tbuf), " "); - printf("%s ", tbuf); - - /* counter of phase 2 */ - if (long_format >= 1) - printf("%6d ", pd->ph2cnt); - - printf("\n"); - - pd++; - } - - return; -} - -/* %%% */ -void -dump_internal(buf, tlen) - char *buf; - int tlen; -{ - struct ph2handle *iph2; - struct sockaddr *addr; - -/* -short header; - source address destination address - 1234567890123456789012 1234567890123456789012 -*/ -char *short_h1 = -"Source Destination "; - -/* -long header; - source address destination address - 123456789012345678901234567890123456789012345 123456789012345678901234567890123456789012345 - 0000:0000:0000:0000:0000:0000:0000:0000.00000 0000:0000:0000:0000:0000:0000:0000:0000.00000 0000:0000:0000:0000:0000:0000:0000:0000.00000 -*/ -char *long_h1 = -"Source Destination "; - - printf("%s\n", long_format ? long_h1 : short_h1); - - while (tlen > 0) { - iph2 = (struct ph2handle *)buf; - addr = (struct sockaddr *)(++iph2); - - GETNAMEINFO(addr, _addr1_, _addr2_); - printf("%s ", long_format ? - fixed_addr(_addr1_, _addr2_, 45) - : fixed_addr(_addr1_, _addr2_, 22)); - addr++; - tlen -= addr->sa_len; - - GETNAMEINFO(addr, _addr1_, _addr2_); - printf("%s ", long_format ? - fixed_addr(_addr1_, _addr2_, 45) - : fixed_addr(_addr1_, _addr2_, 22)); - addr++; - tlen -= addr->sa_len; - - printf("\n"); - } - - return; -} - -/* %%% */ -char * -pindex_isakmp(index) - isakmp_index *index; -{ - static char buf[64]; - u_char *p; - int i, j; - - memset(buf, 0, sizeof(buf)); - - /* copy index */ - p = (u_char *)index; - for (j = 0, i = 0; i < sizeof(isakmp_index); i++) { - snprintf((char *)&buf[j], sizeof(buf) - j, "%02x", p[i]); - j += 2; - switch (i) { - case 7: -#if 0 - case 15: -#endif - buf[j++] = ':'; - } - } - - return buf; -} - -/* print schedule */ -char *str_sched_stat[] = { -"off", -"on", -"dead", -}; - -char *str_sched_id[] = { -"PH1resend", -"PH1lifetime", -"PH2resend", -"PSTacquire", -"PSTlifetime", -}; - -void -print_schedule(buf, len) - caddr_t buf; - int len; -{ - struct scheddump *sc = (struct scheddump *)buf; - struct tm *tm; - char tbuf[56]; - - if (len % sizeof(*sc)) - printf("invalid length %d\n", len); - len /= sizeof(*sc); - - /* 00000000 00000000 00000000 xxx........*/ - printf("index tick xtime created\n"); - - while (len-- > 0) { - tm = localtime(&sc->created); - strftime(tbuf, sizeof(tbuf), "%Y-%m-%d %T", tm); - - printf("%-8ld %-8ld %-8ld %s\n", - sc->id, - (long)sc->tick, - (long)sc->xtime, - tbuf); - sc++; - } - - return; -} - -char * -fixed_addr(addr, port, len) - char *addr, *port; - int len; -{ - static char _addr_buf_[BUFSIZ]; - char *p; - int plen, i; - - /* initialize */ - memset(_addr_buf_, ' ', sizeof(_addr_buf_)); - - plen = strlen(port); - if (len < plen + 1) - return NULL; - - p = _addr_buf_; - for (i = 0; i < len - plen - 1 && addr[i] != '\0'; /*noting*/) - *p++ = addr[i++]; - *p++ = '.'; - - for (i = 0; i < plen && port[i] != '\0'; /*noting*/) - *p++ = port[i++]; - - _addr_buf_[len] = '\0'; - - return _addr_buf_; -} diff --git a/racoonctl.tproj/misc.c b/racoonctl.tproj/misc.c deleted file mode 100644 index 8906017..0000000 --- a/racoonctl.tproj/misc.c +++ /dev/null @@ -1,167 +0,0 @@ -/* $KAME: misc.c,v 1.22 2001/07/14 05:48:33 sakane Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include -#include -#include - -#include -#include -#include -#include -#include -#include - -#include "var.h" -#include "misc.h" -#include "debug.h" - -#if 0 -static int bindump __P((void *, size_t)); - -static int -bindump(buf0, len) - void *buf0; - size_t len; -{ - unsigned char *buf = (unsigned char *)buf0; - size_t i; - - for (i = 0; i < len; i++) { - if ((buf[i] & 0x80) || !isprint(buf[i])) - printf("\\x%x", buf[i]); - else - printf("%c", buf[i]); - } - printf("\n"); - - return 0; -} -#endif - -int -hexdump(buf0, len) - void *buf0; - size_t len; -{ - caddr_t buf = (caddr_t)buf0; - size_t i; - - for (i = 0; i < len; i++) { - if (i != 0 && i % 32 == 0) - printf("\n"); - if (i % 4 == 0) - printf(" "); - printf("%02x", (unsigned char)buf[i]); - } - printf("\n"); - - return 0; -} - -char * -bit2str(n, bl) - int n, bl; -{ -#define MAXBITLEN 128 - static char b[MAXBITLEN + 1]; - int i; - - if (bl > MAXBITLEN) - return "Failed to convert."; /* NG */ - memset(b, '0', bl); - b[bl] = '\0'; - - for (i = 0; i < bl; i++) { - if (n & (1 << i)) - b[bl - 1 - i] = '1'; - } - - return b; -} - -const char * -debug_location(file, line, func) - const char *file; - int line; - const char *func; -{ - static char buf[1024]; - const char *p; - - /* truncate pathname */ - p = strrchr(file, '/'); - if (p) - p++; - else - p = file; - - if (func) - snprintf(buf, sizeof(buf), "%s:%d:%s()", p, line, func); - else - snprintf(buf, sizeof(buf), "%s:%d", p, line); - - return buf; -} - -/* - * get file size. - * -1: error occured. - */ -int -getfsize(path) - char *path; -{ - struct stat st; - - if (stat(path, &st) != 0) - return -1; - else - return st.st_size; -} - -/* - * calculate the difference between two times. - * t1: start - * t2: end - */ -double -timedelta(t1, t2) - struct timeval *t1, *t2; -{ - if (t2->tv_usec >= t1->tv_usec) - return t2->tv_sec - t1->tv_sec + - (double)(t2->tv_usec - t1->tv_usec) / 1000000; - - return t2->tv_sec - t1->tv_sec - 1 + - (double)(1000000 + t2->tv_usec - t1->tv_usec) / 1000000; -} diff --git a/racoonctl.tproj/pfkey.c b/racoonctl.tproj/pfkey.c deleted file mode 100644 index 813b304..0000000 --- a/racoonctl.tproj/pfkey.c +++ /dev/null @@ -1,2108 +0,0 @@ -/* $FreeBSD: src/lib/libipsec/pfkey.c,v 1.1.2.2 2001/07/03 11:01:14 ume Exp $ */ -/* $KAME: pfkey.c,v 1.39 2001/03/05 18:22:17 thorpej Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include -#include -#include -#include -#include -#include - -#include -#include -#include -#include -#include - -#include "ipsec_strerror.h" -#include "libpfkey.h" - -#define CALLOC(size, cast) (cast)calloc(1, (size)) - -static int findsupportedmap __P((int)); -static int setsupportedmap __P((struct sadb_supported *)); -static struct sadb_alg *findsupportedalg __P((u_int, u_int)); -static int pfkey_send_x1 __P((int, u_int, u_int, u_int, struct sockaddr *, - struct sockaddr *, u_int32_t, u_int32_t, u_int, caddr_t, - u_int, u_int, u_int, u_int, u_int, u_int32_t, u_int32_t, - u_int32_t, u_int32_t, u_int32_t)); -static int pfkey_send_x2 __P((int, u_int, u_int, u_int, - struct sockaddr *, struct sockaddr *, u_int32_t)); -static int pfkey_send_x3 __P((int, u_int, u_int)); -static int pfkey_send_x4 __P((int, u_int, struct sockaddr *, u_int, - struct sockaddr *, u_int, u_int, u_int64_t, u_int64_t, - char *, int, u_int32_t)); -static int pfkey_send_x5 __P((int, u_int, u_int32_t)); - -static caddr_t pfkey_setsadbmsg __P((caddr_t, caddr_t, u_int, u_int, - u_int, u_int32_t, pid_t)); -static caddr_t pfkey_setsadbsa __P((caddr_t, caddr_t, u_int32_t, u_int, - u_int, u_int, u_int32_t)); -static caddr_t pfkey_setsadbaddr __P((caddr_t, caddr_t, u_int, - struct sockaddr *, u_int, u_int)); -static caddr_t pfkey_setsadbkey __P((caddr_t, caddr_t, u_int, caddr_t, u_int)); -static caddr_t pfkey_setsadblifetime __P((caddr_t, caddr_t, u_int, u_int32_t, - u_int32_t, u_int32_t, u_int32_t)); -static caddr_t pfkey_setsadbxsa2 __P((caddr_t, caddr_t, u_int32_t, u_int32_t)); - -/* - * make and search supported algorithm structure. - */ -static struct sadb_supported *ipsec_supported[] = { NULL, NULL, NULL, }; - -static int supported_map[] = { - SADB_SATYPE_AH, - SADB_SATYPE_ESP, - SADB_X_SATYPE_IPCOMP, -}; - -static int -findsupportedmap(satype) - int satype; -{ - int i; - - for (i = 0; i < sizeof(supported_map)/sizeof(supported_map[0]); i++) - if (supported_map[i] == satype) - return i; - return -1; -} - -static struct sadb_alg * -findsupportedalg(satype, alg_id) - u_int satype, alg_id; -{ - int algno; - int tlen; - caddr_t p; - - /* validity check */ - algno = findsupportedmap(satype); - if (algno == -1) { - __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; - return NULL; - } - if (ipsec_supported[algno] == NULL) { - __ipsec_errcode = EIPSEC_DO_GET_SUPP_LIST; - return NULL; - } - - tlen = ipsec_supported[algno]->sadb_supported_len - - sizeof(struct sadb_supported); - p = (caddr_t)(ipsec_supported[algno] + 1); - while (tlen > 0) { - if (tlen < sizeof(struct sadb_alg)) { - /* invalid format */ - break; - } - if (((struct sadb_alg *)p)->sadb_alg_id == alg_id) - return (struct sadb_alg *)p; - - tlen -= sizeof(struct sadb_alg); - p += sizeof(struct sadb_alg); - } - - __ipsec_errcode = EIPSEC_NOT_SUPPORTED; - return NULL; -} - -static int -setsupportedmap(sup) - struct sadb_supported *sup; -{ - struct sadb_supported **ipsup; - - switch (sup->sadb_supported_exttype) { - case SADB_EXT_SUPPORTED_AUTH: - ipsup = &ipsec_supported[findsupportedmap(SADB_SATYPE_AH)]; - break; - case SADB_EXT_SUPPORTED_ENCRYPT: - ipsup = &ipsec_supported[findsupportedmap(SADB_SATYPE_ESP)]; - break; - default: - __ipsec_errcode = EIPSEC_INVAL_SATYPE; - return -1; - } - - if (*ipsup) - free(*ipsup); - - *ipsup = malloc(sup->sadb_supported_len); - if (!*ipsup) { - __ipsec_set_strerror(strerror(errno)); - return -1; - } - memcpy(*ipsup, sup, sup->sadb_supported_len); - - return 0; -} - -/* - * check key length against algorithm specified. - * This function is called with SADB_EXT_SUPPORTED_{AUTH,ENCRYPT} as the - * augument, and only calls to ipsec_check_keylen2(); - * keylen is the unit of bit. - * OUT: - * -1: invalid. - * 0: valid. - */ -int -ipsec_check_keylen(supported, alg_id, keylen) - u_int supported; - u_int alg_id; - u_int keylen; -{ - int satype; - - /* validity check */ - switch (supported) { - case SADB_EXT_SUPPORTED_AUTH: - satype = SADB_SATYPE_AH; - break; - case SADB_EXT_SUPPORTED_ENCRYPT: - satype = SADB_SATYPE_ESP; - break; - default: - __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; - return -1; - } - - return ipsec_check_keylen2(satype, alg_id, keylen); -} - -/* - * check key length against algorithm specified. - * satype is one of satype defined at pfkeyv2.h. - * keylen is the unit of bit. - * OUT: - * -1: invalid. - * 0: valid. - */ -int -ipsec_check_keylen2(satype, alg_id, keylen) - u_int satype; - u_int alg_id; - u_int keylen; -{ - struct sadb_alg *alg; - - alg = findsupportedalg(satype, alg_id); - if (!alg) - return -1; - - if (keylen < alg->sadb_alg_minbits || keylen > alg->sadb_alg_maxbits) { - __ipsec_errcode = EIPSEC_INVAL_KEYLEN; - return -1; - } - - __ipsec_errcode = EIPSEC_NO_ERROR; - return 0; -} - -/* - * get max/min key length against algorithm specified. - * satype is one of satype defined at pfkeyv2.h. - * keylen is the unit of bit. - * OUT: - * -1: invalid. - * 0: valid. - */ -int -ipsec_get_keylen(supported, alg_id, alg0) - u_int supported, alg_id; - struct sadb_alg *alg0; -{ - struct sadb_alg *alg; - u_int satype; - - /* validity check */ - if (!alg0) { - __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; - return -1; - } - - switch (supported) { - case SADB_EXT_SUPPORTED_AUTH: - satype = SADB_SATYPE_AH; - break; - case SADB_EXT_SUPPORTED_ENCRYPT: - satype = SADB_SATYPE_ESP; - break; - default: - __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; - return -1; - } - - alg = findsupportedalg(satype, alg_id); - if (!alg) - return -1; - - memcpy(alg0, alg, sizeof(*alg0)); - - __ipsec_errcode = EIPSEC_NO_ERROR; - return 0; -} - -/* - * set the rate for SOFT lifetime against HARD one. - * If rate is more than 100 or equal to zero, then set to 100. - */ -static u_int soft_lifetime_allocations_rate = PFKEY_SOFT_LIFETIME_RATE; -static u_int soft_lifetime_bytes_rate = PFKEY_SOFT_LIFETIME_RATE; -static u_int soft_lifetime_addtime_rate = PFKEY_SOFT_LIFETIME_RATE; -static u_int soft_lifetime_usetime_rate = PFKEY_SOFT_LIFETIME_RATE; - -u_int -pfkey_set_softrate(type, rate) - u_int type, rate; -{ - __ipsec_errcode = EIPSEC_NO_ERROR; - - if (rate > 100 || rate == 0) - rate = 100; - - switch (type) { - case SADB_X_LIFETIME_ALLOCATIONS: - soft_lifetime_allocations_rate = rate; - return 0; - case SADB_X_LIFETIME_BYTES: - soft_lifetime_bytes_rate = rate; - return 0; - case SADB_X_LIFETIME_ADDTIME: - soft_lifetime_addtime_rate = rate; - return 0; - case SADB_X_LIFETIME_USETIME: - soft_lifetime_usetime_rate = rate; - return 0; - } - - __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; - return 1; -} - -/* - * get current rate for SOFT lifetime against HARD one. - * ATTENTION: ~0 is returned if invalid type was passed. - */ -u_int -pfkey_get_softrate(type) - u_int type; -{ - switch (type) { - case SADB_X_LIFETIME_ALLOCATIONS: - return soft_lifetime_allocations_rate; - case SADB_X_LIFETIME_BYTES: - return soft_lifetime_bytes_rate; - case SADB_X_LIFETIME_ADDTIME: - return soft_lifetime_addtime_rate; - case SADB_X_LIFETIME_USETIME: - return soft_lifetime_usetime_rate; - } - - return ~0; -} - -/* - * sending SADB_GETSPI message to the kernel. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_getspi(so, satype, mode, src, dst, min, max, reqid, seq) - int so; - u_int satype, mode; - struct sockaddr *src, *dst; - u_int32_t min, max, reqid, seq; -{ - struct sadb_msg *newmsg; - caddr_t ep; - int len; - int need_spirange = 0; - caddr_t p; - int plen; - - /* validity check */ - if (src == NULL || dst == NULL) { - __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; - return -1; - } - if (src->sa_family != dst->sa_family) { - __ipsec_errcode = EIPSEC_FAMILY_MISMATCH; - return -1; - } - if (min > max || (min > 0 && min <= 255)) { - __ipsec_errcode = EIPSEC_INVAL_SPI; - return -1; - } - switch (src->sa_family) { - case AF_INET: - plen = sizeof(struct in_addr) << 3; - break; - case AF_INET6: - plen = sizeof(struct in6_addr) << 3; - break; - default: - __ipsec_errcode = EIPSEC_INVAL_FAMILY; - return -1; - } - - /* create new sadb_msg to send. */ - len = sizeof(struct sadb_msg) - + sizeof(struct sadb_x_sa2) - + sizeof(struct sadb_address) - + PFKEY_ALIGN8(src->sa_len) - + sizeof(struct sadb_address) - + PFKEY_ALIGN8(dst->sa_len); - - if (min > 255 && max < ~0) { - need_spirange++; - len += sizeof(struct sadb_spirange); - } - - if ((newmsg = CALLOC(len, struct sadb_msg *)) == NULL) { - __ipsec_set_strerror(strerror(errno)); - return -1; - } - ep = ((caddr_t)newmsg) + len; - - p = pfkey_setsadbmsg((caddr_t)newmsg, ep, SADB_GETSPI, - len, satype, seq, getpid()); - if (!p) { - free(newmsg); - return -1; - } - - p = pfkey_setsadbxsa2(p, ep, mode, reqid); - if (!p) { - free(newmsg); - return -1; - } - - /* set sadb_address for source */ - p = pfkey_setsadbaddr(p, ep, SADB_EXT_ADDRESS_SRC, src, plen, - IPSEC_ULPROTO_ANY); - if (!p) { - free(newmsg); - return -1; - } - - /* set sadb_address for destination */ - p = pfkey_setsadbaddr(p, ep, SADB_EXT_ADDRESS_DST, dst, plen, - IPSEC_ULPROTO_ANY); - if (!p) { - free(newmsg); - return -1; - } - - /* proccessing spi range */ - if (need_spirange) { - struct sadb_spirange spirange; - - if (p + sizeof(spirange) > ep) { - free(newmsg); - return -1; - } - - memset(&spirange, 0, sizeof(spirange)); - spirange.sadb_spirange_len = PFKEY_UNIT64(sizeof(spirange)); - spirange.sadb_spirange_exttype = SADB_EXT_SPIRANGE; - spirange.sadb_spirange_min = min; - spirange.sadb_spirange_max = max; - - memcpy(p, &spirange, sizeof(spirange)); - - p += sizeof(spirange); - } - if (p != ep) { - free(newmsg); - return -1; - } - - /* send message */ - len = pfkey_send(so, newmsg, len); - free(newmsg); - - if (len < 0) - return -1; - - __ipsec_errcode = EIPSEC_NO_ERROR; - return len; -} - -/* - * sending SADB_UPDATE message to the kernel. - * The length of key material is a_keylen + e_keylen. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_update(so, satype, mode, src, dst, spi, reqid, wsize, - keymat, e_type, e_keylen, a_type, a_keylen, flags, - l_alloc, l_bytes, l_addtime, l_usetime, seq) - int so; - u_int satype, mode, wsize; - struct sockaddr *src, *dst; - u_int32_t spi, reqid; - caddr_t keymat; - u_int e_type, e_keylen, a_type, a_keylen, flags; - u_int32_t l_alloc; - u_int64_t l_bytes, l_addtime, l_usetime; - u_int32_t seq; -{ - int len; - if ((len = pfkey_send_x1(so, SADB_UPDATE, satype, mode, src, dst, spi, - reqid, wsize, - keymat, e_type, e_keylen, a_type, a_keylen, flags, - l_alloc, l_bytes, l_addtime, l_usetime, seq)) < 0) - return -1; - - return len; -} - -/* - * sending SADB_ADD message to the kernel. - * The length of key material is a_keylen + e_keylen. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_add(so, satype, mode, src, dst, spi, reqid, wsize, - keymat, e_type, e_keylen, a_type, a_keylen, flags, - l_alloc, l_bytes, l_addtime, l_usetime, seq) - int so; - u_int satype, mode, wsize; - struct sockaddr *src, *dst; - u_int32_t spi, reqid; - caddr_t keymat; - u_int e_type, e_keylen, a_type, a_keylen, flags; - u_int32_t l_alloc; - u_int64_t l_bytes, l_addtime, l_usetime; - u_int32_t seq; -{ - int len; - if ((len = pfkey_send_x1(so, SADB_ADD, satype, mode, src, dst, spi, - reqid, wsize, - keymat, e_type, e_keylen, a_type, a_keylen, flags, - l_alloc, l_bytes, l_addtime, l_usetime, seq)) < 0) - return -1; - - return len; -} - -/* - * sending SADB_DELETE message to the kernel. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_delete(so, satype, mode, src, dst, spi) - int so; - u_int satype, mode; - struct sockaddr *src, *dst; - u_int32_t spi; -{ - int len; - if ((len = pfkey_send_x2(so, SADB_DELETE, satype, mode, src, dst, spi)) < 0) - return -1; - - return len; -} - -/* - * sending SADB_DELETE without spi to the kernel. This is - * the "delete all" request (an extension also present in - * Solaris). - * - * OUT: - * positive: success and return length sent - * -1 : error occured, and set errno - */ -int -pfkey_send_delete_all(so, satype, mode, src, dst) - int so; - u_int satype, mode; - struct sockaddr *src, *dst; -{ - struct sadb_msg *newmsg; - int len; - caddr_t p; - int plen; - caddr_t ep; - - /* validity check */ - if (src == NULL || dst == NULL) { - __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; - return -1; - } - if (src->sa_family != dst->sa_family) { - __ipsec_errcode = EIPSEC_FAMILY_MISMATCH; - return -1; - } - switch (src->sa_family) { - case AF_INET: - plen = sizeof(struct in_addr) << 3; - break; - case AF_INET6: - plen = sizeof(struct in6_addr) << 3; - break; - default: - __ipsec_errcode = EIPSEC_INVAL_FAMILY; - return -1; - } - - /* create new sadb_msg to reply. */ - len = sizeof(struct sadb_msg) - + sizeof(struct sadb_address) - + PFKEY_ALIGN8(src->sa_len) - + sizeof(struct sadb_address) - + PFKEY_ALIGN8(dst->sa_len); - - if ((newmsg = CALLOC(len, struct sadb_msg *)) == NULL) { - __ipsec_set_strerror(strerror(errno)); - return -1; - } - ep = ((caddr_t)newmsg) + len; - - p = pfkey_setsadbmsg((caddr_t)newmsg, ep, SADB_DELETE, len, satype, 0, - getpid()); - if (!p) { - free(newmsg); - return -1; - } - p = pfkey_setsadbaddr(p, ep, SADB_EXT_ADDRESS_SRC, src, plen, - IPSEC_ULPROTO_ANY); - if (!p) { - free(newmsg); - return -1; - } - p = pfkey_setsadbaddr(p, ep, SADB_EXT_ADDRESS_DST, dst, plen, - IPSEC_ULPROTO_ANY); - if (!p || p != ep) { - free(newmsg); - return -1; - } - - /* send message */ - len = pfkey_send(so, newmsg, len); - free(newmsg); - - if (len < 0) - return -1; - - __ipsec_errcode = EIPSEC_NO_ERROR; - return len; -} - -/* - * sending SADB_GET message to the kernel. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_get(so, satype, mode, src, dst, spi) - int so; - u_int satype, mode; - struct sockaddr *src, *dst; - u_int32_t spi; -{ - int len; - if ((len = pfkey_send_x2(so, SADB_GET, satype, mode, src, dst, spi)) < 0) - return -1; - - return len; -} - -/* - * sending SADB_REGISTER message to the kernel. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_register(so, satype) - int so; - u_int satype; -{ - int len, algno; - - if (satype == PF_UNSPEC) { - for (algno = 0; - algno < sizeof(supported_map)/sizeof(supported_map[0]); - algno++) { - if (ipsec_supported[algno]) { - free(ipsec_supported[algno]); - ipsec_supported[algno] = NULL; - } - } - } else { - algno = findsupportedmap(satype); - if (algno == -1) { - __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; - return -1; - } - - if (ipsec_supported[algno]) { - free(ipsec_supported[algno]); - ipsec_supported[algno] = NULL; - } - } - - if ((len = pfkey_send_x3(so, SADB_REGISTER, satype)) < 0) - return -1; - - return len; -} - -/* - * receiving SADB_REGISTER message from the kernel, and copy buffer for - * sadb_supported returned into ipsec_supported. - * OUT: - * 0: success and return length sent. - * -1: error occured, and set errno. - */ -int -pfkey_recv_register(so) - int so; -{ - pid_t pid = getpid(); - struct sadb_msg *newmsg; - int error = -1; - - /* receive message */ - do { - if ((newmsg = pfkey_recv(so)) == NULL) - return -1; - } while (newmsg->sadb_msg_type != SADB_REGISTER - || newmsg->sadb_msg_pid != pid); - - /* check and fix */ - newmsg->sadb_msg_len = PFKEY_UNUNIT64(newmsg->sadb_msg_len); - - error = pfkey_set_supported(newmsg, newmsg->sadb_msg_len); - free(newmsg); - - if (error == 0) - __ipsec_errcode = EIPSEC_NO_ERROR; - - return error; -} - -/* - * receiving SADB_REGISTER message from the kernel, and copy buffer for - * sadb_supported returned into ipsec_supported. - * NOTE: sadb_msg_len must be host order. - * IN: - * tlen: msg length, it's to makeing sure. - * OUT: - * 0: success and return length sent. - * -1: error occured, and set errno. - */ -int -pfkey_set_supported(msg, tlen) - struct sadb_msg *msg; - int tlen; -{ - struct sadb_supported *sup; - caddr_t p; - caddr_t ep; - - /* validity */ - if (msg->sadb_msg_len != tlen) { - __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; - return -1; - } - - p = (caddr_t)msg; - ep = p + tlen; - - p += sizeof(struct sadb_msg); - - while (p < ep) { - sup = (struct sadb_supported *)p; - if (ep < p + sizeof(*sup) || - PFKEY_EXTLEN(sup) < sizeof(*sup) || - ep < p + sup->sadb_supported_len) { - /* invalid format */ - break; - } - - switch (sup->sadb_supported_exttype) { - case SADB_EXT_SUPPORTED_AUTH: - case SADB_EXT_SUPPORTED_ENCRYPT: - break; - default: - __ipsec_errcode = EIPSEC_INVAL_SATYPE; - return -1; - } - - /* fixed length */ - sup->sadb_supported_len = PFKEY_EXTLEN(sup); - - /* set supported map */ - if (setsupportedmap(sup) != 0) - return -1; - - p += sup->sadb_supported_len; - } - - if (p != ep) { - __ipsec_errcode = EIPSEC_INVAL_SATYPE; - return -1; - } - - __ipsec_errcode = EIPSEC_NO_ERROR; - - return 0; -} - -/* - * sending SADB_FLUSH message to the kernel. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_flush(so, satype) - int so; - u_int satype; -{ - int len; - - if ((len = pfkey_send_x3(so, SADB_FLUSH, satype)) < 0) - return -1; - - return len; -} - -/* - * sending SADB_DUMP message to the kernel. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_dump(so, satype) - int so; - u_int satype; -{ - int len; - - if ((len = pfkey_send_x3(so, SADB_DUMP, satype)) < 0) - return -1; - - return len; -} - -/* - * sending SADB_X_PROMISC message to the kernel. - * NOTE that this function handles promisc mode toggle only. - * IN: - * flag: set promisc off if zero, set promisc on if non-zero. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - * 0 : error occured, and set errno. - * others: a pointer to new allocated buffer in which supported - * algorithms is. - */ -int -pfkey_send_promisc_toggle(so, flag) - int so; - int flag; -{ - int len; - - if ((len = pfkey_send_x3(so, SADB_X_PROMISC, (flag ? 1 : 0))) < 0) - return -1; - - return len; -} - -/* - * sending SADB_X_SPDADD message to the kernel. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_spdadd(so, src, prefs, dst, prefd, proto, policy, policylen, seq) - int so; - struct sockaddr *src, *dst; - u_int prefs, prefd, proto; - caddr_t policy; - int policylen; - u_int32_t seq; -{ - int len; - - if ((len = pfkey_send_x4(so, SADB_X_SPDADD, - src, prefs, dst, prefd, proto, - 0, 0, - policy, policylen, seq)) < 0) - return -1; - - return len; -} - -/* - * sending SADB_X_SPDADD message to the kernel. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_spdadd2(so, src, prefs, dst, prefd, proto, ltime, vtime, - policy, policylen, seq) - int so; - struct sockaddr *src, *dst; - u_int prefs, prefd, proto; - u_int64_t ltime, vtime; - caddr_t policy; - int policylen; - u_int32_t seq; -{ - int len; - - if ((len = pfkey_send_x4(so, SADB_X_SPDADD, - src, prefs, dst, prefd, proto, - ltime, vtime, - policy, policylen, seq)) < 0) - return -1; - - return len; -} - -/* - * sending SADB_X_SPDUPDATE message to the kernel. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_spdupdate(so, src, prefs, dst, prefd, proto, policy, policylen, seq) - int so; - struct sockaddr *src, *dst; - u_int prefs, prefd, proto; - caddr_t policy; - int policylen; - u_int32_t seq; -{ - int len; - - if ((len = pfkey_send_x4(so, SADB_X_SPDUPDATE, - src, prefs, dst, prefd, proto, - 0, 0, - policy, policylen, seq)) < 0) - return -1; - - return len; -} - -/* - * sending SADB_X_SPDUPDATE message to the kernel. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_spdupdate2(so, src, prefs, dst, prefd, proto, ltime, vtime, - policy, policylen, seq) - int so; - struct sockaddr *src, *dst; - u_int prefs, prefd, proto; - u_int64_t ltime, vtime; - caddr_t policy; - int policylen; - u_int32_t seq; -{ - int len; - - if ((len = pfkey_send_x4(so, SADB_X_SPDUPDATE, - src, prefs, dst, prefd, proto, - ltime, vtime, - policy, policylen, seq)) < 0) - return -1; - - return len; -} - -/* - * sending SADB_X_SPDDELETE message to the kernel. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_spddelete(so, src, prefs, dst, prefd, proto, policy, policylen, seq) - int so; - struct sockaddr *src, *dst; - u_int prefs, prefd, proto; - caddr_t policy; - int policylen; - u_int32_t seq; -{ - int len; - - if (policylen != sizeof(struct sadb_x_policy)) { - __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; - return -1; - } - - if ((len = pfkey_send_x4(so, SADB_X_SPDDELETE, - src, prefs, dst, prefd, proto, - 0, 0, - policy, policylen, seq)) < 0) - return -1; - - return len; -} - -/* - * sending SADB_X_SPDDELETE message to the kernel. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_spddelete2(so, spid) - int so; - u_int32_t spid; -{ - int len; - - if ((len = pfkey_send_x5(so, SADB_X_SPDDELETE2, spid)) < 0) - return -1; - - return len; -} - -/* - * sending SADB_X_SPDGET message to the kernel. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_spdget(so, spid) - int so; - u_int32_t spid; -{ - int len; - - if ((len = pfkey_send_x5(so, SADB_X_SPDGET, spid)) < 0) - return -1; - - return len; -} - -/* - * sending SADB_X_SPDSETIDX message to the kernel. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_spdsetidx(so, src, prefs, dst, prefd, proto, policy, policylen, seq) - int so; - struct sockaddr *src, *dst; - u_int prefs, prefd, proto; - caddr_t policy; - int policylen; - u_int32_t seq; -{ - int len; - - if (policylen != sizeof(struct sadb_x_policy)) { - __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; - return -1; - } - - if ((len = pfkey_send_x4(so, SADB_X_SPDSETIDX, - src, prefs, dst, prefd, proto, - 0, 0, - policy, policylen, seq)) < 0) - return -1; - - return len; -} - -/* - * sending SADB_SPDFLUSH message to the kernel. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_spdflush(so) - int so; -{ - int len; - - if ((len = pfkey_send_x3(so, SADB_X_SPDFLUSH, SADB_SATYPE_UNSPEC)) < 0) - return -1; - - return len; -} - -/* - * sending SADB_SPDDUMP message to the kernel. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_spddump(so) - int so; -{ - int len; - - if ((len = pfkey_send_x3(so, SADB_X_SPDDUMP, SADB_SATYPE_UNSPEC)) < 0) - return -1; - - return len; -} - -/* sending SADB_ADD or SADB_UPDATE message to the kernel */ -static int -pfkey_send_x1(so, type, satype, mode, src, dst, spi, reqid, wsize, - keymat, e_type, e_keylen, a_type, a_keylen, flags, - l_alloc, l_bytes, l_addtime, l_usetime, seq) - int so; - u_int type, satype, mode; - struct sockaddr *src, *dst; - u_int32_t spi, reqid; - u_int wsize; - caddr_t keymat; - u_int e_type, e_keylen, a_type, a_keylen, flags; - u_int32_t l_alloc, l_bytes, l_addtime, l_usetime, seq; -{ - struct sadb_msg *newmsg; - int len; - caddr_t p; - int plen; - caddr_t ep; - - /* validity check */ - if (src == NULL || dst == NULL) { - __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; - return -1; - } - if (src->sa_family != dst->sa_family) { - __ipsec_errcode = EIPSEC_FAMILY_MISMATCH; - return -1; - } - switch (src->sa_family) { - case AF_INET: - plen = sizeof(struct in_addr) << 3; - break; - case AF_INET6: - plen = sizeof(struct in6_addr) << 3; - break; - default: - __ipsec_errcode = EIPSEC_INVAL_FAMILY; - return -1; - } - - switch (satype) { - case SADB_SATYPE_ESP: - if (e_type == SADB_EALG_NONE) { - __ipsec_errcode = EIPSEC_NO_ALGS; - return -1; - } - break; - case SADB_SATYPE_AH: - if (e_type != SADB_EALG_NONE) { - __ipsec_errcode = EIPSEC_INVAL_ALGS; - return -1; - } - if (a_type == SADB_AALG_NONE) { - __ipsec_errcode = EIPSEC_NO_ALGS; - return -1; - } - break; - case SADB_X_SATYPE_IPCOMP: - if (e_type == SADB_X_CALG_NONE) { - __ipsec_errcode = EIPSEC_INVAL_ALGS; - return -1; - } - if (a_type != SADB_AALG_NONE) { - __ipsec_errcode = EIPSEC_NO_ALGS; - return -1; - } - break; - default: - __ipsec_errcode = EIPSEC_INVAL_SATYPE; - return -1; - } - - /* create new sadb_msg to reply. */ - len = sizeof(struct sadb_msg) - + sizeof(struct sadb_sa) - + sizeof(struct sadb_x_sa2) - + sizeof(struct sadb_address) - + PFKEY_ALIGN8(src->sa_len) - + sizeof(struct sadb_address) - + PFKEY_ALIGN8(dst->sa_len) - + sizeof(struct sadb_lifetime) - + sizeof(struct sadb_lifetime); - - if (e_type != SADB_EALG_NONE) - len += (sizeof(struct sadb_key) + PFKEY_ALIGN8(e_keylen)); - if (a_type != SADB_AALG_NONE) - len += (sizeof(struct sadb_key) + PFKEY_ALIGN8(a_keylen)); - - if ((newmsg = CALLOC(len, struct sadb_msg *)) == NULL) { - __ipsec_set_strerror(strerror(errno)); - return -1; - } - ep = ((caddr_t)newmsg) + len; - - p = pfkey_setsadbmsg((caddr_t)newmsg, ep, type, len, - satype, seq, getpid()); - if (!p) { - free(newmsg); - return -1; - } - p = pfkey_setsadbsa(p, ep, spi, wsize, a_type, e_type, flags); - if (!p) { - free(newmsg); - return -1; - } - p = pfkey_setsadbxsa2(p, ep, mode, reqid); - if (!p) { - free(newmsg); - return -1; - } - p = pfkey_setsadbaddr(p, ep, SADB_EXT_ADDRESS_SRC, src, plen, - IPSEC_ULPROTO_ANY); - if (!p) { - free(newmsg); - return -1; - } - p = pfkey_setsadbaddr(p, ep, SADB_EXT_ADDRESS_DST, dst, plen, - IPSEC_ULPROTO_ANY); - if (!p) { - free(newmsg); - return -1; - } - - if (e_type != SADB_EALG_NONE) { - p = pfkey_setsadbkey(p, ep, SADB_EXT_KEY_ENCRYPT, - keymat, e_keylen); - if (!p) { - free(newmsg); - return -1; - } - } - if (a_type != SADB_AALG_NONE) { - p = pfkey_setsadbkey(p, ep, SADB_EXT_KEY_AUTH, - keymat + e_keylen, a_keylen); - if (!p) { - free(newmsg); - return -1; - } - } - - /* set sadb_lifetime for destination */ - p = pfkey_setsadblifetime(p, ep, SADB_EXT_LIFETIME_HARD, - l_alloc, l_bytes, l_addtime, l_usetime); - if (!p) { - free(newmsg); - return -1; - } - p = pfkey_setsadblifetime(p, ep, SADB_EXT_LIFETIME_SOFT, - l_alloc, l_bytes, l_addtime, l_usetime); - if (!p || p != ep) { - free(newmsg); - return -1; - } - - /* send message */ - len = pfkey_send(so, newmsg, len); - free(newmsg); - - if (len < 0) - return -1; - - __ipsec_errcode = EIPSEC_NO_ERROR; - return len; -} - -/* sending SADB_DELETE or SADB_GET message to the kernel */ -static int -pfkey_send_x2(so, type, satype, mode, src, dst, spi) - int so; - u_int type, satype, mode; - struct sockaddr *src, *dst; - u_int32_t spi; -{ - struct sadb_msg *newmsg; - int len; - caddr_t p; - int plen; - caddr_t ep; - - /* validity check */ - if (src == NULL || dst == NULL) { - __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; - return -1; - } - if (src->sa_family != dst->sa_family) { - __ipsec_errcode = EIPSEC_FAMILY_MISMATCH; - return -1; - } - switch (src->sa_family) { - case AF_INET: - plen = sizeof(struct in_addr) << 3; - break; - case AF_INET6: - plen = sizeof(struct in6_addr) << 3; - break; - default: - __ipsec_errcode = EIPSEC_INVAL_FAMILY; - return -1; - } - - /* create new sadb_msg to reply. */ - len = sizeof(struct sadb_msg) - + sizeof(struct sadb_sa) - + sizeof(struct sadb_address) - + PFKEY_ALIGN8(src->sa_len) - + sizeof(struct sadb_address) - + PFKEY_ALIGN8(dst->sa_len); - - if ((newmsg = CALLOC(len, struct sadb_msg *)) == NULL) { - __ipsec_set_strerror(strerror(errno)); - return -1; - } - ep = ((caddr_t)newmsg) + len; - - p = pfkey_setsadbmsg((caddr_t)newmsg, ep, type, len, satype, 0, - getpid()); - if (!p) { - free(newmsg); - return -1; - } - p = pfkey_setsadbsa(p, ep, spi, 0, 0, 0, 0); - if (!p) { - free(newmsg); - return -1; - } - p = pfkey_setsadbaddr(p, ep, SADB_EXT_ADDRESS_SRC, src, plen, - IPSEC_ULPROTO_ANY); - if (!p) { - free(newmsg); - return -1; - } - p = pfkey_setsadbaddr(p, ep, SADB_EXT_ADDRESS_DST, dst, plen, - IPSEC_ULPROTO_ANY); - if (!p || p != ep) { - free(newmsg); - return -1; - } - - /* send message */ - len = pfkey_send(so, newmsg, len); - free(newmsg); - - if (len < 0) - return -1; - - __ipsec_errcode = EIPSEC_NO_ERROR; - return len; -} - -/* - * sending SADB_REGISTER, SADB_FLUSH, SADB_DUMP or SADB_X_PROMISC message - * to the kernel - */ -static int -pfkey_send_x3(so, type, satype) - int so; - u_int type, satype; -{ - struct sadb_msg *newmsg; - int len; - caddr_t p; - caddr_t ep; - - /* validity check */ - switch (type) { - case SADB_X_PROMISC: - if (satype != 0 && satype != 1) { - __ipsec_errcode = EIPSEC_INVAL_SATYPE; - return -1; - } - break; - default: - switch (satype) { - case SADB_SATYPE_UNSPEC: - case SADB_SATYPE_AH: - case SADB_SATYPE_ESP: - case SADB_X_SATYPE_IPCOMP: - break; - default: - __ipsec_errcode = EIPSEC_INVAL_SATYPE; - return -1; - } - } - - /* create new sadb_msg to send. */ - len = sizeof(struct sadb_msg); - - if ((newmsg = CALLOC(len, struct sadb_msg *)) == NULL) { - __ipsec_set_strerror(strerror(errno)); - return -1; - } - ep = ((caddr_t)newmsg) + len; - - p = pfkey_setsadbmsg((caddr_t)newmsg, ep, type, len, satype, 0, - getpid()); - if (!p || p != ep) { - free(newmsg); - return -1; - } - - /* send message */ - len = pfkey_send(so, newmsg, len); - free(newmsg); - - if (len < 0) - return -1; - - __ipsec_errcode = EIPSEC_NO_ERROR; - return len; -} - -/* sending SADB_X_SPDADD message to the kernel */ -static int -pfkey_send_x4(so, type, src, prefs, dst, prefd, proto, - ltime, vtime, policy, policylen, seq) - int so; - struct sockaddr *src, *dst; - u_int type, prefs, prefd, proto; - u_int64_t ltime, vtime; - char *policy; - int policylen; - u_int32_t seq; -{ - struct sadb_msg *newmsg; - int len; - caddr_t p; - int plen; - caddr_t ep; - - /* validity check */ - if (src == NULL || dst == NULL) { - __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; - return -1; - } - if (src->sa_family != dst->sa_family) { - __ipsec_errcode = EIPSEC_FAMILY_MISMATCH; - return -1; - } - - switch (src->sa_family) { - case AF_INET: - plen = sizeof(struct in_addr) << 3; - break; - case AF_INET6: - plen = sizeof(struct in6_addr) << 3; - break; - default: - __ipsec_errcode = EIPSEC_INVAL_FAMILY; - return -1; - } - if (prefs > plen || prefd > plen) { - __ipsec_errcode = EIPSEC_INVAL_PREFIXLEN; - return -1; - } - - /* create new sadb_msg to reply. */ - len = sizeof(struct sadb_msg) - + sizeof(struct sadb_address) - + PFKEY_ALIGN8(src->sa_len) - + sizeof(struct sadb_address) - + PFKEY_ALIGN8(src->sa_len) - + sizeof(struct sadb_lifetime) - + policylen; - - if ((newmsg = CALLOC(len, struct sadb_msg *)) == NULL) { - __ipsec_set_strerror(strerror(errno)); - return -1; - } - ep = ((caddr_t)newmsg) + len; - - p = pfkey_setsadbmsg((caddr_t)newmsg, ep, type, len, - SADB_SATYPE_UNSPEC, seq, getpid()); - if (!p) { - free(newmsg); - return -1; - } - p = pfkey_setsadbaddr(p, ep, SADB_EXT_ADDRESS_SRC, src, prefs, proto); - if (!p) { - free(newmsg); - return -1; - } - p = pfkey_setsadbaddr(p, ep, SADB_EXT_ADDRESS_DST, dst, prefd, proto); - if (!p) { - free(newmsg); - return -1; - } - p = pfkey_setsadblifetime(p, ep, SADB_EXT_LIFETIME_HARD, - 0, 0, ltime, vtime); - if (!p || p + policylen != ep) { - free(newmsg); - return -1; - } - memcpy(p, policy, policylen); - - /* send message */ - len = pfkey_send(so, newmsg, len); - free(newmsg); - - if (len < 0) - return -1; - - __ipsec_errcode = EIPSEC_NO_ERROR; - return len; -} - -/* sending SADB_X_SPDGET or SADB_X_SPDDELETE message to the kernel */ -static int -pfkey_send_x5(so, type, spid) - int so; - u_int type; - u_int32_t spid; -{ - struct sadb_msg *newmsg; - struct sadb_x_policy xpl; - int len; - caddr_t p; - caddr_t ep; - - /* create new sadb_msg to reply. */ - len = sizeof(struct sadb_msg) - + sizeof(xpl); - - if ((newmsg = CALLOC(len, struct sadb_msg *)) == NULL) { - __ipsec_set_strerror(strerror(errno)); - return -1; - } - ep = ((caddr_t)newmsg) + len; - - p = pfkey_setsadbmsg((caddr_t)newmsg, ep, type, len, - SADB_SATYPE_UNSPEC, 0, getpid()); - if (!p) { - free(newmsg); - return -1; - } - - if (p + sizeof(xpl) != ep) { - free(newmsg); - return -1; - } - memset(&xpl, 0, sizeof(xpl)); - xpl.sadb_x_policy_len = PFKEY_UNUNIT64(sizeof(xpl)); - xpl.sadb_x_policy_exttype = SADB_X_EXT_POLICY; - xpl.sadb_x_policy_id = spid; - memcpy(p, &xpl, sizeof(xpl)); - - /* send message */ - len = pfkey_send(so, newmsg, len); - free(newmsg); - - if (len < 0) - return -1; - - __ipsec_errcode = EIPSEC_NO_ERROR; - return len; -} - -/* - * open a socket. - * OUT: - * -1: fail. - * others : success and return value of socket. - */ -int -pfkey_open() -{ - int so; - const int bufsiz = 128 * 1024; /*is 128K enough?*/ - - if ((so = socket(PF_KEY, SOCK_RAW, PF_KEY_V2)) < 0) { - __ipsec_set_strerror(strerror(errno)); - return -1; - } - - /* - * This is a temporary workaround for KAME PR 154. - * Don't really care even if it fails. - */ - (void)setsockopt(so, SOL_SOCKET, SO_SNDBUF, &bufsiz, sizeof(bufsiz)); - (void)setsockopt(so, SOL_SOCKET, SO_RCVBUF, &bufsiz, sizeof(bufsiz)); - - __ipsec_errcode = EIPSEC_NO_ERROR; - return so; -} - -/* - * close a socket. - * OUT: - * 0: success. - * -1: fail. - */ -void -pfkey_close(so) - int so; -{ - (void)close(so); - - __ipsec_errcode = EIPSEC_NO_ERROR; - return; -} - -/* - * receive sadb_msg data, and return pointer to new buffer allocated. - * Must free this buffer later. - * OUT: - * NULL : error occured. - * others : a pointer to sadb_msg structure. - * - * XXX should be rewritten to pass length explicitly - */ -struct sadb_msg * -pfkey_recv(so) - int so; -{ - struct sadb_msg buf, *newmsg; - int len, reallen; - - while ((len = recv(so, (caddr_t)&buf, sizeof(buf), MSG_PEEK)) < 0) { - if (errno == EINTR) - continue; - __ipsec_set_strerror(strerror(errno)); - return NULL; - } - - if (len < sizeof(buf)) { - recv(so, (caddr_t)&buf, sizeof(buf), 0); - __ipsec_errcode = EIPSEC_MAX; - return NULL; - } - - /* read real message */ - reallen = PFKEY_UNUNIT64(buf.sadb_msg_len); - if ((newmsg = CALLOC(reallen, struct sadb_msg *)) == 0) { - __ipsec_set_strerror(strerror(errno)); - return NULL; - } - - while ((len = recv(so, (caddr_t)newmsg, reallen, 0)) < 0) { - if (errno == EINTR) - continue; - __ipsec_set_strerror(strerror(errno)); - free(newmsg); - return NULL; - } - - if (len != reallen) { - __ipsec_errcode = EIPSEC_SYSTEM_ERROR; - free(newmsg); - return NULL; - } - - /* don't trust what the kernel says, validate! */ - if (PFKEY_UNUNIT64(newmsg->sadb_msg_len) != len) { - __ipsec_errcode = EIPSEC_SYSTEM_ERROR; - free(newmsg); - return NULL; - } - - __ipsec_errcode = EIPSEC_NO_ERROR; - return newmsg; -} - -/* - * send message to a socket. - * OUT: - * others: success and return length sent. - * -1 : fail. - */ -int -pfkey_send(so, msg, len) - int so; - struct sadb_msg *msg; - int len; -{ - if ((len = send(so, (caddr_t)msg, len, 0)) < 0) { - __ipsec_set_strerror(strerror(errno)); - return -1; - } - - __ipsec_errcode = EIPSEC_NO_ERROR; - return len; -} - -/* - * %%% Utilities - * NOTE: These functions are derived from netkey/key.c in KAME. - */ -/* - * set the pointer to each header in this message buffer. - * IN: msg: pointer to message buffer. - * mhp: pointer to the buffer initialized like below: - * caddr_t mhp[SADB_EXT_MAX + 1]; - * OUT: -1: invalid. - * 0: valid. - * - * XXX should be rewritten to obtain length explicitly - */ -int -pfkey_align(msg, mhp) - struct sadb_msg *msg; - caddr_t *mhp; -{ - struct sadb_ext *ext; - int i; - caddr_t p; - caddr_t ep; /* XXX should be passed from upper layer */ - - /* validity check */ - if (msg == NULL || mhp == NULL) { - __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; - return -1; - } - - /* initialize */ - for (i = 0; i < SADB_EXT_MAX + 1; i++) - mhp[i] = NULL; - - mhp[0] = (caddr_t)msg; - - /* initialize */ - p = (caddr_t) msg; - ep = p + PFKEY_UNUNIT64(msg->sadb_msg_len); - - /* skip base header */ - p += sizeof(struct sadb_msg); - - while (p < ep) { - ext = (struct sadb_ext *)p; - if (ep < p + sizeof(*ext) || PFKEY_EXTLEN(ext) < sizeof(*ext) || - ep < p + PFKEY_EXTLEN(ext)) { - /* invalid format */ - break; - } - - /* duplicate check */ - /* XXX Are there duplication either KEY_AUTH or KEY_ENCRYPT ?*/ - if (mhp[ext->sadb_ext_type] != NULL) { - __ipsec_errcode = EIPSEC_INVAL_EXTTYPE; - return -1; - } - - /* set pointer */ - switch (ext->sadb_ext_type) { - case SADB_EXT_SA: - case SADB_EXT_LIFETIME_CURRENT: - case SADB_EXT_LIFETIME_HARD: - case SADB_EXT_LIFETIME_SOFT: - case SADB_EXT_ADDRESS_SRC: - case SADB_EXT_ADDRESS_DST: - case SADB_EXT_ADDRESS_PROXY: - case SADB_EXT_KEY_AUTH: - /* XXX should to be check weak keys. */ - case SADB_EXT_KEY_ENCRYPT: - /* XXX should to be check weak keys. */ - case SADB_EXT_IDENTITY_SRC: - case SADB_EXT_IDENTITY_DST: - case SADB_EXT_SENSITIVITY: - case SADB_EXT_PROPOSAL: - case SADB_EXT_SUPPORTED_AUTH: - case SADB_EXT_SUPPORTED_ENCRYPT: - case SADB_EXT_SPIRANGE: - case SADB_X_EXT_POLICY: - case SADB_X_EXT_SA2: - mhp[ext->sadb_ext_type] = (caddr_t)ext; - break; - default: - __ipsec_errcode = EIPSEC_INVAL_EXTTYPE; - return -1; - } - - p += PFKEY_EXTLEN(ext); - } - - if (p != ep) { - __ipsec_errcode = EIPSEC_INVAL_SADBMSG; - return -1; - } - - __ipsec_errcode = EIPSEC_NO_ERROR; - return 0; -} - -/* - * check basic usage for sadb_msg, - * NOTE: This routine is derived from netkey/key.c in KAME. - * IN: msg: pointer to message buffer. - * mhp: pointer to the buffer initialized like below: - * - * caddr_t mhp[SADB_EXT_MAX + 1]; - * - * OUT: -1: invalid. - * 0: valid. - */ -int -pfkey_check(mhp) - caddr_t *mhp; -{ - struct sadb_msg *msg; - - /* validity check */ - if (mhp == NULL || mhp[0] == NULL) { - __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; - return -1; - } - - msg = (struct sadb_msg *)mhp[0]; - - /* check version */ - if (msg->sadb_msg_version != PF_KEY_V2) { - __ipsec_errcode = EIPSEC_INVAL_VERSION; - return -1; - } - - /* check type */ - if (msg->sadb_msg_type > SADB_MAX) { - __ipsec_errcode = EIPSEC_INVAL_MSGTYPE; - return -1; - } - - /* check SA type */ - switch (msg->sadb_msg_satype) { - case SADB_SATYPE_UNSPEC: - switch (msg->sadb_msg_type) { - case SADB_GETSPI: - case SADB_UPDATE: - case SADB_ADD: - case SADB_DELETE: - case SADB_GET: - case SADB_ACQUIRE: - case SADB_EXPIRE: - __ipsec_errcode = EIPSEC_INVAL_SATYPE; - return -1; - } - break; - case SADB_SATYPE_ESP: - case SADB_SATYPE_AH: - case SADB_X_SATYPE_IPCOMP: - switch (msg->sadb_msg_type) { - case SADB_X_SPDADD: - case SADB_X_SPDDELETE: - case SADB_X_SPDGET: - case SADB_X_SPDDUMP: - case SADB_X_SPDFLUSH: - __ipsec_errcode = EIPSEC_INVAL_SATYPE; - return -1; - } - break; - case SADB_SATYPE_RSVP: - case SADB_SATYPE_OSPFV2: - case SADB_SATYPE_RIPV2: - case SADB_SATYPE_MIP: - __ipsec_errcode = EIPSEC_NOT_SUPPORTED; - return -1; - case 1: /* XXX: What does it do ? */ - if (msg->sadb_msg_type == SADB_X_PROMISC) - break; - /*FALLTHROUGH*/ - default: - __ipsec_errcode = EIPSEC_INVAL_SATYPE; - return -1; - } - - /* check field of upper layer protocol and address family */ - if (mhp[SADB_EXT_ADDRESS_SRC] != NULL - && mhp[SADB_EXT_ADDRESS_DST] != NULL) { - struct sadb_address *src0, *dst0; - - src0 = (struct sadb_address *)(mhp[SADB_EXT_ADDRESS_SRC]); - dst0 = (struct sadb_address *)(mhp[SADB_EXT_ADDRESS_DST]); - - if (src0->sadb_address_proto != dst0->sadb_address_proto) { - __ipsec_errcode = EIPSEC_PROTO_MISMATCH; - return -1; - } - - if (PFKEY_ADDR_SADDR(src0)->sa_family - != PFKEY_ADDR_SADDR(dst0)->sa_family) { - __ipsec_errcode = EIPSEC_FAMILY_MISMATCH; - return -1; - } - - switch (PFKEY_ADDR_SADDR(src0)->sa_family) { - case AF_INET: - case AF_INET6: - break; - default: - __ipsec_errcode = EIPSEC_INVAL_FAMILY; - return -1; - } - - /* - * prefixlen == 0 is valid because there must be the case - * all addresses are matched. - */ - } - - __ipsec_errcode = EIPSEC_NO_ERROR; - return 0; -} - -/* - * set data into sadb_msg. - * `buf' must has been allocated sufficiently. - */ -static caddr_t -pfkey_setsadbmsg(buf, lim, type, tlen, satype, seq, pid) - caddr_t buf; - caddr_t lim; - u_int type, satype; - u_int tlen; - u_int32_t seq; - pid_t pid; -{ - struct sadb_msg *p; - u_int len; - - p = (struct sadb_msg *)buf; - len = sizeof(struct sadb_msg); - - if (buf + len > lim) - return NULL; - - memset(p, 0, len); - p->sadb_msg_version = PF_KEY_V2; - p->sadb_msg_type = type; - p->sadb_msg_errno = 0; - p->sadb_msg_satype = satype; - p->sadb_msg_len = PFKEY_UNIT64(tlen); - p->sadb_msg_reserved = 0; - p->sadb_msg_seq = seq; - p->sadb_msg_pid = (u_int32_t)pid; - - return(buf + len); -} - -/* - * copy secasvar data into sadb_address. - * `buf' must has been allocated sufficiently. - */ -static caddr_t -pfkey_setsadbsa(buf, lim, spi, wsize, auth, enc, flags) - caddr_t buf; - caddr_t lim; - u_int32_t spi, flags; - u_int wsize, auth, enc; -{ - struct sadb_sa *p; - u_int len; - - p = (struct sadb_sa *)buf; - len = sizeof(struct sadb_sa); - - if (buf + len > lim) - return NULL; - - memset(p, 0, len); - p->sadb_sa_len = PFKEY_UNIT64(len); - p->sadb_sa_exttype = SADB_EXT_SA; - p->sadb_sa_spi = spi; - p->sadb_sa_replay = wsize; - p->sadb_sa_state = SADB_SASTATE_LARVAL; - p->sadb_sa_auth = auth; - p->sadb_sa_encrypt = enc; - p->sadb_sa_flags = flags; - - return(buf + len); -} - -/* - * set data into sadb_address. - * `buf' must has been allocated sufficiently. - * prefixlen is in bits. - */ -static caddr_t -pfkey_setsadbaddr(buf, lim, exttype, saddr, prefixlen, ul_proto) - caddr_t buf; - caddr_t lim; - u_int exttype; - struct sockaddr *saddr; - u_int prefixlen; - u_int ul_proto; -{ - struct sadb_address *p; - u_int len; - - p = (struct sadb_address *)buf; - len = sizeof(struct sadb_address) + PFKEY_ALIGN8(saddr->sa_len); - - if (buf + len > lim) - return NULL; - - memset(p, 0, len); - p->sadb_address_len = PFKEY_UNIT64(len); - p->sadb_address_exttype = exttype & 0xffff; - p->sadb_address_proto = ul_proto & 0xff; - p->sadb_address_prefixlen = prefixlen; - p->sadb_address_reserved = 0; - - memcpy(p + 1, saddr, saddr->sa_len); - - return(buf + len); -} - -/* - * set sadb_key structure after clearing buffer with zero. - * OUT: the pointer of buf + len. - */ -static caddr_t -pfkey_setsadbkey(buf, lim, type, key, keylen) - caddr_t buf; - caddr_t lim; - caddr_t key; - u_int type, keylen; -{ - struct sadb_key *p; - u_int len; - - p = (struct sadb_key *)buf; - len = sizeof(struct sadb_key) + PFKEY_ALIGN8(keylen); - - if (buf + len > lim) - return NULL; - - memset(p, 0, len); - p->sadb_key_len = PFKEY_UNIT64(len); - p->sadb_key_exttype = type; - p->sadb_key_bits = keylen << 3; - p->sadb_key_reserved = 0; - - memcpy(p + 1, key, keylen); - - return buf + len; -} - -/* - * set sadb_lifetime structure after clearing buffer with zero. - * OUT: the pointer of buf + len. - */ -static caddr_t -pfkey_setsadblifetime(buf, lim, type, l_alloc, l_bytes, l_addtime, l_usetime) - caddr_t buf; - caddr_t lim; - u_int type; - u_int32_t l_alloc, l_bytes, l_addtime, l_usetime; -{ - struct sadb_lifetime *p; - u_int len; - - p = (struct sadb_lifetime *)buf; - len = sizeof(struct sadb_lifetime); - - if (buf + len > lim) - return NULL; - - memset(p, 0, len); - p->sadb_lifetime_len = PFKEY_UNIT64(len); - p->sadb_lifetime_exttype = type; - - switch (type) { - case SADB_EXT_LIFETIME_SOFT: - p->sadb_lifetime_allocations - = (l_alloc * soft_lifetime_allocations_rate) /100; - p->sadb_lifetime_bytes - = (l_bytes * soft_lifetime_bytes_rate) /100; - p->sadb_lifetime_addtime - = (l_addtime * soft_lifetime_addtime_rate) /100; - p->sadb_lifetime_usetime - = (l_usetime * soft_lifetime_usetime_rate) /100; - break; - case SADB_EXT_LIFETIME_HARD: - p->sadb_lifetime_allocations = l_alloc; - p->sadb_lifetime_bytes = l_bytes; - p->sadb_lifetime_addtime = l_addtime; - p->sadb_lifetime_usetime = l_usetime; - break; - } - - return buf + len; -} - -/* - * copy secasvar data into sadb_address. - * `buf' must has been allocated sufficiently. - */ -static caddr_t -pfkey_setsadbxsa2(buf, lim, mode0, reqid) - caddr_t buf; - caddr_t lim; - u_int32_t mode0; - u_int32_t reqid; -{ - struct sadb_x_sa2 *p; - u_int8_t mode = mode0 & 0xff; - u_int len; - - p = (struct sadb_x_sa2 *)buf; - len = sizeof(struct sadb_x_sa2); - - if (buf + len > lim) - return NULL; - - memset(p, 0, len); - p->sadb_x_sa2_len = PFKEY_UNIT64(len); - p->sadb_x_sa2_exttype = SADB_X_EXT_SA2; - p->sadb_x_sa2_mode = mode; - p->sadb_x_sa2_reqid = reqid; - - return(buf + len); -} diff --git a/racoonctl.tproj/pfkey_dump.c b/racoonctl.tproj/pfkey_dump.c deleted file mode 100644 index 485ed46..0000000 --- a/racoonctl.tproj/pfkey_dump.c +++ /dev/null @@ -1,596 +0,0 @@ -/* $FreeBSD: src/lib/libipsec/pfkey_dump.c,v 1.1.2.2 2001/07/03 11:01:15 ume Exp $ */ -/* $KAME: pfkey_dump.c,v 1.27 2001/03/12 09:03:38 itojun Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include -#include -#include -#include -#include -#include - -#include -#include -#include - -#include -#include -#include -#include -#include -#include - -#include "ipsec_strerror.h" -#include "libpfkey.h" - -/* cope with old kame headers - ugly */ -#ifndef SADB_X_AALG_MD5 -#define SADB_X_AALG_MD5 SADB_AALG_MD5 -#endif -#ifndef SADB_X_AALG_SHA -#define SADB_X_AALG_SHA SADB_AALG_SHA -#endif -#ifndef SADB_X_AALG_NULL -#define SADB_X_AALG_NULL SADB_AALG_NULL -#endif - -#ifndef SADB_X_EALG_BLOWFISHCBC -#define SADB_X_EALG_BLOWFISHCBC SADB_EALG_BLOWFISHCBC -#endif -#ifndef SADB_X_EALG_CAST128CBC -#define SADB_X_EALG_CAST128CBC SADB_EALG_CAST128CBC -#endif -#ifndef SADB_X_EALG_RC5CBC -#ifdef SADB_EALG_RC5CBC -#define SADB_X_EALG_RC5CBC SADB_EALG_RC5CBC -#endif -#endif - -#define GETMSGSTR(str, num) \ -do { \ - if (sizeof((str)[0]) == 0 \ - || num >= sizeof(str)/sizeof((str)[0])) \ - printf("%d ", (num)); \ - else if (strlen((str)[(num)]) == 0) \ - printf("%d ", (num)); \ - else \ - printf("%s ", (str)[(num)]); \ -} while (0) - -#define GETMSGV2S(v2s, num) \ -do { \ - struct val2str *p; \ - for (p = (v2s); p && p->str; p++) { \ - if (p->val == (num)) \ - break; \ - } \ - if (p && p->str) \ - printf("%s ", p->str); \ - else \ - printf("%d ", (num)); \ -} while (0) - -static char *str_ipaddr __P((struct sockaddr *)); -static char *str_prefport __P((u_int, u_int, u_int)); -static char *str_time __P((time_t)); -static void str_lifetime_byte __P((struct sadb_lifetime *, char *)); - -struct val2str { - int val; - const char *str; -}; - -/* - * Must to be re-written about following strings. - */ -static char *str_satype[] = { - "unspec", - "unknown", - "ah", - "esp", - "unknown", - "rsvp", - "ospfv2", - "ripv2", - "mip", - "ipcomp", -}; - -static char *str_mode[] = { - "any", - "transport", - "tunnel", -}; - -static char *str_upper[] = { -/*0*/ "ip", "icmp", "igmp", "ggp", "ip4", - "", "tcp", "", "egp", "", -/*10*/ "", "", "", "", "", - "", "", "udp", "", "", -/*20*/ "", "", "idp", "", "", - "", "", "", "", "tp", -/*30*/ "", "", "", "", "", - "", "", "", "", "", -/*40*/ "", "ip6", "", "rt6", "frag6", - "", "rsvp", "gre", "", "", -/*50*/ "esp", "ah", "", "", "", - "", "", "", "icmp6", "none", -/*60*/ "dst6", -}; - -static char *str_state[] = { - "larval", - "mature", - "dying", - "dead", -}; - -static struct val2str str_alg_auth[] = { - { SADB_AALG_NONE, "none", }, - { SADB_AALG_MD5HMAC, "hmac-md5", }, - { SADB_AALG_SHA1HMAC, "hmac-sha1", }, - { SADB_X_AALG_MD5, "md5", }, - { SADB_X_AALG_SHA, "sha", }, - { SADB_X_AALG_NULL, "null", }, -#ifdef SADB_X_AALG_SHA2_256 - { SADB_X_AALG_SHA2_256, "hmac-sha2-256", }, -#endif -#ifdef SADB_X_AALG_SHA2_384 - { SADB_X_AALG_SHA2_384, "hmac-sha2-384", }, -#endif -#ifdef SADB_X_AALG_SHA2_512 - { SADB_X_AALG_SHA2_512, "hmac-sha2-512", }, -#endif - { -1, NULL, }, -}; - -static struct val2str str_alg_enc[] = { - { SADB_EALG_NONE, "none", }, - { SADB_EALG_DESCBC, "des-cbc", }, - { SADB_EALG_3DESCBC, "3des-cbc", }, - { SADB_EALG_NULL, "null", }, -#ifdef SADB_X_EALG_RC5CBC - { SADB_X_EALG_RC5CBC, "rc5-cbc", }, -#endif - { SADB_X_EALG_CAST128CBC, "cast128-cbc", }, - { SADB_X_EALG_BLOWFISHCBC, "blowfish-cbc", }, -#ifdef SADB_X_EALG_RIJNDAELCBC - { SADB_X_EALG_RIJNDAELCBC, "rijndael-cbc", }, -#endif -#ifdef SADB_X_EALG_TWOFISHCBC - { SADB_X_EALG_TWOFISHCBC, "twofish-cbc", }, -#endif - { -1, NULL, }, -}; - -static struct val2str str_alg_comp[] = { - { SADB_X_CALG_NONE, "none", }, - { SADB_X_CALG_OUI, "oui", }, - { SADB_X_CALG_DEFLATE, "deflate", }, - { SADB_X_CALG_LZS, "lzs", }, - { -1, NULL, }, -}; - -/* - * dump SADB_MSG formated. For debugging, you should use kdebug_sadb(). - */ -void -pfkey_sadump(m) - struct sadb_msg *m; -{ - caddr_t mhp[SADB_EXT_MAX + 1]; - struct sadb_sa *m_sa; - struct sadb_x_sa2 *m_sa2; - struct sadb_lifetime *m_lftc, *m_lfth, *m_lfts; - struct sadb_address *m_saddr, *m_daddr, *m_paddr; - struct sadb_key *m_auth, *m_enc; - struct sadb_ident *m_sid, *m_did; - struct sadb_sens *m_sens; - - /* check pfkey message. */ - if (pfkey_align(m, mhp)) { - printf("%s\n", ipsec_strerror()); - return; - } - if (pfkey_check(mhp)) { - printf("%s\n", ipsec_strerror()); - return; - } - - m_sa = (struct sadb_sa *)mhp[SADB_EXT_SA]; - m_sa2 = (struct sadb_x_sa2 *)mhp[SADB_X_EXT_SA2]; - m_lftc = (struct sadb_lifetime *)mhp[SADB_EXT_LIFETIME_CURRENT]; - m_lfth = (struct sadb_lifetime *)mhp[SADB_EXT_LIFETIME_HARD]; - m_lfts = (struct sadb_lifetime *)mhp[SADB_EXT_LIFETIME_SOFT]; - m_saddr = (struct sadb_address *)mhp[SADB_EXT_ADDRESS_SRC]; - m_daddr = (struct sadb_address *)mhp[SADB_EXT_ADDRESS_DST]; - m_paddr = (struct sadb_address *)mhp[SADB_EXT_ADDRESS_PROXY]; - m_auth = (struct sadb_key *)mhp[SADB_EXT_KEY_AUTH]; - m_enc = (struct sadb_key *)mhp[SADB_EXT_KEY_ENCRYPT]; - m_sid = (struct sadb_ident *)mhp[SADB_EXT_IDENTITY_SRC]; - m_did = (struct sadb_ident *)mhp[SADB_EXT_IDENTITY_DST]; - m_sens = (struct sadb_sens *)mhp[SADB_EXT_SENSITIVITY]; - - /* source address */ - if (m_saddr == NULL) { - printf("no ADDRESS_SRC extension.\n"); - return; - } - printf("%s ", str_ipaddr((struct sockaddr *)(m_saddr + 1))); - - /* destination address */ - if (m_daddr == NULL) { - printf("no ADDRESS_DST extension.\n"); - return; - } - printf("%s ", str_ipaddr((struct sockaddr *)(m_daddr + 1))); - - /* SA type */ - if (m_sa == NULL) { - printf("no SA extension.\n"); - return; - } - if (m_sa2 == NULL) { - printf("no SA2 extension.\n"); - return; - } - printf("\n\t"); - - GETMSGSTR(str_satype, m->sadb_msg_satype); - - printf("mode="); - GETMSGSTR(str_mode, m_sa2->sadb_x_sa2_mode); - - printf("spi=%u(0x%08x) reqid=%u(0x%08x)\n", - (u_int32_t)ntohl(m_sa->sadb_sa_spi), - (u_int32_t)ntohl(m_sa->sadb_sa_spi), - (u_int32_t)m_sa2->sadb_x_sa2_reqid, - (u_int32_t)m_sa2->sadb_x_sa2_reqid); - - /* encryption key */ - if (m->sadb_msg_satype == SADB_X_SATYPE_IPCOMP) { - printf("\tC: "); - GETMSGV2S(str_alg_comp, m_sa->sadb_sa_encrypt); - } else if (m->sadb_msg_satype == SADB_SATYPE_ESP) { - if (m_enc != NULL) { - printf("\tE: "); - GETMSGV2S(str_alg_enc, m_sa->sadb_sa_encrypt); - ipsec_hexdump((caddr_t)m_enc + sizeof(*m_enc), - m_enc->sadb_key_bits / 8); - printf("\n"); - } - } - - /* authentication key */ - if (m_auth != NULL) { - printf("\tA: "); - GETMSGV2S(str_alg_auth, m_sa->sadb_sa_auth); - ipsec_hexdump((caddr_t)m_auth + sizeof(*m_auth), - m_auth->sadb_key_bits / 8); - printf("\n"); - } - - /* replay windoe size & flags */ - printf("\treplay=%u flags=0x%08x ", - m_sa->sadb_sa_replay, - m_sa->sadb_sa_flags); - - /* state */ - printf("state="); - GETMSGSTR(str_state, m_sa->sadb_sa_state); - - printf("seq=%lu pid=%lu\n", - (u_long)m->sadb_msg_seq, - (u_long)m->sadb_msg_pid); - - /* lifetime */ - if (m_lftc != NULL) { - time_t tmp_time = time(0); - - printf("\tcreated: %s", - str_time(m_lftc->sadb_lifetime_addtime)); - printf("\tcurrent: %s\n", str_time(tmp_time)); - printf("\tdiff: %lu(s)", - (u_long)(m_lftc->sadb_lifetime_addtime == 0 ? - 0 : (tmp_time - m_lftc->sadb_lifetime_addtime))); - - printf("\thard: %lu(s)", - (u_long)(m_lfth == NULL ? - 0 : m_lfth->sadb_lifetime_addtime)); - printf("\tsoft: %lu(s)\n", - (u_long)(m_lfts == NULL ? - 0 : m_lfts->sadb_lifetime_addtime)); - - printf("\tlast: %s", - str_time(m_lftc->sadb_lifetime_usetime)); - printf("\thard: %lu(s)", - (u_long)(m_lfth == NULL ? - 0 : m_lfth->sadb_lifetime_usetime)); - printf("\tsoft: %lu(s)\n", - (u_long)(m_lfts == NULL ? - 0 : m_lfts->sadb_lifetime_usetime)); - - str_lifetime_byte(m_lftc, "current"); - str_lifetime_byte(m_lfth, "hard"); - str_lifetime_byte(m_lfts, "soft"); - printf("\n"); - - printf("\tallocated: %lu", - (unsigned long)m_lftc->sadb_lifetime_allocations); - printf("\thard: %lu", - (u_long)(m_lfth == NULL ? - 0 : m_lfth->sadb_lifetime_allocations)); - printf("\tsoft: %lu\n", - (u_long)(m_lfts == NULL ? - 0 : m_lfts->sadb_lifetime_allocations)); - } - - /* XXX DEBUG */ - printf("\trefcnt=%u\n", m->sadb_msg_reserved); - - return; -} - -void -pfkey_spdump(m) - struct sadb_msg *m; -{ - char pbuf[NI_MAXSERV]; - caddr_t mhp[SADB_EXT_MAX + 1]; - struct sadb_address *m_saddr, *m_daddr; - struct sadb_x_policy *m_xpl; - struct sadb_lifetime *m_lft = NULL; - struct sockaddr *sa; - u_int16_t port; - - /* check pfkey message. */ - if (pfkey_align(m, mhp)) { - printf("%s\n", ipsec_strerror()); - return; - } - if (pfkey_check(mhp)) { - printf("%s\n", ipsec_strerror()); - return; - } - - m_saddr = (struct sadb_address *)mhp[SADB_EXT_ADDRESS_SRC]; - m_daddr = (struct sadb_address *)mhp[SADB_EXT_ADDRESS_DST]; - m_xpl = (struct sadb_x_policy *)mhp[SADB_X_EXT_POLICY]; - m_lft = (struct sadb_lifetime *)mhp[SADB_EXT_LIFETIME_HARD]; - - /* source address */ - if (m_saddr == NULL) { - printf("no ADDRESS_SRC extension.\n"); - return; - } - sa = (struct sockaddr *)(m_saddr + 1); - switch (sa->sa_family) { - case AF_INET: - case AF_INET6: - if (getnameinfo(sa, sa->sa_len, NULL, 0, pbuf, sizeof(pbuf), - NI_NUMERICSERV) != 0) - port = 0; /*XXX*/ - else - port = atoi(pbuf); - printf("%s%s ", str_ipaddr(sa), - str_prefport(sa->sa_family, - m_saddr->sadb_address_prefixlen, port)); - break; - default: - printf("unknown-af "); - break; - } - - /* destination address */ - if (m_daddr == NULL) { - printf("no ADDRESS_DST extension.\n"); - return; - } - sa = (struct sockaddr *)(m_daddr + 1); - switch (sa->sa_family) { - case AF_INET: - case AF_INET6: - if (getnameinfo(sa, sa->sa_len, NULL, 0, pbuf, sizeof(pbuf), - NI_NUMERICSERV) != 0) - port = 0; /*XXX*/ - else - port = atoi(pbuf); - printf("%s%s ", str_ipaddr(sa), - str_prefport(sa->sa_family, - m_daddr->sadb_address_prefixlen, port)); - break; - default: - printf("unknown-af "); - break; - } - - /* upper layer protocol */ - if (m_saddr->sadb_address_proto != m_daddr->sadb_address_proto) { - printf("upper layer protocol mismatched.\n"); - return; - } - if (m_saddr->sadb_address_proto == IPSEC_ULPROTO_ANY) - printf("any"); - else - GETMSGSTR(str_upper, m_saddr->sadb_address_proto); - - /* policy */ - { - char *d_xpl; - - if (m_xpl == NULL) { - printf("no X_POLICY extension.\n"); - return; - } - d_xpl = ipsec_dump_policy((char *)m_xpl, "\n\t"); - - /* dump SPD */ - printf("\n\t%s\n", d_xpl); - free(d_xpl); - } - - /* lifetime */ - if (m_lft) { - printf("\tlifetime:%lu validtime:%lu\n", - (u_long)m_lft->sadb_lifetime_addtime, - (u_long)m_lft->sadb_lifetime_usetime); - } - - printf("\tspid=%ld seq=%ld pid=%ld\n", - (u_long)m_xpl->sadb_x_policy_id, - (u_long)m->sadb_msg_seq, - (u_long)m->sadb_msg_pid); - - /* XXX TEST */ - printf("\trefcnt=%u\n", m->sadb_msg_reserved); - - return; -} - -/* - * set "ipaddress" to buffer. - */ -static char * -str_ipaddr(sa) - struct sockaddr *sa; -{ - static char buf[NI_MAXHOST]; -#ifdef NI_WITHSCOPEID - const int niflag = NI_NUMERICHOST | NI_WITHSCOPEID; -#else - const int niflag = NI_NUMERICHOST; -#endif - - if (sa == NULL) - return ""; - - if (getnameinfo(sa, sa->sa_len, buf, sizeof(buf), NULL, 0, niflag) == 0) - return buf; - return NULL; -} - -/* - * set "/prefix[port number]" to buffer. - */ -static char * -str_prefport(family, pref, port) - u_int family, pref, port; -{ - static char buf[128]; - char prefbuf[10]; - char portbuf[10]; - int plen; - - switch (family) { - case AF_INET: - plen = sizeof(struct in_addr) << 3; - break; - case AF_INET6: - plen = sizeof(struct in6_addr) << 3; - break; - default: - return "?"; - } - - if (pref == plen) - prefbuf[0] = '\0'; - else - snprintf(prefbuf, sizeof(prefbuf), "/%u", pref); - - if (port == IPSEC_PORT_ANY) - snprintf(portbuf, sizeof(portbuf), "[%s]", "any"); - else - snprintf(portbuf, sizeof(portbuf), "[%u]", port); - - snprintf(buf, sizeof(buf), "%s%s", prefbuf, portbuf); - - return buf; -} - -/* - * set "Mon Day Time Year" to buffer - */ -static char * -str_time(t) - time_t t; -{ - static char buf[128]; - - if (t == 0) { - int i = 0; - for (;i < 20;) buf[i++] = ' '; - } else { - char *t0; - t0 = ctime(&t); - memcpy(buf, t0 + 4, 20); - } - - buf[20] = '\0'; - - return(buf); -} - -static void -str_lifetime_byte(x, str) - struct sadb_lifetime *x; - char *str; -{ - double y; - char *unit; - int w; - - if (x == NULL) { - printf("\t%s: 0(bytes)", str); - return; - } - -#if 0 - if ((x->sadb_lifetime_bytes) / 1024 / 1024) { - y = (x->sadb_lifetime_bytes) * 1.0 / 1024 / 1024; - unit = "M"; - w = 1; - } else if ((x->sadb_lifetime_bytes) / 1024) { - y = (x->sadb_lifetime_bytes) * 1.0 / 1024; - unit = "K"; - w = 1; - } else { - y = (x->sadb_lifetime_bytes) * 1.0; - unit = ""; - w = 0; - } -#else - y = (x->sadb_lifetime_bytes) * 1.0; - unit = ""; - w = 0; -#endif - printf("\t%s: %.*f(%sbytes)", str, w, y, unit); -} diff --git a/racoonctl.tproj/str2val.c b/racoonctl.tproj/str2val.c deleted file mode 100644 index 72aee51..0000000 --- a/racoonctl.tproj/str2val.c +++ /dev/null @@ -1,122 +0,0 @@ -/* $KAME: str2val.c,v 1.10 2001/04/03 15:51:57 thorpej Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include -#include - -#include -#include - -#include "str2val.h" -#include "gcmalloc.h" - -/* - * exchange a value to a hex string. - * must free buffer allocated later. - */ -caddr_t -val2str(buf, mlen) - const char *buf; - size_t mlen; -{ - caddr_t new; - size_t len = (mlen * 2) + mlen / 8 + 10; - size_t i, j; - - if ((new = racoon_malloc(len)) == 0) return(0); - - for (i = 0, j = 0; i < mlen; i++) { - snprintf(&new[j], len - j, "%02x", (u_char)buf[i]); - j += 2; - if (i % 8 == 7) { - new[j++] = ' '; - new[j] = '\0'; - } - } - new[j] = '\0'; - - return(new); -} - -/* - * exchange a string based "base" to a value. - */ -char * -str2val(str, base, len) - const char *str; - int base; - size_t *len; -{ - int f; - size_t i; - char *dst; - char *rp; - const char *p; - char b[3]; - - i = 0; - for (p = str; *p != '\0'; p++) { - if (isxdigit(*p)) - i++; - else if (isspace(*p)) - ; - else - return NULL; - } - if (i == 0 || (i % 2) != 0) - return NULL; - i /= 2; - - if ((dst = racoon_malloc(i)) == NULL) - return NULL; - - i = 0; - f = 0; - for (rp = dst, p = str; *p != '\0'; p++) { - if (isxdigit(*p)) { - if (!f) { - b[0] = *p; - f = 1; - } else { - b[1] = *p; - b[2] = '\0'; - *rp++ = (char)strtol(b, NULL, base); - i++; - f = 0; - } - } - } - - *len = i; - - return(dst); -} diff --git a/racoonctl.tproj/vmbuf.c b/racoonctl.tproj/vmbuf.c deleted file mode 100644 index cdb4110..0000000 --- a/racoonctl.tproj/vmbuf.c +++ /dev/null @@ -1,115 +0,0 @@ -/* $KAME: vmbuf.c,v 1.10 2001/04/03 15:51:57 thorpej Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#define NONEED_DRM -#include -#include - -#include -#include -#include - -#include "var.h" -#include "misc.h" -#include "vmbuf.h" -#include "debug.h" -#include "gcmalloc.h" - -vchar_t * -vmalloc(size) - size_t size; -{ - vchar_t *var; - - if ((var = (vchar_t *)racoon_malloc(sizeof(*var))) == NULL) - return NULL; - - var->l = size; - var->v = (caddr_t)racoon_calloc(1, size); - if (var->v == NULL) { - (void)racoon_free(var); - return NULL; - } - - return var; -} - -vchar_t * -vrealloc(ptr, size) - vchar_t *ptr; - size_t size; -{ - caddr_t v; - - if (ptr != NULL) { - if ((v = (caddr_t)racoon_realloc(ptr->v, size)) == NULL) { - (void)vfree(ptr); - return NULL; - } - memset(v + ptr->l, 0, size - ptr->l); - ptr->v = v; - ptr->l = size; - } else { - if ((ptr = vmalloc(size)) == NULL) - return NULL; - } - - return ptr; -} - -void -vfree(var) - vchar_t *var; -{ - if (var == NULL) - return; - - if (var->v) - (void)racoon_free(var->v); - - (void)racoon_free(var); - - return; -} - -vchar_t * -vdup(src) - vchar_t *src; -{ - vchar_t *new; - - if ((new = vmalloc(src->l)) == NULL) - return NULL; - - memcpy(new->v, src->v, src->l); - - return new; -} diff --git a/racoonctl.tproj/vmbuf.h b/racoonctl.tproj/vmbuf.h deleted file mode 100644 index bec394b..0000000 --- a/racoonctl.tproj/vmbuf.h +++ /dev/null @@ -1,63 +0,0 @@ -/* $KAME: vmbuf.h,v 1.7 2000/10/04 17:41:05 itojun Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * bp v - * v v - * ........................ - * <--------------> l - * <----------------------> bl - */ -typedef struct _vchar_t_ { -#if notyet - u_int32_t t; /* type of the value */ - vchar_t *n; /* next vchar_t buffer */ - size_t bl; /* length of the buffer */ - caddr_t bp; /* pointer to the buffer */ -#endif - size_t l; /* length of the value */ - caddr_t v; /* place holder to the pointer to the value */ -} vchar_t; - -#define VPTRINIT(p) \ -do { \ - if (p) { \ - vfree(p); \ - (p) = NULL; \ - } \ -} while(0); - -#define vfree vmbuf_free - -extern vchar_t *vmalloc __P((size_t)); -extern vchar_t *vrealloc __P((vchar_t *, size_t)); -extern void vfree __P((vchar_t *)); -extern vchar_t *vdup __P((vchar_t *)); diff --git a/rarpd.tproj/rarpd.c b/rarpd.tproj/rarpd.c index 890be78..cb3f2dd 100644 --- a/rarpd.tproj/rarpd.c +++ b/rarpd.tproj/rarpd.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/rcp.tproj/extern.h b/rcp.tproj/extern.h index 706251f..3c20d43 100644 --- a/rcp.tproj/extern.h +++ b/rcp.tproj/extern.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/rcp.tproj/pathnames.h b/rcp.tproj/pathnames.h index a93c4e6..9d207d9 100644 --- a/rcp.tproj/pathnames.h +++ b/rcp.tproj/pathnames.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/rcp.tproj/rcp.c b/rcp.tproj/rcp.c index 579f328..d9cf956 100644 --- a/rcp.tproj/rcp.c +++ b/rcp.tproj/rcp.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/rcp.tproj/util.c b/rcp.tproj/util.c index 7ee6866..a83035c 100644 --- a/rcp.tproj/util.c +++ b/rcp.tproj/util.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/revnetgroup.tproj/Makefile.postamble b/revnetgroup.tproj/Makefile.postamble index 509e7f5..159b0ca 100644 --- a/revnetgroup.tproj/Makefile.postamble +++ b/revnetgroup.tproj/Makefile.postamble @@ -99,3 +99,7 @@ STRIPFLAGS = # owned by the top-level Makefile API and no context has been set up for where # derived files should go. # + +install-man-page: + install -d $(DSTROOT)/usr/share/man/man8 + install -c -m 444 revnetgroup.8 $(DSTROOT)/usr/share/man/man8/revnetgroup.8 diff --git a/revnetgroup.tproj/Makefile.preamble b/revnetgroup.tproj/Makefile.preamble index 83f25c7..e48625d 100644 --- a/revnetgroup.tproj/Makefile.preamble +++ b/revnetgroup.tproj/Makefile.preamble @@ -121,3 +121,5 @@ # This definition will suppress stripping of debug symbols when an executable # is installed. By default it is YES. # STRIP_ON_INSTALL = NO + +AFTER_INSTALL += install-man-page diff --git a/revnetgroup.tproj/hash.c b/revnetgroup.tproj/hash.c index 9aee4bd..f54a48f 100644 --- a/revnetgroup.tproj/hash.c +++ b/revnetgroup.tproj/hash.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/revnetgroup.tproj/hash.h b/revnetgroup.tproj/hash.h index 822c9e0..b8308f9 100644 --- a/revnetgroup.tproj/hash.h +++ b/revnetgroup.tproj/hash.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/revnetgroup.tproj/parse_netgroup.c b/revnetgroup.tproj/parse_netgroup.c index 0d1e07a..c9dab0f 100644 --- a/revnetgroup.tproj/parse_netgroup.c +++ b/revnetgroup.tproj/parse_netgroup.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/revnetgroup.tproj/revnetgroup.c b/revnetgroup.tproj/revnetgroup.c index a45db99..bc24bd7 100644 --- a/revnetgroup.tproj/revnetgroup.c +++ b/revnetgroup.tproj/revnetgroup.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/rexecd.tproj/rexecd.c b/rexecd.tproj/rexecd.c index ec9e009..e54cde6 100644 --- a/rexecd.tproj/rexecd.c +++ b/rexecd.tproj/rexecd.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/rlogin.tproj/des_rw.c b/rlogin.tproj/des_rw.c index 4e056cf..cd1729e 100644 --- a/rlogin.tproj/des_rw.c +++ b/rlogin.tproj/des_rw.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/rlogin.tproj/kcmd.c b/rlogin.tproj/kcmd.c index 1482dda..0f8e6e3 100644 --- a/rlogin.tproj/kcmd.c +++ b/rlogin.tproj/kcmd.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/rlogin.tproj/krb.h b/rlogin.tproj/krb.h index 10b6dca..5337052 100644 --- a/rlogin.tproj/krb.h +++ b/rlogin.tproj/krb.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/rlogin.tproj/krcmd.c b/rlogin.tproj/krcmd.c index 8f7710e..d5cab34 100644 --- a/rlogin.tproj/krcmd.c +++ b/rlogin.tproj/krcmd.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/rlogin.tproj/rlogin.c b/rlogin.tproj/rlogin.c index b819699..c03229f 100644 --- a/rlogin.tproj/rlogin.c +++ b/rlogin.tproj/rlogin.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/rlogind.tproj/pathnames.h b/rlogind.tproj/pathnames.h index b9a57fa..23b2f3f 100644 --- a/rlogind.tproj/pathnames.h +++ b/rlogind.tproj/pathnames.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/rlogind.tproj/rlogind.c b/rlogind.tproj/rlogind.c index 4cb0575..8f1a346 100644 --- a/rlogind.tproj/rlogind.c +++ b/rlogind.tproj/rlogind.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/route.tproj/keywords.h b/route.tproj/keywords.h index 84e5531..0cc369f 100644 --- a/route.tproj/keywords.h +++ b/route.tproj/keywords.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/route.tproj/route.c b/route.tproj/route.c index 4e8b4ee..259c50f 100644 --- a/route.tproj/route.c +++ b/route.tproj/route.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ @@ -65,7 +66,7 @@ static const char copyright[] = static char sccsid[] = "@(#)route.c 8.3 (Berkeley) 3/19/94"; #endif static const char rcsid[] = - "$Id: route.c,v 1.2 2002/03/05 20:35:16 lindak Exp $"; + "$Id: route.c,v 1.3 2003/01/07 21:03:05 bbraun Exp $"; #endif /* not lint */ #include @@ -790,6 +791,16 @@ newroute(argc, argv) flags |= RTF_HOST; if (iflag == 0) flags |= RTF_GATEWAY; + if (so_mask.sin.sin_family == AF_INET) { + // make sure the mask is contiguous + long i; + for (i = 0; i < 32; i++) + if (((so_mask.sin.sin_addr.s_addr) & ntohl((1 << i))) != 0) + break; + for (; i < 32; i++) + if (((so_mask.sin.sin_addr.s_addr) & ntohl((1 << i))) == 0) + errx(EX_NOHOST, "invalid mask: %s", inet_ntoa(so_mask.sin.sin_addr)); + } for (attempts = 1; ; attempts++) { errno = 0; if ((ret = rtmsg(*cmd, flags)) == 0) diff --git a/routed.tproj/af.c b/routed.tproj/af.c index a879b6c..ae8aaeb 100644 --- a/routed.tproj/af.c +++ b/routed.tproj/af.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/routed.tproj/af.h b/routed.tproj/af.h index 02f48b0..ed74f54 100644 --- a/routed.tproj/af.h +++ b/routed.tproj/af.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/routed.tproj/defs.c b/routed.tproj/defs.c index 5b176bc..3cf5dd2 100644 --- a/routed.tproj/defs.c +++ b/routed.tproj/defs.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/routed.tproj/defs.h b/routed.tproj/defs.h index fad0ae1..d05e349 100644 --- a/routed.tproj/defs.h +++ b/routed.tproj/defs.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/routed.tproj/if.c b/routed.tproj/if.c index 5235d58..7bb035f 100644 --- a/routed.tproj/if.c +++ b/routed.tproj/if.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/routed.tproj/inet.c b/routed.tproj/inet.c index ef194a8..abdb24e 100644 --- a/routed.tproj/inet.c +++ b/routed.tproj/inet.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/routed.tproj/input.c b/routed.tproj/input.c index d39615f..443a495 100644 --- a/routed.tproj/input.c +++ b/routed.tproj/input.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/routed.tproj/interface.h b/routed.tproj/interface.h index 8e2df84..0f9baa1 100644 --- a/routed.tproj/interface.h +++ b/routed.tproj/interface.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/routed.tproj/main.c b/routed.tproj/main.c index 43597a5..d1d6fac 100644 --- a/routed.tproj/main.c +++ b/routed.tproj/main.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/routed.tproj/output.c b/routed.tproj/output.c index 168c320..152aba4 100644 --- a/routed.tproj/output.c +++ b/routed.tproj/output.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/routed.tproj/pathnames.h b/routed.tproj/pathnames.h index 12482f7..4e87b53 100644 --- a/routed.tproj/pathnames.h +++ b/routed.tproj/pathnames.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/routed.tproj/routed.8 b/routed.tproj/routed.8 index e45f9fe..7102342 100644 --- a/routed.tproj/routed.8 +++ b/routed.tproj/routed.8 @@ -120,10 +120,6 @@ is an effective way to steer traffic. Responses do not contain routes with a first hop on the requesting network to implement in part .Em split-horizon . -Requests from query programs -such as -.Xr rtquery 8 -are answered with the complete table. .Pp The routing table maintained by the daemon includes space for several gateways for each destination @@ -308,9 +304,7 @@ with the .Em SIGUSR1 or .Em SIGUSR2 -signals or with the -.Xr rtquery -command. +signals. .It Fl F Ar net[/mask][,metric] minimize routes in transmissions via interfaces with addresses that match .Em net/mask , @@ -516,7 +510,7 @@ acts purely as a router discovery daemon. .Cm No_rip is equivalent to .Cm no_ripv1_in no_ripv2_in no_ripv1_out no_ripv2_out . - +.Pp Note that turning off RIP without explicitly turning on router discovery advertisements with .Cm rdisc_adv @@ -582,11 +576,8 @@ to infer the netmask used by the remote system when RIPv1 is used. for distant gateways .El .Sh SEE ALSO -.Xr gated 8 , .Xr udp 4 , -.Xr icmp 4 , -.Xr htable 8 , -.Xr rtquery 8 . +.Xr icmp 4 . .Rs .%T Internet Transport Protocols .%R XSIS 028112 diff --git a/routed.tproj/startup.c b/routed.tproj/startup.c index c183ac6..9b76857 100644 --- a/routed.tproj/startup.c +++ b/routed.tproj/startup.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/routed.tproj/table.h b/routed.tproj/table.h index 3e0246d..f21ca78 100644 --- a/routed.tproj/table.h +++ b/routed.tproj/table.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/routed.tproj/tables.c b/routed.tproj/tables.c index f9ade65..8719d31 100644 --- a/routed.tproj/tables.c +++ b/routed.tproj/tables.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/routed.tproj/timer.c b/routed.tproj/timer.c index cf8e3ba..dfa9436 100644 --- a/routed.tproj/timer.c +++ b/routed.tproj/timer.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/routed.tproj/trace.c b/routed.tproj/trace.c index 8695cf9..ef31d21 100644 --- a/routed.tproj/trace.c +++ b/routed.tproj/trace.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/routed.tproj/trace.h b/routed.tproj/trace.h index aa7f753..832ad62 100644 --- a/routed.tproj/trace.h +++ b/routed.tproj/trace.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/rpc_lockd.tproj/Makefile b/rpc_lockd.tproj/Makefile new file mode 100644 index 0000000..960d126 --- /dev/null +++ b/rpc_lockd.tproj/Makefile @@ -0,0 +1,46 @@ +# +# Generated by the NeXT Project Builder. +# +# NOTE: Do NOT change this file -- Project Builder maintains it. +# +# Put all of your customizations in files called Makefile.preamble +# and Makefile.postamble (both optional), and Makefile will include them. +# + +NAME = rpc.lockd + +PROJECTVERSION = 2.6 +PROJECT_TYPE = Tool +LANGUAGE = English + +HFILES = lockd.h lockd_lock.h + +CFILES = kern.c lock_proc.c lockd.c lockd_lock.c nlm_prot_svc.c\ + nlm_prot_xdr.c sm_inter_xdr.c + +OTHERSRCS = Makefile.dist Makefile.preamble Makefile Makefile.postamble\ + test.c rpc.lockd.8 + + +MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles +CODE_GEN_STYLE = DYNAMIC +MAKEFILE = tool.make +NEXTSTEP_INSTALLDIR = /usr/sbin +WINDOWS_INSTALLDIR = /usr/sbin +PDO_UNIX_INSTALLDIR = /usr/sbin +LIBS = +DEBUG_LIBS = $(LIBS) +PROF_LIBS = $(LIBS) + +PB_CFLAGS = + + +include $(MAKEFILEDIR)/platform.make + +-include Makefile.preamble + +include $(MAKEFILEDIR)/$(MAKEFILE) + +-include Makefile.postamble + +-include Makefile.dependencies diff --git a/rpc_lockd.tproj/Makefile.dist b/rpc_lockd.tproj/Makefile.dist new file mode 100644 index 0000000..dc61e02 --- /dev/null +++ b/rpc_lockd.tproj/Makefile.dist @@ -0,0 +1,32 @@ +# $NetBSD: Makefile,v 1.12 2000/08/07 16:23:31 thorpej Exp $ +# $FreeBSD: src/usr.sbin/rpc.lockd/Makefile,v 1.17 2002/03/22 19:50:58 alfred Exp $ + +PROG= rpc.lockd +MAN= rpc.lockd.8 +MLINKS= rpc.lockd.8 lockd.8 +SRCS= kern.c nlm_prot_svc.c lockd.c lock_proc.c lockd_lock.c +NO_WERROR= YES +WARNS?= 4 + +CFLAGS+= -I. -I${DESTDIR}/usr/include/rpcsvc + +DPADD= ${LIBRPCSVC} ${LIBUTIL} +LDADD= -lrpcsvc -lutil + +CLEANFILES= nlm_prot_svc.c nlm_prot.h test + +RPCSRC= ${DESTDIR}/usr/include/rpcsvc/nlm_prot.x +RPCGEN= rpcgen -L -C + +nlm_prot_svc.c: ${RPCSRC} + ${RPCGEN} -m -o ${.TARGET} ${RPCSRC} + +nlm_prot.h: ${RPCSRC} + ${RPCGEN} -h -o ${.TARGET} ${RPCSRC} + +test: ${.CURDIR}/test.c + cc -o test ${.CURDIR}/test.c -lrpcsvc + +LDADD= -lrpcsvc + +.include diff --git a/rpc_lockd.tproj/Makefile.postamble b/rpc_lockd.tproj/Makefile.postamble new file mode 100644 index 0000000..2119949 --- /dev/null +++ b/rpc_lockd.tproj/Makefile.postamble @@ -0,0 +1,3 @@ +install-man-page: + install -d $(DSTROOT)/usr/share/man/man8 + install -c -m 644 rpc.lockd.8 $(DSTROOT)/usr/share/man/man8/rpc.lockd.8 diff --git a/identd.tproj/Makefile.preamble b/rpc_lockd.tproj/Makefile.preamble similarity index 66% rename from identd.tproj/Makefile.preamble rename to rpc_lockd.tproj/Makefile.preamble index dc05194..263ad05 100644 --- a/identd.tproj/Makefile.preamble +++ b/rpc_lockd.tproj/Makefile.preamble @@ -1,2 +1,3 @@ OTHER_GENERATED_OFILES = $(VERS_OFILE) -include ../Makefile.include +AFTER_INSTALL += install-man-page diff --git a/rpc_lockd.tproj/PB.project b/rpc_lockd.tproj/PB.project new file mode 100644 index 0000000..80f4ac2 --- /dev/null +++ b/rpc_lockd.tproj/PB.project @@ -0,0 +1,39 @@ +{ + BUILDDIR = ""; + BUILDTOOL = /bin/gnumake; + FILESTABLE = { + C_FILES = (); + H_FILES = ( + lockd.h, + lockd_lock.h + ); + M_FILES = (); + OTHER_LIBS = (); + OTHER_LINKED = ( + kern.c, + lock_proc.c, + lockd.c, + lockd_lock.c, + nlm_prot_svc.c, + nlm_prot_xdr.c, + sm_inter_xdr.c + ); + OTHER_SOURCES = ( + Makefile.dist, + Makefile.preamble, + Makefile, + Makefile.postamble, + test.c, + rpc.lockd.8 + ); + SUBPROJECTS = (); + }; + LANGUAGE = English; + LOCALIZABLE_FILES = {}; + NEXTSTEP_INSTALLDIR = /usr/sbin; + PDO_UNIX_INSTALLDIR = /usr/sbin; + PROJECTNAME = rpc.lockd; + PROJECTTYPE = Tool; + PROJECTVERSION = 2.6; + WINDOWS_INSTALLDIR = /usr/sbin; +} diff --git a/rpc_lockd.tproj/kern.c b/rpc_lockd.tproj/kern.c new file mode 100644 index 0000000..cd4213d --- /dev/null +++ b/rpc_lockd.tproj/kern.c @@ -0,0 +1,639 @@ +/*- + * Copyright (c) 1997 Berkeley Software Design, Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Berkeley Software Design Inc's name may not be used to endorse or + * promote products derived from this software without specific prior + * written permission. + * + * THIS SOFTWARE IS PROVIDED BY BERKELEY SOFTWARE DESIGN INC ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL BERKELEY SOFTWARE DESIGN INC BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * from BSDI kern.c,v 1.2 1998/11/25 22:38:27 don Exp + * $FreeBSD: src/usr.sbin/rpc.lockd/kern.c,v 1.11 2002/08/15 21:52:21 alfred Exp $ + */ + +#include +#include +#include +#include +#include + +#include +#include + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "rpcsvc/nlm_prot.h" +#include +#include +#include +#include + +#include "lockd.h" +#include "lockd_lock.h" + +#define DAEMON_USERNAME "daemon" + +#define nfslockdans(_v, _ansp) \ + ((_ansp)->la_vers = (_v), \ + nfsclnt(NFSCLNT_LOCKDANS, (_ansp))) + + +/* Lock request owner. */ +typedef struct __owner { + pid_t pid; /* Process ID. */ + time_t tod; /* Time-of-day. */ +} OWNER; +static OWNER owner; + +static char hostname[MAXHOSTNAMELEN + 1]; /* Hostname. */ + +static void client_cleanup(void); +static void set_auth(CLIENT *cl, struct xucred *ucred); +int lock_request(LOCKD_MSG *); +int test_request(LOCKD_MSG *); +void show(LOCKD_MSG *); +int unlock_request(LOCKD_MSG *); + +/* + * will break because fifo needs to be repopened when EOF'd + */ +#define lockd_seteuid(uid) seteuid(uid) + +#define d_calls (debug_level > 1) +#define d_args (debug_level > 2) + +static const char * +from_addr(saddr) + struct sockaddr *saddr; +{ + static char inet_buf[INET6_ADDRSTRLEN]; + + if (getnameinfo(saddr, saddr->sa_len, inet_buf, sizeof(inet_buf), + NULL, 0, NI_NUMERICHOST) == 0) + return inet_buf; + return "???"; +} + +/* + * client_kern_wait() + * + * wait for kernel to signal first lock request before starting + */ +void +client_kern_wait(void) +{ + if (nfsclnt(NFSCLNT_LOCKDWAIT, NULL)) + warn("nfsclnt_lockdwait"); +} + +void +client_cleanup(void) +{ + (void)lockd_seteuid(0); + (void) nfsclnt(NFSCLNT_LOCKDFD, (struct lockd_ans *)-1); + exit(-1); +} + +/* + * client_request -- + * Loop around messages from the kernel, forwarding them off to + * NLM servers. + */ +pid_t +client_request(void) +{ + LOCKD_MSG msg; +/* + * select on FIFOs can currently hang, so we'll use + * the nfslockdwait syscall instead for now. + */ +#define USE_NFSLOCKDWAIT_INSTEAD_OF_SELECT 1 +#ifndef USE_NFSLOCKDWAIT_INSTEAD_OF_SELECT + fd_set rdset; +#endif + int fd, nr, ret; + pid_t child; + uid_t daemon_uid; + mode_t old_umask; + struct passwd *pw; + + /* Recreate the NLM fifo. */ + (void)unlink(_PATH_LCKFIFO); + old_umask = umask(S_IXGRP|S_IXOTH); + if (mkfifo(_PATH_LCKFIFO, S_IWUSR | S_IRUSR)) { + syslog(LOG_ERR, "mkfifo: %s: %m", _PATH_LCKFIFO); + exit (1); + } + umask(old_umask); + + /* + * Create a separate process, the client code is really a separate + * daemon that shares a lot of code. + */ + switch (child = fork()) { + case -1: + err(1, "fork"); + case 0: + break; + default: + return (child); + } + + signal(SIGHUP, (sig_t)client_cleanup); + signal(SIGTERM, (sig_t)client_cleanup); + + /* Setup. */ + (void)time(&owner.tod); + owner.pid = getpid(); + (void)gethostname(hostname, sizeof(hostname) - 1); + + /* Open the fifo for reading. */ + if ((fd = open(_PATH_LCKFIFO, O_RDONLY | O_NONBLOCK)) == -1) { + syslog(LOG_ERR, "open: %s: %m", _PATH_LCKFIFO); + goto err; + } + (void)unlink(_PATH_LCKFIFO); + if (nfsclnt(NFSCLNT_LOCKDFD, (struct lockd_ans *)fd)) { + syslog(LOG_ERR, "nfsclnt_fd: %d: %m", fd); + goto err; + } + pw = getpwnam(DAEMON_USERNAME); + if (pw == NULL) { + syslog(LOG_ERR, "getpwnam: %s: %m", DAEMON_USERNAME); + goto err; + } + daemon_uid = pw->pw_uid; + /* drop our root priviledges */ + (void)lockd_seteuid(daemon_uid); + + for (;;) { +#ifndef USE_NFSLOCKDWAIT_INSTEAD_OF_SELECT + /* Wait for contact... fifo's return EAGAIN when read with + * no data + */ + /* Set up the select. */ + FD_ZERO(&rdset); + FD_SET(fd, &rdset); + (void)select(fd + 1, &rdset, NULL, NULL, NULL); +#endif + + /* Read the fixed length message. */ + if ((nr = read(fd, &msg, sizeof(msg))) == sizeof(msg)) { + if (d_args) + show(&msg); + + if (msg.lm_version != LOCKD_MSG_VERSION) { + syslog(LOG_ERR, + "unknown msg type: %d", msg.lm_version); + } + /* + * Send it to the NLM server and don't grant the lock + * if we fail for any reason. + */ + switch (msg.lm_fl.l_type) { + case F_RDLCK: + case F_WRLCK: + if (msg.lm_getlk) + ret = test_request(&msg); + else + ret = lock_request(&msg); + break; + case F_UNLCK: + ret = unlock_request(&msg); + break; + default: + ret = 1; + syslog(LOG_ERR, + "unknown lock type: %d", msg.lm_fl.l_type); + break; + } + if (ret) { + struct lockd_ans ans; + + ans.la_msg_ident = msg.lm_msg_ident; + ans.la_errno = ENOTSUP; + + if (nfslockdans(LOCKD_ANS_VERSION, &ans)) { + syslog(LOG_DEBUG, "process %lu: %m", + (u_long)msg.lm_msg_ident.pid); + } + } + } else if (nr == -1) { + if (errno != EAGAIN) { + syslog(LOG_ERR, "read: %s: %m", _PATH_LCKFIFO); + goto err; + } +#ifdef USE_NFSLOCKDWAIT_INSTEAD_OF_SELECT + else + nfsclnt(NFSCLNT_LOCKDWAIT, NULL); +#endif + } else if (nr != 0) { + syslog(LOG_ERR, + "%s: discard %d bytes", _PATH_LCKFIFO, nr); + } +#ifdef USE_NFSLOCKDWAIT_INSTEAD_OF_SELECT + else + nfsclnt(NFSCLNT_LOCKDWAIT, NULL); +#endif + } + + /* Reached only on error. */ +err: + (void)lockd_seteuid(0); + (void) nfsclnt(NFSCLNT_LOCKDFD, (struct lockd_ans *)-1); + _exit (1); + return 0; +} + +void +set_auth(cl, xucred) + CLIENT *cl; + struct xucred *xucred; +{ + if (cl->cl_auth != NULL) + cl->cl_auth->ah_ops->ah_destroy(cl->cl_auth); + cl->cl_auth = authunix_create(hostname, + xucred->cr_uid, + xucred->cr_groups[0], + xucred->cr_ngroups - 1, + &xucred->cr_groups[1]); +} + + +/* + * test_request -- + * Convert a lock LOCKD_MSG into an NLM request, and send it off. + */ +int +test_request(LOCKD_MSG *msg) +{ + CLIENT *cli; + struct timeval timeout = {0, 0}; /* No timeout, no response. */ + char dummy; + + if (d_calls) + syslog(LOG_DEBUG, "test request: %s: %s to %s", + msg->lm_nfsv3 ? "V4" : "V1/3", + msg->lm_fl.l_type == F_WRLCK ? "write" : "read", + from_addr((struct sockaddr *)&msg->lm_addr)); + + if (msg->lm_nfsv3) { + struct nlm4_testargs arg4; + + arg4.cookie.n_bytes = (char *)&msg->lm_msg_ident; + arg4.cookie.n_len = sizeof(msg->lm_msg_ident); + arg4.exclusive = msg->lm_fl.l_type == F_WRLCK ? 1 : 0; + arg4.alock.caller_name = hostname; + arg4.alock.fh.n_bytes = (char *)&msg->lm_fh; + arg4.alock.fh.n_len = msg->lm_fh_len; + arg4.alock.oh.n_bytes = (char *)&owner; + arg4.alock.oh.n_len = sizeof(owner); + arg4.alock.svid = msg->lm_msg_ident.pid; + arg4.alock.l_offset = msg->lm_fl.l_start; + arg4.alock.l_len = msg->lm_fl.l_len; + + if ((cli = get_client( + (struct sockaddr *)&msg->lm_addr, + NLM_VERS4)) == NULL) + return (1); + + set_auth(cli, &msg->lm_cred); + (void)clnt_call(cli, NLM_TEST_MSG, + xdr_nlm4_testargs, &arg4, xdr_void, &dummy, timeout); + } else { + struct nlm_testargs arg; + + arg.cookie.n_bytes = (char *)&msg->lm_msg_ident; + arg.cookie.n_len = sizeof(msg->lm_msg_ident); + arg.exclusive = msg->lm_fl.l_type == F_WRLCK ? 1 : 0; + arg.alock.caller_name = hostname; + arg.alock.fh.n_bytes = (char *)&msg->lm_fh; + arg.alock.fh.n_len = msg->lm_fh_len; + arg.alock.oh.n_bytes = (char *)&owner; + arg.alock.oh.n_len = sizeof(owner); + arg.alock.svid = msg->lm_msg_ident.pid; + arg.alock.l_offset = msg->lm_fl.l_start; + arg.alock.l_len = msg->lm_fl.l_len; + + if ((cli = get_client( + (struct sockaddr *)&msg->lm_addr, + NLM_VERS)) == NULL) + return (1); + + set_auth(cli, &msg->lm_cred); + (void)clnt_call(cli, NLM_TEST_MSG, + xdr_nlm_testargs, &arg, xdr_void, &dummy, timeout); + } + return (0); +} + +/* + * lock_request -- + * Convert a lock LOCKD_MSG into an NLM request, and send it off. + */ +int +lock_request(LOCKD_MSG *msg) +{ + CLIENT *cli; + struct nlm4_lockargs arg4; + struct nlm_lockargs arg; + struct timeval timeout = {0, 0}; /* No timeout, no response. */ + char dummy; + + if (d_calls) + syslog(LOG_DEBUG, "lock request: %s: %s to %s", + msg->lm_nfsv3 ? "V4" : "V1/3", + msg->lm_fl.l_type == F_WRLCK ? "write" : "read", + from_addr((struct sockaddr *)&msg->lm_addr)); + + if (msg->lm_nfsv3) { + arg4.cookie.n_bytes = (char *)&msg->lm_msg_ident; + arg4.cookie.n_len = sizeof(msg->lm_msg_ident); + arg4.block = msg->lm_wait ? 1 : 0; + arg4.exclusive = msg->lm_fl.l_type == F_WRLCK ? 1 : 0; + arg4.alock.caller_name = hostname; + arg4.alock.fh.n_bytes = (char *)&msg->lm_fh; + arg4.alock.fh.n_len = msg->lm_fh_len; + arg4.alock.oh.n_bytes = (char *)&owner; + arg4.alock.oh.n_len = sizeof(owner); + arg4.alock.svid = msg->lm_msg_ident.pid; + arg4.alock.l_offset = msg->lm_fl.l_start; + arg4.alock.l_len = msg->lm_fl.l_len; + arg4.reclaim = 0; + arg4.state = nsm_state; + + if ((cli = get_client( + (struct sockaddr *)&msg->lm_addr, + NLM_VERS4)) == NULL) + return (1); + + set_auth(cli, &msg->lm_cred); + (void)clnt_call(cli, NLM_LOCK_MSG, + xdr_nlm4_lockargs, &arg4, xdr_void, &dummy, timeout); + } else { + arg.cookie.n_bytes = (char *)&msg->lm_msg_ident; + arg.cookie.n_len = sizeof(msg->lm_msg_ident); + arg.block = msg->lm_wait ? 1 : 0; + arg.exclusive = msg->lm_fl.l_type == F_WRLCK ? 1 : 0; + arg.alock.caller_name = hostname; + arg.alock.fh.n_bytes = (char *)&msg->lm_fh; + arg.alock.fh.n_len = msg->lm_fh_len; + arg.alock.oh.n_bytes = (char *)&owner; + arg.alock.oh.n_len = sizeof(owner); + arg.alock.svid = msg->lm_msg_ident.pid; + arg.alock.l_offset = msg->lm_fl.l_start; + arg.alock.l_len = msg->lm_fl.l_len; + arg.reclaim = 0; + arg.state = nsm_state; + + if ((cli = get_client( + (struct sockaddr *)&msg->lm_addr, + NLM_VERS)) == NULL) + return (1); + + set_auth(cli, &msg->lm_cred); + (void)clnt_call(cli, NLM_LOCK_MSG, + xdr_nlm_lockargs, &arg, xdr_void, &dummy, timeout); + } + return (0); +} + +/* + * unlock_request -- + * Convert an unlock LOCKD_MSG into an NLM request, and send it off. + */ +int +unlock_request(LOCKD_MSG *msg) +{ + CLIENT *cli; + struct nlm4_unlockargs arg4; + struct nlm_unlockargs arg; + struct timeval timeout = {0, 0}; /* No timeout, no response. */ + char dummy; + + if (d_calls) + syslog(LOG_DEBUG, "unlock request: %s: to %s", + msg->lm_nfsv3 ? "V4" : "V1/3", + from_addr((struct sockaddr *)&msg->lm_addr)); + + if (msg->lm_nfsv3) { + arg4.cookie.n_bytes = (char *)&msg->lm_msg_ident; + arg4.cookie.n_len = sizeof(msg->lm_msg_ident); + arg4.alock.caller_name = hostname; + arg4.alock.fh.n_bytes = (char *)&msg->lm_fh; + arg4.alock.fh.n_len = msg->lm_fh_len; + arg4.alock.oh.n_bytes = (char *)&owner; + arg4.alock.oh.n_len = sizeof(owner); + arg4.alock.svid = msg->lm_msg_ident.pid; + arg4.alock.l_offset = msg->lm_fl.l_start; + arg4.alock.l_len = msg->lm_fl.l_len; + + if ((cli = get_client( + (struct sockaddr *)&msg->lm_addr, + NLM_VERS4)) == NULL) + return (1); + + set_auth(cli, &msg->lm_cred); + (void)clnt_call(cli, NLM_UNLOCK_MSG, + xdr_nlm4_unlockargs, &arg4, xdr_void, &dummy, timeout); + } else { + arg.cookie.n_bytes = (char *)&msg->lm_msg_ident; + arg.cookie.n_len = sizeof(msg->lm_msg_ident); + arg.alock.caller_name = hostname; + arg.alock.fh.n_bytes = (char *)&msg->lm_fh; + arg.alock.fh.n_len = msg->lm_fh_len; + arg.alock.oh.n_bytes = (char *)&owner; + arg.alock.oh.n_len = sizeof(owner); + arg.alock.svid = msg->lm_msg_ident.pid; + arg.alock.l_offset = msg->lm_fl.l_start; + arg.alock.l_len = msg->lm_fl.l_len; + + if ((cli = get_client( + (struct sockaddr *)&msg->lm_addr, + NLM_VERS)) == NULL) + return (1); + + set_auth(cli, &msg->lm_cred); + (void)clnt_call(cli, NLM_UNLOCK_MSG, + xdr_nlm_unlockargs, &arg, xdr_void, &dummy, timeout); + } + + return (0); +} + +int +lock_answer(int pid, netobj *netcookie, int result, int version, + int *pid_p, off_t l_start, off_t l_len) +{ + struct lockd_ans ans; + + if (netcookie->n_len != sizeof(ans.la_msg_ident)) { + if (pid == -1) { /* we're screwed */ + syslog(LOG_ERR, "inedible nlm cookie"); + return -1; + } + ans.la_msg_ident.pid = pid; + ans.la_msg_ident.msg_seq = -1; + } else { + memcpy(&ans.la_msg_ident, netcookie->n_bytes, + sizeof(ans.la_msg_ident)); + } + + if (d_calls) + syslog(LOG_DEBUG, "lock answer: pid %lu: %s %d", + (unsigned long)ans.la_msg_ident.pid, + version == NLM_VERS4 ? "nlmv4" : "nlmv3", + result); + + ans.la_getlk_set = 0; + if (version == NLM_VERS4) + switch (result) { + case nlm4_granted: + ans.la_errno = 0; + break; + default: + ans.la_errno = EACCES; + break; + case nlm4_denied: + if (pid_p == NULL) + ans.la_errno = EACCES; + else { + /* this is an answer to a nlm_test msg */ + ans.la_getlk_set = 1; + ans.la_getlk_pid = *pid_p; + ans.la_getlk_start = l_start; + ans.la_getlk_len = l_len; + ans.la_errno = 0; + } + break; + case nlm4_denied_nolocks: + ans.la_errno = ENOLCK; + break; + case nlm4_blocked: + return -1; + /* NOTREACHED */ + case nlm4_denied_grace_period: + ans.la_errno = EAGAIN; + break; + case nlm4_deadlck: + ans.la_errno = EDEADLK; + break; + case nlm4_rofs: + ans.la_errno = EROFS; + break; + case nlm4_stale_fh: + ans.la_errno = ESTALE; + break; + case nlm4_fbig: + ans.la_errno = EFBIG; + break; + case nlm4_failed: + ans.la_errno = EACCES; + break; + } + else + switch (result) { + case nlm_granted: + ans.la_errno = 0; + break; + default: + ans.la_errno = EACCES; + break; + case nlm_denied: + if (pid_p == NULL) + ans.la_errno = EACCES; + else { + /* this is an answer to a nlm_test msg */ + ans.la_getlk_set = 1; + ans.la_getlk_pid = *pid_p; + ans.la_getlk_start = l_start; + ans.la_getlk_len = l_len; + ans.la_errno = 0; + } + break; + case nlm_denied_nolocks: + ans.la_errno = ENOLCK; + break; + case nlm_blocked: + return -1; + /* NOTREACHED */ + case nlm_denied_grace_period: + ans.la_errno = EAGAIN; + break; + case nlm_deadlck: + ans.la_errno = EDEADLK; + break; + } + + if (nfslockdans(LOCKD_ANS_VERSION, &ans)) { + syslog(LOG_DEBUG, "lock_answer(%d): process %lu: %m", + result, (u_long)ans.la_msg_ident.pid); + return -1; + } + return 0; +} + +/* + * show -- + * Display the contents of a kernel LOCKD_MSG structure. + */ +void +show(LOCKD_MSG *mp) +{ + static char hex[] = "0123456789abcdef"; + struct fid *fidp; + fsid_t *fsidp; + size_t len; + u_int8_t *p, *t, buf[NFS_SMALLFH*3+1]; + + syslog(LOG_DEBUG, "process ID: %lu\n", (long)mp->lm_msg_ident.pid); + + fsidp = (fsid_t *)&mp->lm_fh; + fidp = (struct fid *)((u_int8_t *)&mp->lm_fh + sizeof(fsid_t)); + + for (t = buf, p = (u_int8_t *)mp->lm_fh, + len = mp->lm_fh_len; + len > 0; ++p, --len) { + *t++ = '\\'; + *t++ = hex[(*p & 0xf0) >> 4]; + *t++ = hex[*p & 0x0f]; + } + *t = '\0'; + + syslog(LOG_DEBUG, "fh_len %d, fh %s\n", mp->lm_fh_len, buf); + + /* Show flock structure. */ + syslog(LOG_DEBUG, "start %qu; len %qu; pid %lu; type %d; whence %d\n", + mp->lm_fl.l_start, mp->lm_fl.l_len, (u_long)mp->lm_fl.l_pid, + mp->lm_fl.l_type, mp->lm_fl.l_whence); + + /* Show wait flag. */ + syslog(LOG_DEBUG, "wait was %s\n", mp->lm_wait ? "set" : "not set"); +} diff --git a/rpc_lockd.tproj/lock_proc.c b/rpc_lockd.tproj/lock_proc.c new file mode 100644 index 0000000..9a4ee11 --- /dev/null +++ b/rpc_lockd.tproj/lock_proc.c @@ -0,0 +1,1399 @@ +/* $NetBSD: lock_proc.c,v 1.7 2000/10/11 20:23:56 is Exp $ */ +/* $FreeBSD: src/usr.sbin/rpc.lockd/lock_proc.c,v 1.10 2002/03/22 20:00:10 alfred Exp $ */ +/* + * Copyright (c) 1995 + * A.R. Gordon (andrew.gordon@net-tel.co.uk). All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed for the FreeBSD project + * 4. Neither the name of the author nor the names of any co-contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY ANDREW GORDON AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + */ + +#include +#ifndef lint +__RCSID("$NetBSD: lock_proc.c,v 1.7 2000/10/11 20:23:56 is Exp $"); +#endif + +#include +#include + +#include +#include + +#include +#include +#include +#include + +#include +#include +#include + +#include "lockd.h" +#include "lockd_lock.h" + + +#define CLIENT_CACHE_SIZE 64 /* No. of client sockets cached */ +#define CLIENT_CACHE_LIFETIME 120 /* In seconds */ + +static void log_from_addr(const char *, struct svc_req *); +static void log_netobj(netobj *obj); +static int addrcmp(struct sockaddr *, struct sockaddr *); + +/* log_from_addr ----------------------------------------------------------- */ +/* + * Purpose: Log name of function called and source address + * Returns: Nothing + * Notes: Extracts the source address from the transport handle + * passed in as part of the called procedure specification + */ +static void +log_from_addr(fun_name, req) + const char *fun_name; + struct svc_req *req; +{ + struct sockaddr_in *addr; + char hostname_buf[NI_MAXHOST]; + + addr = svc_getcaller(req->rq_xprt); + if (getnameinfo((struct sockaddr *)addr, sizeof(*addr), hostname_buf, sizeof hostname_buf, + NULL, 0, 0) != 0) + return; + + syslog(LOG_DEBUG, "%s from %s", fun_name, hostname_buf); +} + +/* log_netobj ----------------------------------------------------------- */ +/* + * Purpose: Log a netobj + * Returns: Nothing + * Notes: This function should only really be called as part of + * a debug subsystem. +*/ +static void +log_netobj(obj) + netobj *obj; +{ + char objvalbuffer[(sizeof(char)*2)*MAX_NETOBJ_SZ+2]; + char objascbuffer[sizeof(char)*MAX_NETOBJ_SZ+1]; + unsigned int i, maxlen; + char *tmp1, *tmp2; + + /* Notify of potential security attacks */ + if (obj->n_len > MAX_NETOBJ_SZ) { + syslog(LOG_DEBUG, "SOMEONE IS TRYING TO DO SOMETHING NASTY!\n"); + syslog(LOG_DEBUG, "netobj too large! Should be %d was %d\n", + MAX_NETOBJ_SZ, obj->n_len); + } + /* Prevent the security hazard from the buffer overflow */ + maxlen = (obj->n_len < MAX_NETOBJ_SZ ? obj->n_len : MAX_NETOBJ_SZ); + for (i=0, tmp1 = objvalbuffer, tmp2 = objascbuffer; i < obj->n_len; + i++, tmp1 +=2, tmp2 +=1) { + sprintf(tmp1,"%02X",*(obj->n_bytes+i)); + sprintf(tmp2,"%c",*(obj->n_bytes+i)); + } + *tmp1 = '\0'; + *tmp2 = '\0'; + syslog(LOG_DEBUG,"netobjvals: %s\n",objvalbuffer); + syslog(LOG_DEBUG,"netobjascs: %s\n",objascbuffer); +} +/* get_client -------------------------------------------------------------- */ +/* + * Purpose: Get a CLIENT* for making RPC calls to lockd on given host + * Returns: CLIENT* pointer, from clnt_udp_create, or NULL if error + * Notes: Creating a CLIENT* is quite expensive, involving a + * conversation with the remote portmapper to get the + * port number. Since a given client is quite likely + * to make several locking requests in succession, it is + * desirable to cache the created CLIENT*. + * + * Since we are using UDP rather than TCP, there is no cost + * to the remote system in keeping these cached indefinitely. + * Unfortunately there is a snag: if the remote system + * reboots, the cached portmapper results will be invalid, + * and we will never detect this since all of the xxx_msg() + * calls return no result - we just fire off a udp packet + * and hope for the best. + * + * We solve this by discarding cached values after two + * minutes, regardless of whether they have been used + * in the meanwhile (since a bad one might have been used + * plenty of times, as the host keeps retrying the request + * and we keep sending the reply back to the wrong port). + * + * Given that the entries will always expire in the order + * that they were created, there is no point in a LRU + * algorithm for when the cache gets full - entries are + * always re-used in sequence. + */ +static CLIENT *clnt_cache_ptr[CLIENT_CACHE_SIZE]; +static long clnt_cache_time[CLIENT_CACHE_SIZE]; /* time entry created */ +static struct sockaddr_storage clnt_cache_addr[CLIENT_CACHE_SIZE]; +static rpcvers_t clnt_cache_vers[CLIENT_CACHE_SIZE]; +static int clnt_cache_next_to_use = 0; + +static int +addrcmp(sa1, sa2) + struct sockaddr *sa1; + struct sockaddr *sa2; +{ + int len; + void *p1, *p2; + + if (sa1->sa_family != sa2->sa_family) + return -1; + + switch (sa1->sa_family) { + case AF_INET: + p1 = &((struct sockaddr_in *)sa1)->sin_addr; + p2 = &((struct sockaddr_in *)sa2)->sin_addr; + len = 4; + break; + case AF_INET6: + p1 = &((struct sockaddr_in6 *)sa1)->sin6_addr; + p2 = &((struct sockaddr_in6 *)sa2)->sin6_addr; + len = 16; + break; + default: + return -1; + } + + return memcmp(p1, p2, len); +} + +CLIENT * +get_client(host_addr, vers) + struct sockaddr *host_addr; + rpcvers_t vers; +{ + CLIENT *client; + struct timeval retry_time, time_now; + int i; + int sock_no; + char host[NI_MAXHOST]; + + gettimeofday(&time_now, NULL); + + /* + * Search for the given client in the cache, zapping any expired + * entries that we happen to notice in passing. + */ + for (i = 0; i < CLIENT_CACHE_SIZE; i++) { + client = clnt_cache_ptr[i]; + if (client && ((clnt_cache_time[i] + CLIENT_CACHE_LIFETIME) + < time_now.tv_sec)) { + /* Cache entry has expired. */ + if (debug_level > 3) + syslog(LOG_DEBUG, "Expired CLIENT* in cache"); + clnt_cache_time[i] = 0L; + clnt_destroy(client); + clnt_cache_ptr[i] = NULL; + client = NULL; + } + if (client && !addrcmp((struct sockaddr *)&clnt_cache_addr[i], + host_addr) && clnt_cache_vers[i] == vers) { + /* Found it! */ + if (debug_level > 3) + syslog(LOG_DEBUG, "Found CLIENT* in cache"); + return (client); + } + } + + if (debug_level > 3) + syslog(LOG_DEBUG, "CLIENT* not found in cache, creating"); + + /* Not found in cache. Free the next entry if it is in use. */ + if (clnt_cache_ptr[clnt_cache_next_to_use]) { + clnt_destroy(clnt_cache_ptr[clnt_cache_next_to_use]); + clnt_cache_ptr[clnt_cache_next_to_use] = NULL; + } + + /* Create the new client handle */ + + sock_no = RPC_ANYSOCK; + retry_time.tv_sec = 5; + retry_time.tv_usec = 0; + ((struct sockaddr_in *)host_addr)->sin_port = 0; /* Force consultation with portmapper */ + client = clntudp_create((struct sockaddr_in *)host_addr, NLM_PROG, vers, retry_time, &sock_no); + if (!client) { + syslog(LOG_DEBUG, "%s", clnt_spcreateerror("clntudp_create")); + syslog(LOG_DEBUG, "Unable to contact %s", + inet_ntoa(((struct sockaddr_in *)host_addr)->sin_addr)); + return NULL; + } + + /* Success - update the cache entry */ + clnt_cache_ptr[clnt_cache_next_to_use] = client; + memcpy(&clnt_cache_addr[clnt_cache_next_to_use], host_addr, + host_addr->sa_len); + clnt_cache_vers[clnt_cache_next_to_use] = vers; + clnt_cache_time[clnt_cache_next_to_use] = time_now.tv_sec; + if (++clnt_cache_next_to_use > CLIENT_CACHE_SIZE) + clnt_cache_next_to_use = 0; + + /* + * Disable the default timeout, so we can specify our own in calls + * to clnt_call(). (Note that the timeout is a different concept + * from the retry period set in clnt_udp_create() above.) + */ + retry_time.tv_sec = -1; + retry_time.tv_usec = -1; + clnt_control(client, CLSET_TIMEOUT, (char *)&retry_time); + + if (debug_level > 3) + syslog(LOG_DEBUG, "Created CLIENT* for %s", host); + return client; +} + + +/* transmit_result --------------------------------------------------------- */ +/* + * Purpose: Transmit result for nlm_xxx_msg pseudo-RPCs + * Returns: Nothing - we have no idea if the datagram got there + * Notes: clnt_call() will always fail (with timeout) as we are + * calling it with timeout 0 as a hack to just issue a datagram + * without expecting a result + */ +void +transmit_result(opcode, result, addr) + int opcode; + nlm_res *result; + struct sockaddr *addr; +{ + static char dummy; + CLIENT *cli; + struct timeval timeo; + int success; + + if ((cli = get_client(addr, NLM_VERS)) != NULL) { + timeo.tv_sec = 0; /* No timeout - not expecting response */ + timeo.tv_usec = 0; + + success = clnt_call(cli, opcode, xdr_nlm_res, result, xdr_void, + &dummy, timeo); + + if (debug_level > 2) + syslog(LOG_DEBUG, "clnt_call returns %d(%s)", + success, clnt_sperrno(success)); + } +} +/* transmit4_result --------------------------------------------------------- */ +/* + * Purpose: Transmit result for nlm4_xxx_msg pseudo-RPCs + * Returns: Nothing - we have no idea if the datagram got there + * Notes: clnt_call() will always fail (with timeout) as we are + * calling it with timeout 0 as a hack to just issue a datagram + * without expecting a result + */ +void +transmit4_result(opcode, result, addr) + int opcode; + nlm4_res *result; + struct sockaddr *addr; +{ + static char dummy; + CLIENT *cli; + struct timeval timeo; + int success; + + if ((cli = get_client(addr, NLM_VERS4)) != NULL) { + timeo.tv_sec = 0; /* No timeout - not expecting response */ + timeo.tv_usec = 0; + + success = clnt_call(cli, opcode, xdr_nlm4_res, result, xdr_void, + &dummy, timeo); + + if (debug_level > 2) + syslog(LOG_DEBUG, "clnt_call returns %d(%s)", + success, clnt_sperrno(success)); + } +} + +/* + * converts a struct nlm_lock to struct nlm4_lock + */ +static void nlmtonlm4(struct nlm_lock *, struct nlm4_lock *); +static void +nlmtonlm4(arg, arg4) + struct nlm_lock *arg; + struct nlm4_lock *arg4; +{ + memcpy(arg4, arg, sizeof(nlm_lock)); + arg4->l_offset = arg->l_offset; + arg4->l_len = arg->l_len; +} +/* ------------------------------------------------------------------------- */ +/* + * Functions for Unix<->Unix locking (ie. monitored locking, with rpc.statd + * involved to ensure reclaim of locks after a crash of the "stateless" + * server. + * + * These all come in two flavours - nlm_xxx() and nlm_xxx_msg(). + * The first are standard RPCs with argument and result. + * The nlm_xxx_msg() calls implement exactly the same functions, but + * use two pseudo-RPCs (one in each direction). These calls are NOT + * standard use of the RPC protocol in that they do not return a result + * at all (NB. this is quite different from returning a void result). + * The effect of this is to make the nlm_xxx_msg() calls simple unacknowledged + * datagrams, requiring higher-level code to perform retries. + * + * Despite the disadvantages of the nlm_xxx_msg() approach (some of which + * are documented in the comments to get_client() above), this is the + * interface used by all current commercial NFS implementations + * [Solaris, SCO, AIX etc.]. This is presumed to be because these allow + * implementations to continue using the standard RPC libraries, while + * avoiding the block-until-result nature of the library interface. + * + * No client implementations have been identified so far that make use + * of the true RPC version (early SunOS releases would be a likely candidate + * for testing). + */ + +/* nlm_test ---------------------------------------------------------------- */ +/* + * Purpose: Test whether a specified lock would be granted if requested + * Returns: nlm_granted (or error code) + * Notes: + */ +nlm_testres * +nlm_test_1_svc(arg, rqstp) + nlm_testargs *arg; + struct svc_req *rqstp; +{ + static nlm_testres res; + struct nlm4_lock arg4; + struct nlm4_holder *holder; + nlmtonlm4(&arg->alock, &arg4); + + if (debug_level) + log_from_addr("nlm_test", rqstp); + + holder = testlock(&arg4, arg->exclusive, 0); + /* + * Copy the cookie from the argument into the result. Note that this + * is slightly hazardous, as the structure contains a pointer to a + * malloc()ed buffer that will get freed by the caller. However, the + * main function transmits the result before freeing the argument + * so it is in fact safe. + */ + res.cookie = arg->cookie; + if (holder == NULL) { + res.stat.stat = nlm_granted; + } else { + res.stat.stat = nlm_denied; + memcpy(&res.stat.nlm_testrply_u.holder, holder, + sizeof(struct nlm_holder)); + res.stat.nlm_testrply_u.holder.l_offset = holder->l_offset; + res.stat.nlm_testrply_u.holder.l_len = holder->l_len; + } + return (&res); +} + +void * +nlm_test_msg_1_svc(arg, rqstp) + nlm_testargs *arg; + struct svc_req *rqstp; +{ + nlm_testres res; + static char dummy; + struct sockaddr *addr; + CLIENT *cli; + int success; + struct timeval timeo; + struct nlm4_lock arg4; + struct nlm4_holder *holder; + + nlmtonlm4(&arg->alock, &arg4); + + if (debug_level) + log_from_addr("nlm_test_msg", rqstp); + + holder = testlock(&arg4, arg->exclusive, 0); + + res.cookie = arg->cookie; + if (holder == NULL) { + res.stat.stat = nlm_granted; + } else { + res.stat.stat = nlm_denied; + memcpy(&res.stat.nlm_testrply_u.holder, holder, + sizeof(struct nlm_holder)); + res.stat.nlm_testrply_u.holder.l_offset = holder->l_offset; + res.stat.nlm_testrply_u.holder.l_len = holder->l_len; + } + + /* + * nlm_test has different result type to the other operations, so + * can't use transmit_result() in this case + */ + addr = (struct sockaddr *)svc_getcaller(rqstp->rq_xprt); + if ((cli = get_client(addr, NLM_VERS)) != NULL) { + timeo.tv_sec = 0; /* No timeout - not expecting response */ + timeo.tv_usec = 0; + + success = clnt_call(cli, NLM_TEST_RES, xdr_nlm_testres, + &res, xdr_void, &dummy, timeo); + + if (debug_level > 2) + syslog(LOG_DEBUG, "clnt_call returns %d", success); + } + return (NULL); +} + +/* nlm_lock ---------------------------------------------------------------- */ +/* + * Purposes: Establish a lock + * Returns: granted, denied or blocked + * Notes: *** grace period support missing + */ +nlm_res * +nlm_lock_1_svc(arg, rqstp) + nlm_lockargs *arg; + struct svc_req *rqstp; +{ + static nlm_res res; + struct nlm4_lockargs arg4; + nlmtonlm4(&arg->alock, &arg4.alock); + arg4.cookie = arg->cookie; + arg4.block = arg->block; + arg4.exclusive = arg->exclusive; + arg4.reclaim = arg->reclaim; + arg4.state = arg->state; + + if (debug_level) + log_from_addr("nlm_lock", rqstp); + + /* copy cookie from arg to result. See comment in nlm_test_1() */ + res.cookie = arg->cookie; + + res.stat.stat = getlock(&arg4, rqstp, LOCK_MON); + return (&res); +} + +void * +nlm_lock_msg_1_svc(arg, rqstp) + nlm_lockargs *arg; + struct svc_req *rqstp; +{ + static nlm_res res; + struct nlm4_lockargs arg4; + + nlmtonlm4(&arg->alock, &arg4.alock); + arg4.cookie = arg->cookie; + arg4.block = arg->block; + arg4.exclusive = arg->exclusive; + arg4.reclaim = arg->reclaim; + arg4.state = arg->state; + + if (debug_level) + log_from_addr("nlm_lock_msg", rqstp); + + res.cookie = arg->cookie; + res.stat.stat = getlock(&arg4, rqstp, LOCK_ASYNC | LOCK_MON); + transmit_result(NLM_LOCK_RES, &res, + (struct sockaddr *)svc_getcaller(rqstp->rq_xprt)); + + return (NULL); +} + +/* nlm_cancel -------------------------------------------------------------- */ +/* + * Purpose: Cancel a blocked lock request + * Returns: granted or denied + * Notes: + */ +nlm_res * +nlm_cancel_1_svc(arg, rqstp) + nlm_cancargs *arg; + struct svc_req *rqstp; +{ + static nlm_res res; + struct nlm4_lock arg4; + + nlmtonlm4(&arg->alock, &arg4); + + if (debug_level) + log_from_addr("nlm_cancel", rqstp); + + /* copy cookie from arg to result. See comment in nlm_test_1() */ + res.cookie = arg->cookie; + + /* + * Since at present we never return 'nlm_blocked', there can never be + * a lock to cancel, so this call always fails. + */ + res.stat.stat = unlock(&arg4, LOCK_CANCEL); + return (&res); +} + +void * +nlm_cancel_msg_1_svc(arg, rqstp) + nlm_cancargs *arg; + struct svc_req *rqstp; +{ + static nlm_res res; + struct nlm4_lock arg4; + + nlmtonlm4(&arg->alock, &arg4); + + if (debug_level) + log_from_addr("nlm_cancel_msg", rqstp); + + res.cookie = arg->cookie; + /* + * Since at present we never return 'nlm_blocked', there can never be + * a lock to cancel, so this call always fails. + */ + res.stat.stat = unlock(&arg4, LOCK_CANCEL); + transmit_result(NLM_CANCEL_RES, &res, + (struct sockaddr *)svc_getcaller(rqstp->rq_xprt)); + return (NULL); +} + +/* nlm_unlock -------------------------------------------------------------- */ +/* + * Purpose: Release an existing lock + * Returns: Always granted, unless during grace period + * Notes: "no such lock" error condition is ignored, as the + * protocol uses unreliable UDP datagrams, and may well + * re-try an unlock that has already succeeded. + */ +nlm_res * +nlm_unlock_1_svc(arg, rqstp) + nlm_unlockargs *arg; + struct svc_req *rqstp; +{ + static nlm_res res; + struct nlm4_lock arg4; + + nlmtonlm4(&arg->alock, &arg4); + + if (debug_level) + log_from_addr("nlm_unlock", rqstp); + + res.stat.stat = unlock(&arg4, 0); + res.cookie = arg->cookie; + + return (&res); +} + +void * +nlm_unlock_msg_1_svc(arg, rqstp) + nlm_unlockargs *arg; + struct svc_req *rqstp; +{ + static nlm_res res; + struct nlm4_lock arg4; + + nlmtonlm4(&arg->alock, &arg4); + + if (debug_level) + log_from_addr("nlm_unlock_msg", rqstp); + + res.stat.stat = unlock(&arg4, 0); + res.cookie = arg->cookie; + + transmit_result(NLM_UNLOCK_RES, &res, + (struct sockaddr *)svc_getcaller(rqstp->rq_xprt)); + return (NULL); +} + +/* ------------------------------------------------------------------------- */ +/* + * Client-side pseudo-RPCs for results. Note that for the client there + * are only nlm_xxx_msg() versions of each call, since the 'real RPC' + * version returns the results in the RPC result, and so the client + * does not normally receive incoming RPCs. + * + * The exception to this is nlm_granted(), which is genuinely an RPC + * call from the server to the client - a 'call-back' in normal procedure + * call terms. + */ + +/* nlm_granted ------------------------------------------------------------- */ +/* + * Purpose: Receive notification that formerly blocked lock now granted + * Returns: always success ('granted') + * Notes: + */ +nlm_res * +nlm_granted_1_svc(arg, rqstp) + nlm_testargs *arg; + struct svc_req *rqstp; +{ + static nlm_res res; + + if (debug_level) + log_from_addr("nlm_granted", rqstp); + + res.stat.stat = lock_answer(arg->alock.svid, &arg->cookie, + nlm_granted, NLM_VERS, NULL, 0, 0) == 0 ? + nlm_granted : nlm_denied; + + /* copy cookie from arg to result. See comment in nlm_test_1() */ + res.cookie = arg->cookie; + + return (&res); +} + +void * +nlm_granted_msg_1_svc(arg, rqstp) + nlm_testargs *arg; + struct svc_req *rqstp; +{ + static nlm_res res; + + if (debug_level) + log_from_addr("nlm_granted_msg", rqstp); + + res.stat.stat = lock_answer(arg->alock.svid, &arg->cookie, + nlm_granted, NLM_VERS, NULL, 0, 0) == 0 ? + nlm_granted : nlm_denied; + + res.cookie = arg->cookie; + + transmit_result(NLM_GRANTED_RES, &res, + (struct sockaddr *)svc_getcaller(rqstp->rq_xprt)); + return (NULL); +} + +/* nlm_test_res ------------------------------------------------------------ */ +/* + * Purpose: Accept result from earlier nlm_test_msg() call + * Returns: Nothing + */ +void * +nlm_test_res_1_svc(arg, rqstp) + nlm_testres *arg; + struct svc_req *rqstp; +{ + if (debug_level) + log_from_addr("nlm_test_res", rqstp); + (void)lock_answer(-1, &arg->cookie, arg->stat.stat, NLM_VERS, + &arg->stat.nlm_testrply_u.holder.svid, + arg->stat.nlm_testrply_u.holder.l_offset, + arg->stat.nlm_testrply_u.holder.l_len); + return (NULL); +} + +/* nlm_lock_res ------------------------------------------------------------ */ +/* + * Purpose: Accept result from earlier nlm_lock_msg() call + * Returns: Nothing + */ +void * +nlm_lock_res_1_svc(arg, rqstp) + nlm_res *arg; + struct svc_req *rqstp; +{ + if (debug_level) + log_from_addr("nlm_lock_res", rqstp); + + (void)lock_answer(-1, &arg->cookie, arg->stat.stat, NLM_VERS, NULL, 0, 0); + + return (NULL); +} + +/* nlm_cancel_res ---------------------------------------------------------- */ +/* + * Purpose: Accept result from earlier nlm_cancel_msg() call + * Returns: Nothing + */ +void * +nlm_cancel_res_1_svc(arg, rqstp) + nlm_res *arg __unused; + struct svc_req *rqstp; +{ + if (debug_level) + log_from_addr("nlm_cancel_res", rqstp); + return (NULL); +} + +/* nlm_unlock_res ---------------------------------------------------------- */ +/* + * Purpose: Accept result from earlier nlm_unlock_msg() call + * Returns: Nothing + */ +void * +nlm_unlock_res_1_svc(arg, rqstp) + nlm_res *arg; + struct svc_req *rqstp; +{ + if (debug_level) + log_from_addr("nlm_unlock_res", rqstp); + + lock_answer(-1, &arg->cookie, arg->stat.stat, NLM_VERS, NULL, 0, 0); + + return (NULL); +} + +/* nlm_granted_res --------------------------------------------------------- */ +/* + * Purpose: Accept result from earlier nlm_granted_msg() call + * Returns: Nothing + */ +void * +nlm_granted_res_1_svc(arg, rqstp) + nlm_res *arg __unused; + struct svc_req *rqstp; +{ + if (debug_level) + log_from_addr("nlm_granted_res", rqstp); + /* XXX should undo lock if granted msg wasn't accepted! */ + return (NULL); +} + +/* ------------------------------------------------------------------------- */ +/* + * Calls for PCNFS locking (aka non-monitored locking, no involvement + * of rpc.statd). + * + * These are all genuine RPCs - no nlm_xxx_msg() nonsense here. + */ + +/* nlm_share --------------------------------------------------------------- */ +/* + * Purpose: Establish a DOS-style lock + * Returns: success or failure + * Notes: Blocking locks are not supported - client is expected + * to retry if required. + */ +nlm_shareres * +nlm_share_3_svc(arg, rqstp) + nlm_shareargs *arg; + struct svc_req *rqstp; +{ + static nlm_shareres res; + + if (debug_level) + log_from_addr("nlm_share", rqstp); + + /* copy cookie from arg to result. See comment in nlm_test_1() */ + res.cookie = arg->cookie; + res.sequence = 0; /* X/Open says this field is ignored? */ + + res.stat = getshare(arg, rqstp, 0); + return (&res); +} + +/* nlm_unshare ------------------------------------------------------------ */ +/* + * Purpose: Release a DOS-style lock + * Returns: nlm_granted, unless in grace period + * Notes: + */ +nlm_shareres * +nlm_unshare_3_svc(arg, rqstp) + nlm_shareargs *arg; + struct svc_req *rqstp; +{ + static nlm_shareres res; + + if (debug_level) + log_from_addr("nlm_unshare", rqstp); + + res.cookie = arg->cookie; + res.sequence = 0; /* X/Open says this field is ignored? */ + + res.stat = unshare(arg, rqstp); + return (&res); +} + +/* nlm_nm_lock ------------------------------------------------------------ */ +/* + * Purpose: non-monitored version of nlm_lock() + * Returns: as for nlm_lock() + * Notes: These locks are in the same style as the standard nlm_lock, + * but the rpc.statd should not be called to establish a + * monitor for the client machine, since that machine is + * declared not to be running a rpc.statd, and so would not + * respond to the statd protocol. + */ +nlm_res * +nlm_nm_lock_3_svc(arg, rqstp) + nlm_lockargs *arg; + struct svc_req *rqstp; +{ + static nlm_res res; + struct nlm4_lockargs arg4; + nlmtonlm4(&arg->alock, &arg4.alock); + arg4.cookie = arg->cookie; + arg4.block = arg->block; + arg4.exclusive = arg->exclusive; + arg4.reclaim = arg->reclaim; + arg4.state = arg->state; + + if (debug_level) + log_from_addr("nlm_nm_lock", rqstp); + + /* copy cookie from arg to result. See comment in nlm_test_1() */ + res.cookie = arg->cookie; + + res.stat.stat = getlock(&arg4, rqstp, 0); + return (&res); +} + +/* nlm_free_all ------------------------------------------------------------ */ +/* + * Purpose: Release all locks held by a named client + * Returns: Nothing + * Notes: Potential denial of service security problem here - the + * locks to be released are specified by a host name, independent + * of the address from which the request has arrived. + * Should probably be rejected if the named host has been + * using monitored locks. + */ +void * +nlm_free_all_3_svc(arg, rqstp) + nlm_notify *arg; + struct svc_req *rqstp; +{ + static char dummy; + + if (debug_level) + log_from_addr("nlm_free_all", rqstp); + + /* free all non-monitored locks/shares for specified host */ + do_free_all(arg->name); + + return (&dummy); +} + +/* calls for nlm version 4 (NFSv3) */ +/* nlm_test ---------------------------------------------------------------- */ +/* + * Purpose: Test whether a specified lock would be granted if requested + * Returns: nlm_granted (or error code) + * Notes: + */ +nlm4_testres * +nlm4_test_4_svc(arg, rqstp) + nlm4_testargs *arg; + struct svc_req *rqstp; +{ + static nlm4_testres res; + struct nlm4_holder *holder; + + if (debug_level) + log_from_addr("nlm4_test", rqstp); + if (debug_level > 5) { + syslog(LOG_DEBUG, "Locking arguments:\n"); + log_netobj(&(arg->cookie)); + syslog(LOG_DEBUG, "Alock arguments:\n"); + syslog(LOG_DEBUG, "Caller Name: %s\n",arg->alock.caller_name); + syslog(LOG_DEBUG, "File Handle:\n"); + log_netobj(&(arg->alock.fh)); + syslog(LOG_DEBUG, "Owner Handle:\n"); + log_netobj(&(arg->alock.oh)); + syslog(LOG_DEBUG, "SVID: %d\n", arg->alock.svid); + syslog(LOG_DEBUG, "Lock Offset: %llu\n", + (unsigned long long)arg->alock.l_offset); + syslog(LOG_DEBUG, "Lock Length: %llu\n", + (unsigned long long)arg->alock.l_len); + syslog(LOG_DEBUG, "Exclusive: %s\n", + (arg->exclusive ? "true" : "false")); + } + + holder = testlock(&arg->alock, arg->exclusive, LOCK_V4); + + /* + * Copy the cookie from the argument into the result. Note that this + * is slightly hazardous, as the structure contains a pointer to a + * malloc()ed buffer that will get freed by the caller. However, the + * main function transmits the result before freeing the argument + * so it is in fact safe. + */ + res.cookie = arg->cookie; + if (holder == NULL) { + res.stat.stat = nlm4_granted; + } else { + res.stat.stat = nlm4_denied; + memcpy(&res.stat.nlm4_testrply_u.holder, holder, + sizeof(struct nlm4_holder)); + } + return (&res); +} + +void * +nlm4_test_msg_4_svc(arg, rqstp) + nlm4_testargs *arg; + struct svc_req *rqstp; +{ + nlm4_testres res; + static char dummy; + struct sockaddr *addr; + CLIENT *cli; + int success; + struct timeval timeo; + struct nlm4_holder *holder; + + if (debug_level) + log_from_addr("nlm4_test_msg", rqstp); + + holder = testlock(&arg->alock, arg->exclusive, LOCK_V4); + + res.cookie = arg->cookie; + if (holder == NULL) { + res.stat.stat = nlm4_granted; + } else { + res.stat.stat = nlm4_denied; + memcpy(&res.stat.nlm4_testrply_u.holder, holder, + sizeof(struct nlm4_holder)); + } + + /* + * nlm_test has different result type to the other operations, so + * can't use transmit4_result() in this case + */ + addr = (struct sockaddr *)svc_getcaller(rqstp->rq_xprt); + if ((cli = get_client(addr, NLM_VERS4)) != NULL) { + timeo.tv_sec = 0; /* No timeout - not expecting response */ + timeo.tv_usec = 0; + + success = clnt_call(cli, NLM4_TEST_RES, xdr_nlm4_testres, + &res, xdr_void, &dummy, timeo); + + if (debug_level > 2) + syslog(LOG_DEBUG, "clnt_call returns %d", success); + } + return (NULL); +} + +/* nlm_lock ---------------------------------------------------------------- */ +/* + * Purposes: Establish a lock + * Returns: granted, denied or blocked + * Notes: *** grace period support missing + */ +nlm4_res * +nlm4_lock_4_svc(arg, rqstp) + nlm4_lockargs *arg; + struct svc_req *rqstp; +{ + static nlm4_res res; + + if (debug_level) + log_from_addr("nlm4_lock", rqstp); + if (debug_level > 5) { + syslog(LOG_DEBUG, "Locking arguments:\n"); + log_netobj(&(arg->cookie)); + syslog(LOG_DEBUG, "Alock arguments:\n"); + syslog(LOG_DEBUG, "Caller Name: %s\n",arg->alock.caller_name); + syslog(LOG_DEBUG, "File Handle:\n"); + log_netobj(&(arg->alock.fh)); + syslog(LOG_DEBUG, "Owner Handle:\n"); + log_netobj(&(arg->alock.oh)); + syslog(LOG_DEBUG, "SVID: %d\n", arg->alock.svid); + syslog(LOG_DEBUG, "Lock Offset: %llu\n", + (unsigned long long)arg->alock.l_offset); + syslog(LOG_DEBUG, "Lock Length: %llu\n", + (unsigned long long)arg->alock.l_len); + syslog(LOG_DEBUG, "Block: %s\n", (arg->block ? "true" : "false")); + syslog(LOG_DEBUG, "Exclusive: %s\n", (arg->exclusive ? "true" : "false")); + syslog(LOG_DEBUG, "Reclaim: %s\n", (arg->reclaim ? "true" : "false")); + syslog(LOG_DEBUG, "State num: %d\n", arg->state); + } + + /* copy cookie from arg to result. See comment in nlm_test_4() */ + res.cookie = arg->cookie; + + res.stat.stat = getlock(arg, rqstp, LOCK_MON | LOCK_V4); + return (&res); +} + +void * +nlm4_lock_msg_4_svc(arg, rqstp) + nlm4_lockargs *arg; + struct svc_req *rqstp; +{ + static nlm4_res res; + + if (debug_level) + log_from_addr("nlm4_lock_msg", rqstp); + + res.cookie = arg->cookie; + res.stat.stat = getlock(arg, rqstp, LOCK_MON | LOCK_ASYNC | LOCK_V4); + transmit4_result(NLM4_LOCK_RES, &res, + (struct sockaddr *)svc_getcaller(rqstp->rq_xprt)); + + return (NULL); +} + +/* nlm_cancel -------------------------------------------------------------- */ +/* + * Purpose: Cancel a blocked lock request + * Returns: granted or denied + * Notes: + */ +nlm4_res * +nlm4_cancel_4_svc(arg, rqstp) + nlm4_cancargs *arg; + struct svc_req *rqstp; +{ + static nlm4_res res; + + if (debug_level) + log_from_addr("nlm4_cancel", rqstp); + + /* copy cookie from arg to result. See comment in nlm_test_1() */ + res.cookie = arg->cookie; + + /* + * Since at present we never return 'nlm_blocked', there can never be + * a lock to cancel, so this call always fails. + */ + res.stat.stat = unlock(&arg->alock, LOCK_CANCEL); + return (&res); +} + +void * +nlm4_cancel_msg_4_svc(arg, rqstp) + nlm4_cancargs *arg; + struct svc_req *rqstp; +{ + static nlm4_res res; + + if (debug_level) + log_from_addr("nlm4_cancel_msg", rqstp); + + res.cookie = arg->cookie; + /* + * Since at present we never return 'nlm_blocked', there can never be + * a lock to cancel, so this call always fails. + */ + res.stat.stat = unlock(&arg->alock, LOCK_CANCEL | LOCK_V4); + transmit4_result(NLM4_CANCEL_RES, &res, + (struct sockaddr *)svc_getcaller(rqstp->rq_xprt)); + return (NULL); +} + +/* nlm_unlock -------------------------------------------------------------- */ +/* + * Purpose: Release an existing lock + * Returns: Always granted, unless during grace period + * Notes: "no such lock" error condition is ignored, as the + * protocol uses unreliable UDP datagrams, and may well + * re-try an unlock that has already succeeded. + */ +nlm4_res * +nlm4_unlock_4_svc(arg, rqstp) + nlm4_unlockargs *arg; + struct svc_req *rqstp; +{ + static nlm4_res res; + + if (debug_level) + log_from_addr("nlm4_unlock", rqstp); + + res.stat.stat = unlock(&arg->alock, LOCK_V4); + res.cookie = arg->cookie; + + return (&res); +} + +void * +nlm4_unlock_msg_4_svc(arg, rqstp) + nlm4_unlockargs *arg; + struct svc_req *rqstp; +{ + static nlm4_res res; + + if (debug_level) + log_from_addr("nlm4_unlock_msg", rqstp); + + res.stat.stat = unlock(&arg->alock, LOCK_V4); + res.cookie = arg->cookie; + + transmit4_result(NLM4_UNLOCK_RES, &res, + (struct sockaddr *)svc_getcaller(rqstp->rq_xprt)); + return (NULL); +} + +/* ------------------------------------------------------------------------- */ +/* + * Client-side pseudo-RPCs for results. Note that for the client there + * are only nlm_xxx_msg() versions of each call, since the 'real RPC' + * version returns the results in the RPC result, and so the client + * does not normally receive incoming RPCs. + * + * The exception to this is nlm_granted(), which is genuinely an RPC + * call from the server to the client - a 'call-back' in normal procedure + * call terms. + */ + +/* nlm_granted ------------------------------------------------------------- */ +/* + * Purpose: Receive notification that formerly blocked lock now granted + * Returns: always success ('granted') + * Notes: + */ +nlm4_res * +nlm4_granted_4_svc(arg, rqstp) + nlm4_testargs *arg; + struct svc_req *rqstp; +{ + static nlm4_res res; + + if (debug_level) + log_from_addr("nlm4_granted", rqstp); + + res.stat.stat = lock_answer(arg->alock.svid, &arg->cookie, + nlm4_granted, NLM_VERS4, NULL, 0, 0) == 0 ? + nlm4_granted : nlm4_denied; + + /* copy cookie from arg to result. See comment in nlm_test_1() */ + res.cookie = arg->cookie; + + return (&res); +} + +void * +nlm4_granted_msg_4_svc(arg, rqstp) + nlm4_testargs *arg; + struct svc_req *rqstp; +{ + static nlm4_res res; + + if (debug_level) + log_from_addr("nlm4_granted_msg", rqstp); + + res.stat.stat = lock_answer(arg->alock.svid, &arg->cookie, + nlm4_granted, NLM_VERS4, NULL, 0, 0) == 0 ? + nlm4_granted : nlm4_denied; + + res.cookie = arg->cookie; + + transmit4_result(NLM4_GRANTED_RES, &res, + (struct sockaddr *)svc_getcaller(rqstp->rq_xprt)); + return (NULL); +} + +/* nlm_test_res ------------------------------------------------------------ */ +/* + * Purpose: Accept result from earlier nlm_test_msg() call + * Returns: Nothing + */ +void * +nlm4_test_res_4_svc(arg, rqstp) + nlm4_testres *arg; + struct svc_req *rqstp; +{ + if (debug_level) + log_from_addr("nlm4_test_res", rqstp); + + (void)lock_answer(-1, &arg->cookie, arg->stat.stat, NLM_VERS4, + (int *)&arg->stat.nlm4_testrply_u.holder.svid, + arg->stat.nlm4_testrply_u.holder.l_offset, + arg->stat.nlm4_testrply_u.holder.l_len); + return (NULL); +} + +/* nlm_lock_res ------------------------------------------------------------ */ +/* + * Purpose: Accept result from earlier nlm_lock_msg() call + * Returns: Nothing + */ +void * +nlm4_lock_res_4_svc(arg, rqstp) + nlm4_res *arg; + struct svc_req *rqstp; +{ + if (debug_level) + log_from_addr("nlm4_lock_res", rqstp); + + (void)lock_answer(-1, &arg->cookie, arg->stat.stat, NLM_VERS4, NULL, 0, 0); + + return (NULL); +} + +/* nlm_cancel_res ---------------------------------------------------------- */ +/* + * Purpose: Accept result from earlier nlm_cancel_msg() call + * Returns: Nothing + */ +void * +nlm4_cancel_res_4_svc(arg, rqstp) + nlm4_res *arg __unused; + struct svc_req *rqstp; +{ + if (debug_level) + log_from_addr("nlm4_cancel_res", rqstp); + return (NULL); +} + +/* nlm_unlock_res ---------------------------------------------------------- */ +/* + * Purpose: Accept result from earlier nlm_unlock_msg() call + * Returns: Nothing + */ +void * +nlm4_unlock_res_4_svc(arg, rqstp) + nlm4_res *arg __unused; + struct svc_req *rqstp; +{ + if (debug_level) + log_from_addr("nlm4_unlock_res", rqstp); + return (NULL); +} + +/* nlm_granted_res --------------------------------------------------------- */ +/* + * Purpose: Accept result from earlier nlm_granted_msg() call + * Returns: Nothing + */ +void * +nlm4_granted_res_4_svc(arg, rqstp) + nlm4_res *arg __unused; + struct svc_req *rqstp; +{ + if (debug_level) + log_from_addr("nlm4_granted_res", rqstp); + /* XXX should undo lock if granted msg wasn't accepted! */ + return (NULL); +} + +/* ------------------------------------------------------------------------- */ +/* + * Calls for PCNFS locking (aka non-monitored locking, no involvement + * of rpc.statd). + * + * These are all genuine RPCs - no nlm_xxx_msg() nonsense here. + */ + +/* nlm_share --------------------------------------------------------------- */ +/* + * Purpose: Establish a DOS-style lock + * Returns: success or failure + * Notes: Blocking locks are not supported - client is expected + * to retry if required. + */ +nlm4_shareres * +nlm4_share_4_svc(arg, rqstp) + nlm4_shareargs *arg; + struct svc_req *rqstp; +{ + static nlm4_shareres res; + + if (debug_level) + log_from_addr("nlm4_share", rqstp); + + res.cookie = arg->cookie; + res.sequence = 0; /* X/Open says this field is ignored? */ + + res.stat = getshare((nlm_shareargs*)arg, rqstp, LOCK_V4); + return (&res); +} + +/* nlm4_unshare ------------------------------------------------------------ */ +/* + * Purpose: Release a DOS-style lock + * Returns: nlm_granted, unless in grace period + * Notes: + */ +nlm4_shareres * +nlm4_unshare_4_svc(arg, rqstp) + nlm4_shareargs *arg; + struct svc_req *rqstp; +{ + static nlm4_shareres res; + + if (debug_level) + log_from_addr("nlm4_unshare", rqstp); + + res.cookie = arg->cookie; + res.sequence = 0; /* X/Open says this field is ignored? */ + + res.stat = unshare((nlm_shareargs*)arg, rqstp); + return (&res); +} + +/* nlm4_nm_lock ------------------------------------------------------------ */ +/* + * Purpose: non-monitored version of nlm4_lock() + * Returns: as for nlm4_lock() + * Notes: These locks are in the same style as the standard nlm4_lock, + * but the rpc.statd should not be called to establish a + * monitor for the client machine, since that machine is + * declared not to be running a rpc.statd, and so would not + * respond to the statd protocol. + */ +nlm4_res * +nlm4_nm_lock_4_svc(arg, rqstp) + nlm4_lockargs *arg; + struct svc_req *rqstp; +{ + static nlm4_res res; + + if (debug_level) + log_from_addr("nlm4_nm_lock", rqstp); + + /* copy cookie from arg to result. See comment in nlm_test_4() */ + res.cookie = arg->cookie; + + res.stat.stat = getlock(arg, rqstp, LOCK_V4); + return (&res); +} + +/* nlm4_free_all ------------------------------------------------------------ */ +/* + * Purpose: Release all locks held by a named client + * Returns: Nothing + * Notes: Potential denial of service security problem here - the + * locks to be released are specified by a host name, independent + * of the address from which the request has arrived. + * Should probably be rejected if the named host has been + * using monitored locks. + */ +void * +nlm4_free_all_4_svc(arg, rqstp) + struct nlm4_notify *arg; + struct svc_req *rqstp; +{ + static char dummy; + + if (debug_level) + log_from_addr("nlm4_free_all", rqstp); + + /* free all non-monitored locks/shares for specified host */ + do_free_all(arg->name); + + return (&dummy); +} + +/* nlm_sm_notify --------------------------------------------------------- */ +/* + * Purpose: called by rpc.statd when a monitored host state changes. + * Returns: Nothing + */ +void * +nlm_sm_notify_0_svc(arg, rqstp) + struct nlm_sm_status *arg; + struct svc_req *rqstp __unused; +{ + static char dummy; + notify(arg->mon_name, arg->state); + return (&dummy); +} diff --git a/rpc_lockd.tproj/lockd.c b/rpc_lockd.tproj/lockd.c new file mode 100644 index 0000000..f8e46db --- /dev/null +++ b/rpc_lockd.tproj/lockd.c @@ -0,0 +1,371 @@ +/* $NetBSD: lockd.c,v 1.7 2000/08/12 18:08:44 thorpej Exp $ */ +/* $FreeBSD: src/usr.sbin/rpc.lockd/lockd.c,v 1.13 2002/04/11 07:19:30 alfred Exp $ */ + +/* + * Copyright (c) 1995 + * A.R. Gordon (andrew.gordon@net-tel.co.uk). All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed for the FreeBSD project + * 4. Neither the name of the author nor the names of any co-contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY ANDREW GORDON AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + */ + +#include +#ifndef lint +__RCSID("$NetBSD: lockd.c,v 1.7 2000/08/12 18:08:44 thorpej Exp $"); +#endif + +/* + * main() function for NFS lock daemon. Most of the code in this + * file was generated by running rpcgen /usr/include/rpcsvc/nlm_prot.x. + * + * The actual program logic is in the file lock_proc.c + */ + +#include +#include + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include +#include +#include + +#include "lockd.h" +#include + +int debug_level = 0; /* 0 = no debugging syslog() calls */ +int _rpcsvcdirty = 0; +int waitkern = 0; /* 1 = wait for kernel to say start */ + +const char *pid_file = NULL; + +int grace_expired; +int nsm_state; +pid_t client_pid = -1; +struct mon mon_host; + +void init_nsm(void); +void nlm_prog_0(struct svc_req *, SVCXPRT *); +void nlm_prog_1(struct svc_req *, SVCXPRT *); +void nlm_prog_3(struct svc_req *, SVCXPRT *); +void nlm_prog_4(struct svc_req *, SVCXPRT *); +void usage(void); + +int claim_pid_file(const char *, int); +void cleanup_pid_file(void); +void handle_sig_cleanup(int); + +void sigalarm_handler(void); + +const char *transports[] = { "udp", "tcp", "udp6", "tcp6" }; + +int +main(argc, argv) + int argc; + char **argv; +{ + SVCXPRT *transp; + int ch; + struct sigaction sigalarm; + int grace_period = 30; + + while ((ch = getopt(argc, argv, "d:g:w")) != (-1)) { + switch (ch) { + case 'd': + debug_level = atoi(optarg); + if (!debug_level) { + usage(); + /* NOTREACHED */ + } + break; + case 'g': + grace_period = atoi(optarg); + if (!grace_period) { + usage(); + /* NOTREACHED */ + } + break; + case 'w': + waitkern = 1; + break; + default: + case '?': + usage(); + /* NOTREACHED */ + } + } + if (geteuid()) { /* This command allowed only to root */ + fprintf(stderr, "Sorry. You are not superuser\n"); + exit(1); + } + + /* + * Note that it is NOT sensible to run this program from inetd - the + * protocol assumes that it will run immediately at boot time. + */ + if (debug_level != 99 && daemon(0, 0)) { + err(1, "cannot fork"); + /* NOTREACHED */ + } + + /* Install signal handler to remove any pid file */ + signal(SIGINT, handle_sig_cleanup); + signal(SIGTERM, handle_sig_cleanup); + signal(SIGHUP, handle_sig_cleanup); + signal(SIGQUIT, handle_sig_cleanup); + + if (claim_pid_file("/var/run/lockd.pid", 0) < 0) + errx(1, "cannot claim pid file"); + + if (waitkern) { + struct timespec ts; + /* wait for kernel to get first lock request */ + client_kern_wait(); + /* start statd now, in case it isn't already */ + system("rpc.statd"); + /* sleep a little to give statd/portmap a chance to start */ + /* (better to sleep 100ms than to timeout on portmap calls) */ + ts.tv_sec = 0; + ts.tv_nsec = 100*1000*1000; + nanosleep(&ts, NULL); + } + + openlog("rpc.lockd", 0, LOG_DAEMON); + if (debug_level) + syslog(LOG_INFO, "Starting, debug level %d", debug_level); + else + syslog(LOG_INFO, "Starting"); + + (void)pmap_unset(NLM_PROG, NLM_SM); + (void)pmap_unset(NLM_PROG, NLM_VERS); + (void)pmap_unset(NLM_PROG, NLM_VERSX); + (void)pmap_unset(NLM_PROG, NLM_VERS4); + + transp = svcudp_create(RPC_ANYSOCK); + if (transp == NULL) + errx(1, "cannot create udp service"); + if (!svc_register(transp, NLM_PROG, NLM_VERS, nlm_prog_1, IPPROTO_UDP)) + errx(1, "unable to register (NLM_PROG, NLM_VERS, udp)"); + if (!svc_register(transp, NLM_PROG, NLM_VERSX, nlm_prog_3, IPPROTO_UDP)) + errx(1, "unable to register (NLM_PROG, NLM_VERSX, udp)"); + if (!svc_register(transp, NLM_PROG, NLM_VERS4, nlm_prog_4, IPPROTO_UDP)) + errx(1, "unable to register (NLM_PROG, NLM_VERS4, udp)"); + + transp = svctcp_create(RPC_ANYSOCK, 0, 0); + if (transp == NULL) + errx(1, "cannot create tcp service"); + if (!svc_register(transp, NLM_PROG, NLM_VERS, nlm_prog_1, IPPROTO_TCP)) + errx(1, "unable to register (NLM_PROG, NLM_VERS, tcp)"); + if (!svc_register(transp, NLM_PROG, NLM_VERSX, nlm_prog_3, IPPROTO_TCP)) + errx(1, "unable to register (NLM_PROG, NLM_VERSX, tcp)"); + if (!svc_register(transp, NLM_PROG, NLM_VERS4, nlm_prog_4, IPPROTO_TCP)) + errx(1, "unable to register (NLM_PROG, NLM_VERS4, tcp)"); + + sigalarm.sa_handler = (sig_t) sigalarm_handler; + sigemptyset(&sigalarm.sa_mask); + sigalarm.sa_flags = SA_RESETHAND; /* should only happen once */ + sigalarm.sa_flags |= SA_RESTART; + if (sigaction(SIGALRM, &sigalarm, NULL) != 0) { + syslog(LOG_WARNING, "sigaction(SIGALRM) failed: %s", + strerror(errno)); + exit(1); + } + grace_expired = 0; + alarm(grace_period); + + init_nsm(); + + client_pid = client_request(); + + svc_run(); /* Should never return */ + exit(1); +} + +void +sigalarm_handler(void) +{ + + grace_expired = 1; +} + +void +usage() +{ + errx(1, "usage: rpc.lockd [-d ] [-g ] [-w]"); +} + +/* + * init_nsm -- + * Reset the NSM state-of-the-world and acquire its state. + */ +void +init_nsm(void) +{ + enum clnt_stat ret; + my_id id; + sm_stat stat; + char name[] = "NFS NLM"; + char localhost[] = "localhost"; + int attempt = 0; + + /* + * !!! + * The my_id structure isn't used by the SM_UNMON_ALL call, as far + * as I know. Leave it empty for now. + */ + memset(&id, 0, sizeof(id)); + id.my_name = name; + + /* + * !!! + * The statd program must already be registered when lockd runs. + * If we have a problem contacting statd, pause and try again a + * number of times in case statd is just slow in coming up. + */ + do { + ret = callrpc("localhost", SM_PROG, SM_VERS, SM_UNMON_ALL, + xdr_my_id, &id, xdr_sm_stat, &stat); + if (ret) { + warnx("%lu %s", SM_PROG, clnt_sperrno(ret)); + if (++attempt < 20) { + sleep(attempt); + continue; + } + } + break; + } while (1); + + if (ret != 0) { + errx(1, "%lu %s", SM_PROG, clnt_sperrno(ret)); + } + + nsm_state = stat.state; + + /* setup constant data for SM_MON calls */ + mon_host.mon_id.my_id.my_name = localhost; + mon_host.mon_id.my_id.my_prog = NLM_PROG; + mon_host.mon_id.my_id.my_vers = NLM_SM; + mon_host.mon_id.my_id.my_proc = NLM_SM_NOTIFY; /* bsdi addition */ +} + +/* + * claim_pid_file + * + * Purpose: take ownership of and store pid in given pid_file + * Returns: 0 on success or -1 on failure + * Notes: force parameter requests that current owner (if any) of + * pid file be terminated. + */ +int +claim_pid_file(const char *name, int force) +{ + int pidfd, rv, retried = 0; + FILE *pidfile; + +try_again: + + /* attempt exclusive open of pid file */ + pidfd = open(name, O_EXCL|O_CREAT|O_WRONLY, + S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH); + if (pidfd < 0) { + char buf[16]; + pid_t pid; + if (retried) + return -1; + bzero(buf, 16); + retried = 1; + /* pid file busy, check validity */ + pidfd = open(name, O_RDONLY); + if (pidfd < 0) + goto try_again; + rv = read(pidfd, buf, 15); + close(pidfd); + if (rv <= 0) + goto try_again; + pid = atoi(buf); + if (pid <= 0) + goto try_again; + rv = kill(pid, force ? SIGKILL : 0); + /* if can't signal, assume stale pid file */ + if ((rv < 0) || force) + unlink(name); + goto try_again; + } + pid_file = name; + atexit(cleanup_pid_file); + + pidfile = fdopen(pidfd, "w"); + if (pidfile) { + fchmod(pidfd, S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH); + fprintf(pidfile, "%d\n", getpid()); + fclose(pidfile); + } else + perror("fdopen"); + close(pidfd); + return 0; +} + +/* + * cleanup_pid_file + * + * Purpose: delete any pid_file that has been claimed + * Returns: Nothing + */ +void +cleanup_pid_file(void) +{ + if (pid_file) { + unlink(pid_file); + pid_file = NULL; + } +} + +/* + * handle_sig_cleanup + * + * Purpose: on signal, kill client child and do pid file cleanup + * Returns: Nothing + */ +void +handle_sig_cleanup(int sig __unused) +{ + if (client_pid != -1) + kill(client_pid, SIGTERM); + cleanup_pid_file(); + exit(1); +} + diff --git a/racoonctl.tproj/misc.h b/rpc_lockd.tproj/lockd.h similarity index 55% rename from racoonctl.tproj/misc.h rename to rpc_lockd.tproj/lockd.h index c5f2846..2799058 100644 --- a/racoonctl.tproj/misc.h +++ b/rpc_lockd.tproj/lockd.h @@ -1,9 +1,10 @@ -/* $KAME: misc.h,v 1.11 2001/07/14 05:48:33 sakane Exp $ */ +/* $NetBSD: lockd.h,v 1.2 2000/06/07 14:34:40 bouyer Exp $ */ +/* $FreeBSD: src/usr.sbin/rpc.lockd/lockd.h,v 1.5 2001/11/29 17:36:45 alfred Exp $ */ /* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * + * Copyright (c) 1995 + * A.R. Gordon (andrew.gordon@net-tel.co.uk). All rights reserved. + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -12,14 +13,17 @@ * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed for the FreeBSD project + * 4. Neither the name of the author nor the names of any co-contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND + * + * THIS SOFTWARE IS PROVIDED BY ANDREW GORDON AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) @@ -27,20 +31,17 @@ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. + * */ -#define BIT2STR(b) bit2str(b, sizeof(b)<<3) +extern int debug_level; +extern int grace_expired; +void client_kern_wait(void); +pid_t client_request(void); +extern int nsm_state; +extern pid_t client_pid; -#ifdef HAVE_FUNCTION_MACRO -#define LOCATION debug_location(__FILE__, __LINE__, __FUNCTION__) -#else -#define LOCATION debug_location(__FILE__, __LINE__, NULL) -#endif - -extern int hexdump __P((void *, size_t)); -extern char *bit2str __P((int, int)); -extern void *get_newbuf __P((void *, size_t)); -extern const char *debug_location __P((const char *, int, const char *)); -extern int getfsize __P((char *)); -struct timeval; -extern double timedelta __P((struct timeval *, struct timeval *)); +/* XXX these should be in some system headers */ +typedef u_int32_t rpcvers_t; +int nfsclnt(int, void *); +extern int callrpc(const char *, int, int, int, xdrproc_t, void *, xdrproc_t , void *); diff --git a/rpc_lockd.tproj/lockd_lock.c b/rpc_lockd.tproj/lockd_lock.c new file mode 100644 index 0000000..f1fe265 --- /dev/null +++ b/rpc_lockd.tproj/lockd_lock.c @@ -0,0 +1,2571 @@ +/* $NetBSD: lockd_lock.c,v 1.5 2000/11/21 03:47:41 enami Exp $ */ +/* $FreeBSD: src/usr.sbin/rpc.lockd/lockd_lock.c,v 1.10 2002/03/22 19:57:09 alfred Exp $ */ + +/* + * Copyright (c) 2001 Andrew P. Lentvorski, Jr. + * Copyright (c) 2000 Manuel Bouyer. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the University of + * California, Berkeley and its contributors. + * 4. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + */ + +#define LOCKD_DEBUG + +#include +#ifdef LOCKD_DEBUG +#include +#endif +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "lockd.h" +#include "lockd_lock.h" + +#define MAXOBJECTSIZE 64 +#define MAXBUFFERSIZE 1024 + +/* + * SM_MAXSTRLEN is usually 1024. This means that lock requests and + * host name monitoring entries are *MUCH* larger than they should be + */ + +/* + * A set of utilities for managing file locking + * + * XXX: All locks are in a linked list, a better structure should be used + * to improve search/access effeciency. + */ + +/* struct describing a lock */ +struct file_lock { + LIST_ENTRY(file_lock) nfslocklist; + netobj filehandle; /* NFS filehandle */ + struct sockaddr *addr; + struct nlm4_holder client; /* lock holder */ + /* XXX: client_cookie used *only* in send_granted */ + netobj client_cookie; /* cookie sent by the client */ + char client_name[SM_MAXSTRLEN]; + int nsm_status; /* status from the remote lock manager */ + int status; /* lock status, see below */ + int flags; /* lock flags, see lockd_lock.h */ + int blocking; /* blocking lock or not */ + pid_t locker; /* pid of the child process trying to get the lock */ + int fd; /* file descriptor for this lock */ +}; + +LIST_HEAD(nfslocklist_head, file_lock); +struct nfslocklist_head nfslocklist_head = LIST_HEAD_INITIALIZER(nfslocklist_head); + +LIST_HEAD(blockedlocklist_head, file_lock); +struct blockedlocklist_head blockedlocklist_head = LIST_HEAD_INITIALIZER(blockedlocklist_head); + +/* struct describing a share reservation */ +struct file_share { + LIST_ENTRY(file_share) nfssharelist; + netobj oh; /* share holder */ + char client_name[SM_MAXSTRLEN]; + short mode; + short access; +}; +LIST_HEAD(nfssharelist_head, file_share); + +/* Struct describing a file with share reservations */ +struct sharefile { + LIST_ENTRY(sharefile) sharefilelist; + netobj filehandle; /* Local access filehandle */ + int fd; /* file descriptor: remains open until no more shares */ + int refcount; + struct nfssharelist_head sharelist_head; +}; +LIST_HEAD(nfssharefilelist_head, sharefile); +struct nfssharefilelist_head nfssharefilelist_head = LIST_HEAD_INITIALIZER(nfssharefilelist_head); + +/* lock status */ +#define LKST_LOCKED 1 /* lock is locked */ +/* XXX: Is this flag file specific or lock specific? */ +#define LKST_WAITING 2 /* file is already locked by another host */ +#define LKST_PROCESSING 3 /* child is trying to aquire the lock */ +#define LKST_DYING 4 /* must dies when we get news from the child */ + +/* struct describing a monitored host */ +struct host { + LIST_ENTRY(host) hostlst; + char name[SM_MAXSTRLEN]; + int refcnt; +}; +/* list of hosts we monitor */ +LIST_HEAD(hostlst_head, host); +struct hostlst_head hostlst_head = LIST_HEAD_INITIALIZER(hostlst_head); + +/* + * File monitoring handlers + * XXX: These might be able to be removed when kevent support + * is placed into the hardware lock/unlock routines. (ie. + * let the kernel do all the file monitoring) + */ + +/* Struct describing a monitored file */ +struct monfile { + LIST_ENTRY(monfile) monfilelist; + netobj filehandle; /* Local access filehandle */ + int fd; /* file descriptor: remains open until unlock! */ + int refcount; + int exclusive; +}; + +/* List of files we monitor */ +LIST_HEAD(monfilelist_head, monfile); +struct monfilelist_head monfilelist_head = LIST_HEAD_INITIALIZER(monfilelist_head); + +static int debugdelay = 0; + +enum nfslock_status { NFS_GRANTED = 0, NFS_GRANTED_DUPLICATE, + NFS_DENIED, NFS_DENIED_NOLOCK, + NFS_RESERR }; + +enum hwlock_status { HW_GRANTED = 0, HW_GRANTED_DUPLICATE, + HW_DENIED, HW_DENIED_NOLOCK, + HW_STALEFH, HW_READONLY, HW_RESERR }; + +enum partialfilelock_status { PFL_GRANTED=0, PFL_GRANTED_DUPLICATE, PFL_DENIED, + PFL_NFSDENIED, PFL_NFSBLOCKED, PFL_NFSDENIED_NOLOCK, PFL_NFSRESERR, + PFL_HWDENIED, PFL_HWBLOCKED, PFL_HWDENIED_NOLOCK, PFL_HWRESERR}; + +enum LFLAGS {LEDGE_LEFT, LEDGE_LBOUNDARY, LEDGE_INSIDE, LEDGE_RBOUNDARY, LEDGE_RIGHT}; +enum RFLAGS {REDGE_LEFT, REDGE_LBOUNDARY, REDGE_INSIDE, REDGE_RBOUNDARY, REDGE_RIGHT}; +/* XXX: WARNING! I HAVE OVERLOADED THIS STATUS ENUM! SPLIT IT APART INTO TWO */ +enum split_status {SPL_DISJOINT=0, SPL_LOCK1=1, SPL_LOCK2=2, SPL_CONTAINED=4, SPL_RESERR=8}; + +enum partialfilelock_status lock_partialfilelock(struct file_lock *fl); + +void send_granted(struct file_lock *fl, int opcode); +void siglock(void); +void sigunlock(void); +void monitor_lock_host(const char *hostname); +void unmonitor_lock_host(const char *hostname); + +void copy_nlm4_lock_to_nlm4_holder(const struct nlm4_lock *src, + const bool_t exclusive, struct nlm4_holder *dest); +struct file_lock * allocate_file_lock(const netobj *lockowner, + const netobj *matchcookie, const netobj *filehandle); +void deallocate_file_lock(struct file_lock *fl); +void fill_file_lock(struct file_lock *fl, + struct sockaddr *addr, const bool_t exclusive, const int32_t svid, + const u_int64_t offset, const u_int64_t len, const char *caller_name, + const int state, const int status, const int flags, const int blocking); +int regions_overlap(const u_int64_t start1, const u_int64_t len1, + const u_int64_t start2, const u_int64_t len2);; +enum split_status region_compare(const u_int64_t starte, const u_int64_t lene, + const u_int64_t startu, const u_int64_t lenu, + u_int64_t *start1, u_int64_t *len1, u_int64_t *start2, u_int64_t *len2); +int same_netobj(const netobj *n0, const netobj *n1); +int same_filelock_identity(const struct file_lock *fl0, + const struct file_lock *fl2); + +static void debuglog(char const *fmt, ...); +void dump_static_object(const unsigned char* object, const int sizeof_object, + unsigned char* hbuff, const int sizeof_hbuff, + unsigned char* cbuff, const int sizeof_cbuff); +void dump_netobj(const struct netobj *nobj); +void dump_filelock(const struct file_lock *fl); +struct file_lock * get_lock_matching_unlock(const struct file_lock *fl); +enum nfslock_status test_nfslock(const struct file_lock *fl, + struct file_lock **conflicting_fl); +enum nfslock_status lock_nfslock(struct file_lock *fl); +enum nfslock_status delete_nfslock(struct file_lock *fl); +enum nfslock_status unlock_nfslock(const struct file_lock *fl, + struct file_lock **released_lock, struct file_lock **left_lock, + struct file_lock **right_lock); +enum hwlock_status lock_hwlock(struct file_lock *fl); +enum split_status split_nfslock(const struct file_lock *exist_lock, + const struct file_lock *unlock_lock, struct file_lock **left_lock, + struct file_lock **right_lock); +void add_blockingfilelock(struct file_lock *fl); +enum hwlock_status unlock_hwlock(const struct file_lock *fl); +enum hwlock_status test_hwlock(const struct file_lock *fl, + struct file_lock **conflicting_fl); +void remove_blockingfilelock(struct file_lock *fl); +void clear_blockingfilelock(const char *hostname); +void retry_blockingfilelocklist(void); +enum partialfilelock_status unlock_partialfilelock( + const struct file_lock *fl); +void clear_partialfilelock(const char *hostname); +enum partialfilelock_status test_partialfilelock( + const struct file_lock *fl, struct file_lock **conflicting_fl); +enum nlm_stats do_test(struct file_lock *fl, + struct file_lock **conflicting_fl); +enum nlm_stats do_unlock(struct file_lock *fl); +enum nlm_stats do_lock(struct file_lock *fl); +void do_clear(const char *hostname); + + +void +debuglog(char const *fmt, ...) +{ + va_list ap; + + if (debug_level < 1) { + return; + } + + sleep(debugdelay); + + va_start(ap, fmt); + vsyslog(LOG_DEBUG, fmt, ap); + va_end(ap); +} + +void +dump_static_object(object, size_object, hbuff, size_hbuff, cbuff, size_cbuff) + const unsigned char *object; + const int size_object; + unsigned char *hbuff; + const int size_hbuff; + unsigned char *cbuff; + const int size_cbuff; +{ + int i, objectsize; + + if (debug_level < 2) { + return; + } + + objectsize = size_object; + + if (objectsize == 0) { + debuglog("object is size 0\n"); + } else { + if (objectsize > MAXOBJECTSIZE) { + debuglog("Object of size %d being clamped" + "to size %d\n", objectsize, MAXOBJECTSIZE); + objectsize = MAXOBJECTSIZE; + } + + if (hbuff != NULL) { + if (size_hbuff < objectsize*2+1) { + debuglog("Hbuff not large enough." + " Increase size\n"); + } else { + for(i=0;i= 32 && *(object+i) <= 127) { + *(cbuff+i) = *(object+i); + } else { + *(cbuff+i) = '.'; + } + } + *(cbuff+i) = '\0'; + } + } +} + +void +dump_netobj(const struct netobj *nobj) +{ + char hbuff[MAXBUFFERSIZE*2]; + char cbuff[MAXBUFFERSIZE]; + + if (debug_level < 2) { + return; + } + + if (nobj == NULL) { + debuglog("Null netobj pointer\n"); + } + else if (nobj->n_len == 0) { + debuglog("Size zero netobj\n"); + } else { + dump_static_object(nobj->n_bytes, nobj->n_len, + hbuff, sizeof(hbuff), cbuff, sizeof(cbuff)); + debuglog("netobj: len: %d data: %s ::: %s\n", + nobj->n_len, hbuff, cbuff); + } +} + +/* #define DUMP_FILELOCK_VERBOSE */ +void +dump_filelock(const struct file_lock *fl) +{ +#ifdef DUMP_FILELOCK_VERBOSE + char hbuff[MAXBUFFERSIZE*2]; + char cbuff[MAXBUFFERSIZE]; +#endif + + if (debug_level < 2) { + return; + } + + if (fl != NULL) { + debuglog("Dumping file lock structure @ %p\n", fl); + +#ifdef DUMP_FILELOCK_VERBOSE + dump_static_object((unsigned char *)&fl->filehandle.n_bytes, + fl->filehandle.n_len, hbuff, sizeof(hbuff), + cbuff, sizeof(cbuff)); + debuglog("Filehandle: %8s ::: %8s\n", hbuff, cbuff); +#endif + + debuglog("Dumping nlm4_holder:\n" + "exc: %x svid: %x offset:len %llx:%llx\n", + fl->client.exclusive, fl->client.svid, + fl->client.l_offset, fl->client.l_len); + +#ifdef DUMP_FILELOCK_VERBOSE + debuglog("Dumping client identity:\n"); + dump_netobj(&fl->client.oh); + + debuglog("Dumping client cookie:\n"); + dump_netobj(&fl->client_cookie); + + debuglog("nsm: %d status: %d flags: %d locker: %d" + " fd: %d\n", fl->nsm_status, fl->status, + fl->flags, fl->locker, fl->fd); +#endif + } else { + debuglog("NULL file lock structure\n"); + } +} + +void +copy_nlm4_lock_to_nlm4_holder(src, exclusive, dest) + const struct nlm4_lock *src; + const bool_t exclusive; + struct nlm4_holder *dest; +{ + + dest->exclusive = exclusive; + dest->oh.n_len = src->oh.n_len; + dest->oh.n_bytes = src->oh.n_bytes; + dest->svid = src->svid; + dest->l_offset = src->l_offset; + dest->l_len = src->l_len; +} + + +/* + * allocate_file_lock: Create a lock with the given parameters + */ + +struct file_lock * +allocate_file_lock(const netobj *lockowner, const netobj *matchcookie, const netobj *filehandle) +{ + struct file_lock *newfl; + + newfl = malloc(sizeof(struct file_lock)); + if (newfl == NULL) { + return NULL; + } + bzero(newfl, sizeof(newfl)); + + newfl->client.oh.n_bytes = malloc(lockowner->n_len); + if (newfl->client.oh.n_bytes == NULL) { + free(newfl); + return NULL; + } + newfl->client.oh.n_len = lockowner->n_len; + bcopy(lockowner->n_bytes, newfl->client.oh.n_bytes, lockowner->n_len); + + newfl->client_cookie.n_bytes = malloc(matchcookie->n_len); + if (newfl->client_cookie.n_bytes == NULL) { + free(newfl->client.oh.n_bytes); + free(newfl); + return NULL; + } + newfl->client_cookie.n_len = matchcookie->n_len; + bcopy(matchcookie->n_bytes, newfl->client_cookie.n_bytes, matchcookie->n_len); + + newfl->filehandle.n_bytes = malloc(filehandle->n_len); + if (newfl->filehandle.n_bytes == NULL) { + free(newfl->client_cookie.n_bytes); + free(newfl->client.oh.n_bytes); + free(newfl); + return NULL; + } + newfl->filehandle.n_len = filehandle->n_len; + bcopy(filehandle->n_bytes, newfl->filehandle.n_bytes, filehandle->n_len); + + return newfl; +} + +/* + * file_file_lock: Force creation of a valid file lock + */ +void +fill_file_lock(struct file_lock *fl, + struct sockaddr *addr, const bool_t exclusive, const int32_t svid, + const u_int64_t offset, const u_int64_t len, const char *caller_name, + const int state, const int status, const int flags, const int blocking) +{ + fl->addr = addr; + + fl->client.exclusive = exclusive; + fl->client.svid = svid; + fl->client.l_offset = offset; + fl->client.l_len = len; + + strncpy(fl->client_name, caller_name, SM_MAXSTRLEN); + + fl->nsm_status = state; + fl->status = status; + fl->flags = flags; + fl->blocking = blocking; +} + +/* + * deallocate_file_lock: Free all storage associated with a file lock + */ +void +deallocate_file_lock(struct file_lock *fl) +{ + free(fl->client.oh.n_bytes); + free(fl->client_cookie.n_bytes); + free(fl->filehandle.n_bytes); + free(fl); +} + +/* + * regions_overlap(): This function examines the two provided regions for + * overlap. + */ +int +regions_overlap(start1, len1, start2, len2) + const u_int64_t start1, len1, start2, len2; +{ + u_int64_t d1,d2,d3,d4; + enum split_status result; + + debuglog("Entering region overlap with vals: %llu:%llu--%llu:%llu\n", + start1, len1, start2, len2); + + result = region_compare(start1, len1, start2, len2, + &d1, &d2, &d3, &d4); + + debuglog("Exiting region overlap with val: %d\n",result); + + if (result == SPL_DISJOINT) { + return 0; + } else { + return 1; + } + + return (result); +} + +/* + * region_compare(): Examine lock regions and split appropriately + * + * XXX: Fix 64 bit overflow problems + * XXX: Check to make sure I got *ALL* the cases. + * XXX: This DESPERATELY needs a regression test. + */ +enum split_status +region_compare(starte, lene, startu, lenu, + start1, len1, start2, len2) + const u_int64_t starte, lene, startu, lenu; + u_int64_t *start1, *len1, *start2, *len2; +{ + /* + * Please pay attention to the sequential exclusions + * of the if statements!!! + */ + enum LFLAGS lflags; + enum RFLAGS rflags; + enum split_status retval; + + retval = SPL_DISJOINT; + + if (lene == 0 && lenu == 0) { + /* Examine left edge of locker */ + if (startu < starte) { + lflags = LEDGE_LEFT; + } else if (startu == starte) { + lflags = LEDGE_LBOUNDARY; + } else { + lflags = LEDGE_INSIDE; + } + + rflags = REDGE_RBOUNDARY; /* Both are infiinite */ + + if (lflags == LEDGE_INSIDE) { + *start1 = starte; + *len1 = startu - starte; + } + + if (lflags == LEDGE_LEFT || lflags == LEDGE_LBOUNDARY) { + retval = SPL_CONTAINED; + } else { + retval = SPL_LOCK1; + } + } else if (lene == 0 && lenu != 0) { + /* Established lock is infinite */ + /* Examine left edge of unlocker */ + if (startu < starte) { + lflags = LEDGE_LEFT; + } else if (startu == starte) { + lflags = LEDGE_LBOUNDARY; + } else if (startu > starte) { + lflags = LEDGE_INSIDE; + } + + /* Examine right edge of unlocker */ + if (startu + lenu < starte) { + /* Right edge of unlocker left of established lock */ + rflags = REDGE_LEFT; + return SPL_DISJOINT; + } else if (startu + lenu == starte) { + /* Right edge of unlocker on start of established lock */ + rflags = REDGE_LBOUNDARY; + return SPL_DISJOINT; + } else { /* Infinifty is right of finity */ + /* Right edge of unlocker inside established lock */ + rflags = REDGE_INSIDE; + } + + if (lflags == LEDGE_INSIDE) { + *start1 = starte; + *len1 = startu - starte; + retval |= SPL_LOCK1; + } + + if (rflags == REDGE_INSIDE) { + /* Create right lock */ + *start2 = startu+lenu; + *len2 = 0; + retval |= SPL_LOCK2; + } + } else if (lene != 0 && lenu == 0) { + /* Unlocker is infinite */ + /* Examine left edge of unlocker */ + if (startu < starte) { + lflags = LEDGE_LEFT; + retval = SPL_CONTAINED; + return retval; + } else if (startu == starte) { + lflags = LEDGE_LBOUNDARY; + retval = SPL_CONTAINED; + return retval; + } else if ((startu > starte) && (startu < starte + lene - 1)) { + lflags = LEDGE_INSIDE; + } else if (startu == starte + lene - 1) { + lflags = LEDGE_RBOUNDARY; + } else { /* startu > starte + lene -1 */ + lflags = LEDGE_RIGHT; + return SPL_DISJOINT; + } + + rflags = REDGE_RIGHT; /* Infinity is right of finity */ + + if (lflags == LEDGE_INSIDE || lflags == LEDGE_RBOUNDARY) { + *start1 = starte; + *len1 = startu - starte; + retval |= SPL_LOCK1; + return retval; + } + + } else { + /* Both locks are finite */ + + /* Examine left edge of unlocker */ + if (startu < starte) { + lflags = LEDGE_LEFT; + } else if (startu == starte) { + lflags = LEDGE_LBOUNDARY; + } else if ((startu > starte) && (startu < starte + lene - 1)) { + lflags = LEDGE_INSIDE; + } else if (startu == starte + lene - 1) { + lflags = LEDGE_RBOUNDARY; + } else { /* startu > starte + lene -1 */ + lflags = LEDGE_RIGHT; + return SPL_DISJOINT; + } + + /* Examine right edge of unlocker */ + if (startu + lenu < starte) { + /* Right edge of unlocker left of established lock */ + rflags = REDGE_LEFT; + return SPL_DISJOINT; + } else if (startu + lenu == starte) { + /* Right edge of unlocker on start of established lock */ + rflags = REDGE_LBOUNDARY; + return SPL_DISJOINT; + } else if (startu + lenu < starte + lene) { + /* Right edge of unlocker inside established lock */ + rflags = REDGE_INSIDE; + } else if (startu + lenu == starte + lene) { + /* Right edge of unlocker on right edge of established lock */ + rflags = REDGE_RBOUNDARY; + } else { /* startu + lenu > starte + lene */ + /* Right edge of unlocker is right of established lock */ + rflags = REDGE_RIGHT; + } + + if (lflags == LEDGE_INSIDE || lflags == LEDGE_RBOUNDARY) { + /* Create left lock */ + *start1 = starte; + *len1 = (startu - starte); + retval |= SPL_LOCK1; + } + + if (rflags == REDGE_INSIDE) { + /* Create right lock */ + *start2 = startu+lenu; + *len2 = starte+lene-(startu+lenu); + retval |= SPL_LOCK2; + } + + if ((lflags == LEDGE_LEFT || lflags == LEDGE_LBOUNDARY) && + (rflags == REDGE_RBOUNDARY || rflags == REDGE_RIGHT)) { + retval = SPL_CONTAINED; + } + } + + return retval; +} + +/* + * same_netobj: Compares the apprpriate bits of a netobj for identity + */ +int +same_netobj(const netobj *n0, const netobj *n1) +{ + int retval; + + retval = 0; + + debuglog("Entering netobj identity check\n"); + + if (n0->n_len == n1->n_len) { + debuglog("Preliminary length check passed\n"); + retval = !bcmp(n0->n_bytes, n1->n_bytes, n0->n_len); + debuglog("netobj %smatch\n", retval ? "" : "mis"); + } + + return (retval); +} + +/* + * same_filelock_identity: Compares the appropriate bits of a file_lock + */ +int +same_filelock_identity(fl0, fl1) + const struct file_lock *fl0, *fl1; +{ + int retval; + + retval = 0; + + debuglog("Checking filelock identity\n"); + + /* + * Check process ids and host information. + */ + retval = (fl0->client.svid == fl1->client.svid && + same_netobj(&(fl0->client.oh), &(fl1->client.oh))); + + debuglog("Exiting checking filelock identity: retval: %d\n",retval); + + return (retval); +} + +/* + * Below here are routines associated with manipulating the NFS + * lock list. + */ + +/* + * get_lock_matching_unlock: Return a lock which matches the given unlock lock + * or NULL otehrwise + * XXX: It is a shame that this duplicates so much code from test_nfslock. + */ +struct file_lock * +get_lock_matching_unlock(const struct file_lock *fl) +{ + struct file_lock *ifl; /* Iterator */ + + debuglog("Entering lock_matching_unlock\n"); + debuglog("********Dump of fl*****************\n"); + dump_filelock(fl); + + LIST_FOREACH(ifl, &nfslocklist_head, nfslocklist) { + debuglog("Pointer to file lock: %p\n",ifl); + + debuglog("****Dump of ifl****\n"); + dump_filelock(ifl); + debuglog("*******************\n"); + + /* + * XXX: It is conceivable that someone could use the NLM RPC + * system to directly access filehandles. This may be a + * security hazard as the filehandle code may bypass normal + * file access controls + */ + if (fl->filehandle.n_len != ifl->filehandle.n_len) + continue; + if (bcmp(fl->filehandle.n_bytes, ifl->filehandle.n_bytes, + fl->filehandle.n_len)) + continue; + + debuglog("matching_unlock: Filehandles match, " + "checking regions\n"); + + /* Filehandles match, check for region overlap */ + if (!regions_overlap(fl->client.l_offset, fl->client.l_len, + ifl->client.l_offset, ifl->client.l_len)) + continue; + + debuglog("matching_unlock: Region overlap" + " found %llu : %llu -- %llu : %llu\n", + fl->client.l_offset,fl->client.l_len, + ifl->client.l_offset,ifl->client.l_len); + + /* Regions overlap, check the identity */ + if (!same_filelock_identity(fl,ifl)) + continue; + + debuglog("matching_unlock: Duplicate lock id. Granting\n"); + return (ifl); + } + + debuglog("Exiting lock_matching_unlock\n"); + + return (NULL); +} + +/* + * test_nfslock: check for NFS lock in lock list + * + * This routine makes the following assumptions: + * 1) Nothing will adjust the lock list during a lookup + * + * This routine has an intersting quirk which bit me hard. + * The conflicting_fl is the pointer to the conflicting lock. + * However, to modify the "*pointer* to the conflicting lock" rather + * that the "conflicting lock itself" one must pass in a "pointer to + * the pointer of the conflicting lock". Gross. + */ + +enum nfslock_status +test_nfslock(const struct file_lock *fl, struct file_lock **conflicting_fl) +{ + struct file_lock *ifl; /* Iterator */ + enum nfslock_status retval; + + debuglog("Entering test_nfslock\n"); + + retval = NFS_GRANTED; + (*conflicting_fl) = NULL; + + debuglog("Entering lock search loop\n"); + + debuglog("***********************************\n"); + debuglog("Dumping match filelock\n"); + debuglog("***********************************\n"); + dump_filelock(fl); + debuglog("***********************************\n"); + + LIST_FOREACH(ifl, &nfslocklist_head, nfslocklist) { + if (retval == NFS_DENIED) + break; + + debuglog("Top of lock loop\n"); + debuglog("Pointer to file lock: %p\n",ifl); + + debuglog("***********************************\n"); + debuglog("Dumping test filelock\n"); + debuglog("***********************************\n"); + dump_filelock(ifl); + debuglog("***********************************\n"); + + /* + * XXX: It is conceivable that someone could use the NLM RPC + * system to directly access filehandles. This may be a + * security hazard as the filehandle code may bypass normal + * file access controls + */ + if (fl->filehandle.n_len != ifl->filehandle.n_len) + continue; + if (bcmp(fl->filehandle.n_bytes, ifl->filehandle.n_bytes, + fl->filehandle.n_len)) + continue; + + debuglog("test_nfslock: filehandle match found\n"); + + /* Filehandles match, check for region overlap */ + if (!regions_overlap(fl->client.l_offset, fl->client.l_len, + ifl->client.l_offset, ifl->client.l_len)) + continue; + + debuglog("test_nfslock: Region overlap found" + " %llu : %llu -- %llu : %llu\n", + fl->client.l_offset,fl->client.l_len, + ifl->client.l_offset,ifl->client.l_len); + + /* Regions overlap, check the exclusivity */ + if (!(fl->client.exclusive || ifl->client.exclusive)) + continue; + + debuglog("test_nfslock: Exclusivity failure: %d %d\n", + fl->client.exclusive, + ifl->client.exclusive); + + if (same_filelock_identity(fl,ifl)) { + debuglog("test_nfslock: Duplicate id. Granting\n"); + (*conflicting_fl) = ifl; + retval = NFS_GRANTED_DUPLICATE; + } else { + /* locking attempt fails */ + debuglog("test_nfslock: Lock attempt failed\n"); + debuglog("Desired lock\n"); + dump_filelock(fl); + debuglog("Conflicting lock\n"); + dump_filelock(ifl); + (*conflicting_fl) = ifl; + retval = NFS_DENIED; + } + } + + debuglog("Dumping file locks\n"); + debuglog("Exiting test_nfslock\n"); + + return (retval); +} + +/* + * lock_nfslock: attempt to create a lock in the NFS lock list + * + * This routine tests whether the lock will be granted and then adds + * the entry to the lock list if so. + * + * Argument fl gets modified as its list housekeeping entries get modified + * upon insertion into the NFS lock list + * + * This routine makes several assumptions: + * 1) It is perfectly happy to grant a duplicate lock from the same pid. + * While this seems to be intuitively wrong, it is required for proper + * Posix semantics during unlock. It is absolutely imperative to not + * unlock the main lock before the two child locks are established. Thus, + * one has be be able to create duplicate locks over an existing lock + * 2) It currently accepts duplicate locks from the same id,pid + */ + +enum nfslock_status +lock_nfslock(struct file_lock *fl) +{ + enum nfslock_status retval; + struct file_lock *dummy_fl; + + dummy_fl = NULL; + + debuglog("Entering lock_nfslock...\n"); + + retval = test_nfslock(fl,&dummy_fl); + + if (retval == NFS_GRANTED || retval == NFS_GRANTED_DUPLICATE) { + debuglog("Inserting lock...\n"); + dump_filelock(fl); + LIST_INSERT_HEAD(&nfslocklist_head, fl, nfslocklist); + } + + debuglog("Exiting lock_nfslock...\n"); + + return (retval); +} + +/* + * delete_nfslock: delete an NFS lock list entry + * + * This routine is used to delete a lock out of the NFS lock list + * without regard to status, underlying locks, regions or anything else + * + * Note that this routine *does not deallocate memory* of the lock. + * It just disconnects it from the list. The lock can then be used + * by other routines without fear of trashing the list. + */ + +enum nfslock_status +delete_nfslock(struct file_lock *fl) +{ + + LIST_REMOVE(fl, nfslocklist); + + return (NFS_GRANTED); +} + +enum split_status +split_nfslock(exist_lock, unlock_lock, left_lock, right_lock) + const struct file_lock *exist_lock, *unlock_lock; + struct file_lock **left_lock, **right_lock; +{ + u_int64_t start1, len1, start2, len2; + enum split_status spstatus; + + spstatus = region_compare(exist_lock->client.l_offset, exist_lock->client.l_len, + unlock_lock->client.l_offset, unlock_lock->client.l_len, + &start1, &len1, &start2, &len2); + + if ((spstatus & SPL_LOCK1) != 0) { + *left_lock = allocate_file_lock(&exist_lock->client.oh, &exist_lock->client_cookie, + &exist_lock->filehandle); + if (*left_lock == NULL) { + debuglog("Unable to allocate resource for split 1\n"); + return SPL_RESERR; + } + + fill_file_lock(*left_lock, + exist_lock->addr, + exist_lock->client.exclusive, exist_lock->client.svid, + start1, len1, + exist_lock->client_name, exist_lock->nsm_status, + exist_lock->status, exist_lock->flags, exist_lock->blocking); + } + + if ((spstatus & SPL_LOCK2) != 0) { + *right_lock = allocate_file_lock(&exist_lock->client.oh, &exist_lock->client_cookie, + &exist_lock->filehandle); + if (*right_lock == NULL) { + debuglog("Unable to allocate resource for split 1\n"); + if (*left_lock != NULL) { + deallocate_file_lock(*left_lock); + } + return SPL_RESERR; + } + + fill_file_lock(*right_lock, + exist_lock->addr, + exist_lock->client.exclusive, exist_lock->client.svid, + start2, len2, + exist_lock->client_name, exist_lock->nsm_status, + exist_lock->status, exist_lock->flags, exist_lock->blocking); + } + + return spstatus; +} + +enum nfslock_status +unlock_nfslock(fl, released_lock, left_lock, right_lock) + const struct file_lock *fl; + struct file_lock **released_lock; + struct file_lock **left_lock; + struct file_lock **right_lock; +{ + struct file_lock *mfl; /* Matching file lock */ + enum nfslock_status retval; + enum split_status spstatus; + + debuglog("Entering unlock_nfslock\n"); + + *released_lock = NULL; + *left_lock = NULL; + *right_lock = NULL; + + retval = NFS_DENIED_NOLOCK; + + printf("Attempting to match lock...\n"); + mfl = get_lock_matching_unlock(fl); + + if (mfl != NULL) { + debuglog("Unlock matched. Querying for split\n"); + + spstatus = split_nfslock(mfl, fl, left_lock, right_lock); + + debuglog("Split returned %d %p %p %p %p\n",spstatus,mfl,fl,*left_lock,*right_lock); + debuglog("********Split dumps********"); + dump_filelock(mfl); + dump_filelock(fl); + dump_filelock(*left_lock); + dump_filelock(*right_lock); + debuglog("********End Split dumps********"); + + if (spstatus == SPL_RESERR) { + if (*left_lock != NULL) { + deallocate_file_lock(*left_lock); + *left_lock = NULL; + } + + if (*right_lock != NULL) { + deallocate_file_lock(*right_lock); + *right_lock = NULL; + } + + return NFS_RESERR; + } + + /* Insert new locks from split if required */ + if (*left_lock != NULL) { + debuglog("Split left activated\n"); + LIST_INSERT_HEAD(&nfslocklist_head, *left_lock, nfslocklist); + } + + if (*right_lock != NULL) { + debuglog("Split right activated\n"); + LIST_INSERT_HEAD(&nfslocklist_head, *right_lock, nfslocklist); + } + + /* Unlock the lock since it matches identity */ + LIST_REMOVE(mfl, nfslocklist); + *released_lock = mfl; + retval = NFS_GRANTED; + } + + debuglog("Exiting unlock_nfslock\n"); + + return retval; +} + +/* + * Below here are the routines for manipulating the file lock directly + * on the disk hardware itself + */ +enum hwlock_status +lock_hwlock(struct file_lock *fl) +{ + struct monfile *imf,*nmf; + int lflags, flerror; + + /* Scan to see if filehandle already present */ + LIST_FOREACH(imf, &monfilelist_head, monfilelist) { + if ((fl->filehandle.n_len == imf->filehandle.n_len) && + (bcmp(fl->filehandle.n_bytes, imf->filehandle.n_bytes, + fl->filehandle.n_len) == 0)) { + /* imf is the correct filehandle */ + break; + } + } + + /* + * Filehandle already exists (we control the file) + * *AND* NFS has already cleared the lock for availability + * Grant it and bump the refcount. + */ + if (imf != NULL) { + ++(imf->refcount); + return (HW_GRANTED); + } + + /* No filehandle found, create and go */ + nmf = malloc(sizeof(struct monfile)); + if (nmf == NULL) { + debuglog("hwlock resource allocation failure\n"); + return (HW_RESERR); + } + nmf->filehandle.n_bytes = malloc(fl->filehandle.n_len); + if (nmf == NULL) { + debuglog("hwlock resource allocation failure\n"); + free(nmf); + return (HW_RESERR); + } + + /* XXX: Is O_RDWR always the correct mode? */ + nmf->fd = fhopen((fhandle_t *)fl->filehandle.n_bytes, O_RDWR); + if (nmf->fd < 0) { + debuglog("fhopen failed (from %16s): %32s\n", + fl->client_name, strerror(errno)); + free(nmf); + switch (errno) { + case ESTALE: + return (HW_STALEFH); + case EROFS: + return (HW_READONLY); + default: + return (HW_RESERR); + } + } + + /* File opened correctly, fill the monitor struct */ + nmf->filehandle.n_len = fl->filehandle.n_len; + bcopy(fl->filehandle.n_bytes, nmf->filehandle.n_bytes, fl->filehandle.n_len); + nmf->refcount = 1; + nmf->exclusive = fl->client.exclusive; + + lflags = (nmf->exclusive == 1) ? + (LOCK_EX | LOCK_NB) : (LOCK_SH | LOCK_NB); + + flerror = flock(nmf->fd, lflags); + + if (flerror != 0) { + debuglog("flock failed (from %16s): %32s\n", + fl->client_name, strerror(errno)); + close(nmf->fd); + free(nmf); + switch (errno) { + case EAGAIN: + return (HW_DENIED); + case ESTALE: + return (HW_STALEFH); + case EROFS: + return (HW_READONLY); + default: + return (HW_RESERR); + break; + } + } + + /* File opened and locked */ + LIST_INSERT_HEAD(&monfilelist_head, nmf, monfilelist); + + debuglog("flock succeeded (from %16s)\n", fl->client_name); + return (HW_GRANTED); +} + +enum hwlock_status +unlock_hwlock(const struct file_lock *fl) +{ + struct monfile *imf; + + debuglog("Entering unlock_hwlock\n"); + debuglog("Entering loop interation\n"); + + /* Scan to see if filehandle already present */ + LIST_FOREACH(imf, &monfilelist_head, monfilelist) { + if ((fl->filehandle.n_len == imf->filehandle.n_len) && + (bcmp(fl->filehandle.n_bytes, imf->filehandle.n_bytes, + fl->filehandle.n_len) == 0)) { + /* imf is the correct filehandle */ + break; + } + } + + debuglog("Completed iteration. Proceeding\n"); + + if (imf == NULL) { + /* No lock found */ + debuglog("Exiting unlock_hwlock (HW_DENIED_NOLOCK)\n"); + return (HW_DENIED_NOLOCK); + } + + /* Lock found */ + --imf->refcount; + + if (imf->refcount < 0) { + debuglog("Negative hardware reference count\n"); + } + + if (imf->refcount <= 0) { + close(imf->fd); + LIST_REMOVE(imf, monfilelist); + free(imf); + } + debuglog("Exiting unlock_hwlock (HW_GRANTED)\n"); + return (HW_GRANTED); +} + +enum hwlock_status +test_hwlock(fl, conflicting_fl) + const struct file_lock *fl __unused; + struct file_lock **conflicting_fl __unused; +{ + + /* + * XXX: lock tests on hardware are not required until + * true partial file testing is done on the underlying file + */ + return (HW_RESERR); +} + + + +/* + * Below here are routines for manipulating blocked lock requests + * They should only be called from the XXX_partialfilelock routines + * if at all possible + */ + +void +add_blockingfilelock(struct file_lock *fl) +{ + + debuglog("Entering add_blockingfilelock\n"); + + /* + * Clear the blocking flag so that it can be reused without + * adding it to the blocking queue a second time + */ + + fl->blocking = 0; + LIST_INSERT_HEAD(&blockedlocklist_head, fl, nfslocklist); + + debuglog("Exiting add_blockingfilelock\n"); +} + +void +remove_blockingfilelock(struct file_lock *fl) +{ + + debuglog("Entering remove_blockingfilelock\n"); + + LIST_REMOVE(fl, nfslocklist); + + debuglog("Exiting remove_blockingfilelock\n"); +} + +void +clear_blockingfilelock(const char *hostname) +{ + struct file_lock *ifl,*nfl; + + /* + * Normally, LIST_FOREACH is called for, but since + * the current element *is* the iterator, deleting it + * would mess up the iteration. Thus, a next element + * must be used explicitly + */ + + ifl = LIST_FIRST(&blockedlocklist_head); + + while (ifl != NULL) { + nfl = LIST_NEXT(ifl, nfslocklist); + + if (strncmp(hostname, ifl->client_name, SM_MAXSTRLEN) == 0) { + remove_blockingfilelock(ifl); + deallocate_file_lock(ifl); + } + + ifl = nfl; + } +} + +void +retry_blockingfilelocklist(void) +{ + /* Retry all locks in the blocked list */ + struct file_lock *ifl, *nfl, *pfl; /* Iterator */ + enum partialfilelock_status pflstatus; + + debuglog("Entering retry_blockingfilelocklist\n"); + + pfl = NULL; + ifl = LIST_FIRST(&blockedlocklist_head); + debuglog("Iterator choice %p\n",ifl); + + while (ifl != NULL) { + /* + * SUBTLE BUG: The next element must be worked out before the + * current element has been moved + */ + nfl = LIST_NEXT(ifl, nfslocklist); + debuglog("Iterator choice %p\n",ifl); + debuglog("Prev iterator choice %p\n",pfl); + debuglog("Next iterator choice %p\n",nfl); + + /* + * SUBTLE BUG: The file_lock must be removed from the + * old list so that it's list pointers get disconnected + * before being allowed to participate in the new list + * which will automatically add it in if necessary. + */ + + LIST_REMOVE(ifl, nfslocklist); + pflstatus = lock_partialfilelock(ifl); + + if (pflstatus == PFL_GRANTED || pflstatus == PFL_GRANTED_DUPLICATE) { + debuglog("Granted blocked lock\n"); + /* lock granted and is now being used */ + send_granted(ifl,0); + /* XXX should undo lock if send_granted fails */ + } else { + /* Reinsert lock back into same place in blocked list */ + debuglog("Replacing blocked lock\n"); + if (pfl != NULL) + LIST_INSERT_AFTER(pfl, ifl, nfslocklist); + else + /* ifl is the only elem. in the list */ + LIST_INSERT_HEAD(&blockedlocklist_head, ifl, nfslocklist); + } + + /* Valid increment behavior regardless of state of ifl */ + ifl = nfl; + /* if a lock was granted incrementing pfl would make it nfl */ + if (pfl != NULL && (LIST_NEXT(pfl, nfslocklist) != nfl)) + pfl = LIST_NEXT(pfl, nfslocklist); + else + pfl = LIST_FIRST(&blockedlocklist_head); + } + + debuglog("Exiting retry_blockingfilelocklist\n"); +} + +/* + * Below here are routines associated with manipulating all + * aspects of the partial file locking system (list, hardware, etc.) + */ + +/* + * Please note that lock monitoring must be done at this level which + * keeps track of *individual* lock requests on lock and unlock + * + * XXX: Split unlocking is going to make the unlock code miserable + */ + +/* + * lock_partialfilelock: + * + * Argument fl gets modified as its list housekeeping entries get modified + * upon insertion into the NFS lock list + * + * This routine makes several assumptions: + * 1) It (will) pass locks through to flock to lock the entire underlying file + * and then parcel out NFS locks if it gets control of the file. + * This matches the old rpc.lockd file semantics (except where it + * is now more correct). It is the safe solution, but will cause + * overly restrictive blocking if someone is trying to use the + * underlying files without using NFS. This appears to be an + * acceptable tradeoff since most people use standalone NFS servers. + * XXX: The right solution is probably kevent combined with fcntl + * + * 2) Nothing modifies the lock lists between testing and granting + * I have no idea whether this is a useful assumption or not + */ + +enum partialfilelock_status +lock_partialfilelock(struct file_lock *fl) +{ + enum partialfilelock_status retval; + enum nfslock_status lnlstatus; + enum hwlock_status hwstatus; + + debuglog("Entering lock_partialfilelock\n"); + + retval = PFL_DENIED; + + /* + * Execute the NFS lock first, if possible, as it is significantly + * easier and less expensive to undo than the filesystem lock + */ + + lnlstatus = lock_nfslock(fl); + + switch (lnlstatus) { + case NFS_GRANTED: + case NFS_GRANTED_DUPLICATE: + /* + * At this point, the NFS lock is allocated and active. + * Remember to clean it up if the hardware lock fails + */ + hwstatus = lock_hwlock(fl); + + switch (hwstatus) { + case HW_GRANTED: + case HW_GRANTED_DUPLICATE: + debuglog("HW GRANTED\n"); + /* + * XXX: Fixme: Check hwstatus for duplicate when + * true partial file locking and accounting is + * done on the hardware + */ + if (lnlstatus == NFS_GRANTED_DUPLICATE) { + retval = PFL_GRANTED_DUPLICATE; + } else { + retval = PFL_GRANTED; + } + if (fl->flags & LOCK_MON) + monitor_lock_host(fl->client_name); + break; + case HW_RESERR: + debuglog("HW RESERR\n"); + retval = PFL_HWRESERR; + break; + case HW_DENIED: + debuglog("HW DENIED\n"); + retval = PFL_HWDENIED; + break; + default: + debuglog("Unmatched hwstatus %d\n",hwstatus); + break; + } + + if (retval != PFL_GRANTED && + retval != PFL_GRANTED_DUPLICATE) { + /* Clean up the NFS lock */ + debuglog("Deleting trial NFS lock\n"); + delete_nfslock(fl); + } + break; + case NFS_DENIED: + retval = PFL_NFSDENIED; + break; + case NFS_RESERR: + retval = PFL_NFSRESERR; + default: + debuglog("Unmatched lnlstatus %d\n"); + retval = PFL_NFSDENIED_NOLOCK; + break; + } + + /* + * By the time fl reaches here, it is completely free again on + * failure. The NFS lock done before attempting the + * hardware lock has been backed out + */ + + if (retval == PFL_NFSDENIED || retval == PFL_HWDENIED) { + /* Once last chance to check the lock */ + if (fl->blocking == 1) { + /* Queue the lock */ + debuglog("BLOCKING LOCK RECEIVED\n"); + retval = (retval == PFL_NFSDENIED ? + PFL_NFSBLOCKED : PFL_HWBLOCKED); + add_blockingfilelock(fl); + dump_filelock(fl); + } else { + /* Leave retval alone, it's already correct */ + debuglog("Lock denied. Non-blocking failure\n"); + dump_filelock(fl); + } + } + + debuglog("Exiting lock_partialfilelock\n"); + + return retval; +} + +/* + * unlock_partialfilelock: + * + * Given a file_lock, unlock all locks which match. + * + * Note that a given lock might have to unlock ITSELF! See + * clear_partialfilelock for example. + */ + +enum partialfilelock_status +unlock_partialfilelock(const struct file_lock *fl) +{ + struct file_lock *lfl,*rfl,*releasedfl,*selffl; + enum partialfilelock_status retval; + enum nfslock_status unlstatus; + enum hwlock_status unlhwstatus, lhwstatus; + + debuglog("Entering unlock_partialfilelock\n"); + + selffl = NULL; + lfl = NULL; + rfl = NULL; + releasedfl = NULL; + retval = PFL_DENIED; + + /* + * There are significant overlap and atomicity issues + * with partially releasing a lock. For example, releasing + * part of an NFS shared lock does *not* always release the + * corresponding part of the file since there is only one + * rpc.lockd UID but multiple users could be requesting it + * from NFS. Also, an unlock request should never allow + * another process to gain a lock on the remaining parts. + * ie. Always apply the new locks before releasing the + * old one + */ + + /* + * Loop is required since multiple little locks + * can be allocated and then deallocated with one + * big unlock. + * + * The loop is required to be here so that the nfs & + * hw subsystems do not need to communicate with one + * one another + */ + + do { + debuglog("Value of releasedfl: %p\n",releasedfl); + /* lfl&rfl are created *AND* placed into the NFS lock list if required */ + unlstatus = unlock_nfslock(fl, &releasedfl, &lfl, &rfl); + debuglog("Value of releasedfl: %p\n",releasedfl); + + + /* XXX: This is grungy. It should be refactored to be cleaner */ + if (lfl != NULL) { + lhwstatus = lock_hwlock(lfl); + if (lhwstatus != HW_GRANTED && + lhwstatus != HW_GRANTED_DUPLICATE) { + debuglog("HW duplicate lock failure for left split\n"); + } + if (lfl->flags & LOCK_MON) + monitor_lock_host(lfl->client_name); + } + + if (rfl != NULL) { + lhwstatus = lock_hwlock(rfl); + if (lhwstatus != HW_GRANTED && + lhwstatus != HW_GRANTED_DUPLICATE) { + debuglog("HW duplicate lock failure for right split\n"); + } + if (rfl->flags & LOCK_MON) + monitor_lock_host(rfl->client_name); + } + + switch (unlstatus) { + case NFS_GRANTED: + /* Attempt to unlock on the hardware */ + debuglog("NFS unlock granted. Attempting hardware unlock\n"); + + /* This call *MUST NOT* unlock the two newly allocated locks */ + unlhwstatus = unlock_hwlock(fl); + debuglog("HW unlock returned with code %d\n",unlhwstatus); + + switch (unlhwstatus) { + case HW_GRANTED: + debuglog("HW unlock granted\n"); + if (releasedfl->flags & LOCK_MON) + unmonitor_lock_host(releasedfl->client_name); + retval = PFL_GRANTED; + break; + case HW_DENIED_NOLOCK: + /* Huh?!?! This shouldn't happen */ + debuglog("HW unlock denied no lock\n"); + retval = PFL_HWRESERR; + /* Break out of do-while */ + unlstatus = NFS_RESERR; + break; + default: + debuglog("HW unlock failed\n"); + retval = PFL_HWRESERR; + /* Break out of do-while */ + unlstatus = NFS_RESERR; + break; + } + + debuglog("Exiting with status retval: %d\n",retval); + + // XXX sending granted messages before unlock response + // XXX causes unlock response to be corrupted? + // XXX Workaround is to move this to nlm_prot_svc.c + // XXX after the unlock response is sent. + // retry_blockingfilelocklist(); + break; + case NFS_DENIED_NOLOCK: + retval = PFL_GRANTED; + debuglog("All locks cleaned out\n"); + break; + default: + retval = PFL_NFSRESERR; + debuglog("NFS unlock failure\n"); + dump_filelock(fl); + break; + } + + if (releasedfl != NULL) { + if (fl == releasedfl) { + /* + * XXX: YECHHH!!! Attempt to unlock self succeeded + * but we can't deallocate the space yet. This is what + * happens when you don't write malloc and free together + */ + debuglog("Attempt to unlock self\n"); + selffl = releasedfl; + } else { + /* + * XXX: this deallocation *still* needs to migrate closer + * to the allocation code way up in get_lock or the allocation + * code needs to migrate down (violation of "When you write + * malloc you must write free") + */ + + deallocate_file_lock(releasedfl); + } + } + + } while (unlstatus == NFS_GRANTED); + + if (selffl != NULL) { + /* + * This statement wipes out the incoming file lock (fl) + * in spite of the fact that it is declared const + */ + debuglog("WARNING! Destroying incoming lock pointer\n"); + deallocate_file_lock(selffl); + } + + debuglog("Exiting unlock_partialfilelock\n"); + + return retval; +} + +/* + * clear_partialfilelock + * + * Normally called in response to statd state number change. + * Wipe out all locks held by a host. As a bonus, the act of + * doing so should automatically clear their statd entries and + * unmonitor the host. + */ + +void +clear_partialfilelock(const char *hostname) +{ + struct file_lock *ifl, *nfl; + + /* Clear blocking file lock list */ + clear_blockingfilelock(hostname); + + /* do all required unlocks */ + /* Note that unlock can smash the current pointer to a lock */ + + /* + * Normally, LIST_FOREACH is called for, but since + * the current element *is* the iterator, deleting it + * would mess up the iteration. Thus, a next element + * must be used explicitly + */ + + ifl = LIST_FIRST(&nfslocklist_head); + + while (ifl != NULL) { + nfl = LIST_NEXT(ifl, nfslocklist); + + if (strncmp(hostname, ifl->client_name, SM_MAXSTRLEN) == 0) { + /* Unlock destroys ifl out from underneath */ + unlock_partialfilelock(ifl); + /* ifl is NO LONGER VALID AT THIS POINT */ + } + ifl = nfl; + } +} + +/* + * test_partialfilelock: + */ +enum partialfilelock_status +test_partialfilelock(const struct file_lock *fl, + struct file_lock **conflicting_fl) +{ + enum partialfilelock_status retval; + enum nfslock_status teststatus; + + debuglog("Entering testpartialfilelock...\n"); + + retval = PFL_DENIED; + + teststatus = test_nfslock(fl, conflicting_fl); + debuglog("test_partialfilelock: teststatus %d\n",teststatus); + + if (teststatus == NFS_GRANTED || teststatus == NFS_GRANTED_DUPLICATE) { + /* XXX: Add the underlying filesystem locking code */ + retval = (teststatus == NFS_GRANTED) ? + PFL_GRANTED : PFL_GRANTED_DUPLICATE; + debuglog("Dumping locks...\n"); + dump_filelock(fl); + dump_filelock(*conflicting_fl); + debuglog("Done dumping locks...\n"); + } else { + retval = PFL_NFSDENIED; + debuglog("NFS test denied.\n"); + dump_filelock(fl); + debuglog("Conflicting.\n"); + dump_filelock(*conflicting_fl); + } + + debuglog("Exiting testpartialfilelock...\n"); + + return retval; +} + +/* + * Below here are routines associated with translating the partial file locking + * codes into useful codes to send back to the NFS RPC messaging system + */ + +/* + * These routines translate the (relatively) useful return codes back onto + * the few return codes which the nlm subsystems wishes to trasmit + */ + +enum nlm_stats +do_test(struct file_lock *fl, struct file_lock **conflicting_fl) +{ + enum partialfilelock_status pfsret; + enum nlm_stats retval; + + debuglog("Entering do_test...\n"); + + pfsret = test_partialfilelock(fl,conflicting_fl); + + switch (pfsret) { + case PFL_GRANTED: + debuglog("PFL test lock granted\n"); + dump_filelock(fl); + dump_filelock(*conflicting_fl); + retval = (fl->flags & LOCK_V4) ? nlm4_granted : nlm_granted; + break; + case PFL_GRANTED_DUPLICATE: + debuglog("PFL test lock granted--duplicate id detected\n"); + dump_filelock(fl); + dump_filelock(*conflicting_fl); + debuglog("Clearing conflicting_fl for call semantics\n"); + *conflicting_fl = NULL; + retval = (fl->flags & LOCK_V4) ? nlm4_granted : nlm_granted; + break; + case PFL_NFSDENIED: + case PFL_HWDENIED: + debuglog("PFL test lock denied\n"); + dump_filelock(fl); + dump_filelock(*conflicting_fl); + retval = (fl->flags & LOCK_V4) ? nlm4_denied : nlm_denied; + break; + case PFL_NFSRESERR: + case PFL_HWRESERR: + debuglog("PFL test lock resource fail\n"); + dump_filelock(fl); + dump_filelock(*conflicting_fl); + retval = (fl->flags & LOCK_V4) ? nlm4_denied_nolocks : nlm_denied_nolocks; + break; + default: + debuglog("PFL test lock *FAILED*\n"); + dump_filelock(fl); + dump_filelock(*conflicting_fl); + retval = (fl->flags & LOCK_V4) ? nlm4_failed : nlm_denied; + break; + } + + debuglog("Exiting do_test...\n"); + + return retval; +} + +/* + * do_lock: Try to acquire a lock + * + * This routine makes a distinction between NLM versions. I am pretty + * convinced that this should be abstracted out and bounced up a level + */ + +enum nlm_stats +do_lock(struct file_lock *fl) +{ + enum partialfilelock_status pfsret; + enum nlm_stats retval; + + debuglog("Entering do_lock...\n"); + + pfsret = lock_partialfilelock(fl); + + switch (pfsret) { + case PFL_GRANTED: + debuglog("PFL lock granted"); + dump_filelock(fl); + retval = (fl->flags & LOCK_V4) ? nlm4_granted : nlm_granted; + break; + case PFL_GRANTED_DUPLICATE: + debuglog("PFL lock granted--duplicate id detected"); + dump_filelock(fl); + retval = (fl->flags & LOCK_V4) ? nlm4_granted : nlm_granted; + break; + case PFL_NFSDENIED: + case PFL_HWDENIED: + debuglog("PFL_NFS lock denied"); + dump_filelock(fl); + retval = (fl->flags & LOCK_V4) ? nlm4_denied : nlm_denied; + break; + case PFL_NFSBLOCKED: + case PFL_HWBLOCKED: + debuglog("PFL_NFS blocking lock denied. Queued.\n"); + dump_filelock(fl); + retval = (fl->flags & LOCK_V4) ? nlm4_blocked : nlm_blocked; + break; + case PFL_NFSRESERR: + case PFL_HWRESERR: + debuglog("PFL lock resource alocation fail\n"); + dump_filelock(fl); + retval = (fl->flags & LOCK_V4) ? nlm4_denied_nolocks : nlm_denied_nolocks; + break; + default: + debuglog("PFL lock *FAILED*"); + dump_filelock(fl); + retval = (fl->flags & LOCK_V4) ? nlm4_failed : nlm_denied; + break; + } + + debuglog("Exiting do_lock...\n"); + + return retval; +} + +enum nlm_stats +do_unlock(struct file_lock *fl) +{ + enum partialfilelock_status pfsret; + enum nlm_stats retval; + + debuglog("Entering do_unlock...\n"); + pfsret = unlock_partialfilelock(fl); + + switch (pfsret) { + case PFL_GRANTED: + debuglog("PFL unlock granted"); + dump_filelock(fl); + retval = (fl->flags & LOCK_V4) ? nlm4_granted : nlm_granted; + break; + case PFL_NFSDENIED: + case PFL_HWDENIED: + debuglog("PFL_NFS unlock denied"); + dump_filelock(fl); + retval = (fl->flags & LOCK_V4) ? nlm4_denied : nlm_denied; + break; + case PFL_NFSDENIED_NOLOCK: + case PFL_HWDENIED_NOLOCK: + debuglog("PFL_NFS no lock found\n"); + retval = (fl->flags & LOCK_V4) ? nlm4_granted : nlm_granted; + break; + case PFL_NFSRESERR: + case PFL_HWRESERR: + debuglog("PFL unlock resource failure"); + dump_filelock(fl); + retval = (fl->flags & LOCK_V4) ? nlm4_denied_nolocks : nlm_denied_nolocks; + break; + default: + debuglog("PFL unlock *FAILED*"); + dump_filelock(fl); + retval = (fl->flags & LOCK_V4) ? nlm4_failed : nlm_denied; + break; + } + + debuglog("Exiting do_unlock...\n"); + + return retval; +} + +/* + * do_clear + * + * This routine is non-existent because it doesn't have a return code. + * It is here for completeness in case someone *does* need to do return + * codes later. A decent compiler should optimize this away. + */ + +void +do_clear(const char *hostname) +{ + + clear_partialfilelock(hostname); +} + +/* + * The following routines are all called from the code which the + * RPC layer invokes + */ + +/* + * testlock(): inform the caller if the requested lock would be granted + * + * returns NULL if lock would granted + * returns pointer to a conflicting nlm4_holder if not + */ + +struct nlm4_holder * +testlock(struct nlm4_lock *lock, bool_t exclusive, int flags __unused) +{ + struct file_lock test_fl, *conflicting_fl; + + bzero(&test_fl, sizeof(test_fl)); + + test_fl.filehandle.n_len = lock->fh.n_len; + test_fl.filehandle.n_bytes = lock->fh.n_bytes; + copy_nlm4_lock_to_nlm4_holder(lock, exclusive, &test_fl.client); + + siglock(); + do_test(&test_fl, &conflicting_fl); + + if (conflicting_fl == NULL) { + debuglog("No conflicting lock found\n"); + sigunlock(); + return NULL; + } else { + debuglog("Found conflicting lock\n"); + dump_filelock(conflicting_fl); + sigunlock(); + return (&conflicting_fl->client); + } +} + +/* + * getlock: try to aquire the lock. + * If file is already locked and we can sleep, put the lock in the list with + * status LKST_WAITING; it'll be processed later. + * Otherwise try to lock. If we're allowed to block, fork a child which + * will do the blocking lock. + */ + +enum nlm_stats +getlock(nlm4_lockargs *lckarg, struct svc_req *rqstp, const int flags) +{ + struct file_lock *newfl; + enum nlm_stats retval; + + debuglog("Entering getlock...\n"); + + if (grace_expired == 0 && lckarg->reclaim == 0) + return (flags & LOCK_V4) ? + nlm4_denied_grace_period : nlm_denied_grace_period; + + /* allocate new file_lock for this request */ + newfl = allocate_file_lock(&lckarg->alock.oh, &lckarg->cookie, &lckarg->alock.fh); + if (newfl == NULL) { + syslog(LOG_NOTICE, "lock allocate failed: %s", strerror(errno)); + /* failed */ + return (flags & LOCK_V4) ? + nlm4_denied_nolocks : nlm_denied_nolocks; + } + + if (lckarg->alock.fh.n_len != sizeof(fhandle_t)) { + debuglog("recieved fhandle size %d, local size %d", + lckarg->alock.fh.n_len, (int)sizeof(fhandle_t)); + } + + fill_file_lock(newfl, + (struct sockaddr *)svc_getcaller(rqstp->rq_xprt), + lckarg->exclusive, lckarg->alock.svid, lckarg->alock.l_offset, + lckarg->alock.l_len, + lckarg->alock.caller_name, lckarg->state, 0, flags, lckarg->block); + + /* + * newfl is now fully constructed and deallocate_file_lock + * can now be used to delete it + */ + + siglock(); + debuglog("Pointer to new lock is %p\n",newfl); + + retval = do_lock(newfl); + + debuglog("Pointer to new lock is %p\n",newfl); + sigunlock(); + + switch (retval) + { + case nlm4_granted: + /* case nlm_granted: is the same as nlm4_granted */ + /* do_mon(lckarg->alock.caller_name); */ + break; + case nlm4_blocked: + /* case nlm_blocked: is the same as nlm4_blocked */ + /* do_mon(lckarg->alock.caller_name); */ + break; + default: + deallocate_file_lock(newfl); + break; + } + + debuglog("Exiting getlock...\n"); + + return retval; +} + + +/* unlock a filehandle */ +enum nlm_stats +unlock(nlm4_lock *lock, const int flags __unused) +{ + struct file_lock fl; + enum nlm_stats err; + + siglock(); + + debuglog("Entering unlock...\n"); + + bzero(&fl,sizeof(struct file_lock)); + fl.filehandle.n_len = lock->fh.n_len; + fl.filehandle.n_bytes = lock->fh.n_bytes; + + copy_nlm4_lock_to_nlm4_holder(lock, 0, &fl.client); + + err = do_unlock(&fl); + + sigunlock(); + + debuglog("Exiting unlock...\n"); + + return err; +} + +/* + * XXX: The following monitor/unmonitor routines + * have not been extensively tested (ie. no regression + * script exists like for the locking sections + */ + +/* + * monitor_lock_host: monitor lock hosts locally with a ref count and + * inform statd + */ +void +monitor_lock_host(const char *hostname) +{ + struct host *ihp, *nhp; + struct mon smon; + struct sm_stat_res sres; + int rpcret, statflag; + + rpcret = 0; + statflag = 0; + + LIST_FOREACH(ihp, &hostlst_head, hostlst) { + if (strncmp(hostname, ihp->name, SM_MAXSTRLEN) == 0) { + /* Host is already monitored, bump refcount */ + ++ihp->refcnt; + /* Host should only be in the monitor list once */ + return; + } + } + + /* Host is not yet monitored, add it */ + nhp = malloc(sizeof(struct host)); + + if (nhp == NULL) { + debuglog("Unable to allocate entry for statd mon\n"); + return; + } + + /* Allocated new host entry, now fill the fields */ + strncpy(nhp->name, hostname, SM_MAXSTRLEN); + nhp->refcnt = 1; + debuglog("Locally Monitoring host %16s\n",hostname); + + debuglog("Attempting to tell statd\n"); + + bzero(&smon,sizeof(smon)); + + smon.mon_id.mon_name = nhp->name; + smon.mon_id.my_id.my_name = "localhost\0"; + + smon.mon_id.my_id.my_prog = NLM_PROG; + smon.mon_id.my_id.my_vers = NLM_SM; + smon.mon_id.my_id.my_proc = NLM_SM_NOTIFY; + + rpcret = callrpc("localhost", SM_PROG, SM_VERS, SM_MON, xdr_mon, + &smon, xdr_sm_stat_res, &sres); + + if (rpcret == 0) { + if (sres.res_stat == stat_fail) { + debuglog("Statd call failed\n"); + statflag = 0; + } else { + statflag = 1; + } + } else { + debuglog("Rpc call to statd failed with return value: %d\n", + rpcret); + statflag = 0; + } + + if (statflag == 1) { + LIST_INSERT_HEAD(&hostlst_head, nhp, hostlst); + } else { + free(nhp); + } + +} + +/* + * unmonitor_lock_host: clear monitor ref counts and inform statd when gone + */ +void +unmonitor_lock_host(const char *hostname) +{ + struct host *ihp; + struct mon_id smon_id; + struct sm_stat smstat; + int rpcret; + + rpcret = 0; + + for( ihp=LIST_FIRST(&hostlst_head); ihp != NULL; + ihp=LIST_NEXT(ihp, hostlst)) { + if (strncmp(hostname, ihp->name, SM_MAXSTRLEN) == 0) { + /* Host is monitored, bump refcount */ + --ihp->refcnt; + /* Host should only be in the monitor list once */ + break; + } + } + + if (ihp == NULL) { + debuglog("Could not find host %16s in mon list\n", hostname); + return; + } + + if (ihp->refcnt > 0) + return; + + if (ihp->refcnt < 0) { + debuglog("Negative refcount!: %d\n", + ihp->refcnt); + } + + debuglog("Attempting to unmonitor host %16s\n", hostname); + + bzero(&smon_id,sizeof(smon_id)); + + smon_id.mon_name = (char *)hostname; + smon_id.my_id.my_name = "localhost"; + smon_id.my_id.my_prog = NLM_PROG; + smon_id.my_id.my_vers = NLM_SM; + smon_id.my_id.my_proc = NLM_SM_NOTIFY; + + rpcret = callrpc("localhost", SM_PROG, SM_VERS, SM_UNMON, xdr_mon, + &smon_id, xdr_sm_stat_res, &smstat); + + if (rpcret != 0) { + debuglog("Rpc call to unmonitor statd failed with " + " return value: %d\n", rpcret); + } + + LIST_REMOVE(ihp, hostlst); + free(ihp); +} + +/* + * notify: Clear all locks from a host if statd complains + * + * XXX: This routine has not been thoroughly tested. However, neither + * had the old one been. It used to compare the statd crash state counter + * to the current lock state. The upshot of this was that it basically + * cleared all locks from the specified host 99% of the time (with the + * other 1% being a bug). Consequently, the assumption is that clearing + * all locks from a host when notified by statd is acceptable. + * + * Please note that this routine skips the usual level of redirection + * through a do_* type routine. This introduces a possible level of + * error and might better be written as do_notify and take this one out. + + */ + +void +notify(const char *hostname, const int state) +{ + debuglog("notify from %s, new state %d", hostname, state); + + siglock(); + do_clear(hostname); + sigunlock(); + + debuglog("Leaving notify\n"); +} + +void +send_granted(fl, opcode) + struct file_lock *fl; + int opcode __unused; +{ + CLIENT *cli; + static char dummy; + struct timeval timeo; + int success; + static struct nlm_res retval; + static struct nlm4_res retval4; + + debuglog("About to send granted on blocked lock\n"); + //sleep(1); + debuglog("Blowing off return send\n"); + + cli = get_client(fl->addr, + (fl->flags & LOCK_V4) ? NLM_VERS4 : NLM_VERS); + if (cli == NULL) { + syslog(LOG_NOTICE, "failed to get CLIENT for %s", + fl->client_name); + /* + * We fail to notify remote that the lock has been granted. + * The client will timeout and retry, the lock will be + * granted at this time. + */ + return; + } + timeo.tv_sec = 0; + timeo.tv_usec = (fl->flags & LOCK_ASYNC) ? 0 : 500000; /* 0.5s */ + + if (fl->flags & LOCK_V4) { + static nlm4_testargs res; + res.cookie = fl->client_cookie; + res.exclusive = fl->client.exclusive; + res.alock.caller_name = fl->client_name; + res.alock.fh.n_len = fl->filehandle.n_len; + res.alock.fh.n_bytes = fl->filehandle.n_bytes; + res.alock.oh = fl->client.oh; + res.alock.svid = fl->client.svid; + res.alock.l_offset = fl->client.l_offset; + res.alock.l_len = fl->client.l_len; + debuglog("sending v4 reply%s", + (fl->flags & LOCK_ASYNC) ? " (async)":""); + if (fl->flags & LOCK_ASYNC) { + success = clnt_call(cli, NLM4_GRANTED_MSG, + xdr_nlm4_testargs, &res, xdr_void, &dummy, timeo); + } else { + success = clnt_call(cli, NLM4_GRANTED, + xdr_nlm4_testargs, &res, xdr_nlm4_res, + &retval4, timeo); + } + } else { + static nlm_testargs res; + + res.cookie = fl->client_cookie; + res.exclusive = fl->client.exclusive; + res.alock.caller_name = fl->client_name; + res.alock.fh.n_len = fl->filehandle.n_len; + res.alock.fh.n_bytes = fl->filehandle.n_bytes; + res.alock.oh = fl->client.oh; + res.alock.svid = fl->client.svid; + res.alock.l_offset = fl->client.l_offset; + res.alock.l_len = fl->client.l_len; + debuglog("sending v1 reply%s", + (fl->flags & LOCK_ASYNC) ? " (async)":""); + if (fl->flags & LOCK_ASYNC) { + success = clnt_call(cli, NLM_GRANTED_MSG, + xdr_nlm_testargs, &res, xdr_void, &dummy, timeo); + } else { + success = clnt_call(cli, NLM_GRANTED, + xdr_nlm_testargs, &res, xdr_nlm_res, + &retval, timeo); + } + } + if (debug_level > 2) + debuglog("clnt_call returns %d(%s) for granted", + success, clnt_sperrno(success)); + +} + +/* + * getshare: try to acquire a share reservation + */ +enum nlm_stats +getshare(nlm_shareargs *shrarg, struct svc_req *rqstp, const int flags) +{ + struct sharefile *shrfile; + struct file_share *sh; + + debuglog("Entering getshare...\n"); + + if (grace_expired == 0 && shrarg->reclaim == 0) { + debuglog("getshare denied - grace period\n"); + return (flags & LOCK_V4) ? + nlm4_denied_grace_period : + nlm_denied_grace_period; + } + + /* find file in list of share files */ + LIST_FOREACH(shrfile, &nfssharefilelist_head, sharefilelist) { + if ((shrarg->share.fh.n_len == shrfile->filehandle.n_len) && + (bcmp(shrarg->share.fh.n_bytes, shrfile->filehandle.n_bytes, + shrarg->share.fh.n_len) == 0)) { + /* shrfile is the correct file */ + break; + } + } + + /* if share file not found, create a new share file */ + if (!shrfile) { + int fd; + fd = fhopen((fhandle_t *)shrarg->share.fh.n_bytes, O_RDONLY); + if (fd < 0) { + debuglog("fhopen failed (from %16s): %32s\n", + shrarg->share.caller_name, strerror(errno)); + if ((flags & LOCK_V4) == 0) + return nlm_denied; + switch (errno) { + case ESTALE: + return nlm4_stale_fh; + default: + return nlm4_failed; + } + } + shrfile = malloc(sizeof(struct sharefile)); + if (!shrfile) { + debuglog("getshare failed: can't allocate sharefile\n"); + close(fd); + return (flags & LOCK_V4) ? nlm4_failed : nlm_denied; + } + shrfile->filehandle.n_len = shrarg->share.fh.n_len; + shrfile->filehandle.n_bytes = malloc(shrarg->share.fh.n_len); + if (!shrfile->filehandle.n_bytes) { + debuglog("getshare failed: can't allocate sharefile filehandle\n"); + free(shrfile); + close(fd); + return (flags & LOCK_V4) ? nlm4_failed : nlm_denied; + } + bcopy(shrarg->share.fh.n_bytes, shrfile->filehandle.n_bytes, + shrarg->share.fh.n_len); + shrfile->fd = fd; + shrfile->refcount = 0; + shrfile->sharelist_head.lh_first = NULL; + LIST_INSERT_HEAD(&nfssharefilelist_head, shrfile, sharefilelist); + } + + /* compare request mode/access to current shares */ + LIST_FOREACH(sh, &shrfile->sharelist_head, nfssharelist) { + /* if request host/owner matches a current share... */ + if ((strncmp(shrarg->share.caller_name, sh->client_name, SM_MAXSTRLEN) == 0) && + same_netobj(&shrarg->share.oh, &sh->oh)) { + /* ...then just update share mode/access */ + sh->mode = shrarg->share.mode; + sh->access = shrarg->share.access; + debuglog("getshare: updated existing share\n"); + return nlm_granted; + } + if (((shrarg->share.mode & sh->access) != 0) || + ((shrarg->share.access & sh->mode) != 0)) { + /* share request conflicts with existing share */ + debuglog("getshare: conflicts with existing share\n"); + return nlm_denied; + } + } + + /* create/init new share */ + sh = malloc(sizeof(struct file_share)); + if (!sh) { + debuglog("getshare failed: can't allocate share\n"); + if (!shrfile->refcount) { + LIST_REMOVE(shrfile, sharefilelist); + close(shrfile->fd); + free(shrfile->filehandle.n_bytes); + free(shrfile); + } + return (flags & LOCK_V4) ? nlm4_failed : nlm_denied; + } + sh->oh.n_len = shrarg->share.oh.n_len; + sh->oh.n_bytes = malloc(sh->oh.n_len); + if (!sh->oh.n_bytes) { + debuglog("getshare failed: can't allocate share owner handle\n"); + free(sh); + if (!shrfile->refcount) { + LIST_REMOVE(shrfile, sharefilelist); + close(shrfile->fd); + free(shrfile->filehandle.n_bytes); + free(shrfile); + } + return (flags & LOCK_V4) ? nlm4_failed : nlm_denied; + } + strncpy(sh->client_name, shrarg->share.caller_name, SM_MAXSTRLEN); + sh->mode = shrarg->share.mode; + sh->access = shrarg->share.access; + + /* insert new share into file's share list */ + LIST_INSERT_HEAD(&shrfile->sharelist_head, sh, nfssharelist); + shrfile->refcount++; + + debuglog("Exiting getshare...\n"); + + return nlm_granted; +} + + +/* remove a share reservation */ +enum nlm_stats +unshare(nlm_shareargs *shrarg, struct svc_req *rqstp) +{ + struct sharefile *shrfile; + struct file_share *sh; + + debuglog("Entering unshare...\n"); + + /* find file in list of share files */ + LIST_FOREACH(shrfile, &nfssharefilelist_head, sharefilelist) { + if ((shrarg->share.fh.n_len == shrfile->filehandle.n_len) && + (bcmp(shrarg->share.fh.n_bytes, shrfile->filehandle.n_bytes, + shrarg->share.fh.n_len) == 0)) { + /* shrfile is the correct file */ + break; + } + } + + /* if share file not found, return success (per spec) */ + if (!shrfile) { + debuglog("unshare: no such share file\n"); + return nlm_granted; + } + + /* find share */ + LIST_FOREACH(sh, &shrfile->sharelist_head, nfssharelist) { + /* if request host/owner matches a current share... */ + if ((strncmp(shrarg->share.caller_name, sh->client_name, SM_MAXSTRLEN) == 0) && + same_netobj(&shrarg->share.oh, &sh->oh)) + break; + } + + /* if share not found, return success (per spec) */ + if (!sh) { + debuglog("unshare: no such share\n"); + return nlm_granted; + } + + /* remove share from file and deallocate */ + shrfile->refcount--; + LIST_REMOVE(sh, nfssharelist); + free(sh->oh.n_bytes); + free(sh); + + /* if file has no more shares, deallocate share file */ + if (!shrfile->refcount) { + debuglog("unshare: file has no more shares\n"); + LIST_REMOVE(shrfile, sharefilelist); + close(shrfile->fd); + free(shrfile->filehandle.n_bytes); + free(shrfile); + } + + debuglog("Exiting unshare...\n"); + + return nlm_granted; +} + +/* + * do_free_all + * + * Wipe out all non-monitored locks and shares held by a host. + */ + +void +do_free_all(const char *hostname) +{ + struct file_lock *ifl, *nfl; + struct sharefile *shrfile, *nshrfile; + struct file_share *ifs, *nfs; + + /* clear non-monitored blocking file locks */ + ifl = LIST_FIRST(&blockedlocklist_head); + while (ifl != NULL) { + nfl = LIST_NEXT(ifl, nfslocklist); + + if (((ifl->flags & LOCK_MON) == 0) && + (strncmp(hostname, ifl->client_name, SM_MAXSTRLEN) == 0)) { + remove_blockingfilelock(ifl); + deallocate_file_lock(ifl); + } + + ifl = nfl; + } + + /* clear non-monitored file locks */ + ifl = LIST_FIRST(&nfslocklist_head); + while (ifl != NULL) { + nfl = LIST_NEXT(ifl, nfslocklist); + + if (((ifl->flags & LOCK_MON) == 0) && + (strncmp(hostname, ifl->client_name, SM_MAXSTRLEN) == 0)) { + /* Unlock destroys ifl out from underneath */ + unlock_partialfilelock(ifl); + /* ifl is NO LONGER VALID AT THIS POINT */ + } + + ifl = nfl; + } + + /* clear shares */ + shrfile = LIST_FIRST(&nfssharefilelist_head); + while (shrfile != NULL) { + nshrfile = LIST_NEXT(shrfile, sharefilelist); + + ifs = LIST_FIRST(&shrfile->sharelist_head); + while (ifs != NULL) { + nfs = LIST_NEXT(ifs, nfssharelist); + + if (strncmp(hostname, ifs->client_name, SM_MAXSTRLEN) == 0) { + shrfile->refcount--; + LIST_REMOVE(ifs, nfssharelist); + free(ifs->oh.n_bytes); + free(ifs); + } + + ifs = nfs; + } + + if (!shrfile->refcount) { + LIST_REMOVE(shrfile, sharefilelist); + close(shrfile->fd); + free(shrfile->filehandle.n_bytes); + free(shrfile); + } + + shrfile = nshrfile; + } + +} + + + +/* + * Routines below here have not been modified in the overhaul + */ + +/* + * Are these two routines still required since lockd is not spawning off + * children to service locks anymore? Presumably they were originally + * put in place to prevent a one child from changing the lock list out + * from under another one. + */ + +void +siglock(void) +{ + sigset_t block; + + sigemptyset(&block); + sigaddset(&block, SIGCHLD); + + if (sigprocmask(SIG_BLOCK, &block, NULL) < 0) { + syslog(LOG_WARNING, "siglock failed: %s", strerror(errno)); + } +} + +void +sigunlock(void) +{ + sigset_t block; + + sigemptyset(&block); + sigaddset(&block, SIGCHLD); + + if (sigprocmask(SIG_UNBLOCK, &block, NULL) < 0) { + syslog(LOG_WARNING, "sigunlock failed: %s", strerror(errno)); + } +} + + diff --git a/rpc_lockd.tproj/lockd_lock.h b/rpc_lockd.tproj/lockd_lock.h new file mode 100644 index 0000000..fc54f32 --- /dev/null +++ b/rpc_lockd.tproj/lockd_lock.h @@ -0,0 +1,26 @@ +/* $NetBSD: lockd_lock.h,v 1.2 2000/06/09 14:00:54 fvdl Exp $ */ +/* $FreeBSD: src/usr.sbin/rpc.lockd/lockd_lock.h,v 1.4 2002/03/21 22:52:45 alfred Exp $ */ + +/* Headers and function declarations for file-locking utilities */ + +struct nlm4_holder * testlock(struct nlm4_lock *lock, bool_t exclusive, int flags); +enum nlm_stats getlock(nlm4_lockargs *lckarg, struct svc_req *rqstp, const int flags); +enum nlm_stats unlock(nlm4_lock *lock, const int flags); +int lock_answer(int pid, netobj *netcookie, int result, int version, + int *pid_p, off_t l_start, off_t l_len); +enum nlm_stats getshare(nlm_shareargs *shrarg, struct svc_req *rqstp, const int flags); +enum nlm_stats unshare(nlm_shareargs *shrarg, struct svc_req *rqstp); +void do_free_all(const char *hostname); + +void notify(const char *hostname, const int state); + +/* flags for testlock, getlock & unlock */ +#define LOCK_ASYNC 0x01 /* async version (getlock only) */ +#define LOCK_V4 0x02 /* v4 version */ +#define LOCK_MON 0x04 /* monitored lock (getlock only) */ +#define LOCK_CANCEL 0x08 /* cancel, not unlock request (unlock only) */ + +/* callbacks from lock_proc.c */ +void transmit_result(int, nlm_res *, struct sockaddr *); +void transmit4_result(int, nlm4_res *, struct sockaddr *); +CLIENT *get_client(struct sockaddr *, rpcvers_t); diff --git a/rpc_lockd.tproj/nlm_prot_svc.c b/rpc_lockd.tproj/nlm_prot_svc.c new file mode 100644 index 0000000..1e0dd9d --- /dev/null +++ b/rpc_lockd.tproj/nlm_prot_svc.c @@ -0,0 +1,610 @@ +/* + * Please do not edit this file. + * It was generated using rpcgen. + * (and subsequently cleaned up by hand) + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#ifdef __cplusplus +#include +#endif /* __cplusplus */ +#include +#include +#include +#include + +#ifdef __STDC__ +#define SIG_PF void(*)(int) +#endif + +#ifdef DEBUG +#define RPC_SVC_FG +#endif + +// XXX +void retry_blockingfilelocklist(void); + +#define _RPCSVC_CLOSEDOWN 120 +#ifndef lint +/*static char sccsid[] = "from: @(#)nlm_prot.x 1.8 87/09/21 Copyr 1987 Sun Micro";*/ +/*static char sccsid[] = "from: * @(#)nlm_prot.x 2.1 88/08/01 4.0 RPCSRC";*/ +static char rcsid[] = "$Id: nlm_prot_svc.c,v 1.4 2003/07/24 05:11:22 lindak Exp $"; +#endif /* not lint */ +extern int _rpcpmstart; /* Started by a port monitor ? */ +extern int _rpcfdtype; /* Whether Stream or Datagram ? */ +extern int _rpcsvcdirty; /* Still serving ? */ + +void nlm_prog_0(struct svc_req *rqstp, SVCXPRT *transp); + +void +nlm_prog_0(struct svc_req *rqstp, SVCXPRT *transp) +{ + union { + struct nlm_sm_status nlm_sm_notify_0_arg; + } argument; + char *result; + xdrproc_t xdr_argument, xdr_result; + char *(*local)(char *, struct svc_req *); + + _rpcsvcdirty = 1; + switch (rqstp->rq_proc) { + case NULLPROC: + (void) svc_sendreply(transp, (xdrproc_t) xdr_void, (char *)NULL); + _rpcsvcdirty = 0; + return; + + case NLM_SM_NOTIFY: + xdr_argument = (xdrproc_t) xdr_nlm_sm_status; + xdr_result = (xdrproc_t) xdr_void; + local = (char *(*)(char *, struct svc_req *)) nlm_sm_notify_0_svc; + break; + + default: + svcerr_noproc(transp); + _rpcsvcdirty = 0; + return; + } + (void) memset((char *)&argument, 0, sizeof (argument)); + if (!svc_getargs(transp, xdr_argument, (caddr_t) &argument)) { + svcerr_decode(transp); + _rpcsvcdirty = 0; + return; + } + result = (*local)((char *)&argument, rqstp); + if (result != NULL && !svc_sendreply(transp, xdr_result, result)) { + svcerr_systemerr(transp); + } + if (!svc_freeargs(transp, xdr_argument, (caddr_t) &argument)) { + syslog(LOG_ERR, "unable to free arguments"); + exit(1); + } + _rpcsvcdirty = 0; + return; +} + +void nlm_prog_1(struct svc_req *rqstp, SVCXPRT *transp); + +void +nlm_prog_1(struct svc_req *rqstp, SVCXPRT *transp) +{ + union { + struct nlm_testargs nlm_test_1_arg; + struct nlm_lockargs nlm_lock_1_arg; + struct nlm_cancargs nlm_cancel_1_arg; + struct nlm_unlockargs nlm_unlock_1_arg; + struct nlm_testargs nlm_granted_1_arg; + struct nlm_testargs nlm_test_msg_1_arg; + struct nlm_lockargs nlm_lock_msg_1_arg; + struct nlm_cancargs nlm_cancel_msg_1_arg; + struct nlm_unlockargs nlm_unlock_msg_1_arg; + struct nlm_testargs nlm_granted_msg_1_arg; + nlm_testres nlm_test_res_1_arg; + nlm_res nlm_lock_res_1_arg; + nlm_res nlm_cancel_res_1_arg; + nlm_res nlm_unlock_res_1_arg; + nlm_res nlm_granted_res_1_arg; + } argument; + char *result; + xdrproc_t xdr_argument, xdr_result; + char *(*local)(char *, struct svc_req *); + + _rpcsvcdirty = 1; + switch (rqstp->rq_proc) { + case NULLPROC: + (void) svc_sendreply(transp, (xdrproc_t) xdr_void, (char *)NULL); + _rpcsvcdirty = 0; + return; + + case NLM_TEST: + xdr_argument = (xdrproc_t) xdr_nlm_testargs; + xdr_result = (xdrproc_t) xdr_nlm_testres; + local = (char *(*)(char *, struct svc_req *)) nlm_test_1_svc; + break; + + case NLM_LOCK: + xdr_argument = (xdrproc_t) xdr_nlm_lockargs; + xdr_result = (xdrproc_t) xdr_nlm_res; + local = (char *(*)(char *, struct svc_req *)) nlm_lock_1_svc; + break; + + case NLM_CANCEL: + xdr_argument = (xdrproc_t) xdr_nlm_cancargs; + xdr_result = (xdrproc_t) xdr_nlm_res; + local = (char *(*)(char *, struct svc_req *)) nlm_cancel_1_svc; + break; + + case NLM_UNLOCK: + xdr_argument = (xdrproc_t) xdr_nlm_unlockargs; + xdr_result = (xdrproc_t) xdr_nlm_res; + local = (char *(*)(char *, struct svc_req *)) nlm_unlock_1_svc; + break; + + case NLM_GRANTED: + xdr_argument = (xdrproc_t) xdr_nlm_testargs; + xdr_result = (xdrproc_t) xdr_nlm_res; + local = (char *(*)(char *, struct svc_req *)) nlm_granted_1_svc; + break; + + case NLM_TEST_MSG: + xdr_argument = (xdrproc_t) xdr_nlm_testargs; + xdr_result = (xdrproc_t) xdr_void; + local = (char *(*)(char *, struct svc_req *)) nlm_test_msg_1_svc; + break; + + case NLM_LOCK_MSG: + xdr_argument = (xdrproc_t) xdr_nlm_lockargs; + xdr_result = (xdrproc_t) xdr_void; + local = (char *(*)(char *, struct svc_req *)) nlm_lock_msg_1_svc; + break; + + case NLM_CANCEL_MSG: + xdr_argument = (xdrproc_t) xdr_nlm_cancargs; + xdr_result = (xdrproc_t) xdr_void; + local = (char *(*)(char *, struct svc_req *)) nlm_cancel_msg_1_svc; + break; + + case NLM_UNLOCK_MSG: + xdr_argument = (xdrproc_t) xdr_nlm_unlockargs; + xdr_result = (xdrproc_t) xdr_void; + local = (char *(*)(char *, struct svc_req *)) nlm_unlock_msg_1_svc; + break; + + case NLM_GRANTED_MSG: + xdr_argument = (xdrproc_t) xdr_nlm_testargs; + xdr_result = (xdrproc_t) xdr_void; + local = (char *(*)(char *, struct svc_req *)) nlm_granted_msg_1_svc; + break; + + case NLM_TEST_RES: + xdr_argument = (xdrproc_t) xdr_nlm_testres; + xdr_result = (xdrproc_t) xdr_void; + local = (char *(*)(char *, struct svc_req *)) nlm_test_res_1_svc; + break; + + case NLM_LOCK_RES: + xdr_argument = (xdrproc_t) xdr_nlm_res; + xdr_result = (xdrproc_t) xdr_void; + local = (char *(*)(char *, struct svc_req *)) nlm_lock_res_1_svc; + break; + + case NLM_CANCEL_RES: + xdr_argument = (xdrproc_t) xdr_nlm_res; + xdr_result = (xdrproc_t) xdr_void; + local = (char *(*)(char *, struct svc_req *)) nlm_cancel_res_1_svc; + break; + + case NLM_UNLOCK_RES: + xdr_argument = (xdrproc_t) xdr_nlm_res; + xdr_result = (xdrproc_t) xdr_void; + local = (char *(*)(char *, struct svc_req *)) nlm_unlock_res_1_svc; + break; + + case NLM_GRANTED_RES: + xdr_argument = (xdrproc_t) xdr_nlm_res; + xdr_result = (xdrproc_t) xdr_void; + local = (char *(*)(char *, struct svc_req *)) nlm_granted_res_1_svc; + break; + + default: + svcerr_noproc(transp); + _rpcsvcdirty = 0; + return; + } + (void) memset((char *)&argument, 0, sizeof (argument)); + if (!svc_getargs(transp, xdr_argument, (caddr_t) &argument)) { + svcerr_decode(transp); + _rpcsvcdirty = 0; + return; + } + result = (*local)((char *)&argument, rqstp); + if (result != NULL && !svc_sendreply(transp, xdr_result, result)) { + svcerr_systemerr(transp); + } + if (!svc_freeargs(transp, xdr_argument, (caddr_t) &argument)) { + syslog(LOG_ERR, "unable to free arguments"); + exit(1); + } + _rpcsvcdirty = 0; + if ((local == (char *(*)(char *, struct svc_req *)) nlm_unlock_1_svc) || + (local == (char *(*)(char *, struct svc_req *)) nlm_unlock_msg_1_svc)) { + // XXX sending granted messages before unlock response + // XXX causes unlock response to be corrupted? + // XXX so do this after we send any response + retry_blockingfilelocklist(); + } + return; +} + +void nlm_prog_3(struct svc_req *rqstp, SVCXPRT *transp); + +void +nlm_prog_3(struct svc_req *rqstp, SVCXPRT *transp) +{ + union { + struct nlm_testargs nlm_test_3_arg; + struct nlm_lockargs nlm_lock_3_arg; + struct nlm_cancargs nlm_cancel_3_arg; + struct nlm_unlockargs nlm_unlock_3_arg; + struct nlm_testargs nlm_granted_3_arg; + struct nlm_testargs nlm_test_msg_3_arg; + struct nlm_lockargs nlm_lock_msg_3_arg; + struct nlm_cancargs nlm_cancel_msg_3_arg; + struct nlm_unlockargs nlm_unlock_msg_3_arg; + struct nlm_testargs nlm_granted_msg_3_arg; + nlm_testres nlm_test_res_3_arg; + nlm_res nlm_lock_res_3_arg; + nlm_res nlm_cancel_res_3_arg; + nlm_res nlm_unlock_res_3_arg; + nlm_res nlm_granted_res_3_arg; + nlm_shareargs nlm_share_3_arg; + nlm_shareargs nlm_unshare_3_arg; + nlm_lockargs nlm_nm_lock_3_arg; + nlm_notify nlm_free_all_3_arg; + } argument; + char *result; + xdrproc_t xdr_argument, xdr_result; + char *(*local)(char *, struct svc_req *); + + _rpcsvcdirty = 1; + switch (rqstp->rq_proc) { + case NULLPROC: + (void) svc_sendreply(transp, (xdrproc_t) xdr_void, (char *)NULL); + _rpcsvcdirty = 0; + return; + + case NLM_TEST: + xdr_argument = (xdrproc_t) xdr_nlm_testargs; + xdr_result = (xdrproc_t) xdr_nlm_testres; + local = (char *(*)(char *, struct svc_req *)) nlm_test_1_svc; + break; + + case NLM_LOCK: + xdr_argument = (xdrproc_t) xdr_nlm_lockargs; + xdr_result = (xdrproc_t) xdr_nlm_res; + local = (char *(*)(char *, struct svc_req *)) nlm_lock_1_svc; + break; + + case NLM_CANCEL: + xdr_argument = (xdrproc_t) xdr_nlm_cancargs; + xdr_result = (xdrproc_t) xdr_nlm_res; + local = (char *(*)(char *, struct svc_req *)) nlm_cancel_1_svc; + break; + + case NLM_UNLOCK: + xdr_argument = (xdrproc_t) xdr_nlm_unlockargs; + xdr_result = (xdrproc_t) xdr_nlm_res; + local = (char *(*)(char *, struct svc_req *)) nlm_unlock_1_svc; + break; + + case NLM_GRANTED: + xdr_argument = (xdrproc_t) xdr_nlm_testargs; + xdr_result = (xdrproc_t) xdr_nlm_res; + local = (char *(*)(char *, struct svc_req *)) nlm_granted_1_svc; + break; + + case NLM_TEST_MSG: + xdr_argument = (xdrproc_t) xdr_nlm_testargs; + xdr_result = (xdrproc_t) xdr_void; + local = (char *(*)(char *, struct svc_req *)) nlm_test_msg_1_svc; + break; + + case NLM_LOCK_MSG: + xdr_argument = (xdrproc_t) xdr_nlm_lockargs; + xdr_result = (xdrproc_t) xdr_void; + local = (char *(*)(char *, struct svc_req *)) nlm_lock_msg_1_svc; + break; + + case NLM_CANCEL_MSG: + xdr_argument = (xdrproc_t) xdr_nlm_cancargs; + xdr_result = (xdrproc_t) xdr_void; + local = (char *(*)(char *, struct svc_req *)) nlm_cancel_msg_1_svc; + break; + + case NLM_UNLOCK_MSG: + xdr_argument = (xdrproc_t) xdr_nlm_unlockargs; + xdr_result = (xdrproc_t) xdr_void; + local = (char *(*)(char *, struct svc_req *)) nlm_unlock_msg_1_svc; + break; + + case NLM_GRANTED_MSG: + xdr_argument = (xdrproc_t) xdr_nlm_testargs; + xdr_result = (xdrproc_t) xdr_void; + local = (char *(*)(char *, struct svc_req *)) nlm_granted_msg_1_svc; + break; + + case NLM_TEST_RES: + xdr_argument = (xdrproc_t) xdr_nlm_testres; + xdr_result = (xdrproc_t) xdr_void; + local = (char *(*)(char *, struct svc_req *)) nlm_test_res_1_svc; + break; + + case NLM_LOCK_RES: + xdr_argument = (xdrproc_t) xdr_nlm_res; + xdr_result = (xdrproc_t) xdr_void; + local = (char *(*)(char *, struct svc_req *)) nlm_lock_res_1_svc; + break; + + case NLM_CANCEL_RES: + xdr_argument = (xdrproc_t) xdr_nlm_res; + xdr_result = (xdrproc_t) xdr_void; + local = (char *(*)(char *, struct svc_req *)) nlm_cancel_res_1_svc; + break; + + case NLM_UNLOCK_RES: + xdr_argument = (xdrproc_t) xdr_nlm_res; + xdr_result = (xdrproc_t) xdr_void; + local = (char *(*)(char *, struct svc_req *)) nlm_unlock_res_1_svc; + break; + + case NLM_GRANTED_RES: + xdr_argument = (xdrproc_t) xdr_nlm_res; + xdr_result = (xdrproc_t) xdr_void; + local = (char *(*)(char *, struct svc_req *)) nlm_granted_res_1_svc; + break; + + case NLM_SHARE: + xdr_argument = (xdrproc_t) xdr_nlm_shareargs; + xdr_result = (xdrproc_t) xdr_nlm_shareres; + local = (char *(*)(char *, struct svc_req *)) nlm_share_3_svc; + break; + + case NLM_UNSHARE: + xdr_argument = (xdrproc_t) xdr_nlm_shareargs; + xdr_result = (xdrproc_t) xdr_nlm_shareres; + local = (char *(*)(char *, struct svc_req *)) nlm_unshare_3_svc; + break; + + case NLM_NM_LOCK: + xdr_argument = (xdrproc_t) xdr_nlm_lockargs; + xdr_result = (xdrproc_t) xdr_nlm_res; + local = (char *(*)(char *, struct svc_req *)) nlm_nm_lock_3_svc; + break; + + case NLM_FREE_ALL: + xdr_argument = (xdrproc_t) xdr_nlm_notify; + xdr_result = (xdrproc_t) xdr_void; + local = (char *(*)(char *, struct svc_req *)) nlm_free_all_3_svc; + break; + + default: + svcerr_noproc(transp); + _rpcsvcdirty = 0; + return; + } + (void) memset((char *)&argument, 0, sizeof (argument)); + if (!svc_getargs(transp, xdr_argument, (caddr_t) &argument)) { + svcerr_decode(transp); + _rpcsvcdirty = 0; + return; + } + result = (*local)((char *)&argument, rqstp); + if (result != NULL && !svc_sendreply(transp, xdr_result, result)) { + svcerr_systemerr(transp); + } + if (!svc_freeargs(transp, xdr_argument, (caddr_t) &argument)) { + syslog(LOG_ERR, "unable to free arguments"); + exit(1); + } + _rpcsvcdirty = 0; + if ((local == (char *(*)(char *, struct svc_req *)) nlm_unlock_1_svc) || + (local == (char *(*)(char *, struct svc_req *)) nlm_unlock_msg_1_svc) || + (local == (char *(*)(char *, struct svc_req *)) nlm_free_all_3_svc)) { + // XXX sending granted messages before unlock response + // XXX causes unlock response to be corrupted? + // XXX so do this after we send any response + retry_blockingfilelocklist(); + } + return; +} + +void nlm_prog_4(struct svc_req *rqstp, SVCXPRT *transp); + +void +nlm_prog_4(struct svc_req *rqstp, SVCXPRT *transp) +{ + union { + nlm4_testargs nlm4_test_4_arg; + nlm4_lockargs nlm4_lock_4_arg; + nlm4_cancargs nlm4_cancel_4_arg; + nlm4_unlockargs nlm4_unlock_4_arg; + nlm4_testargs nlm4_granted_4_arg; + nlm4_testargs nlm4_test_msg_4_arg; + nlm4_lockargs nlm4_lock_msg_4_arg; + nlm4_cancargs nlm4_cancel_msg_4_arg; + nlm4_unlockargs nlm4_unlock_msg_4_arg; + nlm4_testargs nlm4_granted_msg_4_arg; + nlm4_testres nlm4_test_res_4_arg; + nlm4_res nlm4_lock_res_4_arg; + nlm4_res nlm4_cancel_res_4_arg; + nlm4_res nlm4_unlock_res_4_arg; + nlm4_res nlm4_granted_res_4_arg; + nlm4_shareargs nlm4_share_4_arg; + nlm4_shareargs nlm4_unshare_4_arg; + nlm4_lockargs nlm4_nm_lock_4_arg; + nlm4_notify nlm4_free_all_4_arg; + } argument; + char *result; + xdrproc_t xdr_argument, xdr_result; + char *(*local)(char *, struct svc_req *); + + _rpcsvcdirty = 1; + switch (rqstp->rq_proc) { + case NULLPROC: + (void) svc_sendreply(transp, (xdrproc_t) xdr_void, (char *)NULL); + _rpcsvcdirty = 0; + return; + + case NLM4_TEST: + xdr_argument = (xdrproc_t) xdr_nlm4_testargs; + xdr_result = (xdrproc_t) xdr_nlm4_testres; + local = (char *(*)(char *, struct svc_req *)) nlm4_test_4_svc; + break; + + case NLM4_LOCK: + xdr_argument = (xdrproc_t) xdr_nlm4_lockargs; + xdr_result = (xdrproc_t) xdr_nlm4_res; + local = (char *(*)(char *, struct svc_req *)) nlm4_lock_4_svc; + break; + + case NLM4_CANCEL: + xdr_argument = (xdrproc_t) xdr_nlm4_cancargs; + xdr_result = (xdrproc_t) xdr_nlm4_res; + local = (char *(*)(char *, struct svc_req *)) nlm4_cancel_4_svc; + break; + + case NLM4_UNLOCK: + xdr_argument = (xdrproc_t) xdr_nlm4_unlockargs; + xdr_result = (xdrproc_t) xdr_nlm4_res; + local = (char *(*)(char *, struct svc_req *)) nlm4_unlock_4_svc; + break; + + case NLM4_GRANTED: + xdr_argument = (xdrproc_t) xdr_nlm4_testargs; + xdr_result = (xdrproc_t) xdr_nlm4_res; + local = (char *(*)(char *, struct svc_req *)) nlm4_granted_4_svc; + break; + + case NLM4_TEST_MSG: + xdr_argument = (xdrproc_t) xdr_nlm4_testargs; + xdr_result = (xdrproc_t) xdr_void; + local = (char *(*)(char *, struct svc_req *)) nlm4_test_msg_4_svc; + break; + + case NLM4_LOCK_MSG: + xdr_argument = (xdrproc_t) xdr_nlm4_lockargs; + xdr_result = (xdrproc_t) xdr_void; + local = (char *(*)(char *, struct svc_req *)) nlm4_lock_msg_4_svc; + break; + + case NLM4_CANCEL_MSG: + xdr_argument = (xdrproc_t) xdr_nlm4_cancargs; + xdr_result = (xdrproc_t) xdr_void; + local = (char *(*)(char *, struct svc_req *)) nlm4_cancel_msg_4_svc; + break; + + case NLM4_UNLOCK_MSG: + xdr_argument = (xdrproc_t) xdr_nlm4_unlockargs; + xdr_result = (xdrproc_t) xdr_void; + local = (char *(*)(char *, struct svc_req *)) nlm4_unlock_msg_4_svc; + break; + + case NLM4_GRANTED_MSG: + xdr_argument = (xdrproc_t) xdr_nlm4_testargs; + xdr_result = (xdrproc_t) xdr_void; + local = (char *(*)(char *, struct svc_req *)) nlm4_granted_msg_4_svc; + break; + + case NLM4_TEST_RES: + xdr_argument = (xdrproc_t) xdr_nlm4_testres; + xdr_result = (xdrproc_t) xdr_void; + local = (char *(*)(char *, struct svc_req *)) nlm4_test_res_4_svc; + break; + + case NLM4_LOCK_RES: + xdr_argument = (xdrproc_t) xdr_nlm4_res; + xdr_result = (xdrproc_t) xdr_void; + local = (char *(*)(char *, struct svc_req *)) nlm4_lock_res_4_svc; + break; + + case NLM4_CANCEL_RES: + xdr_argument = (xdrproc_t) xdr_nlm4_res; + xdr_result = (xdrproc_t) xdr_void; + local = (char *(*)(char *, struct svc_req *)) nlm4_cancel_res_4_svc; + break; + + case NLM4_UNLOCK_RES: + xdr_argument = (xdrproc_t) xdr_nlm4_res; + xdr_result = (xdrproc_t) xdr_void; + local = (char *(*)(char *, struct svc_req *)) nlm4_unlock_res_4_svc; + break; + + case NLM4_GRANTED_RES: + xdr_argument = (xdrproc_t) xdr_nlm4_res; + xdr_result = (xdrproc_t) xdr_void; + local = (char *(*)(char *, struct svc_req *)) nlm4_granted_res_4_svc; + break; + + case NLM4_SHARE: + xdr_argument = (xdrproc_t) xdr_nlm4_shareargs; + xdr_result = (xdrproc_t) xdr_nlm4_shareres; + local = (char *(*)(char *, struct svc_req *)) nlm4_share_4_svc; + break; + + case NLM4_UNSHARE: + xdr_argument = (xdrproc_t) xdr_nlm4_shareargs; + xdr_result = (xdrproc_t) xdr_nlm4_shareres; + local = (char *(*)(char *, struct svc_req *)) nlm4_unshare_4_svc; + break; + + case NLM4_NM_LOCK: + xdr_argument = (xdrproc_t) xdr_nlm4_lockargs; + xdr_result = (xdrproc_t) xdr_nlm4_res; + local = (char *(*)(char *, struct svc_req *)) nlm4_nm_lock_4_svc; + break; + + case NLM4_FREE_ALL: + xdr_argument = (xdrproc_t) xdr_nlm4_notify; + xdr_result = (xdrproc_t) xdr_void; + local = (char *(*)(char *, struct svc_req *)) nlm4_free_all_4_svc; + break; + + default: + svcerr_noproc(transp); + _rpcsvcdirty = 0; + return; + } + (void) memset((char *)&argument, 0, sizeof (argument)); + if (!svc_getargs(transp, xdr_argument, (caddr_t) &argument)) { + svcerr_decode(transp); + _rpcsvcdirty = 0; + return; + } + result = (*local)((char *)&argument, rqstp); + if (result != NULL && !svc_sendreply(transp, xdr_result, result)) { + svcerr_systemerr(transp); + } + if (!svc_freeargs(transp, xdr_argument, (caddr_t) &argument)) { + syslog(LOG_ERR, "unable to free arguments"); + exit(1); + } + _rpcsvcdirty = 0; + if ((local == (char *(*)(char *, struct svc_req *)) nlm4_unlock_4_svc) || + (local == (char *(*)(char *, struct svc_req *)) nlm4_unlock_msg_4_svc) || + (local == (char *(*)(char *, struct svc_req *)) nlm4_free_all_4_svc)) { + // XXX sending granted messages before unlock response + // XXX causes unlock response to be corrupted? + // XXX so do this after we send any response + retry_blockingfilelocklist(); + } + return; +} diff --git a/rpc_lockd.tproj/nlm_prot_xdr.c b/rpc_lockd.tproj/nlm_prot_xdr.c new file mode 100644 index 0000000..2dd561c --- /dev/null +++ b/rpc_lockd.tproj/nlm_prot_xdr.c @@ -0,0 +1,524 @@ +/* + * Please do not edit this file. + * It was generated using rpcgen. + */ + +#include +#ifndef lint +/*static char sccsid[] = "from: @(#)nlm_prot.x 1.8 87/09/21 Copyr 1987 Sun Micro";*/ +/*static char sccsid[] = "from: * @(#)nlm_prot.x 2.1 88/08/01 4.0 RPCSRC";*/ +static char rcsid[] = "$Id: nlm_prot_xdr.c,v 1.2 2002/09/27 05:04:03 lindak Exp $"; +#endif /* not lint */ + +#if 1 +/* XXX until we get real int32/64 xdr funcs */ + +#define xdr_int32_t xdr_int +#define xdr_u_int32_t xdr_u_int + +/* + * XDR 64-bit integers + */ +bool_t +xdr_int64_t(xdrs, llp) + XDR *xdrs; + int64_t *llp; +{ + u_long ul[2]; + + switch (xdrs->x_op) { + case XDR_ENCODE: + ul[0] = (u_long) ((u_int64_t) * llp >> 32) & 0xffffffff; + ul[1] = (u_long) ((u_int64_t) * llp) & 0xffffffff; + if (XDR_PUTLONG(xdrs, (long *) &ul[0]) == FALSE) + return (FALSE); + return (XDR_PUTLONG(xdrs, (long *) &ul[1])); + case XDR_DECODE: + if (XDR_GETLONG(xdrs, (long *) &ul[0]) == FALSE) + return (FALSE); + if (XDR_GETLONG(xdrs, (long *) &ul[1]) == FALSE) + return (FALSE); + *llp = (int64_t) + (((u_int64_t) ul[0] << 32) | ((u_int64_t) ul[1])); + return (TRUE); + case XDR_FREE: + return (TRUE); + } + /* NOTREACHED */ + return (FALSE); +} + + +/* + * XDR unsigned 64-bit integers + */ +bool_t +xdr_u_int64_t(xdrs, ullp) + XDR *xdrs; + u_int64_t *ullp; +{ + u_long ul[2]; + + switch (xdrs->x_op) { + case XDR_ENCODE: + ul[0] = (u_long) (*ullp >> 32) & 0xffffffff; + ul[1] = (u_long) (*ullp) & 0xffffffff; + if (XDR_PUTLONG(xdrs, (long *) &ul[0]) == FALSE) + return (FALSE); + return (XDR_PUTLONG(xdrs, (long *) &ul[1])); + case XDR_DECODE: + if (XDR_GETLONG(xdrs, (long *) &ul[0]) == FALSE) + return (FALSE); + if (XDR_GETLONG(xdrs, (long *) &ul[1]) == FALSE) + return (FALSE); + *ullp = (u_int64_t) + (((u_int64_t) ul[0] << 32) | ((u_int64_t) ul[1])); + return (TRUE); + case XDR_FREE: + return (TRUE); + } + /* NOTREACHED */ + return (FALSE); +} +#endif + +bool_t +xdr_nlm_stats(XDR *xdrs, nlm_stats *objp) +{ + + if (!xdr_enum(xdrs, (enum_t *)objp)) + return (FALSE); + return (TRUE); +} + +bool_t +xdr_nlm_holder(XDR *xdrs, nlm_holder *objp) +{ + + if (!xdr_bool(xdrs, &objp->exclusive)) + return (FALSE); + if (!xdr_int(xdrs, &objp->svid)) + return (FALSE); + if (!xdr_netobj(xdrs, &objp->oh)) + return (FALSE); + if (!xdr_u_int(xdrs, &objp->l_offset)) + return (FALSE); + if (!xdr_u_int(xdrs, &objp->l_len)) + return (FALSE); + return (TRUE); +} + +bool_t +xdr_nlm_testrply(XDR *xdrs, nlm_testrply *objp) +{ + + if (!xdr_nlm_stats(xdrs, &objp->stat)) + return (FALSE); + switch (objp->stat) { + case nlm_denied: + if (!xdr_nlm_holder(xdrs, &objp->nlm_testrply_u.holder)) + return (FALSE); + break; + default: + break; + } + return (TRUE); +} + +bool_t +xdr_nlm_stat(XDR *xdrs, nlm_stat *objp) +{ + + if (!xdr_nlm_stats(xdrs, &objp->stat)) + return (FALSE); + return (TRUE); +} + +bool_t +xdr_nlm_res(XDR *xdrs, nlm_res *objp) +{ + + if (!xdr_netobj(xdrs, &objp->cookie)) + return (FALSE); + if (!xdr_nlm_stat(xdrs, &objp->stat)) + return (FALSE); + return (TRUE); +} + +bool_t +xdr_nlm_testres(XDR *xdrs, nlm_testres *objp) +{ + + if (!xdr_netobj(xdrs, &objp->cookie)) + return (FALSE); + if (!xdr_nlm_testrply(xdrs, &objp->stat)) + return (FALSE); + return (TRUE); +} + +bool_t +xdr_nlm_lock(XDR *xdrs, nlm_lock *objp) +{ + + if (!xdr_string(xdrs, &objp->caller_name, LM_MAXSTRLEN)) + return (FALSE); + if (!xdr_netobj(xdrs, &objp->fh)) + return (FALSE); + if (!xdr_netobj(xdrs, &objp->oh)) + return (FALSE); + if (!xdr_int(xdrs, &objp->svid)) + return (FALSE); + if (!xdr_u_int(xdrs, &objp->l_offset)) + return (FALSE); + if (!xdr_u_int(xdrs, &objp->l_len)) + return (FALSE); + return (TRUE); +} + +bool_t +xdr_nlm_lockargs(XDR *xdrs, nlm_lockargs *objp) +{ + + if (!xdr_netobj(xdrs, &objp->cookie)) + return (FALSE); + if (!xdr_bool(xdrs, &objp->block)) + return (FALSE); + if (!xdr_bool(xdrs, &objp->exclusive)) + return (FALSE); + if (!xdr_nlm_lock(xdrs, &objp->alock)) + return (FALSE); + if (!xdr_bool(xdrs, &objp->reclaim)) + return (FALSE); + if (!xdr_int(xdrs, &objp->state)) + return (FALSE); + return (TRUE); +} + +bool_t +xdr_nlm_cancargs(XDR *xdrs, nlm_cancargs *objp) +{ + + if (!xdr_netobj(xdrs, &objp->cookie)) + return (FALSE); + if (!xdr_bool(xdrs, &objp->block)) + return (FALSE); + if (!xdr_bool(xdrs, &objp->exclusive)) + return (FALSE); + if (!xdr_nlm_lock(xdrs, &objp->alock)) + return (FALSE); + return (TRUE); +} + +bool_t +xdr_nlm_testargs(XDR *xdrs, nlm_testargs *objp) +{ + + if (!xdr_netobj(xdrs, &objp->cookie)) + return (FALSE); + if (!xdr_bool(xdrs, &objp->exclusive)) + return (FALSE); + if (!xdr_nlm_lock(xdrs, &objp->alock)) + return (FALSE); + return (TRUE); +} + +bool_t +xdr_nlm_unlockargs(XDR *xdrs, nlm_unlockargs *objp) +{ + + if (!xdr_netobj(xdrs, &objp->cookie)) + return (FALSE); + if (!xdr_nlm_lock(xdrs, &objp->alock)) + return (FALSE); + return (TRUE); +} + +bool_t +xdr_fsh_mode(XDR *xdrs, fsh_mode *objp) +{ + + if (!xdr_enum(xdrs, (enum_t *)objp)) + return (FALSE); + return (TRUE); +} + +bool_t +xdr_fsh_access(XDR *xdrs, fsh_access *objp) +{ + + if (!xdr_enum(xdrs, (enum_t *)objp)) + return (FALSE); + return (TRUE); +} + +bool_t +xdr_nlm_share(XDR *xdrs, nlm_share *objp) +{ + + if (!xdr_string(xdrs, &objp->caller_name, LM_MAXSTRLEN)) + return (FALSE); + if (!xdr_netobj(xdrs, &objp->fh)) + return (FALSE); + if (!xdr_netobj(xdrs, &objp->oh)) + return (FALSE); + if (!xdr_fsh_mode(xdrs, &objp->mode)) + return (FALSE); + if (!xdr_fsh_access(xdrs, &objp->access)) + return (FALSE); + return (TRUE); +} + +bool_t +xdr_nlm_shareargs(XDR *xdrs, nlm_shareargs *objp) +{ + + if (!xdr_netobj(xdrs, &objp->cookie)) + return (FALSE); + if (!xdr_nlm_share(xdrs, &objp->share)) + return (FALSE); + if (!xdr_bool(xdrs, &objp->reclaim)) + return (FALSE); + return (TRUE); +} + +bool_t +xdr_nlm_shareres(XDR *xdrs, nlm_shareres *objp) +{ + + if (!xdr_netobj(xdrs, &objp->cookie)) + return (FALSE); + if (!xdr_nlm_stats(xdrs, &objp->stat)) + return (FALSE); + if (!xdr_int(xdrs, &objp->sequence)) + return (FALSE); + return (TRUE); +} + +bool_t +xdr_nlm_notify(XDR *xdrs, nlm_notify *objp) +{ + + if (!xdr_string(xdrs, &objp->name, MAXNAMELEN)) + return (FALSE); + if (!xdr_long(xdrs, &objp->state)) + return (FALSE); + return (TRUE); +} + +bool_t +xdr_nlm4_stats(XDR *xdrs, nlm4_stats *objp) +{ + + if (!xdr_enum(xdrs, (enum_t *)objp)) + return (FALSE); + return (TRUE); +} + +bool_t +xdr_nlm4_stat(XDR *xdrs, nlm4_stat *objp) +{ + + if (!xdr_nlm4_stats(xdrs, &objp->stat)) + return (FALSE); + return (TRUE); +} + +bool_t +xdr_nlm4_holder(XDR *xdrs, nlm4_holder *objp) +{ + + if (!xdr_bool(xdrs, &objp->exclusive)) + return (FALSE); + if (!xdr_u_int32_t(xdrs, &objp->svid)) + return (FALSE); + if (!xdr_netobj(xdrs, &objp->oh)) + return (FALSE); + if (!xdr_u_int64_t(xdrs, &objp->l_offset)) + return (FALSE); + if (!xdr_u_int64_t(xdrs, &objp->l_len)) + return (FALSE); + return (TRUE); +} + +bool_t +xdr_nlm4_lock(XDR *xdrs, nlm4_lock *objp) +{ + + if (!xdr_string(xdrs, &objp->caller_name, MAXNAMELEN)) + return (FALSE); + if (!xdr_netobj(xdrs, &objp->fh)) + return (FALSE); + if (!xdr_netobj(xdrs, &objp->oh)) + return (FALSE); + if (!xdr_u_int32_t(xdrs, &objp->svid)) + return (FALSE); + if (!xdr_u_int64_t(xdrs, &objp->l_offset)) + return (FALSE); + if (!xdr_u_int64_t(xdrs, &objp->l_len)) + return (FALSE); + return (TRUE); +} + +bool_t +xdr_nlm4_share(XDR *xdrs, nlm4_share *objp) +{ + + if (!xdr_string(xdrs, &objp->caller_name, MAXNAMELEN)) + return (FALSE); + if (!xdr_netobj(xdrs, &objp->fh)) + return (FALSE); + if (!xdr_netobj(xdrs, &objp->oh)) + return (FALSE); + if (!xdr_fsh_mode(xdrs, &objp->mode)) + return (FALSE); + if (!xdr_fsh_access(xdrs, &objp->access)) + return (FALSE); + return (TRUE); +} + +bool_t +xdr_nlm4_testrply(XDR *xdrs, nlm4_testrply *objp) +{ + + if (!xdr_nlm4_stats(xdrs, &objp->stat)) + return (FALSE); + switch (objp->stat) { + case nlm_denied: + if (!xdr_nlm4_holder(xdrs, &objp->nlm4_testrply_u.holder)) + return (FALSE); + break; + default: + break; + } + return (TRUE); +} + +bool_t +xdr_nlm4_testres(XDR *xdrs, nlm4_testres *objp) +{ + + if (!xdr_netobj(xdrs, &objp->cookie)) + return (FALSE); + if (!xdr_nlm4_testrply(xdrs, &objp->stat)) + return (FALSE); + return (TRUE); +} + +bool_t +xdr_nlm4_testargs(XDR *xdrs, nlm4_testargs *objp) +{ + + if (!xdr_netobj(xdrs, &objp->cookie)) + return (FALSE); + if (!xdr_bool(xdrs, &objp->exclusive)) + return (FALSE); + if (!xdr_nlm4_lock(xdrs, &objp->alock)) + return (FALSE); + return (TRUE); +} + +bool_t +xdr_nlm4_res(XDR *xdrs, nlm4_res *objp) +{ + + if (!xdr_netobj(xdrs, &objp->cookie)) + return (FALSE); + if (!xdr_nlm4_stat(xdrs, &objp->stat)) + return (FALSE); + return (TRUE); +} + +bool_t +xdr_nlm4_lockargs(XDR *xdrs, nlm4_lockargs *objp) +{ + + if (!xdr_netobj(xdrs, &objp->cookie)) + return (FALSE); + if (!xdr_bool(xdrs, &objp->block)) + return (FALSE); + if (!xdr_bool(xdrs, &objp->exclusive)) + return (FALSE); + if (!xdr_nlm4_lock(xdrs, &objp->alock)) + return (FALSE); + if (!xdr_bool(xdrs, &objp->reclaim)) + return (FALSE); + if (!xdr_int(xdrs, &objp->state)) + return (FALSE); + return (TRUE); +} + +bool_t +xdr_nlm4_cancargs(XDR *xdrs, nlm4_cancargs *objp) +{ + + if (!xdr_netobj(xdrs, &objp->cookie)) + return (FALSE); + if (!xdr_bool(xdrs, &objp->block)) + return (FALSE); + if (!xdr_bool(xdrs, &objp->exclusive)) + return (FALSE); + if (!xdr_nlm4_lock(xdrs, &objp->alock)) + return (FALSE); + return (TRUE); +} + +bool_t +xdr_nlm4_unlockargs(XDR *xdrs, nlm4_unlockargs *objp) +{ + + if (!xdr_netobj(xdrs, &objp->cookie)) + return (FALSE); + if (!xdr_nlm4_lock(xdrs, &objp->alock)) + return (FALSE); + return (TRUE); +} + +bool_t +xdr_nlm4_shareargs(XDR *xdrs, nlm4_shareargs *objp) +{ + + if (!xdr_netobj(xdrs, &objp->cookie)) + return (FALSE); + if (!xdr_nlm4_share(xdrs, &objp->share)) + return (FALSE); + if (!xdr_bool(xdrs, &objp->reclaim)) + return (FALSE); + return (TRUE); +} + +bool_t +xdr_nlm4_shareres(XDR *xdrs, nlm4_shareres *objp) +{ + + if (!xdr_netobj(xdrs, &objp->cookie)) + return (FALSE); + if (!xdr_nlm4_stats(xdrs, &objp->stat)) + return (FALSE); + if (!xdr_int(xdrs, &objp->sequence)) + return (FALSE); + return (TRUE); +} + +bool_t +xdr_nlm_sm_status(XDR *xdrs, nlm_sm_status *objp) +{ + + if (!xdr_string(xdrs, &objp->mon_name, LM_MAXSTRLEN)) + return (FALSE); + if (!xdr_int(xdrs, &objp->state)) + return (FALSE); + if (!xdr_opaque(xdrs, objp->priv, 16)) + return (FALSE); + return (TRUE); +} + +bool_t +xdr_nlm4_notify(XDR *xdrs, nlm4_notify *objp) +{ + + if (!xdr_string(xdrs, &objp->name, MAXNAMELEN)) + return (FALSE); + if (!xdr_int32_t(xdrs, &objp->state)) + return (FALSE); + return (TRUE); +} diff --git a/rpc_lockd.tproj/rpc.lockd.8 b/rpc_lockd.tproj/rpc.lockd.8 new file mode 100644 index 0000000..e4172df --- /dev/null +++ b/rpc_lockd.tproj/rpc.lockd.8 @@ -0,0 +1,135 @@ +.\" $NetBSD: rpc.lockd.8,v 1.5 2000/06/09 18:51:47 cgd Exp $ +.\" $FreeBSD: src/usr.sbin/rpc.lockd/rpc.lockd.8,v 1.14 2002/07/14 14:45:36 charnier Exp $ +.\" +.\" Copyright (c) 1995 A.R.Gordon, andrew.gordon@net-tel.co.uk +.\" All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. All advertising materials mentioning features or use of this software +.\" must display the following acknowledgement: +.\" This product includes software developed by the University of +.\" California, Berkeley and its contributors. +.\" 4. Neither the name of the University nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" +.Dd September 24, 1995 +.Dt RPC.LOCKD 8 +.Os +.Sh NAME +.Nm rpc.lockd +.Nd NFS file locking daemon +.Sh SYNOPSIS +.Nm +.Op Fl d Ar debug_level +.Op Fl g Ar grace period +.Sh DESCRIPTION +The +.Nm +utility provides monitored and unmonitored file and record locking services +in an NFS environment. +To monitor the status of hosts requesting locks, +the locking daemon typically operates in conjunction +with +.Xr rpc.statd 8 . +.Pp +Options and operands available for +.Nm : +.Bl -tag -width indent +.It Fl d +The +.Fl d +option causes debugging information to be written to syslog, recording +all RPC transactions to the daemon. +These messages are logged with level +.Dv LOG_DEBUG +and facility +.Dv LOG_DAEMON . +Specifying a +.Ar debug_level +of 1 results +in the generation of one log line per protocol operation. +Higher +debug levels can be specified, causing display of operation arguments +and internal operations of the daemon. +.It Fl g +The +.Fl g +option allow to specify the +.Ar grace period , +in seconds. +During the grace period +.Nm +only accepts requests from hosts which are reinitialising locks which +existed before the server restart. +Default is 30 seconds. +.It Fl w +The +.Fl w +option tells +.Nm +to wait until the first client locking request is made before starting the +locking daemon(s). This may be used on NFS clients to defer starting the +NFS locking daemons until it is known that they will be needed. (Note: +.Xr rpc.statd 8 +will also be started if it isn't already running) +.El +.Pp +Error conditions are logged to syslog, irrespective of the debug level, +using log level +.Dv LOG_ERR +and facility +.Dv LOG_DAEMON . +.Pp +The +.Nm +utility must NOT be invoked by +.Xr inetd 8 +because the protocol assumes that the daemon will run from system start time. +Instead, it should be configured in +.Xr rc.conf 5 +to run at system startup. +.Sh FILES +.Bl -tag -width /usr/include/rpcsvc/nlm_prot.x -compact +.It Pa /usr/include/rpcsvc/nlm_prot.x +RPC protocol specification for the network lock manager protocol. +.El +.Sh SEE ALSO +.Xr syslog 3 , +.Xr rc.conf 5 , +.Xr rpc.statd 8 +.Sh BUGS +The current implementation serialises locks requests that could be shared. +.Sh STANDARDS +The implementation is based on the specification in +.Rs +.%B "X/Open CAE Specification C218" +.%T "Protocols for X/Open PC Interworking: XNFS, Issue 4" +.%O ISBN 1 872630 66 9 +.Re +.Sh HISTORY +A version of +.Nm +appeared in +.Tn SunOS +4. diff --git a/rpc_lockd.tproj/sm_inter_xdr.c b/rpc_lockd.tproj/sm_inter_xdr.c new file mode 100644 index 0000000..d2cd7d5 --- /dev/null +++ b/rpc_lockd.tproj/sm_inter_xdr.c @@ -0,0 +1,110 @@ +/* + * Please do not edit this file. + * It was generated using rpcgen. + */ + +#include +#ifndef lint +/*static char sccsid[] = "from: @(#)sm_inter.x 1.7 87/06/24 Copyr 1987 Sun Micro";*/ +/*static char sccsid[] = "from: @(#)sm_inter.x 2.2 88/08/01 4.0 RPCSRC";*/ +static char rcsid[] = "$Id: sm_inter_xdr.c,v 1.2 2002/09/27 05:04:06 lindak Exp $"; +#endif /* not lint */ + +bool_t +xdr_sm_name(XDR *xdrs, sm_name *objp) +{ + + if (!xdr_string(xdrs, &objp->mon_name, SM_MAXSTRLEN)) + return (FALSE); + return (TRUE); +} + +bool_t +xdr_my_id(XDR *xdrs, my_id *objp) +{ + + if (!xdr_string(xdrs, &objp->my_name, SM_MAXSTRLEN)) + return (FALSE); + if (!xdr_int(xdrs, &objp->my_prog)) + return (FALSE); + if (!xdr_int(xdrs, &objp->my_vers)) + return (FALSE); + if (!xdr_int(xdrs, &objp->my_proc)) + return (FALSE); + return (TRUE); +} + +bool_t +xdr_mon_id(XDR *xdrs, mon_id *objp) +{ + + if (!xdr_string(xdrs, &objp->mon_name, SM_MAXSTRLEN)) + return (FALSE); + if (!xdr_my_id(xdrs, &objp->my_id)) + return (FALSE); + return (TRUE); +} + +bool_t +xdr_mon(XDR *xdrs, mon *objp) +{ + + if (!xdr_mon_id(xdrs, &objp->mon_id)) + return (FALSE); + if (!xdr_opaque(xdrs, objp->priv, 16)) + return (FALSE); + return (TRUE); +} + +bool_t +xdr_stat_chge(XDR *xdrs, stat_chge *objp) +{ + + if (!xdr_string(xdrs, &objp->mon_name, SM_MAXSTRLEN)) + return (FALSE); + if (!xdr_int(xdrs, &objp->state)) + return (FALSE); + return (TRUE); +} + +bool_t +xdr_sm_stat(XDR *xdrs, sm_stat *objp) +{ + + if (!xdr_int(xdrs, &objp->state)) + return (FALSE); + return (TRUE); +} + +bool_t +xdr_sm_res(XDR *xdrs, sm_res *objp) +{ + + if (!xdr_enum(xdrs, (enum_t *)objp)) + return (FALSE); + return (TRUE); +} + +bool_t +xdr_sm_stat_res(XDR *xdrs, sm_stat_res *objp) +{ + + if (!xdr_sm_res(xdrs, &objp->res_stat)) + return (FALSE); + if (!xdr_int(xdrs, &objp->state)) + return (FALSE); + return (TRUE); +} + +bool_t +xdr_sm_status(XDR *xdrs, sm_status *objp) +{ + + if (!xdr_string(xdrs, &objp->mon_name, SM_MAXSTRLEN)) + return (FALSE); + if (!xdr_int(xdrs, &objp->state)) + return (FALSE); + if (!xdr_opaque(xdrs, objp->priv, 16)) + return (FALSE); + return (TRUE); +} diff --git a/rpc_lockd.tproj/test.c b/rpc_lockd.tproj/test.c new file mode 100644 index 0000000..b15cf45 --- /dev/null +++ b/rpc_lockd.tproj/test.c @@ -0,0 +1,365 @@ +/* $NetBSD: test.c,v 1.2 1997/10/18 04:01:21 lukem Exp $ */ + +#include +#include +#include +#ifndef lint +#if 0 +static char sccsid[] = "from: @(#)nlm_prot.x 1.8 87/09/21 Copyr 1987 Sun Micro"; +static char sccsid[] = "from: * @(#)nlm_prot.x 2.1 88/08/01 4.0 RPCSRC"; +#else +__RCSID("$NetBSD: test.c,v 1.2 1997/10/18 04:01:21 lukem Exp $"); +static const char rcsid[] = "$FreeBSD: src/usr.sbin/rpc.lockd/test.c,v 1.5 2001/03/19 12:50:09 alfred Exp $"; +#endif +#endif /* not lint */ + +/* Default timeout can be changed using clnt_control() */ +static struct timeval TIMEOUT = { 0, 0 }; + +nlm_testres * +nlm_test_1(argp, clnt) + struct nlm_testargs *argp; + CLIENT *clnt; +{ + static nlm_testres res; + + bzero((char *)&res, sizeof(res)); + if (clnt_call(clnt, NLM_TEST, xdr_nlm_testargs, argp, xdr_nlm_testres, &res, TIMEOUT) != RPC_SUCCESS) { + return (NULL); + } + return (&res); +} + + +nlm_res * +nlm_lock_1(argp, clnt) + struct nlm_lockargs *argp; + CLIENT *clnt; +{ + enum clnt_stat st; + static nlm_res res; + + bzero((char *)&res, sizeof(res)); + if (st = clnt_call(clnt, NLM_LOCK, xdr_nlm_lockargs, argp, xdr_nlm_res, &res, TIMEOUT) != RPC_SUCCESS) { + printf("clnt_call returns %d\n", st); + clnt_perror(clnt, "humbug"); + return (NULL); + } + return (&res); +} + + +nlm_res * +nlm_cancel_1(argp, clnt) + struct nlm_cancargs *argp; + CLIENT *clnt; +{ + static nlm_res res; + + bzero((char *)&res, sizeof(res)); + if (clnt_call(clnt, NLM_CANCEL, xdr_nlm_cancargs, argp, xdr_nlm_res, &res, TIMEOUT) != RPC_SUCCESS) { + return (NULL); + } + return (&res); +} + + +nlm_res * +nlm_unlock_1(argp, clnt) + struct nlm_unlockargs *argp; + CLIENT *clnt; +{ + static nlm_res res; + + bzero((char *)&res, sizeof(res)); + if (clnt_call(clnt, NLM_UNLOCK, xdr_nlm_unlockargs, argp, xdr_nlm_res, &res, TIMEOUT) != RPC_SUCCESS) { + return (NULL); + } + return (&res); +} + + +nlm_res * +nlm_granted_1(argp, clnt) + struct nlm_testargs *argp; + CLIENT *clnt; +{ + static nlm_res res; + + bzero((char *)&res, sizeof(res)); + if (clnt_call(clnt, NLM_GRANTED, xdr_nlm_testargs, argp, xdr_nlm_res, &res, TIMEOUT) != RPC_SUCCESS) { + return (NULL); + } + return (&res); +} + + +void * +nlm_test_msg_1(argp, clnt) + struct nlm_testargs *argp; + CLIENT *clnt; +{ + static char res; + + bzero((char *)&res, sizeof(res)); + if (clnt_call(clnt, NLM_TEST_MSG, xdr_nlm_testargs, argp, xdr_void, &res, TIMEOUT) != RPC_SUCCESS) { + return (NULL); + } + return ((void *)&res); +} + + +void * +nlm_lock_msg_1(argp, clnt) + struct nlm_lockargs *argp; + CLIENT *clnt; +{ + static char res; + + bzero((char *)&res, sizeof(res)); + if (clnt_call(clnt, NLM_LOCK_MSG, xdr_nlm_lockargs, argp, xdr_void, NULL, TIMEOUT) != RPC_SUCCESS) { + clnt_perror(clnt, "nlm_lock_msg_1"); + return (NULL); + } + return ((void *)&res); +} + + +void * +nlm_cancel_msg_1(argp, clnt) + struct nlm_cancargs *argp; + CLIENT *clnt; +{ + static char res; + + bzero((char *)&res, sizeof(res)); + if (clnt_call(clnt, NLM_CANCEL_MSG, xdr_nlm_cancargs, argp, xdr_void, &res, TIMEOUT) != RPC_SUCCESS) { + return (NULL); + } + return ((void *)&res); +} + + +void * +nlm_unlock_msg_1(argp, clnt) + struct nlm_unlockargs *argp; + CLIENT *clnt; +{ + static char res; + + bzero((char *)&res, sizeof(res)); + if (clnt_call(clnt, NLM_UNLOCK_MSG, xdr_nlm_unlockargs, argp, xdr_void, &res, TIMEOUT) != RPC_SUCCESS) { + return (NULL); + } + return ((void *)&res); +} + + +void * +nlm_granted_msg_1(argp, clnt) + struct nlm_testargs *argp; + CLIENT *clnt; +{ + static char res; + + bzero((char *)&res, sizeof(res)); + if (clnt_call(clnt, NLM_GRANTED_MSG, xdr_nlm_testargs, argp, xdr_void, &res, TIMEOUT) != RPC_SUCCESS) { + return (NULL); + } + return ((void *)&res); +} + + +void * +nlm_test_res_1(argp, clnt) + nlm_testres *argp; + CLIENT *clnt; +{ + static char res; + + bzero((char *)&res, sizeof(res)); + if (clnt_call(clnt, NLM_TEST_RES, xdr_nlm_testres, argp, xdr_void, &res, TIMEOUT) != RPC_SUCCESS) { + return (NULL); + } + return ((void *)&res); +} + + +void * +nlm_lock_res_1(argp, clnt) + nlm_res *argp; + CLIENT *clnt; +{ + static char res; + + bzero((char *)&res, sizeof(res)); + if (clnt_call(clnt, NLM_LOCK_RES, xdr_nlm_res, argp, xdr_void, &res, TIMEOUT) != RPC_SUCCESS) { + return (NULL); + } + return ((void *)&res); +} + + +void * +nlm_cancel_res_1(argp, clnt) + nlm_res *argp; + CLIENT *clnt; +{ + static char res; + + bzero((char *)&res, sizeof(res)); + if (clnt_call(clnt, NLM_CANCEL_RES, xdr_nlm_res, argp, xdr_void, &res, TIMEOUT) != RPC_SUCCESS) { + return (NULL); + } + return ((void *)&res); +} + + +void * +nlm_unlock_res_1(argp, clnt) + nlm_res *argp; + CLIENT *clnt; +{ + static char res; + + bzero((char *)&res, sizeof(res)); + if (clnt_call(clnt, NLM_UNLOCK_RES, xdr_nlm_res, argp, xdr_void, &res, TIMEOUT) != RPC_SUCCESS) { + return (NULL); + } + return ((void *)&res); +} + + +void * +nlm_granted_res_1(argp, clnt) + nlm_res *argp; + CLIENT *clnt; +{ + static char res; + + bzero((char *)&res, sizeof(res)); + if (clnt_call(clnt, NLM_GRANTED_RES, xdr_nlm_res, argp, xdr_void, &res, TIMEOUT) != RPC_SUCCESS) { + return (NULL); + } + return ((void *)&res); +} + + +nlm_shareres * +nlm_share_3(argp, clnt) + nlm_shareargs *argp; + CLIENT *clnt; +{ + static nlm_shareres res; + + bzero((char *)&res, sizeof(res)); + if (clnt_call(clnt, NLM_SHARE, xdr_nlm_shareargs, argp, xdr_nlm_shareres, &res, TIMEOUT) != RPC_SUCCESS) { + return (NULL); + } + return (&res); +} + + +nlm_shareres * +nlm_unshare_3(argp, clnt) + nlm_shareargs *argp; + CLIENT *clnt; +{ + static nlm_shareres res; + + bzero((char *)&res, sizeof(res)); + if (clnt_call(clnt, NLM_UNSHARE, xdr_nlm_shareargs, argp, xdr_nlm_shareres, &res, TIMEOUT) != RPC_SUCCESS) { + return (NULL); + } + return (&res); +} + + +nlm_res * +nlm_nm_lock_3(argp, clnt) + nlm_lockargs *argp; + CLIENT *clnt; +{ + static nlm_res res; + + bzero((char *)&res, sizeof(res)); + if (clnt_call(clnt, NLM_NM_LOCK, xdr_nlm_lockargs, argp, xdr_nlm_res, &res, TIMEOUT) != RPC_SUCCESS) { + return (NULL); + } + return (&res); +} + + +void * +nlm_free_all_3(argp, clnt) + nlm_notify *argp; + CLIENT *clnt; +{ + static char res; + + bzero((char *)&res, sizeof(res)); + if (clnt_call(clnt, NLM_FREE_ALL, xdr_nlm_notify, argp, xdr_void, &res, TIMEOUT) != RPC_SUCCESS) { + return (NULL); + } + return ((void *)&res); +} + + +int main(int argc, char **argv) +{ + CLIENT *cli; + nlm_res res_block; + nlm_res *out; + nlm_lockargs arg; + struct timeval tim; + + printf("Creating client for host %s\n", argv[1]); + cli = clnt_create(argv[1], NLM_PROG, NLM_VERS, "udp"); + if (!cli) { + errx(1, "Failed to create client\n"); + /* NOTREACHED */ + } + clnt_control(cli, CLGET_TIMEOUT, &tim); + printf("Default timeout was %d.%d\n", tim.tv_sec, tim.tv_usec); + tim.tv_usec = -1; + tim.tv_sec = -1; + clnt_control(cli, CLSET_TIMEOUT, &tim); + clnt_control(cli, CLGET_TIMEOUT, &tim); + printf("timeout now %d.%d\n", tim.tv_sec, tim.tv_usec); + + + arg.cookie.n_len = 4; + arg.cookie.n_bytes = "hello"; + arg.block = 0; + arg.exclusive = 0; + arg.reclaim = 0; + arg.state = 0x1234; + arg.alock.caller_name = "localhost"; + arg.alock.fh.n_len = 32; + arg.alock.fh.n_bytes = "\x04\x04\x02\x00\x01\x00\x00\x00\x0c\x00\x00\x00\xff\xff\xff\xd0\x16\x00\x00\x5b\x7c\xff\xff\xff\xec\x2f\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x19\x54\xef\xbf\xd7\x94"; + arg.alock.oh.n_len = 8; + arg.alock.oh.n_bytes = "\x00\x00\x02\xff\xff\xff\xd3"; + arg.alock.svid = 0x5678; + arg.alock.l_offset = 0; + arg.alock.l_len = 100; + + res_block.stat.stat = nlm_granted; + res_block.cookie.n_bytes = "hello"; + res_block.cookie.n_len = 5; + +#if 0 + if (nlm_lock_res_1(&res_block, cli)) + printf("Success!\n"); + else + printf("Fail\n"); +#else + if (out = nlm_lock_msg_1(&arg, cli)) { + printf("Success!\n"); + printf("out->stat = %d", out->stat); + } else { + printf("Fail\n"); + } +#endif + + return 0; +} diff --git a/rpc_statd.tproj/Makefile b/rpc_statd.tproj/Makefile new file mode 100644 index 0000000..9aaf140 --- /dev/null +++ b/rpc_statd.tproj/Makefile @@ -0,0 +1,46 @@ +# +# Generated by the NeXT Project Builder. +# +# NOTE: Do NOT change this file -- Project Builder maintains it. +# +# Put all of your customizations in files called Makefile.preamble +# and Makefile.postamble (both optional), and Makefile will include them. +# + +NAME = rpc.statd + +PROJECTVERSION = 2.6 +PROJECT_TYPE = Tool +LANGUAGE = English + +HFILES = statd.h + +CFILES = file.c procs.c statd.c sm_inter_svc.c sm_inter_xdr.c + +OTHERSRCS = Makefile.dist Makefile.preamble Makefile Makefile.postamble\ + test.c rpc.statd.8 + + +MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles +CODE_GEN_STYLE = DYNAMIC +MAKEFILE = tool.make +NEXTSTEP_INSTALLDIR = /usr/sbin +WINDOWS_INSTALLDIR = /usr/sbin +PDO_UNIX_INSTALLDIR = /usr/sbin +LIBS = +DEBUG_LIBS = $(LIBS) +PROF_LIBS = $(LIBS) + + +PB_CFLAGS = + + +include $(MAKEFILEDIR)/platform.make + +-include Makefile.preamble + +include $(MAKEFILEDIR)/$(MAKEFILE) + +-include Makefile.postamble + +-include Makefile.dependencies diff --git a/rpc_statd.tproj/Makefile.dist b/rpc_statd.tproj/Makefile.dist new file mode 100644 index 0000000..ac81b07 --- /dev/null +++ b/rpc_statd.tproj/Makefile.dist @@ -0,0 +1,29 @@ +# $FreeBSD: src/usr.sbin/rpc.statd/Makefile,v 1.14 2002/07/11 18:45:14 alfred Exp $ + +PROG= rpc.statd +MAN= rpc.statd.8 +SRCS= file.c sm_inter_svc.c sm_inter.h statd.c procs.c + +CFLAGS+= -I. + +DPADD= ${LIBRPCSVC} +LDADD= -lrpcsvc + +CLEANFILES= sm_inter_svc.c sm_inter.h + +RPCSRC= ${DESTDIR}/usr/include/rpcsvc/sm_inter.x +RPCGEN= rpcgen -L -C + +WARNS?= 4 +NO_WERROR= 1 + +sm_inter_svc.c: ${RPCSRC} + ${RPCGEN} -m -o ${.TARGET} ${RPCSRC} + +sm_inter.h: ${RPCSRC} + ${RPCGEN} -h -o ${.TARGET} ${RPCSRC} + +test: test.c + cc -o test test.c -lrpcsvc + +.include diff --git a/rpc_statd.tproj/Makefile.postamble b/rpc_statd.tproj/Makefile.postamble new file mode 100644 index 0000000..4f50419 --- /dev/null +++ b/rpc_statd.tproj/Makefile.postamble @@ -0,0 +1,3 @@ +install-man-page: + install -d $(DSTROOT)/usr/share/man/man8 + install -c -m 644 rpc.statd.8 $(DSTROOT)/usr/share/man/man8/rpc.statd.8 diff --git a/rpc_statd.tproj/Makefile.preamble b/rpc_statd.tproj/Makefile.preamble new file mode 100644 index 0000000..263ad05 --- /dev/null +++ b/rpc_statd.tproj/Makefile.preamble @@ -0,0 +1,3 @@ +OTHER_GENERATED_OFILES = $(VERS_OFILE) +-include ../Makefile.include +AFTER_INSTALL += install-man-page diff --git a/rpc_statd.tproj/PB.project b/rpc_statd.tproj/PB.project new file mode 100644 index 0000000..e2d6e32 --- /dev/null +++ b/rpc_statd.tproj/PB.project @@ -0,0 +1,36 @@ +{ + BUILDDIR = ""; + BUILDTOOL = /bin/gnumake; + FILESTABLE = { + C_FILES = (); + H_FILES = ( statd.h ); + M_FILES = (); + OTHER_LIBS = (); + OTHER_LINKED = ( + file.c, + procs.c, + statd.c, + sm_inter_svc.c, + sm_inter_xdr.c + ); + OTHER_SOURCES = ( + Makefile.dist, + Makefile.preamble, + Makefile, + Makefile.postamble, + test.c, + rpc.statd.8 + ); + SUBPROJECTS = (); + }; + LANGUAGE = English; + LOCALIZABLE_FILES = {}; + COMPILEROPTIONS = ""; + LINKEROPTIONS = ""; + NEXTSTEP_INSTALLDIR = /usr/sbin; + PDO_UNIX_INSTALLDIR = /usr/sbin; + PROJECTNAME = rpc.statd; + PROJECTTYPE = Tool; + PROJECTVERSION = 2.6; + WINDOWS_INSTALLDIR = /usr/sbin; +} diff --git a/rpc_statd.tproj/file.c b/rpc_statd.tproj/file.c new file mode 100644 index 0000000..f8d94c7 --- /dev/null +++ b/rpc_statd.tproj/file.c @@ -0,0 +1,335 @@ +/* + * Copyright (c) 1995 + * A.R. Gordon (andrew.gordon@net-tel.co.uk). All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed for the FreeBSD project + * 4. Neither the name of the author nor the names of any co-contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY ANDREW GORDON AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + * + */ + +#include +#include +#include +#include +#include +#include +#include +#include /* For mmap() */ +#include +#include +#include + +#include "statd.h" + +FileLayout *status_info; /* Pointer to the mmap()ed status file */ +static int status_fd; /* File descriptor for the open file */ +static off_t status_file_len; /* Current on-disc length of file */ + +/* sync_file --------------------------------------------------------------- */ +/* + Purpose: Packaged call of msync() to flush changes to mmap()ed file + Returns: Nothing. Errors to syslog. +*/ + +void sync_file(void) +{ + if (msync((void *)status_info, status_file_len, MS_SYNC) < 0 && + msync((void *)status_info, status_file_len, MS_SYNC) < 0) + { + syslog(LOG_ERR, "msync() failed: %s", strerror(errno)); + } +} + +/* find_host -------------------------------------------------------------- */ +/* + Purpose: Find the entry in the status file for a given host + Returns: Pointer to that entry in the mmap() region, or NULL. + Notes: Also creates entries if requested. + Failure to create also returns NULL. +*/ + +HostInfo *find_host(char *hostname, int create) +{ + HostInfo *hp; + HostInfo *spare_slot = NULL; + HostInfo *result = NULL; + int i; + + for (i = 0, hp = status_info->hosts; i < status_info->noOfHosts; i++, hp++) + { + if (!strncasecmp(hostname, hp->hostname, SM_MAXSTRLEN)) + { + result = hp; + break; + } + if (!spare_slot && !hp->monList && !hp->notifyReqd) + spare_slot = hp; + } + + /* Return if entry found, or if not asked to create one. */ + if (result || !create) return (result); + + /* Now create an entry, using the spare slot if one was found or */ + /* adding to the end of the list otherwise, extending file if reqd */ + if (!spare_slot) + { + off_t desired_size; + spare_slot = &status_info->hosts[status_info->noOfHosts]; + desired_size = ((char*)spare_slot - (char*)status_info) + sizeof(HostInfo); + if (desired_size > status_file_len) + { + /* Extend file by writing 1 byte of junk at the desired end pos */ + lseek(status_fd, desired_size - 1, SEEK_SET); + i = write(status_fd, &i, 1); + if (i < 1) + { + syslog(LOG_ERR, "Unable to extend status file"); + return (NULL); + } + status_file_len = desired_size; + } + status_info->noOfHosts++; + } + + /* Initialise the spare slot that has been found/created */ + /* Note that we do not msync(), since the caller is presumed to be */ + /* about to modify the entry further */ + memset(spare_slot, 0, sizeof(HostInfo)); + strncpy(spare_slot->hostname, hostname, SM_MAXSTRLEN); + return (spare_slot); +} + +/* init_file -------------------------------------------------------------- */ +/* + Purpose: Open file, create if necessary, initialise it. + Returns: Nothing - exits on error + Notes: Called before process becomes daemon, hence logs to + stderr rather than syslog. + Opens the file, then mmap()s it for ease of access. + Also performs initial clean-up of the file, zeroing + monitor list pointers, setting the notifyReqd flag in + all hosts that had a monitor list, and incrementing + the state number to the next even value. +*/ + +void init_file(const char *filename) +{ + int new_file = FALSE; + char buf[HEADER_LEN]; + int i; + + /* try to open existing file - if not present, create one */ + status_fd = open(filename, O_RDWR); + if ((status_fd < 0) && (errno == ENOENT)) + { + status_fd = open(filename, O_RDWR | O_CREAT, 0644); + new_file = TRUE; + } + if (status_fd < 0) + errx(1, "unable to open status file %s", filename); + + /* File now open. mmap() it, with a generous size to allow for */ + /* later growth, where we will extend the file but not re-map it. */ + status_info = (FileLayout *) + mmap(NULL, 0x10000000, PROT_READ | PROT_WRITE, MAP_SHARED, status_fd, 0); + + if (status_info == (FileLayout *) MAP_FAILED) + warn("unable to mmap() status file"); + + status_file_len = lseek(status_fd, 0L, SEEK_END); + + /* If the file was not newly created, validate the contents, and if */ + /* defective, re-create from scratch. */ + if (!new_file) + { + if ((status_file_len < HEADER_LEN) || (status_file_len + < (HEADER_LEN + sizeof(HostInfo) * status_info->noOfHosts)) ) + { + warnx("status file is corrupt"); + new_file = TRUE; + } + } + + /* Initialisation of a new, empty file. */ + if (new_file) + { + memset(buf, 0, sizeof(buf)); + lseek(status_fd, 0L, SEEK_SET); + write(status_fd, buf, HEADER_LEN); + status_file_len = HEADER_LEN; + } + else + { + /* Clean-up of existing file - monitored hosts will have a pointer */ + /* to a list of clients, which refers to memory in the previous */ + /* incarnation of the program and so are meaningless now. These */ + /* pointers are zeroed and the fact that the host was previously */ + /* monitored is recorded by setting the notifyReqd flag, which will */ + /* in due course cause a SM_NOTIFY to be sent. */ + /* Note that if we crash twice in quick succession, some hosts may */ + /* already have notifyReqd set, where we didn't manage to notify */ + /* them before the second crash occurred. */ + for (i = 0; i < status_info->noOfHosts; i++) + { + HostInfo *this_host = &status_info->hosts[i]; + + if (this_host->monList) + { + this_host->notifyReqd = TRUE; + this_host->monList = NULL; + } + } + /* Select the next higher even number for the state counter */ + status_info->ourState = (status_info->ourState + 2) & 0xfffffffe; + status_info->ourState++; + } + sync_file(); +} + +/* notify_one_host --------------------------------------------------------- */ +/* + Purpose: Perform SM_NOTIFY procedure at specified host + Returns: TRUE if success, FALSE if failed. +*/ + +static int notify_one_host(char *hostname) +{ + struct timeval timeout = { 20, 0 }; /* 20 secs timeout */ + CLIENT *cli; + char dummy; + stat_chge arg; + char our_hostname[SM_MAXSTRLEN+1]; + + gethostname(our_hostname, sizeof(our_hostname)); + our_hostname[SM_MAXSTRLEN] = '\0'; + arg.mon_name = our_hostname; + arg.state = status_info->ourState; + + if (debug) syslog (LOG_DEBUG, "Sending SM_NOTIFY to host %s from %s", hostname, our_hostname); + + cli = clnt_create(hostname, SM_PROG, SM_VERS, "udp"); + if (!cli) + { + syslog(LOG_ERR, "Failed to contact host %s%s", hostname, + clnt_spcreateerror("")); + return (FALSE); + } + + if (clnt_call(cli, SM_NOTIFY, xdr_stat_chge, &arg, xdr_void, &dummy, timeout) + != RPC_SUCCESS) + { + syslog(LOG_ERR, "Failed to contact rpc.statd at host %s", hostname); + clnt_destroy(cli); + return (FALSE); + } + + clnt_destroy(cli); + return (TRUE); +} + +/* notify_hosts ------------------------------------------------------------ */ +/* + Purpose: Send SM_NOTIFY to all hosts marked as requiring it + Returns: Nothing, immediately - forks a process to do the work. + Notes: Does nothing if there are no monitored hosts. + Called after all the initialisation has been done - + logs to syslog. +*/ + +void notify_hosts(void) +{ + int i; + int attempts; + int work_to_do = FALSE; + HostInfo *hp; + pid_t pid; + + /* First check if there is in fact any work to do. */ + for (i = status_info->noOfHosts, hp = status_info->hosts; i ; i--, hp++) + { + if (hp->notifyReqd) + { + work_to_do = TRUE; + break; + } + } + + if (!work_to_do) return; /* No work found */ + + pid = fork(); + if (pid == -1) + { + syslog(LOG_ERR, "Unable to fork notify process - %s", strerror(errno)); + return; + } + if (pid) return; + + if (claim_pid_file("/var/run/statd.notify.pid", 1) < 0) + errx(1, "unable to claim notify pid file"); + + /* Here in the child process. We continue until all the hosts marked */ + /* as requiring notification have been duly notified. */ + /* If one of the initial attempts fails, we sleep for a while and */ + /* have another go. This is necessary because when we have crashed, */ + /* (eg. a power outage) it is quite possible that we won't be able to */ + /* contact all monitored hosts immediately on restart, either because */ + /* they crashed too and take longer to come up (in which case the */ + /* notification isn't really required), or more importantly if some */ + /* router etc. needed to reach the monitored host has not come back */ + /* up yet. In this case, we will be a bit late in re-establishing */ + /* locks (after the grace period) but that is the best we can do. */ + /* We try 10 times at 5 sec intervals, 10 more times at 1 minute */ + /* intervals, then 24 more times at hourly intervals, finally */ + /* giving up altogether if the host hasn't come back to life after */ + /* 24 hours. */ + + for (attempts = 0; attempts < 44; attempts++) + { + work_to_do = FALSE; /* Unless anything fails */ + for (i = status_info->noOfHosts, hp = status_info->hosts; i ; i--, hp++) + { + if (hp->notifyReqd) + { + if (notify_one_host(hp->hostname)) + { + hp->notifyReqd = FALSE; + sync_file(); + } + else work_to_do = TRUE; + } + } + if (!work_to_do) break; + if (attempts < 10) sleep(5); + else if (attempts < 20) sleep(60); + else sleep(60*60); + } + exit(0); +} + + diff --git a/rpc_statd.tproj/procs.c b/rpc_statd.tproj/procs.c new file mode 100644 index 0000000..74aed60 --- /dev/null +++ b/rpc_statd.tproj/procs.c @@ -0,0 +1,424 @@ +/* + * Copyright (c) 1995 + * A.R. Gordon (andrew.gordon@net-tel.co.uk). All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed for the FreeBSD project + * 4. Neither the name of the author nor the names of any co-contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY ANDREW GORDON AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + */ + +#ifndef lint +static const char rcsid[] = + "$FreeBSD$"; +#endif /* not lint */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include /* for getaddrinfo() */ +#include +#include +#include +#include + +#include "statd.h" + +/* sm_check_hostname -------------------------------------------------------- */ +/* + * Purpose: Check `mon_name' member of sm_name struct to ensure that the array + * consists only of printable characters. + * + * Returns: TRUE if hostname is good. FALSE if hostname contains binary or + * otherwise non-printable characters. + * + * Notes: Will syslog(3) to warn of corrupt hostname. + */ + +int sm_check_hostname(struct svc_req *req, char *arg) +{ + int len, dstlen, ret; + struct sockaddr_in *claddr; + char *dst; + + len = strlen(arg); + dstlen = (4 * len) + 1; + dst = malloc(dstlen); + claddr = svc_getcaller(req->rq_xprt); + ret = 1; + + if (claddr == NULL || dst == NULL) + { + ret = 0; + } + else if (strvis(dst, arg, VIS_WHITE) != len) + { + syslog(LOG_ERR, + "sm_stat: client %s hostname %s contained invalid characters.", + inet_ntoa(claddr->sin_addr), + dst); + ret = 0; + } + free(dst); + return (ret); +} + +/* sm_stat_1 --------------------------------------------------------------- */ +/* + Purpose: RPC call to enquire if a host can be monitored + Returns: TRUE for any hostname that can be looked up to give + an address. +*/ + +struct sm_stat_res *sm_stat_1_svc(sm_name *arg, struct svc_req *req) +{ + static sm_stat_res res; + struct addrinfo *ai; + struct sockaddr_in *claddr; + static int err; + + err = 1; + if ((err = sm_check_hostname(req, arg->mon_name)) == 0) + { + res.res_stat = stat_fail; + } + if (err != 0) + { + if (debug) + syslog(LOG_DEBUG, "stat called for host %s", arg->mon_name); + if (getaddrinfo(arg->mon_name, NULL, NULL, &ai) == 0) { + res.res_stat = stat_succ; + freeaddrinfo(ai); + } + else + { + claddr = svc_getcaller(req->rq_xprt); + syslog(LOG_ERR, "invalid hostname to sm_stat from %s: %s", + inet_ntoa(claddr->sin_addr), arg->mon_name); + res.res_stat = stat_fail; + } + } + res.state = status_info->ourState; + return (&res); +} + +/* sm_mon_1 ---------------------------------------------------------------- */ +/* + Purpose: RPC procedure to establish a monitor request + Returns: Success, unless lack of resources prevents + the necessary structures from being set up + to record the request, or if the hostname is not + valid (as judged by getaddrinfo()) +*/ + +struct sm_stat_res *sm_mon_1_svc(mon *arg, struct svc_req *req) +{ + static sm_stat_res res; + HostInfo *hp; + static int err; + MonList *lp; + struct addrinfo *ai; + + if ((err = sm_check_hostname(req, arg->mon_id.mon_name)) == 0) + { + res.res_stat = stat_fail; + } + + if (err != 0) + { + if (debug) + { + syslog(LOG_DEBUG, "monitor request for host %s", arg->mon_id.mon_name); + syslog(LOG_DEBUG, "recall host: %s prog: %d ver: %d proc: %d", + arg->mon_id.mon_name, + arg->mon_id.my_id.my_prog, arg->mon_id.my_id.my_vers, + arg->mon_id.my_id.my_proc); + } + res.res_stat = stat_fail; /* Assume fail until set otherwise */ + res.state = status_info->ourState; + + /* Find existing host entry, or create one if not found */ + /* If find_host() fails, it will have logged the error already. */ + if (getaddrinfo(arg->mon_id.mon_name, NULL, NULL, &ai) != 0) + { + syslog(LOG_ERR, "Invalid hostname to sm_mon: %s", arg->mon_id.mon_name); + return (&res); + } + freeaddrinfo(ai); + if ((hp = find_host(arg->mon_id.mon_name, TRUE))) + { + lp = (MonList *)malloc(sizeof(MonList)); + if (!lp) + { + syslog(LOG_ERR, "Out of memory"); + } + else + { + strncpy(lp->notifyHost, arg->mon_id.my_id.my_name, SM_MAXSTRLEN); + lp->notifyProg = arg->mon_id.my_id.my_prog; + lp->notifyVers = arg->mon_id.my_id.my_vers; + lp->notifyProc = arg->mon_id.my_id.my_proc; + memcpy(lp->notifyData, arg->priv, sizeof(lp->notifyData)); + + lp->next = hp->monList; + hp->monList = lp; + sync_file(); + + res.res_stat = stat_succ; /* Report success */ + } + } + } + return (&res); +} + +/* do_unmon ---------------------------------------------------------------- */ +/* + Purpose: Remove a monitor request from a host + Returns: TRUE if found, FALSE if not found. + Notes: Common code from sm_unmon_1_svc and sm_unmon_all_1_svc + In the unlikely event of more than one identical monitor + request, all are removed. +*/ + +static int do_unmon(HostInfo *hp, my_id *idp) +{ + MonList *lp, *next; + MonList *last = NULL; + int result = FALSE; + + lp = hp->monList; + while (lp) + { + if (!strncasecmp(idp->my_name, lp->notifyHost, SM_MAXSTRLEN) + && (idp->my_prog == lp->notifyProg) && (idp->my_proc == lp->notifyProc) + && (idp->my_vers == lp->notifyVers)) + { + /* found one. Unhook from chain and free. */ + next = lp->next; + if (last) last->next = next; + else hp->monList = next; + free(lp); + lp = next; + result = TRUE; + } + else + { + last = lp; + lp = lp->next; + } + } + return (result); +} + +/* sm_unmon_1 -------------------------------------------------------------- */ +/* + Purpose: RPC procedure to release a monitor request. + Returns: Local machine's status number + Notes: The supplied mon_id should match the value passed in an + earlier call to sm_mon_1 +*/ + +struct sm_stat *sm_unmon_1_svc(mon_id *arg, struct svc_req *req __unused) +{ + static sm_stat res; + HostInfo *hp; + + if (debug) + { + syslog(LOG_DEBUG, "un-monitor request for host %s", arg->mon_name); + syslog(LOG_DEBUG, "recall host: %s prog: %d ver: %d proc: %d", + arg->mon_name, + arg->my_id.my_prog, arg->my_id.my_vers, arg->my_id.my_proc); + } + + if ((hp = find_host(arg->mon_name, FALSE))) + { + if (do_unmon(hp, &arg->my_id)) sync_file(); + else + { + syslog(LOG_ERR, "unmon request from %s, no matching monitor", + arg->my_id.my_name); + } + } + else syslog(LOG_ERR, "unmon request from %s for unknown host %s", + arg->my_id.my_name, arg->mon_name); + + res.state = status_info->ourState; + + return (&res); +} + +/* sm_unmon_all_1 ---------------------------------------------------------- */ +/* + Purpose: RPC procedure to release monitor requests. + Returns: Local machine's status number + Notes: Releases all monitor requests (if any) from the specified + host and program number. +*/ + +struct sm_stat *sm_unmon_all_1_svc(my_id *arg, struct svc_req *req __unused) +{ + static sm_stat res; + HostInfo *hp; + int i; + + if (debug) + { + syslog(LOG_DEBUG, "unmon_all for host: %s prog: %d ver: %d proc: %d", + arg->my_name, arg->my_prog, arg->my_vers, arg->my_proc); + } + + for (i = status_info->noOfHosts, hp = status_info->hosts; i; i--, hp++) + { + do_unmon(hp, arg); + } + sync_file(); + + res.state = status_info->ourState; + + return (&res); +} + +/* sm_simu_crash_1 --------------------------------------------------------- */ +/* + Purpose: RPC procedure to simulate a crash + Returns: Nothing + Notes: Standardised mechanism for debug purposes + The specification says that we should drop all of our + status information (apart from the list of monitored hosts + on disc). However, this would confuse the rpc.lockd + which would be unaware that all of its monitor requests + had been silently junked. Hence we in fact retain all + current requests and simply increment the status counter + and inform all hosts on the monitor list. +*/ + +void *sm_simu_crash_1_svc(void *v __unused, struct svc_req *req __unused) +{ + static char dummy; + int work_to_do = FALSE; + HostInfo *hp; + int i; + + if (debug) syslog(LOG_DEBUG, "simu_crash called!!"); + + /* Simulate crash by setting notify-required flag on all monitored */ + /* hosts, and incrementing our status number. notify_hosts() is */ + /* then called to fork a process to do the notifications. */ + + for (i = status_info->noOfHosts, hp = status_info->hosts; i ; i--, hp++) + { + if (hp->monList) + { + work_to_do = TRUE; + hp->notifyReqd = TRUE; + } + } + status_info->ourState += 2; /* always even numbers if not crashed */ + + if (work_to_do) notify_hosts(); + + return (&dummy); +} + +/* sm_notify_1 ------------------------------------------------------------- */ +/* + Purpose: RPC procedure notifying local statd of the crash of another + Returns: Nothing + Notes: There is danger of deadlock, since it is quite likely that + the client procedure that we call will in turn call us + to remove or adjust the monitor request. + We therefore fork() a process to do the notifications. + Note that the main HostInfo structure is in a mmap() + region and so will be shared with the child, but the + monList pointed to by the HostInfo is in normal memory. + Hence if we read the monList before forking, we are + protected from the parent servicing other requests + that modify the list. +*/ + +void *sm_notify_1_svc(stat_chge *arg, struct svc_req *req __unused) +{ + struct timeval timeout = { 20, 0 }; /* 20 secs timeout */ + CLIENT *cli; + static char dummy; + sm_status tx_arg; /* arg sent to callback procedure */ + MonList *lp; + HostInfo *hp; + pid_t pid; + + if (debug) syslog(LOG_DEBUG, "notify from host %s, new state %d", + arg->mon_name, arg->state); + + hp = find_host(arg->mon_name, FALSE); + if (!hp) + { + /* Never heard of this host - why is it notifying us? */ + syslog(LOG_ERR, "Unsolicited notification from host %s", arg->mon_name); + return (&dummy); + } + lp = hp->monList; + if (!lp) return (&dummy); /* We know this host, but have no */ + /* outstanding requests. */ + pid = fork(); + if (pid == -1) + { + syslog(LOG_ERR, "Unable to fork notify process - %s", strerror(errno)); + return (NULL); /* no answer, the client will retry */ + } + if (pid) return (&dummy); /* Parent returns */ + + while (lp) + { + tx_arg.mon_name = arg->mon_name; + tx_arg.state = arg->state; + memcpy(tx_arg.priv, lp->notifyData, sizeof(tx_arg.priv)); + cli = clnt_create(lp->notifyHost, lp->notifyProg, lp->notifyVers, "udp"); + if (!cli) + { + syslog(LOG_ERR, "Failed to contact host %s%s", lp->notifyHost, + clnt_spcreateerror("")); + } + else + { + if (clnt_call(cli, lp->notifyProc, xdr_sm_status, &tx_arg, xdr_void, + &dummy, timeout) != RPC_SUCCESS) + { + syslog(LOG_ERR, "Failed to call rpc.statd client at host %s", + lp->notifyHost); + } + clnt_destroy(cli); + } + lp = lp->next; + } + + exit (0); /* Child quits */ +} diff --git a/rpc_statd.tproj/rpc.statd.8 b/rpc_statd.tproj/rpc.statd.8 new file mode 100644 index 0000000..10adc5a --- /dev/null +++ b/rpc_statd.tproj/rpc.statd.8 @@ -0,0 +1,112 @@ +.\" -*- nroff -*- +.\" +.\" Copyright (c) 1995 A.R.Gordon, andrew.gordon@net-tel.co.uk +.\" All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. All advertising materials mentioning features or use of this software +.\" must display the following acknowledgement: +.\" This product includes software developed by the University of +.\" California, Berkeley and its contributors. +.\" 4. Neither the name of the University nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $FreeBSD$ +.\" +.Dd September 19, 1995 +.Dt RPC.STATD 8 +.Os +.Sh NAME +.Nm rpc.statd +.Nd host status monitoring daemon +.Sh SYNOPSIS +.Nm +.Op Fl d +.Sh DESCRIPTION +The +.Nm +utility +is a daemon which co-operates with +.Nm +daemons on other hosts to provide +a status monitoring service. The daemon accepts requests from +programs running on the local host (typically, +.Xr rpc.lockd 8 , +the NFS file locking daemon) to monitor the status of specified +hosts. If a monitored host crashes and restarts, the remote daemon will +notify the local daemon, which in turn will notify the local program(s) +which requested the monitoring service. Conversely, if this host crashes +and re-starts, when the +.Nm +re-starts, it will notify all of the hosts which were being monitored +at the time of the crash. +.Pp +The following option is available: +.Bl -tag -width indent +.It Fl d +Cause debugging information to be written to syslog, recording +all RPC transactions to the daemon. These messages are logged with level +LOG_DEBUG and facility LOG_DAEMON. Error conditions are logged irrespective +of this option, using level LOG_ERR. +.It Fl n +Just send SM_NOTIFY messages to notify any hosts of a restart. +Do not start daemon. +.El +.Pp +The +.Nm +utility must NOT be invoked by +.Xr inetd 8 +because the protocol assumes that the daemon will run from system start time. +Instead, it should be run from +.Xr rc 8 +after the network has been started. +.Sh FILES +.Bl -tag -width /usr/include/rpcsvc/sm_inter.x -compact +.It Pa /var/db/statd.status +non-volatile record of currently monitored hosts. +.It Pa /usr/include/rpcsvc/sm_inter.x +RPC protocol specification used by local applications to register monitoring requests. +.El +.Sh SEE ALSO +.Xr syslog 3 , +.Xr rc 8 , +.Xr rpc.lockd 8 +.Sh BUGS +There is no means for the daemon to tell when a monitored host has +disappeared permanently (eg. catastrophic hardware failure), as opposed +to transient failure of the host or an intermediate router. At present, +it will re-try notification attempts at frequent intervals for 10 minutes, +then hourly, and finally gives up after 24 hours. +.Pp +The protocol requires that symmetric monitor requests are made to both +the local and remote daemon in order to establish a monitored relationship. +This is convenient for the NFS locking protocol, but probably reduces the +usefulness of the monitoring system for other applications. +.Pp +The current implementation uses more than 1Kbyte per monitored host in +the status file (and also in VM). This may be inefficient for NFS servers +with large numbers of clients. +.Sh STANDARDS +The implementation is based on the specification in X/Open CAE Specification +C218, "Protocols for X/Open PC Interworking: XNFS, Issue 4", ISBN 1 872630 66 9 diff --git a/rpc_statd.tproj/sm_inter_svc.c b/rpc_statd.tproj/sm_inter_svc.c new file mode 100644 index 0000000..201921f --- /dev/null +++ b/rpc_statd.tproj/sm_inter_svc.c @@ -0,0 +1,115 @@ +/* + * Please do not edit this file. + * It was generated using rpcgen. + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#ifdef __cplusplus +#include +#endif /* __cplusplus */ +#include +#include +#include +#include + +#ifdef __STDC__ +#define SIG_PF void(*)(int) +#endif + +#ifdef DEBUG +#define RPC_SVC_FG +#endif + +#define _RPCSVC_CLOSEDOWN 120 +#ifndef lint +/*static char sccsid[] = "from: @(#)sm_inter.x 1.7 87/06/24 Copyr 1987 Sun Micro";*/ +/*static char sccsid[] = "from: @(#)sm_inter.x 2.2 88/08/01 4.0 RPCSRC";*/ +static char rcsid[] = "$Id: sm_inter_svc.c,v 1.2 2002/09/27 05:04:10 lindak Exp $"; +#endif /* not lint */ + +void sm_prog_1(struct svc_req *rqstp, SVCXPRT *transp); + +void +sm_prog_1(struct svc_req *rqstp, SVCXPRT *transp) +{ + union { + struct sm_name sm_stat_1_arg; + struct mon sm_mon_1_arg; + struct mon_id sm_unmon_1_arg; + struct my_id sm_unmon_all_1_arg; + struct stat_chge sm_notify_1_arg; + } argument; + char *result; + xdrproc_t xdr_argument, xdr_result; + char *(*local)(char *, struct svc_req *); + + switch (rqstp->rq_proc) { + case NULLPROC: + (void) svc_sendreply(transp, (xdrproc_t) xdr_void, (char *)NULL); + return; + + case SM_STAT: + xdr_argument = (xdrproc_t) xdr_sm_name; + xdr_result = (xdrproc_t) xdr_sm_stat_res; + local = (char *(*)(char *, struct svc_req *)) sm_stat_1_svc; + break; + + case SM_MON: + xdr_argument = (xdrproc_t) xdr_mon; + xdr_result = (xdrproc_t) xdr_sm_stat_res; + local = (char *(*)(char *, struct svc_req *)) sm_mon_1_svc; + break; + + case SM_UNMON: + xdr_argument = (xdrproc_t) xdr_mon_id; + xdr_result = (xdrproc_t) xdr_sm_stat; + local = (char *(*)(char *, struct svc_req *)) sm_unmon_1_svc; + break; + + case SM_UNMON_ALL: + xdr_argument = (xdrproc_t) xdr_my_id; + xdr_result = (xdrproc_t) xdr_sm_stat; + local = (char *(*)(char *, struct svc_req *)) sm_unmon_all_1_svc; + break; + + case SM_SIMU_CRASH: + xdr_argument = (xdrproc_t) xdr_void; + xdr_result = (xdrproc_t) xdr_void; + local = (char *(*)(char *, struct svc_req *)) sm_simu_crash_1_svc; + break; + + case SM_NOTIFY: + xdr_argument = (xdrproc_t) xdr_stat_chge; + xdr_result = (xdrproc_t) xdr_void; + local = (char *(*)(char *, struct svc_req *)) sm_notify_1_svc; + break; + + default: + svcerr_noproc(transp); + return; + } + (void) memset((char *)&argument, 0, sizeof (argument)); + if (!svc_getargs(transp, xdr_argument, (caddr_t) &argument)) { + svcerr_decode(transp); + return; + } + result = (*local)((char *)&argument, rqstp); + if (result != NULL && !svc_sendreply(transp, xdr_result, result)) { + svcerr_systemerr(transp); + } + if (!svc_freeargs(transp, xdr_argument, (caddr_t) &argument)) { + syslog(LOG_ERR, "unable to free arguments"); + exit(1); + } + return; +} diff --git a/rpc_statd.tproj/sm_inter_xdr.c b/rpc_statd.tproj/sm_inter_xdr.c new file mode 100644 index 0000000..b9b887b --- /dev/null +++ b/rpc_statd.tproj/sm_inter_xdr.c @@ -0,0 +1,110 @@ +/* + * Please do not edit this file. + * It was generated using rpcgen. + */ + +#include +#ifndef lint +/*static char sccsid[] = "from: @(#)sm_inter.x 1.7 87/06/24 Copyr 1987 Sun Micro";*/ +/*static char sccsid[] = "from: @(#)sm_inter.x 2.2 88/08/01 4.0 RPCSRC";*/ +static char rcsid[] = "$Id: sm_inter_xdr.c,v 1.2 2002/09/27 05:04:10 lindak Exp $"; +#endif /* not lint */ + +bool_t +xdr_sm_name(XDR *xdrs, sm_name *objp) +{ + + if (!xdr_string(xdrs, &objp->mon_name, SM_MAXSTRLEN)) + return (FALSE); + return (TRUE); +} + +bool_t +xdr_my_id(XDR *xdrs, my_id *objp) +{ + + if (!xdr_string(xdrs, &objp->my_name, SM_MAXSTRLEN)) + return (FALSE); + if (!xdr_int(xdrs, &objp->my_prog)) + return (FALSE); + if (!xdr_int(xdrs, &objp->my_vers)) + return (FALSE); + if (!xdr_int(xdrs, &objp->my_proc)) + return (FALSE); + return (TRUE); +} + +bool_t +xdr_mon_id(XDR *xdrs, mon_id *objp) +{ + + if (!xdr_string(xdrs, &objp->mon_name, SM_MAXSTRLEN)) + return (FALSE); + if (!xdr_my_id(xdrs, &objp->my_id)) + return (FALSE); + return (TRUE); +} + +bool_t +xdr_mon(XDR *xdrs, mon *objp) +{ + + if (!xdr_mon_id(xdrs, &objp->mon_id)) + return (FALSE); + if (!xdr_opaque(xdrs, objp->priv, 16)) + return (FALSE); + return (TRUE); +} + +bool_t +xdr_stat_chge(XDR *xdrs, stat_chge *objp) +{ + + if (!xdr_string(xdrs, &objp->mon_name, SM_MAXSTRLEN)) + return (FALSE); + if (!xdr_int(xdrs, &objp->state)) + return (FALSE); + return (TRUE); +} + +bool_t +xdr_sm_stat(XDR *xdrs, sm_stat *objp) +{ + + if (!xdr_int(xdrs, &objp->state)) + return (FALSE); + return (TRUE); +} + +bool_t +xdr_sm_res(XDR *xdrs, sm_res *objp) +{ + + if (!xdr_enum(xdrs, (enum_t *)objp)) + return (FALSE); + return (TRUE); +} + +bool_t +xdr_sm_stat_res(XDR *xdrs, sm_stat_res *objp) +{ + + if (!xdr_sm_res(xdrs, &objp->res_stat)) + return (FALSE); + if (!xdr_int(xdrs, &objp->state)) + return (FALSE); + return (TRUE); +} + +bool_t +xdr_sm_status(XDR *xdrs, sm_status *objp) +{ + + if (!xdr_string(xdrs, &objp->mon_name, SM_MAXSTRLEN)) + return (FALSE); + if (!xdr_int(xdrs, &objp->state)) + return (FALSE); + if (!xdr_opaque(xdrs, objp->priv, 16)) + return (FALSE); + return (TRUE); +} diff --git a/rpc_statd.tproj/statd.c b/rpc_statd.tproj/statd.c new file mode 100644 index 0000000..a0d2478 --- /dev/null +++ b/rpc_statd.tproj/statd.c @@ -0,0 +1,268 @@ +/* + * Copyright (c) 1995 + * A.R. Gordon (andrew.gordon@net-tel.co.uk). All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed for the FreeBSD project + * 4. Neither the name of the author nor the names of any co-contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY ANDREW GORDON AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + */ + +#ifndef lint +static const char rcsid[] = + "$FreeBSD$"; +#endif /* not lint */ + +/* main() function for status monitor daemon. Some of the code in this */ +/* file was generated by running rpcgen /usr/include/rpcsvc/sm_inter.x */ +/* The actual program logic is in the file procs.c */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include "statd.h" + +int debug = 0; /* Controls syslog() calls for debug messages */ +int notify_only = 0; /* only send SM_NOTIFY messages */ +const char *pid_file = NULL; /* name of any pid file that has been claimed */ + +extern void sm_prog_1(struct svc_req *rqstp, SVCXPRT *transp); +static void handle_sigchld(int sig); +static void handle_sig_cleanup(int sig); +static void cleanup_pid_file(void); +static void usage(void); + +int +main(int argc, char **argv) +{ + SVCXPRT *transp; + struct sigaction sa; + int c; + struct timespec ts; + + while ((c = getopt(argc, argv, "dn")) != EOF) + switch (c) { + case 'd': + debug = 1; + break; + case 'n': + notify_only = 1; + break; + default: + usage(); + } + + /* Install signal handler to remove any pid file */ + signal(SIGINT, handle_sig_cleanup); + signal(SIGTERM, handle_sig_cleanup); + signal(SIGHUP, handle_sig_cleanup); + signal(SIGQUIT, handle_sig_cleanup); + + init_file("/var/db/statd.status"); + + openlog("rpc.statd", 0, LOG_DAEMON); + + if (notify_only) { + notify_hosts(); + exit(0); + } + + /* Note that it is NOT sensible to run this program from inetd - the */ + /* protocol assumes that it will run immediately at boot time. */ + daemon(0, 0); + + if (claim_pid_file("/var/run/statd.pid", 0) < 0) + errx(1, "rpc.statd already running"); + + /* start portmapper, in case it hasn't been started yet */ + system("portmap"); + /* sleep a little to give portmap a chance to start */ + /* (better to sleep 50ms now than to timeout on portmap calls) */ + ts.tv_sec = 0; + ts.tv_nsec = 50*1000*1000; + nanosleep(&ts, NULL); + + (void)pmap_unset(SM_PROG, SM_VERS); + + transp = svcudp_create(RPC_ANYSOCK); + if (transp == NULL) + errx(1, "cannot create udp service"); + if (!svc_register(transp, SM_PROG, SM_VERS, sm_prog_1, IPPROTO_UDP)) + errx(1, "unable to register (SM_PROG, SM_VERS, udp)"); + + transp = svctcp_create(RPC_ANYSOCK, 0, 0); + if (transp == NULL) + errx(1, "cannot create tcp service"); + if (!svc_register(transp, SM_PROG, SM_VERS, sm_prog_1, IPPROTO_TCP)) + errx(1, "unable to register (SM_PROG, SM_VERS, tcp)"); + + if (debug) syslog(LOG_INFO, "Starting - debug enabled"); + else syslog(LOG_INFO, "Starting"); + + /* Install signal handler to collect exit status of child processes */ + sa.sa_handler = handle_sigchld; + sigemptyset(&sa.sa_mask); + sigaddset(&sa.sa_mask, SIGCHLD); + sa.sa_flags = SA_RESTART; + sigaction(SIGCHLD, &sa, NULL); + + /* Initialisation now complete - start operating */ + notify_hosts(); /* Forks a process (if necessary) to do the */ + /* SM_NOTIFY calls, which may be slow. */ + + svc_run(); /* Should never return */ + exit(1); +} + +static void +usage() +{ + fprintf(stderr, "usage: rpc.statd [-dn]\n"); + exit(1); +} + +/* handle_sigchld ---------------------------------------------------------- */ +/* + Purpose: Catch SIGCHLD and collect process status + Returns: Nothing. + Notes: No special action required, other than to collect the + process status and hence allow the child to die: + we only use child processes for asynchronous transmission + of SM_NOTIFY to other systems, so it is normal for the + children to exit when they have done their work. +*/ + +static void handle_sigchld(int sig __unused) +{ + int pid, status; + pid = wait4(-1, &status, WNOHANG, (struct rusage*)0); + if (!pid) syslog(LOG_ERR, "Phantom SIGCHLD??"); + else if (status == 0) + { + if (debug) syslog(LOG_DEBUG, "Child %d exited OK", pid); + } + else syslog(LOG_ERR, "Child %d failed with status %d", pid, + WEXITSTATUS(status)); +} + + +/* claim_pid_file ---------------------------------------------------------- */ +/* + Purpose: take ownership of and store pid in given pid_file + Returns: 0 on success or -1 on failure + Notes: force parameter requests that current owner (if any) of + pid file be terminated. +*/ + +int +claim_pid_file(const char *name, int force) +{ + int pidfd, rv, retried = 0; + FILE *pidfile; + +try_again: + + /* attempt exclusive open of pid file */ + pidfd = open(name, O_EXCL|O_CREAT|O_WRONLY, + S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH); + if (pidfd < 0) { + char buf[16]; + pid_t pid; + if (retried) + return -1; + bzero(buf, 16); + retried = 1; + /* pid file busy, check validity */ + pidfd = open(name, O_RDONLY); + if (pidfd < 0) + goto try_again; + rv = read(pidfd, buf, 15); + close(pidfd); + if (rv <= 0) + goto try_again; + pid = atoi(buf); + if (pid <= 0) + goto try_again; + rv = kill(pid, force ? SIGKILL : 0); + /* if can't signal, assume stale pid file */ + if ((rv < 0) || force) + unlink(name); + goto try_again; + } + pid_file = name; + atexit(cleanup_pid_file); + + pidfile = fdopen(pidfd, "w"); + if (pidfile) { + fchmod(pidfd, S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH); + fprintf(pidfile, "%d\n", getpid()); + fclose(pidfile); + } else + perror("fdopen"); + close(pidfd); + return 0; +} + + +/* cleanup_pid_file -------------------------------------------------------- */ +/* + Purpose: delete any pid_file that has been claimed + Returns: Nothing +*/ + +void +cleanup_pid_file(void) +{ + if (pid_file) { + unlink(pid_file); + pid_file = NULL; + } +} + + +/* handle_sig_cleanup ------------------------------------------------------ */ +/* + Purpose: call pid file cleanup function on signal + Returns: Nothing +*/ + +static void +handle_sig_cleanup(int sig __unused) +{ + cleanup_pid_file(); + exit(1); +} + diff --git a/rpc_statd.tproj/statd.h b/rpc_statd.tproj/statd.h new file mode 100644 index 0000000..002de8a --- /dev/null +++ b/rpc_statd.tproj/statd.h @@ -0,0 +1,118 @@ +/* + * Copyright (c) 1995 + * A.R. Gordon (andrew.gordon@net-tel.co.uk). All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed for the FreeBSD project + * 4. Neither the name of the author nor the names of any co-contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY ANDREW GORDON AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + + + +#include + +/* ------------------------------------------------------------------------- */ +/* + Data structures for recording monitored hosts + + The information held by the status monitor comprises a list of hosts + that we have been asked to monitor, and, associated with each monitored + host, one or more clients to be called back if the monitored host crashes. + + The list of monitored hosts must be retained over a crash, so that upon + re-boot we can call the SM_NOTIFY procedure in all those hosts so as to + cause them to start recovery processing. On the other hand, the client + call-backs are not required to be preserved: they are assumed (in the + protocol design) to be local processes which will have crashed when + we did, and so are discarded on restart. + + We handle this by keeping the list of monitored hosts in a file + (/var/statd.state) which is mmap()ed and whose format is described + by the typedef FileLayout. The lists of client callbacks are chained + off this structure, but are held in normal memory and so will be + lost after a re-boot. Hence the actual values of MonList * pointers + in the copy on disc have no significance, but their NULL/non-NULL + status indicates whether this host is actually being monitored or if it + is an empty slot in the file. +*/ + +typedef struct MonList_s +{ + struct MonList_s *next; /* Next in list or NULL */ + char notifyHost[SM_MAXSTRLEN + 1]; /* Host to notify */ + int notifyProg; /* RPC program number to call */ + int notifyVers; /* version number */ + int notifyProc; /* procedure number */ + unsigned char notifyData[16]; /* Opaque data from caller */ +} MonList; + +typedef struct +{ + char hostname[SM_MAXSTRLEN + 1]; /* Name of monitored host */ + int notifyReqd; /* TRUE if we've crashed and not yet */ + /* informed the monitored host */ + MonList *monList; /* List of clients to inform if we */ + /* hear that the monitored host has */ + /* crashed, NULL if no longer monitored */ +} HostInfo; + + +/* Overall file layout. */ + +typedef struct +{ + int ourState; /* State number as defined in statd protocol */ + int noOfHosts; /* Number of elements in hosts[] */ + char reserved[248]; /* Reserved for future use */ + HostInfo hosts[1]; /* vector of monitored hosts */ +} FileLayout; + +#define HEADER_LEN (sizeof(FileLayout) - sizeof(HostInfo)) + +/* ------------------------------------------------------------------------- */ + +/* Global variables */ + +extern FileLayout *status_info; /* The mmap()ed status file */ + +extern int debug; /* =1 to enable diagnostics to syslog */ +extern int notify_only; /* only send SM_NOTIFY messages */ +extern const char *pid_file; /* name of PID file */ + +/* Function prototypes */ + +extern int claim_pid_file(const char *name, int force); +extern HostInfo *find_host(char * /*hostname*/, int /*create*/); +extern void init_file(const char * /*filename*/); +extern void notify_hosts(void); +extern void sync_file(void); +extern int sm_check_hostname(struct svc_req *req, char *arg); + +#ifndef __unused +#define __unused +#endif diff --git a/rpc_statd.tproj/test.c b/rpc_statd.tproj/test.c new file mode 100644 index 0000000..6df1501 --- /dev/null +++ b/rpc_statd.tproj/test.c @@ -0,0 +1,144 @@ + +#ifndef lint +static const char rcsid[] = + "$FreeBSD$"; +#endif /* not lint */ + +#include +#include +#include + + +/* Default timeout can be changed using clnt_control() */ +static struct timeval TIMEOUT = { 25, 0 }; + +struct sm_stat_res * +sm_stat_1(argp, clnt) + struct sm_name *argp; + CLIENT *clnt; +{ + static struct sm_stat_res res; + + bzero((char *)&res, sizeof(res)); + if (clnt_call(clnt, SM_STAT, xdr_sm_name, argp, xdr_sm_stat_res, &res, TIMEOUT) != RPC_SUCCESS) { + return (NULL); + } + return (&res); +} + + +struct sm_stat_res * +sm_mon_1(argp, clnt) + struct mon *argp; + CLIENT *clnt; +{ + static struct sm_stat_res res; + + bzero((char *)&res, sizeof(res)); + if (clnt_call(clnt, SM_MON, xdr_mon, argp, xdr_sm_stat_res, &res, TIMEOUT) != RPC_SUCCESS) { + return (NULL); + } + return (&res); +} + + +struct sm_stat * +sm_unmon_1(argp, clnt) + struct mon_id *argp; + CLIENT *clnt; +{ + static struct sm_stat res; + + bzero((char *)&res, sizeof(res)); + if (clnt_call(clnt, SM_UNMON, xdr_mon_id, argp, xdr_sm_stat, &res, TIMEOUT) != RPC_SUCCESS) { + return (NULL); + } + return (&res); +} + + +struct sm_stat * +sm_unmon_all_1(argp, clnt) + struct my_id *argp; + CLIENT *clnt; +{ + static struct sm_stat res; + + bzero((char *)&res, sizeof(res)); + if (clnt_call(clnt, SM_UNMON_ALL, xdr_my_id, argp, xdr_sm_stat, &res, TIMEOUT) != RPC_SUCCESS) { + return (NULL); + } + return (&res); +} + + +void * +sm_simu_crash_1(argp, clnt) + void *argp; + CLIENT *clnt; +{ + static char res; + + bzero((char *)&res, sizeof(res)); + if (clnt_call(clnt, SM_SIMU_CRASH, xdr_void, argp, xdr_void, &res, TIMEOUT) != RPC_SUCCESS) { + return (NULL); + } + return ((void *)&res); +} + + +int main(int argc, char **argv) +{ + CLIENT *cli; + char dummy; + void *out; + struct mon mon; + + if (argc < 2) + { + fprintf(stderr, "usage: test | crash\n"); + fprintf(stderr, "always talks to statd at localhost\n"); + exit(1); + } + + printf("Creating client for localhost\n" ); + cli = clnt_create("localhost", SM_PROG, SM_VERS, "udp"); + if (!cli) + { + printf("Failed to create client\n"); + exit(1); + } + + mon.mon_id.mon_name = argv[1]; + mon.mon_id.my_id.my_name = argv[1]; + mon.mon_id.my_id.my_prog = SM_PROG; + mon.mon_id.my_id.my_vers = SM_VERS; + mon.mon_id.my_id.my_proc = 1; /* have it call sm_stat() !!! */ + + if (strcmp(argv[1], "crash")) + { + /* Hostname given */ + struct sm_stat_res *res; + if (res = sm_mon_1(&mon, cli)) + { + printf("Success!\n"); + } + else + { + printf("Fail\n"); + } + } + else + { + if (out = sm_simu_crash_1(&dummy, cli)) + { + printf("Success!\n"); + } + else + { + printf("Fail\n"); + } + } + + return 0; +} diff --git a/rpc_yppasswdd.tproj/passwd.c b/rpc_yppasswdd.tproj/passwd.c index a5d9982..81bf739 100644 --- a/rpc_yppasswdd.tproj/passwd.c +++ b/rpc_yppasswdd.tproj/passwd.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/rpc_yppasswdd.tproj/rpc.yppasswdd.c b/rpc_yppasswdd.tproj/rpc.yppasswdd.c index 1a88517..ef2fc87 100644 --- a/rpc_yppasswdd.tproj/rpc.yppasswdd.c +++ b/rpc_yppasswdd.tproj/rpc.yppasswdd.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/rpc_yppasswdd.tproj/yppasswd.h b/rpc_yppasswdd.tproj/yppasswd.h index 5592e87..618d876 100644 --- a/rpc_yppasswdd.tproj/yppasswd.h +++ b/rpc_yppasswdd.tproj/yppasswd.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/rpc_yppasswdd.tproj/yppasswdd_mkpw.c b/rpc_yppasswdd.tproj/yppasswdd_mkpw.c index 6904c44..c835f8d 100644 --- a/rpc_yppasswdd.tproj/yppasswdd_mkpw.c +++ b/rpc_yppasswdd.tproj/yppasswdd_mkpw.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/rpc_yppasswdd.tproj/yppasswdd_proc.c b/rpc_yppasswdd.tproj/yppasswdd_proc.c index 2053263..710e839 100644 --- a/rpc_yppasswdd.tproj/yppasswdd_proc.c +++ b/rpc_yppasswdd.tproj/yppasswdd_proc.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/rpcinfo.tproj/rpcinfo.c b/rpcinfo.tproj/rpcinfo.c index 3315bda..5c0af78 100644 --- a/rpcinfo.tproj/rpcinfo.c +++ b/rpcinfo.tproj/rpcinfo.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/rsh.tproj/Makefile b/rsh.tproj/Makefile index c387527..fcb81ac 100644 --- a/rsh.tproj/Makefile +++ b/rsh.tproj/Makefile @@ -12,7 +12,7 @@ NAME = rsh PROJECTVERSION = 2.8 PROJECT_TYPE = Tool -HFILES = pathnames.h +HFILES = CFILES = rsh.c diff --git a/rsh.tproj/Makefile.preamble b/rsh.tproj/Makefile.preamble index 87a4321..3fec41b 100644 --- a/rsh.tproj/Makefile.preamble +++ b/rsh.tproj/Makefile.preamble @@ -1,4 +1,5 @@ -RLOGIN_CFILES = krcmd.c des_rw.c -OTHER_OFILES = $(RLOGIN_CFILES:.c=.o) +#RLOGIN_CFILES = krcmd.c des_rw.c +#OTHER_OFILES = $(RLOGIN_CFILES:.c=.o) OTHER_GENERATED_OFILES = $(VERS_OFILE) +OTHER_CFLAGS = -D_PATH_RLOGIN=\"/usr/bin/rlogin\" -include ../Makefile.include diff --git a/rsh.tproj/rsh.1 b/rsh.tproj/rsh.1 index 78ec2f1..f535022 100644 --- a/rsh.tproj/rsh.1 +++ b/rsh.tproj/rsh.1 @@ -29,94 +29,81 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" @(#)rsh.1 8.2 (Berkeley) 4/29/95 +.\" @(#)rsh.1 8.1 (Berkeley) 6/6/93 +.\" $FreeBSD: src/usr.bin/rsh/rsh.1,v 1.17 2002/04/20 12:16:41 charnier Exp $ .\" -.Dd April 29, 1995 +.Dd June 6, 1993 .Dt RSH 1 -.Os BSD 4.2 +.Os .Sh NAME .Nm rsh .Nd remote shell .Sh SYNOPSIS -.Nm rsh -.Op Fl Kdnx +.Nm +.Op Fl 46Kdnx +.Op Fl t Ar timeout .Op Fl k Ar realm .Op Fl l Ar username .Ar host -.Nm rsh -.Op Fl Kdnx -.Op Fl k Ar realm -.Ar username@host .Op command .Sh DESCRIPTION -.Nm Rsh -executes +The +.Nm +utility executes .Ar command on -.Ar host . +.Ar host . .Pp -.Nm Rsh -copies its standard input to the remote command, the standard +The +.Nm +utility copies its standard input to the remote command, the standard output of the remote command to its standard output, and the standard error of the remote command to its standard error. Interrupt, quit and terminate signals are propagated to the remote command; -.Nm rsh +.Nm normally terminates when the remote command does. The options are as follows: .Bl -tag -width flag -.It Fl K -The -.Fl K -option turns off all Kerberos authentication. +.It Fl 4 +Use IPv4 addresses only. +.It Fl 6 +Use IPv6 addresses only. .It Fl d -The -.Fl d -option turns on socket debugging (using -.Xr setsockopt 2 ) +Turn on socket debugging (using +.Xr setsockopt 2 ) on the .Tn TCP sockets used for communication with the remote host. -.It Fl k -The -.Fl k -option causes -.Nm rsh -to obtain tickets for the remote host in -.Ar realm -instead of the remote host's realm as determined by -.Xr krb_realmofhost 3 . -.It Fl l +.It Fl l Ar username +Allow the remote +.Ar username +to be specified. By default, the remote username is the same as the local username. -The -.Fl l -option or the -.Pa username@host -format allow the remote name to be specified. -Kerberos authentication is used, and authorization is determined -as in -.Xr rlogin 1 . .It Fl n -The -.Fl n -option redirects input from the special device +Redirect input from the special device .Pa /dev/null (see the .Sx BUGS section of this manual page). .It Fl x -The -.Fl x -option turns on +Turn on .Tn DES encryption for all data exchange. This may introduce a significant delay in response time. +.It Fl t Ar timeout +Allow a +.Ar timeout +to be specified (in seconds). If no +data is sent or received in this time, +.Nm +will exit. .El .Pp If no .Ar command is specified, you will be logged in on the remote host using -.Xr rlogin 1 . +.Xr rlogin 1 . .Pp Shell metacharacters which are not quoted are interpreted on local machine, while quoted metacharacters are interpreted on the remote machine. @@ -144,26 +131,35 @@ to .Sh FILES .Bl -tag -width /etc/hosts -compact .It Pa /etc/hosts +.It Pa /etc/auth.conf .El .Sh SEE ALSO .Xr rlogin 1 , +.Xr setsockopt 2 , .Xr kerberos 3 , +.Xr krb_realmofhost 3 , .Xr krb_sendauth 3 , -.Xr krb_realmofhost 3 +.Xr rcmd 3 , +.Xr ruserok 3 , +.Xr auth.conf 5 , +.Xr hosts 5 , +.Xr hosts.equiv 5 , +.Xr rlogind 8 , +.Xr rshd 8 .Sh HISTORY The -.Nm rsh +.Nm command appeared in .Bx 4.2 . .Sh BUGS If you are using .Xr csh 1 and put a -.Nm rsh +.Nm in the background without redirecting its input away from the terminal, it will block even if no reads are posted by the remote command. If no input is desired you should redirect the input of -.Nm rsh +.Nm to .Pa /dev/null using the @@ -172,16 +168,16 @@ option. .Pp You cannot run an interactive command (like -.Xr rogue 6 +.Xr rogue 6 or -.Xr vi 1 ) +.Xr vi 1 ) using -.Nm rsh ; +.Nm ; use -.Xr rlogin 1 +.Xr rlogin 1 instead. .Pp Stop signals stop the local -.Nm rsh +.Nm process only; this is arguably wrong, but currently hard to fix for reasons too complicated to explain here. diff --git a/rsh.tproj/rsh.c b/rsh.tproj/rsh.c index 2e60f42..7bb4033 100644 --- a/rsh.tproj/rsh.c +++ b/rsh.tproj/rsh.c @@ -1,29 +1,13 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ /*- * Copyright (c) 1983, 1990, 1993, 1994 * The Regents of the University of California. All rights reserved. + * Copyright (c) 2002 Networks Associates Technology, Inc. + * All rights reserved. + * + * Portions of this software were developed for the FreeBSD Project by + * ThinkSec AS and NAI Labs, the Security Research Division of Network + * Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -54,74 +38,71 @@ * SUCH DAMAGE. */ +#ifndef lint +static const char copyright[] = +"@(#) Copyright (c) 1983, 1990, 1993, 1994\n\ + The Regents of the University of California. All rights reserved.\n"; +#endif /* not lint */ -/* - * $Source: /cvs/root/network_cmds/rsh.tproj/rsh.c,v $ - * $Header: /cvs/root/network_cmds/rsh.tproj/rsh.c,v 1.1.1.1 1999/05/02 03:58:17 wsanchez Exp $ - */ +#ifndef lint +static const char sccsid[] = "From: @(#)rsh.c 8.3 (Berkeley) 4/6/94"; +#endif /* not lint */ + +#include -#include +#include #include #include #include #include +#include #include #include #include #include +#include #include #include #include #include #include #include -#include - -#include "pathnames.h" - -#ifdef KERBEROS -#include -#include - -CREDENTIALS cred; -Key_schedule schedule; -int use_kerberos = 1, doencrypt; -char dst_realm_buf[REALM_SZ], *dest_realm; -extern char *krb_realmofhost(); -#endif +#include /* * rsh - remote shell */ int rfd2; -char *copyargs __P((char **)); -void sendsig __P((int)); -void talk __P((int, long, pid_t, int)); -void usage __P((void)); -void warning __P(()); +int family = PF_UNSPEC; +char rlogin[] = "rlogin"; + +void connect_timeout(int); +char *copyargs(char * const *); +void sendsig(int); +void talk(int, long, pid_t, int, int); +void usage(void); int -main(argc, argv) - int argc; - char **argv; +main(int argc, char *argv[]) { - struct passwd *pw; - struct servent *sp; + struct passwd const *pw; + struct servent const *sp; long omask; int argoff, asrsh, ch, dflag, nflag, one, rem; - pid_t pid; + pid_t pid = 0; uid_t uid; char *args, *host, *p, *user; + int timeout = 0; argoff = asrsh = dflag = nflag = 0; one = 1; host = user = NULL; /* if called as something other than "rsh", use it as the host name */ - if (p = strrchr(argv[0], '/')) + if ((p = strrchr(argv[0], '/'))) ++p; else p = argv[0]; @@ -136,22 +117,17 @@ main(argc, argv) argoff = 1; } -#ifdef KERBEROS -#ifdef CRYPT -#define OPTIONS "8KLdek:l:nwx" -#else -#define OPTIONS "8KLdek:l:nw" -#endif -#else -#define OPTIONS "8KLdel:nw" -#endif - while ((ch = getopt(argc - argoff, argv + argoff, OPTIONS)) != EOF) +#define OPTIONS "468KLde:l:nt:w" + while ((ch = getopt(argc - argoff, argv + argoff, OPTIONS)) != -1) switch(ch) { - case 'K': -#ifdef KERBEROS - use_kerberos = 0; -#endif + case '4': + family = PF_INET; + break; + + case '6': + family = PF_INET6; break; + case 'L': /* -8Lew are ignored to allow rlogin aliases */ case 'e': case 'w': @@ -163,23 +139,12 @@ main(argc, argv) case 'l': user = optarg; break; -#ifdef KERBEROS - case 'k': - dest_realm = dst_realm_buf; - strncpy(dest_realm, optarg, REALM_SZ); - break; -#endif case 'n': nflag = 1; break; -#ifdef KERBEROS -#ifdef CRYPT - case 'x': - doencrypt = 1; - des_set_key(cred.session, schedule); + case 't': + timeout = atoi(optarg); break; -#endif -#endif case '?': default: usage(); @@ -193,7 +158,7 @@ main(argc, argv) /* if no further arguments, must have been called as rlogin. */ if (!argv[optind]) { if (asrsh) - *argv = "rlogin"; + *argv = rlogin; execv(_PATH_RLOGIN, argv); err(1, "can't exec %s", _PATH_RLOGIN); } @@ -203,87 +168,27 @@ main(argc, argv) if (!(pw = getpwuid(uid = getuid()))) errx(1, "unknown user id"); - /* Accept user1@host format, though "-l user2" overrides user1 */ - p = strchr(host, '@'); - if (p) { - *p = '\0'; - if (!user && p > host) - user = host; - host = p + 1; - if (*host == '\0') - usage(); - } if (!user) user = pw->pw_name; -#ifdef KERBEROS -#ifdef CRYPT - /* -x turns off -n */ - if (doencrypt) - nflag = 0; -#endif -#endif - args = copyargs(argv); sp = NULL; -#ifdef KERBEROS - if (use_kerberos) { - sp = getservbyname((doencrypt ? "ekshell" : "kshell"), "tcp"); - if (sp == NULL) { - use_kerberos = 0; - warning("can't get entry for %s/tcp service", - doencrypt ? "ekshell" : "kshell"); - } - } -#endif if (sp == NULL) sp = getservbyname("shell", "tcp"); if (sp == NULL) errx(1, "shell/tcp: unknown service"); -#ifdef KERBEROS -try_connect: - if (use_kerberos) { - struct hostent *hp; - - /* fully qualify hostname (needed for krb_realmofhost) */ - hp = gethostbyname(host); - if (hp != NULL && !(host = strdup(hp->h_name))) - err(1, NULL); - - rem = KSUCCESS; - errno = 0; - if (dest_realm == NULL) - dest_realm = krb_realmofhost(host); - -#ifdef CRYPT - if (doencrypt) - rem = krcmd_mutual(&host, sp->s_port, user, args, - &rfd2, dest_realm, &cred, schedule); - else -#endif - rem = krcmd(&host, sp->s_port, user, args, &rfd2, - dest_realm); - if (rem < 0) { - use_kerberos = 0; - sp = getservbyname("shell", "tcp"); - if (sp == NULL) - errx(1, "shell/tcp: unknown service"); - if (errno == ECONNREFUSED) - warning("remote host doesn't support Kerberos"); - if (errno == ENOENT) - warning("can't provide Kerberos auth data"); - goto try_connect; - } - } else { - if (doencrypt) - errx(1, "the -x flag requires Kerberos authentication"); - rem = rcmd(&host, sp->s_port, pw->pw_name, user, args, &rfd2); + if (timeout) { + signal(SIGALRM, connect_timeout); + alarm(timeout); + } + rem = rcmd_af(&host, sp->s_port, pw->pw_name, user, args, &rfd2, + family); + if (timeout) { + signal(SIGALRM, SIG_DFL); + alarm(0); } -#else - rem = rcmd(&host, sp->s_port, pw->pw_name, user, args, &rfd2); -#endif if (rem < 0) exit(1); @@ -313,18 +218,13 @@ try_connect: if (pid < 0) err(1, "fork"); } + else + (void)shutdown(rem, 1); -#ifdef KERBEROS -#ifdef CRYPT - if (!doencrypt) -#endif -#endif - { - (void)ioctl(rfd2, FIONBIO, &one); - (void)ioctl(rem, FIONBIO, &one); - } + (void)ioctl(rfd2, FIONBIO, &one); + (void)ioctl(rem, FIONBIO, &one); - talk(nflag, omask, pid, rem); + talk(nflag, omask, pid, rem, timeout); if (!nflag) (void)kill(pid, SIGKILL); @@ -332,15 +232,14 @@ try_connect: } void -talk(nflag, omask, pid, rem) - int nflag; - long omask; - pid_t pid; - int rem; +talk(int nflag, long omask, pid_t pid, int rem, int timeout) { int cc, wc; fd_set readfrom, ready, rembits; - char *bp, buf[BUFSIZ]; + char buf[BUFSIZ]; + const char *bp; + struct timeval tvtimeout; + int nfds, srval; if (!nflag && pid == 0) { (void)close(rfd2); @@ -350,24 +249,20 @@ reread: errno = 0; goto done; bp = buf; -rewrite: +rewrite: + if (rem >= FD_SETSIZE) + errx(1, "descriptor too big"); FD_ZERO(&rembits); FD_SET(rem, &rembits); - if (select(16, 0, &rembits, 0, 0) < 0) { + nfds = rem + 1; + if (select(nfds, 0, &rembits, 0, 0) < 0) { if (errno != EINTR) err(1, "select"); goto rewrite; } if (!FD_ISSET(rem, &rembits)) goto rewrite; -#ifdef KERBEROS -#ifdef CRYPT - if (doencrypt) - wc = des_write(rem, bp, cc); - else -#endif -#endif - wc = write(rem, bp, cc); + wc = write(rem, bp, cc); if (wc < 0) { if (errno == EWOULDBLOCK) goto rewrite; @@ -383,93 +278,76 @@ done: exit(0); } + tvtimeout.tv_sec = timeout; + tvtimeout.tv_usec = 0; + (void)sigsetmask(omask); + if (rfd2 >= FD_SETSIZE || rem >= FD_SETSIZE) + errx(1, "descriptor too big"); FD_ZERO(&readfrom); FD_SET(rfd2, &readfrom); FD_SET(rem, &readfrom); + nfds = MAX(rfd2+1, rem+1); do { ready = readfrom; - if (select(16, &ready, 0, 0, 0) < 0) { + if (timeout) { + srval = select(nfds, &ready, 0, 0, &tvtimeout); + } else { + srval = select(nfds, &ready, 0, 0, 0); + } + + if (srval < 0) { if (errno != EINTR) err(1, "select"); continue; } + if (srval == 0) + errx(1, "timeout reached (%d seconds)\n", timeout); if (FD_ISSET(rfd2, &ready)) { errno = 0; -#ifdef KERBEROS -#ifdef CRYPT - if (doencrypt) - cc = des_read(rfd2, buf, sizeof buf); - else -#endif -#endif - cc = read(rfd2, buf, sizeof buf); + cc = read(rfd2, buf, sizeof buf); if (cc <= 0) { if (errno != EWOULDBLOCK) FD_CLR(rfd2, &readfrom); } else - (void)write(2, buf, cc); + (void)write(STDERR_FILENO, buf, cc); } if (FD_ISSET(rem, &ready)) { errno = 0; -#ifdef KERBEROS -#ifdef CRYPT - if (doencrypt) - cc = des_read(rem, buf, sizeof buf); - else -#endif -#endif - cc = read(rem, buf, sizeof buf); + cc = read(rem, buf, sizeof buf); if (cc <= 0) { if (errno != EWOULDBLOCK) FD_CLR(rem, &readfrom); } else - (void)write(1, buf, cc); + (void)write(STDOUT_FILENO, buf, cc); } } while (FD_ISSET(rfd2, &readfrom) || FD_ISSET(rem, &readfrom)); } void -sendsig(sig) - int sig; +connect_timeout(int sig) { - char signo; + char message[] = "timeout reached before connection completed.\n"; - signo = sig; -#ifdef KERBEROS -#ifdef CRYPT - if (doencrypt) - (void)des_write(rfd2, &signo, 1); - else -#endif -#endif - (void)write(rfd2, &signo, 1); + write(STDERR_FILENO, message, sizeof(message) - 1); + _exit(1); } -#ifdef KERBEROS -/* VARARGS */ void -warning(va_alist) -va_dcl +sendsig(int sig) { - va_list ap; - char *fmt; - - (void)fprintf(stderr, "rsh: warning, using standard rsh: "); - va_start(ap); - fmt = va_arg(ap, char *); - vfprintf(stderr, fmt, ap); - va_end(ap); - (void)fprintf(stderr, ".\n"); + char signo; + + signo = sig; + (void)write(rfd2, &signo, 1); } -#endif char * -copyargs(argv) - char **argv; +copyargs(char * const *argv) { int cc; - char **ap, *args, *p; + char *args, *p; + char * const *ap; cc = 0; for (ap = argv; *ap; ++ap) @@ -486,19 +364,10 @@ copyargs(argv) } void -usage() +usage(void) { (void)fprintf(stderr, - "usage: rsh [-nd%s]%s[-l login] [login@]host [command]\n", -#ifdef KERBEROS -#ifdef CRYPT - "x", " [-k realm] "); -#else - "", " [-k realm] "); -#endif -#else - "", " "); -#endif + "usage: rsh [-46] [-nd] [-l login] [-t timeout] host [command]\n"); exit(1); } diff --git a/rshd.tproj/rshd.c b/rshd.tproj/rshd.c index 7e8d10c..2f9085c 100644 --- a/rshd.tproj/rshd.c +++ b/rshd.tproj/rshd.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ruptime.tproj/ruptime.c b/ruptime.tproj/ruptime.c index e6cb457..3a7714c 100644 --- a/ruptime.tproj/ruptime.c +++ b/ruptime.tproj/ruptime.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/rwho.tproj/rwho.c b/rwho.tproj/rwho.c index 815f13a..adc1ec0 100644 --- a/rwho.tproj/rwho.c +++ b/rwho.tproj/rwho.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/rwhod.tproj/rwhod.c b/rwhod.tproj/rwhod.c index cbff644..d6411ee 100644 --- a/rwhod.tproj/rwhod.c +++ b/rwhod.tproj/rwhod.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/setkey.tproj/pfkey_dump.c b/setkey.tproj/pfkey_dump.c index 485ed46..507a0dd 100644 --- a/setkey.tproj/pfkey_dump.c +++ b/setkey.tproj/pfkey_dump.c @@ -506,8 +506,8 @@ str_prefport(family, pref, port) u_int family, pref, port; { static char buf[128]; - char prefbuf[10]; - char portbuf[10]; + char prefbuf[20]; + char portbuf[20]; int plen; switch (family) { diff --git a/setkey.tproj/setkey.c b/setkey.tproj/setkey.c index 19ccfe3..e49db07 100644 --- a/setkey.tproj/setkey.c +++ b/setkey.tproj/setkey.c @@ -508,7 +508,7 @@ shortdump(msg) struct sadb_msg *msg; { caddr_t mhp[SADB_EXT_MAX + 1]; - char buf[1024], pbuf[10]; + char buf[NI_MAXHOST], pbuf[NI_MAXSERV]; struct sadb_sa *sa; struct sadb_address *saddr; struct sadb_lifetime *lts, *lth, *ltc; diff --git a/slattach.tproj/slattach.c b/slattach.tproj/slattach.c index 580da18..028efc7 100644 --- a/slattach.tproj/slattach.c +++ b/slattach.tproj/slattach.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/spray.tproj/Makefile b/spray.tproj/Makefile index ad3c8d3..00368ac 100644 --- a/spray.tproj/Makefile +++ b/spray.tproj/Makefile @@ -15,7 +15,7 @@ PROJECT_TYPE = Tool CFILES = spray.c OTHERSRCS = Makefile Makefile.dist Makefile.postamble Makefile.preamble\ - spray.x + spray.8 spray.x MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles diff --git a/spray.tproj/Makefile.postamble b/spray.tproj/Makefile.postamble index 6e5046f..f2c7c12 100644 --- a/spray.tproj/Makefile.postamble +++ b/spray.tproj/Makefile.postamble @@ -124,3 +124,6 @@ %_xdr.c: %.x $(RPCGEN) $(ALL_RPCFLAGS) -c -o $(SYM_DIR)/$*_xdr.c $*.x +after_install: + install -o root -g wheel -m 755 -d $(DSTROOT)/usr/share/man/man8 + install -o root -g wheel -m 644 -c spray.8 $(DSTROOT)/usr/share/man/man8 diff --git a/spray.tproj/spray.8 b/spray.tproj/spray.8 new file mode 100644 index 0000000..5bd0b3e --- /dev/null +++ b/spray.tproj/spray.8 @@ -0,0 +1,75 @@ +.\" +.\" Copyright (c) 1994 James A. Jegers +.\" All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. The name of the author may not be used to endorse or promote products +.\" derived from this software without specific prior written permission +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR +.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES +.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. +.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, +.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT +.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF +.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +.\" +.Dd July 10, 1995 +.Dt SPRAY 8 +.Os +.Sh NAME +.Nm spray +.Nd send many packets to host +.Sh SYNOPSIS +.Nm spray +.Op Fl c Ar count +.Op Fl d Ar delay +.Op Fl l Ar length +.Ar host +\&... +.Sh DESCRIPTION +.Nm Spray +sends multiple RPC packets to +.Ar host +and records how many of them were correctly received and how long it took. +.Pp +The options are as follows: +.Bl -tag -width indent +.It Fl c Ar count +Send +.Ar count +packets. +.It Fl d Ar delay +Pause +.Ar delay +microseconds between sending each packet. +.It Fl l Ar length +Set the length of the packet that holds the RPC call message to +.Ar length +bytes. +Not all values of +.Ar length +are possible because RPC data is encoded using XDR. +.Nm Spray +rounds up to the nearest possible value. +.El +.Pp +.Nm Spray +is intended for use in network testing, measurement, and management. +This command +.Bf -emphasis +can be very hard on a network and should be used with caution. +.Ef +.Pp +.Sh SEE ALSO +.Xr netstat 1 , +.Xr ifconfig 8 , +.Xr ping 8 , +.Xr rpc.sprayd 8 diff --git a/spray.tproj/spray.c b/spray.tproj/spray.c index 72d9c3e..847ac34 100644 --- a/spray.tproj/spray.c +++ b/spray.tproj/spray.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/spray.tproj/spray.x b/spray.tproj/spray.x index 5d2f883..a9ff8df 100644 --- a/spray.tproj/spray.x +++ b/spray.tproj/spray.x @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/stdethers.tproj/Makefile.postamble b/stdethers.tproj/Makefile.postamble index 509e7f5..cfd24d4 100644 --- a/stdethers.tproj/Makefile.postamble +++ b/stdethers.tproj/Makefile.postamble @@ -99,3 +99,7 @@ STRIPFLAGS = # owned by the top-level Makefile API and no context has been set up for where # derived files should go. # + +install-man-page: + install -d $(DSTROOT)/usr/share/man/man8 + install -c -m 444 stdethers.8 $(DSTROOT)/usr/share/man/man8/stdethers.8 diff --git a/stdethers.tproj/Makefile.preamble b/stdethers.tproj/Makefile.preamble index 83f25c7..e48625d 100644 --- a/stdethers.tproj/Makefile.preamble +++ b/stdethers.tproj/Makefile.preamble @@ -121,3 +121,5 @@ # This definition will suppress stripping of debug symbols when an executable # is installed. By default it is YES. # STRIP_ON_INSTALL = NO + +AFTER_INSTALL += install-man-page diff --git a/stdethers.tproj/stdethers.c b/stdethers.tproj/stdethers.c index f9ef339..4fb93da 100644 --- a/stdethers.tproj/stdethers.c +++ b/stdethers.tproj/stdethers.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ @@ -70,7 +71,6 @@ static char rcsid[] = "$OpenBSD: stdethers.c,v 1.3 1997/09/11 19:47:33 deraadt E char *ProgramName = "stdethers"; extern int ether_line(char *, struct ether_addr *, char *); -extern char *ether_ntoa(struct ether_addr *); #ifndef NTOA_FIX #define NTOA(x) (char *)ether_ntoa(x) diff --git a/stdhosts.tproj/Makefile.postamble b/stdhosts.tproj/Makefile.postamble index 509e7f5..ad50dc8 100644 --- a/stdhosts.tproj/Makefile.postamble +++ b/stdhosts.tproj/Makefile.postamble @@ -99,3 +99,7 @@ STRIPFLAGS = # owned by the top-level Makefile API and no context has been set up for where # derived files should go. # + +install-man-page: + install -d $(DSTROOT)/usr/share/man/man8 + install -c -m 444 stdhosts.8 $(DSTROOT)/usr/share/man/man8/stdhosts.8 diff --git a/stdhosts.tproj/Makefile.preamble b/stdhosts.tproj/Makefile.preamble index 83f25c7..e48625d 100644 --- a/stdhosts.tproj/Makefile.preamble +++ b/stdhosts.tproj/Makefile.preamble @@ -121,3 +121,5 @@ # This definition will suppress stripping of debug symbols when an executable # is installed. By default it is YES. # STRIP_ON_INSTALL = NO + +AFTER_INSTALL += install-man-page diff --git a/stdhosts.tproj/stdhosts.c b/stdhosts.tproj/stdhosts.c index 3406558..bccf8f3 100644 --- a/stdhosts.tproj/stdhosts.c +++ b/stdhosts.tproj/stdhosts.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/syslogd.tproj/Makefile b/syslogd.tproj/Makefile index 9eae816..eb7c9ec 100644 --- a/syslogd.tproj/Makefile +++ b/syslogd.tproj/Makefile @@ -12,9 +12,9 @@ NAME = syslogd PROJECTVERSION = 2.8 PROJECT_TYPE = Tool -HFILES = pathnames.h +HFILES = pathnames.h ttymsg.h -CFILES = syslogd.c +CFILES = ttymsg.c syslogd.c OTHERSRCS = Makefile.preamble Makefile Makefile.postamble syslogd.8\ syslog.conf.5 diff --git a/syslogd.tproj/Makefile.postamble b/syslogd.tproj/Makefile.postamble index 60da20d..3dc97c4 100644 --- a/syslogd.tproj/Makefile.postamble +++ b/syslogd.tproj/Makefile.postamble @@ -109,3 +109,8 @@ STRIPFLAGS = # target runs. Such rules should be specified with the '::' syntax rather than # a single colon. VPATH += :../wall.tproj + +# a rule with which to install the man page +install-man-page: + install -d $(DSTROOT)/usr/share/man/man5 + install -c -m 444 syslog.conf.5 $(DSTROOT)/usr/share/man/man5/syslog.conf.5 diff --git a/syslogd.tproj/Makefile.preamble b/syslogd.tproj/Makefile.preamble index d2e854c..3e33b22 100644 --- a/syslogd.tproj/Makefile.preamble +++ b/syslogd.tproj/Makefile.preamble @@ -16,7 +16,7 @@ ## (e.g. change -O to -O2), see Makefile.postamble. # Flags passed to compiler (in addition to -g, -O, etc) -OTHER_CFLAGS = +OTHER_CFLAGS = -DINET6 -Dsocklen_t=int # Flags passed to ld (in addition to -ObjC, etc.) OTHER_LDFLAGS = @@ -110,6 +110,9 @@ OTHER_HELP_DIRS = OTHER_GENERATED_OFILES = $(VERS_OFILE) -OTHER_OFILES = ttymsg.o +#OTHER_OFILES = ttymsg.o + +# to allow installing man page after main install +AFTER_INSTALL += install-man-page -include ../Makefile.include diff --git a/syslogd.tproj/pathnames.h b/syslogd.tproj/pathnames.h index b03e65d..2dc61a8 100644 --- a/syslogd.tproj/pathnames.h +++ b/syslogd.tproj/pathnames.h @@ -1,26 +1,3 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ /* * Copyright (c) 1989, 1993 * The Regents of the University of California. All rights reserved. diff --git a/syslogd.tproj/syslog.conf.5 b/syslogd.tproj/syslog.conf.5 index b19e75d..e3b88b9 100644 --- a/syslogd.tproj/syslog.conf.5 +++ b/syslogd.tproj/syslog.conf.5 @@ -29,7 +29,8 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" @(#)syslog.conf.5 8.1 (Berkeley) 6/9/93 +.\" from: @(#)syslog.conf.5 8.1 (Berkeley) 6/9/93 +.\" $NetBSD: syslog.conf.5,v 1.4 1996/01/02 17:41:46 perry Exp $ .\" .Dd June 9, 1993 .Dt SYSLOG.CONF 5 @@ -91,7 +92,7 @@ The .Em level describes the severity of the message, and is a keyword from the following ordered list (higher to lower): emerg, alert, crit, err, -warning, notice and debug. +warning, notice, info and debug. These keywords correspond to the similar .Pq Dv LOG_ @@ -222,3 +223,10 @@ the level of ``err'' or higher, not at the level of ``crit'' or higher. .Sh SEE ALSO .Xr syslog 3 , .Xr syslogd 8 +.Sh HISTORY +The +.Nm +file appeared in +.Bx 4.3 , +along with +.Xr syslogd 8 . diff --git a/syslogd.tproj/syslogd.8 b/syslogd.tproj/syslogd.8 index f16297b..acd1380 100644 --- a/syslogd.tproj/syslogd.8 +++ b/syslogd.tproj/syslogd.8 @@ -30,85 +30,259 @@ .\" SUCH DAMAGE. .\" .\" @(#)syslogd.8 8.1 (Berkeley) 6/6/93 +.\" $FreeBSD: src/usr.sbin/syslogd/syslogd.8,v 1.49 2002/12/12 17:26:04 ru Exp $ .\" -.Dd June 6, 1993 +.Dd November 24, 2001 .Dt SYSLOGD 8 -.Os BSD 4.2 +.Os .Sh NAME .Nm syslogd .Nd log systems messages .Sh SYNOPSIS -.Nm syslogd +.Nm +.Op Fl 46Acdknosuv +.Op Fl a Ar allowed_peer +.Op Fl b Ar bind_address .Op Fl f Ar config_file +.Op Fl l Ar path .Op Fl m Ar mark_interval +.Op Fl P Ar pid_file .Op Fl p Ar log_socket .Sh DESCRIPTION -.Nm Syslogd -reads and logs messages to the system console, log files, other +The +.Nm +utility reads and logs messages to the system console, log files, other machines and/or users as specified by its configuration file. +.Pp The options are as follows: -.Bl -tag -width Ds +.Bl -tag -width indent +.It Fl 4 +Force +.Nm +to use IPv4 addresses only. +.It Fl 6 +Force +.Nm +to use IPv6 addresses only. +.It Fl A +Ordinarily, +.Nm +tries to send the message to only one address +even if the host has more than one A or AAAA record. +If this option is specified, +.Nm +tries to send the message to all addresses. +.It Fl a Ar allowed_peer +Allow +.Ar allowed_peer +to log to this +.Nm +using UDP datagrams. Multiple +.Fl a +options may be specified. +.Pp +.Ar Allowed_peer +can be any of the following: +.Bl -tag -width "ipaddr/masklen[:service]XX" +.It Xo +.Sm off +.Ar ipaddr +.No / Ar masklen +.Op : Ar service +.Sm on +.Xc +Accept datagrams from +.Ar ipaddr +(in the usual dotted quad notation) with +.Ar masklen +bits being taken into account when doing the address comparison. +.Ar ipaddr +can be also IPv6 address by enclosing the address with +.Ql \&[ +and +.Ql \&] . +If specified, +.Ar service +is the name or number of an UDP service (see +.Xr services 5 ) +the source packet must belong to. A +.Ar service +of +.Ql \&* +allows packets being sent from any UDP port. The default +.Ar service +is +.Ql syslog . +If +.Ar ipaddr +is IPv4 address, a missing +.Ar masklen +will be substituted by the historic class A or class B netmasks if +.Ar ipaddr +belongs into the address range of class A or B, respectively, or +by 24 otherwise. If +.Ar ipaddr +is IPv6 address, a missing +.Ar masklen +will be substituted by 128. +.It Xo +.Sm off +.Ar domainname Op : Ar service +.Sm on +.Xc +Accept datagrams where the reverse address lookup yields +.Ar domainname +for the sender address. The meaning of +.Ar service +is as explained above. +.It Xo +.Sm off +.No * Ar domainname Op : Ar service +.Sm on +.Xc +Same as before, except that any source host whose name +.Em ends +in +.Ar domainname +will get permission. +.El +.Pp +The +.Fl a +options are ignored if the +.Fl s +option is also specified. +.It Fl b Ar bind_address +Specify one specific IP address or hostname to bind to. +If a hostname is specified, +the IPv4 or IPv6 address which corresponds to it is used. +.It Fl c +Disable the compression of repeated instances of the same line +into a single line of the form +.Dq Li "last message repeated N times" +when the output is a pipe to another program. +If specified twice, disable this compression in all cases. +.It Fl d +Put +.Nm +into debugging mode. This is probably only of use to developers working on +.Nm . .It Fl f Specify the pathname of an alternate configuration file; the default is .Pa /etc/syslog.conf . +.It Fl k +Disable the translation of +messages received with facility +.Dq kern +to facility +.Dq user . +Usually the +.Dq kern +facility is reserved for messages read directly from +.Pa /dev/klog . .It Fl m -Select the number of minutes between ``mark'' messages; -the default is 20 minutes. +Select the number of minutes between +.Dq mark +messages; the default is 20 minutes. +.It Fl n +Disable dns query for every request. +.It Fl o +Prefix kernel messages with the full kernel boot file as determined by +.Xr getbootfile 3 . +Without this, the kernel message prefix is always +.Dq Li kernel: . .It Fl p -Specify the pathname of an alternate log socket; +Specify the pathname of an alternate log socket to be used instead; the default is -.Pa /var/run/syslog . +.Pa /var/run/log . +.It Fl P +Specify an alternative file in which to store the process ID. +The default is +.Pa /var/run/syslog.pid . +.It Fl l +Specify a location where +.Nm +should place an additional log socket. +Up to 19 additional logging sockets can be specified. +The primary use for this is to place additional log sockets in +.Pa /var/run/log +of various chroot filespaces. +.It Fl s +Operate in secure mode. Do not log messages from remote machines. If +specified twice, no network socket will be opened at all, which also +disables logging to remote machines. +.It Fl u +Unique priority logging. Only log messages at the specified priority. +Without this option, messages at the stated priority or higher are logged. +This option changes the default comparison from +.Dq => +to +.Dq = . +.It Fl v +Verbose logging. If specified once, the numeric facility and priority are +logged with each locally-written message. If specified more than once, +the names of the facility and priority are logged with each locally-written +message. .El .Pp -.Nm Syslogd -reads its configuration file when it starts up and whenever it +The +.Nm +utility reads its configuration file when it starts up and whenever it receives a hangup signal. For information on the format of the configuration file, see .Xr syslog.conf 5 . .Pp -.Nm Syslogd -reads messages from the -.Tn UNIX +The +.Nm +utility reads messages from the +.Ux domain socket -.Pa /var/run/syslog , +.Pa /var/run/log , from an Internet domain socket specified in .Pa /etc/services , and from the special device .Pa /dev/klog (to read kernel messages). .Pp -.Nm Syslogd -creates the file +The +.Nm +utility creates its process ID file, +by default .Pa /var/run/syslog.pid , and stores its process -id there. +ID there. This can be used to kill or reconfigure -.Nm syslogd . +.Nm . .Pp The message sent to -.Nm syslogd +.Nm should consist of a single line. The message can contain a priority code, which should be a preceding decimal number in angle braces, for example, -.Sq Aq 5. +.Sq Aq 5 . This priority code should map into the priorities defined in the include file .Aq Pa sys/syslog.h . +.Pp +For security reasons, +.Nm +will not append to log files that do not exist; +therefore, they must be created manually before running +.Nm . .Sh FILES .Bl -tag -width /var/run/syslog.pid -compact .It Pa /etc/syslog.conf -The configuration file. +configuration file .It Pa /var/run/syslog.pid -The process id of current -.Nm syslogd . -.It Pa /var/run/syslog -Name of the -.Tn UNIX -domain datagram log socket. +default process ID file +.It Pa /var/run/log +name of the +.Ux +domain datagram log socket .It Pa /dev/klog -The kernel log device. +kernel log device .El .Sh SEE ALSO .Xr logger 1 , @@ -118,5 +292,40 @@ The kernel log device. .Sh HISTORY The .Nm -command appeared in +utility appeared in .Bx 4.3 . +.Pp +The +.Fl a , +.Fl s , +.Fl u , +and +.Fl v +options are +.Fx 2.2 +extensions. +.Sh BUGS +The ability to log messages received in UDP packets is equivalent to +an unauthenticated remote disk-filling service, and should probably be +disabled by default. Some sort of +.No inter- Ns Nm syslogd +authentication mechanism ought to be worked out. To prevent the worst +abuse, use of the +.Fl a +option is therefore highly recommended. +.Pp +The +.Fl a +matching algorithm doesn't pretend to be very efficient; use of numeric +IP addresses is faster than domain name comparison. Since the allowed +peer list is being walked linearly, peer groups where frequent messages +are being anticipated from should be put early into the +.Fl a +list. +.Pp +The log socket was moved from +.Pa /dev +to ease the use of a read-only root file system. +This may confuse +some old binaries so that a symbolic link might be used for a +transitional period. diff --git a/syslogd.tproj/syslogd.c b/syslogd.tproj/syslogd.c index 7de133b..e92625b 100644 --- a/syslogd.tproj/syslogd.c +++ b/syslogd.tproj/syslogd.c @@ -1,26 +1,3 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ /* * Copyright (c) 1983, 1988, 1993, 1994 * The Regents of the University of California. All rights reserved. @@ -55,13 +32,15 @@ */ #ifndef lint -static char copyright[] = +static const char copyright[] = "@(#) Copyright (c) 1983, 1988, 1993, 1994\n\ The Regents of the University of California. All rights reserved.\n"; #endif /* not lint */ #ifndef lint +#if 0 static char sccsid[] = "@(#)syslogd.c 8.3 (Berkeley) 4/4/94"; +#endif #endif /* not lint */ /* @@ -84,6 +63,10 @@ static char sccsid[] = "@(#)syslogd.c 8.3 (Berkeley) 4/4/94"; * Author: Eric Allman * extensive changes by Ralph Campbell * more extensive changes by Eric Allman (again) + * Extension to log by program name as well as facility and priority + * by Peter da Silva. + * -u and -v by Harlan Stenn. + * Priority comparison code by Harlan Stenn. */ #define MAXLINE 1024 /* maximum line length */ @@ -91,48 +74,66 @@ static char sccsid[] = "@(#)syslogd.c 8.3 (Berkeley) 4/4/94"; #define DEFUPRI (LOG_USER|LOG_NOTICE) #define DEFSPRI (LOG_KERN|LOG_CRIT) #define TIMERINTVL 30 /* interval for checking flush, mark */ +#define TTYMSGTIME 1 /* timed out passed to ttymsg */ #include #include #include #include #include -#include +#include #include #include #include #include +#include +#include #include #include #include #include +#include #include #include -#include +#include +#include #include #include #include #include +#include #include #include +#include + #include "pathnames.h" +#include "ttymsg.h" #define SYSLOG_NAMES #include -char *LogName = _PATH_LOG; -char *ConfFile = _PATH_LOGCONF; -char *PidFile = _PATH_LOGPID; -char ctty[] = _PATH_CONSOLE; +#ifdef NI_WITHSCOPEID +static const int withscopeid = NI_WITHSCOPEID; +#else +static const int withscopeid; +#endif -#define FDMASK(fd) (1 << (fd)) +const char *ConfFile = _PATH_LOGCONF; +const char *PidFile = _PATH_LOGPID; +const char ctty[] = _PATH_CONSOLE; #define dprintf if (Debug) printf #define MAXUNAMES 20 /* maximum number of user names */ +#define MAXFUNIX 20 + +int nfunix = 1; +const char *funixn[MAXFUNIX] = { _PATH_LOG }; +int funix[MAXFUNIX]; + /* * Flags to logmsg(). */ @@ -141,6 +142,7 @@ char ctty[] = _PATH_CONSOLE; #define SYNC_FILE 0x002 /* do fsync on file after printing */ #define ADDDATE 0x004 /* add a date to the message */ #define MARK 0x008 /* this message is a mark */ +#define ISKERNEL 0x010 /* kernel generated message */ /* * This structure represents the files that will have log @@ -152,24 +154,79 @@ struct filed { short f_type; /* entry type, see below */ short f_file; /* file descriptor */ time_t f_time; /* time this was last written */ + char *f_host; /* host from which to recd. */ u_char f_pmask[LOG_NFACILITIES+1]; /* priority mask */ + u_char f_pcmp[LOG_NFACILITIES+1]; /* compare priority */ +#define PRI_LT 0x1 +#define PRI_EQ 0x2 +#define PRI_GT 0x4 + char *f_program; /* program this applies to */ union { char f_uname[MAXUNAMES][UT_NAMESIZE+1]; struct { - char f_hname[MAXHOSTNAMELEN+1]; - struct sockaddr_in f_addr; + char f_hname[MAXHOSTNAMELEN]; + struct addrinfo *f_addr; + } f_forw; /* forwarding address */ char f_fname[MAXPATHLEN]; + struct { + char f_pname[MAXPATHLEN]; + pid_t f_pid; + } f_pipe; } f_un; char f_prevline[MAXSVLINE]; /* last message logged */ char f_lasttime[16]; /* time of last occurrence */ - char f_prevhost[MAXHOSTNAMELEN+1]; /* host from which recd. */ + char f_prevhost[MAXHOSTNAMELEN]; /* host from which recd. */ int f_prevpri; /* pri of f_prevline */ int f_prevlen; /* length of f_prevline */ int f_prevcount; /* repetition cnt of prevline */ - int f_repeatcount; /* number of "repeated" msgs */ + u_int f_repeatcount; /* number of "repeated" msgs */ +}; + +/* + * Queue of about-to-be dead processes we should watch out for. + */ + +TAILQ_HEAD(stailhead, deadq_entry) deadq_head; +struct stailhead *deadq_headp; + +struct deadq_entry { + pid_t dq_pid; + int dq_timeout; + TAILQ_ENTRY(deadq_entry) dq_entries; +}; + +/* + * The timeout to apply to processes waiting on the dead queue. Unit + * of measure is `mark intervals', i.e. 20 minutes by default. + * Processes on the dead queue will be terminated after that time. + */ + +#define DQ_TIMO_INIT 2 + +typedef struct deadq_entry *dq_t; + + +/* + * Struct to hold records of network addresses that are allowed to log + * to us. + */ +struct allowedpeer { + int isnumeric; + u_short port; + union { + struct { + struct sockaddr_storage addr; + struct sockaddr_storage mask; + } numeric; + char *name; + } u; +#define a_addr u.numeric.addr +#define a_mask u.numeric.mask +#define a_name u.name }; + /* * Intervals at which we flush out "message repeated" messages, * in seconds after previous message is logged. After each flush, @@ -190,78 +247,165 @@ int repeatinterval[] = { 30, 120, 600 }; /* # of secs before flush */ #define F_FORW 4 /* remote machine */ #define F_USERS 5 /* list of users */ #define F_WALL 6 /* everyone logged on */ +#define F_PIPE 7 /* pipe to program */ +#define F_CHECKTTY 8 /* think it's a tty, so check */ -char *TypeNames[7] = { +const char *TypeNames[9] = { "UNUSED", "FILE", "TTY", "CONSOLE", - "FORW", "USERS", "WALL" + "FORW", "USERS", "WALL", "PIPE", + "CHECKTTY" }; -struct filed *Files; -struct filed consfile; - -int Debug = 0; /* debug flag */ -int Insecure = 0; /* insecure flag */ -char LocalHostName[MAXHOSTNAMELEN+1]; /* our hostname */ -char *LocalDomain; /* our local domain name */ -int InetInuse = 0; /* non-zero if INET sockets are being used */ -int finet; /* Internet datagram socket */ -int LogPort; /* port number for INET connections */ -int Initialized = 0; /* set when we have initialized ourselves */ -int MarkInterval = 20 * 60; /* interval between marks in seconds */ -int MarkSeq = 0; /* mark sequence number */ -int NoAddressToName = 0; /* Do not convert address to name */ -int RcvSockBufSize = 42080; /* Our default receive socket buffer size */ - -void cfline __P((char *, struct filed *)); -char *cvthname __P((struct sockaddr_in *)); -int decode __P((const char *, CODE *)); -void die __P((int)); -void domark __P((int)); -void fprintlog __P((struct filed *, int, char *)); -void init __P((int)); -void logerror __P((char *)); -void logmsg __P((int, char *, char *, int)); -void printline __P((char *, char *)); -void printsys __P((char *)); -void reapchild __P((int)); -char *ttymsg __P((struct iovec *, int, char *, int)); -void usage __P((void)); -void wallmsg __P((struct filed *, struct iovec *)); +static struct filed *Files = NULL; /* Log files that we write to */ +static struct filed consfile; /* Console */ + +static int Debug = 0; /* debug flag */ +static int resolve = 1; /* resolve hostname */ +static char LocalHostName[MAXHOSTNAMELEN]; /* our hostname */ +static char *LocalDomain = NULL; /* our local domain name */ +static int *finet = NULL; /* Internet datagram socket */ +static int fklog = -1; /* /dev/klog */ +static int Initialized = 0; /* set when we have initialized ourselves */ +static int MarkInterval = 20 * 60; /* interval between marks in seconds */ +static int MarkSeq = 0; /* mark sequence number */ +#ifdef __APPLE__ +static int RcvSockBufSize = 49152; /* Our default receive socket buffer size 3301629*/ +#endif +static int SecureMode = 0; /* when true, receive only unix domain socks */ +#ifdef INET6 +static int family = PF_UNSPEC; /* protocol family (IPv4, IPv6 or both) */ +#else +static int family = PF_INET; /* protocol family (IPv4 only) */ +#endif +static int send_to_all = 0; /* send message to all IPv4/IPv6 addresses */ +static int use_bootfile = 0; /* log entire bootfile for every kern msg */ +static int no_compress = 0; /* don't compress messages (1=pipes, 2=all) */ + +static char bootfile[MAXLINE+1]; /* booted kernel file */ + +struct allowedpeer *AllowedPeers = NULL; /* List of allowed peers */ +static int NumAllowed = 0; /* Number of entries in AllowedPeers */ + +static int UniquePriority = 0; /* Only log specified priority? */ +static int LogFacPri = 0; /* Put facility and priority in log message: */ + /* 0=no, 1=numeric, 2=names */ +static int KeepKernFac = 0; /* Keep remotely logged kernel facility */ +static int create_files = 0; + +volatile sig_atomic_t MarkSet = 0, WantDie = 0; + +static int allowaddr(char *); +static void cfline(const char *, struct filed *, + const char *, const char *); +static const char *cvthname(struct sockaddr *); +static void deadq_enter(pid_t, const char *); +static int deadq_remove(pid_t); +static int decode(const char *, CODE *); +static void die(int); +static void dodie(int); +static void domark(int); +static void fprintlog(struct filed *, int, const char *); +static int *socksetup(int, const char *); +static void init(int); +static void logerror(const char *); +static void logmsg(int, const char *, const char *, int); +static void log_deadchild(pid_t, int, const char *); +static void markit(void); +static int skip_message(const char *, const char *); +static void printline(const char *, char *); +static void printsys(char *); +static int p_open(const char *, pid_t *); +static void readklog(void); +static void reapchild(int); +static void usage(void); +static int validate(struct sockaddr *, const char *); +static void unmapped(struct sockaddr *); +static void wallmsg(struct filed *, struct iovec *); +static int waitdaemon(int, int, int); +static void timedout(int); int -main(argc, argv) - int argc; - char *argv[]; +main(int argc, char *argv[]) { - int ch, funix, i, inetm, fklog, klogm, len; + int ch, i, fdsrmax = 0, l; struct sockaddr_un sunx, fromunix; - struct sockaddr_in sin, frominet; + struct sockaddr_storage frominet; + fd_set *fdsr = NULL; FILE *fp; - char *p, line[MSG_BSIZE + 1]; - - while ((ch = getopt(argc, argv, "duf:m:p:ns:")) != EOF) - switch(ch) { + char line[MAXLINE + 1]; + const char *bindhostname, *hname; + struct timeval tv, *tvp; + struct sigaction sact; + sigset_t mask; + pid_t ppid = 1; + socklen_t len; + + bindhostname = NULL; + while ((ch = getopt(argc, argv, "46ACa:b:cdf:kl:m:nop:P:suv")) != -1) + switch (ch) { + case '4': + family = PF_INET; + break; +#ifdef INET6 + case '6': + family = PF_INET6; + break; +#endif + case 'A': + send_to_all++; + break; + case 'C': + create_files++; + break; + case 'a': /* allow specific network addresses only */ + if (allowaddr(optarg) == -1) + usage(); + break; + case 'b': + bindhostname = optarg; + break; + case 'c': + no_compress++; + break; case 'd': /* debug */ Debug++; break; - case 'u': /* insecure */ - Insecure++; - break; case 'f': /* configuration file */ ConfFile = optarg; break; + case 'k': /* keep remote kern fac */ + KeepKernFac = 1; + break; + case 'l': + if (nfunix < MAXFUNIX) + funixn[nfunix++] = optarg; + else + warnx("out of descriptors, ignoring %s", + optarg); + break; case 'm': /* mark interval */ MarkInterval = atoi(optarg) * 60; break; + case 'n': + resolve = 0; + break; + case 'o': + use_bootfile = 1; + break; case 'p': /* path */ - LogName = optarg; + funixn[0] = optarg; break; - case 'n': - NoAddressToName++; + case 'P': /* path for alt. PID */ + PidFile = optarg; + break; + case 's': /* no network mode */ + SecureMode++; break; - case 's': - if ((len = atoi(optarg)) > 0) - RcvSockBufSize = len; + case 'u': /* only log specified priority */ + UniquePriority++; + break; + case 'v': /* log facility and priority */ + LogFacPri++; break; case '?': default: @@ -270,144 +414,242 @@ main(argc, argv) if ((argc -= optind) != 0) usage(); - if (!Debug) - (void)daemon(0, 0); - else + if (!Debug) { + ppid = waitdaemon(0, 0, 30); + if (ppid < 0) + err(1, "could not become daemon"); + } else { setlinebuf(stdout); + } + + if (NumAllowed) + endservent(); consfile.f_type = F_CONSOLE; - (void)strcpy(consfile.f_un.f_fname, ctty); - (void)gethostname(LocalHostName, sizeof(LocalHostName)); - if ((p = strchr(LocalHostName, '.')) != NULL) { - *p++ = '\0'; - LocalDomain = p; - } else - LocalDomain = ""; - (void)signal(SIGTERM, die); - (void)signal(SIGINT, Debug ? die : SIG_IGN); - (void)signal(SIGQUIT, Debug ? die : SIG_IGN); - (void)signal(SIGCHLD, reapchild); + (void)strlcpy(consfile.f_un.f_fname, ctty + sizeof _PATH_DEV - 1, + sizeof(consfile.f_un.f_fname)); +#ifdef __APPLE__ + /* We lack getbootfile() 3187949 and 3187947 */ + (void)strlcpy(bootfile, "/mach_kernel", sizeof("/mach_kernel")); +#else + (void)strlcpy(bootfile, getbootfile(), sizeof(bootfile)); +#endif + (void)signal(SIGTERM, dodie); + (void)signal(SIGINT, Debug ? dodie : SIG_IGN); + (void)signal(SIGQUIT, Debug ? dodie : SIG_IGN); + /* + * We don't want the SIGCHLD and SIGHUP handlers to interfere + * with each other; they are likely candidates for being called + * simultaneously (SIGHUP closes pipe descriptor, process dies, + * SIGCHLD happens). + */ + sigemptyset(&mask); + sigaddset(&mask, SIGHUP); + sact.sa_handler = reapchild; + sact.sa_mask = mask; + sact.sa_flags = SA_RESTART; + (void)sigaction(SIGCHLD, &sact, NULL); (void)signal(SIGALRM, domark); + (void)signal(SIGPIPE, SIG_IGN); /* We'll catch EPIPE instead. */ (void)alarm(TIMERINTVL); - (void)unlink(LogName); + + TAILQ_INIT(&deadq_head); #ifndef SUN_LEN #define SUN_LEN(unp) (strlen((unp)->sun_path) + 2) #endif - memset(&sunx, 0, sizeof(sunx)); - sunx.sun_family = AF_UNIX; - (void)strncpy(sunx.sun_path, LogName, sizeof(sunx.sun_path)); - funix = socket(AF_UNIX, SOCK_DGRAM, 0); - if (funix < 0 || - bind(funix, (struct sockaddr *)&sunx, SUN_LEN(&sunx)) < 0 || - chmod(LogName, 0666) < 0) { - (void) snprintf(line, sizeof line, "cannot create %s", LogName); - logerror(line); - dprintf("cannot create %s (%d)\n", LogName, errno); - die(0); - } - if (setsockopt(funix, SOL_SOCKET, SO_RCVBUF, &RcvSockBufSize, sizeof(int)) < 0) - logerror("setsockopt funix"); - finet = socket(AF_INET, SOCK_DGRAM, 0); - inetm = 0; - if (finet >= 0) { - struct servent *sp; - - sp = getservbyname("syslog", "udp"); - if (sp == NULL) { - errno = 0; - logerror("syslog/udp: unknown service"); - die(0); - } - memset(&sin, 0, sizeof(sin)); - sin.sin_family = AF_INET; - sin.sin_port = LogPort = sp->s_port; - if (bind(finet, (struct sockaddr *)&sin, sizeof(sin)) < 0) { - logerror("bind"); - if (!Debug) + for (i = 0; i < nfunix; i++) { + (void)unlink(funixn[i]); + memset(&sunx, 0, sizeof(sunx)); + sunx.sun_family = AF_UNIX; + (void)strlcpy(sunx.sun_path, funixn[i], sizeof(sunx.sun_path)); + funix[i] = socket(AF_UNIX, SOCK_DGRAM, 0); + if (funix[i] < 0 || + bind(funix[i], (struct sockaddr *)&sunx, + SUN_LEN(&sunx)) < 0 || + chmod(funixn[i], 0666) < 0) { + (void)snprintf(line, sizeof line, + "cannot create %s", funixn[i]); + logerror(line); + dprintf("cannot create %s (%d)\n", funixn[i], errno); + if (i == 0) die(0); + } +#ifdef __APPLE__ + if (setsockopt(funix[i], SOL_SOCKET, SO_RCVBUF, &RcvSockBufSize, sizeof(int)) < 0) + logerror("setsockopt funix"); +#endif + } + if (SecureMode <= 1) + finet = socksetup(family, bindhostname); + + if (finet) { + if (SecureMode) { + for (i = 0; i < *finet; i++) { + if (shutdown(finet[i+1], SHUT_RD) < 0) { + logerror("shutdown"); + if (!Debug) + die(0); + } + } } else { - inetm = FDMASK(finet); - InetInuse = 1; + dprintf("listening on inet and/or inet6 socket\n"); } - if (setsockopt(finet, SOL_SOCKET, SO_RCVBUF, &RcvSockBufSize, sizeof(int)) < 0) - logerror("setsockopt finet"); + dprintf("sending on inet and/or inet6 socket\n"); } + if ((fklog = open(_PATH_KLOG, O_RDONLY, 0)) >= 0) - klogm = FDMASK(fklog); - else { + if (fcntl(fklog, F_SETFL, O_NONBLOCK) < 0) + fklog = -1; + if (fklog < 0) dprintf("can't open %s (%d)\n", _PATH_KLOG, errno); - klogm = 0; - } /* tuck my process id away */ fp = fopen(PidFile, "w"); if (fp != NULL) { fprintf(fp, "%d\n", getpid()); - (void) fclose(fp); + (void)fclose(fp); } dprintf("off & running....\n"); init(0); - (void)signal(SIGHUP, init); + /* prevent SIGHUP and SIGCHLD handlers from running in parallel */ + sigemptyset(&mask); + sigaddset(&mask, SIGCHLD); + sact.sa_handler = init; + sact.sa_mask = mask; + sact.sa_flags = SA_RESTART; + (void)sigaction(SIGHUP, &sact, NULL); + + tvp = &tv; + tv.tv_sec = tv.tv_usec = 0; + + if (fklog != -1 && fklog > fdsrmax) + fdsrmax = fklog; + if (finet && !SecureMode) { + for (i = 0; i < *finet; i++) { + if (finet[i+1] != -1 && finet[i+1] > fdsrmax) + fdsrmax = finet[i+1]; + } + } + for (i = 0; i < nfunix; i++) { + if (funix[i] != -1 && funix[i] > fdsrmax) + fdsrmax = funix[i]; + } + + fdsr = (fd_set *)calloc(howmany(fdsrmax+1, NFDBITS), + sizeof(fd_mask)); + if (fdsr == NULL) + errx(1, "calloc fd_set"); for (;;) { - int nfds, readfds = FDMASK(funix) | inetm | klogm; + if (MarkSet) + markit(); + if (WantDie) + die(WantDie); + + bzero(fdsr, howmany(fdsrmax+1, NFDBITS) * + sizeof(fd_mask)); + + if (fklog != -1) + FD_SET(fklog, fdsr); + if (finet && !SecureMode) { + for (i = 0; i < *finet; i++) { + if (finet[i+1] != -1) + FD_SET(finet[i+1], fdsr); + } + } + for (i = 0; i < nfunix; i++) { + if (funix[i] != -1) + FD_SET(funix[i], fdsr); + } - dprintf("readfds = %#x\n", readfds); - nfds = select(20, (fd_set *)&readfds, (fd_set *)NULL, - (fd_set *)NULL, (struct timeval *)NULL); - if (nfds == 0) + i = select(fdsrmax+1, fdsr, NULL, NULL, tvp); + switch (i) { + case 0: + if (tvp) { + tvp = NULL; + if (ppid != 1) + kill(ppid, SIGALRM); + } continue; - if (nfds < 0) { + case -1: if (errno != EINTR) logerror("select"); continue; } - dprintf("got a message (%d, %#x)\n", nfds, readfds); - if (readfds & klogm) { - i = read(fklog, line, sizeof(line) - 1); - if (i > 0) { - line[i] = '\0'; - printsys(line); - } else if (i < 0 && errno != EINTR) { - logerror("klog"); - fklog = -1; - klogm = 0; + if (fklog != -1 && FD_ISSET(fklog, fdsr)) + readklog(); + if (finet && !SecureMode) { + for (i = 0; i < *finet; i++) { + if (FD_ISSET(finet[i+1], fdsr)) { + len = sizeof(frominet); + l = recvfrom(finet[i+1], line, MAXLINE, + 0, (struct sockaddr *)&frominet, + &len); + if (l > 0) { + line[l] = '\0'; + hname = cvthname((struct sockaddr *)&frominet); + unmapped((struct sockaddr *)&frominet); + if (validate((struct sockaddr *)&frominet, hname)) + printline(hname, line); + } else if (l < 0 && errno != EINTR) + logerror("recvfrom inet"); + } } } - if (readfds & FDMASK(funix)) { - len = sizeof(fromunix); - i = recvfrom(funix, line, MAXLINE, 0, - (struct sockaddr *)&fromunix, &len); - if (i > 0) { - line[i] = '\0'; - printline(LocalHostName, line); - } else if (i < 0 && errno != EINTR) - logerror("recvfrom unix"); - } - if (readfds & inetm) { - len = sizeof(frominet); - i = recvfrom(finet, line, MAXLINE, 0, - (struct sockaddr *)&frominet, &len); - if (Insecure) { - if (i > 0) { - line[i] = '\0'; - printline(cvthname(&frominet), line); - } else if (i < 0 && errno != EINTR) - logerror("recvfrom inet"); + for (i = 0; i < nfunix; i++) { + if (funix[i] != -1 && FD_ISSET(funix[i], fdsr)) { + len = sizeof(fromunix); + l = recvfrom(funix[i], line, MAXLINE, 0, + (struct sockaddr *)&fromunix, &len); + if (l > 0) { + line[l] = '\0'; + printline(LocalHostName, line); + } else if (l < 0 && errno != EINTR) + logerror("recvfrom unix"); } - } + } } + if (fdsr) + free(fdsr); +} + +static void +unmapped(struct sockaddr *sa) +{ + struct sockaddr_in6 *sin6; + struct sockaddr_in sin4; + + if (sa->sa_family != AF_INET6) + return; + if (sa->sa_len != sizeof(struct sockaddr_in6) || + sizeof(sin4) > sa->sa_len) + return; + sin6 = (struct sockaddr_in6 *)sa; + if (!IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) + return; + + memset(&sin4, 0, sizeof(sin4)); + sin4.sin_family = AF_INET; + sin4.sin_len = sizeof(struct sockaddr_in); + memcpy(&sin4.sin_addr, &sin6->sin6_addr.s6_addr[12], + sizeof(sin4.sin_addr)); + sin4.sin_port = sin6->sin6_port; + + memcpy(sa, &sin4, sin4.sin_len); } -void -usage() +static void +usage(void) { - (void)fprintf(stderr, - "usage: syslogd [-f conffile] [-m markinterval] [-p logpath] [-u] [-n] [-s size]\n"); + fprintf(stderr, "%s\n%s\n%s\n%s\n", + "usage: syslogd [-46Acdknosuv] [-a allowed_peer]", + " [-b bind address] [-f config_file]", + " [-l log_socket] [-m mark_interval]", + " [-P pid_file] [-p log_socket]"); exit(1); } @@ -415,10 +657,8 @@ usage() * Take a raw input line, decode the message, and print the message * on the appropriate log files. */ -void -printline(hname, msg) - char *hname; - char *msg; +static void +printline(const char *hname, char *msg) { int c, pri; char *p, *q, line[MAXLINE + 1]; @@ -437,25 +677,35 @@ printline(hname, msg) pri = DEFUPRI; /* don't allow users to log kernel messages */ - if (LOG_FAC(pri) == LOG_KERN) + if (LOG_FAC(pri) == LOG_KERN && !KeepKernFac) pri = LOG_MAKEPRI(LOG_USER, LOG_PRI(pri)); q = line; - while ((c = *p++) != '\0' && - q < &line[sizeof(line) - 2]) { - c &= 0177; - if (iscntrl(c)) - if (c == '\n') + while ((c = (unsigned char)*p++) != '\0' && + q < &line[sizeof(line) - 4]) { +#ifdef __APPLE__ + /* Gross installer hack to be removed 3314128 */ + if (LOG_FACMASK&pri != LOG_INSTALL) { + if ((c & 0x80) && c < 0xA0) { + c &= 0x7F; + *q++ = 'M'; + *q++ = '-'; + } + } +#endif + if (isascii(c) && iscntrl(c)) { + if (c == '\n') { *q++ = ' '; - else if (c == '\t') + } else if (c == '\t') { *q++ = '\t'; - else { + } else { *q++ = '^'; *q++ = c ^ 0100; } - else + } else { *q++ = c; + } } *q = '\0'; @@ -463,56 +713,127 @@ printline(hname, msg) } /* - * Take a raw input line from /dev/klog, split and format similar to syslog(). + * Read /dev/klog while data are available, split into lines. */ -void -printsys(msg) - char *msg; +static void +readklog(void) { - int c, pri, flags; - char *lp, *p, *q, line[MAXLINE + 1]; + char *p, *q, line[MAXLINE + 1]; + int len, i; - (void)strcpy(line, "mach_kernel: "); - lp = line + strlen(line); - for (p = msg; *p != '\0'; ) { - flags = SYNC_FILE | ADDDATE; /* fsync file after write */ - pri = DEFSPRI; - if (*p == '<') { - pri = 0; - while (isdigit(*++p)) - pri = 10 * pri + (*p - '0'); - if (*p == '>') - ++p; + len = 0; + for (;;) { + i = read(fklog, line + len, MAXLINE - 1 - len); + if (i > 0) { + line[i + len] = '\0'; } else { - /* kernel printf's come out on console */ - flags |= IGN_CONS; + if (i < 0 && errno != EINTR && errno != EAGAIN) { + logerror("klog"); + fklog = -1; + } + break; } - if (pri &~ (LOG_FACMASK|LOG_PRIMASK)) - pri = DEFSPRI; - q = lp; - while (*p != '\0' && (c = *p++) != '\n' && - q < &line[MAXLINE]) - *q++ = c; - *q = '\0'; - logmsg(pri, line, LocalHostName, flags); + + for (p = line; (q = strchr(p, '\n')) != NULL; p = q + 1) { + *q = '\0'; + printsys(p); + } + len = strlen(p); + if (len >= MAXLINE - 1) { + printsys(p); + len = 0; + } + if (len > 0) + memmove(line, p, len + 1); + } + if (len > 0) + printsys(line); +} + +/* + * Take a raw input line from /dev/klog, format similar to syslog(). + */ +static void +printsys(char *p) +{ + int pri, flags; + + flags = ISKERNEL | SYNC_FILE | ADDDATE; /* fsync after write */ + pri = DEFSPRI; + if (*p == '<') { + pri = 0; + while (isdigit(*++p)) + pri = 10 * pri + (*p - '0'); + if (*p == '>') + ++p; +#ifndef __APPLE__ + if ((pri & LOG_FACMASK) == LOG_CONSOLE) + flags |= IGN_CONS; +#endif + } else { + /* kernel printf's come out on console */ + flags |= IGN_CONS; } + if (pri &~ (LOG_FACMASK|LOG_PRIMASK)) + pri = DEFSPRI; + logmsg(pri, p, LocalHostName, flags); } -time_t now; +static time_t now; + +/* + * Match a program or host name against a specification. + * Return a non-0 value if the message must be ignored + * based on the specification. + */ +static int +skip_message(const char *name, const char *spec) { + const char *s; + char prev, next; + int exclude = 0; + /* Behaviour on explicit match */ + + if (spec == NULL) + return 0; + switch (*spec) { + case '-': + exclude = 1; + /*FALLTHROUGH*/ + case '+': + spec++; + break; + default: + break; + } + s = strstr (spec, name); + + if (s != NULL) { + prev = (s == spec ? ',' : *(s - 1)); + next = *(s + strlen (name)); + + if (prev == ',' && (next == '\0' || next == ',')) + /* Explicit match: skip iff the spec is an + exclusive one. */ + return exclude; + } + + /* No explicit match for this name: skip the message iff + the spec is an inclusive one. */ + return !exclude; +} /* * Log a message to the appropriate log files, users, etc. based on * the priority. */ -void -logmsg(pri, msg, from, flags) - int pri; - char *msg, *from; - int flags; +static void +logmsg(int pri, const char *msg, const char *from, int flags) { struct filed *f; - int fac, msglen, omask, prilev; - char *timestamp; + int i, fac, msglen, omask, prilev; + const char *timestamp; + char prog[NAME_MAX+1]; + char buf[MAXLINE+1]; dprintf("logmsg: pri %o, flags %x, from %s, msg %s\n", pri, flags, from, msg); @@ -528,14 +849,20 @@ logmsg(pri, msg, from, flags) flags |= ADDDATE; (void)time(&now); - if (flags & ADDDATE) + if (flags & ADDDATE) { timestamp = ctime(&now) + 4; - else { + } else { timestamp = msg; msg += 16; msglen -= 16; } + /* skip leading blanks */ + while (isspace(*msg)) { + msg++; + msglen--; + } + /* extract facility and priority level */ if (flags & MARK) fac = LOG_NFACILITIES; @@ -543,6 +870,22 @@ logmsg(pri, msg, from, flags) fac = LOG_FAC(pri); prilev = LOG_PRI(pri); + /* extract program name */ + for (i = 0; i < NAME_MAX; i++) { + if (!isprint(msg[i]) || msg[i] == ':' || msg[i] == '[') + break; + prog[i] = msg[i]; + } + prog[i] = 0; + + /* add kernel prefix for kernel messages */ + if (flags & ISKERNEL) { + snprintf(buf, sizeof(buf), "%s: %s", + use_bootfile ? bootfile : "kernel", msg); + msg = buf; + msglen = strlen(buf); + } + /* log the message to the particular outputs */ if (!Initialized) { f = &consfile; @@ -557,10 +900,22 @@ logmsg(pri, msg, from, flags) } for (f = Files; f; f = f->f_next) { /* skip messages that are incorrect priority */ - if (f->f_pmask[fac] < prilev || - f->f_pmask[fac] == INTERNAL_NOPRI) + if (!(((f->f_pcmp[fac] & PRI_EQ) && (f->f_pmask[fac] == prilev)) + ||((f->f_pcmp[fac] & PRI_LT) && (f->f_pmask[fac] < prilev)) + ||((f->f_pcmp[fac] & PRI_GT) && (f->f_pmask[fac] > prilev)) + ) + || f->f_pmask[fac] == INTERNAL_NOPRI) + continue; + + /* skip messages with the incorrect hostname */ + if (skip_message(from, f->f_host)) + continue; + + /* skip messages with the incorrect program name */ + if (skip_message(prog, f->f_program)) continue; + /* skip message to console if it has already been printed */ if (f->f_type == F_CONSOLE && (flags & IGN_CONS)) continue; @@ -571,13 +926,14 @@ logmsg(pri, msg, from, flags) /* * suppress duplicate lines to this file */ - if ((flags & MARK) == 0 && msglen == f->f_prevlen && + if (no_compress - (f->f_type != F_PIPE) < 1 && + (flags & MARK) == 0 && msglen == f->f_prevlen && !strcmp(msg, f->f_prevline) && - !strcmp(from, f->f_prevhost)) { - (void)strncpy(f->f_lasttime, timestamp, 15); + !strcasecmp(from, f->f_prevhost)) { + (void)strlcpy(f->f_lasttime, timestamp, 16); f->f_prevcount++; dprintf("msg repeated %d times, %ld sec of %d\n", - f->f_prevcount, now - f->f_time, + f->f_prevcount, (long)(now - f->f_time), repeatinterval[f->f_repeatcount]); /* * If domark would have logged this by now, @@ -594,13 +950,13 @@ logmsg(pri, msg, from, flags) if (f->f_prevcount) fprintlog(f, 0, (char *)NULL); f->f_repeatcount = 0; - (void)strncpy(f->f_lasttime, timestamp, 15); - (void)strncpy(f->f_prevhost, from, - sizeof(f->f_prevhost)); + f->f_prevpri = pri; + (void)strlcpy(f->f_lasttime, timestamp, 16); + (void)strlcpy(f->f_prevhost, from, + sizeof(f->f_prevhost)); if (msglen < MAXSVLINE) { f->f_prevlen = msglen; - f->f_prevpri = pri; - (void)strcpy(f->f_prevline, msg); + (void)strlcpy(f->f_prevline, msg, sizeof(f->f_prevline)); fprintlog(f, flags, (char *)NULL); } else { f->f_prevline[0] = 0; @@ -612,24 +968,24 @@ logmsg(pri, msg, from, flags) (void)sigsetmask(omask); } -void -fprintlog(f, flags, msg) - struct filed *f; - int flags; - char *msg; +static void +fprintlog(struct filed *f, int flags, const char *msg) { - struct iovec iov[6]; + struct iovec iov[7]; struct iovec *v; - int l; - char line[MAXLINE + 1], repbuf[80], greetings[200]; + struct addrinfo *r; + int i, l, lsent = 0; + char line[MAXLINE + 1], repbuf[80], greetings[200], *wmsg = NULL; + const char *msgret; v = iov; if (f->f_type == F_WALL) { v->iov_base = greetings; - v->iov_len = snprintf(greetings, sizeof greetings, + v->iov_len = snprintf(greetings, sizeof greetings, "\r\n\7Message from syslogd@%s at %.24s ...\r\n", f->f_prevhost, ctime(&now)); - v++; + if (v->iov_len > 0) + v++; v->iov_base = ""; v->iov_len = 0; v++; @@ -641,6 +997,49 @@ fprintlog(f, flags, msg) v->iov_len = 1; v++; } + + if (LogFacPri) { + static char fp_buf[30]; /* Hollow laugh */ + int fac = f->f_prevpri & LOG_FACMASK; + int pri = LOG_PRI(f->f_prevpri); + const char *f_s = NULL; + char f_n[5]; /* Hollow laugh */ + const char *p_s = NULL; + char p_n[5]; /* Hollow laugh */ + + if (LogFacPri > 1) { + CODE *c; + + for (c = facilitynames; c->c_name; c++) { + if (c->c_val == fac) { + f_s = c->c_name; + break; + } + } + for (c = prioritynames; c->c_name; c++) { + if (c->c_val == pri) { + p_s = c->c_name; + break; + } + } + } + if (!f_s) { + snprintf(f_n, sizeof f_n, "%d", LOG_FAC(fac)); + f_s = f_n; + } + if (!p_s) { + snprintf(p_n, sizeof p_n, "%d", pri); + p_s = p_n; + } + snprintf(fp_buf, sizeof fp_buf, "<%s.%s> ", f_s, p_s); + v->iov_base = fp_buf; + v->iov_len = strlen(fp_buf); + } else { + v->iov_base=""; + v->iov_len = 0; + } + v++; + v->iov_base = f->f_prevhost; v->iov_len = strlen(v->iov_base); v++; @@ -649,18 +1048,65 @@ fprintlog(f, flags, msg) v++; if (msg) { - v->iov_base = msg; + wmsg = strdup(msg); /* XXX iov_base needs a `const' sibling. */ + if (wmsg == NULL) { + logerror("strdup"); + exit(1); + } + v->iov_base = wmsg; v->iov_len = strlen(msg); } else if (f->f_prevcount > 1) { v->iov_base = repbuf; - v->iov_len = snprintf(repbuf, sizeof repbuf, "last message repeated %d times", - f->f_prevcount); + v->iov_len = snprintf(repbuf, sizeof repbuf, + "last message repeated %d times", f->f_prevcount); } else { v->iov_base = f->f_prevline; v->iov_len = f->f_prevlen; } v++; + if (f->f_file == -1) { + int oflags = O_WRONLY|O_APPEND; + struct group *gr; + struct stat sb; + int mode = 0640; + int exists = 0; + + if( stat(f->f_un.f_fname, &sb) == 0 ) { + mode = 0; + exists++; + } + if (create_files && !exists) + oflags |= O_CREAT; + if ((f->f_file = open(f->f_un.f_fname, oflags, mode)) < 0) { + f->f_type = F_UNUSED; + /* We can no longer log this error, since calling + * logerror() could bring us back here again. + * Instead, call dprintf(), which will aid in + * debugging, but not cause the looping. + */ + dprintf("Error openning %s", f->f_un.f_fname); + if (msg) free(wmsg); + return; + } + /* Only chown the file if we created it. If it already + * existed, leave whatever was there. + */ + if( !exists ) { + gr = getgrnam("admin"); + if( gr ) + fchown(f->f_file, 0, gr->gr_gid); + if (f->f_type == F_CHECKTTY) { + if (isatty(f->f_file)) { + if (strcmp(f->f_un.f_fname, ctty) == 0) + f->f_type = F_CONSOLE; + else + f->f_type = F_TTY; + } + } + } + } + dprintf("Logging to %s", TypeNames[f->f_type]); f->f_time = now; @@ -671,18 +1117,101 @@ fprintlog(f, flags, msg) case F_FORW: dprintf(" %s\n", f->f_un.f_forw.f_hname); - l = snprintf(line, sizeof line, "<%d>%.15s %s", f->f_prevpri, - iov[0].iov_base, iov[4].iov_base); - if (l > MAXLINE) + /* check for local vs remote messages */ + if (strcasecmp(f->f_prevhost, LocalHostName)) + l = snprintf(line, sizeof line - 1, + "<%d>%.15s Forwarded from %s: %s", + f->f_prevpri, iov[0].iov_base, f->f_prevhost, + iov[5].iov_base); + else + l = snprintf(line, sizeof line - 1, "<%d>%.15s %s", + f->f_prevpri, iov[0].iov_base, iov[5].iov_base); + if (l < 0) + l = 0; + else if (l > MAXLINE) l = MAXLINE; - if (sendto(finet, line, l, 0, - (struct sockaddr *)&f->f_un.f_forw.f_addr, - sizeof(f->f_un.f_forw.f_addr)) != l) { + + if (finet) { + for (r = f->f_un.f_forw.f_addr; r; r = r->ai_next) { + for (i = 0; i < *finet; i++) { +#if 0 + /* + * should we check AF first, or just + * trial and error? FWD + */ + if (r->ai_family == + address_family_of(finet[i+1])) +#endif + lsent = sendto(finet[i+1], line, l, 0, + r->ai_addr, r->ai_addrlen); + if (lsent == l) + break; + } + if (lsent == l && !send_to_all) + break; + } + dprintf("lsent/l: %d/%d\n", lsent, l); + if (lsent != l) { + int e = errno; + logerror("sendto"); + errno = e; + switch (errno) { + case EHOSTUNREACH: + case EHOSTDOWN: + break; + /* case EBADF: */ + /* case EACCES: */ + /* case ENOTSOCK: */ + /* case EFAULT: */ + /* case EMSGSIZE: */ + /* case EAGAIN: */ + /* case ENOBUFS: */ + /* case ECONNREFUSED: */ + default: + dprintf("removing entry\n", e); + (void)close(f->f_file); + f->f_type = F_UNUSED; + break; + } + } + } + break; + + case F_FILE: + dprintf(" %s\n", f->f_un.f_fname); + v->iov_base = "\n"; + v->iov_len = 1; + if (writev(f->f_file, iov, 7) < 0) { int e = errno; (void)close(f->f_file); f->f_type = F_UNUSED; errno = e; - logerror("sendto"); + logerror(f->f_un.f_fname); + } else if (flags & SYNC_FILE) + (void)fsync(f->f_file); + break; + + case F_PIPE: + dprintf(" %s\n", f->f_un.f_pipe.f_pname); + v->iov_base = "\n"; + v->iov_len = 1; + if (f->f_un.f_pipe.f_pid == 0) { + if ((f->f_file = p_open(f->f_un.f_pipe.f_pname, + &f->f_un.f_pipe.f_pid)) < 0) { + f->f_type = F_UNUSED; + logerror(f->f_un.f_pipe.f_pname); + break; + } + } + if (writev(f->f_file, iov, 7) < 0) { + int e = errno; + (void)close(f->f_file); + if (f->f_un.f_pipe.f_pid > 0) + deadq_enter(f->f_un.f_pipe.f_pid, + f->f_un.f_pipe.f_pname); + f->f_un.f_pipe.f_pid = 0; + errno = e; + logerror(f->f_un.f_pipe.f_pname); } break; @@ -694,37 +1223,15 @@ fprintlog(f, flags, msg) /* FALLTHROUGH */ case F_TTY: - case F_FILE: - dprintf(" %s\n", f->f_un.f_fname); - if (f->f_type != F_FILE) { - v->iov_base = "\r\n"; - v->iov_len = 2; - } else { - v->iov_base = "\n"; - v->iov_len = 1; + dprintf(" %s%s\n", _PATH_DEV, f->f_un.f_fname); + v->iov_base = "\r\n"; + v->iov_len = 2; + + errno = 0; /* ttymsg() only sometimes returns an errno */ + if ((msgret = ttymsg(iov, 7, f->f_un.f_fname, 10))) { + f->f_type = F_UNUSED; + logerror(msgret); } - again: - if (writev(f->f_file, iov, 6) < 0) { - int e = errno; - (void)close(f->f_file); - /* - * Check for errors on TTY's due to loss of tty - */ - if ((e == EIO || e == EBADF) && f->f_type != F_FILE) { - f->f_file = open(f->f_un.f_fname, - O_WRONLY|O_APPEND, 0); - if (f->f_file < 0) { - f->f_type = F_UNUSED; - logerror(f->f_un.f_fname); - } else - goto again; - } else { - f->f_type = F_UNUSED; - errno = e; - logerror(f->f_un.f_fname); - } - } else if (flags & SYNC_FILE) - (void)fsync(f->f_file); break; case F_USERS: @@ -736,6 +1243,8 @@ fprintlog(f, flags, msg) break; } f->f_prevcount = 0; + if (msg) + free(wmsg); } /* @@ -744,16 +1253,14 @@ fprintlog(f, flags, msg) * Write the specified message to either the entire * world, or a list of approved users. */ -void -wallmsg(f, iov) - struct filed *f; - struct iovec *iov; +static void +wallmsg(struct filed *f, struct iovec *iov) { static int reenter; /* avoid calling ourselves */ FILE *uf; struct utmp ut; int i; - char *p; + const char *p; char line[sizeof(ut.ut_line) + 1]; if (reenter++) @@ -767,10 +1274,9 @@ wallmsg(f, iov) while (fread((char *)&ut, sizeof(ut), 1, uf) == 1) { if (ut.ut_name[0] == '\0') continue; - strncpy(line, ut.ut_line, sizeof(ut.ut_line)); - line[sizeof(ut.ut_line)] = '\0'; + (void)strlcpy(line, ut.ut_line, sizeof(line)); if (f->f_type == F_WALL) { - if ((p = ttymsg(iov, 6, line, 60*5)) != NULL) { + if ((p = ttymsg(iov, 7, line, TTYMSGTIME)) != NULL) { errno = 0; /* already in msg */ logerror(p); } @@ -782,7 +1288,8 @@ wallmsg(f, iov) break; if (!strncmp(f->f_un.f_uname[i], ut.ut_name, UT_NAMESIZE)) { - if ((p = ttymsg(iov, 6, line, 60*5)) != NULL) { + if ((p = ttymsg(iov, 7, line, TTYMSGTIME)) + != NULL) { errno = 0; /* already in msg */ logerror(p); } @@ -794,129 +1301,175 @@ wallmsg(f, iov) reenter = 0; } -void -reapchild(signo) - int signo; +static void +reapchild(int signo ) { - union wait status; + int status; + pid_t pid; + struct filed *f; - while (wait3((int *)&status, WNOHANG, (struct rusage *)NULL) > 0) - ; + while ((pid = wait3(&status, WNOHANG, (struct rusage *)NULL)) > 0) { + if (!Initialized) + /* Don't tell while we are initting. */ + continue; + + /* First, look if it's a process from the dead queue. */ + if (deadq_remove(pid)) + goto oncemore; + + /* Now, look in list of active processes. */ + for (f = Files; f; f = f->f_next) + if (f->f_type == F_PIPE && + f->f_un.f_pipe.f_pid == pid) { + (void)close(f->f_file); + f->f_un.f_pipe.f_pid = 0; + log_deadchild(pid, status, + f->f_un.f_pipe.f_pname); + break; + } + oncemore: + continue; + } } /* * Return a printable representation of a host address. */ -char * -cvthname(f) - struct sockaddr_in *f; +static const char * +cvthname(struct sockaddr *f) { - struct hostent *hp; + int error; + sigset_t omask, nmask; char *p; + static char hname[NI_MAXHOST], ip[NI_MAXHOST]; - dprintf("cvthname(%s)\n", inet_ntoa(f->sin_addr)); + error = getnameinfo((struct sockaddr *)f, + ((struct sockaddr *)f)->sa_len, + ip, sizeof ip, NULL, 0, + NI_NUMERICHOST | withscopeid); + dprintf("cvthname(%s)\n", ip); - if (f->sin_family != AF_INET) { - dprintf("Malformed from address\n"); + if (error) { + dprintf("Malformed from address %s\n", gai_strerror(error)); return ("???"); } - if (NoAddressToName) { - hp = 0; - } else { - hp = gethostbyaddr((char *)&f->sin_addr, - sizeof(struct in_addr), f->sin_family); - dprintf("Host name for your address (%s) unknown\n", - inet_ntoa(f->sin_addr)); - } - if (hp == 0) - return (inet_ntoa(f->sin_addr)); - - if ((p = strchr(hp->h_name, '.')) && strcmp(p + 1, LocalDomain) == 0) + if (!resolve) + return (ip); + + sigemptyset(&nmask); + sigaddset(&nmask, SIGHUP); + sigprocmask(SIG_BLOCK, &nmask, &omask); + error = getnameinfo((struct sockaddr *)f, + ((struct sockaddr *)f)->sa_len, + hname, sizeof hname, NULL, 0, + NI_NAMEREQD | withscopeid); + sigprocmask(SIG_SETMASK, &omask, NULL); + if (error) { + dprintf("Host name for your address (%s) unknown\n", ip); + return (ip); + } + /* XXX Not quite correct, but close enough for government work. */ + if ((p = strchr(hname, '.')) && strcasecmp(p + 1, LocalDomain) == 0) *p = '\0'; - return (hp->h_name); + return (hname); } -void -domark(signo) - int signo; +static void +dodie(int signo) { - struct filed *f; - now = time((time_t *)NULL); - MarkSeq += TIMERINTVL; - if (MarkSeq >= MarkInterval) { - logmsg(LOG_INFO, "-- MARK --", LocalHostName, ADDDATE|MARK); - MarkSeq = 0; - } + WantDie = signo; +} - for (f = Files; f; f = f->f_next) { - if (f->f_prevcount && now >= REPEATTIME(f)) { - dprintf("flush %s: repeated %d times, %d sec.\n", - TypeNames[f->f_type], f->f_prevcount, - repeatinterval[f->f_repeatcount]); - fprintlog(f, 0, (char *)NULL); - BACKOFF(f); - } - } - (void)alarm(TIMERINTVL); +static void +domark(int signo ) +{ + + MarkSet = 1; } /* * Print syslogd errors some place. */ -void -logerror(type) - char *type; +static void +logerror(const char *type) { - char buf[100]; + char buf[512]; if (errno) (void)snprintf(buf, - sizeof(buf), "syslogd: %s: %s", type, strerror(errno)); + sizeof buf, "syslogd: %s: %s", type, strerror(errno)); else - (void)snprintf(buf, sizeof(buf), "syslogd: %s", type); + (void)snprintf(buf, sizeof buf, "syslogd: %s", type); errno = 0; dprintf("%s\n", buf); logmsg(LOG_SYSLOG|LOG_ERR, buf, LocalHostName, ADDDATE); } -void -die(signo) - int signo; +static void +die(int signo) { struct filed *f; + int was_initialized; char buf[100]; + int i; + was_initialized = Initialized; + Initialized = 0; /* Don't log SIGCHLDs. */ for (f = Files; f != NULL; f = f->f_next) { /* flush any pending output */ if (f->f_prevcount) fprintlog(f, 0, (char *)NULL); + if (f->f_type == F_PIPE) + (void)close(f->f_file); } + Initialized = was_initialized; if (signo) { dprintf("syslogd: exiting on signal %d\n", signo); - (void)snprintf(buf, sizeof buf, "exiting on signal %d", signo); + (void)snprintf(buf, sizeof(buf), "exiting on signal %d", signo); errno = 0; logerror(buf); } - (void)unlink(LogName); - exit(0); + for (i = 0; i < nfunix; i++) + if (funixn[i] && funix[i] != -1) + (void)unlink(funixn[i]); + exit(1); } /* * INIT -- Initialize syslogd from configuration table */ -void -init(signo) - int signo; +static void +init(int signo) { int i; FILE *cf; struct filed *f, *next, **nextp; char *p; char cline[LINE_MAX]; + char prog[NAME_MAX+1]; + char host[MAXHOSTNAMELEN]; + char oldLocalHostName[MAXHOSTNAMELEN]; + char hostMsg[2*MAXHOSTNAMELEN+40]; + char bootfileMsg[LINE_MAX]; dprintf("init\n"); + /* + * Load hostname (may have changed). + */ + if (signo != 0) + (void)strlcpy(oldLocalHostName, LocalHostName, + sizeof(oldLocalHostName)); + if (gethostname(LocalHostName, sizeof(LocalHostName))) + err(EX_OSERR, "gethostname() failed"); + if ((p = strchr(LocalHostName, '.')) != NULL) { + *p++ = '\0'; + LocalDomain = p; + } else { + LocalDomain = ""; + } + /* * Close all open log files. */ @@ -928,13 +1481,22 @@ init(signo) switch (f->f_type) { case F_FILE: - case F_TTY: - case F_CONSOLE: case F_FORW: + case F_CONSOLE: + case F_TTY: + (void)close(f->f_file); + break; + case F_PIPE: (void)close(f->f_file); + if (f->f_un.f_pipe.f_pid > 0) + deadq_enter(f->f_un.f_pipe.f_pid, + f->f_un.f_pipe.f_pname); + f->f_un.f_pipe.f_pid = 0; break; } next = f->f_next; + if (f->f_program) free(f->f_program); + if (f->f_host) free(f->f_host); free((char *)f); } Files = NULL; @@ -944,9 +1506,17 @@ init(signo) if ((cf = fopen(ConfFile, "r")) == NULL) { dprintf("cannot open %s\n", ConfFile); *nextp = (struct filed *)calloc(1, sizeof(*f)); - cfline("*.ERR\t/dev/console", *nextp); + if (*nextp == NULL) { + logerror("calloc"); + exit(1); + } + cfline("*.ERR\t/dev/console", *nextp, "*", "*"); (*nextp)->f_next = (struct filed *)calloc(1, sizeof(*f)); - cfline("*.PANIC\t*", (*nextp)->f_next); + if ((*nextp)->f_next == NULL) { + logerror("calloc"); + exit(1); + } + cfline("*.PANIC\t*", (*nextp)->f_next, "*", "*"); Initialized = 1; return; } @@ -955,22 +1525,68 @@ init(signo) * Foreach line in the conf table, open that file. */ f = NULL; + (void)strlcpy(host, "*", sizeof(host)); + (void)strlcpy(prog, "*", sizeof(prog)); while (fgets(cline, sizeof(cline), cf) != NULL) { /* * check for end-of-section, comments, strip off trailing - * spaces and newline character. + * spaces and newline character. #!prog is treated specially: + * following lines apply only to that program. */ for (p = cline; isspace(*p); ++p) continue; - if (*p == NULL || *p == '#') + if (*p == 0) + continue; + if (*p == '#') { + p++; + if (*p != '!' && *p != '+' && *p != '-') + continue; + } + if (*p == '+' || *p == '-') { + host[0] = *p++; + while (isspace(*p)) + p++; + if ((!*p) || (*p == '*')) { + (void)strlcpy(host, "*", sizeof(host)); + continue; + } + if (*p == '@') + p = LocalHostName; + for (i = 1; i < MAXHOSTNAMELEN - 1; i++) { + if (!isalnum(*p) && *p != '.' && *p != '-' + && *p != ',') + break; + host[i] = *p++; + } + host[i] = '\0'; + continue; + } + if (*p == '!') { + p++; + while (isspace(*p)) p++; + if ((!*p) || (*p == '*')) { + (void)strlcpy(prog, "*", sizeof(prog)); + continue; + } + for (i = 0; i < NAME_MAX; i++) { + if (!isprint(p[i])) + break; + prog[i] = p[i]; + } + prog[i] = 0; continue; + } for (p = strchr(cline, '\0'); isspace(*--p);) continue; *++p = '\0'; f = (struct filed *)calloc(1, sizeof(*f)); + if (f == NULL) { + logerror("calloc"); + exit(1); + } *nextp = f; nextp = &f->f_next; - cfline(cline, f); + cfline(cline, f, prog, host); } /* close the configuration file */ @@ -988,42 +1604,70 @@ init(signo) printf("%s: ", TypeNames[f->f_type]); switch (f->f_type) { case F_FILE: - case F_TTY: - case F_CONSOLE: printf("%s", f->f_un.f_fname); break; + case F_CONSOLE: + case F_TTY: + printf("%s%s", _PATH_DEV, f->f_un.f_fname); + break; + case F_FORW: printf("%s", f->f_un.f_forw.f_hname); break; + case F_PIPE: + printf("%s", f->f_un.f_pipe.f_pname); + break; + case F_USERS: for (i = 0; i < MAXUNAMES && *f->f_un.f_uname[i]; i++) printf("%s, ", f->f_un.f_uname[i]); break; } + if (f->f_program) + printf(" (%s)", f->f_program); printf("\n"); } } logmsg(LOG_SYSLOG|LOG_INFO, "syslogd: restart", LocalHostName, ADDDATE); dprintf("syslogd: restarted\n"); + /* + * Log a change in hostname, but only on a restart. + */ + if (signo != 0 && strcmp(oldLocalHostName, LocalHostName) != 0) { + (void)snprintf(hostMsg, sizeof(hostMsg), + "syslogd: hostname changed, \"%s\" to \"%s\"", + oldLocalHostName, LocalHostName); + logmsg(LOG_SYSLOG|LOG_INFO, hostMsg, LocalHostName, ADDDATE); + dprintf("%s\n", hostMsg); + } + /* + * Log the kernel boot file if we aren't going to use it as + * the prefix, and if this is *not* a restart. + */ + if (signo == 0 && !use_bootfile) { + (void)snprintf(bootfileMsg, sizeof(bootfileMsg), + "syslogd: kernel boot file is %s", bootfile); + logmsg(LOG_KERN|LOG_INFO, bootfileMsg, LocalHostName, ADDDATE); + dprintf("%s\n", bootfileMsg); + } } /* * Crack a configuration file line */ -void -cfline(line, f) - char *line; - struct filed *f; +static void +cfline(const char *line, struct filed *f, const char *prog, const char *host) { - struct hostent *hp; - int i, pri; - char *bp, *p, *q; + struct addrinfo hints, *res; + int error, i, pri; + const char *p, *q; + char *bp, *port; char buf[MAXLINE], ebuf[100]; - dprintf("cfline(%s)\n", line); + dprintf("cfline(\"%s\", f, \"%s\", \"%s\")\n", line, prog, host); errno = 0; /* keep strerror() stuff out of logerror messages */ @@ -1032,53 +1676,127 @@ cfline(line, f) for (i = 0; i <= LOG_NFACILITIES; i++) f->f_pmask[i] = INTERNAL_NOPRI; + /* save hostname if any */ + if (host && *host == '*') + host = NULL; + if (host) { + int hl, dl; + + f->f_host = strdup(host); + if (f->f_host == NULL) { + logerror("strdup"); + exit(1); + } + hl = strlen(f->f_host); + if (f->f_host[hl-1] == '.') + f->f_host[--hl] = '\0'; + dl = strlen(LocalDomain) + 1; + if (hl > dl && f->f_host[hl-dl] == '.' && + strcasecmp(f->f_host + hl - dl + 1, LocalDomain) == 0) + f->f_host[hl-dl] = '\0'; + } + + /* save program name if any */ + if (prog && *prog == '*') + prog = NULL; + if (prog) { + f->f_program = strdup(prog); + if (f->f_program == NULL) { + logerror("strdup"); + exit(1); + } + } + /* scan through the list of selectors */ - for (p = line; *p && *p != '\t';) { + for (p = line; *p && *p != '\t' && *p != ' ';) { + int pri_done; + int pri_cmp; + int pri_invert; /* find the end of this facility name list */ - for (q = p; *q && *q != '\t' && *q++ != '.'; ) + for (q = p; *q && *q != '\t' && *q != ' ' && *q++ != '.'; ) continue; + /* get the priority comparison */ + pri_cmp = 0; + pri_done = 0; + pri_invert = 0; + if (*q == '!') { + pri_invert = 1; + q++; + } + while (!pri_done) { + switch (*q) { + case '<': + pri_cmp |= PRI_LT; + q++; + break; + case '=': + pri_cmp |= PRI_EQ; + q++; + break; + case '>': + pri_cmp |= PRI_GT; + q++; + break; + default: + pri_done++; + break; + } + } + /* collect priority name */ - for (bp = buf; *q && !strchr("\t,;", *q); ) + for (bp = buf; *q && !strchr("\t,; ", *q); ) *bp++ = *q++; *bp = '\0'; /* skip cruft */ - while (strchr(", ;", *q)) + while (strchr(",;", *q)) q++; /* decode priority name */ - if (*buf == '*') + if (*buf == '*') { pri = LOG_PRIMASK + 1; - else { + pri_cmp = PRI_LT | PRI_EQ | PRI_GT; + } else { pri = decode(buf, prioritynames); if (pri < 0) { - (void)snprintf(ebuf, sizeof ebuf, + (void)snprintf(ebuf, sizeof ebuf, "unknown priority name \"%s\"", buf); logerror(ebuf); return; } } + if (!pri_cmp) + pri_cmp = (UniquePriority) + ? (PRI_EQ) + : (PRI_EQ | PRI_GT) + ; + if (pri_invert) + pri_cmp ^= PRI_LT | PRI_EQ | PRI_GT; /* scan facilities */ - while (*p && !strchr("\t.;", *p)) { - for (bp = buf; *p && !strchr("\t,;.", *p); ) + while (*p && !strchr("\t.; ", *p)) { + for (bp = buf; *p && !strchr("\t,;. ", *p); ) *bp++ = *p++; *bp = '\0'; - if (*buf == '*') - for (i = 0; i < LOG_NFACILITIES; i++) + + if (*buf == '*') { + for (i = 0; i < LOG_NFACILITIES; i++) { f->f_pmask[i] = pri; - else { + f->f_pcmp[i] = pri_cmp; + } + } else { i = decode(buf, facilitynames); if (i < 0) { - (void)snprintf(ebuf, sizeof ebuf, + (void)snprintf(ebuf, sizeof ebuf, "unknown facility name \"%s\"", buf); logerror(ebuf); return; } f->f_pmask[i >> 3] = pri; + f->f_pcmp[i >> 3] = pri_cmp; } while (*p == ',' || *p == ' ') p++; @@ -1088,43 +1806,42 @@ cfline(line, f) } /* skip to action part */ - while (*p == '\t') + while (*p == '\t' || *p == ' ') p++; - switch (*p) - { + switch (*p) { case '@': - if (!InetInuse) - break; - (void)strcpy(f->f_un.f_forw.f_hname, ++p); - hp = gethostbyname(p); - if (hp == NULL) { - extern int h_errno; - - logerror(hstrerror(h_errno)); + port = p; + p = strsep(&port, ":"); + (void)strlcpy(f->f_un.f_forw.f_hname, ++p, + sizeof(f->f_un.f_forw.f_hname)); + memset(&hints, 0, sizeof(hints)); + hints.ai_family = family; + hints.ai_socktype = SOCK_DGRAM; + error = getaddrinfo(f->f_un.f_forw.f_hname, port ? port : "syslog", &hints, + &res); + if (error) { + logerror(gai_strerror(error)); break; } - memset(&f->f_un.f_forw.f_addr, 0, - sizeof(f->f_un.f_forw.f_addr)); - f->f_un.f_forw.f_addr.sin_family = AF_INET; - f->f_un.f_forw.f_addr.sin_port = LogPort; - memmove(&f->f_un.f_forw.f_addr.sin_addr, hp->h_addr, hp->h_length); + f->f_un.f_forw.f_addr = res; f->f_type = F_FORW; break; case '/': - (void)strcpy(f->f_un.f_fname, p); - if ((f->f_file = open(p, O_WRONLY|O_APPEND, 0)) < 0) { - f->f_file = F_UNUSED; - logerror(p); - break; - } - if (isatty(f->f_file)) - f->f_type = F_TTY; + /* Delay opening files until we're ready to log to them */ + f->f_file = -1; + if (strncmp(p, _PATH_DEV, sizeof(_PATH_DEV)) == 0) + f->f_type = F_CHECKTTY; else f->f_type = F_FILE; - if (strcmp(p, ctty) == 0) - f->f_type = F_CONSOLE; + (void)strlcpy(f->f_un.f_fname, p, sizeof(f->f_un.f_fname)); + break; + + case '|': + f->f_un.f_pipe.f_pid = 0; + (void)strlcpy(f->f_un.f_fname, p + 1, sizeof(f->f_un.f_fname)); + f->f_type = F_PIPE; break; case '*': @@ -1153,10 +1870,8 @@ cfline(line, f) /* * Decode a symbolic name to a numeric value */ -int -decode(name, codetab) - const char *name; - CODE *codetab; +static int +decode(const char *name, CODE *codetab) { CODE *c; char *p, buf[40]; @@ -1177,3 +1892,636 @@ decode(name, codetab) return (-1); } + +static void +markit(void) +{ + struct filed *f; + dq_t q, next; + + now = time((time_t *)NULL); + MarkSeq += TIMERINTVL; + if (MarkInterval && (MarkSeq >= MarkInterval)) { + logmsg(LOG_INFO, "-- MARK --", + LocalHostName, ADDDATE|MARK); + MarkSeq = 0; + } + + for (f = Files; f; f = f->f_next) { + if (f->f_prevcount && now >= REPEATTIME(f)) { + dprintf("flush %s: repeated %d times, %d sec.\n", + TypeNames[f->f_type], f->f_prevcount, + repeatinterval[f->f_repeatcount]); + fprintlog(f, 0, (char *)NULL); + BACKOFF(f); + } + } + + /* Walk the dead queue, and see if we should signal somebody. */ + for (q = TAILQ_FIRST(&deadq_head); q != NULL; q = next) { + next = TAILQ_NEXT(q, dq_entries); + + switch (q->dq_timeout) { + case 0: + /* Already signalled once, try harder now. */ + if (kill(q->dq_pid, SIGKILL) != 0) + (void)deadq_remove(q->dq_pid); + break; + + case 1: + /* + * Timed out on dead queue, send terminate + * signal. Note that we leave the removal + * from the dead queue to reapchild(), which + * will also log the event (unless the process + * didn't even really exist, in case we simply + * drop it from the dead queue). + */ + if (kill(q->dq_pid, SIGTERM) != 0) + (void)deadq_remove(q->dq_pid); + /* FALLTHROUGH */ + + default: + q->dq_timeout--; + } + } + MarkSet = 0; + (void)alarm(TIMERINTVL); +} + +/* + * fork off and become a daemon, but wait for the child to come online + * before returing to the parent, or we get disk thrashing at boot etc. + * Set a timer so we don't hang forever if it wedges. + */ +static int +waitdaemon(int nochdir, int noclose, int maxwait) +{ + int fd; + int status; + pid_t pid, childpid; + + switch (childpid = fork()) { + case -1: + return (-1); + case 0: + break; + default: + signal(SIGALRM, timedout); + alarm(maxwait); + while ((pid = wait3(&status, 0, NULL)) != -1) { + if (WIFEXITED(status)) + errx(1, "child pid %d exited with return code %d", + pid, WEXITSTATUS(status)); + if (WIFSIGNALED(status)) + errx(1, "child pid %d exited on signal %d%s", + pid, WTERMSIG(status), + WCOREDUMP(status) ? " (core dumped)" : + ""); + if (pid == childpid) /* it's gone... */ + break; + } + exit(0); + } + + if (setsid() == -1) + return (-1); + + if (!nochdir) + (void)chdir("/"); + + if (!noclose && (fd = open(_PATH_DEVNULL, O_RDWR, 0)) != -1) { + (void)dup2(fd, STDIN_FILENO); + (void)dup2(fd, STDOUT_FILENO); + (void)dup2(fd, STDERR_FILENO); + if (fd > 2) + (void)close (fd); + } + return (getppid()); +} + +/* + * We get a SIGALRM from the child when it's running and finished doing it's + * fsync()'s or O_SYNC writes for all the boot messages. + * + * We also get a signal from the kernel if the timer expires, so check to + * see what happened. + */ +static void +timedout(int sig ) +{ + int left; + left = alarm(0); + signal(SIGALRM, SIG_DFL); + if (left == 0) + errx(1, "timed out waiting for child"); + else + _exit(0); +} + +/* + * Add `s' to the list of allowable peer addresses to accept messages + * from. + * + * `s' is a string in the form: + * + * [*]domainname[:{servicename|portnumber|*}] + * + * or + * + * netaddr/maskbits[:{servicename|portnumber|*}] + * + * Returns -1 on error, 0 if the argument was valid. + */ +static int +allowaddr(char *s) +{ + char *cp1, *cp2; + struct allowedpeer ap; + struct servent *se; + int masklen = -1, i; + struct addrinfo hints, *res; + struct in_addr *addrp, *maskp; + u_int32_t *addr6p, *mask6p; + char ip[NI_MAXHOST]; + +#ifdef INET6 + if (*s != '[' || (cp1 = strchr(s + 1, ']')) == NULL) +#endif + cp1 = s; + if ((cp1 = strrchr(cp1, ':'))) { + /* service/port provided */ + *cp1++ = '\0'; + if (strlen(cp1) == 1 && *cp1 == '*') + /* any port allowed */ + ap.port = 0; + else if ((se = getservbyname(cp1, "udp"))) { + ap.port = ntohs(se->s_port); + } else { + ap.port = strtol(cp1, &cp2, 0); + if (*cp2 != '\0') + return (-1); /* port not numeric */ + } + } else { + if ((se = getservbyname("syslog", "udp"))) + ap.port = ntohs(se->s_port); + else + /* sanity, should not happen */ + ap.port = 514; + } + + if ((cp1 = strchr(s, '/')) != NULL && + strspn(cp1 + 1, "0123456789") == strlen(cp1 + 1)) { + *cp1 = '\0'; + if ((masklen = atoi(cp1 + 1)) < 0) + return (-1); + } +#ifdef INET6 + if (*s == '[') { + cp2 = s + strlen(s) - 1; + if (*cp2 == ']') { + ++s; + *cp2 = '\0'; + } else { + cp2 = NULL; + } + } else { + cp2 = NULL; + } +#endif + memset(&hints, 0, sizeof(hints)); + hints.ai_family = PF_UNSPEC; + hints.ai_socktype = SOCK_DGRAM; + hints.ai_flags = AI_PASSIVE | AI_NUMERICHOST; + if (getaddrinfo(s, NULL, &hints, &res) == 0) { + ap.isnumeric = 1; + memcpy(&ap.a_addr, res->ai_addr, res->ai_addrlen); + memset(&ap.a_mask, 0, sizeof(ap.a_mask)); + ap.a_mask.ss_family = res->ai_family; + if (res->ai_family == AF_INET) { + ap.a_mask.ss_len = sizeof(struct sockaddr_in); + maskp = &((struct sockaddr_in *)&ap.a_mask)->sin_addr; + addrp = &((struct sockaddr_in *)&ap.a_addr)->sin_addr; + if (masklen < 0) { + /* use default netmask */ + if (IN_CLASSA(ntohl(addrp->s_addr))) + maskp->s_addr = htonl(IN_CLASSA_NET); + else if (IN_CLASSB(ntohl(addrp->s_addr))) + maskp->s_addr = htonl(IN_CLASSB_NET); + else + maskp->s_addr = htonl(IN_CLASSC_NET); + } else if (masklen <= 32) { + /* convert masklen to netmask */ + if (masklen == 0) + maskp->s_addr = 0; + else + maskp->s_addr = htonl(~((1 << (32 - masklen)) - 1)); + } else { + freeaddrinfo(res); + return (-1); + } + /* Lose any host bits in the network number. */ + addrp->s_addr &= maskp->s_addr; + } +#ifdef INET6 + else if (res->ai_family == AF_INET6 && masklen <= 128) { + ap.a_mask.ss_len = sizeof(struct sockaddr_in6); + if (masklen < 0) + masklen = 128; + mask6p = (u_int32_t *)&((struct sockaddr_in6 *)&ap.a_mask)->sin6_addr; + /* convert masklen to netmask */ + while (masklen > 0) { + if (masklen < 32) { + *mask6p = htonl(~(0xffffffff >> masklen)); + break; + } + *mask6p++ = 0xffffffff; + masklen -= 32; + } + /* Lose any host bits in the network number. */ + mask6p = (u_int32_t *)&((struct sockaddr_in6 *)&ap.a_mask)->sin6_addr; + addr6p = (u_int32_t *)&((struct sockaddr_in6 *)&ap.a_addr)->sin6_addr; + for (i = 0; i < 4; i++) + addr6p[i] &= mask6p[i]; + } +#endif + else { + freeaddrinfo(res); + return (-1); + } + freeaddrinfo(res); + } else { + /* arg `s' is domain name */ + ap.isnumeric = 0; + ap.a_name = s; + if (cp1) + *cp1 = '/'; +#ifdef INET6 + if (cp2) { + *cp2 = ']'; + --s; + } +#endif + } + + if (Debug) { + printf("allowaddr: rule %d: ", NumAllowed); + if (ap.isnumeric) { + printf("numeric, "); + getnameinfo((struct sockaddr *)&ap.a_addr, + ((struct sockaddr *)&ap.a_addr)->sa_len, + ip, sizeof ip, NULL, 0, + NI_NUMERICHOST | withscopeid); + printf("addr = %s, ", ip); + getnameinfo((struct sockaddr *)&ap.a_mask, + ((struct sockaddr *)&ap.a_mask)->sa_len, + ip, sizeof ip, NULL, 0, + NI_NUMERICHOST | withscopeid); + printf("mask = %s; ", ip); + } else { + printf("domainname = %s; ", ap.a_name); + } + printf("port = %d\n", ap.port); + } + + if ((AllowedPeers = realloc(AllowedPeers, + ++NumAllowed * sizeof(struct allowedpeer))) + == NULL) { + logerror("realloc"); + exit(1); + } + memcpy(&AllowedPeers[NumAllowed - 1], &ap, sizeof(struct allowedpeer)); + return (0); +} + +/* + * Validate that the remote peer has permission to log to us. + */ +static int +validate(struct sockaddr *sa, const char *hname) +{ + int i, j, reject; + size_t l1, l2; + char *cp, name[NI_MAXHOST], ip[NI_MAXHOST], port[NI_MAXSERV]; + struct allowedpeer *ap; + struct sockaddr_in *sin4, *a4p = NULL, *m4p = NULL; + struct sockaddr_in6 *sin6, *a6p = NULL, *m6p = NULL; + struct addrinfo hints, *res; + u_short sport; + + if (NumAllowed == 0) + /* traditional behaviour, allow everything */ + return (1); + + (void)strlcpy(name, hname, sizeof(name)); + memset(&hints, 0, sizeof(hints)); + hints.ai_family = PF_UNSPEC; + hints.ai_socktype = SOCK_DGRAM; + hints.ai_flags = AI_PASSIVE | AI_NUMERICHOST; + if (getaddrinfo(name, NULL, &hints, &res) == 0) + freeaddrinfo(res); + else if (strchr(name, '.') == NULL) { + strlcat(name, ".", sizeof name); + strlcat(name, LocalDomain, sizeof name); + } + if (getnameinfo(sa, sa->sa_len, ip, sizeof ip, port, sizeof port, + NI_NUMERICHOST | withscopeid | NI_NUMERICSERV) != 0) + return (0); /* for safety, should not occur */ + dprintf("validate: dgram from IP %s, port %s, name %s;\n", + ip, port, name); + sport = atoi(port); + + /* now, walk down the list */ + for (i = 0, ap = AllowedPeers; i < NumAllowed; i++, ap++) { + if (ap->port != 0 && ap->port != sport) { + dprintf("rejected in rule %d due to port mismatch.\n", i); + continue; + } + + if (ap->isnumeric) { + if (ap->a_addr.ss_family != sa->sa_family) { + dprintf("rejected in rule %d due to address family mismatch.\n", i); + continue; + } + if (ap->a_addr.ss_family == AF_INET) { + sin4 = (struct sockaddr_in *)sa; + a4p = (struct sockaddr_in *)&ap->a_addr; + m4p = (struct sockaddr_in *)&ap->a_mask; + if ((sin4->sin_addr.s_addr & m4p->sin_addr.s_addr) + != a4p->sin_addr.s_addr) { + dprintf("rejected in rule %d due to IP mismatch.\n", i); + continue; + } + } +#ifdef INET6 + else if (ap->a_addr.ss_family == AF_INET6) { + sin6 = (struct sockaddr_in6 *)sa; + a6p = (struct sockaddr_in6 *)&ap->a_addr; + m6p = (struct sockaddr_in6 *)&ap->a_mask; +#ifdef NI_WITHSCOPEID + if (a6p->sin6_scope_id != 0 && + sin6->sin6_scope_id != a6p->sin6_scope_id) { + dprintf("rejected in rule %d due to scope mismatch.\n", i); + continue; + } +#endif + reject = 0; + for (j = 0; j < 16; j += 4) { + if ((*(u_int32_t *)&sin6->sin6_addr.s6_addr[j] & *(u_int32_t *)&m6p->sin6_addr.s6_addr[j]) + != *(u_int32_t *)&a6p->sin6_addr.s6_addr[j]) { + ++reject; + break; + } + } + if (reject) { + dprintf("rejected in rule %d due to IP mismatch.\n", i); + continue; + } + } +#endif + else + continue; + } else { + cp = ap->a_name; + l1 = strlen(name); + if (*cp == '*') { + /* allow wildmatch */ + cp++; + l2 = strlen(cp); + if (l2 > l1 || memcmp(cp, &name[l1 - l2], l2) != 0) { + dprintf("rejected in rule %d due to name mismatch.\n", i); + continue; + } + } else { + /* exact match */ + l2 = strlen(cp); + if (l2 != l1 || memcmp(cp, name, l1) != 0) { + dprintf("rejected in rule %d due to name mismatch.\n", i); + continue; + } + } + } + dprintf("accepted in rule %d.\n", i); + return (1); /* hooray! */ + } + return (0); +} + +/* + * Fairly similar to popen(3), but returns an open descriptor, as + * opposed to a FILE *. + */ +static int +p_open(const char *prog, pid_t *pid) +{ + int pfd[2], nulldesc, i; + sigset_t omask, mask; + char *argv[4]; /* sh -c cmd NULL */ + char errmsg[200]; + + if (pipe(pfd) == -1) + return (-1); + if ((nulldesc = open(_PATH_DEVNULL, O_RDWR)) == -1) + /* we are royally screwed anyway */ + return (-1); + + sigemptyset(&mask); + sigaddset(&mask, SIGALRM); + sigaddset(&mask, SIGHUP); + sigprocmask(SIG_BLOCK, &mask, &omask); + switch ((*pid = fork())) { + case -1: + sigprocmask(SIG_SETMASK, &omask, 0); + close(nulldesc); + return (-1); + + case 0: + /* XXX should check for NULL return */ + argv[0] = strdup("sh"); + argv[1] = strdup("-c"); + argv[2] = strdup(prog); + argv[3] = NULL; + if (argv[0] == NULL || argv[1] == NULL || argv[2] == NULL) { + logerror("strdup"); + exit(1); + } + + alarm(0); + (void)setsid(); /* Avoid catching SIGHUPs. */ + + /* + * Throw away pending signals, and reset signal + * behaviour to standard values. + */ + signal(SIGALRM, SIG_IGN); + signal(SIGHUP, SIG_IGN); + sigprocmask(SIG_SETMASK, &omask, 0); + signal(SIGPIPE, SIG_DFL); + signal(SIGQUIT, SIG_DFL); + signal(SIGALRM, SIG_DFL); + signal(SIGHUP, SIG_DFL); + + dup2(pfd[0], STDIN_FILENO); + dup2(nulldesc, STDOUT_FILENO); + dup2(nulldesc, STDERR_FILENO); + for (i = getdtablesize(); i > 2; i--) + (void)close(i); + + (void)execvp(_PATH_BSHELL, argv); + _exit(255); + } + + sigprocmask(SIG_SETMASK, &omask, 0); + close(nulldesc); + close(pfd[0]); + /* + * Avoid blocking on a hung pipe. With O_NONBLOCK, we are + * supposed to get an EWOULDBLOCK on writev(2), which is + * caught by the logic above anyway, which will in turn close + * the pipe, and fork a new logging subprocess if necessary. + * The stale subprocess will be killed some time later unless + * it terminated itself due to closing its input pipe (so we + * get rid of really dead puppies). + */ + if (fcntl(pfd[1], F_SETFL, O_NONBLOCK) == -1) { + /* This is bad. */ + (void)snprintf(errmsg, sizeof errmsg, + "Warning: cannot change pipe to PID %d to " + "non-blocking behaviour.", + (int)*pid); + logerror(errmsg); + } + return (pfd[1]); +} + +static void +deadq_enter(pid_t pid, const char *name) +{ + dq_t p; + int status; + + /* + * Be paranoid, if we can't signal the process, don't enter it + * into the dead queue (perhaps it's already dead). If possible, + * we try to fetch and log the child's status. + */ + if (kill(pid, 0) != 0) { + if (waitpid(pid, &status, WNOHANG) > 0) + log_deadchild(pid, status, name); + return; + } + + p = malloc(sizeof(struct deadq_entry)); + if (p == NULL) { + logerror("malloc"); + exit(1); + } + + p->dq_pid = pid; + p->dq_timeout = DQ_TIMO_INIT; + TAILQ_INSERT_TAIL(&deadq_head, p, dq_entries); +} + +static int +deadq_remove(pid_t pid) +{ + dq_t q; + + TAILQ_FOREACH(q, &deadq_head, dq_entries) { + if (q->dq_pid == pid) { + TAILQ_REMOVE(&deadq_head, q, dq_entries); + free(q); + return (1); + } + } + + return (0); +} + +static void +log_deadchild(pid_t pid, int status, const char *name) +{ + int code; + char buf[256]; + const char *reason; + + errno = 0; /* Keep strerror() stuff out of logerror messages. */ + if (WIFSIGNALED(status)) { + reason = "due to signal"; + code = WTERMSIG(status); + } else { + reason = "with status"; + code = WEXITSTATUS(status); + if (code == 0) + return; + } + (void)snprintf(buf, sizeof buf, + "Logging subprocess %d (%s) exited %s %d.", + pid, name, reason, code); + logerror(buf); +} + +static int * +socksetup(int af, const char *bindhostname) +{ + struct addrinfo hints, *res, *r; + int error, maxs, *s, *socks; + + memset(&hints, 0, sizeof(hints)); + hints.ai_flags = AI_PASSIVE; + hints.ai_family = af; + hints.ai_socktype = SOCK_DGRAM; + error = getaddrinfo(bindhostname, "syslog", &hints, &res); + if (error) { + logerror(gai_strerror(error)); + errno = 0; + die(0); + } + + /* Count max number of sockets we may open */ + for (maxs = 0, r = res; r; r = r->ai_next, maxs++); + socks = malloc((maxs+1) * sizeof(int)); + if (socks == NULL) { + logerror("couldn't allocate memory for sockets"); + die(0); + } + + *socks = 0; /* num of sockets counter at start of array */ + s = socks + 1; + for (r = res; r; r = r->ai_next) { + *s = socket(r->ai_family, r->ai_socktype, r->ai_protocol); + if (*s < 0) { + logerror("socket"); + continue; + } + if (r->ai_family == AF_INET6) { + int on = 1; + if (setsockopt(*s, IPPROTO_IPV6, IPV6_V6ONLY, + (char *)&on, sizeof (on)) < 0) { + logerror("setsockopt"); + close(*s); + continue; + } + } + if (bind(*s, r->ai_addr, r->ai_addrlen) < 0) { + close(*s); + logerror("bind"); + continue; + } + + (*socks)++; + s++; + } + + if (*socks == 0) { + free(socks); + if (Debug) + return (NULL); + else + die(0); + } + if (res) + freeaddrinfo(res); + + return (socks); +} diff --git a/syslogd.tproj/ttymsg.c b/syslogd.tproj/ttymsg.c new file mode 100644 index 0000000..7f7a4ce --- /dev/null +++ b/syslogd.tproj/ttymsg.c @@ -0,0 +1,163 @@ +/* + * Copyright (c) 1989, 1993 + * The Regents of the University of California. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the University of + * California, Berkeley and its contributors. + * 4. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifndef lint +static const char sccsid[] = "@(#)ttymsg.c 8.2 (Berkeley) 11/16/93"; +#endif + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "ttymsg.h" + +/* + * Display the contents of a uio structure on a terminal. Used by wall(1), + * syslogd(8), and talkd(8). Forks and finishes in child if write would block, + * waiting up to tmout seconds. Returns pointer to error string on unexpected + * error; string is not newline-terminated. Various "normal" errors are + * ignored (exclusive-use, lack of permission, etc.). + */ +const char * +ttymsg(struct iovec *iov, int iovcnt, const char *line, int tmout) +{ + struct iovec localiov[7]; + ssize_t left, wret; + int cnt, fd; + static char device[MAXNAMLEN] = _PATH_DEV; + static char errbuf[1024]; + int forked; + + forked = 0; + if (iovcnt > (int)(sizeof(localiov) / sizeof(localiov[0]))) + return ("too many iov's (change code in wall/ttymsg.c)"); + + strlcpy(device + sizeof(_PATH_DEV) - 1, line, sizeof(device)); + if (strchr(device + sizeof(_PATH_DEV) - 1, '/')) { + /* A slash is an attempt to break security... */ + (void) snprintf(errbuf, sizeof(errbuf), + "Too many '/' in \"%s\"", device); + return (errbuf); + } + + /* + * open will fail on slip lines or exclusive-use lines + * if not running as root; not an error. + */ + if ((fd = open(device, O_WRONLY|O_NONBLOCK, 0)) < 0) { + if (errno == EBUSY || errno == EACCES) + return (NULL); + (void) snprintf(errbuf, sizeof(errbuf), "%s: %s", device, + strerror(errno)); + return (errbuf); + } + + for (cnt = 0, left = 0; cnt < iovcnt; ++cnt) + left += iov[cnt].iov_len; + + for (;;) { + wret = writev(fd, iov, iovcnt); + if (wret >= left) + break; + if (wret >= 0) { + left -= wret; + if (iov != localiov) { + bcopy(iov, localiov, + iovcnt * sizeof(struct iovec)); + iov = localiov; + } + for (cnt = 0; (size_t)wret >= iov->iov_len; ++cnt) { + wret -= iov->iov_len; + ++iov; + --iovcnt; + } + if (wret) { + iov->iov_base = (char *)iov->iov_base + wret; + iov->iov_len -= wret; + } + continue; + } + if (errno == EWOULDBLOCK) { + int cpid; + + if (forked) { + (void) close(fd); + _exit(1); + } + cpid = fork(); + if (cpid < 0) { + (void) snprintf(errbuf, sizeof(errbuf), + "fork: %s", strerror(errno)); + (void) close(fd); + return (errbuf); + } + if (cpid) { /* parent */ + (void) close(fd); + return (NULL); + } + forked++; + /* wait at most tmout seconds */ + (void) signal(SIGALRM, SIG_DFL); + (void) signal(SIGTERM, SIG_DFL); /* XXX */ + (void) sigsetmask(0); + (void) alarm((u_int)tmout); + (void) fcntl(fd, F_SETFL, 0); /* clear O_NONBLOCK */ + continue; + } + /* + * We get ENODEV on a slip line if we're running as root, + * and EIO if the line just went away. + */ + if (errno == ENODEV || errno == EIO) + break; + (void) close(fd); + if (forked) + _exit(1); + (void) snprintf(errbuf, sizeof(errbuf), + "%s: %s", device, strerror(errno)); + return (errbuf); + } + + (void) close(fd); + if (forked) + _exit(0); + return (NULL); +} diff --git a/syslogd.tproj/ttymsg.h b/syslogd.tproj/ttymsg.h new file mode 100644 index 0000000..625c22d --- /dev/null +++ b/syslogd.tproj/ttymsg.h @@ -0,0 +1,3 @@ +/* $FreeBSD: src/usr.bin/wall/ttymsg.h,v 1.1 2001/09/09 14:23:31 dd Exp $ */ + +const char *ttymsg(struct iovec *, int, const char *, int); diff --git a/talk.tproj/ctl.c b/talk.tproj/ctl.c index d1c016b..1817074 100644 --- a/talk.tproj/ctl.c +++ b/talk.tproj/ctl.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/talk.tproj/ctl_transact.c b/talk.tproj/ctl_transact.c index 85474dd..c0a93b5 100644 --- a/talk.tproj/ctl_transact.c +++ b/talk.tproj/ctl_transact.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/talk.tproj/display.c b/talk.tproj/display.c index 6a725a6..6644ec1 100644 --- a/talk.tproj/display.c +++ b/talk.tproj/display.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/talk.tproj/get_addrs.c b/talk.tproj/get_addrs.c index ce728c5..7877eab 100644 --- a/talk.tproj/get_addrs.c +++ b/talk.tproj/get_addrs.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/talk.tproj/get_names.c b/talk.tproj/get_names.c index adf43bc..58d5e84 100644 --- a/talk.tproj/get_names.c +++ b/talk.tproj/get_names.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/talk.tproj/init_disp.c b/talk.tproj/init_disp.c index 1332107..7def0d3 100644 --- a/talk.tproj/init_disp.c +++ b/talk.tproj/init_disp.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/talk.tproj/invite.c b/talk.tproj/invite.c index 47fbf44..d879366 100644 --- a/talk.tproj/invite.c +++ b/talk.tproj/invite.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/talk.tproj/io.c b/talk.tproj/io.c index 7d6fd55..b32b1e1 100644 --- a/talk.tproj/io.c +++ b/talk.tproj/io.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/talk.tproj/look_up.c b/talk.tproj/look_up.c index 3d46cb3..ea96da9 100644 --- a/talk.tproj/look_up.c +++ b/talk.tproj/look_up.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/talk.tproj/msgs.c b/talk.tproj/msgs.c index 7e1edb1..5fc3927 100644 --- a/talk.tproj/msgs.c +++ b/talk.tproj/msgs.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/talk.tproj/talk.c b/talk.tproj/talk.c index 3690d01..c2145d3 100644 --- a/talk.tproj/talk.c +++ b/talk.tproj/talk.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/talk.tproj/talk.h b/talk.tproj/talk.h index 2458247..5e29a54 100644 --- a/talk.tproj/talk.h +++ b/talk.tproj/talk.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/talk.tproj/talk_ctl.h b/talk.tproj/talk_ctl.h index bfe8416..d73c089 100644 --- a/talk.tproj/talk_ctl.h +++ b/talk.tproj/talk_ctl.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/talkd.tproj/announce.c b/talkd.tproj/announce.c index cda84a1..4c6ee5f 100644 --- a/talkd.tproj/announce.c +++ b/talkd.tproj/announce.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/talkd.tproj/print.c b/talkd.tproj/print.c index 74f7aa8..d4222b3 100644 --- a/talkd.tproj/print.c +++ b/talkd.tproj/print.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/talkd.tproj/process.c b/talkd.tproj/process.c index c7d7b2c..d9a87a2 100644 --- a/talkd.tproj/process.c +++ b/talkd.tproj/process.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/talkd.tproj/table.c b/talkd.tproj/table.c index df3fb23..5b6ee3f 100644 --- a/talkd.tproj/table.c +++ b/talkd.tproj/table.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/talkd.tproj/talkd.c b/talkd.tproj/talkd.c index 7281351..540e17e 100644 --- a/talkd.tproj/talkd.c +++ b/talkd.tproj/talkd.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/talkd.tproj/talkd.h b/talkd.tproj/talkd.h index 9a686c5..afb5692 100644 --- a/talkd.tproj/talkd.h +++ b/talkd.tproj/talkd.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/telnet.tproj/commands.c b/telnet.tproj/commands.c index 849ed67..47a7500 100644 --- a/telnet.tproj/commands.c +++ b/telnet.tproj/commands.c @@ -2291,8 +2291,12 @@ tn(int argc, char *argv[]) #endif (hostname = strrchr(hostp, ':')) == NULL) hostname = strrchr(hostp, '@'); - hostname++; - srcroute = 1; + if (hostname == NULL) { + hostname = hostp; + } else { + hostname++; + srcroute = 1; + } } else hostname = hostp; if (!portp) { diff --git a/telnet.tproj/krb4-proto.h b/telnet.tproj/krb4-proto.h index 9f3f0b0..595b654 100644 --- a/telnet.tproj/krb4-proto.h +++ b/telnet.tproj/krb4-proto.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/telnet.tproj/tn3270.c b/telnet.tproj/tn3270.c index 875d386..7edae66 100644 --- a/telnet.tproj/tn3270.c +++ b/telnet.tproj/tn3270.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/telnetd.tproj/Makefile.postamble b/telnetd.tproj/Makefile.postamble index 7ede358..1394e5c 100644 --- a/telnetd.tproj/Makefile.postamble +++ b/telnetd.tproj/Makefile.postamble @@ -109,3 +109,6 @@ STRIPFLAGS = # owned by the top-level Makefile API and no context has been set up for where # derived files should go. +after_install: + install -o root -g wheel -m 755 -d $(DSTROOT)/usr/share/man/man8 + install -o root -g wheel -m 644 -c telnetd.8 $(DSTROOT)/usr/share/man/man8 diff --git a/tftp.tproj/extern.h b/tftp.tproj/extern.h index f41b4d4..5bee6a0 100644 --- a/tftp.tproj/extern.h +++ b/tftp.tproj/extern.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/tftp.tproj/main.c b/tftp.tproj/main.c index 7e110cc..cef16e5 100644 --- a/tftp.tproj/main.c +++ b/tftp.tproj/main.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/tftp.tproj/tftp.c b/tftp.tproj/tftp.c index bec2978..8e6e3f8 100644 --- a/tftp.tproj/tftp.c +++ b/tftp.tproj/tftp.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/tftp.tproj/tftpsubs.c b/tftp.tproj/tftpsubs.c index f63504a..38a5e1c 100644 --- a/tftp.tproj/tftpsubs.c +++ b/tftp.tproj/tftpsubs.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/tftp.tproj/tftpsubs.h b/tftp.tproj/tftpsubs.h index 9ecb2d2..76c0737 100644 --- a/tftp.tproj/tftpsubs.h +++ b/tftp.tproj/tftpsubs.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/timed.tproj/timed.tproj/acksend.c b/timed.tproj/timed.tproj/acksend.c index af1aea0..cd16920 100644 --- a/timed.tproj/timed.tproj/acksend.c +++ b/timed.tproj/timed.tproj/acksend.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/timed.tproj/timed.tproj/byteorder.c b/timed.tproj/timed.tproj/byteorder.c index 97bb911..849eccf 100644 --- a/timed.tproj/timed.tproj/byteorder.c +++ b/timed.tproj/timed.tproj/byteorder.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/timed.tproj/timed.tproj/candidate.c b/timed.tproj/timed.tproj/candidate.c index a271db5..715f9d5 100644 --- a/timed.tproj/timed.tproj/candidate.c +++ b/timed.tproj/timed.tproj/candidate.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/timed.tproj/timed.tproj/cksum.c b/timed.tproj/timed.tproj/cksum.c index e50e438..beda5b6 100644 --- a/timed.tproj/timed.tproj/cksum.c +++ b/timed.tproj/timed.tproj/cksum.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/timed.tproj/timed.tproj/correct.c b/timed.tproj/timed.tproj/correct.c index f092bca..a216abc 100644 --- a/timed.tproj/timed.tproj/correct.c +++ b/timed.tproj/timed.tproj/correct.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/timed.tproj/timed.tproj/extern.h b/timed.tproj/timed.tproj/extern.h index 00f9d35..fcc8457 100644 --- a/timed.tproj/timed.tproj/extern.h +++ b/timed.tproj/timed.tproj/extern.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/timed.tproj/timed.tproj/globals.h b/timed.tproj/timed.tproj/globals.h index 82cfc53..7388669 100644 --- a/timed.tproj/timed.tproj/globals.h +++ b/timed.tproj/timed.tproj/globals.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/timed.tproj/timed.tproj/master.c b/timed.tproj/timed.tproj/master.c index ddd3215..76fb0df 100644 --- a/timed.tproj/timed.tproj/master.c +++ b/timed.tproj/timed.tproj/master.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/timed.tproj/timed.tproj/measure.c b/timed.tproj/timed.tproj/measure.c index 6b809b2..b193959 100644 --- a/timed.tproj/timed.tproj/measure.c +++ b/timed.tproj/timed.tproj/measure.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/timed.tproj/timed.tproj/networkdelta.c b/timed.tproj/timed.tproj/networkdelta.c index 51576f6..cbcf1ee 100644 --- a/timed.tproj/timed.tproj/networkdelta.c +++ b/timed.tproj/timed.tproj/networkdelta.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/timed.tproj/timed.tproj/pathnames.h b/timed.tproj/timed.tproj/pathnames.h index 1a3faf3..c524215 100644 --- a/timed.tproj/timed.tproj/pathnames.h +++ b/timed.tproj/timed.tproj/pathnames.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/timed.tproj/timed.tproj/readmsg.c b/timed.tproj/timed.tproj/readmsg.c index 88efb49..ac25ec8 100644 --- a/timed.tproj/timed.tproj/readmsg.c +++ b/timed.tproj/timed.tproj/readmsg.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/timed.tproj/timed.tproj/slave.c b/timed.tproj/timed.tproj/slave.c index 0b72058..293e4bc 100644 --- a/timed.tproj/timed.tproj/slave.c +++ b/timed.tproj/timed.tproj/slave.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/timed.tproj/timed.tproj/timed.8 b/timed.tproj/timed.tproj/timed.8 index 8f8798d..880ce2e 100644 --- a/timed.tproj/timed.tproj/timed.8 +++ b/timed.tproj/timed.tproj/timed.8 @@ -173,7 +173,7 @@ Complaints about machines that failed to respond to initial time settings are often associated with "multi-homed" machines that looked for time masters on more than one network and eventually chose to become a slave on the other network. -.SH WARNING +.Sh WARNING If two or more time daemons, whether .Nm timed , .Xr NTP , diff --git a/timed.tproj/timed.tproj/timed.c b/timed.tproj/timed.tproj/timed.c index 01fa981..95d440a 100644 --- a/timed.tproj/timed.tproj/timed.c +++ b/timed.tproj/timed.tproj/timed.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/timed.tproj/timedc.tproj/Makefile b/timed.tproj/timedc.tproj/Makefile index ae13f3a..f553155 100644 --- a/timed.tproj/timedc.tproj/Makefile +++ b/timed.tproj/timedc.tproj/Makefile @@ -17,7 +17,7 @@ HFILES = extern.h timedc.h CFILES = cmds.c cmdtab.c timedc.c OTHERSRCS = Makefile.preamble Makefile Makefile.postamble m.template\ - h.template + h.template timedc.8 MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles diff --git a/timed.tproj/timedc.tproj/Makefile.postamble b/timed.tproj/timedc.tproj/Makefile.postamble index 7b861e1..ee578ca 100644 --- a/timed.tproj/timedc.tproj/Makefile.postamble +++ b/timed.tproj/timedc.tproj/Makefile.postamble @@ -121,3 +121,6 @@ # Note: on MS Windows, executables, have an extension, so rules and dependencies # for generated tools should use $(EXECUTABLE_EXT) on the end. VPATH += :../timed.tproj +after_install:: + $(MKDIR) -p $(DSTROOT)/usr/share/man/man8 + $(CP) timedc.8 $(DSTROOT)/usr/share/man/man8/ diff --git a/timed.tproj/timedc.tproj/cmds.c b/timed.tproj/timedc.tproj/cmds.c index a844190..335c76e 100644 --- a/timed.tproj/timedc.tproj/cmds.c +++ b/timed.tproj/timedc.tproj/cmds.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/timed.tproj/timedc.tproj/cmdtab.c b/timed.tproj/timedc.tproj/cmdtab.c index 546a206..3e01d9d 100644 --- a/timed.tproj/timedc.tproj/cmdtab.c +++ b/timed.tproj/timedc.tproj/cmdtab.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/timed.tproj/timedc.tproj/extern.h b/timed.tproj/timedc.tproj/extern.h index 22e2e29..3316c68 100644 --- a/timed.tproj/timedc.tproj/extern.h +++ b/timed.tproj/timedc.tproj/extern.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/timed.tproj/timedc.tproj/timedc.8 b/timed.tproj/timedc.tproj/timedc.8 new file mode 100644 index 0000000..3070e9d --- /dev/null +++ b/timed.tproj/timedc.tproj/timedc.8 @@ -0,0 +1,144 @@ +.\" Copyright (c) 1980, 1991, 1993 +.\" The Regents of the University of California. All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. All advertising materials mentioning features or use of this software +.\" must display the following acknowledgement: +.\" This product includes software developed by the University of +.\" California, Berkeley and its contributors. +.\" 4. Neither the name of the University nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" @(#)timedc.8 8.1 (Berkeley) 6/6/93 +.\" $FreeBSD: src/usr.sbin/timed/timedc/timedc.8,v 1.13 2002/07/14 14:46:35 charnier Exp $ +.\" +.Dd June 6, 1993 +.Dt TIMEDC 8 +.Os +.Sh NAME +.Nm timedc +.Nd timed control program +.Sh SYNOPSIS +.Nm +.Op Ar command Op Ar argument ... +.Sh DESCRIPTION +The +.Nm +utility is used to control the operation of the +.Xr timed 8 +program. +It may be used to: +.Bl -bullet +.It +Measure the differences between machines' clocks, +.It +Find the location where the master time server is running, +.It +Enable or disable tracing of messages received by +.Xr timed 8 , +and +.It +Perform various debugging actions. +.El +.Pp +Without any arguments, +.Nm +will prompt for commands from the standard input. +If arguments are supplied, +.Nm +interprets the first argument as a command and the remaining +arguments as parameters to the command. The standard input +may be redirected causing +.Nm +to read commands from a file. +Commands may be abbreviated; +recognized commands are: +.Pp +.Bl -tag -width Ds -compact +.It Ic \&? Op Ar command ... +.Pp +.It Ic help Op Ar command ... +Print a short description of each command specified in the argument list, +or, if no arguments are given, a list of the recognized commands. +.Pp +.It Ic clockdiff Ar host ... +Compute the differences between the clock of the host machine +and the clocks of the machines given as arguments. +.Pp +.It Ic msite Op Ar host ... +Show the master time server for specified host(s). +.Pp +.It Xo +.Ic trace +.Li \&{ Ar on Li \&| +.Ar off \&} +.Xc +Enable or disable the tracing of incoming messages to +.Xr timed +in the file +.Pa /var/log/timed.log . +.Pp +.It Ic election Ar host1 Op Ar host2 ... +Asks the daemon +on the target host to reset its "election" timers and to ensure that +a time master has been elected. +.Pp +.It Ic quit +Exit from timedc. +.El +.Pp +Other commands may be included for use in testing and debugging +.Xr timed 8 ; +the help command and +the program source may be consulted for details. +.Sh FILES +.Bl -tag -width /var/log/timed.masterlog -compact +.It Pa /var/log/timed.log +tracing file for timed +.It Pa /var/log/timed.masterlog +log file for master timed +.El +.Sh SEE ALSO +.Xr date 1 , +.Xr adjtime 2 , +.Xr icmp 4 , +.Xr timed 8 +.Rs +.%T "TSP: The Time Synchronization Protocol for UNIX 4.3BSD" +.%A R. Gusella +.%A S. Zatti +.Re +.Sh DIAGNOSTICS +.Bl -diag +.It ?Ambiguous command +abbreviation matches more than one command +.It ?Invalid command +no match found +.It ?Privileged command +command can be executed by root only +.El +.Sh HISTORY +The +.Nm +utility appeared in +.Bx 4.3 . diff --git a/timed.tproj/timedc.tproj/timedc.c b/timed.tproj/timedc.tproj/timedc.c index 63e2884..f80160f 100644 --- a/timed.tproj/timedc.tproj/timedc.c +++ b/timed.tproj/timedc.tproj/timedc.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/timed.tproj/timedc.tproj/timedc.h b/timed.tproj/timedc.tproj/timedc.h index 43ca72c..5faabdc 100644 --- a/timed.tproj/timedc.tproj/timedc.h +++ b/timed.tproj/timedc.tproj/timedc.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/traceroute.tproj/traceroute.c b/traceroute.tproj/traceroute.c index 1f8a5fa..0ef659f 100644 --- a/traceroute.tproj/traceroute.c +++ b/traceroute.tproj/traceroute.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/trpt.tproj/trpt.c b/trpt.tproj/trpt.c index 0f1f66a..4677cc5 100644 --- a/trpt.tproj/trpt.c +++ b/trpt.tproj/trpt.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/wall.tproj/Makefile b/wall.tproj/Makefile index 9d20c3c..ea2abe9 100644 --- a/wall.tproj/Makefile +++ b/wall.tproj/Makefile @@ -12,6 +12,8 @@ NAME = wall PROJECTVERSION = 2.8 PROJECT_TYPE = Tool +HFILES = ttymsg.h + CFILES = ttymsg.c wall.c OTHERSRCS = Makefile.preamble Makefile Makefile.postamble Makefile.dist\ diff --git a/wall.tproj/ttymsg.c b/wall.tproj/ttymsg.c index 45e4d2d..3aa6696 100644 --- a/wall.tproj/ttymsg.c +++ b/wall.tproj/ttymsg.c @@ -1,26 +1,3 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ /* * Copyright (c) 1989, 1993 * The Regents of the University of California. All rights reserved. @@ -54,18 +31,26 @@ * SUCH DAMAGE. */ +#include + + +#ifndef lint +static const char sccsid[] = "@(#)ttymsg.c 8.2 (Berkeley) 11/16/93"; +#endif #include #include -#include -#include #include #include +#include #include -#include +#include #include #include #include +#include + +#include "ttymsg.h" /* * Display the contents of a uio structure on a terminal. Used by wall(1), @@ -74,27 +59,25 @@ * error; string is not newline-terminated. Various "normal" errors are * ignored (exclusive-use, lack of permission, etc.). */ -char * -ttymsg(iov, iovcnt, line, tmout) - struct iovec *iov; - int iovcnt; - char *line; - int tmout; +const char * +ttymsg(struct iovec *iov, int iovcnt, const char *line, int tmout) { + struct iovec localiov[7]; + ssize_t left, wret; + int cnt, fd; static char device[MAXNAMLEN] = _PATH_DEV; static char errbuf[1024]; - register int cnt, fd, left, wret; - struct iovec localiov[6]; - int forked = 0; + int forked; - if (iovcnt > sizeof(localiov) / sizeof(localiov[0])) + forked = 0; + if (iovcnt > (int)(sizeof(localiov) / sizeof(localiov[0]))) return ("too many iov's (change code in wall/ttymsg.c)"); - (void) strcpy(device + sizeof(_PATH_DEV) - 1, line); + strlcpy(device + sizeof(_PATH_DEV) - 1, line, sizeof(device)); if (strchr(device + sizeof(_PATH_DEV) - 1, '/')) { /* A slash is an attempt to break security... */ - (void) snprintf(errbuf, sizeof(errbuf), "'/' in \"%s\"", - device); + (void) snprintf(errbuf, sizeof(errbuf), + "Too many '/' in \"%s\"", device); return (errbuf); } @@ -105,12 +88,12 @@ ttymsg(iov, iovcnt, line, tmout) if ((fd = open(device, O_WRONLY|O_NONBLOCK, 0)) < 0) { if (errno == EBUSY || errno == EACCES) return (NULL); - (void) snprintf(errbuf, sizeof(errbuf), - "%s: %s", device, strerror(errno)); + (void) snprintf(errbuf, sizeof(errbuf), "%s: %s", device, + strerror(errno)); return (errbuf); } - for (cnt = left = 0; cnt < iovcnt; ++cnt) + for (cnt = 0, left = 0; cnt < iovcnt; ++cnt) left += iov[cnt].iov_len; for (;;) { @@ -120,23 +103,23 @@ ttymsg(iov, iovcnt, line, tmout) if (wret >= 0) { left -= wret; if (iov != localiov) { - bcopy(iov, localiov, + bcopy(iov, localiov, iovcnt * sizeof(struct iovec)); iov = localiov; } - for (cnt = 0; wret >= iov->iov_len; ++cnt) { + for (cnt = 0; (size_t)wret >= iov->iov_len; ++cnt) { wret -= iov->iov_len; ++iov; --iovcnt; } if (wret) { - iov->iov_base += wret; + iov->iov_base = (char *)iov->iov_base + wret; iov->iov_len -= wret; } continue; } if (errno == EWOULDBLOCK) { - int cpid, off = 0; + int cpid; if (forked) { (void) close(fd); @@ -159,7 +142,7 @@ ttymsg(iov, iovcnt, line, tmout) (void) signal(SIGTERM, SIG_DFL); /* XXX */ (void) sigsetmask(0); (void) alarm((u_int)tmout); - (void) fcntl(fd, O_NONBLOCK, &off); + (void) fcntl(fd, F_SETFL, 0); /* clear O_NONBLOCK */ continue; } /* diff --git a/wall.tproj/ttymsg.h b/wall.tproj/ttymsg.h new file mode 100644 index 0000000..625c22d --- /dev/null +++ b/wall.tproj/ttymsg.h @@ -0,0 +1,3 @@ +/* $FreeBSD: src/usr.bin/wall/ttymsg.h,v 1.1 2001/09/09 14:23:31 dd Exp $ */ + +const char *ttymsg(struct iovec *, int, const char *, int); diff --git a/wall.tproj/wall.1 b/wall.tproj/wall.1 index ed2f4c9..20436ea 100644 --- a/wall.tproj/wall.1 +++ b/wall.tproj/wall.1 @@ -30,19 +30,22 @@ .\" SUCH DAMAGE. .\" .\" @(#)wall.1 8.1 (Berkeley) 6/6/93 +.\" $FreeBSD: src/usr.bin/wall/wall.1,v 1.8 2002/06/10 22:59:59 jmallett Exp $ .\" .Dd June 6, 1993 .Dt WALL 1 -.Os BSD 4 +.Os .Sh NAME .Nm wall .Nd write a message to users .Sh SYNOPSIS -.Nm wall +.Nm +.Op Fl g Ar group .Op Ar file .Sh DESCRIPTION -.Nm Wall -displays the contents of +The +.Nm +utility displays the contents of .Ar file or, by default, its standard input, on the terminals of all currently logged in users. @@ -51,6 +54,12 @@ Only the super-user can write on the terminals of users who have chosen to deny messages or are using a program which automatically denies messages. +.Bl -tag -width indent +.It Fl g +Send messages to users in this group. This option may be specified +multiple times, and any user in any of the specified groups will +receive the message. +.El .Sh SEE ALSO .Xr mesg 1 , .Xr talk 1 , @@ -59,5 +68,4 @@ automatically denies messages. .Sh HISTORY A .Nm -command appeared in -.At v7 . +command appeared in PWB UNIX. diff --git a/wall.tproj/wall.c b/wall.tproj/wall.c index e08a8dd..42e35f0 100644 --- a/wall.tproj/wall.c +++ b/wall.tproj/wall.c @@ -1,26 +1,3 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ /* * Copyright (c) 1988, 1990, 1993 * The Regents of the University of California. All rights reserved. @@ -54,12 +31,18 @@ * SUCH DAMAGE. */ +#include + #ifndef lint -static char copyright[] = +static const char copyright[] = "@(#) Copyright (c) 1988, 1990, 1993\n\ The Regents of the University of California. All rights reserved.\n"; -#endif /* not lint */ +#endif + +#ifndef lint +static const char sccsid[] = "@(#)wall.c 8.2 (Berkeley) 11/16/93"; +#endif /* * This program is not related to David Wall, whose Stanford Ph.D. thesis @@ -68,101 +51,158 @@ static char copyright[] = #include #include -#include #include +#include +#include +#include +#include #include #include #include #include #include +#include #include #include -void makemsg __P((char *)); +#include "ttymsg.h" -#define IGNOREUSER "sleeper" +static void makemsg(char *); +static void usage(void); +struct wallgroup { + struct wallgroup *next; + char *name; + gid_t gid; +} *grouplist; int nobanner; int mbufsize; char *mbuf; -/* ARGSUSED */ int -main(argc, argv) - int argc; - char **argv; +main(int argc, char *argv[]) { - extern int optind; - int ch; struct iovec iov; struct utmp utmp; + int ch; + int ingroup; FILE *fp; - char *p, *ttymsg(); + struct wallgroup *g; + struct group *grp; + char **np; + const char *p; + struct passwd *pw; char line[sizeof(utmp.ut_line) + 1]; + char username[sizeof(utmp.ut_name) + 1]; + + (void)setlocale(LC_CTYPE, ""); - while ((ch = getopt(argc, argv, "n")) != EOF) + while ((ch = getopt(argc, argv, "g:n")) != -1) switch (ch) { case 'n': /* undoc option for shutdown: suppress banner */ if (geteuid() == 0) nobanner = 1; break; + case 'g': + g = (struct wallgroup *)malloc(sizeof *g); + g->next = grouplist; + g->name = optarg; + g->gid = -1; + grouplist = g; + break; case '?': default: -usage: - (void)fprintf(stderr, "usage: wall [file]\n"); - exit(1); + usage(); } argc -= optind; argv += optind; if (argc > 1) - goto usage; + usage(); + + for (g = grouplist; g; g = g->next) { + grp = getgrnam(g->name); + if (grp != NULL) + g->gid = grp->gr_gid; + else + warnx("%s: no such group", g->name); + } makemsg(*argv); - if (!(fp = fopen(_PATH_UTMP, "r"))) { - (void)fprintf(stderr, "wall: cannot read %s.\n", _PATH_UTMP); - exit(1); - } + if (!(fp = fopen(_PATH_UTMP, "r"))) + err(1, "cannot read %s", _PATH_UTMP); iov.iov_base = mbuf; iov.iov_len = mbufsize; /* NOSTRICT */ while (fread((char *)&utmp, sizeof(utmp), 1, fp) == 1) { - if (!utmp.ut_name[0] || - !strncmp(utmp.ut_name, IGNOREUSER, sizeof(utmp.ut_name))) + if (!utmp.ut_name[0]) continue; + if (grouplist) { + ingroup = 0; + strlcpy(username, utmp.ut_name, sizeof(utmp.ut_name)); + pw = getpwnam(username); + if (!pw) + continue; + for (g = grouplist; g && ingroup == 0; g = g->next) { + if (g->gid == (gid_t)-1) + continue; + if (g->gid == pw->pw_gid) + ingroup = 1; + else if ((grp = getgrgid(g->gid)) != NULL) { + for (np = grp->gr_mem; *np; np++) { + if (strcmp(*np, username) == 0) { + ingroup = 1; + break; + } + } + } + } + if (ingroup == 0) + continue; + } strncpy(line, utmp.ut_line, sizeof(utmp.ut_line)); line[sizeof(utmp.ut_line)] = '\0'; if ((p = ttymsg(&iov, 1, line, 60*5)) != NULL) - (void)fprintf(stderr, "wall: %s\n", p); + warnx("%s", p); } exit(0); } +static void +usage() +{ + (void)fprintf(stderr, "usage: wall [-g group] [file]\n"); + exit(1); +} + void -makemsg(fname) - char *fname; +makemsg(char *fname) { - register int ch, cnt; + int cnt; + unsigned char ch; struct tm *lt; struct passwd *pw; struct stat sbuf; - time_t now, time(); + time_t now; FILE *fp; int fd; - char *p, *whom, hostname[MAXHOSTNAMELEN], lbuf[100], tmpname[15]; - char *getlogin(), *strcpy(), *ttyname(); - - (void)strcpy(tmpname, _PATH_TMP); - (void)strcat(tmpname, "/wall.XXXXXX"); - if (!(fd = mkstemp(tmpname)) || !(fp = fdopen(fd, "r+"))) { - (void)fprintf(stderr, "wall: can't open temporary file.\n"); - exit(1); - } + char *p, hostname[MAXHOSTNAMELEN], lbuf[256], tmpname[64]; + const char *tty; + const char *whom; + gid_t egid; + + (void)snprintf(tmpname, sizeof(tmpname), "%s/wall.XXXXXX", _PATH_TMP); + if ((fd = mkstemp(tmpname)) == -1 || !(fp = fdopen(fd, "r+"))) + err(1, "can't open temporary file"); (void)unlink(tmpname); if (!nobanner) { + tty = ttyname(STDERR_FILENO); + if (tty == NULL) + tty = "no tty"; + if (!(whom = getlogin())) whom = (pw = getpwuid(getuid())) ? pw->pw_name : "???"; (void)gethostname(hostname, sizeof(hostname)); @@ -177,45 +217,78 @@ makemsg(fname) * in column 80, but that can't be helped. */ (void)fprintf(fp, "\r%79s\r\n", " "); - (void)sprintf(lbuf, "Broadcast Message from %s@%s", + (void)snprintf(lbuf, sizeof(lbuf), + "Broadcast Message from %s@%s", whom, hostname); (void)fprintf(fp, "%-79.79s\007\007\r\n", lbuf); - (void)sprintf(lbuf, " (%s) at %d:%02d ...", ttyname(2), - lt->tm_hour, lt->tm_min); + (void)snprintf(lbuf, sizeof(lbuf), + " (%s) at %d:%02d %s...", tty, + lt->tm_hour, lt->tm_min, lt->tm_zone); (void)fprintf(fp, "%-79.79s\r\n", lbuf); } (void)fprintf(fp, "%79s\r\n", " "); - if (fname && !(freopen(fname, "r", stdin))) { - (void)fprintf(stderr, "wall: can't read %s.\n", fname); - exit(1); + if (fname) { + egid = getegid(); + setegid(getgid()); + if (freopen(fname, "r", stdin) == NULL) + err(1, "can't read %s", fname); + setegid(egid); } while (fgets(lbuf, sizeof(lbuf), stdin)) for (cnt = 0, p = lbuf; (ch = *p) != '\0'; ++p, ++cnt) { - if (cnt == 79 || ch == '\n') { + if (ch == '\r') { + cnt = 0; + } else if (cnt == 79 || ch == '\n') { for (; cnt < 79; ++cnt) putc(' ', fp); putc('\r', fp); putc('\n', fp); cnt = 0; - } else + } + if (((ch & 0x80) && ch < 0xA0) || + /* disable upper controls */ + (!isprint(ch) && !isspace(ch) && + ch != '\a' && ch != '\b') + ) { + if (ch & 0x80) { + ch &= 0x7F; + putc('M', fp); + if (++cnt == 79) { + putc('\r', fp); + putc('\n', fp); + cnt = 0; + } + putc('-', fp); + if (++cnt == 79) { + putc('\r', fp); + putc('\n', fp); + cnt = 0; + } + } + if (iscntrl(ch)) { + ch ^= 040; + putc('^', fp); + if (++cnt == 79) { + putc('\r', fp); + putc('\n', fp); + cnt = 0; + } + } + putc(ch, fp); + } else { putc(ch, fp); + } } (void)fprintf(fp, "%79s\r\n", " "); rewind(fp); - if (fstat(fd, &sbuf)) { - (void)fprintf(stderr, "wall: can't stat temporary file.\n"); - exit(1); - } + if (fstat(fd, &sbuf)) + err(1, "can't stat temporary file"); mbufsize = sbuf.st_size; - if (!(mbuf = malloc((u_int)mbufsize))) { - (void)fprintf(stderr, "wall: out of memory.\n"); - exit(1); - } - if (fread(mbuf, sizeof(*mbuf), mbufsize, fp) != mbufsize) { - (void)fprintf(stderr, "wall: can't read temporary file.\n"); - exit(1); - } + if (!(mbuf = malloc((u_int)mbufsize))) + err(1, "out of memory"); + if ((int)fread(mbuf, sizeof(*mbuf), mbufsize, fp) != mbufsize) + err(1, "can't read temporary file"); (void)close(fd); } diff --git a/ypbind.tproj/yp.x b/ypbind.tproj/yp.x index cf2be0c..901b12e 100644 --- a/ypbind.tproj/yp.x +++ b/ypbind.tproj/yp.x @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypbind.tproj/ypbind.c b/ypbind.tproj/ypbind.c index bad58c0..61f7b8a 100644 --- a/ypbind.tproj/ypbind.c +++ b/ypbind.tproj/ypbind.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypcat.tproj/ypcat.c b/ypcat.tproj/ypcat.c index 72e4e45..5529348 100644 --- a/ypcat.tproj/ypcat.c +++ b/ypcat.tproj/ypcat.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypinit.tproj/Makefile b/ypinit.tproj/Makefile index 037dd35..a82ca0b 100644 --- a/ypinit.tproj/Makefile +++ b/ypinit.tproj/Makefile @@ -1,7 +1,7 @@ # # RC Makefile for ypinit scripts on Rhapsody. # -# $Id: Makefile,v 1.2 2002/03/13 02:08:08 bbraun Exp $ +# $Id: Makefile,v 1.4 2003/02/08 03:46:33 mscopp Exp $ # VARYP=$(DSTROOT)/private/var/yp diff --git a/ypinit.tproj/Makefile.yp b/ypinit.tproj/Makefile.yp index bed83a7..a10c310 100644 --- a/ypinit.tproj/Makefile.yp +++ b/ypinit.tproj/Makefile.yp @@ -18,8 +18,7 @@ MKALIAS=/usr/sbin/mkalias MKNETID=/usr/sbin/mknetid REVNETGROUP=/usr/sbin/revnetgroup TOUCH=/usr/bin/touch -PWD:=$(shell /bin/pwd) -DOMAIN:=$(shell /usr/bin/basename $(PWD)) +DOMAIN:=`/usr/bin/basename ${.CURDIR}` YPPUSH=/usr/sbin/yppush # Password maps in standard YP is unsecure. This is due to the fact that diff --git a/ypmatch.tproj/Makefile b/ypmatch.tproj/Makefile index 283ee4c..7057431 100644 --- a/ypmatch.tproj/Makefile +++ b/ypmatch.tproj/Makefile @@ -14,7 +14,7 @@ PROJECT_TYPE = Tool CFILES = ypmatch.c -OTHERSRCS = Makefile.dist Makefile.preamble ypmatch.1 +OTHERSRCS = Makefile.dist Makefile.preamble Makefile.postamble ypmatch.1 MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles diff --git a/ypmatch.tproj/Makefile.postamble b/ypmatch.tproj/Makefile.postamble new file mode 100644 index 0000000..0743916 --- /dev/null +++ b/ypmatch.tproj/Makefile.postamble @@ -0,0 +1,103 @@ +############################################################################### +# Makefile.postamble +# Copyright 1997, Apple Computer, Inc. +# +# Use this makefile, which is imported after all other makefiles, to +# override attributes for a project's Makefile environment. This allows you +# to take advantage of the environment set up by the other Makefiles. +# You can also define custom rules at the end of this file. +# +############################################################################### +# +# These variables are exported by the standard makefiles and can be +# used in any customizations you make. They are *outputs* of +# the Makefiles and should be used, not set. +# +# PRODUCTS: products to install. All of these products will be placed in +# the directory $(DSTROOT)$(INSTALLDIR) +# GLOBAL_RESOURCE_DIR: The directory to which resources are copied. +# LOCAL_RESOURCE_DIR: The directory to which localized resources are copied. +# OFILE_DIR: Directory into which .o object files are generated. +# DERIVED_SRC_DIR: Directory used for all other derived files +# +# ALL_CFLAGS: flags to pass when compiling .c files +# ALL_MFLAGS: flags to pass when compiling .m files +# ALL_CCFLAGS: flags to pass when compiling .cc, .cxx, and .C files +# ALL_MMFLAGS: flags to pass when compiling .mm, .mxx, and .M files +# ALL_PRECOMPFLAGS: flags to pass when precompiling .h files +# ALL_LDFLAGS: flags to pass when linking object files +# ALL_LIBTOOL_FLAGS: flags to pass when libtooling object files +# ALL_PSWFLAGS: flags to pass when processing .psw and .pswm (pswrap) files +# ALL_RPCFLAGS: flags to pass when processing .rpc (rpcgen) files +# ALL_YFLAGS: flags to pass when processing .y (yacc) files +# ALL_LFLAGS: flags to pass when processing .l (lex) files +# +# NAME: name of application, bundle, subproject, palette, etc. +# LANGUAGE: langage in which the project is written (default "English") +# LOCAL_RESOURCES: localized resources (e.g. nib's, images) of project +# GLOBAL_RESOURCES: non-localized resources of project +# +# SRCROOT: base directory in which to place the new source files +# SRCPATH: relative path from SRCROOT to present subdirectory +# +# INSTALLDIR: Directory the product will be installed into by 'install' target +# PUBLIC_HDR_INSTALLDIR: where to install public headers. Don't forget +# to prefix this with DSTROOT when you use it. +# PRIVATE_HDR_INSTALLDIR: where to install private headers. Don't forget +# to prefix this with DSTROOT when you use it. +# +# EXECUTABLE_EXT: Executable extension for the platform (i.e. .exe on Windows) +# +############################################################################### + +# Some compiler flags can be overridden here for certain build situations. +# +# WARNING_CFLAGS: flag used to set warning level (defaults to -Wmost) +# DEBUG_SYMBOLS_CFLAGS: debug-symbol flag passed to all builds (defaults +# to -g) +# DEBUG_BUILD_CFLAGS: flags passed during debug builds (defaults to -DDEBUG) +# OPTIMIZE_BUILD_CFLAGS: flags passed during optimized builds (defaults +# to -O) +# PROFILE_BUILD_CFLAGS: flags passed during profile builds (defaults +# to -pg -DPROFILE) +# LOCAL_DIR_INCLUDE_DIRECTIVE: flag used to add current directory to +# the include path (defaults to -I.) +# DEBUG_BUILD_LDFLAGS, OPTIMIZE_BUILD_LDFLAGS, PROFILE_BUILD_LDFLAGS: flags +# passed to ld/libtool (defaults to nothing) + + +# Library and Framework projects only: +# INSTALL_NAME_DIRECTIVE: This directive ensures that executables linked +# against the framework will run against the correct version even if +# the current version of the framework changes. You may override this +# to "" as an alternative to using the DYLD_LIBRARY_PATH during your +# development cycle, but be sure to restore it before installing. + + +# Ownership and permissions of files installed by 'install' target + +#INSTALL_AS_USER = root + # User/group ownership +#INSTALL_AS_GROUP = wheel + # (probably want to set both of these) +#INSTALL_PERMISSIONS = + # If set, 'install' chmod's executable to this + + +# Options to strip. Note: -S strips debugging symbols (executables can be stripped +# down further with -x or, if they load no bundles, with no options at all). + +#STRIPFLAGS = -S + + +######################################################################### +# Put rules to extend the behavior of the standard Makefiles here. Include them in +# the dependency tree via cvariables like AFTER_INSTALL in the Makefile.preamble. +# +# You should avoid redefining things like "install" or "app", as they are +# owned by the top-level Makefile API and no context has been set up for where +# derived files should go. +# +after_install: + $(MKDIR) -p $(DSTROOT)/usr/share/man/man1 + $(CP) ypmatch.1 $(DSTROOT)/usr/share/man/man1/ diff --git a/ypmatch.tproj/Makefile.preamble b/ypmatch.tproj/Makefile.preamble index dc05194..a59ea45 100644 --- a/ypmatch.tproj/Makefile.preamble +++ b/ypmatch.tproj/Makefile.preamble @@ -1,2 +1,4 @@ OTHER_GENERATED_OFILES = $(VERS_OFILE) -include ../Makefile.include + +AFTER_INSTALL = after_install diff --git a/ypmatch.tproj/ypmatch.c b/ypmatch.tproj/ypmatch.c index 5f78260..aca45bf 100644 --- a/ypmatch.tproj/ypmatch.c +++ b/ypmatch.tproj/ypmatch.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/yppoll.tproj/yppoll.c b/yppoll.tproj/yppoll.c index 5f1ddc5..77f877a 100644 --- a/yppoll.tproj/yppoll.c +++ b/yppoll.tproj/yppoll.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/yppush.tproj/ypdb.c b/yppush.tproj/ypdb.c index c9bd178..9530e42 100644 --- a/yppush.tproj/ypdb.c +++ b/yppush.tproj/ypdb.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/yppush.tproj/ypdb.h b/yppush.tproj/ypdb.h index 45b0a7f..61e9547 100644 --- a/yppush.tproj/ypdb.h +++ b/yppush.tproj/ypdb.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/yppush.tproj/ypdef.h b/yppush.tproj/ypdef.h index 89970d7..ade70ef 100644 --- a/yppush.tproj/ypdef.h +++ b/yppush.tproj/ypdef.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/yppush.tproj/yplib_host.c b/yppush.tproj/yplib_host.c index 70b914b..275211b 100644 --- a/yppush.tproj/yplib_host.c +++ b/yppush.tproj/yplib_host.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/yppush.tproj/yplib_host.h b/yppush.tproj/yplib_host.h index 038fb68..32d43cd 100644 --- a/yppush.tproj/yplib_host.h +++ b/yppush.tproj/yplib_host.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/yppush.tproj/yppush.c b/yppush.tproj/yppush.c index 5ddd82c..3249369 100644 --- a/yppush.tproj/yppush.c +++ b/yppush.tproj/yppush.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/yppush.tproj/yppush.h b/yppush.tproj/yppush.h index 9aa8dc5..a84ccd1 100644 --- a/yppush.tproj/yppush.h +++ b/yppush.tproj/yppush.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/yppush.tproj/yppush_err.c b/yppush.tproj/yppush_err.c index 31f74e8..9ec329d 100644 --- a/yppush.tproj/yppush_err.c +++ b/yppush.tproj/yppush_err.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/yppush.tproj/yppush_proc.c b/yppush.tproj/yppush_proc.c index 601a7cb..dec62eb 100644 --- a/yppush.tproj/yppush_proc.c +++ b/yppush.tproj/yppush_proc.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/yppush.tproj/yppush_svc.c b/yppush.tproj/yppush_svc.c index f3c19dc..80006ae 100644 --- a/yppush.tproj/yppush_svc.c +++ b/yppush.tproj/yppush_svc.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/yppush.tproj/yppush_xdr.c b/yppush.tproj/yppush_xdr.c index d8ad787..59da531 100644 --- a/yppush.tproj/yppush_xdr.c +++ b/yppush.tproj/yppush_xdr.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypserv.tproj/acl.c b/ypserv.tproj/acl.c index 14e767f..6f0f1f5 100644 --- a/ypserv.tproj/acl.c +++ b/ypserv.tproj/acl.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypserv.tproj/acl.h b/ypserv.tproj/acl.h index cb10663..e5bc46a 100644 --- a/ypserv.tproj/acl.h +++ b/ypserv.tproj/acl.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypserv.tproj/yp.h b/ypserv.tproj/yp.h index cfe590b..ec9b22d 100644 --- a/ypserv.tproj/yp.h +++ b/ypserv.tproj/yp.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypserv.tproj/ypdb.c b/ypserv.tproj/ypdb.c index c9bd178..9530e42 100644 --- a/ypserv.tproj/ypdb.c +++ b/ypserv.tproj/ypdb.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypserv.tproj/ypdb.h b/ypserv.tproj/ypdb.h index 45b0a7f..61e9547 100644 --- a/ypserv.tproj/ypdb.h +++ b/ypserv.tproj/ypdb.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypserv.tproj/ypdef.h b/ypserv.tproj/ypdef.h index 89970d7..ade70ef 100644 --- a/ypserv.tproj/ypdef.h +++ b/ypserv.tproj/ypdef.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypserv.tproj/yplog.c b/ypserv.tproj/yplog.c index 3460c9a..a791cc7 100644 --- a/ypserv.tproj/yplog.c +++ b/ypserv.tproj/yplog.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypserv.tproj/yplog.h b/ypserv.tproj/yplog.h index dd9d6fb..d9a7254 100644 --- a/ypserv.tproj/yplog.h +++ b/ypserv.tproj/yplog.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypserv.tproj/ypserv.c b/ypserv.tproj/ypserv.c index 7089884..e38c696 100644 --- a/ypserv.tproj/ypserv.c +++ b/ypserv.tproj/ypserv.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypserv.tproj/ypserv_db.c b/ypserv.tproj/ypserv_db.c index b7b6469..88c9ab5 100644 --- a/ypserv.tproj/ypserv_db.c +++ b/ypserv.tproj/ypserv_db.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypserv.tproj/ypserv_proc.c b/ypserv.tproj/ypserv_proc.c index 84accf6..1aeb533 100644 --- a/ypserv.tproj/ypserv_proc.c +++ b/ypserv.tproj/ypserv_proc.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypserv.tproj/ypserv_xdr.c b/ypserv.tproj/ypserv_xdr.c index 2e1fb2a..f7d47cf 100644 --- a/ypserv.tproj/ypserv_xdr.c +++ b/ypserv.tproj/ypserv_xdr.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypserv.tproj/ypserv_xdr_v1.c b/ypserv.tproj/ypserv_xdr_v1.c index 3870f58..d77755d 100644 --- a/ypserv.tproj/ypserv_xdr_v1.c +++ b/ypserv.tproj/ypserv_xdr_v1.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypserv.tproj/ypv1.h b/ypserv.tproj/ypv1.h index d378f83..431ce33 100644 --- a/ypserv.tproj/ypv1.h +++ b/ypserv.tproj/ypv1.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypset.tproj/ypset.c b/ypset.tproj/ypset.c index cddc148..834ca8a 100644 --- a/ypset.tproj/ypset.c +++ b/ypset.tproj/ypset.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypwhich.tproj/Makefile b/ypwhich.tproj/Makefile index 4eb6204..231a00b 100644 --- a/ypwhich.tproj/Makefile +++ b/ypwhich.tproj/Makefile @@ -14,7 +14,7 @@ PROJECT_TYPE = Tool CFILES = ypwhich.c -OTHERSRCS = Makefile.dist Makefile.preamble ypwhich.1 +OTHERSRCS = Makefile.dist Makefile.preamble Makefile.postamble ypwhich.1 MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles diff --git a/ypwhich.tproj/Makefile.postamble b/ypwhich.tproj/Makefile.postamble new file mode 100644 index 0000000..1659a18 --- /dev/null +++ b/ypwhich.tproj/Makefile.postamble @@ -0,0 +1,103 @@ +############################################################################### +# Makefile.postamble +# Copyright 1997, Apple Computer, Inc. +# +# Use this makefile, which is imported after all other makefiles, to +# override attributes for a project's Makefile environment. This allows you +# to take advantage of the environment set up by the other Makefiles. +# You can also define custom rules at the end of this file. +# +############################################################################### +# +# These variables are exported by the standard makefiles and can be +# used in any customizations you make. They are *outputs* of +# the Makefiles and should be used, not set. +# +# PRODUCTS: products to install. All of these products will be placed in +# the directory $(DSTROOT)$(INSTALLDIR) +# GLOBAL_RESOURCE_DIR: The directory to which resources are copied. +# LOCAL_RESOURCE_DIR: The directory to which localized resources are copied. +# OFILE_DIR: Directory into which .o object files are generated. +# DERIVED_SRC_DIR: Directory used for all other derived files +# +# ALL_CFLAGS: flags to pass when compiling .c files +# ALL_MFLAGS: flags to pass when compiling .m files +# ALL_CCFLAGS: flags to pass when compiling .cc, .cxx, and .C files +# ALL_MMFLAGS: flags to pass when compiling .mm, .mxx, and .M files +# ALL_PRECOMPFLAGS: flags to pass when precompiling .h files +# ALL_LDFLAGS: flags to pass when linking object files +# ALL_LIBTOOL_FLAGS: flags to pass when libtooling object files +# ALL_PSWFLAGS: flags to pass when processing .psw and .pswm (pswrap) files +# ALL_RPCFLAGS: flags to pass when processing .rpc (rpcgen) files +# ALL_YFLAGS: flags to pass when processing .y (yacc) files +# ALL_LFLAGS: flags to pass when processing .l (lex) files +# +# NAME: name of application, bundle, subproject, palette, etc. +# LANGUAGE: langage in which the project is written (default "English") +# LOCAL_RESOURCES: localized resources (e.g. nib's, images) of project +# GLOBAL_RESOURCES: non-localized resources of project +# +# SRCROOT: base directory in which to place the new source files +# SRCPATH: relative path from SRCROOT to present subdirectory +# +# INSTALLDIR: Directory the product will be installed into by 'install' target +# PUBLIC_HDR_INSTALLDIR: where to install public headers. Don't forget +# to prefix this with DSTROOT when you use it. +# PRIVATE_HDR_INSTALLDIR: where to install private headers. Don't forget +# to prefix this with DSTROOT when you use it. +# +# EXECUTABLE_EXT: Executable extension for the platform (i.e. .exe on Windows) +# +############################################################################### + +# Some compiler flags can be overridden here for certain build situations. +# +# WARNING_CFLAGS: flag used to set warning level (defaults to -Wmost) +# DEBUG_SYMBOLS_CFLAGS: debug-symbol flag passed to all builds (defaults +# to -g) +# DEBUG_BUILD_CFLAGS: flags passed during debug builds (defaults to -DDEBUG) +# OPTIMIZE_BUILD_CFLAGS: flags passed during optimized builds (defaults +# to -O) +# PROFILE_BUILD_CFLAGS: flags passed during profile builds (defaults +# to -pg -DPROFILE) +# LOCAL_DIR_INCLUDE_DIRECTIVE: flag used to add current directory to +# the include path (defaults to -I.) +# DEBUG_BUILD_LDFLAGS, OPTIMIZE_BUILD_LDFLAGS, PROFILE_BUILD_LDFLAGS: flags +# passed to ld/libtool (defaults to nothing) + + +# Library and Framework projects only: +# INSTALL_NAME_DIRECTIVE: This directive ensures that executables linked +# against the framework will run against the correct version even if +# the current version of the framework changes. You may override this +# to "" as an alternative to using the DYLD_LIBRARY_PATH during your +# development cycle, but be sure to restore it before installing. + + +# Ownership and permissions of files installed by 'install' target + +#INSTALL_AS_USER = root + # User/group ownership +#INSTALL_AS_GROUP = wheel + # (probably want to set both of these) +#INSTALL_PERMISSIONS = + # If set, 'install' chmod's executable to this + + +# Options to strip. Note: -S strips debugging symbols (executables can be stripped +# down further with -x or, if they load no bundles, with no options at all). + +#STRIPFLAGS = -S + + +######################################################################### +# Put rules to extend the behavior of the standard Makefiles here. Include them in +# the dependency tree via cvariables like AFTER_INSTALL in the Makefile.preamble. +# +# You should avoid redefining things like "install" or "app", as they are +# owned by the top-level Makefile API and no context has been set up for where +# derived files should go. +# +after_install: + $(MKDIR) -p $(DSTROOT)/usr/share/man/man1 + $(CP) ypwhich.1 $(DSTROOT)/usr/share/man/man1/ diff --git a/ypwhich.tproj/Makefile.preamble b/ypwhich.tproj/Makefile.preamble index dc05194..cdcdf89 100644 --- a/ypwhich.tproj/Makefile.preamble +++ b/ypwhich.tproj/Makefile.preamble @@ -1,2 +1,3 @@ OTHER_GENERATED_OFILES = $(VERS_OFILE) -include ../Makefile.include +AFTER_INSTALL = after_install diff --git a/ypwhich.tproj/ypwhich.c b/ypwhich.tproj/ypwhich.c index 523e1d0..9b8b736 100644 --- a/ypwhich.tproj/ypwhich.c +++ b/ypwhich.tproj/ypwhich.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypxfr.tproj/ypdb.c b/ypxfr.tproj/ypdb.c index c9bd178..9530e42 100644 --- a/ypxfr.tproj/ypdb.c +++ b/ypxfr.tproj/ypdb.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypxfr.tproj/ypdb.h b/ypxfr.tproj/ypdb.h index 45b0a7f..61e9547 100644 --- a/ypxfr.tproj/ypdb.h +++ b/ypxfr.tproj/ypdb.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypxfr.tproj/ypdef.h b/ypxfr.tproj/ypdef.h index 89970d7..ade70ef 100644 --- a/ypxfr.tproj/ypdef.h +++ b/ypxfr.tproj/ypdef.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypxfr.tproj/yplib_host.c b/ypxfr.tproj/yplib_host.c index 70b914b..275211b 100644 --- a/ypxfr.tproj/yplib_host.c +++ b/ypxfr.tproj/yplib_host.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypxfr.tproj/yplib_host.h b/ypxfr.tproj/yplib_host.h index 038fb68..32d43cd 100644 --- a/ypxfr.tproj/yplib_host.h +++ b/ypxfr.tproj/yplib_host.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypxfr.tproj/yplog.c b/ypxfr.tproj/yplog.c index 3460c9a..a791cc7 100644 --- a/ypxfr.tproj/yplog.c +++ b/ypxfr.tproj/yplog.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypxfr.tproj/yplog.h b/ypxfr.tproj/yplog.h index dd9d6fb..d9a7254 100644 --- a/ypxfr.tproj/yplog.h +++ b/ypxfr.tproj/yplog.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypxfr.tproj/ypxfr.c b/ypxfr.tproj/ypxfr.c index faa88bf..ee763f7 100644 --- a/ypxfr.tproj/ypxfr.c +++ b/ypxfr.tproj/ypxfr.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypxfr.tproj/ypxfr_xdr.c b/ypxfr.tproj/ypxfr_xdr.c index 460addf..a7d2458 100644 --- a/ypxfr.tproj/ypxfr_xdr.c +++ b/ypxfr.tproj/ypxfr_xdr.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ -- 2.45.2