1 /* $NetBSD: ypserv.c,v 1.15 2001/10/16 01:51:27 itojun Exp $ */ 2 3 /* 4 * Copyright (c) 1994 Mats O Jansson <moj@stacken.kth.se> 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. All advertising materials mentioning features or use of this software 16 * must display the following acknowledgement: 17 * This product includes software developed by Mats O Jansson 18 * 4. The name of the author may not be used to endorse or promote products 19 * derived from this software without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS 22 * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 23 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY 25 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 */ 33 34 #include <sys/cdefs.h> 35 #ifndef lint 36 __RCSID("$NetBSD: ypserv.c,v 1.15 2001/10/16 01:51:27 itojun Exp $"); 37 #endif 38 39 #include <sys/types.h> 40 #include <sys/socket.h> 41 #include <sys/wait.h> 42 43 #include <err.h> 44 #include <netdb.h> 45 #include <signal.h> 46 #include <stdio.h> 47 #include <stdlib.h> 48 #include <string.h> 49 #include <syslog.h> 50 #include <unistd.h> 51 #include <util.h> 52 53 #include <rpc/rpc.h> 54 #include <rpc/xdr.h> 55 #include <rpc/pmap_clnt.h> 56 57 #include <rpcsvc/yp_prot.h> 58 59 #include "ypdef.h" 60 #include "ypserv.h" 61 62 #ifdef LIBWRAP 63 #include <tcpd.h> 64 65 int allow_severity = LOG_DAEMON | LOG_INFO; 66 int deny_severity = LOG_DAEMON | LOG_WARNING; 67 68 /* XXX For ypserv_proc.c -- NOT THREAD SAFE! (like any of this code is) */ 69 const char *clientstr; 70 const char *svcname; 71 #endif /* LIBWRAP */ 72 73 #ifdef __STDC__ 74 #define SIG_PF void(*)(int) 75 #endif 76 77 int usedns; 78 #ifdef DEBUG 79 int foreground = 1; 80 #else 81 int foreground; 82 #endif 83 84 #ifdef LIBWRAP 85 int lflag; 86 #endif 87 88 int main __P((int, char *[])); 89 void usage __P((void)); 90 91 void sighandler __P((int)); 92 93 94 static 95 void _msgout(int level, const char *msg) 96 { 97 if (foreground) 98 warnx("%s", msg); 99 else 100 syslog(level, "%s", msg); 101 } 102 103 static void 104 ypprog_2(struct svc_req *rqstp, SVCXPRT *transp) 105 { 106 union { 107 char * ypproc_domain_2_arg; 108 char * ypproc_domain_nonack_2_arg; 109 struct ypreq_key ypproc_match_2_arg; 110 struct ypreq_nokey ypproc_first_2_arg; 111 struct ypreq_key ypproc_next_2_arg; 112 struct ypreq_xfr ypproc_xfr_2_arg; 113 struct ypreq_nokey ypproc_all_2_arg; 114 struct ypreq_nokey ypproc_master_2_arg; 115 struct ypreq_nokey ypproc_order_2_arg; 116 char * ypproc_maplist_2_arg; 117 } argument; 118 char *result; 119 xdrproc_t xdr_argument, xdr_result; 120 void *(*local) __P((void *, struct svc_req *)); 121 #ifdef LIBWRAP 122 struct request_info req; 123 struct sockaddr *caller; 124 #define SVCNAME(x) svcname = x 125 #else 126 #define SVCNAME(x) /* nothing */ 127 #endif 128 129 #ifdef LIBWRAP 130 caller = svc_getrpccaller(transp)->buf; 131 request_init(&req, RQ_DAEMON, getprogname(), RQ_CLIENT_SIN, caller, 132 NULL); 133 sock_methods(&req); 134 #endif 135 136 switch (rqstp->rq_proc) { 137 case YPPROC_NULL: 138 xdr_argument = xdr_void; 139 xdr_result = xdr_void; 140 local = ypproc_null_2_svc; 141 SVCNAME("null_2"); 142 break; 143 144 case YPPROC_DOMAIN: 145 xdr_argument = xdr_ypdomain_wrap_string; 146 xdr_result = xdr_bool; 147 local = ypproc_domain_2_svc; 148 SVCNAME("domain_2"); 149 break; 150 151 case YPPROC_DOMAIN_NONACK: 152 xdr_argument = xdr_ypdomain_wrap_string; 153 xdr_result = xdr_bool; 154 local = ypproc_domain_nonack_2_svc; 155 SVCNAME("domain_nonack_2"); 156 break; 157 158 case YPPROC_MATCH: 159 xdr_argument = xdr_ypreq_key; 160 xdr_result = xdr_ypresp_val; 161 local = ypproc_match_2_svc; 162 SVCNAME("match_2"); 163 break; 164 165 case YPPROC_FIRST: 166 xdr_argument = xdr_ypreq_nokey; 167 xdr_result = xdr_ypresp_key_val; 168 local = ypproc_first_2_svc; 169 SVCNAME("first_2"); 170 break; 171 172 case YPPROC_NEXT: 173 xdr_argument = xdr_ypreq_key; 174 xdr_result = xdr_ypresp_key_val; 175 local = ypproc_next_2_svc; 176 SVCNAME("next_2"); 177 break; 178 179 case YPPROC_XFR: 180 xdr_argument = xdr_ypreq_xfr; 181 xdr_result = xdr_ypresp_xfr; 182 local = ypproc_xfr_2_svc; 183 SVCNAME("xfer_2"); 184 break; 185 186 case YPPROC_CLEAR: 187 xdr_argument = xdr_void; 188 xdr_result = xdr_void; 189 local = ypproc_clear_2_svc; 190 SVCNAME("clear_2"); 191 break; 192 193 case YPPROC_ALL: 194 xdr_argument = xdr_ypreq_nokey; 195 xdr_result = xdr_ypresp_all; 196 local = ypproc_all_2_svc; 197 SVCNAME("all_2"); 198 break; 199 200 case YPPROC_MASTER: 201 xdr_argument = xdr_ypreq_nokey; 202 xdr_result = xdr_ypresp_master; 203 local = ypproc_master_2_svc; 204 SVCNAME("master_2"); 205 break; 206 207 case YPPROC_ORDER: 208 xdr_argument = xdr_ypreq_nokey; 209 xdr_result = xdr_ypresp_order; 210 local = ypproc_order_2_svc; 211 SVCNAME("order_2"); 212 break; 213 214 case YPPROC_MAPLIST: 215 xdr_argument = xdr_ypdomain_wrap_string; 216 xdr_result = xdr_ypresp_maplist; 217 local = ypproc_maplist_2_svc; 218 SVCNAME("maplist_2"); 219 break; 220 221 default: 222 svcerr_noproc(transp); 223 return; 224 } 225 226 #ifdef LIBWRAP 227 clientstr = eval_client(&req); 228 229 if (hosts_access(&req) == 0) { 230 syslog(deny_severity, 231 "%s: refused request from %.500s", svcname, clientstr); 232 svcerr_auth(transp, AUTH_FAILED); 233 return; 234 } 235 #endif 236 237 (void) memset((char *)&argument, 0, sizeof (argument)); 238 if (!svc_getargs(transp, xdr_argument, (caddr_t) &argument)) { 239 svcerr_decode(transp); 240 return; 241 } 242 result = (*local)(&argument, rqstp); 243 if (result != NULL && !svc_sendreply(transp, xdr_result, result)) { 244 svcerr_systemerr(transp); 245 } 246 if (!svc_freeargs(transp, xdr_argument, (caddr_t) &argument)) { 247 _msgout(LOG_ERR, "unable to free arguments"); 248 exit(1); 249 } 250 return; 251 } 252 253 /* 254 * limited NIS version 1 support: the null, domain, and domain_nonack 255 * request/reply format is identical between v1 and v2. SunOS4's ypbind 256 * makes v1 domain_nonack calls. 257 */ 258 static void 259 ypprog_1(struct svc_req *rqstp, SVCXPRT *transp) 260 { 261 switch (rqstp->rq_proc) { 262 case YPPROC_NULL: 263 case YPPROC_DOMAIN: 264 case YPPROC_DOMAIN_NONACK: 265 ypprog_2(rqstp, transp); 266 return; 267 268 default: 269 svcerr_noproc(transp); 270 return; 271 } 272 } 273 274 int 275 main(argc, argv) 276 int argc; 277 char *argv[]; 278 { 279 SVCXPRT *udptransp, *tcptransp, *udp6transp, *tcp6transp; 280 struct netconfig *udpconf, *tcpconf, *udp6conf, *tcp6conf; 281 int udpsock, tcpsock, udp6sock, tcp6sock; 282 struct sigaction sa; 283 int ch, xcreated = 0, one = 1; 284 285 #ifdef LIBWRAP 286 #define GETOPTSTR "dfl" 287 #else 288 #define GETOPTSTR "df" 289 #endif 290 291 while ((ch = getopt(argc, argv, GETOPTSTR)) != -1) { 292 switch (ch) { 293 case 'd': 294 usedns = 1; 295 break; 296 case 'f': 297 foreground = 1; 298 break; 299 300 #ifdef LIBWRAP 301 case 'l': 302 lflag = 1; 303 break; 304 #endif 305 default: 306 usage(); 307 } 308 } 309 310 #undef GETOPTSTR 311 312 /* This program must be run by root. */ 313 if (geteuid() != 0) 314 errx(1, "must run as root"); 315 316 if (foreground == 0 && daemon(0, 0)) 317 err(1, "can't detach"); 318 319 openlog("ypserv", LOG_PID, LOG_DAEMON); 320 syslog(LOG_INFO, "starting"); 321 pidfile(NULL); 322 323 (void) rpcb_unset(YPPROG, YPVERS, NULL); 324 (void) rpcb_unset(YPPROG, YPVERS_ORIG, NULL); 325 326 udpsock = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP); 327 tcpsock = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); 328 udp6sock = socket(AF_INET6, SOCK_DGRAM, IPPROTO_UDP); 329 tcp6sock = socket(AF_INET6, SOCK_STREAM, IPPROTO_TCP); 330 331 /* 332 * We're doing host-based access checks here, so don't allow 333 * v4-in-v6 to confuse things. 334 */ 335 if (udp6sock != -1 && setsockopt(udp6sock, IPPROTO_IPV6, 336 IPV6_V6ONLY, &one, sizeof(one)) < 0) { 337 _msgout(LOG_ERR, "can't disable v4-in-v6 on UDP socket"); 338 exit(1); 339 } 340 if (tcp6sock != -1 && setsockopt(tcp6sock, IPPROTO_IPV6, 341 IPV6_V6ONLY, &one, sizeof(one)) < 0) { 342 _msgout(LOG_ERR, "can't disable v4-in-v6 on TCP socket"); 343 exit(1); 344 } 345 346 ypdb_init(); /* init db stuff */ 347 348 sa.sa_handler = sighandler; 349 sa.sa_flags = 0; 350 if (sigemptyset(&sa.sa_mask)) { 351 _msgout(LOG_ERR, "sigemptyset: %m"); 352 exit(1); 353 } 354 if (sigaction(SIGCHLD, &sa, NULL)) { 355 _msgout(LOG_ERR, "sigaction: %m"); 356 exit(1); 357 } 358 359 udpconf = getnetconfigent("udp"); 360 tcpconf = getnetconfigent("tcp"); 361 udp6conf = getnetconfigent("udp6"); 362 tcp6conf = getnetconfigent("tcp6"); 363 364 if (udpsock != -1 && udpconf != NULL) { 365 if (bindresvport(udpsock, NULL) == 0) { 366 udptransp = svc_dg_create(udpsock, 0, 0); 367 if (udptransp != NULL) { 368 if (svc_reg(udptransp, YPPROG, YPVERS_ORIG, 369 ypprog_1, udpconf) == 0 || 370 svc_reg(udptransp, YPPROG, YPVERS, 371 ypprog_2, udpconf) == 0) 372 _msgout(LOG_WARNING, 373 "unable to register UDP service"); 374 else 375 xcreated++; 376 } else 377 _msgout(LOG_WARNING, 378 "unable to create UDP service"); 379 } else 380 _msgout(LOG_ERR, "unable to bind reserved UDP port"); 381 freenetconfigent(udpconf); 382 } 383 384 if (tcpsock != -1 && tcpconf != NULL) { 385 if (bindresvport(tcpsock, NULL) == 0) { 386 listen(tcpsock, SOMAXCONN); 387 tcptransp = svc_vc_create(tcpsock, 0, 0); 388 if (tcptransp != NULL) { 389 if (svc_reg(tcptransp, YPPROG, YPVERS_ORIG, 390 ypprog_1, tcpconf) == 0 || 391 svc_reg(tcptransp, YPPROG, YPVERS, 392 ypprog_2, tcpconf) == 0) 393 _msgout(LOG_WARNING, 394 "unable to register TCP service"); 395 else 396 xcreated++; 397 } else 398 _msgout(LOG_WARNING, 399 "unable to create TCP service"); 400 } else 401 _msgout(LOG_ERR, "unable to bind reserved TCP port"); 402 freenetconfigent(tcpconf); 403 } 404 405 if (udp6sock != -1 && udp6conf != NULL) { 406 if (bindresvport(udp6sock, NULL) == 0) { 407 udp6transp = svc_dg_create(udp6sock, 0, 0); 408 if (udp6transp != NULL) { 409 if (svc_reg(udp6transp, YPPROG, YPVERS_ORIG, 410 ypprog_1, udp6conf) == 0 || 411 svc_reg(udp6transp, YPPROG, YPVERS, 412 ypprog_2, udp6conf) == 0) 413 _msgout(LOG_WARNING, 414 "unable to register UDP6 service"); 415 else 416 xcreated++; 417 } else 418 _msgout(LOG_WARNING, 419 "unable to create UDP6 service"); 420 } else 421 _msgout(LOG_ERR, "unable to bind reserved UDP6 port"); 422 freenetconfigent(udp6conf); 423 } 424 425 if (tcp6sock != -1 && tcp6conf != NULL) { 426 if (bindresvport(tcp6sock, NULL) == 0) { 427 listen(tcp6sock, SOMAXCONN); 428 tcp6transp = svc_vc_create(tcp6sock, 0, 0); 429 if (tcp6transp != NULL) { 430 if (svc_reg(tcp6transp, YPPROG, YPVERS_ORIG, 431 ypprog_1, tcp6conf) == 0 || 432 svc_reg(tcp6transp, YPPROG, YPVERS, 433 ypprog_2, tcp6conf) == 0) 434 _msgout(LOG_WARNING, 435 "unable to register TCP6 service"); 436 else 437 xcreated++; 438 } else 439 _msgout(LOG_WARNING, 440 "unable to create TCP6 service"); 441 } else 442 _msgout(LOG_ERR, "unable to bind reserved TCP6 port"); 443 freenetconfigent(tcp6conf); 444 } 445 446 if (xcreated == 0) { 447 _msgout(LOG_ERR, "unable to create any services"); 448 exit(1); 449 } 450 451 svc_run(); 452 _msgout(LOG_ERR, "svc_run returned"); 453 exit(1); 454 /* NOTREACHED */ 455 } 456 457 void 458 sighandler(sig) 459 int sig; 460 { 461 462 /* SIGCHLD */ 463 while (wait3((int *)NULL, WNOHANG, (struct rusage *)NULL) > 0); 464 } 465 466 void 467 usage() 468 { 469 470 #ifdef LIBWRAP 471 #define USAGESTR "usage: %s [-d] [-l]\n" 472 #else 473 #define USAGESTR "usage: %s [-d]\n" 474 #endif 475 476 fprintf(stderr, USAGESTR, getprogname()); 477 exit(1); 478 479 #undef USAGESTR 480 } 481 482 /* 483 * _yp_invalid_map: check if given map name isn't legal. 484 * returns non-zero if invalid 485 * 486 * XXX: this probably should be in libc/yp/yplib.c 487 */ 488 int 489 _yp_invalid_map(map) 490 const char *map; 491 { 492 if (map == NULL || *map == '\0') 493 return 1; 494 495 if (strlen(map) > YPMAXMAP) 496 return 1; 497 498 if (strchr(map, '/') != NULL) 499 return 1; 500 501 return 0; 502 } 503