1 /* $OpenBSD: rpc.c,v 1.15 2015/08/15 19:42:56 miod Exp $ */ 2 /* $NetBSD: rpc.c,v 1.16 1996/10/13 02:29:06 christos Exp $ */ 3 4 /* 5 * Copyright (c) 1992 Regents of the University of California. 6 * All rights reserved. 7 * 8 * This software was developed by the Computer Systems Engineering group 9 * at Lawrence Berkeley Laboratory under DARPA contract BG 91-66 and 10 * contributed to Berkeley. 11 * 12 * Redistribution and use in source and binary forms, with or without 13 * modification, are permitted provided that the following conditions 14 * are met: 15 * 1. Redistributions of source code must retain the above copyright 16 * notice, this list of conditions and the following disclaimer. 17 * 2. Redistributions in binary form must reproduce the above copyright 18 * notice, this list of conditions and the following disclaimer in the 19 * documentation and/or other materials provided with the distribution. 20 * 3. All advertising materials mentioning features or use of this software 21 * must display the following acknowledgement: 22 * This product includes software developed by the University of 23 * California, Lawrence Berkeley Laboratory and its contributors. 24 * 4. Neither the name of the University nor the names of its contributors 25 * may be used to endorse or promote products derived from this software 26 * without specific prior written permission. 27 * 28 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 29 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 30 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 31 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 32 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 33 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 34 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 35 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 36 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 37 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 38 * SUCH DAMAGE. 39 * 40 * @(#) Header: rpc.c,v 1.12 93/09/28 08:31:56 leres Exp (LBL) 41 */ 42 43 /* 44 * RPC functions used by NFS and bootparams. 45 * Note that bootparams requires the ability to find out the 46 * address of the server from which its response has come. 47 * This is supported by keeping the IP/UDP headers in the 48 * buffer space provided by the caller. (See rpc_fromaddr) 49 */ 50 51 #include <sys/param.h> 52 #include <sys/socket.h> 53 54 #include <netinet/in.h> 55 56 #include <nfs/rpcv2.h> 57 58 #include "stand.h" 59 #include "net.h" 60 #include "netif.h" 61 #include "rpc.h" 62 63 struct auth_info { 64 int32_t authtype; /* auth type */ 65 u_int32_t authlen; /* auth length */ 66 }; 67 68 struct auth_unix { 69 int32_t ua_time; 70 int32_t ua_hostname; /* null */ 71 int32_t ua_uid; 72 int32_t ua_gid; 73 int32_t ua_gidlist; /* null */ 74 }; 75 76 struct rpc_call { 77 u_int32_t rp_xid; /* request transaction id */ 78 int32_t rp_direction; /* call direction (0) */ 79 u_int32_t rp_rpcvers; /* rpc version (2) */ 80 u_int32_t rp_prog; /* program */ 81 u_int32_t rp_vers; /* version */ 82 u_int32_t rp_proc; /* procedure */ 83 }; 84 85 struct rpc_reply { 86 u_int32_t rp_xid; /* request transaction id */ 87 int32_t rp_direction; /* call direction (1) */ 88 int32_t rp_astatus; /* accept status (0: accepted) */ 89 union { 90 u_int32_t rpu_errno; 91 struct { 92 struct auth_info rok_auth; 93 u_int32_t rok_status; 94 } rpu_rok; 95 } rp_u; 96 }; 97 98 /* Local forwards */ 99 static ssize_t recvrpc(struct iodesc *, void *, size_t, time_t); 100 static int rpc_getport(struct iodesc *, u_int32_t, u_int32_t); 101 102 int rpc_xid; 103 int rpc_port = 0x400; /* predecrement */ 104 105 /* 106 * Make a rpc call; return length of answer 107 * Note: Caller must leave room for headers. 108 */ 109 ssize_t 110 rpc_call(struct iodesc *d, u_int32_t prog, u_int32_t vers, u_int32_t proc, void *sdata, 111 size_t slen, void *rdata, size_t rlen) 112 { 113 ssize_t cc; 114 struct auth_info *auth; 115 struct rpc_call *call; 116 struct rpc_reply *reply; 117 char *send_head, *send_tail; 118 char *recv_head, *recv_tail; 119 u_int32_t x; 120 int port; /* host order */ 121 122 #ifdef RPC_DEBUG 123 if (debug) 124 printf("rpc_call: prog=0x%x vers=%d proc=%d\n", 125 prog, vers, proc); 126 #endif 127 128 port = rpc_getport(d, prog, vers); 129 if (port == -1) 130 return (-1); 131 132 d->destport = htons(port); 133 134 /* 135 * Prepend authorization stuff and headers. 136 * Note, must prepend things in reverse order. 137 */ 138 send_head = sdata; 139 send_tail = (char *)sdata + slen; 140 141 /* Auth verifier is always auth_null */ 142 send_head -= sizeof(*auth); 143 auth = (struct auth_info *)send_head; 144 auth->authtype = htonl(RPCAUTH_NULL); 145 auth->authlen = 0; 146 147 #if 1 148 /* Auth credentials: always auth unix (as root) */ 149 send_head -= sizeof(struct auth_unix); 150 bzero(send_head, sizeof(struct auth_unix)); 151 send_head -= sizeof(*auth); 152 auth = (struct auth_info *)send_head; 153 auth->authtype = htonl(RPCAUTH_UNIX); 154 auth->authlen = htonl(sizeof(struct auth_unix)); 155 #else 156 /* Auth credentials: always auth_null (XXX OK?) */ 157 send_head -= sizeof(*auth); 158 auth = send_head; 159 auth->authtype = htonl(RPCAUTH_NULL); 160 auth->authlen = 0; 161 #endif 162 163 /* RPC call structure. */ 164 send_head -= sizeof(*call); 165 call = (struct rpc_call *)send_head; 166 rpc_xid++; 167 call->rp_xid = htonl(rpc_xid); 168 call->rp_direction = htonl(RPC_CALL); 169 call->rp_rpcvers = htonl(RPC_VER2); 170 call->rp_prog = htonl(prog); 171 call->rp_vers = htonl(vers); 172 call->rp_proc = htonl(proc); 173 174 /* Make room for the rpc_reply header. */ 175 recv_head = rdata; 176 recv_tail = (char *)rdata + rlen; 177 recv_head -= sizeof(*reply); 178 179 cc = sendrecv(d, 180 sendudp, send_head, send_tail - send_head, 181 recvrpc, recv_head, recv_tail - recv_head); 182 183 #ifdef RPC_DEBUG 184 if (debug) 185 printf("callrpc: cc=%d rlen=%d\n", cc, rlen); 186 #endif 187 if (cc <= -1) 188 return (-1); 189 190 if ((size_t)cc <= sizeof(*reply)) { 191 errno = EBADRPC; 192 return (-1); 193 } 194 195 recv_tail = recv_head + cc; 196 197 /* 198 * Check the RPC reply status. 199 * The xid, dir, astatus were already checked. 200 */ 201 reply = (struct rpc_reply *)recv_head; 202 auth = &reply->rp_u.rpu_rok.rok_auth; 203 x = ntohl(auth->authlen); 204 if (x != 0) { 205 #ifdef RPC_DEBUG 206 if (debug) 207 printf("callrpc: reply auth != NULL\n"); 208 #endif 209 errno = EBADRPC; 210 return(-1); 211 } 212 x = ntohl(reply->rp_u.rpu_rok.rok_status); 213 if (x != 0) { 214 printf("callrpc: error = %d\n", x); 215 errno = EBADRPC; 216 return(-1); 217 } 218 recv_head += sizeof(*reply); 219 220 return (ssize_t)(recv_tail - recv_head); 221 } 222 223 /* 224 * Returns true if packet is the one we're waiting for. 225 * This just checks the XID, direction, acceptance. 226 * Remaining checks are done by callrpc 227 */ 228 static ssize_t 229 recvrpc(struct iodesc *d, void *pkt, size_t len, time_t tleft) 230 { 231 struct rpc_reply *reply; 232 ssize_t n; 233 int x; 234 235 errno = 0; 236 #ifdef RPC_DEBUG 237 if (debug) 238 printf("recvrpc: called len=%d\n", len); 239 #endif 240 241 n = readudp(d, pkt, len, tleft); 242 if (n <= (4 * 4)) 243 return -1; 244 245 reply = (struct rpc_reply *)pkt; 246 247 x = ntohl(reply->rp_xid); 248 if (x != rpc_xid) { 249 #ifdef RPC_DEBUG 250 if (debug) 251 printf("recvrpc: rp_xid %d != xid %d\n", x, rpc_xid); 252 #endif 253 return -1; 254 } 255 256 x = ntohl(reply->rp_direction); 257 if (x != RPC_REPLY) { 258 #ifdef RPC_DEBUG 259 if (debug) 260 printf("recvrpc: rp_direction %d != REPLY\n", x); 261 #endif 262 return -1; 263 } 264 265 x = ntohl(reply->rp_astatus); 266 if (x != RPC_MSGACCEPTED) { 267 errno = ntohl(reply->rp_u.rpu_errno); 268 printf("recvrpc: reject, astat=%d, errno=%d\n", x, errno); 269 return -1; 270 } 271 272 /* Return data count (thus indicating success) */ 273 return (n); 274 } 275 276 /* 277 * Given a pointer to a reply just received, 278 * dig out the IP address/port from the headers. 279 */ 280 void 281 rpc_fromaddr(void *pkt, struct in_addr *addr, u_short *port) 282 { 283 struct hackhdr { 284 /* Tail of IP header: just IP addresses */ 285 u_int32_t ip_src; 286 u_int32_t ip_dst; 287 /* UDP header: */ 288 u_int16_t uh_sport; /* source port */ 289 u_int16_t uh_dport; /* destination port */ 290 int16_t uh_ulen; /* udp length */ 291 u_int16_t uh_sum; /* udp checksum */ 292 /* RPC reply header: */ 293 struct rpc_reply rpc; 294 } *hhdr; 295 296 hhdr = ((struct hackhdr *)pkt) - 1; 297 addr->s_addr = hhdr->ip_src; 298 *port = hhdr->uh_sport; 299 } 300 301 /* 302 * RPC Portmapper cache 303 */ 304 #define PMAP_NUM 8 /* need at most 5 pmap entries */ 305 306 int rpc_pmap_num; 307 struct pmap_list { 308 struct in_addr addr; /* server, net order */ 309 u_int prog; /* host order */ 310 u_int vers; /* host order */ 311 int port; /* host order */ 312 } rpc_pmap_list[PMAP_NUM]; 313 314 /* return port number in host order, or -1 */ 315 int 316 rpc_pmap_getcache(struct in_addr addr, u_int prog, u_int vers) 317 { 318 struct pmap_list *pl; 319 320 for (pl = rpc_pmap_list; pl < &rpc_pmap_list[rpc_pmap_num]; pl++) { 321 if (pl->addr.s_addr == addr.s_addr && 322 pl->prog == prog && pl->vers == vers) 323 return (pl->port); 324 } 325 return (-1); 326 } 327 328 void 329 rpc_pmap_putcache(struct in_addr addr, u_int prog, u_int vers, int port) 330 { 331 struct pmap_list *pl; 332 333 /* Don't overflow cache... */ 334 if (rpc_pmap_num >= PMAP_NUM) { 335 /* ... just re-use the last entry. */ 336 rpc_pmap_num = PMAP_NUM - 1; 337 #ifdef RPC_DEBUG 338 printf("rpc_pmap_putcache: cache overflow\n"); 339 #endif 340 } 341 342 pl = &rpc_pmap_list[rpc_pmap_num]; 343 rpc_pmap_num++; 344 345 /* Cache answer */ 346 pl->addr = addr; 347 pl->prog = prog; 348 pl->vers = vers; 349 pl->port = port; 350 } 351 352 353 /* 354 * Request a port number from the port mapper. 355 * Returns the port in host order. 356 */ 357 int 358 rpc_getport(struct iodesc *d, u_int32_t prog, u_int32_t vers) 359 { 360 struct args { 361 u_int32_t prog; /* call program */ 362 u_int32_t vers; /* call version */ 363 u_int32_t proto; /* call protocol */ 364 u_int32_t port; /* call port (unused) */ 365 } *args; 366 struct res { 367 u_int32_t port; 368 } *res; 369 struct { 370 u_int32_t h[RPC_HEADER_WORDS]; 371 struct args d; 372 } sdata; 373 struct { 374 u_int32_t h[RPC_HEADER_WORDS]; 375 struct res d; 376 u_int32_t pad; 377 } rdata; 378 ssize_t cc; 379 int port; 380 381 #ifdef RPC_DEBUG 382 if (debug) 383 printf("getport: prog=0x%x vers=%d\n", prog, vers); 384 #endif 385 386 /* This one is fixed forever. */ 387 if (prog == PMAPPROG) 388 return (PMAPPORT); 389 390 /* Try for cached answer first */ 391 port = rpc_pmap_getcache(d->destip, prog, vers); 392 if (port != -1) 393 return (port); 394 395 args = &sdata.d; 396 args->prog = htonl(prog); 397 args->vers = htonl(vers); 398 args->proto = htonl(IPPROTO_UDP); 399 args->port = 0; 400 res = &rdata.d; 401 402 cc = rpc_call(d, PMAPPROG, PMAPVERS, PMAPPROC_GETPORT, 403 args, sizeof(*args), res, sizeof(*res)); 404 if (cc < 0 || (size_t)cc < sizeof(*res)) { 405 printf("getport: %s", strerror(errno)); 406 errno = EBADRPC; 407 return (-1); 408 } 409 port = (int)ntohl(res->port); 410 411 rpc_pmap_putcache(d->destip, prog, vers, port); 412 413 return (port); 414 } 415