1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License, Version 1.0 only 6 * (the "License"). You may not use this file except in compliance 7 * with the License. 8 * 9 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10 * or http://www.opensolaris.org/os/licensing. 11 * See the License for the specific language governing permissions 12 * and limitations under the License. 13 * 14 * When distributing Covered Code, include this CDDL HEADER in each 15 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16 * If applicable, add the following below this CDDL HEADER, with the 17 * fields enclosed by brackets "[]" replaced with your own identifying 18 * information: Portions Copyright [yyyy] [name of copyright owner] 19 * 20 * CDDL HEADER END 21 */ 22 /* 23 * Copyright 2017 Gary Mills 24 * Copyright 2004 Sun Microsystems, Inc. All rights reserved. 25 * Use is subject to license terms. 26 */ 27 28 /* Copyright (c) 1983, 1984, 1985, 1986, 1987, 1988, 1989 AT&T */ 29 /* All Rights Reserved */ 30 31 /* 32 * Portions of this source code were derived from Berkeley 4.3 BSD 33 * under license from the Regents of the University of California. 34 */ 35 36 /* 37 * This contains the mainline code for the YP server. Data 38 * structures which are process-global are also in this module. 39 */ 40 41 /* this is so that ypserv will compile under 5.5 */ 42 #define _SVID_GETTOD 43 #include <sys/time.h> 44 extern int gettimeofday(struct timeval *); 45 46 #include "ypsym.h" 47 #include <sys/types.h> 48 #include <sys/wait.h> 49 #include <fcntl.h> 50 #include <rpc/rpc.h> 51 #include <netconfig.h> 52 #include <netdir.h> 53 #include <sys/select.h> 54 #include <stdlib.h> 55 #include <unistd.h> 56 #include <stdio.h> 57 #include <stdarg.h> 58 #include <signal.h> 59 #include "shim.h" 60 #include "yptol.h" 61 #include <syslog.h> 62 63 static char register_failed[] = "ypserv: Unable to register service for "; 64 bool silent = TRUE; 65 66 /* 67 * client_setup_failure will be TRUE, if setup of the 68 * connection to rpc.nisd_resolv failed 69 */ 70 bool client_setup_failure = FALSE; 71 72 /* N2L options */ 73 bool init_dit = FALSE; 74 bool init_containers = FALSE; 75 bool init_maps = FALSE; 76 char **ldapCLA = NULL; 77 78 /* For DNS forwarding command line option (-d) */ 79 bool dnsforward = FALSE; 80 int resolv_pid = 0; 81 CLIENT *resolv_client = NULL; 82 char *resolv_tp = "ticots"; 83 84 #ifdef MINUS_C_OPTION 85 /* For cluster support (-c) */ 86 bool multiflag = FALSE; 87 #endif 88 89 static char logfile[] = "/var/yp/ypserv.log"; 90 void logprintf(char *format, ...); 91 92 static void ypexit(void); 93 static void ypinit(int argc, char **argv); 94 static void ypdispatch(struct svc_req *rqstp, SVCXPRT *transp); 95 static void ypolddispatch(struct svc_req *rqstp, SVCXPRT *transp); 96 static void ypget_command_line_args(int argc, char **argv); 97 extern void setup_resolv(bool *fwding, int *child, 98 CLIENT **client, char *tp_type, long prognum); 99 static void cleanup_resolv(int); 100 101 /* 102 * This is the main line code for the yp server. 103 */ 104 int 105 main(int argc, char **argv) 106 { 107 if (geteuid() != 0) { 108 fprintf(stderr, "must be root to run %s\n", argv[0]); 109 exit(1); 110 } 111 112 /* Set up shop */ 113 ypinit(argc, argv); 114 115 /* If requested set up the N2L maps. May take a while */ 116 if (init_dit) 117 if (FAILURE == dump_maps_to_dit(init_containers)) { 118 fprintf(stderr, "Fatal error dumping maps to DIT." 119 " See syslog and LDAP server logs for details.\n"); 120 exit(1); 121 } 122 123 if (init_maps) 124 if (FAILURE == dump_dit_to_maps()) { 125 fprintf(stderr, "Fatal error dumping DIT to maps." 126 " See syslog and LDAP server logs for details.\n"); 127 exit(1); 128 } 129 130 /* 131 * If we were asked to init the maps now exit. User will then use 132 * ypstart to restart ypserv and all the other NIS daemons. 133 */ 134 if (init_dit || init_maps) { 135 printf("Map setup complete. Please now restart NIS daemons " 136 "with ypstart.\n"); 137 exit(0); 138 } 139 140 svc_run(); 141 142 /* 143 * This is stupid, but the compiler likes to warn us about the 144 * absence of returns from main() 145 */ 146 return (0); 147 } 148 149 typedef struct { 150 char *netid; 151 int fd; 152 int olddispatch; /* Register on protocol version 1 ? */ 153 int class; /* Other services that must succeed */ 154 SVCXPRT *xprt; 155 int ok; /* Registered successfully ? */ 156 } ypservice_t; 157 158 ypservice_t service[] = { 159 { "udp", -1, 1, 4, 0, 0 }, 160 { "tcp", -1, 1, 4, 0, 0 }, 161 { "udp6", -1, 0, 6, 0, 0 }, 162 { "tcp6", -1, 0, 6, 0, 0 } 163 }; 164 165 #define MAXSERVICES (sizeof (service)/sizeof (service[0])) 166 167 int service_classes[MAXSERVICES]; 168 169 /* 170 * Does startup processing for the yp server. 171 */ 172 static void 173 ypinit(int argc, char **argv) 174 { 175 int pid; 176 int stat; 177 struct sigaction act; 178 int ufd, tfd; 179 SVCXPRT *utransp, *ttransp; 180 struct netconfig *nconf; 181 int connmaxrec = RPC_MAXDATASIZE; 182 int i, j, services = 0; 183 184 185 /* 186 * Init yptol flags. Will get redone by init_lock_system() but we need 187 * to know if we should parse yptol cmd line options. 188 */ 189 init_yptol_flag(); 190 191 ypget_command_line_args(argc, argv); 192 193 if (silent) { 194 pid = (int)fork(); 195 196 if (pid == -1) { 197 logprintf("ypserv: ypinit fork failure.\n"); 198 ypexit(); 199 } 200 201 if (pid != 0) { 202 exit(0); 203 } 204 } 205 206 if (!init_lock_system(FALSE)) { 207 ypexit(); 208 } 209 210 get_secure_nets(argv[0]); 211 212 if (silent) { 213 closelog(); 214 closefrom(3); 215 } 216 217 if (yptol_mode) { 218 stat = parseConfig(ldapCLA, NTOL_MAP_FILE); 219 if (stat == 1) { 220 logprintf("NIS to LDAP mapping inactive.\n"); 221 } else if (stat != 0) { 222 logprintf("Aborting after NIS to LDAP mapping " 223 "error.\n"); 224 fflush(stderr); 225 exit(-1); 226 } 227 } 228 229 if (silent) { 230 freopen("/dev/null", "r", stdin); 231 if (access(logfile, _IOWRT)) { 232 freopen("/dev/null", "w", stdout); 233 freopen("/dev/null", "w", stderr); 234 } else { 235 freopen(logfile, "a", stdout); 236 freopen(logfile, "a", stderr); 237 } 238 239 (void) open("/dev/tty", 2); 240 241 setpgrp(); 242 } 243 244 #ifdef SYSVCONFIG 245 sigset(SIGHUP, (void (*)())sysvconfig); 246 #else 247 sigset(SIGHUP, SIG_IGN); 248 #endif 249 250 /* 251 * Setting disposition to SIG_IGN will not create zombies when child 252 * processes terminate. 253 */ 254 sigset(SIGCHLD, SIG_IGN); 255 256 act.sa_handler = cleanup_resolv; 257 sigemptyset(&act.sa_mask); 258 act.sa_flags = SA_RESETHAND; 259 sigaction(SIGTERM, &act, (struct sigaction *)NULL); 260 sigaction(SIGQUIT, &act, (struct sigaction *)NULL); 261 sigaction(SIGABRT, &act, (struct sigaction *)NULL); 262 sigaction(SIGBUS, &act, (struct sigaction *)NULL); 263 sigaction(SIGSEGV, &act, (struct sigaction *)NULL); 264 265 /* 266 * Set non-blocking mode and maximum record size for 267 * connection oriented RPC transports. 268 */ 269 if (!rpc_control(RPC_SVC_CONNMAXREC_SET, &connmaxrec)) { 270 logprintf("unable to set maximum RPC record size"); 271 } 272 273 svc_unreg(YPPROG, YPVERS); 274 svc_unreg(YPPROG, YPVERS_ORIG); 275 276 for (i = 0; i < sizeof (service)/sizeof (ypservice_t); i++) { 277 278 service_classes[i] = -1; 279 280 if ((nconf = getnetconfigent(service[i].netid)) == NULL) { 281 logprintf("getnetconfigent(\"%s\") failed\n", 282 service[i].netid); 283 continue; 284 } 285 286 if ((service[i].fd = t_open(nconf->nc_device, O_RDWR, NULL)) < 287 0) { 288 logprintf("t_open failed for %s\n", service[i].netid); 289 freenetconfigent(nconf); 290 continue; 291 } 292 293 if (netdir_options(nconf, ND_SET_RESERVEDPORT, service[i].fd, 294 NULL) < 0) { 295 logprintf("could not set reserved port for %s\n", 296 service[i].netid); 297 (void) close(service[i].fd); 298 service[i].fd = -1; 299 freenetconfigent(nconf); 300 continue; 301 } 302 303 if ((service[i].xprt = svc_tli_create(service[i].fd, nconf, 304 NULL, 0, 0)) == NULL) { 305 logprintf("svc_tli_create failed for %s\n", 306 service[i].netid); 307 (void) close(service[i].fd); 308 service[i].fd = -1; 309 freenetconfigent(nconf); 310 continue; 311 } 312 313 if (!svc_reg(service[i].xprt, YPPROG, YPVERS, ypdispatch, 314 nconf)) { 315 logprintf("%s %s\n", service[i].netid, register_failed); 316 svc_destroy(service[i].xprt); 317 service[i].xprt = 0; 318 (void) close(service[i].fd); 319 service[i].fd = -1; 320 freenetconfigent(nconf); 321 continue; 322 } 323 324 if (service[i].olddispatch && !svc_reg(service[i].xprt, YPPROG, 325 YPVERS_ORIG, ypolddispatch, nconf)) { 326 logprintf("old %s %s\n", 327 service[i].netid, register_failed); 328 /* Can only unregister prognum/versnum */ 329 svc_destroy(service[i].xprt); 330 service[i].xprt = 0; 331 (void) close(service[i].fd); 332 service[i].fd = -1; 333 freenetconfigent(nconf); 334 continue; 335 } 336 337 services++; 338 service[i].ok = 1; 339 service_classes[i] = service[i].class; 340 341 freenetconfigent(nconf); 342 343 } 344 345 /* 346 * Check if we managed to register enough services to continue. 347 * It's OK if we managed to register all IPv4 services but no 348 * IPv6, or the other way around, but not if we (say) registered 349 * IPv4 UDP but not TCP. 350 */ 351 if (services > 0) { 352 for (j = 0; j < MAXSERVICES; j++) { 353 if (service_classes[j] >= 0) { 354 /* 355 * Must have all services of this class 356 * registered. 357 */ 358 for (i = 0; i < MAXSERVICES; i++) { 359 if (service[i].ok == 0 && 360 service[i].class == 361 service_classes[j]) { 362 logprintf( 363 "unable to register all services for class %d\n", 364 service[i].class); 365 ypexit(); 366 } 367 } 368 } 369 } 370 } else { 371 logprintf("unable to register any services\n"); 372 ypexit(); 373 } 374 375 /* Now we setup circuit_n or yp_all() and yp_update() will not work */ 376 if (!svc_create(ypdispatch, YPPROG, YPVERS, "circuit_n")) { 377 logprintf("circuit_n %s\n", register_failed); 378 ypexit(); 379 } 380 381 if (dnsforward) { 382 setup_resolv(&dnsforward, &resolv_pid, 383 &resolv_client, resolv_tp, 0); 384 if (resolv_client == NULL) 385 client_setup_failure = TRUE; 386 } 387 } 388 389 void 390 cleanup_resolv(int sig) 391 { 392 if (resolv_pid) 393 kill(resolv_pid, sig); 394 395 kill(getpid(), sig); 396 } 397 398 /* 399 * This picks up any command line args passed from the process invocation. 400 */ 401 static void 402 ypget_command_line_args(int argc, char **argv) 403 { 404 for (argv++; --argc; argv++) { 405 406 if ((*argv)[0] == '-') { 407 408 switch ((*argv)[1]) { 409 #ifdef MINUS_C_OPTION 410 case 'c': 411 multiflag = TRUE; 412 break; 413 #endif 414 case 'd': 415 if (access("/etc/resolv.conf", F_OK) == -1) { 416 fprintf(stderr, 417 "No /etc/resolv.conf file, -d option ignored\n"); 418 } else { 419 dnsforward = TRUE; 420 } 421 break; 422 case 'I': 423 init_containers = TRUE; 424 /* ... and also do -i stuff */ 425 case 'i': 426 if (yptol_mode) { 427 init_dit = TRUE; 428 } else { 429 fprintf(stderr, "-%c option is illegal " 430 "if not in NIS to LDAP mode. Exiting\n", 431 (*argv)[1]); 432 fflush(stderr); 433 exit(-1); 434 } 435 436 /* Handle -ir */ 437 if ('r' != (*argv)[2]) 438 break; 439 440 case 'r': 441 if (yptol_mode) { 442 init_maps = TRUE; 443 } else { 444 fprintf(stderr, "-r option is illegal " 445 "if not in NIS to LDAP mode. " 446 "Exiting\n"); 447 fflush(stderr); 448 exit(-1); 449 } 450 break; 451 case 'v': 452 silent = FALSE; 453 break; 454 } 455 } 456 } 457 458 /* If setting up don't run silent or demonize */ 459 if (init_dit || init_maps) 460 silent = FALSE; 461 462 } 463 464 /* 465 * This dispatches to server action routines based on the input procedure 466 * number. ypdispatch is called from the RPC function svc_run. 467 */ 468 static void 469 ypdispatch(struct svc_req *rqstp, SVCXPRT *transp) 470 { 471 sigset_t set, oset; 472 473 474 #ifdef SYSVCONFIG 475 /* prepare to answer questions about system v filesystem aliases */ 476 sysvconfig(); 477 #endif 478 479 sigemptyset(&set); 480 sigaddset(&set, SIGCHLD); 481 sigprocmask(SIG_BLOCK, &set, &oset); 482 483 switch (rqstp->rq_proc) { 484 485 case YPPROC_NULL: 486 487 if (!svc_sendreply(transp, xdr_void, 0)) 488 logprintf("ypserv: Can't reply to rpc call.\n"); 489 break; 490 491 case YPPROC_DOMAIN: 492 ypdomain(transp, TRUE); 493 break; 494 495 case YPPROC_DOMAIN_NONACK: 496 ypdomain(transp, FALSE); 497 break; 498 499 case YPPROC_MATCH: 500 ypmatch(transp, rqstp); 501 break; 502 503 case YPPROC_FIRST: 504 ypfirst(transp); 505 break; 506 507 case YPPROC_NEXT: 508 ypnext(transp); 509 break; 510 511 case YPPROC_XFR: 512 ypxfr(transp, YPPROC_XFR); 513 break; 514 515 case YPPROC_NEWXFR: 516 ypxfr(transp, YPPROC_NEWXFR); 517 break; 518 519 case YPPROC_CLEAR: 520 ypclr_current_map(); 521 522 if (!svc_sendreply(transp, xdr_void, 0)) 523 logprintf("ypserv: Can't reply to rpc call.\n"); 524 break; 525 526 case YPPROC_ALL: 527 ypall(transp); 528 break; 529 530 case YPPROC_MASTER: 531 ypmaster(transp); 532 break; 533 534 case YPPROC_ORDER: 535 yporder(transp); 536 break; 537 538 case YPPROC_MAPLIST: 539 ypmaplist(transp); 540 break; 541 542 default: 543 svcerr_noproc(transp); 544 break; 545 546 } 547 548 sigprocmask(SIG_SETMASK, &oset, (sigset_t *)NULL); 549 550 } 551 552 static void 553 ypolddispatch(struct svc_req *rqstp, SVCXPRT *transp) 554 { 555 sigset_t set, oset; 556 557 sigemptyset(&set); 558 sigaddset(&set, SIGCHLD); 559 sigprocmask(SIG_BLOCK, &set, &oset); 560 561 switch (rqstp->rq_proc) { 562 563 case YPOLDPROC_NULL: 564 if (!svc_sendreply(transp, xdr_void, 0)) 565 logprintf("ypserv: Can't replay to rpc call.\n"); 566 break; 567 568 case YPOLDPROC_DOMAIN: 569 ypdomain(transp, TRUE); 570 break; 571 572 case YPOLDPROC_DOMAIN_NONACK: 573 ypdomain(transp, FALSE); 574 break; 575 576 case YPOLDPROC_MATCH: 577 ypoldmatch(transp, rqstp); 578 break; 579 580 case YPOLDPROC_FIRST: 581 ypoldfirst(transp); 582 break; 583 584 case YPOLDPROC_NEXT: 585 ypoldnext(transp); 586 break; 587 588 case YPOLDPROC_POLL: 589 ypoldpoll(transp); 590 break; 591 592 case YPOLDPROC_PUSH: 593 ypoldpush(transp); 594 break; 595 596 case YPOLDPROC_PULL: 597 ypoldpull(transp); 598 break; 599 600 case YPOLDPROC_GET: 601 ypoldget(transp); 602 603 default: 604 svcerr_noproc(transp); 605 break; 606 } 607 608 sigprocmask(SIG_SETMASK, &oset, (sigset_t *)NULL); 609 } 610 611 /* 612 * This flushes output to stderr, then aborts the server process to leave a 613 * core dump. 614 */ 615 static void 616 ypexit(void) 617 { 618 fflush(stderr); 619 abort(); 620 } 621 622 /* 623 * This constructs a logging record. 624 */ 625 void 626 logprintf(char *format, ...) 627 { 628 va_list ap; 629 struct timeval t; 630 631 va_start(ap, format); 632 633 if (silent) { 634 gettimeofday(&t); 635 fseek(stderr, 0, 2); 636 fprintf(stderr, "%19.19s: ", ctime(&t.tv_sec)); 637 } 638 639 vfprintf(stderr, format, ap); 640 va_end(ap); 641 fflush(stderr); 642 }