← Back to branch summary

~ubuntu-branches/debian/stretch/nfs-utils/stretch

« back to all changes in this revision

Viewing changes to utils/mountd/auth.c

  • Committer: Bazaar Package Importer
  • Author(s): Anibal Monsalve Salazar, Anibal Monsalve Salazar, Ben Hutchings
  • Date: 2010-04-06 16:11:22 UTC
  • mfrom: (1.2.18 upstream)
  • Revision ID: james.westby@ubuntu.com-20100406161122-x7erw0q8xiitoyp6
Tags: 1:1.2.2-1
http://bugs.debian.org/524255
http://bugs.debian.org/563104
http://bugs.debian.org/572736
http://bugs.debian.org/451402
http://bugs.debian.org/550270
[ Anibal Monsalve Salazar ]
* New upstream release 
  Build depend on libcap-dev
  Set configure option --enable-nfsv41
* X-ref nfsd({7,8})
  02-524255-manpages.patch by Cyril Brulebois
  Closes: 524255

[ Ben Hutchings ]
* Change maintainer to Debian kernel team; move Aníbal to uploaders and
  add myself to uploaders
* Check for nfsd in /proc/filesystems rather than looking for signs of it in
  /proc/kallsyms (Closes: #563104, #572736)
* Document the -n option to svcgssd, thanks to Alberto Gonzalez Iniesta
  (Closes: #451402, #550270)
* Replace upstream reference in package descriptions with Homepage fields,
  and do not refer to the obsolete CVS repository
* Update policy version to 3.8.4; no changes required
* Override lintian error 'init.d-script-missing-dependency-on-remote_fs';
  the init script does work without /usr mounted

Show diffs side-by-side

added added

removed removed

Lines of Context:
utils/mountd/auth.c
20
20
#include "exportfs.h"
21
21
#include "mountd.h"
22
22
#include "xmalloc.h"
 
23
#include "v4root.h"
23
24
 
24
25
enum auth_error
25
26
{
102
103
        memset(&my_client, 0, sizeof(my_client));
103
104
        xtab_export_read();
104
105
        check_useipaddr();
 
106
        v4root_set();
 
107
 
105
108
        ++counter;
106
109
 
107
110
        return counter;
108
111
}
109
112
 
 
113
static char *get_client_hostname(struct sockaddr_in *caller, struct hostent *hp, enum auth_error *error)
 
114
{
 
115
        char *n;
 
116
 
 
117
        if (use_ipaddr)
 
118
                return strdup(inet_ntoa(caller->sin_addr));
 
119
        n = client_compose(hp);
 
120
        *error = unknown_host;
 
121
        if (!n)
 
122
                return NULL;
 
123
        if (*n)
 
124
                return n;
 
125
        free(n);
 
126
        return strdup("DEFAULT");
 
127
}
 
128
 
 
129
/* return static nfs_export with details filled in */
 
130
static nfs_export *
 
131
auth_authenticate_newcache(char *what, struct sockaddr_in *caller,
 
132
                           char *path, struct hostent *hp,
 
133
                           enum auth_error *error)
 
134
{
 
135
        nfs_export *exp;
 
136
        int i;
 
137
 
 
138
        free(my_client.m_hostname);
 
139
 
 
140
        my_client.m_hostname = get_client_hostname(caller, hp, error);
 
141
        if (my_client.m_hostname == NULL)
 
142
                return NULL;
 
143
 
 
144
        my_client.m_naddr = 1;
 
145
        my_client.m_addrlist[0] = caller->sin_addr;
 
146
        my_exp.m_client = &my_client;
 
147
 
 
148
        exp = NULL;
 
149
        for (i = 0; !exp && i < MCL_MAXTYPES; i++)
 
150
                for (exp = exportlist[i].p_head; exp; exp = exp->m_next) {
 
151
                        if (strcmp(path, exp->m_export.e_path))
 
152
                                continue;
 
153
                        if (!use_ipaddr && !client_member(my_client.m_hostname, exp->m_client->m_hostname))
 
154
                                continue;
 
155
                        if (use_ipaddr && !client_check(exp->m_client, hp))
 
156
                                continue;
 
157
                        break;
 
158
                }
 
159
        *error = not_exported;
 
160
        if (!exp)
 
161
                return NULL;
 
162
 
 
163
        my_exp.m_export = exp->m_export;
 
164
        exp = &my_exp;
 
165
        return exp;
 
166
}
 
167
 
110
168
static nfs_export *
111
169
auth_authenticate_internal(char *what, struct sockaddr_in *caller,
112
170
                           char *path, struct hostent *hp,
113
171
                           enum auth_error *error)
114
172
{
115
 
        nfs_export              *exp;
 
173
        nfs_export *exp;
116
174
 
117
175
        if (new_cache) {
118
 
                int i;
119
 
                /* return static nfs_export with details filled in */
120
 
                char *n;
121
 
                free(my_client.m_hostname);
122
 
                if (use_ipaddr) {
123
 
                        my_client.m_hostname =
124
 
                                strdup(inet_ntoa(caller->sin_addr));
125
 
                } else {
126
 
                        n = client_compose(hp);
127
 
                        *error = unknown_host;
128
 
                        if (!n)
129
 
                                my_client.m_hostname = NULL;
130
 
                        else if (*n)
131
 
                                my_client.m_hostname = n;
132
 
                        else {
133
 
                                free(n);
134
 
                                my_client.m_hostname = strdup("DEFAULT");
135
 
                        }
136
 
                }
137
 
                if (my_client.m_hostname == NULL)
138
 
                        return NULL;
139
 
                my_client.m_naddr = 1;
140
 
                my_client.m_addrlist[0] = caller->sin_addr;
141
 
                my_exp.m_client = &my_client;
142
 
 
143
 
                exp = NULL;
144
 
                for (i = 0; !exp && i < MCL_MAXTYPES; i++) 
145
 
                        for (exp = exportlist[i].p_head; exp; exp = exp->m_next) {
146
 
                                if (strcmp(path, exp->m_export.e_path))
147
 
                                        continue;
148
 
                                if (!use_ipaddr && !client_member(my_client.m_hostname, exp->m_client->m_hostname))
149
 
                                        continue;
150
 
                                if (use_ipaddr && !client_check(exp->m_client, hp))
151
 
                                        continue;
152
 
                                break;
153
 
                        }
154
 
                *error = not_exported;
 
176
                exp = auth_authenticate_newcache(what, caller, path, hp, error);
155
177
                if (!exp)
156
 
                        return exp;
157
 
 
158
 
                my_exp.m_export = exp->m_export;
159
 
                exp = &my_exp;
160
 
 
 
178
                        return NULL;
161
179
        } else {
162
180
                if (!(exp = export_find(hp, path))) {
163
181
                        *error = no_entry;
164
182
                        return NULL;
165
183
                }
166
 
                if (!exp->m_mayexport) {
167
 
                        *error = not_exported;
168
 
                        return NULL;
169
 
                }
 
184
        }
 
185
        if (exp->m_export.e_flags & NFSEXP_V4ROOT) {
 
186
                *error = no_entry;
 
187
                return NULL;
170
188
        }
171
189
        if (!(exp->m_export.e_flags & NFSEXP_INSECURE_PORT) &&
172
 
                    (ntohs(caller->sin_port) <  IPPORT_RESERVED/2 ||
173
 
                     ntohs(caller->sin_port) >= IPPORT_RESERVED)) {
 
190
                     ntohs(caller->sin_port) >= IPPORT_RESERVED) {
174
191
                *error = illegal_port;
175
192
                return NULL;
176
193
        }