d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Userland part of nfs client/server split and cleanup.

Browse Source
This commit is contained in:
Peter Wemm 2001-09-18 23:34:44 +00:00
parent 98cdde71e7
commit 9119623471
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=83653
18 changed files with 158 additions and 720 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
contrib/amd/conf/nfs_prot/nfs_prot_freebsd3.h
View File

@ -64,7 +64,8 @@ struct nfs_fh3;
# include <nfs/rpcv2.h>
#endif /* HAVE_NFS_RPCV2_H */
#ifdef HAVE_NFS_NFS_H
# include <nfs/nfs.h>
# include <nfsclient/nfs.h>
# include <nfsserver/nfs.h>
#endif /* HAVE_NFS_NFS_H */
#ifdef HAVE_UFS_UFS_UFSMOUNT_H
# include <ufs/ufs/ufsmount.h>

4
etc/mtree/BSD.include.dist
View File

@ -83,6 +83,10 @@
..
nfs
..
nfsclient
..
nfsserver
..
objc
..
openssl

4
include/Makefile
View File

@ -41,8 +41,8 @@ LFILES= aio.h errno.h fcntl.h inttypes.h linker_set.h poll.h syslog.h \
termios.h ucontext.h
LDIRS= cam net netatalk netatm netgraph netinet netinet6 \
netipx netkey netnatm netncp netns netsmb nfs pccard posix4 \
sys vm
netipx netkey netnatm netncp netns netsmb nfs nfsclient nfsserver \
pccard posix4 sys vm
LNOHEADERDIRS= fs isofs ufs dev

1
sbin/Makefile
View File

@ -59,7 +59,6 @@ SUBDIR= adjkerntz \
newfs \
newfs_msdos \
nfsd \
nfsiod \
nologin \
nos-tun \
ping \

8
sbin/mount_nfs/Makefile
View File

@ -11,12 +11,4 @@ UMNTALL= ${.CURDIR}/../../usr.sbin/rpc.umntall
CFLAGS+= -DNFS -I${MOUNT} -I${UMNTALL}
.PATH: ${MOUNT} ${UMNTALL}
.if exists(${DESTDIR}/usr/lib/libkrb.a) && (defined(MAKE_KERBEROS) \
|| defined(MAKE_EBONES))
CFLAGS+=-DKERBEROS
DPADD= ${LIBKRB} ${LIBCRYPTO}
LDADD= -lkrb -lcrypto
DISTRIBUTION= krb
.endif
.include <bsd.prog.mk>

51
sbin/mount_nfs/mount_nfs.8
View File

@ -41,14 +41,12 @@
.Nd mount nfs file systems
.Sh SYNOPSIS
.Nm
.Op Fl 23KNPTUbcdilqs
.Op Fl 23NPTUbcdils
.Op Fl D Ar deadthresh
.Op Fl I Ar readdirsize
.Op Fl L Ar leaseterm
.Op Fl R Ar retrycnt
.Op Fl a Ar maxreadahead
.Op Fl g Ar maxgroups
.Op Fl m Ar realm
.Op Fl o Ar options
.Op Fl r Ar readsize
.Op Fl t Ar timeout
@ -102,36 +100,15 @@ gigabytes.
.It Fl 3
Use the NFS Version 3 protocol.
.It Fl D
Used with NQNFS to set the
Set the
.Dq "dead server threshold"
to the specified number of round trip timeout intervals.
After a
.Dq "dead server threshold"
of retransmit timeouts,
cached data for the unresponsive server is assumed to still be valid.
Values may be set in the range of 1 - 9, with 9 referring to an
.Dq "infinite dead threshold"
(i.e. never assume cached data still valid).
This option is not generally recommended and is really an experimental
feature.
to the specified number of round trip timeout intervals before a
.Dq "server not responding"
message is displayed.
.It Fl I
Set the readdir read size to the specified value.
The value should normally
be a multiple of DIRBLKSIZ that is <= the read size for the mount.
.It Fl K
Pass Kerberos authenticators to the server for client-to-server
user-credential mapping.
This requires that the kernel be built with the NFSKERB option.
The use of this option will prevent the kernel from compiling
unless calls to the appropriate Kerberos encryption routines
are provided in the NFS source.
(Refer to the INTERNET-DRAFT titled
.%T "Authentication Mechanisms for ONC RPC" ,
for more information.)
.It Fl L
Used with NQNFS to set the lease term to the specified number of seconds.
Only use this argument for mounts with a large round trip delay.
Values are normally in the 10-30 second range.
.It Fl N
Do
.Em not
@ -206,11 +183,6 @@ Try this option and see whether performance improves or degrades.
Probably
most useful for client to server network interconnects with a large bandwidth
times delay product.
.It Fl m
Set the Kerberos realm to the string argument.
Used with the
.Fl K
option for mounts to other realms.
.It Fl o
Options are specified with a
.Fl o
@ -254,9 +226,6 @@ Same as
.It intr
Same as
.Fl i .
.It kerb
Same as
.Fl K .
.It nfsv2
Same as
.Fl 2 .
@ -275,9 +244,6 @@ Same as
.It seqpacket
Same as
.Fl p .
.It nqnfs
Same as
.Fl q .
.It soft
Same as
.Fl s .
@ -285,13 +251,6 @@ Same as
Same as
.Fl T .
.El
.It Fl q
Use the Not Quite NFS (NQNFS) protocol.
This experimental protocol is NFS Version 2 with leasing extensions
similar to those found in NFS Version 3.
The interoperability of this protocol with other systems is
very limited and its implementation is not widely used.
Do not use this option unless you know exactly what you are doing!
.It Fl r
Set the read data size to the specified value.
It should normally be a power of 2 greater than or equal to 1024.

206
sbin/mount_nfs/mount_nfs.c
View File

@ -58,15 +58,10 @@ static const char rcsid[] =
#include <rpc/pmap_clnt.h>
#include <rpc/pmap_prot.h>
#ifdef NFSKERB
#include <kerberosIV/des.h>
#include <kerberosIV/krb.h>
#endif
#include <nfs/rpcv2.h>
#include <nfs/nfsproto.h>
#include <nfs/nfs.h>
#include <nfs/nqnfs.h>
#include <nfsclient/nfs.h>
#include <nfsclient/nfsargs.h>
#include <arpa/inet.h>
@ -88,13 +83,11 @@ static const char rcsid[] =
#define ALTF_NOCONN 0x2
#define ALTF_DUMBTIMR 0x4
#define ALTF_INTR 0x8
#define ALTF_KERB 0x10
#define ALTF_NFSV3 0x20
#define ALTF_RDIRPLUS 0x40
#define ALTF_MNTUDP 0x80
#define ALTF_MNTUDP 0x80
#define ALTF_RESVPORT 0x100
#define ALTF_SEQPACKET 0x200
#define ALTF_NQNFS 0x400
#define ALTF_SOFT 0x800
#define ALTF_TCP 0x1000
#define ALTF_PORT 0x2000
@ -113,14 +106,10 @@ struct mntopt mopts[] = {
{ "conn", 1, ALTF_NOCONN, 1 },
{ "dumbtimer", 0, ALTF_DUMBTIMR, 1 },
{ "intr", 0, ALTF_INTR, 1 },
#ifdef NFSKERB
{ "kerb", 0, ALTF_KERB, 1 },
#endif
{ "nfsv3", 0, ALTF_NFSV3, 1 },
{ "rdirplus", 0, ALTF_RDIRPLUS, 1 },
{ "mntudp", 0, ALTF_MNTUDP, 1 },
{ "resvport", 0, ALTF_RESVPORT, 1 },
{ "nqnfs", 0, ALTF_NQNFS, 1 },
{ "soft", 0, ALTF_SOFT, 1 },
{ "tcp", 0, ALTF_TCP, 1 },
{ "port=", 0, ALTF_PORT, 1 },
@ -148,8 +137,8 @@ struct nfs_args nfsdefargs = {
NFS_RETRANS,
NFS_MAXGRPS,
NFS_DEFRAHEAD,
NQ_DEFLEASE,
NQ_DEADTHRESH,
0, /* was: NQ_DEFLEASE */
NFS_MAXDEADTHRESH, /* was: NQ_DEADTHRESH */
(char *)0,
/* args version 4 */
NFS_MINATTRTIMO,
@ -191,21 +180,6 @@ enum mountmode {
V3
} mountmode = ANY;
#ifdef NFSKERB
char inst[INST_SZ];
char realm[REALM_SZ];
struct {
u_long kind;
KTEXT_ST kt;
} ktick;
struct nfsrpc_nickverf kverf;
struct nfsrpc_fullblock kin, kout;
NFSKERBKEY_T kivec;
CREDENTIALS kcr;
struct timeval ktv;
NFSKERBKEYSCHED_T kerb_keysched;
#endif
/* Return codes for nfs_tryproto. */
enum tryret {
TRYRET_SUCCESS,
@ -251,12 +225,8 @@ set_flags(int* altflags, int* nfsflags, int dir)
F(NOCONN);
F(DUMBTIMR);
F2(INTR, INT);
#ifdef NFSKERB
F(KERB);
#endif
F(RDIRPLUS);
F(RESVPORT);
F(NQNFS);
F(SOFT);
#undef F
@ -271,30 +241,18 @@ main(argc, argv)
register int c;
register struct nfs_args *nfsargsp;
struct nfs_args nfsargs;
struct nfsd_cargs ncd;
int mntflags, altflags, nfssvc_flag, num;
char *name, *p, *spec;
char mntpath[MAXPATHLEN];
struct vfsconf vfc;
int error = 0;
#ifdef NFSKERB
uid_t last_ruid;
last_ruid = -1;
(void)strcpy(realm, KRB_REALM);
if (sizeof (struct nfsrpc_nickverf) != RPCX_NICKVERF ||
sizeof (struct nfsrpc_fullblock) != RPCX_FULLBLOCK ||
((char *)&ktick.kt) - ((char *)&ktick) != NFSX_UNSIGNED ||
((char *)ktick.kt.dat) - ((char *)&ktick) != 2 * NFSX_UNSIGNED)
fprintf(stderr, "Yikes! NFSKERB structs not packed!!\n");
#endif /* NFSKERB */
mntflags = 0;
altflags = 0;
nfsargs = nfsdefargs;
nfsargsp = &nfsargs;
while ((c = getopt(argc, argv,
"23a:bcdD:g:I:iKL:lm:No:PpqR:r:sTt:w:x:U")) != -1)
"23a:bcdD:g:I:il:No:PpR:r:sTt:w:x:U")) != -1)
switch (c) {
case '2':
mountmode = V2;
@ -345,27 +303,9 @@ main(argc, argv)
case 'i':
nfsargsp->flags |= NFSMNT_INT;
break;
#ifdef NFSKERB
case 'K':
nfsargsp->flags |= NFSMNT_KERB;
break;
#endif
case 'L':
num = strtol(optarg, &p, 10);
if (*p || num < 2)
errx(1, "illegal -L value -- %s", optarg);
nfsargsp->leaseterm = num;
nfsargsp->flags |= NFSMNT_LEASETERM;
break;
case 'l':
nfsargsp->flags |= NFSMNT_RDIRPLUS;
break;
#ifdef NFSKERB
case 'm':
(void)strncpy(realm, optarg, REALM_SZ - 1);
realm[REALM_SZ - 1] = '\0';
break;
#endif
case 'N':
nfsargsp->flags &= ~NFSMNT_RESVPORT;
break;
@ -422,10 +362,6 @@ main(argc, argv)
case 'P':
/* obsolete for NFSMNT_RESVPORT, now default */
break;
case 'q':
mountmode = V3;
nfsargsp->flags |= NFSMNT_NQNFS;
break;
case 'R':
num = strtol(optarg, &p, 10);
if (*p || num < 0)
@ -506,99 +442,7 @@ main(argc, argv)
if (mount(vfc.vfc_name, mntpath, mntflags, nfsargsp))
err(1, "%s", mntpath);
if (nfsargsp->flags & (NFSMNT_NQNFS | NFSMNT_KERB)) {
if ((opflags & ISBGRND) == 0) {
if (daemon(0, 0) != 0)
err(1, "daemon");
}
openlog("mount_nfs", LOG_PID, LOG_DAEMON);
nfssvc_flag = NFSSVC_MNTD;
ncd.ncd_dirp = mntpath;
while (nfssvc(nfssvc_flag, (caddr_t)&ncd) < 0) {
if (errno != ENEEDAUTH) {
syslog(LOG_ERR, "nfssvc err %m");
continue;
}
nfssvc_flag =
NFSSVC_MNTD | NFSSVC_GOTAUTH | NFSSVC_AUTHINFAIL;
#ifdef NFSKERB
/*
* Set up as ncd_authuid for the kerberos call.
* Must set ruid to ncd_authuid and reset the
* ticket name iff ncd_authuid is not the same
* as last time, so that the right ticket file
* is found.
* Get the Kerberos credential structure so that
* we have the session key and get a ticket for
* this uid.
* For more info see the IETF Draft "Authentication
* in ONC RPC".
*/
if (ncd.ncd_authuid != last_ruid) {
char buf[512];
(void)sprintf(buf, "%s%d",
TKT_ROOT, ncd.ncd_authuid);
krb_set_tkt_string(buf);
last_ruid = ncd.ncd_authuid;
}
setreuid(ncd.ncd_authuid, 0);
kret = krb_get_cred(NFS_KERBSRV, inst, realm, &kcr);
if (kret == RET_NOTKT) {
kret = get_ad_tkt(NFS_KERBSRV, inst, realm,
DEFAULT_TKT_LIFE);
if (kret == KSUCCESS)
kret = krb_get_cred(NFS_KERBSRV, inst, realm,
&kcr);
}
if (kret == KSUCCESS)
kret = krb_mk_req(&ktick.kt, NFS_KERBSRV, inst,
realm, 0);
/*
* Fill in the AKN_FULLNAME authenticator and verifier.
* Along with the Kerberos ticket, we need to build
* the timestamp verifier and encrypt it in CBC mode.
*/
if (kret == KSUCCESS &&
ktick.kt.length <= (RPCAUTH_MAXSIZ-3*NFSX_UNSIGNED)
&& gettimeofday(&ktv, (struct timezone *)0) == 0) {
ncd.ncd_authtype = RPCAUTH_KERB4;
ncd.ncd_authstr = (u_char *)&ktick;
ncd.ncd_authlen = nfsm_rndup(ktick.kt.length) +
3 * NFSX_UNSIGNED;
ncd.ncd_verfstr = (u_char *)&kverf;
ncd.ncd_verflen = sizeof (kverf);
memmove(ncd.ncd_key, kcr.session,
sizeof (kcr.session));
kin.t1 = htonl(ktv.tv_sec);
kin.t2 = htonl(ktv.tv_usec);
kin.w1 = htonl(NFS_KERBTTL);
kin.w2 = htonl(NFS_KERBTTL - 1);
bzero((caddr_t)kivec, sizeof (kivec));
/*
* Encrypt kin in CBC mode using the session
* key in kcr.
*/
XXX
/*
* Finally, fill the timestamp verifier into the
* authenticator and verifier.
*/
ktick.kind = htonl(RPCAKN_FULLNAME);
kverf.kind = htonl(RPCAKN_FULLNAME);
NFS_KERBW1(ktick.kt) = kout.w1;
ktick.kt.length = htonl(ktick.kt.length);
kverf.verf.t1 = kout.t1;
kverf.verf.t2 = kout.t2;
kverf.verf.w2 = kout.w2;
nfssvc_flag = NFSSVC_MNTD | NFSSVC_GOTAUTH;
}
setreuid(0, 0);
#endif /* NFSKERB */
}
}
exit(0);
}
@ -608,15 +452,9 @@ getnfsargs(spec, nfsargsp)
struct nfs_args *nfsargsp;
{
struct addrinfo hints, *ai_nfs, *ai;
#ifdef NFSKERB
char host[NI_MAXHOST], serv[NI_MAXSERV];
#endif
enum tryret ret;
int ecode, speclen, remoteerr;
char *hostp, *delimp, *errstr;
#ifdef NFSKERB
char *cp;
#endif
size_t len;
static char nam[MNAMELEN + 1];
@ -655,25 +493,12 @@ getnfsargs(spec, nfsargsp)
}
/*
* Handle an internet host address and reverse resolve it if
* doing Kerberos.
* Handle an internet host address.
*/
memset(&hints, 0, sizeof hints);
hints.ai_flags = AI_NUMERICHOST;
hints.ai_socktype = nfsargsp->sotype;
if (getaddrinfo(hostp, portspec, &hints, &ai_nfs) == 0) {
#ifdef NFSKERB
if ((nfsargsp->flags & NFSMNT_KERB)) {
hints.ai_flags = 0;
if (getnameinfo(ai_nfs->ai_addr, ai_nfs->ai_addrlen,
host, sizeof host, serv, sizeof serv, 0) != 0) {
warnx("can't reverse resolve net address");
return (0);
}
hostp = host;
}
#endif /* NFSKERB */
} else {
if (getaddrinfo(hostp, portspec, &hints, &ai_nfs) != 0) {
hints.ai_flags = 0;
if ((ecode = getaddrinfo(hostp, portspec, &hints, &ai_nfs))
!= 0) {
@ -685,14 +510,6 @@ getnfsargs(spec, nfsargsp)
return (0);
}
}
#ifdef NFSKERB
if (nfsargsp->flags & NFSMNT_KERB) {
strncpy(inst, hp->h_name, INST_SZ);
inst[INST_SZ - 1] = '\0';
if (cp = strchr(inst, '.'))
*cp = '\0';
}
#endif /* NFSKERB */
ret = TRYRET_LOCALERR;
for (;;) {
@ -890,10 +707,7 @@ nfs_tryproto(struct nfs_args *nfsargsp, struct addrinfo *ai, char *hostp,
&rpc_createerr.cf_error));
}
clp->cl_auth = authsys_create_default();
if (nfsargsp->flags & NFSMNT_KERB)
nfhret.auth = RPCAUTH_KERB4;
else
nfhret.auth = RPCAUTH_UNIX;
nfhret.auth = RPCAUTH_UNIX;
nfhret.vers = mntvers;
stat = clnt_call(clp, RPCMNT_MOUNT, xdr_dir, spec, xdr_fh, &nfhret,
try);
@ -1080,7 +894,7 @@ usage()
{
(void)fprintf(stderr, "%s\n%s\n%s\n%s\n",
"usage: mount_nfs [-23KNPTUbcdilqs] [-D deadthresh] [-I readdirsize]",
" [-L leaseterm] [-R retrycnt] [-a maxreadahead]",
" [-R retrycnt] [-a maxreadahead]",
" [-g maxgroups] [-m realm] [-o options] [-r readsize]",
" [-t timeout] [-w writesize] [-x retrans] rhost:path node");
exit(1);

27
sbin/mountd/mountd.c
View File

@ -61,7 +61,7 @@ static const char rcsid[] =
#include <rpcsvc/mount.h>
#include <nfs/rpcv2.h>
#include <nfs/nfsproto.h>
#include <nfs/nfs.h>
#include <nfsserver/nfs.h>
#include <ufs/ufs/ufsmount.h>
#include <fs/msdosfs/msdosfsmount.h>
#include <fs/ntfs/ntfsmount.h>
@ -109,7 +109,6 @@ struct dirlist {
/* dp_flag bits */
#define DP_DEFSET 0x1
#define DP_HOSTSET 0x2
#define DP_KERB 0x4
struct exportlist {
struct exportlist *ex_next;
@ -236,7 +235,7 @@ int mountdlockfd;
/* Bits for opt_flags above */
#define OP_MAPROOT 0x01
#define OP_MAPALL 0x02
#define OP_KERB 0x04
/* 0x4 free */
#define OP_MASK 0x08
#define OP_NET 0x10
#define OP_ALLDIRS 0x40
@ -745,10 +744,7 @@ xdr_fhs(xdrsp, cp)
return (0);
if (!xdr_opaque(xdrsp, (caddr_t)&fhrp->fhr_fh, len))
return (0);
if (fhrp->fhr_flag & DP_KERB)
auth = RPCAUTH_KERB4;
else
auth = RPCAUTH_UNIX;
auth = RPCAUTH_UNIX;
len = 1;
if (!xdr_long(xdrsp, &len))
return (0);
@ -1298,12 +1294,8 @@ hang_dirp(dp, grp, ep, flags)
ep->ex_defdir = dp;
if (grp == (struct grouplist *)NULL) {
ep->ex_defdir->dp_flag |= DP_DEFSET;
if (flags & OP_KERB)
ep->ex_defdir->dp_flag |= DP_KERB;
} else while (grp) {
hp = get_ht();
if (flags & OP_KERB)
hp->ht_flag |= DP_KERB;
hp->ht_grp = grp;
hp->ht_next = ep->ex_defdir->dp_hosts;
ep->ex_defdir->dp_hosts = hp;
@ -1360,8 +1352,6 @@ add_dlist(dpp, newdp, grp, flags)
*/
do {
hp = get_ht();
if (flags & OP_KERB)
hp->ht_flag |= DP_KERB;
hp->ht_grp = grp;
hp->ht_next = dp->dp_hosts;
dp->dp_hosts = hp;
@ -1369,8 +1359,6 @@ add_dlist(dpp, newdp, grp, flags)
} while (grp);
} else {
dp->dp_flag |= DP_DEFSET;
if (flags & OP_KERB)
dp->dp_flag |= DP_KERB;
}
}
@ -1538,9 +1526,6 @@ do_opt(cpp, endcpp, ep, grp, has_hostp, exflagsp, cr)
opt_flags |= OP_MAPALL;
} else
opt_flags |= OP_MAPROOT;
} else if (!strcmp(cpopt, "kerb") || !strcmp(cpopt, "k")) {
*exflagsp |= MNT_EXKERB;
opt_flags |= OP_KERB;
} else if (cpoptarg && (!strcmp(cpopt, "mask") ||
!strcmp(cpopt, "m"))) {
if (get_net(cpoptarg, &grp->gr_ptr.gt_net, 1)) {
@ -2285,10 +2270,8 @@ check_options(dp)
if (dp == (struct dirlist *)NULL)
return (1);
if ((opt_flags & (OP_MAPROOT | OP_MAPALL)) == (OP_MAPROOT | OP_MAPALL) ||
(opt_flags & (OP_MAPROOT | OP_KERB)) == (OP_MAPROOT | OP_KERB) ||
(opt_flags & (OP_MAPALL | OP_KERB)) == (OP_MAPALL | OP_KERB)) {
syslog(LOG_ERR, "-mapall, -maproot and -kerb mutually exclusive");
if ((opt_flags & (OP_MAPROOT | OP_MAPALL)) == (OP_MAPROOT | OP_MAPALL)) {
syslog(LOG_ERR, "-mapall and -maproot mutually exclusive");
return (1);
}
if ((opt_flags & OP_MASK) && (opt_flags & OP_NET) == 0) {

8
sbin/nfsd/Makefile
View File

@ -2,14 +2,6 @@
# $FreeBSD$
PROG= nfsd
CFLAGS+=-DNFS
MAN= nfsd.8
.if exists(${DESTDIR}/usr/lib/libkrb.a) && defined(MAKE_KERBEROS4)
CFLAGS+=-DKERBEROS
DPADD+= ${LIBKRB} ${LIBCRYPTO}
LDADD+= -lkrb -lcrypto
DISTRIBUTION= krb4
.endif
.include <bsd.prog.mk>

154
sbin/nfsd/nfsd.c
View File

@ -60,12 +60,7 @@ static const char rcsid[] =
#include <arpa/inet.h>
#include <nfs/rpcv2.h>
#include <nfs/nfsproto.h>
#include <nfs/nfs.h>
#ifdef NFSKERB
#include <kerberosIV/des.h>
#include <kerberosIV/krb.h>
#endif
#include <nfsserver/nfs.h>
#include <err.h>
#include <errno.h>
@ -84,22 +79,6 @@ int debug = 0;
#endif
struct nfsd_srvargs nsd;
#ifdef OLD_SETPROCTITLE
char **Argv = NULL; /* pointer to argument vector */
char *LastArg = NULL; /* end of argv */
#endif
#ifdef NFSKERB
char lnam[ANAME_SZ];
KTEXT_ST kt;
AUTH_DAT kauth;
char inst[INST_SZ];
struct nfsrpc_fullblock kin, kout;
struct nfsrpc_fullverf kverf;
NFSKERBKEY_T kivec;
struct timeval ktv;
NFSKERBKEYSCHED_T kerb_keysched;
#endif
#define MAXNFSDCNT 20
#define DEFNFSDCNT 4
@ -111,11 +90,6 @@ void killchildren(void);
void nonfs (int);
void reapchild (int);
int setbindhost (struct addrinfo **ia, const char *bindhost, struct addrinfo hints);
#ifdef OLD_SETPROCTITLE
#ifdef __FreeBSD__
void setproctitle (char *);
#endif
#endif
void unregistration (void);
void usage (void);
@ -132,7 +106,6 @@ void usage (void);
* For connection based sockets, loop doing accepts. When you get a new
* socket from accept, pass the msgsock into the kernel via. nfssvc().
* The arguments are:
* -c - support iso cltp clients
* -r - reregister with rpcbind
* -d - unregister with rpcbind
* -t - support tcp nfs clients
@ -152,21 +125,13 @@ main(argc, argv, envp)
struct sockaddr_in6 inet6peer;
fd_set ready, sockbits;
fd_set v4bits, v6bits;
int ch, cltpflag, connect_type_cnt, i, len, maxsock, msgsock;
int ch, connect_type_cnt, i, len, maxsock, msgsock;
int nfssvc_flag, on = 1, unregister, reregister, sock;
int tcp6sock, ip6flag, tcpflag, tcpsock;
int udpflag, ecode, s;
int bindhostc = 0, bindanyflag, rpcbreg, rpcbregcnt;
char **bindhost = NULL;
pid_t pid;
#ifdef NFSKERB
struct group *grp;
struct passwd *pwd;
struct ucred *cr;
struct timeval ktv;
char **cpp;
#endif
#ifdef __FreeBSD__
struct vfsconf vfc;
int error;
@ -179,20 +144,9 @@ main(argc, argv, envp)
}
if (error)
errx(1, "NFS is not available in the running kernel");
#endif
#ifdef OLD_SETPROCTITLE
/* Save start and extent of argv for setproctitle. */
Argv = argv;
if (envp == 0 || *envp == 0)
envp = argv;
while (*envp)
envp++;
LastArg = envp[-1] + strlen(envp[-1]);
#endif
nfsdcnt = DEFNFSDCNT;
cltpflag = unregister = reregister = tcpflag = 0;
unregister = reregister = tcpflag = 0;
bindanyflag = udpflag;
#define GETOPT "ah:n:rdtu"
#define USAGE "[-ardtu] [-n num_servers] [-h bindip]"
@ -395,90 +349,12 @@ main(argc, argv, envp)
setproctitle("server");
nfssvc_flag = NFSSVC_NFSD;
nsd.nsd_nfsd = NULL;
#ifdef NFSKERB
if (sizeof (struct nfsrpc_fullverf) != RPCX_FULLVERF ||
sizeof (struct nfsrpc_fullblock) != RPCX_FULLBLOCK)
syslog(LOG_ERR, "Yikes NFSKERB structs not packed!");
nsd.nsd_authstr = (u_char *)&kt;
nsd.nsd_authlen = sizeof (kt);
nsd.nsd_verfstr = (u_char *)&kverf;
nsd.nsd_verflen = sizeof (kverf);
#endif
while (nfssvc(nfssvc_flag, &nsd) < 0) {
if (errno != ENEEDAUTH) {
if (errno) {
syslog(LOG_ERR, "nfssvc: %m");
exit(1);
}
nfssvc_flag = NFSSVC_NFSD | NFSSVC_AUTHINFAIL;
#ifdef NFSKERB
/*
* Get the Kerberos ticket out of the authenticator
* verify it and convert the principal name to a user
* name. The user name is then converted to a set of
* user credentials via the password and group file.
* Finally, decrypt the timestamp and validate it.
* For more info see the IETF Draft "Authentication
* in ONC RPC".
*/
kt.length = ntohl(kt.length);
if (gettimeofday(&ktv, (struct timezone *)0) == 0 &&
kt.length > 0 && kt.length <=
(RPCAUTH_MAXSIZ - 3 * NFSX_UNSIGNED)) {
kin.w1 = NFS_KERBW1(kt);
kt.mbz = 0;
(void)strcpy(inst, "*");
if (krb_rd_req(&kt, NFS_KERBSRV,
inst, nsd.nsd_haddr, &kauth, "") == RD_AP_OK &&
krb_kntoln(&kauth, lnam) == KSUCCESS &&
(pwd = getpwnam(lnam)) != NULL) {
cr = &nsd.nsd_cr;
cr->cr_uid = pwd->pw_uid;
cr->cr_groups[0] = pwd->pw_gid;
cr->cr_ngroups = 1;
setgrent();
while ((grp = getgrent()) != NULL) {
if (grp->gr_gid == cr->cr_groups[0])
continue;
for (cpp = grp->gr_mem;
*cpp != NULL; ++cpp)
if (!strcmp(*cpp, lnam))
break;
if (*cpp == NULL)
continue;
cr->cr_groups[cr->cr_ngroups++]
= grp->gr_gid;
if (cr->cr_ngroups == NGROUPS)
break;
}
endgrent();
/*
* Get the timestamp verifier out of the
* authenticator and verifier strings.
*/
kin.t1 = kverf.t1;
kin.t2 = kverf.t2;
kin.w2 = kverf.w2;
bzero((caddr_t)kivec, sizeof (kivec));
bcopy((caddr_t)kauth.session,
(caddr_t)nsd.nsd_key,sizeof(kauth.session));
/*
* Decrypt the timestamp verifier in CBC mode.
*/
XXX
/*
* Validate the timestamp verifier, to
* check that the session key is ok.
*/
nsd.nsd_timestamp.tv_sec = ntohl(kout.t1);
nsd.nsd_timestamp.tv_usec = ntohl(kout.t2);
nsd.nsd_ttl = ntohl(kout.w1);
if ((nsd.nsd_ttl - 1) == ntohl(kout.w2))
nfssvc_flag = NFSSVC_NFSD | NFSSVC_AUTHIN;
}
#endif /* NFSKERB */
nfssvc_flag = NFSSVC_NFSD;
}
exit(0);
}
@ -941,23 +817,3 @@ cleanup(signo)
killchildren();
exit (0);
}
#ifdef OLD_SETPROCTITLE
#ifdef __FreeBSD__
void
setproctitle(a)
char *a;
{
register char *cp;
char buf[80];
cp = Argv[0];
(void)snprintf(buf, sizeof(buf), "nfsd-%s", a);
(void)strncpy(cp, buf, LastArg - cp);
cp += strlen(cp);
while (cp < LastArg)
*cp++ = '\0';
Argv[1] = NULL;
}
#endif /* __FreeBSD__ */
#endif

4
usr.bin/fstat/fstat.c
View File

@ -71,8 +71,8 @@ static const char rcsid[] =
#undef _KERNEL
#include <nfs/nfsproto.h>
#include <nfs/rpcv2.h>
#include <nfs/nfs.h>
#include <nfs/nfsnode.h>
#include <nfsclient/nfs.h>
#include <nfsclient/nfsnode.h>
#include <vm/vm.h>

193
usr.bin/nfsstat/nfsstat.c
View File

@ -54,7 +54,8 @@ static const char rcsid[] =
#include <sys/sysctl.h>
#include <nfs/rpcv2.h>
#include <nfs/nfsproto.h>
#include <nfs/nfs.h>
#include <nfsclient/nfs.h>
#include <nfsserver/nfs.h>
#include <signal.h>
#include <fcntl.h>
#include <ctype.h>
@ -71,7 +72,9 @@ static const char rcsid[] =
struct nlist nl[] = {
#define N_NFSSTAT 0
{ "_nfsstats" },
{ "nfsstats" },
#define N_NFSRVSTAT 1
{ "nfsrvstats" },
"",
};
kvm_t *kd;
@ -167,26 +170,31 @@ main(argc, argv)
* for dead ones.
*/
void
readstats(stp)
struct nfsstats *stp;
readstats(stp, srvstp)
struct nfsstats **stp;
struct nfsrvstats **srvstp;
{
if(deadkernel) {
if(kvm_read(kd, (u_long)nl[N_NFSSTAT].n_value, stp,
sizeof *stp) < 0) {
err(1, "kvm_read");
size_t buflen;
if (deadkernel) {
if (kvm_read(kd, (u_long)nl[N_NFSSTAT].n_value, *stp,
sizeof(struct nfsstats)) < 0) {
*stp = NULL;
}
if (kvm_read(kd, (u_long)nl[N_NFSRVSTAT].n_value, *srvstp,
sizeof(struct nfsrvstats)) < 0) {
*srvstp = NULL;
}
} else {
int name[3];
size_t buflen = sizeof *stp;
struct vfsconf vfc;
if (getvfsbyname("nfs", &vfc) < 0)
err(1, "getvfsbyname: NFS not compiled into kernel");
name[0] = CTL_VFS;
name[1] = vfc.vfc_typenum;
name[2] = NFS_NFSSTATS;
if (sysctl(name, 3, stp, &buflen, (void *)0, (size_t)0) < 0) {
err(1, "sysctl");
buflen = sizeof(struct nfsstats);
if (sysctlbyname("vfs.nfs.nfsstats", *stp, &buflen,
(void *)0, (size_t)0) < 0) {
*stp = NULL;
}
buflen = sizeof(struct nfsrvstats);
if (sysctlbyname("vfs.nfsrv.nfsrvstats", *srvstp, &buflen,
(void *)0, (size_t)0) < 0) {
*srvstp = NULL;
}
}
}
@ -197,10 +205,18 @@ readstats(stp)
void
intpr(int clientOnly, int serverOnly)
{
struct nfsstats nfsstats;
struct nfsstats nfsstats, *nfsstatsp;
struct nfsrvstats nfsrvstats, *nfsrvstatsp;
readstats(&nfsstats);
nfsstatsp = &nfsstats;
nfsrvstatsp = &nfsrvstats;
readstats(&nfsstatsp, &nfsrvstatsp);
if (clientOnly && !nfsstatsp) {
printf("Client not present!\n");
clientOnly = 0;
}
if (clientOnly) {
printf("Client Info:\n");
printf("Rpc Counts:\n");
@ -228,18 +244,14 @@ intpr(int clientOnly, int serverOnly)
nfsstats.rpccnt[NFSPROC_READDIR],
nfsstats.rpccnt[NFSPROC_READDIRPLUS],
nfsstats.rpccnt[NFSPROC_ACCESS]);
printf("%9.9s %9.9s %9.9s %9.9s %9.9s %9.9s %9.9s %9.9s\n",
"Mknod", "Fsstat", "Fsinfo", "PathConf", "Commit",
"GLease", "Vacate", "Evict");
printf("%9d %9d %9d %9d %9d %9d %9d %9d\n",
printf("%9.9s %9.9s %9.9s %9.9s %9.9s\n",
"Mknod", "Fsstat", "Fsinfo", "PathConf", "Commit");
printf("%9d %9d %9d %9d %9d\n",
nfsstats.rpccnt[NFSPROC_MKNOD],
nfsstats.rpccnt[NFSPROC_FSSTAT],
nfsstats.rpccnt[NFSPROC_FSINFO],
nfsstats.rpccnt[NFSPROC_PATHCONF],
nfsstats.rpccnt[NFSPROC_COMMIT],
nfsstats.rpccnt[NQNFSPROC_GETLEASE],
nfsstats.rpccnt[NQNFSPROC_VACATED],
nfsstats.rpccnt[NQNFSPROC_EVICTED]);
nfsstats.rpccnt[NFSPROC_COMMIT]);
printf("Rpc Info:\n");
printf("%9.9s %9.9s %9.9s %9.9s %9.9s\n",
"TimedOut", "Invalid", "X Replies", "Retries",
@ -274,71 +286,64 @@ intpr(int clientOnly, int serverOnly)
printf(" %9d %9d\n",
nfsstats.direofcache_hits, nfsstats.direofcache_misses);
}
if (serverOnly && !nfsrvstatsp) {
printf("Server not present!\n");
serverOnly = 0;
}
if (serverOnly) {
printf("\nServer Info:\n");
printf("%9.9s %9.9s %9.9s %9.9s %9.9s %9.9s %9.9s %9.9s\n",
"Getattr", "Setattr", "Lookup", "Readlink", "Read",
"Write", "Create", "Remove");
printf("%9d %9d %9d %9d %9d %9d %9d %9d\n",
nfsstats.srvrpccnt[NFSPROC_GETATTR],
nfsstats.srvrpccnt[NFSPROC_SETATTR],
nfsstats.srvrpccnt[NFSPROC_LOOKUP],
nfsstats.srvrpccnt[NFSPROC_READLINK],
nfsstats.srvrpccnt[NFSPROC_READ],
nfsstats.srvrpccnt[NFSPROC_WRITE],
nfsstats.srvrpccnt[NFSPROC_CREATE],
nfsstats.srvrpccnt[NFSPROC_REMOVE]);
nfsrvstats.srvrpccnt[NFSPROC_GETATTR],
nfsrvstats.srvrpccnt[NFSPROC_SETATTR],
nfsrvstats.srvrpccnt[NFSPROC_LOOKUP],
nfsrvstats.srvrpccnt[NFSPROC_READLINK],
nfsrvstats.srvrpccnt[NFSPROC_READ],
nfsrvstats.srvrpccnt[NFSPROC_WRITE],
nfsrvstats.srvrpccnt[NFSPROC_CREATE],
nfsrvstats.srvrpccnt[NFSPROC_REMOVE]);
printf("%9.9s %9.9s %9.9s %9.9s %9.9s %9.9s %9.9s %9.9s\n",
"Rename", "Link", "Symlink", "Mkdir", "Rmdir",
"Readdir", "RdirPlus", "Access");
printf("%9d %9d %9d %9d %9d %9d %9d %9d\n",
nfsstats.srvrpccnt[NFSPROC_RENAME],
nfsstats.srvrpccnt[NFSPROC_LINK],
nfsstats.srvrpccnt[NFSPROC_SYMLINK],
nfsstats.srvrpccnt[NFSPROC_MKDIR],
nfsstats.srvrpccnt[NFSPROC_RMDIR],
nfsstats.srvrpccnt[NFSPROC_READDIR],
nfsstats.srvrpccnt[NFSPROC_READDIRPLUS],
nfsstats.srvrpccnt[NFSPROC_ACCESS]);
printf("%9.9s %9.9s %9.9s %9.9s %9.9s %9.9s %9.9s %9.9s\n",
"Mknod", "Fsstat", "Fsinfo", "PathConf", "Commit",
"GLease", "Vacate", "Evict");
printf("%9d %9d %9d %9d %9d %9d %9d %9d\n",
nfsstats.srvrpccnt[NFSPROC_MKNOD],
nfsstats.srvrpccnt[NFSPROC_FSSTAT],
nfsstats.srvrpccnt[NFSPROC_FSINFO],
nfsstats.srvrpccnt[NFSPROC_PATHCONF],
nfsstats.srvrpccnt[NFSPROC_COMMIT],
nfsstats.srvrpccnt[NQNFSPROC_GETLEASE],
nfsstats.srvrpccnt[NQNFSPROC_VACATED],
nfsstats.srvrpccnt[NQNFSPROC_EVICTED]);
nfsrvstats.srvrpccnt[NFSPROC_RENAME],
nfsrvstats.srvrpccnt[NFSPROC_LINK],
nfsrvstats.srvrpccnt[NFSPROC_SYMLINK],
nfsrvstats.srvrpccnt[NFSPROC_MKDIR],
nfsrvstats.srvrpccnt[NFSPROC_RMDIR],
nfsrvstats.srvrpccnt[NFSPROC_READDIR],
nfsrvstats.srvrpccnt[NFSPROC_READDIRPLUS],
nfsrvstats.srvrpccnt[NFSPROC_ACCESS]);
printf("%9.9s %9.9s %9.9s %9.9s %9.9s\n",
"Mknod", "Fsstat", "Fsinfo", "PathConf", "Commit");
printf("%9d %9d %9d %9d %9d\n",
nfsrvstats.srvrpccnt[NFSPROC_MKNOD],
nfsrvstats.srvrpccnt[NFSPROC_FSSTAT],
nfsrvstats.srvrpccnt[NFSPROC_FSINFO],
nfsrvstats.srvrpccnt[NFSPROC_PATHCONF],
nfsrvstats.srvrpccnt[NFSPROC_COMMIT]);
printf("Server Ret-Failed\n");
printf("%17d\n", nfsstats.srvrpc_errs);
printf("%17d\n", nfsrvstats.srvrpc_errs);
printf("Server Faults\n");
printf("%13d\n", nfsstats.srv_errs);
printf("%13d\n", nfsrvstats.srv_errs);
printf("Server Cache Stats:\n");
printf("%9.9s %9.9s %9.9s %9.9s\n",
"Inprog", "Idem", "Non-idem", "Misses");
printf("%9d %9d %9d %9d\n",
nfsstats.srvcache_inproghits,
nfsstats.srvcache_idemdonehits,
nfsstats.srvcache_nonidemdonehits,
nfsstats.srvcache_misses);
printf("Server Lease Stats:\n");
printf("%9.9s %9.9s %9.9s\n",
"Leases", "PeakL", "GLeases");
printf("%9d %9d %9d\n",
nfsstats.srvnqnfs_leases,
nfsstats.srvnqnfs_maxleases,
nfsstats.srvnqnfs_getleases);
nfsrvstats.srvcache_inproghits,
nfsrvstats.srvcache_idemdonehits,
nfsrvstats.srvcache_nonidemdonehits,
nfsrvstats.srvcache_misses);
printf("Server Write Gathering:\n");
printf("%9.9s %9.9s %9.9s\n",
"WriteOps", "WriteRPC", "Opsaved");
printf("%9d %9d %9d\n",
nfsstats.srvvop_writes,
nfsstats.srvrpccnt[NFSPROC_WRITE],
nfsstats.srvrpccnt[NFSPROC_WRITE] -
nfsstats.srvvop_writes);
nfsrvstats.srvvop_writes,
nfsrvstats.srvrpccnt[NFSPROC_WRITE],
nfsrvstats.srvrpccnt[NFSPROC_WRITE] -
nfsrvstats.srvvop_writes);
}
}
@ -353,14 +358,27 @@ u_char signalled; /* set if alarm goes off "early" */
void
sidewaysintpr(u_int interval, int clientOnly, int serverOnly)
{
struct nfsstats nfsstats, lastst;
struct nfsstats nfsstats, lastst, *nfsstatsp;
struct nfsrvstats nfsrvstats, lastsrvst, *nfsrvstatsp;
int hdrcnt = 1;
readstats(&lastst);
nfsstatsp = &lastst;
nfsrvstatsp = &lastsrvst;
readstats(&nfsstatsp, &nfsrvstatsp);
if (clientOnly && !nfsstatsp) {
printf("Client not present!\n");
clientOnly = 0;
}
if (serverOnly && !nfsrvstatsp) {
printf("Server not present!\n");
serverOnly = 0;
}
sleep(interval);
for (;;) {
readstats(&nfsstats);
nfsstatsp = &nfsstats;
nfsrvstatsp = &nfsrvstats;
readstats(&nfsstatsp, &nfsrvstatsp);
if (--hdrcnt == 0) {
printhdr(clientOnly, serverOnly);
@ -398,22 +416,23 @@ sidewaysintpr(u_int interval, int clientOnly, int serverOnly)
);
}
printf("\n");
lastst = nfsstats;
}
if (serverOnly) {
printf("%s %6d %6d %6d %6d %6d %6d %6d %6d",
((clientOnly && serverOnly) ? "Server:" : ""),
nfsstats.srvrpccnt[NFSPROC_GETATTR]-lastst.srvrpccnt[NFSPROC_GETATTR],
nfsstats.srvrpccnt[NFSPROC_LOOKUP]-lastst.srvrpccnt[NFSPROC_LOOKUP],
nfsstats.srvrpccnt[NFSPROC_READLINK]-lastst.srvrpccnt[NFSPROC_READLINK],
nfsstats.srvrpccnt[NFSPROC_READ]-lastst.srvrpccnt[NFSPROC_READ],
nfsstats.srvrpccnt[NFSPROC_WRITE]-lastst.srvrpccnt[NFSPROC_WRITE],
nfsstats.srvrpccnt[NFSPROC_RENAME]-lastst.srvrpccnt[NFSPROC_RENAME],
nfsstats.srvrpccnt[NFSPROC_ACCESS]-lastst.srvrpccnt[NFSPROC_ACCESS],
(nfsstats.srvrpccnt[NFSPROC_READDIR]-lastst.srvrpccnt[NFSPROC_READDIR])
+(nfsstats.srvrpccnt[NFSPROC_READDIRPLUS]-lastst.srvrpccnt[NFSPROC_READDIRPLUS]));
nfsrvstats.srvrpccnt[NFSPROC_GETATTR]-lastsrvst.srvrpccnt[NFSPROC_GETATTR],
nfsrvstats.srvrpccnt[NFSPROC_LOOKUP]-lastsrvst.srvrpccnt[NFSPROC_LOOKUP],
nfsrvstats.srvrpccnt[NFSPROC_READLINK]-lastsrvst.srvrpccnt[NFSPROC_READLINK],
nfsrvstats.srvrpccnt[NFSPROC_READ]-lastsrvst.srvrpccnt[NFSPROC_READ],
nfsrvstats.srvrpccnt[NFSPROC_WRITE]-lastsrvst.srvrpccnt[NFSPROC_WRITE],
nfsrvstats.srvrpccnt[NFSPROC_RENAME]-lastsrvst.srvrpccnt[NFSPROC_RENAME],
nfsrvstats.srvrpccnt[NFSPROC_ACCESS]-lastsrvst.srvrpccnt[NFSPROC_ACCESS],
(nfsrvstats.srvrpccnt[NFSPROC_READDIR]-lastsrvst.srvrpccnt[NFSPROC_READDIR])
+(nfsrvstats.srvrpccnt[NFSPROC_READDIRPLUS]-lastsrvst.srvrpccnt[NFSPROC_READDIRPLUS]));
printf("\n");
lastsrvst = nfsrvstats;
}
lastst = nfsstats;
fflush(stdout);
sleep(interval);
}

27
usr.sbin/mountd/mountd.c
View File

@ -61,7 +61,7 @@ static const char rcsid[] =
#include <rpcsvc/mount.h>
#include <nfs/rpcv2.h>
#include <nfs/nfsproto.h>
#include <nfs/nfs.h>
#include <nfsserver/nfs.h>
#include <ufs/ufs/ufsmount.h>
#include <fs/msdosfs/msdosfsmount.h>
#include <fs/ntfs/ntfsmount.h>
@ -109,7 +109,6 @@ struct dirlist {
/* dp_flag bits */
#define DP_DEFSET 0x1
#define DP_HOSTSET 0x2
#define DP_KERB 0x4
struct exportlist {
struct exportlist *ex_next;
@ -236,7 +235,7 @@ int mountdlockfd;
/* Bits for opt_flags above */
#define OP_MAPROOT 0x01
#define OP_MAPALL 0x02
#define OP_KERB 0x04
/* 0x4 free */
#define OP_MASK 0x08
#define OP_NET 0x10
#define OP_ALLDIRS 0x40
@ -745,10 +744,7 @@ xdr_fhs(xdrsp, cp)
return (0);
if (!xdr_opaque(xdrsp, (caddr_t)&fhrp->fhr_fh, len))
return (0);
if (fhrp->fhr_flag & DP_KERB)
auth = RPCAUTH_KERB4;
else
auth = RPCAUTH_UNIX;
auth = RPCAUTH_UNIX;
len = 1;
if (!xdr_long(xdrsp, &len))
return (0);
@ -1298,12 +1294,8 @@ hang_dirp(dp, grp, ep, flags)
ep->ex_defdir = dp;
if (grp == (struct grouplist *)NULL) {
ep->ex_defdir->dp_flag |= DP_DEFSET;
if (flags & OP_KERB)
ep->ex_defdir->dp_flag |= DP_KERB;
} else while (grp) {
hp = get_ht();
if (flags & OP_KERB)
hp->ht_flag |= DP_KERB;
hp->ht_grp = grp;
hp->ht_next = ep->ex_defdir->dp_hosts;
ep->ex_defdir->dp_hosts = hp;
@ -1360,8 +1352,6 @@ add_dlist(dpp, newdp, grp, flags)
*/
do {
hp = get_ht();
if (flags & OP_KERB)
hp->ht_flag |= DP_KERB;
hp->ht_grp = grp;
hp->ht_next = dp->dp_hosts;
dp->dp_hosts = hp;
@ -1369,8 +1359,6 @@ add_dlist(dpp, newdp, grp, flags)
} while (grp);
} else {
dp->dp_flag |= DP_DEFSET;
if (flags & OP_KERB)
dp->dp_flag |= DP_KERB;
}
}
@ -1538,9 +1526,6 @@ do_opt(cpp, endcpp, ep, grp, has_hostp, exflagsp, cr)
opt_flags |= OP_MAPALL;
} else
opt_flags |= OP_MAPROOT;
} else if (!strcmp(cpopt, "kerb") || !strcmp(cpopt, "k")) {
*exflagsp |= MNT_EXKERB;
opt_flags |= OP_KERB;
} else if (cpoptarg && (!strcmp(cpopt, "mask") ||
!strcmp(cpopt, "m"))) {
if (get_net(cpoptarg, &grp->gr_ptr.gt_net, 1)) {
@ -2285,10 +2270,8 @@ check_options(dp)
if (dp == (struct dirlist *)NULL)
return (1);
if ((opt_flags & (OP_MAPROOT | OP_MAPALL)) == (OP_MAPROOT | OP_MAPALL) ||
(opt_flags & (OP_MAPROOT | OP_KERB)) == (OP_MAPROOT | OP_KERB) ||
(opt_flags & (OP_MAPALL | OP_KERB)) == (OP_MAPALL | OP_KERB)) {
syslog(LOG_ERR, "-mapall, -maproot and -kerb mutually exclusive");
if ((opt_flags & (OP_MAPROOT | OP_MAPALL)) == (OP_MAPROOT | OP_MAPALL)) {
syslog(LOG_ERR, "-mapall and -maproot mutually exclusive");
return (1);
}
if ((opt_flags & OP_MASK) && (opt_flags & OP_NET) == 0) {

8
usr.sbin/nfsd/Makefile
View File

@ -2,14 +2,6 @@
# $FreeBSD$
PROG= nfsd
CFLAGS+=-DNFS
MAN= nfsd.8
.if exists(${DESTDIR}/usr/lib/libkrb.a) && defined(MAKE_KERBEROS4)
CFLAGS+=-DKERBEROS
DPADD+= ${LIBKRB} ${LIBCRYPTO}
LDADD+= -lkrb -lcrypto
DISTRIBUTION= krb4
.endif
.include <bsd.prog.mk>

154
usr.sbin/nfsd/nfsd.c
View File

@ -60,12 +60,7 @@ static const char rcsid[] =
#include <arpa/inet.h>
#include <nfs/rpcv2.h>
#include <nfs/nfsproto.h>
#include <nfs/nfs.h>
#ifdef NFSKERB
#include <kerberosIV/des.h>
#include <kerberosIV/krb.h>
#endif
#include <nfsserver/nfs.h>
#include <err.h>
#include <errno.h>
@ -84,22 +79,6 @@ int debug = 0;
#endif
struct nfsd_srvargs nsd;
#ifdef OLD_SETPROCTITLE
char **Argv = NULL; /* pointer to argument vector */
char *LastArg = NULL; /* end of argv */
#endif
#ifdef NFSKERB
char lnam[ANAME_SZ];
KTEXT_ST kt;
AUTH_DAT kauth;
char inst[INST_SZ];
struct nfsrpc_fullblock kin, kout;
struct nfsrpc_fullverf kverf;
NFSKERBKEY_T kivec;
struct timeval ktv;
NFSKERBKEYSCHED_T kerb_keysched;
#endif
#define MAXNFSDCNT 20
#define DEFNFSDCNT 4
@ -111,11 +90,6 @@ void killchildren(void);
void nonfs (int);
void reapchild (int);
int setbindhost (struct addrinfo **ia, const char *bindhost, struct addrinfo hints);
#ifdef OLD_SETPROCTITLE
#ifdef __FreeBSD__
void setproctitle (char *);
#endif
#endif
void unregistration (void);
void usage (void);
@ -132,7 +106,6 @@ void usage (void);
* For connection based sockets, loop doing accepts. When you get a new
* socket from accept, pass the msgsock into the kernel via. nfssvc().
* The arguments are:
* -c - support iso cltp clients
* -r - reregister with rpcbind
* -d - unregister with rpcbind
* -t - support tcp nfs clients
@ -152,21 +125,13 @@ main(argc, argv, envp)
struct sockaddr_in6 inet6peer;
fd_set ready, sockbits;
fd_set v4bits, v6bits;
int ch, cltpflag, connect_type_cnt, i, len, maxsock, msgsock;
int ch, connect_type_cnt, i, len, maxsock, msgsock;
int nfssvc_flag, on = 1, unregister, reregister, sock;
int tcp6sock, ip6flag, tcpflag, tcpsock;
int udpflag, ecode, s;
int bindhostc = 0, bindanyflag, rpcbreg, rpcbregcnt;
char **bindhost = NULL;
pid_t pid;
#ifdef NFSKERB
struct group *grp;
struct passwd *pwd;
struct ucred *cr;
struct timeval ktv;
char **cpp;
#endif
#ifdef __FreeBSD__
struct vfsconf vfc;
int error;
@ -179,20 +144,9 @@ main(argc, argv, envp)
}
if (error)
errx(1, "NFS is not available in the running kernel");
#endif
#ifdef OLD_SETPROCTITLE
/* Save start and extent of argv for setproctitle. */
Argv = argv;
if (envp == 0 || *envp == 0)
envp = argv;
while (*envp)
envp++;
LastArg = envp[-1] + strlen(envp[-1]);
#endif
nfsdcnt = DEFNFSDCNT;
cltpflag = unregister = reregister = tcpflag = 0;
unregister = reregister = tcpflag = 0;
bindanyflag = udpflag;
#define GETOPT "ah:n:rdtu"
#define USAGE "[-ardtu] [-n num_servers] [-h bindip]"
@ -395,90 +349,12 @@ main(argc, argv, envp)
setproctitle("server");
nfssvc_flag = NFSSVC_NFSD;
nsd.nsd_nfsd = NULL;
#ifdef NFSKERB
if (sizeof (struct nfsrpc_fullverf) != RPCX_FULLVERF ||
sizeof (struct nfsrpc_fullblock) != RPCX_FULLBLOCK)
syslog(LOG_ERR, "Yikes NFSKERB structs not packed!");
nsd.nsd_authstr = (u_char *)&kt;
nsd.nsd_authlen = sizeof (kt);
nsd.nsd_verfstr = (u_char *)&kverf;
nsd.nsd_verflen = sizeof (kverf);
#endif
while (nfssvc(nfssvc_flag, &nsd) < 0) {
if (errno != ENEEDAUTH) {
if (errno) {
syslog(LOG_ERR, "nfssvc: %m");
exit(1);
}
nfssvc_flag = NFSSVC_NFSD | NFSSVC_AUTHINFAIL;
#ifdef NFSKERB
/*
* Get the Kerberos ticket out of the authenticator
* verify it and convert the principal name to a user
* name. The user name is then converted to a set of
* user credentials via the password and group file.
* Finally, decrypt the timestamp and validate it.
* For more info see the IETF Draft "Authentication
* in ONC RPC".
*/
kt.length = ntohl(kt.length);
if (gettimeofday(&ktv, (struct timezone *)0) == 0 &&
kt.length > 0 && kt.length <=
(RPCAUTH_MAXSIZ - 3 * NFSX_UNSIGNED)) {
kin.w1 = NFS_KERBW1(kt);
kt.mbz = 0;
(void)strcpy(inst, "*");
if (krb_rd_req(&kt, NFS_KERBSRV,
inst, nsd.nsd_haddr, &kauth, "") == RD_AP_OK &&
krb_kntoln(&kauth, lnam) == KSUCCESS &&
(pwd = getpwnam(lnam)) != NULL) {
cr = &nsd.nsd_cr;
cr->cr_uid = pwd->pw_uid;
cr->cr_groups[0] = pwd->pw_gid;
cr->cr_ngroups = 1;
setgrent();
while ((grp = getgrent()) != NULL) {
if (grp->gr_gid == cr->cr_groups[0])
continue;
for (cpp = grp->gr_mem;
*cpp != NULL; ++cpp)
if (!strcmp(*cpp, lnam))
break;
if (*cpp == NULL)
continue;
cr->cr_groups[cr->cr_ngroups++]
= grp->gr_gid;
if (cr->cr_ngroups == NGROUPS)
break;
}
endgrent();
/*
* Get the timestamp verifier out of the
* authenticator and verifier strings.
*/
kin.t1 = kverf.t1;
kin.t2 = kverf.t2;
kin.w2 = kverf.w2;
bzero((caddr_t)kivec, sizeof (kivec));
bcopy((caddr_t)kauth.session,
(caddr_t)nsd.nsd_key,sizeof(kauth.session));
/*
* Decrypt the timestamp verifier in CBC mode.
*/
XXX
/*
* Validate the timestamp verifier, to
* check that the session key is ok.
*/
nsd.nsd_timestamp.tv_sec = ntohl(kout.t1);
nsd.nsd_timestamp.tv_usec = ntohl(kout.t2);
nsd.nsd_ttl = ntohl(kout.w1);
if ((nsd.nsd_ttl - 1) == ntohl(kout.w2))
nfssvc_flag = NFSSVC_NFSD | NFSSVC_AUTHIN;
}
#endif /* NFSKERB */
nfssvc_flag = NFSSVC_NFSD;
}
exit(0);
}
@ -941,23 +817,3 @@ cleanup(signo)
killchildren();
exit (0);
}
#ifdef OLD_SETPROCTITLE
#ifdef __FreeBSD__
void
setproctitle(a)
char *a;
{
register char *cp;
char buf[80];
cp = Argv[0];
(void)snprintf(buf, sizeof(buf), "nfsd-%s", a);
(void)strncpy(cp, buf, LastArg - cp);
cp += strlen(cp);
while (cp < LastArg)
*cp++ = '\0';
Argv[1] = NULL;
}
#endif /* __FreeBSD__ */
#endif

6
usr.sbin/pstat/pstat.8
View File

@ -342,12 +342,6 @@ I/O buffers being flushed
locally modified data exists
.It E
an earlier write failed
.It X
non-cacheable lease (nqnfs)
.It O
write lease (nqnfs)
.It G
lease was evicted (nqnfs)
.It A
special file accessed
.It U

10
usr.sbin/pstat/pstat.c
View File

@ -61,8 +61,8 @@ static const char rcsid[] =
#include <sys/stat.h>
#include <nfs/rpcv2.h>
#include <nfs/nfsproto.h>
#include <nfs/nfs.h>
#include <nfs/nfsnode.h>
#include <nfsclient/nfs.h>
#include <nfsclient/nfsnode.h>
#include <sys/ioctl.h>
#include <sys/ioctl_compat.h> /* XXX NTTYDISC is too well hidden */
#include <sys/tty.h>
@ -537,12 +537,6 @@ nfs_print(vp)
*flags++ = 'M';
if (flag & NWRITEERR)
*flags++ = 'E';
if (flag & NQNFSNONCACHE)
*flags++ = 'X';
if (flag & NQNFSWRITE)
*flags++ = 'O';
if (flag & NQNFSEVICTED)
*flags++ = 'G';
if (flag & NACC)
*flags++ = 'A';
if (flag & NUPD)

10
usr.sbin/rpc.lockd/kern.c
View File

@ -45,17 +45,17 @@
#include <unistd.h>
#include "nlm_prot.h"
#include "nfs/nfs_lock.h"
#include <nfs/rpcv2.h>
#include <nfs/nfsproto.h>
#include <nfsclient/nfs_lock.h>
#include "lockd.h"
#include "lockd_lock.h"
#include <nfs/rpcv2.h>
#include <nfs/nfsproto.h>
#include <nfs/nfs.h>
#include <nfsclient/nfs.h>
#define nfslockdans(_v, _ansp) \
((_ansp)->la_vers = _v, \
nfssvc(NFSSVC_LOCKDANS, _ansp))
nfsclnt(NFSCLNT_LOCKDANS, _ansp))
/* Lock request owner. */
typedef struct __owner {