Commit Graph

26 Commits

Author SHA1 Message Date
Warner Losh
42b388439b Remove $FreeBSD$: one-line .h pattern
Remove /^\s*\*+\s*\$FreeBSD\$.*$\n/
2023-08-16 11:54:23 -06:00
Warner Losh
b61a573019 spdx: The BSD-2-Clause-NetBSD identifier is obsolete, drop -NetBSD
The SPDX folks have obsoleted the BSD-2-Clause-NetBSD identifier. Catch
up to that fact and revert to their recommended match of BSD-2-Clause.

Discussed with:		pfg
MFC After:		3 days
Sponsored by:		Netflix
2023-05-12 10:44:04 -06:00
Dmitry Ovsyannikov
9f48eea366 rpcbind: get contact addr from xprt members
Addition to D31491 in order to actually resolve the top root cause.

Currently rpcbind gets contact address from connectionless xprt->xp_p2
member of a transport and will fail to get it when working over
connection oriented transport, leading to a guess game in terms of
contact address on rpcinfo requests like RPCBPROC_GETVERSADDR or
RPCBPROC_GETADDRLIST and poor returns which may influence a user
of a call and specifically reported on OSX clients, which tend to
not provide address hint from rpcinfo request to a server.

MFC after:	1 week
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D35220
2022-06-13 08:54:08 -05:00
David Bright
d18c9a9197 RPCBIND: skip ipv6 link local when request is not from link local address
RPCINFO on macOS behaves different compared to other linux clients and
doesn't provide request address in rpcb structure of the
RPCBPROC_GETADDRLIST call which doesn't seem to be forbidden.

In this case RPCBIND uses RPC call's source address and picks a
closest corresponding local address. If there are no addresses in the
same subnet as the source address, return of RPCBIND may vary
depending on the order of addresses returned in getifaddrs. If a link
local precedes global address it may be returned even if the request
comes from neither a link local nor from link local in a different
scope, which will prevent services like nfs from working in tpc6
scenario on macOS clients. Issue can be seen only on FreeBSD rpcbind
port due to changes in workflow of addrmerge call.

Submitted by:	Dmitry Ovsyannikov (Dmitry.Ovsyannikov@dell.com)
Reviewers:	dab
Differential Revision:	https://reviews.freebsd.org/D31491
Sponsored by:	Dell EMC
MFC to:	stable/12, stable/13
MFC after:	1 week
2021-10-04 10:45:26 -07:00
Xin LI
c3fc0d96f3 Remove unused includes. 2018-01-01 09:41:18 +00:00
Pedro F. Giffuni
1de7b4b805 various: general adoption of SPDX licensing ID tags.
Mainly focus on files that use BSD 2-Clause license, however the tool I
was using misidentified many licenses so this was mostly a manual - error
prone - task.

The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.

No functional change intended.
2017-11-27 15:37:16 +00:00
Enji Cooper
98a7b0ba5c Follow up to r300932
In the event MK_INET6 != no in userspace, but is disabled in the
kernel, or if there aren't any IPv6 addresses configured in userspace
(for lo0 and all physical interfaces), rpcbind would terminate
immediately instead of silently failing on

Skip over the IPv6 block to its respective cleanup with freeifaddrs if
creating the socket failed instead of terminating rpcbind immediately

MFC after: 6 days
X-MFC with: r300932
Reported by: O. Hartmann <ohartman@zedat.fu-berlin.de>
Sponsored by: EMC / Isilon Storage Division
2016-05-29 20:28:01 +00:00
Mark Johnston
5656b5057e Fix rpcbind init after r300941.
- getaddrinfo() sets res = NULL on failure and freeaddrinfo() always
  dereferences its argument, so we should only free the address list after
  a successful call.
- Address a second potential leak caused by getaddrinfo(AF_INET6)
  overwriting the address list returned by getaddrinfo(AF_INET).

X-MFC-With:	r300941
2016-05-29 19:46:34 +00:00
Enji Cooper
370b69af0f Remove unnecessary caller_uaddr != NULL test before calling free on it
MFC after: 3 days
Sponsored by: EMC / Isilon Storage Division
2016-05-29 06:29:22 +00:00
Enji Cooper
b07f123b60 Don't leak res in network_init(..)
Call freeaddrinfo on it after it's been used

MFC after: 1 week
Reported by: Coverity
CID: 1225050
Sponsored by: EMC / Isilon Storage Division
2016-05-29 05:55:21 +00:00
Enji Cooper
4b528ceaf7 Plug leak with ifp by calling freeifaddrs after calling getifaddrs
MFC after: 1 week
Obtained from: NetBSD v1.18
Sponsored by: EMC / Isilon Storage Division
2016-05-29 04:02:02 +00:00
Enji Cooper
43db5d126c Catch malloc(3) errors and socket(2) errors
- malloc failing will result in a delayed segfault
- socket failing will result in delayed failures with setsockopt

Exit in the event that either of these high-level conditions are met.

Reported by: Coverity
CID: 976288, 976321, 976858
Sponsored by: EMC / Isilon Storage Division
2016-05-29 03:42:50 +00:00
Enji Cooper
65d4c609a4 Only expose hint_uaddr in the ND_DEBUG case
This fixes a -Wunused-but-set-variable warning with gcc

MFC after: 1 week
Reported by: gcc 5
Sponsored by: EMC / Isilon Storage Division
2016-05-27 19:30:13 +00:00
Alan Somers
a85f12322c "source routing" in rpcbind
Fix a bug in rpcbind for multihomed hosts. If the server had interfaces on
two separate subnets, and a client on the first subnet contacted rpcbind at
the address on the second subnet, rpcbind would advertise addresses on the
first subnet. This is a bug, because it should prefer to advertise the
address where it was contacted. The requested service might be firewalled
off from the address on the first subnet, for example.

usr.sbin/rpcbind/check_bound.c
	If the address on which a request was received is known, pass that
	to addrmerge as the clnt_uaddr parameter. That is what addrmerge's
	comment indicates the parameter is supposed to mean. The previous
	behavior is that clnt_uaddr would contain the address from which the
	client sent the request.

usr.sbin/rpcbind/util.c
	Modify addrmerge to prefer to use an IP that is equal to clnt_uaddr,
	if one is found. Refactor the relevant portion of the function for
	clarity, and to reduce the number of ifdefs.

etc/mtree/BSD.tests.dist
usr.sbin/rpcbind/tests/Makefile
usr.sbin/rpcbind/tests/addrmerge_test.c
	Add unit tests for usr.sbin/rpcbind/util.c:addrmerge.

usr.sbin/rpcbind/check_bound.c
usr.sbin/rpcbind/rpcbind.h
usr.sbin/rpcbind/util.c
	Constify some function arguments

Reviewed by:	imp
MFC after:	4 weeks
Sponsored by:	Spectra Logic Corp
Differential Revision:	https://reviews.freebsd.org/D4690
2016-01-06 00:00:11 +00:00
Hiroki Sato
6bbfef9004 Fill sin6_scope_id in sockaddr_in6 before passing it from the kernel to
userland via routing socket or sysctl.  This eliminates the following
KAME-specific sin6_scope_id handling routine from each userland utility:

 sin6.sin6_scope_id = ntohs(*(u_int16_t *)&sin6.sin6_addr.s6_addr[2]);

This behavior can be controlled by net.inet6.ip6.deembed_scopeid.  This is
set to 1 by default (sin6_scope_id will be filled in the kernel).

Reviewed by:	bz
2012-11-17 20:19:00 +00:00
Xin LI
07de1c52db Use prototype. While I'm there, add a pair of parenthesis to mark an if
statment's border.

MFC after:	1 month
2011-07-14 07:28:49 +00:00
Rebecca Cran
6bccea7c2b Fix typos - remove duplicate "the".
PR:	bin/154928
Submitted by:	Eitan Adler <lists at eitanadler.com>
MFC after: 	3 days
2011-02-21 09:01:34 +00:00
Warner Losh
f77a51d7a8 Revert bogus change that snuck into r203972. 2010-02-17 06:11:05 +00:00
Warner Losh
08ab090881 The NetBSD Foundation has given permission to remove clause 3 and 4
from their liceense.

Obtained from:	NetBSD
2010-02-16 21:47:05 +00:00
Warner Losh
923dd9a7a7 When you have multiple addresses on the same network on different
interfaces (such as when you are part of a carp pool), and you run
rpcbind -h to restrict which interfaces have rpc services, rpcbind can
none-the-less return addresses that aren't in the -h list.  This patch
enforces the rule that when you specify -h on the command line, then
services returned from rpcbind must be to one of the addresses listed
in -h, or be a loopback address (since localhost is implicit when
running -h).

The root cause of this is the assumption in addrmerge that there can
be only one interface that matches a given network IP address.  This
turns out not to be the case.  To retain historical behavior, I didn't
try to fix the routine to prefer the address that the request came
into, since I didn't know the side effects that might cause in the
normal case.  My quick analysis suggests that it wouldn't be a
problem, but since this code is tricky I opted for the more
conservative patch of only restricting the reply when -h is in effect.

Hence, this change will have no effect when you are running rpcbind
without -h.

Reviewed by:	alfred@
Sponsored by:	iX Systems
MFC after:	2 weeks
2010-02-09 18:10:56 +00:00
Kevin Lo
784bddbc5b Cleanup of userland __P use 2007-11-07 10:53:41 +00:00
Alfred Perlstein
4180788ff0 WARNS=3 safety (mostly), use __unused for unused params and unsigned where
needed to avoid warnings about comparing signed and unsigned values.
2002-10-07 02:56:59 +00:00
Ian Dowse
e8418b515c Simplify to bitmaskcmp() to use the obvious approach instead of
comparing bit by bit.

Make the logic in in6_fillscopeid() match that in our ifconfig(8):
only set the scope ID if there is one in the address and none in
sin6_scope_id.

Correct a comment in network_init() that didn't make sense; it was
probably never updated after it was pasted from similar code in
addrmerge().
2001-07-14 17:04:26 +00:00
Ian Dowse
99d4ecdfc0 Clean up the addrmerge() function, which was over-complicated and
contained a number of memory leaks. The changes include:

 - Add a comment describing what addrmerge() does.
 - Deal with 0.0.0.0./::. or AF_LOCAL callers correctly.
 - Use rpcbind_get_conf() instead of getnetconfigent() so we don't
   have to remember to free the returned netconfig struct.
 - Make just one pass through the ifaddrs list; we can pick up a fallback
   interface address in the same pass as the netmask comparison.
 - Define and use SA2SIN* macros to avoid the need for loads of
   protocol-specific local variables.
 - Use mostly protocol-independent code for building the netbuf version
   of the address to be returned.
 - Use the common cleanup code for virtually all error and non-error
   cases, fixing a number of memory leaks.
2001-06-24 15:03:06 +00:00
Ian Dowse
05f91f8d49 Bring in some bugfixes from NetBSD. I'm going to make a more
extensive pass through the rpcbind code soon, but I might as well
bring these in now.

- (NetBSD util.c r1.5) Move the initialisation of `tbuf' to avoid
  a case where it could end up containing junk from the stack. This
  should address the issue in PR bin/26806.
- (NetBSD util.c r1.6) Don't `merge' AF_LOCAL addresses, fix a few
  memory leaks.

PR:		bin/26806
Submitted by:	Martin Blapp <mb@imp.ch>
Obtained from:	NetBSD
2001-04-26 17:05:55 +00:00
Alfred Perlstein
8360efbd6c Bring in a hybrid of SunSoft's transport-independent RPC (TI-RPC) and
associated changes that had to happen to make this possible as well as
bugs fixed along the way.

  Bring in required TLI library routines to support this.

  Since we don't support TLI we've essentially copied what NetBSD
  has done, adding a thin layer to emulate direct the TLI calls
  into BSD socket calls.

  This is mostly from Sun's tirpc release that was made in 1994,
  however some fixes were backported from the 1999 release (supposedly
  only made available after this porting effort was underway).

  The submitter has agreed to continue on and bring us up to the
  1999 release.

  Several key features are introduced with this update:
    Client calls are thread safe. (1999 code has server side thread
    safe)
    Updated, a more modern interface.

  Many userland updates were done to bring the code up to par with
  the recent RPC API.

  There is an update to the pthreads library, a function
  pthread_main_np() was added to emulate a function of Sun's threads
  library.

  While we're at it, bring in NetBSD's lockd, it's been far too
  long of a wait.

  New rpcbind(8) replaces portmap(8) (supporting communication over
  an authenticated Unix-domain socket, and by default only allowing
  set and unset requests over that channel). It's much more secure
  than the old portmapper.

  Umount(8), mountd(8), mount_nfs(8), nfsd(8) have also been upgraded
  to support TI-RPC and to support IPV6.

  Umount(8) is also fixed to unmount pathnames longer than 80 chars,
  which are currently truncated by the Kernel statfs structure.

Submitted by: Martin Blapp <mb@imp.ch>
Manpage review: ru
Secure RPC implemented by: wpaul
2001-03-19 12:50:13 +00:00