Add support for NIS v1 client procedures. The following procedures

are currently implemented:

YPOLDPROC_NULL
YPOLDPROC_DOMAIN
YPOLDPROC_DOMAIN_NONACK
YPOLDPROC_FIRST
YPOLDPROC_NEXT
YPOLDPROC_MATCH
YPOLDPROC_POLL

These are all implemented as wrappers around their v2 counterparts.

The YPOLDPROC_PUSH, PULL and GET procedures are not implemented since
a) I couldn't figure out exactly what to have them do, and b) I
suspect they're used for doing map transfers between master and
slave servers, which we already do using the v2 protocol anyway.
This means we can server NIS v1 clients but can't be a master or
slave with NIS v1-only servers. I think I'll get over it. :)

The -k (sunos_4_kludge) flag and associated code has been removed
since it is no longer needed.

Also tweaked yp_access() to handle both sets of procedures and
updated the man page.
This commit is contained in:
Bill Paul 1996-02-26 02:34:27 +00:00
parent 2a781cb86e
commit 9573c1f163
4 changed files with 261 additions and 54 deletions

View File

@ -49,12 +49,27 @@
#endif
#ifndef lint
static const char rcsid[] = "$Id: yp_access.c,v 1.3 1996/02/24 22:01:41 wpaul Exp $";
static const char rcsid[] = "$Id: yp_access.c,v 1.1 1996/02/25 19:27:59 wpaul Exp $";
#endif
extern int debug;
char *yp_procs[] = { "ypproc_null" ,
/* NIS v1 */
char *yp_procs[] = { "ypoldproc_null",
"ypoldproc_domain",
"ypoldproc_domain_nonack",
"ypoldproc_match",
"ypoldproc_first",
"ypoldproc_next",
"ypoldproc_poll",
"ypoldproc_push",
"ypoldproc_get",
"badproc1", /* placeholder */
"badproc2", /* placeholder */
"badproc3", /* placeholder */
/* NIS v2 */
"ypproc_null" ,
"ypproc_domain",
"ypproc_domain_nonack",
"ypproc_match",
@ -68,6 +83,7 @@ char *yp_procs[] = { "ypproc_null" ,
"ypproc_maplist"
};
#ifdef TCP_WRAPPER
void load_securenets()
{
@ -200,15 +216,16 @@ int yp_access(map, rqstp)
#ifndef TCP_WRAPPER
struct securenet *tmp;
#endif
char *yp_procedure = NULL;
yp_procedure = rqstp->rq_prog == YPPASSWDPROG ? "yppasswdprog_update" :
yp_procs[rqstp->rq_proc + (12 * (rqstp->rq_vers - 1))];
rqhost = svc_getcaller(rqstp->rq_xprt);
if (debug) {
yp_error("Procedure %s called from %s:%d",
/* Hack to allow rpc.yppasswdd to use this routine */
rqstp->rq_prog == YPPASSWDPROG ?
"yppasswdproc_update" :
yp_procs[rqstp->rq_proc], inet_ntoa(rqhost->sin_addr),
yp_error("Procedure %s called from %s:%d", yp_procedure,
inet_ntoa(rqhost->sin_addr),
ntohs(rqhost->sin_port));
if (map != NULL)
yp_error("Client is referencing map \"%s\".", map);
@ -244,9 +261,7 @@ int yp_access(map, rqstp)
yp_error("connect from %s:%d to procedure %s refused",
inet_ntoa(rqhost->sin_addr),
ntohs(rqhost->sin_port),
rqstp->rq_prog == YPPASSWDPROG ?
"yppasswdproc_update" :
yp_procs[rqstp->rq_proc]);
yp_procedure);
oldaddr = rqhost->sin_addr.s_addr;
}
return(1);

View File

@ -29,7 +29,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $Id: yp_main.c,v 1.2 1995/12/23 21:35:32 wpaul Exp $
* $Id: yp_main.c,v 1.1 1996/02/25 19:29:34 wpaul Exp $
*/
/*
@ -65,7 +65,7 @@
#define _RPCSVC_CLOSEDOWN 120
#ifndef lint
static char rcsid[] = "$Id: yp_main.c,v 1.2 1995/12/23 21:35:32 wpaul Exp $";
static char rcsid[] = "$Id: yp_main.c,v 1.1 1996/02/25 19:29:34 wpaul Exp $";
#endif /* not lint */
int _rpcpmstart; /* Started by a port monitor ? */
static int _rpcfdtype;
@ -76,6 +76,7 @@ static int _rpcfdtype;
#define _SERVED 1
#define _SERVING 2
extern void ypprog_1 __P((struct svc_req, register SVCXPRT));
extern void ypprog_2 __P((struct svc_req, register SVCXPRT));
extern int _rpc_dtablesize __P((void));
extern int _rpcsvcstate; /* Set when a request is serviced */
@ -83,7 +84,6 @@ char *progname = "ypserv";
char *yp_dir = _PATH_YP;
int debug = 0;
int do_dns = 0;
int sunos_4_kludge = 0;
static
void _msgout(char* msg)
@ -138,8 +138,7 @@ yp_svc_run()
static void unregister()
{
(void) pmap_unset(YPPROG, YPVERS);
if (sunos_4_kludge)
(void) pmap_unset(YPPROG, 1);
(void) pmap_unset(YPPROG, YPOLDVERS);
}
static void reaper(sig)
@ -163,7 +162,7 @@ static void reaper(sig)
static void usage()
{
fprintf(stderr, "Usage: %s [-h] [-d] [-n] [-k] [-p path]\n", progname);
fprintf(stderr, "Usage: %s [-h] [-d] [-n] [-p path]\n", progname);
exit(1);
}
@ -208,7 +207,7 @@ main(argc, argv)
int asize = sizeof (saddr);
int ch;
while ((ch = getopt(argc, argv, "hdnkp:")) != EOF) {
while ((ch = getopt(argc, argv, "hdnp:")) != EOF) {
switch(ch) {
case 'd':
debug = ypdb_debug = 1;
@ -216,9 +215,6 @@ main(argc, argv)
case 'n':
do_dns = 1;
break;
case 'k':
sunos_4_kludge = 1;
break;
case 'p':
yp_dir = optarg;
break;
@ -252,22 +248,7 @@ main(argc, argv)
}
sock = RPC_ANYSOCK;
(void) pmap_unset(YPPROG, YPVERS);
if (sunos_4_kludge)
(void) pmap_unset(YPPROG, 1);
}
if (sunos_4_kludge && ((_rpcfdtype == 0)||(_rpcfdtype == SOCK_DGRAM))) {
transp = svcudp_create(sock);
if (transp == NULL) {
_msgout("cannot create udp service.");
exit(1);
}
if (!_rpcpmstart)
proto = IPPROTO_UDP;
if (!svc_register(transp, YPPROG, 1, ypprog_2, proto)) {
_msgout("unable to register (YPPROG, OLDYPVERS, udp).");
exit(1);
}
(void) pmap_unset(YPPROG, 1);
}
if ((_rpcfdtype == 0) || (_rpcfdtype == SOCK_DGRAM)) {
@ -278,6 +259,10 @@ main(argc, argv)
}
if (!_rpcpmstart)
proto = IPPROTO_UDP;
if (!svc_register(transp, YPPROG, YPOLDVERS, ypprog_1, proto)) {
_msgout("unable to register (YPPROG, YPOLDVERS, udp).");
exit(1);
}
if (!svc_register(transp, YPPROG, YPVERS, ypprog_2, proto)) {
_msgout("unable to register (YPPROG, YPVERS, udp).");
exit(1);
@ -292,6 +277,10 @@ main(argc, argv)
}
if (!_rpcpmstart)
proto = IPPROTO_TCP;
if (!svc_register(transp, YPPROG, YPOLDVERS, ypprog_1, proto)) {
_msgout("unable to register (YPPROG, YPOLDVERS, tcp).");
exit(1);
}
if (!svc_register(transp, YPPROG, YPVERS, ypprog_2, proto)) {
_msgout("unable to register (YPPROG, YPVERS, tcp).");
exit(1);

View File

@ -45,13 +45,17 @@
#include <rpc/rpc.h>
#ifndef lint
static char rcsid[] = "$Id: yp_server.c,v 1.2 1995/12/23 21:35:35 wpaul Exp $";
static char rcsid[] = "$Id: yp_server.c,v 1.3 1996/02/26 02:23:39 wpaul Exp $";
#endif /* not lint */
int forked = 0;
int children = 0;
DB *spec_dbp = NULL; /* Special global DB handle for ypproc_all. */
/*
* NIS v2 support. This is where most of the action happens.
*/
void *
ypproc_null_2_svc(void *argp, struct svc_req *rqstp)
{
@ -698,3 +702,198 @@ ypproc_maplist_2_svc(domainname *argp, struct svc_req *rqstp)
return (&result);
}
/*
* NIS v1 support. The nullproc, domain and domain_nonack
* functions from v1 are identical to those in v2, so all
* we have to do is hand off to them.
*
* The other functions are mostly just wrappers around their v2
* counterparts. For example, for the v1 'match' procedure, we
* crack open the argument structure, make a request to the v2
* 'match' function, repackage the data into a v1 response and
* then send it on its way.
*
* Note that we don't support the pull, push and get procedures.
* There's little documentation available to show what they
* do, and I suspect they're meant largely for map transfers
* between master and slave servers.
*/
void *
ypoldproc_null_1_svc(void *argp, struct svc_req *rqstp)
{
return(ypproc_null_2_svc(argp, rqstp));
}
bool_t *
ypoldproc_domain_1_svc(domainname *argp, struct svc_req *rqstp)
{
return(ypproc_domain_2_svc(argp, rqstp));
}
bool_t *
ypoldproc_domain_nonack_1_svc(domainname *argp, struct svc_req *rqstp)
{
return (ypproc_domain_nonack_2_svc(argp, rqstp));
}
ypresponse *
ypoldproc_match_1_svc(yprequest *argp, struct svc_req *rqstp)
{
static ypresponse result;
ypresp_val *v2_result;
result.yp_resptype = YPRESP_VAL;
if (argp->yp_reqtype != YPREQ_KEY) {
result.ypresponse_u.yp_resp_valtype.stat = YP_BADARGS;
return(&result);
}
v2_result = ypproc_match_2_svc(&argp->yprequest_u.yp_req_keytype,rqstp);
if (v2_result == NULL)
return(NULL);
bcopy((char *)v2_result,
(char *)&result.ypresponse_u.yp_resp_valtype,
sizeof(ypresp_val));
return (&result);
}
ypresponse *
ypoldproc_first_1_svc(yprequest *argp, struct svc_req *rqstp)
{
static ypresponse result;
ypresp_key_val *v2_result;
result.yp_resptype = YPRESP_KEY_VAL;
if (argp->yp_reqtype != YPREQ_NOKEY) {
result.ypresponse_u.yp_resp_key_valtype.stat = YP_BADARGS;
return(&result);
}
v2_result = ypproc_first_2_svc(&argp->yprequest_u.yp_req_nokeytype,
rqstp);
if (v2_result == NULL)
return(NULL);
bcopy((char *)v2_result,
(char *)&result.ypresponse_u.yp_resp_key_valtype,
sizeof(ypresp_key_val));
return (&result);
}
ypresponse *
ypoldproc_next_1_svc(yprequest *argp, struct svc_req *rqstp)
{
static ypresponse result;
ypresp_key_val *v2_result;
result.yp_resptype = YPRESP_KEY_VAL;
if (argp->yp_reqtype != YPREQ_KEY) {
result.ypresponse_u.yp_resp_key_valtype.stat = YP_BADARGS;
return(&result);
}
v2_result = ypproc_next_2_svc(&argp->yprequest_u.yp_req_keytype,rqstp);
if (v2_result == NULL)
return(NULL);
bcopy((char *)v2_result,
(char *)&result.ypresponse_u.yp_resp_key_valtype,
sizeof(ypresp_key_val));
return (&result);
}
ypresponse *
ypoldproc_poll_1_svc(yprequest *argp, struct svc_req *rqstp)
{
static ypresponse result;
ypresp_master *v2_result1;
ypresp_order *v2_result2;
result.yp_resptype = YPRESP_MAP_PARMS;
result.ypresponse_u.yp_resp_map_parmstype.domain =
argp->yprequest_u.yp_req_nokeytype.domain;
result.ypresponse_u.yp_resp_map_parmstype.map =
argp->yprequest_u.yp_req_nokeytype.map;
/*
* Hmm... there is no 'status' value in the
* yp_resp_map_parmstype structure, so I have to
* guess at what to do to indicate a failure.
* I hope this is right.
*/
result.ypresponse_u.yp_resp_map_parmstype.ordernum = 0;
result.ypresponse_u.yp_resp_map_parmstype.peer = "";
if (argp->yp_reqtype != YPREQ_MAP_PARMS) {
return(&result);
}
v2_result1 = ypproc_master_2_svc(&argp->yprequest_u.yp_req_nokeytype,
rqstp);
if (v2_result1 == NULL)
return(NULL);
if (v2_result1->stat != YP_TRUE) {
return(&result);
}
v2_result2 = ypproc_order_2_svc(&argp->yprequest_u.yp_req_nokeytype,
rqstp);
if (v2_result2 == NULL)
return(NULL);
if (v2_result2->stat != YP_TRUE) {
return(&result);
}
result.ypresponse_u.yp_resp_map_parmstype.peer =
v2_result1->peer;
result.ypresponse_u.yp_resp_map_parmstype.ordernum =
v2_result2->ordernum;
return (&result);
}
ypresponse *
ypoldproc_push_1_svc(yprequest *argp, struct svc_req *rqstp)
{
static ypresponse result;
/*
* Not implemented.
*/
return (&result);
}
ypresponse *
ypoldproc_pull_1_svc(yprequest *argp, struct svc_req *rqstp)
{
static ypresponse result;
/*
* Not implemented.
*/
return (&result);
}
ypresponse *
ypoldproc_get_1_svc(yprequest *argp, struct svc_req *rqstp)
{
static ypresponse result;
/*
* Not implemented.
*/
return (&result);
}

View File

@ -28,7 +28,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" $Id: ypserv.8,v 1.1.1.1 1995/12/16 20:54:17 wpaul Exp $
.\" $Id: ypserv.8,v 1.2 1996/02/26 02:17:18 wpaul Exp $
.\"
.Dd February 4, 1995
.Dt YPSERV 8
@ -40,7 +40,6 @@
.Nm ypserv
.Op Fl n
.Op Fl d
.Op Fl k
.Op Fl p Ar path
.Sh DESCRIPTION
.Nm NIS
@ -239,6 +238,25 @@ Note: while both of these access control mechanisms provide some
security, they, like the privileged port test, are both vulnerable
to ``IP spoofing'' attacks.
.Pp
.Ss NIS v1 compatibility
This version of
.Nm ypserv
has some support for serving NIS v1 clients. FreeBSD's NIS
implementation only uses the NIS v2 protocol, however other implementations
include support for the vi protocol for backwards compatibility
with older systems. The
.Xr ypbind 8
daemons supplied with these systems will try to establish a binding
to an NIS v1
server even though they may never actually need it (and they may
persist in broadcasting in search of one even after they receive a
response from a v2 server). Note that while
support for normal client calls is provided, this version of
.Nm ypserv
does not handle v1 map transfer requests; consequently, it can not
be used as a master or slave in conjunction with older NIS servers that
only support the v1 protocol. Fortunately, there probably aren't any
such servers still in use today.
.Ss NIS servers that are also NIS clients
Care must be taken when running
.Nm ypserv
@ -304,20 +322,6 @@ often take a fair amount of time to complete and are therefore handled
in subprocesses, allowing the parent server process to go on handling
other requests.) This makes it easier to trace the server with
a debugging tool.
.It Fl k
This flag is provided for compatibility with SunOS 4. The
.Xr ypbind 8
command in SunOS 4 apparently expects to obtain a response from an
NIS v1 server. Starting
.Xr ypserv 8
with the
.Fl k
flag causes it to register itself as an NIS v1 server and
respond to YPPROC_DOMAIN_NONACK requests. Note carefully: this is
merely a kludge (hence the 'k') to pacify SunOS 4's
.Xr ypbind 8
command: attempts to make the server actually handle NIS v1 queries
will undoubtedly fail quite miserably.
.It Fl p Ar path
Normally,
.Nm ypserv
@ -351,4 +355,4 @@ Bill Paul <wpaul@ctr.columbia.edu>
.Sh HISTORY
This version of
.Nm ypserv
first appeared in FreeBSD 2.1.
first appeared in FreeBSD 2.2.