Add support for NIS v1 client procedures. The following procedures
are currently implemented: YPOLDPROC_NULL YPOLDPROC_DOMAIN YPOLDPROC_DOMAIN_NONACK YPOLDPROC_FIRST YPOLDPROC_NEXT YPOLDPROC_MATCH YPOLDPROC_POLL These are all implemented as wrappers around their v2 counterparts. The YPOLDPROC_PUSH, PULL and GET procedures are not implemented since a) I couldn't figure out exactly what to have them do, and b) I suspect they're used for doing map transfers between master and slave servers, which we already do using the v2 protocol anyway. This means we can server NIS v1 clients but can't be a master or slave with NIS v1-only servers. I think I'll get over it. :) The -k (sunos_4_kludge) flag and associated code has been removed since it is no longer needed. Also tweaked yp_access() to handle both sets of procedures and updated the man page.
This commit is contained in:
parent
2a781cb86e
commit
9573c1f163
@ -49,12 +49,27 @@
|
||||
#endif
|
||||
|
||||
#ifndef lint
|
||||
static const char rcsid[] = "$Id: yp_access.c,v 1.3 1996/02/24 22:01:41 wpaul Exp $";
|
||||
static const char rcsid[] = "$Id: yp_access.c,v 1.1 1996/02/25 19:27:59 wpaul Exp $";
|
||||
#endif
|
||||
|
||||
extern int debug;
|
||||
|
||||
char *yp_procs[] = { "ypproc_null" ,
|
||||
/* NIS v1 */
|
||||
char *yp_procs[] = { "ypoldproc_null",
|
||||
"ypoldproc_domain",
|
||||
"ypoldproc_domain_nonack",
|
||||
"ypoldproc_match",
|
||||
"ypoldproc_first",
|
||||
"ypoldproc_next",
|
||||
"ypoldproc_poll",
|
||||
"ypoldproc_push",
|
||||
"ypoldproc_get",
|
||||
"badproc1", /* placeholder */
|
||||
"badproc2", /* placeholder */
|
||||
"badproc3", /* placeholder */
|
||||
|
||||
/* NIS v2 */
|
||||
"ypproc_null" ,
|
||||
"ypproc_domain",
|
||||
"ypproc_domain_nonack",
|
||||
"ypproc_match",
|
||||
@ -68,6 +83,7 @@ char *yp_procs[] = { "ypproc_null" ,
|
||||
"ypproc_maplist"
|
||||
};
|
||||
|
||||
|
||||
#ifdef TCP_WRAPPER
|
||||
void load_securenets()
|
||||
{
|
||||
@ -200,15 +216,16 @@ int yp_access(map, rqstp)
|
||||
#ifndef TCP_WRAPPER
|
||||
struct securenet *tmp;
|
||||
#endif
|
||||
char *yp_procedure = NULL;
|
||||
|
||||
yp_procedure = rqstp->rq_prog == YPPASSWDPROG ? "yppasswdprog_update" :
|
||||
yp_procs[rqstp->rq_proc + (12 * (rqstp->rq_vers - 1))];
|
||||
|
||||
rqhost = svc_getcaller(rqstp->rq_xprt);
|
||||
|
||||
if (debug) {
|
||||
yp_error("Procedure %s called from %s:%d",
|
||||
/* Hack to allow rpc.yppasswdd to use this routine */
|
||||
rqstp->rq_prog == YPPASSWDPROG ?
|
||||
"yppasswdproc_update" :
|
||||
yp_procs[rqstp->rq_proc], inet_ntoa(rqhost->sin_addr),
|
||||
yp_error("Procedure %s called from %s:%d", yp_procedure,
|
||||
inet_ntoa(rqhost->sin_addr),
|
||||
ntohs(rqhost->sin_port));
|
||||
if (map != NULL)
|
||||
yp_error("Client is referencing map \"%s\".", map);
|
||||
@ -244,9 +261,7 @@ int yp_access(map, rqstp)
|
||||
yp_error("connect from %s:%d to procedure %s refused",
|
||||
inet_ntoa(rqhost->sin_addr),
|
||||
ntohs(rqhost->sin_port),
|
||||
rqstp->rq_prog == YPPASSWDPROG ?
|
||||
"yppasswdproc_update" :
|
||||
yp_procs[rqstp->rq_proc]);
|
||||
yp_procedure);
|
||||
oldaddr = rqhost->sin_addr.s_addr;
|
||||
}
|
||||
return(1);
|
||||
|
@ -29,7 +29,7 @@
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $Id: yp_main.c,v 1.2 1995/12/23 21:35:32 wpaul Exp $
|
||||
* $Id: yp_main.c,v 1.1 1996/02/25 19:29:34 wpaul Exp $
|
||||
*/
|
||||
|
||||
/*
|
||||
@ -65,7 +65,7 @@
|
||||
|
||||
#define _RPCSVC_CLOSEDOWN 120
|
||||
#ifndef lint
|
||||
static char rcsid[] = "$Id: yp_main.c,v 1.2 1995/12/23 21:35:32 wpaul Exp $";
|
||||
static char rcsid[] = "$Id: yp_main.c,v 1.1 1996/02/25 19:29:34 wpaul Exp $";
|
||||
#endif /* not lint */
|
||||
int _rpcpmstart; /* Started by a port monitor ? */
|
||||
static int _rpcfdtype;
|
||||
@ -76,6 +76,7 @@ static int _rpcfdtype;
|
||||
#define _SERVED 1
|
||||
#define _SERVING 2
|
||||
|
||||
extern void ypprog_1 __P((struct svc_req, register SVCXPRT));
|
||||
extern void ypprog_2 __P((struct svc_req, register SVCXPRT));
|
||||
extern int _rpc_dtablesize __P((void));
|
||||
extern int _rpcsvcstate; /* Set when a request is serviced */
|
||||
@ -83,7 +84,6 @@ char *progname = "ypserv";
|
||||
char *yp_dir = _PATH_YP;
|
||||
int debug = 0;
|
||||
int do_dns = 0;
|
||||
int sunos_4_kludge = 0;
|
||||
|
||||
static
|
||||
void _msgout(char* msg)
|
||||
@ -138,8 +138,7 @@ yp_svc_run()
|
||||
static void unregister()
|
||||
{
|
||||
(void) pmap_unset(YPPROG, YPVERS);
|
||||
if (sunos_4_kludge)
|
||||
(void) pmap_unset(YPPROG, 1);
|
||||
(void) pmap_unset(YPPROG, YPOLDVERS);
|
||||
}
|
||||
|
||||
static void reaper(sig)
|
||||
@ -163,7 +162,7 @@ static void reaper(sig)
|
||||
|
||||
static void usage()
|
||||
{
|
||||
fprintf(stderr, "Usage: %s [-h] [-d] [-n] [-k] [-p path]\n", progname);
|
||||
fprintf(stderr, "Usage: %s [-h] [-d] [-n] [-p path]\n", progname);
|
||||
exit(1);
|
||||
}
|
||||
|
||||
@ -208,7 +207,7 @@ main(argc, argv)
|
||||
int asize = sizeof (saddr);
|
||||
int ch;
|
||||
|
||||
while ((ch = getopt(argc, argv, "hdnkp:")) != EOF) {
|
||||
while ((ch = getopt(argc, argv, "hdnp:")) != EOF) {
|
||||
switch(ch) {
|
||||
case 'd':
|
||||
debug = ypdb_debug = 1;
|
||||
@ -216,9 +215,6 @@ main(argc, argv)
|
||||
case 'n':
|
||||
do_dns = 1;
|
||||
break;
|
||||
case 'k':
|
||||
sunos_4_kludge = 1;
|
||||
break;
|
||||
case 'p':
|
||||
yp_dir = optarg;
|
||||
break;
|
||||
@ -252,24 +248,9 @@ main(argc, argv)
|
||||
}
|
||||
sock = RPC_ANYSOCK;
|
||||
(void) pmap_unset(YPPROG, YPVERS);
|
||||
if (sunos_4_kludge)
|
||||
(void) pmap_unset(YPPROG, 1);
|
||||
}
|
||||
|
||||
if (sunos_4_kludge && ((_rpcfdtype == 0)||(_rpcfdtype == SOCK_DGRAM))) {
|
||||
transp = svcudp_create(sock);
|
||||
if (transp == NULL) {
|
||||
_msgout("cannot create udp service.");
|
||||
exit(1);
|
||||
}
|
||||
if (!_rpcpmstart)
|
||||
proto = IPPROTO_UDP;
|
||||
if (!svc_register(transp, YPPROG, 1, ypprog_2, proto)) {
|
||||
_msgout("unable to register (YPPROG, OLDYPVERS, udp).");
|
||||
exit(1);
|
||||
}
|
||||
}
|
||||
|
||||
if ((_rpcfdtype == 0) || (_rpcfdtype == SOCK_DGRAM)) {
|
||||
transp = svcudp_create(sock);
|
||||
if (transp == NULL) {
|
||||
@ -278,6 +259,10 @@ main(argc, argv)
|
||||
}
|
||||
if (!_rpcpmstart)
|
||||
proto = IPPROTO_UDP;
|
||||
if (!svc_register(transp, YPPROG, YPOLDVERS, ypprog_1, proto)) {
|
||||
_msgout("unable to register (YPPROG, YPOLDVERS, udp).");
|
||||
exit(1);
|
||||
}
|
||||
if (!svc_register(transp, YPPROG, YPVERS, ypprog_2, proto)) {
|
||||
_msgout("unable to register (YPPROG, YPVERS, udp).");
|
||||
exit(1);
|
||||
@ -292,6 +277,10 @@ main(argc, argv)
|
||||
}
|
||||
if (!_rpcpmstart)
|
||||
proto = IPPROTO_TCP;
|
||||
if (!svc_register(transp, YPPROG, YPOLDVERS, ypprog_1, proto)) {
|
||||
_msgout("unable to register (YPPROG, YPOLDVERS, tcp).");
|
||||
exit(1);
|
||||
}
|
||||
if (!svc_register(transp, YPPROG, YPVERS, ypprog_2, proto)) {
|
||||
_msgout("unable to register (YPPROG, YPVERS, tcp).");
|
||||
exit(1);
|
||||
|
@ -45,13 +45,17 @@
|
||||
#include <rpc/rpc.h>
|
||||
|
||||
#ifndef lint
|
||||
static char rcsid[] = "$Id: yp_server.c,v 1.2 1995/12/23 21:35:35 wpaul Exp $";
|
||||
static char rcsid[] = "$Id: yp_server.c,v 1.3 1996/02/26 02:23:39 wpaul Exp $";
|
||||
#endif /* not lint */
|
||||
|
||||
int forked = 0;
|
||||
int children = 0;
|
||||
DB *spec_dbp = NULL; /* Special global DB handle for ypproc_all. */
|
||||
|
||||
/*
|
||||
* NIS v2 support. This is where most of the action happens.
|
||||
*/
|
||||
|
||||
void *
|
||||
ypproc_null_2_svc(void *argp, struct svc_req *rqstp)
|
||||
{
|
||||
@ -698,3 +702,198 @@ ypproc_maplist_2_svc(domainname *argp, struct svc_req *rqstp)
|
||||
|
||||
return (&result);
|
||||
}
|
||||
|
||||
/*
|
||||
* NIS v1 support. The nullproc, domain and domain_nonack
|
||||
* functions from v1 are identical to those in v2, so all
|
||||
* we have to do is hand off to them.
|
||||
*
|
||||
* The other functions are mostly just wrappers around their v2
|
||||
* counterparts. For example, for the v1 'match' procedure, we
|
||||
* crack open the argument structure, make a request to the v2
|
||||
* 'match' function, repackage the data into a v1 response and
|
||||
* then send it on its way.
|
||||
*
|
||||
* Note that we don't support the pull, push and get procedures.
|
||||
* There's little documentation available to show what they
|
||||
* do, and I suspect they're meant largely for map transfers
|
||||
* between master and slave servers.
|
||||
*/
|
||||
|
||||
void *
|
||||
ypoldproc_null_1_svc(void *argp, struct svc_req *rqstp)
|
||||
{
|
||||
return(ypproc_null_2_svc(argp, rqstp));
|
||||
}
|
||||
|
||||
bool_t *
|
||||
ypoldproc_domain_1_svc(domainname *argp, struct svc_req *rqstp)
|
||||
{
|
||||
return(ypproc_domain_2_svc(argp, rqstp));
|
||||
}
|
||||
|
||||
bool_t *
|
||||
ypoldproc_domain_nonack_1_svc(domainname *argp, struct svc_req *rqstp)
|
||||
{
|
||||
return (ypproc_domain_nonack_2_svc(argp, rqstp));
|
||||
}
|
||||
|
||||
ypresponse *
|
||||
ypoldproc_match_1_svc(yprequest *argp, struct svc_req *rqstp)
|
||||
{
|
||||
static ypresponse result;
|
||||
ypresp_val *v2_result;
|
||||
|
||||
result.yp_resptype = YPRESP_VAL;
|
||||
|
||||
if (argp->yp_reqtype != YPREQ_KEY) {
|
||||
result.ypresponse_u.yp_resp_valtype.stat = YP_BADARGS;
|
||||
return(&result);
|
||||
}
|
||||
|
||||
v2_result = ypproc_match_2_svc(&argp->yprequest_u.yp_req_keytype,rqstp);
|
||||
if (v2_result == NULL)
|
||||
return(NULL);
|
||||
|
||||
bcopy((char *)v2_result,
|
||||
(char *)&result.ypresponse_u.yp_resp_valtype,
|
||||
sizeof(ypresp_val));
|
||||
|
||||
return (&result);
|
||||
}
|
||||
|
||||
ypresponse *
|
||||
ypoldproc_first_1_svc(yprequest *argp, struct svc_req *rqstp)
|
||||
{
|
||||
static ypresponse result;
|
||||
ypresp_key_val *v2_result;
|
||||
|
||||
result.yp_resptype = YPRESP_KEY_VAL;
|
||||
|
||||
if (argp->yp_reqtype != YPREQ_NOKEY) {
|
||||
result.ypresponse_u.yp_resp_key_valtype.stat = YP_BADARGS;
|
||||
return(&result);
|
||||
}
|
||||
|
||||
v2_result = ypproc_first_2_svc(&argp->yprequest_u.yp_req_nokeytype,
|
||||
rqstp);
|
||||
if (v2_result == NULL)
|
||||
return(NULL);
|
||||
|
||||
bcopy((char *)v2_result,
|
||||
(char *)&result.ypresponse_u.yp_resp_key_valtype,
|
||||
sizeof(ypresp_key_val));
|
||||
|
||||
return (&result);
|
||||
}
|
||||
|
||||
ypresponse *
|
||||
ypoldproc_next_1_svc(yprequest *argp, struct svc_req *rqstp)
|
||||
{
|
||||
static ypresponse result;
|
||||
ypresp_key_val *v2_result;
|
||||
|
||||
result.yp_resptype = YPRESP_KEY_VAL;
|
||||
|
||||
if (argp->yp_reqtype != YPREQ_KEY) {
|
||||
result.ypresponse_u.yp_resp_key_valtype.stat = YP_BADARGS;
|
||||
return(&result);
|
||||
}
|
||||
|
||||
v2_result = ypproc_next_2_svc(&argp->yprequest_u.yp_req_keytype,rqstp);
|
||||
if (v2_result == NULL)
|
||||
return(NULL);
|
||||
|
||||
bcopy((char *)v2_result,
|
||||
(char *)&result.ypresponse_u.yp_resp_key_valtype,
|
||||
sizeof(ypresp_key_val));
|
||||
|
||||
return (&result);
|
||||
}
|
||||
|
||||
ypresponse *
|
||||
ypoldproc_poll_1_svc(yprequest *argp, struct svc_req *rqstp)
|
||||
{
|
||||
static ypresponse result;
|
||||
ypresp_master *v2_result1;
|
||||
ypresp_order *v2_result2;
|
||||
|
||||
result.yp_resptype = YPRESP_MAP_PARMS;
|
||||
result.ypresponse_u.yp_resp_map_parmstype.domain =
|
||||
argp->yprequest_u.yp_req_nokeytype.domain;
|
||||
result.ypresponse_u.yp_resp_map_parmstype.map =
|
||||
argp->yprequest_u.yp_req_nokeytype.map;
|
||||
/*
|
||||
* Hmm... there is no 'status' value in the
|
||||
* yp_resp_map_parmstype structure, so I have to
|
||||
* guess at what to do to indicate a failure.
|
||||
* I hope this is right.
|
||||
*/
|
||||
result.ypresponse_u.yp_resp_map_parmstype.ordernum = 0;
|
||||
result.ypresponse_u.yp_resp_map_parmstype.peer = "";
|
||||
|
||||
if (argp->yp_reqtype != YPREQ_MAP_PARMS) {
|
||||
return(&result);
|
||||
}
|
||||
|
||||
v2_result1 = ypproc_master_2_svc(&argp->yprequest_u.yp_req_nokeytype,
|
||||
rqstp);
|
||||
if (v2_result1 == NULL)
|
||||
return(NULL);
|
||||
|
||||
if (v2_result1->stat != YP_TRUE) {
|
||||
return(&result);
|
||||
}
|
||||
|
||||
v2_result2 = ypproc_order_2_svc(&argp->yprequest_u.yp_req_nokeytype,
|
||||
rqstp);
|
||||
if (v2_result2 == NULL)
|
||||
return(NULL);
|
||||
|
||||
if (v2_result2->stat != YP_TRUE) {
|
||||
return(&result);
|
||||
}
|
||||
|
||||
result.ypresponse_u.yp_resp_map_parmstype.peer =
|
||||
v2_result1->peer;
|
||||
result.ypresponse_u.yp_resp_map_parmstype.ordernum =
|
||||
v2_result2->ordernum;
|
||||
|
||||
return (&result);
|
||||
}
|
||||
|
||||
ypresponse *
|
||||
ypoldproc_push_1_svc(yprequest *argp, struct svc_req *rqstp)
|
||||
{
|
||||
static ypresponse result;
|
||||
|
||||
/*
|
||||
* Not implemented.
|
||||
*/
|
||||
|
||||
return (&result);
|
||||
}
|
||||
|
||||
ypresponse *
|
||||
ypoldproc_pull_1_svc(yprequest *argp, struct svc_req *rqstp)
|
||||
{
|
||||
static ypresponse result;
|
||||
|
||||
/*
|
||||
* Not implemented.
|
||||
*/
|
||||
|
||||
return (&result);
|
||||
}
|
||||
|
||||
ypresponse *
|
||||
ypoldproc_get_1_svc(yprequest *argp, struct svc_req *rqstp)
|
||||
{
|
||||
static ypresponse result;
|
||||
|
||||
/*
|
||||
* Not implemented.
|
||||
*/
|
||||
|
||||
return (&result);
|
||||
}
|
||||
|
@ -28,7 +28,7 @@
|
||||
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
.\" SUCH DAMAGE.
|
||||
.\"
|
||||
.\" $Id: ypserv.8,v 1.1.1.1 1995/12/16 20:54:17 wpaul Exp $
|
||||
.\" $Id: ypserv.8,v 1.2 1996/02/26 02:17:18 wpaul Exp $
|
||||
.\"
|
||||
.Dd February 4, 1995
|
||||
.Dt YPSERV 8
|
||||
@ -40,7 +40,6 @@
|
||||
.Nm ypserv
|
||||
.Op Fl n
|
||||
.Op Fl d
|
||||
.Op Fl k
|
||||
.Op Fl p Ar path
|
||||
.Sh DESCRIPTION
|
||||
.Nm NIS
|
||||
@ -239,6 +238,25 @@ Note: while both of these access control mechanisms provide some
|
||||
security, they, like the privileged port test, are both vulnerable
|
||||
to ``IP spoofing'' attacks.
|
||||
.Pp
|
||||
.Ss NIS v1 compatibility
|
||||
This version of
|
||||
.Nm ypserv
|
||||
has some support for serving NIS v1 clients. FreeBSD's NIS
|
||||
implementation only uses the NIS v2 protocol, however other implementations
|
||||
include support for the vi protocol for backwards compatibility
|
||||
with older systems. The
|
||||
.Xr ypbind 8
|
||||
daemons supplied with these systems will try to establish a binding
|
||||
to an NIS v1
|
||||
server even though they may never actually need it (and they may
|
||||
persist in broadcasting in search of one even after they receive a
|
||||
response from a v2 server). Note that while
|
||||
support for normal client calls is provided, this version of
|
||||
.Nm ypserv
|
||||
does not handle v1 map transfer requests; consequently, it can not
|
||||
be used as a master or slave in conjunction with older NIS servers that
|
||||
only support the v1 protocol. Fortunately, there probably aren't any
|
||||
such servers still in use today.
|
||||
.Ss NIS servers that are also NIS clients
|
||||
Care must be taken when running
|
||||
.Nm ypserv
|
||||
@ -304,20 +322,6 @@ often take a fair amount of time to complete and are therefore handled
|
||||
in subprocesses, allowing the parent server process to go on handling
|
||||
other requests.) This makes it easier to trace the server with
|
||||
a debugging tool.
|
||||
.It Fl k
|
||||
This flag is provided for compatibility with SunOS 4. The
|
||||
.Xr ypbind 8
|
||||
command in SunOS 4 apparently expects to obtain a response from an
|
||||
NIS v1 server. Starting
|
||||
.Xr ypserv 8
|
||||
with the
|
||||
.Fl k
|
||||
flag causes it to register itself as an NIS v1 server and
|
||||
respond to YPPROC_DOMAIN_NONACK requests. Note carefully: this is
|
||||
merely a kludge (hence the 'k') to pacify SunOS 4's
|
||||
.Xr ypbind 8
|
||||
command: attempts to make the server actually handle NIS v1 queries
|
||||
will undoubtedly fail quite miserably.
|
||||
.It Fl p Ar path
|
||||
Normally,
|
||||
.Nm ypserv
|
||||
@ -351,4 +355,4 @@ Bill Paul <wpaul@ctr.columbia.edu>
|
||||
.Sh HISTORY
|
||||
This version of
|
||||
.Nm ypserv
|
||||
first appeared in FreeBSD 2.1.
|
||||
first appeared in FreeBSD 2.2.
|
||||
|
Loading…
Reference in New Issue
Block a user