Commit Graph

183 Commits

Author SHA1 Message Date
charnier
d2168fe021 The .Nm utility 2002-07-14 14:47:15 +00:00
des
b1c4fde84a Fix a boatload of format errors and constness violations.
Sponsored by:	DARPA, NAI Labs
2002-05-08 15:41:15 +00:00
des
e48f76df85 Spell void * as void * rather than caddr_t. This is complicated by the
fact that caddr_t is often misspelled as char *.

Sponsored by:	DARPA, NAI Labs
2002-04-28 15:18:50 +00:00
markm
bc43ca23fc Sort out the documentation WRT TCP_WRAPPERs, which is now enabled. 2002-02-06 20:48:03 +00:00
markm
5396b38d3d Fix an inconsistency between what FreeBSD NIS and AMD think the
AMD map name should be.
2002-02-06 20:42:36 +00:00
markm
5351d0d669 Enable TCP_WRAPPERs for the NIS server. The protection afforded is
not massive, but usable.
2002-02-06 20:39:36 +00:00
des
d7b064e238 ANSIfy and remove some dead code.
Sponsored by:	DARPA, NAI Labs
2002-02-06 15:26:07 +00:00
des
0f2cb9b020 Apply the following mechanical transformations in preparation for
ansification and constification:

    s{\s+__P\((\(.*?\))\)}{$1}g;
    s{\(\s+}{\(}g;
    s{\s+\)}{\)}g;
    s{\s+,}{,}g;
    s{(\s+)(for|if|switch|while)\(}{$1$2 \(}g;
    s{return ([^\(].*?);}{return ($1);}g;
    s{([\w\)])([!=+/\*-]?=)([\w\(+-])}{$1 $2 $3}g;
    s{\s+$}{\n};g

Also add $FreeBSD$ where needed.

MFC after:	1 week
2002-02-06 13:30:31 +00:00
ru
7aa3bf6364 yp(4) -> yp(8).
PR:		docs/30797
2002-01-14 16:59:03 +00:00
ru
f858dca3dc mdoc(7) police: join split punctuation to macro calls. 2001-08-10 17:35:21 +00:00
sheldonh
7950d85ec2 can not -> cannot 2001-08-08 18:32:06 +00:00
kris
e737b9651c sprintf -> snprintf 2001-07-23 09:22:21 +00:00
obrien
9c97c8f02d Perform a major cleanup of the usr.sbin Makefiles.
These are not perfectly in agreement with each other style-wise, but they
are orders of orders of magnitude more consistent style-wise than before.
2001-07-20 06:20:32 +00:00
dd
911ca14c87 Remove whitespace at EOL. 2001-07-15 08:06:20 +00:00
ru
0d5f9334cf mdoc(7) police: removed HISTORY info from the .Os call. 2001-07-10 15:12:08 +00:00
dd
eaa6ee03b8 mdoc(7) police: remove extraneous .Pp before and/or after .Sh. 2001-07-09 09:54:33 +00:00
brian
8636b161b3 Fix the type of the NULL arg to execl()
Idea from: Theo de Raadt <deraadt@openbsd.org>
2001-07-09 09:24:06 +00:00
ru
05e503d80a mdoc(7) police: sort SEE ALSO xrefs (sort -b -f +2 -3 +1 -2). 2001-07-06 16:46:48 +00:00
kris
f6fc0970da Mark some functions as __printflike()
MFC After:	1 week
2001-07-05 08:17:06 +00:00
gshapiro
1d1fcd5758 The aliases file now lives in /etc/mail/.
PR:		misc/26648
MFC after:	3 days
2001-05-15 15:58:30 +00:00
ru
afd506414e - Backout botched attempt to introduce MANSECT feature.
- MAN[1-9] -> MAN.
2001-03-26 14:42:20 +00:00
wpaul
988be657c9 ypserv has intimate knowledge of the server transport handle which is
needed to make the asynchronous DNS lookup mechanism work. (It needs to
be able to get/set the transaction ID in the trasport handle so it can
deliver a delayed UDP response when a reply is received from a DNS
server.) With TI-TPC, the transport handle has changed slightly (what
used to be an int is now a size_t) so we need to account for this.
2001-03-21 23:47:18 +00:00
alfred
f67e4a8fc7 Bring in a hybrid of SunSoft's transport-independent RPC (TI-RPC) and
associated changes that had to happen to make this possible as well as
bugs fixed along the way.

  Bring in required TLI library routines to support this.

  Since we don't support TLI we've essentially copied what NetBSD
  has done, adding a thin layer to emulate direct the TLI calls
  into BSD socket calls.

  This is mostly from Sun's tirpc release that was made in 1994,
  however some fixes were backported from the 1999 release (supposedly
  only made available after this porting effort was underway).

  The submitter has agreed to continue on and bring us up to the
  1999 release.

  Several key features are introduced with this update:
    Client calls are thread safe. (1999 code has server side thread
    safe)
    Updated, a more modern interface.

  Many userland updates were done to bring the code up to par with
  the recent RPC API.

  There is an update to the pthreads library, a function
  pthread_main_np() was added to emulate a function of Sun's threads
  library.

  While we're at it, bring in NetBSD's lockd, it's been far too
  long of a wait.

  New rpcbind(8) replaces portmap(8) (supporting communication over
  an authenticated Unix-domain socket, and by default only allowing
  set and unset requests over that channel). It's much more secure
  than the old portmapper.

  Umount(8), mountd(8), mount_nfs(8), nfsd(8) have also been upgraded
  to support TI-RPC and to support IPV6.

  Umount(8) is also fixed to unmount pathnames longer than 80 chars,
  which are currently truncated by the Kernel statfs structure.

Submitted by: Martin Blapp <mb@imp.ch>
Manpage review: ru
Secure RPC implemented by: wpaul
2001-03-19 12:50:13 +00:00
asmodai
2f1d3e2cdf Fix typo: seperate -> separate.
Seperate does not exist in the english language.
2001-02-06 11:21:58 +00:00
phk
021b2d087a Convert from CIRCLEQ to TAILQ. 2000-12-29 20:33:28 +00:00
ru
4bb5f49662 Prepare for mdoc(7)NG. 2000-12-27 15:30:30 +00:00
ru
c23c39b3a4 mdoc(7) police: removed history info from the .Os FreeBSD call. 2000-12-14 11:52:05 +00:00
ru
835a46c9c2 mdoc(7) police: do not split author names in the AUTHORS section. 2000-11-22 09:35:58 +00:00
ru
71e2293ad4 mdoc(7) police: use the new features of the Nm macro. 2000-11-20 20:10:44 +00:00
ru
7d99729431 Use Fx macro wherever possible. 2000-11-14 11:20:58 +00:00
nectar
748554442d Add nsswitch support. By creating an /etc/nsswitch.conf file, you can
configure FreeBSD so that various databases such as passwd and group can be
looked up using flat files, NIS, or Hesiod.

= Hesiod has been added to libc (see hesiod(3)).

= A library routine for parsing nsswitch.conf and invoking callback
  functions as specified has been added to libc (see nsdispatch(3)).

= The following C library functions have been modified to use nsdispatch:
    . getgrent, getgrnam, getgrgid
    . getpwent, getpwnam, getpwuid
    . getusershell
    . getaddrinfo
    . gethostbyname, gethostbyname2, gethostbyaddr
    . getnetbyname, getnetbyaddr
    . getipnodebyname, getipnodebyaddr, getnodebyname, getnodebyaddr

= host.conf has been removed from src/etc.  rc.network has been modified
  to warn that host.conf is no longer used at boot time.  In addition, if
  there is a host.conf but no nsswitch.conf, the latter is created at boot
  time from the former.

Obtained from:	NetBSD
2000-09-06 18:16:48 +00:00
kris
54b13849f6 Don't call syslog() without a format string. 2000-07-12 00:50:49 +00:00
brian
c6cc4497b1 Further protection against comments in /etc/{passwd,group}
Submitted by:	Andre Albsmeier <andre.albsmeier@mchp.siemens.de>
PR:		14269
2000-06-28 09:31:31 +00:00
brian
1c9174009e Handle comments and empty lines when generating YP passwd and group files
PR:		14269
Submitted by:	howard@ee.utah.edu
2000-06-15 15:51:49 +00:00
asmodai
3b6210310f Fix typo.
PR:		18845
Submitted by:	Kevin <kevin@ns1.stcp.net>
2000-06-04 16:15:56 +00:00
jake
961b97d434 Back out the previous change to the queue(3) interface.
It was not discussed and should probably not happen.

Requested by:		msmith and others
2000-05-26 02:09:24 +00:00
jake
d93fbc9916 Change the way that the queue(3) structures are declared; don't assume that
the type argument to *_HEAD and *_ENTRY is a struct.

Suggested by:	phk
Reviewed by:	phk
Approved by:	mdodd
2000-05-23 20:41:01 +00:00
asmodai
c1c57e031b Remove a bogus include. 2000-04-29 12:28:44 +00:00
sheldonh
244b8ead7d Remove more single-space hard sentence breaks. 2000-03-02 14:54:02 +00:00
sheldonh
b2240fc1c0 Remove single-space hard sentence breaks. These degrade the quality
of the typeset output, tend to make diffs harder to read and provide
bad examples for new-comers to mdoc.
2000-03-01 14:09:25 +00:00
mpp
0e58226b9f Fix various man pages to stop abusing the .Bx macro to generate
the string "FreeBSD".  Use the .Fx macro instead.
2000-01-23 02:10:01 +00:00
peter
efabb9ccb1 $Id$ -> $FreeBSD$ 1999-08-28 01:35:59 +00:00
wpaul
6adf54a509 Modify yp_mkdb so that it only checks for bogus '+' and '-' characters
in source input if the -f flag is used, and modify Makefile.yp to only
use -f for the passwd, master.passwd and group maps. These should be
the only ones for which the + and - characters have special meaning
that make it important for us to avoid letting them into any of the map
databases. In some cases (namely the automounter maps) we have to allow
at least the - character through in order to create the map properly.

This closes PR #8699.
1999-08-22 15:34:47 +00:00
mpp
94f5c41121 Various man page cleanup:
- Sort xrefs.
- FreeBSD.ORG -> FreeBSD.org
- Be consistent with section names as outlined in mdoc(7).
- Other misc mdoc cleanup.

PR:		doc/13144
Submitted by:	Alexey M. Zelkin <phantom@cris.net>
1999-08-15 08:47:11 +00:00
n_hibma
db6e1d6b4a Fix typo (missing double quote) 1999-06-24 17:20:54 +00:00
wpaul
cb9c9b65b7 Close PR #10971: flush the database cache after forking in ypproc_all_2_svc()
so that parent and child don't share DB handles.
1999-04-30 16:59:48 +00:00
wpaul
981525b537 Close PR #10970: exit at the end of ypproc_all_2_svc() instead of returning.
This really fixes the condition where a child creates children of its own.
I'm leaving the previous sanity tests in though, since they shouldn't hurt,
and will give an indication if this ever happens again.
1999-04-30 16:44:17 +00:00
wpaul
bcdf933fad Add some extra checks to make sure that a child ypserv process doesn't
try to fork() a child of its own, which could result in several children
ypservs running at once. I'm still not sure exactly what leads to this
condition, but these fixes should stop it from causing trouble. A new
function, yp_fork() checks to see if the current process is already a
child of the parent ypserv, and returns failure (and logs an error message)
rather than spawning another child.
1999-04-29 20:24:00 +00:00
wpaul
c72e0591e7 Close PR #11122: check key length before calling strncmp()
in yp_next_record().
1999-04-14 04:05:59 +00:00
ghelmer
0909dd46f2 Fix reference to rpc.yppasswdd.
PR:		docs/10171
1999-03-02 04:14:53 +00:00
ghelmer
23fb00599a Add a reference to the ypinit(8) command.
PR:		docs/7679 (in spirit)
1999-02-23 03:49:14 +00:00
wpaul
fdde373153 Add some tweaks to hopefully fix a problem I've started to notice recently.
Under certain conditions (possibly associated with heavy load), ypserv will
fork() child processes that don't exit like they're supposed to. I think
this is because of some suspect logic in the ypproc_all procedure. I updated
it to use what I hope is a more bulletproof approach.

Also tweaked yp_svc_run() a little so that the 'are we a child?' test happens
at every pass through the for(;;) loop, not just immediately after returning
from svc_getreqset2().
1999-02-10 16:16:14 +00:00
wosch
68cda92e4a Sort cross references. 1998-08-31 16:41:09 +00:00
wpaul
85db4f8301 DNS lookups for partially qualified hosts didn't work right. I was trying
to be clever by avoiding the 'check all domains in the search list'
cycle in certain cases, but this would lose if handed a name like
"foo.ctr" which refers to an FQDN of "foo.ctr.columbia.edu". If
"columbia.edu" is in the search list in /etc/resolv.conf then the
DNS lookup code should resolve it, but it didn't.
1998-08-10 19:43:33 +00:00
phk
2683102126 A comment in /usr/src/usr.sbin/ypserv/Makefile.yp
(a.k.a. /var/yp/Makefile.dist) refers to an obsoleted usage of the
-m option of rpc.yppasswdd.  It is currently taken over by the -t
option.  -m is used for a different purpose now.

PR:		7279
Reviewed by:	phk
Submitted by:	Amakawa Shuhei <amakawa@nebula.sf.t.u-tokyo.ac.jp>
1998-07-22 06:01:13 +00:00
des
cea29ea511 Allow blank lines in /var/yp/securenets. 1998-07-15 11:56:28 +00:00
imp
887f1b959b If we get back too much data to fit in result, return NULL. This avoids
a buffer overflow, but might negatively impact those hosts who have
enough aliases to fill MAXHOSTNAMELEN * 2 characters in them.

Good candidate for merging back into -stable.  Lightly tested by me, but
it came from OpenBSD a while ago.

Obtained from: OpenBSD
1998-06-09 05:06:27 +00:00
wpaul
6815553adf Protect errno in signal handlers, like in portmap. 1998-06-04 15:11:32 +00:00
bde
317c29f913 Fixed double slashes in pathnames. 1998-05-31 11:32:38 +00:00
bde
41d8b659be Removed bogus dependencies of generated .c files on generated headers. 1998-05-10 16:03:17 +00:00
charnier
6e321f37d4 .Sh AUTHOR -> .Sh AUTHORS. Use .An/.Aq. 1998-03-23 08:31:20 +00:00
bde
e8b7940ca2 Fixed `make -jN' for large N, as usual. Too usual for yp programs. 1998-03-06 14:51:35 +00:00
wpaul
932fd732a9 *sigh* I will not commit late at night. I will not commit late at night.
I will not commit late at night. I will not commit late at night.

I swear it's been Monday all week for me.

Apply proper fix for services target submitted by Andre Albsmeier
<andre.albsmeier@mchp.siemens.de>. Sorry for botching this that last
time, Andre. (Could have been worse: t least I didn't break the build.)
1998-02-21 18:14:30 +00:00
wpaul
d7895ddcdd Arghhh.... another missing backslash. Yes, I feel stupid. 1998-02-20 04:00:48 +00:00
wpaul
fb3f84b8bf Doh! Replace backslash that got eaten by gremlins in the last commit. 1998-02-18 04:11:49 +00:00
wpaul
8fe3eebc42 Close PR #2206: fix the services.byname target so that it can handle
/etc/services entries with any protocol instead of just udp and tcp.
Rather thani having the awk script explicitly search for 'udp' or 'tcp'
in the second field using index(), use split() to break up the field
at the '/' character if it exists, which extracts the protocol from
the field no matter what it is.

PR: 2206
1998-02-13 03:38:41 +00:00
wpaul
02d038fd99 Fix a bug in the database handle caching. This has to do with the way the
underlying database code works. When dealing with first/next queries, you
have the notion of a database 'cursor,' which is essentially a file pointer
for the database. To select the first entry, you do a fetch with the
R_FIRST flag set, then you can use the R_NEXT flag to enumerate the other
entries in the database. Unfortunately, doing a direct fetch with no flag
does _not_ set the 'cursor,' so you can't do a direct fetch and then
enumerate the table from there.

The bug is that cached handles generated as the result of a YPPROC_MATCH
were being treated as though they were the same as handles generated by
a YPPROC_FIRST, which is not the case. The manifestation is that if you
do a 'ypmatch first-key-in-map map' followed by a yp_first()/yp_next()
pair, the yp_first() and yp_next() both return the first key in the
table, which makes the entry appear to be duplicated.

A couple smaller things since I'm here:

- yp_main.c and yp_error.c both have a global 'int debug' in them.
  For some reason, our cc/ld doesn't flag this as a multiply defined
  symbol even though it should. Removed the declaration from yp_main.c;
  we want the one in yp_error.c.

- The Makefile wasn't installing ypinit in the right place.
1998-02-11 19:15:32 +00:00
wpaul
dbf89ade74 Fix Makefile.yp so that it no longer creates a temporary file called
/tmp/ypmake, thereby fixing problems with successive map updates
possibly reading stale copies of this file left behind by a previous
failed run.

PR:	 5571
1998-02-04 16:16:58 +00:00
steve
0344603634 Allow comments to begin with multiple '#' characters.
PR:		4452
Submitted by:	Joao Carlos Mendes Luis <Jonny@mailhost.coppe.ufrj.br>
1998-01-25 17:51:10 +00:00
wpaul
a8cf9c15e2 Some touchups courtesy of Philippe Charnier. 1997-11-16 03:49:12 +00:00
wpaul
7f52bb826f Add a ypinit script and man page (script lifted from OpenBSD and haqued
to work on FreeBSD, man page written by me.)

Also change Makefile.yp a little to be more tolerane in the face of
missing source files. Print a message if we can't find /var/yp/master.passwd
telling the user what to do to fix things.
1997-11-10 22:17:13 +00:00
jseger
2f14780669 Fix typo: 129.168.128.0 -> 192.168.128.0
PR:		docs/4871
Submitted by:	sec@42.org
1997-11-01 15:55:09 +00:00
charnier
24e614e49c Typos in man page. Cosmetics in error strings. 1997-10-29 07:25:05 +00:00
wpaul
1dfa4285cf Don't initialize structures from other variables; gcc -ansi -pedantic
doesn't allow it. Use proper constants instead.
1997-08-10 20:37:48 +00:00
wpaul
b0b11b66e9 Fix for PR #4147: apparently BIND now returns a status of NO_RECOVERY
at the end of gethostanswer()/getanswer()/whatever where it used to
return TRY_AGAIN. This breaks the domain list traversal in ypserv's
async DNS lookup module: it would only retry using the domain(s) from
the 'domain' or 'search' lines in /etc/resolv.conf if __dns_getanswer()
returned TRY_AGAIN.

Changed the test so that either TRY_AGAIN or NO_RECOVERY will work.
This seemed to me the best solution in the event somebody tries to
compile this code on an older system with a different version of BIND.
(You shouldn't do that of course, but then there's a lot of things
in the world that you shouldn't do and people do them anyway.)
1997-07-28 14:13:57 +00:00
wpaul
f62fd8fa9d Fix a bug in the async DNS resolver that can crash ypserv. yp_prune_dnsq()
is not sane: if the TTL on a pending but unanswered query hits 0 and the
circular queue entry is removed and free()d, the for() loop may still try
to use the entry pointer (which now points at no longer valid memory).
usually, deleting only the last entry off the end of the queue worked, but
if more than one was deleted, the server would crash. I changed things a
bit so this shouldn't happen anymore.

Also arranged to call the prune routine a bit more often.
1997-07-27 03:41:53 +00:00
wpaul
cf099b5a5f Fix a very stupid heap corruption bug: in ypproc_match_2_svc(), when
we decide to do a DNS lookup, we NUL terminate the key string provided
by the client before passing it into the DNS lookup module. This is
actually wrong. Assume the key is 'foo.com'. In this case, key.keydat_val
will be "foo.com" and key.keydat_len will be 7 (seven characters; the
string is not NUL-terminated so it is not 8 as you might expect).
The string "foo.com" is actually allocated by the XDR routines when the
RPC request is decoded; exactly 7 bytes are allocated. By adding a NUL,
the string becomes "foo.com\0", but the '\0' goes into an 8th byte which
was never allocated for this string and which could be anywhere. The result
is that while the initial request may succeed, we could trash other
dynamically allocated structures (like, oh, I dunno, the circular map
cache queue?) and SEGV later. This is in fact what happens.

The fix is to copy the string into a larger local buffer and NUL-terminate
that buffer instead.

Crash first reported by: Ricky Chan <ricky@come.net.uk>
Bug finally located with: Electric Fence 2.0.5
1997-07-21 17:39:39 +00:00
wpaul
c7507c1409 Back out one of my paranoia tests from the last commit here; yp_access()
already deals with it appropriately. (You know you've been working too
hard when you forget how your own code works.)
1997-04-28 14:18:38 +00:00
jmg
230b023a13 fix some typos, and some slight clean up...
Closes PR#3266
1997-04-15 07:41:10 +00:00
wpaul
2d779f05ef Add a sanity test to ypproc_xfr_2_svc(): check that the map and domain
in the transfer request actually exist. Technically ypxfr can do this too,
but why waste the cycles getting ypxfr off the ground for a transfer we
already know is going to fail.

Also apply stricter access control rules; ypproc_xfr_2_svc() is in a
different class than the normal map access procedures procedures.
1997-04-10 14:12:51 +00:00
imp
691010efad compare return value from getopt against -1 rather than EOF, per the final
posix standard on the topic.
1997-03-31 05:11:47 +00:00
peter
b782f4df30 Revert $FreeBSD$ to $Id$ 1997-02-22 16:15:28 +00:00
wpaul
8f656b769a Two small tweaks:
- servers should be the first target listed in 'all:' in order for slave
  servers to be updated correctly: yppush reads the ypservers map to figure
  out where all the slaves are, so it needs to be loaded onto the master
  ASAP.

- Fixed small bogon in publickey target which nobody has noticed since
  we're not using the publickey.byname map yet.
1997-02-09 19:19:14 +00:00
wpaul
be04db9817 Close PR# 2645: add curly braces where my fevered brain in collusion
with my frantic fingers forgot to put them.
1997-02-06 05:28:52 +00:00
tg
7dabfb7657 Typo. 1997-02-04 07:06:14 +00:00
wpaul
e9b8af16aa Fix bug that slipped through last big round of changes: sometimes
yp_next_record() is called without a key (from xdr_my_ypresp_all()),
in which case it returns the first key in the map. When doing this,
it also needs to update the key index in the map queue entry. Without
this, ypproc_all_2_svc() (and hence ypcat) don't work correctly.

Noticed by: Michael L. Hench <hench@watt.cae.uwm.edu>
1997-01-20 03:33:36 +00:00
jkh
808a36ef65 Make the long-awaited change from $Id$ to $FreeBSD$
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.

Boy, I'm glad we're not using sup anymore.  This update would have been
insane otherwise.
1997-01-14 07:20:47 +00:00
wpaul
63a6a9d9fb Ack. When I moved the getsockopt() calls, I forgot to move the lines
that initialize the getsockopt() args (type and len) too.
1997-01-12 08:18:17 +00:00
wpaul
8eff4cb820 yp_server.c:
- Fail YPPROC_ALL requests when we hit the child process limit. This
  is a little harsh, but it helps prevent the parent from blocking
  and causing other requests to time out.

yp_dnslookup.c:
- Check for duplicate RPC transaction IDs that indicate duplicate
  requests sent due to RPC retransmissions. We don't want to send
  a second DNS request for the same data while an existing request
  is in progress.

- Fix small formatting bogon in snprintf() in yp_async_lookup_addr().
1997-01-07 06:07:21 +00:00
wpaul
3b0e03bad3 Eek: the 'check for / in map names' test I added a while back detects
slashes in map names but doesn't return failure if it finds them. Add
missing return(1) to fix this.
1997-01-06 06:27:55 +00:00
peter
35394c309a Make the select() call work like the others in the system.. ie: don't
assume that the timeval will be preserved.  As the man page says:
".. it is unwise to assume that the timeout value will be unmodified
by the select() call."  This happens on Linux and on my system at least.
1996-12-30 18:51:59 +00:00
peter
83f2eb88bd Fix harmless bug found by new pointer-to-function prototypes. 1996-12-30 15:32:43 +00:00
wpaul
9595ea6d1e More async resolver refinements:
- yp_main.c: Always add the resolver socket to the set of fds
  monitored by select(). It can happen that pending == 0 but we
  still have some data in the socket buffer from an old query.
  This way, the data will be flushed in a timely manner.

- yp_extern.h: remove proto for yp_dns_pending() since we don't need
  it anynmore.

- yp_server.c: call yp_async_lookup_name()/yp_async_lookup_addr()
  functions with the svc_req pointer as an arg instead of the xprt.
  (The svc_req struct includes a pointer to the transport handle,
  and it also has the service version number which the async DNS
  code will need. (see below))

- yp_dnslookup.c:

   o Nuke yp_dns_pending() since we don't need it anymore.
   o In yp_run_dnsq(), swallow up and ignore replies if no requests
     are pending or the ID doesn't match any of the IDs in the queue.
   o In yp_send_dns_reply(), we assume that we will always be
     replying to an NIS v2 client. While this will probably always
     be the case, we do support the v1 'match' procedure, and it
     has a different result struct than v2. For completeness,
     support replying to both NIS v1 and v2 clients.
   o Update the queue entry structure to include a member to
     keep track of the NIS version number.
   o Have yp_async_lookup_name/addr() extract the version number
     from the svc_req structure and save it with the queue entry
     for yp_send_dns_reply() to inspect later.
   o Add some comments.
1996-12-25 18:10:35 +00:00
wpaul
d99939c736 Fix some bugs:
- Don't dereference a NULL hostent pointer (if T_PTR lookup fails).

- Today I asked myself: "Self, you wrote this nifty async resolver
  that does a great job handling delayed replies to clients using
  the UDP transport, and the yplib code in libc always uses UDP
  (except for yp_all()). But what if some dork makes a DNS lookup using
  TCP?" Being the only dork on hand at the time, I tried it and was
  enlightened. As I suspected, my transaction ID frobbing hacks cause
  fireworks if called on a TCP transport handle (duh: the structures
  are different). Fix: check the type of socket in xprt->xp_sock using
  getsockopt() and don't use svcudp_get_xid() and svcudp_set_xid() for
  anything except SOCK_DGRAM sockets. (Since accept() gives you a
  new socket for each connection, the transaction ID munging isn't
  needed for TCP anyway.)
1996-12-24 02:44:52 +00:00
wpaul
c1aa3ecaa1 Big round o changes:
- yp_dblookup.c: Create non-DB specific database access functions.
  Using these allows access to the underlying database functions without
  needing explicit knowledge of Berkeley DB. (These are used only
  when DB_CACHE is #defined. Other programs that use the non-caching
  functions (yp_mkdb, ypxfr, yppush, rpc.yppasswdd) shouldn't notice
  the difference.)

- yp_dnslookup: Implement async DNS lookups. We send our own DNS
  requests using UDP and put the request in a queue. When the response
  arrives, we use the ID in the header to find the corresponsing queue
  entry and then send the response to the client. We can go about our
  business and handle other YP requests in the meantime. This way, we
  can deal with time consuming DNS requests without blocking and without
  forking.

- yp_server.c: Convert to using new non-DB-specific database access
  functions. This simplifies the code a bit and removes the need for
  this module to know anything about Berkeley DB. Also convert the
  ypproc_match_2_svc() function to use the async DNS lookup routines.

- yp_main.c: tweak yp_svc_run() to add the resolver socket to the
  set of descriptors monitored in the select() loop. Also add a
  timeout to select(); we may get stale DNS requests stuck in the
  queue which we want to invalidate after a while. If the timeout
  hits, we decrement the ttl on all pending DNS requests and nuke
  those requests that aren't handled before ttl hits zero.

- yp_extern.h: Add prototypes for new stuff.

- yp_svc_udp.c (new file): The async resolver code needs to be able
  to rummage around inside the RPC UDP transport handle in order to
  work correcty. There's basically one transport handle, and each time
  a request comes in, the transaction ID in the handle is changed.
  This means that if we queue a DNS request, then we handle some other
  unrelated requests, we will be unable to send the DNS response because
  the transaction ID and remote address of the client that made the DNS
  request will have been lost. What we need to do is save the client
  address and transaction ID in the queue entry for the DNS request,
  then put the transaction ID and address back in the transport handle
  when we're ready to reply. (And then we have to undo the change so
  as not to confuse any other part of the server.) The trouble is that
  the transaction ID is hidden in an opaque part of the transport handle,
  and only the code in the svc_udp module in the RPC library knows how
  to handle it. This file contains a couple of functions that let us
  read and set the transaction ID in spite of this. This is really a
  dirty trick and I should be taken out and shot for even thinking about
  it, but there's no other way to get this stuff to work.

- Makefile: add yp_svc_udp.c to SRCS.
1996-12-22 22:30:58 +00:00
wpaul
47ee9196be Back out the non-forking YPPROC_ALL stuff. Whatever drugs I was doing
when I came up with this idea weren't strong enough to help me see it
through. If this was a self-contained application and I had complete
control over what data got sent through what socket and when, I might
be able to get everything to work right without blocking, but instead
I have RPC/XDR in between me and the socket layer, and they have their
own ideas about what to do.

Maybe one day I'll go totally mad and figure out the right way to do
this; in the meantime this mess goes on the back burner.
1996-12-03 02:37:39 +00:00
wpaul
7c59df49d9 This commit changes the YPPROC_ALL procecdure so that it handles requests
_without_ using fork().

The problem with YPPROC_ALL is that it transmits an entire map through
a TCP pipe as the result of a single RPC call. First of all, this requires
certain hackery in the XDR filter. Second, if the map being sent is
large, the server can end up spending lots of time in the XDR filter
sending to just the one client, while requests for other clients will
go unanswered.

My original solution for this was to fork() the request into a child
process which terminates after the map has been transmitted (or the
transfer is interrupted due to an error). This leaves the parent free
to handle other requests. But this solution is kind of lame: fork()
is relatively expensive, and we have to keep a cap on the number of
child processes to keep from swamping the system.

What we do now is grab control of the service transport handle and XDR
handle from the RPC library and send the records one at a time ourselves
instead of letting the RPC library do it. We send a record, then go
back to the svc_run() loop and select() on the socket. If select() says
we can still write data, we send the next record. Then we call
svc_getreqset() and handle other RPCs and loop around again. This way,
we can handle other RPCs between records.

We manage multiple YPPROC_ALL requests using a circular queue. When a
request is done, we dequeue it and destroy the handle. We also tag
each request with a ttl which is decremented whevever we run the queue
and a handle isn't serviced. This lets us nuke requests that have sat
idle for too long (if we didn't do this, we might run out of socket
descriptors.)

Now all I have to do is come up with an async resolver, and ypserv
won't need to fork() at all. :)

Note: these changes should not go into 2.2 unless they get a very
throrough shakedown before the final cutoff date.
1996-11-30 22:38:44 +00:00
wpaul
c80b197509 Eek! When I added the YP_INTERDOMAIN and YP_SECURE support, I documented
and set the B and S variables here, but I forgot to actually add them to
the master.passwd and hosts.* targets. In other words, they weren't being
passed to yp_mkdb as needed.

This needs to go into 2.2; it doesn't break things a lot, but it leaves
your master.passwd maps available to unprivileged users without you
realizing it.
1996-11-15 18:01:59 +00:00
wpaul
23c458cf11 Add support for handling the YP_SECURE and YP_INTERDOMAIN keys from
any maps that may have them. If the YP_SECURE key is present, ypserv
will only allow access to the map from clients on reserved ports.
If the YP_INTERDOMAIN key is present, the server will do DNS lookups
for hostnames that it can't find in hosts.byname or hosts.byaddr.
This is the same as the -d flag (which is retained for backwards
compatibility) but it can be set on a per-map/per-domain basis.

Also modified /var/yp/Makefile to add YP_INTERDOMAIN to the hosts.*
maps and YP_SECURE to master.passwd.* maps by default.
1996-10-24 18:58:26 +00:00
wpaul
b7a42c0562 In ypxfr_callback(), the failure to create an RPC CLIENT * handle for
the callback is a fatal error for this function; return immediatlely if
this happens. Also make the "failed to establish callback handle" error
mesaage print the IP address of the target callback host.
1996-10-23 15:49:22 +00:00