Commit Graph

56 Commits

Author SHA1 Message Date
wpaul
c7507c1409 Back out one of my paranoia tests from the last commit here; yp_access()
already deals with it appropriately. (You know you've been working too
hard when you forget how your own code works.)
1997-04-28 14:18:38 +00:00
jmg
230b023a13 fix some typos, and some slight clean up...
Closes PR#3266
1997-04-15 07:41:10 +00:00
wpaul
2d779f05ef Add a sanity test to ypproc_xfr_2_svc(): check that the map and domain
in the transfer request actually exist. Technically ypxfr can do this too,
but why waste the cycles getting ypxfr off the ground for a transfer we
already know is going to fail.

Also apply stricter access control rules; ypproc_xfr_2_svc() is in a
different class than the normal map access procedures procedures.
1997-04-10 14:12:51 +00:00
imp
691010efad compare return value from getopt against -1 rather than EOF, per the final
posix standard on the topic.
1997-03-31 05:11:47 +00:00
peter
b782f4df30 Revert $FreeBSD$ to $Id$ 1997-02-22 16:15:28 +00:00
wpaul
8f656b769a Two small tweaks:
- servers should be the first target listed in 'all:' in order for slave
  servers to be updated correctly: yppush reads the ypservers map to figure
  out where all the slaves are, so it needs to be loaded onto the master
  ASAP.

- Fixed small bogon in publickey target which nobody has noticed since
  we're not using the publickey.byname map yet.
1997-02-09 19:19:14 +00:00
wpaul
be04db9817 Close PR# 2645: add curly braces where my fevered brain in collusion
with my frantic fingers forgot to put them.
1997-02-06 05:28:52 +00:00
tg
7dabfb7657 Typo. 1997-02-04 07:06:14 +00:00
wpaul
e9b8af16aa Fix bug that slipped through last big round of changes: sometimes
yp_next_record() is called without a key (from xdr_my_ypresp_all()),
in which case it returns the first key in the map. When doing this,
it also needs to update the key index in the map queue entry. Without
this, ypproc_all_2_svc() (and hence ypcat) don't work correctly.

Noticed by: Michael L. Hench <hench@watt.cae.uwm.edu>
1997-01-20 03:33:36 +00:00
jkh
808a36ef65 Make the long-awaited change from $Id$ to $FreeBSD$
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.

Boy, I'm glad we're not using sup anymore.  This update would have been
insane otherwise.
1997-01-14 07:20:47 +00:00
wpaul
63a6a9d9fb Ack. When I moved the getsockopt() calls, I forgot to move the lines
that initialize the getsockopt() args (type and len) too.
1997-01-12 08:18:17 +00:00
wpaul
8eff4cb820 yp_server.c:
- Fail YPPROC_ALL requests when we hit the child process limit. This
  is a little harsh, but it helps prevent the parent from blocking
  and causing other requests to time out.

yp_dnslookup.c:
- Check for duplicate RPC transaction IDs that indicate duplicate
  requests sent due to RPC retransmissions. We don't want to send
  a second DNS request for the same data while an existing request
  is in progress.

- Fix small formatting bogon in snprintf() in yp_async_lookup_addr().
1997-01-07 06:07:21 +00:00
wpaul
3b0e03bad3 Eek: the 'check for / in map names' test I added a while back detects
slashes in map names but doesn't return failure if it finds them. Add
missing return(1) to fix this.
1997-01-06 06:27:55 +00:00
peter
35394c309a Make the select() call work like the others in the system.. ie: don't
assume that the timeval will be preserved.  As the man page says:
".. it is unwise to assume that the timeout value will be unmodified
by the select() call."  This happens on Linux and on my system at least.
1996-12-30 18:51:59 +00:00
peter
83f2eb88bd Fix harmless bug found by new pointer-to-function prototypes. 1996-12-30 15:32:43 +00:00
wpaul
9595ea6d1e More async resolver refinements:
- yp_main.c: Always add the resolver socket to the set of fds
  monitored by select(). It can happen that pending == 0 but we
  still have some data in the socket buffer from an old query.
  This way, the data will be flushed in a timely manner.

- yp_extern.h: remove proto for yp_dns_pending() since we don't need
  it anynmore.

- yp_server.c: call yp_async_lookup_name()/yp_async_lookup_addr()
  functions with the svc_req pointer as an arg instead of the xprt.
  (The svc_req struct includes a pointer to the transport handle,
  and it also has the service version number which the async DNS
  code will need. (see below))

- yp_dnslookup.c:

   o Nuke yp_dns_pending() since we don't need it anymore.
   o In yp_run_dnsq(), swallow up and ignore replies if no requests
     are pending or the ID doesn't match any of the IDs in the queue.
   o In yp_send_dns_reply(), we assume that we will always be
     replying to an NIS v2 client. While this will probably always
     be the case, we do support the v1 'match' procedure, and it
     has a different result struct than v2. For completeness,
     support replying to both NIS v1 and v2 clients.
   o Update the queue entry structure to include a member to
     keep track of the NIS version number.
   o Have yp_async_lookup_name/addr() extract the version number
     from the svc_req structure and save it with the queue entry
     for yp_send_dns_reply() to inspect later.
   o Add some comments.
1996-12-25 18:10:35 +00:00
wpaul
d99939c736 Fix some bugs:
- Don't dereference a NULL hostent pointer (if T_PTR lookup fails).

- Today I asked myself: "Self, you wrote this nifty async resolver
  that does a great job handling delayed replies to clients using
  the UDP transport, and the yplib code in libc always uses UDP
  (except for yp_all()). But what if some dork makes a DNS lookup using
  TCP?" Being the only dork on hand at the time, I tried it and was
  enlightened. As I suspected, my transaction ID frobbing hacks cause
  fireworks if called on a TCP transport handle (duh: the structures
  are different). Fix: check the type of socket in xprt->xp_sock using
  getsockopt() and don't use svcudp_get_xid() and svcudp_set_xid() for
  anything except SOCK_DGRAM sockets. (Since accept() gives you a
  new socket for each connection, the transaction ID munging isn't
  needed for TCP anyway.)
1996-12-24 02:44:52 +00:00
wpaul
c1aa3ecaa1 Big round o changes:
- yp_dblookup.c: Create non-DB specific database access functions.
  Using these allows access to the underlying database functions without
  needing explicit knowledge of Berkeley DB. (These are used only
  when DB_CACHE is #defined. Other programs that use the non-caching
  functions (yp_mkdb, ypxfr, yppush, rpc.yppasswdd) shouldn't notice
  the difference.)

- yp_dnslookup: Implement async DNS lookups. We send our own DNS
  requests using UDP and put the request in a queue. When the response
  arrives, we use the ID in the header to find the corresponsing queue
  entry and then send the response to the client. We can go about our
  business and handle other YP requests in the meantime. This way, we
  can deal with time consuming DNS requests without blocking and without
  forking.

- yp_server.c: Convert to using new non-DB-specific database access
  functions. This simplifies the code a bit and removes the need for
  this module to know anything about Berkeley DB. Also convert the
  ypproc_match_2_svc() function to use the async DNS lookup routines.

- yp_main.c: tweak yp_svc_run() to add the resolver socket to the
  set of descriptors monitored in the select() loop. Also add a
  timeout to select(); we may get stale DNS requests stuck in the
  queue which we want to invalidate after a while. If the timeout
  hits, we decrement the ttl on all pending DNS requests and nuke
  those requests that aren't handled before ttl hits zero.

- yp_extern.h: Add prototypes for new stuff.

- yp_svc_udp.c (new file): The async resolver code needs to be able
  to rummage around inside the RPC UDP transport handle in order to
  work correcty. There's basically one transport handle, and each time
  a request comes in, the transaction ID in the handle is changed.
  This means that if we queue a DNS request, then we handle some other
  unrelated requests, we will be unable to send the DNS response because
  the transaction ID and remote address of the client that made the DNS
  request will have been lost. What we need to do is save the client
  address and transaction ID in the queue entry for the DNS request,
  then put the transaction ID and address back in the transport handle
  when we're ready to reply. (And then we have to undo the change so
  as not to confuse any other part of the server.) The trouble is that
  the transaction ID is hidden in an opaque part of the transport handle,
  and only the code in the svc_udp module in the RPC library knows how
  to handle it. This file contains a couple of functions that let us
  read and set the transaction ID in spite of this. This is really a
  dirty trick and I should be taken out and shot for even thinking about
  it, but there's no other way to get this stuff to work.

- Makefile: add yp_svc_udp.c to SRCS.
1996-12-22 22:30:58 +00:00
wpaul
47ee9196be Back out the non-forking YPPROC_ALL stuff. Whatever drugs I was doing
when I came up with this idea weren't strong enough to help me see it
through. If this was a self-contained application and I had complete
control over what data got sent through what socket and when, I might
be able to get everything to work right without blocking, but instead
I have RPC/XDR in between me and the socket layer, and they have their
own ideas about what to do.

Maybe one day I'll go totally mad and figure out the right way to do
this; in the meantime this mess goes on the back burner.
1996-12-03 02:37:39 +00:00
wpaul
7c59df49d9 This commit changes the YPPROC_ALL procecdure so that it handles requests
_without_ using fork().

The problem with YPPROC_ALL is that it transmits an entire map through
a TCP pipe as the result of a single RPC call. First of all, this requires
certain hackery in the XDR filter. Second, if the map being sent is
large, the server can end up spending lots of time in the XDR filter
sending to just the one client, while requests for other clients will
go unanswered.

My original solution for this was to fork() the request into a child
process which terminates after the map has been transmitted (or the
transfer is interrupted due to an error). This leaves the parent free
to handle other requests. But this solution is kind of lame: fork()
is relatively expensive, and we have to keep a cap on the number of
child processes to keep from swamping the system.

What we do now is grab control of the service transport handle and XDR
handle from the RPC library and send the records one at a time ourselves
instead of letting the RPC library do it. We send a record, then go
back to the svc_run() loop and select() on the socket. If select() says
we can still write data, we send the next record. Then we call
svc_getreqset() and handle other RPCs and loop around again. This way,
we can handle other RPCs between records.

We manage multiple YPPROC_ALL requests using a circular queue. When a
request is done, we dequeue it and destroy the handle. We also tag
each request with a ttl which is decremented whevever we run the queue
and a handle isn't serviced. This lets us nuke requests that have sat
idle for too long (if we didn't do this, we might run out of socket
descriptors.)

Now all I have to do is come up with an async resolver, and ypserv
won't need to fork() at all. :)

Note: these changes should not go into 2.2 unless they get a very
throrough shakedown before the final cutoff date.
1996-11-30 22:38:44 +00:00
wpaul
c80b197509 Eek! When I added the YP_INTERDOMAIN and YP_SECURE support, I documented
and set the B and S variables here, but I forgot to actually add them to
the master.passwd and hosts.* targets. In other words, they weren't being
passed to yp_mkdb as needed.

This needs to go into 2.2; it doesn't break things a lot, but it leaves
your master.passwd maps available to unprivileged users without you
realizing it.
1996-11-15 18:01:59 +00:00
wpaul
23c458cf11 Add support for handling the YP_SECURE and YP_INTERDOMAIN keys from
any maps that may have them. If the YP_SECURE key is present, ypserv
will only allow access to the map from clients on reserved ports.
If the YP_INTERDOMAIN key is present, the server will do DNS lookups
for hostnames that it can't find in hosts.byname or hosts.byaddr.
This is the same as the -d flag (which is retained for backwards
compatibility) but it can be set on a per-map/per-domain basis.

Also modified /var/yp/Makefile to add YP_INTERDOMAIN to the hosts.*
maps and YP_SECURE to master.passwd.* maps by default.
1996-10-24 18:58:26 +00:00
wpaul
b7a42c0562 In ypxfr_callback(), the failure to create an RPC CLIENT * handle for
the callback is a fatal error for this function; return immediatlely if
this happens. Also make the "failed to establish callback handle" error
mesaage print the IP address of the target callback host.
1996-10-23 15:49:22 +00:00
wpaul
c8132b2e31 Close a potential security hole: if yp_access() is passed a map name,
have it check to see that it doesn't contain any '/' characters. This
prevents possible silliness like ypcat "../../../kernel". We already
test the domain name for this in yp_validdomain(), and ypserv itself
tests the map name in yp_open_db(), but it doesn't hurt to be paranoid
and test for it in the generic access routine too. rpc.ypxfrd does not
test the map name for slashes, but it does call yp_access() with the
map name, so this removes a potential vulnerability from there.

Also make the tests for IPPORT_RESERVED a little more selective: make
sure it trips when map == master.passwd.*, prog == YPPROC and proc ==
YPPROC_XFR, and prog == YPXFRD_FREEBSD_PROG and proc == YPXFRD_GETMAP.
Also use IPPORT_RESERVED instead of hard-coded value.
1996-09-30 22:27:00 +00:00
wpaul
3fe96e591a Toss the mkaliases script into the attic and remove its install
target from the Makefile. We don't need it anymore, and it was
broken anyway.
1996-09-15 00:39:20 +00:00
peter
0debdf16c2 Hmm, well, whaddya know? ypserv was making calls to the undocumented
private internal _gethostbydnsname() resolver functions..
1996-08-30 01:17:47 +00:00
mpp
b4aab8b6f6 Use the .Fx macro where appropriate. 1996-08-23 00:57:08 +00:00
adam
3c7c30f3ef was missing @ 1996-08-09 17:55:18 +00:00
peter
33391aed10 Fix the services.byname target so that it creates search keys for the
aliases of the "official" names as well, because now that getportbyname()
does a yp match, it no longer found the entries under the alias.
This broke rsh(1), because it looks up "shell/tcp" while the official
name in /etc/services is "cmd/tcp".
1996-07-25 19:32:37 +00:00
peter
ad62df628f Fix typo in last commit, it seems that a hash comments out a \ at the end
of line.

Also, fix existing bug in ethers.byname, it was passing an unknown option
to yppush.  This appears to have been a cut/paste slip intended for a
$(DBLOAD) command above it.
1996-07-24 14:04:57 +00:00
peter
085e6f78e5 Add sample rules for amd.host, mostly from the AMD docs, but tweaked to fit
the FreeBSD Makefile.yp structure by me.  This allows you to have a single
amd map for all machines in a cluster.

In /etc/sysconfig, it would look something like:
  amdflags="-p -a /net -c 1800 -l syslog /host amd.host"
1996-07-24 10:48:07 +00:00
adam
07c6f9532c 'mkaliases' is broken (strips spaces) so don't use it,
perhaps it can be removed altogether.
corrected typos
1996-07-18 23:48:13 +00:00
wpaul
a3d7fbc839 Re-implement the DB handle cache using a circular queue and manage
it with the CIRCLEQ macros. This simplifies the code a little, makes
it somewhat easier to read, and may be a little faster. (Actually I think
the performace is about the same.)

Also, in the non DB_CACHE case, save copies of data returned from
the database library in a static buffer, just in case we decide to use
it after the database has been closed. Technically, the memory that the
data pointers refer to belongs to the DB package and we can't count on
it being there after the database has been closed -- the DB package
frees its buffers. (With DB_CACHE #defined the databases are held
open so the buffers remain valid.) I don't think any of the utilities
that use the dblookup module have had any problems with this yet, but
there's no sense in taking any chances.
1996-07-07 23:02:41 +00:00
wpaul
010c2800ac Toss old mknetid script into the attic.
Adjust things slightly to support the new mknetid program.
1996-06-25 20:28:07 +00:00
wpaul
cf31622e83 Makefile.yp:
- Add a 'pushpw' target that only yppushes the various passwd maps
  and sends a YPPROC_CLEAR to the local ypserv. This will be used by
  rpc.yppasswdd once I merge in the in-place update changes.

yp_access.c:

- Make the yp_access() function print RPC program and procedure numbers
  that it doesn't know about in literal form. This will allow it to work
  with other prgrams that it doesn't know about, like rpc.ypxfrd I'm going
  to import shortly.

yp_dblookup.c:

- Take out the __inline keywords. They weren't really helping me anyway.

- Somehow I broke yp_next() when DB_CACHE wasn't #defined. Fix it.

- Also fix potential case where yp_next() might loop forever; make sure
  it checks the return values of all the (dbp->seq)()/R_NEXT calls that
  it does as well as comparing keys.
1996-06-05 02:01:31 +00:00
wpaul
7db7b1cde1 Small touch-ups -- no functional changes.
Fix some comments to reflect reality (in some cases I made changes
to code but not to the comments).

Change some instances of 'inline' to '__inline' to pacify
gcc -ansi -pedantic.

Use rcsid strings more consistently.

Make 'oldaddr' static in yp_access().

Use strcpy()/strcat() in yp_open_db_cache() instead of snprintf().
(Seems to be a little faster this way.)
1996-05-31 16:01:51 +00:00
wpaul
0f95e4e226 Performance enhancements (I hope) and new stuff:
yp_dblookup.c:

- Implement database handle caching. What this means is that instead
  of opening and closing map databases for each request, we open a
  database and save the handle (and, if requested, the key index)
  in an array. This saves a bit of overhead on things like repeated
  YPPROC_NEXT calls, such as you'd get from getpwent(). Normally,
  each YPPROC_NEXT would require open()ing the database, seeking
  to the location supplied by the caller (which is time consuming with
  hash databases as the R_CURSOR flag doesn't work), reading the
  data, close()ing the database and then shipping the data off to
  the caller. The system call overhead is prohibitive, especially
  with very large maps. By caching the handle to an open database,
  we elimitate at least the open()/close() system calls, as well
  as the associated DB setup and tear-down operations, for a large
  percentage of the time. This improves performance substantially at
  the cost of consuming a little more memory than before.

  Note that all the caching support is surrounded by #ifdef DB_CACHE
  so that this same source module can still be used by other programs
  that don't need it.

- Make yp_open_db() call yp_validdomain(). Doing it here saves cycles
  when caching is enabled since a hit on the map cache list by
  definition means that the domain being referenced is valid.

- Also make yp_open_db() check for exhaustion of file descriptors,
  just in case.

yp_server.c:

- Reorganize things a little to take advantage of the database
  handle caching. Add a call to yp_flush_all() in ypproc_clear_2_svc().

- Remove calls to yp_validdomain() from some of the service procedures.
  yp_validdomain() is called inside yp_open_db() now, so procedures that
  call into the database package don't need to use yp_validdomain()
  themselves.

- Fix a bogosity in ypproc_maplist_2_svc(): don't summarily initiallize
  the result.maps pointer to NULL. This causes yp_maplist_free()
  to fail and leaks memory.

- Make ypproc_master_2_svc() copy the string it gets from the database
  package into a private static buffer before trying to NUL terminate it.
  This is necessary with the DB handle caching: stuffing a NUL into the
  data returned by DB package will goof it up internally.

yp_main.c:

- Stuff for DB handle caching: call yp_init_dbs() to clear the
  handle array and add call to yp_flush_all() to the SIGHUP
  signal handler.

Makefile.yp:

- Reorganize to deal with database caching. yp_mkdb(8) can now be used
  to send a YPPROC_CLEAR signal to ypserv(8). Call it after each map
  is created to refresh ypserv's cache.

- Add support for mail.alias map.
  Contributed by Mike Murphy (mrm@sceard.com).

- Make default location for the netgroups source file be /var/yp/netgroup
  instead of /etc/netgroup.

mkaliases:

- New file: script to generate mail.alias map.
  Contributed by Mike Murphy (mrm@sceard.com).

Makefile:

- Install Makefile.yp as /var/yp/Makefile.dist and link it to
  /var/yp/Makefile only if /var/yp/Makefile doesn't already exist.
  Suggested by Peter Wemm.

- Install new mkaliases script in /usr/libexec along with mknetid.

- Use somewhat saner approach to generating rpcgen-dependent files
  as suggested by Garrett Wollman.
1996-04-28 04:38:52 +00:00
wpaul
46def09244 Fix for memory leak: specify NULL as openinfo parameter when calling
dbopen() to open an NIS map.

Testing with very large maps (e.g. a sample password database with 31,000+
entries) has shown that ypserv will leak memory (ps shows RSS and VSZ
growing to 4000 pages or more) when performing repeated yp_next()s or
a yp_all(). The problem with yp_all() is not immediately obvious since
the ypproc_all service is handled in a child process which exits once
the transfer is finished, but with repeated yp_next()s (like what you
get when you use getpwent() to scroll through the password database),
the parent ypserv grows to enormous size and never shrinks again.

It seems this is related to the HASHINFO parameters I used in yp_dblookup.c,
which I actually stole from pwd_mkdb. Calling dbopen() with the default
parameters (specifying openinfo as NULL) fixes the problem.

I still need to see how this impacts the other NIS tools. I'm also
considering changing from hash to btree databases: the hash database
method doesn't support R_CURSOR, which means yp_next_record() has to
do a lot of ugly work in order to reach an arbitrary location in the
database.
1996-04-11 20:54:15 +00:00
mpp
86b292ffbd Correct some man page cross references and file location references. 1996-04-07 00:06:21 +00:00
wpaul
b95fe018c1 Initialize a few more 'result' members in a few places (both in the v2
and v2 service procedures). Also fixed the formatting in a few places
to keep everything under 80 columns.
1996-03-01 03:49:47 +00:00
wpaul
8f1aea64e1 In ypproc_master_2_svc(), don't leave result.peer uninitialized when
returning an error.
1996-02-29 23:10:38 +00:00
adam
76b7e18f09 sense of 'mask' was reversed in default case of no securenets file. 1996-02-29 18:29:24 +00:00
guido
bf7c76b5e7 Typo (vi -> v1). 1996-02-26 20:09:22 +00:00
wpaul
086b2bc68e Add support for NIS v1 client procedures. The following procedures
are currently implemented:

YPOLDPROC_NULL
YPOLDPROC_DOMAIN
YPOLDPROC_DOMAIN_NONACK
YPOLDPROC_FIRST
YPOLDPROC_NEXT
YPOLDPROC_MATCH
YPOLDPROC_POLL

These are all implemented as wrappers around their v2 counterparts.

The YPOLDPROC_PUSH, PULL and GET procedures are not implemented since
a) I couldn't figure out exactly what to have them do, and b) I
suspect they're used for doing map transfers between master and
slave servers, which we already do using the v2 protocol anyway.
This means we can server NIS v1 clients but can't be a master or
slave with NIS v1-only servers. I think I'll get over it. :)

The -k (sunos_4_kludge) flag and associated code has been removed
since it is no longer needed.

Also tweaked yp_access() to handle both sets of procedures and
updated the man page.
1996-02-26 02:34:27 +00:00
wpaul
b4af745345 Duh: remember to #include <stdlib.h> to pick up declarations for
malloc() and free().
1996-02-25 19:25:23 +00:00
wpaul
ad0849d890 Add real securenets support. By default, ypserv now uses /var/yp/securenets
in the same was as the SunOS ypserv (same format, described in ypserv man
page). If the user wants tcpwrapper style access control, they can
recompile ypserv to use that instead. This way we get securenets without
having to ship libwrap.a and tcpd.h with core FreeBSD distribution.

If /var/yp/securenets doesn't exist, ypserv allows all connections.
1996-02-24 22:01:48 +00:00
mpp
3aeb7f1d49 Correct a bunch of man page cross references and generally
try and silence "manck".

ncurses, rpc, and some of the gnu stuff are still a big mess, however.
1996-02-11 22:38:05 +00:00
wpaul
cd85caa537 Makefile.yp:
- Improve support for multiple domains. (In preparation for new rpc.yppasswdd.)

yp_dblookup.c:
- Improve error reporting: be more selective as to what error code
  we return when a (dbp->get) fails.
1996-02-04 05:39:35 +00:00
wpaul
f9c3de604c Found an instance of yp_error() in yp_maplist_create() that had two %s
tokens but only one argument; fixed by putting in missing argument.
1996-01-31 15:21:56 +00:00
mpp
511d4f82b2 Fix a bunch of spelling errors in a bunch of man pages. 1996-01-30 13:52:50 +00:00