ypxfr_main.c revision 330897 
1/*-
2 * SPDX-License-Identifier: BSD-4-Clause
3 *
4 * Copyright (c) 1995
5 *	Bill Paul <wpaul@ctr.columbia.edu>.  All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 *    notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 *    notice, this list of conditions and the following disclaimer in the
14 *    documentation and/or other materials provided with the distribution.
15 * 3. All advertising materials mentioning features or use of this software
16 *    must display the following acknowledgement:
17 *	This product includes software developed by Bill Paul.
18 * 4. Neither the name of the author nor the names of any co-contributors
19 *    may be used to endorse or promote products derived from this software
20 *    without specific prior written permission.
21 *
22 * THIS SOFTWARE IS PROVIDED BY Bill Paul AND CONTRIBUTORS ``AS IS'' AND
23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25 * ARE DISCLAIMED.  IN NO EVENT SHALL Bill Paul OR CONTRIBUTORS BE LIABLE
26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 * SUCH DAMAGE.
33 */
34
35#include <sys/cdefs.h>
36__FBSDID("$FreeBSD: stable/11/libexec/ypxfr/ypxfr_main.c 330897 2018-03-14 03:19:51Z eadler $");
37
38#include <errno.h>
39#include <stdio.h>
40#include <stdlib.h>
41#include <string.h>
42#include <syslog.h>
43#include <unistd.h>
44#include <sys/types.h>
45#include <sys/param.h>
46#include <sys/socket.h>
47#include <netinet/in.h>
48#include <arpa/inet.h>
49#include <rpc/rpc.h>
50#include <rpc/clnt.h>
51#include <rpcsvc/yp.h>
52#include <rpcsvc/ypclnt.h>
53#include <rpcsvc/ypxfrd.h>
54#include "ypxfr_extern.h"
55
56char *progname = "ypxfr";
57char *yp_dir = _PATH_YP;
58int _rpcpmstart = 0;
59static int ypxfr_use_yplib = 0; /* Assume the worst. */
60static int ypxfr_clear = 1;
61static int ypxfr_prognum = 0;
62static struct sockaddr_in ypxfr_callback_addr;
63static struct yppushresp_xfr ypxfr_resp;
64static DB *dbp;
65
66static void
67ypxfr_exit(ypxfrstat retval, char *temp)
68{
69	CLIENT *clnt;
70	int sock = RPC_ANYSOCK;
71	struct timeval timeout;
72
73	/* Clean up no matter what happened previously. */
74	if (temp != NULL) {
75		if (dbp != NULL)
76			(void)(dbp->close)(dbp);
77		if (unlink(temp) == -1) {
78			yp_error("failed to unlink %s",strerror(errno));
79		}
80	}
81
82	if (ypxfr_prognum) {
83		timeout.tv_sec = 20;
84		timeout.tv_usec = 0;
85
86		if ((clnt = clntudp_create(&ypxfr_callback_addr, ypxfr_prognum,
87					1, timeout, &sock)) == NULL) {
88			yp_error("%s", clnt_spcreateerror("failed to "
89			    "establish callback handle"));
90			exit(1);
91		}
92
93		ypxfr_resp.status = (yppush_status)retval;
94
95		if (yppushproc_xfrresp_1(&ypxfr_resp, clnt) == NULL) {
96			yp_error("%s", clnt_sperror(clnt, "callback failed"));
97			clnt_destroy(clnt);
98			exit(1);
99		}
100		clnt_destroy(clnt);
101	} else {
102		yp_error("Exiting: %s", ypxfrerr_string(retval));
103	}
104
105	exit(0);
106}
107
108static void
109usage(void)
110{
111	if (_rpcpmstart) {
112		ypxfr_exit(YPXFR_BADARGS,NULL);
113	} else {
114		fprintf(stderr, "%s\n%s\n%s\n",
115	"usage: ypxfr [-f] [-c] [-d target domain] [-h source host]",
116	"             [-s source domain] [-p path]",
117	"             [-C taskid program-number ipaddr port] mapname");
118		exit(1);
119	}
120}
121
122int
123ypxfr_foreach(int status, char *key, int keylen, char *val, int vallen,
124    char *data)
125{
126	DBT dbkey, dbval;
127
128	if (status != YP_TRUE)
129		return (status);
130
131	/*
132	 * XXX Do not attempt to write zero-length keys or
133	 * data into a Berkeley DB hash database. It causes a
134	 * strange failure mode where sequential searches get
135	 * caught in an infinite loop.
136	 */
137	if (keylen) {
138		dbkey.data = key;
139		dbkey.size = keylen;
140	} else {
141		dbkey.data = "";
142		dbkey.size = 1;
143	}
144	if (vallen) {
145		dbval.data = val;
146		dbval.size = vallen;
147	} else {
148		dbval.data = "";
149		dbval.size = 1;
150	}
151
152	if (yp_put_record(dbp, &dbkey, &dbval, 0) != YP_TRUE)
153		return(yp_errno);
154
155	return (0);
156}
157
158int
159main(int argc, char *argv[])
160{
161	int ch;
162	int ypxfr_force = 0;
163	char *ypxfr_dest_domain = NULL;
164	char *ypxfr_source_host = NULL;
165	char *ypxfr_source_domain = NULL;
166	char *ypxfr_local_domain = NULL;
167	char *ypxfr_master = NULL;
168	unsigned long ypxfr_order = -1, ypxfr_skew_check = -1;
169	char *ypxfr_mapname = NULL;
170	int ypxfr_args = 0;
171	char ypxfr_temp_map[MAXPATHLEN + 2];
172	char tempmap[MAXPATHLEN + 2];
173	char buf[MAXPATHLEN + 2];
174	DBT key, data;
175	int remoteport;
176	int interdom = 0;
177	int secure = 0;
178
179	debug = 1;
180
181	if (!isatty(fileno(stderr))) {
182		openlog("ypxfr", LOG_PID, LOG_DAEMON);
183		_rpcpmstart = 1;
184	}
185
186	if (argc < 2)
187		usage();
188
189	while ((ch = getopt(argc, argv, "fcd:h:s:p:C:")) != -1) {
190		int my_optind;
191		switch (ch) {
192		case 'f':
193			ypxfr_force++;
194			ypxfr_args++;
195			break;
196		case 'c':
197			ypxfr_clear = 0;
198			ypxfr_args++;
199			break;
200		case 'd':
201			ypxfr_dest_domain = optarg;
202			ypxfr_args += 2;
203			break;
204		case 'h':
205			ypxfr_source_host = optarg;
206			ypxfr_args += 2;
207			break;
208		case 's':
209			ypxfr_source_domain = optarg;
210			ypxfr_args += 2;
211			break;
212		case 'p':
213			yp_dir = optarg;
214			ypxfr_args += 2;
215			break;
216		case 'C':
217			/*
218			 * Whoever decided that the -C flag should take
219			 * four arguments is a twit.
220			 */
221			my_optind = optind - 1;
222			if (argv[my_optind] == NULL || !strlen(argv[my_optind])) {
223				yp_error("transaction ID not specified");
224				usage();
225			}
226			ypxfr_resp.transid = atol(argv[my_optind]);
227			my_optind++;
228			if (argv[my_optind] == NULL || !strlen(argv[my_optind])) {
229				yp_error("RPC program number not specified");
230				usage();
231			}
232			ypxfr_prognum = atol(argv[my_optind]);
233			my_optind++;
234			if (argv[my_optind] == NULL || !strlen(argv[my_optind])) {
235				yp_error("address not specified");
236				usage();
237			}
238			if (!inet_aton(argv[my_optind], &ypxfr_callback_addr.sin_addr)) {
239				yp_error("failed to convert '%s' to IP addr",
240					argv[my_optind]);
241				exit(1);
242			}
243			my_optind++;
244			if (argv[my_optind] == NULL || !strlen(argv[my_optind])) {
245				yp_error("port not specified");
246				usage();
247			}
248			ypxfr_callback_addr.sin_port = htons((u_short)atoi(argv[my_optind]));
249			ypxfr_args += 5;
250			break;
251		default:
252			usage();
253			break;
254		}
255	}
256
257	ypxfr_mapname = argv[ypxfr_args + 1];
258
259	if (ypxfr_mapname == NULL) {
260		yp_error("no map name specified");
261		usage();
262	}
263
264	/* Always the case. */
265	ypxfr_callback_addr.sin_family = AF_INET;
266
267	/* Determine if local NIS client facilities are turned on. */
268	if (!yp_get_default_domain(&ypxfr_local_domain) &&
269	    _yp_check(&ypxfr_local_domain))
270		ypxfr_use_yplib = 1;
271
272	/*
273	 * If no destination domain is specified, assume that the
274	 * local default domain is to be used and try to obtain it.
275	 * Fails if NIS client facilities are turned off.
276	 */
277	if (ypxfr_dest_domain == NULL) {
278		if (ypxfr_use_yplib) {
279			yp_get_default_domain(&ypxfr_dest_domain);
280		} else {
281			yp_error("no destination domain specified and \
282the local domain name isn't set");
283			ypxfr_exit(YPXFR_BADARGS,NULL);
284		}
285	}
286
287	/*
288	 * If a source domain is not specified, assume it to
289	 * be the same as the destination domain.
290	 */
291	if (ypxfr_source_domain == NULL) {
292		ypxfr_source_domain = ypxfr_dest_domain;
293	}
294
295	/*
296	 * If the source host is not specified, assume it to be the
297	 * master for the specified map. If local NIS client facilities
298	 * are turned on, we can figure this out using yp_master().
299	 * If not, we have to see if a local copy of the map exists
300	 * and extract its YP_MASTER_NAME record. If _that_ fails,
301	 * we are stuck and must ask the user for more information.
302	 */
303	if (ypxfr_source_host == NULL) {
304		if (!ypxfr_use_yplib) {
305		/*
306		 * Double whammy: NIS isn't turned on and the user
307		 * didn't specify a source host.
308		 */
309			char *dptr;
310			key.data = "YP_MASTER_NAME";
311			key.size = sizeof("YP_MASTER_NAME") - 1;
312
313			if (yp_get_record(ypxfr_dest_domain, ypxfr_mapname,
314					 &key, &data, 1) != YP_TRUE) {
315				yp_error("no source host specified");
316				ypxfr_exit(YPXFR_BADARGS,NULL);
317			}
318			dptr = data.data;
319			dptr[data.size] = '\0';
320			ypxfr_master = ypxfr_source_host = strdup(dptr);
321		}
322	} else {
323		if (ypxfr_use_yplib)
324			ypxfr_use_yplib = 0;
325	}
326
327	if (ypxfr_master == NULL) {
328		if ((ypxfr_master = ypxfr_get_master(ypxfr_source_domain,
329					    	 ypxfr_mapname,
330					     	ypxfr_source_host,
331					     	ypxfr_use_yplib)) == NULL) {
332			yp_error("failed to find master of %s in domain %s: %s",
333				  ypxfr_mapname, ypxfr_source_domain,
334				  ypxfrerr_string((ypxfrstat)yp_errno));
335			ypxfr_exit(YPXFR_MADDR,NULL);
336		}
337	}
338
339	/*
340	 * If we got here and ypxfr_source_host is still undefined,
341	 * it means we had to resort to using yp_master() to find the
342	 * master server for the map. The source host and master should
343	 * be identical.
344	 */
345	if (ypxfr_source_host == NULL)
346		ypxfr_source_host = ypxfr_master;
347
348	/*
349	 * Don't talk to ypservs on unprivileged ports.
350	 */
351	remoteport = getrpcport(ypxfr_source_host, YPPROG, YPVERS, IPPROTO_UDP);
352	if (remoteport >= IPPORT_RESERVED) {
353		yp_error("ypserv on %s not running on reserved port",
354						ypxfr_source_host);
355		ypxfr_exit(YPXFR_REFUSED, NULL);
356	}
357
358	if ((ypxfr_order = ypxfr_get_order(ypxfr_source_domain,
359					     ypxfr_mapname,
360					     ypxfr_master, 0)) == 0) {
361		yp_error("failed to get order number of %s: %s",
362				ypxfr_mapname, yp_errno == YP_TRUE ?
363				"map has order 0" :
364				ypxfrerr_string((ypxfrstat)yp_errno));
365		ypxfr_exit(YPXFR_YPERR,NULL);
366	}
367
368	if (ypxfr_match(ypxfr_master, ypxfr_source_domain, ypxfr_mapname,
369			"YP_INTERDOMAIN", sizeof("YP_INTERDOMAIN") - 1))
370		interdom++;
371
372	if (ypxfr_match(ypxfr_master, ypxfr_source_domain, ypxfr_mapname,
373			"YP_SECURE", sizeof("YP_SECURE") - 1))
374		secure++;
375
376	key.data = "YP_LAST_MODIFIED";
377	key.size = sizeof("YP_LAST_MODIFIED") - 1;
378
379	/* The order number is immaterial when the 'force' flag is set. */
380
381	if (!ypxfr_force) {
382		int ignore = 0;
383		if (yp_get_record(ypxfr_dest_domain,ypxfr_mapname,&key,&data,1) != YP_TRUE) {
384			switch (yp_errno) {
385			case YP_NOKEY:
386				ypxfr_exit(YPXFR_FORCE,NULL);
387				break;
388			case YP_NOMAP:
389				/*
390				 * If the map doesn't exist, we're
391				 * creating it. Ignore the error.
392				 */
393				ignore++;
394				break;
395			case YP_BADDB:
396			default:
397				ypxfr_exit(YPXFR_DBM,NULL);
398				break;
399			}
400		}
401		if (!ignore && ypxfr_order <= atoi(data.data))
402			ypxfr_exit(YPXFR_AGE, NULL);
403
404	}
405
406	/* Construct a temporary map file name */
407	snprintf(tempmap, sizeof(tempmap), "%s.%d",ypxfr_mapname, getpid());
408	snprintf(ypxfr_temp_map, sizeof(ypxfr_temp_map), "%s/%s/%s", yp_dir,
409		 ypxfr_dest_domain, tempmap);
410
411	if ((remoteport = getrpcport(ypxfr_source_host, YPXFRD_FREEBSD_PROG,
412					YPXFRD_FREEBSD_VERS, IPPROTO_TCP))) {
413
414		/* Don't talk to rpc.ypxfrds on unprovileged ports. */
415		if (remoteport >= IPPORT_RESERVED) {
416			yp_error("rpc.ypxfrd on %s not using privileged port",
417							ypxfr_source_host);
418			ypxfr_exit(YPXFR_REFUSED, NULL);
419		}
420
421		/* Try to send using ypxfrd. If it fails, use old method. */
422		if (!ypxfrd_get_map(ypxfr_source_host, ypxfr_mapname,
423					ypxfr_source_domain, ypxfr_temp_map))
424			goto leave;
425	}
426
427	/* Open the temporary map read/write. */
428	if ((dbp = yp_open_db_rw(ypxfr_dest_domain, tempmap, 0)) == NULL) {
429		yp_error("failed to open temporary map file");
430		ypxfr_exit(YPXFR_DBM,NULL);
431	}
432
433	/*
434	 * Fill in the keys we already know, such as the order number,
435	 * master name, input file name (we actually make up a bogus
436	 * name for that) and output file name.
437	 */
438	snprintf(buf, sizeof(buf), "%lu", ypxfr_order);
439	data.data = buf;
440	data.size = strlen(buf);
441
442	if (yp_put_record(dbp, &key, &data, 0) != YP_TRUE) {
443		yp_error("failed to write order number to database");
444		ypxfr_exit(YPXFR_DBM,ypxfr_temp_map);
445	}
446
447	key.data = "YP_MASTER_NAME";
448	key.size = sizeof("YP_MASTER_NAME") - 1;
449	data.data = ypxfr_master;
450	data.size = strlen(ypxfr_master);
451
452	if (yp_put_record(dbp, &key, &data, 0) != YP_TRUE) {
453		yp_error("failed to write master name to database");
454		ypxfr_exit(YPXFR_DBM,ypxfr_temp_map);
455	}
456
457	key.data = "YP_DOMAIN_NAME";
458	key.size = sizeof("YP_DOMAIN_NAME") - 1;
459	data.data = ypxfr_dest_domain;
460	data.size = strlen(ypxfr_dest_domain);
461
462	if (yp_put_record(dbp, &key, &data, 0) != YP_TRUE) {
463		yp_error("failed to write domain name to database");
464		ypxfr_exit(YPXFR_DBM,ypxfr_temp_map);
465	}
466
467	snprintf (buf, sizeof(buf), "%s:%s", ypxfr_source_host, ypxfr_mapname);
468
469	key.data = "YP_INPUT_NAME";
470	key.size = sizeof("YP_INPUT_NAME") - 1;
471	data.data = &buf;
472	data.size = strlen(buf);
473
474	if (yp_put_record(dbp, &key, &data, 0) != YP_TRUE) {
475		yp_error("failed to write input name to database");
476		ypxfr_exit(YPXFR_DBM,ypxfr_temp_map);
477
478	}
479
480	snprintf(buf, sizeof(buf), "%s/%s/%s", yp_dir, ypxfr_dest_domain,
481							ypxfr_mapname);
482
483	key.data = "YP_OUTPUT_NAME";
484	key.size = sizeof("YP_OUTPUT_NAME") - 1;
485	data.data = &buf;
486	data.size = strlen(buf);
487
488	if (yp_put_record(dbp, &key, &data, 0) != YP_TRUE) {
489		yp_error("failed to write output name to database");
490		ypxfr_exit(YPXFR_DBM,ypxfr_temp_map);
491	}
492
493	if (interdom) {
494		key.data = "YP_INTERDOMAIN";
495		key.size = sizeof("YP_INTERDOMAIN") - 1;
496		data.data = "";
497		data.size = 0;
498
499		if (yp_put_record(dbp, &key, &data, 0) != YP_TRUE) {
500			yp_error("failed to add interdomain flag to database");
501			ypxfr_exit(YPXFR_DBM,ypxfr_temp_map);
502		}
503	}
504
505	if (secure) {
506		key.data = "YP_SECURE";
507		key.size = sizeof("YP_SECURE") - 1;
508		data.data = "";
509		data.size = 0;
510
511		if (yp_put_record(dbp, &key, &data, 0) != YP_TRUE) {
512			yp_error("failed to add secure flag to database");
513			ypxfr_exit(YPXFR_DBM,ypxfr_temp_map);
514		}
515	}
516
517	/* Now suck over the contents of the map from the master. */
518
519	if (ypxfr_get_map(ypxfr_mapname,ypxfr_source_domain,
520			  ypxfr_source_host, ypxfr_foreach)){
521		yp_error("failed to retrieve map from source host");
522		ypxfr_exit(YPXFR_YPERR,ypxfr_temp_map);
523	}
524
525	(void)(dbp->close)(dbp);
526	dbp = NULL; /* <- yes, it seems this is necessary. */
527
528leave:
529
530	snprintf(buf, sizeof(buf), "%s/%s/%s", yp_dir, ypxfr_dest_domain,
531							ypxfr_mapname);
532
533	/* Peek at the order number again and check for skew. */
534	if ((ypxfr_skew_check = ypxfr_get_order(ypxfr_source_domain,
535					     ypxfr_mapname,
536					     ypxfr_master, 0)) == 0) {
537		yp_error("failed to get order number of %s: %s",
538				ypxfr_mapname, yp_errno == YP_TRUE ?
539				"map has order 0" :
540				ypxfrerr_string((ypxfrstat)yp_errno));
541		ypxfr_exit(YPXFR_YPERR,ypxfr_temp_map);
542	}
543
544	if (ypxfr_order != ypxfr_skew_check)
545		ypxfr_exit(YPXFR_SKEW,ypxfr_temp_map);
546
547	/*
548	 * Send a YPPROC_CLEAR to the local ypserv.
549	 */
550	if (ypxfr_clear) {
551		char in = 0;
552		char *out = NULL;
553		int stat;
554		if ((stat = callrpc("localhost",YPPROG,YPVERS,YPPROC_CLEAR,
555			(xdrproc_t)xdr_void, (void *)&in,
556			(xdrproc_t)xdr_void, (void *)out)) != RPC_SUCCESS) {
557			yp_error("failed to send 'clear' to local ypserv: %s",
558				 clnt_sperrno((enum clnt_stat) stat));
559			ypxfr_exit(YPXFR_CLEAR, ypxfr_temp_map);
560		}
561	}
562
563	/*
564	 * Put the new map in place immediately. I'm not sure if the
565	 * kernel does an unlink() and rename() atomically in the event
566	 * that we move a new copy of a map over the top of an existing
567	 * one, but there's less chance of a race condition happening
568	 * than if we were to do the unlink() ourselves.
569	 */
570	if (rename(ypxfr_temp_map, buf) == -1) {
571		yp_error("rename(%s,%s) failed: %s", ypxfr_temp_map, buf,
572							strerror(errno));
573		ypxfr_exit(YPXFR_FILE,NULL);
574	}
575
576	ypxfr_exit(YPXFR_SUCC,NULL);
577
578	return(1);
579}
580