]> git.ipfire.org Git - people/amarx/ipfire-3.x.git/blob - nfs-utils/patches/nfs-utils.1.2.8.rc3.patch
projects / people / amarx / ipfire-3.x.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
libnftnl: Update to 1.0.6
[people/amarx/ipfire-3.x.git] / nfs-utils / patches / nfs-utils.1.2.8.rc3.patch
1 diff --git a/support/export/rmtab.c b/support/export/rmtab.c
2 index 31c0f50..d16b3b3 100644
3 --- a/support/export/rmtab.c
4 +++ b/support/export/rmtab.c
5 @@ -1,7 +1,7 @@
6 /*
7 - * support/export/rmntab.c
8 + * support/export/rmtab.c
9 *
10 - * Interface to the rmnt file.
11 + * Interface to the rmtab file.
12 *
13 */
14
15 @@ -12,7 +12,7 @@
16 #include <stdlib.h>
17 #include <string.h>
18 #include <errno.h>
19 -#include "xmalloc.h"
20 +
21 #include "misc.h"
22 #include "nfslib.h"
23 #include "exportfs.h"
24 diff --git a/support/export/xtab.c b/support/export/xtab.c
25 index 2a43193..e953071 100644
26 --- a/support/export/xtab.c
27 +++ b/support/export/xtab.c
28 @@ -14,7 +14,7 @@
29 #include <unistd.h>
30 #include <stdlib.h>
31 #include <string.h>
32 -#include "xmalloc.h"
33 +
34 #include "nfslib.h"
35 #include "exportfs.h"
36 #include "xio.h"
37 diff --git a/support/nfs/cacheio.c b/support/nfs/cacheio.c
38 index e641c45..61e07a8 100644
39 --- a/support/nfs/cacheio.c
40 +++ b/support/nfs/cacheio.c
41 @@ -162,11 +162,16 @@ int qword_eol(FILE *f)
42 {
43 int err;
44
45 - fprintf(f,"\n");
46 - err = fflush(f);
47 - if (err) {
48 - xlog_warn("qword_eol: fflush failed: errno %d (%s)",
49 + err = fprintf(f,"\n");
50 + if (err < 0) {
51 + xlog_warn("qword_eol: fprintf failed: errno %d (%s)",
52 errno, strerror(errno));
53 + } else {
54 + err = fflush(f);
55 + if (err) {
56 + xlog_warn("qword_eol: fflush failed: errno %d (%s)",
57 + errno, strerror(errno));
58 + }
59 }
60 /*
61 * We must send one line (and one line only) in a single write
62 diff --git a/utils/gssd/gssd_proc.c b/utils/gssd/gssd_proc.c
63 index ec251fa..d01ba2f 100644
64 --- a/utils/gssd/gssd_proc.c
65 +++ b/utils/gssd/gssd_proc.c
66 @@ -52,6 +52,7 @@
67 #include <sys/socket.h>
68 #include <arpa/inet.h>
69 #include <sys/fsuid.h>
70 +#include <sys/resource.h>
71
72 #include <stdio.h>
73 #include <stdlib.h>
74 @@ -250,21 +251,10 @@ read_service_info(char *info_file_name, char **servicename, char **servername,
75 if ((p = strstr(buf, "port")) != NULL)
76 sscanf(p, "port: %127s\n", port);
77
78 - /* check service, program, and version */
79 - if (memcmp(service, "nfs", 3) != 0)
80 - return -1;
81 + /* get program, and version numbers */
82 *prog = atoi(program + 1); /* skip open paren */
83 *vers = atoi(version);
84
85 - if (strlen(service) == 3 ) {
86 - if ((*prog != 100003) || ((*vers != 2) && (*vers != 3) &&
87 - (*vers != 4)))
88 - goto fail;
89 - } else if (memcmp(service, "nfs4_cb", 7) == 0) {
90 - if (*vers != 1)
91 - goto fail;
92 - }
93 -
94 if (!addrstr_to_sockaddr(addr, address, port))
95 goto fail;
96
97 @@ -398,10 +388,10 @@ process_clnt_dir_files(struct clnt_info * clp)
98 static int
99 get_poll_index(int *ind)
100 {
101 - int i;
102 + unsigned int i;
103
104 *ind = -1;
105 - for (i=0; i<FD_ALLOC_BLOCK; i++) {
106 + for (i=0; i<pollsize; i++) {
107 if (pollarray[i].events == 0) {
108 *ind = i;
109 break;
110 @@ -483,9 +473,13 @@ fail_keep_client:
111 void
112 init_client_list(void)
113 {
114 + struct rlimit rlim;
115 TAILQ_INIT(&clnt_list);
116 /* Eventually plan to grow/shrink poll array: */
117 pollsize = FD_ALLOC_BLOCK;
118 + if (getrlimit(RLIMIT_NOFILE, &rlim) < 0 &&
119 + rlim.rlim_cur != RLIM_INFINITY)
120 + pollsize = rlim.rlim_cur;
121 pollarray = calloc(pollsize, sizeof(struct pollfd));
122 }
123
124 @@ -567,9 +561,8 @@ process_pipedir(char *pipe_name)
125
126 update_old_clients(namelist, j, pipe_name);
127 for (i=0; i < j; i++) {
128 - if (i < FD_ALLOC_BLOCK
129 - && !strncmp(namelist[i]->d_name, "clnt", 4)
130 - && !find_client(namelist[i]->d_name, pipe_name))
131 + if (!strncmp(namelist[i]->d_name, "clnt", 4)
132 + && !find_client(namelist[i]->d_name, pipe_name))
133 process_clnt_dir(namelist[i]->d_name, pipe_name);
134 free(namelist[i]);
135 }
136 @@ -962,12 +955,6 @@ process_krb5_upcall(struct clnt_info *clp, uid_t uid, int fd, char *tgtname,
137
138 printerr(1, "handling krb5 upcall (%s)\n", clp->dirname);
139
140 - if (tgtname) {
141 - if (clp->servicename) {
142 - free(clp->servicename);
143 - clp->servicename = strdup(tgtname);
144 - }
145 - }
146 token.length = 0;
147 token.value = NULL;
148 memset(&pd, 0, sizeof(struct authgss_private_data));
149 @@ -1016,7 +1003,8 @@ process_krb5_upcall(struct clnt_info *clp, uid_t uid, int fd, char *tgtname,
150 int success = 0;
151 do {
152 gssd_refresh_krb5_machine_credential(clp->servername,
153 - NULL, service);
154 + NULL, service,
155 + tgtname);
156 /*
157 * Get a list of credential cache names and try each
158 * of them until one works or we've tried them all
159 diff --git a/utils/gssd/krb5_util.c b/utils/gssd/krb5_util.c
160 index 60ba594..aeb8f70 100644
161 --- a/utils/gssd/krb5_util.c
162 +++ b/utils/gssd/krb5_util.c
163 @@ -774,12 +774,16 @@ gssd_search_krb5_keytab(krb5_context context, krb5_keytab kt,
164 }
165
166 /*
167 - * Find a keytab entry to use for a given target hostname.
168 + * Find a keytab entry to use for a given target realm.
169 * Tries to find the most appropriate keytab to use given the
170 * name of the host we are trying to connect with.
171 + *
172 + * Note: the tgtname contains a hostname in the realm that we
173 + * are authenticating to. It may, or may not be the same as
174 + * the server hostname.
175 */
176 static int
177 -find_keytab_entry(krb5_context context, krb5_keytab kt, const char *hostname,
178 +find_keytab_entry(krb5_context context, krb5_keytab kt, const char *tgtname,
179 krb5_keytab_entry *kte, const char **svcnames)
180 {
181 krb5_error_code code;
182 @@ -795,7 +799,7 @@ find_keytab_entry(krb5_context context, krb5_keytab kt, const char *hostname,
183
184
185 /* Get full target hostname */
186 - retval = get_full_hostname(hostname, targethostname,
187 + retval = get_full_hostname(tgtname, targethostname,
188 sizeof(targethostname));
189 if (retval)
190 goto out;
191 @@ -1128,7 +1132,7 @@ gssd_get_krb5_machine_cred_list(char ***list)
192 if (ple->ccname) {
193 /* Make sure cred is up-to-date before returning it */
194 retval = gssd_refresh_krb5_machine_credential(NULL, ple,
195 - NULL);
196 + NULL, NULL);
197 if (retval)
198 continue;
199 if (i + 1 > listsize) {
200 @@ -1219,7 +1223,8 @@ gssd_destroy_krb5_machine_creds(void)
201 int
202 gssd_refresh_krb5_machine_credential(char *hostname,
203 struct gssd_k5_kt_princ *ple,
204 - char *service)
205 + char *service,
206 + char *tgtname)
207 {
208 krb5_error_code code = 0;
209 krb5_context context;
210 @@ -1258,7 +1263,10 @@ gssd_refresh_krb5_machine_credential(char *hostname,
211 if (ple == NULL) {
212 krb5_keytab_entry kte;
213
214 - code = find_keytab_entry(context, kt, hostname, &kte, svcnames);
215 + if (tgtname == NULL)
216 + tgtname = hostname;
217 +
218 + code = find_keytab_entry(context, kt, tgtname, &kte, svcnames);
219 if (code) {
220 printerr(0, "ERROR: %s: no usable keytab entry found "
221 "in keytab %s for connection with host %s\n",
222 diff --git a/utils/gssd/krb5_util.h b/utils/gssd/krb5_util.h
223 index cd6e107..9f41625 100644
224 --- a/utils/gssd/krb5_util.h
225 +++ b/utils/gssd/krb5_util.h
226 @@ -31,7 +31,8 @@ void gssd_setup_krb5_machine_gss_ccache(char *servername);
227 void gssd_destroy_krb5_machine_creds(void);
228 int gssd_refresh_krb5_machine_credential(char *hostname,
229 struct gssd_k5_kt_princ *ple,
230 - char *service);
231 + char *service,
232 + char *tgtname);
233 char *gssd_k5_err_msg(krb5_context context, krb5_error_code code);
234 void gssd_k5_get_default_realm(char **def_realm);
235
236 diff --git a/utils/gssd/svcgssd_krb5.c b/utils/gssd/svcgssd_krb5.c
237 index 6c34faf..1d44d34 100644
238 --- a/utils/gssd/svcgssd_krb5.c
239 +++ b/utils/gssd/svcgssd_krb5.c
240 @@ -38,6 +38,7 @@
241
242 #include <stdio.h>
243 #include <errno.h>
244 +#include <ctype.h>
245 #include <gssapi/gssapi.h>
246 #include <krb5.h>
247
248 @@ -98,6 +99,12 @@ parse_enctypes(char *enctypes)
249 if (n == 0)
250 return ENOENT;
251
252 + /* Skip pass any non digits */
253 + while (*enctypes && isdigit(*enctypes) == 0)
254 + enctypes++;
255 + if (*enctypes == '\0')
256 + return EINVAL;
257 +
258 /* Allocate space for enctypes array */
259 if ((parsed_enctypes = (int *) calloc(n, sizeof(int))) == NULL) {
260 return ENOMEM;
261 diff --git a/utils/idmapd/idmapd.c b/utils/idmapd/idmapd.c
262 index e80efb4..beba9c4 100644
263 --- a/utils/idmapd/idmapd.c
264 +++ b/utils/idmapd/idmapd.c
265 @@ -145,7 +145,6 @@ static void svrreopen(int, short, void *);
266 static int nfsopen(struct idmap_client *);
267 static void nfscb(int, short, void *);
268 static void nfsdcb(int, short, void *);
269 -static int validateascii(char *, u_int32_t);
270 static int addfield(char **, ssize_t *, char *);
271 static int getfield(char **, char *, size_t);
272
273 @@ -425,7 +424,8 @@ dirscancb(int UNUSED(fd), short UNUSED(which), void *data)
274 pipefsdir, ents[i]->d_name);
275
276 if ((ic->ic_dirfd = open(path, O_RDONLY, 0)) == -1) {
277 - xlog_warn("dirscancb: open(%s): %s", path, strerror(errno));
278 + if (verbose > 0)
279 + xlog_warn("dirscancb: open(%s): %s", path, strerror(errno));
280 free(ic);
281 goto out;
282 }
283 @@ -642,6 +642,8 @@ out:
284 static void
285 imconv(struct idmap_client *ic, struct idmap_msg *im)
286 {
287 + u_int32_t len;
288 +
289 switch (im->im_conv) {
290 case IDMAP_CONV_IDTONAME:
291 idtonameres(im);
292 @@ -652,10 +654,10 @@ imconv(struct idmap_client *ic, struct idmap_msg *im)
293 im->im_id, im->im_name);
294 break;
295 case IDMAP_CONV_NAMETOID:
296 - if (validateascii(im->im_name, sizeof(im->im_name)) == -1) {
297 - im->im_status |= IDMAP_STATUS_INVALIDMSG;
298 + len = strnlen(im->im_name, IDMAP_NAMESZ - 1);
299 + /* Check for NULL termination just to be careful */
300 + if (im->im_name[len+1] != '\0')
301 return;
302 - }
303 nametoidres(im);
304 if (verbose > 1)
305 xlog_warn("%s %s: (%s) name \"%s\" -> id \"%d\"",
306 @@ -855,25 +857,6 @@ nametoidres(struct idmap_msg *im)
307 }
308
309 static int
310 -validateascii(char *string, u_int32_t len)
311 -{
312 - u_int32_t i;
313 -
314 - for (i = 0; i < len; i++) {
315 - if (string[i] == '\0')
316 - break;
317 -
318 - if (string[i] & 0x80)
319 - return (-1);
320 - }
321 -
322 - if ((i >= len) || string[i] != '\0')
323 - return (-1);
324 -
325 - return (i + 1);
326 -}
327 -
328 -static int
329 addfield(char **bpp, ssize_t *bsizp, char *fld)
330 {
331 char ch, *bp = *bpp;
332 diff --git a/utils/mount/error.c b/utils/mount/error.c
333 index 83ad1d2..f8fc13f 100644
334 --- a/utils/mount/error.c
335 +++ b/utils/mount/error.c
336 @@ -225,7 +225,7 @@ void mount_error(const char *spec, const char *mount_point, int error)
337 case ENOENT:
338 if (spec)
339 nfs_error(_("%s: mounting %s failed, "
340 - "reason given by server:\n %s"),
341 + "reason given by server: %s"),
342 progname, spec, strerror(error));
343 else
344 nfs_error(_("%s: mount point %s does not exist"),
345 diff --git a/utils/mount/stropts.c b/utils/mount/stropts.c
346 index 9b4197b..8ee3024 100644
347 --- a/utils/mount/stropts.c
348 +++ b/utils/mount/stropts.c
349 @@ -666,6 +666,7 @@ static int nfs_try_mount_v3v2(struct nfsmount_info *mi)
350 case EOPNOTSUPP:
351 case EHOSTUNREACH:
352 case ETIMEDOUT:
353 + case EACCES:
354 continue;
355 default:
356 goto out;
357 @@ -761,6 +762,7 @@ static int nfs_try_mount_v4(struct nfsmount_info *mi)
358 case ECONNREFUSED:
359 case EHOSTUNREACH:
360 case ETIMEDOUT:
361 + case EACCES:
362 continue;
363 default:
364 goto out;
365 diff --git a/utils/mountd/auth.c b/utils/mountd/auth.c
366 index 508040a..330cab5 100644
367 --- a/utils/mountd/auth.c
368 +++ b/utils/mountd/auth.c
369 @@ -10,10 +10,12 @@
370 #include <config.h>
371 #endif
372
373 +#include <sys/types.h>
374 #include <sys/stat.h>
375 #include <netinet/in.h>
376 #include <arpa/inet.h>
377 #include <errno.h>
378 +#include <fcntl.h>
379 #include <unistd.h>
380
381 #include "sockaddr.h"
382 @@ -21,7 +23,6 @@
383 #include "nfslib.h"
384 #include "exportfs.h"
385 #include "mountd.h"
386 -#include "xmalloc.h"
387 #include "v4root.h"
388
389 enum auth_error
390 diff --git a/utils/mountd/cache.c b/utils/mountd/cache.c
391 index e950ec6..45012be 100644
392 --- a/utils/mountd/cache.c
393 +++ b/utils/mountd/cache.c
394 @@ -29,7 +29,6 @@
395 #include "nfslib.h"
396 #include "exportfs.h"
397 #include "mountd.h"
398 -#include "xmalloc.h"
399 #include "fsloc.h"
400 #include "pseudoflavors.h"
401
402 @@ -109,12 +108,10 @@ static void auth_unix_ip(FILE *f)
403 struct addrinfo *ai = NULL;
404
405 ai = client_resolve(tmp->ai_addr);
406 - if (ai == NULL)
407 - goto out;
408 - client = client_compose(ai);
409 - freeaddrinfo(ai);
410 - if (!client)
411 - goto out;
412 + if (ai) {
413 + client = client_compose(ai);
414 + freeaddrinfo(ai);
415 + }
416 }
417 qword_print(f, "nfsd");
418 qword_print(f, ipaddr);
419 @@ -127,7 +124,6 @@ static void auth_unix_ip(FILE *f)
420 xlog(D_CALL, "auth_unix_ip: client %p '%s'", client, client?client: "DEFAULT");
421
422 free(client);
423 -out:
424 freeaddrinfo(tmp);
425
426 }
427 @@ -347,6 +343,30 @@ static char *next_mnt(void **v, char *p)
428 return me->mnt_dir;
429 }
430
431 +static int is_subdirectory(char *child, char *parent)
432 +{
433 + size_t l = strlen(parent);
434 +
435 + if (strcmp(parent, "/") == 0)
436 + return 1;
437 +
438 + return strcmp(child, parent) == 0
439 + || (strncmp(child, parent, l) == 0 && child[l] == '/');
440 +}
441 +
442 +static int path_matches(nfs_export *exp, char *path)
443 +{
444 + if (exp->m_export.e_flags & NFSEXP_CROSSMOUNT)
445 + return is_subdirectory(path, exp->m_export.e_path);
446 + return strcmp(path, exp->m_export.e_path) == 0;
447 +}
448 +
449 +static int
450 +export_matches(nfs_export *exp, char *dom, char *path, struct addrinfo *ai)
451 +{
452 + return path_matches(exp, path) && client_matches(exp, dom, ai);
453 +}
454 +
455 /* True iff e1 is a child of e2 and e2 has crossmnt set: */
456 static bool subexport(struct exportent *e1, struct exportent *e2)
457 {
458 @@ -354,8 +374,7 @@ static bool subexport(struct exportent *e1, struct exportent *e2)
459 size_t l2 = strlen(p2);
460
461 return e2->e_flags & NFSEXP_CROSSMOUNT
462 - && strncmp(p1, p2, l2) == 0
463 - && p1[l2] == '/';
464 + && is_subdirectory(p1, p2);
465 }
466
467 struct parsed_fsid {
468 @@ -756,27 +775,6 @@ static int dump_to_cache(FILE *f, char *domain, char *path, struct exportent *ex
469 return qword_eol(f);
470 }
471
472 -static int is_subdirectory(char *child, char *parent)
473 -{
474 - size_t l = strlen(parent);
475 -
476 - return strcmp(child, parent) == 0
477 - || (strncmp(child, parent, l) == 0 && child[l] == '/');
478 -}
479 -
480 -static int path_matches(nfs_export *exp, char *path)
481 -{
482 - if (exp->m_export.e_flags & NFSEXP_CROSSMOUNT)
483 - return is_subdirectory(path, exp->m_export.e_path);
484 - return strcmp(path, exp->m_export.e_path) == 0;
485 -}
486 -
487 -static int
488 -export_matches(nfs_export *exp, char *dom, char *path, struct addrinfo *ai)
489 -{
490 - return path_matches(exp, path) && client_matches(exp, dom, ai);
491 -}
492 -
493 static nfs_export *
494 lookup_export(char *dom, char *path, struct addrinfo *ai)
495 {
496 @@ -830,6 +828,7 @@ lookup_export(char *dom, char *path, struct addrinfo *ai)
497
498 #ifdef HAVE_NFS_PLUGIN_H
499 #include <dlfcn.h>
500 +#include <link.h>
501 #include <nfs-plugin.h>
502
503 /*
504 @@ -1094,6 +1093,7 @@ static struct exportent *lookup_junction(char *dom, const char *pathname,
505 struct addrinfo *ai)
506 {
507 struct exportent *exp;
508 + struct link_map *map;
509 void *handle;
510
511 handle = dlopen("libnfsjunct.so", RTLD_NOW);
512 @@ -1101,6 +1101,11 @@ static struct exportent *lookup_junction(char *dom, const char *pathname,
513 xlog(D_GENERAL, "%s: dlopen: %s", __func__, dlerror());
514 return NULL;
515 }
516 +
517 + if (dlinfo(handle, RTLD_DI_LINKMAP, &map) == 0)
518 + xlog(D_GENERAL, "%s: loaded plug-in %s",
519 + __func__, map->l_name);
520 +
521 (void)dlerror(); /* Clear any error */
522
523 exp = invoke_junction_ops(handle, dom, pathname, ai);
524 diff --git a/utils/nfsdcltrack/nfsdcltrack.c b/utils/nfsdcltrack/nfsdcltrack.c
525 index 9801b9c..4334340 100644
526 --- a/utils/nfsdcltrack/nfsdcltrack.c
527 +++ b/utils/nfsdcltrack/nfsdcltrack.c
528 @@ -379,6 +379,17 @@ cltrack_legacy_gracedone(void)
529 while ((entry = readdir(v4recovery))) {
530 int len;
531
532 + /* skip "." and ".." */
533 + if (entry->d_name[0] == '.') {
534 + switch (entry->d_name[1]) {
535 + case '\0':
536 + continue;
537 + case '.':
538 + if (entry->d_name[2] == '\0')
539 + continue;
540 + }
541 + }
542 +
543 /* borrow the clientid blob for this */
544 len = snprintf((char *)blob, sizeof(blob), "%s/%s", dirname,
545 entry->d_name);
546 diff --git a/utils/statd/rmtcall.c b/utils/statd/rmtcall.c
547 index 4ecb03c..fd576d9 100644
548 --- a/utils/statd/rmtcall.c
549 +++ b/utils/statd/rmtcall.c
550 @@ -68,21 +68,19 @@ statd_get_socket(void)
551 {
552 struct sockaddr_in sin;
553 struct servent *se;
554 - int loopcnt = 100;
555 + const int loopcnt = 100;
556 + int i, tmp_sockets[loopcnt];
557
558 if (sockfd >= 0)
559 return sockfd;
560
561 - while (loopcnt-- > 0) {
562 -
563 - if (sockfd >= 0) close(sockfd);
564 + for (i = 0; i < loopcnt; ++i) {
565
566 if ((sockfd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP)) < 0) {
567 xlog(L_ERROR, "%s: Can't create socket: %m", __func__);
568 - return -1;
569 + break;
570 }
571
572 -
573 memset(&sin, 0, sizeof(sin));
574 sin.sin_family = AF_INET;
575 sin.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
576 @@ -96,7 +94,16 @@ statd_get_socket(void)
577 if (se == NULL)
578 break;
579 /* rather not use that port, try again */
580 +
581 + tmp_sockets[i] = sockfd;
582 }
583 +
584 + while (--i >= 0)
585 + close(tmp_sockets[i]);
586 +
587 + if (sockfd < 0)
588 + return -1;
589 +
590 FD_SET(sockfd, &SVC_FDSET);
591 return sockfd;
592 }
Alex's tree of IPFire 3.x