From owner-svn-src-stable-10@freebsd.org Sun Apr 21 01:15:56 2019 Return-Path: Delivered-To: svn-src-stable-10@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 94EB3157C05C; Sun, 21 Apr 2019 01:15:56 +0000 (UTC) (envelope-from rmacklem@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 08BB68413B; Sun, 21 Apr 2019 01:15:56 +0000 (UTC) (envelope-from rmacklem@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id D22821E34E; Sun, 21 Apr 2019 01:15:55 +0000 (UTC) (envelope-from rmacklem@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id x3L1FtoX046442; Sun, 21 Apr 2019 01:15:55 GMT (envelope-from rmacklem@FreeBSD.org) Received: (from rmacklem@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id x3L1Fsal046438; Sun, 21 Apr 2019 01:15:54 GMT (envelope-from rmacklem@FreeBSD.org) Message-Id: <201904210115.x3L1Fsal046438@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: rmacklem set sender to rmacklem@FreeBSD.org using -f From: Rick Macklem Date: Sun, 21 Apr 2019 01:15:54 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r346466 - in stable/10/sys: fs/nfs modules/nfscommon X-SVN-Group: stable-10 X-SVN-Commit-Author: rmacklem X-SVN-Commit-Paths: in stable/10/sys: fs/nfs modules/nfscommon X-SVN-Commit-Revision: 346466 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 08BB68413B X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-2.96 / 15.00]; local_wl_from(0.00)[FreeBSD.org]; NEURAL_HAM_MEDIUM(-1.00)[-0.999,0]; NEURAL_HAM_SHORT(-0.96)[-0.963,0]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US] X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 21 Apr 2019 01:15:56 -0000 Author: rmacklem Date: Sun Apr 21 01:15:54 2019 New Revision: 346466 URL: https://svnweb.freebsd.org/changeset/base/346466 Log: MFC: r345992, r346087 Add INET6 support for the upcalls to the nfsuserd daemon. The kernel code uses UDP to do upcalls to the nfsuserd(8) daemon to get updates to the username<->uid and groupname<->gid mappings. A change to AF_LOCAL last year had to be reverted, since it could result in vnode locking issues on the AF_LOCAL socket. This patch adds INET6 support and the required #ifdef INET and INET6 to the code. Modified: stable/10/sys/fs/nfs/nfs.h stable/10/sys/fs/nfs/nfs_commonport.c stable/10/sys/fs/nfs/nfs_commonsubs.c stable/10/sys/fs/nfs/nfs_var.h stable/10/sys/modules/nfscommon/Makefile Directory Properties: stable/10/ (props changed) Modified: stable/10/sys/fs/nfs/nfs.h ============================================================================== --- stable/10/sys/fs/nfs/nfs.h Sun Apr 21 00:59:21 2019 (r346465) +++ stable/10/sys/fs/nfs/nfs.h Sun Apr 21 01:15:54 2019 (r346466) @@ -212,6 +212,11 @@ struct nfsd_oidargs { int nid_namelen; /* and its length */ }; +struct nfsuserd_args { + sa_family_t nuserd_family; /* Address family to use */ + u_short nuserd_port; /* Port# */ +}; + struct nfsd_clid { int nclid_idlen; /* Length of client id */ u_char nclid_id[NFSV4_OPAQUELIMIT]; /* and name */ Modified: stable/10/sys/fs/nfs/nfs_commonport.c ============================================================================== --- stable/10/sys/fs/nfs/nfs_commonport.c Sun Apr 21 00:59:21 2019 (r346465) +++ stable/10/sys/fs/nfs/nfs_commonport.c Sun Apr 21 01:15:54 2019 (r346466) @@ -536,11 +536,24 @@ nfssvc_call(struct thread *p, struct nfssvc_args *uap, goto out; } else if (uap->flag & NFSSVC_NFSUSERDPORT) { u_short sockport; + struct nfsuserd_args nargs; - error = copyin(uap->argp, (caddr_t)&sockport, - sizeof (u_short)); + if ((uap->flag & NFSSVC_NEWSTRUCT) == 0) { + error = copyin(uap->argp, (caddr_t)&sockport, + sizeof (u_short)); + if (error == 0) { + nargs.nuserd_family = AF_INET; + nargs.nuserd_port = sockport; + } + } else { + /* + * New nfsuserd_args structure, which indicates + * which IP version to use along with the port#. + */ + error = copyin(uap->argp, &nargs, sizeof(nargs)); + } if (!error) - error = nfsrv_nfsuserdport(sockport, p); + error = nfsrv_nfsuserdport(&nargs, p); } else if (uap->flag & NFSSVC_NFSUSERDDELPORT) { nfsrv_nfsuserddelport(); error = 0; Modified: stable/10/sys/fs/nfs/nfs_commonsubs.c ============================================================================== --- stable/10/sys/fs/nfs/nfs_commonsubs.c Sun Apr 21 00:59:21 2019 (r346465) +++ stable/10/sys/fs/nfs/nfs_commonsubs.c Sun Apr 21 01:15:54 2019 (r346466) @@ -40,6 +40,7 @@ __FBSDID("$FreeBSD$"); * copy data between mbuf chains and uio lists. */ #ifndef APPLEKEXT +#include "opt_inet.h" #include "opt_inet6.h" #include @@ -3071,10 +3072,16 @@ nfsrv_cmpmixedcase(u_char *cp, u_char *cp2, int len) * Set the port for the nfsuserd. */ APPLESTATIC int -nfsrv_nfsuserdport(u_short port, NFSPROC_T *p) +nfsrv_nfsuserdport(struct nfsuserd_args *nargs, NFSPROC_T *p) { struct nfssockreq *rp; +#ifdef INET struct sockaddr_in *ad; +#endif +#ifdef INET6 + struct sockaddr_in6 *ad6; + const struct in6_addr in6loopback = IN6ADDR_LOOPBACK_INIT; +#endif int error; NFSLOCKNAMEID(); @@ -3094,17 +3101,39 @@ nfsrv_nfsuserdport(u_short port, NFSPROC_T *p) rp->nr_soproto = IPPROTO_UDP; rp->nr_lock = (NFSR_RESERVEDPORT | NFSR_LOCALHOST); rp->nr_cred = NULL; - NFSSOCKADDRALLOC(rp->nr_nam); - NFSSOCKADDRSIZE(rp->nr_nam, sizeof (struct sockaddr_in)); - ad = NFSSOCKADDR(rp->nr_nam, struct sockaddr_in *); - ad->sin_family = AF_INET; - ad->sin_addr.s_addr = htonl((u_int32_t)0x7f000001); /* 127.0.0.1 */ - ad->sin_port = port; rp->nr_prog = RPCPROG_NFSUSERD; + error = 0; + switch (nargs->nuserd_family) { +#ifdef INET + case AF_INET: + rp->nr_nam = malloc(sizeof(struct sockaddr_in), M_SONAME, + M_WAITOK | M_ZERO); + ad = (struct sockaddr_in *)rp->nr_nam; + ad->sin_len = sizeof(struct sockaddr_in); + ad->sin_family = AF_INET; + ad->sin_addr.s_addr = htonl(INADDR_LOOPBACK); + ad->sin_port = nargs->nuserd_port; + break; +#endif +#ifdef INET6 + case AF_INET6: + rp->nr_nam = malloc(sizeof(struct sockaddr_in6), M_SONAME, + M_WAITOK | M_ZERO); + ad6 = (struct sockaddr_in6 *)rp->nr_nam; + ad6->sin6_len = sizeof(struct sockaddr_in6); + ad6->sin6_family = AF_INET6; + ad6->sin6_addr = in6loopback; + ad6->sin6_port = nargs->nuserd_port; + break; +#endif + default: + error = ENXIO; + } rp->nr_vers = RPCNFSUSERD_VERS; - error = newnfs_connect(NULL, rp, NFSPROCCRED(p), p, 0); + if (error == 0) + error = newnfs_connect(NULL, rp, NFSPROCCRED(p), p, 0); if (error) { - NFSSOCKADDRFREE(rp->nr_nam); + free(rp->nr_nam, M_SONAME); nfsrv_nfsuserd = 0; } out: Modified: stable/10/sys/fs/nfs/nfs_var.h ============================================================================== --- stable/10/sys/fs/nfs/nfs_var.h Sun Apr 21 00:59:21 2019 (r346465) +++ stable/10/sys/fs/nfs/nfs_var.h Sun Apr 21 01:15:54 2019 (r346466) @@ -130,7 +130,7 @@ int nfsrv_checksetattr(vnode_t, struct nfsrv_descript NFSPROC_T *); int nfsrv_checkgetattr(struct nfsrv_descript *, vnode_t, struct nfsvattr *, nfsattrbit_t *, struct ucred *, NFSPROC_T *); -int nfsrv_nfsuserdport(u_short, NFSPROC_T *); +int nfsrv_nfsuserdport(struct nfsuserd_args *, NFSPROC_T *); void nfsrv_nfsuserddelport(void); void nfsrv_throwawayallstate(NFSPROC_T *); int nfsrv_checksequence(struct nfsrv_descript *, uint32_t, uint32_t *, Modified: stable/10/sys/modules/nfscommon/Makefile ============================================================================== --- stable/10/sys/modules/nfscommon/Makefile Sun Apr 21 00:59:21 2019 (r346465) +++ stable/10/sys/modules/nfscommon/Makefile Sun Apr 21 01:15:54 2019 (r346466) @@ -7,6 +7,7 @@ SRCS= vnode_if.h \ nfs_commonkrpc.c \ nfs_commonport.c \ nfs_commonsubs.c \ + opt_inet.h \ opt_inet6.h \ opt_kdtrace.h \ opt_kgssapi.h \ From owner-svn-src-stable-10@freebsd.org Sun Apr 21 01:25:28 2019 Return-Path: Delivered-To: svn-src-stable-10@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6B369157C550; Sun, 21 Apr 2019 01:25:28 +0000 (UTC) (envelope-from rmacklem@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 0FC08846BE; Sun, 21 Apr 2019 01:25:28 +0000 (UTC) (envelope-from rmacklem@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id DCB891E4F8; Sun, 21 Apr 2019 01:25:27 +0000 (UTC) (envelope-from rmacklem@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id x3L1PR0T052391; Sun, 21 Apr 2019 01:25:27 GMT (envelope-from rmacklem@FreeBSD.org) Received: (from rmacklem@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id x3L1PRsb052390; Sun, 21 Apr 2019 01:25:27 GMT (envelope-from rmacklem@FreeBSD.org) Message-Id: <201904210125.x3L1PRsb052390@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: rmacklem set sender to rmacklem@FreeBSD.org using -f From: Rick Macklem Date: Sun, 21 Apr 2019 01:25:27 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r346467 - stable/10/usr.sbin/nfsuserd X-SVN-Group: stable-10 X-SVN-Commit-Author: rmacklem X-SVN-Commit-Paths: stable/10/usr.sbin/nfsuserd X-SVN-Commit-Revision: 346467 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 0FC08846BE X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-2.96 / 15.00]; local_wl_from(0.00)[FreeBSD.org]; NEURAL_HAM_MEDIUM(-1.00)[-0.999,0]; NEURAL_HAM_SHORT(-0.96)[-0.965,0]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US] X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 21 Apr 2019 01:25:28 -0000 Author: rmacklem Date: Sun Apr 21 01:25:27 2019 New Revision: 346467 URL: https://svnweb.freebsd.org/changeset/base/346467 Log: MFC: r345994 Fix nfsuserd so that it handles the mapped localhost address when jails are enabled. The nfsuserd(8) daemon does not function correctly when jails are enabled, since localhost gets mapped to another IP address and, as such, the upcall RPC fails. This patch fixes the problem by doing a getsockname(2) of a socket mapped to localhost to find out what the correct address is for the comparison test with the upcall's from IP address. This patch also adds INET6 support and the required #ifdef's for INET and INET6. It now uses INET6 by default for the upcalls, if the kernel has INET6 support and the daemon is also built with INET6 support. Modified: stable/10/usr.sbin/nfsuserd/Makefile stable/10/usr.sbin/nfsuserd/nfsuserd.c Directory Properties: stable/10/ (props changed) Modified: stable/10/usr.sbin/nfsuserd/Makefile ============================================================================== --- stable/10/usr.sbin/nfsuserd/Makefile Sun Apr 21 01:15:54 2019 (r346466) +++ stable/10/usr.sbin/nfsuserd/Makefile Sun Apr 21 01:25:27 2019 (r346467) @@ -1,7 +1,16 @@ # $FreeBSD$ +.include + PROG= nfsuserd MAN= nfsuserd.8 WARNS?= 3 + +.if ${MK_INET_SUPPORT} != "no" +CFLAGS+= -DINET +.endif +.if ${MK_INET6_SUPPORT} != "no" +CFLAGS+= -DINET6 +.endif .include Modified: stable/10/usr.sbin/nfsuserd/nfsuserd.c ============================================================================== --- stable/10/usr.sbin/nfsuserd/nfsuserd.c Sun Apr 21 01:15:54 2019 (r346466) +++ stable/10/usr.sbin/nfsuserd/nfsuserd.c Sun Apr 21 01:25:27 2019 (r346467) @@ -40,6 +40,10 @@ __FBSDID("$FreeBSD$"); #include #include +#include + +#include + #include #include @@ -72,6 +76,7 @@ static void nfsuserdsrv(struct svc_req *, SVCXPRT *); static bool_t xdr_getid(XDR *, caddr_t); static bool_t xdr_getname(XDR *, caddr_t); static bool_t xdr_retval(XDR *, caddr_t); +static int nfsbind_localhost(void); #define MAXNAME 1024 #define MAXNFSUSERD 20 @@ -94,6 +99,10 @@ gid_t defaultgid = 65533; int verbose = 0, im_a_slave = 0, nfsuserdcnt = -1, forcestart = 0; int defusertimeout = DEFUSERTIMEOUT, manage_gids = 0; pid_t slaves[MAXNFSUSERD]; +static struct sockaddr_storage fromip; +#ifdef INET6 +static struct in6_addr in6loopback = IN6ADDR_LOOPBACK_INIT; +#endif int main(int argc, char *argv[]) @@ -105,13 +114,20 @@ main(int argc, char *argv[]) struct group *grp; int sock, one = 1; SVCXPRT *udptransp; - u_short portnum; + struct nfsuserd_args nargs; sigset_t signew; char hostname[MAXHOSTNAMELEN + 1], *cp; struct addrinfo *aip, hints; static uid_t check_dups[MAXUSERMAX]; gid_t grps[NGROUPS]; int ngroup; +#ifdef INET + struct sockaddr_in *sin; +#endif +#ifdef INET6 + struct sockaddr_in6 *sin6; +#endif + int s; if (modfind("nfscommon") < 0) { /* Not present in kernel, try loading it */ @@ -144,6 +160,37 @@ main(int argc, char *argv[]) } } } + + /* + * See if this server handles IPv4 or IPv6 and set up the default + * localhost address. + */ + s = -1; +#ifdef INET6 + s = socket(PF_INET6, SOCK_DGRAM, 0); + if (s >= 0) { + fromip.ss_family = AF_INET6; + fromip.ss_len = sizeof(struct sockaddr_in6); + sin6 = (struct sockaddr_in6 *)&fromip; + sin6->sin6_addr = in6loopback; + close(s); + } +#endif /* INET6 */ +#ifdef INET + if (s < 0) { + s = socket(PF_INET, SOCK_DGRAM, 0); + if (s >= 0) { + fromip.ss_family = AF_INET; + fromip.ss_len = sizeof(struct sockaddr_in); + sin = (struct sockaddr_in *)&fromip; + sin->sin_addr.s_addr = htonl(INADDR_LOOPBACK); + close(s); + } + } +#endif /* INET */ + if (s < 0) + err(1, "Can't create a inet/inet6 socket"); + nid.nid_usermax = DEFUSERMAX; nid.nid_usertimeout = defusertimeout; @@ -245,11 +292,12 @@ main(int argc, char *argv[]) for (i = 0; i < nfsuserdcnt; i++) slaves[i] = (pid_t)-1; + nargs.nuserd_family = fromip.ss_family; /* * Set up the service port to accept requests via UDP from - * localhost (127.0.0.1). + * localhost (INADDR_LOOPBACK or IN6ADDR_LOOPBACK_INIT). */ - if ((sock = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP)) < 0) + if ((sock = socket(nargs.nuserd_family, SOCK_DGRAM, IPPROTO_UDP)) < 0) err(1, "cannot create udp socket"); /* @@ -272,11 +320,11 @@ main(int argc, char *argv[]) /* * Tell the kernel what my port# is. */ - portnum = htons(udptransp->xp_port); + nargs.nuserd_port = htons(udptransp->xp_port); #ifdef DEBUG - printf("portnum=0x%x\n", portnum); + printf("portnum=0x%x\n", nargs.nuserd_port); #else - if (nfssvc(NFSSVC_NFSUSERDPORT, (caddr_t)&portnum) < 0) { + if (nfssvc(NFSSVC_NFSUSERDPORT | NFSSVC_NEWSTRUCT, &nargs) < 0) { if (errno == EPERM) { fprintf(stderr, "Can't start nfsuserd when already running"); @@ -455,27 +503,92 @@ nfsuserdsrv(struct svc_req *rqstp, SVCXPRT *transp) struct passwd *pwd; struct group *grp; int error; +#if defined(INET) || defined(INET6) u_short sport; + int ret; +#endif struct info info; struct nfsd_idargs nid; - u_int32_t saddr; gid_t grps[NGROUPS]; int ngroup; +#ifdef INET + struct sockaddr_in *fromsin, *sin; +#endif +#ifdef INET6 + struct sockaddr_in6 *fromsin6, *sin6; + char buf[INET6_ADDRSTRLEN]; +#endif /* - * Only handle requests from 127.0.0.1 on a reserved port number. + * Only handle requests from localhost on a reserved port number. + * If the upcall is from a different address, call nfsbind_localhost() + * to check for a remapping of localhost, due to jails. * (Since a reserved port # at localhost implies a client with * local root, there won't be a security breach. This is about * the only case I can think of where a reserved port # means * something.) */ - sport = ntohs(transp->xp_raddr.sin_port); - saddr = ntohl(transp->xp_raddr.sin_addr.s_addr); - if ((rqstp->rq_proc != NULLPROC && sport >= IPPORT_RESERVED) || - saddr != 0x7f000001) { - syslog(LOG_ERR, "req from ip=0x%x port=%d\n", saddr, sport); - svcerr_weakauth(transp); - return; + if (rqstp->rq_proc != NULLPROC) { + switch (fromip.ss_family) { +#ifdef INET + case AF_INET: + if (transp->xp_rtaddr.len < sizeof(*sin)) { + syslog(LOG_ERR, "xp_rtaddr too small"); + svcerr_weakauth(transp); + return; + } + sin = (struct sockaddr_in *)transp->xp_rtaddr.buf; + fromsin = (struct sockaddr_in *)&fromip; + sport = ntohs(sin->sin_port); + if (sport >= IPPORT_RESERVED) { + syslog(LOG_ERR, "not a reserved port#"); + svcerr_weakauth(transp); + return; + } + ret = 1; + if (sin->sin_addr.s_addr != fromsin->sin_addr.s_addr) + ret = nfsbind_localhost(); + if (ret == 0 || sin->sin_addr.s_addr != + fromsin->sin_addr.s_addr) { + syslog(LOG_ERR, "bad from ip %s", + inet_ntoa(sin->sin_addr)); + svcerr_weakauth(transp); + return; + } + break; +#endif /* INET */ +#ifdef INET6 + case AF_INET6: + if (transp->xp_rtaddr.len < sizeof(*sin6)) { + syslog(LOG_ERR, "xp_rtaddr too small"); + svcerr_weakauth(transp); + return; + } + sin6 = (struct sockaddr_in6 *)transp->xp_rtaddr.buf; + fromsin6 = (struct sockaddr_in6 *)&fromip; + sport = ntohs(sin6->sin6_port); + if (sport >= IPV6PORT_RESERVED) { + syslog(LOG_ERR, "not a reserved port#"); + svcerr_weakauth(transp); + return; + } + ret = 1; + if (!IN6_ARE_ADDR_EQUAL(&sin6->sin6_addr, + &fromsin6->sin6_addr)) + ret = nfsbind_localhost(); + if (ret == 0 || !IN6_ARE_ADDR_EQUAL(&sin6->sin6_addr, + &fromsin6->sin6_addr)) { + if (inet_ntop(AF_INET6, &sin6->sin6_addr, buf, + INET6_ADDRSTRLEN) != NULL) + syslog(LOG_ERR, "bad from ip %s", buf); + else + syslog(LOG_ERR, "bad from ip6 addr"); + svcerr_weakauth(transp); + return; + } + break; +#endif /* INET6 */ + } } switch (rqstp->rq_proc) { case NULLPROC: @@ -714,6 +827,67 @@ cleanup_term(int signo __unused) exit(1); } exit(0); +} + +/* + * Get the IP address that the localhost address maps to. + * This is needed when jails map localhost to another IP address. + */ +static int +nfsbind_localhost(void) +{ +#ifdef INET + struct sockaddr_in sin; +#endif +#ifdef INET6 + struct sockaddr_in6 sin6; +#endif + socklen_t slen; + int ret, s; + + switch (fromip.ss_family) { +#ifdef INET6 + case AF_INET6: + s = socket(PF_INET6, SOCK_DGRAM, 0); + if (s < 0) + return (0); + memset(&sin6, 0, sizeof(sin6)); + sin6.sin6_len = sizeof(sin6); + sin6.sin6_family = AF_INET6; + sin6.sin6_addr = in6loopback; + sin6.sin6_port = 0; + ret = bind(s, (struct sockaddr *)&sin6, sizeof(sin6)); + if (ret < 0) { + close(s); + return (0); + } + break; +#endif /* INET6 */ +#ifdef INET + case AF_INET: + s = socket(PF_INET, SOCK_DGRAM, 0); + if (s < 0) + return (0); + memset(&sin, 0, sizeof(sin)); + sin.sin_len = sizeof(sin); + sin.sin_family = AF_INET; + sin.sin_addr.s_addr = htonl(INADDR_LOOPBACK); + sin.sin_port = 0; + ret = bind(s, (struct sockaddr *)&sin, sizeof(sin)); + if (ret < 0) { + close(s); + return (0); + } + break; +#endif /* INET */ + } + memset(&fromip, 0, sizeof(fromip)); + slen = sizeof(fromip); + ret = getsockname(s, (struct sockaddr *)&fromip, &slen); + close(s); + if (ret < 0) + return (0); + return (1); } static void From owner-svn-src-stable-10@freebsd.org Sun Apr 21 01:33:14 2019 Return-Path: Delivered-To: svn-src-stable-10@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B625C157C81C; Sun, 21 Apr 2019 01:33:14 +0000 (UTC) (envelope-from rmacklem@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 5B73A84AF3; Sun, 21 Apr 2019 01:33:14 +0000 (UTC) (envelope-from rmacklem@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 30FCB1E69E; Sun, 21 Apr 2019 01:33:14 +0000 (UTC) (envelope-from rmacklem@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id x3L1XDEm057293; Sun, 21 Apr 2019 01:33:13 GMT (envelope-from rmacklem@FreeBSD.org) Received: (from rmacklem@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id x3L1XDfi057292; Sun, 21 Apr 2019 01:33:13 GMT (envelope-from rmacklem@FreeBSD.org) Message-Id: <201904210133.x3L1XDfi057292@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: rmacklem set sender to rmacklem@FreeBSD.org using -f From: Rick Macklem Date: Sun, 21 Apr 2019 01:33:13 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r346468 - stable/10/usr.sbin/nfsuserd X-SVN-Group: stable-10 X-SVN-Commit-Author: rmacklem X-SVN-Commit-Paths: stable/10/usr.sbin/nfsuserd X-SVN-Commit-Revision: 346468 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 5B73A84AF3 X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-2.95 / 15.00]; local_wl_from(0.00)[FreeBSD.org]; NEURAL_HAM_MEDIUM(-1.00)[-0.999,0]; NEURAL_HAM_SHORT(-0.95)[-0.950,0]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US] X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 21 Apr 2019 01:33:14 -0000 Author: rmacklem Date: Sun Apr 21 01:33:13 2019 New Revision: 346468 URL: https://svnweb.freebsd.org/changeset/base/346468 Log: MFC: r345995 Delete the BUGS entry related to failing when jails are enabled. r345994 has finally fixed the bug that caused the nfsuserd(8) daemon to fail when jails were enabled, so delete the BUGS entry from the man page. Modified: stable/10/usr.sbin/nfsuserd/nfsuserd.8 Directory Properties: stable/10/ (props changed) Modified: stable/10/usr.sbin/nfsuserd/nfsuserd.8 ============================================================================== --- stable/10/usr.sbin/nfsuserd/nfsuserd.8 Sun Apr 21 01:25:27 2019 (r346467) +++ stable/10/usr.sbin/nfsuserd/nfsuserd.8 Sun Apr 21 01:33:13 2019 (r346468) @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd July 4, 2017 +.Dd April 6, 2019 .Dt NFSUSERD 8 .Os .Sh NAME @@ -126,9 +126,3 @@ those requests fail and the library functions don't re and .Xr passwd 5 for more information on how the databases are accessed. -.Pp -Since the kernel communicates with the -.Nm -daemon via an upcall that uses the IP address 127.0.0.1, it does not work correctly when -.Xr jail 8 -are used and can crash the system. From owner-svn-src-stable-10@freebsd.org Sun Apr 21 14:45:19 2019 Return-Path: Delivered-To: svn-src-stable-10@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0A0A7158EC2A; Sun, 21 Apr 2019 14:45:19 +0000 (UTC) (envelope-from rmacklem@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 98B5C7465F; Sun, 21 Apr 2019 14:45:18 +0000 (UTC) (envelope-from rmacklem@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 73B1026C9D; Sun, 21 Apr 2019 14:45:18 +0000 (UTC) (envelope-from rmacklem@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id x3LEjIdp072203; Sun, 21 Apr 2019 14:45:18 GMT (envelope-from rmacklem@FreeBSD.org) Received: (from rmacklem@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id x3LEjIet072202; Sun, 21 Apr 2019 14:45:18 GMT (envelope-from rmacklem@FreeBSD.org) Message-Id: <201904211445.x3LEjIet072202@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: rmacklem set sender to rmacklem@FreeBSD.org using -f From: Rick Macklem Date: Sun, 21 Apr 2019 14:45:18 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r346487 - stable/10/usr.sbin/nfsuserd X-SVN-Group: stable-10 X-SVN-Commit-Author: rmacklem X-SVN-Commit-Paths: stable/10/usr.sbin/nfsuserd X-SVN-Commit-Revision: 346487 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 98B5C7465F X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-2.96 / 15.00]; local_wl_from(0.00)[FreeBSD.org]; NEURAL_HAM_MEDIUM(-1.00)[-0.999,0]; NEURAL_HAM_SHORT(-0.96)[-0.960,0]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US] X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 21 Apr 2019 14:45:19 -0000 Author: rmacklem Date: Sun Apr 21 14:45:18 2019 New Revision: 346487 URL: https://svnweb.freebsd.org/changeset/base/346487 Log: Fix Makefile after r346467 merged incorrect include file. Modified: stable/10/usr.sbin/nfsuserd/Makefile Modified: stable/10/usr.sbin/nfsuserd/Makefile ============================================================================== --- stable/10/usr.sbin/nfsuserd/Makefile Sun Apr 21 10:33:09 2019 (r346486) +++ stable/10/usr.sbin/nfsuserd/Makefile Sun Apr 21 14:45:18 2019 (r346487) @@ -1,6 +1,6 @@ # $FreeBSD$ -.include +.include PROG= nfsuserd MAN= nfsuserd.8 From owner-svn-src-stable-10@freebsd.org Thu Apr 25 12:02:18 2019 Return-Path: Delivered-To: svn-src-stable-10@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 7CA131594EDE; Thu, 25 Apr 2019 12:02:18 +0000 (UTC) (envelope-from hselasky@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 2134181664; Thu, 25 Apr 2019 12:02:18 +0000 (UTC) (envelope-from hselasky@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id E2BEC23736; Thu, 25 Apr 2019 12:02:17 +0000 (UTC) (envelope-from hselasky@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id x3PC2HfK072475; Thu, 25 Apr 2019 12:02:17 GMT (envelope-from hselasky@FreeBSD.org) Received: (from hselasky@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id x3PC2HNJ072474; Thu, 25 Apr 2019 12:02:17 GMT (envelope-from hselasky@FreeBSD.org) Message-Id: <201904251202.x3PC2HNJ072474@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: hselasky set sender to hselasky@FreeBSD.org using -f From: Hans Petter Selasky Date: Thu, 25 Apr 2019 12:02:17 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r346669 - stable/10/sys/dev/usb/controller X-SVN-Group: stable-10 X-SVN-Commit-Author: hselasky X-SVN-Commit-Paths: stable/10/sys/dev/usb/controller X-SVN-Commit-Revision: 346669 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 2134181664 X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-2.98 / 15.00]; local_wl_from(0.00)[FreeBSD.org]; NEURAL_HAM_MEDIUM(-1.00)[-0.999,0]; NEURAL_HAM_SHORT(-0.98)[-0.976,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US]; NEURAL_HAM_LONG(-1.00)[-1.000,0] X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 25 Apr 2019 12:02:18 -0000 Author: hselasky Date: Thu Apr 25 12:02:17 2019 New Revision: 346669 URL: https://svnweb.freebsd.org/changeset/base/346669 Log: MFC r346229 and r346248: Fix spelling and remove superfluous USB keyword. Submitted by: Dmitry Luhtionov Sponsored by: Mellanox Technologies Modified: stable/10/sys/dev/usb/controller/ehci_pci.c Directory Properties: stable/10/ (props changed) Modified: stable/10/sys/dev/usb/controller/ehci_pci.c ============================================================================== --- stable/10/sys/dev/usb/controller/ehci_pci.c Thu Apr 25 12:01:11 2019 (r346668) +++ stable/10/sys/dev/usb/controller/ehci_pci.c Thu Apr 25 12:02:17 2019 (r346669) @@ -179,7 +179,7 @@ ehci_pci_match(device_t self) case 0x8d2d8086: return ("Intel Wellsburg USB 2.0 controller"); case 0x9c268086: - return ("Intel Lynx Point LP USB 2.0 controller USB"); + return ("Intel Lynx Point-LP USB 2.0 controller"); case 0x00e01033: return ("NEC uPD 72010x USB 2.0 controller"); From owner-svn-src-stable-10@freebsd.org Sat Apr 27 02:34:11 2019 Return-Path: Delivered-To: svn-src-stable-10@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 7002B15823B8; Sat, 27 Apr 2019 02:34:11 +0000 (UTC) (envelope-from rmacklem@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 332846ADFC; Sat, 27 Apr 2019 02:34:11 +0000 (UTC) (envelope-from rmacklem@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id D2BE61CB10; Sat, 27 Apr 2019 02:34:10 +0000 (UTC) (envelope-from rmacklem@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id x3R2YAW9009213; Sat, 27 Apr 2019 02:34:10 GMT (envelope-from rmacklem@FreeBSD.org) Received: (from rmacklem@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id x3R2YAJn009211; Sat, 27 Apr 2019 02:34:10 GMT (envelope-from rmacklem@FreeBSD.org) Message-Id: <201904270234.x3R2YAJn009211@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: rmacklem set sender to rmacklem@FreeBSD.org using -f From: Rick Macklem Date: Sat, 27 Apr 2019 02:34:10 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r346778 - stable/10/usr.sbin/nfsdumpstate X-SVN-Group: stable-10 X-SVN-Commit-Author: rmacklem X-SVN-Commit-Paths: stable/10/usr.sbin/nfsdumpstate X-SVN-Commit-Revision: 346778 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 332846ADFC X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-2.95 / 15.00]; local_wl_from(0.00)[FreeBSD.org]; NEURAL_HAM_MEDIUM(-1.00)[-0.996,0]; NEURAL_HAM_SHORT(-0.96)[-0.958,0]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US] X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 27 Apr 2019 02:34:11 -0000 Author: rmacklem Date: Sat Apr 27 02:34:10 2019 New Revision: 346778 URL: https://svnweb.freebsd.org/changeset/base/346778 Log: MFC: r346190 Fix nfsdumpstate(8) so that it can print out INET6 callback addresses. The patch adds support for printing of INET6 callback addresses. It also adds the #ifdef INET, INET6 as requested by bz@. Modified: stable/10/usr.sbin/nfsdumpstate/Makefile stable/10/usr.sbin/nfsdumpstate/nfsdumpstate.c Directory Properties: stable/10/ (props changed) Modified: stable/10/usr.sbin/nfsdumpstate/Makefile ============================================================================== --- stable/10/usr.sbin/nfsdumpstate/Makefile Sat Apr 27 02:33:49 2019 (r346777) +++ stable/10/usr.sbin/nfsdumpstate/Makefile Sat Apr 27 02:34:10 2019 (r346778) @@ -1,6 +1,15 @@ # $FreeBSD$ +.include + PROG= nfsdumpstate MAN= nfsdumpstate.8 + +.if ${MK_INET_SUPPORT} != "no" +CFLAGS+= -DINET +.endif +.if ${MK_INET6_SUPPORT} != "no" +CFLAGS+= -DINET6 +.endif .include Modified: stable/10/usr.sbin/nfsdumpstate/nfsdumpstate.c ============================================================================== --- stable/10/usr.sbin/nfsdumpstate/nfsdumpstate.c Sat Apr 27 02:33:49 2019 (r346777) +++ stable/10/usr.sbin/nfsdumpstate/nfsdumpstate.c Sat Apr 27 02:34:10 2019 (r346778) @@ -121,13 +121,14 @@ dump_openstate(void) { struct nfsd_dumplist dumplist; int cnt, i; + char nbuf[INET6_ADDRSTRLEN]; dumplist.ndl_size = DUMPSIZE; dumplist.ndl_list = (void *)dp; if (nfssvc(NFSSVC_DUMPCLIENTS, &dumplist) < 0) errx(1, "Can't perform dump clients syscall"); - printf("%-13s %9.9s %9.9s %9.9s %9.9s %9.9s %9.9s %-15s %s\n", + printf("%-13s %9.9s %9.9s %9.9s %9.9s %9.9s %9.9s %-45s %s\n", "Flags", "OpenOwner", "Open", "LockOwner", "Lock", "Deleg", "OldDeleg", "Clientaddr", "ClientID"); /* @@ -143,9 +144,23 @@ dump_openstate(void) dp[cnt].ndcl_nlocks, dp[cnt].ndcl_ndelegs, dp[cnt].ndcl_nolddelegs); - if (dp[cnt].ndcl_addrfam == AF_INET) - printf("%-15s ", + switch (dp[cnt].ndcl_addrfam) { +#ifdef INET + case AF_INET: + printf("%-45s ", inet_ntoa(dp[cnt].ndcl_cbaddr.sin_addr)); + break; +#endif +#ifdef INET6 + case AF_INET6: + if (inet_ntop(AF_INET6, &dp[cnt].ndcl_cbaddr.sin6_addr, + nbuf, sizeof(nbuf)) != NULL) + printf("%-45s ", nbuf); + else + printf("%-45s ", " "); + break; +#endif + } for (i = 0; i < dp[cnt].ndcl_clid.nclid_idlen; i++) printf("%02x", dp[cnt].ndcl_clid.nclid_id[i]); printf("\n"); From owner-svn-src-stable-10@freebsd.org Sat Apr 27 02:43:29 2019 Return-Path: Delivered-To: svn-src-stable-10@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 2BC0D1582752; Sat, 27 Apr 2019 02:43:29 +0000 (UTC) (envelope-from rmacklem@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id BCBE66B28F; Sat, 27 Apr 2019 02:43:28 +0000 (UTC) (envelope-from rmacklem@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id AA5591CCC8; Sat, 27 Apr 2019 02:43:28 +0000 (UTC) (envelope-from rmacklem@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id x3R2hSJN014209; Sat, 27 Apr 2019 02:43:28 GMT (envelope-from rmacklem@FreeBSD.org) Received: (from rmacklem@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id x3R2hSU2014207; Sat, 27 Apr 2019 02:43:28 GMT (envelope-from rmacklem@FreeBSD.org) Message-Id: <201904270243.x3R2hSU2014207@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: rmacklem set sender to rmacklem@FreeBSD.org using -f From: Rick Macklem Date: Sat, 27 Apr 2019 02:43:28 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r346779 - in stable/10/sys: fs/nfsserver modules/nfsd X-SVN-Group: stable-10 X-SVN-Commit-Author: rmacklem X-SVN-Commit-Paths: in stable/10/sys: fs/nfsserver modules/nfsd X-SVN-Commit-Revision: 346779 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: BCBE66B28F X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-2.96 / 15.00]; local_wl_from(0.00)[FreeBSD.org]; NEURAL_HAM_MEDIUM(-1.00)[-0.996,0]; NEURAL_HAM_SHORT(-0.96)[-0.961,0]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US] X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 27 Apr 2019 02:43:29 -0000 Author: rmacklem Date: Sat Apr 27 02:43:27 2019 New Revision: 346779 URL: https://svnweb.freebsd.org/changeset/base/346779 Log: MFC: r346191 Add support for INET6 addresses to the kernel code that dumps open/lock state. PR#223036 reported that INET6 callback addresses were not printed by nfsdumpstate(8). This kernel patch adds INET6 addresses to the dump structure, so that nfsdumpstate(8) can print them out, post-r346190. Modified: stable/10/sys/fs/nfsserver/nfs_nfsdserv.c stable/10/sys/fs/nfsserver/nfs_nfsdstate.c stable/10/sys/modules/nfsd/Makefile Directory Properties: stable/10/ (props changed) Modified: stable/10/sys/fs/nfsserver/nfs_nfsdserv.c ============================================================================== --- stable/10/sys/fs/nfsserver/nfs_nfsdserv.c Sat Apr 27 02:34:10 2019 (r346778) +++ stable/10/sys/fs/nfsserver/nfs_nfsdserv.c Sat Apr 27 02:43:27 2019 (r346779) @@ -34,6 +34,8 @@ #include __FBSDID("$FreeBSD$"); +#include "opt_inet.h" +#include "opt_inet6.h" /* * nfs version 2, 3 and 4 server calls to vnode ops * - these routines generally have 3 phases @@ -3426,8 +3428,16 @@ nfsrvd_setclientid(struct nfsrv_descript *nd, __unused int i; int error = 0, idlen; struct nfsclient *clp = NULL; - struct sockaddr_in *rad; - u_char *verf, *ucp, *ucp2, addrbuf[24]; +#ifdef INET + struct sockaddr_in *rin; +#endif +#ifdef INET6 + struct sockaddr_in6 *rin6; +#endif +#if defined(INET) || defined(INET6) + u_char *ucp, *ucp2; +#endif + u_char *verf, *addrbuf; nfsquad_t clientid, confirm; if ((nd->nd_flag & ND_NFSV41) != 0) { @@ -3454,8 +3464,9 @@ nfsrvd_setclientid(struct nfsrv_descript *nd, __unused clp->lc_stateid = malloc(sizeof(struct nfsstatehead) * nfsrv_statehashsize, M_NFSDCLIENT, M_WAITOK); NFSINITSOCKMUTEX(&clp->lc_req.nr_mtx); - NFSSOCKADDRALLOC(clp->lc_req.nr_nam); - NFSSOCKADDRSIZE(clp->lc_req.nr_nam, sizeof (struct sockaddr_in)); + /* Allocated large enough for an AF_INET or AF_INET6 socket. */ + clp->lc_req.nr_nam = malloc(sizeof(struct sockaddr_in6), M_SONAME, + M_WAITOK | M_ZERO); clp->lc_req.nr_cred = NULL; NFSBCOPY(verf, clp->lc_verf, NFSX_VERF); clp->lc_idlen = idlen; @@ -3497,17 +3508,46 @@ nfsrvd_setclientid(struct nfsrv_descript *nd, __unused */ nd->nd_repstat = nfsrv_setclient(nd, &clp, &clientid, &confirm, p); if (nd->nd_repstat == NFSERR_CLIDINUSE) { - if (clp->lc_flags & LCL_TCPCALLBACK) - (void) nfsm_strtom(nd, "tcp", 3); - else - (void) nfsm_strtom(nd, "udp", 3); - rad = NFSSOCKADDR(clp->lc_req.nr_nam, struct sockaddr_in *); - ucp = (u_char *)&rad->sin_addr.s_addr; - ucp2 = (u_char *)&rad->sin_port; - sprintf(addrbuf, "%d.%d.%d.%d.%d.%d", ucp[0] & 0xff, - ucp[1] & 0xff, ucp[2] & 0xff, ucp[3] & 0xff, - ucp2[0] & 0xff, ucp2[1] & 0xff); + /* + * 8 is the maximum length of the port# string. + */ + addrbuf = malloc(INET6_ADDRSTRLEN + 8, M_TEMP, M_WAITOK); + switch (clp->lc_req.nr_nam->sa_family) { +#ifdef INET + case AF_INET: + if (clp->lc_flags & LCL_TCPCALLBACK) + (void) nfsm_strtom(nd, "tcp", 3); + else + (void) nfsm_strtom(nd, "udp", 3); + rin = (struct sockaddr_in *)clp->lc_req.nr_nam; + ucp = (u_char *)&rin->sin_addr.s_addr; + ucp2 = (u_char *)&rin->sin_port; + sprintf(addrbuf, "%d.%d.%d.%d.%d.%d", ucp[0] & 0xff, + ucp[1] & 0xff, ucp[2] & 0xff, ucp[3] & 0xff, + ucp2[0] & 0xff, ucp2[1] & 0xff); + break; +#endif +#ifdef INET6 + case AF_INET6: + if (clp->lc_flags & LCL_TCPCALLBACK) + (void) nfsm_strtom(nd, "tcp6", 4); + else + (void) nfsm_strtom(nd, "udp6", 4); + rin6 = (struct sockaddr_in6 *)clp->lc_req.nr_nam; + ucp = inet_ntop(AF_INET6, &rin6->sin6_addr, addrbuf, + INET6_ADDRSTRLEN); + if (ucp != NULL) + i = strlen(ucp); + else + i = 0; + ucp2 = (u_char *)&rin6->sin6_port; + sprintf(&addrbuf[i], ".%d.%d", ucp2[0] & 0xff, + ucp2[1] & 0xff); + break; +#endif + } (void) nfsm_strtom(nd, addrbuf, strlen(addrbuf)); + free(addrbuf, M_TEMP); } if (clp) { NFSSOCKADDRFREE(clp->lc_req.nr_nam); @@ -3706,7 +3746,12 @@ nfsrvd_exchangeid(struct nfsrv_descript *nd, __unused uint32_t sp4type, v41flags; uint64_t owner_minor; struct timespec verstime; - struct sockaddr_in *sad, *rad; +#ifdef INET + struct sockaddr_in *sin, *rin; +#endif +#ifdef INET6 + struct sockaddr_in6 *sin6, *rin6; +#endif if (nfs_rootfhset == 0 || nfsd_checkrootexp(nd) != 0) { nd->nd_repstat = NFSERR_WRONGSEC; @@ -3728,15 +3773,31 @@ nfsrvd_exchangeid(struct nfsrv_descript *nd, __unused clp->lc_stateid = malloc(sizeof(struct nfsstatehead) * nfsrv_statehashsize, M_NFSDCLIENT, M_WAITOK); NFSINITSOCKMUTEX(&clp->lc_req.nr_mtx); - NFSSOCKADDRALLOC(clp->lc_req.nr_nam); - NFSSOCKADDRSIZE(clp->lc_req.nr_nam, sizeof (struct sockaddr_in)); - sad = NFSSOCKADDR(nd->nd_nam, struct sockaddr_in *); - rad = NFSSOCKADDR(clp->lc_req.nr_nam, struct sockaddr_in *); - rad->sin_family = AF_INET; - rad->sin_addr.s_addr = 0; - rad->sin_port = 0; - if (sad->sin_family == AF_INET) - rad->sin_addr.s_addr = sad->sin_addr.s_addr; + /* Allocated large enough for an AF_INET or AF_INET6 socket. */ + clp->lc_req.nr_nam = malloc(sizeof(struct sockaddr_in6), M_SONAME, + M_WAITOK | M_ZERO); + switch (nd->nd_nam->sa_family) { +#ifdef INET + case AF_INET: + rin = (struct sockaddr_in *)clp->lc_req.nr_nam; + sin = (struct sockaddr_in *)nd->nd_nam; + rin->sin_family = AF_INET; + rin->sin_len = sizeof(struct sockaddr_in); + rin->sin_port = 0; + rin->sin_addr.s_addr = sin->sin_addr.s_addr; + break; +#endif +#ifdef INET6 + case AF_INET6: + rin6 = (struct sockaddr_in6 *)clp->lc_req.nr_nam; + sin6 = (struct sockaddr_in6 *)nd->nd_nam; + rin6->sin6_family = AF_INET6; + rin6->sin6_len = sizeof(struct sockaddr_in6); + rin6->sin6_port = 0; + rin6->sin6_addr = sin6->sin6_addr; + break; +#endif + } clp->lc_req.nr_cred = NULL; NFSBCOPY(verf, clp->lc_verf, NFSX_VERF); clp->lc_idlen = idlen; Modified: stable/10/sys/fs/nfsserver/nfs_nfsdstate.c ============================================================================== --- stable/10/sys/fs/nfsserver/nfs_nfsdstate.c Sat Apr 27 02:34:10 2019 (r346778) +++ stable/10/sys/fs/nfsserver/nfs_nfsdstate.c Sat Apr 27 02:43:27 2019 (r346779) @@ -28,6 +28,8 @@ #include __FBSDID("$FreeBSD$"); +#include "opt_inet.h" +#include "opt_inet6.h" #ifndef APPLEKEXT #include @@ -187,7 +189,12 @@ nfsrv_setclient(struct nfsrv_descript *nd, struct nfsc struct nfsclient *clp = NULL, *new_clp = *new_clpp; int i, error = 0, ret; struct nfsstate *stp, *tstp; - struct sockaddr_in *sad, *rad; +#ifdef INET + struct sockaddr_in *sin, *rin; +#endif +#ifdef INET6 + struct sockaddr_in6 *sin6, *rin6; +#endif struct nfsdsession *sep, *nsep; int zapit = 0, gotit, hasstate = 0, igotlock; static u_int64_t confirm_index = 0; @@ -339,10 +346,24 @@ nfsrv_setclient(struct nfsrv_descript *nd, struct nfsc * If the uid doesn't match, return NFSERR_CLIDINUSE after * filling out the correct ipaddr and portnum. */ - sad = NFSSOCKADDR(new_clp->lc_req.nr_nam, struct sockaddr_in *); - rad = NFSSOCKADDR(clp->lc_req.nr_nam, struct sockaddr_in *); - sad->sin_addr.s_addr = rad->sin_addr.s_addr; - sad->sin_port = rad->sin_port; + switch (clp->lc_req.nr_nam->sa_family) { +#ifdef INET + case AF_INET: + sin = (struct sockaddr_in *)new_clp->lc_req.nr_nam; + rin = (struct sockaddr_in *)clp->lc_req.nr_nam; + sin->sin_addr.s_addr = rin->sin_addr.s_addr; + sin->sin_port = rin->sin_port; + break; +#endif +#ifdef INET6 + case AF_INET6: + sin6 = (struct sockaddr_in6 *)new_clp->lc_req.nr_nam; + rin6 = (struct sockaddr_in6 *)clp->lc_req.nr_nam; + sin6->sin6_addr = rin6->sin6_addr; + sin6->sin6_port = rin6->sin6_port; + break; +#endif + } NFSLOCKV4ROOTMUTEX(); nfsv4_unlock(&nfsv4rootfs_lock, 1); NFSUNLOCKV4ROOTMUTEX(); @@ -889,9 +910,13 @@ nfsrv_dumpaclient(struct nfsclient *clp, struct nfsd_d { struct nfsstate *stp, *openstp, *lckownstp; struct nfslock *lop; - struct sockaddr *sad; - struct sockaddr_in *rad; - struct sockaddr_in6 *rad6; + sa_family_t af; +#ifdef INET + struct sockaddr_in *rin; +#endif +#ifdef INET6 + struct sockaddr_in6 *rin6; +#endif dumpp->ndcl_nopenowners = dumpp->ndcl_nlockowners = 0; dumpp->ndcl_nopens = dumpp->ndcl_nlocks = 0; @@ -899,14 +924,21 @@ nfsrv_dumpaclient(struct nfsclient *clp, struct nfsd_d dumpp->ndcl_flags = clp->lc_flags; dumpp->ndcl_clid.nclid_idlen = clp->lc_idlen; NFSBCOPY(clp->lc_id, dumpp->ndcl_clid.nclid_id, clp->lc_idlen); - sad = NFSSOCKADDR(clp->lc_req.nr_nam, struct sockaddr *); - dumpp->ndcl_addrfam = sad->sa_family; - if (sad->sa_family == AF_INET) { - rad = (struct sockaddr_in *)sad; - dumpp->ndcl_cbaddr.sin_addr = rad->sin_addr; - } else { - rad6 = (struct sockaddr_in6 *)sad; - dumpp->ndcl_cbaddr.sin6_addr = rad6->sin6_addr; + af = clp->lc_req.nr_nam->sa_family; + dumpp->ndcl_addrfam = af; + switch (af) { +#ifdef INET + case AF_INET: + rin = (struct sockaddr_in *)clp->lc_req.nr_nam; + dumpp->ndcl_cbaddr.sin_addr = rin->sin_addr; + break; +#endif +#ifdef INET6 + case AF_INET6: + rin6 = (struct sockaddr_in6 *)clp->lc_req.nr_nam; + dumpp->ndcl_cbaddr.sin6_addr = rin6->sin6_addr; + break; +#endif } /* @@ -947,9 +979,13 @@ nfsrv_dumplocks(vnode_t vp, struct nfsd_dumplocks *ldu struct nfslock *lop; int cnt = 0; struct nfslockfile *lfp; - struct sockaddr *sad; - struct sockaddr_in *rad; - struct sockaddr_in6 *rad6; + sa_family_t af; +#ifdef INET + struct sockaddr_in *rin; +#endif +#ifdef INET6 + struct sockaddr_in6 *rin6; +#endif int ret; fhandle_t nfh; @@ -991,14 +1027,22 @@ nfsrv_dumplocks(vnode_t vp, struct nfsd_dumplocks *ldu ldumpp[cnt].ndlck_clid.nclid_idlen = stp->ls_clp->lc_idlen; NFSBCOPY(stp->ls_clp->lc_id, ldumpp[cnt].ndlck_clid.nclid_id, stp->ls_clp->lc_idlen); - sad=NFSSOCKADDR(stp->ls_clp->lc_req.nr_nam, struct sockaddr *); - ldumpp[cnt].ndlck_addrfam = sad->sa_family; - if (sad->sa_family == AF_INET) { - rad = (struct sockaddr_in *)sad; - ldumpp[cnt].ndlck_cbaddr.sin_addr = rad->sin_addr; - } else { - rad6 = (struct sockaddr_in6 *)sad; - ldumpp[cnt].ndlck_cbaddr.sin6_addr = rad6->sin6_addr; + af = stp->ls_clp->lc_req.nr_nam->sa_family; + ldumpp[cnt].ndlck_addrfam = af; + switch (af) { +#ifdef INET + case AF_INET: + rin = (struct sockaddr_in *)stp->ls_clp->lc_req.nr_nam; + ldumpp[cnt].ndlck_cbaddr.sin_addr = rin->sin_addr; + break; +#endif +#ifdef INET6 + case AF_INET6: + rin6 = (struct sockaddr_in6 *) + stp->ls_clp->lc_req.nr_nam; + ldumpp[cnt].ndlck_cbaddr.sin6_addr = rin6->sin6_addr; + break; +#endif } stp = LIST_NEXT(stp, ls_file); cnt++; @@ -1023,14 +1067,22 @@ nfsrv_dumplocks(vnode_t vp, struct nfsd_dumplocks *ldu ldumpp[cnt].ndlck_clid.nclid_idlen = stp->ls_clp->lc_idlen; NFSBCOPY(stp->ls_clp->lc_id, ldumpp[cnt].ndlck_clid.nclid_id, stp->ls_clp->lc_idlen); - sad=NFSSOCKADDR(stp->ls_clp->lc_req.nr_nam, struct sockaddr *); - ldumpp[cnt].ndlck_addrfam = sad->sa_family; - if (sad->sa_family == AF_INET) { - rad = (struct sockaddr_in *)sad; - ldumpp[cnt].ndlck_cbaddr.sin_addr = rad->sin_addr; - } else { - rad6 = (struct sockaddr_in6 *)sad; - ldumpp[cnt].ndlck_cbaddr.sin6_addr = rad6->sin6_addr; + af = stp->ls_clp->lc_req.nr_nam->sa_family; + ldumpp[cnt].ndlck_addrfam = af; + switch (af) { +#ifdef INET + case AF_INET: + rin = (struct sockaddr_in *)stp->ls_clp->lc_req.nr_nam; + ldumpp[cnt].ndlck_cbaddr.sin_addr = rin->sin_addr; + break; +#endif +#ifdef INET6 + case AF_INET6: + rin6 = (struct sockaddr_in6 *) + stp->ls_clp->lc_req.nr_nam; + ldumpp[cnt].ndlck_cbaddr.sin6_addr = rin6->sin6_addr; + break; +#endif } lop = LIST_NEXT(lop, lo_lckfile); cnt++; @@ -1050,14 +1102,22 @@ nfsrv_dumplocks(vnode_t vp, struct nfsd_dumplocks *ldu ldumpp[cnt].ndlck_clid.nclid_idlen = stp->ls_clp->lc_idlen; NFSBCOPY(stp->ls_clp->lc_id, ldumpp[cnt].ndlck_clid.nclid_id, stp->ls_clp->lc_idlen); - sad=NFSSOCKADDR(stp->ls_clp->lc_req.nr_nam, struct sockaddr *); - ldumpp[cnt].ndlck_addrfam = sad->sa_family; - if (sad->sa_family == AF_INET) { - rad = (struct sockaddr_in *)sad; - ldumpp[cnt].ndlck_cbaddr.sin_addr = rad->sin_addr; - } else { - rad6 = (struct sockaddr_in6 *)sad; - ldumpp[cnt].ndlck_cbaddr.sin6_addr = rad6->sin6_addr; + af = stp->ls_clp->lc_req.nr_nam->sa_family; + ldumpp[cnt].ndlck_addrfam = af; + switch (af) { +#ifdef INET + case AF_INET: + rin = (struct sockaddr_in *)stp->ls_clp->lc_req.nr_nam; + ldumpp[cnt].ndlck_cbaddr.sin_addr = rin->sin_addr; + break; +#endif +#ifdef INET6 + case AF_INET6: + rin6 = (struct sockaddr_in6 *) + stp->ls_clp->lc_req.nr_nam; + ldumpp[cnt].ndlck_cbaddr.sin6_addr = rin6->sin6_addr; + break; +#endif } stp = LIST_NEXT(stp, ls_file); cnt++; @@ -3907,9 +3967,15 @@ nfsrv_getclientipaddr(struct nfsrv_descript *nd, struc { u_int32_t *tl; u_char *cp, *cp2; - int i, j; - struct sockaddr_in *rad, *sad; - u_char protocol[5], addr[24]; + int i, j, maxalen = 0, minalen = 0; + sa_family_t af; +#ifdef INET + struct sockaddr_in *rin, *sin; +#endif +#ifdef INET6 + struct sockaddr_in6 *rin6, *sin6; +#endif + u_char *addr; int error = 0, cantparse = 0; union { in_addr_t ival; @@ -3920,27 +3986,44 @@ nfsrv_getclientipaddr(struct nfsrv_descript *nd, struc u_char cval[2]; } port; - rad = NFSSOCKADDR(clp->lc_req.nr_nam, struct sockaddr_in *); - rad->sin_family = AF_INET; - rad->sin_len = sizeof (struct sockaddr_in); - rad->sin_addr.s_addr = 0; - rad->sin_port = 0; + /* 8 is the maximum length of the port# string. */ + addr = malloc(INET6_ADDRSTRLEN + 8, M_TEMP, M_WAITOK); clp->lc_req.nr_client = NULL; clp->lc_req.nr_lock = 0; + af = AF_UNSPEC; NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED); i = fxdr_unsigned(int, *tl); if (i >= 3 && i <= 4) { - error = nfsrv_mtostr(nd, protocol, i); + error = nfsrv_mtostr(nd, addr, i); if (error) goto nfsmout; - if (!strcmp(protocol, "tcp")) { +#ifdef INET + if (!strcmp(addr, "tcp")) { clp->lc_flags |= LCL_TCPCALLBACK; clp->lc_req.nr_sotype = SOCK_STREAM; clp->lc_req.nr_soproto = IPPROTO_TCP; - } else if (!strcmp(protocol, "udp")) { + af = AF_INET; + } else if (!strcmp(addr, "udp")) { clp->lc_req.nr_sotype = SOCK_DGRAM; clp->lc_req.nr_soproto = IPPROTO_UDP; - } else { + af = AF_INET; + } +#endif +#ifdef INET6 + if (af == AF_UNSPEC) { + if (!strcmp(addr, "tcp6")) { + clp->lc_flags |= LCL_TCPCALLBACK; + clp->lc_req.nr_sotype = SOCK_STREAM; + clp->lc_req.nr_soproto = IPPROTO_TCP; + af = AF_INET6; + } else if (!strcmp(addr, "udp6")) { + clp->lc_req.nr_sotype = SOCK_DGRAM; + clp->lc_req.nr_soproto = IPPROTO_UDP; + af = AF_INET6; + } + } +#endif + if (af == AF_UNSPEC) { cantparse = 1; } } else { @@ -3951,6 +4034,36 @@ nfsrv_getclientipaddr(struct nfsrv_descript *nd, struc goto nfsmout; } } + /* + * The caller has allocated clp->lc_req.nr_nam to be large enough + * for either AF_INET or AF_INET6 and zeroed out the contents. + * maxalen is set to the maximum length of the host IP address string + * plus 8 for the maximum length of the port#. + * minalen is set to the minimum length of the host IP address string + * plus 4 for the minimum length of the port#. + * These lengths do not include NULL termination, + * so INET[6]_ADDRSTRLEN - 1 is used in the calculations. + */ + switch (af) { +#ifdef INET + case AF_INET: + rin = (struct sockaddr_in *)clp->lc_req.nr_nam; + rin->sin_family = AF_INET; + rin->sin_len = sizeof(struct sockaddr_in); + maxalen = INET_ADDRSTRLEN - 1 + 8; + minalen = 7 + 4; + break; +#endif +#ifdef INET6 + case AF_INET6: + rin6 = (struct sockaddr_in6 *)clp->lc_req.nr_nam; + rin6->sin6_family = AF_INET6; + rin6->sin6_len = sizeof(struct sockaddr_in6); + maxalen = INET6_ADDRSTRLEN - 1 + 8; + minalen = 3 + 4; + break; +#endif + } NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED); i = fxdr_unsigned(int, *tl); if (i < 0) { @@ -3958,18 +4071,43 @@ nfsrv_getclientipaddr(struct nfsrv_descript *nd, struc goto nfsmout; } else if (i == 0) { cantparse = 1; - } else if (!cantparse && i <= 23 && i >= 11) { + } else if (!cantparse && i <= maxalen && i >= minalen) { error = nfsrv_mtostr(nd, addr, i); if (error) goto nfsmout; /* * Parse out the address fields. We expect 6 decimal numbers - * separated by '.'s. + * separated by '.'s for AF_INET and two decimal numbers + * preceeded by '.'s for AF_INET6. */ - cp = addr; - i = 0; - while (*cp && i < 6) { + cp = NULL; + switch (af) { +#ifdef INET6 + /* + * For AF_INET6, first parse the host address. + */ + case AF_INET6: + cp = strchr(addr, '.'); + if (cp != NULL) { + *cp++ = '\0'; + if (inet_pton(af, addr, &rin6->sin6_addr) == 1) + i = 4; + else { + cp = NULL; + cantparse = 1; + } + } + break; +#endif +#ifdef INET + case AF_INET: + cp = addr; + i = 0; + break; +#endif + } + while (cp != NULL && *cp && i < 6) { cp2 = cp; while (*cp2 && *cp2 != '.') cp2++; @@ -3993,11 +4131,30 @@ nfsrv_getclientipaddr(struct nfsrv_descript *nd, struc i++; } if (!cantparse) { - if (ip.ival != 0x0) { - rad->sin_addr.s_addr = htonl(ip.ival); - rad->sin_port = htons(port.sval); - } else { - cantparse = 1; + /* + * The host address INADDR_ANY is (mis)used to indicate + * "there is no valid callback address". + */ + switch (af) { +#ifdef INET6 + case AF_INET6: + if (!IN6_ARE_ADDR_EQUAL(&rin6->sin6_addr, + &in6addr_any)) + rin6->sin6_port = htons(port.sval); + else + cantparse = 1; + break; +#endif +#ifdef INET + case AF_INET: + if (ip.ival != INADDR_ANY) { + rin->sin_addr.s_addr = htonl(ip.ival); + rin->sin_port = htons(port.sval); + } else { + cantparse = 1; + } + break; +#endif } } } else { @@ -4009,14 +4166,32 @@ nfsrv_getclientipaddr(struct nfsrv_descript *nd, struc } } if (cantparse) { - sad = NFSSOCKADDR(nd->nd_nam, struct sockaddr_in *); - if (sad->sin_family == AF_INET) { - rad->sin_addr.s_addr = sad->sin_addr.s_addr; - rad->sin_port = 0x0; + switch (nd->nd_nam->sa_family) { +#ifdef INET + case AF_INET: + sin = (struct sockaddr_in *)nd->nd_nam; + rin = (struct sockaddr_in *)clp->lc_req.nr_nam; + rin->sin_family = AF_INET; + rin->sin_len = sizeof(struct sockaddr_in); + rin->sin_addr.s_addr = sin->sin_addr.s_addr; + rin->sin_port = 0x0; + break; +#endif +#ifdef INET6 + case AF_INET6: + sin6 = (struct sockaddr_in6 *)nd->nd_nam; + rin6 = (struct sockaddr_in6 *)clp->lc_req.nr_nam; + rin6->sin6_family = AF_INET6; + rin6->sin6_len = sizeof(struct sockaddr_in6); + rin6->sin6_addr = sin6->sin6_addr; + rin6->sin6_port = 0x0; + break; +#endif } clp->lc_program = 0; } nfsmout: + free(addr, M_TEMP); NFSEXITCODE2(error, nd); return (error); } Modified: stable/10/sys/modules/nfsd/Makefile ============================================================================== --- stable/10/sys/modules/nfsd/Makefile Sat Apr 27 02:34:10 2019 (r346778) +++ stable/10/sys/modules/nfsd/Makefile Sat Apr 27 02:43:27 2019 (r346779) @@ -14,6 +14,7 @@ SRCS= vnode_if.h \ nfs_nfsdport.c \ opt_ufs.h \ opt_nfs.h \ + opt_inet.h \ opt_inet6.h \ opt_kgssapi.h