diff --git a/Makefile.am b/Makefile.am
index c99566d..ea5725f 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -13,7 +13,7 @@ AM_CPPFLAGS = \
$(TIRPC_CFLAGS)
if DEBUG
-AM_CPPFLAGS += -DRPCBIND_DEBUG -DSVC_RUN_DEBUG -DDEBUG_RMTCALL
+AM_CPPFLAGS += -DRPCBIND_DEBUG -DDEBUG_RMTCALL
AM_CPPFLAGS += -DND_DEBUG -DBIND_DEBUG
endif
diff --git a/configure.ac b/configure.ac
index 75e7e71..27496c7 100644
--- a/configure.ac
+++ b/configure.ac
@@ -55,4 +55,6 @@ AS_IF([test x$enable_libwrap = xyes], [
AC_SEARCH_LIBS([pthread_create], [pthread])
+AC_CHECK_HEADERS(nss.h)
+
AC_OUTPUT([Makefile])
diff --git a/src/rpcbind.c b/src/rpcbind.c
index f7c71ee..35c45f5 100644
--- a/src/rpcbind.c
+++ b/src/rpcbind.c
@@ -50,6 +50,7 @@
#include <sys/file.h>
#include <sys/socket.h>
#include <sys/un.h>
+#include <netinet/in.h>
#include <rpc/rpc.h>
#include <rpc/rpc_com.h>
#ifdef PORTMAP
@@ -268,6 +269,13 @@ main(int argc, char *argv[])
network_init();
+#ifdef SYSTEMD
+ /* Try to notify system of successful startup, regardless of whether we
+ * used systemd socket activation or not. When started from the command
+ * line, this should not hurt either.
+ */
+ sd_notify(0, "READY=1");
+#endif
my_svc_run();
syslog(LOG_ERR, "svc_run returned unexpectedly");
rpcbind_abort();
@@ -277,6 +285,31 @@ main(int argc, char *argv[])
}
/*
+ * Normally systemd will open sockets in dual ipv4/ipv6 mode.
+ * That won't work with netconfig and we'll only match
+ * the ipv6 socket. Convert it to IPV6_V6ONLY and issue
+ * a warning for the user to fix their systemd config.
+ */
+static int
+handle_ipv6_socket(int fd)
+{
+ int opt;
+ socklen_t len = sizeof(opt);
+
+ if (getsockopt(fd, IPPROTO_IPV6, IPV6_V6ONLY, &opt, &len)) {
+ syslog(LOG_ERR, "failed to get ipv6 socket opts: %m");
+ return -1;
+ }
+
+ if (opt) /* socket is already in V6ONLY mode */
+ return 0;
+
+ syslog(LOG_ERR, "systemd has passed an IPv4/IPv6 dual-mode socket.");
+ syslog(LOG_ERR, "Please fix your systemd config by specifying IPv4 and IPv6 sockets separately and using BindIPv6Only=ipv6-only.");
+ return -1;
+}
+
+/*
* Adds the entry into the rpcbind database.
* If PORTMAP, then for UDP and TCP, it adds the entries for version 2 also
* Returns 0 if succeeds, else fails
@@ -361,6 +394,9 @@ init_transport(struct netconfig *nconf)
goto error;
}
+ if (sa.sa.sa_family == AF_INET6 && handle_ipv6_socket(fd))
+ goto error;
+
/* Copy the address */
taddr.addr.maxlen = taddr.addr.len = addrlen;
taddr.addr.buf = malloc(addrlen);
@@ -389,18 +425,6 @@ init_transport(struct netconfig *nconf)
if (my_xprt != NULL)
goto got_socket;
- /*
- * XXX - using RPC library internal functions. For NC_TPI_CLTS
- * we call this later, for each socket we like to bind.
- */
- if (nconf->nc_semantics != NC_TPI_CLTS) {
- if ((fd = __rpc_nconf2fd(nconf)) < 0) {
- syslog(LOG_ERR, "cannot create socket for %s",
- nconf->nc_netid);
- return (1);
- }
- }
-
if ((strcmp(nconf->nc_netid, "local") == 0) ||
(strcmp(nconf->nc_netid, "unix") == 0)) {
memset(&sun, 0, sizeof sun);
@@ -451,11 +475,13 @@ init_transport(struct netconfig *nconf)
nconf->nc_netid);
return (1);
}
+
+ hints.ai_flags &= ~AI_NUMERICHOST;
switch (hints.ai_family) {
case AF_INET:
if (inet_pton(AF_INET, hosts[nhostsbak],
host_addr) == 1) {
- hints.ai_flags &= AI_NUMERICHOST;
+ hints.ai_flags |= AI_NUMERICHOST;
} else {
/*
* Skip if we have an AF_INET6 adress.
@@ -468,7 +494,7 @@ init_transport(struct netconfig *nconf)
case AF_INET6:
if (inet_pton(AF_INET6, hosts[nhostsbak],
host_addr) == 1) {
- hints.ai_flags &= AI_NUMERICHOST;
+ hints.ai_flags |= AI_NUMERICHOST;
} else {
/*
* Skip if we have an AF_INET adress.
@@ -561,6 +587,12 @@ init_transport(struct netconfig *nconf)
if (!checkbind)
return 1;
} else { /* NC_TPI_COTS */
+ if ((fd = __rpc_nconf2fd(nconf)) < 0) {
+ syslog(LOG_ERR, "cannot create socket for %s",
+ nconf->nc_netid);
+ return (1);
+ }
+
if ((strcmp(nconf->nc_netid, "local") != 0) &&
(strcmp(nconf->nc_netid, "unix") != 0)) {
if ((aicode = getaddrinfo(NULL, servname, &hints, &res))!= 0) {
diff --git a/src/rpcinfo.c b/src/rpcinfo.c
index 747eba3..9b46864 100644
--- a/src/rpcinfo.c
+++ b/src/rpcinfo.c
@@ -115,10 +115,8 @@ struct rpcbdump_short
#ifdef PORTMAP
static void ip_ping (u_short, char *, int, char **);
-static CLIENT *clnt_com_create (struct sockaddr_in *, u_long, u_long, int *,
- char *);
static void pmapdump (int, char **);
-static void get_inet_address (struct sockaddr_in *, char *);
+static CLIENT *ip_getclient(const char *hostname, rpcprog_t prognum, rpcvers_t versnum, const char *proto);
#endif
static bool_t reply_proc (void *, struct netbuf *, struct netconfig *);
@@ -356,38 +354,17 @@ local_rpcb (rpcprog_t prog, rpcvers_t vers)
}
#ifdef PORTMAP
-static CLIENT *
-clnt_com_create (addr, prog, vers, fdp, trans)
- struct sockaddr_in *addr;
- u_long prog;
- u_long vers;
- int *fdp;
- char *trans;
+static enum clnt_stat
+ip_ping_one(client, vers)
+ CLIENT *client;
+ u_int32_t vers;
{
- CLIENT *clnt;
-
- if (strcmp (trans, "tcp") == 0)
- {
- clnt = clnttcp_create (addr, prog, vers, fdp, 0, 0);
- }
- else
- {
- struct timeval to;
+ struct timeval to = { .tv_sec = 10, .tv_usec = 0 };
- to.tv_sec = 5;
- to.tv_usec = 0;
- clnt = clntudp_create (addr, prog, vers, to, fdp);
- }
- if (clnt == (CLIENT *) NULL)
- {
- clnt_pcreateerror ("rpcinfo");
- if (vers == MIN_VERS)
- printf ("program %lu is not available\n", prog);
- else
- printf ("program %lu version %lu is not available\n", prog, vers);
- exit (1);
- }
- return (clnt);
+ (void) CLNT_CONTROL (client, CLSET_VERS, &vers);
+ return CLNT_CALL (client, NULLPROC, (xdrproc_t) xdr_void,
+ (char *) NULL, (xdrproc_t) xdr_void, (char *) NULL,
+ to);
}
/*
@@ -398,17 +375,15 @@ clnt_com_create (addr, prog, vers, fdp, trans)
* version 0 calls succeeds, it tries for MAXVERS call and repeats the same.
*/
static void
-ip_ping (portnum, trans, argc, argv)
+ip_ping (portnum, proto, argc, argv)
u_short portnum;
- char *trans;
+ char *proto;
int argc;
char **argv;
{
CLIENT *client;
- int fd = RPC_ANYFD;
- struct timeval to;
- struct sockaddr_in addr;
enum clnt_stat rpc_stat;
+ const char *hostname;
u_long prognum, vers, minvers, maxvers;
struct rpc_err rpcerr;
int failure = 0;
@@ -418,10 +393,9 @@ ip_ping (portnum, trans, argc, argv)
usage ();
exit (1);
}
- to.tv_sec = 10;
- to.tv_usec = 0;
+
+ hostname = argv[0];
prognum = getprognum (argv[1]);
- get_inet_address (&addr, argv[0]);
if (argc == 2)
{ /* Version number not known */
/*
@@ -434,11 +408,10 @@ ip_ping (portnum, trans, argc, argv)
{
vers = getvers (argv[2]);
}
- addr.sin_port = htons (portnum);
- client = clnt_com_create (&addr, prognum, vers, &fd, trans);
- rpc_stat = CLNT_CALL (client, NULLPROC, (xdrproc_t) xdr_void,
- (char *) NULL, (xdrproc_t) xdr_void, (char *) NULL,
- to);
+
+ client = ip_getclient(hostname, prognum, vers, proto);
+
+ rpc_stat = ip_ping_one(client, vers);
if (argc != 2)
{
/* Version number was known */
@@ -447,8 +420,8 @@ ip_ping (portnum, trans, argc, argv)
(void) CLNT_DESTROY (client);
return;
}
+
/* Version number not known */
- (void) CLNT_CONTROL (client, CLSET_FD_NCLOSE, (char *) NULL);
if (rpc_stat == RPC_PROGVERSMISMATCH)
{
clnt_geterr (client, &rpcerr);
@@ -461,12 +434,7 @@ ip_ping (portnum, trans, argc, argv)
* Oh dear, it DOES support version 0.
* Let's try version MAX_VERS.
*/
- (void) CLNT_DESTROY (client);
- addr.sin_port = htons (portnum);
- client = clnt_com_create (&addr, prognum, MAX_VERS, &fd, trans);
- rpc_stat = CLNT_CALL (client, NULLPROC, (xdrproc_t) xdr_void,
- (char *) NULL, (xdrproc_t) xdr_void,
- (char *) NULL, to);
+ rpc_stat = ip_ping_one(client, MAX_VERS);
if (rpc_stat == RPC_PROGVERSMISMATCH)
{
clnt_geterr (client, &rpcerr);
@@ -495,21 +463,15 @@ ip_ping (portnum, trans, argc, argv)
(void) pstatus (client, prognum, (u_long) 0);
exit (1);
}
- (void) CLNT_DESTROY (client);
for (vers = minvers; vers <= maxvers; vers++)
{
- addr.sin_port = htons (portnum);
- client = clnt_com_create (&addr, prognum, vers, &fd, trans);
- rpc_stat = CLNT_CALL (client, NULLPROC, (xdrproc_t) xdr_void,
- (char *) NULL, (xdrproc_t) xdr_void,
- (char *) NULL, to);
+ rpc_stat = ip_ping_one(client, vers);
if (pstatus (client, prognum, vers) < 0)
failure = 1;
- (void) CLNT_DESTROY (client);
}
if (failure)
exit (1);
- (void) close (fd);
+ (void) CLNT_DESTROY (client);
return;
}
@@ -521,9 +483,7 @@ pmapdump (argc, argv)
int argc;
char **argv;
{
- struct sockaddr_in server_addr;
struct pmaplist *head = NULL;
- int socket = RPC_ANYSOCK;
struct timeval minutetimeout;
register CLIENT *client;
struct rpcent *rpc;
@@ -539,10 +499,13 @@ pmapdump (argc, argv)
if (argc == 1)
{
host = argv[0];
- get_inet_address (&server_addr, host);
- server_addr.sin_port = htons (PMAPPORT);
- client = clnttcp_create (&server_addr, PMAPPROG, PMAPVERS,
- &socket, 50, 500);
+
+ /* This is a little bit more complicated than it should be.
+ * ip_getclient will do an rpcb_getaddr call to identify the
+ * port of the portmapper - but it works, and it's easier than
+ * creating a copy of ip_getclient that avoids the getaddr call.
+ */
+ client = ip_getclient(host, PMAPPROG, PMAPVERS, "tcp");
}
else
client = local_rpcb (PMAPPROG, PMAPVERS);
@@ -609,48 +572,74 @@ pmapdump (argc, argv)
}
}
-static void
-get_inet_address (addr, host)
- struct sockaddr_in *addr;
- char *host;
+/*
+ * Try to obtain the address of a given host/program/version, using the
+ * specified protocol (one of udp or tcp).
+ * This loops over all netconfig entries (according to the order given by
+ * netpath and the config file), and tries to resolve the hostname, and obtain
+ * the address using rpcb_getaddr.
+ */
+CLIENT *
+ip_getclient(hostname, prognum, versnum, proto)
+ const char *hostname;
+ rpcprog_t prognum;
+ rpcvers_t versnum;
+ const char *proto;
{
- struct netconfig *nconf;
- struct addrinfo hints, *res;
- int error;
+ void *handle;
+ enum clnt_stat saved_stat = RPC_SUCCESS;
+ struct netconfig *nconf, *result = NULL;
+ struct netbuf bind_address;
+ struct sockaddr_storage __sa;
+ CLIENT *client;
+
+ memset(&bind_address, 0, sizeof(bind_address));
+ bind_address.maxlen = sizeof(__sa);
+ bind_address.buf = &__sa;
- (void) memset ((char *) addr, 0, sizeof (*addr));
- addr->sin_addr.s_addr = inet_addr (host);
- if (addr->sin_addr.s_addr == -1 || addr->sin_addr.s_addr == 0)
+ handle = setnetconfig();
+ while ((nconf = getnetconfig(handle)) != NULL)
{
- if ((nconf = __rpc_getconfip ("udp")) == NULL &&
- (nconf = __rpc_getconfip ("tcp")) == NULL)
- {
- fprintf (stderr, "rpcinfo: couldn't find a suitable transport\n");
- exit (1);
- }
+ if (!strcmp(nconf->nc_proto, proto)) {
+ if (rpcb_getaddr(prognum, versnum, nconf, &bind_address, hostname))
+ {
+ result = getnetconfigent(nconf->nc_netid);
+ endnetconfig(handle);
+ break;
+ }
+
+ if (rpc_createerr.cf_stat != RPC_UNKNOWNHOST)
+ {
+ clnt_pcreateerror (hostname);
+ exit (1);
+ }
+
+ saved_stat = rpc_createerr.cf_stat;
+ }
+ }
+
+ if (result == NULL)
+ {
+ if (saved_stat != RPC_SUCCESS)
+ {
+ rpc_createerr.cf_stat = saved_stat;
+ clnt_pcreateerror (hostname);
+ }
else
- {
- memset (&hints, 0, sizeof hints);
- hints.ai_family = AF_INET;
- if ((error = getaddrinfo (host, "rpcbind", &hints, &res)) != 0 &&
- (error = getaddrinfo (host, "portmapper", &hints, &res)) != 0)
- {
- fprintf (stderr, "rpcinfo: %s: %s\n",
- host, gai_strerror (error));
- exit (1);
- }
- else
- {
- memcpy (addr, res->ai_addr, res->ai_addrlen);
- freeaddrinfo (res);
- }
- (void) freenetconfigent (nconf);
- }
+ fprintf (stderr, "Cannot find suitable transport for protocol %s\n", proto);
+
+ exit (1);
}
- else
+
+ client = clnt_tli_create(RPC_ANYFD, result, &bind_address, prognum, versnum, 0, 0);
+ if (client == NULL)
{
- addr->sin_family = AF_INET;
+ clnt_pcreateerror(hostname);
+ exit (1);
}
+
+ freenetconfigent(result);
+ return client;
}
#endif /* PORTMAP */
diff --git a/src/util.c b/src/util.c
index 7d56479..a6c835b 100644
--- a/src/util.c
+++ b/src/util.c
@@ -71,9 +71,6 @@ static struct sockaddr_in6 *local_in6;
#endif
static int bitmaskcmp __P((void *, void *, void *, int));
-#ifdef INET6
-static void in6_fillscopeid __P((struct sockaddr_in6 *));
-#endif
/*
* For all bits set in "mask", compare the corresponding bits in
@@ -93,28 +90,6 @@ bitmaskcmp(void *dst, void *src, void *mask, int bytelen)
}
/*
- * Similar to code in ifconfig.c. Fill in the scope ID for link-local
- * addresses returned by getifaddrs().
- */
-#ifdef INET6
-static void
-in6_fillscopeid(struct sockaddr_in6 *sin6)
-{
- u_int16_t ifindex;
- u_int16_t *addr;
-
- if (IN6_IS_ADDR_LINKLOCAL(&sin6->sin6_addr)) {
- addr = (u_int16_t *)&sin6->sin6_addr.s6_addr[2];
- ifindex = ntohs(*addr);
- if (sin6->sin6_scope_id == 0 && ifindex != 0) {
- sin6->sin6_scope_id = ifindex;
- *addr = 0;
- }
- }
-}
-#endif
-
-/*
* Find a server address that can be used by `caller' to contact
* the local service specified by `serv_uaddr'. If `clnt_uaddr' is
* non-NULL, it is used instead of `caller' as a hint suggesting
@@ -211,7 +186,6 @@ addrmerge(struct netbuf *caller, char *serv_uaddr, char *clnt_uaddr,
* a link-local address then use the scope id to see
* which one.
*/
- in6_fillscopeid(SA2SIN6(ifsa));
if (IN6_IS_ADDR_LINKLOCAL(&SA2SIN6ADDR(ifsa)) &&
IN6_IS_ADDR_LINKLOCAL(&SA2SIN6ADDR(caller_sa)) &&
IN6_IS_ADDR_LINKLOCAL(&SA2SIN6ADDR(hint_sa))) {
diff --git a/src/warmstart.c b/src/warmstart.c
index d1bb971..b6eb73e 100644
--- a/src/warmstart.c
+++ b/src/warmstart.c
@@ -101,14 +101,15 @@ read_struct(char *filename, xdrproc_t structproc, void *list)
{
FILE *fp;
XDR xdrs;
-
+
if (debugging)
fprintf(stderr, "rpcbind: using '%s' startup file\n", filename);
if ((fp = fopen(filename, "r")) == NULL) {
- syslog(LOG_ERR,
- "Cannot open '%s' file for reading, errno %d (%s)",
- filename, errno, strerror(errno));
+ if (errno != ENOENT)
+ syslog(LOG_ERR,
+ "Cannot open '%s' file for reading, errno %d (%s)",
+ filename, errno, strerror(errno));
goto error;
}