1 /* $OpenBSD: krpc_subr.c,v 1.32 2017/09/01 15:05:31 mpi Exp $ */ 2 /* $NetBSD: krpc_subr.c,v 1.12.4.1 1996/06/07 00:52:26 cgd Exp $ */ 3 4 /* 5 * Copyright (c) 1995 Gordon Ross, Adam Glass 6 * Copyright (c) 1992 Regents of the University of California. 7 * All rights reserved. 8 * 9 * This software was developed by the Computer Systems Engineering group 10 * at Lawrence Berkeley Laboratory under DARPA contract BG 91-66 and 11 * contributed to Berkeley. 12 * 13 * Redistribution and use in source and binary forms, with or without 14 * modification, are permitted provided that the following conditions 15 * are met: 16 * 1. Redistributions of source code must retain the above copyright 17 * notice, this list of conditions and the following disclaimer. 18 * 2. Redistributions in binary form must reproduce the above copyright 19 * notice, this list of conditions and the following disclaimer in the 20 * documentation and/or other materials provided with the distribution. 21 * 3. All advertising materials mentioning features or use of this software 22 * must display the following acknowledgement: 23 * This product includes software developed by the University of 24 * California, Lawrence Berkeley Laboratory and its contributors. 25 * 4. Neither the name of the University nor the names of its contributors 26 * may be used to endorse or promote products derived from this software 27 * without specific prior written permission. 28 * 29 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 30 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 31 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 32 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 33 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 34 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 35 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 36 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 37 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 38 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 39 * SUCH DAMAGE. 40 * 41 * partially based on: 42 * libnetboot/rpc.c 43 * @(#) Header: rpc.c,v 1.12 93/09/28 08:31:56 leres Exp (LBL) 44 */ 45 46 #include <sys/param.h> 47 #include <sys/systm.h> 48 #include <sys/conf.h> 49 #include <sys/ioctl.h> 50 #include <sys/proc.h> 51 #include <sys/mount.h> 52 #include <sys/mbuf.h> 53 #include <sys/reboot.h> 54 #include <sys/socket.h> 55 #include <sys/socketvar.h> 56 57 #include <netinet/in.h> 58 59 #include <nfs/rpcv2.h> 60 #include <nfs/krpc.h> 61 #include <nfs/xdr_subs.h> 62 #include <crypto/idgen.h> 63 64 /* 65 * Kernel support for Sun RPC 66 * 67 * Used currently for bootstrapping in nfs diskless configurations. 68 */ 69 70 /* 71 * Generic RPC headers 72 */ 73 74 struct auth_info { 75 u_int32_t authtype; /* auth type */ 76 u_int32_t authlen; /* auth length */ 77 }; 78 79 struct auth_unix { 80 int32_t ua_time; 81 int32_t ua_hostname; /* null */ 82 int32_t ua_uid; 83 int32_t ua_gid; 84 int32_t ua_gidlist; /* null */ 85 }; 86 87 struct rpc_call { 88 u_int32_t rp_xid; /* request transaction id */ 89 int32_t rp_direction; /* call direction (0) */ 90 u_int32_t rp_rpcvers; /* rpc version (2) */ 91 u_int32_t rp_prog; /* program */ 92 u_int32_t rp_vers; /* version */ 93 u_int32_t rp_proc; /* procedure */ 94 struct auth_info rpc_auth; 95 struct auth_unix rpc_unix; 96 struct auth_info rpc_verf; 97 }; 98 99 struct rpc_reply { 100 u_int32_t rp_xid; /* request transaction id */ 101 int32_t rp_direction; /* call direction (1) */ 102 int32_t rp_astatus; /* accept status (0: accepted) */ 103 union { 104 u_int32_t rpu_errno; 105 struct { 106 struct auth_info rok_auth; 107 u_int32_t rok_status; 108 } rpu_rok; 109 } rp_u; 110 }; 111 #define rp_errno rp_u.rpu_errno 112 #define rp_auth rp_u.rpu_rok.rok_auth 113 #define rp_status rp_u.rpu_rok.rok_status 114 115 #define MIN_REPLY_HDR 16 /* xid, dir, astat, errno */ 116 117 u_int32_t krpc_get_xid(void); 118 119 /* 120 * Return an unpredictable XID. 121 */ 122 u_int32_t 123 krpc_get_xid(void) 124 { 125 static struct idgen32_ctx krpc_xid_ctx; 126 static int called = 0; 127 128 if (!called) { 129 called = 1; 130 idgen32_init(&krpc_xid_ctx); 131 } 132 return idgen32(&krpc_xid_ctx); 133 } 134 135 /* 136 * What is the longest we will wait before re-sending a request? 137 * Note this is also the frequency of "RPC timeout" messages. 138 * The re-send loop count sup linearly to this maximum, so the 139 * first complaint will happen after (1+2+3+4+5)=15 seconds. 140 */ 141 #define MAX_RESEND_DELAY 5 /* seconds */ 142 143 /* 144 * Call portmap to lookup a port number for a particular rpc program 145 * Returns non-zero error on failure. 146 */ 147 int 148 krpc_portmap(struct sockaddr_in *sin, u_int prog, u_int vers, u_int16_t *portp) 149 { 150 struct sdata { 151 u_int32_t prog; /* call program */ 152 u_int32_t vers; /* call version */ 153 u_int32_t proto; /* call protocol */ 154 u_int32_t port; /* call port (unused) */ 155 } *sdata; 156 struct rdata { 157 u_int16_t pad; 158 u_int16_t port; 159 } *rdata; 160 struct mbuf *m; 161 int error; 162 163 /* The portmapper port is fixed. */ 164 if (prog == PMAPPROG) { 165 *portp = htons(PMAPPORT); 166 return 0; 167 } 168 169 m = m_get(M_WAIT, MT_DATA); 170 sdata = mtod(m, struct sdata *); 171 m->m_len = sizeof(*sdata); 172 173 /* Do the RPC to get it. */ 174 sdata->prog = txdr_unsigned(prog); 175 sdata->vers = txdr_unsigned(vers); 176 sdata->proto = txdr_unsigned(IPPROTO_UDP); 177 sdata->port = 0; 178 179 sin->sin_port = htons(PMAPPORT); 180 error = krpc_call(sin, PMAPPROG, PMAPVERS, 181 PMAPPROC_GETPORT, &m, NULL, -1); 182 if (error) 183 return error; 184 185 if (m->m_len < sizeof(*rdata)) { 186 m = m_pullup(m, sizeof(*rdata)); 187 if (m == NULL) 188 return ENOBUFS; 189 } 190 rdata = mtod(m, struct rdata *); 191 *portp = rdata->port; 192 193 m_freem(m); 194 return 0; 195 } 196 197 /* 198 * Do a remote procedure call (RPC) and wait for its reply. 199 * If from_p is non-null, then we are doing broadcast, and 200 * the address from whence the response came is saved there. 201 * data: input/output 202 * from_p: output 203 */ 204 int 205 krpc_call(struct sockaddr_in *sa, u_int prog, u_int vers, u_int func, 206 struct mbuf **data, struct mbuf **from_p, int retries) 207 { 208 struct socket *so; 209 struct sockaddr_in *sin; 210 struct mbuf *m, *nam, *mhead, *from, *mopt; 211 struct rpc_call *call; 212 struct rpc_reply *reply; 213 struct uio auio; 214 int s, error, rcvflg, timo, secs, len; 215 static u_int32_t xid = 0; 216 char addr[INET_ADDRSTRLEN]; 217 int *ip; 218 struct timeval tv; 219 220 /* 221 * Validate address family. 222 * Sorry, this is INET specific... 223 */ 224 if (sa->sin_family != AF_INET) 225 return (EAFNOSUPPORT); 226 227 /* Free at end if not null. */ 228 nam = mhead = NULL; 229 from = NULL; 230 231 /* 232 * Create socket and set its receive timeout. 233 */ 234 if ((error = socreate(AF_INET, &so, SOCK_DGRAM, 0))) 235 goto out; 236 237 m = m_get(M_WAIT, MT_SOOPTS); 238 tv.tv_sec = 1; 239 tv.tv_usec = 0; 240 memcpy(mtod(m, struct timeval *), &tv, sizeof tv); 241 m->m_len = sizeof(tv); 242 s = solock(so); 243 error = sosetopt(so, SOL_SOCKET, SO_RCVTIMEO, m); 244 sounlock(s); 245 m_freem(m); 246 if (error) 247 goto out; 248 249 /* 250 * Enable broadcast if necessary. 251 */ 252 if (from_p) { 253 int32_t *on; 254 m = m_get(M_WAIT, MT_SOOPTS); 255 on = mtod(m, int32_t *); 256 m->m_len = sizeof(*on); 257 *on = 1; 258 s = solock(so); 259 error = sosetopt(so, SOL_SOCKET, SO_BROADCAST, m); 260 sounlock(s); 261 m_freem(m); 262 if (error) 263 goto out; 264 } 265 266 /* 267 * Bind the local endpoint to a reserved port, 268 * because some NFS servers refuse requests from 269 * non-reserved (non-privileged) ports. 270 */ 271 MGET(mopt, M_WAIT, MT_SOOPTS); 272 mopt->m_len = sizeof(int); 273 ip = mtod(mopt, int *); 274 *ip = IP_PORTRANGE_LOW; 275 s = solock(so); 276 error = sosetopt(so, IPPROTO_IP, IP_PORTRANGE, mopt); 277 sounlock(s); 278 m_freem(mopt); 279 if (error) 280 goto out; 281 282 MGET(m, M_WAIT, MT_SONAME); 283 sin = mtod(m, struct sockaddr_in *); 284 memset(sin, 0, sizeof(*sin)); 285 sin->sin_len = m->m_len = sizeof(struct sockaddr_in); 286 sin->sin_family = AF_INET; 287 sin->sin_addr.s_addr = INADDR_ANY; 288 sin->sin_port = htons(0); 289 s = solock(so); 290 error = sobind(so, m, &proc0); 291 sounlock(s); 292 m_freem(m); 293 if (error) { 294 printf("bind failed\n"); 295 goto out; 296 } 297 298 MGET(mopt, M_WAIT, MT_SOOPTS); 299 mopt->m_len = sizeof(int); 300 ip = mtod(mopt, int *); 301 *ip = IP_PORTRANGE_DEFAULT; 302 s = solock(so); 303 error = sosetopt(so, IPPROTO_IP, IP_PORTRANGE, mopt); 304 sounlock(s); 305 m_freem(mopt); 306 if (error) 307 goto out; 308 309 /* 310 * Setup socket address for the server. 311 */ 312 nam = m_get(M_WAIT, MT_SONAME); 313 sin = mtod(nam, struct sockaddr_in *); 314 bcopy(sa, sin, (nam->m_len = sa->sin_len)); 315 316 /* 317 * Prepend RPC message header. 318 */ 319 mhead = m_gethdr(M_WAIT, MT_DATA); 320 mhead->m_next = *data; 321 call = mtod(mhead, struct rpc_call *); 322 mhead->m_len = sizeof(*call); 323 memset(call, 0, sizeof(*call)); 324 /* rpc_call part */ 325 xid = krpc_get_xid(); 326 call->rp_xid = txdr_unsigned(xid); 327 /* call->rp_direction = 0; */ 328 call->rp_rpcvers = txdr_unsigned(2); 329 call->rp_prog = txdr_unsigned(prog); 330 call->rp_vers = txdr_unsigned(vers); 331 call->rp_proc = txdr_unsigned(func); 332 /* rpc_auth part (auth_unix as root) */ 333 call->rpc_auth.authtype = txdr_unsigned(RPCAUTH_UNIX); 334 call->rpc_auth.authlen = txdr_unsigned(sizeof(struct auth_unix)); 335 /* rpc_verf part (auth_null) */ 336 call->rpc_verf.authtype = 0; 337 call->rpc_verf.authlen = 0; 338 339 /* 340 * Setup packet header 341 */ 342 len = 0; 343 m = mhead; 344 while (m) { 345 len += m->m_len; 346 m = m->m_next; 347 } 348 mhead->m_pkthdr.len = len; 349 mhead->m_pkthdr.ph_ifidx = 0; 350 351 /* 352 * Send it, repeatedly, until a reply is received, 353 * but delay each re-send by an increasing amount. 354 * If the delay hits the maximum, start complaining. 355 */ 356 for (timo = 0; retries; retries--) { 357 /* Send RPC request (or re-send). */ 358 m = m_copym(mhead, 0, M_COPYALL, M_WAIT); 359 if (m == NULL) { 360 error = ENOBUFS; 361 goto out; 362 } 363 error = sosend(so, nam, NULL, m, NULL, 0); 364 if (error) { 365 printf("krpc_call: sosend: %d\n", error); 366 goto out; 367 } 368 m = NULL; 369 370 /* Determine new timeout. */ 371 if (timo < MAX_RESEND_DELAY) 372 timo++; 373 else 374 printf("RPC timeout for server %s (0x%x) prog %u\n", 375 inet_ntop(AF_INET, &sin->sin_addr, 376 addr, sizeof(addr)), 377 ntohl(sin->sin_addr.s_addr), prog); 378 379 /* 380 * Wait for up to timo seconds for a reply. 381 * The socket receive timeout was set to 1 second. 382 */ 383 secs = timo; 384 while (secs > 0) { 385 m_freem(from); 386 from = NULL; 387 388 m_freem(m); 389 m = NULL; 390 391 auio.uio_resid = len = 1<<16; 392 auio.uio_procp = NULL; 393 rcvflg = 0; 394 error = soreceive(so, &from, &auio, &m, NULL, &rcvflg, 395 0); 396 if (error == EWOULDBLOCK) { 397 secs--; 398 continue; 399 } 400 if (error) 401 goto out; 402 len -= auio.uio_resid; 403 404 /* Does the reply contain at least a header? */ 405 if (len < MIN_REPLY_HDR) 406 continue; 407 if (m->m_len < MIN_REPLY_HDR) 408 continue; 409 reply = mtod(m, struct rpc_reply *); 410 411 /* Is it the right reply? */ 412 if (reply->rp_direction != txdr_unsigned(RPC_REPLY)) 413 continue; 414 415 if (reply->rp_xid != txdr_unsigned(xid)) 416 continue; 417 418 /* Was RPC accepted? (authorization OK) */ 419 if (reply->rp_astatus != 0) { 420 error = fxdr_unsigned(u_int32_t, reply->rp_errno); 421 printf("rpc denied, error=%d\n", error); 422 continue; 423 } 424 425 /* Did the call succeed? */ 426 if (reply->rp_status != 0) { 427 error = fxdr_unsigned(u_int32_t, reply->rp_status); 428 printf("rpc denied, status=%d\n", error); 429 continue; 430 } 431 432 goto gotreply; /* break two levels */ 433 434 } /* while secs */ 435 } /* forever send/receive */ 436 437 error = ETIMEDOUT; 438 goto out; 439 440 gotreply: 441 442 /* 443 * Get RPC reply header into first mbuf, 444 * get its length, then strip it off. 445 */ 446 len = sizeof(*reply); 447 if (m->m_len < len) { 448 m = m_pullup(m, len); 449 if (m == NULL) { 450 error = ENOBUFS; 451 goto out; 452 } 453 } 454 reply = mtod(m, struct rpc_reply *); 455 if (reply->rp_auth.authtype != 0) { 456 len += fxdr_unsigned(u_int32_t, reply->rp_auth.authlen); 457 len = (len + 3) & ~3; /* XXX? */ 458 } 459 m_adj(m, len); 460 461 /* result */ 462 *data = m; 463 if (from_p && error == 0) { 464 *from_p = from; 465 from = NULL; 466 } 467 468 out: 469 m_freem(nam); 470 m_freem(mhead); 471 m_freem(from); 472 soclose(so); 473 return error; 474 } 475 476 /* 477 * eXternal Data Representation routines. 478 * (but with non-standard args...) 479 */ 480 481 /* 482 * String representation for RPC. 483 */ 484 struct xdr_string { 485 u_int32_t len; /* length without null or padding */ 486 char data[4]; /* data (longer, of course) */ 487 /* data is padded to a long-word boundary */ 488 }; 489 490 struct mbuf * 491 xdr_string_encode(char *str, int len) 492 { 493 struct mbuf *m; 494 struct xdr_string *xs; 495 int dlen; /* padded string length */ 496 int mlen; /* message length */ 497 498 dlen = (len + 3) & ~3; 499 mlen = dlen + 4; 500 501 if (mlen > MCLBYTES) /* If too big, we just can't do it. */ 502 return (NULL); 503 504 m = m_get(M_WAIT, MT_DATA); 505 if (mlen > MLEN) { 506 MCLGET(m, M_WAIT); 507 if ((m->m_flags & M_EXT) == 0) { 508 (void) m_free(m); /* There can be only one. */ 509 return (NULL); 510 } 511 } 512 xs = mtod(m, struct xdr_string *); 513 m->m_len = mlen; 514 xs->len = txdr_unsigned(len); 515 bcopy(str, xs->data, len); 516 return (m); 517 } 518 519 struct mbuf * 520 xdr_string_decode(struct mbuf *m, char *str, int *len_p) 521 { 522 struct xdr_string *xs; 523 int mlen; /* message length */ 524 int slen; /* string length */ 525 526 if (m->m_len < 4) { 527 m = m_pullup(m, 4); 528 if (m == NULL) 529 return (NULL); 530 } 531 xs = mtod(m, struct xdr_string *); 532 slen = fxdr_unsigned(u_int32_t, xs->len); 533 mlen = 4 + ((slen + 3) & ~3); 534 535 if (slen > *len_p) 536 slen = *len_p; 537 if (slen > m->m_pkthdr.len) { 538 m_freem(m); 539 return (NULL); 540 } 541 m_copydata(m, 4, slen, str); 542 m_adj(m, mlen); 543 544 str[slen] = '\0'; 545 *len_p = slen; 546 547 return (m); 548 } 549 550 551 /* 552 * Inet address in RPC messages 553 * (Note, really four ints, NOT chars. Blech.) 554 */ 555 struct xdr_inaddr { 556 u_int32_t atype; 557 u_int32_t addr[4]; 558 }; 559 560 struct mbuf * 561 xdr_inaddr_encode(struct in_addr *ia) 562 { 563 struct mbuf *m; 564 struct xdr_inaddr *xi; 565 u_int8_t *cp; 566 u_int32_t *ip; 567 568 m = m_get(M_WAIT, MT_DATA); 569 xi = mtod(m, struct xdr_inaddr *); 570 m->m_len = sizeof(*xi); 571 xi->atype = txdr_unsigned(1); 572 ip = xi->addr; 573 cp = (u_int8_t *)&ia->s_addr; 574 *ip++ = txdr_unsigned(*cp++); 575 *ip++ = txdr_unsigned(*cp++); 576 *ip++ = txdr_unsigned(*cp++); 577 *ip++ = txdr_unsigned(*cp++); 578 579 return (m); 580 } 581 582 struct mbuf * 583 xdr_inaddr_decode(struct mbuf *m, struct in_addr *ia) 584 { 585 struct xdr_inaddr *xi; 586 u_int8_t *cp; 587 u_int32_t *ip; 588 589 if (m->m_len < sizeof(*xi)) { 590 m = m_pullup(m, sizeof(*xi)); 591 if (m == NULL) 592 return (NULL); 593 } 594 xi = mtod(m, struct xdr_inaddr *); 595 if (xi->atype != txdr_unsigned(1)) { 596 ia->s_addr = INADDR_ANY; 597 goto out; 598 } 599 ip = xi->addr; 600 cp = (u_int8_t *)&ia->s_addr; 601 *cp++ = fxdr_unsigned(u_int8_t, *ip++); 602 *cp++ = fxdr_unsigned(u_int8_t, *ip++); 603 *cp++ = fxdr_unsigned(u_int8_t, *ip++); 604 *cp++ = fxdr_unsigned(u_int8_t, *ip++); 605 606 out: 607 m_adj(m, sizeof(*xi)); 608 return (m); 609 } 610