0
|
1 |
/*
|
|
2 |
* CDDL HEADER START
|
|
3 |
*
|
|
4 |
* The contents of this file are subject to the terms of the
|
|
5 |
* Common Development and Distribution License, Version 1.0 only
|
|
6 |
* (the "License"). You may not use this file except in compliance
|
|
7 |
* with the License.
|
|
8 |
*
|
|
9 |
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
|
|
10 |
* or http://www.opensolaris.org/os/licensing.
|
|
11 |
* See the License for the specific language governing permissions
|
|
12 |
* and limitations under the License.
|
|
13 |
*
|
|
14 |
* When distributing Covered Code, include this CDDL HEADER in each
|
|
15 |
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
|
|
16 |
* If applicable, add the following below this CDDL HEADER, with the
|
|
17 |
* fields enclosed by brackets "[]" replaced with your own identifying
|
|
18 |
* information: Portions Copyright [yyyy] [name of copyright owner]
|
|
19 |
*
|
|
20 |
* CDDL HEADER END
|
|
21 |
*/
|
|
22 |
/*
|
|
23 |
* Copyright 2004 Sun Microsystems, Inc. All rights reserved.
|
|
24 |
* Use is subject to license terms.
|
|
25 |
*/
|
|
26 |
|
|
27 |
#pragma ident "%Z%%M% %I% %E% SMI"
|
|
28 |
|
|
29 |
#include "synonyms.h"
|
|
30 |
#include <mtlib.h>
|
|
31 |
#include <sys/types.h>
|
|
32 |
#include <pwd.h>
|
|
33 |
#include <nss_dbdefs.h>
|
|
34 |
#include <stdio.h>
|
|
35 |
#include <synch.h>
|
|
36 |
#include <sys/param.h>
|
|
37 |
#include <fcntl.h>
|
|
38 |
#include <unistd.h>
|
|
39 |
#include <getxby_door.h>
|
|
40 |
#include <sys/door.h>
|
|
41 |
#include "libc.h"
|
|
42 |
#include "base_conversion.h"
|
|
43 |
|
|
44 |
/*
|
|
45 |
*
|
|
46 |
* Routine that actually performs the door call.
|
|
47 |
* Note that we cache a file descriptor. We do
|
|
48 |
* the following to prevent disasters:
|
|
49 |
*
|
|
50 |
* 1) Never use 0,1 or 2; if we get this from the open
|
|
51 |
* we dup it upwards.
|
|
52 |
*
|
|
53 |
* 2) Set the close on exec flags so descriptor remains available
|
|
54 |
* to child processes.
|
|
55 |
*
|
|
56 |
* 3) Verify that the door is still the same one we had before
|
|
57 |
* by using door_info on the client side.
|
|
58 |
*
|
|
59 |
* Note that we never close the file descriptor if it isn't one
|
|
60 |
* we allocated; we check this with door info. The rather tricky
|
|
61 |
* logic is designed to be fast in the normal case (fd is already
|
|
62 |
* allocated and is ok) while handling the case where the application
|
|
63 |
* closed it underneath us or where the nscd dies or re-execs itself
|
|
64 |
* and we're a multi-threaded application. Note that we cannot protect
|
|
65 |
* the application if it closes the fd and it is multi-threaded.
|
|
66 |
*
|
|
67 |
* int _nsc_trydoorcall(void *dptr, int *bufsize, int *actualsize);
|
|
68 |
*
|
|
69 |
* *dptr IN: points to arg buffer OUT: points to results buffer
|
|
70 |
* *bufsize IN: overall size of buffer OUT: overall size of buffer
|
|
71 |
* *actualsize IN: size of call data OUT: size of return data
|
|
72 |
*
|
|
73 |
* Note that *dptr may change if provided space as defined by *bufsize is
|
|
74 |
* inadequate. In this case the door call mmaps more space and places
|
|
75 |
* the answer there and sets dptr to contain a pointer to the space, which
|
|
76 |
* should be freed with munmap.
|
|
77 |
*
|
|
78 |
* Returns 0 if the door call reached the server, -1 if contact was not made.
|
|
79 |
*
|
|
80 |
*/
|
|
81 |
|
|
82 |
static mutex_t _door_lock = DEFAULTMUTEX;
|
|
83 |
|
|
84 |
int
|
|
85 |
_nsc_trydoorcall(nsc_data_t **dptr, int *ndata, int *adata)
|
|
86 |
{
|
|
87 |
static int doorfd = -1;
|
|
88 |
static door_info_t real_door;
|
|
89 |
door_info_t my_door;
|
|
90 |
door_arg_t param;
|
|
91 |
|
|
92 |
/*
|
|
93 |
* the first time in we try and open and validate the door.
|
|
94 |
* the validations are that the door must have been
|
|
95 |
* created with the name service door cookie and
|
|
96 |
* that the file attached to the door is owned by root
|
|
97 |
* and readonly by user, group and other. If any of these
|
|
98 |
* validations fail we refuse to use the door.
|
|
99 |
*/
|
|
100 |
|
|
101 |
lmutex_lock(&_door_lock);
|
|
102 |
|
|
103 |
try_again:
|
|
104 |
|
|
105 |
if (doorfd == -1) {
|
|
106 |
|
|
107 |
int tbc[3];
|
|
108 |
int i;
|
|
109 |
if ((doorfd = open64(NAME_SERVICE_DOOR, O_RDONLY, 0))
|
|
110 |
== -1) {
|
|
111 |
lmutex_unlock(&_door_lock);
|
|
112 |
return (NOSERVER);
|
|
113 |
}
|
|
114 |
|
|
115 |
/*
|
|
116 |
* dup up the file descriptor if we have 0 - 2
|
|
117 |
* to avoid problems with shells stdin/out/err
|
|
118 |
*/
|
|
119 |
i = 0;
|
|
120 |
|
|
121 |
while (doorfd < 3) { /* we have a reserved fd */
|
|
122 |
tbc[i++] = doorfd;
|
|
123 |
if ((doorfd = dup(doorfd)) < 0) {
|
|
124 |
while (i--)
|
|
125 |
(void) close(tbc[i]);
|
|
126 |
doorfd = -1;
|
|
127 |
lmutex_unlock(&_door_lock);
|
|
128 |
return (NOSERVER);
|
|
129 |
}
|
|
130 |
}
|
|
131 |
|
|
132 |
while (i--)
|
|
133 |
(void) close(tbc[i]);
|
|
134 |
|
|
135 |
/*
|
|
136 |
* mark this door descriptor as close on exec
|
|
137 |
*/
|
|
138 |
(void) fcntl(doorfd, F_SETFD, FD_CLOEXEC);
|
|
139 |
if (__door_info(doorfd, &real_door) == -1) {
|
|
140 |
/*
|
|
141 |
* we should close doorfd because we just opened it
|
|
142 |
*/
|
|
143 |
(void) close(doorfd);
|
|
144 |
doorfd = -1;
|
|
145 |
lmutex_unlock(&_door_lock);
|
|
146 |
return (NOSERVER);
|
|
147 |
}
|
|
148 |
|
|
149 |
if ((real_door.di_attributes & DOOR_REVOKED) ||
|
|
150 |
(real_door.di_data !=
|
|
151 |
(door_ptr_t)NAME_SERVICE_DOOR_COOKIE)) {
|
|
152 |
(void) close(doorfd);
|
|
153 |
doorfd = -1;
|
|
154 |
lmutex_unlock(&_door_lock);
|
|
155 |
return (NOSERVER);
|
|
156 |
}
|
|
157 |
} else {
|
|
158 |
|
|
159 |
if ((__door_info(doorfd, &my_door) == -1) ||
|
|
160 |
(my_door.di_data != (door_ptr_t)NAME_SERVICE_DOOR_COOKIE) ||
|
|
161 |
(my_door.di_uniquifier != real_door.di_uniquifier)) {
|
|
162 |
/*
|
|
163 |
* don't close it -
|
|
164 |
* someone else has clobbered fd
|
|
165 |
*/
|
|
166 |
doorfd = -1;
|
|
167 |
goto try_again;
|
|
168 |
}
|
|
169 |
|
|
170 |
if (my_door.di_attributes & DOOR_REVOKED) {
|
|
171 |
(void) close(doorfd); /* nscd exited .... */
|
|
172 |
doorfd = -1; /* try and restart connection */
|
|
173 |
goto try_again;
|
|
174 |
}
|
|
175 |
}
|
|
176 |
|
|
177 |
lmutex_unlock(&_door_lock);
|
|
178 |
|
|
179 |
param.rbuf = (char *)*dptr;
|
|
180 |
param.rsize = *ndata;
|
|
181 |
param.data_ptr = (char *)*dptr;
|
|
182 |
param.data_size = *adata;
|
|
183 |
param.desc_ptr = NULL;
|
|
184 |
param.desc_num = 0;
|
|
185 |
if (__door_call(doorfd, ¶m) == -1) {
|
|
186 |
return (NOSERVER);
|
|
187 |
}
|
|
188 |
*adata = (int)param.data_size;
|
|
189 |
*ndata = (int)param.rsize;
|
|
190 |
*dptr = (nsc_data_t *)(uintptr_t)param.data_ptr;
|
|
191 |
if (*adata == 0 || *dptr == NULL) {
|
|
192 |
return (NOSERVER);
|
|
193 |
}
|
|
194 |
|
|
195 |
return ((*dptr)->nsc_ret.nsc_return_code);
|
|
196 |
}
|