From 903f014bc1c0d907f00f5ee5cd8d683b823d9081 Mon Sep 17 00:00:00 2001
From: alfred <alfred@FreeBSD.org>
Date: Tue, 5 Feb 2002 18:51:13 +0000
Subject: Fix the breakage in rpc.yppasswd. Readded the svc_create() and the
 registering of the "unix" transport, now it is fixed.

Everywhere, rq_cred is taken to look what authentification we have.
We can not be sure that transp>xp_verf.oa_flavor is also filled in.
This seems to be the same for all sun source. they take the flavor
of rq_cred, instead of transp.

Submitted by: mbr
---
 usr.sbin/rpc.yppasswdd/yppasswdd_main.c   | 96 +++++++++++++------------------
 usr.sbin/rpc.yppasswdd/yppasswdd_server.c | 33 ++++-------
 2 files changed, 51 insertions(+), 78 deletions(-)

(limited to 'usr.sbin/rpc.yppasswdd')

diff --git a/usr.sbin/rpc.yppasswdd/yppasswdd_main.c b/usr.sbin/rpc.yppasswdd/yppasswdd_main.c
index 51f9621..8684810 100644
--- a/usr.sbin/rpc.yppasswdd/yppasswdd_main.c
+++ b/usr.sbin/rpc.yppasswdd/yppasswdd_main.c
@@ -100,8 +100,8 @@ char *sockname = YP_SOCKNAME;
 static void terminate(sig)
 	int sig;
 {
-	svc_unregister(YPPASSWDPROG, YPPASSWDVERS);
-	svc_unregister(MASTER_YPPASSWDPROG, MASTER_YPPASSWDVERS);
+	rpcb_unset(YPPASSWDPROG, YPPASSWDVERS, NULL);
+	rpcb_unset(MASTER_YPPASSWDPROG, MASTER_YPPASSWDVERS, NULL);
 	unlink(sockname);
 	exit(0);
 }
@@ -156,13 +156,14 @@ main(argc, argv)
 	char *argv[];
 {
 	register SVCXPRT *transp = NULL;
-	int sock;
-	int proto = 0;
 	struct sockaddr_in saddr;
 	int asize = sizeof (saddr);
+	struct netconfig *nconf;
+	void *localhandle;
 	int ch;
 	char *mastername;
 	char myname[MAXHOSTNAMELEN + 2];
+
 	extern int debug;
 
 	debug = 1;
@@ -246,78 +247,59 @@ the %s domain -- aborting", yppasswd_domain);
 
 	if (getsockname(0, (struct sockaddr *)&saddr, &asize) == 0) {
 		int ssize = sizeof (int);
-
 		if (saddr.sin_family != AF_INET)
 			exit(1);
 		if (getsockopt(0, SOL_SOCKET, SO_TYPE,
-				(char *)&_rpcfdtype, &ssize) == -1)
+		    (char *)&_rpcfdtype, &ssize) == -1)
 			exit(1);
-		sock = 0;
 		_rpcpmstart = 1;
-		proto = 0;
-		openlog("rpc.yppasswdd", LOG_PID, LOG_DAEMON);
-	} else {
-		if (!debug) {
-			if (daemon(0,0)) {
-				err(1,"cannot fork");
-			}
-		}
-		openlog("rpc.yppasswdd", LOG_PID, LOG_DAEMON);
-		sock = RPC_ANYSOCK;
-		(void) pmap_unset(YPPASSWDPROG, YPPASSWDVERS);
-		(void) pmap_unset(MASTER_YPPASSWDPROG, MASTER_YPPASSWDVERS);
-		unlink(sockname);
 	}
 
-	if ((_rpcfdtype == 0) || (_rpcfdtype == SOCK_DGRAM)) {
-		transp = svcudp_create(sock);
-		if (transp == NULL) {
-			yp_error("cannot create udp service.");
-			exit(1);
-		}
-		if (!_rpcpmstart)
-			proto = IPPROTO_UDP;
-		if (!svc_register(transp, YPPASSWDPROG, YPPASSWDVERS, yppasswdprog_1, proto)) {
-			yp_error("unable to register (YPPASSWDPROG, YPPASSWDVERS, udp).");
-			exit(1);
+	if (!debug && _rpcpmstart == 0) {
+		if (daemon(0,0)) {
+			err(1,"cannot fork");
 		}
 	}
+	openlog("rpc.yppasswdd", LOG_PID, LOG_DAEMON);
 
-	if ((_rpcfdtype == 0) || (_rpcfdtype == SOCK_STREAM)) {
-		transp = svctcp_create(sock, 0, 0);
-		if (transp == NULL) {
-			yp_error("cannot create tcp service.");
-			exit(1);
-		}
-		if (!_rpcpmstart)
-			proto = IPPROTO_TCP;
-		if (!svc_register(transp, YPPASSWDPROG, YPPASSWDVERS, yppasswdprog_1, proto)) {
-			yp_error("unable to register (YPPASSWDPROG, YPPASSWDVERS, tcp).");
-			exit(1);
-		}
+	rpcb_unset(YPPASSWDPROG, YPPASSWDVERS, NULL);
+	rpcb_unset(MASTER_YPPASSWDPROG, MASTER_YPPASSWDVERS, NULL);
+
+	if (svc_create(yppasswdprog_1, YPPASSWDPROG, YPPASSWDVERS, "netpath") == 0) {
+		yp_error("cannot create yppasswd service.");
+		exit(1);
+	}
+	if (svc_create(master_yppasswdprog_1, MASTER_YPPASSWDPROG,
+	    MASTER_YPPASSWDVERS, "netpath") == 0) {
+		yp_error("cannot create master_yppasswd service.");
+		exit(1);
 	}
 
+	nconf = NULL;
+	localhandle = setnetconfig();
+	while ((nconf = getnetconfig(localhandle)) != NULL) {
+		if (nconf->nc_protofmly != NULL &&
+		    strcmp(nconf->nc_protofmly, NC_LOOPBACK) == 0)
+			break;
+	}
+	if (nconf == NULL) {
+		yp_error("getnetconfigent unix: %s", nc_sperror());
+		exit(1);
+	}
 	unlink(sockname);
-        if (svc_create(yppasswdprog_1, YPPASSWDPROG, YPPASSWDVERS,
-	    "netpath") == 0) {
-                (void) fprintf(stderr,
-                        "%s: unable to create service\n", argv[0]);
-                exit(1);
-        }
-        if (svc_create(master_yppasswdprog_1, MASTER_YPPASSWDPROG,
-	    MASTER_YPPASSWDVERS, "netpath") == 0) {
-                (void) fprintf(stderr,
-                        "%s: unable to create service\n", argv[0]);
-                exit(1);
-        }
+	transp = svcunix_create(RPC_ANYSOCK, 0, 0, sockname);
 	if (transp == NULL) {
 		yp_error("cannot create AF_LOCAL service.");
 		exit(1);
 	}
-	if (!svc_register(transp, MASTER_YPPASSWDPROG, MASTER_YPPASSWDVERS, master_yppasswdprog_1, 0)) {
-		yp_error("unable to register (MASTER_YPPASSWDPROG, MASTER_YPPASSWDVERS, unix).");
+	if (!svc_reg(transp, MASTER_YPPASSWDPROG, MASTER_YPPASSWDVERS,
+	    master_yppasswdprog_1, nconf)) {
+		yp_error("unable to register (MASTER_YPPASSWDPROG,
+		    MASTER_YPPASSWDVERS, unix).");
 		exit(1);
 	}
+	endnetconfig(localhandle);
+
 	/* Only root may connect() to the AF_UNIX link. */
 	if (chmod(sockname, 0))
 		err(1, "chmod of %s failed", sockname);
diff --git a/usr.sbin/rpc.yppasswdd/yppasswdd_server.c b/usr.sbin/rpc.yppasswdd/yppasswdd_server.c
index 2e0b092..d61390d 100644
--- a/usr.sbin/rpc.yppasswdd/yppasswdd_server.c
+++ b/usr.sbin/rpc.yppasswdd/yppasswdd_server.c
@@ -62,11 +62,6 @@ struct dom_binding {};
 #include "yppasswd.h"
 #include "yppasswd_private.h"
 
-struct cmessage {
-        struct cmsghdr cmsg;
-        struct cmsgcred cmcred;
-};
-
 char *tempname;
 
 void reaper(sig)
@@ -705,47 +700,43 @@ int *yppasswdproc_update_master_1_svc(master_yppasswd *argp,
 	static int result;
 	int pfd, tfd;
 	int pid;
+	uid_t uid;
 	int rval = 0;
 	DBT key, data;
 	char *passfile_hold;
 	char passfile_buf[MAXPATHLEN + 2];
 	struct sockaddr_in *rqhost;
-	struct cmessage			*cm;
-	SVCXPRT				*transp;
+	SVCXPRT	*transp;
 
 	result = 1;
+	transp = rqstp->rq_xprt;
 
 	/*
 	 * NO AF_INET CONNETCIONS ALLOWED!
 	 */
-	rqhost = svc_getcaller(rqstp->rq_xprt);
+	rqhost = svc_getcaller(transp);
 	if (rqhost->sin_family != AF_UNIX) {
 		yp_error("Alert! %s/%d attempted to use superuser-only \
 procedure!\n", inet_ntoa(rqhost->sin_addr), rqhost->sin_port);
-		svcerr_auth(rqstp->rq_xprt, AUTH_BADCRED);
+		svcerr_auth(transp, AUTH_BADCRED);
 		return(&result);
 	}
 
-	transp = rqstp->rq_xprt;
-
-	if (transp->xp_verf.oa_length < sizeof(struct cmessage) ||
-		transp->xp_verf.oa_base == NULL ||
-		transp->xp_verf.oa_flavor != AUTH_UNIX) {
+	if (rqstp->rq_cred.oa_flavor != AUTH_SYS) {
 		yp_error("caller didn't send proper credentials");
-		svcerr_auth(rqstp->rq_xprt, AUTH_BADCRED);
+		svcerr_auth(transp, AUTH_BADCRED);
 		return(&result);
 	}
 
-	cm = (struct cmessage *)transp->xp_verf.oa_base;
-	if (cm->cmsg.cmsg_type != SCM_CREDS) {
+	if (__rpc_get_local_uid(transp, &uid) < 0) {
 		yp_error("caller didn't send proper credentials");
-		svcerr_auth(rqstp->rq_xprt, AUTH_BADCRED);
+		svcerr_auth(transp, AUTH_BADCRED);
 		return(&result);
 	}
-
- 	if (cm->cmcred.cmcred_euid) {
+	
+	if (uid) {
 		yp_error("caller euid is %d, expecting 0 -- rejecting request",
-				cm->cmcred.cmcred_euid);
+		    uid);
 		svcerr_auth(rqstp->rq_xprt, AUTH_BADCRED);
 		return(&result);
 	}
-- 
cgit v1.1