Sophie: autofs-1:5.0.1-0.rc2.164.el5

autofs-5.0.1-0.rc2.164.el5_8.src.rpm

diff -up autofs-5.0.1/modules/lookup_hosts.c.remove-unsed-export-validation-code autofs-5.0.1/modules/lookup_hosts.c
--- autofs-5.0.1/modules/lookup_hosts.c.remove-unsed-export-validation-code	2007-10-18 21:42:17.000000000 +0800
+++ autofs-5.0.1/modules/lookup_hosts.c	2007-10-18 21:44:42.000000000 +0800
@@ -39,7 +39,6 @@ struct lookup_context {
 int lookup_version = AUTOFS_LOOKUP_VERSION;	/* Required by protocol */
 
 exports rpc_get_exports(const char *host, long seconds, long micros, unsigned int option);
-exports rpc_exports_prune(exports list);
 void rpc_exports_free(exports list);
 
 int lookup_init(const char *mapfmt, int argc, const char *const *argv, void **context)
@@ -200,9 +199,6 @@ done:
 
 	exp = rpc_get_exports(name, 10, 0, RPC_CLOSE_NOLINGER);
 
-	/* Check exports for obvious ones we don't have access to */
-	/*exp = rpc_exports_prune(exp);*/
-
 	mapent = NULL;
 	while (exp) {
 		if (mapent) {
diff -up autofs-5.0.1/lib/rpc_subs.c.remove-unsed-export-validation-code autofs-5.0.1/lib/rpc_subs.c
--- autofs-5.0.1/lib/rpc_subs.c.remove-unsed-export-validation-code	2007-10-18 21:42:17.000000000 +0800
+++ autofs-5.0.1/lib/rpc_subs.c	2007-10-18 21:48:12.000000000 +0800
@@ -45,8 +45,6 @@
 #define MAX_IFC_BUF	1024
 #define MAX_ERR_BUF	128
 
-static char *ypdomain = NULL;
-
 /*
  * Create a UDP RPC client
  */
@@ -754,384 +752,6 @@ void rpc_exports_free(exports list)
 	return;
 }
 
-static int masked_match(const char *addr, const char *mask)
-{
-	char buf[MAX_IFC_BUF], *ptr;
-	struct sockaddr_in saddr;
-	struct sockaddr_in6 saddr6;
-	struct ifconf ifc;
-	struct ifreq *ifr;
-	int sock, cl_flags, ret, i, is_ipv4, is_ipv6;
-	unsigned int msize;
-
-	sock = socket(AF_INET, SOCK_DGRAM, 0);
-	if (sock < 0) {
-		char *estr = strerror_r(errno, buf, MAX_ERR_BUF);
-		error(LOGOPT_ANY, "socket creation failed: %s", estr);
-		return 0;
-	}
-
-	if ((cl_flags = fcntl(sock, F_GETFD, 0)) != -1) {
-		cl_flags |= FD_CLOEXEC;
-		fcntl(sock, F_SETFD, cl_flags);
-	}
-
-	ifc.ifc_len = sizeof(buf);
-	ifc.ifc_req = (struct ifreq *) buf;
-	ret = ioctl(sock, SIOCGIFCONF, &ifc);
-	if (ret == -1) {
-		close(sock);
-		char *estr = strerror_r(errno, buf, MAX_ERR_BUF);
-		error(LOGOPT_ANY, "ioctl: %s", estr);
-		return 0;
-	}
-
-	is_ipv4 = is_ipv6 = 0;
-	is_ipv4 = inet_pton(AF_INET, addr, &saddr.sin_addr);
-	if (!is_ipv4)
-		is_ipv6 = inet_pton(AF_INET6, addr, &saddr6.sin6_addr);
-
-	if (strchr(mask, '.')) {
-		struct sockaddr_in maddr;
-		uint32_t ma;
-		int i = 0;
-
-		ret = inet_aton(mask, &maddr.sin_addr);
-		if (!ret) {
-			close(sock);
-			return 0;
-		}
-
-		ma = ntohl((uint32_t) maddr.sin_addr.s_addr);
-		while (!(ma & 1)) {
-			i++;
-			ma = ma >> 1;
-		}
-
-		msize = i;
-	} else
-		msize = atoi(mask);
-
-	i = 0;
-	ptr = (char *) &ifc.ifc_buf[0];
-
-	while (ptr < buf + ifc.ifc_len) {
-		ifr = (struct ifreq *) ptr;
-
-		switch (ifr->ifr_addr.sa_family) {
-		case AF_INET:
-		{
-			struct sockaddr_in *if_addr;
-			uint32_t m, ia, ha;
-
-			if (!is_ipv4 || msize > 32)
-				break;
-
-			m = -1;
-			m = m << (32 - msize);
-			ha = ntohl((uint32_t) saddr.sin_addr.s_addr);
-
-			if_addr = (struct sockaddr_in *) &ifr->ifr_addr;
-			ia = ntohl((uint32_t) if_addr->sin_addr.s_addr);
-
-			if ((ia & m) == (ha & m)) {
-				close(sock);
-				return 1;
-			}
-			break;
-		}
-
-		/* glibc rpc only understands IPv4 atm */
-		case AF_INET6:
-			break;
-
-		default:
-			break;
-		}
-
-		i++;
-		ptr = (char *) &ifc.ifc_req[i];
-	}
-
-	close(sock);
-	return 0;
-}
-
-/*
- * This function has been adapted from the match_patern function
- * found in OpenSSH and is used in accordance with the copyright
- * notice found their.
- *
- * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland.
- */
-/*
- * Returns true if the given string matches the pattern (which
- * may contain ? and * as wildcards), and zero if it does not
- * match.
- */
-static int pattern_match(const char *s, const char *pattern)
-{
-	for (;;) {
-		/* If at end of pattern, accept if also at end of string. */
-		if (!*pattern)
-			return !*s;
-
-		if (*pattern == '*') {
-			/* Skip the asterisk. */
-			pattern++;
-
-			/* If at end of pattern, accept immediately. */
-			if (!*pattern)
-				return 1;
-
-			/* If next character in pattern is known, optimize. */
-			if (*pattern != '?' && *pattern != '*') {
-				/*
-				 * Look instances of the next character in
-				 * pattern, and try to match starting from
-				 * those.
-				 */
-				for (; *s; s++)
-					if (*s == *pattern &&
-					    pattern_match(s + 1, pattern + 1))
-						return 1;
-
-				/* Failed. */
-				return 0;
-			}
-			/*
-			 * Move ahead one character at a time and try to
-			 * match at each position.
-			 */
-			for (; *s; s++)
-				if (pattern_match(s, pattern))
-					return 1;
-			/* Failed. */
-			return 0;
-		}
-		/*
-		 * There must be at least one more character in the string.
-		 * If we are at the end, fail.
-		 */
-		if (!*s)
-			return 0;
-
-		/* Check if the next character of the string is acceptable. */
-		if (*pattern != '?' && *pattern != *s)
-			return 0;
-
-		/* Move to the next character, both in string and in pattern. */
-		s++;
-		pattern++;
-	}
-	/* NOTREACHED */
-}
-
-static int name_match(const char *name, const char *pattern)
-{
-	int ret;
-
-	if (strchr(pattern, '*') || strchr(pattern, '?'))
-		ret = pattern_match(name, pattern);
-	else {
-		ret = !memcmp(name, pattern, strlen(pattern));
-		/* Name could still be a netgroup (Solaris) */
-		if (!ret && ypdomain)
-			ret = innetgr(pattern, name, NULL, ypdomain);
-	}
-
-	return ret;
-}
-
-static int fqdn_match(const char *pattern)
-{
-	char buf[MAX_IFC_BUF], *ptr;
-	struct ifconf ifc;
-	struct ifreq *ifr;
-	int sock, cl_flags, ret, i;
-	char fqdn[NI_MAXHOST + 1];
-
-	sock = socket(AF_INET, SOCK_DGRAM, 0);
-	if (sock < 0) {
-		char *estr = strerror_r(errno, buf, MAX_ERR_BUF);
-		error(LOGOPT_ANY, "socket creation failed: %s", estr);
-		return 0;
-	}
-
-	if ((cl_flags = fcntl(sock, F_GETFD, 0)) != -1) {
-		cl_flags |= FD_CLOEXEC;
-		fcntl(sock, F_SETFD, cl_flags);
-	}
-
-	ifc.ifc_len = sizeof(buf);
-	ifc.ifc_req = (struct ifreq *) buf;
-	ret = ioctl(sock, SIOCGIFCONF, &ifc);
-	if (ret == -1) {
-		close(sock);
-		char *estr = strerror_r(errno, buf, MAX_ERR_BUF);
-		error(LOGOPT_ANY, "ioctl: %s", estr);
-		return 0;
-	}
-
-	i = 0;
-	ptr = (char *) &ifc.ifc_buf[0];
-
-	while (ptr < buf + ifc.ifc_len) {
-		ifr = (struct ifreq *) ptr;
-
-		switch (ifr->ifr_addr.sa_family) {
-		case AF_INET:
-		{
-			socklen_t slen = sizeof(struct sockaddr);
-
-			ret = getnameinfo(&ifr->ifr_addr, slen, fqdn,
-					  NI_MAXHOST, NULL, 0, NI_NAMEREQD);
-			if (!ret) {
-				ret = name_match(fqdn, pattern);
-				if (ret) {
-					close(sock);
-					return 1;
-				}
-			}
-			break;
-		}
-
-		/* glibc rpc only understands IPv4 atm */
-		case AF_INET6:
-			break;
-
-		default:
-			break;
-		}
-
-		i++;
-		ptr = (char *) &ifc.ifc_req[i];
-	}
-
-	close(sock);
-	return 0;
-}
-
-static int string_match(const char *myname, const char *pattern)
-{
-	struct addrinfo hints, *ni;
-	int ret;
-
-	/* Try simple name match first */
-	ret = name_match(myname, pattern);
-	if (ret)
-		goto done;
-
-	memset(&hints, 0, sizeof(hints));
-	hints.ai_flags = AI_CANONNAME;
-	hints.ai_family = 0;
-	hints.ai_socktype = 0;
-
-	/* See if our canonical name matches */
-	if (getaddrinfo(myname, NULL, &hints, &ni) == 0) {
-		ret = name_match(ni->ai_canonname, pattern);
-		freeaddrinfo(ni);
-	} else
-		warn(LOGOPT_ANY, "name lookup failed: %s", gai_strerror(ret));
-	if (ret)
-		goto done;
-
-	/* Lastly see if the name of an interfaces matches */
-	ret = fqdn_match(pattern);
-done:
-	return ret;
-}
-
-static int host_match(char *pattern)
-{
-	unsigned int negate = (*pattern == '-');
-	const char *m_pattern = (negate ? pattern + 1 : pattern);
-	char myname[MAXHOSTNAMELEN + 1] = "\0";
-	struct in_addr tmp;
-	int ret = 0;
-
-	if (gethostname(myname, MAXHOSTNAMELEN))
-		return 0;
-
-	if (yp_get_default_domain(&ypdomain))
-		ypdomain = NULL;
-
-	if (*m_pattern == '@') {
-		if (ypdomain)
-			ret = innetgr(m_pattern + 1, myname, NULL, ypdomain);
-	} else if (inet_aton(m_pattern, &tmp) || strchr(m_pattern, '/')) {
-		size_t len = strlen(m_pattern) + 1;
-		char *addr, *mask;
-
-		addr = alloca(len);
-		if (!addr)
-			return 0;
-
-		memset(addr, 0, len);
-		memcpy(addr, m_pattern, len - 1);
-		mask = strchr(addr, '/');
-		if (mask) {
-			*mask++ = '\0';
-			ret = masked_match(addr, mask);
-		} else
-			ret = masked_match(addr, "32");
-	} else if (!strcmp(m_pattern, "gss/krb5")) {
-		/* Leave this to the GSS layer */
-		ret = 1;
-	} else
-		ret = string_match(myname, m_pattern);
-
-	if (negate)
-		ret = !ret;
-
-	return ret;
-}
-
-static int rpc_export_allowed(groups grouplist)
-{
-	groups grp = grouplist;
-
-	/* NULL group list => everyone */
-	if (!grp)
-		return 1;
-
-	while (grp) {
-		if (host_match(grp->gr_name))
-			return 1;
-		grp = grp->gr_next;
-	}
-	return 0;
-}
-
-exports rpc_exports_prune(exports list)
-{
-	exports head = list;
-	exports exp;
-	exports last;
-	int res;
-
-	exp = list;
-	last = NULL;
-	while (exp) {
-		res = rpc_export_allowed(exp->ex_groups);
-		if (!res) {
-			if (last == NULL) {
-				head = exp->ex_next;
-				rpc_export_free(exp);
-				exp = head;
-			} else {
-				last->ex_next = exp->ex_next;
-				rpc_export_free(exp);
-				exp = last->ex_next;
-			}
-			continue;
-		}
-		last = exp;
-		exp = exp->ex_next;
-	}
-	return head;
-}
-
 exports rpc_get_exports(const char *host, long seconds, long micros, unsigned int option)
 {
 	struct conn_info info;