summaryrefslogtreecommitdiff
path: root/client
diff options
context:
space:
mode:
authorJelmer Vernooij <jelmer@samba.org>2009-06-02 23:07:59 +0200
committerJelmer Vernooij <jelmer@samba.org>2009-06-02 23:24:33 +0200
commit8d033ec0d115fe2cdd9bf1fa9758cc0994f5b6f0 (patch)
treeeee039b69b32b29aa01ecb0eed1e8a78b48f0ce0 /client
parente0a6a344be326c58dc9307f286226f76f15f78e8 (diff)
downloadsamba-8d033ec0d115fe2cdd9bf1fa9758cc0994f5b6f0.tar.gz
samba-8d033ec0d115fe2cdd9bf1fa9758cc0994f5b6f0.tar.bz2
samba-8d033ec0d115fe2cdd9bf1fa9758cc0994f5b6f0.zip
Move mount.cifs/umount.cifs to the top level and remove the outdated copy
in Samba 4.
Diffstat (limited to 'client')
-rw-r--r--client/cifs.upcall.c391
-rw-r--r--client/cifs_spnego.h46
-rw-r--r--client/mount.cifs.c1539
-rw-r--r--client/mount.h38
-rw-r--r--client/mtab.c220
-rw-r--r--client/umount.cifs.c405
6 files changed, 2639 insertions, 0 deletions
diff --git a/client/cifs.upcall.c b/client/cifs.upcall.c
new file mode 100644
index 0000000000..4110de35fd
--- /dev/null
+++ b/client/cifs.upcall.c
@@ -0,0 +1,391 @@
+/*
+* CIFS user-space helper.
+* Copyright (C) Igor Mammedov (niallain@gmail.com) 2007
+*
+* Used by /sbin/request-key for handling
+* cifs upcall for kerberos authorization of access to share and
+* cifs upcall for DFS srver name resolving (IPv4/IPv6 aware).
+* You should have keyutils installed and add something like the
+* following lines to /etc/request-key.conf file:
+
+create cifs.spnego * * /usr/local/sbin/cifs.upcall %k
+create dns_resolver * * /usr/local/sbin/cifs.upcall %k
+
+* This program is free software; you can redistribute it and/or modify
+* it under the terms of the GNU General Public License as published by
+* the Free Software Foundation; either version 2 of the License, or
+* (at your option) any later version.
+* This program is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+* GNU General Public License for more details.
+* You should have received a copy of the GNU General Public License
+* along with this program; if not, write to the Free Software
+* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+*/
+
+#include "includes.h"
+#include <keyutils.h>
+
+#include "cifs_spnego.h"
+
+const char *CIFSSPNEGO_VERSION = "1.2";
+static const char *prog = "cifs.upcall";
+typedef enum _secType {
+ NONE = 0,
+ KRB5,
+ MS_KRB5
+} secType_t;
+
+/*
+ * Prepares AP-REQ data for mechToken and gets session key
+ * Uses credentials from cache. It will not ask for password
+ * you should receive credentials for yuor name manually using
+ * kinit or whatever you wish.
+ *
+ * in:
+ * oid - string with OID/ Could be OID_KERBEROS5
+ * or OID_KERBEROS5_OLD
+ * principal - Service name.
+ * Could be "cifs/FQDN" for KRB5 OID
+ * or for MS_KRB5 OID style server principal
+ * like "pdc$@YOUR.REALM.NAME"
+ *
+ * out:
+ * secblob - pointer for spnego wrapped AP-REQ data to be stored
+ * sess_key- pointer for SessionKey data to be stored
+ *
+ * ret: 0 - success, others - failure
+*/
+static int
+handle_krb5_mech(const char *oid, const char *principal,
+ DATA_BLOB * secblob, DATA_BLOB * sess_key)
+{
+ int retval;
+ DATA_BLOB tkt, tkt_wrapped;
+
+ /* get a kerberos ticket for the service and extract the session key */
+ retval = cli_krb5_get_ticket(principal, 0,
+ &tkt, sess_key, 0, NULL, NULL);
+
+ if (retval)
+ return retval;
+
+ /* wrap that up in a nice GSS-API wrapping */
+ tkt_wrapped = spnego_gen_krb5_wrap(tkt, TOK_ID_KRB_AP_REQ);
+
+ /* and wrap that in a shiny SPNEGO wrapper */
+ *secblob = gen_negTokenInit(oid, tkt_wrapped);
+
+ data_blob_free(&tkt_wrapped);
+ data_blob_free(&tkt);
+ return retval;
+}
+
+#define DKD_HAVE_HOSTNAME 1
+#define DKD_HAVE_VERSION 2
+#define DKD_HAVE_SEC 4
+#define DKD_HAVE_IPV4 8
+#define DKD_HAVE_IPV6 16
+#define DKD_HAVE_UID 32
+#define DKD_MUSTHAVE_SET (DKD_HAVE_HOSTNAME|DKD_HAVE_VERSION|DKD_HAVE_SEC)
+
+static int
+decode_key_description(const char *desc, int *ver, secType_t * sec,
+ char **hostname, uid_t * uid)
+{
+ int retval = 0;
+ char *pos;
+ const char *tkn = desc;
+
+ do {
+ pos = index(tkn, ';');
+ if (strncmp(tkn, "host=", 5) == 0) {
+ int len;
+
+ if (pos == NULL) {
+ len = strlen(tkn);
+ } else {
+ len = pos - tkn;
+ }
+ len -= 4;
+ SAFE_FREE(*hostname);
+ *hostname = SMB_XMALLOC_ARRAY(char, len);
+ strlcpy(*hostname, tkn + 5, len);
+ retval |= DKD_HAVE_HOSTNAME;
+ } else if (strncmp(tkn, "ipv4=", 5) == 0) {
+ /* BB: do we need it if we have hostname already? */
+ } else if (strncmp(tkn, "ipv6=", 5) == 0) {
+ /* BB: do we need it if we have hostname already? */
+ } else if (strncmp(tkn, "sec=", 4) == 0) {
+ if (strncmp(tkn + 4, "krb5", 4) == 0) {
+ retval |= DKD_HAVE_SEC;
+ *sec = KRB5;
+ } else if (strncmp(tkn + 4, "mskrb5", 6) == 0) {
+ retval |= DKD_HAVE_SEC;
+ *sec = MS_KRB5;
+ }
+ } else if (strncmp(tkn, "uid=", 4) == 0) {
+ errno = 0;
+ *uid = strtol(tkn + 4, NULL, 16);
+ if (errno != 0) {
+ syslog(LOG_WARNING, "Invalid uid format: %s",
+ strerror(errno));
+ return 1;
+ } else {
+ retval |= DKD_HAVE_UID;
+ }
+ } else if (strncmp(tkn, "ver=", 4) == 0) { /* if version */
+ errno = 0;
+ *ver = strtol(tkn + 4, NULL, 16);
+ if (errno != 0) {
+ syslog(LOG_WARNING,
+ "Invalid version format: %s",
+ strerror(errno));
+ return 1;
+ } else {
+ retval |= DKD_HAVE_VERSION;
+ }
+ }
+ if (pos == NULL)
+ break;
+ tkn = pos + 1;
+ } while (tkn);
+ return retval;
+}
+
+static int
+cifs_resolver(const key_serial_t key, const char *key_descr)
+{
+ int c;
+ struct addrinfo *addr;
+ char ip[INET6_ADDRSTRLEN];
+ void *p;
+ const char *keyend = key_descr;
+ /* skip next 4 ';' delimiters to get to description */
+ for (c = 1; c <= 4; c++) {
+ keyend = index(keyend+1, ';');
+ if (!keyend) {
+ syslog(LOG_WARNING, "invalid key description: %s",
+ key_descr);
+ return 1;
+ }
+ }
+ keyend++;
+
+ /* resolve name to ip */
+ c = getaddrinfo(keyend, NULL, NULL, &addr);
+ if (c) {
+ syslog(LOG_WARNING, "unable to resolve hostname: %s [%s]",
+ keyend, gai_strerror(c));
+ return 1;
+ }
+
+ /* conver ip to string form */
+ if (addr->ai_family == AF_INET) {
+ p = &(((struct sockaddr_in *)addr->ai_addr)->sin_addr);
+ } else {
+ p = &(((struct sockaddr_in6 *)addr->ai_addr)->sin6_addr);
+ }
+ if (!inet_ntop(addr->ai_family, p, ip, sizeof(ip))) {
+ syslog(LOG_WARNING, "%s: inet_ntop: %s",
+ __FUNCTION__, strerror(errno));
+ freeaddrinfo(addr);
+ return 1;
+ }
+
+ /* setup key */
+ c = keyctl_instantiate(key, ip, strlen(ip)+1, 0);
+ if (c == -1) {
+ syslog(LOG_WARNING, "%s: keyctl_instantiate: %s",
+ __FUNCTION__, strerror(errno));
+ freeaddrinfo(addr);
+ return 1;
+ }
+
+ freeaddrinfo(addr);
+ return 0;
+}
+
+static void
+usage(void)
+{
+ syslog(LOG_WARNING, "Usage: %s [-c] [-v] key_serial", prog);
+ fprintf(stderr, "Usage: %s [-c] [-v] key_serial\n", prog);
+}
+
+int main(const int argc, char *const argv[])
+{
+ struct cifs_spnego_msg *keydata = NULL;
+ DATA_BLOB secblob = data_blob_null;
+ DATA_BLOB sess_key = data_blob_null;
+ secType_t sectype = NONE;
+ key_serial_t key = 0;
+ size_t datalen;
+ long rc = 1;
+ uid_t uid = 0;
+ int kernel_upcall_version = 0;
+ int c, use_cifs_service_prefix = 0;
+ char *buf, *hostname = NULL;
+ const char *oid;
+
+ openlog(prog, 0, LOG_DAEMON);
+
+ while ((c = getopt(argc, argv, "cv")) != -1) {
+ switch (c) {
+ case 'c':{
+ use_cifs_service_prefix = 1;
+ break;
+ }
+ case 'v':{
+ printf("version: %s\n", CIFSSPNEGO_VERSION);
+ goto out;
+ }
+ default:{
+ syslog(LOG_WARNING, "unknown option: %c", c);
+ goto out;
+ }
+ }
+ }
+
+ /* is there a key? */
+ if (argc <= optind) {
+ usage();
+ goto out;
+ }
+
+ /* get key and keyring values */
+ errno = 0;
+ key = strtol(argv[optind], NULL, 10);
+ if (errno != 0) {
+ key = 0;
+ syslog(LOG_WARNING, "Invalid key format: %s", strerror(errno));
+ goto out;
+ }
+
+ rc = keyctl_describe_alloc(key, &buf);
+ if (rc == -1) {
+ syslog(LOG_WARNING, "keyctl_describe_alloc failed: %s",
+ strerror(errno));
+ rc = 1;
+ goto out;
+ }
+
+ if ((strncmp(buf, "cifs.resolver", sizeof("cifs.resolver")-1) == 0) ||
+ (strncmp(buf, "dns_resolver", sizeof("dns_resolver")-1) == 0)) {
+ rc = cifs_resolver(key, buf);
+ goto out;
+ }
+
+ rc = decode_key_description(buf, &kernel_upcall_version, &sectype,
+ &hostname, &uid);
+ if ((rc & DKD_MUSTHAVE_SET) != DKD_MUSTHAVE_SET) {
+ syslog(LOG_WARNING,
+ "unable to get from description necessary params");
+ rc = 1;
+ SAFE_FREE(buf);
+ goto out;
+ }
+ SAFE_FREE(buf);
+
+ if (kernel_upcall_version > CIFS_SPNEGO_UPCALL_VERSION) {
+ syslog(LOG_WARNING,
+ "incompatible kernel upcall version: 0x%x",
+ kernel_upcall_version);
+ rc = 1;
+ goto out;
+ }
+
+ if (rc & DKD_HAVE_UID) {
+ rc = setuid(uid);
+ if (rc == -1) {
+ syslog(LOG_WARNING, "setuid: %s", strerror(errno));
+ goto out;
+ }
+ }
+
+ /* BB: someday upcall SPNEGO blob could be checked here to decide
+ * what mech to use */
+
+ // do mech specific authorization
+ switch (sectype) {
+ case MS_KRB5:
+ case KRB5:{
+ char *princ;
+ size_t len;
+
+ /* for "cifs/" service name + terminating 0 */
+ len = strlen(hostname) + 5 + 1;
+ princ = SMB_XMALLOC_ARRAY(char, len);
+ if (!princ) {
+ rc = 1;
+ break;
+ }
+ if (use_cifs_service_prefix) {
+ strlcpy(princ, "cifs/", len);
+ } else {
+ strlcpy(princ, "host/", len);
+ }
+ strlcpy(princ + 5, hostname, len - 5);
+
+ if (sectype == MS_KRB5)
+ oid = OID_KERBEROS5_OLD;
+ else
+ oid = OID_KERBEROS5;
+
+ rc = handle_krb5_mech(oid, princ, &secblob, &sess_key);
+ SAFE_FREE(princ);
+ break;
+ }
+ default:{
+ syslog(LOG_WARNING, "sectype: %d is not implemented",
+ sectype);
+ rc = 1;
+ break;
+ }
+ }
+
+ if (rc) {
+ goto out;
+ }
+
+ /* pack SecurityBLob and SessionKey into downcall packet */
+ datalen =
+ sizeof(struct cifs_spnego_msg) + secblob.length + sess_key.length;
+ keydata = (struct cifs_spnego_msg*)SMB_XMALLOC_ARRAY(char, datalen);
+ if (!keydata) {
+ rc = 1;
+ goto out;
+ }
+ keydata->version = kernel_upcall_version;
+ keydata->flags = 0;
+ keydata->sesskey_len = sess_key.length;
+ keydata->secblob_len = secblob.length;
+ memcpy(&(keydata->data), sess_key.data, sess_key.length);
+ memcpy(&(keydata->data) + keydata->sesskey_len,
+ secblob.data, secblob.length);
+
+ /* setup key */
+ rc = keyctl_instantiate(key, keydata, datalen, 0);
+ if (rc == -1) {
+ syslog(LOG_WARNING, "keyctl_instantiate: %s", strerror(errno));
+ goto out;
+ }
+
+ /* BB: maybe we need use timeout for key: for example no more then
+ * ticket lifietime? */
+ /* keyctl_set_timeout( key, 60); */
+out:
+ /*
+ * on error, negatively instantiate the key ourselves so that we can
+ * make sure the kernel doesn't hang it off of a searchable keyring
+ * and interfere with the next attempt to instantiate the key.
+ */
+ if (rc != 0 && key == 0)
+ keyctl_negate(key, 1, KEY_REQKEY_DEFL_DEFAULT);
+ data_blob_free(&secblob);
+ data_blob_free(&sess_key);
+ SAFE_FREE(hostname);
+ SAFE_FREE(keydata);
+ return rc;
+}
diff --git a/client/cifs_spnego.h b/client/cifs_spnego.h
new file mode 100644
index 0000000000..f8753a7d59
--- /dev/null
+++ b/client/cifs_spnego.h
@@ -0,0 +1,46 @@
+/*
+ * fs/cifs/cifs_spnego.h -- SPNEGO upcall management for CIFS
+ *
+ * Copyright (c) 2007 Red Hat, Inc.
+ * Author(s): Jeff Layton (jlayton@redhat.com)
+ * Steve French (sfrench@us.ibm.com)
+ *
+ * This library is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published
+ * by the Free Software Foundation; either version 2.1 of the License, or
+ * (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
+ * the GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this library; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ */
+
+#ifndef _CIFS_SPNEGO_H
+#define _CIFS_SPNEGO_H
+
+#define CIFS_SPNEGO_UPCALL_VERSION 2
+
+/*
+ * The version field should always be set to CIFS_SPNEGO_UPCALL_VERSION.
+ * The flags field is for future use. The request-key callout should set
+ * sesskey_len and secblob_len, and then concatenate the SessKey+SecBlob
+ * and stuff it in the data field.
+ */
+struct cifs_spnego_msg {
+ uint32_t version;
+ uint32_t flags;
+ uint32_t sesskey_len;
+ uint32_t secblob_len;
+ uint8_t data[1];
+};
+
+#ifdef __KERNEL__
+extern struct key_type cifs_spnego_key_type;
+#endif /* KERNEL */
+
+#endif /* _CIFS_SPNEGO_H */
diff --git a/client/mount.cifs.c b/client/mount.cifs.c
new file mode 100644
index 0000000000..1b94486a1a
--- /dev/null
+++ b/client/mount.cifs.c
@@ -0,0 +1,1539 @@
+/*
+ Mount helper utility for Linux CIFS VFS (virtual filesystem) client
+ Copyright (C) 2003,2008 Steve French (sfrench@us.ibm.com)
+ Copyright (C) 2008 Jeremy Allison (jra@samba.org)
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>. */
+
+#ifndef _GNU_SOURCE
+#define _GNU_SOURCE
+#endif
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <unistd.h>
+#include <pwd.h>
+#include <grp.h>
+#include <ctype.h>
+#include <sys/types.h>
+#include <sys/mount.h>
+#include <sys/stat.h>
+#include <sys/utsname.h>
+#include <sys/socket.h>
+#include <arpa/inet.h>
+#include <getopt.h>
+#include <errno.h>
+#include <netdb.h>
+#include <string.h>
+#include <mntent.h>
+#include <fcntl.h>
+#include <limits.h>
+#include "mount.h"
+
+#define MOUNT_CIFS_VERSION_MAJOR "1"
+#define MOUNT_CIFS_VERSION_MINOR "12"
+
+#ifndef MOUNT_CIFS_VENDOR_SUFFIX
+ #ifdef _SAMBA_BUILD_
+ #include "version.h"
+ #ifdef SAMBA_VERSION_VENDOR_SUFFIX
+ #define MOUNT_CIFS_VENDOR_SUFFIX "-"SAMBA_VERSION_OFFICIAL_STRING"-"SAMBA_VERSION_VENDOR_SUFFIX
+ #else
+ #define MOUNT_CIFS_VENDOR_SUFFIX "-"SAMBA_VERSION_OFFICIAL_STRING
+ #endif /* SAMBA_VERSION_OFFICIAL_STRING and SAMBA_VERSION_VENDOR_SUFFIX */
+ #else
+ #define MOUNT_CIFS_VENDOR_SUFFIX ""
+ #endif /* _SAMBA_BUILD_ */
+#endif /* MOUNT_CIFS_VENDOR_SUFFIX */
+
+#ifdef _SAMBA_BUILD_
+#include "include/config.h"
+#endif
+
+#ifndef MS_MOVE
+#define MS_MOVE 8192
+#endif
+
+#ifndef MS_BIND
+#define MS_BIND 4096
+#endif
+
+#define MAX_UNC_LEN 1024
+
+#define CONST_DISCARD(type, ptr) ((type) ((void *) (ptr)))
+
+#ifndef SAFE_FREE
+#define SAFE_FREE(x) do { if ((x) != NULL) {free(x); x=NULL;} } while(0)
+#endif
+
+#define MOUNT_PASSWD_SIZE 128
+#define DOMAIN_SIZE 64
+
+/* currently maximum length of IPv6 address string */
+#define MAX_ADDRESS_LEN INET6_ADDRSTRLEN
+
+const char *thisprogram;
+int verboseflag = 0;
+int fakemnt = 0;
+static int got_password = 0;
+static int got_user = 0;
+static int got_domain = 0;
+static int got_ip = 0;
+static int got_unc = 0;
+static int got_uid = 0;
+static int got_gid = 0;
+static char * user_name = NULL;
+static char * mountpassword = NULL;
+char * domain_name = NULL;
+char * prefixpath = NULL;
+
+/* glibc doesn't have strlcpy, strlcat. Ensure we do. JRA. We
+ * don't link to libreplace so need them here. */
+
+/* like strncpy but does not 0 fill the buffer and always null
+ * terminates. bufsize is the size of the destination buffer */
+
+#ifndef HAVE_STRLCPY
+static size_t strlcpy(char *d, const char *s, size_t bufsize)
+{
+ size_t len = strlen(s);
+ size_t ret = len;
+ if (bufsize <= 0) return 0;
+ if (len >= bufsize) len = bufsize-1;
+ memcpy(d, s, len);
+ d[len] = 0;
+ return ret;
+}
+#endif
+
+/* like strncat but does not 0 fill the buffer and always null
+ * terminates. bufsize is the length of the buffer, which should
+ * be one more than the maximum resulting string length */
+
+#ifndef HAVE_STRLCAT
+static size_t strlcat(char *d, const char *s, size_t bufsize)
+{
+ size_t len1 = strlen(d);
+ size_t len2 = strlen(s);
+ size_t ret = len1 + len2;
+
+ if (len1+len2 >= bufsize) {
+ if (bufsize < (len1+1)) {
+ return ret;
+ }
+ len2 = bufsize - (len1+1);
+ }
+ if (len2 > 0) {
+ memcpy(d+len1, s, len2);
+ d[len1+len2] = 0;
+ }
+ return ret;
+}
+#endif
+
+/* BB finish BB
+
+ cifs_umount
+ open nofollow - avoid symlink exposure?
+ get owner of dir see if matches self or if root
+ call system(umount argv) etc.
+
+BB end finish BB */
+
+static char * check_for_domain(char **);
+
+
+static void mount_cifs_usage(void)
+{
+ printf("\nUsage: %s <remotetarget> <dir> -o <options>\n", thisprogram);
+ printf("\nMount the remote target, specified as a UNC name,");
+ printf(" to a local directory.\n\nOptions:\n");
+ printf("\tuser=<arg>\n\tpass=<arg>\n\tdom=<arg>\n");
+ printf("\nLess commonly used options:");
+ printf("\n\tcredentials=<filename>,guest,perm,noperm,setuids,nosetuids,rw,ro,");
+ printf("\n\tsep=<char>,iocharset=<codepage>,suid,nosuid,exec,noexec,serverino,");
+ printf("\n\tmapchars,nomapchars,nolock,servernetbiosname=<SRV_RFC1001NAME>");
+ printf("\n\tdirectio,nounix,cifsacl,sec=<authentication mechanism>,sign");
+ printf("\n\nOptions not needed for servers supporting CIFS Unix extensions");
+ printf("\n\t(e.g. unneeded for mounts to most Samba versions):");
+ printf("\n\tuid=<uid>,gid=<gid>,dir_mode=<mode>,file_mode=<mode>,sfu");
+ printf("\n\nRarely used options:");
+ printf("\n\tport=<tcpport>,rsize=<size>,wsize=<size>,unc=<unc_name>,ip=<ip_address>,");
+ printf("\n\tdev,nodev,nouser_xattr,netbiosname=<OUR_RFC1001NAME>,hard,soft,intr,");
+ printf("\n\tnointr,ignorecase,noposixpaths,noacl,prefixpath=<path>,nobrl");
+ printf("\n\tin6_addr");
+ printf("\n\nOptions are described in more detail in the manual page");
+ printf("\n\tman 8 mount.cifs\n");
+ printf("\nTo display the version number of the mount helper:");
+ printf("\n\t%s -V\n",thisprogram);
+
+ SAFE_FREE(mountpassword);
+}
+
+/* caller frees username if necessary */
+static char * getusername(void) {
+ char *username = NULL;
+ struct passwd *password = getpwuid(getuid());
+
+ if (password) {
+ username = password->pw_name;
+ }
+ return username;
+}
+
+static int open_cred_file(char * file_name)
+{
+ char * line_buf;
+ char * temp_val;
+ FILE * fs;
+ int i, length;
+ fs = fopen(file_name,"r");
+ if(fs == NULL)
+ return errno;
+ line_buf = (char *)malloc(4096);
+ if(line_buf == NULL) {
+ fclose(fs);
+ return ENOMEM;
+ }
+
+ while(fgets(line_buf,4096,fs)) {
+ /* parse line from credential file */
+
+ /* eat leading white space */
+ for(i=0;i<4086;i++) {
+ if((line_buf[i] != ' ') && (line_buf[i] != '\t'))
+ break;
+ /* if whitespace - skip past it */
+ }
+ if (strncasecmp("username",line_buf+i,8) == 0) {
+ temp_val = strchr(line_buf + i,'=');
+ if(temp_val) {
+ /* go past equals sign */
+ temp_val++;
+ for(length = 0;length<4087;length++) {
+ if ((temp_val[length] == '\n')
+ || (temp_val[length] == '\0')) {
+ temp_val[length] = '\0';
+ break;
+ }
+ }
+ if(length > 4086) {
+ printf("mount.cifs failed due to malformed username in credentials file");
+ memset(line_buf,0,4096);
+ exit(EX_USAGE);
+ } else {
+ got_user = 1;
+ user_name = (char *)calloc(1 + length,1);
+ /* BB adding free of user_name string before exit,
+ not really necessary but would be cleaner */
+ strlcpy(user_name,temp_val, length+1);
+ }
+ }
+ } else if (strncasecmp("password",line_buf+i,8) == 0) {
+ temp_val = strchr(line_buf+i,'=');
+ if(temp_val) {
+ /* go past equals sign */
+ temp_val++;
+ for(length = 0;length<MOUNT_PASSWD_SIZE+1;length++) {
+ if ((temp_val[length] == '\n')
+ || (temp_val[length] == '\0')) {
+ temp_val[length] = '\0';
+ break;
+ }
+ }
+ if(length > MOUNT_PASSWD_SIZE) {
+ printf("mount.cifs failed: password in credentials file too long\n");
+ memset(line_buf,0, 4096);
+ exit(EX_USAGE);
+ } else {
+ if(mountpassword == NULL) {
+ mountpassword = (char *)calloc(MOUNT_PASSWD_SIZE+1,1);
+ } else
+ memset(mountpassword,0,MOUNT_PASSWD_SIZE);
+ if(mountpassword) {
+ strlcpy(mountpassword,temp_val,MOUNT_PASSWD_SIZE+1);
+ got_password = 1;
+ }
+ }
+ }
+ } else if (strncasecmp("domain",line_buf+i,6) == 0) {
+ temp_val = strchr(line_buf+i,'=');
+ if(temp_val) {
+ /* go past equals sign */
+ temp_val++;
+ if(verboseflag)
+ printf("\nDomain %s\n",temp_val);
+ for(length = 0;length<DOMAIN_SIZE+1;length++) {
+ if ((temp_val[length] == '\n')
+ || (temp_val[length] == '\0')) {
+ temp_val[length] = '\0';
+ break;
+ }
+ }
+ if(length > DOMAIN_SIZE) {
+ printf("mount.cifs failed: domain in credentials file too long\n");
+ exit(EX_USAGE);
+ } else {
+ if(domain_name == NULL) {
+ domain_name = (char *)calloc(DOMAIN_SIZE+1,1);
+ } else
+ memset(domain_name,0,DOMAIN_SIZE);
+ if(domain_name) {
+ strlcpy(domain_name,temp_val,DOMAIN_SIZE+1);
+ got_domain = 1;
+ }
+ }
+ }
+ }
+
+ }
+ fclose(fs);
+ SAFE_FREE(line_buf);
+ return 0;
+}
+
+static int get_password_from_file(int file_descript, char * filename)
+{
+ int rc = 0;
+ int i;
+ char c;
+
+ if(mountpassword == NULL)
+ mountpassword = (char *)calloc(MOUNT_PASSWD_SIZE+1,1);
+ else
+ memset(mountpassword, 0, MOUNT_PASSWD_SIZE);
+
+ if (mountpassword == NULL) {
+ printf("malloc failed\n");
+ exit(EX_SYSERR);
+ }
+
+ if(filename != NULL) {
+ file_descript = open(filename, O_RDONLY);
+ if(file_descript < 0) {
+ printf("mount.cifs failed. %s attempting to open password file %s\n",
+ strerror(errno),filename);
+ exit(EX_SYSERR);
+ }
+ }
+ /* else file already open and fd provided */
+
+ for(i=0;i<MOUNT_PASSWD_SIZE;i++) {
+ rc = read(file_descript,&c,1);
+ if(rc < 0) {
+ printf("mount.cifs failed. Error %s reading password file\n",strerror(errno));
+ if(filename != NULL)
+ close(file_descript);
+ exit(EX_SYSERR);
+ } else if(rc == 0) {
+ if(mountpassword[0] == 0) {
+ if(verboseflag)
+ printf("\nWarning: null password used since cifs password file empty");
+ }
+ break;
+ } else /* read valid character */ {
+ if((c == 0) || (c == '\n')) {
+ mountpassword[i] = '\0';
+ break;
+ } else
+ mountpassword[i] = c;
+ }
+ }
+ if((i == MOUNT_PASSWD_SIZE) && (verboseflag)) {
+ printf("\nWarning: password longer than %d characters specified in cifs password file",
+ MOUNT_PASSWD_SIZE);
+ }
+ got_password = 1;
+ if(filename != NULL) {
+ close(file_descript);
+ }
+
+ return rc;
+}
+
+static int parse_options(char ** optionsp, int * filesys_flags)
+{
+ const char * data;
+ char * percent_char = NULL;
+ char * value = NULL;
+ char * next_keyword = NULL;
+ char * out = NULL;
+ int out_len = 0;
+ int word_len;
+ int rc = 0;
+ char user[32];
+ char group[32];
+
+ if (!optionsp || !*optionsp)
+ return 1;
+ data = *optionsp;
+
+ if(verboseflag)
+ printf("parsing options: %s\n", data);
+
+ /* BB fixme check for separator override BB */
+
+ if (getuid()) {
+ got_uid = 1;
+ snprintf(user,sizeof(user),"%u",getuid());
+ got_gid = 1;
+ snprintf(group,sizeof(group),"%u",getgid());
+ }
+
+/* while ((data = strsep(&options, ",")) != NULL) { */
+ while(data != NULL) {
+ /* check if ends with trailing comma */
+ if(*data == 0)
+ break;
+
+ /* format is keyword=value,keyword2=value2,keyword3=value3 etc.) */
+ /* data = next keyword */
+ /* value = next value ie stuff after equal sign */
+
+ next_keyword = strchr(data,','); /* BB handle sep= */
+
+ /* temporarily null terminate end of keyword=value pair */
+ if(next_keyword)
+ *next_keyword++ = 0;
+
+ /* temporarily null terminate keyword to make keyword and value distinct */
+ if ((value = strchr(data, '=')) != NULL) {
+ *value = '\0';
+ value++;
+ }
+
+ if (strncmp(data, "users",5) == 0) {
+ if(!value || !*value) {
+ goto nocopy;
+ }
+ } else if (strncmp(data, "user_xattr",10) == 0) {
+ /* do nothing - need to skip so not parsed as user name */
+ } else if (strncmp(data, "user", 4) == 0) {
+
+ if (!value || !*value) {
+ if(data[4] == '\0') {
+ if(verboseflag)
+ printf("\nskipping empty user mount parameter\n");
+ /* remove the parm since it would otherwise be confusing
+ to the kernel code which would think it was a real username */
+ goto nocopy;
+ } else {
+ printf("username specified with no parameter\n");
+ SAFE_FREE(out);
+ return 1; /* needs_arg; */
+ }
+ } else {
+ if (strnlen(value, 260) < 260) {
+ got_user=1;
+ percent_char = strchr(value,'%');
+ if(percent_char) {
+ *percent_char = ',';
+ if(mountpassword == NULL)
+ mountpassword = (char *)calloc(MOUNT_PASSWD_SIZE+1,1);
+ if(mountpassword) {
+ if(got_password)
+ printf("\nmount.cifs warning - password specified twice\n");
+ got_password = 1;
+ percent_char++;
+ strlcpy(mountpassword, percent_char,MOUNT_PASSWD_SIZE+1);
+ /* remove password from username */
+ while(*percent_char != 0) {
+ *percent_char = ',';
+ percent_char++;
+ }
+ }
+ }
+ /* this is only case in which the user
+ name buf is not malloc - so we have to
+ check for domain name embedded within
+ the user name here since the later
+ call to check_for_domain will not be
+ invoked */
+ domain_name = check_for_domain(&value);
+ } else {
+ printf("username too long\n");
+ SAFE_FREE(out);
+ return 1;
+ }
+ }
+ } else if (strncmp(data, "pass", 4) == 0) {
+ if (!value || !*value) {
+ if(got_password) {
+ printf("\npassword specified twice, ignoring second\n");
+ } else
+ got_password = 1;
+ } else if (strnlen(value, MOUNT_PASSWD_SIZE) < MOUNT_PASSWD_SIZE) {
+ if(got_password)
+ printf("\nmount.cifs warning - password specified twice\n");
+ got_password = 1;
+ } else {
+ printf("password too long\n");
+ SAFE_FREE(out);
+ return 1;
+ }
+ } else if (strncmp(data, "sec", 3) == 0) {
+ if (value) {
+ if (!strncmp(value, "none", 4) ||
+ !strncmp(value, "krb5", 4))
+ got_password = 1;
+ }
+ } else if (strncmp(data, "ip", 2) == 0) {
+ if (!value || !*value) {
+ printf("target ip address argument missing");
+ } else if (strnlen(value, MAX_ADDRESS_LEN) <= MAX_ADDRESS_LEN) {
+ if(verboseflag)
+ printf("ip address %s override specified\n",value);
+ got_ip = 1;
+ } else {
+ printf("ip address too long\n");
+ SAFE_FREE(out);
+ return 1;
+ }
+ } else if ((strncmp(data, "unc", 3) == 0)
+ || (strncmp(data, "target", 6) == 0)
+ || (strncmp(data, "path", 4) == 0)) {
+ if (!value || !*value) {
+ printf("invalid path to network resource\n");
+ SAFE_FREE(out);
+ return 1; /* needs_arg; */
+ } else if(strnlen(value,5) < 5) {
+ printf("UNC name too short");
+ }
+
+ if (strnlen(value, 300) < 300) {
+ got_unc = 1;
+ if (strncmp(value, "//", 2) == 0) {
+ if(got_unc)
+ printf("unc name specified twice, ignoring second\n");
+ else
+ got_unc = 1;
+ } else if (strncmp(value, "\\\\", 2) != 0) {
+ printf("UNC Path does not begin with // or \\\\ \n");
+ SAFE_FREE(out);
+ return 1;
+ } else {
+ if(got_unc)
+ printf("unc name specified twice, ignoring second\n");
+ else
+ got_unc = 1;
+ }
+ } else {
+ printf("CIFS: UNC name too long\n");
+ SAFE_FREE(out);
+ return 1;
+ }
+ } else if ((strncmp(data, "dom" /* domain */, 3) == 0)
+ || (strncmp(data, "workg", 5) == 0)) {
+ /* note this allows for synonyms of "domain"
+ such as "DOM" and "dom" and "workgroup"
+ and "WORKGRP" etc. */
+ if (!value || !*value) {
+ printf("CIFS: invalid domain name\n");
+ SAFE_FREE(out);
+ return 1; /* needs_arg; */
+ }
+ if (strnlen(value, DOMAIN_SIZE+1) < DOMAIN_SIZE+1) {
+ got_domain = 1;
+ } else {
+ printf("domain name too long\n");
+ SAFE_FREE(out);
+ return 1;
+ }
+ } else if (strncmp(data, "cred", 4) == 0) {
+ if (value && *value) {
+ rc = open_cred_file(value);
+ if(rc) {
+ printf("error %d (%s) opening credential file %s\n",
+ rc, strerror(rc), value);
+ SAFE_FREE(out);
+ return 1;
+ }
+ } else {
+ printf("invalid credential file name specified\n");
+ SAFE_FREE(out);
+ return 1;
+ }
+ } else if (strncmp(data, "uid", 3) == 0) {
+ if (value && *value) {
+ got_uid = 1;
+ if (!isdigit(*value)) {
+ struct passwd *pw;
+
+ if (!(pw = getpwnam(value))) {
+ printf("bad user name \"%s\"\n", value);
+ exit(EX_USAGE);
+ }
+ snprintf(user, sizeof(user), "%u", pw->pw_uid);
+ } else {
+ strlcpy(user,value,sizeof(user));
+ }
+ }
+ goto nocopy;
+ } else if (strncmp(data, "gid", 3) == 0) {
+ if (value && *value) {
+ got_gid = 1;
+ if (!isdigit(*value)) {
+ struct group *gr;
+
+ if (!(gr = getgrnam(value))) {
+ printf("bad group name \"%s\"\n", value);
+ exit(EX_USAGE);
+ }
+ snprintf(group, sizeof(group), "%u", gr->gr_gid);
+ } else {
+ strlcpy(group,value,sizeof(group));
+ }
+ }
+ goto nocopy;
+ /* fmask and dmask synonyms for people used to smbfs syntax */
+ } else if (strcmp(data, "file_mode") == 0 || strcmp(data, "fmask")==0) {
+ if (!value || !*value) {
+ printf ("Option '%s' requires a numerical argument\n", data);
+ SAFE_FREE(out);
+ return 1;
+ }
+
+ if (value[0] != '0') {
+ printf ("WARNING: '%s' not expressed in octal.\n", data);
+ }
+
+ if (strcmp (data, "fmask") == 0) {
+ printf ("WARNING: CIFS mount option 'fmask' is deprecated. Use 'file_mode' instead.\n");
+ data = "file_mode"; /* BB fix this */
+ }
+ } else if (strcmp(data, "dir_mode") == 0 || strcmp(data, "dmask")==0) {
+ if (!value || !*value) {
+ printf ("Option '%s' requires a numerical argument\n", data);
+ SAFE_FREE(out);
+ return 1;
+ }
+
+ if (value[0] != '0') {
+ printf ("WARNING: '%s' not expressed in octal.\n", data);
+ }
+
+ if (strcmp (data, "dmask") == 0) {
+ printf ("WARNING: CIFS mount option 'dmask' is deprecated. Use 'dir_mode' instead.\n");
+ data = "dir_mode";
+ }
+ /* the following eight mount options should be
+ stripped out from what is passed into the kernel
+ since these eight options are best passed as the
+ mount flags rather than redundantly to the kernel
+ and could generate spurious warnings depending on the
+ level of the corresponding cifs vfs kernel code */
+ } else if (strncmp(data, "nosuid", 6) == 0) {
+ *filesys_flags |= MS_NOSUID;
+ } else if (strncmp(data, "suid", 4) == 0) {
+ *filesys_flags &= ~MS_NOSUID;
+ } else if (strncmp(data, "nodev", 5) == 0) {
+ *filesys_flags |= MS_NODEV;
+ } else if ((strncmp(data, "nobrl", 5) == 0) ||
+ (strncmp(data, "nolock", 6) == 0)) {
+ *filesys_flags &= ~MS_MANDLOCK;
+ } else if (strncmp(data, "dev", 3) == 0) {
+ *filesys_flags &= ~MS_NODEV;
+ } else if (strncmp(data, "noexec", 6) == 0) {
+ *filesys_flags |= MS_NOEXEC;
+ } else if (strncmp(data, "exec", 4) == 0) {
+ *filesys_flags &= ~MS_NOEXEC;
+ } else if (strncmp(data, "guest", 5) == 0) {
+ user_name = (char *)calloc(1, 1);
+ got_user = 1;
+ got_password = 1;
+ } else if (strncmp(data, "ro", 2) == 0) {
+ *filesys_flags |= MS_RDONLY;
+ } else if (strncmp(data, "rw", 2) == 0) {
+ *filesys_flags &= ~MS_RDONLY;
+ } else if (strncmp(data, "remount", 7) == 0) {
+ *filesys_flags |= MS_REMOUNT;
+ } /* else if (strnicmp(data, "port", 4) == 0) {
+ if (value && *value) {
+ vol->port =
+ simple_strtoul(value, &value, 0);
+ }
+ } else if (strnicmp(data, "rsize", 5) == 0) {
+ if (value && *value) {
+ vol->rsize =
+ simple_strtoul(value, &value, 0);
+ }
+ } else if (strnicmp(data, "wsize", 5) == 0) {
+ if (value && *value) {
+ vol->wsize =
+ simple_strtoul(value, &value, 0);
+ }
+ } else if (strnicmp(data, "version", 3) == 0) {
+ } else {
+ printf("CIFS: Unknown mount option %s\n",data);
+ } */ /* nothing to do on those four mount options above.
+ Just pass to kernel and ignore them here */
+
+ /* Copy (possibly modified) option to out */
+ word_len = strlen(data);
+ if (value)
+ word_len += 1 + strlen(value);
+
+ out = (char *)realloc(out, out_len + word_len + 2);
+ if (out == NULL) {
+ perror("malloc");
+ exit(EX_SYSERR);
+ }
+
+ if (out_len) {
+ strlcat(out, ",", out_len + word_len + 2);
+ out_len++;
+ }
+
+ if (value)
+ snprintf(out + out_len, word_len + 1, "%s=%s", data, value);
+ else
+ snprintf(out + out_len, word_len + 1, "%s", data);
+ out_len = strlen(out);
+
+nocopy:
+ data = next_keyword;
+ }
+
+ /* special-case the uid and gid */
+ if (got_uid) {
+ word_len = strlen(user);
+
+ out = (char *)realloc(out, out_len + word_len + 6);
+ if (out == NULL) {
+ perror("malloc");
+ exit(EX_SYSERR);
+ }
+
+ if (out_len) {
+ strlcat(out, ",", out_len + word_len + 6);
+ out_len++;
+ }
+ snprintf(out + out_len, word_len + 5, "uid=%s", user);
+ out_len = strlen(out);
+ }
+ if (got_gid) {
+ word_len = strlen(group);
+
+ out = (char *)realloc(out, out_len + 1 + word_len + 6);
+ if (out == NULL) {
+ perror("malloc");
+ exit(EX_SYSERR);
+ }
+
+ if (out_len) {
+ strlcat(out, ",", out_len + word_len + 6);
+ out_len++;
+ }
+ snprintf(out + out_len, word_len + 5, "gid=%s", group);
+ out_len = strlen(out);
+ }
+
+ SAFE_FREE(*optionsp);
+ *optionsp = out;
+ return 0;
+}
+
+/* replace all (one or more) commas with double commas */
+static void check_for_comma(char ** ppasswrd)
+{
+ char *new_pass_buf;
+ char *pass;
+ int i,j;
+ int number_of_commas = 0;
+ int len;
+
+ if(ppasswrd == NULL)
+ return;
+ else
+ (pass = *ppasswrd);
+
+ len = strlen(pass);
+
+ for(i=0;i<len;i++) {
+ if(pass[i] == ',')
+ number_of_commas++;
+ }
+
+ if(number_of_commas == 0)
+ return;
+ if(number_of_commas > MOUNT_PASSWD_SIZE) {
+ /* would otherwise overflow the mount options buffer */
+ printf("\nInvalid password. Password contains too many commas.\n");
+ return;
+ }
+
+ new_pass_buf = (char *)malloc(len+number_of_commas+1);
+ if(new_pass_buf == NULL)
+ return;
+
+ for(i=0,j=0;i<len;i++,j++) {
+ new_pass_buf[j] = pass[i];
+ if(pass[i] == ',') {
+ j++;
+ new_pass_buf[j] = pass[i];
+ }
+ }
+ new_pass_buf[len+number_of_commas] = 0;
+
+ SAFE_FREE(*ppasswrd);
+ *ppasswrd = new_pass_buf;
+
+ return;
+}
+
+/* Usernames can not have backslash in them and we use
+ [BB check if usernames can have forward slash in them BB]
+ backslash as domain\user separator character
+*/
+static char * check_for_domain(char **ppuser)
+{
+ char * original_string;
+ char * usernm;
+ char * domainnm;
+ int original_len;
+ int len;
+ int i;
+
+ if(ppuser == NULL)
+ return NULL;
+
+ original_string = *ppuser;
+
+ if (original_string == NULL)
+ return NULL;
+
+ original_len = strlen(original_string);
+
+ usernm = strchr(*ppuser,'/');
+ if (usernm == NULL) {
+ usernm = strchr(*ppuser,'\\');
+ if (usernm == NULL)
+ return NULL;
+ }
+
+ if(got_domain) {
+ printf("Domain name specified twice. Username probably malformed\n");
+ return NULL;
+ }
+
+ usernm[0] = 0;
+ domainnm = *ppuser;
+ if (domainnm[0] != 0) {
+ got_domain = 1;
+ } else {
+ printf("null domain\n");
+ }
+ len = strlen(domainnm);
+ /* reset domainm to new buffer, and copy
+ domain name into it */
+ domainnm = (char *)malloc(len+1);
+ if(domainnm == NULL)
+ return NULL;
+
+ strlcpy(domainnm,*ppuser,len+1);
+
+/* move_string(*ppuser, usernm+1) */
+ len = strlen(usernm+1);
+
+ if(len >= original_len) {
+ /* should not happen */
+ return domainnm;
+ }
+
+ for(i=0;i<original_len;i++) {
+ if(i<len)
+ original_string[i] = usernm[i+1];
+ else /* stuff with commas to remove last parm */
+ original_string[i] = ',';
+ }
+
+ /* BB add check for more than one slash?
+ strchr(*ppuser,'/');
+ strchr(*ppuser,'\\')
+ */
+
+ return domainnm;
+}
+
+/* replace all occurances of "from" in a string with "to" */
+static void replace_char(char *string, char from, char to, int maxlen)
+{
+ char *lastchar = string + maxlen;
+ while (string) {
+ string = strchr(string, from);
+ if (string) {
+ *string = to;
+ if (string >= lastchar)
+ return;
+ }
+ }
+}
+
+/* Note that caller frees the returned buffer if necessary */
+static struct addrinfo *
+parse_server(char ** punc_name)
+{
+ char * unc_name = *punc_name;
+ int length = strnlen(unc_name, MAX_UNC_LEN);
+ char * share;
+ struct addrinfo *addrlist;
+ int rc;
+
+ if(length > (MAX_UNC_LEN - 1)) {
+ printf("mount error: UNC name too long");
+ return NULL;
+ }
+ if ((strncasecmp("cifs://", unc_name, 7) == 0) ||
+ (strncasecmp("smb://", unc_name, 6) == 0)) {
+ printf("\nMounting cifs URL not implemented yet. Attempt to mount %s\n", unc_name);
+ return NULL;
+ }
+
+ if(length < 3) {
+ /* BB add code to find DFS root here */
+ printf("\nMounting the DFS root for domain not implemented yet\n");
+ return NULL;
+ } else {
+ if(strncmp(unc_name,"//",2) && strncmp(unc_name,"\\\\",2)) {
+ /* check for nfs syntax ie server:share */
+ share = strchr(unc_name,':');
+ if(share) {
+ *punc_name = (char *)malloc(length+3);
+ if(*punc_name == NULL) {
+ /* put the original string back if
+ no memory left */
+ *punc_name = unc_name;
+ return NULL;
+ }
+ *share = '/';
+ strlcpy((*punc_name)+2,unc_name,length+1);
+ SAFE_FREE(unc_name);
+ unc_name = *punc_name;
+ unc_name[length+2] = 0;
+ goto continue_unc_parsing;
+ } else {
+ printf("mount error: improperly formatted UNC name.");
+ printf(" %s does not begin with \\\\ or //\n",unc_name);
+ return NULL;
+ }
+ } else {
+continue_unc_parsing:
+ unc_name[0] = '/';
+ unc_name[1] = '/';
+ unc_name += 2;
+
+ /* allow for either delimiter between host and sharename */
+ if ((share = strpbrk(unc_name, "/\\"))) {
+ *share = 0; /* temporarily terminate the string */
+ share += 1;
+ if(got_ip == 0) {
+ rc = getaddrinfo(unc_name, NULL, NULL, &addrlist);
+ if (rc != 0) {
+ printf("mount error: could not resolve address for %s: %s\n",
+ unc_name, gai_strerror(rc));
+ addrlist = NULL;
+ }
+ }
+ *(share - 1) = '/'; /* put delimiter back */
+
+ /* we don't convert the prefixpath delimiters since '\\' is a valid char in posix paths */
+ if ((prefixpath = strpbrk(share, "/\\"))) {
+ *prefixpath = 0; /* permanently terminate the string */
+ if (!strlen(++prefixpath))
+ prefixpath = NULL; /* this needs to be done explicitly */
+ }
+ if(got_ip) {
+ if(verboseflag)
+ printf("ip address specified explicitly\n");
+ return NULL;
+ }
+ /* BB should we pass an alternate version of the share name as Unicode */
+
+ return addrlist;
+ } else {
+ /* BB add code to find DFS root (send null path on get DFS Referral to specified server here */
+ printf("Mounting the DFS root for a particular server not implemented yet\n");
+ return NULL;
+ }
+ }
+ }
+}
+
+static struct option longopts[] = {
+ { "all", 0, NULL, 'a' },
+ { "help",0, NULL, 'h' },
+ { "move",0, NULL, 'm' },
+ { "bind",0, NULL, 'b' },
+ { "read-only", 0, NULL, 'r' },
+ { "ro", 0, NULL, 'r' },
+ { "verbose", 0, NULL, 'v' },
+ { "version", 0, NULL, 'V' },
+ { "read-write", 0, NULL, 'w' },
+ { "rw", 0, NULL, 'w' },
+ { "options", 1, NULL, 'o' },
+ { "type", 1, NULL, 't' },
+ { "rsize",1, NULL, 'R' },
+ { "wsize",1, NULL, 'W' },
+ { "uid", 1, NULL, '1'},
+ { "gid", 1, NULL, '2'},
+ { "user",1,NULL,'u'},
+ { "username",1,NULL,'u'},
+ { "dom",1,NULL,'d'},
+ { "domain",1,NULL,'d'},
+ { "password",1,NULL,'p'},
+ { "pass",1,NULL,'p'},
+ { "credentials",1,NULL,'c'},
+ { "port",1,NULL,'P'},
+ /* { "uuid",1,NULL,'U'}, */ /* BB unimplemented */
+ { NULL, 0, NULL, 0 }
+};
+
+/* convert a string to uppercase. return false if the string
+ * wasn't ASCII. Return success on a NULL ptr */
+static int
+uppercase_string(char *string)
+{
+ if (!string)
+ return 1;
+
+ while (*string) {
+ /* check for unicode */
+ if ((unsigned char) string[0] & 0x80)
+ return 0;
+ *string = toupper((unsigned char) *string);
+ string++;
+ }
+
+ return 1;
+}
+
+static void print_cifs_mount_version(void)
+{
+ printf("mount.cifs version: %s.%s%s\n",
+ MOUNT_CIFS_VERSION_MAJOR,
+ MOUNT_CIFS_VERSION_MINOR,
+ MOUNT_CIFS_VENDOR_SUFFIX);
+}
+
+int main(int argc, char ** argv)
+{
+ int c;
+ int flags = MS_MANDLOCK; /* no need to set legacy MS_MGC_VAL */
+ char * orgoptions = NULL;
+ char * share_name = NULL;
+ const char * ipaddr = NULL;
+ char * uuid = NULL;
+ char * mountpoint = NULL;
+ char * options = NULL;
+ char * optionstail;
+ char * resolved_path = NULL;
+ char * temp;
+ char * dev_name;
+ int rc = 0;
+ int rsize = 0;
+ int wsize = 0;
+ int nomtab = 0;
+ int uid = 0;
+ int gid = 0;
+ int optlen = 0;
+ int orgoptlen = 0;
+ size_t options_size = 0;
+ size_t current_len;
+ int retry = 0; /* set when we have to retry mount with uppercase */
+ struct addrinfo *addrhead = NULL, *addr;
+ struct stat statbuf;
+ struct utsname sysinfo;
+ struct mntent mountent;
+ struct sockaddr_in *addr4;
+ struct sockaddr_in6 *addr6;
+ FILE * pmntfile;
+
+ /* setlocale(LC_ALL, "");
+ bindtextdomain(PACKAGE, LOCALEDIR);
+ textdomain(PACKAGE); */
+
+ if(argc && argv) {
+ thisprogram = argv[0];
+ } else {
+ mount_cifs_usage();
+ exit(EX_USAGE);
+ }
+
+ if(thisprogram == NULL)
+ thisprogram = "mount.cifs";
+
+ uname(&sysinfo);
+ /* BB add workstation name and domain and pass down */
+
+/* #ifdef _GNU_SOURCE
+ printf(" node: %s machine: %s sysname %s domain %s\n", sysinfo.nodename,sysinfo.machine,sysinfo.sysname,sysinfo.domainname);
+#endif */
+ if(argc > 2) {
+ dev_name = argv[1];
+ share_name = strndup(argv[1], MAX_UNC_LEN);
+ if (share_name == NULL) {
+ fprintf(stderr, "%s: %s", argv[0], strerror(ENOMEM));
+ exit(EX_SYSERR);
+ }
+ mountpoint = argv[2];
+ } else if (argc == 2) {
+ if ((strcmp(argv[1], "-V") == 0) ||
+ (strcmp(argv[1], "--version") == 0))
+ {
+ print_cifs_mount_version();
+ exit(0);
+ }
+
+ if ((strcmp(argv[1], "-h") == 0) ||
+ (strcmp(argv[1], "-?") == 0) ||
+ (strcmp(argv[1], "--help") == 0))
+ {
+ mount_cifs_usage();
+ exit(0);
+ }
+
+ mount_cifs_usage();
+ exit(EX_USAGE);
+ } else {
+ mount_cifs_usage();
+ exit(EX_USAGE);
+ }
+
+ /* add sharename in opts string as unc= parm */
+
+ while ((c = getopt_long (argc, argv, "afFhilL:no:O:rsSU:vVwt:",
+ longopts, NULL)) != -1) {
+ switch (c) {
+/* No code to do the following options yet */
+/* case 'l':
+ list_with_volumelabel = 1;
+ break;
+ case 'L':
+ volumelabel = optarg;
+ break; */
+/* case 'a':
+ ++mount_all;
+ break; */
+
+ case '?':
+ case 'h': /* help */
+ mount_cifs_usage ();
+ exit(0);
+ case 'n':
+ ++nomtab;
+ break;
+ case 'b':
+#ifdef MS_BIND
+ flags |= MS_BIND;
+#else
+ fprintf(stderr,
+ "option 'b' (MS_BIND) not supported\n");
+#endif
+ break;
+ case 'm':
+#ifdef MS_MOVE
+ flags |= MS_MOVE;
+#else
+ fprintf(stderr,
+ "option 'm' (MS_MOVE) not supported\n");
+#endif
+ break;
+ case 'o':
+ orgoptions = strdup(optarg);
+ break;
+ case 'r': /* mount readonly */
+ flags |= MS_RDONLY;
+ break;
+ case 'U':
+ uuid = optarg;
+ break;
+ case 'v':
+ ++verboseflag;
+ break;
+ case 'V':
+ print_cifs_mount_version();
+ exit (0);
+ case 'w':
+ flags &= ~MS_RDONLY;
+ break;
+ case 'R':
+ rsize = atoi(optarg) ;
+ break;
+ case 'W':
+ wsize = atoi(optarg);
+ break;
+ case '1':
+ if (isdigit(*optarg)) {
+ char *ep;
+
+ uid = strtoul(optarg, &ep, 10);
+ if (*ep) {
+ printf("bad uid value \"%s\"\n", optarg);
+ exit(EX_USAGE);
+ }
+ } else {
+ struct passwd *pw;
+
+ if (!(pw = getpwnam(optarg))) {
+ printf("bad user name \"%s\"\n", optarg);
+ exit(EX_USAGE);
+ }
+ uid = pw->pw_uid;
+ endpwent();
+ }
+ break;
+ case '2':
+ if (isdigit(*optarg)) {
+ char *ep;
+
+ gid = strtoul(optarg, &ep, 10);
+ if (*ep) {
+ printf("bad gid value \"%s\"\n", optarg);
+ exit(EX_USAGE);
+ }
+ } else {
+ struct group *gr;
+
+ if (!(gr = getgrnam(optarg))) {
+ printf("bad user name \"%s\"\n", optarg);
+ exit(EX_USAGE);
+ }
+ gid = gr->gr_gid;
+ endpwent();
+ }
+ break;
+ case 'u':
+ got_user = 1;
+ user_name = optarg;
+ break;
+ case 'd':
+ domain_name = optarg; /* BB fix this - currently ignored */
+ got_domain = 1;
+ break;
+ case 'p':
+ if(mountpassword == NULL)
+ mountpassword = (char *)calloc(MOUNT_PASSWD_SIZE+1,1);
+ if(mountpassword) {
+ got_password = 1;
+ strlcpy(mountpassword,optarg,MOUNT_PASSWD_SIZE+1);
+ }
+ break;
+ case 'S':
+ get_password_from_file(0 /* stdin */,NULL);
+ break;
+ case 't':
+ break;
+ case 'f':
+ ++fakemnt;
+ break;
+ default:
+ printf("unknown mount option %c\n",c);
+ mount_cifs_usage();
+ exit(EX_USAGE);
+ }
+ }
+
+ if((argc < 3) || (dev_name == NULL) || (mountpoint == NULL)) {
+ mount_cifs_usage();
+ exit(EX_USAGE);
+ }
+
+ if (getenv("PASSWD")) {
+ if(mountpassword == NULL)
+ mountpassword = (char *)calloc(MOUNT_PASSWD_SIZE+1,1);
+ if(mountpassword) {
+ strlcpy(mountpassword,getenv("PASSWD"),MOUNT_PASSWD_SIZE+1);
+ got_password = 1;
+ }
+ } else if (getenv("PASSWD_FD")) {
+ get_password_from_file(atoi(getenv("PASSWD_FD")),NULL);
+ } else if (getenv("PASSWD_FILE")) {
+ get_password_from_file(0, getenv("PASSWD_FILE"));
+ }
+
+ if (orgoptions && parse_options(&orgoptions, &flags)) {
+ rc = EX_USAGE;
+ goto mount_exit;
+ }
+ addrhead = addr = parse_server(&share_name);
+ if((addrhead == NULL) && (got_ip == 0)) {
+ printf("No ip address specified and hostname not found\n");
+ rc = EX_USAGE;
+ goto mount_exit;
+ }
+
+ /* BB save off path and pop after mount returns? */
+ resolved_path = (char *)malloc(PATH_MAX+1);
+ if(resolved_path) {
+ /* Note that if we can not canonicalize the name, we get
+ another chance to see if it is valid when we chdir to it */
+ if (realpath(mountpoint, resolved_path)) {
+ mountpoint = resolved_path;
+ }
+ }
+ if(chdir(mountpoint)) {
+ printf("mount error: can not change directory into mount target %s\n",mountpoint);
+ rc = EX_USAGE;
+ goto mount_exit;
+ }
+
+ if(stat (".", &statbuf)) {
+ printf("mount error: mount point %s does not exist\n",mountpoint);
+ rc = EX_USAGE;
+ goto mount_exit;
+ }
+
+ if (S_ISDIR(statbuf.st_mode) == 0) {
+ printf("mount error: mount point %s is not a directory\n",mountpoint);
+ rc = EX_USAGE;
+ goto mount_exit;
+ }
+
+ if((getuid() != 0) && (geteuid() == 0)) {
+ if((statbuf.st_uid == getuid()) && (S_IRWXU == (statbuf.st_mode & S_IRWXU))) {
+#ifndef CIFS_ALLOW_USR_SUID
+ /* Do not allow user mounts to control suid flag
+ for mount unless explicitly built that way */
+ flags |= MS_NOSUID | MS_NODEV;
+#endif
+ } else {
+ printf("mount error: permission denied or not superuser and mount.cifs not installed SUID\n");
+ exit(EX_USAGE);
+ }
+ }
+
+ if(got_user == 0) {
+ /* Note that the password will not be retrieved from the
+ USER env variable (ie user%password form) as there is
+ already a PASSWD environment varaible */
+ if (getenv("USER"))
+ user_name = strdup(getenv("USER"));
+ if (user_name == NULL)
+ user_name = getusername();
+ got_user = 1;
+ }
+
+ if(got_password == 0) {
+ char *tmp_pass = getpass("Password: "); /* BB obsolete sys call but
+ no good replacement yet. */
+ mountpassword = (char *)calloc(MOUNT_PASSWD_SIZE+1,1);
+ if (!tmp_pass || !mountpassword) {
+ printf("Password not entered, exiting\n");
+ exit(EX_USAGE);
+ }
+ strlcpy(mountpassword, tmp_pass, MOUNT_PASSWD_SIZE+1);
+ got_password = 1;
+ }
+ /* FIXME launch daemon (handles dfs name resolution and credential change)
+ remember to clear parms and overwrite password field before launching */
+ if(orgoptions) {
+ optlen = strlen(orgoptions);
+ orgoptlen = optlen;
+ } else
+ optlen = 0;
+ if(share_name)
+ optlen += strlen(share_name) + 4;
+ else {
+ printf("No server share name specified\n");
+ printf("\nMounting the DFS root for server not implemented yet\n");
+ exit(EX_USAGE);
+ }
+ if(user_name)
+ optlen += strlen(user_name) + 6;
+ optlen += MAX_ADDRESS_LEN + 4;
+ if(mountpassword)
+ optlen += strlen(mountpassword) + 6;
+mount_retry:
+ SAFE_FREE(options);
+ options_size = optlen + 10 + DOMAIN_SIZE;
+ options = (char *)malloc(options_size /* space for commas in password */ + 8 /* space for domain= , domain name itself was counted as part of the length username string above */);
+
+ if(options == NULL) {
+ printf("Could not allocate memory for mount options\n");
+ exit(EX_SYSERR);
+ }
+
+ strlcpy(options, "unc=", options_size);
+ strlcat(options,share_name,options_size);
+ /* scan backwards and reverse direction of slash */
+ temp = strrchr(options, '/');
+ if(temp > options + 6)
+ *temp = '\\';
+ if(user_name) {
+ /* check for syntax like user=domain\user */
+ if(got_domain == 0)
+ domain_name = check_for_domain(&user_name);
+ strlcat(options,",user=",options_size);
+ strlcat(options,user_name,options_size);
+ }
+ if(retry == 0) {
+ if(domain_name) {
+ /* extra length accounted for in option string above */
+ strlcat(options,",domain=",options_size);
+ strlcat(options,domain_name,options_size);
+ }
+ }
+ if(mountpassword) {
+ /* Commas have to be doubled, or else they will
+ look like the parameter separator */
+/* if(sep is not set)*/
+ if(retry == 0)
+ check_for_comma(&mountpassword);
+ strlcat(options,",pass=",options_size);
+ strlcat(options,mountpassword,options_size);
+ }
+
+ strlcat(options,",ver=",options_size);
+ strlcat(options,MOUNT_CIFS_VERSION_MAJOR,options_size);
+
+ if(orgoptions) {
+ strlcat(options,",",options_size);
+ strlcat(options,orgoptions,options_size);
+ }
+ if(prefixpath) {
+ strlcat(options,",prefixpath=",options_size);
+ strlcat(options,prefixpath,options_size); /* no need to cat the / */
+ }
+ if(verboseflag)
+ printf("\nmount.cifs kernel mount options %s \n",options);
+
+ /* convert all '\\' to '/' in share portion so that /proc/mounts looks pretty */
+ replace_char(dev_name, '\\', '/', strlen(share_name));
+
+ if (!got_ip && addr) {
+ strlcat(options, ",ip=", options_size);
+ current_len = strnlen(options, options_size);
+ optionstail = options + current_len;
+ switch (addr->ai_addr->sa_family) {
+ case AF_INET6:
+ addr6 = (struct sockaddr_in6 *) addr->ai_addr;
+ ipaddr = inet_ntop(AF_INET6, &addr6->sin6_addr, optionstail,
+ options_size - current_len);
+ break;
+ case AF_INET:
+ addr4 = (struct sockaddr_in *) addr->ai_addr;
+ ipaddr = inet_ntop(AF_INET, &addr4->sin_addr, optionstail,
+ options_size - current_len);
+ break;
+ }
+
+ /* if the address looks bogus, try the next one */
+ if (!ipaddr) {
+ addr = addr->ai_next;
+ if (addr)
+ goto mount_retry;
+ rc = EX_SYSERR;
+ goto mount_exit;
+ }
+ }
+
+ if (!fakemnt && mount(dev_name, mountpoint, "cifs", flags, options)) {
+ switch (errno) {
+ case ECONNREFUSED:
+ case EHOSTUNREACH:
+ if (addr) {
+ addr = addr->ai_next;
+ if (addr)
+ goto mount_retry;
+ }
+ break;
+ case ENODEV:
+ printf("mount error: cifs filesystem not supported by the system\n");
+ break;
+ case ENXIO:
+ if(retry == 0) {
+ retry = 1;
+ if (uppercase_string(dev_name) &&
+ uppercase_string(share_name) &&
+ uppercase_string(prefixpath)) {
+ printf("retrying with upper case share name\n");
+ goto mount_retry;
+ }
+ }
+ }
+ printf("mount error(%d): %s\n", errno, strerror(errno));
+ printf("Refer to the mount.cifs(8) manual page (e.g. man "
+ "mount.cifs)\n");
+ rc = EX_FAIL;
+ goto mount_exit;
+ }
+
+ if (nomtab)
+ goto mount_exit;
+ atexit(unlock_mtab);
+ rc = lock_mtab();
+ if (rc) {
+ printf("cannot lock mtab");
+ goto mount_exit;
+ }
+ pmntfile = setmntent(MOUNTED, "a+");
+ if (!pmntfile) {
+ printf("could not update mount table\n");
+ unlock_mtab();
+ rc = EX_FILEIO;
+ goto mount_exit;
+ }
+ mountent.mnt_fsname = dev_name;
+ mountent.mnt_dir = mountpoint;
+ mountent.mnt_type = CONST_DISCARD(char *,"cifs");
+ mountent.mnt_opts = (char *)malloc(220);
+ if(mountent.mnt_opts) {
+ char * mount_user = getusername();
+ memset(mountent.mnt_opts,0,200);
+ if(flags & MS_RDONLY)
+ strlcat(mountent.mnt_opts,"ro",220);
+ else
+ strlcat(mountent.mnt_opts,"rw",220);
+ if(flags & MS_MANDLOCK)
+ strlcat(mountent.mnt_opts,",mand",220);
+ if(flags & MS_NOEXEC)
+ strlcat(mountent.mnt_opts,",noexec",220);
+ if(flags & MS_NOSUID)
+ strlcat(mountent.mnt_opts,",nosuid",220);
+ if(flags & MS_NODEV)
+ strlcat(mountent.mnt_opts,",nodev",220);
+ if(flags & MS_SYNCHRONOUS)
+ strlcat(mountent.mnt_opts,",sync",220);
+ if(mount_user) {
+ if(getuid() != 0) {
+ strlcat(mountent.mnt_opts,
+ ",user=", 220);
+ strlcat(mountent.mnt_opts,
+ mount_user, 220);
+ }
+ }
+ }
+ mountent.mnt_freq = 0;
+ mountent.mnt_passno = 0;
+ rc = addmntent(pmntfile,&mountent);
+ endmntent(pmntfile);
+ unlock_mtab();
+ SAFE_FREE(mountent.mnt_opts);
+ if (rc)
+ rc = EX_FILEIO;
+mount_exit:
+ if(mountpassword) {
+ int len = strlen(mountpassword);
+ memset(mountpassword,0,len);
+ SAFE_FREE(mountpassword);
+ }
+
+ if (addrhead)
+ freeaddrinfo(addrhead);
+ SAFE_FREE(options);
+ SAFE_FREE(orgoptions);
+ SAFE_FREE(resolved_path);
+ SAFE_FREE(share_name);
+ exit(rc);
+}
diff --git a/client/mount.h b/client/mount.h
new file mode 100644
index 0000000000..23ea4f0cbd
--- /dev/null
+++ b/client/mount.h
@@ -0,0 +1,38 @@
+/*
+ * Copyright (C) 2008 Jeff Layton (jlayton@samba.org)
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ * *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+/* most of this info was taken from the util-linux-ng sources */
+
+#ifndef _MOUNT_H_
+#define _MOUNT_H_
+
+/* exit status - bits below are ORed */
+#define EX_USAGE 1 /* incorrect invocation or permission */
+#define EX_SYSERR 2 /* out of memory, cannot fork, ... */
+#define EX_SOFTWARE 4 /* internal mount bug or wrong version */
+#define EX_USER 8 /* user interrupt */
+#define EX_FILEIO 16 /* problems writing, locking, ... mtab/fstab */
+#define EX_FAIL 32 /* mount failure */
+#define EX_SOMEOK 64 /* some mount succeeded */
+
+#define _PATH_MOUNTED_LOCK _PATH_MOUNTED "~"
+#define _PATH_MOUNTED_TMP _PATH_MOUNTED ".tmp"
+
+extern int lock_mtab(void);
+extern void unlock_mtab(void);
+
+#endif /* ! _MOUNT_H_ */
diff --git a/client/mtab.c b/client/mtab.c
new file mode 100644
index 0000000000..70789bcb9d
--- /dev/null
+++ b/client/mtab.c
@@ -0,0 +1,220 @@
+/*
+ * mtab locking routines for use with mount.cifs and umount.cifs
+ * Copyright (C) 2008 Jeff Layton (jlayton@samba.org)
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+/*
+ * This code was copied from the util-linux-ng sources and modified:
+ *
+ * git://git.kernel.org/pub/scm/utils/util-linux-ng/util-linux-ng.git
+ *
+ * ...specifically from mount/fstab.c. That file has no explicit license. The
+ * "default" license for anything in that tree is apparently GPLv2+, so I
+ * believe we're OK to copy it here.
+ *
+ * Jeff Layton <jlayton@samba.org>
+ */
+
+#include <unistd.h>
+#include <errno.h>
+#include <stdio.h>
+#include <sys/time.h>
+#include <sys/stat.h>
+#include <time.h>
+#include <fcntl.h>
+#include <mntent.h>
+#include <stdlib.h>
+#include <signal.h>
+#include "mount.h"
+
+
+/* Updating mtab ----------------------------------------------*/
+
+/* Flag for already existing lock file. */
+static int we_created_lockfile = 0;
+static int lockfile_fd = -1;
+
+/* Flag to indicate that signals have been set up. */
+static int signals_have_been_setup = 0;
+
+static void
+handler (int sig) {
+ exit(EX_USER);
+}
+
+static void
+setlkw_timeout (int sig) {
+ /* nothing, fcntl will fail anyway */
+}
+
+/* Remove lock file. */
+void
+unlock_mtab (void) {
+ if (we_created_lockfile) {
+ close(lockfile_fd);
+ lockfile_fd = -1;
+ unlink (_PATH_MOUNTED_LOCK);
+ we_created_lockfile = 0;
+ }
+}
+
+/* Create the lock file.
+ The lock file will be removed if we catch a signal or when we exit. */
+/* The old code here used flock on a lock file /etc/mtab~ and deleted
+ this lock file afterwards. However, as rgooch remarks, that has a
+ race: a second mount may be waiting on the lock and proceed as
+ soon as the lock file is deleted by the first mount, and immediately
+ afterwards a third mount comes, creates a new /etc/mtab~, applies
+ flock to that, and also proceeds, so that the second and third mount
+ now both are scribbling in /etc/mtab.
+ The new code uses a link() instead of a creat(), where we proceed
+ only if it was us that created the lock, and hence we always have
+ to delete the lock afterwards. Now the use of flock() is in principle
+ superfluous, but avoids an arbitrary sleep(). */
+
+/* Where does the link point to? Obvious choices are mtab and mtab~~.
+ HJLu points out that the latter leads to races. Right now we use
+ mtab~.<pid> instead. Use 20 as upper bound for the length of %d. */
+#define MOUNTLOCK_LINKTARGET _PATH_MOUNTED_LOCK "%d"
+#define MOUNTLOCK_LINKTARGET_LTH (sizeof(_PATH_MOUNTED_LOCK)+20)
+
+/*
+ * The original mount locking code has used sleep(1) between attempts and
+ * maximal number of attemps has been 5.
+ *
+ * There was very small number of attempts and extremely long waiting (1s)
+ * that is useless on machines with large number of concurret mount processes.
+ *
+ * Now we wait few thousand microseconds between attempts and we have global
+ * time limit (30s) rather than limit for number of attempts. The advantage
+ * is that this method also counts time which we spend in fcntl(F_SETLKW) and
+ * number of attempts is not so much restricted.
+ *
+ * -- kzak@redhat.com [2007-Mar-2007]
+ */
+
+/* maximum seconds between first and last attempt */
+#define MOUNTLOCK_MAXTIME 30
+
+/* sleep time (in microseconds, max=999999) between attempts */
+#define MOUNTLOCK_WAITTIME 5000
+
+int
+lock_mtab (void) {
+ int i;
+ struct timespec waittime;
+ struct timeval maxtime;
+ char linktargetfile[MOUNTLOCK_LINKTARGET_LTH];
+
+ if (!signals_have_been_setup) {
+ int sig = 0;
+ struct sigaction sa;
+
+ sa.sa_handler = handler;
+ sa.sa_flags = 0;
+ sigfillset (&sa.sa_mask);
+
+ while (sigismember (&sa.sa_mask, ++sig) != -1
+ && sig != SIGCHLD) {
+ if (sig == SIGALRM)
+ sa.sa_handler = setlkw_timeout;
+ else
+ sa.sa_handler = handler;
+ sigaction (sig, &sa, (struct sigaction *) 0);
+ }
+ signals_have_been_setup = 1;
+ }
+
+ sprintf(linktargetfile, MOUNTLOCK_LINKTARGET, getpid ());
+
+ i = open (linktargetfile, O_WRONLY|O_CREAT, S_IRUSR|S_IWUSR);
+ if (i < 0) {
+ /* linktargetfile does not exist (as a file)
+ and we cannot create it. Read-only filesystem?
+ Too many files open in the system?
+ Filesystem full? */
+ return EX_FILEIO;
+ }
+ close(i);
+
+ gettimeofday(&maxtime, NULL);
+ maxtime.tv_sec += MOUNTLOCK_MAXTIME;
+
+ waittime.tv_sec = 0;
+ waittime.tv_nsec = (1000 * MOUNTLOCK_WAITTIME);
+
+ /* Repeat until it was us who made the link */
+ while (!we_created_lockfile) {
+ struct timeval now;
+ struct flock flock;
+ int errsv, j;
+
+ j = link(linktargetfile, _PATH_MOUNTED_LOCK);
+ errsv = errno;
+
+ if (j == 0)
+ we_created_lockfile = 1;
+
+ if (j < 0 && errsv != EEXIST) {
+ (void) unlink(linktargetfile);
+ return EX_FILEIO;
+ }
+
+ lockfile_fd = open (_PATH_MOUNTED_LOCK, O_WRONLY);
+
+ if (lockfile_fd < 0) {
+ /* Strange... Maybe the file was just deleted? */
+ gettimeofday(&now, NULL);
+ if (errno == ENOENT && now.tv_sec < maxtime.tv_sec) {
+ we_created_lockfile = 0;
+ continue;
+ }
+ (void) unlink(linktargetfile);
+ return EX_FILEIO;
+ }
+
+ flock.l_type = F_WRLCK;
+ flock.l_whence = SEEK_SET;
+ flock.l_start = 0;
+ flock.l_len = 0;
+
+ if (j == 0) {
+ /* We made the link. Now claim the lock. If we can't
+ * get it, continue anyway
+ */
+ fcntl (lockfile_fd, F_SETLK, &flock);
+ (void) unlink(linktargetfile);
+ } else {
+ /* Someone else made the link. Wait. */
+ gettimeofday(&now, NULL);
+ if (now.tv_sec < maxtime.tv_sec) {
+ alarm(maxtime.tv_sec - now.tv_sec);
+ if (fcntl (lockfile_fd, F_SETLKW, &flock) == -1) {
+ (void) unlink(linktargetfile);
+ return EX_FILEIO;
+ }
+ alarm(0);
+ nanosleep(&waittime, NULL);
+ } else {
+ (void) unlink(linktargetfile);
+ return EX_FILEIO;
+ }
+ close(lockfile_fd);
+ }
+ }
+ return 0;
+}
+
diff --git a/client/umount.cifs.c b/client/umount.cifs.c
new file mode 100644
index 0000000000..0005054467
--- /dev/null
+++ b/client/umount.cifs.c
@@ -0,0 +1,405 @@
+/*
+ Unmount utility program for Linux CIFS VFS (virtual filesystem) client
+ Copyright (C) 2005 Steve French (sfrench@us.ibm.com)
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>. */
+
+#ifndef _GNU_SOURCE
+#define _GNU_SOURCE
+#endif
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <unistd.h>
+#include <ctype.h>
+#include <sys/types.h>
+#include <sys/mount.h>
+#include <sys/ioctl.h>
+#include <sys/stat.h>
+#include <sys/vfs.h>
+#include <fcntl.h>
+#include <getopt.h>
+#include <errno.h>
+#include <string.h>
+#include <mntent.h>
+#include <limits.h>
+#include "mount.h"
+
+#define UNMOUNT_CIFS_VERSION_MAJOR "0"
+#define UNMOUNT_CIFS_VERSION_MINOR "6"
+
+#ifndef UNMOUNT_CIFS_VENDOR_SUFFIX
+ #ifdef _SAMBA_BUILD_
+ #include "version.h"
+ #ifdef SAMBA_VERSION_VENDOR_SUFFIX
+ #define UNMOUNT_CIFS_VENDOR_SUFFIX "-"SAMBA_VERSION_OFFICIAL_STRING"-"SAMBA_VERSION_VENDOR_SUFFIX
+ #else
+ #define UNMOUNT_CIFS_VENDOR_SUFFIX "-"SAMBA_VERSION_OFFICIAL_STRING
+ #endif /* SAMBA_VERSION_OFFICIAL_STRING and SAMBA_VERSION_VENDOR_SUFFIX */
+ #else
+ #define UNMOUNT_CIFS_VENDOR_SUFFIX ""
+ #endif /* _SAMBA_BUILD_ */
+#endif /* UNMOUNT_CIFS_VENDOR_SUFFIX */
+
+#ifndef MNT_DETACH
+#define MNT_DETACH 0x02
+#endif
+
+#ifndef MNT_EXPIRE
+#define MNT_EXPIRE 0x04
+#endif
+
+#ifndef MOUNTED_LOCK
+#define MOUNTED_LOCK "/etc/mtab~"
+#endif
+#ifndef MOUNTED_TEMP
+#define MOUNTED_TEMP "/etc/mtab.tmp"
+#endif
+
+#define CIFS_IOC_CHECKUMOUNT _IO(0xCF, 2)
+#define CIFS_MAGIC_NUMBER 0xFF534D42 /* the first four bytes of SMB PDU */
+
+static struct option longopts[] = {
+ { "all", 0, NULL, 'a' },
+ { "help",0, NULL, 'h' },
+ { "read-only", 0, NULL, 'r' },
+ { "ro", 0, NULL, 'r' },
+ { "verbose", 0, NULL, 'v' },
+ { "version", 0, NULL, 'V' },
+ { "expire", 0, NULL, 'e' },
+ { "force", 0, 0, 'f' },
+ { "lazy", 0, 0, 'l' },
+ { "no-mtab", 0, 0, 'n' },
+ { NULL, 0, NULL, 0 }
+};
+
+const char * thisprogram;
+int verboseflg = 0;
+
+static void umount_cifs_usage(void)
+{
+ printf("\nUsage: %s <remotetarget> <dir>\n", thisprogram);
+ printf("\nUnmount the specified directory\n");
+ printf("\nLess commonly used options:");
+ printf("\n\t-r\tIf mount fails, retry with readonly remount.");
+ printf("\n\t-n\tDo not write to mtab.");
+ printf("\n\t-f\tAttempt a forced unmount, even if the fs is busy.");
+ printf("\n\t-l\tAttempt lazy unmount, Unmount now, cleanup later.");
+ printf("\n\t-v\tEnable verbose mode (may be useful for debugging).");
+ printf("\n\t-h\tDisplay this help.");
+ printf("\n\nOptions are described in more detail in the manual page");
+ printf("\n\tman 8 umount.cifs\n");
+ printf("\nTo display the version number of the cifs umount utility:");
+ printf("\n\t%s -V\n",thisprogram);
+ printf("\nInvoking the umount utility on cifs mounts, can execute");
+ printf(" /sbin/umount.cifs (if present and umount -i is not specified.\n");
+}
+
+static int umount_check_perm(char * dir)
+{
+ int fileid;
+ int rc;
+
+ /* allow root to unmount, no matter what */
+ if(getuid() == 0)
+ return 0;
+
+ /* presumably can not chdir into the target as we do on mount */
+ fileid = open(dir, O_RDONLY | O_DIRECTORY | O_NOFOLLOW, 0);
+ if(fileid == -1) {
+ if(verboseflg)
+ printf("error opening mountpoint %d %s",errno,strerror(errno));
+ return errno;
+ }
+
+ rc = ioctl(fileid, CIFS_IOC_CHECKUMOUNT, NULL);
+
+ if(verboseflg)
+ printf("ioctl returned %d with errno %d %s\n",rc,errno,strerror(errno));
+
+ if(rc == ENOTTY) {
+ printf("user unmounting via %s is an optional feature of",thisprogram);
+ printf(" the cifs filesystem driver (cifs.ko)");
+ printf("\n\tand requires cifs.ko version 1.32 or later\n");
+ } else if (rc != 0)
+ printf("user unmount of %s failed with %d %s\n",dir,errno,strerror(errno));
+ close(fileid);
+
+ return rc;
+}
+
+static int remove_from_mtab(char * mountpoint)
+{
+ int rc;
+ int num_matches;
+ FILE * org_fd;
+ FILE * new_fd;
+ struct mntent * mount_entry;
+
+ /* Do we need to check if it is a symlink to e.g. /proc/mounts
+ in which case we probably do not want to update it? */
+
+ /* Do we first need to check if it is writable? */
+
+ atexit(unlock_mtab);
+ if (lock_mtab()) {
+ printf("Mount table locked\n");
+ return -EACCES;
+ }
+
+ if(verboseflg)
+ printf("attempting to remove from mtab\n");
+
+ org_fd = setmntent(MOUNTED, "r");
+
+ if(org_fd == NULL) {
+ printf("Can not open %s\n",MOUNTED);
+ unlock_mtab();
+ return -EIO;
+ }
+
+ new_fd = setmntent(MOUNTED_TEMP,"w");
+ if(new_fd == NULL) {
+ printf("Can not open temp file %s", MOUNTED_TEMP);
+ endmntent(org_fd);
+ unlock_mtab();
+ return -EIO;
+ }
+
+ /* BB fix so we only remove the last entry that matches BB */
+ num_matches = 0;
+ while((mount_entry = getmntent(org_fd)) != NULL) {
+ if(strcmp(mount_entry->mnt_dir, mountpoint) == 0) {
+ num_matches++;
+ }
+ }
+ if(verboseflg)
+ printf("%d matching entries in mount table\n", num_matches);
+
+ /* Is there a better way to seek back to the first entry in mtab? */
+ endmntent(org_fd);
+ org_fd = setmntent(MOUNTED, "r");
+
+ if(org_fd == NULL) {
+ printf("Can not open %s\n",MOUNTED);
+ unlock_mtab();
+ return -EIO;
+ }
+
+ while((mount_entry = getmntent(org_fd)) != NULL) {
+ if(strcmp(mount_entry->mnt_dir, mountpoint) != 0) {
+ addmntent(new_fd, mount_entry);
+ } else {
+ if(num_matches != 1) {
+ addmntent(new_fd, mount_entry);
+ num_matches--;
+ } else if(verboseflg)
+ printf("entry not copied (ie entry is removed)\n");
+ }
+ }
+
+ if(verboseflg)
+ printf("done updating tmp file\n");
+ rc = fchmod (fileno (new_fd), S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH);
+ if(rc < 0) {
+ printf("error %s changing mode of %s\n", strerror(errno),
+ MOUNTED_TEMP);
+ }
+ endmntent(new_fd);
+
+ rc = rename(MOUNTED_TEMP, MOUNTED);
+
+ if(rc < 0) {
+ printf("failure %s renaming %s to %s\n",strerror(errno),
+ MOUNTED_TEMP, MOUNTED);
+ unlock_mtab();
+ return -EIO;
+ }
+
+ unlock_mtab();
+
+ return rc;
+}
+
+/* Make a canonical pathname from PATH. Returns a freshly malloced string.
+ It is up the *caller* to ensure that the PATH is sensible. i.e.
+ canonicalize ("/dev/fd0/.") returns "/dev/fd0" even though ``/dev/fd0/.''
+ is not a legal pathname for ``/dev/fd0'' Anything we cannot parse
+ we return unmodified. */
+static char *
+canonicalize(char *path)
+{
+ char *canonical;
+
+ if (path == NULL) {
+ return NULL;
+ }
+
+ if (strlen(path) > PATH_MAX) {
+ fprintf(stderr, "Mount point string too long\n");
+ return NULL;
+ }
+
+ canonical = (char *)malloc (PATH_MAX + 1);
+
+ if (!canonical) {
+ fprintf(stderr, "Error! Not enough memory!\n");
+ return NULL;
+ }
+
+ if (realpath (path, canonical))
+ return canonical;
+
+ strncpy (canonical, path, PATH_MAX);
+ canonical[PATH_MAX] = '\0';
+ return canonical;
+}
+
+int main(int argc, char ** argv)
+{
+ int c;
+ int rc;
+ int flags = 0;
+ int nomtab = 0;
+ int retry_remount = 0;
+ struct statfs statbuf;
+ char * mountpoint;
+
+ if(argc && argv) {
+ thisprogram = argv[0];
+ } else {
+ umount_cifs_usage();
+ return -EINVAL;
+ }
+
+ if(argc < 2) {
+ umount_cifs_usage();
+ return -EINVAL;
+ }
+
+ if(thisprogram == NULL)
+ thisprogram = "umount.cifs";
+
+ /* add sharename in opts string as unc= parm */
+
+ while ((c = getopt_long (argc, argv, "afhilnrvV",
+ longopts, NULL)) != -1) {
+ switch (c) {
+/* No code to do the following option yet */
+/* case 'a':
+ ++umount_all;
+ break; */
+ case '?':
+ case 'h': /* help */
+ umount_cifs_usage();
+ exit(1);
+ case 'n':
+ ++nomtab;
+ break;
+ case 'f':
+ flags |= MNT_FORCE;
+ break;
+ case 'l':
+ flags |= MNT_DETACH; /* lazy unmount */
+ break;
+ case 'e':
+ flags |= MNT_EXPIRE; /* gradually timeout */
+ break;
+ case 'r':
+ ++retry_remount;
+ break;
+ case 'v':
+ ++verboseflg;
+ break;
+ case 'V':
+ printf ("umount.cifs version: %s.%s%s\n",
+ UNMOUNT_CIFS_VERSION_MAJOR,
+ UNMOUNT_CIFS_VERSION_MINOR,
+ UNMOUNT_CIFS_VENDOR_SUFFIX);
+ exit (0);
+ default:
+ printf("unknown unmount option %c\n",c);
+ umount_cifs_usage();
+ exit(1);
+ }
+ }
+
+ /* move past the umount options */
+ argv += optind;
+ argc -= optind;
+
+ mountpoint = canonicalize(argv[0]);
+
+ if((argc < 1) || (argv[0] == NULL)) {
+ printf("\nMissing name of unmount directory\n");
+ umount_cifs_usage();
+ return -EINVAL;
+ }
+
+ if(verboseflg)
+ printf("optind %d unmount dir %s\n",optind, mountpoint);
+
+ /* check if running effectively root */
+ if(geteuid() != 0) {
+ printf("Trying to unmount when %s not installed suid\n",thisprogram);
+ if(verboseflg)
+ printf("euid = %d\n",geteuid());
+ return -EACCES;
+ }
+
+ /* fixup path if needed */
+
+ /* Trim any trailing slashes */
+ while ((strlen(mountpoint) > 1) &&
+ (mountpoint[strlen(mountpoint)-1] == '/'))
+ {
+ mountpoint[strlen(mountpoint)-1] = '\0';
+ }
+
+ /* make sure that this is a cifs filesystem */
+ rc = statfs(mountpoint, &statbuf);
+
+ if(rc || (statbuf.f_type != CIFS_MAGIC_NUMBER)) {
+ printf("This utility only unmounts cifs filesystems.\n");
+ return -EINVAL;
+ }
+
+ /* check if our uid was the one who mounted */
+ rc = umount_check_perm(mountpoint);
+ if (rc) {
+ printf("Not permitted to unmount\n");
+ return rc;
+ }
+
+ if(umount2(mountpoint, flags)) {
+ /* remember to kill daemon on error */
+ switch (errno) {
+ case 0:
+ printf("unmount failed but no error number set\n");
+ break;
+ default:
+ printf("unmount error %d = %s\n",errno,strerror(errno));
+ }
+ printf("Refer to the umount.cifs(8) manual page (man 8 umount.cifs)\n");
+ return -1;
+ } else {
+ if(verboseflg)
+ printf("umount2 succeeded\n");
+ if(nomtab == 0)
+ remove_from_mtab(mountpoint);
+ }
+
+ return 0;
+}
+