| 1 | /* |
| 2 | * Socket functions used in rsync. |
| 3 | * |
| 4 | * Copyright (C) 1992-2001 Andrew Tridgell <tridge@samba.org> |
| 5 | * Copyright (C) 2001, 2002 Martin Pool <mbp@samba.org> |
| 6 | * Copyright (C) 2003, 2004, 2005, 2006 Wayne Davison |
| 7 | * |
| 8 | * This program is free software; you can redistribute it and/or modify |
| 9 | * it under the terms of the GNU General Public License as published by |
| 10 | * the Free Software Foundation; either version 2 of the License, or |
| 11 | * (at your option) any later version. |
| 12 | * |
| 13 | * This program is distributed in the hope that it will be useful, |
| 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 16 | * GNU General Public License for more details. |
| 17 | * |
| 18 | * You should have received a copy of the GNU General Public License along |
| 19 | * with this program; if not, write to the Free Software Foundation, Inc., |
| 20 | * 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. |
| 21 | */ |
| 22 | |
| 23 | /* This file is now converted to use the new-style getaddrinfo() |
| 24 | * interface, which supports IPv6 but is also supported on recent |
| 25 | * IPv4-only machines. On systems that don't have that interface, we |
| 26 | * emulate it using the KAME implementation. */ |
| 27 | |
| 28 | #include "rsync.h" |
| 29 | #include <netinet/in_systm.h> |
| 30 | #include <netinet/ip.h> |
| 31 | #include <netinet/tcp.h> |
| 32 | |
| 33 | extern char *bind_address; |
| 34 | extern int default_af_hint; |
| 35 | |
| 36 | #ifdef HAVE_SIGACTION |
| 37 | static struct sigaction sigact; |
| 38 | #endif |
| 39 | |
| 40 | /** |
| 41 | * Establish a proxy connection on an open socket to a web proxy by |
| 42 | * using the CONNECT method. If proxy_user and proxy_pass are not NULL, |
| 43 | * they are used to authenticate to the proxy using the "Basic" |
| 44 | * proxy-authorization protocol |
| 45 | **/ |
| 46 | static int establish_proxy_connection(int fd, char *host, int port, |
| 47 | char *proxy_user, char *proxy_pass) |
| 48 | { |
| 49 | char *cp, buffer[1024]; |
| 50 | char *authhdr, authbuf[1024]; |
| 51 | int len; |
| 52 | |
| 53 | if (proxy_user && proxy_pass) { |
| 54 | stringjoin(buffer, sizeof buffer, |
| 55 | proxy_user, ":", proxy_pass, NULL); |
| 56 | len = strlen(buffer); |
| 57 | |
| 58 | if ((len*8 + 5) / 6 >= (int)sizeof authbuf - 3) { |
| 59 | rprintf(FERROR, |
| 60 | "authentication information is too long\n"); |
| 61 | return -1; |
| 62 | } |
| 63 | |
| 64 | base64_encode(buffer, len, authbuf, 1); |
| 65 | authhdr = "\r\nProxy-Authorization: Basic "; |
| 66 | } else { |
| 67 | *authbuf = '\0'; |
| 68 | authhdr = ""; |
| 69 | } |
| 70 | |
| 71 | snprintf(buffer, sizeof buffer, "CONNECT %s:%d HTTP/1.0%s%s\r\n\r\n", |
| 72 | host, port, authhdr, authbuf); |
| 73 | len = strlen(buffer); |
| 74 | if (write(fd, buffer, len) != len) { |
| 75 | rsyserr(FERROR, errno, "failed to write to proxy"); |
| 76 | return -1; |
| 77 | } |
| 78 | |
| 79 | for (cp = buffer; cp < &buffer[sizeof buffer - 1]; cp++) { |
| 80 | if (read(fd, cp, 1) != 1) { |
| 81 | rsyserr(FERROR, errno, "failed to read from proxy"); |
| 82 | return -1; |
| 83 | } |
| 84 | if (*cp == '\n') |
| 85 | break; |
| 86 | } |
| 87 | |
| 88 | if (*cp != '\n') |
| 89 | cp++; |
| 90 | *cp-- = '\0'; |
| 91 | if (*cp == '\r') |
| 92 | *cp = '\0'; |
| 93 | if (strncmp(buffer, "HTTP/", 5) != 0) { |
| 94 | rprintf(FERROR, "bad response from proxy -- %s\n", |
| 95 | buffer); |
| 96 | return -1; |
| 97 | } |
| 98 | for (cp = &buffer[5]; isdigit(*(uchar*)cp) || *cp == '.'; cp++) {} |
| 99 | while (*cp == ' ') |
| 100 | cp++; |
| 101 | if (*cp != '2') { |
| 102 | rprintf(FERROR, "bad response from proxy -- %s\n", |
| 103 | buffer); |
| 104 | return -1; |
| 105 | } |
| 106 | /* throw away the rest of the HTTP header */ |
| 107 | while (1) { |
| 108 | for (cp = buffer; cp < &buffer[sizeof buffer - 1]; cp++) { |
| 109 | if (read(fd, cp, 1) != 1) { |
| 110 | rsyserr(FERROR, errno, |
| 111 | "failed to read from proxy"); |
| 112 | return -1; |
| 113 | } |
| 114 | if (*cp == '\n') |
| 115 | break; |
| 116 | } |
| 117 | if (cp > buffer && *cp == '\n') |
| 118 | cp--; |
| 119 | if (cp == buffer && (*cp == '\n' || *cp == '\r')) |
| 120 | break; |
| 121 | } |
| 122 | return 0; |
| 123 | } |
| 124 | |
| 125 | |
| 126 | /** |
| 127 | * Try to set the local address for a newly-created socket. Return -1 |
| 128 | * if this fails. |
| 129 | **/ |
| 130 | int try_bind_local(int s, int ai_family, int ai_socktype, |
| 131 | const char *bind_addr) |
| 132 | { |
| 133 | int error; |
| 134 | struct addrinfo bhints, *bres_all, *r; |
| 135 | |
| 136 | memset(&bhints, 0, sizeof bhints); |
| 137 | bhints.ai_family = ai_family; |
| 138 | bhints.ai_socktype = ai_socktype; |
| 139 | bhints.ai_flags = AI_PASSIVE; |
| 140 | if ((error = getaddrinfo(bind_addr, NULL, &bhints, &bres_all))) { |
| 141 | rprintf(FERROR, RSYNC_NAME ": getaddrinfo %s: %s\n", |
| 142 | bind_addr, gai_strerror(error)); |
| 143 | return -1; |
| 144 | } |
| 145 | |
| 146 | for (r = bres_all; r; r = r->ai_next) { |
| 147 | if (bind(s, r->ai_addr, r->ai_addrlen) == -1) |
| 148 | continue; |
| 149 | freeaddrinfo(bres_all); |
| 150 | return s; |
| 151 | } |
| 152 | |
| 153 | /* no error message; there might be some problem that allows |
| 154 | * creation of the socket but not binding, perhaps if the |
| 155 | * machine has no ipv6 address of this name. */ |
| 156 | freeaddrinfo(bres_all); |
| 157 | return -1; |
| 158 | } |
| 159 | |
| 160 | |
| 161 | /** |
| 162 | * Open a socket to a tcp remote host with the specified port . |
| 163 | * |
| 164 | * Based on code from Warren. Proxy support by Stephen Rothwell. |
| 165 | * getaddrinfo() rewrite contributed by KAME.net. |
| 166 | * |
| 167 | * Now that we support IPv6 we need to look up the remote machine's |
| 168 | * address first, using @p af_hint to set a preference for the type |
| 169 | * of address. Then depending on whether it has v4 or v6 addresses we |
| 170 | * try to open a connection. |
| 171 | * |
| 172 | * The loop allows for machines with some addresses which may not be |
| 173 | * reachable, perhaps because we can't e.g. route ipv6 to that network |
| 174 | * but we can get ip4 packets through. |
| 175 | * |
| 176 | * @param bind_addr Local address to use. Normally NULL to bind |
| 177 | * the wildcard address. |
| 178 | * |
| 179 | * @param af_hint Address family, e.g. AF_INET or AF_INET6. |
| 180 | **/ |
| 181 | int open_socket_out(char *host, int port, const char *bind_addr, |
| 182 | int af_hint) |
| 183 | { |
| 184 | int type = SOCK_STREAM; |
| 185 | int error, s; |
| 186 | struct addrinfo hints, *res0, *res; |
| 187 | char portbuf[10]; |
| 188 | char *h, *cp; |
| 189 | int proxied = 0; |
| 190 | char buffer[1024]; |
| 191 | char *proxy_user = NULL, *proxy_pass = NULL; |
| 192 | |
| 193 | /* if we have a RSYNC_PROXY env variable then redirect our |
| 194 | * connetcion via a web proxy at the given address. */ |
| 195 | h = getenv("RSYNC_PROXY"); |
| 196 | proxied = h != NULL && *h != '\0'; |
| 197 | |
| 198 | if (proxied) { |
| 199 | strlcpy(buffer, h, sizeof buffer); |
| 200 | |
| 201 | /* Is the USER:PASS@ prefix present? */ |
| 202 | if ((cp = strrchr(buffer, '@')) != NULL) { |
| 203 | *cp++ = '\0'; |
| 204 | /* The remainder is the HOST:PORT part. */ |
| 205 | h = cp; |
| 206 | |
| 207 | if ((cp = strchr(buffer, ':')) == NULL) { |
| 208 | rprintf(FERROR, |
| 209 | "invalid proxy specification: should be USER:PASS@HOST:PORT\n"); |
| 210 | return -1; |
| 211 | } |
| 212 | *cp++ = '\0'; |
| 213 | |
| 214 | proxy_user = buffer; |
| 215 | proxy_pass = cp; |
| 216 | } else { |
| 217 | /* The whole buffer is the HOST:PORT part. */ |
| 218 | h = buffer; |
| 219 | } |
| 220 | |
| 221 | if ((cp = strchr(h, ':')) == NULL) { |
| 222 | rprintf(FERROR, |
| 223 | "invalid proxy specification: should be HOST:PORT\n"); |
| 224 | return -1; |
| 225 | } |
| 226 | *cp++ = '\0'; |
| 227 | strlcpy(portbuf, cp, sizeof portbuf); |
| 228 | if (verbose >= 2) { |
| 229 | rprintf(FINFO, "connection via http proxy %s port %s\n", |
| 230 | h, portbuf); |
| 231 | } |
| 232 | } else { |
| 233 | snprintf(portbuf, sizeof portbuf, "%d", port); |
| 234 | h = host; |
| 235 | } |
| 236 | |
| 237 | memset(&hints, 0, sizeof hints); |
| 238 | hints.ai_family = af_hint; |
| 239 | hints.ai_socktype = type; |
| 240 | error = getaddrinfo(h, portbuf, &hints, &res0); |
| 241 | if (error) { |
| 242 | rprintf(FERROR, RSYNC_NAME ": getaddrinfo: %s %s: %s\n", |
| 243 | h, portbuf, gai_strerror(error)); |
| 244 | return -1; |
| 245 | } |
| 246 | |
| 247 | s = -1; |
| 248 | /* Try to connect to all addresses for this machine until we get |
| 249 | * through. It might e.g. be multi-homed, or have both IPv4 and IPv6 |
| 250 | * addresses. We need to create a socket for each record, since the |
| 251 | * address record tells us what protocol to use to try to connect. */ |
| 252 | for (res = res0; res; res = res->ai_next) { |
| 253 | s = socket(res->ai_family, res->ai_socktype, res->ai_protocol); |
| 254 | if (s < 0) |
| 255 | continue; |
| 256 | |
| 257 | if (bind_addr |
| 258 | && try_bind_local(s, res->ai_family, type, |
| 259 | bind_addr) == -1) { |
| 260 | close(s); |
| 261 | s = -1; |
| 262 | continue; |
| 263 | } |
| 264 | if (connect(s, res->ai_addr, res->ai_addrlen) < 0) { |
| 265 | close(s); |
| 266 | s = -1; |
| 267 | continue; |
| 268 | } |
| 269 | if (proxied |
| 270 | && establish_proxy_connection(s, host, port, |
| 271 | proxy_user, proxy_pass) != 0) { |
| 272 | close(s); |
| 273 | s = -1; |
| 274 | continue; |
| 275 | } |
| 276 | break; |
| 277 | } |
| 278 | freeaddrinfo(res0); |
| 279 | if (s < 0) { |
| 280 | rsyserr(FERROR, errno, "failed to connect to %s", h); |
| 281 | return -1; |
| 282 | } |
| 283 | return s; |
| 284 | } |
| 285 | |
| 286 | |
| 287 | /** |
| 288 | * Open an outgoing socket, but allow for it to be intercepted by |
| 289 | * $RSYNC_CONNECT_PROG, which will execute a program across a TCP |
| 290 | * socketpair rather than really opening a socket. |
| 291 | * |
| 292 | * We use this primarily in testing to detect TCP flow bugs, but not |
| 293 | * cause security problems by really opening remote connections. |
| 294 | * |
| 295 | * This is based on the Samba LIBSMB_PROG feature. |
| 296 | * |
| 297 | * @param bind_addr Local address to use. Normally NULL to get the stack default. |
| 298 | **/ |
| 299 | int open_socket_out_wrapped(char *host, int port, const char *bind_addr, |
| 300 | int af_hint) |
| 301 | { |
| 302 | char *prog = getenv("RSYNC_CONNECT_PROG"); |
| 303 | |
| 304 | if (verbose >= 2) { |
| 305 | rprintf(FINFO, "%sopening tcp connection to %s port %d\n", |
| 306 | prog ? "Using RSYNC_CONNECT_PROG instead of " : "", |
| 307 | host, port); |
| 308 | } |
| 309 | if (prog) |
| 310 | return sock_exec(prog); |
| 311 | return open_socket_out(host, port, bind_addr, af_hint); |
| 312 | } |
| 313 | |
| 314 | |
| 315 | |
| 316 | /** |
| 317 | * Open one or more sockets for incoming data using the specified type, |
| 318 | * port, and address. |
| 319 | * |
| 320 | * The getaddrinfo() call may return several address results, e.g. for |
| 321 | * the machine's IPv4 and IPv6 name. |
| 322 | * |
| 323 | * We return an array of file-descriptors to the sockets, with a trailing |
| 324 | * -1 value to indicate the end of the list. |
| 325 | * |
| 326 | * @param bind_addr Local address to bind, or NULL to allow it to |
| 327 | * default. |
| 328 | **/ |
| 329 | static int *open_socket_in(int type, int port, const char *bind_addr, |
| 330 | int af_hint) |
| 331 | { |
| 332 | int one = 1; |
| 333 | int s, *socks, maxs, i, ecnt; |
| 334 | struct addrinfo hints, *all_ai, *resp; |
| 335 | char portbuf[10], **errmsgs; |
| 336 | int error; |
| 337 | |
| 338 | memset(&hints, 0, sizeof hints); |
| 339 | hints.ai_family = af_hint; |
| 340 | hints.ai_socktype = type; |
| 341 | hints.ai_flags = AI_PASSIVE; |
| 342 | snprintf(portbuf, sizeof portbuf, "%d", port); |
| 343 | error = getaddrinfo(bind_addr, portbuf, &hints, &all_ai); |
| 344 | if (error) { |
| 345 | rprintf(FERROR, RSYNC_NAME ": getaddrinfo: bind address %s: %s\n", |
| 346 | bind_addr, gai_strerror(error)); |
| 347 | return NULL; |
| 348 | } |
| 349 | |
| 350 | /* Count max number of sockets we might open. */ |
| 351 | for (maxs = 0, resp = all_ai; resp; resp = resp->ai_next, maxs++) {} |
| 352 | |
| 353 | socks = new_array(int, maxs + 1); |
| 354 | errmsgs = new_array(char *, maxs); |
| 355 | if (!socks || !errmsgs) |
| 356 | out_of_memory("open_socket_in"); |
| 357 | |
| 358 | /* We may not be able to create the socket, if for example the |
| 359 | * machine knows about IPv6 in the C library, but not in the |
| 360 | * kernel. */ |
| 361 | for (resp = all_ai, i = ecnt = 0; resp; resp = resp->ai_next) { |
| 362 | s = socket(resp->ai_family, resp->ai_socktype, |
| 363 | resp->ai_protocol); |
| 364 | |
| 365 | if (s == -1) { |
| 366 | int r = asprintf(&errmsgs[ecnt++], |
| 367 | "socket(%d,%d,%d) failed: %s\n", |
| 368 | (int)resp->ai_family, (int)resp->ai_socktype, |
| 369 | (int)resp->ai_protocol, strerror(errno)); |
| 370 | if (r < 0) |
| 371 | out_of_memory("open_socket_in"); |
| 372 | /* See if there's another address that will work... */ |
| 373 | continue; |
| 374 | } |
| 375 | |
| 376 | setsockopt(s, SOL_SOCKET, SO_REUSEADDR, |
| 377 | (char *)&one, sizeof one); |
| 378 | |
| 379 | #ifdef IPV6_V6ONLY |
| 380 | if (resp->ai_family == AF_INET6) { |
| 381 | if (setsockopt(s, IPPROTO_IPV6, IPV6_V6ONLY, |
| 382 | (char *)&one, sizeof one) < 0 |
| 383 | && default_af_hint != AF_INET6) { |
| 384 | close(s); |
| 385 | continue; |
| 386 | } |
| 387 | } |
| 388 | #endif |
| 389 | |
| 390 | /* Now we've got a socket - we need to bind it. */ |
| 391 | if (bind(s, resp->ai_addr, resp->ai_addrlen) < 0) { |
| 392 | /* Nope, try another */ |
| 393 | int r = asprintf(&errmsgs[ecnt++], |
| 394 | "bind() failed: %s (address-family %d)\n", |
| 395 | strerror(errno), (int)resp->ai_family); |
| 396 | if (r < 0) |
| 397 | out_of_memory("open_socket_in"); |
| 398 | close(s); |
| 399 | continue; |
| 400 | } |
| 401 | |
| 402 | socks[i++] = s; |
| 403 | } |
| 404 | socks[i] = -1; |
| 405 | |
| 406 | if (all_ai) |
| 407 | freeaddrinfo(all_ai); |
| 408 | |
| 409 | /* Only output the socket()/bind() messages if we were totally |
| 410 | * unsuccessful, or if the daemon is being run with -vv. */ |
| 411 | for (s = 0; s < ecnt; s++) { |
| 412 | if (!i || verbose > 1) |
| 413 | rwrite(FLOG, errmsgs[s], strlen(errmsgs[s])); |
| 414 | free(errmsgs[s]); |
| 415 | } |
| 416 | free(errmsgs); |
| 417 | |
| 418 | if (!i) { |
| 419 | rprintf(FERROR, |
| 420 | "unable to bind any inbound sockets on port %d\n", |
| 421 | port); |
| 422 | free(socks); |
| 423 | return NULL; |
| 424 | } |
| 425 | return socks; |
| 426 | } |
| 427 | |
| 428 | |
| 429 | /* |
| 430 | * Determine if a file descriptor is in fact a socket |
| 431 | */ |
| 432 | int is_a_socket(int fd) |
| 433 | { |
| 434 | int v; |
| 435 | socklen_t l = sizeof (int); |
| 436 | |
| 437 | /* Parameters to getsockopt, setsockopt etc are very |
| 438 | * unstandardized across platforms, so don't be surprised if |
| 439 | * there are compiler warnings on e.g. SCO OpenSwerver or AIX. |
| 440 | * It seems they all eventually get the right idea. |
| 441 | * |
| 442 | * Debian says: ``The fifth argument of getsockopt and |
| 443 | * setsockopt is in reality an int [*] (and this is what BSD |
| 444 | * 4.* and libc4 and libc5 have). Some POSIX confusion |
| 445 | * resulted in the present socklen_t. The draft standard has |
| 446 | * not been adopted yet, but glibc2 already follows it and |
| 447 | * also has socklen_t [*]. See also accept(2).'' |
| 448 | * |
| 449 | * We now return to your regularly scheduled programming. */ |
| 450 | return getsockopt(fd, SOL_SOCKET, SO_TYPE, (char *)&v, &l) == 0; |
| 451 | } |
| 452 | |
| 453 | |
| 454 | static RETSIGTYPE sigchld_handler(UNUSED(int val)) |
| 455 | { |
| 456 | #ifdef WNOHANG |
| 457 | while (waitpid(-1, NULL, WNOHANG) > 0) {} |
| 458 | #endif |
| 459 | #ifndef HAVE_SIGACTION |
| 460 | signal(SIGCHLD, sigchld_handler); |
| 461 | #endif |
| 462 | } |
| 463 | |
| 464 | |
| 465 | void start_accept_loop(int port, int (*fn)(int, int)) |
| 466 | { |
| 467 | fd_set deffds; |
| 468 | int *sp, maxfd, i; |
| 469 | |
| 470 | #ifdef HAVE_SIGACTION |
| 471 | sigact.sa_flags = SA_NOCLDSTOP; |
| 472 | #endif |
| 473 | |
| 474 | /* open an incoming socket */ |
| 475 | sp = open_socket_in(SOCK_STREAM, port, bind_address, default_af_hint); |
| 476 | if (sp == NULL) |
| 477 | exit_cleanup(RERR_SOCKETIO); |
| 478 | |
| 479 | /* ready to listen */ |
| 480 | FD_ZERO(&deffds); |
| 481 | for (i = 0, maxfd = -1; sp[i] >= 0; i++) { |
| 482 | if (listen(sp[i], 5) < 0) { |
| 483 | rsyserr(FERROR, errno, "listen() on socket failed"); |
| 484 | #ifdef INET6 |
| 485 | if (errno == EADDRINUSE && i > 0) { |
| 486 | rprintf(FINFO, |
| 487 | "Try using --ipv4 or --ipv6 to avoid this listen() error.\n"); |
| 488 | } |
| 489 | #endif |
| 490 | exit_cleanup(RERR_SOCKETIO); |
| 491 | } |
| 492 | FD_SET(sp[i], &deffds); |
| 493 | if (maxfd < sp[i]) |
| 494 | maxfd = sp[i]; |
| 495 | } |
| 496 | |
| 497 | /* now accept incoming connections - forking a new process |
| 498 | * for each incoming connection */ |
| 499 | while (1) { |
| 500 | fd_set fds; |
| 501 | pid_t pid; |
| 502 | int fd; |
| 503 | struct sockaddr_storage addr; |
| 504 | socklen_t addrlen = sizeof addr; |
| 505 | |
| 506 | /* close log file before the potentially very long select so |
| 507 | * file can be trimmed by another process instead of growing |
| 508 | * forever */ |
| 509 | logfile_close(); |
| 510 | |
| 511 | #ifdef FD_COPY |
| 512 | FD_COPY(&deffds, &fds); |
| 513 | #else |
| 514 | fds = deffds; |
| 515 | #endif |
| 516 | |
| 517 | if (select(maxfd + 1, &fds, NULL, NULL, NULL) != 1) |
| 518 | continue; |
| 519 | |
| 520 | for (i = 0, fd = -1; sp[i] >= 0; i++) { |
| 521 | if (FD_ISSET(sp[i], &fds)) { |
| 522 | fd = accept(sp[i], (struct sockaddr *)&addr, |
| 523 | &addrlen); |
| 524 | break; |
| 525 | } |
| 526 | } |
| 527 | |
| 528 | if (fd < 0) |
| 529 | continue; |
| 530 | |
| 531 | SIGACTION(SIGCHLD, sigchld_handler); |
| 532 | |
| 533 | if ((pid = fork()) == 0) { |
| 534 | int ret; |
| 535 | for (i = 0; sp[i] >= 0; i++) |
| 536 | close(sp[i]); |
| 537 | /* Re-open log file in child before possibly giving |
| 538 | * up privileges (see logfile_close() above). */ |
| 539 | logfile_reopen(); |
| 540 | ret = fn(fd, fd); |
| 541 | close_all(); |
| 542 | _exit(ret); |
| 543 | } else if (pid < 0) { |
| 544 | rsyserr(FERROR, errno, |
| 545 | "could not create child server process"); |
| 546 | close(fd); |
| 547 | /* This might have happened because we're |
| 548 | * overloaded. Sleep briefly before trying to |
| 549 | * accept again. */ |
| 550 | sleep(2); |
| 551 | } else { |
| 552 | /* Parent doesn't need this fd anymore. */ |
| 553 | close(fd); |
| 554 | } |
| 555 | } |
| 556 | } |
| 557 | |
| 558 | |
| 559 | enum SOCK_OPT_TYPES {OPT_BOOL,OPT_INT,OPT_ON}; |
| 560 | |
| 561 | struct |
| 562 | { |
| 563 | char *name; |
| 564 | int level; |
| 565 | int option; |
| 566 | int value; |
| 567 | int opttype; |
| 568 | } socket_options[] = { |
| 569 | {"SO_KEEPALIVE", SOL_SOCKET, SO_KEEPALIVE, 0, OPT_BOOL}, |
| 570 | {"SO_REUSEADDR", SOL_SOCKET, SO_REUSEADDR, 0, OPT_BOOL}, |
| 571 | {"SO_BROADCAST", SOL_SOCKET, SO_BROADCAST, 0, OPT_BOOL}, |
| 572 | #ifdef TCP_NODELAY |
| 573 | {"TCP_NODELAY", IPPROTO_TCP, TCP_NODELAY, 0, OPT_BOOL}, |
| 574 | #endif |
| 575 | #ifdef IPTOS_LOWDELAY |
| 576 | {"IPTOS_LOWDELAY", IPPROTO_IP, IP_TOS, IPTOS_LOWDELAY, OPT_ON}, |
| 577 | #endif |
| 578 | #ifdef IPTOS_THROUGHPUT |
| 579 | {"IPTOS_THROUGHPUT", IPPROTO_IP, IP_TOS, IPTOS_THROUGHPUT, OPT_ON}, |
| 580 | #endif |
| 581 | #ifdef SO_SNDBUF |
| 582 | {"SO_SNDBUF", SOL_SOCKET, SO_SNDBUF, 0, OPT_INT}, |
| 583 | #endif |
| 584 | #ifdef SO_RCVBUF |
| 585 | {"SO_RCVBUF", SOL_SOCKET, SO_RCVBUF, 0, OPT_INT}, |
| 586 | #endif |
| 587 | #ifdef SO_SNDLOWAT |
| 588 | {"SO_SNDLOWAT", SOL_SOCKET, SO_SNDLOWAT, 0, OPT_INT}, |
| 589 | #endif |
| 590 | #ifdef SO_RCVLOWAT |
| 591 | {"SO_RCVLOWAT", SOL_SOCKET, SO_RCVLOWAT, 0, OPT_INT}, |
| 592 | #endif |
| 593 | #ifdef SO_SNDTIMEO |
| 594 | {"SO_SNDTIMEO", SOL_SOCKET, SO_SNDTIMEO, 0, OPT_INT}, |
| 595 | #endif |
| 596 | #ifdef SO_RCVTIMEO |
| 597 | {"SO_RCVTIMEO", SOL_SOCKET, SO_RCVTIMEO, 0, OPT_INT}, |
| 598 | #endif |
| 599 | {NULL,0,0,0,0}}; |
| 600 | |
| 601 | |
| 602 | |
| 603 | /** |
| 604 | * Set user socket options |
| 605 | **/ |
| 606 | void set_socket_options(int fd, char *options) |
| 607 | { |
| 608 | char *tok; |
| 609 | |
| 610 | if (!options || !*options) |
| 611 | return; |
| 612 | |
| 613 | options = strdup(options); |
| 614 | |
| 615 | if (!options) |
| 616 | out_of_memory("set_socket_options"); |
| 617 | |
| 618 | for (tok = strtok(options, " \t,"); tok; tok = strtok(NULL," \t,")) { |
| 619 | int ret=0,i; |
| 620 | int value = 1; |
| 621 | char *p; |
| 622 | int got_value = 0; |
| 623 | |
| 624 | if ((p = strchr(tok,'='))) { |
| 625 | *p = 0; |
| 626 | value = atoi(p+1); |
| 627 | got_value = 1; |
| 628 | } |
| 629 | |
| 630 | for (i = 0; socket_options[i].name; i++) { |
| 631 | if (strcmp(socket_options[i].name,tok)==0) |
| 632 | break; |
| 633 | } |
| 634 | |
| 635 | if (!socket_options[i].name) { |
| 636 | rprintf(FERROR,"Unknown socket option %s\n",tok); |
| 637 | continue; |
| 638 | } |
| 639 | |
| 640 | switch (socket_options[i].opttype) { |
| 641 | case OPT_BOOL: |
| 642 | case OPT_INT: |
| 643 | ret = setsockopt(fd,socket_options[i].level, |
| 644 | socket_options[i].option, |
| 645 | (char *)&value, sizeof (int)); |
| 646 | break; |
| 647 | |
| 648 | case OPT_ON: |
| 649 | if (got_value) |
| 650 | rprintf(FERROR,"syntax error -- %s does not take a value\n",tok); |
| 651 | |
| 652 | { |
| 653 | int on = socket_options[i].value; |
| 654 | ret = setsockopt(fd,socket_options[i].level, |
| 655 | socket_options[i].option, |
| 656 | (char *)&on, sizeof (int)); |
| 657 | } |
| 658 | break; |
| 659 | } |
| 660 | |
| 661 | if (ret != 0) { |
| 662 | rsyserr(FERROR, errno, |
| 663 | "failed to set socket option %s", tok); |
| 664 | } |
| 665 | } |
| 666 | |
| 667 | free(options); |
| 668 | } |
| 669 | |
| 670 | /** |
| 671 | * Become a daemon, discarding the controlling terminal |
| 672 | **/ |
| 673 | void become_daemon(void) |
| 674 | { |
| 675 | int i; |
| 676 | |
| 677 | if (fork()) { |
| 678 | _exit(0); |
| 679 | } |
| 680 | |
| 681 | /* detach from the terminal */ |
| 682 | #ifdef HAVE_SETSID |
| 683 | setsid(); |
| 684 | #elif defined TIOCNOTTY |
| 685 | i = open("/dev/tty", O_RDWR); |
| 686 | if (i >= 0) { |
| 687 | ioctl(i, (int)TIOCNOTTY, (char *)0); |
| 688 | close(i); |
| 689 | } |
| 690 | #endif |
| 691 | /* make sure that stdin, stdout an stderr don't stuff things |
| 692 | * up (library functions, for example) */ |
| 693 | for (i = 0; i < 3; i++) { |
| 694 | close(i); |
| 695 | open("/dev/null", O_RDWR); |
| 696 | } |
| 697 | } |
| 698 | |
| 699 | |
| 700 | /** |
| 701 | * This is like socketpair but uses tcp. It is used by the Samba |
| 702 | * regression test code. |
| 703 | * |
| 704 | * The function guarantees that nobody else can attach to the socket, |
| 705 | * or if they do that this function fails and the socket gets closed |
| 706 | * returns 0 on success, -1 on failure the resulting file descriptors |
| 707 | * are symmetrical. |
| 708 | **/ |
| 709 | static int socketpair_tcp(int fd[2]) |
| 710 | { |
| 711 | int listener; |
| 712 | struct sockaddr_in sock; |
| 713 | struct sockaddr_in sock2; |
| 714 | socklen_t socklen = sizeof sock; |
| 715 | int connect_done = 0; |
| 716 | |
| 717 | fd[0] = fd[1] = listener = -1; |
| 718 | |
| 719 | memset(&sock, 0, sizeof sock); |
| 720 | |
| 721 | if ((listener = socket(PF_INET, SOCK_STREAM, 0)) == -1) |
| 722 | goto failed; |
| 723 | |
| 724 | memset(&sock2, 0, sizeof sock2); |
| 725 | #ifdef HAVE_SOCKADDR_IN_LEN |
| 726 | sock2.sin_len = sizeof sock2; |
| 727 | #endif |
| 728 | sock2.sin_family = PF_INET; |
| 729 | |
| 730 | bind(listener, (struct sockaddr *)&sock2, sizeof sock2); |
| 731 | |
| 732 | if (listen(listener, 1) != 0) |
| 733 | goto failed; |
| 734 | |
| 735 | if (getsockname(listener, (struct sockaddr *)&sock, &socklen) != 0) |
| 736 | goto failed; |
| 737 | |
| 738 | if ((fd[1] = socket(PF_INET, SOCK_STREAM, 0)) == -1) |
| 739 | goto failed; |
| 740 | |
| 741 | set_nonblocking(fd[1]); |
| 742 | |
| 743 | sock.sin_addr.s_addr = htonl(INADDR_LOOPBACK); |
| 744 | |
| 745 | if (connect(fd[1], (struct sockaddr *)&sock, sizeof sock) == -1) { |
| 746 | if (errno != EINPROGRESS) |
| 747 | goto failed; |
| 748 | } else |
| 749 | connect_done = 1; |
| 750 | |
| 751 | if ((fd[0] = accept(listener, (struct sockaddr *)&sock, &socklen)) == -1) |
| 752 | goto failed; |
| 753 | |
| 754 | close(listener); |
| 755 | listener = -1; |
| 756 | |
| 757 | set_blocking(fd[1]); |
| 758 | |
| 759 | if (connect_done == 0) { |
| 760 | if (connect(fd[1], (struct sockaddr *)&sock, sizeof sock) != 0 |
| 761 | && errno != EISCONN) |
| 762 | goto failed; |
| 763 | } |
| 764 | |
| 765 | /* all OK! */ |
| 766 | return 0; |
| 767 | |
| 768 | failed: |
| 769 | if (fd[0] != -1) |
| 770 | close(fd[0]); |
| 771 | if (fd[1] != -1) |
| 772 | close(fd[1]); |
| 773 | if (listener != -1) |
| 774 | close(listener); |
| 775 | return -1; |
| 776 | } |
| 777 | |
| 778 | |
| 779 | |
| 780 | /** |
| 781 | * Run a program on a local tcp socket, so that we can talk to it's |
| 782 | * stdin and stdout. This is used to fake a connection to a daemon |
| 783 | * for testing -- not for the normal case of running SSH. |
| 784 | * |
| 785 | * @return a socket which is attached to a subprocess running |
| 786 | * "prog". stdin and stdout are attached. stderr is left attached to |
| 787 | * the original stderr |
| 788 | **/ |
| 789 | int sock_exec(const char *prog) |
| 790 | { |
| 791 | int fd[2]; |
| 792 | |
| 793 | if (socketpair_tcp(fd) != 0) { |
| 794 | rsyserr(FERROR, errno, "socketpair_tcp failed"); |
| 795 | return -1; |
| 796 | } |
| 797 | if (verbose >= 2) |
| 798 | rprintf(FINFO, "Running socket program: \"%s\"\n", prog); |
| 799 | if (fork() == 0) { |
| 800 | close(fd[0]); |
| 801 | close(0); |
| 802 | close(1); |
| 803 | dup(fd[1]); |
| 804 | dup(fd[1]); |
| 805 | exit(system(prog)); |
| 806 | } |
| 807 | close(fd[1]); |
| 808 | return fd[0]; |
| 809 | } |