#include "rsync.h"
-static const char default_name[] = "UNKNOWN";
-
-/* Establish a proxy connection on an open socket to a web roxy by
- * using the CONNECT method. */
+/**
+ * Establish a proxy connection on an open socket to a web proxy by
+ * using the HTTP CONNECT method.
+ **/
static int establish_proxy_connection(int fd, char *host, int port)
{
char buffer[1024];
buffer);
return -1;
}
- for (cp = &buffer[5]; isdigit(*cp) || (*cp == '.'); cp++)
+ for (cp = &buffer[5]; isdigit(* (unsigned char *) cp) || (*cp == '.'); cp++)
;
while (*cp == ' ')
cp++;
for (r = bres_all; r; r = r->ai_next) {
if (bind(s, r->ai_addr, r->ai_addrlen) == -1)
continue;
+ freeaddrinfo(bres_all);
return s;
}
/* no error message; there might be some problem that allows
* creation of the socket but not binding, perhaps if the
* machine has no ipv6 address of this name. */
+ freeaddrinfo(bres_all);
return -1;
}
*cp++ = '\0';
strcpy(portbuf, cp);
h = buffer;
+ if (verbose >= 2) {
+ rprintf(FINFO, "connection via http proxy %s port %s\n",
+ h, portbuf);
+ }
} else {
snprintf(portbuf, sizeof(portbuf), "%d", port);
h = host;
close(s);
continue;
}
-
+
+ freeaddrinfo(all_ai);
return s;
}
for each incoming connection */
while (1) {
fd_set fds;
+ pid_t pid;
int fd;
struct sockaddr_storage addr;
socklen_t addrlen = sizeof addr;
while (waitpid(-1, NULL, WNOHANG) > 0);
#endif
- if (fork()==0) {
+ if ((pid = fork()) == 0) {
close(s);
/* open log file in child before possibly giving
up privileges */
log_open();
_exit(fn(fd));
+ } else if (pid < 0) {
+ rprintf(FERROR,
+ RSYNC_NAME
+ ": could not create child server process: %s\n",
+ strerror(errno));
+ close(fd);
+ /* This might have happened because we're
+ * overloaded. Sleep briefly before trying to
+ * accept again. */
+ sleep(2);
+ } else {
+ /* Parent doesn't need this fd anymore. */
+ close(fd);
}
-
- close(fd);
}
}
-/****************************************************************************
-set user socket options
-****************************************************************************/
+/**
+ * Set user socket options
+ **/
void set_socket_options(int fd, char *options)
{
char *tok;
free(options);
}
-/****************************************************************************
-become a daemon, discarding the controlling terminal
-****************************************************************************/
+/**
+ * Become a daemon, discarding the controlling terminal
+ **/
void become_daemon(void)
{
int i;
}
}
-/**
- * Return the IP addr of the client as a string
- **/
-char *client_addr(int fd)
-{
- struct sockaddr_storage ss;
- socklen_t length = sizeof ss;
- static char addr_buf[100];
- static int initialised;
-
- if (initialised) return addr_buf;
-
- initialised = 1;
-
- if (getpeername(fd, (struct sockaddr *)&ss, &length)) {
- exit_cleanup(RERR_SOCKETIO);
- }
-
- getnameinfo((struct sockaddr *)&ss, length,
- addr_buf, sizeof(addr_buf), NULL, 0, NI_NUMERICHOST);
- return addr_buf;
-}
-
-
-static int get_sockaddr_family(const struct sockaddr_storage *ss)
-{
- return ((struct sockaddr *) ss)->sa_family;
-}
-
/**
- * Return the DNS name of the client.
- *
- * The name is statically cached so that repeated lookups are quick,
- * so there is a limit of one lookup per customer.
- *
- * If anything goes wrong, including the name->addr->name check, then
- * we just use "UNKNOWN", so you can use that value in hosts allow
- * lines.
- **/
-char *client_name(int fd)
-{
- struct sockaddr_storage ss;
- socklen_t ss_len = sizeof ss;
- static char name_buf[100];
- static char port_buf[100];
- static int initialised;
-
- if (initialised) return name_buf;
-
- strcpy(name_buf, default_name);
- initialised = 1;
-
- if (getpeername(fd, (struct sockaddr *)&ss, &ss_len)) {
- /* FIXME: Can we really not continue? */
- rprintf(FERROR, RSYNC_NAME ": getpeername on fd%d failed: %s\n",
- fd, strerror(errno));
- exit_cleanup(RERR_SOCKETIO);
- }
-
- if (!lookup_name(fd, &ss, ss_len, name_buf, sizeof name_buf, port_buf, sizeof port_buf))
- check_name(fd, &ss, ss_len, name_buf, port_buf);
-
- return name_buf;
-}
-
-
-/**
- * Look up a name from @p ss into @p name_buf.
+ * This is like socketpair but uses tcp. It is used by the Samba
+ * regression test code.
+ *
+ * The function guarantees that nobody else can attach to the socket,
+ * or if they do that this function fails and the socket gets closed
+ * returns 0 on success, -1 on failure the resulting file descriptors
+ * are symmetrical.
**/
-int lookup_name(int fd, const struct sockaddr_storage *ss,
- socklen_t ss_len,
- char *name_buf, size_t name_buf_len,
- char *port_buf, size_t port_buf_len)
-{
- int name_err;
-
-#ifdef INET6
- if (get_sockaddr_family(ss) == AF_INET6 &&
- IN6_IS_ADDR_V4MAPPED(&((struct sockaddr_in6 *)ss)->sin6_addr)) {
- /* OK, so ss is in the IPv6 family, but it is really
- * an IPv4 address: something like
- * "::ffff:10.130.1.2". If we use it as-is, then the
- * reverse lookup might fail or perhaps something else
- * bad might happen. So instead we convert it to an
- * equivalent address in the IPv4 address family. */
- struct sockaddr_in6 sin6;
- struct sockaddr_in *sin;
-
- memcpy(&sin6, ss, sizeof(sin6));
- sin = (struct sockaddr_in *)ss;
- memset(sin, 0, sizeof(*sin));
- sin->sin_family = AF_INET;
- ss_len = sizeof(struct sockaddr_in);
-#ifdef HAVE_SOCKADDR_LEN
- sin->sin_len = ss_len;
-#endif
- sin->sin_port = sin6.sin6_port;
- /* FIXME: Isn't there a macro we can use here rather
- * than grovelling through the struct? It might be
- * wrong on some systems. */
- memcpy(&sin->sin_addr, &sin6.sin6_addr.s6_addr[12],
- sizeof(sin->sin_addr));
- }
-#endif
-
- /* reverse lookup */
- name_err = getnameinfo((struct sockaddr *) ss, ss_len,
- name_buf, name_buf_len,
- port_buf, port_buf_len,
- NI_NAMEREQD | NI_NUMERICSERV);
- if (name_err != 0) {
- strcpy(name_buf, default_name);
- rprintf(FERROR, RSYNC_NAME ": name lookup failed for %s: %s\n",
- client_addr(fd),
- gai_strerror(name_err));
- return name_err;
- }
-
- return 0;
-}
-
-
-
-/* Do a forward lookup on name_buf and make sure it corresponds to ss
- * -- otherwise we may be being spoofed. If we suspect we are, then
- * we don't abort the connection but just emit a warning. */
-int check_name(int fd,
- const struct sockaddr_storage *ss,
- socklen_t ss_len,
- char *name_buf,
- const char *port_buf)
-{
- struct addrinfo hints, *res, *res0;
- int error;
-
- memset(&hints, 0, sizeof(hints));
- hints.ai_family = PF_UNSPEC;
- hints.ai_flags = AI_CANONNAME;
- hints.ai_socktype = SOCK_STREAM;
- error = getaddrinfo(name_buf, port_buf, &hints, &res0);
- if (error) {
- rprintf(FERROR,
- RSYNC_NAME ": forward name lookup for %s:%s failed: %s\n",
- name_buf, port_buf,
- gai_strerror(error));
- strcpy(name_buf, default_name);
- return error;
- }
-
-
- /* We expect that one of the results will be the same as ss. */
- for (res = res0; res; res = res->ai_next) {
- if (res->ai_family != get_sockaddr_family(ss))
- continue;
- if (res->ai_addrlen != ss_len)
- continue;
- if (memcmp(res->ai_addr, ss, res->ai_addrlen) == 0)
- break;
- }
-
- if (res == NULL) {
- /* We hit the end of the list without finding an
- * address that was the same as ss. */
- rprintf(FERROR, RSYNC_NAME
- ": %s is not a known address for \"%s\": "
- "spoofed address?\n",
- client_addr(fd),
- name_buf);
- strcpy(name_buf, default_name);
- }
-
- freeaddrinfo(res0);
- return 0;
-}
-
-
-/*******************************************************************
-this is like socketpair but uses tcp. It is used by the Samba
-regression test code
-The function guarantees that nobody else can attach to the socket,
-or if they do that this function fails and the socket gets closed
-returns 0 on success, -1 on failure
-the resulting file descriptors are symmetrical
- ******************************************************************/
static int socketpair_tcp(int fd[2])
{
int listener;
if ((listener = socket(PF_INET, SOCK_STREAM, 0)) == -1) goto failed;
memset(&sock2, 0, sizeof(sock2));
-#ifdef HAVE_SOCK_SIN_LEN
+#ifdef HAVE_SOCKADDR_LEN
sock2.sin_len = sizeof(sock2);
#endif
sock2.sin_family = PF_INET;
Matt McCutchen's Web Site / rsync / rsync.git / blobdiff