#include "rsync.h"
-static int lookup_name(const struct sockaddr_storage *ss,
- socklen_t ss_len,
- char *name_buf, size_t name_buf_len,
- char *port_buf, size_t port_buf_len);
-
-static int check_name(const struct sockaddr_storage *ss,
- socklen_t ss_len,
- const char *name_buf,
- const char *port_buf);
-
-/* Establish a proxy connection on an open socket to a web roxy by
- * using the CONNECT method. */
+
+/**
+ * Establish a proxy connection on an open socket to a web proxy by
+ * using the HTTP CONNECT method.
+ **/
static int establish_proxy_connection(int fd, char *host, int port)
{
char buffer[1024];
char *cp;
snprintf(buffer, sizeof(buffer), "CONNECT %s:%d HTTP/1.0\r\n\r\n", host, port);
- if (write(fd, buffer, strlen(buffer)) != strlen(buffer)) {
+ if (write(fd, buffer, strlen(buffer)) != (int) strlen(buffer)) {
rprintf(FERROR, "failed to write to proxy: %s\n",
strerror(errno));
return -1;
buffer);
return -1;
}
- for (cp = &buffer[5]; isdigit(*cp) || (*cp == '.'); cp++)
+ for (cp = &buffer[5]; isdigit(* (unsigned char *) cp) || (*cp == '.'); cp++)
;
while (*cp == ' ')
cp++;
for (r = bres_all; r; r = r->ai_next) {
if (bind(s, r->ai_addr, r->ai_addrlen) == -1)
continue;
+ freeaddrinfo(bres_all);
return s;
}
/* no error message; there might be some problem that allows
* creation of the socket but not binding, perhaps if the
* machine has no ipv6 address of this name. */
+ freeaddrinfo(bres_all);
return -1;
}
*cp++ = '\0';
strcpy(portbuf, cp);
h = buffer;
+ if (verbose >= 2) {
+ rprintf(FINFO, "connection via http proxy %s port %s\n",
+ h, portbuf);
+ }
} else {
snprintf(portbuf, sizeof(portbuf), "%d", port);
h = host;
close(s);
continue;
}
-
+
+ freeaddrinfo(all_ai);
return s;
}
for each incoming connection */
while (1) {
fd_set fds;
+ pid_t pid;
int fd;
struct sockaddr_storage addr;
socklen_t addrlen = sizeof addr;
while (waitpid(-1, NULL, WNOHANG) > 0);
#endif
- if (fork()==0) {
+ if ((pid = fork()) == 0) {
close(s);
/* open log file in child before possibly giving
up privileges */
log_open();
_exit(fn(fd));
+ } else if (pid < 0) {
+ rprintf(FERROR,
+ RSYNC_NAME
+ ": could not create child server process: %s\n",
+ strerror(errno));
+ close(fd);
+ /* This might have happened because we're
+ * overloaded. Sleep briefly before trying to
+ * accept again. */
+ sleep(2);
+ } else {
+ /* Parent doesn't need this fd anymore. */
+ close(fd);
}
-
- close(fd);
}
}
-/****************************************************************************
-set user socket options
-****************************************************************************/
+/**
+ * Set user socket options
+ **/
void set_socket_options(int fd, char *options)
{
char *tok;
free(options);
}
-/****************************************************************************
-become a daemon, discarding the controlling terminal
-****************************************************************************/
+/**
+ * Become a daemon, discarding the controlling terminal
+ **/
void become_daemon(void)
{
int i;
}
}
-/**
- * Return the IP addr of the client as a string
- **/
-char *client_addr(int fd)
-{
- struct sockaddr_storage ss;
- socklen_t length = sizeof ss;
- static char addr_buf[100];
- static int initialised;
-
- if (initialised) return addr_buf;
-
- initialised = 1;
-
- if (getpeername(fd, (struct sockaddr *)&ss, &length)) {
- exit_cleanup(RERR_SOCKETIO);
- }
-
- getnameinfo((struct sockaddr *)&ss, length,
- addr_buf, sizeof(addr_buf), NULL, 0, NI_NUMERICHOST);
- return addr_buf;
-}
-
-
-static int get_sockaddr_family(const struct sockaddr_storage *ss)
-{
- return ((struct sockaddr *) ss)->sa_family;
-}
-
-
-/**
- * Return the DNS name of the client.
- *
- * The name is statically cached so that repeated lookups are quick,
- * so there is a limit of one lookup per customer.
- **/
-char *client_name(int fd)
-{
- struct sockaddr_storage ss;
- socklen_t ss_len = sizeof ss;
- static char name_buf[100];
- static char port_buf[100];
- static int initialised;
-
- if (initialised) return name_buf;
-
- initialised = 1;
-
- if (getpeername(fd, (struct sockaddr *)&ss, &ss_len)) {
- /* FIXME: Can we really not continue? */
- rprintf(FERROR, RSYNC_NAME ": getpeername on fd%d failed: %s\n",
- fd, strerror(errno));
- exit_cleanup(RERR_SOCKETIO);
- }
-
- if (!lookup_name(&ss, ss_len, name_buf, sizeof name_buf, port_buf, sizeof port_buf))
- check_name(&ss, ss_len, name_buf, port_buf);
-
- return name_buf;
-}
-
/**
- * Look up a name from @p ss into @p name_buf.
+ * This is like socketpair but uses tcp. It is used by the Samba
+ * regression test code.
+ *
+ * The function guarantees that nobody else can attach to the socket,
+ * or if they do that this function fails and the socket gets closed
+ * returns 0 on success, -1 on failure the resulting file descriptors
+ * are symmetrical.
**/
-static int lookup_name(const struct sockaddr_storage *ss,
- socklen_t ss_len,
- char *name_buf, size_t name_buf_len,
- char *port_buf, size_t port_buf_len)
-{
- int name_err;
- const char *def = "UNKNOWN";
-
-#ifdef INET6
- if (get_sockaddr_family(ss) == AF_INET6 &&
- IN6_IS_ADDR_V4MAPPED(&((struct sockaddr_in6 *)ss)->sin6_addr)) {
- /* OK, so ss is in the IPv6 family, but it is really
- * an IPv4 address: something like
- * "::ffff:10.130.1.2". If we use it as-is, then the
- * reverse lookup might fail or perhaps something else
- * bad might happen. So instead we convert it to an
- * equivalent address in the IPv4 address family. */
- struct sockaddr_in6 sin6;
- struct sockaddr_in *sin;
-
- memcpy(&sin6, ss, sizeof(sin6));
- sin = (struct sockaddr_in *)ss;
- memset(sin, 0, sizeof(*sin));
- sin->sin_family = AF_INET;
- ss_len = sizeof(struct sockaddr_in);
-#ifdef HAVE_SOCKADDR_LEN
- sin->sin_len = ss_len;
-#endif
- sin->sin_port = sin6.sin6_port;
- /* FIXME: Isn't there a macro we can use here rather
- * than grovelling through the struct? It might be
- * wrong on some systems. */
- memcpy(&sin->sin_addr, &sin6.sin6_addr.s6_addr[12],
- sizeof(sin->sin_addr));
- }
-#endif
-
- /* reverse lookup */
- if (!(name_err = getnameinfo((struct sockaddr *) ss, ss_len,
- name_buf, name_buf_len,
- port_buf, port_buf_len,
- NI_NAMEREQD | NI_NUMERICSERV))) {
- strcpy(name_buf, def);
- rprintf(FERROR, RSYNC_NAME ": reverse name lookup failed: %s\n",
- gai_strerror(name_err));
- return name_err;
- }
-
- return 0;
-}
-
-
-
-/* Do a forward lookup on name_buf and make sure it corresponds to ss
- * -- otherwise we may be being spoofed. If we suspect we are, then
- * we don't abort the connection but just emit a warning. */
-static int check_name(const struct sockaddr_storage *ss,
- socklen_t ss_len,
- const char *name_buf,
- const char *port_buf)
-{
- struct addrinfo hints, *res, *res0;
- int error;
-
- memset(&hints, 0, sizeof(hints));
- hints.ai_family = PF_UNSPEC;
- hints.ai_flags = AI_CANONNAME;
- hints.ai_socktype = SOCK_STREAM;
- error = getaddrinfo(name_buf, port_buf, &hints, &res0);
- if (error) {
- /* We still use the name found by the reverse lookup,
- * but emit a warning. */
- rprintf(FERROR,
- RSYNC_NAME ": forward name lookup for %s:%s failed: %s\n",
- name_buf, port_buf,
- gai_strerror(error));
- return error;
- }
-
-
- /* We expect that one of the results will be the same as ss. */
- for (res = res0; res; res = res->ai_next) {
- if (res->ai_family != get_sockaddr_family(ss))
- continue;
- if (res->ai_addrlen != ss_len)
- continue;
- if (memcmp(res->ai_addr, ss, res->ai_addrlen) == 0)
- break;
- }
-
- if (res == NULL) {
- /* We hit the end of the list without finding an
- * address that was the same as ss. */
- rprintf(FERROR, RSYNC_NAME
- ": no address record for \"%s\" corresponds to peer name: spoofed address?\n",
- name_buf);
- }
-
- freeaddrinfo(res0);
- return 0;
-}
-
-
-/*******************************************************************
-this is like socketpair but uses tcp. It is used by the Samba
-regression test code
-The function guarantees that nobody else can attach to the socket,
-or if they do that this function fails and the socket gets closed
-returns 0 on success, -1 on failure
-the resulting file descriptors are symmetrical
- ******************************************************************/
static int socketpair_tcp(int fd[2])
{
int listener;
if ((listener = socket(PF_INET, SOCK_STREAM, 0)) == -1) goto failed;
memset(&sock2, 0, sizeof(sock2));
-#ifdef HAVE_SOCK_SIN_LEN
+#ifdef HAVE_SOCKADDR_LEN
sock2.sin_len = sizeof(sock2);
#endif
sock2.sin_family = PF_INET;
}
-/*******************************************************************
-run a program on a local tcp socket, this is used to launch smbd
-when regression testing
-the return value is a socket which is attached to a subprocess
-running "prog". stdin and stdout are attached. stderr is left
-attached to the original stderr
- ******************************************************************/
+
+/**
+ * Run a program on a local tcp socket, so that we can talk to it's
+ * stdin and stdout. This is used to fake a connection to a daemon
+ * for testing -- not for the normal case of running SSH.
+ *
+ * @return a socket which is attached to a subprocess running
+ * "prog". stdin and stdout are attached. stderr is left attached to
+ * the original stderr
+ **/
int sock_exec(const char *prog)
{
int fd[2];
+
if (socketpair_tcp(fd) != 0) {
rprintf (FERROR, RSYNC_NAME
": socketpair_tcp failed (%s)\n",
close(1);
dup(fd[1]);
dup(fd[1]);
- if (verbose > 3)
+ if (verbose > 3) {
+ /* Can't use rprintf because we've forked. */
fprintf (stderr,
RSYNC_NAME ": execute socket program \"%s\"\n",
prog);
+ }
exit (system (prog));
}
close (fd[1]);
Matt McCutchen's Web Site / rsync / rsync.git / blobdiff