X-Git-Url: https://mattmccutchen.net/rsync/rsync.git/blobdiff_plain/2d6dbe290c1ccc52b550753c4f9240ac716d5a24..1b42f628f495ff0cdaa8a7c219d8ce33192281fe:/socket.c diff --git a/socket.c b/socket.c index 02a25111..ca8c5612 100644 --- a/socket.c +++ b/socket.c @@ -1,53 +1,84 @@ -/* -*- c-file-style: "linux" -*- - - Copyright (C) 1992-2001 by Andrew Tridgell - Copyright (C) 2001 by Martin Pool - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -/** - * @file socket.c - * +/* * Socket functions used in rsync. - **/ + * + * Copyright (C) 1992-2001 Andrew Tridgell + * Copyright (C) 2001, 2002 Martin Pool + * Copyright (C) 2003-2007 Wayne Davison + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, visit the http://fsf.org website. + */ + +/* This file is now converted to use the new-style getaddrinfo() + * interface, which supports IPv6 but is also supported on recent + * IPv4-only machines. On systems that don't have that interface, we + * emulate it using the KAME implementation. */ #include "rsync.h" +#include "ifuncs.h" +#include +#include +#include + +extern char *bind_address; +extern int default_af_hint; -#ifndef HAVE_GETADDRINFO -#include "lib/addrinfo.h" +#ifdef HAVE_SIGACTION +static struct sigaction sigact; #endif -/* Establish a proxy connection on an open socket to a web roxy by - * using the CONNECT method. */ -static int establish_proxy_connection(int fd, char *host, int port) +/** + * Establish a proxy connection on an open socket to a web proxy by + * using the CONNECT method. If proxy_user and proxy_pass are not NULL, + * they are used to authenticate to the proxy using the "Basic" + * proxy-authorization protocol + **/ +static int establish_proxy_connection(int fd, char *host, int port, + char *proxy_user, char *proxy_pass) { - char buffer[1024]; - char *cp; + char *cp, buffer[1024]; + char *authhdr, authbuf[1024]; + int len; + + if (proxy_user && proxy_pass) { + stringjoin(buffer, sizeof buffer, + proxy_user, ":", proxy_pass, NULL); + len = strlen(buffer); - snprintf(buffer, sizeof(buffer), "CONNECT %s:%d HTTP/1.0\r\n\r\n", host, port); - if (write(fd, buffer, strlen(buffer)) != strlen(buffer)) { - rprintf(FERROR, "failed to write to proxy: %s\n", - strerror(errno)); + if ((len*8 + 5) / 6 >= (int)sizeof authbuf - 3) { + rprintf(FERROR, + "authentication information is too long\n"); + return -1; + } + + base64_encode(buffer, len, authbuf, 1); + authhdr = "\r\nProxy-Authorization: Basic "; + } else { + *authbuf = '\0'; + authhdr = ""; + } + + snprintf(buffer, sizeof buffer, "CONNECT %s:%d HTTP/1.0%s%s\r\n\r\n", + host, port, authhdr, authbuf); + len = strlen(buffer); + if (write(fd, buffer, len) != len) { + rsyserr(FERROR, errno, "failed to write to proxy"); return -1; } - for (cp = buffer; cp < &buffer[sizeof(buffer) - 1]; cp++) { + for (cp = buffer; cp < &buffer[sizeof buffer - 1]; cp++) { if (read(fd, cp, 1) != 1) { - rprintf(FERROR, "failed to read from proxy: %s\n", - strerror(errno)); + rsyserr(FERROR, errno, "failed to read from proxy"); return -1; } if (*cp == '\n') @@ -60,40 +91,72 @@ static int establish_proxy_connection(int fd, char *host, int port) if (*cp == '\r') *cp = '\0'; if (strncmp(buffer, "HTTP/", 5) != 0) { - rprintf(FERROR, "bad response from proxy - %s\n", + rprintf(FERROR, "bad response from proxy -- %s\n", buffer); return -1; } - for (cp = &buffer[5]; isdigit(*cp) || (*cp == '.'); cp++) - ; + for (cp = &buffer[5]; isDigit(cp) || *cp == '.'; cp++) {} while (*cp == ' ') cp++; if (*cp != '2') { - rprintf(FERROR, "bad response from proxy - %s\n", + rprintf(FERROR, "bad response from proxy -- %s\n", buffer); return -1; } /* throw away the rest of the HTTP header */ while (1) { - for (cp = buffer; cp < &buffer[sizeof(buffer) - 1]; - cp++) { + for (cp = buffer; cp < &buffer[sizeof buffer - 1]; cp++) { if (read(fd, cp, 1) != 1) { - rprintf(FERROR, "failed to read from proxy: %s\n", - strerror(errno)); + rsyserr(FERROR, errno, + "failed to read from proxy"); return -1; } if (*cp == '\n') break; } - if ((cp > buffer) && (*cp == '\n')) + if (cp > buffer && *cp == '\n') cp--; - if ((cp == buffer) && ((*cp == '\n') || (*cp == '\r'))) + if (cp == buffer && (*cp == '\n' || *cp == '\r')) break; } return 0; } +/** + * Try to set the local address for a newly-created socket. Return -1 + * if this fails. + **/ +int try_bind_local(int s, int ai_family, int ai_socktype, + const char *bind_addr) +{ + int error; + struct addrinfo bhints, *bres_all, *r; + + memset(&bhints, 0, sizeof bhints); + bhints.ai_family = ai_family; + bhints.ai_socktype = ai_socktype; + bhints.ai_flags = AI_PASSIVE; + if ((error = getaddrinfo(bind_addr, NULL, &bhints, &bres_all))) { + rprintf(FERROR, RSYNC_NAME ": getaddrinfo %s: %s\n", + bind_addr, gai_strerror(error)); + return -1; + } + + for (r = bres_all; r; r = r->ai_next) { + if (bind(s, r->ai_addr, r->ai_addrlen) == -1) + continue; + freeaddrinfo(bres_all); + return s; + } + + /* no error message; there might be some problem that allows + * creation of the socket but not binding, perhaps if the + * machine has no ipv6 address of this name. */ + freeaddrinfo(bres_all); + return -1; +} + /** * Open a socket to a tcp remote host with the specified port . @@ -110,48 +173,68 @@ static int establish_proxy_connection(int fd, char *host, int port) * reachable, perhaps because we can't e.g. route ipv6 to that network * but we can get ip4 packets through. * - * @param bind_address Local address to use. Normally NULL to bind + * @param bind_addr Local address to use. Normally NULL to bind * the wildcard address. * * @param af_hint Address family, e.g. AF_INET or AF_INET6. **/ -int open_socket_out(char *host, int port, const char *bind_address, +int open_socket_out(char *host, int port, const char *bind_addr, int af_hint) { int type = SOCK_STREAM; - int error; - int s; - int result; + int error, s; struct addrinfo hints, *res0, *res; char portbuf[10]; - char *h; + char *h, *cp; int proxied = 0; char buffer[1024]; - char *cp; + char *proxy_user = NULL, *proxy_pass = NULL; /* if we have a RSYNC_PROXY env variable then redirect our - * connetcion via a web proxy at the given address. The format - * is hostname:port */ + * connetcion via a web proxy at the given address. */ h = getenv("RSYNC_PROXY"); - proxied = (h != NULL) && (*h != '\0'); + proxied = h != NULL && *h != '\0'; if (proxied) { - strlcpy(buffer, h, sizeof(buffer)); - cp = strchr(buffer, ':'); - if (cp == NULL) { + strlcpy(buffer, h, sizeof buffer); + + /* Is the USER:PASS@ prefix present? */ + if ((cp = strrchr(buffer, '@')) != NULL) { + *cp++ = '\0'; + /* The remainder is the HOST:PORT part. */ + h = cp; + + if ((cp = strchr(buffer, ':')) == NULL) { + rprintf(FERROR, + "invalid proxy specification: should be USER:PASS@HOST:PORT\n"); + return -1; + } + *cp++ = '\0'; + + proxy_user = buffer; + proxy_pass = cp; + } else { + /* The whole buffer is the HOST:PORT part. */ + h = buffer; + } + + if ((cp = strchr(h, ':')) == NULL) { rprintf(FERROR, "invalid proxy specification: should be HOST:PORT\n"); return -1; } *cp++ = '\0'; - strcpy(portbuf, cp); - h = buffer; + strlcpy(portbuf, cp, sizeof portbuf); + if (verbose >= 2) { + rprintf(FINFO, "connection via http proxy %s port %s\n", + h, portbuf); + } } else { - snprintf(portbuf, sizeof(portbuf), "%d", port); + snprintf(portbuf, sizeof portbuf, "%d", port); h = host; } - memset(&hints, 0, sizeof(hints)); + memset(&hints, 0, sizeof hints); hints.ai_family = af_hint; hints.ai_socktype = type; error = getaddrinfo(h, portbuf, &hints, &res0); @@ -171,49 +254,30 @@ int open_socket_out(char *host, int port, const char *bind_address, if (s < 0) continue; - if (bind_address) { - struct addrinfo bhints, *bres; - - memset(&bhints, 0, sizeof(bhints)); - bhints.ai_family = res->ai_family; - bhints.ai_socktype = type; - bhints.ai_flags = AI_PASSIVE; - error = getaddrinfo(bind_address, NULL, &bhints, &bres); - if (error) { - rprintf(FERROR, RSYNC_NAME ": getaddrinfo: " - "bind address %s : %s\n", - bind_address, gai_strerror(error)); - continue; - } - if (bres->ai_next) { - /* I'm not at all sure that this is the right - * response here... -- mbp */ - rprintf(FERROR, RSYNC_NAME ": getaddrinfo: " - "bind address %s resolved to multiple hosts\n", - bind_address); - freeaddrinfo(bres); - continue; - } - bind(s, bres->ai_addr, bres->ai_addrlen); + if (bind_addr + && try_bind_local(s, res->ai_family, type, + bind_addr) == -1) { + close(s); + s = -1; + continue; } - if (connect(s, res->ai_addr, res->ai_addrlen) < 0) { close(s); s = -1; continue; } - if (proxied && - establish_proxy_connection(s, host, port) != 0) { + if (proxied + && establish_proxy_connection(s, host, port, + proxy_user, proxy_pass) != 0) { close(s); s = -1; continue; - } else - break; + } + break; } freeaddrinfo(res0); if (s < 0) { - rprintf(FERROR, RSYNC_NAME ": failed to connect to %s: %s\n", - h, strerror(errno)); + rsyserr(FERROR, errno, "failed to connect to %s", h); return -1; } return s; @@ -230,104 +294,171 @@ int open_socket_out(char *host, int port, const char *bind_address, * * This is based on the Samba LIBSMB_PROG feature. * - * @param bind_address Local address to use. Normally NULL to get the stack default. + * @param bind_addr Local address to use. Normally NULL to get the stack default. **/ -int open_socket_out_wrapped (char *host, - int port, - const char *bind_address, - int af_hint) +int open_socket_out_wrapped(char *host, int port, const char *bind_addr, + int af_hint) { - char *prog; + char *prog = getenv("RSYNC_CONNECT_PROG"); + + if (prog && strchr(prog, '%')) { + int hlen = strlen(host); + int len = strlen(prog) + 1; + char *f, *t; + for (f = prog; *f; f++) { + if (*f != '%') + continue; + /* Compute more than enough room. */ + if (f[1] == '%') + f++; + else + len += hlen; + } + f = prog; + if (!(prog = new_array(char, len))) + out_of_memory("open_socket_out_wrapped"); + for (t = prog; *f; f++) { + if (*f == '%') { + switch (*++f) { + case '%': + /* Just skips the extra '%'. */ + break; + case 'H': + memcpy(t, host, hlen); + t += hlen; + continue; + default: + f--; /* pass % through */ + break; + } + } + *t++ = *f; + } + *t = '\0'; + } - if ((prog = getenv ("RSYNC_CONNECT_PROG")) != NULL) - return sock_exec (prog); - else - return open_socket_out (host, port, bind_address, - af_hint); + if (verbose >= 2) { + rprintf(FINFO, "%sopening tcp connection to %s port %d\n", + prog ? "Using RSYNC_CONNECT_PROG instead of " : "", + host, port); + } + if (prog) + return sock_exec(prog); + return open_socket_out(host, port, bind_addr, af_hint); } /** - * Open a socket of the specified type, port and address for incoming data + * Open one or more sockets for incoming data using the specified type, + * port, and address. + * + * The getaddrinfo() call may return several address results, e.g. for + * the machine's IPv4 and IPv6 name. * - * Try to be better about handling the results of getaddrinfo(): when - * opening an inbound socket, we might get several address results, - * e.g. for the machine's ipv4 and ipv6 name. - * - * If binding a wildcard, then any one of them should do. If an address - * was specified but it's insufficiently specific then that's not our - * fault. - * - * However, some of the advertized addresses may not work because e.g. we - * don't have IPv6 support in the kernel. In that case go on and try all - * addresses until one succeeds. - * - * @param bind_address Local address to bind, or NULL to allow it to + * We return an array of file-descriptors to the sockets, with a trailing + * -1 value to indicate the end of the list. + * + * @param bind_addr Local address to bind, or NULL to allow it to * default. **/ -static int open_socket_in(int type, int port, const char *bind_address, - int af_hint) +static int *open_socket_in(int type, int port, const char *bind_addr, + int af_hint) { - int one=1; - int s; - struct addrinfo hints, *res, *resp; - char portbuf[10]; + int one = 1; + int s, *socks, maxs, i, ecnt; + struct addrinfo hints, *all_ai, *resp; + char portbuf[10], **errmsgs; int error; - memset(&hints, 0, sizeof(hints)); + memset(&hints, 0, sizeof hints); hints.ai_family = af_hint; hints.ai_socktype = type; hints.ai_flags = AI_PASSIVE; - snprintf(portbuf, sizeof(portbuf), "%d", port); - error = getaddrinfo(bind_address, portbuf, &hints, &res); + snprintf(portbuf, sizeof portbuf, "%d", port); + error = getaddrinfo(bind_addr, portbuf, &hints, &all_ai); if (error) { rprintf(FERROR, RSYNC_NAME ": getaddrinfo: bind address %s: %s\n", - bind_address, gai_strerror(error)); - return -1; + bind_addr, gai_strerror(error)); + return NULL; } - /* XXX: Do we need to care about getting multiple results - * back? I think probably not; if the user passed - * bind_address == NULL and we set AI_PASSIVE then we ought to - * get a wildcard result. */ - resp = res; - while (1) { - s = socket(resp->ai_family, resp->ai_socktype, resp->ai_protocol); - - if (s >= 0) { - break; /* got a socket */ - } else if ((resp = resp->ai_next)) { - switch (errno) { - case EPROTONOSUPPORT: - case EAFNOSUPPORT: - case EPFNOSUPPORT: - /* See if there's another address that will work... */ + /* Count max number of sockets we might open. */ + for (maxs = 0, resp = all_ai; resp; resp = resp->ai_next, maxs++) {} + + socks = new_array(int, maxs + 1); + errmsgs = new_array(char *, maxs); + if (!socks || !errmsgs) + out_of_memory("open_socket_in"); + + /* We may not be able to create the socket, if for example the + * machine knows about IPv6 in the C library, but not in the + * kernel. */ + for (resp = all_ai, i = ecnt = 0; resp; resp = resp->ai_next) { + s = socket(resp->ai_family, resp->ai_socktype, + resp->ai_protocol); + + if (s == -1) { + int r = asprintf(&errmsgs[ecnt++], + "socket(%d,%d,%d) failed: %s\n", + (int)resp->ai_family, (int)resp->ai_socktype, + (int)resp->ai_protocol, strerror(errno)); + if (r < 0) + out_of_memory("open_socket_in"); + /* See if there's another address that will work... */ + continue; + } + + setsockopt(s, SOL_SOCKET, SO_REUSEADDR, + (char *)&one, sizeof one); + +#ifdef IPV6_V6ONLY + if (resp->ai_family == AF_INET6) { + if (setsockopt(s, IPPROTO_IPV6, IPV6_V6ONLY, + (char *)&one, sizeof one) < 0 + && default_af_hint != AF_INET6) { + close(s); continue; } } - - rprintf(FERROR, RSYNC_NAME ": open inbound socket" - "(dom=%d, type=%d, proto=%d) failed: %s\n", - resp->ai_family, resp->ai_socktype, resp->ai_protocol, - strerror(errno)); - goto fail; - } +#endif - setsockopt(s,SOL_SOCKET,SO_REUSEADDR,(char *)&one,sizeof(one)); + /* Now we've got a socket - we need to bind it. */ + if (bind(s, resp->ai_addr, resp->ai_addrlen) < 0) { + /* Nope, try another */ + int r = asprintf(&errmsgs[ecnt++], + "bind() failed: %s (address-family %d)\n", + strerror(errno), (int)resp->ai_family); + if (r < 0) + out_of_memory("open_socket_in"); + close(s); + continue; + } - /* now we've got a socket - we need to bind it */ - if (bind(s, res->ai_addr, res->ai_addrlen) < 0) { - rprintf(FERROR, RSYNC_NAME ": bind failed on port %d\n", port); - close(s); - goto fail; + socks[i++] = s; } + socks[i] = -1; - return s; + if (all_ai) + freeaddrinfo(all_ai); -fail: - freeaddrinfo(res); - return -1; + /* Only output the socket()/bind() messages if we were totally + * unsuccessful, or if the daemon is being run with -vv. */ + for (s = 0; s < ecnt; s++) { + if (!i || verbose > 1) + rwrite(FLOG, errmsgs[s], strlen(errmsgs[s]), 0); + free(errmsgs[s]); + } + free(errmsgs); + + if (!i) { + rprintf(FERROR, + "unable to bind any inbound sockets on port %d\n", + port); + free(socks); + return NULL; + } + return socks; } @@ -337,88 +468,126 @@ fail: int is_a_socket(int fd) { int v; - socklen_t l; - l = sizeof(int); - - /* Parameters to getsockopt, setsockopt etc are very - * unstandardized across platforms, so don't be surprised if - * there are compiler warnings on e.g. SCO OpenSwerver or AIX. - * It seems they all eventually get the right idea. - * - * Debian says: ``The fifth argument of getsockopt and - * setsockopt is in reality an int [*] (and this is what BSD - * 4.* and libc4 and libc5 have). Some POSIX confusion - * resulted in the present socklen_t. The draft standard has - * not been adopted yet, but glibc2 already follows it and - * also has socklen_t [*]. See also accept(2).'' - * - * We now return to your regularly scheduled programming. */ - return(getsockopt(fd, SOL_SOCKET, SO_TYPE, (char *)&v, &l) == 0); + socklen_t l = sizeof (int); + + /* Parameters to getsockopt, setsockopt etc are very + * unstandardized across platforms, so don't be surprised if + * there are compiler warnings on e.g. SCO OpenSwerver or AIX. + * It seems they all eventually get the right idea. + * + * Debian says: ``The fifth argument of getsockopt and + * setsockopt is in reality an int [*] (and this is what BSD + * 4.* and libc4 and libc5 have). Some POSIX confusion + * resulted in the present socklen_t. The draft standard has + * not been adopted yet, but glibc2 already follows it and + * also has socklen_t [*]. See also accept(2).'' + * + * We now return to your regularly scheduled programming. */ + return getsockopt(fd, SOL_SOCKET, SO_TYPE, (char *)&v, &l) == 0; +} + + +static RETSIGTYPE sigchld_handler(UNUSED(int val)) +{ +#ifdef WNOHANG + while (waitpid(-1, NULL, WNOHANG) > 0) {} +#endif +#ifndef HAVE_SIGACTION + signal(SIGCHLD, sigchld_handler); +#endif } -void start_accept_loop(int port, int (*fn)(int )) +void start_accept_loop(int port, int (*fn)(int, int)) { - int s; - extern char *bind_address; + fd_set deffds; + int *sp, maxfd, i; + +#ifdef HAVE_SIGACTION + sigact.sa_flags = SA_NOCLDSTOP; +#endif /* open an incoming socket */ - s = open_socket_in(SOCK_STREAM, port, bind_address, - global_opts.af_hint); - if (s == -1) + sp = open_socket_in(SOCK_STREAM, port, bind_address, default_af_hint); + if (sp == NULL) exit_cleanup(RERR_SOCKETIO); /* ready to listen */ - if (listen(s, 5) == -1) { - close(s); - exit_cleanup(RERR_SOCKETIO); + FD_ZERO(&deffds); + for (i = 0, maxfd = -1; sp[i] >= 0; i++) { + if (listen(sp[i], 5) < 0) { + rsyserr(FERROR, errno, "listen() on socket failed"); +#ifdef INET6 + if (errno == EADDRINUSE && i > 0) { + rprintf(FINFO, + "Try using --ipv4 or --ipv6 to avoid this listen() error.\n"); + } +#endif + exit_cleanup(RERR_SOCKETIO); + } + FD_SET(sp[i], &deffds); + if (maxfd < sp[i]) + maxfd = sp[i]; } - /* now accept incoming connections - forking a new process - for each incoming connection */ + * for each incoming connection */ while (1) { fd_set fds; + pid_t pid; int fd; struct sockaddr_storage addr; - int addrlen = sizeof(addr); + socklen_t addrlen = sizeof addr; /* close log file before the potentially very long select so - file can be trimmed by another process instead of growing - forever */ - log_close(); + * file can be trimmed by another process instead of growing + * forever */ + logfile_close(); - FD_ZERO(&fds); - FD_SET(s, &fds); +#ifdef FD_COPY + FD_COPY(&deffds, &fds); +#else + fds = deffds; +#endif - if (select(s+1, &fds, NULL, NULL, NULL) != 1) { + if (select(maxfd + 1, &fds, NULL, NULL, NULL) != 1) continue; - } - if(!FD_ISSET(s, &fds)) continue; - - fd = accept(s,(struct sockaddr *)&addr,&addrlen); - - if (fd == -1) continue; - - signal(SIGCHLD, SIG_IGN); + for (i = 0, fd = -1; sp[i] >= 0; i++) { + if (FD_ISSET(sp[i], &fds)) { + fd = accept(sp[i], (struct sockaddr *)&addr, + &addrlen); + break; + } + } - /* we shouldn't have any children left hanging around - but I have had reports that on Digital Unix zombies - are produced, so this ensures that they are reaped */ -#ifdef WNOHANG - while (waitpid(-1, NULL, WNOHANG) > 0); -#endif + if (fd < 0) + continue; - if (fork()==0) { - close(s); - /* open log file in child before possibly giving - up privileges */ - log_open(); - _exit(fn(fd)); + SIGACTION(SIGCHLD, sigchld_handler); + + if ((pid = fork()) == 0) { + int ret; + for (i = 0; sp[i] >= 0; i++) + close(sp[i]); + /* Re-open log file in child before possibly giving + * up privileges (see logfile_close() above). */ + logfile_reopen(); + ret = fn(fd, fd); + close_all(); + _exit(ret); + } else if (pid < 0) { + rsyserr(FERROR, errno, + "could not create child server process"); + close(fd); + /* This might have happened because we're + * overloaded. Sleep briefly before trying to + * accept again. */ + sleep(2); + } else { + /* Parent doesn't need this fd anymore. */ + close(fd); } - - close(fd); } } @@ -465,21 +634,24 @@ struct #endif {NULL,0,0,0,0}}; - -/**************************************************************************** -set user socket options -****************************************************************************/ + +/** + * Set user socket options + **/ void set_socket_options(int fd, char *options) { char *tok; - if (!options || !*options) return; + + if (!options || !*options) + return; options = strdup(options); - - if (!options) out_of_memory("set_socket_options"); - for (tok=strtok(options, " \t,"); tok; tok=strtok(NULL," \t,")) { + if (!options) + out_of_memory("set_socket_options"); + + for (tok = strtok(options, " \t,"); tok; tok = strtok(NULL," \t,")) { int ret=0,i; int value = 1; char *p; @@ -491,9 +663,10 @@ void set_socket_options(int fd, char *options) got_value = 1; } - for (i=0;socket_options[i].name;i++) + for (i = 0; socket_options[i].name; i++) { if (strcmp(socket_options[i].name,tok)==0) break; + } if (!socket_options[i].name) { rprintf(FERROR,"Unknown socket option %s\n",tok); @@ -504,32 +677,35 @@ void set_socket_options(int fd, char *options) case OPT_BOOL: case OPT_INT: ret = setsockopt(fd,socket_options[i].level, - socket_options[i].option,(char *)&value,sizeof(int)); + socket_options[i].option, + (char *)&value, sizeof (int)); break; - + case OPT_ON: if (got_value) - rprintf(FERROR,"syntax error - %s does not take a value\n",tok); + rprintf(FERROR,"syntax error -- %s does not take a value\n",tok); { int on = socket_options[i].value; ret = setsockopt(fd,socket_options[i].level, - socket_options[i].option,(char *)&on,sizeof(int)); + socket_options[i].option, + (char *)&on, sizeof (int)); } - break; + break; + } + + if (ret != 0) { + rsyserr(FERROR, errno, + "failed to set socket option %s", tok); } - - if (ret != 0) - rprintf(FERROR, "failed to set socket option %s: %s\n", tok, - strerror(errno)); } free(options); } -/**************************************************************************** -become a daemon, discarding the controlling terminal -****************************************************************************/ +/** + * Become a daemon, discarding the controlling terminal + **/ void become_daemon(void) { int i; @@ -541,239 +717,129 @@ void become_daemon(void) /* detach from the terminal */ #ifdef HAVE_SETSID setsid(); -#else -#ifdef TIOCNOTTY +#elif defined TIOCNOTTY i = open("/dev/tty", O_RDWR); if (i >= 0) { - ioctl(i, (int) TIOCNOTTY, (char *)0); + ioctl(i, (int)TIOCNOTTY, (char *)0); close(i); } -#endif /* TIOCNOTTY */ #endif /* make sure that stdin, stdout an stderr don't stuff things - up (library functions, for example) */ - for (i=0;i<3;i++) { - close(i); + * up (library functions, for example) */ + for (i = 0; i < 3; i++) { + close(i); open("/dev/null", O_RDWR); } } -/** - * Return the IP addr of the client as a string - **/ -char *client_addr(int fd) -{ - struct sockaddr_storage ss; - int length = sizeof(ss); - static char addr_buf[100]; - static int initialised; - - if (initialised) return addr_buf; - - initialised = 1; - - if (getpeername(fd, (struct sockaddr *)&ss, &length)) { - exit_cleanup(RERR_SOCKETIO); - } - - getnameinfo((struct sockaddr *)&ss, length, - addr_buf, sizeof(addr_buf), NULL, 0, NI_NUMERICHOST); - return addr_buf; -} - /** - * Return the DNS name of the client + * This is like socketpair but uses tcp. It is used by the Samba + * regression test code. + * + * The function guarantees that nobody else can attach to the socket, + * or if they do that this function fails and the socket gets closed + * returns 0 on success, -1 on failure the resulting file descriptors + * are symmetrical. **/ -char *client_name(int fd) -{ - struct sockaddr_storage ss; - int length = sizeof(ss); - static char name_buf[100]; - static char port_buf[100]; - char *def = "UNKNOWN"; - static int initialised; - struct addrinfo hints, *res, *res0; - int error; - - if (initialised) return name_buf; - - initialised = 1; - - strcpy(name_buf,def); - - if (getpeername(fd, (struct sockaddr *)&ss, &length)) { - /* FIXME: Can we really not continue? */ - rprintf(FERROR, RSYNC_NAME ": getpeername on fd%d failed: %s\n", - fd, strerror(errno)); - exit_cleanup(RERR_SOCKETIO); - } - -#ifdef INET6 - if (ss.ss_family == AF_INET6 && - IN6_IS_ADDR_V4MAPPED(&((struct sockaddr_in6 *)&ss)->sin6_addr)) { - struct sockaddr_in6 sin6; - struct sockaddr_in *sin; - - memcpy(&sin6, &ss, sizeof(sin6)); - sin = (struct sockaddr_in *)&ss; - memset(sin, 0, sizeof(*sin)); - sin->sin_family = AF_INET; - length = sizeof(struct sockaddr_in); -#ifdef HAVE_SOCKADDR_LEN - sin->sin_len = length; -#endif - sin->sin_port = sin6.sin6_port; - memcpy(&sin->sin_addr, &sin6.sin6_addr.s6_addr[12], - sizeof(sin->sin_addr)); - } -#endif - - /* reverse lookup */ - if (getnameinfo((struct sockaddr *)&ss, length, - name_buf, sizeof(name_buf), port_buf, sizeof(port_buf), - NI_NAMEREQD | NI_NUMERICSERV) != 0) { - strcpy(name_buf, def); - rprintf(FERROR, "reverse name lookup failed\n"); - } - - /* forward lookup */ - memset(&hints, 0, sizeof(hints)); - hints.ai_family = PF_UNSPEC; - hints.ai_flags = AI_CANONNAME; - hints.ai_socktype = SOCK_STREAM; - error = getaddrinfo(name_buf, port_buf, &hints, &res0); - if (error) { - strcpy(name_buf, def); - rprintf(FERROR, - RSYNC_NAME ": forward name lookup for %s failed: %s\n", - port_buf, - gai_strerror(error)); - return name_buf; - } - - /* XXX sin6_flowinfo and other fields */ - for (res = res0; res; res = res->ai_next) { - if (res->ai_family != ss.ss_family) - continue; - if (res->ai_addrlen != length) - continue; - if (memcmp(res->ai_addr, &ss, res->ai_addrlen) == 0) - break; - } - - /* TODO: Do a forward lookup as well to prevent spoofing */ - - if (res == NULL) { - strcpy(name_buf, def); - rprintf(FERROR, RSYNC_NAME ": " - "reverse name lookup mismatch on fd%d - spoofed address?\n", - fd); - } - - freeaddrinfo(res0); - return name_buf; -} - - -/******************************************************************* -this is like socketpair but uses tcp. It is used by the Samba -regression test code -The function guarantees that nobody else can attach to the socket, -or if they do that this function fails and the socket gets closed -returns 0 on success, -1 on failure -the resulting file descriptors are symmetrical - ******************************************************************/ static int socketpair_tcp(int fd[2]) { int listener; struct sockaddr_in sock; struct sockaddr_in sock2; - socklen_t socklen = sizeof(sock); + socklen_t socklen = sizeof sock; int connect_done = 0; - + fd[0] = fd[1] = listener = -1; - memset(&sock, 0, sizeof(sock)); - - if ((listener = socket(PF_INET, SOCK_STREAM, 0)) == -1) goto failed; + memset(&sock, 0, sizeof sock); + + if ((listener = socket(PF_INET, SOCK_STREAM, 0)) == -1) + goto failed; - memset(&sock2, 0, sizeof(sock2)); -#ifdef HAVE_SOCK_SIN_LEN - sock2.sin_len = sizeof(sock2); + memset(&sock2, 0, sizeof sock2); +#ifdef HAVE_SOCKADDR_IN_LEN + sock2.sin_len = sizeof sock2; #endif - sock2.sin_family = PF_INET; + sock2.sin_family = PF_INET; - bind(listener, (struct sockaddr *)&sock2, sizeof(sock2)); + bind(listener, (struct sockaddr *)&sock2, sizeof sock2); - if (listen(listener, 1) != 0) goto failed; + if (listen(listener, 1) != 0) + goto failed; - if (getsockname(listener, (struct sockaddr *)&sock, &socklen) != 0) goto failed; + if (getsockname(listener, (struct sockaddr *)&sock, &socklen) != 0) + goto failed; - if ((fd[1] = socket(PF_INET, SOCK_STREAM, 0)) == -1) goto failed; + if ((fd[1] = socket(PF_INET, SOCK_STREAM, 0)) == -1) + goto failed; set_nonblocking(fd[1]); sock.sin_addr.s_addr = htonl(INADDR_LOOPBACK); - if (connect(fd[1],(struct sockaddr *)&sock,sizeof(sock)) == -1) { - if (errno != EINPROGRESS) goto failed; - } else { + if (connect(fd[1], (struct sockaddr *)&sock, sizeof sock) == -1) { + if (errno != EINPROGRESS) + goto failed; + } else connect_done = 1; - } - if ((fd[0] = accept(listener, (struct sockaddr *)&sock, &socklen)) == -1) goto failed; + if ((fd[0] = accept(listener, (struct sockaddr *)&sock, &socklen)) == -1) + goto failed; close(listener); + listener = -1; + + set_blocking(fd[1]); + if (connect_done == 0) { - if (connect(fd[1],(struct sockaddr *)&sock,sizeof(sock)) != 0 - && errno != EISCONN) goto failed; + if (connect(fd[1], (struct sockaddr *)&sock, sizeof sock) != 0 + && errno != EISCONN) + goto failed; } - set_blocking (fd[1]); - /* all OK! */ return 0; failed: - if (fd[0] != -1) close(fd[0]); - if (fd[1] != -1) close(fd[1]); - if (listener != -1) close(listener); + if (fd[0] != -1) + close(fd[0]); + if (fd[1] != -1) + close(fd[1]); + if (listener != -1) + close(listener); return -1; } -/******************************************************************* -run a program on a local tcp socket, this is used to launch smbd -when regression testing -the return value is a socket which is attached to a subprocess -running "prog". stdin and stdout are attached. stderr is left -attached to the original stderr - ******************************************************************/ + +/** + * Run a program on a local tcp socket, so that we can talk to it's + * stdin and stdout. This is used to fake a connection to a daemon + * for testing -- not for the normal case of running SSH. + * + * @return a socket which is attached to a subprocess running + * "prog". stdin and stdout are attached. stderr is left attached to + * the original stderr + **/ int sock_exec(const char *prog) { int fd[2]; + if (socketpair_tcp(fd) != 0) { - rprintf (FERROR, RSYNC_NAME - ": socketpair_tcp failed (%s)\n", - strerror(errno)); + rsyserr(FERROR, errno, "socketpair_tcp failed"); return -1; } + if (verbose >= 2) + rprintf(FINFO, "Running socket program: \"%s\"\n", prog); if (fork() == 0) { close(fd[0]); close(0); close(1); dup(fd[1]); dup(fd[1]); - if (verbose > 3) - fprintf (stderr, - RSYNC_NAME ": execute socket program \"%s\"\n", - prog); - exit (system (prog)); + exit(system(prog)); } - close (fd[1]); + close(fd[1]); return fd[0]; } - - -