X-Git-Url: https://mattmccutchen.net/rsync/rsync.git/blobdiff_plain/654175798bdbdd6403e10c8fa74e8586b3612ea1..b964901f7d01ad04717535ce3d328200d616be32:/socket.c diff --git a/socket.c b/socket.c index 6fd4e365..5e037605 100644 --- a/socket.c +++ b/socket.c @@ -1,5 +1,7 @@ -/* - Copyright (C) Andrew Tridgell 1998 +/* -*- c-file-style: "linux" -*- + + Copyright (C) 1992-2001 by Andrew Tridgell + Copyright (C) 2001 by Martin Pool This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -23,74 +25,196 @@ #include "rsync.h" + +/* Establish a proxy connection on an open socket to a web roxy by + * using the CONNECT method. */ +static int establish_proxy_connection(int fd, char *host, int port) +{ + char buffer[1024]; + char *cp; + + snprintf(buffer, sizeof(buffer), "CONNECT %s:%d HTTP/1.0\r\n\r\n", host, port); + if (write(fd, buffer, strlen(buffer)) != strlen(buffer)) { + rprintf(FERROR, "failed to write to proxy: %s\n", + strerror(errno)); + return -1; + } + + for (cp = buffer; cp < &buffer[sizeof(buffer) - 1]; cp++) { + if (read(fd, cp, 1) != 1) { + rprintf(FERROR, "failed to read from proxy: %s\n", + strerror(errno)); + return -1; + } + if (*cp == '\n') + break; + } + + if (*cp != '\n') + cp++; + *cp-- = '\0'; + if (*cp == '\r') + *cp = '\0'; + if (strncmp(buffer, "HTTP/", 5) != 0) { + rprintf(FERROR, "bad response from proxy - %s\n", + buffer); + return -1; + } + for (cp = &buffer[5]; isdigit(*cp) || (*cp == '.'); cp++) + ; + while (*cp == ' ') + cp++; + if (*cp != '2') { + rprintf(FERROR, "bad response from proxy - %s\n", + buffer); + return -1; + } + /* throw away the rest of the HTTP header */ + while (1) { + for (cp = buffer; cp < &buffer[sizeof(buffer) - 1]; + cp++) { + if (read(fd, cp, 1) != 1) { + rprintf(FERROR, "failed to read from proxy: %s\n", + strerror(errno)); + return -1; + } + if (*cp == '\n') + break; + } + if ((cp > buffer) && (*cp == '\n')) + cp--; + if ((cp == buffer) && ((*cp == '\n') || (*cp == '\r'))) + break; + } + return 0; +} + + + /* open a socket to a tcp remote host with the specified port - based on code from Warren */ -int open_socket_out(char *host, int port) + based on code from Warren + proxy support by Stephen Rothwell */ +static int open_socket_out (char *host, + int port, + struct in_addr *address) { int type = SOCK_STREAM; struct sockaddr_in sock_out; + struct sockaddr_in sock; int res; struct hostent *hp; - + char *h; + unsigned p; + int proxied = 0; + char buffer[1024]; + char *cp; + + /* if we have a RSYNC_PROXY env variable then redirect our + * connetcion via a web proxy at the given address. The format + * is hostname:port */ + h = getenv("RSYNC_PROXY"); + proxied = (h != NULL) && (*h != '\0'); + + if (proxied) { + strlcpy(buffer, h, sizeof(buffer)); + cp = strchr(buffer, ':'); + if (cp == NULL) { + rprintf(FERROR, + "invalid proxy specification: should be HOST:PORT\n"); + return -1; + } + *cp++ = '\0'; + p = atoi(cp); + h = buffer; + } else { + h = host; + p = port; + } res = socket(PF_INET, type, 0); if (res == -1) { return -1; } - hp = gethostbyname(host); + hp = gethostbyname(h); if (!hp) { - rprintf(FERROR,"unknown host: %s\n", host); + rprintf(FERROR,"unknown host: \"%s\"\n", h); + close(res); return -1; } memcpy(&sock_out.sin_addr, hp->h_addr, hp->h_length); - sock_out.sin_port = htons(port); + sock_out.sin_port = htons(p); sock_out.sin_family = PF_INET; + if (address) { + sock.sin_addr = *address; + sock.sin_port = 0; + sock.sin_family = hp->h_addrtype; + bind(res, (struct sockaddr * ) &sock,sizeof(sock)); + } + if (connect(res,(struct sockaddr *)&sock_out,sizeof(sock_out))) { + rprintf (FERROR, RSYNC_NAME ": failed to connect to host %s: %s\n", + h, strerror(errno)); close(res); - rprintf(FERROR,"failed to connect to %s - %s\n", host, strerror(errno)); return -1; } - set_nonblocking(res); + if (proxied && establish_proxy_connection(res, host, port) != 0) { + close(res); + return -1; + } return res; } +/** + * Open an outgoing socket, but allow for it to be intercepted by + * $RSYNC_CONNECT_PROG, which will execute a program across a TCP + * socketpair rather than really opening a socket. + * + * We use this primarily in testing to detect TCP flow bugs, but not + * cause security problems by really opening remote connections. + * + * This is based on the Samba LIBSMB_PROG feature. + **/ +int open_socket_out_wrapped (char *host, + int port, + struct in_addr *address) +{ + char *prog; + + if ((prog = getenv ("RSYNC_CONNECT_PROG")) != NULL) + return sock_exec (prog); + else + return open_socket_out (host, port, address); +} + + + /**************************************************************************** open a socket of the specified type, port and address for incoming data ****************************************************************************/ -static int open_socket_in(int type, int port) +static int open_socket_in(int type, int port, struct in_addr *address) { - struct hostent *hp; struct sockaddr_in sock; - char host_name[200]; int res; int one=1; - /* get my host name */ - if (gethostname(host_name, sizeof(host_name)) == -1) { - rprintf(FERROR,"gethostname failed\n"); - return -1; - } - - /* get host info */ - if ((hp = gethostbyname(host_name)) == 0) { - rprintf(FERROR,"gethostbyname: Unknown host %s\n",host_name); - return -1; - } - memset((char *)&sock,0,sizeof(sock)); - memcpy((char *)&sock.sin_addr,(char *)hp->h_addr, hp->h_length); sock.sin_port = htons(port); - sock.sin_family = hp->h_addrtype; - sock.sin_addr.s_addr = INADDR_ANY; - res = socket(hp->h_addrtype, type, 0); + sock.sin_family = AF_INET; + if (address) { + sock.sin_addr = *address; + } else { + sock.sin_addr.s_addr = INADDR_ANY; + } + res = socket(AF_INET, type, 0); if (res == -1) { - rprintf(FERROR,"socket failed\n"); + rprintf(FERROR, RSYNC_NAME ": socket failed: %s\n", + strerror(errno)); return -1; } @@ -98,7 +222,12 @@ static int open_socket_in(int type, int port) /* now we've got a socket - we need to bind it */ if (bind(res, (struct sockaddr * ) &sock,sizeof(sock)) == -1) { - rprintf(FERROR,"bind failed on port %d\n", port); + rprintf(FERROR,"bind failed on port %d: %s\n", port, + strerror(errno)); + if (errno == EACCES && port < 1024) { + rprintf(FERROR, "Note: you must be root to bind " + "to low-numbered ports"); + } close(res); return -1; } @@ -107,13 +236,28 @@ static int open_socket_in(int type, int port) } -/**************************************************************************** -determine if a file descriptor is in fact a socket -****************************************************************************/ +/* + * Determine if a file descriptor is in fact a socket + */ int is_a_socket(int fd) { - int v,l; + int v; + socklen_t l; l = sizeof(int); + + /* Parameters to getsockopt, setsockopt etc are very + * unstandardized across platforms, so don't be surprised if + * there are compiler warnings on e.g. SCO OpenSwerver or AIX. + * It seems they all eventually get the right idea. + * + * Debian says: ``The fifth argument of getsockopt and + * setsockopt is in reality an int [*] (and this is what BSD + * 4.* and libc4 and libc5 have). Some POSIX confusion + * resulted in the present socklen_t. The draft standard has + * not been adopted yet, but glibc2 already follows it and + * also has socklen_t [*]. See also accept(2).'' + * + * We now return to your regularly scheduled programming. */ return(getsockopt(fd, SOL_SOCKET, SO_TYPE, (char *)&v, &l) == 0); } @@ -121,9 +265,10 @@ int is_a_socket(int fd) void start_accept_loop(int port, int (*fn)(int )) { int s; + extern struct in_addr socket_address; /* open an incoming socket */ - s = open_socket_in(SOCK_STREAM, port); + s = open_socket_in(SOCK_STREAM, port, &socket_address); if (s == -1) exit_cleanup(RERR_SOCKETIO); @@ -140,7 +285,12 @@ void start_accept_loop(int port, int (*fn)(int )) fd_set fds; int fd; struct sockaddr addr; - int in_addrlen = sizeof(addr); + socklen_t in_addrlen = sizeof(addr); + + /* close log file before the potentially very long select so + file can be trimmed by another process instead of growing + forever */ + log_close(); FD_ZERO(&fds); FD_SET(s, &fds); @@ -151,7 +301,8 @@ void start_accept_loop(int port, int (*fn)(int )) if(!FD_ISSET(s, &fds)) continue; - fd = accept(s,&addr,&in_addrlen); + /* See note above prototypes. */ + fd = accept(s,&addr, &in_addrlen); if (fd == -1) continue; @@ -161,13 +312,15 @@ void start_accept_loop(int port, int (*fn)(int )) but I have had reports that on Digital Unix zombies are produced, so this ensures that they are reaped */ #ifdef WNOHANG - waitpid(-1, NULL, WNOHANG); + while (waitpid(-1, NULL, WNOHANG) > 0); #endif if (fork()==0) { close(s); - set_nonblocking(fd); + /* open log file in child before possibly giving + up privileges */ + log_open(); _exit(fn(fd)); } @@ -274,7 +427,8 @@ void set_socket_options(int fd, char *options) } if (ret != 0) - rprintf(FERROR,"Failed to set socket option %s\n",tok); + rprintf(FERROR, "failed to set socket option %s: %s\n", tok, + strerror(errno)); } free(options); @@ -318,7 +472,7 @@ char *client_addr(int fd) { struct sockaddr sa; struct sockaddr_in *sockin = (struct sockaddr_in *) (&sa); - int length = sizeof(sa); + socklen_t length = sizeof(sa); static char addr_buf[100]; static int initialised; @@ -330,7 +484,7 @@ char *client_addr(int fd) exit_cleanup(RERR_SOCKETIO); } - strlcpy(addr_buf,(char *)inet_ntoa(sockin->sin_addr), sizeof(addr_buf)-1); + strlcpy(addr_buf,(char *)inet_ntoa(sockin->sin_addr), sizeof(addr_buf)); return addr_buf; } @@ -342,7 +496,7 @@ char *client_name(int fd) { struct sockaddr sa; struct sockaddr_in *sockin = (struct sockaddr_in *) (&sa); - int length = sizeof(sa); + socklen_t length = sizeof(sa); static char name_buf[100]; struct hostent *hp; char **p; @@ -363,15 +517,16 @@ char *client_name(int fd) if ((hp = gethostbyaddr((char *) &sockin->sin_addr, sizeof(sockin->sin_addr), AF_INET))) { - strlcpy(name_buf,(char *)hp->h_name,sizeof(name_buf) - 1); + strlcpy(name_buf,(char *)hp->h_name,sizeof(name_buf)); } /* do a forward lookup as well to prevent spoofing */ hp = gethostbyname(name_buf); if (!hp) { - strcpy(name_buf,def); - rprintf(FERROR,"reverse name lookup failed\n"); + strcpy (name_buf,def); + rprintf (FERROR, "reverse name lookup for \"%s\" failed\n", + name_buf); } else { for (p=hp->h_addr_list;*p;p++) { if (memcmp(*p, &sockin->sin_addr, hp->h_length) == 0) { @@ -386,3 +541,167 @@ char *client_name(int fd) return name_buf; } + +/** + Convert a string to an IP address. The string can be a name or + dotted decimal number. + + Returns a pointer to a static in_addr struct -- if you call this + more than once then you should copy it. +*/ +struct in_addr *ip_address(const char *str) +{ + static struct in_addr ret; + struct hostent *hp; + + if (!str) { + rprintf (FERROR, "ip_address received NULL name\n"); + return NULL; + } + + /* try as an IP address */ + if (inet_aton(str, &ret) != 0) { + return &ret; + } + + /* otherwise assume it's a network name of some sort and use + gethostbyname */ + if ((hp = gethostbyname (str)) == 0) { + rprintf(FERROR, "gethostbyname failed for \"%s\": unknown host?\n",str); + return NULL; + } + + if (hp->h_addr == NULL) { + rprintf(FERROR, "gethostbyname: host address is invalid for host \"%s\"\n",str); + return NULL; + } + + if (hp->h_length > sizeof ret) { + rprintf(FERROR, "gethostbyname: host address for \"%s\" is too large\n", + str); + return NULL; + } + + if (hp->h_addrtype != AF_INET) { + rprintf (FERROR, "gethostname: host address for \"%s\" is not IPv4\n", + str); + return NULL; + } + + /* This is kind of difficult. The only field in ret is + s_addr, which is the IP address as a 32-bit int. On + UNICOS, s_addr is in fact a *bitfield* for reasons best + know to Cray. This means we can't memcpy in to it. On the + other hand, h_addr is a char*, so we can't just assign. + + Since there's meant to be only one field inside the in_addr + structure we will try just copying over the top and see how + that goes. */ + memcpy (&ret, hp->h_addr, hp->h_length); + + return &ret; +} + + + +/******************************************************************* +this is like socketpair but uses tcp. It is used by the Samba +regression test code +The function guarantees that nobody else can attach to the socket, +or if they do that this function fails and the socket gets closed +returns 0 on success, -1 on failure +the resulting file descriptors are symmetrical + ******************************************************************/ +static int socketpair_tcp(int fd[2]) +{ + int listener; + struct sockaddr_in sock; + struct sockaddr_in sock2; + socklen_t socklen = sizeof(sock); + int connect_done = 0; + + fd[0] = fd[1] = listener = -1; + + memset(&sock, 0, sizeof(sock)); + + if ((listener = socket(PF_INET, SOCK_STREAM, 0)) == -1) goto failed; + + memset(&sock2, 0, sizeof(sock2)); +#ifdef HAVE_SOCK_SIN_LEN + sock2.sin_len = sizeof(sock2); +#endif + sock2.sin_family = PF_INET; + + bind(listener, (struct sockaddr *)&sock2, sizeof(sock2)); + + if (listen(listener, 1) != 0) goto failed; + + if (getsockname(listener, (struct sockaddr *)&sock, &socklen) != 0) goto failed; + + if ((fd[1] = socket(PF_INET, SOCK_STREAM, 0)) == -1) goto failed; + + set_nonblocking(fd[1]); + + sock.sin_addr.s_addr = htonl(INADDR_LOOPBACK); + + if (connect(fd[1],(struct sockaddr *)&sock,sizeof(sock)) == -1) { + if (errno != EINPROGRESS) goto failed; + } else { + connect_done = 1; + } + + if ((fd[0] = accept(listener, (struct sockaddr *)&sock, &socklen)) == -1) goto failed; + + close(listener); + if (connect_done == 0) { + if (connect(fd[1],(struct sockaddr *)&sock,sizeof(sock)) != 0 + && errno != EISCONN) goto failed; + } + + set_blocking (fd[1]); + + /* all OK! */ + return 0; + + failed: + if (fd[0] != -1) close(fd[0]); + if (fd[1] != -1) close(fd[1]); + if (listener != -1) close(listener); + return -1; +} + + +/******************************************************************* +run a program on a local tcp socket, this is used to launch smbd +when regression testing +the return value is a socket which is attached to a subprocess +running "prog". stdin and stdout are attached. stderr is left +attached to the original stderr + ******************************************************************/ +int sock_exec(const char *prog) +{ + int fd[2]; + if (socketpair_tcp(fd) != 0) { + rprintf (FERROR, RSYNC_NAME + ": socketpair_tcp failed (%s)\n", + strerror(errno)); + return -1; + } + if (fork() == 0) { + close(fd[0]); + close(0); + close(1); + dup(fd[1]); + dup(fd[1]); + if (verbose > 3) + fprintf (stderr, + RSYNC_NAME ": execute socket program \"%s\"\n", + prog); + exit (system (prog)); + } + close (fd[1]); + return fd[0]; +} + + +