X-Git-Url: https://mattmccutchen.net/rsync/rsync.git/blobdiff_plain/ff8b29b8c62f377ede40fbf0cbbaa428bd8df60a..27d3cdbc943a57d64f4f2a35a4f1e1b15d9ca41f:/socket.c diff --git a/socket.c b/socket.c index 5ee31f6d..15d991b4 100644 --- a/socket.c +++ b/socket.c @@ -54,6 +54,8 @@ int open_socket_out(char *host, int port) return -1; } + set_nonblocking(res); + return res; } @@ -81,7 +83,7 @@ static int open_socket_in(int type, int port) return -1; } - bzero((char *)&sock,sizeof(sock)); + memset((char *)&sock,0,sizeof(sock)); memcpy((char *)&sock.sin_addr,(char *)hp->h_addr, hp->h_length); sock.sin_port = htons(port); sock.sin_family = hp->h_addrtype; @@ -110,9 +112,9 @@ determine if a file descriptor is in fact a socket ****************************************************************************/ int is_a_socket(int fd) { - int v,l; - l = sizeof(int); - return(getsockopt(fd, SOL_SOCKET, SO_TYPE, (char *)&v, &l) == 0); + int v,l; + l = sizeof(int); + return(getsockopt(fd, SOL_SOCKET, SO_TYPE, (char *)&v, &l) == 0); } @@ -120,17 +122,15 @@ void start_accept_loop(int port, int (*fn)(int )) { int s; - signal(SIGCLD, SIG_IGN); - /* open an incoming socket */ s = open_socket_in(SOCK_STREAM, port); if (s == -1) - exit(1); + exit_cleanup(1); /* ready to listen */ if (listen(s, 5) == -1) { close(s); - exit(1); + exit_cleanup(1); } @@ -155,9 +155,20 @@ void start_accept_loop(int port, int (*fn)(int )) if (fd == -1) continue; + signal(SIGCHLD, SIG_IGN); + + /* we shouldn't have any children left hanging around + but I have had reports that on Digital Unix zombies + are produced, so this ensures that they are reaped */ +#ifdef WNOHANG + waitpid(-1, NULL, WNOHANG); +#endif + if (fork()==0) { close(s); + set_nonblocking(fd); + _exit(fn(fd)); } @@ -216,6 +227,8 @@ set user socket options void set_socket_options(int fd, char *options) { char *tok; + if (!options || !*options) return; + options = strdup(options); if (!options) out_of_memory("set_socket_options"); @@ -272,27 +285,30 @@ become a daemon, discarding the controlling terminal ****************************************************************************/ void become_daemon(void) { - if (fork()) + int i; + + if (fork()) { _exit(0); + } /* detach from the terminal */ #ifdef HAVE_SETSID setsid(); #else #ifdef TIOCNOTTY - { - int i = open("/dev/tty", O_RDWR); - if (i >= 0) - { - ioctl(i, (int) TIOCNOTTY, (char *)0); - close(i); - } + i = open("/dev/tty", O_RDWR); + if (i >= 0) { + ioctl(i, (int) TIOCNOTTY, (char *)0); + close(i); } #endif /* TIOCNOTTY */ #endif - close(0); - close(1); - close(2); + /* make sure that stdin, stdout an stderr don't stuff things + up (library functions, for example) */ + for (i=0;i<3;i++) { + close(i); + open("/dev/null", O_RDWR); + } } /******************************************************************* @@ -304,13 +320,17 @@ char *client_addr(int fd) struct sockaddr_in *sockin = (struct sockaddr_in *) (&sa); int length = sizeof(sa); static char addr_buf[100]; + static int initialised; + + if (initialised) return addr_buf; + + initialised = 1; if (getpeername(fd, &sa, &length)) { - exit(1); + exit_cleanup(1); } - + strlcpy(addr_buf,(char *)inet_ntoa(sockin->sin_addr), sizeof(addr_buf)-1); - return addr_buf; } @@ -325,11 +345,18 @@ char *client_name(int fd) int length = sizeof(sa); static char name_buf[100]; struct hostent *hp; + char **p; + char *def = "UNKNOWN"; + static int initialised; - strcpy(name_buf,"UNKNOWN"); + if (initialised) return name_buf; + + initialised = 1; + + strcpy(name_buf,def); if (getpeername(fd, &sa, &length)) { - exit(1); + exit_cleanup(1); } /* Look up the remote host name. */ @@ -339,5 +366,23 @@ char *client_name(int fd) strlcpy(name_buf,(char *)hp->h_name,sizeof(name_buf) - 1); } + + /* do a forward lookup as well to prevent spoofing */ + hp = gethostbyname(name_buf); + if (!hp) { + strcpy(name_buf,def); + rprintf(FERROR,"reverse name lookup failed\n"); + } else { + for (p=hp->h_addr_list;*p;p++) { + if (memcmp(*p, &sockin->sin_addr, hp->h_length) == 0) { + break; + } + } + if (!*p) { + strcpy(name_buf,def); + rprintf(FERROR,"reverse name lookup mismatch - spoofed address?\n"); + } + } + return name_buf; }