/*
- * Copyright (C) 2005-2007 Andre Noll <maan@systemlinux.org>
+ * Copyright (C) 2005-2009 Andre Noll <maan@systemlinux.org>
*
* Licensed under the GPL v2. For licencing details see COPYING.
*/
/** \file net.c Networking-related helper functions. */
+/*
+ * Since glibc 2.8, the _GNU_SOURCE feature test macro must be defined in order
+ * to obtain the definition of the ucred structure.
+ */
+#define _GNU_SOURCE
+
#include <netdb.h>
/* At least NetBSD needs these. */
#define AI_ADDRCONFIG 0
#endif
+#include <dirent.h>
+#include <regex.h>
#include "para.h"
#include "error.h"
#include "net.h"
#include "string.h"
+#include "fd.h"
/** Information about one encrypted connection. */
crypt_data_array[fd].private_data = NULL;
}
+/**
+ * Parse and validate IPv4 address/netmask string.
+ *
+ * \param cidr Address in CIDR notation
+ * \param addr Copy of the IPv4 address part of \a cidr
+ * \param addrlen Size of \a addr in bytes
+ * \param netmask Value of the netmask part in \a cidr or the
+ * default of 32 if not specified.
+ *
+ * \return Pointer to \a addr if succesful, NULL on error.
+ * \sa RFC 4632
+ */
+char *parse_cidr(const char *cidr,
+ char *addr, ssize_t addrlen,
+ int32_t *netmask)
+{
+ const char *o = cidr;
+ char *c = addr, *end = c + (addrlen - 1);
+
+ *netmask = 0x20;
+
+ if (cidr == NULL || addrlen < 1)
+ goto failed;
+
+ for (o = cidr; (*c = *o == '/'? '\0' : *o); c++, o++)
+ if (c == end)
+ goto failed;
+
+ if (*o == '/')
+ if (para_atoi32(++o, netmask) < 0 ||
+ *netmask < 0 || *netmask > 0x20)
+ goto failed;
+
+ if (is_valid_ipv4_address(addr))
+ return addr;
+failed:
+ *addr = '\0';
+ return NULL;
+}
+
+
+/**
+ * Match string as a candidate IPv4 address.
+ *
+ * \param address The string to match.
+ * \return True if \a address has "dot-quad" format.
+ */
+static bool is_v4_dot_quad(const char *address)
+{
+ bool result;
+ regex_t r;
+
+ assert(!regcomp(&r, "^([0-9]+\\.){3}[0-9]+$", REG_EXTENDED|REG_NOSUB));
+ result = regexec(&r, address, 0, NULL, 0) == 0;
+ regfree(&r);
+ return result;
+}
+
+/**
+ * Perform basic syntax checking on the host-part of an URL:
+ *
+ * - Since ':' is invalid in IPv4 addresses and DNS names, the
+ * presence of ':' causes interpretation as IPv6 address;
+ * - next the first-match-wins algorithm from RFC 3986 is applied;
+ * - else the string is considered as DNS name, to be resolved later.
+ *
+ * \param host The host string to check.
+ * \return True if \a host passes the syntax checks.
+ *
+ * \sa RFC 3986, 3.2.2; RFC 1123, 2.1; RFC 1034, 3.5
+ */
+static bool host_string_ok(const char *host)
+{
+ if (host == NULL || *host == '\0')
+ return false;
+ if (strchr(host, ':') != NULL)
+ return is_valid_ipv6_address(host);
+ if (is_v4_dot_quad(host))
+ return is_valid_ipv4_address(host);
+ return true;
+}
+
+/**
+ * Parse and validate URL string.
+ *
+ * The URL syntax is loosely based on RFC 3986, supporting one of
+ * - "["host"]"[:port] for native IPv6 addresses and
+ * - host[:port] for IPv4 hostnames and DNS names.
+ *
+ * Native IPv6 addresses must be enclosed in square brackets, since
+ * otherwise there is an ambiguity with the port separator `:'.
+ * The 'port' part is always considered to be a number; if absent,
+ * it is set to -1, to indicate that a default port is to be used.
+ *
+ * The following are valid examples:
+ * - 10.10.1.1
+ * - 10.10.1.2:8000
+ * - localhost
+ * - localhost:8001
+ * - [::1]:8000
+ * - [badc0de::1]
+ *
+ * \param url The URL string to take apart.
+ * \param host To return the copied host part of \a url.
+ * \param hostlen The maximum length of \a host.
+ * \param port To return the port number (if any) of \a url.
+ *
+ * \return Pointer to \a host, or NULL if failed.
+ * If NULL is returned, \a host and \a portnum are undefined. If no
+ * port number was present in \a url, \a portnum is set to -1.
+ *
+ * \sa RFC 3986, 3.2.2/3.2.3
+ */
+char *parse_url(const char *url,
+ char *host, ssize_t hostlen,
+ int32_t *port)
+{
+ const char *o = url;
+ char *c = host, *end = c + (hostlen - 1);
+
+ *port = -1;
+
+ if (o == NULL || hostlen < 1)
+ goto failed;
+
+ if (*o == '[') {
+ for (++o; (*c = *o == ']' ? '\0' : *o); c++, o++)
+ if (c == end)
+ goto failed;
+
+ if (*o++ != ']' || (*o != '\0' && *o != ':'))
+ goto failed;
+ } else {
+ for (; (*c = *o == ':'? '\0' : *o); c++, o++)
+ if (c == end)
+ goto failed;
+ }
+
+ if (*o == ':')
+ if (para_atoi32(++o, port) < 0 ||
+ *port < 0 || *port > 0xffff)
+ goto failed;
+
+ if (host_string_ok(host))
+ return host;
+failed:
+ *host = '\0';
+ return NULL;
+}
/**
* Determine the socket type for a given layer-4 protocol.
{
struct addrinfo *local = NULL, *src,
*remote = NULL, *dst, hints;
- char *port = make_message("%u", port_number);
int rc, on = 1, sockfd = -1,
socktype = sock_type(l4type);
+ char port[6]; /* port number has at most 5 digits */
+ sprintf(port, "%u", port_number);
/* Set up address hint structure */
memset(&hints, 0, sizeof(hints));
hints.ai_family = l3type;
- /* getaddrinfo does not really work well with SOCK_DCCP */
- if (socktype == SOCK_DGRAM || socktype == SOCK_STREAM)
- hints.ai_socktype = socktype;
+ hints.ai_socktype = socktype;
+ /*
+ * getaddrinfo does not support SOCK_DCCP, so for the sake of lookup
+ * (and only then) pretend to be UDP.
+ */
+ if (l4type == IPPROTO_DCCP)
+ hints.ai_socktype = SOCK_DGRAM;
/* only use addresses available on the host */
hints.ai_flags = AI_ADDRCONFIG;
if ((rc = getaddrinfo(host, port, &hints, passive ? &local : &remote))) {
PARA_ERROR_LOG("can not resolve %s address %s#%s: %s.\n",
layer4_name(l4type),
- host? : (passive? "[loopback]" : "[localhost]"),
+ host? host : (passive? "[loopback]" : "[localhost]"),
port, gai_strerror(rc));
return -E_ADDRESS_LOOKUP;
}
if (src == NULL && dst == NULL) {
PARA_ERROR_LOG("can not create %s socket %s#%s.\n",
- layer4_name(l4type), host? : (passive?
+ layer4_name(l4type), host? host : (passive?
"[loopback]" : "[localhost]"), port);
return -ERRNO_TO_PARA_ERROR(errno);
}
*
* \sa getnameinfo(3).
*/
-char *host_and_port(struct sockaddr *sa, socklen_t len)
+static char *host_and_port(struct sockaddr *sa, socklen_t len)
{
static char output[NI_MAXHOST + NI_MAXSERV + 2];
char hbuf[NI_MAXHOST], sbuf[NI_MAXSERV];
ret = getnameinfo(sa, len, hbuf, sizeof(hbuf), sbuf, sizeof(sbuf),
NI_NUMERICHOST | NI_NUMERICSERV);
- if (ret) {
- PARA_WARNING_LOG("hostname lookup error (%s).\n", gai_strerror(ret));
+ if (ret) {
+ PARA_WARNING_LOG("hostname lookup error (%s).\n",
+ gai_strerror(ret));
sprintf(output, "(unknown)");
- } else {
+ } else
sprintf(output, "%s#%s", hbuf, sbuf);
- }
return output;
}
return host_and_port((struct sockaddr *)&ss, sslen);
}
-char *local_name(int sockfd)
+/**
+ * Look up the local side of a connected socket structure.
+ *
+ * \param sockfd The file descriptor of the socket.
+ *
+ * \return A pointer to a static buffer containing hostname an port. This
+ * buffer must not be freed by the caller.
+ *
+ * \sa remote_name().
+ */
+char *local_name(int sockfd)
{
return __get_sock_name(sockfd, getsockname);
}
+/**
+ * Look up the remote side of a connected socket structure.
+ *
+ * \param sockfd The file descriptor of the socket.
+ *
+ * \return Analogous to the return value of \ref local_name() but for the
+ * remote side.
+ *
+ * \sa local_name().
+ */
char *remote_name(int sockfd)
{
return __get_sock_name(sockfd, getpeername);
}
-/*
- * Send out a buffer, resend on short writes.
- *
- * \param fd The file descriptor.
- * \param buf The buffer to be sent.
- * \param len The length of \a buf.
+/**
+ * Extract IPv4 or IPv6-mapped-IPv4 address from sockaddr_storage.
+ * \param ss Container of IPv4/6 address
+ * \return Extracted IPv4 address (different from 0) or 0 if unsuccessful.
*
- * \return Standard. In any case, the number of bytes actually sent is stored
- * in \a len.
+ * \sa RFC 3493
*/
-static int sendall(int fd, const char *buf, size_t *len)
+struct in_addr extract_v4_addr(const struct sockaddr_storage *ss)
{
- size_t total = *len;
+ struct in_addr ia = {.s_addr = 0};
- assert(total);
- *len = 0;
- while (*len < total) {
- int ret = send(fd, buf + *len, total - *len, 0);
- if (ret == -1)
- return -ERRNO_TO_PARA_ERROR(errno);
- *len += ret;
+ if (ss->ss_family == AF_INET)
+ ia.s_addr = ((struct sockaddr_in *)ss)->sin_addr.s_addr;
+ if (ss->ss_family == AF_INET6) {
+ const struct in6_addr v6_addr = ((struct sockaddr_in6 *)ss)->sin6_addr;
+
+ if (IN6_IS_ADDR_V4MAPPED(&v6_addr))
+ memcpy(&ia.s_addr, &(v6_addr.s6_addr[12]), 4);
}
- return 1;
+ return ia;
}
/**
* \param len The length of \a buf.
*
* Check if encryption is available. If yes, encrypt the given buffer. Send
- * out the buffer, encrypted or not, and try to resend the remaing part in case
- * of short writes.
+ * out the buffer, encrypted or not, and try to resend the remaining part in
+ * case of short writes.
*
* \return Standard.
*/
crypt_function *cf = NULL;
if (!len)
- PARA_CRIT_LOG("%s", "len == 0\n");
+ PARA_CRIT_LOG("len == 0\n");
if (fd + 1 <= cda_size)
cf = crypt_data_array[fd].send;
if (cf) {
/* RC4 may write more than len to the output buffer */
unsigned char *outbuf = para_malloc(ROUND_UP(len, 8));
(*cf)(len, (unsigned char *)buf, outbuf, private);
- ret = sendall(fd, (char *)outbuf, &len);
+ ret = write_all(fd, (char *)outbuf, &len);
free(outbuf);
} else
- ret = sendall(fd, buf, &len);
+ ret = write_all(fd, buf, &len);
return ret;
}
*/
ssize_t send_cred_buffer(int sock, char *buf)
{
- char control[sizeof(struct cmsghdr) + 10];
+ char control[sizeof(struct cmsghdr) + sizeof(struct ucred)];
struct msghdr msg;
struct cmsghdr *cmsg;
static struct iovec iov;
*
* \return Positive if \a pattern was received, negative otherwise.
*
- * This function creates a buffer of size \a bufsize and tries
- * to receive at most \a bufsize bytes from file descriptor \a fd.
- * If at least \p strlen(\a pattern) bytes were received, the beginning of
- * the received buffer is compared with \a pattern, ignoring case.
+ * This function tries to receive at most \a bufsize bytes from file descriptor
+ * \a fd. If at least \p strlen(\a pattern) bytes were received, the beginning
+ * of the received buffer is compared with \a pattern, ignoring case.
*
* \sa recv_buffer(), \sa strncasecmp(3).
*/
{
size_t len = strlen(pattern);
char *buf = para_malloc(bufsize + 1);
- int ret = -E_RECV_PATTERN, n = recv_buffer(fd, buf, bufsize);
+ int ret = -E_RECV_PATTERN, n = recv_buffer(fd, buf, bufsize + 1);
if (n < len)
goto out;