Implement access control for the dccp sender.
[paraslash.git] / dccp_send.c
1 /*
2 * Copyright (C) 2006-2008 Andre Noll <maan@systemlinux.org>
3 *
4 * Licensed under the GPL v2. For licencing details see COPYING.
5 */
6
7 /** \file dccp_send.c paraslash's dccp sender */
8
9 /*
10 * based on server.c of dccp-cs-0.01.tar.bz2,
11 * (C) 2005 Ian McDonald <imcdnzl@gmail.com>
12 */
13
14 #include <sys/types.h>
15 #include <dirent.h>
16
17 #include "para.h"
18 #include "error.h"
19 #include "string.h"
20 #include "afh.h"
21 #include "afs.h"
22 #include "server.h"
23 #include "net.h"
24 #include "list.h"
25 #include "vss.h"
26 #include "send.h"
27 #include "fd.h"
28 #include "close_on_fork.h"
29 #include "chunk_queue.h"
30 #include "server.cmdline.h"
31 #include "acl.h"
32
33 /** the list of connected clients **/
34 static struct list_head clients;
35 /** The whitelist/blacklist. */
36 static struct list_head dccp_acl;
37 static int listen_fd = -1;
38
39 /** Maximal number of bytes in a chunk queue. */
40 #define DCCP_MAX_PENDING_BYTES 40000
41
42 /** Do not write more than that many bytes at once. */
43 #define DCCP_MAX_BYTES_PER_WRITE 1024
44
45 static void dccp_pre_select(int *max_fileno, fd_set *rfds,
46 __a_unused fd_set *wfds)
47 {
48 if (listen_fd >= 0)
49 para_fd_set(listen_fd, rfds, max_fileno);
50 }
51
52 static void dccp_post_select(fd_set *rfds, __a_unused fd_set *wfds)
53 {
54 struct sender_client *sc;
55 int ret, fd;
56
57 if (listen_fd < 0 || !FD_ISSET(listen_fd, rfds))
58 return;
59 ret = para_accept(listen_fd, NULL, 0);
60 if (ret < 0) {
61 PARA_ERROR_LOG("%s\n", para_strerror(-ret));
62 return;
63 }
64 fd = ret;
65 /*
66 * Bypass unused CCID paths: the sender does not receive application data
67 * from the client; by shutting down this unused communication path we can
68 * reduce processing costs a bit. See analogous comment in dccp_recv.c.
69 */
70 if (shutdown(fd, SHUT_RD) < 0) {
71 ret = -ERRNO_TO_PARA_ERROR(errno);
72 goto err;
73 }
74 ret = mark_fd_nonblocking(fd);
75 if (ret < 0)
76 goto err;
77 ret = acl_check_access(fd, &dccp_acl, conf.dccp_default_deny_given);
78 if (ret < 0)
79 goto err;
80 sc = para_calloc(sizeof(*sc));
81 sc->fd = fd;
82 sc->name = make_message("%s", remote_name(sc->fd));
83 PARA_NOTICE_LOG("connection from %s\n", sc->name);
84 para_list_add(&sc->node, &clients);
85 add_close_on_fork_list(sc->fd);
86 sc->cq = cq_new(DCCP_MAX_PENDING_BYTES);
87 return;
88 err:
89 PARA_ERROR_LOG("%s\n", para_strerror(-ret));
90 close(fd);
91 }
92
93 static void dccp_send(long unsigned current_chunk,
94 __a_unused long unsigned chunks_sent, const char *buf, size_t len)
95 {
96 struct sender_client *sc, *tmp;
97
98 list_for_each_entry_safe(sc, tmp, &clients, node)
99 send_chunk(sc, DCCP_MAX_BYTES_PER_WRITE, current_chunk, buf,
100 len);
101 }
102
103 static void dccp_shutdown_clients(void)
104 {
105 struct sender_client *sc, *tmp;
106
107 list_for_each_entry_safe(sc, tmp, &clients, node)
108 shutdown_client(sc);
109 }
110
111 static int dccp_com_deny(struct sender_command_data *scd)
112 {
113 acl_deny(scd->addr, scd->netmask, &dccp_acl,
114 conf.dccp_default_deny_given);
115 return 1;
116 }
117
118 static int dccp_com_allow(struct sender_command_data *scd)
119 {
120 acl_allow(scd->addr, scd->netmask, &dccp_acl,
121 conf.dccp_default_deny_given);
122 return 1;
123 }
124
125 static char *dccp_info(void)
126 {
127 int num_clients = 0;
128 struct sender_client *sc, *tmp;
129
130 list_for_each_entry_safe(sc, tmp, &clients, node)
131 num_clients++;
132 return make_message("dccp connected clients: %d\n", num_clients);
133 }
134
135 static char *dccp_help(void)
136 {
137 return make_message("no help available\n");
138 }
139
140 /**
141 * The init function of the dccp sender.
142 *
143 * \param s pointer to the dccp sender struct.
144 *
145 * It initializes all function pointers of \a s and starts
146 * listening on the given port.
147 */
148 void dccp_send_init(struct sender *s)
149 {
150 int ret;
151
152 INIT_LIST_HEAD(&clients);
153 s->info = dccp_info;
154 s->send = dccp_send;
155 s->pre_select = dccp_pre_select;
156 s->post_select = dccp_post_select;
157 s->shutdown_clients = dccp_shutdown_clients;
158 s->help = dccp_help;
159 s->client_cmds[SENDER_ON] = NULL;
160 s->client_cmds[SENDER_OFF] = NULL;
161 s->client_cmds[SENDER_DENY] = dccp_com_deny;
162 s->client_cmds[SENDER_ALLOW] = dccp_com_allow;
163 s->client_cmds[SENDER_ADD] = NULL;
164 s->client_cmds[SENDER_DELETE] = NULL;
165 acl_init(&dccp_acl, conf.dccp_access_arg, conf.dccp_access_given);
166 ret = open_sender(IPPROTO_DCCP, conf.dccp_port_arg);
167 if (ret < 0)
168 PARA_ERROR_LOG("%s\n", para_strerror(-ret));
169 else
170 listen_fd = ret;
171 }