2 * Copyright (C) 2005-2007 Andre Noll <maan@systemlinux.org>
4 * Licensed under the GPL v2. For licencing details see COPYING.
7 /** \file net.c Networking-related helper functions. */
15 /** Information about one encrypted connection. */
17 /** Function used to decrypt received data. */
19 /** Function used to encrypt data to be sent. */
22 * Context-dependent data (crypt keys), passed verbatim to the above
27 /** Array holding per fd crypt data. */
28 static struct crypt_data
*crypt_data_array
;
29 /** Current size of the crypt data array. */
30 static unsigned cda_size
= 0;
33 * Activate encryption for one file descriptor.
35 * \param fd The file descriptor.
36 * \param recv_f The function used for decrypting received data.
37 * \param send_f The function used for encrypting before sending.
38 * \param private_data User data supplied by the caller.
40 void enable_crypt(int fd
, crypt_function
*recv_f
, crypt_function
*send_f
,
43 if (fd
+ 1 > cda_size
) {
44 crypt_data_array
= para_realloc(crypt_data_array
,
45 (fd
+ 1) * sizeof(struct crypt_data
));
46 memset(crypt_data_array
+ cda_size
, 0,
47 (fd
+ 1 - cda_size
) * sizeof(struct crypt_data
));
50 crypt_data_array
[fd
].recv
= recv_f
;
51 crypt_data_array
[fd
].send
= send_f
;
52 crypt_data_array
[fd
].private_data
= private_data
;
53 PARA_INFO_LOG("rc4 encryption activated for fd %d\n", fd
);
57 * Deactivate encryption for a given fd.
59 * \param fd The file descriptor.
61 * This must be called if and only if \p fd was activated via enable_crypt().
63 void disable_crypt(int fd
)
65 if (cda_size
< fd
+ 1)
67 crypt_data_array
[fd
].recv
= NULL
;
68 crypt_data_array
[fd
].send
= NULL
;
69 crypt_data_array
[fd
].private_data
= NULL
;
74 * Initialize a struct sockaddr_in.
76 * \param addr A pointer to the struct to be initialized.
77 * \param port The port number to use.
78 * \param he The address to use.
80 * If \a he is null (server mode), \a addr->sin_addr is initialized with \p
81 * INADDR_ANY. Otherwise, the address given by \a he is copied to addr.
83 void init_sockaddr(struct sockaddr_in
*addr
, int port
, const struct hostent
*he
)
86 addr
->sin_family
= AF_INET
;
87 /* short, network byte order */
88 addr
->sin_port
= htons(port
);
90 addr
->sin_addr
= *((struct in_addr
*)he
->h_addr
);
92 addr
->sin_addr
.s_addr
= INADDR_ANY
;
93 /* zero the rest of the struct */
94 memset(&addr
->sin_zero
, '\0', 8);
98 * Send out a buffer, resend on short writes.
100 * \param fd The file descriptor.
101 * \param buf The buffer to be sent.
102 * \param len The length of \a buf.
104 * \return Standard. In any case, the number of bytes actually sent is stored
107 static int sendall(int fd
, const char *buf
, size_t *len
)
113 while (*len
< total
) {
114 int ret
= send(fd
, buf
+ *len
, total
- *len
, 0);
116 return -ERRNO_TO_PARA_ERROR(errno
);
123 * Encrypt and send a binary buffer.
125 * \param fd The file descriptor.
126 * \param buf The buffer to be encrypted and sent.
127 * \param len The length of \a buf.
129 * Check if encryption is available. If yes, encrypt the given buffer. Send
130 * out the buffer, encrypted or not, and try to resend the remaing part in case
135 int send_bin_buffer(int fd
, const char *buf
, size_t len
)
138 crypt_function
*cf
= NULL
;
141 PARA_CRIT_LOG("%s", "len == 0\n");
142 if (fd
+ 1 <= cda_size
)
143 cf
= crypt_data_array
[fd
].send
;
145 void *private = crypt_data_array
[fd
].private_data
;
146 /* RC4 may write more than len to the output buffer */
147 unsigned char *outbuf
= para_malloc(ROUND_UP(len
, 8));
148 (*cf
)(len
, (unsigned char *)buf
, outbuf
, private);
149 ret
= sendall(fd
, (char *)outbuf
, &len
);
152 ret
= sendall(fd
, buf
, &len
);
157 * Encrypt and send null terminated buffer.
159 * \param fd The file descriptor.
160 * \param buf The null-terminated buffer to be send.
162 * This is equivalent to send_bin_buffer(fd, buf, strlen(buf)).
166 int send_buffer(int fd
, const char *buf
)
168 return send_bin_buffer(fd
, buf
, strlen(buf
));
173 * Send and encrypt a buffer given by a format string.
175 * \param fd The file descriptor.
176 * \param fmt A format string.
180 __printf_2_3
int send_va_buffer(int fd
, const char *fmt
, ...)
185 PARA_VSPRINTF(fmt
, msg
);
186 ret
= send_buffer(fd
, msg
);
192 * Receive and decrypt.
194 * \param fd The file descriptor.
195 * \param buf The buffer to write the decrypted data to.
196 * \param size The size of \a buf.
198 * Receive at most \a size bytes from file descriptor \a fd. If encryption is
199 * available, decrypt the received buffer.
201 * \return The number of bytes received on success, negative on errors.
205 __must_check
int recv_bin_buffer(int fd
, char *buf
, size_t size
)
208 crypt_function
*cf
= NULL
;
210 if (fd
+ 1 <= cda_size
)
211 cf
= crypt_data_array
[fd
].recv
;
213 unsigned char *tmp
= para_malloc(size
);
214 void *private = crypt_data_array
[fd
].private_data
;
215 n
= recv(fd
, tmp
, size
, 0);
218 unsigned char *b
= (unsigned char *)buf
;
219 (*cf
)(numbytes
, tmp
, b
, private);
223 n
= recv(fd
, buf
, size
, 0);
225 return -ERRNO_TO_PARA_ERROR(errno
);
230 * Receive, decrypt and write terminating NULL byte.
232 * \param fd The file descriptor.
233 * \param buf The buffer to write the decrypted data to.
234 * \param size The size of \a buf.
236 * Read and decrypt at most \a size - 1 bytes from file descriptor \a fd and
237 * write a NULL byte at the end of the received data.
239 * \return The return value of the underlying call to \a recv_bin_buffer().
241 * \sa recv_bin_buffer()
243 int recv_buffer(int fd
, char *buf
, size_t size
)
248 n
= recv_bin_buffer(fd
, buf
, size
- 1);
257 * wrapper around gethostbyname
259 * \param host hostname or IPv4 address
260 * \param ret the hostent structure is returned here
262 * \return positive on success, negative on errors. On success, \a ret
263 * contains the return value of the underlying gethostbyname() call.
265 * \sa gethostbyname(2)
267 int get_host_info(char *host
, struct hostent
**ret
)
269 PARA_INFO_LOG("getting host info of %s\n", host
);
270 /* FIXME: gethostbyname() is obsolete */
271 *ret
= gethostbyname(host
);
272 return *ret
? 1 : -E_HOST_INFO
;
276 * A wrapper around socket(2).
278 * \param domain The communication domain that selects the protocol family.
280 * \return The socket fd on success, -E_SOCKET on errors.
282 * Create an IPv4 socket for sequenced, reliable, two-way, connection-based
287 int get_stream_socket(int domain
)
291 if ((socket_fd
= socket(domain
, SOCK_STREAM
, 0)) == -1)
297 * Wrapper around the accept system call.
299 * \param fd The listening socket.
300 * \param addr Structure which is filled in with the address of the peer socket.
301 * \param size Should contain the size of the structure pointed to by \a addr.
303 * Accept incoming connections on \a addr. Retry if interrupted.
305 * \return The new file descriptor on success, negative on errors.
309 int para_accept(int fd
, void *addr
, socklen_t size
)
314 new_fd
= accept(fd
, (struct sockaddr
*) addr
, &size
);
315 while (new_fd
< 0 && errno
== EINTR
);
316 return new_fd
< 0? -ERRNO_TO_PARA_ERROR(errno
) : new_fd
;
319 static int setserversockopts(int socket_fd
)
323 if (setsockopt(socket_fd
, SOL_SOCKET
, SO_REUSEADDR
, &yes
,
325 return -E_SETSOCKOPT
;
330 * prepare a structure for \p AF_UNIX socket addresses
332 * \param u pointer to the struct to be prepared
333 * \param name the socket pathname
335 * This just copies \a name to the sun_path component of \a u.
337 * \return Positive on success, \p -E_NAME_TOO_LONG if \a name is longer
338 * than \p UNIX_PATH_MAX.
340 int init_unix_addr(struct sockaddr_un
*u
, const char *name
)
342 if (strlen(name
) >= UNIX_PATH_MAX
)
343 return -E_NAME_TOO_LONG
;
344 memset(u
->sun_path
, 0, UNIX_PATH_MAX
);
345 u
->sun_family
= PF_UNIX
;
346 strcpy(u
->sun_path
, name
);
351 * Prepare, create, and bind a socket for local communication.
353 * \param name The socket pathname.
354 * \param unix_addr Pointer to the \p AF_UNIX socket structure.
355 * \param mode The desired mode of the socket.
357 * This functions creates a local socket for sequenced, reliable,
358 * two-way, connection-based byte streams.
360 * \return The file descriptor, on success, negative on errors.
366 int create_local_socket(const char *name
, struct sockaddr_un
*unix_addr
,
371 ret
= init_unix_addr(unix_addr
, name
);
374 fd
= socket(PF_UNIX
, SOCK_STREAM
, 0);
378 if (bind(fd
, (struct sockaddr
*) unix_addr
, UNIX_PATH_MAX
) < 0)
381 if (chmod(name
, mode
) < 0)
390 ssize_t
send_cred_buffer(int sock
, char *buf
)
392 return send_buffer(sock
, buf
);
394 int recv_cred_buffer(int fd
, char *buf
, size_t size
)
396 return recv_buffer(fd
, buf
, size
) > 0? 1 : -E_RECVMSG
;
398 #else /* HAVE_UCRED */
400 * send NULL terminated buffer and Unix credentials of the current process
402 * \param sock the socket file descriptor
403 * \param buf the buffer to be sent
405 * \return On success, this call returns the number of characters sent. On
406 * error, \p -E_SENDMSG is returned.
408 * \sa okir's Black Hats Manual
411 ssize_t
send_cred_buffer(int sock
, char *buf
)
413 char control
[sizeof(struct cmsghdr
) + 10];
415 struct cmsghdr
*cmsg
;
416 static struct iovec iov
;
422 iov
.iov_len
= strlen(buf
);
426 /* compose the message */
427 memset(&msg
, 0, sizeof(msg
));
430 msg
.msg_control
= control
;
431 msg
.msg_controllen
= sizeof(control
);
432 /* attach the ucred struct */
433 cmsg
= CMSG_FIRSTHDR(&msg
);
434 cmsg
->cmsg_level
= SOL_SOCKET
;
435 cmsg
->cmsg_type
= SCM_CREDENTIALS
;
436 cmsg
->cmsg_len
= CMSG_LEN(sizeof(struct ucred
));
437 *(struct ucred
*)CMSG_DATA(cmsg
) = c
;
438 msg
.msg_controllen
= cmsg
->cmsg_len
;
439 ret
= sendmsg(sock
, &msg
, 0);
445 static void dispose_fds(int *fds
, unsigned num
)
449 for (i
= 0; i
< num
; i
++)
454 * receive a buffer and the Unix credentials of the sending process
456 * \param fd the socket file descriptor
457 * \param buf the buffer to store the message
458 * \param size the size of \a buffer
460 * \return negative on errors, the user id on success.
462 * \sa okir's Black Hats Manual
465 int recv_cred_buffer(int fd
, char *buf
, size_t size
)
469 struct cmsghdr
*cmsg
;
475 setsockopt(fd
, SOL_SOCKET
, SO_PASSCRED
, &yes
, sizeof(int));
476 memset(&msg
, 0, sizeof(msg
));
477 memset(buf
, 0, size
);
482 msg
.msg_control
= control
;
483 msg
.msg_controllen
= sizeof(control
);
484 if (recvmsg(fd
, &msg
, 0) < 0)
486 result
= -E_SCM_CREDENTIALS
;
487 cmsg
= CMSG_FIRSTHDR(&msg
);
489 if (cmsg
->cmsg_level
== SOL_SOCKET
&& cmsg
->cmsg_type
490 == SCM_CREDENTIALS
) {
491 memcpy(&cred
, CMSG_DATA(cmsg
), sizeof(struct ucred
));
494 if (cmsg
->cmsg_level
== SOL_SOCKET
495 && cmsg
->cmsg_type
== SCM_RIGHTS
) {
496 dispose_fds((int *) CMSG_DATA(cmsg
),
497 (cmsg
->cmsg_len
- CMSG_LEN(0))
500 cmsg
= CMSG_NXTHDR(&msg
, cmsg
);
504 #endif /* HAVE_UCRED */
506 /** how many pending connections queue will hold */
510 * create a socket, bind it and listen
512 * \param port the tcp port to listen on
514 * \return The file descriptor of the created socket, negative
517 * \sa get_stream_socket()
522 int init_tcp_socket(int port
)
524 struct sockaddr_in my_addr
;
525 int fd
, ret
= get_stream_socket(AF_INET
);
530 ret
= setserversockopts(fd
);
533 init_sockaddr(&my_addr
, port
, NULL
);
535 if (bind(fd
, (struct sockaddr
*)&my_addr
,
536 sizeof(struct sockaddr
)) == -1) {
537 PARA_CRIT_LOG("bind error: %s\n", strerror(errno
));
541 if (listen(fd
, BACKLOG
) == -1)
543 PARA_INFO_LOG("listening on port %d, fd %d\n", port
, fd
);
551 * receive a buffer and check for a pattern
553 * \param fd the file descriptor to receive from
554 * \param pattern the expected pattern
555 * \param bufsize the size of the internal buffer
557 * \return Positive if \a pattern was received, negative otherwise.
559 * This function creates a buffer of size \a bufsize and tries
560 * to receive at most \a bufsize bytes from file descriptor \a fd.
561 * If at least \p strlen(\a pattern) bytes were received, the beginning of
562 * the received buffer is compared with \a pattern, ignoring case.
567 int recv_pattern(int fd
, const char *pattern
, size_t bufsize
)
569 size_t len
= strlen(pattern
);
570 char *buf
= para_malloc(bufsize
+ 1);
571 int ret
= -E_RECV_PATTERN
, n
= recv_buffer(fd
, buf
, bufsize
);
575 if (strncasecmp(buf
, pattern
, len
))
580 PARA_NOTICE_LOG("n = %d, did not receive pattern '%s'\n", n
, pattern
);
582 PARA_NOTICE_LOG("recvd: %s\n", buf
);