[paraslash.git] / net.c

/*
 * Copyright (C) 2005-2006 Andre Noll <maan@systemlinux.org>
 *
 *     This program is free software; you can redistribute it and/or modify
 *     it under the terms of the GNU General Public License as published by
 *     the Free Software Foundation; either version 2 of the License, or
 *     (at your option) any later version.
 *
 *     This program is distributed in the hope that it will be useful,
 *     but WITHOUT ANY WARRANTY; without even the implied warranty of
 *     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *     GNU General Public License for more details.
 *
 *     You should have received a copy of the GNU General Public License
 *     along with this program; if not, write to the Free Software
 *     Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111, USA.
 */

/** \file net.c networking-related helper functions */

#include "para.h"
#include "net.h"
#include "string.h"
#include "error.h"

static crypt_function **crypt_functions;
static unsigned max_crypt_fd;

void enable_crypt(int fd, crypt_function *recv, crypt_function *send)
{
        if (max_crypt_fd < fd) {
                crypt_functions = para_realloc(crypt_functions,
                        2 * (fd + 1) * sizeof(crypt_function*));
                max_crypt_fd = fd;
        }
        crypt_functions[2 * fd] = recv;
        crypt_functions[2 * fd + 1] = send;
        PARA_INFO_LOG("rc4 encryption activated for fd %d\n", fd);
}

void disable_crypt(int fd)
{
        crypt_functions[2 * fd] = NULL;
        crypt_functions[2 * fd + 1] = NULL;
}


/**
 * initialize a struct sockaddr_in
 * @param addr A pointer to the struct to be initialized
 * @param port The port number to use
 * @param he The address to use
 *
 * If \a he is null (server mode), \a addr->sin_addr is initialized with \p INADDR_ANY.
 * Otherwise, the address given by \a he is copied to addr.
 */
void init_sockaddr(struct sockaddr_in *addr, int port, const struct hostent *he)
{
        /* host byte order */
        addr->sin_family = AF_INET;
        /* short, network byte order */
        addr->sin_port = htons(port);
        if (he)
                addr->sin_addr = *((struct in_addr *)he->h_addr);
        else
                addr->sin_addr.s_addr = INADDR_ANY;
        /* zero the rest of the struct */
        memset(&addr->sin_zero, '\0', 8);
}

/*
 * send out a buffer, resend on short writes
 * @param fd the file descriptor
 * @param buf The buffer to be sent
 * @len The length of \a buf
 *
 * Due to circumstances beyond your control, the kernel might not send all the
 * data out in one chunk, and now, my friend, it's up to us to get the data out
 * there (Beej's Guide to Network Programming).
 */
static int sendall(int fd, const char *buf, size_t *len)
{
        int total = 0;        /* how many bytes we've sent */
        int bytesleft = *len; /* how many we have left to send */
        int n = -1;

        while (total < *len) {
                n = send(fd, buf + total, bytesleft, 0);
                if (n == -1)
                        break;
                total += n;
                bytesleft -= n;
                if (total < *len)
                        PARA_DEBUG_LOG("short write (%zd byte(s) left)",
                                *len - total);
        }
        *len = total; /* return number actually sent here */
        return n == -1? -E_SEND : 1; /* return 1 on success */
}

/**
 * encrypt and send buffer
 * @param fd:  the file descriptor
 * @param buf the buffer to be encrypted and sent
 * @param len the length of \a buf
 *
 * Check if encrytion is available. If yes, encrypt the given buffer.  Send out
 * the buffer, encrypted or not, and try to resend the remaing part in case of
 * short writes.
 *
 * @return Positive on success, \p -E_SEND on errors.
 */
int send_bin_buffer(int fd, const char *buf, size_t len)
{
        int ret;
        crypt_function *cf = NULL;

        if (fd <= max_crypt_fd)
                cf = crypt_functions[2 * fd + 1];

        if (!len)
                PARA_CRIT_LOG("%s", "len == 0\n");
        if (cf) {
                unsigned char *outbuf = para_malloc(len);
                (*cf)(len, (unsigned char *)buf, outbuf);
                ret = sendall(fd, (char *)outbuf, &len);
                free(outbuf);
        } else
                ret = sendall(fd, buf, &len);
        return ret;
}

/**
 * encrypt and send null terminated buffer.
 * @param fd the file descriptor
 * @param buf the null-terminated buffer to be send
 *
 * This is equivalent to send_bin_buffer(fd, buf, strlen(buf)).
 *
 * @return Positive on success, \p -E_SEND on errors.
 */
int send_buffer(int fd, const char *buf)
{
        return send_bin_buffer(fd, buf, strlen(buf));
}


/**
 * send and encrypt a buffer given by a format string
 * @param fd the file descriptor
 * @param fmt a format string
 *
 * @return Positive on success, \p -E_SEND on errors.
 */
__printf_2_3 int send_va_buffer(int fd, const char *fmt, ...)
{
        char *msg;
        int ret;

        PARA_VSPRINTF(fmt, msg);
        ret = send_buffer(fd, msg);
        free(msg);
        return ret;
}

/**
 * receive and decrypt.
 *
 * @param fd the file descriptor
 * @param buf the buffer to write the decrypted data to
 * @param size the size of @param buf
 *
 * Receive at most \a size bytes from filedescriptor fd. If encrytion is
 * available, decrypt the received buffer.
 *
 * @return the number of bytes received on success. On receive errors, -E_RECV
 * is returned. On crypt errors, the corresponding crypt error number is
 * returned.
 * \sa recv(2)
 */
__must_check int recv_bin_buffer(int fd, char *buf, ssize_t size)
{
        int n;
        crypt_function *cf = NULL;

        if (fd <= max_crypt_fd)
                cf = crypt_functions[2 * fd];
        if (cf) {
                unsigned char *tmp = para_malloc(size);
                n = recv(fd, tmp, size, 0);
                if (n > 0)
                        (*cf)(n, tmp, (unsigned char *)buf);
                free(tmp);
        } else
                n = recv(fd, buf, size, 0);
        if (n == -1)
                n = -E_RECV;
        return n;
}

/**
 * receive, decrypt and write terminating NULL byte
 *
 * @param fd the file descriptor
 * @param buf the buffer to write the decrypted data to
 * @param size the size of \a buf
 *
 * Read and decrypt at most size - 1 bytes from file descriptor \a fd and write
 * a NULL byte at the end of the received data.
 *
*/
int recv_buffer(int fd, char *buf, ssize_t size)
{
        int n;

        n = recv_bin_buffer(fd, buf, size - 1);
        if (n >= 0)
                buf[n] = '\0';
        else
                *buf = '\0';
        return n;
}

/**
 * wrapper around gethostbyname
 *
 * @param host hostname or IPv4 address
 * \return The hostent structure or a NULL pointer if an error occurs
 * \sa gethostbyname(2)
 */
int get_host_info(char *host, struct hostent **ret)
{
        PARA_INFO_LOG("getting host info of %s\n", host);
        /* FIXME: gethostbyname() is obsolete */
        *ret = gethostbyname(host);
        return *ret? 1 : -E_HOST_INFO;
}

/**
 * a wrapper around socket(2)
 *
 * Create an IPv4 socket for sequenced, reliable, two-way, connection-based
 * byte streams.
 *
 * @return The socket fd on success, -E_SOCKET on errors.
 * \sa socket(2)
 */
int get_socket(void)
{
        int socket_fd;

        if ((socket_fd = socket(AF_INET, SOCK_STREAM, 0)) == -1)
                return -E_SOCKET;
        return socket_fd;
}

/**
 * a wrapper around connect(2)
 *
 * @param fd the file descriptor
 * @param their_addr the address to connect
 *
 * @return \p -E_CONNECT on errors, 1 on success
 * \sa connect(2)
 */
int para_connect(int fd, struct sockaddr_in *their_addr)
{
        int ret;

        if ((ret = connect(fd, (struct sockaddr *)their_addr,
                        sizeof(struct sockaddr))) == -1)
                return -E_CONNECT;
        return 1;
}

/**
 * paraslash's wrapper around the accept system call
 *
 * @param fd the listening socket
 * @param addr structure which is filled in with the address of the peer socket
 * @param size should contain the size of the structure pointed to by \a addr
 *
 * \sa accept(2).
 */
int para_accept(int fd, void *addr, socklen_t size)
{
        int new_fd;

        new_fd = accept(fd, (struct sockaddr *) addr, &size);
        return new_fd == -1? -E_ACCEPT : new_fd;
}

static int setserversockopts(int socket_fd)
{
        int yes = 1;

        if (setsockopt(socket_fd, SOL_SOCKET, SO_REUSEADDR, &yes,
                        sizeof(int)) == -1)
                return -E_SETSOCKOPT;
        return 1;
}

static int do_bind(int socket_fd, struct sockaddr_in *my_addr)
{
        if (bind(socket_fd, (struct sockaddr *)my_addr,
                sizeof(struct sockaddr)) == -1)
                return -E_BIND;
        return 1;
}

/**
 * prepare a structure for \p AF_UNIX socket addresses
 *
 * \param u pointer to the struct to be prepared
 * \param name the socket pathname
 *
 * This just copies \a name to the sun_path component of \a u.
 *
 * \return Positive on success, \p -E_NAME_TOO_LONG if \a name is longer
 * than \p UNIX_PATH_MAX.
 */
int init_unix_addr(struct sockaddr_un *u, const char *name)
{
        if (strlen(name) >= UNIX_PATH_MAX)
                return -E_NAME_TOO_LONG;
        memset(u->sun_path, 0, UNIX_PATH_MAX);
        u->sun_family = PF_UNIX;
        strcpy(u->sun_path, name);
        return 1;
}

/**
 * prepare, create, and bind and socket for local communication
 *
 * \param name the socket pathname
 * \param unix_addr pointer to the \p AF_UNIX socket structure
 * \param mode the desired mode of the socket
 *
 * This functions creates a local socket for sequenced, reliable,
 * two-way, connection-based byte streams.
 * \sa socket(2)
 * \sa bind(2)
 * \sa chmod(2)
 */
int create_pf_socket(const char *name, struct sockaddr_un *unix_addr, int mode)
{
        int fd, ret;

        fd = socket(PF_UNIX, SOCK_STREAM, 0);
        if (fd < 0)
                return -E_SOCKET;
//      unlink(name);
        ret = init_unix_addr(unix_addr, name);
        if (ret < 0)
                return ret;
        if (bind(fd, (struct sockaddr *) unix_addr, UNIX_PATH_MAX) < 0)
                return -E_BIND;
        if (chmod(name, mode) < 0)
                return -E_CHMOD;
        return fd;
}

#ifndef HAVE_UCRED
        struct ucred {
        uid_t uid, pid, gid;
};
ssize_t send_cred_buffer(int sock, char *buf)
{
        return send_buffer(sock, buf);
}
int recv_cred_buffer(int fd, char *buf, size_t size)
{
        return recv_buffer(fd, buf, size) > 0? 1 : -E_RECVMSG;
}
#else /* HAVE_UCRED */
/**
 * send NULL terminated buffer and Unix credentials of the current process
 *
 * \param sock the socket file descriptor
 * \param buf the buffer to be sent
 *
 * \return On success, this call returns the number of characters sent.  On
 * error, \p -E_SENDMSG ist returned.
 * \sa  okir's Black Hats Manual
 * \sa sendmsg(2)
 */
ssize_t send_cred_buffer(int sock, char *buf)
{
        char control[sizeof(struct cmsghdr) + 10];
        struct msghdr msg;
        struct cmsghdr *cmsg;
        static struct iovec iov;
        struct ucred c;
        int ret;

        /* Response data */
        iov.iov_base = buf;
        iov.iov_len  = strlen(buf);
        c.pid = getpid();
        c.uid = getuid();
        c.gid = getgid();
        /* compose the message */
        memset(&msg, 0, sizeof(msg));
        msg.msg_iov = &iov;
        msg.msg_iovlen = 1;
        msg.msg_control = control;
        msg.msg_controllen = sizeof(control);
        /* attach the ucred struct */
        cmsg = CMSG_FIRSTHDR(&msg);
        cmsg->cmsg_level = SOL_SOCKET;
        cmsg->cmsg_type = SCM_CREDENTIALS;
        cmsg->cmsg_len = CMSG_LEN(sizeof(struct ucred));
        *(struct ucred *)CMSG_DATA(cmsg) = c;
        msg.msg_controllen = cmsg->cmsg_len;
        ret = sendmsg(sock, &msg, 0);
        if (ret  < 0)
                ret = -E_SENDMSG;
        return ret;
}

static void dispose_fds(int *fds, int num)
{
        int i;

        for (i = 0; i < num; i++)
                close(fds[i]);
}

/**
 * receive a buffer and the Unix credentials of the sending process
 *
 * \param fd the socket file descriptor
 * \param buf the buffer to store the message
 * \param size the size of \a buffer
 *
 * \return negative on errors, the user id on success.
 *
 * \sa okir's Black Hats Manual
 * \sa recvmsg(2)
 */
int recv_cred_buffer(int fd, char *buf, size_t size)
{
        char control[255];
        struct msghdr msg;
        struct cmsghdr *cmsg;
        struct iovec iov;
        int result = 0;
        int yes = 1;
        struct ucred cred;

        setsockopt(fd, SOL_SOCKET, SO_PASSCRED, &yes, sizeof(int));
        memset(&msg, 0, sizeof(msg));
        memset(buf, 0, size);
        iov.iov_base = buf;
        iov.iov_len = size;
        msg.msg_iov = &iov;
        msg.msg_iovlen = 1;
        msg.msg_control = control;
        msg.msg_controllen = sizeof(control);
        if (recvmsg(fd, &msg, 0) < 0)
                return -E_RECVMSG;
        result = -E_SCM_CREDENTIALS;
        cmsg = CMSG_FIRSTHDR(&msg);
        while (cmsg) {
                if (cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type
                                == SCM_CREDENTIALS) {
                        memcpy(&cred, CMSG_DATA(cmsg), sizeof(struct ucred));
                        result = cred.uid;
                } else
                        if (cmsg->cmsg_level == SOL_SOCKET
                                        && cmsg->cmsg_type == SCM_RIGHTS) {
                                dispose_fds((int *) CMSG_DATA(cmsg),
                                        (cmsg->cmsg_len - CMSG_LEN(0))
                                        / sizeof(int));
                        }
                cmsg = CMSG_NXTHDR(&msg, cmsg);
        }
        return result;
}
#endif /* HAVE_UCRED */

/** how many pending connections queue will hold */
#define BACKLOG 10

/**
 * create a socket, bind it and listen
 * \param port the tcp port to listen on
 *
 * \return The file descriptor of the created socket, negative
 * on errors.
 *
 * \sa get_socket()
 * \sa setsockopt(2)
 * \sa bind(2)
 * \sa listen(2)
 */
int init_tcp_socket(int port)
{
        int sockfd, ret;
        struct sockaddr_in my_addr;

        if ((sockfd = get_socket()) < 0)
                return sockfd;
        ret = setserversockopts(sockfd);
        if (ret < 0)
                return ret;
        init_sockaddr(&my_addr, port, NULL);
        ret = do_bind(sockfd, &my_addr);
        if (ret < 0)
                return ret;
        if (listen(sockfd, BACKLOG) == -1)
                return -E_LISTEN;
        PARA_INFO_LOG("listening on port %d, fd %d\n", port, sockfd);
        return sockfd;
}

/**
 * receive a buffer and check for a pattern
 *
 * \param fd the file descriptor to receive from
 * \param pattern the expected pattern
 * \param bufsize the size of the internal buffer
 *
 * \return Positive if \a pattern was received, negative otherwise.
 *
 * This function creates a buffer of size \a bufsize and tries
 * to receive at most \a bufsize bytes from file descriptor \a fd.
 * If at least \p strlen(\a pattern) bytes were received, the beginning of
 * the received buffer is compared with \a pattern, ignoring case.
 * \sa recv_buffer()
 * \sa strncasecmp(3)
 */
int recv_pattern(int fd, const char *pattern, size_t bufsize)
{
        size_t len = strlen(pattern);
        char *buf = para_malloc(bufsize + 1);
        int ret = -E_RECV_PATTERN, n = recv_buffer(fd, buf, bufsize);

        if (n < len)
                goto out;
        if (strncasecmp(buf, pattern, len))
                goto out;
        ret = 1;
out:
        if (ret < 0)
                PARA_NOTICE_LOG("did not receive pattern '%s'\n", pattern);
        free(buf);
        return ret;
}