command_util: Generate properly documented command header files.
[paraslash.git] / net.c
1 /*
2 * Copyright (C) 2005-2009 Andre Noll <maan@systemlinux.org>
3 *
4 * Licensed under the GPL v2. For licencing details see COPYING.
5 */
6
7 /** \file net.c Networking-related helper functions. */
8
9 /*
10 * Since glibc 2.8, the _GNU_SOURCE feature test macro must be defined in order
11 * to obtain the definition of the ucred structure.
12 */
13 #define _GNU_SOURCE
14
15 #include <netdb.h>
16
17 /* At least NetBSD needs these. */
18 #ifndef AI_V4MAPPED
19 #define AI_V4MAPPED 0
20 #endif
21 #ifndef AI_ALL
22 #define AI_ALL 0
23 #endif
24 #ifndef AI_ADDRCONFIG
25 #define AI_ADDRCONFIG 0
26 #endif
27
28 #include <dirent.h>
29 #include <regex.h>
30 #include <openssl/rc4.h>
31
32 #include "para.h"
33 #include "error.h"
34 #include "crypt.h"
35 #include "net.h"
36 #include "string.h"
37 #include "fd.h"
38
39 /**
40 * Parse and validate IPv4 address/netmask string.
41 *
42 * \param cidr Address in CIDR notation
43 * \param addr Copy of the IPv4 address part of \a cidr
44 * \param addrlen Size of \a addr in bytes
45 * \param netmask Value of the netmask part in \a cidr or the
46 * default of 32 if not specified.
47 *
48 * \return Pointer to \a addr if succesful, NULL on error.
49 * \sa RFC 4632
50 */
51 char *parse_cidr(const char *cidr,
52 char *addr, ssize_t addrlen,
53 int32_t *netmask)
54 {
55 const char *o = cidr;
56 char *c = addr, *end = c + (addrlen - 1);
57
58 *netmask = 0x20;
59
60 if (cidr == NULL || addrlen < 1)
61 goto failed;
62
63 for (o = cidr; (*c = *o == '/'? '\0' : *o); c++, o++)
64 if (c == end)
65 goto failed;
66
67 if (*o == '/')
68 if (para_atoi32(++o, netmask) < 0 ||
69 *netmask < 0 || *netmask > 0x20)
70 goto failed;
71
72 if (is_valid_ipv4_address(addr))
73 return addr;
74 failed:
75 *addr = '\0';
76 return NULL;
77 }
78
79
80 /**
81 * Match string as a candidate IPv4 address.
82 *
83 * \param address The string to match.
84 * \return True if \a address has "dot-quad" format.
85 */
86 static bool is_v4_dot_quad(const char *address)
87 {
88 bool result;
89 regex_t r;
90
91 assert(!regcomp(&r, "^([0-9]+\\.){3}[0-9]+$", REG_EXTENDED|REG_NOSUB));
92 result = regexec(&r, address, 0, NULL, 0) == 0;
93 regfree(&r);
94 return result;
95 }
96
97 /**
98 * Perform basic syntax checking on the host-part of an URL:
99 *
100 * - Since ':' is invalid in IPv4 addresses and DNS names, the
101 * presence of ':' causes interpretation as IPv6 address;
102 * - next the first-match-wins algorithm from RFC 3986 is applied;
103 * - else the string is considered as DNS name, to be resolved later.
104 *
105 * \param host The host string to check.
106 * \return True if \a host passes the syntax checks.
107 *
108 * \sa RFC 3986, 3.2.2; RFC 1123, 2.1; RFC 1034, 3.5
109 */
110 static bool host_string_ok(const char *host)
111 {
112 if (host == NULL || *host == '\0')
113 return false;
114 if (strchr(host, ':') != NULL)
115 return is_valid_ipv6_address(host);
116 if (is_v4_dot_quad(host))
117 return is_valid_ipv4_address(host);
118 return true;
119 }
120
121 /**
122 * Parse and validate URL string.
123 *
124 * The URL syntax is loosely based on RFC 3986, supporting one of
125 * - "["host"]"[:port] for native IPv6 addresses and
126 * - host[:port] for IPv4 hostnames and DNS names.
127 *
128 * Native IPv6 addresses must be enclosed in square brackets, since
129 * otherwise there is an ambiguity with the port separator `:'.
130 * The 'port' part is always considered to be a number; if absent,
131 * it is set to -1, to indicate that a default port is to be used.
132 *
133 * The following are valid examples:
134 * - 10.10.1.1
135 * - 10.10.1.2:8000
136 * - localhost
137 * - localhost:8001
138 * - [::1]:8000
139 * - [badc0de::1]
140 *
141 * \param url The URL string to take apart.
142 * \param host To return the copied host part of \a url.
143 * \param hostlen The maximum length of \a host.
144 * \param port To return the port number (if any) of \a url.
145 *
146 * \return Pointer to \a host, or NULL if failed.
147 * If NULL is returned, \a host and \a portnum are undefined. If no
148 * port number was present in \a url, \a portnum is set to -1.
149 *
150 * \sa RFC 3986, 3.2.2/3.2.3
151 */
152 char *parse_url(const char *url,
153 char *host, ssize_t hostlen,
154 int32_t *port)
155 {
156 const char *o = url;
157 char *c = host, *end = c + (hostlen - 1);
158
159 *port = -1;
160
161 if (o == NULL || hostlen < 1)
162 goto failed;
163
164 if (*o == '[') {
165 for (++o; (*c = *o == ']' ? '\0' : *o); c++, o++)
166 if (c == end)
167 goto failed;
168
169 if (*o++ != ']' || (*o != '\0' && *o != ':'))
170 goto failed;
171 } else {
172 for (; (*c = *o == ':'? '\0' : *o); c++, o++)
173 if (c == end)
174 goto failed;
175 }
176
177 if (*o == ':')
178 if (para_atoi32(++o, port) < 0 ||
179 *port < 0 || *port > 0xffff)
180 goto failed;
181
182 if (host_string_ok(host))
183 return host;
184 failed:
185 *host = '\0';
186 return NULL;
187 }
188
189 /**
190 * Determine the socket type for a given layer-4 protocol.
191 *
192 * \param l4type The symbolic name of the transport-layer protocol.
193 *
194 * \sa ip(7), socket(2)
195 */
196 static inline int sock_type(const unsigned l4type)
197 {
198 switch (l4type) {
199 case IPPROTO_UDP: return SOCK_DGRAM;
200 case IPPROTO_TCP: return SOCK_STREAM;
201 case IPPROTO_DCCP: return SOCK_DCCP;
202 }
203 return -1; /* not supported here */
204 }
205
206 /**
207 * Pretty-print transport-layer name.
208 */
209 static const char *layer4_name(const unsigned l4type)
210 {
211 switch (l4type) {
212 case IPPROTO_UDP: return "UDP";
213 case IPPROTO_TCP: return "TCP";
214 case IPPROTO_DCCP: return "DCCP";
215 }
216 return "UNKNOWN PROTOCOL";
217 }
218
219 /**
220 * Resolve IPv4/IPv6 address and create a ready-to-use active or passive socket.
221 *
222 * \param l3type The layer-3 type (\p AF_INET, \p AF_INET6, \p AF_UNSPEC).
223 * \param l4type The layer-4 type (\p IPPROTO_xxx).
224 * \param passive Whether this is a passive (1) or active (0) socket.
225 * \param host Remote or local hostname or IPv/6 address string.
226 * \param port_number Decimal port number.
227 *
228 * This creates a ready-made IPv4/v6 socket structure after looking up the
229 * necessary parameters. The interpretation of \a host depends on the value of
230 * \a passive:
231 * - on a passive socket host is interpreted as an interface IPv4/6 address
232 * (can be left NULL);
233 * - on an active socket, \a host is the peer DNS name or IPv4/6 address
234 * to connect to;
235 * - \a port_number is in either case the numeric port number (not service
236 * string).
237 *
238 * Furthermore, bind(2) is called on passive sockets, and connect(2) on active
239 * sockets. The algorithm tries all possible address combinations until it
240 * succeeds.
241 *
242 * \return This function returns 1 on success and \a -E_ADDRESS_LOOKUP when no
243 * matching connection could be set up (with details in the error log).
244 *
245 * \sa ipv6(7), getaddrinfo(3), bind(2), connect(2).
246 */
247 int makesock(unsigned l3type, unsigned l4type, int passive,
248 const char *host, unsigned short port_number)
249 {
250 struct addrinfo *local = NULL, *src,
251 *remote = NULL, *dst, hints;
252 int rc, on = 1, sockfd = -1,
253 socktype = sock_type(l4type);
254 char port[6]; /* port number has at most 5 digits */
255
256 sprintf(port, "%u", port_number);
257 /* Set up address hint structure */
258 memset(&hints, 0, sizeof(hints));
259 hints.ai_family = l3type;
260 hints.ai_socktype = socktype;
261 /*
262 * getaddrinfo does not support SOCK_DCCP, so for the sake of lookup
263 * (and only then) pretend to be UDP.
264 */
265 if (l4type == IPPROTO_DCCP)
266 hints.ai_socktype = SOCK_DGRAM;
267
268 /* only use addresses available on the host */
269 hints.ai_flags = AI_ADDRCONFIG;
270 if (l3type == AF_INET6)
271 /* use v4-mapped-v6 if no v6 addresses found */
272 hints.ai_flags |= AI_V4MAPPED | AI_ALL;
273
274 if (passive && host == NULL)
275 hints.ai_flags |= AI_PASSIVE;
276
277 /* Obtain local/remote address information */
278 if ((rc = getaddrinfo(host, port, &hints, passive ? &local : &remote))) {
279 PARA_ERROR_LOG("can not resolve %s address %s#%s: %s.\n",
280 layer4_name(l4type),
281 host? host : (passive? "[loopback]" : "[localhost]"),
282 port, gai_strerror(rc));
283 return -E_ADDRESS_LOOKUP;
284 }
285
286 /* Iterate over all src/dst combination, exhausting dst first */
287 for (src = local, dst = remote; src != NULL || dst != NULL; /* no op */ ) {
288 if (src && dst && src->ai_family == AF_INET
289 && dst->ai_family == AF_INET6)
290 goto get_next_dst; /* v4 -> v6 is not possible */
291
292 sockfd = socket(src ? src->ai_family : dst->ai_family,
293 socktype, l4type);
294 if (sockfd < 0)
295 goto get_next_dst;
296
297 /*
298 * Set those options that need to be set before establishing
299 * the connection. Reuse the address on passive (listening)
300 * sockets to avoid failure on restart.
301 */
302 if (passive && setsockopt(sockfd, SOL_SOCKET, SO_REUSEADDR,
303 &on, sizeof(on)) == -1) {
304 PARA_ERROR_LOG("can not set SO_REUSEADDR: %s\n",
305 strerror(errno));
306 return -ERRNO_TO_PARA_ERROR(errno);
307 }
308
309 if (src) {
310 if (bind(sockfd, src->ai_addr, src->ai_addrlen) < 0) {
311 close(sockfd);
312 goto get_next_src;
313 }
314 if (!dst) /* bind-only completed successfully */
315 break;
316 }
317
318 if (dst && connect(sockfd, dst->ai_addr, dst->ai_addrlen) == 0)
319 break; /* connection completed successfully */
320 close(sockfd);
321 get_next_dst:
322 if (dst && (dst = dst->ai_next))
323 continue;
324 get_next_src:
325 if (src && (src = src->ai_next)) /* restart inner loop */
326 dst = remote;
327 }
328 if (local)
329 freeaddrinfo(local);
330 if (remote)
331 freeaddrinfo(remote);
332
333 if (src == NULL && dst == NULL) {
334 PARA_ERROR_LOG("can not create %s socket %s#%s.\n",
335 layer4_name(l4type), host? host : (passive?
336 "[loopback]" : "[localhost]"), port);
337 return -ERRNO_TO_PARA_ERROR(errno);
338 }
339 return sockfd;
340 }
341
342 /**
343 * Create a passive / listening socket.
344 *
345 * \param l3type The network-layer type (\p AF_xxx).
346 * \param l4type The transport-layer type (\p IPPROTO_xxx).
347 * \param port The decimal port number to listen on.
348 *
349 * \return Positive integer (socket descriptor) on success, negative value
350 * otherwise.
351 *
352 * \sa makesock(), ip(7), ipv6(7), bind(2), listen(2).
353 */
354 int para_listen(unsigned l3type, unsigned l4type, unsigned short port)
355 {
356 int ret, fd = makesock(l3type, l4type, 1, NULL, port);
357
358 if (fd > 0) {
359 ret = listen(fd, BACKLOG);
360 if (ret < 0) {
361 close(fd);
362 return -ERRNO_TO_PARA_ERROR(errno);
363 }
364 PARA_INFO_LOG("listening on %s port %u, fd %d\n",
365 layer4_name(l4type), port, fd);
366 }
367 return fd;
368 }
369
370 /**
371 * Print numeric host and port number (beware - uses static char).
372 *
373 * \param sa The IPv4/IPv6 socket address to use.
374 * \param len The length of \p sa.
375 *
376 * \sa getnameinfo(3).
377 */
378 static char *host_and_port(struct sockaddr *sa, socklen_t len)
379 {
380 static char output[NI_MAXHOST + NI_MAXSERV + 2];
381 char hbuf[NI_MAXHOST], sbuf[NI_MAXSERV];
382 int ret;
383
384 ret = getnameinfo(sa, len, hbuf, sizeof(hbuf), sbuf, sizeof(sbuf),
385 NI_NUMERICHOST | NI_NUMERICSERV);
386 if (ret) {
387 PARA_WARNING_LOG("hostname lookup error (%s).\n",
388 gai_strerror(ret));
389 sprintf(output, "(unknown)");
390 } else
391 sprintf(output, "%s#%s", hbuf, sbuf);
392 return output;
393 }
394
395 /**
396 * Look up the local or remote side of a connected socket structure.
397 *
398 * \param fd The socket descriptor of the connected socket.
399 * \param getname Either \p getsockname() for local, or \p getpeername() for
400 * remote side.
401 *
402 * \return A static character string identifying hostname and port of the
403 * chosen side.
404 *
405 * \sa getsockname(2), getpeername(2).
406 */
407 static char *__get_sock_name(int fd, int (*getname)(int, struct sockaddr*,
408 socklen_t *))
409 {
410 struct sockaddr_storage ss;
411 socklen_t sslen = sizeof(ss);
412
413 if (getname(fd, (struct sockaddr *)&ss, &sslen) < 0) {
414 static char *dont_know = "(don't know)";
415 PARA_ERROR_LOG("can not determine address from fd %d: %s\n",
416 fd, strerror(errno));
417 return dont_know;
418 }
419 return host_and_port((struct sockaddr *)&ss, sslen);
420 }
421
422 /**
423 * Look up the local side of a connected socket structure.
424 *
425 * \param sockfd The file descriptor of the socket.
426 *
427 * \return A pointer to a static buffer containing hostname an port. This
428 * buffer must not be freed by the caller.
429 *
430 * \sa remote_name().
431 */
432 char *local_name(int sockfd)
433 {
434 return __get_sock_name(sockfd, getsockname);
435 }
436
437 /**
438 * Look up the remote side of a connected socket structure.
439 *
440 * \param sockfd The file descriptor of the socket.
441 *
442 * \return Analogous to the return value of \ref local_name() but for the
443 * remote side.
444 *
445 * \sa local_name().
446 */
447 char *remote_name(int sockfd)
448 {
449 return __get_sock_name(sockfd, getpeername);
450 }
451
452 /**
453 * Extract IPv4 or IPv6-mapped-IPv4 address from sockaddr_storage.
454 * \param ss Container of IPv4/6 address
455 * \return Extracted IPv4 address (different from 0) or 0 if unsuccessful.
456 *
457 * \sa RFC 3493
458 */
459 struct in_addr extract_v4_addr(const struct sockaddr_storage *ss)
460 {
461 struct in_addr ia = {.s_addr = 0};
462
463 if (ss->ss_family == AF_INET)
464 ia.s_addr = ((struct sockaddr_in *)ss)->sin_addr.s_addr;
465 if (ss->ss_family == AF_INET6) {
466 const struct in6_addr v6_addr = ((struct sockaddr_in6 *)ss)->sin6_addr;
467
468 if (IN6_IS_ADDR_V4MAPPED(&v6_addr))
469 memcpy(&ia.s_addr, &(v6_addr.s6_addr[12]), 4);
470 }
471 return ia;
472 }
473
474 /**
475 * Send a binary buffer.
476 *
477 * \param fd The file descriptor.
478 * \param buf The buffer to be sent.
479 * \param len The length of \a buf.
480 *
481 * Send out the buffer and try to resend the remaining part in case of short
482 * writes.
483 *
484 * \return Standard.
485 */
486 int send_bin_buffer(int fd, const char *buf, size_t len)
487 {
488 if (!len)
489 PARA_CRIT_LOG("len == 0\n");
490 return write_all(fd, buf, &len);
491 }
492
493 /**
494 * Send a \p NULL-terminated buffer.
495 *
496 * \param fd The file descriptor.
497 * \param buf The null-terminated buffer to be send.
498 *
499 * This is equivalent to send_bin_buffer(fd, buf, strlen(buf)).
500 *
501 * \return Standard.
502 */
503 int send_buffer(int fd, const char *buf)
504 {
505 return send_bin_buffer(fd, buf, strlen(buf));
506 }
507
508 /**
509 * Send a buffer given by a format string.
510 *
511 * \param fd The file descriptor.
512 * \param fmt A format string.
513 *
514 * \return Standard.
515 */
516 __printf_2_3 int send_va_buffer(int fd, const char *fmt, ...)
517 {
518 char *msg;
519 int ret;
520
521 PARA_VSPRINTF(fmt, msg);
522 ret = send_buffer(fd, msg);
523 free(msg);
524 return ret;
525 }
526
527 /**
528 * Receive data from a file descriptor.
529 *
530 * \param fd The file descriptor.
531 * \param buf The buffer to write the data to.
532 * \param size The size of \a buf.
533 *
534 * Receive at most \a size bytes from file descriptor \a fd.
535 *
536 * \return The number of bytes received on success, negative on errors, zero if
537 * the peer has performed an orderly shutdown.
538 *
539 * \sa recv(2).
540 */
541 __must_check int recv_bin_buffer(int fd, char *buf, size_t size)
542 {
543 ssize_t n;
544
545 n = recv(fd, buf, size, 0);
546 if (n == -1)
547 return -ERRNO_TO_PARA_ERROR(errno);
548 return n;
549 }
550
551 /**
552 * Receive and write terminating NULL byte.
553 *
554 * \param fd The file descriptor.
555 * \param buf The buffer to write the data to.
556 * \param size The size of \a buf.
557 *
558 * Read at most \a size - 1 bytes from file descriptor \a fd and
559 * write a NULL byte at the end of the received data.
560 *
561 * \return The return value of the underlying call to \a recv_bin_buffer().
562 *
563 * \sa recv_bin_buffer()
564 */
565 int recv_buffer(int fd, char *buf, size_t size)
566 {
567 int n;
568
569 assert(size);
570 n = recv_bin_buffer(fd, buf, size - 1);
571 if (n >= 0)
572 buf[n] = '\0';
573 else
574 *buf = '\0';
575 return n;
576 }
577
578 /**
579 * Wrapper around the accept system call.
580 *
581 * \param fd The listening socket.
582 * \param addr Structure which is filled in with the address of the peer socket.
583 * \param size Should contain the size of the structure pointed to by \a addr.
584 *
585 * Accept incoming connections on \a addr. Retry if interrupted.
586 *
587 * \return The new file descriptor on success, negative on errors.
588 *
589 * \sa accept(2).
590 */
591 int para_accept(int fd, void *addr, socklen_t size)
592 {
593 int new_fd;
594
595 do
596 new_fd = accept(fd, (struct sockaddr *) addr, &size);
597 while (new_fd < 0 && errno == EINTR);
598 return new_fd < 0? -ERRNO_TO_PARA_ERROR(errno) : new_fd;
599 }
600
601 /**
602 * Prepare a structure for \p AF_UNIX socket addresses.
603 *
604 * \param u Pointer to the struct to be prepared.
605 * \param name The socket pathname.
606 *
607 * This just copies \a name to the sun_path component of \a u.
608 *
609 * \return Positive on success, \p -E_NAME_TOO_LONG if \a name is longer
610 * than \p UNIX_PATH_MAX.
611 */
612 static int init_unix_addr(struct sockaddr_un *u, const char *name)
613 {
614 if (strlen(name) >= UNIX_PATH_MAX)
615 return -E_NAME_TOO_LONG;
616 memset(u->sun_path, 0, UNIX_PATH_MAX);
617 u->sun_family = PF_UNIX;
618 strcpy(u->sun_path, name);
619 return 1;
620 }
621
622 /**
623 * Prepare, create, and bind a socket for local communication.
624 *
625 * \param name The socket pathname.
626 * \param unix_addr Pointer to the \p AF_UNIX socket structure.
627 * \param mode The desired mode of the socket.
628 *
629 * This function creates a local socket for sequenced, reliable,
630 * two-way, connection-based byte streams.
631 *
632 * \return The file descriptor, on success, negative on errors.
633 *
634 * \sa socket(2)
635 * \sa bind(2)
636 * \sa chmod(2)
637 */
638 int create_local_socket(const char *name, struct sockaddr_un *unix_addr,
639 mode_t mode)
640 {
641 int fd, ret;
642
643 ret = init_unix_addr(unix_addr, name);
644 if (ret < 0)
645 return ret;
646 ret = socket(PF_UNIX, SOCK_STREAM, 0);
647 if (ret < 0)
648 return -ERRNO_TO_PARA_ERROR(errno);
649 fd = ret;
650 ret = bind(fd, (struct sockaddr *) unix_addr, UNIX_PATH_MAX);
651 if (ret < 0) {
652 ret = -ERRNO_TO_PARA_ERROR(errno);
653 goto err;
654 }
655 ret = -E_CHMOD;
656 if (chmod(name, mode) < 0)
657 goto err;
658 return fd;
659 err:
660 close(fd);
661 return ret;
662 }
663
664 /**
665 * Prepare, create, and connect to a Unix domain socket for local communication.
666 *
667 * \param name The socket pathname.
668 *
669 * This function creates a local socket for sequenced, reliable, two-way,
670 * connection-based byte streams.
671 *
672 * \return The file descriptor, on success, negative on errors.
673 *
674 * \sa create_local_socket(), unix(7), connect(2).
675 */
676 int create_remote_socket(const char *name)
677 {
678 struct sockaddr_un unix_addr;
679 int fd, ret;
680
681 ret = init_unix_addr(&unix_addr, name);
682 if (ret < 0)
683 return ret;
684 fd = socket(PF_UNIX, SOCK_STREAM, 0);
685 if (fd < 0)
686 return -ERRNO_TO_PARA_ERROR(errno);
687 if (connect(fd, (struct sockaddr *)&unix_addr, sizeof(unix_addr)) == -1) {
688 ret = -ERRNO_TO_PARA_ERROR(errno);
689 goto err;
690 }
691 return fd;
692 err:
693 close(fd);
694 return ret;
695 }
696
697 #ifndef HAVE_UCRED
698 ssize_t send_cred_buffer(int sock, char *buf)
699 {
700 return send_buffer(sock, buf);
701 }
702 int recv_cred_buffer(int fd, char *buf, size_t size)
703 {
704 return recv_buffer(fd, buf, size) > 0? 1 : -E_RECVMSG;
705 }
706 #else /* HAVE_UCRED */
707 /**
708 * Send \p NULL-terminated buffer and Unix credentials of the current process.
709 *
710 * \param sock The socket file descriptor.
711 * \param buf The buffer to be sent.
712 *
713 * \return On success, this call returns the number of characters sent. On
714 * error, \p -E_SENDMSG is returned.
715 *
716 * \sa sendmsg(2), okir's Black Hats Manual.
717 */
718 ssize_t send_cred_buffer(int sock, char *buf)
719 {
720 char control[sizeof(struct cmsghdr) + sizeof(struct ucred)];
721 struct msghdr msg;
722 struct cmsghdr *cmsg;
723 static struct iovec iov;
724 struct ucred c;
725 int ret;
726
727 /* Response data */
728 iov.iov_base = buf;
729 iov.iov_len = strlen(buf);
730 c.pid = getpid();
731 c.uid = getuid();
732 c.gid = getgid();
733 /* compose the message */
734 memset(&msg, 0, sizeof(msg));
735 msg.msg_iov = &iov;
736 msg.msg_iovlen = 1;
737 msg.msg_control = control;
738 msg.msg_controllen = sizeof(control);
739 /* attach the ucred struct */
740 cmsg = CMSG_FIRSTHDR(&msg);
741 cmsg->cmsg_level = SOL_SOCKET;
742 cmsg->cmsg_type = SCM_CREDENTIALS;
743 cmsg->cmsg_len = CMSG_LEN(sizeof(struct ucred));
744 *(struct ucred *)CMSG_DATA(cmsg) = c;
745 msg.msg_controllen = cmsg->cmsg_len;
746 ret = sendmsg(sock, &msg, 0);
747 if (ret < 0)
748 ret = -E_SENDMSG;
749 return ret;
750 }
751
752 static void dispose_fds(int *fds, unsigned num)
753 {
754 int i;
755
756 for (i = 0; i < num; i++)
757 close(fds[i]);
758 }
759
760 /**
761 * Receive a buffer and the Unix credentials of the sending process.
762 *
763 * \param fd the socket file descriptor.
764 * \param buf the buffer to store the message.
765 * \param size the size of \a buffer.
766 *
767 * \return negative on errors, the user id on success.
768 *
769 * \sa recvmsg(2), okir's Black Hats Manual.
770 */
771 int recv_cred_buffer(int fd, char *buf, size_t size)
772 {
773 char control[255];
774 struct msghdr msg;
775 struct cmsghdr *cmsg;
776 struct iovec iov;
777 int result = 0;
778 int yes = 1;
779 struct ucred cred;
780
781 setsockopt(fd, SOL_SOCKET, SO_PASSCRED, &yes, sizeof(int));
782 memset(&msg, 0, sizeof(msg));
783 memset(buf, 0, size);
784 iov.iov_base = buf;
785 iov.iov_len = size;
786 msg.msg_iov = &iov;
787 msg.msg_iovlen = 1;
788 msg.msg_control = control;
789 msg.msg_controllen = sizeof(control);
790 if (recvmsg(fd, &msg, 0) < 0)
791 return -E_RECVMSG;
792 result = -E_SCM_CREDENTIALS;
793 cmsg = CMSG_FIRSTHDR(&msg);
794 while (cmsg) {
795 if (cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type
796 == SCM_CREDENTIALS) {
797 memcpy(&cred, CMSG_DATA(cmsg), sizeof(struct ucred));
798 result = cred.uid;
799 } else
800 if (cmsg->cmsg_level == SOL_SOCKET
801 && cmsg->cmsg_type == SCM_RIGHTS) {
802 dispose_fds((int *) CMSG_DATA(cmsg),
803 (cmsg->cmsg_len - CMSG_LEN(0))
804 / sizeof(int));
805 }
806 cmsg = CMSG_NXTHDR(&msg, cmsg);
807 }
808 return result;
809 }
810 #endif /* HAVE_UCRED */
811
812 /**
813 * Receive a buffer and check for a pattern.
814 *
815 * \param fd The file descriptor to receive from.
816 * \param pattern The expected pattern.
817 * \param bufsize The size of the internal buffer.
818 *
819 * \return Positive if \a pattern was received, negative otherwise.
820 *
821 * This function tries to receive at most \a bufsize bytes from file descriptor
822 * \a fd. If at least \p strlen(\a pattern) bytes were received, the beginning
823 * of the received buffer is compared with \a pattern, ignoring case.
824 *
825 * \sa recv_buffer(), \sa strncasecmp(3).
826 */
827 int recv_pattern(int fd, const char *pattern, size_t bufsize)
828 {
829 size_t len = strlen(pattern);
830 char *buf = para_malloc(bufsize + 1);
831 int ret = -E_RECV_PATTERN, n = recv_buffer(fd, buf, bufsize + 1);
832
833 if (n < len)
834 goto out;
835 if (strncasecmp(buf, pattern, len))
836 goto out;
837 ret = 1;
838 out:
839 if (ret < 0) {
840 PARA_NOTICE_LOG("n = %d, did not receive pattern '%s'\n", n,
841 pattern);
842 if (n > 0)
843 PARA_NOTICE_LOG("recvd: %s\n", buf);
844 }
845 free(buf);
846 return ret;
847 }