X-Git-Url: http://git.tuebingen.mpg.de/?p=paraslash.git;a=blobdiff_plain;f=net.c;h=076600fc45f2952212835339ac4e991ee0e5edc6;hp=c5f33c822164195615d7f8f318f22a3f1d43a79f;hb=e5c63af4f631e706c8c8793f5db862c80948925c;hpb=8211954fc3390c0fa19cca788b03336a37aa9dc0 diff --git a/net.c b/net.c index c5f33c82..076600fc 100644 --- a/net.c +++ b/net.c @@ -4,12 +4,26 @@ * Licensed under the GPL v2. For licencing details see COPYING. */ -/** \file net.c networking-related helper functions */ +/** \file net.c Networking-related helper functions. */ + +#include + +/* At least NetBSD needs these. */ +#ifndef AI_V4MAPPED +#define AI_V4MAPPED 0 +#endif +#ifndef AI_ALL +#define AI_ALL 0 +#endif +#ifndef AI_ADDRCONFIG +#define AI_ADDRCONFIG 0 +#endif + #include "para.h" +#include "error.h" #include "net.h" #include "string.h" -#include "error.h" /** Information about one encrypted connection. */ @@ -30,12 +44,12 @@ static struct crypt_data *crypt_data_array; static unsigned cda_size = 0; /** - * activate encryption for one file descriptor + * Activate encryption for one file descriptor. * - * \param fd the file descriptor - * \param recv_f the function used for decrypting received data - * \param send_f the function used for encrypting before sending - * \param private_data user data supplied by the caller + * \param fd The file descriptor. + * \param recv_f The function used for decrypting received data. + * \param send_f The function used for encrypting before sending. + * \param private_data User data supplied by the caller. */ void enable_crypt(int fd, crypt_function *recv_f, crypt_function *send_f, void *private_data) @@ -54,9 +68,9 @@ void enable_crypt(int fd, crypt_function *recv_f, crypt_function *send_f, } /** - * deactivate encryption for a given fd + * Deactivate encryption for a given fd. * - * \param fd the file descriptor + * \param fd The file descriptor. * * This must be called if and only if \p fd was activated via enable_crypt(). */ @@ -71,74 +85,268 @@ void disable_crypt(int fd) /** - * initialize a struct sockaddr_in + * Determine the socket type for a given layer-4 protocol. * - * \param addr A pointer to the struct to be initialized - * \param port The port number to use - * \param he The address to use + * \param l4type The symbolic name of the transport-layer protocol. * - * If \a he is null (server mode), \a addr->sin_addr is initialized with \p - * INADDR_ANY. Otherwise, the address given by \a he is copied to addr. + * \sa ip(7), socket(2) */ -void init_sockaddr(struct sockaddr_in *addr, int port, const struct hostent *he) +static inline int sock_type(const unsigned l4type) { - /* host byte order */ - addr->sin_family = AF_INET; - /* short, network byte order */ - addr->sin_port = htons(port); - if (he) - addr->sin_addr = *((struct in_addr *)he->h_addr); - else - addr->sin_addr.s_addr = INADDR_ANY; - /* zero the rest of the struct */ - memset(&addr->sin_zero, '\0', 8); + switch (l4type) { + case IPPROTO_UDP: return SOCK_DGRAM; + case IPPROTO_TCP: return SOCK_STREAM; + case IPPROTO_DCCP: return SOCK_DCCP; + } + return -1; /* not supported here */ } -/* - * send out a buffer, resend on short writes +/** + * Pretty-print transport-layer name. + */ +static const char *layer4_name(const unsigned l4type) +{ + switch (l4type) { + case IPPROTO_UDP: return "UDP"; + case IPPROTO_TCP: return "TCP"; + case IPPROTO_DCCP: return "DCCP"; + } + return "UNKNOWN PROTOCOL"; +} + +/** + * Resolve IPv4/IPv6 address and create a ready-to-use active or passive socket. + * + * @param l3type The layer-3 type (\p AF_INET, \p AF_INET6, \p AF_UNSPEC) + * @param l4type The layer-4 type (\p IPPROTO_xxx). + * @param passive Whether this is a passive (1) or active (0) socket/ + * @param host Remote or local hostname or IPv/6 address string. + * @param port_number Decimal port number. + * + * This creates a ready-made IPv4/v6 socket structure after looking up the necessary + * parameters. The interpretation of \a host depends on the value of \a passive: + * - on a passive socket host is interpreted as an interface IPv4/6 address + * (can be left NULL); + * - on an active socket, \a host is the peer DNS name or IPv4/6 address to connect to; + * - \a port_number is in either case the numeric port number (not service string). + * Furthermore, bind(2) is called on passive sockets, and connect(2) on active sockets. + * The algorithm tries all possible address combinations until it succeeds. + * + * \return This function returns 1 on success and \a -E_ADDRESS_LOOKUP when no matching + * connection could be set up (with details in the error log). + * + * \sa ipv6(7), getaddrinfo(3), bind(2), connect(2) + */ +int makesock(unsigned l3type, unsigned l4type, int passive, + const char *host, unsigned short port_number) +{ + struct addrinfo *local = NULL, *src, + *remote = NULL, *dst, hints; + char *port = make_message("%u", port_number); + int rc, on = 1, sockfd = -1, + socktype = sock_type(l4type); + + /* + * Set up address hint structure + */ + memset(&hints, 0, sizeof(hints)); + hints.ai_family = l3type; + /* getaddrinfo does not really work well with SOCK_DCCP */ + if (socktype == SOCK_DGRAM || socktype == SOCK_STREAM) + hints.ai_socktype = socktype; + + /* only use addresses available on the host */ + hints.ai_flags = AI_ADDRCONFIG; + if (l3type == AF_INET6) + /* use v4-mapped-v6 if no v6 addresses found */ + hints.ai_flags |= AI_V4MAPPED | AI_ALL; + + if (passive && host == NULL) + hints.ai_flags |= AI_PASSIVE; + + /* + * Obtain local/remote address information + */ + if ((rc = getaddrinfo(host, port, &hints, passive ? &local : &remote))) { + PARA_ERROR_LOG("can not resolve %s address %s#%s: %s.\n", + layer4_name(l4type), + host? : (passive? "[loopback]" : "[localhost]"), + port, gai_strerror(rc)); + return -E_ADDRESS_LOOKUP; + } + + /* + * Iterate over all src/dst combination, exhausting dst first + */ + for (src = local, dst = remote; src != NULL || dst != NULL; /* no op */ ) { + if (src && dst && src->ai_family == AF_INET + && dst->ai_family == AF_INET6) /* v4 -> v6 is not possible */ + goto get_next_dst; + + sockfd = socket(src ? src->ai_family : dst->ai_family, socktype, l4type); + if (sockfd < 0) + goto get_next_dst; + + /* + * Set those options that need to be set before establishing the connection + */ + /* Reuse the address on passive (listening) sockets to avoid failure on restart */ + if (passive && setsockopt(sockfd, SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on)) == -1) { + PARA_ERROR_LOG("can not set SO_REUSEADDR: %s\n", strerror(errno)); + return -ERRNO_TO_PARA_ERROR(errno); + } + + if (src) { + if (bind(sockfd, src->ai_addr, src->ai_addrlen) < 0) { + close(sockfd); + goto get_next_src; + } + if (!dst) + break; /* bind-only completed successfully */ + } + + if (dst && connect(sockfd, dst->ai_addr, dst->ai_addrlen) == 0) + break; /* connection completed successfully */ + close(sockfd); +get_next_dst: + if (dst && (dst = dst->ai_next)) + continue; +get_next_src: + if (src && (src = src->ai_next)) + dst = remote; /* restart inner loop */ + } + if (local) + freeaddrinfo(local); + if (remote) + freeaddrinfo(remote); + + if (src == NULL && dst == NULL) { + PARA_ERROR_LOG("can not create %s socket %s#%s.\n", layer4_name(l4type), + host? : (passive? "[loopback]" : "[localhost]"), port); + return -ERRNO_TO_PARA_ERROR(errno); + } + return sockfd; +} + +/** + * Create a passive / listening socket. + * \param l3type The network-layer type (\p AF_xxx) + * \param l4type The transport-layer type (\p IPPROTO_xxx). + * \param port The decimal port number to listen on. + * + * \return Positive integer (socket descriptor) on success, negative value otherwise. + * \sa makesock(), ip(7), ipv6(7), bind(2), listen(2). + */ +int para_listen(unsigned l3type, unsigned l4type, unsigned short port) +{ + int ret, fd = makesock(l3type, l4type, 1, NULL, port); + + if (fd > 0) { + ret = listen(fd, BACKLOG); + if (ret < 0) { + close(fd); + return -ERRNO_TO_PARA_ERROR(errno); + } + PARA_INFO_LOG("listening on %s port %u, fd %d\n", + layer4_name(l4type), port, fd); + } + return fd; +} + +/** + * Print numeric host and port number (beware - uses static char). + * \param sa The IPv4/IPv6 socket address to use. + * \param len The length of \p sa. * - * \param fd the file descriptor - * \param buf The buffer to be sent - * \param len The length of \a buf + * \sa getnameinfo(3) + */ +char *host_and_port(struct sockaddr *sa, socklen_t len) +{ + static char output[NI_MAXHOST + NI_MAXSERV + 2]; + char hbuf[NI_MAXHOST], + sbuf[NI_MAXSERV]; + int ret; + + ret = getnameinfo(sa, len, hbuf, sizeof(hbuf), sbuf, sizeof(sbuf), + NI_NUMERICHOST | NI_NUMERICSERV); + if (ret) { + PARA_WARNING_LOG("hostname lookup error (%s).\n", gai_strerror(ret)); + sprintf(output, "(unknown)"); + } else { + sprintf(output, "%s#%s", hbuf, sbuf); + } + return output; +} + +/** + * Look up the local or remote side of a connected socket structure. + * \param fd The socket descriptor of the connected socket. + * \param getname Either \fn getsockname() for local, or \fn getpeername() for remote side. + * + * \return A static character string identifying hostname and port of the chosen side + * \sa getsockname(2), getpeername(2) + */ +static char *__get_sock_name(int fd, int (*getname)(int, struct sockaddr*, socklen_t *)) +{ + struct sockaddr_storage ss; + socklen_t sslen = sizeof(ss); + + if (getname(fd, (struct sockaddr *)&ss, &sslen) < 0) { + static char *dont_know = "(don't know)"; + PARA_ERROR_LOG("can not determine address from fd %d: %s\n", fd, strerror(errno)); + return dont_know; + } + + return host_and_port((struct sockaddr *)&ss, sslen); +} + +char *local_name(int sockfd) +{ + return __get_sock_name(sockfd, getsockname); +} + +char *remote_name(int sockfd) +{ + return __get_sock_name(sockfd, getpeername); +} + +/* + * Send out a buffer, resend on short writes. * - * Due to circumstances beyond your control, the kernel might not send all the - * data out in one chunk, and now, my friend, it's up to us to get the data out - * there (Beej's Guide to Network Programming). + * \param fd The file descriptor. + * \param buf The buffer to be sent. + * \param len The length of \a buf. * - * \return This function returns 1 on success and \a -E_SEND on errors. The - * number of bytes actually sent is stored upon successful return in \a len. + * \return Standard. In any case, the number of bytes actually sent is stored + * in \a len. */ static int sendall(int fd, const char *buf, size_t *len) { - size_t total = 0, bytesleft = *len; /* how many we have left to send */ - int n = -1; - - while (total < *len) { - n = send(fd, buf + total, bytesleft, 0); - if (n == -1) - break; - total += n; - bytesleft -= n; - if (total < *len) - PARA_DEBUG_LOG("short write (%zd byte(s) left)", - *len - total); + size_t total = *len; + + assert(total); + *len = 0; + while (*len < total) { + int ret = send(fd, buf + *len, total - *len, 0); + if (ret == -1) + return -ERRNO_TO_PARA_ERROR(errno); + *len += ret; } - *len = total; /* return number actually sent here */ - return n == -1? -E_SEND : 1; /* return 1 on success */ + return 1; } /** - * encrypt and send buffer + * Encrypt and send a binary buffer. * - * \param fd: the file descriptor - * \param buf the buffer to be encrypted and sent - * \param len the length of \a buf + * \param fd The file descriptor. + * \param buf The buffer to be encrypted and sent. + * \param len The length of \a buf. * - * Check if encrytpion is available. If yes, encrypt the given buffer. Send out - * the buffer, encrypted or not, and try to resend the remaing part in case of - * short writes. + * Check if encryption is available. If yes, encrypt the given buffer. Send + * out the buffer, encrypted or not, and try to resend the remaing part in case + * of short writes. * - * \return Positive on success, \p -E_SEND on errors. + * \return Standard. */ int send_bin_buffer(int fd, const char *buf, size_t len) { @@ -151,7 +359,8 @@ int send_bin_buffer(int fd, const char *buf, size_t len) cf = crypt_data_array[fd].send; if (cf) { void *private = crypt_data_array[fd].private_data; - unsigned char *outbuf = para_malloc(len); + /* RC4 may write more than len to the output buffer */ + unsigned char *outbuf = para_malloc(ROUND_UP(len, 8)); (*cf)(len, (unsigned char *)buf, outbuf, private); ret = sendall(fd, (char *)outbuf, &len); free(outbuf); @@ -161,14 +370,14 @@ int send_bin_buffer(int fd, const char *buf, size_t len) } /** - * encrypt and send null terminated buffer. + * Encrypt and send null terminated buffer. * - * \param fd the file descriptor - * \param buf the null-terminated buffer to be send + * \param fd The file descriptor. + * \param buf The null-terminated buffer to be send. * * This is equivalent to send_bin_buffer(fd, buf, strlen(buf)). * - * \return Positive on success, \p -E_SEND on errors. + * \return Standard. */ int send_buffer(int fd, const char *buf) { @@ -177,12 +386,12 @@ int send_buffer(int fd, const char *buf) /** - * send and encrypt a buffer given by a format string + * Send and encrypt a buffer given by a format string. * - * \param fd the file descriptor - * \param fmt a format string + * \param fd The file descriptor. + * \param fmt A format string. * - * \return Positive on success, \p -E_SEND on errors. + * \return Standard. */ __printf_2_3 int send_va_buffer(int fd, const char *fmt, ...) { @@ -196,18 +405,16 @@ __printf_2_3 int send_va_buffer(int fd, const char *fmt, ...) } /** - * receive and decrypt. + * Receive and decrypt. * - * \param fd the file descriptor - * \param buf the buffer to write the decrypted data to - * \param size the size of \a buf + * \param fd The file descriptor. + * \param buf The buffer to write the decrypted data to. + * \param size The size of \a buf. * - * Receive at most \a size bytes from filedescriptor fd. If encryption is + * Receive at most \a size bytes from file descriptor \a fd. If encryption is * available, decrypt the received buffer. * - * \return The number of bytes received on success. On receive errors, -E_RECV - * is returned. On crypt errors, the corresponding crypt error number is - * returned. + * \return The number of bytes received on success, negative on errors. * * \sa recv(2) */ @@ -231,21 +438,21 @@ __must_check int recv_bin_buffer(int fd, char *buf, size_t size) } else n = recv(fd, buf, size, 0); if (n == -1) - n = -E_RECV; + return -ERRNO_TO_PARA_ERROR(errno); return n; } /** - * receive, decrypt and write terminating NULL byte + * Receive, decrypt and write terminating NULL byte. * - * \param fd the file descriptor - * \param buf the buffer to write the decrypted data to - * \param size the size of \a buf + * \param fd The file descriptor. + * \param buf The buffer to write the decrypted data to. + * \param size The size of \a buf. * * Read and decrypt at most \a size - 1 bytes from file descriptor \a fd and * write a NULL byte at the end of the received data. * - * \return: The return value of the underlying call to \a recv_bin_buffer(). + * \return The return value of the underlying call to \a recv_bin_buffer(). * * \sa recv_bin_buffer() */ @@ -253,8 +460,7 @@ int recv_buffer(int fd, char *buf, size_t size) { int n; - if (!size) - return -E_RECV; + assert(size); n = recv_bin_buffer(fd, buf, size - 1); if (n >= 0) buf[n] = '\0'; @@ -264,73 +470,15 @@ int recv_buffer(int fd, char *buf, size_t size) } /** - * wrapper around gethostbyname - * - * \param host hostname or IPv4 address - * \param ret the hostent structure is returned here + * Wrapper around the accept system call. * - * \return positive on success, negative on errors. On success, \a ret - * contains the return value of the underlying gethostbyname() call. - * - * \sa gethostbyname(2) - */ -int get_host_info(char *host, struct hostent **ret) -{ - PARA_INFO_LOG("getting host info of %s\n", host); - /* FIXME: gethostbyname() is obsolete */ - *ret = gethostbyname(host); - return *ret? 1 : -E_HOST_INFO; -} - -/** - * a wrapper around socket(2) - * - * Create an IPv4 socket for sequenced, reliable, two-way, connection-based - * byte streams. - * - * \return The socket fd on success, -E_SOCKET on errors. - * - * \sa socket(2) - */ -int get_stream_socket(int domain) -{ - int socket_fd; - - if ((socket_fd = socket(domain, SOCK_STREAM, 0)) == -1) - return -E_SOCKET; - return socket_fd; -} - -/** - * a wrapper around connect(2) - * - * \param fd the file descriptor - * \param their_addr the address to connect - * - * \return \p -E_CONNECT on errors, 1 on success - * - * \sa connect(2) - */ -int para_connect(int fd, struct sockaddr_in *their_addr) -{ - int ret; - - if ((ret = connect(fd, (struct sockaddr *)their_addr, - sizeof(struct sockaddr))) == -1) - return -E_CONNECT; - return 1; -} - -/** - * paraslash's wrapper around the accept system call - * - * \param fd the listening socket - * \param addr structure which is filled in with the address of the peer socket - * \param size should contain the size of the structure pointed to by \a addr + * \param fd The listening socket. + * \param addr Structure which is filled in with the address of the peer socket. + * \param size Should contain the size of the structure pointed to by \a addr. * * Accept incoming connections on \a addr. Retry if interrupted. * - * \return The new file descriptor on success, \a -E_ACCEPT on errors. + * \return The new file descriptor on success, negative on errors. * * \sa accept(2). */ @@ -341,17 +489,7 @@ int para_accept(int fd, void *addr, socklen_t size) do new_fd = accept(fd, (struct sockaddr *) addr, &size); while (new_fd < 0 && errno == EINTR); - return new_fd < 0? -E_ACCEPT : new_fd; -} - -static int setserversockopts(int socket_fd) -{ - int yes = 1; - - if (setsockopt(socket_fd, SOL_SOCKET, SO_REUSEADDR, &yes, - sizeof(int)) == -1) - return -E_SETSOCKOPT; - return 1; + return new_fd < 0? -ERRNO_TO_PARA_ERROR(errno) : new_fd; } /** @@ -365,7 +503,7 @@ static int setserversockopts(int socket_fd) * \return Positive on success, \p -E_NAME_TOO_LONG if \a name is longer * than \p UNIX_PATH_MAX. */ -int init_unix_addr(struct sockaddr_un *u, const char *name) +static int init_unix_addr(struct sockaddr_un *u, const char *name) { if (strlen(name) >= UNIX_PATH_MAX) return -E_NAME_TOO_LONG; @@ -382,7 +520,7 @@ int init_unix_addr(struct sockaddr_un *u, const char *name) * \param unix_addr Pointer to the \p AF_UNIX socket structure. * \param mode The desired mode of the socket. * - * This functions creates a local socket for sequenced, reliable, + * This function creates a local socket for sequenced, reliable, * two-way, connection-based byte streams. * * \return The file descriptor, on success, negative on errors. @@ -399,12 +537,15 @@ int create_local_socket(const char *name, struct sockaddr_un *unix_addr, ret = init_unix_addr(unix_addr, name); if (ret < 0) return ret; - fd = socket(PF_UNIX, SOCK_STREAM, 0); - if (fd < 0) - return -E_SOCKET; - ret = -E_BIND; - if (bind(fd, (struct sockaddr *) unix_addr, UNIX_PATH_MAX) < 0) + ret = socket(PF_UNIX, SOCK_STREAM, 0); + if (ret < 0) + return -ERRNO_TO_PARA_ERROR(errno); + fd = ret; + ret = bind(fd, (struct sockaddr *) unix_addr, UNIX_PATH_MAX); + if (ret < 0) { + ret = -ERRNO_TO_PARA_ERROR(errno); goto err; + } ret = -E_CHMOD; if (chmod(name, mode) < 0) goto err; @@ -414,6 +555,39 @@ err: return ret; } +/** + * Prepare, create, and connect to a Unix domain socket for local communication. + * + * \param name The socket pathname. + * + * This function creates a local socket for sequenced, reliable, two-way, + * connection-based byte streams. + * + * \return The file descriptor, on success, negative on errors. + * + * \sa create_local_socket(), unix(7), connect(2) + */ +int create_remote_socket(const char *name) +{ + struct sockaddr_un unix_addr; + int fd, ret; + + ret = init_unix_addr(&unix_addr, name); + if (ret < 0) + return ret; + fd = socket(PF_UNIX, SOCK_STREAM, 0); + if (fd < 0) + return -ERRNO_TO_PARA_ERROR(errno); + if (connect(fd, (struct sockaddr *)&unix_addr, sizeof(unix_addr)) == -1) { + ret = -ERRNO_TO_PARA_ERROR(errno); + goto err; + } + return fd; +err: + close(fd); + return ret; +} + #ifndef HAVE_UCRED ssize_t send_cred_buffer(int sock, char *buf) { @@ -431,7 +605,7 @@ int recv_cred_buffer(int fd, char *buf, size_t size) * \param buf the buffer to be sent * * \return On success, this call returns the number of characters sent. On - * error, \p -E_SENDMSG ist returned. + * error, \p -E_SENDMSG is returned. * * \sa okir's Black Hats Manual * \sa sendmsg(2) @@ -531,50 +705,6 @@ int recv_cred_buffer(int fd, char *buf, size_t size) } #endif /* HAVE_UCRED */ -/** how many pending connections queue will hold */ -#define BACKLOG 10 - -/** - * create a socket, bind it and listen - * - * \param port the tcp port to listen on - * - * \return The file descriptor of the created socket, negative - * on errors. - * - * \sa get_stream_socket() - * \sa setsockopt(2) - * \sa bind(2) - * \sa listen(2) - */ -int init_tcp_socket(int port) -{ - struct sockaddr_in my_addr; - int fd, ret = get_stream_socket(AF_INET); - - if (ret < 0) - return ret; - fd = ret; - ret = setserversockopts(fd); - if (ret < 0) - goto err; - init_sockaddr(&my_addr, port, NULL); - ret = -E_BIND; - if (bind(fd, (struct sockaddr *)&my_addr, - sizeof(struct sockaddr)) == -1) { - PARA_CRIT_LOG("bind error: %s\n", strerror(errno)); - goto err; - } - ret = -E_LISTEN; - if (listen(fd, BACKLOG) == -1) - goto err; - PARA_INFO_LOG("listening on port %d, fd %d\n", port, fd); - return fd; -err: - close(fd); - return ret; -} - /** * receive a buffer and check for a pattern *