X-Git-Url: http://git.tuebingen.mpg.de/?p=paraslash.git;a=blobdiff_plain;f=net.c;h=2f720b10477aee8214cac5a5223ca4378b29bd5f;hp=0a0d80348d3e4c4ec172b70929c5d7e99164c6a1;hb=bda95f9508b456dcea89d300f6d4104e30ab9f3e;hpb=9f28e488bb8de111706e163671e39ee71a31e69c diff --git a/net.c b/net.c index 0a0d8034..2f720b10 100644 --- a/net.c +++ b/net.c @@ -1,296 +1,873 @@ /* - * Copyright (C) 2005-2006 Andre Noll + * Copyright (C) 2005-2011 Andre Noll * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111, USA. + * Licensed under the GPL v2. For licencing details see COPYING. */ -/** \file net.c networking-related helper functions */ +/** \file net.c Networking-related helper functions. */ + +/* + * Since glibc 2.8, the _GNU_SOURCE feature test macro must be defined in order + * to obtain the definition of the ucred structure. + */ +#define _GNU_SOURCE -#include "para.h" -#include "net.h" #include + +/* At least NetBSD needs these. */ +#ifndef AI_V4MAPPED +#define AI_V4MAPPED 0 +#endif +#ifndef AI_ALL +#define AI_ALL 0 +#endif +#ifndef AI_ADDRCONFIG +#define AI_ADDRCONFIG 0 +#endif + +#include + +#include "para.h" #include "error.h" +#include "net.h" #include "string.h" +#include "list.h" +#include "fd.h" + +/** + * Parse and validate IPv4 address/netmask string. + * + * \param cidr Address in CIDR notation + * \param addr Copy of the IPv4 address part of \a cidr + * \param addrlen Size of \a addr in bytes + * \param netmask Value of the netmask part in \a cidr or the + * default of 32 if not specified. + * + * \return Pointer to \a addr if succesful, NULL on error. + * \sa RFC 4632 + */ +char *parse_cidr(const char *cidr, + char *addr, ssize_t addrlen, + int32_t *netmask) +{ + const char *o = cidr; + char *c = addr, *end = c + (addrlen - 1); + + *netmask = 0x20; + + if (cidr == NULL || addrlen < 1) + goto failed; + + for (o = cidr; (*c = *o == '/'? '\0' : *o); c++, o++) + if (c == end) + goto failed; + + if (*o == '/') + if (para_atoi32(++o, netmask) < 0 || + *netmask < 0 || *netmask > 0x20) + goto failed; + + if (is_valid_ipv4_address(addr)) + return addr; +failed: + *addr = '\0'; + return NULL; +} -extern void (*crypt_function_recv)(unsigned long len, const unsigned char *indata, unsigned char *outdata); -extern void (*crypt_function_send)(unsigned long len, const unsigned char *indata, unsigned char *outdata); /** - * initialize a struct sockaddr_in - * @param addr A pointer to the struct to be initialized - * @param port The port number to use - * @param he The address to use - * - * If \a he is null (server mode), \a addr->sin_addr is initialized with \p INADDR_ANY. - * Otherwise, the address given by \a he is copied to addr. - */ -void init_sockaddr(struct sockaddr_in *addr, int port, const struct hostent *he) -{ - /* host byte order */ - addr->sin_family = AF_INET; - /* short, network byte order */ - addr->sin_port = htons(port); - if (he) - addr->sin_addr = *((struct in_addr *)he->h_addr); - else - addr->sin_addr.s_addr = INADDR_ANY; - /* zero the rest of the struct */ - memset(&addr->sin_zero, '\0', 8); + * Match string as a candidate IPv4 address. + * + * \param address The string to match. + * \return True if \a address has "dot-quad" format. + */ +static bool is_v4_dot_quad(const char *address) +{ + bool result; + regex_t r; + + assert(para_regcomp(&r, "^([0-9]+\\.){3}[0-9]+$", + REG_EXTENDED | REG_NOSUB) >= 0); + result = regexec(&r, address, 0, NULL, 0) == 0; + regfree(&r); + return result; } -/* - * send out a buffer, resend on short writes - * @param fd the file descriptor - * @param buf The buffer to be sent - * @len The length of \a buf +/** + * Perform basic syntax checking on the host-part of an URL: + * + * - Since ':' is invalid in IPv4 addresses and DNS names, the + * presence of ':' causes interpretation as IPv6 address; + * - next the first-match-wins algorithm from RFC 3986 is applied; + * - else the string is considered as DNS name, to be resolved later. * - * Due to circumstances beyond your control, the kernel might not send all the - * data out in one chunk, and now, my friend, it's up to us to get the data out - * there (Beej's Guide to Network Programming). + * \param host The host string to check. + * \return True if \a host passes the syntax checks. + * + * \sa RFC 3986, 3.2.2; RFC 1123, 2.1; RFC 1034, 3.5 */ -static int sendall(int fd, const char *buf, size_t *len) +static bool host_string_ok(const char *host) { - int total = 0; /* how many bytes we've sent */ - int bytesleft = *len; /* how many we have left to send */ - int n = -1; + if (host == NULL || *host == '\0') + return false; + if (strchr(host, ':') != NULL) + return is_valid_ipv6_address(host); + if (is_v4_dot_quad(host)) + return is_valid_ipv4_address(host); + return true; +} - while (total < *len) { - n = send(fd, buf + total, bytesleft, 0); - if (n == -1) - break; - total += n; - bytesleft -= n; - if (total < *len) - PARA_DEBUG_LOG("short write (%d byte(s) left)", - *len - total); +/** + * Parse and validate URL string. + * + * The URL syntax is loosely based on RFC 3986, supporting one of + * - "["host"]"[:port] for native IPv6 addresses and + * - host[:port] for IPv4 hostnames and DNS names. + * + * Native IPv6 addresses must be enclosed in square brackets, since + * otherwise there is an ambiguity with the port separator `:'. + * The 'port' part is always considered to be a number; if absent, + * it is set to -1, to indicate that a default port is to be used. + * + * The following are valid examples: + * - 10.10.1.1 + * - 10.10.1.2:8000 + * - localhost + * - localhost:8001 + * - [::1]:8000 + * - [badc0de::1] + * + * \param url The URL string to take apart. + * \param host To return the copied host part of \a url. + * \param hostlen The maximum length of \a host. + * \param port To return the port number (if any) of \a url. + * + * \return Pointer to \a host, or NULL if failed. + * If NULL is returned, \a host and \a portnum are undefined. If no + * port number was present in \a url, \a portnum is set to -1. + * + * \sa RFC 3986, 3.2.2/3.2.3 + */ +char *parse_url(const char *url, + char *host, ssize_t hostlen, + int32_t *port) +{ + const char *o = url; + char *c = host, *end = c + (hostlen - 1); + + *port = -1; + + if (o == NULL || hostlen < 1) + goto failed; + + if (*o == '[') { + for (++o; (*c = *o == ']' ? '\0' : *o); c++, o++) + if (c == end) + goto failed; + + if (*o++ != ']' || (*o != '\0' && *o != ':')) + goto failed; + } else { + for (; (*c = *o == ':'? '\0' : *o); c++, o++) + if (c == end) + goto failed; + } + + if (*o == ':') + if (para_atoi32(++o, port) < 0 || + *port < 0 || *port > 0xffff) + goto failed; + + if (host_string_ok(host)) + return host; +failed: + *host = '\0'; + return NULL; +} + +/** + * Stringify port number, resolve into service name where defined. + * \param port 2-byte port number, in host-byte-order. + * \param transport Transport protocol name (e.g. "udp", "tcp"), or NULL. + * \return Pointer to static result buffer. + * + * \sa getservent(3), services(5), nsswitch.conf(5) + */ +const char *stringify_port(int port, const char *transport) +{ + static char service[NI_MAXSERV]; + + if (port < 0 || port > 0xFFFF) { + snprintf(service, sizeof(service), "undefined (%d)", port); + } else { + struct servent *se = getservbyport(htons(port), transport); + + if (se == NULL) + snprintf(service, sizeof(service), "%u", port); + else + snprintf(service, sizeof(service), "%s", se->s_name); } - *len = total; /* return number actually sent here */ - return n == -1? -E_SEND : 1; /* return 1 on success */ + return service; } /** - * encrypt and send buffer - * @param fd: the file descriptor - * @param buf the buffer to be encrypted and sent - * @param len the length of \a buf + * Determine the socket type for a given layer-4 protocol. * - * Check if encrytion is available. If yes, encrypt the given buffer. Send out - * the buffer, encrypted or not, and try to resend the remaing part in case of - * short writes. + * \param l4type The symbolic name of the transport-layer protocol. * - * @return Positive on success, \p -E_SEND on errors. + * \sa ip(7), socket(2) */ -int send_bin_buffer(int fd, const char *buf, size_t len) +static inline int sock_type(const unsigned l4type) { - int ret; + switch (l4type) { + case IPPROTO_UDP: return SOCK_DGRAM; + case IPPROTO_TCP: return SOCK_STREAM; + case IPPROTO_DCCP: return SOCK_DCCP; + } + return -1; /* not supported here */ +} - if (!len) - PARA_CRIT_LOG("%s", "len == 0\n"); - if (crypt_function_send) { - unsigned char *outbuf = para_malloc(len); - crypt_function_send(len, (unsigned char *)buf, outbuf); - ret = sendall(fd, (char *)outbuf, &len); - free(outbuf); - } else - ret = sendall(fd, buf, &len); - return ret; +/** + * Pretty-print transport-layer name. + */ +static const char *layer4_name(const unsigned l4type) +{ + switch (l4type) { + case IPPROTO_UDP: return "UDP"; + case IPPROTO_TCP: return "TCP"; + case IPPROTO_DCCP: return "DCCP"; + } + return "UNKNOWN PROTOCOL"; } /** - * encrypt and send null terminated buffer. - * @param fd the file descriptor - * @param buf the null-terminated buffer to be send + * Flowopts: Transport-layer independent encapsulation of socket options. * - * This is equivalent to send_bin_buffer(fd, buf, strlen(buf)). + * These collect individual socket options into a queue, which is disposed of + * directly after makesock(). The 'pre_conn_opt' structure is for internal use + * only and should not be visible elsewhere. * - * @return Positive on success, \p -E_SEND on errors. + * \sa setsockopt(2), makesock() */ -int send_buffer(int fd, const char *buf) +struct pre_conn_opt { + int sock_level; /**< Second argument to setsockopt() */ + int sock_option; /**< Third argument to setsockopt() */ + char *opt_name; /**< Stringified \a sock_option */ + void *opt_val; /**< Fourth argument to setsockopt() */ + socklen_t opt_len; /**< Fifth argument to setsockopt() */ + + struct list_head node; /**< FIFO, as sockopt order matters. */ +}; + +/** FIFO list of pre-connection socket options to be set */ +struct flowopts { + struct list_head sockopts; +}; + +struct flowopts *flowopt_new(void) { - return send_bin_buffer(fd, buf, strlen(buf)); + struct flowopts *new = para_malloc(sizeof(*new)); + + INIT_LIST_HEAD(&new->sockopts); + return new; } +/** + * Append new socket option to flowopt queue. + * + * \param fo The flowopt queue to append to. + * \param lev Level at which \a opt resides. + * \param opt New option to add. + * \param name Stringified name of \a opt. + * \param val The value to set \a opt to. + * \param len Length of \a val. + * + * \sa setsockopt(2) + */ +void flowopt_add(struct flowopts *fo, int lev, int opt, + const char *name, const void *val, int len) +{ + struct pre_conn_opt *new = para_malloc(sizeof(*new)); + + new->sock_option = opt; + new->sock_level = lev; + new->opt_name = para_strdup(name); + + if (val == NULL) { + new->opt_val = NULL; + new->opt_len = 0; + } else { + new->opt_val = para_malloc(len); + new->opt_len = len; + memcpy(new->opt_val, val, len); + } + + list_add_tail(&new->node, &fo->sockopts); +} + +void flowopt_add_bool(struct flowopts *fo, int lev, int opt, + const char *optname, bool on_or_off) +{ + int on = on_or_off; /* kernel takes 'int' */ + + flowopt_add(fo, lev, opt, optname, &on, sizeof(on)); +} + +/** Set the entire bunch of pre-connection options at once. */ +static void flowopt_setopts(int sockfd, struct flowopts *fo) +{ + struct pre_conn_opt *pc; + + if (fo == NULL) + return; + + list_for_each_entry(pc, &fo->sockopts, node) + if (setsockopt(sockfd, pc->sock_level, pc->sock_option, + pc->opt_val, pc->opt_len) < 0) { + PARA_EMERG_LOG("Can not set %s socket option: %s", + pc->opt_name, strerror(errno)); + exit(EXIT_FAILURE); + } +} + +static void flowopt_cleanup(struct flowopts *fo) +{ + struct pre_conn_opt *cur, *next; + + if (fo == NULL) + return; + + list_for_each_entry_safe(cur, next, &fo->sockopts, node) { + free(cur->opt_name); + free(cur->opt_val); + free(cur); + } + free(fo); +} /** - * send and encrypt a buffer given by a format string - * @param fd the file descriptor - * @param fmt a format string + * Resolve IPv4/IPv6 address and create a ready-to-use active or passive socket. + * + * \param l4type The layer-4 type (\p IPPROTO_xxx). + * \param passive Whether this is a passive (1) or active (0) socket. + * \param host Remote or local hostname or IPv/6 address string. + * \param port_number Decimal port number. + * \param fo Socket options to be set before making the connection. + * + * This creates a ready-made IPv4/v6 socket structure after looking up the + * necessary parameters. The interpretation of \a host depends on the value of + * \a passive: + * - on a passive socket host is interpreted as an interface IPv4/6 address + * (can be left NULL); + * - on an active socket, \a host is the peer DNS name or IPv4/6 address + * to connect to; + * - \a port_number is in either case the numeric port number (not service + * string). * - * @return Positive on success, \p -E_SEND on errors. + * Furthermore, bind(2) is called on passive sockets, and connect(2) on active + * sockets. The algorithm tries all possible address combinations until it + * succeeds. If \a fo is supplied, options are set and cleanup is performed. + * + * \return This function returns 1 on success and \a -E_ADDRESS_LOOKUP when no + * matching connection could be set up (with details in the error log). + * + * \sa ipv6(7), getaddrinfo(3), bind(2), connect(2). */ -__printf_2_3 int send_va_buffer(int fd, char *fmt, ...) +int makesock(unsigned l4type, bool passive, + const char *host, uint16_t port_number, + struct flowopts *fo) { - char *msg; - int ret; + struct addrinfo *local = NULL, *src = NULL, *remote = NULL, + *dst = NULL, hints; + unsigned int l3type = AF_UNSPEC; + int rc, on = 1, sockfd = -1, + socktype = sock_type(l4type); + char port[6]; /* port number has at most 5 digits */ - PARA_VSPRINTF(fmt, msg); - ret = send_buffer(fd, msg); - free(msg); - return ret; + sprintf(port, "%u", port_number); + /* Set up address hint structure */ + memset(&hints, 0, sizeof(hints)); + hints.ai_family = l3type; + hints.ai_socktype = socktype; + /* + * getaddrinfo does not support SOCK_DCCP, so for the sake of lookup + * (and only then) pretend to be UDP. + */ + if (l4type == IPPROTO_DCCP) + hints.ai_socktype = SOCK_DGRAM; + + /* only use addresses available on the host */ + hints.ai_flags = AI_ADDRCONFIG; + if (l3type == AF_INET6) + /* use v4-mapped-v6 if no v6 addresses found */ + hints.ai_flags |= AI_V4MAPPED | AI_ALL; + + if (passive && host == NULL) + hints.ai_flags |= AI_PASSIVE; + + /* Obtain local/remote address information */ + if ((rc = getaddrinfo(host, port, &hints, passive ? &local : &remote))) { + PARA_ERROR_LOG("can not resolve %s address %s#%s: %s.\n", + layer4_name(l4type), + host? host : (passive? "[loopback]" : "[localhost]"), + port, gai_strerror(rc)); + rc = -E_ADDRESS_LOOKUP; + goto out; + } + + /* Iterate over all src/dst combination, exhausting dst first */ + for (src = local, dst = remote; src != NULL || dst != NULL; /* no op */ ) { + if (src && dst && src->ai_family == AF_INET + && dst->ai_family == AF_INET6) + goto get_next_dst; /* v4 -> v6 is not possible */ + + sockfd = socket(src ? src->ai_family : dst->ai_family, + socktype, l4type); + if (sockfd < 0) + goto get_next_dst; + + /* + * Reuse the address on passive sockets to avoid failure on + * restart (protocols using listen()) and when creating + * multiple listener instances (UDP multicast). + */ + if (passive && setsockopt(sockfd, SOL_SOCKET, SO_REUSEADDR, + &on, sizeof(on)) == -1) { + rc = errno; + close(sockfd); + PARA_ERROR_LOG("can not set SO_REUSEADDR: %s\n", + strerror(rc)); + rc = -ERRNO_TO_PARA_ERROR(rc); + break; + } + flowopt_setopts(sockfd, fo); + + if (src) { + if (bind(sockfd, src->ai_addr, src->ai_addrlen) < 0) { + close(sockfd); + goto get_next_src; + } + if (!dst) /* bind-only completed successfully */ + break; + } + + if (dst && connect(sockfd, dst->ai_addr, dst->ai_addrlen) == 0) + break; /* connection completed successfully */ + close(sockfd); +get_next_dst: + if (dst && (dst = dst->ai_next)) + continue; +get_next_src: + if (src && (src = src->ai_next)) /* restart inner loop */ + dst = remote; + } +out: + if (local) + freeaddrinfo(local); + if (remote) + freeaddrinfo(remote); + flowopt_cleanup(fo); + + if (src == NULL && dst == NULL) { + if (rc >= 0) + rc = -E_MAKESOCK; + PARA_ERROR_LOG("can not create %s socket %s#%s.\n", + layer4_name(l4type), host? host : (passive? + "[loopback]" : "[localhost]"), port); + return rc; + } + return sockfd; } /** - * receive and decrypt. + * Create a passive / listening socket. * - * @param fd the file descriptor - * @param buf the buffer to write the decrypted data to - * @param size the size of @param buf + * \param l4type The transport-layer type (\p IPPROTO_xxx). + * \param port The decimal port number to listen on. + * \param fo Flowopts (if any) to set before starting to listen. * - * Receive at most \a size bytes from filedescriptor fd. If encrytion is - * available, decrypt the received buffer. + * \return Positive integer (socket descriptor) on success, negative value + * otherwise. * - * @return the number of bytes received on success. On receive errors, -E_RECV - * is returned. On crypt errors, the corresponding crypt error number is - * returned. - * \sa recv(2) + * \sa makesock(), ip(7), ipv6(7), bind(2), listen(2). */ -__must_check int recv_bin_buffer(int fd, char *buf, ssize_t size) +int para_listen(unsigned l4type, uint16_t port, struct flowopts *fo) { - int n; + int ret, fd = makesock(l4type, 1, NULL, port, fo); - if (crypt_function_recv) { - unsigned char *tmp = para_malloc(size); - n = recv(fd, tmp, size, 0); - if (n > 0) - crypt_function_recv(n, tmp, (unsigned char *)buf); - free(tmp); - } else - n = recv(fd, buf, size, 0); - if (n == -1) - n = -E_RECV; - return n; + if (fd > 0) { + ret = listen(fd, BACKLOG); + if (ret < 0) { + ret = errno; + close(fd); + return -ERRNO_TO_PARA_ERROR(ret); + } + PARA_INFO_LOG("listening on %s port %u, fd %d\n", + layer4_name(l4type), port, fd); + } + return fd; +} + +/** + * Determine IPv4/v6 socket address length. + * \param sa Container of IPv4 or IPv6 address. + * \return Address-family dependent address length. + */ +static socklen_t salen(const struct sockaddr *sa) +{ + assert(sa->sa_family == AF_INET || sa->sa_family == AF_INET6); + + return sa->sa_family == AF_INET6 + ? sizeof(struct sockaddr_in6) + : sizeof(struct sockaddr_in); +} + +/** True if @ss holds a v6-mapped-v4 address (RFC 4291, 2.5.5.2) */ +static bool SS_IS_ADDR_V4MAPPED(const struct sockaddr_storage *ss) +{ + const struct sockaddr_in6 *ia6 = (const struct sockaddr_in6 *)ss; + + return ss->ss_family == AF_INET6 && IN6_IS_ADDR_V4MAPPED(&ia6->sin6_addr); +} + +/** + * Process IPv4/v6 address, turn v6-mapped-v4 address into normal IPv4 address. + * \param ss Container of IPv4/6 address. + * \return Pointer to normalized address (may be static storage). + * + * \sa RFC 3493 + */ +static const struct sockaddr * +normalize_ip_address(const struct sockaddr_storage *ss) +{ + assert(ss->ss_family == AF_INET || ss->ss_family == AF_INET6); + + if (SS_IS_ADDR_V4MAPPED(ss)) { + const struct sockaddr_in6 *ia6 = (const struct sockaddr_in6 *)ss; + static struct sockaddr_in ia; + + ia.sin_family = AF_INET; + ia.sin_port = ia6->sin6_port; + memcpy(&ia.sin_addr.s_addr, &(ia6->sin6_addr.s6_addr[12]), 4); + return (const struct sockaddr *)&ia; + } + return (const struct sockaddr *)ss; +} + +/** + * Generic/fallback MTU values + * + * These are taken from RFC 1122, RFC 2460, and RFC 5405. + * - RFC 1122, 3.3.3 defines EMTU_S ("Effective MTU for sending") and recommends + * to use an EMTU_S size of of 576 bytes if the IPv4 path MTU is unknown; + * - RFC 2460, 5. requires a minimum IPv6 MTU of 1280 bytes; + * - RFC 5405, 3.2 recommends that if path MTU discovery is not done, + * UDP senders should use the respective minimum values of EMTU_S. + */ +static inline int generic_mtu(const int af_type) +{ + return af_type == AF_INET6 ? 1280 : 576; +} + +/** Crude approximation of IP header overhead - neglecting options. */ +static inline int estimated_header_overhead(const int af_type) +{ + return af_type == AF_INET6 ? 40 : 20; +} + +/** + * Maximum transport-layer message size (MMS_S) as per RFC 1122, 3.3.3 + * Socket must be connected. + */ +int generic_max_transport_msg_size(int sockfd) +{ + struct sockaddr_storage ss; + socklen_t sslen = sizeof(ss); + int af_type = AF_INET; + + if (getpeername(sockfd, (struct sockaddr *)&ss, &sslen) < 0) { + PARA_ERROR_LOG("can not determine remote address type: %s\n", + strerror(errno)); + } else if (!SS_IS_ADDR_V4MAPPED(&ss)) { + af_type = ss.ss_family; + } + return generic_mtu(af_type) - estimated_header_overhead(af_type); } /** - * receive, decrypt and write terminating NULL byte + * Look up the local or remote side of a connected socket structure. * - * @param fd the file descriptor - * @param buf the buffer to write the decrypted data to - * @param size the size of \a buf + * \param fd The socket descriptor of the connected socket. + * \param getname Either \p getsockname() for local, or \p getpeername() for + * remote side. * - * Read and decrypt at most size - 1 bytes from file descriptor \a fd and write - * a NULL byte at the end of the received data. + * \return A static character string identifying hostname and port of the + * chosen side in numeric host:port format. * -*/ -int recv_buffer(int fd, char *buf, ssize_t size) + * \sa getsockname(2), getpeername(2), parse_url(), getnameinfo(3), + * services(5), nsswitch.conf(5). + */ +static char *__get_sock_name(int fd, int (*getname)(int, struct sockaddr*, + socklen_t *)) { - int n; + struct sockaddr_storage ss; + const struct sockaddr *sa; + socklen_t sslen = sizeof(ss); + char hbuf[NI_MAXHOST], sbuf[NI_MAXSERV]; + static char output[sizeof(hbuf) + sizeof(sbuf) + 4]; + int ret; - if ((n = recv_bin_buffer(fd, buf, size - 1)) >= 0) - buf[n] = '\0'; - return n; + if (getname(fd, (struct sockaddr *)&ss, &sslen) < 0) { + PARA_ERROR_LOG("can not determine address from fd %d: %s\n", + fd, strerror(errno)); + snprintf(output, sizeof(output), "(unknown)"); + return output; + } + sa = normalize_ip_address(&ss); + ret = getnameinfo(sa, salen(sa), hbuf, sizeof(hbuf), sbuf, + sizeof(sbuf), NI_NUMERICHOST | NI_NUMERICSERV); + if (ret) { + PARA_WARNING_LOG("hostname lookup error (%s).\n", + gai_strerror(ret)); + snprintf(output, sizeof(output), "(lookup error)"); + } else if (sa->sa_family == AF_INET6) + snprintf(output, sizeof(output), "[%s]:%s", hbuf, sbuf); + else + snprintf(output, sizeof(output), "%s:%s", hbuf, sbuf); + return output; } /** - * wrapper around gethostbyname + * Look up the local side of a connected socket structure. + * + * \param sockfd The file descriptor of the socket. * - * @param host hostname or IPv4 address - * \return The hostent structure or a NULL pointer if an error occurs - * \sa gethostbyname(2) + * \return A pointer to a static buffer containing hostname an port. This + * buffer must not be freed by the caller. + * + * \sa remote_name(). */ -struct hostent *get_host_info(char *host) +char *local_name(int sockfd) { - PARA_INFO_LOG("getting host info of %s\n", host); - /* FIXME: gethostbyname() is obsolete */ - return gethostbyname(host); + return __get_sock_name(sockfd, getsockname); } /** - * a wrapper around socket(2) + * Look up the remote side of a connected socket structure. * - * Create an IPv4 socket for sequenced, reliable, two-way, connection-based - * byte streams. + * \param sockfd The file descriptor of the socket. * - * @return The socket fd on success, -E_SOCKET on errors. - * \sa socket(2) + * \return Analogous to the return value of \ref local_name() but for the + * remote side. + * + * \sa local_name(). + */ +char *remote_name(int sockfd) +{ + return __get_sock_name(sockfd, getpeername); +} + +/** + * Extract IPv4 or IPv6-mapped-IPv4 address from sockaddr_storage. + * \param ss Container of IPv4/6 address + * \return Extracted IPv4 address (different from 0) or 0 if unsuccessful. + * + * \sa RFC 3493 */ -int get_socket(void) +struct in_addr extract_v4_addr(const struct sockaddr_storage *ss) { - int socket_fd; + struct in_addr ia = {.s_addr = 0}; + const struct sockaddr *sa = normalize_ip_address(ss); - if ((socket_fd = socket(AF_INET, SOCK_STREAM, 0)) == -1) - return -E_SOCKET; - return socket_fd; + if (sa->sa_family == AF_INET) + ia = ((struct sockaddr_in *)sa)->sin_addr; + return ia; } /** - * a wrapper around connect(2) + * Send a binary buffer. + * + * \param fd The file descriptor. + * \param buf The buffer to be sent. + * \param len The length of \a buf. * - * @param fd the file descriptor - * @param their_addr the address to connect + * Send out the buffer and try to resend the remaining part in case of short + * writes. * - * @return \p -E_CONNECT on errors, 1 on success - * \sa connect(2) + * \return Standard. */ -int para_connect(int fd, struct sockaddr_in *their_addr) +int send_bin_buffer(int fd, const char *buf, size_t len) { + if (!len) + PARA_CRIT_LOG("len == 0\n"); + return write_all(fd, buf, &len); +} + +/** + * Send a \p NULL-terminated buffer. + * + * \param fd The file descriptor. + * \param buf The null-terminated buffer to be send. + * + * This is equivalent to send_bin_buffer(fd, buf, strlen(buf)). + * + * \return Standard. + */ +int send_buffer(int fd, const char *buf) +{ + return send_bin_buffer(fd, buf, strlen(buf)); +} + +/** + * Send a buffer given by a format string. + * + * \param fd The file descriptor. + * \param fmt A format string. + * + * \return Standard. + */ +__printf_2_3 int send_va_buffer(int fd, const char *fmt, ...) +{ + char *msg; int ret; - if ((ret = connect(fd, (struct sockaddr *)their_addr, - sizeof(struct sockaddr))) == -1) - return -E_CONNECT; - return 1; + PARA_VSPRINTF(fmt, msg); + ret = send_buffer(fd, msg); + free(msg); + return ret; } /** - * paraslash's wrapper around the accept system call + * Receive data from a file descriptor. * - * @param fd the listening socket - * @param addr structure which is filled in with the address of the peer socket - * @param size should contain the size of the structure pointed to by \a addr + * \param fd The file descriptor. + * \param buf The buffer to write the data to. + * \param size The size of \a buf. * - * \sa accept(2). + * Receive at most \a size bytes from file descriptor \a fd. + * + * \return The number of bytes received on success, negative on errors, zero if + * the peer has performed an orderly shutdown. + * + * \sa recv(2). */ -int para_accept(int fd, void *addr, socklen_t size) +__must_check int recv_bin_buffer(int fd, char *buf, size_t size) { - int new_fd; + ssize_t n; - new_fd = accept(fd, (struct sockaddr *) addr, &size); - return new_fd == -1? -E_ACCEPT : new_fd; + n = recv(fd, buf, size, 0); + if (n == -1) + return -ERRNO_TO_PARA_ERROR(errno); + return n; } -static int setserversockopts(int socket_fd) +/** + * Receive and write terminating NULL byte. + * + * \param fd The file descriptor. + * \param buf The buffer to write the data to. + * \param size The size of \a buf. + * + * Read at most \a size - 1 bytes from file descriptor \a fd and + * write a NULL byte at the end of the received data. + * + * \return The return value of the underlying call to \a recv_bin_buffer(). + * + * \sa recv_bin_buffer() + */ +int recv_buffer(int fd, char *buf, size_t size) { - int yes = 1; + int n; - if (setsockopt(socket_fd, SOL_SOCKET, SO_REUSEADDR, &yes, - sizeof(int)) == -1) - return -E_SETSOCKOPT; - return 1; + assert(size); + n = recv_bin_buffer(fd, buf, size - 1); + if (n >= 0) + buf[n] = '\0'; + else + *buf = '\0'; + return n; } -static int do_bind(int socket_fd, struct sockaddr_in *my_addr) +/** + * Wrapper around the accept system call. + * + * \param fd The listening socket. + * \param rfds An optional fd_set pointer. + * \param addr Structure which is filled in with the address of the peer socket. + * \param size Should contain the size of the structure pointed to by \a addr. + * \param new_fd Result pointer. + * + * Accept incoming connections on \a addr, retry if interrupted. If \a rfds is + * not \p NULL, return 0 if \a fd is not set in \a rfds without calling accept(). + * + * \return Negative on errors, zero if no connections are present to be accepted, + * one otherwise. + * + * \sa accept(2). + */ +int para_accept(int fd, fd_set *rfds, void *addr, socklen_t size, int *new_fd) { - if (bind(socket_fd, (struct sockaddr *)my_addr, - sizeof(struct sockaddr)) == -1) - return -E_BIND; - return 1; + int ret; + + if (rfds && !FD_ISSET(fd, rfds)) + return 0; + do + ret = accept(fd, (struct sockaddr *) addr, &size); + while (ret < 0 && errno == EINTR); + + if (ret >= 0) { + *new_fd = ret; + return 1; + } + if (errno == EAGAIN || errno == EWOULDBLOCK) + return 0; + return -ERRNO_TO_PARA_ERROR(errno); +} + +/** + * Probe the list of DCCP CCIDs configured on this host. + * \param ccid_array Pointer to return statically allocated array in. + * \return Number of elements returned in \a ccid_array or error. + * + * NB: This feature is only available on Linux > 2.6.30; on older kernels + * ENOPROTOOPT ("Protocol not available") will be returned. + */ +int dccp_available_ccids(uint8_t **ccid_array) +{ + static uint8_t ccids[DCCP_MAX_HOST_CCIDS]; + socklen_t nccids = sizeof(ccids); + int ret, fd; + + ret = fd = makesock(IPPROTO_DCCP, 1, NULL, 0, NULL); + if (ret < 0) + return ret; + + if (getsockopt(fd, SOL_DCCP, DCCP_SOCKOPT_AVAILABLE_CCIDS, + ccids, &nccids) < 0) { + ret = errno; + close(fd); + PARA_ERROR_LOG("No DCCP_SOCKOPT_AVAILABLE_CCIDS: %s\n", + strerror(ret)); + return -ERRNO_TO_PARA_ERROR(ret); + } + + close(fd); + *ccid_array = ccids; + return nccids; } /** - * prepare a structure for \p AF_UNIX socket addresses + * Prepare a structure for \p AF_UNIX socket addresses. * - * \param u pointer to the struct to be prepared - * \param name the socket pathname + * \param u Pointer to the struct to be prepared. + * \param name The socket pathname. * * This just copies \a name to the sun_path component of \a u. * * \return Positive on success, \p -E_NAME_TOO_LONG if \a name is longer * than \p UNIX_PATH_MAX. */ -int init_unix_addr(struct sockaddr_un *u, const char *name) +static int init_unix_addr(struct sockaddr_un *u, const char *name) { if (strlen(name) >= UNIX_PATH_MAX) return -E_NAME_TOO_LONG; @@ -301,50 +878,106 @@ int init_unix_addr(struct sockaddr_un *u, const char *name) } /** - * prepare, create, and bind and socket for local communication + * Prepare, create, and bind a socket for local communication. * - * \param name the socket pathname - * \param unix_addr pointer to the \p AF_UNIX socket structure - * \param mode the desired mode of the socket + * \param name The socket pathname. + * \param unix_addr Pointer to the \p AF_UNIX socket structure. + * \param mode The desired mode of the socket. * - * This functions creates a local socket for sequenced, reliable, + * This function creates a local socket for sequenced, reliable, * two-way, connection-based byte streams. + * + * \return The file descriptor, on success, negative on errors. + * * \sa socket(2) * \sa bind(2) * \sa chmod(2) */ -int create_pf_socket(const char *name, struct sockaddr_un *unix_addr, int mode) +int create_local_socket(const char *name, struct sockaddr_un *unix_addr, + mode_t mode) { int fd, ret; - fd = socket(PF_UNIX, SOCK_STREAM, 0); - if (fd < 0) - return -E_SOCKET; -// unlink(name); ret = init_unix_addr(unix_addr, name); if (ret < 0) return ret; - if (bind(fd, (struct sockaddr *) unix_addr, UNIX_PATH_MAX) < 0) - return -E_BIND; + ret = socket(PF_UNIX, SOCK_STREAM, 0); + if (ret < 0) + return -ERRNO_TO_PARA_ERROR(errno); + fd = ret; + ret = bind(fd, (struct sockaddr *) unix_addr, UNIX_PATH_MAX); + if (ret < 0) { + ret = -ERRNO_TO_PARA_ERROR(errno); + goto err; + } + ret = -E_CHMOD; if (chmod(name, mode) < 0) - return -E_CHMOD; + goto err; + return fd; +err: + close(fd); + return ret; +} + +/** + * Prepare, create, and connect to a Unix domain socket for local communication. + * + * \param name The socket pathname. + * + * This function creates a local socket for sequenced, reliable, two-way, + * connection-based byte streams. + * + * \return The file descriptor of the connected socket on success, negative on + * errors. + * + * \sa create_local_socket(), unix(7), connect(2). + */ +int connect_local_socket(const char *name) +{ + struct sockaddr_un unix_addr; + int fd, ret; + + PARA_DEBUG_LOG("connecting to %s\n", name); + ret = init_unix_addr(&unix_addr, name); + if (ret < 0) + return ret; + fd = socket(PF_UNIX, SOCK_STREAM, 0); + if (fd < 0) + return -ERRNO_TO_PARA_ERROR(errno); + if (connect(fd, (struct sockaddr *)&unix_addr, sizeof(unix_addr)) == -1) { + ret = -ERRNO_TO_PARA_ERROR(errno); + goto err; + } return fd; +err: + close(fd); + return ret; } +#ifndef HAVE_UCRED +ssize_t send_cred_buffer(int sock, char *buf) +{ + return send_buffer(sock, buf); +} +int recv_cred_buffer(int fd, char *buf, size_t size) +{ + return recv_buffer(fd, buf, size) > 0? 1 : -E_RECVMSG; +} +#else /* HAVE_UCRED */ /** - * send NULL terminated buffer and Unix credentials of the current process + * Send \p NULL-terminated buffer and Unix credentials of the current process. * - * \param sock the socket file descriptor - * \param buf the buffer to be sent + * \param sock The socket file descriptor. + * \param buf The buffer to be sent. * * \return On success, this call returns the number of characters sent. On - * error, \p -E_SENDMSG ist returned. - * \sa okir's Black Hats Manual - * \sa sendmsg(2) + * error, \p -E_SENDMSG is returned. + * + * \sa sendmsg(2), okir's Black Hats Manual. */ ssize_t send_cred_buffer(int sock, char *buf) { - char control[sizeof(struct cmsghdr) + 10]; + char control[sizeof(struct cmsghdr) + sizeof(struct ucred)]; struct msghdr msg; struct cmsghdr *cmsg; static struct iovec iov; @@ -376,7 +1009,7 @@ ssize_t send_cred_buffer(int sock, char *buf) return ret; } -static void dispose_fds(int *fds, int num) +static void dispose_fds(int *fds, unsigned num) { int i; @@ -385,24 +1018,25 @@ static void dispose_fds(int *fds, int num) } /** - * receive a buffer and the Unix credentials of the sending process + * Receive a buffer and the Unix credentials of the sending process. * - * \param fd the socket file descriptor - * \param buf the buffer to store the message - * \param size the size of \a buffer - * \param cred the credentials are returned here + * \param fd the socket file descriptor. + * \param buf the buffer to store the message. + * \param size the size of \a buffer. * - * \sa okir's Black Hats Manual - * \sa recvmsg(2) + * \return negative on errors, the user id on success. + * + * \sa recvmsg(2), okir's Black Hats Manual. */ -int recv_cred_buffer(int fd, char *buf, size_t size, struct ucred *cred) +int recv_cred_buffer(int fd, char *buf, size_t size) { char control[255]; struct msghdr msg; struct cmsghdr *cmsg; struct iovec iov; - int result; + int result = 0; int yes = 1; + struct ucred cred; setsockopt(fd, SOL_SOCKET, SO_PASSCRED, &yes, sizeof(int)); memset(&msg, 0, sizeof(msg)); @@ -415,13 +1049,13 @@ int recv_cred_buffer(int fd, char *buf, size_t size, struct ucred *cred) msg.msg_controllen = sizeof(control); if (recvmsg(fd, &msg, 0) < 0) return -E_RECVMSG; - result = -SCM_CREDENTIALS; + result = -E_SCM_CREDENTIALS; cmsg = CMSG_FIRSTHDR(&msg); while (cmsg) { if (cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_CREDENTIALS) { - memcpy(cred, CMSG_DATA(cmsg), sizeof(struct ucred)); - result = iov.iov_len; + memcpy(&cred, CMSG_DATA(cmsg), sizeof(struct ucred)); + result = cred.uid; } else if (cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_RIGHTS) { @@ -433,71 +1067,4 @@ int recv_cred_buffer(int fd, char *buf, size_t size, struct ucred *cred) } return result; } - -/** how many pending connections queue will hold */ -#define BACKLOG 10 - -/** - * create a socket, bind it and listen - * \param port the tcp port to listen on - * - * \return The file descriptor of the created socket, negative - * on errors. - * - * \sa get_socket() - * \sa setsockopt(2) - * \sa bind(2) - * \sa listen(2) - */ -int init_tcp_socket(int port) -{ - int sockfd, ret; - struct sockaddr_in my_addr; - - if ((sockfd = get_socket()) < 0) - return sockfd; - ret = setserversockopts(sockfd); - if (ret < 0) - return ret; - init_sockaddr(&my_addr, port, NULL); - ret = do_bind(sockfd, &my_addr); - if (ret < 0) - return ret; - if (listen(sockfd, BACKLOG) == -1) - return -E_LISTEN; - PARA_INFO_LOG("listening on port %d, fd %d\n", port, sockfd); - return sockfd; -} - -/** - * receive a buffer and check for a pattern - * - * \param fd the file descriptor to receive from - * \param pattern the expected pattern - * \param bufsize the size of the internal buffer - * - * \return Positive if \a pattern was received, negative otherwise. - * - * This function creates a buffer of size \a bufsize and tries - * to receive at most \a bufsize bytes from file descriptor \a fd. - * If at least \p strlen(\a pattern) bytes were received, the beginning of - * the received buffer is compared with \a pattern, ignoring case. - * \sa recv_buffer() - * \sa strncasecmp(3) - */ -int recv_pattern(int fd, const char *pattern, size_t bufsize) -{ - size_t len = strlen(pattern); - char *buf = para_malloc(bufsize + 1); - int ret = -E_RECV_PATTERN, n = recv_buffer(fd, buf, bufsize); - - if (n < len) - goto out; - buf[n] = '\0'; - if (strncasecmp(buf, pattern, len)) - goto out; - ret = 1; -out: - free(buf); - return ret; -} +#endif /* HAVE_UCRED */