static void dgram_chargen( const struct server *serp )
{
char buf[ BUFFER_SIZE ] ;
char *p ;
unsigned int len ;
union xsockaddr lsin ;
socklen_t sin_len = 0 ;
int fd = SERVER_FD( serp ) ;
unsigned int left = sizeof( buf ) ;
const char *func = "dgram_chargen";
if ( SC_IPV4( SVC_CONF( SERVER_SERVICE( serp ) ) ) )
sin_len = sizeof( struct sockaddr_in );
else if ( SC_IPV6( SVC_CONF( SERVER_SERVICE( serp ) ) ) )
sin_len = sizeof( struct sockaddr_in6 );
if ( recvfrom( fd, buf, sizeof( buf ), 0, SA( &lsin ), &sin_len ) == -1 )
return ;
#if BUFFER_SIZE < LINE_LENGTH+2
bad_variable = 1 ; /* this will cause a compilation error */
#endif
for ( p = buf ; left > 2 ; left -= len, p += len )
{
len = min( LINE_LENGTH+2, left ) ;
if ( generate_line( p, len ) == NULL )
break ;
}
(void) sendto( fd, buf, p-buf, 0, SA( &lsin ), sin_len ) ;
}
static status_e get_incoming_packet( struct intercept_s *ip, packet_s *pp )
{
socklen_t from_len = 0;
const char *func = "get_incoming_packet" ;
if( SC_IPV4( SVC_CONF( SERVER_SERVICE( INT_SERVER( ip ) ) ) ) )
from_len = sizeof( struct sockaddr_in );
if( SC_IPV6( SVC_CONF( SERVER_SERVICE( INT_SERVER( ip ) ) ) ) )
from_len = sizeof( struct sockaddr_in6 );
for ( ;; )
{
int cc ;
from_len = sizeof( pp->from ) ;
cc = recvfrom( INT_REMOTE( ip ), pp->data, pp->size,
0, SA( &pp->from ), &from_len ) ;
if ( cc == -1 )
{
if ( errno != EINTR )
{
msg( LOG_ERR, func, "recvfrom error: %m" ) ;
return( FAILED ) ;
}
}
else if ( cc == 0 )
return( FAILED ) ;
else
{
pp->size = cc ;
IDP( ip->int_priv )->received_packets++ ;
break ;
}
}
if ( from_len == 0 )
{
msg( LOG_ERR, func, "incoming packet had 0 length address" ) ;
return( FAILED ) ;
}
#ifdef DEBUG_UDPINT
if ( debug.on )
msg( LOG_DEBUG, func, "Received %d bytes from address: %s,%d",
pp->size, xaddrname( &pp->from ), ntohs( xaddrport(&pp->from) ) );
#endif
return( OK ) ;
}
static void dgram_echo( const struct server *serp )
{
char buf[ DATAGRAM_SIZE ] ;
union xsockaddr lsin;
ssize_t cc ;
socklen_t sin_len = 0;
int descriptor = SERVER_FD( serp ) ;
if( SC_IPV4( SVC_CONF( SERVER_SERVICE( serp ) ) ) )
sin_len = sizeof( struct sockaddr_in );
else if( SC_IPV6( SVC_CONF( SERVER_SERVICE( serp ) ) ) )
sin_len = sizeof( struct sockaddr_in6 );
cc = recvfrom( descriptor, buf, sizeof( buf ), 0, (struct sockaddr *)( &lsin ), &sin_len ) ;
if ( cc != (ssize_t)-1 ) {
(void) sendto( descriptor, buf, (size_t)cc, 0, SA( &lsin ), sizeof( lsin ) ) ;
}
}
static void dgram_time( const struct server *serp )
{
char buf[ 1 ] ;
unsigned char time_buf[4];
union xsockaddr lsin ;
socklen_t sin_len = 0 ;
int fd = SERVER_FD( serp ) ;
const char *func = "dgram_daytime";
if ( SC_IPV4( SVC_CONF( SERVER_SERVICE( serp ) ) ) )
sin_len = sizeof( struct sockaddr_in );
else if ( SC_IPV6( SVC_CONF( SERVER_SERVICE( serp ) ) ) )
sin_len = sizeof( struct sockaddr_in6 );
if ( recvfrom( fd, buf, sizeof( buf ), 0, SA( &lsin ), &sin_len ) == -1 )
return ;
time_protocol( time_buf ) ;
(void) sendto( fd, (char *) time_buf, 4, 0, SA( &lsin ), sin_len ) ;
}
static void dgram_daytime( const struct server *serp )
{
char time_buf[ BUFFER_SIZE ] ;
union xsockaddr lsin ;
socklen_t sin_len = 0 ;
unsigned int buflen = sizeof( time_buf ) ;
int descriptor = SERVER_FD( serp ) ;
const char *func = "dgram_daytime";
if ( SC_IPV4( SVC_CONF( SERVER_SERVICE( serp ) ) ) )
sin_len = sizeof( struct sockaddr_in );
else if ( SC_IPV6( SVC_CONF( SERVER_SERVICE( serp ) ) ) )
sin_len = sizeof( struct sockaddr_in6 );
if ( recvfrom( descriptor, time_buf, sizeof( time_buf ), 0,
SA( &lsin ), &sin_len ) == -1 )
return ;
daytime_protocol( time_buf, &buflen ) ;
(void) sendto( descriptor, time_buf, buflen, 0, SA(&lsin), sizeof( lsin ) ) ;
}
/*
* Get a new connection request and initialize 'cp' appropriately
*/
static status_e get_connection( struct service *sp, connection_s *cp )
{
struct service_config *scp = SVC_CONF( sp );
socklen_t sin_len;
const char *func = "get_connection" ;
int on = 1;
if( SC_IPV4(scp) ) sin_len = sizeof(struct sockaddr_in);
if( SC_IPV6(scp) ) sin_len = sizeof(struct sockaddr_in6);
if ( SVC_SOCKET_TYPE( sp ) == SOCK_STREAM ) {
/* If it's a TCP socket, and we're set to wait, the accept is
* done by the child process. Don't set NEW_DESCRIPTOR, since
* there isn't one. The descriptor will be/was removed from
* the descriptor set in svc_suspend and re-enabled in svc_resume.
*/
if( SC_WAITS( scp ) ) {
cp->co_descriptor = SVC_FD( sp );
} else {
cp->co_descriptor = accept( SVC_FD( sp ), &(cp->co_remote_address.sa),
&sin_len ) ;
if (cp->co_descriptor != -1)
M_SET( cp->co_flags, COF_NEW_DESCRIPTOR ) ;
}
if ( cp->co_descriptor == -1 )
{
if ((errno == EMFILE) || (errno == ENFILE))
cps_service_stop(sp, "no available descriptors");
else
msg( LOG_ERR, func, "service %s, accept: %m", SVC_ID( sp ) ) ;
return( FAILED ) ;
}
if( SC_NODELAY( scp ) && (SC_PROTOVAL( scp ) == IPPROTO_TCP) )
if( setsockopt(SVC_FD(sp), IPPROTO_TCP, TCP_NODELAY,
(char *)&on, sizeof( on ) ) < 0 )
msg( LOG_WARNING, func, "service %s, setsockopt: %m", SVC_ID(sp));
if( SC_KEEPALIVE( scp ) && (SC_PROTOVAL( scp ) == IPPROTO_TCP) )
{
if( setsockopt(SVC_FD(sp), SOL_SOCKET, SO_KEEPALIVE,
(char *)&on, sizeof( on ) ) < 0 )
msg( LOG_WARNING, func, "service %s, setsockopt: %m", SVC_ID(sp));
}
if( SC_IPV6(scp) && !(SC_V6ONLY( scp )) &&
(IN6_IS_ADDR_V4MAPPED(&cp->co_remote_address.sa_in6.sin6_addr) ||
IN6_IS_ADDR_V4COMPAT(&cp->co_remote_address.sa_in6.sin6_addr)) )
{
int af = AF_INET;
if( setsockopt(cp->co_descriptor, IPPROTO_IPV6,
IPV6_ADDRFORM, &af, sizeof( af ) ) ) {
if( debug.on ) msg( LOG_WARNING, func, "service %s, IPV6_ADDRFORM setsockopt() failed: %m", SVC_ID( sp) );
}
}
M_SET( cp->co_flags, COF_HAVE_ADDRESS ) ;
}
else
{
if ( SVC_SOCKET_TYPE( sp ) == SOCK_DGRAM )
{
char t_ch ;
ssize_t val;
/*
* This trick is done to get the remote address.
* select(2) guaranteed that we won't block on the recvfrom
*/
val = recvfrom( SVC_FD( sp ), &t_ch, 1, MSG_PEEK,
&cp->co_remote_address.sa, &sin_len );
if ( val == (ssize_t)-1 )
{
msg( LOG_ERR, func, "service %s, recvfrom: %m", SVC_ID( sp ) ) ;
return( FAILED ) ;
}
M_SET( cp->co_flags, COF_HAVE_ADDRESS ) ;
}
cp->co_descriptor = SVC_FD( sp ) ;
}
return( OK ) ;
}
/* This function gets called from child.c after we have been forked */
void redir_handler( struct server *serp )
{
struct service *sp = SERVER_SERVICE( serp );
struct service_config *scp = SVC_CONF( sp );
int RedirDescrip = SERVER_FD( serp );
int maxfd, num_read, num_wrote=0, ret=0;
unsigned int sin_len = 0;
unsigned long bytes_in = 0, bytes_out = 0;
int no_to_nagle = 1;
int on = 1, v6on;
char buff[NET_BUFFER];
fd_set rdfd, msfd;
struct timeval *timep = NULL;
const char *func = "redir_handler";
union xsockaddr serveraddr ;
if( signal(SIGPIPE, redir_sigpipe) == SIG_ERR )
msg(LOG_ERR, func, "unable to setup signal handler");
close_all_svc_descriptors();
/* If it's a tcp service we are redirecting */
if( scp->sc_protocol.value == IPPROTO_TCP )
{
memcpy(&serveraddr, scp->sc_redir_addr, sizeof(serveraddr));
if( serveraddr.sa_in.sin_family == AF_INET ) {
sin_len = sizeof( struct sockaddr_in );
RedirServerFd = socket(AF_INET, SOCK_STREAM, 0);
} else if( serveraddr.sa_in.sin_family == AF_INET6 ) {
sin_len = sizeof( struct sockaddr_in6 );
RedirServerFd = socket(AF_INET6, SOCK_STREAM, 0);
} else {
msg(LOG_ERR, func, "not a valid protocol. Use IPv4 or IPv6.");
exit(0);
}
if( RedirServerFd < 0 )
{
msg(LOG_ERR, func, "cannot create socket: %m");
exit(0);
}
if( SC_IPV6( scp ) ) {
if( SC_V6ONLY( scp ) ) {
v6on = 1;
} else {
v6on = 0;
}
#ifdef IPV6_V6ONLY
if( setsockopt(RedirServerFd, IPPROTO_IPV6, IPV6_V6ONLY, (char *)&v6on, sizeof(v6on)) < 0 ) {
msg( LOG_ERR, func, "Setting IPV6_V6ONLY option failed (%m)" );
}
#endif
}
if( SC_KEEPALIVE( scp ) )
if (setsockopt(RedirServerFd, SOL_SOCKET, SO_KEEPALIVE,
(char *)&on, sizeof( on ) ) < 0 )
msg(LOG_ERR, func,
"setsockopt SO_KEEPALIVE RedirServerFd failed: %m");
if( serveraddr.sa_in.sin_family == AF_INET )
serveraddr.sa_in.sin_port = htons(serveraddr.sa_in.sin_port);
if( serveraddr.sa_in.sin_family == AF_INET6 )
serveraddr.sa_in6.sin6_port = htons(serveraddr.sa_in6.sin6_port);
if( connect(RedirServerFd, &serveraddr.sa, sin_len) < 0 )
{
msg(LOG_ERR, func, "can't connect to remote host %s: %m",
xaddrname( &serveraddr ) );
exit(0);
}
/* connection now established */
if (setsockopt(RedirServerFd, IPPROTO_TCP, TCP_NODELAY,
(char *) &no_to_nagle, sizeof( on ) ) < 0) {
msg(LOG_ERR, func, "setsockopt RedirServerFd failed: %m");
}
if (setsockopt(RedirDescrip, IPPROTO_TCP, TCP_NODELAY,
(char *) &no_to_nagle, sizeof( on ) ) < 0) {
msg(LOG_ERR, func, "setsockopt RedirDescrip failed: %m");
}
maxfd = (RedirServerFd > RedirDescrip)?RedirServerFd:RedirDescrip;
FD_ZERO(&msfd);
FD_SET(RedirDescrip, &msfd);
FD_SET(RedirServerFd, &msfd);
while(1) {
memcpy(&rdfd, &msfd, sizeof(rdfd));
if (select(maxfd + 1, &rdfd, (fd_set *)0, (fd_set *)0, timep) <= 0) {
/* place for timeout code, currently does not time out */
break;
}
if (FD_ISSET(RedirDescrip, &rdfd)) {
do {
num_read = read(RedirDescrip,
buff, sizeof(buff));
if (num_read == -1 && errno == EINTR)
continue;
if (num_read <= 0)
goto REDIROUT;
bytes_in += num_read;
} while (num_read < 0);
/* Loop until we have written everything
* that was read */
num_wrote = 0;
while( num_wrote < num_read ) {
ret = write(RedirServerFd,
buff + num_wrote,
num_read - num_wrote);
if (ret == -1 && errno == EINTR)
continue;
if (ret <= 0)
goto REDIROUT;
num_wrote += ret;
}
}
if (FD_ISSET(RedirServerFd, &rdfd)) {
do {
num_read = read(RedirServerFd,
buff, sizeof(buff));
if (num_read == -1 && errno == EINTR)
continue;
if (num_read <= 0)
goto REDIROUT;
bytes_out += num_read;
} while (num_read < 0);
/* Loop until we have written everything
* that was read */
num_wrote = 0;
while( num_wrote < num_read ) {
ret = write(RedirDescrip,
buff + num_wrote,
num_read - num_wrote);
if (ret == -1 && errno == EINTR)
continue;
if (ret <= 0)
goto REDIROUT;
num_wrote += ret;
}
}
}
REDIROUT:
if( M_IS_SET( (scp)->sc_log_on_success, LO_TRAFFIC ) ) {
svc_logprint( SERVER_CONNSERVICE( serp ), "TRAFFIC",
"in=%lu(bytes) out=%lu(bytes)", bytes_in, bytes_out );
}
exit(0);
}
msg(LOG_ERR, func,
"redirect with any protocol other than tcp is not supported at this time.");
exit(0);
}
static status_e failed_service(struct service *sp,
connection_s *cp,
access_e result)
{
struct service_config *scp = SVC_CONF( sp ) ;
if ( result != AC_OK )
{
bool_int report_failure = TRUE ;
/*
* Try to avoid reporting multiple times a failed attempt to access
* a datagram-based service from a bad address. We do this because
* the clients of such services usually send multiple datagrams
* before reporting a timeout (we have no way of telling them that
* their request has been denied).
*/
if ( result == AC_ADDRESS && SVC_SOCKET_TYPE( sp ) == SOCK_DGRAM )
{
if( SC_IPV4( scp ) ) {
struct sockaddr_in *sinp = SAIN(CONN_ADDRESS( cp )) ;
struct sockaddr_in *last = SAIN(SVC_LAST_DGRAM_ADDR(sp)) ;
time_t current_time ;
if (sinp == NULL )
return FAILED;
if ( last == NULL ) {
last = SAIN( calloc( 1, sizeof(union xsockaddr) ) );
SVC_LAST_DGRAM_ADDR(sp) = (union xsockaddr *)last;
}
(void) time( ¤t_time ) ;
if ( sinp->sin_addr.s_addr == last->sin_addr.s_addr &&
sinp->sin_port == last->sin_port )
{
if( current_time - SVC_LAST_DGRAM_TIME(sp) <= DGRAM_IGNORE_TIME )
report_failure = FALSE ;
else
SVC_LAST_DGRAM_TIME(sp) = current_time ;
}
else
{
memcpy(SVC_LAST_DGRAM_ADDR(sp), sinp,sizeof(struct sockaddr_in));
SVC_LAST_DGRAM_TIME(sp) = current_time ;
}
} else if( SC_IPV6( scp ) ) {
struct sockaddr_in6 *sinp = SAIN6(CONN_ADDRESS( cp )) ;
struct sockaddr_in6 *last = SAIN6(SVC_LAST_DGRAM_ADDR(sp)) ;
time_t current_time ;
if (sinp == NULL )
return FAILED;
if( last == NULL ) {
last = SAIN6(calloc( 1, sizeof(union xsockaddr) ) );
SVC_LAST_DGRAM_ADDR( sp ) = (union xsockaddr *)last;
}
(void) time( ¤t_time ) ;
if ( IN6_ARE_ADDR_EQUAL(&(sinp->sin6_addr), &(last->sin6_addr)) &&
sinp->sin6_port == last->sin6_port )
{
if((current_time - SVC_LAST_DGRAM_TIME(sp)) <= DGRAM_IGNORE_TIME)
report_failure = FALSE ;
else
SVC_LAST_DGRAM_TIME(sp) = current_time ;
}
else
{
memcpy(SVC_LAST_DGRAM_ADDR(sp),sinp,sizeof(struct sockaddr_in6));
SVC_LAST_DGRAM_TIME(sp) = current_time ;
}
}
}
if ( report_failure )
svc_log_failure( sp, cp, result ) ;
banner_fail(sp, cp);
return( FAILED ) ;
}
return( OK );
}
/*
* Activate a service.
*/
status_e svc_activate( struct service *sp )
{
struct service_config *scp = SVC_CONF( sp ) ;
status_e status ;
const char *func = "svc_activate" ;
/* No activation for MUXCLIENTS.
*/
if (SC_IS_MUXCLIENT( scp ))
{
return( OK );
}
if( SC_IPV4( scp ) ) {
SVC_FD(sp) = socket( AF_INET,
SC_SOCKET_TYPE( scp ), SC_PROTOVAL( scp ) ) ;
} else if( SC_IPV6( scp ) ) {
SVC_FD(sp) = socket( AF_INET6,
SC_SOCKET_TYPE( scp ), SC_PROTOVAL( scp ) ) ;
}
if ( SVC_FD(sp) == -1 )
{
msg( LOG_ERR, func,
"socket creation failed (%m). service = %s", SC_ID( scp ) ) ;
return( FAILED ) ;
}
if ( set_fd_modes( sp ) == FAILED )
{
(void) Sclose( SVC_FD(sp) ) ;
return( FAILED ) ;
}
#ifndef NO_RPC
if ( SC_IS_RPC( scp ) )
status = activate_rpc( sp ) ;
else
#endif /* ! NO_RPC */
status = activate_normal( sp ) ;
if ( status == FAILED )
{
(void) Sclose( SVC_FD(sp) ) ;
return( FAILED ) ;
}
#ifdef HAVE_MDNS
xinetd_mdns_register(scp);
#endif
if ( log_start( sp, &SVC_LOG(sp) ) == FAILED )
{
deactivate( sp ) ;
return( FAILED ) ;
}
/*
* Initialize the service data
*/
SVC_RUNNING_SERVERS(sp) = SVC_RETRIES(sp) = 0 ;
if ( SC_MUST_LISTEN( scp ) )
(void) listen( SVC_FD(sp), LISTEN_BACKLOG ) ;
ps.rws.descriptors_free-- ;
SVC_STATE(sp) = SVC_ACTIVE ;
FD_SET( SVC_FD(sp), &ps.rws.socket_mask ) ;
if ( SVC_FD(sp) > ps.rws.mask_max )
ps.rws.mask_max = SVC_FD(sp) ;
ps.rws.active_services++ ;
ps.rws.available_services++ ;
return( OK ) ;
}
static status_e activate_normal( struct service *sp )
{
union xsockaddr tsin;
int sd = SVC_FD( sp ) ;
struct service_config *scp = SVC_CONF( sp ) ;
uint16_t service_port = SC_PORT( scp ) ;
char *sid = SC_ID( scp ) ;
const char *func = "activate_normal" ;
unsigned int sin_len = sizeof(tsin);
int on = 1;
#ifdef IPV6_V6ONLY
int v6on = 0;
#endif
if( SC_BIND_ADDR(scp) != NULL )
memcpy(&tsin, SC_BIND_ADDR(scp), sin_len);
else
memset(&tsin, 0, sin_len);
if( SC_IPV4( scp ) ) {
tsin.sa_in.sin_family = AF_INET ;
tsin.sa_in.sin_port = htons( service_port ) ;
sin_len = sizeof(struct sockaddr_in);
} else if( SC_IPV6( scp ) ) {
tsin.sa_in6.sin6_family = AF_INET6;
tsin.sa_in6.sin6_port = htons( service_port );
sin_len = sizeof(struct sockaddr_in6);
}
#ifdef IPV6_V6ONLY
if( SC_IPV6(scp) ) {
if( SC_SPECIFIED(scp, A_V6ONLY) ) {
v6on = 1;
} else {
v6on = 0;
}
if( setsockopt(sd, IPPROTO_IPV6, IPV6_V6ONLY, (char *)&v6on, sizeof(v6on)) < 0 ) {
msg( LOG_ERR, func, "Setting IPV6_V6ONLY option failed (%m)" );
}
}
#endif
if ( setsockopt( sd, SOL_SOCKET, SO_REUSEADDR,
(char *) &on, sizeof( on ) ) == -1 )
msg( LOG_WARNING, func,
"setsockopt SO_REUSEADDR failed (%m). service = %s", sid ) ;
if( SC_NODELAY( scp ) && (SC_PROTOVAL(scp) == IPPROTO_TCP) )
{
if ( setsockopt( sd, IPPROTO_TCP, TCP_NODELAY,
(char *) &on, sizeof( on ) ) == -1 )
msg( LOG_WARNING, func,
"setsockopt TCP_NODELAY failed (%m). service = %s", sid ) ;
}
if( SC_KEEPALIVE( scp ) && (SC_PROTOVAL(scp) == IPPROTO_TCP) )
{
if( setsockopt(sd, SOL_SOCKET, SO_KEEPALIVE,
(char *)&on, sizeof( on ) ) < 0 )
msg( LOG_WARNING, func,
"setsockopt SO_KEEPALIVE failed (%m). service = %s", sid ) ;
}
if ( bind( sd, &tsin.sa, sin_len ) == -1 )
{
msg( LOG_ERR, func, "bind failed (%m). service = %s", sid ) ;
return( FAILED ) ;
}
#ifdef IN_MULTICAST
if( SC_IPV4(scp) && IN_MULTICAST( ntohl(tsin.sa_in.sin_addr.s_addr) ) ) {
struct ifaddrs *addrs, *addr;
struct ip_mreq mreq;
if (getifaddrs(&addrs) == 0) {
addr = addrs;
while (addr)
{
if (addr->ifa_addr && (addr->ifa_flags & IFF_MULTICAST))
{
mreq.imr_multiaddr.s_addr = tsin.sa_in.sin_addr.s_addr;
mreq.imr_interface.s_addr = ((struct sockaddr_in *)addr->ifa_addr)->sin_addr.s_addr;
setsockopt(sd, IPPROTO_IP, IP_ADD_MEMBERSHIP, &mreq, sizeof(mreq));
}
addr = addr->ifa_next;
}
freeifaddrs(addrs);
if ( debug.on )
msg( LOG_DEBUG, func, "Adding multicast membership." );
}
else {
msg( LOG_ERR, func, "getifaddrs failed (%m). service = %s", sid );
}
}
#endif
return( OK ) ;
}
static status_e activate_rpc( struct service *sp )
{
union xsockaddr tsin;
socklen_t sin_len = sizeof(tsin);
unsigned long vers ;
struct service_config *scp = SVC_CONF( sp ) ;
struct rpc_data *rdp = SC_RPCDATA( scp ) ;
char *sid = SC_ID( scp ) ;
unsigned registered_versions = 0 ;
int sd = SVC_FD( sp ) ;
const char *func = "activate_rpc" ;
if( SC_BIND_ADDR(scp) != 0 )
memcpy( &tsin, SC_BIND_ADDR(scp), sizeof(tsin) );
else
memset( &tsin, 0, sizeof(tsin));
if ( SC_PROTOVAL ( scp ) == IPPROTO_TCP ) {
M_SET ( scp->sc_xflags, SF_NOLIBWRAP );
}
if( SC_IPV4( scp ) ) {
tsin.sa_in.sin_family = AF_INET ;
sin_len = sizeof(struct sockaddr_in);
} else if( SC_IPV6( scp ) ) {
tsin.sa_in6.sin6_family = AF_INET6 ;
sin_len = sizeof(struct sockaddr_in6);
}
if ( bind( sd, &tsin.sa, sin_len ) == -1 )
{
msg( LOG_ERR, func, "bind failed (%m). service = %s", sid ) ;
return( FAILED ) ;
}
/*
* Find the port number that was assigned to the socket
*/
if ( getsockname( sd, &tsin.sa, &sin_len ) == -1 )
{
msg( LOG_ERR, func,
"getsockname failed (%m). service = %s", sid ) ;
return( FAILED ) ;
}
if( tsin.sa.sa_family == AF_INET )
SC_SET_PORT( scp, ntohs( tsin.sa_in.sin_port ) ) ;
else if( tsin.sa.sa_family == AF_INET6 )
SC_SET_PORT( scp, ntohs( tsin.sa_in6.sin6_port ) ) ;
/*
* Try to register as many versions as possible
*/
for ( vers = RD_MINVERS( rdp ) ; vers <= RD_MAXVERS( rdp ) ; vers++ ) {
/* Is this right? For instance, if we have both tcp and udp services,
* this will unregister the previously registered protocol.
* pmap_unset(RD_PROGNUM(rdp), vers);
*/
if ( pmap_set( RD_PROGNUM( rdp ), vers, SC_PROTOVAL( scp ),
SC_PORT( scp ) ) )
registered_versions++ ;
else
msg( LOG_ERR, func,
"pmap_set failed. service=%s program=%ld version=%ld",
sid, RD_PROGNUM( rdp ), vers ) ;
sleep(1);
}
if ( debug.on )
msg( LOG_DEBUG, func,
"Registered %d versions of %s", registered_versions, sid ) ;
return( ( registered_versions == 0 ) ? FAILED : OK ) ;
}
/*
* This function is invoked in a forked process to run a server.
* If the service is internal the appropriate function is invoked
* otherwise the server program is exec'ed.
* This function also logs the remote user id if appropriate
*/
void child_process( struct server *serp )
{
struct service *sp = SERVER_SERVICE( serp ) ;
connection_s *cp = SERVER_CONNECTION( serp ) ;
struct service_config *scp = SVC_CONF( sp ) ;
const char *func = "child_process" ;
signal_default_state();
if ((signals_pending[0] >= 0 && Sclose(signals_pending[0])) ||
(signals_pending[1] >= 0 && Sclose(signals_pending[1])))
{
msg(LOG_ERR, func, "Failed to close the signal pipe: %m");
_exit(1);
}
signals_pending[0] = -1;
signals_pending[1] = -1;
Sclose(0);
Sclose(1);
Sclose(2);
#ifdef DEBUG_SERVER
if ( debug.on )
{
msg( LOG_DEBUG, func, "Process %d is sleeping", getpid() ) ;
sleep( 10 ) ;
}
#endif
if ( ! SC_IS_INTERCEPTED( scp ) )
{
set_credentials( scp ) ;
if ( SC_SPECIFIED( scp, A_NICE ) )
(void) nice( SC_NICE( scp ) ) ;
}
if ( svc_child_access_control(sp, cp) != OK )
exit(0);
if ( SERVER_LOGUSER( serp ) )
{
unsigned timeout ;
idresult_e result ;
/*
* We use LOGUSER_SUCCESS_TIMEOUT unless the service requires
* identification, in which case we use an infinite timeout
*/
timeout = SC_MUST_IDENTIFY( scp ) ? 0 : LOGUSER_SUCCESS_TIMEOUT ;
result = log_remote_user( serp, timeout ) ;
if ( result != IDR_OK && SC_MUST_IDENTIFY( scp ) )
{
svc_logprint( sp, NOID_ENTRY, "%s %s",
conn_addrstr( SERVER_CONNECTION( serp ) ),
idresult_explain( result ) ) ;
_exit( 0 ) ;
}
}
#ifdef HAVE_SESSIONCREATE
if ( scp->sc_sessioncreate == YES )
{
if ( SessionCreate(0, sessionHasTTY|sessionIsRemote) != noErr )
svc_logprint( sp, "SessionCreate", "SessionCreate() failed!" );
}
#endif
/* this is where the server gets executed -bbraun */
if ( ! SC_IS_INTERNAL( scp ) )
{
if( scp->sc_redir_addr != NULL )
{
redir_handler( serp );
}
else
{
#if defined(HAVE_SETENV)
char buff[1024];
strx_sprint(buff, sizeof(buff)-1, "REMOTE_HOST=%s", conn_addrstr(cp));
if( env_addstr(SC_ENV(scp)->env_handle, buff) != ENV_OK ) {
msg( LOG_ERR, func, "Error adding REMOTE_HOST variable for %s: %m", SC_NAME(scp) );
_exit( 1 ) ;
}
#endif
exec_server( serp ) ;
}
}
else
{
char name[ 180 ] ;
/*
* We don't bother to disassociate from the controlling terminal
* (we have a controlling terminal only if debug.on is TRUE)
*
* Also, for interceptor processes, we give them the name:
* <program_name> <service-id> interceptor
*/
if ( SC_IS_INTERCEPTED( scp ) )
strx_print( INT_NULL, name, sizeof( name ) - 1,
"%s %s interceptor", program_name, SC_ID( scp ) ) ;
else
{
int namelen = sizeof( name ) - 1 ; /* leave space for the NUL */
char host[NI_MAXHOST];
size_t hostlen = NI_MAXHOST;
socklen_t addrlen = 0;
union xsockaddr *sinp = CONN_XADDRESS(SERVER_CONNECTION(serp));
int len;
if( sinp == NULL )
exit(0);
if( SC_IPV6(scp) ) addrlen = sizeof(struct sockaddr_in6);
else if( SC_IPV4(scp) ) addrlen = sizeof(struct sockaddr_in);
len = strx_nprint(name, namelen, "(%s service) %s", program_name,
SC_ID( scp ) ) ;
if( getnameinfo( SA(sinp), addrlen, host, hostlen, NULL, 0, 0) != 0 )
strcpy(host, "unknown");
if ( SC_IPV6(scp) && SC_ACCEPTS_CONNECTIONS( scp ) &&
!IN6_IS_ADDR_UNSPECIFIED(&sinp->sa_in6.sin6_addr) )
strx_print( INT_NULL, &name[ len ], namelen - len, " %s" , host ) ;
if ( SC_IPV4(scp) && SC_ACCEPTS_CONNECTIONS( scp ) )
strx_print( INT_NULL, &name[ len ], namelen - len, " %s", host ) ;
}
rename_process( name ) ;
SVC_INTERNAL( sp, serp ) ;
}
_exit( 0 ) ;
/* NOTREACHED */
}
