void serve(int sockfd) { int clfd; FILE* fp; char buf[BUFLEN]; set_cloexec(sockfd); for(;;){ if((clfd = accept(sockfd,NULL,NULL)) < 0){ syslog(LOG_ERR,"ruptime: accept error: %s",strerror(errno)); exit(1); } set_cloexec(clfd); if((fp = popen("/usr/bin/uptime","r")) == NULL){ sprintf(buf,"error: %s\n",strerror(errno)); send(clfd,buf,strlen(buf),0); }else { while(fgets(buf,BUFLEN,fp) != NULL){ send(clfd,buf,strlen(buf),0); } pclose(fp); } close(clfd); } }
int cloexec_pipe(int fds[2]) { #ifdef __linux__ return pipe2(fds, O_CLOEXEC); #else int ret = -1; #ifndef _MSC_VER pthread_mutex_lock(&cloexec_mutex); if (pipe(fds)) #else uv_mutex_lock(&cloexec_mutex); if (_pipe(fds, 4096, O_BINARY) != 0) #endif goto Exit; if (set_cloexec(fds[0]) != 0 || set_cloexec(fds[1]) != 0) goto Exit; ret = 0; Exit: #ifndef _MSC_VER pthread_mutex_unlock(&cloexec_mutex); #else uv_mutex_unlock(&cloexec_mutex); #endif return ret; #endif }
int open_sockets(void) { if ((socket_afnet = socket(AF_INET, SOCK_DGRAM, 0)) == -1) return -1; set_cloexec(socket_afnet); sock_fd = _open_link_socket(&sock_nl); set_cloexec(sock_fd); return sock_fd; }
int init_sockets(void) { if ((socket_afnet = socket(AF_INET, SOCK_DGRAM, 0)) == -1) return -1; set_cloexec(socket_afnet); if ((r_fd = socket(PF_ROUTE, SOCK_RAW, 0)) == -1) return -1; set_cloexec(r_fd); return 0; }
static void iothread_init(void) { static bool inited = false; if (!inited) { inited = true; // Initialize the completion pipes. int pipes[2] = {0, 0}; assert_with_errno(pipe(pipes) != -1); s_read_pipe = pipes[0]; s_write_pipe = pipes[1]; set_cloexec(s_read_pipe); set_cloexec(s_write_pipe); } }
void server2(int sockfd) { int clfd, status; pid_t pid; set_cloexec(sockfd); for(;;) { if ((clfd = accept(sockfd, NULL, NULL)) < 0){ syslog(LOG_ERR, "ruptimed: accept error: %s", strerror(errno)); exit(EXIT_FAILURE); } if ((pid = fork()) < 0) { syslog(LOG_ERR, "ruptimed: fork error %s", strerror(errno)); exit(EXIT_FAILURE); } else if (pid == 0){ if (dup2(clfd, STDOUT_FILENO) != STDOUT_FILENO || dup2(clfd,STDERR_FILENO) != STDERR_FILENO) { syslog(LOG_ERR,"ruptimed: unexcepted error"); exit(EXIT_FAILURE); } close(clfd); execl("/usr/bin/uptime", "uptime", (char *)0); syslog(LOG_ERR, "ruptimed: unexcepted return from exec: %s", strerror(errno)); } else { close(clfd); waitpid(pid, &status, 0); } } }
int cloexec_socket(int domain, int type, int protocol) { #ifdef __linux__ return socket(domain, type | SOCK_CLOEXEC, protocol); #else int fd = -1; #ifndef _MSC_VER pthread_mutex_lock(&cloexec_mutex); #else uv_mutex_lock(&cloexec_mutex); #endif if ((fd = socket(domain, type, protocol)) == -1) goto Exit; if (set_cloexec(fd) != 0) { #ifndef _MSC_VER close(fd); #else _close(fd); #endif fd = -1; goto Exit; } Exit: #ifndef _MSC_VER pthread_mutex_unlock(&cloexec_mutex); #else uv_mutex_unlock(&cloexec_mutex); #endif return fd; #endif }
int move_fd_to_unused(int fd, const io_chain_t &io_chain, bool cloexec) { if (fd < 0 || io_chain.get_io_for_fd(fd).get() == NULL) { return fd; } // We have fd >= 0, and it's a conflict. dup it and recurse. Note that we recurse before // anything is closed; this forces the kernel to give us a new one (or report fd exhaustion). int new_fd = fd; int tmp_fd; do { tmp_fd = dup(fd); } while (tmp_fd < 0 && errno == EINTR); assert(tmp_fd != fd); if (tmp_fd < 0) { // Likely fd exhaustion. new_fd = -1; } else { // Ok, we have a new candidate fd. Recurse. If we get a valid fd, either it's the same as // what we gave it, or it's a new fd and what we gave it has been closed. If we get a // negative value, the fd also has been closed. if (cloexec) set_cloexec(tmp_fd); new_fd = move_fd_to_unused(tmp_fd, io_chain); } // We're either returning a new fd or an error. In both cases, we promise to close the old one. assert(new_fd != fd); int saved_errno = errno; exec_close(fd); errno = saved_errno; return new_fd; }
/* * note: the socket must be in non-blocking mode, or the call might block while the mutex is being locked */ int cloexec_accept(int socket, struct sockaddr *addr, socklen_t *addrlen) { int fd = -1; #ifndef _MSC_VER pthread_mutex_lock(&cloexec_mutex); #else uv_mutex_lock(&cloexec_mutex); #endif if ((fd = accept(socket, addr, addrlen)) == -1) goto Exit; if (set_cloexec(fd) != 0) { closesocket(fd); fd = -1; goto Exit; } Exit: #ifndef _MSC_VER pthread_mutex_unlock(&cloexec_mutex); #else uv_mutex_unlock(&cloexec_mutex); #endif return fd; }
static FILE *open_socket(void) { int fd = -1; struct sockaddr_un sa; FILE *f = NULL; if ((fd = socket(AF_UNIX, SOCK_STREAM, 0)) < 0) goto fail; set_cloexec(fd); memset(&sa, 0, sizeof(sa)); sa.sun_family = AF_UNIX; strncpy(sa.sun_path, AVAHI_SOCKET, sizeof(sa.sun_path)-1); sa.sun_path[sizeof(sa.sun_path)-1] = 0; if (connect(fd, (struct sockaddr*) &sa, sizeof(sa)) < 0) goto fail; if (!(f = fdopen(fd, "r+"))) goto fail; return f; fail: if (fd >= 0) close(fd); return NULL; }
static int binsh_in_filelist(const char *package) { const char * const cmd[] = {"dpkg-query", "-L", package, NULL}; pid_t child; int sink; FILE *in; int found; /* * dpkg -L $package 2>/dev/null | ... * * Redirection of stderr is for quieter output * when $package is not installed. If opening /dev/null * fails, no problem; leave stderr alone in that case. */ sink = open("/dev/null", O_WRONLY); if (sink >= 0) set_cloexec(sink); in = spawn_pipe(&child, cmd, sink); /* ... | grep "^/bin/sh\$" */ found = has_binsh_line(in); if (fclose(in)) die_errno("cannot close read end of pipe"); /* * dpkg -L will error out if $package is not already installed. * * We stopped reading early if we found a match, so * tolerate SIGPIPE in that case. */ wait_or_die(child, "dpkg-query -L", ERROR_OK | (found ? SIGPIPE_OK : 0)); return found; }
void serve(int sockfd) { int n; socklen_t alen; FILE *fp; char buf[BUFLEN]; char abuf[MAXADDRLEN]; struct sockaddr *addr = (struct sockaddr *)abuf; set_cloexec(sockfd); for (;;) { alen = MAXADDRLEN; if ((n = recvfrom(sockfd, buf, BUFLEN, 0, addr, &alen)) < 0) { syslog(LOG_ERR, "ruptimed: recvfrom error: %s", strerror(errno)); exit(1); } if ((fp = popen("/usr/bin/uptime", "r")) == NULL) { sprintf(buf, "error: %s\n", strerror(errno)); sendto(sockfd, buf, strlen(buf), 0, addr, alen); } else { if (fgets(buf, BUFLEN, fp) != NULL) sendto(sockfd, buf, strlen(buf), 0, addr, alen); // 从recvfrom获得的发送者地址addr pclose(fp); } } }
static int open_socket(void) { int fd = -1; struct sockaddr_un sa; if ((fd = socket(AF_UNIX, SOCK_STREAM, 0)) < 0) { daemon_log(LOG_ERR, "socket(): %s", strerror(errno)); goto fail; } if (set_cloexec(fd) < 0) { daemon_log(LOG_ERR, "fcntl(): %s", strerror(errno)); goto fail; } memset(&sa, 0, sizeof(sa)); sa.sun_family = AF_UNIX; strncpy(sa.sun_path, AVAHI_SOCKET, sizeof(sa.sun_path)-1); sa.sun_path[sizeof(sa.sun_path)-1] = 0; if (connect(fd, (struct sockaddr*) &sa, sizeof(sa)) < 0) { daemon_log(LOG_ERR, "connect(): %s", strerror(errno)); daemon_log(LOG_INFO, "Failed to connect to the daemon. This probably means that you"); daemon_log(LOG_INFO, "didn't start avahi-daemon before avahi-dnsconfd."); goto fail; } return fd; fail: if (fd >= 0) close(fd); return -1; }
u_link_origin *u_link_origin_create_from_fd(mowgli_eventloop_t *ev, int fd) { const char *operation; u_link_origin *origin = NULL; /* Set the fd to be close-on-exec. All listening sockets will be closed when * we upgrade. This may cause some slight disturbance for users currently * connecting, but this is acceptable. */ operation = "set close-on-exec"; if (set_cloexec(fd) < 0) goto error; u_log(LG_DEBUG, "u_link_origin_create_from_fd: %d", fd); origin = malloc(sizeof(*origin)); operation = "create pollable"; if (!(origin->poll = mowgli_pollable_create(ev, fd, origin))) { errno = -EINVAL; /* XXX */ goto error; } mowgli_node_add(origin, &origin->n, &all_origins); mowgli_pollable_setselect(ev, origin->poll, MOWGLI_EVENTLOOP_IO_READ, accept_ready); return origin; error: u_perror(operation); free(origin); return NULL; }
int exec_pipe(int fd[2]) { ASSERT_IS_MAIN_THREAD(); int res; while ((res = pipe(fd))) { if (errno != EINTR) { return res; // caller will call wperror } } debug(4, L"Created pipe using fds %d and %d", fd[0], fd[1]); // Pipes ought to be cloexec. Pipes are dup2'd the corresponding fds; the resulting fds are not // cloexec. set_cloexec(fd[0]); set_cloexec(fd[1]); return res; }
void serve(int sockfd) { int n, clfd; FILE *fp; char buf[BUFLEN]; set_cloexec(sockfd); for (;;) { if ((clfd = accept(sockfd, NULL, NULL)) < 0) { syslog(LOG_ERR, "ruptimed: accept error: %s", strerror(errno)); exit(1); } set_cloexec(clfd); if((n = recv(clfd, buf, BUFLEN, 0)) > 0){ if(!strcmp(buf,"utc")){ if ((fp = popen("/bin/date -u", "r")) == NULL) { sprintf(buf, "error: %s\n", strerror(errno)); send(clfd, buf, strlen(buf), 0); } else { while (fgets(buf, BUFLEN, fp) != NULL) send(clfd, buf, strlen(buf), 0); pclose(fp); } } else if(!strcmp(buf, "cst")){ if ((fp = popen("/bin/date", "r")) == NULL) { sprintf(buf, "error: %s\n", strerror(errno)); send(clfd, buf, strlen(buf), 0); } else { while (fgets(buf, BUFLEN, fp) != NULL) send(clfd, buf, strlen(buf), 0); pclose(fp); } } } close(clfd); } }
maybe_t<autoclose_pipes_t> make_autoclose_pipes(const io_chain_t &ios) { int pipes[2] = {-1, -1}; if (pipe(pipes) < 0) { debug(1, PIPE_ERROR); wperror(L"pipe"); return none(); } set_cloexec(pipes[0]); set_cloexec(pipes[1]); if (!pipe_avoid_conflicts_with_io_chain(pipes, ios)) { // The pipes are closed on failure here. return none(); } autoclose_pipes_t result; result.read = autoclose_fd_t(pipes[0]); result.write = autoclose_fd_t(pipes[1]); return {std::move(result)}; }
pid_t pid_output(const char *path) { int tmp; int fd; pid_t pid; char buf[16]; struct flock lock; mode_t oldumask; pid = getpid(); oldumask = umask(0777 & ~PIDFILE_MASK); fd = open(path, O_RDWR | O_CREAT, PIDFILE_MASK); if (fd < 0) { flog_err_sys(LIB_ERR_SYSTEM_CALL, "Can't create pid lock file %s (%s), exiting", path, safe_strerror(errno)); umask(oldumask); exit(1); } else { size_t pidsize; umask(oldumask); memset(&lock, 0, sizeof(lock)); set_cloexec(fd); lock.l_type = F_WRLCK; lock.l_whence = SEEK_SET; if (fcntl(fd, F_SETLK, &lock) < 0) { flog_err_sys(LIB_ERR_SYSTEM_CALL, "Could not lock pid_file %s (%s), exiting", path, safe_strerror(errno)); exit(1); } sprintf(buf, "%d\n", (int)pid); pidsize = strlen(buf); if ((tmp = write(fd, buf, pidsize)) != (int)pidsize) flog_err_sys( LIB_ERR_SYSTEM_CALL, "Could not write pid %d to pid_file %s, rc was %d: %s", (int)pid, path, tmp, safe_strerror(errno)); else if (ftruncate(fd, pidsize) < 0) flog_err_sys( LIB_ERR_SYSTEM_CALL, "Could not truncate pid_file %s to %u bytes: %s", path, (unsigned int)pidsize, safe_strerror(errno)); } return pid; }
int open_socket(struct interface *iface, int protocol) { int s; union sockunion { struct sockaddr sa; struct sockaddr_in sin; struct sockaddr_ll sll; struct sockaddr_storage ss; } su; struct sock_fprog pf; int *fd; if ((s = socket(PF_PACKET, SOCK_DGRAM, htons(protocol))) == -1) return -1; memset(&su, 0, sizeof(su)); su.sll.sll_family = PF_PACKET; su.sll.sll_protocol = htons(protocol); /*if (!(su.sll.sll_ifindex = if_nametoindex(iface->name))) { errno = ENOENT; goto eexit; }*/ /* Install the DHCP filter */ memset(&pf, 0, sizeof(pf)); if (protocol == ETHERTYPE_ARP) { pf.filter = UNCONST(arp_bpf_filter); pf.len = arp_bpf_filter_len; } else { pf.filter = UNCONST(dhcp_bpf_filter); pf.len = dhcp_bpf_filter_len; } if (setsockopt(s, SOL_SOCKET, SO_ATTACH_FILTER, &pf, sizeof(pf)) != 0) goto eexit; if (set_cloexec(s) == -1) goto eexit; if (set_nonblock(s) == -1) goto eexit; if (bind(s, &su.sa, sizeof(su)) == -1) goto eexit; if (protocol == ETHERTYPE_ARP) fd = &iface->arp_fd; else fd = &iface->raw_fd; if (*fd != -1) close(*fd); *fd = s; return s; eexit: close(s); return -1; }
/* return -1 on error */ static int dev_urandom_fd(void) { int fd = -1; struct stat st; /* Check that fd still points to the correct device */ if (urandom_cache.fd >= 0) { if (fstat(urandom_cache.fd, &st) || st.st_dev != urandom_cache.st_dev || st.st_ino != urandom_cache.st_ino) { /* Somebody replaced our FD. Invalidate our cache but don't * close the fd. */ urandom_cache.fd = -1; } } if (urandom_cache.fd < 0) { #ifdef __linux__ if (wait_on_devrandom() < 0) { goto error; } #endif fd = open("/dev/urandom", O_RDONLY); if (fd < 0) { goto error; } if (set_cloexec(fd) < 0) { goto error; } if (fstat(fd, &st)) { goto error; } /* Another thread initialized the fd */ if (urandom_cache.fd >= 0) { close(fd); return urandom_cache.fd; } urandom_cache.st_dev = st.st_dev; urandom_cache.st_ino = st.st_ino; urandom_cache.fd = fd; } return urandom_cache.fd; error: if (fd != -1) { close(fd); } ERR_Cryptography_OSRandom_error( CRYPTOGRAPHY_OSRANDOM_F_DEV_URANDOM_FD, CRYPTOGRAPHY_OSRANDOM_R_DEV_URANDOM_OPEN_FAILED, __FILE__, __LINE__ ); return -1; }
int open_link_socket(void) { int fd; fd = socket(PF_ROUTE, SOCK_RAW, 0); if (fd != -1) { set_cloexec(fd); set_nonblock(fd); } return fd; }
static int _open_link_socket(struct sockaddr_nl *nl) { int fd; if ((fd = socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE)) == -1) return -1; nl->nl_family = AF_NETLINK; if (bind(fd, (struct sockaddr *)nl, sizeof(*nl)) == -1) return -1; set_cloexec(fd); return fd; }
int open_link_socket(void) { int fd; #ifdef DEBUG_MEMORY if (link_buf == NULL) atexit(cleanup); #endif fd = socket(PF_ROUTE, SOCK_RAW, 0); if (fd != -1) { set_cloexec(fd); set_nonblock(fd); } return fd; }
void serve(int sockfd) { int clfd; FILE *fp; char buf[BUFLEN]; char opt[BUFLEN]; int n; set_cloexec(sockfd); for(;;) { if((clfd = accept(sockfd, NULL, NULL)) < 0) { //不关心客户端标识 syslog(LOG_ERR, "ruptimed: accept error: %s", strerror(errno)); exit(-1); } while(1) { if((n = recv(clfd, opt, BUFLEN, 0)) > 0) { printf("the string i got is %s", opt); //这里的字符串比较不指明位数的话比较会出错 //unp P8有解释,TCP是一个没有记录边界的字节流协议 if(strncmp(opt, "uptime", 6) == 0) { //用管道的方式执行一个命令 if((fp = popen("/usr/bin/uptime", "r")) == NULL) { //将出错信息发送到客户端 sprintf(buf, "error: %s\n", strerror(errno)); send(clfd, buf, strlen(buf), 0); } else { while(fgets(buf, BUFLEN, fp) != NULL) //有可能一次发不完,需要一个循环 send(clfd, buf, strlen(buf), 0); pclose(fp); } close(clfd); //关闭不活动的套接字 break; } else { strcpy(buf, "we don not provide the service"); send(clfd, buf, strlen(buf), 0); } } else continue; } } }
/* On Linux, we open("/dev/random") and use poll() to wait until it's readable * before we read from /dev/urandom, this ensures that we don't read from * /dev/urandom before the kernel CSPRNG is initialized. This isn't necessary on * other platforms because they don't have the same _bug_ as Linux does with * /dev/urandom and early boot. */ static int wait_on_devrandom(void) { struct pollfd pfd = {}; int ret = 0; int random_fd = open("/dev/random", O_RDONLY); if (random_fd < 0) { return -1; } if (set_cloexec(random_fd) < 0) { return -1; } pfd.fd = random_fd; pfd.events = POLLIN; pfd.revents = 0; do { ret = poll(&pfd, 1, -1); } while (ret < 0 && (errno == EINTR || errno == EAGAIN)); close(random_fd); return ret; }
int open_link_socket(struct interface *iface) { int fd; struct sockaddr_nl nl; if ((fd = socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE)) == -1) return -1; memset(&nl, 0, sizeof(nl)); nl.nl_family = AF_NETLINK; nl.nl_groups = RTMGRP_LINK; if (bind(fd, (struct sockaddr *)&nl, sizeof(nl)) == -1) return -1; set_cloexec(fd); if (iface->link_fd != -1) close(iface->link_fd); iface->link_fd = fd; return 0; }
static int wopen_internal(const wcstring &pathname, int flags, mode_t mode, bool cloexec) { ASSERT_IS_NOT_FORKED_CHILD(); cstring tmp = wcs2string(pathname); /* Prefer to use O_CLOEXEC. It has to both be defined and nonzero. */ #ifdef O_CLOEXEC if (cloexec && (O_CLOEXEC != 0)) { flags |= O_CLOEXEC; cloexec = false; } #endif int fd = ::open(tmp.c_str(), flags, mode); if (cloexec && fd >= 0 && ! set_cloexec(fd)) { close(fd); fd = -1; } return fd; }
/* ARGSUSED */ static void control_handle(__unused void *arg) { struct sockaddr_un run; socklen_t len; struct fd_list *l; int f; len = sizeof(run); if ((f = accept(fd, (struct sockaddr *)&run, &len)) == -1) return; set_cloexec(f); l = malloc(sizeof(*l)); if (l) { l->fd = f; l->listener = 0; l->next = control_fds; control_fds = l; eloop_event_add(l->fd, control_handle_data, l); } }
static int wopen_internal(const wcstring &pathname, int flags, mode_t mode, bool cloexec) { ASSERT_IS_NOT_FORKED_CHILD(); cstring tmp = wcs2string(pathname); int fd; #ifdef O_CLOEXEC // Prefer to use O_CLOEXEC. It has to both be defined and nonzero. if (cloexec) { fd = open(tmp.c_str(), flags | O_CLOEXEC, mode); } else { fd = open(tmp.c_str(), flags, mode); } #else fd = open(tmp.c_str(), flags, mode); if (fd >= 0 && !set_cloexec(fd)) { close(fd); fd = -1; } #endif return fd; }
int control_start(void) { int len; if ((len = make_sock()) == -1) return -1; unlink(CONTROLSOCKET); if (bind(fd, (struct sockaddr *)&sun, len) == -1 || chmod(CONTROLSOCKET, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP) == -1 || set_cloexec(fd) == -1 || set_nonblock(fd) == -1 || listen(fd, sizeof(control_fds)) == -1) { close(fd); return -1; } eloop_event_add(fd, control_handle, NULL); return fd; }