int setup_tcp_server_socket(const char ip[4], const char ip6[16], u16 port, int backlog) { char sip[FMT_IP6]; int fd; fd = socket_tcp6(); if(fd >= 0) { if(socket_bind6_reuse(fd, ip6, port, 0) == -1) { close(fd); fd = socket_tcp(); if(fd >= 0) { if(-1 == socket_bind4_reuse(fd, ip, port)) ERROR("unable to create server socket: %s", strerror(errno)); else { fmt_ip4(sip, ip); DEBUG("bound TCP socket on %s:%hu", sip, port); } } else { ERROR("unable to create TCP socket: %s", strerror(errno)); } } else { fmt_ip6(sip, ip6); DEBUG("bound TCP socket on [%s]:%hu", sip, port); } if(socket_listen(fd, backlog) == -1) ERROR("listen() failed: %s", strerror(errno)); } else { ERROR("unable to create TCP socket: %s", strerror(errno)); } return fd; }
static void handle_reconnects( void ) { int i; for( i=0; i<g_connection_count; ++i ) if( PROXYPEER_NEEDSCONNECT( g_connections[i].state ) ) { int64 newfd = socket_tcp6( ); fprintf( stderr, "(Re)connecting to peer..." ); if( newfd < 0 ) continue; /* No socket for you */ io_fd(newfd); if( socket_bind6_reuse(newfd,g_serverip,g_serverport,0) ) { io_close( newfd ); continue; } if( socket_connect6(newfd,g_connections[i].ip,g_connections[i].port,0) == -1 && errno != EINPROGRESS && errno != EWOULDBLOCK ) { close(newfd); continue; } io_wantwrite(newfd); /* So we will be informed when it is connected */ io_setcookie(newfd,g_connections+i); /* Prepare connection info block */ reset_info_block( g_connections+i ); g_connections[i].fd = newfd; PROXYPEER_SETCONNECTING( g_connections[i].state ); } g_connection_reconn = time(NULL) + 30; }
static int64_t ot_try_bind( ot_ip6 ip, uint16_t port ) { int64 sock = socket_tcp6( ); if( socket_bind6_reuse( sock, ip, port, 0 ) == -1 ) panic( "socket_bind6_reuse" ); if( socket_listen( sock, SOMAXCONN) == -1 ) panic( "socket_listen" ); if( !io_fd( sock ) ) panic( "io_fd" ); io_setcookie( sock, (void*)FLAG_SERVERSOCKET ); io_wantread( sock ); return sock; }
static int make_connection(char* ip,uint16 port,uint32 scope_id) { int v6=byte_diff(ip,12,V4mappedprefix); int s; if (v6) { s=socket_tcp6(); if (s==-1) panic("socket_tcp6()"); ndelay_off(s); if (bindport) { for (;;) { int r=socket_bind6_reuse(s,V6any,bindport,0); if (++bindport<1024) bindport=1024; if (r==0) break; if (errno!=EADDRINUSE) panic("socket_bind6"); } } if (socket_connect6(s,ip,port,scope_id)==-1) { carp("socket_connect6"); close(s); return -1; } } else { s=socket_tcp4(); if (s==-1) panic("socket_tcp4()"); ndelay_off(s); if (bindport) { for (;;) { int r=socket_bind4_reuse(s,V6any,bindport); if (++bindport<1024) bindport=1024; if (r==0) break; if (errno!=EADDRINUSE) panic("socket_bind4"); } } if (socket_connect4(s,ip+12,port)==-1) { carp("socket_connect4"); close(s); return -1; } } return s; }
int main(int argc,char * const *argv) { const char *hostname; int opt; struct servent *se; char *x; unsigned long u; int s; int t; io_opt = ssl_io_opt_default; io_opt.timeout = 3600; while ((opt = getopt(argc,argv,"46dDvqQhHrR1UXx:t:T:u:g:l:b:B:c:Z:pPoO3IiEeSsaAw:nNyYuUjJ")) != opteof) switch(opt) { case 'b': scan_ulong(optarg,&backlog); break; case 'c': scan_ulong(optarg,&limit); break; case 'X': flagallownorules = 1; break; case 'x': fnrules = optarg; break; case 'B': banner = optarg; break; case 'd': flagdelay = 1; break; case 'D': flagdelay = 0; break; case 'v': verbosity = 2; break; case 'q': verbosity = 0; break; case 'Q': verbosity = 1; break; case 'P': flagparanoid = 0; break; case 'p': flagparanoid = 1; break; case 'O': flagkillopts = 1; break; case 'o': flagkillopts = 0; break; case 'H': flagremotehost = 0; break; case 'h': flagremotehost = 1; break; case 'R': flagremoteinfo = 0; break; case 'r': flagremoteinfo = 1; break; case 't': scan_ulong(optarg,&timeout); break; case 'T': scan_ulong(optarg,&ssltimeout); break; case 'w': scan_uint(optarg,&io_opt.timeout); break; case 'U': x = env_get("UID"); if (x) scan_ulong(x,&uid); x = env_get("GID"); if (x) scan_ulong(x,&gid); break; case 'u': scan_ulong(optarg,&uid); break; case 'g': scan_ulong(optarg,&gid); break; case 'Z': netif=socket_getifidx(optarg); break; case '1': flag1 = 1; break; case '4': noipv6 = 1; break; case '6': forcev6 = 1; break; case 'l': localhost = optarg; break; case '3': flag3 = 1; break; case 'I': flagclientcert = 0; break; case 'i': flagclientcert = 1; break; case 'S': flagsslenv = 0; break; case 's': flagsslenv = 1; break; case 'E': flagtcpenv = 0; break; case 'e': flagtcpenv = 1; break; case 'n': case 'y': flagsslwait = 1; break; case 'N': case 'Y': flagsslwait = 0; break; case 'j': io_opt.just_shutdown = 1; break; case 'J': io_opt.just_shutdown = 0; break; default: usage(); } argc -= optind; argv += optind; if (!verbosity) buffer_2->fd = -1; hostname = *argv++; if (!hostname) usage(); if (str_equal(hostname,"")) hostname = "0"; x = *argv++; if (!x) usage(); prog = argv; if (!*argv) usage(); if (!x[scan_ulong(x,&u)]) localport = u; else { se = getservbyname(x,"tcp"); if (!se) strerr_die3x(111,FATAL,"unable to figure out port number for ",x); uint16_unpack_big((char*)&se->s_port,&localport); } if (x = env_get("VERIFYDEPTH")) { scan_ulong(x,&u); verifydepth = u; } if (x = env_get("CAFILE")) cafile = x; if (cafile && str_equal(cafile,"")) cafile = 0; if (x = env_get("CCAFILE")) ccafile = x; if (ccafile && str_equal(ccafile,"")) ccafile = 0; if (!flagclientcert) ccafile = 0; if (x = env_get("CADIR")) cadir = x; if (cadir && str_equal(cadir,"")) cadir= 0; if (x = env_get("CERTFILE")) certfile = x; if (certfile && str_equal(certfile,"")) certfile = 0; if (x = env_get("KEYFILE")) keyfile = x; if (keyfile && str_equal(keyfile,"")) keyfile = 0; if (x = env_get("DHFILE")) dhfile = x; if (dhfile && str_equal(dhfile,"")) dhfile = 0; if (x = env_get("CIPHERS")) ciphers = x; if (ciphers && str_equal(ciphers,"")) ciphers = 0; sig_block(sig_child); sig_catch(sig_child,sigchld); sig_catch(sig_term,sigterm); sig_ignore(sig_pipe); if (str_equal(hostname,"0")) { byte_zero(localip,sizeof localip); } else { if (!stralloc_copys(&tmp,hostname)) strerr_die2x(111,FATAL,"out of memory"); if (dns_ip6_qualify(&addresses,&fqdn,&tmp) == -1) strerr_die4sys(111,FATAL,"temporarily unable to figure out IP address for ",hostname,": "); if (addresses.len < 16) strerr_die3x(111,FATAL,"no IP address for ",hostname); byte_copy(localip,16,addresses.s); if (ip6_isv4mapped(localip)) noipv6=1; } s = socket_tcp6(); if (s == -1) strerr_die2sys(111,FATAL,"unable to create socket: "); if (socket_bind6_reuse(s,localip,localport,netif) == -1) strerr_die2sys(111,FATAL,"unable to bind: "); if (socket_local6(s,localip,&localport,&netif) == -1) strerr_die2sys(111,FATAL,"unable to get local address: "); if (socket_listen(s,backlog) == -1) strerr_die2sys(111,FATAL,"unable to listen: "); ndelay_off(s); localportstr[fmt_ulong(localportstr,localport)] = 0; if (flag1) { buffer_init(&b,buffer_unixwrite,1,bspace,sizeof bspace); buffer_puts(&b,localportstr); buffer_puts(&b,"\n"); buffer_flush(&b); } if (flag3) read_passwd(); ctx = ssl_server(); ssl_errstr(); if (!ctx) strerr_die2x(111,FATAL,"unable to create SSL context"); switch (ssl_certkey(ctx,certfile,keyfile,passwd_cb)) { case -1: strerr_die2x(111,FATAL,"unable to load certificate"); case -2: strerr_die2x(111,FATAL,"unable to load key"); case -3: strerr_die2x(111,FATAL,"key does not match certificate"); default: break; } if (!ssl_ca(ctx,cafile,cadir,verifydepth)) strerr_die2x(111,FATAL,"unable to load CA list"); if (!ssl_cca(ctx,ccafile)) strerr_die2x(111,FATAL,"unable to load client CA list"); if (!ssl_params(ctx,dhfile,rsalen)) strerr_die2x(111,FATAL,"unable to set cipher parameters"); if (!ssl_ciphers(ctx,ciphers)) strerr_die2x(111,FATAL,"unable to set cipher list"); if (verbosity >= 2) { strnum[fmt_ulong(strnum,getpid())] = 0; strnum2[fmt_ulong(strnum2,rsalen)] = 0; strerr_warn4("sslserver: cafile ",strnum," ",cafile,0); strerr_warn4("sslserver: ccafile ",strnum," ",ccafile,0); strerr_warn4("sslserver: cadir ",strnum," ",cadir,0); strerr_warn4("sslserver: cert ",strnum," ",certfile,0); strerr_warn4("sslserver: key ",strnum," ",keyfile,0); strerr_warn6("sslserver: param ",strnum," ",dhfile," ",strnum2,0); } close(0); open_read("/dev/null"); close(1); open_append("/dev/null"); printstatus(); for (;;) { while (numchildren >= limit) sig_pause(); sig_unblock(sig_child); t = socket_accept6(s,remoteip,&remoteport,&netif); sig_block(sig_child); if (t == -1) continue; ++numchildren; printstatus(); switch(fork()) { case 0: close(s); doit(t); strerr_die4sys(111,DROP,"unable to run ",*argv,": "); case -1: strerr_warn2(DROP,"unable to fork: ",&strerr_sys); --numchildren; printstatus(); } close(t); } }
int main(int argc,char* argv[]) { int s,t; uint16 port=2342; uint32 scope_id=0; char ip[16]; char buf[8192]; int i; struct pollfd p[2]; if (argc<3) { usage: __write2("usage: server ip port\n\nexample: server 0 8000 | restore x -f -\n"); return 0; } if (!strcmp(argv[1],"0")) byte_zero(ip,16); else if (argv[1][i=scan_ip6if(argv[1],ip,&scope_id)]) { __write2("server: error: invalid ip address!\n"); goto usage; } if (argv[2][scan_ushort(argv[2],&port)]) { __write2("server: error: invalid port number!\n"); goto usage; } if (byte_equal(ip,12,V4mappedprefix)) { s=socket_tcp4b(); if (s==-1) panic("server: error: socket() failed"); if (socket_bind4_reuse(s,ip+12,port)==-1) panic("server: error: bind() failed"); if (socket_listen(s,1)==-1) panic("server: error: listen() failed"); ndelay_off(s); if ((t=socket_accept4(s,0,0))==-1) panic("server: error: accept() failed"); } else { s=socket_tcp6b(); if (s==-1) panic("server: error: socket() failed"); if (socket_bind6_reuse(s,ip,port,scope_id)==-1) panic("server: error: bind() failed"); if (socket_listen(s,1)==-1) panic("server: error: listen() failed"); ndelay_off(s); if ((t=socket_accept6(s,0,0,0))==-1) panic("server: error: accept() failed"); } close(s); p[0].fd=0; p[0].events=POLLIN; p[1].fd=t; p[1].events=POLLIN; while (poll(p,2,5000)) { if (p[0].revents) { int j; if (p[0].revents&POLLERR) panic("server: error: poll() signals POLLERR\n"); i=read(0,buf,sizeof(buf)); if (i==0) { shutdown(t,SHUT_WR); blockingcopy(t,1); } for (j=0; j<i; ) { int k=write(t,buf+j,i-j); if (k==-1) panic("server: error: write() failed"); if (k==0) panic("server: error: short write!\n"); j+=k; } } if (p[1].revents) { int j; if (p[1].revents&POLLERR) panic("server: error: poll() signals POLLERR\n"); i=read(t,buf,sizeof(buf)); if (i==0) { shutdown(1,SHUT_WR); blockingcopy(0,t); } for (j=0; j<i; ) { int k=write(1,buf+j,i-j); if (k==-1) panic("server: error: write() failed"); if (k==0) panic("server: error: short write!\n"); j+=k; } } } return 0; }
int main(int argc, char* argv[]) { int s = socket_tcp6(); uint32 scope_id; char ip[16]; uint16 port; char hisip[16]; uint16 hisport; uint32 hisscope_id; static char seed[128]; static stralloc fqdn; static stralloc out; if(argc != 4) { usage: buffer_putsflush(buffer_2, "usage: proxy myip myport hisip hisport\n" "\n" "e.g.: proxy 0 119 news.fu-berlin.de 119\n"); return 0; } if(argv[1][scan_ip6if(argv[1], ip, &scope_id)]) { if(str_equal(argv[1], "0")) { byte_zero(ip, 16); scope_id = 0; } else goto usage; } if(argv[2][scan_ushort(argv[2], &port)]) goto usage; if(argv[3][scan_ip6if(argv[3], hisip, &hisscope_id)]) { dns_random_init(seed); if(!stralloc_copys(&fqdn, argv[3])) goto nomem; if(dns_ip4(&out, &fqdn) == -1) { buffer_puts(buffer_2, "unable to find IP address for "); buffer_puts(buffer_2, argv[3]); buffer_puts(buffer_2, ": "); buffer_puterror(buffer_2); buffer_putnlflush(buffer_2); return 111; } } else if(!stralloc_catb(&out, hisip, 16)) { nomem: buffer_putsflush(buffer_2, "out of memory\n"); return 111; } if(argv[4][scan_ushort(argv[4], &hisport)]) goto usage; if(socket_bind6_reuse(s, ip, port, scope_id) == -1) { buffer_puts(buffer_2, "socket_bind6_reuse: "); buffer_puterror(buffer_2); buffer_putnlflush(buffer_2); return 111; } if(socket_listen(s, 16) == -1) { buffer_puts(buffer_2, "socket_listen: "); buffer_puterror(buffer_2); buffer_putnlflush(buffer_2); return 111; } if(!io_fd(s)) { buffer_puts(buffer_2, "io_fd: "); buffer_puterror(buffer_2); buffer_putnlflush(buffer_2); return 111; } io_wantread(s); for(;;) { int64 i; io_wait(); while((i = io_canread()) != -1) { if(i == s) { /* the read event is on the server socket */ /* that means it's an incoming connection */ int n; while((n = socket_accept6(s, ip, &port, &scope_id)) != -1) { int x = socket_tcp6(); if(x == -1) { buffer_puts(buffer_2, "socket_tcp6 failed: "); fail: buffer_puterror(buffer_2); buffer_putnlflush(buffer_2); io_close(n); } else { struct state* s = malloc(sizeof(struct state)); if(!s) goto closefail; s->a = n; s->b = x; s->connected = 0; s->done = s->todo = 0; s->dir = UNDECIDED; io_nonblock(x); socket_connect6(x, out.s, hisport, hisscope_id); if(!io_fd(x) || !io_fd(n)) { buffer_puts(buffer_2, "io_fd failed: "); closefail: free(s); io_close(x); goto fail; } io_setcookie(x, s); io_setcookie(n, s); io_wantwrite(x); } } if(errno != EAGAIN) { buffer_puts(buffer_2, "socket_accept6 failed: "); buffer_puterror(buffer_2); buffer_putnlflush(buffer_2); } } else { /* read event on an established connection */ struct state* s = io_getcookie(i); int l = io_tryread(i, s->buf, sizeof(s->buf)); if(l == -1) { buffer_puts(buffer_2, "io_tryread("); buffer_putulong(buffer_2, i); buffer_puts(buffer_2, "): "); buffer_puterror(buffer_2); buffer_putnlflush(buffer_2); io_close(s->a); io_close(s->b); } else if(l == 0) { buffer_puts(buffer_2, "eof on fd #"); buffer_putulong(buffer_2, i); buffer_putnlflush(buffer_2); io_close(i); } else { int r; switch(r = io_trywrite(i, s->buf, l)) { case -1: buffer_puts(buffer_2, "io_tryread("); buffer_putulong(buffer_2, i); buffer_puts(buffer_2, "): "); buffer_puterror(buffer_2); buffer_putnlflush(buffer_2); io_close(i); break; case 0: buffer_puts(buffer_2, "write eof on fd #"); buffer_putulong(buffer_2, i); buffer_putnlflush(buffer_2); io_close(i); default: if(r != l) { buffer_puts(buffer_2, "short write on fd #"); buffer_putulong(buffer_2, i); buffer_puts(buffer_2, ": wrote "); buffer_putulong(buffer_2, r); buffer_puts(buffer_2, ", wanted to write "); buffer_putulong(buffer_2, l); buffer_putsflush(buffer_2, ").\n"); } } } } } } return 0; }
int main() { char *x; unsigned int i, j, k; unsigned long cachesize; static stralloc sa = {0}; x = env_get("INTERFACE"); if (x) scan_ulong(x,&interface); x = env_get("IP"); if (!x) strerr_die2x(111,FATAL,"$IP not set"); if (!ip6_scan(x,myipincoming)) strerr_die3x(111,FATAL,"unable to parse IP address ",x); #if 0 /* if if IP is a mapped-IPv4 address, disable IPv6 functionality */ /* this is actually a bad idea */ if (ip6_isv4mapped(myipincoming)) noipv6 = 1; #endif udp53 = socket_udp6(); if (udp53 == -1) strerr_die2sys(111,FATAL,"unable to create UDP socket: "); if (socket_bind6_reuse(udp53,myipincoming,53,interface) == -1) strerr_die2sys(111,FATAL,"unable to bind UDP socket: "); tcp53 = socket_tcp6(); if (tcp53 == -1) strerr_die2sys(111,FATAL,"unable to create TCP socket: "); if (socket_bind6_reuse(tcp53,myipincoming,53,interface) == -1) strerr_die2sys(111,FATAL,"unable to bind TCP socket: "); droproot(FATAL); socket_tryreservein(udp53,131072); byte_zero(seed,sizeof seed); read(0,seed,sizeof seed); dns_random_init(seed); close(0); x = env_get("IPSEND"); if (!x) strerr_die2x(111,FATAL,"$IPSEND not set"); if (!ip6_scan(x,myipoutgoing)) strerr_die3x(111,FATAL,"unable to parse IP address ",x); x = env_get("CACHESIZE"); if (!x) strerr_die2x(111,FATAL,"$CACHESIZE not set"); scan_ulong(x,&cachesize); if (!cache_init(cachesize)) strerr_die3x(111,FATAL,"not enough memory for cache of size ",x); if (openreadclose("ignoreip",&sa,64) < 0) strerr_die2x(111,FATAL,"trouble reading ignoreip"); for(j = k = i = 0; i < sa.len; i++) if (sa.s[i] == '\n') { sa.s[i] = '\0'; if (!stralloc_readyplus(&ignoreip,16)) strerr_die2x(111,FATAL,"out of memory parsing ignoreip"); if (!ip6_scan(sa.s+k,ignoreip.s+j)) strerr_die3x(111,FATAL,"unable to parse address in ignoreip ",ignoreip.s+k); j += 16; k = i + 1; } ignoreip.len = j; if (env_get("HIDETTL")) response_hidettl(); if (env_get("FORWARDONLY")) query_forwardonly(); if (!roots_init()) strerr_die2sys(111,FATAL,"unable to read servers: "); if (socket_listen(tcp53,20) == -1) strerr_die2sys(111,FATAL,"unable to listen on TCP socket: "); log_startup(); doit(); }