/*
** BootDone -- free up memory allocated for a connection.
**
** Parameters:
** rconn - incoming boot complete packet.
**
** Returns:
** 1 on success, 0 on failure.
**
** Side Effects:
** none.
*/
int
BootDone(RMPCONN *rconn)
{
RMPCONN *oldconn;
struct rmp_packet *rpl;
/*
* If we cant find the connection, ignore the request.
*/
if ((oldconn = FindConn(rconn)) == NULL) {
syslog(LOG_ERR, "BootDone: no existing connection (%s)",
EnetStr(rconn));
return(0);
}
rpl = &oldconn->rmp; /* cache ptr to RMP packet */
/*
* Make sure Session ID's match.
*/
if (ntohs(rconn->rmp.r_rrq.rmp_session) !=
((rpl->r_type == RMP_BOOT_REPL)? ntohs(rpl->r_brpl.rmp_session):
ntohs(rpl->r_rrpl.rmp_session))) {
syslog(LOG_ERR, "BootDone: bad session id (%s)",
EnetStr(rconn));
return(0);
}
RemoveConn(oldconn); /* remove connection */
syslog(LOG_INFO, "%s: boot complete", EnetStr(rconn));
return(1);
}
/*
** DoTimeout -- Free any connections that have timed out.
**
** Parameters:
** None.
**
** Returns:
** Nothing.
**
** Side Effects:
** - Timed out connections in `RmpConns' will be freed.
*/
void
DoTimeout(void)
{
RMPCONN *rtmp;
time_t now;
/*
* For each active connection, if RMP_TIMEOUT seconds have passed
* since the last packet was sent, delete the connection.
*/
now = time(NULL);
for (rtmp = RmpConns; rtmp != NULL; rtmp = rtmp->next)
if ((rtmp->tstamp.tv_sec + RMP_TIMEOUT) < now) {
syslog(LOG_WARNING, "%s: connection timed out (%u)",
EnetStr(rtmp), rtmp->rmp.r_type);
RemoveConn(rtmp);
}
}
/*
** ProcessPacket -- determine packet type and do what's required.
**
** An RMP BOOT packet has been received. Look at the type field
** and process Boot Requests, Read Requests, and Boot Complete
** packets. Any other type will be dropped with a warning msg.
**
** Parameters:
** rconn - the new connection
** client - list of files available to this host
**
** Returns:
** Nothing.
**
** Side Effects:
** - If this is a valid boot request, it will be added to
** the linked list of outstanding requests (RmpConns).
** - If this is a valid boot complete, its associated
** entry in RmpConns will be deleted.
** - Also, unless we run out of memory, a reply will be
** sent to the host that sent the packet.
*/
void
ProcessPacket(RMPCONN *rconn, CLIENT *client)
{
struct rmp_packet *rmp;
RMPCONN *rconnout;
rmp = &rconn->rmp; /* cache pointer to RMP packet */
switch(rmp->r_type) { /* do what we came here to do */
case RMP_BOOT_REQ: /* boot request */
if ((rconnout = NewConn(rconn)) == NULL)
return;
/*
* If the Session ID is 0xffff, this is a "probe"
* packet and we do not want to add the connection
* to the linked list of active connections. There
* are two types of probe packets, if the Sequence
* Number is 0 they want to know our host name, o/w
* they want the name of the file associated with
* the number spec'd by the Sequence Number.
*
* If this is an actual boot request, open the file
* and send a reply. If SendBootRepl() does not
* return 0, add the connection to the linked list
* of active connections, otherwise delete it since
* an error was encountered.
*/
if (ntohs(rmp->r_brq.rmp_session) == RMP_PROBESID) {
if (WORDZE(rmp->r_brq.rmp_seqno))
(void) SendServerID(rconnout);
else
(void) SendFileNo(rmp, rconnout,
client? client->files:
BootFiles);
FreeConn(rconnout);
} else {
if (SendBootRepl(rmp, rconnout,
client? client->files: BootFiles))
AddConn(rconnout);
else
FreeConn(rconnout);
}
break;
case RMP_BOOT_REPL: /* boot reply (not valid) */
syslog(LOG_WARNING, "%s: sent a boot reply",
EnetStr(rconn));
break;
case RMP_READ_REQ: /* read request */
/*
* Send a portion of the boot file.
*/
(void) SendReadRepl(rconn);
break;
case RMP_READ_REPL: /* read reply (not valid) */
syslog(LOG_WARNING, "%s: sent a read reply",
EnetStr(rconn));
break;
case RMP_BOOT_DONE: /* boot complete */
/*
* Remove the entry from the linked list of active
* connections.
*/
(void) BootDone(rconn);
break;
default: /* unknown RMP packet type */
syslog(LOG_WARNING, "%s: unknown packet type (%u)",
EnetStr(rconn), rmp->r_type);
}
}
/*
** SendReadRepl -- send a portion of the boot file to the requester.
**
** Parameters:
** rconn - the reply packet to be formatted.
**
** Returns:
** 1 on success, 0 on failure.
**
** Side Effects:
** none.
*/
int
SendReadRepl(RMPCONN *rconn)
{
int retval = 0;
RMPCONN *oldconn;
struct rmp_packet *rpl, *req;
int size = 0;
int madeconn = 0;
/*
* Find the old connection. If one doesnt exist, create one only
* to return the error code.
*/
if ((oldconn = FindConn(rconn)) == NULL) {
if ((oldconn = NewConn(rconn)) == NULL)
return(0);
syslog(LOG_ERR, "SendReadRepl: no active connection (%s)",
EnetStr(rconn));
madeconn++;
}
req = &rconn->rmp; /* cache ptr to request packet */
rpl = &oldconn->rmp; /* cache ptr to reply packet */
if (madeconn) { /* no active connection above; abort */
rpl->r_rrpl.rmp_retcode = RMP_E_ABORT;
retval = 1;
goto sendpkt;
}
/*
* Make sure Session ID's match.
*/
if (ntohs(req->r_rrq.rmp_session) !=
((rpl->r_type == RMP_BOOT_REPL)? ntohs(rpl->r_brpl.rmp_session):
ntohs(rpl->r_rrpl.rmp_session))) {
syslog(LOG_ERR, "SendReadRepl: bad session id (%s)",
EnetStr(rconn));
rpl->r_rrpl.rmp_retcode = RMP_E_BADSID;
retval = 1;
goto sendpkt;
}
/*
* If the requester asks for more data than we can fit,
* silently clamp the request size down to RMPREADDATA.
*
* N.B. I do not know if this is "legal", however it seems
* to work. This is necessary for bpfwrite() on machines
* with MCLBYTES less than 1514.
*/
if (ntohs(req->r_rrq.rmp_size) > RMPREADDATA)
req->r_rrq.rmp_size = htons(RMPREADDATA);
/*
* Position read head on file according to info in request packet.
*/
GETWORD(req->r_rrq.rmp_offset, size);
if (lseek(oldconn->bootfd, (off_t)size, SEEK_SET) < 0) {
syslog(LOG_ERR, "SendReadRepl: lseek: %m (%s)",
EnetStr(rconn));
rpl->r_rrpl.rmp_retcode = RMP_E_ABORT;
retval = 1;
goto sendpkt;
}
/*
* Read data directly into reply packet.
*/
if ((size = read(oldconn->bootfd, &rpl->r_rrpl.rmp_data,
(int) ntohs(req->r_rrq.rmp_size))) <= 0) {
if (size < 0) {
syslog(LOG_ERR, "SendReadRepl: read: %m (%s)",
EnetStr(rconn));
rpl->r_rrpl.rmp_retcode = RMP_E_ABORT;
} else {
rpl->r_rrpl.rmp_retcode = RMP_E_EOF;
}
retval = 1;
goto sendpkt;
}
/*
* Set success indication.
*/
rpl->r_rrpl.rmp_retcode = RMP_E_OKAY;
sendpkt:
/*
* Set up assorted fields in reply packet.
*/
rpl->r_rrpl.rmp_type = RMP_READ_REPL;
COPYWORD(req->r_rrq.rmp_offset, rpl->r_rrpl.rmp_offset);
rpl->r_rrpl.rmp_session = req->r_rrq.rmp_session;
oldconn->rmplen = RMPREADSIZE(size); /* set size of packet */
retval &= SendPacket(oldconn); /* send packet */
if (madeconn) /* clean up after ourself */
FreeConn(oldconn);
return (retval);
}
/*
** SendBootRepl -- open boot file and respond to boot request.
**
** Parameters:
** req - RMP BOOT packet containing the request.
** rconn - the reply packet to be formatted.
** filelist - list of files available to the requester.
**
** Returns:
** 1 on success, 0 on failure.
**
** Side Effects:
** none.
*/
int
SendBootRepl(struct rmp_packet *req, RMPCONN *rconn, char *filelist[])
{
int retval;
char *filename, filepath[RMPBOOTDATA+1];
RMPCONN *oldconn;
struct rmp_packet *rpl;
char *src, *dst1, *dst2;
u_int8_t i;
/*
* If another connection already exists, delete it since we
* are obviously starting again.
*/
if ((oldconn = FindConn(rconn)) != NULL) {
syslog(LOG_WARNING, "%s: dropping existing connection",
EnetStr(oldconn));
RemoveConn(oldconn);
}
rpl = &rconn->rmp; /* cache ptr to RMP packet */
/*
* Set up assorted fields in reply packet.
*/
rpl->r_brpl.rmp_type = RMP_BOOT_REPL;
COPYWORD(req->r_brq.rmp_seqno, rpl->r_brpl.rmp_seqno);
rpl->r_brpl.rmp_session = htons(GenSessID());
rpl->r_brpl.rmp_version = htons(RMP_VERSION);
rpl->r_brpl.rmp_flnmsize = req->r_brq.rmp_flnmsize;
/*
* Copy file name to `filepath' string, and into reply packet.
*/
src = &req->r_brq.rmp_flnm;
dst1 = filepath;
dst2 = &rpl->r_brpl.rmp_flnm;
for (i = 0; i < req->r_brq.rmp_flnmsize; i++)
*dst1++ = *dst2++ = *src++;
*dst1 = '\0';
/*
* If we are booting HP-UX machines, their secondary loader will
* ask for files like "/hp-ux". As a security measure, we do not
* allow boot files to lay outside the boot directory (unless they
* are purposely link'd out. So, make `filename' become the path-
* stripped file name and spoof the client into thinking that it
* really got what it wanted.
*/
filename = (filename = strrchr(filepath,'/'))? ++filename: filepath;
/*
* Check that this is a valid boot file name.
*/
for (i = 0; i < C_MAXFILE && filelist[i] != NULL; i++)
if (STREQN(filename, filelist[i]))
goto match;
/*
* Invalid boot file name, set error and send reply packet.
*/
rpl->r_brpl.rmp_retcode = RMP_E_NOFILE;
retval = 0;
goto sendpkt;
match:
/*
* This is a valid boot file. Open the file and save the file
* descriptor associated with this connection and set success
* indication. If the file couldnt be opened, set error:
* "no such file or dir" - RMP_E_NOFILE
* "file table overflow" - RMP_E_BUSY
* "too many open files" - RMP_E_BUSY
* anything else - RMP_E_OPENFILE
*/
if ((rconn->bootfd = open(filename, O_RDONLY, 0600)) < 0) {
rpl->r_brpl.rmp_retcode = (errno == ENOENT)? RMP_E_NOFILE:
(errno == EMFILE || errno == ENFILE)? RMP_E_BUSY:
RMP_E_OPENFILE;
retval = 0;
} else {
rpl->r_brpl.rmp_retcode = RMP_E_OKAY;
retval = 1;
}
sendpkt:
syslog(LOG_INFO, "%s: request to boot %s (%s)",
EnetStr(rconn), filename, retval? "granted": "denied");
rconn->rmplen = RMPBOOTSIZE(rpl->r_brpl.rmp_flnmsize);
return (retval & SendPacket(rconn));
}
int
main(int argc, char *argv[])
{
int c, fd, omask, maxfds;
fd_set rset;
/*
* Close any open file descriptors.
* Temporarily leave stdin & stdout open for `-d',
* and stderr open for any pre-syslog error messages.
*/
{
int i, nfds = getdtablesize();
for (i = 0; i < nfds; i++)
if (i != fileno(stdin) && i != fileno(stdout) &&
i != fileno(stderr))
(void) close(i);
}
/*
* Parse any arguments.
*/
while ((c = getopt(argc, argv, "adi:")) != -1)
switch(c) {
case 'a':
BootAny++;
break;
case 'd':
DebugFlg++;
break;
case 'i':
IntfName = optarg;
break;
default:
usage();
}
for (; optind < argc; optind++) {
if (ConfigFile == NULL)
ConfigFile = argv[optind];
else {
warnx("too many config files (`%s' ignored)",
argv[optind]);
}
}
if (ConfigFile == NULL) /* use default config file */
ConfigFile = DfltConfig;
if (DebugFlg) {
DbgFp = stdout; /* output to stdout */
(void) signal(SIGUSR1, SIG_IGN); /* dont muck w/DbgFp */
(void) signal(SIGUSR2, SIG_IGN);
(void) fclose(stderr); /* finished with it */
} else {
if (daemon(0, 0))
err(1, "can't detach from terminal");
(void) signal(SIGUSR1, DebugOn);
(void) signal(SIGUSR2, DebugOff);
}
openlog("rbootd", LOG_PID, LOG_DAEMON);
/*
* If no interface was specified, get one now.
*
* This is convoluted because we want to get the default interface
* name for the syslog("restarted") message. If BpfGetIntfName()
* runs into an error, it will return a syslog-able error message
* (in `errmsg') which will be displayed here.
*/
if (IntfName == NULL) {
char *errmsg;
if ((IntfName = BpfGetIntfName(&errmsg)) == NULL) {
/* Backslash to avoid trigraph '??)'. */
syslog(LOG_NOTICE, "restarted (?\?)");
/* BpfGetIntfName() returns safe names, using %m */
syslog(LOG_ERR, "%s", errmsg);
Exit(0);
}
}
syslog(LOG_NOTICE, "restarted (%s)", IntfName);
(void) signal(SIGHUP, ReConfig);
(void) signal(SIGINT, Exit);
(void) signal(SIGTERM, Exit);
/*
* Grab our host name and pid.
*/
if (gethostname(MyHost, MAXHOSTNAMELEN - 1) < 0) {
syslog(LOG_ERR, "gethostname: %m");
Exit(0);
}
MyHost[MAXHOSTNAMELEN - 1] = '\0';
MyPid = getpid();
/*
* Write proc's pid to a file.
*/
{
FILE *fp;
if ((fp = fopen(PidFile, "w")) != NULL) {
(void) fprintf(fp, "%d\n", (int) MyPid);
(void) fclose(fp);
} else {
syslog(LOG_WARNING, "fopen: failed (%s)", PidFile);
}
}
/*
* All boot files are relative to the boot directory, we might
* as well chdir() there to make life easier.
*/
if (chdir(BootDir) < 0) {
syslog(LOG_ERR, "chdir: %m (%s)", BootDir);
Exit(0);
}
/*
* Initial configuration.
*/
omask = sigblock(sigmask(SIGHUP)); /* prevent reconfig's */
if (GetBootFiles() == 0) /* get list of boot files */
Exit(0);
if (ParseConfig() == 0) /* parse config file */
Exit(0);
/*
* Open and initialize a BPF device for the appropriate interface.
* If an error is encountered, a message is displayed and Exit()
* is called.
*/
fd = BpfOpen();
(void) sigsetmask(omask); /* allow reconfig's */
/*
* Main loop: receive a packet, determine where it came from,
* and if we service this host, call routine to handle request.
*/
maxfds = fd + 1;
FD_ZERO(&rset);
FD_SET(fd, &rset);
for (;;) {
struct timeval timeout;
fd_set r;
int nsel;
r = rset;
if (RmpConns == NULL) { /* timeout isn't necessary */
nsel = select(maxfds, &r, NULL, NULL, NULL);
} else {
timeout.tv_sec = RMP_TIMEOUT;
timeout.tv_usec = 0;
nsel = select(maxfds, &r, NULL, NULL, &timeout);
}
if (nsel < 0) {
if (errno == EINTR)
continue;
syslog(LOG_ERR, "select: %m");
Exit(0);
} else if (nsel == 0) { /* timeout */
DoTimeout(); /* clear stale conns */
continue;
}
if (FD_ISSET(fd, &r)) {
RMPCONN rconn;
CLIENT *client, *FindClient();
int doread = 1;
while (BpfRead(&rconn, doread)) {
doread = 0;
if (DbgFp != NULL) /* display packet */
DispPkt(&rconn,DIR_RCVD);
omask = sigblock(sigmask(SIGHUP));
/*
* If we do not restrict service, set the
* client to NULL (ProcessPacket() handles
* this). Otherwise, check that we can
* service this host; if not, log a message
* and ignore the packet.
*/
if (BootAny) {
client = NULL;
} else if ((client=FindClient(&rconn))==NULL) {
syslog(LOG_INFO,
"%s: boot packet ignored",
EnetStr(&rconn));
(void) sigsetmask(omask);
continue;
}
ProcessPacket(&rconn,client);
(void) sigsetmask(omask);
}
}
}
}
