int
main(int argc, char **argv)
{
int s, sts, op, host;
unsigned int i;
char name[4*8 + 7 + 1]; /* handles full IPv6 address, if supported */
int ipv4 = -1;
int ipv6 = -1;
int errflag = 0;
int c;
__pmSockAddr *inaddr;
/* trim cmd name of leading directory components */
__pmSetProgname(argv[0]);
while ((c = getopt(argc, argv, "46D:?")) != EOF) {
switch (c) {
case '4': /* ipv4 (default) */
ipv4 = 1;
break;
case '6': /* ipv6 */
ipv6 = 1;
break;
case 'D': /* debug flag */
sts = __pmParseDebug(optarg);
if (sts < 0) {
fprintf(stderr, "%s: unrecognized debug flag specification (%s)\n",
pmProgname, optarg);
errflag++;
}
else
pmDebug |= sts;
break;
case '?':
default:
errflag++;
break;
}
}
if (errflag) {
fprintf(stderr,
"Usage: %s [options]\n\
\n\
Options:\n\
-4 do IPv4 (default)\n\
-6 do IPv6\n",
pmProgname);
return 1;
}
/* defaults */
if (ipv4 == -1) ipv4 = 1;
if (ipv6 == -1) ipv6 = 0;
sts = 0;
for (op = 0; op < WORD_BIT; op++)
if ((s = __pmAccAddOp(1 << op)) < 0) {
printf("Bad op %d: %s\n", op, strerror(errno));
sts = s;
}
if (sts < 0)
return 1;
for (host = 0; host < WORD_BIT; host++) {
if (ipv4) {
sprintf(name, "155.%d.%d.%d", host * 3, 17+host, host);
if ((s = __pmAccAddHost(name, ~(1 << host), ~(1 << host), host)) < 0) {
printf("cannot add inet host for op%d: %s\n", host, strerror(s));
sts = s;
}
}
if (ipv6) {
sprintf(name, "fec0::%x:%x:%x:%x:%x:%x",
host * 3, 17+host, host,
host * 3, 17+host, host);
if ((s = __pmAccAddHost(name, ~(1 << host), ~(1 << host), host)) < 0) {
printf("cannot add IPv6 host for op%d: %s\n", host, strerror(s));
sts = s;
}
}
}
if (sts < 0)
return 1;
putc('\n', stderr);
putc('\n', stderr);
__pmAccDumpHosts(stderr);
putc('\n', stderr);
if (ipv4) {
for (host = 0; host < WORD_BIT; host++) {
int j;
for (j = 0; j <= host; j++) {
char buf[20];
sprintf(buf, "%d.%d.%d.%d", 155, host * 3, 17+host, host);
if ((inaddr =__pmStringToSockAddr(buf)) == NULL) {
printf("insufficient memory\n");
continue;
}
sts = __pmAccAddClient(inaddr, &i);
__pmSockAddrFree(inaddr);
if (sts < 0) {
if (j == host && sts == PM_ERR_CONNLIMIT)
continue;
printf("add inet client from host %d (j=%d): %s\n",
j, host, pmErrStr(sts));
continue;
}
else if (i != (~(1 << host)))
printf("inet host %d: __pmAccAddClient returns denyOpsResult 0x%x (expected 0x%x)\n",
host, i, ~(1 << host));
}
}
}
if (ipv6) {
for (host = 0; host < WORD_BIT; host++) {
int j;
for (j = 0; j <= host; j++) {
char buf[4*8 + 7 + 1]; /* handles full IPv6 address */
sprintf(buf, "fec0::%x:%x:%x:%x:%x:%x",
host * 3, 17+host, host,
host * 3, 17+host, host);
if ((inaddr =__pmStringToSockAddr(buf)) == NULL) {
printf("insufficient memory\n");
continue;
}
sts = __pmAccAddClient(inaddr, &i);
__pmSockAddrFree(inaddr);
if (sts < 0) {
if (j == host && sts == PM_ERR_CONNLIMIT)
continue;
printf("add IPv6 client from host %d (j=%d): %s\n",
j, host, pmErrStr(sts));
continue;
}
else if (i != (~(1 << host)))
printf("IPv6 host %d: __pmAccAddClient returns denyOpsResult 0x%x (expected 0x%x)\n",
host, i, ~(1 << host));
}
}
}
putc('\n', stderr);
putc('\n', stderr);
__pmAccDumpHosts(stderr);
putc('\n', stderr);
return 0;
}
int
CheckClientAccess(ClientInfo *cp)
{
return __pmAccAddClient(cp->addr, &cp->denyOps);
}
static void
CheckNewClient(__pmFdSet * fdset, int rfd, int family)
{
int s, sts, accepted = 1;
__uint32_t challenge;
ClientInfo *cp;
if (__pmFD_ISSET(rfd, fdset)) {
if ((cp = AcceptNewClient(rfd)) == NULL)
return; /* Accept failed and no client added */
sts = __pmAccAddClient(cp->addr, &cp->denyOps);
#if defined(HAVE_STRUCT_SOCKADDR_UN)
if (sts >= 0 && family == AF_UNIX) {
if ((sts = __pmServerSetLocalCreds(cp->fd, &cp->attrs)) < 0) {
__pmNotifyErr(LOG_ERR,
"ClientLoop: error extracting local credentials: %s",
pmErrStr(sts));
}
}
#endif
if (sts >= 0) {
memset(&cp->pduInfo, 0, sizeof(cp->pduInfo));
cp->pduInfo.version = PDU_VERSION;
cp->pduInfo.licensed = 1;
if (__pmServerHasFeature(PM_SERVER_FEATURE_SECURE))
cp->pduInfo.features |= (PDU_FLAG_SECURE | PDU_FLAG_SECURE_ACK);
if (__pmServerHasFeature(PM_SERVER_FEATURE_COMPRESS))
cp->pduInfo.features |= PDU_FLAG_COMPRESS;
if (__pmServerHasFeature(PM_SERVER_FEATURE_AUTH)) /*optional*/
cp->pduInfo.features |= PDU_FLAG_AUTH;
if (__pmServerHasFeature(PM_SERVER_FEATURE_CREDS_REQD)) /*required*/
cp->pduInfo.features |= PDU_FLAG_CREDS_REQD;
if (__pmServerHasFeature(PM_SERVER_FEATURE_CONTAINERS))
cp->pduInfo.features |= PDU_FLAG_CONTAINER;
challenge = *(__uint32_t *)(&cp->pduInfo);
sts = 0;
}
else {
challenge = 0;
accepted = 0;
}
pmcd_trace(TR_XMIT_PDU, cp->fd, PDU_ERROR, sts);
/* reset (no meaning, use fd table to version) */
cp->pduInfo.version = UNKNOWN_VERSION;
s = __pmSendXtendError(cp->fd, FROM_ANON, sts, htonl(challenge));
if (s < 0) {
__pmNotifyErr(LOG_ERR,
"ClientLoop: error sending Conn ACK PDU to new client %s\n",
pmErrStr(s));
if (sts >= 0)
/*
* prefer earlier failure status if any, else
* use the one from __pmSendXtendError()
*/
sts = s;
accepted = 0;
}
if (!accepted)
CleanupClient(cp, sts);
}
}
