int main(int argc,char **argv)
{
int i;
dns_random_init(seed);
if (*argv) ++argv;
while (*argv) {
if (!stralloc_copys(&fqdn,*argv))
strerr_die2x(111,FATAL,"out of memory");
if (dns_ip4(&out,&fqdn) == -1)
strerr_die4sys(111,FATAL,"unable to find IP address for ",*argv,": ");
for (i = 0; i + 4 <= out.len; i += 4) {
buffer_put(buffer_1,str,ip4_fmt(str,out.s + i));
buffer_puts(buffer_1," ");
}
buffer_puts(buffer_1,"\n");
++argv;
}
buffer_flush(buffer_1);
_exit(0);
}
void mx_list_fill_name( mx_list_t* ml, const char* host )
{
stralloc out = {0};
stralloc shost = {0};
static char ip[ 16 ]; // 16 => xxx.xxx.xxx.xxx\0
uchar_t* xtra;
int i;
stralloc_copys( &shost, host );
// do the lookup
dns_ip4( &out, &shost );
// for each entry, rebuild the IP address
i = 0;
xtra = (uchar_t*)out.s;
while ( i < out.len ) {
snprintf( ip, 16, "%d.%d.%d.%d",
(uint16) xtra[i],
(uint16) xtra[i+1],
(uint16) xtra[i+2],
(uint16) xtra[i+3] );
// and add it to the list
mx_list_add_ip( ml, ip );
i += 4;
}
}
int dns_ip6_4mapped(stralloc *out,stralloc *fqdn) {
stralloc tmp={0};
int i;
int result=dns_ip4(&tmp,fqdn);
if (result==0) {
for (i = 0;i + 4 <= tmp.len;i += 4) {
stralloc_catb(out,(char *)V4mappedprefix,12);
stralloc_catb(out,tmp.s + i,4);
}
alloc_free(tmp.s);
return 0;
}
return -1;
}
int main () {
stralloc out ={0};
stralloc sa ={0};
char ip[4];
char *dn =0;
stralloc_copys(&sa, "abcdefg");
dns_ip4(&out, &sa);
dns_ip4_qualify(&out, &sa, &sa);
dns_name4(&out, ip);
dns_mx(&out, &sa);
dns_txt(&out, &sa);
dns_domain_length(sa.s);
dns_domain_equal(sa.s, sa.s);
dns_domain_copy(&dn, sa.s);
dns_domain_fromdot(&dn, sa.s, sa.len);
return 0;
}
int main(int argc, char **argv) {
int opt;
char *user =0;
char *host;
unsigned long port;
int pid;
int s;
int conn;
int delim;
progname =*argv;
phccmax =0;
#ifdef SSLSVD
while ((opt =getopt(argc, (const char **)argv,
"c:C:i:x:u:l:Eb:hpt:vVU:/:Z:K:")) != opteof) {
#else
while ((opt =getopt(argc, (const char **)argv,
"c:C:i:x:u:l:Eb:hpt:vV")) != opteof) {
#endif
switch(opt) {
case 'c': scan_ulong(optarg, &cmax); if (cmax < 1) usage(); break;
case 'C':
delim =scan_ulong(optarg, &phccmax);
if (phccmax < 1) usage();
if (optarg[delim] == ':') {
if (ipsvd_fmt_msg(&msg, optarg +delim +1) == -1) die_nomem();
if (! stralloc_0(&msg)) die_nomem();
phccmsg =msg.s;
}
break;
case 'i': if (instructs) usage(); instructs =optarg; break;
case 'x': if (instructs) usage(); instructs =optarg; iscdb =1; break;
case 'u': user =(char*)optarg; break;
case 'l':
if (! stralloc_copys(&local_hostname, optarg)) die_nomem();
if (! stralloc_0(&local_hostname)) die_nomem();
break;
case 'E': ucspi =0; break;
case 'b': scan_ulong(optarg, &backlog); break;
case 'h': lookuphost =1; break;
case 'p': lookuphost =1; paranoid =1; break;
case 't': scan_ulong(optarg, &timeout); break;
case 'v': ++verbose; break;
#ifdef SSLSVD
case 'U': ssluser =(char*)optarg; break;
case '/': root =(char*)optarg; break;
case 'Z': cert =(char*)optarg; break;
case 'K': key =(char*)optarg; break;
#endif
case 'V': strerr_warn1(VERSION, 0);
case '?': usage();
}
}
argv +=optind;
if (! argv || ! *argv) usage();
host =*argv++;
if (! argv || ! *argv) usage();
local_port =*argv++;
if (! argv || ! *argv) usage();
prog =(const char **)argv;
if (phccmax > cmax) phccmax =cmax;
if (user)
if (! uidgids_get(&ugid, user)) {
if (errno)
strerr_die4sys(111, FATAL, "unable to get user/group: ", user, ": ");
strerr_die3x(100, FATAL, "unknown user/group: ", user);
}
#ifdef SSLSVD
svuser =user;
client =0;
if ((getuid() == 0) && (! ssluser))
strerr_die2x(100, FATAL, "-U ssluser must be set when running as root");
if (ssluser)
if (! uidgids_get(&sslugid, ssluser)) {
if (errno)
strerr_die4sys(111, FATAL, "unable to get user/group: ", ssluser, ": ");
strerr_die3x(100, FATAL, "unknown user/group: ", ssluser);
}
if (! cert) cert ="./cert.pem";
if (! key) key =cert;
if (matrixSslOpen() < 0) fatal("unable to initialize ssl");
if (matrixSslReadKeys(&keys, cert, key, 0, ca) < 0) {
if (client) fatal("unable to read cert, key, or ca file");
fatal("unable to read cert or key file");
}
if (matrixSslNewSession(&ssl, keys, 0, SSL_FLAGS_SERVER) < 0)
strerr_die2x(111, FATAL, "unable to create ssl session");
#endif
dns_random_init(seed);
sig_block(sig_child);
sig_catch(sig_child, sig_child_handler);
sig_catch(sig_term, sig_term_handler);
sig_ignore(sig_pipe);
if (phccmax) if (ipsvd_phcc_init(cmax) == -1) die_nomem();
if (str_equal(host, "")) host ="0.0.0.0";
if (str_equal(host, "0")) host ="0.0.0.0";
if (! ipsvd_scan_port(local_port, "tcp", &port))
strerr_die3x(100, FATAL, "unknown port number or name: ", local_port);
if (! stralloc_copys(&sa, host)) die_nomem();
if ((dns_ip4(&ips, &sa) == -1) || (ips.len < 4))
if (dns_ip4_qualify(&ips, &fqdn, &sa) == -1)
fatal2("unable to look up ip address", host);
if (ips.len < 4)
strerr_die3x(100, FATAL, "unable to look up ip address: ", host);
ips.len =4;
if (! stralloc_0(&ips)) die_nomem();
local_ip[ipsvd_fmt_ip(local_ip, ips.s)] =0;
if (! lookuphost) {
if (! stralloc_copys(&remote_hostname, "")) die_nomem();
if (! stralloc_0(&remote_hostname)) die_nomem();
}
if ((s =socket_tcp()) == -1) fatal("unable to create socket");
if (socket_bind4_reuse(s, ips.s, port) == -1)
fatal("unable to bind socket");
if (listen(s, backlog) == -1) fatal("unable to listen");
ndelay_off(s);
#ifdef SSLSVD
#else
if (user) {
/* drop permissions */
if (setgroups(ugid.gids, ugid.gid) == -1) fatal("unable to set groups");
if (setgid(*ugid.gid) == -1) fatal("unable to set gid");
if (prot_uid(ugid.uid) == -1) fatal("unable to set uid");
}
#endif
close(0);
if (verbose) {
out(INFO); out("listening on "); outfix(local_ip); out(":");
outfix(local_port);
#ifdef SSLSVD
#else
if (user) {
bufnum[fmt_ulong(bufnum, (unsigned long)ugid.uid)] =0;
out(", uid "); out(bufnum);
bufnum[fmt_ulong(bufnum, (unsigned long)ugid.gid)] =0;
out(", gid "); out(bufnum);
}
#endif
flush(", starting.\n");
}
for (;;) {
while (cnum >= cmax) sig_pause();
socka_size =sizeof(socka);
sig_unblock(sig_child);
conn =accept(s, (struct sockaddr *)&socka, &socka_size);
sig_block(sig_child);
if (conn == -1) {
if (errno != error_intr) warn("unable to accept connection");
continue;
}
cnum++;
if (verbose) connection_status();
if (phccmax) phcc =ipsvd_phcc_add((char*)&socka.sin_addr);
if ((pid =fork()) == -1) {
warn2("drop connection", "unable to fork");
close(conn);
continue;
}
if (pid == 0) {
/* child */
close(s);
#ifdef SSLSVD
if (*progname) *progname ='\\';
#endif
connection_accept(conn);
}
if (phccmax) ipsvd_phcc_setpid(pid);
close(conn);
}
_exit(0);
}
int
main(int argc, char* argv[]) {
int s = socket_tcp6();
uint32 scope_id;
char ip[16];
uint16 port;
char hisip[16];
uint16 hisport;
uint32 hisscope_id;
static char seed[128];
static stralloc fqdn;
static stralloc out;
if(argc != 4) {
usage:
buffer_putsflush(buffer_2,
"usage: proxy myip myport hisip hisport\n"
"\n"
"e.g.: proxy 0 119 news.fu-berlin.de 119\n");
return 0;
}
if(argv[1][scan_ip6if(argv[1], ip, &scope_id)]) {
if(str_equal(argv[1], "0")) {
byte_zero(ip, 16);
scope_id = 0;
} else
goto usage;
}
if(argv[2][scan_ushort(argv[2], &port)])
goto usage;
if(argv[3][scan_ip6if(argv[3], hisip, &hisscope_id)]) {
dns_random_init(seed);
if(!stralloc_copys(&fqdn, argv[3]))
goto nomem;
if(dns_ip4(&out, &fqdn) == -1) {
buffer_puts(buffer_2, "unable to find IP address for ");
buffer_puts(buffer_2, argv[3]);
buffer_puts(buffer_2, ": ");
buffer_puterror(buffer_2);
buffer_putnlflush(buffer_2);
return 111;
}
} else if(!stralloc_catb(&out, hisip, 16)) {
nomem:
buffer_putsflush(buffer_2, "out of memory\n");
return 111;
}
if(argv[4][scan_ushort(argv[4], &hisport)])
goto usage;
if(socket_bind6_reuse(s, ip, port, scope_id) == -1) {
buffer_puts(buffer_2, "socket_bind6_reuse: ");
buffer_puterror(buffer_2);
buffer_putnlflush(buffer_2);
return 111;
}
if(socket_listen(s, 16) == -1) {
buffer_puts(buffer_2, "socket_listen: ");
buffer_puterror(buffer_2);
buffer_putnlflush(buffer_2);
return 111;
}
if(!io_fd(s)) {
buffer_puts(buffer_2, "io_fd: ");
buffer_puterror(buffer_2);
buffer_putnlflush(buffer_2);
return 111;
}
io_wantread(s);
for(;;) {
int64 i;
io_wait();
while((i = io_canread()) != -1) {
if(i == s) {
/* the read event is on the server socket */
/* that means it's an incoming connection */
int n;
while((n = socket_accept6(s, ip, &port, &scope_id)) != -1) {
int x = socket_tcp6();
if(x == -1) {
buffer_puts(buffer_2, "socket_tcp6 failed: ");
fail:
buffer_puterror(buffer_2);
buffer_putnlflush(buffer_2);
io_close(n);
} else {
struct state* s = malloc(sizeof(struct state));
if(!s)
goto closefail;
s->a = n;
s->b = x;
s->connected = 0;
s->done = s->todo = 0;
s->dir = UNDECIDED;
io_nonblock(x);
socket_connect6(x, out.s, hisport, hisscope_id);
if(!io_fd(x) || !io_fd(n)) {
buffer_puts(buffer_2, "io_fd failed: ");
closefail:
free(s);
io_close(x);
goto fail;
}
io_setcookie(x, s);
io_setcookie(n, s);
io_wantwrite(x);
}
}
if(errno != EAGAIN) {
buffer_puts(buffer_2, "socket_accept6 failed: ");
buffer_puterror(buffer_2);
buffer_putnlflush(buffer_2);
}
} else {
/* read event on an established connection */
struct state* s = io_getcookie(i);
int l = io_tryread(i, s->buf, sizeof(s->buf));
if(l == -1) {
buffer_puts(buffer_2, "io_tryread(");
buffer_putulong(buffer_2, i);
buffer_puts(buffer_2, "): ");
buffer_puterror(buffer_2);
buffer_putnlflush(buffer_2);
io_close(s->a);
io_close(s->b);
} else if(l == 0) {
buffer_puts(buffer_2, "eof on fd #");
buffer_putulong(buffer_2, i);
buffer_putnlflush(buffer_2);
io_close(i);
} else {
int r;
switch(r = io_trywrite(i, s->buf, l)) {
case -1:
buffer_puts(buffer_2, "io_tryread(");
buffer_putulong(buffer_2, i);
buffer_puts(buffer_2, "): ");
buffer_puterror(buffer_2);
buffer_putnlflush(buffer_2);
io_close(i);
break;
case 0:
buffer_puts(buffer_2, "write eof on fd #");
buffer_putulong(buffer_2, i);
buffer_putnlflush(buffer_2);
io_close(i);
default:
if(r != l) {
buffer_puts(buffer_2, "short write on fd #");
buffer_putulong(buffer_2, i);
buffer_puts(buffer_2, ": wrote ");
buffer_putulong(buffer_2, r);
buffer_puts(buffer_2, ", wanted to write ");
buffer_putulong(buffer_2, l);
buffer_putsflush(buffer_2, ").\n");
}
}
}
}
}
}
return 0;
}
int ipsvd_instruct(stralloc *inst, stralloc *match, char *ip) {
char *insts;
unsigned int instslen;
int delim;
int i, j;
int rc =IPSVD_DEFAULT;
if (inst->s && inst->len) {
insts =inst->s; instslen =inst->len;
while ((i =byte_chr(insts, instslen, 0)) < instslen) {
switch(*insts) {
case '+':
if ((delim =str_chr(insts, '=')) <= 1) break; /* empty inst */
if (insts[delim] == '=') {
insts[delim] =0;
if (! pathexec_env(insts +1, insts +delim +1)) return(-1);
insts[delim] ='=';
}
else if (! pathexec_env(insts +1, 0)) return(-1);
break;
case 'C':
if (! phccmax) break;
delim =scan_ulong(insts +1, &phccmax);
if (insts[delim +1] == ':') {
if (ipsvd_fmt_msg(&msg, insts +delim +2) == -1) return(-1);
if (! stralloc_0(&msg)) return(-1);
phccmsg =msg.s;
}
break;
case '=':
if (ip && (rc != IPSVD_INSTRUCT)) {
unsigned int next;
rc =IPSVD_DENY;
next =str_chr(insts +1, ':'); ++next;
if ((next == 2) && (insts[1] == '0')) {
if (! stralloc_copys(&sa, ip)) return(-1);
}
else
if (! stralloc_copyb(&sa, insts +1, next -1)) return(-1);
if (insts[next] != 0) ++next;
if ((dns_ip4(&ips, &sa) == -1) || (ips.len < 4))
if (dns_ip4_qualify(&ips, &fqdn, &sa) == -1) {
if (! stralloc_0(&sa)) return(-1);
strerr_warn5(progname, ": warning: ",
"unable to look up ip address: ", sa.s,
": ", &strerr_sys);
break;
}
if (ips.len < 4) {
if (! stralloc_0(&sa)) return(-1);
strerr_warn4(progname, ": warning: ",
"unable to look up ip address: ", sa.s, 0);
break;
}
for (j =0; j +4 <= ips.len; j +=4) {
char tmp[IP4_FMT];
tmp[ipsvd_fmt_ip(tmp, ips.s +j)] =0;
if (str_equal(tmp, ip)) {
inst->len =insts -inst->s +i +1;
if (insts[next]) {
forward =insts +next;
return(IPSVD_FORWARD);
}
return(IPSVD_INSTRUCT);
}
}
}
break;
case 0: case '#': /* skip empty line and comment */
break;
default:
strerr_warn6(progname, ": warning: ",
"bad instruction: ", match->s, ": ", insts, 0);
}
insts +=i +1;
instslen -=i +1;
}
}
if (rc == IPSVD_DEFAULT) return(IPSVD_INSTRUCT);
return(rc);
}
