static void
control_close(struct ctl_conn *c)
{
size_t *count;
count = tree_xget(&ctl_count, c->euid);
(*count)--;
if (*count == 0) {
tree_xpop(&ctl_count, c->euid);
free(count);
}
tree_xpop(&ctl_conns, c->id);
mproc_clear(&c->mproc);
free(c);
stat_backend->decrement("control.session", 1);
if (getdtablesize() - getdtablecount() < CONTROL_FD_RESERVE)
return;
if (!event_pending(&control_state.ev, EV_READ, NULL)) {
log_warnx("warn: re-enabling ctl connections");
event_add(&control_state.ev, NULL);
}
}
int
accept_reserve(int sockfd, struct sockaddr *addr, socklen_t *addrlen,
int reserve)
{
if (getdtablecount() + reserve >= getdtablesize()) {
errno = EMFILE;
return -1;
}
return accept(sockfd, addr, addrlen);
}
/* ARGSUSED */
static void
control_accept(int listenfd, short event, void *arg)
{
int connfd;
socklen_t len;
struct sockaddr_un sun;
struct ctl_conn *c;
if (getdtablesize() - getdtablecount() < CONTROL_FD_RESERVE)
goto pause;
len = sizeof(sun);
if ((connfd = accept(listenfd, (struct sockaddr *)&sun, &len)) == -1) {
if (errno == ENFILE || errno == EMFILE)
goto pause;
if (errno == EINTR || errno == EWOULDBLOCK ||
errno == ECONNABORTED)
return;
fatal("control_accept: accept");
}
session_socket_blockmode(connfd, BM_NONBLOCK);
c = xcalloc(1, sizeof(*c), "control_accept");
if (getpeereid(connfd, &c->euid, &c->egid) == -1)
fatal("getpeereid");
c->id = ++connid;
c->mproc.proc = PROC_CLIENT;
c->mproc.handler = control_dispatch_ext;
c->mproc.data = c;
mproc_init(&c->mproc, connfd);
mproc_enable(&c->mproc);
tree_xset(&ctl_conns, c->id, c);
stat_backend->increment("control.session", 1);
return;
pause:
log_warnx("warn: ctl client limit hit, disabling new connections");
event_del(&control_state.ev);
}
ssize_t
imsg_read(struct imsgbuf *ibuf)
{
struct msghdr msg;
struct cmsghdr *cmsg;
union {
struct cmsghdr hdr;
char buf[CMSG_SPACE(sizeof(int) * 1)];
} cmsgbuf;
struct iovec iov;
ssize_t n = -1;
int fd;
struct imsg_fd *ifd;
memset(&msg, 0, sizeof(msg));
memset(&cmsgbuf, 0, sizeof(cmsgbuf));
iov.iov_base = ibuf->r.buf + ibuf->r.wpos;
iov.iov_len = sizeof(ibuf->r.buf) - ibuf->r.wpos;
msg.msg_iov = &iov;
msg.msg_iovlen = 1;
msg.msg_control = &cmsgbuf.buf;
msg.msg_controllen = sizeof(cmsgbuf.buf);
if ((ifd = calloc(1, sizeof(struct imsg_fd))) == NULL)
return (-1);
again:
if (getdtablecount() + imsg_fd_overhead +
(CMSG_SPACE(sizeof(int))-CMSG_SPACE(0))/sizeof(int)
>= getdtablesize()) {
errno = EAGAIN;
free(ifd);
return (-1);
}
if ((n = recvmsg(ibuf->fd, &msg, 0)) == -1) {
if (errno == EMSGSIZE)
goto fail;
if (errno != EINTR && errno != EAGAIN)
goto fail;
goto again;
}
ibuf->r.wpos += n;
for (cmsg = CMSG_FIRSTHDR(&msg); cmsg != NULL;
cmsg = CMSG_NXTHDR(&msg, cmsg)) {
if (cmsg->cmsg_level == SOL_SOCKET &&
cmsg->cmsg_type == SCM_RIGHTS) {
int i;
int j;
/*
* We only accept one file descriptor. Due to C
* padding rules, our control buffer might contain
* more than one fd, and we must close them.
*/
j = ((char *)cmsg + cmsg->cmsg_len -
(char *)CMSG_DATA(cmsg)) / sizeof(int);
for (i = 0; i < j; i++) {
fd = ((int *)CMSG_DATA(cmsg))[i];
if (ifd != NULL) {
ifd->fd = fd;
TAILQ_INSERT_TAIL(&ibuf->fds, ifd,
entry);
ifd = NULL;
} else
close(fd);
}
}
/* we do not handle other ctl data level */
}
fail:
if (ifd)
free(ifd);
return (n);
}
/* ARGSUSED */
static void
control_accept(int listenfd, short event, void *arg)
{
int connfd;
socklen_t len;
struct sockaddr_un s_un;
struct ctl_conn *c;
size_t *count;
uid_t euid;
gid_t egid;
if (getdtablesize() - getdtablecount() < CONTROL_FD_RESERVE)
goto pause;
len = sizeof(s_un);
if ((connfd = accept(listenfd, (struct sockaddr *)&s_un, &len)) == -1) {
if (errno == ENFILE || errno == EMFILE)
goto pause;
if (errno == EINTR || errno == EWOULDBLOCK ||
errno == ECONNABORTED)
return;
fatal("control_accept: accept");
}
io_set_nonblocking(connfd);
if (getpeereid(connfd, &euid, &egid) == -1)
fatal("getpeereid");
count = tree_get(&ctl_count, euid);
if (count == NULL) {
count = xcalloc(1, sizeof *count, "control_accept");
tree_xset(&ctl_count, euid, count);
}
if (*count == CONTROL_MAXCONN_PER_CLIENT) {
close(connfd);
log_warnx("warn: too many connections to control socket "
"from user with uid %lu", (unsigned long int)euid);
return;
}
(*count)++;
do {
++connid;
} while (tree_get(&ctl_conns, connid));
c = xcalloc(1, sizeof(*c), "control_accept");
c->euid = euid;
c->egid = egid;
c->id = connid;
c->mproc.proc = PROC_CLIENT;
c->mproc.handler = control_dispatch_ext;
c->mproc.data = c;
mproc_init(&c->mproc, connfd);
mproc_enable(&c->mproc);
tree_xset(&ctl_conns, c->id, c);
stat_backend->increment("control.session", 1);
return;
pause:
log_warnx("warn: ctl client limit hit, disabling new connections");
event_del(&control_state.ev);
}