int
main(int argc, char **argv) {
const char *config_file = "/etc/sniproxy.conf";
int background_flag = 1;
int max_nofiles = 65536;
int opt;
while ((opt = getopt(argc, argv, "fc:n:V")) != -1) {
switch (opt) {
case 'c':
config_file = optarg;
break;
case 'f': /* foreground */
background_flag = 0;
break;
case 'n':
max_nofiles = atoi(optarg);
break;
case 'V':
printf("sniproxy %s\n", sniproxy_version);
#ifdef HAVE_LIBUDNS
printf("compiled with udns support\n");
#endif
return EXIT_SUCCESS;
default:
usage();
return EXIT_FAILURE;
}
}
config = init_config(config_file, EV_DEFAULT);
if (config == NULL) {
fprintf(stderr, "Unable to load %s\n", config_file);
usage();
return EXIT_FAILURE;
}
/* ignore SIGPIPE, or it will kill us */
signal(SIGPIPE, SIG_IGN);
if (background_flag) {
if (config->pidfile != NULL)
remove(config->pidfile);
daemonize();
if (config->pidfile != NULL)
write_pidfile(config->pidfile, getpid());
}
start_binder();
set_limits(max_nofiles);
init_listeners(&config->listeners, &config->tables, EV_DEFAULT);
/* Drop permissions only when we can */
drop_perms(config->user ? config->user : default_username);
ev_signal_init(&sighup_watcher, signal_cb, SIGHUP);
ev_signal_init(&sigusr1_watcher, signal_cb, SIGUSR1);
ev_signal_init(&sigusr2_watcher, signal_cb, SIGUSR2);
ev_signal_init(&sigint_watcher, signal_cb, SIGINT);
ev_signal_init(&sigterm_watcher, signal_cb, SIGTERM);
ev_signal_start(EV_DEFAULT, &sighup_watcher);
ev_signal_start(EV_DEFAULT, &sigusr1_watcher);
ev_signal_start(EV_DEFAULT, &sigusr2_watcher);
ev_signal_start(EV_DEFAULT, &sigint_watcher);
ev_signal_start(EV_DEFAULT, &sigterm_watcher);
resolv_init(EV_DEFAULT, config->resolver.nameservers,
config->resolver.search, config->resolver.mode);
init_connections();
ev_run(EV_DEFAULT, 0);
free_connections(EV_DEFAULT);
resolv_shutdown(EV_DEFAULT);
free_config(config, EV_DEFAULT);
stop_binder();
return 0;
}
int main(int argc, char **argv)
{
int i, c;
int pid_flags = 0;
char *user = NULL;
char *password = NULL;
char *timeout = NULL;
char *method = NULL;
char *pid_path = NULL;
char *conf_path = NULL;
char *iface = NULL;
int server_num = 0;
const char *server_host[MAX_REMOTE_NUM];
char * nameservers[MAX_DNS_NUM + 1];
int nameserver_num = 0;
int option_index = 0;
static struct option long_options[] =
{
{ "fast-open", no_argument, 0, 0 },
{ "acl", required_argument, 0, 0 },
{ "manager-address", required_argument, 0, 0 },
{ 0, 0, 0, 0 }
};
opterr = 0;
USE_TTY();
while ((c = getopt_long(argc, argv, "f:s:p:l:k:t:m:c:i:d:a:uUv",
long_options, &option_index)) != -1) {
switch (c) {
case 0:
if (option_index == 0) {
fast_open = 1;
} else if (option_index == 1) {
LOGI("initialize acl...");
acl = !init_acl(optarg);
} else if (option_index == 2) {
manager_address = optarg;
}
break;
case 's':
if (server_num < MAX_REMOTE_NUM) {
server_host[server_num++] = optarg;
}
break;
case 'p':
server_port = optarg;
break;
case 'k':
password = optarg;
break;
case 'f':
pid_flags = 1;
pid_path = optarg;
break;
case 't':
timeout = optarg;
break;
case 'm':
method = optarg;
break;
case 'c':
conf_path = optarg;
break;
case 'i':
iface = optarg;
break;
case 'd':
if (nameserver_num < MAX_DNS_NUM) {
nameservers[nameserver_num++] = optarg;
}
break;
case 'a':
user = optarg;
break;
case 'u':
mode = TCP_AND_UDP;
break;
case 'U':
mode = UDP_ONLY;
break;
case 'v':
verbose = 1;
break;
}
}
if (opterr) {
usage();
exit(EXIT_FAILURE);
}
if (argc == 1) {
if (conf_path == NULL) {
conf_path = DEFAULT_CONF_PATH;
}
}
if (conf_path != NULL) {
jconf_t *conf = read_jconf(conf_path);
if (server_num == 0) {
server_num = conf->remote_num;
for (i = 0; i < server_num; i++) {
server_host[i] = conf->remote_addr[i].host;
}
}
if (server_port == NULL) {
server_port = conf->remote_port;
}
if (password == NULL) {
password = conf->password;
}
if (method == NULL) {
method = conf->method;
}
if (timeout == NULL) {
timeout = conf->timeout;
}
#ifdef TCP_FASTOPEN
if (fast_open == 0) {
fast_open = conf->fast_open;
}
#endif
#ifdef HAVE_SETRLIMIT
if (nofile == 0) {
nofile = conf->nofile;
}
/*
* no need to check the return value here since we will show
* the user an error message if setrlimit(2) fails
*/
if (nofile) {
if (verbose) {
LOGI("setting NOFILE to %d", nofile);
}
set_nofile(nofile);
}
#endif
if (conf->nameserver != NULL) {
nameservers[nameserver_num++] = conf->nameserver;
}
}
if (server_num == 0) {
server_host[server_num++] = NULL;
}
if (server_num == 0 || server_port == NULL || password == NULL) {
usage();
exit(EXIT_FAILURE);
}
if (method == NULL) {
method = "table";
}
if (timeout == NULL) {
timeout = "60";
}
if (pid_flags) {
USE_SYSLOG(argv[0]);
daemonize(pid_path);
}
if (fast_open == 1) {
#ifdef TCP_FASTOPEN
LOGI("using tcp fast open");
#else
LOGE("tcp fast open is not supported by this environment");
#endif
}
#ifdef __MINGW32__
winsock_init();
#else
// ignore SIGPIPE
signal(SIGPIPE, SIG_IGN);
signal(SIGCHLD, SIG_IGN);
signal(SIGABRT, SIG_IGN);
#endif
struct ev_signal sigint_watcher;
struct ev_signal sigterm_watcher;
ev_signal_init(&sigint_watcher, signal_cb, SIGINT);
ev_signal_init(&sigterm_watcher, signal_cb, SIGTERM);
ev_signal_start(EV_DEFAULT, &sigint_watcher);
ev_signal_start(EV_DEFAULT, &sigterm_watcher);
// setup keys
LOGI("initialize ciphers... %s", method);
int m = enc_init(password, method);
// inilitialize ev loop
struct ev_loop *loop = EV_DEFAULT;
// setup udns
if (nameserver_num == 0) {
#ifdef __MINGW32__
nameservers[nameserver_num++] = "8.8.8.8";
resolv_init(loop, nameservers, nameserver_num);
#else
resolv_init(loop, NULL, 0);
#endif
} else {
resolv_init(loop, nameservers, nameserver_num);
}
for (int i = 0; i < nameserver_num; i++) {
LOGI("using nameserver: %s", nameservers[i]);
}
// inilitialize listen context
struct listen_ctx listen_ctx_list[server_num];
// bind to each interface
while (server_num > 0) {
int index = --server_num;
const char * host = server_host[index];
if (mode != UDP_ONLY) {
// Bind to port
int listenfd;
listenfd = create_and_bind(host, server_port);
if (listenfd < 0) {
FATAL("bind() error");
}
if (listen(listenfd, SSMAXCONN) == -1) {
FATAL("listen() error");
}
setnonblocking(listenfd);
struct listen_ctx *listen_ctx = &listen_ctx_list[index];
// Setup proxy context
listen_ctx->timeout = atoi(timeout);
listen_ctx->fd = listenfd;
listen_ctx->method = m;
listen_ctx->iface = iface;
listen_ctx->loop = loop;
ev_io_init(&listen_ctx->io, accept_cb, listenfd, EV_READ);
ev_io_start(loop, &listen_ctx->io);
}
// Setup UDP
if (mode != TCP_ONLY) {
init_udprelay(server_host[index], server_port, m, atoi(timeout),
iface);
}
LOGI("listening at %s:%s", host ? host : "*", server_port);
}
if (manager_address != NULL) {
ev_timer_init(&stat_update_watcher, stat_update_cb, UPDATE_INTERVAL, UPDATE_INTERVAL);
ev_timer_start(EV_DEFAULT, &stat_update_watcher);
}
if (mode != TCP_ONLY) {
LOGI("UDP relay enabled");
}
if (mode == UDP_ONLY) {
LOGI("TCP relay disabled");
}
// setuid
if (user != NULL) {
run_as(user);
}
// Init connections
cork_dllist_init(&connections);
// start ev loop
ev_run(loop, 0);
if (verbose) {
LOGI("closed gracefully");
}
if (manager_address != NULL) {
ev_timer_stop(EV_DEFAULT, &stat_update_watcher);
}
// Clean up
for (int i = 0; i <= server_num; i++) {
struct listen_ctx *listen_ctx = &listen_ctx_list[i];
if (mode != UDP_ONLY) {
ev_io_stop(loop, &listen_ctx->io);
close(listen_ctx->fd);
}
}
if (mode != UDP_ONLY) {
free_connections(loop);
}
if (mode != TCP_ONLY) {
free_udprelay();
}
resolv_shutdown(loop);
#ifdef __MINGW32__
winsock_cleanup();
#endif
ev_signal_stop(EV_DEFAULT, &sigint_watcher);
ev_signal_stop(EV_DEFAULT, &sigterm_watcher);
return 0;
}