char *binsanitize(char *data, size_t length)
{
char *output = racoon_malloc(length + 1);
if (output) {
size_t i;
for (i = 0; i < length; ++i) {
output[i] = (data[i] < ' ' || data[i] > '~') ? '?' : data[i];
}
output[length] = '\0';
}
return output;
}
/*
* vmbufs and gss_buffer_descs are really just the same on NetBSD, but
* this is to be portable.
*/
static int
gssapi_vm2gssbuf(vchar_t *vmbuf, gss_buffer_t gsstoken)
{
gsstoken->value = racoon_malloc(vmbuf->l);
if (gsstoken->value == NULL)
return -1;
memcpy(gsstoken->value, vmbuf->v, vmbuf->l);
gsstoken->length = vmbuf->l;
return 0;
}
void
plogdump_asl (aslmsg msg, int pri, const char *fmt, ...)
{
caddr_t buf;
size_t buflen = 512;
va_list args;
char *level;
switch (pri) {
case ASL_LEVEL_INFO:
level = ASL_STRING_INFO;
break;
case ASL_LEVEL_NOTICE:
level = ASL_STRING_NOTICE;
break;
case ASL_LEVEL_WARNING:
level = ASL_STRING_WARNING;
break;
case ASL_LEVEL_ERR:
level = ASL_STRING_ERR;
break;
case ASL_LEVEL_DEBUG:
level = ASL_STRING_DEBUG;
break;
default:
return;
}
asl_set(msg, ASL_KEY_LEVEL, level);
buf = racoon_malloc(buflen);
if (buf) {
buf[0] = '\0';
va_start(args, fmt);
vsnprintf(buf, buflen, fmt, args);
// asl_set(msg, ASL_KEY_MESSAGE, buf);
va_end(args);
racoon_free(buf);
}
}
vchar_t *
gssapi_get_default_gss_id(void)
{
char name[NI_MAXHOST];
vchar_t *gssid;
if (gethostname(name, sizeof(name)) != 0) {
plog(LLV_ERROR, LOCATION, NULL, "gethostname failed: %s\n",
strerror(errno));
return (NULL);
}
name[sizeof(name) - 1] = '\0';
gssid = racoon_malloc(sizeof(*gssid));
gssid->l = asprintf(&gssid->v, "%s/%s", GSSAPI_DEF_NAME, name);
return (gssid);
}
void
plogdump_func(int pri, void *data, size_t len, const char *fmt, ...)
{
caddr_t buf;
size_t buflen;
int i, j;
va_list args;
char fmt_buf[512];
/*
* 2 words a bytes + 1 space 4 bytes + 1 newline 32 bytes
* + 2 newline + '\0'
*/
buflen = (len * 2) + (len / 4) + (len / 32) + 3;
buf = racoon_malloc(buflen);
i = 0;
j = 0;
while (j < len) {
if (j % 32 == 0)
buf[i++] = '\n';
else
if (j % 4 == 0)
buf[i++] = ' ';
snprintf(&buf[i], buflen - i, "%02x",
((unsigned char *)data)[j] & 0xff);
i += 2;
j++;
}
if (buflen - i >= 2) {
buf[i++] = '\n';
buf[i] = '\0';
}
fmt_buf[0] = '\n';
va_start(args, fmt);
vsnprintf(fmt_buf, sizeof(fmt_buf), fmt, args);
va_end(args);
plog(pri, "%s %s", fmt_buf, buf);
racoon_free(buf);
}
vchar_t *
vmalloc(size_t size)
{
vchar_t *var;
if ((var = (vchar_t *)racoon_malloc(sizeof(*var))) == NULL)
return NULL;
var->l = size;
if (size == 0) {
var->v = NULL;
} else {
var->v = (caddr_t)racoon_calloc(1, size);
if (var->v == NULL) {
(void)racoon_free(var);
return NULL;
}
}
return var;
}
int
admin_handler()
{
int so2;
struct sockaddr_storage from;
socklen_t fromlen = sizeof(from);
struct admin_com com;
char *combuf = NULL;
pid_t pid = -1;
int len, error = -1;
so2 = accept(lcconf->sock_admin, (struct sockaddr *)&from, &fromlen);
if (so2 < 0) {
plog(LLV_ERROR, LOCATION, NULL,
"failed to accept admin command: %s\n",
strerror(errno));
return -1;
}
/* get buffer length */
while ((len = recv(so2, (char *)&com, sizeof(com), MSG_PEEK)) < 0) {
if (errno == EINTR)
continue;
plog(LLV_ERROR, LOCATION, NULL,
"failed to recv admin command: %s\n",
strerror(errno));
goto end;
}
/* sanity check */
if (len < sizeof(com)) {
plog(LLV_ERROR, LOCATION, NULL,
"invalid header length of admin command\n");
goto end;
}
/* get buffer to receive */
if ((combuf = racoon_malloc(com.ac_len)) == 0) {
plog(LLV_ERROR, LOCATION, NULL,
"failed to alloc buffer for admin command\n");
goto end;
}
/* get real data */
while ((len = recv(so2, combuf, com.ac_len, 0)) < 0) {
if (errno == EINTR)
continue;
plog(LLV_ERROR, LOCATION, NULL,
"failed to recv admin command: %s\n",
strerror(errno));
goto end;
}
if (com.ac_cmd == ADMIN_RELOAD_CONF) {
/* reload does not work at all! */
signal_handler(SIGHUP);
goto end;
}
error = admin_process(so2, combuf);
end:
(void)close(so2);
if (combuf)
racoon_free(combuf);
/* exit if child's process. */
if (pid == 0 && !f_foreground)
exit(error);
return error;
}
int
checklaunchd()
{
launch_data_t checkin_response = NULL;
#ifdef LION_TEST
launch_data_t checkin_request = NULL;
#endif
launch_data_t sockets_dict, listening_fd_array;
launch_data_t listening_fd;
struct sockaddr_storage fdsockaddr;
socklen_t fdsockaddrlen = sizeof(fdsockaddr);
int socketct;
int i;
int listenerct;
int returnval = 0;
int fd;
/* check in with launchd */
#ifdef LION_TEST
if ((checkin_request = launch_data_new_string(LAUNCH_KEY_CHECKIN)) == NULL) {
#else
if ((checkin_response = launch_socket_service_check_in()) == NULL) {
#endif
plog(ASL_LEVEL_ERR,
"failed to launch_socket_service_check_in.\n");
goto done;
}
#ifdef LION_TEST
if ((checkin_response = launch_msg(checkin_request)) == NULL) {
plog(ASL_LEVEL_ERR, "failed to launch_msg.\n");
goto done;
}
#endif
if (LAUNCH_DATA_ERRNO == launch_data_get_type(checkin_response)) {
plog(ASL_LEVEL_ERR,
"launch_data_get_type error %d\n",
launch_data_get_errno(checkin_response));
goto done;
}
if ( (sockets_dict = launch_data_dict_lookup(checkin_response, LAUNCH_JOBKEY_SOCKETS)) == NULL){
plog(ASL_LEVEL_ERR,
"failed to launch_data_dict_lookup.\n");
goto done;
}
if ( !(socketct = launch_data_dict_get_count(sockets_dict))){
plog(ASL_LEVEL_ERR,
"launch_data_dict_get_count returns no socket defined.\n");
goto done;
}
if ( (listening_fd_array = launch_data_dict_lookup(sockets_dict, "Listeners")) == NULL ){
plog(ASL_LEVEL_ERR,
"failed to launch_data_dict_lookup.\n");
goto done;
}
listenerct = launch_data_array_get_count(listening_fd_array);
for (i = 0; i < listenerct; i++) {
listening_fd = launch_data_array_get_index(listening_fd_array, i);
fd = launch_data_get_fd( listening_fd );
if ( getsockname( fd , (struct sockaddr *)&fdsockaddr, &fdsockaddrlen)){
continue;
}
/* Is this the VPN control socket? */
if ( fdsockaddr.ss_family == AF_UNIX &&
(!(strcmp(vpncontrolsock_path, ((struct sockaddr_un *)&fdsockaddr)->sun_path))))
{
plog(ASL_LEVEL_INFO,
"found launchd socket.\n");
returnval = fd;
break;
}
}
// TODO: check if we have any leaked fd
if ( listenerct == i){
plog(ASL_LEVEL_ERR,
"failed to find launchd socket\n");
returnval = 0;
}
done:
if (checkin_response)
launch_data_free(checkin_response);
return(returnval);
}
void
vpncontrol_handler(void *unused)
{
struct sockaddr_storage from;
socklen_t fromlen = sizeof(from);
int sock;
struct vpnctl_socket_elem *sock_elem;
sock_elem = racoon_malloc(sizeof(struct vpnctl_socket_elem));
if (sock_elem == NULL) {
plog(ASL_LEVEL_ERR,
"memory error: %s\n", strerror(errno));
return; //%%%%%% terminate
}
LIST_INIT(&sock_elem->bound_addresses);
sock_elem->sock = accept(lcconf->sock_vpncontrol, (struct sockaddr *)&from, &fromlen);
if (sock_elem->sock < 0) {
plog(ASL_LEVEL_ERR,
"failed to accept vpn_control command: %s\n", strerror(errno));
racoon_free(sock_elem);
return; //%%%%% terminate
}
LIST_INSERT_HEAD(&lcconf->vpnctl_comm_socks, sock_elem, chain);
sock_elem->source = dispatch_source_create(DISPATCH_SOURCE_TYPE_READ, sock_elem->sock, 0, dispatch_get_main_queue());
if (sock_elem->source == NULL) {
plog(ASL_LEVEL_ERR, "could not create comm socket source.");
racoon_free(sock_elem);
return; //%%%%% terminate
}
dispatch_source_set_event_handler(sock_elem->source,
^{
vpncontrol_comm_handler(sock_elem);
});
sock = sock_elem->sock;
dispatch_source_t the_source = sock_elem->source;
dispatch_source_set_cancel_handler(sock_elem->source,
^{
close(sock);
dispatch_release(the_source); /* Release the source on cancel */
});
