void dump_db_to_cdb()
{
char *z;
z = "0";
*z =+ flagchanged;
buffer_puts(buffer_2, z);
buffer_puts(buffer_2, " ");
z = "0";
*z =+ flagchildrunning;
buffer_puts(buffer_2, z);
buffer_putsflush(buffer_2, " checking if a dump is needed\n");
if(flagsighup)
{
flagsighup = 0;
buffer_putsflush(buffer_2, ARGV0 "SIGHUP recived, dumping withouth further asking\n");
}
if(flagchanged && !flagchildrunning)
{
flagchanged = 0;
flagchildrunning++;
buffer_putsflush(buffer_2, ARGV0 "yep, forking\n");
/* fork of a child to do this */
switch(fork())
{
case 0:
/* this is the child */
/* XXX close fifos? */
sig_ignore(sig_alarm);
sig_ignore(sig_hangup);
buffer_putsflush(buffer_2, ARGV0 "child started\n");
dodump();
buffer_putsflush(buffer_2, ARGV0 "child exiting\n");
_exit(0);
case -1:
strerr_warn2(ARGV0, "unable to fork: ", &strerr_sys);
break;
}
/* this is the parent */
flagdumpasap = 0;
buffer_putsflush(buffer_2, ARGV0 "parent\n");
}
}
int main(int argc,char **argv,char **envp)
{
int piin[2];
int piout[2];
pid[fmt_ulong(pid,getpid())] = 0;
if (argc < 2)
strerr_die1x(100,"recordio: usage: recordio program [ arg ... ]");
if (pipe(piin) == -1)
strerr_die2sys(111,FATAL,"unable to create pipe: ");
if (pipe(piout) == -1)
strerr_die2sys(111,FATAL,"unable to create pipe: ");
switch(fork()) {
case -1:
strerr_die2sys(111,FATAL,"unable to fork: ");
case 0:
sig_ignore(sig_pipe);
close(piin[0]);
close(piout[1]);
doit(piin[1],piout[0]);
}
close(piin[1]);
close(piout[0]);
if (fd_move(0,piin[0]) == -1)
strerr_die2sys(111,FATAL,"unable to move descriptors: ");
if (fd_move(1,piout[1]) == -1)
strerr_die2sys(111,FATAL,"unable to move descriptors: ");
pathexec_run(argv[1],argv + 1,envp);
strerr_die4sys(111,FATAL,"unable to run ",argv[1],": ");
}
main()
{
int pid;
int wstat;
char ch;
sig_ignore(sig_pipe);
pid = fork();
if (pid == -1) strerr_die2sys(111,"mconnect-io: fatal: ","unable to fork: ");
if (!pid) {
buffer_init(&bin,myread,0,inbuf,sizeof inbuf);
buffer_init(&bout,write,7,outbuf,sizeof outbuf);
while (buffer_get(&bin,&ch,1) == 1) {
if (ch == '\n') buffer_put(&bout,"\r",1);
buffer_put(&bout,&ch,1);
}
_exit(0);
}
buffer_init(&bin,myread,6,inbuf,sizeof inbuf);
buffer_init(&bout,write,1,outbuf,sizeof outbuf);
while (buffer_get(&bin,&ch,1) == 1)
buffer_put(&bout,&ch,1);
kill(pid,sig_term);
wait_pid(&wstat,pid);
_exit(0);
}
int main(int argc,char **argv,char **envp)
{
int piin[2];
int piout[2];
if (argc < 2)
errint(EINVAL,"usage: fixcrio program [ arg ... ]");
if (pipe(piin) == -1)
errint(errno,"unable to create pipe");
if (pipe(piout) == -1)
errint(errno,"unable to create pipe");
switch(fork()) {
case -1:
errint(errno,"unable to fork");
case 0:
sig_ignore(sig_pipe);
close(piin[0]);
close(piout[1]);
doit(piin[1],piout[0]);
}
close(piin[1]);
close(piout[0]);
if (fd_move(0,piin[0]) == -1)
errint(errno,"unable to move descriptors");
if (fd_move(1,piout[1]) == -1)
errint(errno,"unable to move descriptors");
pathexec_run(argv[1],argv + 1,envp);
errsys(errno);
return(0);
}
int main(int argc,const char *const *argv)
{
int opt;
int fd;
const char *dir;
sig_ignore(sig_pipe);
while ((opt = getopt(argc,argv,"?vudopchaitkx")) != opteof)
if (opt == 'v'){
puts("version: 0.76d");
exit(0);
}
else if (opt == '?')
strerr_die1x(100,"svc options: u up, d down, o once, x exit, p pause, c continue, h hup, a alarm, i interrupt, t term, k kill");
else
if (datalen < sizeof data)
if (byte_chr(data,datalen,opt) == datalen)
data[datalen++] = opt;
argv += optind;
fdorigdir = open_read(".");
if (fdorigdir == -1)
strerr_die2sys(111,FATAL,"unable to open current directory: ");
while (dir = *argv++) {
if (chdir(dir) == -1)
strerr_warn4(WARNING,"unable to chdir to ",dir,": ",&strerr_sys);
else {
fd = open_write("supervise/control");
if (fd == -1)
if (errno == error_nodevice)
strerr_warn4(WARNING,"unable to control ",dir,": supervise not running",0);
else
strerr_warn4(WARNING,"unable to control ",dir,": ",&strerr_sys);
else {
ndelay_off(fd);
buffer_init(&b,buffer_unixwrite,fd,bspace,sizeof bspace);
if (buffer_putflush(&b,data,datalen) == -1)
strerr_warn4(WARNING,"error writing commands to ",dir,": ",&strerr_sys);
close(fd);
}
}
if (fchdir(fdorigdir) == -1)
strerr_die2sys(111,FATAL,"unable to set directory: ");
}
_exit(0);
}
void daemon_run(int soc_listen) {
/* Main daemon loop. */
int soc_connect;
bool done, connected;
char cmd[MSG_MAX];
/* we don't want to terminate just because a client broke the socket */
sig_ignore(SIGPIPE);
if( listen(soc_listen, 1) == -1 ) {
perror("daemon: listen");
exit(EXIT_FAILURE);
}
/* let parent know that we're ready */
printf("daemon: signalling %d\n", getppid());
kill(getppid(), SIGUSR1);
done = false;
while(!done) {
printf("daemon: Waiting for a connection...\n");
soc_connect = accept(soc_listen, NULL, NULL);
if( soc_connect == -1 ) {
perror("daemon: accept");
exit(EXIT_FAILURE);
}
connected = true;
printf("daemon: Connected.\n");
while( connected && !done ) {
int n;
n = soc_r(soc_connect, cmd, MSG_MAX);
if( n < 0 ) {
connected = false;
printf("daemon: disconnected for read error\n");
}
if( n == 0 ) {
connected = false;
printf("daemon: disconnected for closed socket\n");
}
if( connected ) {
printf("daemon: received command `%s'\n", cmd);
if( !daemon_serve(soc_connect, cmd) )
done = true;
}
}
close(soc_connect);
}
}
int main(int argc,char * const *argv) {
int r;
int fd;
const char *file;
file = *++argv;
if (!file) usage();
fd = open_append(file);
if (fd == -1)
strerr_die4sys(111,FATAL,"cannot open ",file,": ");
if (ndelay_on(fd) == -1)
strerr_die4sys(111,FATAL,"cannot control ",file,": ");
sig_ignore(sig_pipe);
r = write(fd,"",1);
if (r != -1) _exit(0);
if (errno == error_again) _exit(0);
if (errno == error_pipe) _exit(0);
strerr_die4sys(111,FATAL,"cannot write ",file,": ");
}
static
void
setup(void)
{
int i = 0;
if(pipe(my_sigpipe) == -1){
fatal_syserr("failure setting up selfpipe");
}
for(i = 0; i < 2; ++i){
fd_cloexec(my_sigpipe[i]);
fd_nonblock(my_sigpipe[i]);
}
if(pipe(my_logpipe) == -1){
fatal_syserr("failure creating logpipe");
}
sigset_fill(&my_sigset);
sigset_block(&my_sigset);
sig_catch(SIGTERM, &sigtrap);
sig_catch(SIGINT, &sigtrap);
sig_catch(SIGCHLD, &sigtrap);
/* catching these signals to pass to program: */
sig_catch(SIGALRM, &sigtrap);
sig_catch(SIGCONT, &sigtrap);
sig_catch(SIGHUP, &sigtrap);
sig_catch(SIGQUIT, &sigtrap);
sig_catch(SIGTSTP, &sigtrap);
sig_catch(SIGUSR1, &sigtrap);
sig_catch(SIGUSR2, &sigtrap);
sig_ignore(SIGPIPE);
return;
}
int main (int argc, char const *const *argv)
{
iopause_fd x[2] = { { -1, IOPAUSE_READ, 0 }, { -1, IOPAUSE_READ, 0 } } ;
PROG = "s6-supervise" ;
if (argc < 2) strerr_dieusage(100, USAGE) ;
if (chdir(argv[1]) < 0) strerr_diefu2sys(111, "chdir to ", argv[1]) ;
{
register unsigned int proglen = str_len(PROG) ;
register unsigned int namelen = str_len(argv[1]) ;
char progname[proglen + namelen + 2] ;
byte_copy(progname, proglen, PROG) ;
progname[proglen] = ' ' ;
byte_copy(progname + proglen + 1, namelen + 1, argv[1]) ;
PROG = progname ;
if (!fd_sanitize()) strerr_diefu1sys(111, "sanitize stdin and stdout") ;
x[1].fd = s6_supervise_lock(S6_SUPERVISE_CTLDIR) ;
if (!ftrigw_fifodir_make(S6_SUPERVISE_EVENTDIR, getegid(), 0))
strerr_diefu2sys(111, "mkfifodir ", S6_SUPERVISE_EVENTDIR) ;
x[0].fd = selfpipe_init() ;
if (x[0].fd == -1) strerr_diefu1sys(111, "init selfpipe") ;
if (sig_ignore(SIGPIPE) < 0) strerr_diefu1sys(111, "ignore SIGPIPE") ;
{
sigset_t set ;
sigemptyset(&set) ;
sigaddset(&set, SIGTERM) ;
sigaddset(&set, SIGHUP) ;
sigaddset(&set, SIGQUIT) ;
sigaddset(&set, SIGCHLD) ;
if (selfpipe_trapset(&set) < 0) strerr_diefu1sys(111, "trap signals") ;
}
if (!ftrigw_clean(S6_SUPERVISE_EVENTDIR))
strerr_warnwu2sys("ftrigw_clean ", S6_SUPERVISE_EVENTDIR) ;
{
struct stat st ;
if (stat("down", &st) == -1)
{
if (errno != ENOENT)
strerr_diefu1sys(111, "stat down") ;
}
else status.flagwantup = 0 ;
if (stat("nosetsid", &st) == -1)
{
if (errno != ENOENT)
strerr_diefu1sys(111, "stat nosetsid") ;
}
else flagsetsid = 0 ;
}
tain_now_g() ;
settimeout(0) ;
tain_copynow(&status.stamp) ;
announce() ;
ftrigw_notifyb_nosig(S6_SUPERVISE_EVENTDIR, "s", 1) ;
while (cont)
{
register int r = iopause_g(x, 2, &deadline) ;
if (r < 0) strerr_diefu1sys(111, "iopause") ;
else if (!r) (*actions[state][V_TIMEOUT])() ;
else
{
if ((x[0].revents | x[1].revents) & IOPAUSE_EXCEPT)
strerr_diefu1x(111, "iopause: trouble with pipes") ;
if (x[0].revents & IOPAUSE_READ) handle_signals() ;
else if (x[1].revents & IOPAUSE_READ) handle_control(x[1].fd) ;
}
}
ftrigw_notifyb_nosig(S6_SUPERVISE_EVENTDIR, "x", 1) ;
}
return 0 ;
}
int main (int argc, char const *const *argv) {
tain_t deadline ;
int sfd ;
PROG = "bevt_relayd" ;
if (argc < 2) strerr_dieusage(100, USAGE) ;
if (ndelay_on(0) < 0) strerr_diefu2sys(111, "ndelay_on ", "0") ;
if (ndelay_on(1) < 0) strerr_diefu2sys(111, "ndelay_on ", "1") ;
if (sig_ignore(SIGPIPE) < 0) strerr_diefu1sys(111, "ignore SIGPIPE") ;
sfd = selfpipe_init() ;
if (sfd < 0) strerr_diefu1sys(111, "selfpipe_init") ;
{
sigset_t set ;
sigemptyset(&set) ;
sigaddset(&set, SIGCHLD) ;
sigaddset(&set, SIGTERM) ;
sigaddset(&set, SIGQUIT) ;
sigaddset(&set, SIGHUP) ;
sigaddset(&set, SIGABRT) ;
sigaddset(&set, SIGINT) ;
if (selfpipe_trapset(&set) < 0)
strerr_diefu1sys(111, "trap signals") ;
}
if(bevt_relay_db_init(argv[1])<0)
strerr_diefu1sys(111, "db init failed") ;
tain_now_g() ;
tain_addsec_g(&deadline, 2) ;
if (!skaclient_server_01x_init_g(BEVT_RELAY_BANNER1, BEVT_RELAY_BANNER1_LEN, BEVT_RELAY_BANNER2, BEVT_RELAY_BANNER2_LEN, &deadline))
strerr_diefu1sys(111, "sync with client") ;
for (;;) {
register unsigned int n = 0 ;
iopause_fd x[6 + n] ;
int r ;
if(mfd<0) handle_connect_central();
tain_add_g(&deadline, &tain_infinite_relative) ;
x[0].fd = 0 ; x[0].events = IOPAUSE_EXCEPT | IOPAUSE_READ ;
x[1].fd = 1 ; x[1].events = IOPAUSE_EXCEPT | (unixmessage_sender_isempty(unixmessage_sender_1) ? 0 : IOPAUSE_WRITE ) ;
x[2].fd = sfd ; x[2].events = IOPAUSE_READ ;
x[3].fd = bozclient_sfd(¢ral_client_g); x[3].events = IOPAUSE_READ ;
x[4].fd = bozclient_sfd(¢ral_client_g); x[4].events = (bozclient_siswritable(¢ral_client_g) ? IOPAUSE_WRITE : 0) ;
x[5].fd = unixmessage_sender_fd(unixmessage_sender_x) ; x[5].events = (unixmessage_sender_isempty(unixmessage_sender_x) ? 0 : IOPAUSE_WRITE) ;
r = iopause_g(x, 5 + n, &deadline) ;
if (r < 0) {
cleanup() ;
strerr_diefu1sys(111, "iopause") ;
}
/* client closed */
if ((x[0].revents | x[1].revents) & IOPAUSE_EXCEPT) break ;
/* client is sync reading */
if (x[1].revents & IOPAUSE_WRITE) {
if (!unixmessage_sender_flush(unixmessage_sender_1) && !error_isagain(errno)) {
cleanup() ;
strerr_diefu1sys(111, "flush sync out") ;
}
}
/* client is async rzading */
if (x[5].revents & IOPAUSE_WRITE) {
if (!unixmessage_sender_flush(unixmessage_sender_x) && !error_isagain(errno)) {
cleanup() ;
strerr_diefu1sys(111, "flush async out") ;
}
}
/* signals arrived */
if (x[2].revents & (IOPAUSE_READ | IOPAUSE_EXCEPT)) handle_signals() ;
/* main socket read or close */
if (x[3].revents & IOPAUSE_READ) {
handle_close_central();
continue;
}
/* main socket close */
if (x[4].revents & IOPAUSE_WRITE) {
bozclient_flush(¢ral_client_g);
}
/* main socket close */
if (x[5].revents & IOPAUSE_WRITE) {
if (!unixmessage_sender_flush(unixmessage_sender_x) && !error_isagain(errno)) {
cleanup() ;
strerr_diefu1sys(111, "flush stdout") ;
}
}
/* client is sync writing */
if (!unixmessage_receiver_isempty(unixmessage_receiver_0) || x[0].revents & IOPAUSE_READ)
{
if (unixmessage_handle(unixmessage_receiver_0, &bevt_relay_parse_prot_cmd, 0) < 0)
{
if (errno == EPIPE) break ; /* normal exit */
cleanup() ;
strerr_diefu1sys(111, "handle messages from client") ;
}
}
}
cleanup() ;
return 0 ;
}
int main (int argc, const char * const *argv, char * const *envp) {
const char * prog[2];
int pid, pid2;
int wstat;
int st;
iopause_fd x;
#ifndef IOPAUSE_POLL
fd_set rfds;
struct timeval t;
#endif
char ch;
int ttyfd;
struct stat s;
if (getpid() != 1) strerr_die2x(111, FATAL, "must be run as process no 1.");
setsid();
sig_block(sig_alarm);
sig_block(sig_child);
sig_catch(sig_child, sig_child_handler);
sig_block(sig_cont);
sig_catch(sig_cont, sig_cont_handler);
sig_block(sig_hangup);
sig_block(sig_int);
sig_catch(sig_int, sig_int_handler);
sig_block(sig_pipe);
sig_block(sig_term);
/* console */
if ((ttyfd =open_write("/dev/console")) != -1) {
dup2(ttyfd, 0); dup2(ttyfd, 1); dup2(ttyfd, 2);
if (ttyfd > 2) close(ttyfd);
}
/* create selfpipe */
while (pipe(selfpipe) == -1) {
strerr_warn2(FATAL, "unable to create selfpipe, pausing: ", &strerr_sys);
sleep(5);
}
coe(selfpipe[0]);
coe(selfpipe[1]);
ndelay_on(selfpipe[0]);
ndelay_on(selfpipe[1]);
#ifdef RB_DISABLE_CAD
/* activate ctrlaltdel handling, glibc, dietlibc */
if (RB_DISABLE_CAD == 0) reboot_system(0);
#endif
strerr_warn3(INFO, "$Id: 25da3b86f7bed4038b8a039d2f8e8c9bbcf0822b $",
": booting.", 0);
/* runit */
for (st =0; st < 3; st++) {
/* if (st == 2) logwtmp("~", "reboot", ""); */
while ((pid =fork()) == -1) {
strerr_warn4(FATAL, "unable to fork for \"", stage[st], "\" pausing: ",
&strerr_sys);
sleep(5);
}
if (!pid) {
/* child */
prog[0] =stage[st];
prog[1] =0;
/* stage 1 gets full control of console */
if (st == 0) {
if ((ttyfd =open("/dev/console", O_RDWR)) != -1) {
#ifdef TIOCSCTTY
ioctl(ttyfd, TIOCSCTTY, (char *)0);
#endif
dup2(ttyfd, 0);
if (ttyfd > 2) close(ttyfd);
}
else
strerr_warn2(WARNING, "unable to open /dev/console: ", &strerr_sys);
}
else
setsid();
sig_unblock(sig_alarm);
sig_unblock(sig_child);
sig_uncatch(sig_child);
sig_unblock(sig_cont);
sig_ignore(sig_cont);
sig_unblock(sig_hangup);
sig_unblock(sig_int);
sig_uncatch(sig_int);
sig_unblock(sig_pipe);
sig_unblock(sig_term);
strerr_warn3(INFO, "enter stage: ", stage[st], 0);
execve(*prog, (char *const *)prog, envp);
strerr_die4sys(0, FATAL, "unable to start child: ", stage[st], ": ");
}
x.fd =selfpipe[0];
x.events =IOPAUSE_READ;
for (;;) {
int child;
sig_unblock(sig_child);
sig_unblock(sig_cont);
sig_unblock(sig_int);
#ifdef IOPAUSE_POLL
poll(&x, 1, 14000);
#else
t.tv_sec =14; t.tv_usec =0;
FD_ZERO(&rfds);
FD_SET(x.fd, &rfds);
select(x.fd +1, &rfds, (fd_set*)0, (fd_set*)0, &t);
#endif
sig_block(sig_cont);
sig_block(sig_child);
sig_block(sig_int);
while (read(selfpipe[0], &ch, 1) == 1) {}
while ((child =wait_nohang(&wstat)) > 0)
if (child == pid) break;
if (child == -1) {
strerr_warn2(WARNING, "wait_nohang, pausing: ", &strerr_sys);
sleep(5);
}
/* reget stderr */
if ((ttyfd =open_write("/dev/console")) != -1) {
dup2(ttyfd, 2);
if (ttyfd > 2) close(ttyfd);
}
if (child == pid) {
if (wait_exitcode(wstat) != 0) {
if (wait_crashed(wstat))
strerr_warn3(WARNING, "child crashed: ", stage[st], 0);
else
strerr_warn3(WARNING, "child failed: ", stage[st], 0);
if (st == 0)
/* this is stage 1 */
if (wait_crashed(wstat) || (wait_exitcode(wstat) == 100)) {
strerr_warn3(INFO, "leave stage: ", stage[st], 0);
strerr_warn2(WARNING, "skipping stage 2...", 0);
st++;
break;
}
if (st == 1)
/* this is stage 2 */
if (wait_crashed(wstat) || (wait_exitcode(wstat) == 111)) {
strerr_warn2(WARNING, "killing all processes in stage 2...", 0);
kill(-pid, 9);
sleep(5);
strerr_warn2(WARNING, "restarting.", 0);
st--;
break;
}
}
strerr_warn3(INFO, "leave stage: ", stage[st], 0);
break;
}
if (child != 0) {
/* collect terminated children */
write(selfpipe[1], "", 1);
continue;
}
/* sig? */
if (!sigc && !sigi) {
#ifdef DEBUG
strerr_warn2(WARNING, "poll: ", &strerr_sys);
#endif
continue;
}
if (st != 1) {
strerr_warn2(WARNING, "signals only work in stage 2.", 0);
sigc =sigi =0;
continue;
}
if (sigi && (stat(CTRLALTDEL, &s) != -1) && (s.st_mode & S_IXUSR)) {
strerr_warn2(INFO, "ctrl-alt-del request...", 0);
prog[0] =CTRLALTDEL; prog[1] =0;
while ((pid2 =fork()) == -1) {
strerr_warn4(FATAL, "unable to fork for \"", CTRLALTDEL,
"\" pausing: ", &strerr_sys);
sleep(5);
}
if (!pid2) {
/* child */
strerr_warn3(INFO, "enter stage: ", prog[0], 0);
execve(*prog, (char *const *) prog, envp);
strerr_die4sys(0, FATAL, "unable to start child: ", prog[0], ": ");
}
if (wait_pid(&wstat, pid2) == -1)
strerr_warn2(FATAL, "wait_pid: ", &strerr_sys);
if (wait_crashed(wstat))
strerr_warn3(WARNING, "child crashed: ", CTRLALTDEL, 0);
strerr_warn3(INFO, "leave stage: ", prog[0], 0);
sigi =0;
sigc++;
}
if (sigc && (stat(STOPIT, &s) != -1) && (s.st_mode & S_IXUSR)) {
int i;
/* unlink(STOPIT); */
chmod(STOPIT, 0);
/* kill stage 2 */
#ifdef DEBUG
strerr_warn2(WARNING, "sending sigterm...", 0);
#endif
kill(pid, sig_term);
i =0;
while (i < 5) {
if ((child =wait_nohang(&wstat)) == pid) {
#ifdef DEBUG
strerr_warn2(WARNING, "stage 2 terminated.", 0);
#endif
pid =0;
break;
}
if (child) continue;
if (child == -1)
strerr_warn2(WARNING, "wait_nohang: ", &strerr_sys);
#ifdef DEBUG
strerr_warn2(WARNING, "waiting...", 0);
#endif
sleep(1);
i++;
}
if (pid) {
/* still there */
strerr_warn2(WARNING,
"stage 2 not terminated, sending sigkill...", 0);
kill(pid, 9);
if (wait_pid(&wstat, pid) == -1)
strerr_warn2(WARNING, "wait_pid: ", &strerr_sys);
}
sigc =0;
strerr_warn3(INFO, "leave stage: ", stage[st], 0);
/* enter stage 3 */
break;
}
sigc =sigi =0;
#ifdef DEBUG
strerr_warn2(WARNING, "no request.", 0);
#endif
}
}
/* reget stderr */
if ((ttyfd =open_write("/dev/console")) != -1) {
dup2(ttyfd, 2);
if (ttyfd > 2) close(ttyfd);
}
#ifdef RB_AUTOBOOT
/* fallthrough stage 3 */
strerr_warn2(INFO, "sending KILL signal to all processes...", 0);
kill(-1, SIGKILL);
pid =fork();
switch (pid) {
case 0:
case -1:
if ((stat(REBOOT, &s) != -1) && (s.st_mode & S_IXUSR)) {
strerr_warn2(INFO, "system reboot.", 0);
sync();
reboot_system(RB_AUTOBOOT);
}
else {
#ifdef RB_POWER_OFF
strerr_warn2(INFO, "power off...", 0);
sync();
reboot_system(RB_POWER_OFF);
sleep(2);
#endif
#ifdef RB_HALT_SYSTEM
strerr_warn2(INFO, "system halt.", 0);
sync();
reboot_system(RB_HALT_SYSTEM);
#else
#ifdef RB_HALT
strerr_warn2(INFO, "system halt.", 0);
sync();
reboot_system(RB_HALT);
#else
strerr_warn2(INFO, "system reboot.", 0);
sync();
reboot_system(RB_AUTOBOOT);
#endif
#endif
}
if (pid == 0) _exit(0);
break;
default:
sig_unblock(sig_child);
while (wait_pid(0, pid) == -1);
}
#endif
for (;;) sig_pause();
/* not reached */
strerr_die2x(0, INFO, "exit.");
return(0);
}
int main(int argc,char * const *argv) {
const char *hostname;
int opt;
struct servent *se;
char *x;
unsigned long u;
int s;
int t;
io_opt = ssl_io_opt_default;
io_opt.timeout = 3600;
while ((opt = getopt(argc,argv,"46dDvqQhHrR1UXx:t:T:u:g:l:b:B:c:Z:pPoO3IiEeSsaAw:nNyYuUjJ")) != opteof)
switch(opt) {
case 'b': scan_ulong(optarg,&backlog); break;
case 'c': scan_ulong(optarg,&limit); break;
case 'X': flagallownorules = 1; break;
case 'x': fnrules = optarg; break;
case 'B': banner = optarg; break;
case 'd': flagdelay = 1; break;
case 'D': flagdelay = 0; break;
case 'v': verbosity = 2; break;
case 'q': verbosity = 0; break;
case 'Q': verbosity = 1; break;
case 'P': flagparanoid = 0; break;
case 'p': flagparanoid = 1; break;
case 'O': flagkillopts = 1; break;
case 'o': flagkillopts = 0; break;
case 'H': flagremotehost = 0; break;
case 'h': flagremotehost = 1; break;
case 'R': flagremoteinfo = 0; break;
case 'r': flagremoteinfo = 1; break;
case 't': scan_ulong(optarg,&timeout); break;
case 'T': scan_ulong(optarg,&ssltimeout); break;
case 'w': scan_uint(optarg,&io_opt.timeout); break;
case 'U': x = env_get("UID"); if (x) scan_ulong(x,&uid);
x = env_get("GID"); if (x) scan_ulong(x,&gid); break;
case 'u': scan_ulong(optarg,&uid); break;
case 'g': scan_ulong(optarg,&gid); break;
case 'Z': netif=socket_getifidx(optarg); break;
case '1': flag1 = 1; break;
case '4': noipv6 = 1; break;
case '6': forcev6 = 1; break;
case 'l': localhost = optarg; break;
case '3': flag3 = 1; break;
case 'I': flagclientcert = 0; break;
case 'i': flagclientcert = 1; break;
case 'S': flagsslenv = 0; break;
case 's': flagsslenv = 1; break;
case 'E': flagtcpenv = 0; break;
case 'e': flagtcpenv = 1; break;
case 'n': case 'y': flagsslwait = 1; break;
case 'N': case 'Y': flagsslwait = 0; break;
case 'j': io_opt.just_shutdown = 1; break;
case 'J': io_opt.just_shutdown = 0; break;
default: usage();
}
argc -= optind;
argv += optind;
if (!verbosity)
buffer_2->fd = -1;
hostname = *argv++;
if (!hostname) usage();
if (str_equal(hostname,"")) hostname = "0";
x = *argv++;
if (!x) usage();
prog = argv;
if (!*argv) usage();
if (!x[scan_ulong(x,&u)])
localport = u;
else {
se = getservbyname(x,"tcp");
if (!se)
strerr_die3x(111,FATAL,"unable to figure out port number for ",x);
uint16_unpack_big((char*)&se->s_port,&localport);
}
if (x = env_get("VERIFYDEPTH")) {
scan_ulong(x,&u);
verifydepth = u;
}
if (x = env_get("CAFILE")) cafile = x;
if (cafile && str_equal(cafile,"")) cafile = 0;
if (x = env_get("CCAFILE")) ccafile = x;
if (ccafile && str_equal(ccafile,"")) ccafile = 0;
if (!flagclientcert) ccafile = 0;
if (x = env_get("CADIR")) cadir = x;
if (cadir && str_equal(cadir,"")) cadir= 0;
if (x = env_get("CERTFILE")) certfile = x;
if (certfile && str_equal(certfile,"")) certfile = 0;
if (x = env_get("KEYFILE")) keyfile = x;
if (keyfile && str_equal(keyfile,"")) keyfile = 0;
if (x = env_get("DHFILE")) dhfile = x;
if (dhfile && str_equal(dhfile,"")) dhfile = 0;
if (x = env_get("CIPHERS")) ciphers = x;
if (ciphers && str_equal(ciphers,"")) ciphers = 0;
sig_block(sig_child);
sig_catch(sig_child,sigchld);
sig_catch(sig_term,sigterm);
sig_ignore(sig_pipe);
if (str_equal(hostname,"0")) {
byte_zero(localip,sizeof localip);
} else {
if (!stralloc_copys(&tmp,hostname))
strerr_die2x(111,FATAL,"out of memory");
if (dns_ip6_qualify(&addresses,&fqdn,&tmp) == -1)
strerr_die4sys(111,FATAL,"temporarily unable to figure out IP address for ",hostname,": ");
if (addresses.len < 16)
strerr_die3x(111,FATAL,"no IP address for ",hostname);
byte_copy(localip,16,addresses.s);
if (ip6_isv4mapped(localip))
noipv6=1;
}
s = socket_tcp6();
if (s == -1)
strerr_die2sys(111,FATAL,"unable to create socket: ");
if (socket_bind6_reuse(s,localip,localport,netif) == -1)
strerr_die2sys(111,FATAL,"unable to bind: ");
if (socket_local6(s,localip,&localport,&netif) == -1)
strerr_die2sys(111,FATAL,"unable to get local address: ");
if (socket_listen(s,backlog) == -1)
strerr_die2sys(111,FATAL,"unable to listen: ");
ndelay_off(s);
localportstr[fmt_ulong(localportstr,localport)] = 0;
if (flag1) {
buffer_init(&b,buffer_unixwrite,1,bspace,sizeof bspace);
buffer_puts(&b,localportstr);
buffer_puts(&b,"\n");
buffer_flush(&b);
}
if (flag3) read_passwd();
ctx = ssl_server();
ssl_errstr();
if (!ctx) strerr_die2x(111,FATAL,"unable to create SSL context");
switch (ssl_certkey(ctx,certfile,keyfile,passwd_cb)) {
case -1: strerr_die2x(111,FATAL,"unable to load certificate");
case -2: strerr_die2x(111,FATAL,"unable to load key");
case -3: strerr_die2x(111,FATAL,"key does not match certificate");
default: break;
}
if (!ssl_ca(ctx,cafile,cadir,verifydepth))
strerr_die2x(111,FATAL,"unable to load CA list");
if (!ssl_cca(ctx,ccafile))
strerr_die2x(111,FATAL,"unable to load client CA list");
if (!ssl_params(ctx,dhfile,rsalen))
strerr_die2x(111,FATAL,"unable to set cipher parameters");
if (!ssl_ciphers(ctx,ciphers))
strerr_die2x(111,FATAL,"unable to set cipher list");
if (verbosity >= 2) {
strnum[fmt_ulong(strnum,getpid())] = 0;
strnum2[fmt_ulong(strnum2,rsalen)] = 0;
strerr_warn4("sslserver: cafile ",strnum," ",cafile,0);
strerr_warn4("sslserver: ccafile ",strnum," ",ccafile,0);
strerr_warn4("sslserver: cadir ",strnum," ",cadir,0);
strerr_warn4("sslserver: cert ",strnum," ",certfile,0);
strerr_warn4("sslserver: key ",strnum," ",keyfile,0);
strerr_warn6("sslserver: param ",strnum," ",dhfile," ",strnum2,0);
}
close(0); open_read("/dev/null");
close(1); open_append("/dev/null");
printstatus();
for (;;) {
while (numchildren >= limit) sig_pause();
sig_unblock(sig_child);
t = socket_accept6(s,remoteip,&remoteport,&netif);
sig_block(sig_child);
if (t == -1) continue;
++numchildren; printstatus();
switch(fork()) {
case 0:
close(s);
doit(t);
strerr_die4sys(111,DROP,"unable to run ",*argv,": ");
case -1:
strerr_warn2(DROP,"unable to fork: ",&strerr_sys);
--numchildren; printstatus();
}
close(t);
}
}
int main (void)
{
PROG = "s6-ftrigrd" ;
if (ndelay_on(0) < 0) strerr_diefu2sys(111, "ndelay_on ", "0") ;
if (ndelay_on(1) < 0) strerr_diefu2sys(111, "ndelay_on ", "1") ;
if (sig_ignore(SIGPIPE) < 0) strerr_diefu1sys(111, "ignore SIGPIPE") ;
{
tain_t deadline ;
tain_now_g() ;
tain_addsec_g(&deadline, 2) ;
if (!skaclient_server_01x_init_g(FTRIGR_BANNER1, FTRIGR_BANNER1_LEN, FTRIGR_BANNER2, FTRIGR_BANNER2_LEN, &deadline))
strerr_diefu1sys(111, "sync with client") ;
}
for (;;)
{
iopause_fd x[3 + n] ;
unsigned int i = 0 ;
x[0].fd = 0 ; x[0].events = IOPAUSE_EXCEPT | IOPAUSE_READ ;
x[1].fd = 1 ; x[1].events = IOPAUSE_EXCEPT | (unixmessage_sender_isempty(unixmessage_sender_1) ? 0 : IOPAUSE_WRITE) ;
x[2].fd = unixmessage_sender_fd(unixmessage_sender_x) ;
x[2].events = IOPAUSE_EXCEPT | (unixmessage_sender_isempty(unixmessage_sender_x) ? 0 : IOPAUSE_WRITE) ;
for (; i < n ; i++)
{
a[i].xindex = 3 + i ;
x[3+i].fd = a[i].trig.fd ;
x[3+i].events = IOPAUSE_READ ;
}
if (iopause(x, 3 + n, 0, 0) < 0)
{
cleanup() ;
strerr_diefu1sys(111, "iopause") ;
}
/* client closed */
if ((x[0].revents | x[1].revents) & IOPAUSE_EXCEPT) break ;
/* client is reading */
if (x[1].revents & IOPAUSE_WRITE)
if (!unixmessage_sender_flush(unixmessage_sender_1) && !error_isagain(errno))
{
cleanup() ;
strerr_diefu1sys(111, "flush stdout") ;
}
if (x[2].revents & IOPAUSE_WRITE)
if (!unixmessage_sender_flush(unixmessage_sender_x) && !error_isagain(errno))
{
cleanup() ;
strerr_diefu1sys(111, "flush asyncout") ;
}
/* scan listening ftrigs */
for (i = 0 ; i < n ; i++)
{
if (x[a[i].xindex].revents & IOPAUSE_READ)
if (!ftrigio_read(a+i)) remove(i--) ;
}
/* client is writing */
if (!unixmessage_receiver_isempty(unixmessage_receiver_0) || x[0].revents & IOPAUSE_READ)
{
if (unixmessage_handle(unixmessage_receiver_0, &parse_protocol, 0) < 0)
{
if (errno == EPIPE) break ; /* normal exit */
cleanup() ;
strerr_diefu1sys(111, "handle messages from client") ;
}
}
}
cleanup() ;
return 0 ;
}
int main (int argc, char const **argv, char const *const *envp)
{
iopause_fd x[2] = { { -1, IOPAUSE_READ, 0 }, { -1, IOPAUSE_READ, 0 } } ;
tain_t deadline, tto ;
ftrigr_t a = FTRIGR_ZERO ;
int argc1 ;
unsigned int i = 0 ;
char or = 0 ;
PROG = "s6-ftrig-listen" ;
{
unsigned int t = 0 ;
for (;;)
{
register int opt = subgetopt(argc, argv, "aot:") ;
if (opt == -1) break ;
switch (opt)
{
case 'a' : or = 0 ; break ;
case 'o' : or = 1 ; break ;
case 't' : if (uint0_scan(subgetopt_here.arg, &t)) break ;
default : dieusage() ;
}
}
if (t) tain_from_millisecs(&tto, t) ; else tto = tain_infinite_relative ;
argc -= subgetopt_here.ind ; argv += subgetopt_here.ind ;
}
if (argc < 4) dieusage() ;
argc1 = el_semicolon(argv) ;
if (!argc1 || (argc1 & 1) || (argc == argc1 + 1)) dieusage() ;
if (argc1 >= argc) strerr_dief1x(100, "unterminated fifodir+regex block") ;
tain_now_g() ;
tain_add_g(&deadline, &tto) ;
x[0].fd = selfpipe_init() ;
if (x[0].fd < 0) strerr_diefu1sys(111, "selfpipe_init") ;
if (selfpipe_trap(SIGCHLD) < 0) strerr_diefu1sys(111, "selfpipe_trap") ;
if (sig_ignore(SIGPIPE) < 0) strerr_diefu1sys(111, "sig_ignore") ;
if (!ftrigr_startf_g(&a, &deadline)) strerr_diefu1sys(111, "ftrigr_startf") ;
x[1].fd = ftrigr_fd(&a) ;
{
int pid = 0 ;
unsigned int idlen = argc1 >> 1 ;
uint16 ids[idlen] ;
for (; i < idlen ; i++)
{
ids[i] = ftrigr_subscribe_g(&a, argv[i<<1], argv[(i<<1)+1], 0, &deadline) ;
if (!ids[i]) strerr_diefu4sys(111, "subscribe to ", argv[i<<1], " with regexp ", argv[(i<<1)+1]) ;
}
pid = child_spawn0(argv[argc1 + 1], argv + argc1 + 1, envp) ;
if (!pid) strerr_diefu2sys(111, "spawn ", argv[argc1 + 1]) ;
for (;;)
{
register int r ;
i = 0 ;
while (i < idlen)
{
char dummy ;
r = ftrigr_check(&a, ids[i], &dummy) ;
if (r < 0) strerr_diefu1sys(111, "ftrigr_check") ;
else if (!r) i++ ;
else if (or) idlen = 0 ;
else ids[i] = ids[--idlen] ;
}
if (!idlen) break ;
r = iopause_g(x, 2, &deadline) ;
if (r < 0) strerr_diefu1sys(111, "iopause") ;
else if (!r)
{
errno = ETIMEDOUT ;
strerr_diefu1sys(1, "get expected event") ;
}
if (x[0].revents & IOPAUSE_READ) handle_signals() ;
if (x[1].revents & IOPAUSE_READ)
{
if (ftrigr_update(&a) < 0) strerr_diefu1sys(111, "ftrigr_update") ;
}
}
}
return 0 ;
}
int ssl_io(unsigned int newsession, const char **prog) {
if (client) { fdstdin =6; fdstdou =7; }
bad_certificate = env_get("SSLIO_BAD_CERTIFICATE");
if ((s =env_get("SSLIO_BUFIN"))) scan_ulong(s, &bufsizein);
if ((s =env_get("SSLIO_BUFOU"))) scan_ulong(s, &bufsizeou);
if (bufsizein < 64) bufsizein =64;
if (bufsizeou < 64) bufsizeou =64;
if ((s =env_get("SSLIO_HANDSHAKE_TIMEOUT")))
scan_ulong(s, &handshake_timeout);
if (handshake_timeout < 1) handshake_timeout =1;
if (pipe(encpipe) == -1) fatalm("unable to create pipe for encoding");
if (pipe(decpipe) == -1) fatalm("unable to create pipe for decoding");
if ((pid =fork()) == -1) fatalm("unable to fork");
if (pid == 0) {
if (close(encpipe[1]) == -1)
fatalm("unable to close encoding pipe output");
if (close(decpipe[0]) == -1)
fatalm("unable to close decoding pipe input");
if (newsession) if (matrixSslOpen() < 0) fatalm("unable to initialize ssl");
if (root) {
if (chdir(root) == -1) fatalm("unable to change to new root directory");
if (chroot(".") == -1) fatalm("unable to chroot");
}
if (ssluser) {
/* drop permissions */
if (setgroups(sslugid.gids, sslugid.gid) == -1)
fatal("unable to set groups");
if (setgid(*sslugid.gid) == -1) fatal("unable to set gid");
if (prot_uid(sslugid.uid) == -1) fatalm("unable to set uid");
}
if (newsession) {
if (matrixSslReadKeys(&keys, cert, key, 0, ca) < 0) {
if (client) fatalm("unable to read cert, key, or ca file");
fatalm("unable to read cert or key file");
}
if (matrixSslNewSession(&ssl, keys, 0, client?0:SSL_FLAGS_SERVER) < 0)
fatalmx("unable to create ssl session");
}
if (client)
if (ca || bad_certificate) matrixSslSetCertValidator(ssl, &validate, 0);
sig_catch(sig_term, sig_term_handler);
sig_ignore(sig_pipe);
doio();
finish();
_exit(0);
}
if (close(encpipe[0]) == -1) fatalm("unable to close encoding pipe input");
if (close(decpipe[1]) == -1) fatalm("unable to close decoding pipe output");
if (fd_move(fdstdin, decpipe[0]) == -1)
fatalm("unable to setup filedescriptor for decoding");
if (fd_move(fdstdou, encpipe[1]) == -1)
fatalm("unable to setup filedescriptor for encoding");
sslCloseOsdep();
if (svuser) {
if (setgroups(ugid.gids, ugid.gid) == -1)
fatal("unable to set groups for prog");
if (setgid(*ugid.gid) == -1) fatal("unable to set gid for prog");
if (prot_uid(ugid.uid) == -1) fatalm("unable to set uid for prog");
}
pathexec(prog);
fatalm("unable to run prog");
return(111);
}
main(int argc,char **argv)
{
int fakev4=0;
unsigned long u;
int opt;
char *x;
int j;
int s;
int cloop;
dns_random_init(seed);
close(6);
close(7);
sig_ignore(sig_pipe);
while ((opt = getopt(argc,argv,"46dDvqQhHrRi:p:t:T:l:I:")) != opteof)
switch(opt) {
case '4': noipv6 = 1; break;
case '6': forcev6 = 1; break;
case 'd': flagdelay = 1; break;
case 'D': flagdelay = 0; break;
case 'v': verbosity = 2; break;
case 'q': verbosity = 0; break;
case 'Q': verbosity = 1; break;
case 'l': forcelocal = optarg; break;
case 'H': flagremotehost = 0; break;
case 'h': flagremotehost = 1; break;
case 'R': flagremoteinfo = 0; break;
case 'r': flagremoteinfo = 1; break;
case 't': scan_ulong(optarg,&itimeout); break;
case 'T': j = scan_ulong(optarg,&ctimeout[0]);
if (optarg[j] == '+') ++j;
scan_ulong(optarg + j,&ctimeout[1]);
break;
case 'i': if (!scan_ip6(optarg,iplocal)) usage(); break;
case 'I': netif=socket_getifidx(optarg); break;
case 'p': scan_ulong(optarg,&u); portlocal = u; break;
default: usage();
}
argv += optind;
if (!verbosity)
buffer_2->fd = -1;
hostname = *argv;
if (!hostname) usage();
if (!hostname[0] || str_equal(hostname,"0"))
hostname = (noipv6?"127.0.0.1":"::1");
x = *++argv;
if (!x) usage();
if (!x[scan_ulong(x,&u)])
portremote = u;
else {
struct servent *se;
se = getservbyname(x,"tcp");
if (!se)
strerr_die3x(111,FATAL,"unable to figure out port number for ",x);
portremote = ntohs(se->s_port);
/* i continue to be amazed at the stupidity of the s_port interface */
}
if (!*++argv) usage();
if (!stralloc_copys(&tmp,hostname)) nomem();
if (dns_ip6_qualify(&addresses,&fqdn,&tmp) == -1)
strerr_die4sys(111,FATAL,"temporarily unable to figure out IP address for ",hostname,": ");
if (addresses.len < 16)
strerr_die3x(111,FATAL,"no IP address for ",hostname);
if (addresses.len == 16) {
ctimeout[0] += ctimeout[1];
ctimeout[1] = 0;
}
for (cloop = 0;cloop < 2;++cloop) {
if (!stralloc_copys(&moreaddresses,"")) nomem();
for (j = 0;j + 16 <= addresses.len;j += 4) {
s = socket_tcp6();
if (s == -1)
strerr_die2sys(111,FATAL,"unable to create socket: ");
if (socket_bind6(s,iplocal,portlocal,netif) == -1)
strerr_die2sys(111,FATAL,"unable to bind socket: ");
if (timeoutconn6(s,addresses.s + j,portremote,ctimeout[cloop],netif) == 0)
goto CONNECTED;
close(s);
if (!cloop && ctimeout[1] && (errno == error_timeout)) {
if (!stralloc_catb(&moreaddresses,addresses.s + j,16)) nomem();
}
else {
strnum[fmt_ulong(strnum,portremote)] = 0;
if (ip6_isv4mapped(addresses.s+j))
ipstr[ip4_fmt(ipstr,addresses.s + j + 12)] = 0;
else
ipstr[ip6_fmt(ipstr,addresses.s + j)] = 0;
strerr_warn5(CONNECT,ipstr," port ",strnum,": ",&strerr_sys);
}
}
if (!stralloc_copy(&addresses,&moreaddresses)) nomem();
}
_exit(111);
CONNECTED:
if (!flagdelay)
socket_tcpnodelay(s); /* if it fails, bummer */
if (socket_local6(s,iplocal,&portlocal,&netif) == -1)
strerr_die2sys(111,FATAL,"unable to get local address: ");
if (!forcev6 && (ip6_isv4mapped(iplocal) || byte_equal(iplocal,16,V6any)))
fakev4=1;
if (!pathexec_env("PROTO",fakev4?"TCP":"TCP6")) nomem();
strnum[fmt_ulong(strnum,portlocal)] = 0;
if (!pathexec_env("TCPLOCALPORT",strnum)) nomem();
if (fakev4)
ipstr[ip4_fmt(ipstr,iplocal+12)] = 0;
else
ipstr[ip6_fmt(ipstr,iplocal)] = 0;
if (!pathexec_env("TCPLOCALIP",ipstr)) nomem();
x = forcelocal;
if (!x)
if (dns_name6(&tmp,iplocal) == 0) {
if (!stralloc_0(&tmp)) nomem();
x = tmp.s;
}
if (!pathexec_env("TCPLOCALHOST",x)) nomem();
if (socket_remote6(s,ipremote,&portremote,&netif) == -1)
strerr_die2sys(111,FATAL,"unable to get remote address: ");
strnum[fmt_ulong(strnum,portremote)] = 0;
if (!pathexec_env("TCPREMOTEPORT",strnum)) nomem();
if (fakev4)
ipstr[ip4_fmt(ipstr,ipremote+12)] = 0;
else
ipstr[ip6_fmt(ipstr,ipremote)] = 0;
if (!pathexec_env("TCPREMOTEIP",ipstr)) nomem();
if (verbosity >= 2)
strerr_warn4("tcpclient: connected to ",ipstr," port ",strnum,0);
x = 0;
if (flagremotehost)
if (dns_name6(&tmp,ipremote) == 0) {
if (!stralloc_0(&tmp)) nomem();
x = tmp.s;
}
if (!pathexec_env("TCPREMOTEHOST",x)) nomem();
x = 0;
if (flagremoteinfo)
if (remoteinfo6(&tmp,ipremote,portremote,iplocal,portlocal,itimeout,netif) == 0) {
if (!stralloc_0(&tmp)) nomem();
x = tmp.s;
}
if (!pathexec_env("TCPREMOTEINFO",x)) nomem();
if (fd_move(6,s) == -1)
strerr_die2sys(111,FATAL,"unable to set up descriptor 6: ");
if (fd_copy(7,6) == -1)
strerr_die2sys(111,FATAL,"unable to set up descriptor 7: ");
sig_uncatch(sig_pipe);
pathexec(argv);
strerr_die4sys(111,FATAL,"unable to run ",*argv,": ");
}
int main(int argc,char * const *argv) {
const char *hostname;
int opt;
char *x;
unsigned long u;
int s;
int t;
int flagv4 = 1, flagv6 = 1, rc;
struct addrinfo *localai = NULL, hints = {0}, *ai;
while ((opt = getopt(argc,argv,"dDvqQhHrR1UXx:t:T:u:g:l:b:B:c:pPoO3IiEeSsw:nN46")) != opteof)
switch(opt) {
case 'b': scan_ulong(optarg,&backlog); break;
case 'c': scan_ulong(optarg,&limit); break;
case 'X': flagallownorules = 1; break;
case 'x': fnrules = optarg; break;
case 'B': banner = optarg; break;
case 'd': flagdelay = 1; break;
case 'D': flagdelay = 0; break;
case 'v': verbosity = 2; break;
case 'q': verbosity = 0; break;
case 'Q': verbosity = 1; break;
case 'P': flagparanoid = 0; break;
case 'p': flagparanoid = 1; break;
case 'O': flagkillopts = 1; break;
case 'o': flagkillopts = 0; break;
case 'H': flagremotehost = 0; break;
case 'h': flagremotehost = 1; break;
case 'R': flagremoteinfo = 0; break;
case 'r': flagremoteinfo = 1; break;
case 't': scan_ulong(optarg,&timeout); break;
case 'T': scan_ulong(optarg,&ssltimeout); break;
case 'w': scan_uint(optarg,&progtimeout); break;
case 'U': x = env_get("UID"); if (x) scan_ulong(x,&uid);
x = env_get("GID"); if (x) scan_ulong(x,&gid); break;
case 'u': scan_ulong(optarg,&uid); break;
case 'g': scan_ulong(optarg,&gid); break;
case '1': flag1 = 1; break;
case 'l': localhost = optarg; break;
case '3': flag3 = 1; break;
case 'I': flagclientcert = 0; break;
case 'i': flagclientcert = 1; break;
case 'S': flagsslenv = 0; break;
case 's': flagsslenv = 1; break;
case 'E': flagtcpenv = 0; break;
case 'e': flagtcpenv = 1; break;
case 'n': flagsslwait = 1; break;
case 'N': flagsslwait = 0; break;
case '4': flagv6 = 0; break;
case '6': flagv4 = 0; break;
default: usage();
}
if (flagv4 == flagv6) { flagv4 = flagv6 = 1; }
argc -= optind;
argv += optind;
if (!verbosity)
buffer_2->fd = -1;
hostname = *argv++;
if (!hostname) usage();
if (str_equal(hostname,"")) hostname = NULL;
if (str_equal(hostname,"0")) hostname = NULL;
x = *argv++;
if (!x) usage();
prog = argv;
if (!*argv) usage();
hints.ai_family = flagv4 == flagv6 ? AF_UNSPEC : flagv4 ? AF_INET : AF_INET6;
hints.ai_socktype = SOCK_STREAM;
hints.ai_flags = AI_PASSIVE;
if ((rc = getaddrinfo(hostname, x, &hints, &localai))) {
strerr_die(111,FATAL "unable to figure out address for ", hostname ? hostname : "0",
" ",x,": ",gai_strerror(rc),0);
}
if (!localai) {
strerr_die2x(111,FATAL,"address not found");
}
if (x = env_get("VERIFYDEPTH")) {
scan_ulong(x,&u);
verifydepth = u;
}
if (x = env_get("CAFILE")) cafile = x;
if (cafile && str_equal(cafile,"")) cafile = 0;
if (x = env_get("CCAFILE")) ccafile = x;
if (ccafile && str_equal(ccafile,"")) ccafile = 0;
if (!flagclientcert) ccafile = 0;
if (x = env_get("CADIR")) cadir = x;
if (cadir && str_equal(cadir,"")) cadir= 0;
if (x = env_get("CERTCHAINFILE")) certchainfile = x;
if (certchainfile && str_equal(certchainfile,"")) certchainfile = 0;
if (x = env_get("CERTFILE")) certfile = x;
if (certfile && str_equal(certfile,"")) certfile = 0;
if (x = env_get("KEYFILE")) keyfile = x;
if (keyfile && str_equal(keyfile,"")) keyfile = 0;
if (x = env_get("DHFILE")) dhfile = x;
if (dhfile && str_equal(dhfile,"")) dhfile = 0;
if (x = env_get("CIPHERS")) ciphers = x;
if (ciphers && str_equal(ciphers,"")) ciphers = 0;
sig_block(sig_child);
sig_catch(sig_child,sigchld);
sig_catch(sig_term,sigterm);
sig_ignore(sig_pipe);
for (ai = localai; ai; ai = ai->ai_next) {
s = socket_tcp(ai->ai_family, ai->ai_protocol);
if (s == -1)
strerr_die2sys(111,FATAL,"unable to create socket: ");
if (socket_bind_reuse(s,ai) == -1)
strerr_die2sys(111,FATAL,"unable to bind: ");
if (socket_local(s,&localaddr,&localport) == -1)
strerr_die2sys(111,FATAL,"unable to get local address: ");
if (socket_listen(s,backlog) == -1)
strerr_die2sys(111,FATAL,"unable to listen: ");
break;
}
freeaddrinfo(localai); localai = NULL;
ndelay_off(s);
localportstr[fmt_ulong(localportstr,localport)] = 0;
if (flag1) {
buffer_init(&b,buffer_unixwrite,1,bspace,sizeof bspace);
buffer_puts(&b,localportstr);
buffer_puts(&b,"\n");
buffer_flush(&b);
}
if (flag3) read_passwd();
ctx = ssl_server();
ssl_errstr();
if (!ctx) strerr_die2x(111,FATAL,"unable to create SSL context");
if (certchainfile) {
switch (ssl_chainfile(ctx,certchainfile,keyfile,passwd_cb)) {
case -1: strerr_die2x(111,FATAL,"unable to load certificate chain file");
case -2: strerr_die2x(111,FATAL,"unable to load key");
case -3: strerr_die2x(111,FATAL,"key does not match certificate");
default: break;
}
}
else {
switch (ssl_certkey(ctx,certfile,keyfile,passwd_cb)) {
case -1: strerr_die2x(111,FATAL,"unable to load certificate");
case -2: strerr_die2x(111,FATAL,"unable to load key");
case -3: strerr_die2x(111,FATAL,"key does not match certificate");
default: break;
}
}
if (!ssl_ca(ctx,cafile,cadir,verifydepth))
strerr_die2x(111,FATAL,"unable to load CA list");
if (!ssl_cca(ctx,ccafile))
strerr_die2x(111,FATAL,"unable to load client CA list");
if (!ssl_params(ctx,dhfile,rsalen))
strerr_die2x(111,FATAL,"unable to set DH/RSA parameters");
if (!ssl_ciphers(ctx,ciphers))
strerr_die2x(111,FATAL,"unable to set cipher list");
if (verbosity >= 2) {
strnum[fmt_ulong(strnum,getpid())] = 0;
strnum2[fmt_ulong(strnum2,rsalen)] = 0;
strerr_warn4("sslserver: cafile ",strnum," ",cafile,0);
strerr_warn4("sslserver: ccafile ",strnum," ",ccafile,0);
strerr_warn4("sslserver: cadir ",strnum," ",cadir,0);
strerr_warn4("sslserver: chainfile ",strnum," ",certchainfile,0);
strerr_warn4("sslserver: cert ",strnum," ",certfile,0);
strerr_warn4("sslserver: key ",strnum," ",keyfile,0);
strerr_warn6("sslserver: param ",strnum," ",dhfile," ",strnum2,0);
}
close(0); open_read("/dev/null");
close(1); open_append("/dev/null");
printstatus();
for (;;) {
while (numchildren >= limit) sig_pause();
sig_unblock(sig_child);
t = socket_accept(s,&remoteaddr,&remoteport);
sig_block(sig_child);
if (t == -1) continue;
++numchildren; printstatus();
switch(fork()) {
case 0:
close(s);
doit(t);
strerr_die4sys(111,DROP,"unable to run ",*argv,": ");
case -1:
strerr_warn2(DROP,"unable to fork: ",&strerr_sys);
--numchildren; printstatus();
}
close(t);
}
}
int
main (int argc, char * const argv[])
{
PROG = "aa-kill";
for (;;)
{
struct option longopts[] = {
{ "double-output", no_argument, NULL, 'D' },
{ "help", no_argument, NULL, 'h' },
{ "kill", no_argument, NULL, 'k' },
{ "skip-at", no_argument, NULL, 's' },
{ "term", no_argument, NULL, 't' },
{ "hup", no_argument, NULL, 'u' },
{ "version", no_argument, NULL, 'V' },
{ NULL, 0, 0, 0 }
};
int c;
c = getopt_long (argc, argv, "DhkstuV", longopts, NULL);
if (c == -1)
break;
switch (c)
{
case 'D':
aa_set_double_output (1);
break;
case 'h':
dieusage (0);
case 'k':
send.kill = 1;
break;
case 's':
send.skip_at = 1;
break;
case 't':
send.term = 1;
break;
case 'u':
send.hup = 1;
break;
case 'V':
aa_die_version ();
default:
dieusage (1);
}
}
argc -= optind;
argv += optind;
if (argc > 0 || (!send.hup && !send.term && !send.kill))
dieusage (1);
if (send.skip_at)
{
stralloc sa = STRALLOC_ZERO;
unsigned int u;
u = (unsigned int) getpid ();
ownpid[uint_fmt (ownpid, u)] = '\0';
if (!stralloc_catb (&sa, "/proc", sizeof ("/proc")))
aa_strerr_diefu1sys (1, "stralloc_catb");
if (aa_scan_dir (&sa, 0, it_kill, &sa) < 0)
aa_strerr_diefu1sys (1, "scan /proc");
stralloc_free (&sa);
}
else
{
if (send.hup)
{
sig_ignore (SIGHUP);
_kill (-1, SIGHUP);
}
if (send.term)
{
sig_ignore (SIGTERM);
_kill (-1, SIGTERM);
_kill (-1, SIGCONT);
}
if (send.kill)
_kill (-1, SIGKILL);
}
return 0;
}
int main (void)
{
stralloc indata = STRALLOC_ZERO ;
unsigned int instate = 0 ;
PROG = "s6-ftrigrd" ;
if (ndelay_on(0) < 0) strerr_diefu2sys(111, "ndelay_on ", "0") ;
if (ndelay_on(1) < 0) strerr_diefu2sys(111, "ndelay_on ", "1") ;
if (sig_ignore(SIGPIPE) < 0) strerr_diefu1sys(111, "ignore SIGPIPE") ;
{
struct taia deadline, stamp ;
taia_now(&stamp) ;
taia_addsec(&deadline, &stamp, 2) ;
if (!skaserver2_sync(&asyncout, FTRIGR_BANNER1, FTRIGR_BANNER1_LEN, FTRIGR_BANNER2, FTRIGR_BANNER2_LEN, &deadline, &stamp))
strerr_diefu1sys(111, "sync with client") ;
}
for (;;)
{
register unsigned int n = genalloc_len(ftrigio_t, &a) ;
iopause_fd x[3 + n] ;
unsigned int i = 0 ;
int r ;
x[0].fd = 0 ; x[0].events = IOPAUSE_EXCEPT | IOPAUSE_READ ;
x[1].fd = 1 ; x[1].events = IOPAUSE_EXCEPT | (bufalloc_len(bufalloc_1) ? IOPAUSE_WRITE : 0) ;
x[2].fd = bufalloc_fd(&asyncout) ; x[2].events = IOPAUSE_EXCEPT | (bufalloc_len(&asyncout) ? IOPAUSE_WRITE : 0) ;
for (; i < n ; i++)
{
register ftrigio_t_ref p = genalloc_s(ftrigio_t, &a) + i ;
p->xindex = 3 + i ;
x[3+i].fd = p->trig.fd ;
x[3+i].events = IOPAUSE_READ ;
}
r = iopause(x, 3 + n, 0, 0) ;
if (r < 0)
{
cleanup() ;
strerr_diefu1sys(111, "iopause") ;
}
/* client closed => exit */
if ((x[0].revents | x[1].revents) & IOPAUSE_EXCEPT) break ;
/* client reading => flush pending data */
if (x[1].revents & IOPAUSE_WRITE)
if ((bufalloc_flush(bufalloc_1) == -1) && !error_isagain(errno))
{
cleanup() ;
strerr_diefu1sys(111, "flush stdout") ;
}
if (x[2].revents & IOPAUSE_WRITE)
if ((bufalloc_flush(&asyncout) == -1) && !error_isagain(errno))
{
cleanup() ;
strerr_diefu1sys(111, "flush asyncout") ;
}
/* scan listening ftrigs */
for (i = 0 ; i < genalloc_len(ftrigio_t, &a) ; i++)
{
register ftrigio_t_ref p = genalloc_s(ftrigio_t, &a) + i ;
if (x[p->xindex].revents & IOPAUSE_READ)
{
char c ;
register int r = sanitize_read(fd_read(p->trig.fd, &c, 1)) ;
if (!r) continue ;
if (r < 0)
{
trig(p->id, 'd', errno) ;
remove(i--) ;
}
else if (!sredfa_feed(p->re, &p->dfastate, c))
{
trig(p->id, 'd', ENOEXEC) ;
remove(i--) ;
}
else if (p->dfastate & SREDFA_ACCEPT)
{
trig(p->id, '!', c) ;
if (p->options & FTRIGR_REPEAT)
p->dfastate = SREDFA_START ;
else remove(i--) ;
}
}
}
/* client writing => get data and parse it */
if (buffer_len(buffer_0small) || x[0].revents & IOPAUSE_READ)
{
int r ;
for (;;)
{
uint16 id ;
r = sanitize_read(netstring_get(buffer_0small, &indata, &instate)) ;
if (r <= 0) break ;
if (indata.len < 3)
{
cleanup() ;
strerr_dief1x(100, "invalid client request") ;
}
uint16_unpack_big(indata.s, &id) ;
switch (indata.s[2]) /* protocol parsing */
{
case 'U' : /* unsubscribe */
{
register unsigned int i = genalloc_len(ftrigio_t, &a) ;
for (; i ; i--) if (genalloc_s(ftrigio_t, &a)[i-1].id == id) break ;
if (i) remove(i-1) ;
answer(0) ;
break ;
}
case 'L' : /* subscribe to path and match re */
{
ftrigio_t f = FTRIGIO_ZERO ;
uint32 pathlen, relen ;
if (indata.len < 18)
{
answer(EPROTO) ;
break ;
}
uint32_unpack_big(indata.s + 3, &f.options) ;
uint32_unpack_big(indata.s + 7, &pathlen) ;
uint32_unpack_big(indata.s + 11, &relen) ;
if (((pathlen + relen + 16) != indata.len) || indata.s[15 + pathlen])
{
answer(EPROTO) ;
break ;
}
f.id = id ;
if (!stralloc_0(&indata))
{
answer(errno) ;
break ;
}
f.re = sredfa_new() ;
if (!f.re)
{
answer(errno) ;
break ;
}
if (!sredfa_from_regexp(f.re, indata.s + 16 + pathlen)
|| !ftrig1_make(&f.trig, indata.s + 15))
{
sredfa_delete(f.re) ;
answer(errno) ;
break ;
}
if (!genalloc_append(ftrigio_t, &a, &f))
{
ftrigio_deepfree(&f) ;
answer(errno) ;
break ;
}
answer(0) ;
break ;
}
default :
{
cleanup() ;
strerr_dief1x(100, "invalid client request") ;
}
}
indata.len = 0 ;
} /* end loop: parse input from client */
if (r < 0)
{
if (errno == EPIPE) break ; /* client closed */
else
{
cleanup() ;
strerr_diefu1sys(111, "read a netstring") ;
}
}
} /* end if: stuff to read on stdin */
} /* end loop: main iopause */
cleanup() ;
return 0 ;
}
int main(int argc,char **argv)
{
char *hostname;
// char *portname;
int opt;
struct servent *se;
char *x;
unsigned long u;
int s;
int t;
while ((opt = getopt(argc,argv,"4dDvqQhHrR1UXx:t:u:g:l:b:B:c:I:pPoO")) != opteof)
switch(opt) {
case 'b': scan_ulong(optarg,&backlog); break;
case 'c': scan_ulong(optarg,&limit); break;
case 'X': flagallownorules = 1; break;
case 'x': fnrules = optarg; break;
case 'B': banner = optarg; break;
case 'd': flagdelay = 1; break;
case 'D': flagdelay = 0; break;
case 'v': verbosity = 2; break;
case 'q': verbosity = 0; break;
case 'Q': verbosity = 1; break;
case 'P': flagparanoid = 0; break;
case 'p': flagparanoid = 1; break;
case 'O': flagkillopts = 1; break;
case 'o': flagkillopts = 0; break;
case 'H': flagremotehost = 0; break;
case 'h': flagremotehost = 1; break;
// case 'R': flagremoteinfo = 0; break;
case 'r': flagremoteinfo = 1; break;
case 't': scan_ulong(optarg,&timeout); break;
case 'U': x = env_get("UID"); if (x) scan_ulong(x,&uid);
x = env_get("GID"); if (x) scan_ulong(x,&gid); break;
case 'u': scan_ulong(optarg,&uid); break;
case 'g': scan_ulong(optarg,&gid); break;
case 'I': netif=socket_getifidx(optarg); break;
case '1': flag1 = 1; break;
// case '4': noipv6 = 1; break;
case '4': ipv4socket = 1; break;
// case '6': forcev6 = 1; break;
case 'l': localhost = optarg; break;
default: usage();
}
argc -= optind;
argv += optind;
if (!verbosity)
buffer_2->fd = -1;
hostname = *argv++;
if (!hostname) usage();
if (str_equal(hostname,"")) hostname = "0";
x = *argv++;
if (!x) usage();
if (!x[scan_ulong(x,&u)])
localport = u;
else {
se = getservbyname(x,"tcp");
if (!se)
errint(EHARD,B("unable to figure out port number for ",x));
uint16_unpack_big((char*)&se->s_port,&localport);
}
if (!*argv) usage();
sig_block(sig_child);
sig_catch(sig_child,sigchld);
sig_catch(sig_term,sigterm);
sig_ignore(sig_pipe);
if (str_equal(hostname,"0")) {
byte_zero(localip,sizeof localip);
} else {
if (!stralloc_copys(&tmp,hostname)) errmem;
if (dns_ip6_qualify(&addresses,&fqdn,&tmp) == -1)
errint(EHARD,B("temporarily unable to figure out IP address for ",hostname,": "));
if (addresses.len < 16)
errint(EHARD,B("no IP address for ",hostname));
byte_copy(localip,16,addresses.s);
if (ip6_isv4mapped(localip))
ipv4socket = 1;
}
s = socket_tcp();
if (s == -1)
errint(EHARD,"unable to create socket: ");
if (socket_bind_reuse(s,localip,localport,netif) == -1)
errint(EHARD,"unable to bind: ");
if (!ipv4socket) ipv4socket = ip6_isv4mapped(localip);
if (socket_local(s,localip,&localport,&netif) == -1)
errint(EHARD,"unable to get local address: ");
if (socket_listen(s,backlog) == -1)
errint(EHARD,"unable to listen: ");
ndelay_off(s);
if (gid) if (prot_gid(gid) == -1)
errint(EHARD,"unable to set gid: ");
if (uid) if (prot_uid(uid) == -1)
errint(EHARD,"unable to set uid: ");
localportstr[fmt_ulong(localportstr,localport)] = 0;
if (flag1) {
buffer_init(&b,write,1,bspace,sizeof bspace);
buffer_puts(&b,localportstr);
buffer_puts(&b,"\n");
buffer_flush(&b);
}
close(0);
close(1);
printstatus();
for (;;) {
while (numchildren >= limit) sig_pause();
sig_unblock(sig_child);
t = socket_accept(s,remoteip,&remoteport,&netif);
sig_block(sig_child);
if (t == -1) continue;
++numchildren; printstatus();
switch(fork()) {
case 0:
close(s);
doit(t);
if ((fd_move(0,t) == -1) || (fd_copy(1,0) == -1))
errint(EHARD,"unable to set up descriptors: ");
sig_uncatch(sig_child);
sig_unblock(sig_child);
sig_uncatch(sig_term);
sig_uncatch(sig_pipe);
pathexec(argv);
errint(EHARD,B("unable to run ",*argv,": "));
case -1:
errlog(ESOFT,NOTICE,"unable to fork: ");
--numchildren; printstatus();
}
close(t);
}
}
int main (int argc, char const *const *argv)
{
iopause_fd x[2] = { { -1, IOPAUSE_READ, 0 }, { -1, IOPAUSE_READ, 0 } } ;
PROG = "s6-svscan" ;
{
subgetopt_t l = SUBGETOPT_ZERO ;
unsigned int t = 5000 ;
for (;;)
{
register int opt = subgetopt_r(argc, argv, "t:c:", &l) ;
if (opt == -1) break ;
switch (opt)
{
case 't' : if (uint0_scan(l.arg, &t)) break ;
case 'c' : if (uint0_scan(l.arg, &max)) break ;
default : strerr_dieusage(100, USAGE) ;
}
}
argc -= l.ind ; argv += l.ind ;
if (t) tain_from_millisecs(&defaulttimeout, t) ;
else defaulttimeout = tain_infinite_relative ;
if (max < 2) max = 2 ;
}
/* Init phase.
If something fails here, we can die, because it means that
something is seriously wrong with the system, and we can't
run correctly anyway.
*/
if (argc && (chdir(argv[0]) < 0)) strerr_diefu1sys(111, "chdir") ;
x[1].fd = s6_supervise_lock(S6_SVSCAN_CTLDIR) ;
x[0].fd = selfpipe_init() ;
if (x[0].fd < 0) strerr_diefu1sys(111, "selfpipe_init") ;
if (sig_ignore(SIGPIPE) < 0) strerr_diefu1sys(111, "ignore SIGPIPE") ;
{
sigset_t set ;
sigemptyset(&set) ;
sigaddset(&set, SIGCHLD) ;
sigaddset(&set, SIGALRM) ;
sigaddset(&set, SIGTERM) ;
sigaddset(&set, SIGHUP) ;
sigaddset(&set, SIGQUIT) ;
sigaddset(&set, SIGABRT) ;
sigaddset(&set, SIGINT) ;
sigaddset(&set, SIGUSR1) ;
if (selfpipe_trapset(&set) < 0) strerr_diefu1sys(111, "trap signals") ;
}
{
struct svinfo_s blob[max] ; /* careful with that stack, Eugene */
services = blob ;
tain_now_g() ;
/* Loop phase.
From now on, we must not die.
Temporize on recoverable errors, and panic on serious ones. */
while (cont)
{
int r ;
tain_add_g(&deadline, &defaulttimeout) ;
reap() ;
scan() ;
killthem() ;
r = iopause_g(x, 2, &deadline) ;
if (r < 0) panic("iopause") ;
else if (!r) wantscan = 1 ;
else
{
if ((x[0].revents | x[1].revents) & IOPAUSE_EXCEPT)
{
errno = EIO ;
panic("check internal pipes") ;
}
if (x[0].revents & IOPAUSE_READ) handle_signals() ;
if (x[1].revents & IOPAUSE_READ) handle_control(x[1].fd) ;
}
}
/* Finish phase. */
selfpipe_finish() ;
killthem() ;
reap() ;
}
{
char const *eargv[3] = { FINISH_PROG, finish_arg, 0 } ;
execve(eargv[0], (char **)eargv, (char *const *)environ) ;
}
panicnosp("exec finish script " FINISH_PROG) ;
}
int main (int argc, char const *const *argv, char const *const *envp)
{
iopause_fd x[2] = { { -1, IOPAUSE_READ, 0 }, { -1, IOPAUSE_READ, 0 } } ;
struct taia deadline, tto ;
ftrigr_t a = FTRIGR_ZERO ;
int pid ;
uint16 id ;
PROG = "s6-ftrig-listen1" ;
{
unsigned int t = 0 ;
for (;;)
{
register int opt = subgetopt(argc, argv, "t:") ;
if (opt == -1) break ;
switch (opt)
{
case 't' : if (uint0_scan(subgetopt_here.arg, &t)) break ;
default : strerr_dieusage(100, USAGE) ;
}
}
if (t) taia_from_millisecs(&tto, t) ;
else tto = infinitetto ;
argc -= subgetopt_here.ind ; argv += subgetopt_here.ind ;
}
if (argc < 3) strerr_dieusage(100, USAGE) ;
taia_now_g() ;
taia_add_g(&deadline, &tto) ;
if (!ftrigr_startf_g(&a, &deadline)) strerr_diefu1sys(111, "ftrigr_startf") ;
id = ftrigr_subscribe_g(&a, argv[0], argv[1], 0, &deadline) ;
if (!id) strerr_diefu4sys(111, "subscribe to ", argv[0], " with regexp ", argv[1]) ;
x[0].fd = selfpipe_init() ;
if (x[0].fd < 0) strerr_diefu1sys(111, "selfpipe_init") ;
if (selfpipe_trap(SIGCHLD) < 0) strerr_diefu1sys(111, "selfpipe_trap") ;
if (sig_ignore(SIGPIPE) < 0) strerr_diefu1sys(111, "sig_ignore") ;
x[1].fd = ftrigr_fd(&a) ;
pid = fork() ;
switch (pid)
{
case -1 : strerr_diefu1sys(111, "fork") ;
case 0 :
{
PROG = "s6-ftrig-listen1 (child)" ;
pathexec_run(argv[2], argv+2, envp) ;
strerr_dieexec(111, argv[2]) ;
}
}
for (;;)
{
char dummy ;
register int r = ftrigr_check(&a, id, &dummy) ;
if (r < 0) strerr_diefu1sys(111, "ftrigr_check") ;
if (r) break ;
r = iopause_g(x, 2, &deadline) ;
if (r < 0) strerr_diefu1sys(111, "iopause") ;
else if (!r)
{
errno = ETIMEDOUT ;
strerr_diefu1sys(1, "get expected event") ;
}
if (x[0].revents & IOPAUSE_READ) handle_signals() ;
if (x[1].revents & IOPAUSE_READ)
{
if (ftrigr_update(&a) < 0) strerr_diefu1sys(111, "ftrigr_update") ;
}
}
return 0 ;
}
int main(int argc,char **argv)
{
char *hostname, *x;
int c, s, t;
unsigned int u;
unsigned int cpid = 0;
opterr = 0;
while ((c = getopt(argc, argv, "dDoOC:k:c:")) != -1)
switch (c) {
case 'c':
limit = atoi(optarg);
if (limit == 0) usage();
break;
case 'd': flagdelay = 1; break;
case 'D': flagdelay = 0; break;
case 'O': flagkillopts = 1; break;
case 'o': flagkillopts = 0; break;
case 'C': cacheprogram = 1; break;
case 'k':
autokill = atoi(optarg);
if (autokill == 0) usage();
break;
default: abort();
}
argc -= optind;
argv += optind;
hostname = *argv++;
if (!hostname) usage();
x = *argv++;
if (!x) usage();
u = 0;
u = atoi(x);
if (u != 0) localport = u;
else usage();
if (!*argv) usage();
sig_block(sig_child);
sig_catch(sig_child,sigchld);
sig_catch(sig_term,sigterm);
sig_catch(sig_int,sigint);
sig_ignore(sig_pipe);
inet_aton(hostname, (struct in_addr *) &localip);
if (autokill != 0) pt = ptable_init(limit);
s = socket_tcp();
if (s == -1) die(111, "unable to create socket");
if (socket_bind4_reuse(s,localip,localport) == -1) die(111, "unable to bind");
if (socket_local4(s,localip,&localport) == -1) die(111, "unable to get local address");
if (socket_listen(s,20) == -1) die(111, "unable to listen");
ndelay_off(s);
fprintf(stderr, "bind: %s:%d\n", hostname, localport);
close(0);
close(1);
printstatus();
if (cacheprogram) {
FILE *fp1;
int fp2;
char path[1024];
ssize_t n;
fp1 = popen(*argv, "r");
if (fp1 == NULL) {
fprintf(stderr, "Failed to run command\n");
exit(1);
}
fp2 = open("/var/tmp/tcpd.cache", O_RDWR | O_CREAT, S_IRUSR | S_IWUSR);
if (fp2 == -1) {
fprintf(stderr, "Can't open cache file\n");
exit(1);
}
while ((n = fgets(path, sizeof(path)-1, fp1)) != NULL) {
if (write(fp2, path, n) == n) {
fprintf(stderr, "Error occured while creating cache\n");
exit(1);
}
}
/* close */
pclose(fp1);
close(fp2);
// read cache file into memory
FILE *f = fopen("/var/tmp/tcpd.cache", "rb");
fseek(f, 0, SEEK_END);
cachesize = ftell(f);
fseek(f, 0, SEEK_SET); //same as rewind(f);
cache = malloc(cachesize + 1);
n = fread(cache, cachesize, 1, f);
fclose(f);
cache[cachesize] = 0;
}
for (;;) {
while (numchildren >= limit) {
if (autokill != 0) ptable_autokill(pt, limit, autokill);
sig_pause();
}
sig_unblock(sig_child);
t = socket_accept4(s,remoteip,&remoteport);
sig_block(sig_child);
if (t == -1) continue;
++numchildren; printstatus();
fprintf(stderr, "inbound connection from %d.%d.%d.%d:%d\n", (unsigned char) remoteip[0], (unsigned char) remoteip[1], (unsigned char) remoteip[2], (unsigned char) remoteip[3], remoteport);
if (autokill != 0) ptable_autokill(pt,limit,autokill);
cpid = fork();
switch(cpid) {
case 0:
close(s);
if(flagkillopts) socket_ipoptionskill(t);
if(!flagdelay) socket_tcpnodelay(t);
if((fd_move(0,t) == -1) || (fd_copy(1,0) == -1)) die(111,"unable to setup descriptors");
sig_uncatch(sig_child);
sig_unblock(sig_child);
sig_uncatch(sig_term);
sig_uncatch(sig_int);
sig_uncatch(sig_pipe);
if (cacheprogram) {
printf("%s", cache);
close(t);
exit(0);
} else {
if(execve(*argv,argv,NULL) == 0) {
close(t);
exit(0);
} else {
die(111, "unable to run argv");
}
}
break;
case -1:
// unable to fork
eprint(P_WARN,"unable to fork");
--numchildren; printstatus();
break;
default:
fprintf(stderr, "fork: child pid %d\n", cpid);
if (autokill != 0) ptable_set(pt, limit, cpid, time(NULL));
break;
}
close(t);
}
}
int main(int argc, char **argv) {
int opt;
char *user =0;
char *host;
unsigned long port;
int pid;
int s;
int conn;
int delim;
progname =*argv;
phccmax =0;
#ifdef SSLSVD
while ((opt =getopt(argc, (const char **)argv,
"c:C:i:x:u:l:Eb:hpt:vVU:/:Z:K:")) != opteof) {
#else
while ((opt =getopt(argc, (const char **)argv,
"c:C:i:x:u:l:Eb:hpt:vV")) != opteof) {
#endif
switch(opt) {
case 'c': scan_ulong(optarg, &cmax); if (cmax < 1) usage(); break;
case 'C':
delim =scan_ulong(optarg, &phccmax);
if (phccmax < 1) usage();
if (optarg[delim] == ':') {
if (ipsvd_fmt_msg(&msg, optarg +delim +1) == -1) die_nomem();
if (! stralloc_0(&msg)) die_nomem();
phccmsg =msg.s;
}
break;
case 'i': if (instructs) usage(); instructs =optarg; break;
case 'x': if (instructs) usage(); instructs =optarg; iscdb =1; break;
case 'u': user =(char*)optarg; break;
case 'l':
if (! stralloc_copys(&local_hostname, optarg)) die_nomem();
if (! stralloc_0(&local_hostname)) die_nomem();
break;
case 'E': ucspi =0; break;
case 'b': scan_ulong(optarg, &backlog); break;
case 'h': lookuphost =1; break;
case 'p': lookuphost =1; paranoid =1; break;
case 't': scan_ulong(optarg, &timeout); break;
case 'v': ++verbose; break;
#ifdef SSLSVD
case 'U': ssluser =(char*)optarg; break;
case '/': root =(char*)optarg; break;
case 'Z': cert =(char*)optarg; break;
case 'K': key =(char*)optarg; break;
#endif
case 'V': strerr_warn1(VERSION, 0);
case '?': usage();
}
}
argv +=optind;
if (! argv || ! *argv) usage();
host =*argv++;
if (! argv || ! *argv) usage();
local_port =*argv++;
if (! argv || ! *argv) usage();
prog =(const char **)argv;
if (phccmax > cmax) phccmax =cmax;
if (user)
if (! uidgids_get(&ugid, user)) {
if (errno)
strerr_die4sys(111, FATAL, "unable to get user/group: ", user, ": ");
strerr_die3x(100, FATAL, "unknown user/group: ", user);
}
#ifdef SSLSVD
svuser =user;
client =0;
if ((getuid() == 0) && (! ssluser))
strerr_die2x(100, FATAL, "-U ssluser must be set when running as root");
if (ssluser)
if (! uidgids_get(&sslugid, ssluser)) {
if (errno)
strerr_die4sys(111, FATAL, "unable to get user/group: ", ssluser, ": ");
strerr_die3x(100, FATAL, "unknown user/group: ", ssluser);
}
if (! cert) cert ="./cert.pem";
if (! key) key =cert;
if (matrixSslOpen() < 0) fatal("unable to initialize ssl");
if (matrixSslReadKeys(&keys, cert, key, 0, ca) < 0) {
if (client) fatal("unable to read cert, key, or ca file");
fatal("unable to read cert or key file");
}
if (matrixSslNewSession(&ssl, keys, 0, SSL_FLAGS_SERVER) < 0)
strerr_die2x(111, FATAL, "unable to create ssl session");
#endif
dns_random_init(seed);
sig_block(sig_child);
sig_catch(sig_child, sig_child_handler);
sig_catch(sig_term, sig_term_handler);
sig_ignore(sig_pipe);
if (phccmax) if (ipsvd_phcc_init(cmax) == -1) die_nomem();
if (str_equal(host, "")) host ="0.0.0.0";
if (str_equal(host, "0")) host ="0.0.0.0";
if (! ipsvd_scan_port(local_port, "tcp", &port))
strerr_die3x(100, FATAL, "unknown port number or name: ", local_port);
if (! stralloc_copys(&sa, host)) die_nomem();
if ((dns_ip4(&ips, &sa) == -1) || (ips.len < 4))
if (dns_ip4_qualify(&ips, &fqdn, &sa) == -1)
fatal2("unable to look up ip address", host);
if (ips.len < 4)
strerr_die3x(100, FATAL, "unable to look up ip address: ", host);
ips.len =4;
if (! stralloc_0(&ips)) die_nomem();
local_ip[ipsvd_fmt_ip(local_ip, ips.s)] =0;
if (! lookuphost) {
if (! stralloc_copys(&remote_hostname, "")) die_nomem();
if (! stralloc_0(&remote_hostname)) die_nomem();
}
if ((s =socket_tcp()) == -1) fatal("unable to create socket");
if (socket_bind4_reuse(s, ips.s, port) == -1)
fatal("unable to bind socket");
if (listen(s, backlog) == -1) fatal("unable to listen");
ndelay_off(s);
#ifdef SSLSVD
#else
if (user) {
/* drop permissions */
if (setgroups(ugid.gids, ugid.gid) == -1) fatal("unable to set groups");
if (setgid(*ugid.gid) == -1) fatal("unable to set gid");
if (prot_uid(ugid.uid) == -1) fatal("unable to set uid");
}
#endif
close(0);
if (verbose) {
out(INFO); out("listening on "); outfix(local_ip); out(":");
outfix(local_port);
#ifdef SSLSVD
#else
if (user) {
bufnum[fmt_ulong(bufnum, (unsigned long)ugid.uid)] =0;
out(", uid "); out(bufnum);
bufnum[fmt_ulong(bufnum, (unsigned long)ugid.gid)] =0;
out(", gid "); out(bufnum);
}
#endif
flush(", starting.\n");
}
for (;;) {
while (cnum >= cmax) sig_pause();
socka_size =sizeof(socka);
sig_unblock(sig_child);
conn =accept(s, (struct sockaddr *)&socka, &socka_size);
sig_block(sig_child);
if (conn == -1) {
if (errno != error_intr) warn("unable to accept connection");
continue;
}
cnum++;
if (verbose) connection_status();
if (phccmax) phcc =ipsvd_phcc_add((char*)&socka.sin_addr);
if ((pid =fork()) == -1) {
warn2("drop connection", "unable to fork");
close(conn);
continue;
}
if (pid == 0) {
/* child */
close(s);
#ifdef SSLSVD
if (*progname) *progname ='\\';
#endif
connection_accept(conn);
}
if (phccmax) ipsvd_phcc_setpid(pid);
close(conn);
}
_exit(0);
}