void snap_dump(char *filename, stralloc *sa)
{
dAVLCursor c;
dAVLNode *node;
char strip[IP6_FMT];
char strnum[FMT_ULONG];
int fd;
fd = open_trunc("filename");
if(fd == -1)
strerr_warn1(ARGV0 "warning: unable to open for tcp.tmp for writing", &strerr_sys);
buffer_init(&wb, write, fd, wbspace, sizeof wbspace);
node = dAVLFirst(&c, t);
while(node)
{
buffer_put(&wb, strnum, fmt_ulong(strnum, node->key));
buffer_puts(&wb, ",");
buffer_put(&wb, strip, ip4_fmt(strip, node->ip4));
buffer_puts(&wb, ",");
buffer_put(&wb, strip, ip6_fmt(strip, node->ip6));
buffer_puts(&wb, ",LOC\n");
node = dAVLNext(&c);
}
buffer_flush(&wb);
close(fd);
}
int main(int argc,char **argv)
{
int i;
dns_random_init(seed);
if (*argv) ++argv;
while (*argv) {
if (!stralloc_copys(&fqdn,*argv))
strerr_die2x(111,FATAL,"out of memory");
if (dns_ip4(&out,&fqdn) == -1)
strerr_die4sys(111,FATAL,"unable to find IP address for ",*argv,": ");
for (i = 0; i + 4 <= out.len; i += 4) {
buffer_put(buffer_1,str,ip4_fmt(str,out.s + i));
buffer_puts(buffer_1," ");
}
buffer_puts(buffer_1,"\n");
++argv;
}
buffer_flush(buffer_1);
_exit(0);
}
int main (int argc, char const *const *argv)
{
char fmt[IP6_FMT] ;
char ip[16] ;
unsigned int n ;
unsigned int i = 0 ;
unsigned int what = 0 ;
int finite = 0 ;
PROG = "s6-randomip" ;
for (;;)
{
register int opt = subgetopt(argc, argv, "46n:") ;
if (opt == -1) break ;
switch (opt)
{
case '4' : what |= 1 ; break ;
case '6' : what |= 2 ; break ;
case 'n' :
if (!uint0_scan(subgetopt_here.arg, &n)) dieusage() ;
finite = 1 ;
break ;
default : dieusage() ;
}
}
argc -= subgetopt_here.ind ; argv += subgetopt_here.ind ;
if (!what) what = 1 ;
what = 1 << (1 << what) ;
if (!badrandom_init()) strerr_diefu1sys(111, "init RNG") ;
for (i = 0 ; !finite || (i < n) ; i++)
{
unsigned int len = what ;
if (len > 16)
{
char c ;
if (badrandom_string(&c, 1) < 1)
strerr_diefu1sys(111, "badrandom_string") ;
len = (c & 1) ? 16 : 4 ;
}
if (badrandom_string(ip, len) < 4)
strerr_diefu1sys(111, "badrandom_string") ;
len = (len == 16) ? ip6_fmt(fmt, ip) : ip4_fmt(fmt, ip) ;
fmt[len++] = '\n' ;
if (buffer_put(buffer_1, fmt, len) < (int)len)
strerr_diefu1sys(111, "write to stdout") ;
}
if (!buffer_flush(buffer_1))
strerr_diefu1sys(111, "write to stdout") ;
return 0 ;
}
unsigned int ip6_fmt(char *s,const char ip[16])
{
unsigned int len;
unsigned int i;
unsigned int temp;
unsigned int compressing;
int j;
len = 0; compressing = 0;
for (j=0; j<16; j+=2) {
if (j==12 && ip6_isv4mapped(ip)) {
temp=ip4_fmt(s,ip+12);
len+=temp;
if (s) s+=temp;
break;
}
temp = ((unsigned long) (unsigned char) ip[j] << 8) +
(unsigned long) (unsigned char) ip[j+1];
if (temp == 0) {
if (!compressing) {
compressing=1;
if (j==0) {
if (s) *s++=':'; ++len;
}
}
} else {
if (compressing) {
compressing=0;
if (s) *s++=':'; ++len;
}
i = fmt_xlong(s,temp); len += i; if (s) s += i;
if (j<14) {
if (s) *s++ = ':';
++len;
}
}
}
/* if (s) *s=0; */
return len;
}
unsigned int ip6_compactaddr(char *s,char ip[16])
{
unsigned long len,temp, k, pos0 = 0,len0 = 0, pos1 = 0, compr = 0;
// const unsigned char V4mappedprefix[12] = {0,0,0,0,0,0,0,0,0,0,0xff,0xff};
for (k=0; k<16; k+=2) {
if (ip[k] == 0 && ip[k+1] == 0) {
if (!compr) {
compr=1;
pos1=k;
}
if (k == 14) { k = 16; goto last; }
} else if (compr) {
last:
if ((temp=k-pos1) > len0) {
len0 = temp;
pos0 = pos1;
}
compr=0;
}
}
for (len=0,k=0; k<16; k+=2) {
if (k == 12 && (byte_equal(ip,12,V4mappedprefix))) {
len += ip4_fmt(s,ip+12);
break;
}
if (pos0 == k && len0) {
if (k == 0) { ++len; if (s) *s++ = ':'; }
++len; if (s) *s++ = ':';
k += len0-2;
continue;
}
temp = ((unsigned long) (unsigned char) ip[k] << 8) +
(unsigned long) (unsigned char) ip[k+1];
temp = fmt_xlong(s,temp); len += temp; if (s) s += temp;
if (k<14) { ++len; if (s) *s++ = ':'; }
}
return len;
}
unsigned int fmt_ip6(char *s,const char ip[16])
{
unsigned long len,temp, k, pos0=0,len0=0, pos1=0, compr=0;
for (k=0; k<16; k+=2) {
if (ip[k]==0 && ip[k+1]==0) {
if (!compr) {
compr=1;
pos1=k;
}
if (k==14) { k=16; goto last; }
} else if (compr) {
last:
if ((temp=k-pos1) > len0) {
len0=temp;
pos0=pos1;
}
compr=0;
}
}
for (len=0,k=0; k<16; k+=2) {
if (k==12 && ip6_isv4mapped(ip)) {
len += ip4_fmt(s,ip+12);
break;
}
if (pos0==k && len0) {
if (k==0) { ++len; if (s) *s++ = ':'; }
++len; if (s) *s++ = ':';
k += len0-2;
continue;
}
temp = ((unsigned long) (unsigned char) ip[k] << 8) +
(unsigned long) (unsigned char) ip[k+1];
temp = fmt_xlong(s,temp); len += temp; if (s) s += temp;
if (k<14) { ++len; if (s) *s++ = ':'; }
}
return len;
}
int main(int argc,char* argv[]) {
static size_t x;
x=23;
atomic_add(&x,3);
printf("%u\n",x);
printf("%u\n",atomic_add_return(&x,-3));
printf("%u\n",compare_and_swap(&x,26,17));
printf("%u\n",compare_and_swap(&x,23,17));
#if 0
atomic_add(&x,3); printf("%u\n",x);
x=23;
atomic_add(&x,3); assert(x==26);
atomic_or(&x,1); assert(x==27);
atomic_and(&x,-2); assert(x==26);
#endif
#if 0
iarray a;
char* c;
iarray_init(&a,sizeof(io_entry));
printf("15 -> %p\n",c=iarray_allocate(&a,15));
printf("23 -> %p\n",c=iarray_allocate(&a,23));
printf("1234567 -> %p\n",c=iarray_allocate(&a,1234567));
printf("23 -> %p\n",iarray_get(&a,23));
#endif
#if 0
io_batch* b=iob_new(1234);
int64 fd=open("t.c",0);
iob_addbuf(b,"fnord",5);
iob_addfile_close(b,fd,0,7365);
iob_write(1,b,writecb);
#endif
#if 0
char dest[1024];
unsigned long len;
scan_urlencoded2("libstdc++.tar.gz",dest,&len);
buffer_putmflush(buffer_1,dest,"\n");
#endif
#if 0
static stralloc sa;
stralloc_copym(&sa,"foo ","bar ","baz.\n");
write(1,sa.s,sa.len);
#endif
#if 0
buffer_putmflush(buffer_1,"foo ","bar ","baz.\n");
#endif
#if 0
char* c="fnord";
int fd=open_read(c);
errmsg_iam(argv[0]);
carp("could not open file `",c,"'");
diesys(23,"could not open file `",c,"'");
#endif
#if 0
errmsg_warn("could not open file `",c,"'",0);
errmsg_warnsys("could not open file `",c,"'",0);
#endif
#if 0
char buf[100]="/usr/bin/sh";
int len=str_len(buf);
assert(byte_rchr(buf,len,'/')==8);
assert(byte_rchr(buf,len,'@')==len);
assert(byte_rchr(buf,len,'h')==len-1);
printf("%d\n",byte_rchr("x",1,'x'));
#endif
#if 0
char buf[IP6_FMT+100];
int i;
char ip[16];
uint32 scope_id;
char* s="fec0::1:220:e0ff:fe69:ad92%eth0/64";
char blubip[16]="\0\0\0\0\0\0\0\0\0\0\xff\xff\x7f\0\0\001";
i=scan_ip6if(s,ip,&scope_id);
assert(s[i]=='/');
buffer_put(buffer_1,buf,fmt_ip6if(buf,ip,scope_id));
buffer_putnlflush(buffer_1);
buffer_put(buffer_1,buf,fmt_ip6ifc(buf,blubip,scope_id));
buffer_putnlflush(buffer_1);
scan_ip6("2001:7d0:0:f015:0:0:0:1",ip);
buffer_put(buffer_1,buf,fmt_ip6(buf,ip));
buffer_putnlflush(buffer_1);
#endif
#if 0
char buf[100];
int i;
printf("%d\n",i=fmt_pad(buf,"fnord",5,7,10));
buf[i]=0;
puts(buf);
#endif
#if 0
char ip[16];
char buf[32];
printf("%d (expect 2)\n",scan_ip6("::",ip));
printf("%d (expect 3)\n",scan_ip6("::1",ip));
printf("%d (expect 16)\n",scan_ip6("fec0:0:0:ffff::1/0",ip));
printf("%.*s\n",fmt_ip6(buf,ip),buf);
#endif
#if 0
static stralloc s,t;
stralloc_copys(&s,"fnord");
stralloc_copys(&t,"abc"); printf("%d\n",stralloc_diff(&s,&t));
stralloc_copys(&t,"fnor"); printf("%d\n",stralloc_diff(&s,&t));
stralloc_copys(&t,"fnord"); printf("%d\n",stralloc_diff(&s,&t));
stralloc_copys(&t,"fnordh"); printf("%d\n",stralloc_diff(&s,&t));
stralloc_copys(&t,"hausen"); printf("%d\n",stralloc_diff(&s,&t));
#endif
#if 0
static stralloc s;
stralloc_copys(&s,"fnord");
printf("%d\n",stralloc_diffs(&s,"abc"));
printf("%d\n",stralloc_diffs(&s,"fnor"));
printf("%d\n",stralloc_diffs(&s,"fnord"));
printf("%d\n",stralloc_diffs(&s,"fnordh"));
printf("%d\n",stralloc_diffs(&s,"hausen"));
#endif
#if 0
printf("%d\n",case_starts("fnordhausen","FnOrD"));
printf("%d\n",case_starts("fnordhausen","blah"));
#endif
#if 0
char buf[]="FnOrD";
case_lowers(buf);
puts(buf);
#endif
#if 0
char buf[100]="foo bar baz";
printf("%d (expect 7)\n",byte_rchr(buf,11,' '));
#endif
#if 0
unsigned long size;
char* buf=mmap_read(argv[1],&size);
if (buf) {
unsigned int x=fmt_yenc(0,buf,size);
unsigned int y;
char* tmp=malloc(x+1);
y=fmt_yenc(tmp,buf,size);
write(1,tmp,x);
}
#endif
#if 0
char buf[100];
char buf2[100];
unsigned int len,len2;
buf[fmt_yenc(buf,"http://localhost/~fefe",22)]=0;
buffer_puts(buffer_1,buf);
buffer_putsflush(buffer_1,"\n");
if ((buf[len2=scan_yenc(buf,buf2,&len)])!='\n') {
buffer_putsflush(buffer_2,"parse error!\n");
return 1;
}
buffer_put(buffer_1,buf2,len2);
buffer_putsflush(buffer_1,"\n");
return 0;
#endif
#if 0
char buf[100];
char buf2[100];
unsigned int len,len2;
buf[fmt_base64(buf,"foo:bar",7)]=0;
buffer_puts(buffer_1,buf);
buffer_putsflush(buffer_1,"\n");
if ((buf[len2=scan_base64(buf,buf2,&len)])!=0) {
buffer_putsflush(buffer_2,"parse error!\n");
return 1;
}
buffer_put(buffer_1,buf2,len2);
buffer_putsflush(buffer_1,"\n");
return 0;
#endif
#if 0
unsigned long size;
char* buf=mmap_read(argv[1],&size);
if (buf) {
unsigned int x=fmt_uuencoded(0,buf,size);
unsigned int y;
char* tmp=malloc(x+1);
y=fmt_uuencoded(tmp,buf,size);
write(1,tmp,x);
}
#endif
#if 0
char buf[]="00000000000000000000000000000001";
char ip[16];
if (scan_ip6_flat(buf,ip) != str_len(buf))
buffer_putsflush(buffer_2,"parse error!\n");
#endif
#if 0
int fd=open_read("t.c");
buffer b;
char buf[1024];
char line[20];
int i;
buffer_init(&b,read,fd,buf,1024);
i=buffer_getline(&b,line,19);
buffer_puts(buffer_1,"getline returned ");
buffer_putulong(buffer_1,i);
buffer_puts(buffer_1,"\n");
buffer_puts(buffer_1,line);
buffer_flush(buffer_1);
#endif
#if 0
buffer_putulong(buffer_1,23);
// buffer_putspace(buffer_1);
buffer_putsflush(buffer_1,"\n");
// buffer_flush(buffer_1);
#endif
#if 0
long a,b,c;
char buf[4096];
char buf2[4096];
memcpy(buf,buf2,4096);
byte_copy(buf,4096,buf2);
rdtscl(a);
memcpy(buf,buf2,4096);
rdtscl(b);
byte_copy(buf,4096,buf2);
rdtscl(c);
printf("memcpy: %d - byte_copy: %d\n",b-a,c-b);
#endif
#if 0
char ip[16];
int i;
if ((i=scan_ip6(argv[1],ip))) {
char buf[128];
buf[fmt_ip6(buf,ip)]=0;
puts(buf);
}
#endif
#if 0
char buf[100];
strcpy(buf,"foobarbaz");
buf[fmt_fill(buf,3,5,100)]=0;
printf("\"%s\"\n",buf);
#endif
#if 0
unsigned long len;
char *c=mmap_read("/etc/passwd",&len);
printf("got map %p of len %lu\n",c,len);
#endif
#if 0
char c;
printf("%d\n",buffer_getc(buffer_0,&c));
printf("%c\n",c);
#endif
#if 0
char buf[100]="01234567890123456789012345678901234567890123456789";
long a,b,c;
#endif
#if 0
buf[ip4_fmt(buf,ip4loopback)]=0;
buffer_puts(buffer_1small,buf);
buffer_flush(buffer_1small);
#endif
#if 0
buf[0]=0;
buf[fmt_8long(buf,0)]=0;
puts(buf);
rdtscl(a);
c=str_len(buf);
rdtscl(b);
/*byte_zero_djb(buf,j); */
// printf("\n%lu %d\n",b-a,c);
#endif
#if 0
buffer_puts(buffer_1small,"hello, world\n");
buffer_flush(buffer_1small);
#endif
#if 0
int s=socket_tcp4();
char ip[4]={127,0,0,1};
int t=socket_connect4(s,ip,80);
#endif
#if 0
char buf[100]="foo bar baz fnord ";
char buf2[100]="foo braz fnord";
long a,b,c;
long i=0,j=0,k=0;
double d;
uint32 l,m,n;
stralloc sa={0};
stralloc_copys(&sa,"fnord");
stralloc_catlong0(&sa,-23,5);
stralloc_append(&sa,"\n");
printf("%d %d\n",str_equal("fnord","fnord1"),str_equal("fnord1","fnord"));
write(1,sa.s,sa.len);
printf("%d %d\n",stralloc_starts(&sa,"fnord"),stralloc_starts(&sa,"fnord\na"));
l=0xdeadbeef;
uint32_pack_big((char*)&m,l);
uint32_unpack_big((char*)&m,&n);
printf("%x %x %x\n",l,m,n);
rdtscl(a);
/* i=scan_double("3.1415",&d); */
rdtscl(b);
/*byte_zero_djb(buf,j); */
rdtscl(c);
printf("%lu %lu\n",b-a,c-b);
#endif
#if 0
size_t size;
char* buf=mmap_read(argv[1],&size);
if (buf) {
unsigned int x=fmt_urlencoded2(0,buf,size,"x");
unsigned int y;
char* tmp=malloc(x+1);
y=fmt_urlencoded2(tmp,buf,size,"x");
write(1,tmp,x);
}
#endif
#if 0
printf("%d %d\n",strcmp("foo","bar"),str_diff("foo","bar"));
printf("%d %d\n",strcmp("foo","üar"),str_diff("foo","üar"));
#endif
#if 0
{
int16 a;
int32 b;
int64 c;
assert(imult16(4,10000,&a)==0);
assert(imult16(-4,10000,&a)==0);
assert(imult16(5,10,&a)==1 && a==50);
assert(imult16(-3,10000,&a)==1 && a==-30000);
assert(imult32(0x40000000,2,&b)==0);
assert(imult32(0x3fffffff,2,&b)==1 && b==0x7ffffffe);
assert(imult64(0x4000000000000000ll,2,&c)==0);
assert(imult64(0x3fffffffffffffffll,2,&c)==1 && c==0x7ffffffffffffffell);
}
#endif
#if 0
stralloc a;
printf("%d\n",stralloc_copym(&a,"fnord",", ","foo"));
#endif
return 0;
}
void doit(int t) {
int fakev4=0;
int j;
SSL *ssl;
int wstat;
uint32 scope_id;
int sslctl[2];
char *s;
unsigned long tmp_long;
char sslctl_cmd;
stralloc ssl_env = { 0 };
buffer ssl_env_buf;
if (pipe(pi) == -1) strerr_die2sys(111,DROP,"unable to create pipe: ");
if (pipe(po) == -1) strerr_die2sys(111,DROP,"unable to create pipe: ");
if (socketpair(AF_UNIX, SOCK_STREAM, 0, sslctl) == -1) strerr_die2sys(111,DROP,"unable to create socketpair: ");
switch(fork()) {
case -1:
strerr_die2sys(111,DROP,"unable to fork: ");
case 0:
/* Child */
break;
default:
/* Parent */
close(pi[0]); close(po[1]); close(sslctl[1]);
if ((s=env_get("SSL_CHROOT")))
if (chroot(s) == -1)
strerr_die2x(111,DROPSSL,"unable to chroot");
if ((s=env_get("SSL_GID"))) {
scan_ulong(s,&tmp_long);
gid = tmp_long;
}
if (gid) if (prot_gid(gid) == -1) strerr_die2sys(111,DROPSSL,"unable to set gid: ");
if ((s=env_get("SSL_UID"))) {
scan_ulong(s,&tmp_long);
uid = tmp_long;
}
if (uid) if (prot_uid(uid) == -1)
strerr_die2sys(111,DROPSSL,"unable to set uid: ");
/* This will exit on a fatal error or if the client quits
* without activating SSL
*/
sslctl_cmd = ucspitls_master_wait_for_activation(sslctl[0]);
/* If we got here, SSL must have been activated */
ssl = ssl_new(ctx,t);
if (!ssl) strerr_die2x(111,DROP,"unable to create SSL instance");
if (ndelay_on(t) == -1)
strerr_die2sys(111,DROP,"unable to set socket options: ");
if (ssl_timeoutaccept(ssl,ssltimeout) == -1)
strerr_die3x(111,DROP,"unable to accept SSL: ",ssl_error_str(ssl_errno));
if (verbosity >= 2) {
strnum[fmt_ulong(strnum,getpid())] = 0;
strerr_warn3("sslserver: ssl ",strnum," accept ",0);
}
if (flagclientcert) {
switch(ssl_verify(ssl,verifyhost)) {
case -1:
strerr_die2x(111,DROP,"unable to verify client certificate");
case -2:
strerr_die2x(111,DROP,"no client certificate");
case -3:
strerr_die2x(111,DROP,"client name does not match certificate");
default: break;
}
}
if (sslctl_cmd == 'Y') {
ssl_server_env(ssl, &ssl_env);
stralloc_0(&ssl_env); /* Add another NUL */
buffer_init(&ssl_env_buf,buffer_unixwrite,sslctl[0],NULL,0);
if (buffer_putflush(&ssl_env_buf, ssl_env.s, ssl_env.len) == -1) {
strerr_die2sys(111, FATAL, "unable to write SSL environment: ");
}
} else if (sslctl_cmd != 'y') {
strerr_die2x(111,DROP,"Protocol error on SSL control descriptor: invalid command character read");
}
if (close(sslctl[0]) != 0) {
strerr_die2sys(111, DROP, "Error closing SSL control socket: ");
}
if (ssl_io(ssl,pi[1],po[0],io_opt) != 0)
strerr_die3x(111,DROP,"unable to speak SSL: ",ssl_error_str(ssl_errno));
if (wait_nohang(&wstat) > 0)
_exit(wait_exitcode(wstat));
ssl_close(ssl);
_exit(0);
}
/* Child-only below this point */
if (close(sslctl[0]) != 0) {
strerr_die2sys(111, DROP, "Error closing SSL control socket: ");
}
if (!forcev6 && ip6_isv4mapped(remoteip))
fakev4=1;
if (fakev4)
remoteipstr[ip4_fmt(remoteipstr,remoteip+12)] = 0;
else
remoteipstr[ip6_fmt(remoteipstr,remoteip)] = 0;
if (verbosity >= 2) {
strnum[fmt_ulong(strnum,getpid())] = 0;
strerr_warn4("sslserver: pid ",strnum," from ",remoteipstr,0);
}
if (socket_local6(t,localip,&localport,&scope_id) == -1)
strerr_die2sys(111,DROP,"unable to get local address: ");
if (fakev4)
localipstr[ip4_fmt(localipstr,localip+12)] = 0;
else
localipstr[ip6_fmt(localipstr,localip)] = 0;
remoteportstr[fmt_ulong(remoteportstr,remoteport)] = 0;
if (!localhost)
if (dns_name6(&localhostsa,localip) == 0)
if (localhostsa.len) {
if (!stralloc_0(&localhostsa)) drop_nomem();
localhost = localhostsa.s;
}
env("PROTO",fakev4?"SSL":"SSL6");
env("SSLLOCALIP",localipstr);
env("SSL6LOCALIP",localipstr);
env("SSLLOCALPORT",localportstr);
env("SSL6LOCALPORT",localportstr);
env("SSLLOCALHOST",localhost);
env("SSL6LOCALHOST",localhost);
if (!fakev4 && scope_id)
env("SSL6INTERFACE",socket_getifname(scope_id));
if (flagtcpenv) {
env("TCPLOCALIP",localipstr);
env("TCP6LOCALIP",localipstr);
env("TCPLOCALPORT",localportstr);
env("TCP6LOCALPORT",localportstr);
env("TCPLOCALHOST",localhost);
env("TCP6LOCALHOST",localhost);
if (!fakev4 && scope_id)
env("TCP6INTERFACE",socket_getifname(scope_id));
}
if (flagremotehost)
if (dns_name6(&remotehostsa,remoteip) == 0)
if (remotehostsa.len) {
if (flagparanoid) {
verifyhost = remoteipstr;
if (dns_ip6(&tmp,&remotehostsa) == 0)
for (j = 0;j + 16 <= tmp.len;j += 16)
if (byte_equal(remoteip,16,tmp.s + j)) {
flagparanoid = 0;
break;
}
}
if (!flagparanoid) {
if (!stralloc_0(&remotehostsa)) drop_nomem();
remotehost = remotehostsa.s;
verifyhost = remotehostsa.s;
}
}
env("SSLREMOTEIP",remoteipstr);
env("SSL6REMOTEIP",remoteipstr);
remoteipstr[ip6_fmt(remoteipstr,remoteip)]=0;
env("SSLREMOTEPORT",remoteportstr);
env("SSL6REMOTEPORT",remoteportstr);
env("SSLREMOTEHOST",remotehost);
env("SSL6REMOTEHOST",remotehost);
if (flagtcpenv) {
env("TCPREMOTEIP",remoteipstr);
env("TCP6REMOTEIP",remoteipstr);
env("TCPREMOTEPORT",remoteportstr);
env("TCP6REMOTEPORT",remoteportstr);
env("TCPREMOTEHOST",remotehost);
env("TCP6REMOTEHOST",remotehost);
}
if (flagremoteinfo) {
if (remoteinfo6(&tcpremoteinfo,remoteip,remoteport,localip,localport,timeout,netif) == -1)
flagremoteinfo = 0;
if (!stralloc_0(&tcpremoteinfo)) drop_nomem();
}
env("SSLREMOTEINFO",flagremoteinfo ? tcpremoteinfo.s : 0);
env("SSL6REMOTEINFO",flagremoteinfo ? tcpremoteinfo.s : 0);
if (flagtcpenv) {
env("TCPREMOTEINFO",flagremoteinfo ? tcpremoteinfo.s : 0);
env("TCP6REMOTEINFO",flagremoteinfo ? tcpremoteinfo.s : 0);
}
if (fnrules) {
int fdrules;
fdrules = open_read(fnrules);
if (fdrules == -1) {
if (errno != error_noent) drop_rules();
if (!flagallownorules) drop_rules();
}
else {
int fakev4=0;
char* temp;
if (!forcev6 && ip6_isv4mapped(remoteip))
fakev4=1;
if (fakev4)
temp=remoteipstr+7;
else
temp=remoteipstr;
if (rules(found,fdrules,temp,remotehost,flagremoteinfo ? tcpremoteinfo.s : 0) == -1) drop_rules();
close(fdrules);
}
}
if (verbosity >= 2) {
strnum[fmt_ulong(strnum,getpid())] = 0;
if (!stralloc_copys(&tmp,"sslserver: ")) drop_nomem();
safecats(flagdeny ? "deny" : "ok");
cats(" "); safecats(strnum);
cats(" "); if (localhost) safecats(localhost);
cats(":"); safecats(localipstr);
cats(":"); safecats(localportstr);
cats(" "); if (remotehost) safecats(remotehost);
cats(":"); safecats(remoteipstr);
cats(":"); if (flagremoteinfo) safecats(tcpremoteinfo.s);
cats(":"); safecats(remoteportstr);
cats("\n");
buffer_putflush(buffer_2,tmp.s,tmp.len);
}
if (flagdeny) _exit(100);
if (gid) if (prot_gid(gid) == -1)
strerr_die2sys(111,FATAL,"unable to set gid: ");
if (uid) if (prot_uid(uid) == -1)
strerr_die2sys(111,FATAL,"unable to set uid: ");
close(pi[1]); close(po[0]);
sig_uncatch(sig_child);
sig_unblock(sig_child);
sig_uncatch(sig_term);
sig_uncatch(sig_pipe);
if (fcntl(sslctl[1],F_SETFD,0) == -1)
strerr_die2sys(111,FATAL,"unable to clear close-on-exec flag");
strnum[fmt_ulong(strnum,sslctl[1])]=0;
setenv("SSLCTLFD",strnum,1);
if (fcntl(pi[0],F_SETFD,0) == -1)
strerr_die2sys(111,FATAL,"unable to clear close-on-exec flag");
strnum[fmt_ulong(strnum,pi[0])]=0;
setenv("SSLREADFD",strnum,1);
if (fcntl(po[1],F_SETFD,0) == -1)
strerr_die2sys(111,FATAL,"unable to clear close-on-exec flag");
strnum[fmt_ulong(strnum,po[1])]=0;
setenv("SSLWRITEFD",strnum,1);
if (flagsslwait) {
if (fd_copy(0,t) == -1)
strerr_die2sys(111,DROP,"unable to set up descriptor 0: ");
if (fd_copy(1,t) == -1)
strerr_die2sys(111,DROP,"unable to set up descriptor 1: ");
} else {
if (fd_move(0,pi[0]) == -1)
strerr_die2sys(111,DROP,"unable to set up descriptor 0: ");
if (fd_move(1,po[1]) == -1)
strerr_die2sys(111,DROP,"unable to set up descriptor 1: ");
}
if (flagkillopts)
socket_ipoptionskill(t);
if (!flagdelay)
socket_tcpnodelay(t);
if (*banner) {
buffer_init(&b,buffer_unixwrite,1,bspace,sizeof bspace);
if (buffer_putsflush(&b,banner) == -1)
strerr_die2sys(111,DROP,"unable to print banner: ");
}
if (!flagsslwait) {
strnum[fmt_ulong(strnum,flagsslenv)] = 0;
strerr_warn2("flagsslenv: ", strnum, 0);
ucspitls(flagsslenv,0,1);
}
pathexec(prog);
strerr_die4sys(111,DROP,"unable to run ",*prog,": ");
}
int main(int argc,char **argv)
{
unsigned long ttl;
struct stat st;
int i;
int j;
int k;
char ch;
if (!*argv) die_usage();
if (!*++argv) die_usage();
fn = *argv;
if (!*++argv) die_usage();
fnnew = *argv;
if (!*++argv) die_usage();
if (str_diff(*argv,"add")) die_usage();
if (!*++argv) die_usage();
if (str_equal(*argv,"ns")) mode = '.';
else if (str_equal(*argv,"childns")) mode = '&';
else if (str_equal(*argv,"host")) mode = '=';
else if (str_equal(*argv,"host6")) mode = '6';
else if (str_equal(*argv,"alias")) mode = '+';
else if (str_equal(*argv,"alias6")) mode = '3';
else if (str_equal(*argv,"mx")) mode = '@';
else die_usage();
if (!*++argv) die_usage();
if (!dns_domain_fromdot(&target,*argv,str_len(*argv))) nomem();
if (!*++argv) die_usage();
if (mode == '6' || mode == '3') {
if (!ip6_scan(*argv,targetip6)) die_usage();
} else {
if (!ip4_scan(*argv,targetip)) die_usage();
}
umask(077);
fd = open_read(fn);
if (fd == -1) die_read();
if (fstat(fd,&st) == -1) die_read();
buffer_init(&b,buffer_unixread,fd,bspace,sizeof bspace);
fdnew = open_trunc(fnnew);
if (fdnew == -1) die_write();
if (fchmod(fdnew,st.st_mode & 0644) == -1) die_write();
buffer_init(&bnew,buffer_unixwrite,fdnew,bnewspace,sizeof bnewspace);
switch(mode) {
case '.': case '&':
ttl = TTL_NS;
for (i = 0;i < 26;++i) {
ch = 'a' + i;
if (!stralloc_copyb(&f[0],&ch,1)) nomem();
if (!stralloc_cats(&f[0],".ns.")) nomem();
if (!dns_domain_todot_cat(&f[0],target)) nomem();
if (!dns_domain_fromdot(&names[i],f[0].s,f[0].len)) nomem();
}
break;
case '+': case '=': case '6': case '3':
ttl = TTL_POSITIVE;
break;
case '@':
ttl = TTL_POSITIVE;
for (i = 0;i < 26;++i) {
ch = 'a' + i;
if (!stralloc_copyb(&f[0],&ch,1)) nomem();
if (!stralloc_cats(&f[0],".mx.")) nomem();
if (!dns_domain_todot_cat(&f[0],target)) nomem();
if (!dns_domain_fromdot(&names[i],f[0].s,f[0].len)) nomem();
}
break;
}
while (match) {
if (getln(&b,&line,&match,'\n') == -1) die_read();
put(line.s,line.len);
if (line.len && !match) put("\n",1);
while (line.len) {
ch = line.s[line.len - 1];
if ((ch != ' ') && (ch != '\t') && (ch != '\n')) break;
--line.len;
}
if (!line.len) continue;
if (line.s[0] == '#') continue;
j = 1;
for (i = 0;i < NUMFIELDS;++i) {
if (j >= line.len) {
if (!stralloc_copys(&f[i],"")) nomem();
}
else {
k = byte_chr(line.s + j,line.len - j,':');
if (!stralloc_copyb(&f[i],line.s + j,k)) nomem();
j += k + 1;
}
}
switch(mode) {
case '.': case '&':
if (line.s[0] == mode) {
if (!dns_domain_fromdot(&d1,f[0].s,f[0].len)) nomem();
if (dns_domain_equal(d1,target)) {
if (byte_chr(f[2].s,f[2].len,'.') >= f[2].len) {
if (!stralloc_cats(&f[2],".ns.")) nomem();
if (!stralloc_catb(&f[2],f[0].s,f[0].len)) nomem();
}
if (!dns_domain_fromdot(&d2,f[2].s,f[2].len)) nomem();
if (!stralloc_0(&f[3])) nomem();
if (!scan_ulong(f[3].s,&ttl)) ttl = TTL_NS;
for (i = 0;i < 26;++i)
if (dns_domain_equal(d2,names[i])) {
used[i] = 1;
break;
}
}
}
break;
case '=':
if (line.s[0] == '=') {
if (!dns_domain_fromdot(&d1,f[0].s,f[0].len)) nomem();
if (dns_domain_equal(d1,target))
strerr_die2x(100,FATAL,"host name already used");
if (!stralloc_0(&f[1])) nomem();
if (ip4_scan(f[1].s,ip))
if (byte_equal(ip,4,targetip))
strerr_die2x(100,FATAL,"IP address already used");
}
break;
case '6':
if (line.s[0] == '6') {
if (!dns_domain_fromdot(&d1,f[0].s,f[0].len)) nomem();
if (dns_domain_equal(d1,target))
strerr_die2x(100,FATAL,"host name already used");
if (!stralloc_0(&f[1])) nomem();
if (ip6_scan(f[1].s,ip6))
if (byte_equal(ip,16,targetip6))
strerr_die2x(100,FATAL,"IPv6 address already used");
}
break;
case '@':
if (line.s[0] == '@') {
if (!dns_domain_fromdot(&d1,f[0].s,f[0].len)) nomem();
if (dns_domain_equal(d1,target)) {
if (byte_chr(f[2].s,f[2].len,'.') >= f[2].len) {
if (!stralloc_cats(&f[2],".mx.")) nomem();
if (!stralloc_catb(&f[2],f[0].s,f[0].len)) nomem();
}
if (!dns_domain_fromdot(&d2,f[2].s,f[2].len)) nomem();
if (!stralloc_0(&f[4])) nomem();
if (!scan_ulong(f[4].s,&ttl)) ttl = TTL_POSITIVE;
for (i = 0;i < 26;++i)
if (dns_domain_equal(d2,names[i])) {
used[i] = 1;
break;
}
}
}
break;
}
}
if (!stralloc_copyb(&f[0],&mode,1)) nomem();
if (!dns_domain_todot_cat(&f[0],target)) nomem();
if (!stralloc_cats(&f[0],":")) nomem();
if (mode == '6' || mode == '3') {
if (!stralloc_catb(&f[0],ip6str,ip6_fmt_flat(ip6str,targetip6))) nomem();
} else {
if (!stralloc_catb(&f[0],ipstr,ip4_fmt(ipstr,targetip))) nomem();
}
switch(mode) {
case '.': case '&': case '@':
for (i = 0;i < 26;++i)
if (!used[i])
break;
if (i >= 26)
strerr_die2x(100,FATAL,"too many records for that domain");
ch = 'a' + i;
if (!stralloc_cats(&f[0],":")) nomem();
if (!stralloc_catb(&f[0],&ch,1)) nomem();
if (mode == '@')
if (!stralloc_cats(&f[0],":")) nomem();
break;
}
if (!stralloc_cats(&f[0],":")) nomem();
if (!stralloc_catb(&f[0],strnum,fmt_ulong(strnum,ttl))) nomem();
if (!stralloc_cats(&f[0],"\n")) nomem();
put(f[0].s,f[0].len);
if (buffer_flush(&bnew) == -1) die_write();
if (fsync(fdnew) == -1) die_write();
if (close(fdnew) == -1) die_write(); /* NFS dorks */
if (rename(fnnew,fn) == -1)
strerr_die6sys(111,FATAL,"unable to move ",fnnew," to ",fn,": ");
_exit(0);
}
int
main (int argc, char *argv[])
{
char ch = 0;
struct stat st;
unsigned long ttl = 0;
unsigned i = 0, j = 0, k = 0;
prog = strdup ((d1 = strrchr (argv[0], '/')) != NULL ? d1 + 1 : argv[0]);
i = check_option (argc, argv);
argv += i;
argc -= i;
d1 = NULL;
if (argc < 6)
{
usage ();
return -1;
}
fn = *argv;
argv++;
fnnew = *argv;
argv++;
if (str_diff (*argv, "add"))
{
usage ();
return -1;
}
argv++;
if (str_equal (*argv, "ns"))
mode = '.';
else if (str_equal (*argv, "childns"))
mode = '&';
else if (str_equal (*argv, "host"))
mode = '=';
else if (str_equal (*argv, "alias"))
mode = '+';
else if (str_equal (*argv, "mx"))
mode = '@';
else
errx (-1, "invalid record type `%s'", *argv);
argv++;
if (!dns_domain_fromdot (&target, *argv, str_len (*argv)))
err (-1, "could not allocate enough memory");
argv++;
if (!ip4_scan (*argv, targetip))
errx (-1, "could not parse IP `%s'", *argv);
umask(077);
fd = open_read (fn);
if (fd == -1)
err (-1, "could not read from `%s'", fn);
if (fstat (fd, &st) == -1)
err (-1, "could not read from `%s'", fn);
buffer_init (&b, buffer_unixread, fd, bspace, sizeof bspace);
fdnew = open_trunc (fnnew);
if (fdnew == -1)
err (-1, "could not write to `%s'", fnnew);
if (fchmod (fdnew, st.st_mode & 0644) == -1)
err (-1, "could not write to `%s'", fnnew);
buffer_init (&bnew, buffer_unixwrite, fdnew, bnewspace, sizeof bnewspace);
switch (mode)
{
case '.':
case '&':
ttl = TTL_NS;
for (i = 0; i < 26; i++)
{
ch = 'a' + i;
if (!stralloc_copyb (&f[0], &ch, 1))
err (-1, "could not allocate enough memory");
if (!stralloc_cats (&f[0], ".ns."))
err (-1, "could not allocate enough memory");
if (!dns_domain_todot_cat (&f[0], target))
err (-1, "could not allocate enough memory");
if (!dns_domain_fromdot (&names[i], f[0].s, f[0].len))
err (-1, "could not allocate enough memory");
}
break;
case '+':
case '=':
ttl = TTL_POSITIVE;
break;
case '@':
ttl = TTL_POSITIVE;
for (i = 0; i < 26; i++)
{
ch = 'a' + i;
if (!stralloc_copyb (&f[0], &ch, 1))
err (-1, "could not allocate enough memory");
if (!stralloc_cats (&f[0], ".mx."))
err (-1, "could not allocate enough memory");
if (!dns_domain_todot_cat (&f[0], target))
err (-1, "could not allocate enough memory");
if (!dns_domain_fromdot (&names[i], f[0].s, f[0].len))
err (-1, "could not allocate enough memory");
}
break;
}
while (match)
{
if (getln (&b, &line, &match, '\n') == -1)
err (-1, "could not read from `%s'", fn);
put (line.s, line.len);
if (line.len && !match)
put ("\n", 1);
while (line.len)
{
ch = line.s[line.len - 1];
if ((ch != ' ') && (ch != '\t') && (ch != '\n'))
break;
--line.len;
}
if (!line.len || line.s[0] == '#')
continue;
j = 1;
for (i = 0; i < NUMFIELDS; i++)
{
if (j >= line.len)
{
if (!stralloc_copys (&f[i], ""))
err (-1, "could not allocate enough memory");
}
else
{
k = byte_chr (line.s + j, line.len - j, ':');
if (!stralloc_copyb (&f[i], line.s + j, k))
err (-1, "could not allocate enough memory");
j += k + 1;
}
}
switch(mode)
{
case '.':
case '&':
if (line.s[0] == mode)
{
if (!dns_domain_fromdot (&d1, f[0].s, f[0].len))
err (-1, "could not allocate enough memory");
if (dns_domain_equal (d1, target))
{
if (byte_chr (f[2].s, f[2].len, '.') >= f[2].len)
{
if (!stralloc_cats (&f[2], ".ns."))
err (-1, "could not allocate enough memory");
if (!stralloc_catb (&f[2], f[0].s, f[0].len))
err (-1, "could not allocate enough memory");
}
if (!dns_domain_fromdot (&d2, f[2].s, f[2].len))
err (-1, "could not allocate enough memory");
if (!stralloc_0 (&f[3]))
err (-1, "could not allocate enough memory");
if (!scan_ulong (f[3].s, &ttl))
ttl = TTL_NS;
for (i = 0; i < 26; i++)
{
if (dns_domain_equal (d2, names[i]))
{
used[i] = 1;
break;
}
}
}
}
break;
case '=':
if (line.s[0] == '=')
{
if (!dns_domain_fromdot (&d1, f[0].s, f[0].len))
err (-1, "could not allocate enough memory");
if (dns_domain_equal (d1, target))
errx (-1, "host name is already used");
if (!stralloc_0 (&f[1]))
err (-1, "could not allocate enough memory");
if (ip4_scan (f[1].s, ip))
if (byte_equal(ip, 4, targetip))
errx (-1, "IP address is already used");
}
break;
case '@':
if (line.s[0] == '@')
{
if (!dns_domain_fromdot (&d1, f[0].s, f[0].len))
err (-1, "could not allocate enough memory");
if (dns_domain_equal (d1, target))
{
if (byte_chr (f[2].s, f[2].len, '.') >= f[2].len)
{
if (!stralloc_cats (&f[2], ".mx."))
err (-1, "could not allocate enough memory");
if (!stralloc_catb (&f[2], f[0].s, f[0].len))
err (-1, "could not allocate enough memory");
}
if (!dns_domain_fromdot (&d2, f[2].s, f[2].len))
err (-1, "could not allocate enough memory");
if (!stralloc_0 (&f[4]))
err (-1, "could not allocate enough memory");
if (!scan_ulong (f[4].s, &ttl))
ttl = TTL_POSITIVE;
for (i = 0; i < 26; i++)
{
if (dns_domain_equal (d2, names[i]))
{
used[i] = 1;
break;
}
}
}
}
break;
}
}
if (!stralloc_copyb (&f[0], &mode, 1))
err (-1, "could not allocate enough memory");
if (!dns_domain_todot_cat (&f[0], target))
err (-1, "could not allocate enough memory");
if (!stralloc_cats (&f[0], ":"))
err (-1, "could not allocate enough memory");
if (!stralloc_catb (&f[0], ipstr, ip4_fmt (ipstr, targetip)))
err (-1, "could not allocate enough memory");
switch (mode)
{
case '.':
case '&':
case '@':
for (i = 0; i < 26; i++)
{
if (!used[i])
break;
}
if (i >= 26)
errx (-1, "too many records for domain `%s'", target);
ch = 'a' + i;
if (!stralloc_cats (&f[0], ":"))
err (-1, "could not allocate enough memory");
if (!stralloc_catb (&f[0], &ch, 1))
err (-1, "could not allocate enough memory");
if (mode == '@')
if (!stralloc_cats (&f[0], ":"))
err (-1, "could not allocate enough memory");
break;
}
if (!stralloc_cats (&f[0], ":"))
err (-1, "could not allocate enough memory");
if (!stralloc_catb (&f[0], strnum, fmt_ulong (strnum, ttl)))
err (-1, "could not allocate enough memory");
if (!stralloc_cats (&f[0], "\n"))
err (-1, "could not allocate enough memory");
put (f[0].s, f[0].len);
if (buffer_flush (&bnew) == -1)
err (-1, "could not write to `%s'", fnnew);
if (fsync (fdnew) == -1)
err (-1, "could not write to `%s'", fnnew);
if (close (fdnew) == -1)
err (-1, "could not write to `%s'", fnnew); /* NFS dorks */
if (rename (fnnew, fn) == -1)
err (-1, "could not move `%s' to `%s'", fnnew, fn);
return 0;
}
main(int argc,char **argv)
{
int fakev4=0;
unsigned long u;
int opt;
char *x;
int j;
int s;
int cloop;
dns_random_init(seed);
close(6);
close(7);
sig_ignore(sig_pipe);
while ((opt = getopt(argc,argv,"46dDvqQhHrRi:p:t:T:l:I:")) != opteof)
switch(opt) {
case '4': noipv6 = 1; break;
case '6': forcev6 = 1; break;
case 'd': flagdelay = 1; break;
case 'D': flagdelay = 0; break;
case 'v': verbosity = 2; break;
case 'q': verbosity = 0; break;
case 'Q': verbosity = 1; break;
case 'l': forcelocal = optarg; break;
case 'H': flagremotehost = 0; break;
case 'h': flagremotehost = 1; break;
case 'R': flagremoteinfo = 0; break;
case 'r': flagremoteinfo = 1; break;
case 't': scan_ulong(optarg,&itimeout); break;
case 'T': j = scan_ulong(optarg,&ctimeout[0]);
if (optarg[j] == '+') ++j;
scan_ulong(optarg + j,&ctimeout[1]);
break;
case 'i': if (!scan_ip6(optarg,iplocal)) usage(); break;
case 'I': netif=socket_getifidx(optarg); break;
case 'p': scan_ulong(optarg,&u); portlocal = u; break;
default: usage();
}
argv += optind;
if (!verbosity)
buffer_2->fd = -1;
hostname = *argv;
if (!hostname) usage();
if (!hostname[0] || str_equal(hostname,"0"))
hostname = (noipv6?"127.0.0.1":"::1");
x = *++argv;
if (!x) usage();
if (!x[scan_ulong(x,&u)])
portremote = u;
else {
struct servent *se;
se = getservbyname(x,"tcp");
if (!se)
strerr_die3x(111,FATAL,"unable to figure out port number for ",x);
portremote = ntohs(se->s_port);
/* i continue to be amazed at the stupidity of the s_port interface */
}
if (!*++argv) usage();
if (!stralloc_copys(&tmp,hostname)) nomem();
if (dns_ip6_qualify(&addresses,&fqdn,&tmp) == -1)
strerr_die4sys(111,FATAL,"temporarily unable to figure out IP address for ",hostname,": ");
if (addresses.len < 16)
strerr_die3x(111,FATAL,"no IP address for ",hostname);
if (addresses.len == 16) {
ctimeout[0] += ctimeout[1];
ctimeout[1] = 0;
}
for (cloop = 0;cloop < 2;++cloop) {
if (!stralloc_copys(&moreaddresses,"")) nomem();
for (j = 0;j + 16 <= addresses.len;j += 4) {
s = socket_tcp6();
if (s == -1)
strerr_die2sys(111,FATAL,"unable to create socket: ");
if (socket_bind6(s,iplocal,portlocal,netif) == -1)
strerr_die2sys(111,FATAL,"unable to bind socket: ");
if (timeoutconn6(s,addresses.s + j,portremote,ctimeout[cloop],netif) == 0)
goto CONNECTED;
close(s);
if (!cloop && ctimeout[1] && (errno == error_timeout)) {
if (!stralloc_catb(&moreaddresses,addresses.s + j,16)) nomem();
}
else {
strnum[fmt_ulong(strnum,portremote)] = 0;
if (ip6_isv4mapped(addresses.s+j))
ipstr[ip4_fmt(ipstr,addresses.s + j + 12)] = 0;
else
ipstr[ip6_fmt(ipstr,addresses.s + j)] = 0;
strerr_warn5(CONNECT,ipstr," port ",strnum,": ",&strerr_sys);
}
}
if (!stralloc_copy(&addresses,&moreaddresses)) nomem();
}
_exit(111);
CONNECTED:
if (!flagdelay)
socket_tcpnodelay(s); /* if it fails, bummer */
if (socket_local6(s,iplocal,&portlocal,&netif) == -1)
strerr_die2sys(111,FATAL,"unable to get local address: ");
if (!forcev6 && (ip6_isv4mapped(iplocal) || byte_equal(iplocal,16,V6any)))
fakev4=1;
if (!pathexec_env("PROTO",fakev4?"TCP":"TCP6")) nomem();
strnum[fmt_ulong(strnum,portlocal)] = 0;
if (!pathexec_env("TCPLOCALPORT",strnum)) nomem();
if (fakev4)
ipstr[ip4_fmt(ipstr,iplocal+12)] = 0;
else
ipstr[ip6_fmt(ipstr,iplocal)] = 0;
if (!pathexec_env("TCPLOCALIP",ipstr)) nomem();
x = forcelocal;
if (!x)
if (dns_name6(&tmp,iplocal) == 0) {
if (!stralloc_0(&tmp)) nomem();
x = tmp.s;
}
if (!pathexec_env("TCPLOCALHOST",x)) nomem();
if (socket_remote6(s,ipremote,&portremote,&netif) == -1)
strerr_die2sys(111,FATAL,"unable to get remote address: ");
strnum[fmt_ulong(strnum,portremote)] = 0;
if (!pathexec_env("TCPREMOTEPORT",strnum)) nomem();
if (fakev4)
ipstr[ip4_fmt(ipstr,ipremote+12)] = 0;
else
ipstr[ip6_fmt(ipstr,ipremote)] = 0;
if (!pathexec_env("TCPREMOTEIP",ipstr)) nomem();
if (verbosity >= 2)
strerr_warn4("tcpclient: connected to ",ipstr," port ",strnum,0);
x = 0;
if (flagremotehost)
if (dns_name6(&tmp,ipremote) == 0) {
if (!stralloc_0(&tmp)) nomem();
x = tmp.s;
}
if (!pathexec_env("TCPREMOTEHOST",x)) nomem();
x = 0;
if (flagremoteinfo)
if (remoteinfo6(&tmp,ipremote,portremote,iplocal,portlocal,itimeout,netif) == 0) {
if (!stralloc_0(&tmp)) nomem();
x = tmp.s;
}
if (!pathexec_env("TCPREMOTEINFO",x)) nomem();
if (fd_move(6,s) == -1)
strerr_die2sys(111,FATAL,"unable to set up descriptor 6: ");
if (fd_copy(7,6) == -1)
strerr_die2sys(111,FATAL,"unable to set up descriptor 7: ");
sig_uncatch(sig_pipe);
pathexec(argv);
strerr_die4sys(111,FATAL,"unable to run ",*argv,": ");
}
void doit(int t)
{
int j;
uint32 scope_id;
if (ip6_isv4mapped(remoteip))
remoteipstr[ip4_fmt(remoteipstr,remoteip+12)] = 0;
else
remoteipstr[ip6_fmt(remoteipstr,remoteip)] = 0;
if (verbosity >= 2) {
strnum[fmt_ulong(strnum,getpid())] = 0;
log(B("pid ",strnum," from ",remoteipstr,0));
}
if (flagkillopts)
socket_ipoptionskill(t);
if (!flagdelay)
socket_tcpnodelay(t);
if (*banner) {
buffer_init(&b,write,t,bspace,sizeof bspace);
if (buffer_putsflush(&b,banner) == -1)
errint(EHARD,"unable to print banner: ");
}
if (socket_local(t,localip,&localport,&scope_id) == -1)
errint(EHARD,"unable to get local address: ");
if (ip6_isv4mapped(localip))
localipstr[ip4_fmt(localipstr,localip+12)] = 0;
else
localipstr[ip6_fmt(localipstr,localip)] = 0;
remoteportstr[fmt_ulong(remoteportstr,remoteport)] = 0;
if (!localhost)
if (dns_name(&localhostsa,localip) == 0)
if (localhostsa.len) {
if (!stralloc_0(&localhostsa)) errmem;
localhost = localhostsa.s;
}
env("PROTO","TCP");
env("TCPLOCALIP",localipstr);
env("TCPLOCALPORT",localportstr);
env("TCPLOCALHOST",localhost);
if (flagremotehost)
if (dns_name(&remotehostsa,remoteip) == 0)
if (remotehostsa.len) {
if (flagparanoid)
if (dns_ip6(&tmp,&remotehostsa) == 0)
for (j = 0;j + 16 <= tmp.len;j += 16)
if (byte_equal(remoteip,16,tmp.s + j)) {
flagparanoid = 0;
break;
}
if (!flagparanoid) {
if (!stralloc_0(&remotehostsa)) errmem;
remotehost = remotehostsa.s;
}
}
env("TCPREMOTEIP",remoteipstr);
env("TCPREMOTEPORT",remoteportstr);
env("TCPREMOTEHOST",remotehost);
if (flagremoteinfo) {
if (remoteinfo6(&tcpremoteinfo,remoteip,remoteport,localip,localport,timeout,netif) == -1)
flagremoteinfo = 0;
if (!stralloc_0(&tcpremoteinfo)) errmem;
}
env("TCPREMOTEINFO",flagremoteinfo ? tcpremoteinfo.s : 0);
if (fnrules) {
int fdrules;
fdrules = open_read(fnrules);
if (fdrules == -1) {
if (errno != error_noent) drop_rules();
if (!flagallownorules) drop_rules();
}
else {
char* temp;
if (ip6_isv4mapped(remoteip))
temp=remoteipstr+7;
else
temp=remoteipstr;
if (rules(found,fdrules,temp,remotehost,flagremoteinfo ? tcpremoteinfo.s : 0) == -1) drop_rules();
close(fdrules);
// log(B("checking tcp rules for ",remotehost,": pass"));
}
}
if (verbosity >= 2) {
strnum[fmt_ulong(strnum,getpid())] = 0;
if (!stralloc_copys(&tmp,"qmail-tcpsrv: ")) errmem;
safecats(flagdeny ? "deny" : "ok");
cats(" "); safecats(strnum);
cats(" "); if (localhost) safecats(localhost);
cats(":"); safecats(localipstr);
cats(":"); safecats(localportstr);
cats(" "); if (remotehost) safecats(remotehost);
cats(":"); safecats(remoteipstr);
// cats(":<remote info>"); if (flagremoteinfo) safecats(tcpremoteinfo.s);
cats(":"); if (flagremoteinfo) safecats(tcpremoteinfo.s);
cats(":"); safecats(remoteportstr);
cats("\n");
buffer_putflush(buffer_2,tmp.s,tmp.len);
}
if (flagdeny) _exit(100);
}
int main (int argc, char* argv[])
{
char ip[4];
stralloc partial = {0};
stralloc out = {0};
char ip_fmt[IP4_FMT];
char line[BUF_LEN];
int r, i, j;
int inbuflen = 0;
int flag0 = 1;
buffer sslist;
int fdlist = 0;
char outlist[BUF_LEN];
unsigned long skip = 0;
int opt;
while ((opt = getopt (argc, argv, "s:")) != opteof)
switch (opt) {
case 's': scan_ulong (optarg, &skip); break;
default: usage ();
}
argc -= optind;
argv += optind;
if (!argc) usage ();
fdlist = open_append(argv[0]);
if (fdlist == -1)
strerr_die4sys (111,FATAL,"unable to write ",argv[0],": ");
buffer_init (&sslist,write,fdlist,outlist,sizeof(outlist));
if (!stralloc_copys (&partial, "")) nomem ();
while (flag0 || inbuflen || partial.len) {
if (flag0)
if (inbuflen < sizeof line) {
r = read (0, line+inbuflen, sizeof line-inbuflen);
if (r <= 0)
flag0 = 0;
else
inbuflen += r;
}
while (flag0) {
i = byte_chr (line, inbuflen, '\n');
if (inbuflen && (i == inbuflen)) {
if (!stralloc_catb (&partial, line, inbuflen)) nomem ();
inbuflen = 0;
continue;
}
if ((i < inbuflen) || (!flag0 && partial.len)) {
if (i < inbuflen) ++i;
if (!stralloc_catb (&partial, line, i)) nomem ();
inbuflen -= i;
for (j = 0; j < inbuflen; ++j) line[j] = line[j + i];
/* end of header */
if (partial.len == 1) {
inbuflen = partial.len = flag0 = 0;
break;
}
if (partial.len && flag0) {
if (str_start (partial.s, "Received: from ")) {
for (j = str_rchr (partial.s, '(')+1; flag0 && j; j--) {
i = ip4_scan (partial.s+j, ip);
if (skip && i) {
skip--;
break;
}
if (i) {
/* write the IP to the output file */
stralloc_copyb (&out,ip_fmt, ip4_fmt (ip_fmt, ip));
buffer_put (&sslist, out.s, out.len);
buffer_puts (&sslist, "\n");
flag0 = 0;
inbuflen = 0;
}
}
}
}
partial.len = 0;
continue;
}
break;
}
}
/* flush and close output file */
buffer_flush (&sslist);
fsync(fdlist);
close(fdlist);
_exit (EXIT_OK);
}
int main(int argc,char *argv[])
//int argc;
//char *argv[];
{
int dummy;
char *proto;
int opt;
int flagremoteinfo;
unsigned long timeout;
// struct sockaddr_in *v4;
sig_pipeignore();
flagremoteinfo = 1;
timeout = 30;
while ((opt = getopt(argc,argv,"rRt:")) != opteof)
switch(opt)
{
case 'r': flagremoteinfo = 1; break;
case 'R': flagremoteinfo = 0; break;
case 't': scan_ulong(subgetoptarg,&timeout); break;
}
argv += subgetoptind;
argc -= subgetoptind;
if (argc < 1) die();
if (!env_init()) die();
proto = env_get("PROTO");
if (!proto || str_diff(proto,"TCP"))
{
if (!env_puts("PROTO=TCP")) die();
dummy = sizeof(salocal);
if (getsockname(0,(struct sockaddr *) &salocal, (socklen_t *) &dummy) == -1) die();
mappedtov4(&salocal);
switch(salocal.sa.sa_family) {
case AF_INET:
localport = ntohs(salocal.sa4.sin_port);
temp[fmt_ulong(temp,localport)] = 0;
if (!env_put("TCPLOCALPORT",temp)) die();
temp[ip4_fmt(temp,(char *) &salocal.sa4.sin_addr)] = 0;
if (!env_put("TCPLOCALIP",temp)) die();
switch(dns_ptr(&localname,&salocal.sa4.sin_addr)) {
case DNS_MEM: die();
case DNS_SOFT:
if (!stralloc_copys(&localname,"softdnserror")) die();
case 0:
if (!stralloc_0(&localname)) die();
case_lowers(localname.s);
if (!env_put("TCPLOCALHOST",localname.s)) die();
break;
default:
if (!env_unset("TCPLOCALHOST")) die();
}
break;
#ifdef INET6
case AF_INET6:
localport = ntohs(salocal.sa6.sin6_port);
temp[fmt_ulong(temp,localport)] = 0;
if (!env_put("TCPLOCALPORT",temp)) die();
temp[ip6_fmt(temp,(char *) &salocal.sa6.sin6_addr)] = 0;
if (!env_put("TCPLOCALIP",temp)) die();
switch(dns_ptr6(&localname,&salocal.sa6.sin6_addr)) {
case DNS_MEM: die();
case DNS_SOFT:
if (!stralloc_copys(&localname,"softdnserror")) die();
case 0:
if (!stralloc_0(&localname)) die();
case_lowers(localname.s);
if (!env_put("TCPLOCALHOST",localname.s)) die();
break;
default:
if (!env_unset("TCPLOCALHOST")) die();
}
break;
#endif
default:
die();
}
dummy = sizeof(saremote);
if (getpeername(0,(struct sockaddr *) &saremote, (socklen_t *) &dummy) == -1) die();
mappedtov4(&saremote);
switch(saremote.sa.sa_family) {
case AF_INET:
remoteport = ntohs(saremote.sa4.sin_port);
temp[fmt_ulong(temp,remoteport)] = 0;
if (!env_put("TCPREMOTEPORT",temp)) die();
temp[ip4_fmt(temp,(char *)&saremote.sa4.sin_addr)] = 0;
if (!env_put("TCPREMOTEIP",temp)) die();
switch(dns_ptr(&remotename,&saremote.sa4.sin_addr)) {
case DNS_MEM: die();
case DNS_SOFT:
if (!stralloc_copys(&remotename,"softdnserror")) die();
case 0:
if (!stralloc_0(&remotename)) die();
case_lowers(remotename.s);
if (!env_put("TCPREMOTEHOST",remotename.s)) die();
break;
default:
if (!env_unset("TCPREMOTEHOST")) die();
}
break;
#ifdef INET6
case AF_INET6:
remoteport = ntohs(saremote.sa6.sin6_port);
temp[fmt_ulong(temp,remoteport)] = 0;
if (!env_put("TCPREMOTEPORT",temp)) die();
temp[ip6_fmt(temp,(char *) &saremote.sa6.sin6_addr)] = 0;
if (!env_put("TCPREMOTEIP",temp)) die();
switch(dns_ptr6(&remotename,&saremote.sa6.sin6_addr)) {
case DNS_MEM: die();
case DNS_SOFT:
if (!stralloc_copys(&remotename,"softdnserror")) die();
case 0:
if (!stralloc_0(&remotename)) die();
case_lowers(remotename.s);
if (!env_put("TCPREMOTEHOST",remotename.s)) die();
break;
default:
if (!env_unset("TCPREMOTEHOST")) die();
}
break;
#endif
default:
die();
}
if (!env_unset("TCPREMOTEINFO")) die();
if (flagremoteinfo)
{
char *rinfo;
rinfo = remoteinfo_get(&saremote, &salocal,(int) timeout);
if (rinfo)
if (!env_put("TCPREMOTEINFO",rinfo)) die();
}
}
sig_pipedefault();
execvp(*argv,argv);
die();
return(0); /* never reached */
}
