struct psj *parse_psj(char *buf)
{
char *p;
struct psj *r;
r = malloc(sizeof(*r));
if (r == NULL)
{
APPLOG(LOG_CRIT, "malloc failed");
exit(255);
}
p = strtok(buf, ",");
if (!p)
{
APPLOG(LOG_ERR, "missing psj host:port");
free(r);
return NULL;
}
r->hostport = strdup(p);
r->ai = parse_hostport(p);
if (r->ai == NULL)
{
free(r->hostport);
free(r);
return NULL;
}
return r;
}
/************************************************************************
* Function : parse_uri
*
* Parameters :
* char * in ; character string containing uri information to be
* parsed
* int max ; maximum limit on the number of characters
* uri_type * out ; out parameter which will have the parsed uri
* information
*
* Description : parses a uri as defined in http://www.ietf.org/rfc/
* rfc2396.txt (RFC explaining URIs)
* Handles absolute, relative, and opaque uris. Parses into the
* following pieces: scheme, hostport, pathquery, fragment (path and
* query are treated as one token)
* Caller should check for the pieces they require.
*
* Return : int ;
*
* Note :
************************************************************************/
int
parse_uri( const char *in,
int max,
uri_type * out )
{
int begin_path = 0;
int begin_hostport = 0;
int begin_fragment = 0;
if( ( begin_hostport = parse_scheme( in, max, &out->scheme ) ) ) {
out->type = ABSOLUTE;
out->path_type = OPAQUE_PART;
begin_hostport++;
} else {
out->type = RELATIVE;
out->path_type = REL_PATH;
}
if( ( ( begin_hostport + 1 ) < max ) && ( in[begin_hostport] == '/' )
&& ( in[begin_hostport + 1] == '/' ) ) {
begin_hostport += 2;
if( ( begin_path = parse_hostport( &in[begin_hostport],
max - begin_hostport,
&out->hostport ) ) >= 0 ) {
begin_path += begin_hostport;
} else
return begin_path;
} else {
out->hostport.IPv4address.sin_port = 0;
out->hostport.IPv4address.sin_addr.s_addr = 0;
out->hostport.text.size = 0;
out->hostport.text.buff = 0;
begin_path = begin_hostport;
}
begin_fragment =
parse_uric( &in[begin_path], max - begin_path,
&out->pathquery ) + begin_path;
if( ( out->pathquery.size ) && ( out->pathquery.buff[0] == '/' ) ) {
out->path_type = ABS_PATH;
}
if( ( begin_fragment < max ) && ( in[begin_fragment] == '#' ) ) {
begin_fragment++;
parse_uric( &in[begin_fragment], max - begin_fragment,
&out->fragment );
} else {
out->fragment.buff = NULL;
out->fragment.size = 0;
}
return HTTP_SUCCESS;
}
int doveadm_tcp_connect(const char *target, in_port_t default_port)
{
const char *host;
in_port_t port;
if (!parse_hostport(target, default_port, &host, &port)) {
i_fatal("Port not known for %s. Either set proxy_port "
"or use %s:port", target, target);
}
return doveadm_tcp_connect_port(host, port);
}
int parse_uri(const char *in, size_t max, uri_type *out)
{
int begin_path = 0;
size_t begin_hostport = (size_t)0;
size_t begin_fragment = (size_t)0;
unsigned short int defaultPort = 80;
begin_hostport = parse_scheme(in, max, &out->scheme);
if (begin_hostport) {
out->type = ABSOLUTE;
out->path_type = OPAQUE_PART;
begin_hostport++;
} else {
out->type = RELATIVE;
out->path_type = REL_PATH;
}
if (begin_hostport + (size_t)1 < max &&
in[begin_hostport] == '/' &&
in[begin_hostport + (size_t)1] == '/') {
begin_hostport += (size_t)2;
if (token_string_casecmp(&out->scheme, "https") == 0) {
defaultPort = 443;
}
begin_path = parse_hostport(&in[begin_hostport],
defaultPort,
&out->hostport);
if (begin_path >= 0) {
begin_path += (int)begin_hostport;
} else
return begin_path;
} else {
memset(&out->hostport, 0, sizeof(out->hostport));
begin_path = (int)begin_hostport;
}
begin_fragment = parse_uric(&in[begin_path],
max - (size_t)begin_path,
&out->pathquery) + (size_t)begin_path;
if (out->pathquery.size && out->pathquery.buff[0] == '/') {
out->path_type = ABS_PATH;
}
if (begin_fragment < max && in[begin_fragment] == '#') {
begin_fragment++;
parse_uric(&in[begin_fragment], max - begin_fragment,
&out->fragment);
} else {
out->fragment.buff = NULL;
out->fragment.size = (size_t)0;
}
return HTTP_SUCCESS;
}
// I *could* use templates, but I don't understand C++.
static int connect_common(char* hostport,
int (*try_socket)(int fd, const struct addrinfo* res),
int flags) {
struct addrinfo *result;
struct addrinfo *res;
struct addrinfo hints;
int error;
int sfd;
char* host;
char* port;
parse_hostport(hostport, &host, &port);
if (port == NULL) {
// They didn't give us a port.
return -1;
}
memset(&hints, 0, sizeof(hints));
hints.ai_family= PF_UNSPEC;
hints.ai_socktype = SOCK_STREAM;
hints.ai_protocol = IPPROTO_TCP;
hints.ai_flags = AI_NUMERICSERV | flags;
error = getaddrinfo(host, port, &hints, &result);
if (error != 0) {
return -1;
}
for (res = result; res != NULL; res = res->ai_next) {
sfd = socket(res->ai_family, res->ai_socktype, res->ai_protocol);
if (sfd == -1) continue;
if (try_socket(sfd, res) == 0) {
break;
}
close(sfd);
}
if (res == NULL) {
sfd = -1;
}
freeaddrinfo(result);
// TODO(awreece) This is bad and I feel bad, but I'm lazy.
port[-1] = ':';
return sfd;
}
int parse_hostpart(const char *hostpart,char *user,char *pass,char *host,int *port)
{
const char *hostport;
char *ptr;
char userpass[1000] = "";
int ret;
if(ptr = strrchr(hostpart,'@')){
strncpy(userpass,hostpart,ptr-hostpart);
hostport = ptr+1;
}else{
hostport = hostpart;
}
ret = parse_userpass(userpass,user,pass);
if(ret==-1){return -1;}
ret = parse_hostport(hostport,host,port);
if(ret==-1){return -1;}
return 0;
}
char* parse_authority(uri_t* uri, char* uri_pointer) {
char *new_uri_pointer = NULL;
char *userinfo = NULL;
char *hostport = NULL;
char* start = uri_pointer;
char* end;
if(start[0] == '/' && start[1] == '/' && start[2] == '/') {
/* Authority part not present */
new_uri_pointer = start + 3;
}
else if(start[0] == '/' && start[1] == '/') {
/* Authority part present */
start += 2;
userinfo = start;
end = start;
while(*end && *end != '/') {
end++;
}
*end = '\0';
new_uri_pointer = end + 1;
hostport = parse_userinfo(uri, userinfo);
new_uri_pointer = parse_hostport(uri, hostport);
}
else {
new_uri_pointer = start;
}
return new_uri_pointer;
}
int
main(int argc, char **argv)
{
char *dev, *capfile, *bpf_prog;
extern char *optarg;
extern int optind;
extern char *__progname;
int ch, dontfork_flag, r;
pcap_t *pcap = NULL;
struct sockaddr_storage dest, src;
socklen_t destlen, srclen;
#ifdef NF9
int opt =0;
#endif
bpf_prog = NULL;
dev = capfile = NULL;
dontfork_flag = 0;
memset(&dest, '\0', sizeof(dest));
memset(&src, '\0', sizeof(src));
destlen = 0;
srclen = 0;
#ifdef NF9
while ((ch = getopt(argc, argv, "hdDi:n:r:S:s:v:m:p:e:")) != -1)
{
#else
while ((ch = getopt(argc, argv, "hdDi:n:r:S:v:")) != -1)
{
#endif /*NF9*/
switch (ch)
{
case 'h':
usage();
return (0);
case 'S':
if (strcasecmp(optarg, "any") == 0)
{
direction = 0;
break;
}
if (strcasecmp(optarg, "in") == 0)
{
direction = PF_IN;
break;
}
if (strcasecmp(optarg, "out") == 0)
{
direction = PF_OUT;
break;
}
usage();
return (0);
case 'D':
verbose_flag = 1;
/* FALLTHROUGH */
case 'd':
dontfork_flag = 1;
break;
case 'i':
if (capfile != NULL || dev != NULL)
{
fprintf(stderr, "Packet source already specified.\n\n");
usage();
exit(1);
}
dev = optarg;
break;
case 'n':
/* Will exit on failure */
destlen = sizeof(dest);
parse_hostport(optarg, (struct sockaddr *)&dest,
&destlen);
break;
case 'r':
if (capfile != NULL || dev != NULL)
{
fprintf(stderr, "Packet source already specified.\n\n");
usage();
exit(1);
}
capfile = optarg;
dontfork_flag = 1;
break;
case 's':
/* Will exit on failure */
srclen = sizeof(src);
parse_host(optarg, (struct sockaddr *)&src,
&srclen);
break;
case 'v':
switch((export_version = atoi(optarg)))
{
case 1:
case 5:
#ifdef NF9
case NF9_VERSION:
#endif /*NF9*/
break;
default:
fprintf(stderr, "Invalid NetFlow version\n");
exit(1);
}
break;
#ifdef NF9
case 'm':
{
opt= atoi(optarg);
if(opt>=0)
refresh_minutes_interval=opt;
}
break;
case 'p':
{
opt= atoi(optarg);
if(opt>0)
refresh_packets_interval=opt;
}
break;
case 'e':
source_id = atoi(optarg);
break;
#endif /*NF9*/
default:
fprintf(stderr, "Invalid commandline option.\n");
usage();
exit(1);
}
}
if (capfile == NULL && dev == NULL)
dev = DEFAULT_INTERFACE;
/* join remaining arguments (if any) into bpf program */
bpf_prog = argv_join(argc - optind, argv + optind);
/* Will exit on failure */
setup_packet_capture(&pcap, dev, capfile, bpf_prog);
/* Netflow send socket */
if (dest.ss_family != 0 && src.ss_family != 0)
netflow_socket = connsock_bind((struct sockaddr *)&dest, destlen, (struct sockaddr *)&src, srclen);
else if (dest.ss_family != 0)
netflow_socket = connsock((struct sockaddr *)&dest, destlen);
else
{
fprintf(stderr, "No export target defined\n");
if (!verbose_flag)
exit(1);
}
if (dontfork_flag)
{
if (!verbose_flag)
drop_privs();
openlog(__progname, LOG_PID|LOG_PERROR, LOG_DAEMON);
}
else
{
daemon(0, 0);
openlog(__progname, LOG_PID, LOG_DAEMON);
if (pidfile(NULL) == -1)
{
syslog(LOG_WARNING, "Couldn't write pidfile: %s",
strerror(errno));
}
/* Close and reopen syslog to pickup chrooted /dev/log */
closelog();
openlog(__progname, LOG_PID, LOG_DAEMON);
drop_privs();
signal(SIGINT, sighand_exit);
signal(SIGTERM, sighand_exit);
}
if (dev != NULL)
syslog(LOG_NOTICE, "%s listening on %s", __progname, dev);
/* Main processing loop */
gettimeofday(&start_time, NULL);
r = pcap_loop(pcap, -1, packet_cb, NULL);
if (r == -1)
{
syslog(LOG_ERR, "pcap_dispatch: %s", pcap_geterr(pcap));
exit(1);
}
if (r == 0 && capfile == NULL)
syslog(LOG_NOTICE, "Exiting on pcap EOF");
exit(0);
}
static int parse_domain(void* param, cfg_parser_t* st, unsigned int flags)
{
cfg_token_t t;
int ret;
cfg_option_t* opt;
int type;
struct ip_addr ip;
unsigned int port;
memset(&ip, 0, sizeof(struct ip_addr));
ret = cfg_get_token(&t, st, 0);
if (ret < 0) return -1;
if (ret > 0) {
ERR("%s:%d:%d: TLS domain type missing\n",
st->file, st->line, st->col);
return -1;
}
if (t.type != CFG_TOKEN_ALPHA ||
((opt = cfg_lookup_token(domain_types, &t.val)) == NULL)) {
ERR("%s:%d:%d: Invalid TLS domain type %d:'%.*s'\n",
st->file, t.start.line, t.start.col, t.type, STR_FMT(&t.val));
return -1;
}
ret = cfg_get_token(&t, st, 0);
if (ret < 0) return -1;
if (ret > 0) {
ERR("%s:%d:%d: TLS domain IP address missing\n",
st->file, st->line, st->col);
return -1;
}
if (t.type != ':') {
ERR("%s:%d:%d: Syntax error, ':' expected\n",
st->file, t.start.line, t.start.col);
return -1;
}
port = 0;
if (parse_hostport(&type, &ip, &port, &t, st) < 0) return -1;
ret = cfg_get_token(&t, st, 0);
if (ret < 0) return -1;
if (ret > 0) {
ERR("%s:%d:%d: Closing ']' missing\n",
st->file, st->line, st->col);
return -1;
}
if (t.type != ']') {
ERR("%s:%d:%d: Syntax error, ']' expected\n",
st->file, t.start.line, t.start.col);
return -1;
}
if (cfg_eat_eol(st, flags)) return -1;
if ((domain = tls_new_domain(opt->val | type, &ip, port)) == NULL) {
ERR("%s:%d: Cannot create TLS domain structure\n", st->file, st->line);
return -1;
}
ret = tls_add_domain(cfg, domain);
if (ret < 0) {
ERR("%s:%d: Error while creating TLS domain structure\n", st->file,
st->line);
tls_free_domain(domain);
return -1;
} else if (ret == 1) {
ERR("%s:%d: Duplicate TLS domain (appears earlier in the config file)\n",
st->file, st->line);
tls_free_domain(domain);
return -1;
}
update_opt_variables();
cfg_set_options(st, options);
return 0;
}
/* Returns 0 for a specific target, 1 for wildcard, -1 for an error */
static int
parse_timeout_sock(const char *sock_name, union rtpp_tnotify_entry *rtep,
const char **e)
{
char host[512], port[10];
char *new_sn, **snp;
int n, rval;
const char *sprefix, *usock_name;
struct sockaddr_un *ifsun;
struct sockaddr *ifsa;
snp = &rtep->rtt.socket_name;
rval = 0;
sprefix = NULL;
if (strncmp("unix:", sock_name, 5) == 0) {
usock_name = sock_name + 5;
rtep->rtt.socket_type = AF_LOCAL;
} else if (strncmp("tcp:", sock_name, 4) == 0) {
if (parse_hostport(sock_name + 4, host, sizeof(host), port, sizeof(port), 0, e) != 0) {
return (-1);
}
rtep->rtt.socket_type = AF_INET;
} else {
sprefix = "unix:";
usock_name = sock_name;
rtep->rtt.socket_type = AF_LOCAL;
}
if (rtep->rtt.socket_type == AF_UNIX) {
if (strlen(usock_name) == 0) {
*e = "Timeout notification socket name too short";
return (-1);
}
ifsun = sstosun(&rtep->rtt.remote);
ifsun->sun_family = AF_LOCAL;
strncpy(ifsun->sun_path, usock_name, sizeof(ifsun->sun_path) - 1);
#if defined(HAVE_SOCKADDR_SUN_LEN)
ifsun->sun_len = strlen(ifsun->sun_path);
#endif
rtep->rtt.remote_len = sizeof(struct sockaddr_un);
} else if (rtep->rtt.socket_type == AF_INET && strcmp(host, CC_SELF_STR) == 0) {
rtep->rtw.socket_type = AF_INET;
rtep->rtw.port = atoi(port);
snp = &rtep->rtt.socket_name;
rval = 1;
} else {
ifsa = sstosa(&rtep->rtt.remote);
n = resolve(ifsa, AF_INET, host, port, AI_PASSIVE);
if (n != 0) {
*e = gai_strerror(n);
return (-1);
}
rtep->rtt.remote_len = SA_LEN(ifsa);
}
if (sprefix == NULL) {
new_sn = strdup(sock_name);
} else {
asprintf(&new_sn, "%s%s", sprefix, usock_name);
}
if (new_sn == NULL) {
*e = strerror(errno);
return (-1);
}
*snp = new_sn;
return (rval);
}