|
Packit |
d37888 |
/* -*-C-*-
|
|
Packit |
d37888 |
* Server code for handling requests from clients and forwarding them
|
|
Packit |
d37888 |
* on to the GNU Emacs process.
|
|
Packit |
d37888 |
*
|
|
Packit |
d37888 |
* This file is part of GNU Emacs.
|
|
Packit |
d37888 |
*
|
|
Packit |
d37888 |
* Copying is permitted under those conditions described by the GNU
|
|
Packit |
d37888 |
* General Public License.
|
|
Packit |
d37888 |
*
|
|
Packit |
d37888 |
* Copyright (C) 1989 Free Software Foundation, Inc.
|
|
Packit |
d37888 |
*
|
|
Packit |
d37888 |
* Author: Andy Norman (ange@hplb.hpl.hp.com), based on 'etc/server.c'
|
|
Packit |
d37888 |
* from the 18.52 GNU Emacs distribution.
|
|
Packit |
d37888 |
*
|
|
Packit |
d37888 |
* Please mail bugs and suggestions to the author at the above address.
|
|
Packit |
d37888 |
*/
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
/* HISTORY
|
|
Packit |
d37888 |
* 11-Nov-1990 bristor@simba
|
|
Packit |
d37888 |
* Added EOT stuff.
|
|
Packit |
d37888 |
*/
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
/*
|
|
Packit |
d37888 |
* This file incorporates new features added by Bob Weiner <weiner@mot.com>,
|
|
Packit |
d37888 |
* Darrell Kindred <dkindred@cmu.edu> and Arup Mukherjee <arup@cmu.edu>.
|
|
Packit |
d37888 |
* Please see the note at the end of the README file for details.
|
|
Packit |
d37888 |
*
|
|
Packit |
d37888 |
* (If gnuserv came bundled with your emacs, the README file is probably
|
|
Packit |
d37888 |
* ../etc/gnuserv.README relative to the directory containing this file)
|
|
Packit |
d37888 |
*/
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
#include <config.h>
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
#include <glib/gi18n-lib.h>
|
|
Packit |
d37888 |
#include <glibtop.h>
|
|
Packit |
d37888 |
#include <glibtop/open.h>
|
|
Packit |
d37888 |
#include <glibtop/close.h>
|
|
Packit |
d37888 |
#include <glibtop/command.h>
|
|
Packit |
d37888 |
#include <glibtop/parameter.h>
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
#include "server_config.h"
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
#include <glibtop/gnuserv.h>
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
#include <errno.h>
|
|
Packit |
d37888 |
#include <locale.h>
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
#include "daemon.h"
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
#ifdef AIX
|
|
Packit |
d37888 |
#include <sys/select.h>
|
|
Packit |
d37888 |
#endif
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
#ifdef NEED_DECLARATION_PROGRAM_INVOCATION_NAME
|
|
Packit |
d37888 |
extern char *program_invocation_name, *program_invocation_short_name;
|
|
Packit |
d37888 |
#endif
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
#ifndef HAVE_PROGRAM_INVOCATION_SHORT_NAME
|
|
Packit |
d37888 |
char *program_invocation_short_name;
|
|
Packit |
d37888 |
#endif
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
#ifndef HAVE_PROGRAM_INVOCATION_NAME
|
|
Packit |
d37888 |
char *program_invocation_name;
|
|
Packit |
d37888 |
#endif
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
#if !defined(INTERNET_DOMAIN_SOCKETS)
|
|
Packit |
d37888 |
#error "Internet Domain sockets are required"
|
|
Packit |
d37888 |
#endif
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
#ifdef AUTH_MAGIC_COOKIE
|
|
Packit |
d37888 |
#include <X11/X.h>
|
|
Packit |
d37888 |
#include <X11/Xauth.h>
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
static Xauth *server_xauth = NULL;
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
#endif /* AUTH_MAGIC_COOKIE */
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
gboolean enable_debug = FALSE;
|
|
Packit |
d37888 |
gboolean verbose_output = FALSE;
|
|
Packit |
d37888 |
static gboolean no_daemon = FALSE;
|
|
Packit |
d37888 |
static gboolean invoked_from_inetd = FALSE;
|
|
Packit |
d37888 |
static int changed_uid = 0;
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
void
|
|
Packit |
d37888 |
syslog_message (int priority, const char *format, ...)
|
|
Packit |
d37888 |
{
|
|
Packit |
d37888 |
va_list ap;
|
|
Packit |
d37888 |
char buffer [BUFSIZ];
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
va_start (ap, format);
|
|
Packit |
d37888 |
vsnprintf (buffer, BUFSIZ-1, format, ap);
|
|
Packit |
d37888 |
va_end (ap);
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
syslog (priority, "%s", buffer);
|
|
Packit |
d37888 |
}
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
void
|
|
Packit |
d37888 |
syslog_io_message (int priority, const char *format, ...)
|
|
Packit |
d37888 |
{
|
|
Packit |
d37888 |
va_list ap;
|
|
Packit |
d37888 |
char buffer [BUFSIZ];
|
|
Packit |
d37888 |
char buffer2 [BUFSIZ];
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
va_start (ap, format);
|
|
Packit |
d37888 |
vsnprintf (buffer, BUFSIZ-1, format, ap);
|
|
Packit |
d37888 |
va_end (ap);
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
snprintf (buffer2, BUFSIZ-1, "%s: %s", buffer, g_strerror (errno));
|
|
Packit |
d37888 |
syslog (priority, "%s", buffer2);
|
|
Packit |
d37888 |
}
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
/*
|
|
Packit |
d37888 |
* timed_read - Read with timeout.
|
|
Packit |
d37888 |
*/
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
static int
|
|
Packit |
d37888 |
timed_read (int fd, char *buf, int max, int timeout, int one_line)
|
|
Packit |
d37888 |
{
|
|
Packit |
d37888 |
fd_set rmask;
|
|
Packit |
d37888 |
struct timeval tv; /* = {timeout, 0}; */
|
|
Packit |
d37888 |
char c = 0;
|
|
Packit |
d37888 |
int nbytes = 0;
|
|
Packit |
d37888 |
int r;
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
tv.tv_sec = timeout;
|
|
Packit |
d37888 |
tv.tv_usec = 0;
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
FD_ZERO (&rmask);
|
|
Packit |
d37888 |
FD_SET (fd, &rmask);
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
do {
|
|
Packit |
d37888 |
r = select (fd + 1, &rmask, NULL, NULL, &tv;;
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
if (r > 0) {
|
|
Packit |
d37888 |
if (read (fd, &c, 1) == 1) {
|
|
Packit |
d37888 |
*buf++ = c;
|
|
Packit |
d37888 |
++nbytes;
|
|
Packit |
d37888 |
} else {
|
|
Packit |
d37888 |
syslog_io_message (LOG_WARNING, "read error on socket");
|
|
Packit |
d37888 |
return -1;
|
|
Packit |
d37888 |
}
|
|
Packit |
d37888 |
} else if (r == 0) {
|
|
Packit |
d37888 |
syslog_io_message (LOG_WARNING, "read timed out");
|
|
Packit |
d37888 |
return -1;
|
|
Packit |
d37888 |
} else {
|
|
Packit |
d37888 |
syslog_io_message (LOG_WARNING, "error in select");
|
|
Packit |
d37888 |
return -1;
|
|
Packit |
d37888 |
}
|
|
Packit |
d37888 |
} while ((nbytes < max) && !(one_line && (c == '\n')));
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
--buf;
|
|
Packit |
d37888 |
if (one_line && *buf == '\n') {
|
|
Packit |
d37888 |
*buf = 0;
|
|
Packit |
d37888 |
}
|
|
Packit |
d37888 |
return nbytes;
|
|
Packit |
d37888 |
}
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
/*
|
|
Packit |
d37888 |
* permitted -- return whether a given host is allowed to connect to the server.
|
|
Packit |
d37888 |
*/
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
static int
|
|
Packit |
d37888 |
permitted (u_long host_addr, int fd)
|
|
Packit |
d37888 |
{
|
|
Packit |
d37888 |
int i;
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
char auth_protocol[128];
|
|
Packit |
d37888 |
char buf[1024];
|
|
Packit |
d37888 |
int auth_data_len;
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
/* Read auth protocol name */
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
if (timed_read (fd, auth_protocol, AUTH_NAMESZ, AUTH_TIMEOUT, 1) <= 0)
|
|
Packit |
d37888 |
return FALSE;
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
if (enable_debug)
|
|
Packit |
d37888 |
syslog_message (LOG_DEBUG,
|
|
Packit |
d37888 |
"Client sent authenticatin protocol '%s'.",
|
|
Packit |
d37888 |
auth_protocol);
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
if (strcmp (auth_protocol, DEFAUTH_NAME) &&
|
|
Packit |
d37888 |
strcmp (auth_protocol, MCOOKIE_NAME)) {
|
|
Packit |
d37888 |
syslog_message (LOG_WARNING,
|
|
Packit |
d37888 |
"Invalid authentication protocol "
|
|
Packit |
d37888 |
"'%s' from client",
|
|
Packit |
d37888 |
auth_protocol);
|
|
Packit |
d37888 |
return FALSE;
|
|
Packit |
d37888 |
}
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
if (!strcmp (auth_protocol, MCOOKIE_NAME)) {
|
|
Packit |
d37888 |
/*
|
|
Packit |
d37888 |
* doing magic cookie auth
|
|
Packit |
d37888 |
*/
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
if (timed_read (fd, buf, 10, AUTH_TIMEOUT, 1) <= 0)
|
|
Packit |
d37888 |
return FALSE;
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
auth_data_len = atoi (buf);
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
if (auth_data_len < 1 || (size_t)auth_data_len > sizeof(buf)) {
|
|
Packit |
d37888 |
syslog_message(LOG_WARNING, "Invalid data length supplied by client");
|
|
Packit |
d37888 |
return FALSE;
|
|
Packit |
d37888 |
}
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
if (timed_read (fd, buf, auth_data_len, AUTH_TIMEOUT, 0) != auth_data_len)
|
|
Packit |
d37888 |
return FALSE;
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
#ifdef AUTH_MAGIC_COOKIE
|
|
Packit |
d37888 |
if (!invoked_from_inetd && server_xauth && server_xauth->data &&
|
|
Packit |
d37888 |
!memcmp (buf, server_xauth->data, auth_data_len)) {
|
|
Packit |
d37888 |
return TRUE;
|
|
Packit |
d37888 |
}
|
|
Packit |
d37888 |
#else
|
|
Packit |
d37888 |
syslog_message (LOG_WARNING,
|
|
Packit |
d37888 |
"Client tried Xauth, but server is "
|
|
Packit |
d37888 |
"not compiled with Xauth");
|
|
Packit |
d37888 |
#endif
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
/*
|
|
Packit |
d37888 |
* auth failed, but allow this to fall through to the
|
|
Packit |
d37888 |
* GNU_SECURE protocol....
|
|
Packit |
d37888 |
*/
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
if (verbose_output) {
|
|
Packit |
d37888 |
if (changed_uid || invoked_from_inetd)
|
|
Packit |
d37888 |
syslog_message (LOG_WARNING,
|
|
Packit |
d37888 |
"Xauth authentication not allowed, "
|
|
Packit |
d37888 |
"trying GNU_SECURE ...");
|
|
Packit |
d37888 |
else
|
|
Packit |
d37888 |
syslog_message (LOG_WARNING,
|
|
Packit |
d37888 |
"Xauth authentication failed, "
|
|
Packit |
d37888 |
"trying GNU_SECURE auth...");
|
|
Packit |
d37888 |
}
|
|
Packit |
d37888 |
}
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
/* Other auth protocols go here, and should execute only if
|
|
Packit |
d37888 |
* the * auth_protocol name matches. */
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
/* Now, try the old GNU_SECURE stuff... */
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
if (enable_debug)
|
|
Packit |
d37888 |
syslog_message (LOG_DEBUG, "Doing GNU_SECURE auth ...");
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
/* Now check the chain for that hash key */
|
|
Packit |
d37888 |
for (i = 0; i < HOST_TABLE_ENTRIES; i++) {
|
|
Packit |
d37888 |
if (enable_debug)
|
|
Packit |
d37888 |
syslog_message (LOG_DEBUG, "Trying %lx - %lx",
|
|
Packit |
d37888 |
host_addr, permitted_hosts [i]);
|
|
Packit |
d37888 |
if (permitted_hosts [i] == 0L)
|
|
Packit |
d37888 |
return (FALSE);
|
|
Packit |
d37888 |
if (host_addr == permitted_hosts [i])
|
|
Packit |
d37888 |
return (TRUE);
|
|
Packit |
d37888 |
}
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
return (FALSE);
|
|
Packit |
d37888 |
}
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
/*
|
|
Packit |
d37888 |
* setup_table -- initialise the table of hosts allowed to contact the server,
|
|
Packit |
d37888 |
* by reading from the file specified by the GNU_SECURE
|
|
Packit |
d37888 |
* environment variable
|
|
Packit |
d37888 |
* Put in the local machine, and, if a security file is specifed,
|
|
Packit |
d37888 |
* add each host that is named in the file.
|
|
Packit |
d37888 |
* Return the number of hosts added.
|
|
Packit |
d37888 |
*/
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
static int
|
|
Packit |
d37888 |
setup_table (void)
|
|
Packit |
d37888 |
{
|
|
Packit |
d37888 |
char hostname [HOSTNAMSZ];
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
#ifdef AUTH_MAGIC_COOKIE
|
|
Packit |
d37888 |
char screen [BUFSIZ];
|
|
Packit |
d37888 |
#endif
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
long host_addr;
|
|
Packit |
d37888 |
int i, hosts = 0;
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
/* Make sure every entry is null */
|
|
Packit |
d37888 |
for (i = 0; i < HOST_TABLE_ENTRIES; i++)
|
|
Packit |
d37888 |
permitted_hosts [i] = 0;
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
gethostname (hostname, HOSTNAMSZ);
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
if ((host_addr = glibtop_internet_addr (hostname)) == -1) {
|
|
Packit |
d37888 |
syslog_io_message (LOG_ERR, "Can't resolve '%s'", hostname);
|
|
Packit |
d37888 |
exit (1);
|
|
Packit |
d37888 |
}
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
#ifdef AUTH_MAGIC_COOKIE
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
sprintf (screen, "%d", SERVER_PORT);
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
server_xauth = XauGetAuthByAddr
|
|
Packit |
d37888 |
(FamilyInternet,
|
|
Packit |
d37888 |
sizeof (host_addr), (char *) &host_addr,
|
|
Packit |
d37888 |
strlen (screen), screen,
|
|
Packit |
d37888 |
strlen (MCOOKIE_X_NAME), MCOOKIE_X_NAME);
|
|
Packit |
d37888 |
hosts++;
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
#endif /* AUTH_MAGIC_COOKIE */
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
/* Resolv host names from permitted_host_names []. */
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
for (i = 0; i < HOST_TABLE_ENTRIES; i++) {
|
|
Packit |
d37888 |
if (!permitted_host_names [i])
|
|
Packit |
d37888 |
continue;
|
|
Packit |
d37888 |
if (enable_debug)
|
|
Packit |
d37888 |
syslog_message (LOG_DEBUG, "Resolving %s ...",
|
|
Packit |
d37888 |
permitted_host_names [i]);
|
|
Packit |
d37888 |
permitted_hosts [i] =
|
|
Packit |
d37888 |
glibtop_internet_addr (permitted_host_names [i]);
|
|
Packit |
d37888 |
if ((long) permitted_hosts [i] == -1) {
|
|
Packit |
d37888 |
syslog_io_message (LOG_ERR, "Can't resolve '%s'",
|
|
Packit |
d37888 |
permitted_host_names [i]);
|
|
Packit |
d37888 |
exit (1);
|
|
Packit |
d37888 |
}
|
|
Packit |
d37888 |
}
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
if (enable_debug)
|
|
Packit |
d37888 |
for (i = 0; i < HOST_TABLE_ENTRIES; i++)
|
|
Packit |
d37888 |
syslog_message (LOG_DEBUG, "Host %s - %lx",
|
|
Packit |
d37888 |
permitted_host_names [i],
|
|
Packit |
d37888 |
permitted_hosts [i]);
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
hosts += HOST_TABLE_ENTRIES;
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
return hosts;
|
|
Packit |
d37888 |
} /* setup_table */
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
/*
|
|
Packit |
d37888 |
* internet_init -- initialize server, returning an internet socket that can
|
|
Packit |
d37888 |
* be listened on.
|
|
Packit |
d37888 |
*/
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
static int
|
|
Packit |
d37888 |
internet_init (void)
|
|
Packit |
d37888 |
{
|
|
Packit |
d37888 |
int ls; /* socket descriptor */
|
|
Packit |
d37888 |
struct sockaddr_in server; /* for local socket address */
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
if (setup_table () == 0)
|
|
Packit |
d37888 |
return -1;
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
/* clear out address structure */
|
|
Packit |
d37888 |
memset ((char *) &server, 0, sizeof (struct sockaddr_in));
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
/* Set up address structure for the listen socket. */
|
|
Packit |
d37888 |
server.sin_family = AF_INET;
|
|
Packit |
d37888 |
server.sin_addr.s_addr = INADDR_ANY;
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
/* We use a fixed port given in the config file. */
|
|
Packit |
d37888 |
server.sin_port = htons (SERVER_PORT);
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
if (verbose_output)
|
|
Packit |
d37888 |
syslog_message (LOG_INFO, "Using port %u.", SERVER_PORT);
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
/* Create the listen socket. */
|
|
Packit |
d37888 |
if ((ls = socket (AF_INET, SOCK_STREAM, 0)) == -1) {
|
|
Packit |
d37888 |
syslog_io_message (LOG_ERR, "unable to create socket");
|
|
Packit |
d37888 |
exit (1);
|
|
Packit |
d37888 |
}
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
/* Bind the listen address to the socket. */
|
|
Packit |
d37888 |
if (bind (ls, (struct sockaddr *) &server,
|
|
Packit |
d37888 |
sizeof (struct sockaddr_in)) == -1) {
|
|
Packit |
d37888 |
syslog_io_message (LOG_ERR, "bind");
|
|
Packit |
d37888 |
exit (1);
|
|
Packit |
d37888 |
}
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
/* Initiate the listen on the socket so remote users * can connect. */
|
|
Packit |
d37888 |
if (listen (ls, 20) == -1) {
|
|
Packit |
d37888 |
syslog_io_message (LOG_ERR, "listen");
|
|
Packit |
d37888 |
exit (1);
|
|
Packit |
d37888 |
}
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
return (ls);
|
|
Packit |
d37888 |
} /* internet_init */
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
/*
|
|
Packit |
d37888 |
* handle_internet_request -- accept a request from a client and send the
|
|
Packit |
d37888 |
* information to stdout (the gnu process).
|
|
Packit |
d37888 |
*/
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
static void
|
|
Packit |
d37888 |
handle_internet_request (int ls)
|
|
Packit |
d37888 |
{
|
|
Packit |
d37888 |
int s;
|
|
Packit |
d37888 |
size_t addrlen = sizeof (struct sockaddr_in);
|
|
Packit |
d37888 |
struct sockaddr_in peer; /* for peer socket address */
|
|
Packit |
d37888 |
pid_t pid;
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
memset ((char *) &peer, 0, sizeof (struct sockaddr_in));
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
if ((s = accept (ls, (struct sockaddr *) &peer, (void *) &addrlen)) == -1) {
|
|
Packit |
d37888 |
syslog_io_message (LOG_ERR, "accept");
|
|
Packit |
d37888 |
exit (1);
|
|
Packit |
d37888 |
}
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
if (verbose_output)
|
|
Packit |
d37888 |
syslog_message (LOG_INFO, "Connection was made from %s port %u.",
|
|
Packit |
d37888 |
inet_ntoa (peer.sin_addr), ntohs (peer.sin_port));
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
/* Check that access is allowed - if not return crud to the client */
|
|
Packit |
d37888 |
if (!permitted (peer.sin_addr.s_addr, s)) {
|
|
Packit |
d37888 |
close (s);
|
|
Packit |
d37888 |
syslog_message (LOG_CRIT, "Refused connection from %s.",
|
|
Packit |
d37888 |
inet_ntoa (peer.sin_addr));
|
|
Packit |
d37888 |
return;
|
|
Packit |
d37888 |
} /* if */
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
if (verbose_output)
|
|
Packit |
d37888 |
syslog_message (LOG_INFO, "Accepted connection from %s port %u.",
|
|
Packit |
d37888 |
inet_ntoa (peer.sin_addr), ntohs (peer.sin_port));
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
pid = fork ();
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
if (pid == -1) {
|
|
Packit |
d37888 |
syslog_io_message (LOG_ERR, "fork failed");
|
|
Packit |
d37888 |
exit (1);
|
|
Packit |
d37888 |
}
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
if (pid) {
|
|
Packit |
d37888 |
if (verbose_output)
|
|
Packit |
d37888 |
syslog_message (LOG_INFO, "Child pid is %d.", pid);
|
|
Packit |
d37888 |
return;
|
|
Packit |
d37888 |
}
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
handle_parent_connection (s);
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
close (s);
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
if (verbose_output)
|
|
Packit |
d37888 |
syslog_message (LOG_INFO, "Closed connection to %s port %u.",
|
|
Packit |
d37888 |
inet_ntoa (peer.sin_addr), ntohs (peer.sin_port));
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
_exit (0);
|
|
Packit |
d37888 |
} /* handle_internet_request */
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
static void
|
|
Packit |
d37888 |
handle_signal (int sig)
|
|
Packit |
d37888 |
{
|
|
Packit |
d37888 |
if (sig == SIGCHLD)
|
|
Packit |
d37888 |
return;
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
syslog_message (LOG_ERR, "Catched signal %d.\n", sig);
|
|
Packit |
d37888 |
exit (1);
|
|
Packit |
d37888 |
}
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
static const GOptionEntry options [] = {
|
|
Packit |
d37888 |
{ "debug", 'd', 0, G_OPTION_ARG_NONE, &enable_debug,
|
|
Packit |
d37888 |
N_("Enable debugging"), NULL },
|
|
Packit |
d37888 |
{ "verbose", 'v', 0, G_OPTION_ARG_NONE, &verbose_output,
|
|
Packit |
d37888 |
N_("Enable verbose output"), NULL },
|
|
Packit |
d37888 |
{ "no-daemon", 'f', 0, G_OPTION_ARG_NONE, &no_daemon,
|
|
Packit |
d37888 |
N_("Don’t fork into background"), NULL },
|
|
Packit |
d37888 |
{ "inetd", 'i', 0, G_OPTION_ARG_NONE, &invoked_from_inetd,
|
|
Packit |
d37888 |
N_("Invoked from inetd"), NULL },
|
|
Packit |
d37888 |
{ NULL }
|
|
Packit |
d37888 |
};
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
int
|
|
Packit |
d37888 |
main (int argc, char **argv)
|
|
Packit |
d37888 |
{
|
|
Packit |
d37888 |
const unsigned method = GLIBTOP_METHOD_PIPE;
|
|
Packit |
d37888 |
const unsigned long features = GLIBTOP_SYSDEPS_ALL;
|
|
Packit |
d37888 |
glibtop *server = glibtop_global_server;
|
|
Packit |
d37888 |
GOptionContext *goption_context;
|
|
Packit |
d37888 |
GError *error = NULL;
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
int ils = -1; /* internet domain listen socket */
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
setlocale (LC_ALL, "");
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
/* On non-glibc systems, this is not set up for us. */
|
|
Packit |
d37888 |
if (!program_invocation_name) {
|
|
Packit |
d37888 |
char *arg;
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
program_invocation_name = (char *) argv[0];
|
|
Packit |
d37888 |
arg = strrchr (argv[0], '/');
|
|
Packit |
d37888 |
program_invocation_short_name =
|
|
Packit |
d37888 |
arg ? (arg + 1) : program_invocation_name;
|
|
Packit |
d37888 |
}
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
g_set_prgname (program_invocation_short_name);
|
|
Packit |
d37888 |
goption_context = g_option_context_new (NULL);
|
|
Packit |
d37888 |
g_option_context_add_main_entries (goption_context, options, NULL);
|
|
Packit |
d37888 |
g_option_context_parse (goption_context, &argc, &argv, &error);
|
|
Packit |
d37888 |
g_option_context_free (goption_context);
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
if (error != NULL) {
|
|
Packit |
d37888 |
g_printerr ("%s\n", error->message);
|
|
Packit |
d37888 |
g_error_free (error);
|
|
Packit |
d37888 |
g_printerr (_("Run “%s --help” to see a full list of "
|
|
Packit |
d37888 |
"available command line options.\n"),
|
|
Packit |
d37888 |
program_invocation_name);
|
|
Packit |
d37888 |
exit(1);
|
|
Packit |
d37888 |
}
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
if (enable_debug)
|
|
Packit |
d37888 |
verbose_output = 1;
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
if (no_daemon) {
|
|
Packit |
d37888 |
openlog ("libgtop-daemon", LOG_PERROR | LOG_PID, LOG_LOCAL0);
|
|
Packit |
d37888 |
} else {
|
|
Packit |
d37888 |
openlog ("libgtop-daemon", LOG_PID, LOG_LOCAL0);
|
|
Packit |
d37888 |
}
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
if (!no_daemon && !invoked_from_inetd) {
|
|
Packit |
d37888 |
pid_t pid = fork ();
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
if (pid == -1) {
|
|
Packit |
d37888 |
syslog_io_message (LOG_ERR, "fork failed");
|
|
Packit |
d37888 |
exit (1);
|
|
Packit |
d37888 |
} else if (pid)
|
|
Packit |
d37888 |
exit (0);
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
close (0);
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
setsid ();
|
|
Packit |
d37888 |
}
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
glibtop_init_r (&glibtop_global_server, 0, GLIBTOP_INIT_NO_INIT);
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
signal (SIGCHLD, handle_signal);
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
/* If we are root, completely switch to SERVER_UID and
|
|
Packit |
d37888 |
* SERVER_GID. Otherwise we completely drop any priviledges.
|
|
Packit |
d37888 |
*/
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
if (enable_debug)
|
|
Packit |
d37888 |
syslog_message (LOG_DEBUG, "Parent ID: (%d, %d) - (%d, %d)",
|
|
Packit |
d37888 |
getuid (), geteuid (), getgid (), getegid ());
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
if (geteuid () == 0) {
|
|
Packit |
d37888 |
changed_uid = 1;
|
|
Packit |
d37888 |
if (setregid (SERVER_GID, SERVER_GID)) {
|
|
Packit |
d37888 |
syslog_io_message (LOG_ERR, "setregid (SERVER_GID)");
|
|
Packit |
d37888 |
exit (1);
|
|
Packit |
d37888 |
}
|
|
Packit |
d37888 |
if (setreuid (SERVER_UID, SERVER_UID)) {
|
|
Packit |
d37888 |
syslog_io_message (LOG_ERR, "setreuid (SERVER_UID)");
|
|
Packit |
d37888 |
exit (1);
|
|
Packit |
d37888 |
}
|
|
Packit |
d37888 |
} else {
|
|
Packit |
d37888 |
if (setreuid (geteuid (), geteuid ())) {
|
|
Packit |
d37888 |
syslog_io_message (LOG_ERR, "setreuid (euid)");
|
|
Packit |
d37888 |
exit (1);
|
|
Packit |
d37888 |
}
|
|
Packit |
d37888 |
}
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
if (enable_debug)
|
|
Packit |
d37888 |
syslog_message (LOG_DEBUG, "Parent ID: (%d, %d) - (%d, %d)",
|
|
Packit |
d37888 |
getuid (), geteuid (), getgid (), getegid ());
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
if (invoked_from_inetd) {
|
|
Packit |
d37888 |
size_t addrlen = sizeof (struct sockaddr_in);
|
|
Packit |
d37888 |
struct sockaddr_in peer;
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
memset ((char *) &peer, 0, sizeof (struct sockaddr_in));
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
if (getpeername (0, (struct sockaddr *) &peer, (void *) &addrlen)) {
|
|
Packit |
d37888 |
syslog_io_message (LOG_ERR, "getpeername");
|
|
Packit |
d37888 |
exit (1);
|
|
Packit |
d37888 |
}
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
if (verbose_output)
|
|
Packit |
d37888 |
syslog_message (LOG_INFO, "Connection was made from %s port %u.",
|
|
Packit |
d37888 |
inet_ntoa (peer.sin_addr), ntohs (peer.sin_port));
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
/* Check that access is allowed - if not return crud to the client */
|
|
Packit |
d37888 |
if (!permitted (peer.sin_addr.s_addr, 0)) {
|
|
Packit |
d37888 |
close (0);
|
|
Packit |
d37888 |
syslog_message (LOG_CRIT, "Refused connection from %s.",
|
|
Packit |
d37888 |
inet_ntoa (peer.sin_addr));
|
|
Packit |
d37888 |
exit (1);
|
|
Packit |
d37888 |
}
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
handle_parent_connection (0);
|
|
Packit |
d37888 |
exit (0);
|
|
Packit |
d37888 |
}
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
/* get a internet domain socket to listen on. */
|
|
Packit |
d37888 |
ils = internet_init ();
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
if (ils <= 0) {
|
|
Packit |
d37888 |
syslog_message (LOG_ERR, "Unable to get internet domain socket.");
|
|
Packit |
d37888 |
exit (1);
|
|
Packit |
d37888 |
}
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
glibtop_set_parameter_l (server, GLIBTOP_PARAM_METHOD,
|
|
Packit |
d37888 |
&method, sizeof (method));
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
server->features = features;
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
glibtop_init_r (&server, 0, 0);
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
while (1) {
|
|
Packit |
d37888 |
fd_set rmask;
|
|
Packit |
d37888 |
int status, ret;
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
while ((ret = wait3 (&status, WNOHANG, NULL)) != 0) {
|
|
Packit |
d37888 |
if ((ret == -1) && (errno == ECHILD))
|
|
Packit |
d37888 |
break;
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
if ((ret == -1) && ((errno == EAGAIN)))
|
|
Packit |
d37888 |
continue;
|
|
Packit |
d37888 |
if (ret == 0) {
|
|
Packit |
d37888 |
syslog_io_message (LOG_WARNING, "wait3");
|
|
Packit |
d37888 |
continue;
|
|
Packit |
d37888 |
}
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
if (verbose_output)
|
|
Packit |
d37888 |
syslog_message (LOG_INFO, "Child %d exited.", ret);
|
|
Packit |
d37888 |
}
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
FD_ZERO (&rmask);
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
/* Only the child accepts connections from standard
|
|
Packit |
d37888 |
* input made by its parent. */
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
FD_SET (ils, &rmask);
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
if (enable_debug)
|
|
Packit |
d37888 |
syslog_message (LOG_DEBUG,
|
|
Packit |
d37888 |
"Server ready and waiting for connections.");
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
if (select (ils+1, &rmask, (fd_set *) NULL, (fd_set *) NULL,
|
|
Packit |
d37888 |
(struct timeval *) NULL) < 0) {
|
|
Packit |
d37888 |
if (errno == EINTR)
|
|
Packit |
d37888 |
continue;
|
|
Packit |
d37888 |
syslog_io_message (LOG_ERR, "select");
|
|
Packit |
d37888 |
exit (1);
|
|
Packit |
d37888 |
}
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
if (FD_ISSET (ils, &rmask))
|
|
Packit |
d37888 |
handle_internet_request (ils);
|
|
Packit |
d37888 |
}
|
|
Packit |
d37888 |
|
|
Packit |
d37888 |
return 0;
|
|
Packit |
d37888 |
}
|