diff --git a/src/frontend/sock.c b/src/frontend/sock.c
index 642f03f92b0f87d25e3783bb501ecbce793ff6c3..7cb985d9735530c30caba90c26cbe85159ecd027 100644 (file)
--- a/src/frontend/sock.c
+++ b/src/frontend/sock.c
#include <sys/types.h>
#include <sys/select.h>
#include <sys/socket.h>
+#include <sys/param.h>
#include <sys/un.h>
-#include <libgen.h>
+#ifdef HAVE_UCRED_H
+# include <ucred.h>
+#endif
+#ifdef HAVE_SYS_UCRED_H
+# include <sys/ucred.h>
+#endif
+
+#include <pwd.h>
+#include <netdb.h>
+#include <libgen.h>
#include <pthread.h>
/*
int sock_fd;
int (*accept)(sdb_conn_t *);
+ int (*peer)(sdb_conn_t *);
} listener_t;
typedef struct {
*/
static int
-open_unix_sock(listener_t *listener)
+unixsock_peer(sdb_conn_t *conn)
+{
+ uid_t uid;
+
+ struct passwd pw_entry;
+ struct passwd *result = NULL;
+ char buf[1024];
+
+#ifdef SO_PEERCRED
+ struct ucred cred;
+ socklen_t len = sizeof(cred);
+
+ if (getsockopt(conn->fd, SOL_SOCKET, SO_PEERCRED, &cred, &len)
+ || (len != sizeof(cred))) {
+ char errbuf[1024];
+ sdb_log(SDB_LOG_ERR, "frontend: Failed to determine peer for "
+ "connection conn#%i: %s", conn->fd,
+ sdb_strerror(errno, errbuf, sizeof(errbuf)));
+ return -1;
+ }
+ uid = cred.uid;
+#else /* SO_PEERCRED */
+ sdb_log(SDB_LOG_ERR, "frontend: Failed to determine peer for "
+ "connection conn#%i: operation not supported", conn->fd);
+ return -1;
+#endif
+
+ memset(&pw_entry, 0, sizeof(pw_entry));
+ if (getpwuid_r(uid, &pw_entry, buf, sizeof(buf), &result) || (! result)
+ || (! (conn->username = strdup(result->pw_name)))) {
+ char errbuf[1024];
+ sdb_log(SDB_LOG_ERR, "frontend: Failed to determine peer for "
+ "connection conn#%i: %s", conn->fd,
+ sdb_strerror(errno, errbuf, sizeof(errbuf)));
+ return -1;
+ }
+ return 0;
+} /* unixsock_peer */
+
+static int
+open_unixsock(listener_t *listener)
{
- const char *addr;
char *addr_copy;
char *base_dir;
struct sockaddr_un sa;
return -1;
}
- if (*listener->address == '/')
- addr = listener->address;
- else
- addr = listener->address + strlen("unix:");
-
memset(&sa, 0, sizeof(sa));
sa.sun_family = AF_UNIX;
- strncpy(sa.sun_path, addr, sizeof(sa.sun_path));
+ strncpy(sa.sun_path, listener->address, sizeof(sa.sun_path));
- addr_copy = strdup(addr);
+ addr_copy = strdup(listener->address);
if (! addr_copy) {
char errbuf[1024];
sdb_log(SDB_LOG_ERR, "frontend: strdup failed: %s",
}
free(addr_copy);
- if (unlink(addr) && (errno != ENOENT)) {
+ if (unlink(listener->address) && (errno != ENOENT)) {
char errbuf[1024];
sdb_log(SDB_LOG_WARNING, "frontend: Failed to remove stale UNIX "
- "socket %s: %s", listener->address + strlen("unix:"),
+ "socket %s: %s", listener->address,
sdb_strerror(errno, errbuf, sizeof(errbuf)));
}
listener->address, sdb_strerror(errno, buf, sizeof(buf)));
return -1;
}
+
+ listener->peer = unixsock_peer;
return 0;
-} /* open_unix_sock */
+} /* open_unixsock */
static void
-close_unix_sock(listener_t *listener)
+close_unixsock(listener_t *listener)
{
- const char *addr;
assert(listener);
if (! listener->address)
return;
- if (*listener->address == '/')
- addr = listener->address;
- else
- addr = listener->address + strlen("unix:");
-
if (listener->sock_fd >= 0)
close(listener->sock_fd);
listener->sock_fd = -1;
- unlink(addr);
-} /* close_unix_sock */
+ unlink(listener->address);
+} /* close_unixsock */
+
+static int
+open_tcp(listener_t *listener)
+{
+ struct addrinfo *ai, *ai_list = NULL;
+ int status;
+
+ assert(listener);
+
+ if ((status = sdb_resolve(SDB_NET_TCP, listener->address, &ai_list))) {
+ sdb_log(SDB_LOG_ERR, "frontend: Failed to resolve '%s': %s",
+ listener->address, gai_strerror(status));
+ return -1;
+ }
+
+ for (ai = ai_list; ai != NULL; ai = ai->ai_next) {
+ char errbuf[1024];
+ int reuse = 1;
+
+ listener->sock_fd = socket(ai->ai_family,
+ ai->ai_socktype, ai->ai_protocol);
+ if (listener->sock_fd < 0) {
+ sdb_log(SDB_LOG_ERR, "frontend: Failed to open socket for %s: %s",
+ listener->address,
+ sdb_strerror(errno, errbuf, sizeof(errbuf)));
+ continue;
+ }
+
+ if (setsockopt(listener->sock_fd, SOL_SOCKET, SO_REUSEADDR,
+ &reuse, sizeof(reuse)) < 0) {
+ sdb_log(SDB_LOG_ERR, "frontend: Failed to set socket option: %s",
+ sdb_strerror(errno, errbuf, sizeof(errbuf)));
+ close(listener->sock_fd);
+ listener->sock_fd = -1;
+ continue;
+ }
+
+ if (bind(listener->sock_fd, ai->ai_addr, ai->ai_addrlen) < 0) {
+ char host[1024], port[32];
+ getnameinfo(ai->ai_addr, ai->ai_addrlen, host, sizeof(host),
+ port, sizeof(port), NI_NUMERICHOST | NI_NUMERICSERV);
+ sdb_log(SDB_LOG_ERR, "frontend: Failed to bind to %s:%s: %s",
+ host, port, sdb_strerror(errno, errbuf, sizeof(errbuf)));
+ close(listener->sock_fd);
+ listener->sock_fd = -1;
+ continue;
+ }
+ break;
+ }
+ freeaddrinfo(ai_list);
+
+ if (listener->sock_fd < 0)
+ return -1;
+ return 0;
+} /* open_tcp */
+
+static void
+close_tcp(listener_t *listener)
+{
+ assert(listener);
+
+ if (listener->sock_fd >= 0)
+ close(listener->sock_fd);
+ listener->sock_fd = -1;
+} /* close_tcp */
/*
* private variables
/* the enum has to be sorted the same as the implementations array
* to ensure that the type may be used as index into the array */
enum {
- LISTENER_UNIXSOCK = 0, /* this is the default */
+ LISTENER_TCP = 0, /* this is the default */
+ LISTENER_UNIXSOCK,
};
static fe_listener_impl_t listener_impls[] = {
- { LISTENER_UNIXSOCK, "unix", open_unix_sock, close_unix_sock },
+ { LISTENER_TCP, "tcp", open_tcp, close_tcp },
+ { LISTENER_UNIXSOCK, "unix", open_unixsock, close_unixsock },
};
/*
size_t len;
size_t i;
+ if (*address == '/')
+ return LISTENER_UNIXSOCK;
sep = strchr(address, (int)':');
if (! sep)
return listener_impls[0].type;
listener_create(sdb_fe_socket_t *sock, const char *address)
{
listener_t *listener;
+ size_t len;
int type;
type = get_type(address);
sock->listeners = listener;
listener = sock->listeners + sock->listeners_num;
+ len = strlen(listener_impls[type].prefix);
+ if ((! strncmp(address, listener_impls[type].prefix, len))
+ && (address[len] == ':'))
+ address += strlen(listener_impls[type].prefix) + 1;
+
listener->sock_fd = -1;
listener->address = strdup(address);
if (! listener->address) {
}
listener->type = type;
listener->accept = NULL;
+ listener->peer = NULL;
if (listener_impls[type].open(listener)) {
/* prints error */
sdb_object_deref(obj);
return -1;
}
+ if (listener->peer && listener->peer(CONN(obj))) {
+ /* peer() is expected to log an error */
+ sdb_object_deref(obj);
+ return -1;
+ }
status = sdb_llist_append(sock->open_connections, obj);
if (status)