Merge lp:~gandelman-a/ubuntu/oneiric/openbsd-inetd/merge into lp:ubuntu/oneiric/openbsd-inetd
- Oneiric (11.10)
- merge
- Merge into oneiric
Proposed by
Adam Gandelman
Status: | Merged |
---|---|
Merged at revision: | 11 |
Proposed branch: | lp:~gandelman-a/ubuntu/oneiric/openbsd-inetd/merge |
Merge into: | lp:ubuntu/oneiric/openbsd-inetd |
Diff against target: |
24426 lines (+23302/-164) 44 files modified
.pc/.version (+1/-0) .pc/applied-patches (+11/-0) .pc/buftuning/inetd.8 (+465/-0) .pc/buftuning/inetd.c (+2194/-0) .pc/discard_env/inetd.8 (+419/-0) .pc/discard_env/inetd.c (+2059/-0) .pc/global_queuelen/inetd.8 (+455/-0) .pc/global_queuelen/inetd.c (+2173/-0) .pc/libwrap/inetd.8 (+427/-0) .pc/libwrap/inetd.c (+2110/-0) .pc/misc_portability/inetd.8 (+407/-0) .pc/misc_portability/inetd.c (+1991/-0) .pc/nodaemon/inetd.8 (+452/-0) .pc/nodaemon/inetd.c (+2165/-0) .pc/print_pause_time/inetd.c (+2179/-0) .pc/setproctitle/inetd.c (+2056/-0) .pc/tcp46/inetd.8 (+460/-0) .pc/tcp46/inetd.c (+2180/-0) ChangeLog (+37/-0) Makefile.debian (+16/-0) bsd-closefrom.c (+115/-0) debian/changelog (+17/-0) debian/control (+1/-0) debian/copyright (+26/-1) debian/openbsd-inetd.postrm (+10/-0) debian/openbsd-inetd.preinst (+0/-19) debian/patches/buftuning (+6/-6) debian/patches/discard_env (+8/-10) debian/patches/global_queuelen (+30/-9) debian/patches/libwrap (+10/-10) debian/patches/makefile (+1/-1) debian/patches/misc_portability (+150/-19) debian/patches/nodaemon (+10/-11) debian/patches/print_pause_time (+1/-1) debian/patches/setproctitle (+6/-6) debian/patches/tcp46 (+2/-2) debian/rules (+7/-9) debian/source/format (+1/-0) inetd.8 (+100/-19) inetd.c (+316/-41) setproctitle.c (+146/-0) setproctitle.h (+4/-0) strlcpy.c (+63/-0) test.conf (+15/-0) |
To merge this branch: | bzr merge lp:~gandelman-a/ubuntu/oneiric/openbsd-inetd/merge |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Ubuntu branches | Pending | ||
Review via email: mp+66281@code.launchpad.net |
Commit message
Description of the change
Removed delta in debian/rules as hardening is already applied Debian package.
To post a comment you must log in.
Preview Diff
[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1 | === added directory '.pc' | |||
2 | === added file '.pc/.version' | |||
3 | --- .pc/.version 1970-01-01 00:00:00 +0000 | |||
4 | +++ .pc/.version 2011-06-29 11:29:23 +0000 | |||
5 | @@ -0,0 +1,1 @@ | |||
6 | 1 | 2 | ||
7 | 0 | 2 | ||
8 | === added file '.pc/applied-patches' | |||
9 | --- .pc/applied-patches 1970-01-01 00:00:00 +0000 | |||
10 | +++ .pc/applied-patches 2011-06-29 11:29:23 +0000 | |||
11 | @@ -0,0 +1,11 @@ | |||
12 | 1 | makefile | ||
13 | 2 | test | ||
14 | 3 | misc_portability | ||
15 | 4 | setproctitle | ||
16 | 5 | discard_env | ||
17 | 6 | libwrap | ||
18 | 7 | nodaemon | ||
19 | 8 | global_queuelen | ||
20 | 9 | print_pause_time | ||
21 | 10 | tcp46 | ||
22 | 11 | buftuning | ||
23 | 0 | 12 | ||
24 | === added directory '.pc/buftuning' | |||
25 | === added file '.pc/buftuning/inetd.8' | |||
26 | --- .pc/buftuning/inetd.8 1970-01-01 00:00:00 +0000 | |||
27 | +++ .pc/buftuning/inetd.8 2011-06-29 11:29:23 +0000 | |||
28 | @@ -0,0 +1,465 @@ | |||
29 | 1 | .\" $OpenBSD: inetd.8,v 1.33 2008/06/28 10:54:45 sobrado Exp $ | ||
30 | 2 | .\" Copyright (c) 1985, 1991 The Regents of the University of California. | ||
31 | 3 | .\" All rights reserved. | ||
32 | 4 | .\" | ||
33 | 5 | .\" Redistribution and use in source and binary forms, with or without | ||
34 | 6 | .\" modification, are permitted provided that the following conditions | ||
35 | 7 | .\" are met: | ||
36 | 8 | .\" 1. Redistributions of source code must retain the above copyright | ||
37 | 9 | .\" notice, this list of conditions and the following disclaimer. | ||
38 | 10 | .\" 2. Redistributions in binary form must reproduce the above copyright | ||
39 | 11 | .\" notice, this list of conditions and the following disclaimer in the | ||
40 | 12 | .\" documentation and/or other materials provided with the distribution. | ||
41 | 13 | .\" 3. Neither the name of the University nor the names of its contributors | ||
42 | 14 | .\" may be used to endorse or promote products derived from this software | ||
43 | 15 | .\" without specific prior written permission. | ||
44 | 16 | .\" | ||
45 | 17 | .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND | ||
46 | 18 | .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
47 | 19 | .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
48 | 20 | .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE | ||
49 | 21 | .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
50 | 22 | .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
51 | 23 | .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
52 | 24 | .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
53 | 25 | .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
54 | 26 | .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
55 | 27 | .\" SUCH DAMAGE. | ||
56 | 28 | .\" | ||
57 | 29 | .\" from: @(#)inetd.8 6.7 (Berkeley) 3/16/91 | ||
58 | 30 | .\" | ||
59 | 31 | .Dd $Mdocdate: December 29 2009 $ | ||
60 | 32 | .Dt INETD 8 | ||
61 | 33 | .Os | ||
62 | 34 | .Sh NAME | ||
63 | 35 | .Nm inetd | ||
64 | 36 | .Nd internet | ||
65 | 37 | .Dq super-server | ||
66 | 38 | .Sh SYNOPSIS | ||
67 | 39 | .Nm inetd | ||
68 | 40 | .Op Fl d | ||
69 | 41 | .Op Fl E | ||
70 | 42 | .Op Fl i | ||
71 | 43 | .Op Fl l | ||
72 | 44 | .Op Fl q Ar length | ||
73 | 45 | .Op Fl R Ar rate | ||
74 | 46 | .Op Ar configuration_file | ||
75 | 47 | .Sh DESCRIPTION | ||
76 | 48 | .Nm inetd | ||
77 | 49 | listens for connections on certain internet sockets. | ||
78 | 50 | When a connection is found on one | ||
79 | 51 | of its sockets, it decides what service the socket | ||
80 | 52 | corresponds to, and invokes a program to service the request. | ||
81 | 53 | After the program is | ||
82 | 54 | finished, it continues to listen on the socket (except in some cases which | ||
83 | 55 | will be described below). | ||
84 | 56 | Essentially, | ||
85 | 57 | .Nm inetd | ||
86 | 58 | allows running one daemon to invoke several others, | ||
87 | 59 | reducing load on the system. | ||
88 | 60 | .Pp | ||
89 | 61 | The options are as follows: | ||
90 | 62 | .Bl -tag -width Ds | ||
91 | 63 | .It Fl d | ||
92 | 64 | Turns on debugging. | ||
93 | 65 | .It Fl E | ||
94 | 66 | Prevents | ||
95 | 67 | .Nm inetd | ||
96 | 68 | from laundering the environment. Without this option a selection of | ||
97 | 69 | potentially harmful environent variables, including | ||
98 | 70 | .Pa PATH , | ||
99 | 71 | will be removed and not inherited by services. | ||
100 | 72 | .It Fl i | ||
101 | 73 | Makes the program not daemonize itself. | ||
102 | 74 | .It Fl l | ||
103 | 75 | Turns on libwrap connection logging and access control. | ||
104 | 76 | Internal services cannot be wrapped. When enabled, | ||
105 | 77 | .Pa /usr/sbin/tcpd | ||
106 | 78 | is silently not executed even if present in | ||
107 | 79 | .Pa /etc/inetd.conf | ||
108 | 80 | and instead libwrap is called directly by inetd. | ||
109 | 81 | .It Fl q Ar length | ||
110 | 82 | Specify the length of the | ||
111 | 83 | .Xr listen 2 | ||
112 | 84 | connections queue; the default is 128. | ||
113 | 85 | .It Fl R Ar rate | ||
114 | 86 | Specify the maximum number of times a service can be invoked | ||
115 | 87 | in one minute; the default is 256. | ||
116 | 88 | If a service exceeds this limit, | ||
117 | 89 | .Nm | ||
118 | 90 | will log the problem | ||
119 | 91 | and stop servicing requests for the specific service for ten minutes. | ||
120 | 92 | See also the wait/nowait configuration fields below. | ||
121 | 93 | .El | ||
122 | 94 | .Pp | ||
123 | 95 | Upon execution, | ||
124 | 96 | .Nm inetd | ||
125 | 97 | reads its configuration information from a configuration | ||
126 | 98 | file which, by default, is | ||
127 | 99 | .Pa /etc/inetd.conf . | ||
128 | 100 | There must be an entry for each field of the configuration | ||
129 | 101 | file, with entries for each field separated by a tab or | ||
130 | 102 | a space. | ||
131 | 103 | Comments are denoted by a | ||
132 | 104 | .Dq # | ||
133 | 105 | at the beginning | ||
134 | 106 | of a line. | ||
135 | 107 | The fields of the configuration file are as follows: | ||
136 | 108 | .Bd -unfilled -offset indent | ||
137 | 109 | service name | ||
138 | 110 | socket type | ||
139 | 111 | protocol | ||
140 | 112 | wait/nowait[.max] | ||
141 | 113 | user[.group] or user[:group] | ||
142 | 114 | server program | ||
143 | 115 | server program arguments | ||
144 | 116 | .Ed | ||
145 | 117 | .Pp | ||
146 | 118 | To specify a Sun-RPC | ||
147 | 119 | based service, the entry would contain these fields. | ||
148 | 120 | .Bd -unfilled -offset indent | ||
149 | 121 | service name/version | ||
150 | 122 | socket type | ||
151 | 123 | rpc/protocol | ||
152 | 124 | wait/nowait[.max] | ||
153 | 125 | user[.group] or user[:group] | ||
154 | 126 | server program | ||
155 | 127 | server program arguments | ||
156 | 128 | .Ed | ||
157 | 129 | .Pp | ||
158 | 130 | For internet services, the first field of the line may also have a host | ||
159 | 131 | address specifier prefixed to it, separated from the service name by a | ||
160 | 132 | colon. | ||
161 | 133 | If this is done, the string before the colon in the first field | ||
162 | 134 | indicates what local address | ||
163 | 135 | .Nm | ||
164 | 136 | should use when listening for that service. | ||
165 | 137 | Multiple local addresses | ||
166 | 138 | can be specified on the same line, separated by commas. | ||
167 | 139 | Numeric IP | ||
168 | 140 | addresses in dotted-quad notation can be used as well as symbolic | ||
169 | 141 | hostnames. | ||
170 | 142 | Symbolic hostnames are looked up using | ||
171 | 143 | .Fn gethostbyname . | ||
172 | 144 | If a hostname has multiple address mappings, inetd creates a socket | ||
173 | 145 | to listen on each address. | ||
174 | 146 | .Pp | ||
175 | 147 | The single character | ||
176 | 148 | .Dq \&* | ||
177 | 149 | indicates | ||
178 | 150 | .Dv INADDR_ANY , | ||
179 | 151 | meaning | ||
180 | 152 | .Dq all local addresses . | ||
181 | 153 | To avoid repeating an address that occurs frequently, a line with a | ||
182 | 154 | host address specifier and colon, but no further fields, causes the | ||
183 | 155 | host address specifier to be remembered and used for all further lines | ||
184 | 156 | with no explicit host specifier (until another such line or the end of | ||
185 | 157 | the file). | ||
186 | 158 | A line | ||
187 | 159 | .Dl *: | ||
188 | 160 | is implicitly provided at the top of the file; thus, traditional | ||
189 | 161 | configuration files (which have no host address specifiers) will be | ||
190 | 162 | interpreted in the traditional manner, with all services listened for | ||
191 | 163 | on all local addresses. | ||
192 | 164 | If the protocol is | ||
193 | 165 | .Dq unix , | ||
194 | 166 | this value is ignored. | ||
195 | 167 | .Pp | ||
196 | 168 | The | ||
197 | 169 | .Em service name | ||
198 | 170 | entry is the name of a valid service in | ||
199 | 171 | the file | ||
200 | 172 | .Pa /etc/services | ||
201 | 173 | or a port number. | ||
202 | 174 | For | ||
203 | 175 | .Dq internal | ||
204 | 176 | services (discussed below), the service | ||
205 | 177 | name | ||
206 | 178 | .Em must | ||
207 | 179 | be the official name of the service (that is, the first entry in | ||
208 | 180 | .Pa /etc/services ) . | ||
209 | 181 | When used to specify a Sun-RPC | ||
210 | 182 | based service, this field is a valid RPC service name in | ||
211 | 183 | the file | ||
212 | 184 | .Pa /etc/rpc . | ||
213 | 185 | The part on the right of the | ||
214 | 186 | .Dq / | ||
215 | 187 | is the RPC version number. | ||
216 | 188 | This can simply be a single numeric argument or a range of versions. | ||
217 | 189 | A range is bounded by the low version to the high version - | ||
218 | 190 | .Dq rusers/1\-3 . | ||
219 | 191 | For | ||
220 | 192 | .Ux Ns -domain | ||
221 | 193 | sockets this field specifies the path name of the socket. | ||
222 | 194 | .Pp | ||
223 | 195 | The | ||
224 | 196 | .Em socket type | ||
225 | 197 | should be one of | ||
226 | 198 | .Dq stream , | ||
227 | 199 | .Dq dgram , | ||
228 | 200 | .Dq raw , | ||
229 | 201 | .Dq rdm , | ||
230 | 202 | or | ||
231 | 203 | .Dq seqpacket , | ||
232 | 204 | depending on whether the socket is a stream, datagram, raw, | ||
233 | 205 | reliably delivered message, or sequenced packet socket. | ||
234 | 206 | .Pp | ||
235 | 207 | The | ||
236 | 208 | .Em protocol | ||
237 | 209 | must be a valid protocol as given in | ||
238 | 210 | .Pa /etc/protocols or | ||
239 | 211 | .Dq unix . | ||
240 | 212 | Examples might be | ||
241 | 213 | .Dq tcp | ||
242 | 214 | or | ||
243 | 215 | .Dq udp . | ||
244 | 216 | RPC based services are specified with the | ||
245 | 217 | .Dq rpc/tcp | ||
246 | 218 | or | ||
247 | 219 | .Dq rpc/udp | ||
248 | 220 | service type. | ||
249 | 221 | .Dq tcp | ||
250 | 222 | and | ||
251 | 223 | .Dq udp | ||
252 | 224 | will be recognized as | ||
253 | 225 | .Dq TCP or UDP over default IP version . | ||
254 | 226 | This is currently IPv4, but in the future it will be IPv6. | ||
255 | 227 | If you need to specify IPv4 or IPv6 explicitly, use something like | ||
256 | 228 | .Dq tcp4 | ||
257 | 229 | or | ||
258 | 230 | .Dq udp6 . | ||
259 | 231 | A | ||
260 | 232 | .Em protocol | ||
261 | 233 | of | ||
262 | 234 | .Dq unix | ||
263 | 235 | is used to specify a socket in the | ||
264 | 236 | .Ux Ns -domain . | ||
265 | 237 | .Pp | ||
266 | 238 | The | ||
267 | 239 | .Em wait/nowait | ||
268 | 240 | entry is used to tell | ||
269 | 241 | .Nm | ||
270 | 242 | if it should wait for the server program to return, | ||
271 | 243 | or continue processing connections on the socket. | ||
272 | 244 | If a datagram server connects | ||
273 | 245 | to its peer, freeing the socket so | ||
274 | 246 | .Nm inetd | ||
275 | 247 | can receive further messages on the socket, it is said to be | ||
276 | 248 | a | ||
277 | 249 | .Dq multi-threaded | ||
278 | 250 | server, and should use the | ||
279 | 251 | .Dq nowait | ||
280 | 252 | entry. | ||
281 | 253 | For datagram servers which process all incoming datagrams | ||
282 | 254 | on a socket and eventually time out, the server is said to be | ||
283 | 255 | .Dq single-threaded | ||
284 | 256 | and should use a | ||
285 | 257 | .Dq wait | ||
286 | 258 | entry. | ||
287 | 259 | .Xr comsat 8 | ||
288 | 260 | .Pq Xr biff 1 | ||
289 | 261 | and | ||
290 | 262 | .Xr talkd 8 | ||
291 | 263 | are both examples of the latter type of | ||
292 | 264 | datagram server. | ||
293 | 265 | .Xr tftpd 8 | ||
294 | 266 | is an exception; it is a datagram server that establishes pseudo-connections. | ||
295 | 267 | It must be listed as | ||
296 | 268 | .Dq wait | ||
297 | 269 | in order to avoid a race; | ||
298 | 270 | the server reads the first packet, creates a new socket, | ||
299 | 271 | and then forks and exits to allow | ||
300 | 272 | .Nm inetd | ||
301 | 273 | to check for new service requests to spawn new servers. | ||
302 | 274 | The optional | ||
303 | 275 | .Dq max | ||
304 | 276 | suffix (separated from | ||
305 | 277 | .Dq wait | ||
306 | 278 | or | ||
307 | 279 | .Dq nowait | ||
308 | 280 | by a dot) specifies the maximum number of times a service can be invoked | ||
309 | 281 | in one minute; the default is 256. | ||
310 | 282 | If a service exceeds this limit, | ||
311 | 283 | .Nm | ||
312 | 284 | will log the problem | ||
313 | 285 | and stop servicing requests for the specific service for ten minutes. | ||
314 | 286 | See also the | ||
315 | 287 | .Fl R | ||
316 | 288 | option above. | ||
317 | 289 | .Pp | ||
318 | 290 | Stream servers are usually marked as | ||
319 | 291 | .Dq nowait | ||
320 | 292 | but if a single server process is to handle multiple connections, it may be | ||
321 | 293 | marked as | ||
322 | 294 | .Dq wait . | ||
323 | 295 | The master socket will then be passed as fd 0 to the server, which will then | ||
324 | 296 | need to accept the incoming connection. | ||
325 | 297 | The server should eventually time | ||
326 | 298 | out and exit when no more connections are active. | ||
327 | 299 | .Nm | ||
328 | 300 | will continue to | ||
329 | 301 | listen on the master socket for connections, so the server should not close | ||
330 | 302 | it when it exits. | ||
331 | 303 | .Pp | ||
332 | 304 | The | ||
333 | 305 | .Em user | ||
334 | 306 | entry should contain the user name of the user as whom the server | ||
335 | 307 | should run. | ||
336 | 308 | This allows for servers to be given less permission | ||
337 | 309 | than root. | ||
338 | 310 | An optional group name can be specified by appending a dot to | ||
339 | 311 | the user name followed by the group name. | ||
340 | 312 | This allows for servers to run with | ||
341 | 313 | a different (primary) group ID than specified in the password file. | ||
342 | 314 | If a group | ||
343 | 315 | is specified and user is not root, the supplementary groups associated with | ||
344 | 316 | that user will still be set. | ||
345 | 317 | .Pp | ||
346 | 318 | The | ||
347 | 319 | .Em server program | ||
348 | 320 | entry should contain the pathname of the program which is to be | ||
349 | 321 | executed by | ||
350 | 322 | .Nm inetd | ||
351 | 323 | when a request is found on its socket. | ||
352 | 324 | If | ||
353 | 325 | .Nm inetd | ||
354 | 326 | provides this service internally, this entry should | ||
355 | 327 | be | ||
356 | 328 | .Dq internal . | ||
357 | 329 | .Pp | ||
358 | 330 | The | ||
359 | 331 | .Em server program arguments | ||
360 | 332 | should be just as arguments | ||
361 | 333 | normally are, starting with argv[0], which is the name of | ||
362 | 334 | the program. | ||
363 | 335 | If the service is provided internally, the word | ||
364 | 336 | .Dq internal | ||
365 | 337 | should take the place of this entry. | ||
366 | 338 | .Pp | ||
367 | 339 | .Nm inetd | ||
368 | 340 | provides several | ||
369 | 341 | .Dq trivial | ||
370 | 342 | services internally by use of routines within itself. | ||
371 | 343 | These services are | ||
372 | 344 | .Dq echo , | ||
373 | 345 | .Dq discard , | ||
374 | 346 | .Dq chargen | ||
375 | 347 | (character generator), | ||
376 | 348 | .Dq daytime | ||
377 | 349 | (human readable time), and | ||
378 | 350 | .Dq time | ||
379 | 351 | (machine readable time, | ||
380 | 352 | in the form of the number of seconds since midnight, January | ||
381 | 353 | 1, 1900). | ||
382 | 354 | All of these services are TCP based. | ||
383 | 355 | For details of these services, consult the appropriate | ||
384 | 356 | .Tn RFC | ||
385 | 357 | from the Network Information Center. | ||
386 | 358 | .Pp | ||
387 | 359 | .Nm inetd | ||
388 | 360 | rereads its configuration file when it receives a hangup signal, | ||
389 | 361 | .Dv SIGHUP . | ||
390 | 362 | Services may be added, deleted or modified when the configuration file | ||
391 | 363 | is reread. | ||
392 | 364 | .Nm inetd | ||
393 | 365 | creates a file | ||
394 | 366 | .Em /var/run/inetd.pid | ||
395 | 367 | that contains its process identifier. | ||
396 | 368 | .Ss libwrap | ||
397 | 369 | Support for | ||
398 | 370 | .Tn TCP | ||
399 | 371 | wrappers is included with | ||
400 | 372 | .Nm | ||
401 | 373 | to provide built-in tcpd-like access control functionality. | ||
402 | 374 | An external tcpd program is not needed. | ||
403 | 375 | You do not need to change the | ||
404 | 376 | .Pa /etc/inetd.conf | ||
405 | 377 | server-program entry to enable this capability. | ||
406 | 378 | .Nm | ||
407 | 379 | uses | ||
408 | 380 | .Pa /etc/hosts.allow | ||
409 | 381 | and | ||
410 | 382 | .Pa /etc/hosts.deny | ||
411 | 383 | for access control facility configurations, as described in | ||
412 | 384 | .Xr hosts_access 5 . | ||
413 | 385 | .Ss IPv6 TCP/UDP behavior | ||
414 | 386 | If you wish to run a server for IPv4 and IPv6 traffic, | ||
415 | 387 | you'll need to run two separate processes for the same server program, | ||
416 | 388 | specified as two separate lines in | ||
417 | 389 | .Pa inetd.conf , | ||
418 | 390 | for | ||
419 | 391 | .Dq tcp4 | ||
420 | 392 | and | ||
421 | 393 | .Dq tcp6 . | ||
422 | 394 | .Pp | ||
423 | 395 | Under various combinations of IPv4/v6 daemon settings, | ||
424 | 396 | .Nm | ||
425 | 397 | will behave as follows: | ||
426 | 398 | .Bl -bullet -compact | ||
427 | 399 | .It | ||
428 | 400 | If you have only one server on | ||
429 | 401 | .Dq tcp4 , | ||
430 | 402 | IPv4 traffic will be routed to the server. | ||
431 | 403 | IPv6 traffic will not be accepted. | ||
432 | 404 | .It | ||
433 | 405 | If you have two servers on | ||
434 | 406 | .Dq tcp4 | ||
435 | 407 | and | ||
436 | 408 | .Dq tcp6 , | ||
437 | 409 | IPv4 traffic will be routed to the server on | ||
438 | 410 | .Dq tcp4 , | ||
439 | 411 | and IPv6 traffic will go to server on | ||
440 | 412 | .Dq tcp6 . | ||
441 | 413 | .It | ||
442 | 414 | If you have only one server on | ||
443 | 415 | .Dq tcp6 , | ||
444 | 416 | only IPv6 traffic will be routed to the server. | ||
445 | 417 | .Pp | ||
446 | 418 | The special | ||
447 | 419 | .Dq tcp46 | ||
448 | 420 | parameter can be used for obsolete servers which require to receive IPv4 | ||
449 | 421 | connections mapped in an IPv6 socket. Its usage is discouraged. | ||
450 | 422 | .El | ||
451 | 423 | .Sh SEE ALSO | ||
452 | 424 | .Xr fingerd 8 , | ||
453 | 425 | .Xr ftpd 8 , | ||
454 | 426 | .Xr identd 8 , | ||
455 | 427 | .Xr rshd 8 , | ||
456 | 428 | .Xr talkd 8 , | ||
457 | 429 | .Xr tftpd 8 | ||
458 | 430 | .Sh HISTORY | ||
459 | 431 | The | ||
460 | 432 | .Nm | ||
461 | 433 | command appeared in | ||
462 | 434 | .Bx 4.3 . | ||
463 | 435 | Support for Sun-RPC | ||
464 | 436 | based services is modelled after that | ||
465 | 437 | provided by SunOS 4.1. | ||
466 | 438 | IPv6 support was added by the KAME project in 1999. | ||
467 | 439 | .Pp | ||
468 | 440 | Marco d'Itri ported this code from OpenBSD in summer 2002 and added | ||
469 | 441 | socket buffers tuning and libwrap support from the NetBSD source tree. | ||
470 | 442 | .Sh BUGS | ||
471 | 443 | On Linux systems, the daemon cannot reload its configuration and needs | ||
472 | 444 | to be restarted when the host address for a service is changed between | ||
473 | 445 | .Dq \&* | ||
474 | 446 | and a specific address. | ||
475 | 447 | .Pp | ||
476 | 448 | Server programs used with | ||
477 | 449 | .Dq dgram | ||
478 | 450 | .Dq udp | ||
479 | 451 | .Dq nowait | ||
480 | 452 | must read from the network socket, or | ||
481 | 453 | .Nm inetd | ||
482 | 454 | will spawn processes until the maximum is reached. | ||
483 | 455 | .Pp | ||
484 | 456 | Host address specifiers, while they make conceptual sense for RPC | ||
485 | 457 | services, do not work entirely correctly. | ||
486 | 458 | This is largely because the | ||
487 | 459 | portmapper interface does not provide a way to register different ports | ||
488 | 460 | for the same service on different local addresses. | ||
489 | 461 | Provided you never | ||
490 | 462 | have more than one entry for a given RPC service, everything should | ||
491 | 463 | work correctly. | ||
492 | 464 | (Note that default host address specifiers do apply to | ||
493 | 465 | RPC lines with no explicit specifier.) | ||
494 | 0 | 466 | ||
495 | === added file '.pc/buftuning/inetd.c' | |||
496 | --- .pc/buftuning/inetd.c 1970-01-01 00:00:00 +0000 | |||
497 | +++ .pc/buftuning/inetd.c 2011-06-29 11:29:23 +0000 | |||
498 | @@ -0,0 +1,2194 @@ | |||
499 | 1 | /* $OpenBSD: inetd.c,v 1.131 2009/10/27 23:59:51 deraadt Exp $ */ | ||
500 | 2 | |||
501 | 3 | /* | ||
502 | 4 | * Copyright (c) 1983,1991 The Regents of the University of California. | ||
503 | 5 | * All rights reserved. | ||
504 | 6 | * | ||
505 | 7 | * Redistribution and use in source and binary forms, with or without | ||
506 | 8 | * modification, are permitted provided that the following conditions | ||
507 | 9 | * are met: | ||
508 | 10 | * 1. Redistributions of source code must retain the above copyright | ||
509 | 11 | * notice, this list of conditions and the following disclaimer. | ||
510 | 12 | * 2. Redistributions in binary form must reproduce the above copyright | ||
511 | 13 | * notice, this list of conditions and the following disclaimer in the | ||
512 | 14 | * documentation and/or other materials provided with the distribution. | ||
513 | 15 | * 3. Neither the name of the University nor the names of its contributors | ||
514 | 16 | * may be used to endorse or promote products derived from this software | ||
515 | 17 | * without specific prior written permission. | ||
516 | 18 | * | ||
517 | 19 | * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND | ||
518 | 20 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
519 | 21 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
520 | 22 | * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE | ||
521 | 23 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
522 | 24 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
523 | 25 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
524 | 26 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
525 | 27 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
526 | 28 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
527 | 29 | * SUCH DAMAGE. | ||
528 | 30 | */ | ||
529 | 31 | |||
530 | 32 | /* | ||
531 | 33 | * Inetd - Internet super-server | ||
532 | 34 | * | ||
533 | 35 | * This program invokes all internet services as needed. | ||
534 | 36 | * connection-oriented services are invoked each time a | ||
535 | 37 | * connection is made, by creating a process. This process | ||
536 | 38 | * is passed the connection as file descriptor 0 and is | ||
537 | 39 | * expected to do a getpeername to find out the source host | ||
538 | 40 | * and port. | ||
539 | 41 | * | ||
540 | 42 | * Datagram oriented services are invoked when a datagram | ||
541 | 43 | * arrives; a process is created and passed a pending message | ||
542 | 44 | * on file descriptor 0. Datagram servers may either connect | ||
543 | 45 | * to their peer, freeing up the original socket for inetd | ||
544 | 46 | * to receive further messages on, or ``take over the socket'', | ||
545 | 47 | * processing all arriving datagrams and, eventually, timing | ||
546 | 48 | * out. The first type of server is said to be ``multi-threaded''; | ||
547 | 49 | * the second type of server ``single-threaded''. | ||
548 | 50 | * | ||
549 | 51 | * Inetd uses a configuration file which is read at startup | ||
550 | 52 | * and, possibly, at some later time in response to a hangup signal. | ||
551 | 53 | * The configuration file is ``free format'' with fields given in the | ||
552 | 54 | * order shown below. Continuation lines for an entry must begin with | ||
553 | 55 | * a space or tab. All fields must be present in each entry. | ||
554 | 56 | * | ||
555 | 57 | * service name must be in /etc/services | ||
556 | 58 | * socket type stream/dgram/raw/rdm/seqpacket | ||
557 | 59 | * protocol must be in /etc/protocols | ||
558 | 60 | * wait/nowait[.max] single-threaded/multi-threaded, max # | ||
559 | 61 | * user[.group] or user[:group] user/group to run daemon as | ||
560 | 62 | * server program full path name | ||
561 | 63 | * server program arguments maximum of MAXARGS (20) | ||
562 | 64 | * | ||
563 | 65 | * For RPC services | ||
564 | 66 | * service name/version must be in /etc/rpc | ||
565 | 67 | * socket type stream/dgram/raw/rdm/seqpacket | ||
566 | 68 | * protocol must be in /etc/protocols | ||
567 | 69 | * wait/nowait[.max] single-threaded/multi-threaded | ||
568 | 70 | * user[.group] or user[:group] user to run daemon as | ||
569 | 71 | * server program full path name | ||
570 | 72 | * server program arguments maximum of MAXARGS (20) | ||
571 | 73 | * | ||
572 | 74 | * For non-RPC services, the "service name" can be of the form | ||
573 | 75 | * hostaddress:servicename, in which case the hostaddress is used | ||
574 | 76 | * as the host portion of the address to listen on. If hostaddress | ||
575 | 77 | * consists of a single `*' character, INADDR_ANY is used. | ||
576 | 78 | * | ||
577 | 79 | * A line can also consist of just | ||
578 | 80 | * hostaddress: | ||
579 | 81 | * where hostaddress is as in the preceding paragraph. Such a line must | ||
580 | 82 | * have no further fields; the specified hostaddress is remembered and | ||
581 | 83 | * used for all further lines that have no hostaddress specified, | ||
582 | 84 | * until the next such line (or EOF). (This is why * is provided to | ||
583 | 85 | * allow explicit specification of INADDR_ANY.) A line | ||
584 | 86 | * *: | ||
585 | 87 | * is implicitly in effect at the beginning of the file. | ||
586 | 88 | * | ||
587 | 89 | * The hostaddress specifier may (and often will) contain dots; | ||
588 | 90 | * the service name must not. | ||
589 | 91 | * | ||
590 | 92 | * For RPC services, host-address specifiers are accepted and will | ||
591 | 93 | * work to some extent; however, because of limitations in the | ||
592 | 94 | * portmapper interface, it will not work to try to give more than | ||
593 | 95 | * one line for any given RPC service, even if the host-address | ||
594 | 96 | * specifiers are different. | ||
595 | 97 | * | ||
596 | 98 | * Comment lines are indicated by a `#' in column 1. | ||
597 | 99 | */ | ||
598 | 100 | |||
599 | 101 | /* | ||
600 | 102 | * Here's the scoop concerning the user[.:]group feature: | ||
601 | 103 | * | ||
602 | 104 | * 1) set-group-option off. | ||
603 | 105 | * | ||
604 | 106 | * a) user = root: NO setuid() or setgid() is done | ||
605 | 107 | * | ||
606 | 108 | * b) other: setgid(primary group as found in passwd) | ||
607 | 109 | * initgroups(name, primary group) | ||
608 | 110 | * setuid() | ||
609 | 111 | * | ||
610 | 112 | * 2) set-group-option on. | ||
611 | 113 | * | ||
612 | 114 | * a) user = root: setgid(specified group) | ||
613 | 115 | * NO initgroups() | ||
614 | 116 | * NO setuid() | ||
615 | 117 | * | ||
616 | 118 | * b) other: setgid(specified group) | ||
617 | 119 | * initgroups(name, specified group) | ||
618 | 120 | * setuid() | ||
619 | 121 | * | ||
620 | 122 | */ | ||
621 | 123 | |||
622 | 124 | #include <sys/param.h> | ||
623 | 125 | #include <sys/stat.h> | ||
624 | 126 | #include <sys/ioctl.h> | ||
625 | 127 | #include <sys/socket.h> | ||
626 | 128 | #include <sys/un.h> | ||
627 | 129 | #include <sys/file.h> | ||
628 | 130 | #include <sys/wait.h> | ||
629 | 131 | #include <time.h> | ||
630 | 132 | #include <sys/time.h> | ||
631 | 133 | #include <sys/resource.h> | ||
632 | 134 | |||
633 | 135 | #include <net/if.h> | ||
634 | 136 | #include <netinet/in.h> | ||
635 | 137 | #include <arpa/inet.h> | ||
636 | 138 | |||
637 | 139 | #include <errno.h> | ||
638 | 140 | #include <ctype.h> | ||
639 | 141 | #include <signal.h> | ||
640 | 142 | #include <netdb.h> | ||
641 | 143 | #include <syslog.h> | ||
642 | 144 | #include <pwd.h> | ||
643 | 145 | #include <grp.h> | ||
644 | 146 | #include <stdio.h> | ||
645 | 147 | #include <stdlib.h> | ||
646 | 148 | #include <unistd.h> | ||
647 | 149 | #include <string.h> | ||
648 | 150 | #ifdef HAVE_SETUSERCONTEXT | ||
649 | 151 | #include <login_cap.h> | ||
650 | 152 | #endif | ||
651 | 153 | #ifdef HAVE_GETIFADDRS | ||
652 | 154 | #include <ifaddrs.h> | ||
653 | 155 | #endif | ||
654 | 156 | #include <rpc/rpc.h> | ||
655 | 157 | #include <rpc/pmap_clnt.h> | ||
656 | 158 | #include "pathnames.h" | ||
657 | 159 | #include "setproctitle.h" | ||
658 | 160 | |||
659 | 161 | size_t strlcpy(char *, const char *, size_t); | ||
660 | 162 | |||
661 | 163 | #define TOOMANY 256 /* don't start more than TOOMANY */ | ||
662 | 164 | #define CNT_INTVL 60 /* servers in CNT_INTVL sec. */ | ||
663 | 165 | #define RETRYTIME (60*10) /* retry after bind or server fail */ | ||
664 | 166 | |||
665 | 167 | #ifdef LIBWRAP | ||
666 | 168 | # include <tcpd.h> | ||
667 | 169 | int lflag = 0; | ||
668 | 170 | #endif | ||
669 | 171 | |||
670 | 172 | int debug = 0; | ||
671 | 173 | int global_queuelen = 128; | ||
672 | 174 | int nsock, maxsock; | ||
673 | 175 | fd_set *allsockp; | ||
674 | 176 | int allsockn; | ||
675 | 177 | int toomany = TOOMANY; | ||
676 | 178 | int options; | ||
677 | 179 | int timingout; | ||
678 | 180 | struct servent *sp; | ||
679 | 181 | uid_t uid; | ||
680 | 182 | sigset_t blockmask; | ||
681 | 183 | sigset_t emptymask; | ||
682 | 184 | |||
683 | 185 | #ifndef OPEN_MAX | ||
684 | 186 | #define OPEN_MAX 64 | ||
685 | 187 | #endif | ||
686 | 188 | |||
687 | 189 | /* Reserve some descriptors, 3 stdio + at least: 1 log, 1 conf. file */ | ||
688 | 190 | #define FD_MARGIN (8) | ||
689 | 191 | rlim_t rlim_nofile_cur = OPEN_MAX; | ||
690 | 192 | |||
691 | 193 | struct rlimit rlim_nofile; | ||
692 | 194 | |||
693 | 195 | struct servtab { | ||
694 | 196 | char *se_hostaddr; /* host address to listen on */ | ||
695 | 197 | char *se_service; /* name of service */ | ||
696 | 198 | int se_socktype; /* type of socket to use */ | ||
697 | 199 | int se_family; /* address family */ | ||
698 | 200 | char *se_proto; /* protocol used */ | ||
699 | 201 | int se_rpcprog; /* rpc program number */ | ||
700 | 202 | int se_rpcversl; /* rpc program lowest version */ | ||
701 | 203 | int se_rpcversh; /* rpc program highest version */ | ||
702 | 204 | #define isrpcservice(sep) ((sep)->se_rpcversl != 0) | ||
703 | 205 | pid_t se_wait; /* single threaded server */ | ||
704 | 206 | short se_checked; /* looked at during merge */ | ||
705 | 207 | char *se_user; /* user name to run as */ | ||
706 | 208 | char *se_group; /* group name to run as */ | ||
707 | 209 | struct biltin *se_bi; /* if built-in, description */ | ||
708 | 210 | char *se_server; /* server program */ | ||
709 | 211 | #define MAXARGV 20 | ||
710 | 212 | char *se_argv[MAXARGV+1]; /* program arguments */ | ||
711 | 213 | int se_fd; /* open descriptor */ | ||
712 | 214 | union { | ||
713 | 215 | struct sockaddr se_un_ctrladdr; | ||
714 | 216 | struct sockaddr_in se_un_ctrladdr_in; | ||
715 | 217 | struct sockaddr_in6 se_un_ctrladdr_in6; | ||
716 | 218 | struct sockaddr_un se_un_ctrladdr_un; | ||
717 | 219 | struct sockaddr_storage se_un_ctrladdr_storage; | ||
718 | 220 | } se_un; /* bound address */ | ||
719 | 221 | #define se_ctrladdr se_un.se_un_ctrladdr | ||
720 | 222 | #define se_ctrladdr_in se_un.se_un_ctrladdr_in | ||
721 | 223 | #define se_ctrladdr_in6 se_un.se_un_ctrladdr_in6 | ||
722 | 224 | #define se_ctrladdr_un se_un.se_un_ctrladdr_un | ||
723 | 225 | #define se_ctrladdr_storage se_un.se_un_ctrladdr_storage | ||
724 | 226 | int se_ctrladdr_size; | ||
725 | 227 | int se_max; /* max # of instances of this service */ | ||
726 | 228 | int se_count; /* number started since se_time */ | ||
727 | 229 | struct timeval se_time; /* start of se_count */ | ||
728 | 230 | struct servtab *se_next; | ||
729 | 231 | } *servtab; | ||
730 | 232 | |||
731 | 233 | void echo_stream(int, struct servtab *); | ||
732 | 234 | void discard_stream(int, struct servtab *); | ||
733 | 235 | void machtime_stream(int, struct servtab *); | ||
734 | 236 | void daytime_stream(int, struct servtab *); | ||
735 | 237 | void chargen_stream(int, struct servtab *); | ||
736 | 238 | void echo_dg(int, struct servtab *); | ||
737 | 239 | void discard_dg(int, struct servtab *); | ||
738 | 240 | void machtime_dg(int, struct servtab *); | ||
739 | 241 | void daytime_dg(int, struct servtab *); | ||
740 | 242 | void chargen_dg(int, struct servtab *); | ||
741 | 243 | |||
742 | 244 | struct biltin { | ||
743 | 245 | char *bi_service; /* internally provided service name */ | ||
744 | 246 | int bi_socktype; /* type of socket supported */ | ||
745 | 247 | short bi_fork; /* 1 if should fork before call */ | ||
746 | 248 | short bi_wait; /* 1 if should wait for child */ | ||
747 | 249 | void (*bi_fn)(int, struct servtab *); | ||
748 | 250 | } biltins[] = { | ||
749 | 251 | /* Echo received data */ | ||
750 | 252 | { "echo", SOCK_STREAM, 1, 0, echo_stream }, | ||
751 | 253 | { "echo", SOCK_DGRAM, 0, 0, echo_dg }, | ||
752 | 254 | |||
753 | 255 | /* Internet /dev/null */ | ||
754 | 256 | { "discard", SOCK_STREAM, 1, 0, discard_stream }, | ||
755 | 257 | { "discard", SOCK_DGRAM, 0, 0, discard_dg }, | ||
756 | 258 | |||
757 | 259 | /* Return 32 bit time since 1900 */ | ||
758 | 260 | { "time", SOCK_STREAM, 0, 0, machtime_stream }, | ||
759 | 261 | { "time", SOCK_DGRAM, 0, 0, machtime_dg }, | ||
760 | 262 | |||
761 | 263 | /* Return human-readable time */ | ||
762 | 264 | { "daytime", SOCK_STREAM, 0, 0, daytime_stream }, | ||
763 | 265 | { "daytime", SOCK_DGRAM, 0, 0, daytime_dg }, | ||
764 | 266 | |||
765 | 267 | /* Familiar character generator */ | ||
766 | 268 | { "chargen", SOCK_STREAM, 1, 0, chargen_stream }, | ||
767 | 269 | { "chargen", SOCK_DGRAM, 0, 0, chargen_dg }, | ||
768 | 270 | |||
769 | 271 | { 0 } | ||
770 | 272 | }; | ||
771 | 273 | |||
772 | 274 | volatile sig_atomic_t wantretry; | ||
773 | 275 | volatile sig_atomic_t wantconfig; | ||
774 | 276 | volatile sig_atomic_t wantreap; | ||
775 | 277 | volatile sig_atomic_t wantdie; | ||
776 | 278 | |||
777 | 279 | void config(int); | ||
778 | 280 | void doconfig(void); | ||
779 | 281 | void reap(int); | ||
780 | 282 | void doreap(void); | ||
781 | 283 | void retry(int); | ||
782 | 284 | void doretry(void); | ||
783 | 285 | void die(int); | ||
784 | 286 | void dodie(void); | ||
785 | 287 | void logpid(void); | ||
786 | 288 | void spawn(struct servtab *, int); | ||
787 | 289 | int gettcp(struct servtab *); | ||
788 | 290 | int setconfig(void); | ||
789 | 291 | void endconfig(void); | ||
790 | 292 | void register_rpc(struct servtab *); | ||
791 | 293 | void unregister_rpc(struct servtab *); | ||
792 | 294 | void freeconfig(struct servtab *); | ||
793 | 295 | void print_service(char *, struct servtab *); | ||
794 | 296 | void setup(struct servtab *); | ||
795 | 297 | struct servtab *getconfigent(void); | ||
796 | 298 | int bump_nofile(void); | ||
797 | 299 | struct servtab *enter(struct servtab *); | ||
798 | 300 | int matchconf(struct servtab *, struct servtab *); | ||
799 | 301 | int dg_broadcast(struct in_addr *in); | ||
800 | 302 | void discard_stupid_environment(void); | ||
801 | 303 | |||
802 | 304 | #define NUMINT (sizeof(intab) / sizeof(struct inent)) | ||
803 | 305 | char *CONFIG = _PATH_INETDCONF; | ||
804 | 306 | |||
805 | 307 | void | ||
806 | 308 | fd_grow(fd_set **fdsp, int *bytes, int fd) | ||
807 | 309 | { | ||
808 | 310 | caddr_t new; | ||
809 | 311 | int newbytes; | ||
810 | 312 | |||
811 | 313 | newbytes = howmany(fd+1, NFDBITS) * sizeof(fd_mask); | ||
812 | 314 | if (newbytes > *bytes) { | ||
813 | 315 | newbytes *= 2; /* optimism */ | ||
814 | 316 | new = realloc(*fdsp, newbytes); | ||
815 | 317 | if (new == NULL) { | ||
816 | 318 | syslog(LOG_ERR, "Out of memory."); | ||
817 | 319 | exit(1); | ||
818 | 320 | } | ||
819 | 321 | memset(new + *bytes, 0, newbytes - *bytes); | ||
820 | 322 | *fdsp = (fd_set *)new; | ||
821 | 323 | *bytes = newbytes; | ||
822 | 324 | } | ||
823 | 325 | } | ||
824 | 326 | |||
825 | 327 | struct sigaction sa, sapipe; | ||
826 | 328 | |||
827 | 329 | int | ||
828 | 330 | main(int argc, char *argv[], char *envp[]) | ||
829 | 331 | { | ||
830 | 332 | fd_set *fdsrp = NULL; | ||
831 | 333 | int readablen = 0, ch; | ||
832 | 334 | int keepenv = 0; | ||
833 | 335 | int nodaemon = 0; | ||
834 | 336 | struct servtab *sep; | ||
835 | 337 | extern char *optarg; | ||
836 | 338 | extern int optind; | ||
837 | 339 | |||
838 | 340 | initsetproctitle(argc, argv, envp); | ||
839 | 341 | |||
840 | 342 | while ((ch = getopt(argc, argv, "dEilq:R:")) != -1) | ||
841 | 343 | switch (ch) { | ||
842 | 344 | case 'd': | ||
843 | 345 | debug = 1; | ||
844 | 346 | break; | ||
845 | 347 | case 'E': | ||
846 | 348 | keepenv = 1; | ||
847 | 349 | break; | ||
848 | 350 | case 'i': | ||
849 | 351 | nodaemon = 1; | ||
850 | 352 | break; | ||
851 | 353 | case 'l': | ||
852 | 354 | #ifdef LIBWRAP | ||
853 | 355 | lflag = 1; | ||
854 | 356 | break; | ||
855 | 357 | #else | ||
856 | 358 | fprintf(stderr, "%s: libwrap support not enabled", | ||
857 | 359 | progname); | ||
858 | 360 | exit(1); | ||
859 | 361 | #endif | ||
860 | 362 | case 'q': | ||
861 | 363 | global_queuelen = atoi(optarg); | ||
862 | 364 | if (global_queuelen < 10) | ||
863 | 365 | global_queuelen = 10; | ||
864 | 366 | break; | ||
865 | 367 | case 'R': { /* invocation rate */ | ||
866 | 368 | char *p; | ||
867 | 369 | int val; | ||
868 | 370 | |||
869 | 371 | val = strtoul(optarg, &p, 0); | ||
870 | 372 | if (val >= 1 && *p == '\0') { | ||
871 | 373 | toomany = val; | ||
872 | 374 | break; | ||
873 | 375 | } | ||
874 | 376 | syslog(LOG_ERR, | ||
875 | 377 | "-R %s: bad value for service invocation rate", | ||
876 | 378 | optarg); | ||
877 | 379 | break; | ||
878 | 380 | } | ||
879 | 381 | case '?': | ||
880 | 382 | default: | ||
881 | 383 | fprintf(stderr, | ||
882 | 384 | "usage: inetd [-dEil] [-q len] [-R rate] [configuration_file]\n"); | ||
883 | 385 | exit(1); | ||
884 | 386 | } | ||
885 | 387 | argc -= optind; | ||
886 | 388 | argv += optind; | ||
887 | 389 | |||
888 | 390 | /* This must be called _after_ initsetproctitle and arg parsing */ | ||
889 | 391 | if (!keepenv) | ||
890 | 392 | discard_stupid_environment(); | ||
891 | 393 | |||
892 | 394 | uid = getuid(); | ||
893 | 395 | if (uid != 0) | ||
894 | 396 | CONFIG = NULL; | ||
895 | 397 | if (argc > 0) | ||
896 | 398 | CONFIG = argv[0]; | ||
897 | 399 | if (CONFIG == NULL) { | ||
898 | 400 | fprintf(stderr, "inetd: non-root must specify a config file\n"); | ||
899 | 401 | exit(1); | ||
900 | 402 | } | ||
901 | 403 | if (argc > 1) { | ||
902 | 404 | fprintf(stderr, "inetd: more than one argument specified\n"); | ||
903 | 405 | exit(1); | ||
904 | 406 | } | ||
905 | 407 | |||
906 | 408 | umask(022); | ||
907 | 409 | if (debug == 0) { | ||
908 | 410 | if (nodaemon == 0) | ||
909 | 411 | if (daemon(0, 0) < 0) { | ||
910 | 412 | syslog(LOG_ERR, "daemon(0, 0): %m"); | ||
911 | 413 | exit(1); | ||
912 | 414 | } | ||
913 | 415 | #ifdef HAVE_SETLOGIN | ||
914 | 416 | if (uid == 0) | ||
915 | 417 | (void) setlogin(""); | ||
916 | 418 | #endif | ||
917 | 419 | } | ||
918 | 420 | if (debug && uid == 0) | ||
919 | 421 | options |= SO_DEBUG; | ||
920 | 422 | |||
921 | 423 | if (uid == 0) { | ||
922 | 424 | gid_t gid = getgid(); | ||
923 | 425 | |||
924 | 426 | /* If run by hand, ensure groups vector gets trashed */ | ||
925 | 427 | setgroups(1, &gid); | ||
926 | 428 | } | ||
927 | 429 | |||
928 | 430 | openlog("inetd", LOG_PID | LOG_NOWAIT, LOG_DAEMON); | ||
929 | 431 | logpid(); | ||
930 | 432 | |||
931 | 433 | if (getrlimit(RLIMIT_NOFILE, &rlim_nofile) < 0) { | ||
932 | 434 | syslog(LOG_ERR, "getrlimit: %m"); | ||
933 | 435 | } else { | ||
934 | 436 | rlim_nofile_cur = rlim_nofile.rlim_cur; | ||
935 | 437 | if (rlim_nofile_cur == RLIM_INFINITY) /* ! */ | ||
936 | 438 | rlim_nofile_cur = OPEN_MAX; | ||
937 | 439 | } | ||
938 | 440 | |||
939 | 441 | sigemptyset(&emptymask); | ||
940 | 442 | sigemptyset(&blockmask); | ||
941 | 443 | sigaddset(&blockmask, SIGCHLD); | ||
942 | 444 | sigaddset(&blockmask, SIGHUP); | ||
943 | 445 | sigaddset(&blockmask, SIGALRM); | ||
944 | 446 | |||
945 | 447 | memset(&sa, 0, sizeof(sa)); | ||
946 | 448 | sigemptyset(&sa.sa_mask); | ||
947 | 449 | sigaddset(&sa.sa_mask, SIGALRM); | ||
948 | 450 | sigaddset(&sa.sa_mask, SIGCHLD); | ||
949 | 451 | sigaddset(&sa.sa_mask, SIGHUP); | ||
950 | 452 | sa.sa_handler = retry; | ||
951 | 453 | sigaction(SIGALRM, &sa, NULL); | ||
952 | 454 | doconfig(); | ||
953 | 455 | sa.sa_handler = config; | ||
954 | 456 | sigaction(SIGHUP, &sa, NULL); | ||
955 | 457 | sa.sa_handler = reap; | ||
956 | 458 | sigaction(SIGCHLD, &sa, NULL); | ||
957 | 459 | sa.sa_handler = die; | ||
958 | 460 | sigaction(SIGTERM, &sa, NULL); | ||
959 | 461 | sa.sa_handler = die; | ||
960 | 462 | sigaction(SIGINT, &sa, NULL); | ||
961 | 463 | sa.sa_handler = SIG_IGN; | ||
962 | 464 | sigaction(SIGPIPE, &sa, &sapipe); | ||
963 | 465 | |||
964 | 466 | /* space for daemons to overwrite environment for ps */ | ||
965 | 467 | { | ||
966 | 468 | #define DUMMYSIZE 100 | ||
967 | 469 | char dummy[DUMMYSIZE]; | ||
968 | 470 | memset(dummy, 'x', DUMMYSIZE - 1); | ||
969 | 471 | dummy[DUMMYSIZE - 1] = '\0'; | ||
970 | 472 | setenv("inetd_dummy", dummy, 1); | ||
971 | 473 | } | ||
972 | 474 | |||
973 | 475 | for (;;) { | ||
974 | 476 | int n, ctrl = -1; | ||
975 | 477 | |||
976 | 478 | restart: | ||
977 | 479 | if (nsock == 0) { | ||
978 | 480 | (void) sigprocmask(SIG_BLOCK, &blockmask, NULL); | ||
979 | 481 | while (nsock == 0) { | ||
980 | 482 | if (wantretry || wantconfig || wantreap || wantdie) | ||
981 | 483 | break; | ||
982 | 484 | sigsuspend(&emptymask); | ||
983 | 485 | } | ||
984 | 486 | (void) sigprocmask(SIG_SETMASK, &emptymask, NULL); | ||
985 | 487 | } | ||
986 | 488 | |||
987 | 489 | while (wantretry || wantconfig || wantreap || wantdie) { | ||
988 | 490 | if (wantretry) { | ||
989 | 491 | wantretry = 0; | ||
990 | 492 | doretry(); | ||
991 | 493 | } | ||
992 | 494 | if (wantconfig) { | ||
993 | 495 | wantconfig = 0; | ||
994 | 496 | doconfig(); | ||
995 | 497 | } | ||
996 | 498 | if (wantreap) { | ||
997 | 499 | wantreap = 0; | ||
998 | 500 | doreap(); | ||
999 | 501 | } | ||
1000 | 502 | if (wantdie) | ||
1001 | 503 | dodie(); | ||
1002 | 504 | goto restart; | ||
1003 | 505 | } | ||
1004 | 506 | |||
1005 | 507 | if (readablen != allsockn) { | ||
1006 | 508 | if (fdsrp) | ||
1007 | 509 | free(fdsrp); | ||
1008 | 510 | fdsrp = (fd_set *)calloc(allsockn, 1); | ||
1009 | 511 | if (fdsrp == NULL) { | ||
1010 | 512 | syslog(LOG_ERR, "Out of memory."); | ||
1011 | 513 | exit(1); | ||
1012 | 514 | } | ||
1013 | 515 | readablen = allsockn; | ||
1014 | 516 | } | ||
1015 | 517 | bcopy(allsockp, fdsrp, allsockn); | ||
1016 | 518 | |||
1017 | 519 | if ((n = select(maxsock + 1, fdsrp, NULL, NULL, NULL)) <= 0) { | ||
1018 | 520 | if (n < 0 && errno != EINTR) { | ||
1019 | 521 | syslog(LOG_WARNING, "select: %m"); | ||
1020 | 522 | sleep(1); | ||
1021 | 523 | } | ||
1022 | 524 | continue; | ||
1023 | 525 | } | ||
1024 | 526 | |||
1025 | 527 | for (sep = servtab; n && sep; sep = sep->se_next) { | ||
1026 | 528 | if (sep->se_fd != -1 && | ||
1027 | 529 | FD_ISSET(sep->se_fd, fdsrp)) { | ||
1028 | 530 | n--; | ||
1029 | 531 | if (debug) | ||
1030 | 532 | fprintf(stderr, "someone wants %s\n", | ||
1031 | 533 | sep->se_service); | ||
1032 | 534 | if (!sep->se_wait && | ||
1033 | 535 | sep->se_socktype == SOCK_STREAM) { | ||
1034 | 536 | ctrl = gettcp(sep); | ||
1035 | 537 | if (ctrl == -1) | ||
1036 | 538 | continue; | ||
1037 | 539 | } else | ||
1038 | 540 | ctrl = sep->se_fd; | ||
1039 | 541 | (void) sigprocmask(SIG_BLOCK, &blockmask, NULL); | ||
1040 | 542 | spawn(sep, ctrl); /* spawn will unblock */ | ||
1041 | 543 | } | ||
1042 | 544 | } | ||
1043 | 545 | } | ||
1044 | 546 | } | ||
1045 | 547 | |||
1046 | 548 | int | ||
1047 | 549 | gettcp(struct servtab *sep) | ||
1048 | 550 | { | ||
1049 | 551 | int ctrl; | ||
1050 | 552 | |||
1051 | 553 | ctrl = accept(sep->se_fd, NULL, NULL); | ||
1052 | 554 | if (debug) | ||
1053 | 555 | fprintf(stderr, "accept, ctrl %d\n", ctrl); | ||
1054 | 556 | if (ctrl < 0) { | ||
1055 | 557 | if (errno == EINTR) | ||
1056 | 558 | return -1; | ||
1057 | 559 | syslog(LOG_WARNING, "accept (for %s): %m", sep->se_service); | ||
1058 | 560 | return -1; | ||
1059 | 561 | } | ||
1060 | 562 | if ((sep->se_family == AF_INET || sep->se_family == AF_INET6) && | ||
1061 | 563 | sep->se_socktype == SOCK_STREAM) { | ||
1062 | 564 | struct sockaddr_storage peer; | ||
1063 | 565 | socklen_t plen = sizeof(peer); | ||
1064 | 566 | char sbuf[NI_MAXSERV]; | ||
1065 | 567 | |||
1066 | 568 | if (getpeername(ctrl, (struct sockaddr *)&peer, &plen) < 0) { | ||
1067 | 569 | syslog(LOG_WARNING, "could not getpeername"); | ||
1068 | 570 | close(ctrl); | ||
1069 | 571 | return -1; | ||
1070 | 572 | } | ||
1071 | 573 | if (getnameinfo((struct sockaddr *)&peer, plen, NULL, 0, | ||
1072 | 574 | sbuf, sizeof(sbuf), NI_NUMERICSERV) == 0 && | ||
1073 | 575 | atoi(sbuf) == 20) { | ||
1074 | 576 | /* | ||
1075 | 577 | * ignore things that look like ftp bounce | ||
1076 | 578 | */ | ||
1077 | 579 | close(ctrl); | ||
1078 | 580 | return -1; | ||
1079 | 581 | } | ||
1080 | 582 | } | ||
1081 | 583 | return (ctrl); | ||
1082 | 584 | } | ||
1083 | 585 | |||
1084 | 586 | |||
1085 | 587 | int | ||
1086 | 588 | dg_badinput(struct sockaddr *sa) | ||
1087 | 589 | { | ||
1088 | 590 | struct in_addr in; | ||
1089 | 591 | struct in6_addr *in6; | ||
1090 | 592 | u_int16_t port; | ||
1091 | 593 | |||
1092 | 594 | switch (sa->sa_family) { | ||
1093 | 595 | case AF_INET: | ||
1094 | 596 | in.s_addr = ntohl(((struct sockaddr_in *)sa)->sin_addr.s_addr); | ||
1095 | 597 | port = ntohs(((struct sockaddr_in *)sa)->sin_port); | ||
1096 | 598 | v4chk: | ||
1097 | 599 | if (IN_MULTICAST(in.s_addr)) | ||
1098 | 600 | goto bad; | ||
1099 | 601 | switch ((in.s_addr & 0xff000000) >> 24) { | ||
1100 | 602 | case 0: case 127: case 255: | ||
1101 | 603 | goto bad; | ||
1102 | 604 | } | ||
1103 | 605 | if (dg_broadcast(&in)) | ||
1104 | 606 | goto bad; | ||
1105 | 607 | break; | ||
1106 | 608 | case AF_INET6: | ||
1107 | 609 | in6 = &((struct sockaddr_in6 *)sa)->sin6_addr; | ||
1108 | 610 | port = ntohs(((struct sockaddr_in6 *)sa)->sin6_port); | ||
1109 | 611 | if (IN6_IS_ADDR_MULTICAST(in6) || IN6_IS_ADDR_UNSPECIFIED(in6)) | ||
1110 | 612 | goto bad; | ||
1111 | 613 | /* | ||
1112 | 614 | * OpenBSD does not support IPv4 mapped address (RFC2553 | ||
1113 | 615 | * inbound behavior) at all. We should drop it. | ||
1114 | 616 | */ | ||
1115 | 617 | if (IN6_IS_ADDR_V4MAPPED(in6)) | ||
1116 | 618 | goto bad; | ||
1117 | 619 | if (IN6_IS_ADDR_V4COMPAT(in6)) { | ||
1118 | 620 | memcpy(&in, &in6->s6_addr[12], sizeof(in)); | ||
1119 | 621 | in.s_addr = ntohl(in.s_addr); | ||
1120 | 622 | goto v4chk; | ||
1121 | 623 | } | ||
1122 | 624 | break; | ||
1123 | 625 | default: | ||
1124 | 626 | /* XXX unsupported af, is it safe to assume it to be safe? */ | ||
1125 | 627 | return 0; | ||
1126 | 628 | } | ||
1127 | 629 | |||
1128 | 630 | return (0); | ||
1129 | 631 | |||
1130 | 632 | bad: | ||
1131 | 633 | return (1); | ||
1132 | 634 | } | ||
1133 | 635 | |||
1134 | 636 | int | ||
1135 | 637 | dg_broadcast(struct in_addr *in) | ||
1136 | 638 | { | ||
1137 | 639 | #ifdef HAVE_GETIFADDRS | ||
1138 | 640 | struct ifaddrs *ifa, *ifap; | ||
1139 | 641 | struct sockaddr_in *sin; | ||
1140 | 642 | |||
1141 | 643 | if (getifaddrs(&ifap) < 0) | ||
1142 | 644 | return (0); | ||
1143 | 645 | for (ifa = ifap; ifa; ifa = ifa->ifa_next) { | ||
1144 | 646 | if (ifa->ifa_addr->sa_family != AF_INET || | ||
1145 | 647 | (ifa->ifa_flags & IFF_BROADCAST) == 0) | ||
1146 | 648 | continue; | ||
1147 | 649 | sin = (struct sockaddr_in *)ifa->ifa_broadaddr; | ||
1148 | 650 | if (sin->sin_addr.s_addr == in->s_addr) { | ||
1149 | 651 | freeifaddrs(ifap); | ||
1150 | 652 | return (1); | ||
1151 | 653 | } | ||
1152 | 654 | } | ||
1153 | 655 | freeifaddrs(ifap); | ||
1154 | 656 | #endif | ||
1155 | 657 | return (0); | ||
1156 | 658 | } | ||
1157 | 659 | |||
1158 | 660 | /* ARGSUSED */ | ||
1159 | 661 | void | ||
1160 | 662 | reap(int sig) | ||
1161 | 663 | { | ||
1162 | 664 | wantreap = 1; | ||
1163 | 665 | } | ||
1164 | 666 | |||
1165 | 667 | void | ||
1166 | 668 | doreap(void) | ||
1167 | 669 | { | ||
1168 | 670 | struct servtab *sep; | ||
1169 | 671 | int status; | ||
1170 | 672 | pid_t pid; | ||
1171 | 673 | |||
1172 | 674 | if (debug) | ||
1173 | 675 | fprintf(stderr, "reaping asked for\n"); | ||
1174 | 676 | |||
1175 | 677 | for (;;) { | ||
1176 | 678 | if ((pid = wait3(&status, WNOHANG, NULL)) <= 0) { | ||
1177 | 679 | if (pid == -1 && errno == EINTR) | ||
1178 | 680 | continue; | ||
1179 | 681 | break; | ||
1180 | 682 | } | ||
1181 | 683 | if (debug) | ||
1182 | 684 | fprintf(stderr, "%ld reaped, status %x\n", | ||
1183 | 685 | (long)pid, status); | ||
1184 | 686 | for (sep = servtab; sep; sep = sep->se_next) | ||
1185 | 687 | if (sep->se_wait == pid) { | ||
1186 | 688 | if (WIFEXITED(status) && WEXITSTATUS(status)) | ||
1187 | 689 | syslog(LOG_WARNING, | ||
1188 | 690 | "%s: exit status %d", | ||
1189 | 691 | sep->se_server, WEXITSTATUS(status)); | ||
1190 | 692 | else if (WIFSIGNALED(status)) | ||
1191 | 693 | syslog(LOG_WARNING, | ||
1192 | 694 | "%s: exit signal %d", | ||
1193 | 695 | sep->se_server, WTERMSIG(status)); | ||
1194 | 696 | sep->se_wait = 1; | ||
1195 | 697 | fd_grow(&allsockp, &allsockn, sep->se_fd); | ||
1196 | 698 | FD_SET(sep->se_fd, allsockp); | ||
1197 | 699 | nsock++; | ||
1198 | 700 | if (debug) | ||
1199 | 701 | fprintf(stderr, "restored %s, fd %d\n", | ||
1200 | 702 | sep->se_service, sep->se_fd); | ||
1201 | 703 | } | ||
1202 | 704 | } | ||
1203 | 705 | } | ||
1204 | 706 | |||
1205 | 707 | /* ARGSUSED */ | ||
1206 | 708 | void | ||
1207 | 709 | config(int sig) | ||
1208 | 710 | { | ||
1209 | 711 | wantconfig = 1; | ||
1210 | 712 | } | ||
1211 | 713 | |||
1212 | 714 | void | ||
1213 | 715 | doconfig(void) | ||
1214 | 716 | { | ||
1215 | 717 | struct servtab *sep, *cp, **sepp; | ||
1216 | 718 | int add; | ||
1217 | 719 | char protoname[10]; | ||
1218 | 720 | sigset_t omask; | ||
1219 | 721 | |||
1220 | 722 | if (!setconfig()) { | ||
1221 | 723 | syslog(LOG_ERR, "%s: %m", CONFIG); | ||
1222 | 724 | exit(1); | ||
1223 | 725 | } | ||
1224 | 726 | for (sep = servtab; sep; sep = sep->se_next) | ||
1225 | 727 | sep->se_checked = 0; | ||
1226 | 728 | cp = getconfigent(); | ||
1227 | 729 | while (cp != NULL) { | ||
1228 | 730 | for (sep = servtab; sep; sep = sep->se_next) | ||
1229 | 731 | if (matchconf(sep, cp)) | ||
1230 | 732 | break; | ||
1231 | 733 | add = 0; | ||
1232 | 734 | if (sep != NULL) { | ||
1233 | 735 | int i; | ||
1234 | 736 | |||
1235 | 737 | #define SWAP(type, a, b) {type c=(type)a; a=(type)b; b=(type)c;} | ||
1236 | 738 | |||
1237 | 739 | sigprocmask(SIG_BLOCK, &blockmask, &omask); | ||
1238 | 740 | /* | ||
1239 | 741 | * sep->se_wait may be holding the pid of a daemon | ||
1240 | 742 | * that we're waiting for. If so, don't overwrite | ||
1241 | 743 | * it unless the config file explicitly says don't | ||
1242 | 744 | * wait. | ||
1243 | 745 | */ | ||
1244 | 746 | if (cp->se_bi == 0 && | ||
1245 | 747 | (sep->se_wait == 1 || cp->se_wait == 0)) | ||
1246 | 748 | sep->se_wait = cp->se_wait; | ||
1247 | 749 | SWAP(int, cp->se_max, sep->se_max); | ||
1248 | 750 | SWAP(char *, sep->se_user, cp->se_user); | ||
1249 | 751 | SWAP(char *, sep->se_group, cp->se_group); | ||
1250 | 752 | SWAP(char *, sep->se_server, cp->se_server); | ||
1251 | 753 | for (i = 0; i < MAXARGV; i++) | ||
1252 | 754 | SWAP(char *, sep->se_argv[i], cp->se_argv[i]); | ||
1253 | 755 | #undef SWAP | ||
1254 | 756 | if (isrpcservice(sep)) | ||
1255 | 757 | unregister_rpc(sep); | ||
1256 | 758 | sep->se_rpcversl = cp->se_rpcversl; | ||
1257 | 759 | sep->se_rpcversh = cp->se_rpcversh; | ||
1258 | 760 | sigprocmask(SIG_SETMASK, &omask, NULL); | ||
1259 | 761 | freeconfig(cp); | ||
1260 | 762 | add = 1; | ||
1261 | 763 | } else { | ||
1262 | 764 | sep = enter(cp); | ||
1263 | 765 | } | ||
1264 | 766 | sep->se_checked = 1; | ||
1265 | 767 | |||
1266 | 768 | switch (sep->se_family) { | ||
1267 | 769 | case AF_UNIX: | ||
1268 | 770 | if (sep->se_fd != -1) | ||
1269 | 771 | break; | ||
1270 | 772 | sep->se_ctrladdr_size = | ||
1271 | 773 | strlcpy(sep->se_ctrladdr_un.sun_path, | ||
1272 | 774 | sep->se_service, | ||
1273 | 775 | sizeof sep->se_ctrladdr_un.sun_path); | ||
1274 | 776 | if (sep->se_ctrladdr_size >= | ||
1275 | 777 | sizeof sep->se_ctrladdr_un.sun_path) { | ||
1276 | 778 | syslog(LOG_WARNING, "%s/%s: UNIX domain socket " | ||
1277 | 779 | "path too long", sep->se_service, | ||
1278 | 780 | sep->se_proto); | ||
1279 | 781 | goto serv_unknown; | ||
1280 | 782 | } | ||
1281 | 783 | sep->se_ctrladdr_un.sun_family = AF_UNIX; | ||
1282 | 784 | sep->se_ctrladdr_size += | ||
1283 | 785 | 1 + sizeof sep->se_ctrladdr_un.sun_family; | ||
1284 | 786 | (void)unlink(sep->se_service); | ||
1285 | 787 | setup(sep); | ||
1286 | 788 | break; | ||
1287 | 789 | case AF_INET: | ||
1288 | 790 | sep->se_ctrladdr_in.sin_family = AF_INET; | ||
1289 | 791 | /* se_ctrladdr_in was set in getconfigent */ | ||
1290 | 792 | sep->se_ctrladdr_size = sizeof sep->se_ctrladdr_in; | ||
1291 | 793 | |||
1292 | 794 | if (isrpcservice(sep)) { | ||
1293 | 795 | struct rpcent *rp; | ||
1294 | 796 | |||
1295 | 797 | sep->se_rpcprog = atoi(sep->se_service); | ||
1296 | 798 | if (sep->se_rpcprog == 0) { | ||
1297 | 799 | rp = getrpcbyname(sep->se_service); | ||
1298 | 800 | if (rp == 0) { | ||
1299 | 801 | syslog(LOG_ERR, | ||
1300 | 802 | "%s: unknown rpc service", | ||
1301 | 803 | sep->se_service); | ||
1302 | 804 | goto serv_unknown; | ||
1303 | 805 | } | ||
1304 | 806 | sep->se_rpcprog = rp->r_number; | ||
1305 | 807 | } | ||
1306 | 808 | if (sep->se_fd == -1) | ||
1307 | 809 | setup(sep); | ||
1308 | 810 | if (sep->se_fd != -1) | ||
1309 | 811 | register_rpc(sep); | ||
1310 | 812 | } else { | ||
1311 | 813 | u_short port = htons(atoi(sep->se_service)); | ||
1312 | 814 | |||
1313 | 815 | if (!port) { | ||
1314 | 816 | /* XXX */ | ||
1315 | 817 | char *p; | ||
1316 | 818 | strncpy(protoname, sep->se_proto, | ||
1317 | 819 | sizeof(protoname)); | ||
1318 | 820 | for (p = protoname; *p; p++) | ||
1319 | 821 | if (isdigit(*p)) { | ||
1320 | 822 | *p = '\0'; | ||
1321 | 823 | break; | ||
1322 | 824 | } | ||
1323 | 825 | sp = getservbyname(sep->se_service, | ||
1324 | 826 | protoname); | ||
1325 | 827 | if (sp == 0) { | ||
1326 | 828 | syslog(LOG_ERR, | ||
1327 | 829 | "%s/%s: unknown service", | ||
1328 | 830 | sep->se_service, sep->se_proto); | ||
1329 | 831 | goto serv_unknown; | ||
1330 | 832 | } | ||
1331 | 833 | port = sp->s_port; | ||
1332 | 834 | } | ||
1333 | 835 | if (port != sep->se_ctrladdr_in.sin_port) { | ||
1334 | 836 | sep->se_ctrladdr_in.sin_port = port; | ||
1335 | 837 | if (sep->se_fd != -1) { | ||
1336 | 838 | FD_CLR(sep->se_fd, allsockp); | ||
1337 | 839 | nsock--; | ||
1338 | 840 | (void) close(sep->se_fd); | ||
1339 | 841 | } | ||
1340 | 842 | sep->se_fd = -1; | ||
1341 | 843 | } | ||
1342 | 844 | if (sep->se_fd == -1) | ||
1343 | 845 | setup(sep); | ||
1344 | 846 | } | ||
1345 | 847 | break; | ||
1346 | 848 | case AF_INET6: | ||
1347 | 849 | sep->se_ctrladdr_in6.sin6_family = AF_INET6; | ||
1348 | 850 | /* se_ctrladdr_in was set in getconfigent */ | ||
1349 | 851 | sep->se_ctrladdr_size = sizeof sep->se_ctrladdr_in6; | ||
1350 | 852 | |||
1351 | 853 | if (isrpcservice(sep)) { | ||
1352 | 854 | struct rpcent *rp; | ||
1353 | 855 | |||
1354 | 856 | sep->se_rpcprog = atoi(sep->se_service); | ||
1355 | 857 | if (sep->se_rpcprog == 0) { | ||
1356 | 858 | rp = getrpcbyname(sep->se_service); | ||
1357 | 859 | if (rp == 0) { | ||
1358 | 860 | syslog(LOG_ERR, | ||
1359 | 861 | "%s: unknown rpc service", | ||
1360 | 862 | sep->se_service); | ||
1361 | 863 | goto serv_unknown; | ||
1362 | 864 | } | ||
1363 | 865 | sep->se_rpcprog = rp->r_number; | ||
1364 | 866 | } | ||
1365 | 867 | if (sep->se_fd == -1) | ||
1366 | 868 | setup(sep); | ||
1367 | 869 | if (sep->se_fd != -1) | ||
1368 | 870 | register_rpc(sep); | ||
1369 | 871 | } else { | ||
1370 | 872 | u_short port = htons(atoi(sep->se_service)); | ||
1371 | 873 | |||
1372 | 874 | if (!port) { | ||
1373 | 875 | /* XXX */ | ||
1374 | 876 | strncpy(protoname, sep->se_proto, | ||
1375 | 877 | sizeof(protoname)); | ||
1376 | 878 | if (isdigit(protoname[strlen(protoname) - 1])) | ||
1377 | 879 | protoname[strlen(protoname) - 1] = '\0'; | ||
1378 | 880 | sp = getservbyname(sep->se_service, | ||
1379 | 881 | protoname); | ||
1380 | 882 | if (sp == 0) { | ||
1381 | 883 | syslog(LOG_ERR, | ||
1382 | 884 | "%s/%s: unknown service", | ||
1383 | 885 | sep->se_service, sep->se_proto); | ||
1384 | 886 | goto serv_unknown; | ||
1385 | 887 | } | ||
1386 | 888 | port = sp->s_port; | ||
1387 | 889 | } | ||
1388 | 890 | if (port != sep->se_ctrladdr_in6.sin6_port) { | ||
1389 | 891 | sep->se_ctrladdr_in6.sin6_port = port; | ||
1390 | 892 | if (sep->se_fd != -1) { | ||
1391 | 893 | FD_CLR(sep->se_fd, allsockp); | ||
1392 | 894 | nsock--; | ||
1393 | 895 | (void) close(sep->se_fd); | ||
1394 | 896 | } | ||
1395 | 897 | sep->se_fd = -1; | ||
1396 | 898 | } | ||
1397 | 899 | if (sep->se_fd == -1) | ||
1398 | 900 | setup(sep); | ||
1399 | 901 | } | ||
1400 | 902 | break; | ||
1401 | 903 | } | ||
1402 | 904 | serv_unknown: | ||
1403 | 905 | if (cp->se_next != NULL) { | ||
1404 | 906 | struct servtab *tmp = cp; | ||
1405 | 907 | |||
1406 | 908 | cp = cp->se_next; | ||
1407 | 909 | free(tmp); | ||
1408 | 910 | } else { | ||
1409 | 911 | free(cp); | ||
1410 | 912 | cp = getconfigent(); | ||
1411 | 913 | } | ||
1412 | 914 | if (debug) | ||
1413 | 915 | print_service(add ? "REDO" : "ADD", sep); | ||
1414 | 916 | } | ||
1415 | 917 | endconfig(); | ||
1416 | 918 | /* | ||
1417 | 919 | * Purge anything not looked at above. | ||
1418 | 920 | */ | ||
1419 | 921 | sigprocmask(SIG_BLOCK, &blockmask, &omask); | ||
1420 | 922 | sepp = &servtab; | ||
1421 | 923 | while ((sep = *sepp)) { | ||
1422 | 924 | if (sep->se_checked) { | ||
1423 | 925 | sepp = &sep->se_next; | ||
1424 | 926 | continue; | ||
1425 | 927 | } | ||
1426 | 928 | *sepp = sep->se_next; | ||
1427 | 929 | if (sep->se_fd != -1) { | ||
1428 | 930 | FD_CLR(sep->se_fd, allsockp); | ||
1429 | 931 | nsock--; | ||
1430 | 932 | (void) close(sep->se_fd); | ||
1431 | 933 | } | ||
1432 | 934 | if (isrpcservice(sep)) | ||
1433 | 935 | unregister_rpc(sep); | ||
1434 | 936 | if (sep->se_family == AF_UNIX) | ||
1435 | 937 | (void)unlink(sep->se_service); | ||
1436 | 938 | if (debug) | ||
1437 | 939 | print_service("FREE", sep); | ||
1438 | 940 | freeconfig(sep); | ||
1439 | 941 | free(sep); | ||
1440 | 942 | } | ||
1441 | 943 | sigprocmask(SIG_SETMASK, &omask, NULL); | ||
1442 | 944 | } | ||
1443 | 945 | |||
1444 | 946 | /* ARGSUSED */ | ||
1445 | 947 | void | ||
1446 | 948 | retry(int sig) | ||
1447 | 949 | { | ||
1448 | 950 | wantretry = 1; | ||
1449 | 951 | } | ||
1450 | 952 | |||
1451 | 953 | void | ||
1452 | 954 | doretry(void) | ||
1453 | 955 | { | ||
1454 | 956 | struct servtab *sep; | ||
1455 | 957 | |||
1456 | 958 | timingout = 0; | ||
1457 | 959 | for (sep = servtab; sep; sep = sep->se_next) { | ||
1458 | 960 | if (sep->se_fd == -1) { | ||
1459 | 961 | switch (sep->se_family) { | ||
1460 | 962 | case AF_UNIX: | ||
1461 | 963 | case AF_INET: | ||
1462 | 964 | case AF_INET6: | ||
1463 | 965 | setup(sep); | ||
1464 | 966 | if (sep->se_fd != -1 && isrpcservice(sep)) | ||
1465 | 967 | register_rpc(sep); | ||
1466 | 968 | break; | ||
1467 | 969 | } | ||
1468 | 970 | } | ||
1469 | 971 | } | ||
1470 | 972 | } | ||
1471 | 973 | |||
1472 | 974 | /* ARGSUSED */ | ||
1473 | 975 | void | ||
1474 | 976 | die(int sig) | ||
1475 | 977 | { | ||
1476 | 978 | wantdie = 1; | ||
1477 | 979 | } | ||
1478 | 980 | |||
1479 | 981 | void | ||
1480 | 982 | dodie(void) | ||
1481 | 983 | { | ||
1482 | 984 | struct servtab *sep; | ||
1483 | 985 | |||
1484 | 986 | for (sep = servtab; sep; sep = sep->se_next) { | ||
1485 | 987 | if (sep->se_fd == -1) | ||
1486 | 988 | continue; | ||
1487 | 989 | |||
1488 | 990 | switch (sep->se_family) { | ||
1489 | 991 | case AF_UNIX: | ||
1490 | 992 | (void)unlink(sep->se_service); | ||
1491 | 993 | break; | ||
1492 | 994 | case AF_INET: | ||
1493 | 995 | case AF_INET6: | ||
1494 | 996 | if (sep->se_wait == 1 && isrpcservice(sep)) | ||
1495 | 997 | unregister_rpc(sep); | ||
1496 | 998 | break; | ||
1497 | 999 | } | ||
1498 | 1000 | (void)close(sep->se_fd); | ||
1499 | 1001 | } | ||
1500 | 1002 | (void)unlink(_PATH_INETDPID); | ||
1501 | 1003 | exit(0); | ||
1502 | 1004 | } | ||
1503 | 1005 | |||
1504 | 1006 | void | ||
1505 | 1007 | setup(struct servtab *sep) | ||
1506 | 1008 | { | ||
1507 | 1009 | int on = 1; | ||
1508 | 1010 | int r; | ||
1509 | 1011 | mode_t mask = 0; | ||
1510 | 1012 | |||
1511 | 1013 | if ((sep->se_fd = socket(sep->se_family, sep->se_socktype, 0)) < 0) { | ||
1512 | 1014 | syslog(LOG_ERR, "%s/%s: socket: %m", | ||
1513 | 1015 | sep->se_service, sep->se_proto); | ||
1514 | 1016 | return; | ||
1515 | 1017 | } | ||
1516 | 1018 | if (strncmp(sep->se_proto, "tcp6", 4) == 0) { | ||
1517 | 1019 | if (setsockopt(sep->se_fd, IPPROTO_IPV6, IPV6_V6ONLY, &on, | ||
1518 | 1020 | sizeof (on)) < 0) | ||
1519 | 1021 | syslog(LOG_ERR, "setsockopt (IPV6_V6ONLY): %m"); | ||
1520 | 1022 | } else if (strncmp(sep->se_proto, "tcp46", 5) == 0) { | ||
1521 | 1023 | int off = 0; | ||
1522 | 1024 | if (setsockopt(sep->se_fd, IPPROTO_IPV6, IPV6_V6ONLY, &off, | ||
1523 | 1025 | sizeof (off)) < 0) | ||
1524 | 1026 | syslog(LOG_ERR, "setsockopt (IPV6_V6ONLY): %m"); | ||
1525 | 1027 | } | ||
1526 | 1028 | #define turnon(fd, opt) \ | ||
1527 | 1029 | setsockopt(fd, SOL_SOCKET, opt, &on, sizeof (on)) | ||
1528 | 1030 | if (strncmp(sep->se_proto, "tcp", 3) == 0 && (options & SO_DEBUG) && | ||
1529 | 1031 | turnon(sep->se_fd, SO_DEBUG) < 0) | ||
1530 | 1032 | syslog(LOG_ERR, "setsockopt (SO_DEBUG): %m"); | ||
1531 | 1033 | if (turnon(sep->se_fd, SO_REUSEADDR) < 0) | ||
1532 | 1034 | syslog(LOG_ERR, "setsockopt (SO_REUSEADDR): %m"); | ||
1533 | 1035 | #undef turnon | ||
1534 | 1036 | if (isrpcservice(sep)) { | ||
1535 | 1037 | struct passwd *pwd; | ||
1536 | 1038 | |||
1537 | 1039 | /* | ||
1538 | 1040 | * for RPC services, attempt to use a reserved port | ||
1539 | 1041 | * if they are going to be running as root. | ||
1540 | 1042 | * | ||
1541 | 1043 | * Also, zero out the port for all RPC services; let bind() | ||
1542 | 1044 | * find one. | ||
1543 | 1045 | */ | ||
1544 | 1046 | sep->se_ctrladdr_in.sin_port = 0; | ||
1545 | 1047 | if (sep->se_user && (pwd = getpwnam(sep->se_user)) && | ||
1546 | 1048 | pwd->pw_uid == 0 && uid == 0) | ||
1547 | 1049 | r = bindresvport(sep->se_fd, &sep->se_ctrladdr_in); | ||
1548 | 1050 | else { | ||
1549 | 1051 | r = bind(sep->se_fd, &sep->se_ctrladdr, | ||
1550 | 1052 | sep->se_ctrladdr_size); | ||
1551 | 1053 | if (r == 0) { | ||
1552 | 1054 | socklen_t len = sep->se_ctrladdr_size; | ||
1553 | 1055 | int saveerrno = errno; | ||
1554 | 1056 | |||
1555 | 1057 | /* update se_ctrladdr_in.sin_port */ | ||
1556 | 1058 | r = getsockname(sep->se_fd, &sep->se_ctrladdr, | ||
1557 | 1059 | &len); | ||
1558 | 1060 | if (r <= 0) | ||
1559 | 1061 | errno = saveerrno; | ||
1560 | 1062 | } | ||
1561 | 1063 | } | ||
1562 | 1064 | } else { | ||
1563 | 1065 | if (sep->se_family == AF_UNIX) | ||
1564 | 1066 | mask = umask(0111); | ||
1565 | 1067 | r = bind(sep->se_fd, &sep->se_ctrladdr, sep->se_ctrladdr_size); | ||
1566 | 1068 | if (sep->se_family == AF_UNIX) | ||
1567 | 1069 | umask(mask); | ||
1568 | 1070 | } | ||
1569 | 1071 | if (r < 0) { | ||
1570 | 1072 | syslog(LOG_ERR, "%s/%s: bind: %m", | ||
1571 | 1073 | sep->se_service, sep->se_proto); | ||
1572 | 1074 | (void) close(sep->se_fd); | ||
1573 | 1075 | sep->se_fd = -1; | ||
1574 | 1076 | if (!timingout) { | ||
1575 | 1077 | timingout = 1; | ||
1576 | 1078 | alarm(RETRYTIME); | ||
1577 | 1079 | } | ||
1578 | 1080 | return; | ||
1579 | 1081 | } | ||
1580 | 1082 | if (sep->se_socktype == SOCK_STREAM) | ||
1581 | 1083 | listen(sep->se_fd, global_queuelen); | ||
1582 | 1084 | |||
1583 | 1085 | fd_grow(&allsockp, &allsockn, sep->se_fd); | ||
1584 | 1086 | FD_SET(sep->se_fd, allsockp); | ||
1585 | 1087 | nsock++; | ||
1586 | 1088 | if (sep->se_fd > maxsock) { | ||
1587 | 1089 | maxsock = sep->se_fd; | ||
1588 | 1090 | if (maxsock > rlim_nofile_cur - FD_MARGIN) | ||
1589 | 1091 | bump_nofile(); | ||
1590 | 1092 | } | ||
1591 | 1093 | } | ||
1592 | 1094 | |||
1593 | 1095 | void | ||
1594 | 1096 | register_rpc(struct servtab *sep) | ||
1595 | 1097 | { | ||
1596 | 1098 | socklen_t n; | ||
1597 | 1099 | struct sockaddr_in sin; | ||
1598 | 1100 | struct protoent *pp; | ||
1599 | 1101 | |||
1600 | 1102 | if ((pp = getprotobyname(sep->se_proto+4)) == NULL) { | ||
1601 | 1103 | syslog(LOG_ERR, "%s: getproto: %m", | ||
1602 | 1104 | sep->se_proto); | ||
1603 | 1105 | return; | ||
1604 | 1106 | } | ||
1605 | 1107 | n = sizeof sin; | ||
1606 | 1108 | if (getsockname(sep->se_fd, (struct sockaddr *)&sin, &n) < 0) { | ||
1607 | 1109 | syslog(LOG_ERR, "%s/%s: getsockname: %m", | ||
1608 | 1110 | sep->se_service, sep->se_proto); | ||
1609 | 1111 | return; | ||
1610 | 1112 | } | ||
1611 | 1113 | |||
1612 | 1114 | for (n = sep->se_rpcversl; n <= sep->se_rpcversh; n++) { | ||
1613 | 1115 | if (debug) | ||
1614 | 1116 | fprintf(stderr, "pmap_set: %u %u %u %u\n", | ||
1615 | 1117 | sep->se_rpcprog, n, pp->p_proto, | ||
1616 | 1118 | ntohs(sin.sin_port)); | ||
1617 | 1119 | (void)pmap_unset(sep->se_rpcprog, n); | ||
1618 | 1120 | if (!pmap_set(sep->se_rpcprog, n, pp->p_proto, ntohs(sin.sin_port))) | ||
1619 | 1121 | syslog(LOG_ERR, "%s %s: pmap_set: %u %u %u %u: %m", | ||
1620 | 1122 | sep->se_service, sep->se_proto, | ||
1621 | 1123 | sep->se_rpcprog, n, pp->p_proto, | ||
1622 | 1124 | ntohs(sin.sin_port)); | ||
1623 | 1125 | } | ||
1624 | 1126 | } | ||
1625 | 1127 | |||
1626 | 1128 | void | ||
1627 | 1129 | unregister_rpc(struct servtab *sep) | ||
1628 | 1130 | { | ||
1629 | 1131 | int n; | ||
1630 | 1132 | |||
1631 | 1133 | for (n = sep->se_rpcversl; n <= sep->se_rpcversh; n++) { | ||
1632 | 1134 | if (debug) | ||
1633 | 1135 | fprintf(stderr, "pmap_unset(%u, %u)\n", | ||
1634 | 1136 | sep->se_rpcprog, n); | ||
1635 | 1137 | if (!pmap_unset(sep->se_rpcprog, n)) | ||
1636 | 1138 | syslog(LOG_ERR, "pmap_unset(%u, %u)", | ||
1637 | 1139 | sep->se_rpcprog, n); | ||
1638 | 1140 | } | ||
1639 | 1141 | } | ||
1640 | 1142 | |||
1641 | 1143 | |||
1642 | 1144 | struct servtab * | ||
1643 | 1145 | enter(struct servtab *cp) | ||
1644 | 1146 | { | ||
1645 | 1147 | struct servtab *sep; | ||
1646 | 1148 | sigset_t omask; | ||
1647 | 1149 | |||
1648 | 1150 | sep = (struct servtab *)malloc(sizeof (*sep)); | ||
1649 | 1151 | if (sep == NULL) { | ||
1650 | 1152 | syslog(LOG_ERR, "Out of memory."); | ||
1651 | 1153 | exit(1); | ||
1652 | 1154 | } | ||
1653 | 1155 | *sep = *cp; | ||
1654 | 1156 | sep->se_fd = -1; | ||
1655 | 1157 | sep->se_rpcprog = -1; | ||
1656 | 1158 | sigprocmask(SIG_BLOCK, &blockmask, &omask); | ||
1657 | 1159 | sep->se_next = servtab; | ||
1658 | 1160 | servtab = sep; | ||
1659 | 1161 | sigprocmask(SIG_SETMASK, &omask, NULL); | ||
1660 | 1162 | return (sep); | ||
1661 | 1163 | } | ||
1662 | 1164 | |||
1663 | 1165 | int | ||
1664 | 1166 | matchconf(struct servtab *old, struct servtab *new) | ||
1665 | 1167 | { | ||
1666 | 1168 | if (strcmp(old->se_service, new->se_service) != 0) | ||
1667 | 1169 | return (0); | ||
1668 | 1170 | |||
1669 | 1171 | if (strcmp(old->se_hostaddr, new->se_hostaddr) != 0) | ||
1670 | 1172 | return (0); | ||
1671 | 1173 | |||
1672 | 1174 | if (strcmp(old->se_proto, new->se_proto) != 0) | ||
1673 | 1175 | return (0); | ||
1674 | 1176 | |||
1675 | 1177 | /* | ||
1676 | 1178 | * If the new servtab is bound to a specific address, check that the | ||
1677 | 1179 | * old servtab is bound to the same entry. If the new service is not | ||
1678 | 1180 | * bound to a specific address then the check of se_hostaddr above | ||
1679 | 1181 | * is sufficient. | ||
1680 | 1182 | */ | ||
1681 | 1183 | |||
1682 | 1184 | if (old->se_family == AF_INET && new->se_family == AF_INET && | ||
1683 | 1185 | bcmp(&old->se_ctrladdr_in.sin_addr, | ||
1684 | 1186 | &new->se_ctrladdr_in.sin_addr, | ||
1685 | 1187 | sizeof(new->se_ctrladdr_in.sin_addr)) != 0) | ||
1686 | 1188 | return (0); | ||
1687 | 1189 | |||
1688 | 1190 | if (old->se_family == AF_INET6 && new->se_family == AF_INET6 && | ||
1689 | 1191 | bcmp(&old->se_ctrladdr_in6.sin6_addr, | ||
1690 | 1192 | &new->se_ctrladdr_in6.sin6_addr, | ||
1691 | 1193 | sizeof(new->se_ctrladdr_in6.sin6_addr)) != 0) | ||
1692 | 1194 | return (0); | ||
1693 | 1195 | if (old->se_family == AF_INET6 && new->se_family == AF_INET6 && | ||
1694 | 1196 | old->se_ctrladdr_in6.sin6_scope_id != | ||
1695 | 1197 | new->se_ctrladdr_in6.sin6_scope_id) | ||
1696 | 1198 | return (0); | ||
1697 | 1199 | |||
1698 | 1200 | return (1); | ||
1699 | 1201 | } | ||
1700 | 1202 | |||
1701 | 1203 | FILE *fconfig = NULL; | ||
1702 | 1204 | char line[1024]; | ||
1703 | 1205 | char *defhost; | ||
1704 | 1206 | char *skip(char **, int); | ||
1705 | 1207 | char *nextline(FILE *); | ||
1706 | 1208 | char *newstr(char *); | ||
1707 | 1209 | struct servtab *dupconfig(struct servtab *); | ||
1708 | 1210 | |||
1709 | 1211 | int | ||
1710 | 1212 | setconfig(void) | ||
1711 | 1213 | { | ||
1712 | 1214 | if (defhost) | ||
1713 | 1215 | free(defhost); | ||
1714 | 1216 | defhost = newstr("*"); | ||
1715 | 1217 | if (fconfig != NULL) { | ||
1716 | 1218 | fseek(fconfig, 0L, SEEK_SET); | ||
1717 | 1219 | return (1); | ||
1718 | 1220 | } | ||
1719 | 1221 | fconfig = fopen(CONFIG, "r"); | ||
1720 | 1222 | return (fconfig != NULL); | ||
1721 | 1223 | } | ||
1722 | 1224 | |||
1723 | 1225 | void | ||
1724 | 1226 | endconfig(void) | ||
1725 | 1227 | { | ||
1726 | 1228 | if (fconfig) { | ||
1727 | 1229 | (void) fclose(fconfig); | ||
1728 | 1230 | fconfig = NULL; | ||
1729 | 1231 | } | ||
1730 | 1232 | if (defhost) { | ||
1731 | 1233 | free(defhost); | ||
1732 | 1234 | defhost = 0; | ||
1733 | 1235 | } | ||
1734 | 1236 | } | ||
1735 | 1237 | |||
1736 | 1238 | struct servtab * | ||
1737 | 1239 | getconfigent(void) | ||
1738 | 1240 | { | ||
1739 | 1241 | struct servtab *sep, *tsep; | ||
1740 | 1242 | char *arg, *cp, *hostdelim, *s; | ||
1741 | 1243 | int argc; | ||
1742 | 1244 | |||
1743 | 1245 | sep = (struct servtab *) malloc(sizeof(struct servtab)); | ||
1744 | 1246 | if (sep == NULL) { | ||
1745 | 1247 | syslog(LOG_ERR, "malloc: %m"); | ||
1746 | 1248 | exit(1); | ||
1747 | 1249 | } | ||
1748 | 1250 | |||
1749 | 1251 | memset(sep, 0, sizeof *sep); | ||
1750 | 1252 | more: | ||
1751 | 1253 | freeconfig(sep); | ||
1752 | 1254 | |||
1753 | 1255 | while ((cp = nextline(fconfig)) && *cp == '#') | ||
1754 | 1256 | ; | ||
1755 | 1257 | if (cp == NULL) { | ||
1756 | 1258 | free(sep); | ||
1757 | 1259 | return (NULL); | ||
1758 | 1260 | } | ||
1759 | 1261 | |||
1760 | 1262 | memset(sep, 0, sizeof *sep); | ||
1761 | 1263 | arg = skip(&cp, 0); | ||
1762 | 1264 | if (arg == NULL) { | ||
1763 | 1265 | /* A blank line. */ | ||
1764 | 1266 | goto more; | ||
1765 | 1267 | } | ||
1766 | 1268 | |||
1767 | 1269 | /* Check for a host name. */ | ||
1768 | 1270 | hostdelim = strrchr(arg, ':'); | ||
1769 | 1271 | if (hostdelim) { | ||
1770 | 1272 | *hostdelim = '\0'; | ||
1771 | 1273 | if (arg[0] == '[' && hostdelim > arg && hostdelim[-1] == ']') { | ||
1772 | 1274 | hostdelim[-1] = '\0'; | ||
1773 | 1275 | sep->se_hostaddr = newstr(arg + 1); | ||
1774 | 1276 | } else if (hostdelim == arg) | ||
1775 | 1277 | sep->se_hostaddr = newstr("*"); | ||
1776 | 1278 | else | ||
1777 | 1279 | sep->se_hostaddr = newstr(arg); | ||
1778 | 1280 | arg = hostdelim + 1; | ||
1779 | 1281 | /* | ||
1780 | 1282 | * If the line is of the form `host:', then just change the | ||
1781 | 1283 | * default host for the following lines. | ||
1782 | 1284 | */ | ||
1783 | 1285 | if (*arg == '\0') { | ||
1784 | 1286 | arg = skip(&cp, 0); | ||
1785 | 1287 | if (cp == NULL) { | ||
1786 | 1288 | free(defhost); | ||
1787 | 1289 | defhost = newstr(sep->se_hostaddr); | ||
1788 | 1290 | goto more; | ||
1789 | 1291 | } | ||
1790 | 1292 | } | ||
1791 | 1293 | } else | ||
1792 | 1294 | sep->se_hostaddr = newstr(defhost); | ||
1793 | 1295 | |||
1794 | 1296 | sep->se_service = newstr(arg); | ||
1795 | 1297 | if ((arg = skip(&cp, 1)) == NULL) | ||
1796 | 1298 | goto more; | ||
1797 | 1299 | |||
1798 | 1300 | if (strcmp(arg, "stream") == 0) | ||
1799 | 1301 | sep->se_socktype = SOCK_STREAM; | ||
1800 | 1302 | else if (strcmp(arg, "dgram") == 0) | ||
1801 | 1303 | sep->se_socktype = SOCK_DGRAM; | ||
1802 | 1304 | else if (strcmp(arg, "rdm") == 0) | ||
1803 | 1305 | sep->se_socktype = SOCK_RDM; | ||
1804 | 1306 | else if (strcmp(arg, "seqpacket") == 0) | ||
1805 | 1307 | sep->se_socktype = SOCK_SEQPACKET; | ||
1806 | 1308 | else if (strcmp(arg, "raw") == 0) | ||
1807 | 1309 | sep->se_socktype = SOCK_RAW; | ||
1808 | 1310 | else | ||
1809 | 1311 | sep->se_socktype = -1; | ||
1810 | 1312 | |||
1811 | 1313 | if ((arg = skip(&cp, 1)) == NULL) | ||
1812 | 1314 | goto more; | ||
1813 | 1315 | |||
1814 | 1316 | sep->se_proto = newstr(arg); | ||
1815 | 1317 | |||
1816 | 1318 | if (strcmp(sep->se_proto, "unix") == 0) { | ||
1817 | 1319 | sep->se_family = AF_UNIX; | ||
1818 | 1320 | } else { | ||
1819 | 1321 | int s; | ||
1820 | 1322 | |||
1821 | 1323 | sep->se_family = AF_INET; | ||
1822 | 1324 | if (sep->se_proto[strlen(sep->se_proto) - 1] == '6') | ||
1823 | 1325 | sep->se_family = AF_INET6; | ||
1824 | 1326 | |||
1825 | 1327 | /* check if the family is supported */ | ||
1826 | 1328 | s = socket(sep->se_family, SOCK_DGRAM, 0); | ||
1827 | 1329 | if (s < 0) { | ||
1828 | 1330 | syslog(LOG_WARNING, "%s/%s: %s: the address family is " | ||
1829 | 1331 | "not supported by the kernel", sep->se_service, | ||
1830 | 1332 | sep->se_proto, sep->se_hostaddr); | ||
1831 | 1333 | goto more; | ||
1832 | 1334 | } | ||
1833 | 1335 | close(s); | ||
1834 | 1336 | |||
1835 | 1337 | if (strncmp(sep->se_proto, "rpc/", 4) == 0) { | ||
1836 | 1338 | char *cp, *ccp; | ||
1837 | 1339 | long l; | ||
1838 | 1340 | |||
1839 | 1341 | cp = strchr(sep->se_service, '/'); | ||
1840 | 1342 | if (cp == 0) { | ||
1841 | 1343 | syslog(LOG_ERR, "%s: no rpc version", | ||
1842 | 1344 | sep->se_service); | ||
1843 | 1345 | goto more; | ||
1844 | 1346 | } | ||
1845 | 1347 | *cp++ = '\0'; | ||
1846 | 1348 | l = strtol(cp, &ccp, 0); | ||
1847 | 1349 | if (ccp == cp || l < 0 || l > INT_MAX) { | ||
1848 | 1350 | badafterall: | ||
1849 | 1351 | syslog(LOG_ERR, "%s/%s: bad rpc version", | ||
1850 | 1352 | sep->se_service, cp); | ||
1851 | 1353 | goto more; | ||
1852 | 1354 | } | ||
1853 | 1355 | sep->se_rpcversl = sep->se_rpcversh = l; | ||
1854 | 1356 | if (*ccp == '-') { | ||
1855 | 1357 | cp = ccp + 1; | ||
1856 | 1358 | l = strtol(cp, &ccp, 0); | ||
1857 | 1359 | if (ccp == cp || l < 0 || l > INT_MAX || | ||
1858 | 1360 | l < sep->se_rpcversl || *ccp) | ||
1859 | 1361 | goto badafterall; | ||
1860 | 1362 | sep->se_rpcversh = l; | ||
1861 | 1363 | } else if (*ccp != '\0') | ||
1862 | 1364 | goto badafterall; | ||
1863 | 1365 | } | ||
1864 | 1366 | } | ||
1865 | 1367 | arg = skip(&cp, 1); | ||
1866 | 1368 | if (arg == NULL) | ||
1867 | 1369 | goto more; | ||
1868 | 1370 | |||
1869 | 1371 | s = strchr(arg, '.'); | ||
1870 | 1372 | if (s) { | ||
1871 | 1373 | char *p; | ||
1872 | 1374 | |||
1873 | 1375 | *s++ = '\0'; | ||
1874 | 1376 | sep->se_max = strtoul(s, &p, 0); | ||
1875 | 1377 | if (sep->se_max < 1 || *p) { | ||
1876 | 1378 | syslog(LOG_ERR, | ||
1877 | 1379 | "%s: illegal max field \"%s\", setting to %d", | ||
1878 | 1380 | sep->se_service, s, toomany); | ||
1879 | 1381 | sep->se_max = toomany; | ||
1880 | 1382 | } | ||
1881 | 1383 | } else | ||
1882 | 1384 | sep->se_max = toomany; | ||
1883 | 1385 | |||
1884 | 1386 | sep->se_wait = strcmp(arg, "wait") == 0; | ||
1885 | 1387 | if ((arg = skip(&cp, 1)) == NULL) | ||
1886 | 1388 | goto more; | ||
1887 | 1389 | sep->se_user = newstr(arg); | ||
1888 | 1390 | arg = strchr(sep->se_user, '.'); | ||
1889 | 1391 | if (arg == NULL) | ||
1890 | 1392 | arg = strchr(sep->se_user, ':'); | ||
1891 | 1393 | if (arg) { | ||
1892 | 1394 | *arg++ = '\0'; | ||
1893 | 1395 | sep->se_group = newstr(arg); | ||
1894 | 1396 | } | ||
1895 | 1397 | if ((arg = skip(&cp, 1)) == NULL) | ||
1896 | 1398 | goto more; | ||
1897 | 1399 | |||
1898 | 1400 | sep->se_server = newstr(arg); | ||
1899 | 1401 | if (strcmp(sep->se_server, "internal") == 0) { | ||
1900 | 1402 | struct biltin *bi; | ||
1901 | 1403 | |||
1902 | 1404 | for (bi = biltins; bi->bi_service; bi++) | ||
1903 | 1405 | if (bi->bi_socktype == sep->se_socktype && | ||
1904 | 1406 | strcmp(bi->bi_service, sep->se_service) == 0) | ||
1905 | 1407 | break; | ||
1906 | 1408 | if (bi->bi_service == 0) { | ||
1907 | 1409 | syslog(LOG_ERR, "internal service %s unknown", | ||
1908 | 1410 | sep->se_service); | ||
1909 | 1411 | goto more; | ||
1910 | 1412 | } | ||
1911 | 1413 | sep->se_bi = bi; | ||
1912 | 1414 | sep->se_wait = bi->bi_wait; | ||
1913 | 1415 | } else | ||
1914 | 1416 | sep->se_bi = NULL; | ||
1915 | 1417 | argc = 0; | ||
1916 | 1418 | for (arg = skip(&cp, 0); cp; arg = skip(&cp, 0)) { | ||
1917 | 1419 | if (argc < MAXARGV) | ||
1918 | 1420 | sep->se_argv[argc++] = newstr(arg); | ||
1919 | 1421 | } | ||
1920 | 1422 | if (argc == 0 && sep->se_bi == NULL) { | ||
1921 | 1423 | if ((arg = strrchr(sep->se_server, '/')) != NULL) | ||
1922 | 1424 | arg++; | ||
1923 | 1425 | else | ||
1924 | 1426 | arg = sep->se_server; | ||
1925 | 1427 | sep->se_argv[argc++] = newstr(arg); | ||
1926 | 1428 | } | ||
1927 | 1429 | while (argc <= MAXARGV) | ||
1928 | 1430 | sep->se_argv[argc++] = NULL; | ||
1929 | 1431 | |||
1930 | 1432 | /* | ||
1931 | 1433 | * Resolve each hostname in the se_hostaddr list (if any) | ||
1932 | 1434 | * and create a new entry for each resolved address. | ||
1933 | 1435 | */ | ||
1934 | 1436 | if (sep->se_hostaddr != NULL && strcmp(sep->se_proto, "unix") != 0) { | ||
1935 | 1437 | struct addrinfo hints, *res0, *res; | ||
1936 | 1438 | char *host, *hostlist0, *hostlist, *port; | ||
1937 | 1439 | int error; | ||
1938 | 1440 | |||
1939 | 1441 | hostlist = hostlist0 = sep->se_hostaddr; | ||
1940 | 1442 | sep->se_hostaddr = NULL; | ||
1941 | 1443 | sep->se_checked = -1; | ||
1942 | 1444 | while ((host = strsep(&hostlist, ",")) != NULL) { | ||
1943 | 1445 | if (*host == '\0') | ||
1944 | 1446 | continue; | ||
1945 | 1447 | |||
1946 | 1448 | memset(&hints, 0, sizeof(hints)); | ||
1947 | 1449 | hints.ai_family = sep->se_family; | ||
1948 | 1450 | hints.ai_socktype = sep->se_socktype; | ||
1949 | 1451 | hints.ai_flags = AI_PASSIVE; | ||
1950 | 1452 | port = "0"; | ||
1951 | 1453 | /* XXX shortened IPv4 syntax is now forbidden */ | ||
1952 | 1454 | error = getaddrinfo(strcmp(host, "*") ? host : NULL, | ||
1953 | 1455 | port, &hints, &res0); | ||
1954 | 1456 | if (error) { | ||
1955 | 1457 | syslog(LOG_ERR, "%s/%s: %s: %s", | ||
1956 | 1458 | sep->se_service, sep->se_proto, | ||
1957 | 1459 | host, gai_strerror(error)); | ||
1958 | 1460 | continue; | ||
1959 | 1461 | } | ||
1960 | 1462 | for (res = res0; res; res = res->ai_next) { | ||
1961 | 1463 | if (res->ai_addrlen > | ||
1962 | 1464 | sizeof(sep->se_ctrladdr_storage)) | ||
1963 | 1465 | continue; | ||
1964 | 1466 | /* | ||
1965 | 1467 | * If sep is unused, store host in there. | ||
1966 | 1468 | * Otherwise, dup a new entry and prepend it. | ||
1967 | 1469 | */ | ||
1968 | 1470 | if (sep->se_checked == -1) { | ||
1969 | 1471 | sep->se_checked = 0; | ||
1970 | 1472 | } else { | ||
1971 | 1473 | tsep = dupconfig(sep); | ||
1972 | 1474 | tsep->se_next = sep; | ||
1973 | 1475 | sep = tsep; | ||
1974 | 1476 | } | ||
1975 | 1477 | sep->se_hostaddr = newstr(host); | ||
1976 | 1478 | memcpy(&sep->se_ctrladdr_storage, | ||
1977 | 1479 | res->ai_addr, res->ai_addrlen); | ||
1978 | 1480 | sep->se_ctrladdr_size = res->ai_addrlen; | ||
1979 | 1481 | } | ||
1980 | 1482 | freeaddrinfo(res0); | ||
1981 | 1483 | } | ||
1982 | 1484 | free(hostlist0); | ||
1983 | 1485 | if (sep->se_checked == -1) | ||
1984 | 1486 | goto more; /* no resolvable names/addresses */ | ||
1985 | 1487 | } | ||
1986 | 1488 | |||
1987 | 1489 | return (sep); | ||
1988 | 1490 | } | ||
1989 | 1491 | |||
1990 | 1492 | void | ||
1991 | 1493 | freeconfig(struct servtab *cp) | ||
1992 | 1494 | { | ||
1993 | 1495 | int i; | ||
1994 | 1496 | |||
1995 | 1497 | free(cp->se_hostaddr); | ||
1996 | 1498 | cp->se_hostaddr = NULL; | ||
1997 | 1499 | free(cp->se_service); | ||
1998 | 1500 | cp->se_service = NULL; | ||
1999 | 1501 | free(cp->se_proto); | ||
2000 | 1502 | cp->se_proto = NULL; | ||
2001 | 1503 | free(cp->se_user); | ||
2002 | 1504 | cp->se_user = NULL; | ||
2003 | 1505 | free(cp->se_group); | ||
2004 | 1506 | cp->se_group = NULL; | ||
2005 | 1507 | free(cp->se_server); | ||
2006 | 1508 | cp->se_server = NULL; | ||
2007 | 1509 | for (i = 0; i < MAXARGV; i++) { | ||
2008 | 1510 | free(cp->se_argv[i]); | ||
2009 | 1511 | cp->se_argv[i] = NULL; | ||
2010 | 1512 | } | ||
2011 | 1513 | } | ||
2012 | 1514 | |||
2013 | 1515 | char * | ||
2014 | 1516 | skip(char **cpp, int report) | ||
2015 | 1517 | { | ||
2016 | 1518 | char *cp = *cpp; | ||
2017 | 1519 | char *start; | ||
2018 | 1520 | |||
2019 | 1521 | erp: | ||
2020 | 1522 | if (*cpp == NULL) { | ||
2021 | 1523 | if (report) | ||
2022 | 1524 | syslog(LOG_ERR, "syntax error in inetd config file"); | ||
2023 | 1525 | return (NULL); | ||
2024 | 1526 | } | ||
2025 | 1527 | |||
2026 | 1528 | again: | ||
2027 | 1529 | while (*cp == ' ' || *cp == '\t') | ||
2028 | 1530 | cp++; | ||
2029 | 1531 | if (*cp == '\0') { | ||
2030 | 1532 | int c; | ||
2031 | 1533 | |||
2032 | 1534 | c = getc(fconfig); | ||
2033 | 1535 | (void) ungetc(c, fconfig); | ||
2034 | 1536 | if (c == ' ' || c == '\t') | ||
2035 | 1537 | if ((cp = nextline(fconfig))) | ||
2036 | 1538 | goto again; | ||
2037 | 1539 | *cpp = NULL; | ||
2038 | 1540 | goto erp; | ||
2039 | 1541 | } | ||
2040 | 1542 | start = cp; | ||
2041 | 1543 | while (*cp && *cp != ' ' && *cp != '\t') | ||
2042 | 1544 | cp++; | ||
2043 | 1545 | if (*cp != '\0') | ||
2044 | 1546 | *cp++ = '\0'; | ||
2045 | 1547 | if ((*cpp = cp) == NULL) | ||
2046 | 1548 | goto erp; | ||
2047 | 1549 | |||
2048 | 1550 | return (start); | ||
2049 | 1551 | } | ||
2050 | 1552 | |||
2051 | 1553 | char * | ||
2052 | 1554 | nextline(FILE *fd) | ||
2053 | 1555 | { | ||
2054 | 1556 | if (fgets(line, sizeof (line), fd) == NULL) | ||
2055 | 1557 | return (NULL); | ||
2056 | 1558 | line[strcspn(line, "\n")] = '\0'; | ||
2057 | 1559 | return (line); | ||
2058 | 1560 | } | ||
2059 | 1561 | |||
2060 | 1562 | char * | ||
2061 | 1563 | newstr(char *cp) | ||
2062 | 1564 | { | ||
2063 | 1565 | if ((cp = strdup(cp ? cp : ""))) | ||
2064 | 1566 | return(cp); | ||
2065 | 1567 | syslog(LOG_ERR, "strdup: %m"); | ||
2066 | 1568 | exit(1); | ||
2067 | 1569 | } | ||
2068 | 1570 | |||
2069 | 1571 | struct servtab * | ||
2070 | 1572 | dupconfig(struct servtab *sep) | ||
2071 | 1573 | { | ||
2072 | 1574 | struct servtab *newtab; | ||
2073 | 1575 | int argc; | ||
2074 | 1576 | |||
2075 | 1577 | newtab = (struct servtab *) malloc(sizeof(struct servtab)); | ||
2076 | 1578 | |||
2077 | 1579 | if (newtab == NULL) { | ||
2078 | 1580 | syslog(LOG_ERR, "malloc: %m"); | ||
2079 | 1581 | exit(1); | ||
2080 | 1582 | } | ||
2081 | 1583 | |||
2082 | 1584 | memset(newtab, 0, sizeof(struct servtab)); | ||
2083 | 1585 | |||
2084 | 1586 | newtab->se_service = sep->se_service ? newstr(sep->se_service) : NULL; | ||
2085 | 1587 | newtab->se_socktype = sep->se_socktype; | ||
2086 | 1588 | newtab->se_family = sep->se_family; | ||
2087 | 1589 | newtab->se_proto = sep->se_proto ? newstr(sep->se_proto) : NULL; | ||
2088 | 1590 | newtab->se_rpcprog = sep->se_rpcprog; | ||
2089 | 1591 | newtab->se_rpcversl = sep->se_rpcversl; | ||
2090 | 1592 | newtab->se_rpcversh = sep->se_rpcversh; | ||
2091 | 1593 | newtab->se_wait = sep->se_wait; | ||
2092 | 1594 | newtab->se_user = sep->se_user ? newstr(sep->se_user) : NULL; | ||
2093 | 1595 | newtab->se_group = sep->se_group ? newstr(sep->se_group) : NULL; | ||
2094 | 1596 | newtab->se_bi = sep->se_bi; | ||
2095 | 1597 | newtab->se_server = sep->se_server ? newstr(sep->se_server) : 0; | ||
2096 | 1598 | |||
2097 | 1599 | for (argc = 0; argc <= MAXARGV; argc++) | ||
2098 | 1600 | newtab->se_argv[argc] = sep->se_argv[argc] ? | ||
2099 | 1601 | newstr(sep->se_argv[argc]) : NULL; | ||
2100 | 1602 | newtab->se_max = sep->se_max; | ||
2101 | 1603 | |||
2102 | 1604 | return (newtab); | ||
2103 | 1605 | } | ||
2104 | 1606 | |||
2105 | 1607 | void | ||
2106 | 1608 | inetd_setproctitle(char *a, int s) | ||
2107 | 1609 | { | ||
2108 | 1610 | socklen_t size; | ||
2109 | 1611 | struct sockaddr_storage ss; | ||
2110 | 1612 | char hbuf[NI_MAXHOST]; | ||
2111 | 1613 | |||
2112 | 1614 | size = sizeof(ss); | ||
2113 | 1615 | if (getpeername(s, (struct sockaddr *)&ss, &size) == 0) { | ||
2114 | 1616 | if (getnameinfo((struct sockaddr *)&ss, size, hbuf, | ||
2115 | 1617 | sizeof(hbuf), NULL, 0, NI_NUMERICHOST) == 0) | ||
2116 | 1618 | setproctitle("-%s [%s]", a, hbuf); | ||
2117 | 1619 | else | ||
2118 | 1620 | setproctitle("-%s [?]", a); | ||
2119 | 1621 | } else | ||
2120 | 1622 | setproctitle("-%s", a); | ||
2121 | 1623 | } | ||
2122 | 1624 | |||
2123 | 1625 | void | ||
2124 | 1626 | logpid(void) | ||
2125 | 1627 | { | ||
2126 | 1628 | FILE *fp; | ||
2127 | 1629 | |||
2128 | 1630 | if ((fp = fopen(_PATH_INETDPID, "w")) != NULL) { | ||
2129 | 1631 | fprintf(fp, "%ld\n", (long)getpid()); | ||
2130 | 1632 | (void)fclose(fp); | ||
2131 | 1633 | } | ||
2132 | 1634 | } | ||
2133 | 1635 | |||
2134 | 1636 | int | ||
2135 | 1637 | bump_nofile(void) | ||
2136 | 1638 | { | ||
2137 | 1639 | #define FD_CHUNK 32 | ||
2138 | 1640 | |||
2139 | 1641 | struct rlimit rl; | ||
2140 | 1642 | |||
2141 | 1643 | if (getrlimit(RLIMIT_NOFILE, &rl) < 0) { | ||
2142 | 1644 | syslog(LOG_ERR, "getrlimit: %m"); | ||
2143 | 1645 | return -1; | ||
2144 | 1646 | } | ||
2145 | 1647 | rl.rlim_cur = MIN(rl.rlim_max, rl.rlim_cur + FD_CHUNK); | ||
2146 | 1648 | rl.rlim_cur = MIN(FD_SETSIZE, rl.rlim_cur + FD_CHUNK); | ||
2147 | 1649 | if (rl.rlim_cur <= rlim_nofile_cur) { | ||
2148 | 1650 | syslog(LOG_ERR, | ||
2149 | 1651 | "bump_nofile: cannot extend file limit, max = %d", | ||
2150 | 1652 | (int)rl.rlim_cur); | ||
2151 | 1653 | return -1; | ||
2152 | 1654 | } | ||
2153 | 1655 | |||
2154 | 1656 | if (setrlimit(RLIMIT_NOFILE, &rl) < 0) { | ||
2155 | 1657 | syslog(LOG_ERR, "setrlimit: %m"); | ||
2156 | 1658 | return -1; | ||
2157 | 1659 | } | ||
2158 | 1660 | |||
2159 | 1661 | rlim_nofile_cur = rl.rlim_cur; | ||
2160 | 1662 | return 0; | ||
2161 | 1663 | } | ||
2162 | 1664 | |||
2163 | 1665 | /* | ||
2164 | 1666 | * Internet services provided internally by inetd: | ||
2165 | 1667 | */ | ||
2166 | 1668 | #define BUFSIZE 4096 | ||
2167 | 1669 | |||
2168 | 1670 | /* ARGSUSED */ | ||
2169 | 1671 | void | ||
2170 | 1672 | echo_stream(int s, struct servtab *sep) | ||
2171 | 1673 | { | ||
2172 | 1674 | char buffer[BUFSIZE]; | ||
2173 | 1675 | int i; | ||
2174 | 1676 | |||
2175 | 1677 | inetd_setproctitle(sep->se_service, s); | ||
2176 | 1678 | while ((i = read(s, buffer, sizeof(buffer))) > 0 && | ||
2177 | 1679 | write(s, buffer, i) > 0) | ||
2178 | 1680 | ; | ||
2179 | 1681 | exit(0); | ||
2180 | 1682 | } | ||
2181 | 1683 | |||
2182 | 1684 | /* ARGSUSED */ | ||
2183 | 1685 | void | ||
2184 | 1686 | echo_dg(int s, struct servtab *sep) | ||
2185 | 1687 | { | ||
2186 | 1688 | char buffer[BUFSIZE]; | ||
2187 | 1689 | int i; | ||
2188 | 1690 | socklen_t size; | ||
2189 | 1691 | struct sockaddr_storage ss; | ||
2190 | 1692 | |||
2191 | 1693 | size = sizeof(ss); | ||
2192 | 1694 | if ((i = recvfrom(s, buffer, sizeof(buffer), 0, | ||
2193 | 1695 | (struct sockaddr *)&ss, &size)) < 0) | ||
2194 | 1696 | return; | ||
2195 | 1697 | if (dg_badinput((struct sockaddr *)&ss)) | ||
2196 | 1698 | return; | ||
2197 | 1699 | (void) sendto(s, buffer, i, 0, (struct sockaddr *)&ss, size); | ||
2198 | 1700 | } | ||
2199 | 1701 | |||
2200 | 1702 | /* ARGSUSED */ | ||
2201 | 1703 | void | ||
2202 | 1704 | discard_stream(int s, struct servtab *sep) | ||
2203 | 1705 | { | ||
2204 | 1706 | char buffer[BUFSIZE]; | ||
2205 | 1707 | |||
2206 | 1708 | inetd_setproctitle(sep->se_service, s); | ||
2207 | 1709 | while ((errno = 0, read(s, buffer, sizeof(buffer)) > 0) || | ||
2208 | 1710 | errno == EINTR) | ||
2209 | 1711 | ; | ||
2210 | 1712 | exit(0); | ||
2211 | 1713 | } | ||
2212 | 1714 | |||
2213 | 1715 | /* ARGSUSED */ | ||
2214 | 1716 | void | ||
2215 | 1717 | discard_dg(int s, struct servtab *sep) | ||
2216 | 1718 | { | ||
2217 | 1719 | char buffer[BUFSIZE]; | ||
2218 | 1720 | |||
2219 | 1721 | (void) read(s, buffer, sizeof(buffer)); | ||
2220 | 1722 | } | ||
2221 | 1723 | |||
2222 | 1724 | #include <ctype.h> | ||
2223 | 1725 | #define LINESIZ 72 | ||
2224 | 1726 | char ring[128]; | ||
2225 | 1727 | char *endring; | ||
2226 | 1728 | |||
2227 | 1729 | void | ||
2228 | 1730 | initring(void) | ||
2229 | 1731 | { | ||
2230 | 1732 | int i; | ||
2231 | 1733 | |||
2232 | 1734 | endring = ring; | ||
2233 | 1735 | |||
2234 | 1736 | for (i = 0; i <= sizeof ring; ++i) | ||
2235 | 1737 | if (isprint(i)) | ||
2236 | 1738 | *endring++ = i; | ||
2237 | 1739 | } | ||
2238 | 1740 | |||
2239 | 1741 | /* ARGSUSED */ | ||
2240 | 1742 | void | ||
2241 | 1743 | chargen_stream(int s, struct servtab *sep) | ||
2242 | 1744 | { | ||
2243 | 1745 | char *rs; | ||
2244 | 1746 | int len; | ||
2245 | 1747 | char text[LINESIZ+2]; | ||
2246 | 1748 | |||
2247 | 1749 | inetd_setproctitle(sep->se_service, s); | ||
2248 | 1750 | |||
2249 | 1751 | if (!endring) { | ||
2250 | 1752 | initring(); | ||
2251 | 1753 | rs = ring; | ||
2252 | 1754 | } | ||
2253 | 1755 | |||
2254 | 1756 | text[LINESIZ] = '\r'; | ||
2255 | 1757 | text[LINESIZ + 1] = '\n'; | ||
2256 | 1758 | for (rs = ring;;) { | ||
2257 | 1759 | if ((len = endring - rs) >= LINESIZ) | ||
2258 | 1760 | memmove(text, rs, LINESIZ); | ||
2259 | 1761 | else { | ||
2260 | 1762 | memmove(text, rs, len); | ||
2261 | 1763 | memmove(text + len, ring, LINESIZ - len); | ||
2262 | 1764 | } | ||
2263 | 1765 | if (++rs == endring) | ||
2264 | 1766 | rs = ring; | ||
2265 | 1767 | if (write(s, text, sizeof(text)) != sizeof(text)) | ||
2266 | 1768 | break; | ||
2267 | 1769 | } | ||
2268 | 1770 | exit(0); | ||
2269 | 1771 | } | ||
2270 | 1772 | |||
2271 | 1773 | /* ARGSUSED */ | ||
2272 | 1774 | void | ||
2273 | 1775 | chargen_dg(int s, struct servtab *sep) | ||
2274 | 1776 | { | ||
2275 | 1777 | struct sockaddr_storage ss; | ||
2276 | 1778 | static char *rs; | ||
2277 | 1779 | int len; | ||
2278 | 1780 | socklen_t size; | ||
2279 | 1781 | char text[LINESIZ+2]; | ||
2280 | 1782 | |||
2281 | 1783 | if (endring == 0) { | ||
2282 | 1784 | initring(); | ||
2283 | 1785 | rs = ring; | ||
2284 | 1786 | } | ||
2285 | 1787 | |||
2286 | 1788 | size = sizeof(ss); | ||
2287 | 1789 | if (recvfrom(s, text, sizeof(text), 0, (struct sockaddr *)&ss, | ||
2288 | 1790 | &size) < 0) | ||
2289 | 1791 | return; | ||
2290 | 1792 | if (dg_badinput((struct sockaddr *)&ss)) | ||
2291 | 1793 | return; | ||
2292 | 1794 | |||
2293 | 1795 | if ((len = endring - rs) >= LINESIZ) | ||
2294 | 1796 | memmove(text, rs, LINESIZ); | ||
2295 | 1797 | else { | ||
2296 | 1798 | memmove(text, rs, len); | ||
2297 | 1799 | memmove(text + len, ring, LINESIZ - len); | ||
2298 | 1800 | } | ||
2299 | 1801 | if (++rs == endring) | ||
2300 | 1802 | rs = ring; | ||
2301 | 1803 | text[LINESIZ] = '\r'; | ||
2302 | 1804 | text[LINESIZ + 1] = '\n'; | ||
2303 | 1805 | (void) sendto(s, text, sizeof(text), 0, (struct sockaddr *)&ss, size); | ||
2304 | 1806 | } | ||
2305 | 1807 | |||
2306 | 1808 | /* | ||
2307 | 1809 | * Return a machine readable date and time, in the form of the | ||
2308 | 1810 | * number of seconds since midnight, Jan 1, 1900. Since gettimeofday | ||
2309 | 1811 | * returns the number of seconds since midnight, Jan 1, 1970, | ||
2310 | 1812 | * we must add 2208988800 seconds to this figure to make up for | ||
2311 | 1813 | * some seventy years Bell Labs was asleep. | ||
2312 | 1814 | */ | ||
2313 | 1815 | u_int32_t | ||
2314 | 1816 | machtime(void) | ||
2315 | 1817 | { | ||
2316 | 1818 | struct timeval tv; | ||
2317 | 1819 | |||
2318 | 1820 | if (gettimeofday(&tv, NULL) < 0) | ||
2319 | 1821 | return (0L); | ||
2320 | 1822 | |||
2321 | 1823 | return (htonl((u_int32_t)tv.tv_sec + 2208988800UL)); | ||
2322 | 1824 | } | ||
2323 | 1825 | |||
2324 | 1826 | /* ARGSUSED */ | ||
2325 | 1827 | void | ||
2326 | 1828 | machtime_stream(s, sep) | ||
2327 | 1829 | int s; | ||
2328 | 1830 | struct servtab *sep; | ||
2329 | 1831 | { | ||
2330 | 1832 | u_int32_t result; | ||
2331 | 1833 | |||
2332 | 1834 | result = machtime(); | ||
2333 | 1835 | (void) write(s, &result, sizeof(result)); | ||
2334 | 1836 | } | ||
2335 | 1837 | |||
2336 | 1838 | /* ARGSUSED */ | ||
2337 | 1839 | void | ||
2338 | 1840 | machtime_dg(int s, struct servtab *sep) | ||
2339 | 1841 | { | ||
2340 | 1842 | u_int32_t result; | ||
2341 | 1843 | struct sockaddr_storage ss; | ||
2342 | 1844 | socklen_t size; | ||
2343 | 1845 | |||
2344 | 1846 | size = sizeof(ss); | ||
2345 | 1847 | if (recvfrom(s, &result, sizeof(result), 0, | ||
2346 | 1848 | (struct sockaddr *)&ss, &size) < 0) | ||
2347 | 1849 | return; | ||
2348 | 1850 | if (dg_badinput((struct sockaddr *)&ss)) | ||
2349 | 1851 | return; | ||
2350 | 1852 | result = machtime(); | ||
2351 | 1853 | (void) sendto(s, &result, sizeof(result), 0, | ||
2352 | 1854 | (struct sockaddr *)&ss, size); | ||
2353 | 1855 | } | ||
2354 | 1856 | |||
2355 | 1857 | /* Return human-readable time of day */ | ||
2356 | 1858 | /* ARGSUSED */ | ||
2357 | 1859 | void | ||
2358 | 1860 | daytime_stream(int s, struct servtab *sep) | ||
2359 | 1861 | { | ||
2360 | 1862 | char buffer[256]; | ||
2361 | 1863 | time_t clock; | ||
2362 | 1864 | |||
2363 | 1865 | clock = time(NULL); | ||
2364 | 1866 | |||
2365 | 1867 | (void) snprintf(buffer, sizeof buffer, "%.24s\r\n", ctime(&clock)); | ||
2366 | 1868 | (void) write(s, buffer, strlen(buffer)); | ||
2367 | 1869 | } | ||
2368 | 1870 | |||
2369 | 1871 | /* Return human-readable time of day */ | ||
2370 | 1872 | /* ARGSUSED */ | ||
2371 | 1873 | void | ||
2372 | 1874 | daytime_dg(int s, struct servtab *sep) | ||
2373 | 1875 | { | ||
2374 | 1876 | char buffer[256]; | ||
2375 | 1877 | time_t clock; | ||
2376 | 1878 | struct sockaddr_storage ss; | ||
2377 | 1879 | socklen_t size; | ||
2378 | 1880 | |||
2379 | 1881 | clock = time(NULL); | ||
2380 | 1882 | |||
2381 | 1883 | size = sizeof(ss); | ||
2382 | 1884 | if (recvfrom(s, buffer, sizeof(buffer), 0, (struct sockaddr *)&ss, | ||
2383 | 1885 | &size) < 0) | ||
2384 | 1886 | return; | ||
2385 | 1887 | if (dg_badinput((struct sockaddr *)&ss)) | ||
2386 | 1888 | return; | ||
2387 | 1889 | (void) snprintf(buffer, sizeof buffer, "%.24s\r\n", ctime(&clock)); | ||
2388 | 1890 | (void) sendto(s, buffer, strlen(buffer), 0, (struct sockaddr *)&ss, | ||
2389 | 1891 | size); | ||
2390 | 1892 | } | ||
2391 | 1893 | |||
2392 | 1894 | /* | ||
2393 | 1895 | * print_service: | ||
2394 | 1896 | * Dump relevant information to stderr | ||
2395 | 1897 | */ | ||
2396 | 1898 | void | ||
2397 | 1899 | print_service(char *action, struct servtab *sep) | ||
2398 | 1900 | { | ||
2399 | 1901 | if (strcmp(sep->se_hostaddr, "*") == 0) | ||
2400 | 1902 | fprintf(stderr, "%s: %s ", action, sep->se_service); | ||
2401 | 1903 | else | ||
2402 | 1904 | fprintf(stderr, "%s: %s:%s ", action, sep->se_hostaddr, | ||
2403 | 1905 | sep->se_service); | ||
2404 | 1906 | |||
2405 | 1907 | if (isrpcservice(sep)) | ||
2406 | 1908 | fprintf(stderr, "rpcprog=%d, rpcvers=%d/%d, proto=%s,", | ||
2407 | 1909 | sep->se_rpcprog, sep->se_rpcversh, | ||
2408 | 1910 | sep->se_rpcversl, sep->se_proto); | ||
2409 | 1911 | else | ||
2410 | 1912 | fprintf(stderr, "proto=%s,", sep->se_proto); | ||
2411 | 1913 | |||
2412 | 1914 | fprintf(stderr, | ||
2413 | 1915 | " wait.max=%hd.%d user:group=%s:%s builtin=%lx server=%s\n", | ||
2414 | 1916 | sep->se_wait, sep->se_max, sep->se_user, | ||
2415 | 1917 | sep->se_group ? sep->se_group : "(default)", | ||
2416 | 1918 | (long)sep->se_bi, sep->se_server); | ||
2417 | 1919 | } | ||
2418 | 1920 | |||
2419 | 1921 | void | ||
2420 | 1922 | spawn(struct servtab *sep, int ctrl) | ||
2421 | 1923 | { | ||
2422 | 1924 | struct passwd *pwd; | ||
2423 | 1925 | int tmpint, dofork; | ||
2424 | 1926 | struct group *grp = NULL; | ||
2425 | 1927 | char buf[50]; | ||
2426 | 1928 | pid_t pid; | ||
2427 | 1929 | |||
2428 | 1930 | pid = 0; | ||
2429 | 1931 | dofork = (sep->se_bi == 0 || sep->se_bi->bi_fork); | ||
2430 | 1932 | if (dofork) { | ||
2431 | 1933 | if (sep->se_count++ == 0) | ||
2432 | 1934 | (void)gettimeofday(&sep->se_time, NULL); | ||
2433 | 1935 | else if (sep->se_count >= sep->se_max) { | ||
2434 | 1936 | struct timeval now; | ||
2435 | 1937 | |||
2436 | 1938 | (void)gettimeofday(&now, NULL); | ||
2437 | 1939 | if (now.tv_sec - sep->se_time.tv_sec > | ||
2438 | 1940 | CNT_INTVL) { | ||
2439 | 1941 | sep->se_time = now; | ||
2440 | 1942 | sep->se_count = 1; | ||
2441 | 1943 | } else { | ||
2442 | 1944 | if (!sep->se_wait && | ||
2443 | 1945 | sep->se_socktype == SOCK_STREAM) | ||
2444 | 1946 | close(ctrl); | ||
2445 | 1947 | if (sep->se_family == AF_INET && | ||
2446 | 1948 | ntohs(sep->se_ctrladdr_in.sin_port) >= | ||
2447 | 1949 | IPPORT_RESERVED) { | ||
2448 | 1950 | /* | ||
2449 | 1951 | * Cannot close it -- there are | ||
2450 | 1952 | * thieves on the system. | ||
2451 | 1953 | * Simply ignore the connection. | ||
2452 | 1954 | */ | ||
2453 | 1955 | --sep->se_count; | ||
2454 | 1956 | sigprocmask(SIG_SETMASK, &emptymask, | ||
2455 | 1957 | NULL); | ||
2456 | 1958 | return; | ||
2457 | 1959 | } | ||
2458 | 1960 | syslog(LOG_ERR, | ||
2459 | 1961 | "%s/%s server failing (looping), service terminated for %d min", | ||
2460 | 1962 | sep->se_service, sep->se_proto, | ||
2461 | 1963 | RETRYTIME/60); | ||
2462 | 1964 | if (!sep->se_wait && | ||
2463 | 1965 | sep->se_socktype == SOCK_STREAM) | ||
2464 | 1966 | close(ctrl); | ||
2465 | 1967 | FD_CLR(sep->se_fd, allsockp); | ||
2466 | 1968 | (void) close(sep->se_fd); | ||
2467 | 1969 | sep->se_fd = -1; | ||
2468 | 1970 | sep->se_count = 0; | ||
2469 | 1971 | nsock--; | ||
2470 | 1972 | sigprocmask(SIG_SETMASK, &emptymask, | ||
2471 | 1973 | NULL); | ||
2472 | 1974 | if (!timingout) { | ||
2473 | 1975 | timingout = 1; | ||
2474 | 1976 | alarm(RETRYTIME); | ||
2475 | 1977 | } | ||
2476 | 1978 | return; | ||
2477 | 1979 | } | ||
2478 | 1980 | } | ||
2479 | 1981 | pid = fork(); | ||
2480 | 1982 | } | ||
2481 | 1983 | if (pid < 0) { | ||
2482 | 1984 | syslog(LOG_ERR, "fork: %m"); | ||
2483 | 1985 | if (!sep->se_wait && sep->se_socktype == SOCK_STREAM) | ||
2484 | 1986 | close(ctrl); | ||
2485 | 1987 | sigprocmask(SIG_SETMASK, &emptymask, NULL); | ||
2486 | 1988 | sleep(1); | ||
2487 | 1989 | return; | ||
2488 | 1990 | } | ||
2489 | 1991 | if (pid && sep->se_wait) { | ||
2490 | 1992 | sep->se_wait = pid; | ||
2491 | 1993 | FD_CLR(sep->se_fd, allsockp); | ||
2492 | 1994 | nsock--; | ||
2493 | 1995 | } | ||
2494 | 1996 | sigprocmask(SIG_SETMASK, &emptymask, NULL); | ||
2495 | 1997 | if (pid == 0) { | ||
2496 | 1998 | #ifdef LIBWRAP | ||
2497 | 1999 | if (lflag && !sep->se_wait && sep->se_socktype == SOCK_STREAM) { | ||
2498 | 2000 | struct request_info req; | ||
2499 | 2001 | char *service; | ||
2500 | 2002 | |||
2501 | 2003 | /* do not execute tcpd if it is in the config */ | ||
2502 | 2004 | if (strcmp(sep->se_server, "/usr/sbin/tcpd") == 0) { | ||
2503 | 2005 | char *p, *name; | ||
2504 | 2006 | |||
2505 | 2007 | free(sep->se_server); | ||
2506 | 2008 | name = sep->se_server = sep->se_argv[0]; | ||
2507 | 2009 | for (p = name; *p; p++) | ||
2508 | 2010 | if (*p == '/') | ||
2509 | 2011 | name = p + 1; | ||
2510 | 2012 | sep->se_argv[0] = newstr(name); | ||
2511 | 2013 | } | ||
2512 | 2014 | |||
2513 | 2015 | request_init(&req, RQ_DAEMON, sep->se_argv[0], | ||
2514 | 2016 | RQ_FILE, ctrl, NULL); | ||
2515 | 2017 | fromhost(&req); | ||
2516 | 2018 | if (getnameinfo(&sep->se_ctrladdr, | ||
2517 | 2019 | sizeof(sep->se_ctrladdr), NULL, 0, buf, | ||
2518 | 2020 | sizeof(buf), 0) != 0) { | ||
2519 | 2021 | /* shouldn't happen */ | ||
2520 | 2022 | snprintf(buf, sizeof buf, "%d", | ||
2521 | 2023 | ntohs(sep->se_ctrladdr_in.sin_port)); | ||
2522 | 2024 | } | ||
2523 | 2025 | service = buf; | ||
2524 | 2026 | if (!hosts_access(&req)) { | ||
2525 | 2027 | syslog(deny_severity, "refused connection" | ||
2526 | 2028 | " from %.500s, service %s (%s)", | ||
2527 | 2029 | eval_client(&req), service, sep->se_proto); | ||
2528 | 2030 | if (sep->se_socktype != SOCK_STREAM) | ||
2529 | 2031 | recv(0, buf, sizeof (buf), 0); | ||
2530 | 2032 | exit(1); | ||
2531 | 2033 | } | ||
2532 | 2034 | syslog(allow_severity, | ||
2533 | 2035 | "connection from %.500s, service %s (%s)", | ||
2534 | 2036 | eval_client(&req), service, sep->se_proto); | ||
2535 | 2037 | } | ||
2536 | 2038 | #endif | ||
2537 | 2039 | if (sep->se_bi) | ||
2538 | 2040 | (*sep->se_bi->bi_fn)(ctrl, sep); | ||
2539 | 2041 | else { | ||
2540 | 2042 | if ((pwd = getpwnam(sep->se_user)) == NULL) { | ||
2541 | 2043 | syslog(LOG_ERR, | ||
2542 | 2044 | "getpwnam: %s: No such user", | ||
2543 | 2045 | sep->se_user); | ||
2544 | 2046 | if (sep->se_socktype != SOCK_STREAM) | ||
2545 | 2047 | recv(0, buf, sizeof (buf), 0); | ||
2546 | 2048 | exit(1); | ||
2547 | 2049 | } | ||
2548 | 2050 | if (setsid() <0) | ||
2549 | 2051 | syslog(LOG_ERR, "%s: setsid: %m", | ||
2550 | 2052 | sep->se_service); | ||
2551 | 2053 | if (sep->se_group && | ||
2552 | 2054 | (grp = getgrnam(sep->se_group)) == NULL) { | ||
2553 | 2055 | syslog(LOG_ERR, | ||
2554 | 2056 | "getgrnam: %s: No such group", | ||
2555 | 2057 | sep->se_group); | ||
2556 | 2058 | if (sep->se_socktype != SOCK_STREAM) | ||
2557 | 2059 | recv(0, buf, sizeof (buf), 0); | ||
2558 | 2060 | exit(1); | ||
2559 | 2061 | } | ||
2560 | 2062 | if (uid != 0) { | ||
2561 | 2063 | /* a user running private inetd */ | ||
2562 | 2064 | if (uid != pwd->pw_uid) | ||
2563 | 2065 | exit(1); | ||
2564 | 2066 | } else { | ||
2565 | 2067 | #ifdef HAVE_SETUSERCONTEXT | ||
2566 | 2068 | tmpint = LOGIN_SETALL & | ||
2567 | 2069 | ~(LOGIN_SETGROUP|LOGIN_SETLOGIN); | ||
2568 | 2070 | if (pwd->pw_uid) | ||
2569 | 2071 | tmpint |= LOGIN_SETGROUP|LOGIN_SETLOGIN; | ||
2570 | 2072 | if (sep->se_group) { | ||
2571 | 2073 | pwd->pw_gid = grp->gr_gid; | ||
2572 | 2074 | tmpint |= LOGIN_SETGROUP; | ||
2573 | 2075 | } | ||
2574 | 2076 | if (setusercontext(NULL, pwd, pwd->pw_uid, | ||
2575 | 2077 | tmpint) < 0) { | ||
2576 | 2078 | syslog(LOG_ERR, | ||
2577 | 2079 | "%s/%s: setusercontext: %m", | ||
2578 | 2080 | sep->se_service, sep->se_proto); | ||
2579 | 2081 | exit(1); | ||
2580 | 2082 | } | ||
2581 | 2083 | #else | ||
2582 | 2084 | /* what about setpriority(2), setrlimit(2), | ||
2583 | 2085 | * and umask(2)? The $PATH is cleared. | ||
2584 | 2086 | */ | ||
2585 | 2087 | if (pwd->pw_uid) { | ||
2586 | 2088 | if (sep->se_group) | ||
2587 | 2089 | pwd->pw_gid = grp->gr_gid; | ||
2588 | 2090 | if (setgid(pwd->pw_gid) < 0) { | ||
2589 | 2091 | syslog(LOG_ERR, | ||
2590 | 2092 | "%s/%s: can't set gid %d: %m", | ||
2591 | 2093 | sep->se_service, sep->se_proto, | ||
2592 | 2094 | pwd->pw_gid); | ||
2593 | 2095 | exit(1); | ||
2594 | 2096 | } | ||
2595 | 2097 | if (initgroups(pwd->pw_name, pwd->pw_gid) | ||
2596 | 2098 | < 0) { | ||
2597 | 2099 | syslog(LOG_ERR, | ||
2598 | 2100 | "%s/%s: can't initgroups(%s): %m", | ||
2599 | 2101 | sep->se_service, sep->se_proto, | ||
2600 | 2102 | pwd->pw_name); | ||
2601 | 2103 | exit(1); | ||
2602 | 2104 | } | ||
2603 | 2105 | if (setuid(pwd->pw_uid) < 0) { | ||
2604 | 2106 | syslog(LOG_ERR, | ||
2605 | 2107 | "%s/%s: can't set uid %d: %m", | ||
2606 | 2108 | sep->se_service, sep->se_proto, | ||
2607 | 2109 | pwd->pw_uid); | ||
2608 | 2110 | exit(1); | ||
2609 | 2111 | } | ||
2610 | 2112 | } else if (sep->se_group) { | ||
2611 | 2113 | if (setgid(pwd->pw_gid) < 0) { | ||
2612 | 2114 | syslog(LOG_ERR, | ||
2613 | 2115 | "%s/%s: can't set gid %d: %m", | ||
2614 | 2116 | sep->se_service, sep->se_proto, | ||
2615 | 2117 | pwd->pw_gid); | ||
2616 | 2118 | exit(1); | ||
2617 | 2119 | } | ||
2618 | 2120 | if (initgroups(pwd->pw_name, pwd->pw_gid) | ||
2619 | 2121 | < 0) { | ||
2620 | 2122 | syslog(LOG_ERR, | ||
2621 | 2123 | "%s/%s: can't initgroups(%s): %m", | ||
2622 | 2124 | sep->se_service, sep->se_proto, | ||
2623 | 2125 | pwd->pw_name); | ||
2624 | 2126 | exit(1); | ||
2625 | 2127 | } | ||
2626 | 2128 | } | ||
2627 | 2129 | #endif | ||
2628 | 2130 | } | ||
2629 | 2131 | if (debug) | ||
2630 | 2132 | fprintf(stderr, "%ld execv %s\n", | ||
2631 | 2133 | (long)getpid(), sep->se_server); | ||
2632 | 2134 | if (ctrl != STDIN_FILENO) { | ||
2633 | 2135 | dup2(ctrl, STDIN_FILENO); | ||
2634 | 2136 | close(ctrl); | ||
2635 | 2137 | } | ||
2636 | 2138 | dup2(STDIN_FILENO, STDOUT_FILENO); | ||
2637 | 2139 | dup2(STDIN_FILENO, STDERR_FILENO); | ||
2638 | 2140 | closelog(); | ||
2639 | 2141 | closefrom(3); | ||
2640 | 2142 | sigaction(SIGPIPE, &sapipe, NULL); | ||
2641 | 2143 | execv(sep->se_server, sep->se_argv); | ||
2642 | 2144 | if (sep->se_socktype != SOCK_STREAM) | ||
2643 | 2145 | recv(0, buf, sizeof (buf), 0); | ||
2644 | 2146 | syslog(LOG_ERR, "execv %s: %m", sep->se_server); | ||
2645 | 2147 | exit(1); | ||
2646 | 2148 | } | ||
2647 | 2149 | } | ||
2648 | 2150 | if (!sep->se_wait && sep->se_socktype == SOCK_STREAM) | ||
2649 | 2151 | close(ctrl); | ||
2650 | 2152 | } | ||
2651 | 2153 | |||
2652 | 2154 | /* from netkit+USAGI */ | ||
2653 | 2155 | void | ||
2654 | 2156 | discard_stupid_environment(void) | ||
2655 | 2157 | { | ||
2656 | 2158 | static const char *const junk[] = { | ||
2657 | 2159 | /* these are prefixes */ | ||
2658 | 2160 | "CVS", | ||
2659 | 2161 | "DISPLAY=", | ||
2660 | 2162 | "EDITOR=", | ||
2661 | 2163 | "GROUP=", | ||
2662 | 2164 | "HOME=", | ||
2663 | 2165 | "IFS=", | ||
2664 | 2166 | "LD_", | ||
2665 | 2167 | "LOGNAME=", | ||
2666 | 2168 | "MAIL=", | ||
2667 | 2169 | "PATH=", | ||
2668 | 2170 | "PRINTER=", | ||
2669 | 2171 | "PWD=", | ||
2670 | 2172 | "SHELL=", | ||
2671 | 2173 | "SHLVL=", | ||
2672 | 2174 | "SSH", | ||
2673 | 2175 | "TERM", | ||
2674 | 2176 | "TMP", | ||
2675 | 2177 | "USER=", | ||
2676 | 2178 | "VISUAL=", | ||
2677 | 2179 | NULL | ||
2678 | 2180 | }; | ||
2679 | 2181 | |||
2680 | 2182 | int i, k = 0; | ||
2681 | 2183 | |||
2682 | 2184 | for (i = 0; __environ[i]; i++) { | ||
2683 | 2185 | int found = 0, j; | ||
2684 | 2186 | |||
2685 | 2187 | for (j = 0; junk[j]; j++) | ||
2686 | 2188 | if (!strncmp(__environ[i], junk[j], strlen(junk[j]))) | ||
2687 | 2189 | found = 1; | ||
2688 | 2190 | if (!found) | ||
2689 | 2191 | __environ[k++] = __environ[i]; | ||
2690 | 2192 | } | ||
2691 | 2193 | __environ[k] = NULL; | ||
2692 | 2194 | } | ||
2693 | 0 | 2195 | ||
2694 | === added directory '.pc/discard_env' | |||
2695 | === added file '.pc/discard_env/inetd.8' | |||
2696 | --- .pc/discard_env/inetd.8 1970-01-01 00:00:00 +0000 | |||
2697 | +++ .pc/discard_env/inetd.8 2011-06-29 11:29:23 +0000 | |||
2698 | @@ -0,0 +1,419 @@ | |||
2699 | 1 | .\" $OpenBSD: inetd.8,v 1.33 2008/06/28 10:54:45 sobrado Exp $ | ||
2700 | 2 | .\" Copyright (c) 1985, 1991 The Regents of the University of California. | ||
2701 | 3 | .\" All rights reserved. | ||
2702 | 4 | .\" | ||
2703 | 5 | .\" Redistribution and use in source and binary forms, with or without | ||
2704 | 6 | .\" modification, are permitted provided that the following conditions | ||
2705 | 7 | .\" are met: | ||
2706 | 8 | .\" 1. Redistributions of source code must retain the above copyright | ||
2707 | 9 | .\" notice, this list of conditions and the following disclaimer. | ||
2708 | 10 | .\" 2. Redistributions in binary form must reproduce the above copyright | ||
2709 | 11 | .\" notice, this list of conditions and the following disclaimer in the | ||
2710 | 12 | .\" documentation and/or other materials provided with the distribution. | ||
2711 | 13 | .\" 3. Neither the name of the University nor the names of its contributors | ||
2712 | 14 | .\" may be used to endorse or promote products derived from this software | ||
2713 | 15 | .\" without specific prior written permission. | ||
2714 | 16 | .\" | ||
2715 | 17 | .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND | ||
2716 | 18 | .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
2717 | 19 | .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
2718 | 20 | .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE | ||
2719 | 21 | .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
2720 | 22 | .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
2721 | 23 | .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
2722 | 24 | .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
2723 | 25 | .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
2724 | 26 | .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
2725 | 27 | .\" SUCH DAMAGE. | ||
2726 | 28 | .\" | ||
2727 | 29 | .\" from: @(#)inetd.8 6.7 (Berkeley) 3/16/91 | ||
2728 | 30 | .\" | ||
2729 | 31 | .Dd $Mdocdate: December 29 2009 $ | ||
2730 | 32 | .Dt INETD 8 | ||
2731 | 33 | .Os | ||
2732 | 34 | .Sh NAME | ||
2733 | 35 | .Nm inetd | ||
2734 | 36 | .Nd internet | ||
2735 | 37 | .Dq super-server | ||
2736 | 38 | .Sh SYNOPSIS | ||
2737 | 39 | .Nm inetd | ||
2738 | 40 | .Op Fl d | ||
2739 | 41 | .Op Fl R Ar rate | ||
2740 | 42 | .Op Ar configuration_file | ||
2741 | 43 | .Sh DESCRIPTION | ||
2742 | 44 | .Nm inetd | ||
2743 | 45 | listens for connections on certain internet sockets. | ||
2744 | 46 | When a connection is found on one | ||
2745 | 47 | of its sockets, it decides what service the socket | ||
2746 | 48 | corresponds to, and invokes a program to service the request. | ||
2747 | 49 | After the program is | ||
2748 | 50 | finished, it continues to listen on the socket (except in some cases which | ||
2749 | 51 | will be described below). | ||
2750 | 52 | Essentially, | ||
2751 | 53 | .Nm inetd | ||
2752 | 54 | allows running one daemon to invoke several others, | ||
2753 | 55 | reducing load on the system. | ||
2754 | 56 | .Pp | ||
2755 | 57 | The options are as follows: | ||
2756 | 58 | .Bl -tag -width Ds | ||
2757 | 59 | .It Fl d | ||
2758 | 60 | Turns on debugging. | ||
2759 | 61 | .It Fl R Ar rate | ||
2760 | 62 | Specify the maximum number of times a service can be invoked | ||
2761 | 63 | in one minute; the default is 256. | ||
2762 | 64 | If a service exceeds this limit, | ||
2763 | 65 | .Nm | ||
2764 | 66 | will log the problem | ||
2765 | 67 | and stop servicing requests for the specific service for ten minutes. | ||
2766 | 68 | See also the wait/nowait configuration fields below. | ||
2767 | 69 | .El | ||
2768 | 70 | .Pp | ||
2769 | 71 | Upon execution, | ||
2770 | 72 | .Nm inetd | ||
2771 | 73 | reads its configuration information from a configuration | ||
2772 | 74 | file which, by default, is | ||
2773 | 75 | .Pa /etc/inetd.conf . | ||
2774 | 76 | There must be an entry for each field of the configuration | ||
2775 | 77 | file, with entries for each field separated by a tab or | ||
2776 | 78 | a space. | ||
2777 | 79 | Comments are denoted by a | ||
2778 | 80 | .Dq # | ||
2779 | 81 | at the beginning | ||
2780 | 82 | of a line. | ||
2781 | 83 | The fields of the configuration file are as follows: | ||
2782 | 84 | .Bd -unfilled -offset indent | ||
2783 | 85 | service name | ||
2784 | 86 | socket type | ||
2785 | 87 | protocol | ||
2786 | 88 | wait/nowait[.max] | ||
2787 | 89 | user[.group] or user[:group] | ||
2788 | 90 | server program | ||
2789 | 91 | server program arguments | ||
2790 | 92 | .Ed | ||
2791 | 93 | .Pp | ||
2792 | 94 | To specify a Sun-RPC | ||
2793 | 95 | based service, the entry would contain these fields. | ||
2794 | 96 | .Bd -unfilled -offset indent | ||
2795 | 97 | service name/version | ||
2796 | 98 | socket type | ||
2797 | 99 | rpc/protocol | ||
2798 | 100 | wait/nowait[.max] | ||
2799 | 101 | user[.group] or user[:group] | ||
2800 | 102 | server program | ||
2801 | 103 | server program arguments | ||
2802 | 104 | .Ed | ||
2803 | 105 | .Pp | ||
2804 | 106 | For internet services, the first field of the line may also have a host | ||
2805 | 107 | address specifier prefixed to it, separated from the service name by a | ||
2806 | 108 | colon. | ||
2807 | 109 | If this is done, the string before the colon in the first field | ||
2808 | 110 | indicates what local address | ||
2809 | 111 | .Nm | ||
2810 | 112 | should use when listening for that service. | ||
2811 | 113 | Multiple local addresses | ||
2812 | 114 | can be specified on the same line, separated by commas. | ||
2813 | 115 | Numeric IP | ||
2814 | 116 | addresses in dotted-quad notation can be used as well as symbolic | ||
2815 | 117 | hostnames. | ||
2816 | 118 | Symbolic hostnames are looked up using | ||
2817 | 119 | .Fn gethostbyname . | ||
2818 | 120 | If a hostname has multiple address mappings, inetd creates a socket | ||
2819 | 121 | to listen on each address. | ||
2820 | 122 | .Pp | ||
2821 | 123 | The single character | ||
2822 | 124 | .Dq \&* | ||
2823 | 125 | indicates | ||
2824 | 126 | .Dv INADDR_ANY , | ||
2825 | 127 | meaning | ||
2826 | 128 | .Dq all local addresses . | ||
2827 | 129 | To avoid repeating an address that occurs frequently, a line with a | ||
2828 | 130 | host address specifier and colon, but no further fields, causes the | ||
2829 | 131 | host address specifier to be remembered and used for all further lines | ||
2830 | 132 | with no explicit host specifier (until another such line or the end of | ||
2831 | 133 | the file). | ||
2832 | 134 | A line | ||
2833 | 135 | .Dl *: | ||
2834 | 136 | is implicitly provided at the top of the file; thus, traditional | ||
2835 | 137 | configuration files (which have no host address specifiers) will be | ||
2836 | 138 | interpreted in the traditional manner, with all services listened for | ||
2837 | 139 | on all local addresses. | ||
2838 | 140 | If the protocol is | ||
2839 | 141 | .Dq unix , | ||
2840 | 142 | this value is ignored. | ||
2841 | 143 | .Pp | ||
2842 | 144 | The | ||
2843 | 145 | .Em service name | ||
2844 | 146 | entry is the name of a valid service in | ||
2845 | 147 | the file | ||
2846 | 148 | .Pa /etc/services | ||
2847 | 149 | or a port number. | ||
2848 | 150 | For | ||
2849 | 151 | .Dq internal | ||
2850 | 152 | services (discussed below), the service | ||
2851 | 153 | name | ||
2852 | 154 | .Em must | ||
2853 | 155 | be the official name of the service (that is, the first entry in | ||
2854 | 156 | .Pa /etc/services ) . | ||
2855 | 157 | When used to specify a Sun-RPC | ||
2856 | 158 | based service, this field is a valid RPC service name in | ||
2857 | 159 | the file | ||
2858 | 160 | .Pa /etc/rpc . | ||
2859 | 161 | The part on the right of the | ||
2860 | 162 | .Dq / | ||
2861 | 163 | is the RPC version number. | ||
2862 | 164 | This can simply be a single numeric argument or a range of versions. | ||
2863 | 165 | A range is bounded by the low version to the high version - | ||
2864 | 166 | .Dq rusers/1\-3 . | ||
2865 | 167 | For | ||
2866 | 168 | .Ux Ns -domain | ||
2867 | 169 | sockets this field specifies the path name of the socket. | ||
2868 | 170 | .Pp | ||
2869 | 171 | The | ||
2870 | 172 | .Em socket type | ||
2871 | 173 | should be one of | ||
2872 | 174 | .Dq stream , | ||
2873 | 175 | .Dq dgram , | ||
2874 | 176 | .Dq raw , | ||
2875 | 177 | .Dq rdm , | ||
2876 | 178 | or | ||
2877 | 179 | .Dq seqpacket , | ||
2878 | 180 | depending on whether the socket is a stream, datagram, raw, | ||
2879 | 181 | reliably delivered message, or sequenced packet socket. | ||
2880 | 182 | .Pp | ||
2881 | 183 | The | ||
2882 | 184 | .Em protocol | ||
2883 | 185 | must be a valid protocol as given in | ||
2884 | 186 | .Pa /etc/protocols or | ||
2885 | 187 | .Dq unix . | ||
2886 | 188 | Examples might be | ||
2887 | 189 | .Dq tcp | ||
2888 | 190 | or | ||
2889 | 191 | .Dq udp . | ||
2890 | 192 | RPC based services are specified with the | ||
2891 | 193 | .Dq rpc/tcp | ||
2892 | 194 | or | ||
2893 | 195 | .Dq rpc/udp | ||
2894 | 196 | service type. | ||
2895 | 197 | .Dq tcp | ||
2896 | 198 | and | ||
2897 | 199 | .Dq udp | ||
2898 | 200 | will be recognized as | ||
2899 | 201 | .Dq TCP or UDP over default IP version . | ||
2900 | 202 | This is currently IPv4, but in the future it will be IPv6. | ||
2901 | 203 | If you need to specify IPv4 or IPv6 explicitly, use something like | ||
2902 | 204 | .Dq tcp4 | ||
2903 | 205 | or | ||
2904 | 206 | .Dq udp6 . | ||
2905 | 207 | A | ||
2906 | 208 | .Em protocol | ||
2907 | 209 | of | ||
2908 | 210 | .Dq unix | ||
2909 | 211 | is used to specify a socket in the | ||
2910 | 212 | .Ux Ns -domain . | ||
2911 | 213 | .Pp | ||
2912 | 214 | The | ||
2913 | 215 | .Em wait/nowait | ||
2914 | 216 | entry is used to tell | ||
2915 | 217 | .Nm | ||
2916 | 218 | if it should wait for the server program to return, | ||
2917 | 219 | or continue processing connections on the socket. | ||
2918 | 220 | If a datagram server connects | ||
2919 | 221 | to its peer, freeing the socket so | ||
2920 | 222 | .Nm inetd | ||
2921 | 223 | can receive further messages on the socket, it is said to be | ||
2922 | 224 | a | ||
2923 | 225 | .Dq multi-threaded | ||
2924 | 226 | server, and should use the | ||
2925 | 227 | .Dq nowait | ||
2926 | 228 | entry. | ||
2927 | 229 | For datagram servers which process all incoming datagrams | ||
2928 | 230 | on a socket and eventually time out, the server is said to be | ||
2929 | 231 | .Dq single-threaded | ||
2930 | 232 | and should use a | ||
2931 | 233 | .Dq wait | ||
2932 | 234 | entry. | ||
2933 | 235 | .Xr comsat 8 | ||
2934 | 236 | .Pq Xr biff 1 | ||
2935 | 237 | and | ||
2936 | 238 | .Xr talkd 8 | ||
2937 | 239 | are both examples of the latter type of | ||
2938 | 240 | datagram server. | ||
2939 | 241 | .Xr tftpd 8 | ||
2940 | 242 | is an exception; it is a datagram server that establishes pseudo-connections. | ||
2941 | 243 | It must be listed as | ||
2942 | 244 | .Dq wait | ||
2943 | 245 | in order to avoid a race; | ||
2944 | 246 | the server reads the first packet, creates a new socket, | ||
2945 | 247 | and then forks and exits to allow | ||
2946 | 248 | .Nm inetd | ||
2947 | 249 | to check for new service requests to spawn new servers. | ||
2948 | 250 | The optional | ||
2949 | 251 | .Dq max | ||
2950 | 252 | suffix (separated from | ||
2951 | 253 | .Dq wait | ||
2952 | 254 | or | ||
2953 | 255 | .Dq nowait | ||
2954 | 256 | by a dot) specifies the maximum number of times a service can be invoked | ||
2955 | 257 | in one minute; the default is 256. | ||
2956 | 258 | If a service exceeds this limit, | ||
2957 | 259 | .Nm | ||
2958 | 260 | will log the problem | ||
2959 | 261 | and stop servicing requests for the specific service for ten minutes. | ||
2960 | 262 | See also the | ||
2961 | 263 | .Fl R | ||
2962 | 264 | option above. | ||
2963 | 265 | .Pp | ||
2964 | 266 | Stream servers are usually marked as | ||
2965 | 267 | .Dq nowait | ||
2966 | 268 | but if a single server process is to handle multiple connections, it may be | ||
2967 | 269 | marked as | ||
2968 | 270 | .Dq wait . | ||
2969 | 271 | The master socket will then be passed as fd 0 to the server, which will then | ||
2970 | 272 | need to accept the incoming connection. | ||
2971 | 273 | The server should eventually time | ||
2972 | 274 | out and exit when no more connections are active. | ||
2973 | 275 | .Nm | ||
2974 | 276 | will continue to | ||
2975 | 277 | listen on the master socket for connections, so the server should not close | ||
2976 | 278 | it when it exits. | ||
2977 | 279 | .Pp | ||
2978 | 280 | The | ||
2979 | 281 | .Em user | ||
2980 | 282 | entry should contain the user name of the user as whom the server | ||
2981 | 283 | should run. | ||
2982 | 284 | This allows for servers to be given less permission | ||
2983 | 285 | than root. | ||
2984 | 286 | An optional group name can be specified by appending a dot to | ||
2985 | 287 | the user name followed by the group name. | ||
2986 | 288 | This allows for servers to run with | ||
2987 | 289 | a different (primary) group ID than specified in the password file. | ||
2988 | 290 | If a group | ||
2989 | 291 | is specified and user is not root, the supplementary groups associated with | ||
2990 | 292 | that user will still be set. | ||
2991 | 293 | .Pp | ||
2992 | 294 | The | ||
2993 | 295 | .Em server program | ||
2994 | 296 | entry should contain the pathname of the program which is to be | ||
2995 | 297 | executed by | ||
2996 | 298 | .Nm inetd | ||
2997 | 299 | when a request is found on its socket. | ||
2998 | 300 | If | ||
2999 | 301 | .Nm inetd | ||
3000 | 302 | provides this service internally, this entry should | ||
3001 | 303 | be | ||
3002 | 304 | .Dq internal . | ||
3003 | 305 | .Pp | ||
3004 | 306 | The | ||
3005 | 307 | .Em server program arguments | ||
3006 | 308 | should be just as arguments | ||
3007 | 309 | normally are, starting with argv[0], which is the name of | ||
3008 | 310 | the program. | ||
3009 | 311 | If the service is provided internally, the word | ||
3010 | 312 | .Dq internal | ||
3011 | 313 | should take the place of this entry. | ||
3012 | 314 | .Pp | ||
3013 | 315 | .Nm inetd | ||
3014 | 316 | provides several | ||
3015 | 317 | .Dq trivial | ||
3016 | 318 | services internally by use of routines within itself. | ||
3017 | 319 | These services are | ||
3018 | 320 | .Dq echo , | ||
3019 | 321 | .Dq discard , | ||
3020 | 322 | .Dq chargen | ||
3021 | 323 | (character generator), | ||
3022 | 324 | .Dq daytime | ||
3023 | 325 | (human readable time), and | ||
3024 | 326 | .Dq time | ||
3025 | 327 | (machine readable time, | ||
3026 | 328 | in the form of the number of seconds since midnight, January | ||
3027 | 329 | 1, 1900). | ||
3028 | 330 | All of these services are TCP based. | ||
3029 | 331 | For details of these services, consult the appropriate | ||
3030 | 332 | .Tn RFC | ||
3031 | 333 | from the Network Information Center. | ||
3032 | 334 | .Pp | ||
3033 | 335 | .Nm inetd | ||
3034 | 336 | rereads its configuration file when it receives a hangup signal, | ||
3035 | 337 | .Dv SIGHUP . | ||
3036 | 338 | Services may be added, deleted or modified when the configuration file | ||
3037 | 339 | is reread. | ||
3038 | 340 | .Nm inetd | ||
3039 | 341 | creates a file | ||
3040 | 342 | .Em /var/run/inetd.pid | ||
3041 | 343 | that contains its process identifier. | ||
3042 | 344 | .Ss IPv6 TCP/UDP behavior | ||
3043 | 345 | If you wish to run a server for IPv4 and IPv6 traffic, | ||
3044 | 346 | you'll need to run two separate processes for the same server program, | ||
3045 | 347 | specified as two separate lines in | ||
3046 | 348 | .Pa inetd.conf , | ||
3047 | 349 | for | ||
3048 | 350 | .Dq tcp4 | ||
3049 | 351 | and | ||
3050 | 352 | .Dq tcp6 . | ||
3051 | 353 | .Pp | ||
3052 | 354 | Under various combinations of IPv4/v6 daemon settings, | ||
3053 | 355 | .Nm | ||
3054 | 356 | will behave as follows: | ||
3055 | 357 | .Bl -bullet -compact | ||
3056 | 358 | .It | ||
3057 | 359 | If you have only one server on | ||
3058 | 360 | .Dq tcp4 , | ||
3059 | 361 | IPv4 traffic will be routed to the server. | ||
3060 | 362 | IPv6 traffic will not be accepted. | ||
3061 | 363 | .It | ||
3062 | 364 | If you have two servers on | ||
3063 | 365 | .Dq tcp4 | ||
3064 | 366 | and | ||
3065 | 367 | .Dq tcp6 , | ||
3066 | 368 | IPv4 traffic will be routed to the server on | ||
3067 | 369 | .Dq tcp4 , | ||
3068 | 370 | and IPv6 traffic will go to server on | ||
3069 | 371 | .Dq tcp6 . | ||
3070 | 372 | .It | ||
3071 | 373 | If you have only one server on | ||
3072 | 374 | .Dq tcp6 , | ||
3073 | 375 | only IPv6 traffic will be routed to the server. | ||
3074 | 376 | .El | ||
3075 | 377 | .Sh SEE ALSO | ||
3076 | 378 | .Xr fingerd 8 , | ||
3077 | 379 | .Xr ftpd 8 , | ||
3078 | 380 | .Xr identd 8 , | ||
3079 | 381 | .Xr rshd 8 , | ||
3080 | 382 | .Xr talkd 8 , | ||
3081 | 383 | .Xr tftpd 8 | ||
3082 | 384 | .Sh HISTORY | ||
3083 | 385 | The | ||
3084 | 386 | .Nm | ||
3085 | 387 | command appeared in | ||
3086 | 388 | .Bx 4.3 . | ||
3087 | 389 | Support for Sun-RPC | ||
3088 | 390 | based services is modelled after that | ||
3089 | 391 | provided by SunOS 4.1. | ||
3090 | 392 | IPv6 support was added by the KAME project in 1999. | ||
3091 | 393 | .Pp | ||
3092 | 394 | Marco d'Itri ported this code from OpenBSD in summer 2002 and added | ||
3093 | 395 | socket buffers tuning and libwrap support from the NetBSD source tree. | ||
3094 | 396 | .Sh BUGS | ||
3095 | 397 | On Linux systems, the daemon cannot reload its configuration and needs | ||
3096 | 398 | to be restarted when the host address for a service is changed between | ||
3097 | 399 | .Dq \&* | ||
3098 | 400 | and a specific address. | ||
3099 | 401 | .Pp | ||
3100 | 402 | Server programs used with | ||
3101 | 403 | .Dq dgram | ||
3102 | 404 | .Dq udp | ||
3103 | 405 | .Dq nowait | ||
3104 | 406 | must read from the network socket, or | ||
3105 | 407 | .Nm inetd | ||
3106 | 408 | will spawn processes until the maximum is reached. | ||
3107 | 409 | .Pp | ||
3108 | 410 | Host address specifiers, while they make conceptual sense for RPC | ||
3109 | 411 | services, do not work entirely correctly. | ||
3110 | 412 | This is largely because the | ||
3111 | 413 | portmapper interface does not provide a way to register different ports | ||
3112 | 414 | for the same service on different local addresses. | ||
3113 | 415 | Provided you never | ||
3114 | 416 | have more than one entry for a given RPC service, everything should | ||
3115 | 417 | work correctly. | ||
3116 | 418 | (Note that default host address specifiers do apply to | ||
3117 | 419 | RPC lines with no explicit specifier.) | ||
3118 | 0 | 420 | ||
3119 | === added file '.pc/discard_env/inetd.c' | |||
3120 | --- .pc/discard_env/inetd.c 1970-01-01 00:00:00 +0000 | |||
3121 | +++ .pc/discard_env/inetd.c 2011-06-29 11:29:23 +0000 | |||
3122 | @@ -0,0 +1,2059 @@ | |||
3123 | 1 | /* $OpenBSD: inetd.c,v 1.131 2009/10/27 23:59:51 deraadt Exp $ */ | ||
3124 | 2 | |||
3125 | 3 | /* | ||
3126 | 4 | * Copyright (c) 1983,1991 The Regents of the University of California. | ||
3127 | 5 | * All rights reserved. | ||
3128 | 6 | * | ||
3129 | 7 | * Redistribution and use in source and binary forms, with or without | ||
3130 | 8 | * modification, are permitted provided that the following conditions | ||
3131 | 9 | * are met: | ||
3132 | 10 | * 1. Redistributions of source code must retain the above copyright | ||
3133 | 11 | * notice, this list of conditions and the following disclaimer. | ||
3134 | 12 | * 2. Redistributions in binary form must reproduce the above copyright | ||
3135 | 13 | * notice, this list of conditions and the following disclaimer in the | ||
3136 | 14 | * documentation and/or other materials provided with the distribution. | ||
3137 | 15 | * 3. Neither the name of the University nor the names of its contributors | ||
3138 | 16 | * may be used to endorse or promote products derived from this software | ||
3139 | 17 | * without specific prior written permission. | ||
3140 | 18 | * | ||
3141 | 19 | * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND | ||
3142 | 20 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
3143 | 21 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
3144 | 22 | * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE | ||
3145 | 23 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
3146 | 24 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
3147 | 25 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
3148 | 26 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
3149 | 27 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
3150 | 28 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
3151 | 29 | * SUCH DAMAGE. | ||
3152 | 30 | */ | ||
3153 | 31 | |||
3154 | 32 | /* | ||
3155 | 33 | * Inetd - Internet super-server | ||
3156 | 34 | * | ||
3157 | 35 | * This program invokes all internet services as needed. | ||
3158 | 36 | * connection-oriented services are invoked each time a | ||
3159 | 37 | * connection is made, by creating a process. This process | ||
3160 | 38 | * is passed the connection as file descriptor 0 and is | ||
3161 | 39 | * expected to do a getpeername to find out the source host | ||
3162 | 40 | * and port. | ||
3163 | 41 | * | ||
3164 | 42 | * Datagram oriented services are invoked when a datagram | ||
3165 | 43 | * arrives; a process is created and passed a pending message | ||
3166 | 44 | * on file descriptor 0. Datagram servers may either connect | ||
3167 | 45 | * to their peer, freeing up the original socket for inetd | ||
3168 | 46 | * to receive further messages on, or ``take over the socket'', | ||
3169 | 47 | * processing all arriving datagrams and, eventually, timing | ||
3170 | 48 | * out. The first type of server is said to be ``multi-threaded''; | ||
3171 | 49 | * the second type of server ``single-threaded''. | ||
3172 | 50 | * | ||
3173 | 51 | * Inetd uses a configuration file which is read at startup | ||
3174 | 52 | * and, possibly, at some later time in response to a hangup signal. | ||
3175 | 53 | * The configuration file is ``free format'' with fields given in the | ||
3176 | 54 | * order shown below. Continuation lines for an entry must begin with | ||
3177 | 55 | * a space or tab. All fields must be present in each entry. | ||
3178 | 56 | * | ||
3179 | 57 | * service name must be in /etc/services | ||
3180 | 58 | * socket type stream/dgram/raw/rdm/seqpacket | ||
3181 | 59 | * protocol must be in /etc/protocols | ||
3182 | 60 | * wait/nowait[.max] single-threaded/multi-threaded, max # | ||
3183 | 61 | * user[.group] or user[:group] user/group to run daemon as | ||
3184 | 62 | * server program full path name | ||
3185 | 63 | * server program arguments maximum of MAXARGS (20) | ||
3186 | 64 | * | ||
3187 | 65 | * For RPC services | ||
3188 | 66 | * service name/version must be in /etc/rpc | ||
3189 | 67 | * socket type stream/dgram/raw/rdm/seqpacket | ||
3190 | 68 | * protocol must be in /etc/protocols | ||
3191 | 69 | * wait/nowait[.max] single-threaded/multi-threaded | ||
3192 | 70 | * user[.group] or user[:group] user to run daemon as | ||
3193 | 71 | * server program full path name | ||
3194 | 72 | * server program arguments maximum of MAXARGS (20) | ||
3195 | 73 | * | ||
3196 | 74 | * For non-RPC services, the "service name" can be of the form | ||
3197 | 75 | * hostaddress:servicename, in which case the hostaddress is used | ||
3198 | 76 | * as the host portion of the address to listen on. If hostaddress | ||
3199 | 77 | * consists of a single `*' character, INADDR_ANY is used. | ||
3200 | 78 | * | ||
3201 | 79 | * A line can also consist of just | ||
3202 | 80 | * hostaddress: | ||
3203 | 81 | * where hostaddress is as in the preceding paragraph. Such a line must | ||
3204 | 82 | * have no further fields; the specified hostaddress is remembered and | ||
3205 | 83 | * used for all further lines that have no hostaddress specified, | ||
3206 | 84 | * until the next such line (or EOF). (This is why * is provided to | ||
3207 | 85 | * allow explicit specification of INADDR_ANY.) A line | ||
3208 | 86 | * *: | ||
3209 | 87 | * is implicitly in effect at the beginning of the file. | ||
3210 | 88 | * | ||
3211 | 89 | * The hostaddress specifier may (and often will) contain dots; | ||
3212 | 90 | * the service name must not. | ||
3213 | 91 | * | ||
3214 | 92 | * For RPC services, host-address specifiers are accepted and will | ||
3215 | 93 | * work to some extent; however, because of limitations in the | ||
3216 | 94 | * portmapper interface, it will not work to try to give more than | ||
3217 | 95 | * one line for any given RPC service, even if the host-address | ||
3218 | 96 | * specifiers are different. | ||
3219 | 97 | * | ||
3220 | 98 | * Comment lines are indicated by a `#' in column 1. | ||
3221 | 99 | */ | ||
3222 | 100 | |||
3223 | 101 | /* | ||
3224 | 102 | * Here's the scoop concerning the user[.:]group feature: | ||
3225 | 103 | * | ||
3226 | 104 | * 1) set-group-option off. | ||
3227 | 105 | * | ||
3228 | 106 | * a) user = root: NO setuid() or setgid() is done | ||
3229 | 107 | * | ||
3230 | 108 | * b) other: setgid(primary group as found in passwd) | ||
3231 | 109 | * initgroups(name, primary group) | ||
3232 | 110 | * setuid() | ||
3233 | 111 | * | ||
3234 | 112 | * 2) set-group-option on. | ||
3235 | 113 | * | ||
3236 | 114 | * a) user = root: setgid(specified group) | ||
3237 | 115 | * NO initgroups() | ||
3238 | 116 | * NO setuid() | ||
3239 | 117 | * | ||
3240 | 118 | * b) other: setgid(specified group) | ||
3241 | 119 | * initgroups(name, specified group) | ||
3242 | 120 | * setuid() | ||
3243 | 121 | * | ||
3244 | 122 | */ | ||
3245 | 123 | |||
3246 | 124 | #include <sys/param.h> | ||
3247 | 125 | #include <sys/stat.h> | ||
3248 | 126 | #include <sys/ioctl.h> | ||
3249 | 127 | #include <sys/socket.h> | ||
3250 | 128 | #include <sys/un.h> | ||
3251 | 129 | #include <sys/file.h> | ||
3252 | 130 | #include <sys/wait.h> | ||
3253 | 131 | #include <time.h> | ||
3254 | 132 | #include <sys/time.h> | ||
3255 | 133 | #include <sys/resource.h> | ||
3256 | 134 | |||
3257 | 135 | #include <net/if.h> | ||
3258 | 136 | #include <netinet/in.h> | ||
3259 | 137 | #include <arpa/inet.h> | ||
3260 | 138 | |||
3261 | 139 | #include <errno.h> | ||
3262 | 140 | #include <ctype.h> | ||
3263 | 141 | #include <signal.h> | ||
3264 | 142 | #include <netdb.h> | ||
3265 | 143 | #include <syslog.h> | ||
3266 | 144 | #include <pwd.h> | ||
3267 | 145 | #include <grp.h> | ||
3268 | 146 | #include <stdio.h> | ||
3269 | 147 | #include <stdlib.h> | ||
3270 | 148 | #include <unistd.h> | ||
3271 | 149 | #include <string.h> | ||
3272 | 150 | #ifdef HAVE_SETUSERCONTEXT | ||
3273 | 151 | #include <login_cap.h> | ||
3274 | 152 | #endif | ||
3275 | 153 | #ifdef HAVE_GETIFADDRS | ||
3276 | 154 | #include <ifaddrs.h> | ||
3277 | 155 | #endif | ||
3278 | 156 | #include <rpc/rpc.h> | ||
3279 | 157 | #include <rpc/pmap_clnt.h> | ||
3280 | 158 | #include "pathnames.h" | ||
3281 | 159 | #include "setproctitle.h" | ||
3282 | 160 | |||
3283 | 161 | size_t strlcpy(char *, const char *, size_t); | ||
3284 | 162 | |||
3285 | 163 | #define TOOMANY 256 /* don't start more than TOOMANY */ | ||
3286 | 164 | #define CNT_INTVL 60 /* servers in CNT_INTVL sec. */ | ||
3287 | 165 | #define RETRYTIME (60*10) /* retry after bind or server fail */ | ||
3288 | 166 | |||
3289 | 167 | int debug = 0; | ||
3290 | 168 | int nsock, maxsock; | ||
3291 | 169 | fd_set *allsockp; | ||
3292 | 170 | int allsockn; | ||
3293 | 171 | int toomany = TOOMANY; | ||
3294 | 172 | int options; | ||
3295 | 173 | int timingout; | ||
3296 | 174 | struct servent *sp; | ||
3297 | 175 | uid_t uid; | ||
3298 | 176 | sigset_t blockmask; | ||
3299 | 177 | sigset_t emptymask; | ||
3300 | 178 | |||
3301 | 179 | #ifndef OPEN_MAX | ||
3302 | 180 | #define OPEN_MAX 64 | ||
3303 | 181 | #endif | ||
3304 | 182 | |||
3305 | 183 | /* Reserve some descriptors, 3 stdio + at least: 1 log, 1 conf. file */ | ||
3306 | 184 | #define FD_MARGIN (8) | ||
3307 | 185 | rlim_t rlim_nofile_cur = OPEN_MAX; | ||
3308 | 186 | |||
3309 | 187 | struct rlimit rlim_nofile; | ||
3310 | 188 | |||
3311 | 189 | struct servtab { | ||
3312 | 190 | char *se_hostaddr; /* host address to listen on */ | ||
3313 | 191 | char *se_service; /* name of service */ | ||
3314 | 192 | int se_socktype; /* type of socket to use */ | ||
3315 | 193 | int se_family; /* address family */ | ||
3316 | 194 | char *se_proto; /* protocol used */ | ||
3317 | 195 | int se_rpcprog; /* rpc program number */ | ||
3318 | 196 | int se_rpcversl; /* rpc program lowest version */ | ||
3319 | 197 | int se_rpcversh; /* rpc program highest version */ | ||
3320 | 198 | #define isrpcservice(sep) ((sep)->se_rpcversl != 0) | ||
3321 | 199 | pid_t se_wait; /* single threaded server */ | ||
3322 | 200 | short se_checked; /* looked at during merge */ | ||
3323 | 201 | char *se_user; /* user name to run as */ | ||
3324 | 202 | char *se_group; /* group name to run as */ | ||
3325 | 203 | struct biltin *se_bi; /* if built-in, description */ | ||
3326 | 204 | char *se_server; /* server program */ | ||
3327 | 205 | #define MAXARGV 20 | ||
3328 | 206 | char *se_argv[MAXARGV+1]; /* program arguments */ | ||
3329 | 207 | int se_fd; /* open descriptor */ | ||
3330 | 208 | union { | ||
3331 | 209 | struct sockaddr se_un_ctrladdr; | ||
3332 | 210 | struct sockaddr_in se_un_ctrladdr_in; | ||
3333 | 211 | struct sockaddr_in6 se_un_ctrladdr_in6; | ||
3334 | 212 | struct sockaddr_un se_un_ctrladdr_un; | ||
3335 | 213 | struct sockaddr_storage se_un_ctrladdr_storage; | ||
3336 | 214 | } se_un; /* bound address */ | ||
3337 | 215 | #define se_ctrladdr se_un.se_un_ctrladdr | ||
3338 | 216 | #define se_ctrladdr_in se_un.se_un_ctrladdr_in | ||
3339 | 217 | #define se_ctrladdr_in6 se_un.se_un_ctrladdr_in6 | ||
3340 | 218 | #define se_ctrladdr_un se_un.se_un_ctrladdr_un | ||
3341 | 219 | #define se_ctrladdr_storage se_un.se_un_ctrladdr_storage | ||
3342 | 220 | int se_ctrladdr_size; | ||
3343 | 221 | int se_max; /* max # of instances of this service */ | ||
3344 | 222 | int se_count; /* number started since se_time */ | ||
3345 | 223 | struct timeval se_time; /* start of se_count */ | ||
3346 | 224 | struct servtab *se_next; | ||
3347 | 225 | } *servtab; | ||
3348 | 226 | |||
3349 | 227 | void echo_stream(int, struct servtab *); | ||
3350 | 228 | void discard_stream(int, struct servtab *); | ||
3351 | 229 | void machtime_stream(int, struct servtab *); | ||
3352 | 230 | void daytime_stream(int, struct servtab *); | ||
3353 | 231 | void chargen_stream(int, struct servtab *); | ||
3354 | 232 | void echo_dg(int, struct servtab *); | ||
3355 | 233 | void discard_dg(int, struct servtab *); | ||
3356 | 234 | void machtime_dg(int, struct servtab *); | ||
3357 | 235 | void daytime_dg(int, struct servtab *); | ||
3358 | 236 | void chargen_dg(int, struct servtab *); | ||
3359 | 237 | |||
3360 | 238 | struct biltin { | ||
3361 | 239 | char *bi_service; /* internally provided service name */ | ||
3362 | 240 | int bi_socktype; /* type of socket supported */ | ||
3363 | 241 | short bi_fork; /* 1 if should fork before call */ | ||
3364 | 242 | short bi_wait; /* 1 if should wait for child */ | ||
3365 | 243 | void (*bi_fn)(int, struct servtab *); | ||
3366 | 244 | } biltins[] = { | ||
3367 | 245 | /* Echo received data */ | ||
3368 | 246 | { "echo", SOCK_STREAM, 1, 0, echo_stream }, | ||
3369 | 247 | { "echo", SOCK_DGRAM, 0, 0, echo_dg }, | ||
3370 | 248 | |||
3371 | 249 | /* Internet /dev/null */ | ||
3372 | 250 | { "discard", SOCK_STREAM, 1, 0, discard_stream }, | ||
3373 | 251 | { "discard", SOCK_DGRAM, 0, 0, discard_dg }, | ||
3374 | 252 | |||
3375 | 253 | /* Return 32 bit time since 1900 */ | ||
3376 | 254 | { "time", SOCK_STREAM, 0, 0, machtime_stream }, | ||
3377 | 255 | { "time", SOCK_DGRAM, 0, 0, machtime_dg }, | ||
3378 | 256 | |||
3379 | 257 | /* Return human-readable time */ | ||
3380 | 258 | { "daytime", SOCK_STREAM, 0, 0, daytime_stream }, | ||
3381 | 259 | { "daytime", SOCK_DGRAM, 0, 0, daytime_dg }, | ||
3382 | 260 | |||
3383 | 261 | /* Familiar character generator */ | ||
3384 | 262 | { "chargen", SOCK_STREAM, 1, 0, chargen_stream }, | ||
3385 | 263 | { "chargen", SOCK_DGRAM, 0, 0, chargen_dg }, | ||
3386 | 264 | |||
3387 | 265 | { 0 } | ||
3388 | 266 | }; | ||
3389 | 267 | |||
3390 | 268 | volatile sig_atomic_t wantretry; | ||
3391 | 269 | volatile sig_atomic_t wantconfig; | ||
3392 | 270 | volatile sig_atomic_t wantreap; | ||
3393 | 271 | volatile sig_atomic_t wantdie; | ||
3394 | 272 | |||
3395 | 273 | void config(int); | ||
3396 | 274 | void doconfig(void); | ||
3397 | 275 | void reap(int); | ||
3398 | 276 | void doreap(void); | ||
3399 | 277 | void retry(int); | ||
3400 | 278 | void doretry(void); | ||
3401 | 279 | void die(int); | ||
3402 | 280 | void dodie(void); | ||
3403 | 281 | void logpid(void); | ||
3404 | 282 | void spawn(struct servtab *, int); | ||
3405 | 283 | int gettcp(struct servtab *); | ||
3406 | 284 | int setconfig(void); | ||
3407 | 285 | void endconfig(void); | ||
3408 | 286 | void register_rpc(struct servtab *); | ||
3409 | 287 | void unregister_rpc(struct servtab *); | ||
3410 | 288 | void freeconfig(struct servtab *); | ||
3411 | 289 | void print_service(char *, struct servtab *); | ||
3412 | 290 | void setup(struct servtab *); | ||
3413 | 291 | struct servtab *getconfigent(void); | ||
3414 | 292 | int bump_nofile(void); | ||
3415 | 293 | struct servtab *enter(struct servtab *); | ||
3416 | 294 | int matchconf(struct servtab *, struct servtab *); | ||
3417 | 295 | int dg_broadcast(struct in_addr *in); | ||
3418 | 296 | |||
3419 | 297 | #define NUMINT (sizeof(intab) / sizeof(struct inent)) | ||
3420 | 298 | char *CONFIG = _PATH_INETDCONF; | ||
3421 | 299 | |||
3422 | 300 | void | ||
3423 | 301 | fd_grow(fd_set **fdsp, int *bytes, int fd) | ||
3424 | 302 | { | ||
3425 | 303 | caddr_t new; | ||
3426 | 304 | int newbytes; | ||
3427 | 305 | |||
3428 | 306 | newbytes = howmany(fd+1, NFDBITS) * sizeof(fd_mask); | ||
3429 | 307 | if (newbytes > *bytes) { | ||
3430 | 308 | newbytes *= 2; /* optimism */ | ||
3431 | 309 | new = realloc(*fdsp, newbytes); | ||
3432 | 310 | if (new == NULL) { | ||
3433 | 311 | syslog(LOG_ERR, "Out of memory."); | ||
3434 | 312 | exit(1); | ||
3435 | 313 | } | ||
3436 | 314 | memset(new + *bytes, 0, newbytes - *bytes); | ||
3437 | 315 | *fdsp = (fd_set *)new; | ||
3438 | 316 | *bytes = newbytes; | ||
3439 | 317 | } | ||
3440 | 318 | } | ||
3441 | 319 | |||
3442 | 320 | struct sigaction sa, sapipe; | ||
3443 | 321 | |||
3444 | 322 | int | ||
3445 | 323 | main(int argc, char *argv[], char *envp[]) | ||
3446 | 324 | { | ||
3447 | 325 | fd_set *fdsrp = NULL; | ||
3448 | 326 | int readablen = 0, ch; | ||
3449 | 327 | struct servtab *sep; | ||
3450 | 328 | extern char *optarg; | ||
3451 | 329 | extern int optind; | ||
3452 | 330 | |||
3453 | 331 | initsetproctitle(argc, argv, envp); | ||
3454 | 332 | |||
3455 | 333 | while ((ch = getopt(argc, argv, "dR:")) != -1) | ||
3456 | 334 | switch (ch) { | ||
3457 | 335 | case 'd': | ||
3458 | 336 | debug = 1; | ||
3459 | 337 | break; | ||
3460 | 338 | case 'R': { /* invocation rate */ | ||
3461 | 339 | char *p; | ||
3462 | 340 | int val; | ||
3463 | 341 | |||
3464 | 342 | val = strtoul(optarg, &p, 0); | ||
3465 | 343 | if (val >= 1 && *p == '\0') { | ||
3466 | 344 | toomany = val; | ||
3467 | 345 | break; | ||
3468 | 346 | } | ||
3469 | 347 | syslog(LOG_ERR, | ||
3470 | 348 | "-R %s: bad value for service invocation rate", | ||
3471 | 349 | optarg); | ||
3472 | 350 | break; | ||
3473 | 351 | } | ||
3474 | 352 | case '?': | ||
3475 | 353 | default: | ||
3476 | 354 | fprintf(stderr, | ||
3477 | 355 | "usage: inetd [-d] [-R rate] [configuration_file]\n"); | ||
3478 | 356 | exit(1); | ||
3479 | 357 | } | ||
3480 | 358 | argc -= optind; | ||
3481 | 359 | argv += optind; | ||
3482 | 360 | |||
3483 | 361 | uid = getuid(); | ||
3484 | 362 | if (uid != 0) | ||
3485 | 363 | CONFIG = NULL; | ||
3486 | 364 | if (argc > 0) | ||
3487 | 365 | CONFIG = argv[0]; | ||
3488 | 366 | if (CONFIG == NULL) { | ||
3489 | 367 | fprintf(stderr, "inetd: non-root must specify a config file\n"); | ||
3490 | 368 | exit(1); | ||
3491 | 369 | } | ||
3492 | 370 | if (argc > 1) { | ||
3493 | 371 | fprintf(stderr, "inetd: more than one argument specified\n"); | ||
3494 | 372 | exit(1); | ||
3495 | 373 | } | ||
3496 | 374 | |||
3497 | 375 | umask(022); | ||
3498 | 376 | if (debug == 0) { | ||
3499 | 377 | daemon(0, 0); | ||
3500 | 378 | #ifdef HAVE_SETLOGIN | ||
3501 | 379 | if (uid == 0) | ||
3502 | 380 | (void) setlogin(""); | ||
3503 | 381 | #endif | ||
3504 | 382 | } | ||
3505 | 383 | if (debug && uid == 0) | ||
3506 | 384 | options |= SO_DEBUG; | ||
3507 | 385 | |||
3508 | 386 | if (uid == 0) { | ||
3509 | 387 | gid_t gid = getgid(); | ||
3510 | 388 | |||
3511 | 389 | /* If run by hand, ensure groups vector gets trashed */ | ||
3512 | 390 | setgroups(1, &gid); | ||
3513 | 391 | } | ||
3514 | 392 | |||
3515 | 393 | openlog("inetd", LOG_PID | LOG_NOWAIT, LOG_DAEMON); | ||
3516 | 394 | logpid(); | ||
3517 | 395 | |||
3518 | 396 | if (getrlimit(RLIMIT_NOFILE, &rlim_nofile) < 0) { | ||
3519 | 397 | syslog(LOG_ERR, "getrlimit: %m"); | ||
3520 | 398 | } else { | ||
3521 | 399 | rlim_nofile_cur = rlim_nofile.rlim_cur; | ||
3522 | 400 | if (rlim_nofile_cur == RLIM_INFINITY) /* ! */ | ||
3523 | 401 | rlim_nofile_cur = OPEN_MAX; | ||
3524 | 402 | } | ||
3525 | 403 | |||
3526 | 404 | sigemptyset(&emptymask); | ||
3527 | 405 | sigemptyset(&blockmask); | ||
3528 | 406 | sigaddset(&blockmask, SIGCHLD); | ||
3529 | 407 | sigaddset(&blockmask, SIGHUP); | ||
3530 | 408 | sigaddset(&blockmask, SIGALRM); | ||
3531 | 409 | |||
3532 | 410 | memset(&sa, 0, sizeof(sa)); | ||
3533 | 411 | sigemptyset(&sa.sa_mask); | ||
3534 | 412 | sigaddset(&sa.sa_mask, SIGALRM); | ||
3535 | 413 | sigaddset(&sa.sa_mask, SIGCHLD); | ||
3536 | 414 | sigaddset(&sa.sa_mask, SIGHUP); | ||
3537 | 415 | sa.sa_handler = retry; | ||
3538 | 416 | sigaction(SIGALRM, &sa, NULL); | ||
3539 | 417 | doconfig(); | ||
3540 | 418 | sa.sa_handler = config; | ||
3541 | 419 | sigaction(SIGHUP, &sa, NULL); | ||
3542 | 420 | sa.sa_handler = reap; | ||
3543 | 421 | sigaction(SIGCHLD, &sa, NULL); | ||
3544 | 422 | sa.sa_handler = die; | ||
3545 | 423 | sigaction(SIGTERM, &sa, NULL); | ||
3546 | 424 | sa.sa_handler = die; | ||
3547 | 425 | sigaction(SIGINT, &sa, NULL); | ||
3548 | 426 | sa.sa_handler = SIG_IGN; | ||
3549 | 427 | sigaction(SIGPIPE, &sa, &sapipe); | ||
3550 | 428 | |||
3551 | 429 | /* space for daemons to overwrite environment for ps */ | ||
3552 | 430 | { | ||
3553 | 431 | #define DUMMYSIZE 100 | ||
3554 | 432 | char dummy[DUMMYSIZE]; | ||
3555 | 433 | memset(dummy, 'x', DUMMYSIZE - 1); | ||
3556 | 434 | dummy[DUMMYSIZE - 1] = '\0'; | ||
3557 | 435 | setenv("inetd_dummy", dummy, 1); | ||
3558 | 436 | } | ||
3559 | 437 | |||
3560 | 438 | for (;;) { | ||
3561 | 439 | int n, ctrl = -1; | ||
3562 | 440 | |||
3563 | 441 | restart: | ||
3564 | 442 | if (nsock == 0) { | ||
3565 | 443 | (void) sigprocmask(SIG_BLOCK, &blockmask, NULL); | ||
3566 | 444 | while (nsock == 0) { | ||
3567 | 445 | if (wantretry || wantconfig || wantreap || wantdie) | ||
3568 | 446 | break; | ||
3569 | 447 | sigsuspend(&emptymask); | ||
3570 | 448 | } | ||
3571 | 449 | (void) sigprocmask(SIG_SETMASK, &emptymask, NULL); | ||
3572 | 450 | } | ||
3573 | 451 | |||
3574 | 452 | while (wantretry || wantconfig || wantreap || wantdie) { | ||
3575 | 453 | if (wantretry) { | ||
3576 | 454 | wantretry = 0; | ||
3577 | 455 | doretry(); | ||
3578 | 456 | } | ||
3579 | 457 | if (wantconfig) { | ||
3580 | 458 | wantconfig = 0; | ||
3581 | 459 | doconfig(); | ||
3582 | 460 | } | ||
3583 | 461 | if (wantreap) { | ||
3584 | 462 | wantreap = 0; | ||
3585 | 463 | doreap(); | ||
3586 | 464 | } | ||
3587 | 465 | if (wantdie) | ||
3588 | 466 | dodie(); | ||
3589 | 467 | goto restart; | ||
3590 | 468 | } | ||
3591 | 469 | |||
3592 | 470 | if (readablen != allsockn) { | ||
3593 | 471 | if (fdsrp) | ||
3594 | 472 | free(fdsrp); | ||
3595 | 473 | fdsrp = (fd_set *)calloc(allsockn, 1); | ||
3596 | 474 | if (fdsrp == NULL) { | ||
3597 | 475 | syslog(LOG_ERR, "Out of memory."); | ||
3598 | 476 | exit(1); | ||
3599 | 477 | } | ||
3600 | 478 | readablen = allsockn; | ||
3601 | 479 | } | ||
3602 | 480 | bcopy(allsockp, fdsrp, allsockn); | ||
3603 | 481 | |||
3604 | 482 | if ((n = select(maxsock + 1, fdsrp, NULL, NULL, NULL)) <= 0) { | ||
3605 | 483 | if (n < 0 && errno != EINTR) { | ||
3606 | 484 | syslog(LOG_WARNING, "select: %m"); | ||
3607 | 485 | sleep(1); | ||
3608 | 486 | } | ||
3609 | 487 | continue; | ||
3610 | 488 | } | ||
3611 | 489 | |||
3612 | 490 | for (sep = servtab; n && sep; sep = sep->se_next) { | ||
3613 | 491 | if (sep->se_fd != -1 && | ||
3614 | 492 | FD_ISSET(sep->se_fd, fdsrp)) { | ||
3615 | 493 | n--; | ||
3616 | 494 | if (debug) | ||
3617 | 495 | fprintf(stderr, "someone wants %s\n", | ||
3618 | 496 | sep->se_service); | ||
3619 | 497 | if (!sep->se_wait && | ||
3620 | 498 | sep->se_socktype == SOCK_STREAM) { | ||
3621 | 499 | ctrl = gettcp(sep); | ||
3622 | 500 | if (ctrl == -1) | ||
3623 | 501 | continue; | ||
3624 | 502 | } else | ||
3625 | 503 | ctrl = sep->se_fd; | ||
3626 | 504 | (void) sigprocmask(SIG_BLOCK, &blockmask, NULL); | ||
3627 | 505 | spawn(sep, ctrl); /* spawn will unblock */ | ||
3628 | 506 | } | ||
3629 | 507 | } | ||
3630 | 508 | } | ||
3631 | 509 | } | ||
3632 | 510 | |||
3633 | 511 | int | ||
3634 | 512 | gettcp(struct servtab *sep) | ||
3635 | 513 | { | ||
3636 | 514 | int ctrl; | ||
3637 | 515 | |||
3638 | 516 | ctrl = accept(sep->se_fd, NULL, NULL); | ||
3639 | 517 | if (debug) | ||
3640 | 518 | fprintf(stderr, "accept, ctrl %d\n", ctrl); | ||
3641 | 519 | if (ctrl < 0) { | ||
3642 | 520 | if (errno == EINTR) | ||
3643 | 521 | return -1; | ||
3644 | 522 | syslog(LOG_WARNING, "accept (for %s): %m", sep->se_service); | ||
3645 | 523 | return -1; | ||
3646 | 524 | } | ||
3647 | 525 | if ((sep->se_family == AF_INET || sep->se_family == AF_INET6) && | ||
3648 | 526 | sep->se_socktype == SOCK_STREAM) { | ||
3649 | 527 | struct sockaddr_storage peer; | ||
3650 | 528 | socklen_t plen = sizeof(peer); | ||
3651 | 529 | char sbuf[NI_MAXSERV]; | ||
3652 | 530 | |||
3653 | 531 | if (getpeername(ctrl, (struct sockaddr *)&peer, &plen) < 0) { | ||
3654 | 532 | syslog(LOG_WARNING, "could not getpeername"); | ||
3655 | 533 | close(ctrl); | ||
3656 | 534 | return -1; | ||
3657 | 535 | } | ||
3658 | 536 | if (getnameinfo((struct sockaddr *)&peer, plen, NULL, 0, | ||
3659 | 537 | sbuf, sizeof(sbuf), NI_NUMERICSERV) == 0 && | ||
3660 | 538 | atoi(sbuf) == 20) { | ||
3661 | 539 | /* | ||
3662 | 540 | * ignore things that look like ftp bounce | ||
3663 | 541 | */ | ||
3664 | 542 | close(ctrl); | ||
3665 | 543 | return -1; | ||
3666 | 544 | } | ||
3667 | 545 | } | ||
3668 | 546 | return (ctrl); | ||
3669 | 547 | } | ||
3670 | 548 | |||
3671 | 549 | |||
3672 | 550 | int | ||
3673 | 551 | dg_badinput(struct sockaddr *sa) | ||
3674 | 552 | { | ||
3675 | 553 | struct in_addr in; | ||
3676 | 554 | struct in6_addr *in6; | ||
3677 | 555 | u_int16_t port; | ||
3678 | 556 | |||
3679 | 557 | switch (sa->sa_family) { | ||
3680 | 558 | case AF_INET: | ||
3681 | 559 | in.s_addr = ntohl(((struct sockaddr_in *)sa)->sin_addr.s_addr); | ||
3682 | 560 | port = ntohs(((struct sockaddr_in *)sa)->sin_port); | ||
3683 | 561 | v4chk: | ||
3684 | 562 | if (IN_MULTICAST(in.s_addr)) | ||
3685 | 563 | goto bad; | ||
3686 | 564 | switch ((in.s_addr & 0xff000000) >> 24) { | ||
3687 | 565 | case 0: case 127: case 255: | ||
3688 | 566 | goto bad; | ||
3689 | 567 | } | ||
3690 | 568 | if (dg_broadcast(&in)) | ||
3691 | 569 | goto bad; | ||
3692 | 570 | break; | ||
3693 | 571 | case AF_INET6: | ||
3694 | 572 | in6 = &((struct sockaddr_in6 *)sa)->sin6_addr; | ||
3695 | 573 | port = ntohs(((struct sockaddr_in6 *)sa)->sin6_port); | ||
3696 | 574 | if (IN6_IS_ADDR_MULTICAST(in6) || IN6_IS_ADDR_UNSPECIFIED(in6)) | ||
3697 | 575 | goto bad; | ||
3698 | 576 | /* | ||
3699 | 577 | * OpenBSD does not support IPv4 mapped address (RFC2553 | ||
3700 | 578 | * inbound behavior) at all. We should drop it. | ||
3701 | 579 | */ | ||
3702 | 580 | if (IN6_IS_ADDR_V4MAPPED(in6)) | ||
3703 | 581 | goto bad; | ||
3704 | 582 | if (IN6_IS_ADDR_V4COMPAT(in6)) { | ||
3705 | 583 | memcpy(&in, &in6->s6_addr[12], sizeof(in)); | ||
3706 | 584 | in.s_addr = ntohl(in.s_addr); | ||
3707 | 585 | goto v4chk; | ||
3708 | 586 | } | ||
3709 | 587 | break; | ||
3710 | 588 | default: | ||
3711 | 589 | /* XXX unsupported af, is it safe to assume it to be safe? */ | ||
3712 | 590 | return 0; | ||
3713 | 591 | } | ||
3714 | 592 | |||
3715 | 593 | return (0); | ||
3716 | 594 | |||
3717 | 595 | bad: | ||
3718 | 596 | return (1); | ||
3719 | 597 | } | ||
3720 | 598 | |||
3721 | 599 | int | ||
3722 | 600 | dg_broadcast(struct in_addr *in) | ||
3723 | 601 | { | ||
3724 | 602 | #ifdef HAVE_GETIFADDRS | ||
3725 | 603 | struct ifaddrs *ifa, *ifap; | ||
3726 | 604 | struct sockaddr_in *sin; | ||
3727 | 605 | |||
3728 | 606 | if (getifaddrs(&ifap) < 0) | ||
3729 | 607 | return (0); | ||
3730 | 608 | for (ifa = ifap; ifa; ifa = ifa->ifa_next) { | ||
3731 | 609 | if (ifa->ifa_addr->sa_family != AF_INET || | ||
3732 | 610 | (ifa->ifa_flags & IFF_BROADCAST) == 0) | ||
3733 | 611 | continue; | ||
3734 | 612 | sin = (struct sockaddr_in *)ifa->ifa_broadaddr; | ||
3735 | 613 | if (sin->sin_addr.s_addr == in->s_addr) { | ||
3736 | 614 | freeifaddrs(ifap); | ||
3737 | 615 | return (1); | ||
3738 | 616 | } | ||
3739 | 617 | } | ||
3740 | 618 | freeifaddrs(ifap); | ||
3741 | 619 | #endif | ||
3742 | 620 | return (0); | ||
3743 | 621 | } | ||
3744 | 622 | |||
3745 | 623 | /* ARGSUSED */ | ||
3746 | 624 | void | ||
3747 | 625 | reap(int sig) | ||
3748 | 626 | { | ||
3749 | 627 | wantreap = 1; | ||
3750 | 628 | } | ||
3751 | 629 | |||
3752 | 630 | void | ||
3753 | 631 | doreap(void) | ||
3754 | 632 | { | ||
3755 | 633 | struct servtab *sep; | ||
3756 | 634 | int status; | ||
3757 | 635 | pid_t pid; | ||
3758 | 636 | |||
3759 | 637 | if (debug) | ||
3760 | 638 | fprintf(stderr, "reaping asked for\n"); | ||
3761 | 639 | |||
3762 | 640 | for (;;) { | ||
3763 | 641 | if ((pid = wait3(&status, WNOHANG, NULL)) <= 0) { | ||
3764 | 642 | if (pid == -1 && errno == EINTR) | ||
3765 | 643 | continue; | ||
3766 | 644 | break; | ||
3767 | 645 | } | ||
3768 | 646 | if (debug) | ||
3769 | 647 | fprintf(stderr, "%ld reaped, status %x\n", | ||
3770 | 648 | (long)pid, status); | ||
3771 | 649 | for (sep = servtab; sep; sep = sep->se_next) | ||
3772 | 650 | if (sep->se_wait == pid) { | ||
3773 | 651 | if (WIFEXITED(status) && WEXITSTATUS(status)) | ||
3774 | 652 | syslog(LOG_WARNING, | ||
3775 | 653 | "%s: exit status %d", | ||
3776 | 654 | sep->se_server, WEXITSTATUS(status)); | ||
3777 | 655 | else if (WIFSIGNALED(status)) | ||
3778 | 656 | syslog(LOG_WARNING, | ||
3779 | 657 | "%s: exit signal %d", | ||
3780 | 658 | sep->se_server, WTERMSIG(status)); | ||
3781 | 659 | sep->se_wait = 1; | ||
3782 | 660 | fd_grow(&allsockp, &allsockn, sep->se_fd); | ||
3783 | 661 | FD_SET(sep->se_fd, allsockp); | ||
3784 | 662 | nsock++; | ||
3785 | 663 | if (debug) | ||
3786 | 664 | fprintf(stderr, "restored %s, fd %d\n", | ||
3787 | 665 | sep->se_service, sep->se_fd); | ||
3788 | 666 | } | ||
3789 | 667 | } | ||
3790 | 668 | } | ||
3791 | 669 | |||
3792 | 670 | /* ARGSUSED */ | ||
3793 | 671 | void | ||
3794 | 672 | config(int sig) | ||
3795 | 673 | { | ||
3796 | 674 | wantconfig = 1; | ||
3797 | 675 | } | ||
3798 | 676 | |||
3799 | 677 | void | ||
3800 | 678 | doconfig(void) | ||
3801 | 679 | { | ||
3802 | 680 | struct servtab *sep, *cp, **sepp; | ||
3803 | 681 | int add; | ||
3804 | 682 | char protoname[10]; | ||
3805 | 683 | sigset_t omask; | ||
3806 | 684 | |||
3807 | 685 | if (!setconfig()) { | ||
3808 | 686 | syslog(LOG_ERR, "%s: %m", CONFIG); | ||
3809 | 687 | exit(1); | ||
3810 | 688 | } | ||
3811 | 689 | for (sep = servtab; sep; sep = sep->se_next) | ||
3812 | 690 | sep->se_checked = 0; | ||
3813 | 691 | cp = getconfigent(); | ||
3814 | 692 | while (cp != NULL) { | ||
3815 | 693 | for (sep = servtab; sep; sep = sep->se_next) | ||
3816 | 694 | if (matchconf(sep, cp)) | ||
3817 | 695 | break; | ||
3818 | 696 | add = 0; | ||
3819 | 697 | if (sep != NULL) { | ||
3820 | 698 | int i; | ||
3821 | 699 | |||
3822 | 700 | #define SWAP(type, a, b) {type c=(type)a; a=(type)b; b=(type)c;} | ||
3823 | 701 | |||
3824 | 702 | sigprocmask(SIG_BLOCK, &blockmask, &omask); | ||
3825 | 703 | /* | ||
3826 | 704 | * sep->se_wait may be holding the pid of a daemon | ||
3827 | 705 | * that we're waiting for. If so, don't overwrite | ||
3828 | 706 | * it unless the config file explicitly says don't | ||
3829 | 707 | * wait. | ||
3830 | 708 | */ | ||
3831 | 709 | if (cp->se_bi == 0 && | ||
3832 | 710 | (sep->se_wait == 1 || cp->se_wait == 0)) | ||
3833 | 711 | sep->se_wait = cp->se_wait; | ||
3834 | 712 | SWAP(int, cp->se_max, sep->se_max); | ||
3835 | 713 | SWAP(char *, sep->se_user, cp->se_user); | ||
3836 | 714 | SWAP(char *, sep->se_group, cp->se_group); | ||
3837 | 715 | SWAP(char *, sep->se_server, cp->se_server); | ||
3838 | 716 | for (i = 0; i < MAXARGV; i++) | ||
3839 | 717 | SWAP(char *, sep->se_argv[i], cp->se_argv[i]); | ||
3840 | 718 | #undef SWAP | ||
3841 | 719 | if (isrpcservice(sep)) | ||
3842 | 720 | unregister_rpc(sep); | ||
3843 | 721 | sep->se_rpcversl = cp->se_rpcversl; | ||
3844 | 722 | sep->se_rpcversh = cp->se_rpcversh; | ||
3845 | 723 | sigprocmask(SIG_SETMASK, &omask, NULL); | ||
3846 | 724 | freeconfig(cp); | ||
3847 | 725 | add = 1; | ||
3848 | 726 | } else { | ||
3849 | 727 | sep = enter(cp); | ||
3850 | 728 | } | ||
3851 | 729 | sep->se_checked = 1; | ||
3852 | 730 | |||
3853 | 731 | switch (sep->se_family) { | ||
3854 | 732 | case AF_UNIX: | ||
3855 | 733 | if (sep->se_fd != -1) | ||
3856 | 734 | break; | ||
3857 | 735 | sep->se_ctrladdr_size = | ||
3858 | 736 | strlcpy(sep->se_ctrladdr_un.sun_path, | ||
3859 | 737 | sep->se_service, | ||
3860 | 738 | sizeof sep->se_ctrladdr_un.sun_path); | ||
3861 | 739 | if (sep->se_ctrladdr_size >= | ||
3862 | 740 | sizeof sep->se_ctrladdr_un.sun_path) { | ||
3863 | 741 | syslog(LOG_WARNING, "%s/%s: UNIX domain socket " | ||
3864 | 742 | "path too long", sep->se_service, | ||
3865 | 743 | sep->se_proto); | ||
3866 | 744 | goto serv_unknown; | ||
3867 | 745 | } | ||
3868 | 746 | sep->se_ctrladdr_un.sun_family = AF_UNIX; | ||
3869 | 747 | sep->se_ctrladdr_size += | ||
3870 | 748 | 1 + sizeof sep->se_ctrladdr_un.sun_family; | ||
3871 | 749 | (void)unlink(sep->se_service); | ||
3872 | 750 | setup(sep); | ||
3873 | 751 | break; | ||
3874 | 752 | case AF_INET: | ||
3875 | 753 | sep->se_ctrladdr_in.sin_family = AF_INET; | ||
3876 | 754 | /* se_ctrladdr_in was set in getconfigent */ | ||
3877 | 755 | sep->se_ctrladdr_size = sizeof sep->se_ctrladdr_in; | ||
3878 | 756 | |||
3879 | 757 | if (isrpcservice(sep)) { | ||
3880 | 758 | struct rpcent *rp; | ||
3881 | 759 | |||
3882 | 760 | sep->se_rpcprog = atoi(sep->se_service); | ||
3883 | 761 | if (sep->se_rpcprog == 0) { | ||
3884 | 762 | rp = getrpcbyname(sep->se_service); | ||
3885 | 763 | if (rp == 0) { | ||
3886 | 764 | syslog(LOG_ERR, | ||
3887 | 765 | "%s: unknown rpc service", | ||
3888 | 766 | sep->se_service); | ||
3889 | 767 | goto serv_unknown; | ||
3890 | 768 | } | ||
3891 | 769 | sep->se_rpcprog = rp->r_number; | ||
3892 | 770 | } | ||
3893 | 771 | if (sep->se_fd == -1) | ||
3894 | 772 | setup(sep); | ||
3895 | 773 | if (sep->se_fd != -1) | ||
3896 | 774 | register_rpc(sep); | ||
3897 | 775 | } else { | ||
3898 | 776 | u_short port = htons(atoi(sep->se_service)); | ||
3899 | 777 | |||
3900 | 778 | if (!port) { | ||
3901 | 779 | /* XXX */ | ||
3902 | 780 | strncpy(protoname, sep->se_proto, | ||
3903 | 781 | sizeof(protoname)); | ||
3904 | 782 | if (isdigit(protoname[strlen(protoname) - 1])) | ||
3905 | 783 | protoname[strlen(protoname) - 1] = '\0'; | ||
3906 | 784 | sp = getservbyname(sep->se_service, | ||
3907 | 785 | protoname); | ||
3908 | 786 | if (sp == 0) { | ||
3909 | 787 | syslog(LOG_ERR, | ||
3910 | 788 | "%s/%s: unknown service", | ||
3911 | 789 | sep->se_service, sep->se_proto); | ||
3912 | 790 | goto serv_unknown; | ||
3913 | 791 | } | ||
3914 | 792 | port = sp->s_port; | ||
3915 | 793 | } | ||
3916 | 794 | if (port != sep->se_ctrladdr_in.sin_port) { | ||
3917 | 795 | sep->se_ctrladdr_in.sin_port = port; | ||
3918 | 796 | if (sep->se_fd != -1) { | ||
3919 | 797 | FD_CLR(sep->se_fd, allsockp); | ||
3920 | 798 | nsock--; | ||
3921 | 799 | (void) close(sep->se_fd); | ||
3922 | 800 | } | ||
3923 | 801 | sep->se_fd = -1; | ||
3924 | 802 | } | ||
3925 | 803 | if (sep->se_fd == -1) | ||
3926 | 804 | setup(sep); | ||
3927 | 805 | } | ||
3928 | 806 | break; | ||
3929 | 807 | case AF_INET6: | ||
3930 | 808 | sep->se_ctrladdr_in6.sin6_family = AF_INET6; | ||
3931 | 809 | /* se_ctrladdr_in was set in getconfigent */ | ||
3932 | 810 | sep->se_ctrladdr_size = sizeof sep->se_ctrladdr_in6; | ||
3933 | 811 | |||
3934 | 812 | if (isrpcservice(sep)) { | ||
3935 | 813 | struct rpcent *rp; | ||
3936 | 814 | |||
3937 | 815 | sep->se_rpcprog = atoi(sep->se_service); | ||
3938 | 816 | if (sep->se_rpcprog == 0) { | ||
3939 | 817 | rp = getrpcbyname(sep->se_service); | ||
3940 | 818 | if (rp == 0) { | ||
3941 | 819 | syslog(LOG_ERR, | ||
3942 | 820 | "%s: unknown rpc service", | ||
3943 | 821 | sep->se_service); | ||
3944 | 822 | goto serv_unknown; | ||
3945 | 823 | } | ||
3946 | 824 | sep->se_rpcprog = rp->r_number; | ||
3947 | 825 | } | ||
3948 | 826 | if (sep->se_fd == -1) | ||
3949 | 827 | setup(sep); | ||
3950 | 828 | if (sep->se_fd != -1) | ||
3951 | 829 | register_rpc(sep); | ||
3952 | 830 | } else { | ||
3953 | 831 | u_short port = htons(atoi(sep->se_service)); | ||
3954 | 832 | |||
3955 | 833 | if (!port) { | ||
3956 | 834 | /* XXX */ | ||
3957 | 835 | strncpy(protoname, sep->se_proto, | ||
3958 | 836 | sizeof(protoname)); | ||
3959 | 837 | if (isdigit(protoname[strlen(protoname) - 1])) | ||
3960 | 838 | protoname[strlen(protoname) - 1] = '\0'; | ||
3961 | 839 | sp = getservbyname(sep->se_service, | ||
3962 | 840 | protoname); | ||
3963 | 841 | if (sp == 0) { | ||
3964 | 842 | syslog(LOG_ERR, | ||
3965 | 843 | "%s/%s: unknown service", | ||
3966 | 844 | sep->se_service, sep->se_proto); | ||
3967 | 845 | goto serv_unknown; | ||
3968 | 846 | } | ||
3969 | 847 | port = sp->s_port; | ||
3970 | 848 | } | ||
3971 | 849 | if (port != sep->se_ctrladdr_in6.sin6_port) { | ||
3972 | 850 | sep->se_ctrladdr_in6.sin6_port = port; | ||
3973 | 851 | if (sep->se_fd != -1) { | ||
3974 | 852 | FD_CLR(sep->se_fd, allsockp); | ||
3975 | 853 | nsock--; | ||
3976 | 854 | (void) close(sep->se_fd); | ||
3977 | 855 | } | ||
3978 | 856 | sep->se_fd = -1; | ||
3979 | 857 | } | ||
3980 | 858 | if (sep->se_fd == -1) | ||
3981 | 859 | setup(sep); | ||
3982 | 860 | } | ||
3983 | 861 | break; | ||
3984 | 862 | } | ||
3985 | 863 | serv_unknown: | ||
3986 | 864 | if (cp->se_next != NULL) { | ||
3987 | 865 | struct servtab *tmp = cp; | ||
3988 | 866 | |||
3989 | 867 | cp = cp->se_next; | ||
3990 | 868 | free(tmp); | ||
3991 | 869 | } else { | ||
3992 | 870 | free(cp); | ||
3993 | 871 | cp = getconfigent(); | ||
3994 | 872 | } | ||
3995 | 873 | if (debug) | ||
3996 | 874 | print_service(add ? "REDO" : "ADD", sep); | ||
3997 | 875 | } | ||
3998 | 876 | endconfig(); | ||
3999 | 877 | /* | ||
4000 | 878 | * Purge anything not looked at above. | ||
4001 | 879 | */ | ||
4002 | 880 | sigprocmask(SIG_BLOCK, &blockmask, &omask); | ||
4003 | 881 | sepp = &servtab; | ||
4004 | 882 | while ((sep = *sepp)) { | ||
4005 | 883 | if (sep->se_checked) { | ||
4006 | 884 | sepp = &sep->se_next; | ||
4007 | 885 | continue; | ||
4008 | 886 | } | ||
4009 | 887 | *sepp = sep->se_next; | ||
4010 | 888 | if (sep->se_fd != -1) { | ||
4011 | 889 | FD_CLR(sep->se_fd, allsockp); | ||
4012 | 890 | nsock--; | ||
4013 | 891 | (void) close(sep->se_fd); | ||
4014 | 892 | } | ||
4015 | 893 | if (isrpcservice(sep)) | ||
4016 | 894 | unregister_rpc(sep); | ||
4017 | 895 | if (sep->se_family == AF_UNIX) | ||
4018 | 896 | (void)unlink(sep->se_service); | ||
4019 | 897 | if (debug) | ||
4020 | 898 | print_service("FREE", sep); | ||
4021 | 899 | freeconfig(sep); | ||
4022 | 900 | free(sep); | ||
4023 | 901 | } | ||
4024 | 902 | sigprocmask(SIG_SETMASK, &omask, NULL); | ||
4025 | 903 | } | ||
4026 | 904 | |||
4027 | 905 | /* ARGSUSED */ | ||
4028 | 906 | void | ||
4029 | 907 | retry(int sig) | ||
4030 | 908 | { | ||
4031 | 909 | wantretry = 1; | ||
4032 | 910 | } | ||
4033 | 911 | |||
4034 | 912 | void | ||
4035 | 913 | doretry(void) | ||
4036 | 914 | { | ||
4037 | 915 | struct servtab *sep; | ||
4038 | 916 | |||
4039 | 917 | timingout = 0; | ||
4040 | 918 | for (sep = servtab; sep; sep = sep->se_next) { | ||
4041 | 919 | if (sep->se_fd == -1) { | ||
4042 | 920 | switch (sep->se_family) { | ||
4043 | 921 | case AF_UNIX: | ||
4044 | 922 | case AF_INET: | ||
4045 | 923 | case AF_INET6: | ||
4046 | 924 | setup(sep); | ||
4047 | 925 | if (sep->se_fd != -1 && isrpcservice(sep)) | ||
4048 | 926 | register_rpc(sep); | ||
4049 | 927 | break; | ||
4050 | 928 | } | ||
4051 | 929 | } | ||
4052 | 930 | } | ||
4053 | 931 | } | ||
4054 | 932 | |||
4055 | 933 | /* ARGSUSED */ | ||
4056 | 934 | void | ||
4057 | 935 | die(int sig) | ||
4058 | 936 | { | ||
4059 | 937 | wantdie = 1; | ||
4060 | 938 | } | ||
4061 | 939 | |||
4062 | 940 | void | ||
4063 | 941 | dodie(void) | ||
4064 | 942 | { | ||
4065 | 943 | struct servtab *sep; | ||
4066 | 944 | |||
4067 | 945 | for (sep = servtab; sep; sep = sep->se_next) { | ||
4068 | 946 | if (sep->se_fd == -1) | ||
4069 | 947 | continue; | ||
4070 | 948 | |||
4071 | 949 | switch (sep->se_family) { | ||
4072 | 950 | case AF_UNIX: | ||
4073 | 951 | (void)unlink(sep->se_service); | ||
4074 | 952 | break; | ||
4075 | 953 | case AF_INET: | ||
4076 | 954 | case AF_INET6: | ||
4077 | 955 | if (sep->se_wait == 1 && isrpcservice(sep)) | ||
4078 | 956 | unregister_rpc(sep); | ||
4079 | 957 | break; | ||
4080 | 958 | } | ||
4081 | 959 | (void)close(sep->se_fd); | ||
4082 | 960 | } | ||
4083 | 961 | (void)unlink(_PATH_INETDPID); | ||
4084 | 962 | exit(0); | ||
4085 | 963 | } | ||
4086 | 964 | |||
4087 | 965 | void | ||
4088 | 966 | setup(struct servtab *sep) | ||
4089 | 967 | { | ||
4090 | 968 | int on = 1; | ||
4091 | 969 | int r; | ||
4092 | 970 | mode_t mask = 0; | ||
4093 | 971 | |||
4094 | 972 | if ((sep->se_fd = socket(sep->se_family, sep->se_socktype, 0)) < 0) { | ||
4095 | 973 | syslog(LOG_ERR, "%s/%s: socket: %m", | ||
4096 | 974 | sep->se_service, sep->se_proto); | ||
4097 | 975 | return; | ||
4098 | 976 | } | ||
4099 | 977 | #define turnon(fd, opt) \ | ||
4100 | 978 | setsockopt(fd, SOL_SOCKET, opt, &on, sizeof (on)) | ||
4101 | 979 | if (strncmp(sep->se_proto, "tcp", 3) == 0 && (options & SO_DEBUG) && | ||
4102 | 980 | turnon(sep->se_fd, SO_DEBUG) < 0) | ||
4103 | 981 | syslog(LOG_ERR, "setsockopt (SO_DEBUG): %m"); | ||
4104 | 982 | if (turnon(sep->se_fd, SO_REUSEADDR) < 0) | ||
4105 | 983 | syslog(LOG_ERR, "setsockopt (SO_REUSEADDR): %m"); | ||
4106 | 984 | #undef turnon | ||
4107 | 985 | if (isrpcservice(sep)) { | ||
4108 | 986 | struct passwd *pwd; | ||
4109 | 987 | |||
4110 | 988 | /* | ||
4111 | 989 | * for RPC services, attempt to use a reserved port | ||
4112 | 990 | * if they are going to be running as root. | ||
4113 | 991 | * | ||
4114 | 992 | * Also, zero out the port for all RPC services; let bind() | ||
4115 | 993 | * find one. | ||
4116 | 994 | */ | ||
4117 | 995 | sep->se_ctrladdr_in.sin_port = 0; | ||
4118 | 996 | if (sep->se_user && (pwd = getpwnam(sep->se_user)) && | ||
4119 | 997 | pwd->pw_uid == 0 && uid == 0) | ||
4120 | 998 | r = bindresvport(sep->se_fd, &sep->se_ctrladdr_in); | ||
4121 | 999 | else { | ||
4122 | 1000 | r = bind(sep->se_fd, &sep->se_ctrladdr, | ||
4123 | 1001 | sep->se_ctrladdr_size); | ||
4124 | 1002 | if (r == 0) { | ||
4125 | 1003 | socklen_t len = sep->se_ctrladdr_size; | ||
4126 | 1004 | int saveerrno = errno; | ||
4127 | 1005 | |||
4128 | 1006 | /* update se_ctrladdr_in.sin_port */ | ||
4129 | 1007 | r = getsockname(sep->se_fd, &sep->se_ctrladdr, | ||
4130 | 1008 | &len); | ||
4131 | 1009 | if (r <= 0) | ||
4132 | 1010 | errno = saveerrno; | ||
4133 | 1011 | } | ||
4134 | 1012 | } | ||
4135 | 1013 | } else { | ||
4136 | 1014 | if (sep->se_family == AF_UNIX) | ||
4137 | 1015 | mask = umask(0111); | ||
4138 | 1016 | r = bind(sep->se_fd, &sep->se_ctrladdr, sep->se_ctrladdr_size); | ||
4139 | 1017 | if (sep->se_family == AF_UNIX) | ||
4140 | 1018 | umask(mask); | ||
4141 | 1019 | } | ||
4142 | 1020 | if (r < 0) { | ||
4143 | 1021 | syslog(LOG_ERR, "%s/%s: bind: %m", | ||
4144 | 1022 | sep->se_service, sep->se_proto); | ||
4145 | 1023 | (void) close(sep->se_fd); | ||
4146 | 1024 | sep->se_fd = -1; | ||
4147 | 1025 | if (!timingout) { | ||
4148 | 1026 | timingout = 1; | ||
4149 | 1027 | alarm(RETRYTIME); | ||
4150 | 1028 | } | ||
4151 | 1029 | return; | ||
4152 | 1030 | } | ||
4153 | 1031 | if (sep->se_socktype == SOCK_STREAM) | ||
4154 | 1032 | listen(sep->se_fd, 10); | ||
4155 | 1033 | |||
4156 | 1034 | fd_grow(&allsockp, &allsockn, sep->se_fd); | ||
4157 | 1035 | FD_SET(sep->se_fd, allsockp); | ||
4158 | 1036 | nsock++; | ||
4159 | 1037 | if (sep->se_fd > maxsock) { | ||
4160 | 1038 | maxsock = sep->se_fd; | ||
4161 | 1039 | if (maxsock > rlim_nofile_cur - FD_MARGIN) | ||
4162 | 1040 | bump_nofile(); | ||
4163 | 1041 | } | ||
4164 | 1042 | } | ||
4165 | 1043 | |||
4166 | 1044 | void | ||
4167 | 1045 | register_rpc(struct servtab *sep) | ||
4168 | 1046 | { | ||
4169 | 1047 | socklen_t n; | ||
4170 | 1048 | struct sockaddr_in sin; | ||
4171 | 1049 | struct protoent *pp; | ||
4172 | 1050 | |||
4173 | 1051 | if ((pp = getprotobyname(sep->se_proto+4)) == NULL) { | ||
4174 | 1052 | syslog(LOG_ERR, "%s: getproto: %m", | ||
4175 | 1053 | sep->se_proto); | ||
4176 | 1054 | return; | ||
4177 | 1055 | } | ||
4178 | 1056 | n = sizeof sin; | ||
4179 | 1057 | if (getsockname(sep->se_fd, (struct sockaddr *)&sin, &n) < 0) { | ||
4180 | 1058 | syslog(LOG_ERR, "%s/%s: getsockname: %m", | ||
4181 | 1059 | sep->se_service, sep->se_proto); | ||
4182 | 1060 | return; | ||
4183 | 1061 | } | ||
4184 | 1062 | |||
4185 | 1063 | for (n = sep->se_rpcversl; n <= sep->se_rpcversh; n++) { | ||
4186 | 1064 | if (debug) | ||
4187 | 1065 | fprintf(stderr, "pmap_set: %u %u %u %u\n", | ||
4188 | 1066 | sep->se_rpcprog, n, pp->p_proto, | ||
4189 | 1067 | ntohs(sin.sin_port)); | ||
4190 | 1068 | (void)pmap_unset(sep->se_rpcprog, n); | ||
4191 | 1069 | if (!pmap_set(sep->se_rpcprog, n, pp->p_proto, ntohs(sin.sin_port))) | ||
4192 | 1070 | syslog(LOG_ERR, "%s %s: pmap_set: %u %u %u %u: %m", | ||
4193 | 1071 | sep->se_service, sep->se_proto, | ||
4194 | 1072 | sep->se_rpcprog, n, pp->p_proto, | ||
4195 | 1073 | ntohs(sin.sin_port)); | ||
4196 | 1074 | } | ||
4197 | 1075 | } | ||
4198 | 1076 | |||
4199 | 1077 | void | ||
4200 | 1078 | unregister_rpc(struct servtab *sep) | ||
4201 | 1079 | { | ||
4202 | 1080 | int n; | ||
4203 | 1081 | |||
4204 | 1082 | for (n = sep->se_rpcversl; n <= sep->se_rpcversh; n++) { | ||
4205 | 1083 | if (debug) | ||
4206 | 1084 | fprintf(stderr, "pmap_unset(%u, %u)\n", | ||
4207 | 1085 | sep->se_rpcprog, n); | ||
4208 | 1086 | if (!pmap_unset(sep->se_rpcprog, n)) | ||
4209 | 1087 | syslog(LOG_ERR, "pmap_unset(%u, %u)", | ||
4210 | 1088 | sep->se_rpcprog, n); | ||
4211 | 1089 | } | ||
4212 | 1090 | } | ||
4213 | 1091 | |||
4214 | 1092 | |||
4215 | 1093 | struct servtab * | ||
4216 | 1094 | enter(struct servtab *cp) | ||
4217 | 1095 | { | ||
4218 | 1096 | struct servtab *sep; | ||
4219 | 1097 | sigset_t omask; | ||
4220 | 1098 | |||
4221 | 1099 | sep = (struct servtab *)malloc(sizeof (*sep)); | ||
4222 | 1100 | if (sep == NULL) { | ||
4223 | 1101 | syslog(LOG_ERR, "Out of memory."); | ||
4224 | 1102 | exit(1); | ||
4225 | 1103 | } | ||
4226 | 1104 | *sep = *cp; | ||
4227 | 1105 | sep->se_fd = -1; | ||
4228 | 1106 | sep->se_rpcprog = -1; | ||
4229 | 1107 | sigprocmask(SIG_BLOCK, &blockmask, &omask); | ||
4230 | 1108 | sep->se_next = servtab; | ||
4231 | 1109 | servtab = sep; | ||
4232 | 1110 | sigprocmask(SIG_SETMASK, &omask, NULL); | ||
4233 | 1111 | return (sep); | ||
4234 | 1112 | } | ||
4235 | 1113 | |||
4236 | 1114 | int | ||
4237 | 1115 | matchconf(struct servtab *old, struct servtab *new) | ||
4238 | 1116 | { | ||
4239 | 1117 | if (strcmp(old->se_service, new->se_service) != 0) | ||
4240 | 1118 | return (0); | ||
4241 | 1119 | |||
4242 | 1120 | if (strcmp(old->se_hostaddr, new->se_hostaddr) != 0) | ||
4243 | 1121 | return (0); | ||
4244 | 1122 | |||
4245 | 1123 | if (strcmp(old->se_proto, new->se_proto) != 0) | ||
4246 | 1124 | return (0); | ||
4247 | 1125 | |||
4248 | 1126 | /* | ||
4249 | 1127 | * If the new servtab is bound to a specific address, check that the | ||
4250 | 1128 | * old servtab is bound to the same entry. If the new service is not | ||
4251 | 1129 | * bound to a specific address then the check of se_hostaddr above | ||
4252 | 1130 | * is sufficient. | ||
4253 | 1131 | */ | ||
4254 | 1132 | |||
4255 | 1133 | if (old->se_family == AF_INET && new->se_family == AF_INET && | ||
4256 | 1134 | bcmp(&old->se_ctrladdr_in.sin_addr, | ||
4257 | 1135 | &new->se_ctrladdr_in.sin_addr, | ||
4258 | 1136 | sizeof(new->se_ctrladdr_in.sin_addr)) != 0) | ||
4259 | 1137 | return (0); | ||
4260 | 1138 | |||
4261 | 1139 | if (old->se_family == AF_INET6 && new->se_family == AF_INET6 && | ||
4262 | 1140 | bcmp(&old->se_ctrladdr_in6.sin6_addr, | ||
4263 | 1141 | &new->se_ctrladdr_in6.sin6_addr, | ||
4264 | 1142 | sizeof(new->se_ctrladdr_in6.sin6_addr)) != 0) | ||
4265 | 1143 | return (0); | ||
4266 | 1144 | if (old->se_family == AF_INET6 && new->se_family == AF_INET6 && | ||
4267 | 1145 | old->se_ctrladdr_in6.sin6_scope_id != | ||
4268 | 1146 | new->se_ctrladdr_in6.sin6_scope_id) | ||
4269 | 1147 | return (0); | ||
4270 | 1148 | |||
4271 | 1149 | return (1); | ||
4272 | 1150 | } | ||
4273 | 1151 | |||
4274 | 1152 | FILE *fconfig = NULL; | ||
4275 | 1153 | char line[1024]; | ||
4276 | 1154 | char *defhost; | ||
4277 | 1155 | char *skip(char **, int); | ||
4278 | 1156 | char *nextline(FILE *); | ||
4279 | 1157 | char *newstr(char *); | ||
4280 | 1158 | struct servtab *dupconfig(struct servtab *); | ||
4281 | 1159 | |||
4282 | 1160 | int | ||
4283 | 1161 | setconfig(void) | ||
4284 | 1162 | { | ||
4285 | 1163 | if (defhost) | ||
4286 | 1164 | free(defhost); | ||
4287 | 1165 | defhost = newstr("*"); | ||
4288 | 1166 | if (fconfig != NULL) { | ||
4289 | 1167 | fseek(fconfig, 0L, SEEK_SET); | ||
4290 | 1168 | return (1); | ||
4291 | 1169 | } | ||
4292 | 1170 | fconfig = fopen(CONFIG, "r"); | ||
4293 | 1171 | return (fconfig != NULL); | ||
4294 | 1172 | } | ||
4295 | 1173 | |||
4296 | 1174 | void | ||
4297 | 1175 | endconfig(void) | ||
4298 | 1176 | { | ||
4299 | 1177 | if (fconfig) { | ||
4300 | 1178 | (void) fclose(fconfig); | ||
4301 | 1179 | fconfig = NULL; | ||
4302 | 1180 | } | ||
4303 | 1181 | if (defhost) { | ||
4304 | 1182 | free(defhost); | ||
4305 | 1183 | defhost = 0; | ||
4306 | 1184 | } | ||
4307 | 1185 | } | ||
4308 | 1186 | |||
4309 | 1187 | struct servtab * | ||
4310 | 1188 | getconfigent(void) | ||
4311 | 1189 | { | ||
4312 | 1190 | struct servtab *sep, *tsep; | ||
4313 | 1191 | char *arg, *cp, *hostdelim, *s; | ||
4314 | 1192 | int argc; | ||
4315 | 1193 | |||
4316 | 1194 | sep = (struct servtab *) malloc(sizeof(struct servtab)); | ||
4317 | 1195 | if (sep == NULL) { | ||
4318 | 1196 | syslog(LOG_ERR, "malloc: %m"); | ||
4319 | 1197 | exit(1); | ||
4320 | 1198 | } | ||
4321 | 1199 | |||
4322 | 1200 | memset(sep, 0, sizeof *sep); | ||
4323 | 1201 | more: | ||
4324 | 1202 | freeconfig(sep); | ||
4325 | 1203 | |||
4326 | 1204 | while ((cp = nextline(fconfig)) && *cp == '#') | ||
4327 | 1205 | ; | ||
4328 | 1206 | if (cp == NULL) { | ||
4329 | 1207 | free(sep); | ||
4330 | 1208 | return (NULL); | ||
4331 | 1209 | } | ||
4332 | 1210 | |||
4333 | 1211 | memset(sep, 0, sizeof *sep); | ||
4334 | 1212 | arg = skip(&cp, 0); | ||
4335 | 1213 | if (arg == NULL) { | ||
4336 | 1214 | /* A blank line. */ | ||
4337 | 1215 | goto more; | ||
4338 | 1216 | } | ||
4339 | 1217 | |||
4340 | 1218 | /* Check for a host name. */ | ||
4341 | 1219 | hostdelim = strrchr(arg, ':'); | ||
4342 | 1220 | if (hostdelim) { | ||
4343 | 1221 | *hostdelim = '\0'; | ||
4344 | 1222 | if (arg[0] == '[' && hostdelim > arg && hostdelim[-1] == ']') { | ||
4345 | 1223 | hostdelim[-1] = '\0'; | ||
4346 | 1224 | sep->se_hostaddr = newstr(arg + 1); | ||
4347 | 1225 | } else if (hostdelim == arg) | ||
4348 | 1226 | sep->se_hostaddr = newstr("*"); | ||
4349 | 1227 | else | ||
4350 | 1228 | sep->se_hostaddr = newstr(arg); | ||
4351 | 1229 | arg = hostdelim + 1; | ||
4352 | 1230 | /* | ||
4353 | 1231 | * If the line is of the form `host:', then just change the | ||
4354 | 1232 | * default host for the following lines. | ||
4355 | 1233 | */ | ||
4356 | 1234 | if (*arg == '\0') { | ||
4357 | 1235 | arg = skip(&cp, 0); | ||
4358 | 1236 | if (cp == NULL) { | ||
4359 | 1237 | free(defhost); | ||
4360 | 1238 | defhost = newstr(sep->se_hostaddr); | ||
4361 | 1239 | goto more; | ||
4362 | 1240 | } | ||
4363 | 1241 | } | ||
4364 | 1242 | } else | ||
4365 | 1243 | sep->se_hostaddr = newstr(defhost); | ||
4366 | 1244 | |||
4367 | 1245 | sep->se_service = newstr(arg); | ||
4368 | 1246 | if ((arg = skip(&cp, 1)) == NULL) | ||
4369 | 1247 | goto more; | ||
4370 | 1248 | |||
4371 | 1249 | if (strcmp(arg, "stream") == 0) | ||
4372 | 1250 | sep->se_socktype = SOCK_STREAM; | ||
4373 | 1251 | else if (strcmp(arg, "dgram") == 0) | ||
4374 | 1252 | sep->se_socktype = SOCK_DGRAM; | ||
4375 | 1253 | else if (strcmp(arg, "rdm") == 0) | ||
4376 | 1254 | sep->se_socktype = SOCK_RDM; | ||
4377 | 1255 | else if (strcmp(arg, "seqpacket") == 0) | ||
4378 | 1256 | sep->se_socktype = SOCK_SEQPACKET; | ||
4379 | 1257 | else if (strcmp(arg, "raw") == 0) | ||
4380 | 1258 | sep->se_socktype = SOCK_RAW; | ||
4381 | 1259 | else | ||
4382 | 1260 | sep->se_socktype = -1; | ||
4383 | 1261 | |||
4384 | 1262 | if ((arg = skip(&cp, 1)) == NULL) | ||
4385 | 1263 | goto more; | ||
4386 | 1264 | |||
4387 | 1265 | sep->se_proto = newstr(arg); | ||
4388 | 1266 | |||
4389 | 1267 | if (strcmp(sep->se_proto, "unix") == 0) { | ||
4390 | 1268 | sep->se_family = AF_UNIX; | ||
4391 | 1269 | } else { | ||
4392 | 1270 | int s; | ||
4393 | 1271 | |||
4394 | 1272 | sep->se_family = AF_INET; | ||
4395 | 1273 | if (sep->se_proto[strlen(sep->se_proto) - 1] == '6') | ||
4396 | 1274 | sep->se_family = AF_INET6; | ||
4397 | 1275 | |||
4398 | 1276 | /* check if the family is supported */ | ||
4399 | 1277 | s = socket(sep->se_family, SOCK_DGRAM, 0); | ||
4400 | 1278 | if (s < 0) { | ||
4401 | 1279 | syslog(LOG_WARNING, "%s/%s: %s: the address family is " | ||
4402 | 1280 | "not supported by the kernel", sep->se_service, | ||
4403 | 1281 | sep->se_proto, sep->se_hostaddr); | ||
4404 | 1282 | goto more; | ||
4405 | 1283 | } | ||
4406 | 1284 | close(s); | ||
4407 | 1285 | |||
4408 | 1286 | if (strncmp(sep->se_proto, "rpc/", 4) == 0) { | ||
4409 | 1287 | char *cp, *ccp; | ||
4410 | 1288 | long l; | ||
4411 | 1289 | |||
4412 | 1290 | cp = strchr(sep->se_service, '/'); | ||
4413 | 1291 | if (cp == 0) { | ||
4414 | 1292 | syslog(LOG_ERR, "%s: no rpc version", | ||
4415 | 1293 | sep->se_service); | ||
4416 | 1294 | goto more; | ||
4417 | 1295 | } | ||
4418 | 1296 | *cp++ = '\0'; | ||
4419 | 1297 | l = strtol(cp, &ccp, 0); | ||
4420 | 1298 | if (ccp == cp || l < 0 || l > INT_MAX) { | ||
4421 | 1299 | badafterall: | ||
4422 | 1300 | syslog(LOG_ERR, "%s/%s: bad rpc version", | ||
4423 | 1301 | sep->se_service, cp); | ||
4424 | 1302 | goto more; | ||
4425 | 1303 | } | ||
4426 | 1304 | sep->se_rpcversl = sep->se_rpcversh = l; | ||
4427 | 1305 | if (*ccp == '-') { | ||
4428 | 1306 | cp = ccp + 1; | ||
4429 | 1307 | l = strtol(cp, &ccp, 0); | ||
4430 | 1308 | if (ccp == cp || l < 0 || l > INT_MAX || | ||
4431 | 1309 | l < sep->se_rpcversl || *ccp) | ||
4432 | 1310 | goto badafterall; | ||
4433 | 1311 | sep->se_rpcversh = l; | ||
4434 | 1312 | } else if (*ccp != '\0') | ||
4435 | 1313 | goto badafterall; | ||
4436 | 1314 | } | ||
4437 | 1315 | } | ||
4438 | 1316 | arg = skip(&cp, 1); | ||
4439 | 1317 | if (arg == NULL) | ||
4440 | 1318 | goto more; | ||
4441 | 1319 | |||
4442 | 1320 | s = strchr(arg, '.'); | ||
4443 | 1321 | if (s) { | ||
4444 | 1322 | char *p; | ||
4445 | 1323 | |||
4446 | 1324 | *s++ = '\0'; | ||
4447 | 1325 | sep->se_max = strtoul(s, &p, 0); | ||
4448 | 1326 | if (sep->se_max < 1 || *p) { | ||
4449 | 1327 | syslog(LOG_ERR, | ||
4450 | 1328 | "%s: illegal max field \"%s\", setting to %d", | ||
4451 | 1329 | sep->se_service, s, toomany); | ||
4452 | 1330 | sep->se_max = toomany; | ||
4453 | 1331 | } | ||
4454 | 1332 | } else | ||
4455 | 1333 | sep->se_max = toomany; | ||
4456 | 1334 | |||
4457 | 1335 | sep->se_wait = strcmp(arg, "wait") == 0; | ||
4458 | 1336 | if ((arg = skip(&cp, 1)) == NULL) | ||
4459 | 1337 | goto more; | ||
4460 | 1338 | sep->se_user = newstr(arg); | ||
4461 | 1339 | arg = strchr(sep->se_user, '.'); | ||
4462 | 1340 | if (arg == NULL) | ||
4463 | 1341 | arg = strchr(sep->se_user, ':'); | ||
4464 | 1342 | if (arg) { | ||
4465 | 1343 | *arg++ = '\0'; | ||
4466 | 1344 | sep->se_group = newstr(arg); | ||
4467 | 1345 | } | ||
4468 | 1346 | if ((arg = skip(&cp, 1)) == NULL) | ||
4469 | 1347 | goto more; | ||
4470 | 1348 | |||
4471 | 1349 | sep->se_server = newstr(arg); | ||
4472 | 1350 | if (strcmp(sep->se_server, "internal") == 0) { | ||
4473 | 1351 | struct biltin *bi; | ||
4474 | 1352 | |||
4475 | 1353 | for (bi = biltins; bi->bi_service; bi++) | ||
4476 | 1354 | if (bi->bi_socktype == sep->se_socktype && | ||
4477 | 1355 | strcmp(bi->bi_service, sep->se_service) == 0) | ||
4478 | 1356 | break; | ||
4479 | 1357 | if (bi->bi_service == 0) { | ||
4480 | 1358 | syslog(LOG_ERR, "internal service %s unknown", | ||
4481 | 1359 | sep->se_service); | ||
4482 | 1360 | goto more; | ||
4483 | 1361 | } | ||
4484 | 1362 | sep->se_bi = bi; | ||
4485 | 1363 | sep->se_wait = bi->bi_wait; | ||
4486 | 1364 | } else | ||
4487 | 1365 | sep->se_bi = NULL; | ||
4488 | 1366 | argc = 0; | ||
4489 | 1367 | for (arg = skip(&cp, 0); cp; arg = skip(&cp, 0)) { | ||
4490 | 1368 | if (argc < MAXARGV) | ||
4491 | 1369 | sep->se_argv[argc++] = newstr(arg); | ||
4492 | 1370 | } | ||
4493 | 1371 | if (argc == 0 && sep->se_bi == NULL) { | ||
4494 | 1372 | if ((arg = strrchr(sep->se_server, '/')) != NULL) | ||
4495 | 1373 | arg++; | ||
4496 | 1374 | else | ||
4497 | 1375 | arg = sep->se_server; | ||
4498 | 1376 | sep->se_argv[argc++] = newstr(arg); | ||
4499 | 1377 | } | ||
4500 | 1378 | while (argc <= MAXARGV) | ||
4501 | 1379 | sep->se_argv[argc++] = NULL; | ||
4502 | 1380 | |||
4503 | 1381 | /* | ||
4504 | 1382 | * Resolve each hostname in the se_hostaddr list (if any) | ||
4505 | 1383 | * and create a new entry for each resolved address. | ||
4506 | 1384 | */ | ||
4507 | 1385 | if (sep->se_hostaddr != NULL && strcmp(sep->se_proto, "unix") != 0) { | ||
4508 | 1386 | struct addrinfo hints, *res0, *res; | ||
4509 | 1387 | char *host, *hostlist0, *hostlist, *port; | ||
4510 | 1388 | int error; | ||
4511 | 1389 | |||
4512 | 1390 | hostlist = hostlist0 = sep->se_hostaddr; | ||
4513 | 1391 | sep->se_hostaddr = NULL; | ||
4514 | 1392 | sep->se_checked = -1; | ||
4515 | 1393 | while ((host = strsep(&hostlist, ",")) != NULL) { | ||
4516 | 1394 | if (*host == '\0') | ||
4517 | 1395 | continue; | ||
4518 | 1396 | |||
4519 | 1397 | memset(&hints, 0, sizeof(hints)); | ||
4520 | 1398 | hints.ai_family = sep->se_family; | ||
4521 | 1399 | hints.ai_socktype = sep->se_socktype; | ||
4522 | 1400 | hints.ai_flags = AI_PASSIVE; | ||
4523 | 1401 | port = "0"; | ||
4524 | 1402 | /* XXX shortened IPv4 syntax is now forbidden */ | ||
4525 | 1403 | error = getaddrinfo(strcmp(host, "*") ? host : NULL, | ||
4526 | 1404 | port, &hints, &res0); | ||
4527 | 1405 | if (error) { | ||
4528 | 1406 | syslog(LOG_ERR, "%s/%s: %s: %s", | ||
4529 | 1407 | sep->se_service, sep->se_proto, | ||
4530 | 1408 | host, gai_strerror(error)); | ||
4531 | 1409 | continue; | ||
4532 | 1410 | } | ||
4533 | 1411 | for (res = res0; res; res = res->ai_next) { | ||
4534 | 1412 | if (res->ai_addrlen > | ||
4535 | 1413 | sizeof(sep->se_ctrladdr_storage)) | ||
4536 | 1414 | continue; | ||
4537 | 1415 | /* | ||
4538 | 1416 | * If sep is unused, store host in there. | ||
4539 | 1417 | * Otherwise, dup a new entry and prepend it. | ||
4540 | 1418 | */ | ||
4541 | 1419 | if (sep->se_checked == -1) { | ||
4542 | 1420 | sep->se_checked = 0; | ||
4543 | 1421 | } else { | ||
4544 | 1422 | tsep = dupconfig(sep); | ||
4545 | 1423 | tsep->se_next = sep; | ||
4546 | 1424 | sep = tsep; | ||
4547 | 1425 | } | ||
4548 | 1426 | sep->se_hostaddr = newstr(host); | ||
4549 | 1427 | memcpy(&sep->se_ctrladdr_storage, | ||
4550 | 1428 | res->ai_addr, res->ai_addrlen); | ||
4551 | 1429 | sep->se_ctrladdr_size = res->ai_addrlen; | ||
4552 | 1430 | } | ||
4553 | 1431 | freeaddrinfo(res0); | ||
4554 | 1432 | } | ||
4555 | 1433 | free(hostlist0); | ||
4556 | 1434 | if (sep->se_checked == -1) | ||
4557 | 1435 | goto more; /* no resolvable names/addresses */ | ||
4558 | 1436 | } | ||
4559 | 1437 | |||
4560 | 1438 | return (sep); | ||
4561 | 1439 | } | ||
4562 | 1440 | |||
4563 | 1441 | void | ||
4564 | 1442 | freeconfig(struct servtab *cp) | ||
4565 | 1443 | { | ||
4566 | 1444 | int i; | ||
4567 | 1445 | |||
4568 | 1446 | free(cp->se_hostaddr); | ||
4569 | 1447 | cp->se_hostaddr = NULL; | ||
4570 | 1448 | free(cp->se_service); | ||
4571 | 1449 | cp->se_service = NULL; | ||
4572 | 1450 | free(cp->se_proto); | ||
4573 | 1451 | cp->se_proto = NULL; | ||
4574 | 1452 | free(cp->se_user); | ||
4575 | 1453 | cp->se_user = NULL; | ||
4576 | 1454 | free(cp->se_group); | ||
4577 | 1455 | cp->se_group = NULL; | ||
4578 | 1456 | free(cp->se_server); | ||
4579 | 1457 | cp->se_server = NULL; | ||
4580 | 1458 | for (i = 0; i < MAXARGV; i++) { | ||
4581 | 1459 | free(cp->se_argv[i]); | ||
4582 | 1460 | cp->se_argv[i] = NULL; | ||
4583 | 1461 | } | ||
4584 | 1462 | } | ||
4585 | 1463 | |||
4586 | 1464 | char * | ||
4587 | 1465 | skip(char **cpp, int report) | ||
4588 | 1466 | { | ||
4589 | 1467 | char *cp = *cpp; | ||
4590 | 1468 | char *start; | ||
4591 | 1469 | |||
4592 | 1470 | erp: | ||
4593 | 1471 | if (*cpp == NULL) { | ||
4594 | 1472 | if (report) | ||
4595 | 1473 | syslog(LOG_ERR, "syntax error in inetd config file"); | ||
4596 | 1474 | return (NULL); | ||
4597 | 1475 | } | ||
4598 | 1476 | |||
4599 | 1477 | again: | ||
4600 | 1478 | while (*cp == ' ' || *cp == '\t') | ||
4601 | 1479 | cp++; | ||
4602 | 1480 | if (*cp == '\0') { | ||
4603 | 1481 | int c; | ||
4604 | 1482 | |||
4605 | 1483 | c = getc(fconfig); | ||
4606 | 1484 | (void) ungetc(c, fconfig); | ||
4607 | 1485 | if (c == ' ' || c == '\t') | ||
4608 | 1486 | if ((cp = nextline(fconfig))) | ||
4609 | 1487 | goto again; | ||
4610 | 1488 | *cpp = NULL; | ||
4611 | 1489 | goto erp; | ||
4612 | 1490 | } | ||
4613 | 1491 | start = cp; | ||
4614 | 1492 | while (*cp && *cp != ' ' && *cp != '\t') | ||
4615 | 1493 | cp++; | ||
4616 | 1494 | if (*cp != '\0') | ||
4617 | 1495 | *cp++ = '\0'; | ||
4618 | 1496 | if ((*cpp = cp) == NULL) | ||
4619 | 1497 | goto erp; | ||
4620 | 1498 | |||
4621 | 1499 | return (start); | ||
4622 | 1500 | } | ||
4623 | 1501 | |||
4624 | 1502 | char * | ||
4625 | 1503 | nextline(FILE *fd) | ||
4626 | 1504 | { | ||
4627 | 1505 | if (fgets(line, sizeof (line), fd) == NULL) | ||
4628 | 1506 | return (NULL); | ||
4629 | 1507 | line[strcspn(line, "\n")] = '\0'; | ||
4630 | 1508 | return (line); | ||
4631 | 1509 | } | ||
4632 | 1510 | |||
4633 | 1511 | char * | ||
4634 | 1512 | newstr(char *cp) | ||
4635 | 1513 | { | ||
4636 | 1514 | if ((cp = strdup(cp ? cp : ""))) | ||
4637 | 1515 | return(cp); | ||
4638 | 1516 | syslog(LOG_ERR, "strdup: %m"); | ||
4639 | 1517 | exit(1); | ||
4640 | 1518 | } | ||
4641 | 1519 | |||
4642 | 1520 | struct servtab * | ||
4643 | 1521 | dupconfig(struct servtab *sep) | ||
4644 | 1522 | { | ||
4645 | 1523 | struct servtab *newtab; | ||
4646 | 1524 | int argc; | ||
4647 | 1525 | |||
4648 | 1526 | newtab = (struct servtab *) malloc(sizeof(struct servtab)); | ||
4649 | 1527 | |||
4650 | 1528 | if (newtab == NULL) { | ||
4651 | 1529 | syslog(LOG_ERR, "malloc: %m"); | ||
4652 | 1530 | exit(1); | ||
4653 | 1531 | } | ||
4654 | 1532 | |||
4655 | 1533 | memset(newtab, 0, sizeof(struct servtab)); | ||
4656 | 1534 | |||
4657 | 1535 | newtab->se_service = sep->se_service ? newstr(sep->se_service) : NULL; | ||
4658 | 1536 | newtab->se_socktype = sep->se_socktype; | ||
4659 | 1537 | newtab->se_family = sep->se_family; | ||
4660 | 1538 | newtab->se_proto = sep->se_proto ? newstr(sep->se_proto) : NULL; | ||
4661 | 1539 | newtab->se_rpcprog = sep->se_rpcprog; | ||
4662 | 1540 | newtab->se_rpcversl = sep->se_rpcversl; | ||
4663 | 1541 | newtab->se_rpcversh = sep->se_rpcversh; | ||
4664 | 1542 | newtab->se_wait = sep->se_wait; | ||
4665 | 1543 | newtab->se_user = sep->se_user ? newstr(sep->se_user) : NULL; | ||
4666 | 1544 | newtab->se_group = sep->se_group ? newstr(sep->se_group) : NULL; | ||
4667 | 1545 | newtab->se_bi = sep->se_bi; | ||
4668 | 1546 | newtab->se_server = sep->se_server ? newstr(sep->se_server) : 0; | ||
4669 | 1547 | |||
4670 | 1548 | for (argc = 0; argc <= MAXARGV; argc++) | ||
4671 | 1549 | newtab->se_argv[argc] = sep->se_argv[argc] ? | ||
4672 | 1550 | newstr(sep->se_argv[argc]) : NULL; | ||
4673 | 1551 | newtab->se_max = sep->se_max; | ||
4674 | 1552 | |||
4675 | 1553 | return (newtab); | ||
4676 | 1554 | } | ||
4677 | 1555 | |||
4678 | 1556 | void | ||
4679 | 1557 | inetd_setproctitle(char *a, int s) | ||
4680 | 1558 | { | ||
4681 | 1559 | socklen_t size; | ||
4682 | 1560 | struct sockaddr_storage ss; | ||
4683 | 1561 | char hbuf[NI_MAXHOST]; | ||
4684 | 1562 | |||
4685 | 1563 | size = sizeof(ss); | ||
4686 | 1564 | if (getpeername(s, (struct sockaddr *)&ss, &size) == 0) { | ||
4687 | 1565 | if (getnameinfo((struct sockaddr *)&ss, size, hbuf, | ||
4688 | 1566 | sizeof(hbuf), NULL, 0, NI_NUMERICHOST) == 0) | ||
4689 | 1567 | setproctitle("-%s [%s]", a, hbuf); | ||
4690 | 1568 | else | ||
4691 | 1569 | setproctitle("-%s [?]", a); | ||
4692 | 1570 | } else | ||
4693 | 1571 | setproctitle("-%s", a); | ||
4694 | 1572 | } | ||
4695 | 1573 | |||
4696 | 1574 | void | ||
4697 | 1575 | logpid(void) | ||
4698 | 1576 | { | ||
4699 | 1577 | FILE *fp; | ||
4700 | 1578 | |||
4701 | 1579 | if ((fp = fopen(_PATH_INETDPID, "w")) != NULL) { | ||
4702 | 1580 | fprintf(fp, "%ld\n", (long)getpid()); | ||
4703 | 1581 | (void)fclose(fp); | ||
4704 | 1582 | } | ||
4705 | 1583 | } | ||
4706 | 1584 | |||
4707 | 1585 | int | ||
4708 | 1586 | bump_nofile(void) | ||
4709 | 1587 | { | ||
4710 | 1588 | #define FD_CHUNK 32 | ||
4711 | 1589 | |||
4712 | 1590 | struct rlimit rl; | ||
4713 | 1591 | |||
4714 | 1592 | if (getrlimit(RLIMIT_NOFILE, &rl) < 0) { | ||
4715 | 1593 | syslog(LOG_ERR, "getrlimit: %m"); | ||
4716 | 1594 | return -1; | ||
4717 | 1595 | } | ||
4718 | 1596 | rl.rlim_cur = MIN(rl.rlim_max, rl.rlim_cur + FD_CHUNK); | ||
4719 | 1597 | rl.rlim_cur = MIN(FD_SETSIZE, rl.rlim_cur + FD_CHUNK); | ||
4720 | 1598 | if (rl.rlim_cur <= rlim_nofile_cur) { | ||
4721 | 1599 | syslog(LOG_ERR, | ||
4722 | 1600 | "bump_nofile: cannot extend file limit, max = %d", | ||
4723 | 1601 | (int)rl.rlim_cur); | ||
4724 | 1602 | return -1; | ||
4725 | 1603 | } | ||
4726 | 1604 | |||
4727 | 1605 | if (setrlimit(RLIMIT_NOFILE, &rl) < 0) { | ||
4728 | 1606 | syslog(LOG_ERR, "setrlimit: %m"); | ||
4729 | 1607 | return -1; | ||
4730 | 1608 | } | ||
4731 | 1609 | |||
4732 | 1610 | rlim_nofile_cur = rl.rlim_cur; | ||
4733 | 1611 | return 0; | ||
4734 | 1612 | } | ||
4735 | 1613 | |||
4736 | 1614 | /* | ||
4737 | 1615 | * Internet services provided internally by inetd: | ||
4738 | 1616 | */ | ||
4739 | 1617 | #define BUFSIZE 4096 | ||
4740 | 1618 | |||
4741 | 1619 | /* ARGSUSED */ | ||
4742 | 1620 | void | ||
4743 | 1621 | echo_stream(int s, struct servtab *sep) | ||
4744 | 1622 | { | ||
4745 | 1623 | char buffer[BUFSIZE]; | ||
4746 | 1624 | int i; | ||
4747 | 1625 | |||
4748 | 1626 | inetd_setproctitle(sep->se_service, s); | ||
4749 | 1627 | while ((i = read(s, buffer, sizeof(buffer))) > 0 && | ||
4750 | 1628 | write(s, buffer, i) > 0) | ||
4751 | 1629 | ; | ||
4752 | 1630 | exit(0); | ||
4753 | 1631 | } | ||
4754 | 1632 | |||
4755 | 1633 | /* ARGSUSED */ | ||
4756 | 1634 | void | ||
4757 | 1635 | echo_dg(int s, struct servtab *sep) | ||
4758 | 1636 | { | ||
4759 | 1637 | char buffer[BUFSIZE]; | ||
4760 | 1638 | int i; | ||
4761 | 1639 | socklen_t size; | ||
4762 | 1640 | struct sockaddr_storage ss; | ||
4763 | 1641 | |||
4764 | 1642 | size = sizeof(ss); | ||
4765 | 1643 | if ((i = recvfrom(s, buffer, sizeof(buffer), 0, | ||
4766 | 1644 | (struct sockaddr *)&ss, &size)) < 0) | ||
4767 | 1645 | return; | ||
4768 | 1646 | if (dg_badinput((struct sockaddr *)&ss)) | ||
4769 | 1647 | return; | ||
4770 | 1648 | (void) sendto(s, buffer, i, 0, (struct sockaddr *)&ss, size); | ||
4771 | 1649 | } | ||
4772 | 1650 | |||
4773 | 1651 | /* ARGSUSED */ | ||
4774 | 1652 | void | ||
4775 | 1653 | discard_stream(int s, struct servtab *sep) | ||
4776 | 1654 | { | ||
4777 | 1655 | char buffer[BUFSIZE]; | ||
4778 | 1656 | |||
4779 | 1657 | inetd_setproctitle(sep->se_service, s); | ||
4780 | 1658 | while ((errno = 0, read(s, buffer, sizeof(buffer)) > 0) || | ||
4781 | 1659 | errno == EINTR) | ||
4782 | 1660 | ; | ||
4783 | 1661 | exit(0); | ||
4784 | 1662 | } | ||
4785 | 1663 | |||
4786 | 1664 | /* ARGSUSED */ | ||
4787 | 1665 | void | ||
4788 | 1666 | discard_dg(int s, struct servtab *sep) | ||
4789 | 1667 | { | ||
4790 | 1668 | char buffer[BUFSIZE]; | ||
4791 | 1669 | |||
4792 | 1670 | (void) read(s, buffer, sizeof(buffer)); | ||
4793 | 1671 | } | ||
4794 | 1672 | |||
4795 | 1673 | #include <ctype.h> | ||
4796 | 1674 | #define LINESIZ 72 | ||
4797 | 1675 | char ring[128]; | ||
4798 | 1676 | char *endring; | ||
4799 | 1677 | |||
4800 | 1678 | void | ||
4801 | 1679 | initring(void) | ||
4802 | 1680 | { | ||
4803 | 1681 | int i; | ||
4804 | 1682 | |||
4805 | 1683 | endring = ring; | ||
4806 | 1684 | |||
4807 | 1685 | for (i = 0; i <= sizeof ring; ++i) | ||
4808 | 1686 | if (isprint(i)) | ||
4809 | 1687 | *endring++ = i; | ||
4810 | 1688 | } | ||
4811 | 1689 | |||
4812 | 1690 | /* ARGSUSED */ | ||
4813 | 1691 | void | ||
4814 | 1692 | chargen_stream(int s, struct servtab *sep) | ||
4815 | 1693 | { | ||
4816 | 1694 | char *rs; | ||
4817 | 1695 | int len; | ||
4818 | 1696 | char text[LINESIZ+2]; | ||
4819 | 1697 | |||
4820 | 1698 | inetd_setproctitle(sep->se_service, s); | ||
4821 | 1699 | |||
4822 | 1700 | if (!endring) { | ||
4823 | 1701 | initring(); | ||
4824 | 1702 | rs = ring; | ||
4825 | 1703 | } | ||
4826 | 1704 | |||
4827 | 1705 | text[LINESIZ] = '\r'; | ||
4828 | 1706 | text[LINESIZ + 1] = '\n'; | ||
4829 | 1707 | for (rs = ring;;) { | ||
4830 | 1708 | if ((len = endring - rs) >= LINESIZ) | ||
4831 | 1709 | memmove(text, rs, LINESIZ); | ||
4832 | 1710 | else { | ||
4833 | 1711 | memmove(text, rs, len); | ||
4834 | 1712 | memmove(text + len, ring, LINESIZ - len); | ||
4835 | 1713 | } | ||
4836 | 1714 | if (++rs == endring) | ||
4837 | 1715 | rs = ring; | ||
4838 | 1716 | if (write(s, text, sizeof(text)) != sizeof(text)) | ||
4839 | 1717 | break; | ||
4840 | 1718 | } | ||
4841 | 1719 | exit(0); | ||
4842 | 1720 | } | ||
4843 | 1721 | |||
4844 | 1722 | /* ARGSUSED */ | ||
4845 | 1723 | void | ||
4846 | 1724 | chargen_dg(int s, struct servtab *sep) | ||
4847 | 1725 | { | ||
4848 | 1726 | struct sockaddr_storage ss; | ||
4849 | 1727 | static char *rs; | ||
4850 | 1728 | int len; | ||
4851 | 1729 | socklen_t size; | ||
4852 | 1730 | char text[LINESIZ+2]; | ||
4853 | 1731 | |||
4854 | 1732 | if (endring == 0) { | ||
4855 | 1733 | initring(); | ||
4856 | 1734 | rs = ring; | ||
4857 | 1735 | } | ||
4858 | 1736 | |||
4859 | 1737 | size = sizeof(ss); | ||
4860 | 1738 | if (recvfrom(s, text, sizeof(text), 0, (struct sockaddr *)&ss, | ||
4861 | 1739 | &size) < 0) | ||
4862 | 1740 | return; | ||
4863 | 1741 | if (dg_badinput((struct sockaddr *)&ss)) | ||
4864 | 1742 | return; | ||
4865 | 1743 | |||
4866 | 1744 | if ((len = endring - rs) >= LINESIZ) | ||
4867 | 1745 | memmove(text, rs, LINESIZ); | ||
4868 | 1746 | else { | ||
4869 | 1747 | memmove(text, rs, len); | ||
4870 | 1748 | memmove(text + len, ring, LINESIZ - len); | ||
4871 | 1749 | } | ||
4872 | 1750 | if (++rs == endring) | ||
4873 | 1751 | rs = ring; | ||
4874 | 1752 | text[LINESIZ] = '\r'; | ||
4875 | 1753 | text[LINESIZ + 1] = '\n'; | ||
4876 | 1754 | (void) sendto(s, text, sizeof(text), 0, (struct sockaddr *)&ss, size); | ||
4877 | 1755 | } | ||
4878 | 1756 | |||
4879 | 1757 | /* | ||
4880 | 1758 | * Return a machine readable date and time, in the form of the | ||
4881 | 1759 | * number of seconds since midnight, Jan 1, 1900. Since gettimeofday | ||
4882 | 1760 | * returns the number of seconds since midnight, Jan 1, 1970, | ||
4883 | 1761 | * we must add 2208988800 seconds to this figure to make up for | ||
4884 | 1762 | * some seventy years Bell Labs was asleep. | ||
4885 | 1763 | */ | ||
4886 | 1764 | u_int32_t | ||
4887 | 1765 | machtime(void) | ||
4888 | 1766 | { | ||
4889 | 1767 | struct timeval tv; | ||
4890 | 1768 | |||
4891 | 1769 | if (gettimeofday(&tv, NULL) < 0) | ||
4892 | 1770 | return (0L); | ||
4893 | 1771 | |||
4894 | 1772 | return (htonl((u_int32_t)tv.tv_sec + 2208988800UL)); | ||
4895 | 1773 | } | ||
4896 | 1774 | |||
4897 | 1775 | /* ARGSUSED */ | ||
4898 | 1776 | void | ||
4899 | 1777 | machtime_stream(s, sep) | ||
4900 | 1778 | int s; | ||
4901 | 1779 | struct servtab *sep; | ||
4902 | 1780 | { | ||
4903 | 1781 | u_int32_t result; | ||
4904 | 1782 | |||
4905 | 1783 | result = machtime(); | ||
4906 | 1784 | (void) write(s, &result, sizeof(result)); | ||
4907 | 1785 | } | ||
4908 | 1786 | |||
4909 | 1787 | /* ARGSUSED */ | ||
4910 | 1788 | void | ||
4911 | 1789 | machtime_dg(int s, struct servtab *sep) | ||
4912 | 1790 | { | ||
4913 | 1791 | u_int32_t result; | ||
4914 | 1792 | struct sockaddr_storage ss; | ||
4915 | 1793 | socklen_t size; | ||
4916 | 1794 | |||
4917 | 1795 | size = sizeof(ss); | ||
4918 | 1796 | if (recvfrom(s, &result, sizeof(result), 0, | ||
4919 | 1797 | (struct sockaddr *)&ss, &size) < 0) | ||
4920 | 1798 | return; | ||
4921 | 1799 | if (dg_badinput((struct sockaddr *)&ss)) | ||
4922 | 1800 | return; | ||
4923 | 1801 | result = machtime(); | ||
4924 | 1802 | (void) sendto(s, &result, sizeof(result), 0, | ||
4925 | 1803 | (struct sockaddr *)&ss, size); | ||
4926 | 1804 | } | ||
4927 | 1805 | |||
4928 | 1806 | /* Return human-readable time of day */ | ||
4929 | 1807 | /* ARGSUSED */ | ||
4930 | 1808 | void | ||
4931 | 1809 | daytime_stream(int s, struct servtab *sep) | ||
4932 | 1810 | { | ||
4933 | 1811 | char buffer[256]; | ||
4934 | 1812 | time_t clock; | ||
4935 | 1813 | |||
4936 | 1814 | clock = time(NULL); | ||
4937 | 1815 | |||
4938 | 1816 | (void) snprintf(buffer, sizeof buffer, "%.24s\r\n", ctime(&clock)); | ||
4939 | 1817 | (void) write(s, buffer, strlen(buffer)); | ||
4940 | 1818 | } | ||
4941 | 1819 | |||
4942 | 1820 | /* Return human-readable time of day */ | ||
4943 | 1821 | /* ARGSUSED */ | ||
4944 | 1822 | void | ||
4945 | 1823 | daytime_dg(int s, struct servtab *sep) | ||
4946 | 1824 | { | ||
4947 | 1825 | char buffer[256]; | ||
4948 | 1826 | time_t clock; | ||
4949 | 1827 | struct sockaddr_storage ss; | ||
4950 | 1828 | socklen_t size; | ||
4951 | 1829 | |||
4952 | 1830 | clock = time(NULL); | ||
4953 | 1831 | |||
4954 | 1832 | size = sizeof(ss); | ||
4955 | 1833 | if (recvfrom(s, buffer, sizeof(buffer), 0, (struct sockaddr *)&ss, | ||
4956 | 1834 | &size) < 0) | ||
4957 | 1835 | return; | ||
4958 | 1836 | if (dg_badinput((struct sockaddr *)&ss)) | ||
4959 | 1837 | return; | ||
4960 | 1838 | (void) snprintf(buffer, sizeof buffer, "%.24s\r\n", ctime(&clock)); | ||
4961 | 1839 | (void) sendto(s, buffer, strlen(buffer), 0, (struct sockaddr *)&ss, | ||
4962 | 1840 | size); | ||
4963 | 1841 | } | ||
4964 | 1842 | |||
4965 | 1843 | /* | ||
4966 | 1844 | * print_service: | ||
4967 | 1845 | * Dump relevant information to stderr | ||
4968 | 1846 | */ | ||
4969 | 1847 | void | ||
4970 | 1848 | print_service(char *action, struct servtab *sep) | ||
4971 | 1849 | { | ||
4972 | 1850 | if (strcmp(sep->se_hostaddr, "*") == 0) | ||
4973 | 1851 | fprintf(stderr, "%s: %s ", action, sep->se_service); | ||
4974 | 1852 | else | ||
4975 | 1853 | fprintf(stderr, "%s: %s:%s ", action, sep->se_hostaddr, | ||
4976 | 1854 | sep->se_service); | ||
4977 | 1855 | |||
4978 | 1856 | if (isrpcservice(sep)) | ||
4979 | 1857 | fprintf(stderr, "rpcprog=%d, rpcvers=%d/%d, proto=%s,", | ||
4980 | 1858 | sep->se_rpcprog, sep->se_rpcversh, | ||
4981 | 1859 | sep->se_rpcversl, sep->se_proto); | ||
4982 | 1860 | else | ||
4983 | 1861 | fprintf(stderr, "proto=%s,", sep->se_proto); | ||
4984 | 1862 | |||
4985 | 1863 | fprintf(stderr, | ||
4986 | 1864 | " wait.max=%hd.%d user:group=%s:%s builtin=%lx server=%s\n", | ||
4987 | 1865 | sep->se_wait, sep->se_max, sep->se_user, | ||
4988 | 1866 | sep->se_group ? sep->se_group : "(default)", | ||
4989 | 1867 | (long)sep->se_bi, sep->se_server); | ||
4990 | 1868 | } | ||
4991 | 1869 | |||
4992 | 1870 | void | ||
4993 | 1871 | spawn(struct servtab *sep, int ctrl) | ||
4994 | 1872 | { | ||
4995 | 1873 | struct passwd *pwd; | ||
4996 | 1874 | int tmpint, dofork; | ||
4997 | 1875 | struct group *grp = NULL; | ||
4998 | 1876 | char buf[50]; | ||
4999 | 1877 | pid_t pid; | ||
5000 | 1878 |
The diff has been truncated for viewing.