Files: 26b4bcd089f6c3a3c43d1380969c939e600b3ef2 / common.c
19878 bytesRaw
1 | /* Code and variables that is common to both fork and select-based |
2 | * servers. |
3 | * |
4 | * No code here should assume whether sockets are blocking or not. |
5 | **/ |
6 | |
7 | |
8 | |
9 | |
10 | |
11 | |
12 | |
13 | |
14 | |
15 | |
16 | |
17 | |
18 | |
19 | |
20 | |
21 | |
22 | |
23 | |
24 | |
25 | |
26 | |
27 | |
28 | /* Added to make the code compilable under CYGWIN |
29 | * */ |
30 | |
31 | |
32 | |
33 | |
34 | int is_ssh_protocol(const char *p, int len); |
35 | int is_openvpn_protocol(const char *p, int len); |
36 | int is_tinc_protocol(const char *p, int len); |
37 | int is_xmpp_protocol(const char *p, int len); |
38 | int is_http_protocol(const char *p, int len); |
39 | int is_true(const char *p, int len) { return 1; } |
40 | |
41 | /* Table of all the protocols we know how to connect to. |
42 | * |
43 | * The first protocol in the table is where we connect in case of timeout |
44 | * (client didn't speak: typically this is SSH.) |
45 | * |
46 | * The last protocol in the table is where we connect if client spoke but we |
47 | * couldn't probe what it's saying. |
48 | */ |
49 | struct proto protocols[] = { |
50 | /* affected description service saddr probe */ |
51 | { 0, "ssh", "sshd", {0}, is_ssh_protocol }, |
52 | { 0, "openvpn", NULL, {0}, is_openvpn_protocol }, |
53 | { 0, "tinc", NULL, {0}, is_tinc_protocol }, |
54 | { 0, "xmpp", NULL, {0}, is_xmpp_protocol }, |
55 | { 0, "http", NULL, {0}, is_http_protocol }, |
56 | /* probe for SSL always successes: it's the default, and must be tried last |
57 | **/ |
58 | { 0, "ssl", NULL, {0}, is_true } |
59 | }; |
60 | int num_known_protocols = ARRAY_SIZE(protocols); |
61 | |
62 | /* |
63 | * Settings that depend on the command line. They're set in main(), but also |
64 | * used in other places in common.c, and it'd be heavy-handed to pass it all as |
65 | * parameters |
66 | */ |
67 | int verbose = 0; |
68 | int probing_timeout = 2; |
69 | int inetd = 0; |
70 | int foreground = 0; |
71 | int numeric = 0; |
72 | char *user_name, *pid_file; |
73 | |
74 | struct addrinfo *addr_listen = NULL; /* what addresses do we listen to? */ |
75 | |
76 | |
77 | |
78 | int allow_severity =0, deny_severity = 0; |
79 | |
80 | |
81 | |
82 | /* check result and die, printing the offending address and error */ |
83 | void check_res_dumpdie(int res, struct addrinfo *addr, char* syscall) |
84 | { |
85 | char buf[NI_MAXHOST]; |
86 | |
87 | if (res == -1) { |
88 | fprintf(stderr, "%s:%s: %s\n", |
89 | sprintaddr(buf, sizeof(buf), addr), |
90 | syscall, |
91 | strerror(errno)); |
92 | exit(1); |
93 | } |
94 | } |
95 | |
96 | /* Starts listening sockets on specified addresses. |
97 | * IN: addr[], num_addr |
98 | * OUT: *sockfd[] pointer to newly-allocated array of file descriptors |
99 | * Returns number of addresses bound |
100 | * Bound file descriptors are returned in newly-allocated *sockfd pointer |
101 | */ |
102 | int start_listen_sockets(int *sockfd[], struct addrinfo *addr_list) |
103 | { |
104 | struct sockaddr_storage *saddr; |
105 | struct addrinfo *addr; |
106 | int i, res, reuse; |
107 | int num_addr = 0; |
108 | |
109 | for (addr = addr_list; addr; addr = addr->ai_next) |
110 | num_addr++; |
111 | |
112 | if (verbose) |
113 | fprintf(stderr, "listening to %d addresses\n", num_addr); |
114 | |
115 | *sockfd = malloc(num_addr * sizeof(*sockfd[0])); |
116 | |
117 | for (i = 0, addr = addr_list; i < num_addr && addr; i++, addr = addr->ai_next) { |
118 | if (!addr) { |
119 | fprintf(stderr, "FATAL: Inconsistent listen number. This should not happen.\n"); |
120 | exit(1); |
121 | } |
122 | saddr = (struct sockaddr_storage*)addr->ai_addr; |
123 | |
124 | (*sockfd)[i] = socket(saddr->ss_family, SOCK_STREAM, 0); |
125 | check_res_dumpdie((*sockfd)[i], addr, "socket"); |
126 | |
127 | reuse = 1; |
128 | res = setsockopt((*sockfd)[i], SOL_SOCKET, SO_REUSEADDR, (char*)&reuse, sizeof(reuse)); |
129 | check_res_dumpdie(res, addr, "setsockopt"); |
130 | |
131 | res = bind((*sockfd)[i], addr->ai_addr, addr->ai_addrlen); |
132 | check_res_dumpdie(res, addr, "bind"); |
133 | |
134 | res = listen ((*sockfd)[i], 50); |
135 | check_res_dumpdie(res, addr, "listen"); |
136 | |
137 | } |
138 | |
139 | return num_addr; |
140 | } |
141 | |
142 | /* Connect to first address that works and returns a file descriptor, or -1 if |
143 | * none work. cnx_name points to the name of the service (for logging) */ |
144 | int connect_addr(struct addrinfo *addr, char* cnx_name) |
145 | { |
146 | struct addrinfo *a; |
147 | char buf[NI_MAXHOST]; |
148 | int fd, res; |
149 | |
150 | for (a = addr; a; a = a->ai_next) { |
151 | if (verbose) |
152 | fprintf(stderr, "connecting to %s family %d len %d\n", |
153 | sprintaddr(buf, sizeof(buf), a), |
154 | a->ai_addr->sa_family, a->ai_addrlen); |
155 | fd = socket(a->ai_family, SOCK_STREAM, 0); |
156 | if (fd == -1) { |
157 | log_message(LOG_ERR, "forward to %s failed:socket: %s\n", cnx_name, strerror(errno)); |
158 | } else { |
159 | res = connect(fd, a->ai_addr, a->ai_addrlen); |
160 | if (res == -1) { |
161 | log_message(LOG_ERR, "forward to %s failed:connect: %s\n", |
162 | cnx_name, strerror(errno)); |
163 | } else { |
164 | return fd; |
165 | } |
166 | } |
167 | } |
168 | return -1; |
169 | } |
170 | |
171 | /* Store some data to write to the queue later */ |
172 | int defer_write(struct queue *q, void* data, int data_size) |
173 | { |
174 | if (verbose) |
175 | fprintf(stderr, "**** writing defered on fd %d\n", q->fd); |
176 | q->defered_data = malloc(data_size); |
177 | q->begin_defered_data = q->defered_data; |
178 | q->defered_data_size = data_size; |
179 | memcpy(q->defered_data, data, data_size); |
180 | |
181 | return 0; |
182 | } |
183 | |
184 | /* tries to flush some of the data for specified queue |
185 | * Upon success, the number of bytes written is returned. |
186 | * Upon failure, -1 returned (e.g. connexion closed) |
187 | * */ |
188 | int flush_defered(struct queue *q) |
189 | { |
190 | int n; |
191 | |
192 | if (verbose) |
193 | fprintf(stderr, "flushing defered data to fd %d\n", q->fd); |
194 | |
195 | n = write(q->fd, q->defered_data, q->defered_data_size); |
196 | if (n == -1) |
197 | return n; |
198 | |
199 | if (n == q->defered_data_size) { |
200 | /* All has been written -- release the memory */ |
201 | free(q->begin_defered_data); |
202 | q->begin_defered_data = NULL; |
203 | q->defered_data = NULL; |
204 | q->defered_data_size = 0; |
205 | } else { |
206 | /* There is data left */ |
207 | q->defered_data += n; |
208 | q->defered_data_size -= n; |
209 | } |
210 | |
211 | |
212 | return n; |
213 | } |
214 | |
215 | |
216 | void init_cnx(struct connection *cnx) |
217 | { |
218 | memset(cnx, 0, sizeof(*cnx)); |
219 | cnx->q[0].fd = -1; |
220 | cnx->q[1].fd = -1; |
221 | } |
222 | |
223 | void dump_connection(struct connection *cnx) |
224 | { |
225 | printf("state: %d\n", cnx->state); |
226 | printf("fd %d, %d defered\n", cnx->q[0].fd, cnx->q[0].defered_data_size); |
227 | printf("fd %d, %d defered\n", cnx->q[1].fd, cnx->q[1].defered_data_size); |
228 | } |
229 | |
230 | |
231 | /* |
232 | * moves data from one fd to other |
233 | * |
234 | * retuns number of bytes copied if success |
235 | * returns 0 (FD_CNXCLOSED) if incoming socket closed |
236 | * returns FD_NODATA if no data was available |
237 | * returns FD_STALLED if data was read, could not be written, and has been |
238 | * stored in temporary buffer. |
239 | * |
240 | * slot for debug only and may go away at some point |
241 | */ |
242 | int fd2fd(struct queue *target_q, struct queue *from_q) |
243 | { |
244 | char buffer[BUFSIZ]; |
245 | int target, from, size_r, size_w; |
246 | |
247 | target = target_q->fd; |
248 | from = from_q->fd; |
249 | |
250 | size_r = read(from, buffer, sizeof(buffer)); |
251 | if (size_r == -1) { |
252 | switch (errno) { |
253 | case EAGAIN: |
254 | if (verbose) |
255 | fprintf(stderr, "reading 0 from %d\n", from); |
256 | return FD_NODATA; |
257 | |
258 | case ECONNRESET: |
259 | case EPIPE: |
260 | return FD_CNXCLOSED; |
261 | } |
262 | } |
263 | |
264 | CHECK_RES_RETURN(size_r, "read"); |
265 | |
266 | if (size_r == 0) |
267 | return FD_CNXCLOSED; |
268 | |
269 | size_w = write(target, buffer, size_r); |
270 | /* process -1 when we know how to deal with it */ |
271 | if ((size_w == -1)) { |
272 | switch (errno) { |
273 | case EAGAIN: |
274 | /* write blocked: Defer data */ |
275 | defer_write(target_q, buffer, size_r); |
276 | return FD_STALLED; |
277 | |
278 | case ECONNRESET: |
279 | case EPIPE: |
280 | /* remove end closed -- drop the connection */ |
281 | return FD_CNXCLOSED; |
282 | } |
283 | } else if (size_w < size_r) { |
284 | /* incomplete write -- defer the rest of the data */ |
285 | defer_write(target_q, buffer + size_w, size_r - size_w); |
286 | return FD_STALLED; |
287 | } |
288 | |
289 | CHECK_RES_RETURN(size_w, "write"); |
290 | |
291 | return size_w; |
292 | } |
293 | |
294 | /* If the client wrote something first, read it and check if it's a SSH banner. |
295 | * Data is left in appropriate defered write buffer. |
296 | */ |
297 | int is_ssh_protocol(const char *p, int len) |
298 | { |
299 | if (!strncmp(p, "SSH-", 4)) { |
300 | return 1; |
301 | } |
302 | return 0; |
303 | } |
304 | |
305 | /* Is the buffer the beginning of an OpenVPN connection? |
306 | * (code lifted from OpenVPN port-share option) |
307 | */ |
308 | int is_openvpn_protocol (const char*p,int len) |
309 | { |
310 | |
311 | |
312 | if (len >= 3) |
313 | { |
314 | return p[0] == 0 |
315 | && p[1] >= 14 |
316 | && p[2] == (P_CONTROL_HARD_RESET_CLIENT_V2<<P_OPCODE_SHIFT); |
317 | } |
318 | else if (len >= 2) |
319 | { |
320 | return p[0] == 0 && p[1] >= 14; |
321 | } |
322 | else |
323 | return 0; |
324 | } |
325 | |
326 | /* Is the buffer the beginning of a tinc connections? |
327 | * (protocol is undocumented, but starts with "0 " in 1.0.15) |
328 | * */ |
329 | int is_tinc_protocol( const char *p, int len) |
330 | { |
331 | return !strncmp(p, "0 ", 2); |
332 | } |
333 | |
334 | /* Is the buffer the beginning of a jabber (XMPP) connections? |
335 | * (Protocol is documented (http://tools.ietf.org/html/rfc6120) but for lazy |
336 | * clients, just checking first frame containing "jabber" in xml entity) |
337 | * */ |
338 | int is_xmpp_protocol( const char *p, int len) |
339 | { |
340 | return strstr(p, "jabber") ? 1 : 0; |
341 | } |
342 | |
343 | int probe_http_method(const char *p, const char *opt) |
344 | { |
345 | return !strncmp(p, opt, strlen(opt)-1); |
346 | } |
347 | |
348 | /* Is the buffer the beginnin of an HTTP connection? */ |
349 | int is_http_protocol(const char *p, int len) |
350 | { |
351 | /* If it's got HTTP in the request (HTTP/1.1) then it's HTTP */ |
352 | if (strstr(p, "HTTP")) |
353 | return 1; |
354 | |
355 | /* Otherwise it could be HTTP/1.0 without version: check if it's got an |
356 | * HTTP method (RFC2616 5.1.1) */ |
357 | probe_http_method(p, "OPTIONS"); |
358 | probe_http_method(p, "GET"); |
359 | probe_http_method(p, "HEAD"); |
360 | probe_http_method(p, "POST"); |
361 | probe_http_method(p, "PUT"); |
362 | probe_http_method(p, "DELETE"); |
363 | probe_http_method(p, "TRACE"); |
364 | probe_http_method(p, "CONNECT"); |
365 | |
366 | return 0; |
367 | } |
368 | |
369 | |
370 | /* |
371 | * Read the beginning of data coming from the client connection and check if |
372 | * it's a known protocol. Then leave the data on the defered |
373 | * write buffer of the connection and returns the protocol index in the |
374 | * protocols[] array * |
375 | */ |
376 | T_PROTO_ID probe_client_protocol(struct connection *cnx) |
377 | { |
378 | char buffer[BUFSIZ]; |
379 | int n, i; |
380 | |
381 | n = read(cnx->q[0].fd, buffer, sizeof(buffer)); |
382 | /* It's possible that read() returns an error, e.g. if the client |
383 | * disconnected between the previous call to select() and now. If that |
384 | * happens, we just connect to the default protocol so the caller of this |
385 | * function does not have to deal with a specific failure condition (the |
386 | * connection will just fail later normally). */ |
387 | if (n > 0) { |
388 | defer_write(&cnx->q[1], buffer, n); |
389 | |
390 | for (i = 0; i < ARRAY_SIZE(protocols); i++) { |
391 | if (protocols[i].affected) { |
392 | if (protocols[i].probe(buffer, n)) { |
393 | return i; |
394 | } |
395 | } |
396 | } |
397 | } |
398 | |
399 | /* If none worked, return the first one affected (that's completely |
400 | * arbitrary) */ |
401 | for (i = 0; i < ARRAY_SIZE(protocols); i++) |
402 | if (protocols[i].affected) |
403 | return i; |
404 | |
405 | /* At this stage... nothing is affected. This shouldn't happen as we check |
406 | * at least one target exists when we parse the commnand line */ |
407 | fprintf(stderr, "FATAL: No protocol affected. This should not happen.\n"); |
408 | exit(1); |
409 | } |
410 | |
411 | /* returns a string that prints the IP and port of the sockaddr */ |
412 | char* sprintaddr(char* buf, size_t size, struct addrinfo *a) |
413 | { |
414 | char host[NI_MAXHOST], serv[NI_MAXSERV]; |
415 | int res; |
416 | |
417 | res = getnameinfo(a->ai_addr, a->ai_addrlen, |
418 | host, sizeof(host), |
419 | serv, sizeof(serv), |
420 | numeric ? NI_NUMERICHOST | NI_NUMERICSERV : 0 ); |
421 | |
422 | if (res) { |
423 | log_message(LOG_ERR, "sprintaddr:getnameinfo: %s\n", gai_strerror(res)); |
424 | /* Name resolution failed: do it numerically instead */ |
425 | res = getnameinfo(a->ai_addr, a->ai_addrlen, |
426 | host, sizeof(host), |
427 | serv, sizeof(serv), |
428 | NI_NUMERICHOST | NI_NUMERICSERV); |
429 | /* should not fail but... */ |
430 | if (res) { |
431 | log_message(LOG_ERR, "sprintaddr:getnameinfo(NUM): %s\n", gai_strerror(res)); |
432 | strcpy(host, "?"); |
433 | strcpy(serv, "?"); |
434 | } |
435 | } |
436 | |
437 | snprintf(buf, size, "%s:%s", host, serv); |
438 | |
439 | return buf; |
440 | } |
441 | |
442 | /* turns a "hostname:port" string into a list of struct addrinfo; |
443 | out: list of newly allocated addrinfo (see getaddrinfo(3)); freeaddrinfo(3) when done |
444 | fullname: input string -- it gets clobbered |
445 | */ |
446 | void resolve_name(struct addrinfo **out, char* fullname) |
447 | { |
448 | struct addrinfo hint; |
449 | char *serv, *host; |
450 | int res; |
451 | |
452 | char *sep = strrchr(fullname, ':'); |
453 | |
454 | if (!sep) /* No separator: parameter is just a port */ |
455 | { |
456 | fprintf(stderr, "names must be fully specified as hostname:port\n"); |
457 | exit(1); |
458 | } |
459 | |
460 | host = fullname; |
461 | serv = sep+1; |
462 | *sep = 0; |
463 | |
464 | memset(&hint, 0, sizeof(hint)); |
465 | hint.ai_family = PF_UNSPEC; |
466 | hint.ai_socktype = SOCK_STREAM; |
467 | |
468 | res = getaddrinfo(host, serv, &hint, out); |
469 | if (res) { |
470 | fprintf(stderr, "%s `%s'\n", gai_strerror(res), fullname); |
471 | if (res == EAI_SERVICE) |
472 | fprintf(stderr, "(Check you have specified all ports)\n"); |
473 | exit(4); |
474 | } |
475 | } |
476 | |
477 | /* Log to syslog or stderr if foreground */ |
478 | void log_message(int type, char* msg, ...) |
479 | { |
480 | va_list ap; |
481 | |
482 | va_start(ap, msg); |
483 | if (foreground) |
484 | vfprintf(stderr, msg, ap); |
485 | else |
486 | vsyslog(type, msg, ap); |
487 | va_end(ap); |
488 | } |
489 | |
490 | /* syslogs who connected to where */ |
491 | void log_connection(struct connection *cnx) |
492 | { |
493 | struct addrinfo addr; |
494 | struct sockaddr_storage ss; |
495 | |
496 | char peer[MAX_NAMELENGTH], service[MAX_NAMELENGTH], |
497 | local[MAX_NAMELENGTH], target[MAX_NAMELENGTH]; |
498 | int res; |
499 | |
500 | addr.ai_addr = (struct sockaddr*)&ss; |
501 | addr.ai_addrlen = sizeof(ss); |
502 | |
503 | res = getpeername(cnx->q[0].fd, addr.ai_addr, &addr.ai_addrlen); |
504 | if (res == -1) return; /* that should never happen, right? */ |
505 | sprintaddr(peer, sizeof(peer), &addr); |
506 | |
507 | addr.ai_addrlen = sizeof(ss); |
508 | res = getsockname(cnx->q[0].fd, addr.ai_addr, &addr.ai_addrlen); |
509 | if (res == -1) return; |
510 | sprintaddr(service, sizeof(service), &addr); |
511 | |
512 | addr.ai_addrlen = sizeof(ss); |
513 | res = getpeername(cnx->q[1].fd, addr.ai_addr, &addr.ai_addrlen); |
514 | if (res == -1) return; |
515 | sprintaddr(target, sizeof(target), &addr); |
516 | |
517 | addr.ai_addrlen = sizeof(ss); |
518 | res = getsockname(cnx->q[1].fd, addr.ai_addr, &addr.ai_addrlen); |
519 | if (res == -1) return; |
520 | sprintaddr(local, sizeof(local), &addr); |
521 | |
522 | log_message(LOG_INFO, "connection from %s to %s forwarded from %s to %s\n", |
523 | peer, |
524 | service, |
525 | local, |
526 | target); |
527 | } |
528 | |
529 | |
530 | /* libwrap (tcpd): check the connection is legal. This is necessary because |
531 | * the actual server will only see a connection coming from localhost and can't |
532 | * apply the rules itself. |
533 | * |
534 | * Returns -1 if access is denied, 0 otherwise |
535 | */ |
536 | int check_access_rights(int in_socket, char* service) |
537 | { |
538 | |
539 | struct sockaddr peeraddr; |
540 | socklen_t size = sizeof(peeraddr); |
541 | char addr_str[NI_MAXHOST], host[NI_MAXHOST]; |
542 | int res; |
543 | |
544 | res = getpeername(in_socket, &peeraddr, &size); |
545 | CHECK_RES_DIE(res, "getpeername"); |
546 | |
547 | /* extract peer address */ |
548 | res = getnameinfo(&peeraddr, size, addr_str, sizeof(addr_str), NULL, 0, NI_NUMERICHOST); |
549 | if (res) { |
550 | if (verbose) |
551 | fprintf(stderr, "getnameinfo(NI_NUMERICHOST):%s\n", gai_strerror(res)); |
552 | strcpy(addr_str, STRING_UNKNOWN); |
553 | } |
554 | /* extract peer name */ |
555 | strcpy(host, STRING_UNKNOWN); |
556 | if (!numeric) { |
557 | res = getnameinfo(&peeraddr, size, host, sizeof(host), NULL, 0, NI_NAMEREQD); |
558 | if (res) { |
559 | if (verbose) |
560 | fprintf(stderr, "getnameinfo(NI_NAMEREQD):%s\n", gai_strerror(res)); |
561 | } |
562 | } |
563 | |
564 | if (!hosts_ctl(service, host, addr_str, STRING_UNKNOWN)) { |
565 | if (verbose) |
566 | fprintf(stderr, "access denied\n"); |
567 | log_message(LOG_INFO, "connection from %s(%s): access denied", host, addr_str); |
568 | close(in_socket); |
569 | return -1; |
570 | } |
571 | |
572 | return 0; |
573 | } |
574 | |
575 | |
576 | void setup_signals(void) |
577 | { |
578 | int res; |
579 | struct sigaction action; |
580 | |
581 | /* Request no SIGCHLD is sent upon termination of |
582 | * the children */ |
583 | memset(&action, 0, sizeof(action)); |
584 | action.sa_handler = NULL; |
585 | action.sa_flags = SA_NOCLDWAIT; |
586 | res = sigaction(SIGCHLD, &action, NULL); |
587 | CHECK_RES_DIE(res, "sigaction"); |
588 | |
589 | |
590 | /* Set SIGTERM to exit. For some reason if it's not set explicitely, |
591 | * coverage information is lost when killing the process */ |
592 | memset(&action, 0, sizeof(action)); |
593 | action.sa_handler = exit; |
594 | res = sigaction(SIGTERM, &action, NULL); |
595 | CHECK_RES_DIE(res, "sigaction"); |
596 | } |
597 | |
598 | /* Open syslog connection with appropriate banner; |
599 | * banner is made up of basename(bin_name)+"[pid]" */ |
600 | void setup_syslog(char* bin_name) { |
601 | char *name1, *name2; |
602 | |
603 | name1 = strdup(bin_name); |
604 | asprintf(&name2, "%s[%d]", basename(name1), getpid()); |
605 | openlog(name2, LOG_CONS, LOG_AUTH); |
606 | free(name1); |
607 | /* Don't free name2, as openlog(3) uses it (at least in glibc) */ |
608 | |
609 | log_message(LOG_INFO, "%s %s started\n", server_type, VERSION); |
610 | } |
611 | |
612 | /* We don't want to run as root -- drop priviledges if required */ |
613 | void drop_privileges(char* user_name) |
614 | { |
615 | int res; |
616 | struct passwd *pw = getpwnam(user_name); |
617 | if (!pw) { |
618 | fprintf(stderr, "%s: not found\n", user_name); |
619 | exit(2); |
620 | } |
621 | if (verbose) |
622 | fprintf(stderr, "turning into %s\n", user_name); |
623 | |
624 | res = setgid(pw->pw_gid); |
625 | CHECK_RES_DIE(res, "setgid"); |
626 | setuid(pw->pw_uid); |
627 | CHECK_RES_DIE(res, "setuid"); |
628 | } |
629 | |
630 | /* Writes my PID */ |
631 | void write_pid_file(char* pidfile) |
632 | { |
633 | FILE *f; |
634 | |
635 | f = fopen(pidfile, "w"); |
636 | if (!f) { |
637 | perror(pidfile); |
638 | exit(3); |
639 | } |
640 | |
641 | fprintf(f, "%d\n", getpid()); |
642 | fclose(f); |
643 | } |
644 | |
645 | void printsettings(void) |
646 | { |
647 | char buf[NI_MAXHOST]; |
648 | struct addrinfo *a; |
649 | int i; |
650 | |
651 | for (i = 0; i < ARRAY_SIZE(protocols); i++) { |
652 | if (protocols[i].affected) |
653 | fprintf(stderr, |
654 | "%s addr: %s. libwrap service: %s family %d %d\n", |
655 | protocols[i].description, |
656 | sprintaddr(buf, sizeof(buf), &protocols[i].saddr), |
657 | protocols[i].service, |
658 | protocols[i].saddr.ai_family, |
659 | protocols[i].saddr.ai_addr->sa_family); |
660 | } |
661 | fprintf(stderr, "listening on:\n"); |
662 | for (a = addr_listen; a; a = a->ai_next) { |
663 | fprintf(stderr, "\t%s\n", sprintaddr(buf, sizeof(buf), a)); |
664 | } |
665 | fprintf(stderr, "timeout to ssh: %d\n", probing_timeout); |
666 | } |
667 | |
668 | /* Adds protocols to the list of options, so command-line parsing uses the |
669 | * protocol definition array |
670 | * options: array of options to add to; must be big enough |
671 | * n_opts: number of options in *options before calling (i.e. where to append) |
672 | * prot: array of protocols |
673 | * n_prots: number of protocols in *prot |
674 | * */ |
675 | void append_protocols(struct option *options, int n_opts, struct proto *prot, int n_prots) |
676 | { |
677 | int o, p; |
678 | |
679 | for (o = n_opts, p = 0; p < n_prots; o++, p++) { |
680 | options[o].name = prot[p].description; |
681 | options[o].has_arg = required_argument; |
682 | options[o].flag = 0; |
683 | options[o].val = p + PROT_SHIFT; |
684 | } |
685 | } |
686 | |
687 |
Built with git-ssb-web