[secnet] / netlink.c

/* User-kernel network link */

/* We support a variety of methods: userv-ipif, ipif on its own (when
   we run as root), SLIP to a pty, an external netlink daemon. There
   is a performance/security tradeoff. */

/* When dealing with SLIP (to a pty, or ipif) we have separate rx, tx
   and client buffers. When receiving we may read() any amount, not
   just whole packets. When transmitting we need to bytestuff anyway,
   and may be part-way through receiving. */

/* Each netlink device is actually a router, with its own IP
   address. We should eventually do things like decreasing the TTL and
   recalculating the header checksum, generating ICMP, responding to
   pings, etc. but for now we can get away without them. We should
   implement this stuff no matter how we get the packets to/from the
   kernel. */

/* This is where we have the anti-spoofing paranoia - before sending a
   packet to the kernel we check that the tunnel it came over could
   reasonably have produced it. */

#include <stdio.h>
#include <string.h>
#include <unistd.h>
#include <fcntl.h>

#include "secnet.h"
#include "util.h"

#define DEFAULT_BUFSIZE 2048

#define SLIP_END    192
#define SLIP_ESC    219
#define SLIP_ESCEND 220
#define SLIP_ESCESC 221

struct netlink_client {
    struct subnet_list *networks;
    netlink_deliver_fn *deliver;
    void *dst;
    struct netlink_client *next;
};

struct userv {
    closure_t cl;
    struct netlink_if ops;
    uint32_t max_start_pad;
    uint32_t max_end_pad;
    int txfd; /* We transmit to userv */
    int rxfd; /* We receive from userv */
    struct netlink_client *clients;
    string_t name;
    string_t userv_path;
    string_t service_user;
    string_t service_name;
    struct subnet_list networks;
    uint32_t local_address;
    uint32_t secnet_address;
    uint32_t mtu;
    uint32_t txbuflen;
    struct buffer_if *buff; /* We unstuff received packets into here
			       and send them to the site code. */
    bool_t pending_esc;
};

static int userv_beforepoll(void *sst, struct pollfd *fds, int *nfds_io,
			    int *timeout_io, const struct timeval *tv_now,
			    uint64_t *now)
{
    struct userv *st=sst;
    *nfds_io=2;
    fds[0].fd=st->txfd;
    fds[0].events=POLLERR; /* Might want to pick up POLLOUT sometime */
    fds[1].fd=st->rxfd;
    fds[1].events=POLLIN|POLLERR|POLLHUP;
    return 0;
}

static void process_local_packet(struct userv *st)
{
    uint32_t source,dest;
    struct netlink_client *c;

    source=ntohl(*(uint32_t *)(st->buff->start+12));
    dest=ntohl(*(uint32_t *)(st->buff->start+16));

/*    printf("process_local_packet source=%s dest=%s len=%d\n",
      ipaddr_to_string(source),ipaddr_to_string(dest),
      st->buff->size); */
    if (!subnet_match(&st->networks,source)) {
	string_t s,d;
	s=ipaddr_to_string(source);
	d=ipaddr_to_string(dest);
	Message(M_WARNING,"%s: outgoing packet with bad source address "
		"(s=%s,d=%s)\n",st->name,s,d);
	free(s); free(d);
	return;
    }
    for (c=st->clients; c; c=c->next) {
	if (subnet_match(c->networks,dest)) {
	    c->deliver(c->dst,c,st->buff);
	    BUF_ALLOC(st->buff,"netlink:process_local_packet");
	    return;
	}
    }
    if (dest==st->secnet_address) {
	printf("%s: secnet received packet of len %d from %s\n",st->name,
	       st->buff->size,ipaddr_to_string(source));
	return;
    }
    {
	string_t s,d;
	s=ipaddr_to_string(source);
	d=ipaddr_to_string(dest);
	Message(M_WARNING,"%s: outgoing packet with bad destination address "
			  "(s=%s,d=%s)\n",st->name,s,d);
	free(s); free(d);
	return;
    }
}

static void userv_afterpoll(void *sst, struct pollfd *fds, int nfds,
			    const struct timeval *tv_now, uint64_t *now)
{
    struct userv *st=sst;
    uint8_t rxbuf[DEFAULT_BUFSIZE];
    int l,i;

    if (fds[1].revents&POLLERR) {
	printf("userv_afterpoll: hup!\n");
    }
    if (fds[1].revents&POLLIN) {
	l=read(st->rxfd,rxbuf,DEFAULT_BUFSIZE);
	if (l<0) {
	    fatal_perror("userv_afterpoll: read(rxfd)");
	}
	if (l==0) {
	    fatal("userv_afterpoll: read(rxfd)=0; userv gone away?\n");
	}
	/* XXX really crude unstuff code */
	/* XXX check for buffer overflow */
	for (i=0; i<l; i++) {
	    if (st->pending_esc) {
		st->pending_esc=False;
		switch(rxbuf[i]) {
		case SLIP_ESCEND:
		    *(uint8_t *)buf_append(st->buff,1)=SLIP_END;
		    break;
		case SLIP_ESCESC:
		    *(uint8_t *)buf_append(st->buff,1)=SLIP_ESC;
		    break;
		default:
		    fatal("userv_afterpoll: bad SLIP escape character\n");
		}
	    } else {
		switch (rxbuf[i]) {
		case SLIP_END:
		    if (st->buff->size>0) process_local_packet(st);
		    BUF_ASSERT_USED(st->buff);
		    buffer_init(st->buff,st->max_start_pad);
		    break;
		case SLIP_ESC:
		    st->pending_esc=True;
		    break;
		default:
		    *(uint8_t *)buf_append(st->buff,1)=rxbuf[i];
		    break;
		}
	    }
	}
    }
    return;
}

static void userv_phase_hook(void *sst, uint32_t newphase)
{
    struct userv *st=sst;
    pid_t child;
    int c_stdin[2];
    int c_stdout[2];
    string_t addrs;
    string_t nets;
    string_t s;
    struct netlink_client *c;
    int i;

    /* This is where we actually invoke userv - all the networks we'll
       be using should already have been registered. */

    addrs=safe_malloc(512,"userv_phase_hook:addrs");
    snprintf(addrs,512,"%s,%s,%d,slip",ipaddr_to_string(st->local_address),
	     ipaddr_to_string(st->secnet_address),st->mtu);

    nets=safe_malloc(1024,"userv_phase_hook:nets");
    *nets=0;
    for (c=st->clients; c; c=c->next) {
	for (i=0; i<c->networks->entries; i++) {
	    s=subnet_to_string(&c->networks->list[i]);
	    strcat(nets,s);
	    strcat(nets,",");
	    free(s);
	}
    }
    nets[strlen(nets)-1]=0;

    Message(M_INFO,"\nuserv_phase_hook: %s %s %s %s %s\n",st->userv_path,
	   st->service_user,st->service_name,addrs,nets);

    /* Allocate buffer, plus space for padding. Make sure we end up
       with the start of the packet well-aligned. */
    /* ALIGN(st->max_start_pad,16); */
    /* ALIGN(st->max_end_pad,16); */

    st->pending_esc=False;

    /* Invoke userv */
    if (pipe(c_stdin)!=0) {
	fatal_perror("userv_phase_hook: pipe(c_stdin)");
    }
    if (pipe(c_stdout)!=0) {
	fatal_perror("userv_phase_hook: pipe(c_stdout)");
    }
    st->txfd=c_stdin[1];
    st->rxfd=c_stdout[0];

    child=fork();
    if (child==-1) {
	fatal_perror("userv_phase_hook: fork()");
    }
    if (child==0) {
	char **argv;

	/* We are the child. Modify our stdin and stdout, then exec userv */
	dup2(c_stdin[0],0);
	dup2(c_stdout[1],1);
	close(c_stdin[1]);
	close(c_stdout[0]);

	/* The arguments are:
	   userv
	   service-user
	   service-name
	   local-addr,secnet-addr,mtu,protocol
	   route1,route2,... */
	argv=malloc(sizeof(*argv)*6);
	argv[0]=st->userv_path;
	argv[1]=st->service_user;
	argv[2]=st->service_name;
	argv[3]=addrs;
	argv[4]=nets;
	argv[5]=NULL;
	execvp(st->userv_path,argv);
	perror("netlink-userv-ipif: execvp");

	exit(1);
    }
    /* We are the parent... */
	   
    /* Register for poll() */
    register_for_poll(st, userv_beforepoll, userv_afterpoll, 2, "netlink");
}

static void *userv_regnets(void *sst, struct subnet_list *nets,
			   netlink_deliver_fn *deliver, void *dst,
			   uint32_t max_start_pad, uint32_t max_end_pad)
{
    struct userv *st=sst;
    struct netlink_client *c;

    Message(M_DEBUG_CONFIG,"userv_regnets: request for %d networks, "
	    "max_start_pad=%d, max_end_pad=%d\n",
	    nets->entries,max_start_pad,max_end_pad);

    c=safe_malloc(sizeof(*c),"userv_regnets");
    c->networks=nets;
    c->deliver=deliver;
    c->dst=dst;
    c->next=st->clients;
    st->clients=c;
    if (max_start_pad > st->max_start_pad) st->max_start_pad=max_start_pad;
    if (max_end_pad > st->max_end_pad) st->max_end_pad=max_end_pad;

    return c;
}

static void userv_deliver(void *sst, void *cid, struct buffer_if *buf)
{
    struct userv *st=sst;
    struct netlink_client *client=cid;
    uint8_t txbuf[DEFAULT_BUFSIZE];

    uint32_t source,dest;
    uint8_t *i;
    uint32_t j;

    source=ntohl(*(uint32_t *)(buf->start+12));
    dest=ntohl(*(uint32_t *)(buf->start+16));

    /* Check that the packet source is in 'nets' and its destination is
       in client->networks */
    if (!subnet_match(client->networks,source)) {
	string_t s,d;
	s=ipaddr_to_string(source);
	d=ipaddr_to_string(dest);
	Message(M_WARNING,"%s: incoming packet with bad source address "
		"(s=%s,d=%s)\n",st->name,s,d);
	free(s); free(d);
	return;
    }
    if (!subnet_match(&st->networks,dest)) {
	string_t s,d;
	s=ipaddr_to_string(source);
	d=ipaddr_to_string(dest);
	Message(M_WARNING,"%s: incoming packet with bad destination address "
		"(s=%s,d=%s)\n",st->name,s,d);
	free(s); free(d);
	return;
    }

    /* Really we should decrease TTL, check it's above zero, and
       recalculate header checksum here. If it gets down to zero,
       generate an ICMP time-exceeded and send the new packet back to
       the originating tunnel. XXX check buffer usage! */

    /* (Basically do full IP packet forwarding stuff. Except that we
       know any packet passed in here is destined for the local
       machine; only exception is if it's destined for us.) */

    if (dest==st->secnet_address) {
	printf("%s: incoming tunneled packet for secnet!\n",st->name);
	return;
    }

    /* Now spit the packet at userv-ipif: SLIP start marker, then
       bytestuff the packet, then SLIP end marker */
    /* XXX crunchy bytestuff code */
    j=0;
    txbuf[j++]=SLIP_END;
    for (i=buf->start; i<(buf->start+buf->size); i++) {
	switch (*i) {
	case SLIP_END:
	    txbuf[j++]=SLIP_ESC;
	    txbuf[j++]=SLIP_ESCEND;
	    break;
	case SLIP_ESC:
	    txbuf[j++]=SLIP_ESC;
	    txbuf[j++]=SLIP_ESCESC;
	    break;
	default:
	    txbuf[j++]=*i;
	    break;
	}
    }
    txbuf[j++]=SLIP_END;
    if (write(st->txfd,txbuf,j)<0) {
	fatal_perror("userv_deliver: write()");
    }

    return;
}

static list_t *userv_apply(closure_t *self, struct cloc loc, dict_t *context,
			   list_t *args)
{
    struct userv *st;
    item_t *item;
    dict_t *dict;

    st=safe_malloc(sizeof(*st),"userv_apply (netlink)");
    st->cl.description="userv-netlink";
    st->cl.type=CL_NETLINK;
    st->cl.apply=NULL;
    st->cl.interface=&st->ops;
    st->ops.st=st;
    st->ops.regnets=userv_regnets;
    st->ops.deliver=userv_deliver;
    st->max_start_pad=0;
    st->max_end_pad=0;
    st->rxfd=-1; st->txfd=-1;
    st->clients=NULL;

    /* First parameter must be a dict */
    item=list_elem(args,0);
    if (!item || item->type!=t_dict)
	cfgfatal(loc,"userv-ipif","parameter must be a dictionary\n");
    
    dict=item->data.dict;
    st->name=dict_read_string(dict,"name",False,"userv-netlink",loc);
    st->userv_path=dict_read_string(dict,"userv-path",False,"userv-netlink",
				    loc);
    st->service_user=dict_read_string(dict,"service-user",False,
				      "userv-netlink",loc);
    st->service_name=dict_read_string(dict,"service-name",False,
				      "userv-netlink",loc);
    if (!st->name) st->name="netlink-userv-ipif";
    if (!st->userv_path) st->userv_path="userv";
    if (!st->service_user) st->service_user="root";
    if (!st->service_name) st->service_name="ipif";
    dict_read_subnet_list(dict, "networks", True, "userv-netlink", loc,
			  &st->networks);
    st->local_address=string_to_ipaddr(
	dict_find_item(dict,"local-address", True, "userv-netlink", loc),
	"userv-netlink");
    st->secnet_address=string_to_ipaddr(
	dict_find_item(dict,"secnet-address", True, "userv-netlink", loc),
	"userv-netlink");
    if (!subnet_match(&st->networks,st->local_address)) {
	cfgfatal(loc,"netlink-userv-ipif","local-address must be in "
	      "local networks\n");
    }
    st->mtu=dict_read_number(dict, "mtu", False, "userv-netlink", loc, 1000);
    st->buff=find_cl_if(dict,"buffer",CL_BUFFER,True,"userv-netlink",loc);
    BUF_ALLOC(st->buff,"netlink:userv_apply");

    add_hook(PHASE_DROPPRIV,userv_phase_hook,st);

    return new_closure(&st->cl);
}

struct null {
    closure_t cl;
    struct netlink_if ops;
};

static void *null_regnets(void *sst, struct subnet_list *nets,
			  netlink_deliver_fn *deliver, void *dst,
			  uint32_t max_start_pad, uint32_t max_end_pad)
{
    Message(M_DEBUG_CONFIG,"null_regnets: request for %d networks, "
	    "max_start_pad=%d, max_end_pad=%d\n",
	    nets->entries,max_start_pad,max_end_pad);
    return NULL;
}

static void null_deliver(void *sst, void *cid, struct buffer_if *buf)
{
    return;
}

static list_t *null_apply(closure_t *self, struct cloc loc, dict_t *context,
			  list_t *args)
{
    struct null *st;

    st=safe_malloc(sizeof(*st),"null_apply (netlink)");
    st->cl.description="null-netlink";
    st->cl.type=CL_NETLINK;
    st->cl.apply=NULL;
    st->cl.interface=&st->ops;
    st->ops.st=st;
    st->ops.regnets=null_regnets;
    st->ops.deliver=null_deliver;

    return new_closure(&st->cl);
}

init_module netlink_module;
void netlink_module(dict_t *dict)
{
    add_closure(dict,"userv-ipif",userv_apply);
#if 0
    add_closure(dict,"pty-slip",ptyslip_apply);
    add_closure(dict,"slipd",slipd_apply);
#endif /* 0 */
    add_closure(dict,"null-netlink",null_apply);
}
Commit	Line	Data
2fe58dfd SE	1	/* User-kernel network link */
	2
	3	/* We support a variety of methods: userv-ipif, ipif on its own (when
	4	we run as root), SLIP to a pty, an external netlink daemon. There
	5	is a performance/security tradeoff. */
	6
	7	/* When dealing with SLIP (to a pty, or ipif) we have separate rx, tx
	8	and client buffers. When receiving we may read() any amount, not
	9	just whole packets. When transmitting we need to bytestuff anyway,
	10	and may be part-way through receiving. */
	11
	12	/* Each netlink device is actually a router, with its own IP
	13	address. We should eventually do things like decreasing the TTL and
	14	recalculating the header checksum, generating ICMP, responding to
	15	pings, etc. but for now we can get away without them. We should
	16	implement this stuff no matter how we get the packets to/from the
	17	kernel. */
	18
	19	/* This is where we have the anti-spoofing paranoia - before sending a
	20	packet to the kernel we check that the tunnel it came over could
	21	reasonably have produced it. */
	22
	23	#include <stdio.h>
	24	#include <string.h>
	25	#include <unistd.h>
	26	#include <fcntl.h>
	27
	28	#include "secnet.h"
	29	#include "util.h"
	30
	31	#define DEFAULT_BUFSIZE 2048
	32
	33	#define SLIP_END 192
	34	#define SLIP_ESC 219
	35	#define SLIP_ESCEND 220
	36	#define SLIP_ESCESC 221
	37
	38	struct netlink_client {
	39	struct subnet_list *networks;
	40	netlink_deliver_fn *deliver;
	41	void *dst;
	42	struct netlink_client *next;
	43	};
	44
	45	struct userv {
	46	closure_t cl;
	47	struct netlink_if ops;
	48	uint32_t max_start_pad;
	49	uint32_t max_end_pad;
	50	int txfd; /* We transmit to userv */
	51	int rxfd; /* We receive from userv */
	52	struct netlink_client *clients;
	53	string_t name;
	54	string_t userv_path;
	55	string_t service_user;
	56	string_t service_name;
	57	struct subnet_list networks;
	58	uint32_t local_address;
	59	uint32_t secnet_address;
	60	uint32_t mtu;
	61	uint32_t txbuflen;
	62	struct buffer_if buff; / We unstuff received packets into here
	63	and send them to the site code. */
	64	bool_t pending_esc;
65	};
66
67	static int userv_beforepoll(void sst, struct pollfd fds, int *nfds_io,
68	int timeout_io, const struct timeval tv_now,
69	uint64_t *now)
70	{
71	struct userv *st=sst;
72	*nfds_io=2;
73	fds[0].fd=st->txfd;
74	fds[0].events=POLLERR; /* Might want to pick up POLLOUT sometime */
75	fds[1].fd=st->rxfd;
76	fds[1].events=POLLIN\|POLLERR\|POLLHUP;
77	return 0;
78	}
79
80	static void process_local_packet(struct userv *st)
81	{
82	uint32_t source,dest;
83	struct netlink_client *c;
84
85	source=ntohl((uint32_t )(st->buff->start+12));
86	dest=ntohl((uint32_t )(st->buff->start+16));
87
88	/* printf("process_local_packet source=%s dest=%s len=%d\n",
89	ipaddr_to_string(source),ipaddr_to_string(dest),
90	st->buff->size); */
91	if (!subnet_match(&st->networks,source)) {
92	string_t s,d;
93	s=ipaddr_to_string(source);
94	d=ipaddr_to_string(dest);
95	Message(M_WARNING,"%s: outgoing packet with bad source address "
96	"(s=%s,d=%s)\n",st->name,s,d);
97	free(s); free(d);
98	return;
99	}
100	for (c=st->clients; c; c=c->next) {
101	if (subnet_match(c->networks,dest)) {
102	c->deliver(c->dst,c,st->buff);
103	BUF_ALLOC(st->buff,"netlink:process_local_packet");
104	return;
105	}
106	}
107	if (dest==st->secnet_address) {
108	printf("%s: secnet received packet of len %d from %s\n",st->name,
109	st->buff->size,ipaddr_to_string(source));
110	return;
111	}
112	{
113	string_t s,d;
114	s=ipaddr_to_string(source);
115	d=ipaddr_to_string(dest);
116	Message(M_WARNING,"%s: outgoing packet with bad destination address "
117	"(s=%s,d=%s)\n",st->name,s,d);
118	free(s); free(d);
119	return;
120	}
121	}
122
123	static void userv_afterpoll(void sst, struct pollfd fds, int nfds,
124	const struct timeval tv_now, uint64_t now)
125	{
126	struct userv *st=sst;
127	uint8_t rxbuf[DEFAULT_BUFSIZE];
128	int l,i;
129
130	if (fds[1].revents&POLLERR) {
131	printf("userv_afterpoll: hup!\n");
132	}
133	if (fds[1].revents&POLLIN) {
134	l=read(st->rxfd,rxbuf,DEFAULT_BUFSIZE);
135	if (l<0) {
136	fatal_perror("userv_afterpoll: read(rxfd)");
137	}
138	if (l==0) {
139	fatal("userv_afterpoll: read(rxfd)=0; userv gone away?\n");
140	}
141	/* XXX really crude unstuff code */
142	/* XXX check for buffer overflow */
143	for (i=0; i<l; i++) {
144	if (st->pending_esc) {
145	st->pending_esc=False;
146	switch(rxbuf[i]) {
147	case SLIP_ESCEND:
148	(uint8_t )buf_append(st->buff,1)=SLIP_END;
149	break;
150	case SLIP_ESCESC:
151	(uint8_t )buf_append(st->buff,1)=SLIP_ESC;
152	break;
153	default:
154	fatal("userv_afterpoll: bad SLIP escape character\n");
155	}
156	} else {
157	switch (rxbuf[i]) {
158	case SLIP_END:
159	if (st->buff->size>0) process_local_packet(st);
160	BUF_ASSERT_USED(st->buff);
161	buffer_init(st->buff,st->max_start_pad);
162	break;
163	case SLIP_ESC:
164	st->pending_esc=True;
165	break;
166	default:
167	(uint8_t )buf_append(st->buff,1)=rxbuf[i];
168	break;
169	}
170	}
171	}
172	}
173	return;
174	}
175
176	static void userv_phase_hook(void *sst, uint32_t newphase)
177	{
178	struct userv *st=sst;
179	pid_t child;
180	int c_stdin[2];
181	int c_stdout[2];
182	string_t addrs;
183	string_t nets;
184	string_t s;
185	struct netlink_client *c;
186	int i;
187
188	/* This is where we actually invoke userv - all the networks we'll
189	be using should already have been registered. */
190
191	addrs=safe_malloc(512,"userv_phase_hook:addrs");
192	snprintf(addrs,512,"%s,%s,%d,slip",ipaddr_to_string(st->local_address),
193	ipaddr_to_string(st->secnet_address),st->mtu);
194
195	nets=safe_malloc(1024,"userv_phase_hook:nets");
196	*nets=0;
197	for (c=st->clients; c; c=c->next) {
198	for (i=0; i<c->networks->entries; i++) {
199	s=subnet_to_string(&c->networks->list[i]);
200	strcat(nets,s);
201	strcat(nets,",");
202	free(s);
203	}
204	}
205	nets[strlen(nets)-1]=0;
206
207	Message(M_INFO,"\nuserv_phase_hook: %s %s %s %s %s\n",st->userv_path,
208	st->service_user,st->service_name,addrs,nets);
209
210	/* Allocate buffer, plus space for padding. Make sure we end up
211	with the start of the packet well-aligned. */
212	/* ALIGN(st->max_start_pad,16); */
213	/* ALIGN(st->max_end_pad,16); */
214
215	st->pending_esc=False;
216
217	/* Invoke userv */
218	if (pipe(c_stdin)!=0) {
219	fatal_perror("userv_phase_hook: pipe(c_stdin)");
220	}
221	if (pipe(c_stdout)!=0) {
222	fatal_perror("userv_phase_hook: pipe(c_stdout)");
223	}
224	st->txfd=c_stdin[1];
225	st->rxfd=c_stdout[0];
226
227	child=fork();
228	if (child==-1) {
229	fatal_perror("userv_phase_hook: fork()");
230	}
231	if (child==0) {
232	char **argv;
233
234	/* We are the child. Modify our stdin and stdout, then exec userv */
235	dup2(c_stdin[0],0);
236	dup2(c_stdout[1],1);
237	close(c_stdin[1]);
238	close(c_stdout[0]);
239
240	/* The arguments are:
241	userv
242	service-user
243	service-name
244	local-addr,secnet-addr,mtu,protocol
245	route1,route2,... */
246	argv=malloc(sizeof(argv)6);
247	argv[0]=st->userv_path;
248	argv[1]=st->service_user;
249	argv[2]=st->service_name;
250	argv[3]=addrs;
251	argv[4]=nets;
252	argv[5]=NULL;
253	execvp(st->userv_path,argv);
254	perror("netlink-userv-ipif: execvp");
255
256	exit(1);
257	}
258	/* We are the parent... */
259
260	/* Register for poll() */
261	register_for_poll(st, userv_beforepoll, userv_afterpoll, 2, "netlink");
262	}
263
264	static void userv_regnets(void sst, struct subnet_list *nets,
265	netlink_deliver_fn deliver, void dst,
266	uint32_t max_start_pad, uint32_t max_end_pad)
267	{
268	struct userv *st=sst;
269	struct netlink_client *c;
270
271	Message(M_DEBUG_CONFIG,"userv_regnets: request for %d networks, "
272	"max_start_pad=%d, max_end_pad=%d\n",
273	nets->entries,max_start_pad,max_end_pad);
274
275	c=safe_malloc(sizeof(*c),"userv_regnets");
276	c->networks=nets;
277	c->deliver=deliver;
278	c->dst=dst;
279	c->next=st->clients;
280	st->clients=c;
281	if (max_start_pad > st->max_start_pad) st->max_start_pad=max_start_pad;
282	if (max_end_pad > st->max_end_pad) st->max_end_pad=max_end_pad;
283
284	return c;
285	}
286
287	static void userv_deliver(void sst, void cid, struct buffer_if *buf)
288	{
289	struct userv *st=sst;
290	struct netlink_client *client=cid;
291	uint8_t txbuf[DEFAULT_BUFSIZE];
292
293	uint32_t source,dest;
294	uint8_t *i;
295	uint32_t j;
296
297	source=ntohl((uint32_t )(buf->start+12));
298	dest=ntohl((uint32_t )(buf->start+16));
299
300	/* Check that the packet source is in 'nets' and its destination is
301	in client->networks */
302	if (!subnet_match(client->networks,source)) {
303	string_t s,d;
304	s=ipaddr_to_string(source);
305	d=ipaddr_to_string(dest);
306	Message(M_WARNING,"%s: incoming packet with bad source address "
307	"(s=%s,d=%s)\n",st->name,s,d);
308	free(s); free(d);
309	return;
310	}
311	if (!subnet_match(&st->networks,dest)) {
312	string_t s,d;
313	s=ipaddr_to_string(source);
314	d=ipaddr_to_string(dest);
315	Message(M_WARNING,"%s: incoming packet with bad destination address "
316	"(s=%s,d=%s)\n",st->name,s,d);
317	free(s); free(d);
318	return;
319	}
320
321	/* Really we should decrease TTL, check it's above zero, and
322	recalculate header checksum here. If it gets down to zero,
323	generate an ICMP time-exceeded and send the new packet back to
324	the originating tunnel. XXX check buffer usage! */
325
326	/* (Basically do full IP packet forwarding stuff. Except that we
327	know any packet passed in here is destined for the local
328	machine; only exception is if it's destined for us.) */
329
330	if (dest==st->secnet_address) {
331	printf("%s: incoming tunneled packet for secnet!\n",st->name);
332	return;
333	}
334
335	/* Now spit the packet at userv-ipif: SLIP start marker, then
336	bytestuff the packet, then SLIP end marker */
337	/* XXX crunchy bytestuff code */
338	j=0;
339	txbuf[j++]=SLIP_END;
340	for (i=buf->start; i<(buf->start+buf->size); i++) {
341	switch (*i) {
342	case SLIP_END:
343	txbuf[j++]=SLIP_ESC;
344	txbuf[j++]=SLIP_ESCEND;
345	break;
346	case SLIP_ESC:
347	txbuf[j++]=SLIP_ESC;
348	txbuf[j++]=SLIP_ESCESC;
349	break;
350	default:
351	txbuf[j++]=*i;
352	break;
353	}
354	}
355	txbuf[j++]=SLIP_END;
356	if (write(st->txfd,txbuf,j)<0) {
357	fatal_perror("userv_deliver: write()");
358	}
359
360	return;
361	}
362
363	static list_t userv_apply(closure_t self, struct cloc loc, dict_t *context,
364	list_t *args)
365	{
366	struct userv *st;
367	item_t *item;
368	dict_t *dict;
369
370	st=safe_malloc(sizeof(*st),"userv_apply (netlink)");
371	st->cl.description="userv-netlink";
372	st->cl.type=CL_NETLINK;
373	st->cl.apply=NULL;
374	st->cl.interface=&st->ops;
375	st->ops.st=st;
376	st->ops.regnets=userv_regnets;
377	st->ops.deliver=userv_deliver;
378	st->max_start_pad=0;
379	st->max_end_pad=0;
380	st->rxfd=-1; st->txfd=-1;
381	st->clients=NULL;
382
383	/* First parameter must be a dict */
384	item=list_elem(args,0);
385	if (!item \|\| item->type!=t_dict)
386	cfgfatal(loc,"userv-ipif","parameter must be a dictionary\n");
387
388	dict=item->data.dict;
389	st->name=dict_read_string(dict,"name",False,"userv-netlink",loc);
390	st->userv_path=dict_read_string(dict,"userv-path",False,"userv-netlink",
391	loc);
392	st->service_user=dict_read_string(dict,"service-user",False,
393	"userv-netlink",loc);
394	st->service_name=dict_read_string(dict,"service-name",False,
395	"userv-netlink",loc);
396	if (!st->name) st->name="netlink-userv-ipif";
397	if (!st->userv_path) st->userv_path="userv";
398	if (!st->service_user) st->service_user="root";
399	if (!st->service_name) st->service_name="ipif";
400	dict_read_subnet_list(dict, "networks", True, "userv-netlink", loc,
401	&st->networks);
402	st->local_address=string_to_ipaddr(
403	dict_find_item(dict,"local-address", True, "userv-netlink", loc),
404	"userv-netlink");
405	st->secnet_address=string_to_ipaddr(
406	dict_find_item(dict,"secnet-address", True, "userv-netlink", loc),
407	"userv-netlink");
408	if (!subnet_match(&st->networks,st->local_address)) {
409	cfgfatal(loc,"netlink-userv-ipif","local-address must be in "
410	"local networks\n");
411	}
412	st->mtu=dict_read_number(dict, "mtu", False, "userv-netlink", loc, 1000);
413	st->buff=find_cl_if(dict,"buffer",CL_BUFFER,True,"userv-netlink",loc);
414	BUF_ALLOC(st->buff,"netlink:userv_apply");
415
416	add_hook(PHASE_DROPPRIV,userv_phase_hook,st);
417
418	return new_closure(&st->cl);
419	}
420
421	struct null {
422	closure_t cl;
423	struct netlink_if ops;
424	};
425
426	static void null_regnets(void sst, struct subnet_list *nets,
427	netlink_deliver_fn deliver, void dst,
428	uint32_t max_start_pad, uint32_t max_end_pad)
429	{
430	Message(M_DEBUG_CONFIG,"null_regnets: request for %d networks, "
431	"max_start_pad=%d, max_end_pad=%d\n",
432	nets->entries,max_start_pad,max_end_pad);
433	return NULL;
434	}
435
436	static void null_deliver(void sst, void cid, struct buffer_if *buf)
437	{
438	return;
439	}
440
441	static list_t null_apply(closure_t self, struct cloc loc, dict_t *context,
442	list_t *args)
443	{
444	struct null *st;
445
446	st=safe_malloc(sizeof(*st),"null_apply (netlink)");
447	st->cl.description="null-netlink";
448	st->cl.type=CL_NETLINK;
449	st->cl.apply=NULL;
450	st->cl.interface=&st->ops;
451	st->ops.st=st;
452	st->ops.regnets=null_regnets;
453	st->ops.deliver=null_deliver;
454
455	return new_closure(&st->cl);
456	}
457
458	init_module netlink_module;
459	void netlink_module(dict_t *dict)
460	{
461	add_closure(dict,"userv-ipif",userv_apply);
462	#if 0
463	add_closure(dict,"pty-slip",ptyslip_apply);
464	add_closure(dict,"slipd",slipd_apply);
465	#endif /* 0 */
466	add_closure(dict,"null-netlink",null_apply);
467	}