2 * userv service (or standalone program)
3 * for per-user IP subranges.
5 * This is invoked as root, directly from userv.
6 * Its arguments are supposed to be, in order:
8 * Specifies address ranges and gids which own them.
9 * -- Indicates that the remaining arguments are user-supplied
10 * and therefore untrusted.
11 * <local-addr>,<peer-addr>,<mtu>,<proto>
12 * As for slattach. Supported protocols are slip, cslip, and
13 * adaptive. Alternatively, set to `debug' to print debugging
14 * info. <local-addr> is address of the interface on chiark;
15 * <peer-addr> is the address of the point-to-point peer.
16 * <prefix>/<mask>,<prefix>/<mask>,...
17 * List of additional routes to add for this interface.
18 * May be the empty argument.
21 * <gid>,<prefix>/<len>[,<junk>]
22 * indicating that that gid may allocate addresses in
23 * the relevant subspace (<junk> is ignored)
26 * or /<config-file-name> or ./<config-file-name> or ../<config-file-name>
27 * which refers to a file which contains lines which
30 * which means that anything is permitted
32 * Should be run from userv with no-disconnect-hup.
48 static const unsigned long gidmaxval
= (unsigned long)((gid_t
)-2);
49 static const char *const protos_ok
[]= { "slip", "cslip", "adaptive", 0 };
51 static const char *configstr
, *proto
;
52 static unsigned long localaddr
, peeraddr
, mtu
;
53 static int localallow
, peerallow
, allallow
;
55 static struct exroute
{
56 unsigned long prefix
, mask
;
58 char prefixtxt
[ATXTLEN
], masktxt
[ATXTLEN
];
59 } exroutes
[MAXEXROUTES
];
61 static char localtxt
[ATXTLEN
];
62 static char peertxt
[ATXTLEN
];
64 static struct pplace
{
65 struct pplace
*parent
;
70 static void fatal(const char *fmt
, ...)
71 __attribute__((format(printf
,1,2)));
72 static void fatal(const char *fmt
, ...) {
76 fputs("userv-ipif service: fatal error: ",stderr
);
77 vfprintf(stderr
, fmt
, al
);
82 static void sysfatal(const char *fmt
, ...)
83 __attribute__((format(printf
,1,2)));
84 static void sysfatal(const char *fmt
, ...) {
91 fputs("userv-ipif service: fatal system error",stderr
);
92 vfprintf(stderr
, fmt
, al
);
93 fprintf(stderr
,"%s\n", strerror(e
));
98 static void badusage(const char *fmt
, ...)
99 __attribute__((format(printf
,1,2)));
100 static void badusage(const char *fmt
, ...) {
106 "userv-ipif service: %s:%d: ",
107 cpplace
->filename
, cpplace
->lineno
);
109 fputs("userv-ipif service: invalid usage: ",stderr
);
112 vfprintf(stderr
, fmt
, al
);
116 for (cpp
=cpplace
->parent
; cpp
; cpp
=cpp
->parent
) {
118 "userv-ipif service: %s:%d: ... in file included from here\n",
119 cpp
->filename
, cpp
->lineno
);
125 static char *ip2txt(unsigned long addr
, char *buf
) {
126 sprintf(buf
, "%lu.%lu.%lu.%lu",
134 static unsigned long eat_number(const char **argp
, const char *what
,
135 unsigned long min
, unsigned long max
,
136 const char *endchars
, int *endchar_r
) {
137 /* If !endchars then the endchar must be a nul, otherwise it may be
138 * a nul (resulting in *argp set to 0) or something else (*argp set
139 * to point to after delim, *endchar_r set to delim).
140 * *endchar_r may be 0.
146 if (!*argp
) { badusage("missing number %s\n",what
); }
147 rv
= strtoul(*argp
,&ep
,0);
148 if ((endchar
= *ep
)) {
149 if (!endchars
) badusage("junk after number %s\n",what
);
150 if (!strchr(endchars
,endchar
))
151 badusage("invalid character or delimiter `%c' in or after number, %s:"
152 " expected %s (or none?)\n", endchar
,what
,endchars
);
157 if (endchar_r
) *endchar_r
= endchar
;
158 if (rv
< min
|| rv
> max
) badusage("number %s value %lu out of range %lu..%lu",
163 static void addrnet_mustdiffer(const char *w1
, unsigned long p1
, unsigned long m1
,
164 const char *w2
, unsigned long p2
, unsigned long m2
) {
168 if ((p1
& mask
) != (p2
& mask
)) return;
169 badusage("%s %08lx/%08lx overlaps/clashes with %s %08lx/%08lx",
173 static unsigned long eat_addr(const char **argp
, const char *what
,
174 const char *endchars
, int *endchar_r
) {
183 sprintf(whatbuf
,"%s byte #%d",what
,i
);
184 rv
|= eat_number(argp
,whatbuf
, 0,255, i
<3 ?
"." : endchars
, endchar_r
);
190 static void eat_prefixmask(const char **argp
, const char *what
,
191 const char *endchars
, int *endchar_r
,
192 unsigned long *prefix_r
, unsigned long *mask_r
, int *len_r
) {
193 /* mask_r and len_r may be 0 */
196 unsigned long prefix
, mask
;
198 prefix
= eat_addr(argp
,what
, "/",0);
199 sprintf(whatbuf
,"%s length",what
);
200 len
= eat_number(argp
,whatbuf
, 0,32, endchars
,endchar_r
);
202 mask
= (~0UL << (32-len
));
203 if (prefix
& ~mask
) badusage("%s prefix %08lx not fully contained in mask %08lx\n",
206 if (mask_r
) *mask_r
= mask
;
207 if (len_r
) *len_r
= len
;
210 static int addrnet_isin(unsigned long prefix
, unsigned long mask
,
211 unsigned long mprefix
, unsigned long mmask
) {
212 return !(~mask
& mmask
) && (prefix
& mmask
) == mprefix
;
216 static void permit(unsigned long pprefix
, unsigned long pmask
) {
219 assert(!(pprefix
& ~pmask
));
221 if (!proto
) fputs("permits",stdout
);
222 if (addrnet_isin(localaddr
,~0UL, pprefix
,pmask
)) {
223 if (!proto
) fputs(" local-addr",stdout
);
226 if (addrnet_isin(peeraddr
,~0UL, pprefix
,pmask
)) {
227 if (!proto
) fputs(" peer-addr",stdout
);
230 for (i
=0; i
<nexroutes
; i
++) {
231 if (addrnet_isin(exroutes
[i
].prefix
,exroutes
[i
].mask
, pprefix
,pmask
)) {
232 if (!proto
) printf(" route#%d",i
);
233 any
= exroutes
[i
].allow
= 1;
237 if (!any
) fputs(" nothing!",stderr
);
242 static void pconfig(const char *configstr
, int truncated
);
244 static void pfile(const char *filename
) {
248 struct pplace npp
, *cpp
;
250 for (cpp
=cpplace
; cpp
; cpp
=cpp
->parent
) {
251 if (!strcmp(cpp
->filename
,filename
))
252 badusage("recursive configuration file `%s'",filename
);
255 file
= fopen(filename
,"r");
257 badusage("cannot open configuration file `%s': %s", filename
, strerror(errno
));
259 if (!proto
) printf("config file `%s':\n",filename
);
262 npp
.filename
= filename
;
266 while (fgets(buf
, sizeof(buf
), file
)) {
271 truncated
= (buf
[l
-1] != '\n');
272 while (l
>0 && isspace((unsigned char) buf
[l
-1])) l
--;
277 while ((c
= getc(file
)) != EOF
&& c
!= '\n');
281 pconfig(buf
,truncated
);
284 badusage("failed while reading configuration file: %s", strerror(errno
));
289 static void pconfig(const char *configstr
, int truncated
) {
290 unsigned long fgid
, tgid
, pprefix
, pmask
;
295 switch (configstr
[0]) {
297 if (strcmp(configstr
,"*")) badusage("`*' directive must be only thing on line");
305 if (truncated
) badusage("filename too long (`%.100s...')",configstr
);
310 if (!isdigit((unsigned char)configstr
[0]))
311 badusage("unknown configuration directive");
313 fgid
= eat_number(&configstr
,"gid", 0,gidmaxval
, ",",0);
314 eat_prefixmask(&configstr
,"permitted-prefix", ",",0, &pprefix
,&pmask
,&plen
);
315 if (!configstr
&& truncated
) badusage("gid,prefix/len,... spec too long");
317 if (!proto
) printf(" %5lu,%s/%d: ", fgid
, ip2txt(pprefix
,ptxt
), plen
);
319 gidlist
= getenv("USERV_GID");
320 if (!gidlist
) fatal("USERV_GID not set");
323 if (!proto
) printf("no matching gid\n");
326 tgid
= eat_number(&gidlist
,"userv-gid", 0,gidmaxval
, " ",0);
327 if (tgid
== fgid
) break;
329 permit(pprefix
,pmask
);
334 static void checkallow(int allow
, const char *what
,
335 const char *prefixtxt
, const char *masktxt
) {
337 fprintf(stderr
,"userv-ipif service: access denied for %s, %s/%s\n",
338 what
, prefixtxt
, masktxt
);
342 static void parseargs(int argc
, const char *const *argv
) {
343 unsigned long routeaddr
, routemask
;
345 const char *const *cprotop
;
347 char erwhatbuf
[100], erwhatbuf2
[100];
349 if (argc
< NARGS
+1) { badusage("too few arguments"); }
350 if (argc
> NARGS
+1) { badusage("too many arguments"); }
355 if (strcmp(carg
,"--")) badusage("separator argument `--' not found, got `%s'",carg
);
358 localaddr
= eat_addr(&carg
,"local-addr", ",",0);
359 peeraddr
= eat_addr(&carg
,"peer-addr", ",",0);
360 mtu
= eat_number(&carg
,"mtu", 576,65536, ",",0);
361 localallow
= peerallow
= 0;
363 if (!strcmp(carg
,"debug")) {
366 for (cprotop
= protos_ok
;
367 (proto
= *cprotop
) && strcmp(proto
,carg
);
369 if (!proto
) fatal("invalid protocol");
372 addrnet_mustdiffer("local-addr",localaddr
,~0UL, "peer-addr",peeraddr
,~0UL);
378 if (nexroutes
== MAXEXROUTES
)
379 fatal("too many extra routes (only %d allowed)",MAXEXROUTES
);
380 sprintf(erwhatbuf
,"route#%d",nexroutes
);
382 eat_prefixmask(&carg
,erwhatbuf
, ",",0, &routeaddr
,&routemask
,0);
383 if (routemask
== ~0UL) {
384 addrnet_mustdiffer(erwhatbuf
,routeaddr
,routemask
, "local-addr",localaddr
,~0UL);
385 addrnet_mustdiffer(erwhatbuf
,routeaddr
,routemask
, "peer-addr",peeraddr
,~0UL);
387 for (i
=0; i
<nexroutes
; i
++) {
388 sprintf(erwhatbuf2
,"route#%d",i
);
389 addrnet_mustdiffer(erwhatbuf
,routeaddr
,routemask
,
390 erwhatbuf2
,exroutes
[i
].prefix
,exroutes
[i
].mask
);
392 exroutes
[nexroutes
].prefix
= routeaddr
;
393 exroutes
[nexroutes
].mask
= routemask
;
394 exroutes
[nexroutes
].allow
= 0;
395 ip2txt(routeaddr
,exroutes
[nexroutes
].prefixtxt
);
396 ip2txt(routemask
,exroutes
[nexroutes
].masktxt
);
398 ip2txt(localaddr
,localtxt
);
399 ip2txt(peeraddr
,peertxt
);
402 static void checkpermit(void) {
407 checkallow(localallow
,"local-addr", localtxt
,"32");
408 checkallow(peerallow
,"peer-addr", peertxt
,"32");
409 for (i
=0; i
<nexroutes
; i
++) {
410 sprintf(erwhatbuf
, "route#%d", i
);
411 checkallow(exroutes
[i
].allow
, erwhatbuf
, exroutes
[i
].prefixtxt
, exroutes
[i
].masktxt
);
413 if (!allallow
) fatal("access denied");
416 static void dumpdebug(void) __attribute__((noreturn
));
417 static void dumpdebug(void) {
421 printf("protocol: debug\n"
422 "local: %08lx == %s\n"
423 "peer: %08lx == %s\n"
430 for (i
=0; i
<nexroutes
; i
++) {
431 sprintf(erwhatbuf
, "route#%d:", i
);
432 printf("%-9s %08lx/%08lx == %s/%s\n",
434 exroutes
[i
].prefix
, exroutes
[i
].mask
,
435 exroutes
[i
].prefixtxt
, exroutes
[i
].masktxt
);
437 if (ferror(stdout
) || fclose(stdout
)) sysfatal("flush stdout");
441 int main(int argc
, const char *const *argv
) {
442 parseargs(argc
,argv
);
443 pconfig(configstr
,0);
445 if (!proto
) dumpdebug();