Commit | Line | Data |
---|---|---|
9da480be MW |
1 | /* -*-c-*- |
2 | * | |
3 | * Main daemon | |
4 | * | |
5 | * (c) 2012 Straylight/Edgeware | |
6 | */ | |
7 | ||
8 | /*----- Licensing notice --------------------------------------------------* | |
9 | * | |
10 | * This file is part of Yet Another Ident Daemon (YAID). | |
11 | * | |
12 | * YAID is free software; you can redistribute it and/or modify | |
13 | * it under the terms of the GNU General Public License as published by | |
14 | * the Free Software Foundation; either version 2 of the License, or | |
15 | * (at your option) any later version. | |
16 | * | |
17 | * YAID is distributed in the hope that it will be useful, | |
18 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
19 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
20 | * GNU General Public License for more details. | |
21 | * | |
22 | * You should have received a copy of the GNU General Public License | |
23 | * along with YAID; if not, write to the Free Software Foundation, | |
24 | * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. | |
25 | */ | |
26 | ||
27 | /*----- Header files ------------------------------------------------------*/ | |
28 | ||
29 | #include "yaid.h" | |
30 | ||
31 | /*----- Data structures ---------------------------------------------------*/ | |
32 | ||
33 | struct listen { | |
bf4d9761 | 34 | const struct addrops *ao; |
9da480be MW |
35 | sel_file f; |
36 | }; | |
37 | ||
38 | #define WRBUFSZ 1024 | |
39 | struct writebuf { | |
40 | size_t o, n; | |
41 | sel_file wr; | |
42 | void (*func)(int, void *); | |
43 | void *p; | |
44 | unsigned char buf[WRBUFSZ]; | |
45 | }; | |
46 | ||
47 | struct proxy { | |
48 | struct client *c; | |
49 | int fd; | |
50 | conn cn; | |
51 | selbuf b; | |
52 | struct writebuf wb; | |
53 | char nat[ADDRLEN]; | |
54 | }; | |
55 | ||
56 | struct client { | |
57 | selbuf b; | |
58 | int fd; | |
59 | struct query q; | |
60 | struct listen *l; | |
61 | struct writebuf wb; | |
62 | struct proxy *px; | |
63 | }; | |
64 | ||
65 | /*----- Static variables --------------------------------------------------*/ | |
66 | ||
67 | static sel_state sel; | |
68 | ||
69 | static policy_v policy = DA_INIT; | |
70 | static fwatch polfw; | |
71 | ||
72 | static unsigned char tokenbuf[4096]; | |
73 | static size_t tokenptr = sizeof(tokenbuf); | |
74 | static int randfd; | |
75 | ||
76 | /*----- Main code ---------------------------------------------------------*/ | |
77 | ||
9da480be MW |
78 | void logmsg(const struct query *q, int prio, const char *msg, ...) |
79 | { | |
80 | va_list ap; | |
81 | dstr d = DSTR_INIT; | |
82 | ||
83 | va_start(ap, msg); | |
84 | if (q) { | |
bf4d9761 | 85 | dputsock(&d, q->ao, &q->s[L]); |
9da480be | 86 | dstr_puts(&d, " <-> "); |
bf4d9761 | 87 | dputsock(&d, q->ao, &q->s[R]); |
9da480be MW |
88 | dstr_puts(&d, ": "); |
89 | } | |
90 | dstr_vputf(&d, msg, &ap); | |
91 | va_end(ap); | |
92 | fprintf(stderr, "yaid: %s\n", d.buf); | |
93 | dstr_destroy(&d); | |
94 | } | |
95 | ||
96 | static void write_out(int fd, unsigned mode, void *p) | |
97 | { | |
98 | ssize_t n; | |
99 | struct writebuf *wb = p; | |
100 | ||
101 | if ((n = write(fd, wb->buf + wb->o, wb->n)) < 0) { | |
102 | if (errno == EAGAIN || errno == EWOULDBLOCK) return; | |
103 | wb->n = 0; | |
104 | sel_rmfile(&wb->wr); | |
105 | wb->func(errno, wb->p); | |
106 | } | |
107 | wb->o += n; | |
108 | wb->n -= n; | |
109 | if (!wb->n) { | |
110 | wb->o = 0; | |
111 | sel_rmfile(&wb->wr); | |
112 | wb->func(0, wb->p); | |
113 | } | |
114 | } | |
115 | ||
116 | static int queue_write(struct writebuf *wb, const void *p, size_t n) | |
117 | { | |
118 | if (!n) return (0); | |
119 | if (wb->n - wb->o + n > WRBUFSZ) return (-1); | |
120 | if (wb->o) { | |
121 | memmove(wb->buf, wb->buf + wb->o, wb->n); | |
122 | wb->o = 0; | |
123 | } | |
124 | memcpy(wb->buf + wb->n, p, n); | |
125 | if (!wb->n) { | |
126 | sel_addfile(&wb->wr); | |
127 | sel_force(&wb->wr); | |
128 | } | |
129 | wb->n += n; | |
130 | return (0); | |
131 | } | |
132 | ||
133 | static void free_writebuf(struct writebuf *wb) | |
134 | { if (wb->n) sel_rmfile(&wb->wr); } | |
135 | ||
136 | static void init_writebuf(struct writebuf *wb, | |
137 | int fd, void (*func)(int, void *), void *p) | |
138 | { | |
139 | sel_initfile(&sel, &wb->wr, fd, SEL_WRITE, write_out, wb); | |
140 | wb->func = func; | |
141 | wb->p = p; | |
142 | wb->n = wb->o = 0; | |
143 | } | |
144 | ||
145 | static void cancel_proxy(struct proxy *px) | |
146 | { | |
147 | if (px->fd == -1) | |
148 | conn_kill(&px->cn); | |
149 | else { | |
150 | close(px->fd); | |
151 | selbuf_destroy(&px->b); | |
152 | free_writebuf(&px->wb); | |
153 | } | |
154 | selbuf_enable(&px->c->b); | |
155 | px->c->px = 0; | |
156 | xfree(px); | |
157 | } | |
158 | ||
159 | static void disconnect_client(struct client *c) | |
160 | { | |
161 | close(c->fd); | |
162 | selbuf_destroy(&c->b); | |
163 | free_writebuf(&c->wb); | |
164 | if (c->px) cancel_proxy(c->px); | |
165 | xfree(c); | |
166 | } | |
167 | ||
168 | static void done_client_write(int err, void *p) | |
169 | { | |
170 | struct client *c = p; | |
171 | ||
172 | if (!err) | |
173 | selbuf_enable(&c->b); | |
174 | else { | |
175 | logmsg(&c->q, LOG_ERR, "failed to send reply: %s", strerror(err)); | |
176 | disconnect_client(c); | |
177 | } | |
178 | } | |
179 | ||
180 | static void write_to_client(struct client *c, const char *fmt, ...) | |
181 | { | |
182 | va_list ap; | |
183 | char buf[WRBUFSZ]; | |
184 | ssize_t n; | |
185 | ||
186 | va_start(ap, fmt); | |
187 | n = vsnprintf(buf, sizeof(buf), fmt, ap); | |
188 | if (n < 0) { | |
189 | logmsg(&c->q, LOG_ERR, "failed to format output: %s", strerror(errno)); | |
190 | disconnect_client(c); | |
191 | return; | |
192 | } else if (n > sizeof(buf)) { | |
193 | logmsg(&c->q, LOG_ERR, "output too long for client send buffer"); | |
194 | disconnect_client(c); | |
195 | return; | |
196 | } | |
197 | ||
198 | selbuf_disable(&c->b); | |
199 | if (queue_write(&c->wb, buf, n)) { | |
200 | logmsg(&c->q, LOG_ERR, "write buffer overflow"); | |
201 | disconnect_client(c); | |
202 | } | |
203 | } | |
204 | ||
205 | static void reply(struct client *c, const char *ty, const char *msg) | |
206 | { | |
207 | write_to_client(c, "%u,%u:%s:%s\r\n", | |
208 | c->q.s[L].port, c->q.s[R].port, ty, msg); | |
209 | } | |
210 | ||
bf4d9761 MW |
211 | const char *const errtok[] = { |
212 | #define DEFTOK(err, tok) tok, | |
213 | ERROR(DEFTOK) | |
214 | #undef DEFTOK | |
215 | }; | |
216 | ||
9da480be MW |
217 | static void reply_error(struct client *c, unsigned err) |
218 | { | |
219 | assert(err < E_LIMIT); | |
220 | reply(c, "ERROR", errtok[err]); | |
221 | } | |
222 | ||
223 | static void skipws(const char **pp) | |
224 | { while (isspace((unsigned char )**pp)) (*pp)++; } | |
225 | ||
226 | static int idtoken(const char **pp, char *q, size_t n) | |
227 | { | |
228 | const char *p = *pp; | |
229 | ||
230 | skipws(&p); | |
231 | n--; | |
232 | for (;;) { | |
233 | if (*p == ':' || *p <= 32 || *p >= 127) break; | |
234 | if (!n) return (-1); | |
235 | *q++ = *p++; | |
236 | n--; | |
237 | } | |
238 | *q++ = 0; | |
239 | *pp = p; | |
240 | return (0); | |
241 | } | |
242 | ||
243 | static int unum(const char **pp, unsigned *ii, unsigned min, unsigned max) | |
244 | { | |
245 | char *q; | |
246 | unsigned long i; | |
247 | int e; | |
248 | ||
249 | skipws(pp); | |
250 | if (!isdigit((unsigned char)**pp)) return (-1); | |
251 | e = errno; errno = 0; | |
252 | i = strtoul(*pp, &q, 10); | |
253 | if (errno) return (-1); | |
254 | *pp = q; | |
255 | errno = e; | |
256 | if (i < min || i > max) return (-1); | |
257 | *ii = i; | |
258 | return (0); | |
259 | } | |
260 | ||
261 | static void proxy_line(char *line, size_t sz, void *p) | |
262 | { | |
263 | struct proxy *px = p; | |
264 | char buf[1024]; | |
265 | const char *q = line; | |
266 | unsigned lp, rp; | |
267 | ||
268 | while (sz && isspace((unsigned char)line[sz - 1])) sz--; | |
269 | printf("received proxy line from %s: %s\n", px->nat, line); | |
270 | ||
271 | if (unum(&q, &lp, 1, 65535)) goto syntax; | |
272 | skipws(&q); if (*q != ',') goto syntax; q++; | |
273 | if (unum(&q, &rp, 1, 65535)) goto syntax; | |
274 | skipws(&q); if (*q != ':') goto syntax; q++; | |
275 | if (lp != px->c->q.u.nat.port || rp != px->c->q.s[R].port) goto syntax; | |
276 | if (idtoken(&q, buf, sizeof(buf))) goto syntax; | |
277 | skipws(&q); if (*q != ':') goto syntax; q++; | |
278 | if (strcmp(buf, "ERROR") == 0) { | |
279 | skipws(&q); | |
280 | logmsg(&px->c->q, LOG_ERR, "proxy error from %s: %s", px->nat, q); | |
281 | reply(px->c, "ERROR", q); | |
282 | } else if (strcmp(buf, "USERID") == 0) { | |
283 | if (idtoken(&q, buf, sizeof(buf))) goto syntax; | |
284 | skipws(&q); if (*q != ':') goto syntax; q++; | |
285 | skipws(&q); | |
286 | logmsg(&px->c->q, LOG_ERR, "user `%s'; proxy = %s, os = %s", | |
287 | q, px->nat, buf); | |
288 | write_to_client(px->c, "%u,%u:USERID:%s:%s\r\n", | |
289 | px->c->q.s[L].port, px->c->q.s[R].port, buf, q); | |
290 | } else | |
291 | goto syntax; | |
292 | goto done; | |
293 | ||
294 | syntax: | |
295 | logmsg(&px->c->q, LOG_ERR, "failed to parse response from %s", px->nat); | |
296 | reply_error(px->c, E_UNKNOWN); | |
297 | done: | |
298 | cancel_proxy(px); | |
299 | } | |
300 | ||
301 | static void done_proxy_write(int err, void *p) | |
302 | { | |
303 | struct proxy *px = p; | |
304 | ||
305 | if (err) { | |
306 | logmsg(&px->c->q, LOG_ERR, "failed to proxy query to %s: %s", | |
307 | px->nat, strerror(errno)); | |
308 | reply_error(px->c, E_UNKNOWN); | |
309 | cancel_proxy(px); | |
310 | return; | |
311 | } | |
312 | selbuf_enable(&px->b); | |
313 | } | |
314 | ||
315 | static void proxy_connected(int fd, void *p) | |
316 | { | |
317 | struct proxy *px = p; | |
318 | char buf[16]; | |
319 | int n; | |
320 | ||
321 | if (fd < 0) { | |
322 | logmsg(&px->c->q, LOG_ERR, | |
323 | "failed to make %s proxy connection to %s: %s", | |
bf4d9761 | 324 | px->c->l->ao->name, px->nat, strerror(errno)); |
9da480be MW |
325 | reply_error(px->c, E_UNKNOWN); |
326 | cancel_proxy(px); | |
327 | return; | |
328 | } | |
329 | ||
330 | px->fd = fd; | |
331 | selbuf_init(&px->b, &sel, fd, proxy_line, px); | |
332 | selbuf_setsize(&px->b, 1024); | |
333 | selbuf_disable(&px->b); | |
334 | init_writebuf(&px->wb, fd, done_proxy_write, px); | |
335 | ||
336 | n = sprintf(buf, "%u,%u\r\n", px->c->q.u.nat.port, px->c->q.s[R].port); | |
337 | queue_write(&px->wb, buf, n); | |
338 | } | |
339 | ||
340 | static void proxy_query(struct client *c) | |
341 | { | |
342 | struct socket s; | |
343 | struct sockaddr_storage ss; | |
344 | size_t ssz; | |
345 | struct proxy *px; | |
9da480be MW |
346 | int fd; |
347 | ||
348 | px = xmalloc(sizeof(*px)); | |
bf4d9761 | 349 | inet_ntop(c->q.ao->af, &c->q.u.nat.addr, px->nat, sizeof(px->nat)); |
9da480be | 350 | |
bf4d9761 | 351 | if ((fd = socket(c->q.ao->af, SOCK_STREAM, 0)) < 0) { |
9da480be | 352 | logmsg(&c->q, LOG_ERR, "failed to make %s socket for proxy: %s", |
bf4d9761 | 353 | c->l->ao->name, strerror(errno)); |
9da480be MW |
354 | goto err_0; |
355 | } | |
356 | ||
bf4d9761 | 357 | if (fdflags(fd, O_NONBLOCK, O_NONBLOCK, 0, 0)) { |
9da480be | 358 | logmsg(&c->q, LOG_ERR, "failed to set %s proxy socket nonblocking: %s", |
bf4d9761 | 359 | c->l->ao->name, strerror(errno)); |
9da480be MW |
360 | goto err_1; |
361 | } | |
362 | ||
363 | s = c->q.u.nat; | |
364 | s.port = 113; | |
bf4d9761 | 365 | c->l->ao->socket_to_sockaddr(&s, &ss, &ssz); |
9da480be MW |
366 | selbuf_disable(&c->b); |
367 | if (conn_init(&px->cn, &sel, fd, (struct sockaddr *)&ss, ssz, | |
368 | proxy_connected, px)) { | |
369 | logmsg(&c->q, LOG_ERR, "failed to make %s proxy connection to %s: %s", | |
bf4d9761 | 370 | c->l->ao->name, px->nat, strerror(errno)); |
9da480be MW |
371 | goto err_2; |
372 | } | |
373 | ||
374 | c->px = px; px->c = c; | |
375 | px->fd = -1; | |
376 | return; | |
377 | ||
378 | err_2: | |
379 | selbuf_enable(&c->b); | |
380 | err_1: | |
381 | close(px->fd); | |
382 | err_0: | |
383 | xfree(px); | |
384 | reply_error(c, E_UNKNOWN); | |
385 | } | |
386 | ||
387 | static const struct policy default_policy = POLICY_INIT(A_NAME); | |
388 | ||
389 | static void user_token(char *p) | |
390 | { | |
391 | static const char tokmap[64] = | |
392 | "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789.-"; | |
393 | unsigned a = 0; | |
394 | unsigned b = 0; | |
395 | int i; | |
396 | #define TOKENSZ 8 | |
397 | ||
398 | if (tokenptr + TOKENSZ >= sizeof(tokenbuf)) { | |
399 | if (read(randfd, tokenbuf, sizeof(tokenbuf)) < sizeof(tokenbuf)) | |
400 | die(1, "unexpected short read or error from `/dev/urandom'"); | |
401 | tokenptr = 0; | |
402 | } | |
403 | ||
404 | for (i = 0; i < TOKENSZ; i++) { | |
405 | a = (a << 8) | tokenbuf[tokenptr++]; b += 8; | |
406 | while (b >= 6) { | |
407 | b -= 6; | |
408 | *p++ = tokmap[(a >> b) & 0x3f]; | |
409 | } | |
410 | } | |
411 | if (b) | |
412 | *p++ = tokmap[(a << (6 - b)) & 0x3f]; | |
413 | *p++ = 0; | |
414 | } | |
415 | ||
416 | static void client_line(char *line, size_t len, void *p) | |
417 | { | |
418 | struct client *c = p; | |
419 | const char *q; | |
420 | struct passwd *pw = 0; | |
421 | const struct policy *pol; | |
422 | dstr d = DSTR_INIT; | |
423 | struct policy upol = POLICY_INIT(A_LIMIT); | |
424 | struct policy_file pf; | |
425 | char buf[16]; | |
426 | int i; | |
427 | ||
428 | c->q.s[L].port = c->q.s[R].port = 0; | |
429 | if (!line) { | |
430 | disconnect_client(c); | |
431 | return; | |
432 | } | |
433 | ||
434 | if (fwatch_update(&polfw, "yaid.policy")) { | |
435 | logmsg(0, LOG_INFO, "reload master policy file `%s'", "yaid.policy"); | |
436 | load_policy_file("yaid.policy", &policy); | |
437 | } | |
438 | ||
439 | q = line; | |
440 | if (unum(&q, &c->q.s[L].port, 1, 65535)) goto bad; | |
441 | skipws(&q); if (*q != ',') goto bad; q++; | |
442 | if (unum(&q, &c->q.s[R].port, 1, 65535)) goto bad; | |
443 | skipws(&q); if (*q) goto bad; | |
444 | ||
445 | identify(&c->q); | |
446 | switch (c->q.resp) { | |
447 | case R_UID: | |
448 | if ((pw = getpwuid(c->q.u.uid)) == 0) { | |
449 | logmsg(&c->q, LOG_ERR, "no passwd entry for user %d", c->q.u.uid); | |
450 | reply_error(c, E_NOUSER); | |
451 | return; | |
452 | } | |
453 | break; | |
454 | case R_NAT: | |
455 | proxy_query(c); | |
456 | return; | |
457 | case R_ERROR: | |
458 | /* Should already be logged. */ | |
459 | reply_error(c, c->q.u.error); | |
460 | return; | |
461 | default: | |
462 | abort(); | |
463 | } | |
464 | ||
465 | for (i = 0; i < DA_LEN(&policy); i++) { | |
466 | pol = &DA(&policy)[i]; | |
467 | if (!match_policy(pol, &c->q)) continue; | |
468 | if (pol->act.act != A_USER) | |
469 | goto match; | |
470 | DRESET(&d); | |
471 | dstr_putf(&d, "%s/.yaid.policy", pw->pw_dir); | |
472 | if (open_policy_file(&pf, d.buf, "user policy file", &c->q)) | |
473 | continue; | |
474 | while (!read_policy_file(&pf)) { | |
475 | if (pf.lno > 100) { | |
476 | logmsg(&c->q, LOG_ERR, "%s:%d: user policy file too long", | |
477 | pf.name, pf.lno); | |
478 | break; | |
479 | } | |
480 | if (!match_policy(&pf.p, &c->q)) continue; | |
481 | if (!(pol->act.u.user & (1 << pf.p.act.act))) { | |
482 | logmsg(&c->q, LOG_ERR, | |
483 | "%s:%d: user action forbidden by global policy", | |
484 | pf.name, pf.lno); | |
485 | continue; | |
486 | } | |
487 | upol = pf.p; pol = &upol; | |
488 | init_policy(&pf.p); | |
489 | close_policy_file(&pf); | |
490 | goto match; | |
491 | } | |
492 | close_policy_file(&pf); | |
493 | } | |
494 | pol = &default_policy; | |
495 | ||
496 | match: | |
497 | DDESTROY(&d); | |
498 | switch (pol->act.act) { | |
499 | case A_NAME: | |
500 | logmsg(&c->q, LOG_INFO, "user `%s' (%d)", pw->pw_name, c->q.u.uid); | |
501 | reply(c, "USERID:UNIX", pw->pw_name); | |
502 | break; | |
503 | case A_TOKEN: | |
504 | user_token(buf); | |
505 | logmsg(&c->q, LOG_INFO, "user `%s' (%d); token = %s", | |
506 | pw->pw_name, c->q.u.uid, buf); | |
507 | reply(c, "USERID:OTHER", buf); | |
508 | break; | |
509 | case A_DENY: | |
510 | logmsg(&c->q, LOG_INFO, "user `%s' (%d); denying", | |
511 | pw->pw_name, c->q.u.uid); | |
512 | break; | |
513 | case A_HIDE: | |
514 | logmsg(&c->q, LOG_INFO, "user `%s' (%d); hiding", | |
515 | pw->pw_name, c->q.u.uid); | |
516 | reply_error(c, E_HIDDEN); | |
517 | break; | |
518 | case A_LIE: | |
519 | logmsg(&c->q, LOG_INFO, "user `%s' (%d); lie = `%s'", | |
520 | pw->pw_name, c->q.u.uid, pol->act.u.lie); | |
521 | reply(c, "USERID:UNIX", pol->act.u.lie); | |
522 | break; | |
523 | default: | |
524 | abort(); | |
525 | } | |
526 | ||
527 | free_policy(&upol); | |
528 | return; | |
529 | ||
530 | bad: | |
531 | logmsg(&c->q, LOG_ERR, "failed to parse query from client"); | |
532 | disconnect_client(c); | |
533 | } | |
534 | ||
535 | static void accept_client(int fd, unsigned mode, void *p) | |
536 | { | |
537 | struct listen *l = p; | |
538 | struct client *c; | |
539 | struct sockaddr_storage ssr, ssl; | |
540 | size_t ssz = sizeof(ssr); | |
541 | int sk; | |
542 | ||
543 | if ((sk = accept(fd, (struct sockaddr *)&ssr, &ssz)) < 0) { | |
544 | if (errno != EAGAIN && errno == EWOULDBLOCK) { | |
545 | logmsg(0, LOG_ERR, "failed to accept incoming %s connection: %s", | |
bf4d9761 | 546 | l->ao->name, strerror(errno)); |
9da480be MW |
547 | } |
548 | return; | |
549 | } | |
550 | ||
551 | c = xmalloc(sizeof(*c)); | |
552 | c->l = l; | |
bf4d9761 MW |
553 | c->q.ao = l->ao; |
554 | l->ao->sockaddr_to_addr(&ssr, &c->q.s[R].addr); | |
9da480be MW |
555 | ssz = sizeof(ssl); |
556 | if (getsockname(sk, (struct sockaddr *)&ssl, &ssz)) { | |
557 | logmsg(0, LOG_ERR, | |
558 | "failed to read local address for incoming %s connection: %s", | |
bf4d9761 | 559 | l->ao->name, strerror(errno)); |
9da480be MW |
560 | close(sk); |
561 | xfree(c); | |
562 | return; | |
563 | } | |
bf4d9761 | 564 | l->ao->sockaddr_to_addr(&ssl, &c->q.s[L].addr); |
9da480be MW |
565 | c->q.s[L].port = c->q.s[R].port = 0; |
566 | ||
bf4d9761 | 567 | /* logmsg(&c->q, LOG_INFO, "accepted %s connection", l->ao->name); */ |
9da480be MW |
568 | |
569 | selbuf_init(&c->b, &sel, sk, client_line, c); | |
570 | selbuf_setsize(&c->b, 1024); | |
571 | c->fd = sk; | |
572 | c->px = 0; | |
573 | init_writebuf(&c->wb, sk, done_client_write, c); | |
574 | } | |
575 | ||
bf4d9761 | 576 | static int make_listening_socket(const struct addrops *ao, int port) |
9da480be MW |
577 | { |
578 | int fd; | |
bf4d9761 MW |
579 | int yes = 1; |
580 | struct socket s; | |
9da480be MW |
581 | struct sockaddr_storage ss; |
582 | struct listen *l; | |
583 | size_t ssz; | |
584 | ||
bf4d9761 | 585 | if ((fd = socket(ao->af, SOCK_STREAM, 0)) < 0) { |
a20696ca | 586 | if (errno == EAFNOSUPPORT) return (-1); |
9da480be | 587 | die(1, "failed to create %s listening socket: %s", |
bf4d9761 | 588 | ao->name, strerror(errno)); |
9da480be | 589 | } |
bf4d9761 MW |
590 | setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, &yes, sizeof(yes)); |
591 | s.addr = *ao->any; | |
592 | s.port = port; | |
593 | ao->socket_to_sockaddr(&s, &ss, &ssz); | |
594 | if (ao->init_listen_socket(fd)) { | |
595 | die(1, "failed to initialize %s listening socket: %s", | |
596 | ao->name, strerror(errno)); | |
597 | } | |
598 | if (bind(fd, (struct sockaddr *)&ss, ssz)) { | |
599 | die(1, "failed to bind %s listening socket: %s", | |
600 | ao->name, strerror(errno)); | |
9da480be | 601 | } |
bf4d9761 | 602 | if (fdflags(fd, O_NONBLOCK, O_NONBLOCK, 0, 0)) { |
9da480be | 603 | die(1, "failed to set %s listening socket nonblocking: %s", |
bf4d9761 | 604 | ao->name, strerror(errno)); |
9da480be MW |
605 | } |
606 | if (listen(fd, 5)) | |
bf4d9761 | 607 | die(1, "failed to listen for %s: %s", ao->name, strerror(errno)); |
9da480be MW |
608 | |
609 | l = xmalloc(sizeof(*l)); | |
bf4d9761 | 610 | l->ao = ao; |
9da480be MW |
611 | sel_initfile(&sel, &l->f, fd, SEL_READ, accept_client, l); |
612 | sel_addfile(&l->f); | |
613 | ||
a20696ca | 614 | return (0); |
9da480be MW |
615 | } |
616 | ||
617 | int main(int argc, char *argv[]) | |
618 | { | |
619 | int port = 113; | |
bf4d9761 MW |
620 | const struct addrops *ao; |
621 | int any = 0; | |
9da480be MW |
622 | |
623 | ego(argv[0]); | |
624 | ||
625 | fwatch_init(&polfw, "yaid.policy"); | |
626 | if (load_policy_file("yaid.policy", &policy)) | |
627 | exit(1); | |
628 | { int i; | |
629 | for (i = 0; i < DA_LEN(&policy); i++) | |
630 | print_policy(&DA(&policy)[i]); | |
631 | } | |
632 | ||
633 | if ((randfd = open("/dev/urandom", O_RDONLY)) < 0) { | |
634 | die(1, "failed to open `/dev/urandom' for reading: %s", | |
635 | strerror(errno)); | |
636 | } | |
637 | ||
9da480be | 638 | sel_init(&sel); |
bf4d9761 MW |
639 | for (ao = addroptab; ao->name; ao++) |
640 | if (!make_listening_socket(ao, port)) any = 1; | |
641 | if (!any) | |
a20696ca | 642 | die(1, "no IP protocols supported"); |
9da480be MW |
643 | |
644 | for (;;) | |
645 | if (sel_select(&sel)) die(1, "select failed: %s", strerror(errno)); | |
646 | ||
647 | return (0); | |
648 | } | |
649 | ||
650 | /*----- That's all, folks -------------------------------------------------*/ |