xfree(c);
}
+static int fix_up_socket(int fd, const char *what)
+{
+ int yes = 1;
+
+ if (fdflags(fd, O_NONBLOCK, O_NONBLOCK, 0, 0)) {
+ logmsg(0, LOG_ERR, "failed to set %s connection nonblocking: %s",
+ what, strerror(errno));
+ return (-1);
+ }
+
+ if (setsockopt(fd, SOL_SOCKET, SO_OOBINLINE, &yes, sizeof(yes))) {
+ logmsg(0, LOG_ERR,
+ "failed to disable `out-of-band' data on %s connection: %s",
+ what, strerror(errno));
+ return (-1);
+ }
+
+ return (0);
+}
+
static void done_client_write(int err, void *p)
{
struct client *c = p;
}
}
-static void reply(struct client *c, const char *ty, const char *msg)
+static void reply(struct client *c, const char *ty,
+ const char *tok0, const char *tok1)
{
- write_to_client(c, "%u,%u:%s:%s\r\n",
- c->q.s[L].port, c->q.s[R].port, ty, msg);
+ write_to_client(c, "%u,%u:%s:%s%s%s\r\n",
+ c->q.s[L].port, c->q.s[R].port, ty,
+ tok0, tok1 ? ":" : "", tok1 ? tok1 : "");
}
const char *const errtok[] = {
static void reply_error(struct client *c, unsigned err)
{
assert(err < E_LIMIT);
- reply(c, "ERROR", errtok[err]);
+ reply(c, "ERROR", errtok[err], 0);
}
static void skipws(const char **pp)
if (strcmp(buf, "ERROR") == 0) {
skipws(&q);
logmsg(&px->c->q, LOG_ERR, "proxy error from %s: %s", px->nat, q);
- reply(px->c, "ERROR", q);
+ reply(px->c, "ERROR", q, 0);
} else if (strcmp(buf, "USERID") == 0) {
if (idtoken(&q, buf, sizeof(buf))) goto syntax;
skipws(&q); if (*q != ':') goto syntax; q++;
skipws(&q);
logmsg(&px->c->q, LOG_ERR, "user `%s'; proxy = %s, os = %s",
q, px->nat, buf);
- write_to_client(px->c, "%u,%u:USERID:%s:%s\r\n",
- px->c->q.s[L].port, px->c->q.s[R].port, buf, q);
+ reply(px->c, "USERID", buf, q);
} else
goto syntax;
goto done;
c->l->ao->name, strerror(errno));
goto err_0;
}
-
- if (fdflags(fd, O_NONBLOCK, O_NONBLOCK, 0, 0)) {
- logmsg(&c->q, LOG_ERR, "failed to set %s proxy socket nonblocking: %s",
- c->l->ao->name, strerror(errno));
- goto err_1;
- }
+ if (fix_up_socket(fd, "proxy")) goto err_1;
s = c->q.u.nat;
s.port = 113;
c->l->ao->socket_to_sockaddr(&s, &ss, &ssz);
selbuf_disable(&c->b);
+ c->px = px; px->c = c;
+ px->fd = -1;
if (conn_init(&px->cn, &sel, fd, (struct sockaddr *)&ss, ssz,
proxy_connected, px)) {
logmsg(&c->q, LOG_ERR, "failed to make %s proxy connection to %s: %s",
goto err_2;
}
- c->px = px; px->c = c;
- px->fd = -1;
return;
err_2:
switch (pol->act.act) {
case A_NAME:
logmsg(&c->q, LOG_INFO, "user `%s' (%d)", pw->pw_name, c->q.u.uid);
- reply(c, "USERID:UNIX", pw->pw_name);
+ reply(c, "USERID", "UNIX", pw->pw_name);
break;
case A_TOKEN:
user_token(buf);
logmsg(&c->q, LOG_INFO, "user `%s' (%d); token = %s",
pw->pw_name, c->q.u.uid, buf);
- reply(c, "USERID:OTHER", buf);
+ reply(c, "USERID", "OTHER", buf);
break;
case A_DENY:
logmsg(&c->q, LOG_INFO, "user `%s' (%d); denying",
case A_LIE:
logmsg(&c->q, LOG_INFO, "user `%s' (%d); lie = `%s'",
pw->pw_name, c->q.u.uid, pol->act.u.lie);
- reply(c, "USERID:UNIX", pol->act.u.lie);
+ reply(c, "USERID", "UNIX", pol->act.u.lie);
break;
default:
abort();
}
return;
}
+ if (fix_up_socket(sk, "incoming client")) { close(sk); return; }
c = xmalloc(sizeof(*c));
c->l = l;
ego(argv[0]);
fwatch_init(&polfw, "yaid.policy");
+ init_sys();
if (load_policy_file("yaid.policy", &policy))
exit(1);
{ int i;
~mdw / yaid / blobdiff