summaryrefslogtreecommitdiff
path: root/networking/inetd.c (plain)
blob: d03a305a97a97d6e245eb7ad6492fb4f20eb7087
1/* vi: set sw=4 ts=4: */
2/* $Slackware: inetd.c 1.79s 2001/02/06 13:18:00 volkerdi Exp $ */
3/* $OpenBSD: inetd.c,v 1.79 2001/01/30 08:30:57 deraadt Exp $ */
4/* $NetBSD: inetd.c,v 1.11 1996/02/22 11:14:41 mycroft Exp $ */
5/* Busybox port by Vladimir Oleynik (C) 2001-2005 <dzo@simtreas.ru> */
6/* IPv6 support, many bug fixes by Denys Vlasenko (c) 2008 */
7/*
8 * Copyright (c) 1983,1991 The Regents of the University of California.
9 * All rights reserved.
10 *
11 * Redistribution and use in source and binary forms, with or without
12 * modification, are permitted provided that the following conditions
13 * are met:
14 * 1. Redistributions of source code must retain the above copyright
15 * notice, this list of conditions and the following disclaimer.
16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in the
18 * documentation and/or other materials provided with the distribution.
19 * 3. All advertising materials mentioning features or use of this software
20 * must display the following acknowledgement:
21 * This product includes software developed by the University of
22 * California, Berkeley and its contributors.
23 * 4. Neither the name of the University nor the names of its contributors
24 * may be used to endorse or promote products derived from this software
25 * without specific prior written permission.
26 *
27 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS "AS IS" AND
28 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
29 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
30 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
31 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
32 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
33 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
34 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
35 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
36 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
37 * SUCH DAMAGE.
38 */
39
40/* Inetd - Internet super-server
41 *
42 * This program invokes configured services when a connection
43 * from a peer is established or a datagram arrives.
44 * Connection-oriented services are invoked each time a
45 * connection is made, by creating a process. This process
46 * is passed the connection as file descriptor 0 and is
47 * expected to do a getpeername to find out peer's host
48 * and port.
49 * Datagram oriented services are invoked when a datagram
50 * arrives; a process is created and passed a pending message
51 * on file descriptor 0. peer's address can be obtained
52 * using recvfrom.
53 *
54 * Inetd uses a configuration file which is read at startup
55 * and, possibly, at some later time in response to a hangup signal.
56 * The configuration file is "free format" with fields given in the
57 * order shown below. Continuation lines for an entry must begin with
58 * a space or tab. All fields must be present in each entry.
59 *
60 * service_name must be in /etc/services
61 * socket_type stream/dgram/raw/rdm/seqpacket
62 * protocol must be in /etc/protocols
63 * (usually "tcp" or "udp")
64 * wait/nowait[.max] single-threaded/multi-threaded, max #
65 * user[.group] or user[:group] user/group to run daemon as
66 * server_program full path name
67 * server_program_arguments maximum of MAXARGS (20)
68 *
69 * For RPC services
70 * service_name/version must be in /etc/rpc
71 * socket_type stream/dgram/raw/rdm/seqpacket
72 * rpc/protocol "rpc/tcp" etc
73 * wait/nowait[.max] single-threaded/multi-threaded
74 * user[.group] or user[:group] user to run daemon as
75 * server_program full path name
76 * server_program_arguments maximum of MAXARGS (20)
77 *
78 * For non-RPC services, the "service name" can be of the form
79 * hostaddress:servicename, in which case the hostaddress is used
80 * as the host portion of the address to listen on. If hostaddress
81 * consists of a single '*' character, INADDR_ANY is used.
82 *
83 * A line can also consist of just
84 * hostaddress:
85 * where hostaddress is as in the preceding paragraph. Such a line must
86 * have no further fields; the specified hostaddress is remembered and
87 * used for all further lines that have no hostaddress specified,
88 * until the next such line (or EOF). (This is why * is provided to
89 * allow explicit specification of INADDR_ANY.) A line
90 * *:
91 * is implicitly in effect at the beginning of the file.
92 *
93 * The hostaddress specifier may (and often will) contain dots;
94 * the service name must not.
95 *
96 * For RPC services, host-address specifiers are accepted and will
97 * work to some extent; however, because of limitations in the
98 * portmapper interface, it will not work to try to give more than
99 * one line for any given RPC service, even if the host-address
100 * specifiers are different.
101 *
102 * Comment lines are indicated by a '#' in column 1.
103 */
104
105/* inetd rules for passing file descriptors to children
106 * (http://www.freebsd.org/cgi/man.cgi?query=inetd):
107 *
108 * The wait/nowait entry specifies whether the server that is invoked by
109 * inetd will take over the socket associated with the service access point,
110 * and thus whether inetd should wait for the server to exit before listen-
111 * ing for new service requests. Datagram servers must use "wait", as
112 * they are always invoked with the original datagram socket bound to the
113 * specified service address. These servers must read at least one datagram
114 * from the socket before exiting. If a datagram server connects to its
115 * peer, freeing the socket so inetd can receive further messages on the
116 * socket, it is said to be a "multi-threaded" server; it should read one
117 * datagram from the socket and create a new socket connected to the peer.
118 * It should fork, and the parent should then exit to allow inetd to check
119 * for new service requests to spawn new servers. Datagram servers which
120 * process all incoming datagrams on a socket and eventually time out are
121 * said to be "single-threaded". The comsat(8), biff(1) and talkd(8)
122 * utilities are both examples of the latter type of datagram server. The
123 * tftpd(8) utility is an example of a multi-threaded datagram server.
124 *
125 * Servers using stream sockets generally are multi-threaded and use the
126 * "nowait" entry. Connection requests for these services are accepted by
127 * inetd, and the server is given only the newly-accepted socket connected
128 * to a client of the service. Most stream-based services operate in this
129 * manner. Stream-based servers that use "wait" are started with the lis-
130 * tening service socket, and must accept at least one connection request
131 * before exiting. Such a server would normally accept and process incoming
132 * connection requests until a timeout.
133 */
134
135/* Despite of above doc saying that dgram services must use "wait",
136 * "udp nowait" servers are implemented in busyboxed inetd.
137 * IPv6 addresses are also implemented. However, they may look ugly -
138 * ":::service..." means "address '::' (IPv6 wildcard addr)":"service"...
139 * You have to put "tcp6"/"udp6" in protocol field to select IPv6.
140 */
141
142/* Here's the scoop concerning the user[:group] feature:
143 * 1) group is not specified:
144 * a) user = root: NO setuid() or setgid() is done
145 * b) other: initgroups(name, primary group)
146 * setgid(primary group as found in passwd)
147 * setuid()
148 * 2) group is specified:
149 * a) user = root: setgid(specified group)
150 * NO initgroups()
151 * NO setuid()
152 * b) other: initgroups(name, specified group)
153 * setgid(specified group)
154 * setuid()
155 */
156//config:config INETD
157//config: bool "inetd"
158//config: default y
159//config: select FEATURE_SYSLOG
160//config: help
161//config: Internet superserver daemon
162//config:
163//config:config FEATURE_INETD_SUPPORT_BUILTIN_ECHO
164//config: bool "Support echo service"
165//config: default y
166//config: depends on INETD
167//config: help
168//config: Echo received data internal inetd service
169//config:
170//config:config FEATURE_INETD_SUPPORT_BUILTIN_DISCARD
171//config: bool "Support discard service"
172//config: default y
173//config: depends on INETD
174//config: help
175//config: Internet /dev/null internal inetd service
176//config:
177//config:config FEATURE_INETD_SUPPORT_BUILTIN_TIME
178//config: bool "Support time service"
179//config: default y
180//config: depends on INETD
181//config: help
182//config: Return 32 bit time since 1900 internal inetd service
183//config:
184//config:config FEATURE_INETD_SUPPORT_BUILTIN_DAYTIME
185//config: bool "Support daytime service"
186//config: default y
187//config: depends on INETD
188//config: help
189//config: Return human-readable time internal inetd service
190//config:
191//config:config FEATURE_INETD_SUPPORT_BUILTIN_CHARGEN
192//config: bool "Support chargen service"
193//config: default y
194//config: depends on INETD
195//config: help
196//config: Familiar character generator internal inetd service
197//config:
198//config:config FEATURE_INETD_RPC
199//config: bool "Support RPC services"
200//config: default n # very rarely used, and needs Sun RPC support in libc
201//config: depends on INETD
202//config: select FEATURE_HAVE_RPC
203//config: help
204//config: Support Sun-RPC based services
205
206//applet:IF_INETD(APPLET(inetd, BB_DIR_USR_SBIN, BB_SUID_DROP))
207
208//kbuild:lib-$(CONFIG_INETD) += inetd.o
209
210//usage:#define inetd_trivial_usage
211//usage: "[-fe] [-q N] [-R N] [CONFFILE]"
212//usage:#define inetd_full_usage "\n\n"
213//usage: "Listen for network connections and launch programs\n"
214//usage: "\n -f Run in foreground"
215//usage: "\n -e Log to stderr"
216//usage: "\n -q N Socket listen queue (default: 128)"
217//usage: "\n -R N Pause services after N connects/min"
218//usage: "\n (default: 0 - disabled)"
219
220#include <syslog.h>
221#include <sys/resource.h> /* setrlimit */
222#include <sys/socket.h> /* un.h may need this */
223#include <sys/un.h>
224
225#include "libbb.h"
226#include "common_bufsiz.h"
227
228#if ENABLE_FEATURE_INETD_RPC
229# if defined(__UCLIBC__) && ! defined(__UCLIBC_HAS_RPC__)
230# error "You need to build uClibc with UCLIBC_HAS_RPC for NFS support"
231# endif
232# include <rpc/rpc.h>
233# include <rpc/pmap_clnt.h>
234#endif
235
236#if !BB_MMU
237/* stream version of chargen is forking but not execing,
238 * can't do that (easily) on NOMMU */
239#undef ENABLE_FEATURE_INETD_SUPPORT_BUILTIN_CHARGEN
240#define ENABLE_FEATURE_INETD_SUPPORT_BUILTIN_CHARGEN 0
241#endif
242
243#define CNT_INTERVAL 60 /* servers in CNT_INTERVAL sec. */
244#define RETRYTIME 60 /* retry after bind or server fail */
245
246// TODO: explain, or get rid of setrlimit games
247
248#ifndef RLIMIT_NOFILE
249#define RLIMIT_NOFILE RLIMIT_OFILE
250#endif
251
252#ifndef OPEN_MAX
253#define OPEN_MAX 64
254#endif
255
256/* Reserve some descriptors, 3 stdio + at least: 1 log, 1 conf. file */
257#define FD_MARGIN 8
258
259#if ENABLE_FEATURE_INETD_SUPPORT_BUILTIN_DISCARD \
260 || ENABLE_FEATURE_INETD_SUPPORT_BUILTIN_ECHO \
261 || ENABLE_FEATURE_INETD_SUPPORT_BUILTIN_CHARGEN \
262 || ENABLE_FEATURE_INETD_SUPPORT_BUILTIN_TIME \
263 || ENABLE_FEATURE_INETD_SUPPORT_BUILTIN_DAYTIME
264# define INETD_BUILTINS_ENABLED
265#endif
266
267typedef struct servtab_t {
268 /* The most frequently referenced one: */
269 int se_fd; /* open descriptor */
270 /* NB: 'biggest fields last' saves on code size (~250 bytes) */
271 /* [addr:]service socktype proto wait user[:group] prog [args] */
272 char *se_local_hostname; /* addr to listen on */
273 char *se_service; /* "80" or "www" or "mount/2[-3]" */
274 /* socktype is in se_socktype */ /* "stream" "dgram" "raw" "rdm" "seqpacket" */
275 char *se_proto; /* "unix" or "[rpc/]tcp[6]" */
276#if ENABLE_FEATURE_INETD_RPC
277 int se_rpcprog; /* rpc program number */
278 int se_rpcver_lo; /* rpc program lowest version */
279 int se_rpcver_hi; /* rpc program highest version */
280#define is_rpc_service(sep) ((sep)->se_rpcver_lo != 0)
281#else
282#define is_rpc_service(sep) 0
283#endif
284 pid_t se_wait; /* 0:"nowait", 1:"wait", >1:"wait" */
285 /* and waiting for this pid */
286 socktype_t se_socktype; /* SOCK_STREAM/DGRAM/RDM/... */
287 family_t se_family; /* AF_UNIX/INET[6] */
288 /* se_proto_no is used by RPC code only... hmm */
289 smallint se_proto_no; /* IPPROTO_TCP/UDP, n/a for AF_UNIX */
290 smallint se_checked; /* looked at during merge */
291 unsigned se_max; /* allowed instances per minute */
292 unsigned se_count; /* number started since se_time */
293 unsigned se_time; /* when we started counting */
294 char *se_user; /* user name to run as */
295 char *se_group; /* group name to run as, can be NULL */
296#ifdef INETD_BUILTINS_ENABLED
297 const struct builtin *se_builtin; /* if built-in, description */
298#endif
299 struct servtab_t *se_next;
300 len_and_sockaddr *se_lsa;
301 char *se_program; /* server program */
302#define MAXARGV 20
303 char *se_argv[MAXARGV + 1]; /* program arguments */
304} servtab_t;
305
306#ifdef INETD_BUILTINS_ENABLED
307/* Echo received data */
308#if ENABLE_FEATURE_INETD_SUPPORT_BUILTIN_ECHO
309static void FAST_FUNC echo_stream(int, servtab_t *);
310static void FAST_FUNC echo_dg(int, servtab_t *);
311#endif
312/* Internet /dev/null */
313#if ENABLE_FEATURE_INETD_SUPPORT_BUILTIN_DISCARD
314static void FAST_FUNC discard_stream(int, servtab_t *);
315static void FAST_FUNC discard_dg(int, servtab_t *);
316#endif
317/* Return 32 bit time since 1900 */
318#if ENABLE_FEATURE_INETD_SUPPORT_BUILTIN_TIME
319static void FAST_FUNC machtime_stream(int, servtab_t *);
320static void FAST_FUNC machtime_dg(int, servtab_t *);
321#endif
322/* Return human-readable time */
323#if ENABLE_FEATURE_INETD_SUPPORT_BUILTIN_DAYTIME
324static void FAST_FUNC daytime_stream(int, servtab_t *);
325static void FAST_FUNC daytime_dg(int, servtab_t *);
326#endif
327/* Familiar character generator */
328#if ENABLE_FEATURE_INETD_SUPPORT_BUILTIN_CHARGEN
329static void FAST_FUNC chargen_stream(int, servtab_t *);
330static void FAST_FUNC chargen_dg(int, servtab_t *);
331#endif
332
333struct builtin {
334 /* NB: not necessarily NUL terminated */
335 char bi_service7[7]; /* internally provided service name */
336 uint8_t bi_fork; /* 1 if stream fn should run in child */
337 void (*bi_stream_fn)(int, servtab_t *) FAST_FUNC;
338 void (*bi_dgram_fn)(int, servtab_t *) FAST_FUNC;
339};
340
341static const struct builtin builtins[] = {
342#if ENABLE_FEATURE_INETD_SUPPORT_BUILTIN_ECHO
343 { "echo", 1, echo_stream, echo_dg },
344#endif
345#if ENABLE_FEATURE_INETD_SUPPORT_BUILTIN_DISCARD
346 { "discard", 1, discard_stream, discard_dg },
347#endif
348#if ENABLE_FEATURE_INETD_SUPPORT_BUILTIN_CHARGEN
349 { "chargen", 1, chargen_stream, chargen_dg },
350#endif
351#if ENABLE_FEATURE_INETD_SUPPORT_BUILTIN_TIME
352 { "time", 0, machtime_stream, machtime_dg },
353#endif
354#if ENABLE_FEATURE_INETD_SUPPORT_BUILTIN_DAYTIME
355 { "daytime", 0, daytime_stream, daytime_dg },
356#endif
357};
358#endif /* INETD_BUILTINS_ENABLED */
359
360struct globals {
361 rlim_t rlim_ofile_cur;
362 struct rlimit rlim_ofile;
363 servtab_t *serv_list;
364 int global_queuelen;
365 int maxsock; /* max fd# in allsock, -1: unknown */
366 /* whenever maxsock grows, prev_maxsock is set to new maxsock,
367 * but if maxsock is set to -1, prev_maxsock is not changed */
368 int prev_maxsock;
369 unsigned max_concurrency;
370 smallint alarm_armed;
371 uid_t real_uid; /* user ID who ran us */
372 const char *config_filename;
373 parser_t *parser;
374 char *default_local_hostname;
375#if ENABLE_FEATURE_INETD_SUPPORT_BUILTIN_CHARGEN
376 char *end_ring;
377 char *ring_pos;
378 char ring[128];
379#endif
380 fd_set allsock;
381 /* Used in next_line(), and as scratch read buffer */
382 char line[256]; /* _at least_ 256, see LINE_SIZE */
383} FIX_ALIASING;
384#define G (*(struct globals*)bb_common_bufsiz1)
385enum { LINE_SIZE = COMMON_BUFSIZE - offsetof(struct globals, line) };
386#define rlim_ofile_cur (G.rlim_ofile_cur )
387#define rlim_ofile (G.rlim_ofile )
388#define serv_list (G.serv_list )
389#define global_queuelen (G.global_queuelen)
390#define maxsock (G.maxsock )
391#define prev_maxsock (G.prev_maxsock )
392#define max_concurrency (G.max_concurrency)
393#define alarm_armed (G.alarm_armed )
394#define real_uid (G.real_uid )
395#define config_filename (G.config_filename)
396#define parser (G.parser )
397#define default_local_hostname (G.default_local_hostname)
398#define first_ps_byte (G.first_ps_byte )
399#define last_ps_byte (G.last_ps_byte )
400#define end_ring (G.end_ring )
401#define ring_pos (G.ring_pos )
402#define ring (G.ring )
403#define allsock (G.allsock )
404#define line (G.line )
405#define INIT_G() do { \
406 setup_common_bufsiz(); \
407 BUILD_BUG_ON(sizeof(G) > COMMON_BUFSIZE); \
408 rlim_ofile_cur = OPEN_MAX; \
409 global_queuelen = 128; \
410 config_filename = "/etc/inetd.conf"; \
411} while (0)
412
413#if 1
414# define dbg(...) ((void)0)
415#else
416# define dbg(...) \
417do { \
418 int dbg_fd = open("inetd_debug.log", O_WRONLY | O_CREAT | O_APPEND, 0666); \
419 if (dbg_fd >= 0) { \
420 fdprintf(dbg_fd, "%d: ", getpid()); \
421 fdprintf(dbg_fd, __VA_ARGS__); \
422 close(dbg_fd); \
423 } \
424} while (0)
425#endif
426
427static void maybe_close(int fd)
428{
429 if (fd >= 0) {
430 close(fd);
431 dbg("closed fd:%d\n", fd);
432 }
433}
434
435// TODO: move to libbb?
436static len_and_sockaddr *xzalloc_lsa(int family)
437{
438 len_and_sockaddr *lsa;
439 int sz;
440
441 sz = sizeof(struct sockaddr_in);
442 if (family == AF_UNIX)
443 sz = sizeof(struct sockaddr_un);
444#if ENABLE_FEATURE_IPV6
445 if (family == AF_INET6)
446 sz = sizeof(struct sockaddr_in6);
447#endif
448 lsa = xzalloc(LSA_LEN_SIZE + sz);
449 lsa->len = sz;
450 lsa->u.sa.sa_family = family;
451 return lsa;
452}
453
454static void rearm_alarm(void)
455{
456 if (!alarm_armed) {
457 alarm_armed = 1;
458 alarm(RETRYTIME);
459 }
460}
461
462static void block_CHLD_HUP_ALRM(sigset_t *m)
463{
464 sigemptyset(m);
465 sigaddset(m, SIGCHLD);
466 sigaddset(m, SIGHUP);
467 sigaddset(m, SIGALRM);
468 sigprocmask(SIG_BLOCK, m, m); /* old sigmask is stored in m */
469}
470
471static void restore_sigmask(sigset_t *m)
472{
473 sigprocmask(SIG_SETMASK, m, NULL);
474}
475
476#if ENABLE_FEATURE_INETD_RPC
477static void register_rpc(servtab_t *sep)
478{
479 int n;
480 struct sockaddr_in ir_sin;
481 socklen_t size;
482
483 size = sizeof(ir_sin);
484 if (getsockname(sep->se_fd, (struct sockaddr *) &ir_sin, &size) < 0) {
485 bb_perror_msg("getsockname");
486 return;
487 }
488
489 for (n = sep->se_rpcver_lo; n <= sep->se_rpcver_hi; n++) {
490 pmap_unset(sep->se_rpcprog, n);
491 if (!pmap_set(sep->se_rpcprog, n, sep->se_proto_no, ntohs(ir_sin.sin_port)))
492 bb_perror_msg("%s %s: pmap_set(%u,%u,%u,%u)",
493 sep->se_service, sep->se_proto,
494 sep->se_rpcprog, n, sep->se_proto_no, ntohs(ir_sin.sin_port));
495 }
496}
497
498static void unregister_rpc(servtab_t *sep)
499{
500 int n;
501
502 for (n = sep->se_rpcver_lo; n <= sep->se_rpcver_hi; n++) {
503 if (!pmap_unset(sep->se_rpcprog, n))
504 bb_perror_msg("pmap_unset(%u,%u)", sep->se_rpcprog, n);
505 }
506}
507#endif /* FEATURE_INETD_RPC */
508
509static void bump_nofile(void)
510{
511 enum { FD_CHUNK = 32 };
512 struct rlimit rl;
513
514 /* Never fails under Linux (except if you pass it bad arguments) */
515 getrlimit(RLIMIT_NOFILE, &rl);
516 rl.rlim_cur = MIN(rl.rlim_max, rl.rlim_cur + FD_CHUNK);
517 rl.rlim_cur = MIN(FD_SETSIZE, rl.rlim_cur + FD_CHUNK);
518 if (rl.rlim_cur <= rlim_ofile_cur) {
519 bb_error_msg("can't extend file limit, max = %d",
520 (int) rl.rlim_cur);
521 return;
522 }
523
524 if (setrlimit(RLIMIT_NOFILE, &rl) < 0) {
525 bb_perror_msg("setrlimit");
526 return;
527 }
528
529 rlim_ofile_cur = rl.rlim_cur;
530}
531
532static void remove_fd_from_set(int fd)
533{
534 if (fd >= 0) {
535 FD_CLR(fd, &allsock);
536 dbg("stopped listening on fd:%d\n", fd);
537 maxsock = -1;
538 dbg("maxsock:%d\n", maxsock);
539 }
540}
541
542static void add_fd_to_set(int fd)
543{
544 if (fd >= 0) {
545 FD_SET(fd, &allsock);
546 dbg("started listening on fd:%d\n", fd);
547 if (maxsock >= 0 && fd > maxsock) {
548 prev_maxsock = maxsock = fd;
549 dbg("maxsock:%d\n", maxsock);
550 if ((rlim_t)fd > rlim_ofile_cur - FD_MARGIN)
551 bump_nofile();
552 }
553 }
554}
555
556static void recalculate_maxsock(void)
557{
558 int fd = 0;
559
560 /* We may have no services, in this case maxsock should still be >= 0
561 * (code elsewhere is not happy with maxsock == -1) */
562 maxsock = 0;
563 while (fd <= prev_maxsock) {
564 if (FD_ISSET(fd, &allsock))
565 maxsock = fd;
566 fd++;
567 }
568 dbg("recalculated maxsock:%d\n", maxsock);
569 prev_maxsock = maxsock;
570 if ((rlim_t)maxsock > rlim_ofile_cur - FD_MARGIN)
571 bump_nofile();
572}
573
574static void prepare_socket_fd(servtab_t *sep)
575{
576 int r, fd;
577
578 fd = socket(sep->se_family, sep->se_socktype, 0);
579 if (fd < 0) {
580 bb_perror_msg("socket");
581 return;
582 }
583 setsockopt_reuseaddr(fd);
584
585#if ENABLE_FEATURE_INETD_RPC
586 if (is_rpc_service(sep)) {
587 struct passwd *pwd;
588
589 /* zero out the port for all RPC services; let bind()
590 * find one. */
591 set_nport(&sep->se_lsa->u.sa, 0);
592
593 /* for RPC services, attempt to use a reserved port
594 * if they are going to be running as root. */
595 if (real_uid == 0 && sep->se_family == AF_INET
596 && (pwd = getpwnam(sep->se_user)) != NULL
597 && pwd->pw_uid == 0
598 ) {
599 r = bindresvport(fd, &sep->se_lsa->u.sin);
600 } else {
601 r = bind(fd, &sep->se_lsa->u.sa, sep->se_lsa->len);
602 }
603 if (r == 0) {
604 int saveerrno = errno;
605 /* update lsa with port# */
606 getsockname(fd, &sep->se_lsa->u.sa, &sep->se_lsa->len);
607 errno = saveerrno;
608 }
609 } else
610#endif
611 {
612 if (sep->se_family == AF_UNIX) {
613 struct sockaddr_un *sun;
614 sun = (struct sockaddr_un*)&(sep->se_lsa->u.sa);
615 unlink(sun->sun_path);
616 }
617 r = bind(fd, &sep->se_lsa->u.sa, sep->se_lsa->len);
618 }
619 if (r < 0) {
620 bb_perror_msg("%s/%s: bind",
621 sep->se_service, sep->se_proto);
622 close(fd);
623 rearm_alarm();
624 return;
625 }
626
627 if (sep->se_socktype == SOCK_STREAM) {
628 listen(fd, global_queuelen);
629 dbg("new sep->se_fd:%d (stream)\n", fd);
630 } else {
631 dbg("new sep->se_fd:%d (!stream)\n", fd);
632 }
633
634 add_fd_to_set(fd);
635 sep->se_fd = fd;
636}
637
638static int reopen_config_file(void)
639{
640 free(default_local_hostname);
641 default_local_hostname = xstrdup("*");
642 if (parser != NULL)
643 config_close(parser);
644 parser = config_open(config_filename);
645 return (parser != NULL);
646}
647
648static void close_config_file(void)
649{
650 if (parser) {
651 config_close(parser);
652 parser = NULL;
653 }
654}
655
656static void free_servtab_strings(servtab_t *cp)
657{
658 int i;
659
660 free(cp->se_local_hostname);
661 free(cp->se_service);
662 free(cp->se_proto);
663 free(cp->se_user);
664 free(cp->se_group);
665 free(cp->se_lsa); /* not a string in fact */
666 free(cp->se_program);
667 for (i = 0; i < MAXARGV; i++)
668 free(cp->se_argv[i]);
669}
670
671static servtab_t *new_servtab(void)
672{
673 servtab_t *newtab = xzalloc(sizeof(servtab_t));
674 newtab->se_fd = -1; /* paranoia */
675 return newtab;
676}
677
678static servtab_t *dup_servtab(servtab_t *sep)
679{
680 servtab_t *newtab;
681 int argc;
682
683 newtab = new_servtab();
684 *newtab = *sep; /* struct copy */
685 /* deep-copying strings */
686 newtab->se_service = xstrdup(newtab->se_service);
687 newtab->se_proto = xstrdup(newtab->se_proto);
688 newtab->se_user = xstrdup(newtab->se_user);
689 newtab->se_group = xstrdup(newtab->se_group);
690 newtab->se_program = xstrdup(newtab->se_program);
691 for (argc = 0; argc <= MAXARGV; argc++)
692 newtab->se_argv[argc] = xstrdup(newtab->se_argv[argc]);
693 /* NB: se_fd, se_hostaddr and se_next are always
694 * overwrittend by callers, so we don't bother resetting them
695 * to NULL/0/-1 etc */
696
697 return newtab;
698}
699
700/* gcc generates much more code if this is inlined */
701static NOINLINE servtab_t *parse_one_line(void)
702{
703 int argc;
704 char *token[6+MAXARGV];
705 char *p, *arg;
706 char *hostdelim;
707 servtab_t *sep;
708 servtab_t *nsep;
709 new:
710 sep = new_servtab();
711 more:
712 argc = config_read(parser, token, 6+MAXARGV, 1, "# \t", PARSE_NORMAL);
713 if (!argc) {
714 free(sep);
715 return NULL;
716 }
717
718 /* [host:]service socktype proto wait user[:group] prog [args] */
719 /* Check for "host:...." line */
720 arg = token[0];
721 hostdelim = strrchr(arg, ':');
722 if (hostdelim) {
723 *hostdelim = '\0';
724 sep->se_local_hostname = xstrdup(arg);
725 arg = hostdelim + 1;
726 if (*arg == '\0' && argc == 1) {
727 /* Line has just "host:", change the
728 * default host for the following lines. */
729 free(default_local_hostname);
730 default_local_hostname = sep->se_local_hostname;
731 /*sep->se_local_hostname = NULL; - redundant */
732 /* (we'll overwrite this field anyway) */
733 goto more;
734 }
735 } else
736 sep->se_local_hostname = xstrdup(default_local_hostname);
737
738 /* service socktype proto wait user[:group] prog [args] */
739 sep->se_service = xstrdup(arg);
740
741 /* socktype proto wait user[:group] prog [args] */
742 if (argc < 6) {
743 parse_err:
744 bb_error_msg("parse error on line %u, line is ignored",
745 parser->lineno);
746 /* Just "goto more" can make sep to carry over e.g.
747 * "rpc"-ness (by having se_rpcver_lo != 0).
748 * We will be more paranoid: */
749 free_servtab_strings(sep);
750 free(sep);
751 goto new;
752 }
753
754 {
755 static const int8_t SOCK_xxx[] ALIGN1 = {
756 -1,
757 SOCK_STREAM, SOCK_DGRAM, SOCK_RDM,
758 SOCK_SEQPACKET, SOCK_RAW
759 };
760 sep->se_socktype = SOCK_xxx[1 + index_in_strings(
761 "stream""\0" "dgram""\0" "rdm""\0"
762 "seqpacket""\0" "raw""\0"
763 , token[1])];
764 }
765
766 /* {unix,[rpc/]{tcp,udp}[6]} wait user[:group] prog [args] */
767 sep->se_proto = arg = xstrdup(token[2]);
768 if (strcmp(arg, "unix") == 0) {
769 sep->se_family = AF_UNIX;
770 } else {
771 char *six;
772 sep->se_family = AF_INET;
773 six = last_char_is(arg, '6');
774 if (six) {
775#if ENABLE_FEATURE_IPV6
776 *six = '\0';
777 sep->se_family = AF_INET6;
778#else
779 bb_error_msg("%s: no support for IPv6", sep->se_proto);
780 goto parse_err;
781#endif
782 }
783 if (is_prefixed_with(arg, "rpc/")) {
784#if ENABLE_FEATURE_INETD_RPC
785 unsigned n;
786 arg += 4;
787 p = strchr(sep->se_service, '/');
788 if (p == NULL) {
789 bb_error_msg("no rpc version: '%s'", sep->se_service);
790 goto parse_err;
791 }
792 *p++ = '\0';
793 n = bb_strtou(p, &p, 10);
794 if (n > INT_MAX) {
795 bad_ver_spec:
796 bb_error_msg("bad rpc version");
797 goto parse_err;
798 }
799 sep->se_rpcver_lo = sep->se_rpcver_hi = n;
800 if (*p == '-') {
801 p++;
802 n = bb_strtou(p, &p, 10);
803 if (n > INT_MAX || (int)n < sep->se_rpcver_lo)
804 goto bad_ver_spec;
805 sep->se_rpcver_hi = n;
806 }
807 if (*p != '\0')
808 goto bad_ver_spec;
809#else
810 bb_error_msg("no support for rpc services");
811 goto parse_err;
812#endif
813 }
814 /* we don't really need getprotobyname()! */
815 if (strcmp(arg, "tcp") == 0)
816 sep->se_proto_no = IPPROTO_TCP; /* = 6 */
817 if (strcmp(arg, "udp") == 0)
818 sep->se_proto_no = IPPROTO_UDP; /* = 17 */
819 if (six)
820 *six = '6';
821 if (!sep->se_proto_no) /* not tcp/udp?? */
822 goto parse_err;
823 }
824
825 /* [no]wait[.max] user[:group] prog [args] */
826 arg = token[3];
827 sep->se_max = max_concurrency;
828 p = strchr(arg, '.');
829 if (p) {
830 *p++ = '\0';
831 sep->se_max = bb_strtou(p, NULL, 10);
832 if (errno)
833 goto parse_err;
834 }
835 sep->se_wait = (arg[0] != 'n' || arg[1] != 'o');
836 if (!sep->se_wait) /* "no" seen */
837 arg += 2;
838 if (strcmp(arg, "wait") != 0)
839 goto parse_err;
840
841 /* user[:group] prog [args] */
842 sep->se_user = xstrdup(token[4]);
843 arg = strchr(sep->se_user, '.');
844 if (arg == NULL)
845 arg = strchr(sep->se_user, ':');
846 if (arg) {
847 *arg++ = '\0';
848 sep->se_group = xstrdup(arg);
849 }
850
851 /* prog [args] */
852 sep->se_program = xstrdup(token[5]);
853#ifdef INETD_BUILTINS_ENABLED
854 if (strcmp(sep->se_program, "internal") == 0
855 && strlen(sep->se_service) <= 7
856 && (sep->se_socktype == SOCK_STREAM
857 || sep->se_socktype == SOCK_DGRAM)
858 ) {
859 unsigned i;
860 for (i = 0; i < ARRAY_SIZE(builtins); i++)
861 if (strncmp(builtins[i].bi_service7, sep->se_service, 7) == 0)
862 goto found_bi;
863 bb_error_msg("unknown internal service %s", sep->se_service);
864 goto parse_err;
865 found_bi:
866 sep->se_builtin = &builtins[i];
867 /* stream builtins must be "nowait", dgram must be "wait" */
868 if (sep->se_wait != (sep->se_socktype == SOCK_DGRAM))
869 goto parse_err;
870 }
871#endif
872 argc = 0;
873 while (argc < MAXARGV && (arg = token[6+argc]) != NULL)
874 sep->se_argv[argc++] = xstrdup(arg);
875 /* Some inetd.conf files have no argv's, not even argv[0].
876 * Fix them up.
877 * (Technically, programs can be execed with argv[0] = NULL,
878 * but many programs do not like that at all) */
879 if (argc == 0)
880 sep->se_argv[0] = xstrdup(sep->se_program);
881
882 /* catch mixups. "<service> stream udp ..." == wtf */
883 if (sep->se_socktype == SOCK_STREAM) {
884 if (sep->se_proto_no == IPPROTO_UDP)
885 goto parse_err;
886 }
887 if (sep->se_socktype == SOCK_DGRAM) {
888 if (sep->se_proto_no == IPPROTO_TCP)
889 goto parse_err;
890 }
891
892 //bb_error_msg(
893 // "ENTRY[%s][%s][%s][%d][%d][%d][%d][%d][%s][%s][%s]",
894 // sep->se_local_hostname, sep->se_service, sep->se_proto, sep->se_wait, sep->se_proto_no,
895 // sep->se_max, sep->se_count, sep->se_time, sep->se_user, sep->se_group, sep->se_program);
896
897 /* check if the hostname specifier is a comma separated list
898 * of hostnames. we'll make new entries for each address. */
899 while ((hostdelim = strrchr(sep->se_local_hostname, ',')) != NULL) {
900 nsep = dup_servtab(sep);
901 /* NUL terminate the hostname field of the existing entry,
902 * and make a dup for the new entry. */
903 *hostdelim++ = '\0';
904 nsep->se_local_hostname = xstrdup(hostdelim);
905 nsep->se_next = sep->se_next;
906 sep->se_next = nsep;
907 }
908
909 /* was doing it here: */
910 /* DNS resolution, create copies for each IP address */
911 /* IPv6-ization destroyed it :( */
912
913 return sep;
914}
915
916static servtab_t *insert_in_servlist(servtab_t *cp)
917{
918 servtab_t *sep;
919 sigset_t omask;
920
921 sep = new_servtab();
922 *sep = *cp; /* struct copy */
923 sep->se_fd = -1;
924#if ENABLE_FEATURE_INETD_RPC
925 sep->se_rpcprog = -1;
926#endif
927 block_CHLD_HUP_ALRM(&omask);
928 sep->se_next = serv_list;
929 serv_list = sep;
930 restore_sigmask(&omask);
931 return sep;
932}
933
934static int same_serv_addr_proto(servtab_t *old, servtab_t *new)
935{
936 if (strcmp(old->se_local_hostname, new->se_local_hostname) != 0)
937 return 0;
938 if (strcmp(old->se_service, new->se_service) != 0)
939 return 0;
940 if (strcmp(old->se_proto, new->se_proto) != 0)
941 return 0;
942 return 1;
943}
944
945static void reread_config_file(int sig UNUSED_PARAM)
946{
947 servtab_t *sep, *cp, **sepp;
948 len_and_sockaddr *lsa;
949 sigset_t omask;
950 unsigned n;
951 uint16_t port;
952 int save_errno = errno;
953
954 if (!reopen_config_file())
955 goto ret;
956 for (sep = serv_list; sep; sep = sep->se_next)
957 sep->se_checked = 0;
958
959 goto first_line;
960 while (1) {
961 if (cp == NULL) {
962 first_line:
963 cp = parse_one_line();
964 if (cp == NULL)
965 break;
966 }
967 for (sep = serv_list; sep; sep = sep->se_next)
968 if (same_serv_addr_proto(sep, cp))
969 goto equal_servtab;
970 /* not an "equal" servtab */
971 sep = insert_in_servlist(cp);
972 goto after_check;
973 equal_servtab:
974 {
975 int i;
976
977 block_CHLD_HUP_ALRM(&omask);
978#if ENABLE_FEATURE_INETD_RPC
979 if (is_rpc_service(sep))
980 unregister_rpc(sep);
981 sep->se_rpcver_lo = cp->se_rpcver_lo;
982 sep->se_rpcver_hi = cp->se_rpcver_hi;
983#endif
984 if (cp->se_wait == 0) {
985 /* New config says "nowait". If old one
986 * was "wait", we currently may be waiting
987 * for a child (and not accepting connects).
988 * Stop waiting, start listening again.
989 * (if it's not true, this op is harmless) */
990 add_fd_to_set(sep->se_fd);
991 }
992 sep->se_wait = cp->se_wait;
993 sep->se_max = cp->se_max;
994 /* string fields need more love - we don't want to leak them */
995#define SWAP(type, a, b) do { type c = (type)a; a = (type)b; b = (type)c; } while (0)
996 SWAP(char*, sep->se_user, cp->se_user);
997 SWAP(char*, sep->se_group, cp->se_group);
998 SWAP(char*, sep->se_program, cp->se_program);
999 for (i = 0; i < MAXARGV; i++)
1000 SWAP(char*, sep->se_argv[i], cp->se_argv[i]);
1001#undef SWAP
1002 restore_sigmask(&omask);
1003 free_servtab_strings(cp);
1004 }
1005 after_check:
1006 /* cp->string_fields are consumed by insert_in_servlist()
1007 * or freed at this point, cp itself is not yet freed. */
1008 sep->se_checked = 1;
1009
1010 /* create new len_and_sockaddr */
1011 switch (sep->se_family) {
1012 struct sockaddr_un *sun;
1013 case AF_UNIX:
1014 lsa = xzalloc_lsa(AF_UNIX);
1015 sun = (struct sockaddr_un*)&lsa->u.sa;
1016 safe_strncpy(sun->sun_path, sep->se_service, sizeof(sun->sun_path));
1017 break;
1018
1019 default: /* case AF_INET, case AF_INET6 */
1020 n = bb_strtou(sep->se_service, NULL, 10);
1021#if ENABLE_FEATURE_INETD_RPC
1022 if (is_rpc_service(sep)) {
1023 sep->se_rpcprog = n;
1024 if (errno) { /* se_service is not numeric */
1025 struct rpcent *rp = getrpcbyname(sep->se_service);
1026 if (rp == NULL) {
1027 bb_error_msg("%s: unknown rpc service", sep->se_service);
1028 goto next_cp;
1029 }
1030 sep->se_rpcprog = rp->r_number;
1031 }
1032 if (sep->se_fd == -1)
1033 prepare_socket_fd(sep);
1034 if (sep->se_fd != -1)
1035 register_rpc(sep);
1036 goto next_cp;
1037 }
1038#endif
1039 /* what port to listen on? */
1040 port = htons(n);
1041 if (errno || n > 0xffff) { /* se_service is not numeric */
1042 char protoname[4];
1043 struct servent *sp;
1044 /* can result only in "tcp" or "udp": */
1045 safe_strncpy(protoname, sep->se_proto, 4);
1046 sp = getservbyname(sep->se_service, protoname);
1047 if (sp == NULL) {
1048 bb_error_msg("%s/%s: unknown service",
1049 sep->se_service, sep->se_proto);
1050 goto next_cp;
1051 }
1052 port = sp->s_port;
1053 }
1054 if (LONE_CHAR(sep->se_local_hostname, '*')) {
1055 lsa = xzalloc_lsa(sep->se_family);
1056 set_nport(&lsa->u.sa, port);
1057 } else {
1058 lsa = host_and_af2sockaddr(sep->se_local_hostname,
1059 ntohs(port), sep->se_family);
1060 if (!lsa) {
1061 bb_error_msg("%s/%s: unknown host '%s'",
1062 sep->se_service, sep->se_proto,
1063 sep->se_local_hostname);
1064 goto next_cp;
1065 }
1066 }
1067 break;
1068 } /* end of "switch (sep->se_family)" */
1069
1070 /* did lsa change? Then close/open */
1071 if (sep->se_lsa == NULL
1072 || lsa->len != sep->se_lsa->len
1073 || memcmp(&lsa->u.sa, &sep->se_lsa->u.sa, lsa->len) != 0
1074 ) {
1075 remove_fd_from_set(sep->se_fd);
1076 maybe_close(sep->se_fd);
1077 free(sep->se_lsa);
1078 sep->se_lsa = lsa;
1079 sep->se_fd = -1;
1080 } else {
1081 free(lsa);
1082 }
1083 if (sep->se_fd == -1)
1084 prepare_socket_fd(sep);
1085 next_cp:
1086 sep = cp->se_next;
1087 free(cp);
1088 cp = sep;
1089 } /* end of "while (1) parse lines" */
1090 close_config_file();
1091
1092 /* Purge anything not looked at above - these are stale entries,
1093 * new config file doesnt have them. */
1094 block_CHLD_HUP_ALRM(&omask);
1095 sepp = &serv_list;
1096 while ((sep = *sepp) != NULL) {
1097 if (sep->se_checked) {
1098 sepp = &sep->se_next;
1099 continue;
1100 }
1101 *sepp = sep->se_next;
1102 remove_fd_from_set(sep->se_fd);
1103 maybe_close(sep->se_fd);
1104#if ENABLE_FEATURE_INETD_RPC
1105 if (is_rpc_service(sep))
1106 unregister_rpc(sep);
1107#endif
1108 if (sep->se_family == AF_UNIX)
1109 unlink(sep->se_service);
1110 free_servtab_strings(sep);
1111 free(sep);
1112 }
1113 restore_sigmask(&omask);
1114 ret:
1115 errno = save_errno;
1116}
1117
1118static void reap_child(int sig UNUSED_PARAM)
1119{
1120 pid_t pid;
1121 int status;
1122 servtab_t *sep;
1123 int save_errno = errno;
1124
1125 for (;;) {
1126 pid = wait_any_nohang(&status);
1127 if (pid <= 0)
1128 break;
1129 for (sep = serv_list; sep; sep = sep->se_next) {
1130 if (sep->se_wait != pid)
1131 continue;
1132 /* One of our "wait" services */
1133 if (WIFEXITED(status) && WEXITSTATUS(status))
1134 bb_error_msg("%s: exit status %u",
1135 sep->se_program, WEXITSTATUS(status));
1136 else if (WIFSIGNALED(status))
1137 bb_error_msg("%s: exit signal %u",
1138 sep->se_program, WTERMSIG(status));
1139 sep->se_wait = 1;
1140 add_fd_to_set(sep->se_fd);
1141 break;
1142 }
1143 }
1144 errno = save_errno;
1145}
1146
1147static void retry_network_setup(int sig UNUSED_PARAM)
1148{
1149 int save_errno = errno;
1150 servtab_t *sep;
1151
1152 alarm_armed = 0;
1153 for (sep = serv_list; sep; sep = sep->se_next) {
1154 if (sep->se_fd == -1) {
1155 prepare_socket_fd(sep);
1156#if ENABLE_FEATURE_INETD_RPC
1157 if (sep->se_fd != -1 && is_rpc_service(sep))
1158 register_rpc(sep);
1159#endif
1160 }
1161 }
1162 errno = save_errno;
1163}
1164
1165static void clean_up_and_exit(int sig UNUSED_PARAM)
1166{
1167 servtab_t *sep;
1168
1169 /* XXX signal race walking sep list */
1170 for (sep = serv_list; sep; sep = sep->se_next) {
1171 if (sep->se_fd == -1)
1172 continue;
1173
1174 switch (sep->se_family) {
1175 case AF_UNIX:
1176 unlink(sep->se_service);
1177 break;
1178 default: /* case AF_INET, AF_INET6 */
1179#if ENABLE_FEATURE_INETD_RPC
1180 if (sep->se_wait == 1 && is_rpc_service(sep))
1181 unregister_rpc(sep); /* XXX signal race */
1182#endif
1183 break;
1184 }
1185 if (ENABLE_FEATURE_CLEAN_UP)
1186 close(sep->se_fd);
1187 }
1188 remove_pidfile(CONFIG_PID_FILE_PATH "/inetd.pid");
1189 exit(EXIT_SUCCESS);
1190}
1191
1192int inetd_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
1193int inetd_main(int argc UNUSED_PARAM, char **argv)
1194{
1195 struct sigaction sa, saved_pipe_handler;
1196 servtab_t *sep, *sep2;
1197 struct passwd *pwd;
1198 struct group *grp = NULL; /* for compiler */
1199 int opt;
1200 pid_t pid;
1201 sigset_t omask;
1202
1203 INIT_G();
1204
1205 real_uid = getuid();
1206 if (real_uid != 0) /* run by non-root user */
1207 config_filename = NULL;
1208
1209 /* -q N, -R N */
1210 opt = getopt32(argv, "R:+feq:+", &max_concurrency, &global_queuelen);
1211 argv += optind;
1212 //argc -= optind;
1213 if (argv[0])
1214 config_filename = argv[0];
1215 if (config_filename == NULL)
1216 bb_error_msg_and_die("non-root must specify config file");
1217 if (!(opt & 2))
1218 bb_daemonize_or_rexec(0, argv - optind);
1219 else
1220 bb_sanitize_stdio();
1221 if (!(opt & 4)) {
1222 /* LOG_NDELAY: connect to syslog daemon NOW.
1223 * Otherwise, we may open syslog socket
1224 * in vforked child, making opened fds and syslog()
1225 * internal state inconsistent.
1226 * This was observed to leak file descriptors. */
1227 openlog(applet_name, LOG_PID | LOG_NDELAY, LOG_DAEMON);
1228 logmode = LOGMODE_SYSLOG;
1229 }
1230
1231 if (real_uid == 0) {
1232 /* run by root, ensure groups vector gets trashed */
1233 gid_t gid = getgid();
1234 setgroups(1, &gid);
1235 }
1236
1237 write_pidfile(CONFIG_PID_FILE_PATH "/inetd.pid");
1238
1239 /* never fails under Linux (except if you pass it bad arguments) */
1240 getrlimit(RLIMIT_NOFILE, &rlim_ofile);
1241 rlim_ofile_cur = rlim_ofile.rlim_cur;
1242 if (rlim_ofile_cur == RLIM_INFINITY) /* ! */
1243 rlim_ofile_cur = OPEN_MAX;
1244
1245 memset(&sa, 0, sizeof(sa));
1246 /*sigemptyset(&sa.sa_mask); - memset did it */
1247 sigaddset(&sa.sa_mask, SIGALRM);
1248 sigaddset(&sa.sa_mask, SIGCHLD);
1249 sigaddset(&sa.sa_mask, SIGHUP);
1250//FIXME: explain why no SA_RESTART
1251//FIXME: retry_network_setup is unsafe to run in signal handler (many reasons)!
1252 sa.sa_handler = retry_network_setup;
1253 sigaction_set(SIGALRM, &sa);
1254//FIXME: reread_config_file is unsafe to run in signal handler(many reasons)!
1255 sa.sa_handler = reread_config_file;
1256 sigaction_set(SIGHUP, &sa);
1257//FIXME: reap_child is unsafe to run in signal handler (uses stdio)!
1258 sa.sa_handler = reap_child;
1259 sigaction_set(SIGCHLD, &sa);
1260//FIXME: clean_up_and_exit is unsafe to run in signal handler (uses stdio)!
1261 sa.sa_handler = clean_up_and_exit;
1262 sigaction_set(SIGTERM, &sa);
1263 sa.sa_handler = clean_up_and_exit;
1264 sigaction_set(SIGINT, &sa);
1265 sa.sa_handler = SIG_IGN;
1266 sigaction(SIGPIPE, &sa, &saved_pipe_handler);
1267
1268 reread_config_file(SIGHUP); /* load config from file */
1269
1270 for (;;) {
1271 int ready_fd_cnt;
1272 int ctrl, accepted_fd, new_udp_fd;
1273 fd_set readable;
1274
1275 if (maxsock < 0)
1276 recalculate_maxsock();
1277
1278 readable = allsock; /* struct copy */
1279 /* if there are no fds to wait on, we will block
1280 * until signal wakes us up (maxsock == 0, but readable
1281 * never contains fds 0 and 1...) */
1282 ready_fd_cnt = select(maxsock + 1, &readable, NULL, NULL, NULL);
1283 if (ready_fd_cnt < 0) {
1284 if (errno != EINTR) {
1285 bb_perror_msg("select");
1286 sleep(1);
1287 }
1288 continue;
1289 }
1290 dbg("ready_fd_cnt:%d\n", ready_fd_cnt);
1291
1292 for (sep = serv_list; ready_fd_cnt && sep; sep = sep->se_next) {
1293 if (sep->se_fd == -1 || !FD_ISSET(sep->se_fd, &readable))
1294 continue;
1295
1296 dbg("ready fd:%d\n", sep->se_fd);
1297 ready_fd_cnt--;
1298 ctrl = sep->se_fd;
1299 accepted_fd = -1;
1300 new_udp_fd = -1;
1301 if (!sep->se_wait) {
1302 if (sep->se_socktype == SOCK_STREAM) {
1303 ctrl = accepted_fd = accept(sep->se_fd, NULL, NULL);
1304 dbg("accepted_fd:%d\n", accepted_fd);
1305 if (ctrl < 0) {
1306 if (errno != EINTR)
1307 bb_perror_msg("accept (for %s)", sep->se_service);
1308 continue;
1309 }
1310 }
1311 /* "nowait" udp */
1312 if (sep->se_socktype == SOCK_DGRAM
1313 && sep->se_family != AF_UNIX
1314 ) {
1315/* How udp "nowait" works:
1316 * child peeks at (received and buffered by kernel) UDP packet,
1317 * performs connect() on the socket so that it is linked only
1318 * to this peer. But this also affects parent, because descriptors
1319 * are shared after fork() a-la dup(). When parent performs
1320 * select(), it will see this descriptor connected to the peer (!)
1321 * and still readable, will act on it and mess things up
1322 * (can create many copies of same child, etc).
1323 * Parent must create and use new socket instead. */
1324 new_udp_fd = socket(sep->se_family, SOCK_DGRAM, 0);
1325 dbg("new_udp_fd:%d\n", new_udp_fd);
1326 if (new_udp_fd < 0) { /* error: eat packet, forget about it */
1327 udp_err:
1328 recv(sep->se_fd, line, LINE_SIZE, MSG_DONTWAIT);
1329 continue;
1330 }
1331 setsockopt_reuseaddr(new_udp_fd);
1332 /* TODO: better do bind after fork in parent,
1333 * so that we don't have two wildcard bound sockets
1334 * even for a brief moment? */
1335 if (bind(new_udp_fd, &sep->se_lsa->u.sa, sep->se_lsa->len) < 0) {
1336 dbg("bind(new_udp_fd) failed\n");
1337 close(new_udp_fd);
1338 goto udp_err;
1339 }
1340 dbg("bind(new_udp_fd) succeeded\n");
1341 }
1342 }
1343
1344 block_CHLD_HUP_ALRM(&omask);
1345 pid = 0;
1346#ifdef INETD_BUILTINS_ENABLED
1347 /* do we need to fork? */
1348 if (sep->se_builtin == NULL
1349 || (sep->se_socktype == SOCK_STREAM
1350 && sep->se_builtin->bi_fork))
1351#endif
1352 {
1353 if (sep->se_max != 0) {
1354 if (++sep->se_count == 1)
1355 sep->se_time = monotonic_sec();
1356 else if (sep->se_count >= sep->se_max) {
1357 unsigned now = monotonic_sec();
1358 /* did we accumulate se_max connects too quickly? */
1359 if (now - sep->se_time <= CNT_INTERVAL) {
1360 bb_error_msg("%s/%s: too many connections, pausing",
1361 sep->se_service, sep->se_proto);
1362 remove_fd_from_set(sep->se_fd);
1363 close(sep->se_fd);
1364 sep->se_fd = -1;
1365 sep->se_count = 0;
1366 rearm_alarm(); /* will revive it in RETRYTIME sec */
1367 restore_sigmask(&omask);
1368 maybe_close(new_udp_fd);
1369 maybe_close(accepted_fd);
1370 continue; /* -> check next fd in fd set */
1371 }
1372 sep->se_count = 0;
1373 }
1374 }
1375 /* on NOMMU, streamed chargen
1376 * builtin wouldn't work, but it is
1377 * not allowed on NOMMU (ifdefed out) */
1378#ifdef INETD_BUILTINS_ENABLED
1379 if (BB_MMU && sep->se_builtin)
1380 pid = fork();
1381 else
1382#endif
1383 pid = vfork();
1384
1385 if (pid < 0) { /* fork error */
1386 bb_perror_msg("%s", "vfork"+1);
1387 sleep(1);
1388 restore_sigmask(&omask);
1389 maybe_close(new_udp_fd);
1390 maybe_close(accepted_fd);
1391 continue; /* -> check next fd in fd set */
1392 }
1393 if (pid == 0)
1394 pid--; /* -1: "we did fork and we are child" */
1395 }
1396 /* if pid == 0 here, we didn't fork */
1397
1398 if (pid > 0) { /* parent */
1399 if (sep->se_wait) {
1400 /* wait: we passed socket to child,
1401 * will wait for child to terminate */
1402 sep->se_wait = pid;
1403 remove_fd_from_set(sep->se_fd);
1404 }
1405 if (new_udp_fd >= 0) {
1406 /* udp nowait: child connected the socket,
1407 * we created and will use new, unconnected one */
1408 xmove_fd(new_udp_fd, sep->se_fd);
1409 dbg("moved new_udp_fd:%d to sep->se_fd:%d\n", new_udp_fd, sep->se_fd);
1410 }
1411 restore_sigmask(&omask);
1412 maybe_close(accepted_fd);
1413 continue; /* -> check next fd in fd set */
1414 }
1415
1416 /* we are either child or didn't fork at all */
1417#ifdef INETD_BUILTINS_ENABLED
1418 if (sep->se_builtin) {
1419 if (pid) { /* "pid" is -1: we did fork */
1420 close(sep->se_fd); /* listening socket */
1421 dbg("closed sep->se_fd:%d\n", sep->se_fd);
1422 logmode = LOGMODE_NONE; /* make xwrite etc silent */
1423 }
1424 restore_sigmask(&omask);
1425 if (sep->se_socktype == SOCK_STREAM)
1426 sep->se_builtin->bi_stream_fn(ctrl, sep);
1427 else
1428 sep->se_builtin->bi_dgram_fn(ctrl, sep);
1429 if (pid) /* we did fork */
1430 _exit(EXIT_FAILURE);
1431 maybe_close(accepted_fd);
1432 continue; /* -> check next fd in fd set */
1433 }
1434#endif
1435 /* child */
1436 setsid();
1437 /* "nowait" udp */
1438 if (new_udp_fd >= 0) {
1439 len_and_sockaddr *lsa;
1440 int r;
1441
1442 close(new_udp_fd);
1443 lsa = xzalloc_lsa(sep->se_family);
1444 /* peek at the packet and remember peer addr */
1445 r = recvfrom(ctrl, NULL, 0, MSG_PEEK|MSG_DONTWAIT,
1446 &lsa->u.sa, &lsa->len);
1447 if (r < 0)
1448 goto do_exit1;
1449 /* make this socket "connected" to peer addr:
1450 * only packets from this peer will be recv'ed,
1451 * and bare write()/send() will work on it */
1452 connect(ctrl, &lsa->u.sa, lsa->len);
1453 dbg("connected ctrl:%d to remote peer\n", ctrl);
1454 free(lsa);
1455 }
1456 /* prepare env and exec program */
1457 pwd = getpwnam(sep->se_user);
1458 if (pwd == NULL) {
1459 bb_error_msg("%s: no such %s", sep->se_user, "user");
1460 goto do_exit1;
1461 }
1462 if (sep->se_group && (grp = getgrnam(sep->se_group)) == NULL) {
1463 bb_error_msg("%s: no such %s", sep->se_group, "group");
1464 goto do_exit1;
1465 }
1466 if (real_uid != 0 && real_uid != pwd->pw_uid) {
1467 /* a user running private inetd */
1468 bb_error_msg("non-root must run services as himself");
1469 goto do_exit1;
1470 }
1471 if (pwd->pw_uid != 0) {
1472 if (sep->se_group)
1473 pwd->pw_gid = grp->gr_gid;
1474 /* initgroups, setgid, setuid: */
1475 change_identity(pwd);
1476 } else if (sep->se_group) {
1477 xsetgid(grp->gr_gid);
1478 setgroups(1, &grp->gr_gid);
1479 }
1480 if (rlim_ofile.rlim_cur != rlim_ofile_cur)
1481 if (setrlimit(RLIMIT_NOFILE, &rlim_ofile) < 0)
1482 bb_perror_msg("setrlimit");
1483
1484 /* closelog(); - WRONG. we are after vfork,
1485 * this may confuse syslog() internal state.
1486 * Let's hope libc sets syslog fd to CLOEXEC...
1487 */
1488 xmove_fd(ctrl, STDIN_FILENO);
1489 xdup2(STDIN_FILENO, STDOUT_FILENO);
1490 dbg("moved ctrl:%d to fd 0,1[,2]\n", ctrl);
1491 /* manpages of inetd I managed to find either say
1492 * that stderr is also redirected to the network,
1493 * or do not talk about redirection at all (!) */
1494 if (!sep->se_wait) /* only for usual "tcp nowait" */
1495 xdup2(STDIN_FILENO, STDERR_FILENO);
1496 /* NB: among others, this loop closes listening sockets
1497 * for nowait stream children */
1498 for (sep2 = serv_list; sep2; sep2 = sep2->se_next)
1499 if (sep2->se_fd != ctrl)
1500 maybe_close(sep2->se_fd);
1501 sigaction_set(SIGPIPE, &saved_pipe_handler);
1502 restore_sigmask(&omask);
1503 dbg("execing:'%s'\n", sep->se_program);
1504 BB_EXECVP(sep->se_program, sep->se_argv);
1505 bb_perror_msg("can't execute '%s'", sep->se_program);
1506 do_exit1:
1507 /* eat packet in udp case */
1508 if (sep->se_socktype != SOCK_STREAM)
1509 recv(0, line, LINE_SIZE, MSG_DONTWAIT);
1510 _exit(EXIT_FAILURE);
1511 } /* for (sep = servtab...) */
1512 } /* for (;;) */
1513}
1514
1515#if !BB_MMU
1516static const char *const cat_args[] = { "cat", NULL };
1517#endif
1518
1519/*
1520 * Internet services provided internally by inetd:
1521 */
1522#if ENABLE_FEATURE_INETD_SUPPORT_BUILTIN_ECHO
1523/* Echo service -- echo data back. */
1524/* ARGSUSED */
1525static void FAST_FUNC echo_stream(int s, servtab_t *sep UNUSED_PARAM)
1526{
1527#if BB_MMU
1528 while (1) {
1529 ssize_t sz = safe_read(s, line, LINE_SIZE);
1530 if (sz <= 0)
1531 break;
1532 xwrite(s, line, sz);
1533 }
1534#else
1535 /* We are after vfork here! */
1536 /* move network socket to stdin/stdout */
1537 xmove_fd(s, STDIN_FILENO);
1538 xdup2(STDIN_FILENO, STDOUT_FILENO);
1539 /* no error messages please... */
1540 close(STDERR_FILENO);
1541 xopen(bb_dev_null, O_WRONLY);
1542 BB_EXECVP("cat", (char**)cat_args);
1543 /* on failure we return to main, which does exit(EXIT_FAILURE) */
1544#endif
1545}
1546static void FAST_FUNC echo_dg(int s, servtab_t *sep)
1547{
1548 enum { BUFSIZE = 12*1024 }; /* for jumbo sized packets! :) */
1549 char *buf = xmalloc(BUFSIZE); /* too big for stack */
1550 int sz;
1551 len_and_sockaddr *lsa = alloca(LSA_LEN_SIZE + sep->se_lsa->len);
1552
1553 lsa->len = sep->se_lsa->len;
1554 /* dgram builtins are non-forking - DONT BLOCK! */
1555 sz = recvfrom(s, buf, BUFSIZE, MSG_DONTWAIT, &lsa->u.sa, &lsa->len);
1556 if (sz > 0)
1557 sendto(s, buf, sz, 0, &lsa->u.sa, lsa->len);
1558 free(buf);
1559}
1560#endif /* FEATURE_INETD_SUPPORT_BUILTIN_ECHO */
1561
1562
1563#if ENABLE_FEATURE_INETD_SUPPORT_BUILTIN_DISCARD
1564/* Discard service -- ignore data. */
1565/* ARGSUSED */
1566static void FAST_FUNC discard_stream(int s, servtab_t *sep UNUSED_PARAM)
1567{
1568#if BB_MMU
1569 while (safe_read(s, line, LINE_SIZE) > 0)
1570 continue;
1571#else
1572 /* We are after vfork here! */
1573 /* move network socket to stdin */
1574 xmove_fd(s, STDIN_FILENO);
1575 /* discard output */
1576 close(STDOUT_FILENO);
1577 xopen(bb_dev_null, O_WRONLY);
1578 /* no error messages please... */
1579 xdup2(STDOUT_FILENO, STDERR_FILENO);
1580 BB_EXECVP("cat", (char**)cat_args);
1581 /* on failure we return to main, which does exit(EXIT_FAILURE) */
1582#endif
1583}
1584/* ARGSUSED */
1585static void FAST_FUNC discard_dg(int s, servtab_t *sep UNUSED_PARAM)
1586{
1587 /* dgram builtins are non-forking - DONT BLOCK! */
1588 recv(s, line, LINE_SIZE, MSG_DONTWAIT);
1589}
1590#endif /* FEATURE_INETD_SUPPORT_BUILTIN_DISCARD */
1591
1592
1593#if ENABLE_FEATURE_INETD_SUPPORT_BUILTIN_CHARGEN
1594#define LINESIZ 72
1595static void init_ring(void)
1596{
1597 int i;
1598
1599 end_ring = ring;
1600 for (i = ' '; i < 127; i++)
1601 *end_ring++ = i;
1602}
1603/* Character generator. MMU arches only. */
1604/* ARGSUSED */
1605static void FAST_FUNC chargen_stream(int s, servtab_t *sep UNUSED_PARAM)
1606{
1607 char *rs;
1608 int len;
1609 char text[LINESIZ + 2];
1610
1611 if (!end_ring) {
1612 init_ring();
1613 rs = ring;
1614 }
1615
1616 text[LINESIZ] = '\r';
1617 text[LINESIZ + 1] = '\n';
1618 rs = ring;
1619 for (;;) {
1620 len = end_ring - rs;
1621 if (len >= LINESIZ)
1622 memmove(text, rs, LINESIZ);
1623 else {
1624 memmove(text, rs, len);
1625 memmove(text + len, ring, LINESIZ - len);
1626 }
1627 if (++rs == end_ring)
1628 rs = ring;
1629 xwrite(s, text, sizeof(text));
1630 }
1631}
1632/* ARGSUSED */
1633static void FAST_FUNC chargen_dg(int s, servtab_t *sep)
1634{
1635 int len;
1636 char text[LINESIZ + 2];
1637 len_and_sockaddr *lsa = alloca(LSA_LEN_SIZE + sep->se_lsa->len);
1638
1639 /* Eat UDP packet which started it all */
1640 /* dgram builtins are non-forking - DONT BLOCK! */
1641 lsa->len = sep->se_lsa->len;
1642 if (recvfrom(s, text, sizeof(text), MSG_DONTWAIT, &lsa->u.sa, &lsa->len) < 0)
1643 return;
1644
1645 if (!end_ring) {
1646 init_ring();
1647 ring_pos = ring;
1648 }
1649
1650 len = end_ring - ring_pos;
1651 if (len >= LINESIZ)
1652 memmove(text, ring_pos, LINESIZ);
1653 else {
1654 memmove(text, ring_pos, len);
1655 memmove(text + len, ring, LINESIZ - len);
1656 }
1657 if (++ring_pos == end_ring)
1658 ring_pos = ring;
1659 text[LINESIZ] = '\r';
1660 text[LINESIZ + 1] = '\n';
1661 sendto(s, text, sizeof(text), 0, &lsa->u.sa, lsa->len);
1662}
1663#endif /* FEATURE_INETD_SUPPORT_BUILTIN_CHARGEN */
1664
1665
1666#if ENABLE_FEATURE_INETD_SUPPORT_BUILTIN_TIME
1667/*
1668 * Return a machine readable date and time, in the form of the
1669 * number of seconds since midnight, Jan 1, 1900. Since gettimeofday
1670 * returns the number of seconds since midnight, Jan 1, 1970,
1671 * we must add 2208988800 seconds to this figure to make up for
1672 * some seventy years Bell Labs was asleep.
1673 */
1674static uint32_t machtime(void)
1675{
1676 struct timeval tv;
1677
1678 gettimeofday(&tv, NULL);
1679 return htonl((uint32_t)(tv.tv_sec + 2208988800UL));
1680}
1681/* ARGSUSED */
1682static void FAST_FUNC machtime_stream(int s, servtab_t *sep UNUSED_PARAM)
1683{
1684 uint32_t result;
1685
1686 result = machtime();
1687 full_write(s, &result, sizeof(result));
1688}
1689static void FAST_FUNC machtime_dg(int s, servtab_t *sep)
1690{
1691 uint32_t result;
1692 len_and_sockaddr *lsa = alloca(LSA_LEN_SIZE + sep->se_lsa->len);
1693
1694 lsa->len = sep->se_lsa->len;
1695 if (recvfrom(s, line, LINE_SIZE, MSG_DONTWAIT, &lsa->u.sa, &lsa->len) < 0)
1696 return;
1697
1698 result = machtime();
1699 sendto(s, &result, sizeof(result), 0, &lsa->u.sa, lsa->len);
1700}
1701#endif /* FEATURE_INETD_SUPPORT_BUILTIN_TIME */
1702
1703
1704#if ENABLE_FEATURE_INETD_SUPPORT_BUILTIN_DAYTIME
1705/* Return human-readable time of day */
1706/* ARGSUSED */
1707static void FAST_FUNC daytime_stream(int s, servtab_t *sep UNUSED_PARAM)
1708{
1709 time_t t;
1710
1711 time(&t);
1712 fdprintf(s, "%.24s\r\n", ctime(&t));
1713}
1714static void FAST_FUNC daytime_dg(int s, servtab_t *sep)
1715{
1716 time_t t;
1717 len_and_sockaddr *lsa = alloca(LSA_LEN_SIZE + sep->se_lsa->len);
1718
1719 lsa->len = sep->se_lsa->len;
1720 if (recvfrom(s, line, LINE_SIZE, MSG_DONTWAIT, &lsa->u.sa, &lsa->len) < 0)
1721 return;
1722
1723 t = time(NULL);
1724 sprintf(line, "%.24s\r\n", ctime(&t));
1725 sendto(s, line, strlen(line), 0, &lsa->u.sa, lsa->len);
1726}
1727#endif /* FEATURE_INETD_SUPPORT_BUILTIN_DAYTIME */
1728
generated by cgit at 2024-05-15 11:33:14 (GMT)