File: [local] / src / sbin / unwind / control.c (download)
Revision 1.17, Wed Feb 24 18:34:14 2021 UTC (3 years, 3 months ago) by florian
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE, OPENBSD_7_5, OPENBSD_7_4_BASE, OPENBSD_7_4, OPENBSD_7_3_BASE, OPENBSD_7_3, OPENBSD_7_2_BASE, OPENBSD_7_2, OPENBSD_7_1_BASE, OPENBSD_7_1, OPENBSD_7_0_BASE, OPENBSD_7_0, OPENBSD_6_9_BASE, OPENBSD_6_9, HEAD Changes since 1.16: +6 -4 lines
We need to track the pid of the connecting control connection to be
able to send answers back to the correct client in case two are
connecting at the same time. We also need to pass the pid around to
the resolver process so that it can hand it back to us.
Debugged by deraadt and dlg who noticed that answers would always
arrive on the first control connection.
deraadt@ points out that tracking the pid is not the best choice in
case one process wants to hold open two connections but at least this
brings us in line with all the other privsep daemons with control
tools. If we change this we should change it in all daemons.
|
/* $OpenBSD: control.c,v 1.17 2021/02/24 18:34:14 florian Exp $ */
/*
* Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
#include <sys/types.h>
#include <sys/queue.h>
#include <sys/stat.h>
#include <sys/socket.h>
#include <sys/time.h>
#include <sys/un.h>
#include <net/route.h>
#include <errno.h>
#include <event.h>
#include <imsg.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include "log.h"
#include "unwind.h"
#include "control.h"
#include "frontend.h"
#include "resolver.h"
#define CONTROL_BACKLOG 5
struct {
struct event ev;
struct event evt;
int fd;
} control_state = {.fd = -1};
struct ctl_conn {
TAILQ_ENTRY(ctl_conn) entry;
struct imsgev iev;
};
TAILQ_HEAD(ctl_conns, ctl_conn) ctl_conns = TAILQ_HEAD_INITIALIZER(ctl_conns);
struct ctl_conn *control_connbyfd(int);
struct ctl_conn *control_connbypid(pid_t);
void control_close(int);
int
control_init(char *path)
{
struct sockaddr_un sun;
int fd;
mode_t old_umask;
if ((fd = socket(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC | SOCK_NONBLOCK,
0)) == -1) {
log_warn("%s: socket", __func__);
return (-1);
}
memset(&sun, 0, sizeof(sun));
sun.sun_family = AF_UNIX;
strlcpy(sun.sun_path, path, sizeof(sun.sun_path));
if (unlink(path) == -1)
if (errno != ENOENT) {
log_warn("%s: unlink %s", __func__, path);
close(fd);
return (-1);
}
old_umask = umask(S_IXUSR|S_IXGRP|S_IWOTH|S_IROTH|S_IXOTH);
if (bind(fd, (struct sockaddr *)&sun, sizeof(sun)) == -1) {
log_warn("%s: bind: %s", __func__, path);
close(fd);
umask(old_umask);
return (-1);
}
umask(old_umask);
if (chmod(path,
S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH) == -1) {
log_warn("%s: chmod", __func__);
close(fd);
(void)unlink(path);
return (-1);
}
return (fd);
}
int
control_listen(int fd)
{
if (control_state.fd != -1)
fatalx("%s: received unexpected controlsock", __func__);
control_state.fd = fd;
if (listen(control_state.fd, CONTROL_BACKLOG) == -1) {
log_warn("%s: listen", __func__);
return (-1);
}
event_set(&control_state.ev, control_state.fd, EV_READ,
control_accept, NULL);
event_add(&control_state.ev, NULL);
evtimer_set(&control_state.evt, control_accept, NULL);
return (0);
}
void
control_accept(int listenfd, short event, void *bula)
{
int connfd;
socklen_t len;
struct sockaddr_un sun;
struct ctl_conn *c;
event_add(&control_state.ev, NULL);
if ((event & EV_TIMEOUT))
return;
len = sizeof(sun);
if ((connfd = accept4(listenfd, (struct sockaddr *)&sun, &len,
SOCK_CLOEXEC | SOCK_NONBLOCK)) == -1) {
/*
* Pause accept if we are out of file descriptors, or
* libevent will haunt us here too.
*/
if (errno == ENFILE || errno == EMFILE) {
struct timeval evtpause = { 1, 0 };
event_del(&control_state.ev);
evtimer_add(&control_state.evt, &evtpause);
} else if (errno != EWOULDBLOCK && errno != EINTR &&
errno != ECONNABORTED)
log_warn("%s: accept4", __func__);
return;
}
if ((c = calloc(1, sizeof(struct ctl_conn))) == NULL) {
log_warn("%s: calloc", __func__);
close(connfd);
return;
}
imsg_init(&c->iev.ibuf, connfd);
c->iev.handler = control_dispatch_imsg;
c->iev.events = EV_READ;
event_set(&c->iev.ev, c->iev.ibuf.fd, c->iev.events, c->iev.handler,
&c->iev);
event_add(&c->iev.ev, NULL);
TAILQ_INSERT_TAIL(&ctl_conns, c, entry);
}
struct ctl_conn *
control_connbyfd(int fd)
{
struct ctl_conn *c;
TAILQ_FOREACH(c, &ctl_conns, entry) {
if (c->iev.ibuf.fd == fd)
break;
}
return (c);
}
struct ctl_conn *
control_connbypid(pid_t pid)
{
struct ctl_conn *c;
TAILQ_FOREACH(c, &ctl_conns, entry) {
if (c->iev.ibuf.pid == pid)
break;
}
return (c);
}
void
control_close(int fd)
{
struct ctl_conn *c;
if ((c = control_connbyfd(fd)) == NULL) {
log_warnx("%s: fd %d: not found", __func__, fd);
return;
}
msgbuf_clear(&c->iev.ibuf.w);
TAILQ_REMOVE(&ctl_conns, c, entry);
event_del(&c->iev.ev);
close(c->iev.ibuf.fd);
/* Some file descriptors are available again. */
if (evtimer_pending(&control_state.evt, NULL)) {
evtimer_del(&control_state.evt);
event_add(&control_state.ev, NULL);
}
free(c);
}
void
control_dispatch_imsg(int fd, short event, void *bula)
{
struct ctl_conn *c;
struct imsg imsg;
ssize_t n;
int verbose;
uid_t euid;
gid_t egid;
if ((c = control_connbyfd(fd)) == NULL) {
log_warnx("%s: fd %d: not found", __func__, fd);
return;
}
if (event & EV_READ) {
if (((n = imsg_read(&c->iev.ibuf)) == -1 && errno != EAGAIN) ||
n == 0) {
control_close(fd);
return;
}
}
if (event & EV_WRITE) {
if (msgbuf_write(&c->iev.ibuf.w) <= 0 && errno != EAGAIN) {
control_close(fd);
return;
}
}
if (getpeereid(fd, &euid, &egid) == -1) {
control_close(fd);
return;
}
for (;;) {
if ((n = imsg_get(&c->iev.ibuf, &imsg)) == -1) {
control_close(fd);
return;
}
if (n == 0)
break;
switch (imsg.hdr.type) {
case IMSG_CTL_LOG_VERBOSE:
case IMSG_CTL_RELOAD:
if (euid != 0) {
imsg_free(&imsg);
control_close(fd);
return;
}
break;
default:
break;
}
c->iev.ibuf.pid = imsg.hdr.pid;
switch (imsg.hdr.type) {
case IMSG_CTL_RELOAD:
frontend_imsg_compose_main(imsg.hdr.type, imsg.hdr.pid,
NULL, 0);
break;
case IMSG_CTL_LOG_VERBOSE:
if (IMSG_DATA_SIZE(imsg) != sizeof(verbose))
break;
/* Forward to all other processes. */
frontend_imsg_compose_main(imsg.hdr.type, imsg.hdr.pid,
imsg.data, IMSG_DATA_SIZE(imsg));
frontend_imsg_compose_resolver(imsg.hdr.type,
imsg.hdr.pid, imsg.data, IMSG_DATA_SIZE(imsg));
memcpy(&verbose, imsg.data, sizeof(verbose));
log_setverbose(verbose);
break;
case IMSG_CTL_STATUS:
case IMSG_CTL_AUTOCONF:
case IMSG_CTL_MEM:
if (IMSG_DATA_SIZE(imsg) != 0)
break;
frontend_imsg_compose_resolver(imsg.hdr.type,
imsg.hdr.pid, NULL, 0);
break;
default:
log_debug("%s: error handling imsg %d", __func__,
imsg.hdr.type);
break;
}
imsg_free(&imsg);
}
imsg_event_add(&c->iev);
}
int
control_imsg_relay(struct imsg *imsg)
{
struct ctl_conn *c;
if ((c = control_connbypid(imsg->hdr.pid)) == NULL)
return (0);
return (imsg_compose_event(&c->iev, imsg->hdr.type, 0, imsg->hdr.pid,
-1, imsg->data, IMSG_DATA_SIZE(*imsg)));
}