bl.c revision 1.2.4.1
1 1.2.4.1 perseant /* $NetBSD: bl.c,v 1.2.4.1 2025/08/02 05:20:52 perseant Exp $ */ 2 1.1 christos 3 1.1 christos /*- 4 1.1 christos * Copyright (c) 2014 The NetBSD Foundation, Inc. 5 1.1 christos * All rights reserved. 6 1.1 christos * 7 1.1 christos * This code is derived from software contributed to The NetBSD Foundation 8 1.1 christos * by Christos Zoulas. 9 1.1 christos * 10 1.1 christos * Redistribution and use in source and binary forms, with or without 11 1.1 christos * modification, are permitted provided that the following conditions 12 1.1 christos * are met: 13 1.1 christos * 1. Redistributions of source code must retain the above copyright 14 1.1 christos * notice, this list of conditions and the following disclaimer. 15 1.1 christos * 2. Redistributions in binary form must reproduce the above copyright 16 1.1 christos * notice, this list of conditions and the following disclaimer in the 17 1.1 christos * documentation and/or other materials provided with the distribution. 18 1.1 christos * 19 1.1 christos * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 20 1.1 christos * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21 1.1 christos * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22 1.1 christos * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 23 1.1 christos * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 24 1.1 christos * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 25 1.1 christos * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 26 1.1 christos * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 27 1.1 christos * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 28 1.1 christos * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 29 1.1 christos * POSSIBILITY OF SUCH DAMAGE. 30 1.1 christos */ 31 1.1 christos #ifdef HAVE_CONFIG_H 32 1.1 christos #include "config.h" 33 1.1 christos #endif 34 1.1 christos 35 1.2.4.1 perseant #ifdef HAVE_SYS_CDEFS_H 36 1.1 christos #include <sys/cdefs.h> 37 1.2.4.1 perseant #endif 38 1.2.4.1 perseant __RCSID("$NetBSD: bl.c,v 1.2.4.1 2025/08/02 05:20:52 perseant Exp $"); 39 1.1 christos 40 1.1 christos #include <sys/param.h> 41 1.1 christos #include <sys/types.h> 42 1.1 christos #include <sys/socket.h> 43 1.1 christos #include <sys/stat.h> 44 1.1 christos #include <sys/un.h> 45 1.1 christos 46 1.1 christos #include <stdio.h> 47 1.1 christos #include <string.h> 48 1.1 christos #include <syslog.h> 49 1.1 christos #include <signal.h> 50 1.1 christos #include <fcntl.h> 51 1.1 christos #include <stdlib.h> 52 1.1 christos #include <unistd.h> 53 1.1 christos #include <stdint.h> 54 1.1 christos #include <stdbool.h> 55 1.1 christos #include <errno.h> 56 1.1 christos #include <stdarg.h> 57 1.1 christos #include <netinet/in.h> 58 1.1 christos #ifdef _REENTRANT 59 1.1 christos #include <pthread.h> 60 1.1 christos #endif 61 1.1 christos 62 1.2.4.1 perseant #if defined(SO_RECVUCRED) 63 1.2.4.1 perseant #include <ucred.h> 64 1.2.4.1 perseant #endif 65 1.2.4.1 perseant 66 1.1 christos #include "bl.h" 67 1.1 christos 68 1.1 christos typedef struct { 69 1.1 christos uint32_t bl_len; 70 1.1 christos uint32_t bl_version; 71 1.1 christos uint32_t bl_type; 72 1.1 christos uint32_t bl_salen; 73 1.1 christos struct sockaddr_storage bl_ss; 74 1.1 christos char bl_data[]; 75 1.1 christos } bl_message_t; 76 1.1 christos 77 1.1 christos struct blocklist { 78 1.1 christos #ifdef _REENTRANT 79 1.1 christos pthread_mutex_t b_mutex; 80 1.1 christos # define BL_INIT(b) pthread_mutex_init(&b->b_mutex, NULL) 81 1.1 christos # define BL_LOCK(b) pthread_mutex_lock(&b->b_mutex) 82 1.1 christos # define BL_UNLOCK(b) pthread_mutex_unlock(&b->b_mutex) 83 1.1 christos #else 84 1.1 christos # define BL_INIT(b) do {} while(/*CONSTCOND*/0) 85 1.1 christos # define BL_LOCK(b) BL_INIT(b) 86 1.1 christos # define BL_UNLOCK(b) BL_INIT(b) 87 1.1 christos #endif 88 1.1 christos int b_fd; 89 1.1 christos int b_connected; 90 1.1 christos struct sockaddr_un b_sun; 91 1.2.4.1 perseant struct syslog_data b_syslog_data; 92 1.2.4.1 perseant void (*b_fun)(int, struct syslog_data *, const char *, va_list); 93 1.1 christos bl_info_t b_info; 94 1.1 christos }; 95 1.1 christos 96 1.1 christos #define BL_VERSION 1 97 1.1 christos 98 1.1 christos bool 99 1.1 christos bl_isconnected(bl_t b) 100 1.1 christos { 101 1.1 christos return b->b_connected == 0; 102 1.1 christos } 103 1.1 christos 104 1.1 christos int 105 1.1 christos bl_getfd(bl_t b) 106 1.1 christos { 107 1.1 christos return b->b_fd; 108 1.1 christos } 109 1.1 christos 110 1.1 christos static void 111 1.1 christos bl_reset(bl_t b, bool locked) 112 1.1 christos { 113 1.1 christos int serrno = errno; 114 1.1 christos if (!locked) 115 1.1 christos BL_LOCK(b); 116 1.1 christos close(b->b_fd); 117 1.1 christos errno = serrno; 118 1.1 christos b->b_fd = -1; 119 1.1 christos b->b_connected = -1; 120 1.1 christos if (!locked) 121 1.1 christos BL_UNLOCK(b); 122 1.1 christos } 123 1.1 christos 124 1.1 christos static void 125 1.2.4.1 perseant bl_log(bl_t b, int level, const char *fmt, ...) 126 1.1 christos { 127 1.1 christos va_list ap; 128 1.1 christos int serrno = errno; 129 1.1 christos 130 1.2.4.1 perseant if (b->b_fun == NULL) 131 1.2.4.1 perseant return; 132 1.2.4.1 perseant 133 1.1 christos va_start(ap, fmt); 134 1.2.4.1 perseant (*b->b_fun)(level, &b->b_syslog_data, fmt, ap); 135 1.1 christos va_end(ap); 136 1.1 christos errno = serrno; 137 1.1 christos } 138 1.1 christos 139 1.1 christos static int 140 1.1 christos bl_init(bl_t b, bool srv) 141 1.1 christos { 142 1.1 christos static int one = 1; 143 1.1 christos /* AF_UNIX address of local logger */ 144 1.1 christos mode_t om; 145 1.1 christos int rv, serrno; 146 1.1 christos struct sockaddr_un *sun = &b->b_sun; 147 1.1 christos 148 1.1 christos #ifndef SOCK_NONBLOCK 149 1.1 christos #define SOCK_NONBLOCK 0 150 1.1 christos #endif 151 1.1 christos #ifndef SOCK_CLOEXEC 152 1.1 christos #define SOCK_CLOEXEC 0 153 1.1 christos #endif 154 1.1 christos #ifndef SOCK_NOSIGPIPE 155 1.1 christos #define SOCK_NOSIGPIPE 0 156 1.1 christos #endif 157 1.1 christos 158 1.1 christos BL_LOCK(b); 159 1.1 christos 160 1.1 christos if (b->b_fd == -1) { 161 1.1 christos b->b_fd = socket(PF_LOCAL, 162 1.1 christos SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK|SOCK_NOSIGPIPE, 0); 163 1.1 christos if (b->b_fd == -1) { 164 1.2.4.1 perseant bl_log(b, LOG_ERR, "%s: socket failed (%s)", 165 1.1 christos __func__, strerror(errno)); 166 1.1 christos BL_UNLOCK(b); 167 1.1 christos return -1; 168 1.1 christos } 169 1.1 christos #if SOCK_CLOEXEC == 0 170 1.1 christos fcntl(b->b_fd, F_SETFD, FD_CLOEXEC); 171 1.1 christos #endif 172 1.1 christos #if SOCK_NONBLOCK == 0 173 1.1 christos fcntl(b->b_fd, F_SETFL, fcntl(b->b_fd, F_GETFL) | O_NONBLOCK); 174 1.1 christos #endif 175 1.1 christos #if SOCK_NOSIGPIPE == 0 176 1.1 christos #ifdef SO_NOSIGPIPE 177 1.1 christos int o = 1; 178 1.1 christos setsockopt(b->b_fd, SOL_SOCKET, SO_NOSIGPIPE, &o, sizeof(o)); 179 1.1 christos #else 180 1.1 christos signal(SIGPIPE, SIG_IGN); 181 1.1 christos #endif 182 1.1 christos #endif 183 1.1 christos } 184 1.1 christos 185 1.1 christos if (bl_isconnected(b)) { 186 1.1 christos BL_UNLOCK(b); 187 1.1 christos return 0; 188 1.1 christos } 189 1.1 christos 190 1.1 christos /* 191 1.1 christos * We try to connect anyway even when we are a server to verify 192 1.1 christos * that no other server is listening to the socket. If we succeed 193 1.1 christos * to connect and we are a server, someone else owns it. 194 1.1 christos */ 195 1.1 christos rv = connect(b->b_fd, (const void *)sun, (socklen_t)sizeof(*sun)); 196 1.1 christos if (rv == 0) { 197 1.1 christos if (srv) { 198 1.2.4.1 perseant bl_log(b, LOG_ERR, 199 1.1 christos "%s: another daemon is handling `%s'", 200 1.1 christos __func__, sun->sun_path); 201 1.1 christos goto out; 202 1.1 christos } 203 1.1 christos } else { 204 1.1 christos if (!srv) { 205 1.1 christos /* 206 1.1 christos * If the daemon is not running, we just try a 207 1.1 christos * connect, so leave the socket alone until it does 208 1.1 christos * and only log once. 209 1.1 christos */ 210 1.1 christos if (b->b_connected != 1) { 211 1.2.4.1 perseant bl_log(b, LOG_DEBUG, 212 1.1 christos "%s: connect failed for `%s' (%s)", 213 1.1 christos __func__, sun->sun_path, strerror(errno)); 214 1.1 christos b->b_connected = 1; 215 1.1 christos } 216 1.1 christos BL_UNLOCK(b); 217 1.1 christos return -1; 218 1.1 christos } 219 1.2.4.1 perseant bl_log(b, LOG_DEBUG, "Connected to blocklist server", __func__); 220 1.1 christos } 221 1.1 christos 222 1.1 christos if (srv) { 223 1.1 christos (void)unlink(sun->sun_path); 224 1.1 christos om = umask(0); 225 1.1 christos rv = bind(b->b_fd, (const void *)sun, (socklen_t)sizeof(*sun)); 226 1.1 christos serrno = errno; 227 1.1 christos (void)umask(om); 228 1.1 christos errno = serrno; 229 1.1 christos if (rv == -1) { 230 1.2.4.1 perseant bl_log(b, LOG_ERR, "%s: bind failed for `%s' (%s)", 231 1.1 christos __func__, sun->sun_path, strerror(errno)); 232 1.1 christos goto out; 233 1.1 christos } 234 1.1 christos } 235 1.1 christos 236 1.1 christos b->b_connected = 0; 237 1.1 christos #define GOT_FD 1 238 1.1 christos #if defined(LOCAL_CREDS) 239 1.1 christos #define CRED_LEVEL 0 240 1.1 christos #define CRED_NAME LOCAL_CREDS 241 1.2.4.1 perseant #define CRED_SC_UID(x) (x)->sc_euid 242 1.2.4.1 perseant #define CRED_SC_GID(x) (x)->sc_egid 243 1.1 christos #define CRED_MESSAGE SCM_CREDS 244 1.1 christos #define CRED_SIZE SOCKCREDSIZE(NGROUPS_MAX) 245 1.1 christos #define CRED_TYPE struct sockcred 246 1.1 christos #define GOT_CRED 2 247 1.1 christos #elif defined(SO_PASSCRED) 248 1.1 christos #define CRED_LEVEL SOL_SOCKET 249 1.1 christos #define CRED_NAME SO_PASSCRED 250 1.2.4.1 perseant #define CRED_SC_UID(x) (x)->uid 251 1.2.4.1 perseant #define CRED_SC_GID(x) (x)->gid 252 1.1 christos #define CRED_MESSAGE SCM_CREDENTIALS 253 1.1 christos #define CRED_SIZE sizeof(struct ucred) 254 1.1 christos #define CRED_TYPE struct ucred 255 1.1 christos #define GOT_CRED 2 256 1.2.4.1 perseant #elif defined(SO_RECVUCRED) 257 1.2.4.1 perseant #define CRED_LEVEL SOL_SOCKET 258 1.2.4.1 perseant #define CRED_NAME SO_RECVUCRED 259 1.2.4.1 perseant #define CRED_SC_UID(x) ucred_geteuid(x) 260 1.2.4.1 perseant #define CRED_SC_GID(x) ucred_getegid(x) 261 1.2.4.1 perseant #define CRED_MESSAGE SCM_UCRED 262 1.2.4.1 perseant #define CRED_SIZE ucred_size() 263 1.2.4.1 perseant #define CRED_TYPE ucred_t 264 1.2.4.1 perseant #define GOT_CRED 2 265 1.1 christos #else 266 1.1 christos #define GOT_CRED 0 267 1.1 christos /* 268 1.1 christos * getpeereid() and LOCAL_PEERCRED don't help here 269 1.1 christos * because we are not a stream socket! 270 1.1 christos */ 271 1.1 christos #define CRED_SIZE 0 272 1.1 christos #define CRED_TYPE void * __unused 273 1.1 christos #endif 274 1.1 christos 275 1.1 christos #ifdef CRED_LEVEL 276 1.1 christos if (setsockopt(b->b_fd, CRED_LEVEL, CRED_NAME, 277 1.1 christos &one, (socklen_t)sizeof(one)) == -1) { 278 1.2.4.1 perseant bl_log(b, LOG_ERR, "%s: setsockopt %s " 279 1.1 christos "failed (%s)", __func__, __STRING(CRED_NAME), 280 1.1 christos strerror(errno)); 281 1.1 christos goto out; 282 1.1 christos } 283 1.1 christos #endif 284 1.1 christos 285 1.1 christos BL_UNLOCK(b); 286 1.1 christos return 0; 287 1.1 christos out: 288 1.1 christos bl_reset(b, true); 289 1.1 christos BL_UNLOCK(b); 290 1.1 christos return -1; 291 1.1 christos } 292 1.1 christos 293 1.1 christos bl_t 294 1.2.4.1 perseant bl_create(bool srv, const char *path, 295 1.2.4.1 perseant void (*fun)(int, struct syslog_data *, const char *, va_list)) 296 1.1 christos { 297 1.2.4.1 perseant static struct syslog_data sd = SYSLOG_DATA_INIT; 298 1.1 christos bl_t b = calloc(1, sizeof(*b)); 299 1.1 christos if (b == NULL) 300 1.2.4.1 perseant return NULL; 301 1.2.4.1 perseant b->b_fun = fun; 302 1.2.4.1 perseant b->b_syslog_data = sd; 303 1.1 christos b->b_fd = -1; 304 1.1 christos b->b_connected = -1; 305 1.1 christos BL_INIT(b); 306 1.1 christos 307 1.1 christos memset(&b->b_sun, 0, sizeof(b->b_sun)); 308 1.1 christos b->b_sun.sun_family = AF_LOCAL; 309 1.1 christos #ifdef HAVE_STRUCT_SOCKADDR_SA_LEN 310 1.1 christos b->b_sun.sun_len = sizeof(b->b_sun); 311 1.1 christos #endif 312 1.1 christos strlcpy(b->b_sun.sun_path, 313 1.1 christos path ? path : _PATH_BLSOCK, sizeof(b->b_sun.sun_path)); 314 1.1 christos 315 1.1 christos bl_init(b, srv); 316 1.1 christos return b; 317 1.1 christos } 318 1.1 christos 319 1.1 christos void 320 1.1 christos bl_destroy(bl_t b) 321 1.1 christos { 322 1.1 christos bl_reset(b, false); 323 1.1 christos free(b); 324 1.1 christos } 325 1.1 christos 326 1.1 christos static int 327 1.1 christos bl_getsock(bl_t b, struct sockaddr_storage *ss, const struct sockaddr *sa, 328 1.1 christos socklen_t slen, const char *ctx) 329 1.1 christos { 330 1.1 christos uint8_t family; 331 1.1 christos 332 1.1 christos memset(ss, 0, sizeof(*ss)); 333 1.1 christos 334 1.1 christos switch (slen) { 335 1.1 christos case 0: 336 1.1 christos return 0; 337 1.1 christos case sizeof(struct sockaddr_in): 338 1.1 christos family = AF_INET; 339 1.1 christos break; 340 1.1 christos case sizeof(struct sockaddr_in6): 341 1.1 christos family = AF_INET6; 342 1.1 christos break; 343 1.1 christos default: 344 1.2.4.1 perseant bl_log(b, LOG_ERR, "%s: invalid socket len %u (%s)", 345 1.1 christos __func__, (unsigned)slen, ctx); 346 1.1 christos errno = EINVAL; 347 1.1 christos return -1; 348 1.1 christos } 349 1.1 christos 350 1.1 christos memcpy(ss, sa, slen); 351 1.1 christos 352 1.1 christos if (ss->ss_family != family) { 353 1.2.4.1 perseant bl_log(b, LOG_INFO, 354 1.1 christos "%s: correcting socket family %d to %d (%s)", 355 1.1 christos __func__, ss->ss_family, family, ctx); 356 1.1 christos ss->ss_family = family; 357 1.1 christos } 358 1.1 christos 359 1.1 christos #ifdef HAVE_STRUCT_SOCKADDR_SA_LEN 360 1.1 christos if (ss->ss_len != slen) { 361 1.2.4.1 perseant bl_log(b, LOG_INFO, 362 1.1 christos "%s: correcting socket len %u to %u (%s)", 363 1.1 christos __func__, ss->ss_len, (unsigned)slen, ctx); 364 1.1 christos ss->ss_len = (uint8_t)slen; 365 1.1 christos } 366 1.1 christos #endif 367 1.1 christos return 0; 368 1.1 christos } 369 1.1 christos 370 1.1 christos int 371 1.1 christos bl_send(bl_t b, bl_type_t e, int pfd, const struct sockaddr *sa, 372 1.1 christos socklen_t slen, const char *ctx) 373 1.1 christos { 374 1.1 christos struct msghdr msg; 375 1.1 christos struct iovec iov; 376 1.1 christos union { 377 1.1 christos char ctrl[CMSG_SPACE(sizeof(int))]; 378 1.1 christos uint32_t fd; 379 1.1 christos } ua; 380 1.1 christos struct cmsghdr *cmsg; 381 1.1 christos union { 382 1.1 christos bl_message_t bl; 383 1.1 christos char buf[512]; 384 1.1 christos } ub; 385 1.1 christos size_t ctxlen, tried; 386 1.1 christos #define NTRIES 5 387 1.1 christos 388 1.1 christos ctxlen = strlen(ctx); 389 1.1 christos if (ctxlen > 128) 390 1.1 christos ctxlen = 128; 391 1.1 christos 392 1.1 christos iov.iov_base = ub.buf; 393 1.1 christos iov.iov_len = sizeof(bl_message_t) + ctxlen; 394 1.1 christos ub.bl.bl_len = (uint32_t)iov.iov_len; 395 1.1 christos ub.bl.bl_version = BL_VERSION; 396 1.1 christos ub.bl.bl_type = (uint32_t)e; 397 1.1 christos 398 1.1 christos if (bl_getsock(b, &ub.bl.bl_ss, sa, slen, ctx) == -1) 399 1.1 christos return -1; 400 1.1 christos 401 1.1 christos 402 1.1 christos ub.bl.bl_salen = slen; 403 1.1 christos memcpy(ub.bl.bl_data, ctx, ctxlen); 404 1.1 christos 405 1.1 christos msg.msg_name = NULL; 406 1.1 christos msg.msg_namelen = 0; 407 1.1 christos msg.msg_iov = &iov; 408 1.1 christos msg.msg_iovlen = 1; 409 1.1 christos msg.msg_flags = 0; 410 1.1 christos 411 1.1 christos msg.msg_control = ua.ctrl; 412 1.1 christos msg.msg_controllen = sizeof(ua.ctrl); 413 1.1 christos 414 1.1 christos cmsg = CMSG_FIRSTHDR(&msg); 415 1.1 christos cmsg->cmsg_len = CMSG_LEN(sizeof(int)); 416 1.1 christos cmsg->cmsg_level = SOL_SOCKET; 417 1.1 christos cmsg->cmsg_type = SCM_RIGHTS; 418 1.1 christos 419 1.1 christos memcpy(CMSG_DATA(cmsg), &pfd, sizeof(pfd)); 420 1.1 christos 421 1.1 christos tried = 0; 422 1.1 christos again: 423 1.1 christos if (bl_init(b, false) == -1) 424 1.1 christos return -1; 425 1.1 christos 426 1.1 christos if ((sendmsg(b->b_fd, &msg, 0) == -1) && tried++ < NTRIES) { 427 1.1 christos bl_reset(b, false); 428 1.1 christos goto again; 429 1.1 christos } 430 1.1 christos return tried >= NTRIES ? -1 : 0; 431 1.1 christos } 432 1.1 christos 433 1.1 christos bl_info_t * 434 1.1 christos bl_recv(bl_t b) 435 1.1 christos { 436 1.1 christos struct msghdr msg; 437 1.1 christos struct iovec iov; 438 1.1 christos union { 439 1.1 christos char ctrl[CMSG_SPACE(sizeof(int)) + CMSG_SPACE(CRED_SIZE)]; 440 1.1 christos uint32_t fd; 441 1.1 christos } ua; 442 1.1 christos struct cmsghdr *cmsg; 443 1.2.4.1 perseant #if GOT_CRED != 0 444 1.1 christos CRED_TYPE *sc; 445 1.2.4.1 perseant #endif 446 1.1 christos union { 447 1.1 christos bl_message_t bl; 448 1.1 christos char buf[512]; 449 1.1 christos } ub; 450 1.1 christos int got; 451 1.1 christos ssize_t rlen; 452 1.2 christos size_t rem; 453 1.1 christos bl_info_t *bi = &b->b_info; 454 1.1 christos 455 1.1 christos got = 0; 456 1.1 christos memset(bi, 0, sizeof(*bi)); 457 1.1 christos 458 1.1 christos iov.iov_base = ub.buf; 459 1.1 christos iov.iov_len = sizeof(ub); 460 1.1 christos 461 1.1 christos msg.msg_name = NULL; 462 1.1 christos msg.msg_namelen = 0; 463 1.1 christos msg.msg_iov = &iov; 464 1.1 christos msg.msg_iovlen = 1; 465 1.1 christos msg.msg_flags = 0; 466 1.1 christos 467 1.1 christos msg.msg_control = ua.ctrl; 468 1.2.4.1 perseant msg.msg_controllen = sizeof(ua.ctrl); 469 1.1 christos 470 1.1 christos rlen = recvmsg(b->b_fd, &msg, 0); 471 1.1 christos if (rlen == -1) { 472 1.2.4.1 perseant bl_log(b, LOG_ERR, "%s: recvmsg failed (%s)", __func__, 473 1.1 christos strerror(errno)); 474 1.1 christos return NULL; 475 1.1 christos } 476 1.1 christos 477 1.1 christos for (cmsg = CMSG_FIRSTHDR(&msg); cmsg; cmsg = CMSG_NXTHDR(&msg, cmsg)) { 478 1.1 christos if (cmsg->cmsg_level != SOL_SOCKET) { 479 1.2.4.1 perseant bl_log(b, LOG_ERR, 480 1.1 christos "%s: unexpected cmsg_level %d", 481 1.1 christos __func__, cmsg->cmsg_level); 482 1.1 christos continue; 483 1.1 christos } 484 1.1 christos switch (cmsg->cmsg_type) { 485 1.1 christos case SCM_RIGHTS: 486 1.1 christos if (cmsg->cmsg_len != CMSG_LEN(sizeof(int))) { 487 1.2.4.1 perseant int *fd = (void *)CMSG_DATA(cmsg); 488 1.2.4.1 perseant size_t len = cmsg->cmsg_len / sizeof(int); 489 1.2.4.1 perseant bl_log(b, LOG_ERR, 490 1.1 christos "%s: unexpected cmsg_len %d != %zu", 491 1.1 christos __func__, cmsg->cmsg_len, 492 1.2.4.1 perseant CMSG_LEN(sizeof(int))); 493 1.2.4.1 perseant 494 1.2.4.1 perseant for (size_t i = 0; i < len; i++) 495 1.2.4.1 perseant (void)close(fd[i]); 496 1.1 christos continue; 497 1.1 christos } 498 1.1 christos memcpy(&bi->bi_fd, CMSG_DATA(cmsg), sizeof(bi->bi_fd)); 499 1.1 christos got |= GOT_FD; 500 1.1 christos break; 501 1.1 christos #ifdef CRED_MESSAGE 502 1.1 christos case CRED_MESSAGE: 503 1.1 christos sc = (void *)CMSG_DATA(cmsg); 504 1.2.4.1 perseant bi->bi_uid = CRED_SC_UID(sc); 505 1.2.4.1 perseant bi->bi_gid = CRED_SC_GID(sc); 506 1.1 christos got |= GOT_CRED; 507 1.1 christos break; 508 1.1 christos #endif 509 1.1 christos default: 510 1.2.4.1 perseant bl_log(b, LOG_ERR, 511 1.1 christos "%s: unexpected cmsg_type %d", 512 1.1 christos __func__, cmsg->cmsg_type); 513 1.1 christos continue; 514 1.1 christos } 515 1.1 christos 516 1.1 christos } 517 1.1 christos 518 1.1 christos if (got != (GOT_CRED|GOT_FD)) { 519 1.2.4.1 perseant bl_log(b, LOG_ERR, "message missing %s %s", 520 1.1 christos #if GOT_CRED != 0 521 1.1 christos (got & GOT_CRED) == 0 ? "cred" : 522 1.1 christos #endif 523 1.1 christos "", (got & GOT_FD) == 0 ? "fd" : ""); 524 1.1 christos return NULL; 525 1.1 christos } 526 1.1 christos 527 1.2 christos rem = (size_t)rlen; 528 1.2 christos if (rem < sizeof(ub.bl)) { 529 1.2.4.1 perseant bl_log(b, LOG_ERR, "message too short %zd", rlen); 530 1.1 christos return NULL; 531 1.1 christos } 532 1.2 christos rem -= sizeof(ub.bl); 533 1.1 christos 534 1.1 christos if (ub.bl.bl_version != BL_VERSION) { 535 1.2.4.1 perseant bl_log(b, LOG_ERR, "bad version %d", ub.bl.bl_version); 536 1.1 christos return NULL; 537 1.1 christos } 538 1.1 christos 539 1.1 christos bi->bi_type = ub.bl.bl_type; 540 1.1 christos bi->bi_slen = ub.bl.bl_salen; 541 1.1 christos bi->bi_ss = ub.bl.bl_ss; 542 1.1 christos #ifndef CRED_MESSAGE 543 1.1 christos bi->bi_uid = -1; 544 1.1 christos bi->bi_gid = -1; 545 1.1 christos #endif 546 1.2 christos if (rem == 0) 547 1.2 christos bi->bi_msg[0] = '\0'; 548 1.2.4.1 perseant else { 549 1.2.4.1 perseant rem = MIN(sizeof(bi->bi_msg) - 1, rem); 550 1.2.4.1 perseant memcpy(bi->bi_msg, ub.bl.bl_data, rem); 551 1.2.4.1 perseant bi->bi_msg[rem] = '\0'; 552 1.2.4.1 perseant } 553 1.1 christos return bi; 554 1.1 christos } 555
Indexes created Fri Mar 20 00:23:26 UTC 2026