picnoir/Systemd
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

socket: rework things to have only one sockaddr formatter

Browse source
This commit is contained in:
Lennart Poettering 2013-11-07 00:03:54 +01:00
parent b7484e2a58
commit 4d49b48c60
3 changed files with 137 additions and 159 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
src/login/pam-module.c
View file

@ -318,8 +318,7 @@ _public_ PAM_EXTERN int pam_sm_open_session(
!streq(remote_host, "localhost") &&
!streq(remote_host, "localhost.localdomain");
/* Talk to logind over the message bug */
/* Talk to logind over the message bus */
r = sd_bus_open_system(&bus);
if (r < 0) {
pam_syslog(handle, LOG_ERR, "Failed to connect to system bus: %s", strerror(-r));

279
src/shared/socket-util.c
View file

@ -41,9 +41,9 @@
#include "fileio.h"
int socket_address_parse(SocketAddress *a, const char *s) {
int r;
char *e, *n;
unsigned u;
int r;
assert(a);
assert(s);
@ -59,26 +59,23 @@ int socket_address_parse(SocketAddress *a, const char *s) {
return -EAFNOSUPPORT;
}
if (!(e = strchr(s+1, ']')))
e = strchr(s+1, ']');
if (!e)
return -EINVAL;
if (!(n = strndup(s+1, e-s-1)))
return -ENOMEM;
n = strndupa(s+1, e-s-1);
errno = 0;
if (inet_pton(AF_INET6, n, &a->sockaddr.in6.sin6_addr) <= 0) {
free(n);
if (inet_pton(AF_INET6, n, &a->sockaddr.in6.sin6_addr) <= 0)
return errno > 0 ? -errno : -EINVAL;
}
free(n);
e++;
if (*e != ':')
return -EINVAL;
e++;
if ((r = safe_atou(e, &u)) < 0)
r = safe_atou(e, &u);
if (r < 0)
return r;
if (u <= 0 || u > 0xFFFF)
@ -114,43 +111,35 @@ int socket_address_parse(SocketAddress *a, const char *s) {
a->size = offsetof(struct sockaddr_un, sun_path) + 1 + l;
} else {
if ((e = strchr(s, ':'))) {
if ((r = safe_atou(e+1, &u)) < 0)
e = strchr(s, ':');
if (e) {
r = safe_atou(e+1, &u);
if (r < 0)
return r;
if (u <= 0 || u > 0xFFFF)
return -EINVAL;
if (!(n = strndup(s, e-s)))
return -ENOMEM;
n = strndupa(s, e-s);
/* IPv4 in w.x.y.z:p notation? */
if ((r = inet_pton(AF_INET, n, &a->sockaddr.in4.sin_addr)) < 0) {
free(n);
r = inet_pton(AF_INET, n, &a->sockaddr.in.sin_addr);
if (r < 0)
return -errno;
}
if (r > 0) {
/* Gotcha, it's a traditional IPv4 address */
free(n);
a->sockaddr.in4.sin_family = AF_INET;
a->sockaddr.in4.sin_port = htons((uint16_t) u);
a->sockaddr.in.sin_family = AF_INET;
a->sockaddr.in.sin_port = htons((uint16_t) u);
a->size = sizeof(struct sockaddr_in);
} else {
unsigned idx;
if (strlen(n) > IF_NAMESIZE-1) {
free(n);
if (strlen(n) > IF_NAMESIZE-1)
return -EINVAL;
}
/* Uh, our last resort, an interface name */
idx = if_nametoindex(n);
free(n);
if (idx == 0)
return -EINVAL;
@ -181,9 +170,9 @@ int socket_address_parse(SocketAddress *a, const char *s) {
a->sockaddr.in6.sin6_addr = in6addr_any;
a->size = sizeof(struct sockaddr_in6);
} else {
a->sockaddr.in4.sin_family = AF_INET;
a->sockaddr.in4.sin_port = htons((uint16_t) u);
a->sockaddr.in4.sin_addr.s_addr = INADDR_ANY;
a->sockaddr.in.sin_family = AF_INET;
a->sockaddr.in.sin_port = htons((uint16_t) u);
a->sockaddr.in.sin_addr.s_addr = INADDR_ANY;
a->size = sizeof(struct sockaddr_in);
}
}
@ -229,7 +218,7 @@ int socket_address_verify(const SocketAddress *a) {
if (a->size != sizeof(struct sockaddr_in))
return -EINVAL;
if (a->sockaddr.in4.sin_port == 0)
if (a->sockaddr.in.sin_port == 0)
return -EINVAL;
if (a->type != SOCK_STREAM && a->type != SOCK_DGRAM)
@ -259,7 +248,8 @@ int socket_address_verify(const SocketAddress *a) {
char *e;
/* path */
if (!(e = memchr(a->sockaddr.un.sun_path, 0, sizeof(a->sockaddr.un.sun_path))))
e = memchr(a->sockaddr.un.sun_path, 0, sizeof(a->sockaddr.un.sun_path));
if (!e)
return -EINVAL;
if (a->size != offsetof(struct sockaddr_un, sun_path) + (e - a->sockaddr.un.sun_path) + 1)
@ -287,101 +277,31 @@ int socket_address_verify(const SocketAddress *a) {
}
}
int socket_address_print(const SocketAddress *a, char **p) {
int socket_address_print(const SocketAddress *a, char **ret) {
int r;
assert(a);
assert(p);
if ((r = socket_address_verify(a)) < 0)
assert(a);
assert(ret);
r = socket_address_verify(a);
if (r < 0)
return r;
switch (socket_address_family(a)) {
case AF_INET: {
char *ret;
ret = new(char, INET_ADDRSTRLEN+1+5+1);
if (!ret)
return -ENOMEM;
if (!inet_ntop(AF_INET, &a->sockaddr.in4.sin_addr, ret, INET_ADDRSTRLEN)) {
free(ret);
return -errno;
}
sprintf(strchr(ret, 0), ":%u", ntohs(a->sockaddr.in4.sin_port));
*p = ret;
return 0;
}
case AF_INET6: {
char *ret;
ret = new(char, 1+INET6_ADDRSTRLEN+2+5+1);
if (!ret)
return -ENOMEM;
ret[0] = '[';
if (!inet_ntop(AF_INET6, &a->sockaddr.in6.sin6_addr, ret+1, INET6_ADDRSTRLEN)) {
free(ret);
return -errno;
}
sprintf(strchr(ret, 0), "]:%u", ntohs(a->sockaddr.in6.sin6_port));
*p = ret;
return 0;
}
case AF_UNIX: {
char *ret;
if (a->size <= offsetof(struct sockaddr_un, sun_path)) {
ret = strdup("<unnamed>");
if (!ret)
return -ENOMEM;
} else if (a->sockaddr.un.sun_path[0] == 0) {
/* abstract */
/* FIXME: We assume we can print the
* socket path here and that it hasn't
* more than one NUL byte. That is
* actually an invalid assumption */
ret = new(char, sizeof(a->sockaddr.un.sun_path)+1);
if (!ret)
return -ENOMEM;
ret[0] = '@';
memcpy(ret+1, a->sockaddr.un.sun_path+1, sizeof(a->sockaddr.un.sun_path)-1);
ret[sizeof(a->sockaddr.un.sun_path)] = 0;
} else {
ret = strdup(a->sockaddr.un.sun_path);
if (!ret)
return -ENOMEM;
}
*p = ret;
return 0;
}
case AF_NETLINK: {
if (socket_address_family(a) == AF_NETLINK) {
_cleanup_free_ char *sfamily = NULL;
r = netlink_family_to_string_alloc(a->protocol, &sfamily);
if (r < 0)
return r;
r = asprintf(p, "%s %u", sfamily, a->sockaddr.nl.nl_groups);
r = asprintf(ret, "%s %u", sfamily, a->sockaddr.nl.nl_groups);
if (r < 0)
return -ENOMEM;
return 0;
}
default:
return -EINVAL;
}
return sockaddr_pretty(&a->sockaddr.sa, a->size, false, ret);
}
bool socket_address_can_accept(const SocketAddress *a) {
@ -413,10 +333,10 @@ bool socket_address_equal(const SocketAddress *a, const SocketAddress *b) {
switch (socket_address_family(a)) {
case AF_INET:
if (a->sockaddr.in4.sin_addr.s_addr != b->sockaddr.in4.sin_addr.s_addr)
if (a->sockaddr.in.sin_addr.s_addr != b->sockaddr.in.sin_addr.s_addr)
return false;
if (a->sockaddr.in4.sin_port != b->sockaddr.in4.sin_port)
if (a->sockaddr.in.sin_port != b->sockaddr.in.sin_port)
return false;
break;
@ -552,8 +472,8 @@ bool socket_address_matches_fd(const SocketAddress *a, int fd) {
switch (sa.sa.sa_family) {
case AF_INET:
return sa.in4.sin_port == a->sockaddr.in4.sin_port &&
sa.in4.sin_addr.s_addr == a->sockaddr.in4.sin_addr.s_addr;
return sa.in.sin_port == a->sockaddr.in.sin_port &&
sa.in.sin_addr.s_addr == a->sockaddr.in.sin_addr.s_addr;
case AF_INET6:
return sa.in6.sin6_port == a->sockaddr.in6.sin6_port &&
@ -568,37 +488,24 @@ bool socket_address_matches_fd(const SocketAddress *a, int fd) {
return false;
}
int getpeername_pretty(int fd, char **ret) {
union {
struct sockaddr sa;
struct sockaddr_un un;
struct sockaddr_in in;
struct sockaddr_in6 in6;
struct sockaddr_storage storage;
} sa;
socklen_t salen;
int sockaddr_pretty(const struct sockaddr *_sa, socklen_t salen, bool translate_ipv6, char **ret) {
union sockaddr_union *sa = (union sockaddr_union*) _sa;
char *p;
assert(fd >= 0);
assert(ret);
assert(sa);
assert(salen >= sizeof(sa->sa.sa_family));
salen = sizeof(sa);
if (getpeername(fd, &sa.sa, &salen) < 0)
return -errno;
switch (sa.sa.sa_family) {
switch (sa->sa.sa_family) {
case AF_INET: {
uint32_t a;
a = ntohl(sa.in.sin_addr.s_addr);
a = ntohl(sa->in.sin_addr.s_addr);
if (asprintf(&p,
"%u.%u.%u.%u:%u",
a >> 24, (a >> 16) & 0xFF, (a >> 8) & 0xFF, a & 0xFF,
ntohs(sa.in.sin_port)) < 0)
ntohs(sa->in.sin_port)) < 0)
return -ENOMEM;
break;
@ -609,48 +516,118 @@ int getpeername_pretty(int fd, char **ret) {
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0xFF, 0xFF
};
if (memcmp(&sa.in6.sin6_addr, ipv4_prefix, sizeof(ipv4_prefix)) == 0) {
const uint8_t *a = sa.in6.sin6_addr.s6_addr+12;
if (translate_ipv6 && memcmp(&sa->in6.sin6_addr, ipv4_prefix, sizeof(ipv4_prefix)) == 0) {
const uint8_t *a = sa->in6.sin6_addr.s6_addr+12;
if (asprintf(&p,
"%u.%u.%u.%u:%u",
a[0], a[1], a[2], a[3],
ntohs(sa.in6.sin6_port)) < 0)
ntohs(sa->in6.sin6_port)) < 0)
return -ENOMEM;
} else {
char a[INET6_ADDRSTRLEN];
if (asprintf(&p,
"%s:%u",
inet_ntop(AF_INET6, &sa.in6.sin6_addr, a, sizeof(a)),
ntohs(sa.in6.sin6_port)) < 0)
"[%s]:%u",
inet_ntop(AF_INET6, &sa->in6.sin6_addr, a, sizeof(a)),
ntohs(sa->in6.sin6_port)) < 0)
return -ENOMEM;
}
break;
}
case AF_UNIX: {
struct ucred ucred;
case AF_UNIX:
if (salen <= offsetof(struct sockaddr_un, sun_path)) {
p = strdup("<unnamed>");
if (!p)
return -ENOMEM;
salen = sizeof(ucred);
if (getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &ucred, &salen) < 0)
return -errno;
} else if (sa->un.sun_path[0] == 0) {
/* abstract */
if (asprintf(&p, "PID %lu/UID %lu", (unsigned long) ucred.pid, (unsigned long) ucred.pid) < 0)
return -ENOMEM;
/* FIXME: We assume we can print the
* socket path here and that it hasn't
* more than one NUL byte. That is
* actually an invalid assumption */
p = new(char, sizeof(sa->un.sun_path)+1);
if (!p)
return -ENOMEM;
p[0] = '@';
memcpy(p+1, sa->un.sun_path+1, sizeof(sa->un.sun_path)-1);
p[sizeof(sa->un.sun_path)] = 0;
} else {
p = strndup(sa->un.sun_path, sizeof(sa->un.sun_path));
if (!ret)
return -ENOMEM;
}
break;
}
default:
return -ENOTSUP;
}
*ret = p;
return 0;
}
int getpeername_pretty(int fd, char **ret) {
union sockaddr_union sa;
socklen_t salen;
assert(fd >= 0);
assert(ret);
salen = sizeof(sa);
if (getpeername(fd, &sa.sa, &salen) < 0)
return -errno;
if (sa.sa.sa_family == AF_UNIX) {
struct ucred ucred;
/* UNIX connection sockets are anonymous, so let's use
* PID/UID as pretty credentials instead */
salen = sizeof(ucred);
if (getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &ucred, &salen) < 0)
return -errno;
if (asprintf(ret, "PID %lu/UID %lu", (unsigned long) ucred.pid, (unsigned long) ucred.pid) < 0)
return -ENOMEM;
return 0;
}
/* For remote sockets we translate IPv6 addresses back to IPv4
* if applicable, since that's nicer. */
return sockaddr_pretty(&sa.sa, salen, true, ret);
}
int getsockname_pretty(int fd, char **ret) {
union sockaddr_union sa;
socklen_t salen;
assert(fd >= 0);
assert(ret);
salen = sizeof(sa);
if (getsockname(fd, &sa.sa, &salen) < 0)
return -errno;
/* For local sockets we do not translate IPv6 addresses back
* to IPv6 if applicable, since this is usually used for
* listening sockets where the difference between IPv4 and
* IPv6 matters. */
return sockaddr_pretty(&sa.sa, salen, false, ret);
}
static const char* const netlink_family_table[] = {
[NETLINK_ROUTE] = "route",
[NETLINK_FIREWALL] = "firewall",

14
src/shared/socket-util.h
View file

@ -33,7 +33,7 @@
union sockaddr_union {
struct sockaddr sa;
struct sockaddr_in in4;
struct sockaddr_in in;
struct sockaddr_in6 in6;
struct sockaddr_un un;
struct sockaddr_nl nl;
@ -92,12 +92,14 @@ bool socket_address_equal(const SocketAddress *a, const SocketAddress *b) _pure_
const char* socket_address_get_path(const SocketAddress *a);
bool socket_ipv6_is_supported(void);
int sockaddr_pretty(const struct sockaddr *_sa, socklen_t salen, bool translate_ipv6, char **ret);
int getpeername_pretty(int fd, char **ret);
int getsockname_pretty(int fd, char **ret);
const char* socket_address_bind_ipv6_only_to_string(SocketAddressBindIPv6Only b) _const_;
SocketAddressBindIPv6Only socket_address_bind_ipv6_only_from_string(const char *s) _pure_;
int netlink_family_to_string_alloc(int b, char **s);
int netlink_family_from_string(const char *s);
bool socket_ipv6_is_supported(void);
int getpeername_pretty(int fd, char **ret);
int netlink_family_from_string(const char *s) _pure_;