1 /* Based on ipsvd utilities written by Gerrit Pape <pape@smarden.org>
2 * which are released into public domain by the author.
3 * Homepage: http://smarden.sunsite.dk/ipsvd/
5 * Copyright (C) 2007 Denis Vlasenko.
7 * Licensed under GPLv2, see file LICENSE in this tarball for details.
10 /* Based on ipsvd ipsvd-0.12.1. This tcpsvd accepts all options
11 * which are supported by one from ipsvd-0.12.1, but not all are
12 * functional. See help text at the end of this file for details.
14 * Code inside "#ifdef SSLSVD" is for sslsvd and is currently unused.
16 * Output of verbose mode matches original (modulo bugs and
17 * unimplemented stuff). Unnatural splitting of IP and PORT
18 * is retained (personally I prefer one-value "IP:PORT" notation -
19 * it is a natural string representation of struct sockaddr_XX).
21 * TCPORIGDST{IP,PORT} is busybox-specific addition
23 * udp server is hacked up by reusing TCP code. It has the following
24 * limitation inherent in Unix DGRAM sockets implementation:
25 * - local IP address is retrieved (using recvmsg voodoo) but
26 * child's socket is not bound to it (bind cannot be called on
27 * already bound socket). Thus it still can emit outgoing packets
28 * with wrong sorce IP...
29 * - don't know how to retrieve ORIGDST for udp.
33 #include <linux/netfilter_ipv4.h> /* wants <limits.h> */
38 #include "ipsvd_perhost.h"
41 #include "matrixSsl.h"
45 static unsigned verbose;
46 static unsigned max_per_host;
47 static unsigned cur_per_host;
49 static unsigned cmax = 30;
51 static void xsetenv_proto(const char *proto, const char *n, const char *v)
53 putenv(xasprintf("%s%s=%s", proto, n, v));
56 static void sig_term_handler(int sig)
59 printf("%s: info: sigterm received, exit\n", applet_name);
63 /* Little bloated, but tries to give accurate info how child exited.
64 * Makes easier to spot segfaulting children etc... */
65 static void print_waitstat(unsigned pid, int wstat)
68 const char *cause = "?exit";
70 if (WIFEXITED(wstat)) {
72 e = WEXITSTATUS(wstat);
73 } else if (WIFSIGNALED(wstat)) {
77 printf("%s: info: end %d %s %d\n", applet_name, pid, cause, e);
80 /* Must match getopt32 in main! */
95 OPT_U = (1 << 13), /* from here: sslsvd only */
96 OPT_slash = (1 << 14),
101 static void connection_status(void)
103 /* "only 1 client max" don't need this */
105 printf("%s: info: status %u/%u\n", applet_name, cnum, cmax);
108 static void sig_child_handler(int sig)
113 while ((pid = wait_nohang(&wstat)) > 0) {
115 ipsvd_perhost_remove(pid);
119 print_waitstat(pid, wstat);
125 int tcpudpsvd_main(int argc, char **argv);
126 int tcpudpsvd_main(int argc, char **argv)
128 char *str_c, *str_C, *str_b, *str_t;
131 const char *instructs;
132 char *msg_per_host = NULL;
133 unsigned len_per_host = len_per_host; /* gcc */
135 struct bb_uidgid_t ugid;
137 bool need_hostnames, need_remote_ip, tcp;
139 char *local_hostname = NULL;
140 char *remote_hostname = (char*)""; /* "" used if no -h */
141 char *local_addr = local_addr; /* gcc */
142 char *remote_addr = remote_addr; /* gcc */
143 char *remote_ip = remote_addr; /* gcc */
144 len_and_sockaddr *lsa;
145 len_and_sockaddr local, remote;
150 unsigned backlog = 20;
152 tcp = (applet_name[0] == 't');
154 /* 3+ args, -i at most once, -p implies -h, -v is counter */
155 opt_complementary = "-3:?:i--i:ph:vv";
157 getopt32(argc, argv, "+c:C:i:x:u:l:Eb:hpt:vU:/:Z:K:",
158 &str_c, &str_C, &instructs, &instructs, &user, &local_hostname,
159 &str_b, &str_t, &ssluser, &root, &cert, &key, &verbose
162 getopt32(argc, argv, "+c:C:i:x:u:l:Eb:hpt:v",
163 &str_c, &str_C, &instructs, &instructs, &user, &local_hostname,
164 &str_b, &str_t, &verbose
167 if (option_mask32 & OPT_c)
168 cmax = xatou_range(str_c, 1, INT_MAX);
169 if (option_mask32 & OPT_C) { /* -C n[:message] */
170 max_per_host = bb_strtou(str_C, &str_C, 10);
174 msg_per_host = str_C + 1;
175 len_per_host = strlen(msg_per_host);
178 if (max_per_host > cmax)
180 if (option_mask32 & OPT_u) {
181 if (!get_uidgid(&ugid, user, 1))
182 bb_error_msg_and_die("unknown user/group: %s", user);
184 if (option_mask32 & OPT_b)
185 backlog = xatou(str_b);
187 if (option_mask32 & OPT_U) ssluser = optarg;
188 if (option_mask32 & OPT_slash) root = optarg;
189 if (option_mask32 & OPT_Z) cert = optarg;
190 if (option_mask32 & OPT_K) key = optarg;
193 if (!argv[0][0] || LONE_CHAR(argv[0], '0'))
194 argv[0] = (char*)"0.0.0.0";
196 /* Per-IP flood protection is not thought-out for UDP */
200 /* stdout is used for logging, don't buffer */
202 bb_sanitize_stdio(); /* fd# 0,1,2 must be opened */
204 need_hostnames = verbose || !(option_mask32 & OPT_E);
205 need_remote_ip = max_per_host || need_hostnames;
210 if ((getuid() == 0) && !(option_mask32 & OPT_u)) {
211 xfunc_exitcode = 100;
212 bb_error_msg_and_die("fatal: -U ssluser must be set when running as root");
214 if (option_mask32 & OPT_u)
215 if (!uidgid_get(&sslugid, ssluser, 1)) {
217 bb_perror_msg_and_die("fatal: cannot get user/group: %s", ssluser);
219 bb_error_msg_and_die("fatal: unknown user/group '%s'", ssluser);
221 if (!cert) cert = "./cert.pem";
222 if (!key) key = cert;
223 if (matrixSslOpen() < 0)
224 fatal("cannot initialize ssl");
225 if (matrixSslReadKeys(&keys, cert, key, 0, ca) < 0) {
227 fatal("cannot read cert, key, or ca file");
228 fatal("cannot read cert or key file");
230 if (matrixSslNewSession(&ssl, keys, 0, SSL_FLAGS_SERVER) < 0)
231 fatal("cannot create ssl session");
235 signal(SIGCHLD, sig_child_handler);
236 signal(SIGTERM, sig_term_handler);
237 signal(SIGPIPE, SIG_IGN);
240 ipsvd_perhost_init(cmax);
242 local_port = bb_lookup_port(argv[1], tcp ? "tcp" : "udp", 0);
243 lsa = xhost2sockaddr(argv[0], local_port);
244 sock = xsocket(lsa->sa.sa_family, tcp ? SOCK_STREAM : SOCK_DGRAM, 0);
245 setsockopt_reuseaddr(sock);
246 sa_len = lsa->len; /* I presume sockaddr len stays the same */
247 xbind(sock, &lsa->sa, sa_len);
249 xlisten(sock, backlog);
250 else /* udp: needed for recv_from_to to work: */
251 socket_want_pktinfo(sock);
252 /* ndelay_off(sock); - it is the default I think? */
255 if (option_mask32 & OPT_u) {
256 /* drop permissions */
263 char *addr = xmalloc_sockaddr2dotted(&lsa->sa, sa_len);
264 printf("%s: info: listening on %s", applet_name, addr);
267 if (option_mask32 & OPT_u)
268 printf(", uid %u, gid %u",
269 (unsigned)ugid.uid, (unsigned)ugid.gid);
274 /* Main accept() loop */
280 sig_pause(); /* wait for any signal (expecting SIGCHLD) */
282 /* Accept a connection to fd #0 */
286 sig_unblock(SIGCHLD);
289 conn = accept(sock, &remote.sa, &remote.len);
291 /* In case we won't be able to recover local below.
292 * Also sets port - recv_from_to is unable to do it. */
294 conn = recv_from_to(sock, NULL, 0, MSG_PEEK, &remote.sa, &local.sa, sa_len);
299 bb_perror_msg(tcp ? "accept" : "recv");
302 xmove_fd(tcp ? conn : sock, 0);
305 /* Drop connection immediately if cur_per_host > max_per_host
306 * (minimizing load under SYN flood) */
307 remote_ip = xmalloc_sockaddr2dotted_noport(&remote.sa, sa_len);
308 cur_per_host = ipsvd_perhost_add(remote_ip, max_per_host, &hccp);
309 if (cur_per_host > max_per_host) {
310 /* ipsvd_perhost_add detected that max is exceeded
311 * (and did not store ip in connection table) */
314 /* don't block or test for errors */
316 write(0, msg_per_host, len_per_host);
323 /* Voodoo magic: making udp sockets each receive its own
324 * packets is not trivial, and I still not sure
325 * I do it 100% right.
326 * 1) we have to do it before fork()
327 * 2) order is important - is it right now? */
329 /* Make plain write/send work for this socket by supplying default
330 * destination address. This also restricts incoming packets
331 * to ones coming from this remote IP. */
332 xconnect(0, &remote.sa, sa_len);
333 /* hole? at this point we have no wildcard udp socket...
334 * can this cause clients to get "port unreachable" icmp? */
335 /* Open new non-connected UDP socket for further clients */
336 sock = xsocket(lsa->sa.sa_family, tcp ? SOCK_STREAM : SOCK_DGRAM, 0);
337 setsockopt_reuseaddr(sock);
338 xbind(sock, &lsa->sa, sa_len);
339 socket_want_pktinfo(sock);
344 bb_perror_msg("fork");
359 /* Child: prepare env, log, and exec prog */
361 /* Closing tcp listening socket */
366 remote_addr = xmalloc_sockaddr2dotted(&remote.sa, sa_len);
368 if (need_hostnames) {
369 if (option_mask32 & OPT_h) {
370 remote_hostname = xmalloc_sockaddr2host_noport(&remote.sa, sa_len);
371 if (!remote_hostname) {
372 bb_error_msg("warning: cannot look up hostname for %s", remote_addr);
373 remote_hostname = (char*)"";
376 /* Find out local IP peer connected to.
377 * Errors ignored (I'm not paranoid enough to imagine kernel
378 * which doesn't know local IP). */
381 getsockname(0, &local.sa, &local.len);
383 local_addr = xmalloc_sockaddr2dotted(&local.sa, sa_len);
384 if (!local_hostname) {
385 local_hostname = xmalloc_sockaddr2host_noport(&local.sa, sa_len);
387 bb_error_msg_and_die("warning: cannot look up hostname for %s"+9, local_addr);
393 printf("%s: info: pid %u from %s\n", applet_name, pid, remote_addr);
395 printf("%s: info: concurrency %u %s %u/%u\n",
396 applet_name, pid, remote_ip, cur_per_host, max_per_host);
397 printf("%s: info: start %u %s:%s :%s:%s\n",
399 local_hostname, local_addr,
400 remote_hostname, remote_addr);
403 if (!(option_mask32 & OPT_E)) {
404 /* setup ucspi env */
405 const char *proto = tcp ? "TCP" : "UDP";
407 /* Extract "original" destination addr:port
408 * from Linux firewall. Useful when you redirect
409 * an outbond connection to local handler, and it needs
410 * to know where it originally tried to connect */
411 if (tcp && getsockopt(0, SOL_IP, SO_ORIGINAL_DST, &lsa->sa, &lsa->len) == 0) {
412 char *addr = xmalloc_sockaddr2dotted(&lsa->sa, sa_len);
413 xsetenv("TCPORIGDSTADDR", addr);
416 xsetenv("PROTO", proto);
417 xsetenv_proto(proto, "LOCALADDR", local_addr);
418 xsetenv_proto(proto, "LOCALHOST", local_hostname);
419 xsetenv_proto(proto, "REMOTEADDR", remote_addr);
420 if (option_mask32 & OPT_h) {
421 xsetenv_proto(proto, "REMOTEHOST", remote_hostname);
423 xsetenv_proto(proto, "REMOTEINFO", "");
425 if (cur_per_host > 0) /* can not be true for udp */
426 xsetenv("TCPCONCURRENCY", utoa(cur_per_host));
431 signal(SIGTERM, SIG_DFL);
432 signal(SIGPIPE, SIG_DFL);
433 signal(SIGCHLD, SIG_DFL);
434 sig_unblock(SIGCHLD);
438 strcpy(id, utoa(pid);
441 BB_EXECVP(argv[0], argv);
443 bb_perror_msg_and_die("exec '%s'", argv[0]);
447 tcpsvd [-hpEvv] [-c n] [-C n:msg] [-b n] [-u user] [-l name]
448 [-i dir|-x cdb] [ -t sec] host port prog
450 tcpsvd creates a TCP/IP socket, binds it to the address host:port,
451 and listens on the socket for incoming connections.
453 On each incoming connection, tcpsvd conditionally runs a program,
454 with standard input reading from the socket, and standard output
455 writing to the socket, to handle this connection. tcpsvd keeps
456 listening on the socket for new connections, and can handle
457 multiple connections simultaneously.
459 tcpsvd optionally checks for special instructions depending
460 on the IP address or hostname of the client that initiated
461 the connection, see ipsvd-instruct(5).
464 host either is a hostname, or a dotted-decimal IP address,
465 or 0. If host is 0, tcpsvd accepts connections to any local
467 * busybox accepts IPv6 addresses and host:port pairs too
468 In this case second parameter is ignored
470 tcpsvd accepts connections to host:port. port may be a name
471 from /etc/services or a number.
473 prog consists of one or more arguments. For each connection,
474 tcpsvd normally runs prog, with file descriptor 0 reading from
475 the network, and file descriptor 1 writing to the network.
476 By default it also sets up TCP-related environment variables,
479 read instructions for handling new connections from the instructions
480 directory dir. See ipsvd-instruct(5) for details.
481 * ignored by busyboxed version
483 read instructions for handling new connections from the constant database
484 cdb. The constant database normally is created from an instructions
485 directory by running ipsvd-cdb(8).
486 * ignored by busyboxed version
488 timeout. This option only takes effect if the -i option is given.
489 While checking the instructions directory, check the time of last access
490 of the file that matches the clients address or hostname if any, discard
491 and remove the file if it wasn't accessed within the last sec seconds;
492 tcpsvd does not discard or remove a file if the user's write permission
493 is not set, for those files the timeout is disabled. Default is 0,
494 which means that the timeout is disabled.
495 * ignored by busyboxed version
497 local hostname. Do not look up the local hostname in DNS, but use name
498 as hostname. This option must be set if tcpsvd listens on port 53
501 drop permissions. Switch user ID to user's UID, and group ID to user's
502 primary GID after creating and binding to the socket. If user is followed
503 by a colon and a group name, the group ID is switched to the GID of group
504 instead. All supplementary groups are removed.
506 concurrency. Handle up to n connections simultaneously. Default is 30.
507 If there are n connections active, tcpsvd defers acceptance of a new
508 connection until an active connection is closed.
510 per host concurrency. Allow only up to n connections from the same IP
511 address simultaneously. If there are n active connections from one IP
512 address, new incoming connections from this IP address are closed
513 immediately. If n is followed by :msg, the message msg is written
514 to the client if possible, before closing the connection. By default
515 msg is empty. See ipsvd-instruct(5) for supported escape sequences in msg.
517 For each accepted connection, the current per host concurrency is
518 available through the environment variable TCPCONCURRENCY. n and msg
519 can be overwritten by ipsvd(7) instructions, see ipsvd-instruct(5).
520 By default tcpsvd doesn't keep track of connections.
522 Look up the client's hostname in DNS.
524 paranoid. After looking up the client's hostname in DNS, look up the IP
525 addresses in DNS for that hostname, and forget about the hostname
526 if none of the addresses match the client's IP address. You should
527 set this option if you use hostname based instructions. The -p option
528 implies the -h option.
529 * ignored by busyboxed version
531 backlog. Allow a backlog of approximately n TCP SYNs. On some systems n
532 is silently limited. Default is 20.
534 no special environment. Do not set up TCP-related environment variables.
536 verbose. Print verbose messsages to standard output.
538 more verbose. Print more verbose messages to standard output.
539 * no difference between -v and -vv in busyboxed version