X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=networking%2Finetd.c;h=a45573396af776ed1d17a6d9e9d07db36a38ed2d;hb=8cd04d1cb658227d3c6eeb2a377314ca9cdf249d;hp=463c7cfcf80566b912dd2ee8493e55061fafb850;hpb=4cf1d08fc2e50f9abda999d468c5e972ff4995c2;p=oweals%2Fbusybox.git diff --git a/networking/inetd.c b/networking/inetd.c index 463c7cfcf..a45573396 100644 --- a/networking/inetd.c +++ b/networking/inetd.c @@ -130,22 +130,27 @@ * tening service socket, and must accept at least one connection request * before exiting. Such a server would normally accept and process incoming * connection requests until a timeout. - * - * In short: "stream" can be "wait" or "nowait"; "dgram" must be "wait". + */ + +/* Despite of above doc saying that dgram services must use "wait", + * "udp nowait" servers are implemented in busyboxed inetd. + * IPv6 addresses are also implemented. However, they may look ugly - + * ":::service..." means "address '::' (IPv6 wildcard addr)":"service"... + * You have to put "tcp6"/"udp6" in protocol field to select IPv6. */ /* Here's the scoop concerning the user[:group] feature: * 1) group is not specified: * a) user = root: NO setuid() or setgid() is done - * b) other: setgid(primary group as found in passwd) - * initgroups(name, primary group) + * b) other: initgroups(name, primary group) + * setgid(primary group as found in passwd) * setuid() * 2) group is specified: * a) user = root: setgid(specified group) * NO initgroups() * NO setuid() - * b) other: setgid(specified group) - * initgroups(name, specified group) + * b) other: initgroups(name, specified group) + * setgid(specified group) * setuid() */ @@ -218,7 +223,7 @@ typedef struct servtab_t { smallint se_checked; /* looked at during merge */ unsigned se_max; /* allowed instances per minute */ unsigned se_count; /* number started since se_time */ - unsigned se_time; /* whem we started counting */ + unsigned se_time; /* when we started counting */ char *se_user; /* user name to run as */ char *se_group; /* group name to run as, can be NULL */ #ifdef INETD_BUILTINS_ENABLED @@ -234,36 +239,36 @@ typedef struct servtab_t { #ifdef INETD_BUILTINS_ENABLED /* Echo received data */ #if ENABLE_FEATURE_INETD_SUPPORT_BUILTIN_ECHO -static void echo_stream(int, servtab_t *); -static void echo_dg(int, servtab_t *); +static void FAST_FUNC echo_stream(int, servtab_t *); +static void FAST_FUNC echo_dg(int, servtab_t *); #endif /* Internet /dev/null */ #if ENABLE_FEATURE_INETD_SUPPORT_BUILTIN_DISCARD -static void discard_stream(int, servtab_t *); -static void discard_dg(int, servtab_t *); +static void FAST_FUNC discard_stream(int, servtab_t *); +static void FAST_FUNC discard_dg(int, servtab_t *); #endif /* Return 32 bit time since 1900 */ #if ENABLE_FEATURE_INETD_SUPPORT_BUILTIN_TIME -static void machtime_stream(int, servtab_t *); -static void machtime_dg(int, servtab_t *); +static void FAST_FUNC machtime_stream(int, servtab_t *); +static void FAST_FUNC machtime_dg(int, servtab_t *); #endif /* Return human-readable time */ #if ENABLE_FEATURE_INETD_SUPPORT_BUILTIN_DAYTIME -static void daytime_stream(int, servtab_t *); -static void daytime_dg(int, servtab_t *); +static void FAST_FUNC daytime_stream(int, servtab_t *); +static void FAST_FUNC daytime_dg(int, servtab_t *); #endif /* Familiar character generator */ #if ENABLE_FEATURE_INETD_SUPPORT_BUILTIN_CHARGEN -static void chargen_stream(int, servtab_t *); -static void chargen_dg(int, servtab_t *); +static void FAST_FUNC chargen_stream(int, servtab_t *); +static void FAST_FUNC chargen_dg(int, servtab_t *); #endif struct builtin { /* NB: not necessarily NUL terminated */ char bi_service7[7]; /* internally provided service name */ uint8_t bi_fork; /* 1 if stream fn should run in child */ - void (*bi_stream_fn)(int, servtab_t *); - void (*bi_dgram_fn)(int, servtab_t *); + void (*bi_stream_fn)(int, servtab_t *) FAST_FUNC; + void (*bi_dgram_fn)(int, servtab_t *) FAST_FUNC; }; static const struct builtin builtins[] = { @@ -290,14 +295,15 @@ struct globals { struct rlimit rlim_ofile; servtab_t *serv_list; int global_queuelen; + int maxsock; /* max fd# in allsock, -1: unknown */ + /* whenever maxsock grows, prev_maxsock is set to new maxsock, + * but if maxsock is set to -1, prev_maxsock is not changed */ int prev_maxsock; - int maxsock; unsigned max_concurrency; smallint alarm_armed; uid_t real_uid; /* user ID who ran us */ - unsigned config_lineno; const char *config_filename; - FILE *fconfig; + parser_t *parser; char *default_local_hostname; #if ENABLE_FEATURE_INETD_SUPPORT_BUILTIN_CHARGEN char *end_ring; @@ -317,14 +323,13 @@ struct BUG_G_too_big { #define rlim_ofile (G.rlim_ofile ) #define serv_list (G.serv_list ) #define global_queuelen (G.global_queuelen) -#define prev_maxsock (G.prev_maxsock ) #define maxsock (G.maxsock ) +#define prev_maxsock (G.prev_maxsock ) #define max_concurrency (G.max_concurrency) #define alarm_armed (G.alarm_armed ) #define real_uid (G.real_uid ) -#define config_lineno (G.config_lineno ) #define config_filename (G.config_filename) -#define fconfig (G.fconfig ) +#define parser (G.parser ) #define default_local_hostname (G.default_local_hostname) #define first_ps_byte (G.first_ps_byte ) #define last_ps_byte (G.last_ps_byte ) @@ -361,7 +366,7 @@ static len_and_sockaddr *xzalloc_lsa(int family) lsa = xzalloc(LSA_LEN_SIZE + sz); lsa->len = sz; lsa->u.sa.sa_family = family; - return lsa; + return lsa; } static void rearm_alarm(void) @@ -378,12 +383,12 @@ static void block_CHLD_HUP_ALRM(sigset_t *m) sigaddset(m, SIGCHLD); sigaddset(m, SIGHUP); sigaddset(m, SIGALRM); - sigprocmask(SIG_BLOCK, m, NULL); + sigprocmask(SIG_BLOCK, m, m); /* old sigmask is stored in m */ } -static void unblock_sigs(sigset_t *m) +static void restore_sigmask(sigset_t *m) { - sigprocmask(SIG_UNBLOCK, m, NULL); + sigprocmask(SIG_SETMASK, m, NULL); } #if ENABLE_FEATURE_INETD_RPC @@ -456,7 +461,7 @@ static void add_fd_to_set(int fd) FD_SET(fd, &allsock); if (maxsock >= 0 && fd > maxsock) { prev_maxsock = maxsock = fd; - if ((rlim_t)maxsock > rlim_ofile_cur - FD_MARGIN) + if ((rlim_t)fd > rlim_ofile_cur - FD_MARGIN) bump_nofile(); } } @@ -465,6 +470,10 @@ static void add_fd_to_set(int fd) static void recalculate_maxsock(void) { int fd = 0; + + /* We may have no services, in this case maxsock should still be >= 0 + * (code elsewhere is not happy with maxsock == -1) */ + maxsock = 0; while (fd <= prev_maxsock) { if (FD_ISSET(fd, &allsock)) maxsock = fd; @@ -538,61 +547,20 @@ static int reopen_config_file(void) { free(default_local_hostname); default_local_hostname = xstrdup("*"); - if (fconfig != NULL) - fclose(fconfig); - config_lineno = 0; - fconfig = fopen_or_warn(config_filename, "r"); - return (fconfig != NULL); + if (parser != NULL) + config_close(parser); + parser = config_open(config_filename); + return (parser != NULL); } static void close_config_file(void) { - if (fconfig) { - fclose(fconfig); - fconfig = NULL; + if (parser) { + config_close(parser); + parser = NULL; } } -static char *next_line(void) -{ - if (fgets(line, LINE_SIZE, fconfig) == NULL) - return NULL; - config_lineno++; - *strchrnul(line, '\n') = '\0'; - return line; -} - -static char *next_word(char **cpp) -{ - char *start; - char *cp = *cpp; - - if (cp == NULL) - return NULL; - again: - while (*cp == ' ' || *cp == '\t') - cp++; - if (*cp == '\0') { - int c = getc(fconfig); - ungetc(c, fconfig); - if (c == ' ' || c == '\t') { - cp = next_line(); - if (cp) - goto again; - } - *cpp = NULL; - return NULL; - } - start = cp; - while (*cp && *cp != ' ' && *cp != '\t') - cp++; - if (*cp != '\0') - *cp++ = '\0'; - - *cpp = cp; - return start; -} - static void free_servtab_strings(servtab_t *cp) { int i; @@ -638,55 +606,49 @@ static servtab_t *dup_servtab(servtab_t *sep) } /* gcc generates much more code if this is inlined */ -static NOINLINE servtab_t *parse_one_line(void) +static servtab_t *parse_one_line(void) { int argc; - char *p, *cp, *arg; + char *token[6+MAXARGV]; + char *p, *arg; char *hostdelim; servtab_t *sep; servtab_t *nsep; new: sep = new_servtab(); more: - while ((cp = next_line()) && *cp == '#') - continue; /* skip comment lines */ - if (cp == NULL) { + argc = config_read(parser, token, 6+MAXARGV, 1, "# \t", PARSE_NORMAL); + if (!argc) { free(sep); return NULL; } - arg = next_word(&cp); - if (arg == NULL) /* a blank line. */ - goto more; - /* [host:]service socktype proto wait user[:group] prog [args] */ /* Check for "host:...." line */ + arg = token[0]; hostdelim = strrchr(arg, ':'); if (hostdelim) { *hostdelim = '\0'; sep->se_local_hostname = xstrdup(arg); arg = hostdelim + 1; - if (*arg == '\0') { - arg = next_word(&cp); - if (arg == NULL) { - /* Line has just "host:", change the - * default host for the following lines. */ - free(default_local_hostname); - default_local_hostname = sep->se_local_hostname; - goto more; - } + if (*arg == '\0' && argc == 1) { + /* Line has just "host:", change the + * default host for the following lines. */ + free(default_local_hostname); + default_local_hostname = sep->se_local_hostname; + goto more; } } else sep->se_local_hostname = xstrdup(default_local_hostname); /* service socktype proto wait user[:group] prog [args] */ sep->se_service = xstrdup(arg); + /* socktype proto wait user[:group] prog [args] */ - arg = next_word(&cp); - if (arg == NULL) { + if (argc < 6) { parse_err: bb_error_msg("parse error on line %u, line is ignored", - config_lineno); + parser->lineno); free_servtab_strings(sep); /* Just "goto more" can make sep to carry over e.g. * "rpc"-ness (by having se_rpcver_lo != 0). @@ -694,8 +656,9 @@ static NOINLINE servtab_t *parse_one_line(void) free(sep); goto new; } + { - static int8_t SOCK_xxx[] ALIGN1 = { + static const int8_t SOCK_xxx[] ALIGN1 = { -1, SOCK_STREAM, SOCK_DGRAM, SOCK_RDM, SOCK_SEQPACKET, SOCK_RAW @@ -703,13 +666,11 @@ static NOINLINE servtab_t *parse_one_line(void) sep->se_socktype = SOCK_xxx[1 + index_in_strings( "stream""\0" "dgram""\0" "rdm""\0" "seqpacket""\0" "raw""\0" - , arg)]; + , token[1])]; } /* {unix,[rpc/]{tcp,udp}[6]} wait user[:group] prog [args] */ - sep->se_proto = arg = xstrdup(next_word(&cp)); - if (arg == NULL) - goto parse_err; + sep->se_proto = arg = xstrdup(token[2]); if (strcmp(arg, "unix") == 0) { sep->se_family = AF_UNIX; } else { @@ -745,7 +706,7 @@ static NOINLINE servtab_t *parse_one_line(void) if (*p == '-') { p++; n = bb_strtou(p, &p, 10); - if (n > INT_MAX || n < sep->se_rpcver_lo) + if (n > INT_MAX || (int)n < sep->se_rpcver_lo) goto bad_ver_spec; sep->se_rpcver_hi = n; } @@ -768,9 +729,7 @@ static NOINLINE servtab_t *parse_one_line(void) } /* [no]wait[.max] user[:group] prog [args] */ - arg = next_word(&cp); - if (arg == NULL) - goto parse_err; + arg = token[3]; sep->se_max = max_concurrency; p = strchr(arg, '.'); if (p) { @@ -786,9 +745,7 @@ static NOINLINE servtab_t *parse_one_line(void) goto parse_err; /* user[:group] prog [args] */ - sep->se_user = xstrdup(next_word(&cp)); - if (sep->se_user == NULL) - goto parse_err; + sep->se_user = xstrdup(token[4]); arg = strchr(sep->se_user, '.'); if (arg == NULL) arg = strchr(sep->se_user, ':'); @@ -798,16 +755,14 @@ static NOINLINE servtab_t *parse_one_line(void) } /* prog [args] */ - sep->se_program = xstrdup(next_word(&cp)); - if (sep->se_program == NULL) - goto parse_err; + sep->se_program = xstrdup(token[5]); #ifdef INETD_BUILTINS_ENABLED if (strcmp(sep->se_program, "internal") == 0 && strlen(sep->se_service) <= 7 && (sep->se_socktype == SOCK_STREAM || sep->se_socktype == SOCK_DGRAM) ) { - int i; + unsigned i; for (i = 0; i < ARRAY_SIZE(builtins); i++) if (strncmp(builtins[i].bi_service7, sep->se_service, 7) == 0) goto found_bi; @@ -821,7 +776,7 @@ static NOINLINE servtab_t *parse_one_line(void) } #endif argc = 0; - while ((arg = next_word(&cp)) != NULL && argc < MAXARGV) + while ((arg = token[6+argc]) != NULL && argc < MAXARGV) sep->se_argv[argc++] = xstrdup(arg); /* catch mixups. " stream udp ..." == wtf */ @@ -832,11 +787,13 @@ static NOINLINE servtab_t *parse_one_line(void) if (sep->se_socktype == SOCK_DGRAM) { if (sep->se_proto_no == IPPROTO_TCP) goto parse_err; - /* "udp nowait" is a small fork bomb :) */ - if (!sep->se_wait) - goto parse_err; } +// bb_info_msg( +// "ENTRY[%s][%s][%s][%d][%d][%d][%d][%d][%s][%s][%s]", +// sep->se_local_hostname, sep->se_service, sep->se_proto, sep->se_wait, sep->se_proto_no, +// sep->se_max, sep->se_count, sep->se_time, sep->se_user, sep->se_group, sep->se_program); + /* check if the hostname specifier is a comma separated list * of hostnames. we'll make new entries for each address. */ while ((hostdelim = strrchr(sep->se_local_hostname, ',')) != NULL) { @@ -870,7 +827,7 @@ static servtab_t *insert_in_servlist(servtab_t *cp) block_CHLD_HUP_ALRM(&omask); sep->se_next = serv_list; serv_list = sep; - unblock_sigs(&omask); + restore_sigmask(&omask); return sep; } @@ -885,16 +842,17 @@ static int same_serv_addr_proto(servtab_t *old, servtab_t *new) return 1; } -static void reread_config_file(int sig ATTRIBUTE_UNUSED) +static void reread_config_file(int sig UNUSED_PARAM) { servtab_t *sep, *cp, **sepp; len_and_sockaddr *lsa; sigset_t omask; unsigned n; uint16_t port; + int save_errno = errno; if (!reopen_config_file()) - return; + goto ret; for (sep = serv_list; sep; sep = sep->se_next) sep->se_checked = 0; @@ -941,7 +899,7 @@ static void reread_config_file(int sig ATTRIBUTE_UNUSED) for (i = 0; i < MAXARGV; i++) SWAP(char*, sep->se_argv[i], cp->se_argv[i]); #undef SWAP - unblock_sigs(&omask); + restore_sigmask(&omask); free_servtab_strings(cp); } after_check: @@ -1052,10 +1010,12 @@ static void reread_config_file(int sig ATTRIBUTE_UNUSED) free_servtab_strings(sep); free(sep); } - unblock_sigs(&omask); + restore_sigmask(&omask); + ret: + errno = save_errno; } -static void reap_child(int sig ATTRIBUTE_UNUSED) +static void reap_child(int sig UNUSED_PARAM) { pid_t pid; int status; @@ -1066,24 +1026,27 @@ static void reap_child(int sig ATTRIBUTE_UNUSED) pid = wait_any_nohang(&status); if (pid <= 0) break; - for (sep = serv_list; sep; sep = sep->se_next) - if (sep->se_wait == pid) { - /* One of our "wait" services */ - if (WIFEXITED(status) && WEXITSTATUS(status)) - bb_error_msg("%s: exit status 0x%x", - sep->se_program, WEXITSTATUS(status)); - else if (WIFSIGNALED(status)) - bb_error_msg("%s: exit signal 0x%x", - sep->se_program, WTERMSIG(status)); - sep->se_wait = 1; - add_fd_to_set(sep->se_fd); - } + for (sep = serv_list; sep; sep = sep->se_next) { + if (sep->se_wait != pid) + continue; + /* One of our "wait" services */ + if (WIFEXITED(status) && WEXITSTATUS(status)) + bb_error_msg("%s: exit status %u", + sep->se_program, WEXITSTATUS(status)); + else if (WIFSIGNALED(status)) + bb_error_msg("%s: exit signal %u", + sep->se_program, WTERMSIG(status)); + sep->se_wait = 1; + add_fd_to_set(sep->se_fd); + break; + } } errno = save_errno; } -static void retry_network_setup(int sig ATTRIBUTE_UNUSED) +static void retry_network_setup(int sig UNUSED_PARAM) { + int save_errno = errno; servtab_t *sep; alarm_armed = 0; @@ -1096,9 +1059,10 @@ static void retry_network_setup(int sig ATTRIBUTE_UNUSED) #endif } } + errno = save_errno; } -static void clean_up_and_exit(int sig ATTRIBUTE_UNUSED) +static void clean_up_and_exit(int sig UNUSED_PARAM) { servtab_t *sep; @@ -1122,11 +1086,11 @@ static void clean_up_and_exit(int sig ATTRIBUTE_UNUSED) close(sep->se_fd); } remove_pidfile(_PATH_INETDPID); - exit(0); + exit(EXIT_SUCCESS); } int inetd_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE; -int inetd_main(int argc, char **argv) +int inetd_main(int argc UNUSED_PARAM, char **argv) { struct sigaction sa, saved_pipe_handler; servtab_t *sep, *sep2; @@ -1155,7 +1119,12 @@ int inetd_main(int argc, char **argv) else bb_sanitize_stdio(); if (!(opt & 4)) { - openlog(applet_name, LOG_PID | LOG_NOWAIT, LOG_DAEMON); + /* LOG_NDELAY: connect to syslog daemon NOW. + * Otherwise, we may open syslog socket + * in vforked child, making opened fds and syslog() + * internal state inconsistent. + * This was observed to leak file descriptors. */ + openlog(applet_name, LOG_PID | LOG_NDELAY, LOG_DAEMON); logmode = LOGMODE_SYSLOG; } @@ -1179,15 +1148,15 @@ int inetd_main(int argc, char **argv) sigaddset(&sa.sa_mask, SIGCHLD); sigaddset(&sa.sa_mask, SIGHUP); sa.sa_handler = retry_network_setup; - sigaction(SIGALRM, &sa, NULL); + sigaction_set(SIGALRM, &sa); sa.sa_handler = reread_config_file; - sigaction(SIGHUP, &sa, NULL); + sigaction_set(SIGHUP, &sa); sa.sa_handler = reap_child; - sigaction(SIGCHLD, &sa, NULL); + sigaction_set(SIGCHLD, &sa); sa.sa_handler = clean_up_and_exit; - sigaction(SIGTERM, &sa, NULL); + sigaction_set(SIGTERM, &sa); sa.sa_handler = clean_up_and_exit; - sigaction(SIGINT, &sa, NULL); + sigaction_set(SIGINT, &sa); sa.sa_handler = SIG_IGN; sigaction(SIGPIPE, &sa, &saved_pipe_handler); @@ -1195,7 +1164,7 @@ int inetd_main(int argc, char **argv) for (;;) { int ready_fd_cnt; - int ctrl, accepted_fd; + int ctrl, accepted_fd, new_udp_fd; fd_set readable; if (maxsock < 0) @@ -1203,7 +1172,8 @@ int inetd_main(int argc, char **argv) readable = allsock; /* struct copy */ /* if there are no fds to wait on, we will block - * until signal wakes us up */ + * until signal wakes us up (maxsock == 0, but readable + * never contains fds 0 and 1...) */ ready_fd_cnt = select(maxsock + 1, &readable, NULL, NULL, NULL); if (ready_fd_cnt < 0) { if (errno != EINTR) { @@ -1220,12 +1190,43 @@ int inetd_main(int argc, char **argv) ready_fd_cnt--; ctrl = sep->se_fd; accepted_fd = -1; - if (!sep->se_wait && sep->se_socktype == SOCK_STREAM) { - ctrl = accepted_fd = accept(sep->se_fd, NULL, NULL); - if (ctrl < 0) { - if (errno != EINTR) - bb_perror_msg("accept (for %s)", sep->se_service); - continue; + new_udp_fd = -1; + if (!sep->se_wait) { + if (sep->se_socktype == SOCK_STREAM) { + ctrl = accepted_fd = accept(sep->se_fd, NULL, NULL); + if (ctrl < 0) { + if (errno != EINTR) + bb_perror_msg("accept (for %s)", sep->se_service); + continue; + } + } + /* "nowait" udp */ + if (sep->se_socktype == SOCK_DGRAM + && sep->se_family != AF_UNIX + ) { +/* How udp "nowait" works: + * child peeks at (received and buffered by kernel) UDP packet, + * performs connect() on the socket so that it is linked only + * to this peer. But this also affects parent, because descriptors + * are shared after fork() a-la dup(). When parent performs + * select(), it will see this descriptor connected to the peer (!) + * and still readable, will act on it and mess things up + * (can create many copies of same child, etc). + * Parent must create and use new socket instead. */ + new_udp_fd = socket(sep->se_family, SOCK_DGRAM, 0); + if (new_udp_fd < 0) { /* error: eat packet, forget about it */ + udp_err: + recv(sep->se_fd, line, LINE_SIZE, MSG_DONTWAIT); + continue; + } + setsockopt_reuseaddr(new_udp_fd); + /* TODO: better do bind after vfork in parent, + * so that we don't have two wildcard bound sockets + * even for a brief moment? */ + if (bind(new_udp_fd, &sep->se_lsa->u.sa, sep->se_lsa->len) < 0) { + close(new_udp_fd); + goto udp_err; + } } } @@ -1252,7 +1253,7 @@ int inetd_main(int argc, char **argv) sep->se_fd = -1; sep->se_count = 0; rearm_alarm(); /* will revive it in RETRYTIME sec */ - unblock_sigs(&omask); + restore_sigmask(&omask); maybe_close(accepted_fd); continue; /* -> check next fd in fd set */ } @@ -1272,7 +1273,7 @@ int inetd_main(int argc, char **argv) if (pid < 0) { /* fork error */ bb_perror_msg("fork"); sleep(1); - unblock_sigs(&omask); + restore_sigmask(&omask); maybe_close(accepted_fd); continue; /* -> check next fd in fd set */ } @@ -1283,77 +1284,63 @@ int inetd_main(int argc, char **argv) if (pid > 0) { /* parent */ if (sep->se_wait) { + /* tcp wait: we passed listening socket to child, + * will wait for child to terminate */ sep->se_wait = pid; remove_fd_from_set(sep->se_fd); - /* we passed listening socket to child, - * will wait for child to terminate */ } - unblock_sigs(&omask); + if (new_udp_fd >= 0) { + /* udp nowait: child connected the socket, + * we created and will use new, unconnected one */ + xmove_fd(new_udp_fd, sep->se_fd); + } + restore_sigmask(&omask); maybe_close(accepted_fd); continue; /* -> check next fd in fd set */ } - /* we are either child or didn't fork at all */ + /* we are either child or didn't vfork at all */ #ifdef INETD_BUILTINS_ENABLED if (sep->se_builtin) { - if (pid) { /* "pid" is -1: we did fork */ + if (pid) { /* "pid" is -1: we did vfork */ close(sep->se_fd); /* listening socket */ - logmode = 0; /* make xwrite etc silent */ + logmode = LOGMODE_NONE; /* make xwrite etc silent */ } - unblock_sigs(&omask); + restore_sigmask(&omask); if (sep->se_socktype == SOCK_STREAM) sep->se_builtin->bi_stream_fn(ctrl, sep); else sep->se_builtin->bi_dgram_fn(ctrl, sep); - if (pid) /* we did fork */ - _exit(0); + if (pid) /* we did vfork */ + _exit(EXIT_FAILURE); maybe_close(accepted_fd); continue; /* -> check next fd in fd set */ } #endif /* child */ setsid(); -#if 0 -/* This does not work. - * Actually, it _almost_ works. The idea behind it is: child - * can peek at (already received and buffered by kernel) UDP packet, - * and perform connect() on the socket so that it is linked only - * to this peer. But this also affects parent, because descriptors - * are shared after fork() a-la dup(). When parent returns to - * select(), it will see this descriptor attached to the peer (!) - * and likely still readable, will act on it and mess things up - * (can create many copies of same child, etc). - * If child will create new socket instead, then bind() and - * connect() it to peer's address, descriptor aliasing problem - * is solved, but first packet cannot be "transferred" to the new - * socket. It is not a problem if child can account for this, - * but our child will exec - and exec'ed program does not know - * about this "lost packet" problem! Pity... */ - /* "nowait" udp[6]. Hmmm... */ - if (!sep->se_wait - && sep->se_socktype == SOCK_DGRAM - && sep->se_family != AF_UNIX - ) { + /* "nowait" udp */ + if (new_udp_fd >= 0) { len_and_sockaddr *lsa = xzalloc_lsa(sep->se_family); /* peek at the packet and remember peer addr */ int r = recvfrom(ctrl, NULL, 0, MSG_PEEK|MSG_DONTWAIT, &lsa->u.sa, &lsa->len); - if (r >= 0) - /* make this socket "connected" to peer addr: - * only packets from this peer will be recv'ed, - * and bare write()/send() will work on it */ - connect(ctrl, &lsa->u.sa, lsa->len); + if (r < 0) + goto do_exit1; + /* make this socket "connected" to peer addr: + * only packets from this peer will be recv'ed, + * and bare write()/send() will work on it */ + connect(ctrl, &lsa->u.sa, lsa->len); free(lsa); } -#endif /* prepare env and exec program */ pwd = getpwnam(sep->se_user); if (pwd == NULL) { - bb_error_msg("%s: no such user", sep->se_user); + bb_error_msg("%s: no such %s", sep->se_user, "user"); goto do_exit1; } if (sep->se_group && (grp = getgrnam(sep->se_group)) == NULL) { - bb_error_msg("%s: no such group", sep->se_group); + bb_error_msg("%s: no such %s", sep->se_group, "group"); goto do_exit1; } if (real_uid != 0 && real_uid != pwd->pw_uid) { @@ -1364,9 +1351,8 @@ int inetd_main(int argc, char **argv) if (pwd->pw_uid) { if (sep->se_group) pwd->pw_gid = grp->gr_gid; - xsetgid(pwd->pw_gid); - initgroups(pwd->pw_name, pwd->pw_gid); - xsetuid(pwd->pw_uid); + /* initgroups, setgid, setuid: */ + change_identity(pwd); } else if (sep->se_group) { xsetgid(grp->gr_gid); setgroups(1, &grp->gr_gid); @@ -1374,34 +1360,47 @@ int inetd_main(int argc, char **argv) if (rlim_ofile.rlim_cur != rlim_ofile_cur) if (setrlimit(RLIMIT_NOFILE, &rlim_ofile) < 0) bb_perror_msg("setrlimit"); - closelog(); - xmove_fd(ctrl, 0); - xdup2(0, 1); - xdup2(0, 2); - /* NB: among others, this loop closes listening socket + + /* closelog(); - WRONG. we are after vfork, + * this may confuse syslog() internal state. + * Let's hope libc sets syslog fd to CLOEXEC... + */ + xmove_fd(ctrl, STDIN_FILENO); + xdup2(STDIN_FILENO, STDOUT_FILENO); + /* manpages of inetd I managed to find either say + * that stderr is also redirected to the network, + * or do not talk about redirection at all (!) */ + if (!sep->se_wait) /* only for usual "tcp nowait" */ + xdup2(STDIN_FILENO, STDERR_FILENO); + /* NB: among others, this loop closes listening sockets * for nowait stream children */ for (sep2 = serv_list; sep2; sep2 = sep2->se_next) - maybe_close(sep2->se_fd); - sigaction(SIGPIPE, &saved_pipe_handler, NULL); - unblock_sigs(&omask); + if (sep2->se_fd != ctrl) + maybe_close(sep2->se_fd); + sigaction_set(SIGPIPE, &saved_pipe_handler); + restore_sigmask(&omask); BB_EXECVP(sep->se_program, sep->se_argv); bb_perror_msg("exec %s", sep->se_program); do_exit1: /* eat packet in udp case */ if (sep->se_socktype != SOCK_STREAM) recv(0, line, LINE_SIZE, MSG_DONTWAIT); - _exit(1); + _exit(EXIT_FAILURE); } /* for (sep = servtab...) */ } /* for (;;) */ } +#if !BB_MMU +static const char *const cat_args[] = { "cat", NULL }; +#endif + /* * Internet services provided internally by inetd: */ #if ENABLE_FEATURE_INETD_SUPPORT_BUILTIN_ECHO /* Echo service -- echo data back. */ /* ARGSUSED */ -static void echo_stream(int s, servtab_t *sep ATTRIBUTE_UNUSED) +static void FAST_FUNC echo_stream(int s, servtab_t *sep UNUSED_PARAM) { #if BB_MMU while (1) { @@ -1411,14 +1410,18 @@ static void echo_stream(int s, servtab_t *sep ATTRIBUTE_UNUSED) xwrite(s, line, sz); } #else - static const char *const args[] = { "cat", NULL }; - /* no error messages */ - xmove_fd(xopen("/dev/null", O_WRONLY), STDERR_FILENO); - BB_EXECVP("cat", (char**)args); - _exit(1); + /* We are after vfork here! */ + /* move network socket to stdin/stdout */ + xmove_fd(s, STDIN_FILENO); + xdup2(STDIN_FILENO, STDOUT_FILENO); + /* no error messages please... */ + close(STDERR_FILENO); + xopen(bb_dev_null, O_WRONLY); + BB_EXECVP("cat", (char**)cat_args); + /* on failure we return to main, which does exit(EXIT_FAILURE) */ #endif } -static void echo_dg(int s, servtab_t *sep) +static void FAST_FUNC echo_dg(int s, servtab_t *sep) { enum { BUFSIZE = 12*1024 }; /* for jumbo sized packets! :) */ char *buf = xmalloc(BUFSIZE); /* too big for stack */ @@ -1436,23 +1439,28 @@ static void echo_dg(int s, servtab_t *sep) #if ENABLE_FEATURE_INETD_SUPPORT_BUILTIN_DISCARD -/* Discard service -- ignore data. MMU arches only. */ +/* Discard service -- ignore data. */ /* ARGSUSED */ -static void discard_stream(int s, servtab_t *sep ATTRIBUTE_UNUSED) +static void FAST_FUNC discard_stream(int s, servtab_t *sep UNUSED_PARAM) { #if BB_MMU while (safe_read(s, line, LINE_SIZE) > 0) continue; #else - static const char *const args[] = { "dd", "of=/dev/null", NULL }; - /* no error messages */ - xmove_fd(xopen("/dev/null", O_WRONLY), STDERR_FILENO); - BB_EXECVP("dd", (char**)args); - _exit(1); + /* We are after vfork here! */ + /* move network socket to stdin */ + xmove_fd(s, STDIN_FILENO); + /* discard output */ + close(STDOUT_FILENO); + xopen(bb_dev_null, O_WRONLY); + /* no error messages please... */ + xdup2(STDOUT_FILENO, STDERR_FILENO); + BB_EXECVP("cat", (char**)cat_args); + /* on failure we return to main, which does exit(EXIT_FAILURE) */ #endif } /* ARGSUSED */ -static void discard_dg(int s, servtab_t *sep ATTRIBUTE_UNUSED) +static void FAST_FUNC discard_dg(int s, servtab_t *sep UNUSED_PARAM) { /* dgram builtins are non-forking - DONT BLOCK! */ recv(s, line, LINE_SIZE, MSG_DONTWAIT); @@ -1467,13 +1475,12 @@ static void init_ring(void) int i; end_ring = ring; - for (i = 0; i <= 128; ++i) - if (isprint(i)) - *end_ring++ = i; + for (i = ' '; i < 127; i++) + *end_ring++ = i; } /* Character generator. MMU arches only. */ /* ARGSUSED */ -static void chargen_stream(int s, servtab_t *sep) +static void FAST_FUNC chargen_stream(int s, servtab_t *sep UNUSED_PARAM) { char *rs; int len; @@ -1501,7 +1508,7 @@ static void chargen_stream(int s, servtab_t *sep) } } /* ARGSUSED */ -static void chargen_dg(int s, servtab_t *sep) +static void FAST_FUNC chargen_dg(int s, servtab_t *sep) { int len; char text[LINESIZ + 2]; @@ -1550,14 +1557,14 @@ static uint32_t machtime(void) return htonl((uint32_t)(tv.tv_sec + 2208988800)); } /* ARGSUSED */ -static void machtime_stream(int s, servtab_t *sep ATTRIBUTE_UNUSED) +static void FAST_FUNC machtime_stream(int s, servtab_t *sep UNUSED_PARAM) { uint32_t result; result = machtime(); full_write(s, &result, sizeof(result)); } -static void machtime_dg(int s, servtab_t *sep) +static void FAST_FUNC machtime_dg(int s, servtab_t *sep) { uint32_t result; len_and_sockaddr *lsa = alloca(LSA_LEN_SIZE + sep->se_lsa->len); @@ -1575,14 +1582,14 @@ static void machtime_dg(int s, servtab_t *sep) #if ENABLE_FEATURE_INETD_SUPPORT_BUILTIN_DAYTIME /* Return human-readable time of day */ /* ARGSUSED */ -static void daytime_stream(int s, servtab_t *sep ATTRIBUTE_UNUSED) +static void FAST_FUNC daytime_stream(int s, servtab_t *sep UNUSED_PARAM) { time_t t; t = time(NULL); fdprintf(s, "%.24s\r\n", ctime(&t)); } -static void daytime_dg(int s, servtab_t *sep) +static void FAST_FUNC daytime_dg(int s, servtab_t *sep) { time_t t; len_and_sockaddr *lsa = alloca(LSA_LEN_SIZE + sep->se_lsa->len);