]>
Commit | Line | Data |
---|---|---|
d6c9574f | 1 | /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/ |
42f4e3c4 | 2 | |
a7334b09 LP |
3 | /*** |
4 | This file is part of systemd. | |
5 | ||
6 | Copyright 2010 Lennart Poettering | |
7 | ||
8 | systemd is free software; you can redistribute it and/or modify it | |
9 | under the terms of the GNU General Public License as published by | |
10 | the Free Software Foundation; either version 2 of the License, or | |
11 | (at your option) any later version. | |
12 | ||
13 | systemd is distributed in the hope that it will be useful, but | |
14 | WITHOUT ANY WARRANTY; without even the implied warranty of | |
15 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
16 | General Public License for more details. | |
17 | ||
18 | You should have received a copy of the GNU General Public License | |
19 | along with systemd; If not, see <http://www.gnu.org/licenses/>. | |
20 | ***/ | |
21 | ||
42f4e3c4 LP |
22 | #include <assert.h> |
23 | #include <string.h> | |
24 | #include <unistd.h> | |
25 | #include <errno.h> | |
26 | #include <stdlib.h> | |
27 | #include <arpa/inet.h> | |
28 | #include <stdio.h> | |
542563ba | 29 | #include <net/if.h> |
b5a0699f LP |
30 | #include <sys/types.h> |
31 | #include <sys/stat.h> | |
42f4e3c4 LP |
32 | |
33 | #include "macro.h" | |
34 | #include "util.h" | |
35 | #include "socket-util.h" | |
16c42ce1 | 36 | #include "missing.h" |
e51bc1a2 | 37 | #include "label.h" |
42f4e3c4 | 38 | |
542563ba | 39 | int socket_address_parse(SocketAddress *a, const char *s) { |
42f4e3c4 LP |
40 | int r; |
41 | char *e, *n; | |
42 | unsigned u; | |
43 | ||
44 | assert(a); | |
45 | assert(s); | |
46 | ||
9152c765 | 47 | zero(*a); |
542563ba | 48 | a->type = SOCK_STREAM; |
42f4e3c4 LP |
49 | |
50 | if (*s == '[') { | |
51 | /* IPv6 in [x:.....:z]:p notation */ | |
52 | ||
53 | if (!(e = strchr(s+1, ']'))) | |
54 | return -EINVAL; | |
55 | ||
56 | if (!(n = strndup(s+1, e-s-1))) | |
57 | return -ENOMEM; | |
58 | ||
59 | errno = 0; | |
60 | if (inet_pton(AF_INET6, n, &a->sockaddr.in6.sin6_addr) <= 0) { | |
61 | free(n); | |
62 | return errno != 0 ? -errno : -EINVAL; | |
63 | } | |
64 | ||
65 | free(n); | |
66 | ||
67 | e++; | |
68 | if (*e != ':') | |
69 | return -EINVAL; | |
70 | ||
71 | e++; | |
72 | if ((r = safe_atou(e, &u)) < 0) | |
73 | return r; | |
74 | ||
75 | if (u <= 0 || u > 0xFFFF) | |
76 | return -EINVAL; | |
77 | ||
78 | a->sockaddr.in6.sin6_family = AF_INET6; | |
79 | a->sockaddr.in6.sin6_port = htons((uint16_t) u); | |
80 | a->size = sizeof(struct sockaddr_in6); | |
42f4e3c4 LP |
81 | |
82 | } else if (*s == '/') { | |
83 | /* AF_UNIX socket */ | |
84 | ||
85 | size_t l; | |
86 | ||
87 | l = strlen(s); | |
88 | if (l >= sizeof(a->sockaddr.un.sun_path)) | |
89 | return -EINVAL; | |
90 | ||
91 | a->sockaddr.un.sun_family = AF_UNIX; | |
92 | memcpy(a->sockaddr.un.sun_path, s, l); | |
93 | a->size = sizeof(sa_family_t) + l + 1; | |
94 | ||
1c24e7bd | 95 | } else if (*s == '@') { |
42f4e3c4 LP |
96 | /* Abstract AF_UNIX socket */ |
97 | size_t l; | |
98 | ||
99 | l = strlen(s+1); | |
100 | if (l >= sizeof(a->sockaddr.un.sun_path) - 1) | |
101 | return -EINVAL; | |
102 | ||
103 | a->sockaddr.un.sun_family = AF_UNIX; | |
104 | memcpy(a->sockaddr.un.sun_path+1, s+1, l); | |
b12c1e7c | 105 | a->size = sizeof(sa_family_t) + 1 + l; |
42f4e3c4 LP |
106 | |
107 | } else { | |
108 | ||
109 | if ((e = strchr(s, ':'))) { | |
542563ba LP |
110 | |
111 | if ((r = safe_atou(e+1, &u)) < 0) | |
112 | return r; | |
113 | ||
114 | if (u <= 0 || u > 0xFFFF) | |
115 | return -EINVAL; | |
42f4e3c4 | 116 | |
42f4e3c4 LP |
117 | if (!(n = strndup(s, e-s))) |
118 | return -ENOMEM; | |
119 | ||
542563ba LP |
120 | /* IPv4 in w.x.y.z:p notation? */ |
121 | if ((r = inet_pton(AF_INET, n, &a->sockaddr.in4.sin_addr)) < 0) { | |
42f4e3c4 | 122 | free(n); |
542563ba | 123 | return -errno; |
42f4e3c4 LP |
124 | } |
125 | ||
542563ba LP |
126 | if (r > 0) { |
127 | /* Gotcha, it's a traditional IPv4 address */ | |
128 | free(n); | |
42f4e3c4 | 129 | |
542563ba LP |
130 | a->sockaddr.in4.sin_family = AF_INET; |
131 | a->sockaddr.in4.sin_port = htons((uint16_t) u); | |
132 | a->size = sizeof(struct sockaddr_in); | |
133 | } else { | |
134 | unsigned idx; | |
42f4e3c4 | 135 | |
acbb0225 LP |
136 | if (strlen(n) > IF_NAMESIZE-1) { |
137 | free(n); | |
138 | return -EINVAL; | |
139 | } | |
140 | ||
542563ba LP |
141 | /* Uh, our last resort, an interface name */ |
142 | idx = if_nametoindex(n); | |
143 | free(n); | |
144 | ||
83c60c9f | 145 | if (idx == 0) |
542563ba | 146 | return -EINVAL; |
42f4e3c4 | 147 | |
542563ba LP |
148 | a->sockaddr.in6.sin6_family = AF_INET6; |
149 | a->sockaddr.in6.sin6_port = htons((uint16_t) u); | |
150 | a->sockaddr.in6.sin6_scope_id = idx; | |
83c60c9f | 151 | a->sockaddr.in6.sin6_addr = in6addr_any; |
542563ba | 152 | a->size = sizeof(struct sockaddr_in6); |
acbb0225 | 153 | |
542563ba | 154 | } |
42f4e3c4 LP |
155 | } else { |
156 | ||
157 | /* Just a port */ | |
158 | if ((r = safe_atou(s, &u)) < 0) | |
159 | return r; | |
160 | ||
161 | if (u <= 0 || u > 0xFFFF) | |
162 | return -EINVAL; | |
163 | ||
164 | a->sockaddr.in6.sin6_family = AF_INET6; | |
42f4e3c4 | 165 | a->sockaddr.in6.sin6_port = htons((uint16_t) u); |
83c60c9f | 166 | a->sockaddr.in6.sin6_addr = in6addr_any; |
42f4e3c4 LP |
167 | a->size = sizeof(struct sockaddr_in6); |
168 | } | |
169 | } | |
170 | ||
171 | return 0; | |
172 | } | |
173 | ||
542563ba | 174 | int socket_address_verify(const SocketAddress *a) { |
42f4e3c4 LP |
175 | assert(a); |
176 | ||
542563ba | 177 | switch (socket_address_family(a)) { |
42f4e3c4 LP |
178 | case AF_INET: |
179 | if (a->size != sizeof(struct sockaddr_in)) | |
180 | return -EINVAL; | |
181 | ||
182 | if (a->sockaddr.in4.sin_port == 0) | |
183 | return -EINVAL; | |
184 | ||
185 | return 0; | |
186 | ||
187 | case AF_INET6: | |
188 | if (a->size != sizeof(struct sockaddr_in6)) | |
189 | return -EINVAL; | |
190 | ||
191 | if (a->sockaddr.in6.sin6_port == 0) | |
192 | return -EINVAL; | |
193 | ||
194 | return 0; | |
195 | ||
196 | case AF_UNIX: | |
197 | if (a->size < sizeof(sa_family_t)) | |
198 | return -EINVAL; | |
199 | ||
200 | if (a->size > sizeof(sa_family_t)) { | |
201 | ||
b12c1e7c | 202 | if (a->sockaddr.un.sun_path[0] != 0) { |
42f4e3c4 LP |
203 | char *e; |
204 | ||
205 | /* path */ | |
206 | if (!(e = memchr(a->sockaddr.un.sun_path, 0, sizeof(a->sockaddr.un.sun_path)))) | |
207 | return -EINVAL; | |
208 | ||
209 | if (a->size != sizeof(sa_family_t) + (e - a->sockaddr.un.sun_path) + 1) | |
210 | return -EINVAL; | |
211 | } | |
212 | } | |
213 | ||
214 | return 0; | |
215 | ||
216 | default: | |
217 | return -EAFNOSUPPORT; | |
218 | } | |
219 | } | |
220 | ||
542563ba | 221 | int socket_address_print(const SocketAddress *a, char **p) { |
42f4e3c4 LP |
222 | int r; |
223 | assert(a); | |
224 | assert(p); | |
225 | ||
542563ba | 226 | if ((r = socket_address_verify(a)) < 0) |
42f4e3c4 LP |
227 | return r; |
228 | ||
542563ba | 229 | switch (socket_address_family(a)) { |
42f4e3c4 LP |
230 | case AF_INET: { |
231 | char *ret; | |
232 | ||
233 | if (!(ret = new(char, INET_ADDRSTRLEN+1+5+1))) | |
234 | return -ENOMEM; | |
235 | ||
236 | if (!inet_ntop(AF_INET, &a->sockaddr.in4.sin_addr, ret, INET_ADDRSTRLEN)) { | |
237 | free(ret); | |
238 | return -errno; | |
239 | } | |
240 | ||
241 | sprintf(strchr(ret, 0), ":%u", ntohs(a->sockaddr.in4.sin_port)); | |
242 | *p = ret; | |
243 | return 0; | |
244 | } | |
245 | ||
246 | case AF_INET6: { | |
247 | char *ret; | |
248 | ||
249 | if (!(ret = new(char, 1+INET6_ADDRSTRLEN+2+5+1))) | |
250 | return -ENOMEM; | |
251 | ||
252 | ret[0] = '['; | |
253 | if (!inet_ntop(AF_INET6, &a->sockaddr.in6.sin6_addr, ret+1, INET6_ADDRSTRLEN)) { | |
254 | free(ret); | |
255 | return -errno; | |
256 | } | |
257 | ||
258 | sprintf(strchr(ret, 0), "]:%u", ntohs(a->sockaddr.in6.sin6_port)); | |
259 | *p = ret; | |
260 | return 0; | |
261 | } | |
262 | ||
263 | case AF_UNIX: { | |
264 | char *ret; | |
265 | ||
266 | if (a->size <= sizeof(sa_family_t)) { | |
267 | ||
268 | if (!(ret = strdup("<unamed>"))) | |
269 | return -ENOMEM; | |
270 | ||
271 | } else if (a->sockaddr.un.sun_path[0] == 0) { | |
272 | /* abstract */ | |
273 | ||
274 | /* FIXME: We assume we can print the | |
275 | * socket path here and that it hasn't | |
276 | * more than one NUL byte. That is | |
277 | * actually an invalid assumption */ | |
278 | ||
279 | if (!(ret = new(char, sizeof(a->sockaddr.un.sun_path)+1))) | |
280 | return -ENOMEM; | |
281 | ||
1c24e7bd | 282 | ret[0] = '@'; |
42f4e3c4 LP |
283 | memcpy(ret+1, a->sockaddr.un.sun_path+1, sizeof(a->sockaddr.un.sun_path)-1); |
284 | ret[sizeof(a->sockaddr.un.sun_path)] = 0; | |
285 | ||
286 | } else { | |
287 | ||
288 | if (!(ret = strdup(a->sockaddr.un.sun_path))) | |
289 | return -ENOMEM; | |
290 | } | |
291 | ||
292 | *p = ret; | |
293 | return 0; | |
294 | } | |
295 | ||
296 | default: | |
297 | return -EINVAL; | |
298 | } | |
299 | } | |
300 | ||
b5a0699f LP |
301 | int socket_address_listen( |
302 | const SocketAddress *a, | |
303 | int backlog, | |
304 | SocketAddressBindIPv6Only only, | |
305 | const char *bind_to_device, | |
4fd5948e | 306 | bool free_bind, |
b5a0699f LP |
307 | mode_t directory_mode, |
308 | mode_t socket_mode, | |
56cf987f | 309 | const char *label, |
b5a0699f LP |
310 | int *ret) { |
311 | ||
acbb0225 | 312 | int r, fd, one; |
42f4e3c4 | 313 | assert(a); |
83c60c9f | 314 | assert(ret); |
42f4e3c4 | 315 | |
542563ba | 316 | if ((r = socket_address_verify(a)) < 0) |
42f4e3c4 LP |
317 | return r; |
318 | ||
56cf987f DW |
319 | r = label_socket_set(label); |
320 | if (r < 0) | |
321 | return r; | |
7a58bfa4 DW |
322 | |
323 | fd = socket(socket_address_family(a), a->type | SOCK_NONBLOCK | SOCK_CLOEXEC, 0); | |
324 | r = fd < 0 ? -errno : 0; | |
b15bdda8 | 325 | |
56cf987f | 326 | label_socket_clear(); |
7a58bfa4 DW |
327 | |
328 | if (r < 0) | |
329 | return r; | |
42f4e3c4 | 330 | |
542563ba LP |
331 | if (socket_address_family(a) == AF_INET6 && only != SOCKET_ADDRESS_DEFAULT) { |
332 | int flag = only == SOCKET_ADDRESS_IPV6_ONLY; | |
333 | ||
acbb0225 LP |
334 | if (setsockopt(fd, IPPROTO_IPV6, IPV6_V6ONLY, &flag, sizeof(flag)) < 0) |
335 | goto fail; | |
542563ba LP |
336 | } |
337 | ||
acbb0225 LP |
338 | if (bind_to_device) |
339 | if (setsockopt(fd, SOL_SOCKET, SO_BINDTODEVICE, bind_to_device, strlen(bind_to_device)+1) < 0) | |
340 | goto fail; | |
341 | ||
4fd5948e LP |
342 | if (free_bind) { |
343 | one = 1; | |
344 | if (setsockopt(fd, IPPROTO_IP, IP_FREEBIND, &one, sizeof(one)) < 0) | |
345 | log_warning("IP_FREEBIND failed: %m"); | |
346 | } | |
347 | ||
acbb0225 LP |
348 | one = 1; |
349 | if (setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one)) < 0) | |
350 | goto fail; | |
351 | ||
b5a0699f LP |
352 | if (socket_address_family(a) == AF_UNIX && a->sockaddr.un.sun_path[0] != 0) { |
353 | mode_t old_mask; | |
354 | ||
355 | /* Create parents */ | |
356 | mkdir_parents(a->sockaddr.un.sun_path, directory_mode); | |
357 | ||
358 | /* Enforce the right access mode for the socket*/ | |
359 | old_mask = umask(~ socket_mode); | |
360 | ||
361 | /* Include the original umask in our mask */ | |
362 | umask(~socket_mode | old_mask); | |
363 | ||
364 | r = bind(fd, &a->sockaddr.sa, a->size); | |
365 | ||
366 | if (r < 0 && errno == EADDRINUSE) { | |
367 | /* Unlink and try again */ | |
368 | unlink(a->sockaddr.un.sun_path); | |
369 | r = bind(fd, &a->sockaddr.sa, a->size); | |
370 | } | |
371 | ||
372 | umask(old_mask); | |
373 | } else | |
374 | r = bind(fd, &a->sockaddr.sa, a->size); | |
375 | ||
376 | if (r < 0) | |
acbb0225 | 377 | goto fail; |
42f4e3c4 LP |
378 | |
379 | if (a->type == SOCK_STREAM) | |
acbb0225 LP |
380 | if (listen(fd, backlog) < 0) |
381 | goto fail; | |
42f4e3c4 | 382 | |
83c60c9f | 383 | *ret = fd; |
42f4e3c4 | 384 | return 0; |
acbb0225 LP |
385 | |
386 | fail: | |
387 | r = -errno; | |
a16e1123 | 388 | close_nointr_nofail(fd); |
acbb0225 | 389 | return r; |
42f4e3c4 | 390 | } |
4f2d528d LP |
391 | |
392 | bool socket_address_can_accept(const SocketAddress *a) { | |
393 | assert(a); | |
394 | ||
395 | return | |
396 | a->type == SOCK_STREAM || | |
397 | a->type == SOCK_SEQPACKET; | |
398 | } | |
a16e1123 LP |
399 | |
400 | bool socket_address_equal(const SocketAddress *a, const SocketAddress *b) { | |
401 | assert(a); | |
402 | assert(b); | |
403 | ||
404 | /* Invalid addresses are unequal to all */ | |
405 | if (socket_address_verify(a) < 0 || | |
406 | socket_address_verify(b) < 0) | |
407 | return false; | |
408 | ||
409 | if (a->type != b->type) | |
410 | return false; | |
411 | ||
412 | if (a->size != b->size) | |
413 | return false; | |
414 | ||
415 | if (socket_address_family(a) != socket_address_family(b)) | |
416 | return false; | |
417 | ||
418 | switch (socket_address_family(a)) { | |
419 | ||
420 | case AF_INET: | |
421 | if (a->sockaddr.in4.sin_addr.s_addr != b->sockaddr.in4.sin_addr.s_addr) | |
422 | return false; | |
423 | ||
424 | if (a->sockaddr.in4.sin_port != b->sockaddr.in4.sin_port) | |
425 | return false; | |
426 | ||
427 | break; | |
428 | ||
429 | case AF_INET6: | |
430 | if (memcmp(&a->sockaddr.in6.sin6_addr, &b->sockaddr.in6.sin6_addr, sizeof(a->sockaddr.in6.sin6_addr)) != 0) | |
431 | return false; | |
432 | ||
433 | if (a->sockaddr.in6.sin6_port != b->sockaddr.in6.sin6_port) | |
434 | return false; | |
435 | ||
436 | break; | |
437 | ||
438 | case AF_UNIX: | |
439 | ||
440 | if ((a->sockaddr.un.sun_path[0] == 0) != (b->sockaddr.un.sun_path[0] == 0)) | |
441 | return false; | |
442 | ||
443 | if (a->sockaddr.un.sun_path[0]) { | |
444 | if (strncmp(a->sockaddr.un.sun_path, b->sockaddr.un.sun_path, sizeof(a->sockaddr.un.sun_path)) != 0) | |
445 | return false; | |
446 | } else { | |
b12c1e7c | 447 | if (memcmp(a->sockaddr.un.sun_path, b->sockaddr.un.sun_path, a->size) != 0) |
a16e1123 LP |
448 | return false; |
449 | } | |
450 | ||
451 | break; | |
452 | ||
453 | default: | |
454 | /* Cannot compare, so we assume the addresses are different */ | |
455 | return false; | |
456 | } | |
457 | ||
458 | return true; | |
459 | } | |
460 | ||
27ca8d7a | 461 | bool socket_address_is(const SocketAddress *a, const char *s, int type) { |
a16e1123 LP |
462 | struct SocketAddress b; |
463 | ||
464 | assert(a); | |
465 | assert(s); | |
466 | ||
467 | if (socket_address_parse(&b, s) < 0) | |
468 | return false; | |
469 | ||
27ca8d7a LP |
470 | b.type = type; |
471 | ||
a16e1123 | 472 | return socket_address_equal(a, &b); |
6e2ef85b LP |
473 | } |
474 | ||
475 | bool socket_address_needs_mount(const SocketAddress *a, const char *prefix) { | |
476 | assert(a); | |
477 | ||
478 | if (socket_address_family(a) != AF_UNIX) | |
479 | return false; | |
480 | ||
481 | if (a->sockaddr.un.sun_path[0] == 0) | |
482 | return false; | |
a16e1123 | 483 | |
6e2ef85b | 484 | return path_startswith(a->sockaddr.un.sun_path, prefix); |
a16e1123 | 485 | } |
c0120d99 LP |
486 | |
487 | static const char* const socket_address_bind_ipv6_only_table[_SOCKET_ADDRESS_BIND_IPV6_ONLY_MAX] = { | |
488 | [SOCKET_ADDRESS_DEFAULT] = "default", | |
489 | [SOCKET_ADDRESS_BOTH] = "both", | |
490 | [SOCKET_ADDRESS_IPV6_ONLY] = "ipv6-only" | |
491 | }; | |
492 | ||
493 | DEFINE_STRING_TABLE_LOOKUP(socket_address_bind_ipv6_only, SocketAddressBindIPv6Only); |