]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/basic/socket-util.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
coredump: rework coredumping logic
[thirdparty/systemd.git] / src / basic / socket-util.c
1 /***
2 This file is part of systemd.
3
4 Copyright 2010 Lennart Poettering
5
6 systemd is free software; you can redistribute it and/or modify it
7 under the terms of the GNU Lesser General Public License as published by
8 the Free Software Foundation; either version 2.1 of the License, or
9 (at your option) any later version.
10
11 systemd is distributed in the hope that it will be useful, but
12 WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 Lesser General Public License for more details.
15
16 You should have received a copy of the GNU Lesser General Public License
17 along with systemd; If not, see <http://www.gnu.org/licenses/>.
18 ***/
19
20 #include <arpa/inet.h>
21 #include <errno.h>
22 #include <limits.h>
23 #include <net/if.h>
24 #include <netdb.h>
25 #include <netinet/ip.h>
26 #include <stddef.h>
27 #include <stdint.h>
28 #include <stdio.h>
29 #include <stdlib.h>
30 #include <string.h>
31 #include <unistd.h>
32
33 #include "alloc-util.h"
34 #include "fd-util.h"
35 #include "fileio.h"
36 #include "formats-util.h"
37 #include "log.h"
38 #include "macro.h"
39 #include "missing.h"
40 #include "parse-util.h"
41 #include "path-util.h"
42 #include "socket-util.h"
43 #include "string-table.h"
44 #include "string-util.h"
45 #include "user-util.h"
46 #include "util.h"
47
48 int socket_address_parse(SocketAddress *a, const char *s) {
49 char *e, *n;
50 unsigned u;
51 int r;
52
53 assert(a);
54 assert(s);
55
56 zero(*a);
57 a->type = SOCK_STREAM;
58
59 if (*s == '[') {
60 /* IPv6 in [x:.....:z]:p notation */
61
62 e = strchr(s+1, ']');
63 if (!e)
64 return -EINVAL;
65
66 n = strndupa(s+1, e-s-1);
67
68 errno = 0;
69 if (inet_pton(AF_INET6, n, &a->sockaddr.in6.sin6_addr) <= 0)
70 return errno > 0 ? -errno : -EINVAL;
71
72 e++;
73 if (*e != ':')
74 return -EINVAL;
75
76 e++;
77 r = safe_atou(e, &u);
78 if (r < 0)
79 return r;
80
81 if (u <= 0 || u > 0xFFFF)
82 return -EINVAL;
83
84 a->sockaddr.in6.sin6_family = AF_INET6;
85 a->sockaddr.in6.sin6_port = htons((uint16_t) u);
86 a->size = sizeof(struct sockaddr_in6);
87
88 } else if (*s == '/') {
89 /* AF_UNIX socket */
90
91 size_t l;
92
93 l = strlen(s);
94 if (l >= sizeof(a->sockaddr.un.sun_path))
95 return -EINVAL;
96
97 a->sockaddr.un.sun_family = AF_UNIX;
98 memcpy(a->sockaddr.un.sun_path, s, l);
99 a->size = offsetof(struct sockaddr_un, sun_path) + l + 1;
100
101 } else if (*s == '@') {
102 /* Abstract AF_UNIX socket */
103 size_t l;
104
105 l = strlen(s+1);
106 if (l >= sizeof(a->sockaddr.un.sun_path) - 1)
107 return -EINVAL;
108
109 a->sockaddr.un.sun_family = AF_UNIX;
110 memcpy(a->sockaddr.un.sun_path+1, s+1, l);
111 a->size = offsetof(struct sockaddr_un, sun_path) + 1 + l;
112
113 } else {
114 e = strchr(s, ':');
115 if (e) {
116 r = safe_atou(e+1, &u);
117 if (r < 0)
118 return r;
119
120 if (u <= 0 || u > 0xFFFF)
121 return -EINVAL;
122
123 n = strndupa(s, e-s);
124
125 /* IPv4 in w.x.y.z:p notation? */
126 r = inet_pton(AF_INET, n, &a->sockaddr.in.sin_addr);
127 if (r < 0)
128 return -errno;
129
130 if (r > 0) {
131 /* Gotcha, it's a traditional IPv4 address */
132 a->sockaddr.in.sin_family = AF_INET;
133 a->sockaddr.in.sin_port = htons((uint16_t) u);
134 a->size = sizeof(struct sockaddr_in);
135 } else {
136 unsigned idx;
137
138 if (strlen(n) > IF_NAMESIZE-1)
139 return -EINVAL;
140
141 /* Uh, our last resort, an interface name */
142 idx = if_nametoindex(n);
143 if (idx == 0)
144 return -EINVAL;
145
146 a->sockaddr.in6.sin6_family = AF_INET6;
147 a->sockaddr.in6.sin6_port = htons((uint16_t) u);
148 a->sockaddr.in6.sin6_scope_id = idx;
149 a->sockaddr.in6.sin6_addr = in6addr_any;
150 a->size = sizeof(struct sockaddr_in6);
151 }
152 } else {
153
154 /* Just a port */
155 r = safe_atou(s, &u);
156 if (r < 0)
157 return r;
158
159 if (u <= 0 || u > 0xFFFF)
160 return -EINVAL;
161
162 if (socket_ipv6_is_supported()) {
163 a->sockaddr.in6.sin6_family = AF_INET6;
164 a->sockaddr.in6.sin6_port = htons((uint16_t) u);
165 a->sockaddr.in6.sin6_addr = in6addr_any;
166 a->size = sizeof(struct sockaddr_in6);
167 } else {
168 a->sockaddr.in.sin_family = AF_INET;
169 a->sockaddr.in.sin_port = htons((uint16_t) u);
170 a->sockaddr.in.sin_addr.s_addr = INADDR_ANY;
171 a->size = sizeof(struct sockaddr_in);
172 }
173 }
174 }
175
176 return 0;
177 }
178
179 int socket_address_parse_and_warn(SocketAddress *a, const char *s) {
180 SocketAddress b;
181 int r;
182
183 /* Similar to socket_address_parse() but warns for IPv6 sockets when we don't support them. */
184
185 r = socket_address_parse(&b, s);
186 if (r < 0)
187 return r;
188
189 if (!socket_ipv6_is_supported() && b.sockaddr.sa.sa_family == AF_INET6) {
190 log_warning("Binding to IPv6 address not available since kernel does not support IPv6.");
191 return -EAFNOSUPPORT;
192 }
193
194 *a = b;
195 return 0;
196 }
197
198 int socket_address_parse_netlink(SocketAddress *a, const char *s) {
199 int family;
200 unsigned group = 0;
201 _cleanup_free_ char *sfamily = NULL;
202 assert(a);
203 assert(s);
204
205 zero(*a);
206 a->type = SOCK_RAW;
207
208 errno = 0;
209 if (sscanf(s, "%ms %u", &sfamily, &group) < 1)
210 return errno > 0 ? -errno : -EINVAL;
211
212 family = netlink_family_from_string(sfamily);
213 if (family < 0)
214 return -EINVAL;
215
216 a->sockaddr.nl.nl_family = AF_NETLINK;
217 a->sockaddr.nl.nl_groups = group;
218
219 a->type = SOCK_RAW;
220 a->size = sizeof(struct sockaddr_nl);
221 a->protocol = family;
222
223 return 0;
224 }
225
226 int socket_address_verify(const SocketAddress *a) {
227 assert(a);
228
229 switch (socket_address_family(a)) {
230
231 case AF_INET:
232 if (a->size != sizeof(struct sockaddr_in))
233 return -EINVAL;
234
235 if (a->sockaddr.in.sin_port == 0)
236 return -EINVAL;
237
238 if (a->type != SOCK_STREAM && a->type != SOCK_DGRAM)
239 return -EINVAL;
240
241 return 0;
242
243 case AF_INET6:
244 if (a->size != sizeof(struct sockaddr_in6))
245 return -EINVAL;
246
247 if (a->sockaddr.in6.sin6_port == 0)
248 return -EINVAL;
249
250 if (a->type != SOCK_STREAM && a->type != SOCK_DGRAM)
251 return -EINVAL;
252
253 return 0;
254
255 case AF_UNIX:
256 if (a->size < offsetof(struct sockaddr_un, sun_path))
257 return -EINVAL;
258
259 if (a->size > offsetof(struct sockaddr_un, sun_path)) {
260
261 if (a->sockaddr.un.sun_path[0] != 0) {
262 char *e;
263
264 /* path */
265 e = memchr(a->sockaddr.un.sun_path, 0, sizeof(a->sockaddr.un.sun_path));
266 if (!e)
267 return -EINVAL;
268
269 if (a->size != offsetof(struct sockaddr_un, sun_path) + (e - a->sockaddr.un.sun_path) + 1)
270 return -EINVAL;
271 }
272 }
273
274 if (a->type != SOCK_STREAM && a->type != SOCK_DGRAM && a->type != SOCK_SEQPACKET)
275 return -EINVAL;
276
277 return 0;
278
279 case AF_NETLINK:
280
281 if (a->size != sizeof(struct sockaddr_nl))
282 return -EINVAL;
283
284 if (a->type != SOCK_RAW && a->type != SOCK_DGRAM)
285 return -EINVAL;
286
287 return 0;
288
289 default:
290 return -EAFNOSUPPORT;
291 }
292 }
293
294 int socket_address_print(const SocketAddress *a, char **ret) {
295 int r;
296
297 assert(a);
298 assert(ret);
299
300 r = socket_address_verify(a);
301 if (r < 0)
302 return r;
303
304 if (socket_address_family(a) == AF_NETLINK) {
305 _cleanup_free_ char *sfamily = NULL;
306
307 r = netlink_family_to_string_alloc(a->protocol, &sfamily);
308 if (r < 0)
309 return r;
310
311 r = asprintf(ret, "%s %u", sfamily, a->sockaddr.nl.nl_groups);
312 if (r < 0)
313 return -ENOMEM;
314
315 return 0;
316 }
317
318 return sockaddr_pretty(&a->sockaddr.sa, a->size, false, true, ret);
319 }
320
321 bool socket_address_can_accept(const SocketAddress *a) {
322 assert(a);
323
324 return
325 a->type == SOCK_STREAM ||
326 a->type == SOCK_SEQPACKET;
327 }
328
329 bool socket_address_equal(const SocketAddress *a, const SocketAddress *b) {
330 assert(a);
331 assert(b);
332
333 /* Invalid addresses are unequal to all */
334 if (socket_address_verify(a) < 0 ||
335 socket_address_verify(b) < 0)
336 return false;
337
338 if (a->type != b->type)
339 return false;
340
341 if (socket_address_family(a) != socket_address_family(b))
342 return false;
343
344 switch (socket_address_family(a)) {
345
346 case AF_INET:
347 if (a->sockaddr.in.sin_addr.s_addr != b->sockaddr.in.sin_addr.s_addr)
348 return false;
349
350 if (a->sockaddr.in.sin_port != b->sockaddr.in.sin_port)
351 return false;
352
353 break;
354
355 case AF_INET6:
356 if (memcmp(&a->sockaddr.in6.sin6_addr, &b->sockaddr.in6.sin6_addr, sizeof(a->sockaddr.in6.sin6_addr)) != 0)
357 return false;
358
359 if (a->sockaddr.in6.sin6_port != b->sockaddr.in6.sin6_port)
360 return false;
361
362 break;
363
364 case AF_UNIX:
365 if (a->size <= offsetof(struct sockaddr_un, sun_path) ||
366 b->size <= offsetof(struct sockaddr_un, sun_path))
367 return false;
368
369 if ((a->sockaddr.un.sun_path[0] == 0) != (b->sockaddr.un.sun_path[0] == 0))
370 return false;
371
372 if (a->sockaddr.un.sun_path[0]) {
373 if (!path_equal_or_files_same(a->sockaddr.un.sun_path, b->sockaddr.un.sun_path))
374 return false;
375 } else {
376 if (a->size != b->size)
377 return false;
378
379 if (memcmp(a->sockaddr.un.sun_path, b->sockaddr.un.sun_path, a->size) != 0)
380 return false;
381 }
382
383 break;
384
385 case AF_NETLINK:
386 if (a->protocol != b->protocol)
387 return false;
388
389 if (a->sockaddr.nl.nl_groups != b->sockaddr.nl.nl_groups)
390 return false;
391
392 break;
393
394 default:
395 /* Cannot compare, so we assume the addresses are different */
396 return false;
397 }
398
399 return true;
400 }
401
402 bool socket_address_is(const SocketAddress *a, const char *s, int type) {
403 struct SocketAddress b;
404
405 assert(a);
406 assert(s);
407
408 if (socket_address_parse(&b, s) < 0)
409 return false;
410
411 b.type = type;
412
413 return socket_address_equal(a, &b);
414 }
415
416 bool socket_address_is_netlink(const SocketAddress *a, const char *s) {
417 struct SocketAddress b;
418
419 assert(a);
420 assert(s);
421
422 if (socket_address_parse_netlink(&b, s) < 0)
423 return false;
424
425 return socket_address_equal(a, &b);
426 }
427
428 const char* socket_address_get_path(const SocketAddress *a) {
429 assert(a);
430
431 if (socket_address_family(a) != AF_UNIX)
432 return NULL;
433
434 if (a->sockaddr.un.sun_path[0] == 0)
435 return NULL;
436
437 return a->sockaddr.un.sun_path;
438 }
439
440 bool socket_ipv6_is_supported(void) {
441 if (access("/proc/net/sockstat6", F_OK) != 0)
442 return false;
443
444 return true;
445 }
446
447 bool socket_address_matches_fd(const SocketAddress *a, int fd) {
448 SocketAddress b;
449 socklen_t solen;
450
451 assert(a);
452 assert(fd >= 0);
453
454 b.size = sizeof(b.sockaddr);
455 if (getsockname(fd, &b.sockaddr.sa, &b.size) < 0)
456 return false;
457
458 if (b.sockaddr.sa.sa_family != a->sockaddr.sa.sa_family)
459 return false;
460
461 solen = sizeof(b.type);
462 if (getsockopt(fd, SOL_SOCKET, SO_TYPE, &b.type, &solen) < 0)
463 return false;
464
465 if (b.type != a->type)
466 return false;
467
468 if (a->protocol != 0) {
469 solen = sizeof(b.protocol);
470 if (getsockopt(fd, SOL_SOCKET, SO_PROTOCOL, &b.protocol, &solen) < 0)
471 return false;
472
473 if (b.protocol != a->protocol)
474 return false;
475 }
476
477 return socket_address_equal(a, &b);
478 }
479
480 int sockaddr_port(const struct sockaddr *_sa) {
481 union sockaddr_union *sa = (union sockaddr_union*) _sa;
482
483 assert(sa);
484
485 if (!IN_SET(sa->sa.sa_family, AF_INET, AF_INET6))
486 return -EAFNOSUPPORT;
487
488 return ntohs(sa->sa.sa_family == AF_INET6 ?
489 sa->in6.sin6_port :
490 sa->in.sin_port);
491 }
492
493 int sockaddr_pretty(const struct sockaddr *_sa, socklen_t salen, bool translate_ipv6, bool include_port, char **ret) {
494 union sockaddr_union *sa = (union sockaddr_union*) _sa;
495 char *p;
496 int r;
497
498 assert(sa);
499 assert(salen >= sizeof(sa->sa.sa_family));
500
501 switch (sa->sa.sa_family) {
502
503 case AF_INET: {
504 uint32_t a;
505
506 a = ntohl(sa->in.sin_addr.s_addr);
507
508 if (include_port)
509 r = asprintf(&p,
510 "%u.%u.%u.%u:%u",
511 a >> 24, (a >> 16) & 0xFF, (a >> 8) & 0xFF, a & 0xFF,
512 ntohs(sa->in.sin_port));
513 else
514 r = asprintf(&p,
515 "%u.%u.%u.%u",
516 a >> 24, (a >> 16) & 0xFF, (a >> 8) & 0xFF, a & 0xFF);
517 if (r < 0)
518 return -ENOMEM;
519 break;
520 }
521
522 case AF_INET6: {
523 static const unsigned char ipv4_prefix[] = {
524 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0xFF, 0xFF
525 };
526
527 if (translate_ipv6 &&
528 memcmp(&sa->in6.sin6_addr, ipv4_prefix, sizeof(ipv4_prefix)) == 0) {
529 const uint8_t *a = sa->in6.sin6_addr.s6_addr+12;
530 if (include_port)
531 r = asprintf(&p,
532 "%u.%u.%u.%u:%u",
533 a[0], a[1], a[2], a[3],
534 ntohs(sa->in6.sin6_port));
535 else
536 r = asprintf(&p,
537 "%u.%u.%u.%u",
538 a[0], a[1], a[2], a[3]);
539 if (r < 0)
540 return -ENOMEM;
541 } else {
542 char a[INET6_ADDRSTRLEN];
543
544 inet_ntop(AF_INET6, &sa->in6.sin6_addr, a, sizeof(a));
545
546 if (include_port) {
547 r = asprintf(&p,
548 "[%s]:%u",
549 a,
550 ntohs(sa->in6.sin6_port));
551 if (r < 0)
552 return -ENOMEM;
553 } else {
554 p = strdup(a);
555 if (!p)
556 return -ENOMEM;
557 }
558 }
559
560 break;
561 }
562
563 case AF_UNIX:
564 if (salen <= offsetof(struct sockaddr_un, sun_path)) {
565 p = strdup("<unnamed>");
566 if (!p)
567 return -ENOMEM;
568
569 } else if (sa->un.sun_path[0] == 0) {
570 /* abstract */
571
572 /* FIXME: We assume we can print the
573 * socket path here and that it hasn't
574 * more than one NUL byte. That is
575 * actually an invalid assumption */
576
577 p = new(char, sizeof(sa->un.sun_path)+1);
578 if (!p)
579 return -ENOMEM;
580
581 p[0] = '@';
582 memcpy(p+1, sa->un.sun_path+1, sizeof(sa->un.sun_path)-1);
583 p[sizeof(sa->un.sun_path)] = 0;
584
585 } else {
586 p = strndup(sa->un.sun_path, sizeof(sa->un.sun_path));
587 if (!p)
588 return -ENOMEM;
589 }
590
591 break;
592
593 default:
594 return -EOPNOTSUPP;
595 }
596
597
598 *ret = p;
599 return 0;
600 }
601
602 int getpeername_pretty(int fd, bool include_port, char **ret) {
603 union sockaddr_union sa;
604 socklen_t salen = sizeof(sa);
605 int r;
606
607 assert(fd >= 0);
608 assert(ret);
609
610 if (getpeername(fd, &sa.sa, &salen) < 0)
611 return -errno;
612
613 if (sa.sa.sa_family == AF_UNIX) {
614 struct ucred ucred = {};
615
616 /* UNIX connection sockets are anonymous, so let's use
617 * PID/UID as pretty credentials instead */
618
619 r = getpeercred(fd, &ucred);
620 if (r < 0)
621 return r;
622
623 if (asprintf(ret, "PID "PID_FMT"/UID "UID_FMT, ucred.pid, ucred.uid) < 0)
624 return -ENOMEM;
625
626 return 0;
627 }
628
629 /* For remote sockets we translate IPv6 addresses back to IPv4
630 * if applicable, since that's nicer. */
631
632 return sockaddr_pretty(&sa.sa, salen, true, include_port, ret);
633 }
634
635 int getsockname_pretty(int fd, char **ret) {
636 union sockaddr_union sa;
637 socklen_t salen = sizeof(sa);
638
639 assert(fd >= 0);
640 assert(ret);
641
642 if (getsockname(fd, &sa.sa, &salen) < 0)
643 return -errno;
644
645 /* For local sockets we do not translate IPv6 addresses back
646 * to IPv6 if applicable, since this is usually used for
647 * listening sockets where the difference between IPv4 and
648 * IPv6 matters. */
649
650 return sockaddr_pretty(&sa.sa, salen, false, true, ret);
651 }
652
653 int socknameinfo_pretty(union sockaddr_union *sa, socklen_t salen, char **_ret) {
654 int r;
655 char host[NI_MAXHOST], *ret;
656
657 assert(_ret);
658
659 r = getnameinfo(&sa->sa, salen, host, sizeof(host), NULL, 0,
660 NI_IDN|NI_IDN_USE_STD3_ASCII_RULES);
661 if (r != 0) {
662 int saved_errno = errno;
663
664 r = sockaddr_pretty(&sa->sa, salen, true, true, &ret);
665 if (r < 0)
666 return r;
667
668 log_debug_errno(saved_errno, "getnameinfo(%s) failed: %m", ret);
669 } else {
670 ret = strdup(host);
671 if (!ret)
672 return -ENOMEM;
673 }
674
675 *_ret = ret;
676 return 0;
677 }
678
679 int getnameinfo_pretty(int fd, char **ret) {
680 union sockaddr_union sa;
681 socklen_t salen = sizeof(sa);
682
683 assert(fd >= 0);
684 assert(ret);
685
686 if (getsockname(fd, &sa.sa, &salen) < 0)
687 return -errno;
688
689 return socknameinfo_pretty(&sa, salen, ret);
690 }
691
692 int socket_address_unlink(SocketAddress *a) {
693 assert(a);
694
695 if (socket_address_family(a) != AF_UNIX)
696 return 0;
697
698 if (a->sockaddr.un.sun_path[0] == 0)
699 return 0;
700
701 if (unlink(a->sockaddr.un.sun_path) < 0)
702 return -errno;
703
704 return 1;
705 }
706
707 static const char* const netlink_family_table[] = {
708 [NETLINK_ROUTE] = "route",
709 [NETLINK_FIREWALL] = "firewall",
710 [NETLINK_INET_DIAG] = "inet-diag",
711 [NETLINK_NFLOG] = "nflog",
712 [NETLINK_XFRM] = "xfrm",
713 [NETLINK_SELINUX] = "selinux",
714 [NETLINK_ISCSI] = "iscsi",
715 [NETLINK_AUDIT] = "audit",
716 [NETLINK_FIB_LOOKUP] = "fib-lookup",
717 [NETLINK_CONNECTOR] = "connector",
718 [NETLINK_NETFILTER] = "netfilter",
719 [NETLINK_IP6_FW] = "ip6-fw",
720 [NETLINK_DNRTMSG] = "dnrtmsg",
721 [NETLINK_KOBJECT_UEVENT] = "kobject-uevent",
722 [NETLINK_GENERIC] = "generic",
723 [NETLINK_SCSITRANSPORT] = "scsitransport",
724 [NETLINK_ECRYPTFS] = "ecryptfs"
725 };
726
727 DEFINE_STRING_TABLE_LOOKUP_WITH_FALLBACK(netlink_family, int, INT_MAX);
728
729 static const char* const socket_address_bind_ipv6_only_table[_SOCKET_ADDRESS_BIND_IPV6_ONLY_MAX] = {
730 [SOCKET_ADDRESS_DEFAULT] = "default",
731 [SOCKET_ADDRESS_BOTH] = "both",
732 [SOCKET_ADDRESS_IPV6_ONLY] = "ipv6-only"
733 };
734
735 DEFINE_STRING_TABLE_LOOKUP(socket_address_bind_ipv6_only, SocketAddressBindIPv6Only);
736
737 bool sockaddr_equal(const union sockaddr_union *a, const union sockaddr_union *b) {
738 assert(a);
739 assert(b);
740
741 if (a->sa.sa_family != b->sa.sa_family)
742 return false;
743
744 if (a->sa.sa_family == AF_INET)
745 return a->in.sin_addr.s_addr == b->in.sin_addr.s_addr;
746
747 if (a->sa.sa_family == AF_INET6)
748 return memcmp(&a->in6.sin6_addr, &b->in6.sin6_addr, sizeof(a->in6.sin6_addr)) == 0;
749
750 return false;
751 }
752
753 int fd_inc_sndbuf(int fd, size_t n) {
754 int r, value;
755 socklen_t l = sizeof(value);
756
757 r = getsockopt(fd, SOL_SOCKET, SO_SNDBUF, &value, &l);
758 if (r >= 0 && l == sizeof(value) && (size_t) value >= n*2)
759 return 0;
760
761 /* If we have the privileges we will ignore the kernel limit. */
762
763 value = (int) n;
764 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUFFORCE, &value, sizeof(value)) < 0)
765 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUF, &value, sizeof(value)) < 0)
766 return -errno;
767
768 return 1;
769 }
770
771 int fd_inc_rcvbuf(int fd, size_t n) {
772 int r, value;
773 socklen_t l = sizeof(value);
774
775 r = getsockopt(fd, SOL_SOCKET, SO_RCVBUF, &value, &l);
776 if (r >= 0 && l == sizeof(value) && (size_t) value >= n*2)
777 return 0;
778
779 /* If we have the privileges we will ignore the kernel limit. */
780
781 value = (int) n;
782 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUFFORCE, &value, sizeof(value)) < 0)
783 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &value, sizeof(value)) < 0)
784 return -errno;
785 return 1;
786 }
787
788 static const char* const ip_tos_table[] = {
789 [IPTOS_LOWDELAY] = "low-delay",
790 [IPTOS_THROUGHPUT] = "throughput",
791 [IPTOS_RELIABILITY] = "reliability",
792 [IPTOS_LOWCOST] = "low-cost",
793 };
794
795 DEFINE_STRING_TABLE_LOOKUP_WITH_FALLBACK(ip_tos, int, 0xff);
796
797 int getpeercred(int fd, struct ucred *ucred) {
798 socklen_t n = sizeof(struct ucred);
799 struct ucred u;
800 int r;
801
802 assert(fd >= 0);
803 assert(ucred);
804
805 r = getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &u, &n);
806 if (r < 0)
807 return -errno;
808
809 if (n != sizeof(struct ucred))
810 return -EIO;
811
812 /* Check if the data is actually useful and not suppressed due
813 * to namespacing issues */
814 if (u.pid <= 0)
815 return -ENODATA;
816 if (u.uid == UID_INVALID)
817 return -ENODATA;
818 if (u.gid == GID_INVALID)
819 return -ENODATA;
820
821 *ucred = u;
822 return 0;
823 }
824
825 int getpeersec(int fd, char **ret) {
826 socklen_t n = 64;
827 char *s;
828 int r;
829
830 assert(fd >= 0);
831 assert(ret);
832
833 s = new0(char, n);
834 if (!s)
835 return -ENOMEM;
836
837 r = getsockopt(fd, SOL_SOCKET, SO_PEERSEC, s, &n);
838 if (r < 0) {
839 free(s);
840
841 if (errno != ERANGE)
842 return -errno;
843
844 s = new0(char, n);
845 if (!s)
846 return -ENOMEM;
847
848 r = getsockopt(fd, SOL_SOCKET, SO_PEERSEC, s, &n);
849 if (r < 0) {
850 free(s);
851 return -errno;
852 }
853 }
854
855 if (isempty(s)) {
856 free(s);
857 return -EOPNOTSUPP;
858 }
859
860 *ret = s;
861 return 0;
862 }
863
864 int send_one_fd_sa(
865 int transport_fd,
866 int fd,
867 const struct sockaddr *sa, socklen_t len,
868 int flags) {
869
870 union {
871 struct cmsghdr cmsghdr;
872 uint8_t buf[CMSG_SPACE(sizeof(int))];
873 } control = {};
874 struct msghdr mh = {
875 .msg_name = (struct sockaddr*) sa,
876 .msg_namelen = len,
877 .msg_control = &control,
878 .msg_controllen = sizeof(control),
879 };
880 struct cmsghdr *cmsg;
881
882 assert(transport_fd >= 0);
883 assert(fd >= 0);
884
885 cmsg = CMSG_FIRSTHDR(&mh);
886 cmsg->cmsg_level = SOL_SOCKET;
887 cmsg->cmsg_type = SCM_RIGHTS;
888 cmsg->cmsg_len = CMSG_LEN(sizeof(int));
889 memcpy(CMSG_DATA(cmsg), &fd, sizeof(int));
890
891 mh.msg_controllen = CMSG_SPACE(sizeof(int));
892 if (sendmsg(transport_fd, &mh, MSG_NOSIGNAL | flags) < 0)
893 return -errno;
894
895 return 0;
896 }
897
898 int receive_one_fd(int transport_fd, int flags) {
899 union {
900 struct cmsghdr cmsghdr;
901 uint8_t buf[CMSG_SPACE(sizeof(int))];
902 } control = {};
903 struct msghdr mh = {
904 .msg_control = &control,
905 .msg_controllen = sizeof(control),
906 };
907 struct cmsghdr *cmsg, *found = NULL;
908
909 assert(transport_fd >= 0);
910
911 /*
912 * Receive a single FD via @transport_fd. We don't care for
913 * the transport-type. We retrieve a single FD at most, so for
914 * packet-based transports, the caller must ensure to send
915 * only a single FD per packet. This is best used in
916 * combination with send_one_fd().
917 */
918
919 if (recvmsg(transport_fd, &mh, MSG_NOSIGNAL | MSG_CMSG_CLOEXEC | flags) < 0)
920 return -errno;
921
922 CMSG_FOREACH(cmsg, &mh) {
923 if (cmsg->cmsg_level == SOL_SOCKET &&
924 cmsg->cmsg_type == SCM_RIGHTS &&
925 cmsg->cmsg_len == CMSG_LEN(sizeof(int))) {
926 assert(!found);
927 found = cmsg;
928 break;
929 }
930 }
931
932 if (!found) {
933 cmsg_close_all(&mh);
934 return -EIO;
935 }
936
937 return *(int*) CMSG_DATA(found);
938 }
Unnamed repository; edit this file 'description' to name the repository.