1 /* $NetBSD: inetd.h,v 1.6 2022/08/10 08:37:53 christos Exp $ */ 2 3 /*- 4 * Copyright (c) 1998, 2003 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Jason R. Thorpe of the Numerical Aerospace Simulation Facility, 9 * NASA Ames Research Center and by Matthias Scheler. 10 * 11 * Redistribution and use in source and binary forms, with or without 12 * modification, are permitted provided that the following conditions 13 * are met: 14 * 1. Redistributions of source code must retain the above copyright 15 * notice, this list of conditions and the following disclaimer. 16 * 2. Redistributions in binary form must reproduce the above copyright 17 * notice, this list of conditions and the following disclaimer in the 18 * documentation and/or other materials provided with the distribution. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 21 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 22 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 23 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 24 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 25 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 26 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 27 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 28 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 29 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 30 * POSSIBILITY OF SUCH DAMAGE. 31 */ 32 33 /* 34 * Copyright (c) 1983, 1991, 1993, 1994 35 * The Regents of the University of California. All rights reserved. 36 * 37 * Redistribution and use in source and binary forms, with or without 38 * modification, are permitted provided that the following conditions 39 * are met: 40 * 1. Redistributions of source code must retain the above copyright 41 * notice, this list of conditions and the following disclaimer. 42 * 2. Redistributions in binary form must reproduce the above copyright 43 * notice, this list of conditions and the following disclaimer in the 44 * documentation and/or other materials provided with the distribution. 45 * 3. Neither the name of the University nor the names of its contributors 46 * may be used to endorse or promote products derived from this software 47 * without specific prior written permission. 48 * 49 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 50 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 51 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 52 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 53 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 54 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 55 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 56 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 57 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 58 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 59 * SUCH DAMAGE. 60 */ 61 62 #ifndef _INETD_H 63 #define _INETD_H 64 65 #include <netinet/in.h> 66 #include <sys/socket.h> 67 #include <sys/time.h> 68 #include <sys/un.h> 69 #include <sys/queue.h> 70 71 #include <arpa/inet.h> 72 73 #include <netdb.h> 74 #include <stdbool.h> 75 76 #ifndef NO_RPC 77 #define RPC 78 #endif 79 80 #include <net/if.h> 81 82 #ifdef RPC 83 #include <rpc/rpc.h> 84 #include <rpc/rpcb_clnt.h> 85 #include <netconfig.h> 86 #endif 87 88 89 #include "pathnames.h" 90 91 #ifdef IPSEC 92 #include <netipsec/ipsec.h> 93 #ifndef IPSEC_POLICY_IPSEC /* no ipsec support on old ipsec */ 94 #undef IPSEC 95 #endif 96 #include "ipsec.h" 97 #endif 98 99 typedef enum service_type { 100 NORM_TYPE = 0, 101 MUX_TYPE = 1, 102 MUXPLUS_TYPE = 2, 103 FAITH_TYPE = 3 104 } service_type; 105 106 #define ISMUXPLUS(sep) ((sep)->se_type == MUXPLUS_TYPE) 107 #define ISMUX(sep) (((sep)->se_type == MUX_TYPE) || ISMUXPLUS(sep)) 108 109 #define TOOMANY 40 /* don't start more than TOOMANY */ 110 111 #define CONF_ERROR_FMT "%s line %zu: " 112 113 /* Log warning/error with 0 or variadic args with line number and file name */ 114 115 #define ILV(prio, msg, ...) syslog(prio, CONF_ERROR_FMT msg ".", \ 116 CONFIG, line_number __VA_OPT__(,) __VA_ARGS__) 117 118 #define WRN(msg, ...) ILV(LOG_WARNING, msg __VA_OPT__(,) __VA_ARGS__) 119 #define ERR(msg, ...) ILV(LOG_ERR, msg __VA_OPT__(,) __VA_ARGS__) 120 121 /* Debug logging */ 122 #ifdef DEBUG_ENABLE 123 #define DPRINTF(fmt, ...) do {\ 124 if (debug) {\ 125 fprintf(stderr, fmt "\n" __VA_OPT__(,) __VA_ARGS__);\ 126 }\ 127 } while (false) 128 #else 129 #define DPRINTF(fmt, ...) __nothing 130 #endif 131 132 #define DPRINTCONF(fmt, ...) DPRINTF(CONF_ERROR_FMT fmt,\ 133 CONFIG, line_number __VA_OPT__(,) __VA_ARGS__) 134 135 #define STRINGIFY(x) #x 136 #define TOSTRING(x) STRINGIFY(x) 137 138 /* "Unspecified" indicator value for servtabs (mainly used by v2 syntax) */ 139 #define SERVTAB_UNSPEC_VAL -1 140 141 #define SERVTAB_UNSPEC_SIZE_T SIZE_MAX 142 143 #define SERVTAB_COUNT_MAX (SIZE_MAX - (size_t)1) 144 145 /* Standard logging and debug print format for a servtab */ 146 #define SERV_FMT "%s/%s" 147 #define SERV_PARAMS(sep) sep->se_service,sep->se_proto 148 149 /* rate limiting macros */ 150 #define CNT_INTVL ((time_t)60) /* servers in CNT_INTVL sec. */ 151 #define RETRYTIME (60*10) /* retry after bind or server fail */ 152 153 struct servtab { 154 char *se_hostaddr; /* host address to listen on */ 155 char *se_service; /* name of service */ 156 int se_socktype; /* type of socket to use */ 157 sa_family_t se_family; /* address family */ 158 char *se_proto; /* protocol used */ 159 int se_sndbuf; /* sndbuf size */ 160 int se_rcvbuf; /* rcvbuf size */ 161 int se_rpcprog; /* rpc program number */ 162 int se_rpcversl; /* rpc program lowest version */ 163 int se_rpcversh; /* rpc program highest version */ 164 #define isrpcservice(sep) ((sep)->se_rpcversl != 0) 165 pid_t se_wait; /* single threaded server */ 166 short se_checked; /* looked at during merge */ 167 char *se_user; /* user name to run as */ 168 char *se_group; /* group name to run as */ 169 struct biltin *se_bi; /* if built-in, description */ 170 char *se_server; /* server program */ 171 #define MAXARGV 64 172 char *se_argv[MAXARGV+1]; /* program arguments */ 173 #ifdef IPSEC 174 char *se_policy; /* IPsec poilcy string */ 175 #endif 176 struct accept_filter_arg se_accf; /* accept filter for stream service */ 177 int se_fd; /* open descriptor */ 178 service_type se_type; /* type */ 179 union { 180 /* ensure correctness of C struct initializer */ 181 struct sockaddr_storage se_ctrladdr_storage; 182 struct sockaddr se_ctrladdr; 183 struct sockaddr_in se_ctrladdr_in; 184 struct sockaddr_in6 se_ctrladdr_in6; /* in6 is used by bind()/getaddrinfo */ 185 struct sockaddr_un se_ctrladdr_un; 186 }; /* bound address */ 187 socklen_t se_ctrladdr_size; 188 size_t se_service_max; /* max # of instances of this service per minute */ 189 size_t se_count; /* number of instances of this service started since se_time */ 190 size_t se_ip_max; /* max # of instances of this service per ip per minute */ 191 SLIST_HEAD(iplist, rl_ip_node) se_rl_ip_list; /* per-address (IP) rate limting */ 192 time_t se_time; /* start of se_count and ip_max counts, in seconds from arbitrary point */ 193 194 /* TODO convert to using SLIST */ 195 struct servtab *se_next; 196 }; 197 198 struct rl_ip_node { 199 /* Linked list entries */ 200 SLIST_ENTRY(rl_ip_node) entries; 201 /* 202 * Number of service spawns from *_addr since se_time (includes 203 * attempted starts if greater than se_ip_max). 204 */ 205 size_t count; 206 union { 207 struct in_addr ipv4_addr; 208 #ifdef INET6 209 /* align for efficient comparison in rl_try_get, could use 8 instead */ 210 struct in6_addr ipv6_addr __attribute__((aligned(16))); 211 #endif 212 /* 213 * other_addr is used for other address types besides the 214 * special cases (IPv4/IPv6), using getnameinfo. 215 */ 216 struct { 217 /* A field is required before the special array member */ 218 char _placeholder; 219 /* malloc'd storage varies with length of string */ 220 char other_addr[]; 221 }; 222 }; 223 /* 224 * Do not declare further members after union, offsetof is used to 225 * determine malloc size. 226 */ 227 }; 228 229 /* 230 * From inetd.c 231 */ 232 233 void setup(struct servtab *); 234 void close_sep(struct servtab *); 235 void register_rpc(struct servtab *); 236 void unregister_rpc(struct servtab *); 237 bool try_biltin(struct servtab *); 238 239 /* Global debug mode boolean, enabled with -d */ 240 extern int debug; 241 242 /* rate limit or other error timed out flag */ 243 extern int timingout; 244 245 /* servtab linked list */ 246 extern struct servtab *servtab; 247 248 /* 249 * From parse.c 250 */ 251 252 void config_root(void); 253 int parse_protocol(struct servtab *); 254 int parse_wait(struct servtab *, int); 255 int parse_server(struct servtab *, const char *); 256 void parse_socktype(char *, struct servtab *); 257 void parse_accept_filter(char *, struct servtab *); 258 char *nextline(FILE *); 259 char *newstr(const char *); 260 261 /* Current line number in current config file */ 262 extern size_t line_number; 263 264 /* Current config file path */ 265 extern const char *CONFIG; 266 267 /* Open config file */ 268 extern FILE *fconfig; 269 270 /* Default listening hostname/IP for current config file */ 271 extern char *defhost; 272 273 /* Default IPsec policy for current config file */ 274 extern char *policy; 275 276 /* 277 * From ratelimit.c 278 */ 279 280 int rl_process(struct servtab *, int); 281 void rl_clear_ip_list(struct servtab *); 282 283 /* 284 * From parse_v2.c 285 */ 286 287 typedef enum parse_v2_result {V2_SUCCESS, V2_SKIP, V2_ERROR} parse_v2_result; 288 289 /* 290 * Parse a key-values service definition, starting at the token after 291 * on/off (i.e. parse a series of key-values pairs terminated by a semicolon). 292 * Fills the provided servtab structure. Does not call freeconfig on error. 293 */ 294 parse_v2_result parse_syntax_v2(struct servtab *, char **); 295 296 #endif 297