1 /* $NetBSD: kadm_conn.c,v 1.1.1.1 2011/04/13 18:14:35 elric Exp $ */ 2 3 /* 4 * Copyright (c) 2000 - 2004 Kungliga Tekniska Högskolan 5 * (Royal Institute of Technology, Stockholm, Sweden). 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * 3. Neither the name of the Institute nor the names of its contributors 20 * may be used to endorse or promote products derived from this software 21 * without specific prior written permission. 22 * 23 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 26 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 33 * SUCH DAMAGE. 34 */ 35 36 #include "kadmin_locl.h" 37 #ifdef HAVE_SYS_WAIT_H 38 #include <sys/wait.h> 39 #endif 40 41 struct kadm_port { 42 char *port; 43 unsigned short def_port; 44 struct kadm_port *next; 45 } *kadm_ports; 46 47 static void 48 add_kadm_port(krb5_context context, const char *service, unsigned int port) 49 { 50 struct kadm_port *p; 51 p = malloc(sizeof(*p)); 52 if(p == NULL) { 53 krb5_warnx(context, "failed to allocate %lu bytes\n", 54 (unsigned long)sizeof(*p)); 55 return; 56 } 57 58 p->port = strdup(service); 59 p->def_port = port; 60 61 p->next = kadm_ports; 62 kadm_ports = p; 63 } 64 65 static void 66 add_standard_ports (krb5_context context) 67 { 68 add_kadm_port(context, "kerberos-adm", 749); 69 } 70 71 /* 72 * parse the set of space-delimited ports in `str' and add them. 73 * "+" => all the standard ones 74 * otherwise it's port|service[/protocol] 75 */ 76 77 void 78 parse_ports(krb5_context context, const char *str) 79 { 80 char p[128]; 81 82 while(strsep_copy(&str, " \t", p, sizeof(p)) != -1) { 83 if(strcmp(p, "+") == 0) 84 add_standard_ports(context); 85 else 86 add_kadm_port(context, p, 0); 87 } 88 } 89 90 static pid_t pgrp; 91 sig_atomic_t term_flag, doing_useful_work; 92 93 static RETSIGTYPE 94 sigchld(int sig) 95 { 96 int status; 97 /* 98 * waitpid() is async safe. will return -1 or 0 on no more zombie 99 * children 100 */ 101 while ((waitpid(-1, &status, WNOHANG)) > 0) 102 ; 103 SIGRETURN(0); 104 } 105 106 static RETSIGTYPE 107 terminate(int sig) 108 { 109 if(getpid() == pgrp) { 110 /* parent */ 111 term_flag = 1; 112 signal(sig, SIG_IGN); 113 killpg(pgrp, sig); 114 } else { 115 /* child */ 116 if(doing_useful_work) 117 term_flag = 1; 118 else 119 exit(0); 120 } 121 SIGRETURN(0); 122 } 123 124 static int 125 spawn_child(krb5_context context, int *socks, 126 unsigned int num_socks, int this_sock) 127 { 128 int e, i; 129 struct sockaddr_storage __ss; 130 struct sockaddr *sa = (struct sockaddr *)&__ss; 131 socklen_t sa_size = sizeof(__ss); 132 krb5_socket_t s; 133 pid_t pid; 134 krb5_address addr; 135 char buf[128]; 136 size_t buf_len; 137 138 s = accept(socks[this_sock], sa, &sa_size); 139 if(rk_IS_BAD_SOCKET(s)) { 140 krb5_warn(context, rk_SOCK_ERRNO, "accept"); 141 return 1; 142 } 143 e = krb5_sockaddr2address(context, sa, &addr); 144 if(e) 145 krb5_warn(context, e, "krb5_sockaddr2address"); 146 else { 147 e = krb5_print_address (&addr, buf, sizeof(buf), 148 &buf_len); 149 if(e) 150 krb5_warn(context, e, "krb5_print_address"); 151 else 152 krb5_warnx(context, "connection from %s", buf); 153 krb5_free_address(context, &addr); 154 } 155 156 pid = fork(); 157 if(pid == 0) { 158 for(i = 0; i < num_socks; i++) 159 rk_closesocket(socks[i]); 160 dup2(s, STDIN_FILENO); 161 dup2(s, STDOUT_FILENO); 162 if(s != STDIN_FILENO && s != STDOUT_FILENO) 163 rk_closesocket(s); 164 return 0; 165 } else { 166 rk_closesocket(s); 167 } 168 return 1; 169 } 170 171 static void 172 wait_for_connection(krb5_context context, 173 krb5_socket_t *socks, unsigned int num_socks) 174 { 175 unsigned int i; 176 int e; 177 fd_set orig_read_set, read_set; 178 int status, max_fd = -1; 179 180 FD_ZERO(&orig_read_set); 181 182 for(i = 0; i < num_socks; i++) { 183 #ifdef FD_SETSIZE 184 if (socks[i] >= FD_SETSIZE) 185 errx (1, "fd too large"); 186 #endif 187 FD_SET(socks[i], &orig_read_set); 188 max_fd = max(max_fd, socks[i]); 189 } 190 191 pgrp = getpid(); 192 193 if(setpgid(0, pgrp) < 0) 194 err(1, "setpgid"); 195 196 signal(SIGTERM, terminate); 197 signal(SIGINT, terminate); 198 signal(SIGCHLD, sigchld); 199 200 while (term_flag == 0) { 201 read_set = orig_read_set; 202 e = select(max_fd + 1, &read_set, NULL, NULL, NULL); 203 if(rk_IS_SOCKET_ERROR(e)) { 204 if(rk_SOCK_ERRNO != EINTR) 205 krb5_warn(context, rk_SOCK_ERRNO, "select"); 206 } else if(e == 0) 207 krb5_warnx(context, "select returned 0"); 208 else { 209 for(i = 0; i < num_socks; i++) { 210 if(FD_ISSET(socks[i], &read_set)) 211 if(spawn_child(context, socks, num_socks, i) == 0) 212 return; 213 } 214 } 215 } 216 signal(SIGCHLD, SIG_IGN); 217 218 while ((waitpid(-1, &status, WNOHANG)) > 0) 219 ; 220 221 exit(0); 222 } 223 224 225 void 226 start_server(krb5_context context, const char *port_str) 227 { 228 int e; 229 struct kadm_port *p; 230 231 krb5_socket_t *socks = NULL, *tmp; 232 unsigned int num_socks = 0; 233 int i; 234 235 if (port_str == NULL) 236 port_str = "+"; 237 238 parse_ports(context, port_str); 239 240 for(p = kadm_ports; p; p = p->next) { 241 struct addrinfo hints, *ai, *ap; 242 char portstr[32]; 243 memset (&hints, 0, sizeof(hints)); 244 hints.ai_flags = AI_PASSIVE; 245 hints.ai_socktype = SOCK_STREAM; 246 247 e = getaddrinfo(NULL, p->port, &hints, &ai); 248 if(e) { 249 snprintf(portstr, sizeof(portstr), "%u", p->def_port); 250 e = getaddrinfo(NULL, portstr, &hints, &ai); 251 } 252 253 if(e) { 254 krb5_warn(context, krb5_eai_to_heim_errno(e, errno), 255 "%s", portstr); 256 continue; 257 } 258 i = 0; 259 for(ap = ai; ap; ap = ap->ai_next) 260 i++; 261 tmp = realloc(socks, (num_socks + i) * sizeof(*socks)); 262 if(tmp == NULL) { 263 krb5_warnx(context, "failed to reallocate %lu bytes", 264 (unsigned long)(num_socks + i) * sizeof(*socks)); 265 continue; 266 } 267 socks = tmp; 268 for(ap = ai; ap; ap = ap->ai_next) { 269 krb5_socket_t s = socket(ap->ai_family, ap->ai_socktype, ap->ai_protocol); 270 if(rk_IS_BAD_SOCKET(s)) { 271 krb5_warn(context, rk_SOCK_ERRNO, "socket"); 272 continue; 273 } 274 275 socket_set_reuseaddr(s, 1); 276 socket_set_ipv6only(s, 1); 277 278 if (rk_IS_SOCKET_ERROR(bind (s, ap->ai_addr, ap->ai_addrlen))) { 279 krb5_warn(context, rk_SOCK_ERRNO, "bind"); 280 rk_closesocket(s); 281 continue; 282 } 283 if (rk_IS_SOCKET_ERROR(listen (s, SOMAXCONN))) { 284 krb5_warn(context, rk_SOCK_ERRNO, "listen"); 285 rk_closesocket(s); 286 continue; 287 } 288 socks[num_socks++] = s; 289 } 290 freeaddrinfo (ai); 291 } 292 if(num_socks == 0) 293 krb5_errx(context, 1, "no sockets to listen to - exiting"); 294 295 wait_for_connection(context, socks, num_socks); 296 } 297