X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ian/git?p=userv-utils.git;a=blobdiff_plain;f=ipif%2Fservice.c;h=eacfc63c1ce4d9782d7823716ec5b71281c55f13;hp=0a29f0695d4dfb21850c1ce943b2b7153c56a638;hb=f2add8c1b19c46ff78655278643c3c2851db7566;hpb=22fd0ebe07ae9f634cd5ab01dbc2e6506bc99b65

diff --git a/ipif/service.c b/ipif/service.c
index 0a29f06..eacfc63 100644
--- a/ipif/service.c
+++ b/ipif/service.c
@@ -30,11 +30,11 @@
  *
  *  The remaining arguments are supplied by the (untrusted) caller:
  *
- *  <local-addr>,<peer-addr>,<mtu>,<proto>
+ *  <local-addr>,<peer-addr>,<mtu>[,[<proto>][,[<ifnamepat>]]]
  *
- *      As for slattach.  Supported protocols are slip, cslip, and
- *      adaptive.  Alternatively, set to `debug' to print debugging info
- *      and exit.  <local-addr> is address of the interface to be created
+ *      As for slattach.  The only supported protocol is slip.
+ *      Alternatively, set to `debug' to print debugging info and
+ *      exit.  <local-addr> is address of the interface to be created
  *      on the local system; <peer-addr> is the address of the
  *      point-to-point peer.  They must be actual addresses (not
  *      hostnames).
@@ -48,9 +48,9 @@
  *      not supported).  If no additional routes are to be set up, use `-'
  *      or supply an empty argument.
  *
- * Each <config> item - whether a line file such as
- * /etc/userv/ipif-networks, or supplied on the service program
- * command line - is one of:
+ * Each <config> item - whether a line in a file such as
+ * /etc/userv/ipif-networks, or the single trusted argument supplied
+ * on the service program command line - is one of:
  *
  *   /<config-file-name>
  *   ./<config-file-name>
@@ -82,6 +82,9 @@
  *      service program directly (not via userv), without needing to set up
  *      permissions in /etc/userv/ipif-networks.
  *
+ *      Only `*' permits interface name patterns other than the default
+ *      value of `userv%d'.
+ *
  *   #...
  *
  *      Comment.  Blank lines are also ignored.
@@ -91,12 +94,17 @@
  * The service program should be run from userv with no-disconnect-hup.
  */
 /*
- * Copyright (C) 1999-2000,2003 Ian Jackson
  * This file is part of ipif, part of userv-utils
  *
+ * Copyright 1996-2013 Ian Jackson <ijackson@chiark.greenend.org.uk>
+ * Copyright 1998 David Damerell <damerell@chiark.greenend.org.uk>
+ * Copyright 1999,2003
+ *    Chancellor Masters and Scholars of the University of Cambridge
+ * Copyright 2010 Tony Finch <fanf@dotat.at>
+ *
  * This is free software; you can redistribute it and/or modify it
  * under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
+ * the Free Software Foundation; either version 3 of the License, or
  * (at your option) any later version.
  *
  * This program is distributed in the hope that it will be useful, but
@@ -105,10 +113,7 @@
  * General Public License for more details.
  *
  * You should have received a copy of the GNU General Public License
- * along with userv-utils; if not, write to the Free Software
- * Foundation, 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
- *
- * $Id$
+ * along with userv-utils; if not, see http://www.gnu.org/licenses/.
  */
 
 #include <stdio.h>
@@ -123,6 +128,7 @@
 #include <unistd.h>
 #include <stdint.h>
 #include <poll.h>
+#include <stddef.h>
 
 #include <sys/types.h>
 #include <sys/wait.h>
@@ -143,13 +149,15 @@
 #define ATXTLEN 16
 
 static const unsigned long gidmaxval= (unsigned long)((gid_t)-2);
-static const char *const protos_ok[]= { "slip", "cslip", "adaptive", 0 };
+static const char *const protos_ok[]= { "slip", 0 };
 static const int signals[]= { SIGHUP, SIGINT, SIGTERM, 0 };
+static const char default_ifnamepat[]= "userv%d";
 
 static const char *configstr, *proto;
 static unsigned long localaddr, peeraddr, mtu;
 static int localpming, peerpming;
-static int localallow, peerallow, allallow;
+static int localallow, peerallow, ifnameallow, allallow;
+static char *ifnamepat;
 static int nexroutes;
 static struct exroute {
   unsigned long prefix, mask;
@@ -321,6 +329,34 @@ static void eat_prefixmask(const char **argp, const char *what,
   if (len_r) *len_r= len;
 }
 
+static char *eat_optionalstr(const char **argp,
+			     const char *what,
+			     const char *def) {
+  ptrdiff_t len;
+  const char *start= *argp;
+  if (!start) {
+    len = 0;
+  } else {
+    const char *comma= strchr(start, ',');
+    if (comma) {
+      len= comma - start;
+      *argp= comma + 1;
+    } else {
+      len= strlen(start);
+      *argp= 0;
+    }
+  }
+  if (!len) {
+    start= def;
+    len= strlen(def);
+  }
+  char *r = malloc(len+1);
+  if (!r) sysfatal("malloc for command line string");
+  memcpy(r,start,len);
+  r[len]= 0;
+  return r;
+}
+
 static int addrnet_isin(unsigned long prefix, unsigned long mask,
 			unsigned long mprefix, unsigned long mmask) {
   return  !(~mask & mmask)  &&  (prefix & mmask) == mprefix;
@@ -445,6 +481,7 @@ static void pconfig(const char *configstr, int truncated) {
   case '*':
     permit_begin();
     permit_range(0UL,0UL,1,0);
+    ifnameallow= 1;
     return;
     
   case '#':
@@ -543,15 +580,18 @@ static void parseargs(int argc, const char *const *argv) {
   peeraddr= eat_addr(&carg,"peer-addr", ",",0);
   mtu= eat_number(&carg,"mtu", 576,65536, ",",0);
   localallow= peerallow= 0;
-  
-  if (!strcmp(carg,"debug")) {
+
+  char *protostr= eat_optionalstr(&carg,"protocol","slip");
+  if (!strcmp(protostr,"debug")) {
     proto= 0;
   } else {
     for (cprotop= protos_ok;
-	 (proto= *cprotop) && strcmp(proto,carg);
+	 (proto= *cprotop) && strcmp(proto,protostr);
 	 cprotop++);
     if (!proto) fatal("invalid protocol");
   }
+
+  ifnamepat= eat_optionalstr(&carg,"ifname pattern",default_ifnamepat);
   
   addrnet_mustdiffer("local-addr",localaddr,~0UL, "peer-addr",peeraddr,~0UL);
   
@@ -597,6 +637,14 @@ static void checkpermit(void) {
     sprintf(erwhatbuf, "route#%d", i);
     checkallow(exroutes[i].allow, erwhatbuf, exroutes[i].prefixtxt, exroutes[i].masktxt);
   }
+  if (!strcmp(ifnamepat,default_ifnamepat))
+    ifnameallow= 1;
+  if (!ifnameallow) {
+    fprintf(stderr,
+	    "userv-ipif service: access denied for interface name %s\n",
+	    ifnamepat);
+    allallow= 0;
+  }
   if (!allallow) fatal("access denied");
 }
 
@@ -635,7 +683,7 @@ static int task(const char *desc) {
   if (!pid) return 1;
 
   for (;;) {
-    pidr= waitpid(pid,&status,WNOHANG);
+    pidr= waitpid(pid,&status,0);
     if (pidr!=(pid_t)-1) break;
     if (errno==EINTR) continue;
     sysfatal("waitpid for task");
@@ -643,31 +691,29 @@ static int task(const char *desc) {
   assert(pidr==pid);
 
   if (WIFEXITED(status)) {
-    fprintf(stderr,
-	    "userv-ipif service: %s unexpectedly exited with exit status %d\n",
+    if (WEXITSTATUS(status))
+      fatal("userv-ipif service: %s exited with error exit status %d\n",
 	    desc, WEXITSTATUS(status));
   } else if (WIFSIGNALED(status)) {
-    fprintf(stderr,
-	    "userv-ipif service: %s unexpectedly killed by signal %s%s\n",
-	    desc, strsignal(WTERMSIG(status)),
-	    WCOREDUMP(status) ? " (core dumped)" : "");
+    fatal("userv-ipif service: %s died due to signal %s%s\n",
+	  desc, strsignal(WTERMSIG(status)),
+	  WCOREDUMP(status) ? " (core dumped)" : "");
   } else {
-    fprintf(stderr, "userv-ipif service: %s unexpectedly terminated"
-	    " with unknown status code %d\n", desc, status);
+    fatal("userv-ipif service: %s unexpectedly terminated"
+	  " with unknown status code %d\n", desc, status);
   }
 
   return 0;
 }
 
 static void createif(void) {
-  static const char ifnamepat[]= "userv%d";
   struct ifreq ifr;
   int r;
 
   memset(&ifr,0,sizeof(ifr));
   ifr.ifr_flags= IFF_TUN | IFF_NO_PI;
 
-  assert(sizeof(ifr.ifr_name) >= sizeof(ifnamepat));
+  assert(sizeof(ifr.ifr_name) >= strlen(ifnamepat)+1);
   strcpy(ifr.ifr_name, ifnamepat);
 
   tunfd= open("/dev/net/tun", O_RDWR);
@@ -696,7 +742,7 @@ static void netconfigure(void) {
     sprintf(mtutxt,"%lu",mtu);
   
     execlp("ifconfig", "ifconfig", ifname, localtxt,
-	   "netmask","255.255.255.255", "-broadcast", "pointopoint",peertxt,
+	   "netmask","255.255.255.255", "pointopoint",peertxt, "-broadcast",
 	   "mtu",mtutxt, "up", (char*)0);
     sysfatal("cannot exec ifconfig");
   }
@@ -720,11 +766,13 @@ static void setnonblock(int fd) {
 }
 
 static void rx_packet(const uint8_t *packet, int len) {
+  if (!len)
+    return;
   for (;;) {
     int r= write(tunfd, packet, len);
     if (r<0) {
       if (errno==EINTR) continue;
-      if (errno==EAGAIN) return; /* oh well */
+      if (errno==EAGAIN || errno==ENOMEM) return; /* oh well */
       sysfatal("error writing packet to tun (transmitting)");
     }
     assert(r==len);
@@ -791,6 +839,9 @@ static void tx_packet(uint8_t *output_buf, const uint8_t *ip, int inlen) {
     else if (c==SLIP_ESC) { *op++= SLIP_ESC; *op++= SLIP_ESC_ESC; }
     else *op++= c;
   }
+  *op++= SLIP_END;
+  assert(op <= output_buf + mtu*2+2);
+
   output_waiting= op - output_buf;
 }
 
@@ -816,6 +867,10 @@ static void copydata(void) {
    * Output packets we buffer, so we poll only as appropriate for those.
    */
 
+  /* Start by transmitting one END byte to say we're ready. */
+  output_buf[0]= SLIP_END;
+  output_waiting= 1;
+
   for (;;) {
     if (output_waiting) {
       r= write(1, output_buf, output_waiting);
@@ -855,7 +910,7 @@ static void copydata(void) {
       r= read(0, input_buf + input_waiting, want);
       if (r>0) {
 	input_waiting += r;
-	assert(r < sizeof(input_buf));
+	assert(input_waiting <= sizeof(input_buf));
 	more_rx_data(input_buf, rx_packet_buf);
       } else if (r==0) {
 	terminate(0);