1 /*-*- Mode: C; c-basic-offset: 8 -*-*/
4 This file is part of systemd.
6 Copyright 2010 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
27 #include <arpa/inet.h>
30 #include <sys/types.h>
32 #include <selinux/selinux.h>
36 #include "socket-util.h"
39 int socket_address_parse(SocketAddress *a, const char *s) {
48 a->type = SOCK_STREAM;
51 /* IPv6 in [x:.....:z]:p notation */
53 if (!(e = strchr(s+1, ']')))
56 if (!(n = strndup(s+1, e-s-1)))
60 if (inet_pton(AF_INET6, n, &a->sockaddr.in6.sin6_addr) <= 0) {
62 return errno != 0 ? -errno : -EINVAL;
72 if ((r = safe_atou(e, &u)) < 0)
75 if (u <= 0 || u > 0xFFFF)
78 a->sockaddr.in6.sin6_family = AF_INET6;
79 a->sockaddr.in6.sin6_port = htons((uint16_t) u);
80 a->size = sizeof(struct sockaddr_in6);
82 } else if (*s == '/') {
88 if (l >= sizeof(a->sockaddr.un.sun_path))
91 a->sockaddr.un.sun_family = AF_UNIX;
92 memcpy(a->sockaddr.un.sun_path, s, l);
93 a->size = sizeof(sa_family_t) + l + 1;
95 } else if (*s == '@') {
96 /* Abstract AF_UNIX socket */
100 if (l >= sizeof(a->sockaddr.un.sun_path) - 1)
103 a->sockaddr.un.sun_family = AF_UNIX;
104 memcpy(a->sockaddr.un.sun_path+1, s+1, l);
105 a->size = sizeof(sa_family_t) + 1 + l;
109 if ((e = strchr(s, ':'))) {
111 if ((r = safe_atou(e+1, &u)) < 0)
114 if (u <= 0 || u > 0xFFFF)
117 if (!(n = strndup(s, e-s)))
120 /* IPv4 in w.x.y.z:p notation? */
121 if ((r = inet_pton(AF_INET, n, &a->sockaddr.in4.sin_addr)) < 0) {
127 /* Gotcha, it's a traditional IPv4 address */
130 a->sockaddr.in4.sin_family = AF_INET;
131 a->sockaddr.in4.sin_port = htons((uint16_t) u);
132 a->size = sizeof(struct sockaddr_in);
136 if (strlen(n) > IF_NAMESIZE-1) {
141 /* Uh, our last resort, an interface name */
142 idx = if_nametoindex(n);
148 a->sockaddr.in6.sin6_family = AF_INET6;
149 a->sockaddr.in6.sin6_port = htons((uint16_t) u);
150 a->sockaddr.in6.sin6_scope_id = idx;
151 a->sockaddr.in6.sin6_addr = in6addr_any;
152 a->size = sizeof(struct sockaddr_in6);
158 if ((r = safe_atou(s, &u)) < 0)
161 if (u <= 0 || u > 0xFFFF)
164 a->sockaddr.in6.sin6_family = AF_INET6;
165 a->sockaddr.in6.sin6_port = htons((uint16_t) u);
166 a->sockaddr.in6.sin6_addr = in6addr_any;
167 a->size = sizeof(struct sockaddr_in6);
174 int socket_address_verify(const SocketAddress *a) {
177 switch (socket_address_family(a)) {
179 if (a->size != sizeof(struct sockaddr_in))
182 if (a->sockaddr.in4.sin_port == 0)
188 if (a->size != sizeof(struct sockaddr_in6))
191 if (a->sockaddr.in6.sin6_port == 0)
197 if (a->size < sizeof(sa_family_t))
200 if (a->size > sizeof(sa_family_t)) {
202 if (a->sockaddr.un.sun_path[0] != 0) {
206 if (!(e = memchr(a->sockaddr.un.sun_path, 0, sizeof(a->sockaddr.un.sun_path))))
209 if (a->size != sizeof(sa_family_t) + (e - a->sockaddr.un.sun_path) + 1)
217 return -EAFNOSUPPORT;
221 int socket_address_print(const SocketAddress *a, char **p) {
226 if ((r = socket_address_verify(a)) < 0)
229 switch (socket_address_family(a)) {
233 if (!(ret = new(char, INET_ADDRSTRLEN+1+5+1)))
236 if (!inet_ntop(AF_INET, &a->sockaddr.in4.sin_addr, ret, INET_ADDRSTRLEN)) {
241 sprintf(strchr(ret, 0), ":%u", ntohs(a->sockaddr.in4.sin_port));
249 if (!(ret = new(char, 1+INET6_ADDRSTRLEN+2+5+1)))
253 if (!inet_ntop(AF_INET6, &a->sockaddr.in6.sin6_addr, ret+1, INET6_ADDRSTRLEN)) {
258 sprintf(strchr(ret, 0), "]:%u", ntohs(a->sockaddr.in6.sin6_port));
266 if (a->size <= sizeof(sa_family_t)) {
268 if (!(ret = strdup("<unamed>")))
271 } else if (a->sockaddr.un.sun_path[0] == 0) {
274 /* FIXME: We assume we can print the
275 * socket path here and that it hasn't
276 * more than one NUL byte. That is
277 * actually an invalid assumption */
279 if (!(ret = new(char, sizeof(a->sockaddr.un.sun_path)+1)))
283 memcpy(ret+1, a->sockaddr.un.sun_path+1, sizeof(a->sockaddr.un.sun_path)-1);
284 ret[sizeof(a->sockaddr.un.sun_path)] = 0;
288 if (!(ret = strdup(a->sockaddr.un.sun_path)))
301 int socket_address_listen(
302 const SocketAddress *a,
304 SocketAddressBindIPv6Only only,
305 const char *bind_to_device,
307 mode_t directory_mode,
309 security_context_t scon,
316 if ((r = socket_address_verify(a)) < 0)
319 if (setsockcreatecon(scon) < 0) {
320 log_error("Failed to set SELinux context (%s) on socket: %m", scon);
321 if (security_getenforce() == 1)
325 fd = socket(socket_address_family(a), a->type | SOCK_NONBLOCK | SOCK_CLOEXEC, 0);
326 r = fd < 0 ? -errno : 0;
328 setsockcreatecon(NULL);
333 if (socket_address_family(a) == AF_INET6 && only != SOCKET_ADDRESS_DEFAULT) {
334 int flag = only == SOCKET_ADDRESS_IPV6_ONLY;
336 if (setsockopt(fd, IPPROTO_IPV6, IPV6_V6ONLY, &flag, sizeof(flag)) < 0)
341 if (setsockopt(fd, SOL_SOCKET, SO_BINDTODEVICE, bind_to_device, strlen(bind_to_device)+1) < 0)
346 if (setsockopt(fd, IPPROTO_IP, IP_FREEBIND, &one, sizeof(one)) < 0)
347 log_warning("IP_FREEBIND failed: %m");
351 if (setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one)) < 0)
354 if (socket_address_family(a) == AF_UNIX && a->sockaddr.un.sun_path[0] != 0) {
358 mkdir_parents(a->sockaddr.un.sun_path, directory_mode);
360 /* Enforce the right access mode for the socket*/
361 old_mask = umask(~ socket_mode);
363 /* Include the original umask in our mask */
364 umask(~socket_mode | old_mask);
366 r = bind(fd, &a->sockaddr.sa, a->size);
368 if (r < 0 && errno == EADDRINUSE) {
369 /* Unlink and try again */
370 unlink(a->sockaddr.un.sun_path);
371 r = bind(fd, &a->sockaddr.sa, a->size);
376 r = bind(fd, &a->sockaddr.sa, a->size);
381 if (a->type == SOCK_STREAM)
382 if (listen(fd, backlog) < 0)
390 close_nointr_nofail(fd);
394 bool socket_address_can_accept(const SocketAddress *a) {
398 a->type == SOCK_STREAM ||
399 a->type == SOCK_SEQPACKET;
402 bool socket_address_equal(const SocketAddress *a, const SocketAddress *b) {
406 /* Invalid addresses are unequal to all */
407 if (socket_address_verify(a) < 0 ||
408 socket_address_verify(b) < 0)
411 if (a->type != b->type)
414 if (a->size != b->size)
417 if (socket_address_family(a) != socket_address_family(b))
420 switch (socket_address_family(a)) {
423 if (a->sockaddr.in4.sin_addr.s_addr != b->sockaddr.in4.sin_addr.s_addr)
426 if (a->sockaddr.in4.sin_port != b->sockaddr.in4.sin_port)
432 if (memcmp(&a->sockaddr.in6.sin6_addr, &b->sockaddr.in6.sin6_addr, sizeof(a->sockaddr.in6.sin6_addr)) != 0)
435 if (a->sockaddr.in6.sin6_port != b->sockaddr.in6.sin6_port)
442 if ((a->sockaddr.un.sun_path[0] == 0) != (b->sockaddr.un.sun_path[0] == 0))
445 if (a->sockaddr.un.sun_path[0]) {
446 if (strncmp(a->sockaddr.un.sun_path, b->sockaddr.un.sun_path, sizeof(a->sockaddr.un.sun_path)) != 0)
449 if (memcmp(a->sockaddr.un.sun_path, b->sockaddr.un.sun_path, a->size) != 0)
456 /* Cannot compare, so we assume the addresses are different */
463 bool socket_address_is(const SocketAddress *a, const char *s, int type) {
464 struct SocketAddress b;
469 if (socket_address_parse(&b, s) < 0)
474 return socket_address_equal(a, &b);
477 bool socket_address_needs_mount(const SocketAddress *a, const char *prefix) {
480 if (socket_address_family(a) != AF_UNIX)
483 if (a->sockaddr.un.sun_path[0] == 0)
486 return path_startswith(a->sockaddr.un.sun_path, prefix);
489 static const char* const socket_address_bind_ipv6_only_table[_SOCKET_ADDRESS_BIND_IPV6_ONLY_MAX] = {
490 [SOCKET_ADDRESS_DEFAULT] = "default",
491 [SOCKET_ADDRESS_BOTH] = "both",
492 [SOCKET_ADDRESS_IPV6_ONLY] = "ipv6-only"
495 DEFINE_STRING_TABLE_LOOKUP(socket_address_bind_ipv6_only, SocketAddressBindIPv6Only);