3 * Main header file for port forwarder
5 * (c) 1999 Straylight/Edgeware
8 /*----- Licensing notice --------------------------------------------------*
10 * This file is part of the `fwd' port forwarder.
12 * `fwd' is free software; you can redistribute it and/or modify
13 * it under the terms of the GNU General Public License as published by
14 * the Free Software Foundation; either version 2 of the License, or
15 * (at your option) any later version.
17 * `fwd' is distributed in the hope that it will be useful,
18 * but WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 * GNU General Public License for more details.
22 * You should have received a copy of the GNU General Public License
23 * along with `fwd'; if not, write to the Free Software Foundation,
24 * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
34 /*----- Header files ------------------------------------------------------*/
36 /* --- Configuration --- */
62 #include <sys/types.h>
68 #include <sys/socket.h>
70 #include <netinet/in.h>
71 #include <arpa/inet.h>
81 #include <mLib/alloc.h>
82 #include <mLib/bres.h>
83 #include <mLib/conn.h>
84 #include <mLib/darray.h>
85 #include <mLib/dstr.h>
87 #include <mLib/fdflags.h>
88 #include <mLib/fdpass.h>
89 #include <mLib/ident.h>
90 #include <mLib/mdwopt.h>
91 #include <mLib/quis.h>
92 #include <mLib/report.h>
94 #include <mLib/selbuf.h>
101 /*----- Other subtleties --------------------------------------------------*/
103 #if defined(HAVE_DECL_ENVIRON) && !HAVE_DECL_ENVIRON
104 extern char **environ;
107 /*----- Main program ------------------------------------------------------*/
109 /* --- The global select state --- */
111 extern sel_state *sel;
113 /* --- Help text --- */
115 extern const char grammar_text[];
116 extern const char option_text[];
118 /* --- @fw_log@ --- *
120 * Arguments: @time_t t@ = when the connection occurred or (@-1@)
121 * @const char *fmt@ = format string to fill in
122 * @...@ = other arguments
126 * Use: Logs a connection.
129 extern void fw_log(time_t /*t*/, const char */*fmt*/, ...);
131 /* --- @fw_inc@, @fw_dec@ --- *
137 * Use: Increments or decrements the active thing count. `fwd' won't
138 * quit while there are active things.
141 extern void fw_inc(void);
142 extern void fw_dec(void);
144 /*----- Channel management ------------------------------------------------*/
146 /* --- Magic numbers --- */
148 #define CHAN_BUFSZ 4096
150 /* --- Channel structure --- */
152 typedef struct chan {
153 unsigned base, len; /* Base and length of data */
154 unsigned f; /* Various interesting flags */
155 void (*func)(void */*p*/); /* Function to call on closure */
156 void *p; /* Argument to pass function */
157 sel_file r, w; /* Reader and writer selectors */
158 char buf[CHAN_BUFSZ]; /* The actual data buffer */
161 #define CHANF_CLOSE 1u /* Close channel when buffer empty */
162 #define CHANF_READY 2u /* The channel destination exists */
164 /* --- @chan_close@ --- *
166 * Arguments: @chan *c@ = pointer to channel
170 * Use: Closes down a channel prematurely.
173 extern void chan_close(chan */*c*/);
175 /* --- @chan_dest@ --- *
177 * Arguments: @chan *c@ = pointer to channel
178 * @int fd@ = destination file descriptor for channel
182 * Use: Sets the channel's destination so it knows where to put
186 extern void chan_dest(chan */*c*/, int /*fd*/);
188 /* --- @chan_open@ --- *
190 * Arguments: @chan *c@ = pointer to channel to open
191 * @int from, to@ = source and destination file descriptors
192 * @void (*func)(void *p)@ = function to call on closure
193 * @void *p@ = argument to pass to function
197 * Use: Opens a channel. Data is copied from the source to the
198 * destination. The @to@ argument may be @-1@ if the file
199 * descriptor isn't known yet.
202 extern void chan_open(chan */*c*/, int /*from*/, int /*to*/,
203 void (*/*func*/)(void */*p*/), void */*p*/);
205 /*----- Character scanners ------------------------------------------------*/
207 /* --- A low-level scanner source --- */
209 typedef struct scansrc {
210 struct scansrc *next; /* Next one in the list */
211 struct scansrc_ops *ops; /* Pointer to operations table */
212 char *src; /* Name of this source */
213 int line; /* Current line number */
214 dstr pushback; /* Pushback characters */
215 char *tok; /* Token pushback */
216 unsigned t; /* Token type pushback */
219 /* --- Scanner source operations --- */
221 typedef struct scansrc_ops {
222 int (*scan)(scansrc */*ss*/); /* Read another character */
223 void (*destroy)(scansrc */*ss*/); /* Destroy an unwanted source */
226 /* --- A character scanner --- */
228 typedef struct scanner {
229 scansrc *head, **tail; /* Scanner list head and tail */
230 int t; /* Token type */
231 dstr d; /* Current token value */
232 const char *wbegin, *wcont; /* Parsing exception strings */
235 /* --- @scan_file@ --- *
237 * Arguments: @FILE *fp@ = pointer to file descriptor
238 * @const char *name@ = pointer to source file name
239 * @unsigned f@ = flags
241 * Returns: A scanner source.
243 * Use: Creates a new scanner source for reading from a file.
246 #define SCF_NOCLOSE 1u /* Don't close @fp@ when finished */
248 extern scansrc *scan_file(FILE */*fp*/, const char */*name*/,
251 /* --- @scan_argv@ --- *
253 * Arguments: @char **av@ = pointer to argument array (null terminated)
255 * Returns: A scanner source.
257 * Use: Creates a new scanner source for reading from an @argv@
261 extern scansrc *scan_argv(char **/*av*/);
265 * Arguments: @scanner *sc@ = pointer to main scanner context
267 * Returns: Character read, or end-of-file.
269 * Use: Scans a character from a source of characters.
272 extern int scan(scanner */*sc*/);
274 /* --- @unscan@ --- *
276 * Arguments: @scanner *sc@ = pointer to main scanner context
277 * @int ch@ = character to unscan
281 * Use: Scans a character from a source of characters.
284 extern void unscan(scanner */*sc*/, int /*ch*/);
286 /* --- @scan_push@ --- *
288 * Arguments: @scanner *sc@ = pointer to main scanner context
289 * @scansrc *ss@ = souorce to push
293 * Use: Pushes a scanner source onto the front of the queue.
296 extern void scan_push(scanner */*sc*/, scansrc */*ss*/);
298 /* --- @scan_add@ --- *
300 * Arguments: @scanner *sc@ = pointer to main scanner context
301 * @scansrc *ss@ = souorce to push
305 * Use: Adds a scanner source onto the end of the queue.
308 extern void scan_add(scanner */*sc*/, scansrc */*ss*/);
310 /* --- @scan_create@ --- *
312 * Arguments: @scanner *sc@ = scanner context to initialize
316 * Use: Initializes a scanner block ready for use.
319 extern void scan_create(scanner */*sc*/);
321 /* --- @scan_destroy@ --- *
323 * Arguments: @scanner *sc@ = pointer to scanner context
327 * Use: Destroys a scanner and all the sources attached to it.
330 extern void scan_destroy(scanner */*sc*/);
332 /*----- Configuration parsing ---------------------------------------------*/
334 /* --- Magical constants --- */
336 #define CTOK_EOF (-1)
337 #define CTOK_WORD 256
339 /* --- @conf_undelim@ --- *
341 * Arguments: @scanner *sc@ = pointer to scanner definition
342 * @const char *d, *dd@ = pointer to characters to escape
346 * Use: Modifies the tokenizer. Characters in the first list will
347 * always be considered to begin a word. Characters in the
348 * second list will always be allowed to continue a word.
351 extern void conf_undelim(scanner */*sc*/,
352 const char */*d*/, const char */*dd*/);
356 * Arguments: @scanner *sc@ = pointer to scanner definition
358 * Returns: Type of token scanned.
360 * Use: Reads the next token from the character scanner.
363 extern int token(scanner */*sc*/);
367 * Arguments: @scanner *sc@ = pointer to scanner definition
368 * @const char *msg@ = message skeleton string
369 * @...@ = extra arguments for the skeleton
373 * Use: Reports an error at the current scanner location.
376 extern void error(scanner */*sc*/, const char */*msg*/, ...);
378 /* --- @pushback@ --- *
380 * Arguments: @scanner *sc@ = pointer to scanner definition
384 * Use: Pushes the current token back. This is normally a precursor
385 * to pushing a new scanner source.
388 extern void pushback(scanner */*sc*/);
390 /* --- @conf_enum@ --- *
392 * Arguments: @scanner *sc@ = pointer to a scanner object
393 * @const char *list@ = comma-separated things to allow
394 * @unsigned @f = flags for the search
395 * @const char *err@ = error message if not found
397 * Returns: Index into list, zero-based, or @-1@.
399 * Use: Checks whether the current token is a string which matches
400 * one of the comma-separated items given. The return value is
401 * the index (zero-based) of the matched string in the list.
403 * The flags control the behaviour if no exact match is found.
404 * If @ENUM_ABBREV@ is set, and the current token is a left
405 * substring of exactly one of the possibilities, then that one
406 * is chosen. If @ENUM_NONE@ is set, the value @-1@ is
407 * returned; otherwise an error is reported and the program is
411 #define ENUM_ABBREV 1u
414 extern int conf_enum(scanner */*sc*/, const char */*list*/,
415 unsigned /*flags*/, const char */*err*/);
417 /* --- @conf_prefix@ --- *
419 * Arguments: @scanner *sc@ = pointer to a scanner object
420 * @const char *p@ = pointer to prefix string to check
422 * Returns: Nonzero if the prefix matches.
424 * Use: If the current token is a word matching the given prefix
425 * string, then it and an optional `.' character are removed and
426 * a nonzero result is returned. Otherwise the current token is
427 * left as it is, and zero is returned.
429 * Typical options parsing code would remove an expected prefix,
430 * scan an option anyway (since qualifying prefixes are
431 * optional) and if a match is found, claim the option. If no
432 * match is found, and a prefix was stripped, then an error
433 * should be reported.
436 extern int conf_prefix(scanner */*sc*/, const char */*p*/);
438 /* --- @CONF_BEGIN@, @CONF_END@ --- *
440 * Arguments: @sc@ = scanner to read from
441 * @prefix@ = prefix to scan for
442 * @desc@ = description of what we're parsing
444 * Use: Bracket an options parsing routine. The current token is
445 * checked to see whether it matches the prefix. If so, it is
446 * removed and the following token examined. If that's a `.'
447 * then it's removed. If it's a `{' then the enclosed
448 * option-parsing code is executed in a loop until a matching
449 * '}' is found. If the options parser doesn't accept an
450 * option, the behaviour is dependent on whether a prefix was
451 * seen: if so, an error is reported; otherwse a zero return is
460 #define CONF_BEGIN(sc, prefix, desc) do { \
461 scanner *_conf_sc = (sc); \
462 const char *_conf_desc = (desc); \
463 int _conf_state = CS_PLAIN; \
465 /* --- Read the initial prefix --- */ \
467 if (_conf_sc->t == CTOK_WORD && \
468 strcmp(_conf_sc->d.buf, (prefix)) == 0) { \
470 _conf_state = CS_PREFIX; \
471 if (_conf_sc->t == '.') \
473 else if (_conf_sc->t == '{') { \
475 _conf_state = CS_BRACE; \
479 /* --- Ensure the next token is a word --- */ \
481 if (_conf_sc->t != CTOK_WORD) \
482 error(_conf_sc, "parse error, expected option keyword"); \
487 /* --- Reject an option --- * \
489 * We could get here as a result of an explicit @CONF_REJECT@ or \
490 * because the option wasn't accepted. \
495 if (_conf_state == CS_PLAIN) \
496 _conf_state = CS_UNKNOWN; \
498 error(_conf_sc, "unknown %s option `%s'", \
499 _conf_desc, _conf_sc->d.buf); \
502 /* --- Accept an option --- * \
504 * It's safe to drop through from above. Either an error will have \
505 * been reported, or the state is not @CS_BRACE@. \
509 if (_conf_state == CS_BRACE && _conf_sc->t == ';') \
511 } while (_conf_state == CS_BRACE && _conf_sc->t == CTOK_WORD); \
513 /* --- Check for a closing brace --- */ \
515 if (_conf_state == CS_BRACE) { \
516 if (_conf_sc->t == '}') \
519 error(_conf_sc, "parse error, expected `}'"); \
522 /* --- Return an appropriate value --- */ \
524 return (_conf_state != CS_UNKNOWN); \
527 /* --- @CONF_ACCEPT@, @CONF_REJECT@ --- *
531 * Use: Within an options parser (between @CONF_BEGIN@ and
532 * @CONF_END@), accept or reject an option.
535 #define CONF_ACCEPT goto _conf_accept
536 #define CONF_REJECT goto _conf_reject
538 /* --- @CONF_QUAL@ --- *
542 * Use: Evaluates to a nonzero value if the current option is
543 * qualified. This can be used to decide whether abbreviations
544 * for options should be accepted.
547 #define CONF_QUAL (_conf_state != CS_PLAIN)
549 /* --- @conf_name@ --- *
551 * Arguments: @scanner *sc@ = pointer to scanner
552 * @char delim@ = delimiter character to look for
553 * @dstr *d@ = pointer to dynamic string for output
557 * Use: Reads in a compound name consisting of words separated by
558 * delimiters. Leading and trailing delimiters are permitted,
559 * although they'll probably cause confusion if used. The name
560 * may be enclosed in square brackets if that helps at all.
562 * Examples of compound names are filenames (delimited by `/')
563 * and IP addresses (delimited by `.').
566 extern void conf_name(scanner */*sc*/, char /*delim*/, dstr */*d*/);
568 /*----- Reference-counted file descriptors --------------------------------*/
570 typedef struct reffd {
573 void (*proc)(void */*p*/);
577 /* --- @reffd_init@ --- *
579 * Arguments: @int fd@ = file descriptor
581 * Returns: Reference-counted file descriptor object.
583 * Use: Creates a refcounted file descriptor.
586 extern reffd *reffd_init(int /*fd*/);
588 /* --- @reffd_handler@ --- *
590 * Arguments: @reffd *r@ = pointer to reference counted filehandle
591 * @void (*proc)(void *p)@ = procedure to call
596 * Use: Sets the reference counted file descriptor to call @proc@
597 * when it is no longer required.
600 extern void reffd_handler(reffd */*r*/, void (*/*proc*/)(void */*p*/),
603 /* --- @reffd_inc@ --- *
605 * Arguments: @reffd *r@ = pointer to reference counted filehandle
609 * Use: Increments the reference count for a file descriptor.
612 #define REFFD_INC(r) do { (r)->ref++; } while (0)
614 extern void reffd_inc(reffd */*r*/);
616 /* --- @reffd_dec@ --- *
618 * Arguments: @reffd *r@ = pointer to reference counted filehandle
622 * Use: Decrements the reference count for a file descriptor.
625 #define REFFD_DEC(r) do { \
628 if (_r->ref == 0) { \
636 extern void reffd_dec(reffd */*r*/);
638 /*----- Sources, targets and endpoints ------------------------------------*/
640 /* --- Basic endpoint structure --- */
642 typedef struct endpt {
643 struct endpt_ops *ops; /* Pointer to operations table */
644 struct endpt *other; /* Pointer to sibling endpoint */
645 unsigned f; /* Various flags */
646 struct tango *t; /* Private data structure */
647 reffd *in, *out; /* File descriptors */
650 /* --- Endpoint flags --- */
652 #define EPF_PENDING 1u /* Endpoint creation in progress */
653 #define EPF_FILE 2u /* Endpoint smells like a file */
655 /* --- Endpoint operations table --- */
657 typedef struct endpt_ops {
659 /* --- @attach@ --- *
661 * Arguments: @endpt *e@ = pointer to endpoint to be attached
662 * @reffd *in, *out@ = input and output file descriptors
666 * Use: Instructs a non-file endpoint to attach itself to a pair of
670 void (*attach)(endpt */*e*/, reffd */*in*/, reffd */*out*/);
674 * Arguments: @endpt *e@ = pointer to endpoint in question
675 * @endpt *f@ = pointer to a file endpoint
679 * Use: Informs a non-file endpoint of a file endpoint which will
680 * want to be closed when it's finished with. At that time, the
681 * endpoint should arrange to have both itself and its partner
682 * closed. If no file is registered, the endpoint manager will
683 * close both endpoints itself.
686 void (*file)(endpt */*e*/, endpt */*f*/);
688 /* --- @wclose@ --- *
690 * Arguments: @endpt *e@ = endpoint to be partially closed
694 * Use: Announces that the endpoint will not be written to any more.
697 void (*wclose)(endpt */*e*/);
701 * Arguments: @endpt *e@ = endpoint to be closed
705 * Use: Completely closes an endpoint. The endpoint's data may be
706 * freed, although some endpoints may wish to delay freeing for
710 void (*close)(endpt */*e*/);
714 /* --- A basic target object --- */
716 typedef struct target {
717 struct target_ops *ops;
721 /* --- Forwarding target operations --- */
723 typedef struct target_ops {
724 const char *name; /* Name of this target */
726 /* --- @option@ --- *
728 * Arguments: @target *t@ = pointer to target object, or zero if global
729 * @scanner *sc@ = scanner to read from
731 * Returns: Nonzero to claim the option.
733 * Use: Handles an option string from the configuration file.
736 int (*option)(target */*t*/, scanner */*sc*/);
740 * Arguments: @scanner *sc@ = pointer to scanner to read from
742 * Returns: Pointer to a target object to claim, null to reject.
744 * Use: Parses a target description from the configuration file.
745 * Only the socket target is allowed to omit the prefix on a
746 * target specification.
749 target *(*read)(scanner */*sc*/);
751 /* --- @confirm@ --- *
753 * Arguments: @target *t@ = pointer to target
757 * Use: Confirms configuration of a target.
760 void (*confirm)(target */*t*/);
762 /* --- @create@ --- *
764 * Arguments: @target *t@ = pointer to target
765 * @const char *desc@ = description of connection
767 * Returns: Pointer to a created endpoint.
769 * Use: Generates a target endpoint for communication.
772 endpt *(*create)(target */*t*/, const char */*desc*/);
774 /* --- @destroy@ --- *
776 * Arguments: @target *t@ = pointer to target
780 * Use: Destroys a target.
783 void (*destroy)(target */*t*/);
787 /* --- A basic source object --- */
789 typedef struct source {
790 struct source *next, *prev;
791 struct source_ops *ops;
795 /* --- Forwarding source operations --- */
797 typedef struct source_ops {
798 const char *name; /* Name of this source */
800 /* --- @option@ --- *
802 * Arguments: @scanner *sc@ = scanner to read from
803 * @source *s@ = pointer to source object, or zero if global
805 * Returns: Nonzero to claim the option.
807 * Use: Handles an option string from the configuration file.
810 int (*option)(source */*s*/, scanner */*sc*/);
814 * Arguments: @scanner *sc@ = pointer to scanner to read from
816 * Returns: Pointer to a source object to claim, null to reject.
818 * Use: Parses a source description from the configuration file.
819 * Only the socket source is allowed to omit the prefix on a
820 * source specification.
823 source *(*read)(scanner */*sc*/);
825 /* --- @attach@ --- *
827 * Arguments: @source *s@ = pointer to source
828 * @scanner *sc@ = scanner (for error reporting)
829 * @target *t@ = pointer to target to attach
833 * Use: Attaches a target to a source.
836 void (*attach)(source */*s*/, scanner */*sc*/, target */*t*/);
838 /* --- @destroy@ --- *
840 * Arguments: @source *s@ = pointer to source
844 * Use: Destroys a source. Used when closing the system down, for
845 * example as a result of a signal.
848 void (*destroy)(source */*s*/);
852 /* --- @endpt_kill@ --- *
854 * Arguments: @endpt *a@ = an endpoint
858 * Use: Kills an endpoint. If the endpoint is joined to another, the
859 * other endpoint is also killed, as is the connection between
860 * them (and that's the tricky bit).
863 extern void endpt_kill(endpt */*a*/);
865 /* --- @endpt_killall@ --- *
871 * Use: Destroys all current endpoint connections. Used when
875 extern void endpt_killall(void);
877 /* --- @endpt_join@ --- *
879 * Arguments: @endpt *a@ = pointer to first endpoint
880 * @endpt *b@ = pointer to second endpoint
884 * Use: Joins two endpoints together.
887 extern void endpt_join(endpt */*a*/, endpt */*b*/);
889 /* --- @source_add@ --- *
891 * Arguments: @source *s@ = pointer to a source
895 * Use: Adds a source to the master list. Only do this for passive
896 * sources (e.g., listening sockets), not active sources (e.g.,
897 * executable programs).
900 extern void source_add(source */*s*/);
902 /* --- @source_remove@ --- *
904 * Arguments: @source *s@ = pointer to a source
908 * Use: Removes a source from the master list.
911 extern void source_remove(source */*s*/);
913 /* --- @source_killall@ --- *
919 * Use: Frees all sources.
922 extern void source_killall(void);
924 /*----- The exec source and target ----------------------------------------*/
926 extern source_ops xsource_ops;
927 extern target_ops xtarget_ops;
929 /* --- @exec_init@ --- *
935 * Use: Initializes the executable problem source and target.
938 extern void exec_init(void);
940 /*----- The file source and target ----------------------------------------*/
942 extern source_ops fsource_ops;
943 extern target_ops ftarget_ops;
945 /*----- The socket source and target --------------------------------------*/
947 extern source_ops ssource_ops;
948 extern target_ops starget_ops;
950 /* --- @starget_connected@ --- *
952 * Arguments: @int fd@ = file descriptor now ready for use
953 * @void *p@ = pointer to an endpoint structure
957 * Use: Handles successful connection of the target endpoint.
960 extern void starget_connected(int /*fd*/, void */*p*/);
962 /*----- Handling of file attributes ---------------------------------------*/
964 /* --- File attribute options structure --- */
966 typedef struct fattr {
972 /* --- Shared global options --- */
974 extern fattr fattr_global;
976 /* --- @fattr_init@ --- *
978 * Arguments: @fattr *f@ = pointer to file attributes
982 * Use: Initializes a set of file attributes to default values.
985 extern void fattr_init(fattr */*f*/);
987 /* --- @fattr_option@ --- *
989 * Arguments: @scanner *sc@ = pointer to scanner to read
990 * @fattr *f@ = pointer to file attributes to set
992 * Returns: Whether the option was clamed.
994 * Use: Reads file attributes from a scanner.
997 extern int fattr_option(scanner */*sc*/, fattr */*f*/);
999 /* --- @fattr_apply@ --- *
1001 * Arguments: @const char *file@ = pointer to filename
1002 * @fattr *f@ = pointer to attribute set
1004 * Returns: @-1@ if it failed.
1006 * Use: Applies file attributes to a file. For best results, try to
1007 * create the file with the right permissions and so on. This
1008 * call will fix everything up, but there are potential races
1009 * which might catch you out if you're not careful.
1012 extern int fattr_apply(const char */*file*/, fattr */*f*/);
1014 /*----- Making privileged connections -------------------------------------*/
1016 /* --- @privconn_split@ --- *
1018 * Arguments: @sel_state *s@ = select state
1022 * Use: Splits off the privileged binding code into a separate
1026 extern void privconn_split(sel_state */*s*/);
1028 /* --- @privconn_adddest@ --- *
1030 * Arguments: @struct in_addr peer@ = address to connect to
1031 * @unsigned port@ = port to connect to
1033 * Returns: Index for this destination address, or @-1@ if not
1036 * Use: Adds a valid destination for a privileged connection.
1039 extern int privconn_adddest(struct in_addr /*peer*/, unsigned /*port*/);
1041 /* --- @privconn_connect@ --- *
1043 * Arguments: @conn *c@ = connection structure to fill in
1044 * @sel_state *s@ = pointer to select state to attach to
1045 * @int i@ = address index to connect to
1046 * @struct in_addr bind@ = address to bind to
1047 * @void (*func)(int, void *)@ = function to call on connect
1048 * @void *p@ = argument for the function
1050 * Returns: Zero on success, @-1@ on failure.
1052 * Use: Sets up a privileged connection job.
1055 extern int privconn_connect(conn */*c*/, sel_state */*s*/,
1056 int /*i*/, struct in_addr /*bind*/,
1057 void (*/*func*/)(int, void *), void */*p*/);
1059 /*----- Identifying remote clients ----------------------------------------*/
1061 typedef struct id_req {
1062 struct sockaddr_in lsin; /* Local address of connection */
1063 struct sockaddr_in rsin; /* Remote address of connection */
1064 const char *desc; /* Description of connection */
1065 const char *act; /* Action taken by server */
1066 reffd *r; /* Pointer to file descriptor */
1069 /* --- @identify@ --- *
1071 * Arguments: @const id_req *q@ = pointer to request block
1075 * Use: Starts a background ident lookup and reverse-resolve job
1076 * which will, eventually, report a message to the system log.
1079 extern void identify(const id_req */*q*/);
1081 /*----- Host-based access control -----------------------------------------*/
1083 /* --- An access control entry --- */
1085 typedef struct acl_entry {
1086 struct acl_entry *next; /* Next entry in the list */
1087 const struct acl_ops *ops; /* Operations for the ACL entry */
1088 unsigned act; /* What to do with matching hosts */
1091 #define ACL_DENY 0 /* Deny access to matching conns */
1092 #define ACL_ALLOW 1 /* Allow access to matching conns */
1093 #define ACL_PERM 1u /* Bit mask for permission bit */
1095 /* --- Host-based access control --- */
1097 typedef struct acl_host {
1098 acl_entry a; /* Base structure */
1099 struct in_addr addr, mask; /* Address and netmask */
1102 /* --- ACL methods --- */
1104 typedef struct acl_ops {
1105 int (*check)(void */*a*/, struct in_addr /*addr*/, unsigned /*port*/);
1106 void (*dump)(void */*a*/, FILE */*fp*/);
1107 void (*free)(void */*a*/);
1110 /* --- @acl_check@ --- *
1112 * Arguments: @acl_entry *a@ = pointer to ACL to check against
1113 * @struct in_addr addr@ = address to check
1114 * @unsigned port@ = port number to check
1115 * @int *act@ = verdict (should initially be @ACT_ALLOW@)
1117 * Returns: Zero if undecided, nonzero if a rule matched.
1119 * Use: Checks an address against an ACL.
1122 extern int acl_check(acl_entry */*a*/,
1123 struct in_addr /*addr*/, unsigned /*port*/,
1126 /* --- @acl_dump@ --- *
1128 * Arguments: @acl_entry *a@ = pointer to ACL to dump
1129 * @FILE *fp@ = pointer to stream to dump on
1133 * Use: Dumps an access control list to an output stream.
1136 extern void acl_dump(acl_entry */*a*/, FILE */*fp*/);
1138 /* --- @acl_free@ --- *
1140 * Arguments: @acl_entry *a@ = pointer to a list of ACLs
1144 * Use: Frees all of the memory used by an ACL.
1147 extern void acl_free(acl_entry */*a*/);
1149 /* --- @acl_addhost@ --- *
1151 * Arguments: @acl_entry ***a@ = address of pointer to list tail
1152 * @unsigned act@ = what to do with matching addresses
1153 * @struct in_addr addr, mask@ = address and mask to match
1157 * Use: Adds a host-authentication entry to the end of an access
1161 extern void acl_addhost(acl_entry ***/*a*/, unsigned /*act*/,
1162 struct in_addr /*addr*/, struct in_addr /*mask*/);
1164 /* --- @acl_addpriv@ --- *
1166 * Arguments: @acl_entry ***a@ = address of pointer to list tail
1167 * @unsigned act@ = what to do with matching addresses
1171 * Use: Adds a privileged-port check to the end of an access control
1175 extern void acl_addpriv(acl_entry ***/*a*/, unsigned /*act*/);
1177 /*----- Network addresses -------------------------------------------------*/
1179 /* --- A generic socket address --- *
1181 * Not all systems understand @sa_len@ fields. (In particular, Linux
1182 * doesn't.) Some fairly ugly hacking is then performed on particular
1186 typedef struct addr {
1187 struct addr_ops *ops;
1191 #define ADDRSZ(sz) (sizeof(addr) + (sz))
1193 /* --- Address configuration --- *
1195 * An address family will want to extend this.
1198 typedef struct addr_opts {
1202 #define ADDRF_NOLOG 1u
1204 /* --- Address types --- *
1206 * For things like Internet addresses, source and destinations look
1216 /* --- Description of an address type handler --- */
1218 typedef struct addr_ops {
1219 const char *name; /* Protocol's internal name */
1223 * Arguments: @scanner *sc@ = pointer to scanner to read from
1224 * @unsigned type@ = type of address to be read
1226 * Returns: A filled-in socket address.
1228 * Use: Parses a textual representation of a socket address.
1231 addr *(*read)(scanner */*sc*/, unsigned /*type*/);
1233 /* --- @destroy@ --- *
1235 * Arguments: @addr *a@ = pointer to an address block
1239 * Use: Disposes of an address block in some suitable fashion.
1242 void (*destroy)(addr */*a*/);
1244 /* --- @print@ --- *
1246 * Arguments: @addr *a@ = pointer to socket address to read
1247 * @unsigned type@ = type of address to be written
1248 * @dstr *d@ = string on which to write the description
1252 * Use: Writes a textual representation of a socket address to
1256 void (*print)(addr */*a*/, unsigned /*type*/, dstr */*d*/);
1258 /* --- @initsrcopts@ --- *
1262 * Returns: A pointer to a protocol-specific data block for a listener
1264 * Use: Creates a data block for a listener. This is attached to the
1265 * listener data structure. Options can then be requested, and
1266 * are added to the block when necessary.
1269 addr_opts *(*initsrcopts)(void);
1271 /* --- @option@ --- *
1273 * Arguments: @scanner *sc@ = pointer to a scanner to read from
1274 * @unsigned type@ = kind of option this is
1275 * @addr_opts *ao@ = data block to modify (from @init@), or null
1277 * Returns: Nonzero to claim the option.
1279 * Use: Parses a source option, either global or listener-specific.
1282 int (*option)(scanner */*sc*/, addr_opts */*ao*/, unsigned /*type*/);
1284 /* --- @confirm@ --- *
1286 * Arguments: @addr *a@ = pointer to an address structure
1287 * @unsigned type@ = kind of address this is
1288 * @addr_opts *ao@ = address options
1292 * Use: Called during initialization when an address is fully
1296 void (*confirm)(addr */*a*/, unsigned /*type*/, addr_opts */*ao*/);
1298 /* --- @freesrcopts@ --- *
1300 * Arguments: @addr_opts *ao@ = data block to remove
1304 * Use: Throws away all the configuration data for an address type.
1307 void (*freesrcopts)(addr_opts */*ao*/);
1311 * Arguments: @addr *a@ = the address to bind to
1312 * @addr_opts *ao@ = the address options
1314 * Returns: File descriptor of bound socket if OK, or @-1@ on error.
1316 * Use: Binds a listening socket. The tedious stuff with @listen@
1320 int (*bind)(addr */*a*/, addr_opts */*ao*/);
1322 /* --- @unbind@ --- *
1324 * Arguments: @addr *a@ = pointer to an address
1328 * Use: Unbinds an address. This is used when tidying up. The main
1329 * purpose is to let the Unix-domain handler remove its socket
1330 * node from the filesystem.
1333 void (*unbind)(addr */*a*/);
1335 /* --- @accept@ --- *
1337 * Arguments: @int fd@ = listening file descriptor
1338 * @addr_opts *ao@ = data block to get configuration from
1339 * @const char *desc@ = description of the listener
1341 * Returns: Pointer to a reference counted file descriptor.
1343 * Use: Accepts, verifies and logs an incoming connection.
1346 reffd *(*accept)(int /*fd*/, addr_opts */*ao*/, const char */*desc*/);
1348 /* --- @inittargopts@ --- *
1352 * Returns: A pointer to a protocol-specific data block for a connecter
1354 * Use: Creates a data block for a target. This is attached to the
1355 * target data structure. Options can then be requested, and
1356 * are added to the block when necessary.
1359 addr_opts *(*inittargopts)(void);
1361 /* --- @freetargopts@ --- *
1363 * Arguments: @addr_opts *ao@ = data block to remove
1367 * Use: Throws away all the configuration data for an address type.
1370 void (*freetargopts)(addr_opts */*ao*/);
1372 /* --- @connect@ --- *
1374 * Arguments: @addr *a@ = destination address
1375 * @addr_opts *ao@ = target address options
1376 * @conn *c@ = connection structure
1377 * @endpt *e@ = endpoint structure
1379 * Returns: Zero if OK, @-1@ on some error.
1381 * Use: Requests that a connection be made, or at least set in
1382 * motion. An address may do one of these things:
1386 * * Call @starget_connected@ with @-1@ or a connected file
1387 * descriptor and the pointer @e@.
1389 * * Call @conn_init@ or @conn_fd@, giving @starget_connected@
1390 * and @e@ as the function to call.
1393 int (*connect)(addr */*a*/, addr_opts */*ao*/, conn */*c*/, endpt */*e*/);
1397 /* --- Address types --- */
1399 extern addr_ops un_ops;
1400 extern addr_ops inet_ops;
1402 /*----- That's all, folks -------------------------------------------------*/
~mdw / fwd / blob