X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~mdw/git/tripe/blobdiff_plain/1ecee057f9c3195b5844fd78258222b89bb1bf82..de014da64011b21929158b746803d69cbfb05ee6:/admin.c diff --git a/admin.c b/admin.c index a1292403..92ea0a64 100644 --- a/admin.c +++ b/admin.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: admin.c,v 1.9 2004/04/03 10:22:10 mdw Exp $ + * $Id$ * * Admin interface for configuration * @@ -26,43 +26,6 @@ * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: admin.c,v $ - * Revision 1.9 2004/04/03 10:22:10 mdw - * Don't warn about boring errors from @accept@. - * - * Revision 1.8 2003/04/06 10:25:17 mdw - * Support Linux TUN/TAP device. Fix some bugs. - * - * Revision 1.7 2002/01/13 14:57:33 mdw - * Track @lbuf@ and @dstr_vputf@ changes in mLib. - * - * Revision 1.6 2001/02/19 19:11:09 mdw - * Output buffering on admin connections. - * - * Revision 1.5 2001/02/16 21:22:51 mdw - * Support for displaying statistics. Make client connections blocking, so - * that things don't get dropped. (This might change again if I add - * buffering.) - * - * Revision 1.4 2001/02/06 09:34:53 mdw - * Change ERR response to FAIL for consistency with other programs. - * - * Revision 1.3 2001/02/04 01:17:12 mdw - * The `DAEMON' notification to stdout is replaced by a warning. The - * `DAEMON' and `QUIT' command send `OK' on successful completion. Put - * assignment of sequence number in a T(...) guard. - * - * Revision 1.2 2001/02/03 22:40:29 mdw - * Put timer information into the entropy pool when packets are received - * and on similar events. Reseed the generator on the interval timer. - * - * Revision 1.1 2001/02/03 20:26:37 mdw - * Initial checkin. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "tripe.h" @@ -87,6 +50,14 @@ const trace_opt tr_opts[] = { unsigned tr_flags = 0; #endif +static const trace_opt w_opts[] = { + { 't', AF_TRACE, "trace messages" }, + { 'n', AF_NOTE, "asynchronous notifications" }, + { 'w', AF_WARN, "warnings" }, + { 'A', AF_ALLMSGS, "all of the above" }, + { 0, 0, 0 } +}; + /*----- Static variables --------------------------------------------------*/ static admin *admins; @@ -100,6 +71,7 @@ static sig s_term, s_int, s_hup; #define F_INIT 2u #define T_RESOLVE SEC(30) +#define T_PING SEC(5) static void a_destroy(admin */*a*/); static void a_lock(admin */*a*/); @@ -137,49 +109,33 @@ again: goto again; if (errno != EAGAIN && errno != EWOULDBLOCK) { a_destroy(a); - a_warn("disconnecting admin client due to write errors: %s", - strerror(errno)); + a_warn("ADMIN client-read-error -- %s", strerror(errno)); return (-1); } } return (done); } -/* --- @dosend@ --- * +/* --- @doqueue@ -- * * - * Arguemnts: @admin *a@ = pointer to an admin block + * Arguments: @oqueue *q@ = pointer to output queue * @const char *p@ = pointer to buffer to write - * @size_t sz@ = size of data to write + * @size_t sz@ = size of buffer * - * Returns: --- + * Returns: Nonzero if the queue was previously empty. * - * Use: Sends data to an admin client. + * Use: Queues data to be written later. */ -static void dosend(admin *a, const char *p, size_t sz) +static int doqueue(oqueue *q, const char *p, size_t sz) { - ssize_t n; obuf *o; + int rc = 0; + size_t n; - if (a->f & AF_DEAD) - return; - - /* --- Try to send the data immediately --- */ - - if (!a->o_head) { - if ((n = trywrite(a, p, sz)) < 0) - return; - p += n; - sz -= n; - if (!sz) - return; - } - - /* --- Fill buffers with the data until it's all gone --- */ - - o = a->o_tail; + o = q->tl; if (!o) - sel_addfile(&a->w); + rc = 1; else if (o->p_in < o->buf + OBUFSZ) goto noalloc; @@ -187,11 +143,11 @@ static void dosend(admin *a, const char *p, size_t sz) o = xmalloc(sizeof(obuf)); o->next = 0; o->p_in = o->p_out = o->buf; - if (a->o_tail) - a->o_tail->next = o; + if (q->tl) + q->tl->next = o; else - a->o_head = o; - a->o_tail = o; + q->hd = o; + q->tl = o; noalloc: n = o->buf + OBUFSZ - o->p_in; @@ -202,6 +158,37 @@ static void dosend(admin *a, const char *p, size_t sz) p += n; sz -= n; } while (sz); + + return (rc); +} + +/* --- @dosend@ --- * + * + * Arguemnts: @admin *a@ = pointer to an admin block + * @const char *p@ = pointer to buffer to write + * @size_t sz@ = size of data to write + * + * Returns: --- + * + * Use: Sends data to an admin client. + */ + +static void dosend(admin *a, const char *p, size_t sz) +{ + ssize_t n; + + if (a->f & AF_DEAD) + return; + if (!a->out.hd) { + if ((n = trywrite(a, p, sz)) < 0) + return; + p += n; + sz -= n; + if (!sz) + return; + } + if (doqueue(&a->out, p, sz)) + sel_addfile(&a->w); } /* --- @a_flush@ --- * @@ -221,7 +208,7 @@ static void a_flush(int fd, unsigned mode, void *v) obuf *o, *oo; ssize_t n; - o = a->o_head; + o = a->out.hd; while (o) { if ((n = trywrite(a, o->p_out, o->p_in - o->p_out)) < 0) return; @@ -232,19 +219,22 @@ static void a_flush(int fd, unsigned mode, void *v) o = o->next; xfree(oo); } - a->o_head = o; + a->out.hd = o; if (!o) { - a->o_tail = 0; + a->out.tl = 0; sel_rmfile(&a->w); } } /*----- Utility functions -------------------------------------------------*/ -/* --- @a_write@ --- * +/* --- @a_write@, @a_vwrite@ --- * * * Arguments: @admin *a@ = admin connection to write to + * @const char *status@ = status code to report + * @const char *tag@ = tag string, or null * @const char *fmt@ = pointer to format string + * @va_list ap@ = arguments in list * @...@ = other arguments * * Returns: --- @@ -252,17 +242,128 @@ static void a_flush(int fd, unsigned mode, void *v) * Use: Sends a message to an admin connection. */ -static void a_write(admin *a, const char *fmt, ...) +static void a_vwrite(admin *a, const char *status, const char *tag, + const char *fmt, va_list ap) { - va_list ap; dstr d = DSTR_INIT; + + if (tag) dstr_puts(&d, "BG"); + dstr_puts(&d, status); + if (tag) { + dstr_putc(&d, ' '); + dstr_puts(&d, tag); + } + if (fmt) { + dstr_putc(&d, ' '); + dstr_vputf(&d, fmt, &ap); + } + dstr_putc(&d, '\n'); + dosend(a, d.buf, d.len); + dstr_destroy(&d); +} + +static void a_write(admin *a, const char *status, const char *tag, + const char *fmt, ...) +{ + va_list ap; va_start(ap, fmt); - dstr_vputf(&d, fmt, &ap); + a_vwrite(a, status, tag, fmt, ap); va_end(ap); - dosend(a, d.buf, d.len); +} + +/* --- @a_ok@, @a_info@, @a_fail@ --- * + * + * Arguments: @admin *a@ = connection + * @const char *fmt@ = format string + * @...@ = other arguments + * + * Returns: --- + * + * Use: Convenience functions for @a_write@. + */ + +static void a_ok(admin *a) { a_write(a, "OK", 0, 0); } + +static void a_info(admin *a, const char *fmt, ...) +{ + va_list ap; + va_start(ap, fmt); + a_vwrite(a, "INFO", 0, fmt, ap); + va_end(ap); +} + +static void a_fail(admin *a, const char *fmt, ...) +{ + va_list ap; + va_start(ap, fmt); + a_vwrite(a, "FAIL", 0, fmt, ap); + va_end(ap); +} + +/* --- @a_alert@, @a_valert@, @a_rawalert@ --- * + * + * Arguments: @unsigned f_and, f_eq@ = filter for connections + * @const char *status@ = status string + * @const char *fmt@ = pointer to format string + * @const char *p@ = pointer to raw string + * @size_t sz@ = size of raw string + * @va_list ap@ = arguments in list + * @...@ = other arguments + * + * Returns: --- + * + * Use: Write a message to all admin connections matched by the given + * filter. + */ + +static void a_rawalert(unsigned f_and, unsigned f_eq, const char *status, + const char *p, size_t sz) +{ + admin *a, *aa; + dstr d = DSTR_INIT; + + if (!(flags & F_INIT)) + return; + dstr_puts(&d, status); + if (p) { + dstr_putc(&d, ' '); + dstr_putm(&d, p, sz); + } + dstr_putc(&d, '\n'); + p = d.buf; + sz = d.len; + for (a = admins; a; a = aa) { + aa = a->next; + if ((a->f & f_and) == f_eq) + dosend(a, d.buf, d.len); + } dstr_destroy(&d); } +static void a_valert(unsigned f_and, unsigned f_eq, const char *tag, + const char *fmt, va_list ap) +{ + dstr d = DSTR_INIT; + + if (!(flags & F_INIT)) + return; + if (fmt) + dstr_vputf(&d, fmt, &ap); + a_rawalert(f_and, f_eq, tag, fmt ? d.buf : 0, fmt ? d.len : 0); + dstr_destroy(&d); +} + +#if 0 /*unused*/ +static void a_alert(unsigned f_and, unsigned f_eq, const char *tag, + const char *fmt, ...) +{ + va_list ap; + va_start(ap, fmt); + a_valert(f_and, f_eq, tag, fmt, ap); + va_end(ap); +} +#endif + /* --- @a_warn@ --- * * * Arguments: @const char *fmt@ = pointer to format string @@ -276,24 +377,16 @@ static void a_write(admin *a, const char *fmt, ...) void a_warn(const char *fmt, ...) { va_list ap; - admin *a, *aa; - dstr d = DSTR_INIT; - if (flags & F_INIT) - dstr_puts(&d, "WARN "); va_start(ap, fmt); - dstr_vputf(&d, fmt, &ap); - va_end(ap); - if (!(flags & F_INIT)) - moan("%s", d.buf); + if (flags & F_INIT) + a_valert(0, 0, "WARN", fmt, ap); else { - dstr_putc(&d, '\n'); - for (a = admins; a; a = aa) { - aa = a->next; - dosend(a, d.buf, d.len); - } + fprintf(stderr, "%s: ", QUIS); + vfprintf(stderr, fmt, ap); + fputc('\n', stderr); } - dstr_destroy(&d); + va_end(ap); } /* --- @a_trace@ --- * @@ -304,25 +397,33 @@ void a_warn(const char *fmt, ...) * * Returns: --- * - * Use: Custom trace output handler. + * Use: Custom trace output handler. Sends trace messages to + * interested admin connections. */ #ifndef NTRACE static void a_trace(const char *p, size_t sz, void *v) + { a_rawalert(AF_TRACE, AF_TRACE, "TRACE", p, sz); } +#endif + +/* --- @a_notify@ --- * + * + * Arguments: @const char *fmt@ = pointer to format string + * @...@ = other arguments + * + * Returns: --- + * + * Use: Sends a notification to interested admin connections. + */ + +void a_notify(const char *fmt, ...) { - dstr d = DSTR_INIT; - admin *a, *aa; + va_list ap; - dstr_puts(&d, "TRACE "); - dstr_putm(&d, p, sz); - dstr_putc(&d, '\n'); - for (a = admins; a; a = aa) { - aa = a->next; - dosend(a, d.buf, d.len); - } - dstr_destroy(&d); + va_start(ap, fmt); + a_valert(AF_NOTE, AF_NOTE, "NOTE", fmt, ap); + va_end(ap); } -#endif /* --- @a_quit@ --- * * @@ -335,8 +436,12 @@ static void a_trace(const char *p, size_t sz, void *v) void a_quit(void) { + peer *p; + close(sock.fd); unlink(sockname); + while ((p = p_first()) != 0) + p_destroy(p); exit(0); } @@ -359,11 +464,11 @@ static void a_sigdie(int sig, void *v) case SIGTERM: p = "SIGTERM"; break; case SIGINT: p = "SIGINT"; break; default: - sprintf(buf, "signal %i", sig); + sprintf(buf, "%i", sig); p = buf; break; } - a_warn("shutting down on %s", p); + a_warn("SERVER quit signal %s", p); a_quit(); } @@ -379,70 +484,226 @@ static void a_sigdie(int sig, void *v) static void a_sighup(int sig, void *v) { - a_warn("received SIGHUP: ignoring"); + a_warn("SERVER ignore signal SIGHUP"); +} + +/* --- @a_parsetime@ --- * + * + * Arguments; @const char *p@ = time string to parse + * + * Returns: Time in seconds, or @< 0@ on error. + */ + +static long a_parsetime(const char *p) +{ + char *q; + long t = strtol(p, &q, 0); + + switch (*q) { + case 'd': t *= 24; + case 'h': t *= 60; + case 'm': t *= 60; + case 's': if (q[1] != 0) + default: t = -1; + case 0: break; + } + return (t); +} + +/*----- Backgrounded operations -------------------------------------------*/ + +/* --- @a_bgrelease@ --- * + * + * Arguments: @admin_bgop *bg@ = backgrounded operation + * + * Returns: --- + * + * Use: Removes a backgrounded operation from the queue, since + * (presumably) it's done. + */ + +static void a_bgrelease(admin_bgop *bg) +{ + admin *a = bg->a; + + if (bg->tag) + xfree(bg->tag); + else + selbuf_enable(&a->b); + if (bg->next) + bg->next->prev = bg->prev; + if (bg->prev) + bg->prev->next = bg->next; + else + a->bg = bg->next; + xfree(bg); + if (a->f & AF_CLOSE) + a_destroy(a); +} + +/* --- @a_bgok@, @a_bginfo@, @a_bgfail@ --- * + * + * Arguments: @admin_bgop *bg@ = backgrounded operation + * @const char *fmt@ = format string + * @...@ = other arguments + * + * Returns: --- + * + * Use: Convenience functions for @a_write@. + */ + +static void a_bgok(admin_bgop *bg) + { a_write(bg->a, "OK", bg->tag, 0); } + +static void a_bginfo(admin_bgop *bg, const char *fmt, ...) +{ + va_list ap; + va_start(ap, fmt); + a_vwrite(bg->a, "INFO", bg->tag, fmt, ap); + va_end(ap); +} + +static void a_bgfail(admin_bgop *bg, const char *fmt, ...) +{ + va_list ap; + va_start(ap, fmt); + a_vwrite(bg->a, "FAIL", bg->tag, fmt, ap); + va_end(ap); +} + +/* --- @a_bgadd@ --- * + * + * Arguments: @admin *a@ = administration connection + * @admin_bgop *bg@ = pointer to background operation + * @const char *tag@ = background tag, or null for foreground + * @void (*cancel)(admin_bgop *)@ = cancel function + * + * Returns: --- + * + * Use: Links a background job into the list. + */ + +static void a_bgadd(admin *a, admin_bgop *bg, const char *tag, + void (*cancel)(admin_bgop *)) +{ + if (tag) + bg->tag = xstrdup(tag); + else { + bg->tag = 0; + selbuf_disable(&a->b); + } + bg->a = a; + bg->cancel = cancel; + bg->next = a->bg; + bg->prev = 0; + a->bg = bg; + if (tag) a_write(a, "DETACH", tag, 0); } /*----- Adding peers ------------------------------------------------------*/ + +/* --- @a_addfree@ --- * + * + * Arguments: @admin_addop *add@ = operation block + * + * Returns: --- + * + * Use: Frees an add operation. + */ + +static void a_addfree(admin_addop *add) +{ + if (add->peer.name) xfree(add->peer.name); + if (add->paddr) xfree(add->paddr); +} + +/* --- @a_addcancel@ --- * + * + * Arguments: @admin_bgop *bg@ = background operation + * + * Returns: --- + * + * Use: Cancels an add operation. + */ + +static void a_addcancel(admin_bgop *bg) +{ + admin_addop *add = (admin_addop *)bg; + + sel_rmtimer(&add->t); + bres_abort(&add->r); + a_addfree(add); +} + +/* --- @a_doadd@ --- * + * + * Arguments: @admin_addop *add@ = operation block + * + * Returns: --- + * + * Use: Does the peer add thing. + */ + +static void a_doadd(admin_addop *add) +{ + if (p_find(add->peer.name)) + a_bgfail(&add->bg, "peer-exists %s", add->peer.name); + else if (!p_create(&add->peer)) + a_bgfail(&add->bg, "peer-create-fail %s", add->peer.name); + else + a_bgok(&add->bg); +} -/* --- @a_resolve@ --- * +/* --- @a_addresolve@ --- * * * Arguments: @struct hostent *h@ = pointer to resolved hostname - * @void *v@ = pointer to admin block + * @void *v@ = pointer to add operation * * Returns: --- * * Use: Handles a completed name resolution. */ -static void a_resolve(struct hostent *h, void *v) +static void a_addresolve(struct hostent *h, void *v) { - admin *a = v; + admin_addop *add = v; - a_lock(a); - T( trace(T_ADMIN, "admin: %u resolved", a->seq); ) + a_lock(add->bg.a); + T( trace(T_ADMIN, "admin: %u resolved", add->bg.a->seq); ) TIMER; - sel_rmtimer(&a->t); if (!h) - a_write(a, "FAIL couldn't resolve hostname `%s'\n", a->paddr); - else if (p_find(a->pname)) - a_write(a, "FAIL peer `%s' already registered\n", a->pname); + a_bgfail(&add->bg, "resolve-error %s", add->paddr); else { - memcpy(&a->peer.sin.sin_addr, h->h_addr, sizeof(struct in_addr)); - if (!p_create(a->pname, &a->peer.sa, a->sasz)) - a_write(a, "FAIL couldn't create peer\n"); - else - a_write(a, "OK\n"); + memcpy(&add->peer.sa.sin.sin_addr, h->h_addr, sizeof(struct in_addr)); + a_doadd(add); } - xfree(a->pname); - xfree(a->paddr); - a->pname = 0; - selbuf_enable(&a->b); - a_unlock(a); + sel_rmtimer(&add->t); + a_addfree(add); + a_bgrelease(&add->bg); + a_unlock(add->bg.a); } -/* --- @a_timer@ --- * +/* --- @a_addtimer@ --- * * * Arguments: @struct timeval *tv@ = timer - * @void *v@ = pointer to admin block + * @void *v@ = pointer to add operation * * Returns: --- * * Use: Times out a resolver. */ -static void a_timer(struct timeval *tv, void *v) +static void a_addtimer(struct timeval *tv, void *v) { - admin *a = v; - - a_lock(a); - T( trace(T_ADMIN, "admin: %u resolver timeout", a->seq); ) - bres_abort(&a->r); - a_write(a, "FAIL timeout resolving `%s'\n", a->paddr); - xfree(a->pname); - xfree(a->paddr); - a->pname = 0; - selbuf_enable(&a->b); - a_unlock(a); + admin_addop *add = v; + + a_lock(add->bg.a); + T( trace(T_ADMIN, "admin: %u resolver timeout", add->bg.a->seq); ) + a_bgfail(&add->bg, "resolver-timeout %s\n", add->paddr); + bres_abort(&add->r); + a_addfree(add); + a_bgrelease(&add->bg); + a_unlock(add->bg.a); } /* --- @acmd_add@ --- * @@ -460,82 +721,281 @@ static void acmd_add(admin *a, unsigned ac, char *av[]) { unsigned long pt; struct timeval tv; + unsigned i, j; char *p; + const char *tag = 0; + admin_addop *add = 0; /* --- Make sure someone's not got there already --- */ if (p_find(av[0])) { - a_write(a, "FAIL peer `%s' already registered\n", av[0]); - return; + a_fail(a, "peer-exists %s", av[0]); + goto fail; + } + + /* --- Set stuff up --- */ + + add = xmalloc(sizeof(*add)); + add->peer.name = xstrdup(av[0]); + add->peer.t_ka = 0; + add->peer.tops = tun_default; + add->paddr = 0; + + /* --- Parse options --- */ + + i = 1; + for (;;) { + if (!av[i]) + goto bad_syntax; + if (mystrieq(av[i], "-background")) { + if (!av[++i]) goto bad_syntax; + tag = av[i]; + } else if (mystrieq(av[i], "-tunnel")) { + if (!av[++i]) goto bad_syntax; + for (j = 0;; j++) { + if (!tunnels[j]) { + a_fail(a, "unknown-tunnel %s", av[i]); + return; + } + if (mystrieq(av[i], tunnels[j]->name)) { + add->peer.tops = tunnels[j]; + break; + } + } + } else if (mystrieq(av[i], "-keepalive")) { + long t; + if (!av[++i]) goto bad_syntax; + if ((t = a_parsetime(av[i])) < 0) { + a_fail(a, "bad-time-spec %s", av[i]); + return; + } + add->peer.t_ka = t; + } else if (mystrieq(av[i], "--")) { + i++; + break; + } else + break; + i++; } /* --- Fill in the easy bits of address --- */ - BURN(a->peer); - a->peer.sin.sin_family = AF_INET; - a->sasz = sizeof(a->peer.sin); - pt = strtoul(av[2], &p, 0); + if (mystrieq(av[i], "inet")) i++; + if (ac - i != 2) { + a_fail(a, "bad-syntax -- add PEER [OPTIONS] [inet] ADDRESS PORT"); + goto fail; + } + add->peer.sa.sin.sin_family = AF_INET; + add->peer.sasz = sizeof(add->peer.sa.sin); + add->paddr = xstrdup(av[i]); + pt = strtoul(av[i + 1], &p, 0); if (*p) { - struct servent *s = getservbyname(av[2], "udp"); + struct servent *s = getservbyname(av[i + 1], "udp"); if (!s) { - a_write(a, "FAIL service `%s' not known\n", av[2]); - return; + a_fail(a, "unknown-service %s", av[i + 1]); + goto fail; } pt = ntohs(s->s_port); } if (pt == 0 || pt >= 65536) { - a_write(a, "FAIL bad port number %lu\n", pt); - return; + a_fail(a, "invalid-port %lu", pt); + goto fail; } - a->peer.sin.sin_port = htons(pt); + add->peer.sa.sin.sin_port = htons(pt); + + /* --- Report backgrounding --- * + * + * Do this for consistency of interface, even if we're going to get the + * answer straight away. + */ + + a_bgadd(a, &add->bg, tag, a_addcancel); /* --- If the name is numeric, do it the easy way --- */ - if (inet_aton(av[1], &a->peer.sin.sin_addr)) { - if (!p_create(av[0], &a->peer.sa, a->sasz)) - a_write(a, "FAIL couldn't create peer\n"); - else - a_write(a, "OK\n"); + if (inet_aton(av[i], &add->peer.sa.sin.sin_addr)) { + a_doadd(add); + a_addfree(add); + a_bgrelease(&add->bg); return; } - /* --- Store everything for later and crank up the resolver --- * - * - * We disable the line buffer until the resolver completes (or times out). - * This prevents other commands on the same connection (though the rest of - * the system continues regardless), but makes life simpler for the client. - */ + /* --- Store everything for later and crank up the resolver --- */ - a->pname = xstrdup(av[0]); - a->paddr = xstrdup(av[1]); - selbuf_disable(&a->b); gettimeofday(&tv, 0); tv.tv_sec += T_RESOLVE; - sel_addtimer(&sel, &a->t, &tv, a_timer, a); - bres_byname(&a->r, a->paddr, a_resolve, a); + sel_addtimer(&sel, &add->t, &tv, a_addtimer, add); + bres_byname(&add->r, add->paddr, a_addresolve, add); T( trace(T_ADMIN, "admin: %u resolving hostname `%s'", - a->seq, a->paddr); ) + a->seq, add->paddr); ) + return; + +bad_syntax: + a_fail(a, "bad-syntax -- add PEER [OPTIONS] ADDR ..."); +fail: + if (add) { + a_addfree(add); + xfree(add); + } + return; +} + +/*----- Ping --------------------------------------------------------------*/ + +/* --- @a_pingcancel@ --- * + * + * Arguments: @admin_bgop *bg@ = background operation block + * + * Returns: --- + * + * Use: Cancels a running ping. + */ + +static void a_pingcancel(admin_bgop *bg) +{ + admin_pingop *pg = (admin_pingop *)bg; + p_pingdone(&pg->ping, PING_NONOTIFY); +} + +/* --- @a_pong@ --- * + * + * Arguments: @int rc@ = return code + * @void *v@ = ping operation block + * + * Returns: --- + * + * Use: Collects what happened to a ping message. + */ + +static void a_pong(int rc, void *v) +{ + admin_pingop *pg = v; + struct timeval tv; + double millis; + + a_lock(pg->bg.a); + switch (rc) { + case PING_OK: + gettimeofday(&tv, 0); + tv_sub(&tv, &tv, &pg->pingtime); + millis = (double)tv.tv_sec * 1000 + (double)tv.tv_usec/1000; + a_bginfo(&pg->bg, "ping-ok %.1f", millis); + a_bgok(&pg->bg); + break; + case PING_TIMEOUT: + a_bginfo(&pg->bg, "ping-timeout"); + a_bgok(&pg->bg); + break; + case PING_PEERDIED: + a_bginfo(&pg->bg, "ping-peer-died"); + a_bgok(&pg->bg); + break; + default: + abort(); + } + a_bgrelease(&pg->bg); + a_unlock(pg->bg.a); } +/* --- @acmd_ping@, @acmd_eping@ --- * + * + * Arguments: @admin *a@ = connection which requested the ping + * @unsigned ac@ = argument count + * @char *av[]@ = pointer to the argument list + * + * Returns: --- + * + * Use: Pings a peer. + */ + +static void a_ping(admin *a, unsigned ac, char *av[], + const char *cmd, unsigned msg) +{ + long t = T_PING; + int i; + peer *p; + admin_pingop *pg = 0; + const char *tag = 0; + + i = 0; + for (;;) { + if (!av[i]) + goto bad_syntax; + if (mystrieq(av[i], "-background")) { + if (!av[++i]) goto bad_syntax; + tag = av[i]; + } else if (mystrieq(av[i], "-timeout")) { + if (!av[++i]) goto bad_syntax; + if ((t = a_parsetime(av[i])) < 0) { + a_fail(a, "bad-time-spec %s", av[i]); + return; + } + } else if (mystrieq(av[i], "--")) { + i++; + break; + } else + break; + i++; + } + + if (!av[i]) goto bad_syntax; + if ((p = p_find(av[i])) == 0) { + a_fail(a, "unknown-peer %s", av[i]); + return; + } + pg = xmalloc(sizeof(*pg)); + gettimeofday(&pg->pingtime, 0); + a_bgadd(a, &pg->bg, tag, a_pingcancel); + if (p_pingsend(p, &pg->ping, msg, t, a_pong, pg)) { + a_bgfail(&pg->bg, "ping-send-failed"); + a_bgrelease(&pg->bg); + } + return; + +bad_syntax: + a_fail(a, "bad-syntax -- %s [OPTIONS] PEER", cmd); + return; +} + +static void acmd_ping(admin *a, unsigned ac, char *av[]) + { a_ping(a, ac, av, "ping", MISC_PING); } +static void acmd_eping(admin *a, unsigned ac, char *av[]) + { a_ping(a, ac, av, "eping", MISC_EPING); } + /*----- Administration commands -------------------------------------------*/ /* --- Miscellaneous commands --- */ -#ifndef NTRACE +/* --- @traceish@ --- * + * + * Arguments: @admin *a@ = connection to complain on + * @unsigned ac@ = number of arguments + * @char *av[]@ = vector of arguments + * @const char *what@ = what we're messing with + * @const trace_opt *tt@ = options table + * @unsigned *ff@ = where the flags are + * + * Returns: Nonzero if anything changed. + * + * Use: Guts of trace-ish commands like `trace' and `watch'. + */ -static void acmd_trace(admin *a, unsigned ac, char *av[]) +static int traceish(admin *a, unsigned ac, char *av[], + const char *what, const trace_opt *tt, unsigned *ff) { + int ch = 0; + if (!ac || strcmp(av[0], "?") == 0) { const trace_opt *t; - a_write(a, "INFO Trace options:\n"); - for (t = tr_opts; t->ch; t++) { - a_write(a, "INFO %c %c %s\n", - t->ch, (tr_flags & t->f) == t->f ? '*' : ' ', t->help); + a_info(a, "Current %s status:", what); + for (t = tt; t->ch; t++) { + a_info(a, "%c %c %s", + t->ch, (*ff & t->f) == t->f ? '*' : ' ', t->help); } } else { unsigned sense = 1; - unsigned f = tr_flags; - const trace_opt *tt; + unsigned f = *ff; + const trace_opt *t; char *p = av[0]; while (*p) { @@ -543,46 +1003,98 @@ static void acmd_trace(admin *a, unsigned ac, char *av[]) case '+': sense = 1; break; case '-': sense = 0; break; default: - for (tt = tr_opts; tt->ch; tt++) { - if (tt->ch == *p) { - if (sense) f |= tt->f; - else f &= ~tt->f; + for (t = tt; t->ch; t++) { + if (t->ch == *p) { + if (sense) f |= t->f; + else f &= ~t->f; goto tropt_ok; } } - a_write(a, "FAIL unknown trace option `%c'\n", *p); - return; + a_fail(a, "bad-%s-option %c", what, *p); + return (0); tropt_ok:; break; } p++; } - tr_flags = f; - trace_level(tr_flags); + *ff = f; + ch = 1; } - a_write(a, "OK\n"); + a_ok(a); + return (ch); +} + +#ifndef NTRACE + +static void acmd_trace(admin *a, unsigned ac, char *av[]) +{ + if (traceish(a, ac, av, "trace", tr_opts, &tr_flags)) + trace_level(tr_flags); } #endif +static void acmd_watch(admin *a, unsigned ac, char *av[]) +{ + traceish(a, ac, av, "watch", w_opts, &a->f); +} + +static void quotify(dstr *d, const char *p) +{ + if (d->len) + dstr_putc(d, ' '); + if (*p && !p[strcspn(p, "\"' \t\n\v")]) + dstr_puts(d, p); + else { + dstr_putc(d, '\"'); + while (*p) { + if (*p == '\\' || *p == '\"') + dstr_putc(d, '\\'); + dstr_putc(d, *p++); + } + dstr_putc(d, '\"'); + } +} + +static void alertcmd(admin *a, unsigned f_and, unsigned f_eq, + const char *tag, unsigned ac, char *av[]) +{ + dstr d = DSTR_INIT; + unsigned i; + + dstr_puts(&d, "USER"); + for (i = 0; i < ac; i++) + quotify(&d, av[i]); + dstr_putz(&d); + a_rawalert(f_and, f_eq, tag, d.buf, d.len); + dstr_destroy(&d); + a_ok(a); +} + +static void acmd_notify(admin *a, unsigned ac, char *av[]) + { alertcmd(a, AF_NOTE, AF_NOTE, "NOTE", ac, av); } +static void acmd_warn(admin *a, unsigned ac, char *av[]) + { alertcmd(a, AF_WARN, AF_WARN, "WARN", ac, av); } + static void acmd_port(admin *a, unsigned ac, char *av[]) { - a_write(a, "INFO %u\nOK\n", p_port()); + a_info(a, "%u", p_port()); + a_ok(a); } static void acmd_daemon(admin *a, unsigned ac, char *av[]) { if (flags & F_DAEMON) - a_write(a, "FAIL already running as a daemon\n"); + a_fail(a, "already-daemon"); else { - a_warn("becoming a daemon"); + a_notify("DAEMON"); if (a_stdin) a_destroy(a_stdin); if (u_daemon()) - a_write(a, "FAIL error becoming a daemon: %s", strerror(errno)); + a_fail(a, "daemon-error -- %s", strerror(errno)); else { flags |= F_DAEMON; - a_write(a, "OK\n"); + a_ok(a); } } } @@ -591,8 +1103,8 @@ static void acmd_list(admin *a, unsigned ac, char *av[]) { peer *p; for (p = p_first(); p; p = p_next(p)) - a_write(a, "INFO %s\n", p_name(p)); - a_write(a, "OK\n"); + a_info(a, "%s", p_name(p)); + a_ok(a); } static void acmd_ifname(admin *a, unsigned ac, char *av[]) @@ -600,9 +1112,11 @@ static void acmd_ifname(admin *a, unsigned ac, char *av[]) peer *p; if ((p = p_find(av[0])) == 0) - a_write(a, "FAIL peer `%s' not found\n", av[0]); - else - a_write(a, "INFO %s\nOK\n", p_ifname(p)); + a_fail(a, "unknown-peer %s", av[0]); + else { + a_info(a, "%s", p_ifname(p)); + a_ok(a); + } } static void acmd_addr(admin *a, unsigned ac, char *av[]) @@ -611,13 +1125,14 @@ static void acmd_addr(admin *a, unsigned ac, char *av[]) const addr *ad; if ((p = p_find(av[0])) == 0) - a_write(a, "FAIL peer `%s' not found\n", av[0]); + a_fail(a, "unknown-peer %s", av[0]); else { ad = p_addr(p); assert(ad->sa.sa_family == AF_INET); - a_write(a, "INFO %s %u\nOK\n", + a_info(a, "INET %s %u", inet_ntoa(ad->sin.sin_addr), (unsigned)ntohs(ad->sin.sin_port)); + a_ok(a); } } @@ -627,24 +1142,25 @@ static void acmd_stats(admin *a, unsigned ac, char *av[]) stats *st; if ((p = p_find(av[0])) == 0) - a_write(a, "FAIL peer `%s' not found\n", av[0]); + a_fail(a, "unknown-peer %s", av[0]); else { st = p_stats(p); - a_write(a, "INFO start-time=%s\n", timestr(st->t_start)); - a_write(a, "INFO last-packet-time=%s\n", timestr(st->t_last)); - a_write(a, "INFO packets-in=%lu bytes-in=%lu\n", st->n_in, st->sz_in); - a_write(a, "INFO packets-out=%lu bytes-out=%lu\n", + a_info(a, "start-time=%s", timestr(st->t_start)); + a_info(a, "last-packet-time=%s", timestr(st->t_last)); + a_info(a, "last-keyexch-time=%s", timestr(st->t_kx)); + a_info(a, "packets-in=%lu bytes-in=%lu", st->n_in, st->sz_in); + a_info(a, "packets-out=%lu bytes-out=%lu", st->n_out, st->sz_out); - a_write(a, "INFO keyexch-packets-in=%lu keyexch-bytes-in=%lu\n", + a_info(a, "keyexch-packets-in=%lu keyexch-bytes-in=%lu", st->n_kxin, st->sz_kxin); - a_write(a, "INFO keyexch-packets-out=%lu keyexch-bytes-out=%lu\n", + a_info(a, "keyexch-packets-out=%lu keyexch-bytes-out=%lu", st->n_kxout, st->sz_kxout); - a_write(a, "INFO ip-packets-in=%lu ip-bytes-in=%lu\n", + a_info(a, "ip-packets-in=%lu ip-bytes-in=%lu", st->n_ipin, st->sz_ipin); - a_write(a, "INFO ip-packets-out=%lu ip-bytes-out=%lu\n", + a_info(a, "ip-packets-out=%lu ip-bytes-out=%lu", st->n_ipout, st->sz_ipout); - a_write(a, "INFO rejected-packets=%lu\n", st->n_reject); - a_write(a, "OK\n"); + a_info(a, "rejected-packets=%lu", st->n_reject); + a_ok(a); } } @@ -652,20 +1168,49 @@ static void acmd_kill(admin *a, unsigned ac, char *av[]) { peer *p; if ((p = p_find(av[0])) == 0) - a_write(a, "FAIL peer `%s' not found\n", av[0]); + a_fail(a, "unknown-peer %s", av[0]); else { p_destroy(p); - a_write(a, "OK\n"); + a_ok(a); + } +} + +static void acmd_forcekx(admin *a, unsigned ac, char *av[]) +{ + peer *p; + if ((p = p_find(av[0])) == 0) + a_fail(a, "unknown-peer %s", av[0]); + else { + kx_start(&p->kx, 1); + a_ok(a); } } +static void acmd_reload(admin *a, unsigned ac, char *av[]) + { p_keyreload(); a_ok(a); } + static void acmd_quit(admin *a, unsigned ac, char *av[]) { - a_warn("closing down on admin request"); - a_write(a, "OK\n"); + a_warn("SERVER quit admin-request"); + a_ok(a); + a_unlock(a); a_quit(); } +static void acmd_version(admin *a, unsigned ac, char *av[]) +{ + a_info(a, "%s %s", PACKAGE, VERSION); + a_ok(a); +} + +static void acmd_tunnels(admin *a, unsigned ac, char *av[]) +{ + int i; + for (i = 0; tunnels[i]; i++) + a_info(a, "%s", tunnels[i]->name); + a_ok(a); +} + /* --- The command table and help --- */ typedef struct acmd { @@ -678,19 +1223,29 @@ typedef struct acmd { static void acmd_help(admin */*a*/, unsigned /*ac*/, char */*av*/[]); static const acmd acmdtab[] = { - { "help", "HELP", 0, 0, acmd_help }, + { "add", "add PEER [OPTIONS] ADDR ...", + 2, 0xffff, acmd_add }, + { "addr", "addr PEER", 1, 1, acmd_addr }, + { "daemon", "daemon", 0, 0, acmd_daemon }, + { "eping", "eping [OPTIONS] PEER", 1, 0xffff, acmd_eping }, + { "forcekx", "forcekx PEER", 1, 1, acmd_forcekx }, + { "help", "help", 0, 0, acmd_help }, + { "ifname", "ifname PEER", 1, 1, acmd_ifname }, + { "kill", "kill PEER", 1, 1, acmd_kill }, + { "list", "list", 0, 0, acmd_list }, + { "notify", "notify MESSAGE ...", 1, 0xffff, acmd_notify }, + { "ping", "ping [OPTIONS] PEER", 1, 0xffff, acmd_ping }, + { "port", "port", 0, 0, acmd_port }, + { "quit", "quit", 0, 0, acmd_quit }, + { "reload", "reload", 0, 0, acmd_reload }, + { "stats", "stats PEER", 1, 1, acmd_stats }, #ifndef NTRACE - { "trace", "TRACE [options]", 0, 1, acmd_trace }, + { "trace", "trace [OPTIONS]", 0, 1, acmd_trace }, #endif - { "port", "PORT", 0, 0, acmd_port }, - { "daemon", "DAEMON", 0, 0, acmd_daemon }, - { "list", "LIST", 0, 0, acmd_list }, - { "ifname", "IFNAME peer", 1, 1, acmd_ifname }, - { "addr", "ADDR peer", 1, 1, acmd_addr }, - { "stats", "STATS peer", 1, 1, acmd_stats }, - { "kill", "KILL peer", 1, 1, acmd_kill }, - { "add", "ADD peer addr port", 3, 3, acmd_add }, - { "quit", "QUIT", 0, 0, acmd_quit }, + { "tunnels", "tunnels", 0, 0, acmd_tunnels }, + { "version", "version", 0, 0, acmd_version }, + { "warn", "warn MESSAGE ...", 1, 0xffff, acmd_warn }, + { "watch", "watch [OPTIONS]", 0, 1, acmd_watch }, { 0, 0, 0, 0, 0 } }; @@ -698,8 +1253,8 @@ static void acmd_help(admin *a, unsigned ac, char *av[]) { const acmd *c; for (c = acmdtab; c->name; c++) - a_write(a, "INFO %s\n", c->help); - a_write(a, "OK\n"); + a_info(a, "%s", c->help); + a_ok(a); } /*----- Connection handling -----------------------------------------------*/ @@ -728,24 +1283,30 @@ static void a_lock(admin *a) { assert(!(a->f & AF_LOCK)); a->f |= AF_LOCK; } static void a_unlock(admin *a) { + admin_bgop *bg, *bbg; + assert(a->f & AF_LOCK); + + /* --- If we're not dead, that's fine --- */ + if (!(a->f & AF_DEAD)) { a->f &= ~AF_LOCK; return; } + /* --- If we are, then destroy the rest of the block --- */ + T( trace(T_ADMIN, "admin: completing destruction of connection %u", a->seq); ) selbuf_destroy(&a->b); - if (a->pname) { - xfree(a->pname); - xfree(a->paddr); - bres_abort(&a->r); - sel_rmtimer(&a->t); - } - if (a->b.reader.fd != a->w.fd) - close(a->b.reader.fd); + for (bg = a->bg; bg; bg = bbg) { + bbg = bg->next; + bg->cancel(bg); + if (bg->tag) xfree(bg->tag); + xfree(bg); + } + if (a->b.reader.fd != a->w.fd) close(a->b.reader.fd); close(a->w.fd); if (a_stdin == a) @@ -769,6 +1330,17 @@ static void a_unlock(admin *a) * care. */ +static void freequeue(oqueue *q) +{ + obuf *o, *oo; + + for (o = q->hd; o; o = oo) { + oo = o->next; + xfree(o); + } + q->hd = q->tl = 0; +} + static void a_destroy(admin *a) { /* --- Don't multiply destroy admin blocks --- */ @@ -783,15 +1355,9 @@ static void a_destroy(admin *a) /* --- Free the output buffers --- */ - if (a->o_head) { - obuf *o, *oo; + if (a->out.hd) sel_rmfile(&a->w); - for (o = a->o_head; o; o = oo) { - oo = o->next; - xfree(o); - } - a->o_head = 0; - } + freequeue(&a->out); /* --- If the block is locked, that's all we can manage --- */ @@ -818,25 +1384,29 @@ static void a_line(char *p, size_t len, void *vp) { admin *a = vp; const acmd *c; - char *av[4]; + char *av[16]; size_t ac; TIMER; if (a->f & AF_DEAD) return; if (!p) { - a_destroy(a); + if (!a->bg) + a_destroy(a); + else { + a->f |= AF_CLOSE; + selbuf_disable(&a->b); + } return; } - ac = str_qsplit(p, av, 4, 0, STRF_QUOTE); + ac = str_qsplit(p, av, 16, 0, STRF_QUOTE); if (!ac) return; - for (p = av[0]; *p; p++) *p = tolower((unsigned char)*p); for (c = acmdtab; c->name; c++) { - if (strcmp(av[0], c->name) == 0) { + if (mystrieq(av[0], c->name)) { ac--; if (c->argmin > ac || ac > c->argmax) - a_write(a, "FAIL syntax: %s\n", c->help); + a_fail(a, "bad-syntax -- %s", c->help); else { a_lock(a); c->func(a, ac, av + 1); @@ -845,39 +1415,38 @@ static void a_line(char *p, size_t len, void *vp) return; } } - a_write(a, "FAIL unknown command `%s'\n", av[0]); + a_fail(a, "unknown-command %s", av[0]); } /* --- @a_create@ --- * * * Arguments: @int fd_in, fd_out@ = file descriptors to use + * @unsigned f@ = initial flags to set * * Returns: --- * * Use: Creates a new admin connection. */ -void a_create(int fd_in, int fd_out) +void a_create(int fd_in, int fd_out, unsigned f) { admin *a = CREATE(admin); + T( static unsigned seq = 0; a->seq = seq++; ) T( trace(T_ADMIN, "admin: accepted connection %u", a->seq); ) - a->pname = 0; - a->f = 0; - if (fd_in == STDIN_FILENO) - a_stdin = a; + a->bg = 0; + a->f = f; + if (fd_in == STDIN_FILENO) a_stdin = a; fdflags(fd_in, O_NONBLOCK, O_NONBLOCK, FD_CLOEXEC, FD_CLOEXEC); if (fd_out != fd_in) fdflags(fd_out, O_NONBLOCK, O_NONBLOCK, FD_CLOEXEC, FD_CLOEXEC); selbuf_init(&a->b, &sel, fd_in, a_line, a); sel_initfile(&sel, &a->w, fd_out, SEL_WRITE, a_flush, a); - a->o_head = 0; - a->o_tail = 0; + a->out.hd = a->out.tl = 0; a->next = admins; a->prev = 0; - if (admins) - admins->prev = a; + if (admins) admins->prev = a; admins = a; } @@ -901,10 +1470,10 @@ static void a_accept(int fd, unsigned mode, void *v) if ((nfd = accept(fd, (struct sockaddr *)&sun, &sz)) < 0) { if (errno != EINTR && errno != EAGAIN && errno != EWOULDBLOCK && errno != ECONNABORTED && errno != EPROTO) - a_warn("accept admin connection failed: %s", strerror(errno)); + a_warn("ADMIN accept-error -- %s", strerror(errno)); return; } - a_create(nfd, nfd); + a_create(nfd, nfd, 0); } /* --- @a_daemon@ --- * @@ -1000,6 +1569,7 @@ again: sig_add(&s_term, SIGTERM, a_sigdie, 0); sig_add(&s_hup, SIGHUP, a_sighup, 0); + signal(SIGPIPE, SIG_IGN); sigaction(SIGINT, 0, &sa); if (sa.sa_handler != SIG_IGN) sig_add(&s_int, SIGINT, a_sigdie, 0);