X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~mdw/git/tripe/blobdiff_plain/2d752320d61b46a65ebb9fa754033f250f097cd3..042d5c20a1c42002b35aa13c7a44dfb4a94d2e65:/admin.c diff --git a/admin.c b/admin.c index b95db51c..80d21af6 100644 --- a/admin.c +++ b/admin.c @@ -38,11 +38,12 @@ const trace_opt tr_opts[] = { { 't', T_TUNNEL, "tunnel events" }, { 'r', T_PEER, "peer events" }, { 'a', T_ADMIN, "admin interface" }, - { 'p', T_PACKET, "packet contents" }, - { 'c', T_CRYPTO, "crypto details" }, { 's', T_KEYSET, "symmetric keyset management" }, { 'x', T_KEYEXCH, "key exchange" }, { 'm', T_KEYMGMT, "key management" }, + { 'l', T_CHAL, "challenge management" }, + { 'p', T_PACKET, "packet contents" }, + { 'c', T_CRYPTO, "crypto details" }, { 'A', T_ALL, "all of the above" }, { 0, 0, 0 } }; @@ -50,6 +51,14 @@ const trace_opt tr_opts[] = { unsigned tr_flags = 0; #endif +static const trace_opt w_opts[] = { + { 't', AF_TRACE, "trace messages" }, + { 'n', AF_NOTE, "asynchronous notifications" }, + { 'w', AF_WARN, "warnings" }, + { 'A', AF_ALLMSGS, "all of the above" }, + { 0, 0, 0 } +}; + /*----- Static variables --------------------------------------------------*/ static admin *admins; @@ -63,11 +72,14 @@ static sig s_term, s_int, s_hup; #define F_INIT 2u #define T_RESOLVE SEC(30) +#define T_PING SEC(5) static void a_destroy(admin */*a*/); static void a_lock(admin */*a*/); static void a_unlock(admin */*a*/); +#define BOOL(x) ((x) ? "t" : "nil") + /*----- Output functions --------------------------------------------------*/ /* --- @trywrite@ --- * @@ -100,49 +112,33 @@ again: goto again; if (errno != EAGAIN && errno != EWOULDBLOCK) { a_destroy(a); - a_warn("disconnecting admin client due to write errors: %s", - strerror(errno)); + a_warn("ADMIN", "client-write-error", "?ERRNO", A_END); return (-1); } } return (done); } -/* --- @dosend@ --- * +/* --- @doqueue@ -- * * - * Arguemnts: @admin *a@ = pointer to an admin block + * Arguments: @oqueue *q@ = pointer to output queue * @const char *p@ = pointer to buffer to write - * @size_t sz@ = size of data to write + * @size_t sz@ = size of buffer * - * Returns: --- + * Returns: Nonzero if the queue was previously empty. * - * Use: Sends data to an admin client. + * Use: Queues data to be written later. */ -static void dosend(admin *a, const char *p, size_t sz) +static int doqueue(oqueue *q, const char *p, size_t sz) { - ssize_t n; obuf *o; + int rc = 0; + size_t n; - if (a->f & AF_DEAD) - return; - - /* --- Try to send the data immediately --- */ - - if (!a->o_head) { - if ((n = trywrite(a, p, sz)) < 0) - return; - p += n; - sz -= n; - if (!sz) - return; - } - - /* --- Fill buffers with the data until it's all gone --- */ - - o = a->o_tail; + o = q->tl; if (!o) - sel_addfile(&a->w); + rc = 1; else if (o->p_in < o->buf + OBUFSZ) goto noalloc; @@ -150,11 +146,11 @@ static void dosend(admin *a, const char *p, size_t sz) o = xmalloc(sizeof(obuf)); o->next = 0; o->p_in = o->p_out = o->buf; - if (a->o_tail) - a->o_tail->next = o; + if (q->tl) + q->tl->next = o; else - a->o_head = o; - a->o_tail = o; + q->hd = o; + q->tl = o; noalloc: n = o->buf + OBUFSZ - o->p_in; @@ -165,6 +161,37 @@ static void dosend(admin *a, const char *p, size_t sz) p += n; sz -= n; } while (sz); + + return (rc); +} + +/* --- @dosend@ --- * + * + * Arguemnts: @admin *a@ = pointer to an admin block + * @const char *p@ = pointer to buffer to write + * @size_t sz@ = size of data to write + * + * Returns: --- + * + * Use: Sends data to an admin client. + */ + +static void dosend(admin *a, const char *p, size_t sz) +{ + ssize_t n; + + if (a->f & AF_DEAD) + return; + if (!a->out.hd) { + if ((n = trywrite(a, p, sz)) < 0) + return; + p += n; + sz -= n; + if (!sz) + return; + } + if (doqueue(&a->out, p, sz)) + sel_addfile(&a->w); } /* --- @a_flush@ --- * @@ -184,7 +211,7 @@ static void a_flush(int fd, unsigned mode, void *v) obuf *o, *oo; ssize_t n; - o = a->o_head; + o = a->out.hd; while (o) { if ((n = trywrite(a, o->p_out, o->p_in - o->p_out)) < 0) return; @@ -195,19 +222,111 @@ static void a_flush(int fd, unsigned mode, void *v) o = o->next; xfree(oo); } - a->o_head = o; + a->out.hd = o; if (!o) { - a->o_tail = 0; + a->out.tl = 0; sel_rmfile(&a->w); } } /*----- Utility functions -------------------------------------------------*/ -/* --- @a_write@ --- * +/* --- @quotify@ --- * + * + * Arguments: @dstr *d@ = where to write the answer + * @const char *p@ = string to quotify + * + * Returns: --- + * + * Use: Quotes the given string if necessary, according to our + * quoting rules. + */ + +static void quotify(dstr *d, const char *p) +{ + if (d->len) + dstr_putc(d, ' '); + if (*p && !p[strcspn(p, "\"' \t\n\v")]) + dstr_puts(d, p); + else { + dstr_putc(d, '\"'); + while (*p) { + if (*p == '\\' || *p == '\"') + dstr_putc(d, '\\'); + dstr_putc(d, *p++); + } + dstr_putc(d, '\"'); + } +} + +/* --- @a_vformat@ --- * + * + * Arguments: @dstr *d@ = where to leave the formatted message + * @const char *fmt@ = pointer to format string + * @va_list ap@ = arguments in list + * + * Returns: --- + * + * Use: Main message token formatting driver. + */ + +static void a_vformat(dstr *d, const char *fmt, va_list ap) +{ + dstr dd = DSTR_INIT; + + while (fmt) { + if (*fmt == '*') { + dstr_putc(d, ' '); + dstr_vputf(d, fmt + 1, &ap); + } else if (*fmt == '?') { + if (strcmp(fmt, "?ADDR") == 0) { + const addr *a = va_arg(ap, const addr *); + switch (a->sa.sa_family) { + case AF_INET: + quotify(d, "INET"); + quotify(d, inet_ntoa(a->sin.sin_addr)); + dstr_putf(d, " %u", (unsigned)ntohs(a->sin.sin_port)); + break; + default: + abort(); + } + } else if (strcmp(fmt, "?B64") == 0) { + const octet *p = va_arg(ap, const octet *); + size_t n = va_arg(ap, size_t); + base64_ctx b64; + dstr_putc(d, ' '); + base64_init(&b64); + b64.indent = ""; + b64.maxline = 0; + base64_encode(&b64, p, n, d); + base64_encode(&b64, 0, 0, d); + while (d->len && d->buf[d->len - 1] == '=') d->len--; + } else if (strcmp(fmt, "?PEER") == 0) + quotify(d, p_name(va_arg(ap, peer *))); + else if (strcmp(fmt, "?ERRNO") == 0) { + dstr_putf(d, " E%d", errno); + quotify(d, strerror(errno)); + } else + abort(); + } else { + if (*fmt == '!') fmt++; + DRESET(&dd); + dstr_vputf(&dd, fmt, &ap); + quotify(d, dd.buf); + } + fmt = va_arg(ap, const char *); + } + + dstr_destroy(&dd); +} + +/* --- @a_write@, @a_vwrite@ --- * * * Arguments: @admin *a@ = admin connection to write to + * @const char *status@ = status code to report + * @const char *tag@ = tag string, or null * @const char *fmt@ = pointer to format string + * @va_list ap@ = arguments in list * @...@ = other arguments * * Returns: --- @@ -215,17 +334,120 @@ static void a_flush(int fd, unsigned mode, void *v) * Use: Sends a message to an admin connection. */ -static void a_write(admin *a, const char *fmt, ...) +static void a_vwrite(admin *a, const char *status, const char *tag, + const char *fmt, va_list ap) { - va_list ap; dstr d = DSTR_INIT; + if (tag) dstr_puts(&d, "BG"); + dstr_puts(&d, status); + if (tag) quotify(&d, tag); + a_vformat(&d, fmt, ap); + dstr_putc(&d, '\n'); + dosend(a, d.buf, d.len); + dstr_destroy(&d); +} + +static void a_write(admin *a, const char *status, const char *tag, + const char *fmt, ...) +{ + va_list ap; va_start(ap, fmt); - dstr_vputf(&d, fmt, &ap); + a_vwrite(a, status, tag, fmt, ap); va_end(ap); - dosend(a, d.buf, d.len); +} + +/* --- @a_ok@, @a_info@, @a_fail@ --- * + * + * Arguments: @admin *a@ = connection + * @const char *fmt@ = format string + * @...@ = other arguments + * + * Returns: --- + * + * Use: Convenience functions for @a_write@. + */ + +static void a_ok(admin *a) { a_write(a, "OK", 0, A_END); } + +static void a_info(admin *a, const char *fmt, ...) +{ + va_list ap; + va_start(ap, fmt); + a_vwrite(a, "INFO", 0, fmt, ap); + va_end(ap); +} + +static void a_fail(admin *a, const char *fmt, ...) +{ + va_list ap; + va_start(ap, fmt); + a_vwrite(a, "FAIL", 0, fmt, ap); + va_end(ap); +} + +/* --- @a_alert@, @a_valert@, @a_rawalert@ --- * + * + * Arguments: @unsigned f_and, f_eq@ = filter for connections + * @const char *status@ = status string + * @const char *fmt@ = pointer to format string + * @const char *p@ = pointer to raw string + * @size_t sz@ = size of raw string + * @va_list ap@ = arguments in list + * @...@ = other arguments + * + * Returns: --- + * + * Use: Write a message to all admin connections matched by the given + * filter. + */ + +static void a_rawalert(unsigned f_and, unsigned f_eq, const char *status, + const char *p, size_t sz) +{ + admin *a, *aa; + dstr d = DSTR_INIT; + + if (!(flags & F_INIT)) + return; + dstr_puts(&d, status); + if (p) { + dstr_putc(&d, ' '); + dstr_putm(&d, p, sz); + } + dstr_putc(&d, '\n'); + p = d.buf; + sz = d.len; + for (a = admins; a; a = aa) { + aa = a->next; + if ((a->f & f_and) == f_eq) + dosend(a, d.buf, d.len); + } dstr_destroy(&d); } +static void a_valert(unsigned f_and, unsigned f_eq, const char *tag, + const char *fmt, va_list ap) +{ + dstr d = DSTR_INIT; + + if (!(flags & F_INIT)) + return; + a_vformat(&d, fmt, ap); + a_rawalert(f_and, f_eq, tag, fmt ? d.buf : 0, fmt ? d.len : 0); + dstr_destroy(&d); +} + +#if 0 /*unused*/ +static void a_alert(unsigned f_and, unsigned f_eq, const char *tag, + const char *fmt, ...) +{ + va_list ap; + va_start(ap, fmt); + a_valert(f_and, f_eq, tag, fmt, ap); + va_end(ap); +} +#endif + /* --- @a_warn@ --- * * * Arguments: @const char *fmt@ = pointer to format string @@ -239,24 +461,19 @@ static void a_write(admin *a, const char *fmt, ...) void a_warn(const char *fmt, ...) { va_list ap; - admin *a, *aa; - dstr d = DSTR_INIT; - if (flags & F_INIT) - dstr_puts(&d, "WARN "); va_start(ap, fmt); - dstr_vputf(&d, fmt, &ap); - va_end(ap); - if (!(flags & F_INIT)) - moan("%s", d.buf); + if (flags & F_INIT) + a_valert(0, 0, "WARN", fmt, ap); else { + dstr d = DSTR_INIT; + fprintf(stderr, "%s: ", QUIS); + a_vformat(&d, fmt, ap); dstr_putc(&d, '\n'); - for (a = admins; a; a = aa) { - aa = a->next; - dosend(a, d.buf, d.len); - } + dstr_write(&d, stderr); + dstr_destroy(&d); } - dstr_destroy(&d); + va_end(ap); } /* --- @a_trace@ --- * @@ -267,25 +484,33 @@ void a_warn(const char *fmt, ...) * * Returns: --- * - * Use: Custom trace output handler. + * Use: Custom trace output handler. Sends trace messages to + * interested admin connections. */ #ifndef NTRACE static void a_trace(const char *p, size_t sz, void *v) + { a_rawalert(AF_TRACE, AF_TRACE, "TRACE", p, sz); } +#endif + +/* --- @a_notify@ --- * + * + * Arguments: @const char *fmt@ = pointer to format string + * @...@ = other arguments + * + * Returns: --- + * + * Use: Sends a notification to interested admin connections. + */ + +void a_notify(const char *fmt, ...) { - dstr d = DSTR_INIT; - admin *a, *aa; + va_list ap; - dstr_puts(&d, "TRACE "); - dstr_putm(&d, p, sz); - dstr_putc(&d, '\n'); - for (a = admins; a; a = aa) { - aa = a->next; - dosend(a, d.buf, d.len); - } - dstr_destroy(&d); + va_start(ap, fmt); + a_valert(AF_NOTE, AF_NOTE, "NOTE", fmt, ap); + va_end(ap); } -#endif /* --- @a_quit@ --- * * @@ -298,8 +523,12 @@ static void a_trace(const char *p, size_t sz, void *v) void a_quit(void) { + peer *p; + close(sock.fd); unlink(sockname); + while ((p = p_first()) != 0) + p_destroy(p); exit(0); } @@ -322,11 +551,11 @@ static void a_sigdie(int sig, void *v) case SIGTERM: p = "SIGTERM"; break; case SIGINT: p = "SIGINT"; break; default: - sprintf(buf, "signal %i", sig); + sprintf(buf, "%i", sig); p = buf; break; } - a_warn("shutting down on %s", p); + a_warn("SERVER", "quit", "signal", "%s", p, A_END); a_quit(); } @@ -342,163 +571,569 @@ static void a_sigdie(int sig, void *v) static void a_sighup(int sig, void *v) { - a_warn("received SIGHUP: ignoring"); + a_warn("SERVER", "ignore", "signal", "SIGHUP", A_END); } -/*----- Adding peers ------------------------------------------------------*/ - -/* --- @a_resolve@ --- * +/* --- @a_parsetime@ --- * + * + * Arguments; @const char *p@ = time string to parse + * + * Returns: Time in seconds, or @< 0@ on error. + */ + +static long a_parsetime(const char *p) +{ + char *q; + long t = strtol(p, &q, 0); + + switch (*q) { + case 'd': t *= 24; + case 'h': t *= 60; + case 'm': t *= 60; + case 's': if (q[1] != 0) + default: t = -1; + case 0: break; + } + return (t); +} + +/* --- @a_findpeer@ --- * + * + * Arguments: @admin *a@ = admin connection + * @const char *pn@ = peer name + * + * Returns: The peer, or null if not there. + * + * Use: Finds a peer, reporting an error if it failed. + */ + +static peer *a_findpeer(admin *a, const char *pn) +{ + peer *p; + + if ((p = p_find(pn)) == 0) + a_fail(a, "unknown-peer", "%s", pn, A_END); + return (p); +} + +/*----- Backgrounded operations -------------------------------------------*/ + +#define BGTAG(bg) \ + (((admin_bgop *)(bg))->tag ? ((admin_bgop *)(bg))->tag : "") + +/* --- @a_bgrelease@ --- * + * + * Arguments: @admin_bgop *bg@ = backgrounded operation + * + * Returns: --- + * + * Use: Removes a backgrounded operation from the queue, since + * (presumably) it's done. + */ + +static void a_bgrelease(admin_bgop *bg) +{ + admin *a = bg->a; + + T( trace(T_ADMIN, "admin: release bgop %s", BGTAG(bg)); ) + if (bg->tag) xfree(bg->tag); + else selbuf_enable(&a->b); + if (bg->next) bg->next->prev = bg->prev; + if (bg->prev) bg->prev->next = bg->next; + else a->bg = bg->next; + xfree(bg); + if (a->f & AF_CLOSE) a_destroy(a); + a_unlock(a); +} + +/* --- @a_bgok@, @a_bginfo@, @a_bgfail@ --- * + * + * Arguments: @admin_bgop *bg@ = backgrounded operation + * @const char *fmt@ = format string + * @...@ = other arguments + * + * Returns: --- + * + * Use: Convenience functions for @a_write@. + */ + +static void a_bgok(admin_bgop *bg) + { a_write(bg->a, "OK", bg->tag, A_END); } + +static void a_bginfo(admin_bgop *bg, const char *fmt, ...) +{ + va_list ap; + va_start(ap, fmt); + a_vwrite(bg->a, "INFO", bg->tag, fmt, ap); + va_end(ap); +} + +static void a_bgfail(admin_bgop *bg, const char *fmt, ...) +{ + va_list ap; + va_start(ap, fmt); + a_vwrite(bg->a, "FAIL", bg->tag, fmt, ap); + va_end(ap); +} + +/* --- @a_bgadd@ --- * + * + * Arguments: @admin *a@ = administration connection + * @admin_bgop *bg@ = pointer to background operation + * @const char *tag@ = background tag, or null for foreground + * @void (*cancel)(admin_bgop *)@ = cancel function + * + * Returns: --- + * + * Use: Links a background job into the list. + */ + +static void a_bgadd(admin *a, admin_bgop *bg, const char *tag, + void (*cancel)(admin_bgop *)) +{ + if (tag) + bg->tag = xstrdup(tag); + else { + bg->tag = 0; + selbuf_disable(&a->b); + } + bg->a = a; + bg->cancel = cancel; + bg->next = a->bg; + bg->prev = 0; + if (a->bg) a->bg->prev = bg; + a->bg = bg; + a_lock(a); + T( trace(T_ADMIN, "admin: add bgop %s", BGTAG(bg)); ) + if (tag) a_write(a, "DETACH", tag, A_END); +} + +/*----- Name resolution operations ----------------------------------------*/ + +/* --- @a_resolved@ --- * * * Arguments: @struct hostent *h@ = pointer to resolved hostname - * @void *v@ = pointer to admin block + * @void *v@ = pointer to resolver operation * * Returns: --- * * Use: Handles a completed name resolution. */ -static void a_resolve(struct hostent *h, void *v) +static void a_resolved(struct hostent *h, void *v) { - admin *a = v; + admin_resop *r = v; - a_lock(a); - T( trace(T_ADMIN, "admin: %u resolved", a->seq); ) + T( trace(T_ADMIN, "admin: resop %s resolved", BGTAG(r)); ) TIMER; - sel_rmtimer(&a->t); - if (!h) - a_write(a, "FAIL couldn't resolve hostname `%s'\n", a->paddr); - else if (p_find(a->pname)) - a_write(a, "FAIL peer `%s' already registered\n", a->pname); - else { - memcpy(&a->peer.sin.sin_addr, h->h_addr, sizeof(struct in_addr)); - if (!p_create(a->pname, &a->peer.sa, a->sasz)) - a_write(a, "FAIL couldn't create peer\n"); - else - a_write(a, "OK\n"); + if (!h) { + a_bgfail(&r->bg, "resolve-error", "%s", r->addr, A_END); + r->func(r, ARES_FAIL); + } else { + memcpy(&r->sa.sin.sin_addr, h->h_addr, sizeof(struct in_addr)); + r->func(r, ARES_OK); } - xfree(a->pname); - xfree(a->paddr); - a->pname = 0; - selbuf_enable(&a->b); - a_unlock(a); -} + sel_rmtimer(&r->t); + xfree(r->addr); + a_bgrelease(&r->bg); +} -/* --- @a_timer@ --- * +/* --- @a_restimer@ --- * * * Arguments: @struct timeval *tv@ = timer - * @void *v@ = pointer to admin block + * @void *v@ = pointer to resolver operation * * Returns: --- * * Use: Times out a resolver. */ -static void a_timer(struct timeval *tv, void *v) +static void a_restimer(struct timeval *tv, void *v) { - admin *a = v; + admin_resop *r = v; + + T( trace(T_ADMIN, "admin: resop %s timeout", BGTAG(r)); ) + a_bgfail(&r->bg, "resolver-timeout", "%s", r->addr, A_END); + r->func(r, ARES_FAIL); + bres_abort(&r->r); + xfree(r->addr); + a_bgrelease(&r->bg); +} - a_lock(a); - T( trace(T_ADMIN, "admin: %u resolver timeout", a->seq); ) - bres_abort(&a->r); - a_write(a, "FAIL timeout resolving `%s'\n", a->paddr); - xfree(a->pname); - xfree(a->paddr); - a->pname = 0; - selbuf_enable(&a->b); - a_unlock(a); +/* --- @a_rescancel@ --- * + * + * Arguments: @admin_bgop *bg@ = background operation + * + * Returns: --- + * + * Use: Cancels an add operation. + */ + +static void a_rescancel(admin_bgop *bg) +{ + admin_resop *r = (admin_resop *)bg; + + T( trace(T_ADMIN, "admin: cancel resop %s", BGTAG(r)); ) + r->func(r, ARES_FAIL); + sel_rmtimer(&r->t); + xfree(r->addr); + bres_abort(&r->r); } -/* --- @acmd_add@ --- * +/* --- @a_resolve@ --- * * - * Arguments: @admin *a@ = connection which requested the addition - * @unsigned ac@ = argument count - * @char *av[]@ = pointer to the argument list + * Arguments: @admin *a@ = administration connection + * @admin_resop *r@ = resolver operation to run + * @const char *tag@ = background operation tag + * @void (*func)(struct admin_resop *, int@ = handler function + * @unsigned ac@ = number of remaining arguments + * @char *av[]@ = pointer to remaining arguments * * Returns: --- * - * Use: Adds a new peer. + * Use: Cranks up a resolver job. */ -static void acmd_add(admin *a, unsigned ac, char *av[]) +static void a_resolve(admin *a, admin_resop *r, const char *tag, + void (*func)(struct admin_resop *, int), + unsigned ac, char *av[]) { - unsigned long pt; struct timeval tv; + unsigned long pt; char *p; - - /* --- Make sure someone's not got there already --- */ - - if (p_find(av[0])) { - a_write(a, "FAIL peer `%s' already registered\n", av[0]); - return; - } + int i = 0; /* --- Fill in the easy bits of address --- */ - BURN(a->peer); - a->peer.sin.sin_family = AF_INET; - a->sasz = sizeof(a->peer.sin); - pt = strtoul(av[2], &p, 0); + r->addr = 0; + r->func = func; + if (mystrieq(av[i], "inet")) i++; + if (ac - i != 2) { + a_fail(a, "bad-addr-syntax", "[inet] ADDRESS PORT", A_END); + goto fail; + } + r->sa.sin.sin_family = AF_INET; + r->sasz = sizeof(r->sa.sin); + r->addr = xstrdup(av[i]); + pt = strtoul(av[i + 1], &p, 0); if (*p) { - struct servent *s = getservbyname(av[2], "udp"); + struct servent *s = getservbyname(av[i + 1], "udp"); if (!s) { - a_write(a, "FAIL service `%s' not known\n", av[2]); - return; + a_fail(a, "unknown-service", "%s", av[i + 1], A_END); + goto fail; } pt = ntohs(s->s_port); } if (pt == 0 || pt >= 65536) { - a_write(a, "FAIL bad port number %lu\n", pt); - return; + a_fail(a, "invalid-port", "%lu", pt, A_END); + goto fail; } - a->peer.sin.sin_port = htons(pt); + r->sa.sin.sin_port = htons(pt); + + /* --- Report backgrounding --- * + * + * Do this for consistency of interface, even if we're going to get the + * answer straight away. + */ + + a_bgadd(a, &r->bg, tag, a_rescancel); + T( trace(T_ADMIN, "admin: %u, resop %s, hostname `%s'", + a->seq, BGTAG(r), r->addr); ) /* --- If the name is numeric, do it the easy way --- */ - if (inet_aton(av[1], &a->peer.sin.sin_addr)) { - if (!p_create(av[0], &a->peer.sa, a->sasz)) - a_write(a, "FAIL couldn't create peer\n"); - else - a_write(a, "OK\n"); + if (inet_aton(av[i], &r->sa.sin.sin_addr)) { + T( trace(T_ADMIN, "admin: resop %s done the easy way", BGTAG(r)); ) + func(r, ARES_OK); + xfree(r->addr); + a_bgrelease(&r->bg); return; } - /* --- Store everything for later and crank up the resolver --- * - * - * We disable the line buffer until the resolver completes (or times out). - * This prevents other commands on the same connection (though the rest of - * the system continues regardless), but makes life simpler for the client. - */ + /* --- Store everything for later and crank up the resolver --- */ - a->pname = xstrdup(av[0]); - a->paddr = xstrdup(av[1]); - selbuf_disable(&a->b); gettimeofday(&tv, 0); tv.tv_sec += T_RESOLVE; - sel_addtimer(&sel, &a->t, &tv, a_timer, a); - bres_byname(&a->r, a->paddr, a_resolve, a); - T( trace(T_ADMIN, "admin: %u resolving hostname `%s'", - a->seq, a->paddr); ) + sel_addtimer(&sel, &r->t, &tv, a_restimer, r); + bres_byname(&r->r, r->addr, a_resolved, r); + return; + +fail: + func(r, ARES_FAIL); + if (r->addr) xfree(r->addr); + xfree(r); +} + +/*----- Adding peers ------------------------------------------------------*/ + +/* --- @a_doadd@ --- * + * + * Arguments: @admin_resop *r@ = resolver operation + * @int rc@ = how it worked + * + * Returns: --- + * + * Use: Handles a completed resolution. + */ + +static void a_doadd(admin_resop *r, int rc) +{ + admin_addop *add = (admin_addop *)r; + + T( trace(T_ADMIN, "admin: done add op %s", BGTAG(add)); ) + + if (rc == ARES_OK) { + add->peer.sasz = add->r.sasz; + add->peer.sa = add->r.sa; + if (p_find(add->peer.name)) + a_bgfail(&add->r.bg, "peer-exists", "%s", add->peer.name, A_END); + else if (!p_create(&add->peer)) + a_bgfail(&add->r.bg, "peer-create-fail", "%s", add->peer.name, A_END); + else + a_bgok(&add->r.bg); + } + + xfree(add->peer.name); +} + +/* --- @acmd_add@ --- * + * + * Arguments: @admin *a@ = connection which requested the addition + * @unsigned ac@ = argument count + * @char *av[]@ = pointer to the argument list + * + * Returns: --- + * + * Use: Adds a new peer. + */ + +static void acmd_add(admin *a, unsigned ac, char *av[]) +{ + unsigned i, j; + const char *tag = 0; + admin_addop *add = 0; + + /* --- Set stuff up --- */ + + add = xmalloc(sizeof(*add)); + add->peer.name = xstrdup(av[0]); + add->peer.t_ka = 0; + add->peer.tops = tun_default; + + /* --- Make sure someone's not got there already --- */ + + if (p_find(av[0])) { + a_fail(a, "peer-exists", "%s", av[0], A_END); + goto fail; + } + + /* --- Parse options --- */ + + i = 1; + for (;;) { + if (!av[i]) + goto bad_syntax; + if (mystrieq(av[i], "-background")) { + if (!av[++i]) goto bad_syntax; + tag = av[i]; + } else if (mystrieq(av[i], "-tunnel")) { + if (!av[++i]) goto bad_syntax; + for (j = 0;; j++) { + if (!tunnels[j]) { + a_fail(a, "unknown-tunnel", "%s", av[i], A_END); + goto fail; + } + if (mystrieq(av[i], tunnels[j]->name)) { + add->peer.tops = tunnels[j]; + break; + } + } + } else if (mystrieq(av[i], "-keepalive")) { + long t; + if (!av[++i]) goto bad_syntax; + if ((t = a_parsetime(av[i])) < 0) { + a_fail(a, "bad-time-spec", "%s", av[i], A_END); + goto fail; + } + add->peer.t_ka = t; + } else if (mystrieq(av[i], "--")) { + i++; + break; + } else + break; + i++; + } + + /* --- Crank up the resolver --- */ + + a_resolve(a, &add->r, tag, a_doadd, ac - i, av + i); + return; + + /* --- Clearing up --- */ + +bad_syntax: + a_fail(a, "bad-syntax", "add", "PEER [OPTIONS] ADDR ...", A_END); +fail: + xfree(add->peer.name); + xfree(add); + return; +} + +/*----- Ping --------------------------------------------------------------*/ + +/* --- @a_pingcancel@ --- * + * + * Arguments: @admin_bgop *bg@ = background operation block + * + * Returns: --- + * + * Use: Cancels a running ping. + */ + +static void a_pingcancel(admin_bgop *bg) +{ + admin_pingop *pg = (admin_pingop *)bg; + T( trace(T_ADMIN, "admin: cancel ping op %s", BGTAG(pg)); ) + p_pingdone(&pg->ping, PING_NONOTIFY); } +/* --- @a_pong@ --- * + * + * Arguments: @int rc@ = return code + * @void *v@ = ping operation block + * + * Returns: --- + * + * Use: Collects what happened to a ping message. + */ + +static void a_pong(int rc, void *v) +{ + admin_pingop *pg = v; + struct timeval tv; + double millis; + + switch (rc) { + case PING_OK: + gettimeofday(&tv, 0); + tv_sub(&tv, &tv, &pg->pingtime); + millis = (double)tv.tv_sec * 1000 + (double)tv.tv_usec/1000; + a_bginfo(&pg->bg, "ping-ok", "%.1f", millis, A_END); + a_bgok(&pg->bg); + break; + case PING_TIMEOUT: + a_bginfo(&pg->bg, "ping-timeout", A_END); + a_bgok(&pg->bg); + break; + case PING_PEERDIED: + a_bginfo(&pg->bg, "ping-peer-died", A_END); + a_bgok(&pg->bg); + break; + default: + abort(); + } + T( trace(T_ADMIN, "admin: ponged ping op %s", BGTAG(pg)); ) + a_bgrelease(&pg->bg); +} + +/* --- @acmd_ping@, @acmd_eping@ --- * + * + * Arguments: @admin *a@ = connection which requested the ping + * @unsigned ac@ = argument count + * @char *av[]@ = pointer to the argument list + * + * Returns: --- + * + * Use: Pings a peer. + */ + +static void a_ping(admin *a, unsigned ac, char *av[], + const char *cmd, unsigned msg) +{ + long t = T_PING; + int i; + peer *p; + admin_pingop *pg = 0; + const char *tag = 0; + + i = 0; + for (;;) { + if (!av[i]) + goto bad_syntax; + if (mystrieq(av[i], "-background")) { + if (!av[++i]) goto bad_syntax; + tag = av[i]; + } else if (mystrieq(av[i], "-timeout")) { + if (!av[++i]) goto bad_syntax; + if ((t = a_parsetime(av[i])) < 0) { + a_fail(a, "bad-time-spec", "%s", av[i], A_END); + return; + } + } else if (mystrieq(av[i], "--")) { + i++; + break; + } else + break; + i++; + } + + if (!av[i]) goto bad_syntax; + if ((p = a_findpeer(a, av[i])) == 0) + return; + pg = xmalloc(sizeof(*pg)); + gettimeofday(&pg->pingtime, 0); + a_bgadd(a, &pg->bg, tag, a_pingcancel); + T( trace(T_ADMIN, "admin: ping op %s: %s to %s", + BGTAG(pg), cmd, p_name(p)); ) + if (p_pingsend(p, &pg->ping, msg, t, a_pong, pg)) { + a_bgfail(&pg->bg, "ping-send-failed", A_END); + a_bgrelease(&pg->bg); + } + return; + +bad_syntax: + a_fail(a, "bad-syntax", "%s", cmd, "[OPTIONS] PEER", cmd, A_END); + return; +} + +static void acmd_ping(admin *a, unsigned ac, char *av[]) + { a_ping(a, ac, av, "ping", MISC_PING); } +static void acmd_eping(admin *a, unsigned ac, char *av[]) + { a_ping(a, ac, av, "eping", MISC_EPING); } + /*----- Administration commands -------------------------------------------*/ /* --- Miscellaneous commands --- */ -#ifndef NTRACE +/* --- @traceish@ --- * + * + * Arguments: @admin *a@ = connection to complain on + * @unsigned ac@ = number of arguments + * @char *av[]@ = vector of arguments + * @const char *what@ = what we're messing with + * @const trace_opt *tt@ = options table + * @unsigned *ff@ = where the flags are + * + * Returns: Nonzero if anything changed. + * + * Use: Guts of trace-ish commands like `trace' and `watch'. + */ -static void acmd_trace(admin *a, unsigned ac, char *av[]) +static int traceish(admin *a, unsigned ac, char *av[], + const char *what, const trace_opt *tt, unsigned *ff) { + int ch = 0; + if (!ac || strcmp(av[0], "?") == 0) { const trace_opt *t; - a_write(a, "INFO Trace options:\n"); - for (t = tr_opts; t->ch; t++) { - a_write(a, "INFO %c %c %s\n", - t->ch, (tr_flags & t->f) == t->f ? '*' : ' ', t->help); + for (t = tt; t->ch; t++) { + a_info(a, "*%c%c %s", + t->ch, (*ff & t->f) == t->f ? '+' : ' ', t->help, A_END); } } else { unsigned sense = 1; - unsigned f = tr_flags; - const trace_opt *tt; + unsigned f = *ff; + const trace_opt *t; char *p = av[0]; while (*p) { @@ -506,46 +1141,81 @@ static void acmd_trace(admin *a, unsigned ac, char *av[]) case '+': sense = 1; break; case '-': sense = 0; break; default: - for (tt = tr_opts; tt->ch; tt++) { - if (tt->ch == *p) { - if (sense) f |= tt->f; - else f &= ~tt->f; + for (t = tt; t->ch; t++) { + if (t->ch == *p) { + if (sense) f |= t->f; + else f &= ~t->f; goto tropt_ok; } } - a_write(a, "FAIL unknown trace option `%c'\n", *p); - return; + a_fail(a, "bad-%s-option", what, "%c", *p, A_END); + return (0); tropt_ok:; break; } p++; } - tr_flags = f; - trace_level(tr_flags); + *ff = f; + ch = 1; } - a_write(a, "OK\n"); + a_ok(a); + return (ch); +} + +#ifndef NTRACE + +static void acmd_trace(admin *a, unsigned ac, char *av[]) +{ + if (traceish(a, ac, av, "trace", tr_opts, &tr_flags)) + trace_level(tr_flags); } #endif +static void acmd_watch(admin *a, unsigned ac, char *av[]) +{ + traceish(a, ac, av, "watch", w_opts, &a->f); +} + +static void alertcmd(admin *a, unsigned f_and, unsigned f_eq, + const char *tag, unsigned ac, char *av[]) +{ + dstr d = DSTR_INIT; + unsigned i; + + dstr_puts(&d, "USER"); + for (i = 0; i < ac; i++) + quotify(&d, av[i]); + dstr_putz(&d); + a_rawalert(f_and, f_eq, tag, d.buf, d.len); + dstr_destroy(&d); + a_ok(a); +} + +static void acmd_notify(admin *a, unsigned ac, char *av[]) + { alertcmd(a, AF_NOTE, AF_NOTE, "NOTE", ac, av); } +static void acmd_warn(admin *a, unsigned ac, char *av[]) + { alertcmd(a, AF_WARN, AF_WARN, "WARN", ac, av); } + static void acmd_port(admin *a, unsigned ac, char *av[]) { - a_write(a, "INFO %u\nOK\n", p_port()); + a_info(a, "%u", p_port(), A_END); + a_ok(a); } static void acmd_daemon(admin *a, unsigned ac, char *av[]) { if (flags & F_DAEMON) - a_write(a, "FAIL already running as a daemon\n"); + a_fail(a, "already-daemon", A_END); else { - a_warn("becoming a daemon"); + a_notify("DAEMON", A_END); if (a_stdin) a_destroy(a_stdin); if (u_daemon()) - a_write(a, "FAIL error becoming a daemon: %s", strerror(errno)); + a_fail(a, "daemon-error", "?ERRNO", A_END); else { flags |= F_DAEMON; - a_write(a, "OK\n"); + a_ok(a); } } } @@ -554,18 +1224,61 @@ static void acmd_list(admin *a, unsigned ac, char *av[]) { peer *p; for (p = p_first(); p; p = p_next(p)) - a_write(a, "INFO %s\n", p_name(p)); - a_write(a, "OK\n"); + a_info(a, "%s", p_name(p), A_END); + a_ok(a); } static void acmd_ifname(admin *a, unsigned ac, char *av[]) { peer *p; - if ((p = p_find(av[0])) == 0) - a_write(a, "FAIL peer `%s' not found\n", av[0]); + if ((p = a_findpeer(a, av[0])) != 0) { + a_info(a, "%s", p_ifname(p), A_END); + a_ok(a); + } +} + +static void acmd_getchal(admin *a, unsigned ac, char *av[]) +{ + buf b; + + buf_init(&b, buf_i, PKBUFSZ); + c_new(&b); + a_info(a, "?B64", BBASE(&b), (size_t)BLEN(&b), A_END); + a_ok(a); +} + +static void acmd_checkchal(admin *a, unsigned ac, char *av[]) +{ + base64_ctx b64; + buf b; + dstr d = DSTR_INIT; + + base64_init(&b64); + base64_decode(&b64, av[0], strlen(av[0]), &d); + base64_decode(&b64, 0, 0, &d); + buf_init(&b, d.buf, d.len); + if (c_check(&b) || BBAD(&b) || BLEFT(&b)) + a_fail(a, "invalid-challenge", A_END); else - a_write(a, "INFO %s\nOK\n", p_ifname(p)); + a_ok(a); + dstr_destroy(&d); +} + +static void acmd_greet(admin *a, unsigned ac, char *av[]) +{ + peer *p; + base64_ctx b64; + dstr d = DSTR_INIT; + + if ((p = a_findpeer(a, av[0])) != 0) { + base64_init(&b64); + base64_decode(&b64, av[1], strlen(av[1]), &d); + base64_decode(&b64, 0, 0, &d); + p_greet(p, d.buf, d.len); + dstr_destroy(&d); + a_ok(a); + } } static void acmd_addr(admin *a, unsigned ac, char *av[]) @@ -573,62 +1286,105 @@ static void acmd_addr(admin *a, unsigned ac, char *av[]) peer *p; const addr *ad; - if ((p = p_find(av[0])) == 0) - a_write(a, "FAIL peer `%s' not found\n", av[0]); - else { + if ((p = a_findpeer(a, av[0])) != 0) { ad = p_addr(p); assert(ad->sa.sa_family == AF_INET); - a_write(a, "INFO %s %u\nOK\n", - inet_ntoa(ad->sin.sin_addr), - (unsigned)ntohs(ad->sin.sin_port)); + a_info(a, "?ADDR", ad, A_END); + a_ok(a); } } +static void acmd_peerinfo(admin *a, unsigned ac, char *av[]) +{ + peer *p; + const peerspec *ps; + + if ((p = a_findpeer(a, av[0])) != 0) { + ps = p_spec(p); + a_info(a, "tunnel=%s", ps->tops->name, A_END); + a_info(a, "keepalive=%lu", ps->t_ka, A_END); + a_ok(a); + } +} + +static void acmd_servinfo(admin *a, unsigned ac, char *av[]) +{ + a_info(a, "implementation=edgeware-tripe", A_END); + a_info(a, "version=%s", VERSION, A_END); + a_info(a, "daemon=%s", BOOL(flags & F_DAEMON), A_END); + a_ok(a); +} + static void acmd_stats(admin *a, unsigned ac, char *av[]) { peer *p; stats *st; - if ((p = p_find(av[0])) == 0) - a_write(a, "FAIL peer `%s' not found\n", av[0]); - else { - st = p_stats(p); - a_write(a, "INFO start-time=%s\n", timestr(st->t_start)); - a_write(a, "INFO last-packet-time=%s\n", timestr(st->t_last)); - a_write(a, "INFO packets-in=%lu bytes-in=%lu\n", st->n_in, st->sz_in); - a_write(a, "INFO packets-out=%lu bytes-out=%lu\n", - st->n_out, st->sz_out); - a_write(a, "INFO keyexch-packets-in=%lu keyexch-bytes-in=%lu\n", - st->n_kxin, st->sz_kxin); - a_write(a, "INFO keyexch-packets-out=%lu keyexch-bytes-out=%lu\n", - st->n_kxout, st->sz_kxout); - a_write(a, "INFO ip-packets-in=%lu ip-bytes-in=%lu\n", - st->n_ipin, st->sz_ipin); - a_write(a, "INFO ip-packets-out=%lu ip-bytes-out=%lu\n", - st->n_ipout, st->sz_ipout); - a_write(a, "INFO rejected-packets=%lu\n", st->n_reject); - a_write(a, "OK\n"); - } + if ((p = a_findpeer(a, av[0])) == 0) + return; + + st = p_stats(p); + a_info(a, "start-time=%s", timestr(st->t_start), A_END); + a_info(a, "last-packet-time=%s", timestr(st->t_last), A_END); + a_info(a, "last-keyexch-time=%s", timestr(st->t_kx), A_END); + a_info(a, "packets-in=%lu bytes-in=%lu", st->n_in, st->sz_in, A_END); + a_info(a, "packets-out=%lu bytes-out=%lu", + st->n_out, st->sz_out, A_END); + a_info(a, "keyexch-packets-in=%lu keyexch-bytes-in=%lu", + st->n_kxin, st->sz_kxin, A_END); + a_info(a, "keyexch-packets-out=%lu keyexch-bytes-out=%lu", + st->n_kxout, st->sz_kxout, A_END); + a_info(a, "ip-packets-in=%lu ip-bytes-in=%lu", + st->n_ipin, st->sz_ipin, A_END); + a_info(a, "ip-packets-out=%lu ip-bytes-out=%lu", + st->n_ipout, st->sz_ipout, A_END); + a_info(a, "rejected-packets=%lu", st->n_reject, A_END); + a_ok(a); } static void acmd_kill(admin *a, unsigned ac, char *av[]) { peer *p; - if ((p = p_find(av[0])) == 0) - a_write(a, "FAIL peer `%s' not found\n", av[0]); - else { + if ((p = a_findpeer(a, av[0])) != 0) { p_destroy(p); - a_write(a, "OK\n"); + a_ok(a); + } +} + +static void acmd_forcekx(admin *a, unsigned ac, char *av[]) +{ + peer *p; + if ((p = a_findpeer(a, av[0])) != 0) { + kx_start(&p->kx, 1); + a_ok(a); } } +static void acmd_reload(admin *a, unsigned ac, char *av[]) + { p_keyreload(); a_ok(a); } + static void acmd_quit(admin *a, unsigned ac, char *av[]) { - a_warn("closing down on admin request"); - a_write(a, "OK\n"); + a_warn("SERVER", "quit", "admin-request", A_END); + a_ok(a); + a_unlock(a); a_quit(); } +static void acmd_version(admin *a, unsigned ac, char *av[]) +{ + a_info(a, "%s", PACKAGE, "%s", VERSION, A_END); + a_ok(a); +} + +static void acmd_tunnels(admin *a, unsigned ac, char *av[]) +{ + int i; + for (i = 0; tunnels[i]; i++) + a_info(a, "%s", tunnels[i]->name, A_END); + a_ok(a); +} + /* --- The command table and help --- */ typedef struct acmd { @@ -641,28 +1397,46 @@ typedef struct acmd { static void acmd_help(admin */*a*/, unsigned /*ac*/, char */*av*/[]); static const acmd acmdtab[] = { - { "help", "help", 0, 0, acmd_help }, + { "add", "PEER [OPTIONS] ADDR ...", 2, 0xffff, acmd_add }, + { "addr", "PEER", 1, 1, acmd_addr }, + { "checkchal", "CHAL", 1, 1, acmd_checkchal }, + { "daemon", 0, 0, 0, acmd_daemon }, + { "eping", "[OPTIONS] PEER", 1, 0xffff, acmd_eping }, + { "forcekx", "PEER", 1, 1, acmd_forcekx }, + { "getchal", 0, 0, 0, acmd_getchal }, + { "greet", "PEER CHAL", 2, 2, acmd_greet }, + { "help", 0, 0, 0, acmd_help }, + { "ifname", "PEER", 1, 1, acmd_ifname }, + { "kill", "PEER", 1, 1, acmd_kill }, + { "list", 0, 0, 0, acmd_list }, + { "notify", "MESSAGE ...", 1, 0xffff, acmd_notify }, + { "peerinfo", "PEER", 1, 1, acmd_peerinfo }, + { "ping", "[OPTIONS] PEER", 1, 0xffff, acmd_ping }, + { "port", 0, 0, 0, acmd_port }, + { "quit", 0, 0, 0, acmd_quit }, + { "reload", 0, 0, 0, acmd_reload }, + { "servinfo", 0, 0, 0, acmd_servinfo }, + { "stats", "PEER", 1, 1, acmd_stats }, #ifndef NTRACE - { "trace", "trace [OPTIONS]", 0, 1, acmd_trace }, + { "trace", "[OPTIONS]", 0, 1, acmd_trace }, #endif - { "port", "port", 0, 0, acmd_port }, - { "daemon", "daemon", 0, 0, acmd_daemon }, - { "list", "list", 0, 0, acmd_list }, - { "ifname", "ifname PEER", 1, 1, acmd_ifname }, - { "addr", "addr PEER", 1, 1, acmd_addr }, - { "stats", "stats PEER", 1, 1, acmd_stats }, - { "kill", "kill PEER", 1, 1, acmd_kill }, - { "add", "add PEER ADDR PORT", 3, 3, acmd_add }, - { "quit", "quit", 0, 0, acmd_quit }, + { "tunnels", 0, 0, 0, acmd_tunnels }, + { "version", 0, 0, 0, acmd_version }, + { "warn", "MESSAGE ...", 1, 0xffff, acmd_warn }, + { "watch", "[OPTIONS]", 0, 1, acmd_watch }, { 0, 0, 0, 0, 0 } }; static void acmd_help(admin *a, unsigned ac, char *av[]) { const acmd *c; - for (c = acmdtab; c->name; c++) - a_write(a, "INFO %s\n", c->help); - a_write(a, "OK\n"); + for (c = acmdtab; c->name; c++) { + if (c->help) + a_info(a, "%s", c->name, "*%s", c->help, A_END); + else + a_info(a, "%s", c->name, A_END); + } + a_ok(a); } /*----- Connection handling -----------------------------------------------*/ @@ -677,38 +1451,32 @@ static void acmd_help(admin *a, unsigned ac, char *av[]) * immediately. */ -static void a_lock(admin *a) { assert(!(a->f & AF_LOCK)); a->f |= AF_LOCK; } +static void a_lock(admin *a) { a->ref++; } -/* --- @a_unlock@ --- * +/* --- @a_dodestroy@ --- * * * Arguments: @admin *a@ = pointer to an admin block * * Returns: --- * - * Use: Unlocks an admin block, allowing its destruction. This is - * also the second half of @a_destroy@. + * Use: Actually does the legwork of destroying an admin block. */ -static void a_unlock(admin *a) +static void a_dodestroy(admin *a) { - assert(a->f & AF_LOCK); - if (!(a->f & AF_DEAD)) { - a->f &= ~AF_LOCK; - return; - } + admin_bgop *bg, *bbg; T( trace(T_ADMIN, "admin: completing destruction of connection %u", a->seq); ) selbuf_destroy(&a->b); - if (a->pname) { - xfree(a->pname); - xfree(a->paddr); - bres_abort(&a->r); - sel_rmtimer(&a->t); - } - if (a->b.reader.fd != a->w.fd) - close(a->b.reader.fd); + for (bg = a->bg; bg; bg = bbg) { + bbg = bg->next; + bg->cancel(bg); + if (bg->tag) xfree(bg->tag); + xfree(bg); + } + if (a->b.reader.fd != a->w.fd) close(a->b.reader.fd); close(a->w.fd); if (a_stdin == a) @@ -722,6 +1490,23 @@ static void a_unlock(admin *a) DESTROY(a); } +/* --- @a_unlock@ --- * + * + * Arguments: @admin *a@ = pointer to an admin block + * + * Returns: --- + * + * Use: Unlocks an admin block, allowing its destruction. This is + * also the second half of @a_destroy@. + */ + +static void a_unlock(admin *a) +{ + assert(a->ref); + if (!--a->ref && (a->f & AF_DEAD)) + a_dodestroy(a); +} + /* --- @a_destroy@ --- * * * Arguments: @admin *a@ = pointer to an admin block @@ -732,6 +1517,17 @@ static void a_unlock(admin *a) * care. */ +static void freequeue(oqueue *q) +{ + obuf *o, *oo; + + for (o = q->hd; o; o = oo) { + oo = o->next; + xfree(o); + } + q->hd = q->tl = 0; +} + static void a_destroy(admin *a) { /* --- Don't multiply destroy admin blocks --- */ @@ -746,24 +1542,16 @@ static void a_destroy(admin *a) /* --- Free the output buffers --- */ - if (a->o_head) { - obuf *o, *oo; + if (a->out.hd) sel_rmfile(&a->w); - for (o = a->o_head; o; o = oo) { - oo = o->next; - xfree(o); - } - a->o_head = 0; - } + freequeue(&a->out); /* --- If the block is locked, that's all we can manage --- */ - if (a->f & AF_LOCK) { - T( trace(T_ADMIN, "admin: deferring destruction..."); ) - return; - } - a->f |= AF_LOCK; - a_unlock(a); + if (!a->ref) + a_dodestroy(a); + T( else + trace(T_ADMIN, "admin: deferring destruction..."); ) } /* --- @a_line@ --- * @@ -781,26 +1569,33 @@ static void a_line(char *p, size_t len, void *vp) { admin *a = vp; const acmd *c; - char *av[4]; + char *av[16]; size_t ac; TIMER; if (a->f & AF_DEAD) return; if (!p) { - a_destroy(a); + if (!a->bg) + a_destroy(a); + else { + a->f |= AF_CLOSE; + selbuf_disable(&a->b); + } return; } - ac = str_qsplit(p, av, 4, 0, STRF_QUOTE); + ac = str_qsplit(p, av, 16, 0, STRF_QUOTE); if (!ac) return; - for (p = av[0]; *p; p++) *p = tolower((unsigned char)*p); for (c = acmdtab; c->name; c++) { - if (strcmp(av[0], c->name) == 0) { + if (mystrieq(av[0], c->name)) { ac--; - if (c->argmin > ac || ac > c->argmax) - a_write(a, "FAIL syntax: %s\n", c->help); - else { + if (c->argmin > ac || ac > c->argmax) { + if (!c->help) + a_fail(a, "bad-syntax", "%s", c->name, "", A_END); + else + a_fail(a, "bad-syntax", "%s", c->name, "%s", c->help, A_END); + } else { a_lock(a); c->func(a, ac, av + 1); a_unlock(a); @@ -808,39 +1603,39 @@ static void a_line(char *p, size_t len, void *vp) return; } } - a_write(a, "FAIL unknown command `%s'\n", av[0]); + a_fail(a, "unknown-command", "%s", av[0], A_END); } /* --- @a_create@ --- * * * Arguments: @int fd_in, fd_out@ = file descriptors to use + * @unsigned f@ = initial flags to set * * Returns: --- * * Use: Creates a new admin connection. */ -void a_create(int fd_in, int fd_out) +void a_create(int fd_in, int fd_out, unsigned f) { admin *a = CREATE(admin); + T( static unsigned seq = 0; a->seq = seq++; ) T( trace(T_ADMIN, "admin: accepted connection %u", a->seq); ) - a->pname = 0; - a->f = 0; - if (fd_in == STDIN_FILENO) - a_stdin = a; + a->bg = 0; + a->ref = 0; + a->f = f; + if (fd_in == STDIN_FILENO) a_stdin = a; fdflags(fd_in, O_NONBLOCK, O_NONBLOCK, FD_CLOEXEC, FD_CLOEXEC); if (fd_out != fd_in) fdflags(fd_out, O_NONBLOCK, O_NONBLOCK, FD_CLOEXEC, FD_CLOEXEC); selbuf_init(&a->b, &sel, fd_in, a_line, a); sel_initfile(&sel, &a->w, fd_out, SEL_WRITE, a_flush, a); - a->o_head = 0; - a->o_tail = 0; + a->out.hd = a->out.tl = 0; a->next = admins; a->prev = 0; - if (admins) - admins->prev = a; + if (admins) admins->prev = a; admins = a; } @@ -864,10 +1659,10 @@ static void a_accept(int fd, unsigned mode, void *v) if ((nfd = accept(fd, (struct sockaddr *)&sun, &sz)) < 0) { if (errno != EINTR && errno != EAGAIN && errno != EWOULDBLOCK && errno != ECONNABORTED && errno != EPROTO) - a_warn("accept admin connection failed: %s", strerror(errno)); + a_warn("ADMIN", "accept-error", "?ERRNO", A_END); return; } - a_create(nfd, nfd); + a_create(nfd, nfd, 0); } /* --- @a_daemon@ --- * @@ -963,6 +1758,7 @@ again: sig_add(&s_term, SIGTERM, a_sigdie, 0); sig_add(&s_hup, SIGHUP, a_sighup, 0); + signal(SIGPIPE, SIG_IGN); sigaction(SIGINT, 0, &sa); if (sa.sa_handler != SIG_IGN) sig_add(&s_int, SIGINT, a_sigdie, 0);