chiark / gitweb /
~mdw / userv-utils / blame_incremental
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (non-incremental) | history | HEAD
ipif: wip new service-wrap: docs
[userv-utils] / ipif / service.c
... / ...
CommitLineData
1/*
2 * userv service (or standalone program) for per-user IP subranges.
3 *
4 * This is the service program, which is invoked as root from userv (or may
5 * be invoked firectly).
6 *
7 * Its arguments are supposed to be, in order, as follows:
8 *
9 * The first two arguments are usually supplied by the userv
10 * configuration. See the file `ipif/ipif' in the source tree, which
11 * is installed in /etc/userv/services.d/ipif by `make install':
12 *
13 * <config>
14 *
15 * Specifies address ranges and gids which own them. The default
16 * configuration supplies /etc/userv/ipif-networks, which is then read
17 * for a list of entries, one per line.
18 *
19 * --
20 * Serves to separate the user-supplied and therefore untrusted
21 * arguments from the trusted first argument.
22 *
23 * The remaining arguments are supplied by the (untrusted) caller:
24 *
25 * <local-addr>,<peer-addr>,<mtu>[,[<proto>][,[<ifnamepat>]]]
26 *
27 * As for slattach. The only supported protocol is slip.
28 * Alternatively, set to `debug' to print debugging info and
29 * exit. <local-addr> is address of the interface to be created
30 * on the local system; <peer-addr> is the address of the
31 * point-to-point peer. They must be actual addresses (not
32 * hostnames).
33 *
34 * <prefix>/<mask>,<prefix>/<mask>,...
35 *
36 * List of additional routes to add for this interface. routes will
37 * be set up on the local system arranging for packets for those
38 * networks to be sent via the created interface. <prefix> must be an
39 * IPv4 address, and mask must be an integer (dotted-quad masks are
40 * not supported). If no additional routes are to be set up, use `-'
41 * or supply an empty argument.
42 *
43 * Each <config> item - whether a line in a file such as
44 * /etc/userv/ipif-networks, or the single trusted argument supplied
45 * on the service program command line - is one of:
46 *
47 * /<config-file-name>
48 * ./<config-file-name>
49 * ../<config-file-name>
50 *
51 * Reads a file which contains lines which are each <config>
52 * items.
53 *
54 * <gid>,[=][-|+]<prefix>/<len>(-|+<prefix>/<len>...)[,<junk>]
55 *
56 * Indicates that <gid> may allocate addresses in the relevant address
57 * range (<junk> is ignored). <gid> must be numeric. To specify a
58 * single host address, you must specify a mask of /32. If `=' is
59 * specified then the specific subrange is only allowed for the local
60 * endpoint address, but not for remote addresses.
61 *
62 * More than one range may be given, with each range prefixed
63 * by + or -. In this case each address range in the rule will
64 * scanned in order, and the first range in the rule that matches
65 * any desired rule will count: if that first matching range is
66 * prefixed by `+' (or nothing) then the rule applies, if it
67 * is prefixed by `-' (or nothing matches), the rule does not.
68 *
69 * *
70 * Means that anything is to be permitted. This should not appear in
71 * /etc/userv/ipif-networks, as that would permit any user on the
72 * system to create any interfaces with any addresses and routes
73 * attached. It is provided so that root can usefully invoke the ipif
74 * service program directly (not via userv), without needing to set up
75 * permissions in /etc/userv/ipif-networks.
76 *
77 * Only `*' permits interface name patterns other than the default
78 * value of `userv%d'.
79 *
80 * #...
81 *
82 * Comment. Blank lines are also ignored.
83 *
84 * NB: Permission is granted if _any_ config entry matches the request.
85 *
86 * The service program should be run from userv with no-disconnect-hup.
87 */
88/*
89 * This file is part of ipif, part of userv-utils
90 *
91 * Copyright 1996-2013 Ian Jackson <ijackson@chiark.greenend.org.uk>
92 * Copyright 1998 David Damerell <damerell@chiark.greenend.org.uk>
93 * Copyright 1999,2003
94 * Chancellor Masters and Scholars of the University of Cambridge
95 * Copyright 2010 Tony Finch <fanf@dotat.at>
96 *
97 * This is free software; you can redistribute it and/or modify it
98 * under the terms of the GNU General Public License as published by
99 * the Free Software Foundation; either version 3 of the License, or
100 * (at your option) any later version.
101 *
102 * This program is distributed in the hope that it will be useful, but
103 * WITHOUT ANY WARRANTY; without even the implied warranty of
104 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
105 * General Public License for more details.
106 *
107 * You should have received a copy of the GNU General Public License
108 * along with userv-utils; if not, see http://www.gnu.org/licenses/.
109 */
110
111#include <stdio.h>
112#include <string.h>
113#include <stdlib.h>
114#include <assert.h>
115#include <errno.h>
116#include <stdarg.h>
117#include <ctype.h>
118#include <limits.h>
119#include <signal.h>
120#include <unistd.h>
121#include <stdint.h>
122#include <poll.h>
123#include <stddef.h>
124
125#include <sys/types.h>
126#include <sys/wait.h>
127#include <sys/stat.h>
128
129#include <sys/types.h>
130#include <sys/ioctl.h>
131#include <sys/socket.h>
132
133#include <sys/stat.h>
134#include <fcntl.h>
135
136#include <linux/if.h>
137#include <linux/if_tun.h>
138
139#define NARGS 4
140#define MAXEXROUTES 50
141#define ATXTLEN 16
142
143static const unsigned long gidmaxval= (unsigned long)((gid_t)-2);
144static const char *const protos_ok[]= { "slip", 0 };
145static const int signals[]= { SIGHUP, SIGINT, SIGTERM, 0 };
146static const char default_ifnamepat[]= "userv%d";
147
148static const char *configstr, *proto;
149static unsigned long localaddr, peeraddr, mtu;
150static int localpming, peerpming;
151static int localallow, peerallow, ifnameallow, allallow;
152static char *ifnamepat;
153static int nexroutes;
154static struct exroute {
155 unsigned long prefix, mask;
156 int allow, pming;
157 char prefixtxt[ATXTLEN], masktxt[ATXTLEN];
158} exroutes[MAXEXROUTES];
159
160static char localtxt[ATXTLEN];
161static char peertxt[ATXTLEN];
162
163static struct pplace {
164 struct pplace *parent;
165 const char *filename;
166 int lineno;
167} *cpplace;
168
169
170static int tunfd;
171static char *ifname;
172
173
174static void terminate(int estatus) {
175 exit(estatus);
176}
177
178
179static void fatal(const char *fmt, ...)
180 __attribute__((format(printf,1,2)));
181static void fatal(const char *fmt, ...) {
182 va_list al;
183 va_start(al,fmt);
184
185 fputs("userv-ipif service: fatal error: ",stderr);
186 vfprintf(stderr, fmt, al);
187 putc('\n',stderr);
188 terminate(8);
189}
190
191static void sysfatal(const char *fmt, ...)
192 __attribute__((format(printf,1,2)));
193static void sysfatal(const char *fmt, ...) {
194 va_list al;
195 int e;
196
197 e= errno;
198 va_start(al,fmt);
199
200 fputs("userv-ipif service: fatal system error: ",stderr);
201 vfprintf(stderr, fmt, al);
202 fprintf(stderr,": %s\n", strerror(e));
203 terminate(12);
204}
205
206
207static void badusage(const char *fmt, ...)
208 __attribute__((format(printf,1,2)));
209static void badusage(const char *fmt, ...) {
210 va_list al;
211 struct pplace *cpp;
212
213 if (cpplace) {
214 fprintf(stderr,
215 "userv-ipif service: %s:%d: ",
216 cpplace->filename, cpplace->lineno);
217 } else {
218 fputs("userv-ipif service: invalid usage: ",stderr);
219 }
220 va_start(al,fmt);
221 vfprintf(stderr, fmt, al);
222 putc('\n',stderr);
223
224 if (cpplace) {
225 for (cpp=cpplace->parent; cpp; cpp=cpp->parent) {
226 fprintf(stderr,
227 "userv-ipif service: %s:%d: ... in file included from here\n",
228 cpp->filename, cpp->lineno);
229 }
230 }
231 terminate(16);
232}
233
234static char *ip2txt(unsigned long addr, char *buf) {
235 sprintf(buf, "%lu.%lu.%lu.%lu",
236 (addr>>24) & 0x0ff,
237 (addr>>16) & 0x0ff,
238 (addr>>8) & 0x0ff,
239 (addr) & 0x0ff);
240 return buf;
241}
242
243static unsigned long eat_number(const char **argp, const char *what,
244 unsigned long min, unsigned long max,
245 const char *endchars, int *endchar_r) {
246 /* If !endchars then the endchar must be a nul, otherwise it may be
247 * a nul (resulting in *argp set to 0) or something else (*argp set
248 * to point to after delim, *endchar_r set to delim).
249 * *endchar_r may be 0.
250 */
251 unsigned long rv;
252 char *ep;
253 int endchar;
254
255 if (!*argp) { badusage("missing number %s",what); }
256 rv= strtoul(*argp,&ep,0);
257 if ((endchar= *ep)) {
258 if (!endchars) badusage("junk after number %s",what);
259 if (!strchr(endchars,endchar))
260 badusage("invalid character or delimiter `%c' in or after number, %s:"
261 " expected %s (or none?)", endchar,what,endchars);
262 *argp= ep+1;
263 } else {
264 *argp= 0;
265 }
266 if (endchar_r) *endchar_r= endchar;
267 if (rv < min || rv > max) badusage("number %s value %lu out of range %lu..%lu",
268 what, rv, min, max);
269 return rv;
270}
271
272static int addrnet_overlap(unsigned long p1, unsigned long m1,
273 unsigned long p2, unsigned long m2) {
274 unsigned long mask;
275
276 mask= m1&m2;
277 return (p1 & mask) == (p2 & mask);
278}
279
280static void addrnet_mustdiffer(const char *w1, unsigned long p1, unsigned long m1,
281 const char *w2, unsigned long p2, unsigned long m2) {
282 if (!addrnet_overlap(p1,m1,p2,m2)) return;
283 badusage("%s %08lx/%08lx overlaps/clashes with %s %08lx/%08lx",
284 w1,p1,m1, w2,p2,m2);
285}
286
287static unsigned long eat_addr(const char **argp, const char *what,
288 const char *endchars, int *endchar_r) {
289 char whatbuf[100];
290 unsigned long rv;
291 int i;
292
293 for (rv=0, i=0;
294 i<4;
295 i++) {
296 rv <<= 8;
297 sprintf(whatbuf,"%s byte #%d",what,i);
298 rv |= eat_number(argp,whatbuf, 0,255, i<3 ? "." : endchars, endchar_r);
299 }
300
301 return rv;
302}
303
304static void eat_prefixmask(const char **argp, const char *what,
305 const char *endchars, int *endchar_r,
306 unsigned long *prefix_r, unsigned long *mask_r, int *len_r) {
307 /* mask_r and len_r may be 0 */
308 char whatbuf[100];
309 int len;
310 unsigned long prefix, mask;
311
312 prefix= eat_addr(argp,what, "/",0);
313 sprintf(whatbuf,"%s length",what);
314 len= eat_number(argp,whatbuf, 0,32, endchars,endchar_r);
315
316 mask= len ? (~0UL << (32-len)) : 0UL;
317 if (prefix & ~mask) badusage("%s prefix %08lx not fully contained in mask %08lx",
318 what,prefix,mask);
319 *prefix_r= prefix;
320 if (mask_r) *mask_r= mask;
321 if (len_r) *len_r= len;
322}
323
324static char *eat_optionalstr(const char **argp,
325 const char *what,
326 const char *def) {
327 ptrdiff_t len;
328 const char *start= *argp;
329 if (!start) {
330 len = 0;
331 } else {
332 const char *comma= strchr(start, ',');
333 if (comma) {
334 len= comma - start;
335 *argp= comma + 1;
336 } else {
337 len= strlen(start);
338 *argp= 0;
339 }
340 }
341 if (!len) {
342 start= def;
343 len= strlen(def);
344 }
345 char *r = malloc(len+1);
346 if (!r) sysfatal("malloc for command line string");
347 memcpy(r,start,len);
348 r[len]= 0;
349 return r;
350}
351
352static int addrnet_isin(unsigned long prefix, unsigned long mask,
353 unsigned long mprefix, unsigned long mmask) {
354 return !(~mask & mmask) && (prefix & mmask) == mprefix;
355}
356
357/* Totally hideous algorithm for parsing the config file lines.
358 * For each config file line, we first see if its gid applies. If not
359 * we skip it. Otherwise, we do
360 * permit_begin
361 * which sets <foo>pming to 1
362 * for each range. <foo>pming may be 0 if we've determined that
363 * this line does not apply to <foo>.
364 * permit_range
365 * which calls permit_range_thing for each <foo>
366 * which checks to see if <foo> is inside the relevant
367 * range (for +) or overlaps it (for -) and updates
368 * <foo>allow and <foo>pming.
369 */
370
371static void permit_begin(void) {
372 int i;
373
374 localpming= peerpming= 1;
375 for (i=0; i<nexroutes; i++) exroutes[i].pming= 1;
376}
377
378static void permit_range_thing(unsigned long tprefix, unsigned long tmask,
379 const char *what, int *tallow, int *tpming,
380 unsigned long pprefix, unsigned long pmask,
381 int plus, int *any) {
382 if (plus) {
383 if (!addrnet_isin(tprefix,tmask, pprefix,pmask)) return;
384 if (*tpming) *tallow= 1;
385 } else {
386 if (!addrnet_overlap(tprefix,tmask, pprefix,pmask)) return;
387 *tpming= 0;
388 }
389 if (!proto) printf(" %c%s", plus?'+':'-', what);
390 *any= 1;
391}
392
393static void permit_range(unsigned long prefix, unsigned long mask,
394 int plus, int localonly) {
395 int i, any;
396 char idbuf[40];
397
398 assert(!(prefix & ~mask));
399 any= 0;
400
401 permit_range_thing(localaddr,~0UL,"local", &localallow,&localpming,
402 prefix,mask, plus,&any);
403
404 if (!localonly) {
405 permit_range_thing(peeraddr,~0UL, "peer-addr", &peerallow,&peerpming,
406 prefix,mask, plus,&any);
407 for (i=0; i<nexroutes; i++) {
408 sprintf(idbuf,"route#%d",i);
409 permit_range_thing(exroutes[i].prefix,exroutes[i].mask, idbuf,
410 &exroutes[i].allow,&exroutes[i].pming,
411 prefix,mask, plus,&any);
412 }
413 }
414 if (!proto)
415 if (!any) fputs(" nothing",stdout);
416}
417
418static void pconfig(const char *configstr, int truncated);
419
420static void pfile(const char *filename) {
421 FILE *file;
422 char buf[PATH_MAX];
423 int l, truncated, c;
424 struct pplace npp, *cpp;
425
426 for (cpp=cpplace; cpp; cpp=cpp->parent) {
427 if (!strcmp(cpp->filename,filename))
428 badusage("recursive configuration file `%s'",filename);
429 }
430
431 file= fopen(filename,"r");
432 if (!file)
433 badusage("cannot open configuration file `%s': %s", filename, strerror(errno));
434
435 if (!proto) printf("config file `%s':\n",filename);
436
437 npp.parent= cpplace;
438 npp.filename= filename;
439 npp.lineno= 0;
440 cpplace= &npp;
441
442 while (fgets(buf, sizeof(buf), file)) {
443 npp.lineno++;
444 l= strlen(buf);
445 if (!l) continue;
446
447 truncated= (buf[l-1] != '\n');
448 while (l>0 && isspace((unsigned char) buf[l-1])) l--;
449 if (!l) continue;
450 buf[l]= 0;
451
452 if (truncated) {
453 while ((c= getc(file)) != EOF && c != '\n');
454 if (c == EOF) break;
455 }
456
457 pconfig(buf,truncated);
458 }
459 if (ferror(file))
460 badusage("failed while reading configuration file: %s", strerror(errno));
461
462 cpplace= npp.parent;
463}
464
465static void pconfig(const char *configstr, int truncated) {
466 unsigned long fgid, tgid, pprefix, pmask;
467 int plen, localonly, plus, rangeix, delim;
468 char ptxt[ATXTLEN];
469 char whattxt[100];
470 const char *gidlist;
471
472 switch (configstr[0]) {
473 case '*':
474 permit_begin();
475 permit_range(0UL,0UL,1,0);
476 ifnameallow= 1;
477 return;
478
479 case '#':
480 return;
481
482 case '/': case '.':
483 if (truncated) badusage("filename too long (`%.100s...')",configstr);
484 pfile(configstr);
485 return;
486
487 default:
488 if (!isdigit((unsigned char)configstr[0]))
489 badusage("unknown configuration directive");
490
491 fgid= eat_number(&configstr,"gid", 0,gidmaxval, ",",0);
492
493 if (!proto) printf(" %5lu", fgid);
494
495 gidlist= getenv("USERV_GID");
496 if (!gidlist) fatal("USERV_GID not set");
497 for (;;) {
498 if (!gidlist) {
499 if (!proto) printf(" no matching gid\n");
500 return;
501 }
502 tgid= eat_number(&gidlist,"userv-gid", 0,gidmaxval, " ",0);
503 if (tgid == fgid) break;
504 }
505
506 if (configstr[0] == '=') {
507 localonly= 1;
508 configstr++;
509 } else {
510 localonly= 0;
511 }
512
513 permit_begin();
514
515 rangeix= 0;
516 plus= 1;
517 switch (configstr[0]) {
518 case '-': plus= 0; /* fall through */
519 case '+': configstr++;
520 default:;
521 }
522
523 for (;;) {
524 sprintf(whattxt, "%s-prefix#%d",
525 plus ? "permitted" : "notpermitted",
526 rangeix);
527 eat_prefixmask(&configstr,whattxt, ",+-",&delim,
528 &pprefix,&pmask,&plen);
529 if (!configstr && truncated)
530 badusage("gid,prefix/len,... spec too long");
531
532 if (!proto)
533 printf(" %c%s/%d:", plus?'+':'-',ip2txt(pprefix,ptxt), plen);
534
535 permit_range(pprefix,pmask,plus,localonly);
536 if (delim==',') break;
537
538 plus= delim=='-' ? 0 : 1;
539 rangeix++;
540 }
541
542 putchar('\n');
543 return;
544 }
545}
546
547static void checkallow(int allow, const char *what,
548 const char *prefixtxt, const char *masktxt) {
549 if (allow) return;
550 fprintf(stderr,"userv-ipif service: access denied for %s, %s/%s\n",
551 what, prefixtxt, masktxt);
552 allallow= 0;
553}
554
555static void parseargs(int argc, const char *const *argv) {
556 unsigned long routeaddr, routemask;
557 const char *carg;
558 const char *const *cprotop;
559 int i;
560 char erwhatbuf[100], erwhatbuf2[100];
561
562 if (argc < NARGS+1) { badusage("too few arguments"); }
563 if (argc > NARGS+1) { badusage("too many arguments"); }
564
565 configstr= *++argv;
566
567 carg= *++argv;
568 if (strcmp(carg,"--")) badusage("separator argument `--' not found, got `%s'",carg);
569
570 carg= *++argv;
571 localaddr= eat_addr(&carg,"local-addr", ",",0);
572 peeraddr= eat_addr(&carg,"peer-addr", ",",0);
573 mtu= eat_number(&carg,"mtu", 576,65536, ",",0);
574 localallow= peerallow= 0;
575
576 char *protostr= eat_optionalstr(&carg,"protocol","slip");
577 if (!strcmp(protostr,"debug")) {
578 proto= 0;
579 } else {
580 for (cprotop= protos_ok;
581 (proto= *cprotop) && strcmp(proto,protostr);
582 cprotop++);
583 if (!proto) fatal("invalid protocol");
584 }
585
586 ifnamepat= eat_optionalstr(&carg,"ifname pattern",default_ifnamepat);
587
588 addrnet_mustdiffer("local-addr",localaddr,~0UL, "peer-addr",peeraddr,~0UL);
589
590 carg= *++argv;
591 if (strcmp(carg,"-")) {
592 for (nexroutes=0;
593 carg && *carg;
594 nexroutes++) {
595 if (nexroutes == MAXEXROUTES)
596 fatal("too many extra routes (only %d allowed)",MAXEXROUTES);
597 sprintf(erwhatbuf,"route#%d",nexroutes);
598
599 eat_prefixmask(&carg,erwhatbuf, ",",0, &routeaddr,&routemask,0);
600 if (routemask == ~0UL) {
601 addrnet_mustdiffer(erwhatbuf,routeaddr,routemask, "local-addr",localaddr,~0UL);
602 addrnet_mustdiffer(erwhatbuf,routeaddr,routemask, "peer-addr",peeraddr,~0UL);
603 }
604 for (i=0; i<nexroutes; i++) {
605 sprintf(erwhatbuf2,"route#%d",i);
606 addrnet_mustdiffer(erwhatbuf,routeaddr,routemask,
607 erwhatbuf2,exroutes[i].prefix,exroutes[i].mask);
608 }
609 exroutes[nexroutes].prefix= routeaddr;
610 exroutes[nexroutes].mask= routemask;
611 exroutes[nexroutes].allow= 0;
612 ip2txt(routeaddr,exroutes[nexroutes].prefixtxt);
613 ip2txt(routemask,exroutes[nexroutes].masktxt);
614 }
615 }
616
617 ip2txt(localaddr,localtxt);
618 ip2txt(peeraddr,peertxt);
619}
620
621static void checkpermit(void) {
622 int i;
623 char erwhatbuf[100];
624
625 allallow= 1;
626 checkallow(localallow,"local-addr", localtxt,"32");
627 checkallow(peerallow,"peer-addr", peertxt,"32");
628 for (i=0; i<nexroutes; i++) {
629 sprintf(erwhatbuf, "route#%d", i);
630 checkallow(exroutes[i].allow, erwhatbuf, exroutes[i].prefixtxt, exroutes[i].masktxt);
631 }
632 if (!strcmp(ifnamepat,default_ifnamepat))
633 ifnameallow= 1;
634 if (!ifnameallow) {
635 fprintf(stderr,
636 "userv-ipif service: access denied for interface name %s\n",
637 ifnamepat);
638 allallow= 0;
639 }
640 if (!allallow) fatal("access denied");
641}
642
643static void dumpdebug(void) __attribute__((noreturn));
644static void dumpdebug(void) {
645 int i;
646 char erwhatbuf[100];
647
648 printf("protocol: debug\n"
649 "local: %08lx == %s\n"
650 "peer: %08lx == %s\n"
651 "mtu: %ld\n"
652 "routes: %d\n",
653 localaddr, localtxt,
654 peeraddr, peertxt,
655 mtu,
656 nexroutes);
657 for (i=0; i<nexroutes; i++) {
658 sprintf(erwhatbuf, "route#%d:", i);
659 printf("%-9s %08lx/%08lx == %s/%s\n",
660 erwhatbuf,
661 exroutes[i].prefix, exroutes[i].mask,
662 exroutes[i].prefixtxt, exroutes[i].masktxt);
663 }
664 if (ferror(stdout) || fclose(stdout)) sysfatal("flush stdout");
665 exit(0);
666}
667
668
669static int task(const char *desc) {
670 pid_t pid, pidr;
671 int status;
672
673 pid= fork();
674 if (pid == (pid_t)-1) sysfatal("fork for task");
675 if (!pid) return 1;
676
677 for (;;) {
678 pidr= waitpid(pid,&status,0);
679 if (pidr!=(pid_t)-1) break;
680 if (errno==EINTR) continue;
681 sysfatal("waitpid for task");
682 }
683 assert(pidr==pid);
684
685 if (WIFEXITED(status)) {
686 if (WEXITSTATUS(status))
687 fatal("userv-ipif service: %s exited with error exit status %d\n",
688 desc, WEXITSTATUS(status));
689 } else if (WIFSIGNALED(status)) {
690 fatal("userv-ipif service: %s died due to signal %s%s\n",
691 desc, strsignal(WTERMSIG(status)),
692 WCOREDUMP(status) ? " (core dumped)" : "");
693 } else {
694 fatal("userv-ipif service: %s unexpectedly terminated"
695 " with unknown status code %d\n", desc, status);
696 }
697
698 return 0;
699}
700
701static void createif(void) {
702 struct ifreq ifr;
703 int r;
704
705 memset(&ifr,0,sizeof(ifr));
706 ifr.ifr_flags= IFF_TUN | IFF_NO_PI;
707
708 assert(sizeof(ifr.ifr_name) >= strlen(ifnamepat)+1);
709 strcpy(ifr.ifr_name, ifnamepat);
710
711 tunfd= open("/dev/net/tun", O_RDWR);
712 if (!tunfd) sysfatal("open /dev/net/tun");
713
714 r= fcntl(tunfd, F_GETFD);
715 if (r==-1) sysfatal("fcntl(tunfd,F_GETFD)");
716 r= fcntl(tunfd, F_SETFD, r|FD_CLOEXEC);
717 if (r==-1) sysfatal("fcntl(tunfd,F_SETFD,|FD_CLOEXEC)");
718
719 r= ioctl(tunfd, TUNSETIFF, (void*)&ifr);
720 if (r) sysfatal("ioctl TUNSETIFF");
721
722 /* ifr.ifr_name might not be null-terminated. crazy abi. */
723 ifname= malloc(sizeof(ifr.ifr_name)+1);
724 if (!ifname) sysfatal("malloc for interface name");
725 memcpy(ifname, ifr.ifr_name, sizeof(ifr.ifr_name));
726 ifname[sizeof(ifr.ifr_name)]= 0;
727}
728
729static void netconfigure(void) {
730 char mtutxt[100];
731 int i;
732
733 if (task("ifconfig")) {
734 sprintf(mtutxt,"%lu",mtu);
735
736 execlp("ifconfig", "ifconfig", ifname, localtxt,
737 "netmask","255.255.255.255", "pointopoint",peertxt, "-broadcast",
738 "mtu",mtutxt, "up", (char*)0);
739 sysfatal("cannot exec ifconfig");
740 }
741
742 for (i=0; i<nexroutes; i++) {
743 if (task("route")) {
744 execlp("route","route", "add", "-net",exroutes[i].prefixtxt,
745 "netmask",exroutes[i].masktxt,
746 "gw",peertxt, "dev",ifname, (char*)0);
747 sysfatal("cannot exec route (for route)");
748 }
749 }
750}
751
752static void setnonblock(int fd) {
753 int r;
754 r= fcntl(fd,F_GETFL);
755 if (r==-1) sysfatal("fcntl F_GETFL");
756 r= fcntl(fd,F_SETFL, r|O_NONBLOCK);
757 if (r==-1) sysfatal("fcntl F_SETFL O_NONBLOCK");
758}
759
760static void rx_packet(const uint8_t *packet, int len) {
761 if (!len)
762 return;
763 for (;;) {
764 int r= write(tunfd, packet, len);
765 if (r<0) {
766 if (errno==EINTR) continue;
767 if (errno==EAGAIN || errno==ENOMEM) return; /* oh well */
768 sysfatal("error writing packet to tun (transmitting)");
769 }
770 assert(r==len);
771 return;
772 }
773}
774
775static int output_waiting, input_waiting;
776
777#define SLIP_END 0300
778#define SLIP_ESC 0333
779#define SLIP_ESC_END 0334
780#define SLIP_ESC_ESC 0335
781
782static void more_rx_data(uint8_t *input_buf, uint8_t *output_buf) {
783 /* we make slip_data never contain continuation of a packet */
784 /* input_buf is passed as a parameter since it's in copydata's stack frame */
785 static int scanned;
786 static int output_len;
787
788 uint8_t *op= output_buf + output_len;
789 const uint8_t *ip= input_buf + scanned;
790 const uint8_t *ip_end= input_buf + input_waiting;
791 int eaten= 0;
792
793 for (;;) {
794 if (ip>=ip_end) break;
795 uint8_t c= *ip++;
796 if (c==SLIP_END) {
797 rx_packet(output_buf, op-output_buf);
798 op= output_buf;
799 eaten= ip - input_buf;
800 continue;
801 }
802 if (c==SLIP_ESC) {
803 if (ip>=ip_end) { /* rescan this when there's more */ ip--; break; }
804 c= *ip++;
805 if (c==SLIP_ESC_END) c=SLIP_END;
806 else if (c==SLIP_ESC_ESC) c=SLIP_ESC;
807 else fatal("unexpected byte 0%o after SLIP_ESC",c);
808 }
809 if (op == output_buf+mtu)
810 fatal("SLIP packet exceeds mtu");
811 *op++= c;
812 }
813
814 output_len= op - output_buf;
815 scanned= ip - input_buf;
816
817 input_waiting -= eaten;
818 memmove(input_buf, input_buf+eaten, input_waiting);
819 scanned -= eaten;
820}
821
822static void tx_packet(uint8_t *output_buf, const uint8_t *ip, int inlen) {
823 /* output_buf is passed as a parameter since it's in copydata's stack frame */
824 assert(!output_waiting);
825 uint8_t *op= output_buf;
826
827 *op++= SLIP_END;
828 while (inlen-- >0) {
829 uint8_t c= *ip++;
830 if (c==SLIP_END) { *op++= SLIP_ESC; *op++= SLIP_ESC_END; }
831 else if (c==SLIP_ESC) { *op++= SLIP_ESC; *op++= SLIP_ESC_ESC; }
832 else *op++= c;
833 }
834 *op++= SLIP_END;
835 assert(op <= output_buf + mtu*2+2);
836
837 output_waiting= op - output_buf;
838}
839
840static void copydata(void) __attribute__((noreturn));
841static void copydata(void) {
842 uint8_t output_buf[mtu*2+2];
843 uint8_t input_buf[mtu*2+2];
844 uint8_t rx_packet_buf[mtu];
845
846 int r, i;
847
848 struct pollfd polls[3];
849 memset(polls, 0, sizeof(polls));
850
851 polls[0].fd= 0; polls[0].events= POLLIN;
852 polls[1].fd= 1;
853 polls[2].fd= tunfd;
854
855 /* We don't do flow control on input packets; instead, we just throw
856 * away ones which the kernel doesn't accept. So we always poll for
857 * those.
858 *
859 * Output packets we buffer, so we poll only as appropriate for those.
860 */
861
862 /* Start by transmitting one END byte to say we're ready. */
863 output_buf[0]= SLIP_END;
864 output_waiting= 1;
865
866 for (;;) {
867 if (output_waiting) {
868 r= write(1, output_buf, output_waiting);
869 if (r<0) {
870 if (errno==EINTR) continue;
871 if (errno!=EAGAIN)
872 sysfatal("error writing SLIP output (packets being received)");
873 } else {
874 assert(r>0);
875 output_waiting -= r;
876 memmove(output_buf, output_buf+r, output_waiting);
877 }
878 }
879 if (output_waiting) {
880 polls[1].events |= POLLOUT;
881 polls[2].events &= ~POLLIN;
882 } else {
883 polls[1].events &= ~POLLOUT;
884 polls[2].events |= POLLIN;
885 }
886 r= poll(polls,3,-1);
887
888 if (r<0) {
889 if (errno==EINTR) continue;
890 sysfatal("poll() failed");
891 }
892 assert(r>0); /* we used an infinite timeout */
893
894 for (i=0; i<sizeof(polls)/sizeof(polls[0]); i++)
895 if (polls[i].revents & ~polls[i].events)
896 fatal("unexpected revents 0x%x for fd=%d",
897 polls[i].revents, polls[i].fd);
898
899 if (polls[0].events & POLLIN) {
900 int want= sizeof(input_buf) - input_waiting;
901 if (want<0) fatal("incoming packet necessarily exceeds MTU");
902 r= read(0, input_buf + input_waiting, want);
903 if (r>0) {
904 input_waiting += r;
905 assert(input_waiting <= sizeof(input_buf));
906 more_rx_data(input_buf, rx_packet_buf);
907 } else if (r==0) {
908 terminate(0);
909 } else {
910 if (!(errno==EINTR || errno==EAGAIN))
911 sysfatal("error reading input SLIP data (packets to transmit)");
912 }
913 }
914
915 /* We handle what would be (polls[1].events & POLLOUT) above,
916 * unconditionally. That eliminates the need to poll in the usual case */
917
918 if (polls[2].events & POLLIN) {
919 uint8_t packet_buf[mtu];
920 r= read(tunfd, packet_buf, mtu);
921 if (r>0) {
922 tx_packet(output_buf, packet_buf, r);
923 } else {
924 assert(r<0);
925 if (!(errno==EAGAIN || errno==EWOULDBLOCK))
926 sysfatal("error reading packet (being transmitted) from tun");
927 }
928 }
929 }
930}
931
932int main(int argc, const char *const *argv) {
933 parseargs(argc,argv);
934 pconfig(configstr,0);
935 checkpermit();
936 if (!proto) dumpdebug();
937
938 createif();
939 netconfigure();
940 setnonblock(tunfd);
941 setnonblock(0);
942 setnonblock(1);
943 copydata();
944}
Userv utilities (local modifications)